2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI event handling. */
27 #include <asm/unaligned.h>
29 #include <net/bluetooth/bluetooth.h>
30 #include <net/bluetooth/hci_core.h>
31 #include <net/bluetooth/mgmt.h>
32 #include <net/bluetooth/a2mp.h>
33 #include <net/bluetooth/amp.h>
35 /* Handle HCI Event packets */
37 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
39 __u8 status = *((__u8 *) skb->data);
41 BT_DBG("%s status 0x%2.2x", hdev->name, status);
45 mgmt_stop_discovery_failed(hdev, status);
50 clear_bit(HCI_INQUIRY, &hdev->flags);
53 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
56 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
58 hci_conn_check_pending(hdev);
61 static void hci_cc_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
63 __u8 status = *((__u8 *) skb->data);
65 BT_DBG("%s status 0x%2.2x", hdev->name, status);
70 set_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
73 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
75 __u8 status = *((__u8 *) skb->data);
77 BT_DBG("%s status 0x%2.2x", hdev->name, status);
82 clear_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
84 hci_conn_check_pending(hdev);
87 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev,
90 BT_DBG("%s", hdev->name);
93 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
95 struct hci_rp_role_discovery *rp = (void *) skb->data;
96 struct hci_conn *conn;
98 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
105 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
108 conn->link_mode &= ~HCI_LM_MASTER;
110 conn->link_mode |= HCI_LM_MASTER;
113 hci_dev_unlock(hdev);
116 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
118 struct hci_rp_read_link_policy *rp = (void *) skb->data;
119 struct hci_conn *conn;
121 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
128 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
130 conn->link_policy = __le16_to_cpu(rp->policy);
132 hci_dev_unlock(hdev);
135 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
137 struct hci_rp_write_link_policy *rp = (void *) skb->data;
138 struct hci_conn *conn;
141 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
146 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
152 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
154 conn->link_policy = get_unaligned_le16(sent + 2);
156 hci_dev_unlock(hdev);
159 static void hci_cc_read_def_link_policy(struct hci_dev *hdev,
162 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
164 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
169 hdev->link_policy = __le16_to_cpu(rp->policy);
172 static void hci_cc_write_def_link_policy(struct hci_dev *hdev,
175 __u8 status = *((__u8 *) skb->data);
178 BT_DBG("%s status 0x%2.2x", hdev->name, status);
180 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
185 hdev->link_policy = get_unaligned_le16(sent);
187 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
190 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
192 __u8 status = *((__u8 *) skb->data);
194 BT_DBG("%s status 0x%2.2x", hdev->name, status);
196 clear_bit(HCI_RESET, &hdev->flags);
198 hci_req_complete(hdev, HCI_OP_RESET, status);
200 /* Reset all non-persistent flags */
201 hdev->dev_flags &= ~(BIT(HCI_LE_SCAN) | BIT(HCI_PENDING_CLASS) |
202 BIT(HCI_PERIODIC_INQ));
204 hdev->discovery.state = DISCOVERY_STOPPED;
207 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
209 __u8 status = *((__u8 *) skb->data);
212 BT_DBG("%s status 0x%2.2x", hdev->name, status);
214 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
220 if (test_bit(HCI_MGMT, &hdev->dev_flags))
221 mgmt_set_local_name_complete(hdev, sent, status);
223 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
225 hci_dev_unlock(hdev);
227 hci_req_complete(hdev, HCI_OP_WRITE_LOCAL_NAME, status);
230 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
232 struct hci_rp_read_local_name *rp = (void *) skb->data;
234 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
239 if (test_bit(HCI_SETUP, &hdev->dev_flags))
240 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
243 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
245 __u8 status = *((__u8 *) skb->data);
248 BT_DBG("%s status 0x%2.2x", hdev->name, status);
250 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
255 __u8 param = *((__u8 *) sent);
257 if (param == AUTH_ENABLED)
258 set_bit(HCI_AUTH, &hdev->flags);
260 clear_bit(HCI_AUTH, &hdev->flags);
263 if (test_bit(HCI_MGMT, &hdev->dev_flags))
264 mgmt_auth_enable_complete(hdev, status);
266 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
269 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
271 __u8 status = *((__u8 *) skb->data);
274 BT_DBG("%s status 0x%2.2x", hdev->name, status);
276 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
281 __u8 param = *((__u8 *) sent);
284 set_bit(HCI_ENCRYPT, &hdev->flags);
286 clear_bit(HCI_ENCRYPT, &hdev->flags);
289 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
292 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
294 __u8 param, status = *((__u8 *) skb->data);
295 int old_pscan, old_iscan;
298 BT_DBG("%s status 0x%2.2x", hdev->name, status);
300 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
304 param = *((__u8 *) sent);
309 mgmt_write_scan_failed(hdev, param, status);
310 hdev->discov_timeout = 0;
314 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
315 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
317 if (param & SCAN_INQUIRY) {
318 set_bit(HCI_ISCAN, &hdev->flags);
320 mgmt_discoverable(hdev, 1);
321 if (hdev->discov_timeout > 0) {
322 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
323 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
326 } else if (old_iscan)
327 mgmt_discoverable(hdev, 0);
329 if (param & SCAN_PAGE) {
330 set_bit(HCI_PSCAN, &hdev->flags);
332 mgmt_connectable(hdev, 1);
333 } else if (old_pscan)
334 mgmt_connectable(hdev, 0);
337 hci_dev_unlock(hdev);
338 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
341 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
343 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
345 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
350 memcpy(hdev->dev_class, rp->dev_class, 3);
352 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
353 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
356 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
358 __u8 status = *((__u8 *) skb->data);
361 BT_DBG("%s status 0x%2.2x", hdev->name, status);
363 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
370 memcpy(hdev->dev_class, sent, 3);
372 if (test_bit(HCI_MGMT, &hdev->dev_flags))
373 mgmt_set_class_of_dev_complete(hdev, sent, status);
375 hci_dev_unlock(hdev);
378 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
380 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
383 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
388 setting = __le16_to_cpu(rp->voice_setting);
390 if (hdev->voice_setting == setting)
393 hdev->voice_setting = setting;
395 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
398 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
401 static void hci_cc_write_voice_setting(struct hci_dev *hdev,
404 __u8 status = *((__u8 *) skb->data);
408 BT_DBG("%s status 0x%2.2x", hdev->name, status);
413 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
417 setting = get_unaligned_le16(sent);
419 if (hdev->voice_setting == setting)
422 hdev->voice_setting = setting;
424 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
427 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
430 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
432 __u8 status = *((__u8 *) skb->data);
434 BT_DBG("%s status 0x%2.2x", hdev->name, status);
436 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
439 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
441 __u8 status = *((__u8 *) skb->data);
442 struct hci_cp_write_ssp_mode *sent;
444 BT_DBG("%s status 0x%2.2x", hdev->name, status);
446 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
452 hdev->host_features[0] |= LMP_HOST_SSP;
454 hdev->host_features[0] &= ~LMP_HOST_SSP;
457 if (test_bit(HCI_MGMT, &hdev->dev_flags))
458 mgmt_ssp_enable_complete(hdev, sent->mode, status);
461 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
463 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
467 static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
469 if (lmp_ext_inq_capable(hdev))
472 if (lmp_inq_rssi_capable(hdev))
475 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
476 hdev->lmp_subver == 0x0757)
479 if (hdev->manufacturer == 15) {
480 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
482 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
484 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
488 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
489 hdev->lmp_subver == 0x1805)
495 static void hci_setup_inquiry_mode(struct hci_dev *hdev)
499 mode = hci_get_inquiry_mode(hdev);
501 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
504 static void hci_setup_event_mask(struct hci_dev *hdev)
506 /* The second byte is 0xff instead of 0x9f (two reserved bits
507 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
508 * command otherwise */
509 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
511 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
512 * any event mask for pre 1.2 devices */
513 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
516 if (lmp_bredr_capable(hdev)) {
517 events[4] |= 0x01; /* Flow Specification Complete */
518 events[4] |= 0x02; /* Inquiry Result with RSSI */
519 events[4] |= 0x04; /* Read Remote Extended Features Complete */
520 events[5] |= 0x08; /* Synchronous Connection Complete */
521 events[5] |= 0x10; /* Synchronous Connection Changed */
524 if (lmp_inq_rssi_capable(hdev))
525 events[4] |= 0x02; /* Inquiry Result with RSSI */
527 if (lmp_sniffsubr_capable(hdev))
528 events[5] |= 0x20; /* Sniff Subrating */
530 if (lmp_pause_enc_capable(hdev))
531 events[5] |= 0x80; /* Encryption Key Refresh Complete */
533 if (lmp_ext_inq_capable(hdev))
534 events[5] |= 0x40; /* Extended Inquiry Result */
536 if (lmp_no_flush_capable(hdev))
537 events[7] |= 0x01; /* Enhanced Flush Complete */
539 if (lmp_lsto_capable(hdev))
540 events[6] |= 0x80; /* Link Supervision Timeout Changed */
542 if (lmp_ssp_capable(hdev)) {
543 events[6] |= 0x01; /* IO Capability Request */
544 events[6] |= 0x02; /* IO Capability Response */
545 events[6] |= 0x04; /* User Confirmation Request */
546 events[6] |= 0x08; /* User Passkey Request */
547 events[6] |= 0x10; /* Remote OOB Data Request */
548 events[6] |= 0x20; /* Simple Pairing Complete */
549 events[7] |= 0x04; /* User Passkey Notification */
550 events[7] |= 0x08; /* Keypress Notification */
551 events[7] |= 0x10; /* Remote Host Supported
552 * Features Notification */
555 if (lmp_le_capable(hdev))
556 events[7] |= 0x20; /* LE Meta-Event */
558 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
560 if (lmp_le_capable(hdev)) {
561 memset(events, 0, sizeof(events));
563 hci_send_cmd(hdev, HCI_OP_LE_SET_EVENT_MASK,
564 sizeof(events), events);
568 static void bredr_setup(struct hci_dev *hdev)
570 struct hci_cp_delete_stored_link_key cp;
574 /* Read Buffer Size (ACL mtu, max pkt, etc.) */
575 hci_send_cmd(hdev, HCI_OP_READ_BUFFER_SIZE, 0, NULL);
577 /* Read Class of Device */
578 hci_send_cmd(hdev, HCI_OP_READ_CLASS_OF_DEV, 0, NULL);
580 /* Read Local Name */
581 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_NAME, 0, NULL);
583 /* Read Voice Setting */
584 hci_send_cmd(hdev, HCI_OP_READ_VOICE_SETTING, 0, NULL);
586 /* Clear Event Filters */
587 flt_type = HCI_FLT_CLEAR_ALL;
588 hci_send_cmd(hdev, HCI_OP_SET_EVENT_FLT, 1, &flt_type);
590 /* Connection accept timeout ~20 secs */
591 param = __constant_cpu_to_le16(0x7d00);
592 hci_send_cmd(hdev, HCI_OP_WRITE_CA_TIMEOUT, 2, ¶m);
594 bacpy(&cp.bdaddr, BDADDR_ANY);
596 hci_send_cmd(hdev, HCI_OP_DELETE_STORED_LINK_KEY, sizeof(cp), &cp);
599 static void le_setup(struct hci_dev *hdev)
601 /* Read LE Buffer Size */
602 hci_send_cmd(hdev, HCI_OP_LE_READ_BUFFER_SIZE, 0, NULL);
604 /* Read LE Advertising Channel TX Power */
605 hci_send_cmd(hdev, HCI_OP_LE_READ_ADV_TX_POWER, 0, NULL);
608 static void hci_setup(struct hci_dev *hdev)
610 if (hdev->dev_type != HCI_BREDR)
613 /* Read BD Address */
614 hci_send_cmd(hdev, HCI_OP_READ_BD_ADDR, 0, NULL);
616 if (lmp_bredr_capable(hdev))
619 if (lmp_le_capable(hdev))
622 hci_setup_event_mask(hdev);
624 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
625 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
627 if (lmp_ssp_capable(hdev)) {
628 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
630 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE,
631 sizeof(mode), &mode);
633 struct hci_cp_write_eir cp;
635 memset(hdev->eir, 0, sizeof(hdev->eir));
636 memset(&cp, 0, sizeof(cp));
638 hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
642 if (lmp_inq_rssi_capable(hdev))
643 hci_setup_inquiry_mode(hdev);
645 if (lmp_inq_tx_pwr_capable(hdev))
646 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
648 if (lmp_ext_feat_capable(hdev)) {
649 struct hci_cp_read_local_ext_features cp;
652 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp),
656 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags)) {
658 hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(enable),
663 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
665 struct hci_rp_read_local_version *rp = (void *) skb->data;
667 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
672 hdev->hci_ver = rp->hci_ver;
673 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
674 hdev->lmp_ver = rp->lmp_ver;
675 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
676 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
678 BT_DBG("%s manufacturer 0x%4.4x hci ver %d:%d", hdev->name,
679 hdev->manufacturer, hdev->hci_ver, hdev->hci_rev);
681 if (test_bit(HCI_INIT, &hdev->flags))
685 hci_req_complete(hdev, HCI_OP_READ_LOCAL_VERSION, rp->status);
688 static void hci_setup_link_policy(struct hci_dev *hdev)
690 struct hci_cp_write_def_link_policy cp;
693 if (lmp_rswitch_capable(hdev))
694 link_policy |= HCI_LP_RSWITCH;
695 if (lmp_hold_capable(hdev))
696 link_policy |= HCI_LP_HOLD;
697 if (lmp_sniff_capable(hdev))
698 link_policy |= HCI_LP_SNIFF;
699 if (lmp_park_capable(hdev))
700 link_policy |= HCI_LP_PARK;
702 cp.policy = cpu_to_le16(link_policy);
703 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, sizeof(cp), &cp);
706 static void hci_cc_read_local_commands(struct hci_dev *hdev,
709 struct hci_rp_read_local_commands *rp = (void *) skb->data;
711 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
716 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
718 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
719 hci_setup_link_policy(hdev);
722 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
725 static void hci_cc_read_local_features(struct hci_dev *hdev,
728 struct hci_rp_read_local_features *rp = (void *) skb->data;
730 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
735 memcpy(hdev->features, rp->features, 8);
737 /* Adjust default settings according to features
738 * supported by device. */
740 if (hdev->features[0] & LMP_3SLOT)
741 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
743 if (hdev->features[0] & LMP_5SLOT)
744 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
746 if (hdev->features[1] & LMP_HV2) {
747 hdev->pkt_type |= (HCI_HV2);
748 hdev->esco_type |= (ESCO_HV2);
751 if (hdev->features[1] & LMP_HV3) {
752 hdev->pkt_type |= (HCI_HV3);
753 hdev->esco_type |= (ESCO_HV3);
756 if (lmp_esco_capable(hdev))
757 hdev->esco_type |= (ESCO_EV3);
759 if (hdev->features[4] & LMP_EV4)
760 hdev->esco_type |= (ESCO_EV4);
762 if (hdev->features[4] & LMP_EV5)
763 hdev->esco_type |= (ESCO_EV5);
765 if (hdev->features[5] & LMP_EDR_ESCO_2M)
766 hdev->esco_type |= (ESCO_2EV3);
768 if (hdev->features[5] & LMP_EDR_ESCO_3M)
769 hdev->esco_type |= (ESCO_3EV3);
771 if (hdev->features[5] & LMP_EDR_3S_ESCO)
772 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
774 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
775 hdev->features[0], hdev->features[1],
776 hdev->features[2], hdev->features[3],
777 hdev->features[4], hdev->features[5],
778 hdev->features[6], hdev->features[7]);
781 static void hci_set_le_support(struct hci_dev *hdev)
783 struct hci_cp_write_le_host_supported cp;
785 memset(&cp, 0, sizeof(cp));
787 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
789 cp.simul = !!lmp_le_br_capable(hdev);
792 if (cp.le != !!lmp_host_le_capable(hdev))
793 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp),
797 static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
800 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
802 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
809 memcpy(hdev->features, rp->features, 8);
812 memcpy(hdev->host_features, rp->features, 8);
816 if (test_bit(HCI_INIT, &hdev->flags) && lmp_le_capable(hdev))
817 hci_set_le_support(hdev);
820 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
823 static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
826 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
828 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
833 hdev->flow_ctl_mode = rp->mode;
835 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
838 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
840 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
842 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
847 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
848 hdev->sco_mtu = rp->sco_mtu;
849 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
850 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
852 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
857 hdev->acl_cnt = hdev->acl_pkts;
858 hdev->sco_cnt = hdev->sco_pkts;
860 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu,
861 hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts);
864 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
866 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
868 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
871 bacpy(&hdev->bdaddr, &rp->bdaddr);
873 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
876 static void hci_cc_read_data_block_size(struct hci_dev *hdev,
879 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
881 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
886 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
887 hdev->block_len = __le16_to_cpu(rp->block_len);
888 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
890 hdev->block_cnt = hdev->num_blocks;
892 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
893 hdev->block_cnt, hdev->block_len);
895 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
898 static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
900 __u8 status = *((__u8 *) skb->data);
902 BT_DBG("%s status 0x%2.2x", hdev->name, status);
904 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
907 static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
910 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
912 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
917 hdev->amp_status = rp->amp_status;
918 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
919 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
920 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
921 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
922 hdev->amp_type = rp->amp_type;
923 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
924 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
925 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
926 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
928 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
931 a2mp_send_getinfo_rsp(hdev);
934 static void hci_cc_read_local_amp_assoc(struct hci_dev *hdev,
937 struct hci_rp_read_local_amp_assoc *rp = (void *) skb->data;
938 struct amp_assoc *assoc = &hdev->loc_assoc;
939 size_t rem_len, frag_len;
941 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
946 frag_len = skb->len - sizeof(*rp);
947 rem_len = __le16_to_cpu(rp->rem_len);
949 if (rem_len > frag_len) {
950 BT_DBG("frag_len %zu rem_len %zu", frag_len, rem_len);
952 memcpy(assoc->data + assoc->offset, rp->frag, frag_len);
953 assoc->offset += frag_len;
955 /* Read other fragments */
956 amp_read_loc_assoc_frag(hdev, rp->phy_handle);
961 memcpy(assoc->data + assoc->offset, rp->frag, rem_len);
962 assoc->len = assoc->offset + rem_len;
966 /* Send A2MP Rsp when all fragments are received */
967 a2mp_send_getampassoc_rsp(hdev, rp->status);
968 a2mp_send_create_phy_link_req(hdev, rp->status);
971 static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
974 __u8 status = *((__u8 *) skb->data);
976 BT_DBG("%s status 0x%2.2x", hdev->name, status);
978 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
981 static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
983 __u8 status = *((__u8 *) skb->data);
985 BT_DBG("%s status 0x%2.2x", hdev->name, status);
987 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
990 static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
993 __u8 status = *((__u8 *) skb->data);
995 BT_DBG("%s status 0x%2.2x", hdev->name, status);
997 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
1000 static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
1001 struct sk_buff *skb)
1003 struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data;
1005 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1008 hdev->inq_tx_power = rp->tx_power;
1010 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, rp->status);
1013 static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
1015 __u8 status = *((__u8 *) skb->data);
1017 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1019 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
1022 static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
1024 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
1025 struct hci_cp_pin_code_reply *cp;
1026 struct hci_conn *conn;
1028 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1032 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1033 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
1038 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
1042 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1044 conn->pin_length = cp->pin_len;
1047 hci_dev_unlock(hdev);
1050 static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1052 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
1054 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1058 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1059 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
1062 hci_dev_unlock(hdev);
1065 static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
1066 struct sk_buff *skb)
1068 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
1070 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1075 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
1076 hdev->le_pkts = rp->le_max_pkt;
1078 hdev->le_cnt = hdev->le_pkts;
1080 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
1082 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
1085 static void hci_cc_le_read_adv_tx_power(struct hci_dev *hdev,
1086 struct sk_buff *skb)
1088 struct hci_rp_le_read_adv_tx_power *rp = (void *) skb->data;
1090 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1093 hdev->adv_tx_power = rp->tx_power;
1095 hci_req_complete(hdev, HCI_OP_LE_READ_ADV_TX_POWER, rp->status);
1098 static void hci_cc_le_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
1100 __u8 status = *((__u8 *) skb->data);
1102 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1104 hci_req_complete(hdev, HCI_OP_LE_SET_EVENT_MASK, status);
1107 static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
1109 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1111 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1115 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1116 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0,
1119 hci_dev_unlock(hdev);
1122 static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
1123 struct sk_buff *skb)
1125 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1127 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1131 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1132 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
1133 ACL_LINK, 0, rp->status);
1135 hci_dev_unlock(hdev);
1138 static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
1140 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1142 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1146 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1147 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
1150 hci_dev_unlock(hdev);
1153 static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
1154 struct sk_buff *skb)
1156 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1158 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1162 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1163 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
1164 ACL_LINK, 0, rp->status);
1166 hci_dev_unlock(hdev);
1169 static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
1170 struct sk_buff *skb)
1172 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1174 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1177 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
1178 rp->randomizer, rp->status);
1179 hci_dev_unlock(hdev);
1182 static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1184 __u8 status = *((__u8 *) skb->data);
1186 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1188 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_PARAM, status);
1192 mgmt_start_discovery_failed(hdev, status);
1193 hci_dev_unlock(hdev);
1198 static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1199 struct sk_buff *skb)
1201 struct hci_cp_le_set_scan_enable *cp;
1202 __u8 status = *((__u8 *) skb->data);
1204 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1206 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1210 switch (cp->enable) {
1211 case LE_SCANNING_ENABLED:
1212 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_ENABLE, status);
1216 mgmt_start_discovery_failed(hdev, status);
1217 hci_dev_unlock(hdev);
1221 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1224 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
1225 hci_dev_unlock(hdev);
1228 case LE_SCANNING_DISABLED:
1231 mgmt_stop_discovery_failed(hdev, status);
1232 hci_dev_unlock(hdev);
1236 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1238 if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED &&
1239 hdev->discovery.state == DISCOVERY_FINDING) {
1240 mgmt_interleaved_discovery(hdev);
1243 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1244 hci_dev_unlock(hdev);
1250 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1255 static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1257 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1259 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1264 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1267 static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1269 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1271 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1276 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1279 static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1280 struct sk_buff *skb)
1282 struct hci_cp_write_le_host_supported *sent;
1283 __u8 status = *((__u8 *) skb->data);
1285 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1287 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED);
1293 hdev->host_features[0] |= LMP_HOST_LE;
1295 hdev->host_features[0] &= ~LMP_HOST_LE;
1298 hdev->host_features[0] |= LMP_HOST_LE_BREDR;
1300 hdev->host_features[0] &= ~LMP_HOST_LE_BREDR;
1303 if (test_bit(HCI_MGMT, &hdev->dev_flags) &&
1304 !test_bit(HCI_INIT, &hdev->flags))
1305 mgmt_le_enable_complete(hdev, sent->le, status);
1307 hci_req_complete(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, status);
1310 static void hci_cc_write_remote_amp_assoc(struct hci_dev *hdev,
1311 struct sk_buff *skb)
1313 struct hci_rp_write_remote_amp_assoc *rp = (void *) skb->data;
1315 BT_DBG("%s status 0x%2.2x phy_handle 0x%2.2x",
1316 hdev->name, rp->status, rp->phy_handle);
1321 amp_write_rem_assoc_continue(hdev, rp->phy_handle);
1324 static void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
1326 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1329 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1330 hci_conn_check_pending(hdev);
1332 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1333 mgmt_start_discovery_failed(hdev, status);
1334 hci_dev_unlock(hdev);
1338 set_bit(HCI_INQUIRY, &hdev->flags);
1341 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
1342 hci_dev_unlock(hdev);
1345 static void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1347 struct hci_cp_create_conn *cp;
1348 struct hci_conn *conn;
1350 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1352 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1358 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1360 BT_DBG("%s bdaddr %pMR hcon %p", hdev->name, &cp->bdaddr, conn);
1363 if (conn && conn->state == BT_CONNECT) {
1364 if (status != 0x0c || conn->attempt > 2) {
1365 conn->state = BT_CLOSED;
1366 hci_proto_connect_cfm(conn, status);
1369 conn->state = BT_CONNECT2;
1373 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1376 conn->link_mode |= HCI_LM_MASTER;
1378 BT_ERR("No memory for new connection");
1382 hci_dev_unlock(hdev);
1385 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1387 struct hci_cp_add_sco *cp;
1388 struct hci_conn *acl, *sco;
1391 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1396 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1400 handle = __le16_to_cpu(cp->handle);
1402 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
1406 acl = hci_conn_hash_lookup_handle(hdev, handle);
1410 sco->state = BT_CLOSED;
1412 hci_proto_connect_cfm(sco, status);
1417 hci_dev_unlock(hdev);
1420 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1422 struct hci_cp_auth_requested *cp;
1423 struct hci_conn *conn;
1425 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1430 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1436 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1438 if (conn->state == BT_CONFIG) {
1439 hci_proto_connect_cfm(conn, status);
1444 hci_dev_unlock(hdev);
1447 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1449 struct hci_cp_set_conn_encrypt *cp;
1450 struct hci_conn *conn;
1452 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1457 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1463 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1465 if (conn->state == BT_CONFIG) {
1466 hci_proto_connect_cfm(conn, status);
1471 hci_dev_unlock(hdev);
1474 static int hci_outgoing_auth_needed(struct hci_dev *hdev,
1475 struct hci_conn *conn)
1477 if (conn->state != BT_CONFIG || !conn->out)
1480 if (conn->pending_sec_level == BT_SECURITY_SDP)
1483 /* Only request authentication for SSP connections or non-SSP
1484 * devices with sec_level HIGH or if MITM protection is requested */
1485 if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) &&
1486 conn->pending_sec_level != BT_SECURITY_HIGH)
1492 static int hci_resolve_name(struct hci_dev *hdev,
1493 struct inquiry_entry *e)
1495 struct hci_cp_remote_name_req cp;
1497 memset(&cp, 0, sizeof(cp));
1499 bacpy(&cp.bdaddr, &e->data.bdaddr);
1500 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1501 cp.pscan_mode = e->data.pscan_mode;
1502 cp.clock_offset = e->data.clock_offset;
1504 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1507 static bool hci_resolve_next_name(struct hci_dev *hdev)
1509 struct discovery_state *discov = &hdev->discovery;
1510 struct inquiry_entry *e;
1512 if (list_empty(&discov->resolve))
1515 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1519 if (hci_resolve_name(hdev, e) == 0) {
1520 e->name_state = NAME_PENDING;
1527 static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
1528 bdaddr_t *bdaddr, u8 *name, u8 name_len)
1530 struct discovery_state *discov = &hdev->discovery;
1531 struct inquiry_entry *e;
1533 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
1534 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00, 0, name,
1535 name_len, conn->dev_class);
1537 if (discov->state == DISCOVERY_STOPPED)
1540 if (discov->state == DISCOVERY_STOPPING)
1541 goto discov_complete;
1543 if (discov->state != DISCOVERY_RESOLVING)
1546 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
1547 /* If the device was not found in a list of found devices names of which
1548 * are pending. there is no need to continue resolving a next name as it
1549 * will be done upon receiving another Remote Name Request Complete
1556 e->name_state = NAME_KNOWN;
1557 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1558 e->data.rssi, name, name_len);
1560 e->name_state = NAME_NOT_KNOWN;
1563 if (hci_resolve_next_name(hdev))
1567 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1570 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1572 struct hci_cp_remote_name_req *cp;
1573 struct hci_conn *conn;
1575 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1577 /* If successful wait for the name req complete event before
1578 * checking for the need to do authentication */
1582 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1588 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1590 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1591 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
1596 if (!hci_outgoing_auth_needed(hdev, conn))
1599 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
1600 struct hci_cp_auth_requested cp;
1601 cp.handle = __cpu_to_le16(conn->handle);
1602 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1606 hci_dev_unlock(hdev);
1609 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1611 struct hci_cp_read_remote_features *cp;
1612 struct hci_conn *conn;
1614 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1619 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1625 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1627 if (conn->state == BT_CONFIG) {
1628 hci_proto_connect_cfm(conn, status);
1633 hci_dev_unlock(hdev);
1636 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1638 struct hci_cp_read_remote_ext_features *cp;
1639 struct hci_conn *conn;
1641 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1646 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1652 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1654 if (conn->state == BT_CONFIG) {
1655 hci_proto_connect_cfm(conn, status);
1660 hci_dev_unlock(hdev);
1663 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1665 struct hci_cp_setup_sync_conn *cp;
1666 struct hci_conn *acl, *sco;
1669 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1674 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1678 handle = __le16_to_cpu(cp->handle);
1680 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
1684 acl = hci_conn_hash_lookup_handle(hdev, handle);
1688 sco->state = BT_CLOSED;
1690 hci_proto_connect_cfm(sco, status);
1695 hci_dev_unlock(hdev);
1698 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1700 struct hci_cp_sniff_mode *cp;
1701 struct hci_conn *conn;
1703 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1708 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1714 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1716 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1718 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
1719 hci_sco_setup(conn, status);
1722 hci_dev_unlock(hdev);
1725 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1727 struct hci_cp_exit_sniff_mode *cp;
1728 struct hci_conn *conn;
1730 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1735 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1741 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1743 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1745 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
1746 hci_sco_setup(conn, status);
1749 hci_dev_unlock(hdev);
1752 static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1754 struct hci_cp_disconnect *cp;
1755 struct hci_conn *conn;
1760 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
1766 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1768 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
1769 conn->dst_type, status);
1771 hci_dev_unlock(hdev);
1774 static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1776 struct hci_conn *conn;
1778 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1783 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
1785 hci_dev_unlock(hdev);
1789 BT_DBG("%s bdaddr %pMR conn %p", hdev->name, &conn->dst, conn);
1791 conn->state = BT_CLOSED;
1792 mgmt_connect_failed(hdev, &conn->dst, conn->type,
1793 conn->dst_type, status);
1794 hci_proto_connect_cfm(conn, status);
1797 hci_dev_unlock(hdev);
1801 static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1803 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1806 static void hci_cs_create_phylink(struct hci_dev *hdev, u8 status)
1808 struct hci_cp_create_phy_link *cp;
1810 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1815 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_PHY_LINK);
1819 amp_write_remote_assoc(hdev, cp->phy_handle);
1822 static void hci_cs_accept_phylink(struct hci_dev *hdev, u8 status)
1824 struct hci_cp_accept_phy_link *cp;
1826 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1831 cp = hci_sent_cmd_data(hdev, HCI_OP_ACCEPT_PHY_LINK);
1835 amp_write_remote_assoc(hdev, cp->phy_handle);
1838 static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1840 __u8 status = *((__u8 *) skb->data);
1841 struct discovery_state *discov = &hdev->discovery;
1842 struct inquiry_entry *e;
1844 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1846 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1848 hci_conn_check_pending(hdev);
1850 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1853 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
1858 if (discov->state != DISCOVERY_FINDING)
1861 if (list_empty(&discov->resolve)) {
1862 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1866 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1867 if (e && hci_resolve_name(hdev, e) == 0) {
1868 e->name_state = NAME_PENDING;
1869 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1871 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1875 hci_dev_unlock(hdev);
1878 static void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1880 struct inquiry_data data;
1881 struct inquiry_info *info = (void *) (skb->data + 1);
1882 int num_rsp = *((__u8 *) skb->data);
1884 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1889 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
1894 for (; num_rsp; num_rsp--, info++) {
1895 bool name_known, ssp;
1897 bacpy(&data.bdaddr, &info->bdaddr);
1898 data.pscan_rep_mode = info->pscan_rep_mode;
1899 data.pscan_period_mode = info->pscan_period_mode;
1900 data.pscan_mode = info->pscan_mode;
1901 memcpy(data.dev_class, info->dev_class, 3);
1902 data.clock_offset = info->clock_offset;
1904 data.ssp_mode = 0x00;
1906 name_known = hci_inquiry_cache_update(hdev, &data, false, &ssp);
1907 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
1908 info->dev_class, 0, !name_known, ssp, NULL,
1912 hci_dev_unlock(hdev);
1915 static void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1917 struct hci_ev_conn_complete *ev = (void *) skb->data;
1918 struct hci_conn *conn;
1920 BT_DBG("%s", hdev->name);
1924 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1926 if (ev->link_type != SCO_LINK)
1929 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1933 conn->type = SCO_LINK;
1937 conn->handle = __le16_to_cpu(ev->handle);
1939 if (conn->type == ACL_LINK) {
1940 conn->state = BT_CONFIG;
1941 hci_conn_hold(conn);
1943 if (!conn->out && !hci_conn_ssp_enabled(conn) &&
1944 !hci_find_link_key(hdev, &ev->bdaddr))
1945 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1947 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1949 conn->state = BT_CONNECTED;
1951 hci_conn_hold_device(conn);
1952 hci_conn_add_sysfs(conn);
1954 if (test_bit(HCI_AUTH, &hdev->flags))
1955 conn->link_mode |= HCI_LM_AUTH;
1957 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1958 conn->link_mode |= HCI_LM_ENCRYPT;
1960 /* Get remote features */
1961 if (conn->type == ACL_LINK) {
1962 struct hci_cp_read_remote_features cp;
1963 cp.handle = ev->handle;
1964 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1968 /* Set packet type for incoming connection */
1969 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1970 struct hci_cp_change_conn_ptype cp;
1971 cp.handle = ev->handle;
1972 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1973 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, sizeof(cp),
1977 conn->state = BT_CLOSED;
1978 if (conn->type == ACL_LINK)
1979 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
1980 conn->dst_type, ev->status);
1983 if (conn->type == ACL_LINK)
1984 hci_sco_setup(conn, ev->status);
1987 hci_proto_connect_cfm(conn, ev->status);
1989 } else if (ev->link_type != ACL_LINK)
1990 hci_proto_connect_cfm(conn, ev->status);
1993 hci_dev_unlock(hdev);
1995 hci_conn_check_pending(hdev);
1998 static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2000 struct hci_ev_conn_request *ev = (void *) skb->data;
2001 int mask = hdev->link_mode;
2003 BT_DBG("%s bdaddr %pMR type 0x%x", hdev->name, &ev->bdaddr,
2006 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
2008 if ((mask & HCI_LM_ACCEPT) &&
2009 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
2010 /* Connection accepted */
2011 struct inquiry_entry *ie;
2012 struct hci_conn *conn;
2016 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2018 memcpy(ie->data.dev_class, ev->dev_class, 3);
2020 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type,
2023 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
2025 BT_ERR("No memory for new connection");
2026 hci_dev_unlock(hdev);
2031 memcpy(conn->dev_class, ev->dev_class, 3);
2032 conn->state = BT_CONNECT;
2034 hci_dev_unlock(hdev);
2036 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
2037 struct hci_cp_accept_conn_req cp;
2039 bacpy(&cp.bdaddr, &ev->bdaddr);
2041 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
2042 cp.role = 0x00; /* Become master */
2044 cp.role = 0x01; /* Remain slave */
2046 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp),
2049 struct hci_cp_accept_sync_conn_req cp;
2051 bacpy(&cp.bdaddr, &ev->bdaddr);
2052 cp.pkt_type = cpu_to_le16(conn->pkt_type);
2054 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
2055 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
2056 cp.max_latency = __constant_cpu_to_le16(0xffff);
2057 cp.content_format = cpu_to_le16(hdev->voice_setting);
2058 cp.retrans_effort = 0xff;
2060 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
2064 /* Connection rejected */
2065 struct hci_cp_reject_conn_req cp;
2067 bacpy(&cp.bdaddr, &ev->bdaddr);
2068 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
2069 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
2073 static u8 hci_to_mgmt_reason(u8 err)
2076 case HCI_ERROR_CONNECTION_TIMEOUT:
2077 return MGMT_DEV_DISCONN_TIMEOUT;
2078 case HCI_ERROR_REMOTE_USER_TERM:
2079 case HCI_ERROR_REMOTE_LOW_RESOURCES:
2080 case HCI_ERROR_REMOTE_POWER_OFF:
2081 return MGMT_DEV_DISCONN_REMOTE;
2082 case HCI_ERROR_LOCAL_HOST_TERM:
2083 return MGMT_DEV_DISCONN_LOCAL_HOST;
2085 return MGMT_DEV_DISCONN_UNKNOWN;
2089 static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2091 struct hci_ev_disconn_complete *ev = (void *) skb->data;
2092 struct hci_conn *conn;
2094 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2098 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2102 if (ev->status == 0)
2103 conn->state = BT_CLOSED;
2105 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
2106 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
2108 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
2109 conn->dst_type, ev->status);
2111 u8 reason = hci_to_mgmt_reason(ev->reason);
2113 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
2114 conn->dst_type, reason);
2118 if (ev->status == 0) {
2119 if (conn->type == ACL_LINK && conn->flush_key)
2120 hci_remove_link_key(hdev, &conn->dst);
2121 hci_proto_disconn_cfm(conn, ev->reason);
2126 hci_dev_unlock(hdev);
2129 static void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2131 struct hci_ev_auth_complete *ev = (void *) skb->data;
2132 struct hci_conn *conn;
2134 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2138 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2143 if (!hci_conn_ssp_enabled(conn) &&
2144 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
2145 BT_INFO("re-auth of legacy device is not possible.");
2147 conn->link_mode |= HCI_LM_AUTH;
2148 conn->sec_level = conn->pending_sec_level;
2151 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
2155 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
2156 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
2158 if (conn->state == BT_CONFIG) {
2159 if (!ev->status && hci_conn_ssp_enabled(conn)) {
2160 struct hci_cp_set_conn_encrypt cp;
2161 cp.handle = ev->handle;
2163 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
2166 conn->state = BT_CONNECTED;
2167 hci_proto_connect_cfm(conn, ev->status);
2171 hci_auth_cfm(conn, ev->status);
2173 hci_conn_hold(conn);
2174 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2178 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
2180 struct hci_cp_set_conn_encrypt cp;
2181 cp.handle = ev->handle;
2183 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
2186 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
2187 hci_encrypt_cfm(conn, ev->status, 0x00);
2192 hci_dev_unlock(hdev);
2195 static void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
2197 struct hci_ev_remote_name *ev = (void *) skb->data;
2198 struct hci_conn *conn;
2200 BT_DBG("%s", hdev->name);
2202 hci_conn_check_pending(hdev);
2206 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2208 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
2211 if (ev->status == 0)
2212 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
2213 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
2215 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
2221 if (!hci_outgoing_auth_needed(hdev, conn))
2224 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
2225 struct hci_cp_auth_requested cp;
2226 cp.handle = __cpu_to_le16(conn->handle);
2227 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
2231 hci_dev_unlock(hdev);
2234 static void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2236 struct hci_ev_encrypt_change *ev = (void *) skb->data;
2237 struct hci_conn *conn;
2239 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2243 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2247 /* Encryption implies authentication */
2248 conn->link_mode |= HCI_LM_AUTH;
2249 conn->link_mode |= HCI_LM_ENCRYPT;
2250 conn->sec_level = conn->pending_sec_level;
2252 conn->link_mode &= ~HCI_LM_ENCRYPT;
2255 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
2257 if (ev->status && conn->state == BT_CONNECTED) {
2258 hci_acl_disconn(conn, HCI_ERROR_AUTH_FAILURE);
2263 if (conn->state == BT_CONFIG) {
2265 conn->state = BT_CONNECTED;
2267 hci_proto_connect_cfm(conn, ev->status);
2270 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
2274 hci_dev_unlock(hdev);
2277 static void hci_change_link_key_complete_evt(struct hci_dev *hdev,
2278 struct sk_buff *skb)
2280 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
2281 struct hci_conn *conn;
2283 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2287 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2290 conn->link_mode |= HCI_LM_SECURE;
2292 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
2294 hci_key_change_cfm(conn, ev->status);
2297 hci_dev_unlock(hdev);
2300 static void hci_remote_features_evt(struct hci_dev *hdev,
2301 struct sk_buff *skb)
2303 struct hci_ev_remote_features *ev = (void *) skb->data;
2304 struct hci_conn *conn;
2306 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2310 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2315 memcpy(conn->features, ev->features, 8);
2317 if (conn->state != BT_CONFIG)
2320 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2321 struct hci_cp_read_remote_ext_features cp;
2322 cp.handle = ev->handle;
2324 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
2329 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
2330 struct hci_cp_remote_name_req cp;
2331 memset(&cp, 0, sizeof(cp));
2332 bacpy(&cp.bdaddr, &conn->dst);
2333 cp.pscan_rep_mode = 0x02;
2334 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2335 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2336 mgmt_device_connected(hdev, &conn->dst, conn->type,
2337 conn->dst_type, 0, NULL, 0,
2340 if (!hci_outgoing_auth_needed(hdev, conn)) {
2341 conn->state = BT_CONNECTED;
2342 hci_proto_connect_cfm(conn, ev->status);
2347 hci_dev_unlock(hdev);
2350 static void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
2352 BT_DBG("%s", hdev->name);
2355 static void hci_qos_setup_complete_evt(struct hci_dev *hdev,
2356 struct sk_buff *skb)
2358 BT_DBG("%s", hdev->name);
2361 static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2363 struct hci_ev_cmd_complete *ev = (void *) skb->data;
2366 skb_pull(skb, sizeof(*ev));
2368 opcode = __le16_to_cpu(ev->opcode);
2371 case HCI_OP_INQUIRY_CANCEL:
2372 hci_cc_inquiry_cancel(hdev, skb);
2375 case HCI_OP_PERIODIC_INQ:
2376 hci_cc_periodic_inq(hdev, skb);
2379 case HCI_OP_EXIT_PERIODIC_INQ:
2380 hci_cc_exit_periodic_inq(hdev, skb);
2383 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2384 hci_cc_remote_name_req_cancel(hdev, skb);
2387 case HCI_OP_ROLE_DISCOVERY:
2388 hci_cc_role_discovery(hdev, skb);
2391 case HCI_OP_READ_LINK_POLICY:
2392 hci_cc_read_link_policy(hdev, skb);
2395 case HCI_OP_WRITE_LINK_POLICY:
2396 hci_cc_write_link_policy(hdev, skb);
2399 case HCI_OP_READ_DEF_LINK_POLICY:
2400 hci_cc_read_def_link_policy(hdev, skb);
2403 case HCI_OP_WRITE_DEF_LINK_POLICY:
2404 hci_cc_write_def_link_policy(hdev, skb);
2408 hci_cc_reset(hdev, skb);
2411 case HCI_OP_WRITE_LOCAL_NAME:
2412 hci_cc_write_local_name(hdev, skb);
2415 case HCI_OP_READ_LOCAL_NAME:
2416 hci_cc_read_local_name(hdev, skb);
2419 case HCI_OP_WRITE_AUTH_ENABLE:
2420 hci_cc_write_auth_enable(hdev, skb);
2423 case HCI_OP_WRITE_ENCRYPT_MODE:
2424 hci_cc_write_encrypt_mode(hdev, skb);
2427 case HCI_OP_WRITE_SCAN_ENABLE:
2428 hci_cc_write_scan_enable(hdev, skb);
2431 case HCI_OP_READ_CLASS_OF_DEV:
2432 hci_cc_read_class_of_dev(hdev, skb);
2435 case HCI_OP_WRITE_CLASS_OF_DEV:
2436 hci_cc_write_class_of_dev(hdev, skb);
2439 case HCI_OP_READ_VOICE_SETTING:
2440 hci_cc_read_voice_setting(hdev, skb);
2443 case HCI_OP_WRITE_VOICE_SETTING:
2444 hci_cc_write_voice_setting(hdev, skb);
2447 case HCI_OP_HOST_BUFFER_SIZE:
2448 hci_cc_host_buffer_size(hdev, skb);
2451 case HCI_OP_WRITE_SSP_MODE:
2452 hci_cc_write_ssp_mode(hdev, skb);
2455 case HCI_OP_READ_LOCAL_VERSION:
2456 hci_cc_read_local_version(hdev, skb);
2459 case HCI_OP_READ_LOCAL_COMMANDS:
2460 hci_cc_read_local_commands(hdev, skb);
2463 case HCI_OP_READ_LOCAL_FEATURES:
2464 hci_cc_read_local_features(hdev, skb);
2467 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2468 hci_cc_read_local_ext_features(hdev, skb);
2471 case HCI_OP_READ_BUFFER_SIZE:
2472 hci_cc_read_buffer_size(hdev, skb);
2475 case HCI_OP_READ_BD_ADDR:
2476 hci_cc_read_bd_addr(hdev, skb);
2479 case HCI_OP_READ_DATA_BLOCK_SIZE:
2480 hci_cc_read_data_block_size(hdev, skb);
2483 case HCI_OP_WRITE_CA_TIMEOUT:
2484 hci_cc_write_ca_timeout(hdev, skb);
2487 case HCI_OP_READ_FLOW_CONTROL_MODE:
2488 hci_cc_read_flow_control_mode(hdev, skb);
2491 case HCI_OP_READ_LOCAL_AMP_INFO:
2492 hci_cc_read_local_amp_info(hdev, skb);
2495 case HCI_OP_READ_LOCAL_AMP_ASSOC:
2496 hci_cc_read_local_amp_assoc(hdev, skb);
2499 case HCI_OP_DELETE_STORED_LINK_KEY:
2500 hci_cc_delete_stored_link_key(hdev, skb);
2503 case HCI_OP_SET_EVENT_MASK:
2504 hci_cc_set_event_mask(hdev, skb);
2507 case HCI_OP_WRITE_INQUIRY_MODE:
2508 hci_cc_write_inquiry_mode(hdev, skb);
2511 case HCI_OP_READ_INQ_RSP_TX_POWER:
2512 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2515 case HCI_OP_SET_EVENT_FLT:
2516 hci_cc_set_event_flt(hdev, skb);
2519 case HCI_OP_PIN_CODE_REPLY:
2520 hci_cc_pin_code_reply(hdev, skb);
2523 case HCI_OP_PIN_CODE_NEG_REPLY:
2524 hci_cc_pin_code_neg_reply(hdev, skb);
2527 case HCI_OP_READ_LOCAL_OOB_DATA:
2528 hci_cc_read_local_oob_data_reply(hdev, skb);
2531 case HCI_OP_LE_READ_BUFFER_SIZE:
2532 hci_cc_le_read_buffer_size(hdev, skb);
2535 case HCI_OP_LE_READ_ADV_TX_POWER:
2536 hci_cc_le_read_adv_tx_power(hdev, skb);
2539 case HCI_OP_LE_SET_EVENT_MASK:
2540 hci_cc_le_set_event_mask(hdev, skb);
2543 case HCI_OP_USER_CONFIRM_REPLY:
2544 hci_cc_user_confirm_reply(hdev, skb);
2547 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2548 hci_cc_user_confirm_neg_reply(hdev, skb);
2551 case HCI_OP_USER_PASSKEY_REPLY:
2552 hci_cc_user_passkey_reply(hdev, skb);
2555 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2556 hci_cc_user_passkey_neg_reply(hdev, skb);
2559 case HCI_OP_LE_SET_SCAN_PARAM:
2560 hci_cc_le_set_scan_param(hdev, skb);
2563 case HCI_OP_LE_SET_SCAN_ENABLE:
2564 hci_cc_le_set_scan_enable(hdev, skb);
2567 case HCI_OP_LE_LTK_REPLY:
2568 hci_cc_le_ltk_reply(hdev, skb);
2571 case HCI_OP_LE_LTK_NEG_REPLY:
2572 hci_cc_le_ltk_neg_reply(hdev, skb);
2575 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2576 hci_cc_write_le_host_supported(hdev, skb);
2579 case HCI_OP_WRITE_REMOTE_AMP_ASSOC:
2580 hci_cc_write_remote_amp_assoc(hdev, skb);
2584 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
2588 if (ev->opcode != HCI_OP_NOP)
2589 del_timer(&hdev->cmd_timer);
2592 atomic_set(&hdev->cmd_cnt, 1);
2593 if (!skb_queue_empty(&hdev->cmd_q))
2594 queue_work(hdev->workqueue, &hdev->cmd_work);
2598 static void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2600 struct hci_ev_cmd_status *ev = (void *) skb->data;
2603 skb_pull(skb, sizeof(*ev));
2605 opcode = __le16_to_cpu(ev->opcode);
2608 case HCI_OP_INQUIRY:
2609 hci_cs_inquiry(hdev, ev->status);
2612 case HCI_OP_CREATE_CONN:
2613 hci_cs_create_conn(hdev, ev->status);
2616 case HCI_OP_ADD_SCO:
2617 hci_cs_add_sco(hdev, ev->status);
2620 case HCI_OP_AUTH_REQUESTED:
2621 hci_cs_auth_requested(hdev, ev->status);
2624 case HCI_OP_SET_CONN_ENCRYPT:
2625 hci_cs_set_conn_encrypt(hdev, ev->status);
2628 case HCI_OP_REMOTE_NAME_REQ:
2629 hci_cs_remote_name_req(hdev, ev->status);
2632 case HCI_OP_READ_REMOTE_FEATURES:
2633 hci_cs_read_remote_features(hdev, ev->status);
2636 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2637 hci_cs_read_remote_ext_features(hdev, ev->status);
2640 case HCI_OP_SETUP_SYNC_CONN:
2641 hci_cs_setup_sync_conn(hdev, ev->status);
2644 case HCI_OP_SNIFF_MODE:
2645 hci_cs_sniff_mode(hdev, ev->status);
2648 case HCI_OP_EXIT_SNIFF_MODE:
2649 hci_cs_exit_sniff_mode(hdev, ev->status);
2652 case HCI_OP_DISCONNECT:
2653 hci_cs_disconnect(hdev, ev->status);
2656 case HCI_OP_LE_CREATE_CONN:
2657 hci_cs_le_create_conn(hdev, ev->status);
2660 case HCI_OP_LE_START_ENC:
2661 hci_cs_le_start_enc(hdev, ev->status);
2664 case HCI_OP_CREATE_PHY_LINK:
2665 hci_cs_create_phylink(hdev, ev->status);
2668 case HCI_OP_ACCEPT_PHY_LINK:
2669 hci_cs_accept_phylink(hdev, ev->status);
2673 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
2677 if (ev->opcode != HCI_OP_NOP)
2678 del_timer(&hdev->cmd_timer);
2680 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
2681 atomic_set(&hdev->cmd_cnt, 1);
2682 if (!skb_queue_empty(&hdev->cmd_q))
2683 queue_work(hdev->workqueue, &hdev->cmd_work);
2687 static void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2689 struct hci_ev_role_change *ev = (void *) skb->data;
2690 struct hci_conn *conn;
2692 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2696 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2700 conn->link_mode &= ~HCI_LM_MASTER;
2702 conn->link_mode |= HCI_LM_MASTER;
2705 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
2707 hci_role_switch_cfm(conn, ev->status, ev->role);
2710 hci_dev_unlock(hdev);
2713 static void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
2715 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
2718 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2719 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2723 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2724 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
2725 BT_DBG("%s bad parameters", hdev->name);
2729 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2731 for (i = 0; i < ev->num_hndl; i++) {
2732 struct hci_comp_pkts_info *info = &ev->handles[i];
2733 struct hci_conn *conn;
2734 __u16 handle, count;
2736 handle = __le16_to_cpu(info->handle);
2737 count = __le16_to_cpu(info->count);
2739 conn = hci_conn_hash_lookup_handle(hdev, handle);
2743 conn->sent -= count;
2745 switch (conn->type) {
2747 hdev->acl_cnt += count;
2748 if (hdev->acl_cnt > hdev->acl_pkts)
2749 hdev->acl_cnt = hdev->acl_pkts;
2753 if (hdev->le_pkts) {
2754 hdev->le_cnt += count;
2755 if (hdev->le_cnt > hdev->le_pkts)
2756 hdev->le_cnt = hdev->le_pkts;
2758 hdev->acl_cnt += count;
2759 if (hdev->acl_cnt > hdev->acl_pkts)
2760 hdev->acl_cnt = hdev->acl_pkts;
2765 hdev->sco_cnt += count;
2766 if (hdev->sco_cnt > hdev->sco_pkts)
2767 hdev->sco_cnt = hdev->sco_pkts;
2771 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2776 queue_work(hdev->workqueue, &hdev->tx_work);
2779 static struct hci_conn *__hci_conn_lookup_handle(struct hci_dev *hdev,
2782 struct hci_chan *chan;
2784 switch (hdev->dev_type) {
2786 return hci_conn_hash_lookup_handle(hdev, handle);
2788 chan = hci_chan_lookup_handle(hdev, handle);
2793 BT_ERR("%s unknown dev_type %d", hdev->name, hdev->dev_type);
2800 static void hci_num_comp_blocks_evt(struct hci_dev *hdev, struct sk_buff *skb)
2802 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2805 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2806 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2810 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2811 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
2812 BT_DBG("%s bad parameters", hdev->name);
2816 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
2819 for (i = 0; i < ev->num_hndl; i++) {
2820 struct hci_comp_blocks_info *info = &ev->handles[i];
2821 struct hci_conn *conn = NULL;
2822 __u16 handle, block_count;
2824 handle = __le16_to_cpu(info->handle);
2825 block_count = __le16_to_cpu(info->blocks);
2827 conn = __hci_conn_lookup_handle(hdev, handle);
2831 conn->sent -= block_count;
2833 switch (conn->type) {
2836 hdev->block_cnt += block_count;
2837 if (hdev->block_cnt > hdev->num_blocks)
2838 hdev->block_cnt = hdev->num_blocks;
2842 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2847 queue_work(hdev->workqueue, &hdev->tx_work);
2850 static void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2852 struct hci_ev_mode_change *ev = (void *) skb->data;
2853 struct hci_conn *conn;
2855 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2859 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2861 conn->mode = ev->mode;
2862 conn->interval = __le16_to_cpu(ev->interval);
2864 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND,
2866 if (conn->mode == HCI_CM_ACTIVE)
2867 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
2869 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
2872 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
2873 hci_sco_setup(conn, ev->status);
2876 hci_dev_unlock(hdev);
2879 static void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2881 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2882 struct hci_conn *conn;
2884 BT_DBG("%s", hdev->name);
2888 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2892 if (conn->state == BT_CONNECTED) {
2893 hci_conn_hold(conn);
2894 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2898 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
2899 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2900 sizeof(ev->bdaddr), &ev->bdaddr);
2901 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
2904 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2909 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
2913 hci_dev_unlock(hdev);
2916 static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2918 struct hci_ev_link_key_req *ev = (void *) skb->data;
2919 struct hci_cp_link_key_reply cp;
2920 struct hci_conn *conn;
2921 struct link_key *key;
2923 BT_DBG("%s", hdev->name);
2925 if (!test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
2930 key = hci_find_link_key(hdev, &ev->bdaddr);
2932 BT_DBG("%s link key not found for %pMR", hdev->name,
2937 BT_DBG("%s found key type %u for %pMR", hdev->name, key->type,
2940 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
2941 key->type == HCI_LK_DEBUG_COMBINATION) {
2942 BT_DBG("%s ignoring debug key", hdev->name);
2946 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2948 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
2949 conn->auth_type != 0xff && (conn->auth_type & 0x01)) {
2950 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2954 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
2955 conn->pending_sec_level == BT_SECURITY_HIGH) {
2956 BT_DBG("%s ignoring key unauthenticated for high security",
2961 conn->key_type = key->type;
2962 conn->pin_length = key->pin_len;
2965 bacpy(&cp.bdaddr, &ev->bdaddr);
2966 memcpy(cp.link_key, key->val, HCI_LINK_KEY_SIZE);
2968 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2970 hci_dev_unlock(hdev);
2975 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2976 hci_dev_unlock(hdev);
2979 static void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2981 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2982 struct hci_conn *conn;
2985 BT_DBG("%s", hdev->name);
2989 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2991 hci_conn_hold(conn);
2992 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2993 pin_len = conn->pin_length;
2995 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2996 conn->key_type = ev->key_type;
3001 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
3002 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
3003 ev->key_type, pin_len);
3005 hci_dev_unlock(hdev);
3008 static void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
3010 struct hci_ev_clock_offset *ev = (void *) skb->data;
3011 struct hci_conn *conn;
3013 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3017 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3018 if (conn && !ev->status) {
3019 struct inquiry_entry *ie;
3021 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
3023 ie->data.clock_offset = ev->clock_offset;
3024 ie->timestamp = jiffies;
3028 hci_dev_unlock(hdev);
3031 static void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
3033 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
3034 struct hci_conn *conn;
3036 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3040 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3041 if (conn && !ev->status)
3042 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
3044 hci_dev_unlock(hdev);
3047 static void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
3049 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
3050 struct inquiry_entry *ie;
3052 BT_DBG("%s", hdev->name);
3056 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3058 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
3059 ie->timestamp = jiffies;
3062 hci_dev_unlock(hdev);
3065 static void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev,
3066 struct sk_buff *skb)
3068 struct inquiry_data data;
3069 int num_rsp = *((__u8 *) skb->data);
3070 bool name_known, ssp;
3072 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
3077 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
3082 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
3083 struct inquiry_info_with_rssi_and_pscan_mode *info;
3084 info = (void *) (skb->data + 1);
3086 for (; num_rsp; num_rsp--, info++) {
3087 bacpy(&data.bdaddr, &info->bdaddr);
3088 data.pscan_rep_mode = info->pscan_rep_mode;
3089 data.pscan_period_mode = info->pscan_period_mode;
3090 data.pscan_mode = info->pscan_mode;
3091 memcpy(data.dev_class, info->dev_class, 3);
3092 data.clock_offset = info->clock_offset;
3093 data.rssi = info->rssi;
3094 data.ssp_mode = 0x00;
3096 name_known = hci_inquiry_cache_update(hdev, &data,
3098 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
3099 info->dev_class, info->rssi,
3100 !name_known, ssp, NULL, 0);
3103 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
3105 for (; num_rsp; num_rsp--, info++) {
3106 bacpy(&data.bdaddr, &info->bdaddr);
3107 data.pscan_rep_mode = info->pscan_rep_mode;
3108 data.pscan_period_mode = info->pscan_period_mode;
3109 data.pscan_mode = 0x00;
3110 memcpy(data.dev_class, info->dev_class, 3);
3111 data.clock_offset = info->clock_offset;
3112 data.rssi = info->rssi;
3113 data.ssp_mode = 0x00;
3114 name_known = hci_inquiry_cache_update(hdev, &data,
3116 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
3117 info->dev_class, info->rssi,
3118 !name_known, ssp, NULL, 0);
3122 hci_dev_unlock(hdev);
3125 static void hci_remote_ext_features_evt(struct hci_dev *hdev,
3126 struct sk_buff *skb)
3128 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
3129 struct hci_conn *conn;
3131 BT_DBG("%s", hdev->name);
3135 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3139 if (!ev->status && ev->page == 0x01) {
3140 struct inquiry_entry *ie;
3142 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
3144 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
3146 if (ev->features[0] & LMP_HOST_SSP)
3147 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
3150 if (conn->state != BT_CONFIG)
3153 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
3154 struct hci_cp_remote_name_req cp;
3155 memset(&cp, 0, sizeof(cp));
3156 bacpy(&cp.bdaddr, &conn->dst);
3157 cp.pscan_rep_mode = 0x02;
3158 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
3159 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3160 mgmt_device_connected(hdev, &conn->dst, conn->type,
3161 conn->dst_type, 0, NULL, 0,
3164 if (!hci_outgoing_auth_needed(hdev, conn)) {
3165 conn->state = BT_CONNECTED;
3166 hci_proto_connect_cfm(conn, ev->status);
3171 hci_dev_unlock(hdev);
3174 static void hci_sync_conn_complete_evt(struct hci_dev *hdev,
3175 struct sk_buff *skb)
3177 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
3178 struct hci_conn *conn;
3180 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3184 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
3186 if (ev->link_type == ESCO_LINK)
3189 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
3193 conn->type = SCO_LINK;
3196 switch (ev->status) {
3198 conn->handle = __le16_to_cpu(ev->handle);
3199 conn->state = BT_CONNECTED;
3201 hci_conn_hold_device(conn);
3202 hci_conn_add_sysfs(conn);
3205 case 0x11: /* Unsupported Feature or Parameter Value */
3206 case 0x1c: /* SCO interval rejected */
3207 case 0x1a: /* Unsupported Remote Feature */
3208 case 0x1f: /* Unspecified error */
3209 if (conn->out && conn->attempt < 2) {
3210 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
3211 (hdev->esco_type & EDR_ESCO_MASK);
3212 hci_setup_sync(conn, conn->link->handle);
3218 conn->state = BT_CLOSED;
3222 hci_proto_connect_cfm(conn, ev->status);
3227 hci_dev_unlock(hdev);
3230 static void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
3232 BT_DBG("%s", hdev->name);
3235 static void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
3237 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
3239 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3242 static void hci_extended_inquiry_result_evt(struct hci_dev *hdev,
3243 struct sk_buff *skb)
3245 struct inquiry_data data;
3246 struct extended_inquiry_info *info = (void *) (skb->data + 1);
3247 int num_rsp = *((__u8 *) skb->data);
3250 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
3255 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
3260 for (; num_rsp; num_rsp--, info++) {
3261 bool name_known, ssp;
3263 bacpy(&data.bdaddr, &info->bdaddr);
3264 data.pscan_rep_mode = info->pscan_rep_mode;
3265 data.pscan_period_mode = info->pscan_period_mode;
3266 data.pscan_mode = 0x00;
3267 memcpy(data.dev_class, info->dev_class, 3);
3268 data.clock_offset = info->clock_offset;
3269 data.rssi = info->rssi;
3270 data.ssp_mode = 0x01;
3272 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3273 name_known = eir_has_data_type(info->data,
3279 name_known = hci_inquiry_cache_update(hdev, &data, name_known,
3281 eir_len = eir_get_length(info->data, sizeof(info->data));
3282 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
3283 info->dev_class, info->rssi, !name_known,
3284 ssp, info->data, eir_len);
3287 hci_dev_unlock(hdev);
3290 static void hci_key_refresh_complete_evt(struct hci_dev *hdev,
3291 struct sk_buff *skb)
3293 struct hci_ev_key_refresh_complete *ev = (void *) skb->data;
3294 struct hci_conn *conn;
3296 BT_DBG("%s status 0x%2.2x handle 0x%4.4x", hdev->name, ev->status,
3297 __le16_to_cpu(ev->handle));
3301 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3306 conn->sec_level = conn->pending_sec_level;
3308 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
3310 if (ev->status && conn->state == BT_CONNECTED) {
3311 hci_acl_disconn(conn, HCI_ERROR_AUTH_FAILURE);
3316 if (conn->state == BT_CONFIG) {
3318 conn->state = BT_CONNECTED;
3320 hci_proto_connect_cfm(conn, ev->status);
3323 hci_auth_cfm(conn, ev->status);
3325 hci_conn_hold(conn);
3326 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
3331 hci_dev_unlock(hdev);
3334 static u8 hci_get_auth_req(struct hci_conn *conn)
3336 /* If remote requests dedicated bonding follow that lead */
3337 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
3338 /* If both remote and local IO capabilities allow MITM
3339 * protection then require it, otherwise don't */
3340 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
3346 /* If remote requests no-bonding follow that lead */
3347 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
3348 return conn->remote_auth | (conn->auth_type & 0x01);
3350 return conn->auth_type;
3353 static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
3355 struct hci_ev_io_capa_request *ev = (void *) skb->data;
3356 struct hci_conn *conn;
3358 BT_DBG("%s", hdev->name);
3362 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3366 hci_conn_hold(conn);
3368 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
3371 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
3372 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
3373 struct hci_cp_io_capability_reply cp;
3375 bacpy(&cp.bdaddr, &ev->bdaddr);
3376 /* Change the IO capability from KeyboardDisplay
3377 * to DisplayYesNo as it is not supported by BT spec. */
3378 cp.capability = (conn->io_capability == 0x04) ?
3379 0x01 : conn->io_capability;
3380 conn->auth_type = hci_get_auth_req(conn);
3381 cp.authentication = conn->auth_type;
3383 if (hci_find_remote_oob_data(hdev, &conn->dst) &&
3384 (conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)))
3389 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
3392 struct hci_cp_io_capability_neg_reply cp;
3394 bacpy(&cp.bdaddr, &ev->bdaddr);
3395 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
3397 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
3402 hci_dev_unlock(hdev);
3405 static void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
3407 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3408 struct hci_conn *conn;
3410 BT_DBG("%s", hdev->name);
3414 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3418 conn->remote_cap = ev->capability;
3419 conn->remote_auth = ev->authentication;
3421 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
3424 hci_dev_unlock(hdev);
3427 static void hci_user_confirm_request_evt(struct hci_dev *hdev,
3428 struct sk_buff *skb)
3430 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
3431 int loc_mitm, rem_mitm, confirm_hint = 0;
3432 struct hci_conn *conn;
3434 BT_DBG("%s", hdev->name);
3438 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
3441 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3445 loc_mitm = (conn->auth_type & 0x01);
3446 rem_mitm = (conn->remote_auth & 0x01);
3448 /* If we require MITM but the remote device can't provide that
3449 * (it has NoInputNoOutput) then reject the confirmation
3450 * request. The only exception is when we're dedicated bonding
3451 * initiators (connect_cfm_cb set) since then we always have the MITM
3453 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
3454 BT_DBG("Rejecting request: remote device can't provide MITM");
3455 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
3456 sizeof(ev->bdaddr), &ev->bdaddr);
3460 /* If no side requires MITM protection; auto-accept */
3461 if ((!loc_mitm || conn->remote_cap == 0x03) &&
3462 (!rem_mitm || conn->io_capability == 0x03)) {
3464 /* If we're not the initiators request authorization to
3465 * proceed from user space (mgmt_user_confirm with
3466 * confirm_hint set to 1). */
3467 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
3468 BT_DBG("Confirming auto-accept as acceptor");
3473 BT_DBG("Auto-accept of user confirmation with %ums delay",
3474 hdev->auto_accept_delay);
3476 if (hdev->auto_accept_delay > 0) {
3477 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3478 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3482 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
3483 sizeof(ev->bdaddr), &ev->bdaddr);
3488 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, ev->passkey,
3492 hci_dev_unlock(hdev);
3495 static void hci_user_passkey_request_evt(struct hci_dev *hdev,
3496 struct sk_buff *skb)
3498 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3500 BT_DBG("%s", hdev->name);
3502 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3503 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
3506 static void hci_user_passkey_notify_evt(struct hci_dev *hdev,
3507 struct sk_buff *skb)
3509 struct hci_ev_user_passkey_notify *ev = (void *) skb->data;
3510 struct hci_conn *conn;
3512 BT_DBG("%s", hdev->name);
3514 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3518 conn->passkey_notify = __le32_to_cpu(ev->passkey);
3519 conn->passkey_entered = 0;
3521 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3522 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3523 conn->dst_type, conn->passkey_notify,
3524 conn->passkey_entered);
3527 static void hci_keypress_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
3529 struct hci_ev_keypress_notify *ev = (void *) skb->data;
3530 struct hci_conn *conn;
3532 BT_DBG("%s", hdev->name);
3534 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3539 case HCI_KEYPRESS_STARTED:
3540 conn->passkey_entered = 0;
3543 case HCI_KEYPRESS_ENTERED:
3544 conn->passkey_entered++;
3547 case HCI_KEYPRESS_ERASED:
3548 conn->passkey_entered--;
3551 case HCI_KEYPRESS_CLEARED:
3552 conn->passkey_entered = 0;
3555 case HCI_KEYPRESS_COMPLETED:
3559 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3560 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3561 conn->dst_type, conn->passkey_notify,
3562 conn->passkey_entered);
3565 static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
3566 struct sk_buff *skb)
3568 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3569 struct hci_conn *conn;
3571 BT_DBG("%s", hdev->name);
3575 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3579 /* To avoid duplicate auth_failed events to user space we check
3580 * the HCI_CONN_AUTH_PEND flag which will be set if we
3581 * initiated the authentication. A traditional auth_complete
3582 * event gets always produced as initiator and is also mapped to
3583 * the mgmt_auth_failed event */
3584 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status)
3585 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
3591 hci_dev_unlock(hdev);
3594 static void hci_remote_host_features_evt(struct hci_dev *hdev,
3595 struct sk_buff *skb)
3597 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3598 struct inquiry_entry *ie;
3600 BT_DBG("%s", hdev->name);
3604 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3606 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
3608 hci_dev_unlock(hdev);
3611 static void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3612 struct sk_buff *skb)
3614 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3615 struct oob_data *data;
3617 BT_DBG("%s", hdev->name);
3621 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
3624 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3626 struct hci_cp_remote_oob_data_reply cp;
3628 bacpy(&cp.bdaddr, &ev->bdaddr);
3629 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3630 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3632 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
3635 struct hci_cp_remote_oob_data_neg_reply cp;
3637 bacpy(&cp.bdaddr, &ev->bdaddr);
3638 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
3643 hci_dev_unlock(hdev);
3646 static void hci_phy_link_complete_evt(struct hci_dev *hdev,
3647 struct sk_buff *skb)
3649 struct hci_ev_phy_link_complete *ev = (void *) skb->data;
3650 struct hci_conn *hcon, *bredr_hcon;
3652 BT_DBG("%s handle 0x%2.2x status 0x%2.2x", hdev->name, ev->phy_handle,
3657 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3659 hci_dev_unlock(hdev);
3665 hci_dev_unlock(hdev);
3669 bredr_hcon = hcon->amp_mgr->l2cap_conn->hcon;
3671 hcon->state = BT_CONNECTED;
3672 bacpy(&hcon->dst, &bredr_hcon->dst);
3674 hci_conn_hold(hcon);
3675 hcon->disc_timeout = HCI_DISCONN_TIMEOUT;
3678 hci_conn_hold_device(hcon);
3679 hci_conn_add_sysfs(hcon);
3681 hci_dev_unlock(hdev);
3684 struct hci_dev *bredr_hdev = hci_dev_hold(bredr_hcon->hdev);
3689 /* Placeholder - create chan req
3690 l2cap_chan_create_cfm(bredr_hcon, hcon->remote_id);
3693 hci_dev_put(bredr_hdev);
3697 static void hci_loglink_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3699 struct hci_ev_logical_link_complete *ev = (void *) skb->data;
3700 struct hci_conn *hcon;
3701 struct hci_chan *hchan;
3702 struct amp_mgr *mgr;
3704 BT_DBG("%s log_handle 0x%4.4x phy_handle 0x%2.2x status 0x%2.2x",
3705 hdev->name, le16_to_cpu(ev->handle), ev->phy_handle,
3708 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3712 /* Create AMP hchan */
3713 hchan = hci_chan_create(hcon);
3717 hchan->handle = le16_to_cpu(ev->handle);
3719 BT_DBG("hcon %p mgr %p hchan %p", hcon, hcon->amp_mgr, hchan);
3721 mgr = hcon->amp_mgr;
3722 if (mgr && mgr->bredr_chan) {
3723 struct l2cap_chan *bredr_chan = mgr->bredr_chan;
3725 l2cap_chan_lock(bredr_chan);
3727 bredr_chan->conn->mtu = hdev->block_mtu;
3728 l2cap_logical_cfm(bredr_chan, hchan, 0);
3729 hci_conn_hold(hcon);
3731 l2cap_chan_unlock(bredr_chan);
3735 static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3737 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3738 struct hci_conn *conn;
3740 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3744 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
3746 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3748 BT_ERR("No memory for new connection");
3752 conn->dst_type = ev->bdaddr_type;
3754 if (ev->role == LE_CONN_ROLE_MASTER) {
3756 conn->link_mode |= HCI_LM_MASTER;
3761 mgmt_connect_failed(hdev, &conn->dst, conn->type,
3762 conn->dst_type, ev->status);
3763 hci_proto_connect_cfm(conn, ev->status);
3764 conn->state = BT_CLOSED;
3769 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3770 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
3771 conn->dst_type, 0, NULL, 0, NULL);
3773 conn->sec_level = BT_SECURITY_LOW;
3774 conn->handle = __le16_to_cpu(ev->handle);
3775 conn->state = BT_CONNECTED;
3777 hci_conn_hold_device(conn);
3778 hci_conn_add_sysfs(conn);
3780 hci_proto_connect_cfm(conn, ev->status);
3783 hci_dev_unlock(hdev);
3786 static void hci_le_adv_report_evt(struct hci_dev *hdev, struct sk_buff *skb)
3788 u8 num_reports = skb->data[0];
3789 void *ptr = &skb->data[1];
3794 while (num_reports--) {
3795 struct hci_ev_le_advertising_info *ev = ptr;
3797 rssi = ev->data[ev->length];
3798 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
3799 NULL, rssi, 0, 1, ev->data, ev->length);
3801 ptr += sizeof(*ev) + ev->length + 1;
3804 hci_dev_unlock(hdev);
3807 static void hci_le_ltk_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
3809 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3810 struct hci_cp_le_ltk_reply cp;
3811 struct hci_cp_le_ltk_neg_reply neg;
3812 struct hci_conn *conn;
3813 struct smp_ltk *ltk;
3815 BT_DBG("%s handle 0x%4.4x", hdev->name, __le16_to_cpu(ev->handle));
3819 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3823 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3827 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
3828 cp.handle = cpu_to_le16(conn->handle);
3830 if (ltk->authenticated)
3831 conn->sec_level = BT_SECURITY_HIGH;
3833 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3835 if (ltk->type & HCI_SMP_STK) {
3836 list_del(<k->list);
3840 hci_dev_unlock(hdev);
3845 neg.handle = ev->handle;
3846 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3847 hci_dev_unlock(hdev);
3850 static void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
3852 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3854 skb_pull(skb, sizeof(*le_ev));
3856 switch (le_ev->subevent) {
3857 case HCI_EV_LE_CONN_COMPLETE:
3858 hci_le_conn_complete_evt(hdev, skb);
3861 case HCI_EV_LE_ADVERTISING_REPORT:
3862 hci_le_adv_report_evt(hdev, skb);
3865 case HCI_EV_LE_LTK_REQ:
3866 hci_le_ltk_request_evt(hdev, skb);
3874 static void hci_chan_selected_evt(struct hci_dev *hdev, struct sk_buff *skb)
3876 struct hci_ev_channel_selected *ev = (void *) skb->data;
3877 struct hci_conn *hcon;
3879 BT_DBG("%s handle 0x%2.2x", hdev->name, ev->phy_handle);
3881 skb_pull(skb, sizeof(*ev));
3883 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3887 amp_read_loc_assoc_final_data(hdev, hcon);
3890 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3892 struct hci_event_hdr *hdr = (void *) skb->data;
3893 __u8 event = hdr->evt;
3895 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3898 case HCI_EV_INQUIRY_COMPLETE:
3899 hci_inquiry_complete_evt(hdev, skb);
3902 case HCI_EV_INQUIRY_RESULT:
3903 hci_inquiry_result_evt(hdev, skb);
3906 case HCI_EV_CONN_COMPLETE:
3907 hci_conn_complete_evt(hdev, skb);
3910 case HCI_EV_CONN_REQUEST:
3911 hci_conn_request_evt(hdev, skb);
3914 case HCI_EV_DISCONN_COMPLETE:
3915 hci_disconn_complete_evt(hdev, skb);
3918 case HCI_EV_AUTH_COMPLETE:
3919 hci_auth_complete_evt(hdev, skb);
3922 case HCI_EV_REMOTE_NAME:
3923 hci_remote_name_evt(hdev, skb);
3926 case HCI_EV_ENCRYPT_CHANGE:
3927 hci_encrypt_change_evt(hdev, skb);
3930 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3931 hci_change_link_key_complete_evt(hdev, skb);
3934 case HCI_EV_REMOTE_FEATURES:
3935 hci_remote_features_evt(hdev, skb);
3938 case HCI_EV_REMOTE_VERSION:
3939 hci_remote_version_evt(hdev, skb);
3942 case HCI_EV_QOS_SETUP_COMPLETE:
3943 hci_qos_setup_complete_evt(hdev, skb);
3946 case HCI_EV_CMD_COMPLETE:
3947 hci_cmd_complete_evt(hdev, skb);
3950 case HCI_EV_CMD_STATUS:
3951 hci_cmd_status_evt(hdev, skb);
3954 case HCI_EV_ROLE_CHANGE:
3955 hci_role_change_evt(hdev, skb);
3958 case HCI_EV_NUM_COMP_PKTS:
3959 hci_num_comp_pkts_evt(hdev, skb);
3962 case HCI_EV_MODE_CHANGE:
3963 hci_mode_change_evt(hdev, skb);
3966 case HCI_EV_PIN_CODE_REQ:
3967 hci_pin_code_request_evt(hdev, skb);
3970 case HCI_EV_LINK_KEY_REQ:
3971 hci_link_key_request_evt(hdev, skb);
3974 case HCI_EV_LINK_KEY_NOTIFY:
3975 hci_link_key_notify_evt(hdev, skb);
3978 case HCI_EV_CLOCK_OFFSET:
3979 hci_clock_offset_evt(hdev, skb);
3982 case HCI_EV_PKT_TYPE_CHANGE:
3983 hci_pkt_type_change_evt(hdev, skb);
3986 case HCI_EV_PSCAN_REP_MODE:
3987 hci_pscan_rep_mode_evt(hdev, skb);
3990 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3991 hci_inquiry_result_with_rssi_evt(hdev, skb);
3994 case HCI_EV_REMOTE_EXT_FEATURES:
3995 hci_remote_ext_features_evt(hdev, skb);
3998 case HCI_EV_SYNC_CONN_COMPLETE:
3999 hci_sync_conn_complete_evt(hdev, skb);
4002 case HCI_EV_SYNC_CONN_CHANGED:
4003 hci_sync_conn_changed_evt(hdev, skb);
4006 case HCI_EV_SNIFF_SUBRATE:
4007 hci_sniff_subrate_evt(hdev, skb);
4010 case HCI_EV_EXTENDED_INQUIRY_RESULT:
4011 hci_extended_inquiry_result_evt(hdev, skb);
4014 case HCI_EV_KEY_REFRESH_COMPLETE:
4015 hci_key_refresh_complete_evt(hdev, skb);
4018 case HCI_EV_IO_CAPA_REQUEST:
4019 hci_io_capa_request_evt(hdev, skb);
4022 case HCI_EV_IO_CAPA_REPLY:
4023 hci_io_capa_reply_evt(hdev, skb);
4026 case HCI_EV_USER_CONFIRM_REQUEST:
4027 hci_user_confirm_request_evt(hdev, skb);
4030 case HCI_EV_USER_PASSKEY_REQUEST:
4031 hci_user_passkey_request_evt(hdev, skb);
4034 case HCI_EV_USER_PASSKEY_NOTIFY:
4035 hci_user_passkey_notify_evt(hdev, skb);
4038 case HCI_EV_KEYPRESS_NOTIFY:
4039 hci_keypress_notify_evt(hdev, skb);
4042 case HCI_EV_SIMPLE_PAIR_COMPLETE:
4043 hci_simple_pair_complete_evt(hdev, skb);
4046 case HCI_EV_REMOTE_HOST_FEATURES:
4047 hci_remote_host_features_evt(hdev, skb);
4050 case HCI_EV_LE_META:
4051 hci_le_meta_evt(hdev, skb);
4054 case HCI_EV_CHANNEL_SELECTED:
4055 hci_chan_selected_evt(hdev, skb);
4058 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
4059 hci_remote_oob_data_request_evt(hdev, skb);
4062 case HCI_EV_PHY_LINK_COMPLETE:
4063 hci_phy_link_complete_evt(hdev, skb);
4066 case HCI_EV_LOGICAL_LINK_COMPLETE:
4067 hci_loglink_complete_evt(hdev, skb);
4070 case HCI_EV_NUM_COMP_BLOCKS:
4071 hci_num_comp_blocks_evt(hdev, skb);
4075 BT_DBG("%s event 0x%2.2x", hdev->name, event);
4080 hdev->stat.evt_rx++;
projects / firefly-linux-kernel-4.4.55.git / blob