2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 /* Bluetooth HCI Management interface */
25 #include <linux/kernel.h>
26 #include <linux/uaccess.h>
27 #include <linux/module.h>
28 #include <asm/unaligned.h>
30 #include <net/bluetooth/bluetooth.h>
31 #include <net/bluetooth/hci_core.h>
32 #include <net/bluetooth/mgmt.h>
33 #include <net/bluetooth/smp.h>
35 #define MGMT_VERSION 0
36 #define MGMT_REVISION 1
38 #define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
40 #define SERVICE_CACHE_TIMEOUT (5 * 1000)
43 struct list_head list;
51 /* HCI to MGMT error code conversion table */
52 static u8 mgmt_status_table[] = {
54 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
55 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
56 MGMT_STATUS_FAILED, /* Hardware Failure */
57 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
58 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
59 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
60 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
61 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
62 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
63 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
64 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
65 MGMT_STATUS_BUSY, /* Command Disallowed */
66 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
67 MGMT_STATUS_REJECTED, /* Rejected Security */
68 MGMT_STATUS_REJECTED, /* Rejected Personal */
69 MGMT_STATUS_TIMEOUT, /* Host Timeout */
70 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
71 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
72 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
73 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
74 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
75 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
76 MGMT_STATUS_BUSY, /* Repeated Attempts */
77 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
78 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
79 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
80 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
81 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
82 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
83 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
84 MGMT_STATUS_FAILED, /* Unspecified Error */
85 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
86 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
87 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
88 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
89 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
90 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
91 MGMT_STATUS_FAILED, /* Unit Link Key Used */
92 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
93 MGMT_STATUS_TIMEOUT, /* Instant Passed */
94 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
95 MGMT_STATUS_FAILED, /* Transaction Collision */
96 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
97 MGMT_STATUS_REJECTED, /* QoS Rejected */
98 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
99 MGMT_STATUS_REJECTED, /* Insufficient Security */
100 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
101 MGMT_STATUS_BUSY, /* Role Switch Pending */
102 MGMT_STATUS_FAILED, /* Slot Violation */
103 MGMT_STATUS_FAILED, /* Role Switch Failed */
104 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
105 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
106 MGMT_STATUS_BUSY, /* Host Busy Pairing */
107 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
108 MGMT_STATUS_BUSY, /* Controller Busy */
109 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
110 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
111 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
112 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
113 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
116 static u8 mgmt_status(u8 hci_status)
118 if (hci_status < ARRAY_SIZE(mgmt_status_table))
119 return mgmt_status_table[hci_status];
121 return MGMT_STATUS_FAILED;
124 static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
127 struct mgmt_hdr *hdr;
128 struct mgmt_ev_cmd_status *ev;
131 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
133 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
137 hdr = (void *) skb_put(skb, sizeof(*hdr));
139 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
140 hdr->index = cpu_to_le16(index);
141 hdr->len = cpu_to_le16(sizeof(*ev));
143 ev = (void *) skb_put(skb, sizeof(*ev));
145 put_unaligned_le16(cmd, &ev->opcode);
147 err = sock_queue_rcv_skb(sk, skb);
154 static int cmd_complete(struct sock *sk, u16 index, u16 cmd, void *rp,
158 struct mgmt_hdr *hdr;
159 struct mgmt_ev_cmd_complete *ev;
162 BT_DBG("sock %p", sk);
164 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
168 hdr = (void *) skb_put(skb, sizeof(*hdr));
170 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
171 hdr->index = cpu_to_le16(index);
172 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
174 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
175 put_unaligned_le16(cmd, &ev->opcode);
178 memcpy(ev->data, rp, rp_len);
180 err = sock_queue_rcv_skb(sk, skb);
187 static int read_version(struct sock *sk)
189 struct mgmt_rp_read_version rp;
191 BT_DBG("sock %p", sk);
193 rp.version = MGMT_VERSION;
194 put_unaligned_le16(MGMT_REVISION, &rp.revision);
196 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, &rp,
200 static int read_index_list(struct sock *sk)
202 struct mgmt_rp_read_index_list *rp;
209 BT_DBG("sock %p", sk);
211 read_lock(&hci_dev_list_lock);
214 list_for_each(p, &hci_dev_list) {
218 rp_len = sizeof(*rp) + (2 * count);
219 rp = kmalloc(rp_len, GFP_ATOMIC);
221 read_unlock(&hci_dev_list_lock);
225 put_unaligned_le16(count, &rp->num_controllers);
228 list_for_each_entry(d, &hci_dev_list, list) {
229 if (test_and_clear_bit(HCI_AUTO_OFF, &d->dev_flags))
230 cancel_delayed_work(&d->power_off);
232 if (test_bit(HCI_SETUP, &d->dev_flags))
235 put_unaligned_le16(d->id, &rp->index[i++]);
236 BT_DBG("Added hci%u", d->id);
239 read_unlock(&hci_dev_list_lock);
241 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, rp,
249 static u32 get_supported_settings(struct hci_dev *hdev)
253 settings |= MGMT_SETTING_POWERED;
254 settings |= MGMT_SETTING_CONNECTABLE;
255 settings |= MGMT_SETTING_FAST_CONNECTABLE;
256 settings |= MGMT_SETTING_DISCOVERABLE;
257 settings |= MGMT_SETTING_PAIRABLE;
259 if (hdev->features[6] & LMP_SIMPLE_PAIR)
260 settings |= MGMT_SETTING_SSP;
262 if (!(hdev->features[4] & LMP_NO_BREDR)) {
263 settings |= MGMT_SETTING_BREDR;
264 settings |= MGMT_SETTING_LINK_SECURITY;
267 if (hdev->features[4] & LMP_LE)
268 settings |= MGMT_SETTING_LE;
273 static u32 get_current_settings(struct hci_dev *hdev)
277 if (test_bit(HCI_UP, &hdev->flags))
278 settings |= MGMT_SETTING_POWERED;
282 if (test_bit(HCI_PSCAN, &hdev->flags))
283 settings |= MGMT_SETTING_CONNECTABLE;
285 if (test_bit(HCI_ISCAN, &hdev->flags))
286 settings |= MGMT_SETTING_DISCOVERABLE;
288 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags))
289 settings |= MGMT_SETTING_PAIRABLE;
291 if (!(hdev->features[4] & LMP_NO_BREDR))
292 settings |= MGMT_SETTING_BREDR;
294 if (hdev->host_features[0] & LMP_HOST_LE)
295 settings |= MGMT_SETTING_LE;
297 if (test_bit(HCI_AUTH, &hdev->flags))
298 settings |= MGMT_SETTING_LINK_SECURITY;
300 if (hdev->ssp_mode > 0)
301 settings |= MGMT_SETTING_SSP;
306 #define PNP_INFO_SVCLASS_ID 0x1200
308 static u8 bluetooth_base_uuid[] = {
309 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
310 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
313 static u16 get_uuid16(u8 *uuid128)
318 for (i = 0; i < 12; i++) {
319 if (bluetooth_base_uuid[i] != uuid128[i])
323 memcpy(&val, &uuid128[12], 4);
325 val = le32_to_cpu(val);
332 static void create_eir(struct hci_dev *hdev, u8 *data)
336 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
337 int i, truncated = 0;
338 struct bt_uuid *uuid;
341 name_len = strlen(hdev->dev_name);
347 ptr[1] = EIR_NAME_SHORT;
349 ptr[1] = EIR_NAME_COMPLETE;
351 /* EIR Data length */
352 ptr[0] = name_len + 1;
354 memcpy(ptr + 2, hdev->dev_name, name_len);
356 eir_len += (name_len + 2);
357 ptr += (name_len + 2);
360 memset(uuid16_list, 0, sizeof(uuid16_list));
362 /* Group all UUID16 types */
363 list_for_each_entry(uuid, &hdev->uuids, list) {
366 uuid16 = get_uuid16(uuid->uuid);
373 if (uuid16 == PNP_INFO_SVCLASS_ID)
376 /* Stop if not enough space to put next UUID */
377 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
382 /* Check for duplicates */
383 for (i = 0; uuid16_list[i] != 0; i++)
384 if (uuid16_list[i] == uuid16)
387 if (uuid16_list[i] == 0) {
388 uuid16_list[i] = uuid16;
389 eir_len += sizeof(u16);
393 if (uuid16_list[0] != 0) {
397 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
402 for (i = 0; uuid16_list[i] != 0; i++) {
403 *ptr++ = (uuid16_list[i] & 0x00ff);
404 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
407 /* EIR Data length */
408 *length = (i * sizeof(u16)) + 1;
412 static int update_eir(struct hci_dev *hdev)
414 struct hci_cp_write_eir cp;
416 if (!(hdev->features[6] & LMP_EXT_INQ))
419 if (hdev->ssp_mode == 0)
422 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
425 memset(&cp, 0, sizeof(cp));
427 create_eir(hdev, cp.data);
429 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
432 memcpy(hdev->eir, cp.data, sizeof(cp.data));
434 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
437 static u8 get_service_classes(struct hci_dev *hdev)
439 struct bt_uuid *uuid;
442 list_for_each_entry(uuid, &hdev->uuids, list)
443 val |= uuid->svc_hint;
448 static int update_class(struct hci_dev *hdev)
452 BT_DBG("%s", hdev->name);
454 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
457 cod[0] = hdev->minor_class;
458 cod[1] = hdev->major_class;
459 cod[2] = get_service_classes(hdev);
461 if (memcmp(cod, hdev->dev_class, 3) == 0)
464 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
467 static void service_cache_off(struct work_struct *work)
469 struct hci_dev *hdev = container_of(work, struct hci_dev,
472 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
480 hci_dev_unlock(hdev);
483 static void mgmt_init_hdev(struct hci_dev *hdev)
485 if (!test_and_set_bit(HCI_MGMT, &hdev->dev_flags))
486 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
488 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
489 schedule_delayed_work(&hdev->service_cache,
490 msecs_to_jiffies(SERVICE_CACHE_TIMEOUT));
493 static int read_controller_info(struct sock *sk, u16 index)
495 struct mgmt_rp_read_info rp;
496 struct hci_dev *hdev;
498 BT_DBG("sock %p hci%u", sk, index);
500 hdev = hci_dev_get(index);
502 return cmd_status(sk, index, MGMT_OP_READ_INFO,
503 MGMT_STATUS_INVALID_PARAMS);
505 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags))
506 cancel_delayed_work_sync(&hdev->power_off);
510 if (test_and_clear_bit(HCI_PI_MGMT_INIT, &hci_pi(sk)->flags))
511 mgmt_init_hdev(hdev);
513 memset(&rp, 0, sizeof(rp));
515 bacpy(&rp.bdaddr, &hdev->bdaddr);
517 rp.version = hdev->hci_ver;
519 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
521 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
522 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
524 memcpy(rp.dev_class, hdev->dev_class, 3);
526 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
528 hci_dev_unlock(hdev);
531 return cmd_complete(sk, index, MGMT_OP_READ_INFO, &rp, sizeof(rp));
534 static void mgmt_pending_free(struct pending_cmd *cmd)
541 static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
542 struct hci_dev *hdev,
545 struct pending_cmd *cmd;
547 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
551 cmd->opcode = opcode;
552 cmd->index = hdev->id;
554 cmd->param = kmalloc(len, GFP_ATOMIC);
561 memcpy(cmd->param, data, len);
566 list_add(&cmd->list, &hdev->mgmt_pending);
571 static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
572 void (*cb)(struct pending_cmd *cmd, void *data),
575 struct list_head *p, *n;
577 list_for_each_safe(p, n, &hdev->mgmt_pending) {
578 struct pending_cmd *cmd;
580 cmd = list_entry(p, struct pending_cmd, list);
582 if (opcode > 0 && cmd->opcode != opcode)
589 static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
591 struct pending_cmd *cmd;
593 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
594 if (cmd->opcode == opcode)
601 static void mgmt_pending_remove(struct pending_cmd *cmd)
603 list_del(&cmd->list);
604 mgmt_pending_free(cmd);
607 static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
609 __le32 settings = cpu_to_le32(get_current_settings(hdev));
611 return cmd_complete(sk, hdev->id, opcode, &settings, sizeof(settings));
614 static int set_powered(struct sock *sk, u16 index, unsigned char *data, u16 len)
616 struct mgmt_mode *cp;
617 struct hci_dev *hdev;
618 struct pending_cmd *cmd;
623 BT_DBG("request for hci%u", index);
625 if (len != sizeof(*cp))
626 return cmd_status(sk, index, MGMT_OP_SET_POWERED,
627 MGMT_STATUS_INVALID_PARAMS);
629 hdev = hci_dev_get(index);
631 return cmd_status(sk, index, MGMT_OP_SET_POWERED,
632 MGMT_STATUS_INVALID_PARAMS);
636 up = test_bit(HCI_UP, &hdev->flags);
637 if ((cp->val && up) || (!cp->val && !up)) {
638 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
642 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
643 err = cmd_status(sk, index, MGMT_OP_SET_POWERED,
648 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
655 schedule_work(&hdev->power_on);
657 schedule_work(&hdev->power_off.work);
662 hci_dev_unlock(hdev);
667 static int set_discoverable(struct sock *sk, u16 index, unsigned char *data,
670 struct mgmt_cp_set_discoverable *cp;
671 struct hci_dev *hdev;
672 struct pending_cmd *cmd;
678 BT_DBG("request for hci%u", index);
680 if (len != sizeof(*cp))
681 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
682 MGMT_STATUS_INVALID_PARAMS);
684 hdev = hci_dev_get(index);
686 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
687 MGMT_STATUS_INVALID_PARAMS);
691 if (!test_bit(HCI_UP, &hdev->flags)) {
692 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
693 MGMT_STATUS_NOT_POWERED);
697 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
698 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
699 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
704 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
705 test_bit(HCI_PSCAN, &hdev->flags)) {
706 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
710 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
719 scan |= SCAN_INQUIRY;
721 cancel_delayed_work(&hdev->discov_off);
723 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
725 mgmt_pending_remove(cmd);
728 hdev->discov_timeout = get_unaligned_le16(&cp->timeout);
731 hci_dev_unlock(hdev);
737 static int set_connectable(struct sock *sk, u16 index, unsigned char *data,
740 struct mgmt_mode *cp;
741 struct hci_dev *hdev;
742 struct pending_cmd *cmd;
748 BT_DBG("request for hci%u", index);
750 if (len != sizeof(*cp))
751 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
752 MGMT_STATUS_INVALID_PARAMS);
754 hdev = hci_dev_get(index);
756 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
757 MGMT_STATUS_INVALID_PARAMS);
761 if (!test_bit(HCI_UP, &hdev->flags)) {
762 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
763 MGMT_STATUS_NOT_POWERED);
767 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
768 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
769 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
774 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
775 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
779 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
790 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
792 mgmt_pending_remove(cmd);
795 hci_dev_unlock(hdev);
801 static int mgmt_event(u16 event, struct hci_dev *hdev, void *data,
802 u16 data_len, struct sock *skip_sk)
805 struct mgmt_hdr *hdr;
807 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
811 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL;
813 hdr = (void *) skb_put(skb, sizeof(*hdr));
814 hdr->opcode = cpu_to_le16(event);
816 hdr->index = cpu_to_le16(hdev->id);
818 hdr->index = cpu_to_le16(MGMT_INDEX_NONE);
819 hdr->len = cpu_to_le16(data_len);
822 memcpy(skb_put(skb, data_len), data, data_len);
824 hci_send_to_sock(NULL, skb, skip_sk);
830 static int set_pairable(struct sock *sk, u16 index, unsigned char *data,
833 struct mgmt_mode *cp;
834 struct hci_dev *hdev;
840 BT_DBG("request for hci%u", index);
842 if (len != sizeof(*cp))
843 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE,
844 MGMT_STATUS_INVALID_PARAMS);
846 hdev = hci_dev_get(index);
848 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE,
849 MGMT_STATUS_INVALID_PARAMS);
854 set_bit(HCI_PAIRABLE, &hdev->dev_flags);
856 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
858 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
862 ev = cpu_to_le32(get_current_settings(hdev));
864 err = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), sk);
867 hci_dev_unlock(hdev);
873 static int add_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
875 struct mgmt_cp_add_uuid *cp;
876 struct hci_dev *hdev;
877 struct bt_uuid *uuid;
882 BT_DBG("request for hci%u", index);
884 if (len != sizeof(*cp))
885 return cmd_status(sk, index, MGMT_OP_ADD_UUID,
886 MGMT_STATUS_INVALID_PARAMS);
888 hdev = hci_dev_get(index);
890 return cmd_status(sk, index, MGMT_OP_ADD_UUID,
891 MGMT_STATUS_INVALID_PARAMS);
895 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
901 memcpy(uuid->uuid, cp->uuid, 16);
902 uuid->svc_hint = cp->svc_hint;
904 list_add(&uuid->list, &hdev->uuids);
906 err = update_class(hdev);
910 err = update_eir(hdev);
914 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, NULL, 0);
917 hci_dev_unlock(hdev);
923 static int remove_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
925 struct list_head *p, *n;
926 struct mgmt_cp_remove_uuid *cp;
927 struct hci_dev *hdev;
928 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
933 BT_DBG("request for hci%u", index);
935 if (len != sizeof(*cp))
936 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
937 MGMT_STATUS_INVALID_PARAMS);
939 hdev = hci_dev_get(index);
941 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
942 MGMT_STATUS_INVALID_PARAMS);
946 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
947 err = hci_uuids_clear(hdev);
953 list_for_each_safe(p, n, &hdev->uuids) {
954 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
956 if (memcmp(match->uuid, cp->uuid, 16) != 0)
959 list_del(&match->list);
964 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
965 MGMT_STATUS_INVALID_PARAMS);
969 err = update_class(hdev);
973 err = update_eir(hdev);
977 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, NULL, 0);
980 hci_dev_unlock(hdev);
986 static int set_dev_class(struct sock *sk, u16 index, unsigned char *data,
989 struct hci_dev *hdev;
990 struct mgmt_cp_set_dev_class *cp;
995 BT_DBG("request for hci%u", index);
997 if (len != sizeof(*cp))
998 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
999 MGMT_STATUS_INVALID_PARAMS);
1001 hdev = hci_dev_get(index);
1003 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
1004 MGMT_STATUS_INVALID_PARAMS);
1008 hdev->major_class = cp->major;
1009 hdev->minor_class = cp->minor;
1011 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
1012 hci_dev_unlock(hdev);
1013 cancel_delayed_work_sync(&hdev->service_cache);
1018 err = update_class(hdev);
1021 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, NULL, 0);
1023 hci_dev_unlock(hdev);
1029 static int load_link_keys(struct sock *sk, u16 index, unsigned char *data,
1032 struct hci_dev *hdev;
1033 struct mgmt_cp_load_link_keys *cp;
1034 u16 key_count, expected_len;
1039 if (len < sizeof(*cp))
1040 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1041 MGMT_STATUS_INVALID_PARAMS);
1043 key_count = get_unaligned_le16(&cp->key_count);
1045 expected_len = sizeof(*cp) + key_count *
1046 sizeof(struct mgmt_link_key_info);
1047 if (expected_len != len) {
1048 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
1050 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1051 MGMT_STATUS_INVALID_PARAMS);
1054 hdev = hci_dev_get(index);
1056 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1057 MGMT_STATUS_INVALID_PARAMS);
1059 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys,
1064 hci_link_keys_clear(hdev);
1066 set_bit(HCI_LINK_KEYS, &hdev->dev_flags);
1069 set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
1071 clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
1073 for (i = 0; i < key_count; i++) {
1074 struct mgmt_link_key_info *key = &cp->keys[i];
1076 hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type,
1080 cmd_complete(sk, index, MGMT_OP_LOAD_LINK_KEYS, NULL, 0);
1082 hci_dev_unlock(hdev);
1088 static int remove_keys(struct sock *sk, u16 index, unsigned char *data,
1091 struct hci_dev *hdev;
1092 struct mgmt_cp_remove_keys *cp;
1093 struct mgmt_rp_remove_keys rp;
1094 struct hci_cp_disconnect dc;
1095 struct pending_cmd *cmd;
1096 struct hci_conn *conn;
1101 if (len != sizeof(*cp))
1102 return cmd_status(sk, index, MGMT_OP_REMOVE_KEYS,
1103 MGMT_STATUS_INVALID_PARAMS);
1105 hdev = hci_dev_get(index);
1107 return cmd_status(sk, index, MGMT_OP_REMOVE_KEYS,
1108 MGMT_STATUS_INVALID_PARAMS);
1112 memset(&rp, 0, sizeof(rp));
1113 bacpy(&rp.bdaddr, &cp->bdaddr);
1114 rp.status = MGMT_STATUS_FAILED;
1116 err = hci_remove_link_key(hdev, &cp->bdaddr);
1118 rp.status = MGMT_STATUS_NOT_PAIRED;
1122 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect) {
1123 err = cmd_complete(sk, index, MGMT_OP_REMOVE_KEYS, &rp,
1128 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1130 err = cmd_complete(sk, index, MGMT_OP_REMOVE_KEYS, &rp,
1135 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_KEYS, hdev, cp, sizeof(*cp));
1141 put_unaligned_le16(conn->handle, &dc.handle);
1142 dc.reason = 0x13; /* Remote User Terminated Connection */
1143 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1145 mgmt_pending_remove(cmd);
1149 err = cmd_complete(sk, index, MGMT_OP_REMOVE_KEYS, &rp,
1151 hci_dev_unlock(hdev);
1157 static int disconnect(struct sock *sk, u16 index, unsigned char *data, u16 len)
1159 struct hci_dev *hdev;
1160 struct mgmt_cp_disconnect *cp;
1161 struct hci_cp_disconnect dc;
1162 struct pending_cmd *cmd;
1163 struct hci_conn *conn;
1170 if (len != sizeof(*cp))
1171 return cmd_status(sk, index, MGMT_OP_DISCONNECT,
1172 MGMT_STATUS_INVALID_PARAMS);
1174 hdev = hci_dev_get(index);
1176 return cmd_status(sk, index, MGMT_OP_DISCONNECT,
1177 MGMT_STATUS_INVALID_PARAMS);
1181 if (!test_bit(HCI_UP, &hdev->flags)) {
1182 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1183 MGMT_STATUS_NOT_POWERED);
1187 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
1188 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1193 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1195 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->bdaddr);
1198 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1199 MGMT_STATUS_NOT_CONNECTED);
1203 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
1209 put_unaligned_le16(conn->handle, &dc.handle);
1210 dc.reason = 0x13; /* Remote User Terminated Connection */
1212 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1214 mgmt_pending_remove(cmd);
1217 hci_dev_unlock(hdev);
1223 static u8 link_to_mgmt(u8 link_type, u8 addr_type)
1225 switch (link_type) {
1227 switch (addr_type) {
1228 case ADDR_LE_DEV_PUBLIC:
1229 return MGMT_ADDR_LE_PUBLIC;
1230 case ADDR_LE_DEV_RANDOM:
1231 return MGMT_ADDR_LE_RANDOM;
1233 return MGMT_ADDR_INVALID;
1236 return MGMT_ADDR_BREDR;
1238 return MGMT_ADDR_INVALID;
1242 static int get_connections(struct sock *sk, u16 index)
1244 struct mgmt_rp_get_connections *rp;
1245 struct hci_dev *hdev;
1247 struct list_head *p;
1254 hdev = hci_dev_get(index);
1256 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS,
1257 MGMT_STATUS_INVALID_PARAMS);
1262 list_for_each(p, &hdev->conn_hash.list) {
1266 rp_len = sizeof(*rp) + (count * sizeof(struct mgmt_addr_info));
1267 rp = kmalloc(rp_len, GFP_ATOMIC);
1273 put_unaligned_le16(count, &rp->conn_count);
1276 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1277 bacpy(&rp->addr[i].bdaddr, &c->dst);
1278 rp->addr[i].type = link_to_mgmt(c->type, c->dst_type);
1279 if (rp->addr[i].type == MGMT_ADDR_INVALID)
1284 /* Recalculate length in case of filtered SCO connections, etc */
1285 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
1287 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, rp, rp_len);
1291 hci_dev_unlock(hdev);
1296 static int send_pin_code_neg_reply(struct sock *sk, u16 index,
1297 struct hci_dev *hdev, struct mgmt_cp_pin_code_neg_reply *cp)
1299 struct pending_cmd *cmd;
1302 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
1307 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, sizeof(cp->bdaddr),
1310 mgmt_pending_remove(cmd);
1315 static int pin_code_reply(struct sock *sk, u16 index, unsigned char *data,
1318 struct hci_dev *hdev;
1319 struct hci_conn *conn;
1320 struct mgmt_cp_pin_code_reply *cp;
1321 struct mgmt_cp_pin_code_neg_reply ncp;
1322 struct hci_cp_pin_code_reply reply;
1323 struct pending_cmd *cmd;
1330 if (len != sizeof(*cp))
1331 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1332 MGMT_STATUS_INVALID_PARAMS);
1334 hdev = hci_dev_get(index);
1336 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1337 MGMT_STATUS_INVALID_PARAMS);
1341 if (!test_bit(HCI_UP, &hdev->flags)) {
1342 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1343 MGMT_STATUS_NOT_POWERED);
1347 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1349 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1350 MGMT_STATUS_NOT_CONNECTED);
1354 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
1355 bacpy(&ncp.bdaddr, &cp->bdaddr);
1357 BT_ERR("PIN code is not 16 bytes long");
1359 err = send_pin_code_neg_reply(sk, index, hdev, &ncp);
1361 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1362 MGMT_STATUS_INVALID_PARAMS);
1367 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
1373 bacpy(&reply.bdaddr, &cp->bdaddr);
1374 reply.pin_len = cp->pin_len;
1375 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
1377 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1379 mgmt_pending_remove(cmd);
1382 hci_dev_unlock(hdev);
1388 static int pin_code_neg_reply(struct sock *sk, u16 index, unsigned char *data,
1391 struct hci_dev *hdev;
1392 struct mgmt_cp_pin_code_neg_reply *cp;
1399 if (len != sizeof(*cp))
1400 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1401 MGMT_STATUS_INVALID_PARAMS);
1403 hdev = hci_dev_get(index);
1405 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1406 MGMT_STATUS_INVALID_PARAMS);
1410 if (!test_bit(HCI_UP, &hdev->flags)) {
1411 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1412 MGMT_STATUS_NOT_POWERED);
1416 err = send_pin_code_neg_reply(sk, index, hdev, cp);
1419 hci_dev_unlock(hdev);
1425 static int set_io_capability(struct sock *sk, u16 index, unsigned char *data,
1428 struct hci_dev *hdev;
1429 struct mgmt_cp_set_io_capability *cp;
1435 if (len != sizeof(*cp))
1436 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY,
1437 MGMT_STATUS_INVALID_PARAMS);
1439 hdev = hci_dev_get(index);
1441 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY,
1442 MGMT_STATUS_INVALID_PARAMS);
1446 hdev->io_capability = cp->io_capability;
1448 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
1449 hdev->io_capability);
1451 hci_dev_unlock(hdev);
1454 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, NULL, 0);
1457 static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1459 struct hci_dev *hdev = conn->hdev;
1460 struct pending_cmd *cmd;
1462 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
1463 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1466 if (cmd->user_data != conn)
1475 static void pairing_complete(struct pending_cmd *cmd, u8 status)
1477 struct mgmt_rp_pair_device rp;
1478 struct hci_conn *conn = cmd->user_data;
1480 bacpy(&rp.addr.bdaddr, &conn->dst);
1481 rp.addr.type = link_to_mgmt(conn->type, conn->dst_type);
1484 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, &rp, sizeof(rp));
1486 /* So we don't get further callbacks for this connection */
1487 conn->connect_cfm_cb = NULL;
1488 conn->security_cfm_cb = NULL;
1489 conn->disconn_cfm_cb = NULL;
1493 mgmt_pending_remove(cmd);
1496 static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1498 struct pending_cmd *cmd;
1500 BT_DBG("status %u", status);
1502 cmd = find_pairing(conn);
1504 BT_DBG("Unable to find a pending command");
1506 pairing_complete(cmd, status);
1509 static int pair_device(struct sock *sk, u16 index, unsigned char *data, u16 len)
1511 struct hci_dev *hdev;
1512 struct mgmt_cp_pair_device *cp;
1513 struct mgmt_rp_pair_device rp;
1514 struct pending_cmd *cmd;
1515 u8 sec_level, auth_type;
1516 struct hci_conn *conn;
1523 if (len != sizeof(*cp))
1524 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
1525 MGMT_STATUS_INVALID_PARAMS);
1527 hdev = hci_dev_get(index);
1529 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
1530 MGMT_STATUS_INVALID_PARAMS);
1534 sec_level = BT_SECURITY_MEDIUM;
1535 if (cp->io_cap == 0x03)
1536 auth_type = HCI_AT_DEDICATED_BONDING;
1538 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
1540 if (cp->addr.type == MGMT_ADDR_BREDR)
1541 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr, sec_level,
1544 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr, sec_level,
1547 memset(&rp, 0, sizeof(rp));
1548 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1549 rp.addr.type = cp->addr.type;
1552 rp.status = -PTR_ERR(conn);
1553 err = cmd_complete(sk, index, MGMT_OP_PAIR_DEVICE,
1558 if (conn->connect_cfm_cb) {
1561 err = cmd_complete(sk, index, MGMT_OP_PAIR_DEVICE,
1566 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
1573 /* For LE, just connecting isn't a proof that the pairing finished */
1574 if (cp->addr.type == MGMT_ADDR_BREDR)
1575 conn->connect_cfm_cb = pairing_complete_cb;
1577 conn->security_cfm_cb = pairing_complete_cb;
1578 conn->disconn_cfm_cb = pairing_complete_cb;
1579 conn->io_capability = cp->io_cap;
1580 cmd->user_data = conn;
1582 if (conn->state == BT_CONNECTED &&
1583 hci_conn_security(conn, sec_level, auth_type))
1584 pairing_complete(cmd, 0);
1589 hci_dev_unlock(hdev);
1595 static int user_pairing_resp(struct sock *sk, u16 index, bdaddr_t *bdaddr,
1596 u16 mgmt_op, u16 hci_op, __le32 passkey)
1598 struct pending_cmd *cmd;
1599 struct hci_dev *hdev;
1600 struct hci_conn *conn;
1603 hdev = hci_dev_get(index);
1605 return cmd_status(sk, index, mgmt_op,
1606 MGMT_STATUS_INVALID_PARAMS);
1610 if (!test_bit(HCI_UP, &hdev->flags)) {
1611 err = cmd_status(sk, index, mgmt_op, MGMT_STATUS_NOT_POWERED);
1616 * Check for an existing ACL link, if present pair via
1619 * If no ACL link is present, check for an LE link and if
1620 * present, pair via the SMP engine.
1622 * If neither ACL nor LE links are present, fail with error.
1624 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, bdaddr);
1626 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, bdaddr);
1628 err = cmd_status(sk, index, mgmt_op,
1629 MGMT_STATUS_NOT_CONNECTED);
1633 /* Continue with pairing via SMP */
1634 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
1637 err = cmd_status(sk, index, mgmt_op,
1638 MGMT_STATUS_SUCCESS);
1640 err = cmd_status(sk, index, mgmt_op,
1641 MGMT_STATUS_FAILED);
1646 cmd = mgmt_pending_add(sk, mgmt_op, hdev, bdaddr, sizeof(*bdaddr));
1652 /* Continue with pairing via HCI */
1653 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
1654 struct hci_cp_user_passkey_reply cp;
1656 bacpy(&cp.bdaddr, bdaddr);
1657 cp.passkey = passkey;
1658 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
1660 err = hci_send_cmd(hdev, hci_op, sizeof(*bdaddr), bdaddr);
1663 mgmt_pending_remove(cmd);
1666 hci_dev_unlock(hdev);
1672 static int user_confirm_reply(struct sock *sk, u16 index, void *data, u16 len)
1674 struct mgmt_cp_user_confirm_reply *cp = (void *) data;
1678 if (len != sizeof(*cp))
1679 return cmd_status(sk, index, MGMT_OP_USER_CONFIRM_REPLY,
1680 MGMT_STATUS_INVALID_PARAMS);
1682 return user_pairing_resp(sk, index, &cp->bdaddr,
1683 MGMT_OP_USER_CONFIRM_REPLY,
1684 HCI_OP_USER_CONFIRM_REPLY, 0);
1687 static int user_confirm_neg_reply(struct sock *sk, u16 index, void *data,
1690 struct mgmt_cp_user_confirm_neg_reply *cp = data;
1694 if (len != sizeof(*cp))
1695 return cmd_status(sk, index, MGMT_OP_USER_CONFIRM_NEG_REPLY,
1696 MGMT_STATUS_INVALID_PARAMS);
1698 return user_pairing_resp(sk, index, &cp->bdaddr,
1699 MGMT_OP_USER_CONFIRM_NEG_REPLY,
1700 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
1703 static int user_passkey_reply(struct sock *sk, u16 index, void *data, u16 len)
1705 struct mgmt_cp_user_passkey_reply *cp = (void *) data;
1709 if (len != sizeof(*cp))
1710 return cmd_status(sk, index, MGMT_OP_USER_PASSKEY_REPLY,
1713 return user_pairing_resp(sk, index, &cp->bdaddr,
1714 MGMT_OP_USER_PASSKEY_REPLY,
1715 HCI_OP_USER_PASSKEY_REPLY, cp->passkey);
1718 static int user_passkey_neg_reply(struct sock *sk, u16 index, void *data,
1721 struct mgmt_cp_user_passkey_neg_reply *cp = (void *) data;
1725 if (len != sizeof(*cp))
1726 return cmd_status(sk, index, MGMT_OP_USER_PASSKEY_NEG_REPLY,
1729 return user_pairing_resp(sk, index, &cp->bdaddr,
1730 MGMT_OP_USER_PASSKEY_NEG_REPLY,
1731 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
1734 static int set_local_name(struct sock *sk, u16 index, unsigned char *data,
1737 struct mgmt_cp_set_local_name *mgmt_cp = (void *) data;
1738 struct hci_cp_write_local_name hci_cp;
1739 struct hci_dev *hdev;
1740 struct pending_cmd *cmd;
1745 if (len != sizeof(*mgmt_cp))
1746 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME,
1747 MGMT_STATUS_INVALID_PARAMS);
1749 hdev = hci_dev_get(index);
1751 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME,
1752 MGMT_STATUS_INVALID_PARAMS);
1756 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
1762 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name));
1763 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp),
1766 mgmt_pending_remove(cmd);
1769 hci_dev_unlock(hdev);
1775 static int read_local_oob_data(struct sock *sk, u16 index)
1777 struct hci_dev *hdev;
1778 struct pending_cmd *cmd;
1781 BT_DBG("hci%u", index);
1783 hdev = hci_dev_get(index);
1785 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1786 MGMT_STATUS_INVALID_PARAMS);
1790 if (!test_bit(HCI_UP, &hdev->flags)) {
1791 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1792 MGMT_STATUS_NOT_POWERED);
1796 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
1797 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1798 MGMT_STATUS_NOT_SUPPORTED);
1802 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
1803 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1808 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
1814 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
1816 mgmt_pending_remove(cmd);
1819 hci_dev_unlock(hdev);
1825 static int add_remote_oob_data(struct sock *sk, u16 index, unsigned char *data,
1828 struct hci_dev *hdev;
1829 struct mgmt_cp_add_remote_oob_data *cp = (void *) data;
1832 BT_DBG("hci%u ", index);
1834 if (len != sizeof(*cp))
1835 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1836 MGMT_STATUS_INVALID_PARAMS);
1838 hdev = hci_dev_get(index);
1840 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1841 MGMT_STATUS_INVALID_PARAMS);
1845 err = hci_add_remote_oob_data(hdev, &cp->bdaddr, cp->hash,
1848 err = cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1849 MGMT_STATUS_FAILED);
1851 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, NULL,
1854 hci_dev_unlock(hdev);
1860 static int remove_remote_oob_data(struct sock *sk, u16 index,
1861 unsigned char *data, u16 len)
1863 struct hci_dev *hdev;
1864 struct mgmt_cp_remove_remote_oob_data *cp = (void *) data;
1867 BT_DBG("hci%u ", index);
1869 if (len != sizeof(*cp))
1870 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1871 MGMT_STATUS_INVALID_PARAMS);
1873 hdev = hci_dev_get(index);
1875 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1876 MGMT_STATUS_INVALID_PARAMS);
1880 err = hci_remove_remote_oob_data(hdev, &cp->bdaddr);
1882 err = cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1883 MGMT_STATUS_INVALID_PARAMS);
1885 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1888 hci_dev_unlock(hdev);
1894 static int start_discovery(struct sock *sk, u16 index,
1895 unsigned char *data, u16 len)
1897 struct mgmt_cp_start_discovery *cp = (void *) data;
1898 struct pending_cmd *cmd;
1899 struct hci_dev *hdev;
1902 BT_DBG("hci%u", index);
1904 if (len != sizeof(*cp))
1905 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
1906 MGMT_STATUS_INVALID_PARAMS);
1908 hdev = hci_dev_get(index);
1910 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
1911 MGMT_STATUS_INVALID_PARAMS);
1915 if (!test_bit(HCI_UP, &hdev->flags)) {
1916 err = cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
1917 MGMT_STATUS_NOT_POWERED);
1921 if (hdev->discovery.state != DISCOVERY_STOPPED) {
1922 err = cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
1927 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
1933 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
1935 mgmt_pending_remove(cmd);
1937 hci_discovery_set_state(hdev, DISCOVERY_STARTING);
1940 hci_dev_unlock(hdev);
1946 static int stop_discovery(struct sock *sk, u16 index)
1948 struct hci_dev *hdev;
1949 struct pending_cmd *cmd;
1950 struct hci_cp_remote_name_req_cancel cp;
1951 struct inquiry_entry *e;
1954 BT_DBG("hci%u", index);
1956 hdev = hci_dev_get(index);
1958 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY,
1959 MGMT_STATUS_INVALID_PARAMS);
1963 if (!hci_discovery_active(hdev)) {
1964 err = cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY,
1965 MGMT_STATUS_REJECTED);
1969 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
1975 if (hdev->discovery.state == DISCOVERY_INQUIRY) {
1976 err = hci_cancel_inquiry(hdev);
1978 mgmt_pending_remove(cmd);
1980 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
1984 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_PENDING);
1986 mgmt_pending_remove(cmd);
1987 err = cmd_complete(sk, index, MGMT_OP_STOP_DISCOVERY, NULL, 0);
1988 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1992 bacpy(&cp.bdaddr, &e->data.bdaddr);
1993 err = hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ_CANCEL,
1996 mgmt_pending_remove(cmd);
1998 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
2001 hci_dev_unlock(hdev);
2007 static int confirm_name(struct sock *sk, u16 index, unsigned char *data,
2010 struct mgmt_cp_confirm_name *cp = (void *) data;
2011 struct inquiry_entry *e;
2012 struct hci_dev *hdev;
2015 BT_DBG("hci%u", index);
2017 if (len != sizeof(*cp))
2018 return cmd_status(sk, index, MGMT_OP_CONFIRM_NAME,
2019 MGMT_STATUS_INVALID_PARAMS);
2021 hdev = hci_dev_get(index);
2023 return cmd_status(sk, index, MGMT_OP_CONFIRM_NAME,
2024 MGMT_STATUS_INVALID_PARAMS);
2028 if (!hci_discovery_active(hdev)) {
2029 err = cmd_status(sk, index, MGMT_OP_CONFIRM_NAME,
2030 MGMT_STATUS_FAILED);
2034 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->bdaddr);
2036 err = cmd_status (sk, index, MGMT_OP_CONFIRM_NAME,
2037 MGMT_STATUS_INVALID_PARAMS);
2041 if (cp->name_known) {
2042 e->name_state = NAME_KNOWN;
2045 e->name_state = NAME_NEEDED;
2046 hci_inquiry_cache_update_resolve(hdev, e);
2052 hci_dev_unlock(hdev);
2057 static int block_device(struct sock *sk, u16 index, unsigned char *data,
2060 struct hci_dev *hdev;
2061 struct mgmt_cp_block_device *cp = (void *) data;
2064 BT_DBG("hci%u", index);
2066 if (len != sizeof(*cp))
2067 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
2068 MGMT_STATUS_INVALID_PARAMS);
2070 hdev = hci_dev_get(index);
2072 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
2073 MGMT_STATUS_INVALID_PARAMS);
2077 err = hci_blacklist_add(hdev, &cp->bdaddr);
2079 err = cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
2080 MGMT_STATUS_FAILED);
2082 err = cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE,
2085 hci_dev_unlock(hdev);
2091 static int unblock_device(struct sock *sk, u16 index, unsigned char *data,
2094 struct hci_dev *hdev;
2095 struct mgmt_cp_unblock_device *cp = (void *) data;
2098 BT_DBG("hci%u", index);
2100 if (len != sizeof(*cp))
2101 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2102 MGMT_STATUS_INVALID_PARAMS);
2104 hdev = hci_dev_get(index);
2106 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2107 MGMT_STATUS_INVALID_PARAMS);
2111 err = hci_blacklist_del(hdev, &cp->bdaddr);
2114 err = cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2115 MGMT_STATUS_INVALID_PARAMS);
2117 err = cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2120 hci_dev_unlock(hdev);
2126 static int set_fast_connectable(struct sock *sk, u16 index,
2127 unsigned char *data, u16 len)
2129 struct hci_dev *hdev;
2130 struct mgmt_mode *cp = (void *) data;
2131 struct hci_cp_write_page_scan_activity acp;
2135 BT_DBG("hci%u", index);
2137 if (len != sizeof(*cp))
2138 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2139 MGMT_STATUS_INVALID_PARAMS);
2141 hdev = hci_dev_get(index);
2143 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2144 MGMT_STATUS_INVALID_PARAMS);
2149 type = PAGE_SCAN_TYPE_INTERLACED;
2150 acp.interval = 0x0024; /* 22.5 msec page scan interval */
2152 type = PAGE_SCAN_TYPE_STANDARD; /* default */
2153 acp.interval = 0x0800; /* default 1.28 sec page scan */
2156 acp.window = 0x0012; /* default 11.25 msec page scan window */
2158 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
2161 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2162 MGMT_STATUS_FAILED);
2166 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
2168 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2169 MGMT_STATUS_FAILED);
2173 err = cmd_complete(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2176 hci_dev_unlock(hdev);
2182 int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
2185 struct mgmt_hdr *hdr;
2186 u16 opcode, index, len;
2189 BT_DBG("got %zu bytes", msglen);
2191 if (msglen < sizeof(*hdr))
2194 buf = kmalloc(msglen, GFP_KERNEL);
2198 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
2203 hdr = (struct mgmt_hdr *) buf;
2204 opcode = get_unaligned_le16(&hdr->opcode);
2205 index = get_unaligned_le16(&hdr->index);
2206 len = get_unaligned_le16(&hdr->len);
2208 if (len != msglen - sizeof(*hdr)) {
2214 case MGMT_OP_READ_VERSION:
2215 err = read_version(sk);
2217 case MGMT_OP_READ_INDEX_LIST:
2218 err = read_index_list(sk);
2220 case MGMT_OP_READ_INFO:
2221 err = read_controller_info(sk, index);
2223 case MGMT_OP_SET_POWERED:
2224 err = set_powered(sk, index, buf + sizeof(*hdr), len);
2226 case MGMT_OP_SET_DISCOVERABLE:
2227 err = set_discoverable(sk, index, buf + sizeof(*hdr), len);
2229 case MGMT_OP_SET_CONNECTABLE:
2230 err = set_connectable(sk, index, buf + sizeof(*hdr), len);
2232 case MGMT_OP_SET_FAST_CONNECTABLE:
2233 err = set_fast_connectable(sk, index, buf + sizeof(*hdr),
2236 case MGMT_OP_SET_PAIRABLE:
2237 err = set_pairable(sk, index, buf + sizeof(*hdr), len);
2239 case MGMT_OP_ADD_UUID:
2240 err = add_uuid(sk, index, buf + sizeof(*hdr), len);
2242 case MGMT_OP_REMOVE_UUID:
2243 err = remove_uuid(sk, index, buf + sizeof(*hdr), len);
2245 case MGMT_OP_SET_DEV_CLASS:
2246 err = set_dev_class(sk, index, buf + sizeof(*hdr), len);
2248 case MGMT_OP_LOAD_LINK_KEYS:
2249 err = load_link_keys(sk, index, buf + sizeof(*hdr), len);
2251 case MGMT_OP_REMOVE_KEYS:
2252 err = remove_keys(sk, index, buf + sizeof(*hdr), len);
2254 case MGMT_OP_DISCONNECT:
2255 err = disconnect(sk, index, buf + sizeof(*hdr), len);
2257 case MGMT_OP_GET_CONNECTIONS:
2258 err = get_connections(sk, index);
2260 case MGMT_OP_PIN_CODE_REPLY:
2261 err = pin_code_reply(sk, index, buf + sizeof(*hdr), len);
2263 case MGMT_OP_PIN_CODE_NEG_REPLY:
2264 err = pin_code_neg_reply(sk, index, buf + sizeof(*hdr), len);
2266 case MGMT_OP_SET_IO_CAPABILITY:
2267 err = set_io_capability(sk, index, buf + sizeof(*hdr), len);
2269 case MGMT_OP_PAIR_DEVICE:
2270 err = pair_device(sk, index, buf + sizeof(*hdr), len);
2272 case MGMT_OP_USER_CONFIRM_REPLY:
2273 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len);
2275 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
2276 err = user_confirm_neg_reply(sk, index, buf + sizeof(*hdr),
2279 case MGMT_OP_USER_PASSKEY_REPLY:
2280 err = user_passkey_reply(sk, index, buf + sizeof(*hdr), len);
2282 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
2283 err = user_passkey_neg_reply(sk, index, buf + sizeof(*hdr),
2286 case MGMT_OP_SET_LOCAL_NAME:
2287 err = set_local_name(sk, index, buf + sizeof(*hdr), len);
2289 case MGMT_OP_READ_LOCAL_OOB_DATA:
2290 err = read_local_oob_data(sk, index);
2292 case MGMT_OP_ADD_REMOTE_OOB_DATA:
2293 err = add_remote_oob_data(sk, index, buf + sizeof(*hdr), len);
2295 case MGMT_OP_REMOVE_REMOTE_OOB_DATA:
2296 err = remove_remote_oob_data(sk, index, buf + sizeof(*hdr),
2299 case MGMT_OP_START_DISCOVERY:
2300 err = start_discovery(sk, index, buf + sizeof(*hdr), len);
2302 case MGMT_OP_STOP_DISCOVERY:
2303 err = stop_discovery(sk, index);
2305 case MGMT_OP_CONFIRM_NAME:
2306 err = confirm_name(sk, index, buf + sizeof(*hdr), len);
2308 case MGMT_OP_BLOCK_DEVICE:
2309 err = block_device(sk, index, buf + sizeof(*hdr), len);
2311 case MGMT_OP_UNBLOCK_DEVICE:
2312 err = unblock_device(sk, index, buf + sizeof(*hdr), len);
2315 BT_DBG("Unknown op %u", opcode);
2316 err = cmd_status(sk, index, opcode,
2317 MGMT_STATUS_UNKNOWN_COMMAND);
2331 static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
2335 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
2336 mgmt_pending_remove(cmd);
2339 int mgmt_index_added(struct hci_dev *hdev)
2341 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
2344 int mgmt_index_removed(struct hci_dev *hdev)
2348 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
2350 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
2356 struct hci_dev *hdev;
2359 static void settings_rsp(struct pending_cmd *cmd, void *data)
2361 struct cmd_lookup *match = data;
2363 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
2365 list_del(&cmd->list);
2367 if (match->sk == NULL) {
2368 match->sk = cmd->sk;
2369 sock_hold(match->sk);
2372 mgmt_pending_free(cmd);
2375 int mgmt_powered(struct hci_dev *hdev, u8 powered)
2377 struct cmd_lookup match = { powered, NULL, hdev };
2381 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
2384 u8 status = ENETDOWN;
2385 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
2388 ev = cpu_to_le32(get_current_settings(hdev));
2390 ret = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev),
2399 int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
2401 struct cmd_lookup match = { discoverable, NULL, hdev };
2405 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp, &match);
2407 ev = cpu_to_le32(get_current_settings(hdev));
2409 ret = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev),
2417 int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
2420 struct cmd_lookup match = { connectable, NULL, hdev };
2423 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, settings_rsp,
2426 ev = cpu_to_le32(get_current_settings(hdev));
2428 ret = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), match.sk);
2436 int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2438 u8 mgmt_err = mgmt_status(status);
2440 if (scan & SCAN_PAGE)
2441 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
2442 cmd_status_rsp, &mgmt_err);
2444 if (scan & SCAN_INQUIRY)
2445 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
2446 cmd_status_rsp, &mgmt_err);
2451 int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
2454 struct mgmt_ev_new_link_key ev;
2456 memset(&ev, 0, sizeof(ev));
2458 ev.store_hint = persistent;
2459 bacpy(&ev.key.bdaddr, &key->bdaddr);
2460 ev.key.type = key->type;
2461 memcpy(ev.key.val, key->val, 16);
2462 ev.key.pin_len = key->pin_len;
2464 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
2467 int mgmt_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2470 struct mgmt_addr_info ev;
2472 bacpy(&ev.bdaddr, bdaddr);
2473 ev.type = link_to_mgmt(link_type, addr_type);
2475 return mgmt_event(MGMT_EV_CONNECTED, hdev, &ev, sizeof(ev), NULL);
2478 static void disconnect_rsp(struct pending_cmd *cmd, void *data)
2480 struct mgmt_cp_disconnect *cp = cmd->param;
2481 struct sock **sk = data;
2482 struct mgmt_rp_disconnect rp;
2484 bacpy(&rp.bdaddr, &cp->bdaddr);
2487 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, &rp, sizeof(rp));
2492 mgmt_pending_remove(cmd);
2495 static void remove_keys_rsp(struct pending_cmd *cmd, void *data)
2498 struct mgmt_cp_remove_keys *cp = cmd->param;
2499 struct mgmt_rp_remove_keys rp;
2501 memset(&rp, 0, sizeof(rp));
2502 bacpy(&rp.bdaddr, &cp->bdaddr);
2504 rp.status = *status;
2506 cmd_complete(cmd->sk, cmd->index, MGMT_OP_REMOVE_KEYS, &rp,
2509 mgmt_pending_remove(cmd);
2512 int mgmt_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2515 struct mgmt_addr_info ev;
2516 struct sock *sk = NULL;
2519 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
2521 bacpy(&ev.bdaddr, bdaddr);
2522 ev.type = link_to_mgmt(link_type, addr_type);
2524 err = mgmt_event(MGMT_EV_DISCONNECTED, hdev, &ev, sizeof(ev), sk);
2529 mgmt_pending_foreach(MGMT_OP_REMOVE_KEYS, hdev, remove_keys_rsp, NULL);
2534 int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 status)
2536 struct pending_cmd *cmd;
2537 u8 mgmt_err = mgmt_status(status);
2540 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
2545 struct mgmt_rp_disconnect rp;
2547 bacpy(&rp.bdaddr, bdaddr);
2550 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
2553 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_DISCONNECT,
2556 mgmt_pending_remove(cmd);
2561 int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2562 u8 addr_type, u8 status)
2564 struct mgmt_ev_connect_failed ev;
2566 bacpy(&ev.addr.bdaddr, bdaddr);
2567 ev.addr.type = link_to_mgmt(link_type, addr_type);
2568 ev.status = mgmt_status(status);
2570 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
2573 int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
2575 struct mgmt_ev_pin_code_request ev;
2577 bacpy(&ev.bdaddr, bdaddr);
2580 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
2584 int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2587 struct pending_cmd *cmd;
2588 struct mgmt_rp_pin_code_reply rp;
2591 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
2595 bacpy(&rp.bdaddr, bdaddr);
2596 rp.status = mgmt_status(status);
2598 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY, &rp,
2601 mgmt_pending_remove(cmd);
2606 int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2609 struct pending_cmd *cmd;
2610 struct mgmt_rp_pin_code_reply rp;
2613 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
2617 bacpy(&rp.bdaddr, bdaddr);
2618 rp.status = mgmt_status(status);
2620 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY, &rp,
2623 mgmt_pending_remove(cmd);
2628 int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
2629 __le32 value, u8 confirm_hint)
2631 struct mgmt_ev_user_confirm_request ev;
2633 BT_DBG("%s", hdev->name);
2635 bacpy(&ev.bdaddr, bdaddr);
2636 ev.confirm_hint = confirm_hint;
2637 put_unaligned_le32(value, &ev.value);
2639 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
2643 int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr)
2645 struct mgmt_ev_user_passkey_request ev;
2647 BT_DBG("%s", hdev->name);
2649 bacpy(&ev.bdaddr, bdaddr);
2651 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
2655 static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2656 u8 status, u8 opcode)
2658 struct pending_cmd *cmd;
2659 struct mgmt_rp_user_confirm_reply rp;
2662 cmd = mgmt_pending_find(opcode, hdev);
2666 bacpy(&rp.bdaddr, bdaddr);
2667 rp.status = mgmt_status(status);
2668 err = cmd_complete(cmd->sk, hdev->id, opcode, &rp, sizeof(rp));
2670 mgmt_pending_remove(cmd);
2675 int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2678 return user_pairing_resp_complete(hdev, bdaddr, status,
2679 MGMT_OP_USER_CONFIRM_REPLY);
2682 int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev,
2683 bdaddr_t *bdaddr, u8 status)
2685 return user_pairing_resp_complete(hdev, bdaddr, status,
2686 MGMT_OP_USER_CONFIRM_NEG_REPLY);
2689 int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2692 return user_pairing_resp_complete(hdev, bdaddr, status,
2693 MGMT_OP_USER_PASSKEY_REPLY);
2696 int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev,
2697 bdaddr_t *bdaddr, u8 status)
2699 return user_pairing_resp_complete(hdev, bdaddr, status,
2700 MGMT_OP_USER_PASSKEY_NEG_REPLY);
2703 int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 status)
2705 struct mgmt_ev_auth_failed ev;
2707 bacpy(&ev.bdaddr, bdaddr);
2708 ev.status = mgmt_status(status);
2710 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2713 int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
2715 struct pending_cmd *cmd;
2716 struct mgmt_cp_set_local_name ev;
2719 memset(&ev, 0, sizeof(ev));
2720 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2722 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
2727 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
2728 mgmt_status(status));
2734 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, &ev,
2740 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev, sizeof(ev),
2741 cmd ? cmd->sk : NULL);
2745 mgmt_pending_remove(cmd);
2749 int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
2750 u8 *randomizer, u8 status)
2752 struct pending_cmd *cmd;
2755 BT_DBG("%s status %u", hdev->name, status);
2757 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
2762 err = cmd_status(cmd->sk, hdev->id,
2763 MGMT_OP_READ_LOCAL_OOB_DATA,
2764 mgmt_status(status));
2766 struct mgmt_rp_read_local_oob_data rp;
2768 memcpy(rp.hash, hash, sizeof(rp.hash));
2769 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
2771 err = cmd_complete(cmd->sk, hdev->id,
2772 MGMT_OP_READ_LOCAL_OOB_DATA,
2776 mgmt_pending_remove(cmd);
2781 int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2782 u8 addr_type, u8 *dev_class, s8 rssi,
2783 u8 cfm_name, u8 *eir, u8 eir_len)
2785 struct mgmt_ev_device_found ev;
2787 if (eir_len > sizeof(ev.eir))
2790 memset(&ev, 0, sizeof(ev));
2792 bacpy(&ev.addr.bdaddr, bdaddr);
2793 ev.addr.type = link_to_mgmt(link_type, addr_type);
2795 ev.confirm_name = cfm_name;
2798 memcpy(ev.eir, eir, eir_len);
2801 memcpy(ev.dev_class, dev_class, sizeof(ev.dev_class));
2803 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, &ev, sizeof(ev), NULL);
2806 int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 *name)
2808 struct mgmt_ev_remote_name ev;
2810 memset(&ev, 0, sizeof(ev));
2812 bacpy(&ev.bdaddr, bdaddr);
2813 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2815 return mgmt_event(MGMT_EV_REMOTE_NAME, hdev, &ev, sizeof(ev), NULL);
2818 int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
2820 struct pending_cmd *cmd;
2823 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
2827 err = cmd_status(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status));
2828 mgmt_pending_remove(cmd);
2833 int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
2835 struct pending_cmd *cmd;
2838 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
2842 err = cmd_status(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status));
2843 mgmt_pending_remove(cmd);
2848 int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
2850 struct pending_cmd *cmd;
2853 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
2855 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
2858 cmd_complete(cmd->sk, hdev->id, cmd->opcode, NULL, 0);
2859 mgmt_pending_remove(cmd);
2862 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &discovering,
2863 sizeof(discovering), NULL);
2866 int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr)
2868 struct pending_cmd *cmd;
2869 struct mgmt_ev_device_blocked ev;
2871 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
2873 bacpy(&ev.bdaddr, bdaddr);
2875 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
2876 cmd ? cmd->sk : NULL);
2879 int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr)
2881 struct pending_cmd *cmd;
2882 struct mgmt_ev_device_unblocked ev;
2884 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
2886 bacpy(&ev.bdaddr, bdaddr);
2888 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
2889 cmd ? cmd->sk : NULL);
projects / linux-2.6-block.git / blob