2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 /* Bluetooth HCI Management interface */
25 #include <linux/kernel.h>
26 #include <linux/uaccess.h>
27 #include <asm/unaligned.h>
29 #include <net/bluetooth/bluetooth.h>
30 #include <net/bluetooth/hci_core.h>
31 #include <net/bluetooth/mgmt.h>
33 #define MGMT_VERSION 0
34 #define MGMT_REVISION 1
36 #define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
39 struct list_head list;
47 /* HCI to MGMT error code conversion table */
48 static u8 mgmt_status_table[] = {
50 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
51 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
52 MGMT_STATUS_FAILED, /* Hardware Failure */
53 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
54 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
55 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
56 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
57 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
58 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
59 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
60 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
61 MGMT_STATUS_BUSY, /* Command Disallowed */
62 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
63 MGMT_STATUS_REJECTED, /* Rejected Security */
64 MGMT_STATUS_REJECTED, /* Rejected Personal */
65 MGMT_STATUS_TIMEOUT, /* Host Timeout */
66 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
67 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
68 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
69 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
70 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
71 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
72 MGMT_STATUS_BUSY, /* Repeated Attempts */
73 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
74 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
75 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
76 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
77 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
78 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
79 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
80 MGMT_STATUS_FAILED, /* Unspecified Error */
81 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
82 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
83 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
84 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
85 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
86 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
87 MGMT_STATUS_FAILED, /* Unit Link Key Used */
88 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
89 MGMT_STATUS_TIMEOUT, /* Instant Passed */
90 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
91 MGMT_STATUS_FAILED, /* Transaction Collision */
92 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
93 MGMT_STATUS_REJECTED, /* QoS Rejected */
94 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
95 MGMT_STATUS_REJECTED, /* Insufficient Security */
96 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
97 MGMT_STATUS_BUSY, /* Role Switch Pending */
98 MGMT_STATUS_FAILED, /* Slot Violation */
99 MGMT_STATUS_FAILED, /* Role Switch Failed */
100 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
101 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
102 MGMT_STATUS_BUSY, /* Host Busy Pairing */
103 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
104 MGMT_STATUS_BUSY, /* Controller Busy */
105 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
106 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
107 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
108 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
109 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
112 static u8 mgmt_status(u8 hci_status)
114 if (hci_status < ARRAY_SIZE(mgmt_status_table))
115 return mgmt_status_table[hci_status];
117 return MGMT_STATUS_FAILED;
120 static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
123 struct mgmt_hdr *hdr;
124 struct mgmt_ev_cmd_status *ev;
127 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
129 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
133 hdr = (void *) skb_put(skb, sizeof(*hdr));
135 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
136 hdr->index = cpu_to_le16(index);
137 hdr->len = cpu_to_le16(sizeof(*ev));
139 ev = (void *) skb_put(skb, sizeof(*ev));
141 put_unaligned_le16(cmd, &ev->opcode);
143 err = sock_queue_rcv_skb(sk, skb);
150 static int cmd_complete(struct sock *sk, u16 index, u16 cmd, void *rp,
154 struct mgmt_hdr *hdr;
155 struct mgmt_ev_cmd_complete *ev;
158 BT_DBG("sock %p", sk);
160 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
164 hdr = (void *) skb_put(skb, sizeof(*hdr));
166 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
167 hdr->index = cpu_to_le16(index);
168 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
170 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
171 put_unaligned_le16(cmd, &ev->opcode);
174 memcpy(ev->data, rp, rp_len);
176 err = sock_queue_rcv_skb(sk, skb);
183 static int read_version(struct sock *sk)
185 struct mgmt_rp_read_version rp;
187 BT_DBG("sock %p", sk);
189 rp.version = MGMT_VERSION;
190 put_unaligned_le16(MGMT_REVISION, &rp.revision);
192 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, &rp,
196 static int read_index_list(struct sock *sk)
198 struct mgmt_rp_read_index_list *rp;
205 BT_DBG("sock %p", sk);
207 read_lock(&hci_dev_list_lock);
210 list_for_each(p, &hci_dev_list) {
214 rp_len = sizeof(*rp) + (2 * count);
215 rp = kmalloc(rp_len, GFP_ATOMIC);
217 read_unlock(&hci_dev_list_lock);
221 put_unaligned_le16(count, &rp->num_controllers);
224 list_for_each_entry(d, &hci_dev_list, list) {
225 if (test_and_clear_bit(HCI_AUTO_OFF, &d->flags))
226 cancel_delayed_work(&d->power_off);
228 if (test_bit(HCI_SETUP, &d->flags))
231 put_unaligned_le16(d->id, &rp->index[i++]);
232 BT_DBG("Added hci%u", d->id);
235 read_unlock(&hci_dev_list_lock);
237 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, rp,
245 static u32 get_supported_settings(struct hci_dev *hdev)
249 settings |= MGMT_SETTING_POWERED;
250 settings |= MGMT_SETTING_CONNECTABLE;
251 settings |= MGMT_SETTING_FAST_CONNECTABLE;
252 settings |= MGMT_SETTING_DISCOVERABLE;
253 settings |= MGMT_SETTING_PAIRABLE;
255 if (hdev->features[6] & LMP_SIMPLE_PAIR)
256 settings |= MGMT_SETTING_SSP;
258 if (!(hdev->features[4] & LMP_NO_BREDR)) {
259 settings |= MGMT_SETTING_BREDR;
260 settings |= MGMT_SETTING_LINK_SECURITY;
263 if (hdev->features[4] & LMP_LE)
264 settings |= MGMT_SETTING_LE;
269 static u32 get_current_settings(struct hci_dev *hdev)
273 if (test_bit(HCI_UP, &hdev->flags))
274 settings |= MGMT_SETTING_POWERED;
278 if (test_bit(HCI_PSCAN, &hdev->flags))
279 settings |= MGMT_SETTING_CONNECTABLE;
281 if (test_bit(HCI_ISCAN, &hdev->flags))
282 settings |= MGMT_SETTING_DISCOVERABLE;
284 if (test_bit(HCI_PAIRABLE, &hdev->flags))
285 settings |= MGMT_SETTING_PAIRABLE;
287 if (!(hdev->features[4] & LMP_NO_BREDR))
288 settings |= MGMT_SETTING_BREDR;
290 if (hdev->extfeatures[0] & LMP_HOST_LE)
291 settings |= MGMT_SETTING_LE;
293 if (test_bit(HCI_AUTH, &hdev->flags))
294 settings |= MGMT_SETTING_LINK_SECURITY;
296 if (hdev->ssp_mode > 0)
297 settings |= MGMT_SETTING_SSP;
302 static int read_controller_info(struct sock *sk, u16 index)
304 struct mgmt_rp_read_info rp;
305 struct hci_dev *hdev;
307 BT_DBG("sock %p hci%u", sk, index);
309 hdev = hci_dev_get(index);
311 return cmd_status(sk, index, MGMT_OP_READ_INFO,
312 MGMT_STATUS_INVALID_PARAMS);
314 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->flags))
315 cancel_delayed_work_sync(&hdev->power_off);
319 if (test_and_clear_bit(HCI_PI_MGMT_INIT, &hci_pi(sk)->flags)) {
320 set_bit(HCI_MGMT, &hdev->flags);
321 set_bit(HCI_SERVICE_CACHE, &hdev->flags);
324 memset(&rp, 0, sizeof(rp));
326 bacpy(&rp.bdaddr, &hdev->bdaddr);
328 rp.version = hdev->hci_ver;
330 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
332 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
333 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
335 memcpy(rp.dev_class, hdev->dev_class, 3);
337 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
339 hci_dev_unlock(hdev);
342 return cmd_complete(sk, index, MGMT_OP_READ_INFO, &rp, sizeof(rp));
345 static void mgmt_pending_free(struct pending_cmd *cmd)
352 static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
353 struct hci_dev *hdev,
356 struct pending_cmd *cmd;
358 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
362 cmd->opcode = opcode;
363 cmd->index = hdev->id;
365 cmd->param = kmalloc(len, GFP_ATOMIC);
372 memcpy(cmd->param, data, len);
377 list_add(&cmd->list, &hdev->mgmt_pending);
382 static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
383 void (*cb)(struct pending_cmd *cmd, void *data),
386 struct list_head *p, *n;
388 list_for_each_safe(p, n, &hdev->mgmt_pending) {
389 struct pending_cmd *cmd;
391 cmd = list_entry(p, struct pending_cmd, list);
393 if (opcode > 0 && cmd->opcode != opcode)
400 static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
402 struct pending_cmd *cmd;
404 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
405 if (cmd->opcode == opcode)
412 static void mgmt_pending_remove(struct pending_cmd *cmd)
414 list_del(&cmd->list);
415 mgmt_pending_free(cmd);
418 static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
420 __le32 settings = cpu_to_le32(get_current_settings(hdev));
422 return cmd_complete(sk, hdev->id, opcode, &settings, sizeof(settings));
425 static int set_powered(struct sock *sk, u16 index, unsigned char *data, u16 len)
427 struct mgmt_mode *cp;
428 struct hci_dev *hdev;
429 struct pending_cmd *cmd;
434 BT_DBG("request for hci%u", index);
436 if (len != sizeof(*cp))
437 return cmd_status(sk, index, MGMT_OP_SET_POWERED,
438 MGMT_STATUS_INVALID_PARAMS);
440 hdev = hci_dev_get(index);
442 return cmd_status(sk, index, MGMT_OP_SET_POWERED,
443 MGMT_STATUS_INVALID_PARAMS);
447 up = test_bit(HCI_UP, &hdev->flags);
448 if ((cp->val && up) || (!cp->val && !up)) {
449 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
453 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
454 err = cmd_status(sk, index, MGMT_OP_SET_POWERED,
459 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
466 schedule_work(&hdev->power_on);
468 schedule_work(&hdev->power_off.work);
473 hci_dev_unlock(hdev);
478 static int set_discoverable(struct sock *sk, u16 index, unsigned char *data,
481 struct mgmt_cp_set_discoverable *cp;
482 struct hci_dev *hdev;
483 struct pending_cmd *cmd;
489 BT_DBG("request for hci%u", index);
491 if (len != sizeof(*cp))
492 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
493 MGMT_STATUS_INVALID_PARAMS);
495 hdev = hci_dev_get(index);
497 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
498 MGMT_STATUS_INVALID_PARAMS);
502 if (!test_bit(HCI_UP, &hdev->flags)) {
503 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
504 MGMT_STATUS_NOT_POWERED);
508 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
509 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
510 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
515 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
516 test_bit(HCI_PSCAN, &hdev->flags)) {
517 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
521 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
530 scan |= SCAN_INQUIRY;
532 cancel_delayed_work(&hdev->discov_off);
534 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
536 mgmt_pending_remove(cmd);
539 hdev->discov_timeout = get_unaligned_le16(&cp->timeout);
542 hci_dev_unlock(hdev);
548 static int set_connectable(struct sock *sk, u16 index, unsigned char *data,
551 struct mgmt_mode *cp;
552 struct hci_dev *hdev;
553 struct pending_cmd *cmd;
559 BT_DBG("request for hci%u", index);
561 if (len != sizeof(*cp))
562 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
563 MGMT_STATUS_INVALID_PARAMS);
565 hdev = hci_dev_get(index);
567 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
568 MGMT_STATUS_INVALID_PARAMS);
572 if (!test_bit(HCI_UP, &hdev->flags)) {
573 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
574 MGMT_STATUS_NOT_POWERED);
578 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
579 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
580 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
585 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
586 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
590 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
601 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
603 mgmt_pending_remove(cmd);
606 hci_dev_unlock(hdev);
612 static int mgmt_event(u16 event, struct hci_dev *hdev, void *data,
613 u16 data_len, struct sock *skip_sk)
616 struct mgmt_hdr *hdr;
618 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
622 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL;
624 hdr = (void *) skb_put(skb, sizeof(*hdr));
625 hdr->opcode = cpu_to_le16(event);
627 hdr->index = cpu_to_le16(hdev->id);
629 hdr->index = cpu_to_le16(MGMT_INDEX_NONE);
630 hdr->len = cpu_to_le16(data_len);
633 memcpy(skb_put(skb, data_len), data, data_len);
635 hci_send_to_sock(NULL, skb, skip_sk);
641 static int set_pairable(struct sock *sk, u16 index, unsigned char *data,
644 struct mgmt_mode *cp;
645 struct hci_dev *hdev;
651 BT_DBG("request for hci%u", index);
653 if (len != sizeof(*cp))
654 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE,
655 MGMT_STATUS_INVALID_PARAMS);
657 hdev = hci_dev_get(index);
659 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE,
660 MGMT_STATUS_INVALID_PARAMS);
665 set_bit(HCI_PAIRABLE, &hdev->flags);
667 clear_bit(HCI_PAIRABLE, &hdev->flags);
669 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
673 ev = cpu_to_le32(get_current_settings(hdev));
675 err = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), sk);
678 hci_dev_unlock(hdev);
684 #define EIR_FLAGS 0x01 /* flags */
685 #define EIR_UUID16_SOME 0x02 /* 16-bit UUID, more available */
686 #define EIR_UUID16_ALL 0x03 /* 16-bit UUID, all listed */
687 #define EIR_UUID32_SOME 0x04 /* 32-bit UUID, more available */
688 #define EIR_UUID32_ALL 0x05 /* 32-bit UUID, all listed */
689 #define EIR_UUID128_SOME 0x06 /* 128-bit UUID, more available */
690 #define EIR_UUID128_ALL 0x07 /* 128-bit UUID, all listed */
691 #define EIR_NAME_SHORT 0x08 /* shortened local name */
692 #define EIR_NAME_COMPLETE 0x09 /* complete local name */
693 #define EIR_TX_POWER 0x0A /* transmit power level */
694 #define EIR_DEVICE_ID 0x10 /* device ID */
696 #define PNP_INFO_SVCLASS_ID 0x1200
698 static u8 bluetooth_base_uuid[] = {
699 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
700 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
703 static u16 get_uuid16(u8 *uuid128)
708 for (i = 0; i < 12; i++) {
709 if (bluetooth_base_uuid[i] != uuid128[i])
713 memcpy(&val, &uuid128[12], 4);
715 val = le32_to_cpu(val);
722 static void create_eir(struct hci_dev *hdev, u8 *data)
726 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
727 int i, truncated = 0;
728 struct bt_uuid *uuid;
731 name_len = strlen(hdev->dev_name);
737 ptr[1] = EIR_NAME_SHORT;
739 ptr[1] = EIR_NAME_COMPLETE;
741 /* EIR Data length */
742 ptr[0] = name_len + 1;
744 memcpy(ptr + 2, hdev->dev_name, name_len);
746 eir_len += (name_len + 2);
747 ptr += (name_len + 2);
750 memset(uuid16_list, 0, sizeof(uuid16_list));
752 /* Group all UUID16 types */
753 list_for_each_entry(uuid, &hdev->uuids, list) {
756 uuid16 = get_uuid16(uuid->uuid);
763 if (uuid16 == PNP_INFO_SVCLASS_ID)
766 /* Stop if not enough space to put next UUID */
767 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
772 /* Check for duplicates */
773 for (i = 0; uuid16_list[i] != 0; i++)
774 if (uuid16_list[i] == uuid16)
777 if (uuid16_list[i] == 0) {
778 uuid16_list[i] = uuid16;
779 eir_len += sizeof(u16);
783 if (uuid16_list[0] != 0) {
787 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
792 for (i = 0; uuid16_list[i] != 0; i++) {
793 *ptr++ = (uuid16_list[i] & 0x00ff);
794 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
797 /* EIR Data length */
798 *length = (i * sizeof(u16)) + 1;
802 static int update_eir(struct hci_dev *hdev)
804 struct hci_cp_write_eir cp;
806 if (!(hdev->features[6] & LMP_EXT_INQ))
809 if (hdev->ssp_mode == 0)
812 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
815 memset(&cp, 0, sizeof(cp));
817 create_eir(hdev, cp.data);
819 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
822 memcpy(hdev->eir, cp.data, sizeof(cp.data));
824 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
827 static u8 get_service_classes(struct hci_dev *hdev)
829 struct bt_uuid *uuid;
832 list_for_each_entry(uuid, &hdev->uuids, list)
833 val |= uuid->svc_hint;
838 static int update_class(struct hci_dev *hdev)
842 BT_DBG("%s", hdev->name);
844 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
847 cod[0] = hdev->minor_class;
848 cod[1] = hdev->major_class;
849 cod[2] = get_service_classes(hdev);
851 if (memcmp(cod, hdev->dev_class, 3) == 0)
854 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
857 static int add_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
859 struct mgmt_cp_add_uuid *cp;
860 struct hci_dev *hdev;
861 struct bt_uuid *uuid;
866 BT_DBG("request for hci%u", index);
868 if (len != sizeof(*cp))
869 return cmd_status(sk, index, MGMT_OP_ADD_UUID,
870 MGMT_STATUS_INVALID_PARAMS);
872 hdev = hci_dev_get(index);
874 return cmd_status(sk, index, MGMT_OP_ADD_UUID,
875 MGMT_STATUS_INVALID_PARAMS);
879 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
885 memcpy(uuid->uuid, cp->uuid, 16);
886 uuid->svc_hint = cp->svc_hint;
888 list_add(&uuid->list, &hdev->uuids);
890 err = update_class(hdev);
894 err = update_eir(hdev);
898 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, NULL, 0);
901 hci_dev_unlock(hdev);
907 static int remove_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
909 struct list_head *p, *n;
910 struct mgmt_cp_remove_uuid *cp;
911 struct hci_dev *hdev;
912 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
917 BT_DBG("request for hci%u", index);
919 if (len != sizeof(*cp))
920 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
921 MGMT_STATUS_INVALID_PARAMS);
923 hdev = hci_dev_get(index);
925 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
926 MGMT_STATUS_INVALID_PARAMS);
930 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
931 err = hci_uuids_clear(hdev);
937 list_for_each_safe(p, n, &hdev->uuids) {
938 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
940 if (memcmp(match->uuid, cp->uuid, 16) != 0)
943 list_del(&match->list);
948 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
949 MGMT_STATUS_INVALID_PARAMS);
953 err = update_class(hdev);
957 err = update_eir(hdev);
961 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, NULL, 0);
964 hci_dev_unlock(hdev);
970 static int set_dev_class(struct sock *sk, u16 index, unsigned char *data,
973 struct hci_dev *hdev;
974 struct mgmt_cp_set_dev_class *cp;
979 BT_DBG("request for hci%u", index);
981 if (len != sizeof(*cp))
982 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
983 MGMT_STATUS_INVALID_PARAMS);
985 hdev = hci_dev_get(index);
987 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
988 MGMT_STATUS_INVALID_PARAMS);
992 hdev->major_class = cp->major;
993 hdev->minor_class = cp->minor;
995 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->flags))
998 err = update_class(hdev);
1001 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, NULL, 0);
1003 hci_dev_unlock(hdev);
1009 static int load_link_keys(struct sock *sk, u16 index, unsigned char *data,
1012 struct hci_dev *hdev;
1013 struct mgmt_cp_load_link_keys *cp;
1014 u16 key_count, expected_len;
1019 if (len < sizeof(*cp))
1020 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1021 MGMT_STATUS_INVALID_PARAMS);
1023 key_count = get_unaligned_le16(&cp->key_count);
1025 expected_len = sizeof(*cp) + key_count *
1026 sizeof(struct mgmt_link_key_info);
1027 if (expected_len != len) {
1028 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
1030 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1031 MGMT_STATUS_INVALID_PARAMS);
1034 hdev = hci_dev_get(index);
1036 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1037 MGMT_STATUS_INVALID_PARAMS);
1039 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys,
1044 hci_link_keys_clear(hdev);
1046 set_bit(HCI_LINK_KEYS, &hdev->flags);
1049 set_bit(HCI_DEBUG_KEYS, &hdev->flags);
1051 clear_bit(HCI_DEBUG_KEYS, &hdev->flags);
1053 for (i = 0; i < key_count; i++) {
1054 struct mgmt_link_key_info *key = &cp->keys[i];
1056 hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type,
1060 cmd_complete(sk, index, MGMT_OP_LOAD_LINK_KEYS, NULL, 0);
1062 hci_dev_unlock(hdev);
1068 static int remove_keys(struct sock *sk, u16 index, unsigned char *data,
1071 struct hci_dev *hdev;
1072 struct mgmt_cp_remove_keys *cp;
1073 struct mgmt_rp_remove_keys rp;
1074 struct hci_cp_disconnect dc;
1075 struct pending_cmd *cmd;
1076 struct hci_conn *conn;
1081 if (len != sizeof(*cp))
1082 return cmd_status(sk, index, MGMT_OP_REMOVE_KEYS,
1083 MGMT_STATUS_INVALID_PARAMS);
1085 hdev = hci_dev_get(index);
1087 return cmd_status(sk, index, MGMT_OP_REMOVE_KEYS,
1088 MGMT_STATUS_INVALID_PARAMS);
1092 memset(&rp, 0, sizeof(rp));
1093 bacpy(&rp.bdaddr, &cp->bdaddr);
1094 rp.status = MGMT_STATUS_FAILED;
1096 err = hci_remove_link_key(hdev, &cp->bdaddr);
1098 rp.status = MGMT_STATUS_NOT_PAIRED;
1102 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect) {
1103 err = cmd_complete(sk, index, MGMT_OP_REMOVE_KEYS, &rp,
1108 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1110 err = cmd_complete(sk, index, MGMT_OP_REMOVE_KEYS, &rp,
1115 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_KEYS, hdev, cp, sizeof(*cp));
1121 put_unaligned_le16(conn->handle, &dc.handle);
1122 dc.reason = 0x13; /* Remote User Terminated Connection */
1123 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1125 mgmt_pending_remove(cmd);
1129 err = cmd_complete(sk, index, MGMT_OP_REMOVE_KEYS, &rp,
1131 hci_dev_unlock(hdev);
1137 static int disconnect(struct sock *sk, u16 index, unsigned char *data, u16 len)
1139 struct hci_dev *hdev;
1140 struct mgmt_cp_disconnect *cp;
1141 struct hci_cp_disconnect dc;
1142 struct pending_cmd *cmd;
1143 struct hci_conn *conn;
1150 if (len != sizeof(*cp))
1151 return cmd_status(sk, index, MGMT_OP_DISCONNECT,
1152 MGMT_STATUS_INVALID_PARAMS);
1154 hdev = hci_dev_get(index);
1156 return cmd_status(sk, index, MGMT_OP_DISCONNECT,
1157 MGMT_STATUS_INVALID_PARAMS);
1161 if (!test_bit(HCI_UP, &hdev->flags)) {
1162 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1163 MGMT_STATUS_NOT_POWERED);
1167 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
1168 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1173 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1175 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->bdaddr);
1178 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1179 MGMT_STATUS_NOT_CONNECTED);
1183 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
1189 put_unaligned_le16(conn->handle, &dc.handle);
1190 dc.reason = 0x13; /* Remote User Terminated Connection */
1192 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1194 mgmt_pending_remove(cmd);
1197 hci_dev_unlock(hdev);
1203 static u8 link_to_mgmt(u8 link_type, u8 addr_type)
1205 switch (link_type) {
1207 switch (addr_type) {
1208 case ADDR_LE_DEV_PUBLIC:
1209 return MGMT_ADDR_LE_PUBLIC;
1210 case ADDR_LE_DEV_RANDOM:
1211 return MGMT_ADDR_LE_RANDOM;
1213 return MGMT_ADDR_INVALID;
1216 return MGMT_ADDR_BREDR;
1218 return MGMT_ADDR_INVALID;
1222 static int get_connections(struct sock *sk, u16 index)
1224 struct mgmt_rp_get_connections *rp;
1225 struct hci_dev *hdev;
1227 struct list_head *p;
1234 hdev = hci_dev_get(index);
1236 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS,
1237 MGMT_STATUS_INVALID_PARAMS);
1242 list_for_each(p, &hdev->conn_hash.list) {
1246 rp_len = sizeof(*rp) + (count * sizeof(struct mgmt_addr_info));
1247 rp = kmalloc(rp_len, GFP_ATOMIC);
1253 put_unaligned_le16(count, &rp->conn_count);
1256 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1257 bacpy(&rp->addr[i].bdaddr, &c->dst);
1258 rp->addr[i].type = link_to_mgmt(c->type, c->dst_type);
1259 if (rp->addr[i].type == MGMT_ADDR_INVALID)
1264 /* Recalculate length in case of filtered SCO connections, etc */
1265 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
1267 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, rp, rp_len);
1271 hci_dev_unlock(hdev);
1276 static int send_pin_code_neg_reply(struct sock *sk, u16 index,
1277 struct hci_dev *hdev, struct mgmt_cp_pin_code_neg_reply *cp)
1279 struct pending_cmd *cmd;
1282 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
1287 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, sizeof(cp->bdaddr),
1290 mgmt_pending_remove(cmd);
1295 static int pin_code_reply(struct sock *sk, u16 index, unsigned char *data,
1298 struct hci_dev *hdev;
1299 struct hci_conn *conn;
1300 struct mgmt_cp_pin_code_reply *cp;
1301 struct mgmt_cp_pin_code_neg_reply ncp;
1302 struct hci_cp_pin_code_reply reply;
1303 struct pending_cmd *cmd;
1310 if (len != sizeof(*cp))
1311 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1312 MGMT_STATUS_INVALID_PARAMS);
1314 hdev = hci_dev_get(index);
1316 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1317 MGMT_STATUS_INVALID_PARAMS);
1321 if (!test_bit(HCI_UP, &hdev->flags)) {
1322 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1323 MGMT_STATUS_NOT_POWERED);
1327 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1329 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1330 MGMT_STATUS_NOT_CONNECTED);
1334 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
1335 bacpy(&ncp.bdaddr, &cp->bdaddr);
1337 BT_ERR("PIN code is not 16 bytes long");
1339 err = send_pin_code_neg_reply(sk, index, hdev, &ncp);
1341 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1342 MGMT_STATUS_INVALID_PARAMS);
1347 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
1353 bacpy(&reply.bdaddr, &cp->bdaddr);
1354 reply.pin_len = cp->pin_len;
1355 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
1357 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1359 mgmt_pending_remove(cmd);
1362 hci_dev_unlock(hdev);
1368 static int pin_code_neg_reply(struct sock *sk, u16 index, unsigned char *data,
1371 struct hci_dev *hdev;
1372 struct mgmt_cp_pin_code_neg_reply *cp;
1379 if (len != sizeof(*cp))
1380 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1381 MGMT_STATUS_INVALID_PARAMS);
1383 hdev = hci_dev_get(index);
1385 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1386 MGMT_STATUS_INVALID_PARAMS);
1390 if (!test_bit(HCI_UP, &hdev->flags)) {
1391 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1392 MGMT_STATUS_NOT_POWERED);
1396 err = send_pin_code_neg_reply(sk, index, hdev, cp);
1399 hci_dev_unlock(hdev);
1405 static int set_io_capability(struct sock *sk, u16 index, unsigned char *data,
1408 struct hci_dev *hdev;
1409 struct mgmt_cp_set_io_capability *cp;
1415 if (len != sizeof(*cp))
1416 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY,
1417 MGMT_STATUS_INVALID_PARAMS);
1419 hdev = hci_dev_get(index);
1421 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY,
1422 MGMT_STATUS_INVALID_PARAMS);
1426 hdev->io_capability = cp->io_capability;
1428 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
1429 hdev->io_capability);
1431 hci_dev_unlock(hdev);
1434 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, NULL, 0);
1437 static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1439 struct hci_dev *hdev = conn->hdev;
1440 struct pending_cmd *cmd;
1442 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
1443 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1446 if (cmd->user_data != conn)
1455 static void pairing_complete(struct pending_cmd *cmd, u8 status)
1457 struct mgmt_rp_pair_device rp;
1458 struct hci_conn *conn = cmd->user_data;
1460 bacpy(&rp.addr.bdaddr, &conn->dst);
1461 rp.addr.type = link_to_mgmt(conn->type, conn->dst_type);
1464 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, &rp, sizeof(rp));
1466 /* So we don't get further callbacks for this connection */
1467 conn->connect_cfm_cb = NULL;
1468 conn->security_cfm_cb = NULL;
1469 conn->disconn_cfm_cb = NULL;
1473 mgmt_pending_remove(cmd);
1476 static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1478 struct pending_cmd *cmd;
1480 BT_DBG("status %u", status);
1482 cmd = find_pairing(conn);
1484 BT_DBG("Unable to find a pending command");
1486 pairing_complete(cmd, status);
1489 static int pair_device(struct sock *sk, u16 index, unsigned char *data, u16 len)
1491 struct hci_dev *hdev;
1492 struct mgmt_cp_pair_device *cp;
1493 struct mgmt_rp_pair_device rp;
1494 struct pending_cmd *cmd;
1495 u8 sec_level, auth_type;
1496 struct hci_conn *conn;
1503 if (len != sizeof(*cp))
1504 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
1505 MGMT_STATUS_INVALID_PARAMS);
1507 hdev = hci_dev_get(index);
1509 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
1510 MGMT_STATUS_INVALID_PARAMS);
1514 sec_level = BT_SECURITY_MEDIUM;
1515 if (cp->io_cap == 0x03)
1516 auth_type = HCI_AT_DEDICATED_BONDING;
1518 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
1520 if (cp->addr.type == MGMT_ADDR_BREDR)
1521 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr, sec_level,
1524 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr, sec_level,
1527 memset(&rp, 0, sizeof(rp));
1528 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1529 rp.addr.type = cp->addr.type;
1532 rp.status = -PTR_ERR(conn);
1533 err = cmd_complete(sk, index, MGMT_OP_PAIR_DEVICE,
1538 if (conn->connect_cfm_cb) {
1541 err = cmd_complete(sk, index, MGMT_OP_PAIR_DEVICE,
1546 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
1553 /* For LE, just connecting isn't a proof that the pairing finished */
1554 if (cp->addr.type == MGMT_ADDR_BREDR)
1555 conn->connect_cfm_cb = pairing_complete_cb;
1557 conn->security_cfm_cb = pairing_complete_cb;
1558 conn->disconn_cfm_cb = pairing_complete_cb;
1559 conn->io_capability = cp->io_cap;
1560 cmd->user_data = conn;
1562 if (conn->state == BT_CONNECTED &&
1563 hci_conn_security(conn, sec_level, auth_type))
1564 pairing_complete(cmd, 0);
1569 hci_dev_unlock(hdev);
1575 static int user_pairing_resp(struct sock *sk, u16 index, bdaddr_t *bdaddr,
1576 u16 mgmt_op, u16 hci_op, __le32 passkey)
1578 struct pending_cmd *cmd;
1579 struct hci_dev *hdev;
1580 struct hci_conn *conn;
1583 hdev = hci_dev_get(index);
1585 return cmd_status(sk, index, mgmt_op,
1586 MGMT_STATUS_INVALID_PARAMS);
1590 if (!test_bit(HCI_UP, &hdev->flags)) {
1591 err = cmd_status(sk, index, mgmt_op, MGMT_STATUS_NOT_POWERED);
1596 * Check for an existing ACL link, if present pair via
1599 * If no ACL link is present, check for an LE link and if
1600 * present, pair via the SMP engine.
1602 * If neither ACL nor LE links are present, fail with error.
1604 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, bdaddr);
1606 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, bdaddr);
1608 err = cmd_status(sk, index, mgmt_op,
1609 MGMT_STATUS_NOT_CONNECTED);
1613 /* Continue with pairing via SMP */
1615 err = cmd_status(sk, index, mgmt_op, MGMT_STATUS_SUCCESS);
1619 cmd = mgmt_pending_add(sk, mgmt_op, hdev, bdaddr, sizeof(*bdaddr));
1625 /* Continue with pairing via HCI */
1626 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
1627 struct hci_cp_user_passkey_reply cp;
1629 bacpy(&cp.bdaddr, bdaddr);
1630 cp.passkey = passkey;
1631 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
1633 err = hci_send_cmd(hdev, hci_op, sizeof(*bdaddr), bdaddr);
1636 mgmt_pending_remove(cmd);
1639 hci_dev_unlock(hdev);
1645 static int user_confirm_reply(struct sock *sk, u16 index, void *data, u16 len)
1647 struct mgmt_cp_user_confirm_reply *cp = (void *) data;
1651 if (len != sizeof(*cp))
1652 return cmd_status(sk, index, MGMT_OP_USER_CONFIRM_REPLY,
1653 MGMT_STATUS_INVALID_PARAMS);
1655 return user_pairing_resp(sk, index, &cp->bdaddr,
1656 MGMT_OP_USER_CONFIRM_REPLY,
1657 HCI_OP_USER_CONFIRM_REPLY, 0);
1660 static int user_confirm_neg_reply(struct sock *sk, u16 index, void *data,
1663 struct mgmt_cp_user_confirm_reply *cp = (void *) data;
1667 if (len != sizeof(*cp))
1668 return cmd_status(sk, index, MGMT_OP_USER_CONFIRM_NEG_REPLY,
1669 MGMT_STATUS_INVALID_PARAMS);
1671 return user_pairing_resp(sk, index, &cp->bdaddr,
1672 MGMT_OP_USER_CONFIRM_NEG_REPLY,
1673 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
1676 static int user_passkey_reply(struct sock *sk, u16 index, void *data, u16 len)
1678 struct mgmt_cp_user_passkey_reply *cp = (void *) data;
1682 if (len != sizeof(*cp))
1683 return cmd_status(sk, index, MGMT_OP_USER_PASSKEY_REPLY,
1686 return user_pairing_resp(sk, index, &cp->bdaddr,
1687 MGMT_OP_USER_PASSKEY_REPLY,
1688 HCI_OP_USER_PASSKEY_REPLY, cp->passkey);
1691 static int user_passkey_neg_reply(struct sock *sk, u16 index, void *data,
1694 struct mgmt_cp_user_passkey_neg_reply *cp = (void *) data;
1698 if (len != sizeof(*cp))
1699 return cmd_status(sk, index, MGMT_OP_USER_PASSKEY_NEG_REPLY,
1702 return user_pairing_resp(sk, index, &cp->bdaddr,
1703 MGMT_OP_USER_PASSKEY_NEG_REPLY,
1704 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
1707 static int set_local_name(struct sock *sk, u16 index, unsigned char *data,
1710 struct mgmt_cp_set_local_name *mgmt_cp = (void *) data;
1711 struct hci_cp_write_local_name hci_cp;
1712 struct hci_dev *hdev;
1713 struct pending_cmd *cmd;
1718 if (len != sizeof(*mgmt_cp))
1719 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME,
1720 MGMT_STATUS_INVALID_PARAMS);
1722 hdev = hci_dev_get(index);
1724 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME,
1725 MGMT_STATUS_INVALID_PARAMS);
1729 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
1735 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name));
1736 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp),
1739 mgmt_pending_remove(cmd);
1742 hci_dev_unlock(hdev);
1748 static int read_local_oob_data(struct sock *sk, u16 index)
1750 struct hci_dev *hdev;
1751 struct pending_cmd *cmd;
1754 BT_DBG("hci%u", index);
1756 hdev = hci_dev_get(index);
1758 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1759 MGMT_STATUS_INVALID_PARAMS);
1763 if (!test_bit(HCI_UP, &hdev->flags)) {
1764 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1765 MGMT_STATUS_NOT_POWERED);
1769 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
1770 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1771 MGMT_STATUS_NOT_SUPPORTED);
1775 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
1776 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1781 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
1787 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
1789 mgmt_pending_remove(cmd);
1792 hci_dev_unlock(hdev);
1798 static int add_remote_oob_data(struct sock *sk, u16 index, unsigned char *data,
1801 struct hci_dev *hdev;
1802 struct mgmt_cp_add_remote_oob_data *cp = (void *) data;
1805 BT_DBG("hci%u ", index);
1807 if (len != sizeof(*cp))
1808 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1809 MGMT_STATUS_INVALID_PARAMS);
1811 hdev = hci_dev_get(index);
1813 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1814 MGMT_STATUS_INVALID_PARAMS);
1818 err = hci_add_remote_oob_data(hdev, &cp->bdaddr, cp->hash,
1821 err = cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1822 MGMT_STATUS_FAILED);
1824 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, NULL,
1827 hci_dev_unlock(hdev);
1833 static int remove_remote_oob_data(struct sock *sk, u16 index,
1834 unsigned char *data, u16 len)
1836 struct hci_dev *hdev;
1837 struct mgmt_cp_remove_remote_oob_data *cp = (void *) data;
1840 BT_DBG("hci%u ", index);
1842 if (len != sizeof(*cp))
1843 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1844 MGMT_STATUS_INVALID_PARAMS);
1846 hdev = hci_dev_get(index);
1848 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1849 MGMT_STATUS_INVALID_PARAMS);
1853 err = hci_remove_remote_oob_data(hdev, &cp->bdaddr);
1855 err = cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1856 MGMT_STATUS_INVALID_PARAMS);
1858 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1861 hci_dev_unlock(hdev);
1867 static int start_discovery(struct sock *sk, u16 index,
1868 unsigned char *data, u16 len)
1870 struct mgmt_cp_start_discovery *cp = (void *) data;
1871 struct pending_cmd *cmd;
1872 struct hci_dev *hdev;
1875 BT_DBG("hci%u", index);
1877 if (len != sizeof(*cp))
1878 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
1879 MGMT_STATUS_INVALID_PARAMS);
1881 hdev = hci_dev_get(index);
1883 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
1884 MGMT_STATUS_INVALID_PARAMS);
1888 if (!test_bit(HCI_UP, &hdev->flags)) {
1889 err = cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
1890 MGMT_STATUS_NOT_POWERED);
1894 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
1900 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
1902 mgmt_pending_remove(cmd);
1905 hci_dev_unlock(hdev);
1911 static int stop_discovery(struct sock *sk, u16 index)
1913 struct hci_dev *hdev;
1914 struct pending_cmd *cmd;
1917 BT_DBG("hci%u", index);
1919 hdev = hci_dev_get(index);
1921 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY,
1922 MGMT_STATUS_INVALID_PARAMS);
1926 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
1932 err = hci_cancel_inquiry(hdev);
1934 mgmt_pending_remove(cmd);
1937 hci_dev_unlock(hdev);
1943 static int block_device(struct sock *sk, u16 index, unsigned char *data,
1946 struct hci_dev *hdev;
1947 struct mgmt_cp_block_device *cp = (void *) data;
1950 BT_DBG("hci%u", index);
1952 if (len != sizeof(*cp))
1953 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1954 MGMT_STATUS_INVALID_PARAMS);
1956 hdev = hci_dev_get(index);
1958 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1959 MGMT_STATUS_INVALID_PARAMS);
1963 err = hci_blacklist_add(hdev, &cp->bdaddr);
1965 err = cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1966 MGMT_STATUS_FAILED);
1968 err = cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE,
1971 hci_dev_unlock(hdev);
1977 static int unblock_device(struct sock *sk, u16 index, unsigned char *data,
1980 struct hci_dev *hdev;
1981 struct mgmt_cp_unblock_device *cp = (void *) data;
1984 BT_DBG("hci%u", index);
1986 if (len != sizeof(*cp))
1987 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1988 MGMT_STATUS_INVALID_PARAMS);
1990 hdev = hci_dev_get(index);
1992 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1993 MGMT_STATUS_INVALID_PARAMS);
1997 err = hci_blacklist_del(hdev, &cp->bdaddr);
2000 err = cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2001 MGMT_STATUS_INVALID_PARAMS);
2003 err = cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2006 hci_dev_unlock(hdev);
2012 static int set_fast_connectable(struct sock *sk, u16 index,
2013 unsigned char *data, u16 len)
2015 struct hci_dev *hdev;
2016 struct mgmt_mode *cp = (void *) data;
2017 struct hci_cp_write_page_scan_activity acp;
2021 BT_DBG("hci%u", index);
2023 if (len != sizeof(*cp))
2024 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2025 MGMT_STATUS_INVALID_PARAMS);
2027 hdev = hci_dev_get(index);
2029 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2030 MGMT_STATUS_INVALID_PARAMS);
2035 type = PAGE_SCAN_TYPE_INTERLACED;
2036 acp.interval = 0x0024; /* 22.5 msec page scan interval */
2038 type = PAGE_SCAN_TYPE_STANDARD; /* default */
2039 acp.interval = 0x0800; /* default 1.28 sec page scan */
2042 acp.window = 0x0012; /* default 11.25 msec page scan window */
2044 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
2047 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2048 MGMT_STATUS_FAILED);
2052 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
2054 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2055 MGMT_STATUS_FAILED);
2059 err = cmd_complete(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2062 hci_dev_unlock(hdev);
2068 int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
2071 struct mgmt_hdr *hdr;
2072 u16 opcode, index, len;
2075 BT_DBG("got %zu bytes", msglen);
2077 if (msglen < sizeof(*hdr))
2080 buf = kmalloc(msglen, GFP_KERNEL);
2084 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
2089 hdr = (struct mgmt_hdr *) buf;
2090 opcode = get_unaligned_le16(&hdr->opcode);
2091 index = get_unaligned_le16(&hdr->index);
2092 len = get_unaligned_le16(&hdr->len);
2094 if (len != msglen - sizeof(*hdr)) {
2100 case MGMT_OP_READ_VERSION:
2101 err = read_version(sk);
2103 case MGMT_OP_READ_INDEX_LIST:
2104 err = read_index_list(sk);
2106 case MGMT_OP_READ_INFO:
2107 err = read_controller_info(sk, index);
2109 case MGMT_OP_SET_POWERED:
2110 err = set_powered(sk, index, buf + sizeof(*hdr), len);
2112 case MGMT_OP_SET_DISCOVERABLE:
2113 err = set_discoverable(sk, index, buf + sizeof(*hdr), len);
2115 case MGMT_OP_SET_CONNECTABLE:
2116 err = set_connectable(sk, index, buf + sizeof(*hdr), len);
2118 case MGMT_OP_SET_FAST_CONNECTABLE:
2119 err = set_fast_connectable(sk, index, buf + sizeof(*hdr),
2122 case MGMT_OP_SET_PAIRABLE:
2123 err = set_pairable(sk, index, buf + sizeof(*hdr), len);
2125 case MGMT_OP_ADD_UUID:
2126 err = add_uuid(sk, index, buf + sizeof(*hdr), len);
2128 case MGMT_OP_REMOVE_UUID:
2129 err = remove_uuid(sk, index, buf + sizeof(*hdr), len);
2131 case MGMT_OP_SET_DEV_CLASS:
2132 err = set_dev_class(sk, index, buf + sizeof(*hdr), len);
2134 case MGMT_OP_LOAD_LINK_KEYS:
2135 err = load_link_keys(sk, index, buf + sizeof(*hdr), len);
2137 case MGMT_OP_REMOVE_KEYS:
2138 err = remove_keys(sk, index, buf + sizeof(*hdr), len);
2140 case MGMT_OP_DISCONNECT:
2141 err = disconnect(sk, index, buf + sizeof(*hdr), len);
2143 case MGMT_OP_GET_CONNECTIONS:
2144 err = get_connections(sk, index);
2146 case MGMT_OP_PIN_CODE_REPLY:
2147 err = pin_code_reply(sk, index, buf + sizeof(*hdr), len);
2149 case MGMT_OP_PIN_CODE_NEG_REPLY:
2150 err = pin_code_neg_reply(sk, index, buf + sizeof(*hdr), len);
2152 case MGMT_OP_SET_IO_CAPABILITY:
2153 err = set_io_capability(sk, index, buf + sizeof(*hdr), len);
2155 case MGMT_OP_PAIR_DEVICE:
2156 err = pair_device(sk, index, buf + sizeof(*hdr), len);
2158 case MGMT_OP_USER_CONFIRM_REPLY:
2159 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len);
2161 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
2162 err = user_confirm_neg_reply(sk, index, buf + sizeof(*hdr),
2165 case MGMT_OP_USER_PASSKEY_REPLY:
2166 err = user_passkey_reply(sk, index, buf + sizeof(*hdr), len);
2168 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
2169 err = user_passkey_neg_reply(sk, index, buf + sizeof(*hdr),
2172 case MGMT_OP_SET_LOCAL_NAME:
2173 err = set_local_name(sk, index, buf + sizeof(*hdr), len);
2175 case MGMT_OP_READ_LOCAL_OOB_DATA:
2176 err = read_local_oob_data(sk, index);
2178 case MGMT_OP_ADD_REMOTE_OOB_DATA:
2179 err = add_remote_oob_data(sk, index, buf + sizeof(*hdr), len);
2181 case MGMT_OP_REMOVE_REMOTE_OOB_DATA:
2182 err = remove_remote_oob_data(sk, index, buf + sizeof(*hdr),
2185 case MGMT_OP_START_DISCOVERY:
2186 err = start_discovery(sk, index, buf + sizeof(*hdr), len);
2188 case MGMT_OP_STOP_DISCOVERY:
2189 err = stop_discovery(sk, index);
2191 case MGMT_OP_BLOCK_DEVICE:
2192 err = block_device(sk, index, buf + sizeof(*hdr), len);
2194 case MGMT_OP_UNBLOCK_DEVICE:
2195 err = unblock_device(sk, index, buf + sizeof(*hdr), len);
2198 BT_DBG("Unknown op %u", opcode);
2199 err = cmd_status(sk, index, opcode,
2200 MGMT_STATUS_UNKNOWN_COMMAND);
2214 static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
2218 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
2219 mgmt_pending_remove(cmd);
2222 int mgmt_index_added(struct hci_dev *hdev)
2224 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
2227 int mgmt_index_removed(struct hci_dev *hdev)
2231 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
2233 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
2239 struct hci_dev *hdev;
2242 static void settings_rsp(struct pending_cmd *cmd, void *data)
2244 struct cmd_lookup *match = data;
2246 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
2248 list_del(&cmd->list);
2250 if (match->sk == NULL) {
2251 match->sk = cmd->sk;
2252 sock_hold(match->sk);
2255 mgmt_pending_free(cmd);
2258 int mgmt_powered(struct hci_dev *hdev, u8 powered)
2260 struct cmd_lookup match = { powered, NULL, hdev };
2264 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
2267 u8 status = ENETDOWN;
2268 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
2271 ev = cpu_to_le32(get_current_settings(hdev));
2273 ret = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev),
2282 int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
2284 struct cmd_lookup match = { discoverable, NULL, hdev };
2288 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp, &match);
2290 ev = cpu_to_le32(get_current_settings(hdev));
2292 ret = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev),
2300 int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
2303 struct cmd_lookup match = { connectable, NULL, hdev };
2306 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, settings_rsp,
2309 ev = cpu_to_le32(get_current_settings(hdev));
2311 ret = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), match.sk);
2319 int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2321 u8 mgmt_err = mgmt_status(status);
2323 if (scan & SCAN_PAGE)
2324 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
2325 cmd_status_rsp, &mgmt_err);
2327 if (scan & SCAN_INQUIRY)
2328 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
2329 cmd_status_rsp, &mgmt_err);
2334 int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
2337 struct mgmt_ev_new_link_key ev;
2339 memset(&ev, 0, sizeof(ev));
2341 ev.store_hint = persistent;
2342 bacpy(&ev.key.bdaddr, &key->bdaddr);
2343 ev.key.type = key->type;
2344 memcpy(ev.key.val, key->val, 16);
2345 ev.key.pin_len = key->pin_len;
2347 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
2350 int mgmt_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2353 struct mgmt_addr_info ev;
2355 bacpy(&ev.bdaddr, bdaddr);
2356 ev.type = link_to_mgmt(link_type, addr_type);
2358 return mgmt_event(MGMT_EV_CONNECTED, hdev, &ev, sizeof(ev), NULL);
2361 static void disconnect_rsp(struct pending_cmd *cmd, void *data)
2363 struct mgmt_cp_disconnect *cp = cmd->param;
2364 struct sock **sk = data;
2365 struct mgmt_rp_disconnect rp;
2367 bacpy(&rp.bdaddr, &cp->bdaddr);
2370 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, &rp, sizeof(rp));
2375 mgmt_pending_remove(cmd);
2378 static void remove_keys_rsp(struct pending_cmd *cmd, void *data)
2381 struct mgmt_cp_remove_keys *cp = cmd->param;
2382 struct mgmt_rp_remove_keys rp;
2384 memset(&rp, 0, sizeof(rp));
2385 bacpy(&rp.bdaddr, &cp->bdaddr);
2387 rp.status = *status;
2389 cmd_complete(cmd->sk, cmd->index, MGMT_OP_REMOVE_KEYS, &rp,
2392 mgmt_pending_remove(cmd);
2395 int mgmt_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2398 struct mgmt_addr_info ev;
2399 struct sock *sk = NULL;
2402 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
2404 bacpy(&ev.bdaddr, bdaddr);
2405 ev.type = link_to_mgmt(link_type, addr_type);
2407 err = mgmt_event(MGMT_EV_DISCONNECTED, hdev, &ev, sizeof(ev), sk);
2412 mgmt_pending_foreach(MGMT_OP_REMOVE_KEYS, hdev, remove_keys_rsp, NULL);
2417 int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 status)
2419 struct pending_cmd *cmd;
2420 u8 mgmt_err = mgmt_status(status);
2423 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
2428 struct mgmt_rp_disconnect rp;
2430 bacpy(&rp.bdaddr, bdaddr);
2433 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
2436 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_DISCONNECT,
2439 mgmt_pending_remove(cmd);
2444 int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2445 u8 addr_type, u8 status)
2447 struct mgmt_ev_connect_failed ev;
2449 bacpy(&ev.addr.bdaddr, bdaddr);
2450 ev.addr.type = link_to_mgmt(link_type, addr_type);
2451 ev.status = mgmt_status(status);
2453 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
2456 int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
2458 struct mgmt_ev_pin_code_request ev;
2460 bacpy(&ev.bdaddr, bdaddr);
2463 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
2467 int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2470 struct pending_cmd *cmd;
2471 struct mgmt_rp_pin_code_reply rp;
2474 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
2478 bacpy(&rp.bdaddr, bdaddr);
2479 rp.status = mgmt_status(status);
2481 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY, &rp,
2484 mgmt_pending_remove(cmd);
2489 int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2492 struct pending_cmd *cmd;
2493 struct mgmt_rp_pin_code_reply rp;
2496 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
2500 bacpy(&rp.bdaddr, bdaddr);
2501 rp.status = mgmt_status(status);
2503 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY, &rp,
2506 mgmt_pending_remove(cmd);
2511 int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
2512 __le32 value, u8 confirm_hint)
2514 struct mgmt_ev_user_confirm_request ev;
2516 BT_DBG("%s", hdev->name);
2518 bacpy(&ev.bdaddr, bdaddr);
2519 ev.confirm_hint = confirm_hint;
2520 put_unaligned_le32(value, &ev.value);
2522 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
2526 int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr)
2528 struct mgmt_ev_user_passkey_request ev;
2530 BT_DBG("%s", hdev->name);
2532 bacpy(&ev.bdaddr, bdaddr);
2534 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
2538 static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2539 u8 status, u8 opcode)
2541 struct pending_cmd *cmd;
2542 struct mgmt_rp_user_confirm_reply rp;
2545 cmd = mgmt_pending_find(opcode, hdev);
2549 bacpy(&rp.bdaddr, bdaddr);
2550 rp.status = mgmt_status(status);
2551 err = cmd_complete(cmd->sk, hdev->id, opcode, &rp, sizeof(rp));
2553 mgmt_pending_remove(cmd);
2558 int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2561 return user_pairing_resp_complete(hdev, bdaddr, status,
2562 MGMT_OP_USER_CONFIRM_REPLY);
2565 int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev,
2566 bdaddr_t *bdaddr, u8 status)
2568 return user_pairing_resp_complete(hdev, bdaddr, status,
2569 MGMT_OP_USER_CONFIRM_NEG_REPLY);
2572 int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2575 return user_pairing_resp_complete(hdev, bdaddr, status,
2576 MGMT_OP_USER_PASSKEY_REPLY);
2579 int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev,
2580 bdaddr_t *bdaddr, u8 status)
2582 return user_pairing_resp_complete(hdev, bdaddr, status,
2583 MGMT_OP_USER_PASSKEY_NEG_REPLY);
2586 int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 status)
2588 struct mgmt_ev_auth_failed ev;
2590 bacpy(&ev.bdaddr, bdaddr);
2591 ev.status = mgmt_status(status);
2593 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2596 int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
2598 struct pending_cmd *cmd;
2599 struct mgmt_cp_set_local_name ev;
2602 memset(&ev, 0, sizeof(ev));
2603 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2605 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
2610 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
2611 mgmt_status(status));
2617 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, &ev,
2623 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev, sizeof(ev),
2624 cmd ? cmd->sk : NULL);
2628 mgmt_pending_remove(cmd);
2632 int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
2633 u8 *randomizer, u8 status)
2635 struct pending_cmd *cmd;
2638 BT_DBG("%s status %u", hdev->name, status);
2640 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
2645 err = cmd_status(cmd->sk, hdev->id,
2646 MGMT_OP_READ_LOCAL_OOB_DATA,
2647 mgmt_status(status));
2649 struct mgmt_rp_read_local_oob_data rp;
2651 memcpy(rp.hash, hash, sizeof(rp.hash));
2652 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
2654 err = cmd_complete(cmd->sk, hdev->id,
2655 MGMT_OP_READ_LOCAL_OOB_DATA,
2659 mgmt_pending_remove(cmd);
2664 int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2665 u8 addr_type, u8 *dev_class, s8 rssi, u8 *eir)
2667 struct mgmt_ev_device_found ev;
2669 memset(&ev, 0, sizeof(ev));
2671 bacpy(&ev.addr.bdaddr, bdaddr);
2672 ev.addr.type = link_to_mgmt(link_type, addr_type);
2676 memcpy(ev.eir, eir, sizeof(ev.eir));
2679 memcpy(ev.dev_class, dev_class, sizeof(ev.dev_class));
2681 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, &ev, sizeof(ev), NULL);
2684 int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 *name)
2686 struct mgmt_ev_remote_name ev;
2688 memset(&ev, 0, sizeof(ev));
2690 bacpy(&ev.bdaddr, bdaddr);
2691 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2693 return mgmt_event(MGMT_EV_REMOTE_NAME, hdev, &ev, sizeof(ev), NULL);
2696 int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
2698 struct pending_cmd *cmd;
2701 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
2705 err = cmd_status(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status));
2706 mgmt_pending_remove(cmd);
2711 int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
2713 struct pending_cmd *cmd;
2716 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
2720 err = cmd_status(cmd->sk, hdev->id, cmd->opcode, status);
2721 mgmt_pending_remove(cmd);
2726 int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
2728 struct pending_cmd *cmd;
2731 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
2733 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
2736 cmd_complete(cmd->sk, hdev->id, cmd->opcode, NULL, 0);
2737 mgmt_pending_remove(cmd);
2740 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &discovering,
2741 sizeof(discovering), NULL);
2744 int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr)
2746 struct pending_cmd *cmd;
2747 struct mgmt_ev_device_blocked ev;
2749 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
2751 bacpy(&ev.bdaddr, bdaddr);
2753 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
2754 cmd ? cmd->sk : NULL);
2757 int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr)
2759 struct pending_cmd *cmd;
2760 struct mgmt_ev_device_unblocked ev;
2762 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
2764 bacpy(&ev.bdaddr, bdaddr);
2766 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
2767 cmd ? cmd->sk : NULL);
projects / ~andy / linux / blob