2
BlueZ - Bluetooth protocol stack for Linux
3
Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
5
Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7
This program is free software; you can redistribute it and/or modify
8
it under the terms of the GNU General Public License version 2 as
9
published by the Free Software Foundation;
11
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12
OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14
IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15
CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20
ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21
COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22
SOFTWARE IS DISCLAIMED.
25
/* Bluetooth HCI event handling. */
27
#include <linux/module.h>
29
#include <linux/types.h>
30
#include <linux/errno.h>
31
#include <linux/kernel.h>
32
#include <linux/slab.h>
33
#include <linux/poll.h>
34
#include <linux/fcntl.h>
35
#include <linux/init.h>
36
#include <linux/skbuff.h>
37
#include <linux/interrupt.h>
38
#include <linux/notifier.h>
41
#include <asm/system.h>
42
#include <linux/uaccess.h>
43
#include <asm/unaligned.h>
45
#include <net/bluetooth/bluetooth.h>
46
#include <net/bluetooth/hci_core.h>
48
/* Handle HCI Event packets */
50
static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
52
__u8 status = *((__u8 *) skb->data);
54
BT_DBG("%s status 0x%x", hdev->name, status);
59
clear_bit(HCI_INQUIRY, &hdev->flags);
61
hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
63
hci_conn_check_pending(hdev);
66
static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
68
__u8 status = *((__u8 *) skb->data);
70
BT_DBG("%s status 0x%x", hdev->name, status);
75
clear_bit(HCI_INQUIRY, &hdev->flags);
77
hci_conn_check_pending(hdev);
80
static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
82
BT_DBG("%s", hdev->name);
85
static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
87
struct hci_rp_role_discovery *rp = (void *) skb->data;
88
struct hci_conn *conn;
90
BT_DBG("%s status 0x%x", hdev->name, rp->status);
97
conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
100
conn->link_mode &= ~HCI_LM_MASTER;
102
conn->link_mode |= HCI_LM_MASTER;
105
hci_dev_unlock(hdev);
108
static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
110
struct hci_rp_read_link_policy *rp = (void *) skb->data;
111
struct hci_conn *conn;
113
BT_DBG("%s status 0x%x", hdev->name, rp->status);
120
conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
122
conn->link_policy = __le16_to_cpu(rp->policy);
124
hci_dev_unlock(hdev);
127
static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
129
struct hci_rp_write_link_policy *rp = (void *) skb->data;
130
struct hci_conn *conn;
133
BT_DBG("%s status 0x%x", hdev->name, rp->status);
138
sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
144
conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
146
conn->link_policy = get_unaligned_le16(sent + 2);
148
hci_dev_unlock(hdev);
151
static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
153
struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
155
BT_DBG("%s status 0x%x", hdev->name, rp->status);
160
hdev->link_policy = __le16_to_cpu(rp->policy);
163
static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
165
__u8 status = *((__u8 *) skb->data);
168
BT_DBG("%s status 0x%x", hdev->name, status);
170
sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
175
hdev->link_policy = get_unaligned_le16(sent);
177
hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
180
static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
182
__u8 status = *((__u8 *) skb->data);
184
BT_DBG("%s status 0x%x", hdev->name, status);
186
clear_bit(HCI_RESET, &hdev->flags);
188
hci_req_complete(hdev, HCI_OP_RESET, status);
191
static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
193
__u8 status = *((__u8 *) skb->data);
196
BT_DBG("%s status 0x%x", hdev->name, status);
201
sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
205
memcpy(hdev->dev_name, sent, 248);
208
static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
210
struct hci_rp_read_local_name *rp = (void *) skb->data;
212
BT_DBG("%s status 0x%x", hdev->name, rp->status);
217
memcpy(hdev->dev_name, rp->name, 248);
220
static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
222
__u8 status = *((__u8 *) skb->data);
225
BT_DBG("%s status 0x%x", hdev->name, status);
227
sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
232
__u8 param = *((__u8 *) sent);
234
if (param == AUTH_ENABLED)
235
set_bit(HCI_AUTH, &hdev->flags);
237
clear_bit(HCI_AUTH, &hdev->flags);
240
hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
243
static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
245
__u8 status = *((__u8 *) skb->data);
248
BT_DBG("%s status 0x%x", hdev->name, status);
250
sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
255
__u8 param = *((__u8 *) sent);
258
set_bit(HCI_ENCRYPT, &hdev->flags);
260
clear_bit(HCI_ENCRYPT, &hdev->flags);
263
hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
266
static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
268
__u8 status = *((__u8 *) skb->data);
271
BT_DBG("%s status 0x%x", hdev->name, status);
273
sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
278
__u8 param = *((__u8 *) sent);
279
int old_pscan, old_iscan;
281
old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
282
old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
284
if (param & SCAN_INQUIRY) {
285
set_bit(HCI_ISCAN, &hdev->flags);
287
mgmt_discoverable(hdev->id, 1);
288
} else if (old_iscan)
289
mgmt_discoverable(hdev->id, 0);
291
if (param & SCAN_PAGE) {
292
set_bit(HCI_PSCAN, &hdev->flags);
294
mgmt_connectable(hdev->id, 1);
295
} else if (old_pscan)
296
mgmt_connectable(hdev->id, 0);
299
hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
302
static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
304
struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
306
BT_DBG("%s status 0x%x", hdev->name, rp->status);
311
memcpy(hdev->dev_class, rp->dev_class, 3);
313
BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
314
hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
317
static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
319
__u8 status = *((__u8 *) skb->data);
322
BT_DBG("%s status 0x%x", hdev->name, status);
327
sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
331
memcpy(hdev->dev_class, sent, 3);
334
static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
336
struct hci_rp_read_voice_setting *rp = (void *) skb->data;
339
BT_DBG("%s status 0x%x", hdev->name, rp->status);
344
setting = __le16_to_cpu(rp->voice_setting);
346
if (hdev->voice_setting == setting)
349
hdev->voice_setting = setting;
351
BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
354
tasklet_disable(&hdev->tx_task);
355
hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
356
tasklet_enable(&hdev->tx_task);
360
static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
362
__u8 status = *((__u8 *) skb->data);
366
BT_DBG("%s status 0x%x", hdev->name, status);
371
sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
375
setting = get_unaligned_le16(sent);
377
if (hdev->voice_setting == setting)
380
hdev->voice_setting = setting;
382
BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
385
tasklet_disable(&hdev->tx_task);
386
hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
387
tasklet_enable(&hdev->tx_task);
391
static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
393
__u8 status = *((__u8 *) skb->data);
395
BT_DBG("%s status 0x%x", hdev->name, status);
397
hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
400
static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
402
struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
404
BT_DBG("%s status 0x%x", hdev->name, rp->status);
409
hdev->ssp_mode = rp->mode;
412
static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
414
__u8 status = *((__u8 *) skb->data);
417
BT_DBG("%s status 0x%x", hdev->name, status);
422
sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
426
hdev->ssp_mode = *((__u8 *) sent);
429
static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
431
if (hdev->features[6] & LMP_EXT_INQ)
434
if (hdev->features[3] & LMP_RSSI_INQ)
437
if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
438
hdev->lmp_subver == 0x0757)
441
if (hdev->manufacturer == 15) {
442
if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
444
if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
446
if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
450
if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
451
hdev->lmp_subver == 0x1805)
457
static void hci_setup_inquiry_mode(struct hci_dev *hdev)
461
mode = hci_get_inquiry_mode(hdev);
463
hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
466
static void hci_setup_event_mask(struct hci_dev *hdev)
468
/* The second byte is 0xff instead of 0x9f (two reserved bits
469
* disabled) since a Broadcom 1.2 dongle doesn't respond to the
470
* command otherwise */
471
u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
473
/* Events for 1.2 and newer controllers */
474
if (hdev->lmp_ver > 1) {
475
events[4] |= 0x01; /* Flow Specification Complete */
476
events[4] |= 0x02; /* Inquiry Result with RSSI */
477
events[4] |= 0x04; /* Read Remote Extended Features Complete */
478
events[5] |= 0x08; /* Synchronous Connection Complete */
479
events[5] |= 0x10; /* Synchronous Connection Changed */
482
if (hdev->features[3] & LMP_RSSI_INQ)
483
events[4] |= 0x04; /* Inquiry Result with RSSI */
485
if (hdev->features[5] & LMP_SNIFF_SUBR)
486
events[5] |= 0x20; /* Sniff Subrating */
488
if (hdev->features[5] & LMP_PAUSE_ENC)
489
events[5] |= 0x80; /* Encryption Key Refresh Complete */
491
if (hdev->features[6] & LMP_EXT_INQ)
492
events[5] |= 0x40; /* Extended Inquiry Result */
494
if (hdev->features[6] & LMP_NO_FLUSH)
495
events[7] |= 0x01; /* Enhanced Flush Complete */
497
if (hdev->features[7] & LMP_LSTO)
498
events[6] |= 0x80; /* Link Supervision Timeout Changed */
500
if (hdev->features[6] & LMP_SIMPLE_PAIR) {
501
events[6] |= 0x01; /* IO Capability Request */
502
events[6] |= 0x02; /* IO Capability Response */
503
events[6] |= 0x04; /* User Confirmation Request */
504
events[6] |= 0x08; /* User Passkey Request */
505
events[6] |= 0x10; /* Remote OOB Data Request */
506
events[6] |= 0x20; /* Simple Pairing Complete */
507
events[7] |= 0x04; /* User Passkey Notification */
508
events[7] |= 0x08; /* Keypress Notification */
509
events[7] |= 0x10; /* Remote Host Supported
510
* Features Notification */
513
if (hdev->features[4] & LMP_LE)
514
events[7] |= 0x20; /* LE Meta-Event */
516
hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
519
static void hci_setup(struct hci_dev *hdev)
521
hci_setup_event_mask(hdev);
523
if (hdev->lmp_ver > 1)
524
hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
526
if (hdev->features[6] & LMP_SIMPLE_PAIR) {
528
hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
531
if (hdev->features[3] & LMP_RSSI_INQ)
532
hci_setup_inquiry_mode(hdev);
534
if (hdev->features[7] & LMP_INQ_TX_PWR)
535
hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
538
static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
540
struct hci_rp_read_local_version *rp = (void *) skb->data;
542
BT_DBG("%s status 0x%x", hdev->name, rp->status);
547
hdev->hci_ver = rp->hci_ver;
548
hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
549
hdev->lmp_ver = rp->lmp_ver;
550
hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
551
hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
553
BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
555
hdev->hci_ver, hdev->hci_rev);
557
if (test_bit(HCI_INIT, &hdev->flags))
561
static void hci_setup_link_policy(struct hci_dev *hdev)
565
if (hdev->features[0] & LMP_RSWITCH)
566
link_policy |= HCI_LP_RSWITCH;
567
if (hdev->features[0] & LMP_HOLD)
568
link_policy |= HCI_LP_HOLD;
569
if (hdev->features[0] & LMP_SNIFF)
570
link_policy |= HCI_LP_SNIFF;
571
if (hdev->features[1] & LMP_PARK)
572
link_policy |= HCI_LP_PARK;
574
link_policy = cpu_to_le16(link_policy);
575
hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
576
sizeof(link_policy), &link_policy);
579
static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
581
struct hci_rp_read_local_commands *rp = (void *) skb->data;
583
BT_DBG("%s status 0x%x", hdev->name, rp->status);
588
memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
590
if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
591
hci_setup_link_policy(hdev);
594
hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
597
static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
599
struct hci_rp_read_local_features *rp = (void *) skb->data;
601
BT_DBG("%s status 0x%x", hdev->name, rp->status);
606
memcpy(hdev->features, rp->features, 8);
608
/* Adjust default settings according to features
609
* supported by device. */
611
if (hdev->features[0] & LMP_3SLOT)
612
hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
614
if (hdev->features[0] & LMP_5SLOT)
615
hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
617
if (hdev->features[1] & LMP_HV2) {
618
hdev->pkt_type |= (HCI_HV2);
619
hdev->esco_type |= (ESCO_HV2);
622
if (hdev->features[1] & LMP_HV3) {
623
hdev->pkt_type |= (HCI_HV3);
624
hdev->esco_type |= (ESCO_HV3);
627
if (hdev->features[3] & LMP_ESCO)
628
hdev->esco_type |= (ESCO_EV3);
630
if (hdev->features[4] & LMP_EV4)
631
hdev->esco_type |= (ESCO_EV4);
633
if (hdev->features[4] & LMP_EV5)
634
hdev->esco_type |= (ESCO_EV5);
636
if (hdev->features[5] & LMP_EDR_ESCO_2M)
637
hdev->esco_type |= (ESCO_2EV3);
639
if (hdev->features[5] & LMP_EDR_ESCO_3M)
640
hdev->esco_type |= (ESCO_3EV3);
642
if (hdev->features[5] & LMP_EDR_3S_ESCO)
643
hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
645
BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
646
hdev->features[0], hdev->features[1],
647
hdev->features[2], hdev->features[3],
648
hdev->features[4], hdev->features[5],
649
hdev->features[6], hdev->features[7]);
652
static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
654
struct hci_rp_read_buffer_size *rp = (void *) skb->data;
656
BT_DBG("%s status 0x%x", hdev->name, rp->status);
661
hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
662
hdev->sco_mtu = rp->sco_mtu;
663
hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
664
hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
666
if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
671
hdev->acl_cnt = hdev->acl_pkts;
672
hdev->sco_cnt = hdev->sco_pkts;
674
BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
675
hdev->acl_mtu, hdev->acl_pkts,
676
hdev->sco_mtu, hdev->sco_pkts);
679
static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
681
struct hci_rp_read_bd_addr *rp = (void *) skb->data;
683
BT_DBG("%s status 0x%x", hdev->name, rp->status);
686
bacpy(&hdev->bdaddr, &rp->bdaddr);
688
hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
691
static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
693
__u8 status = *((__u8 *) skb->data);
695
BT_DBG("%s status 0x%x", hdev->name, status);
697
hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
700
static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
703
__u8 status = *((__u8 *) skb->data);
705
BT_DBG("%s status 0x%x", hdev->name, status);
707
hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
710
static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
712
__u8 status = *((__u8 *) skb->data);
714
BT_DBG("%s status 0x%x", hdev->name, status);
716
hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
719
static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
722
__u8 status = *((__u8 *) skb->data);
724
BT_DBG("%s status 0x%x", hdev->name, status);
726
hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
729
static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
732
__u8 status = *((__u8 *) skb->data);
734
BT_DBG("%s status 0x%x", hdev->name, status);
736
hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
739
static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
741
__u8 status = *((__u8 *) skb->data);
743
BT_DBG("%s status 0x%x", hdev->name, status);
745
hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
748
static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
750
struct hci_rp_pin_code_reply *rp = (void *) skb->data;
751
struct hci_cp_pin_code_reply *cp;
752
struct hci_conn *conn;
754
BT_DBG("%s status 0x%x", hdev->name, rp->status);
756
if (test_bit(HCI_MGMT, &hdev->flags))
757
mgmt_pin_code_reply_complete(hdev->id, &rp->bdaddr, rp->status);
762
cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
766
conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
768
conn->pin_length = cp->pin_len;
771
static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
773
struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
775
BT_DBG("%s status 0x%x", hdev->name, rp->status);
777
if (test_bit(HCI_MGMT, &hdev->flags))
778
mgmt_pin_code_neg_reply_complete(hdev->id, &rp->bdaddr,
781
static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
784
struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
786
BT_DBG("%s status 0x%x", hdev->name, rp->status);
791
hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
792
hdev->le_pkts = rp->le_max_pkt;
794
hdev->le_cnt = hdev->le_pkts;
796
BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
798
hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
801
static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
803
struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
805
BT_DBG("%s status 0x%x", hdev->name, rp->status);
807
if (test_bit(HCI_MGMT, &hdev->flags))
808
mgmt_user_confirm_reply_complete(hdev->id, &rp->bdaddr,
812
static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
815
struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
817
BT_DBG("%s status 0x%x", hdev->name, rp->status);
819
if (test_bit(HCI_MGMT, &hdev->flags))
820
mgmt_user_confirm_neg_reply_complete(hdev->id, &rp->bdaddr,
824
static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
826
BT_DBG("%s status 0x%x", hdev->name, status);
829
hci_req_complete(hdev, HCI_OP_INQUIRY, status);
831
hci_conn_check_pending(hdev);
833
set_bit(HCI_INQUIRY, &hdev->flags);
836
static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
838
struct hci_cp_create_conn *cp;
839
struct hci_conn *conn;
841
BT_DBG("%s status 0x%x", hdev->name, status);
843
cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
849
conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
851
BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
854
if (conn && conn->state == BT_CONNECT) {
855
if (status != 0x0c || conn->attempt > 2) {
856
conn->state = BT_CLOSED;
857
hci_proto_connect_cfm(conn, status);
860
conn->state = BT_CONNECT2;
864
conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
867
conn->link_mode |= HCI_LM_MASTER;
869
BT_ERR("No memory for new connection");
873
hci_dev_unlock(hdev);
876
static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
878
struct hci_cp_add_sco *cp;
879
struct hci_conn *acl, *sco;
882
BT_DBG("%s status 0x%x", hdev->name, status);
887
cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
891
handle = __le16_to_cpu(cp->handle);
893
BT_DBG("%s handle %d", hdev->name, handle);
897
acl = hci_conn_hash_lookup_handle(hdev, handle);
901
sco->state = BT_CLOSED;
903
hci_proto_connect_cfm(sco, status);
908
hci_dev_unlock(hdev);
911
static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
913
struct hci_cp_auth_requested *cp;
914
struct hci_conn *conn;
916
BT_DBG("%s status 0x%x", hdev->name, status);
921
cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
927
conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
929
if (conn->state == BT_CONFIG) {
930
hci_proto_connect_cfm(conn, status);
935
hci_dev_unlock(hdev);
938
static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
940
struct hci_cp_set_conn_encrypt *cp;
941
struct hci_conn *conn;
943
BT_DBG("%s status 0x%x", hdev->name, status);
948
cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
954
conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
956
if (conn->state == BT_CONFIG) {
957
hci_proto_connect_cfm(conn, status);
962
hci_dev_unlock(hdev);
965
static int hci_outgoing_auth_needed(struct hci_dev *hdev,
966
struct hci_conn *conn)
968
if (conn->state != BT_CONFIG || !conn->out)
971
if (conn->pending_sec_level == BT_SECURITY_SDP)
974
/* Only request authentication for SSP connections or non-SSP
975
* devices with sec_level HIGH */
976
if (!(hdev->ssp_mode > 0 && conn->ssp_mode > 0) &&
977
conn->pending_sec_level != BT_SECURITY_HIGH)
983
static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
985
struct hci_cp_remote_name_req *cp;
986
struct hci_conn *conn;
988
BT_DBG("%s status 0x%x", hdev->name, status);
990
/* If successful wait for the name req complete event before
991
* checking for the need to do authentication */
995
cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1001
conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1002
if (conn && hci_outgoing_auth_needed(hdev, conn)) {
1003
struct hci_cp_auth_requested cp;
1004
cp.handle = __cpu_to_le16(conn->handle);
1005
hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1008
hci_dev_unlock(hdev);
1011
static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1013
struct hci_cp_read_remote_features *cp;
1014
struct hci_conn *conn;
1016
BT_DBG("%s status 0x%x", hdev->name, status);
1021
cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1027
conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1029
if (conn->state == BT_CONFIG) {
1030
hci_proto_connect_cfm(conn, status);
1035
hci_dev_unlock(hdev);
1038
static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1040
struct hci_cp_read_remote_ext_features *cp;
1041
struct hci_conn *conn;
1043
BT_DBG("%s status 0x%x", hdev->name, status);
1048
cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1054
conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1056
if (conn->state == BT_CONFIG) {
1057
hci_proto_connect_cfm(conn, status);
1062
hci_dev_unlock(hdev);
1065
static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1067
struct hci_cp_setup_sync_conn *cp;
1068
struct hci_conn *acl, *sco;
1071
BT_DBG("%s status 0x%x", hdev->name, status);
1076
cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1080
handle = __le16_to_cpu(cp->handle);
1082
BT_DBG("%s handle %d", hdev->name, handle);
1086
acl = hci_conn_hash_lookup_handle(hdev, handle);
1090
sco->state = BT_CLOSED;
1092
hci_proto_connect_cfm(sco, status);
1097
hci_dev_unlock(hdev);
1100
static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1102
struct hci_cp_sniff_mode *cp;
1103
struct hci_conn *conn;
1105
BT_DBG("%s status 0x%x", hdev->name, status);
1110
cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1116
conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1118
clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1120
if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1121
hci_sco_setup(conn, status);
1124
hci_dev_unlock(hdev);
1127
static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1129
struct hci_cp_exit_sniff_mode *cp;
1130
struct hci_conn *conn;
1132
BT_DBG("%s status 0x%x", hdev->name, status);
1137
cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1143
conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1145
clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1147
if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1148
hci_sco_setup(conn, status);
1151
hci_dev_unlock(hdev);
1154
static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1156
struct hci_cp_le_create_conn *cp;
1157
struct hci_conn *conn;
1159
BT_DBG("%s status 0x%x", hdev->name, status);
1161
cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1167
conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1169
BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1173
if (conn && conn->state == BT_CONNECT) {
1174
conn->state = BT_CLOSED;
1175
hci_proto_connect_cfm(conn, status);
1180
conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
1184
BT_ERR("No memory for new connection");
1188
hci_dev_unlock(hdev);
1191
static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1193
__u8 status = *((__u8 *) skb->data);
1195
BT_DBG("%s status %d", hdev->name, status);
1197
clear_bit(HCI_INQUIRY, &hdev->flags);
1199
hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1201
hci_conn_check_pending(hdev);
1204
static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1206
struct inquiry_data data;
1207
struct inquiry_info *info = (void *) (skb->data + 1);
1208
int num_rsp = *((__u8 *) skb->data);
1210
BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1217
for (; num_rsp; num_rsp--) {
1218
bacpy(&data.bdaddr, &info->bdaddr);
1219
data.pscan_rep_mode = info->pscan_rep_mode;
1220
data.pscan_period_mode = info->pscan_period_mode;
1221
data.pscan_mode = info->pscan_mode;
1222
memcpy(data.dev_class, info->dev_class, 3);
1223
data.clock_offset = info->clock_offset;
1225
data.ssp_mode = 0x00;
1227
hci_inquiry_cache_update(hdev, &data);
1230
hci_dev_unlock(hdev);
1233
static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1235
struct hci_ev_conn_complete *ev = (void *) skb->data;
1236
struct hci_conn *conn;
1238
BT_DBG("%s", hdev->name);
1242
conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1244
if (ev->link_type != SCO_LINK)
1247
conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1251
conn->type = SCO_LINK;
1255
conn->handle = __le16_to_cpu(ev->handle);
1257
if (conn->type == ACL_LINK) {
1258
conn->state = BT_CONFIG;
1259
hci_conn_hold(conn);
1260
conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1261
mgmt_connected(hdev->id, &ev->bdaddr);
1263
conn->state = BT_CONNECTED;
1265
hci_conn_hold_device(conn);
1266
hci_conn_add_sysfs(conn);
1268
if (test_bit(HCI_AUTH, &hdev->flags))
1269
conn->link_mode |= HCI_LM_AUTH;
1271
if (test_bit(HCI_ENCRYPT, &hdev->flags))
1272
conn->link_mode |= HCI_LM_ENCRYPT;
1274
/* Get remote features */
1275
if (conn->type == ACL_LINK) {
1276
struct hci_cp_read_remote_features cp;
1277
cp.handle = ev->handle;
1278
hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1282
/* Set packet type for incoming connection */
1283
if (!conn->out && hdev->hci_ver < 3) {
1284
struct hci_cp_change_conn_ptype cp;
1285
cp.handle = ev->handle;
1286
cp.pkt_type = cpu_to_le16(conn->pkt_type);
1287
hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1291
conn->state = BT_CLOSED;
1292
if (conn->type == ACL_LINK)
1293
mgmt_connect_failed(hdev->id, &ev->bdaddr, ev->status);
1296
if (conn->type == ACL_LINK)
1297
hci_sco_setup(conn, ev->status);
1300
hci_proto_connect_cfm(conn, ev->status);
1302
} else if (ev->link_type != ACL_LINK)
1303
hci_proto_connect_cfm(conn, ev->status);
1306
hci_dev_unlock(hdev);
1308
hci_conn_check_pending(hdev);
1311
static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1313
struct hci_ev_conn_request *ev = (void *) skb->data;
1314
int mask = hdev->link_mode;
1316
BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1317
batostr(&ev->bdaddr), ev->link_type);
1319
mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1321
if ((mask & HCI_LM_ACCEPT) &&
1322
!hci_blacklist_lookup(hdev, &ev->bdaddr)) {
1323
/* Connection accepted */
1324
struct inquiry_entry *ie;
1325
struct hci_conn *conn;
1329
ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1331
memcpy(ie->data.dev_class, ev->dev_class, 3);
1333
conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1335
conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1337
BT_ERR("No memory for new connection");
1338
hci_dev_unlock(hdev);
1343
memcpy(conn->dev_class, ev->dev_class, 3);
1344
conn->state = BT_CONNECT;
1346
hci_dev_unlock(hdev);
1348
if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1349
struct hci_cp_accept_conn_req cp;
1351
bacpy(&cp.bdaddr, &ev->bdaddr);
1353
if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1354
cp.role = 0x00; /* Become master */
1356
cp.role = 0x01; /* Remain slave */
1358
hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1361
struct hci_cp_accept_sync_conn_req cp;
1363
bacpy(&cp.bdaddr, &ev->bdaddr);
1364
cp.pkt_type = cpu_to_le16(conn->pkt_type);
1366
cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1367
cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1368
cp.max_latency = cpu_to_le16(0xffff);
1369
cp.content_format = cpu_to_le16(hdev->voice_setting);
1370
cp.retrans_effort = 0xff;
1372
hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1376
/* Connection rejected */
1377
struct hci_cp_reject_conn_req cp;
1379
bacpy(&cp.bdaddr, &ev->bdaddr);
1381
hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1385
static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1387
struct hci_ev_disconn_complete *ev = (void *) skb->data;
1388
struct hci_conn *conn;
1390
BT_DBG("%s status %d", hdev->name, ev->status);
1393
mgmt_disconnect_failed(hdev->id);
1399
conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1403
conn->state = BT_CLOSED;
1405
if (conn->type == ACL_LINK)
1406
mgmt_disconnected(hdev->id, &conn->dst);
1408
hci_proto_disconn_cfm(conn, ev->reason);
1412
hci_dev_unlock(hdev);
1415
static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1417
struct hci_ev_auth_complete *ev = (void *) skb->data;
1418
struct hci_conn *conn;
1420
BT_DBG("%s status %d", hdev->name, ev->status);
1424
conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1427
conn->link_mode |= HCI_LM_AUTH;
1428
conn->sec_level = conn->pending_sec_level;
1430
mgmt_auth_failed(hdev->id, &conn->dst, ev->status);
1431
conn->sec_level = BT_SECURITY_LOW;
1434
clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1436
if (conn->state == BT_CONFIG) {
1437
if (!ev->status && hdev->ssp_mode > 0 &&
1438
conn->ssp_mode > 0) {
1439
struct hci_cp_set_conn_encrypt cp;
1440
cp.handle = ev->handle;
1442
hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1445
conn->state = BT_CONNECTED;
1446
hci_proto_connect_cfm(conn, ev->status);
1450
hci_auth_cfm(conn, ev->status);
1452
hci_conn_hold(conn);
1453
conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1457
if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
1459
struct hci_cp_set_conn_encrypt cp;
1460
cp.handle = ev->handle;
1462
hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1465
clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1466
hci_encrypt_cfm(conn, ev->status, 0x00);
1471
hci_dev_unlock(hdev);
1474
static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1476
struct hci_ev_remote_name *ev = (void *) skb->data;
1477
struct hci_conn *conn;
1479
BT_DBG("%s", hdev->name);
1481
hci_conn_check_pending(hdev);
1485
conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1486
if (conn && hci_outgoing_auth_needed(hdev, conn)) {
1487
struct hci_cp_auth_requested cp;
1488
cp.handle = __cpu_to_le16(conn->handle);
1489
hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1492
hci_dev_unlock(hdev);
1495
static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1497
struct hci_ev_encrypt_change *ev = (void *) skb->data;
1498
struct hci_conn *conn;
1500
BT_DBG("%s status %d", hdev->name, ev->status);
1504
conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1508
/* Encryption implies authentication */
1509
conn->link_mode |= HCI_LM_AUTH;
1510
conn->link_mode |= HCI_LM_ENCRYPT;
1512
conn->link_mode &= ~HCI_LM_ENCRYPT;
1515
clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1517
if (conn->state == BT_CONFIG) {
1519
conn->state = BT_CONNECTED;
1521
hci_proto_connect_cfm(conn, ev->status);
1524
hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1527
hci_dev_unlock(hdev);
1530
static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1532
struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
1533
struct hci_conn *conn;
1535
BT_DBG("%s status %d", hdev->name, ev->status);
1539
conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1542
conn->link_mode |= HCI_LM_SECURE;
1544
clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1546
hci_key_change_cfm(conn, ev->status);
1549
hci_dev_unlock(hdev);
1552
static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1554
struct hci_ev_remote_features *ev = (void *) skb->data;
1555
struct hci_conn *conn;
1557
BT_DBG("%s status %d", hdev->name, ev->status);
1561
conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1566
memcpy(conn->features, ev->features, 8);
1568
if (conn->state != BT_CONFIG)
1571
if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
1572
struct hci_cp_read_remote_ext_features cp;
1573
cp.handle = ev->handle;
1575
hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
1581
struct hci_cp_remote_name_req cp;
1582
memset(&cp, 0, sizeof(cp));
1583
bacpy(&cp.bdaddr, &conn->dst);
1584
cp.pscan_rep_mode = 0x02;
1585
hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1588
if (!hci_outgoing_auth_needed(hdev, conn)) {
1589
conn->state = BT_CONNECTED;
1590
hci_proto_connect_cfm(conn, ev->status);
1595
hci_dev_unlock(hdev);
1598
static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1600
BT_DBG("%s", hdev->name);
1603
static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1605
BT_DBG("%s", hdev->name);
1608
static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1610
struct hci_ev_cmd_complete *ev = (void *) skb->data;
1613
skb_pull(skb, sizeof(*ev));
1615
opcode = __le16_to_cpu(ev->opcode);
1618
case HCI_OP_INQUIRY_CANCEL:
1619
hci_cc_inquiry_cancel(hdev, skb);
1622
case HCI_OP_EXIT_PERIODIC_INQ:
1623
hci_cc_exit_periodic_inq(hdev, skb);
1626
case HCI_OP_REMOTE_NAME_REQ_CANCEL:
1627
hci_cc_remote_name_req_cancel(hdev, skb);
1630
case HCI_OP_ROLE_DISCOVERY:
1631
hci_cc_role_discovery(hdev, skb);
1634
case HCI_OP_READ_LINK_POLICY:
1635
hci_cc_read_link_policy(hdev, skb);
1638
case HCI_OP_WRITE_LINK_POLICY:
1639
hci_cc_write_link_policy(hdev, skb);
1642
case HCI_OP_READ_DEF_LINK_POLICY:
1643
hci_cc_read_def_link_policy(hdev, skb);
1646
case HCI_OP_WRITE_DEF_LINK_POLICY:
1647
hci_cc_write_def_link_policy(hdev, skb);
1651
hci_cc_reset(hdev, skb);
1654
case HCI_OP_WRITE_LOCAL_NAME:
1655
hci_cc_write_local_name(hdev, skb);
1658
case HCI_OP_READ_LOCAL_NAME:
1659
hci_cc_read_local_name(hdev, skb);
1662
case HCI_OP_WRITE_AUTH_ENABLE:
1663
hci_cc_write_auth_enable(hdev, skb);
1666
case HCI_OP_WRITE_ENCRYPT_MODE:
1667
hci_cc_write_encrypt_mode(hdev, skb);
1670
case HCI_OP_WRITE_SCAN_ENABLE:
1671
hci_cc_write_scan_enable(hdev, skb);
1674
case HCI_OP_READ_CLASS_OF_DEV:
1675
hci_cc_read_class_of_dev(hdev, skb);
1678
case HCI_OP_WRITE_CLASS_OF_DEV:
1679
hci_cc_write_class_of_dev(hdev, skb);
1682
case HCI_OP_READ_VOICE_SETTING:
1683
hci_cc_read_voice_setting(hdev, skb);
1686
case HCI_OP_WRITE_VOICE_SETTING:
1687
hci_cc_write_voice_setting(hdev, skb);
1690
case HCI_OP_HOST_BUFFER_SIZE:
1691
hci_cc_host_buffer_size(hdev, skb);
1694
case HCI_OP_READ_SSP_MODE:
1695
hci_cc_read_ssp_mode(hdev, skb);
1698
case HCI_OP_WRITE_SSP_MODE:
1699
hci_cc_write_ssp_mode(hdev, skb);
1702
case HCI_OP_READ_LOCAL_VERSION:
1703
hci_cc_read_local_version(hdev, skb);
1706
case HCI_OP_READ_LOCAL_COMMANDS:
1707
hci_cc_read_local_commands(hdev, skb);
1710
case HCI_OP_READ_LOCAL_FEATURES:
1711
hci_cc_read_local_features(hdev, skb);
1714
case HCI_OP_READ_BUFFER_SIZE:
1715
hci_cc_read_buffer_size(hdev, skb);
1718
case HCI_OP_READ_BD_ADDR:
1719
hci_cc_read_bd_addr(hdev, skb);
1722
case HCI_OP_WRITE_CA_TIMEOUT:
1723
hci_cc_write_ca_timeout(hdev, skb);
1726
case HCI_OP_DELETE_STORED_LINK_KEY:
1727
hci_cc_delete_stored_link_key(hdev, skb);
1730
case HCI_OP_SET_EVENT_MASK:
1731
hci_cc_set_event_mask(hdev, skb);
1734
case HCI_OP_WRITE_INQUIRY_MODE:
1735
hci_cc_write_inquiry_mode(hdev, skb);
1738
case HCI_OP_READ_INQ_RSP_TX_POWER:
1739
hci_cc_read_inq_rsp_tx_power(hdev, skb);
1742
case HCI_OP_SET_EVENT_FLT:
1743
hci_cc_set_event_flt(hdev, skb);
1746
case HCI_OP_PIN_CODE_REPLY:
1747
hci_cc_pin_code_reply(hdev, skb);
1750
case HCI_OP_PIN_CODE_NEG_REPLY:
1751
hci_cc_pin_code_neg_reply(hdev, skb);
1754
case HCI_OP_LE_READ_BUFFER_SIZE:
1755
hci_cc_le_read_buffer_size(hdev, skb);
1758
case HCI_OP_USER_CONFIRM_REPLY:
1759
hci_cc_user_confirm_reply(hdev, skb);
1762
case HCI_OP_USER_CONFIRM_NEG_REPLY:
1763
hci_cc_user_confirm_neg_reply(hdev, skb);
1767
BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1771
if (ev->opcode != HCI_OP_NOP)
1772
del_timer(&hdev->cmd_timer);
1775
atomic_set(&hdev->cmd_cnt, 1);
1776
if (!skb_queue_empty(&hdev->cmd_q))
1777
tasklet_schedule(&hdev->cmd_task);
1781
static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
1783
struct hci_ev_cmd_status *ev = (void *) skb->data;
1786
skb_pull(skb, sizeof(*ev));
1788
opcode = __le16_to_cpu(ev->opcode);
1791
case HCI_OP_INQUIRY:
1792
hci_cs_inquiry(hdev, ev->status);
1795
case HCI_OP_CREATE_CONN:
1796
hci_cs_create_conn(hdev, ev->status);
1799
case HCI_OP_ADD_SCO:
1800
hci_cs_add_sco(hdev, ev->status);
1803
case HCI_OP_AUTH_REQUESTED:
1804
hci_cs_auth_requested(hdev, ev->status);
1807
case HCI_OP_SET_CONN_ENCRYPT:
1808
hci_cs_set_conn_encrypt(hdev, ev->status);
1811
case HCI_OP_REMOTE_NAME_REQ:
1812
hci_cs_remote_name_req(hdev, ev->status);
1815
case HCI_OP_READ_REMOTE_FEATURES:
1816
hci_cs_read_remote_features(hdev, ev->status);
1819
case HCI_OP_READ_REMOTE_EXT_FEATURES:
1820
hci_cs_read_remote_ext_features(hdev, ev->status);
1823
case HCI_OP_SETUP_SYNC_CONN:
1824
hci_cs_setup_sync_conn(hdev, ev->status);
1827
case HCI_OP_SNIFF_MODE:
1828
hci_cs_sniff_mode(hdev, ev->status);
1831
case HCI_OP_EXIT_SNIFF_MODE:
1832
hci_cs_exit_sniff_mode(hdev, ev->status);
1835
case HCI_OP_DISCONNECT:
1836
if (ev->status != 0)
1837
mgmt_disconnect_failed(hdev->id);
1840
case HCI_OP_LE_CREATE_CONN:
1841
hci_cs_le_create_conn(hdev, ev->status);
1845
BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1849
if (ev->opcode != HCI_OP_NOP)
1850
del_timer(&hdev->cmd_timer);
1852
if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
1853
atomic_set(&hdev->cmd_cnt, 1);
1854
if (!skb_queue_empty(&hdev->cmd_q))
1855
tasklet_schedule(&hdev->cmd_task);
1859
static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1861
struct hci_ev_role_change *ev = (void *) skb->data;
1862
struct hci_conn *conn;
1864
BT_DBG("%s status %d", hdev->name, ev->status);
1868
conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1872
conn->link_mode &= ~HCI_LM_MASTER;
1874
conn->link_mode |= HCI_LM_MASTER;
1877
clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
1879
hci_role_switch_cfm(conn, ev->status, ev->role);
1882
hci_dev_unlock(hdev);
1885
static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
1887
struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
1891
skb_pull(skb, sizeof(*ev));
1893
BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
1895
if (skb->len < ev->num_hndl * 4) {
1896
BT_DBG("%s bad parameters", hdev->name);
1900
tasklet_disable(&hdev->tx_task);
1902
for (i = 0, ptr = (__le16 *) skb->data; i < ev->num_hndl; i++) {
1903
struct hci_conn *conn;
1904
__u16 handle, count;
1906
handle = get_unaligned_le16(ptr++);
1907
count = get_unaligned_le16(ptr++);
1909
conn = hci_conn_hash_lookup_handle(hdev, handle);
1911
conn->sent -= count;
1913
if (conn->type == ACL_LINK) {
1914
hdev->acl_cnt += count;
1915
if (hdev->acl_cnt > hdev->acl_pkts)
1916
hdev->acl_cnt = hdev->acl_pkts;
1917
} else if (conn->type == LE_LINK) {
1918
if (hdev->le_pkts) {
1919
hdev->le_cnt += count;
1920
if (hdev->le_cnt > hdev->le_pkts)
1921
hdev->le_cnt = hdev->le_pkts;
1923
hdev->acl_cnt += count;
1924
if (hdev->acl_cnt > hdev->acl_pkts)
1925
hdev->acl_cnt = hdev->acl_pkts;
1928
hdev->sco_cnt += count;
1929
if (hdev->sco_cnt > hdev->sco_pkts)
1930
hdev->sco_cnt = hdev->sco_pkts;
1935
tasklet_schedule(&hdev->tx_task);
1937
tasklet_enable(&hdev->tx_task);
1940
static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1942
struct hci_ev_mode_change *ev = (void *) skb->data;
1943
struct hci_conn *conn;
1945
BT_DBG("%s status %d", hdev->name, ev->status);
1949
conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1951
conn->mode = ev->mode;
1952
conn->interval = __le16_to_cpu(ev->interval);
1954
if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
1955
if (conn->mode == HCI_CM_ACTIVE)
1956
conn->power_save = 1;
1958
conn->power_save = 0;
1961
if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1962
hci_sco_setup(conn, ev->status);
1965
hci_dev_unlock(hdev);
1968
static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1970
struct hci_ev_pin_code_req *ev = (void *) skb->data;
1971
struct hci_conn *conn;
1973
BT_DBG("%s", hdev->name);
1977
conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1978
if (conn && conn->state == BT_CONNECTED) {
1979
hci_conn_hold(conn);
1980
conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1984
if (!test_bit(HCI_PAIRABLE, &hdev->flags))
1985
hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
1986
sizeof(ev->bdaddr), &ev->bdaddr);
1988
if (test_bit(HCI_MGMT, &hdev->flags))
1989
mgmt_pin_code_request(hdev->id, &ev->bdaddr);
1991
hci_dev_unlock(hdev);
1994
static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1996
struct hci_ev_link_key_req *ev = (void *) skb->data;
1997
struct hci_cp_link_key_reply cp;
1998
struct hci_conn *conn;
1999
struct link_key *key;
2001
BT_DBG("%s", hdev->name);
2003
if (!test_bit(HCI_LINK_KEYS, &hdev->flags))
2008
key = hci_find_link_key(hdev, &ev->bdaddr);
2010
BT_DBG("%s link key not found for %s", hdev->name,
2011
batostr(&ev->bdaddr));
2015
BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2016
batostr(&ev->bdaddr));
2018
if (!test_bit(HCI_DEBUG_KEYS, &hdev->flags) && key->type == 0x03) {
2019
BT_DBG("%s ignoring debug key", hdev->name);
2023
conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2025
if (key->type == 0x04 && conn && conn->auth_type != 0xff &&
2026
(conn->auth_type & 0x01)) {
2027
BT_DBG("%s ignoring unauthenticated key", hdev->name);
2031
bacpy(&cp.bdaddr, &ev->bdaddr);
2032
memcpy(cp.link_key, key->val, 16);
2034
hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2036
hci_dev_unlock(hdev);
2041
hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2042
hci_dev_unlock(hdev);
2045
static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2047
struct hci_ev_link_key_notify *ev = (void *) skb->data;
2048
struct hci_conn *conn;
2051
BT_DBG("%s", hdev->name);
2055
conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2057
hci_conn_hold(conn);
2058
conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2059
pin_len = conn->pin_length;
2063
if (test_bit(HCI_LINK_KEYS, &hdev->flags))
2064
hci_add_link_key(hdev, 1, &ev->bdaddr, ev->link_key,
2065
ev->key_type, pin_len);
2067
hci_dev_unlock(hdev);
2070
static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2072
struct hci_ev_clock_offset *ev = (void *) skb->data;
2073
struct hci_conn *conn;
2075
BT_DBG("%s status %d", hdev->name, ev->status);
2079
conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2080
if (conn && !ev->status) {
2081
struct inquiry_entry *ie;
2083
ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2085
ie->data.clock_offset = ev->clock_offset;
2086
ie->timestamp = jiffies;
2090
hci_dev_unlock(hdev);
2093
static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2095
struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2096
struct hci_conn *conn;
2098
BT_DBG("%s status %d", hdev->name, ev->status);
2102
conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2103
if (conn && !ev->status)
2104
conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2106
hci_dev_unlock(hdev);
2109
static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2111
struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
2112
struct inquiry_entry *ie;
2114
BT_DBG("%s", hdev->name);
2118
ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2120
ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2121
ie->timestamp = jiffies;
2124
hci_dev_unlock(hdev);
2127
static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2129
struct inquiry_data data;
2130
int num_rsp = *((__u8 *) skb->data);
2132
BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2139
if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
2140
struct inquiry_info_with_rssi_and_pscan_mode *info;
2141
info = (void *) (skb->data + 1);
2143
for (; num_rsp; num_rsp--) {
2144
bacpy(&data.bdaddr, &info->bdaddr);
2145
data.pscan_rep_mode = info->pscan_rep_mode;
2146
data.pscan_period_mode = info->pscan_period_mode;
2147
data.pscan_mode = info->pscan_mode;
2148
memcpy(data.dev_class, info->dev_class, 3);
2149
data.clock_offset = info->clock_offset;
2150
data.rssi = info->rssi;
2151
data.ssp_mode = 0x00;
2153
hci_inquiry_cache_update(hdev, &data);
2156
struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2158
for (; num_rsp; num_rsp--) {
2159
bacpy(&data.bdaddr, &info->bdaddr);
2160
data.pscan_rep_mode = info->pscan_rep_mode;
2161
data.pscan_period_mode = info->pscan_period_mode;
2162
data.pscan_mode = 0x00;
2163
memcpy(data.dev_class, info->dev_class, 3);
2164
data.clock_offset = info->clock_offset;
2165
data.rssi = info->rssi;
2166
data.ssp_mode = 0x00;
2168
hci_inquiry_cache_update(hdev, &data);
2172
hci_dev_unlock(hdev);
2175
static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2177
struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2178
struct hci_conn *conn;
2180
BT_DBG("%s", hdev->name);
2184
conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2188
if (!ev->status && ev->page == 0x01) {
2189
struct inquiry_entry *ie;
2191
ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2193
ie->data.ssp_mode = (ev->features[0] & 0x01);
2195
conn->ssp_mode = (ev->features[0] & 0x01);
2198
if (conn->state != BT_CONFIG)
2202
struct hci_cp_remote_name_req cp;
2203
memset(&cp, 0, sizeof(cp));
2204
bacpy(&cp.bdaddr, &conn->dst);
2205
cp.pscan_rep_mode = 0x02;
2206
hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2209
if (!hci_outgoing_auth_needed(hdev, conn)) {
2210
conn->state = BT_CONNECTED;
2211
hci_proto_connect_cfm(conn, ev->status);
2216
hci_dev_unlock(hdev);
2219
static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2221
struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2222
struct hci_conn *conn;
2224
BT_DBG("%s status %d", hdev->name, ev->status);
2228
conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
2230
if (ev->link_type == ESCO_LINK)
2233
conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2237
conn->type = SCO_LINK;
2240
switch (ev->status) {
2242
conn->handle = __le16_to_cpu(ev->handle);
2243
conn->state = BT_CONNECTED;
2245
hci_conn_hold_device(conn);
2246
hci_conn_add_sysfs(conn);
2249
case 0x11: /* Unsupported Feature or Parameter Value */
2250
case 0x1c: /* SCO interval rejected */
2251
case 0x1a: /* Unsupported Remote Feature */
2252
case 0x1f: /* Unspecified error */
2253
if (conn->out && conn->attempt < 2) {
2254
conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2255
(hdev->esco_type & EDR_ESCO_MASK);
2256
hci_setup_sync(conn, conn->link->handle);
2262
conn->state = BT_CLOSED;
2266
hci_proto_connect_cfm(conn, ev->status);
2271
hci_dev_unlock(hdev);
2274
static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2276
BT_DBG("%s", hdev->name);
2279
static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2281
struct hci_ev_sniff_subrate *ev = (void *) skb->data;
2283
BT_DBG("%s status %d", hdev->name, ev->status);
2286
static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
2288
struct inquiry_data data;
2289
struct extended_inquiry_info *info = (void *) (skb->data + 1);
2290
int num_rsp = *((__u8 *) skb->data);
2292
BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2299
for (; num_rsp; num_rsp--) {
2300
bacpy(&data.bdaddr, &info->bdaddr);
2301
data.pscan_rep_mode = info->pscan_rep_mode;
2302
data.pscan_period_mode = info->pscan_period_mode;
2303
data.pscan_mode = 0x00;
2304
memcpy(data.dev_class, info->dev_class, 3);
2305
data.clock_offset = info->clock_offset;
2306
data.rssi = info->rssi;
2307
data.ssp_mode = 0x01;
2309
hci_inquiry_cache_update(hdev, &data);
2312
hci_dev_unlock(hdev);
2315
static inline u8 hci_get_auth_req(struct hci_conn *conn)
2317
/* If remote requests dedicated bonding follow that lead */
2318
if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2319
/* If both remote and local IO capabilities allow MITM
2320
* protection then require it, otherwise don't */
2321
if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2327
/* If remote requests no-bonding follow that lead */
2328
if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
2331
return conn->auth_type;
2334
static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2336
struct hci_ev_io_capa_request *ev = (void *) skb->data;
2337
struct hci_conn *conn;
2339
BT_DBG("%s", hdev->name);
2343
conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2347
hci_conn_hold(conn);
2349
if (!test_bit(HCI_MGMT, &hdev->flags))
2352
if (test_bit(HCI_PAIRABLE, &hdev->flags) ||
2353
(conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
2354
struct hci_cp_io_capability_reply cp;
2356
bacpy(&cp.bdaddr, &ev->bdaddr);
2357
cp.capability = conn->io_capability;
2359
cp.authentication = hci_get_auth_req(conn);
2361
hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
2364
struct hci_cp_io_capability_neg_reply cp;
2366
bacpy(&cp.bdaddr, &ev->bdaddr);
2367
cp.reason = 0x16; /* Pairing not allowed */
2369
hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
2374
hci_dev_unlock(hdev);
2377
static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
2379
struct hci_ev_io_capa_reply *ev = (void *) skb->data;
2380
struct hci_conn *conn;
2382
BT_DBG("%s", hdev->name);
2386
conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2390
conn->remote_cap = ev->capability;
2391
conn->remote_oob = ev->oob_data;
2392
conn->remote_auth = ev->authentication;
2395
hci_dev_unlock(hdev);
2398
static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
2399
struct sk_buff *skb)
2401
struct hci_ev_user_confirm_req *ev = (void *) skb->data;
2403
BT_DBG("%s", hdev->name);
2407
if (test_bit(HCI_MGMT, &hdev->flags))
2408
mgmt_user_confirm_request(hdev->id, &ev->bdaddr, ev->passkey);
2410
hci_dev_unlock(hdev);
2413
static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2415
struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
2416
struct hci_conn *conn;
2418
BT_DBG("%s", hdev->name);
2422
conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2426
/* To avoid duplicate auth_failed events to user space we check
2427
* the HCI_CONN_AUTH_PEND flag which will be set if we
2428
* initiated the authentication. A traditional auth_complete
2429
* event gets always produced as initiator and is also mapped to
2430
* the mgmt_auth_failed event */
2431
if (!test_bit(HCI_CONN_AUTH_PEND, &conn->pend) && ev->status != 0)
2432
mgmt_auth_failed(hdev->id, &conn->dst, ev->status);
2437
hci_dev_unlock(hdev);
2440
static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2442
struct hci_ev_remote_host_features *ev = (void *) skb->data;
2443
struct inquiry_entry *ie;
2445
BT_DBG("%s", hdev->name);
2449
ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2451
ie->data.ssp_mode = (ev->features[0] & 0x01);
2453
hci_dev_unlock(hdev);
2456
static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2458
struct hci_ev_le_conn_complete *ev = (void *) skb->data;
2459
struct hci_conn *conn;
2461
BT_DBG("%s status %d", hdev->name, ev->status);
2465
conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
2467
conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
2469
BT_ERR("No memory for new connection");
2470
hci_dev_unlock(hdev);
2476
hci_proto_connect_cfm(conn, ev->status);
2477
conn->state = BT_CLOSED;
2482
conn->handle = __le16_to_cpu(ev->handle);
2483
conn->state = BT_CONNECTED;
2485
hci_conn_hold_device(conn);
2486
hci_conn_add_sysfs(conn);
2488
hci_proto_connect_cfm(conn, ev->status);
2491
hci_dev_unlock(hdev);
2494
static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
2496
struct hci_ev_le_meta *le_ev = (void *) skb->data;
2498
skb_pull(skb, sizeof(*le_ev));
2500
switch (le_ev->subevent) {
2501
case HCI_EV_LE_CONN_COMPLETE:
2502
hci_le_conn_complete_evt(hdev, skb);
2510
void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
2512
struct hci_event_hdr *hdr = (void *) skb->data;
2513
__u8 event = hdr->evt;
2515
skb_pull(skb, HCI_EVENT_HDR_SIZE);
2518
case HCI_EV_INQUIRY_COMPLETE:
2519
hci_inquiry_complete_evt(hdev, skb);
2522
case HCI_EV_INQUIRY_RESULT:
2523
hci_inquiry_result_evt(hdev, skb);
2526
case HCI_EV_CONN_COMPLETE:
2527
hci_conn_complete_evt(hdev, skb);
2530
case HCI_EV_CONN_REQUEST:
2531
hci_conn_request_evt(hdev, skb);
2534
case HCI_EV_DISCONN_COMPLETE:
2535
hci_disconn_complete_evt(hdev, skb);
2538
case HCI_EV_AUTH_COMPLETE:
2539
hci_auth_complete_evt(hdev, skb);
2542
case HCI_EV_REMOTE_NAME:
2543
hci_remote_name_evt(hdev, skb);
2546
case HCI_EV_ENCRYPT_CHANGE:
2547
hci_encrypt_change_evt(hdev, skb);
2550
case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
2551
hci_change_link_key_complete_evt(hdev, skb);
2554
case HCI_EV_REMOTE_FEATURES:
2555
hci_remote_features_evt(hdev, skb);
2558
case HCI_EV_REMOTE_VERSION:
2559
hci_remote_version_evt(hdev, skb);
2562
case HCI_EV_QOS_SETUP_COMPLETE:
2563
hci_qos_setup_complete_evt(hdev, skb);
2566
case HCI_EV_CMD_COMPLETE:
2567
hci_cmd_complete_evt(hdev, skb);
2570
case HCI_EV_CMD_STATUS:
2571
hci_cmd_status_evt(hdev, skb);
2574
case HCI_EV_ROLE_CHANGE:
2575
hci_role_change_evt(hdev, skb);
2578
case HCI_EV_NUM_COMP_PKTS:
2579
hci_num_comp_pkts_evt(hdev, skb);
2582
case HCI_EV_MODE_CHANGE:
2583
hci_mode_change_evt(hdev, skb);
2586
case HCI_EV_PIN_CODE_REQ:
2587
hci_pin_code_request_evt(hdev, skb);
2590
case HCI_EV_LINK_KEY_REQ:
2591
hci_link_key_request_evt(hdev, skb);
2594
case HCI_EV_LINK_KEY_NOTIFY:
2595
hci_link_key_notify_evt(hdev, skb);
2598
case HCI_EV_CLOCK_OFFSET:
2599
hci_clock_offset_evt(hdev, skb);
2602
case HCI_EV_PKT_TYPE_CHANGE:
2603
hci_pkt_type_change_evt(hdev, skb);
2606
case HCI_EV_PSCAN_REP_MODE:
2607
hci_pscan_rep_mode_evt(hdev, skb);
2610
case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
2611
hci_inquiry_result_with_rssi_evt(hdev, skb);
2614
case HCI_EV_REMOTE_EXT_FEATURES:
2615
hci_remote_ext_features_evt(hdev, skb);
2618
case HCI_EV_SYNC_CONN_COMPLETE:
2619
hci_sync_conn_complete_evt(hdev, skb);
2622
case HCI_EV_SYNC_CONN_CHANGED:
2623
hci_sync_conn_changed_evt(hdev, skb);
2626
case HCI_EV_SNIFF_SUBRATE:
2627
hci_sniff_subrate_evt(hdev, skb);
2630
case HCI_EV_EXTENDED_INQUIRY_RESULT:
2631
hci_extended_inquiry_result_evt(hdev, skb);
2634
case HCI_EV_IO_CAPA_REQUEST:
2635
hci_io_capa_request_evt(hdev, skb);
2638
case HCI_EV_IO_CAPA_REPLY:
2639
hci_io_capa_reply_evt(hdev, skb);
2642
case HCI_EV_USER_CONFIRM_REQUEST:
2643
hci_user_confirm_request_evt(hdev, skb);
2646
case HCI_EV_SIMPLE_PAIR_COMPLETE:
2647
hci_simple_pair_complete_evt(hdev, skb);
2650
case HCI_EV_REMOTE_HOST_FEATURES:
2651
hci_remote_host_features_evt(hdev, skb);
2654
case HCI_EV_LE_META:
2655
hci_le_meta_evt(hdev, skb);
2659
BT_DBG("%s event 0x%x", hdev->name, event);
2664
hdev->stat.evt_rx++;
2667
/* Generate internal stack event */
2668
void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
2670
struct hci_event_hdr *hdr;
2671
struct hci_ev_stack_internal *ev;
2672
struct sk_buff *skb;
2674
skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
2678
hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
2679
hdr->evt = HCI_EV_STACK_INTERNAL;
2680
hdr->plen = sizeof(*ev) + dlen;
2682
ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
2684
memcpy(ev->data, data, dlen);
2686
bt_cb(skb)->incoming = 1;
2687
__net_timestamp(skb);
2689
bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
2690
skb->dev = (void *) hdev;
2691
hci_send_to_sock(hdev, skb, NULL);
added
removed
updates/cw-2.6.39/net/bluetooth/hci_event.c
