projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Use the LTK after receiving a LE Security Request
[linux-2.6-block.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21*/
22
23/* Bluetooth HCI Management interface */
24
72359753 25#include <linux/uaccess.h>
0381101f
JH		 26#include <asm/unaligned.h>
27
28#include <net/bluetooth/bluetooth.h>
29#include <net/bluetooth/hci_core.h>
30#include <net/bluetooth/mgmt.h>
31
02d98129
JH		 32#define MGMT_VERSION 0
33#define MGMT_REVISION 1
34
eec8d2bc
JH		 35struct pending_cmd {
36 struct list_head list;
37 __u16 opcode;
38 int index;
c68fb7ff 39 void *param;
eec8d2bc 40 struct sock *sk;
e9a416b5 41 void *user_data;
eec8d2bc
JH		 42};
43
b5ad8b7f 44static LIST_HEAD(cmd_list);
eec8d2bc 45
4e51eae9 46static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 47{
48 struct sk_buff *skb;
49 struct mgmt_hdr *hdr;
50 struct mgmt_ev_cmd_status *ev;
51
34eb525c 52 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69
JH		 53
54 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
55 if (!skb)
56 return -ENOMEM;
57
58 hdr = (void *) skb_put(skb, sizeof(*hdr));
59
60 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 61 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 62 hdr->len = cpu_to_le16(sizeof(*ev));
63
64 ev = (void *) skb_put(skb, sizeof(*ev));
65 ev->status = status;
66 put_unaligned_le16(cmd, &ev->opcode);
67
68 if (sock_queue_rcv_skb(sk, skb) < 0)
69 kfree_skb(skb);
70
71 return 0;
72}
73
4e51eae9
SJ		 74static int cmd_complete(struct sock *sk, u16 index, u16 cmd, void *rp,
75 size_t rp_len)
02d98129
JH		 76{
77 struct sk_buff *skb;
78 struct mgmt_hdr *hdr;
79 struct mgmt_ev_cmd_complete *ev;
02d98129
JH		 80
81 BT_DBG("sock %p", sk);
82
a38528f1 83 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
02d98129
JH		 84 if (!skb)
85 return -ENOMEM;
86
87 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 88
a38528f1 89 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 90 hdr->index = cpu_to_le16(index);
a38528f1 91 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 92
a38528f1
JH		 93 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
94 put_unaligned_le16(cmd, &ev->opcode);
8020c16a
SJ		 95
96 if (rp)
97 memcpy(ev->data, rp, rp_len);
02d98129
JH		 98
99 if (sock_queue_rcv_skb(sk, skb) < 0)
100 kfree_skb(skb);
101
102 return 0;
103}
104
a38528f1
JH		 105static int read_version(struct sock *sk)
106{
107 struct mgmt_rp_read_version rp;
108
109 BT_DBG("sock %p", sk);
110
111 rp.version = MGMT_VERSION;
112 put_unaligned_le16(MGMT_REVISION, &rp.revision);
113
4e51eae9
SJ		 114 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, &rp,
115 sizeof(rp));
a38528f1
JH		 116}
117
faba42eb
JH		 118static int read_index_list(struct sock *sk)
119{
faba42eb
JH		 120 struct mgmt_rp_read_index_list *rp;
121 struct list_head *p;
a38528f1 122 size_t rp_len;
faba42eb 123 u16 count;
a38528f1 124 int i, err;
faba42eb
JH		 125
126 BT_DBG("sock %p", sk);
127
128 read_lock(&hci_dev_list_lock);
129
130 count = 0;
131 list_for_each(p, &hci_dev_list) {
132 count++;
133 }
134
a38528f1
JH		 135 rp_len = sizeof(*rp) + (2 * count);
136 rp = kmalloc(rp_len, GFP_ATOMIC);
137 if (!rp) {
b2c60d42 138 read_unlock(&hci_dev_list_lock);
faba42eb 139 return -ENOMEM;
b2c60d42 140 }
faba42eb 141
faba42eb
JH		 142 put_unaligned_le16(count, &rp->num_controllers);
143
144 i = 0;
145 list_for_each(p, &hci_dev_list) {
146 struct hci_dev *d = list_entry(p, struct hci_dev, list);
ab81cbf9
JH		 147
148 hci_del_off_timer(d);
149
ebc99feb
JH		 150 set_bit(HCI_MGMT, &d->flags);
151
ab81cbf9
JH		 152 if (test_bit(HCI_SETUP, &d->flags))
153 continue;
154
faba42eb
JH		 155 put_unaligned_le16(d->id, &rp->index[i++]);
156 BT_DBG("Added hci%u", d->id);
157 }
158
159 read_unlock(&hci_dev_list_lock);
160
4e51eae9
SJ		 161 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, rp,
162 rp_len);
faba42eb 163
a38528f1
JH		 164 kfree(rp);
165
166 return err;
faba42eb
JH		 167}
168
4e51eae9 169static int read_controller_info(struct sock *sk, u16 index)
0381101f 170{
a38528f1 171 struct mgmt_rp_read_info rp;
f7b64e69 172 struct hci_dev *hdev;
0381101f 173
4e51eae9 174 BT_DBG("sock %p hci%u", sk, index);
f7b64e69 175
4e51eae9 176 hdev = hci_dev_get(index);
a38528f1 177 if (!hdev)
4e51eae9 178 return cmd_status(sk, index, MGMT_OP_READ_INFO, ENODEV);
f7b64e69 179
ab81cbf9
JH		 180 hci_del_off_timer(hdev);
181
8c156c32 182 hci_dev_lock_bh(hdev);
f7b64e69 183
ebc99feb
JH		 184 set_bit(HCI_MGMT, &hdev->flags);
185
dc4fe30b
JH		 186 memset(&rp, 0, sizeof(rp));
187
a38528f1 188 rp.type = hdev->dev_type;
f7b64e69 189
a38528f1
JH		 190 rp.powered = test_bit(HCI_UP, &hdev->flags);
191 rp.connectable = test_bit(HCI_PSCAN, &hdev->flags);
192 rp.discoverable = test_bit(HCI_ISCAN, &hdev->flags);
193 rp.pairable = test_bit(HCI_PSCAN, &hdev->flags);
f7b64e69
JH		 194
195 if (test_bit(HCI_AUTH, &hdev->flags))
a38528f1 196 rp.sec_mode = 3;
f7b64e69 197 else if (hdev->ssp_mode > 0)
a38528f1 198 rp.sec_mode = 4;
f7b64e69 199 else
a38528f1 200 rp.sec_mode = 2;
f7b64e69 201
a38528f1
JH		 202 bacpy(&rp.bdaddr, &hdev->bdaddr);
203 memcpy(rp.features, hdev->features, 8);
204 memcpy(rp.dev_class, hdev->dev_class, 3);
205 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
206 rp.hci_ver = hdev->hci_ver;
207 put_unaligned_le16(hdev->hci_rev, &rp.hci_rev);
f7b64e69 208
dc4fe30b
JH		 209 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
210
8c156c32 211 hci_dev_unlock_bh(hdev);
f7b64e69 212 hci_dev_put(hdev);
0381101f 213
4e51eae9 214 return cmd_complete(sk, index, MGMT_OP_READ_INFO, &rp, sizeof(rp));
0381101f
JH		 215}
216
eec8d2bc
JH		 217static void mgmt_pending_free(struct pending_cmd *cmd)
218{
219 sock_put(cmd->sk);
c68fb7ff 220 kfree(cmd->param);
eec8d2bc
JH		 221 kfree(cmd);
222}
223
366a0336
JH		 224static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
225 u16 index, void *data, u16 len)
eec8d2bc
JH		 226{
227 struct pending_cmd *cmd;
228
229 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
230 if (!cmd)
366a0336 231 return NULL;
eec8d2bc
JH		 232
233 cmd->opcode = opcode;
234 cmd->index = index;
235
c68fb7ff
SJ		 236 cmd->param = kmalloc(len, GFP_ATOMIC);
237 if (!cmd->param) {
eec8d2bc 238 kfree(cmd);
366a0336 239 return NULL;
eec8d2bc
JH		 240 }
241
8fce6357
SJ		 242 if (data)
243 memcpy(cmd->param, data, len);
eec8d2bc
JH		 244
245 cmd->sk = sk;
246 sock_hold(sk);
247
248 list_add(&cmd->list, &cmd_list);
249
366a0336 250 return cmd;
eec8d2bc
JH		 251}
252
253static void mgmt_pending_foreach(u16 opcode, int index,
254 void (*cb)(struct pending_cmd *cmd, void *data),
255 void *data)
256{
257 struct list_head *p, *n;
258
259 list_for_each_safe(p, n, &cmd_list) {
260 struct pending_cmd *cmd;
261
262 cmd = list_entry(p, struct pending_cmd, list);
263
264 if (cmd->opcode != opcode)
265 continue;
266
267 if (index >= 0 && cmd->index != index)
268 continue;
269
270 cb(cmd, data);
271 }
272}
273
274static struct pending_cmd *mgmt_pending_find(u16 opcode, int index)
275{
276 struct list_head *p;
277
278 list_for_each(p, &cmd_list) {
279 struct pending_cmd *cmd;
280
281 cmd = list_entry(p, struct pending_cmd, list);
282
283 if (cmd->opcode != opcode)
284 continue;
285
286 if (index >= 0 && cmd->index != index)
287 continue;
288
289 return cmd;
290 }
291
292 return NULL;
293}
294
a664b5bc 295static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 296{
73f22f62
JH		 297 list_del(&cmd->list);
298 mgmt_pending_free(cmd);
299}
300
4e51eae9 301static int set_powered(struct sock *sk, u16 index, unsigned char *data, u16 len)
eec8d2bc 302{
72a734ec 303 struct mgmt_mode *cp;
eec8d2bc 304 struct hci_dev *hdev;
366a0336 305 struct pending_cmd *cmd;
366a0336 306 int err, up;
eec8d2bc
JH		 307
308 cp = (void *) data;
eec8d2bc 309
4e51eae9 310 BT_DBG("request for hci%u", index);
eec8d2bc 311
bdce7baf
SJ		 312 if (len != sizeof(*cp))
313 return cmd_status(sk, index, MGMT_OP_SET_POWERED, EINVAL);
314
4e51eae9 315 hdev = hci_dev_get(index);
eec8d2bc 316 if (!hdev)
4e51eae9 317 return cmd_status(sk, index, MGMT_OP_SET_POWERED, ENODEV);
eec8d2bc 318
8c156c32 319 hci_dev_lock_bh(hdev);
eec8d2bc
JH		 320
321 up = test_bit(HCI_UP, &hdev->flags);
72a734ec 322 if ((cp->val && up) || (!cp->val && !up)) {
4e51eae9 323 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EALREADY);
eec8d2bc
JH		 324 goto failed;
325 }
326
4e51eae9
SJ		 327 if (mgmt_pending_find(MGMT_OP_SET_POWERED, index)) {
328 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EBUSY);
eec8d2bc
JH		 329 goto failed;
330 }
331
4e51eae9 332 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, index, data, len);
366a0336
JH		 333 if (!cmd) {
334 err = -ENOMEM;
eec8d2bc 335 goto failed;
366a0336 336 }
eec8d2bc 337
72a734ec 338 if (cp->val)
eec8d2bc
JH		 339 queue_work(hdev->workqueue, &hdev->power_on);
340 else
341 queue_work(hdev->workqueue, &hdev->power_off);
342
366a0336 343 err = 0;
eec8d2bc
JH		 344
345failed:
8c156c32 346 hci_dev_unlock_bh(hdev);
eec8d2bc 347 hci_dev_put(hdev);
366a0336 348 return err;
eec8d2bc
JH		 349}
350
4e51eae9
SJ		 351static int set_discoverable(struct sock *sk, u16 index, unsigned char *data,
352 u16 len)
73f22f62 353{
72a734ec 354 struct mgmt_mode *cp;
73f22f62 355 struct hci_dev *hdev;
366a0336 356 struct pending_cmd *cmd;
73f22f62
JH		 357 u8 scan;
358 int err;
359
360 cp = (void *) data;
73f22f62 361
4e51eae9 362 BT_DBG("request for hci%u", index);
73f22f62 363
bdce7baf
SJ		 364 if (len != sizeof(*cp))
365 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EINVAL);
366
4e51eae9 367 hdev = hci_dev_get(index);
73f22f62 368 if (!hdev)
4e51eae9 369 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENODEV);
73f22f62 370
8c156c32 371 hci_dev_lock_bh(hdev);
73f22f62
JH		 372
373 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9 374 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENETDOWN);
73f22f62
JH		 375 goto failed;
376 }
377
4e51eae9
SJ		 378 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, index) ||
379 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, index)) {
380 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EBUSY);
73f22f62
JH		 381 goto failed;
382 }
383
72a734ec 384 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
73f22f62 385 test_bit(HCI_PSCAN, &hdev->flags)) {
4e51eae9 386 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EALREADY);
73f22f62
JH		 387 goto failed;
388 }
389
4e51eae9 390 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, index, data, len);
366a0336
JH		 391 if (!cmd) {
392 err = -ENOMEM;
73f22f62 393 goto failed;
366a0336 394 }
73f22f62
JH		 395
396 scan = SCAN_PAGE;
397
72a734ec 398 if (cp->val)
73f22f62
JH		 399 scan |= SCAN_INQUIRY;
400
401 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
402 if (err < 0)
a664b5bc 403 mgmt_pending_remove(cmd);
73f22f62
JH		 404
405failed:
8c156c32 406 hci_dev_unlock_bh(hdev);
73f22f62
JH		 407 hci_dev_put(hdev);
408
409 return err;
410}
411
4e51eae9
SJ		 412static int set_connectable(struct sock *sk, u16 index, unsigned char *data,
413 u16 len)
9fbcbb45 414{
72a734ec 415 struct mgmt_mode *cp;
9fbcbb45 416 struct hci_dev *hdev;
366a0336 417 struct pending_cmd *cmd;
9fbcbb45
JH		 418 u8 scan;
419 int err;
420
421 cp = (void *) data;
9fbcbb45 422
4e51eae9 423 BT_DBG("request for hci%u", index);
9fbcbb45 424
bdce7baf
SJ		 425 if (len != sizeof(*cp))
426 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EINVAL);
427
4e51eae9 428 hdev = hci_dev_get(index);
9fbcbb45 429 if (!hdev)
4e51eae9 430 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENODEV);
9fbcbb45 431
8c156c32 432 hci_dev_lock_bh(hdev);
9fbcbb45
JH		 433
434 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9 435 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENETDOWN);
9fbcbb45
JH		 436 goto failed;
437 }
438
4e51eae9
SJ		 439 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, index) ||
440 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, index)) {
441 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EBUSY);
9fbcbb45
JH		 442 goto failed;
443 }
444
72a734ec 445 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
4e51eae9 446 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EALREADY);
9fbcbb45
JH		 447 goto failed;
448 }
449
4e51eae9 450 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, index, data, len);
366a0336
JH		 451 if (!cmd) {
452 err = -ENOMEM;
9fbcbb45 453 goto failed;
366a0336 454 }
9fbcbb45 455
72a734ec 456 if (cp->val)
9fbcbb45
JH		 457 scan = SCAN_PAGE;
458 else
459 scan = 0;
460
461 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
462 if (err < 0)
a664b5bc 463 mgmt_pending_remove(cmd);
9fbcbb45
JH		 464
465failed:
8c156c32 466 hci_dev_unlock_bh(hdev);
9fbcbb45
JH		 467 hci_dev_put(hdev);
468
469 return err;
470}
471
4e51eae9
SJ		 472static int mgmt_event(u16 event, u16 index, void *data, u16 data_len,
473 struct sock *skip_sk)
c542a06c
JH		 474{
475 struct sk_buff *skb;
476 struct mgmt_hdr *hdr;
477
478 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
479 if (!skb)
480 return -ENOMEM;
481
482 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL;
483
484 hdr = (void *) skb_put(skb, sizeof(*hdr));
485 hdr->opcode = cpu_to_le16(event);
4e51eae9 486 hdr->index = cpu_to_le16(index);
c542a06c
JH		 487 hdr->len = cpu_to_le16(data_len);
488
4e51eae9
SJ		 489 if (data)
490 memcpy(skb_put(skb, data_len), data, data_len);
c542a06c
JH		 491
492 hci_send_to_sock(NULL, skb, skip_sk);
493 kfree_skb(skb);
494
495 return 0;
496}
497
053f0211
JH		 498static int send_mode_rsp(struct sock *sk, u16 opcode, u16 index, u8 val)
499{
a38528f1 500 struct mgmt_mode rp;
053f0211 501
a38528f1 502 rp.val = val;
053f0211 503
4e51eae9 504 return cmd_complete(sk, index, opcode, &rp, sizeof(rp));
053f0211
JH		 505}
506
4e51eae9
SJ		 507static int set_pairable(struct sock *sk, u16 index, unsigned char *data,
508 u16 len)
c542a06c
JH		 509{
510 struct mgmt_mode *cp, ev;
511 struct hci_dev *hdev;
c542a06c
JH		 512 int err;
513
514 cp = (void *) data;
c542a06c 515
4e51eae9 516 BT_DBG("request for hci%u", index);
c542a06c 517
bdce7baf
SJ		 518 if (len != sizeof(*cp))
519 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, EINVAL);
520
4e51eae9 521 hdev = hci_dev_get(index);
c542a06c 522 if (!hdev)
4e51eae9 523 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, ENODEV);
c542a06c 524
8c156c32 525 hci_dev_lock_bh(hdev);
c542a06c
JH		 526
527 if (cp->val)
528 set_bit(HCI_PAIRABLE, &hdev->flags);
529 else
530 clear_bit(HCI_PAIRABLE, &hdev->flags);
531
4e51eae9 532 err = send_mode_rsp(sk, MGMT_OP_SET_PAIRABLE, index, cp->val);
c542a06c
JH		 533 if (err < 0)
534 goto failed;
535
c542a06c
JH		 536 ev.val = cp->val;
537
4e51eae9 538 err = mgmt_event(MGMT_EV_PAIRABLE, index, &ev, sizeof(ev), sk);
c542a06c
JH		 539
540failed:
8c156c32 541 hci_dev_unlock_bh(hdev);
c542a06c
JH		 542 hci_dev_put(hdev);
543
544 return err;
545}
546
80a1e1db
JH		 547#define EIR_FLAGS 0x01 /* flags */
548#define EIR_UUID16_SOME 0x02 /* 16-bit UUID, more available */
549#define EIR_UUID16_ALL 0x03 /* 16-bit UUID, all listed */
550#define EIR_UUID32_SOME 0x04 /* 32-bit UUID, more available */
551#define EIR_UUID32_ALL 0x05 /* 32-bit UUID, all listed */
552#define EIR_UUID128_SOME 0x06 /* 128-bit UUID, more available */
553#define EIR_UUID128_ALL 0x07 /* 128-bit UUID, all listed */
554#define EIR_NAME_SHORT 0x08 /* shortened local name */
555#define EIR_NAME_COMPLETE 0x09 /* complete local name */
556#define EIR_TX_POWER 0x0A /* transmit power level */
557#define EIR_DEVICE_ID 0x10 /* device ID */
558
559#define PNP_INFO_SVCLASS_ID 0x1200
560
561static u8 bluetooth_base_uuid[] = {
562 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
563 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
564};
565
566static u16 get_uuid16(u8 *uuid128)
567{
568 u32 val;
569 int i;
570
571 for (i = 0; i < 12; i++) {
572 if (bluetooth_base_uuid[i] != uuid128[i])
573 return 0;
574 }
575
576 memcpy(&val, &uuid128[12], 4);
577
578 val = le32_to_cpu(val);
579 if (val > 0xffff)
580 return 0;
581
582 return (u16) val;
583}
584
585static void create_eir(struct hci_dev *hdev, u8 *data)
586{
587 u8 *ptr = data;
588 u16 eir_len = 0;
589 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
590 int i, truncated = 0;
591 struct list_head *p;
592 size_t name_len;
593
594 name_len = strlen(hdev->dev_name);
595
596 if (name_len > 0) {
597 /* EIR Data type */
598 if (name_len > 48) {
599 name_len = 48;
600 ptr[1] = EIR_NAME_SHORT;
601 } else
602 ptr[1] = EIR_NAME_COMPLETE;
603
604 /* EIR Data length */
605 ptr[0] = name_len + 1;
606
607 memcpy(ptr + 2, hdev->dev_name, name_len);
608
609 eir_len += (name_len + 2);
610 ptr += (name_len + 2);
611 }
612
613 memset(uuid16_list, 0, sizeof(uuid16_list));
614
615 /* Group all UUID16 types */
616 list_for_each(p, &hdev->uuids) {
617 struct bt_uuid *uuid = list_entry(p, struct bt_uuid, list);
618 u16 uuid16;
619
620 uuid16 = get_uuid16(uuid->uuid);
621 if (uuid16 == 0)
622 return;
623
624 if (uuid16 < 0x1100)
625 continue;
626
627 if (uuid16 == PNP_INFO_SVCLASS_ID)
628 continue;
629
630 /* Stop if not enough space to put next UUID */
631 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
632 truncated = 1;
633 break;
634 }
635
636 /* Check for duplicates */
637 for (i = 0; uuid16_list[i] != 0; i++)
638 if (uuid16_list[i] == uuid16)
639 break;
640
641 if (uuid16_list[i] == 0) {
642 uuid16_list[i] = uuid16;
643 eir_len += sizeof(u16);
644 }
645 }
646
647 if (uuid16_list[0] != 0) {
648 u8 *length = ptr;
649
650 /* EIR Data type */
651 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
652
653 ptr += 2;
654 eir_len += 2;
655
656 for (i = 0; uuid16_list[i] != 0; i++) {
657 *ptr++ = (uuid16_list[i] & 0x00ff);
658 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
659 }
660
661 /* EIR Data length */
662 *length = (i * sizeof(u16)) + 1;
663 }
664}
665
666static int update_eir(struct hci_dev *hdev)
667{
668 struct hci_cp_write_eir cp;
669
670 if (!(hdev->features[6] & LMP_EXT_INQ))
671 return 0;
672
673 if (hdev->ssp_mode == 0)
674 return 0;
675
676 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
677 return 0;
678
679 memset(&cp, 0, sizeof(cp));
680
681 create_eir(hdev, cp.data);
682
683 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
684 return 0;
685
686 memcpy(hdev->eir, cp.data, sizeof(cp.data));
687
688 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
689}
690
1aff6f09
JH		 691static u8 get_service_classes(struct hci_dev *hdev)
692{
693 struct list_head *p;
694 u8 val = 0;
695
696 list_for_each(p, &hdev->uuids) {
697 struct bt_uuid *uuid = list_entry(p, struct bt_uuid, list);
698
699 val |= uuid->svc_hint;
700 }
701
702 return val;
703}
704
705static int update_class(struct hci_dev *hdev)
706{
707 u8 cod[3];
708
709 BT_DBG("%s", hdev->name);
710
711 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
712 return 0;
713
714 cod[0] = hdev->minor_class;
715 cod[1] = hdev->major_class;
716 cod[2] = get_service_classes(hdev);
717
718 if (memcmp(cod, hdev->dev_class, 3) == 0)
719 return 0;
720
721 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
722}
723
4e51eae9 724static int add_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
2aeb9a1a
JH		 725{
726 struct mgmt_cp_add_uuid *cp;
727 struct hci_dev *hdev;
728 struct bt_uuid *uuid;
2aeb9a1a
JH		 729 int err;
730
731 cp = (void *) data;
2aeb9a1a 732
4e51eae9 733 BT_DBG("request for hci%u", index);
2aeb9a1a 734
bdce7baf
SJ		 735 if (len != sizeof(*cp))
736 return cmd_status(sk, index, MGMT_OP_ADD_UUID, EINVAL);
737
4e51eae9 738 hdev = hci_dev_get(index);
2aeb9a1a 739 if (!hdev)
4e51eae9 740 return cmd_status(sk, index, MGMT_OP_ADD_UUID, ENODEV);
2aeb9a1a 741
8c156c32 742 hci_dev_lock_bh(hdev);
2aeb9a1a
JH		 743
744 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
745 if (!uuid) {
746 err = -ENOMEM;
747 goto failed;
748 }
749
750 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 751 uuid->svc_hint = cp->svc_hint;
2aeb9a1a
JH		 752
753 list_add(&uuid->list, &hdev->uuids);
754
1aff6f09
JH		 755 err = update_class(hdev);
756 if (err < 0)
757 goto failed;
758
80a1e1db
JH		 759 err = update_eir(hdev);
760 if (err < 0)
761 goto failed;
762
4e51eae9 763 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, NULL, 0);
2aeb9a1a
JH		 764
765failed:
8c156c32 766 hci_dev_unlock_bh(hdev);
2aeb9a1a
JH		 767 hci_dev_put(hdev);
768
769 return err;
770}
771
4e51eae9 772static int remove_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
2aeb9a1a
JH		 773{
774 struct list_head *p, *n;
779cb850 775 struct mgmt_cp_remove_uuid *cp;
2aeb9a1a
JH		 776 struct hci_dev *hdev;
777 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
2aeb9a1a
JH		 778 int err, found;
779
780 cp = (void *) data;
2aeb9a1a 781
4e51eae9 782 BT_DBG("request for hci%u", index);
2aeb9a1a 783
bdce7baf
SJ		 784 if (len != sizeof(*cp))
785 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, EINVAL);
786
4e51eae9 787 hdev = hci_dev_get(index);
2aeb9a1a 788 if (!hdev)
4e51eae9 789 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENODEV);
2aeb9a1a 790
8c156c32 791 hci_dev_lock_bh(hdev);
2aeb9a1a
JH		 792
793 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
794 err = hci_uuids_clear(hdev);
795 goto unlock;
796 }
797
798 found = 0;
799
800 list_for_each_safe(p, n, &hdev->uuids) {
801 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
802
803 if (memcmp(match->uuid, cp->uuid, 16) != 0)
804 continue;
805
806 list_del(&match->list);
807 found++;
808 }
809
810 if (found == 0) {
4e51eae9 811 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENOENT);
2aeb9a1a
JH		 812 goto unlock;
813 }
814
1aff6f09
JH		 815 err = update_class(hdev);
816 if (err < 0)
817 goto unlock;
818
80a1e1db
JH		 819 err = update_eir(hdev);
820 if (err < 0)
821 goto unlock;
822
4e51eae9 823 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, NULL, 0);
2aeb9a1a
JH		 824
825unlock:
8c156c32 826 hci_dev_unlock_bh(hdev);
2aeb9a1a
JH		 827 hci_dev_put(hdev);
828
829 return err;
830}
831
4e51eae9
SJ		 832static int set_dev_class(struct sock *sk, u16 index, unsigned char *data,
833 u16 len)
1aff6f09
JH		 834{
835 struct hci_dev *hdev;
836 struct mgmt_cp_set_dev_class *cp;
1aff6f09
JH		 837 int err;
838
839 cp = (void *) data;
1aff6f09 840
4e51eae9 841 BT_DBG("request for hci%u", index);
1aff6f09 842
bdce7baf
SJ		 843 if (len != sizeof(*cp))
844 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, EINVAL);
845
4e51eae9 846 hdev = hci_dev_get(index);
1aff6f09 847 if (!hdev)
4e51eae9 848 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, ENODEV);
1aff6f09 849
8c156c32 850 hci_dev_lock_bh(hdev);
1aff6f09
JH		 851
852 hdev->major_class = cp->major;
853 hdev->minor_class = cp->minor;
854
855 err = update_class(hdev);
856
857 if (err == 0)
4e51eae9 858 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, NULL, 0);
1aff6f09 859
8c156c32 860 hci_dev_unlock_bh(hdev);
1aff6f09
JH		 861 hci_dev_put(hdev);
862
863 return err;
864}
865
4e51eae9
SJ		 866static int set_service_cache(struct sock *sk, u16 index, unsigned char *data,
867 u16 len)
1aff6f09
JH		 868{
869 struct hci_dev *hdev;
870 struct mgmt_cp_set_service_cache *cp;
1aff6f09
JH		 871 int err;
872
873 cp = (void *) data;
1aff6f09 874
bdce7baf 875 if (len != sizeof(*cp))
b8534e0f 876 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, EINVAL);
bdce7baf 877
4e51eae9 878 hdev = hci_dev_get(index);
1aff6f09 879 if (!hdev)
4e51eae9 880 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, ENODEV);
1aff6f09 881
8c156c32 882 hci_dev_lock_bh(hdev);
1aff6f09 883
4e51eae9 884 BT_DBG("hci%u enable %d", index, cp->enable);
1aff6f09
JH		 885
886 if (cp->enable) {
887 set_bit(HCI_SERVICE_CACHE, &hdev->flags);
888 err = 0;
889 } else {
890 clear_bit(HCI_SERVICE_CACHE, &hdev->flags);
891 err = update_class(hdev);
80a1e1db
JH		 892 if (err == 0)
893 err = update_eir(hdev);
1aff6f09
JH		 894 }
895
896 if (err == 0)
4e51eae9
SJ		 897 err = cmd_complete(sk, index, MGMT_OP_SET_SERVICE_CACHE, NULL,
898 0);
1aff6f09 899
8c156c32 900 hci_dev_unlock_bh(hdev);
1aff6f09
JH		 901 hci_dev_put(hdev);
902
903 return err;
904}
905
4e51eae9 906static int load_keys(struct sock *sk, u16 index, unsigned char *data, u16 len)
55ed8ca1
JH		 907{
908 struct hci_dev *hdev;
909 struct mgmt_cp_load_keys *cp;
4e51eae9 910 u16 key_count, expected_len;
5a0a8b49 911 int i, err;
55ed8ca1
JH		 912
913 cp = (void *) data;
bdce7baf
SJ		 914
915 if (len < sizeof(*cp))
916 return -EINVAL;
917
55ed8ca1
JH		 918 key_count = get_unaligned_le16(&cp->key_count);
919
920 expected_len = sizeof(*cp) + key_count * sizeof(struct mgmt_key_info);
5a0a8b49
VCG		 921 if (expected_len > len) {
922 BT_ERR("load_keys: expected at least %u bytes, got %u bytes",
923 expected_len, len);
55ed8ca1
JH		 924 return -EINVAL;
925 }
926
4e51eae9 927 hdev = hci_dev_get(index);
55ed8ca1 928 if (!hdev)
4e51eae9 929 return cmd_status(sk, index, MGMT_OP_LOAD_KEYS, ENODEV);
55ed8ca1 930
4e51eae9 931 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys,
55ed8ca1
JH		 932 key_count);
933
8c156c32 934 hci_dev_lock_bh(hdev);
55ed8ca1
JH		 935
936 hci_link_keys_clear(hdev);
937
938 set_bit(HCI_LINK_KEYS, &hdev->flags);
939
940 if (cp->debug_keys)
941 set_bit(HCI_DEBUG_KEYS, &hdev->flags);
942 else
943 clear_bit(HCI_DEBUG_KEYS, &hdev->flags);
944
5a0a8b49
VCG		 945 len -= sizeof(*cp);
946 i = 0;
947
948 while (i < len) {
949 struct mgmt_key_info *key = (void *) cp->keys + i;
950
951 i += sizeof(*key) + key->dlen;
952
953 if (key->type == HCI_LK_SMP_LTK) {
954 struct key_master_id *id = (void *) key->data;
955
956 if (key->dlen != sizeof(struct key_master_id))
957 continue;
958
726b4ffc
VCG		 959 hci_add_ltk(hdev, 0, &key->bdaddr, key->pin_len,
960 id->ediv, id->rand, key->val);
5a0a8b49
VCG		 961
962 continue;
963 }
55ed8ca1 964
d25e28ab 965 hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type,
55ed8ca1
JH		 966 key->pin_len);
967 }
968
5a0a8b49
VCG		 969 err = cmd_complete(sk, index, MGMT_OP_LOAD_KEYS, NULL, 0);
970
8c156c32 971 hci_dev_unlock_bh(hdev);
55ed8ca1
JH		 972 hci_dev_put(hdev);
973
5a0a8b49 974 return err;
55ed8ca1
JH		 975}
976
4e51eae9 977static int remove_key(struct sock *sk, u16 index, unsigned char *data, u16 len)
55ed8ca1
JH		 978{
979 struct hci_dev *hdev;
980 struct mgmt_cp_remove_key *cp;
981 struct hci_conn *conn;
55ed8ca1
JH		 982 int err;
983
984 cp = (void *) data;
55ed8ca1 985
bdce7baf
SJ		 986 if (len != sizeof(*cp))
987 return cmd_status(sk, index, MGMT_OP_REMOVE_KEY, EINVAL);
988
4e51eae9 989 hdev = hci_dev_get(index);
55ed8ca1 990 if (!hdev)
4e51eae9 991 return cmd_status(sk, index, MGMT_OP_REMOVE_KEY, ENODEV);
55ed8ca1 992
8c156c32 993 hci_dev_lock_bh(hdev);
55ed8ca1
JH		 994
995 err = hci_remove_link_key(hdev, &cp->bdaddr);
996 if (err < 0) {
4e51eae9 997 err = cmd_status(sk, index, MGMT_OP_REMOVE_KEY, -err);
55ed8ca1
JH		 998 goto unlock;
999 }
1000
1001 err = 0;
1002
1003 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect)
1004 goto unlock;
1005
1006 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1007 if (conn) {
1008 struct hci_cp_disconnect dc;
1009
1010 put_unaligned_le16(conn->handle, &dc.handle);
1011 dc.reason = 0x13; /* Remote User Terminated Connection */
94ac0272 1012 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
55ed8ca1
JH		 1013 }
1014
1015unlock:
8c156c32 1016 hci_dev_unlock_bh(hdev);
55ed8ca1
JH		 1017 hci_dev_put(hdev);
1018
1019 return err;
1020}
1021
4e51eae9 1022static int disconnect(struct sock *sk, u16 index, unsigned char *data, u16 len)
8962ee74
JH		 1023{
1024 struct hci_dev *hdev;
1025 struct mgmt_cp_disconnect *cp;
1026 struct hci_cp_disconnect dc;
366a0336 1027 struct pending_cmd *cmd;
8962ee74 1028 struct hci_conn *conn;
8962ee74
JH		 1029 int err;
1030
1031 BT_DBG("");
1032
1033 cp = (void *) data;
8962ee74 1034
bdce7baf
SJ		 1035 if (len != sizeof(*cp))
1036 return cmd_status(sk, index, MGMT_OP_DISCONNECT, EINVAL);
1037
4e51eae9 1038 hdev = hci_dev_get(index);
8962ee74 1039 if (!hdev)
4e51eae9 1040 return cmd_status(sk, index, MGMT_OP_DISCONNECT, ENODEV);
8962ee74 1041
8c156c32 1042 hci_dev_lock_bh(hdev);
8962ee74
JH		 1043
1044 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9 1045 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENETDOWN);
8962ee74
JH		 1046 goto failed;
1047 }
1048
4e51eae9
SJ		 1049 if (mgmt_pending_find(MGMT_OP_DISCONNECT, index)) {
1050 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, EBUSY);
8962ee74
JH		 1051 goto failed;
1052 }
1053
1054 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
365227e5
VCG		 1055 if (!conn)
1056 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->bdaddr);
1057
8962ee74 1058 if (!conn) {
4e51eae9 1059 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENOTCONN);
8962ee74
JH		 1060 goto failed;
1061 }
1062
4e51eae9 1063 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, index, data, len);
366a0336
JH		 1064 if (!cmd) {
1065 err = -ENOMEM;
8962ee74 1066 goto failed;
366a0336 1067 }
8962ee74
JH		 1068
1069 put_unaligned_le16(conn->handle, &dc.handle);
1070 dc.reason = 0x13; /* Remote User Terminated Connection */
1071
1072 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1073 if (err < 0)
a664b5bc 1074 mgmt_pending_remove(cmd);
8962ee74
JH		 1075
1076failed:
8c156c32 1077 hci_dev_unlock_bh(hdev);
8962ee74
JH		 1078 hci_dev_put(hdev);
1079
1080 return err;
1081}
1082
8ce6284e 1083static int get_connections(struct sock *sk, u16 index)
2784eb41 1084{
2784eb41
JH		 1085 struct mgmt_rp_get_connections *rp;
1086 struct hci_dev *hdev;
1087 struct list_head *p;
a38528f1 1088 size_t rp_len;
4e51eae9 1089 u16 count;
2784eb41
JH		 1090 int i, err;
1091
1092 BT_DBG("");
1093
4e51eae9 1094 hdev = hci_dev_get(index);
2784eb41 1095 if (!hdev)
4e51eae9 1096 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS, ENODEV);
2784eb41 1097
8c156c32 1098 hci_dev_lock_bh(hdev);
2784eb41
JH		 1099
1100 count = 0;
1101 list_for_each(p, &hdev->conn_hash.list) {
1102 count++;
1103 }
1104
a38528f1
JH		 1105 rp_len = sizeof(*rp) + (count * sizeof(bdaddr_t));
1106 rp = kmalloc(rp_len, GFP_ATOMIC);
1107 if (!rp) {
2784eb41
JH		 1108 err = -ENOMEM;
1109 goto unlock;
1110 }
1111
2784eb41
JH		 1112 put_unaligned_le16(count, &rp->conn_count);
1113
2784eb41
JH		 1114 i = 0;
1115 list_for_each(p, &hdev->conn_hash.list) {
1116 struct hci_conn *c = list_entry(p, struct hci_conn, list);
1117
1118 bacpy(&rp->conn[i++], &c->dst);
1119 }
1120
4e51eae9 1121 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, rp, rp_len);
2784eb41
JH		 1122
1123unlock:
a38528f1 1124 kfree(rp);
8c156c32 1125 hci_dev_unlock_bh(hdev);
2784eb41
JH		 1126 hci_dev_put(hdev);
1127 return err;
1128}
1129
96d97a67
WR		 1130static int send_pin_code_neg_reply(struct sock *sk, u16 index,
1131 struct hci_dev *hdev, struct mgmt_cp_pin_code_neg_reply *cp)
1132{
1133 struct pending_cmd *cmd;
1134 int err;
1135
1136 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, index, cp,
1137 sizeof(*cp));
1138 if (!cmd)
1139 return -ENOMEM;
1140
1141 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, sizeof(cp->bdaddr),
1142 &cp->bdaddr);
1143 if (err < 0)
1144 mgmt_pending_remove(cmd);
1145
1146 return err;
1147}
1148
4e51eae9
SJ		 1149static int pin_code_reply(struct sock *sk, u16 index, unsigned char *data,
1150 u16 len)
980e1a53
JH		 1151{
1152 struct hci_dev *hdev;
96d97a67 1153 struct hci_conn *conn;
980e1a53 1154 struct mgmt_cp_pin_code_reply *cp;
96d97a67 1155 struct mgmt_cp_pin_code_neg_reply ncp;
980e1a53 1156 struct hci_cp_pin_code_reply reply;
366a0336 1157 struct pending_cmd *cmd;
980e1a53
JH		 1158 int err;
1159
1160 BT_DBG("");
1161
1162 cp = (void *) data;
980e1a53 1163
bdce7baf
SJ		 1164 if (len != sizeof(*cp))
1165 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, EINVAL);
1166
4e51eae9 1167 hdev = hci_dev_get(index);
980e1a53 1168 if (!hdev)
4e51eae9 1169 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENODEV);
980e1a53 1170
8c156c32 1171 hci_dev_lock_bh(hdev);
980e1a53
JH		 1172
1173 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9 1174 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENETDOWN);
980e1a53
JH		 1175 goto failed;
1176 }
1177
96d97a67
WR		 1178 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1179 if (!conn) {
1180 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENOTCONN);
1181 goto failed;
1182 }
1183
1184 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
1185 bacpy(&ncp.bdaddr, &cp->bdaddr);
1186
1187 BT_ERR("PIN code is not 16 bytes long");
1188
1189 err = send_pin_code_neg_reply(sk, index, hdev, &ncp);
1190 if (err >= 0)
1191 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1192 EINVAL);
1193
1194 goto failed;
1195 }
1196
4e51eae9 1197 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, index, data, len);
366a0336
JH		 1198 if (!cmd) {
1199 err = -ENOMEM;
980e1a53 1200 goto failed;
366a0336 1201 }
980e1a53
JH		 1202
1203 bacpy(&reply.bdaddr, &cp->bdaddr);
1204 reply.pin_len = cp->pin_len;
24718ca5 1205 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 1206
1207 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1208 if (err < 0)
a664b5bc 1209 mgmt_pending_remove(cmd);
980e1a53
JH		 1210
1211failed:
8c156c32 1212 hci_dev_unlock_bh(hdev);
980e1a53
JH		 1213 hci_dev_put(hdev);
1214
1215 return err;
1216}
1217
4e51eae9
SJ		 1218static int pin_code_neg_reply(struct sock *sk, u16 index, unsigned char *data,
1219 u16 len)
980e1a53
JH		 1220{
1221 struct hci_dev *hdev;
1222 struct mgmt_cp_pin_code_neg_reply *cp;
980e1a53
JH		 1223 int err;
1224
1225 BT_DBG("");
1226
1227 cp = (void *) data;
980e1a53 1228
bdce7baf
SJ		 1229 if (len != sizeof(*cp))
1230 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1231 EINVAL);
1232
4e51eae9 1233 hdev = hci_dev_get(index);
980e1a53 1234 if (!hdev)
4e51eae9
SJ		 1235 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1236 ENODEV);
980e1a53 1237
8c156c32 1238 hci_dev_lock_bh(hdev);
980e1a53
JH		 1239
1240 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9
SJ		 1241 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1242 ENETDOWN);
980e1a53
JH		 1243 goto failed;
1244 }
1245
96d97a67 1246 err = send_pin_code_neg_reply(sk, index, hdev, cp);
980e1a53
JH		 1247
1248failed:
8c156c32 1249 hci_dev_unlock_bh(hdev);
980e1a53
JH		 1250 hci_dev_put(hdev);
1251
1252 return err;
1253}
1254
4e51eae9
SJ		 1255static int set_io_capability(struct sock *sk, u16 index, unsigned char *data,
1256 u16 len)
17fa4b9d
JH		 1257{
1258 struct hci_dev *hdev;
1259 struct mgmt_cp_set_io_capability *cp;
17fa4b9d
JH		 1260
1261 BT_DBG("");
1262
1263 cp = (void *) data;
17fa4b9d 1264
bdce7baf 1265 if (len != sizeof(*cp))
b8534e0f 1266 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, EINVAL);
bdce7baf 1267
4e51eae9 1268 hdev = hci_dev_get(index);
17fa4b9d 1269 if (!hdev)
4e51eae9 1270 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, ENODEV);
17fa4b9d 1271
8c156c32 1272 hci_dev_lock_bh(hdev);
17fa4b9d
JH		 1273
1274 hdev->io_capability = cp->io_capability;
1275
1276 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
b8534e0f 1277 hdev->io_capability);
17fa4b9d 1278
8c156c32 1279 hci_dev_unlock_bh(hdev);
17fa4b9d
JH		 1280 hci_dev_put(hdev);
1281
4e51eae9 1282 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, NULL, 0);
17fa4b9d
JH		 1283}
1284
e9a416b5
JH		 1285static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1286{
1287 struct hci_dev *hdev = conn->hdev;
1288 struct list_head *p;
1289
1290 list_for_each(p, &cmd_list) {
1291 struct pending_cmd *cmd;
1292
1293 cmd = list_entry(p, struct pending_cmd, list);
1294
1295 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1296 continue;
1297
1298 if (cmd->index != hdev->id)
1299 continue;
1300
1301 if (cmd->user_data != conn)
1302 continue;
1303
1304 return cmd;
1305 }
1306
1307 return NULL;
1308}
1309
1310static void pairing_complete(struct pending_cmd *cmd, u8 status)
1311{
1312 struct mgmt_rp_pair_device rp;
1313 struct hci_conn *conn = cmd->user_data;
1314
e9a416b5
JH		 1315 bacpy(&rp.bdaddr, &conn->dst);
1316 rp.status = status;
1317
4e51eae9 1318 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, &rp, sizeof(rp));
e9a416b5
JH		 1319
1320 /* So we don't get further callbacks for this connection */
1321 conn->connect_cfm_cb = NULL;
1322 conn->security_cfm_cb = NULL;
1323 conn->disconn_cfm_cb = NULL;
1324
1325 hci_conn_put(conn);
1326
a664b5bc 1327 mgmt_pending_remove(cmd);
e9a416b5
JH		 1328}
1329
1330static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1331{
1332 struct pending_cmd *cmd;
1333
1334 BT_DBG("status %u", status);
1335
1336 cmd = find_pairing(conn);
1337 if (!cmd) {
1338 BT_DBG("Unable to find a pending command");
1339 return;
1340 }
1341
1342 pairing_complete(cmd, status);
1343}
1344
4e51eae9 1345static int pair_device(struct sock *sk, u16 index, unsigned char *data, u16 len)
e9a416b5
JH		 1346{
1347 struct hci_dev *hdev;
1348 struct mgmt_cp_pair_device *cp;
1349 struct pending_cmd *cmd;
7a512d01 1350 struct adv_entry *entry;
e9a416b5
JH		 1351 u8 sec_level, auth_type;
1352 struct hci_conn *conn;
e9a416b5
JH		 1353 int err;
1354
1355 BT_DBG("");
1356
1357 cp = (void *) data;
e9a416b5 1358
bdce7baf
SJ		 1359 if (len != sizeof(*cp))
1360 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EINVAL);
1361
4e51eae9 1362 hdev = hci_dev_get(index);
e9a416b5 1363 if (!hdev)
4e51eae9 1364 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, ENODEV);
e9a416b5 1365
8c156c32 1366 hci_dev_lock_bh(hdev);
e9a416b5 1367
c908df36
VCG		 1368 sec_level = BT_SECURITY_MEDIUM;
1369 if (cp->io_cap == 0x03)
e9a416b5 1370 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 1371 else
e9a416b5 1372 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 1373
7a512d01
VCG		 1374 entry = hci_find_adv_entry(hdev, &cp->bdaddr);
1375 if (entry)
1376 conn = hci_connect(hdev, LE_LINK, &cp->bdaddr, sec_level,
1377 auth_type);
1378 else
1379 conn = hci_connect(hdev, ACL_LINK, &cp->bdaddr, sec_level,
1380 auth_type);
1381
30e76272
VT		 1382 if (IS_ERR(conn)) {
1383 err = PTR_ERR(conn);
e9a416b5
JH		 1384 goto unlock;
1385 }
1386
1387 if (conn->connect_cfm_cb) {
1388 hci_conn_put(conn);
4e51eae9 1389 err = cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EBUSY);
e9a416b5
JH		 1390 goto unlock;
1391 }
1392
4e51eae9 1393 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, index, data, len);
e9a416b5
JH		 1394 if (!cmd) {
1395 err = -ENOMEM;
1396 hci_conn_put(conn);
1397 goto unlock;
1398 }
1399
7a512d01
VCG		 1400 /* For LE, just connecting isn't a proof that the pairing finished */
1401 if (!entry)
1402 conn->connect_cfm_cb = pairing_complete_cb;
1403
e9a416b5
JH		 1404 conn->security_cfm_cb = pairing_complete_cb;
1405 conn->disconn_cfm_cb = pairing_complete_cb;
1406 conn->io_capability = cp->io_cap;
1407 cmd->user_data = conn;
1408
1409 if (conn->state == BT_CONNECTED &&
1410 hci_conn_security(conn, sec_level, auth_type))
1411 pairing_complete(cmd, 0);
1412
1413 err = 0;
1414
1415unlock:
8c156c32 1416 hci_dev_unlock_bh(hdev);
e9a416b5
JH		 1417 hci_dev_put(hdev);
1418
1419 return err;
1420}
1421
4e51eae9
SJ		 1422static int user_confirm_reply(struct sock *sk, u16 index, unsigned char *data,
1423 u16 len, int success)
a5c29683
JH		 1424{
1425 struct mgmt_cp_user_confirm_reply *cp = (void *) data;
4e51eae9 1426 u16 mgmt_op, hci_op;
a5c29683
JH		 1427 struct pending_cmd *cmd;
1428 struct hci_dev *hdev;
1429 int err;
1430
1431 BT_DBG("");
1432
a5c29683
JH		 1433 if (success) {
1434 mgmt_op = MGMT_OP_USER_CONFIRM_REPLY;
1435 hci_op = HCI_OP_USER_CONFIRM_REPLY;
1436 } else {
1437 mgmt_op = MGMT_OP_USER_CONFIRM_NEG_REPLY;
1438 hci_op = HCI_OP_USER_CONFIRM_NEG_REPLY;
1439 }
1440
bdce7baf
SJ		 1441 if (len != sizeof(*cp))
1442 return cmd_status(sk, index, mgmt_op, EINVAL);
1443
4e51eae9 1444 hdev = hci_dev_get(index);
a5c29683 1445 if (!hdev)
4e51eae9 1446 return cmd_status(sk, index, mgmt_op, ENODEV);
a5c29683 1447
8c156c32 1448 hci_dev_lock_bh(hdev);
08ba5382 1449
a5c29683 1450 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9 1451 err = cmd_status(sk, index, mgmt_op, ENETDOWN);
a5c29683
JH		 1452 goto failed;
1453 }
1454
4e51eae9 1455 cmd = mgmt_pending_add(sk, mgmt_op, index, data, len);
a5c29683
JH		 1456 if (!cmd) {
1457 err = -ENOMEM;
1458 goto failed;
1459 }
1460
1461 err = hci_send_cmd(hdev, hci_op, sizeof(cp->bdaddr), &cp->bdaddr);
a664b5bc
JH		 1462 if (err < 0)
1463 mgmt_pending_remove(cmd);
a5c29683
JH		 1464
1465failed:
8c156c32 1466 hci_dev_unlock_bh(hdev);
a5c29683
JH		 1467 hci_dev_put(hdev);
1468
1469 return err;
1470}
1471
b312b161
JH		 1472static int set_local_name(struct sock *sk, u16 index, unsigned char *data,
1473 u16 len)
1474{
1475 struct mgmt_cp_set_local_name *mgmt_cp = (void *) data;
1476 struct hci_cp_write_local_name hci_cp;
1477 struct hci_dev *hdev;
1478 struct pending_cmd *cmd;
1479 int err;
1480
1481 BT_DBG("");
1482
1483 if (len != sizeof(*mgmt_cp))
1484 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, EINVAL);
1485
1486 hdev = hci_dev_get(index);
1487 if (!hdev)
1488 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, ENODEV);
1489
8c156c32 1490 hci_dev_lock_bh(hdev);
b312b161
JH		 1491
1492 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, index, data, len);
1493 if (!cmd) {
1494 err = -ENOMEM;
1495 goto failed;
1496 }
1497
1498 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name));
1499 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp),
1500 &hci_cp);
1501 if (err < 0)
1502 mgmt_pending_remove(cmd);
1503
1504failed:
8c156c32 1505 hci_dev_unlock_bh(hdev);
b312b161
JH		 1506 hci_dev_put(hdev);
1507
1508 return err;
1509}
1510
c35938b2
SJ		 1511static int read_local_oob_data(struct sock *sk, u16 index)
1512{
1513 struct hci_dev *hdev;
1514 struct pending_cmd *cmd;
1515 int err;
1516
1517 BT_DBG("hci%u", index);
1518
1519 hdev = hci_dev_get(index);
1520 if (!hdev)
1521 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1522 ENODEV);
1523
8c156c32 1524 hci_dev_lock_bh(hdev);
c35938b2
SJ		 1525
1526 if (!test_bit(HCI_UP, &hdev->flags)) {
1527 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1528 ENETDOWN);
1529 goto unlock;
1530 }
1531
1532 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
1533 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1534 EOPNOTSUPP);
1535 goto unlock;
1536 }
1537
1538 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, index)) {
1539 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA, EBUSY);
1540 goto unlock;
1541 }
1542
1543 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, index, NULL, 0);
1544 if (!cmd) {
1545 err = -ENOMEM;
1546 goto unlock;
1547 }
1548
1549 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
1550 if (err < 0)
1551 mgmt_pending_remove(cmd);
1552
1553unlock:
8c156c32 1554 hci_dev_unlock_bh(hdev);
c35938b2
SJ		 1555 hci_dev_put(hdev);
1556
1557 return err;
1558}
1559
2763eda6
SJ		 1560static int add_remote_oob_data(struct sock *sk, u16 index, unsigned char *data,
1561 u16 len)
1562{
1563 struct hci_dev *hdev;
1564 struct mgmt_cp_add_remote_oob_data *cp = (void *) data;
1565 int err;
1566
1567 BT_DBG("hci%u ", index);
1568
1569 if (len != sizeof(*cp))
1570 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1571 EINVAL);
1572
1573 hdev = hci_dev_get(index);
1574 if (!hdev)
1575 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1576 ENODEV);
1577
8c156c32 1578 hci_dev_lock_bh(hdev);
2763eda6
SJ		 1579
1580 err = hci_add_remote_oob_data(hdev, &cp->bdaddr, cp->hash,
1581 cp->randomizer);
1582 if (err < 0)
1583 err = cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, -err);
1584 else
1585 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, NULL,
1586 0);
1587
8c156c32 1588 hci_dev_unlock_bh(hdev);
2763eda6
SJ		 1589 hci_dev_put(hdev);
1590
1591 return err;
1592}
1593
1594static int remove_remote_oob_data(struct sock *sk, u16 index,
1595 unsigned char *data, u16 len)
1596{
1597 struct hci_dev *hdev;
1598 struct mgmt_cp_remove_remote_oob_data *cp = (void *) data;
1599 int err;
1600
1601 BT_DBG("hci%u ", index);
1602
1603 if (len != sizeof(*cp))
1604 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1605 EINVAL);
1606
1607 hdev = hci_dev_get(index);
1608 if (!hdev)
1609 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1610 ENODEV);
1611
8c156c32 1612 hci_dev_lock_bh(hdev);
2763eda6
SJ		 1613
1614 err = hci_remove_remote_oob_data(hdev, &cp->bdaddr);
1615 if (err < 0)
1616 err = cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1617 -err);
1618 else
1619 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1620 NULL, 0);
1621
8c156c32 1622 hci_dev_unlock_bh(hdev);
2763eda6
SJ		 1623 hci_dev_put(hdev);
1624
1625 return err;
1626}
1627
14a53664
JH		 1628static int start_discovery(struct sock *sk, u16 index)
1629{
1630 u8 lap[3] = { 0x33, 0x8b, 0x9e };
1631 struct hci_cp_inquiry cp;
1632 struct pending_cmd *cmd;
1633 struct hci_dev *hdev;
1634 int err;
1635
1636 BT_DBG("hci%u", index);
1637
1638 hdev = hci_dev_get(index);
1639 if (!hdev)
1640 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY, ENODEV);
1641
1642 hci_dev_lock_bh(hdev);
1643
1644 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, index, NULL, 0);
1645 if (!cmd) {
1646 err = -ENOMEM;
1647 goto failed;
1648 }
1649
1650 memset(&cp, 0, sizeof(cp));
1651 memcpy(&cp.lap, lap, 3);
1652 cp.length = 0x08;
1653 cp.num_rsp = 0x00;
1654
1655 err = hci_send_cmd(hdev, HCI_OP_INQUIRY, sizeof(cp), &cp);
1656 if (err < 0)
1657 mgmt_pending_remove(cmd);
1658
1659failed:
1660 hci_dev_unlock_bh(hdev);
1661 hci_dev_put(hdev);
1662
1663 return err;
1664}
1665
1666static int stop_discovery(struct sock *sk, u16 index)
1667{
1668 struct hci_dev *hdev;
1669 struct pending_cmd *cmd;
1670 int err;
1671
1672 BT_DBG("hci%u", index);
1673
1674 hdev = hci_dev_get(index);
1675 if (!hdev)
1676 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY, ENODEV);
1677
1678 hci_dev_lock_bh(hdev);
1679
1680 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, index, NULL, 0);
1681 if (!cmd) {
1682 err = -ENOMEM;
1683 goto failed;
1684 }
1685
1686 err = hci_send_cmd(hdev, HCI_OP_INQUIRY_CANCEL, 0, NULL);
1687 if (err < 0)
1688 mgmt_pending_remove(cmd);
1689
1690failed:
1691 hci_dev_unlock_bh(hdev);
1692 hci_dev_put(hdev);
1693
1694 return err;
1695}
1696
7fbec224
AJ		 1697static int block_device(struct sock *sk, u16 index, unsigned char *data,
1698 u16 len)
1699{
1700 struct hci_dev *hdev;
5e762444
AJ		 1701 struct pending_cmd *cmd;
1702 struct mgmt_cp_block_device *cp = (void *) data;
7fbec224
AJ		 1703 int err;
1704
1705 BT_DBG("hci%u", index);
1706
7fbec224
AJ		 1707 if (len != sizeof(*cp))
1708 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1709 EINVAL);
1710
1711 hdev = hci_dev_get(index);
1712 if (!hdev)
1713 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1714 ENODEV);
1715
5e762444
AJ		 1716 hci_dev_lock_bh(hdev);
1717
1718 cmd = mgmt_pending_add(sk, MGMT_OP_BLOCK_DEVICE, index, NULL, 0);
1719 if (!cmd) {
1720 err = -ENOMEM;
1721 goto failed;
1722 }
1723
7fbec224
AJ		 1724 err = hci_blacklist_add(hdev, &cp->bdaddr);
1725
1726 if (err < 0)
1727 err = cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE, -err);
1728 else
1729 err = cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE,
1730 NULL, 0);
5e762444
AJ		 1731
1732 mgmt_pending_remove(cmd);
1733
1734failed:
1735 hci_dev_unlock_bh(hdev);
7fbec224
AJ		 1736 hci_dev_put(hdev);
1737
1738 return err;
1739}
1740
1741static int unblock_device(struct sock *sk, u16 index, unsigned char *data,
1742 u16 len)
1743{
1744 struct hci_dev *hdev;
5e762444
AJ		 1745 struct pending_cmd *cmd;
1746 struct mgmt_cp_unblock_device *cp = (void *) data;
7fbec224
AJ		 1747 int err;
1748
1749 BT_DBG("hci%u", index);
1750
7fbec224
AJ		 1751 if (len != sizeof(*cp))
1752 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1753 EINVAL);
1754
1755 hdev = hci_dev_get(index);
1756 if (!hdev)
1757 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1758 ENODEV);
1759
5e762444
AJ		 1760 hci_dev_lock_bh(hdev);
1761
1762 cmd = mgmt_pending_add(sk, MGMT_OP_UNBLOCK_DEVICE, index, NULL, 0);
1763 if (!cmd) {
1764 err = -ENOMEM;
1765 goto failed;
1766 }
1767
7fbec224
AJ		 1768 err = hci_blacklist_del(hdev, &cp->bdaddr);
1769
1770 if (err < 0)
1771 err = cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE, -err);
1772 else
1773 err = cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1774 NULL, 0);
5e762444
AJ		 1775
1776 mgmt_pending_remove(cmd);
1777
1778failed:
1779 hci_dev_unlock_bh(hdev);
7fbec224
AJ		 1780 hci_dev_put(hdev);
1781
1782 return err;
1783}
1784
f6422ec6
AJ		 1785static int set_fast_connectable(struct sock *sk, u16 index,
1786 unsigned char *data, u16 len)
1787{
1788 struct hci_dev *hdev;
1789 struct mgmt_cp_set_fast_connectable *cp = (void *) data;
1790 struct hci_cp_write_page_scan_activity acp;
1791 u8 type;
1792 int err;
1793
1794 BT_DBG("hci%u", index);
1795
1796 if (len != sizeof(*cp))
1797 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1798 EINVAL);
1799
1800 hdev = hci_dev_get(index);
1801 if (!hdev)
1802 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1803 ENODEV);
1804
1805 hci_dev_lock(hdev);
1806
1807 if (cp->enable) {
1808 type = PAGE_SCAN_TYPE_INTERLACED;
1809 acp.interval = 0x0024; /* 22.5 msec page scan interval */
1810 } else {
1811 type = PAGE_SCAN_TYPE_STANDARD; /* default */
1812 acp.interval = 0x0800; /* default 1.28 sec page scan */
1813 }
1814
1815 acp.window = 0x0012; /* default 11.25 msec page scan window */
1816
1817 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
1818 sizeof(acp), &acp);
1819 if (err < 0) {
1820 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1821 -err);
1822 goto done;
1823 }
1824
1825 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
1826 if (err < 0) {
1827 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1828 -err);
1829 goto done;
1830 }
1831
1832 err = cmd_complete(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1833 NULL, 0);
1834done:
1835 hci_dev_unlock(hdev);
1836 hci_dev_put(hdev);
1837
1838 return err;
1839}
1840
0381101f
JH		 1841int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
1842{
1843 unsigned char *buf;
1844 struct mgmt_hdr *hdr;
4e51eae9 1845 u16 opcode, index, len;
0381101f
JH		 1846 int err;
1847
1848 BT_DBG("got %zu bytes", msglen);
1849
1850 if (msglen < sizeof(*hdr))
1851 return -EINVAL;
1852
e63a15ec 1853 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 1854 if (!buf)
1855 return -ENOMEM;
1856
1857 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
1858 err = -EFAULT;
1859 goto done;
1860 }
1861
1862 hdr = (struct mgmt_hdr *) buf;
1863 opcode = get_unaligned_le16(&hdr->opcode);
4e51eae9 1864 index = get_unaligned_le16(&hdr->index);
0381101f
JH		 1865 len = get_unaligned_le16(&hdr->len);
1866
1867 if (len != msglen - sizeof(*hdr)) {
1868 err = -EINVAL;
1869 goto done;
1870 }
1871
1872 switch (opcode) {
02d98129
JH		 1873 case MGMT_OP_READ_VERSION:
1874 err = read_version(sk);
1875 break;
faba42eb
JH		 1876 case MGMT_OP_READ_INDEX_LIST:
1877 err = read_index_list(sk);
1878 break;
f7b64e69 1879 case MGMT_OP_READ_INFO:
4e51eae9 1880 err = read_controller_info(sk, index);
f7b64e69 1881 break;
eec8d2bc 1882 case MGMT_OP_SET_POWERED:
4e51eae9 1883 err = set_powered(sk, index, buf + sizeof(*hdr), len);
eec8d2bc 1884 break;
73f22f62 1885 case MGMT_OP_SET_DISCOVERABLE:
4e51eae9 1886 err = set_discoverable(sk, index, buf + sizeof(*hdr), len);
73f22f62 1887 break;
9fbcbb45 1888 case MGMT_OP_SET_CONNECTABLE:
4e51eae9 1889 err = set_connectable(sk, index, buf + sizeof(*hdr), len);
9fbcbb45 1890 break;
c542a06c 1891 case MGMT_OP_SET_PAIRABLE:
4e51eae9 1892 err = set_pairable(sk, index, buf + sizeof(*hdr), len);
c542a06c 1893 break;
2aeb9a1a 1894 case MGMT_OP_ADD_UUID:
4e51eae9 1895 err = add_uuid(sk, index, buf + sizeof(*hdr), len);
2aeb9a1a
JH		 1896 break;
1897 case MGMT_OP_REMOVE_UUID:
4e51eae9 1898 err = remove_uuid(sk, index, buf + sizeof(*hdr), len);
2aeb9a1a 1899 break;
1aff6f09 1900 case MGMT_OP_SET_DEV_CLASS:
4e51eae9 1901 err = set_dev_class(sk, index, buf + sizeof(*hdr), len);
1aff6f09
JH		 1902 break;
1903 case MGMT_OP_SET_SERVICE_CACHE:
4e51eae9 1904 err = set_service_cache(sk, index, buf + sizeof(*hdr), len);
1aff6f09 1905 break;
55ed8ca1 1906 case MGMT_OP_LOAD_KEYS:
4e51eae9 1907 err = load_keys(sk, index, buf + sizeof(*hdr), len);
55ed8ca1
JH		 1908 break;
1909 case MGMT_OP_REMOVE_KEY:
4e51eae9 1910 err = remove_key(sk, index, buf + sizeof(*hdr), len);
55ed8ca1 1911 break;
8962ee74 1912 case MGMT_OP_DISCONNECT:
4e51eae9 1913 err = disconnect(sk, index, buf + sizeof(*hdr), len);
8962ee74 1914 break;
2784eb41 1915 case MGMT_OP_GET_CONNECTIONS:
8ce6284e 1916 err = get_connections(sk, index);
2784eb41 1917 break;
980e1a53 1918 case MGMT_OP_PIN_CODE_REPLY:
4e51eae9 1919 err = pin_code_reply(sk, index, buf + sizeof(*hdr), len);
980e1a53
JH		 1920 break;
1921 case MGMT_OP_PIN_CODE_NEG_REPLY:
4e51eae9 1922 err = pin_code_neg_reply(sk, index, buf + sizeof(*hdr), len);
980e1a53 1923 break;
17fa4b9d 1924 case MGMT_OP_SET_IO_CAPABILITY:
4e51eae9 1925 err = set_io_capability(sk, index, buf + sizeof(*hdr), len);
17fa4b9d 1926 break;
e9a416b5 1927 case MGMT_OP_PAIR_DEVICE:
4e51eae9 1928 err = pair_device(sk, index, buf + sizeof(*hdr), len);
e9a416b5 1929 break;
a5c29683 1930 case MGMT_OP_USER_CONFIRM_REPLY:
4e51eae9 1931 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 1);
a5c29683
JH		 1932 break;
1933 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
4e51eae9 1934 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 0);
a5c29683 1935 break;
b312b161
JH		 1936 case MGMT_OP_SET_LOCAL_NAME:
1937 err = set_local_name(sk, index, buf + sizeof(*hdr), len);
1938 break;
c35938b2
SJ		 1939 case MGMT_OP_READ_LOCAL_OOB_DATA:
1940 err = read_local_oob_data(sk, index);
1941 break;
2763eda6
SJ		 1942 case MGMT_OP_ADD_REMOTE_OOB_DATA:
1943 err = add_remote_oob_data(sk, index, buf + sizeof(*hdr), len);
1944 break;
1945 case MGMT_OP_REMOVE_REMOTE_OOB_DATA:
1946 err = remove_remote_oob_data(sk, index, buf + sizeof(*hdr),
1947 len);
1948 break;
14a53664
JH		 1949 case MGMT_OP_START_DISCOVERY:
1950 err = start_discovery(sk, index);
1951 break;
1952 case MGMT_OP_STOP_DISCOVERY:
1953 err = stop_discovery(sk, index);
1954 break;
7fbec224
AJ		 1955 case MGMT_OP_BLOCK_DEVICE:
1956 err = block_device(sk, index, buf + sizeof(*hdr), len);
1957 break;
1958 case MGMT_OP_UNBLOCK_DEVICE:
1959 err = unblock_device(sk, index, buf + sizeof(*hdr), len);
1960 break;
f6422ec6
AJ		 1961 case MGMT_OP_SET_FAST_CONNECTABLE:
1962 err = set_fast_connectable(sk, index, buf + sizeof(*hdr),
1963 len);
1964 break;
0381101f
JH		 1965 default:
1966 BT_DBG("Unknown op %u", opcode);
4e51eae9 1967 err = cmd_status(sk, index, opcode, 0x01);
0381101f
JH		 1968 break;
1969 }
1970
e41d8b4e
JH		 1971 if (err < 0)
1972 goto done;
1973
0381101f
JH		 1974 err = msglen;
1975
1976done:
1977 kfree(buf);
1978 return err;
1979}
c71e97bf 1980
c71e97bf
JH		 1981int mgmt_index_added(u16 index)
1982{
4e51eae9 1983 return mgmt_event(MGMT_EV_INDEX_ADDED, index, NULL, 0, NULL);
c71e97bf
JH		 1984}
1985
1986int mgmt_index_removed(u16 index)
1987{
4e51eae9 1988 return mgmt_event(MGMT_EV_INDEX_REMOVED, index, NULL, 0, NULL);
eec8d2bc
JH		 1989}
1990
73f22f62 1991struct cmd_lookup {
72a734ec 1992 u8 val;
eec8d2bc
JH		 1993 struct sock *sk;
1994};
1995
72a734ec 1996static void mode_rsp(struct pending_cmd *cmd, void *data)
eec8d2bc 1997{
c68fb7ff 1998 struct mgmt_mode *cp = cmd->param;
73f22f62 1999 struct cmd_lookup *match = data;
eec8d2bc 2000
72a734ec 2001 if (cp->val != match->val)
eec8d2bc
JH		 2002 return;
2003
053f0211 2004 send_mode_rsp(cmd->sk, cmd->opcode, cmd->index, cp->val);
eec8d2bc
JH		 2005
2006 list_del(&cmd->list);
2007
2008 if (match->sk == NULL) {
2009 match->sk = cmd->sk;
2010 sock_hold(match->sk);
2011 }
2012
2013 mgmt_pending_free(cmd);
c71e97bf 2014}
5add6af8
JH		 2015
2016int mgmt_powered(u16 index, u8 powered)
2017{
72a734ec 2018 struct mgmt_mode ev;
73f22f62 2019 struct cmd_lookup match = { powered, NULL };
eec8d2bc 2020 int ret;
5add6af8 2021
72a734ec 2022 mgmt_pending_foreach(MGMT_OP_SET_POWERED, index, mode_rsp, &match);
5add6af8 2023
72a734ec 2024 ev.val = powered;
eec8d2bc 2025
4e51eae9 2026 ret = mgmt_event(MGMT_EV_POWERED, index, &ev, sizeof(ev), match.sk);
eec8d2bc
JH		 2027
2028 if (match.sk)
2029 sock_put(match.sk);
2030
2031 return ret;
5add6af8 2032}
73f22f62 2033
73f22f62
JH		 2034int mgmt_discoverable(u16 index, u8 discoverable)
2035{
72a734ec 2036 struct mgmt_mode ev;
73f22f62
JH		 2037 struct cmd_lookup match = { discoverable, NULL };
2038 int ret;
2039
b8534e0f 2040 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, index, mode_rsp, &match);
72a734ec 2041
72a734ec 2042 ev.val = discoverable;
73f22f62 2043
4e51eae9
SJ		 2044 ret = mgmt_event(MGMT_EV_DISCOVERABLE, index, &ev, sizeof(ev),
2045 match.sk);
73f22f62
JH		 2046
2047 if (match.sk)
2048 sock_put(match.sk);
2049
2050 return ret;
2051}
9fbcbb45 2052
9fbcbb45
JH		 2053int mgmt_connectable(u16 index, u8 connectable)
2054{
72a734ec 2055 struct mgmt_mode ev;
9fbcbb45
JH		 2056 struct cmd_lookup match = { connectable, NULL };
2057 int ret;
2058
72a734ec 2059 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, index, mode_rsp, &match);
9fbcbb45 2060
72a734ec 2061 ev.val = connectable;
9fbcbb45 2062
4e51eae9 2063 ret = mgmt_event(MGMT_EV_CONNECTABLE, index, &ev, sizeof(ev), match.sk);
9fbcbb45
JH		 2064
2065 if (match.sk)
2066 sock_put(match.sk);
2067
2068 return ret;
2069}
55ed8ca1 2070
4df378a1 2071int mgmt_new_key(u16 index, struct link_key *key, u8 persistent)
55ed8ca1 2072{
5a0a8b49
VCG		 2073 struct mgmt_ev_new_key *ev;
2074 int err, total;
55ed8ca1 2075
5a0a8b49
VCG		 2076 total = sizeof(struct mgmt_ev_new_key) + key->dlen;
2077 ev = kzalloc(total, GFP_ATOMIC);
2078 if (!ev)
2079 return -ENOMEM;
55ed8ca1 2080
5a0a8b49
VCG		 2081 bacpy(&ev->key.bdaddr, &key->bdaddr);
2082 ev->key.type = key->type;
2083 memcpy(ev->key.val, key->val, 16);
2084 ev->key.pin_len = key->pin_len;
2085 ev->key.dlen = key->dlen;
2086 ev->store_hint = persistent;
55ed8ca1 2087
5a0a8b49
VCG		 2088 memcpy(ev->key.data, key->data, key->dlen);
2089
2090 err = mgmt_event(MGMT_EV_NEW_KEY, index, ev, total, NULL);
2091
2092 kfree(ev);
2093
2094 return err;
55ed8ca1 2095}
f7520543 2096
cfafccf7 2097int mgmt_connected(u16 index, bdaddr_t *bdaddr, u8 link_type)
f7520543
JH		 2098{
2099 struct mgmt_ev_connected ev;
2100
f7520543 2101 bacpy(&ev.bdaddr, bdaddr);
cfafccf7 2102 ev.link_type = link_type;
f7520543 2103
4e51eae9 2104 return mgmt_event(MGMT_EV_CONNECTED, index, &ev, sizeof(ev), NULL);
f7520543
JH		 2105}
2106
8962ee74
JH		 2107static void disconnect_rsp(struct pending_cmd *cmd, void *data)
2108{
c68fb7ff 2109 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 2110 struct sock **sk = data;
a38528f1 2111 struct mgmt_rp_disconnect rp;
8962ee74 2112
a38528f1 2113 bacpy(&rp.bdaddr, &cp->bdaddr);
8962ee74 2114
4e51eae9 2115 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, &rp, sizeof(rp));
8962ee74
JH		 2116
2117 *sk = cmd->sk;
2118 sock_hold(*sk);
2119
a664b5bc 2120 mgmt_pending_remove(cmd);
8962ee74
JH		 2121}
2122
f7520543
JH		 2123int mgmt_disconnected(u16 index, bdaddr_t *bdaddr)
2124{
2125 struct mgmt_ev_disconnected ev;
8962ee74
JH		 2126 struct sock *sk = NULL;
2127 int err;
2128
2129 mgmt_pending_foreach(MGMT_OP_DISCONNECT, index, disconnect_rsp, &sk);
f7520543 2130
f7520543
JH		 2131 bacpy(&ev.bdaddr, bdaddr);
2132
4e51eae9 2133 err = mgmt_event(MGMT_EV_DISCONNECTED, index, &ev, sizeof(ev), sk);
8962ee74
JH		 2134
2135 if (sk)
2136 sock_put(sk);
2137
2138 return err;
2139}
2140
2141int mgmt_disconnect_failed(u16 index)
2142{
2143 struct pending_cmd *cmd;
2144 int err;
2145
2146 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, index);
2147 if (!cmd)
2148 return -ENOENT;
2149
4e51eae9 2150 err = cmd_status(cmd->sk, index, MGMT_OP_DISCONNECT, EIO);
8962ee74 2151
a664b5bc 2152 mgmt_pending_remove(cmd);
8962ee74
JH		 2153
2154 return err;
f7520543 2155}
17d5c04c
JH		 2156
2157int mgmt_connect_failed(u16 index, bdaddr_t *bdaddr, u8 status)
2158{
2159 struct mgmt_ev_connect_failed ev;
2160
17d5c04c
JH		 2161 bacpy(&ev.bdaddr, bdaddr);
2162 ev.status = status;
2163
4e51eae9 2164 return mgmt_event(MGMT_EV_CONNECT_FAILED, index, &ev, sizeof(ev), NULL);
17d5c04c 2165}
980e1a53 2166
a770bb5a 2167int mgmt_pin_code_request(u16 index, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 2168{
2169 struct mgmt_ev_pin_code_request ev;
2170
980e1a53 2171 bacpy(&ev.bdaddr, bdaddr);
a770bb5a 2172 ev.secure = secure;
980e1a53 2173
4e51eae9
SJ		 2174 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, index, &ev, sizeof(ev),
2175 NULL);
980e1a53
JH		 2176}
2177
2178int mgmt_pin_code_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2179{
2180 struct pending_cmd *cmd;
ac56fb13 2181 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 2182 int err;
2183
2184 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, index);
2185 if (!cmd)
2186 return -ENOENT;
2187
ac56fb13
JH		 2188 bacpy(&rp.bdaddr, bdaddr);
2189 rp.status = status;
2190
4e51eae9
SJ		 2191 err = cmd_complete(cmd->sk, index, MGMT_OP_PIN_CODE_REPLY, &rp,
2192 sizeof(rp));
980e1a53 2193
a664b5bc 2194 mgmt_pending_remove(cmd);
980e1a53
JH		 2195
2196 return err;
2197}
2198
2199int mgmt_pin_code_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2200{
2201 struct pending_cmd *cmd;
ac56fb13 2202 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 2203 int err;
2204
2205 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, index);
2206 if (!cmd)
2207 return -ENOENT;
2208
ac56fb13
JH		 2209 bacpy(&rp.bdaddr, bdaddr);
2210 rp.status = status;
2211
4e51eae9
SJ		 2212 err = cmd_complete(cmd->sk, index, MGMT_OP_PIN_CODE_NEG_REPLY, &rp,
2213 sizeof(rp));
980e1a53 2214
a664b5bc 2215 mgmt_pending_remove(cmd);
980e1a53
JH		 2216
2217 return err;
2218}
a5c29683 2219
55bc1a37
JH		 2220int mgmt_user_confirm_request(u16 index, bdaddr_t *bdaddr, __le32 value,
2221 u8 confirm_hint)
a5c29683
JH		 2222{
2223 struct mgmt_ev_user_confirm_request ev;
2224
2225 BT_DBG("hci%u", index);
2226
a5c29683 2227 bacpy(&ev.bdaddr, bdaddr);
55bc1a37 2228 ev.confirm_hint = confirm_hint;
a5c29683
JH		 2229 put_unaligned_le32(value, &ev.value);
2230
4e51eae9
SJ		 2231 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, index, &ev, sizeof(ev),
2232 NULL);
a5c29683
JH		 2233}
2234
2235static int confirm_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status,
2236 u8 opcode)
2237{
2238 struct pending_cmd *cmd;
2239 struct mgmt_rp_user_confirm_reply rp;
2240 int err;
2241
2242 cmd = mgmt_pending_find(opcode, index);
2243 if (!cmd)
2244 return -ENOENT;
2245
a5c29683
JH		 2246 bacpy(&rp.bdaddr, bdaddr);
2247 rp.status = status;
4e51eae9 2248 err = cmd_complete(cmd->sk, index, opcode, &rp, sizeof(rp));
a5c29683 2249
a664b5bc 2250 mgmt_pending_remove(cmd);
a5c29683
JH		 2251
2252 return err;
2253}
2254
2255int mgmt_user_confirm_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2256{
2257 return confirm_reply_complete(index, bdaddr, status,
2258 MGMT_OP_USER_CONFIRM_REPLY);
2259}
2260
b8534e0f 2261int mgmt_user_confirm_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
a5c29683
JH		 2262{
2263 return confirm_reply_complete(index, bdaddr, status,
2264 MGMT_OP_USER_CONFIRM_NEG_REPLY);
2265}
2a611692
JH		 2266
2267int mgmt_auth_failed(u16 index, bdaddr_t *bdaddr, u8 status)
2268{
2269 struct mgmt_ev_auth_failed ev;
2270
2a611692
JH		 2271 bacpy(&ev.bdaddr, bdaddr);
2272 ev.status = status;
2273
4e51eae9 2274 return mgmt_event(MGMT_EV_AUTH_FAILED, index, &ev, sizeof(ev), NULL);
2a611692 2275}
b312b161
JH		 2276
2277int mgmt_set_local_name_complete(u16 index, u8 *name, u8 status)
2278{
2279 struct pending_cmd *cmd;
80a1e1db 2280 struct hci_dev *hdev;
b312b161
JH		 2281 struct mgmt_cp_set_local_name ev;
2282 int err;
2283
2284 memset(&ev, 0, sizeof(ev));
2285 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2286
2287 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, index);
2288 if (!cmd)
2289 goto send_event;
2290
2291 if (status) {
2292 err = cmd_status(cmd->sk, index, MGMT_OP_SET_LOCAL_NAME, EIO);
2293 goto failed;
2294 }
2295
80a1e1db
JH		 2296 hdev = hci_dev_get(index);
2297 if (hdev) {
2298 hci_dev_lock_bh(hdev);
2299 update_eir(hdev);
2300 hci_dev_unlock_bh(hdev);
2301 hci_dev_put(hdev);
2302 }
2303
b312b161
JH		 2304 err = cmd_complete(cmd->sk, index, MGMT_OP_SET_LOCAL_NAME, &ev,
2305 sizeof(ev));
2306 if (err < 0)
2307 goto failed;
2308
2309send_event:
2310 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, index, &ev, sizeof(ev),
2311 cmd ? cmd->sk : NULL);
2312
2313failed:
2314 if (cmd)
2315 mgmt_pending_remove(cmd);
2316 return err;
2317}
c35938b2
SJ		 2318
2319int mgmt_read_local_oob_data_reply_complete(u16 index, u8 *hash, u8 *randomizer,
2320 u8 status)
2321{
2322 struct pending_cmd *cmd;
2323 int err;
2324
2325 BT_DBG("hci%u status %u", index, status);
2326
2327 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, index);
2328 if (!cmd)
2329 return -ENOENT;
2330
2331 if (status) {
2332 err = cmd_status(cmd->sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
2333 EIO);
2334 } else {
2335 struct mgmt_rp_read_local_oob_data rp;
2336
2337 memcpy(rp.hash, hash, sizeof(rp.hash));
2338 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
2339
2340 err = cmd_complete(cmd->sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
2341 &rp, sizeof(rp));
2342 }
2343
2344 mgmt_pending_remove(cmd);
2345
2346 return err;
2347}
e17acd40
JH		 2348
2349int mgmt_device_found(u16 index, bdaddr_t *bdaddr, u8 *dev_class, s8 rssi,
2350 u8 *eir)
2351{
2352 struct mgmt_ev_device_found ev;
2353
2354 memset(&ev, 0, sizeof(ev));
2355
2356 bacpy(&ev.bdaddr, bdaddr);
2357 memcpy(ev.dev_class, dev_class, sizeof(ev.dev_class));
2358 ev.rssi = rssi;
2359
2360 if (eir)
2361 memcpy(ev.eir, eir, sizeof(ev.eir));
2362
2363 return mgmt_event(MGMT_EV_DEVICE_FOUND, index, &ev, sizeof(ev), NULL);
2364}
a88a9652
JH		 2365
2366int mgmt_remote_name(u16 index, bdaddr_t *bdaddr, u8 *name)
2367{
2368 struct mgmt_ev_remote_name ev;
2369
2370 memset(&ev, 0, sizeof(ev));
2371
2372 bacpy(&ev.bdaddr, bdaddr);
2373 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2374
2375 return mgmt_event(MGMT_EV_REMOTE_NAME, index, &ev, sizeof(ev), NULL);
2376}
314b2381
JH		 2377
2378int mgmt_discovering(u16 index, u8 discovering)
2379{
2380 return mgmt_event(MGMT_EV_DISCOVERING, index, &discovering,
2381 sizeof(discovering), NULL);
2382}
5e762444
AJ		 2383
2384int mgmt_device_blocked(u16 index, bdaddr_t *bdaddr)
2385{
2386 struct pending_cmd *cmd;
2387 struct mgmt_ev_device_blocked ev;
2388
2389 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, index);
2390
2391 bacpy(&ev.bdaddr, bdaddr);
2392
2393 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, index, &ev, sizeof(ev),
2394 cmd ? cmd->sk : NULL);
2395}
2396
2397int mgmt_device_unblocked(u16 index, bdaddr_t *bdaddr)
2398{
2399 struct pending_cmd *cmd;
2400 struct mgmt_ev_device_unblocked ev;
2401
2402 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, index);
2403
2404 bacpy(&ev.bdaddr, bdaddr);
2405
2406 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, index, &ev, sizeof(ev),
2407 cmd ? cmd->sk : NULL);
2408}
Linux 6.x block layer and io_uring tree(s)