2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI event handling. */
27 #include <asm/unaligned.h>
29 #include <net/bluetooth/bluetooth.h>
30 #include <net/bluetooth/hci_core.h>
31 #include <net/bluetooth/mgmt.h>
32 #include <net/bluetooth/a2mp.h>
33 #include <net/bluetooth/amp.h>
35 /* Handle HCI Event packets */
37 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
39 __u8 status = *((__u8 *) skb->data);
41 BT_DBG("%s status 0x%2.2x", hdev->name, status);
45 mgmt_stop_discovery_failed(hdev, status);
50 clear_bit(HCI_INQUIRY, &hdev->flags);
53 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
56 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
58 hci_conn_check_pending(hdev);
61 static void hci_cc_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
63 __u8 status = *((__u8 *) skb->data);
65 BT_DBG("%s status 0x%2.2x", hdev->name, status);
70 set_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
73 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
75 __u8 status = *((__u8 *) skb->data);
77 BT_DBG("%s status 0x%2.2x", hdev->name, status);
82 clear_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
84 hci_conn_check_pending(hdev);
87 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev,
90 BT_DBG("%s", hdev->name);
93 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
95 struct hci_rp_role_discovery *rp = (void *) skb->data;
96 struct hci_conn *conn;
98 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
105 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
108 conn->link_mode &= ~HCI_LM_MASTER;
110 conn->link_mode |= HCI_LM_MASTER;
113 hci_dev_unlock(hdev);
116 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
118 struct hci_rp_read_link_policy *rp = (void *) skb->data;
119 struct hci_conn *conn;
121 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
128 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
130 conn->link_policy = __le16_to_cpu(rp->policy);
132 hci_dev_unlock(hdev);
135 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
137 struct hci_rp_write_link_policy *rp = (void *) skb->data;
138 struct hci_conn *conn;
141 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
146 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
152 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
154 conn->link_policy = get_unaligned_le16(sent + 2);
156 hci_dev_unlock(hdev);
159 static void hci_cc_read_def_link_policy(struct hci_dev *hdev,
162 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
164 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
169 hdev->link_policy = __le16_to_cpu(rp->policy);
172 static void hci_cc_write_def_link_policy(struct hci_dev *hdev,
175 __u8 status = *((__u8 *) skb->data);
178 BT_DBG("%s status 0x%2.2x", hdev->name, status);
180 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
185 hdev->link_policy = get_unaligned_le16(sent);
187 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
190 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
192 __u8 status = *((__u8 *) skb->data);
194 BT_DBG("%s status 0x%2.2x", hdev->name, status);
196 clear_bit(HCI_RESET, &hdev->flags);
198 hci_req_complete(hdev, HCI_OP_RESET, status);
200 /* Reset all non-persistent flags */
201 hdev->dev_flags &= ~(BIT(HCI_LE_SCAN) | BIT(HCI_PENDING_CLASS) |
202 BIT(HCI_PERIODIC_INQ));
204 hdev->discovery.state = DISCOVERY_STOPPED;
205 hdev->inq_tx_power = HCI_TX_POWER_INVALID;
206 hdev->adv_tx_power = HCI_TX_POWER_INVALID;
209 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
211 __u8 status = *((__u8 *) skb->data);
214 BT_DBG("%s status 0x%2.2x", hdev->name, status);
216 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
222 if (test_bit(HCI_MGMT, &hdev->dev_flags))
223 mgmt_set_local_name_complete(hdev, sent, status);
225 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
227 hci_dev_unlock(hdev);
229 hci_req_complete(hdev, HCI_OP_WRITE_LOCAL_NAME, status);
232 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
234 struct hci_rp_read_local_name *rp = (void *) skb->data;
236 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
241 if (test_bit(HCI_SETUP, &hdev->dev_flags))
242 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
245 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
247 __u8 status = *((__u8 *) skb->data);
250 BT_DBG("%s status 0x%2.2x", hdev->name, status);
252 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
257 __u8 param = *((__u8 *) sent);
259 if (param == AUTH_ENABLED)
260 set_bit(HCI_AUTH, &hdev->flags);
262 clear_bit(HCI_AUTH, &hdev->flags);
265 if (test_bit(HCI_MGMT, &hdev->dev_flags))
266 mgmt_auth_enable_complete(hdev, status);
268 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
271 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
273 __u8 status = *((__u8 *) skb->data);
276 BT_DBG("%s status 0x%2.2x", hdev->name, status);
278 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
283 __u8 param = *((__u8 *) sent);
286 set_bit(HCI_ENCRYPT, &hdev->flags);
288 clear_bit(HCI_ENCRYPT, &hdev->flags);
291 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
294 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
296 __u8 param, status = *((__u8 *) skb->data);
297 int old_pscan, old_iscan;
300 BT_DBG("%s status 0x%2.2x", hdev->name, status);
302 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
306 param = *((__u8 *) sent);
311 mgmt_write_scan_failed(hdev, param, status);
312 hdev->discov_timeout = 0;
316 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
317 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
319 if (param & SCAN_INQUIRY) {
320 set_bit(HCI_ISCAN, &hdev->flags);
322 mgmt_discoverable(hdev, 1);
323 if (hdev->discov_timeout > 0) {
324 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
325 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
328 } else if (old_iscan)
329 mgmt_discoverable(hdev, 0);
331 if (param & SCAN_PAGE) {
332 set_bit(HCI_PSCAN, &hdev->flags);
334 mgmt_connectable(hdev, 1);
335 } else if (old_pscan)
336 mgmt_connectable(hdev, 0);
339 hci_dev_unlock(hdev);
340 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
343 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
345 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
347 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
352 memcpy(hdev->dev_class, rp->dev_class, 3);
354 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
355 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
358 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
360 __u8 status = *((__u8 *) skb->data);
363 BT_DBG("%s status 0x%2.2x", hdev->name, status);
365 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
372 memcpy(hdev->dev_class, sent, 3);
374 if (test_bit(HCI_MGMT, &hdev->dev_flags))
375 mgmt_set_class_of_dev_complete(hdev, sent, status);
377 hci_dev_unlock(hdev);
380 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
382 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
385 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
390 setting = __le16_to_cpu(rp->voice_setting);
392 if (hdev->voice_setting == setting)
395 hdev->voice_setting = setting;
397 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
400 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
403 static void hci_cc_write_voice_setting(struct hci_dev *hdev,
406 __u8 status = *((__u8 *) skb->data);
410 BT_DBG("%s status 0x%2.2x", hdev->name, status);
415 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
419 setting = get_unaligned_le16(sent);
421 if (hdev->voice_setting == setting)
424 hdev->voice_setting = setting;
426 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
429 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
432 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
434 __u8 status = *((__u8 *) skb->data);
436 BT_DBG("%s status 0x%2.2x", hdev->name, status);
438 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
441 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
443 __u8 status = *((__u8 *) skb->data);
444 struct hci_cp_write_ssp_mode *sent;
446 BT_DBG("%s status 0x%2.2x", hdev->name, status);
448 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
454 hdev->host_features[0] |= LMP_HOST_SSP;
456 hdev->host_features[0] &= ~LMP_HOST_SSP;
459 if (test_bit(HCI_MGMT, &hdev->dev_flags))
460 mgmt_ssp_enable_complete(hdev, sent->mode, status);
463 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
465 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
469 static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
471 if (lmp_ext_inq_capable(hdev))
474 if (lmp_inq_rssi_capable(hdev))
477 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
478 hdev->lmp_subver == 0x0757)
481 if (hdev->manufacturer == 15) {
482 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
484 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
486 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
490 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
491 hdev->lmp_subver == 0x1805)
497 static void hci_setup_inquiry_mode(struct hci_dev *hdev)
501 mode = hci_get_inquiry_mode(hdev);
503 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
506 static void hci_setup_event_mask(struct hci_dev *hdev)
508 /* The second byte is 0xff instead of 0x9f (two reserved bits
509 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
510 * command otherwise */
511 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
513 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
514 * any event mask for pre 1.2 devices */
515 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
518 if (lmp_bredr_capable(hdev)) {
519 events[4] |= 0x01; /* Flow Specification Complete */
520 events[4] |= 0x02; /* Inquiry Result with RSSI */
521 events[4] |= 0x04; /* Read Remote Extended Features Complete */
522 events[5] |= 0x08; /* Synchronous Connection Complete */
523 events[5] |= 0x10; /* Synchronous Connection Changed */
526 if (lmp_inq_rssi_capable(hdev))
527 events[4] |= 0x02; /* Inquiry Result with RSSI */
529 if (lmp_sniffsubr_capable(hdev))
530 events[5] |= 0x20; /* Sniff Subrating */
532 if (lmp_pause_enc_capable(hdev))
533 events[5] |= 0x80; /* Encryption Key Refresh Complete */
535 if (lmp_ext_inq_capable(hdev))
536 events[5] |= 0x40; /* Extended Inquiry Result */
538 if (lmp_no_flush_capable(hdev))
539 events[7] |= 0x01; /* Enhanced Flush Complete */
541 if (lmp_lsto_capable(hdev))
542 events[6] |= 0x80; /* Link Supervision Timeout Changed */
544 if (lmp_ssp_capable(hdev)) {
545 events[6] |= 0x01; /* IO Capability Request */
546 events[6] |= 0x02; /* IO Capability Response */
547 events[6] |= 0x04; /* User Confirmation Request */
548 events[6] |= 0x08; /* User Passkey Request */
549 events[6] |= 0x10; /* Remote OOB Data Request */
550 events[6] |= 0x20; /* Simple Pairing Complete */
551 events[7] |= 0x04; /* User Passkey Notification */
552 events[7] |= 0x08; /* Keypress Notification */
553 events[7] |= 0x10; /* Remote Host Supported
554 * Features Notification */
557 if (lmp_le_capable(hdev))
558 events[7] |= 0x20; /* LE Meta-Event */
560 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
562 if (lmp_le_capable(hdev)) {
563 memset(events, 0, sizeof(events));
565 hci_send_cmd(hdev, HCI_OP_LE_SET_EVENT_MASK,
566 sizeof(events), events);
570 static void bredr_setup(struct hci_dev *hdev)
572 struct hci_cp_delete_stored_link_key cp;
576 /* Read Buffer Size (ACL mtu, max pkt, etc.) */
577 hci_send_cmd(hdev, HCI_OP_READ_BUFFER_SIZE, 0, NULL);
579 /* Read Class of Device */
580 hci_send_cmd(hdev, HCI_OP_READ_CLASS_OF_DEV, 0, NULL);
582 /* Read Local Name */
583 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_NAME, 0, NULL);
585 /* Read Voice Setting */
586 hci_send_cmd(hdev, HCI_OP_READ_VOICE_SETTING, 0, NULL);
588 /* Clear Event Filters */
589 flt_type = HCI_FLT_CLEAR_ALL;
590 hci_send_cmd(hdev, HCI_OP_SET_EVENT_FLT, 1, &flt_type);
592 /* Connection accept timeout ~20 secs */
593 param = __constant_cpu_to_le16(0x7d00);
594 hci_send_cmd(hdev, HCI_OP_WRITE_CA_TIMEOUT, 2, ¶m);
596 bacpy(&cp.bdaddr, BDADDR_ANY);
598 hci_send_cmd(hdev, HCI_OP_DELETE_STORED_LINK_KEY, sizeof(cp), &cp);
601 static void le_setup(struct hci_dev *hdev)
603 /* Read LE Buffer Size */
604 hci_send_cmd(hdev, HCI_OP_LE_READ_BUFFER_SIZE, 0, NULL);
606 /* Read LE Advertising Channel TX Power */
607 hci_send_cmd(hdev, HCI_OP_LE_READ_ADV_TX_POWER, 0, NULL);
610 static void hci_setup(struct hci_dev *hdev)
612 if (hdev->dev_type != HCI_BREDR)
615 /* Read BD Address */
616 hci_send_cmd(hdev, HCI_OP_READ_BD_ADDR, 0, NULL);
618 if (lmp_bredr_capable(hdev))
621 if (lmp_le_capable(hdev))
624 hci_setup_event_mask(hdev);
626 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
627 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
629 if (lmp_ssp_capable(hdev)) {
630 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
632 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE,
633 sizeof(mode), &mode);
635 struct hci_cp_write_eir cp;
637 memset(hdev->eir, 0, sizeof(hdev->eir));
638 memset(&cp, 0, sizeof(cp));
640 hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
644 if (lmp_inq_rssi_capable(hdev))
645 hci_setup_inquiry_mode(hdev);
647 if (lmp_inq_tx_pwr_capable(hdev))
648 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
650 if (lmp_ext_feat_capable(hdev)) {
651 struct hci_cp_read_local_ext_features cp;
654 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp),
658 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags)) {
660 hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(enable),
665 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
667 struct hci_rp_read_local_version *rp = (void *) skb->data;
669 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
674 hdev->hci_ver = rp->hci_ver;
675 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
676 hdev->lmp_ver = rp->lmp_ver;
677 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
678 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
680 BT_DBG("%s manufacturer 0x%4.4x hci ver %d:%d", hdev->name,
681 hdev->manufacturer, hdev->hci_ver, hdev->hci_rev);
683 if (test_bit(HCI_INIT, &hdev->flags))
687 hci_req_complete(hdev, HCI_OP_READ_LOCAL_VERSION, rp->status);
690 static void hci_setup_link_policy(struct hci_dev *hdev)
692 struct hci_cp_write_def_link_policy cp;
695 if (lmp_rswitch_capable(hdev))
696 link_policy |= HCI_LP_RSWITCH;
697 if (lmp_hold_capable(hdev))
698 link_policy |= HCI_LP_HOLD;
699 if (lmp_sniff_capable(hdev))
700 link_policy |= HCI_LP_SNIFF;
701 if (lmp_park_capable(hdev))
702 link_policy |= HCI_LP_PARK;
704 cp.policy = cpu_to_le16(link_policy);
705 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, sizeof(cp), &cp);
708 static void hci_cc_read_local_commands(struct hci_dev *hdev,
711 struct hci_rp_read_local_commands *rp = (void *) skb->data;
713 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
718 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
720 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
721 hci_setup_link_policy(hdev);
724 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
727 static void hci_cc_read_local_features(struct hci_dev *hdev,
730 struct hci_rp_read_local_features *rp = (void *) skb->data;
732 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
737 memcpy(hdev->features, rp->features, 8);
739 /* Adjust default settings according to features
740 * supported by device. */
742 if (hdev->features[0] & LMP_3SLOT)
743 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
745 if (hdev->features[0] & LMP_5SLOT)
746 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
748 if (hdev->features[1] & LMP_HV2) {
749 hdev->pkt_type |= (HCI_HV2);
750 hdev->esco_type |= (ESCO_HV2);
753 if (hdev->features[1] & LMP_HV3) {
754 hdev->pkt_type |= (HCI_HV3);
755 hdev->esco_type |= (ESCO_HV3);
758 if (lmp_esco_capable(hdev))
759 hdev->esco_type |= (ESCO_EV3);
761 if (hdev->features[4] & LMP_EV4)
762 hdev->esco_type |= (ESCO_EV4);
764 if (hdev->features[4] & LMP_EV5)
765 hdev->esco_type |= (ESCO_EV5);
767 if (hdev->features[5] & LMP_EDR_ESCO_2M)
768 hdev->esco_type |= (ESCO_2EV3);
770 if (hdev->features[5] & LMP_EDR_ESCO_3M)
771 hdev->esco_type |= (ESCO_3EV3);
773 if (hdev->features[5] & LMP_EDR_3S_ESCO)
774 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
776 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
777 hdev->features[0], hdev->features[1],
778 hdev->features[2], hdev->features[3],
779 hdev->features[4], hdev->features[5],
780 hdev->features[6], hdev->features[7]);
783 static void hci_set_le_support(struct hci_dev *hdev)
785 struct hci_cp_write_le_host_supported cp;
787 memset(&cp, 0, sizeof(cp));
789 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
791 cp.simul = !!lmp_le_br_capable(hdev);
794 if (cp.le != !!lmp_host_le_capable(hdev))
795 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp),
799 static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
802 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
804 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
811 memcpy(hdev->features, rp->features, 8);
814 memcpy(hdev->host_features, rp->features, 8);
818 if (test_bit(HCI_INIT, &hdev->flags) && lmp_le_capable(hdev))
819 hci_set_le_support(hdev);
822 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
825 static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
828 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
830 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
835 hdev->flow_ctl_mode = rp->mode;
837 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
840 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
842 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
844 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
849 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
850 hdev->sco_mtu = rp->sco_mtu;
851 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
852 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
854 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
859 hdev->acl_cnt = hdev->acl_pkts;
860 hdev->sco_cnt = hdev->sco_pkts;
862 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu,
863 hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts);
866 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
868 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
870 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
873 bacpy(&hdev->bdaddr, &rp->bdaddr);
875 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
878 static void hci_cc_read_data_block_size(struct hci_dev *hdev,
881 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
883 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
888 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
889 hdev->block_len = __le16_to_cpu(rp->block_len);
890 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
892 hdev->block_cnt = hdev->num_blocks;
894 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
895 hdev->block_cnt, hdev->block_len);
897 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
900 static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
902 __u8 status = *((__u8 *) skb->data);
904 BT_DBG("%s status 0x%2.2x", hdev->name, status);
906 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
909 static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
912 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
914 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
919 hdev->amp_status = rp->amp_status;
920 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
921 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
922 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
923 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
924 hdev->amp_type = rp->amp_type;
925 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
926 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
927 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
928 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
930 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
933 a2mp_send_getinfo_rsp(hdev);
936 static void hci_cc_read_local_amp_assoc(struct hci_dev *hdev,
939 struct hci_rp_read_local_amp_assoc *rp = (void *) skb->data;
940 struct amp_assoc *assoc = &hdev->loc_assoc;
941 size_t rem_len, frag_len;
943 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
948 frag_len = skb->len - sizeof(*rp);
949 rem_len = __le16_to_cpu(rp->rem_len);
951 if (rem_len > frag_len) {
952 BT_DBG("frag_len %zu rem_len %zu", frag_len, rem_len);
954 memcpy(assoc->data + assoc->offset, rp->frag, frag_len);
955 assoc->offset += frag_len;
957 /* Read other fragments */
958 amp_read_loc_assoc_frag(hdev, rp->phy_handle);
963 memcpy(assoc->data + assoc->offset, rp->frag, rem_len);
964 assoc->len = assoc->offset + rem_len;
968 /* Send A2MP Rsp when all fragments are received */
969 a2mp_send_getampassoc_rsp(hdev, rp->status);
970 a2mp_send_create_phy_link_req(hdev, rp->status);
973 static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
976 __u8 status = *((__u8 *) skb->data);
978 BT_DBG("%s status 0x%2.2x", hdev->name, status);
980 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
983 static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
985 __u8 status = *((__u8 *) skb->data);
987 BT_DBG("%s status 0x%2.2x", hdev->name, status);
989 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
992 static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
995 __u8 status = *((__u8 *) skb->data);
997 BT_DBG("%s status 0x%2.2x", hdev->name, status);
999 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
1002 static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
1003 struct sk_buff *skb)
1005 struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data;
1007 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1010 hdev->inq_tx_power = rp->tx_power;
1012 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, rp->status);
1015 static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
1017 __u8 status = *((__u8 *) skb->data);
1019 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1021 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
1024 static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
1026 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
1027 struct hci_cp_pin_code_reply *cp;
1028 struct hci_conn *conn;
1030 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1034 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1035 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
1040 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
1044 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1046 conn->pin_length = cp->pin_len;
1049 hci_dev_unlock(hdev);
1052 static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1054 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
1056 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1060 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1061 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
1064 hci_dev_unlock(hdev);
1067 static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
1068 struct sk_buff *skb)
1070 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
1072 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1077 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
1078 hdev->le_pkts = rp->le_max_pkt;
1080 hdev->le_cnt = hdev->le_pkts;
1082 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
1084 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
1087 static void hci_cc_le_read_adv_tx_power(struct hci_dev *hdev,
1088 struct sk_buff *skb)
1090 struct hci_rp_le_read_adv_tx_power *rp = (void *) skb->data;
1092 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1095 hdev->adv_tx_power = rp->tx_power;
1097 hci_req_complete(hdev, HCI_OP_LE_READ_ADV_TX_POWER, rp->status);
1100 static void hci_cc_le_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
1102 __u8 status = *((__u8 *) skb->data);
1104 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1106 hci_req_complete(hdev, HCI_OP_LE_SET_EVENT_MASK, status);
1109 static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
1111 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1113 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1117 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1118 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0,
1121 hci_dev_unlock(hdev);
1124 static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
1125 struct sk_buff *skb)
1127 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1129 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1133 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1134 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
1135 ACL_LINK, 0, rp->status);
1137 hci_dev_unlock(hdev);
1140 static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
1142 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1144 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1148 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1149 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
1152 hci_dev_unlock(hdev);
1155 static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
1156 struct sk_buff *skb)
1158 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1160 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1164 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1165 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
1166 ACL_LINK, 0, rp->status);
1168 hci_dev_unlock(hdev);
1171 static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
1172 struct sk_buff *skb)
1174 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1176 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1179 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
1180 rp->randomizer, rp->status);
1181 hci_dev_unlock(hdev);
1184 static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1186 __u8 status = *((__u8 *) skb->data);
1188 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1190 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_PARAM, status);
1194 mgmt_start_discovery_failed(hdev, status);
1195 hci_dev_unlock(hdev);
1200 static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1201 struct sk_buff *skb)
1203 struct hci_cp_le_set_scan_enable *cp;
1204 __u8 status = *((__u8 *) skb->data);
1206 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1208 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1212 switch (cp->enable) {
1213 case LE_SCANNING_ENABLED:
1214 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_ENABLE, status);
1218 mgmt_start_discovery_failed(hdev, status);
1219 hci_dev_unlock(hdev);
1223 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1226 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
1227 hci_dev_unlock(hdev);
1230 case LE_SCANNING_DISABLED:
1233 mgmt_stop_discovery_failed(hdev, status);
1234 hci_dev_unlock(hdev);
1238 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1240 if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED &&
1241 hdev->discovery.state == DISCOVERY_FINDING) {
1242 mgmt_interleaved_discovery(hdev);
1245 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1246 hci_dev_unlock(hdev);
1252 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1257 static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1259 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1261 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1266 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1269 static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1271 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1273 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1278 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1281 static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1282 struct sk_buff *skb)
1284 struct hci_cp_write_le_host_supported *sent;
1285 __u8 status = *((__u8 *) skb->data);
1287 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1289 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED);
1295 hdev->host_features[0] |= LMP_HOST_LE;
1297 hdev->host_features[0] &= ~LMP_HOST_LE;
1300 hdev->host_features[0] |= LMP_HOST_LE_BREDR;
1302 hdev->host_features[0] &= ~LMP_HOST_LE_BREDR;
1305 if (test_bit(HCI_MGMT, &hdev->dev_flags) &&
1306 !test_bit(HCI_INIT, &hdev->flags))
1307 mgmt_le_enable_complete(hdev, sent->le, status);
1309 hci_req_complete(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, status);
1312 static void hci_cc_write_remote_amp_assoc(struct hci_dev *hdev,
1313 struct sk_buff *skb)
1315 struct hci_rp_write_remote_amp_assoc *rp = (void *) skb->data;
1317 BT_DBG("%s status 0x%2.2x phy_handle 0x%2.2x",
1318 hdev->name, rp->status, rp->phy_handle);
1323 amp_write_rem_assoc_continue(hdev, rp->phy_handle);
1326 static void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
1328 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1331 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1332 hci_conn_check_pending(hdev);
1334 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1335 mgmt_start_discovery_failed(hdev, status);
1336 hci_dev_unlock(hdev);
1340 set_bit(HCI_INQUIRY, &hdev->flags);
1343 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
1344 hci_dev_unlock(hdev);
1347 static void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1349 struct hci_cp_create_conn *cp;
1350 struct hci_conn *conn;
1352 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1354 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1360 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1362 BT_DBG("%s bdaddr %pMR hcon %p", hdev->name, &cp->bdaddr, conn);
1365 if (conn && conn->state == BT_CONNECT) {
1366 if (status != 0x0c || conn->attempt > 2) {
1367 conn->state = BT_CLOSED;
1368 hci_proto_connect_cfm(conn, status);
1371 conn->state = BT_CONNECT2;
1375 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1378 conn->link_mode |= HCI_LM_MASTER;
1380 BT_ERR("No memory for new connection");
1384 hci_dev_unlock(hdev);
1387 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1389 struct hci_cp_add_sco *cp;
1390 struct hci_conn *acl, *sco;
1393 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1398 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1402 handle = __le16_to_cpu(cp->handle);
1404 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
1408 acl = hci_conn_hash_lookup_handle(hdev, handle);
1412 sco->state = BT_CLOSED;
1414 hci_proto_connect_cfm(sco, status);
1419 hci_dev_unlock(hdev);
1422 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1424 struct hci_cp_auth_requested *cp;
1425 struct hci_conn *conn;
1427 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1432 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1438 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1440 if (conn->state == BT_CONFIG) {
1441 hci_proto_connect_cfm(conn, status);
1446 hci_dev_unlock(hdev);
1449 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1451 struct hci_cp_set_conn_encrypt *cp;
1452 struct hci_conn *conn;
1454 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1459 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1465 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1467 if (conn->state == BT_CONFIG) {
1468 hci_proto_connect_cfm(conn, status);
1473 hci_dev_unlock(hdev);
1476 static int hci_outgoing_auth_needed(struct hci_dev *hdev,
1477 struct hci_conn *conn)
1479 if (conn->state != BT_CONFIG || !conn->out)
1482 if (conn->pending_sec_level == BT_SECURITY_SDP)
1485 /* Only request authentication for SSP connections or non-SSP
1486 * devices with sec_level HIGH or if MITM protection is requested */
1487 if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) &&
1488 conn->pending_sec_level != BT_SECURITY_HIGH)
1494 static int hci_resolve_name(struct hci_dev *hdev,
1495 struct inquiry_entry *e)
1497 struct hci_cp_remote_name_req cp;
1499 memset(&cp, 0, sizeof(cp));
1501 bacpy(&cp.bdaddr, &e->data.bdaddr);
1502 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1503 cp.pscan_mode = e->data.pscan_mode;
1504 cp.clock_offset = e->data.clock_offset;
1506 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1509 static bool hci_resolve_next_name(struct hci_dev *hdev)
1511 struct discovery_state *discov = &hdev->discovery;
1512 struct inquiry_entry *e;
1514 if (list_empty(&discov->resolve))
1517 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1521 if (hci_resolve_name(hdev, e) == 0) {
1522 e->name_state = NAME_PENDING;
1529 static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
1530 bdaddr_t *bdaddr, u8 *name, u8 name_len)
1532 struct discovery_state *discov = &hdev->discovery;
1533 struct inquiry_entry *e;
1535 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
1536 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00, 0, name,
1537 name_len, conn->dev_class);
1539 if (discov->state == DISCOVERY_STOPPED)
1542 if (discov->state == DISCOVERY_STOPPING)
1543 goto discov_complete;
1545 if (discov->state != DISCOVERY_RESOLVING)
1548 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
1549 /* If the device was not found in a list of found devices names of which
1550 * are pending. there is no need to continue resolving a next name as it
1551 * will be done upon receiving another Remote Name Request Complete
1558 e->name_state = NAME_KNOWN;
1559 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1560 e->data.rssi, name, name_len);
1562 e->name_state = NAME_NOT_KNOWN;
1565 if (hci_resolve_next_name(hdev))
1569 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1572 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1574 struct hci_cp_remote_name_req *cp;
1575 struct hci_conn *conn;
1577 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1579 /* If successful wait for the name req complete event before
1580 * checking for the need to do authentication */
1584 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1590 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1592 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1593 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
1598 if (!hci_outgoing_auth_needed(hdev, conn))
1601 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
1602 struct hci_cp_auth_requested cp;
1603 cp.handle = __cpu_to_le16(conn->handle);
1604 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1608 hci_dev_unlock(hdev);
1611 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1613 struct hci_cp_read_remote_features *cp;
1614 struct hci_conn *conn;
1616 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1621 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1627 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1629 if (conn->state == BT_CONFIG) {
1630 hci_proto_connect_cfm(conn, status);
1635 hci_dev_unlock(hdev);
1638 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1640 struct hci_cp_read_remote_ext_features *cp;
1641 struct hci_conn *conn;
1643 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1648 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1654 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1656 if (conn->state == BT_CONFIG) {
1657 hci_proto_connect_cfm(conn, status);
1662 hci_dev_unlock(hdev);
1665 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1667 struct hci_cp_setup_sync_conn *cp;
1668 struct hci_conn *acl, *sco;
1671 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1676 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1680 handle = __le16_to_cpu(cp->handle);
1682 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
1686 acl = hci_conn_hash_lookup_handle(hdev, handle);
1690 sco->state = BT_CLOSED;
1692 hci_proto_connect_cfm(sco, status);
1697 hci_dev_unlock(hdev);
1700 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1702 struct hci_cp_sniff_mode *cp;
1703 struct hci_conn *conn;
1705 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1710 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1716 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1718 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1720 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
1721 hci_sco_setup(conn, status);
1724 hci_dev_unlock(hdev);
1727 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1729 struct hci_cp_exit_sniff_mode *cp;
1730 struct hci_conn *conn;
1732 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1737 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1743 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1745 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1747 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
1748 hci_sco_setup(conn, status);
1751 hci_dev_unlock(hdev);
1754 static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1756 struct hci_cp_disconnect *cp;
1757 struct hci_conn *conn;
1762 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
1768 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1770 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
1771 conn->dst_type, status);
1773 hci_dev_unlock(hdev);
1776 static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1778 struct hci_conn *conn;
1780 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1785 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
1787 hci_dev_unlock(hdev);
1791 BT_DBG("%s bdaddr %pMR conn %p", hdev->name, &conn->dst, conn);
1793 conn->state = BT_CLOSED;
1794 mgmt_connect_failed(hdev, &conn->dst, conn->type,
1795 conn->dst_type, status);
1796 hci_proto_connect_cfm(conn, status);
1799 hci_dev_unlock(hdev);
1803 static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1805 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1808 static void hci_cs_create_phylink(struct hci_dev *hdev, u8 status)
1810 struct hci_cp_create_phy_link *cp;
1812 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1814 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_PHY_LINK);
1821 struct hci_conn *hcon;
1823 hcon = hci_conn_hash_lookup_handle(hdev, cp->phy_handle);
1827 amp_write_remote_assoc(hdev, cp->phy_handle);
1830 hci_dev_unlock(hdev);
1833 static void hci_cs_accept_phylink(struct hci_dev *hdev, u8 status)
1835 struct hci_cp_accept_phy_link *cp;
1837 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1842 cp = hci_sent_cmd_data(hdev, HCI_OP_ACCEPT_PHY_LINK);
1846 amp_write_remote_assoc(hdev, cp->phy_handle);
1849 static void hci_cs_create_logical_link(struct hci_dev *hdev, u8 status)
1851 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1854 static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1856 __u8 status = *((__u8 *) skb->data);
1857 struct discovery_state *discov = &hdev->discovery;
1858 struct inquiry_entry *e;
1860 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1862 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1864 hci_conn_check_pending(hdev);
1866 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1869 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
1874 if (discov->state != DISCOVERY_FINDING)
1877 if (list_empty(&discov->resolve)) {
1878 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1882 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1883 if (e && hci_resolve_name(hdev, e) == 0) {
1884 e->name_state = NAME_PENDING;
1885 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1887 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1891 hci_dev_unlock(hdev);
1894 static void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1896 struct inquiry_data data;
1897 struct inquiry_info *info = (void *) (skb->data + 1);
1898 int num_rsp = *((__u8 *) skb->data);
1900 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1905 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
1910 for (; num_rsp; num_rsp--, info++) {
1911 bool name_known, ssp;
1913 bacpy(&data.bdaddr, &info->bdaddr);
1914 data.pscan_rep_mode = info->pscan_rep_mode;
1915 data.pscan_period_mode = info->pscan_period_mode;
1916 data.pscan_mode = info->pscan_mode;
1917 memcpy(data.dev_class, info->dev_class, 3);
1918 data.clock_offset = info->clock_offset;
1920 data.ssp_mode = 0x00;
1922 name_known = hci_inquiry_cache_update(hdev, &data, false, &ssp);
1923 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
1924 info->dev_class, 0, !name_known, ssp, NULL,
1928 hci_dev_unlock(hdev);
1931 static void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1933 struct hci_ev_conn_complete *ev = (void *) skb->data;
1934 struct hci_conn *conn;
1936 BT_DBG("%s", hdev->name);
1940 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1942 if (ev->link_type != SCO_LINK)
1945 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1949 conn->type = SCO_LINK;
1953 conn->handle = __le16_to_cpu(ev->handle);
1955 if (conn->type == ACL_LINK) {
1956 conn->state = BT_CONFIG;
1957 hci_conn_hold(conn);
1959 if (!conn->out && !hci_conn_ssp_enabled(conn) &&
1960 !hci_find_link_key(hdev, &ev->bdaddr))
1961 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1963 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1965 conn->state = BT_CONNECTED;
1967 hci_conn_hold_device(conn);
1968 hci_conn_add_sysfs(conn);
1970 if (test_bit(HCI_AUTH, &hdev->flags))
1971 conn->link_mode |= HCI_LM_AUTH;
1973 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1974 conn->link_mode |= HCI_LM_ENCRYPT;
1976 /* Get remote features */
1977 if (conn->type == ACL_LINK) {
1978 struct hci_cp_read_remote_features cp;
1979 cp.handle = ev->handle;
1980 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1984 /* Set packet type for incoming connection */
1985 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1986 struct hci_cp_change_conn_ptype cp;
1987 cp.handle = ev->handle;
1988 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1989 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, sizeof(cp),
1993 conn->state = BT_CLOSED;
1994 if (conn->type == ACL_LINK)
1995 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
1996 conn->dst_type, ev->status);
1999 if (conn->type == ACL_LINK)
2000 hci_sco_setup(conn, ev->status);
2003 hci_proto_connect_cfm(conn, ev->status);
2005 } else if (ev->link_type != ACL_LINK)
2006 hci_proto_connect_cfm(conn, ev->status);
2009 hci_dev_unlock(hdev);
2011 hci_conn_check_pending(hdev);
2014 static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2016 struct hci_ev_conn_request *ev = (void *) skb->data;
2017 int mask = hdev->link_mode;
2019 BT_DBG("%s bdaddr %pMR type 0x%x", hdev->name, &ev->bdaddr,
2022 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
2024 if ((mask & HCI_LM_ACCEPT) &&
2025 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
2026 /* Connection accepted */
2027 struct inquiry_entry *ie;
2028 struct hci_conn *conn;
2032 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2034 memcpy(ie->data.dev_class, ev->dev_class, 3);
2036 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type,
2039 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
2041 BT_ERR("No memory for new connection");
2042 hci_dev_unlock(hdev);
2047 memcpy(conn->dev_class, ev->dev_class, 3);
2048 conn->state = BT_CONNECT;
2050 hci_dev_unlock(hdev);
2052 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
2053 struct hci_cp_accept_conn_req cp;
2055 bacpy(&cp.bdaddr, &ev->bdaddr);
2057 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
2058 cp.role = 0x00; /* Become master */
2060 cp.role = 0x01; /* Remain slave */
2062 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp),
2065 struct hci_cp_accept_sync_conn_req cp;
2067 bacpy(&cp.bdaddr, &ev->bdaddr);
2068 cp.pkt_type = cpu_to_le16(conn->pkt_type);
2070 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
2071 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
2072 cp.max_latency = __constant_cpu_to_le16(0xffff);
2073 cp.content_format = cpu_to_le16(hdev->voice_setting);
2074 cp.retrans_effort = 0xff;
2076 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
2080 /* Connection rejected */
2081 struct hci_cp_reject_conn_req cp;
2083 bacpy(&cp.bdaddr, &ev->bdaddr);
2084 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
2085 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
2089 static u8 hci_to_mgmt_reason(u8 err)
2092 case HCI_ERROR_CONNECTION_TIMEOUT:
2093 return MGMT_DEV_DISCONN_TIMEOUT;
2094 case HCI_ERROR_REMOTE_USER_TERM:
2095 case HCI_ERROR_REMOTE_LOW_RESOURCES:
2096 case HCI_ERROR_REMOTE_POWER_OFF:
2097 return MGMT_DEV_DISCONN_REMOTE;
2098 case HCI_ERROR_LOCAL_HOST_TERM:
2099 return MGMT_DEV_DISCONN_LOCAL_HOST;
2101 return MGMT_DEV_DISCONN_UNKNOWN;
2105 static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2107 struct hci_ev_disconn_complete *ev = (void *) skb->data;
2108 struct hci_conn *conn;
2110 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2114 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2118 if (ev->status == 0)
2119 conn->state = BT_CLOSED;
2121 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
2122 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
2124 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
2125 conn->dst_type, ev->status);
2127 u8 reason = hci_to_mgmt_reason(ev->reason);
2129 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
2130 conn->dst_type, reason);
2134 if (ev->status == 0) {
2135 if (conn->type == ACL_LINK && conn->flush_key)
2136 hci_remove_link_key(hdev, &conn->dst);
2137 hci_proto_disconn_cfm(conn, ev->reason);
2142 hci_dev_unlock(hdev);
2145 static void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2147 struct hci_ev_auth_complete *ev = (void *) skb->data;
2148 struct hci_conn *conn;
2150 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2154 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2159 if (!hci_conn_ssp_enabled(conn) &&
2160 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
2161 BT_INFO("re-auth of legacy device is not possible.");
2163 conn->link_mode |= HCI_LM_AUTH;
2164 conn->sec_level = conn->pending_sec_level;
2167 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
2171 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
2172 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
2174 if (conn->state == BT_CONFIG) {
2175 if (!ev->status && hci_conn_ssp_enabled(conn)) {
2176 struct hci_cp_set_conn_encrypt cp;
2177 cp.handle = ev->handle;
2179 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
2182 conn->state = BT_CONNECTED;
2183 hci_proto_connect_cfm(conn, ev->status);
2187 hci_auth_cfm(conn, ev->status);
2189 hci_conn_hold(conn);
2190 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2194 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
2196 struct hci_cp_set_conn_encrypt cp;
2197 cp.handle = ev->handle;
2199 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
2202 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
2203 hci_encrypt_cfm(conn, ev->status, 0x00);
2208 hci_dev_unlock(hdev);
2211 static void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
2213 struct hci_ev_remote_name *ev = (void *) skb->data;
2214 struct hci_conn *conn;
2216 BT_DBG("%s", hdev->name);
2218 hci_conn_check_pending(hdev);
2222 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2224 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
2227 if (ev->status == 0)
2228 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
2229 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
2231 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
2237 if (!hci_outgoing_auth_needed(hdev, conn))
2240 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
2241 struct hci_cp_auth_requested cp;
2242 cp.handle = __cpu_to_le16(conn->handle);
2243 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
2247 hci_dev_unlock(hdev);
2250 static void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2252 struct hci_ev_encrypt_change *ev = (void *) skb->data;
2253 struct hci_conn *conn;
2255 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2259 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2263 /* Encryption implies authentication */
2264 conn->link_mode |= HCI_LM_AUTH;
2265 conn->link_mode |= HCI_LM_ENCRYPT;
2266 conn->sec_level = conn->pending_sec_level;
2268 conn->link_mode &= ~HCI_LM_ENCRYPT;
2271 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
2273 if (ev->status && conn->state == BT_CONNECTED) {
2274 hci_acl_disconn(conn, HCI_ERROR_AUTH_FAILURE);
2279 if (conn->state == BT_CONFIG) {
2281 conn->state = BT_CONNECTED;
2283 hci_proto_connect_cfm(conn, ev->status);
2286 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
2290 hci_dev_unlock(hdev);
2293 static void hci_change_link_key_complete_evt(struct hci_dev *hdev,
2294 struct sk_buff *skb)
2296 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
2297 struct hci_conn *conn;
2299 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2303 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2306 conn->link_mode |= HCI_LM_SECURE;
2308 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
2310 hci_key_change_cfm(conn, ev->status);
2313 hci_dev_unlock(hdev);
2316 static void hci_remote_features_evt(struct hci_dev *hdev,
2317 struct sk_buff *skb)
2319 struct hci_ev_remote_features *ev = (void *) skb->data;
2320 struct hci_conn *conn;
2322 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2326 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2331 memcpy(conn->features, ev->features, 8);
2333 if (conn->state != BT_CONFIG)
2336 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2337 struct hci_cp_read_remote_ext_features cp;
2338 cp.handle = ev->handle;
2340 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
2345 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
2346 struct hci_cp_remote_name_req cp;
2347 memset(&cp, 0, sizeof(cp));
2348 bacpy(&cp.bdaddr, &conn->dst);
2349 cp.pscan_rep_mode = 0x02;
2350 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2351 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2352 mgmt_device_connected(hdev, &conn->dst, conn->type,
2353 conn->dst_type, 0, NULL, 0,
2356 if (!hci_outgoing_auth_needed(hdev, conn)) {
2357 conn->state = BT_CONNECTED;
2358 hci_proto_connect_cfm(conn, ev->status);
2363 hci_dev_unlock(hdev);
2366 static void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
2368 BT_DBG("%s", hdev->name);
2371 static void hci_qos_setup_complete_evt(struct hci_dev *hdev,
2372 struct sk_buff *skb)
2374 BT_DBG("%s", hdev->name);
2377 static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2379 struct hci_ev_cmd_complete *ev = (void *) skb->data;
2382 skb_pull(skb, sizeof(*ev));
2384 opcode = __le16_to_cpu(ev->opcode);
2387 case HCI_OP_INQUIRY_CANCEL:
2388 hci_cc_inquiry_cancel(hdev, skb);
2391 case HCI_OP_PERIODIC_INQ:
2392 hci_cc_periodic_inq(hdev, skb);
2395 case HCI_OP_EXIT_PERIODIC_INQ:
2396 hci_cc_exit_periodic_inq(hdev, skb);
2399 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2400 hci_cc_remote_name_req_cancel(hdev, skb);
2403 case HCI_OP_ROLE_DISCOVERY:
2404 hci_cc_role_discovery(hdev, skb);
2407 case HCI_OP_READ_LINK_POLICY:
2408 hci_cc_read_link_policy(hdev, skb);
2411 case HCI_OP_WRITE_LINK_POLICY:
2412 hci_cc_write_link_policy(hdev, skb);
2415 case HCI_OP_READ_DEF_LINK_POLICY:
2416 hci_cc_read_def_link_policy(hdev, skb);
2419 case HCI_OP_WRITE_DEF_LINK_POLICY:
2420 hci_cc_write_def_link_policy(hdev, skb);
2424 hci_cc_reset(hdev, skb);
2427 case HCI_OP_WRITE_LOCAL_NAME:
2428 hci_cc_write_local_name(hdev, skb);
2431 case HCI_OP_READ_LOCAL_NAME:
2432 hci_cc_read_local_name(hdev, skb);
2435 case HCI_OP_WRITE_AUTH_ENABLE:
2436 hci_cc_write_auth_enable(hdev, skb);
2439 case HCI_OP_WRITE_ENCRYPT_MODE:
2440 hci_cc_write_encrypt_mode(hdev, skb);
2443 case HCI_OP_WRITE_SCAN_ENABLE:
2444 hci_cc_write_scan_enable(hdev, skb);
2447 case HCI_OP_READ_CLASS_OF_DEV:
2448 hci_cc_read_class_of_dev(hdev, skb);
2451 case HCI_OP_WRITE_CLASS_OF_DEV:
2452 hci_cc_write_class_of_dev(hdev, skb);
2455 case HCI_OP_READ_VOICE_SETTING:
2456 hci_cc_read_voice_setting(hdev, skb);
2459 case HCI_OP_WRITE_VOICE_SETTING:
2460 hci_cc_write_voice_setting(hdev, skb);
2463 case HCI_OP_HOST_BUFFER_SIZE:
2464 hci_cc_host_buffer_size(hdev, skb);
2467 case HCI_OP_WRITE_SSP_MODE:
2468 hci_cc_write_ssp_mode(hdev, skb);
2471 case HCI_OP_READ_LOCAL_VERSION:
2472 hci_cc_read_local_version(hdev, skb);
2475 case HCI_OP_READ_LOCAL_COMMANDS:
2476 hci_cc_read_local_commands(hdev, skb);
2479 case HCI_OP_READ_LOCAL_FEATURES:
2480 hci_cc_read_local_features(hdev, skb);
2483 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2484 hci_cc_read_local_ext_features(hdev, skb);
2487 case HCI_OP_READ_BUFFER_SIZE:
2488 hci_cc_read_buffer_size(hdev, skb);
2491 case HCI_OP_READ_BD_ADDR:
2492 hci_cc_read_bd_addr(hdev, skb);
2495 case HCI_OP_READ_DATA_BLOCK_SIZE:
2496 hci_cc_read_data_block_size(hdev, skb);
2499 case HCI_OP_WRITE_CA_TIMEOUT:
2500 hci_cc_write_ca_timeout(hdev, skb);
2503 case HCI_OP_READ_FLOW_CONTROL_MODE:
2504 hci_cc_read_flow_control_mode(hdev, skb);
2507 case HCI_OP_READ_LOCAL_AMP_INFO:
2508 hci_cc_read_local_amp_info(hdev, skb);
2511 case HCI_OP_READ_LOCAL_AMP_ASSOC:
2512 hci_cc_read_local_amp_assoc(hdev, skb);
2515 case HCI_OP_DELETE_STORED_LINK_KEY:
2516 hci_cc_delete_stored_link_key(hdev, skb);
2519 case HCI_OP_SET_EVENT_MASK:
2520 hci_cc_set_event_mask(hdev, skb);
2523 case HCI_OP_WRITE_INQUIRY_MODE:
2524 hci_cc_write_inquiry_mode(hdev, skb);
2527 case HCI_OP_READ_INQ_RSP_TX_POWER:
2528 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2531 case HCI_OP_SET_EVENT_FLT:
2532 hci_cc_set_event_flt(hdev, skb);
2535 case HCI_OP_PIN_CODE_REPLY:
2536 hci_cc_pin_code_reply(hdev, skb);
2539 case HCI_OP_PIN_CODE_NEG_REPLY:
2540 hci_cc_pin_code_neg_reply(hdev, skb);
2543 case HCI_OP_READ_LOCAL_OOB_DATA:
2544 hci_cc_read_local_oob_data_reply(hdev, skb);
2547 case HCI_OP_LE_READ_BUFFER_SIZE:
2548 hci_cc_le_read_buffer_size(hdev, skb);
2551 case HCI_OP_LE_READ_ADV_TX_POWER:
2552 hci_cc_le_read_adv_tx_power(hdev, skb);
2555 case HCI_OP_LE_SET_EVENT_MASK:
2556 hci_cc_le_set_event_mask(hdev, skb);
2559 case HCI_OP_USER_CONFIRM_REPLY:
2560 hci_cc_user_confirm_reply(hdev, skb);
2563 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2564 hci_cc_user_confirm_neg_reply(hdev, skb);
2567 case HCI_OP_USER_PASSKEY_REPLY:
2568 hci_cc_user_passkey_reply(hdev, skb);
2571 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2572 hci_cc_user_passkey_neg_reply(hdev, skb);
2575 case HCI_OP_LE_SET_SCAN_PARAM:
2576 hci_cc_le_set_scan_param(hdev, skb);
2579 case HCI_OP_LE_SET_SCAN_ENABLE:
2580 hci_cc_le_set_scan_enable(hdev, skb);
2583 case HCI_OP_LE_LTK_REPLY:
2584 hci_cc_le_ltk_reply(hdev, skb);
2587 case HCI_OP_LE_LTK_NEG_REPLY:
2588 hci_cc_le_ltk_neg_reply(hdev, skb);
2591 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2592 hci_cc_write_le_host_supported(hdev, skb);
2595 case HCI_OP_WRITE_REMOTE_AMP_ASSOC:
2596 hci_cc_write_remote_amp_assoc(hdev, skb);
2600 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
2604 if (ev->opcode != HCI_OP_NOP)
2605 del_timer(&hdev->cmd_timer);
2608 atomic_set(&hdev->cmd_cnt, 1);
2609 if (!skb_queue_empty(&hdev->cmd_q))
2610 queue_work(hdev->workqueue, &hdev->cmd_work);
2614 static void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2616 struct hci_ev_cmd_status *ev = (void *) skb->data;
2619 skb_pull(skb, sizeof(*ev));
2621 opcode = __le16_to_cpu(ev->opcode);
2624 case HCI_OP_INQUIRY:
2625 hci_cs_inquiry(hdev, ev->status);
2628 case HCI_OP_CREATE_CONN:
2629 hci_cs_create_conn(hdev, ev->status);
2632 case HCI_OP_ADD_SCO:
2633 hci_cs_add_sco(hdev, ev->status);
2636 case HCI_OP_AUTH_REQUESTED:
2637 hci_cs_auth_requested(hdev, ev->status);
2640 case HCI_OP_SET_CONN_ENCRYPT:
2641 hci_cs_set_conn_encrypt(hdev, ev->status);
2644 case HCI_OP_REMOTE_NAME_REQ:
2645 hci_cs_remote_name_req(hdev, ev->status);
2648 case HCI_OP_READ_REMOTE_FEATURES:
2649 hci_cs_read_remote_features(hdev, ev->status);
2652 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2653 hci_cs_read_remote_ext_features(hdev, ev->status);
2656 case HCI_OP_SETUP_SYNC_CONN:
2657 hci_cs_setup_sync_conn(hdev, ev->status);
2660 case HCI_OP_SNIFF_MODE:
2661 hci_cs_sniff_mode(hdev, ev->status);
2664 case HCI_OP_EXIT_SNIFF_MODE:
2665 hci_cs_exit_sniff_mode(hdev, ev->status);
2668 case HCI_OP_DISCONNECT:
2669 hci_cs_disconnect(hdev, ev->status);
2672 case HCI_OP_LE_CREATE_CONN:
2673 hci_cs_le_create_conn(hdev, ev->status);
2676 case HCI_OP_LE_START_ENC:
2677 hci_cs_le_start_enc(hdev, ev->status);
2680 case HCI_OP_CREATE_PHY_LINK:
2681 hci_cs_create_phylink(hdev, ev->status);
2684 case HCI_OP_ACCEPT_PHY_LINK:
2685 hci_cs_accept_phylink(hdev, ev->status);
2688 case HCI_OP_CREATE_LOGICAL_LINK:
2689 hci_cs_create_logical_link(hdev, ev->status);
2693 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
2697 if (ev->opcode != HCI_OP_NOP)
2698 del_timer(&hdev->cmd_timer);
2700 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
2701 atomic_set(&hdev->cmd_cnt, 1);
2702 if (!skb_queue_empty(&hdev->cmd_q))
2703 queue_work(hdev->workqueue, &hdev->cmd_work);
2707 static void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2709 struct hci_ev_role_change *ev = (void *) skb->data;
2710 struct hci_conn *conn;
2712 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2716 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2720 conn->link_mode &= ~HCI_LM_MASTER;
2722 conn->link_mode |= HCI_LM_MASTER;
2725 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
2727 hci_role_switch_cfm(conn, ev->status, ev->role);
2730 hci_dev_unlock(hdev);
2733 static void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
2735 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
2738 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2739 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2743 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2744 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
2745 BT_DBG("%s bad parameters", hdev->name);
2749 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2751 for (i = 0; i < ev->num_hndl; i++) {
2752 struct hci_comp_pkts_info *info = &ev->handles[i];
2753 struct hci_conn *conn;
2754 __u16 handle, count;
2756 handle = __le16_to_cpu(info->handle);
2757 count = __le16_to_cpu(info->count);
2759 conn = hci_conn_hash_lookup_handle(hdev, handle);
2763 conn->sent -= count;
2765 switch (conn->type) {
2767 hdev->acl_cnt += count;
2768 if (hdev->acl_cnt > hdev->acl_pkts)
2769 hdev->acl_cnt = hdev->acl_pkts;
2773 if (hdev->le_pkts) {
2774 hdev->le_cnt += count;
2775 if (hdev->le_cnt > hdev->le_pkts)
2776 hdev->le_cnt = hdev->le_pkts;
2778 hdev->acl_cnt += count;
2779 if (hdev->acl_cnt > hdev->acl_pkts)
2780 hdev->acl_cnt = hdev->acl_pkts;
2785 hdev->sco_cnt += count;
2786 if (hdev->sco_cnt > hdev->sco_pkts)
2787 hdev->sco_cnt = hdev->sco_pkts;
2791 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2796 queue_work(hdev->workqueue, &hdev->tx_work);
2799 static struct hci_conn *__hci_conn_lookup_handle(struct hci_dev *hdev,
2802 struct hci_chan *chan;
2804 switch (hdev->dev_type) {
2806 return hci_conn_hash_lookup_handle(hdev, handle);
2808 chan = hci_chan_lookup_handle(hdev, handle);
2813 BT_ERR("%s unknown dev_type %d", hdev->name, hdev->dev_type);
2820 static void hci_num_comp_blocks_evt(struct hci_dev *hdev, struct sk_buff *skb)
2822 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2825 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2826 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2830 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2831 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
2832 BT_DBG("%s bad parameters", hdev->name);
2836 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
2839 for (i = 0; i < ev->num_hndl; i++) {
2840 struct hci_comp_blocks_info *info = &ev->handles[i];
2841 struct hci_conn *conn = NULL;
2842 __u16 handle, block_count;
2844 handle = __le16_to_cpu(info->handle);
2845 block_count = __le16_to_cpu(info->blocks);
2847 conn = __hci_conn_lookup_handle(hdev, handle);
2851 conn->sent -= block_count;
2853 switch (conn->type) {
2856 hdev->block_cnt += block_count;
2857 if (hdev->block_cnt > hdev->num_blocks)
2858 hdev->block_cnt = hdev->num_blocks;
2862 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2867 queue_work(hdev->workqueue, &hdev->tx_work);
2870 static void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2872 struct hci_ev_mode_change *ev = (void *) skb->data;
2873 struct hci_conn *conn;
2875 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2879 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2881 conn->mode = ev->mode;
2882 conn->interval = __le16_to_cpu(ev->interval);
2884 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND,
2886 if (conn->mode == HCI_CM_ACTIVE)
2887 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
2889 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
2892 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
2893 hci_sco_setup(conn, ev->status);
2896 hci_dev_unlock(hdev);
2899 static void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2901 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2902 struct hci_conn *conn;
2904 BT_DBG("%s", hdev->name);
2908 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2912 if (conn->state == BT_CONNECTED) {
2913 hci_conn_hold(conn);
2914 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2918 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
2919 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2920 sizeof(ev->bdaddr), &ev->bdaddr);
2921 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
2924 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2929 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
2933 hci_dev_unlock(hdev);
2936 static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2938 struct hci_ev_link_key_req *ev = (void *) skb->data;
2939 struct hci_cp_link_key_reply cp;
2940 struct hci_conn *conn;
2941 struct link_key *key;
2943 BT_DBG("%s", hdev->name);
2945 if (!test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
2950 key = hci_find_link_key(hdev, &ev->bdaddr);
2952 BT_DBG("%s link key not found for %pMR", hdev->name,
2957 BT_DBG("%s found key type %u for %pMR", hdev->name, key->type,
2960 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
2961 key->type == HCI_LK_DEBUG_COMBINATION) {
2962 BT_DBG("%s ignoring debug key", hdev->name);
2966 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2968 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
2969 conn->auth_type != 0xff && (conn->auth_type & 0x01)) {
2970 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2974 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
2975 conn->pending_sec_level == BT_SECURITY_HIGH) {
2976 BT_DBG("%s ignoring key unauthenticated for high security",
2981 conn->key_type = key->type;
2982 conn->pin_length = key->pin_len;
2985 bacpy(&cp.bdaddr, &ev->bdaddr);
2986 memcpy(cp.link_key, key->val, HCI_LINK_KEY_SIZE);
2988 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2990 hci_dev_unlock(hdev);
2995 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2996 hci_dev_unlock(hdev);
2999 static void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
3001 struct hci_ev_link_key_notify *ev = (void *) skb->data;
3002 struct hci_conn *conn;
3005 BT_DBG("%s", hdev->name);
3009 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3011 hci_conn_hold(conn);
3012 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
3013 pin_len = conn->pin_length;
3015 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
3016 conn->key_type = ev->key_type;
3021 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
3022 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
3023 ev->key_type, pin_len);
3025 hci_dev_unlock(hdev);
3028 static void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
3030 struct hci_ev_clock_offset *ev = (void *) skb->data;
3031 struct hci_conn *conn;
3033 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3037 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3038 if (conn && !ev->status) {
3039 struct inquiry_entry *ie;
3041 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
3043 ie->data.clock_offset = ev->clock_offset;
3044 ie->timestamp = jiffies;
3048 hci_dev_unlock(hdev);
3051 static void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
3053 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
3054 struct hci_conn *conn;
3056 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3060 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3061 if (conn && !ev->status)
3062 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
3064 hci_dev_unlock(hdev);
3067 static void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
3069 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
3070 struct inquiry_entry *ie;
3072 BT_DBG("%s", hdev->name);
3076 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3078 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
3079 ie->timestamp = jiffies;
3082 hci_dev_unlock(hdev);
3085 static void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev,
3086 struct sk_buff *skb)
3088 struct inquiry_data data;
3089 int num_rsp = *((__u8 *) skb->data);
3090 bool name_known, ssp;
3092 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
3097 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
3102 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
3103 struct inquiry_info_with_rssi_and_pscan_mode *info;
3104 info = (void *) (skb->data + 1);
3106 for (; num_rsp; num_rsp--, info++) {
3107 bacpy(&data.bdaddr, &info->bdaddr);
3108 data.pscan_rep_mode = info->pscan_rep_mode;
3109 data.pscan_period_mode = info->pscan_period_mode;
3110 data.pscan_mode = info->pscan_mode;
3111 memcpy(data.dev_class, info->dev_class, 3);
3112 data.clock_offset = info->clock_offset;
3113 data.rssi = info->rssi;
3114 data.ssp_mode = 0x00;
3116 name_known = hci_inquiry_cache_update(hdev, &data,
3118 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
3119 info->dev_class, info->rssi,
3120 !name_known, ssp, NULL, 0);
3123 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
3125 for (; num_rsp; num_rsp--, info++) {
3126 bacpy(&data.bdaddr, &info->bdaddr);
3127 data.pscan_rep_mode = info->pscan_rep_mode;
3128 data.pscan_period_mode = info->pscan_period_mode;
3129 data.pscan_mode = 0x00;
3130 memcpy(data.dev_class, info->dev_class, 3);
3131 data.clock_offset = info->clock_offset;
3132 data.rssi = info->rssi;
3133 data.ssp_mode = 0x00;
3134 name_known = hci_inquiry_cache_update(hdev, &data,
3136 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
3137 info->dev_class, info->rssi,
3138 !name_known, ssp, NULL, 0);
3142 hci_dev_unlock(hdev);
3145 static void hci_remote_ext_features_evt(struct hci_dev *hdev,
3146 struct sk_buff *skb)
3148 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
3149 struct hci_conn *conn;
3151 BT_DBG("%s", hdev->name);
3155 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3159 if (!ev->status && ev->page == 0x01) {
3160 struct inquiry_entry *ie;
3162 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
3164 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
3166 if (ev->features[0] & LMP_HOST_SSP)
3167 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
3170 if (conn->state != BT_CONFIG)
3173 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
3174 struct hci_cp_remote_name_req cp;
3175 memset(&cp, 0, sizeof(cp));
3176 bacpy(&cp.bdaddr, &conn->dst);
3177 cp.pscan_rep_mode = 0x02;
3178 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
3179 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3180 mgmt_device_connected(hdev, &conn->dst, conn->type,
3181 conn->dst_type, 0, NULL, 0,
3184 if (!hci_outgoing_auth_needed(hdev, conn)) {
3185 conn->state = BT_CONNECTED;
3186 hci_proto_connect_cfm(conn, ev->status);
3191 hci_dev_unlock(hdev);
3194 static void hci_sync_conn_complete_evt(struct hci_dev *hdev,
3195 struct sk_buff *skb)
3197 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
3198 struct hci_conn *conn;
3200 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3204 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
3206 if (ev->link_type == ESCO_LINK)
3209 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
3213 conn->type = SCO_LINK;
3216 switch (ev->status) {
3218 conn->handle = __le16_to_cpu(ev->handle);
3219 conn->state = BT_CONNECTED;
3221 hci_conn_hold_device(conn);
3222 hci_conn_add_sysfs(conn);
3225 case 0x11: /* Unsupported Feature or Parameter Value */
3226 case 0x1c: /* SCO interval rejected */
3227 case 0x1a: /* Unsupported Remote Feature */
3228 case 0x1f: /* Unspecified error */
3229 if (conn->out && conn->attempt < 2) {
3230 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
3231 (hdev->esco_type & EDR_ESCO_MASK);
3232 hci_setup_sync(conn, conn->link->handle);
3238 conn->state = BT_CLOSED;
3242 hci_proto_connect_cfm(conn, ev->status);
3247 hci_dev_unlock(hdev);
3250 static void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
3252 BT_DBG("%s", hdev->name);
3255 static void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
3257 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
3259 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3262 static void hci_extended_inquiry_result_evt(struct hci_dev *hdev,
3263 struct sk_buff *skb)
3265 struct inquiry_data data;
3266 struct extended_inquiry_info *info = (void *) (skb->data + 1);
3267 int num_rsp = *((__u8 *) skb->data);
3270 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
3275 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
3280 for (; num_rsp; num_rsp--, info++) {
3281 bool name_known, ssp;
3283 bacpy(&data.bdaddr, &info->bdaddr);
3284 data.pscan_rep_mode = info->pscan_rep_mode;
3285 data.pscan_period_mode = info->pscan_period_mode;
3286 data.pscan_mode = 0x00;
3287 memcpy(data.dev_class, info->dev_class, 3);
3288 data.clock_offset = info->clock_offset;
3289 data.rssi = info->rssi;
3290 data.ssp_mode = 0x01;
3292 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3293 name_known = eir_has_data_type(info->data,
3299 name_known = hci_inquiry_cache_update(hdev, &data, name_known,
3301 eir_len = eir_get_length(info->data, sizeof(info->data));
3302 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
3303 info->dev_class, info->rssi, !name_known,
3304 ssp, info->data, eir_len);
3307 hci_dev_unlock(hdev);
3310 static void hci_key_refresh_complete_evt(struct hci_dev *hdev,
3311 struct sk_buff *skb)
3313 struct hci_ev_key_refresh_complete *ev = (void *) skb->data;
3314 struct hci_conn *conn;
3316 BT_DBG("%s status 0x%2.2x handle 0x%4.4x", hdev->name, ev->status,
3317 __le16_to_cpu(ev->handle));
3321 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3326 conn->sec_level = conn->pending_sec_level;
3328 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
3330 if (ev->status && conn->state == BT_CONNECTED) {
3331 hci_acl_disconn(conn, HCI_ERROR_AUTH_FAILURE);
3336 if (conn->state == BT_CONFIG) {
3338 conn->state = BT_CONNECTED;
3340 hci_proto_connect_cfm(conn, ev->status);
3343 hci_auth_cfm(conn, ev->status);
3345 hci_conn_hold(conn);
3346 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
3351 hci_dev_unlock(hdev);
3354 static u8 hci_get_auth_req(struct hci_conn *conn)
3356 /* If remote requests dedicated bonding follow that lead */
3357 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
3358 /* If both remote and local IO capabilities allow MITM
3359 * protection then require it, otherwise don't */
3360 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
3366 /* If remote requests no-bonding follow that lead */
3367 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
3368 return conn->remote_auth | (conn->auth_type & 0x01);
3370 return conn->auth_type;
3373 static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
3375 struct hci_ev_io_capa_request *ev = (void *) skb->data;
3376 struct hci_conn *conn;
3378 BT_DBG("%s", hdev->name);
3382 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3386 hci_conn_hold(conn);
3388 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
3391 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
3392 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
3393 struct hci_cp_io_capability_reply cp;
3395 bacpy(&cp.bdaddr, &ev->bdaddr);
3396 /* Change the IO capability from KeyboardDisplay
3397 * to DisplayYesNo as it is not supported by BT spec. */
3398 cp.capability = (conn->io_capability == 0x04) ?
3399 0x01 : conn->io_capability;
3400 conn->auth_type = hci_get_auth_req(conn);
3401 cp.authentication = conn->auth_type;
3403 if (hci_find_remote_oob_data(hdev, &conn->dst) &&
3404 (conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)))
3409 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
3412 struct hci_cp_io_capability_neg_reply cp;
3414 bacpy(&cp.bdaddr, &ev->bdaddr);
3415 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
3417 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
3422 hci_dev_unlock(hdev);
3425 static void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
3427 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3428 struct hci_conn *conn;
3430 BT_DBG("%s", hdev->name);
3434 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3438 conn->remote_cap = ev->capability;
3439 conn->remote_auth = ev->authentication;
3441 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
3444 hci_dev_unlock(hdev);
3447 static void hci_user_confirm_request_evt(struct hci_dev *hdev,
3448 struct sk_buff *skb)
3450 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
3451 int loc_mitm, rem_mitm, confirm_hint = 0;
3452 struct hci_conn *conn;
3454 BT_DBG("%s", hdev->name);
3458 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
3461 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3465 loc_mitm = (conn->auth_type & 0x01);
3466 rem_mitm = (conn->remote_auth & 0x01);
3468 /* If we require MITM but the remote device can't provide that
3469 * (it has NoInputNoOutput) then reject the confirmation
3470 * request. The only exception is when we're dedicated bonding
3471 * initiators (connect_cfm_cb set) since then we always have the MITM
3473 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
3474 BT_DBG("Rejecting request: remote device can't provide MITM");
3475 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
3476 sizeof(ev->bdaddr), &ev->bdaddr);
3480 /* If no side requires MITM protection; auto-accept */
3481 if ((!loc_mitm || conn->remote_cap == 0x03) &&
3482 (!rem_mitm || conn->io_capability == 0x03)) {
3484 /* If we're not the initiators request authorization to
3485 * proceed from user space (mgmt_user_confirm with
3486 * confirm_hint set to 1). */
3487 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
3488 BT_DBG("Confirming auto-accept as acceptor");
3493 BT_DBG("Auto-accept of user confirmation with %ums delay",
3494 hdev->auto_accept_delay);
3496 if (hdev->auto_accept_delay > 0) {
3497 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3498 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3502 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
3503 sizeof(ev->bdaddr), &ev->bdaddr);
3508 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, ev->passkey,
3512 hci_dev_unlock(hdev);
3515 static void hci_user_passkey_request_evt(struct hci_dev *hdev,
3516 struct sk_buff *skb)
3518 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3520 BT_DBG("%s", hdev->name);
3522 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3523 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
3526 static void hci_user_passkey_notify_evt(struct hci_dev *hdev,
3527 struct sk_buff *skb)
3529 struct hci_ev_user_passkey_notify *ev = (void *) skb->data;
3530 struct hci_conn *conn;
3532 BT_DBG("%s", hdev->name);
3534 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3538 conn->passkey_notify = __le32_to_cpu(ev->passkey);
3539 conn->passkey_entered = 0;
3541 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3542 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3543 conn->dst_type, conn->passkey_notify,
3544 conn->passkey_entered);
3547 static void hci_keypress_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
3549 struct hci_ev_keypress_notify *ev = (void *) skb->data;
3550 struct hci_conn *conn;
3552 BT_DBG("%s", hdev->name);
3554 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3559 case HCI_KEYPRESS_STARTED:
3560 conn->passkey_entered = 0;
3563 case HCI_KEYPRESS_ENTERED:
3564 conn->passkey_entered++;
3567 case HCI_KEYPRESS_ERASED:
3568 conn->passkey_entered--;
3571 case HCI_KEYPRESS_CLEARED:
3572 conn->passkey_entered = 0;
3575 case HCI_KEYPRESS_COMPLETED:
3579 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3580 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3581 conn->dst_type, conn->passkey_notify,
3582 conn->passkey_entered);
3585 static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
3586 struct sk_buff *skb)
3588 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3589 struct hci_conn *conn;
3591 BT_DBG("%s", hdev->name);
3595 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3599 /* To avoid duplicate auth_failed events to user space we check
3600 * the HCI_CONN_AUTH_PEND flag which will be set if we
3601 * initiated the authentication. A traditional auth_complete
3602 * event gets always produced as initiator and is also mapped to
3603 * the mgmt_auth_failed event */
3604 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status)
3605 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
3611 hci_dev_unlock(hdev);
3614 static void hci_remote_host_features_evt(struct hci_dev *hdev,
3615 struct sk_buff *skb)
3617 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3618 struct inquiry_entry *ie;
3620 BT_DBG("%s", hdev->name);
3624 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3626 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
3628 hci_dev_unlock(hdev);
3631 static void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3632 struct sk_buff *skb)
3634 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3635 struct oob_data *data;
3637 BT_DBG("%s", hdev->name);
3641 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
3644 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3646 struct hci_cp_remote_oob_data_reply cp;
3648 bacpy(&cp.bdaddr, &ev->bdaddr);
3649 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3650 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3652 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
3655 struct hci_cp_remote_oob_data_neg_reply cp;
3657 bacpy(&cp.bdaddr, &ev->bdaddr);
3658 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
3663 hci_dev_unlock(hdev);
3666 static void hci_phy_link_complete_evt(struct hci_dev *hdev,
3667 struct sk_buff *skb)
3669 struct hci_ev_phy_link_complete *ev = (void *) skb->data;
3670 struct hci_conn *hcon, *bredr_hcon;
3672 BT_DBG("%s handle 0x%2.2x status 0x%2.2x", hdev->name, ev->phy_handle,
3677 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3679 hci_dev_unlock(hdev);
3685 hci_dev_unlock(hdev);
3689 bredr_hcon = hcon->amp_mgr->l2cap_conn->hcon;
3691 hcon->state = BT_CONNECTED;
3692 bacpy(&hcon->dst, &bredr_hcon->dst);
3694 hci_conn_hold(hcon);
3695 hcon->disc_timeout = HCI_DISCONN_TIMEOUT;
3698 hci_conn_hold_device(hcon);
3699 hci_conn_add_sysfs(hcon);
3701 amp_physical_cfm(bredr_hcon, hcon);
3703 hci_dev_unlock(hdev);
3706 static void hci_loglink_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3708 struct hci_ev_logical_link_complete *ev = (void *) skb->data;
3709 struct hci_conn *hcon;
3710 struct hci_chan *hchan;
3711 struct amp_mgr *mgr;
3713 BT_DBG("%s log_handle 0x%4.4x phy_handle 0x%2.2x status 0x%2.2x",
3714 hdev->name, le16_to_cpu(ev->handle), ev->phy_handle,
3717 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3721 /* Create AMP hchan */
3722 hchan = hci_chan_create(hcon);
3726 hchan->handle = le16_to_cpu(ev->handle);
3728 BT_DBG("hcon %p mgr %p hchan %p", hcon, hcon->amp_mgr, hchan);
3730 mgr = hcon->amp_mgr;
3731 if (mgr && mgr->bredr_chan) {
3732 struct l2cap_chan *bredr_chan = mgr->bredr_chan;
3734 l2cap_chan_lock(bredr_chan);
3736 bredr_chan->conn->mtu = hdev->block_mtu;
3737 l2cap_logical_cfm(bredr_chan, hchan, 0);
3738 hci_conn_hold(hcon);
3740 l2cap_chan_unlock(bredr_chan);
3744 static void hci_disconn_loglink_complete_evt(struct hci_dev *hdev,
3745 struct sk_buff *skb)
3747 struct hci_ev_disconn_logical_link_complete *ev = (void *) skb->data;
3748 struct hci_chan *hchan;
3750 BT_DBG("%s log handle 0x%4.4x status 0x%2.2x", hdev->name,
3751 le16_to_cpu(ev->handle), ev->status);
3758 hchan = hci_chan_lookup_handle(hdev, le16_to_cpu(ev->handle));
3762 amp_destroy_logical_link(hchan, ev->reason);
3765 hci_dev_unlock(hdev);
3768 static void hci_disconn_phylink_complete_evt(struct hci_dev *hdev,
3769 struct sk_buff *skb)
3771 struct hci_ev_disconn_phy_link_complete *ev = (void *) skb->data;
3772 struct hci_conn *hcon;
3774 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3781 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3783 hcon->state = BT_CLOSED;
3787 hci_dev_unlock(hdev);
3790 static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3792 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3793 struct hci_conn *conn;
3795 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3799 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
3801 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3803 BT_ERR("No memory for new connection");
3807 conn->dst_type = ev->bdaddr_type;
3809 if (ev->role == LE_CONN_ROLE_MASTER) {
3811 conn->link_mode |= HCI_LM_MASTER;
3816 mgmt_connect_failed(hdev, &conn->dst, conn->type,
3817 conn->dst_type, ev->status);
3818 hci_proto_connect_cfm(conn, ev->status);
3819 conn->state = BT_CLOSED;
3824 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3825 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
3826 conn->dst_type, 0, NULL, 0, NULL);
3828 conn->sec_level = BT_SECURITY_LOW;
3829 conn->handle = __le16_to_cpu(ev->handle);
3830 conn->state = BT_CONNECTED;
3832 hci_conn_hold_device(conn);
3833 hci_conn_add_sysfs(conn);
3835 hci_proto_connect_cfm(conn, ev->status);
3838 hci_dev_unlock(hdev);
3841 static void hci_le_adv_report_evt(struct hci_dev *hdev, struct sk_buff *skb)
3843 u8 num_reports = skb->data[0];
3844 void *ptr = &skb->data[1];
3849 while (num_reports--) {
3850 struct hci_ev_le_advertising_info *ev = ptr;
3852 rssi = ev->data[ev->length];
3853 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
3854 NULL, rssi, 0, 1, ev->data, ev->length);
3856 ptr += sizeof(*ev) + ev->length + 1;
3859 hci_dev_unlock(hdev);
3862 static void hci_le_ltk_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
3864 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3865 struct hci_cp_le_ltk_reply cp;
3866 struct hci_cp_le_ltk_neg_reply neg;
3867 struct hci_conn *conn;
3868 struct smp_ltk *ltk;
3870 BT_DBG("%s handle 0x%4.4x", hdev->name, __le16_to_cpu(ev->handle));
3874 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3878 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3882 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
3883 cp.handle = cpu_to_le16(conn->handle);
3885 if (ltk->authenticated)
3886 conn->sec_level = BT_SECURITY_HIGH;
3888 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3890 if (ltk->type & HCI_SMP_STK) {
3891 list_del(<k->list);
3895 hci_dev_unlock(hdev);
3900 neg.handle = ev->handle;
3901 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3902 hci_dev_unlock(hdev);
3905 static void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
3907 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3909 skb_pull(skb, sizeof(*le_ev));
3911 switch (le_ev->subevent) {
3912 case HCI_EV_LE_CONN_COMPLETE:
3913 hci_le_conn_complete_evt(hdev, skb);
3916 case HCI_EV_LE_ADVERTISING_REPORT:
3917 hci_le_adv_report_evt(hdev, skb);
3920 case HCI_EV_LE_LTK_REQ:
3921 hci_le_ltk_request_evt(hdev, skb);
3929 static void hci_chan_selected_evt(struct hci_dev *hdev, struct sk_buff *skb)
3931 struct hci_ev_channel_selected *ev = (void *) skb->data;
3932 struct hci_conn *hcon;
3934 BT_DBG("%s handle 0x%2.2x", hdev->name, ev->phy_handle);
3936 skb_pull(skb, sizeof(*ev));
3938 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3942 amp_read_loc_assoc_final_data(hdev, hcon);
3945 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3947 struct hci_event_hdr *hdr = (void *) skb->data;
3948 __u8 event = hdr->evt;
3950 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3953 case HCI_EV_INQUIRY_COMPLETE:
3954 hci_inquiry_complete_evt(hdev, skb);
3957 case HCI_EV_INQUIRY_RESULT:
3958 hci_inquiry_result_evt(hdev, skb);
3961 case HCI_EV_CONN_COMPLETE:
3962 hci_conn_complete_evt(hdev, skb);
3965 case HCI_EV_CONN_REQUEST:
3966 hci_conn_request_evt(hdev, skb);
3969 case HCI_EV_DISCONN_COMPLETE:
3970 hci_disconn_complete_evt(hdev, skb);
3973 case HCI_EV_AUTH_COMPLETE:
3974 hci_auth_complete_evt(hdev, skb);
3977 case HCI_EV_REMOTE_NAME:
3978 hci_remote_name_evt(hdev, skb);
3981 case HCI_EV_ENCRYPT_CHANGE:
3982 hci_encrypt_change_evt(hdev, skb);
3985 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3986 hci_change_link_key_complete_evt(hdev, skb);
3989 case HCI_EV_REMOTE_FEATURES:
3990 hci_remote_features_evt(hdev, skb);
3993 case HCI_EV_REMOTE_VERSION:
3994 hci_remote_version_evt(hdev, skb);
3997 case HCI_EV_QOS_SETUP_COMPLETE:
3998 hci_qos_setup_complete_evt(hdev, skb);
4001 case HCI_EV_CMD_COMPLETE:
4002 hci_cmd_complete_evt(hdev, skb);
4005 case HCI_EV_CMD_STATUS:
4006 hci_cmd_status_evt(hdev, skb);
4009 case HCI_EV_ROLE_CHANGE:
4010 hci_role_change_evt(hdev, skb);
4013 case HCI_EV_NUM_COMP_PKTS:
4014 hci_num_comp_pkts_evt(hdev, skb);
4017 case HCI_EV_MODE_CHANGE:
4018 hci_mode_change_evt(hdev, skb);
4021 case HCI_EV_PIN_CODE_REQ:
4022 hci_pin_code_request_evt(hdev, skb);
4025 case HCI_EV_LINK_KEY_REQ:
4026 hci_link_key_request_evt(hdev, skb);
4029 case HCI_EV_LINK_KEY_NOTIFY:
4030 hci_link_key_notify_evt(hdev, skb);
4033 case HCI_EV_CLOCK_OFFSET:
4034 hci_clock_offset_evt(hdev, skb);
4037 case HCI_EV_PKT_TYPE_CHANGE:
4038 hci_pkt_type_change_evt(hdev, skb);
4041 case HCI_EV_PSCAN_REP_MODE:
4042 hci_pscan_rep_mode_evt(hdev, skb);
4045 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
4046 hci_inquiry_result_with_rssi_evt(hdev, skb);
4049 case HCI_EV_REMOTE_EXT_FEATURES:
4050 hci_remote_ext_features_evt(hdev, skb);
4053 case HCI_EV_SYNC_CONN_COMPLETE:
4054 hci_sync_conn_complete_evt(hdev, skb);
4057 case HCI_EV_SYNC_CONN_CHANGED:
4058 hci_sync_conn_changed_evt(hdev, skb);
4061 case HCI_EV_SNIFF_SUBRATE:
4062 hci_sniff_subrate_evt(hdev, skb);
4065 case HCI_EV_EXTENDED_INQUIRY_RESULT:
4066 hci_extended_inquiry_result_evt(hdev, skb);
4069 case HCI_EV_KEY_REFRESH_COMPLETE:
4070 hci_key_refresh_complete_evt(hdev, skb);
4073 case HCI_EV_IO_CAPA_REQUEST:
4074 hci_io_capa_request_evt(hdev, skb);
4077 case HCI_EV_IO_CAPA_REPLY:
4078 hci_io_capa_reply_evt(hdev, skb);
4081 case HCI_EV_USER_CONFIRM_REQUEST:
4082 hci_user_confirm_request_evt(hdev, skb);
4085 case HCI_EV_USER_PASSKEY_REQUEST:
4086 hci_user_passkey_request_evt(hdev, skb);
4089 case HCI_EV_USER_PASSKEY_NOTIFY:
4090 hci_user_passkey_notify_evt(hdev, skb);
4093 case HCI_EV_KEYPRESS_NOTIFY:
4094 hci_keypress_notify_evt(hdev, skb);
4097 case HCI_EV_SIMPLE_PAIR_COMPLETE:
4098 hci_simple_pair_complete_evt(hdev, skb);
4101 case HCI_EV_REMOTE_HOST_FEATURES:
4102 hci_remote_host_features_evt(hdev, skb);
4105 case HCI_EV_LE_META:
4106 hci_le_meta_evt(hdev, skb);
4109 case HCI_EV_CHANNEL_SELECTED:
4110 hci_chan_selected_evt(hdev, skb);
4113 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
4114 hci_remote_oob_data_request_evt(hdev, skb);
4117 case HCI_EV_PHY_LINK_COMPLETE:
4118 hci_phy_link_complete_evt(hdev, skb);
4121 case HCI_EV_LOGICAL_LINK_COMPLETE:
4122 hci_loglink_complete_evt(hdev, skb);
4125 case HCI_EV_DISCONN_LOGICAL_LINK_COMPLETE:
4126 hci_disconn_loglink_complete_evt(hdev, skb);
4129 case HCI_EV_DISCONN_PHY_LINK_COMPLETE:
4130 hci_disconn_phylink_complete_evt(hdev, skb);
4133 case HCI_EV_NUM_COMP_BLOCKS:
4134 hci_num_comp_blocks_evt(hdev, skb);
4138 BT_DBG("%s event 0x%2.2x", hdev->name, event);
4143 hdev->stat.evt_rx++;
projects / linux-2.6-block.git / blob