projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Fix HCI command sending when powering on LE-only adapters
[linux-2.6-block.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
ea585ab5 3
0381101f 4 Copyright (C) 2010 Nokia Corporation
ea585ab5 5 Copyright (C) 2011-2012 Intel Corporation
0381101f
JH		 6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI Management interface */
26
3a9a231d 27#include <linux/module.h>
0381101f
JH		 28#include <asm/unaligned.h>
29
30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h>
32#include <net/bluetooth/mgmt.h>
5fe57d9e 33#include <net/bluetooth/smp.h>
0381101f 34
d7b7e796 35bool enable_hs;
d7b7e796 36
2da9c55c 37#define MGMT_VERSION 1
23b3b133 38#define MGMT_REVISION 2
02d98129 39
e70bb2e8
JH		 40static const u16 mgmt_commands[] = {
41 MGMT_OP_READ_INDEX_LIST,
42 MGMT_OP_READ_INFO,
43 MGMT_OP_SET_POWERED,
44 MGMT_OP_SET_DISCOVERABLE,
45 MGMT_OP_SET_CONNECTABLE,
46 MGMT_OP_SET_FAST_CONNECTABLE,
47 MGMT_OP_SET_PAIRABLE,
48 MGMT_OP_SET_LINK_SECURITY,
49 MGMT_OP_SET_SSP,
50 MGMT_OP_SET_HS,
51 MGMT_OP_SET_LE,
52 MGMT_OP_SET_DEV_CLASS,
53 MGMT_OP_SET_LOCAL_NAME,
54 MGMT_OP_ADD_UUID,
55 MGMT_OP_REMOVE_UUID,
56 MGMT_OP_LOAD_LINK_KEYS,
57 MGMT_OP_LOAD_LONG_TERM_KEYS,
58 MGMT_OP_DISCONNECT,
59 MGMT_OP_GET_CONNECTIONS,
60 MGMT_OP_PIN_CODE_REPLY,
61 MGMT_OP_PIN_CODE_NEG_REPLY,
62 MGMT_OP_SET_IO_CAPABILITY,
63 MGMT_OP_PAIR_DEVICE,
64 MGMT_OP_CANCEL_PAIR_DEVICE,
65 MGMT_OP_UNPAIR_DEVICE,
66 MGMT_OP_USER_CONFIRM_REPLY,
67 MGMT_OP_USER_CONFIRM_NEG_REPLY,
68 MGMT_OP_USER_PASSKEY_REPLY,
69 MGMT_OP_USER_PASSKEY_NEG_REPLY,
70 MGMT_OP_READ_LOCAL_OOB_DATA,
71 MGMT_OP_ADD_REMOTE_OOB_DATA,
72 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
73 MGMT_OP_START_DISCOVERY,
74 MGMT_OP_STOP_DISCOVERY,
75 MGMT_OP_CONFIRM_NAME,
76 MGMT_OP_BLOCK_DEVICE,
77 MGMT_OP_UNBLOCK_DEVICE,
cdbaccca 78 MGMT_OP_SET_DEVICE_ID,
e70bb2e8
JH		 79};
80
81static const u16 mgmt_events[] = {
82 MGMT_EV_CONTROLLER_ERROR,
83 MGMT_EV_INDEX_ADDED,
84 MGMT_EV_INDEX_REMOVED,
85 MGMT_EV_NEW_SETTINGS,
86 MGMT_EV_CLASS_OF_DEV_CHANGED,
87 MGMT_EV_LOCAL_NAME_CHANGED,
88 MGMT_EV_NEW_LINK_KEY,
89 MGMT_EV_NEW_LONG_TERM_KEY,
90 MGMT_EV_DEVICE_CONNECTED,
91 MGMT_EV_DEVICE_DISCONNECTED,
92 MGMT_EV_CONNECT_FAILED,
93 MGMT_EV_PIN_CODE_REQUEST,
94 MGMT_EV_USER_CONFIRM_REQUEST,
95 MGMT_EV_USER_PASSKEY_REQUEST,
96 MGMT_EV_AUTH_FAILED,
97 MGMT_EV_DEVICE_FOUND,
98 MGMT_EV_DISCOVERING,
99 MGMT_EV_DEVICE_BLOCKED,
100 MGMT_EV_DEVICE_UNBLOCKED,
101 MGMT_EV_DEVICE_UNPAIRED,
92a25256 102 MGMT_EV_PASSKEY_NOTIFY,
e70bb2e8
JH		 103};
104
3fd24153
AG		 105/*
106 * These LE scan and inquiry parameters were chosen according to LE General
107 * Discovery Procedure specification.
108 */
109#define LE_SCAN_TYPE 0x01
110#define LE_SCAN_WIN 0x12
111#define LE_SCAN_INT 0x12
112#define LE_SCAN_TIMEOUT_LE_ONLY 10240 /* TGAP(gen_disc_scan_min) */
5e0452c0 113#define LE_SCAN_TIMEOUT_BREDR_LE 5120 /* TGAP(100)/2 */
3fd24153 114
e8777525 115#define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
5e0452c0 116#define INQUIRY_LEN_BREDR_LE 0x04 /* TGAP(100)/2 */
2519a1fc 117
17b02e62 118#define CACHE_TIMEOUT msecs_to_jiffies(2 * 1000)
7d78525d 119
4b34ee78
JH		 120#define hdev_is_powered(hdev) (test_bit(HCI_UP, &hdev->flags) && \
121 !test_bit(HCI_AUTO_OFF, &hdev->dev_flags))
122
eec8d2bc
JH		 123struct pending_cmd {
124 struct list_head list;
fc2f4b13 125 u16 opcode;
eec8d2bc 126 int index;
c68fb7ff 127 void *param;
eec8d2bc 128 struct sock *sk;
e9a416b5 129 void *user_data;
eec8d2bc
JH		 130};
131
ca69b795
JH		 132/* HCI to MGMT error code conversion table */
133static u8 mgmt_status_table[] = {
134 MGMT_STATUS_SUCCESS,
135 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
136 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
137 MGMT_STATUS_FAILED, /* Hardware Failure */
138 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
139 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
140 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
141 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
142 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
143 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
144 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
145 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
146 MGMT_STATUS_BUSY, /* Command Disallowed */
147 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
148 MGMT_STATUS_REJECTED, /* Rejected Security */
149 MGMT_STATUS_REJECTED, /* Rejected Personal */
150 MGMT_STATUS_TIMEOUT, /* Host Timeout */
151 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
152 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
153 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
154 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
155 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
156 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
157 MGMT_STATUS_BUSY, /* Repeated Attempts */
158 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
159 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
160 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
161 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
162 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
163 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
164 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
165 MGMT_STATUS_FAILED, /* Unspecified Error */
166 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
167 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
168 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
169 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
170 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
171 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
172 MGMT_STATUS_FAILED, /* Unit Link Key Used */
173 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
174 MGMT_STATUS_TIMEOUT, /* Instant Passed */
175 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
176 MGMT_STATUS_FAILED, /* Transaction Collision */
177 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
178 MGMT_STATUS_REJECTED, /* QoS Rejected */
179 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
180 MGMT_STATUS_REJECTED, /* Insufficient Security */
181 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
182 MGMT_STATUS_BUSY, /* Role Switch Pending */
183 MGMT_STATUS_FAILED, /* Slot Violation */
184 MGMT_STATUS_FAILED, /* Role Switch Failed */
185 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
186 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
187 MGMT_STATUS_BUSY, /* Host Busy Pairing */
188 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
189 MGMT_STATUS_BUSY, /* Controller Busy */
190 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
191 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
192 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
193 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
194 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
195};
196
bb4b2a9a
AE		 197bool mgmt_valid_hdev(struct hci_dev *hdev)
198{
199 return hdev->dev_type == HCI_BREDR;
200}
201
ca69b795
JH		 202static u8 mgmt_status(u8 hci_status)
203{
204 if (hci_status < ARRAY_SIZE(mgmt_status_table))
205 return mgmt_status_table[hci_status];
206
207 return MGMT_STATUS_FAILED;
208}
209
4e51eae9 210static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 211{
212 struct sk_buff *skb;
213 struct mgmt_hdr *hdr;
214 struct mgmt_ev_cmd_status *ev;
56b7d137 215 int err;
f7b64e69 216
34eb525c 217 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69 218
790eff44 219 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_KERNEL);
f7b64e69
JH		 220 if (!skb)
221 return -ENOMEM;
222
223 hdr = (void *) skb_put(skb, sizeof(*hdr));
224
225 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 226 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 227 hdr->len = cpu_to_le16(sizeof(*ev));
228
229 ev = (void *) skb_put(skb, sizeof(*ev));
230 ev->status = status;
eb55ef07 231 ev->opcode = cpu_to_le16(cmd);
f7b64e69 232
56b7d137
GP		 233 err = sock_queue_rcv_skb(sk, skb);
234 if (err < 0)
f7b64e69
JH		 235 kfree_skb(skb);
236
56b7d137 237 return err;
f7b64e69
JH		 238}
239
aee9b218 240static int cmd_complete(struct sock *sk, u16 index, u16 cmd, u8 status,
04124681 241 void *rp, size_t rp_len)
02d98129
JH		 242{
243 struct sk_buff *skb;
244 struct mgmt_hdr *hdr;
245 struct mgmt_ev_cmd_complete *ev;
56b7d137 246 int err;
02d98129
JH		 247
248 BT_DBG("sock %p", sk);
249
790eff44 250 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_KERNEL);
02d98129
JH		 251 if (!skb)
252 return -ENOMEM;
253
254 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 255
a38528f1 256 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 257 hdr->index = cpu_to_le16(index);
a38528f1 258 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 259
a38528f1 260 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
eb55ef07 261 ev->opcode = cpu_to_le16(cmd);
aee9b218 262 ev->status = status;
8020c16a
SJ		 263
264 if (rp)
265 memcpy(ev->data, rp, rp_len);
02d98129 266
56b7d137
GP		 267 err = sock_queue_rcv_skb(sk, skb);
268 if (err < 0)
02d98129
JH		 269 kfree_skb(skb);
270
e5f0e151 271 return err;
02d98129
JH		 272}
273
04124681
GP		 274static int read_version(struct sock *sk, struct hci_dev *hdev, void *data,
275 u16 data_len)
a38528f1
JH		 276{
277 struct mgmt_rp_read_version rp;
278
279 BT_DBG("sock %p", sk);
280
281 rp.version = MGMT_VERSION;
eb55ef07 282 rp.revision = __constant_cpu_to_le16(MGMT_REVISION);
a38528f1 283
aee9b218 284 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, 0, &rp,
04124681 285 sizeof(rp));
a38528f1
JH		 286}
287
04124681
GP		 288static int read_commands(struct sock *sk, struct hci_dev *hdev, void *data,
289 u16 data_len)
e70bb2e8
JH		 290{
291 struct mgmt_rp_read_commands *rp;
eb55ef07
MH		 292 const u16 num_commands = ARRAY_SIZE(mgmt_commands);
293 const u16 num_events = ARRAY_SIZE(mgmt_events);
2e3c35ea 294 __le16 *opcode;
e70bb2e8
JH		 295 size_t rp_size;
296 int i, err;
297
298 BT_DBG("sock %p", sk);
299
300 rp_size = sizeof(*rp) + ((num_commands + num_events) * sizeof(u16));
301
302 rp = kmalloc(rp_size, GFP_KERNEL);
303 if (!rp)
304 return -ENOMEM;
305
eb55ef07
MH		 306 rp->num_commands = __constant_cpu_to_le16(num_commands);
307 rp->num_events = __constant_cpu_to_le16(num_events);
e70bb2e8
JH		 308
309 for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++)
310 put_unaligned_le16(mgmt_commands[i], opcode);
311
312 for (i = 0; i < num_events; i++, opcode++)
313 put_unaligned_le16(mgmt_events[i], opcode);
314
aee9b218 315 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0, rp,
04124681 316 rp_size);
e70bb2e8
JH		 317 kfree(rp);
318
319 return err;
320}
321
04124681
GP		 322static int read_index_list(struct sock *sk, struct hci_dev *hdev, void *data,
323 u16 data_len)
faba42eb 324{
faba42eb 325 struct mgmt_rp_read_index_list *rp;
8035ded4 326 struct hci_dev *d;
a38528f1 327 size_t rp_len;
faba42eb 328 u16 count;
a38528f1 329 int i, err;
faba42eb
JH		 330
331 BT_DBG("sock %p", sk);
332
333 read_lock(&hci_dev_list_lock);
334
335 count = 0;
bb4b2a9a
AE		 336 list_for_each_entry(d, &hci_dev_list, list) {
337 if (!mgmt_valid_hdev(d))
338 continue;
339
faba42eb
JH		 340 count++;
341 }
342
a38528f1
JH		 343 rp_len = sizeof(*rp) + (2 * count);
344 rp = kmalloc(rp_len, GFP_ATOMIC);
345 if (!rp) {
b2c60d42 346 read_unlock(&hci_dev_list_lock);
faba42eb 347 return -ENOMEM;
b2c60d42 348 }
faba42eb 349
eb55ef07 350 rp->num_controllers = cpu_to_le16(count);
faba42eb
JH		 351
352 i = 0;
8035ded4 353 list_for_each_entry(d, &hci_dev_list, list) {
a8b2d5c2 354 if (test_bit(HCI_SETUP, &d->dev_flags))
ab81cbf9
JH		 355 continue;
356
bb4b2a9a
AE		 357 if (!mgmt_valid_hdev(d))
358 continue;
359
eb55ef07 360 rp->index[i++] = cpu_to_le16(d->id);
faba42eb
JH		 361 BT_DBG("Added hci%u", d->id);
362 }
363
364 read_unlock(&hci_dev_list_lock);
365
aee9b218 366 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, 0, rp,
04124681 367 rp_len);
faba42eb 368
a38528f1
JH		 369 kfree(rp);
370
371 return err;
faba42eb
JH		 372}
373
69ab39ea
JH		 374static u32 get_supported_settings(struct hci_dev *hdev)
375{
376 u32 settings = 0;
377
378 settings |= MGMT_SETTING_POWERED;
379 settings |= MGMT_SETTING_CONNECTABLE;
380 settings |= MGMT_SETTING_FAST_CONNECTABLE;
381 settings |= MGMT_SETTING_DISCOVERABLE;
382 settings |= MGMT_SETTING_PAIRABLE;
383
9a1a1996 384 if (lmp_ssp_capable(hdev))
69ab39ea
JH		 385 settings |= MGMT_SETTING_SSP;
386
ed3fa31f 387 if (lmp_bredr_capable(hdev)) {
69ab39ea
JH		 388 settings |= MGMT_SETTING_BREDR;
389 settings |= MGMT_SETTING_LINK_SECURITY;
390 }
391
d7b7e796
MH		 392 if (enable_hs)
393 settings |= MGMT_SETTING_HS;
394
c383ddc4 395 if (lmp_le_capable(hdev))
9d42820f 396 settings |= MGMT_SETTING_LE;
69ab39ea
JH		 397
398 return settings;
399}
400
401static u32 get_current_settings(struct hci_dev *hdev)
402{
403 u32 settings = 0;
404
f1f0eb02 405 if (hdev_is_powered(hdev))
f0d4b78a
MH		 406 settings |= MGMT_SETTING_POWERED;
407
5e5282bb 408 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
69ab39ea
JH		 409 settings |= MGMT_SETTING_CONNECTABLE;
410
5e5282bb 411 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
69ab39ea
JH		 412 settings |= MGMT_SETTING_DISCOVERABLE;
413
a8b2d5c2 414 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags))
69ab39ea
JH		 415 settings |= MGMT_SETTING_PAIRABLE;
416
ed3fa31f 417 if (lmp_bredr_capable(hdev))
69ab39ea
JH		 418 settings |= MGMT_SETTING_BREDR;
419
06199cf8 420 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 421 settings |= MGMT_SETTING_LE;
422
47990ea0 423 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
69ab39ea
JH		 424 settings |= MGMT_SETTING_LINK_SECURITY;
425
84bde9d6 426 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 427 settings |= MGMT_SETTING_SSP;
428
6d80dfd0
JH		 429 if (test_bit(HCI_HS_ENABLED, &hdev->dev_flags))
430 settings |= MGMT_SETTING_HS;
431
69ab39ea
JH		 432 return settings;
433}
434
ef580372
JH		 435#define PNP_INFO_SVCLASS_ID 0x1200
436
437static u8 bluetooth_base_uuid[] = {
438 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
439 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
440};
441
442static u16 get_uuid16(u8 *uuid128)
443{
444 u32 val;
445 int i;
446
447 for (i = 0; i < 12; i++) {
448 if (bluetooth_base_uuid[i] != uuid128[i])
449 return 0;
450 }
451
3e9fb6d8 452 val = get_unaligned_le32(&uuid128[12]);
ef580372
JH		 453 if (val > 0xffff)
454 return 0;
455
456 return (u16) val;
457}
458
459static void create_eir(struct hci_dev *hdev, u8 *data)
460{
461 u8 *ptr = data;
462 u16 eir_len = 0;
463 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
464 int i, truncated = 0;
465 struct bt_uuid *uuid;
466 size_t name_len;
467
468 name_len = strlen(hdev->dev_name);
469
470 if (name_len > 0) {
471 /* EIR Data type */
472 if (name_len > 48) {
473 name_len = 48;
474 ptr[1] = EIR_NAME_SHORT;
475 } else
476 ptr[1] = EIR_NAME_COMPLETE;
477
478 /* EIR Data length */
479 ptr[0] = name_len + 1;
480
481 memcpy(ptr + 2, hdev->dev_name, name_len);
482
483 eir_len += (name_len + 2);
484 ptr += (name_len + 2);
485 }
486
91c4e9b1
MH		 487 if (hdev->inq_tx_power) {
488 ptr[0] = 2;
489 ptr[1] = EIR_TX_POWER;
490 ptr[2] = (u8) hdev->inq_tx_power;
491
492 eir_len += 3;
493 ptr += 3;
494 }
495
2b9be137
MH		 496 if (hdev->devid_source > 0) {
497 ptr[0] = 9;
498 ptr[1] = EIR_DEVICE_ID;
499
500 put_unaligned_le16(hdev->devid_source, ptr + 2);
501 put_unaligned_le16(hdev->devid_vendor, ptr + 4);
502 put_unaligned_le16(hdev->devid_product, ptr + 6);
503 put_unaligned_le16(hdev->devid_version, ptr + 8);
504
505 eir_len += 10;
506 ptr += 10;
507 }
508
ef580372
JH		 509 memset(uuid16_list, 0, sizeof(uuid16_list));
510
511 /* Group all UUID16 types */
512 list_for_each_entry(uuid, &hdev->uuids, list) {
513 u16 uuid16;
514
515 uuid16 = get_uuid16(uuid->uuid);
516 if (uuid16 == 0)
517 return;
518
519 if (uuid16 < 0x1100)
520 continue;
521
522 if (uuid16 == PNP_INFO_SVCLASS_ID)
523 continue;
524
525 /* Stop if not enough space to put next UUID */
526 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
527 truncated = 1;
528 break;
529 }
530
531 /* Check for duplicates */
532 for (i = 0; uuid16_list[i] != 0; i++)
533 if (uuid16_list[i] == uuid16)
534 break;
535
536 if (uuid16_list[i] == 0) {
537 uuid16_list[i] = uuid16;
538 eir_len += sizeof(u16);
539 }
540 }
541
542 if (uuid16_list[0] != 0) {
543 u8 *length = ptr;
544
545 /* EIR Data type */
546 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
547
548 ptr += 2;
549 eir_len += 2;
550
551 for (i = 0; uuid16_list[i] != 0; i++) {
552 *ptr++ = (uuid16_list[i] & 0x00ff);
553 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
554 }
555
556 /* EIR Data length */
557 *length = (i * sizeof(u16)) + 1;
558 }
559}
560
561static int update_eir(struct hci_dev *hdev)
562{
563 struct hci_cp_write_eir cp;
564
504c8dcd 565 if (!hdev_is_powered(hdev))
7770c4aa
JH		 566 return 0;
567
ef580372
JH		 568 if (!(hdev->features[6] & LMP_EXT_INQ))
569 return 0;
570
84bde9d6 571 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
ef580372
JH		 572 return 0;
573
a8b2d5c2 574 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 575 return 0;
576
577 memset(&cp, 0, sizeof(cp));
578
579 create_eir(hdev, cp.data);
580
581 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
582 return 0;
583
584 memcpy(hdev->eir, cp.data, sizeof(cp.data));
585
586 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
587}
588
589static u8 get_service_classes(struct hci_dev *hdev)
590{
591 struct bt_uuid *uuid;
592 u8 val = 0;
593
594 list_for_each_entry(uuid, &hdev->uuids, list)
595 val |= uuid->svc_hint;
596
597 return val;
598}
599
600static int update_class(struct hci_dev *hdev)
601{
602 u8 cod[3];
c95f0ba7 603 int err;
ef580372
JH		 604
605 BT_DBG("%s", hdev->name);
606
504c8dcd 607 if (!hdev_is_powered(hdev))
7770c4aa
JH		 608 return 0;
609
a8b2d5c2 610 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 611 return 0;
612
613 cod[0] = hdev->minor_class;
614 cod[1] = hdev->major_class;
615 cod[2] = get_service_classes(hdev);
616
617 if (memcmp(cod, hdev->dev_class, 3) == 0)
618 return 0;
619
c95f0ba7
JH		 620 err = hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
621 if (err == 0)
622 set_bit(HCI_PENDING_CLASS, &hdev->dev_flags);
623
624 return err;
ef580372
JH		 625}
626
7d78525d
JH		 627static void service_cache_off(struct work_struct *work)
628{
629 struct hci_dev *hdev = container_of(work, struct hci_dev,
04124681 630 service_cache.work);
7d78525d 631
a8b2d5c2 632 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 633 return;
634
635 hci_dev_lock(hdev);
636
637 update_eir(hdev);
638 update_class(hdev);
639
640 hci_dev_unlock(hdev);
641}
642
6a919082 643static void mgmt_init_hdev(struct sock *sk, struct hci_dev *hdev)
7d78525d 644{
4f87da80 645 if (test_and_set_bit(HCI_MGMT, &hdev->dev_flags))
6a919082
JH		 646 return;
647
4f87da80 648 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
7d78525d 649
4f87da80
JH		 650 /* Non-mgmt controlled devices get this bit set
651 * implicitly so that pairing works for them, however
652 * for mgmt we require user-space to explicitly enable
653 * it
654 */
655 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
7d78525d
JH		 656}
657
0f4e68cf 658static int read_controller_info(struct sock *sk, struct hci_dev *hdev,
04124681 659 void *data, u16 data_len)
0381101f 660{
a38528f1 661 struct mgmt_rp_read_info rp;
f7b64e69 662
bdb6d971 663 BT_DBG("sock %p %s", sk, hdev->name);
f7b64e69 664
09fd0de5 665 hci_dev_lock(hdev);
f7b64e69 666
dc4fe30b
JH		 667 memset(&rp, 0, sizeof(rp));
668
69ab39ea 669 bacpy(&rp.bdaddr, &hdev->bdaddr);
f7b64e69 670
69ab39ea 671 rp.version = hdev->hci_ver;
eb55ef07 672 rp.manufacturer = cpu_to_le16(hdev->manufacturer);
69ab39ea
JH		 673
674 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
675 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
f7b64e69 676
a38528f1 677 memcpy(rp.dev_class, hdev->dev_class, 3);
f7b64e69 678
dc4fe30b 679 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
27fcc362 680 memcpy(rp.short_name, hdev->short_name, sizeof(hdev->short_name));
dc4fe30b 681
09fd0de5 682 hci_dev_unlock(hdev);
0381101f 683
bdb6d971 684 return cmd_complete(sk, hdev->id, MGMT_OP_READ_INFO, 0, &rp,
04124681 685 sizeof(rp));
0381101f
JH		 686}
687
eec8d2bc
JH		 688static void mgmt_pending_free(struct pending_cmd *cmd)
689{
690 sock_put(cmd->sk);
c68fb7ff 691 kfree(cmd->param);
eec8d2bc
JH		 692 kfree(cmd);
693}
694
366a0336 695static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
04124681
GP		 696 struct hci_dev *hdev, void *data,
697 u16 len)
eec8d2bc
JH		 698{
699 struct pending_cmd *cmd;
700
12b94565 701 cmd = kmalloc(sizeof(*cmd), GFP_KERNEL);
eec8d2bc 702 if (!cmd)
366a0336 703 return NULL;
eec8d2bc
JH		 704
705 cmd->opcode = opcode;
2e58ef3e 706 cmd->index = hdev->id;
eec8d2bc 707
12b94565 708 cmd->param = kmalloc(len, GFP_KERNEL);
c68fb7ff 709 if (!cmd->param) {
eec8d2bc 710 kfree(cmd);
366a0336 711 return NULL;
eec8d2bc
JH		 712 }
713
8fce6357
SJ		 714 if (data)
715 memcpy(cmd->param, data, len);
eec8d2bc
JH		 716
717 cmd->sk = sk;
718 sock_hold(sk);
719
2e58ef3e 720 list_add(&cmd->list, &hdev->mgmt_pending);
eec8d2bc 721
366a0336 722 return cmd;
eec8d2bc
JH		 723}
724
744cf19e 725static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
8fc9ced3
GP		 726 void (*cb)(struct pending_cmd *cmd,
727 void *data),
04124681 728 void *data)
eec8d2bc
JH		 729{
730 struct list_head *p, *n;
731
2e58ef3e 732 list_for_each_safe(p, n, &hdev->mgmt_pending) {
eec8d2bc
JH		 733 struct pending_cmd *cmd;
734
735 cmd = list_entry(p, struct pending_cmd, list);
736
b24752fe 737 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 738 continue;
739
eec8d2bc
JH		 740 cb(cmd, data);
741 }
742}
743
2e58ef3e 744static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
eec8d2bc 745{
8035ded4 746 struct pending_cmd *cmd;
eec8d2bc 747
2e58ef3e 748 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
2aeabcbe
JH		 749 if (cmd->opcode == opcode)
750 return cmd;
eec8d2bc
JH		 751 }
752
753 return NULL;
754}
755
a664b5bc 756static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 757{
73f22f62
JH		 758 list_del(&cmd->list);
759 mgmt_pending_free(cmd);
760}
761
69ab39ea 762static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
8680570b 763{
69ab39ea 764 __le32 settings = cpu_to_le32(get_current_settings(hdev));
8680570b 765
aee9b218 766 return cmd_complete(sk, hdev->id, opcode, 0, &settings,
04124681 767 sizeof(settings));
8680570b
JH		 768}
769
bdb6d971 770static int set_powered(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 771 u16 len)
eec8d2bc 772{
650f726d 773 struct mgmt_mode *cp = data;
366a0336 774 struct pending_cmd *cmd;
4b34ee78 775 int err;
eec8d2bc 776
bdb6d971 777 BT_DBG("request for %s", hdev->name);
eec8d2bc 778
09fd0de5 779 hci_dev_lock(hdev);
eec8d2bc 780
f0d4b78a
MH		 781 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) {
782 cancel_delayed_work(&hdev->power_off);
783
784 if (cp->val) {
785 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
786 mgmt_powered(hdev, 1);
787 goto failed;
788 }
789 }
790
4b34ee78 791 if (!!cp->val == hdev_is_powered(hdev)) {
69ab39ea 792 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
eec8d2bc
JH		 793 goto failed;
794 }
795
2e58ef3e 796 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
bdb6d971 797 err = cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
04124681 798 MGMT_STATUS_BUSY);
eec8d2bc
JH		 799 goto failed;
800 }
801
2e58ef3e 802 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
366a0336
JH		 803 if (!cmd) {
804 err = -ENOMEM;
eec8d2bc 805 goto failed;
366a0336 806 }
eec8d2bc 807
72a734ec 808 if (cp->val)
7f971041 809 schedule_work(&hdev->power_on);
eec8d2bc 810 else
80b7ab33 811 schedule_work(&hdev->power_off.work);
eec8d2bc 812
366a0336 813 err = 0;
eec8d2bc
JH		 814
815failed:
09fd0de5 816 hci_dev_unlock(hdev);
366a0336 817 return err;
eec8d2bc
JH		 818}
819
04124681
GP		 820static int mgmt_event(u16 event, struct hci_dev *hdev, void *data, u16 data_len,
821 struct sock *skip_sk)
beadb2bd
JH		 822{
823 struct sk_buff *skb;
824 struct mgmt_hdr *hdr;
825
790eff44 826 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_KERNEL);
beadb2bd
JH		 827 if (!skb)
828 return -ENOMEM;
829
830 hdr = (void *) skb_put(skb, sizeof(*hdr));
831 hdr->opcode = cpu_to_le16(event);
832 if (hdev)
833 hdr->index = cpu_to_le16(hdev->id);
834 else
835 hdr->index = cpu_to_le16(MGMT_INDEX_NONE);
836 hdr->len = cpu_to_le16(data_len);
837
838 if (data)
839 memcpy(skb_put(skb, data_len), data, data_len);
840
97e0bdeb
MH		 841 /* Time stamp */
842 __net_timestamp(skb);
843
beadb2bd
JH		 844 hci_send_to_control(skb, skip_sk);
845 kfree_skb(skb);
846
847 return 0;
848}
849
850static int new_settings(struct hci_dev *hdev, struct sock *skip)
851{
852 __le32 ev;
853
854 ev = cpu_to_le32(get_current_settings(hdev));
855
856 return mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), skip);
857}
858
bdb6d971 859static int set_discoverable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 860 u16 len)
73f22f62 861{
650f726d 862 struct mgmt_cp_set_discoverable *cp = data;
366a0336 863 struct pending_cmd *cmd;
5e5282bb 864 u16 timeout;
73f22f62
JH		 865 u8 scan;
866 int err;
867
bdb6d971 868 BT_DBG("request for %s", hdev->name);
73f22f62 869
1f350c87 870 timeout = __le16_to_cpu(cp->timeout);
24c54a90 871 if (!cp->val && timeout > 0)
bdb6d971 872 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 873 MGMT_STATUS_INVALID_PARAMS);
73f22f62 874
09fd0de5 875 hci_dev_lock(hdev);
73f22f62 876
5e5282bb 877 if (!hdev_is_powered(hdev) && timeout > 0) {
bdb6d971 878 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 879 MGMT_STATUS_NOT_POWERED);
73f22f62
JH		 880 goto failed;
881 }
882
2e58ef3e 883 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 884 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 885 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 886 MGMT_STATUS_BUSY);
73f22f62
JH		 887 goto failed;
888 }
889
5e5282bb 890 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) {
bdb6d971 891 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 892 MGMT_STATUS_REJECTED);
5e5282bb
JH		 893 goto failed;
894 }
895
896 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 897 bool changed = false;
898
899 if (!!cp->val != test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
900 change_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
901 changed = true;
902 }
903
5e5282bb 904 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
0224d2fa
JH		 905 if (err < 0)
906 goto failed;
907
908 if (changed)
909 err = new_settings(hdev, sk);
910
5e5282bb
JH		 911 goto failed;
912 }
913
914 if (!!cp->val == test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
955638ec
MH		 915 if (hdev->discov_timeout > 0) {
916 cancel_delayed_work(&hdev->discov_off);
917 hdev->discov_timeout = 0;
918 }
919
920 if (cp->val && timeout > 0) {
921 hdev->discov_timeout = timeout;
922 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
923 msecs_to_jiffies(hdev->discov_timeout * 1000));
924 }
925
69ab39ea 926 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
73f22f62
JH		 927 goto failed;
928 }
929
2e58ef3e 930 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
366a0336
JH		 931 if (!cmd) {
932 err = -ENOMEM;
73f22f62 933 goto failed;
366a0336 934 }
73f22f62
JH		 935
936 scan = SCAN_PAGE;
937
72a734ec 938 if (cp->val)
73f22f62 939 scan |= SCAN_INQUIRY;
16ab91ab 940 else
e0f9309f 941 cancel_delayed_work(&hdev->discov_off);
73f22f62
JH		 942
943 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
944 if (err < 0)
a664b5bc 945 mgmt_pending_remove(cmd);
73f22f62 946
16ab91ab 947 if (cp->val)
5e5282bb 948 hdev->discov_timeout = timeout;
16ab91ab 949
73f22f62 950failed:
09fd0de5 951 hci_dev_unlock(hdev);
73f22f62
JH		 952 return err;
953}
954
bdb6d971 955static int set_connectable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 956 u16 len)
9fbcbb45 957{
650f726d 958 struct mgmt_mode *cp = data;
366a0336 959 struct pending_cmd *cmd;
9fbcbb45
JH		 960 u8 scan;
961 int err;
962
bdb6d971 963 BT_DBG("request for %s", hdev->name);
9fbcbb45 964
09fd0de5 965 hci_dev_lock(hdev);
9fbcbb45 966
4b34ee78 967 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 968 bool changed = false;
969
970 if (!!cp->val != test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
971 changed = true;
972
6bf0e469 973 if (cp->val) {
5e5282bb 974 set_bit(HCI_CONNECTABLE, &hdev->dev_flags);
6bf0e469 975 } else {
5e5282bb
JH		 976 clear_bit(HCI_CONNECTABLE, &hdev->dev_flags);
977 clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
978 }
0224d2fa 979
5e5282bb 980 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
0224d2fa
JH		 981 if (err < 0)
982 goto failed;
983
984 if (changed)
985 err = new_settings(hdev, sk);
986
9fbcbb45
JH		 987 goto failed;
988 }
989
2e58ef3e 990 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 991 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 992 err = cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
04124681 993 MGMT_STATUS_BUSY);
9fbcbb45
JH		 994 goto failed;
995 }
996
5e5282bb 997 if (!!cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
69ab39ea 998 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
9fbcbb45
JH		 999 goto failed;
1000 }
1001
2e58ef3e 1002 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
366a0336
JH		 1003 if (!cmd) {
1004 err = -ENOMEM;
9fbcbb45 1005 goto failed;
366a0336 1006 }
9fbcbb45 1007
6bf0e469 1008 if (cp->val) {
9fbcbb45 1009 scan = SCAN_PAGE;
6bf0e469 1010 } else {
9fbcbb45
JH		 1011 scan = 0;
1012
df2c6c5e 1013 if (test_bit(HCI_ISCAN, &hdev->flags) &&
8ce8e2b5 1014 hdev->discov_timeout > 0)
df2c6c5e
JH		 1015 cancel_delayed_work(&hdev->discov_off);
1016 }
1017
9fbcbb45
JH		 1018 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1019 if (err < 0)
a664b5bc 1020 mgmt_pending_remove(cmd);
9fbcbb45
JH		 1021
1022failed:
09fd0de5 1023 hci_dev_unlock(hdev);
9fbcbb45
JH		 1024 return err;
1025}
1026
bdb6d971 1027static int set_pairable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1028 u16 len)
c542a06c 1029{
650f726d 1030 struct mgmt_mode *cp = data;
c542a06c
JH		 1031 int err;
1032
bdb6d971 1033 BT_DBG("request for %s", hdev->name);
c542a06c 1034
09fd0de5 1035 hci_dev_lock(hdev);
c542a06c
JH		 1036
1037 if (cp->val)
a8b2d5c2 1038 set_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1039 else
a8b2d5c2 1040 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1041
69ab39ea 1042 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
c542a06c
JH		 1043 if (err < 0)
1044 goto failed;
1045
beadb2bd 1046 err = new_settings(hdev, sk);
c542a06c
JH		 1047
1048failed:
09fd0de5 1049 hci_dev_unlock(hdev);
c542a06c
JH		 1050 return err;
1051}
1052
04124681
GP		 1053static int set_link_security(struct sock *sk, struct hci_dev *hdev, void *data,
1054 u16 len)
33ef95ed
JH		 1055{
1056 struct mgmt_mode *cp = data;
1057 struct pending_cmd *cmd;
816a11d5 1058 u8 val;
33ef95ed
JH		 1059 int err;
1060
bdb6d971 1061 BT_DBG("request for %s", hdev->name);
33ef95ed 1062
33ef95ed
JH		 1063 hci_dev_lock(hdev);
1064
4b34ee78 1065 if (!hdev_is_powered(hdev)) {
47990ea0
JH		 1066 bool changed = false;
1067
1068 if (!!cp->val != test_bit(HCI_LINK_SECURITY,
8ce8e2b5 1069 &hdev->dev_flags)) {
47990ea0
JH		 1070 change_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
1071 changed = true;
1072 }
1073
1074 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1075 if (err < 0)
1076 goto failed;
1077
1078 if (changed)
1079 err = new_settings(hdev, sk);
1080
33ef95ed
JH		 1081 goto failed;
1082 }
1083
1084 if (mgmt_pending_find(MGMT_OP_SET_LINK_SECURITY, hdev)) {
bdb6d971 1085 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
04124681 1086 MGMT_STATUS_BUSY);
33ef95ed
JH		 1087 goto failed;
1088 }
1089
1090 val = !!cp->val;
1091
1092 if (test_bit(HCI_AUTH, &hdev->flags) == val) {
1093 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1094 goto failed;
1095 }
1096
1097 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LINK_SECURITY, hdev, data, len);
1098 if (!cmd) {
1099 err = -ENOMEM;
1100 goto failed;
1101 }
1102
1103 err = hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(val), &val);
1104 if (err < 0) {
1105 mgmt_pending_remove(cmd);
1106 goto failed;
1107 }
1108
1109failed:
1110 hci_dev_unlock(hdev);
33ef95ed
JH		 1111 return err;
1112}
1113
bdb6d971 1114static int set_ssp(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
ed2c4ee3
JH		 1115{
1116 struct mgmt_mode *cp = data;
1117 struct pending_cmd *cmd;
816a11d5 1118 u8 val;
ed2c4ee3
JH		 1119 int err;
1120
bdb6d971 1121 BT_DBG("request for %s", hdev->name);
ed2c4ee3 1122
ed2c4ee3
JH		 1123 hci_dev_lock(hdev);
1124
9a1a1996 1125 if (!lmp_ssp_capable(hdev)) {
bdb6d971 1126 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
04124681 1127 MGMT_STATUS_NOT_SUPPORTED);
6c8f12c1
JH		 1128 goto failed;
1129 }
1130
c0ecddc2
JH		 1131 val = !!cp->val;
1132
4b34ee78 1133 if (!hdev_is_powered(hdev)) {
c0ecddc2
JH		 1134 bool changed = false;
1135
1136 if (val != test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
1137 change_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
1138 changed = true;
1139 }
1140
1141 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1142 if (err < 0)
1143 goto failed;
1144
1145 if (changed)
1146 err = new_settings(hdev, sk);
1147
ed2c4ee3
JH		 1148 goto failed;
1149 }
1150
1151 if (mgmt_pending_find(MGMT_OP_SET_SSP, hdev)) {
d97dcb66
SJ		 1152 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1153 MGMT_STATUS_BUSY);
ed2c4ee3
JH		 1154 goto failed;
1155 }
1156
ed2c4ee3
JH		 1157 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) == val) {
1158 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1159 goto failed;
1160 }
1161
1162 cmd = mgmt_pending_add(sk, MGMT_OP_SET_SSP, hdev, data, len);
1163 if (!cmd) {
1164 err = -ENOMEM;
1165 goto failed;
1166 }
1167
1168 err = hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(val), &val);
1169 if (err < 0) {
1170 mgmt_pending_remove(cmd);
1171 goto failed;
1172 }
1173
1174failed:
1175 hci_dev_unlock(hdev);
ed2c4ee3
JH		 1176 return err;
1177}
1178
bdb6d971 1179static int set_hs(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
6d80dfd0
JH		 1180{
1181 struct mgmt_mode *cp = data;
6d80dfd0 1182
bdb6d971 1183 BT_DBG("request for %s", hdev->name);
6d80dfd0 1184
bdb6d971
JH		 1185 if (!enable_hs)
1186 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
04124681 1187 MGMT_STATUS_NOT_SUPPORTED);
6d80dfd0
JH		 1188
1189 if (cp->val)
1190 set_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1191 else
1192 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1193
bdb6d971 1194 return send_settings_rsp(sk, MGMT_OP_SET_HS, hdev);
6d80dfd0
JH		 1195}
1196
bdb6d971 1197static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
06199cf8
JH		 1198{
1199 struct mgmt_mode *cp = data;
1200 struct hci_cp_write_le_host_supported hci_cp;
1201 struct pending_cmd *cmd;
06199cf8 1202 int err;
0b60eba1 1203 u8 val, enabled;
06199cf8 1204
bdb6d971 1205 BT_DBG("request for %s", hdev->name);
06199cf8 1206
1de028ce
JH		 1207 hci_dev_lock(hdev);
1208
c383ddc4 1209 if (!lmp_le_capable(hdev)) {
bdb6d971 1210 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
04124681 1211 MGMT_STATUS_NOT_SUPPORTED);
1de028ce 1212 goto unlock;
06199cf8
JH		 1213 }
1214
1215 val = !!cp->val;
0b60eba1 1216 enabled = !!(hdev->host_features[0] & LMP_HOST_LE);
06199cf8 1217
0b60eba1 1218 if (!hdev_is_powered(hdev) || val == enabled) {
06199cf8
JH		 1219 bool changed = false;
1220
1221 if (val != test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
1222 change_bit(HCI_LE_ENABLED, &hdev->dev_flags);
1223 changed = true;
1224 }
1225
1226 err = send_settings_rsp(sk, MGMT_OP_SET_LE, hdev);
1227 if (err < 0)
1de028ce 1228 goto unlock;
06199cf8
JH		 1229
1230 if (changed)
1231 err = new_settings(hdev, sk);
1232
1de028ce 1233 goto unlock;
06199cf8
JH		 1234 }
1235
1236 if (mgmt_pending_find(MGMT_OP_SET_LE, hdev)) {
bdb6d971 1237 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
04124681 1238 MGMT_STATUS_BUSY);
1de028ce 1239 goto unlock;
06199cf8
JH		 1240 }
1241
1242 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LE, hdev, data, len);
1243 if (!cmd) {
1244 err = -ENOMEM;
1de028ce 1245 goto unlock;
06199cf8
JH		 1246 }
1247
1248 memset(&hci_cp, 0, sizeof(hci_cp));
1249
1250 if (val) {
1251 hci_cp.le = val;
1252 hci_cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
1253 }
1254
04124681
GP		 1255 err = hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(hci_cp),
1256 &hci_cp);
0c01bc48 1257 if (err < 0)
06199cf8 1258 mgmt_pending_remove(cmd);
06199cf8 1259
1de028ce
JH		 1260unlock:
1261 hci_dev_unlock(hdev);
06199cf8
JH		 1262 return err;
1263}
1264
bdb6d971 1265static int add_uuid(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
2aeb9a1a 1266{
650f726d 1267 struct mgmt_cp_add_uuid *cp = data;
90e70454 1268 struct pending_cmd *cmd;
2aeb9a1a 1269 struct bt_uuid *uuid;
2aeb9a1a
JH		 1270 int err;
1271
bdb6d971 1272 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1273
09fd0de5 1274 hci_dev_lock(hdev);
2aeb9a1a 1275
c95f0ba7 1276 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1277 err = cmd_status(sk, hdev->id, MGMT_OP_ADD_UUID,
04124681 1278 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1279 goto failed;
1280 }
1281
92c4c204 1282 uuid = kmalloc(sizeof(*uuid), GFP_KERNEL);
2aeb9a1a
JH		 1283 if (!uuid) {
1284 err = -ENOMEM;
1285 goto failed;
1286 }
1287
1288 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 1289 uuid->svc_hint = cp->svc_hint;
2aeb9a1a
JH		 1290
1291 list_add(&uuid->list, &hdev->uuids);
1292
1aff6f09
JH		 1293 err = update_class(hdev);
1294 if (err < 0)
1295 goto failed;
1296
80a1e1db
JH		 1297 err = update_eir(hdev);
1298 if (err < 0)
1299 goto failed;
1300
90e70454 1301 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1302 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_UUID, 0,
04124681 1303 hdev->dev_class, 3);
90e70454
JH		 1304 goto failed;
1305 }
1306
1307 cmd = mgmt_pending_add(sk, MGMT_OP_ADD_UUID, hdev, data, len);
0c01bc48 1308 if (!cmd)
90e70454 1309 err = -ENOMEM;
2aeb9a1a
JH		 1310
1311failed:
09fd0de5 1312 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1313 return err;
1314}
1315
24b78d0f
JH		 1316static bool enable_service_cache(struct hci_dev *hdev)
1317{
1318 if (!hdev_is_powered(hdev))
1319 return false;
1320
1321 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
17b02e62 1322 schedule_delayed_work(&hdev->service_cache, CACHE_TIMEOUT);
24b78d0f
JH		 1323 return true;
1324 }
1325
1326 return false;
1327}
1328
bdb6d971 1329static int remove_uuid(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1330 u16 len)
2aeb9a1a 1331{
650f726d 1332 struct mgmt_cp_remove_uuid *cp = data;
90e70454 1333 struct pending_cmd *cmd;
2aeb9a1a 1334 struct list_head *p, *n;
2aeb9a1a 1335 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
2aeb9a1a
JH		 1336 int err, found;
1337
bdb6d971 1338 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1339
09fd0de5 1340 hci_dev_lock(hdev);
2aeb9a1a 1341
c95f0ba7 1342 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1343 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1344 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1345 goto unlock;
1346 }
1347
2aeb9a1a
JH		 1348 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
1349 err = hci_uuids_clear(hdev);
4004b6d9 1350
24b78d0f 1351 if (enable_service_cache(hdev)) {
bdb6d971 1352 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1353 0, hdev->dev_class, 3);
24b78d0f
JH		 1354 goto unlock;
1355 }
4004b6d9 1356
9246a869 1357 goto update_class;
2aeb9a1a
JH		 1358 }
1359
1360 found = 0;
1361
1362 list_for_each_safe(p, n, &hdev->uuids) {
1363 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
1364
1365 if (memcmp(match->uuid, cp->uuid, 16) != 0)
1366 continue;
1367
1368 list_del(&match->list);
1369 found++;
1370 }
1371
1372 if (found == 0) {
bdb6d971 1373 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1374 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a
JH		 1375 goto unlock;
1376 }
1377
9246a869 1378update_class:
1aff6f09
JH		 1379 err = update_class(hdev);
1380 if (err < 0)
1381 goto unlock;
1382
80a1e1db
JH		 1383 err = update_eir(hdev);
1384 if (err < 0)
1385 goto unlock;
1386
90e70454 1387 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1388 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID, 0,
04124681 1389 hdev->dev_class, 3);
90e70454
JH		 1390 goto unlock;
1391 }
1392
1393 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_UUID, hdev, data, len);
0c01bc48 1394 if (!cmd)
90e70454 1395 err = -ENOMEM;
2aeb9a1a
JH		 1396
1397unlock:
09fd0de5 1398 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1399 return err;
1400}
1401
bdb6d971 1402static int set_dev_class(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1403 u16 len)
1aff6f09 1404{
650f726d 1405 struct mgmt_cp_set_dev_class *cp = data;
90e70454 1406 struct pending_cmd *cmd;
1aff6f09
JH		 1407 int err;
1408
bdb6d971 1409 BT_DBG("request for %s", hdev->name);
1aff6f09 1410
09fd0de5 1411 hci_dev_lock(hdev);
1aff6f09 1412
c95f0ba7 1413 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1414 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
04124681 1415 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1416 goto unlock;
1417 }
1418
932f5ff5
JH		 1419 hdev->major_class = cp->major;
1420 hdev->minor_class = cp->minor;
1421
b5235a65 1422 if (!hdev_is_powered(hdev)) {
bdb6d971 1423 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1424 hdev->dev_class, 3);
b5235a65
JH		 1425 goto unlock;
1426 }
1427
a8b2d5c2 1428 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
7d78525d
JH		 1429 hci_dev_unlock(hdev);
1430 cancel_delayed_work_sync(&hdev->service_cache);
1431 hci_dev_lock(hdev);
14c0b608 1432 update_eir(hdev);
7d78525d 1433 }
14c0b608 1434
1aff6f09 1435 err = update_class(hdev);
90e70454
JH		 1436 if (err < 0)
1437 goto unlock;
1aff6f09 1438
90e70454 1439 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1440 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1441 hdev->dev_class, 3);
90e70454
JH		 1442 goto unlock;
1443 }
1444
1445 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DEV_CLASS, hdev, data, len);
0c01bc48 1446 if (!cmd)
90e70454 1447 err = -ENOMEM;
1aff6f09 1448
b5235a65 1449unlock:
09fd0de5 1450 hci_dev_unlock(hdev);
1aff6f09
JH		 1451 return err;
1452}
1453
bdb6d971 1454static int load_link_keys(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1455 u16 len)
55ed8ca1 1456{
650f726d 1457 struct mgmt_cp_load_link_keys *cp = data;
4e51eae9 1458 u16 key_count, expected_len;
a492cd52 1459 int i;
55ed8ca1 1460
1f350c87 1461 key_count = __le16_to_cpu(cp->key_count);
55ed8ca1 1462
86742e1e
JH		 1463 expected_len = sizeof(*cp) + key_count *
1464 sizeof(struct mgmt_link_key_info);
a492cd52 1465 if (expected_len != len) {
86742e1e 1466 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
8ce8e2b5 1467 len, expected_len);
bdb6d971 1468 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
04124681 1469 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1
JH		 1470 }
1471
bdb6d971 1472 BT_DBG("%s debug_keys %u key_count %u", hdev->name, cp->debug_keys,
8ce8e2b5 1473 key_count);
55ed8ca1 1474
09fd0de5 1475 hci_dev_lock(hdev);
55ed8ca1
JH		 1476
1477 hci_link_keys_clear(hdev);
1478
a8b2d5c2 1479 set_bit(HCI_LINK_KEYS, &hdev->dev_flags);
55ed8ca1
JH		 1480
1481 if (cp->debug_keys)
a8b2d5c2 1482 set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1483 else
a8b2d5c2 1484 clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1485
a492cd52 1486 for (i = 0; i < key_count; i++) {
86742e1e 1487 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 1488
d753fdc4 1489 hci_add_link_key(hdev, NULL, 0, &key->addr.bdaddr, key->val,
04124681 1490 key->type, key->pin_len);
55ed8ca1
JH		 1491 }
1492
bdb6d971 1493 cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS, 0, NULL, 0);
0e5f875a 1494
09fd0de5 1495 hci_dev_unlock(hdev);
55ed8ca1 1496
a492cd52 1497 return 0;
55ed8ca1
JH		 1498}
1499
b1078ad0 1500static int device_unpaired(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 1501 u8 addr_type, struct sock *skip_sk)
b1078ad0
JH		 1502{
1503 struct mgmt_ev_device_unpaired ev;
1504
1505 bacpy(&ev.addr.bdaddr, bdaddr);
1506 ev.addr.type = addr_type;
1507
1508 return mgmt_event(MGMT_EV_DEVICE_UNPAIRED, hdev, &ev, sizeof(ev),
04124681 1509 skip_sk);
b1078ad0
JH		 1510}
1511
bdb6d971 1512static int unpair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1513 u16 len)
55ed8ca1 1514{
124f6e35
JH		 1515 struct mgmt_cp_unpair_device *cp = data;
1516 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 1517 struct hci_cp_disconnect dc;
1518 struct pending_cmd *cmd;
55ed8ca1 1519 struct hci_conn *conn;
55ed8ca1
JH		 1520 int err;
1521
09fd0de5 1522 hci_dev_lock(hdev);
55ed8ca1 1523
a8a1d19e 1524 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 1525 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1526 rp.addr.type = cp->addr.type;
a8a1d19e 1527
86a8cfc6 1528 if (!hdev_is_powered(hdev)) {
bdb6d971 1529 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1530 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
86a8cfc6
JH		 1531 goto unlock;
1532 }
1533
591f47f3 1534 if (cp->addr.type == BDADDR_BREDR)
124f6e35
JH		 1535 err = hci_remove_link_key(hdev, &cp->addr.bdaddr);
1536 else
1537 err = hci_remove_ltk(hdev, &cp->addr.bdaddr);
b0dbfb46 1538
55ed8ca1 1539 if (err < 0) {
bdb6d971 1540 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1541 MGMT_STATUS_NOT_PAIRED, &rp, sizeof(rp));
55ed8ca1
JH		 1542 goto unlock;
1543 }
1544
86a8cfc6 1545 if (cp->disconnect) {
591f47f3 1546 if (cp->addr.type == BDADDR_BREDR)
86a8cfc6 1547 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
8ce8e2b5 1548 &cp->addr.bdaddr);
86a8cfc6
JH		 1549 else
1550 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK,
8ce8e2b5 1551 &cp->addr.bdaddr);
86a8cfc6
JH		 1552 } else {
1553 conn = NULL;
1554 }
124f6e35 1555
a8a1d19e 1556 if (!conn) {
bdb6d971 1557 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE, 0,
04124681 1558 &rp, sizeof(rp));
b1078ad0 1559 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
a8a1d19e
JH		 1560 goto unlock;
1561 }
55ed8ca1 1562
124f6e35 1563 cmd = mgmt_pending_add(sk, MGMT_OP_UNPAIR_DEVICE, hdev, cp,
04124681 1564 sizeof(*cp));
a8a1d19e
JH		 1565 if (!cmd) {
1566 err = -ENOMEM;
1567 goto unlock;
55ed8ca1
JH		 1568 }
1569
eb55ef07 1570 dc.handle = cpu_to_le16(conn->handle);
a8a1d19e
JH		 1571 dc.reason = 0x13; /* Remote User Terminated Connection */
1572 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1573 if (err < 0)
1574 mgmt_pending_remove(cmd);
1575
55ed8ca1 1576unlock:
09fd0de5 1577 hci_dev_unlock(hdev);
55ed8ca1
JH		 1578 return err;
1579}
1580
bdb6d971 1581static int disconnect(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1582 u16 len)
8962ee74 1583{
650f726d 1584 struct mgmt_cp_disconnect *cp = data;
8962ee74 1585 struct hci_cp_disconnect dc;
366a0336 1586 struct pending_cmd *cmd;
8962ee74 1587 struct hci_conn *conn;
8962ee74
JH		 1588 int err;
1589
1590 BT_DBG("");
1591
09fd0de5 1592 hci_dev_lock(hdev);
8962ee74
JH		 1593
1594 if (!test_bit(HCI_UP, &hdev->flags)) {
bdb6d971 1595 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1596 MGMT_STATUS_NOT_POWERED);
8962ee74
JH		 1597 goto failed;
1598 }
1599
2e58ef3e 1600 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
bdb6d971 1601 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1602 MGMT_STATUS_BUSY);
8962ee74
JH		 1603 goto failed;
1604 }
1605
591f47f3 1606 if (cp->addr.type == BDADDR_BREDR)
8fc9ced3
GP		 1607 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
1608 &cp->addr.bdaddr);
88c3df13
JH		 1609 else
1610 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr);
365227e5 1611
f960727e 1612 if (!conn || conn->state == BT_OPEN || conn->state == BT_CLOSED) {
bdb6d971 1613 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1614 MGMT_STATUS_NOT_CONNECTED);
8962ee74
JH		 1615 goto failed;
1616 }
1617
2e58ef3e 1618 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
366a0336
JH		 1619 if (!cmd) {
1620 err = -ENOMEM;
8962ee74 1621 goto failed;
366a0336 1622 }
8962ee74 1623
eb55ef07 1624 dc.handle = cpu_to_le16(conn->handle);
3701f944 1625 dc.reason = HCI_ERROR_REMOTE_USER_TERM;
8962ee74
JH		 1626
1627 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1628 if (err < 0)
a664b5bc 1629 mgmt_pending_remove(cmd);
8962ee74
JH		 1630
1631failed:
09fd0de5 1632 hci_dev_unlock(hdev);
8962ee74
JH		 1633 return err;
1634}
1635
57c1477c 1636static u8 link_to_bdaddr(u8 link_type, u8 addr_type)
4c659c39
JH		 1637{
1638 switch (link_type) {
1639 case LE_LINK:
48264f06
JH		 1640 switch (addr_type) {
1641 case ADDR_LE_DEV_PUBLIC:
591f47f3 1642 return BDADDR_LE_PUBLIC;
0ed09148 1643
48264f06 1644 default:
0ed09148 1645 /* Fallback to LE Random address type */
591f47f3 1646 return BDADDR_LE_RANDOM;
48264f06 1647 }
0ed09148 1648
4c659c39 1649 default:
0ed09148 1650 /* Fallback to BR/EDR type */
591f47f3 1651 return BDADDR_BREDR;
4c659c39
JH		 1652 }
1653}
1654
04124681
GP		 1655static int get_connections(struct sock *sk, struct hci_dev *hdev, void *data,
1656 u16 data_len)
2784eb41 1657{
2784eb41 1658 struct mgmt_rp_get_connections *rp;
8035ded4 1659 struct hci_conn *c;
a38528f1 1660 size_t rp_len;
60fc5fb6
JH		 1661 int err;
1662 u16 i;
2784eb41
JH		 1663
1664 BT_DBG("");
1665
09fd0de5 1666 hci_dev_lock(hdev);
2784eb41 1667
5f97c1df 1668 if (!hdev_is_powered(hdev)) {
bdb6d971 1669 err = cmd_status(sk, hdev->id, MGMT_OP_GET_CONNECTIONS,
04124681 1670 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1671 goto unlock;
1672 }
1673
60fc5fb6 1674 i = 0;
b644ba33
JH		 1675 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1676 if (test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
60fc5fb6 1677 i++;
2784eb41
JH		 1678 }
1679
60fc5fb6 1680 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
92c4c204 1681 rp = kmalloc(rp_len, GFP_KERNEL);
a38528f1 1682 if (!rp) {
2784eb41
JH		 1683 err = -ENOMEM;
1684 goto unlock;
1685 }
1686
2784eb41 1687 i = 0;
4c659c39 1688 list_for_each_entry(c, &hdev->conn_hash.list, list) {
b644ba33
JH		 1689 if (!test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
1690 continue;
4c659c39 1691 bacpy(&rp->addr[i].bdaddr, &c->dst);
57c1477c 1692 rp->addr[i].type = link_to_bdaddr(c->type, c->dst_type);
0ed09148 1693 if (c->type == SCO_LINK || c->type == ESCO_LINK)
4c659c39
JH		 1694 continue;
1695 i++;
1696 }
1697
eb55ef07 1698 rp->conn_count = cpu_to_le16(i);
60fc5fb6 1699
4c659c39
JH		 1700 /* Recalculate length in case of filtered SCO connections, etc */
1701 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
2784eb41 1702
bdb6d971 1703 err = cmd_complete(sk, hdev->id, MGMT_OP_GET_CONNECTIONS, 0, rp,
04124681 1704 rp_len);
2784eb41 1705
a38528f1 1706 kfree(rp);
5f97c1df
JH		 1707
1708unlock:
09fd0de5 1709 hci_dev_unlock(hdev);
2784eb41
JH		 1710 return err;
1711}
1712
bdb6d971 1713static int send_pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 1714 struct mgmt_cp_pin_code_neg_reply *cp)
96d97a67
WR		 1715{
1716 struct pending_cmd *cmd;
1717 int err;
1718
2e58ef3e 1719 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
04124681 1720 sizeof(*cp));
96d97a67
WR		 1721 if (!cmd)
1722 return -ENOMEM;
1723
d8457698 1724 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
04124681 1725 sizeof(cp->addr.bdaddr), &cp->addr.bdaddr);
96d97a67
WR		 1726 if (err < 0)
1727 mgmt_pending_remove(cmd);
1728
1729 return err;
1730}
1731
bdb6d971 1732static int pin_code_reply(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1733 u16 len)
980e1a53 1734{
96d97a67 1735 struct hci_conn *conn;
650f726d 1736 struct mgmt_cp_pin_code_reply *cp = data;
980e1a53 1737 struct hci_cp_pin_code_reply reply;
366a0336 1738 struct pending_cmd *cmd;
980e1a53
JH		 1739 int err;
1740
1741 BT_DBG("");
1742
09fd0de5 1743 hci_dev_lock(hdev);
980e1a53 1744
4b34ee78 1745 if (!hdev_is_powered(hdev)) {
bdb6d971 1746 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1747 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1748 goto failed;
1749 }
1750
d8457698 1751 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
96d97a67 1752 if (!conn) {
bdb6d971 1753 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1754 MGMT_STATUS_NOT_CONNECTED);
96d97a67
WR		 1755 goto failed;
1756 }
1757
1758 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
d8457698
JH		 1759 struct mgmt_cp_pin_code_neg_reply ncp;
1760
1761 memcpy(&ncp.addr, &cp->addr, sizeof(ncp.addr));
96d97a67
WR		 1762
1763 BT_ERR("PIN code is not 16 bytes long");
1764
bdb6d971 1765 err = send_pin_code_neg_reply(sk, hdev, &ncp);
96d97a67 1766 if (err >= 0)
bdb6d971 1767 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1768 MGMT_STATUS_INVALID_PARAMS);
96d97a67
WR		 1769
1770 goto failed;
1771 }
1772
00abfe44 1773 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
366a0336
JH		 1774 if (!cmd) {
1775 err = -ENOMEM;
980e1a53 1776 goto failed;
366a0336 1777 }
980e1a53 1778
d8457698 1779 bacpy(&reply.bdaddr, &cp->addr.bdaddr);
980e1a53 1780 reply.pin_len = cp->pin_len;
24718ca5 1781 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 1782
1783 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1784 if (err < 0)
a664b5bc 1785 mgmt_pending_remove(cmd);
980e1a53
JH		 1786
1787failed:
09fd0de5 1788 hci_dev_unlock(hdev);
980e1a53
JH		 1789 return err;
1790}
1791
04124681
GP		 1792static int set_io_capability(struct sock *sk, struct hci_dev *hdev, void *data,
1793 u16 len)
17fa4b9d 1794{
650f726d 1795 struct mgmt_cp_set_io_capability *cp = data;
17fa4b9d
JH		 1796
1797 BT_DBG("");
1798
09fd0de5 1799 hci_dev_lock(hdev);
17fa4b9d
JH		 1800
1801 hdev->io_capability = cp->io_capability;
1802
1803 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
8ce8e2b5 1804 hdev->io_capability);
17fa4b9d 1805
09fd0de5 1806 hci_dev_unlock(hdev);
17fa4b9d 1807
04124681
GP		 1808 return cmd_complete(sk, hdev->id, MGMT_OP_SET_IO_CAPABILITY, 0, NULL,
1809 0);
17fa4b9d
JH		 1810}
1811
6039aa73 1812static struct pending_cmd *find_pairing(struct hci_conn *conn)
e9a416b5
JH		 1813{
1814 struct hci_dev *hdev = conn->hdev;
8035ded4 1815 struct pending_cmd *cmd;
e9a416b5 1816
2e58ef3e 1817 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
e9a416b5
JH		 1818 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1819 continue;
1820
e9a416b5
JH		 1821 if (cmd->user_data != conn)
1822 continue;
1823
1824 return cmd;
1825 }
1826
1827 return NULL;
1828}
1829
1830static void pairing_complete(struct pending_cmd *cmd, u8 status)
1831{
1832 struct mgmt_rp_pair_device rp;
1833 struct hci_conn *conn = cmd->user_data;
1834
ba4e564f 1835 bacpy(&rp.addr.bdaddr, &conn->dst);
57c1477c 1836 rp.addr.type = link_to_bdaddr(conn->type, conn->dst_type);
e9a416b5 1837
aee9b218 1838 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, status,
04124681 1839 &rp, sizeof(rp));
e9a416b5
JH		 1840
1841 /* So we don't get further callbacks for this connection */
1842 conn->connect_cfm_cb = NULL;
1843 conn->security_cfm_cb = NULL;
1844 conn->disconn_cfm_cb = NULL;
1845
1846 hci_conn_put(conn);
1847
a664b5bc 1848 mgmt_pending_remove(cmd);
e9a416b5
JH		 1849}
1850
1851static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1852{
1853 struct pending_cmd *cmd;
1854
1855 BT_DBG("status %u", status);
1856
1857 cmd = find_pairing(conn);
56e5cb86 1858 if (!cmd)
e9a416b5 1859 BT_DBG("Unable to find a pending command");
56e5cb86 1860 else
e211326c 1861 pairing_complete(cmd, mgmt_status(status));
e9a416b5
JH		 1862}
1863
4c47d739
VA		 1864static void le_connect_complete_cb(struct hci_conn *conn, u8 status)
1865{
1866 struct pending_cmd *cmd;
1867
1868 BT_DBG("status %u", status);
1869
1870 if (!status)
1871 return;
1872
1873 cmd = find_pairing(conn);
1874 if (!cmd)
1875 BT_DBG("Unable to find a pending command");
1876 else
1877 pairing_complete(cmd, mgmt_status(status));
1878}
1879
bdb6d971 1880static int pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1881 u16 len)
e9a416b5 1882{
650f726d 1883 struct mgmt_cp_pair_device *cp = data;
1425acb7 1884 struct mgmt_rp_pair_device rp;
e9a416b5
JH		 1885 struct pending_cmd *cmd;
1886 u8 sec_level, auth_type;
1887 struct hci_conn *conn;
e9a416b5
JH		 1888 int err;
1889
1890 BT_DBG("");
1891
09fd0de5 1892 hci_dev_lock(hdev);
e9a416b5 1893
5f97c1df 1894 if (!hdev_is_powered(hdev)) {
bdb6d971 1895 err = cmd_status(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 1896 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1897 goto unlock;
1898 }
1899
c908df36
VCG		 1900 sec_level = BT_SECURITY_MEDIUM;
1901 if (cp->io_cap == 0x03)
e9a416b5 1902 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 1903 else
e9a416b5 1904 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 1905
591f47f3 1906 if (cp->addr.type == BDADDR_BREDR)
b12f62cf
AG		 1907 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr,
1908 cp->addr.type, sec_level, auth_type);
7a512d01 1909 else
b12f62cf
AG		 1910 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr,
1911 cp->addr.type, sec_level, auth_type);
7a512d01 1912
1425acb7
JH		 1913 memset(&rp, 0, sizeof(rp));
1914 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1915 rp.addr.type = cp->addr.type;
1916
30e76272 1917 if (IS_ERR(conn)) {
489dc48e
AK		 1918 int status;
1919
1920 if (PTR_ERR(conn) == -EBUSY)
1921 status = MGMT_STATUS_BUSY;
1922 else
1923 status = MGMT_STATUS_CONNECT_FAILED;
1924
bdb6d971 1925 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
489dc48e 1926 status, &rp,
04124681 1927 sizeof(rp));
e9a416b5
JH		 1928 goto unlock;
1929 }
1930
1931 if (conn->connect_cfm_cb) {
1932 hci_conn_put(conn);
bdb6d971 1933 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 1934 MGMT_STATUS_BUSY, &rp, sizeof(rp));
e9a416b5
JH		 1935 goto unlock;
1936 }
1937
2e58ef3e 1938 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
e9a416b5
JH		 1939 if (!cmd) {
1940 err = -ENOMEM;
1941 hci_conn_put(conn);
1942 goto unlock;
1943 }
1944
7a512d01 1945 /* For LE, just connecting isn't a proof that the pairing finished */
591f47f3 1946 if (cp->addr.type == BDADDR_BREDR)
7a512d01 1947 conn->connect_cfm_cb = pairing_complete_cb;
4c47d739
VA		 1948 else
1949 conn->connect_cfm_cb = le_connect_complete_cb;
7a512d01 1950
e9a416b5
JH		 1951 conn->security_cfm_cb = pairing_complete_cb;
1952 conn->disconn_cfm_cb = pairing_complete_cb;
1953 conn->io_capability = cp->io_cap;
1954 cmd->user_data = conn;
1955
1956 if (conn->state == BT_CONNECTED &&
8ce8e2b5 1957 hci_conn_security(conn, sec_level, auth_type))
e9a416b5
JH		 1958 pairing_complete(cmd, 0);
1959
1960 err = 0;
1961
1962unlock:
09fd0de5 1963 hci_dev_unlock(hdev);
e9a416b5
JH		 1964 return err;
1965}
1966
04124681
GP		 1967static int cancel_pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
1968 u16 len)
28424707 1969{
0f4e68cf 1970 struct mgmt_addr_info *addr = data;
28424707
JH		 1971 struct pending_cmd *cmd;
1972 struct hci_conn *conn;
1973 int err;
1974
1975 BT_DBG("");
1976
28424707
JH		 1977 hci_dev_lock(hdev);
1978
5f97c1df 1979 if (!hdev_is_powered(hdev)) {
bdb6d971 1980 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 1981 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1982 goto unlock;
1983 }
1984
28424707
JH		 1985 cmd = mgmt_pending_find(MGMT_OP_PAIR_DEVICE, hdev);
1986 if (!cmd) {
bdb6d971 1987 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 1988 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 1989 goto unlock;
1990 }
1991
1992 conn = cmd->user_data;
1993
1994 if (bacmp(&addr->bdaddr, &conn->dst) != 0) {
bdb6d971 1995 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 1996 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 1997 goto unlock;
1998 }
1999
2000 pairing_complete(cmd, MGMT_STATUS_CANCELLED);
2001
bdb6d971 2002 err = cmd_complete(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE, 0,
04124681 2003 addr, sizeof(*addr));
28424707
JH		 2004unlock:
2005 hci_dev_unlock(hdev);
28424707
JH		 2006 return err;
2007}
2008
bdb6d971 2009static int user_pairing_resp(struct sock *sk, struct hci_dev *hdev,
04124681
GP		 2010 bdaddr_t *bdaddr, u8 type, u16 mgmt_op,
2011 u16 hci_op, __le32 passkey)
a5c29683 2012{
a5c29683 2013 struct pending_cmd *cmd;
0df4c185 2014 struct hci_conn *conn;
a5c29683
JH		 2015 int err;
2016
09fd0de5 2017 hci_dev_lock(hdev);
08ba5382 2018
4b34ee78 2019 if (!hdev_is_powered(hdev)) {
bdb6d971 2020 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2021 MGMT_STATUS_NOT_POWERED);
0df4c185 2022 goto done;
a5c29683
JH		 2023 }
2024
591f47f3 2025 if (type == BDADDR_BREDR)
272d90df
JH		 2026 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, bdaddr);
2027 else
47c15e2b 2028 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, bdaddr);
272d90df
JH		 2029
2030 if (!conn) {
bdb6d971 2031 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2032 MGMT_STATUS_NOT_CONNECTED);
272d90df
JH		 2033 goto done;
2034 }
47c15e2b 2035
591f47f3 2036 if (type == BDADDR_LE_PUBLIC || type == BDADDR_LE_RANDOM) {
47c15e2b 2037 /* Continue with pairing via SMP */
5fe57d9e
BG		 2038 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
2039
2040 if (!err)
bdb6d971 2041 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2042 MGMT_STATUS_SUCCESS);
5fe57d9e 2043 else
bdb6d971 2044 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2045 MGMT_STATUS_FAILED);
47c15e2b 2046
47c15e2b
BG		 2047 goto done;
2048 }
2049
0df4c185 2050 cmd = mgmt_pending_add(sk, mgmt_op, hdev, bdaddr, sizeof(*bdaddr));
a5c29683
JH		 2051 if (!cmd) {
2052 err = -ENOMEM;
0df4c185 2053 goto done;
a5c29683
JH		 2054 }
2055
0df4c185 2056 /* Continue with pairing via HCI */
604086b7
BG		 2057 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
2058 struct hci_cp_user_passkey_reply cp;
2059
2060 bacpy(&cp.bdaddr, bdaddr);
2061 cp.passkey = passkey;
2062 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
2063 } else
2064 err = hci_send_cmd(hdev, hci_op, sizeof(*bdaddr), bdaddr);
2065
a664b5bc
JH		 2066 if (err < 0)
2067 mgmt_pending_remove(cmd);
a5c29683 2068
0df4c185 2069done:
09fd0de5 2070 hci_dev_unlock(hdev);
a5c29683
JH		 2071 return err;
2072}
2073
afeb019d
JK		 2074static int pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
2075 void *data, u16 len)
2076{
2077 struct mgmt_cp_pin_code_neg_reply *cp = data;
2078
2079 BT_DBG("");
2080
2081 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
2082 MGMT_OP_PIN_CODE_NEG_REPLY,
2083 HCI_OP_PIN_CODE_NEG_REPLY, 0);
2084}
2085
04124681
GP		 2086static int user_confirm_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2087 u16 len)
0df4c185 2088{
650f726d 2089 struct mgmt_cp_user_confirm_reply *cp = data;
0df4c185
BG		 2090
2091 BT_DBG("");
2092
2093 if (len != sizeof(*cp))
bdb6d971 2094 return cmd_status(sk, hdev->id, MGMT_OP_USER_CONFIRM_REPLY,
04124681 2095 MGMT_STATUS_INVALID_PARAMS);
0df4c185 2096
bdb6d971 2097 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2098 MGMT_OP_USER_CONFIRM_REPLY,
2099 HCI_OP_USER_CONFIRM_REPLY, 0);
0df4c185
BG		 2100}
2101
bdb6d971 2102static int user_confirm_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2103 void *data, u16 len)
0df4c185 2104{
c9c2659f 2105 struct mgmt_cp_user_confirm_neg_reply *cp = data;
0df4c185
BG		 2106
2107 BT_DBG("");
2108
bdb6d971 2109 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2110 MGMT_OP_USER_CONFIRM_NEG_REPLY,
2111 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
0df4c185
BG		 2112}
2113
04124681
GP		 2114static int user_passkey_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2115 u16 len)
604086b7 2116{
650f726d 2117 struct mgmt_cp_user_passkey_reply *cp = data;
604086b7
BG		 2118
2119 BT_DBG("");
2120
bdb6d971 2121 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2122 MGMT_OP_USER_PASSKEY_REPLY,
2123 HCI_OP_USER_PASSKEY_REPLY, cp->passkey);
604086b7
BG		 2124}
2125
bdb6d971 2126static int user_passkey_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2127 void *data, u16 len)
604086b7 2128{
650f726d 2129 struct mgmt_cp_user_passkey_neg_reply *cp = data;
604086b7
BG		 2130
2131 BT_DBG("");
2132
bdb6d971 2133 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2134 MGMT_OP_USER_PASSKEY_NEG_REPLY,
2135 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
604086b7
BG		 2136}
2137
2b4bf397
JH		 2138static int update_name(struct hci_dev *hdev, const char *name)
2139{
2140 struct hci_cp_write_local_name cp;
2141
2142 memcpy(cp.name, name, sizeof(cp.name));
2143
2144 return hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(cp), &cp);
2145}
2146
bdb6d971 2147static int set_local_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2148 u16 len)
b312b161 2149{
2b4bf397 2150 struct mgmt_cp_set_local_name *cp = data;
b312b161
JH		 2151 struct pending_cmd *cmd;
2152 int err;
2153
2154 BT_DBG("");
2155
09fd0de5 2156 hci_dev_lock(hdev);
b312b161 2157
2b4bf397 2158 memcpy(hdev->short_name, cp->short_name, sizeof(hdev->short_name));
28cc7bde 2159
b5235a65 2160 if (!hdev_is_powered(hdev)) {
2b4bf397 2161 memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name));
28cc7bde
JH		 2162
2163 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
04124681 2164 data, len);
28cc7bde
JH		 2165 if (err < 0)
2166 goto failed;
2167
2168 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, data, len,
04124681 2169 sk);
28cc7bde 2170
b5235a65
JH		 2171 goto failed;
2172 }
2173
28cc7bde 2174 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
b312b161
JH		 2175 if (!cmd) {
2176 err = -ENOMEM;
2177 goto failed;
2178 }
2179
2b4bf397 2180 err = update_name(hdev, cp->name);
b312b161
JH		 2181 if (err < 0)
2182 mgmt_pending_remove(cmd);
2183
2184failed:
09fd0de5 2185 hci_dev_unlock(hdev);
b312b161
JH		 2186 return err;
2187}
2188
0f4e68cf 2189static int read_local_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2190 void *data, u16 data_len)
c35938b2 2191{
c35938b2
SJ		 2192 struct pending_cmd *cmd;
2193 int err;
2194
bdb6d971 2195 BT_DBG("%s", hdev->name);
c35938b2 2196
09fd0de5 2197 hci_dev_lock(hdev);
c35938b2 2198
4b34ee78 2199 if (!hdev_is_powered(hdev)) {
bdb6d971 2200 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2201 MGMT_STATUS_NOT_POWERED);
c35938b2
SJ		 2202 goto unlock;
2203 }
2204
9a1a1996 2205 if (!lmp_ssp_capable(hdev)) {
bdb6d971 2206 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2207 MGMT_STATUS_NOT_SUPPORTED);
c35938b2
SJ		 2208 goto unlock;
2209 }
2210
2e58ef3e 2211 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
bdb6d971 2212 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2213 MGMT_STATUS_BUSY);
c35938b2
SJ		 2214 goto unlock;
2215 }
2216
2e58ef3e 2217 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
c35938b2
SJ		 2218 if (!cmd) {
2219 err = -ENOMEM;
2220 goto unlock;
2221 }
2222
2223 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
2224 if (err < 0)
2225 mgmt_pending_remove(cmd);
2226
2227unlock:
09fd0de5 2228 hci_dev_unlock(hdev);
c35938b2
SJ		 2229 return err;
2230}
2231
bdb6d971 2232static int add_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2233 void *data, u16 len)
2763eda6 2234{
650f726d 2235 struct mgmt_cp_add_remote_oob_data *cp = data;
bf1e3541 2236 u8 status;
2763eda6
SJ		 2237 int err;
2238
bdb6d971 2239 BT_DBG("%s ", hdev->name);
2763eda6 2240
09fd0de5 2241 hci_dev_lock(hdev);
2763eda6 2242
5f97c1df 2243 if (!hdev_is_powered(hdev)) {
bdb6d971 2244 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA,
04124681
GP		 2245 MGMT_STATUS_NOT_POWERED, &cp->addr,
2246 sizeof(cp->addr));
5f97c1df
JH		 2247 goto unlock;
2248 }
2249
664ce4cc 2250 err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, cp->hash,
04124681 2251 cp->randomizer);
2763eda6 2252 if (err < 0)
bf1e3541 2253 status = MGMT_STATUS_FAILED;
2763eda6 2254 else
bf1e3541
JH		 2255 status = 0;
2256
bdb6d971 2257 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA, status,
04124681 2258 &cp->addr, sizeof(cp->addr));
2763eda6 2259
5f97c1df 2260unlock:
09fd0de5 2261 hci_dev_unlock(hdev);
2763eda6
SJ		 2262 return err;
2263}
2264
bdb6d971 2265static int remove_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
8ce8e2b5 2266 void *data, u16 len)
2763eda6 2267{
650f726d 2268 struct mgmt_cp_remove_remote_oob_data *cp = data;
bf1e3541 2269 u8 status;
2763eda6
SJ		 2270 int err;
2271
bdb6d971 2272 BT_DBG("%s", hdev->name);
2763eda6 2273
09fd0de5 2274 hci_dev_lock(hdev);
2763eda6 2275
5f97c1df 2276 if (!hdev_is_powered(hdev)) {
bdb6d971 2277 err = cmd_complete(sk, hdev->id,
04124681
GP		 2278 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
2279 MGMT_STATUS_NOT_POWERED, &cp->addr,
2280 sizeof(cp->addr));
5f97c1df
JH		 2281 goto unlock;
2282 }
2283
664ce4cc 2284 err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr);
2763eda6 2285 if (err < 0)
bf1e3541 2286 status = MGMT_STATUS_INVALID_PARAMS;
2763eda6 2287 else
bf1e3541
JH		 2288 status = 0;
2289
bdb6d971 2290 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
04124681 2291 status, &cp->addr, sizeof(cp->addr));
2763eda6 2292
5f97c1df 2293unlock:
09fd0de5 2294 hci_dev_unlock(hdev);
2763eda6
SJ		 2295 return err;
2296}
2297
5e0452c0
AG		 2298int mgmt_interleaved_discovery(struct hci_dev *hdev)
2299{
2300 int err;
2301
2302 BT_DBG("%s", hdev->name);
2303
2304 hci_dev_lock(hdev);
2305
2306 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR_LE);
2307 if (err < 0)
2308 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2309
2310 hci_dev_unlock(hdev);
2311
2312 return err;
2313}
2314
bdb6d971 2315static int start_discovery(struct sock *sk, struct hci_dev *hdev,
04124681 2316 void *data, u16 len)
14a53664 2317{
650f726d 2318 struct mgmt_cp_start_discovery *cp = data;
14a53664 2319 struct pending_cmd *cmd;
14a53664
JH		 2320 int err;
2321
bdb6d971 2322 BT_DBG("%s", hdev->name);
14a53664 2323
09fd0de5 2324 hci_dev_lock(hdev);
14a53664 2325
4b34ee78 2326 if (!hdev_is_powered(hdev)) {
bdb6d971 2327 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2328 MGMT_STATUS_NOT_POWERED);
bd2d1334
JH		 2329 goto failed;
2330 }
2331
642be6c7
AG		 2332 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags)) {
2333 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2334 MGMT_STATUS_BUSY);
2335 goto failed;
2336 }
2337
ff9ef578 2338 if (hdev->discovery.state != DISCOVERY_STOPPED) {
bdb6d971 2339 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2340 MGMT_STATUS_BUSY);
ff9ef578
JH		 2341 goto failed;
2342 }
2343
2e58ef3e 2344 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2345 if (!cmd) {
2346 err = -ENOMEM;
2347 goto failed;
2348 }
2349
4aab14e5
AG		 2350 hdev->discovery.type = cp->type;
2351
2352 switch (hdev->discovery.type) {
f39799f5 2353 case DISCOV_TYPE_BREDR:
8b90129c
AG		 2354 if (lmp_bredr_capable(hdev))
2355 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
2356 else
2357 err = -ENOTSUPP;
f39799f5
AG		 2358 break;
2359
2360 case DISCOV_TYPE_LE:
8b90129c
AG		 2361 if (lmp_host_le_capable(hdev))
2362 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
04124681 2363 LE_SCAN_WIN, LE_SCAN_TIMEOUT_LE_ONLY);
8b90129c
AG		 2364 else
2365 err = -ENOTSUPP;
f39799f5
AG		 2366 break;
2367
5e0452c0 2368 case DISCOV_TYPE_INTERLEAVED:
426c189a
AG		 2369 if (lmp_host_le_capable(hdev) && lmp_bredr_capable(hdev))
2370 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
04124681
GP		 2371 LE_SCAN_WIN,
2372 LE_SCAN_TIMEOUT_BREDR_LE);
426c189a
AG		 2373 else
2374 err = -ENOTSUPP;
5e0452c0
AG		 2375 break;
2376
f39799f5 2377 default:
3fd24153 2378 err = -EINVAL;
f39799f5 2379 }
3fd24153 2380
14a53664
JH		 2381 if (err < 0)
2382 mgmt_pending_remove(cmd);
ff9ef578
JH		 2383 else
2384 hci_discovery_set_state(hdev, DISCOVERY_STARTING);
14a53664
JH		 2385
2386failed:
09fd0de5 2387 hci_dev_unlock(hdev);
14a53664
JH		 2388 return err;
2389}
2390
bdb6d971 2391static int stop_discovery(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2392 u16 len)
14a53664 2393{
d930650b 2394 struct mgmt_cp_stop_discovery *mgmt_cp = data;
14a53664 2395 struct pending_cmd *cmd;
30dc78e1
JH		 2396 struct hci_cp_remote_name_req_cancel cp;
2397 struct inquiry_entry *e;
14a53664
JH		 2398 int err;
2399
bdb6d971 2400 BT_DBG("%s", hdev->name);
14a53664 2401
09fd0de5 2402 hci_dev_lock(hdev);
14a53664 2403
30dc78e1 2404 if (!hci_discovery_active(hdev)) {
bdb6d971 2405 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2406 MGMT_STATUS_REJECTED, &mgmt_cp->type,
2407 sizeof(mgmt_cp->type));
d930650b
JH		 2408 goto unlock;
2409 }
2410
2411 if (hdev->discovery.type != mgmt_cp->type) {
bdb6d971 2412 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2413 MGMT_STATUS_INVALID_PARAMS, &mgmt_cp->type,
2414 sizeof(mgmt_cp->type));
30dc78e1 2415 goto unlock;
ff9ef578
JH		 2416 }
2417
2e58ef3e 2418 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2419 if (!cmd) {
2420 err = -ENOMEM;
30dc78e1
JH		 2421 goto unlock;
2422 }
2423
e0d9727e
AG		 2424 switch (hdev->discovery.state) {
2425 case DISCOVERY_FINDING:
c9ecc48e
AG		 2426 if (test_bit(HCI_INQUIRY, &hdev->flags))
2427 err = hci_cancel_inquiry(hdev);
2428 else
2429 err = hci_cancel_le_scan(hdev);
2430
e0d9727e
AG		 2431 break;
2432
2433 case DISCOVERY_RESOLVING:
2434 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY,
8ce8e2b5 2435 NAME_PENDING);
e0d9727e 2436 if (!e) {
30dc78e1 2437 mgmt_pending_remove(cmd);
e0d9727e
AG		 2438 err = cmd_complete(sk, hdev->id,
2439 MGMT_OP_STOP_DISCOVERY, 0,
2440 &mgmt_cp->type,
2441 sizeof(mgmt_cp->type));
2442 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2443 goto unlock;
2444 }
30dc78e1 2445
e0d9727e
AG		 2446 bacpy(&cp.bdaddr, &e->data.bdaddr);
2447 err = hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ_CANCEL,
2448 sizeof(cp), &cp);
2449
2450 break;
2451
2452 default:
2453 BT_DBG("unknown discovery state %u", hdev->discovery.state);
2454 err = -EFAULT;
14a53664
JH		 2455 }
2456
14a53664
JH		 2457 if (err < 0)
2458 mgmt_pending_remove(cmd);
ff9ef578
JH		 2459 else
2460 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
14a53664 2461
30dc78e1 2462unlock:
09fd0de5 2463 hci_dev_unlock(hdev);
14a53664
JH		 2464 return err;
2465}
2466
bdb6d971 2467static int confirm_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2468 u16 len)
561aafbc 2469{
650f726d 2470 struct mgmt_cp_confirm_name *cp = data;
561aafbc 2471 struct inquiry_entry *e;
561aafbc
JH		 2472 int err;
2473
bdb6d971 2474 BT_DBG("%s", hdev->name);
561aafbc 2475
561aafbc
JH		 2476 hci_dev_lock(hdev);
2477
30dc78e1 2478 if (!hci_discovery_active(hdev)) {
bdb6d971 2479 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2480 MGMT_STATUS_FAILED);
30dc78e1
JH		 2481 goto failed;
2482 }
2483
a198e7b1 2484 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->addr.bdaddr);
561aafbc 2485 if (!e) {
bdb6d971 2486 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2487 MGMT_STATUS_INVALID_PARAMS);
561aafbc
JH		 2488 goto failed;
2489 }
2490
2491 if (cp->name_known) {
2492 e->name_state = NAME_KNOWN;
2493 list_del(&e->list);
2494 } else {
2495 e->name_state = NAME_NEEDED;
a3d4e20a 2496 hci_inquiry_cache_update_resolve(hdev, e);
561aafbc
JH		 2497 }
2498
2499 err = 0;
2500
2501failed:
2502 hci_dev_unlock(hdev);
561aafbc
JH		 2503 return err;
2504}
2505
bdb6d971 2506static int block_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2507 u16 len)
7fbec224 2508{
650f726d 2509 struct mgmt_cp_block_device *cp = data;
f0eeea8b 2510 u8 status;
7fbec224
AJ		 2511 int err;
2512
bdb6d971 2513 BT_DBG("%s", hdev->name);
7fbec224 2514
09fd0de5 2515 hci_dev_lock(hdev);
5e762444 2516
88c1fe4b 2517 err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2518 if (err < 0)
f0eeea8b 2519 status = MGMT_STATUS_FAILED;
7fbec224 2520 else
f0eeea8b
JH		 2521 status = 0;
2522
bdb6d971 2523 err = cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE, status,
04124681 2524 &cp->addr, sizeof(cp->addr));
5e762444 2525
09fd0de5 2526 hci_dev_unlock(hdev);
7fbec224
AJ		 2527
2528 return err;
2529}
2530
bdb6d971 2531static int unblock_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2532 u16 len)
7fbec224 2533{
650f726d 2534 struct mgmt_cp_unblock_device *cp = data;
f0eeea8b 2535 u8 status;
7fbec224
AJ		 2536 int err;
2537
bdb6d971 2538 BT_DBG("%s", hdev->name);
7fbec224 2539
09fd0de5 2540 hci_dev_lock(hdev);
5e762444 2541
88c1fe4b 2542 err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2543 if (err < 0)
f0eeea8b 2544 status = MGMT_STATUS_INVALID_PARAMS;
7fbec224 2545 else
f0eeea8b
JH		 2546 status = 0;
2547
bdb6d971 2548 err = cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE, status,
04124681 2549 &cp->addr, sizeof(cp->addr));
5e762444 2550
09fd0de5 2551 hci_dev_unlock(hdev);
7fbec224
AJ		 2552
2553 return err;
2554}
2555
cdbaccca
MH		 2556static int set_device_id(struct sock *sk, struct hci_dev *hdev, void *data,
2557 u16 len)
2558{
2559 struct mgmt_cp_set_device_id *cp = data;
2560 int err;
c72d4b8a 2561 __u16 source;
cdbaccca
MH		 2562
2563 BT_DBG("%s", hdev->name);
2564
c72d4b8a
SJ		 2565 source = __le16_to_cpu(cp->source);
2566
2567 if (source > 0x0002)
2568 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEVICE_ID,
2569 MGMT_STATUS_INVALID_PARAMS);
2570
cdbaccca
MH		 2571 hci_dev_lock(hdev);
2572
c72d4b8a 2573 hdev->devid_source = source;
cdbaccca
MH		 2574 hdev->devid_vendor = __le16_to_cpu(cp->vendor);
2575 hdev->devid_product = __le16_to_cpu(cp->product);
2576 hdev->devid_version = __le16_to_cpu(cp->version);
2577
2578 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEVICE_ID, 0, NULL, 0);
2579
2580 update_eir(hdev);
2581
2582 hci_dev_unlock(hdev);
2583
2584 return err;
2585}
2586
bdb6d971 2587static int set_fast_connectable(struct sock *sk, struct hci_dev *hdev,
04124681 2588 void *data, u16 len)
f6422ec6 2589{
650f726d 2590 struct mgmt_mode *cp = data;
f6422ec6
AJ		 2591 struct hci_cp_write_page_scan_activity acp;
2592 u8 type;
2593 int err;
2594
bdb6d971 2595 BT_DBG("%s", hdev->name);
f6422ec6 2596
5400c044 2597 if (!hdev_is_powered(hdev))
bdb6d971 2598 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2599 MGMT_STATUS_NOT_POWERED);
5400c044
JH		 2600
2601 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
bdb6d971 2602 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2603 MGMT_STATUS_REJECTED);
f6422ec6
AJ		 2604
2605 hci_dev_lock(hdev);
2606
f7c6869c 2607 if (cp->val) {
f6422ec6 2608 type = PAGE_SCAN_TYPE_INTERLACED;
76ec9de8 2609
83ce9a06
JH		 2610 /* 160 msec page scan interval */
2611 acp.interval = __constant_cpu_to_le16(0x0100);
f6422ec6
AJ		 2612 } else {
2613 type = PAGE_SCAN_TYPE_STANDARD; /* default */
76ec9de8
AE		 2614
2615 /* default 1.28 sec page scan */
2616 acp.interval = __constant_cpu_to_le16(0x0800);
f6422ec6
AJ		 2617 }
2618
76ec9de8
AE		 2619 /* default 11.25 msec page scan window */
2620 acp.window = __constant_cpu_to_le16(0x0012);
f6422ec6 2621
04124681
GP		 2622 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY, sizeof(acp),
2623 &acp);
f6422ec6 2624 if (err < 0) {
bdb6d971 2625 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2626 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2627 goto done;
2628 }
2629
2630 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
2631 if (err < 0) {
bdb6d971 2632 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2633 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2634 goto done;
2635 }
2636
bdb6d971 2637 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE, 0,
04124681 2638 NULL, 0);
f6422ec6
AJ		 2639done:
2640 hci_dev_unlock(hdev);
f6422ec6
AJ		 2641 return err;
2642}
2643
bdb6d971 2644static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
04124681 2645 void *cp_data, u16 len)
346af67b 2646{
346af67b
VCG		 2647 struct mgmt_cp_load_long_term_keys *cp = cp_data;
2648 u16 key_count, expected_len;
2649 int i;
2650
1f350c87 2651 key_count = __le16_to_cpu(cp->key_count);
346af67b
VCG		 2652
2653 expected_len = sizeof(*cp) + key_count *
2654 sizeof(struct mgmt_ltk_info);
2655 if (expected_len != len) {
2656 BT_ERR("load_keys: expected %u bytes, got %u bytes",
8ce8e2b5 2657 len, expected_len);
bdb6d971 2658 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS,
04124681 2659 EINVAL);
346af67b
VCG		 2660 }
2661
bdb6d971 2662 BT_DBG("%s key_count %u", hdev->name, key_count);
346af67b
VCG		 2663
2664 hci_dev_lock(hdev);
2665
2666 hci_smp_ltks_clear(hdev);
2667
2668 for (i = 0; i < key_count; i++) {
2669 struct mgmt_ltk_info *key = &cp->keys[i];
2670 u8 type;
2671
2672 if (key->master)
2673 type = HCI_SMP_LTK;
2674 else
2675 type = HCI_SMP_LTK_SLAVE;
2676
4596fde5 2677 hci_add_ltk(hdev, &key->addr.bdaddr,
378b5b7e 2678 bdaddr_to_le(key->addr.type),
04124681
GP		 2679 type, 0, key->authenticated, key->val,
2680 key->enc_size, key->ediv, key->rand);
346af67b
VCG		 2681 }
2682
2683 hci_dev_unlock(hdev);
346af67b
VCG		 2684
2685 return 0;
2686}
2687
2e3c35ea 2688static const struct mgmt_handler {
04124681
GP		 2689 int (*func) (struct sock *sk, struct hci_dev *hdev, void *data,
2690 u16 data_len);
be22b54e
JH		 2691 bool var_len;
2692 size_t data_len;
0f4e68cf
JH		 2693} mgmt_handlers[] = {
2694 { NULL }, /* 0x0000 (no command) */
be22b54e
JH		 2695 { read_version, false, MGMT_READ_VERSION_SIZE },
2696 { read_commands, false, MGMT_READ_COMMANDS_SIZE },
2697 { read_index_list, false, MGMT_READ_INDEX_LIST_SIZE },
2698 { read_controller_info, false, MGMT_READ_INFO_SIZE },
2699 { set_powered, false, MGMT_SETTING_SIZE },
2700 { set_discoverable, false, MGMT_SET_DISCOVERABLE_SIZE },
2701 { set_connectable, false, MGMT_SETTING_SIZE },
2702 { set_fast_connectable, false, MGMT_SETTING_SIZE },
2703 { set_pairable, false, MGMT_SETTING_SIZE },
2704 { set_link_security, false, MGMT_SETTING_SIZE },
2705 { set_ssp, false, MGMT_SETTING_SIZE },
2706 { set_hs, false, MGMT_SETTING_SIZE },
2707 { set_le, false, MGMT_SETTING_SIZE },
2708 { set_dev_class, false, MGMT_SET_DEV_CLASS_SIZE },
2709 { set_local_name, false, MGMT_SET_LOCAL_NAME_SIZE },
2710 { add_uuid, false, MGMT_ADD_UUID_SIZE },
2711 { remove_uuid, false, MGMT_REMOVE_UUID_SIZE },
2712 { load_link_keys, true, MGMT_LOAD_LINK_KEYS_SIZE },
2713 { load_long_term_keys, true, MGMT_LOAD_LONG_TERM_KEYS_SIZE },
2714 { disconnect, false, MGMT_DISCONNECT_SIZE },
2715 { get_connections, false, MGMT_GET_CONNECTIONS_SIZE },
2716 { pin_code_reply, false, MGMT_PIN_CODE_REPLY_SIZE },
2717 { pin_code_neg_reply, false, MGMT_PIN_CODE_NEG_REPLY_SIZE },
2718 { set_io_capability, false, MGMT_SET_IO_CAPABILITY_SIZE },
2719 { pair_device, false, MGMT_PAIR_DEVICE_SIZE },
2720 { cancel_pair_device, false, MGMT_CANCEL_PAIR_DEVICE_SIZE },
2721 { unpair_device, false, MGMT_UNPAIR_DEVICE_SIZE },
2722 { user_confirm_reply, false, MGMT_USER_CONFIRM_REPLY_SIZE },
2723 { user_confirm_neg_reply, false, MGMT_USER_CONFIRM_NEG_REPLY_SIZE },
2724 { user_passkey_reply, false, MGMT_USER_PASSKEY_REPLY_SIZE },
2725 { user_passkey_neg_reply, false, MGMT_USER_PASSKEY_NEG_REPLY_SIZE },
2726 { read_local_oob_data, false, MGMT_READ_LOCAL_OOB_DATA_SIZE },
2727 { add_remote_oob_data, false, MGMT_ADD_REMOTE_OOB_DATA_SIZE },
2728 { remove_remote_oob_data, false, MGMT_REMOVE_REMOTE_OOB_DATA_SIZE },
2729 { start_discovery, false, MGMT_START_DISCOVERY_SIZE },
2730 { stop_discovery, false, MGMT_STOP_DISCOVERY_SIZE },
2731 { confirm_name, false, MGMT_CONFIRM_NAME_SIZE },
2732 { block_device, false, MGMT_BLOCK_DEVICE_SIZE },
2733 { unblock_device, false, MGMT_UNBLOCK_DEVICE_SIZE },
cdbaccca 2734 { set_device_id, false, MGMT_SET_DEVICE_ID_SIZE },
0f4e68cf
JH		 2735};
2736
2737
0381101f
JH		 2738int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
2739{
650f726d
VCG		 2740 void *buf;
2741 u8 *cp;
0381101f 2742 struct mgmt_hdr *hdr;
4e51eae9 2743 u16 opcode, index, len;
bdb6d971 2744 struct hci_dev *hdev = NULL;
2e3c35ea 2745 const struct mgmt_handler *handler;
0381101f
JH		 2746 int err;
2747
2748 BT_DBG("got %zu bytes", msglen);
2749
2750 if (msglen < sizeof(*hdr))
2751 return -EINVAL;
2752
e63a15ec 2753 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 2754 if (!buf)
2755 return -ENOMEM;
2756
2757 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
2758 err = -EFAULT;
2759 goto done;
2760 }
2761
650f726d 2762 hdr = buf;
1f350c87
MH		 2763 opcode = __le16_to_cpu(hdr->opcode);
2764 index = __le16_to_cpu(hdr->index);
2765 len = __le16_to_cpu(hdr->len);
0381101f
JH		 2766
2767 if (len != msglen - sizeof(*hdr)) {
2768 err = -EINVAL;
2769 goto done;
2770 }
2771
0f4e68cf 2772 if (index != MGMT_INDEX_NONE) {
bdb6d971
JH		 2773 hdev = hci_dev_get(index);
2774 if (!hdev) {
2775 err = cmd_status(sk, index, opcode,
04124681 2776 MGMT_STATUS_INVALID_INDEX);
bdb6d971
JH		 2777 goto done;
2778 }
2779 }
2780
0f4e68cf 2781 if (opcode >= ARRAY_SIZE(mgmt_handlers) ||
8ce8e2b5 2782 mgmt_handlers[opcode].func == NULL) {
0381101f 2783 BT_DBG("Unknown op %u", opcode);
ca69b795 2784 err = cmd_status(sk, index, opcode,
04124681 2785 MGMT_STATUS_UNKNOWN_COMMAND);
0f4e68cf
JH		 2786 goto done;
2787 }
2788
2789 if ((hdev && opcode < MGMT_OP_READ_INFO) ||
8ce8e2b5 2790 (!hdev && opcode >= MGMT_OP_READ_INFO)) {
0f4e68cf 2791 err = cmd_status(sk, index, opcode,
04124681 2792 MGMT_STATUS_INVALID_INDEX);
0f4e68cf 2793 goto done;
0381101f
JH		 2794 }
2795
be22b54e
JH		 2796 handler = &mgmt_handlers[opcode];
2797
2798 if ((handler->var_len && len < handler->data_len) ||
8ce8e2b5 2799 (!handler->var_len && len != handler->data_len)) {
be22b54e 2800 err = cmd_status(sk, index, opcode,
04124681 2801 MGMT_STATUS_INVALID_PARAMS);
be22b54e
JH		 2802 goto done;
2803 }
2804
0f4e68cf
JH		 2805 if (hdev)
2806 mgmt_init_hdev(sk, hdev);
2807
2808 cp = buf + sizeof(*hdr);
2809
be22b54e 2810 err = handler->func(sk, hdev, cp, len);
e41d8b4e
JH		 2811 if (err < 0)
2812 goto done;
2813
0381101f
JH		 2814 err = msglen;
2815
2816done:
bdb6d971
JH		 2817 if (hdev)
2818 hci_dev_put(hdev);
2819
0381101f
JH		 2820 kfree(buf);
2821 return err;
2822}
c71e97bf 2823
b24752fe
JH		 2824static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
2825{
2826 u8 *status = data;
2827
2828 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
2829 mgmt_pending_remove(cmd);
2830}
2831
744cf19e 2832int mgmt_index_added(struct hci_dev *hdev)
c71e97bf 2833{
bb4b2a9a
AE		 2834 if (!mgmt_valid_hdev(hdev))
2835 return -ENOTSUPP;
2836
744cf19e 2837 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
c71e97bf
JH		 2838}
2839
744cf19e 2840int mgmt_index_removed(struct hci_dev *hdev)
c71e97bf 2841{
5f159032 2842 u8 status = MGMT_STATUS_INVALID_INDEX;
b24752fe 2843
bb4b2a9a
AE		 2844 if (!mgmt_valid_hdev(hdev))
2845 return -ENOTSUPP;
2846
744cf19e 2847 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe 2848
744cf19e 2849 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
eec8d2bc
JH		 2850}
2851
73f22f62 2852struct cmd_lookup {
eec8d2bc 2853 struct sock *sk;
69ab39ea 2854 struct hci_dev *hdev;
90e70454 2855 u8 mgmt_status;
eec8d2bc
JH		 2856};
2857
69ab39ea 2858static void settings_rsp(struct pending_cmd *cmd, void *data)
eec8d2bc 2859{
73f22f62 2860 struct cmd_lookup *match = data;
eec8d2bc 2861
69ab39ea 2862 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
eec8d2bc
JH		 2863
2864 list_del(&cmd->list);
2865
2866 if (match->sk == NULL) {
2867 match->sk = cmd->sk;
2868 sock_hold(match->sk);
2869 }
2870
2871 mgmt_pending_free(cmd);
c71e97bf 2872}
5add6af8 2873
7f0ae647
JH		 2874static int set_bredr_scan(struct hci_dev *hdev)
2875{
2876 u8 scan = 0;
2877
2878 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2879 scan |= SCAN_PAGE;
2880 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2881 scan |= SCAN_INQUIRY;
2882
2883 if (!scan)
2884 return 0;
2885
2886 return hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
2887}
2888
744cf19e 2889int mgmt_powered(struct hci_dev *hdev, u8 powered)
5add6af8 2890{
76a7f3a4 2891 struct cmd_lookup match = { NULL, hdev };
7bb895d6 2892 int err;
5add6af8 2893
5e5282bb
JH		 2894 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
2895 return 0;
2896
69ab39ea 2897 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
5add6af8 2898
5e5282bb 2899 if (powered) {
3d1cbdd6
AK		 2900 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
2901 u8 ssp = 1;
2902
2903 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, 1, &ssp);
2904 }
2905
562fcc24
AK		 2906 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
2907 struct hci_cp_write_le_host_supported cp;
2908
2909 cp.le = 1;
2910 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
2911
2912 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED,
2913 sizeof(cp), &cp);
2914 }
2915
7f0ae647
JH		 2916 if (lmp_bredr_capable(hdev)) {
2917 set_bredr_scan(hdev);
2918 update_class(hdev);
2919 update_name(hdev, hdev->dev_name);
2920 update_eir(hdev);
2921 }
5e5282bb 2922 } else {
d4f68526 2923 u8 status = MGMT_STATUS_NOT_POWERED;
744cf19e 2924 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe
JH		 2925 }
2926
beadb2bd 2927 err = new_settings(hdev, match.sk);
eec8d2bc
JH		 2928
2929 if (match.sk)
2930 sock_put(match.sk);
2931
7bb895d6 2932 return err;
5add6af8 2933}
73f22f62 2934
744cf19e 2935int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
73f22f62 2936{
76a7f3a4 2937 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 2938 bool changed = false;
2939 int err = 0;
73f22f62 2940
5e5282bb
JH		 2941 if (discoverable) {
2942 if (!test_and_set_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2943 changed = true;
2944 } else {
2945 if (test_and_clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2946 changed = true;
2947 }
73f22f62 2948
ed9b5f2f 2949 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp,
04124681 2950 &match);
ed9b5f2f 2951
beadb2bd
JH		 2952 if (changed)
2953 err = new_settings(hdev, match.sk);
5e5282bb 2954
73f22f62
JH		 2955 if (match.sk)
2956 sock_put(match.sk);
2957
7bb895d6 2958 return err;
73f22f62 2959}
9fbcbb45 2960
744cf19e 2961int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
9fbcbb45 2962{
76a7f3a4 2963 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 2964 bool changed = false;
2965 int err = 0;
9fbcbb45 2966
5e5282bb
JH		 2967 if (connectable) {
2968 if (!test_and_set_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2969 changed = true;
2970 } else {
2971 if (test_and_clear_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2972 changed = true;
2973 }
9fbcbb45 2974
ed9b5f2f 2975 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, settings_rsp,
04124681 2976 &match);
ed9b5f2f 2977
beadb2bd
JH		 2978 if (changed)
2979 err = new_settings(hdev, match.sk);
9fbcbb45
JH		 2980
2981 if (match.sk)
2982 sock_put(match.sk);
2983
7bb895d6 2984 return err;
9fbcbb45 2985}
55ed8ca1 2986
744cf19e 2987int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2d7cee58 2988{
ca69b795
JH		 2989 u8 mgmt_err = mgmt_status(status);
2990
2d7cee58 2991 if (scan & SCAN_PAGE)
744cf19e 2992 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
04124681 2993 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 2994
2995 if (scan & SCAN_INQUIRY)
744cf19e 2996 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
04124681 2997 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 2998
2999 return 0;
3000}
3001
53168e5b
CC		 3002int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
3003 bool persistent)
55ed8ca1 3004{
86742e1e 3005 struct mgmt_ev_new_link_key ev;
55ed8ca1 3006
a492cd52 3007 memset(&ev, 0, sizeof(ev));
55ed8ca1 3008
a492cd52 3009 ev.store_hint = persistent;
d753fdc4 3010 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
591f47f3 3011 ev.key.addr.type = BDADDR_BREDR;
a492cd52 3012 ev.key.type = key->type;
9b3b4460 3013 memcpy(ev.key.val, key->val, HCI_LINK_KEY_SIZE);
a492cd52 3014 ev.key.pin_len = key->pin_len;
55ed8ca1 3015
744cf19e 3016 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
55ed8ca1 3017}
f7520543 3018
346af67b
VCG		 3019int mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key, u8 persistent)
3020{
3021 struct mgmt_ev_new_long_term_key ev;
3022
3023 memset(&ev, 0, sizeof(ev));
3024
3025 ev.store_hint = persistent;
3026 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
57c1477c 3027 ev.key.addr.type = link_to_bdaddr(LE_LINK, key->bdaddr_type);
346af67b
VCG		 3028 ev.key.authenticated = key->authenticated;
3029 ev.key.enc_size = key->enc_size;
3030 ev.key.ediv = key->ediv;
3031
3032 if (key->type == HCI_SMP_LTK)
3033 ev.key.master = 1;
3034
3035 memcpy(ev.key.rand, key->rand, sizeof(key->rand));
3036 memcpy(ev.key.val, key->val, sizeof(key->val));
3037
04124681
GP		 3038 return mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY, hdev, &ev, sizeof(ev),
3039 NULL);
346af67b
VCG		 3040}
3041
afc747a6 3042int mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 3043 u8 addr_type, u32 flags, u8 *name, u8 name_len,
3044 u8 *dev_class)
f7520543 3045{
b644ba33
JH		 3046 char buf[512];
3047 struct mgmt_ev_device_connected *ev = (void *) buf;
3048 u16 eir_len = 0;
f7520543 3049
b644ba33 3050 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3051 ev->addr.type = link_to_bdaddr(link_type, addr_type);
f7520543 3052
c95f0ba7 3053 ev->flags = __cpu_to_le32(flags);
08c79b61 3054
b644ba33
JH		 3055 if (name_len > 0)
3056 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE,
04124681 3057 name, name_len);
b644ba33
JH		 3058
3059 if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0)
53156385 3060 eir_len = eir_append_data(ev->eir, eir_len,
04124681 3061 EIR_CLASS_OF_DEV, dev_class, 3);
b644ba33 3062
eb55ef07 3063 ev->eir_len = cpu_to_le16(eir_len);
b644ba33
JH		 3064
3065 return mgmt_event(MGMT_EV_DEVICE_CONNECTED, hdev, buf,
04124681 3066 sizeof(*ev) + eir_len, NULL);
f7520543
JH		 3067}
3068
8962ee74
JH		 3069static void disconnect_rsp(struct pending_cmd *cmd, void *data)
3070{
c68fb7ff 3071 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 3072 struct sock **sk = data;
a38528f1 3073 struct mgmt_rp_disconnect rp;
8962ee74 3074
88c3df13
JH		 3075 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3076 rp.addr.type = cp->addr.type;
8962ee74 3077
aee9b218 3078 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, 0, &rp,
04124681 3079 sizeof(rp));
8962ee74
JH		 3080
3081 *sk = cmd->sk;
3082 sock_hold(*sk);
3083
a664b5bc 3084 mgmt_pending_remove(cmd);
8962ee74
JH		 3085}
3086
124f6e35 3087static void unpair_device_rsp(struct pending_cmd *cmd, void *data)
a8a1d19e 3088{
b1078ad0 3089 struct hci_dev *hdev = data;
124f6e35
JH		 3090 struct mgmt_cp_unpair_device *cp = cmd->param;
3091 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 3092
3093 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 3094 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3095 rp.addr.type = cp->addr.type;
a8a1d19e 3096
b1078ad0
JH		 3097 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, cmd->sk);
3098
aee9b218 3099 cmd_complete(cmd->sk, cmd->index, cmd->opcode, 0, &rp, sizeof(rp));
a8a1d19e
JH		 3100
3101 mgmt_pending_remove(cmd);
3102}
3103
afc747a6 3104int mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr,
f0d6a0ea 3105 u8 link_type, u8 addr_type, u8 reason)
f7520543 3106{
f0d6a0ea 3107 struct mgmt_ev_device_disconnected ev;
8962ee74
JH		 3108 struct sock *sk = NULL;
3109 int err;
3110
744cf19e 3111 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
f7520543 3112
f0d6a0ea
MA		 3113 bacpy(&ev.addr.bdaddr, bdaddr);
3114 ev.addr.type = link_to_bdaddr(link_type, addr_type);
3115 ev.reason = reason;
f7520543 3116
afc747a6 3117 err = mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev),
04124681 3118 sk);
8962ee74
JH		 3119
3120 if (sk)
d97dcb66 3121 sock_put(sk);
8962ee74 3122
124f6e35 3123 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
04124681 3124 hdev);
a8a1d19e 3125
8962ee74
JH		 3126 return err;
3127}
3128
88c3df13 3129int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3130 u8 link_type, u8 addr_type, u8 status)
8962ee74 3131{
88c3df13 3132 struct mgmt_rp_disconnect rp;
8962ee74
JH		 3133 struct pending_cmd *cmd;
3134 int err;
3135
36a75f1b
JD		 3136 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
3137 hdev);
3138
2e58ef3e 3139 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
8962ee74
JH		 3140 if (!cmd)
3141 return -ENOENT;
3142
88c3df13 3143 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 3144 rp.addr.type = link_to_bdaddr(link_type, addr_type);
37d9ef76 3145
88c3df13 3146 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
04124681 3147 mgmt_status(status), &rp, sizeof(rp));
8962ee74 3148
a664b5bc 3149 mgmt_pending_remove(cmd);
8962ee74
JH		 3150
3151 return err;
f7520543 3152}
17d5c04c 3153
48264f06 3154int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3155 u8 addr_type, u8 status)
17d5c04c
JH		 3156{
3157 struct mgmt_ev_connect_failed ev;
3158
4c659c39 3159 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3160 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 3161 ev.status = mgmt_status(status);
17d5c04c 3162
744cf19e 3163 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
17d5c04c 3164}
980e1a53 3165
744cf19e 3166int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 3167{
3168 struct mgmt_ev_pin_code_request ev;
3169
d8457698 3170 bacpy(&ev.addr.bdaddr, bdaddr);
591f47f3 3171 ev.addr.type = BDADDR_BREDR;
a770bb5a 3172 ev.secure = secure;
980e1a53 3173
744cf19e 3174 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
04124681 3175 NULL);
980e1a53
JH		 3176}
3177
744cf19e 3178int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3179 u8 status)
980e1a53
JH		 3180{
3181 struct pending_cmd *cmd;
ac56fb13 3182 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3183 int err;
3184
2e58ef3e 3185 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
980e1a53
JH		 3186 if (!cmd)
3187 return -ENOENT;
3188
d8457698 3189 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 3190 rp.addr.type = BDADDR_BREDR;
ac56fb13 3191
aee9b218 3192 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 3193 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3194
a664b5bc 3195 mgmt_pending_remove(cmd);
980e1a53
JH		 3196
3197 return err;
3198}
3199
744cf19e 3200int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3201 u8 status)
980e1a53
JH		 3202{
3203 struct pending_cmd *cmd;
ac56fb13 3204 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3205 int err;
3206
2e58ef3e 3207 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
980e1a53
JH		 3208 if (!cmd)
3209 return -ENOENT;
3210
d8457698 3211 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 3212 rp.addr.type = BDADDR_BREDR;
ac56fb13 3213
aee9b218 3214 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY,
04124681 3215 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3216
a664b5bc 3217 mgmt_pending_remove(cmd);
980e1a53
JH		 3218
3219 return err;
3220}
a5c29683 3221
744cf19e 3222int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681
GP		 3223 u8 link_type, u8 addr_type, __le32 value,
3224 u8 confirm_hint)
a5c29683
JH		 3225{
3226 struct mgmt_ev_user_confirm_request ev;
3227
744cf19e 3228 BT_DBG("%s", hdev->name);
a5c29683 3229
272d90df 3230 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3231 ev.addr.type = link_to_bdaddr(link_type, addr_type);
55bc1a37 3232 ev.confirm_hint = confirm_hint;
78e8098e 3233 ev.value = value;
a5c29683 3234
744cf19e 3235 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
04124681 3236 NULL);
a5c29683
JH		 3237}
3238
272d90df 3239int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5 3240 u8 link_type, u8 addr_type)
604086b7
BG		 3241{
3242 struct mgmt_ev_user_passkey_request ev;
3243
3244 BT_DBG("%s", hdev->name);
3245
272d90df 3246 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3247 ev.addr.type = link_to_bdaddr(link_type, addr_type);
604086b7
BG		 3248
3249 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
04124681 3250 NULL);
604086b7
BG		 3251}
3252
0df4c185 3253static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5
GP		 3254 u8 link_type, u8 addr_type, u8 status,
3255 u8 opcode)
a5c29683
JH		 3256{
3257 struct pending_cmd *cmd;
3258 struct mgmt_rp_user_confirm_reply rp;
3259 int err;
3260
2e58ef3e 3261 cmd = mgmt_pending_find(opcode, hdev);
a5c29683
JH		 3262 if (!cmd)
3263 return -ENOENT;
3264
272d90df 3265 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 3266 rp.addr.type = link_to_bdaddr(link_type, addr_type);
aee9b218 3267 err = cmd_complete(cmd->sk, hdev->id, opcode, mgmt_status(status),
04124681 3268 &rp, sizeof(rp));
a5c29683 3269
a664b5bc 3270 mgmt_pending_remove(cmd);
a5c29683
JH		 3271
3272 return err;
3273}
3274
744cf19e 3275int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3276 u8 link_type, u8 addr_type, u8 status)
a5c29683 3277{
272d90df 3278 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3279 status, MGMT_OP_USER_CONFIRM_REPLY);
a5c29683
JH		 3280}
3281
272d90df 3282int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3283 u8 link_type, u8 addr_type, u8 status)
a5c29683 3284{
272d90df 3285 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 3286 status,
3287 MGMT_OP_USER_CONFIRM_NEG_REPLY);
a5c29683 3288}
2a611692 3289
604086b7 3290int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3291 u8 link_type, u8 addr_type, u8 status)
604086b7 3292{
272d90df 3293 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3294 status, MGMT_OP_USER_PASSKEY_REPLY);
604086b7
BG		 3295}
3296
272d90df 3297int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3298 u8 link_type, u8 addr_type, u8 status)
604086b7 3299{
272d90df 3300 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 3301 status,
3302 MGMT_OP_USER_PASSKEY_NEG_REPLY);
604086b7
BG		 3303}
3304
92a25256
JH		 3305int mgmt_user_passkey_notify(struct hci_dev *hdev, bdaddr_t *bdaddr,
3306 u8 link_type, u8 addr_type, u32 passkey,
3307 u8 entered)
3308{
3309 struct mgmt_ev_passkey_notify ev;
3310
3311 BT_DBG("%s", hdev->name);
3312
3313 bacpy(&ev.addr.bdaddr, bdaddr);
3314 ev.addr.type = link_to_bdaddr(link_type, addr_type);
3315 ev.passkey = __cpu_to_le32(passkey);
3316 ev.entered = entered;
3317
3318 return mgmt_event(MGMT_EV_PASSKEY_NOTIFY, hdev, &ev, sizeof(ev), NULL);
3319}
3320
bab73cb6 3321int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3322 u8 addr_type, u8 status)
2a611692
JH		 3323{
3324 struct mgmt_ev_auth_failed ev;
3325
bab73cb6 3326 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3327 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 3328 ev.status = mgmt_status(status);
2a611692 3329
744cf19e 3330 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2a611692 3331}
b312b161 3332
33ef95ed
JH		 3333int mgmt_auth_enable_complete(struct hci_dev *hdev, u8 status)
3334{
3335 struct cmd_lookup match = { NULL, hdev };
47990ea0
JH		 3336 bool changed = false;
3337 int err = 0;
33ef95ed
JH		 3338
3339 if (status) {
3340 u8 mgmt_err = mgmt_status(status);
3341 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev,
04124681 3342 cmd_status_rsp, &mgmt_err);
33ef95ed
JH		 3343 return 0;
3344 }
3345
47990ea0
JH		 3346 if (test_bit(HCI_AUTH, &hdev->flags)) {
3347 if (!test_and_set_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3348 changed = true;
3349 } else {
3350 if (test_and_clear_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3351 changed = true;
3352 }
3353
33ef95ed 3354 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev, settings_rsp,
04124681 3355 &match);
33ef95ed 3356
47990ea0
JH		 3357 if (changed)
3358 err = new_settings(hdev, match.sk);
33ef95ed
JH		 3359
3360 if (match.sk)
3361 sock_put(match.sk);
3362
3363 return err;
3364}
3365
cacaf52f
JH		 3366static int clear_eir(struct hci_dev *hdev)
3367{
3368 struct hci_cp_write_eir cp;
3369
3370 if (!(hdev->features[6] & LMP_EXT_INQ))
3371 return 0;
3372
c80da27e
JH		 3373 memset(hdev->eir, 0, sizeof(hdev->eir));
3374
cacaf52f
JH		 3375 memset(&cp, 0, sizeof(cp));
3376
3377 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
3378}
3379
c0ecddc2 3380int mgmt_ssp_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
ed2c4ee3
JH		 3381{
3382 struct cmd_lookup match = { NULL, hdev };
c0ecddc2
JH		 3383 bool changed = false;
3384 int err = 0;
ed2c4ee3
JH		 3385
3386 if (status) {
3387 u8 mgmt_err = mgmt_status(status);
c0ecddc2
JH		 3388
3389 if (enable && test_and_clear_bit(HCI_SSP_ENABLED,
04124681 3390 &hdev->dev_flags))
c0ecddc2
JH		 3391 err = new_settings(hdev, NULL);
3392
04124681
GP		 3393 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, cmd_status_rsp,
3394 &mgmt_err);
c0ecddc2
JH		 3395
3396 return err;
3397 }
3398
3399 if (enable) {
3400 if (!test_and_set_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3401 changed = true;
3402 } else {
3403 if (test_and_clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3404 changed = true;
ed2c4ee3
JH		 3405 }
3406
3407 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, settings_rsp, &match);
3408
c0ecddc2
JH		 3409 if (changed)
3410 err = new_settings(hdev, match.sk);
ed2c4ee3 3411
5fc6ebb1 3412 if (match.sk)
ed2c4ee3
JH		 3413 sock_put(match.sk);
3414
5fc6ebb1
JH		 3415 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3416 update_eir(hdev);
3417 else
3418 clear_eir(hdev);
cacaf52f 3419
ed2c4ee3
JH		 3420 return err;
3421}
3422
90e70454
JH		 3423static void class_rsp(struct pending_cmd *cmd, void *data)
3424{
3425 struct cmd_lookup *match = data;
3426
3427 cmd_complete(cmd->sk, cmd->index, cmd->opcode, match->mgmt_status,
04124681 3428 match->hdev->dev_class, 3);
90e70454
JH		 3429
3430 list_del(&cmd->list);
3431
3432 if (match->sk == NULL) {
3433 match->sk = cmd->sk;
3434 sock_hold(match->sk);
3435 }
3436
3437 mgmt_pending_free(cmd);
3438}
3439
7f9a903c 3440int mgmt_set_class_of_dev_complete(struct hci_dev *hdev, u8 *dev_class,
04124681 3441 u8 status)
7f9a903c 3442{
90e70454
JH		 3443 struct cmd_lookup match = { NULL, hdev, mgmt_status(status) };
3444 int err = 0;
7f9a903c 3445
c95f0ba7
JH		 3446 clear_bit(HCI_PENDING_CLASS, &hdev->dev_flags);
3447
90e70454
JH		 3448 mgmt_pending_foreach(MGMT_OP_SET_DEV_CLASS, hdev, class_rsp, &match);
3449 mgmt_pending_foreach(MGMT_OP_ADD_UUID, hdev, class_rsp, &match);
3450 mgmt_pending_foreach(MGMT_OP_REMOVE_UUID, hdev, class_rsp, &match);
3451
3452 if (!status)
04124681
GP		 3453 err = mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev, dev_class,
3454 3, NULL);
90e70454
JH		 3455
3456 if (match.sk)
3457 sock_put(match.sk);
7f9a903c
MH		 3458
3459 return err;
3460}
3461
744cf19e 3462int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
b312b161
JH		 3463{
3464 struct pending_cmd *cmd;
3465 struct mgmt_cp_set_local_name ev;
28cc7bde
JH		 3466 bool changed = false;
3467 int err = 0;
3468
3469 if (memcmp(name, hdev->dev_name, sizeof(hdev->dev_name)) != 0) {
3470 memcpy(hdev->dev_name, name, sizeof(hdev->dev_name));
3471 changed = true;
3472 }
b312b161
JH		 3473
3474 memset(&ev, 0, sizeof(ev));
3475 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
28cc7bde 3476 memcpy(ev.short_name, hdev->short_name, HCI_MAX_SHORT_NAME_LENGTH);
b312b161 3477
2e58ef3e 3478 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
b312b161
JH		 3479 if (!cmd)
3480 goto send_event;
3481
7bdaae4a
JH		 3482 /* Always assume that either the short or the complete name has
3483 * changed if there was a pending mgmt command */
3484 changed = true;
3485
b312b161 3486 if (status) {
744cf19e 3487 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
04124681 3488 mgmt_status(status));
b312b161
JH		 3489 goto failed;
3490 }
3491
aee9b218 3492 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0, &ev,
04124681 3493 sizeof(ev));
b312b161
JH		 3494 if (err < 0)
3495 goto failed;
3496
3497send_event:
28cc7bde
JH		 3498 if (changed)
3499 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev,
04124681 3500 sizeof(ev), cmd ? cmd->sk : NULL);
28cc7bde 3501
f51d5b24 3502 update_eir(hdev);
b312b161
JH		 3503
3504failed:
3505 if (cmd)
3506 mgmt_pending_remove(cmd);
3507 return err;
3508}
c35938b2 3509
744cf19e 3510int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
04124681 3511 u8 *randomizer, u8 status)
c35938b2
SJ		 3512{
3513 struct pending_cmd *cmd;
3514 int err;
3515
744cf19e 3516 BT_DBG("%s status %u", hdev->name, status);
c35938b2 3517
2e58ef3e 3518 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
c35938b2
SJ		 3519 if (!cmd)
3520 return -ENOENT;
3521
3522 if (status) {
04124681
GP		 3523 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
3524 mgmt_status(status));
c35938b2
SJ		 3525 } else {
3526 struct mgmt_rp_read_local_oob_data rp;
3527
3528 memcpy(rp.hash, hash, sizeof(rp.hash));
3529 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
3530
744cf19e 3531 err = cmd_complete(cmd->sk, hdev->id,
04124681
GP		 3532 MGMT_OP_READ_LOCAL_OOB_DATA, 0, &rp,
3533 sizeof(rp));
c35938b2
SJ		 3534 }
3535
3536 mgmt_pending_remove(cmd);
3537
3538 return err;
3539}
e17acd40 3540
06199cf8
JH		 3541int mgmt_le_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
3542{
3543 struct cmd_lookup match = { NULL, hdev };
3544 bool changed = false;
3545 int err = 0;
3546
3547 if (status) {
3548 u8 mgmt_err = mgmt_status(status);
3549
3550 if (enable && test_and_clear_bit(HCI_LE_ENABLED,
04124681 3551 &hdev->dev_flags))
d97dcb66 3552 err = new_settings(hdev, NULL);
06199cf8 3553
d97dcb66
SJ		 3554 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, cmd_status_rsp,
3555 &mgmt_err);
06199cf8
JH		 3556
3557 return err;
3558 }
3559
3560 if (enable) {
3561 if (!test_and_set_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3562 changed = true;
3563 } else {
3564 if (test_and_clear_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3565 changed = true;
3566 }
3567
3568 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, settings_rsp, &match);
3569
3570 if (changed)
3571 err = new_settings(hdev, match.sk);
3572
3573 if (match.sk)
3574 sock_put(match.sk);
3575
3576 return err;
3577}
3578
48264f06 3579int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 3580 u8 addr_type, u8 *dev_class, s8 rssi, u8 cfm_name, u8
3581 ssp, u8 *eir, u16 eir_len)
e17acd40 3582{
e319d2e7
JH		 3583 char buf[512];
3584 struct mgmt_ev_device_found *ev = (void *) buf;
1dc06093 3585 size_t ev_size;
e17acd40 3586
1dc06093
JH		 3587 /* Leave 5 bytes for a potential CoD field */
3588 if (sizeof(*ev) + eir_len + 5 > sizeof(buf))
7d262f86
AG		 3589 return -EINVAL;
3590
1dc06093
JH		 3591 memset(buf, 0, sizeof(buf));
3592
e319d2e7 3593 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3594 ev->addr.type = link_to_bdaddr(link_type, addr_type);
e319d2e7 3595 ev->rssi = rssi;
9a395a80 3596 if (cfm_name)
33cef264 3597 ev->flags |= cpu_to_le32(MGMT_DEV_FOUND_CONFIRM_NAME);
388fc8fa 3598 if (!ssp)
33cef264 3599 ev->flags |= cpu_to_le32(MGMT_DEV_FOUND_LEGACY_PAIRING);
e17acd40 3600
1dc06093 3601 if (eir_len > 0)
e319d2e7 3602 memcpy(ev->eir, eir, eir_len);
e17acd40 3603
1dc06093
JH		 3604 if (dev_class && !eir_has_data_type(ev->eir, eir_len, EIR_CLASS_OF_DEV))
3605 eir_len = eir_append_data(ev->eir, eir_len, EIR_CLASS_OF_DEV,
04124681 3606 dev_class, 3);
1dc06093 3607
eb55ef07 3608 ev->eir_len = cpu_to_le16(eir_len);
1dc06093 3609 ev_size = sizeof(*ev) + eir_len;
f8523598 3610
e319d2e7 3611 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, ev_size, NULL);
e17acd40 3612}
a88a9652 3613
b644ba33 3614int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3615 u8 addr_type, s8 rssi, u8 *name, u8 name_len)
a88a9652 3616{
b644ba33
JH		 3617 struct mgmt_ev_device_found *ev;
3618 char buf[sizeof(*ev) + HCI_MAX_NAME_LENGTH + 2];
3619 u16 eir_len;
a88a9652 3620
b644ba33 3621 ev = (struct mgmt_ev_device_found *) buf;
a88a9652 3622
b644ba33
JH		 3623 memset(buf, 0, sizeof(buf));
3624
3625 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3626 ev->addr.type = link_to_bdaddr(link_type, addr_type);
b644ba33
JH		 3627 ev->rssi = rssi;
3628
3629 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name,
04124681 3630 name_len);
b644ba33 3631
eb55ef07 3632 ev->eir_len = cpu_to_le16(eir_len);
a88a9652 3633
053c7e0c 3634 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev,
04124681 3635 sizeof(*ev) + eir_len, NULL);
a88a9652 3636}
314b2381 3637
7a135109 3638int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
164a6e78
JH		 3639{
3640 struct pending_cmd *cmd;
f808e166 3641 u8 type;
164a6e78
JH		 3642 int err;
3643
203159d4
AG		 3644 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3645
2e58ef3e 3646 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78
JH		 3647 if (!cmd)
3648 return -ENOENT;
3649
f808e166
JH		 3650 type = hdev->discovery.type;
3651
3652 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 3653 &type, sizeof(type));
164a6e78
JH		 3654 mgmt_pending_remove(cmd);
3655
3656 return err;
3657}
3658
e6d465cb
AG		 3659int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
3660{
3661 struct pending_cmd *cmd;
3662 int err;
3663
3664 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
3665 if (!cmd)
3666 return -ENOENT;
3667
d930650b 3668 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 3669 &hdev->discovery.type, sizeof(hdev->discovery.type));
164a6e78
JH		 3670 mgmt_pending_remove(cmd);
3671
3672 return err;
3673}
3674
744cf19e 3675int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
314b2381 3676{
f963e8e9 3677 struct mgmt_ev_discovering ev;
164a6e78
JH		 3678 struct pending_cmd *cmd;
3679
343fb145
AG		 3680 BT_DBG("%s discovering %u", hdev->name, discovering);
3681
164a6e78 3682 if (discovering)
2e58ef3e 3683 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78 3684 else
2e58ef3e 3685 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
164a6e78
JH		 3686
3687 if (cmd != NULL) {
f808e166
JH		 3688 u8 type = hdev->discovery.type;
3689
04124681
GP		 3690 cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0, &type,
3691 sizeof(type));
164a6e78
JH		 3692 mgmt_pending_remove(cmd);
3693 }
3694
f963e8e9
JH		 3695 memset(&ev, 0, sizeof(ev));
3696 ev.type = hdev->discovery.type;
3697 ev.discovering = discovering;
3698
3699 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &ev, sizeof(ev), NULL);
314b2381 3700}
5e762444 3701
88c1fe4b 3702int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3703{
3704 struct pending_cmd *cmd;
3705 struct mgmt_ev_device_blocked ev;
3706
2e58ef3e 3707 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
5e762444 3708
88c1fe4b
JH		 3709 bacpy(&ev.addr.bdaddr, bdaddr);
3710 ev.addr.type = type;
5e762444 3711
744cf19e 3712 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
04124681 3713 cmd ? cmd->sk : NULL);
5e762444
AJ		 3714}
3715
88c1fe4b 3716int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3717{
3718 struct pending_cmd *cmd;
3719 struct mgmt_ev_device_unblocked ev;
3720
2e58ef3e 3721 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
5e762444 3722
88c1fe4b
JH		 3723 bacpy(&ev.addr.bdaddr, bdaddr);
3724 ev.addr.type = type;
5e762444 3725
744cf19e 3726 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
04124681 3727 cmd ? cmd->sk : NULL);
5e762444 3728}
d7b7e796
MH		 3729
3730module_param(enable_hs, bool, 0644);
3731MODULE_PARM_DESC(enable_hs, "Enable High Speed support");
Linux 6.x block layer and io_uring tree(s)