2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI event handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
41 #include <asm/system.h>
42 #include <linux/uaccess.h>
43 #include <asm/unaligned.h>
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
48 /* Handle HCI Event packets */
50 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
52 __u8 status = *((__u8 *) skb->data);
54 BT_DBG("%s status 0x%x", hdev->name, status);
59 clear_bit(HCI_INQUIRY, &hdev->flags);
61 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
63 hci_conn_check_pending(hdev);
66 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
68 __u8 status = *((__u8 *) skb->data);
70 BT_DBG("%s status 0x%x", hdev->name, status);
75 clear_bit(HCI_INQUIRY, &hdev->flags);
77 hci_conn_check_pending(hdev);
80 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
82 BT_DBG("%s", hdev->name);
85 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
87 struct hci_rp_role_discovery *rp = (void *) skb->data;
88 struct hci_conn *conn;
90 BT_DBG("%s status 0x%x", hdev->name, rp->status);
97 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
100 conn->link_mode &= ~HCI_LM_MASTER;
102 conn->link_mode |= HCI_LM_MASTER;
105 hci_dev_unlock(hdev);
108 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
110 struct hci_rp_read_link_policy *rp = (void *) skb->data;
111 struct hci_conn *conn;
113 BT_DBG("%s status 0x%x", hdev->name, rp->status);
120 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
122 conn->link_policy = __le16_to_cpu(rp->policy);
124 hci_dev_unlock(hdev);
127 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
129 struct hci_rp_write_link_policy *rp = (void *) skb->data;
130 struct hci_conn *conn;
133 BT_DBG("%s status 0x%x", hdev->name, rp->status);
138 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
144 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
146 conn->link_policy = get_unaligned_le16(sent + 2);
148 hci_dev_unlock(hdev);
151 static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
153 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
155 BT_DBG("%s status 0x%x", hdev->name, rp->status);
160 hdev->link_policy = __le16_to_cpu(rp->policy);
163 static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
165 __u8 status = *((__u8 *) skb->data);
168 BT_DBG("%s status 0x%x", hdev->name, status);
170 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
175 hdev->link_policy = get_unaligned_le16(sent);
177 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
180 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
182 __u8 status = *((__u8 *) skb->data);
184 BT_DBG("%s status 0x%x", hdev->name, status);
186 hci_req_complete(hdev, HCI_OP_RESET, status);
189 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
191 __u8 status = *((__u8 *) skb->data);
194 BT_DBG("%s status 0x%x", hdev->name, status);
199 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
203 memcpy(hdev->dev_name, sent, 248);
206 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
208 struct hci_rp_read_local_name *rp = (void *) skb->data;
210 BT_DBG("%s status 0x%x", hdev->name, rp->status);
215 memcpy(hdev->dev_name, rp->name, 248);
218 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
220 __u8 status = *((__u8 *) skb->data);
223 BT_DBG("%s status 0x%x", hdev->name, status);
225 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
230 __u8 param = *((__u8 *) sent);
232 if (param == AUTH_ENABLED)
233 set_bit(HCI_AUTH, &hdev->flags);
235 clear_bit(HCI_AUTH, &hdev->flags);
238 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
241 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
243 __u8 status = *((__u8 *) skb->data);
246 BT_DBG("%s status 0x%x", hdev->name, status);
248 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
253 __u8 param = *((__u8 *) sent);
256 set_bit(HCI_ENCRYPT, &hdev->flags);
258 clear_bit(HCI_ENCRYPT, &hdev->flags);
261 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
264 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
266 __u8 status = *((__u8 *) skb->data);
269 BT_DBG("%s status 0x%x", hdev->name, status);
271 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
276 __u8 param = *((__u8 *) sent);
277 int old_pscan, old_iscan;
279 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
280 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
282 if (param & SCAN_INQUIRY) {
283 set_bit(HCI_ISCAN, &hdev->flags);
285 mgmt_discoverable(hdev->id, 1);
286 } else if (old_iscan)
287 mgmt_discoverable(hdev->id, 0);
289 if (param & SCAN_PAGE) {
290 set_bit(HCI_PSCAN, &hdev->flags);
292 mgmt_connectable(hdev->id, 1);
293 } else if (old_pscan)
294 mgmt_connectable(hdev->id, 0);
297 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
300 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
302 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
304 BT_DBG("%s status 0x%x", hdev->name, rp->status);
309 memcpy(hdev->dev_class, rp->dev_class, 3);
311 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
312 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
315 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
317 __u8 status = *((__u8 *) skb->data);
320 BT_DBG("%s status 0x%x", hdev->name, status);
325 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
329 memcpy(hdev->dev_class, sent, 3);
332 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
334 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
337 BT_DBG("%s status 0x%x", hdev->name, rp->status);
342 setting = __le16_to_cpu(rp->voice_setting);
344 if (hdev->voice_setting == setting)
347 hdev->voice_setting = setting;
349 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
352 tasklet_disable(&hdev->tx_task);
353 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
354 tasklet_enable(&hdev->tx_task);
358 static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
360 __u8 status = *((__u8 *) skb->data);
364 BT_DBG("%s status 0x%x", hdev->name, status);
369 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
373 setting = get_unaligned_le16(sent);
375 if (hdev->voice_setting == setting)
378 hdev->voice_setting = setting;
380 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
383 tasklet_disable(&hdev->tx_task);
384 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
385 tasklet_enable(&hdev->tx_task);
389 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
391 __u8 status = *((__u8 *) skb->data);
393 BT_DBG("%s status 0x%x", hdev->name, status);
395 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
398 static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
400 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
402 BT_DBG("%s status 0x%x", hdev->name, rp->status);
407 hdev->ssp_mode = rp->mode;
410 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
412 __u8 status = *((__u8 *) skb->data);
415 BT_DBG("%s status 0x%x", hdev->name, status);
420 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
424 hdev->ssp_mode = *((__u8 *) sent);
427 static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
429 if (hdev->features[6] & LMP_EXT_INQ)
432 if (hdev->features[3] & LMP_RSSI_INQ)
435 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
436 hdev->lmp_subver == 0x0757)
439 if (hdev->manufacturer == 15) {
440 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
442 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
444 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
448 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
449 hdev->lmp_subver == 0x1805)
455 static void hci_setup_inquiry_mode(struct hci_dev *hdev)
459 mode = hci_get_inquiry_mode(hdev);
461 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
464 static void hci_setup_event_mask(struct hci_dev *hdev)
466 /* The second byte is 0xff instead of 0x9f (two reserved bits
467 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
468 * command otherwise */
469 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
471 /* Events for 1.2 and newer controllers */
472 if (hdev->lmp_ver > 1) {
473 events[4] |= 0x01; /* Flow Specification Complete */
474 events[4] |= 0x02; /* Inquiry Result with RSSI */
475 events[4] |= 0x04; /* Read Remote Extended Features Complete */
476 events[5] |= 0x08; /* Synchronous Connection Complete */
477 events[5] |= 0x10; /* Synchronous Connection Changed */
480 if (hdev->features[3] & LMP_RSSI_INQ)
481 events[4] |= 0x04; /* Inquiry Result with RSSI */
483 if (hdev->features[5] & LMP_SNIFF_SUBR)
484 events[5] |= 0x20; /* Sniff Subrating */
486 if (hdev->features[5] & LMP_PAUSE_ENC)
487 events[5] |= 0x80; /* Encryption Key Refresh Complete */
489 if (hdev->features[6] & LMP_EXT_INQ)
490 events[5] |= 0x40; /* Extended Inquiry Result */
492 if (hdev->features[6] & LMP_NO_FLUSH)
493 events[7] |= 0x01; /* Enhanced Flush Complete */
495 if (hdev->features[7] & LMP_LSTO)
496 events[6] |= 0x80; /* Link Supervision Timeout Changed */
498 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
499 events[6] |= 0x01; /* IO Capability Request */
500 events[6] |= 0x02; /* IO Capability Response */
501 events[6] |= 0x04; /* User Confirmation Request */
502 events[6] |= 0x08; /* User Passkey Request */
503 events[6] |= 0x10; /* Remote OOB Data Request */
504 events[6] |= 0x20; /* Simple Pairing Complete */
505 events[7] |= 0x04; /* User Passkey Notification */
506 events[7] |= 0x08; /* Keypress Notification */
507 events[7] |= 0x10; /* Remote Host Supported
508 * Features Notification */
511 if (hdev->features[4] & LMP_LE)
512 events[7] |= 0x20; /* LE Meta-Event */
514 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
517 static void hci_setup(struct hci_dev *hdev)
519 hci_setup_event_mask(hdev);
521 if (hdev->lmp_ver > 1)
522 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
524 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
526 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
529 if (hdev->features[3] & LMP_RSSI_INQ)
530 hci_setup_inquiry_mode(hdev);
532 if (hdev->features[7] & LMP_INQ_TX_PWR)
533 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
536 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
538 struct hci_rp_read_local_version *rp = (void *) skb->data;
540 BT_DBG("%s status 0x%x", hdev->name, rp->status);
545 hdev->hci_ver = rp->hci_ver;
546 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
547 hdev->lmp_ver = rp->lmp_ver;
548 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
549 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
551 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
553 hdev->hci_ver, hdev->hci_rev);
555 if (test_bit(HCI_INIT, &hdev->flags))
559 static void hci_setup_link_policy(struct hci_dev *hdev)
563 if (hdev->features[0] & LMP_RSWITCH)
564 link_policy |= HCI_LP_RSWITCH;
565 if (hdev->features[0] & LMP_HOLD)
566 link_policy |= HCI_LP_HOLD;
567 if (hdev->features[0] & LMP_SNIFF)
568 link_policy |= HCI_LP_SNIFF;
569 if (hdev->features[1] & LMP_PARK)
570 link_policy |= HCI_LP_PARK;
572 link_policy = cpu_to_le16(link_policy);
573 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
574 sizeof(link_policy), &link_policy);
577 static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
579 struct hci_rp_read_local_commands *rp = (void *) skb->data;
581 BT_DBG("%s status 0x%x", hdev->name, rp->status);
586 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
588 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
589 hci_setup_link_policy(hdev);
592 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
595 static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
597 struct hci_rp_read_local_features *rp = (void *) skb->data;
599 BT_DBG("%s status 0x%x", hdev->name, rp->status);
604 memcpy(hdev->features, rp->features, 8);
606 /* Adjust default settings according to features
607 * supported by device. */
609 if (hdev->features[0] & LMP_3SLOT)
610 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
612 if (hdev->features[0] & LMP_5SLOT)
613 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
615 if (hdev->features[1] & LMP_HV2) {
616 hdev->pkt_type |= (HCI_HV2);
617 hdev->esco_type |= (ESCO_HV2);
620 if (hdev->features[1] & LMP_HV3) {
621 hdev->pkt_type |= (HCI_HV3);
622 hdev->esco_type |= (ESCO_HV3);
625 if (hdev->features[3] & LMP_ESCO)
626 hdev->esco_type |= (ESCO_EV3);
628 if (hdev->features[4] & LMP_EV4)
629 hdev->esco_type |= (ESCO_EV4);
631 if (hdev->features[4] & LMP_EV5)
632 hdev->esco_type |= (ESCO_EV5);
634 if (hdev->features[5] & LMP_EDR_ESCO_2M)
635 hdev->esco_type |= (ESCO_2EV3);
637 if (hdev->features[5] & LMP_EDR_ESCO_3M)
638 hdev->esco_type |= (ESCO_3EV3);
640 if (hdev->features[5] & LMP_EDR_3S_ESCO)
641 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
643 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
644 hdev->features[0], hdev->features[1],
645 hdev->features[2], hdev->features[3],
646 hdev->features[4], hdev->features[5],
647 hdev->features[6], hdev->features[7]);
650 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
652 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
654 BT_DBG("%s status 0x%x", hdev->name, rp->status);
659 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
660 hdev->sco_mtu = rp->sco_mtu;
661 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
662 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
664 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
669 hdev->acl_cnt = hdev->acl_pkts;
670 hdev->sco_cnt = hdev->sco_pkts;
672 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
673 hdev->acl_mtu, hdev->acl_pkts,
674 hdev->sco_mtu, hdev->sco_pkts);
677 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
679 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
681 BT_DBG("%s status 0x%x", hdev->name, rp->status);
684 bacpy(&hdev->bdaddr, &rp->bdaddr);
686 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
689 static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
691 __u8 status = *((__u8 *) skb->data);
693 BT_DBG("%s status 0x%x", hdev->name, status);
695 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
698 static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
701 __u8 status = *((__u8 *) skb->data);
703 BT_DBG("%s status 0x%x", hdev->name, status);
705 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
708 static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
710 __u8 status = *((__u8 *) skb->data);
712 BT_DBG("%s status 0x%x", hdev->name, status);
714 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
717 static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
720 __u8 status = *((__u8 *) skb->data);
722 BT_DBG("%s status 0x%x", hdev->name, status);
724 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
727 static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
730 __u8 status = *((__u8 *) skb->data);
732 BT_DBG("%s status 0x%x", hdev->name, status);
734 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
737 static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
739 __u8 status = *((__u8 *) skb->data);
741 BT_DBG("%s status 0x%x", hdev->name, status);
743 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
746 static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
748 BT_DBG("%s status 0x%x", hdev->name, status);
751 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
753 hci_conn_check_pending(hdev);
755 set_bit(HCI_INQUIRY, &hdev->flags);
758 static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
760 struct hci_cp_create_conn *cp;
761 struct hci_conn *conn;
763 BT_DBG("%s status 0x%x", hdev->name, status);
765 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
771 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
773 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
776 if (conn && conn->state == BT_CONNECT) {
777 if (status != 0x0c || conn->attempt > 2) {
778 conn->state = BT_CLOSED;
779 hci_proto_connect_cfm(conn, status);
782 conn->state = BT_CONNECT2;
786 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
789 conn->link_mode |= HCI_LM_MASTER;
791 BT_ERR("No memory for new connection");
795 hci_dev_unlock(hdev);
798 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
800 struct hci_cp_add_sco *cp;
801 struct hci_conn *acl, *sco;
804 BT_DBG("%s status 0x%x", hdev->name, status);
809 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
813 handle = __le16_to_cpu(cp->handle);
815 BT_DBG("%s handle %d", hdev->name, handle);
819 acl = hci_conn_hash_lookup_handle(hdev, handle);
820 if (acl && (sco = acl->link)) {
821 sco->state = BT_CLOSED;
823 hci_proto_connect_cfm(sco, status);
827 hci_dev_unlock(hdev);
830 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
832 struct hci_cp_auth_requested *cp;
833 struct hci_conn *conn;
835 BT_DBG("%s status 0x%x", hdev->name, status);
840 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
846 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
848 if (conn->state == BT_CONFIG) {
849 hci_proto_connect_cfm(conn, status);
854 hci_dev_unlock(hdev);
857 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
859 struct hci_cp_set_conn_encrypt *cp;
860 struct hci_conn *conn;
862 BT_DBG("%s status 0x%x", hdev->name, status);
867 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
873 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
875 if (conn->state == BT_CONFIG) {
876 hci_proto_connect_cfm(conn, status);
881 hci_dev_unlock(hdev);
884 static int hci_outgoing_auth_needed(struct hci_dev *hdev,
885 struct hci_conn *conn)
887 if (conn->state != BT_CONFIG || !conn->out)
890 if (conn->pending_sec_level == BT_SECURITY_SDP)
893 /* Only request authentication for SSP connections or non-SSP
894 * devices with sec_level HIGH */
895 if (!(hdev->ssp_mode > 0 && conn->ssp_mode > 0) &&
896 conn->pending_sec_level != BT_SECURITY_HIGH)
902 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
904 struct hci_cp_remote_name_req *cp;
905 struct hci_conn *conn;
907 BT_DBG("%s status 0x%x", hdev->name, status);
909 /* If successful wait for the name req complete event before
910 * checking for the need to do authentication */
914 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
920 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
921 if (conn && hci_outgoing_auth_needed(hdev, conn)) {
922 struct hci_cp_auth_requested cp;
923 cp.handle = __cpu_to_le16(conn->handle);
924 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
927 hci_dev_unlock(hdev);
930 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
932 struct hci_cp_read_remote_features *cp;
933 struct hci_conn *conn;
935 BT_DBG("%s status 0x%x", hdev->name, status);
940 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
946 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
948 if (conn->state == BT_CONFIG) {
949 hci_proto_connect_cfm(conn, status);
954 hci_dev_unlock(hdev);
957 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
959 struct hci_cp_read_remote_ext_features *cp;
960 struct hci_conn *conn;
962 BT_DBG("%s status 0x%x", hdev->name, status);
967 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
973 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
975 if (conn->state == BT_CONFIG) {
976 hci_proto_connect_cfm(conn, status);
981 hci_dev_unlock(hdev);
984 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
986 struct hci_cp_setup_sync_conn *cp;
987 struct hci_conn *acl, *sco;
990 BT_DBG("%s status 0x%x", hdev->name, status);
995 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
999 handle = __le16_to_cpu(cp->handle);
1001 BT_DBG("%s handle %d", hdev->name, handle);
1005 acl = hci_conn_hash_lookup_handle(hdev, handle);
1006 if (acl && (sco = acl->link)) {
1007 sco->state = BT_CLOSED;
1009 hci_proto_connect_cfm(sco, status);
1013 hci_dev_unlock(hdev);
1016 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1018 struct hci_cp_sniff_mode *cp;
1019 struct hci_conn *conn;
1021 BT_DBG("%s status 0x%x", hdev->name, status);
1026 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1032 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1034 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1036 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1037 hci_sco_setup(conn, status);
1040 hci_dev_unlock(hdev);
1043 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1045 struct hci_cp_exit_sniff_mode *cp;
1046 struct hci_conn *conn;
1048 BT_DBG("%s status 0x%x", hdev->name, status);
1053 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1059 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1061 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1063 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1064 hci_sco_setup(conn, status);
1067 hci_dev_unlock(hdev);
1070 static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1072 __u8 status = *((__u8 *) skb->data);
1074 BT_DBG("%s status %d", hdev->name, status);
1076 clear_bit(HCI_INQUIRY, &hdev->flags);
1078 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1080 hci_conn_check_pending(hdev);
1083 static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1085 struct inquiry_data data;
1086 struct inquiry_info *info = (void *) (skb->data + 1);
1087 int num_rsp = *((__u8 *) skb->data);
1089 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1096 for (; num_rsp; num_rsp--) {
1097 bacpy(&data.bdaddr, &info->bdaddr);
1098 data.pscan_rep_mode = info->pscan_rep_mode;
1099 data.pscan_period_mode = info->pscan_period_mode;
1100 data.pscan_mode = info->pscan_mode;
1101 memcpy(data.dev_class, info->dev_class, 3);
1102 data.clock_offset = info->clock_offset;
1104 data.ssp_mode = 0x00;
1106 hci_inquiry_cache_update(hdev, &data);
1109 hci_dev_unlock(hdev);
1112 static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1114 struct hci_ev_conn_complete *ev = (void *) skb->data;
1115 struct hci_conn *conn;
1117 BT_DBG("%s", hdev->name);
1121 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1123 if (ev->link_type != SCO_LINK)
1126 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1130 conn->type = SCO_LINK;
1134 conn->handle = __le16_to_cpu(ev->handle);
1136 if (conn->type == ACL_LINK) {
1137 conn->state = BT_CONFIG;
1138 hci_conn_hold(conn);
1139 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1141 conn->state = BT_CONNECTED;
1143 hci_conn_hold_device(conn);
1144 hci_conn_add_sysfs(conn);
1146 if (test_bit(HCI_AUTH, &hdev->flags))
1147 conn->link_mode |= HCI_LM_AUTH;
1149 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1150 conn->link_mode |= HCI_LM_ENCRYPT;
1152 /* Get remote features */
1153 if (conn->type == ACL_LINK) {
1154 struct hci_cp_read_remote_features cp;
1155 cp.handle = ev->handle;
1156 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1160 /* Set packet type for incoming connection */
1161 if (!conn->out && hdev->hci_ver < 3) {
1162 struct hci_cp_change_conn_ptype cp;
1163 cp.handle = ev->handle;
1164 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1165 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1169 conn->state = BT_CLOSED;
1171 if (conn->type == ACL_LINK)
1172 hci_sco_setup(conn, ev->status);
1175 hci_proto_connect_cfm(conn, ev->status);
1177 } else if (ev->link_type != ACL_LINK)
1178 hci_proto_connect_cfm(conn, ev->status);
1181 hci_dev_unlock(hdev);
1183 hci_conn_check_pending(hdev);
1186 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1188 struct hci_ev_conn_request *ev = (void *) skb->data;
1189 int mask = hdev->link_mode;
1191 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1192 batostr(&ev->bdaddr), ev->link_type);
1194 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1196 if ((mask & HCI_LM_ACCEPT) && !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
1197 /* Connection accepted */
1198 struct inquiry_entry *ie;
1199 struct hci_conn *conn;
1203 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1205 memcpy(ie->data.dev_class, ev->dev_class, 3);
1207 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1209 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1211 BT_ERR("No memory for new connection");
1212 hci_dev_unlock(hdev);
1217 memcpy(conn->dev_class, ev->dev_class, 3);
1218 conn->state = BT_CONNECT;
1220 hci_dev_unlock(hdev);
1222 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1223 struct hci_cp_accept_conn_req cp;
1225 bacpy(&cp.bdaddr, &ev->bdaddr);
1227 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1228 cp.role = 0x00; /* Become master */
1230 cp.role = 0x01; /* Remain slave */
1232 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1235 struct hci_cp_accept_sync_conn_req cp;
1237 bacpy(&cp.bdaddr, &ev->bdaddr);
1238 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1240 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1241 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1242 cp.max_latency = cpu_to_le16(0xffff);
1243 cp.content_format = cpu_to_le16(hdev->voice_setting);
1244 cp.retrans_effort = 0xff;
1246 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1250 /* Connection rejected */
1251 struct hci_cp_reject_conn_req cp;
1253 bacpy(&cp.bdaddr, &ev->bdaddr);
1255 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1259 static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1261 struct hci_ev_disconn_complete *ev = (void *) skb->data;
1262 struct hci_conn *conn;
1264 BT_DBG("%s status %d", hdev->name, ev->status);
1271 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1273 conn->state = BT_CLOSED;
1275 hci_proto_disconn_cfm(conn, ev->reason);
1279 hci_dev_unlock(hdev);
1282 static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1284 struct hci_ev_auth_complete *ev = (void *) skb->data;
1285 struct hci_conn *conn;
1287 BT_DBG("%s status %d", hdev->name, ev->status);
1291 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1294 conn->link_mode |= HCI_LM_AUTH;
1295 conn->sec_level = conn->pending_sec_level;
1297 conn->sec_level = BT_SECURITY_LOW;
1299 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1301 if (conn->state == BT_CONFIG) {
1302 if (!ev->status && hdev->ssp_mode > 0 &&
1303 conn->ssp_mode > 0) {
1304 struct hci_cp_set_conn_encrypt cp;
1305 cp.handle = ev->handle;
1307 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1310 conn->state = BT_CONNECTED;
1311 hci_proto_connect_cfm(conn, ev->status);
1315 hci_auth_cfm(conn, ev->status);
1317 hci_conn_hold(conn);
1318 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1322 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
1324 struct hci_cp_set_conn_encrypt cp;
1325 cp.handle = ev->handle;
1327 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1330 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1331 hci_encrypt_cfm(conn, ev->status, 0x00);
1336 hci_dev_unlock(hdev);
1339 static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1341 struct hci_ev_remote_name *ev = (void *) skb->data;
1342 struct hci_conn *conn;
1344 BT_DBG("%s", hdev->name);
1346 hci_conn_check_pending(hdev);
1350 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1351 if (conn && hci_outgoing_auth_needed(hdev, conn)) {
1352 struct hci_cp_auth_requested cp;
1353 cp.handle = __cpu_to_le16(conn->handle);
1354 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1357 hci_dev_unlock(hdev);
1360 static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1362 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1363 struct hci_conn *conn;
1365 BT_DBG("%s status %d", hdev->name, ev->status);
1369 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1373 /* Encryption implies authentication */
1374 conn->link_mode |= HCI_LM_AUTH;
1375 conn->link_mode |= HCI_LM_ENCRYPT;
1377 conn->link_mode &= ~HCI_LM_ENCRYPT;
1380 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1382 if (conn->state == BT_CONFIG) {
1384 conn->state = BT_CONNECTED;
1386 hci_proto_connect_cfm(conn, ev->status);
1389 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1392 hci_dev_unlock(hdev);
1395 static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1397 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
1398 struct hci_conn *conn;
1400 BT_DBG("%s status %d", hdev->name, ev->status);
1404 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1407 conn->link_mode |= HCI_LM_SECURE;
1409 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1411 hci_key_change_cfm(conn, ev->status);
1414 hci_dev_unlock(hdev);
1417 static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1419 struct hci_ev_remote_features *ev = (void *) skb->data;
1420 struct hci_conn *conn;
1422 BT_DBG("%s status %d", hdev->name, ev->status);
1426 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1431 memcpy(conn->features, ev->features, 8);
1433 if (conn->state != BT_CONFIG)
1436 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
1437 struct hci_cp_read_remote_ext_features cp;
1438 cp.handle = ev->handle;
1440 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
1446 struct hci_cp_remote_name_req cp;
1447 memset(&cp, 0, sizeof(cp));
1448 bacpy(&cp.bdaddr, &conn->dst);
1449 cp.pscan_rep_mode = 0x02;
1450 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1453 if (!hci_outgoing_auth_needed(hdev, conn)) {
1454 conn->state = BT_CONNECTED;
1455 hci_proto_connect_cfm(conn, ev->status);
1460 hci_dev_unlock(hdev);
1463 static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1465 BT_DBG("%s", hdev->name);
1468 static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1470 BT_DBG("%s", hdev->name);
1473 static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1475 struct hci_ev_cmd_complete *ev = (void *) skb->data;
1478 skb_pull(skb, sizeof(*ev));
1480 opcode = __le16_to_cpu(ev->opcode);
1483 case HCI_OP_INQUIRY_CANCEL:
1484 hci_cc_inquiry_cancel(hdev, skb);
1487 case HCI_OP_EXIT_PERIODIC_INQ:
1488 hci_cc_exit_periodic_inq(hdev, skb);
1491 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
1492 hci_cc_remote_name_req_cancel(hdev, skb);
1495 case HCI_OP_ROLE_DISCOVERY:
1496 hci_cc_role_discovery(hdev, skb);
1499 case HCI_OP_READ_LINK_POLICY:
1500 hci_cc_read_link_policy(hdev, skb);
1503 case HCI_OP_WRITE_LINK_POLICY:
1504 hci_cc_write_link_policy(hdev, skb);
1507 case HCI_OP_READ_DEF_LINK_POLICY:
1508 hci_cc_read_def_link_policy(hdev, skb);
1511 case HCI_OP_WRITE_DEF_LINK_POLICY:
1512 hci_cc_write_def_link_policy(hdev, skb);
1516 hci_cc_reset(hdev, skb);
1519 case HCI_OP_WRITE_LOCAL_NAME:
1520 hci_cc_write_local_name(hdev, skb);
1523 case HCI_OP_READ_LOCAL_NAME:
1524 hci_cc_read_local_name(hdev, skb);
1527 case HCI_OP_WRITE_AUTH_ENABLE:
1528 hci_cc_write_auth_enable(hdev, skb);
1531 case HCI_OP_WRITE_ENCRYPT_MODE:
1532 hci_cc_write_encrypt_mode(hdev, skb);
1535 case HCI_OP_WRITE_SCAN_ENABLE:
1536 hci_cc_write_scan_enable(hdev, skb);
1539 case HCI_OP_READ_CLASS_OF_DEV:
1540 hci_cc_read_class_of_dev(hdev, skb);
1543 case HCI_OP_WRITE_CLASS_OF_DEV:
1544 hci_cc_write_class_of_dev(hdev, skb);
1547 case HCI_OP_READ_VOICE_SETTING:
1548 hci_cc_read_voice_setting(hdev, skb);
1551 case HCI_OP_WRITE_VOICE_SETTING:
1552 hci_cc_write_voice_setting(hdev, skb);
1555 case HCI_OP_HOST_BUFFER_SIZE:
1556 hci_cc_host_buffer_size(hdev, skb);
1559 case HCI_OP_READ_SSP_MODE:
1560 hci_cc_read_ssp_mode(hdev, skb);
1563 case HCI_OP_WRITE_SSP_MODE:
1564 hci_cc_write_ssp_mode(hdev, skb);
1567 case HCI_OP_READ_LOCAL_VERSION:
1568 hci_cc_read_local_version(hdev, skb);
1571 case HCI_OP_READ_LOCAL_COMMANDS:
1572 hci_cc_read_local_commands(hdev, skb);
1575 case HCI_OP_READ_LOCAL_FEATURES:
1576 hci_cc_read_local_features(hdev, skb);
1579 case HCI_OP_READ_BUFFER_SIZE:
1580 hci_cc_read_buffer_size(hdev, skb);
1583 case HCI_OP_READ_BD_ADDR:
1584 hci_cc_read_bd_addr(hdev, skb);
1587 case HCI_OP_WRITE_CA_TIMEOUT:
1588 hci_cc_write_ca_timeout(hdev, skb);
1591 case HCI_OP_DELETE_STORED_LINK_KEY:
1592 hci_cc_delete_stored_link_key(hdev, skb);
1595 case HCI_OP_SET_EVENT_MASK:
1596 hci_cc_set_event_mask(hdev, skb);
1599 case HCI_OP_WRITE_INQUIRY_MODE:
1600 hci_cc_write_inquiry_mode(hdev, skb);
1603 case HCI_OP_READ_INQ_RSP_TX_POWER:
1604 hci_cc_read_inq_rsp_tx_power(hdev, skb);
1607 case HCI_OP_SET_EVENT_FLT:
1608 hci_cc_set_event_flt(hdev, skb);
1612 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1617 atomic_set(&hdev->cmd_cnt, 1);
1618 if (!skb_queue_empty(&hdev->cmd_q))
1619 tasklet_schedule(&hdev->cmd_task);
1623 static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
1625 struct hci_ev_cmd_status *ev = (void *) skb->data;
1628 skb_pull(skb, sizeof(*ev));
1630 opcode = __le16_to_cpu(ev->opcode);
1633 case HCI_OP_INQUIRY:
1634 hci_cs_inquiry(hdev, ev->status);
1637 case HCI_OP_CREATE_CONN:
1638 hci_cs_create_conn(hdev, ev->status);
1641 case HCI_OP_ADD_SCO:
1642 hci_cs_add_sco(hdev, ev->status);
1645 case HCI_OP_AUTH_REQUESTED:
1646 hci_cs_auth_requested(hdev, ev->status);
1649 case HCI_OP_SET_CONN_ENCRYPT:
1650 hci_cs_set_conn_encrypt(hdev, ev->status);
1653 case HCI_OP_REMOTE_NAME_REQ:
1654 hci_cs_remote_name_req(hdev, ev->status);
1657 case HCI_OP_READ_REMOTE_FEATURES:
1658 hci_cs_read_remote_features(hdev, ev->status);
1661 case HCI_OP_READ_REMOTE_EXT_FEATURES:
1662 hci_cs_read_remote_ext_features(hdev, ev->status);
1665 case HCI_OP_SETUP_SYNC_CONN:
1666 hci_cs_setup_sync_conn(hdev, ev->status);
1669 case HCI_OP_SNIFF_MODE:
1670 hci_cs_sniff_mode(hdev, ev->status);
1673 case HCI_OP_EXIT_SNIFF_MODE:
1674 hci_cs_exit_sniff_mode(hdev, ev->status);
1678 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1683 atomic_set(&hdev->cmd_cnt, 1);
1684 if (!skb_queue_empty(&hdev->cmd_q))
1685 tasklet_schedule(&hdev->cmd_task);
1689 static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1691 struct hci_ev_role_change *ev = (void *) skb->data;
1692 struct hci_conn *conn;
1694 BT_DBG("%s status %d", hdev->name, ev->status);
1698 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1702 conn->link_mode &= ~HCI_LM_MASTER;
1704 conn->link_mode |= HCI_LM_MASTER;
1707 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
1709 hci_role_switch_cfm(conn, ev->status, ev->role);
1712 hci_dev_unlock(hdev);
1715 static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
1717 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
1721 skb_pull(skb, sizeof(*ev));
1723 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
1725 if (skb->len < ev->num_hndl * 4) {
1726 BT_DBG("%s bad parameters", hdev->name);
1730 tasklet_disable(&hdev->tx_task);
1732 for (i = 0, ptr = (__le16 *) skb->data; i < ev->num_hndl; i++) {
1733 struct hci_conn *conn;
1734 __u16 handle, count;
1736 handle = get_unaligned_le16(ptr++);
1737 count = get_unaligned_le16(ptr++);
1739 conn = hci_conn_hash_lookup_handle(hdev, handle);
1741 conn->sent -= count;
1743 if (conn->type == ACL_LINK) {
1744 hdev->acl_cnt += count;
1745 if (hdev->acl_cnt > hdev->acl_pkts)
1746 hdev->acl_cnt = hdev->acl_pkts;
1748 hdev->sco_cnt += count;
1749 if (hdev->sco_cnt > hdev->sco_pkts)
1750 hdev->sco_cnt = hdev->sco_pkts;
1755 tasklet_schedule(&hdev->tx_task);
1757 tasklet_enable(&hdev->tx_task);
1760 static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1762 struct hci_ev_mode_change *ev = (void *) skb->data;
1763 struct hci_conn *conn;
1765 BT_DBG("%s status %d", hdev->name, ev->status);
1769 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1771 conn->mode = ev->mode;
1772 conn->interval = __le16_to_cpu(ev->interval);
1774 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
1775 if (conn->mode == HCI_CM_ACTIVE)
1776 conn->power_save = 1;
1778 conn->power_save = 0;
1781 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1782 hci_sco_setup(conn, ev->status);
1785 hci_dev_unlock(hdev);
1788 static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1790 struct hci_ev_pin_code_req *ev = (void *) skb->data;
1791 struct hci_conn *conn;
1793 BT_DBG("%s", hdev->name);
1797 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1798 if (conn && conn->state == BT_CONNECTED) {
1799 hci_conn_hold(conn);
1800 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1804 if (!test_bit(HCI_PAIRABLE, &hdev->flags))
1805 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
1806 sizeof(ev->bdaddr), &ev->bdaddr);
1808 hci_dev_unlock(hdev);
1811 static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1813 BT_DBG("%s", hdev->name);
1816 static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
1818 struct hci_ev_link_key_notify *ev = (void *) skb->data;
1819 struct hci_conn *conn;
1821 BT_DBG("%s", hdev->name);
1825 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1827 hci_conn_hold(conn);
1828 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1832 hci_dev_unlock(hdev);
1835 static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
1837 struct hci_ev_clock_offset *ev = (void *) skb->data;
1838 struct hci_conn *conn;
1840 BT_DBG("%s status %d", hdev->name, ev->status);
1844 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1845 if (conn && !ev->status) {
1846 struct inquiry_entry *ie;
1848 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
1850 ie->data.clock_offset = ev->clock_offset;
1851 ie->timestamp = jiffies;
1855 hci_dev_unlock(hdev);
1858 static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1860 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
1861 struct hci_conn *conn;
1863 BT_DBG("%s status %d", hdev->name, ev->status);
1867 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1868 if (conn && !ev->status)
1869 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
1871 hci_dev_unlock(hdev);
1874 static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
1876 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
1877 struct inquiry_entry *ie;
1879 BT_DBG("%s", hdev->name);
1883 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1885 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
1886 ie->timestamp = jiffies;
1889 hci_dev_unlock(hdev);
1892 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
1894 struct inquiry_data data;
1895 int num_rsp = *((__u8 *) skb->data);
1897 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1904 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
1905 struct inquiry_info_with_rssi_and_pscan_mode *info = (void *) (skb->data + 1);
1907 for (; num_rsp; num_rsp--) {
1908 bacpy(&data.bdaddr, &info->bdaddr);
1909 data.pscan_rep_mode = info->pscan_rep_mode;
1910 data.pscan_period_mode = info->pscan_period_mode;
1911 data.pscan_mode = info->pscan_mode;
1912 memcpy(data.dev_class, info->dev_class, 3);
1913 data.clock_offset = info->clock_offset;
1914 data.rssi = info->rssi;
1915 data.ssp_mode = 0x00;
1917 hci_inquiry_cache_update(hdev, &data);
1920 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
1922 for (; num_rsp; num_rsp--) {
1923 bacpy(&data.bdaddr, &info->bdaddr);
1924 data.pscan_rep_mode = info->pscan_rep_mode;
1925 data.pscan_period_mode = info->pscan_period_mode;
1926 data.pscan_mode = 0x00;
1927 memcpy(data.dev_class, info->dev_class, 3);
1928 data.clock_offset = info->clock_offset;
1929 data.rssi = info->rssi;
1930 data.ssp_mode = 0x00;
1932 hci_inquiry_cache_update(hdev, &data);
1936 hci_dev_unlock(hdev);
1939 static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1941 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
1942 struct hci_conn *conn;
1944 BT_DBG("%s", hdev->name);
1948 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1952 if (!ev->status && ev->page == 0x01) {
1953 struct inquiry_entry *ie;
1955 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
1957 ie->data.ssp_mode = (ev->features[0] & 0x01);
1959 conn->ssp_mode = (ev->features[0] & 0x01);
1962 if (conn->state != BT_CONFIG)
1966 struct hci_cp_remote_name_req cp;
1967 memset(&cp, 0, sizeof(cp));
1968 bacpy(&cp.bdaddr, &conn->dst);
1969 cp.pscan_rep_mode = 0x02;
1970 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1973 if (!hci_outgoing_auth_needed(hdev, conn)) {
1974 conn->state = BT_CONNECTED;
1975 hci_proto_connect_cfm(conn, ev->status);
1980 hci_dev_unlock(hdev);
1983 static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1985 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
1986 struct hci_conn *conn;
1988 BT_DBG("%s status %d", hdev->name, ev->status);
1992 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1994 if (ev->link_type == ESCO_LINK)
1997 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2001 conn->type = SCO_LINK;
2004 switch (ev->status) {
2006 conn->handle = __le16_to_cpu(ev->handle);
2007 conn->state = BT_CONNECTED;
2009 hci_conn_hold_device(conn);
2010 hci_conn_add_sysfs(conn);
2013 case 0x11: /* Unsupported Feature or Parameter Value */
2014 case 0x1c: /* SCO interval rejected */
2015 case 0x1a: /* Unsupported Remote Feature */
2016 case 0x1f: /* Unspecified error */
2017 if (conn->out && conn->attempt < 2) {
2018 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2019 (hdev->esco_type & EDR_ESCO_MASK);
2020 hci_setup_sync(conn, conn->link->handle);
2026 conn->state = BT_CLOSED;
2030 hci_proto_connect_cfm(conn, ev->status);
2035 hci_dev_unlock(hdev);
2038 static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2040 BT_DBG("%s", hdev->name);
2043 static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2045 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
2046 struct hci_conn *conn;
2048 BT_DBG("%s status %d", hdev->name, ev->status);
2052 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2056 hci_dev_unlock(hdev);
2059 static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
2061 struct inquiry_data data;
2062 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2063 int num_rsp = *((__u8 *) skb->data);
2065 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2072 for (; num_rsp; num_rsp--) {
2073 bacpy(&data.bdaddr, &info->bdaddr);
2074 data.pscan_rep_mode = info->pscan_rep_mode;
2075 data.pscan_period_mode = info->pscan_period_mode;
2076 data.pscan_mode = 0x00;
2077 memcpy(data.dev_class, info->dev_class, 3);
2078 data.clock_offset = info->clock_offset;
2079 data.rssi = info->rssi;
2080 data.ssp_mode = 0x01;
2082 hci_inquiry_cache_update(hdev, &data);
2085 hci_dev_unlock(hdev);
2088 static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2090 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2091 struct hci_conn *conn;
2093 BT_DBG("%s", hdev->name);
2097 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2101 hci_conn_hold(conn);
2103 if (!test_bit(HCI_MGMT, &hdev->flags))
2106 if (test_bit(HCI_PAIRABLE, &hdev->flags) ||
2107 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
2108 /* FIXME: Do IO capa response based on information
2109 * provided through the management interface */
2111 struct hci_cp_io_capability_neg_reply cp;
2113 bacpy(&cp.bdaddr, &ev->bdaddr);
2114 cp.reason = 0x16; /* Pairing not allowed */
2116 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
2121 hci_dev_unlock(hdev);
2124 static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
2126 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
2127 struct hci_conn *conn;
2129 BT_DBG("%s", hdev->name);
2133 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2137 hci_conn_hold(conn);
2139 conn->remote_cap = ev->capability;
2140 conn->remote_oob = ev->oob_data;
2141 conn->remote_auth = ev->authentication;
2144 hci_dev_unlock(hdev);
2147 static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2149 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
2150 struct hci_conn *conn;
2152 BT_DBG("%s", hdev->name);
2156 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2160 hci_dev_unlock(hdev);
2163 static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2165 struct hci_ev_remote_host_features *ev = (void *) skb->data;
2166 struct inquiry_entry *ie;
2168 BT_DBG("%s", hdev->name);
2172 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2174 ie->data.ssp_mode = (ev->features[0] & 0x01);
2176 hci_dev_unlock(hdev);
2179 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
2181 struct hci_event_hdr *hdr = (void *) skb->data;
2182 __u8 event = hdr->evt;
2184 skb_pull(skb, HCI_EVENT_HDR_SIZE);
2187 case HCI_EV_INQUIRY_COMPLETE:
2188 hci_inquiry_complete_evt(hdev, skb);
2191 case HCI_EV_INQUIRY_RESULT:
2192 hci_inquiry_result_evt(hdev, skb);
2195 case HCI_EV_CONN_COMPLETE:
2196 hci_conn_complete_evt(hdev, skb);
2199 case HCI_EV_CONN_REQUEST:
2200 hci_conn_request_evt(hdev, skb);
2203 case HCI_EV_DISCONN_COMPLETE:
2204 hci_disconn_complete_evt(hdev, skb);
2207 case HCI_EV_AUTH_COMPLETE:
2208 hci_auth_complete_evt(hdev, skb);
2211 case HCI_EV_REMOTE_NAME:
2212 hci_remote_name_evt(hdev, skb);
2215 case HCI_EV_ENCRYPT_CHANGE:
2216 hci_encrypt_change_evt(hdev, skb);
2219 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
2220 hci_change_link_key_complete_evt(hdev, skb);
2223 case HCI_EV_REMOTE_FEATURES:
2224 hci_remote_features_evt(hdev, skb);
2227 case HCI_EV_REMOTE_VERSION:
2228 hci_remote_version_evt(hdev, skb);
2231 case HCI_EV_QOS_SETUP_COMPLETE:
2232 hci_qos_setup_complete_evt(hdev, skb);
2235 case HCI_EV_CMD_COMPLETE:
2236 hci_cmd_complete_evt(hdev, skb);
2239 case HCI_EV_CMD_STATUS:
2240 hci_cmd_status_evt(hdev, skb);
2243 case HCI_EV_ROLE_CHANGE:
2244 hci_role_change_evt(hdev, skb);
2247 case HCI_EV_NUM_COMP_PKTS:
2248 hci_num_comp_pkts_evt(hdev, skb);
2251 case HCI_EV_MODE_CHANGE:
2252 hci_mode_change_evt(hdev, skb);
2255 case HCI_EV_PIN_CODE_REQ:
2256 hci_pin_code_request_evt(hdev, skb);
2259 case HCI_EV_LINK_KEY_REQ:
2260 hci_link_key_request_evt(hdev, skb);
2263 case HCI_EV_LINK_KEY_NOTIFY:
2264 hci_link_key_notify_evt(hdev, skb);
2267 case HCI_EV_CLOCK_OFFSET:
2268 hci_clock_offset_evt(hdev, skb);
2271 case HCI_EV_PKT_TYPE_CHANGE:
2272 hci_pkt_type_change_evt(hdev, skb);
2275 case HCI_EV_PSCAN_REP_MODE:
2276 hci_pscan_rep_mode_evt(hdev, skb);
2279 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
2280 hci_inquiry_result_with_rssi_evt(hdev, skb);
2283 case HCI_EV_REMOTE_EXT_FEATURES:
2284 hci_remote_ext_features_evt(hdev, skb);
2287 case HCI_EV_SYNC_CONN_COMPLETE:
2288 hci_sync_conn_complete_evt(hdev, skb);
2291 case HCI_EV_SYNC_CONN_CHANGED:
2292 hci_sync_conn_changed_evt(hdev, skb);
2295 case HCI_EV_SNIFF_SUBRATE:
2296 hci_sniff_subrate_evt(hdev, skb);
2299 case HCI_EV_EXTENDED_INQUIRY_RESULT:
2300 hci_extended_inquiry_result_evt(hdev, skb);
2303 case HCI_EV_IO_CAPA_REQUEST:
2304 hci_io_capa_request_evt(hdev, skb);
2307 case HCI_EV_IO_CAPA_REPLY:
2308 hci_io_capa_reply_evt(hdev, skb);
2311 case HCI_EV_SIMPLE_PAIR_COMPLETE:
2312 hci_simple_pair_complete_evt(hdev, skb);
2315 case HCI_EV_REMOTE_HOST_FEATURES:
2316 hci_remote_host_features_evt(hdev, skb);
2320 BT_DBG("%s event 0x%x", hdev->name, event);
2325 hdev->stat.evt_rx++;
2328 /* Generate internal stack event */
2329 void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
2331 struct hci_event_hdr *hdr;
2332 struct hci_ev_stack_internal *ev;
2333 struct sk_buff *skb;
2335 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
2339 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
2340 hdr->evt = HCI_EV_STACK_INTERNAL;
2341 hdr->plen = sizeof(*ev) + dlen;
2343 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
2345 memcpy(ev->data, data, dlen);
2347 bt_cb(skb)->incoming = 1;
2348 __net_timestamp(skb);
2350 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
2351 skb->dev = (void *) hdev;
2352 hci_send_to_sock(hdev, skb, NULL);
Code Review / linux-2.6.git / blob