2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 /* Bluetooth HCI Management interface */
25 #include <linux/kernel.h>
26 #include <linux/uaccess.h>
27 #include <linux/module.h>
28 #include <asm/unaligned.h>
30 #include <net/bluetooth/bluetooth.h>
31 #include <net/bluetooth/hci_core.h>
32 #include <net/bluetooth/mgmt.h>
34 #define MGMT_VERSION 0
35 #define MGMT_REVISION 1
37 #define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
39 #define SERVICE_CACHE_TIMEOUT (5 * 1000)
42 struct list_head list;
50 /* HCI to MGMT error code conversion table */
51 static u8 mgmt_status_table[] = {
53 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
54 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
55 MGMT_STATUS_FAILED, /* Hardware Failure */
56 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
57 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
58 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
59 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
60 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
61 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
62 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
63 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
64 MGMT_STATUS_BUSY, /* Command Disallowed */
65 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
66 MGMT_STATUS_REJECTED, /* Rejected Security */
67 MGMT_STATUS_REJECTED, /* Rejected Personal */
68 MGMT_STATUS_TIMEOUT, /* Host Timeout */
69 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
70 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
71 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
72 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
73 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
74 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
75 MGMT_STATUS_BUSY, /* Repeated Attempts */
76 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
77 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
78 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
79 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
80 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
81 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
82 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
83 MGMT_STATUS_FAILED, /* Unspecified Error */
84 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
85 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
86 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
87 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
88 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
89 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
90 MGMT_STATUS_FAILED, /* Unit Link Key Used */
91 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
92 MGMT_STATUS_TIMEOUT, /* Instant Passed */
93 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
94 MGMT_STATUS_FAILED, /* Transaction Collision */
95 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
96 MGMT_STATUS_REJECTED, /* QoS Rejected */
97 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
98 MGMT_STATUS_REJECTED, /* Insufficient Security */
99 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
100 MGMT_STATUS_BUSY, /* Role Switch Pending */
101 MGMT_STATUS_FAILED, /* Slot Violation */
102 MGMT_STATUS_FAILED, /* Role Switch Failed */
103 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
104 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
105 MGMT_STATUS_BUSY, /* Host Busy Pairing */
106 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
107 MGMT_STATUS_BUSY, /* Controller Busy */
108 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
109 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
110 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
111 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
112 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
115 static u8 mgmt_status(u8 hci_status)
117 if (hci_status < ARRAY_SIZE(mgmt_status_table))
118 return mgmt_status_table[hci_status];
120 return MGMT_STATUS_FAILED;
123 static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
126 struct mgmt_hdr *hdr;
127 struct mgmt_ev_cmd_status *ev;
130 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
132 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
136 hdr = (void *) skb_put(skb, sizeof(*hdr));
138 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
139 hdr->index = cpu_to_le16(index);
140 hdr->len = cpu_to_le16(sizeof(*ev));
142 ev = (void *) skb_put(skb, sizeof(*ev));
144 put_unaligned_le16(cmd, &ev->opcode);
146 err = sock_queue_rcv_skb(sk, skb);
153 static int cmd_complete(struct sock *sk, u16 index, u16 cmd, void *rp,
157 struct mgmt_hdr *hdr;
158 struct mgmt_ev_cmd_complete *ev;
161 BT_DBG("sock %p", sk);
163 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
167 hdr = (void *) skb_put(skb, sizeof(*hdr));
169 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
170 hdr->index = cpu_to_le16(index);
171 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
173 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
174 put_unaligned_le16(cmd, &ev->opcode);
177 memcpy(ev->data, rp, rp_len);
179 err = sock_queue_rcv_skb(sk, skb);
186 static int read_version(struct sock *sk)
188 struct mgmt_rp_read_version rp;
190 BT_DBG("sock %p", sk);
192 rp.version = MGMT_VERSION;
193 put_unaligned_le16(MGMT_REVISION, &rp.revision);
195 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, &rp,
199 static int read_index_list(struct sock *sk)
201 struct mgmt_rp_read_index_list *rp;
208 BT_DBG("sock %p", sk);
210 read_lock(&hci_dev_list_lock);
213 list_for_each(p, &hci_dev_list) {
217 rp_len = sizeof(*rp) + (2 * count);
218 rp = kmalloc(rp_len, GFP_ATOMIC);
220 read_unlock(&hci_dev_list_lock);
224 put_unaligned_le16(count, &rp->num_controllers);
227 list_for_each_entry(d, &hci_dev_list, list) {
228 if (test_and_clear_bit(HCI_AUTO_OFF, &d->flags))
229 cancel_delayed_work(&d->power_off);
231 if (test_bit(HCI_SETUP, &d->flags))
234 put_unaligned_le16(d->id, &rp->index[i++]);
235 BT_DBG("Added hci%u", d->id);
238 read_unlock(&hci_dev_list_lock);
240 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, rp,
248 static u32 get_supported_settings(struct hci_dev *hdev)
252 settings |= MGMT_SETTING_POWERED;
253 settings |= MGMT_SETTING_CONNECTABLE;
254 settings |= MGMT_SETTING_FAST_CONNECTABLE;
255 settings |= MGMT_SETTING_DISCOVERABLE;
256 settings |= MGMT_SETTING_PAIRABLE;
258 if (hdev->features[6] & LMP_SIMPLE_PAIR)
259 settings |= MGMT_SETTING_SSP;
261 if (!(hdev->features[4] & LMP_NO_BREDR)) {
262 settings |= MGMT_SETTING_BREDR;
263 settings |= MGMT_SETTING_LINK_SECURITY;
266 if (hdev->features[4] & LMP_LE)
267 settings |= MGMT_SETTING_LE;
272 static u32 get_current_settings(struct hci_dev *hdev)
276 if (test_bit(HCI_UP, &hdev->flags))
277 settings |= MGMT_SETTING_POWERED;
281 if (test_bit(HCI_PSCAN, &hdev->flags))
282 settings |= MGMT_SETTING_CONNECTABLE;
284 if (test_bit(HCI_ISCAN, &hdev->flags))
285 settings |= MGMT_SETTING_DISCOVERABLE;
287 if (test_bit(HCI_PAIRABLE, &hdev->flags))
288 settings |= MGMT_SETTING_PAIRABLE;
290 if (!(hdev->features[4] & LMP_NO_BREDR))
291 settings |= MGMT_SETTING_BREDR;
293 if (hdev->extfeatures[0] & LMP_HOST_LE)
294 settings |= MGMT_SETTING_LE;
296 if (test_bit(HCI_AUTH, &hdev->flags))
297 settings |= MGMT_SETTING_LINK_SECURITY;
299 if (hdev->ssp_mode > 0)
300 settings |= MGMT_SETTING_SSP;
305 #define EIR_FLAGS 0x01 /* flags */
306 #define EIR_UUID16_SOME 0x02 /* 16-bit UUID, more available */
307 #define EIR_UUID16_ALL 0x03 /* 16-bit UUID, all listed */
308 #define EIR_UUID32_SOME 0x04 /* 32-bit UUID, more available */
309 #define EIR_UUID32_ALL 0x05 /* 32-bit UUID, all listed */
310 #define EIR_UUID128_SOME 0x06 /* 128-bit UUID, more available */
311 #define EIR_UUID128_ALL 0x07 /* 128-bit UUID, all listed */
312 #define EIR_NAME_SHORT 0x08 /* shortened local name */
313 #define EIR_NAME_COMPLETE 0x09 /* complete local name */
314 #define EIR_TX_POWER 0x0A /* transmit power level */
315 #define EIR_DEVICE_ID 0x10 /* device ID */
317 #define PNP_INFO_SVCLASS_ID 0x1200
319 static u8 bluetooth_base_uuid[] = {
320 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
321 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
324 static u16 get_uuid16(u8 *uuid128)
329 for (i = 0; i < 12; i++) {
330 if (bluetooth_base_uuid[i] != uuid128[i])
334 memcpy(&val, &uuid128[12], 4);
336 val = le32_to_cpu(val);
343 static void create_eir(struct hci_dev *hdev, u8 *data)
347 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
348 int i, truncated = 0;
349 struct bt_uuid *uuid;
352 name_len = strlen(hdev->dev_name);
358 ptr[1] = EIR_NAME_SHORT;
360 ptr[1] = EIR_NAME_COMPLETE;
362 /* EIR Data length */
363 ptr[0] = name_len + 1;
365 memcpy(ptr + 2, hdev->dev_name, name_len);
367 eir_len += (name_len + 2);
368 ptr += (name_len + 2);
371 memset(uuid16_list, 0, sizeof(uuid16_list));
373 /* Group all UUID16 types */
374 list_for_each_entry(uuid, &hdev->uuids, list) {
377 uuid16 = get_uuid16(uuid->uuid);
384 if (uuid16 == PNP_INFO_SVCLASS_ID)
387 /* Stop if not enough space to put next UUID */
388 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
393 /* Check for duplicates */
394 for (i = 0; uuid16_list[i] != 0; i++)
395 if (uuid16_list[i] == uuid16)
398 if (uuid16_list[i] == 0) {
399 uuid16_list[i] = uuid16;
400 eir_len += sizeof(u16);
404 if (uuid16_list[0] != 0) {
408 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
413 for (i = 0; uuid16_list[i] != 0; i++) {
414 *ptr++ = (uuid16_list[i] & 0x00ff);
415 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
418 /* EIR Data length */
419 *length = (i * sizeof(u16)) + 1;
423 static int update_eir(struct hci_dev *hdev)
425 struct hci_cp_write_eir cp;
427 if (!(hdev->features[6] & LMP_EXT_INQ))
430 if (hdev->ssp_mode == 0)
433 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
436 memset(&cp, 0, sizeof(cp));
438 create_eir(hdev, cp.data);
440 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
443 memcpy(hdev->eir, cp.data, sizeof(cp.data));
445 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
448 static u8 get_service_classes(struct hci_dev *hdev)
450 struct bt_uuid *uuid;
453 list_for_each_entry(uuid, &hdev->uuids, list)
454 val |= uuid->svc_hint;
459 static int update_class(struct hci_dev *hdev)
463 BT_DBG("%s", hdev->name);
465 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
468 cod[0] = hdev->minor_class;
469 cod[1] = hdev->major_class;
470 cod[2] = get_service_classes(hdev);
472 if (memcmp(cod, hdev->dev_class, 3) == 0)
475 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
478 static void service_cache_off(struct work_struct *work)
480 struct hci_dev *hdev = container_of(work, struct hci_dev,
483 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->flags))
491 hci_dev_unlock(hdev);
494 static void mgmt_init_hdev(struct hci_dev *hdev)
496 if (!test_and_set_bit(HCI_MGMT, &hdev->flags))
497 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
499 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->flags))
500 schedule_delayed_work(&hdev->service_cache,
501 msecs_to_jiffies(SERVICE_CACHE_TIMEOUT));
504 static int read_controller_info(struct sock *sk, u16 index)
506 struct mgmt_rp_read_info rp;
507 struct hci_dev *hdev;
509 BT_DBG("sock %p hci%u", sk, index);
511 hdev = hci_dev_get(index);
513 return cmd_status(sk, index, MGMT_OP_READ_INFO,
514 MGMT_STATUS_INVALID_PARAMS);
516 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->flags))
517 cancel_delayed_work_sync(&hdev->power_off);
521 if (test_and_clear_bit(HCI_PI_MGMT_INIT, &hci_pi(sk)->flags))
522 mgmt_init_hdev(hdev);
524 memset(&rp, 0, sizeof(rp));
526 bacpy(&rp.bdaddr, &hdev->bdaddr);
528 rp.version = hdev->hci_ver;
530 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
532 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
533 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
535 memcpy(rp.dev_class, hdev->dev_class, 3);
537 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
539 hci_dev_unlock(hdev);
542 return cmd_complete(sk, index, MGMT_OP_READ_INFO, &rp, sizeof(rp));
545 static void mgmt_pending_free(struct pending_cmd *cmd)
552 static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
553 struct hci_dev *hdev,
556 struct pending_cmd *cmd;
558 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
562 cmd->opcode = opcode;
563 cmd->index = hdev->id;
565 cmd->param = kmalloc(len, GFP_ATOMIC);
572 memcpy(cmd->param, data, len);
577 list_add(&cmd->list, &hdev->mgmt_pending);
582 static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
583 void (*cb)(struct pending_cmd *cmd, void *data),
586 struct list_head *p, *n;
588 list_for_each_safe(p, n, &hdev->mgmt_pending) {
589 struct pending_cmd *cmd;
591 cmd = list_entry(p, struct pending_cmd, list);
593 if (opcode > 0 && cmd->opcode != opcode)
600 static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
602 struct pending_cmd *cmd;
604 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
605 if (cmd->opcode == opcode)
612 static void mgmt_pending_remove(struct pending_cmd *cmd)
614 list_del(&cmd->list);
615 mgmt_pending_free(cmd);
618 static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
620 __le32 settings = cpu_to_le32(get_current_settings(hdev));
622 return cmd_complete(sk, hdev->id, opcode, &settings, sizeof(settings));
625 static int set_powered(struct sock *sk, u16 index, unsigned char *data, u16 len)
627 struct mgmt_mode *cp;
628 struct hci_dev *hdev;
629 struct pending_cmd *cmd;
634 BT_DBG("request for hci%u", index);
636 if (len != sizeof(*cp))
637 return cmd_status(sk, index, MGMT_OP_SET_POWERED,
638 MGMT_STATUS_INVALID_PARAMS);
640 hdev = hci_dev_get(index);
642 return cmd_status(sk, index, MGMT_OP_SET_POWERED,
643 MGMT_STATUS_INVALID_PARAMS);
647 up = test_bit(HCI_UP, &hdev->flags);
648 if ((cp->val && up) || (!cp->val && !up)) {
649 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
653 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
654 err = cmd_status(sk, index, MGMT_OP_SET_POWERED,
659 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
666 schedule_work(&hdev->power_on);
668 schedule_work(&hdev->power_off.work);
673 hci_dev_unlock(hdev);
678 static int set_discoverable(struct sock *sk, u16 index, unsigned char *data,
681 struct mgmt_cp_set_discoverable *cp;
682 struct hci_dev *hdev;
683 struct pending_cmd *cmd;
689 BT_DBG("request for hci%u", index);
691 if (len != sizeof(*cp))
692 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
693 MGMT_STATUS_INVALID_PARAMS);
695 hdev = hci_dev_get(index);
697 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
698 MGMT_STATUS_INVALID_PARAMS);
702 if (!test_bit(HCI_UP, &hdev->flags)) {
703 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
704 MGMT_STATUS_NOT_POWERED);
708 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
709 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
710 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
715 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
716 test_bit(HCI_PSCAN, &hdev->flags)) {
717 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
721 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
730 scan |= SCAN_INQUIRY;
732 cancel_delayed_work(&hdev->discov_off);
734 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
736 mgmt_pending_remove(cmd);
739 hdev->discov_timeout = get_unaligned_le16(&cp->timeout);
742 hci_dev_unlock(hdev);
748 static int set_connectable(struct sock *sk, u16 index, unsigned char *data,
751 struct mgmt_mode *cp;
752 struct hci_dev *hdev;
753 struct pending_cmd *cmd;
759 BT_DBG("request for hci%u", index);
761 if (len != sizeof(*cp))
762 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
763 MGMT_STATUS_INVALID_PARAMS);
765 hdev = hci_dev_get(index);
767 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
768 MGMT_STATUS_INVALID_PARAMS);
772 if (!test_bit(HCI_UP, &hdev->flags)) {
773 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
774 MGMT_STATUS_NOT_POWERED);
778 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
779 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
780 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
785 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
786 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
790 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
801 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
803 mgmt_pending_remove(cmd);
806 hci_dev_unlock(hdev);
812 static int mgmt_event(u16 event, struct hci_dev *hdev, void *data,
813 u16 data_len, struct sock *skip_sk)
816 struct mgmt_hdr *hdr;
818 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
822 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL;
824 hdr = (void *) skb_put(skb, sizeof(*hdr));
825 hdr->opcode = cpu_to_le16(event);
827 hdr->index = cpu_to_le16(hdev->id);
829 hdr->index = cpu_to_le16(MGMT_INDEX_NONE);
830 hdr->len = cpu_to_le16(data_len);
833 memcpy(skb_put(skb, data_len), data, data_len);
835 hci_send_to_sock(NULL, skb, skip_sk);
841 static int set_pairable(struct sock *sk, u16 index, unsigned char *data,
844 struct mgmt_mode *cp;
845 struct hci_dev *hdev;
851 BT_DBG("request for hci%u", index);
853 if (len != sizeof(*cp))
854 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE,
855 MGMT_STATUS_INVALID_PARAMS);
857 hdev = hci_dev_get(index);
859 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE,
860 MGMT_STATUS_INVALID_PARAMS);
865 set_bit(HCI_PAIRABLE, &hdev->flags);
867 clear_bit(HCI_PAIRABLE, &hdev->flags);
869 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
873 ev = cpu_to_le32(get_current_settings(hdev));
875 err = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), sk);
878 hci_dev_unlock(hdev);
884 static int add_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
886 struct mgmt_cp_add_uuid *cp;
887 struct hci_dev *hdev;
888 struct bt_uuid *uuid;
893 BT_DBG("request for hci%u", index);
895 if (len != sizeof(*cp))
896 return cmd_status(sk, index, MGMT_OP_ADD_UUID,
897 MGMT_STATUS_INVALID_PARAMS);
899 hdev = hci_dev_get(index);
901 return cmd_status(sk, index, MGMT_OP_ADD_UUID,
902 MGMT_STATUS_INVALID_PARAMS);
906 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
912 memcpy(uuid->uuid, cp->uuid, 16);
913 uuid->svc_hint = cp->svc_hint;
915 list_add(&uuid->list, &hdev->uuids);
917 err = update_class(hdev);
921 err = update_eir(hdev);
925 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, NULL, 0);
928 hci_dev_unlock(hdev);
934 static int remove_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
936 struct list_head *p, *n;
937 struct mgmt_cp_remove_uuid *cp;
938 struct hci_dev *hdev;
939 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
944 BT_DBG("request for hci%u", index);
946 if (len != sizeof(*cp))
947 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
948 MGMT_STATUS_INVALID_PARAMS);
950 hdev = hci_dev_get(index);
952 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
953 MGMT_STATUS_INVALID_PARAMS);
957 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
958 err = hci_uuids_clear(hdev);
964 list_for_each_safe(p, n, &hdev->uuids) {
965 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
967 if (memcmp(match->uuid, cp->uuid, 16) != 0)
970 list_del(&match->list);
975 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
976 MGMT_STATUS_INVALID_PARAMS);
980 err = update_class(hdev);
984 err = update_eir(hdev);
988 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, NULL, 0);
991 hci_dev_unlock(hdev);
997 static int set_dev_class(struct sock *sk, u16 index, unsigned char *data,
1000 struct hci_dev *hdev;
1001 struct mgmt_cp_set_dev_class *cp;
1006 BT_DBG("request for hci%u", index);
1008 if (len != sizeof(*cp))
1009 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
1010 MGMT_STATUS_INVALID_PARAMS);
1012 hdev = hci_dev_get(index);
1014 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
1015 MGMT_STATUS_INVALID_PARAMS);
1019 hdev->major_class = cp->major;
1020 hdev->minor_class = cp->minor;
1022 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->flags)) {
1023 hci_dev_unlock(hdev);
1024 cancel_delayed_work_sync(&hdev->service_cache);
1029 err = update_class(hdev);
1032 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, NULL, 0);
1034 hci_dev_unlock(hdev);
1040 static int load_link_keys(struct sock *sk, u16 index, unsigned char *data,
1043 struct hci_dev *hdev;
1044 struct mgmt_cp_load_link_keys *cp;
1045 u16 key_count, expected_len;
1050 if (len < sizeof(*cp))
1051 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1052 MGMT_STATUS_INVALID_PARAMS);
1054 key_count = get_unaligned_le16(&cp->key_count);
1056 expected_len = sizeof(*cp) + key_count *
1057 sizeof(struct mgmt_link_key_info);
1058 if (expected_len != len) {
1059 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
1061 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1062 MGMT_STATUS_INVALID_PARAMS);
1065 hdev = hci_dev_get(index);
1067 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1068 MGMT_STATUS_INVALID_PARAMS);
1070 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys,
1075 hci_link_keys_clear(hdev);
1077 set_bit(HCI_LINK_KEYS, &hdev->flags);
1080 set_bit(HCI_DEBUG_KEYS, &hdev->flags);
1082 clear_bit(HCI_DEBUG_KEYS, &hdev->flags);
1084 for (i = 0; i < key_count; i++) {
1085 struct mgmt_link_key_info *key = &cp->keys[i];
1087 hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type,
1091 cmd_complete(sk, index, MGMT_OP_LOAD_LINK_KEYS, NULL, 0);
1093 hci_dev_unlock(hdev);
1099 static int remove_keys(struct sock *sk, u16 index, unsigned char *data,
1102 struct hci_dev *hdev;
1103 struct mgmt_cp_remove_keys *cp;
1104 struct mgmt_rp_remove_keys rp;
1105 struct hci_cp_disconnect dc;
1106 struct pending_cmd *cmd;
1107 struct hci_conn *conn;
1112 if (len != sizeof(*cp))
1113 return cmd_status(sk, index, MGMT_OP_REMOVE_KEYS,
1114 MGMT_STATUS_INVALID_PARAMS);
1116 hdev = hci_dev_get(index);
1118 return cmd_status(sk, index, MGMT_OP_REMOVE_KEYS,
1119 MGMT_STATUS_INVALID_PARAMS);
1123 memset(&rp, 0, sizeof(rp));
1124 bacpy(&rp.bdaddr, &cp->bdaddr);
1125 rp.status = MGMT_STATUS_FAILED;
1127 err = hci_remove_link_key(hdev, &cp->bdaddr);
1129 rp.status = MGMT_STATUS_NOT_PAIRED;
1133 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect) {
1134 err = cmd_complete(sk, index, MGMT_OP_REMOVE_KEYS, &rp,
1139 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1141 err = cmd_complete(sk, index, MGMT_OP_REMOVE_KEYS, &rp,
1146 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_KEYS, hdev, cp, sizeof(*cp));
1152 put_unaligned_le16(conn->handle, &dc.handle);
1153 dc.reason = 0x13; /* Remote User Terminated Connection */
1154 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1156 mgmt_pending_remove(cmd);
1160 err = cmd_complete(sk, index, MGMT_OP_REMOVE_KEYS, &rp,
1162 hci_dev_unlock(hdev);
1168 static int disconnect(struct sock *sk, u16 index, unsigned char *data, u16 len)
1170 struct hci_dev *hdev;
1171 struct mgmt_cp_disconnect *cp;
1172 struct hci_cp_disconnect dc;
1173 struct pending_cmd *cmd;
1174 struct hci_conn *conn;
1181 if (len != sizeof(*cp))
1182 return cmd_status(sk, index, MGMT_OP_DISCONNECT,
1183 MGMT_STATUS_INVALID_PARAMS);
1185 hdev = hci_dev_get(index);
1187 return cmd_status(sk, index, MGMT_OP_DISCONNECT,
1188 MGMT_STATUS_INVALID_PARAMS);
1192 if (!test_bit(HCI_UP, &hdev->flags)) {
1193 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1194 MGMT_STATUS_NOT_POWERED);
1198 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
1199 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1204 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1206 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->bdaddr);
1209 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1210 MGMT_STATUS_NOT_CONNECTED);
1214 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
1220 put_unaligned_le16(conn->handle, &dc.handle);
1221 dc.reason = 0x13; /* Remote User Terminated Connection */
1223 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1225 mgmt_pending_remove(cmd);
1228 hci_dev_unlock(hdev);
1234 static u8 link_to_mgmt(u8 link_type, u8 addr_type)
1236 switch (link_type) {
1238 switch (addr_type) {
1239 case ADDR_LE_DEV_PUBLIC:
1240 return MGMT_ADDR_LE_PUBLIC;
1241 case ADDR_LE_DEV_RANDOM:
1242 return MGMT_ADDR_LE_RANDOM;
1244 return MGMT_ADDR_INVALID;
1247 return MGMT_ADDR_BREDR;
1249 return MGMT_ADDR_INVALID;
1253 static int get_connections(struct sock *sk, u16 index)
1255 struct mgmt_rp_get_connections *rp;
1256 struct hci_dev *hdev;
1258 struct list_head *p;
1265 hdev = hci_dev_get(index);
1267 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS,
1268 MGMT_STATUS_INVALID_PARAMS);
1273 list_for_each(p, &hdev->conn_hash.list) {
1277 rp_len = sizeof(*rp) + (count * sizeof(struct mgmt_addr_info));
1278 rp = kmalloc(rp_len, GFP_ATOMIC);
1284 put_unaligned_le16(count, &rp->conn_count);
1287 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1288 bacpy(&rp->addr[i].bdaddr, &c->dst);
1289 rp->addr[i].type = link_to_mgmt(c->type, c->dst_type);
1290 if (rp->addr[i].type == MGMT_ADDR_INVALID)
1295 /* Recalculate length in case of filtered SCO connections, etc */
1296 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
1298 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, rp, rp_len);
1302 hci_dev_unlock(hdev);
1307 static int send_pin_code_neg_reply(struct sock *sk, u16 index,
1308 struct hci_dev *hdev, struct mgmt_cp_pin_code_neg_reply *cp)
1310 struct pending_cmd *cmd;
1313 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
1318 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, sizeof(cp->bdaddr),
1321 mgmt_pending_remove(cmd);
1326 static int pin_code_reply(struct sock *sk, u16 index, unsigned char *data,
1329 struct hci_dev *hdev;
1330 struct hci_conn *conn;
1331 struct mgmt_cp_pin_code_reply *cp;
1332 struct mgmt_cp_pin_code_neg_reply ncp;
1333 struct hci_cp_pin_code_reply reply;
1334 struct pending_cmd *cmd;
1341 if (len != sizeof(*cp))
1342 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1343 MGMT_STATUS_INVALID_PARAMS);
1345 hdev = hci_dev_get(index);
1347 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1348 MGMT_STATUS_INVALID_PARAMS);
1352 if (!test_bit(HCI_UP, &hdev->flags)) {
1353 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1354 MGMT_STATUS_NOT_POWERED);
1358 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1360 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1361 MGMT_STATUS_NOT_CONNECTED);
1365 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
1366 bacpy(&ncp.bdaddr, &cp->bdaddr);
1368 BT_ERR("PIN code is not 16 bytes long");
1370 err = send_pin_code_neg_reply(sk, index, hdev, &ncp);
1372 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1373 MGMT_STATUS_INVALID_PARAMS);
1378 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
1384 bacpy(&reply.bdaddr, &cp->bdaddr);
1385 reply.pin_len = cp->pin_len;
1386 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
1388 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1390 mgmt_pending_remove(cmd);
1393 hci_dev_unlock(hdev);
1399 static int pin_code_neg_reply(struct sock *sk, u16 index, unsigned char *data,
1402 struct hci_dev *hdev;
1403 struct mgmt_cp_pin_code_neg_reply *cp;
1410 if (len != sizeof(*cp))
1411 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1412 MGMT_STATUS_INVALID_PARAMS);
1414 hdev = hci_dev_get(index);
1416 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1417 MGMT_STATUS_INVALID_PARAMS);
1421 if (!test_bit(HCI_UP, &hdev->flags)) {
1422 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1423 MGMT_STATUS_NOT_POWERED);
1427 err = send_pin_code_neg_reply(sk, index, hdev, cp);
1430 hci_dev_unlock(hdev);
1436 static int set_io_capability(struct sock *sk, u16 index, unsigned char *data,
1439 struct hci_dev *hdev;
1440 struct mgmt_cp_set_io_capability *cp;
1446 if (len != sizeof(*cp))
1447 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY,
1448 MGMT_STATUS_INVALID_PARAMS);
1450 hdev = hci_dev_get(index);
1452 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY,
1453 MGMT_STATUS_INVALID_PARAMS);
1457 hdev->io_capability = cp->io_capability;
1459 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
1460 hdev->io_capability);
1462 hci_dev_unlock(hdev);
1465 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, NULL, 0);
1468 static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1470 struct hci_dev *hdev = conn->hdev;
1471 struct pending_cmd *cmd;
1473 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
1474 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1477 if (cmd->user_data != conn)
1486 static void pairing_complete(struct pending_cmd *cmd, u8 status)
1488 struct mgmt_rp_pair_device rp;
1489 struct hci_conn *conn = cmd->user_data;
1491 bacpy(&rp.addr.bdaddr, &conn->dst);
1492 rp.addr.type = link_to_mgmt(conn->type, conn->dst_type);
1495 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, &rp, sizeof(rp));
1497 /* So we don't get further callbacks for this connection */
1498 conn->connect_cfm_cb = NULL;
1499 conn->security_cfm_cb = NULL;
1500 conn->disconn_cfm_cb = NULL;
1504 mgmt_pending_remove(cmd);
1507 static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1509 struct pending_cmd *cmd;
1511 BT_DBG("status %u", status);
1513 cmd = find_pairing(conn);
1515 BT_DBG("Unable to find a pending command");
1517 pairing_complete(cmd, status);
1520 static int pair_device(struct sock *sk, u16 index, unsigned char *data, u16 len)
1522 struct hci_dev *hdev;
1523 struct mgmt_cp_pair_device *cp;
1524 struct mgmt_rp_pair_device rp;
1525 struct pending_cmd *cmd;
1526 u8 sec_level, auth_type;
1527 struct hci_conn *conn;
1534 if (len != sizeof(*cp))
1535 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
1536 MGMT_STATUS_INVALID_PARAMS);
1538 hdev = hci_dev_get(index);
1540 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
1541 MGMT_STATUS_INVALID_PARAMS);
1545 sec_level = BT_SECURITY_MEDIUM;
1546 if (cp->io_cap == 0x03)
1547 auth_type = HCI_AT_DEDICATED_BONDING;
1549 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
1551 if (cp->addr.type == MGMT_ADDR_BREDR)
1552 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr, sec_level,
1555 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr, sec_level,
1558 memset(&rp, 0, sizeof(rp));
1559 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1560 rp.addr.type = cp->addr.type;
1563 rp.status = -PTR_ERR(conn);
1564 err = cmd_complete(sk, index, MGMT_OP_PAIR_DEVICE,
1569 if (conn->connect_cfm_cb) {
1572 err = cmd_complete(sk, index, MGMT_OP_PAIR_DEVICE,
1577 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
1584 /* For LE, just connecting isn't a proof that the pairing finished */
1585 if (cp->addr.type == MGMT_ADDR_BREDR)
1586 conn->connect_cfm_cb = pairing_complete_cb;
1588 conn->security_cfm_cb = pairing_complete_cb;
1589 conn->disconn_cfm_cb = pairing_complete_cb;
1590 conn->io_capability = cp->io_cap;
1591 cmd->user_data = conn;
1593 if (conn->state == BT_CONNECTED &&
1594 hci_conn_security(conn, sec_level, auth_type))
1595 pairing_complete(cmd, 0);
1600 hci_dev_unlock(hdev);
1606 static int user_pairing_resp(struct sock *sk, u16 index, bdaddr_t *bdaddr,
1607 u16 mgmt_op, u16 hci_op, __le32 passkey)
1609 struct pending_cmd *cmd;
1610 struct hci_dev *hdev;
1611 struct hci_conn *conn;
1614 hdev = hci_dev_get(index);
1616 return cmd_status(sk, index, mgmt_op,
1617 MGMT_STATUS_INVALID_PARAMS);
1621 if (!test_bit(HCI_UP, &hdev->flags)) {
1622 err = cmd_status(sk, index, mgmt_op, MGMT_STATUS_NOT_POWERED);
1627 * Check for an existing ACL link, if present pair via
1630 * If no ACL link is present, check for an LE link and if
1631 * present, pair via the SMP engine.
1633 * If neither ACL nor LE links are present, fail with error.
1635 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, bdaddr);
1637 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, bdaddr);
1639 err = cmd_status(sk, index, mgmt_op,
1640 MGMT_STATUS_NOT_CONNECTED);
1644 /* Continue with pairing via SMP */
1646 err = cmd_status(sk, index, mgmt_op, MGMT_STATUS_SUCCESS);
1650 cmd = mgmt_pending_add(sk, mgmt_op, hdev, bdaddr, sizeof(*bdaddr));
1656 /* Continue with pairing via HCI */
1657 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
1658 struct hci_cp_user_passkey_reply cp;
1660 bacpy(&cp.bdaddr, bdaddr);
1661 cp.passkey = passkey;
1662 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
1664 err = hci_send_cmd(hdev, hci_op, sizeof(*bdaddr), bdaddr);
1667 mgmt_pending_remove(cmd);
1670 hci_dev_unlock(hdev);
1676 static int user_confirm_reply(struct sock *sk, u16 index, void *data, u16 len)
1678 struct mgmt_cp_user_confirm_reply *cp = (void *) data;
1682 if (len != sizeof(*cp))
1683 return cmd_status(sk, index, MGMT_OP_USER_CONFIRM_REPLY,
1684 MGMT_STATUS_INVALID_PARAMS);
1686 return user_pairing_resp(sk, index, &cp->bdaddr,
1687 MGMT_OP_USER_CONFIRM_REPLY,
1688 HCI_OP_USER_CONFIRM_REPLY, 0);
1691 static int user_confirm_neg_reply(struct sock *sk, u16 index, void *data,
1694 struct mgmt_cp_user_confirm_neg_reply *cp = data;
1698 if (len != sizeof(*cp))
1699 return cmd_status(sk, index, MGMT_OP_USER_CONFIRM_NEG_REPLY,
1700 MGMT_STATUS_INVALID_PARAMS);
1702 return user_pairing_resp(sk, index, &cp->bdaddr,
1703 MGMT_OP_USER_CONFIRM_NEG_REPLY,
1704 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
1707 static int user_passkey_reply(struct sock *sk, u16 index, void *data, u16 len)
1709 struct mgmt_cp_user_passkey_reply *cp = (void *) data;
1713 if (len != sizeof(*cp))
1714 return cmd_status(sk, index, MGMT_OP_USER_PASSKEY_REPLY,
1717 return user_pairing_resp(sk, index, &cp->bdaddr,
1718 MGMT_OP_USER_PASSKEY_REPLY,
1719 HCI_OP_USER_PASSKEY_REPLY, cp->passkey);
1722 static int user_passkey_neg_reply(struct sock *sk, u16 index, void *data,
1725 struct mgmt_cp_user_passkey_neg_reply *cp = (void *) data;
1729 if (len != sizeof(*cp))
1730 return cmd_status(sk, index, MGMT_OP_USER_PASSKEY_NEG_REPLY,
1733 return user_pairing_resp(sk, index, &cp->bdaddr,
1734 MGMT_OP_USER_PASSKEY_NEG_REPLY,
1735 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
1738 static int set_local_name(struct sock *sk, u16 index, unsigned char *data,
1741 struct mgmt_cp_set_local_name *mgmt_cp = (void *) data;
1742 struct hci_cp_write_local_name hci_cp;
1743 struct hci_dev *hdev;
1744 struct pending_cmd *cmd;
1749 if (len != sizeof(*mgmt_cp))
1750 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME,
1751 MGMT_STATUS_INVALID_PARAMS);
1753 hdev = hci_dev_get(index);
1755 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME,
1756 MGMT_STATUS_INVALID_PARAMS);
1760 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
1766 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name));
1767 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp),
1770 mgmt_pending_remove(cmd);
1773 hci_dev_unlock(hdev);
1779 static int read_local_oob_data(struct sock *sk, u16 index)
1781 struct hci_dev *hdev;
1782 struct pending_cmd *cmd;
1785 BT_DBG("hci%u", index);
1787 hdev = hci_dev_get(index);
1789 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1790 MGMT_STATUS_INVALID_PARAMS);
1794 if (!test_bit(HCI_UP, &hdev->flags)) {
1795 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1796 MGMT_STATUS_NOT_POWERED);
1800 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
1801 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1802 MGMT_STATUS_NOT_SUPPORTED);
1806 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
1807 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1812 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
1818 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
1820 mgmt_pending_remove(cmd);
1823 hci_dev_unlock(hdev);
1829 static int add_remote_oob_data(struct sock *sk, u16 index, unsigned char *data,
1832 struct hci_dev *hdev;
1833 struct mgmt_cp_add_remote_oob_data *cp = (void *) data;
1836 BT_DBG("hci%u ", index);
1838 if (len != sizeof(*cp))
1839 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1840 MGMT_STATUS_INVALID_PARAMS);
1842 hdev = hci_dev_get(index);
1844 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1845 MGMT_STATUS_INVALID_PARAMS);
1849 err = hci_add_remote_oob_data(hdev, &cp->bdaddr, cp->hash,
1852 err = cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1853 MGMT_STATUS_FAILED);
1855 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, NULL,
1858 hci_dev_unlock(hdev);
1864 static int remove_remote_oob_data(struct sock *sk, u16 index,
1865 unsigned char *data, u16 len)
1867 struct hci_dev *hdev;
1868 struct mgmt_cp_remove_remote_oob_data *cp = (void *) data;
1871 BT_DBG("hci%u ", index);
1873 if (len != sizeof(*cp))
1874 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1875 MGMT_STATUS_INVALID_PARAMS);
1877 hdev = hci_dev_get(index);
1879 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1880 MGMT_STATUS_INVALID_PARAMS);
1884 err = hci_remove_remote_oob_data(hdev, &cp->bdaddr);
1886 err = cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1887 MGMT_STATUS_INVALID_PARAMS);
1889 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1892 hci_dev_unlock(hdev);
1898 static int start_discovery(struct sock *sk, u16 index,
1899 unsigned char *data, u16 len)
1901 struct mgmt_cp_start_discovery *cp = (void *) data;
1902 struct pending_cmd *cmd;
1903 struct hci_dev *hdev;
1906 BT_DBG("hci%u", index);
1908 if (len != sizeof(*cp))
1909 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
1910 MGMT_STATUS_INVALID_PARAMS);
1912 hdev = hci_dev_get(index);
1914 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
1915 MGMT_STATUS_INVALID_PARAMS);
1919 if (!test_bit(HCI_UP, &hdev->flags)) {
1920 err = cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
1921 MGMT_STATUS_NOT_POWERED);
1925 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
1931 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
1933 mgmt_pending_remove(cmd);
1936 hci_dev_unlock(hdev);
1942 static int stop_discovery(struct sock *sk, u16 index)
1944 struct hci_dev *hdev;
1945 struct pending_cmd *cmd;
1948 BT_DBG("hci%u", index);
1950 hdev = hci_dev_get(index);
1952 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY,
1953 MGMT_STATUS_INVALID_PARAMS);
1957 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
1963 err = hci_cancel_inquiry(hdev);
1965 mgmt_pending_remove(cmd);
1968 hci_dev_unlock(hdev);
1974 static int block_device(struct sock *sk, u16 index, unsigned char *data,
1977 struct hci_dev *hdev;
1978 struct mgmt_cp_block_device *cp = (void *) data;
1981 BT_DBG("hci%u", index);
1983 if (len != sizeof(*cp))
1984 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1985 MGMT_STATUS_INVALID_PARAMS);
1987 hdev = hci_dev_get(index);
1989 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1990 MGMT_STATUS_INVALID_PARAMS);
1994 err = hci_blacklist_add(hdev, &cp->bdaddr);
1996 err = cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1997 MGMT_STATUS_FAILED);
1999 err = cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE,
2002 hci_dev_unlock(hdev);
2008 static int unblock_device(struct sock *sk, u16 index, unsigned char *data,
2011 struct hci_dev *hdev;
2012 struct mgmt_cp_unblock_device *cp = (void *) data;
2015 BT_DBG("hci%u", index);
2017 if (len != sizeof(*cp))
2018 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2019 MGMT_STATUS_INVALID_PARAMS);
2021 hdev = hci_dev_get(index);
2023 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2024 MGMT_STATUS_INVALID_PARAMS);
2028 err = hci_blacklist_del(hdev, &cp->bdaddr);
2031 err = cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2032 MGMT_STATUS_INVALID_PARAMS);
2034 err = cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2037 hci_dev_unlock(hdev);
2043 static int set_fast_connectable(struct sock *sk, u16 index,
2044 unsigned char *data, u16 len)
2046 struct hci_dev *hdev;
2047 struct mgmt_mode *cp = (void *) data;
2048 struct hci_cp_write_page_scan_activity acp;
2052 BT_DBG("hci%u", index);
2054 if (len != sizeof(*cp))
2055 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2056 MGMT_STATUS_INVALID_PARAMS);
2058 hdev = hci_dev_get(index);
2060 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2061 MGMT_STATUS_INVALID_PARAMS);
2066 type = PAGE_SCAN_TYPE_INTERLACED;
2067 acp.interval = 0x0024; /* 22.5 msec page scan interval */
2069 type = PAGE_SCAN_TYPE_STANDARD; /* default */
2070 acp.interval = 0x0800; /* default 1.28 sec page scan */
2073 acp.window = 0x0012; /* default 11.25 msec page scan window */
2075 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
2078 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2079 MGMT_STATUS_FAILED);
2083 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
2085 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2086 MGMT_STATUS_FAILED);
2090 err = cmd_complete(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2093 hci_dev_unlock(hdev);
2099 int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
2102 struct mgmt_hdr *hdr;
2103 u16 opcode, index, len;
2106 BT_DBG("got %zu bytes", msglen);
2108 if (msglen < sizeof(*hdr))
2111 buf = kmalloc(msglen, GFP_KERNEL);
2115 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
2120 hdr = (struct mgmt_hdr *) buf;
2121 opcode = get_unaligned_le16(&hdr->opcode);
2122 index = get_unaligned_le16(&hdr->index);
2123 len = get_unaligned_le16(&hdr->len);
2125 if (len != msglen - sizeof(*hdr)) {
2131 case MGMT_OP_READ_VERSION:
2132 err = read_version(sk);
2134 case MGMT_OP_READ_INDEX_LIST:
2135 err = read_index_list(sk);
2137 case MGMT_OP_READ_INFO:
2138 err = read_controller_info(sk, index);
2140 case MGMT_OP_SET_POWERED:
2141 err = set_powered(sk, index, buf + sizeof(*hdr), len);
2143 case MGMT_OP_SET_DISCOVERABLE:
2144 err = set_discoverable(sk, index, buf + sizeof(*hdr), len);
2146 case MGMT_OP_SET_CONNECTABLE:
2147 err = set_connectable(sk, index, buf + sizeof(*hdr), len);
2149 case MGMT_OP_SET_FAST_CONNECTABLE:
2150 err = set_fast_connectable(sk, index, buf + sizeof(*hdr),
2153 case MGMT_OP_SET_PAIRABLE:
2154 err = set_pairable(sk, index, buf + sizeof(*hdr), len);
2156 case MGMT_OP_ADD_UUID:
2157 err = add_uuid(sk, index, buf + sizeof(*hdr), len);
2159 case MGMT_OP_REMOVE_UUID:
2160 err = remove_uuid(sk, index, buf + sizeof(*hdr), len);
2162 case MGMT_OP_SET_DEV_CLASS:
2163 err = set_dev_class(sk, index, buf + sizeof(*hdr), len);
2165 case MGMT_OP_LOAD_LINK_KEYS:
2166 err = load_link_keys(sk, index, buf + sizeof(*hdr), len);
2168 case MGMT_OP_REMOVE_KEYS:
2169 err = remove_keys(sk, index, buf + sizeof(*hdr), len);
2171 case MGMT_OP_DISCONNECT:
2172 err = disconnect(sk, index, buf + sizeof(*hdr), len);
2174 case MGMT_OP_GET_CONNECTIONS:
2175 err = get_connections(sk, index);
2177 case MGMT_OP_PIN_CODE_REPLY:
2178 err = pin_code_reply(sk, index, buf + sizeof(*hdr), len);
2180 case MGMT_OP_PIN_CODE_NEG_REPLY:
2181 err = pin_code_neg_reply(sk, index, buf + sizeof(*hdr), len);
2183 case MGMT_OP_SET_IO_CAPABILITY:
2184 err = set_io_capability(sk, index, buf + sizeof(*hdr), len);
2186 case MGMT_OP_PAIR_DEVICE:
2187 err = pair_device(sk, index, buf + sizeof(*hdr), len);
2189 case MGMT_OP_USER_CONFIRM_REPLY:
2190 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len);
2192 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
2193 err = user_confirm_neg_reply(sk, index, buf + sizeof(*hdr),
2196 case MGMT_OP_USER_PASSKEY_REPLY:
2197 err = user_passkey_reply(sk, index, buf + sizeof(*hdr), len);
2199 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
2200 err = user_passkey_neg_reply(sk, index, buf + sizeof(*hdr),
2203 case MGMT_OP_SET_LOCAL_NAME:
2204 err = set_local_name(sk, index, buf + sizeof(*hdr), len);
2206 case MGMT_OP_READ_LOCAL_OOB_DATA:
2207 err = read_local_oob_data(sk, index);
2209 case MGMT_OP_ADD_REMOTE_OOB_DATA:
2210 err = add_remote_oob_data(sk, index, buf + sizeof(*hdr), len);
2212 case MGMT_OP_REMOVE_REMOTE_OOB_DATA:
2213 err = remove_remote_oob_data(sk, index, buf + sizeof(*hdr),
2216 case MGMT_OP_START_DISCOVERY:
2217 err = start_discovery(sk, index, buf + sizeof(*hdr), len);
2219 case MGMT_OP_STOP_DISCOVERY:
2220 err = stop_discovery(sk, index);
2222 case MGMT_OP_BLOCK_DEVICE:
2223 err = block_device(sk, index, buf + sizeof(*hdr), len);
2225 case MGMT_OP_UNBLOCK_DEVICE:
2226 err = unblock_device(sk, index, buf + sizeof(*hdr), len);
2229 BT_DBG("Unknown op %u", opcode);
2230 err = cmd_status(sk, index, opcode,
2231 MGMT_STATUS_UNKNOWN_COMMAND);
2245 static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
2249 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
2250 mgmt_pending_remove(cmd);
2253 int mgmt_index_added(struct hci_dev *hdev)
2255 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
2258 int mgmt_index_removed(struct hci_dev *hdev)
2262 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
2264 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
2270 struct hci_dev *hdev;
2273 static void settings_rsp(struct pending_cmd *cmd, void *data)
2275 struct cmd_lookup *match = data;
2277 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
2279 list_del(&cmd->list);
2281 if (match->sk == NULL) {
2282 match->sk = cmd->sk;
2283 sock_hold(match->sk);
2286 mgmt_pending_free(cmd);
2289 int mgmt_powered(struct hci_dev *hdev, u8 powered)
2291 struct cmd_lookup match = { powered, NULL, hdev };
2295 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
2298 u8 status = ENETDOWN;
2299 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
2302 ev = cpu_to_le32(get_current_settings(hdev));
2304 ret = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev),
2313 int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
2315 struct cmd_lookup match = { discoverable, NULL, hdev };
2319 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp, &match);
2321 ev = cpu_to_le32(get_current_settings(hdev));
2323 ret = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev),
2331 int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
2334 struct cmd_lookup match = { connectable, NULL, hdev };
2337 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, settings_rsp,
2340 ev = cpu_to_le32(get_current_settings(hdev));
2342 ret = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), match.sk);
2350 int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2352 u8 mgmt_err = mgmt_status(status);
2354 if (scan & SCAN_PAGE)
2355 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
2356 cmd_status_rsp, &mgmt_err);
2358 if (scan & SCAN_INQUIRY)
2359 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
2360 cmd_status_rsp, &mgmt_err);
2365 int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
2368 struct mgmt_ev_new_link_key ev;
2370 memset(&ev, 0, sizeof(ev));
2372 ev.store_hint = persistent;
2373 bacpy(&ev.key.bdaddr, &key->bdaddr);
2374 ev.key.type = key->type;
2375 memcpy(ev.key.val, key->val, 16);
2376 ev.key.pin_len = key->pin_len;
2378 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
2381 int mgmt_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2384 struct mgmt_addr_info ev;
2386 bacpy(&ev.bdaddr, bdaddr);
2387 ev.type = link_to_mgmt(link_type, addr_type);
2389 return mgmt_event(MGMT_EV_CONNECTED, hdev, &ev, sizeof(ev), NULL);
2392 static void disconnect_rsp(struct pending_cmd *cmd, void *data)
2394 struct mgmt_cp_disconnect *cp = cmd->param;
2395 struct sock **sk = data;
2396 struct mgmt_rp_disconnect rp;
2398 bacpy(&rp.bdaddr, &cp->bdaddr);
2401 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, &rp, sizeof(rp));
2406 mgmt_pending_remove(cmd);
2409 static void remove_keys_rsp(struct pending_cmd *cmd, void *data)
2412 struct mgmt_cp_remove_keys *cp = cmd->param;
2413 struct mgmt_rp_remove_keys rp;
2415 memset(&rp, 0, sizeof(rp));
2416 bacpy(&rp.bdaddr, &cp->bdaddr);
2418 rp.status = *status;
2420 cmd_complete(cmd->sk, cmd->index, MGMT_OP_REMOVE_KEYS, &rp,
2423 mgmt_pending_remove(cmd);
2426 int mgmt_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2429 struct mgmt_addr_info ev;
2430 struct sock *sk = NULL;
2433 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
2435 bacpy(&ev.bdaddr, bdaddr);
2436 ev.type = link_to_mgmt(link_type, addr_type);
2438 err = mgmt_event(MGMT_EV_DISCONNECTED, hdev, &ev, sizeof(ev), sk);
2443 mgmt_pending_foreach(MGMT_OP_REMOVE_KEYS, hdev, remove_keys_rsp, NULL);
2448 int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 status)
2450 struct pending_cmd *cmd;
2451 u8 mgmt_err = mgmt_status(status);
2454 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
2459 struct mgmt_rp_disconnect rp;
2461 bacpy(&rp.bdaddr, bdaddr);
2464 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
2467 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_DISCONNECT,
2470 mgmt_pending_remove(cmd);
2475 int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2476 u8 addr_type, u8 status)
2478 struct mgmt_ev_connect_failed ev;
2480 bacpy(&ev.addr.bdaddr, bdaddr);
2481 ev.addr.type = link_to_mgmt(link_type, addr_type);
2482 ev.status = mgmt_status(status);
2484 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
2487 int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
2489 struct mgmt_ev_pin_code_request ev;
2491 bacpy(&ev.bdaddr, bdaddr);
2494 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
2498 int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2501 struct pending_cmd *cmd;
2502 struct mgmt_rp_pin_code_reply rp;
2505 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
2509 bacpy(&rp.bdaddr, bdaddr);
2510 rp.status = mgmt_status(status);
2512 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY, &rp,
2515 mgmt_pending_remove(cmd);
2520 int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2523 struct pending_cmd *cmd;
2524 struct mgmt_rp_pin_code_reply rp;
2527 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
2531 bacpy(&rp.bdaddr, bdaddr);
2532 rp.status = mgmt_status(status);
2534 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY, &rp,
2537 mgmt_pending_remove(cmd);
2542 int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
2543 __le32 value, u8 confirm_hint)
2545 struct mgmt_ev_user_confirm_request ev;
2547 BT_DBG("%s", hdev->name);
2549 bacpy(&ev.bdaddr, bdaddr);
2550 ev.confirm_hint = confirm_hint;
2551 put_unaligned_le32(value, &ev.value);
2553 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
2557 int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr)
2559 struct mgmt_ev_user_passkey_request ev;
2561 BT_DBG("%s", hdev->name);
2563 bacpy(&ev.bdaddr, bdaddr);
2565 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
2569 static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2570 u8 status, u8 opcode)
2572 struct pending_cmd *cmd;
2573 struct mgmt_rp_user_confirm_reply rp;
2576 cmd = mgmt_pending_find(opcode, hdev);
2580 bacpy(&rp.bdaddr, bdaddr);
2581 rp.status = mgmt_status(status);
2582 err = cmd_complete(cmd->sk, hdev->id, opcode, &rp, sizeof(rp));
2584 mgmt_pending_remove(cmd);
2589 int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2592 return user_pairing_resp_complete(hdev, bdaddr, status,
2593 MGMT_OP_USER_CONFIRM_REPLY);
2596 int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev,
2597 bdaddr_t *bdaddr, u8 status)
2599 return user_pairing_resp_complete(hdev, bdaddr, status,
2600 MGMT_OP_USER_CONFIRM_NEG_REPLY);
2603 int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2606 return user_pairing_resp_complete(hdev, bdaddr, status,
2607 MGMT_OP_USER_PASSKEY_REPLY);
2610 int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev,
2611 bdaddr_t *bdaddr, u8 status)
2613 return user_pairing_resp_complete(hdev, bdaddr, status,
2614 MGMT_OP_USER_PASSKEY_NEG_REPLY);
2617 int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 status)
2619 struct mgmt_ev_auth_failed ev;
2621 bacpy(&ev.bdaddr, bdaddr);
2622 ev.status = mgmt_status(status);
2624 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2627 int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
2629 struct pending_cmd *cmd;
2630 struct mgmt_cp_set_local_name ev;
2633 memset(&ev, 0, sizeof(ev));
2634 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2636 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
2641 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
2642 mgmt_status(status));
2648 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, &ev,
2654 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev, sizeof(ev),
2655 cmd ? cmd->sk : NULL);
2659 mgmt_pending_remove(cmd);
2663 int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
2664 u8 *randomizer, u8 status)
2666 struct pending_cmd *cmd;
2669 BT_DBG("%s status %u", hdev->name, status);
2671 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
2676 err = cmd_status(cmd->sk, hdev->id,
2677 MGMT_OP_READ_LOCAL_OOB_DATA,
2678 mgmt_status(status));
2680 struct mgmt_rp_read_local_oob_data rp;
2682 memcpy(rp.hash, hash, sizeof(rp.hash));
2683 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
2685 err = cmd_complete(cmd->sk, hdev->id,
2686 MGMT_OP_READ_LOCAL_OOB_DATA,
2690 mgmt_pending_remove(cmd);
2695 int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2696 u8 addr_type, u8 *dev_class, s8 rssi, u8 *eir)
2698 struct mgmt_ev_device_found ev;
2700 memset(&ev, 0, sizeof(ev));
2702 bacpy(&ev.addr.bdaddr, bdaddr);
2703 ev.addr.type = link_to_mgmt(link_type, addr_type);
2707 memcpy(ev.eir, eir, sizeof(ev.eir));
2710 memcpy(ev.dev_class, dev_class, sizeof(ev.dev_class));
2712 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, &ev, sizeof(ev), NULL);
2715 int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 *name)
2717 struct mgmt_ev_remote_name ev;
2719 memset(&ev, 0, sizeof(ev));
2721 bacpy(&ev.bdaddr, bdaddr);
2722 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2724 return mgmt_event(MGMT_EV_REMOTE_NAME, hdev, &ev, sizeof(ev), NULL);
2727 int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
2729 struct pending_cmd *cmd;
2732 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
2736 err = cmd_status(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status));
2737 mgmt_pending_remove(cmd);
2742 int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
2744 struct pending_cmd *cmd;
2747 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
2751 err = cmd_status(cmd->sk, hdev->id, cmd->opcode, status);
2752 mgmt_pending_remove(cmd);
2757 int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
2759 struct pending_cmd *cmd;
2762 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
2764 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
2767 cmd_complete(cmd->sk, hdev->id, cmd->opcode, NULL, 0);
2768 mgmt_pending_remove(cmd);
2771 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &discovering,
2772 sizeof(discovering), NULL);
2775 int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr)
2777 struct pending_cmd *cmd;
2778 struct mgmt_ev_device_blocked ev;
2780 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
2782 bacpy(&ev.bdaddr, bdaddr);
2784 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
2785 cmd ? cmd->sk : NULL);
2788 int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr)
2790 struct pending_cmd *cmd;
2791 struct mgmt_ev_device_unblocked ev;
2793 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
2795 bacpy(&ev.bdaddr, bdaddr);
2797 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
2798 cmd ? cmd->sk : NULL);
projects / linux-2.6-block.git / blob