2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI event handling. */
27 #include <asm/unaligned.h>
29 #include <net/bluetooth/bluetooth.h>
30 #include <net/bluetooth/hci_core.h>
31 #include <net/bluetooth/mgmt.h>
32 #include <net/bluetooth/a2mp.h>
33 #include <net/bluetooth/amp.h>
35 /* Handle HCI Event packets */
37 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
39 __u8 status = *((__u8 *) skb->data);
41 BT_DBG("%s status 0x%2.2x", hdev->name, status);
45 mgmt_stop_discovery_failed(hdev, status);
50 clear_bit(HCI_INQUIRY, &hdev->flags);
53 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
56 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
58 hci_conn_check_pending(hdev);
61 static void hci_cc_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
63 __u8 status = *((__u8 *) skb->data);
65 BT_DBG("%s status 0x%2.2x", hdev->name, status);
70 set_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
73 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
75 __u8 status = *((__u8 *) skb->data);
77 BT_DBG("%s status 0x%2.2x", hdev->name, status);
82 clear_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
84 hci_conn_check_pending(hdev);
87 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev,
90 BT_DBG("%s", hdev->name);
93 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
95 struct hci_rp_role_discovery *rp = (void *) skb->data;
96 struct hci_conn *conn;
98 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
105 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
108 conn->link_mode &= ~HCI_LM_MASTER;
110 conn->link_mode |= HCI_LM_MASTER;
113 hci_dev_unlock(hdev);
116 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
118 struct hci_rp_read_link_policy *rp = (void *) skb->data;
119 struct hci_conn *conn;
121 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
128 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
130 conn->link_policy = __le16_to_cpu(rp->policy);
132 hci_dev_unlock(hdev);
135 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
137 struct hci_rp_write_link_policy *rp = (void *) skb->data;
138 struct hci_conn *conn;
141 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
146 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
152 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
154 conn->link_policy = get_unaligned_le16(sent + 2);
156 hci_dev_unlock(hdev);
159 static void hci_cc_read_def_link_policy(struct hci_dev *hdev,
162 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
164 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
169 hdev->link_policy = __le16_to_cpu(rp->policy);
172 static void hci_cc_write_def_link_policy(struct hci_dev *hdev,
175 __u8 status = *((__u8 *) skb->data);
178 BT_DBG("%s status 0x%2.2x", hdev->name, status);
180 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
185 hdev->link_policy = get_unaligned_le16(sent);
187 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
190 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
192 __u8 status = *((__u8 *) skb->data);
194 BT_DBG("%s status 0x%2.2x", hdev->name, status);
196 clear_bit(HCI_RESET, &hdev->flags);
198 hci_req_complete(hdev, HCI_OP_RESET, status);
200 /* Reset all non-persistent flags */
201 hdev->dev_flags &= ~(BIT(HCI_LE_SCAN) | BIT(HCI_PENDING_CLASS) |
202 BIT(HCI_PERIODIC_INQ));
204 hdev->discovery.state = DISCOVERY_STOPPED;
205 hdev->inq_tx_power = HCI_TX_POWER_INVALID;
206 hdev->adv_tx_power = HCI_TX_POWER_INVALID;
208 memset(hdev->adv_data, 0, sizeof(hdev->adv_data));
209 hdev->adv_data_len = 0;
212 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
214 __u8 status = *((__u8 *) skb->data);
217 BT_DBG("%s status 0x%2.2x", hdev->name, status);
219 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
225 if (test_bit(HCI_MGMT, &hdev->dev_flags))
226 mgmt_set_local_name_complete(hdev, sent, status);
228 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
230 hci_dev_unlock(hdev);
232 if (!status && !test_bit(HCI_INIT, &hdev->flags))
235 hci_req_complete(hdev, HCI_OP_WRITE_LOCAL_NAME, status);
238 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
240 struct hci_rp_read_local_name *rp = (void *) skb->data;
242 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
247 if (test_bit(HCI_SETUP, &hdev->dev_flags))
248 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
251 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
253 __u8 status = *((__u8 *) skb->data);
256 BT_DBG("%s status 0x%2.2x", hdev->name, status);
258 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
263 __u8 param = *((__u8 *) sent);
265 if (param == AUTH_ENABLED)
266 set_bit(HCI_AUTH, &hdev->flags);
268 clear_bit(HCI_AUTH, &hdev->flags);
271 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272 mgmt_auth_enable_complete(hdev, status);
274 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
277 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
279 __u8 status = *((__u8 *) skb->data);
282 BT_DBG("%s status 0x%2.2x", hdev->name, status);
284 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
289 __u8 param = *((__u8 *) sent);
292 set_bit(HCI_ENCRYPT, &hdev->flags);
294 clear_bit(HCI_ENCRYPT, &hdev->flags);
297 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
300 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
302 __u8 param, status = *((__u8 *) skb->data);
303 int old_pscan, old_iscan;
306 BT_DBG("%s status 0x%2.2x", hdev->name, status);
308 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
312 param = *((__u8 *) sent);
317 mgmt_write_scan_failed(hdev, param, status);
318 hdev->discov_timeout = 0;
322 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
323 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
325 if (param & SCAN_INQUIRY) {
326 set_bit(HCI_ISCAN, &hdev->flags);
328 mgmt_discoverable(hdev, 1);
329 if (hdev->discov_timeout > 0) {
330 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
331 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
334 } else if (old_iscan)
335 mgmt_discoverable(hdev, 0);
337 if (param & SCAN_PAGE) {
338 set_bit(HCI_PSCAN, &hdev->flags);
340 mgmt_connectable(hdev, 1);
341 } else if (old_pscan)
342 mgmt_connectable(hdev, 0);
345 hci_dev_unlock(hdev);
346 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
349 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
351 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
353 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
358 memcpy(hdev->dev_class, rp->dev_class, 3);
360 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
361 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
364 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
366 __u8 status = *((__u8 *) skb->data);
369 BT_DBG("%s status 0x%2.2x", hdev->name, status);
371 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
378 memcpy(hdev->dev_class, sent, 3);
380 if (test_bit(HCI_MGMT, &hdev->dev_flags))
381 mgmt_set_class_of_dev_complete(hdev, sent, status);
383 hci_dev_unlock(hdev);
386 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
388 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
391 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
396 setting = __le16_to_cpu(rp->voice_setting);
398 if (hdev->voice_setting == setting)
401 hdev->voice_setting = setting;
403 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
406 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
409 static void hci_cc_write_voice_setting(struct hci_dev *hdev,
412 __u8 status = *((__u8 *) skb->data);
416 BT_DBG("%s status 0x%2.2x", hdev->name, status);
421 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
425 setting = get_unaligned_le16(sent);
427 if (hdev->voice_setting == setting)
430 hdev->voice_setting = setting;
432 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
435 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
438 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
440 __u8 status = *((__u8 *) skb->data);
442 BT_DBG("%s status 0x%2.2x", hdev->name, status);
444 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
447 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
449 __u8 status = *((__u8 *) skb->data);
450 struct hci_cp_write_ssp_mode *sent;
452 BT_DBG("%s status 0x%2.2x", hdev->name, status);
454 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
460 hdev->host_features[0] |= LMP_HOST_SSP;
462 hdev->host_features[0] &= ~LMP_HOST_SSP;
465 if (test_bit(HCI_MGMT, &hdev->dev_flags))
466 mgmt_ssp_enable_complete(hdev, sent->mode, status);
469 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
471 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
475 static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
477 if (lmp_ext_inq_capable(hdev))
480 if (lmp_inq_rssi_capable(hdev))
483 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
484 hdev->lmp_subver == 0x0757)
487 if (hdev->manufacturer == 15) {
488 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
490 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
492 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
496 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
497 hdev->lmp_subver == 0x1805)
503 static void hci_setup_inquiry_mode(struct hci_dev *hdev)
507 mode = hci_get_inquiry_mode(hdev);
509 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
512 static void hci_setup_event_mask(struct hci_dev *hdev)
514 /* The second byte is 0xff instead of 0x9f (two reserved bits
515 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
516 * command otherwise */
517 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
519 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
520 * any event mask for pre 1.2 devices */
521 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
524 if (lmp_bredr_capable(hdev)) {
525 events[4] |= 0x01; /* Flow Specification Complete */
526 events[4] |= 0x02; /* Inquiry Result with RSSI */
527 events[4] |= 0x04; /* Read Remote Extended Features Complete */
528 events[5] |= 0x08; /* Synchronous Connection Complete */
529 events[5] |= 0x10; /* Synchronous Connection Changed */
532 if (lmp_inq_rssi_capable(hdev))
533 events[4] |= 0x02; /* Inquiry Result with RSSI */
535 if (lmp_sniffsubr_capable(hdev))
536 events[5] |= 0x20; /* Sniff Subrating */
538 if (lmp_pause_enc_capable(hdev))
539 events[5] |= 0x80; /* Encryption Key Refresh Complete */
541 if (lmp_ext_inq_capable(hdev))
542 events[5] |= 0x40; /* Extended Inquiry Result */
544 if (lmp_no_flush_capable(hdev))
545 events[7] |= 0x01; /* Enhanced Flush Complete */
547 if (lmp_lsto_capable(hdev))
548 events[6] |= 0x80; /* Link Supervision Timeout Changed */
550 if (lmp_ssp_capable(hdev)) {
551 events[6] |= 0x01; /* IO Capability Request */
552 events[6] |= 0x02; /* IO Capability Response */
553 events[6] |= 0x04; /* User Confirmation Request */
554 events[6] |= 0x08; /* User Passkey Request */
555 events[6] |= 0x10; /* Remote OOB Data Request */
556 events[6] |= 0x20; /* Simple Pairing Complete */
557 events[7] |= 0x04; /* User Passkey Notification */
558 events[7] |= 0x08; /* Keypress Notification */
559 events[7] |= 0x10; /* Remote Host Supported
560 * Features Notification */
563 if (lmp_le_capable(hdev))
564 events[7] |= 0x20; /* LE Meta-Event */
566 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
568 if (lmp_le_capable(hdev)) {
569 memset(events, 0, sizeof(events));
571 hci_send_cmd(hdev, HCI_OP_LE_SET_EVENT_MASK,
572 sizeof(events), events);
576 static void bredr_setup(struct hci_dev *hdev)
578 struct hci_cp_delete_stored_link_key cp;
582 /* Read Buffer Size (ACL mtu, max pkt, etc.) */
583 hci_send_cmd(hdev, HCI_OP_READ_BUFFER_SIZE, 0, NULL);
585 /* Read Class of Device */
586 hci_send_cmd(hdev, HCI_OP_READ_CLASS_OF_DEV, 0, NULL);
588 /* Read Local Name */
589 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_NAME, 0, NULL);
591 /* Read Voice Setting */
592 hci_send_cmd(hdev, HCI_OP_READ_VOICE_SETTING, 0, NULL);
594 /* Clear Event Filters */
595 flt_type = HCI_FLT_CLEAR_ALL;
596 hci_send_cmd(hdev, HCI_OP_SET_EVENT_FLT, 1, &flt_type);
598 /* Connection accept timeout ~20 secs */
599 param = __constant_cpu_to_le16(0x7d00);
600 hci_send_cmd(hdev, HCI_OP_WRITE_CA_TIMEOUT, 2, ¶m);
602 bacpy(&cp.bdaddr, BDADDR_ANY);
604 hci_send_cmd(hdev, HCI_OP_DELETE_STORED_LINK_KEY, sizeof(cp), &cp);
607 static void le_setup(struct hci_dev *hdev)
609 /* Read LE Buffer Size */
610 hci_send_cmd(hdev, HCI_OP_LE_READ_BUFFER_SIZE, 0, NULL);
612 /* Read LE Advertising Channel TX Power */
613 hci_send_cmd(hdev, HCI_OP_LE_READ_ADV_TX_POWER, 0, NULL);
616 static void hci_setup(struct hci_dev *hdev)
618 if (hdev->dev_type != HCI_BREDR)
621 /* Read BD Address */
622 hci_send_cmd(hdev, HCI_OP_READ_BD_ADDR, 0, NULL);
624 if (lmp_bredr_capable(hdev))
627 if (lmp_le_capable(hdev))
630 hci_setup_event_mask(hdev);
632 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
633 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
635 if (lmp_ssp_capable(hdev)) {
636 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
638 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE,
639 sizeof(mode), &mode);
641 struct hci_cp_write_eir cp;
643 memset(hdev->eir, 0, sizeof(hdev->eir));
644 memset(&cp, 0, sizeof(cp));
646 hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
650 if (lmp_inq_rssi_capable(hdev))
651 hci_setup_inquiry_mode(hdev);
653 if (lmp_inq_tx_pwr_capable(hdev))
654 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
656 if (lmp_ext_feat_capable(hdev)) {
657 struct hci_cp_read_local_ext_features cp;
660 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp),
664 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags)) {
666 hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(enable),
671 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
673 struct hci_rp_read_local_version *rp = (void *) skb->data;
675 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
680 hdev->hci_ver = rp->hci_ver;
681 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
682 hdev->lmp_ver = rp->lmp_ver;
683 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
684 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
686 BT_DBG("%s manufacturer 0x%4.4x hci ver %d:%d", hdev->name,
687 hdev->manufacturer, hdev->hci_ver, hdev->hci_rev);
689 if (test_bit(HCI_INIT, &hdev->flags))
693 hci_req_complete(hdev, HCI_OP_READ_LOCAL_VERSION, rp->status);
696 static void hci_setup_link_policy(struct hci_dev *hdev)
698 struct hci_cp_write_def_link_policy cp;
701 if (lmp_rswitch_capable(hdev))
702 link_policy |= HCI_LP_RSWITCH;
703 if (lmp_hold_capable(hdev))
704 link_policy |= HCI_LP_HOLD;
705 if (lmp_sniff_capable(hdev))
706 link_policy |= HCI_LP_SNIFF;
707 if (lmp_park_capable(hdev))
708 link_policy |= HCI_LP_PARK;
710 cp.policy = cpu_to_le16(link_policy);
711 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, sizeof(cp), &cp);
714 static void hci_cc_read_local_commands(struct hci_dev *hdev,
717 struct hci_rp_read_local_commands *rp = (void *) skb->data;
719 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
724 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
726 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
727 hci_setup_link_policy(hdev);
730 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
733 static void hci_cc_read_local_features(struct hci_dev *hdev,
736 struct hci_rp_read_local_features *rp = (void *) skb->data;
738 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
743 memcpy(hdev->features, rp->features, 8);
745 /* Adjust default settings according to features
746 * supported by device. */
748 if (hdev->features[0] & LMP_3SLOT)
749 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
751 if (hdev->features[0] & LMP_5SLOT)
752 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
754 if (hdev->features[1] & LMP_HV2) {
755 hdev->pkt_type |= (HCI_HV2);
756 hdev->esco_type |= (ESCO_HV2);
759 if (hdev->features[1] & LMP_HV3) {
760 hdev->pkt_type |= (HCI_HV3);
761 hdev->esco_type |= (ESCO_HV3);
764 if (lmp_esco_capable(hdev))
765 hdev->esco_type |= (ESCO_EV3);
767 if (hdev->features[4] & LMP_EV4)
768 hdev->esco_type |= (ESCO_EV4);
770 if (hdev->features[4] & LMP_EV5)
771 hdev->esco_type |= (ESCO_EV5);
773 if (hdev->features[5] & LMP_EDR_ESCO_2M)
774 hdev->esco_type |= (ESCO_2EV3);
776 if (hdev->features[5] & LMP_EDR_ESCO_3M)
777 hdev->esco_type |= (ESCO_3EV3);
779 if (hdev->features[5] & LMP_EDR_3S_ESCO)
780 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
782 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
783 hdev->features[0], hdev->features[1],
784 hdev->features[2], hdev->features[3],
785 hdev->features[4], hdev->features[5],
786 hdev->features[6], hdev->features[7]);
789 static void hci_set_le_support(struct hci_dev *hdev)
791 struct hci_cp_write_le_host_supported cp;
793 memset(&cp, 0, sizeof(cp));
795 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
797 cp.simul = !!lmp_le_br_capable(hdev);
800 if (cp.le != !!lmp_host_le_capable(hdev))
801 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp),
805 static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
808 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
810 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
817 memcpy(hdev->features, rp->features, 8);
820 memcpy(hdev->host_features, rp->features, 8);
824 if (test_bit(HCI_INIT, &hdev->flags) && lmp_le_capable(hdev))
825 hci_set_le_support(hdev);
828 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
831 static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
834 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
836 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
841 hdev->flow_ctl_mode = rp->mode;
843 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
846 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
848 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
850 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
855 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
856 hdev->sco_mtu = rp->sco_mtu;
857 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
858 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
860 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
865 hdev->acl_cnt = hdev->acl_pkts;
866 hdev->sco_cnt = hdev->sco_pkts;
868 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu,
869 hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts);
872 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
874 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
876 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
879 bacpy(&hdev->bdaddr, &rp->bdaddr);
881 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
884 static void hci_cc_read_data_block_size(struct hci_dev *hdev,
887 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
889 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
894 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
895 hdev->block_len = __le16_to_cpu(rp->block_len);
896 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
898 hdev->block_cnt = hdev->num_blocks;
900 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
901 hdev->block_cnt, hdev->block_len);
903 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
906 static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
908 __u8 status = *((__u8 *) skb->data);
910 BT_DBG("%s status 0x%2.2x", hdev->name, status);
912 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
915 static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
918 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
920 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
925 hdev->amp_status = rp->amp_status;
926 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
927 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
928 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
929 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
930 hdev->amp_type = rp->amp_type;
931 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
932 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
933 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
934 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
936 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
939 a2mp_send_getinfo_rsp(hdev);
942 static void hci_cc_read_local_amp_assoc(struct hci_dev *hdev,
945 struct hci_rp_read_local_amp_assoc *rp = (void *) skb->data;
946 struct amp_assoc *assoc = &hdev->loc_assoc;
947 size_t rem_len, frag_len;
949 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
954 frag_len = skb->len - sizeof(*rp);
955 rem_len = __le16_to_cpu(rp->rem_len);
957 if (rem_len > frag_len) {
958 BT_DBG("frag_len %zu rem_len %zu", frag_len, rem_len);
960 memcpy(assoc->data + assoc->offset, rp->frag, frag_len);
961 assoc->offset += frag_len;
963 /* Read other fragments */
964 amp_read_loc_assoc_frag(hdev, rp->phy_handle);
969 memcpy(assoc->data + assoc->offset, rp->frag, rem_len);
970 assoc->len = assoc->offset + rem_len;
974 /* Send A2MP Rsp when all fragments are received */
975 a2mp_send_getampassoc_rsp(hdev, rp->status);
976 a2mp_send_create_phy_link_req(hdev, rp->status);
979 static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
982 __u8 status = *((__u8 *) skb->data);
984 BT_DBG("%s status 0x%2.2x", hdev->name, status);
986 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
989 static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
991 __u8 status = *((__u8 *) skb->data);
993 BT_DBG("%s status 0x%2.2x", hdev->name, status);
995 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
998 static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
1001 __u8 status = *((__u8 *) skb->data);
1003 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1005 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
1008 static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
1009 struct sk_buff *skb)
1011 struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data;
1013 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1016 hdev->inq_tx_power = rp->tx_power;
1018 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, rp->status);
1021 static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
1023 __u8 status = *((__u8 *) skb->data);
1025 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1027 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
1030 static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
1032 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
1033 struct hci_cp_pin_code_reply *cp;
1034 struct hci_conn *conn;
1036 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1040 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1041 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
1046 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
1050 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1052 conn->pin_length = cp->pin_len;
1055 hci_dev_unlock(hdev);
1058 static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1060 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
1062 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1066 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1067 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
1070 hci_dev_unlock(hdev);
1073 static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
1074 struct sk_buff *skb)
1076 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
1078 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1083 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
1084 hdev->le_pkts = rp->le_max_pkt;
1086 hdev->le_cnt = hdev->le_pkts;
1088 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
1090 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
1093 static void hci_cc_le_read_adv_tx_power(struct hci_dev *hdev,
1094 struct sk_buff *skb)
1096 struct hci_rp_le_read_adv_tx_power *rp = (void *) skb->data;
1098 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1101 hdev->adv_tx_power = rp->tx_power;
1102 if (!test_bit(HCI_INIT, &hdev->flags))
1103 hci_update_ad(hdev);
1106 hci_req_complete(hdev, HCI_OP_LE_READ_ADV_TX_POWER, rp->status);
1109 static void hci_cc_le_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
1111 __u8 status = *((__u8 *) skb->data);
1113 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1115 hci_req_complete(hdev, HCI_OP_LE_SET_EVENT_MASK, status);
1118 static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
1120 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1122 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1126 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1127 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0,
1130 hci_dev_unlock(hdev);
1133 static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
1134 struct sk_buff *skb)
1136 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1138 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1142 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
1144 ACL_LINK, 0, rp->status);
1146 hci_dev_unlock(hdev);
1149 static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
1151 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1153 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1157 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1158 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
1161 hci_dev_unlock(hdev);
1164 static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
1165 struct sk_buff *skb)
1167 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1169 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1173 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1174 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
1175 ACL_LINK, 0, rp->status);
1177 hci_dev_unlock(hdev);
1180 static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
1181 struct sk_buff *skb)
1183 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1185 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1188 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
1189 rp->randomizer, rp->status);
1190 hci_dev_unlock(hdev);
1193 static void hci_cc_le_set_adv_enable(struct hci_dev *hdev, struct sk_buff *skb)
1195 __u8 *sent, status = *((__u8 *) skb->data);
1197 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1199 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_ENABLE);
1207 set_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags);
1209 clear_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags);
1212 hci_dev_unlock(hdev);
1214 if (!test_bit(HCI_INIT, &hdev->flags))
1215 hci_update_ad(hdev);
1217 hci_req_complete(hdev, HCI_OP_LE_SET_ADV_ENABLE, status);
1220 static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1222 __u8 status = *((__u8 *) skb->data);
1224 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1226 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_PARAM, status);
1230 mgmt_start_discovery_failed(hdev, status);
1231 hci_dev_unlock(hdev);
1236 static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1237 struct sk_buff *skb)
1239 struct hci_cp_le_set_scan_enable *cp;
1240 __u8 status = *((__u8 *) skb->data);
1242 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1244 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1248 switch (cp->enable) {
1249 case LE_SCANNING_ENABLED:
1250 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_ENABLE, status);
1254 mgmt_start_discovery_failed(hdev, status);
1255 hci_dev_unlock(hdev);
1259 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1262 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
1263 hci_dev_unlock(hdev);
1266 case LE_SCANNING_DISABLED:
1269 mgmt_stop_discovery_failed(hdev, status);
1270 hci_dev_unlock(hdev);
1274 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1276 if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED &&
1277 hdev->discovery.state == DISCOVERY_FINDING) {
1278 mgmt_interleaved_discovery(hdev);
1281 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1282 hci_dev_unlock(hdev);
1288 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1293 static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1295 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1297 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1302 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1305 static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1307 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1309 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1314 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1317 static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1318 struct sk_buff *skb)
1320 struct hci_cp_write_le_host_supported *sent;
1321 __u8 status = *((__u8 *) skb->data);
1323 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1325 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED);
1331 hdev->host_features[0] |= LMP_HOST_LE;
1333 hdev->host_features[0] &= ~LMP_HOST_LE;
1336 hdev->host_features[0] |= LMP_HOST_LE_BREDR;
1338 hdev->host_features[0] &= ~LMP_HOST_LE_BREDR;
1341 if (test_bit(HCI_MGMT, &hdev->dev_flags) &&
1342 !test_bit(HCI_INIT, &hdev->flags))
1343 mgmt_le_enable_complete(hdev, sent->le, status);
1345 hci_req_complete(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, status);
1348 static void hci_cc_write_remote_amp_assoc(struct hci_dev *hdev,
1349 struct sk_buff *skb)
1351 struct hci_rp_write_remote_amp_assoc *rp = (void *) skb->data;
1353 BT_DBG("%s status 0x%2.2x phy_handle 0x%2.2x",
1354 hdev->name, rp->status, rp->phy_handle);
1359 amp_write_rem_assoc_continue(hdev, rp->phy_handle);
1362 static void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
1364 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1367 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1368 hci_conn_check_pending(hdev);
1370 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1371 mgmt_start_discovery_failed(hdev, status);
1372 hci_dev_unlock(hdev);
1376 set_bit(HCI_INQUIRY, &hdev->flags);
1379 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
1380 hci_dev_unlock(hdev);
1383 static void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1385 struct hci_cp_create_conn *cp;
1386 struct hci_conn *conn;
1388 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1390 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1396 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1398 BT_DBG("%s bdaddr %pMR hcon %p", hdev->name, &cp->bdaddr, conn);
1401 if (conn && conn->state == BT_CONNECT) {
1402 if (status != 0x0c || conn->attempt > 2) {
1403 conn->state = BT_CLOSED;
1404 hci_proto_connect_cfm(conn, status);
1407 conn->state = BT_CONNECT2;
1411 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1414 conn->link_mode |= HCI_LM_MASTER;
1416 BT_ERR("No memory for new connection");
1420 hci_dev_unlock(hdev);
1423 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1425 struct hci_cp_add_sco *cp;
1426 struct hci_conn *acl, *sco;
1429 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1434 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1438 handle = __le16_to_cpu(cp->handle);
1440 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
1444 acl = hci_conn_hash_lookup_handle(hdev, handle);
1448 sco->state = BT_CLOSED;
1450 hci_proto_connect_cfm(sco, status);
1455 hci_dev_unlock(hdev);
1458 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1460 struct hci_cp_auth_requested *cp;
1461 struct hci_conn *conn;
1463 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1468 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1474 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1476 if (conn->state == BT_CONFIG) {
1477 hci_proto_connect_cfm(conn, status);
1482 hci_dev_unlock(hdev);
1485 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1487 struct hci_cp_set_conn_encrypt *cp;
1488 struct hci_conn *conn;
1490 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1495 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1501 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1503 if (conn->state == BT_CONFIG) {
1504 hci_proto_connect_cfm(conn, status);
1509 hci_dev_unlock(hdev);
1512 static int hci_outgoing_auth_needed(struct hci_dev *hdev,
1513 struct hci_conn *conn)
1515 if (conn->state != BT_CONFIG || !conn->out)
1518 if (conn->pending_sec_level == BT_SECURITY_SDP)
1521 /* Only request authentication for SSP connections or non-SSP
1522 * devices with sec_level HIGH or if MITM protection is requested */
1523 if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) &&
1524 conn->pending_sec_level != BT_SECURITY_HIGH)
1530 static int hci_resolve_name(struct hci_dev *hdev,
1531 struct inquiry_entry *e)
1533 struct hci_cp_remote_name_req cp;
1535 memset(&cp, 0, sizeof(cp));
1537 bacpy(&cp.bdaddr, &e->data.bdaddr);
1538 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1539 cp.pscan_mode = e->data.pscan_mode;
1540 cp.clock_offset = e->data.clock_offset;
1542 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1545 static bool hci_resolve_next_name(struct hci_dev *hdev)
1547 struct discovery_state *discov = &hdev->discovery;
1548 struct inquiry_entry *e;
1550 if (list_empty(&discov->resolve))
1553 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1557 if (hci_resolve_name(hdev, e) == 0) {
1558 e->name_state = NAME_PENDING;
1565 static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
1566 bdaddr_t *bdaddr, u8 *name, u8 name_len)
1568 struct discovery_state *discov = &hdev->discovery;
1569 struct inquiry_entry *e;
1571 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
1572 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00, 0, name,
1573 name_len, conn->dev_class);
1575 if (discov->state == DISCOVERY_STOPPED)
1578 if (discov->state == DISCOVERY_STOPPING)
1579 goto discov_complete;
1581 if (discov->state != DISCOVERY_RESOLVING)
1584 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
1585 /* If the device was not found in a list of found devices names of which
1586 * are pending. there is no need to continue resolving a next name as it
1587 * will be done upon receiving another Remote Name Request Complete
1594 e->name_state = NAME_KNOWN;
1595 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1596 e->data.rssi, name, name_len);
1598 e->name_state = NAME_NOT_KNOWN;
1601 if (hci_resolve_next_name(hdev))
1605 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1608 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1610 struct hci_cp_remote_name_req *cp;
1611 struct hci_conn *conn;
1613 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1615 /* If successful wait for the name req complete event before
1616 * checking for the need to do authentication */
1620 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1626 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1628 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1629 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
1634 if (!hci_outgoing_auth_needed(hdev, conn))
1637 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
1638 struct hci_cp_auth_requested cp;
1639 cp.handle = __cpu_to_le16(conn->handle);
1640 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1644 hci_dev_unlock(hdev);
1647 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1649 struct hci_cp_read_remote_features *cp;
1650 struct hci_conn *conn;
1652 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1657 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1663 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1665 if (conn->state == BT_CONFIG) {
1666 hci_proto_connect_cfm(conn, status);
1671 hci_dev_unlock(hdev);
1674 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1676 struct hci_cp_read_remote_ext_features *cp;
1677 struct hci_conn *conn;
1679 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1684 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1690 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1692 if (conn->state == BT_CONFIG) {
1693 hci_proto_connect_cfm(conn, status);
1698 hci_dev_unlock(hdev);
1701 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1703 struct hci_cp_setup_sync_conn *cp;
1704 struct hci_conn *acl, *sco;
1707 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1712 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1716 handle = __le16_to_cpu(cp->handle);
1718 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
1722 acl = hci_conn_hash_lookup_handle(hdev, handle);
1726 sco->state = BT_CLOSED;
1728 hci_proto_connect_cfm(sco, status);
1733 hci_dev_unlock(hdev);
1736 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1738 struct hci_cp_sniff_mode *cp;
1739 struct hci_conn *conn;
1741 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1746 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1752 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1754 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1756 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
1757 hci_sco_setup(conn, status);
1760 hci_dev_unlock(hdev);
1763 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1765 struct hci_cp_exit_sniff_mode *cp;
1766 struct hci_conn *conn;
1768 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1773 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1779 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1781 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1783 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
1784 hci_sco_setup(conn, status);
1787 hci_dev_unlock(hdev);
1790 static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1792 struct hci_cp_disconnect *cp;
1793 struct hci_conn *conn;
1798 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
1804 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1806 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
1807 conn->dst_type, status);
1809 hci_dev_unlock(hdev);
1812 static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1814 struct hci_conn *conn;
1816 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1821 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
1823 hci_dev_unlock(hdev);
1827 BT_DBG("%s bdaddr %pMR conn %p", hdev->name, &conn->dst, conn);
1829 conn->state = BT_CLOSED;
1830 mgmt_connect_failed(hdev, &conn->dst, conn->type,
1831 conn->dst_type, status);
1832 hci_proto_connect_cfm(conn, status);
1835 hci_dev_unlock(hdev);
1839 static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1841 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1844 static void hci_cs_create_phylink(struct hci_dev *hdev, u8 status)
1846 struct hci_cp_create_phy_link *cp;
1848 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1850 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_PHY_LINK);
1857 struct hci_conn *hcon;
1859 hcon = hci_conn_hash_lookup_handle(hdev, cp->phy_handle);
1863 amp_write_remote_assoc(hdev, cp->phy_handle);
1866 hci_dev_unlock(hdev);
1869 static void hci_cs_accept_phylink(struct hci_dev *hdev, u8 status)
1871 struct hci_cp_accept_phy_link *cp;
1873 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1878 cp = hci_sent_cmd_data(hdev, HCI_OP_ACCEPT_PHY_LINK);
1882 amp_write_remote_assoc(hdev, cp->phy_handle);
1885 static void hci_cs_create_logical_link(struct hci_dev *hdev, u8 status)
1887 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1890 static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1892 __u8 status = *((__u8 *) skb->data);
1893 struct discovery_state *discov = &hdev->discovery;
1894 struct inquiry_entry *e;
1896 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1898 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1900 hci_conn_check_pending(hdev);
1902 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1905 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
1910 if (discov->state != DISCOVERY_FINDING)
1913 if (list_empty(&discov->resolve)) {
1914 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1918 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1919 if (e && hci_resolve_name(hdev, e) == 0) {
1920 e->name_state = NAME_PENDING;
1921 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1923 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1927 hci_dev_unlock(hdev);
1930 static void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1932 struct inquiry_data data;
1933 struct inquiry_info *info = (void *) (skb->data + 1);
1934 int num_rsp = *((__u8 *) skb->data);
1936 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1941 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
1946 for (; num_rsp; num_rsp--, info++) {
1947 bool name_known, ssp;
1949 bacpy(&data.bdaddr, &info->bdaddr);
1950 data.pscan_rep_mode = info->pscan_rep_mode;
1951 data.pscan_period_mode = info->pscan_period_mode;
1952 data.pscan_mode = info->pscan_mode;
1953 memcpy(data.dev_class, info->dev_class, 3);
1954 data.clock_offset = info->clock_offset;
1956 data.ssp_mode = 0x00;
1958 name_known = hci_inquiry_cache_update(hdev, &data, false, &ssp);
1959 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
1960 info->dev_class, 0, !name_known, ssp, NULL,
1964 hci_dev_unlock(hdev);
1967 static void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1969 struct hci_ev_conn_complete *ev = (void *) skb->data;
1970 struct hci_conn *conn;
1972 BT_DBG("%s", hdev->name);
1976 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1978 if (ev->link_type != SCO_LINK)
1981 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1985 conn->type = SCO_LINK;
1989 conn->handle = __le16_to_cpu(ev->handle);
1991 if (conn->type == ACL_LINK) {
1992 conn->state = BT_CONFIG;
1993 hci_conn_hold(conn);
1995 if (!conn->out && !hci_conn_ssp_enabled(conn) &&
1996 !hci_find_link_key(hdev, &ev->bdaddr))
1997 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1999 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2001 conn->state = BT_CONNECTED;
2003 hci_conn_hold_device(conn);
2004 hci_conn_add_sysfs(conn);
2006 if (test_bit(HCI_AUTH, &hdev->flags))
2007 conn->link_mode |= HCI_LM_AUTH;
2009 if (test_bit(HCI_ENCRYPT, &hdev->flags))
2010 conn->link_mode |= HCI_LM_ENCRYPT;
2012 /* Get remote features */
2013 if (conn->type == ACL_LINK) {
2014 struct hci_cp_read_remote_features cp;
2015 cp.handle = ev->handle;
2016 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
2020 /* Set packet type for incoming connection */
2021 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
2022 struct hci_cp_change_conn_ptype cp;
2023 cp.handle = ev->handle;
2024 cp.pkt_type = cpu_to_le16(conn->pkt_type);
2025 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, sizeof(cp),
2029 conn->state = BT_CLOSED;
2030 if (conn->type == ACL_LINK)
2031 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
2032 conn->dst_type, ev->status);
2035 if (conn->type == ACL_LINK)
2036 hci_sco_setup(conn, ev->status);
2039 hci_proto_connect_cfm(conn, ev->status);
2041 } else if (ev->link_type != ACL_LINK)
2042 hci_proto_connect_cfm(conn, ev->status);
2045 hci_dev_unlock(hdev);
2047 hci_conn_check_pending(hdev);
2050 static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2052 struct hci_ev_conn_request *ev = (void *) skb->data;
2053 int mask = hdev->link_mode;
2055 BT_DBG("%s bdaddr %pMR type 0x%x", hdev->name, &ev->bdaddr,
2058 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
2060 if ((mask & HCI_LM_ACCEPT) &&
2061 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
2062 /* Connection accepted */
2063 struct inquiry_entry *ie;
2064 struct hci_conn *conn;
2068 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2070 memcpy(ie->data.dev_class, ev->dev_class, 3);
2072 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type,
2075 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
2077 BT_ERR("No memory for new connection");
2078 hci_dev_unlock(hdev);
2083 memcpy(conn->dev_class, ev->dev_class, 3);
2084 conn->state = BT_CONNECT;
2086 hci_dev_unlock(hdev);
2088 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
2089 struct hci_cp_accept_conn_req cp;
2091 bacpy(&cp.bdaddr, &ev->bdaddr);
2093 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
2094 cp.role = 0x00; /* Become master */
2096 cp.role = 0x01; /* Remain slave */
2098 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp),
2101 struct hci_cp_accept_sync_conn_req cp;
2103 bacpy(&cp.bdaddr, &ev->bdaddr);
2104 cp.pkt_type = cpu_to_le16(conn->pkt_type);
2106 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
2107 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
2108 cp.max_latency = __constant_cpu_to_le16(0xffff);
2109 cp.content_format = cpu_to_le16(hdev->voice_setting);
2110 cp.retrans_effort = 0xff;
2112 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
2116 /* Connection rejected */
2117 struct hci_cp_reject_conn_req cp;
2119 bacpy(&cp.bdaddr, &ev->bdaddr);
2120 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
2121 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
2125 static u8 hci_to_mgmt_reason(u8 err)
2128 case HCI_ERROR_CONNECTION_TIMEOUT:
2129 return MGMT_DEV_DISCONN_TIMEOUT;
2130 case HCI_ERROR_REMOTE_USER_TERM:
2131 case HCI_ERROR_REMOTE_LOW_RESOURCES:
2132 case HCI_ERROR_REMOTE_POWER_OFF:
2133 return MGMT_DEV_DISCONN_REMOTE;
2134 case HCI_ERROR_LOCAL_HOST_TERM:
2135 return MGMT_DEV_DISCONN_LOCAL_HOST;
2137 return MGMT_DEV_DISCONN_UNKNOWN;
2141 static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2143 struct hci_ev_disconn_complete *ev = (void *) skb->data;
2144 struct hci_conn *conn;
2146 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2150 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2154 if (ev->status == 0)
2155 conn->state = BT_CLOSED;
2157 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
2158 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
2160 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
2161 conn->dst_type, ev->status);
2163 u8 reason = hci_to_mgmt_reason(ev->reason);
2165 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
2166 conn->dst_type, reason);
2170 if (ev->status == 0) {
2171 if (conn->type == ACL_LINK && conn->flush_key)
2172 hci_remove_link_key(hdev, &conn->dst);
2173 hci_proto_disconn_cfm(conn, ev->reason);
2178 hci_dev_unlock(hdev);
2181 static void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2183 struct hci_ev_auth_complete *ev = (void *) skb->data;
2184 struct hci_conn *conn;
2186 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2190 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2195 if (!hci_conn_ssp_enabled(conn) &&
2196 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
2197 BT_INFO("re-auth of legacy device is not possible.");
2199 conn->link_mode |= HCI_LM_AUTH;
2200 conn->sec_level = conn->pending_sec_level;
2203 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
2207 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
2208 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
2210 if (conn->state == BT_CONFIG) {
2211 if (!ev->status && hci_conn_ssp_enabled(conn)) {
2212 struct hci_cp_set_conn_encrypt cp;
2213 cp.handle = ev->handle;
2215 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
2218 conn->state = BT_CONNECTED;
2219 hci_proto_connect_cfm(conn, ev->status);
2223 hci_auth_cfm(conn, ev->status);
2225 hci_conn_hold(conn);
2226 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2230 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
2232 struct hci_cp_set_conn_encrypt cp;
2233 cp.handle = ev->handle;
2235 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
2238 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
2239 hci_encrypt_cfm(conn, ev->status, 0x00);
2244 hci_dev_unlock(hdev);
2247 static void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
2249 struct hci_ev_remote_name *ev = (void *) skb->data;
2250 struct hci_conn *conn;
2252 BT_DBG("%s", hdev->name);
2254 hci_conn_check_pending(hdev);
2258 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2260 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
2263 if (ev->status == 0)
2264 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
2265 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
2267 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
2273 if (!hci_outgoing_auth_needed(hdev, conn))
2276 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
2277 struct hci_cp_auth_requested cp;
2278 cp.handle = __cpu_to_le16(conn->handle);
2279 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
2283 hci_dev_unlock(hdev);
2286 static void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2288 struct hci_ev_encrypt_change *ev = (void *) skb->data;
2289 struct hci_conn *conn;
2291 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2295 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2299 /* Encryption implies authentication */
2300 conn->link_mode |= HCI_LM_AUTH;
2301 conn->link_mode |= HCI_LM_ENCRYPT;
2302 conn->sec_level = conn->pending_sec_level;
2304 conn->link_mode &= ~HCI_LM_ENCRYPT;
2307 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
2309 if (ev->status && conn->state == BT_CONNECTED) {
2310 hci_acl_disconn(conn, HCI_ERROR_AUTH_FAILURE);
2315 if (conn->state == BT_CONFIG) {
2317 conn->state = BT_CONNECTED;
2319 hci_proto_connect_cfm(conn, ev->status);
2322 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
2326 hci_dev_unlock(hdev);
2329 static void hci_change_link_key_complete_evt(struct hci_dev *hdev,
2330 struct sk_buff *skb)
2332 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
2333 struct hci_conn *conn;
2335 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2339 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2342 conn->link_mode |= HCI_LM_SECURE;
2344 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
2346 hci_key_change_cfm(conn, ev->status);
2349 hci_dev_unlock(hdev);
2352 static void hci_remote_features_evt(struct hci_dev *hdev,
2353 struct sk_buff *skb)
2355 struct hci_ev_remote_features *ev = (void *) skb->data;
2356 struct hci_conn *conn;
2358 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2362 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2367 memcpy(conn->features, ev->features, 8);
2369 if (conn->state != BT_CONFIG)
2372 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2373 struct hci_cp_read_remote_ext_features cp;
2374 cp.handle = ev->handle;
2376 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
2381 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
2382 struct hci_cp_remote_name_req cp;
2383 memset(&cp, 0, sizeof(cp));
2384 bacpy(&cp.bdaddr, &conn->dst);
2385 cp.pscan_rep_mode = 0x02;
2386 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2387 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2388 mgmt_device_connected(hdev, &conn->dst, conn->type,
2389 conn->dst_type, 0, NULL, 0,
2392 if (!hci_outgoing_auth_needed(hdev, conn)) {
2393 conn->state = BT_CONNECTED;
2394 hci_proto_connect_cfm(conn, ev->status);
2399 hci_dev_unlock(hdev);
2402 static void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
2404 BT_DBG("%s", hdev->name);
2407 static void hci_qos_setup_complete_evt(struct hci_dev *hdev,
2408 struct sk_buff *skb)
2410 BT_DBG("%s", hdev->name);
2413 static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2415 struct hci_ev_cmd_complete *ev = (void *) skb->data;
2418 skb_pull(skb, sizeof(*ev));
2420 opcode = __le16_to_cpu(ev->opcode);
2423 case HCI_OP_INQUIRY_CANCEL:
2424 hci_cc_inquiry_cancel(hdev, skb);
2427 case HCI_OP_PERIODIC_INQ:
2428 hci_cc_periodic_inq(hdev, skb);
2431 case HCI_OP_EXIT_PERIODIC_INQ:
2432 hci_cc_exit_periodic_inq(hdev, skb);
2435 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2436 hci_cc_remote_name_req_cancel(hdev, skb);
2439 case HCI_OP_ROLE_DISCOVERY:
2440 hci_cc_role_discovery(hdev, skb);
2443 case HCI_OP_READ_LINK_POLICY:
2444 hci_cc_read_link_policy(hdev, skb);
2447 case HCI_OP_WRITE_LINK_POLICY:
2448 hci_cc_write_link_policy(hdev, skb);
2451 case HCI_OP_READ_DEF_LINK_POLICY:
2452 hci_cc_read_def_link_policy(hdev, skb);
2455 case HCI_OP_WRITE_DEF_LINK_POLICY:
2456 hci_cc_write_def_link_policy(hdev, skb);
2460 hci_cc_reset(hdev, skb);
2463 case HCI_OP_WRITE_LOCAL_NAME:
2464 hci_cc_write_local_name(hdev, skb);
2467 case HCI_OP_READ_LOCAL_NAME:
2468 hci_cc_read_local_name(hdev, skb);
2471 case HCI_OP_WRITE_AUTH_ENABLE:
2472 hci_cc_write_auth_enable(hdev, skb);
2475 case HCI_OP_WRITE_ENCRYPT_MODE:
2476 hci_cc_write_encrypt_mode(hdev, skb);
2479 case HCI_OP_WRITE_SCAN_ENABLE:
2480 hci_cc_write_scan_enable(hdev, skb);
2483 case HCI_OP_READ_CLASS_OF_DEV:
2484 hci_cc_read_class_of_dev(hdev, skb);
2487 case HCI_OP_WRITE_CLASS_OF_DEV:
2488 hci_cc_write_class_of_dev(hdev, skb);
2491 case HCI_OP_READ_VOICE_SETTING:
2492 hci_cc_read_voice_setting(hdev, skb);
2495 case HCI_OP_WRITE_VOICE_SETTING:
2496 hci_cc_write_voice_setting(hdev, skb);
2499 case HCI_OP_HOST_BUFFER_SIZE:
2500 hci_cc_host_buffer_size(hdev, skb);
2503 case HCI_OP_WRITE_SSP_MODE:
2504 hci_cc_write_ssp_mode(hdev, skb);
2507 case HCI_OP_READ_LOCAL_VERSION:
2508 hci_cc_read_local_version(hdev, skb);
2511 case HCI_OP_READ_LOCAL_COMMANDS:
2512 hci_cc_read_local_commands(hdev, skb);
2515 case HCI_OP_READ_LOCAL_FEATURES:
2516 hci_cc_read_local_features(hdev, skb);
2519 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2520 hci_cc_read_local_ext_features(hdev, skb);
2523 case HCI_OP_READ_BUFFER_SIZE:
2524 hci_cc_read_buffer_size(hdev, skb);
2527 case HCI_OP_READ_BD_ADDR:
2528 hci_cc_read_bd_addr(hdev, skb);
2531 case HCI_OP_READ_DATA_BLOCK_SIZE:
2532 hci_cc_read_data_block_size(hdev, skb);
2535 case HCI_OP_WRITE_CA_TIMEOUT:
2536 hci_cc_write_ca_timeout(hdev, skb);
2539 case HCI_OP_READ_FLOW_CONTROL_MODE:
2540 hci_cc_read_flow_control_mode(hdev, skb);
2543 case HCI_OP_READ_LOCAL_AMP_INFO:
2544 hci_cc_read_local_amp_info(hdev, skb);
2547 case HCI_OP_READ_LOCAL_AMP_ASSOC:
2548 hci_cc_read_local_amp_assoc(hdev, skb);
2551 case HCI_OP_DELETE_STORED_LINK_KEY:
2552 hci_cc_delete_stored_link_key(hdev, skb);
2555 case HCI_OP_SET_EVENT_MASK:
2556 hci_cc_set_event_mask(hdev, skb);
2559 case HCI_OP_WRITE_INQUIRY_MODE:
2560 hci_cc_write_inquiry_mode(hdev, skb);
2563 case HCI_OP_READ_INQ_RSP_TX_POWER:
2564 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2567 case HCI_OP_SET_EVENT_FLT:
2568 hci_cc_set_event_flt(hdev, skb);
2571 case HCI_OP_PIN_CODE_REPLY:
2572 hci_cc_pin_code_reply(hdev, skb);
2575 case HCI_OP_PIN_CODE_NEG_REPLY:
2576 hci_cc_pin_code_neg_reply(hdev, skb);
2579 case HCI_OP_READ_LOCAL_OOB_DATA:
2580 hci_cc_read_local_oob_data_reply(hdev, skb);
2583 case HCI_OP_LE_READ_BUFFER_SIZE:
2584 hci_cc_le_read_buffer_size(hdev, skb);
2587 case HCI_OP_LE_READ_ADV_TX_POWER:
2588 hci_cc_le_read_adv_tx_power(hdev, skb);
2591 case HCI_OP_LE_SET_EVENT_MASK:
2592 hci_cc_le_set_event_mask(hdev, skb);
2595 case HCI_OP_USER_CONFIRM_REPLY:
2596 hci_cc_user_confirm_reply(hdev, skb);
2599 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2600 hci_cc_user_confirm_neg_reply(hdev, skb);
2603 case HCI_OP_USER_PASSKEY_REPLY:
2604 hci_cc_user_passkey_reply(hdev, skb);
2607 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2608 hci_cc_user_passkey_neg_reply(hdev, skb);
2611 case HCI_OP_LE_SET_SCAN_PARAM:
2612 hci_cc_le_set_scan_param(hdev, skb);
2615 case HCI_OP_LE_SET_ADV_ENABLE:
2616 hci_cc_le_set_adv_enable(hdev, skb);
2619 case HCI_OP_LE_SET_SCAN_ENABLE:
2620 hci_cc_le_set_scan_enable(hdev, skb);
2623 case HCI_OP_LE_LTK_REPLY:
2624 hci_cc_le_ltk_reply(hdev, skb);
2627 case HCI_OP_LE_LTK_NEG_REPLY:
2628 hci_cc_le_ltk_neg_reply(hdev, skb);
2631 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2632 hci_cc_write_le_host_supported(hdev, skb);
2635 case HCI_OP_WRITE_REMOTE_AMP_ASSOC:
2636 hci_cc_write_remote_amp_assoc(hdev, skb);
2640 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
2644 if (ev->opcode != HCI_OP_NOP)
2645 del_timer(&hdev->cmd_timer);
2648 atomic_set(&hdev->cmd_cnt, 1);
2649 if (!skb_queue_empty(&hdev->cmd_q))
2650 queue_work(hdev->workqueue, &hdev->cmd_work);
2654 static void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2656 struct hci_ev_cmd_status *ev = (void *) skb->data;
2659 skb_pull(skb, sizeof(*ev));
2661 opcode = __le16_to_cpu(ev->opcode);
2664 case HCI_OP_INQUIRY:
2665 hci_cs_inquiry(hdev, ev->status);
2668 case HCI_OP_CREATE_CONN:
2669 hci_cs_create_conn(hdev, ev->status);
2672 case HCI_OP_ADD_SCO:
2673 hci_cs_add_sco(hdev, ev->status);
2676 case HCI_OP_AUTH_REQUESTED:
2677 hci_cs_auth_requested(hdev, ev->status);
2680 case HCI_OP_SET_CONN_ENCRYPT:
2681 hci_cs_set_conn_encrypt(hdev, ev->status);
2684 case HCI_OP_REMOTE_NAME_REQ:
2685 hci_cs_remote_name_req(hdev, ev->status);
2688 case HCI_OP_READ_REMOTE_FEATURES:
2689 hci_cs_read_remote_features(hdev, ev->status);
2692 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2693 hci_cs_read_remote_ext_features(hdev, ev->status);
2696 case HCI_OP_SETUP_SYNC_CONN:
2697 hci_cs_setup_sync_conn(hdev, ev->status);
2700 case HCI_OP_SNIFF_MODE:
2701 hci_cs_sniff_mode(hdev, ev->status);
2704 case HCI_OP_EXIT_SNIFF_MODE:
2705 hci_cs_exit_sniff_mode(hdev, ev->status);
2708 case HCI_OP_DISCONNECT:
2709 hci_cs_disconnect(hdev, ev->status);
2712 case HCI_OP_LE_CREATE_CONN:
2713 hci_cs_le_create_conn(hdev, ev->status);
2716 case HCI_OP_LE_START_ENC:
2717 hci_cs_le_start_enc(hdev, ev->status);
2720 case HCI_OP_CREATE_PHY_LINK:
2721 hci_cs_create_phylink(hdev, ev->status);
2724 case HCI_OP_ACCEPT_PHY_LINK:
2725 hci_cs_accept_phylink(hdev, ev->status);
2728 case HCI_OP_CREATE_LOGICAL_LINK:
2729 hci_cs_create_logical_link(hdev, ev->status);
2733 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
2737 if (ev->opcode != HCI_OP_NOP)
2738 del_timer(&hdev->cmd_timer);
2740 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
2741 atomic_set(&hdev->cmd_cnt, 1);
2742 if (!skb_queue_empty(&hdev->cmd_q))
2743 queue_work(hdev->workqueue, &hdev->cmd_work);
2747 static void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2749 struct hci_ev_role_change *ev = (void *) skb->data;
2750 struct hci_conn *conn;
2752 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2756 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2760 conn->link_mode &= ~HCI_LM_MASTER;
2762 conn->link_mode |= HCI_LM_MASTER;
2765 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
2767 hci_role_switch_cfm(conn, ev->status, ev->role);
2770 hci_dev_unlock(hdev);
2773 static void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
2775 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
2778 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2779 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2783 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2784 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
2785 BT_DBG("%s bad parameters", hdev->name);
2789 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2791 for (i = 0; i < ev->num_hndl; i++) {
2792 struct hci_comp_pkts_info *info = &ev->handles[i];
2793 struct hci_conn *conn;
2794 __u16 handle, count;
2796 handle = __le16_to_cpu(info->handle);
2797 count = __le16_to_cpu(info->count);
2799 conn = hci_conn_hash_lookup_handle(hdev, handle);
2803 conn->sent -= count;
2805 switch (conn->type) {
2807 hdev->acl_cnt += count;
2808 if (hdev->acl_cnt > hdev->acl_pkts)
2809 hdev->acl_cnt = hdev->acl_pkts;
2813 if (hdev->le_pkts) {
2814 hdev->le_cnt += count;
2815 if (hdev->le_cnt > hdev->le_pkts)
2816 hdev->le_cnt = hdev->le_pkts;
2818 hdev->acl_cnt += count;
2819 if (hdev->acl_cnt > hdev->acl_pkts)
2820 hdev->acl_cnt = hdev->acl_pkts;
2825 hdev->sco_cnt += count;
2826 if (hdev->sco_cnt > hdev->sco_pkts)
2827 hdev->sco_cnt = hdev->sco_pkts;
2831 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2836 queue_work(hdev->workqueue, &hdev->tx_work);
2839 static struct hci_conn *__hci_conn_lookup_handle(struct hci_dev *hdev,
2842 struct hci_chan *chan;
2844 switch (hdev->dev_type) {
2846 return hci_conn_hash_lookup_handle(hdev, handle);
2848 chan = hci_chan_lookup_handle(hdev, handle);
2853 BT_ERR("%s unknown dev_type %d", hdev->name, hdev->dev_type);
2860 static void hci_num_comp_blocks_evt(struct hci_dev *hdev, struct sk_buff *skb)
2862 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2865 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2866 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2870 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2871 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
2872 BT_DBG("%s bad parameters", hdev->name);
2876 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
2879 for (i = 0; i < ev->num_hndl; i++) {
2880 struct hci_comp_blocks_info *info = &ev->handles[i];
2881 struct hci_conn *conn = NULL;
2882 __u16 handle, block_count;
2884 handle = __le16_to_cpu(info->handle);
2885 block_count = __le16_to_cpu(info->blocks);
2887 conn = __hci_conn_lookup_handle(hdev, handle);
2891 conn->sent -= block_count;
2893 switch (conn->type) {
2896 hdev->block_cnt += block_count;
2897 if (hdev->block_cnt > hdev->num_blocks)
2898 hdev->block_cnt = hdev->num_blocks;
2902 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2907 queue_work(hdev->workqueue, &hdev->tx_work);
2910 static void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2912 struct hci_ev_mode_change *ev = (void *) skb->data;
2913 struct hci_conn *conn;
2915 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2919 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2921 conn->mode = ev->mode;
2922 conn->interval = __le16_to_cpu(ev->interval);
2924 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND,
2926 if (conn->mode == HCI_CM_ACTIVE)
2927 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
2929 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
2932 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
2933 hci_sco_setup(conn, ev->status);
2936 hci_dev_unlock(hdev);
2939 static void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2941 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2942 struct hci_conn *conn;
2944 BT_DBG("%s", hdev->name);
2948 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2952 if (conn->state == BT_CONNECTED) {
2953 hci_conn_hold(conn);
2954 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2958 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
2959 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2960 sizeof(ev->bdaddr), &ev->bdaddr);
2961 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
2964 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2969 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
2973 hci_dev_unlock(hdev);
2976 static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2978 struct hci_ev_link_key_req *ev = (void *) skb->data;
2979 struct hci_cp_link_key_reply cp;
2980 struct hci_conn *conn;
2981 struct link_key *key;
2983 BT_DBG("%s", hdev->name);
2985 if (!test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
2990 key = hci_find_link_key(hdev, &ev->bdaddr);
2992 BT_DBG("%s link key not found for %pMR", hdev->name,
2997 BT_DBG("%s found key type %u for %pMR", hdev->name, key->type,
3000 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
3001 key->type == HCI_LK_DEBUG_COMBINATION) {
3002 BT_DBG("%s ignoring debug key", hdev->name);
3006 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3008 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
3009 conn->auth_type != 0xff && (conn->auth_type & 0x01)) {
3010 BT_DBG("%s ignoring unauthenticated key", hdev->name);
3014 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
3015 conn->pending_sec_level == BT_SECURITY_HIGH) {
3016 BT_DBG("%s ignoring key unauthenticated for high security",
3021 conn->key_type = key->type;
3022 conn->pin_length = key->pin_len;
3025 bacpy(&cp.bdaddr, &ev->bdaddr);
3026 memcpy(cp.link_key, key->val, HCI_LINK_KEY_SIZE);
3028 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
3030 hci_dev_unlock(hdev);
3035 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
3036 hci_dev_unlock(hdev);
3039 static void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
3041 struct hci_ev_link_key_notify *ev = (void *) skb->data;
3042 struct hci_conn *conn;
3045 BT_DBG("%s", hdev->name);
3049 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3051 hci_conn_hold(conn);
3052 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
3053 pin_len = conn->pin_length;
3055 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
3056 conn->key_type = ev->key_type;
3061 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
3062 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
3063 ev->key_type, pin_len);
3065 hci_dev_unlock(hdev);
3068 static void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
3070 struct hci_ev_clock_offset *ev = (void *) skb->data;
3071 struct hci_conn *conn;
3073 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3077 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3078 if (conn && !ev->status) {
3079 struct inquiry_entry *ie;
3081 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
3083 ie->data.clock_offset = ev->clock_offset;
3084 ie->timestamp = jiffies;
3088 hci_dev_unlock(hdev);
3091 static void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
3093 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
3094 struct hci_conn *conn;
3096 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3100 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3101 if (conn && !ev->status)
3102 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
3104 hci_dev_unlock(hdev);
3107 static void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
3109 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
3110 struct inquiry_entry *ie;
3112 BT_DBG("%s", hdev->name);
3116 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3118 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
3119 ie->timestamp = jiffies;
3122 hci_dev_unlock(hdev);
3125 static void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev,
3126 struct sk_buff *skb)
3128 struct inquiry_data data;
3129 int num_rsp = *((__u8 *) skb->data);
3130 bool name_known, ssp;
3132 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
3137 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
3142 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
3143 struct inquiry_info_with_rssi_and_pscan_mode *info;
3144 info = (void *) (skb->data + 1);
3146 for (; num_rsp; num_rsp--, info++) {
3147 bacpy(&data.bdaddr, &info->bdaddr);
3148 data.pscan_rep_mode = info->pscan_rep_mode;
3149 data.pscan_period_mode = info->pscan_period_mode;
3150 data.pscan_mode = info->pscan_mode;
3151 memcpy(data.dev_class, info->dev_class, 3);
3152 data.clock_offset = info->clock_offset;
3153 data.rssi = info->rssi;
3154 data.ssp_mode = 0x00;
3156 name_known = hci_inquiry_cache_update(hdev, &data,
3158 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
3159 info->dev_class, info->rssi,
3160 !name_known, ssp, NULL, 0);
3163 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
3165 for (; num_rsp; num_rsp--, info++) {
3166 bacpy(&data.bdaddr, &info->bdaddr);
3167 data.pscan_rep_mode = info->pscan_rep_mode;
3168 data.pscan_period_mode = info->pscan_period_mode;
3169 data.pscan_mode = 0x00;
3170 memcpy(data.dev_class, info->dev_class, 3);
3171 data.clock_offset = info->clock_offset;
3172 data.rssi = info->rssi;
3173 data.ssp_mode = 0x00;
3174 name_known = hci_inquiry_cache_update(hdev, &data,
3176 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
3177 info->dev_class, info->rssi,
3178 !name_known, ssp, NULL, 0);
3182 hci_dev_unlock(hdev);
3185 static void hci_remote_ext_features_evt(struct hci_dev *hdev,
3186 struct sk_buff *skb)
3188 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
3189 struct hci_conn *conn;
3191 BT_DBG("%s", hdev->name);
3195 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3199 if (!ev->status && ev->page == 0x01) {
3200 struct inquiry_entry *ie;
3202 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
3204 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
3206 if (ev->features[0] & LMP_HOST_SSP)
3207 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
3210 if (conn->state != BT_CONFIG)
3213 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
3214 struct hci_cp_remote_name_req cp;
3215 memset(&cp, 0, sizeof(cp));
3216 bacpy(&cp.bdaddr, &conn->dst);
3217 cp.pscan_rep_mode = 0x02;
3218 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
3219 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3220 mgmt_device_connected(hdev, &conn->dst, conn->type,
3221 conn->dst_type, 0, NULL, 0,
3224 if (!hci_outgoing_auth_needed(hdev, conn)) {
3225 conn->state = BT_CONNECTED;
3226 hci_proto_connect_cfm(conn, ev->status);
3231 hci_dev_unlock(hdev);
3234 static void hci_sync_conn_complete_evt(struct hci_dev *hdev,
3235 struct sk_buff *skb)
3237 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
3238 struct hci_conn *conn;
3240 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3244 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
3246 if (ev->link_type == ESCO_LINK)
3249 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
3253 conn->type = SCO_LINK;
3256 switch (ev->status) {
3258 conn->handle = __le16_to_cpu(ev->handle);
3259 conn->state = BT_CONNECTED;
3261 hci_conn_hold_device(conn);
3262 hci_conn_add_sysfs(conn);
3265 case 0x11: /* Unsupported Feature or Parameter Value */
3266 case 0x1c: /* SCO interval rejected */
3267 case 0x1a: /* Unsupported Remote Feature */
3268 case 0x1f: /* Unspecified error */
3269 if (conn->out && conn->attempt < 2) {
3270 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
3271 (hdev->esco_type & EDR_ESCO_MASK);
3272 hci_setup_sync(conn, conn->link->handle);
3278 conn->state = BT_CLOSED;
3282 hci_proto_connect_cfm(conn, ev->status);
3287 hci_dev_unlock(hdev);
3290 static void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
3292 BT_DBG("%s", hdev->name);
3295 static void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
3297 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
3299 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3302 static void hci_extended_inquiry_result_evt(struct hci_dev *hdev,
3303 struct sk_buff *skb)
3305 struct inquiry_data data;
3306 struct extended_inquiry_info *info = (void *) (skb->data + 1);
3307 int num_rsp = *((__u8 *) skb->data);
3310 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
3315 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
3320 for (; num_rsp; num_rsp--, info++) {
3321 bool name_known, ssp;
3323 bacpy(&data.bdaddr, &info->bdaddr);
3324 data.pscan_rep_mode = info->pscan_rep_mode;
3325 data.pscan_period_mode = info->pscan_period_mode;
3326 data.pscan_mode = 0x00;
3327 memcpy(data.dev_class, info->dev_class, 3);
3328 data.clock_offset = info->clock_offset;
3329 data.rssi = info->rssi;
3330 data.ssp_mode = 0x01;
3332 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3333 name_known = eir_has_data_type(info->data,
3339 name_known = hci_inquiry_cache_update(hdev, &data, name_known,
3341 eir_len = eir_get_length(info->data, sizeof(info->data));
3342 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
3343 info->dev_class, info->rssi, !name_known,
3344 ssp, info->data, eir_len);
3347 hci_dev_unlock(hdev);
3350 static void hci_key_refresh_complete_evt(struct hci_dev *hdev,
3351 struct sk_buff *skb)
3353 struct hci_ev_key_refresh_complete *ev = (void *) skb->data;
3354 struct hci_conn *conn;
3356 BT_DBG("%s status 0x%2.2x handle 0x%4.4x", hdev->name, ev->status,
3357 __le16_to_cpu(ev->handle));
3361 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3366 conn->sec_level = conn->pending_sec_level;
3368 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
3370 if (ev->status && conn->state == BT_CONNECTED) {
3371 hci_acl_disconn(conn, HCI_ERROR_AUTH_FAILURE);
3376 if (conn->state == BT_CONFIG) {
3378 conn->state = BT_CONNECTED;
3380 hci_proto_connect_cfm(conn, ev->status);
3383 hci_auth_cfm(conn, ev->status);
3385 hci_conn_hold(conn);
3386 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
3391 hci_dev_unlock(hdev);
3394 static u8 hci_get_auth_req(struct hci_conn *conn)
3396 /* If remote requests dedicated bonding follow that lead */
3397 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
3398 /* If both remote and local IO capabilities allow MITM
3399 * protection then require it, otherwise don't */
3400 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
3406 /* If remote requests no-bonding follow that lead */
3407 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
3408 return conn->remote_auth | (conn->auth_type & 0x01);
3410 return conn->auth_type;
3413 static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
3415 struct hci_ev_io_capa_request *ev = (void *) skb->data;
3416 struct hci_conn *conn;
3418 BT_DBG("%s", hdev->name);
3422 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3426 hci_conn_hold(conn);
3428 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
3431 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
3432 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
3433 struct hci_cp_io_capability_reply cp;
3435 bacpy(&cp.bdaddr, &ev->bdaddr);
3436 /* Change the IO capability from KeyboardDisplay
3437 * to DisplayYesNo as it is not supported by BT spec. */
3438 cp.capability = (conn->io_capability == 0x04) ?
3439 0x01 : conn->io_capability;
3440 conn->auth_type = hci_get_auth_req(conn);
3441 cp.authentication = conn->auth_type;
3443 if (hci_find_remote_oob_data(hdev, &conn->dst) &&
3444 (conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)))
3449 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
3452 struct hci_cp_io_capability_neg_reply cp;
3454 bacpy(&cp.bdaddr, &ev->bdaddr);
3455 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
3457 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
3462 hci_dev_unlock(hdev);
3465 static void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
3467 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3468 struct hci_conn *conn;
3470 BT_DBG("%s", hdev->name);
3474 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3478 conn->remote_cap = ev->capability;
3479 conn->remote_auth = ev->authentication;
3481 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
3484 hci_dev_unlock(hdev);
3487 static void hci_user_confirm_request_evt(struct hci_dev *hdev,
3488 struct sk_buff *skb)
3490 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
3491 int loc_mitm, rem_mitm, confirm_hint = 0;
3492 struct hci_conn *conn;
3494 BT_DBG("%s", hdev->name);
3498 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
3501 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3505 loc_mitm = (conn->auth_type & 0x01);
3506 rem_mitm = (conn->remote_auth & 0x01);
3508 /* If we require MITM but the remote device can't provide that
3509 * (it has NoInputNoOutput) then reject the confirmation
3510 * request. The only exception is when we're dedicated bonding
3511 * initiators (connect_cfm_cb set) since then we always have the MITM
3513 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
3514 BT_DBG("Rejecting request: remote device can't provide MITM");
3515 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
3516 sizeof(ev->bdaddr), &ev->bdaddr);
3520 /* If no side requires MITM protection; auto-accept */
3521 if ((!loc_mitm || conn->remote_cap == 0x03) &&
3522 (!rem_mitm || conn->io_capability == 0x03)) {
3524 /* If we're not the initiators request authorization to
3525 * proceed from user space (mgmt_user_confirm with
3526 * confirm_hint set to 1). */
3527 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
3528 BT_DBG("Confirming auto-accept as acceptor");
3533 BT_DBG("Auto-accept of user confirmation with %ums delay",
3534 hdev->auto_accept_delay);
3536 if (hdev->auto_accept_delay > 0) {
3537 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3538 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3542 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
3543 sizeof(ev->bdaddr), &ev->bdaddr);
3548 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, ev->passkey,
3552 hci_dev_unlock(hdev);
3555 static void hci_user_passkey_request_evt(struct hci_dev *hdev,
3556 struct sk_buff *skb)
3558 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3560 BT_DBG("%s", hdev->name);
3562 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3563 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
3566 static void hci_user_passkey_notify_evt(struct hci_dev *hdev,
3567 struct sk_buff *skb)
3569 struct hci_ev_user_passkey_notify *ev = (void *) skb->data;
3570 struct hci_conn *conn;
3572 BT_DBG("%s", hdev->name);
3574 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3578 conn->passkey_notify = __le32_to_cpu(ev->passkey);
3579 conn->passkey_entered = 0;
3581 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3582 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3583 conn->dst_type, conn->passkey_notify,
3584 conn->passkey_entered);
3587 static void hci_keypress_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
3589 struct hci_ev_keypress_notify *ev = (void *) skb->data;
3590 struct hci_conn *conn;
3592 BT_DBG("%s", hdev->name);
3594 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3599 case HCI_KEYPRESS_STARTED:
3600 conn->passkey_entered = 0;
3603 case HCI_KEYPRESS_ENTERED:
3604 conn->passkey_entered++;
3607 case HCI_KEYPRESS_ERASED:
3608 conn->passkey_entered--;
3611 case HCI_KEYPRESS_CLEARED:
3612 conn->passkey_entered = 0;
3615 case HCI_KEYPRESS_COMPLETED:
3619 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3620 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3621 conn->dst_type, conn->passkey_notify,
3622 conn->passkey_entered);
3625 static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
3626 struct sk_buff *skb)
3628 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3629 struct hci_conn *conn;
3631 BT_DBG("%s", hdev->name);
3635 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3639 /* To avoid duplicate auth_failed events to user space we check
3640 * the HCI_CONN_AUTH_PEND flag which will be set if we
3641 * initiated the authentication. A traditional auth_complete
3642 * event gets always produced as initiator and is also mapped to
3643 * the mgmt_auth_failed event */
3644 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status)
3645 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
3651 hci_dev_unlock(hdev);
3654 static void hci_remote_host_features_evt(struct hci_dev *hdev,
3655 struct sk_buff *skb)
3657 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3658 struct inquiry_entry *ie;
3660 BT_DBG("%s", hdev->name);
3664 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3666 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
3668 hci_dev_unlock(hdev);
3671 static void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3672 struct sk_buff *skb)
3674 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3675 struct oob_data *data;
3677 BT_DBG("%s", hdev->name);
3681 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
3684 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3686 struct hci_cp_remote_oob_data_reply cp;
3688 bacpy(&cp.bdaddr, &ev->bdaddr);
3689 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3690 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3692 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
3695 struct hci_cp_remote_oob_data_neg_reply cp;
3697 bacpy(&cp.bdaddr, &ev->bdaddr);
3698 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
3703 hci_dev_unlock(hdev);
3706 static void hci_phy_link_complete_evt(struct hci_dev *hdev,
3707 struct sk_buff *skb)
3709 struct hci_ev_phy_link_complete *ev = (void *) skb->data;
3710 struct hci_conn *hcon, *bredr_hcon;
3712 BT_DBG("%s handle 0x%2.2x status 0x%2.2x", hdev->name, ev->phy_handle,
3717 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3719 hci_dev_unlock(hdev);
3725 hci_dev_unlock(hdev);
3729 bredr_hcon = hcon->amp_mgr->l2cap_conn->hcon;
3731 hcon->state = BT_CONNECTED;
3732 bacpy(&hcon->dst, &bredr_hcon->dst);
3734 hci_conn_hold(hcon);
3735 hcon->disc_timeout = HCI_DISCONN_TIMEOUT;
3738 hci_conn_hold_device(hcon);
3739 hci_conn_add_sysfs(hcon);
3741 amp_physical_cfm(bredr_hcon, hcon);
3743 hci_dev_unlock(hdev);
3746 static void hci_loglink_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3748 struct hci_ev_logical_link_complete *ev = (void *) skb->data;
3749 struct hci_conn *hcon;
3750 struct hci_chan *hchan;
3751 struct amp_mgr *mgr;
3753 BT_DBG("%s log_handle 0x%4.4x phy_handle 0x%2.2x status 0x%2.2x",
3754 hdev->name, le16_to_cpu(ev->handle), ev->phy_handle,
3757 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3761 /* Create AMP hchan */
3762 hchan = hci_chan_create(hcon);
3766 hchan->handle = le16_to_cpu(ev->handle);
3768 BT_DBG("hcon %p mgr %p hchan %p", hcon, hcon->amp_mgr, hchan);
3770 mgr = hcon->amp_mgr;
3771 if (mgr && mgr->bredr_chan) {
3772 struct l2cap_chan *bredr_chan = mgr->bredr_chan;
3774 l2cap_chan_lock(bredr_chan);
3776 bredr_chan->conn->mtu = hdev->block_mtu;
3777 l2cap_logical_cfm(bredr_chan, hchan, 0);
3778 hci_conn_hold(hcon);
3780 l2cap_chan_unlock(bredr_chan);
3784 static void hci_disconn_loglink_complete_evt(struct hci_dev *hdev,
3785 struct sk_buff *skb)
3787 struct hci_ev_disconn_logical_link_complete *ev = (void *) skb->data;
3788 struct hci_chan *hchan;
3790 BT_DBG("%s log handle 0x%4.4x status 0x%2.2x", hdev->name,
3791 le16_to_cpu(ev->handle), ev->status);
3798 hchan = hci_chan_lookup_handle(hdev, le16_to_cpu(ev->handle));
3802 amp_destroy_logical_link(hchan, ev->reason);
3805 hci_dev_unlock(hdev);
3808 static void hci_disconn_phylink_complete_evt(struct hci_dev *hdev,
3809 struct sk_buff *skb)
3811 struct hci_ev_disconn_phy_link_complete *ev = (void *) skb->data;
3812 struct hci_conn *hcon;
3814 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3821 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3823 hcon->state = BT_CLOSED;
3827 hci_dev_unlock(hdev);
3830 static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3832 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3833 struct hci_conn *conn;
3835 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3839 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
3841 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3843 BT_ERR("No memory for new connection");
3847 conn->dst_type = ev->bdaddr_type;
3849 if (ev->role == LE_CONN_ROLE_MASTER) {
3851 conn->link_mode |= HCI_LM_MASTER;
3856 mgmt_connect_failed(hdev, &conn->dst, conn->type,
3857 conn->dst_type, ev->status);
3858 hci_proto_connect_cfm(conn, ev->status);
3859 conn->state = BT_CLOSED;
3864 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3865 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
3866 conn->dst_type, 0, NULL, 0, NULL);
3868 conn->sec_level = BT_SECURITY_LOW;
3869 conn->handle = __le16_to_cpu(ev->handle);
3870 conn->state = BT_CONNECTED;
3872 hci_conn_hold_device(conn);
3873 hci_conn_add_sysfs(conn);
3875 hci_proto_connect_cfm(conn, ev->status);
3878 hci_dev_unlock(hdev);
3881 static void hci_le_adv_report_evt(struct hci_dev *hdev, struct sk_buff *skb)
3883 u8 num_reports = skb->data[0];
3884 void *ptr = &skb->data[1];
3889 while (num_reports--) {
3890 struct hci_ev_le_advertising_info *ev = ptr;
3892 rssi = ev->data[ev->length];
3893 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
3894 NULL, rssi, 0, 1, ev->data, ev->length);
3896 ptr += sizeof(*ev) + ev->length + 1;
3899 hci_dev_unlock(hdev);
3902 static void hci_le_ltk_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
3904 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3905 struct hci_cp_le_ltk_reply cp;
3906 struct hci_cp_le_ltk_neg_reply neg;
3907 struct hci_conn *conn;
3908 struct smp_ltk *ltk;
3910 BT_DBG("%s handle 0x%4.4x", hdev->name, __le16_to_cpu(ev->handle));
3914 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3918 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3922 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
3923 cp.handle = cpu_to_le16(conn->handle);
3925 if (ltk->authenticated)
3926 conn->sec_level = BT_SECURITY_HIGH;
3928 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3930 if (ltk->type & HCI_SMP_STK) {
3931 list_del(<k->list);
3935 hci_dev_unlock(hdev);
3940 neg.handle = ev->handle;
3941 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3942 hci_dev_unlock(hdev);
3945 static void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
3947 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3949 skb_pull(skb, sizeof(*le_ev));
3951 switch (le_ev->subevent) {
3952 case HCI_EV_LE_CONN_COMPLETE:
3953 hci_le_conn_complete_evt(hdev, skb);
3956 case HCI_EV_LE_ADVERTISING_REPORT:
3957 hci_le_adv_report_evt(hdev, skb);
3960 case HCI_EV_LE_LTK_REQ:
3961 hci_le_ltk_request_evt(hdev, skb);
3969 static void hci_chan_selected_evt(struct hci_dev *hdev, struct sk_buff *skb)
3971 struct hci_ev_channel_selected *ev = (void *) skb->data;
3972 struct hci_conn *hcon;
3974 BT_DBG("%s handle 0x%2.2x", hdev->name, ev->phy_handle);
3976 skb_pull(skb, sizeof(*ev));
3978 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3982 amp_read_loc_assoc_final_data(hdev, hcon);
3985 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3987 struct hci_event_hdr *hdr = (void *) skb->data;
3988 __u8 event = hdr->evt;
3990 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3993 case HCI_EV_INQUIRY_COMPLETE:
3994 hci_inquiry_complete_evt(hdev, skb);
3997 case HCI_EV_INQUIRY_RESULT:
3998 hci_inquiry_result_evt(hdev, skb);
4001 case HCI_EV_CONN_COMPLETE:
4002 hci_conn_complete_evt(hdev, skb);
4005 case HCI_EV_CONN_REQUEST:
4006 hci_conn_request_evt(hdev, skb);
4009 case HCI_EV_DISCONN_COMPLETE:
4010 hci_disconn_complete_evt(hdev, skb);
4013 case HCI_EV_AUTH_COMPLETE:
4014 hci_auth_complete_evt(hdev, skb);
4017 case HCI_EV_REMOTE_NAME:
4018 hci_remote_name_evt(hdev, skb);
4021 case HCI_EV_ENCRYPT_CHANGE:
4022 hci_encrypt_change_evt(hdev, skb);
4025 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
4026 hci_change_link_key_complete_evt(hdev, skb);
4029 case HCI_EV_REMOTE_FEATURES:
4030 hci_remote_features_evt(hdev, skb);
4033 case HCI_EV_REMOTE_VERSION:
4034 hci_remote_version_evt(hdev, skb);
4037 case HCI_EV_QOS_SETUP_COMPLETE:
4038 hci_qos_setup_complete_evt(hdev, skb);
4041 case HCI_EV_CMD_COMPLETE:
4042 hci_cmd_complete_evt(hdev, skb);
4045 case HCI_EV_CMD_STATUS:
4046 hci_cmd_status_evt(hdev, skb);
4049 case HCI_EV_ROLE_CHANGE:
4050 hci_role_change_evt(hdev, skb);
4053 case HCI_EV_NUM_COMP_PKTS:
4054 hci_num_comp_pkts_evt(hdev, skb);
4057 case HCI_EV_MODE_CHANGE:
4058 hci_mode_change_evt(hdev, skb);
4061 case HCI_EV_PIN_CODE_REQ:
4062 hci_pin_code_request_evt(hdev, skb);
4065 case HCI_EV_LINK_KEY_REQ:
4066 hci_link_key_request_evt(hdev, skb);
4069 case HCI_EV_LINK_KEY_NOTIFY:
4070 hci_link_key_notify_evt(hdev, skb);
4073 case HCI_EV_CLOCK_OFFSET:
4074 hci_clock_offset_evt(hdev, skb);
4077 case HCI_EV_PKT_TYPE_CHANGE:
4078 hci_pkt_type_change_evt(hdev, skb);
4081 case HCI_EV_PSCAN_REP_MODE:
4082 hci_pscan_rep_mode_evt(hdev, skb);
4085 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
4086 hci_inquiry_result_with_rssi_evt(hdev, skb);
4089 case HCI_EV_REMOTE_EXT_FEATURES:
4090 hci_remote_ext_features_evt(hdev, skb);
4093 case HCI_EV_SYNC_CONN_COMPLETE:
4094 hci_sync_conn_complete_evt(hdev, skb);
4097 case HCI_EV_SYNC_CONN_CHANGED:
4098 hci_sync_conn_changed_evt(hdev, skb);
4101 case HCI_EV_SNIFF_SUBRATE:
4102 hci_sniff_subrate_evt(hdev, skb);
4105 case HCI_EV_EXTENDED_INQUIRY_RESULT:
4106 hci_extended_inquiry_result_evt(hdev, skb);
4109 case HCI_EV_KEY_REFRESH_COMPLETE:
4110 hci_key_refresh_complete_evt(hdev, skb);
4113 case HCI_EV_IO_CAPA_REQUEST:
4114 hci_io_capa_request_evt(hdev, skb);
4117 case HCI_EV_IO_CAPA_REPLY:
4118 hci_io_capa_reply_evt(hdev, skb);
4121 case HCI_EV_USER_CONFIRM_REQUEST:
4122 hci_user_confirm_request_evt(hdev, skb);
4125 case HCI_EV_USER_PASSKEY_REQUEST:
4126 hci_user_passkey_request_evt(hdev, skb);
4129 case HCI_EV_USER_PASSKEY_NOTIFY:
4130 hci_user_passkey_notify_evt(hdev, skb);
4133 case HCI_EV_KEYPRESS_NOTIFY:
4134 hci_keypress_notify_evt(hdev, skb);
4137 case HCI_EV_SIMPLE_PAIR_COMPLETE:
4138 hci_simple_pair_complete_evt(hdev, skb);
4141 case HCI_EV_REMOTE_HOST_FEATURES:
4142 hci_remote_host_features_evt(hdev, skb);
4145 case HCI_EV_LE_META:
4146 hci_le_meta_evt(hdev, skb);
4149 case HCI_EV_CHANNEL_SELECTED:
4150 hci_chan_selected_evt(hdev, skb);
4153 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
4154 hci_remote_oob_data_request_evt(hdev, skb);
4157 case HCI_EV_PHY_LINK_COMPLETE:
4158 hci_phy_link_complete_evt(hdev, skb);
4161 case HCI_EV_LOGICAL_LINK_COMPLETE:
4162 hci_loglink_complete_evt(hdev, skb);
4165 case HCI_EV_DISCONN_LOGICAL_LINK_COMPLETE:
4166 hci_disconn_loglink_complete_evt(hdev, skb);
4169 case HCI_EV_DISCONN_PHY_LINK_COMPLETE:
4170 hci_disconn_phylink_complete_evt(hdev, skb);
4173 case HCI_EV_NUM_COMP_BLOCKS:
4174 hci_num_comp_blocks_evt(hdev, skb);
4178 BT_DBG("%s event 0x%2.2x", hdev->name, event);
4183 hdev->stat.evt_rx++;
projects / ~andy / linux / blob