2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI event handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
41 #include <asm/system.h>
42 #include <linux/uaccess.h>
43 #include <asm/unaligned.h>
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
48 static bool enable_le;
50 /* Handle HCI Event packets */
52 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
54 __u8 status = *((__u8 *) skb->data);
56 BT_DBG("%s status 0x%x", hdev->name, status);
60 mgmt_stop_discovery_failed(hdev, status);
65 clear_bit(HCI_INQUIRY, &hdev->flags);
68 mgmt_discovering(hdev, 0);
71 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
73 hci_conn_check_pending(hdev);
76 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
78 __u8 status = *((__u8 *) skb->data);
80 BT_DBG("%s status 0x%x", hdev->name, status);
85 hci_conn_check_pending(hdev);
88 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
90 BT_DBG("%s", hdev->name);
93 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
95 struct hci_rp_role_discovery *rp = (void *) skb->data;
96 struct hci_conn *conn;
98 BT_DBG("%s status 0x%x", hdev->name, rp->status);
105 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
108 conn->link_mode &= ~HCI_LM_MASTER;
110 conn->link_mode |= HCI_LM_MASTER;
113 hci_dev_unlock(hdev);
116 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
118 struct hci_rp_read_link_policy *rp = (void *) skb->data;
119 struct hci_conn *conn;
121 BT_DBG("%s status 0x%x", hdev->name, rp->status);
128 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
130 conn->link_policy = __le16_to_cpu(rp->policy);
132 hci_dev_unlock(hdev);
135 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
137 struct hci_rp_write_link_policy *rp = (void *) skb->data;
138 struct hci_conn *conn;
141 BT_DBG("%s status 0x%x", hdev->name, rp->status);
146 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
152 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
154 conn->link_policy = get_unaligned_le16(sent + 2);
156 hci_dev_unlock(hdev);
159 static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
161 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
163 BT_DBG("%s status 0x%x", hdev->name, rp->status);
168 hdev->link_policy = __le16_to_cpu(rp->policy);
171 static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
173 __u8 status = *((__u8 *) skb->data);
176 BT_DBG("%s status 0x%x", hdev->name, status);
178 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
183 hdev->link_policy = get_unaligned_le16(sent);
185 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
188 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
190 __u8 status = *((__u8 *) skb->data);
192 BT_DBG("%s status 0x%x", hdev->name, status);
194 clear_bit(HCI_RESET, &hdev->flags);
196 hci_req_complete(hdev, HCI_OP_RESET, status);
201 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
203 __u8 status = *((__u8 *) skb->data);
206 BT_DBG("%s status 0x%x", hdev->name, status);
208 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
214 if (test_bit(HCI_MGMT, &hdev->flags))
215 mgmt_set_local_name_complete(hdev, sent, status);
218 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
220 hci_dev_unlock(hdev);
223 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
225 struct hci_rp_read_local_name *rp = (void *) skb->data;
227 BT_DBG("%s status 0x%x", hdev->name, rp->status);
232 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
235 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
237 __u8 status = *((__u8 *) skb->data);
240 BT_DBG("%s status 0x%x", hdev->name, status);
242 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
247 __u8 param = *((__u8 *) sent);
249 if (param == AUTH_ENABLED)
250 set_bit(HCI_AUTH, &hdev->flags);
252 clear_bit(HCI_AUTH, &hdev->flags);
255 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
258 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
260 __u8 status = *((__u8 *) skb->data);
263 BT_DBG("%s status 0x%x", hdev->name, status);
265 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
270 __u8 param = *((__u8 *) sent);
273 set_bit(HCI_ENCRYPT, &hdev->flags);
275 clear_bit(HCI_ENCRYPT, &hdev->flags);
278 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
281 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
283 __u8 param, status = *((__u8 *) skb->data);
284 int old_pscan, old_iscan;
287 BT_DBG("%s status 0x%x", hdev->name, status);
289 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
293 param = *((__u8 *) sent);
298 mgmt_write_scan_failed(hdev, param, status);
299 hdev->discov_timeout = 0;
303 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
304 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
306 if (param & SCAN_INQUIRY) {
307 set_bit(HCI_ISCAN, &hdev->flags);
309 mgmt_discoverable(hdev, 1);
310 if (hdev->discov_timeout > 0) {
311 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
312 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
315 } else if (old_iscan)
316 mgmt_discoverable(hdev, 0);
318 if (param & SCAN_PAGE) {
319 set_bit(HCI_PSCAN, &hdev->flags);
321 mgmt_connectable(hdev, 1);
322 } else if (old_pscan)
323 mgmt_connectable(hdev, 0);
326 hci_dev_unlock(hdev);
327 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
330 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
332 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
334 BT_DBG("%s status 0x%x", hdev->name, rp->status);
339 memcpy(hdev->dev_class, rp->dev_class, 3);
341 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
342 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
345 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
347 __u8 status = *((__u8 *) skb->data);
350 BT_DBG("%s status 0x%x", hdev->name, status);
355 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
359 memcpy(hdev->dev_class, sent, 3);
362 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
364 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
367 BT_DBG("%s status 0x%x", hdev->name, rp->status);
372 setting = __le16_to_cpu(rp->voice_setting);
374 if (hdev->voice_setting == setting)
377 hdev->voice_setting = setting;
379 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
382 tasklet_disable(&hdev->tx_task);
383 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
384 tasklet_enable(&hdev->tx_task);
388 static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
390 __u8 status = *((__u8 *) skb->data);
394 BT_DBG("%s status 0x%x", hdev->name, status);
399 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
403 setting = get_unaligned_le16(sent);
405 if (hdev->voice_setting == setting)
408 hdev->voice_setting = setting;
410 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
413 tasklet_disable(&hdev->tx_task);
414 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
415 tasklet_enable(&hdev->tx_task);
419 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
421 __u8 status = *((__u8 *) skb->data);
423 BT_DBG("%s status 0x%x", hdev->name, status);
425 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
428 static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
430 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
432 BT_DBG("%s status 0x%x", hdev->name, rp->status);
437 hdev->ssp_mode = rp->mode;
440 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
442 __u8 status = *((__u8 *) skb->data);
445 BT_DBG("%s status 0x%x", hdev->name, status);
450 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
454 hdev->ssp_mode = *((__u8 *) sent);
457 static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
459 if (hdev->features[6] & LMP_EXT_INQ)
462 if (hdev->features[3] & LMP_RSSI_INQ)
465 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
466 hdev->lmp_subver == 0x0757)
469 if (hdev->manufacturer == 15) {
470 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
472 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
474 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
478 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
479 hdev->lmp_subver == 0x1805)
485 static void hci_setup_inquiry_mode(struct hci_dev *hdev)
489 mode = hci_get_inquiry_mode(hdev);
491 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
494 static void hci_setup_event_mask(struct hci_dev *hdev)
496 /* The second byte is 0xff instead of 0x9f (two reserved bits
497 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
498 * command otherwise */
499 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
501 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
502 * any event mask for pre 1.2 devices */
503 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
506 events[4] |= 0x01; /* Flow Specification Complete */
507 events[4] |= 0x02; /* Inquiry Result with RSSI */
508 events[4] |= 0x04; /* Read Remote Extended Features Complete */
509 events[5] |= 0x08; /* Synchronous Connection Complete */
510 events[5] |= 0x10; /* Synchronous Connection Changed */
512 if (hdev->features[3] & LMP_RSSI_INQ)
513 events[4] |= 0x04; /* Inquiry Result with RSSI */
515 if (hdev->features[5] & LMP_SNIFF_SUBR)
516 events[5] |= 0x20; /* Sniff Subrating */
518 if (hdev->features[5] & LMP_PAUSE_ENC)
519 events[5] |= 0x80; /* Encryption Key Refresh Complete */
521 if (hdev->features[6] & LMP_EXT_INQ)
522 events[5] |= 0x40; /* Extended Inquiry Result */
524 if (hdev->features[6] & LMP_NO_FLUSH)
525 events[7] |= 0x01; /* Enhanced Flush Complete */
527 if (hdev->features[7] & LMP_LSTO)
528 events[6] |= 0x80; /* Link Supervision Timeout Changed */
530 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
531 events[6] |= 0x01; /* IO Capability Request */
532 events[6] |= 0x02; /* IO Capability Response */
533 events[6] |= 0x04; /* User Confirmation Request */
534 events[6] |= 0x08; /* User Passkey Request */
535 events[6] |= 0x10; /* Remote OOB Data Request */
536 events[6] |= 0x20; /* Simple Pairing Complete */
537 events[7] |= 0x04; /* User Passkey Notification */
538 events[7] |= 0x08; /* Keypress Notification */
539 events[7] |= 0x10; /* Remote Host Supported
540 * Features Notification */
543 if (hdev->features[4] & LMP_LE)
544 events[7] |= 0x20; /* LE Meta-Event */
546 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
549 static void hci_set_le_support(struct hci_dev *hdev)
551 struct hci_cp_write_le_host_supported cp;
553 memset(&cp, 0, sizeof(cp));
557 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
560 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp), &cp);
563 static void hci_setup(struct hci_dev *hdev)
565 hci_setup_event_mask(hdev);
567 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
568 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
570 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
572 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
575 if (hdev->features[3] & LMP_RSSI_INQ)
576 hci_setup_inquiry_mode(hdev);
578 if (hdev->features[7] & LMP_INQ_TX_PWR)
579 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
581 if (hdev->features[7] & LMP_EXTFEATURES) {
582 struct hci_cp_read_local_ext_features cp;
585 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES,
589 if (hdev->features[4] & LMP_LE)
590 hci_set_le_support(hdev);
593 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
595 struct hci_rp_read_local_version *rp = (void *) skb->data;
597 BT_DBG("%s status 0x%x", hdev->name, rp->status);
602 hdev->hci_ver = rp->hci_ver;
603 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
604 hdev->lmp_ver = rp->lmp_ver;
605 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
606 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
608 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
610 hdev->hci_ver, hdev->hci_rev);
612 if (test_bit(HCI_INIT, &hdev->flags))
616 static void hci_setup_link_policy(struct hci_dev *hdev)
620 if (hdev->features[0] & LMP_RSWITCH)
621 link_policy |= HCI_LP_RSWITCH;
622 if (hdev->features[0] & LMP_HOLD)
623 link_policy |= HCI_LP_HOLD;
624 if (hdev->features[0] & LMP_SNIFF)
625 link_policy |= HCI_LP_SNIFF;
626 if (hdev->features[1] & LMP_PARK)
627 link_policy |= HCI_LP_PARK;
629 link_policy = cpu_to_le16(link_policy);
630 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
631 sizeof(link_policy), &link_policy);
634 static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
636 struct hci_rp_read_local_commands *rp = (void *) skb->data;
638 BT_DBG("%s status 0x%x", hdev->name, rp->status);
643 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
645 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
646 hci_setup_link_policy(hdev);
649 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
652 static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
654 struct hci_rp_read_local_features *rp = (void *) skb->data;
656 BT_DBG("%s status 0x%x", hdev->name, rp->status);
661 memcpy(hdev->features, rp->features, 8);
663 /* Adjust default settings according to features
664 * supported by device. */
666 if (hdev->features[0] & LMP_3SLOT)
667 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
669 if (hdev->features[0] & LMP_5SLOT)
670 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
672 if (hdev->features[1] & LMP_HV2) {
673 hdev->pkt_type |= (HCI_HV2);
674 hdev->esco_type |= (ESCO_HV2);
677 if (hdev->features[1] & LMP_HV3) {
678 hdev->pkt_type |= (HCI_HV3);
679 hdev->esco_type |= (ESCO_HV3);
682 if (hdev->features[3] & LMP_ESCO)
683 hdev->esco_type |= (ESCO_EV3);
685 if (hdev->features[4] & LMP_EV4)
686 hdev->esco_type |= (ESCO_EV4);
688 if (hdev->features[4] & LMP_EV5)
689 hdev->esco_type |= (ESCO_EV5);
691 if (hdev->features[5] & LMP_EDR_ESCO_2M)
692 hdev->esco_type |= (ESCO_2EV3);
694 if (hdev->features[5] & LMP_EDR_ESCO_3M)
695 hdev->esco_type |= (ESCO_3EV3);
697 if (hdev->features[5] & LMP_EDR_3S_ESCO)
698 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
700 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
701 hdev->features[0], hdev->features[1],
702 hdev->features[2], hdev->features[3],
703 hdev->features[4], hdev->features[5],
704 hdev->features[6], hdev->features[7]);
707 static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
710 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
712 BT_DBG("%s status 0x%x", hdev->name, rp->status);
717 memcpy(hdev->extfeatures, rp->features, 8);
719 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
722 static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
725 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
727 BT_DBG("%s status 0x%x", hdev->name, rp->status);
732 hdev->flow_ctl_mode = rp->mode;
734 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
737 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
739 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
741 BT_DBG("%s status 0x%x", hdev->name, rp->status);
746 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
747 hdev->sco_mtu = rp->sco_mtu;
748 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
749 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
751 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
756 hdev->acl_cnt = hdev->acl_pkts;
757 hdev->sco_cnt = hdev->sco_pkts;
759 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
760 hdev->acl_mtu, hdev->acl_pkts,
761 hdev->sco_mtu, hdev->sco_pkts);
764 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
766 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
768 BT_DBG("%s status 0x%x", hdev->name, rp->status);
771 bacpy(&hdev->bdaddr, &rp->bdaddr);
773 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
776 static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
778 __u8 status = *((__u8 *) skb->data);
780 BT_DBG("%s status 0x%x", hdev->name, status);
782 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
785 static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
788 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
790 BT_DBG("%s status 0x%x", hdev->name, rp->status);
795 hdev->amp_status = rp->amp_status;
796 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
797 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
798 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
799 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
800 hdev->amp_type = rp->amp_type;
801 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
802 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
803 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
804 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
806 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
809 static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
812 __u8 status = *((__u8 *) skb->data);
814 BT_DBG("%s status 0x%x", hdev->name, status);
816 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
819 static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
821 __u8 status = *((__u8 *) skb->data);
823 BT_DBG("%s status 0x%x", hdev->name, status);
825 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
828 static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
831 __u8 status = *((__u8 *) skb->data);
833 BT_DBG("%s status 0x%x", hdev->name, status);
835 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
838 static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
841 __u8 status = *((__u8 *) skb->data);
843 BT_DBG("%s status 0x%x", hdev->name, status);
845 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
848 static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
850 __u8 status = *((__u8 *) skb->data);
852 BT_DBG("%s status 0x%x", hdev->name, status);
854 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
857 static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
859 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
860 struct hci_cp_pin_code_reply *cp;
861 struct hci_conn *conn;
863 BT_DBG("%s status 0x%x", hdev->name, rp->status);
867 if (test_bit(HCI_MGMT, &hdev->flags))
868 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
873 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
877 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
879 conn->pin_length = cp->pin_len;
882 hci_dev_unlock(hdev);
885 static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
887 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
889 BT_DBG("%s status 0x%x", hdev->name, rp->status);
893 if (test_bit(HCI_MGMT, &hdev->flags))
894 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
897 hci_dev_unlock(hdev);
900 static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
903 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
905 BT_DBG("%s status 0x%x", hdev->name, rp->status);
910 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
911 hdev->le_pkts = rp->le_max_pkt;
913 hdev->le_cnt = hdev->le_pkts;
915 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
917 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
920 static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
922 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
924 BT_DBG("%s status 0x%x", hdev->name, rp->status);
928 if (test_bit(HCI_MGMT, &hdev->flags))
929 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr,
932 hci_dev_unlock(hdev);
935 static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
938 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
940 BT_DBG("%s status 0x%x", hdev->name, rp->status);
944 if (test_bit(HCI_MGMT, &hdev->flags))
945 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
948 hci_dev_unlock(hdev);
951 static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
953 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
955 BT_DBG("%s status 0x%x", hdev->name, rp->status);
959 if (test_bit(HCI_MGMT, &hdev->flags))
960 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr,
963 hci_dev_unlock(hdev);
966 static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
969 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
971 BT_DBG("%s status 0x%x", hdev->name, rp->status);
975 if (test_bit(HCI_MGMT, &hdev->flags))
976 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
979 hci_dev_unlock(hdev);
982 static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
985 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
987 BT_DBG("%s status 0x%x", hdev->name, rp->status);
990 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
991 rp->randomizer, rp->status);
992 hci_dev_unlock(hdev);
995 static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
997 __u8 status = *((__u8 *) skb->data);
999 BT_DBG("%s status 0x%x", hdev->name, status);
1002 static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1003 struct sk_buff *skb)
1005 struct hci_cp_le_set_scan_enable *cp;
1006 __u8 status = *((__u8 *) skb->data);
1008 BT_DBG("%s status 0x%x", hdev->name, status);
1013 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1017 if (cp->enable == 0x01) {
1018 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1020 del_timer(&hdev->adv_timer);
1023 hci_adv_entries_clear(hdev);
1024 hci_dev_unlock(hdev);
1025 } else if (cp->enable == 0x00) {
1026 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1028 mod_timer(&hdev->adv_timer, jiffies + ADV_CLEAR_TIMEOUT);
1032 static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1034 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1036 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1041 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1044 static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1046 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1048 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1053 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1056 static inline void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1057 struct sk_buff *skb)
1059 struct hci_cp_read_local_ext_features cp;
1060 __u8 status = *((__u8 *) skb->data);
1062 BT_DBG("%s status 0x%x", hdev->name, status);
1068 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp), &cp);
1071 static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
1073 BT_DBG("%s status 0x%x", hdev->name, status);
1076 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1077 hci_conn_check_pending(hdev);
1079 if (test_bit(HCI_MGMT, &hdev->flags))
1080 mgmt_start_discovery_failed(hdev, status);
1081 hci_dev_unlock(hdev);
1085 set_bit(HCI_INQUIRY, &hdev->flags);
1088 mgmt_discovering(hdev, 1);
1089 hci_dev_unlock(hdev);
1092 static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1094 struct hci_cp_create_conn *cp;
1095 struct hci_conn *conn;
1097 BT_DBG("%s status 0x%x", hdev->name, status);
1099 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1105 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1107 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
1110 if (conn && conn->state == BT_CONNECT) {
1111 if (status != 0x0c || conn->attempt > 2) {
1112 conn->state = BT_CLOSED;
1113 hci_proto_connect_cfm(conn, status);
1116 conn->state = BT_CONNECT2;
1120 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1123 conn->link_mode |= HCI_LM_MASTER;
1125 BT_ERR("No memory for new connection");
1129 hci_dev_unlock(hdev);
1132 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1134 struct hci_cp_add_sco *cp;
1135 struct hci_conn *acl, *sco;
1138 BT_DBG("%s status 0x%x", hdev->name, status);
1143 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1147 handle = __le16_to_cpu(cp->handle);
1149 BT_DBG("%s handle %d", hdev->name, handle);
1153 acl = hci_conn_hash_lookup_handle(hdev, handle);
1157 sco->state = BT_CLOSED;
1159 hci_proto_connect_cfm(sco, status);
1164 hci_dev_unlock(hdev);
1167 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1169 struct hci_cp_auth_requested *cp;
1170 struct hci_conn *conn;
1172 BT_DBG("%s status 0x%x", hdev->name, status);
1177 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1183 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1185 if (conn->state == BT_CONFIG) {
1186 hci_proto_connect_cfm(conn, status);
1191 hci_dev_unlock(hdev);
1194 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1196 struct hci_cp_set_conn_encrypt *cp;
1197 struct hci_conn *conn;
1199 BT_DBG("%s status 0x%x", hdev->name, status);
1204 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1210 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1212 if (conn->state == BT_CONFIG) {
1213 hci_proto_connect_cfm(conn, status);
1218 hci_dev_unlock(hdev);
1221 static int hci_outgoing_auth_needed(struct hci_dev *hdev,
1222 struct hci_conn *conn)
1224 if (conn->state != BT_CONFIG || !conn->out)
1227 if (conn->pending_sec_level == BT_SECURITY_SDP)
1230 /* Only request authentication for SSP connections or non-SSP
1231 * devices with sec_level HIGH or if MITM protection is requested */
1232 if (!(hdev->ssp_mode > 0 && conn->ssp_mode > 0) &&
1233 conn->pending_sec_level != BT_SECURITY_HIGH &&
1234 !(conn->auth_type & 0x01))
1240 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1242 struct hci_cp_remote_name_req *cp;
1243 struct hci_conn *conn;
1245 BT_DBG("%s status 0x%x", hdev->name, status);
1247 /* If successful wait for the name req complete event before
1248 * checking for the need to do authentication */
1252 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1258 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1262 if (!hci_outgoing_auth_needed(hdev, conn))
1265 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
1266 struct hci_cp_auth_requested cp;
1267 cp.handle = __cpu_to_le16(conn->handle);
1268 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1272 hci_dev_unlock(hdev);
1275 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1277 struct hci_cp_read_remote_features *cp;
1278 struct hci_conn *conn;
1280 BT_DBG("%s status 0x%x", hdev->name, status);
1285 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1291 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1293 if (conn->state == BT_CONFIG) {
1294 hci_proto_connect_cfm(conn, status);
1299 hci_dev_unlock(hdev);
1302 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1304 struct hci_cp_read_remote_ext_features *cp;
1305 struct hci_conn *conn;
1307 BT_DBG("%s status 0x%x", hdev->name, status);
1312 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1318 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1320 if (conn->state == BT_CONFIG) {
1321 hci_proto_connect_cfm(conn, status);
1326 hci_dev_unlock(hdev);
1329 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1331 struct hci_cp_setup_sync_conn *cp;
1332 struct hci_conn *acl, *sco;
1335 BT_DBG("%s status 0x%x", hdev->name, status);
1340 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1344 handle = __le16_to_cpu(cp->handle);
1346 BT_DBG("%s handle %d", hdev->name, handle);
1350 acl = hci_conn_hash_lookup_handle(hdev, handle);
1354 sco->state = BT_CLOSED;
1356 hci_proto_connect_cfm(sco, status);
1361 hci_dev_unlock(hdev);
1364 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1366 struct hci_cp_sniff_mode *cp;
1367 struct hci_conn *conn;
1369 BT_DBG("%s status 0x%x", hdev->name, status);
1374 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1380 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1382 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1384 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1385 hci_sco_setup(conn, status);
1388 hci_dev_unlock(hdev);
1391 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1393 struct hci_cp_exit_sniff_mode *cp;
1394 struct hci_conn *conn;
1396 BT_DBG("%s status 0x%x", hdev->name, status);
1401 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1407 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1409 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1411 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1412 hci_sco_setup(conn, status);
1415 hci_dev_unlock(hdev);
1418 static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1420 struct hci_cp_le_create_conn *cp;
1421 struct hci_conn *conn;
1423 BT_DBG("%s status 0x%x", hdev->name, status);
1425 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1431 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1433 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1437 if (conn && conn->state == BT_CONNECT) {
1438 conn->state = BT_CLOSED;
1439 hci_proto_connect_cfm(conn, status);
1444 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
1446 conn->dst_type = cp->peer_addr_type;
1449 BT_ERR("No memory for new connection");
1454 hci_dev_unlock(hdev);
1457 static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1459 BT_DBG("%s status 0x%x", hdev->name, status);
1462 static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1464 __u8 status = *((__u8 *) skb->data);
1466 BT_DBG("%s status %d", hdev->name, status);
1468 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1470 hci_conn_check_pending(hdev);
1472 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1476 mgmt_discovering(hdev, 0);
1477 hci_dev_unlock(hdev);
1480 static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1482 struct inquiry_data data;
1483 struct inquiry_info *info = (void *) (skb->data + 1);
1484 int num_rsp = *((__u8 *) skb->data);
1486 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1493 for (; num_rsp; num_rsp--, info++) {
1494 bacpy(&data.bdaddr, &info->bdaddr);
1495 data.pscan_rep_mode = info->pscan_rep_mode;
1496 data.pscan_period_mode = info->pscan_period_mode;
1497 data.pscan_mode = info->pscan_mode;
1498 memcpy(data.dev_class, info->dev_class, 3);
1499 data.clock_offset = info->clock_offset;
1501 data.ssp_mode = 0x00;
1502 hci_inquiry_cache_update(hdev, &data);
1503 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
1504 info->dev_class, 0, NULL);
1507 hci_dev_unlock(hdev);
1510 static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1512 struct hci_ev_conn_complete *ev = (void *) skb->data;
1513 struct hci_conn *conn;
1515 BT_DBG("%s", hdev->name);
1519 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1521 if (ev->link_type != SCO_LINK)
1524 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1528 conn->type = SCO_LINK;
1532 conn->handle = __le16_to_cpu(ev->handle);
1534 if (conn->type == ACL_LINK) {
1535 conn->state = BT_CONFIG;
1536 hci_conn_hold(conn);
1537 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1538 mgmt_connected(hdev, &ev->bdaddr, conn->type,
1541 conn->state = BT_CONNECTED;
1543 hci_conn_hold_device(conn);
1544 hci_conn_add_sysfs(conn);
1546 if (test_bit(HCI_AUTH, &hdev->flags))
1547 conn->link_mode |= HCI_LM_AUTH;
1549 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1550 conn->link_mode |= HCI_LM_ENCRYPT;
1552 /* Get remote features */
1553 if (conn->type == ACL_LINK) {
1554 struct hci_cp_read_remote_features cp;
1555 cp.handle = ev->handle;
1556 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1560 /* Set packet type for incoming connection */
1561 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1562 struct hci_cp_change_conn_ptype cp;
1563 cp.handle = ev->handle;
1564 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1565 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1569 conn->state = BT_CLOSED;
1570 if (conn->type == ACL_LINK)
1571 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
1572 conn->dst_type, ev->status);
1575 if (conn->type == ACL_LINK)
1576 hci_sco_setup(conn, ev->status);
1579 hci_proto_connect_cfm(conn, ev->status);
1581 } else if (ev->link_type != ACL_LINK)
1582 hci_proto_connect_cfm(conn, ev->status);
1585 hci_dev_unlock(hdev);
1587 hci_conn_check_pending(hdev);
1590 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1592 struct hci_ev_conn_request *ev = (void *) skb->data;
1593 int mask = hdev->link_mode;
1595 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1596 batostr(&ev->bdaddr), ev->link_type);
1598 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1600 if ((mask & HCI_LM_ACCEPT) &&
1601 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
1602 /* Connection accepted */
1603 struct inquiry_entry *ie;
1604 struct hci_conn *conn;
1608 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1610 memcpy(ie->data.dev_class, ev->dev_class, 3);
1612 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1614 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1616 BT_ERR("No memory for new connection");
1617 hci_dev_unlock(hdev);
1622 memcpy(conn->dev_class, ev->dev_class, 3);
1623 conn->state = BT_CONNECT;
1625 hci_dev_unlock(hdev);
1627 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1628 struct hci_cp_accept_conn_req cp;
1630 bacpy(&cp.bdaddr, &ev->bdaddr);
1632 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1633 cp.role = 0x00; /* Become master */
1635 cp.role = 0x01; /* Remain slave */
1637 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1640 struct hci_cp_accept_sync_conn_req cp;
1642 bacpy(&cp.bdaddr, &ev->bdaddr);
1643 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1645 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1646 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1647 cp.max_latency = cpu_to_le16(0xffff);
1648 cp.content_format = cpu_to_le16(hdev->voice_setting);
1649 cp.retrans_effort = 0xff;
1651 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1655 /* Connection rejected */
1656 struct hci_cp_reject_conn_req cp;
1658 bacpy(&cp.bdaddr, &ev->bdaddr);
1659 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
1660 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1664 static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1666 struct hci_ev_disconn_complete *ev = (void *) skb->data;
1667 struct hci_conn *conn;
1669 BT_DBG("%s status %d", hdev->name, ev->status);
1673 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1677 if (ev->status == 0)
1678 conn->state = BT_CLOSED;
1680 if (conn->type == ACL_LINK || conn->type == LE_LINK) {
1681 if (ev->status != 0)
1682 mgmt_disconnect_failed(hdev, &conn->dst, ev->status);
1684 mgmt_disconnected(hdev, &conn->dst, conn->type,
1688 if (ev->status == 0) {
1689 hci_proto_disconn_cfm(conn, ev->reason);
1694 hci_dev_unlock(hdev);
1697 static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1699 struct hci_ev_auth_complete *ev = (void *) skb->data;
1700 struct hci_conn *conn;
1702 BT_DBG("%s status %d", hdev->name, ev->status);
1706 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1711 if (!(conn->ssp_mode > 0 && hdev->ssp_mode > 0) &&
1712 test_bit(HCI_CONN_REAUTH_PEND, &conn->pend)) {
1713 BT_INFO("re-auth of legacy device is not possible.");
1715 conn->link_mode |= HCI_LM_AUTH;
1716 conn->sec_level = conn->pending_sec_level;
1719 mgmt_auth_failed(hdev, &conn->dst, ev->status);
1722 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1723 clear_bit(HCI_CONN_REAUTH_PEND, &conn->pend);
1725 if (conn->state == BT_CONFIG) {
1726 if (!ev->status && hdev->ssp_mode > 0 && conn->ssp_mode > 0) {
1727 struct hci_cp_set_conn_encrypt cp;
1728 cp.handle = ev->handle;
1730 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1733 conn->state = BT_CONNECTED;
1734 hci_proto_connect_cfm(conn, ev->status);
1738 hci_auth_cfm(conn, ev->status);
1740 hci_conn_hold(conn);
1741 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1745 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
1747 struct hci_cp_set_conn_encrypt cp;
1748 cp.handle = ev->handle;
1750 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1753 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1754 hci_encrypt_cfm(conn, ev->status, 0x00);
1759 hci_dev_unlock(hdev);
1762 static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1764 struct hci_ev_remote_name *ev = (void *) skb->data;
1765 struct hci_conn *conn;
1767 BT_DBG("%s", hdev->name);
1769 hci_conn_check_pending(hdev);
1773 if (ev->status == 0 && test_bit(HCI_MGMT, &hdev->flags))
1774 mgmt_remote_name(hdev, &ev->bdaddr, ev->name);
1776 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1780 if (!hci_outgoing_auth_needed(hdev, conn))
1783 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
1784 struct hci_cp_auth_requested cp;
1785 cp.handle = __cpu_to_le16(conn->handle);
1786 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1790 hci_dev_unlock(hdev);
1793 static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1795 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1796 struct hci_conn *conn;
1798 BT_DBG("%s status %d", hdev->name, ev->status);
1802 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1806 /* Encryption implies authentication */
1807 conn->link_mode |= HCI_LM_AUTH;
1808 conn->link_mode |= HCI_LM_ENCRYPT;
1809 conn->sec_level = conn->pending_sec_level;
1811 conn->link_mode &= ~HCI_LM_ENCRYPT;
1814 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1816 if (conn->state == BT_CONFIG) {
1818 conn->state = BT_CONNECTED;
1820 hci_proto_connect_cfm(conn, ev->status);
1823 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1826 hci_dev_unlock(hdev);
1829 static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1831 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
1832 struct hci_conn *conn;
1834 BT_DBG("%s status %d", hdev->name, ev->status);
1838 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1841 conn->link_mode |= HCI_LM_SECURE;
1843 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1845 hci_key_change_cfm(conn, ev->status);
1848 hci_dev_unlock(hdev);
1851 static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1853 struct hci_ev_remote_features *ev = (void *) skb->data;
1854 struct hci_conn *conn;
1856 BT_DBG("%s status %d", hdev->name, ev->status);
1860 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1865 memcpy(conn->features, ev->features, 8);
1867 if (conn->state != BT_CONFIG)
1870 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
1871 struct hci_cp_read_remote_ext_features cp;
1872 cp.handle = ev->handle;
1874 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
1880 struct hci_cp_remote_name_req cp;
1881 memset(&cp, 0, sizeof(cp));
1882 bacpy(&cp.bdaddr, &conn->dst);
1883 cp.pscan_rep_mode = 0x02;
1884 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1887 if (!hci_outgoing_auth_needed(hdev, conn)) {
1888 conn->state = BT_CONNECTED;
1889 hci_proto_connect_cfm(conn, ev->status);
1894 hci_dev_unlock(hdev);
1897 static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1899 BT_DBG("%s", hdev->name);
1902 static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1904 BT_DBG("%s", hdev->name);
1907 static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1909 struct hci_ev_cmd_complete *ev = (void *) skb->data;
1912 skb_pull(skb, sizeof(*ev));
1914 opcode = __le16_to_cpu(ev->opcode);
1917 case HCI_OP_INQUIRY_CANCEL:
1918 hci_cc_inquiry_cancel(hdev, skb);
1921 case HCI_OP_EXIT_PERIODIC_INQ:
1922 hci_cc_exit_periodic_inq(hdev, skb);
1925 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
1926 hci_cc_remote_name_req_cancel(hdev, skb);
1929 case HCI_OP_ROLE_DISCOVERY:
1930 hci_cc_role_discovery(hdev, skb);
1933 case HCI_OP_READ_LINK_POLICY:
1934 hci_cc_read_link_policy(hdev, skb);
1937 case HCI_OP_WRITE_LINK_POLICY:
1938 hci_cc_write_link_policy(hdev, skb);
1941 case HCI_OP_READ_DEF_LINK_POLICY:
1942 hci_cc_read_def_link_policy(hdev, skb);
1945 case HCI_OP_WRITE_DEF_LINK_POLICY:
1946 hci_cc_write_def_link_policy(hdev, skb);
1950 hci_cc_reset(hdev, skb);
1953 case HCI_OP_WRITE_LOCAL_NAME:
1954 hci_cc_write_local_name(hdev, skb);
1957 case HCI_OP_READ_LOCAL_NAME:
1958 hci_cc_read_local_name(hdev, skb);
1961 case HCI_OP_WRITE_AUTH_ENABLE:
1962 hci_cc_write_auth_enable(hdev, skb);
1965 case HCI_OP_WRITE_ENCRYPT_MODE:
1966 hci_cc_write_encrypt_mode(hdev, skb);
1969 case HCI_OP_WRITE_SCAN_ENABLE:
1970 hci_cc_write_scan_enable(hdev, skb);
1973 case HCI_OP_READ_CLASS_OF_DEV:
1974 hci_cc_read_class_of_dev(hdev, skb);
1977 case HCI_OP_WRITE_CLASS_OF_DEV:
1978 hci_cc_write_class_of_dev(hdev, skb);
1981 case HCI_OP_READ_VOICE_SETTING:
1982 hci_cc_read_voice_setting(hdev, skb);
1985 case HCI_OP_WRITE_VOICE_SETTING:
1986 hci_cc_write_voice_setting(hdev, skb);
1989 case HCI_OP_HOST_BUFFER_SIZE:
1990 hci_cc_host_buffer_size(hdev, skb);
1993 case HCI_OP_READ_SSP_MODE:
1994 hci_cc_read_ssp_mode(hdev, skb);
1997 case HCI_OP_WRITE_SSP_MODE:
1998 hci_cc_write_ssp_mode(hdev, skb);
2001 case HCI_OP_READ_LOCAL_VERSION:
2002 hci_cc_read_local_version(hdev, skb);
2005 case HCI_OP_READ_LOCAL_COMMANDS:
2006 hci_cc_read_local_commands(hdev, skb);
2009 case HCI_OP_READ_LOCAL_FEATURES:
2010 hci_cc_read_local_features(hdev, skb);
2013 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2014 hci_cc_read_local_ext_features(hdev, skb);
2017 case HCI_OP_READ_BUFFER_SIZE:
2018 hci_cc_read_buffer_size(hdev, skb);
2021 case HCI_OP_READ_BD_ADDR:
2022 hci_cc_read_bd_addr(hdev, skb);
2025 case HCI_OP_WRITE_CA_TIMEOUT:
2026 hci_cc_write_ca_timeout(hdev, skb);
2029 case HCI_OP_READ_FLOW_CONTROL_MODE:
2030 hci_cc_read_flow_control_mode(hdev, skb);
2033 case HCI_OP_READ_LOCAL_AMP_INFO:
2034 hci_cc_read_local_amp_info(hdev, skb);
2037 case HCI_OP_DELETE_STORED_LINK_KEY:
2038 hci_cc_delete_stored_link_key(hdev, skb);
2041 case HCI_OP_SET_EVENT_MASK:
2042 hci_cc_set_event_mask(hdev, skb);
2045 case HCI_OP_WRITE_INQUIRY_MODE:
2046 hci_cc_write_inquiry_mode(hdev, skb);
2049 case HCI_OP_READ_INQ_RSP_TX_POWER:
2050 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2053 case HCI_OP_SET_EVENT_FLT:
2054 hci_cc_set_event_flt(hdev, skb);
2057 case HCI_OP_PIN_CODE_REPLY:
2058 hci_cc_pin_code_reply(hdev, skb);
2061 case HCI_OP_PIN_CODE_NEG_REPLY:
2062 hci_cc_pin_code_neg_reply(hdev, skb);
2065 case HCI_OP_READ_LOCAL_OOB_DATA:
2066 hci_cc_read_local_oob_data_reply(hdev, skb);
2069 case HCI_OP_LE_READ_BUFFER_SIZE:
2070 hci_cc_le_read_buffer_size(hdev, skb);
2073 case HCI_OP_USER_CONFIRM_REPLY:
2074 hci_cc_user_confirm_reply(hdev, skb);
2077 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2078 hci_cc_user_confirm_neg_reply(hdev, skb);
2081 case HCI_OP_USER_PASSKEY_REPLY:
2082 hci_cc_user_passkey_reply(hdev, skb);
2085 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2086 hci_cc_user_passkey_neg_reply(hdev, skb);
2088 case HCI_OP_LE_SET_SCAN_PARAM:
2089 hci_cc_le_set_scan_param(hdev, skb);
2092 case HCI_OP_LE_SET_SCAN_ENABLE:
2093 hci_cc_le_set_scan_enable(hdev, skb);
2096 case HCI_OP_LE_LTK_REPLY:
2097 hci_cc_le_ltk_reply(hdev, skb);
2100 case HCI_OP_LE_LTK_NEG_REPLY:
2101 hci_cc_le_ltk_neg_reply(hdev, skb);
2104 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2105 hci_cc_write_le_host_supported(hdev, skb);
2109 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2113 if (ev->opcode != HCI_OP_NOP)
2114 del_timer(&hdev->cmd_timer);
2117 atomic_set(&hdev->cmd_cnt, 1);
2118 if (!skb_queue_empty(&hdev->cmd_q))
2119 tasklet_schedule(&hdev->cmd_task);
2123 static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2125 struct hci_ev_cmd_status *ev = (void *) skb->data;
2128 skb_pull(skb, sizeof(*ev));
2130 opcode = __le16_to_cpu(ev->opcode);
2133 case HCI_OP_INQUIRY:
2134 hci_cs_inquiry(hdev, ev->status);
2137 case HCI_OP_CREATE_CONN:
2138 hci_cs_create_conn(hdev, ev->status);
2141 case HCI_OP_ADD_SCO:
2142 hci_cs_add_sco(hdev, ev->status);
2145 case HCI_OP_AUTH_REQUESTED:
2146 hci_cs_auth_requested(hdev, ev->status);
2149 case HCI_OP_SET_CONN_ENCRYPT:
2150 hci_cs_set_conn_encrypt(hdev, ev->status);
2153 case HCI_OP_REMOTE_NAME_REQ:
2154 hci_cs_remote_name_req(hdev, ev->status);
2157 case HCI_OP_READ_REMOTE_FEATURES:
2158 hci_cs_read_remote_features(hdev, ev->status);
2161 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2162 hci_cs_read_remote_ext_features(hdev, ev->status);
2165 case HCI_OP_SETUP_SYNC_CONN:
2166 hci_cs_setup_sync_conn(hdev, ev->status);
2169 case HCI_OP_SNIFF_MODE:
2170 hci_cs_sniff_mode(hdev, ev->status);
2173 case HCI_OP_EXIT_SNIFF_MODE:
2174 hci_cs_exit_sniff_mode(hdev, ev->status);
2177 case HCI_OP_DISCONNECT:
2178 if (ev->status != 0)
2179 mgmt_disconnect_failed(hdev, NULL, ev->status);
2182 case HCI_OP_LE_CREATE_CONN:
2183 hci_cs_le_create_conn(hdev, ev->status);
2186 case HCI_OP_LE_START_ENC:
2187 hci_cs_le_start_enc(hdev, ev->status);
2191 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2195 if (ev->opcode != HCI_OP_NOP)
2196 del_timer(&hdev->cmd_timer);
2198 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
2199 atomic_set(&hdev->cmd_cnt, 1);
2200 if (!skb_queue_empty(&hdev->cmd_q))
2201 tasklet_schedule(&hdev->cmd_task);
2205 static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2207 struct hci_ev_role_change *ev = (void *) skb->data;
2208 struct hci_conn *conn;
2210 BT_DBG("%s status %d", hdev->name, ev->status);
2214 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2218 conn->link_mode &= ~HCI_LM_MASTER;
2220 conn->link_mode |= HCI_LM_MASTER;
2223 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
2225 hci_role_switch_cfm(conn, ev->status, ev->role);
2228 hci_dev_unlock(hdev);
2231 static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
2233 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
2237 skb_pull(skb, sizeof(*ev));
2239 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2241 if (skb->len < ev->num_hndl * 4) {
2242 BT_DBG("%s bad parameters", hdev->name);
2246 tasklet_disable(&hdev->tx_task);
2248 for (i = 0, ptr = (__le16 *) skb->data; i < ev->num_hndl; i++) {
2249 struct hci_conn *conn;
2250 __u16 handle, count;
2252 handle = get_unaligned_le16(ptr++);
2253 count = get_unaligned_le16(ptr++);
2255 conn = hci_conn_hash_lookup_handle(hdev, handle);
2257 conn->sent -= count;
2259 if (conn->type == ACL_LINK) {
2260 hdev->acl_cnt += count;
2261 if (hdev->acl_cnt > hdev->acl_pkts)
2262 hdev->acl_cnt = hdev->acl_pkts;
2263 } else if (conn->type == LE_LINK) {
2264 if (hdev->le_pkts) {
2265 hdev->le_cnt += count;
2266 if (hdev->le_cnt > hdev->le_pkts)
2267 hdev->le_cnt = hdev->le_pkts;
2269 hdev->acl_cnt += count;
2270 if (hdev->acl_cnt > hdev->acl_pkts)
2271 hdev->acl_cnt = hdev->acl_pkts;
2274 hdev->sco_cnt += count;
2275 if (hdev->sco_cnt > hdev->sco_pkts)
2276 hdev->sco_cnt = hdev->sco_pkts;
2281 tasklet_schedule(&hdev->tx_task);
2283 tasklet_enable(&hdev->tx_task);
2286 static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2288 struct hci_ev_mode_change *ev = (void *) skb->data;
2289 struct hci_conn *conn;
2291 BT_DBG("%s status %d", hdev->name, ev->status);
2295 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2297 conn->mode = ev->mode;
2298 conn->interval = __le16_to_cpu(ev->interval);
2300 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
2301 if (conn->mode == HCI_CM_ACTIVE)
2302 conn->power_save = 1;
2304 conn->power_save = 0;
2307 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
2308 hci_sco_setup(conn, ev->status);
2311 hci_dev_unlock(hdev);
2314 static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2316 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2317 struct hci_conn *conn;
2319 BT_DBG("%s", hdev->name);
2323 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2327 if (conn->state == BT_CONNECTED) {
2328 hci_conn_hold(conn);
2329 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2333 if (!test_bit(HCI_PAIRABLE, &hdev->flags))
2334 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2335 sizeof(ev->bdaddr), &ev->bdaddr);
2336 else if (test_bit(HCI_MGMT, &hdev->flags)) {
2339 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2344 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
2348 hci_dev_unlock(hdev);
2351 static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2353 struct hci_ev_link_key_req *ev = (void *) skb->data;
2354 struct hci_cp_link_key_reply cp;
2355 struct hci_conn *conn;
2356 struct link_key *key;
2358 BT_DBG("%s", hdev->name);
2360 if (!test_bit(HCI_LINK_KEYS, &hdev->flags))
2365 key = hci_find_link_key(hdev, &ev->bdaddr);
2367 BT_DBG("%s link key not found for %s", hdev->name,
2368 batostr(&ev->bdaddr));
2372 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2373 batostr(&ev->bdaddr));
2375 if (!test_bit(HCI_DEBUG_KEYS, &hdev->flags) &&
2376 key->type == HCI_LK_DEBUG_COMBINATION) {
2377 BT_DBG("%s ignoring debug key", hdev->name);
2381 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2383 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
2384 conn->auth_type != 0xff &&
2385 (conn->auth_type & 0x01)) {
2386 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2390 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
2391 conn->pending_sec_level == BT_SECURITY_HIGH) {
2392 BT_DBG("%s ignoring key unauthenticated for high \
2393 security", hdev->name);
2397 conn->key_type = key->type;
2398 conn->pin_length = key->pin_len;
2401 bacpy(&cp.bdaddr, &ev->bdaddr);
2402 memcpy(cp.link_key, key->val, 16);
2404 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2406 hci_dev_unlock(hdev);
2411 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2412 hci_dev_unlock(hdev);
2415 static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2417 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2418 struct hci_conn *conn;
2421 BT_DBG("%s", hdev->name);
2425 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2427 hci_conn_hold(conn);
2428 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2429 pin_len = conn->pin_length;
2431 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2432 conn->key_type = ev->key_type;
2437 if (test_bit(HCI_LINK_KEYS, &hdev->flags))
2438 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
2439 ev->key_type, pin_len);
2441 hci_dev_unlock(hdev);
2444 static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2446 struct hci_ev_clock_offset *ev = (void *) skb->data;
2447 struct hci_conn *conn;
2449 BT_DBG("%s status %d", hdev->name, ev->status);
2453 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2454 if (conn && !ev->status) {
2455 struct inquiry_entry *ie;
2457 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2459 ie->data.clock_offset = ev->clock_offset;
2460 ie->timestamp = jiffies;
2464 hci_dev_unlock(hdev);
2467 static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2469 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2470 struct hci_conn *conn;
2472 BT_DBG("%s status %d", hdev->name, ev->status);
2476 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2477 if (conn && !ev->status)
2478 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2480 hci_dev_unlock(hdev);
2483 static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2485 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
2486 struct inquiry_entry *ie;
2488 BT_DBG("%s", hdev->name);
2492 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2494 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2495 ie->timestamp = jiffies;
2498 hci_dev_unlock(hdev);
2501 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2503 struct inquiry_data data;
2504 int num_rsp = *((__u8 *) skb->data);
2506 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2513 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
2514 struct inquiry_info_with_rssi_and_pscan_mode *info;
2515 info = (void *) (skb->data + 1);
2517 for (; num_rsp; num_rsp--, info++) {
2518 bacpy(&data.bdaddr, &info->bdaddr);
2519 data.pscan_rep_mode = info->pscan_rep_mode;
2520 data.pscan_period_mode = info->pscan_period_mode;
2521 data.pscan_mode = info->pscan_mode;
2522 memcpy(data.dev_class, info->dev_class, 3);
2523 data.clock_offset = info->clock_offset;
2524 data.rssi = info->rssi;
2525 data.ssp_mode = 0x00;
2526 hci_inquiry_cache_update(hdev, &data);
2527 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
2528 info->dev_class, info->rssi,
2532 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2534 for (; num_rsp; num_rsp--, info++) {
2535 bacpy(&data.bdaddr, &info->bdaddr);
2536 data.pscan_rep_mode = info->pscan_rep_mode;
2537 data.pscan_period_mode = info->pscan_period_mode;
2538 data.pscan_mode = 0x00;
2539 memcpy(data.dev_class, info->dev_class, 3);
2540 data.clock_offset = info->clock_offset;
2541 data.rssi = info->rssi;
2542 data.ssp_mode = 0x00;
2543 hci_inquiry_cache_update(hdev, &data);
2544 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
2545 info->dev_class, info->rssi,
2550 hci_dev_unlock(hdev);
2553 static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2555 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2556 struct hci_conn *conn;
2558 BT_DBG("%s", hdev->name);
2562 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2566 if (!ev->status && ev->page == 0x01) {
2567 struct inquiry_entry *ie;
2569 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2571 ie->data.ssp_mode = (ev->features[0] & 0x01);
2573 conn->ssp_mode = (ev->features[0] & 0x01);
2576 if (conn->state != BT_CONFIG)
2580 struct hci_cp_remote_name_req cp;
2581 memset(&cp, 0, sizeof(cp));
2582 bacpy(&cp.bdaddr, &conn->dst);
2583 cp.pscan_rep_mode = 0x02;
2584 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2587 if (!hci_outgoing_auth_needed(hdev, conn)) {
2588 conn->state = BT_CONNECTED;
2589 hci_proto_connect_cfm(conn, ev->status);
2594 hci_dev_unlock(hdev);
2597 static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2599 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2600 struct hci_conn *conn;
2602 BT_DBG("%s status %d", hdev->name, ev->status);
2606 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
2608 if (ev->link_type == ESCO_LINK)
2611 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2615 conn->type = SCO_LINK;
2618 switch (ev->status) {
2620 conn->handle = __le16_to_cpu(ev->handle);
2621 conn->state = BT_CONNECTED;
2623 hci_conn_hold_device(conn);
2624 hci_conn_add_sysfs(conn);
2627 case 0x11: /* Unsupported Feature or Parameter Value */
2628 case 0x1c: /* SCO interval rejected */
2629 case 0x1a: /* Unsupported Remote Feature */
2630 case 0x1f: /* Unspecified error */
2631 if (conn->out && conn->attempt < 2) {
2632 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2633 (hdev->esco_type & EDR_ESCO_MASK);
2634 hci_setup_sync(conn, conn->link->handle);
2640 conn->state = BT_CLOSED;
2644 hci_proto_connect_cfm(conn, ev->status);
2649 hci_dev_unlock(hdev);
2652 static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2654 BT_DBG("%s", hdev->name);
2657 static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2659 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
2661 BT_DBG("%s status %d", hdev->name, ev->status);
2664 static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
2666 struct inquiry_data data;
2667 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2668 int num_rsp = *((__u8 *) skb->data);
2670 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2677 for (; num_rsp; num_rsp--, info++) {
2678 bacpy(&data.bdaddr, &info->bdaddr);
2679 data.pscan_rep_mode = info->pscan_rep_mode;
2680 data.pscan_period_mode = info->pscan_period_mode;
2681 data.pscan_mode = 0x00;
2682 memcpy(data.dev_class, info->dev_class, 3);
2683 data.clock_offset = info->clock_offset;
2684 data.rssi = info->rssi;
2685 data.ssp_mode = 0x01;
2686 hci_inquiry_cache_update(hdev, &data);
2687 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
2688 info->dev_class, info->rssi, info->data);
2691 hci_dev_unlock(hdev);
2694 static inline u8 hci_get_auth_req(struct hci_conn *conn)
2696 /* If remote requests dedicated bonding follow that lead */
2697 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2698 /* If both remote and local IO capabilities allow MITM
2699 * protection then require it, otherwise don't */
2700 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2706 /* If remote requests no-bonding follow that lead */
2707 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
2708 return conn->remote_auth | (conn->auth_type & 0x01);
2710 return conn->auth_type;
2713 static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2715 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2716 struct hci_conn *conn;
2718 BT_DBG("%s", hdev->name);
2722 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2726 hci_conn_hold(conn);
2728 if (!test_bit(HCI_MGMT, &hdev->flags))
2731 if (test_bit(HCI_PAIRABLE, &hdev->flags) ||
2732 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
2733 struct hci_cp_io_capability_reply cp;
2735 bacpy(&cp.bdaddr, &ev->bdaddr);
2736 cp.capability = conn->io_capability;
2737 conn->auth_type = hci_get_auth_req(conn);
2738 cp.authentication = conn->auth_type;
2740 if ((conn->out == 0x01 || conn->remote_oob == 0x01) &&
2741 hci_find_remote_oob_data(hdev, &conn->dst))
2746 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
2749 struct hci_cp_io_capability_neg_reply cp;
2751 bacpy(&cp.bdaddr, &ev->bdaddr);
2752 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
2754 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
2759 hci_dev_unlock(hdev);
2762 static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
2764 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
2765 struct hci_conn *conn;
2767 BT_DBG("%s", hdev->name);
2771 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2775 conn->remote_cap = ev->capability;
2776 conn->remote_oob = ev->oob_data;
2777 conn->remote_auth = ev->authentication;
2780 hci_dev_unlock(hdev);
2783 static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
2784 struct sk_buff *skb)
2786 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
2787 int loc_mitm, rem_mitm, confirm_hint = 0;
2788 struct hci_conn *conn;
2790 BT_DBG("%s", hdev->name);
2794 if (!test_bit(HCI_MGMT, &hdev->flags))
2797 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2801 loc_mitm = (conn->auth_type & 0x01);
2802 rem_mitm = (conn->remote_auth & 0x01);
2804 /* If we require MITM but the remote device can't provide that
2805 * (it has NoInputNoOutput) then reject the confirmation
2806 * request. The only exception is when we're dedicated bonding
2807 * initiators (connect_cfm_cb set) since then we always have the MITM
2809 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
2810 BT_DBG("Rejecting request: remote device can't provide MITM");
2811 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
2812 sizeof(ev->bdaddr), &ev->bdaddr);
2816 /* If no side requires MITM protection; auto-accept */
2817 if ((!loc_mitm || conn->remote_cap == 0x03) &&
2818 (!rem_mitm || conn->io_capability == 0x03)) {
2820 /* If we're not the initiators request authorization to
2821 * proceed from user space (mgmt_user_confirm with
2822 * confirm_hint set to 1). */
2823 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
2824 BT_DBG("Confirming auto-accept as acceptor");
2829 BT_DBG("Auto-accept of user confirmation with %ums delay",
2830 hdev->auto_accept_delay);
2832 if (hdev->auto_accept_delay > 0) {
2833 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
2834 mod_timer(&conn->auto_accept_timer, jiffies + delay);
2838 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
2839 sizeof(ev->bdaddr), &ev->bdaddr);
2844 mgmt_user_confirm_request(hdev, &ev->bdaddr, ev->passkey,
2848 hci_dev_unlock(hdev);
2851 static inline void hci_user_passkey_request_evt(struct hci_dev *hdev,
2852 struct sk_buff *skb)
2854 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
2856 BT_DBG("%s", hdev->name);
2860 if (test_bit(HCI_MGMT, &hdev->flags))
2861 mgmt_user_passkey_request(hdev, &ev->bdaddr);
2863 hci_dev_unlock(hdev);
2866 static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2868 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
2869 struct hci_conn *conn;
2871 BT_DBG("%s", hdev->name);
2875 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2879 /* To avoid duplicate auth_failed events to user space we check
2880 * the HCI_CONN_AUTH_PEND flag which will be set if we
2881 * initiated the authentication. A traditional auth_complete
2882 * event gets always produced as initiator and is also mapped to
2883 * the mgmt_auth_failed event */
2884 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->pend) && ev->status != 0)
2885 mgmt_auth_failed(hdev, &conn->dst, ev->status);
2890 hci_dev_unlock(hdev);
2893 static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2895 struct hci_ev_remote_host_features *ev = (void *) skb->data;
2896 struct inquiry_entry *ie;
2898 BT_DBG("%s", hdev->name);
2902 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2904 ie->data.ssp_mode = (ev->features[0] & 0x01);
2906 hci_dev_unlock(hdev);
2909 static inline void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
2910 struct sk_buff *skb)
2912 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
2913 struct oob_data *data;
2915 BT_DBG("%s", hdev->name);
2919 if (!test_bit(HCI_MGMT, &hdev->flags))
2922 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
2924 struct hci_cp_remote_oob_data_reply cp;
2926 bacpy(&cp.bdaddr, &ev->bdaddr);
2927 memcpy(cp.hash, data->hash, sizeof(cp.hash));
2928 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
2930 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
2933 struct hci_cp_remote_oob_data_neg_reply cp;
2935 bacpy(&cp.bdaddr, &ev->bdaddr);
2936 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
2941 hci_dev_unlock(hdev);
2944 static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2946 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
2947 struct hci_conn *conn;
2949 BT_DBG("%s status %d", hdev->name, ev->status);
2953 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
2955 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
2957 BT_ERR("No memory for new connection");
2958 hci_dev_unlock(hdev);
2962 conn->dst_type = ev->bdaddr_type;
2966 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
2967 conn->dst_type, ev->status);
2968 hci_proto_connect_cfm(conn, ev->status);
2969 conn->state = BT_CLOSED;
2974 mgmt_connected(hdev, &ev->bdaddr, conn->type, conn->dst_type);
2976 conn->sec_level = BT_SECURITY_LOW;
2977 conn->handle = __le16_to_cpu(ev->handle);
2978 conn->state = BT_CONNECTED;
2980 hci_conn_hold_device(conn);
2981 hci_conn_add_sysfs(conn);
2983 hci_proto_connect_cfm(conn, ev->status);
2986 hci_dev_unlock(hdev);
2989 static inline void hci_le_adv_report_evt(struct hci_dev *hdev,
2990 struct sk_buff *skb)
2992 u8 num_reports = skb->data[0];
2993 void *ptr = &skb->data[1];
2997 while (num_reports--) {
2998 struct hci_ev_le_advertising_info *ev = ptr;
3000 hci_add_adv_entry(hdev, ev);
3002 ptr += sizeof(*ev) + ev->length + 1;
3005 hci_dev_unlock(hdev);
3008 static inline void hci_le_ltk_request_evt(struct hci_dev *hdev,
3009 struct sk_buff *skb)
3011 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3012 struct hci_cp_le_ltk_reply cp;
3013 struct hci_cp_le_ltk_neg_reply neg;
3014 struct hci_conn *conn;
3015 struct link_key *ltk;
3017 BT_DBG("%s handle %d", hdev->name, cpu_to_le16(ev->handle));
3021 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3025 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3029 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
3030 cp.handle = cpu_to_le16(conn->handle);
3031 conn->pin_length = ltk->pin_len;
3033 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3035 hci_dev_unlock(hdev);
3040 neg.handle = ev->handle;
3041 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3042 hci_dev_unlock(hdev);
3045 static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
3047 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3049 skb_pull(skb, sizeof(*le_ev));
3051 switch (le_ev->subevent) {
3052 case HCI_EV_LE_CONN_COMPLETE:
3053 hci_le_conn_complete_evt(hdev, skb);
3056 case HCI_EV_LE_ADVERTISING_REPORT:
3057 hci_le_adv_report_evt(hdev, skb);
3060 case HCI_EV_LE_LTK_REQ:
3061 hci_le_ltk_request_evt(hdev, skb);
3069 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3071 struct hci_event_hdr *hdr = (void *) skb->data;
3072 __u8 event = hdr->evt;
3074 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3077 case HCI_EV_INQUIRY_COMPLETE:
3078 hci_inquiry_complete_evt(hdev, skb);
3081 case HCI_EV_INQUIRY_RESULT:
3082 hci_inquiry_result_evt(hdev, skb);
3085 case HCI_EV_CONN_COMPLETE:
3086 hci_conn_complete_evt(hdev, skb);
3089 case HCI_EV_CONN_REQUEST:
3090 hci_conn_request_evt(hdev, skb);
3093 case HCI_EV_DISCONN_COMPLETE:
3094 hci_disconn_complete_evt(hdev, skb);
3097 case HCI_EV_AUTH_COMPLETE:
3098 hci_auth_complete_evt(hdev, skb);
3101 case HCI_EV_REMOTE_NAME:
3102 hci_remote_name_evt(hdev, skb);
3105 case HCI_EV_ENCRYPT_CHANGE:
3106 hci_encrypt_change_evt(hdev, skb);
3109 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3110 hci_change_link_key_complete_evt(hdev, skb);
3113 case HCI_EV_REMOTE_FEATURES:
3114 hci_remote_features_evt(hdev, skb);
3117 case HCI_EV_REMOTE_VERSION:
3118 hci_remote_version_evt(hdev, skb);
3121 case HCI_EV_QOS_SETUP_COMPLETE:
3122 hci_qos_setup_complete_evt(hdev, skb);
3125 case HCI_EV_CMD_COMPLETE:
3126 hci_cmd_complete_evt(hdev, skb);
3129 case HCI_EV_CMD_STATUS:
3130 hci_cmd_status_evt(hdev, skb);
3133 case HCI_EV_ROLE_CHANGE:
3134 hci_role_change_evt(hdev, skb);
3137 case HCI_EV_NUM_COMP_PKTS:
3138 hci_num_comp_pkts_evt(hdev, skb);
3141 case HCI_EV_MODE_CHANGE:
3142 hci_mode_change_evt(hdev, skb);
3145 case HCI_EV_PIN_CODE_REQ:
3146 hci_pin_code_request_evt(hdev, skb);
3149 case HCI_EV_LINK_KEY_REQ:
3150 hci_link_key_request_evt(hdev, skb);
3153 case HCI_EV_LINK_KEY_NOTIFY:
3154 hci_link_key_notify_evt(hdev, skb);
3157 case HCI_EV_CLOCK_OFFSET:
3158 hci_clock_offset_evt(hdev, skb);
3161 case HCI_EV_PKT_TYPE_CHANGE:
3162 hci_pkt_type_change_evt(hdev, skb);
3165 case HCI_EV_PSCAN_REP_MODE:
3166 hci_pscan_rep_mode_evt(hdev, skb);
3169 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3170 hci_inquiry_result_with_rssi_evt(hdev, skb);
3173 case HCI_EV_REMOTE_EXT_FEATURES:
3174 hci_remote_ext_features_evt(hdev, skb);
3177 case HCI_EV_SYNC_CONN_COMPLETE:
3178 hci_sync_conn_complete_evt(hdev, skb);
3181 case HCI_EV_SYNC_CONN_CHANGED:
3182 hci_sync_conn_changed_evt(hdev, skb);
3185 case HCI_EV_SNIFF_SUBRATE:
3186 hci_sniff_subrate_evt(hdev, skb);
3189 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3190 hci_extended_inquiry_result_evt(hdev, skb);
3193 case HCI_EV_IO_CAPA_REQUEST:
3194 hci_io_capa_request_evt(hdev, skb);
3197 case HCI_EV_IO_CAPA_REPLY:
3198 hci_io_capa_reply_evt(hdev, skb);
3201 case HCI_EV_USER_CONFIRM_REQUEST:
3202 hci_user_confirm_request_evt(hdev, skb);
3205 case HCI_EV_USER_PASSKEY_REQUEST:
3206 hci_user_passkey_request_evt(hdev, skb);
3209 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3210 hci_simple_pair_complete_evt(hdev, skb);
3213 case HCI_EV_REMOTE_HOST_FEATURES:
3214 hci_remote_host_features_evt(hdev, skb);
3217 case HCI_EV_LE_META:
3218 hci_le_meta_evt(hdev, skb);
3221 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3222 hci_remote_oob_data_request_evt(hdev, skb);
3226 BT_DBG("%s event 0x%x", hdev->name, event);
3231 hdev->stat.evt_rx++;
3234 /* Generate internal stack event */
3235 void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
3237 struct hci_event_hdr *hdr;
3238 struct hci_ev_stack_internal *ev;
3239 struct sk_buff *skb;
3241 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
3245 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
3246 hdr->evt = HCI_EV_STACK_INTERNAL;
3247 hdr->plen = sizeof(*ev) + dlen;
3249 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
3251 memcpy(ev->data, data, dlen);
3253 bt_cb(skb)->incoming = 1;
3254 __net_timestamp(skb);
3256 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
3257 skb->dev = (void *) hdev;
3258 hci_send_to_sock(hdev, skb, NULL);
3262 module_param(enable_le, bool, 0644);
3263 MODULE_PARM_DESC(enable_le, "Enable LE support");
projects / linux-flexiantxendom0-3.2.10.git / blob