2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI event handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
41 #include <asm/system.h>
42 #include <linux/uaccess.h>
43 #include <asm/unaligned.h>
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
50 /* Handle HCI Event packets */
52 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
54 __u8 status = *((__u8 *) skb->data);
56 BT_DBG("%s status 0x%x", hdev->name, status);
60 mgmt_stop_discovery_failed(hdev, status);
65 clear_bit(HCI_INQUIRY, &hdev->flags);
68 mgmt_discovering(hdev, 0);
71 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
73 hci_conn_check_pending(hdev);
76 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
78 __u8 status = *((__u8 *) skb->data);
80 BT_DBG("%s status 0x%x", hdev->name, status);
85 hci_conn_check_pending(hdev);
88 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
90 BT_DBG("%s", hdev->name);
93 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
95 struct hci_rp_role_discovery *rp = (void *) skb->data;
96 struct hci_conn *conn;
98 BT_DBG("%s status 0x%x", hdev->name, rp->status);
105 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
108 conn->link_mode &= ~HCI_LM_MASTER;
110 conn->link_mode |= HCI_LM_MASTER;
113 hci_dev_unlock(hdev);
116 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
118 struct hci_rp_read_link_policy *rp = (void *) skb->data;
119 struct hci_conn *conn;
121 BT_DBG("%s status 0x%x", hdev->name, rp->status);
128 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
130 conn->link_policy = __le16_to_cpu(rp->policy);
132 hci_dev_unlock(hdev);
135 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
137 struct hci_rp_write_link_policy *rp = (void *) skb->data;
138 struct hci_conn *conn;
141 BT_DBG("%s status 0x%x", hdev->name, rp->status);
146 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
152 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
154 conn->link_policy = get_unaligned_le16(sent + 2);
156 hci_dev_unlock(hdev);
159 static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
161 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
163 BT_DBG("%s status 0x%x", hdev->name, rp->status);
168 hdev->link_policy = __le16_to_cpu(rp->policy);
171 static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
173 __u8 status = *((__u8 *) skb->data);
176 BT_DBG("%s status 0x%x", hdev->name, status);
178 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
183 hdev->link_policy = get_unaligned_le16(sent);
185 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
188 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
190 __u8 status = *((__u8 *) skb->data);
192 BT_DBG("%s status 0x%x", hdev->name, status);
194 clear_bit(HCI_RESET, &hdev->flags);
196 hci_req_complete(hdev, HCI_OP_RESET, status);
201 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
203 __u8 status = *((__u8 *) skb->data);
206 BT_DBG("%s status 0x%x", hdev->name, status);
208 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
214 if (test_bit(HCI_MGMT, &hdev->flags))
215 mgmt_set_local_name_complete(hdev, sent, status);
218 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
220 hci_dev_unlock(hdev);
223 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
225 struct hci_rp_read_local_name *rp = (void *) skb->data;
227 BT_DBG("%s status 0x%x", hdev->name, rp->status);
232 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
235 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
237 __u8 status = *((__u8 *) skb->data);
240 BT_DBG("%s status 0x%x", hdev->name, status);
242 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
247 __u8 param = *((__u8 *) sent);
249 if (param == AUTH_ENABLED)
250 set_bit(HCI_AUTH, &hdev->flags);
252 clear_bit(HCI_AUTH, &hdev->flags);
255 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
258 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
260 __u8 status = *((__u8 *) skb->data);
263 BT_DBG("%s status 0x%x", hdev->name, status);
265 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
270 __u8 param = *((__u8 *) sent);
273 set_bit(HCI_ENCRYPT, &hdev->flags);
275 clear_bit(HCI_ENCRYPT, &hdev->flags);
278 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
281 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
283 __u8 param, status = *((__u8 *) skb->data);
284 int old_pscan, old_iscan;
287 BT_DBG("%s status 0x%x", hdev->name, status);
289 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
293 param = *((__u8 *) sent);
298 mgmt_write_scan_failed(hdev, param, status);
299 hdev->discov_timeout = 0;
303 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
304 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
306 if (param & SCAN_INQUIRY) {
307 set_bit(HCI_ISCAN, &hdev->flags);
309 mgmt_discoverable(hdev, 1);
310 if (hdev->discov_timeout > 0) {
311 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
312 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
315 } else if (old_iscan)
316 mgmt_discoverable(hdev, 0);
318 if (param & SCAN_PAGE) {
319 set_bit(HCI_PSCAN, &hdev->flags);
321 mgmt_connectable(hdev, 1);
322 } else if (old_pscan)
323 mgmt_connectable(hdev, 0);
326 hci_dev_unlock(hdev);
327 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
330 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
332 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
334 BT_DBG("%s status 0x%x", hdev->name, rp->status);
339 memcpy(hdev->dev_class, rp->dev_class, 3);
341 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
342 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
345 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
347 __u8 status = *((__u8 *) skb->data);
350 BT_DBG("%s status 0x%x", hdev->name, status);
355 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
359 memcpy(hdev->dev_class, sent, 3);
362 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
364 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
367 BT_DBG("%s status 0x%x", hdev->name, rp->status);
372 setting = __le16_to_cpu(rp->voice_setting);
374 if (hdev->voice_setting == setting)
377 hdev->voice_setting = setting;
379 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
382 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
385 static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
387 __u8 status = *((__u8 *) skb->data);
391 BT_DBG("%s status 0x%x", hdev->name, status);
396 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
400 setting = get_unaligned_le16(sent);
402 if (hdev->voice_setting == setting)
405 hdev->voice_setting = setting;
407 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
410 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
413 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
415 __u8 status = *((__u8 *) skb->data);
417 BT_DBG("%s status 0x%x", hdev->name, status);
419 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
422 static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
424 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
426 BT_DBG("%s status 0x%x", hdev->name, rp->status);
431 hdev->ssp_mode = rp->mode;
434 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
436 __u8 status = *((__u8 *) skb->data);
439 BT_DBG("%s status 0x%x", hdev->name, status);
444 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
448 hdev->ssp_mode = *((__u8 *) sent);
451 static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
453 if (hdev->features[6] & LMP_EXT_INQ)
456 if (hdev->features[3] & LMP_RSSI_INQ)
459 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
460 hdev->lmp_subver == 0x0757)
463 if (hdev->manufacturer == 15) {
464 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
466 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
468 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
472 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
473 hdev->lmp_subver == 0x1805)
479 static void hci_setup_inquiry_mode(struct hci_dev *hdev)
483 mode = hci_get_inquiry_mode(hdev);
485 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
488 static void hci_setup_event_mask(struct hci_dev *hdev)
490 /* The second byte is 0xff instead of 0x9f (two reserved bits
491 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
492 * command otherwise */
493 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
495 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
496 * any event mask for pre 1.2 devices */
497 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
500 events[4] |= 0x01; /* Flow Specification Complete */
501 events[4] |= 0x02; /* Inquiry Result with RSSI */
502 events[4] |= 0x04; /* Read Remote Extended Features Complete */
503 events[5] |= 0x08; /* Synchronous Connection Complete */
504 events[5] |= 0x10; /* Synchronous Connection Changed */
506 if (hdev->features[3] & LMP_RSSI_INQ)
507 events[4] |= 0x04; /* Inquiry Result with RSSI */
509 if (hdev->features[5] & LMP_SNIFF_SUBR)
510 events[5] |= 0x20; /* Sniff Subrating */
512 if (hdev->features[5] & LMP_PAUSE_ENC)
513 events[5] |= 0x80; /* Encryption Key Refresh Complete */
515 if (hdev->features[6] & LMP_EXT_INQ)
516 events[5] |= 0x40; /* Extended Inquiry Result */
518 if (hdev->features[6] & LMP_NO_FLUSH)
519 events[7] |= 0x01; /* Enhanced Flush Complete */
521 if (hdev->features[7] & LMP_LSTO)
522 events[6] |= 0x80; /* Link Supervision Timeout Changed */
524 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
525 events[6] |= 0x01; /* IO Capability Request */
526 events[6] |= 0x02; /* IO Capability Response */
527 events[6] |= 0x04; /* User Confirmation Request */
528 events[6] |= 0x08; /* User Passkey Request */
529 events[6] |= 0x10; /* Remote OOB Data Request */
530 events[6] |= 0x20; /* Simple Pairing Complete */
531 events[7] |= 0x04; /* User Passkey Notification */
532 events[7] |= 0x08; /* Keypress Notification */
533 events[7] |= 0x10; /* Remote Host Supported
534 * Features Notification */
537 if (hdev->features[4] & LMP_LE)
538 events[7] |= 0x20; /* LE Meta-Event */
540 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
543 static void hci_set_le_support(struct hci_dev *hdev)
545 struct hci_cp_write_le_host_supported cp;
547 memset(&cp, 0, sizeof(cp));
551 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
554 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp), &cp);
557 static void hci_setup(struct hci_dev *hdev)
559 if (hdev->dev_type != HCI_BREDR)
562 hci_setup_event_mask(hdev);
564 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
565 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
567 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
569 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
572 if (hdev->features[3] & LMP_RSSI_INQ)
573 hci_setup_inquiry_mode(hdev);
575 if (hdev->features[7] & LMP_INQ_TX_PWR)
576 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
578 if (hdev->features[7] & LMP_EXTFEATURES) {
579 struct hci_cp_read_local_ext_features cp;
582 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES,
586 if (hdev->features[4] & LMP_LE)
587 hci_set_le_support(hdev);
590 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
592 struct hci_rp_read_local_version *rp = (void *) skb->data;
594 BT_DBG("%s status 0x%x", hdev->name, rp->status);
599 hdev->hci_ver = rp->hci_ver;
600 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
601 hdev->lmp_ver = rp->lmp_ver;
602 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
603 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
605 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
607 hdev->hci_ver, hdev->hci_rev);
609 if (test_bit(HCI_INIT, &hdev->flags))
613 static void hci_setup_link_policy(struct hci_dev *hdev)
617 if (hdev->features[0] & LMP_RSWITCH)
618 link_policy |= HCI_LP_RSWITCH;
619 if (hdev->features[0] & LMP_HOLD)
620 link_policy |= HCI_LP_HOLD;
621 if (hdev->features[0] & LMP_SNIFF)
622 link_policy |= HCI_LP_SNIFF;
623 if (hdev->features[1] & LMP_PARK)
624 link_policy |= HCI_LP_PARK;
626 link_policy = cpu_to_le16(link_policy);
627 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
628 sizeof(link_policy), &link_policy);
631 static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
633 struct hci_rp_read_local_commands *rp = (void *) skb->data;
635 BT_DBG("%s status 0x%x", hdev->name, rp->status);
640 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
642 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
643 hci_setup_link_policy(hdev);
646 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
649 static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
651 struct hci_rp_read_local_features *rp = (void *) skb->data;
653 BT_DBG("%s status 0x%x", hdev->name, rp->status);
658 memcpy(hdev->features, rp->features, 8);
660 /* Adjust default settings according to features
661 * supported by device. */
663 if (hdev->features[0] & LMP_3SLOT)
664 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
666 if (hdev->features[0] & LMP_5SLOT)
667 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
669 if (hdev->features[1] & LMP_HV2) {
670 hdev->pkt_type |= (HCI_HV2);
671 hdev->esco_type |= (ESCO_HV2);
674 if (hdev->features[1] & LMP_HV3) {
675 hdev->pkt_type |= (HCI_HV3);
676 hdev->esco_type |= (ESCO_HV3);
679 if (hdev->features[3] & LMP_ESCO)
680 hdev->esco_type |= (ESCO_EV3);
682 if (hdev->features[4] & LMP_EV4)
683 hdev->esco_type |= (ESCO_EV4);
685 if (hdev->features[4] & LMP_EV5)
686 hdev->esco_type |= (ESCO_EV5);
688 if (hdev->features[5] & LMP_EDR_ESCO_2M)
689 hdev->esco_type |= (ESCO_2EV3);
691 if (hdev->features[5] & LMP_EDR_ESCO_3M)
692 hdev->esco_type |= (ESCO_3EV3);
694 if (hdev->features[5] & LMP_EDR_3S_ESCO)
695 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
697 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
698 hdev->features[0], hdev->features[1],
699 hdev->features[2], hdev->features[3],
700 hdev->features[4], hdev->features[5],
701 hdev->features[6], hdev->features[7]);
704 static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
707 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
709 BT_DBG("%s status 0x%x", hdev->name, rp->status);
716 memcpy(hdev->features, rp->features, 8);
719 memcpy(hdev->host_features, rp->features, 8);
723 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
726 static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
729 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
731 BT_DBG("%s status 0x%x", hdev->name, rp->status);
736 hdev->flow_ctl_mode = rp->mode;
738 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
741 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
743 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
745 BT_DBG("%s status 0x%x", hdev->name, rp->status);
750 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
751 hdev->sco_mtu = rp->sco_mtu;
752 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
753 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
755 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
760 hdev->acl_cnt = hdev->acl_pkts;
761 hdev->sco_cnt = hdev->sco_pkts;
763 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
764 hdev->acl_mtu, hdev->acl_pkts,
765 hdev->sco_mtu, hdev->sco_pkts);
768 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
770 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
772 BT_DBG("%s status 0x%x", hdev->name, rp->status);
775 bacpy(&hdev->bdaddr, &rp->bdaddr);
777 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
780 static void hci_cc_read_data_block_size(struct hci_dev *hdev,
783 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
785 BT_DBG("%s status 0x%x", hdev->name, rp->status);
790 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
791 hdev->block_len = __le16_to_cpu(rp->block_len);
792 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
794 hdev->block_cnt = hdev->num_blocks;
796 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
797 hdev->block_cnt, hdev->block_len);
799 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
802 static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
804 __u8 status = *((__u8 *) skb->data);
806 BT_DBG("%s status 0x%x", hdev->name, status);
808 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
811 static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
814 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
816 BT_DBG("%s status 0x%x", hdev->name, rp->status);
821 hdev->amp_status = rp->amp_status;
822 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
823 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
824 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
825 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
826 hdev->amp_type = rp->amp_type;
827 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
828 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
829 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
830 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
832 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
835 static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
838 __u8 status = *((__u8 *) skb->data);
840 BT_DBG("%s status 0x%x", hdev->name, status);
842 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
845 static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
847 __u8 status = *((__u8 *) skb->data);
849 BT_DBG("%s status 0x%x", hdev->name, status);
851 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
854 static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
857 __u8 status = *((__u8 *) skb->data);
859 BT_DBG("%s status 0x%x", hdev->name, status);
861 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
864 static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
867 __u8 status = *((__u8 *) skb->data);
869 BT_DBG("%s status 0x%x", hdev->name, status);
871 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
874 static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
876 __u8 status = *((__u8 *) skb->data);
878 BT_DBG("%s status 0x%x", hdev->name, status);
880 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
883 static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
885 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
886 struct hci_cp_pin_code_reply *cp;
887 struct hci_conn *conn;
889 BT_DBG("%s status 0x%x", hdev->name, rp->status);
893 if (test_bit(HCI_MGMT, &hdev->flags))
894 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
899 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
903 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
905 conn->pin_length = cp->pin_len;
908 hci_dev_unlock(hdev);
911 static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
913 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
915 BT_DBG("%s status 0x%x", hdev->name, rp->status);
919 if (test_bit(HCI_MGMT, &hdev->flags))
920 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
923 hci_dev_unlock(hdev);
926 static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
929 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
931 BT_DBG("%s status 0x%x", hdev->name, rp->status);
936 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
937 hdev->le_pkts = rp->le_max_pkt;
939 hdev->le_cnt = hdev->le_pkts;
941 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
943 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
946 static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
948 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
950 BT_DBG("%s status 0x%x", hdev->name, rp->status);
954 if (test_bit(HCI_MGMT, &hdev->flags))
955 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr,
958 hci_dev_unlock(hdev);
961 static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
964 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
966 BT_DBG("%s status 0x%x", hdev->name, rp->status);
970 if (test_bit(HCI_MGMT, &hdev->flags))
971 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
974 hci_dev_unlock(hdev);
977 static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
979 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
981 BT_DBG("%s status 0x%x", hdev->name, rp->status);
985 if (test_bit(HCI_MGMT, &hdev->flags))
986 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr,
989 hci_dev_unlock(hdev);
992 static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
995 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
997 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1001 if (test_bit(HCI_MGMT, &hdev->flags))
1002 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
1005 hci_dev_unlock(hdev);
1008 static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
1009 struct sk_buff *skb)
1011 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1013 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1016 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
1017 rp->randomizer, rp->status);
1018 hci_dev_unlock(hdev);
1021 static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1023 __u8 status = *((__u8 *) skb->data);
1025 BT_DBG("%s status 0x%x", hdev->name, status);
1028 static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1029 struct sk_buff *skb)
1031 struct hci_cp_le_set_scan_enable *cp;
1032 __u8 status = *((__u8 *) skb->data);
1034 BT_DBG("%s status 0x%x", hdev->name, status);
1039 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1043 switch (cp->enable) {
1044 case LE_SCANNING_ENABLED:
1045 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1047 cancel_delayed_work_sync(&hdev->adv_work);
1050 hci_adv_entries_clear(hdev);
1051 hci_dev_unlock(hdev);
1054 case LE_SCANNING_DISABLED:
1055 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1057 cancel_delayed_work_sync(&hdev->adv_work);
1058 queue_delayed_work(hdev->workqueue, &hdev->adv_work,
1059 jiffies + ADV_CLEAR_TIMEOUT);
1063 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1068 static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1070 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1072 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1077 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1080 static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1082 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1084 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1089 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1092 static inline void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1093 struct sk_buff *skb)
1095 struct hci_cp_read_local_ext_features cp;
1096 __u8 status = *((__u8 *) skb->data);
1098 BT_DBG("%s status 0x%x", hdev->name, status);
1104 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp), &cp);
1107 static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
1109 BT_DBG("%s status 0x%x", hdev->name, status);
1112 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1113 hci_conn_check_pending(hdev);
1115 if (test_bit(HCI_MGMT, &hdev->flags))
1116 mgmt_start_discovery_failed(hdev, status);
1117 hci_dev_unlock(hdev);
1121 set_bit(HCI_INQUIRY, &hdev->flags);
1124 mgmt_discovering(hdev, 1);
1125 hci_dev_unlock(hdev);
1128 static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1130 struct hci_cp_create_conn *cp;
1131 struct hci_conn *conn;
1133 BT_DBG("%s status 0x%x", hdev->name, status);
1135 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1141 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1143 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
1146 if (conn && conn->state == BT_CONNECT) {
1147 if (status != 0x0c || conn->attempt > 2) {
1148 conn->state = BT_CLOSED;
1149 hci_proto_connect_cfm(conn, status);
1152 conn->state = BT_CONNECT2;
1156 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1159 conn->link_mode |= HCI_LM_MASTER;
1161 BT_ERR("No memory for new connection");
1165 hci_dev_unlock(hdev);
1168 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1170 struct hci_cp_add_sco *cp;
1171 struct hci_conn *acl, *sco;
1174 BT_DBG("%s status 0x%x", hdev->name, status);
1179 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1183 handle = __le16_to_cpu(cp->handle);
1185 BT_DBG("%s handle %d", hdev->name, handle);
1189 acl = hci_conn_hash_lookup_handle(hdev, handle);
1193 sco->state = BT_CLOSED;
1195 hci_proto_connect_cfm(sco, status);
1200 hci_dev_unlock(hdev);
1203 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1205 struct hci_cp_auth_requested *cp;
1206 struct hci_conn *conn;
1208 BT_DBG("%s status 0x%x", hdev->name, status);
1213 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1219 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1221 if (conn->state == BT_CONFIG) {
1222 hci_proto_connect_cfm(conn, status);
1227 hci_dev_unlock(hdev);
1230 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1232 struct hci_cp_set_conn_encrypt *cp;
1233 struct hci_conn *conn;
1235 BT_DBG("%s status 0x%x", hdev->name, status);
1240 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1246 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1248 if (conn->state == BT_CONFIG) {
1249 hci_proto_connect_cfm(conn, status);
1254 hci_dev_unlock(hdev);
1257 static int hci_outgoing_auth_needed(struct hci_dev *hdev,
1258 struct hci_conn *conn)
1260 if (conn->state != BT_CONFIG || !conn->out)
1263 if (conn->pending_sec_level == BT_SECURITY_SDP)
1266 /* Only request authentication for SSP connections or non-SSP
1267 * devices with sec_level HIGH or if MITM protection is requested */
1268 if (!(hdev->ssp_mode > 0 && conn->ssp_mode > 0) &&
1269 conn->pending_sec_level != BT_SECURITY_HIGH &&
1270 !(conn->auth_type & 0x01))
1276 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1278 struct hci_cp_remote_name_req *cp;
1279 struct hci_conn *conn;
1281 BT_DBG("%s status 0x%x", hdev->name, status);
1283 /* If successful wait for the name req complete event before
1284 * checking for the need to do authentication */
1288 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1294 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1298 if (!hci_outgoing_auth_needed(hdev, conn))
1301 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
1302 struct hci_cp_auth_requested cp;
1303 cp.handle = __cpu_to_le16(conn->handle);
1304 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1308 hci_dev_unlock(hdev);
1311 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1313 struct hci_cp_read_remote_features *cp;
1314 struct hci_conn *conn;
1316 BT_DBG("%s status 0x%x", hdev->name, status);
1321 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1327 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1329 if (conn->state == BT_CONFIG) {
1330 hci_proto_connect_cfm(conn, status);
1335 hci_dev_unlock(hdev);
1338 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1340 struct hci_cp_read_remote_ext_features *cp;
1341 struct hci_conn *conn;
1343 BT_DBG("%s status 0x%x", hdev->name, status);
1348 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1354 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1356 if (conn->state == BT_CONFIG) {
1357 hci_proto_connect_cfm(conn, status);
1362 hci_dev_unlock(hdev);
1365 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1367 struct hci_cp_setup_sync_conn *cp;
1368 struct hci_conn *acl, *sco;
1371 BT_DBG("%s status 0x%x", hdev->name, status);
1376 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1380 handle = __le16_to_cpu(cp->handle);
1382 BT_DBG("%s handle %d", hdev->name, handle);
1386 acl = hci_conn_hash_lookup_handle(hdev, handle);
1390 sco->state = BT_CLOSED;
1392 hci_proto_connect_cfm(sco, status);
1397 hci_dev_unlock(hdev);
1400 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1402 struct hci_cp_sniff_mode *cp;
1403 struct hci_conn *conn;
1405 BT_DBG("%s status 0x%x", hdev->name, status);
1410 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1416 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1418 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1420 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1421 hci_sco_setup(conn, status);
1424 hci_dev_unlock(hdev);
1427 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1429 struct hci_cp_exit_sniff_mode *cp;
1430 struct hci_conn *conn;
1432 BT_DBG("%s status 0x%x", hdev->name, status);
1437 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1443 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1445 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1447 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1448 hci_sco_setup(conn, status);
1451 hci_dev_unlock(hdev);
1454 static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1456 struct hci_cp_le_create_conn *cp;
1457 struct hci_conn *conn;
1459 BT_DBG("%s status 0x%x", hdev->name, status);
1461 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1467 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1469 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1473 if (conn && conn->state == BT_CONNECT) {
1474 conn->state = BT_CLOSED;
1475 hci_proto_connect_cfm(conn, status);
1480 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
1482 conn->dst_type = cp->peer_addr_type;
1485 BT_ERR("No memory for new connection");
1490 hci_dev_unlock(hdev);
1493 static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1495 BT_DBG("%s status 0x%x", hdev->name, status);
1498 static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1500 __u8 status = *((__u8 *) skb->data);
1502 BT_DBG("%s status %d", hdev->name, status);
1504 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1506 hci_conn_check_pending(hdev);
1508 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1512 mgmt_discovering(hdev, 0);
1513 hci_dev_unlock(hdev);
1516 static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1518 struct inquiry_data data;
1519 struct inquiry_info *info = (void *) (skb->data + 1);
1520 int num_rsp = *((__u8 *) skb->data);
1522 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1529 for (; num_rsp; num_rsp--, info++) {
1530 bacpy(&data.bdaddr, &info->bdaddr);
1531 data.pscan_rep_mode = info->pscan_rep_mode;
1532 data.pscan_period_mode = info->pscan_period_mode;
1533 data.pscan_mode = info->pscan_mode;
1534 memcpy(data.dev_class, info->dev_class, 3);
1535 data.clock_offset = info->clock_offset;
1537 data.ssp_mode = 0x00;
1538 hci_inquiry_cache_update(hdev, &data);
1539 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
1540 info->dev_class, 0, NULL);
1543 hci_dev_unlock(hdev);
1546 static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1548 struct hci_ev_conn_complete *ev = (void *) skb->data;
1549 struct hci_conn *conn;
1551 BT_DBG("%s", hdev->name);
1555 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1557 if (ev->link_type != SCO_LINK)
1560 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1564 conn->type = SCO_LINK;
1568 conn->handle = __le16_to_cpu(ev->handle);
1570 if (conn->type == ACL_LINK) {
1571 conn->state = BT_CONFIG;
1572 hci_conn_hold(conn);
1573 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1574 mgmt_connected(hdev, &ev->bdaddr, conn->type,
1577 conn->state = BT_CONNECTED;
1579 hci_conn_hold_device(conn);
1580 hci_conn_add_sysfs(conn);
1582 if (test_bit(HCI_AUTH, &hdev->flags))
1583 conn->link_mode |= HCI_LM_AUTH;
1585 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1586 conn->link_mode |= HCI_LM_ENCRYPT;
1588 /* Get remote features */
1589 if (conn->type == ACL_LINK) {
1590 struct hci_cp_read_remote_features cp;
1591 cp.handle = ev->handle;
1592 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1596 /* Set packet type for incoming connection */
1597 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1598 struct hci_cp_change_conn_ptype cp;
1599 cp.handle = ev->handle;
1600 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1601 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1605 conn->state = BT_CLOSED;
1606 if (conn->type == ACL_LINK)
1607 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
1608 conn->dst_type, ev->status);
1611 if (conn->type == ACL_LINK)
1612 hci_sco_setup(conn, ev->status);
1615 hci_proto_connect_cfm(conn, ev->status);
1617 } else if (ev->link_type != ACL_LINK)
1618 hci_proto_connect_cfm(conn, ev->status);
1621 hci_dev_unlock(hdev);
1623 hci_conn_check_pending(hdev);
1626 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1628 struct hci_ev_conn_request *ev = (void *) skb->data;
1629 int mask = hdev->link_mode;
1631 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1632 batostr(&ev->bdaddr), ev->link_type);
1634 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1636 if ((mask & HCI_LM_ACCEPT) &&
1637 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
1638 /* Connection accepted */
1639 struct inquiry_entry *ie;
1640 struct hci_conn *conn;
1644 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1646 memcpy(ie->data.dev_class, ev->dev_class, 3);
1648 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1650 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1652 BT_ERR("No memory for new connection");
1653 hci_dev_unlock(hdev);
1658 memcpy(conn->dev_class, ev->dev_class, 3);
1659 conn->state = BT_CONNECT;
1661 hci_dev_unlock(hdev);
1663 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1664 struct hci_cp_accept_conn_req cp;
1666 bacpy(&cp.bdaddr, &ev->bdaddr);
1668 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1669 cp.role = 0x00; /* Become master */
1671 cp.role = 0x01; /* Remain slave */
1673 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1676 struct hci_cp_accept_sync_conn_req cp;
1678 bacpy(&cp.bdaddr, &ev->bdaddr);
1679 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1681 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1682 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1683 cp.max_latency = cpu_to_le16(0xffff);
1684 cp.content_format = cpu_to_le16(hdev->voice_setting);
1685 cp.retrans_effort = 0xff;
1687 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1691 /* Connection rejected */
1692 struct hci_cp_reject_conn_req cp;
1694 bacpy(&cp.bdaddr, &ev->bdaddr);
1695 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
1696 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1700 static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1702 struct hci_ev_disconn_complete *ev = (void *) skb->data;
1703 struct hci_conn *conn;
1705 BT_DBG("%s status %d", hdev->name, ev->status);
1709 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1713 if (ev->status == 0)
1714 conn->state = BT_CLOSED;
1716 if (conn->type == ACL_LINK || conn->type == LE_LINK) {
1717 if (ev->status != 0)
1718 mgmt_disconnect_failed(hdev, &conn->dst, ev->status);
1720 mgmt_disconnected(hdev, &conn->dst, conn->type,
1724 if (ev->status == 0) {
1725 hci_proto_disconn_cfm(conn, ev->reason);
1730 hci_dev_unlock(hdev);
1733 static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1735 struct hci_ev_auth_complete *ev = (void *) skb->data;
1736 struct hci_conn *conn;
1738 BT_DBG("%s status %d", hdev->name, ev->status);
1742 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1747 if (!(conn->ssp_mode > 0 && hdev->ssp_mode > 0) &&
1748 test_bit(HCI_CONN_REAUTH_PEND, &conn->pend)) {
1749 BT_INFO("re-auth of legacy device is not possible.");
1751 conn->link_mode |= HCI_LM_AUTH;
1752 conn->sec_level = conn->pending_sec_level;
1755 mgmt_auth_failed(hdev, &conn->dst, ev->status);
1758 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1759 clear_bit(HCI_CONN_REAUTH_PEND, &conn->pend);
1761 if (conn->state == BT_CONFIG) {
1762 if (!ev->status && hdev->ssp_mode > 0 && conn->ssp_mode > 0) {
1763 struct hci_cp_set_conn_encrypt cp;
1764 cp.handle = ev->handle;
1766 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1769 conn->state = BT_CONNECTED;
1770 hci_proto_connect_cfm(conn, ev->status);
1774 hci_auth_cfm(conn, ev->status);
1776 hci_conn_hold(conn);
1777 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1781 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
1783 struct hci_cp_set_conn_encrypt cp;
1784 cp.handle = ev->handle;
1786 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1789 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1790 hci_encrypt_cfm(conn, ev->status, 0x00);
1795 hci_dev_unlock(hdev);
1798 static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1800 struct hci_ev_remote_name *ev = (void *) skb->data;
1801 struct hci_conn *conn;
1803 BT_DBG("%s", hdev->name);
1805 hci_conn_check_pending(hdev);
1809 if (ev->status == 0 && test_bit(HCI_MGMT, &hdev->flags))
1810 mgmt_remote_name(hdev, &ev->bdaddr, ev->name);
1812 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1816 if (!hci_outgoing_auth_needed(hdev, conn))
1819 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
1820 struct hci_cp_auth_requested cp;
1821 cp.handle = __cpu_to_le16(conn->handle);
1822 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1826 hci_dev_unlock(hdev);
1829 static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1831 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1832 struct hci_conn *conn;
1834 BT_DBG("%s status %d", hdev->name, ev->status);
1838 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1842 /* Encryption implies authentication */
1843 conn->link_mode |= HCI_LM_AUTH;
1844 conn->link_mode |= HCI_LM_ENCRYPT;
1845 conn->sec_level = conn->pending_sec_level;
1847 conn->link_mode &= ~HCI_LM_ENCRYPT;
1850 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1852 if (conn->state == BT_CONFIG) {
1854 conn->state = BT_CONNECTED;
1856 hci_proto_connect_cfm(conn, ev->status);
1859 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1862 hci_dev_unlock(hdev);
1865 static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1867 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
1868 struct hci_conn *conn;
1870 BT_DBG("%s status %d", hdev->name, ev->status);
1874 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1877 conn->link_mode |= HCI_LM_SECURE;
1879 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1881 hci_key_change_cfm(conn, ev->status);
1884 hci_dev_unlock(hdev);
1887 static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1889 struct hci_ev_remote_features *ev = (void *) skb->data;
1890 struct hci_conn *conn;
1892 BT_DBG("%s status %d", hdev->name, ev->status);
1896 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1901 memcpy(conn->features, ev->features, 8);
1903 if (conn->state != BT_CONFIG)
1906 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
1907 struct hci_cp_read_remote_ext_features cp;
1908 cp.handle = ev->handle;
1910 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
1916 struct hci_cp_remote_name_req cp;
1917 memset(&cp, 0, sizeof(cp));
1918 bacpy(&cp.bdaddr, &conn->dst);
1919 cp.pscan_rep_mode = 0x02;
1920 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1923 if (!hci_outgoing_auth_needed(hdev, conn)) {
1924 conn->state = BT_CONNECTED;
1925 hci_proto_connect_cfm(conn, ev->status);
1930 hci_dev_unlock(hdev);
1933 static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1935 BT_DBG("%s", hdev->name);
1938 static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1940 BT_DBG("%s", hdev->name);
1943 static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1945 struct hci_ev_cmd_complete *ev = (void *) skb->data;
1948 skb_pull(skb, sizeof(*ev));
1950 opcode = __le16_to_cpu(ev->opcode);
1953 case HCI_OP_INQUIRY_CANCEL:
1954 hci_cc_inquiry_cancel(hdev, skb);
1957 case HCI_OP_EXIT_PERIODIC_INQ:
1958 hci_cc_exit_periodic_inq(hdev, skb);
1961 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
1962 hci_cc_remote_name_req_cancel(hdev, skb);
1965 case HCI_OP_ROLE_DISCOVERY:
1966 hci_cc_role_discovery(hdev, skb);
1969 case HCI_OP_READ_LINK_POLICY:
1970 hci_cc_read_link_policy(hdev, skb);
1973 case HCI_OP_WRITE_LINK_POLICY:
1974 hci_cc_write_link_policy(hdev, skb);
1977 case HCI_OP_READ_DEF_LINK_POLICY:
1978 hci_cc_read_def_link_policy(hdev, skb);
1981 case HCI_OP_WRITE_DEF_LINK_POLICY:
1982 hci_cc_write_def_link_policy(hdev, skb);
1986 hci_cc_reset(hdev, skb);
1989 case HCI_OP_WRITE_LOCAL_NAME:
1990 hci_cc_write_local_name(hdev, skb);
1993 case HCI_OP_READ_LOCAL_NAME:
1994 hci_cc_read_local_name(hdev, skb);
1997 case HCI_OP_WRITE_AUTH_ENABLE:
1998 hci_cc_write_auth_enable(hdev, skb);
2001 case HCI_OP_WRITE_ENCRYPT_MODE:
2002 hci_cc_write_encrypt_mode(hdev, skb);
2005 case HCI_OP_WRITE_SCAN_ENABLE:
2006 hci_cc_write_scan_enable(hdev, skb);
2009 case HCI_OP_READ_CLASS_OF_DEV:
2010 hci_cc_read_class_of_dev(hdev, skb);
2013 case HCI_OP_WRITE_CLASS_OF_DEV:
2014 hci_cc_write_class_of_dev(hdev, skb);
2017 case HCI_OP_READ_VOICE_SETTING:
2018 hci_cc_read_voice_setting(hdev, skb);
2021 case HCI_OP_WRITE_VOICE_SETTING:
2022 hci_cc_write_voice_setting(hdev, skb);
2025 case HCI_OP_HOST_BUFFER_SIZE:
2026 hci_cc_host_buffer_size(hdev, skb);
2029 case HCI_OP_READ_SSP_MODE:
2030 hci_cc_read_ssp_mode(hdev, skb);
2033 case HCI_OP_WRITE_SSP_MODE:
2034 hci_cc_write_ssp_mode(hdev, skb);
2037 case HCI_OP_READ_LOCAL_VERSION:
2038 hci_cc_read_local_version(hdev, skb);
2041 case HCI_OP_READ_LOCAL_COMMANDS:
2042 hci_cc_read_local_commands(hdev, skb);
2045 case HCI_OP_READ_LOCAL_FEATURES:
2046 hci_cc_read_local_features(hdev, skb);
2049 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2050 hci_cc_read_local_ext_features(hdev, skb);
2053 case HCI_OP_READ_BUFFER_SIZE:
2054 hci_cc_read_buffer_size(hdev, skb);
2057 case HCI_OP_READ_BD_ADDR:
2058 hci_cc_read_bd_addr(hdev, skb);
2061 case HCI_OP_READ_DATA_BLOCK_SIZE:
2062 hci_cc_read_data_block_size(hdev, skb);
2065 case HCI_OP_WRITE_CA_TIMEOUT:
2066 hci_cc_write_ca_timeout(hdev, skb);
2069 case HCI_OP_READ_FLOW_CONTROL_MODE:
2070 hci_cc_read_flow_control_mode(hdev, skb);
2073 case HCI_OP_READ_LOCAL_AMP_INFO:
2074 hci_cc_read_local_amp_info(hdev, skb);
2077 case HCI_OP_DELETE_STORED_LINK_KEY:
2078 hci_cc_delete_stored_link_key(hdev, skb);
2081 case HCI_OP_SET_EVENT_MASK:
2082 hci_cc_set_event_mask(hdev, skb);
2085 case HCI_OP_WRITE_INQUIRY_MODE:
2086 hci_cc_write_inquiry_mode(hdev, skb);
2089 case HCI_OP_READ_INQ_RSP_TX_POWER:
2090 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2093 case HCI_OP_SET_EVENT_FLT:
2094 hci_cc_set_event_flt(hdev, skb);
2097 case HCI_OP_PIN_CODE_REPLY:
2098 hci_cc_pin_code_reply(hdev, skb);
2101 case HCI_OP_PIN_CODE_NEG_REPLY:
2102 hci_cc_pin_code_neg_reply(hdev, skb);
2105 case HCI_OP_READ_LOCAL_OOB_DATA:
2106 hci_cc_read_local_oob_data_reply(hdev, skb);
2109 case HCI_OP_LE_READ_BUFFER_SIZE:
2110 hci_cc_le_read_buffer_size(hdev, skb);
2113 case HCI_OP_USER_CONFIRM_REPLY:
2114 hci_cc_user_confirm_reply(hdev, skb);
2117 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2118 hci_cc_user_confirm_neg_reply(hdev, skb);
2121 case HCI_OP_USER_PASSKEY_REPLY:
2122 hci_cc_user_passkey_reply(hdev, skb);
2125 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2126 hci_cc_user_passkey_neg_reply(hdev, skb);
2128 case HCI_OP_LE_SET_SCAN_PARAM:
2129 hci_cc_le_set_scan_param(hdev, skb);
2132 case HCI_OP_LE_SET_SCAN_ENABLE:
2133 hci_cc_le_set_scan_enable(hdev, skb);
2136 case HCI_OP_LE_LTK_REPLY:
2137 hci_cc_le_ltk_reply(hdev, skb);
2140 case HCI_OP_LE_LTK_NEG_REPLY:
2141 hci_cc_le_ltk_neg_reply(hdev, skb);
2144 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2145 hci_cc_write_le_host_supported(hdev, skb);
2149 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2153 if (ev->opcode != HCI_OP_NOP)
2154 del_timer(&hdev->cmd_timer);
2157 atomic_set(&hdev->cmd_cnt, 1);
2158 if (!skb_queue_empty(&hdev->cmd_q))
2159 queue_work(hdev->workqueue, &hdev->cmd_work);
2163 static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2165 struct hci_ev_cmd_status *ev = (void *) skb->data;
2168 skb_pull(skb, sizeof(*ev));
2170 opcode = __le16_to_cpu(ev->opcode);
2173 case HCI_OP_INQUIRY:
2174 hci_cs_inquiry(hdev, ev->status);
2177 case HCI_OP_CREATE_CONN:
2178 hci_cs_create_conn(hdev, ev->status);
2181 case HCI_OP_ADD_SCO:
2182 hci_cs_add_sco(hdev, ev->status);
2185 case HCI_OP_AUTH_REQUESTED:
2186 hci_cs_auth_requested(hdev, ev->status);
2189 case HCI_OP_SET_CONN_ENCRYPT:
2190 hci_cs_set_conn_encrypt(hdev, ev->status);
2193 case HCI_OP_REMOTE_NAME_REQ:
2194 hci_cs_remote_name_req(hdev, ev->status);
2197 case HCI_OP_READ_REMOTE_FEATURES:
2198 hci_cs_read_remote_features(hdev, ev->status);
2201 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2202 hci_cs_read_remote_ext_features(hdev, ev->status);
2205 case HCI_OP_SETUP_SYNC_CONN:
2206 hci_cs_setup_sync_conn(hdev, ev->status);
2209 case HCI_OP_SNIFF_MODE:
2210 hci_cs_sniff_mode(hdev, ev->status);
2213 case HCI_OP_EXIT_SNIFF_MODE:
2214 hci_cs_exit_sniff_mode(hdev, ev->status);
2217 case HCI_OP_DISCONNECT:
2218 if (ev->status != 0)
2219 mgmt_disconnect_failed(hdev, NULL, ev->status);
2222 case HCI_OP_LE_CREATE_CONN:
2223 hci_cs_le_create_conn(hdev, ev->status);
2226 case HCI_OP_LE_START_ENC:
2227 hci_cs_le_start_enc(hdev, ev->status);
2231 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2235 if (ev->opcode != HCI_OP_NOP)
2236 del_timer(&hdev->cmd_timer);
2238 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
2239 atomic_set(&hdev->cmd_cnt, 1);
2240 if (!skb_queue_empty(&hdev->cmd_q))
2241 queue_work(hdev->workqueue, &hdev->cmd_work);
2245 static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2247 struct hci_ev_role_change *ev = (void *) skb->data;
2248 struct hci_conn *conn;
2250 BT_DBG("%s status %d", hdev->name, ev->status);
2254 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2258 conn->link_mode &= ~HCI_LM_MASTER;
2260 conn->link_mode |= HCI_LM_MASTER;
2263 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
2265 hci_role_switch_cfm(conn, ev->status, ev->role);
2268 hci_dev_unlock(hdev);
2271 static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
2273 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
2276 skb_pull(skb, sizeof(*ev));
2278 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2280 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2281 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2285 if (skb->len < ev->num_hndl * 4) {
2286 BT_DBG("%s bad parameters", hdev->name);
2290 for (i = 0; i < ev->num_hndl; i++) {
2291 struct hci_comp_pkts_info *info = &ev->handles[i];
2292 struct hci_conn *conn;
2293 __u16 handle, count;
2295 handle = __le16_to_cpu(info->handle);
2296 count = __le16_to_cpu(info->count);
2298 conn = hci_conn_hash_lookup_handle(hdev, handle);
2302 conn->sent -= count;
2304 switch (conn->type) {
2306 hdev->acl_cnt += count;
2307 if (hdev->acl_cnt > hdev->acl_pkts)
2308 hdev->acl_cnt = hdev->acl_pkts;
2312 if (hdev->le_pkts) {
2313 hdev->le_cnt += count;
2314 if (hdev->le_cnt > hdev->le_pkts)
2315 hdev->le_cnt = hdev->le_pkts;
2317 hdev->acl_cnt += count;
2318 if (hdev->acl_cnt > hdev->acl_pkts)
2319 hdev->acl_cnt = hdev->acl_pkts;
2324 hdev->sco_cnt += count;
2325 if (hdev->sco_cnt > hdev->sco_pkts)
2326 hdev->sco_cnt = hdev->sco_pkts;
2330 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2335 queue_work(hdev->workqueue, &hdev->tx_work);
2338 static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2340 struct hci_ev_mode_change *ev = (void *) skb->data;
2341 struct hci_conn *conn;
2343 BT_DBG("%s status %d", hdev->name, ev->status);
2347 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2349 conn->mode = ev->mode;
2350 conn->interval = __le16_to_cpu(ev->interval);
2352 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
2353 if (conn->mode == HCI_CM_ACTIVE)
2354 conn->power_save = 1;
2356 conn->power_save = 0;
2359 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
2360 hci_sco_setup(conn, ev->status);
2363 hci_dev_unlock(hdev);
2366 static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2368 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2369 struct hci_conn *conn;
2371 BT_DBG("%s", hdev->name);
2375 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2379 if (conn->state == BT_CONNECTED) {
2380 hci_conn_hold(conn);
2381 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2385 if (!test_bit(HCI_PAIRABLE, &hdev->flags))
2386 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2387 sizeof(ev->bdaddr), &ev->bdaddr);
2388 else if (test_bit(HCI_MGMT, &hdev->flags)) {
2391 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2396 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
2400 hci_dev_unlock(hdev);
2403 static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2405 struct hci_ev_link_key_req *ev = (void *) skb->data;
2406 struct hci_cp_link_key_reply cp;
2407 struct hci_conn *conn;
2408 struct link_key *key;
2410 BT_DBG("%s", hdev->name);
2412 if (!test_bit(HCI_LINK_KEYS, &hdev->flags))
2417 key = hci_find_link_key(hdev, &ev->bdaddr);
2419 BT_DBG("%s link key not found for %s", hdev->name,
2420 batostr(&ev->bdaddr));
2424 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2425 batostr(&ev->bdaddr));
2427 if (!test_bit(HCI_DEBUG_KEYS, &hdev->flags) &&
2428 key->type == HCI_LK_DEBUG_COMBINATION) {
2429 BT_DBG("%s ignoring debug key", hdev->name);
2433 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2435 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
2436 conn->auth_type != 0xff &&
2437 (conn->auth_type & 0x01)) {
2438 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2442 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
2443 conn->pending_sec_level == BT_SECURITY_HIGH) {
2444 BT_DBG("%s ignoring key unauthenticated for high \
2445 security", hdev->name);
2449 conn->key_type = key->type;
2450 conn->pin_length = key->pin_len;
2453 bacpy(&cp.bdaddr, &ev->bdaddr);
2454 memcpy(cp.link_key, key->val, 16);
2456 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2458 hci_dev_unlock(hdev);
2463 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2464 hci_dev_unlock(hdev);
2467 static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2469 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2470 struct hci_conn *conn;
2473 BT_DBG("%s", hdev->name);
2477 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2479 hci_conn_hold(conn);
2480 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2481 pin_len = conn->pin_length;
2483 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2484 conn->key_type = ev->key_type;
2489 if (test_bit(HCI_LINK_KEYS, &hdev->flags))
2490 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
2491 ev->key_type, pin_len);
2493 hci_dev_unlock(hdev);
2496 static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2498 struct hci_ev_clock_offset *ev = (void *) skb->data;
2499 struct hci_conn *conn;
2501 BT_DBG("%s status %d", hdev->name, ev->status);
2505 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2506 if (conn && !ev->status) {
2507 struct inquiry_entry *ie;
2509 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2511 ie->data.clock_offset = ev->clock_offset;
2512 ie->timestamp = jiffies;
2516 hci_dev_unlock(hdev);
2519 static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2521 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2522 struct hci_conn *conn;
2524 BT_DBG("%s status %d", hdev->name, ev->status);
2528 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2529 if (conn && !ev->status)
2530 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2532 hci_dev_unlock(hdev);
2535 static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2537 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
2538 struct inquiry_entry *ie;
2540 BT_DBG("%s", hdev->name);
2544 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2546 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2547 ie->timestamp = jiffies;
2550 hci_dev_unlock(hdev);
2553 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2555 struct inquiry_data data;
2556 int num_rsp = *((__u8 *) skb->data);
2558 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2565 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
2566 struct inquiry_info_with_rssi_and_pscan_mode *info;
2567 info = (void *) (skb->data + 1);
2569 for (; num_rsp; num_rsp--, info++) {
2570 bacpy(&data.bdaddr, &info->bdaddr);
2571 data.pscan_rep_mode = info->pscan_rep_mode;
2572 data.pscan_period_mode = info->pscan_period_mode;
2573 data.pscan_mode = info->pscan_mode;
2574 memcpy(data.dev_class, info->dev_class, 3);
2575 data.clock_offset = info->clock_offset;
2576 data.rssi = info->rssi;
2577 data.ssp_mode = 0x00;
2578 hci_inquiry_cache_update(hdev, &data);
2579 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
2580 info->dev_class, info->rssi,
2584 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2586 for (; num_rsp; num_rsp--, info++) {
2587 bacpy(&data.bdaddr, &info->bdaddr);
2588 data.pscan_rep_mode = info->pscan_rep_mode;
2589 data.pscan_period_mode = info->pscan_period_mode;
2590 data.pscan_mode = 0x00;
2591 memcpy(data.dev_class, info->dev_class, 3);
2592 data.clock_offset = info->clock_offset;
2593 data.rssi = info->rssi;
2594 data.ssp_mode = 0x00;
2595 hci_inquiry_cache_update(hdev, &data);
2596 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
2597 info->dev_class, info->rssi,
2602 hci_dev_unlock(hdev);
2605 static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2607 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2608 struct hci_conn *conn;
2610 BT_DBG("%s", hdev->name);
2614 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2618 if (!ev->status && ev->page == 0x01) {
2619 struct inquiry_entry *ie;
2621 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2623 ie->data.ssp_mode = (ev->features[0] & 0x01);
2625 conn->ssp_mode = (ev->features[0] & 0x01);
2628 if (conn->state != BT_CONFIG)
2632 struct hci_cp_remote_name_req cp;
2633 memset(&cp, 0, sizeof(cp));
2634 bacpy(&cp.bdaddr, &conn->dst);
2635 cp.pscan_rep_mode = 0x02;
2636 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2639 if (!hci_outgoing_auth_needed(hdev, conn)) {
2640 conn->state = BT_CONNECTED;
2641 hci_proto_connect_cfm(conn, ev->status);
2646 hci_dev_unlock(hdev);
2649 static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2651 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2652 struct hci_conn *conn;
2654 BT_DBG("%s status %d", hdev->name, ev->status);
2658 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
2660 if (ev->link_type == ESCO_LINK)
2663 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2667 conn->type = SCO_LINK;
2670 switch (ev->status) {
2672 conn->handle = __le16_to_cpu(ev->handle);
2673 conn->state = BT_CONNECTED;
2675 hci_conn_hold_device(conn);
2676 hci_conn_add_sysfs(conn);
2679 case 0x11: /* Unsupported Feature or Parameter Value */
2680 case 0x1c: /* SCO interval rejected */
2681 case 0x1a: /* Unsupported Remote Feature */
2682 case 0x1f: /* Unspecified error */
2683 if (conn->out && conn->attempt < 2) {
2684 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2685 (hdev->esco_type & EDR_ESCO_MASK);
2686 hci_setup_sync(conn, conn->link->handle);
2692 conn->state = BT_CLOSED;
2696 hci_proto_connect_cfm(conn, ev->status);
2701 hci_dev_unlock(hdev);
2704 static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2706 BT_DBG("%s", hdev->name);
2709 static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2711 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
2713 BT_DBG("%s status %d", hdev->name, ev->status);
2716 static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
2718 struct inquiry_data data;
2719 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2720 int num_rsp = *((__u8 *) skb->data);
2722 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2729 for (; num_rsp; num_rsp--, info++) {
2730 bacpy(&data.bdaddr, &info->bdaddr);
2731 data.pscan_rep_mode = info->pscan_rep_mode;
2732 data.pscan_period_mode = info->pscan_period_mode;
2733 data.pscan_mode = 0x00;
2734 memcpy(data.dev_class, info->dev_class, 3);
2735 data.clock_offset = info->clock_offset;
2736 data.rssi = info->rssi;
2737 data.ssp_mode = 0x01;
2738 hci_inquiry_cache_update(hdev, &data);
2739 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
2740 info->dev_class, info->rssi, info->data);
2743 hci_dev_unlock(hdev);
2746 static inline u8 hci_get_auth_req(struct hci_conn *conn)
2748 /* If remote requests dedicated bonding follow that lead */
2749 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2750 /* If both remote and local IO capabilities allow MITM
2751 * protection then require it, otherwise don't */
2752 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2758 /* If remote requests no-bonding follow that lead */
2759 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
2760 return conn->remote_auth | (conn->auth_type & 0x01);
2762 return conn->auth_type;
2765 static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2767 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2768 struct hci_conn *conn;
2770 BT_DBG("%s", hdev->name);
2774 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2778 hci_conn_hold(conn);
2780 if (!test_bit(HCI_MGMT, &hdev->flags))
2783 if (test_bit(HCI_PAIRABLE, &hdev->flags) ||
2784 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
2785 struct hci_cp_io_capability_reply cp;
2787 bacpy(&cp.bdaddr, &ev->bdaddr);
2788 cp.capability = conn->io_capability;
2789 conn->auth_type = hci_get_auth_req(conn);
2790 cp.authentication = conn->auth_type;
2792 if ((conn->out == 0x01 || conn->remote_oob == 0x01) &&
2793 hci_find_remote_oob_data(hdev, &conn->dst))
2798 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
2801 struct hci_cp_io_capability_neg_reply cp;
2803 bacpy(&cp.bdaddr, &ev->bdaddr);
2804 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
2806 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
2811 hci_dev_unlock(hdev);
2814 static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
2816 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
2817 struct hci_conn *conn;
2819 BT_DBG("%s", hdev->name);
2823 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2827 conn->remote_cap = ev->capability;
2828 conn->remote_oob = ev->oob_data;
2829 conn->remote_auth = ev->authentication;
2832 hci_dev_unlock(hdev);
2835 static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
2836 struct sk_buff *skb)
2838 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
2839 int loc_mitm, rem_mitm, confirm_hint = 0;
2840 struct hci_conn *conn;
2842 BT_DBG("%s", hdev->name);
2846 if (!test_bit(HCI_MGMT, &hdev->flags))
2849 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2853 loc_mitm = (conn->auth_type & 0x01);
2854 rem_mitm = (conn->remote_auth & 0x01);
2856 /* If we require MITM but the remote device can't provide that
2857 * (it has NoInputNoOutput) then reject the confirmation
2858 * request. The only exception is when we're dedicated bonding
2859 * initiators (connect_cfm_cb set) since then we always have the MITM
2861 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
2862 BT_DBG("Rejecting request: remote device can't provide MITM");
2863 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
2864 sizeof(ev->bdaddr), &ev->bdaddr);
2868 /* If no side requires MITM protection; auto-accept */
2869 if ((!loc_mitm || conn->remote_cap == 0x03) &&
2870 (!rem_mitm || conn->io_capability == 0x03)) {
2872 /* If we're not the initiators request authorization to
2873 * proceed from user space (mgmt_user_confirm with
2874 * confirm_hint set to 1). */
2875 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
2876 BT_DBG("Confirming auto-accept as acceptor");
2881 BT_DBG("Auto-accept of user confirmation with %ums delay",
2882 hdev->auto_accept_delay);
2884 if (hdev->auto_accept_delay > 0) {
2885 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
2886 mod_timer(&conn->auto_accept_timer, jiffies + delay);
2890 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
2891 sizeof(ev->bdaddr), &ev->bdaddr);
2896 mgmt_user_confirm_request(hdev, &ev->bdaddr, ev->passkey,
2900 hci_dev_unlock(hdev);
2903 static inline void hci_user_passkey_request_evt(struct hci_dev *hdev,
2904 struct sk_buff *skb)
2906 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
2908 BT_DBG("%s", hdev->name);
2912 if (test_bit(HCI_MGMT, &hdev->flags))
2913 mgmt_user_passkey_request(hdev, &ev->bdaddr);
2915 hci_dev_unlock(hdev);
2918 static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2920 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
2921 struct hci_conn *conn;
2923 BT_DBG("%s", hdev->name);
2927 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2931 /* To avoid duplicate auth_failed events to user space we check
2932 * the HCI_CONN_AUTH_PEND flag which will be set if we
2933 * initiated the authentication. A traditional auth_complete
2934 * event gets always produced as initiator and is also mapped to
2935 * the mgmt_auth_failed event */
2936 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->pend) && ev->status != 0)
2937 mgmt_auth_failed(hdev, &conn->dst, ev->status);
2942 hci_dev_unlock(hdev);
2945 static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2947 struct hci_ev_remote_host_features *ev = (void *) skb->data;
2948 struct inquiry_entry *ie;
2950 BT_DBG("%s", hdev->name);
2954 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2956 ie->data.ssp_mode = (ev->features[0] & 0x01);
2958 hci_dev_unlock(hdev);
2961 static inline void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
2962 struct sk_buff *skb)
2964 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
2965 struct oob_data *data;
2967 BT_DBG("%s", hdev->name);
2971 if (!test_bit(HCI_MGMT, &hdev->flags))
2974 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
2976 struct hci_cp_remote_oob_data_reply cp;
2978 bacpy(&cp.bdaddr, &ev->bdaddr);
2979 memcpy(cp.hash, data->hash, sizeof(cp.hash));
2980 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
2982 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
2985 struct hci_cp_remote_oob_data_neg_reply cp;
2987 bacpy(&cp.bdaddr, &ev->bdaddr);
2988 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
2993 hci_dev_unlock(hdev);
2996 static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2998 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
2999 struct hci_conn *conn;
3001 BT_DBG("%s status %d", hdev->name, ev->status);
3005 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
3007 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3009 BT_ERR("No memory for new connection");
3010 hci_dev_unlock(hdev);
3014 conn->dst_type = ev->bdaddr_type;
3018 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
3019 conn->dst_type, ev->status);
3020 hci_proto_connect_cfm(conn, ev->status);
3021 conn->state = BT_CLOSED;
3026 mgmt_connected(hdev, &ev->bdaddr, conn->type, conn->dst_type);
3028 conn->sec_level = BT_SECURITY_LOW;
3029 conn->handle = __le16_to_cpu(ev->handle);
3030 conn->state = BT_CONNECTED;
3032 hci_conn_hold_device(conn);
3033 hci_conn_add_sysfs(conn);
3035 hci_proto_connect_cfm(conn, ev->status);
3038 hci_dev_unlock(hdev);
3041 static inline void hci_le_adv_report_evt(struct hci_dev *hdev,
3042 struct sk_buff *skb)
3044 u8 num_reports = skb->data[0];
3045 void *ptr = &skb->data[1];
3049 while (num_reports--) {
3050 struct hci_ev_le_advertising_info *ev = ptr;
3052 hci_add_adv_entry(hdev, ev);
3054 ptr += sizeof(*ev) + ev->length + 1;
3057 hci_dev_unlock(hdev);
3060 static inline void hci_le_ltk_request_evt(struct hci_dev *hdev,
3061 struct sk_buff *skb)
3063 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3064 struct hci_cp_le_ltk_reply cp;
3065 struct hci_cp_le_ltk_neg_reply neg;
3066 struct hci_conn *conn;
3067 struct link_key *ltk;
3069 BT_DBG("%s handle %d", hdev->name, cpu_to_le16(ev->handle));
3073 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3077 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3081 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
3082 cp.handle = cpu_to_le16(conn->handle);
3083 conn->pin_length = ltk->pin_len;
3085 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3087 hci_dev_unlock(hdev);
3092 neg.handle = ev->handle;
3093 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3094 hci_dev_unlock(hdev);
3097 static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
3099 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3101 skb_pull(skb, sizeof(*le_ev));
3103 switch (le_ev->subevent) {
3104 case HCI_EV_LE_CONN_COMPLETE:
3105 hci_le_conn_complete_evt(hdev, skb);
3108 case HCI_EV_LE_ADVERTISING_REPORT:
3109 hci_le_adv_report_evt(hdev, skb);
3112 case HCI_EV_LE_LTK_REQ:
3113 hci_le_ltk_request_evt(hdev, skb);
3121 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3123 struct hci_event_hdr *hdr = (void *) skb->data;
3124 __u8 event = hdr->evt;
3126 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3129 case HCI_EV_INQUIRY_COMPLETE:
3130 hci_inquiry_complete_evt(hdev, skb);
3133 case HCI_EV_INQUIRY_RESULT:
3134 hci_inquiry_result_evt(hdev, skb);
3137 case HCI_EV_CONN_COMPLETE:
3138 hci_conn_complete_evt(hdev, skb);
3141 case HCI_EV_CONN_REQUEST:
3142 hci_conn_request_evt(hdev, skb);
3145 case HCI_EV_DISCONN_COMPLETE:
3146 hci_disconn_complete_evt(hdev, skb);
3149 case HCI_EV_AUTH_COMPLETE:
3150 hci_auth_complete_evt(hdev, skb);
3153 case HCI_EV_REMOTE_NAME:
3154 hci_remote_name_evt(hdev, skb);
3157 case HCI_EV_ENCRYPT_CHANGE:
3158 hci_encrypt_change_evt(hdev, skb);
3161 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3162 hci_change_link_key_complete_evt(hdev, skb);
3165 case HCI_EV_REMOTE_FEATURES:
3166 hci_remote_features_evt(hdev, skb);
3169 case HCI_EV_REMOTE_VERSION:
3170 hci_remote_version_evt(hdev, skb);
3173 case HCI_EV_QOS_SETUP_COMPLETE:
3174 hci_qos_setup_complete_evt(hdev, skb);
3177 case HCI_EV_CMD_COMPLETE:
3178 hci_cmd_complete_evt(hdev, skb);
3181 case HCI_EV_CMD_STATUS:
3182 hci_cmd_status_evt(hdev, skb);
3185 case HCI_EV_ROLE_CHANGE:
3186 hci_role_change_evt(hdev, skb);
3189 case HCI_EV_NUM_COMP_PKTS:
3190 hci_num_comp_pkts_evt(hdev, skb);
3193 case HCI_EV_MODE_CHANGE:
3194 hci_mode_change_evt(hdev, skb);
3197 case HCI_EV_PIN_CODE_REQ:
3198 hci_pin_code_request_evt(hdev, skb);
3201 case HCI_EV_LINK_KEY_REQ:
3202 hci_link_key_request_evt(hdev, skb);
3205 case HCI_EV_LINK_KEY_NOTIFY:
3206 hci_link_key_notify_evt(hdev, skb);
3209 case HCI_EV_CLOCK_OFFSET:
3210 hci_clock_offset_evt(hdev, skb);
3213 case HCI_EV_PKT_TYPE_CHANGE:
3214 hci_pkt_type_change_evt(hdev, skb);
3217 case HCI_EV_PSCAN_REP_MODE:
3218 hci_pscan_rep_mode_evt(hdev, skb);
3221 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3222 hci_inquiry_result_with_rssi_evt(hdev, skb);
3225 case HCI_EV_REMOTE_EXT_FEATURES:
3226 hci_remote_ext_features_evt(hdev, skb);
3229 case HCI_EV_SYNC_CONN_COMPLETE:
3230 hci_sync_conn_complete_evt(hdev, skb);
3233 case HCI_EV_SYNC_CONN_CHANGED:
3234 hci_sync_conn_changed_evt(hdev, skb);
3237 case HCI_EV_SNIFF_SUBRATE:
3238 hci_sniff_subrate_evt(hdev, skb);
3241 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3242 hci_extended_inquiry_result_evt(hdev, skb);
3245 case HCI_EV_IO_CAPA_REQUEST:
3246 hci_io_capa_request_evt(hdev, skb);
3249 case HCI_EV_IO_CAPA_REPLY:
3250 hci_io_capa_reply_evt(hdev, skb);
3253 case HCI_EV_USER_CONFIRM_REQUEST:
3254 hci_user_confirm_request_evt(hdev, skb);
3257 case HCI_EV_USER_PASSKEY_REQUEST:
3258 hci_user_passkey_request_evt(hdev, skb);
3261 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3262 hci_simple_pair_complete_evt(hdev, skb);
3265 case HCI_EV_REMOTE_HOST_FEATURES:
3266 hci_remote_host_features_evt(hdev, skb);
3269 case HCI_EV_LE_META:
3270 hci_le_meta_evt(hdev, skb);
3273 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3274 hci_remote_oob_data_request_evt(hdev, skb);
3278 BT_DBG("%s event 0x%x", hdev->name, event);
3283 hdev->stat.evt_rx++;
3286 /* Generate internal stack event */
3287 void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
3289 struct hci_event_hdr *hdr;
3290 struct hci_ev_stack_internal *ev;
3291 struct sk_buff *skb;
3293 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
3297 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
3298 hdr->evt = HCI_EV_STACK_INTERNAL;
3299 hdr->plen = sizeof(*ev) + dlen;
3301 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
3303 memcpy(ev->data, data, dlen);
3305 bt_cb(skb)->incoming = 1;
3306 __net_timestamp(skb);
3308 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
3309 skb->dev = (void *) hdev;
3310 hci_send_to_sock(hdev, skb, NULL);
3314 module_param(enable_le, bool, 0644);
3315 MODULE_PARM_DESC(enable_le, "Enable LE support");
projects / linux-flexiantxendom0-3.2.10.git / blob