2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI event handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
41 #include <asm/system.h>
42 #include <linux/uaccess.h>
43 #include <asm/unaligned.h>
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
48 static bool enable_le;
50 /* Handle HCI Event packets */
52 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
54 __u8 status = *((__u8 *) skb->data);
56 BT_DBG("%s status 0x%x", hdev->name, status);
60 mgmt_stop_discovery_failed(hdev, status);
65 clear_bit(HCI_INQUIRY, &hdev->flags);
68 mgmt_discovering(hdev, 0);
71 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
73 hci_conn_check_pending(hdev);
76 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
78 __u8 status = *((__u8 *) skb->data);
80 BT_DBG("%s status 0x%x", hdev->name, status);
85 hci_conn_check_pending(hdev);
88 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
90 BT_DBG("%s", hdev->name);
93 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
95 struct hci_rp_role_discovery *rp = (void *) skb->data;
96 struct hci_conn *conn;
98 BT_DBG("%s status 0x%x", hdev->name, rp->status);
105 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
108 conn->link_mode &= ~HCI_LM_MASTER;
110 conn->link_mode |= HCI_LM_MASTER;
113 hci_dev_unlock(hdev);
116 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
118 struct hci_rp_read_link_policy *rp = (void *) skb->data;
119 struct hci_conn *conn;
121 BT_DBG("%s status 0x%x", hdev->name, rp->status);
128 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
130 conn->link_policy = __le16_to_cpu(rp->policy);
132 hci_dev_unlock(hdev);
135 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
137 struct hci_rp_write_link_policy *rp = (void *) skb->data;
138 struct hci_conn *conn;
141 BT_DBG("%s status 0x%x", hdev->name, rp->status);
146 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
152 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
154 conn->link_policy = get_unaligned_le16(sent + 2);
156 hci_dev_unlock(hdev);
159 static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
161 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
163 BT_DBG("%s status 0x%x", hdev->name, rp->status);
168 hdev->link_policy = __le16_to_cpu(rp->policy);
171 static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
173 __u8 status = *((__u8 *) skb->data);
176 BT_DBG("%s status 0x%x", hdev->name, status);
178 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
183 hdev->link_policy = get_unaligned_le16(sent);
185 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
188 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
190 __u8 status = *((__u8 *) skb->data);
192 BT_DBG("%s status 0x%x", hdev->name, status);
194 clear_bit(HCI_RESET, &hdev->flags);
196 hci_req_complete(hdev, HCI_OP_RESET, status);
201 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
203 __u8 status = *((__u8 *) skb->data);
206 BT_DBG("%s status 0x%x", hdev->name, status);
208 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
214 if (test_bit(HCI_MGMT, &hdev->flags))
215 mgmt_set_local_name_complete(hdev, sent, status);
218 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
220 hci_dev_unlock(hdev);
223 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
225 struct hci_rp_read_local_name *rp = (void *) skb->data;
227 BT_DBG("%s status 0x%x", hdev->name, rp->status);
232 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
235 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
237 __u8 status = *((__u8 *) skb->data);
240 BT_DBG("%s status 0x%x", hdev->name, status);
242 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
247 __u8 param = *((__u8 *) sent);
249 if (param == AUTH_ENABLED)
250 set_bit(HCI_AUTH, &hdev->flags);
252 clear_bit(HCI_AUTH, &hdev->flags);
255 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
258 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
260 __u8 status = *((__u8 *) skb->data);
263 BT_DBG("%s status 0x%x", hdev->name, status);
265 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
270 __u8 param = *((__u8 *) sent);
273 set_bit(HCI_ENCRYPT, &hdev->flags);
275 clear_bit(HCI_ENCRYPT, &hdev->flags);
278 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
281 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
283 __u8 param, status = *((__u8 *) skb->data);
284 int old_pscan, old_iscan;
287 BT_DBG("%s status 0x%x", hdev->name, status);
289 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
293 param = *((__u8 *) sent);
298 mgmt_write_scan_failed(hdev, param, status);
299 hdev->discov_timeout = 0;
303 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
304 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
306 if (param & SCAN_INQUIRY) {
307 set_bit(HCI_ISCAN, &hdev->flags);
309 mgmt_discoverable(hdev, 1);
310 if (hdev->discov_timeout > 0) {
311 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
312 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
315 } else if (old_iscan)
316 mgmt_discoverable(hdev, 0);
318 if (param & SCAN_PAGE) {
319 set_bit(HCI_PSCAN, &hdev->flags);
321 mgmt_connectable(hdev, 1);
322 } else if (old_pscan)
323 mgmt_connectable(hdev, 0);
326 hci_dev_unlock(hdev);
327 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
330 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
332 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
334 BT_DBG("%s status 0x%x", hdev->name, rp->status);
339 memcpy(hdev->dev_class, rp->dev_class, 3);
341 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
342 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
345 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
347 __u8 status = *((__u8 *) skb->data);
350 BT_DBG("%s status 0x%x", hdev->name, status);
355 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
359 memcpy(hdev->dev_class, sent, 3);
362 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
364 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
367 BT_DBG("%s status 0x%x", hdev->name, rp->status);
372 setting = __le16_to_cpu(rp->voice_setting);
374 if (hdev->voice_setting == setting)
377 hdev->voice_setting = setting;
379 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
382 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
385 static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
387 __u8 status = *((__u8 *) skb->data);
391 BT_DBG("%s status 0x%x", hdev->name, status);
396 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
400 setting = get_unaligned_le16(sent);
402 if (hdev->voice_setting == setting)
405 hdev->voice_setting = setting;
407 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
410 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
413 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
415 __u8 status = *((__u8 *) skb->data);
417 BT_DBG("%s status 0x%x", hdev->name, status);
419 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
422 static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
424 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
426 BT_DBG("%s status 0x%x", hdev->name, rp->status);
431 hdev->ssp_mode = rp->mode;
434 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
436 __u8 status = *((__u8 *) skb->data);
439 BT_DBG("%s status 0x%x", hdev->name, status);
444 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
448 hdev->ssp_mode = *((__u8 *) sent);
451 static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
453 if (hdev->features[6] & LMP_EXT_INQ)
456 if (hdev->features[3] & LMP_RSSI_INQ)
459 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
460 hdev->lmp_subver == 0x0757)
463 if (hdev->manufacturer == 15) {
464 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
466 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
468 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
472 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
473 hdev->lmp_subver == 0x1805)
479 static void hci_setup_inquiry_mode(struct hci_dev *hdev)
483 mode = hci_get_inquiry_mode(hdev);
485 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
488 static void hci_setup_event_mask(struct hci_dev *hdev)
490 /* The second byte is 0xff instead of 0x9f (two reserved bits
491 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
492 * command otherwise */
493 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
495 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
496 * any event mask for pre 1.2 devices */
497 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
500 events[4] |= 0x01; /* Flow Specification Complete */
501 events[4] |= 0x02; /* Inquiry Result with RSSI */
502 events[4] |= 0x04; /* Read Remote Extended Features Complete */
503 events[5] |= 0x08; /* Synchronous Connection Complete */
504 events[5] |= 0x10; /* Synchronous Connection Changed */
506 if (hdev->features[3] & LMP_RSSI_INQ)
507 events[4] |= 0x04; /* Inquiry Result with RSSI */
509 if (hdev->features[5] & LMP_SNIFF_SUBR)
510 events[5] |= 0x20; /* Sniff Subrating */
512 if (hdev->features[5] & LMP_PAUSE_ENC)
513 events[5] |= 0x80; /* Encryption Key Refresh Complete */
515 if (hdev->features[6] & LMP_EXT_INQ)
516 events[5] |= 0x40; /* Extended Inquiry Result */
518 if (hdev->features[6] & LMP_NO_FLUSH)
519 events[7] |= 0x01; /* Enhanced Flush Complete */
521 if (hdev->features[7] & LMP_LSTO)
522 events[6] |= 0x80; /* Link Supervision Timeout Changed */
524 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
525 events[6] |= 0x01; /* IO Capability Request */
526 events[6] |= 0x02; /* IO Capability Response */
527 events[6] |= 0x04; /* User Confirmation Request */
528 events[6] |= 0x08; /* User Passkey Request */
529 events[6] |= 0x10; /* Remote OOB Data Request */
530 events[6] |= 0x20; /* Simple Pairing Complete */
531 events[7] |= 0x04; /* User Passkey Notification */
532 events[7] |= 0x08; /* Keypress Notification */
533 events[7] |= 0x10; /* Remote Host Supported
534 * Features Notification */
537 if (hdev->features[4] & LMP_LE)
538 events[7] |= 0x20; /* LE Meta-Event */
540 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
543 static void hci_set_le_support(struct hci_dev *hdev)
545 struct hci_cp_write_le_host_supported cp;
547 memset(&cp, 0, sizeof(cp));
551 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
554 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp), &cp);
557 static void hci_setup(struct hci_dev *hdev)
559 if (hdev->dev_type != HCI_BREDR)
562 hci_setup_event_mask(hdev);
564 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
565 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
567 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
569 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
572 if (hdev->features[3] & LMP_RSSI_INQ)
573 hci_setup_inquiry_mode(hdev);
575 if (hdev->features[7] & LMP_INQ_TX_PWR)
576 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
578 if (hdev->features[7] & LMP_EXTFEATURES) {
579 struct hci_cp_read_local_ext_features cp;
582 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES,
586 if (hdev->features[4] & LMP_LE)
587 hci_set_le_support(hdev);
590 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
592 struct hci_rp_read_local_version *rp = (void *) skb->data;
594 BT_DBG("%s status 0x%x", hdev->name, rp->status);
599 hdev->hci_ver = rp->hci_ver;
600 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
601 hdev->lmp_ver = rp->lmp_ver;
602 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
603 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
605 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
607 hdev->hci_ver, hdev->hci_rev);
609 if (test_bit(HCI_INIT, &hdev->flags))
613 static void hci_setup_link_policy(struct hci_dev *hdev)
617 if (hdev->features[0] & LMP_RSWITCH)
618 link_policy |= HCI_LP_RSWITCH;
619 if (hdev->features[0] & LMP_HOLD)
620 link_policy |= HCI_LP_HOLD;
621 if (hdev->features[0] & LMP_SNIFF)
622 link_policy |= HCI_LP_SNIFF;
623 if (hdev->features[1] & LMP_PARK)
624 link_policy |= HCI_LP_PARK;
626 link_policy = cpu_to_le16(link_policy);
627 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
628 sizeof(link_policy), &link_policy);
631 static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
633 struct hci_rp_read_local_commands *rp = (void *) skb->data;
635 BT_DBG("%s status 0x%x", hdev->name, rp->status);
640 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
642 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
643 hci_setup_link_policy(hdev);
646 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
649 static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
651 struct hci_rp_read_local_features *rp = (void *) skb->data;
653 BT_DBG("%s status 0x%x", hdev->name, rp->status);
658 memcpy(hdev->features, rp->features, 8);
660 /* Adjust default settings according to features
661 * supported by device. */
663 if (hdev->features[0] & LMP_3SLOT)
664 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
666 if (hdev->features[0] & LMP_5SLOT)
667 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
669 if (hdev->features[1] & LMP_HV2) {
670 hdev->pkt_type |= (HCI_HV2);
671 hdev->esco_type |= (ESCO_HV2);
674 if (hdev->features[1] & LMP_HV3) {
675 hdev->pkt_type |= (HCI_HV3);
676 hdev->esco_type |= (ESCO_HV3);
679 if (hdev->features[3] & LMP_ESCO)
680 hdev->esco_type |= (ESCO_EV3);
682 if (hdev->features[4] & LMP_EV4)
683 hdev->esco_type |= (ESCO_EV4);
685 if (hdev->features[4] & LMP_EV5)
686 hdev->esco_type |= (ESCO_EV5);
688 if (hdev->features[5] & LMP_EDR_ESCO_2M)
689 hdev->esco_type |= (ESCO_2EV3);
691 if (hdev->features[5] & LMP_EDR_ESCO_3M)
692 hdev->esco_type |= (ESCO_3EV3);
694 if (hdev->features[5] & LMP_EDR_3S_ESCO)
695 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
697 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
698 hdev->features[0], hdev->features[1],
699 hdev->features[2], hdev->features[3],
700 hdev->features[4], hdev->features[5],
701 hdev->features[6], hdev->features[7]);
704 static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
707 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
709 BT_DBG("%s status 0x%x", hdev->name, rp->status);
714 memcpy(hdev->extfeatures, rp->features, 8);
716 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
719 static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
722 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
724 BT_DBG("%s status 0x%x", hdev->name, rp->status);
729 hdev->flow_ctl_mode = rp->mode;
731 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
734 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
736 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
738 BT_DBG("%s status 0x%x", hdev->name, rp->status);
743 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
744 hdev->sco_mtu = rp->sco_mtu;
745 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
746 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
748 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
753 hdev->acl_cnt = hdev->acl_pkts;
754 hdev->sco_cnt = hdev->sco_pkts;
756 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
757 hdev->acl_mtu, hdev->acl_pkts,
758 hdev->sco_mtu, hdev->sco_pkts);
761 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
763 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
765 BT_DBG("%s status 0x%x", hdev->name, rp->status);
768 bacpy(&hdev->bdaddr, &rp->bdaddr);
770 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
773 static void hci_cc_read_data_block_size(struct hci_dev *hdev,
776 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
778 BT_DBG("%s status 0x%x", hdev->name, rp->status);
783 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
784 hdev->block_len = __le16_to_cpu(rp->block_len);
785 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
787 hdev->block_cnt = hdev->num_blocks;
789 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
790 hdev->block_cnt, hdev->block_len);
792 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
795 static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
797 __u8 status = *((__u8 *) skb->data);
799 BT_DBG("%s status 0x%x", hdev->name, status);
801 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
804 static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
807 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
809 BT_DBG("%s status 0x%x", hdev->name, rp->status);
814 hdev->amp_status = rp->amp_status;
815 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
816 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
817 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
818 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
819 hdev->amp_type = rp->amp_type;
820 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
821 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
822 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
823 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
825 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
828 static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
831 __u8 status = *((__u8 *) skb->data);
833 BT_DBG("%s status 0x%x", hdev->name, status);
835 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
838 static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
840 __u8 status = *((__u8 *) skb->data);
842 BT_DBG("%s status 0x%x", hdev->name, status);
844 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
847 static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
850 __u8 status = *((__u8 *) skb->data);
852 BT_DBG("%s status 0x%x", hdev->name, status);
854 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
857 static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
860 __u8 status = *((__u8 *) skb->data);
862 BT_DBG("%s status 0x%x", hdev->name, status);
864 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
867 static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
869 __u8 status = *((__u8 *) skb->data);
871 BT_DBG("%s status 0x%x", hdev->name, status);
873 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
876 static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
878 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
879 struct hci_cp_pin_code_reply *cp;
880 struct hci_conn *conn;
882 BT_DBG("%s status 0x%x", hdev->name, rp->status);
886 if (test_bit(HCI_MGMT, &hdev->flags))
887 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
892 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
896 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
898 conn->pin_length = cp->pin_len;
901 hci_dev_unlock(hdev);
904 static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
906 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
908 BT_DBG("%s status 0x%x", hdev->name, rp->status);
912 if (test_bit(HCI_MGMT, &hdev->flags))
913 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
916 hci_dev_unlock(hdev);
919 static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
922 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
924 BT_DBG("%s status 0x%x", hdev->name, rp->status);
929 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
930 hdev->le_pkts = rp->le_max_pkt;
932 hdev->le_cnt = hdev->le_pkts;
934 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
936 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
939 static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
941 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
943 BT_DBG("%s status 0x%x", hdev->name, rp->status);
947 if (test_bit(HCI_MGMT, &hdev->flags))
948 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr,
951 hci_dev_unlock(hdev);
954 static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
957 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
959 BT_DBG("%s status 0x%x", hdev->name, rp->status);
963 if (test_bit(HCI_MGMT, &hdev->flags))
964 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
967 hci_dev_unlock(hdev);
970 static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
972 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
974 BT_DBG("%s status 0x%x", hdev->name, rp->status);
978 if (test_bit(HCI_MGMT, &hdev->flags))
979 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr,
982 hci_dev_unlock(hdev);
985 static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
988 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
990 BT_DBG("%s status 0x%x", hdev->name, rp->status);
994 if (test_bit(HCI_MGMT, &hdev->flags))
995 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
998 hci_dev_unlock(hdev);
1001 static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
1002 struct sk_buff *skb)
1004 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1006 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1009 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
1010 rp->randomizer, rp->status);
1011 hci_dev_unlock(hdev);
1014 static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1016 __u8 status = *((__u8 *) skb->data);
1018 BT_DBG("%s status 0x%x", hdev->name, status);
1021 static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1022 struct sk_buff *skb)
1024 struct hci_cp_le_set_scan_enable *cp;
1025 __u8 status = *((__u8 *) skb->data);
1027 BT_DBG("%s status 0x%x", hdev->name, status);
1032 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1036 switch (cp->enable) {
1037 case LE_SCANNING_ENABLED:
1038 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1040 cancel_delayed_work_sync(&hdev->adv_work);
1043 hci_adv_entries_clear(hdev);
1044 hci_dev_unlock(hdev);
1047 case LE_SCANNING_DISABLED:
1048 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1050 cancel_delayed_work_sync(&hdev->adv_work);
1051 queue_delayed_work(hdev->workqueue, &hdev->adv_work,
1052 jiffies + ADV_CLEAR_TIMEOUT);
1056 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1061 static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1063 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1065 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1070 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1073 static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1075 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1077 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1082 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1085 static inline void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1086 struct sk_buff *skb)
1088 struct hci_cp_read_local_ext_features cp;
1089 __u8 status = *((__u8 *) skb->data);
1091 BT_DBG("%s status 0x%x", hdev->name, status);
1097 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp), &cp);
1100 static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
1102 BT_DBG("%s status 0x%x", hdev->name, status);
1105 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1106 hci_conn_check_pending(hdev);
1108 if (test_bit(HCI_MGMT, &hdev->flags))
1109 mgmt_start_discovery_failed(hdev, status);
1110 hci_dev_unlock(hdev);
1114 set_bit(HCI_INQUIRY, &hdev->flags);
1117 mgmt_discovering(hdev, 1);
1118 hci_dev_unlock(hdev);
1121 static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1123 struct hci_cp_create_conn *cp;
1124 struct hci_conn *conn;
1126 BT_DBG("%s status 0x%x", hdev->name, status);
1128 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1134 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1136 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
1139 if (conn && conn->state == BT_CONNECT) {
1140 if (status != 0x0c || conn->attempt > 2) {
1141 conn->state = BT_CLOSED;
1142 hci_proto_connect_cfm(conn, status);
1145 conn->state = BT_CONNECT2;
1149 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1152 conn->link_mode |= HCI_LM_MASTER;
1154 BT_ERR("No memory for new connection");
1158 hci_dev_unlock(hdev);
1161 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1163 struct hci_cp_add_sco *cp;
1164 struct hci_conn *acl, *sco;
1167 BT_DBG("%s status 0x%x", hdev->name, status);
1172 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1176 handle = __le16_to_cpu(cp->handle);
1178 BT_DBG("%s handle %d", hdev->name, handle);
1182 acl = hci_conn_hash_lookup_handle(hdev, handle);
1186 sco->state = BT_CLOSED;
1188 hci_proto_connect_cfm(sco, status);
1193 hci_dev_unlock(hdev);
1196 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1198 struct hci_cp_auth_requested *cp;
1199 struct hci_conn *conn;
1201 BT_DBG("%s status 0x%x", hdev->name, status);
1206 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1212 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1214 if (conn->state == BT_CONFIG) {
1215 hci_proto_connect_cfm(conn, status);
1220 hci_dev_unlock(hdev);
1223 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1225 struct hci_cp_set_conn_encrypt *cp;
1226 struct hci_conn *conn;
1228 BT_DBG("%s status 0x%x", hdev->name, status);
1233 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1239 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1241 if (conn->state == BT_CONFIG) {
1242 hci_proto_connect_cfm(conn, status);
1247 hci_dev_unlock(hdev);
1250 static int hci_outgoing_auth_needed(struct hci_dev *hdev,
1251 struct hci_conn *conn)
1253 if (conn->state != BT_CONFIG || !conn->out)
1256 if (conn->pending_sec_level == BT_SECURITY_SDP)
1259 /* Only request authentication for SSP connections or non-SSP
1260 * devices with sec_level HIGH or if MITM protection is requested */
1261 if (!(hdev->ssp_mode > 0 && conn->ssp_mode > 0) &&
1262 conn->pending_sec_level != BT_SECURITY_HIGH &&
1263 !(conn->auth_type & 0x01))
1269 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1271 struct hci_cp_remote_name_req *cp;
1272 struct hci_conn *conn;
1274 BT_DBG("%s status 0x%x", hdev->name, status);
1276 /* If successful wait for the name req complete event before
1277 * checking for the need to do authentication */
1281 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1287 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1291 if (!hci_outgoing_auth_needed(hdev, conn))
1294 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
1295 struct hci_cp_auth_requested cp;
1296 cp.handle = __cpu_to_le16(conn->handle);
1297 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1301 hci_dev_unlock(hdev);
1304 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1306 struct hci_cp_read_remote_features *cp;
1307 struct hci_conn *conn;
1309 BT_DBG("%s status 0x%x", hdev->name, status);
1314 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1320 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1322 if (conn->state == BT_CONFIG) {
1323 hci_proto_connect_cfm(conn, status);
1328 hci_dev_unlock(hdev);
1331 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1333 struct hci_cp_read_remote_ext_features *cp;
1334 struct hci_conn *conn;
1336 BT_DBG("%s status 0x%x", hdev->name, status);
1341 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1347 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1349 if (conn->state == BT_CONFIG) {
1350 hci_proto_connect_cfm(conn, status);
1355 hci_dev_unlock(hdev);
1358 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1360 struct hci_cp_setup_sync_conn *cp;
1361 struct hci_conn *acl, *sco;
1364 BT_DBG("%s status 0x%x", hdev->name, status);
1369 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1373 handle = __le16_to_cpu(cp->handle);
1375 BT_DBG("%s handle %d", hdev->name, handle);
1379 acl = hci_conn_hash_lookup_handle(hdev, handle);
1383 sco->state = BT_CLOSED;
1385 hci_proto_connect_cfm(sco, status);
1390 hci_dev_unlock(hdev);
1393 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1395 struct hci_cp_sniff_mode *cp;
1396 struct hci_conn *conn;
1398 BT_DBG("%s status 0x%x", hdev->name, status);
1403 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1409 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1411 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1413 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1414 hci_sco_setup(conn, status);
1417 hci_dev_unlock(hdev);
1420 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1422 struct hci_cp_exit_sniff_mode *cp;
1423 struct hci_conn *conn;
1425 BT_DBG("%s status 0x%x", hdev->name, status);
1430 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1436 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1438 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1440 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1441 hci_sco_setup(conn, status);
1444 hci_dev_unlock(hdev);
1447 static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1449 struct hci_cp_le_create_conn *cp;
1450 struct hci_conn *conn;
1452 BT_DBG("%s status 0x%x", hdev->name, status);
1454 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1460 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1462 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1466 if (conn && conn->state == BT_CONNECT) {
1467 conn->state = BT_CLOSED;
1468 hci_proto_connect_cfm(conn, status);
1473 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
1475 conn->dst_type = cp->peer_addr_type;
1478 BT_ERR("No memory for new connection");
1483 hci_dev_unlock(hdev);
1486 static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1488 BT_DBG("%s status 0x%x", hdev->name, status);
1491 static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1493 __u8 status = *((__u8 *) skb->data);
1495 BT_DBG("%s status %d", hdev->name, status);
1497 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1499 hci_conn_check_pending(hdev);
1501 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1505 mgmt_discovering(hdev, 0);
1506 hci_dev_unlock(hdev);
1509 static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1511 struct inquiry_data data;
1512 struct inquiry_info *info = (void *) (skb->data + 1);
1513 int num_rsp = *((__u8 *) skb->data);
1515 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1522 for (; num_rsp; num_rsp--, info++) {
1523 bacpy(&data.bdaddr, &info->bdaddr);
1524 data.pscan_rep_mode = info->pscan_rep_mode;
1525 data.pscan_period_mode = info->pscan_period_mode;
1526 data.pscan_mode = info->pscan_mode;
1527 memcpy(data.dev_class, info->dev_class, 3);
1528 data.clock_offset = info->clock_offset;
1530 data.ssp_mode = 0x00;
1531 hci_inquiry_cache_update(hdev, &data);
1532 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
1533 info->dev_class, 0, NULL);
1536 hci_dev_unlock(hdev);
1539 static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1541 struct hci_ev_conn_complete *ev = (void *) skb->data;
1542 struct hci_conn *conn;
1544 BT_DBG("%s", hdev->name);
1548 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1550 if (ev->link_type != SCO_LINK)
1553 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1557 conn->type = SCO_LINK;
1561 conn->handle = __le16_to_cpu(ev->handle);
1563 if (conn->type == ACL_LINK) {
1564 conn->state = BT_CONFIG;
1565 hci_conn_hold(conn);
1566 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1567 mgmt_connected(hdev, &ev->bdaddr, conn->type,
1570 conn->state = BT_CONNECTED;
1572 hci_conn_hold_device(conn);
1573 hci_conn_add_sysfs(conn);
1575 if (test_bit(HCI_AUTH, &hdev->flags))
1576 conn->link_mode |= HCI_LM_AUTH;
1578 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1579 conn->link_mode |= HCI_LM_ENCRYPT;
1581 /* Get remote features */
1582 if (conn->type == ACL_LINK) {
1583 struct hci_cp_read_remote_features cp;
1584 cp.handle = ev->handle;
1585 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1589 /* Set packet type for incoming connection */
1590 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1591 struct hci_cp_change_conn_ptype cp;
1592 cp.handle = ev->handle;
1593 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1594 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1598 conn->state = BT_CLOSED;
1599 if (conn->type == ACL_LINK)
1600 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
1601 conn->dst_type, ev->status);
1604 if (conn->type == ACL_LINK)
1605 hci_sco_setup(conn, ev->status);
1608 hci_proto_connect_cfm(conn, ev->status);
1610 } else if (ev->link_type != ACL_LINK)
1611 hci_proto_connect_cfm(conn, ev->status);
1614 hci_dev_unlock(hdev);
1616 hci_conn_check_pending(hdev);
1619 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1621 struct hci_ev_conn_request *ev = (void *) skb->data;
1622 int mask = hdev->link_mode;
1624 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1625 batostr(&ev->bdaddr), ev->link_type);
1627 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1629 if ((mask & HCI_LM_ACCEPT) &&
1630 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
1631 /* Connection accepted */
1632 struct inquiry_entry *ie;
1633 struct hci_conn *conn;
1637 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1639 memcpy(ie->data.dev_class, ev->dev_class, 3);
1641 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1643 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1645 BT_ERR("No memory for new connection");
1646 hci_dev_unlock(hdev);
1651 memcpy(conn->dev_class, ev->dev_class, 3);
1652 conn->state = BT_CONNECT;
1654 hci_dev_unlock(hdev);
1656 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1657 struct hci_cp_accept_conn_req cp;
1659 bacpy(&cp.bdaddr, &ev->bdaddr);
1661 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1662 cp.role = 0x00; /* Become master */
1664 cp.role = 0x01; /* Remain slave */
1666 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1669 struct hci_cp_accept_sync_conn_req cp;
1671 bacpy(&cp.bdaddr, &ev->bdaddr);
1672 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1674 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1675 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1676 cp.max_latency = cpu_to_le16(0xffff);
1677 cp.content_format = cpu_to_le16(hdev->voice_setting);
1678 cp.retrans_effort = 0xff;
1680 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1684 /* Connection rejected */
1685 struct hci_cp_reject_conn_req cp;
1687 bacpy(&cp.bdaddr, &ev->bdaddr);
1688 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
1689 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1693 static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1695 struct hci_ev_disconn_complete *ev = (void *) skb->data;
1696 struct hci_conn *conn;
1698 BT_DBG("%s status %d", hdev->name, ev->status);
1702 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1706 if (ev->status == 0)
1707 conn->state = BT_CLOSED;
1709 if (conn->type == ACL_LINK || conn->type == LE_LINK) {
1710 if (ev->status != 0)
1711 mgmt_disconnect_failed(hdev, &conn->dst, ev->status);
1713 mgmt_disconnected(hdev, &conn->dst, conn->type,
1717 if (ev->status == 0) {
1718 hci_proto_disconn_cfm(conn, ev->reason);
1723 hci_dev_unlock(hdev);
1726 static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1728 struct hci_ev_auth_complete *ev = (void *) skb->data;
1729 struct hci_conn *conn;
1731 BT_DBG("%s status %d", hdev->name, ev->status);
1735 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1740 if (!(conn->ssp_mode > 0 && hdev->ssp_mode > 0) &&
1741 test_bit(HCI_CONN_REAUTH_PEND, &conn->pend)) {
1742 BT_INFO("re-auth of legacy device is not possible.");
1744 conn->link_mode |= HCI_LM_AUTH;
1745 conn->sec_level = conn->pending_sec_level;
1748 mgmt_auth_failed(hdev, &conn->dst, ev->status);
1751 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1752 clear_bit(HCI_CONN_REAUTH_PEND, &conn->pend);
1754 if (conn->state == BT_CONFIG) {
1755 if (!ev->status && hdev->ssp_mode > 0 && conn->ssp_mode > 0) {
1756 struct hci_cp_set_conn_encrypt cp;
1757 cp.handle = ev->handle;
1759 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1762 conn->state = BT_CONNECTED;
1763 hci_proto_connect_cfm(conn, ev->status);
1767 hci_auth_cfm(conn, ev->status);
1769 hci_conn_hold(conn);
1770 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1774 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
1776 struct hci_cp_set_conn_encrypt cp;
1777 cp.handle = ev->handle;
1779 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1782 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1783 hci_encrypt_cfm(conn, ev->status, 0x00);
1788 hci_dev_unlock(hdev);
1791 static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1793 struct hci_ev_remote_name *ev = (void *) skb->data;
1794 struct hci_conn *conn;
1796 BT_DBG("%s", hdev->name);
1798 hci_conn_check_pending(hdev);
1802 if (ev->status == 0 && test_bit(HCI_MGMT, &hdev->flags))
1803 mgmt_remote_name(hdev, &ev->bdaddr, ev->name);
1805 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1809 if (!hci_outgoing_auth_needed(hdev, conn))
1812 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
1813 struct hci_cp_auth_requested cp;
1814 cp.handle = __cpu_to_le16(conn->handle);
1815 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1819 hci_dev_unlock(hdev);
1822 static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1824 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1825 struct hci_conn *conn;
1827 BT_DBG("%s status %d", hdev->name, ev->status);
1831 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1835 /* Encryption implies authentication */
1836 conn->link_mode |= HCI_LM_AUTH;
1837 conn->link_mode |= HCI_LM_ENCRYPT;
1838 conn->sec_level = conn->pending_sec_level;
1840 conn->link_mode &= ~HCI_LM_ENCRYPT;
1843 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1845 if (conn->state == BT_CONFIG) {
1847 conn->state = BT_CONNECTED;
1849 hci_proto_connect_cfm(conn, ev->status);
1852 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1855 hci_dev_unlock(hdev);
1858 static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1860 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
1861 struct hci_conn *conn;
1863 BT_DBG("%s status %d", hdev->name, ev->status);
1867 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1870 conn->link_mode |= HCI_LM_SECURE;
1872 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1874 hci_key_change_cfm(conn, ev->status);
1877 hci_dev_unlock(hdev);
1880 static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1882 struct hci_ev_remote_features *ev = (void *) skb->data;
1883 struct hci_conn *conn;
1885 BT_DBG("%s status %d", hdev->name, ev->status);
1889 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1894 memcpy(conn->features, ev->features, 8);
1896 if (conn->state != BT_CONFIG)
1899 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
1900 struct hci_cp_read_remote_ext_features cp;
1901 cp.handle = ev->handle;
1903 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
1909 struct hci_cp_remote_name_req cp;
1910 memset(&cp, 0, sizeof(cp));
1911 bacpy(&cp.bdaddr, &conn->dst);
1912 cp.pscan_rep_mode = 0x02;
1913 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1916 if (!hci_outgoing_auth_needed(hdev, conn)) {
1917 conn->state = BT_CONNECTED;
1918 hci_proto_connect_cfm(conn, ev->status);
1923 hci_dev_unlock(hdev);
1926 static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1928 BT_DBG("%s", hdev->name);
1931 static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1933 BT_DBG("%s", hdev->name);
1936 static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1938 struct hci_ev_cmd_complete *ev = (void *) skb->data;
1941 skb_pull(skb, sizeof(*ev));
1943 opcode = __le16_to_cpu(ev->opcode);
1946 case HCI_OP_INQUIRY_CANCEL:
1947 hci_cc_inquiry_cancel(hdev, skb);
1950 case HCI_OP_EXIT_PERIODIC_INQ:
1951 hci_cc_exit_periodic_inq(hdev, skb);
1954 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
1955 hci_cc_remote_name_req_cancel(hdev, skb);
1958 case HCI_OP_ROLE_DISCOVERY:
1959 hci_cc_role_discovery(hdev, skb);
1962 case HCI_OP_READ_LINK_POLICY:
1963 hci_cc_read_link_policy(hdev, skb);
1966 case HCI_OP_WRITE_LINK_POLICY:
1967 hci_cc_write_link_policy(hdev, skb);
1970 case HCI_OP_READ_DEF_LINK_POLICY:
1971 hci_cc_read_def_link_policy(hdev, skb);
1974 case HCI_OP_WRITE_DEF_LINK_POLICY:
1975 hci_cc_write_def_link_policy(hdev, skb);
1979 hci_cc_reset(hdev, skb);
1982 case HCI_OP_WRITE_LOCAL_NAME:
1983 hci_cc_write_local_name(hdev, skb);
1986 case HCI_OP_READ_LOCAL_NAME:
1987 hci_cc_read_local_name(hdev, skb);
1990 case HCI_OP_WRITE_AUTH_ENABLE:
1991 hci_cc_write_auth_enable(hdev, skb);
1994 case HCI_OP_WRITE_ENCRYPT_MODE:
1995 hci_cc_write_encrypt_mode(hdev, skb);
1998 case HCI_OP_WRITE_SCAN_ENABLE:
1999 hci_cc_write_scan_enable(hdev, skb);
2002 case HCI_OP_READ_CLASS_OF_DEV:
2003 hci_cc_read_class_of_dev(hdev, skb);
2006 case HCI_OP_WRITE_CLASS_OF_DEV:
2007 hci_cc_write_class_of_dev(hdev, skb);
2010 case HCI_OP_READ_VOICE_SETTING:
2011 hci_cc_read_voice_setting(hdev, skb);
2014 case HCI_OP_WRITE_VOICE_SETTING:
2015 hci_cc_write_voice_setting(hdev, skb);
2018 case HCI_OP_HOST_BUFFER_SIZE:
2019 hci_cc_host_buffer_size(hdev, skb);
2022 case HCI_OP_READ_SSP_MODE:
2023 hci_cc_read_ssp_mode(hdev, skb);
2026 case HCI_OP_WRITE_SSP_MODE:
2027 hci_cc_write_ssp_mode(hdev, skb);
2030 case HCI_OP_READ_LOCAL_VERSION:
2031 hci_cc_read_local_version(hdev, skb);
2034 case HCI_OP_READ_LOCAL_COMMANDS:
2035 hci_cc_read_local_commands(hdev, skb);
2038 case HCI_OP_READ_LOCAL_FEATURES:
2039 hci_cc_read_local_features(hdev, skb);
2042 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2043 hci_cc_read_local_ext_features(hdev, skb);
2046 case HCI_OP_READ_BUFFER_SIZE:
2047 hci_cc_read_buffer_size(hdev, skb);
2050 case HCI_OP_READ_BD_ADDR:
2051 hci_cc_read_bd_addr(hdev, skb);
2054 case HCI_OP_READ_DATA_BLOCK_SIZE:
2055 hci_cc_read_data_block_size(hdev, skb);
2058 case HCI_OP_WRITE_CA_TIMEOUT:
2059 hci_cc_write_ca_timeout(hdev, skb);
2062 case HCI_OP_READ_FLOW_CONTROL_MODE:
2063 hci_cc_read_flow_control_mode(hdev, skb);
2066 case HCI_OP_READ_LOCAL_AMP_INFO:
2067 hci_cc_read_local_amp_info(hdev, skb);
2070 case HCI_OP_DELETE_STORED_LINK_KEY:
2071 hci_cc_delete_stored_link_key(hdev, skb);
2074 case HCI_OP_SET_EVENT_MASK:
2075 hci_cc_set_event_mask(hdev, skb);
2078 case HCI_OP_WRITE_INQUIRY_MODE:
2079 hci_cc_write_inquiry_mode(hdev, skb);
2082 case HCI_OP_READ_INQ_RSP_TX_POWER:
2083 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2086 case HCI_OP_SET_EVENT_FLT:
2087 hci_cc_set_event_flt(hdev, skb);
2090 case HCI_OP_PIN_CODE_REPLY:
2091 hci_cc_pin_code_reply(hdev, skb);
2094 case HCI_OP_PIN_CODE_NEG_REPLY:
2095 hci_cc_pin_code_neg_reply(hdev, skb);
2098 case HCI_OP_READ_LOCAL_OOB_DATA:
2099 hci_cc_read_local_oob_data_reply(hdev, skb);
2102 case HCI_OP_LE_READ_BUFFER_SIZE:
2103 hci_cc_le_read_buffer_size(hdev, skb);
2106 case HCI_OP_USER_CONFIRM_REPLY:
2107 hci_cc_user_confirm_reply(hdev, skb);
2110 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2111 hci_cc_user_confirm_neg_reply(hdev, skb);
2114 case HCI_OP_USER_PASSKEY_REPLY:
2115 hci_cc_user_passkey_reply(hdev, skb);
2118 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2119 hci_cc_user_passkey_neg_reply(hdev, skb);
2121 case HCI_OP_LE_SET_SCAN_PARAM:
2122 hci_cc_le_set_scan_param(hdev, skb);
2125 case HCI_OP_LE_SET_SCAN_ENABLE:
2126 hci_cc_le_set_scan_enable(hdev, skb);
2129 case HCI_OP_LE_LTK_REPLY:
2130 hci_cc_le_ltk_reply(hdev, skb);
2133 case HCI_OP_LE_LTK_NEG_REPLY:
2134 hci_cc_le_ltk_neg_reply(hdev, skb);
2137 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2138 hci_cc_write_le_host_supported(hdev, skb);
2142 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2146 if (ev->opcode != HCI_OP_NOP)
2147 del_timer(&hdev->cmd_timer);
2150 atomic_set(&hdev->cmd_cnt, 1);
2151 if (!skb_queue_empty(&hdev->cmd_q))
2152 queue_work(hdev->workqueue, &hdev->cmd_work);
2156 static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2158 struct hci_ev_cmd_status *ev = (void *) skb->data;
2161 skb_pull(skb, sizeof(*ev));
2163 opcode = __le16_to_cpu(ev->opcode);
2166 case HCI_OP_INQUIRY:
2167 hci_cs_inquiry(hdev, ev->status);
2170 case HCI_OP_CREATE_CONN:
2171 hci_cs_create_conn(hdev, ev->status);
2174 case HCI_OP_ADD_SCO:
2175 hci_cs_add_sco(hdev, ev->status);
2178 case HCI_OP_AUTH_REQUESTED:
2179 hci_cs_auth_requested(hdev, ev->status);
2182 case HCI_OP_SET_CONN_ENCRYPT:
2183 hci_cs_set_conn_encrypt(hdev, ev->status);
2186 case HCI_OP_REMOTE_NAME_REQ:
2187 hci_cs_remote_name_req(hdev, ev->status);
2190 case HCI_OP_READ_REMOTE_FEATURES:
2191 hci_cs_read_remote_features(hdev, ev->status);
2194 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2195 hci_cs_read_remote_ext_features(hdev, ev->status);
2198 case HCI_OP_SETUP_SYNC_CONN:
2199 hci_cs_setup_sync_conn(hdev, ev->status);
2202 case HCI_OP_SNIFF_MODE:
2203 hci_cs_sniff_mode(hdev, ev->status);
2206 case HCI_OP_EXIT_SNIFF_MODE:
2207 hci_cs_exit_sniff_mode(hdev, ev->status);
2210 case HCI_OP_DISCONNECT:
2211 if (ev->status != 0)
2212 mgmt_disconnect_failed(hdev, NULL, ev->status);
2215 case HCI_OP_LE_CREATE_CONN:
2216 hci_cs_le_create_conn(hdev, ev->status);
2219 case HCI_OP_LE_START_ENC:
2220 hci_cs_le_start_enc(hdev, ev->status);
2224 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2228 if (ev->opcode != HCI_OP_NOP)
2229 del_timer(&hdev->cmd_timer);
2231 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
2232 atomic_set(&hdev->cmd_cnt, 1);
2233 if (!skb_queue_empty(&hdev->cmd_q))
2234 queue_work(hdev->workqueue, &hdev->cmd_work);
2238 static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2240 struct hci_ev_role_change *ev = (void *) skb->data;
2241 struct hci_conn *conn;
2243 BT_DBG("%s status %d", hdev->name, ev->status);
2247 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2251 conn->link_mode &= ~HCI_LM_MASTER;
2253 conn->link_mode |= HCI_LM_MASTER;
2256 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
2258 hci_role_switch_cfm(conn, ev->status, ev->role);
2261 hci_dev_unlock(hdev);
2264 static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
2266 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
2269 skb_pull(skb, sizeof(*ev));
2271 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2273 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2274 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2278 if (skb->len < ev->num_hndl * 4) {
2279 BT_DBG("%s bad parameters", hdev->name);
2283 for (i = 0; i < ev->num_hndl; i++) {
2284 struct hci_comp_pkts_info *info = &ev->handles[i];
2285 struct hci_conn *conn;
2286 __u16 handle, count;
2288 handle = __le16_to_cpu(info->handle);
2289 count = __le16_to_cpu(info->count);
2291 conn = hci_conn_hash_lookup_handle(hdev, handle);
2295 conn->sent -= count;
2297 switch (conn->type) {
2299 hdev->acl_cnt += count;
2300 if (hdev->acl_cnt > hdev->acl_pkts)
2301 hdev->acl_cnt = hdev->acl_pkts;
2305 if (hdev->le_pkts) {
2306 hdev->le_cnt += count;
2307 if (hdev->le_cnt > hdev->le_pkts)
2308 hdev->le_cnt = hdev->le_pkts;
2310 hdev->acl_cnt += count;
2311 if (hdev->acl_cnt > hdev->acl_pkts)
2312 hdev->acl_cnt = hdev->acl_pkts;
2317 hdev->sco_cnt += count;
2318 if (hdev->sco_cnt > hdev->sco_pkts)
2319 hdev->sco_cnt = hdev->sco_pkts;
2323 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2328 queue_work(hdev->workqueue, &hdev->tx_work);
2331 static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2333 struct hci_ev_mode_change *ev = (void *) skb->data;
2334 struct hci_conn *conn;
2336 BT_DBG("%s status %d", hdev->name, ev->status);
2340 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2342 conn->mode = ev->mode;
2343 conn->interval = __le16_to_cpu(ev->interval);
2345 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
2346 if (conn->mode == HCI_CM_ACTIVE)
2347 conn->power_save = 1;
2349 conn->power_save = 0;
2352 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
2353 hci_sco_setup(conn, ev->status);
2356 hci_dev_unlock(hdev);
2359 static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2361 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2362 struct hci_conn *conn;
2364 BT_DBG("%s", hdev->name);
2368 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2372 if (conn->state == BT_CONNECTED) {
2373 hci_conn_hold(conn);
2374 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2378 if (!test_bit(HCI_PAIRABLE, &hdev->flags))
2379 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2380 sizeof(ev->bdaddr), &ev->bdaddr);
2381 else if (test_bit(HCI_MGMT, &hdev->flags)) {
2384 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2389 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
2393 hci_dev_unlock(hdev);
2396 static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2398 struct hci_ev_link_key_req *ev = (void *) skb->data;
2399 struct hci_cp_link_key_reply cp;
2400 struct hci_conn *conn;
2401 struct link_key *key;
2403 BT_DBG("%s", hdev->name);
2405 if (!test_bit(HCI_LINK_KEYS, &hdev->flags))
2410 key = hci_find_link_key(hdev, &ev->bdaddr);
2412 BT_DBG("%s link key not found for %s", hdev->name,
2413 batostr(&ev->bdaddr));
2417 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2418 batostr(&ev->bdaddr));
2420 if (!test_bit(HCI_DEBUG_KEYS, &hdev->flags) &&
2421 key->type == HCI_LK_DEBUG_COMBINATION) {
2422 BT_DBG("%s ignoring debug key", hdev->name);
2426 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2428 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
2429 conn->auth_type != 0xff &&
2430 (conn->auth_type & 0x01)) {
2431 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2435 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
2436 conn->pending_sec_level == BT_SECURITY_HIGH) {
2437 BT_DBG("%s ignoring key unauthenticated for high \
2438 security", hdev->name);
2442 conn->key_type = key->type;
2443 conn->pin_length = key->pin_len;
2446 bacpy(&cp.bdaddr, &ev->bdaddr);
2447 memcpy(cp.link_key, key->val, 16);
2449 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2451 hci_dev_unlock(hdev);
2456 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2457 hci_dev_unlock(hdev);
2460 static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2462 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2463 struct hci_conn *conn;
2466 BT_DBG("%s", hdev->name);
2470 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2472 hci_conn_hold(conn);
2473 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2474 pin_len = conn->pin_length;
2476 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2477 conn->key_type = ev->key_type;
2482 if (test_bit(HCI_LINK_KEYS, &hdev->flags))
2483 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
2484 ev->key_type, pin_len);
2486 hci_dev_unlock(hdev);
2489 static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2491 struct hci_ev_clock_offset *ev = (void *) skb->data;
2492 struct hci_conn *conn;
2494 BT_DBG("%s status %d", hdev->name, ev->status);
2498 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2499 if (conn && !ev->status) {
2500 struct inquiry_entry *ie;
2502 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2504 ie->data.clock_offset = ev->clock_offset;
2505 ie->timestamp = jiffies;
2509 hci_dev_unlock(hdev);
2512 static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2514 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2515 struct hci_conn *conn;
2517 BT_DBG("%s status %d", hdev->name, ev->status);
2521 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2522 if (conn && !ev->status)
2523 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2525 hci_dev_unlock(hdev);
2528 static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2530 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
2531 struct inquiry_entry *ie;
2533 BT_DBG("%s", hdev->name);
2537 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2539 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2540 ie->timestamp = jiffies;
2543 hci_dev_unlock(hdev);
2546 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2548 struct inquiry_data data;
2549 int num_rsp = *((__u8 *) skb->data);
2551 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2558 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
2559 struct inquiry_info_with_rssi_and_pscan_mode *info;
2560 info = (void *) (skb->data + 1);
2562 for (; num_rsp; num_rsp--, info++) {
2563 bacpy(&data.bdaddr, &info->bdaddr);
2564 data.pscan_rep_mode = info->pscan_rep_mode;
2565 data.pscan_period_mode = info->pscan_period_mode;
2566 data.pscan_mode = info->pscan_mode;
2567 memcpy(data.dev_class, info->dev_class, 3);
2568 data.clock_offset = info->clock_offset;
2569 data.rssi = info->rssi;
2570 data.ssp_mode = 0x00;
2571 hci_inquiry_cache_update(hdev, &data);
2572 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
2573 info->dev_class, info->rssi,
2577 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2579 for (; num_rsp; num_rsp--, info++) {
2580 bacpy(&data.bdaddr, &info->bdaddr);
2581 data.pscan_rep_mode = info->pscan_rep_mode;
2582 data.pscan_period_mode = info->pscan_period_mode;
2583 data.pscan_mode = 0x00;
2584 memcpy(data.dev_class, info->dev_class, 3);
2585 data.clock_offset = info->clock_offset;
2586 data.rssi = info->rssi;
2587 data.ssp_mode = 0x00;
2588 hci_inquiry_cache_update(hdev, &data);
2589 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
2590 info->dev_class, info->rssi,
2595 hci_dev_unlock(hdev);
2598 static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2600 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2601 struct hci_conn *conn;
2603 BT_DBG("%s", hdev->name);
2607 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2611 if (!ev->status && ev->page == 0x01) {
2612 struct inquiry_entry *ie;
2614 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2616 ie->data.ssp_mode = (ev->features[0] & 0x01);
2618 conn->ssp_mode = (ev->features[0] & 0x01);
2621 if (conn->state != BT_CONFIG)
2625 struct hci_cp_remote_name_req cp;
2626 memset(&cp, 0, sizeof(cp));
2627 bacpy(&cp.bdaddr, &conn->dst);
2628 cp.pscan_rep_mode = 0x02;
2629 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2632 if (!hci_outgoing_auth_needed(hdev, conn)) {
2633 conn->state = BT_CONNECTED;
2634 hci_proto_connect_cfm(conn, ev->status);
2639 hci_dev_unlock(hdev);
2642 static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2644 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2645 struct hci_conn *conn;
2647 BT_DBG("%s status %d", hdev->name, ev->status);
2651 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
2653 if (ev->link_type == ESCO_LINK)
2656 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2660 conn->type = SCO_LINK;
2663 switch (ev->status) {
2665 conn->handle = __le16_to_cpu(ev->handle);
2666 conn->state = BT_CONNECTED;
2668 hci_conn_hold_device(conn);
2669 hci_conn_add_sysfs(conn);
2672 case 0x11: /* Unsupported Feature or Parameter Value */
2673 case 0x1c: /* SCO interval rejected */
2674 case 0x1a: /* Unsupported Remote Feature */
2675 case 0x1f: /* Unspecified error */
2676 if (conn->out && conn->attempt < 2) {
2677 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2678 (hdev->esco_type & EDR_ESCO_MASK);
2679 hci_setup_sync(conn, conn->link->handle);
2685 conn->state = BT_CLOSED;
2689 hci_proto_connect_cfm(conn, ev->status);
2694 hci_dev_unlock(hdev);
2697 static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2699 BT_DBG("%s", hdev->name);
2702 static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2704 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
2706 BT_DBG("%s status %d", hdev->name, ev->status);
2709 static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
2711 struct inquiry_data data;
2712 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2713 int num_rsp = *((__u8 *) skb->data);
2715 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2722 for (; num_rsp; num_rsp--, info++) {
2723 bacpy(&data.bdaddr, &info->bdaddr);
2724 data.pscan_rep_mode = info->pscan_rep_mode;
2725 data.pscan_period_mode = info->pscan_period_mode;
2726 data.pscan_mode = 0x00;
2727 memcpy(data.dev_class, info->dev_class, 3);
2728 data.clock_offset = info->clock_offset;
2729 data.rssi = info->rssi;
2730 data.ssp_mode = 0x01;
2731 hci_inquiry_cache_update(hdev, &data);
2732 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
2733 info->dev_class, info->rssi, info->data);
2736 hci_dev_unlock(hdev);
2739 static inline u8 hci_get_auth_req(struct hci_conn *conn)
2741 /* If remote requests dedicated bonding follow that lead */
2742 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2743 /* If both remote and local IO capabilities allow MITM
2744 * protection then require it, otherwise don't */
2745 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2751 /* If remote requests no-bonding follow that lead */
2752 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
2753 return conn->remote_auth | (conn->auth_type & 0x01);
2755 return conn->auth_type;
2758 static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2760 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2761 struct hci_conn *conn;
2763 BT_DBG("%s", hdev->name);
2767 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2771 hci_conn_hold(conn);
2773 if (!test_bit(HCI_MGMT, &hdev->flags))
2776 if (test_bit(HCI_PAIRABLE, &hdev->flags) ||
2777 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
2778 struct hci_cp_io_capability_reply cp;
2780 bacpy(&cp.bdaddr, &ev->bdaddr);
2781 cp.capability = conn->io_capability;
2782 conn->auth_type = hci_get_auth_req(conn);
2783 cp.authentication = conn->auth_type;
2785 if ((conn->out == 0x01 || conn->remote_oob == 0x01) &&
2786 hci_find_remote_oob_data(hdev, &conn->dst))
2791 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
2794 struct hci_cp_io_capability_neg_reply cp;
2796 bacpy(&cp.bdaddr, &ev->bdaddr);
2797 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
2799 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
2804 hci_dev_unlock(hdev);
2807 static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
2809 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
2810 struct hci_conn *conn;
2812 BT_DBG("%s", hdev->name);
2816 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2820 conn->remote_cap = ev->capability;
2821 conn->remote_oob = ev->oob_data;
2822 conn->remote_auth = ev->authentication;
2825 hci_dev_unlock(hdev);
2828 static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
2829 struct sk_buff *skb)
2831 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
2832 int loc_mitm, rem_mitm, confirm_hint = 0;
2833 struct hci_conn *conn;
2835 BT_DBG("%s", hdev->name);
2839 if (!test_bit(HCI_MGMT, &hdev->flags))
2842 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2846 loc_mitm = (conn->auth_type & 0x01);
2847 rem_mitm = (conn->remote_auth & 0x01);
2849 /* If we require MITM but the remote device can't provide that
2850 * (it has NoInputNoOutput) then reject the confirmation
2851 * request. The only exception is when we're dedicated bonding
2852 * initiators (connect_cfm_cb set) since then we always have the MITM
2854 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
2855 BT_DBG("Rejecting request: remote device can't provide MITM");
2856 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
2857 sizeof(ev->bdaddr), &ev->bdaddr);
2861 /* If no side requires MITM protection; auto-accept */
2862 if ((!loc_mitm || conn->remote_cap == 0x03) &&
2863 (!rem_mitm || conn->io_capability == 0x03)) {
2865 /* If we're not the initiators request authorization to
2866 * proceed from user space (mgmt_user_confirm with
2867 * confirm_hint set to 1). */
2868 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
2869 BT_DBG("Confirming auto-accept as acceptor");
2874 BT_DBG("Auto-accept of user confirmation with %ums delay",
2875 hdev->auto_accept_delay);
2877 if (hdev->auto_accept_delay > 0) {
2878 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
2879 mod_timer(&conn->auto_accept_timer, jiffies + delay);
2883 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
2884 sizeof(ev->bdaddr), &ev->bdaddr);
2889 mgmt_user_confirm_request(hdev, &ev->bdaddr, ev->passkey,
2893 hci_dev_unlock(hdev);
2896 static inline void hci_user_passkey_request_evt(struct hci_dev *hdev,
2897 struct sk_buff *skb)
2899 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
2901 BT_DBG("%s", hdev->name);
2905 if (test_bit(HCI_MGMT, &hdev->flags))
2906 mgmt_user_passkey_request(hdev, &ev->bdaddr);
2908 hci_dev_unlock(hdev);
2911 static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2913 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
2914 struct hci_conn *conn;
2916 BT_DBG("%s", hdev->name);
2920 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2924 /* To avoid duplicate auth_failed events to user space we check
2925 * the HCI_CONN_AUTH_PEND flag which will be set if we
2926 * initiated the authentication. A traditional auth_complete
2927 * event gets always produced as initiator and is also mapped to
2928 * the mgmt_auth_failed event */
2929 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->pend) && ev->status != 0)
2930 mgmt_auth_failed(hdev, &conn->dst, ev->status);
2935 hci_dev_unlock(hdev);
2938 static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2940 struct hci_ev_remote_host_features *ev = (void *) skb->data;
2941 struct inquiry_entry *ie;
2943 BT_DBG("%s", hdev->name);
2947 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2949 ie->data.ssp_mode = (ev->features[0] & 0x01);
2951 hci_dev_unlock(hdev);
2954 static inline void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
2955 struct sk_buff *skb)
2957 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
2958 struct oob_data *data;
2960 BT_DBG("%s", hdev->name);
2964 if (!test_bit(HCI_MGMT, &hdev->flags))
2967 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
2969 struct hci_cp_remote_oob_data_reply cp;
2971 bacpy(&cp.bdaddr, &ev->bdaddr);
2972 memcpy(cp.hash, data->hash, sizeof(cp.hash));
2973 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
2975 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
2978 struct hci_cp_remote_oob_data_neg_reply cp;
2980 bacpy(&cp.bdaddr, &ev->bdaddr);
2981 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
2986 hci_dev_unlock(hdev);
2989 static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2991 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
2992 struct hci_conn *conn;
2994 BT_DBG("%s status %d", hdev->name, ev->status);
2998 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
3000 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3002 BT_ERR("No memory for new connection");
3003 hci_dev_unlock(hdev);
3007 conn->dst_type = ev->bdaddr_type;
3011 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
3012 conn->dst_type, ev->status);
3013 hci_proto_connect_cfm(conn, ev->status);
3014 conn->state = BT_CLOSED;
3019 mgmt_connected(hdev, &ev->bdaddr, conn->type, conn->dst_type);
3021 conn->sec_level = BT_SECURITY_LOW;
3022 conn->handle = __le16_to_cpu(ev->handle);
3023 conn->state = BT_CONNECTED;
3025 hci_conn_hold_device(conn);
3026 hci_conn_add_sysfs(conn);
3028 hci_proto_connect_cfm(conn, ev->status);
3031 hci_dev_unlock(hdev);
3034 static inline void hci_le_adv_report_evt(struct hci_dev *hdev,
3035 struct sk_buff *skb)
3037 u8 num_reports = skb->data[0];
3038 void *ptr = &skb->data[1];
3042 while (num_reports--) {
3043 struct hci_ev_le_advertising_info *ev = ptr;
3045 hci_add_adv_entry(hdev, ev);
3047 ptr += sizeof(*ev) + ev->length + 1;
3050 hci_dev_unlock(hdev);
3053 static inline void hci_le_ltk_request_evt(struct hci_dev *hdev,
3054 struct sk_buff *skb)
3056 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3057 struct hci_cp_le_ltk_reply cp;
3058 struct hci_cp_le_ltk_neg_reply neg;
3059 struct hci_conn *conn;
3060 struct link_key *ltk;
3062 BT_DBG("%s handle %d", hdev->name, cpu_to_le16(ev->handle));
3066 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3070 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3074 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
3075 cp.handle = cpu_to_le16(conn->handle);
3076 conn->pin_length = ltk->pin_len;
3078 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3080 hci_dev_unlock(hdev);
3085 neg.handle = ev->handle;
3086 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3087 hci_dev_unlock(hdev);
3090 static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
3092 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3094 skb_pull(skb, sizeof(*le_ev));
3096 switch (le_ev->subevent) {
3097 case HCI_EV_LE_CONN_COMPLETE:
3098 hci_le_conn_complete_evt(hdev, skb);
3101 case HCI_EV_LE_ADVERTISING_REPORT:
3102 hci_le_adv_report_evt(hdev, skb);
3105 case HCI_EV_LE_LTK_REQ:
3106 hci_le_ltk_request_evt(hdev, skb);
3114 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3116 struct hci_event_hdr *hdr = (void *) skb->data;
3117 __u8 event = hdr->evt;
3119 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3122 case HCI_EV_INQUIRY_COMPLETE:
3123 hci_inquiry_complete_evt(hdev, skb);
3126 case HCI_EV_INQUIRY_RESULT:
3127 hci_inquiry_result_evt(hdev, skb);
3130 case HCI_EV_CONN_COMPLETE:
3131 hci_conn_complete_evt(hdev, skb);
3134 case HCI_EV_CONN_REQUEST:
3135 hci_conn_request_evt(hdev, skb);
3138 case HCI_EV_DISCONN_COMPLETE:
3139 hci_disconn_complete_evt(hdev, skb);
3142 case HCI_EV_AUTH_COMPLETE:
3143 hci_auth_complete_evt(hdev, skb);
3146 case HCI_EV_REMOTE_NAME:
3147 hci_remote_name_evt(hdev, skb);
3150 case HCI_EV_ENCRYPT_CHANGE:
3151 hci_encrypt_change_evt(hdev, skb);
3154 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3155 hci_change_link_key_complete_evt(hdev, skb);
3158 case HCI_EV_REMOTE_FEATURES:
3159 hci_remote_features_evt(hdev, skb);
3162 case HCI_EV_REMOTE_VERSION:
3163 hci_remote_version_evt(hdev, skb);
3166 case HCI_EV_QOS_SETUP_COMPLETE:
3167 hci_qos_setup_complete_evt(hdev, skb);
3170 case HCI_EV_CMD_COMPLETE:
3171 hci_cmd_complete_evt(hdev, skb);
3174 case HCI_EV_CMD_STATUS:
3175 hci_cmd_status_evt(hdev, skb);
3178 case HCI_EV_ROLE_CHANGE:
3179 hci_role_change_evt(hdev, skb);
3182 case HCI_EV_NUM_COMP_PKTS:
3183 hci_num_comp_pkts_evt(hdev, skb);
3186 case HCI_EV_MODE_CHANGE:
3187 hci_mode_change_evt(hdev, skb);
3190 case HCI_EV_PIN_CODE_REQ:
3191 hci_pin_code_request_evt(hdev, skb);
3194 case HCI_EV_LINK_KEY_REQ:
3195 hci_link_key_request_evt(hdev, skb);
3198 case HCI_EV_LINK_KEY_NOTIFY:
3199 hci_link_key_notify_evt(hdev, skb);
3202 case HCI_EV_CLOCK_OFFSET:
3203 hci_clock_offset_evt(hdev, skb);
3206 case HCI_EV_PKT_TYPE_CHANGE:
3207 hci_pkt_type_change_evt(hdev, skb);
3210 case HCI_EV_PSCAN_REP_MODE:
3211 hci_pscan_rep_mode_evt(hdev, skb);
3214 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3215 hci_inquiry_result_with_rssi_evt(hdev, skb);
3218 case HCI_EV_REMOTE_EXT_FEATURES:
3219 hci_remote_ext_features_evt(hdev, skb);
3222 case HCI_EV_SYNC_CONN_COMPLETE:
3223 hci_sync_conn_complete_evt(hdev, skb);
3226 case HCI_EV_SYNC_CONN_CHANGED:
3227 hci_sync_conn_changed_evt(hdev, skb);
3230 case HCI_EV_SNIFF_SUBRATE:
3231 hci_sniff_subrate_evt(hdev, skb);
3234 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3235 hci_extended_inquiry_result_evt(hdev, skb);
3238 case HCI_EV_IO_CAPA_REQUEST:
3239 hci_io_capa_request_evt(hdev, skb);
3242 case HCI_EV_IO_CAPA_REPLY:
3243 hci_io_capa_reply_evt(hdev, skb);
3246 case HCI_EV_USER_CONFIRM_REQUEST:
3247 hci_user_confirm_request_evt(hdev, skb);
3250 case HCI_EV_USER_PASSKEY_REQUEST:
3251 hci_user_passkey_request_evt(hdev, skb);
3254 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3255 hci_simple_pair_complete_evt(hdev, skb);
3258 case HCI_EV_REMOTE_HOST_FEATURES:
3259 hci_remote_host_features_evt(hdev, skb);
3262 case HCI_EV_LE_META:
3263 hci_le_meta_evt(hdev, skb);
3266 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3267 hci_remote_oob_data_request_evt(hdev, skb);
3271 BT_DBG("%s event 0x%x", hdev->name, event);
3276 hdev->stat.evt_rx++;
3279 /* Generate internal stack event */
3280 void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
3282 struct hci_event_hdr *hdr;
3283 struct hci_ev_stack_internal *ev;
3284 struct sk_buff *skb;
3286 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
3290 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
3291 hdr->evt = HCI_EV_STACK_INTERNAL;
3292 hdr->plen = sizeof(*ev) + dlen;
3294 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
3296 memcpy(ev->data, data, dlen);
3298 bt_cb(skb)->incoming = 1;
3299 __net_timestamp(skb);
3301 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
3302 skb->dev = (void *) hdev;
3303 hci_send_to_sock(hdev, skb, NULL);
3307 module_param(enable_le, bool, 0644);
3308 MODULE_PARM_DESC(enable_le, "Enable LE support");
projects / linux-flexiantxendom0-3.2.10.git / blob