2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI event handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
41 #include <asm/system.h>
42 #include <linux/uaccess.h>
43 #include <asm/unaligned.h>
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
50 /* Handle HCI Event packets */
52 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
54 __u8 status = *((__u8 *) skb->data);
56 BT_DBG("%s status 0x%x", hdev->name, status);
60 mgmt_stop_discovery_failed(hdev, status);
65 clear_bit(HCI_INQUIRY, &hdev->flags);
68 mgmt_discovering(hdev, 0);
71 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
73 hci_conn_check_pending(hdev);
76 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
78 __u8 status = *((__u8 *) skb->data);
80 BT_DBG("%s status 0x%x", hdev->name, status);
85 hci_conn_check_pending(hdev);
88 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
90 BT_DBG("%s", hdev->name);
93 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
95 struct hci_rp_role_discovery *rp = (void *) skb->data;
96 struct hci_conn *conn;
98 BT_DBG("%s status 0x%x", hdev->name, rp->status);
105 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
108 conn->link_mode &= ~HCI_LM_MASTER;
110 conn->link_mode |= HCI_LM_MASTER;
113 hci_dev_unlock(hdev);
116 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
118 struct hci_rp_read_link_policy *rp = (void *) skb->data;
119 struct hci_conn *conn;
121 BT_DBG("%s status 0x%x", hdev->name, rp->status);
128 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
130 conn->link_policy = __le16_to_cpu(rp->policy);
132 hci_dev_unlock(hdev);
135 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
137 struct hci_rp_write_link_policy *rp = (void *) skb->data;
138 struct hci_conn *conn;
141 BT_DBG("%s status 0x%x", hdev->name, rp->status);
146 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
152 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
154 conn->link_policy = get_unaligned_le16(sent + 2);
156 hci_dev_unlock(hdev);
159 static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
161 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
163 BT_DBG("%s status 0x%x", hdev->name, rp->status);
168 hdev->link_policy = __le16_to_cpu(rp->policy);
171 static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
173 __u8 status = *((__u8 *) skb->data);
176 BT_DBG("%s status 0x%x", hdev->name, status);
178 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
183 hdev->link_policy = get_unaligned_le16(sent);
185 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
188 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
190 __u8 status = *((__u8 *) skb->data);
192 BT_DBG("%s status 0x%x", hdev->name, status);
194 clear_bit(HCI_RESET, &hdev->flags);
196 hci_req_complete(hdev, HCI_OP_RESET, status);
201 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
203 __u8 status = *((__u8 *) skb->data);
206 BT_DBG("%s status 0x%x", hdev->name, status);
208 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
214 if (test_bit(HCI_MGMT, &hdev->flags))
215 mgmt_set_local_name_complete(hdev, sent, status);
218 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
220 hci_dev_unlock(hdev);
223 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
225 struct hci_rp_read_local_name *rp = (void *) skb->data;
227 BT_DBG("%s status 0x%x", hdev->name, rp->status);
232 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
235 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
237 __u8 status = *((__u8 *) skb->data);
240 BT_DBG("%s status 0x%x", hdev->name, status);
242 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
247 __u8 param = *((__u8 *) sent);
249 if (param == AUTH_ENABLED)
250 set_bit(HCI_AUTH, &hdev->flags);
252 clear_bit(HCI_AUTH, &hdev->flags);
255 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
258 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
260 __u8 status = *((__u8 *) skb->data);
263 BT_DBG("%s status 0x%x", hdev->name, status);
265 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
270 __u8 param = *((__u8 *) sent);
273 set_bit(HCI_ENCRYPT, &hdev->flags);
275 clear_bit(HCI_ENCRYPT, &hdev->flags);
278 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
281 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
283 __u8 param, status = *((__u8 *) skb->data);
284 int old_pscan, old_iscan;
287 BT_DBG("%s status 0x%x", hdev->name, status);
289 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
293 param = *((__u8 *) sent);
298 mgmt_write_scan_failed(hdev, param, status);
299 hdev->discov_timeout = 0;
303 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
304 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
306 if (param & SCAN_INQUIRY) {
307 set_bit(HCI_ISCAN, &hdev->flags);
309 mgmt_discoverable(hdev, 1);
310 if (hdev->discov_timeout > 0) {
311 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
312 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
315 } else if (old_iscan)
316 mgmt_discoverable(hdev, 0);
318 if (param & SCAN_PAGE) {
319 set_bit(HCI_PSCAN, &hdev->flags);
321 mgmt_connectable(hdev, 1);
322 } else if (old_pscan)
323 mgmt_connectable(hdev, 0);
326 hci_dev_unlock(hdev);
327 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
330 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
332 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
334 BT_DBG("%s status 0x%x", hdev->name, rp->status);
339 memcpy(hdev->dev_class, rp->dev_class, 3);
341 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
342 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
345 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
347 __u8 status = *((__u8 *) skb->data);
350 BT_DBG("%s status 0x%x", hdev->name, status);
355 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
359 memcpy(hdev->dev_class, sent, 3);
362 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
364 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
367 BT_DBG("%s status 0x%x", hdev->name, rp->status);
372 setting = __le16_to_cpu(rp->voice_setting);
374 if (hdev->voice_setting == setting)
377 hdev->voice_setting = setting;
379 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
382 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
385 static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
387 __u8 status = *((__u8 *) skb->data);
391 BT_DBG("%s status 0x%x", hdev->name, status);
396 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
400 setting = get_unaligned_le16(sent);
402 if (hdev->voice_setting == setting)
405 hdev->voice_setting = setting;
407 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
410 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
413 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
415 __u8 status = *((__u8 *) skb->data);
417 BT_DBG("%s status 0x%x", hdev->name, status);
419 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
422 static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
424 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
426 BT_DBG("%s status 0x%x", hdev->name, rp->status);
431 hdev->ssp_mode = rp->mode;
434 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
436 __u8 status = *((__u8 *) skb->data);
439 BT_DBG("%s status 0x%x", hdev->name, status);
444 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
448 hdev->ssp_mode = *((__u8 *) sent);
451 static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
453 if (hdev->features[6] & LMP_EXT_INQ)
456 if (hdev->features[3] & LMP_RSSI_INQ)
459 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
460 hdev->lmp_subver == 0x0757)
463 if (hdev->manufacturer == 15) {
464 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
466 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
468 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
472 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
473 hdev->lmp_subver == 0x1805)
479 static void hci_setup_inquiry_mode(struct hci_dev *hdev)
483 mode = hci_get_inquiry_mode(hdev);
485 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
488 static void hci_setup_event_mask(struct hci_dev *hdev)
490 /* The second byte is 0xff instead of 0x9f (two reserved bits
491 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
492 * command otherwise */
493 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
495 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
496 * any event mask for pre 1.2 devices */
497 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
500 events[4] |= 0x01; /* Flow Specification Complete */
501 events[4] |= 0x02; /* Inquiry Result with RSSI */
502 events[4] |= 0x04; /* Read Remote Extended Features Complete */
503 events[5] |= 0x08; /* Synchronous Connection Complete */
504 events[5] |= 0x10; /* Synchronous Connection Changed */
506 if (hdev->features[3] & LMP_RSSI_INQ)
507 events[4] |= 0x04; /* Inquiry Result with RSSI */
509 if (hdev->features[5] & LMP_SNIFF_SUBR)
510 events[5] |= 0x20; /* Sniff Subrating */
512 if (hdev->features[5] & LMP_PAUSE_ENC)
513 events[5] |= 0x80; /* Encryption Key Refresh Complete */
515 if (hdev->features[6] & LMP_EXT_INQ)
516 events[5] |= 0x40; /* Extended Inquiry Result */
518 if (hdev->features[6] & LMP_NO_FLUSH)
519 events[7] |= 0x01; /* Enhanced Flush Complete */
521 if (hdev->features[7] & LMP_LSTO)
522 events[6] |= 0x80; /* Link Supervision Timeout Changed */
524 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
525 events[6] |= 0x01; /* IO Capability Request */
526 events[6] |= 0x02; /* IO Capability Response */
527 events[6] |= 0x04; /* User Confirmation Request */
528 events[6] |= 0x08; /* User Passkey Request */
529 events[6] |= 0x10; /* Remote OOB Data Request */
530 events[6] |= 0x20; /* Simple Pairing Complete */
531 events[7] |= 0x04; /* User Passkey Notification */
532 events[7] |= 0x08; /* Keypress Notification */
533 events[7] |= 0x10; /* Remote Host Supported
534 * Features Notification */
537 if (hdev->features[4] & LMP_LE)
538 events[7] |= 0x20; /* LE Meta-Event */
540 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
543 static void hci_set_le_support(struct hci_dev *hdev)
545 struct hci_cp_write_le_host_supported cp;
547 memset(&cp, 0, sizeof(cp));
551 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
554 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp), &cp);
557 static void hci_setup(struct hci_dev *hdev)
559 if (hdev->dev_type != HCI_BREDR)
562 hci_setup_event_mask(hdev);
564 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
565 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
567 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
569 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
572 if (hdev->features[3] & LMP_RSSI_INQ)
573 hci_setup_inquiry_mode(hdev);
575 if (hdev->features[7] & LMP_INQ_TX_PWR)
576 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
578 if (hdev->features[7] & LMP_EXTFEATURES) {
579 struct hci_cp_read_local_ext_features cp;
582 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES,
586 if (hdev->features[4] & LMP_LE)
587 hci_set_le_support(hdev);
590 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
592 struct hci_rp_read_local_version *rp = (void *) skb->data;
594 BT_DBG("%s status 0x%x", hdev->name, rp->status);
599 hdev->hci_ver = rp->hci_ver;
600 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
601 hdev->lmp_ver = rp->lmp_ver;
602 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
603 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
605 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
607 hdev->hci_ver, hdev->hci_rev);
609 if (test_bit(HCI_INIT, &hdev->flags))
613 static void hci_setup_link_policy(struct hci_dev *hdev)
617 if (hdev->features[0] & LMP_RSWITCH)
618 link_policy |= HCI_LP_RSWITCH;
619 if (hdev->features[0] & LMP_HOLD)
620 link_policy |= HCI_LP_HOLD;
621 if (hdev->features[0] & LMP_SNIFF)
622 link_policy |= HCI_LP_SNIFF;
623 if (hdev->features[1] & LMP_PARK)
624 link_policy |= HCI_LP_PARK;
626 link_policy = cpu_to_le16(link_policy);
627 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
628 sizeof(link_policy), &link_policy);
631 static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
633 struct hci_rp_read_local_commands *rp = (void *) skb->data;
635 BT_DBG("%s status 0x%x", hdev->name, rp->status);
640 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
642 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
643 hci_setup_link_policy(hdev);
646 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
649 static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
651 struct hci_rp_read_local_features *rp = (void *) skb->data;
653 BT_DBG("%s status 0x%x", hdev->name, rp->status);
658 memcpy(hdev->features, rp->features, 8);
660 /* Adjust default settings according to features
661 * supported by device. */
663 if (hdev->features[0] & LMP_3SLOT)
664 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
666 if (hdev->features[0] & LMP_5SLOT)
667 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
669 if (hdev->features[1] & LMP_HV2) {
670 hdev->pkt_type |= (HCI_HV2);
671 hdev->esco_type |= (ESCO_HV2);
674 if (hdev->features[1] & LMP_HV3) {
675 hdev->pkt_type |= (HCI_HV3);
676 hdev->esco_type |= (ESCO_HV3);
679 if (hdev->features[3] & LMP_ESCO)
680 hdev->esco_type |= (ESCO_EV3);
682 if (hdev->features[4] & LMP_EV4)
683 hdev->esco_type |= (ESCO_EV4);
685 if (hdev->features[4] & LMP_EV5)
686 hdev->esco_type |= (ESCO_EV5);
688 if (hdev->features[5] & LMP_EDR_ESCO_2M)
689 hdev->esco_type |= (ESCO_2EV3);
691 if (hdev->features[5] & LMP_EDR_ESCO_3M)
692 hdev->esco_type |= (ESCO_3EV3);
694 if (hdev->features[5] & LMP_EDR_3S_ESCO)
695 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
697 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
698 hdev->features[0], hdev->features[1],
699 hdev->features[2], hdev->features[3],
700 hdev->features[4], hdev->features[5],
701 hdev->features[6], hdev->features[7]);
704 static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
707 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
709 BT_DBG("%s status 0x%x", hdev->name, rp->status);
716 memcpy(hdev->features, rp->features, 8);
719 memcpy(hdev->host_features, rp->features, 8);
723 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
726 static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
729 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
731 BT_DBG("%s status 0x%x", hdev->name, rp->status);
736 hdev->flow_ctl_mode = rp->mode;
738 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
741 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
743 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
745 BT_DBG("%s status 0x%x", hdev->name, rp->status);
750 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
751 hdev->sco_mtu = rp->sco_mtu;
752 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
753 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
755 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
760 hdev->acl_cnt = hdev->acl_pkts;
761 hdev->sco_cnt = hdev->sco_pkts;
763 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
764 hdev->acl_mtu, hdev->acl_pkts,
765 hdev->sco_mtu, hdev->sco_pkts);
768 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
770 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
772 BT_DBG("%s status 0x%x", hdev->name, rp->status);
775 bacpy(&hdev->bdaddr, &rp->bdaddr);
777 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
780 static void hci_cc_read_data_block_size(struct hci_dev *hdev,
783 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
785 BT_DBG("%s status 0x%x", hdev->name, rp->status);
790 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
791 hdev->block_len = __le16_to_cpu(rp->block_len);
792 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
794 hdev->block_cnt = hdev->num_blocks;
796 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
797 hdev->block_cnt, hdev->block_len);
799 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
802 static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
804 __u8 status = *((__u8 *) skb->data);
806 BT_DBG("%s status 0x%x", hdev->name, status);
808 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
811 static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
814 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
816 BT_DBG("%s status 0x%x", hdev->name, rp->status);
821 hdev->amp_status = rp->amp_status;
822 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
823 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
824 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
825 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
826 hdev->amp_type = rp->amp_type;
827 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
828 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
829 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
830 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
832 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
835 static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
838 __u8 status = *((__u8 *) skb->data);
840 BT_DBG("%s status 0x%x", hdev->name, status);
842 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
845 static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
847 __u8 status = *((__u8 *) skb->data);
849 BT_DBG("%s status 0x%x", hdev->name, status);
851 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
854 static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
857 __u8 status = *((__u8 *) skb->data);
859 BT_DBG("%s status 0x%x", hdev->name, status);
861 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
864 static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
867 __u8 status = *((__u8 *) skb->data);
869 BT_DBG("%s status 0x%x", hdev->name, status);
871 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
874 static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
876 __u8 status = *((__u8 *) skb->data);
878 BT_DBG("%s status 0x%x", hdev->name, status);
880 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
883 static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
885 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
886 struct hci_cp_pin_code_reply *cp;
887 struct hci_conn *conn;
889 BT_DBG("%s status 0x%x", hdev->name, rp->status);
893 if (test_bit(HCI_MGMT, &hdev->flags))
894 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
899 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
903 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
905 conn->pin_length = cp->pin_len;
908 hci_dev_unlock(hdev);
911 static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
913 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
915 BT_DBG("%s status 0x%x", hdev->name, rp->status);
919 if (test_bit(HCI_MGMT, &hdev->flags))
920 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
923 hci_dev_unlock(hdev);
926 static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
929 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
931 BT_DBG("%s status 0x%x", hdev->name, rp->status);
936 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
937 hdev->le_pkts = rp->le_max_pkt;
939 hdev->le_cnt = hdev->le_pkts;
941 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
943 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
946 static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
948 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
950 BT_DBG("%s status 0x%x", hdev->name, rp->status);
954 if (test_bit(HCI_MGMT, &hdev->flags))
955 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr,
958 hci_dev_unlock(hdev);
961 static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
964 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
966 BT_DBG("%s status 0x%x", hdev->name, rp->status);
970 if (test_bit(HCI_MGMT, &hdev->flags))
971 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
974 hci_dev_unlock(hdev);
977 static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
979 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
981 BT_DBG("%s status 0x%x", hdev->name, rp->status);
985 if (test_bit(HCI_MGMT, &hdev->flags))
986 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr,
989 hci_dev_unlock(hdev);
992 static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
995 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
997 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1001 if (test_bit(HCI_MGMT, &hdev->flags))
1002 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
1005 hci_dev_unlock(hdev);
1008 static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
1009 struct sk_buff *skb)
1011 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1013 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1016 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
1017 rp->randomizer, rp->status);
1018 hci_dev_unlock(hdev);
1021 static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1023 __u8 status = *((__u8 *) skb->data);
1025 BT_DBG("%s status 0x%x", hdev->name, status);
1028 static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1029 struct sk_buff *skb)
1031 struct hci_cp_le_set_scan_enable *cp;
1032 __u8 status = *((__u8 *) skb->data);
1034 BT_DBG("%s status 0x%x", hdev->name, status);
1039 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1043 switch (cp->enable) {
1044 case LE_SCANNING_ENABLED:
1045 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1047 cancel_delayed_work_sync(&hdev->adv_work);
1050 hci_adv_entries_clear(hdev);
1051 hci_dev_unlock(hdev);
1054 case LE_SCANNING_DISABLED:
1055 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1057 queue_delayed_work(hdev->workqueue, &hdev->adv_work,
1062 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1067 static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1069 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1071 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1076 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1079 static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1081 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1083 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1088 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1091 static inline void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1092 struct sk_buff *skb)
1094 struct hci_cp_read_local_ext_features cp;
1095 __u8 status = *((__u8 *) skb->data);
1097 BT_DBG("%s status 0x%x", hdev->name, status);
1103 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp), &cp);
1106 static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
1108 BT_DBG("%s status 0x%x", hdev->name, status);
1111 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1112 hci_conn_check_pending(hdev);
1114 if (test_bit(HCI_MGMT, &hdev->flags))
1115 mgmt_start_discovery_failed(hdev, status);
1116 hci_dev_unlock(hdev);
1120 set_bit(HCI_INQUIRY, &hdev->flags);
1123 mgmt_discovering(hdev, 1);
1124 hci_dev_unlock(hdev);
1127 static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1129 struct hci_cp_create_conn *cp;
1130 struct hci_conn *conn;
1132 BT_DBG("%s status 0x%x", hdev->name, status);
1134 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1140 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1142 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
1145 if (conn && conn->state == BT_CONNECT) {
1146 if (status != 0x0c || conn->attempt > 2) {
1147 conn->state = BT_CLOSED;
1148 hci_proto_connect_cfm(conn, status);
1151 conn->state = BT_CONNECT2;
1155 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1158 conn->link_mode |= HCI_LM_MASTER;
1160 BT_ERR("No memory for new connection");
1164 hci_dev_unlock(hdev);
1167 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1169 struct hci_cp_add_sco *cp;
1170 struct hci_conn *acl, *sco;
1173 BT_DBG("%s status 0x%x", hdev->name, status);
1178 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1182 handle = __le16_to_cpu(cp->handle);
1184 BT_DBG("%s handle %d", hdev->name, handle);
1188 acl = hci_conn_hash_lookup_handle(hdev, handle);
1192 sco->state = BT_CLOSED;
1194 hci_proto_connect_cfm(sco, status);
1199 hci_dev_unlock(hdev);
1202 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1204 struct hci_cp_auth_requested *cp;
1205 struct hci_conn *conn;
1207 BT_DBG("%s status 0x%x", hdev->name, status);
1212 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1218 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1220 if (conn->state == BT_CONFIG) {
1221 hci_proto_connect_cfm(conn, status);
1226 hci_dev_unlock(hdev);
1229 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1231 struct hci_cp_set_conn_encrypt *cp;
1232 struct hci_conn *conn;
1234 BT_DBG("%s status 0x%x", hdev->name, status);
1239 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1245 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1247 if (conn->state == BT_CONFIG) {
1248 hci_proto_connect_cfm(conn, status);
1253 hci_dev_unlock(hdev);
1256 static int hci_outgoing_auth_needed(struct hci_dev *hdev,
1257 struct hci_conn *conn)
1259 if (conn->state != BT_CONFIG || !conn->out)
1262 if (conn->pending_sec_level == BT_SECURITY_SDP)
1265 /* Only request authentication for SSP connections or non-SSP
1266 * devices with sec_level HIGH or if MITM protection is requested */
1267 if (!(hdev->ssp_mode > 0 && conn->ssp_mode > 0) &&
1268 conn->pending_sec_level != BT_SECURITY_HIGH &&
1269 !(conn->auth_type & 0x01))
1275 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1277 struct hci_cp_remote_name_req *cp;
1278 struct hci_conn *conn;
1280 BT_DBG("%s status 0x%x", hdev->name, status);
1282 /* If successful wait for the name req complete event before
1283 * checking for the need to do authentication */
1287 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1293 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1297 if (!hci_outgoing_auth_needed(hdev, conn))
1300 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
1301 struct hci_cp_auth_requested cp;
1302 cp.handle = __cpu_to_le16(conn->handle);
1303 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1307 hci_dev_unlock(hdev);
1310 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1312 struct hci_cp_read_remote_features *cp;
1313 struct hci_conn *conn;
1315 BT_DBG("%s status 0x%x", hdev->name, status);
1320 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1326 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1328 if (conn->state == BT_CONFIG) {
1329 hci_proto_connect_cfm(conn, status);
1334 hci_dev_unlock(hdev);
1337 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1339 struct hci_cp_read_remote_ext_features *cp;
1340 struct hci_conn *conn;
1342 BT_DBG("%s status 0x%x", hdev->name, status);
1347 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1353 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1355 if (conn->state == BT_CONFIG) {
1356 hci_proto_connect_cfm(conn, status);
1361 hci_dev_unlock(hdev);
1364 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1366 struct hci_cp_setup_sync_conn *cp;
1367 struct hci_conn *acl, *sco;
1370 BT_DBG("%s status 0x%x", hdev->name, status);
1375 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1379 handle = __le16_to_cpu(cp->handle);
1381 BT_DBG("%s handle %d", hdev->name, handle);
1385 acl = hci_conn_hash_lookup_handle(hdev, handle);
1389 sco->state = BT_CLOSED;
1391 hci_proto_connect_cfm(sco, status);
1396 hci_dev_unlock(hdev);
1399 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1401 struct hci_cp_sniff_mode *cp;
1402 struct hci_conn *conn;
1404 BT_DBG("%s status 0x%x", hdev->name, status);
1409 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1415 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1417 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1419 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1420 hci_sco_setup(conn, status);
1423 hci_dev_unlock(hdev);
1426 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1428 struct hci_cp_exit_sniff_mode *cp;
1429 struct hci_conn *conn;
1431 BT_DBG("%s status 0x%x", hdev->name, status);
1436 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1442 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1444 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1446 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1447 hci_sco_setup(conn, status);
1450 hci_dev_unlock(hdev);
1453 static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1455 struct hci_cp_le_create_conn *cp;
1456 struct hci_conn *conn;
1458 BT_DBG("%s status 0x%x", hdev->name, status);
1460 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1466 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1468 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1472 if (conn && conn->state == BT_CONNECT) {
1473 conn->state = BT_CLOSED;
1474 hci_proto_connect_cfm(conn, status);
1479 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
1481 conn->dst_type = cp->peer_addr_type;
1484 BT_ERR("No memory for new connection");
1489 hci_dev_unlock(hdev);
1492 static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1494 BT_DBG("%s status 0x%x", hdev->name, status);
1497 static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1499 __u8 status = *((__u8 *) skb->data);
1501 BT_DBG("%s status %d", hdev->name, status);
1503 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1505 hci_conn_check_pending(hdev);
1507 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1511 mgmt_discovering(hdev, 0);
1512 hci_dev_unlock(hdev);
1515 static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1517 struct inquiry_data data;
1518 struct inquiry_info *info = (void *) (skb->data + 1);
1519 int num_rsp = *((__u8 *) skb->data);
1521 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1528 for (; num_rsp; num_rsp--, info++) {
1529 bacpy(&data.bdaddr, &info->bdaddr);
1530 data.pscan_rep_mode = info->pscan_rep_mode;
1531 data.pscan_period_mode = info->pscan_period_mode;
1532 data.pscan_mode = info->pscan_mode;
1533 memcpy(data.dev_class, info->dev_class, 3);
1534 data.clock_offset = info->clock_offset;
1536 data.ssp_mode = 0x00;
1537 hci_inquiry_cache_update(hdev, &data);
1538 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
1539 info->dev_class, 0, NULL);
1542 hci_dev_unlock(hdev);
1545 static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1547 struct hci_ev_conn_complete *ev = (void *) skb->data;
1548 struct hci_conn *conn;
1550 BT_DBG("%s", hdev->name);
1554 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1556 if (ev->link_type != SCO_LINK)
1559 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1563 conn->type = SCO_LINK;
1567 conn->handle = __le16_to_cpu(ev->handle);
1569 if (conn->type == ACL_LINK) {
1570 conn->state = BT_CONFIG;
1571 hci_conn_hold(conn);
1572 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1573 mgmt_connected(hdev, &ev->bdaddr, conn->type,
1576 conn->state = BT_CONNECTED;
1578 hci_conn_hold_device(conn);
1579 hci_conn_add_sysfs(conn);
1581 if (test_bit(HCI_AUTH, &hdev->flags))
1582 conn->link_mode |= HCI_LM_AUTH;
1584 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1585 conn->link_mode |= HCI_LM_ENCRYPT;
1587 /* Get remote features */
1588 if (conn->type == ACL_LINK) {
1589 struct hci_cp_read_remote_features cp;
1590 cp.handle = ev->handle;
1591 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1595 /* Set packet type for incoming connection */
1596 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1597 struct hci_cp_change_conn_ptype cp;
1598 cp.handle = ev->handle;
1599 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1600 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1604 conn->state = BT_CLOSED;
1605 if (conn->type == ACL_LINK)
1606 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
1607 conn->dst_type, ev->status);
1610 if (conn->type == ACL_LINK)
1611 hci_sco_setup(conn, ev->status);
1614 hci_proto_connect_cfm(conn, ev->status);
1616 } else if (ev->link_type != ACL_LINK)
1617 hci_proto_connect_cfm(conn, ev->status);
1620 hci_dev_unlock(hdev);
1622 hci_conn_check_pending(hdev);
1625 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1627 struct hci_ev_conn_request *ev = (void *) skb->data;
1628 int mask = hdev->link_mode;
1630 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1631 batostr(&ev->bdaddr), ev->link_type);
1633 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1635 if ((mask & HCI_LM_ACCEPT) &&
1636 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
1637 /* Connection accepted */
1638 struct inquiry_entry *ie;
1639 struct hci_conn *conn;
1643 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1645 memcpy(ie->data.dev_class, ev->dev_class, 3);
1647 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1649 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1651 BT_ERR("No memory for new connection");
1652 hci_dev_unlock(hdev);
1657 memcpy(conn->dev_class, ev->dev_class, 3);
1658 conn->state = BT_CONNECT;
1660 hci_dev_unlock(hdev);
1662 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1663 struct hci_cp_accept_conn_req cp;
1665 bacpy(&cp.bdaddr, &ev->bdaddr);
1667 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1668 cp.role = 0x00; /* Become master */
1670 cp.role = 0x01; /* Remain slave */
1672 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1675 struct hci_cp_accept_sync_conn_req cp;
1677 bacpy(&cp.bdaddr, &ev->bdaddr);
1678 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1680 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1681 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1682 cp.max_latency = cpu_to_le16(0xffff);
1683 cp.content_format = cpu_to_le16(hdev->voice_setting);
1684 cp.retrans_effort = 0xff;
1686 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1690 /* Connection rejected */
1691 struct hci_cp_reject_conn_req cp;
1693 bacpy(&cp.bdaddr, &ev->bdaddr);
1694 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
1695 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1699 static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1701 struct hci_ev_disconn_complete *ev = (void *) skb->data;
1702 struct hci_conn *conn;
1704 BT_DBG("%s status %d", hdev->name, ev->status);
1708 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1712 if (ev->status == 0)
1713 conn->state = BT_CLOSED;
1715 if (conn->type == ACL_LINK || conn->type == LE_LINK) {
1716 if (ev->status != 0)
1717 mgmt_disconnect_failed(hdev, &conn->dst, ev->status);
1719 mgmt_disconnected(hdev, &conn->dst, conn->type,
1723 if (ev->status == 0) {
1724 hci_proto_disconn_cfm(conn, ev->reason);
1729 hci_dev_unlock(hdev);
1732 static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1734 struct hci_ev_auth_complete *ev = (void *) skb->data;
1735 struct hci_conn *conn;
1737 BT_DBG("%s status %d", hdev->name, ev->status);
1741 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1746 if (!(conn->ssp_mode > 0 && hdev->ssp_mode > 0) &&
1747 test_bit(HCI_CONN_REAUTH_PEND, &conn->pend)) {
1748 BT_INFO("re-auth of legacy device is not possible.");
1750 conn->link_mode |= HCI_LM_AUTH;
1751 conn->sec_level = conn->pending_sec_level;
1754 mgmt_auth_failed(hdev, &conn->dst, ev->status);
1757 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1758 clear_bit(HCI_CONN_REAUTH_PEND, &conn->pend);
1760 if (conn->state == BT_CONFIG) {
1761 if (!ev->status && hdev->ssp_mode > 0 && conn->ssp_mode > 0) {
1762 struct hci_cp_set_conn_encrypt cp;
1763 cp.handle = ev->handle;
1765 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1768 conn->state = BT_CONNECTED;
1769 hci_proto_connect_cfm(conn, ev->status);
1773 hci_auth_cfm(conn, ev->status);
1775 hci_conn_hold(conn);
1776 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1780 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
1782 struct hci_cp_set_conn_encrypt cp;
1783 cp.handle = ev->handle;
1785 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1788 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1789 hci_encrypt_cfm(conn, ev->status, 0x00);
1794 hci_dev_unlock(hdev);
1797 static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1799 struct hci_ev_remote_name *ev = (void *) skb->data;
1800 struct hci_conn *conn;
1802 BT_DBG("%s", hdev->name);
1804 hci_conn_check_pending(hdev);
1808 if (ev->status == 0 && test_bit(HCI_MGMT, &hdev->flags))
1809 mgmt_remote_name(hdev, &ev->bdaddr, ev->name);
1811 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1815 if (!hci_outgoing_auth_needed(hdev, conn))
1818 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
1819 struct hci_cp_auth_requested cp;
1820 cp.handle = __cpu_to_le16(conn->handle);
1821 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1825 hci_dev_unlock(hdev);
1828 static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1830 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1831 struct hci_conn *conn;
1833 BT_DBG("%s status %d", hdev->name, ev->status);
1837 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1841 /* Encryption implies authentication */
1842 conn->link_mode |= HCI_LM_AUTH;
1843 conn->link_mode |= HCI_LM_ENCRYPT;
1844 conn->sec_level = conn->pending_sec_level;
1846 conn->link_mode &= ~HCI_LM_ENCRYPT;
1849 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1851 if (conn->state == BT_CONFIG) {
1853 conn->state = BT_CONNECTED;
1855 hci_proto_connect_cfm(conn, ev->status);
1858 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1861 hci_dev_unlock(hdev);
1864 static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1866 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
1867 struct hci_conn *conn;
1869 BT_DBG("%s status %d", hdev->name, ev->status);
1873 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1876 conn->link_mode |= HCI_LM_SECURE;
1878 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1880 hci_key_change_cfm(conn, ev->status);
1883 hci_dev_unlock(hdev);
1886 static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1888 struct hci_ev_remote_features *ev = (void *) skb->data;
1889 struct hci_conn *conn;
1891 BT_DBG("%s status %d", hdev->name, ev->status);
1895 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1900 memcpy(conn->features, ev->features, 8);
1902 if (conn->state != BT_CONFIG)
1905 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
1906 struct hci_cp_read_remote_ext_features cp;
1907 cp.handle = ev->handle;
1909 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
1915 struct hci_cp_remote_name_req cp;
1916 memset(&cp, 0, sizeof(cp));
1917 bacpy(&cp.bdaddr, &conn->dst);
1918 cp.pscan_rep_mode = 0x02;
1919 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1922 if (!hci_outgoing_auth_needed(hdev, conn)) {
1923 conn->state = BT_CONNECTED;
1924 hci_proto_connect_cfm(conn, ev->status);
1929 hci_dev_unlock(hdev);
1932 static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1934 BT_DBG("%s", hdev->name);
1937 static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1939 BT_DBG("%s", hdev->name);
1942 static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1944 struct hci_ev_cmd_complete *ev = (void *) skb->data;
1947 skb_pull(skb, sizeof(*ev));
1949 opcode = __le16_to_cpu(ev->opcode);
1952 case HCI_OP_INQUIRY_CANCEL:
1953 hci_cc_inquiry_cancel(hdev, skb);
1956 case HCI_OP_EXIT_PERIODIC_INQ:
1957 hci_cc_exit_periodic_inq(hdev, skb);
1960 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
1961 hci_cc_remote_name_req_cancel(hdev, skb);
1964 case HCI_OP_ROLE_DISCOVERY:
1965 hci_cc_role_discovery(hdev, skb);
1968 case HCI_OP_READ_LINK_POLICY:
1969 hci_cc_read_link_policy(hdev, skb);
1972 case HCI_OP_WRITE_LINK_POLICY:
1973 hci_cc_write_link_policy(hdev, skb);
1976 case HCI_OP_READ_DEF_LINK_POLICY:
1977 hci_cc_read_def_link_policy(hdev, skb);
1980 case HCI_OP_WRITE_DEF_LINK_POLICY:
1981 hci_cc_write_def_link_policy(hdev, skb);
1985 hci_cc_reset(hdev, skb);
1988 case HCI_OP_WRITE_LOCAL_NAME:
1989 hci_cc_write_local_name(hdev, skb);
1992 case HCI_OP_READ_LOCAL_NAME:
1993 hci_cc_read_local_name(hdev, skb);
1996 case HCI_OP_WRITE_AUTH_ENABLE:
1997 hci_cc_write_auth_enable(hdev, skb);
2000 case HCI_OP_WRITE_ENCRYPT_MODE:
2001 hci_cc_write_encrypt_mode(hdev, skb);
2004 case HCI_OP_WRITE_SCAN_ENABLE:
2005 hci_cc_write_scan_enable(hdev, skb);
2008 case HCI_OP_READ_CLASS_OF_DEV:
2009 hci_cc_read_class_of_dev(hdev, skb);
2012 case HCI_OP_WRITE_CLASS_OF_DEV:
2013 hci_cc_write_class_of_dev(hdev, skb);
2016 case HCI_OP_READ_VOICE_SETTING:
2017 hci_cc_read_voice_setting(hdev, skb);
2020 case HCI_OP_WRITE_VOICE_SETTING:
2021 hci_cc_write_voice_setting(hdev, skb);
2024 case HCI_OP_HOST_BUFFER_SIZE:
2025 hci_cc_host_buffer_size(hdev, skb);
2028 case HCI_OP_READ_SSP_MODE:
2029 hci_cc_read_ssp_mode(hdev, skb);
2032 case HCI_OP_WRITE_SSP_MODE:
2033 hci_cc_write_ssp_mode(hdev, skb);
2036 case HCI_OP_READ_LOCAL_VERSION:
2037 hci_cc_read_local_version(hdev, skb);
2040 case HCI_OP_READ_LOCAL_COMMANDS:
2041 hci_cc_read_local_commands(hdev, skb);
2044 case HCI_OP_READ_LOCAL_FEATURES:
2045 hci_cc_read_local_features(hdev, skb);
2048 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2049 hci_cc_read_local_ext_features(hdev, skb);
2052 case HCI_OP_READ_BUFFER_SIZE:
2053 hci_cc_read_buffer_size(hdev, skb);
2056 case HCI_OP_READ_BD_ADDR:
2057 hci_cc_read_bd_addr(hdev, skb);
2060 case HCI_OP_READ_DATA_BLOCK_SIZE:
2061 hci_cc_read_data_block_size(hdev, skb);
2064 case HCI_OP_WRITE_CA_TIMEOUT:
2065 hci_cc_write_ca_timeout(hdev, skb);
2068 case HCI_OP_READ_FLOW_CONTROL_MODE:
2069 hci_cc_read_flow_control_mode(hdev, skb);
2072 case HCI_OP_READ_LOCAL_AMP_INFO:
2073 hci_cc_read_local_amp_info(hdev, skb);
2076 case HCI_OP_DELETE_STORED_LINK_KEY:
2077 hci_cc_delete_stored_link_key(hdev, skb);
2080 case HCI_OP_SET_EVENT_MASK:
2081 hci_cc_set_event_mask(hdev, skb);
2084 case HCI_OP_WRITE_INQUIRY_MODE:
2085 hci_cc_write_inquiry_mode(hdev, skb);
2088 case HCI_OP_READ_INQ_RSP_TX_POWER:
2089 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2092 case HCI_OP_SET_EVENT_FLT:
2093 hci_cc_set_event_flt(hdev, skb);
2096 case HCI_OP_PIN_CODE_REPLY:
2097 hci_cc_pin_code_reply(hdev, skb);
2100 case HCI_OP_PIN_CODE_NEG_REPLY:
2101 hci_cc_pin_code_neg_reply(hdev, skb);
2104 case HCI_OP_READ_LOCAL_OOB_DATA:
2105 hci_cc_read_local_oob_data_reply(hdev, skb);
2108 case HCI_OP_LE_READ_BUFFER_SIZE:
2109 hci_cc_le_read_buffer_size(hdev, skb);
2112 case HCI_OP_USER_CONFIRM_REPLY:
2113 hci_cc_user_confirm_reply(hdev, skb);
2116 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2117 hci_cc_user_confirm_neg_reply(hdev, skb);
2120 case HCI_OP_USER_PASSKEY_REPLY:
2121 hci_cc_user_passkey_reply(hdev, skb);
2124 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2125 hci_cc_user_passkey_neg_reply(hdev, skb);
2127 case HCI_OP_LE_SET_SCAN_PARAM:
2128 hci_cc_le_set_scan_param(hdev, skb);
2131 case HCI_OP_LE_SET_SCAN_ENABLE:
2132 hci_cc_le_set_scan_enable(hdev, skb);
2135 case HCI_OP_LE_LTK_REPLY:
2136 hci_cc_le_ltk_reply(hdev, skb);
2139 case HCI_OP_LE_LTK_NEG_REPLY:
2140 hci_cc_le_ltk_neg_reply(hdev, skb);
2143 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2144 hci_cc_write_le_host_supported(hdev, skb);
2148 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2152 if (ev->opcode != HCI_OP_NOP)
2153 del_timer(&hdev->cmd_timer);
2156 atomic_set(&hdev->cmd_cnt, 1);
2157 if (!skb_queue_empty(&hdev->cmd_q))
2158 queue_work(hdev->workqueue, &hdev->cmd_work);
2162 static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2164 struct hci_ev_cmd_status *ev = (void *) skb->data;
2167 skb_pull(skb, sizeof(*ev));
2169 opcode = __le16_to_cpu(ev->opcode);
2172 case HCI_OP_INQUIRY:
2173 hci_cs_inquiry(hdev, ev->status);
2176 case HCI_OP_CREATE_CONN:
2177 hci_cs_create_conn(hdev, ev->status);
2180 case HCI_OP_ADD_SCO:
2181 hci_cs_add_sco(hdev, ev->status);
2184 case HCI_OP_AUTH_REQUESTED:
2185 hci_cs_auth_requested(hdev, ev->status);
2188 case HCI_OP_SET_CONN_ENCRYPT:
2189 hci_cs_set_conn_encrypt(hdev, ev->status);
2192 case HCI_OP_REMOTE_NAME_REQ:
2193 hci_cs_remote_name_req(hdev, ev->status);
2196 case HCI_OP_READ_REMOTE_FEATURES:
2197 hci_cs_read_remote_features(hdev, ev->status);
2200 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2201 hci_cs_read_remote_ext_features(hdev, ev->status);
2204 case HCI_OP_SETUP_SYNC_CONN:
2205 hci_cs_setup_sync_conn(hdev, ev->status);
2208 case HCI_OP_SNIFF_MODE:
2209 hci_cs_sniff_mode(hdev, ev->status);
2212 case HCI_OP_EXIT_SNIFF_MODE:
2213 hci_cs_exit_sniff_mode(hdev, ev->status);
2216 case HCI_OP_DISCONNECT:
2217 if (ev->status != 0)
2218 mgmt_disconnect_failed(hdev, NULL, ev->status);
2221 case HCI_OP_LE_CREATE_CONN:
2222 hci_cs_le_create_conn(hdev, ev->status);
2225 case HCI_OP_LE_START_ENC:
2226 hci_cs_le_start_enc(hdev, ev->status);
2230 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2234 if (ev->opcode != HCI_OP_NOP)
2235 del_timer(&hdev->cmd_timer);
2237 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
2238 atomic_set(&hdev->cmd_cnt, 1);
2239 if (!skb_queue_empty(&hdev->cmd_q))
2240 queue_work(hdev->workqueue, &hdev->cmd_work);
2244 static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2246 struct hci_ev_role_change *ev = (void *) skb->data;
2247 struct hci_conn *conn;
2249 BT_DBG("%s status %d", hdev->name, ev->status);
2253 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2257 conn->link_mode &= ~HCI_LM_MASTER;
2259 conn->link_mode |= HCI_LM_MASTER;
2262 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
2264 hci_role_switch_cfm(conn, ev->status, ev->role);
2267 hci_dev_unlock(hdev);
2270 static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
2272 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
2275 skb_pull(skb, sizeof(*ev));
2277 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2279 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2280 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2284 if (skb->len < ev->num_hndl * 4) {
2285 BT_DBG("%s bad parameters", hdev->name);
2289 for (i = 0; i < ev->num_hndl; i++) {
2290 struct hci_comp_pkts_info *info = &ev->handles[i];
2291 struct hci_conn *conn;
2292 __u16 handle, count;
2294 handle = __le16_to_cpu(info->handle);
2295 count = __le16_to_cpu(info->count);
2297 conn = hci_conn_hash_lookup_handle(hdev, handle);
2301 conn->sent -= count;
2303 switch (conn->type) {
2305 hdev->acl_cnt += count;
2306 if (hdev->acl_cnt > hdev->acl_pkts)
2307 hdev->acl_cnt = hdev->acl_pkts;
2311 if (hdev->le_pkts) {
2312 hdev->le_cnt += count;
2313 if (hdev->le_cnt > hdev->le_pkts)
2314 hdev->le_cnt = hdev->le_pkts;
2316 hdev->acl_cnt += count;
2317 if (hdev->acl_cnt > hdev->acl_pkts)
2318 hdev->acl_cnt = hdev->acl_pkts;
2323 hdev->sco_cnt += count;
2324 if (hdev->sco_cnt > hdev->sco_pkts)
2325 hdev->sco_cnt = hdev->sco_pkts;
2329 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2334 queue_work(hdev->workqueue, &hdev->tx_work);
2337 static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2339 struct hci_ev_mode_change *ev = (void *) skb->data;
2340 struct hci_conn *conn;
2342 BT_DBG("%s status %d", hdev->name, ev->status);
2346 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2348 conn->mode = ev->mode;
2349 conn->interval = __le16_to_cpu(ev->interval);
2351 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
2352 if (conn->mode == HCI_CM_ACTIVE)
2353 conn->power_save = 1;
2355 conn->power_save = 0;
2358 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
2359 hci_sco_setup(conn, ev->status);
2362 hci_dev_unlock(hdev);
2365 static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2367 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2368 struct hci_conn *conn;
2370 BT_DBG("%s", hdev->name);
2374 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2378 if (conn->state == BT_CONNECTED) {
2379 hci_conn_hold(conn);
2380 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2384 if (!test_bit(HCI_PAIRABLE, &hdev->flags))
2385 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2386 sizeof(ev->bdaddr), &ev->bdaddr);
2387 else if (test_bit(HCI_MGMT, &hdev->flags)) {
2390 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2395 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
2399 hci_dev_unlock(hdev);
2402 static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2404 struct hci_ev_link_key_req *ev = (void *) skb->data;
2405 struct hci_cp_link_key_reply cp;
2406 struct hci_conn *conn;
2407 struct link_key *key;
2409 BT_DBG("%s", hdev->name);
2411 if (!test_bit(HCI_LINK_KEYS, &hdev->flags))
2416 key = hci_find_link_key(hdev, &ev->bdaddr);
2418 BT_DBG("%s link key not found for %s", hdev->name,
2419 batostr(&ev->bdaddr));
2423 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2424 batostr(&ev->bdaddr));
2426 if (!test_bit(HCI_DEBUG_KEYS, &hdev->flags) &&
2427 key->type == HCI_LK_DEBUG_COMBINATION) {
2428 BT_DBG("%s ignoring debug key", hdev->name);
2432 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2434 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
2435 conn->auth_type != 0xff &&
2436 (conn->auth_type & 0x01)) {
2437 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2441 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
2442 conn->pending_sec_level == BT_SECURITY_HIGH) {
2443 BT_DBG("%s ignoring key unauthenticated for high \
2444 security", hdev->name);
2448 conn->key_type = key->type;
2449 conn->pin_length = key->pin_len;
2452 bacpy(&cp.bdaddr, &ev->bdaddr);
2453 memcpy(cp.link_key, key->val, 16);
2455 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2457 hci_dev_unlock(hdev);
2462 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2463 hci_dev_unlock(hdev);
2466 static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2468 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2469 struct hci_conn *conn;
2472 BT_DBG("%s", hdev->name);
2476 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2478 hci_conn_hold(conn);
2479 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2480 pin_len = conn->pin_length;
2482 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2483 conn->key_type = ev->key_type;
2488 if (test_bit(HCI_LINK_KEYS, &hdev->flags))
2489 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
2490 ev->key_type, pin_len);
2492 hci_dev_unlock(hdev);
2495 static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2497 struct hci_ev_clock_offset *ev = (void *) skb->data;
2498 struct hci_conn *conn;
2500 BT_DBG("%s status %d", hdev->name, ev->status);
2504 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2505 if (conn && !ev->status) {
2506 struct inquiry_entry *ie;
2508 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2510 ie->data.clock_offset = ev->clock_offset;
2511 ie->timestamp = jiffies;
2515 hci_dev_unlock(hdev);
2518 static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2520 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2521 struct hci_conn *conn;
2523 BT_DBG("%s status %d", hdev->name, ev->status);
2527 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2528 if (conn && !ev->status)
2529 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2531 hci_dev_unlock(hdev);
2534 static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2536 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
2537 struct inquiry_entry *ie;
2539 BT_DBG("%s", hdev->name);
2543 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2545 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2546 ie->timestamp = jiffies;
2549 hci_dev_unlock(hdev);
2552 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2554 struct inquiry_data data;
2555 int num_rsp = *((__u8 *) skb->data);
2557 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2564 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
2565 struct inquiry_info_with_rssi_and_pscan_mode *info;
2566 info = (void *) (skb->data + 1);
2568 for (; num_rsp; num_rsp--, info++) {
2569 bacpy(&data.bdaddr, &info->bdaddr);
2570 data.pscan_rep_mode = info->pscan_rep_mode;
2571 data.pscan_period_mode = info->pscan_period_mode;
2572 data.pscan_mode = info->pscan_mode;
2573 memcpy(data.dev_class, info->dev_class, 3);
2574 data.clock_offset = info->clock_offset;
2575 data.rssi = info->rssi;
2576 data.ssp_mode = 0x00;
2577 hci_inquiry_cache_update(hdev, &data);
2578 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
2579 info->dev_class, info->rssi,
2583 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2585 for (; num_rsp; num_rsp--, info++) {
2586 bacpy(&data.bdaddr, &info->bdaddr);
2587 data.pscan_rep_mode = info->pscan_rep_mode;
2588 data.pscan_period_mode = info->pscan_period_mode;
2589 data.pscan_mode = 0x00;
2590 memcpy(data.dev_class, info->dev_class, 3);
2591 data.clock_offset = info->clock_offset;
2592 data.rssi = info->rssi;
2593 data.ssp_mode = 0x00;
2594 hci_inquiry_cache_update(hdev, &data);
2595 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
2596 info->dev_class, info->rssi,
2601 hci_dev_unlock(hdev);
2604 static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2606 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2607 struct hci_conn *conn;
2609 BT_DBG("%s", hdev->name);
2613 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2617 if (!ev->status && ev->page == 0x01) {
2618 struct inquiry_entry *ie;
2620 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2622 ie->data.ssp_mode = (ev->features[0] & 0x01);
2624 conn->ssp_mode = (ev->features[0] & 0x01);
2627 if (conn->state != BT_CONFIG)
2631 struct hci_cp_remote_name_req cp;
2632 memset(&cp, 0, sizeof(cp));
2633 bacpy(&cp.bdaddr, &conn->dst);
2634 cp.pscan_rep_mode = 0x02;
2635 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2638 if (!hci_outgoing_auth_needed(hdev, conn)) {
2639 conn->state = BT_CONNECTED;
2640 hci_proto_connect_cfm(conn, ev->status);
2645 hci_dev_unlock(hdev);
2648 static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2650 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2651 struct hci_conn *conn;
2653 BT_DBG("%s status %d", hdev->name, ev->status);
2657 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
2659 if (ev->link_type == ESCO_LINK)
2662 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2666 conn->type = SCO_LINK;
2669 switch (ev->status) {
2671 conn->handle = __le16_to_cpu(ev->handle);
2672 conn->state = BT_CONNECTED;
2674 hci_conn_hold_device(conn);
2675 hci_conn_add_sysfs(conn);
2678 case 0x11: /* Unsupported Feature or Parameter Value */
2679 case 0x1c: /* SCO interval rejected */
2680 case 0x1a: /* Unsupported Remote Feature */
2681 case 0x1f: /* Unspecified error */
2682 if (conn->out && conn->attempt < 2) {
2683 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2684 (hdev->esco_type & EDR_ESCO_MASK);
2685 hci_setup_sync(conn, conn->link->handle);
2691 conn->state = BT_CLOSED;
2695 hci_proto_connect_cfm(conn, ev->status);
2700 hci_dev_unlock(hdev);
2703 static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2705 BT_DBG("%s", hdev->name);
2708 static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2710 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
2712 BT_DBG("%s status %d", hdev->name, ev->status);
2715 static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
2717 struct inquiry_data data;
2718 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2719 int num_rsp = *((__u8 *) skb->data);
2721 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2728 for (; num_rsp; num_rsp--, info++) {
2729 bacpy(&data.bdaddr, &info->bdaddr);
2730 data.pscan_rep_mode = info->pscan_rep_mode;
2731 data.pscan_period_mode = info->pscan_period_mode;
2732 data.pscan_mode = 0x00;
2733 memcpy(data.dev_class, info->dev_class, 3);
2734 data.clock_offset = info->clock_offset;
2735 data.rssi = info->rssi;
2736 data.ssp_mode = 0x01;
2737 hci_inquiry_cache_update(hdev, &data);
2738 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
2739 info->dev_class, info->rssi, info->data);
2742 hci_dev_unlock(hdev);
2745 static inline u8 hci_get_auth_req(struct hci_conn *conn)
2747 /* If remote requests dedicated bonding follow that lead */
2748 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2749 /* If both remote and local IO capabilities allow MITM
2750 * protection then require it, otherwise don't */
2751 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2757 /* If remote requests no-bonding follow that lead */
2758 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
2759 return conn->remote_auth | (conn->auth_type & 0x01);
2761 return conn->auth_type;
2764 static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2766 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2767 struct hci_conn *conn;
2769 BT_DBG("%s", hdev->name);
2773 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2777 hci_conn_hold(conn);
2779 if (!test_bit(HCI_MGMT, &hdev->flags))
2782 if (test_bit(HCI_PAIRABLE, &hdev->flags) ||
2783 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
2784 struct hci_cp_io_capability_reply cp;
2786 bacpy(&cp.bdaddr, &ev->bdaddr);
2787 cp.capability = conn->io_capability;
2788 conn->auth_type = hci_get_auth_req(conn);
2789 cp.authentication = conn->auth_type;
2791 if ((conn->out == 0x01 || conn->remote_oob == 0x01) &&
2792 hci_find_remote_oob_data(hdev, &conn->dst))
2797 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
2800 struct hci_cp_io_capability_neg_reply cp;
2802 bacpy(&cp.bdaddr, &ev->bdaddr);
2803 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
2805 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
2810 hci_dev_unlock(hdev);
2813 static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
2815 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
2816 struct hci_conn *conn;
2818 BT_DBG("%s", hdev->name);
2822 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2826 conn->remote_cap = ev->capability;
2827 conn->remote_oob = ev->oob_data;
2828 conn->remote_auth = ev->authentication;
2831 hci_dev_unlock(hdev);
2834 static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
2835 struct sk_buff *skb)
2837 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
2838 int loc_mitm, rem_mitm, confirm_hint = 0;
2839 struct hci_conn *conn;
2841 BT_DBG("%s", hdev->name);
2845 if (!test_bit(HCI_MGMT, &hdev->flags))
2848 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2852 loc_mitm = (conn->auth_type & 0x01);
2853 rem_mitm = (conn->remote_auth & 0x01);
2855 /* If we require MITM but the remote device can't provide that
2856 * (it has NoInputNoOutput) then reject the confirmation
2857 * request. The only exception is when we're dedicated bonding
2858 * initiators (connect_cfm_cb set) since then we always have the MITM
2860 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
2861 BT_DBG("Rejecting request: remote device can't provide MITM");
2862 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
2863 sizeof(ev->bdaddr), &ev->bdaddr);
2867 /* If no side requires MITM protection; auto-accept */
2868 if ((!loc_mitm || conn->remote_cap == 0x03) &&
2869 (!rem_mitm || conn->io_capability == 0x03)) {
2871 /* If we're not the initiators request authorization to
2872 * proceed from user space (mgmt_user_confirm with
2873 * confirm_hint set to 1). */
2874 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
2875 BT_DBG("Confirming auto-accept as acceptor");
2880 BT_DBG("Auto-accept of user confirmation with %ums delay",
2881 hdev->auto_accept_delay);
2883 if (hdev->auto_accept_delay > 0) {
2884 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
2885 mod_timer(&conn->auto_accept_timer, jiffies + delay);
2889 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
2890 sizeof(ev->bdaddr), &ev->bdaddr);
2895 mgmt_user_confirm_request(hdev, &ev->bdaddr, ev->passkey,
2899 hci_dev_unlock(hdev);
2902 static inline void hci_user_passkey_request_evt(struct hci_dev *hdev,
2903 struct sk_buff *skb)
2905 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
2907 BT_DBG("%s", hdev->name);
2911 if (test_bit(HCI_MGMT, &hdev->flags))
2912 mgmt_user_passkey_request(hdev, &ev->bdaddr);
2914 hci_dev_unlock(hdev);
2917 static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2919 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
2920 struct hci_conn *conn;
2922 BT_DBG("%s", hdev->name);
2926 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2930 /* To avoid duplicate auth_failed events to user space we check
2931 * the HCI_CONN_AUTH_PEND flag which will be set if we
2932 * initiated the authentication. A traditional auth_complete
2933 * event gets always produced as initiator and is also mapped to
2934 * the mgmt_auth_failed event */
2935 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->pend) && ev->status != 0)
2936 mgmt_auth_failed(hdev, &conn->dst, ev->status);
2941 hci_dev_unlock(hdev);
2944 static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2946 struct hci_ev_remote_host_features *ev = (void *) skb->data;
2947 struct inquiry_entry *ie;
2949 BT_DBG("%s", hdev->name);
2953 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2955 ie->data.ssp_mode = (ev->features[0] & 0x01);
2957 hci_dev_unlock(hdev);
2960 static inline void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
2961 struct sk_buff *skb)
2963 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
2964 struct oob_data *data;
2966 BT_DBG("%s", hdev->name);
2970 if (!test_bit(HCI_MGMT, &hdev->flags))
2973 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
2975 struct hci_cp_remote_oob_data_reply cp;
2977 bacpy(&cp.bdaddr, &ev->bdaddr);
2978 memcpy(cp.hash, data->hash, sizeof(cp.hash));
2979 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
2981 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
2984 struct hci_cp_remote_oob_data_neg_reply cp;
2986 bacpy(&cp.bdaddr, &ev->bdaddr);
2987 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
2992 hci_dev_unlock(hdev);
2995 static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2997 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
2998 struct hci_conn *conn;
3000 BT_DBG("%s status %d", hdev->name, ev->status);
3004 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
3006 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3008 BT_ERR("No memory for new connection");
3009 hci_dev_unlock(hdev);
3013 conn->dst_type = ev->bdaddr_type;
3017 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
3018 conn->dst_type, ev->status);
3019 hci_proto_connect_cfm(conn, ev->status);
3020 conn->state = BT_CLOSED;
3025 mgmt_connected(hdev, &ev->bdaddr, conn->type, conn->dst_type);
3027 conn->sec_level = BT_SECURITY_LOW;
3028 conn->handle = __le16_to_cpu(ev->handle);
3029 conn->state = BT_CONNECTED;
3031 hci_conn_hold_device(conn);
3032 hci_conn_add_sysfs(conn);
3034 hci_proto_connect_cfm(conn, ev->status);
3037 hci_dev_unlock(hdev);
3040 static inline void hci_le_adv_report_evt(struct hci_dev *hdev,
3041 struct sk_buff *skb)
3043 u8 num_reports = skb->data[0];
3044 void *ptr = &skb->data[1];
3048 while (num_reports--) {
3049 struct hci_ev_le_advertising_info *ev = ptr;
3051 hci_add_adv_entry(hdev, ev);
3053 ptr += sizeof(*ev) + ev->length + 1;
3056 hci_dev_unlock(hdev);
3059 static inline void hci_le_ltk_request_evt(struct hci_dev *hdev,
3060 struct sk_buff *skb)
3062 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3063 struct hci_cp_le_ltk_reply cp;
3064 struct hci_cp_le_ltk_neg_reply neg;
3065 struct hci_conn *conn;
3066 struct link_key *ltk;
3068 BT_DBG("%s handle %d", hdev->name, cpu_to_le16(ev->handle));
3072 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3076 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3080 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
3081 cp.handle = cpu_to_le16(conn->handle);
3082 conn->pin_length = ltk->pin_len;
3084 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3086 hci_dev_unlock(hdev);
3091 neg.handle = ev->handle;
3092 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3093 hci_dev_unlock(hdev);
3096 static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
3098 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3100 skb_pull(skb, sizeof(*le_ev));
3102 switch (le_ev->subevent) {
3103 case HCI_EV_LE_CONN_COMPLETE:
3104 hci_le_conn_complete_evt(hdev, skb);
3107 case HCI_EV_LE_ADVERTISING_REPORT:
3108 hci_le_adv_report_evt(hdev, skb);
3111 case HCI_EV_LE_LTK_REQ:
3112 hci_le_ltk_request_evt(hdev, skb);
3120 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3122 struct hci_event_hdr *hdr = (void *) skb->data;
3123 __u8 event = hdr->evt;
3125 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3128 case HCI_EV_INQUIRY_COMPLETE:
3129 hci_inquiry_complete_evt(hdev, skb);
3132 case HCI_EV_INQUIRY_RESULT:
3133 hci_inquiry_result_evt(hdev, skb);
3136 case HCI_EV_CONN_COMPLETE:
3137 hci_conn_complete_evt(hdev, skb);
3140 case HCI_EV_CONN_REQUEST:
3141 hci_conn_request_evt(hdev, skb);
3144 case HCI_EV_DISCONN_COMPLETE:
3145 hci_disconn_complete_evt(hdev, skb);
3148 case HCI_EV_AUTH_COMPLETE:
3149 hci_auth_complete_evt(hdev, skb);
3152 case HCI_EV_REMOTE_NAME:
3153 hci_remote_name_evt(hdev, skb);
3156 case HCI_EV_ENCRYPT_CHANGE:
3157 hci_encrypt_change_evt(hdev, skb);
3160 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3161 hci_change_link_key_complete_evt(hdev, skb);
3164 case HCI_EV_REMOTE_FEATURES:
3165 hci_remote_features_evt(hdev, skb);
3168 case HCI_EV_REMOTE_VERSION:
3169 hci_remote_version_evt(hdev, skb);
3172 case HCI_EV_QOS_SETUP_COMPLETE:
3173 hci_qos_setup_complete_evt(hdev, skb);
3176 case HCI_EV_CMD_COMPLETE:
3177 hci_cmd_complete_evt(hdev, skb);
3180 case HCI_EV_CMD_STATUS:
3181 hci_cmd_status_evt(hdev, skb);
3184 case HCI_EV_ROLE_CHANGE:
3185 hci_role_change_evt(hdev, skb);
3188 case HCI_EV_NUM_COMP_PKTS:
3189 hci_num_comp_pkts_evt(hdev, skb);
3192 case HCI_EV_MODE_CHANGE:
3193 hci_mode_change_evt(hdev, skb);
3196 case HCI_EV_PIN_CODE_REQ:
3197 hci_pin_code_request_evt(hdev, skb);
3200 case HCI_EV_LINK_KEY_REQ:
3201 hci_link_key_request_evt(hdev, skb);
3204 case HCI_EV_LINK_KEY_NOTIFY:
3205 hci_link_key_notify_evt(hdev, skb);
3208 case HCI_EV_CLOCK_OFFSET:
3209 hci_clock_offset_evt(hdev, skb);
3212 case HCI_EV_PKT_TYPE_CHANGE:
3213 hci_pkt_type_change_evt(hdev, skb);
3216 case HCI_EV_PSCAN_REP_MODE:
3217 hci_pscan_rep_mode_evt(hdev, skb);
3220 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3221 hci_inquiry_result_with_rssi_evt(hdev, skb);
3224 case HCI_EV_REMOTE_EXT_FEATURES:
3225 hci_remote_ext_features_evt(hdev, skb);
3228 case HCI_EV_SYNC_CONN_COMPLETE:
3229 hci_sync_conn_complete_evt(hdev, skb);
3232 case HCI_EV_SYNC_CONN_CHANGED:
3233 hci_sync_conn_changed_evt(hdev, skb);
3236 case HCI_EV_SNIFF_SUBRATE:
3237 hci_sniff_subrate_evt(hdev, skb);
3240 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3241 hci_extended_inquiry_result_evt(hdev, skb);
3244 case HCI_EV_IO_CAPA_REQUEST:
3245 hci_io_capa_request_evt(hdev, skb);
3248 case HCI_EV_IO_CAPA_REPLY:
3249 hci_io_capa_reply_evt(hdev, skb);
3252 case HCI_EV_USER_CONFIRM_REQUEST:
3253 hci_user_confirm_request_evt(hdev, skb);
3256 case HCI_EV_USER_PASSKEY_REQUEST:
3257 hci_user_passkey_request_evt(hdev, skb);
3260 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3261 hci_simple_pair_complete_evt(hdev, skb);
3264 case HCI_EV_REMOTE_HOST_FEATURES:
3265 hci_remote_host_features_evt(hdev, skb);
3268 case HCI_EV_LE_META:
3269 hci_le_meta_evt(hdev, skb);
3272 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3273 hci_remote_oob_data_request_evt(hdev, skb);
3277 BT_DBG("%s event 0x%x", hdev->name, event);
3282 hdev->stat.evt_rx++;
3285 /* Generate internal stack event */
3286 void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
3288 struct hci_event_hdr *hdr;
3289 struct hci_ev_stack_internal *ev;
3290 struct sk_buff *skb;
3292 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
3296 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
3297 hdr->evt = HCI_EV_STACK_INTERNAL;
3298 hdr->plen = sizeof(*ev) + dlen;
3300 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
3302 memcpy(ev->data, data, dlen);
3304 bt_cb(skb)->incoming = 1;
3305 __net_timestamp(skb);
3307 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
3308 skb->dev = (void *) hdev;
3309 hci_send_to_sock(hdev, skb, NULL);
3313 module_param(enable_le, bool, 0644);
3314 MODULE_PARM_DESC(enable_le, "Enable LE support");
projects / linux-flexiantxendom0-3.2.10.git / blob