2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI event handling. */
27 #include <linux/export.h>
28 #include <asm/unaligned.h>
30 #include <net/bluetooth/bluetooth.h>
31 #include <net/bluetooth/hci_core.h>
32 #include <net/bluetooth/mgmt.h>
33 #include <net/bluetooth/a2mp.h>
34 #include <net/bluetooth/amp.h>
36 /* Handle HCI Event packets */
38 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
40 __u8 status = *((__u8 *) skb->data);
42 BT_DBG("%s status 0x%2.2x", hdev->name, status);
46 mgmt_stop_discovery_failed(hdev, status);
51 clear_bit(HCI_INQUIRY, &hdev->flags);
54 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
57 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
59 hci_conn_check_pending(hdev);
62 static void hci_cc_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
64 __u8 status = *((__u8 *) skb->data);
66 BT_DBG("%s status 0x%2.2x", hdev->name, status);
71 set_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
74 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
76 __u8 status = *((__u8 *) skb->data);
78 BT_DBG("%s status 0x%2.2x", hdev->name, status);
83 clear_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
85 hci_conn_check_pending(hdev);
88 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev,
91 BT_DBG("%s", hdev->name);
94 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
96 struct hci_rp_role_discovery *rp = (void *) skb->data;
97 struct hci_conn *conn;
99 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
106 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
109 conn->link_mode &= ~HCI_LM_MASTER;
111 conn->link_mode |= HCI_LM_MASTER;
114 hci_dev_unlock(hdev);
117 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
119 struct hci_rp_read_link_policy *rp = (void *) skb->data;
120 struct hci_conn *conn;
122 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
129 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
131 conn->link_policy = __le16_to_cpu(rp->policy);
133 hci_dev_unlock(hdev);
136 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
138 struct hci_rp_write_link_policy *rp = (void *) skb->data;
139 struct hci_conn *conn;
142 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
147 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
153 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
155 conn->link_policy = get_unaligned_le16(sent + 2);
157 hci_dev_unlock(hdev);
160 static void hci_cc_read_def_link_policy(struct hci_dev *hdev,
163 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
165 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
170 hdev->link_policy = __le16_to_cpu(rp->policy);
173 static void hci_cc_write_def_link_policy(struct hci_dev *hdev,
176 __u8 status = *((__u8 *) skb->data);
179 BT_DBG("%s status 0x%2.2x", hdev->name, status);
181 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
186 hdev->link_policy = get_unaligned_le16(sent);
188 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
191 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
193 __u8 status = *((__u8 *) skb->data);
195 BT_DBG("%s status 0x%2.2x", hdev->name, status);
197 clear_bit(HCI_RESET, &hdev->flags);
199 hci_req_complete(hdev, HCI_OP_RESET, status);
201 /* Reset all non-persistent flags */
202 hdev->dev_flags &= ~(BIT(HCI_LE_SCAN) | BIT(HCI_PENDING_CLASS) |
203 BIT(HCI_PERIODIC_INQ));
205 hdev->discovery.state = DISCOVERY_STOPPED;
208 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
210 __u8 status = *((__u8 *) skb->data);
213 BT_DBG("%s status 0x%2.2x", hdev->name, status);
215 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
221 if (test_bit(HCI_MGMT, &hdev->dev_flags))
222 mgmt_set_local_name_complete(hdev, sent, status);
224 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
226 hci_dev_unlock(hdev);
228 hci_req_complete(hdev, HCI_OP_WRITE_LOCAL_NAME, status);
231 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
233 struct hci_rp_read_local_name *rp = (void *) skb->data;
235 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
240 if (test_bit(HCI_SETUP, &hdev->dev_flags))
241 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
244 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
246 __u8 status = *((__u8 *) skb->data);
249 BT_DBG("%s status 0x%2.2x", hdev->name, status);
251 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
256 __u8 param = *((__u8 *) sent);
258 if (param == AUTH_ENABLED)
259 set_bit(HCI_AUTH, &hdev->flags);
261 clear_bit(HCI_AUTH, &hdev->flags);
264 if (test_bit(HCI_MGMT, &hdev->dev_flags))
265 mgmt_auth_enable_complete(hdev, status);
267 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
270 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
272 __u8 status = *((__u8 *) skb->data);
275 BT_DBG("%s status 0x%2.2x", hdev->name, status);
277 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
282 __u8 param = *((__u8 *) sent);
285 set_bit(HCI_ENCRYPT, &hdev->flags);
287 clear_bit(HCI_ENCRYPT, &hdev->flags);
290 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
293 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
295 __u8 param, status = *((__u8 *) skb->data);
296 int old_pscan, old_iscan;
299 BT_DBG("%s status 0x%2.2x", hdev->name, status);
301 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
305 param = *((__u8 *) sent);
310 mgmt_write_scan_failed(hdev, param, status);
311 hdev->discov_timeout = 0;
315 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
316 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
318 if (param & SCAN_INQUIRY) {
319 set_bit(HCI_ISCAN, &hdev->flags);
321 mgmt_discoverable(hdev, 1);
322 if (hdev->discov_timeout > 0) {
323 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
324 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
327 } else if (old_iscan)
328 mgmt_discoverable(hdev, 0);
330 if (param & SCAN_PAGE) {
331 set_bit(HCI_PSCAN, &hdev->flags);
333 mgmt_connectable(hdev, 1);
334 } else if (old_pscan)
335 mgmt_connectable(hdev, 0);
338 hci_dev_unlock(hdev);
339 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
342 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
344 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
346 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
351 memcpy(hdev->dev_class, rp->dev_class, 3);
353 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
354 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
357 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
359 __u8 status = *((__u8 *) skb->data);
362 BT_DBG("%s status 0x%2.2x", hdev->name, status);
364 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
371 memcpy(hdev->dev_class, sent, 3);
373 if (test_bit(HCI_MGMT, &hdev->dev_flags))
374 mgmt_set_class_of_dev_complete(hdev, sent, status);
376 hci_dev_unlock(hdev);
379 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
381 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
384 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
389 setting = __le16_to_cpu(rp->voice_setting);
391 if (hdev->voice_setting == setting)
394 hdev->voice_setting = setting;
396 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
399 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
402 static void hci_cc_write_voice_setting(struct hci_dev *hdev,
405 __u8 status = *((__u8 *) skb->data);
409 BT_DBG("%s status 0x%2.2x", hdev->name, status);
414 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
418 setting = get_unaligned_le16(sent);
420 if (hdev->voice_setting == setting)
423 hdev->voice_setting = setting;
425 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
428 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
431 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
433 __u8 status = *((__u8 *) skb->data);
435 BT_DBG("%s status 0x%2.2x", hdev->name, status);
437 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
440 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
442 __u8 status = *((__u8 *) skb->data);
443 struct hci_cp_write_ssp_mode *sent;
445 BT_DBG("%s status 0x%2.2x", hdev->name, status);
447 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
453 hdev->host_features[0] |= LMP_HOST_SSP;
455 hdev->host_features[0] &= ~LMP_HOST_SSP;
458 if (test_bit(HCI_MGMT, &hdev->dev_flags))
459 mgmt_ssp_enable_complete(hdev, sent->mode, status);
462 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
464 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
468 static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
470 if (lmp_ext_inq_capable(hdev))
473 if (lmp_inq_rssi_capable(hdev))
476 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
477 hdev->lmp_subver == 0x0757)
480 if (hdev->manufacturer == 15) {
481 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
483 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
485 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
489 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
490 hdev->lmp_subver == 0x1805)
496 static void hci_setup_inquiry_mode(struct hci_dev *hdev)
500 mode = hci_get_inquiry_mode(hdev);
502 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
505 static void hci_setup_event_mask(struct hci_dev *hdev)
507 /* The second byte is 0xff instead of 0x9f (two reserved bits
508 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
509 * command otherwise */
510 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
512 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
513 * any event mask for pre 1.2 devices */
514 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
517 if (lmp_bredr_capable(hdev)) {
518 events[4] |= 0x01; /* Flow Specification Complete */
519 events[4] |= 0x02; /* Inquiry Result with RSSI */
520 events[4] |= 0x04; /* Read Remote Extended Features Complete */
521 events[5] |= 0x08; /* Synchronous Connection Complete */
522 events[5] |= 0x10; /* Synchronous Connection Changed */
525 if (lmp_inq_rssi_capable(hdev))
526 events[4] |= 0x02; /* Inquiry Result with RSSI */
528 if (lmp_sniffsubr_capable(hdev))
529 events[5] |= 0x20; /* Sniff Subrating */
531 if (lmp_pause_enc_capable(hdev))
532 events[5] |= 0x80; /* Encryption Key Refresh Complete */
534 if (lmp_ext_inq_capable(hdev))
535 events[5] |= 0x40; /* Extended Inquiry Result */
537 if (lmp_no_flush_capable(hdev))
538 events[7] |= 0x01; /* Enhanced Flush Complete */
540 if (lmp_lsto_capable(hdev))
541 events[6] |= 0x80; /* Link Supervision Timeout Changed */
543 if (lmp_ssp_capable(hdev)) {
544 events[6] |= 0x01; /* IO Capability Request */
545 events[6] |= 0x02; /* IO Capability Response */
546 events[6] |= 0x04; /* User Confirmation Request */
547 events[6] |= 0x08; /* User Passkey Request */
548 events[6] |= 0x10; /* Remote OOB Data Request */
549 events[6] |= 0x20; /* Simple Pairing Complete */
550 events[7] |= 0x04; /* User Passkey Notification */
551 events[7] |= 0x08; /* Keypress Notification */
552 events[7] |= 0x10; /* Remote Host Supported
553 * Features Notification */
556 if (lmp_le_capable(hdev))
557 events[7] |= 0x20; /* LE Meta-Event */
559 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
561 if (lmp_le_capable(hdev)) {
562 memset(events, 0, sizeof(events));
564 hci_send_cmd(hdev, HCI_OP_LE_SET_EVENT_MASK,
565 sizeof(events), events);
569 static void bredr_setup(struct hci_dev *hdev)
571 struct hci_cp_delete_stored_link_key cp;
575 /* Read Buffer Size (ACL mtu, max pkt, etc.) */
576 hci_send_cmd(hdev, HCI_OP_READ_BUFFER_SIZE, 0, NULL);
578 /* Read Class of Device */
579 hci_send_cmd(hdev, HCI_OP_READ_CLASS_OF_DEV, 0, NULL);
581 /* Read Local Name */
582 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_NAME, 0, NULL);
584 /* Read Voice Setting */
585 hci_send_cmd(hdev, HCI_OP_READ_VOICE_SETTING, 0, NULL);
587 /* Clear Event Filters */
588 flt_type = HCI_FLT_CLEAR_ALL;
589 hci_send_cmd(hdev, HCI_OP_SET_EVENT_FLT, 1, &flt_type);
591 /* Connection accept timeout ~20 secs */
592 param = __constant_cpu_to_le16(0x7d00);
593 hci_send_cmd(hdev, HCI_OP_WRITE_CA_TIMEOUT, 2, ¶m);
595 bacpy(&cp.bdaddr, BDADDR_ANY);
597 hci_send_cmd(hdev, HCI_OP_DELETE_STORED_LINK_KEY, sizeof(cp), &cp);
600 static void le_setup(struct hci_dev *hdev)
602 /* Read LE Buffer Size */
603 hci_send_cmd(hdev, HCI_OP_LE_READ_BUFFER_SIZE, 0, NULL);
605 /* Read LE Advertising Channel TX Power */
606 hci_send_cmd(hdev, HCI_OP_LE_READ_ADV_TX_POWER, 0, NULL);
609 static void hci_setup(struct hci_dev *hdev)
611 if (hdev->dev_type != HCI_BREDR)
614 /* Read BD Address */
615 hci_send_cmd(hdev, HCI_OP_READ_BD_ADDR, 0, NULL);
617 if (lmp_bredr_capable(hdev))
620 if (lmp_le_capable(hdev))
623 hci_setup_event_mask(hdev);
625 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
626 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
628 if (lmp_ssp_capable(hdev)) {
629 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
631 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE,
632 sizeof(mode), &mode);
634 struct hci_cp_write_eir cp;
636 memset(hdev->eir, 0, sizeof(hdev->eir));
637 memset(&cp, 0, sizeof(cp));
639 hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
643 if (lmp_inq_rssi_capable(hdev))
644 hci_setup_inquiry_mode(hdev);
646 if (lmp_inq_tx_pwr_capable(hdev))
647 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
649 if (lmp_ext_feat_capable(hdev)) {
650 struct hci_cp_read_local_ext_features cp;
653 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp),
657 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags)) {
659 hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(enable),
664 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
666 struct hci_rp_read_local_version *rp = (void *) skb->data;
668 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
673 hdev->hci_ver = rp->hci_ver;
674 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
675 hdev->lmp_ver = rp->lmp_ver;
676 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
677 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
679 BT_DBG("%s manufacturer 0x%4.4x hci ver %d:%d", hdev->name,
680 hdev->manufacturer, hdev->hci_ver, hdev->hci_rev);
682 if (test_bit(HCI_INIT, &hdev->flags))
686 hci_req_complete(hdev, HCI_OP_READ_LOCAL_VERSION, rp->status);
689 static void hci_setup_link_policy(struct hci_dev *hdev)
691 struct hci_cp_write_def_link_policy cp;
694 if (lmp_rswitch_capable(hdev))
695 link_policy |= HCI_LP_RSWITCH;
696 if (lmp_hold_capable(hdev))
697 link_policy |= HCI_LP_HOLD;
698 if (lmp_sniff_capable(hdev))
699 link_policy |= HCI_LP_SNIFF;
700 if (lmp_park_capable(hdev))
701 link_policy |= HCI_LP_PARK;
703 cp.policy = cpu_to_le16(link_policy);
704 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, sizeof(cp), &cp);
707 static void hci_cc_read_local_commands(struct hci_dev *hdev,
710 struct hci_rp_read_local_commands *rp = (void *) skb->data;
712 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
717 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
719 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
720 hci_setup_link_policy(hdev);
723 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
726 static void hci_cc_read_local_features(struct hci_dev *hdev,
729 struct hci_rp_read_local_features *rp = (void *) skb->data;
731 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
736 memcpy(hdev->features, rp->features, 8);
738 /* Adjust default settings according to features
739 * supported by device. */
741 if (hdev->features[0] & LMP_3SLOT)
742 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
744 if (hdev->features[0] & LMP_5SLOT)
745 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
747 if (hdev->features[1] & LMP_HV2) {
748 hdev->pkt_type |= (HCI_HV2);
749 hdev->esco_type |= (ESCO_HV2);
752 if (hdev->features[1] & LMP_HV3) {
753 hdev->pkt_type |= (HCI_HV3);
754 hdev->esco_type |= (ESCO_HV3);
757 if (lmp_esco_capable(hdev))
758 hdev->esco_type |= (ESCO_EV3);
760 if (hdev->features[4] & LMP_EV4)
761 hdev->esco_type |= (ESCO_EV4);
763 if (hdev->features[4] & LMP_EV5)
764 hdev->esco_type |= (ESCO_EV5);
766 if (hdev->features[5] & LMP_EDR_ESCO_2M)
767 hdev->esco_type |= (ESCO_2EV3);
769 if (hdev->features[5] & LMP_EDR_ESCO_3M)
770 hdev->esco_type |= (ESCO_3EV3);
772 if (hdev->features[5] & LMP_EDR_3S_ESCO)
773 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
775 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
776 hdev->features[0], hdev->features[1],
777 hdev->features[2], hdev->features[3],
778 hdev->features[4], hdev->features[5],
779 hdev->features[6], hdev->features[7]);
782 static void hci_set_le_support(struct hci_dev *hdev)
784 struct hci_cp_write_le_host_supported cp;
786 memset(&cp, 0, sizeof(cp));
788 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
790 cp.simul = !!lmp_le_br_capable(hdev);
793 if (cp.le != !!lmp_host_le_capable(hdev))
794 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp),
798 static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
801 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
803 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
810 memcpy(hdev->features, rp->features, 8);
813 memcpy(hdev->host_features, rp->features, 8);
817 if (test_bit(HCI_INIT, &hdev->flags) && lmp_le_capable(hdev))
818 hci_set_le_support(hdev);
821 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
824 static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
827 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
829 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
834 hdev->flow_ctl_mode = rp->mode;
836 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
839 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
841 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
843 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
848 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
849 hdev->sco_mtu = rp->sco_mtu;
850 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
851 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
853 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
858 hdev->acl_cnt = hdev->acl_pkts;
859 hdev->sco_cnt = hdev->sco_pkts;
861 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu,
862 hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts);
865 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
867 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
869 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
872 bacpy(&hdev->bdaddr, &rp->bdaddr);
874 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
877 static void hci_cc_read_data_block_size(struct hci_dev *hdev,
880 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
882 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
887 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
888 hdev->block_len = __le16_to_cpu(rp->block_len);
889 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
891 hdev->block_cnt = hdev->num_blocks;
893 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
894 hdev->block_cnt, hdev->block_len);
896 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
899 static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
901 __u8 status = *((__u8 *) skb->data);
903 BT_DBG("%s status 0x%2.2x", hdev->name, status);
905 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
908 static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
911 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
913 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
918 hdev->amp_status = rp->amp_status;
919 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
920 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
921 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
922 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
923 hdev->amp_type = rp->amp_type;
924 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
925 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
926 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
927 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
929 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
932 a2mp_send_getinfo_rsp(hdev);
935 static void hci_cc_read_local_amp_assoc(struct hci_dev *hdev,
938 struct hci_rp_read_local_amp_assoc *rp = (void *) skb->data;
939 struct amp_assoc *assoc = &hdev->loc_assoc;
940 size_t rem_len, frag_len;
942 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
947 frag_len = skb->len - sizeof(*rp);
948 rem_len = __le16_to_cpu(rp->rem_len);
950 if (rem_len > frag_len) {
951 BT_DBG("frag_len %zu rem_len %zu", frag_len, rem_len);
953 memcpy(assoc->data + assoc->offset, rp->frag, frag_len);
954 assoc->offset += frag_len;
956 /* Read other fragments */
957 amp_read_loc_assoc_frag(hdev, rp->phy_handle);
962 memcpy(assoc->data + assoc->offset, rp->frag, rem_len);
963 assoc->len = assoc->offset + rem_len;
967 /* Send A2MP Rsp when all fragments are received */
968 a2mp_send_getampassoc_rsp(hdev, rp->status);
969 a2mp_send_create_phy_link_req(hdev, rp->status);
972 static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
975 __u8 status = *((__u8 *) skb->data);
977 BT_DBG("%s status 0x%2.2x", hdev->name, status);
979 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
982 static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
984 __u8 status = *((__u8 *) skb->data);
986 BT_DBG("%s status 0x%2.2x", hdev->name, status);
988 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
991 static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
994 __u8 status = *((__u8 *) skb->data);
996 BT_DBG("%s status 0x%2.2x", hdev->name, status);
998 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
1001 static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
1002 struct sk_buff *skb)
1004 struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data;
1006 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1009 hdev->inq_tx_power = rp->tx_power;
1011 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, rp->status);
1014 static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
1016 __u8 status = *((__u8 *) skb->data);
1018 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1020 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
1023 static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
1025 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
1026 struct hci_cp_pin_code_reply *cp;
1027 struct hci_conn *conn;
1029 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1033 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1034 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
1039 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
1043 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1045 conn->pin_length = cp->pin_len;
1048 hci_dev_unlock(hdev);
1051 static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1053 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
1055 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1059 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1060 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
1063 hci_dev_unlock(hdev);
1066 static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
1067 struct sk_buff *skb)
1069 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
1071 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1076 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
1077 hdev->le_pkts = rp->le_max_pkt;
1079 hdev->le_cnt = hdev->le_pkts;
1081 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
1083 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
1086 static void hci_cc_le_read_adv_tx_power(struct hci_dev *hdev,
1087 struct sk_buff *skb)
1089 struct hci_rp_le_read_adv_tx_power *rp = (void *) skb->data;
1091 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1094 hdev->adv_tx_power = rp->tx_power;
1096 hci_req_complete(hdev, HCI_OP_LE_READ_ADV_TX_POWER, rp->status);
1099 static void hci_cc_le_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
1101 __u8 status = *((__u8 *) skb->data);
1103 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1105 hci_req_complete(hdev, HCI_OP_LE_SET_EVENT_MASK, status);
1108 static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
1110 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1112 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1116 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1117 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0,
1120 hci_dev_unlock(hdev);
1123 static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
1124 struct sk_buff *skb)
1126 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1128 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1132 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1133 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
1134 ACL_LINK, 0, rp->status);
1136 hci_dev_unlock(hdev);
1139 static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
1141 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1143 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1147 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1148 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
1151 hci_dev_unlock(hdev);
1154 static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
1155 struct sk_buff *skb)
1157 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1159 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1163 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1164 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
1165 ACL_LINK, 0, rp->status);
1167 hci_dev_unlock(hdev);
1170 static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
1171 struct sk_buff *skb)
1173 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1175 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1178 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
1179 rp->randomizer, rp->status);
1180 hci_dev_unlock(hdev);
1183 static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1185 __u8 status = *((__u8 *) skb->data);
1187 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1189 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_PARAM, status);
1193 mgmt_start_discovery_failed(hdev, status);
1194 hci_dev_unlock(hdev);
1199 static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1200 struct sk_buff *skb)
1202 struct hci_cp_le_set_scan_enable *cp;
1203 __u8 status = *((__u8 *) skb->data);
1205 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1207 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1211 switch (cp->enable) {
1212 case LE_SCANNING_ENABLED:
1213 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_ENABLE, status);
1217 mgmt_start_discovery_failed(hdev, status);
1218 hci_dev_unlock(hdev);
1222 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1225 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
1226 hci_dev_unlock(hdev);
1229 case LE_SCANNING_DISABLED:
1232 mgmt_stop_discovery_failed(hdev, status);
1233 hci_dev_unlock(hdev);
1237 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1239 if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED &&
1240 hdev->discovery.state == DISCOVERY_FINDING) {
1241 mgmt_interleaved_discovery(hdev);
1244 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1245 hci_dev_unlock(hdev);
1251 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1256 static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1258 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1260 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1265 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1268 static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1270 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1272 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1277 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1280 static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1281 struct sk_buff *skb)
1283 struct hci_cp_write_le_host_supported *sent;
1284 __u8 status = *((__u8 *) skb->data);
1286 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1288 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED);
1294 hdev->host_features[0] |= LMP_HOST_LE;
1296 hdev->host_features[0] &= ~LMP_HOST_LE;
1299 hdev->host_features[0] |= LMP_HOST_LE_BREDR;
1301 hdev->host_features[0] &= ~LMP_HOST_LE_BREDR;
1304 if (test_bit(HCI_MGMT, &hdev->dev_flags) &&
1305 !test_bit(HCI_INIT, &hdev->flags))
1306 mgmt_le_enable_complete(hdev, sent->le, status);
1308 hci_req_complete(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, status);
1311 static void hci_cc_write_remote_amp_assoc(struct hci_dev *hdev,
1312 struct sk_buff *skb)
1314 struct hci_rp_write_remote_amp_assoc *rp = (void *) skb->data;
1316 BT_DBG("%s status 0x%2.2x phy_handle 0x%2.2x",
1317 hdev->name, rp->status, rp->phy_handle);
1322 amp_write_rem_assoc_continue(hdev, rp->phy_handle);
1325 static void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
1327 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1330 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1331 hci_conn_check_pending(hdev);
1333 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1334 mgmt_start_discovery_failed(hdev, status);
1335 hci_dev_unlock(hdev);
1339 set_bit(HCI_INQUIRY, &hdev->flags);
1342 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
1343 hci_dev_unlock(hdev);
1346 static void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1348 struct hci_cp_create_conn *cp;
1349 struct hci_conn *conn;
1351 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1353 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1359 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1361 BT_DBG("%s bdaddr %pMR hcon %p", hdev->name, &cp->bdaddr, conn);
1364 if (conn && conn->state == BT_CONNECT) {
1365 if (status != 0x0c || conn->attempt > 2) {
1366 conn->state = BT_CLOSED;
1367 hci_proto_connect_cfm(conn, status);
1370 conn->state = BT_CONNECT2;
1374 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1377 conn->link_mode |= HCI_LM_MASTER;
1379 BT_ERR("No memory for new connection");
1383 hci_dev_unlock(hdev);
1386 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1388 struct hci_cp_add_sco *cp;
1389 struct hci_conn *acl, *sco;
1392 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1397 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1401 handle = __le16_to_cpu(cp->handle);
1403 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
1407 acl = hci_conn_hash_lookup_handle(hdev, handle);
1411 sco->state = BT_CLOSED;
1413 hci_proto_connect_cfm(sco, status);
1418 hci_dev_unlock(hdev);
1421 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1423 struct hci_cp_auth_requested *cp;
1424 struct hci_conn *conn;
1426 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1431 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1437 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1439 if (conn->state == BT_CONFIG) {
1440 hci_proto_connect_cfm(conn, status);
1445 hci_dev_unlock(hdev);
1448 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1450 struct hci_cp_set_conn_encrypt *cp;
1451 struct hci_conn *conn;
1453 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1458 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1464 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1466 if (conn->state == BT_CONFIG) {
1467 hci_proto_connect_cfm(conn, status);
1472 hci_dev_unlock(hdev);
1475 static int hci_outgoing_auth_needed(struct hci_dev *hdev,
1476 struct hci_conn *conn)
1478 if (conn->state != BT_CONFIG || !conn->out)
1481 if (conn->pending_sec_level == BT_SECURITY_SDP)
1484 /* Only request authentication for SSP connections or non-SSP
1485 * devices with sec_level HIGH or if MITM protection is requested */
1486 if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) &&
1487 conn->pending_sec_level != BT_SECURITY_HIGH)
1493 static int hci_resolve_name(struct hci_dev *hdev,
1494 struct inquiry_entry *e)
1496 struct hci_cp_remote_name_req cp;
1498 memset(&cp, 0, sizeof(cp));
1500 bacpy(&cp.bdaddr, &e->data.bdaddr);
1501 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1502 cp.pscan_mode = e->data.pscan_mode;
1503 cp.clock_offset = e->data.clock_offset;
1505 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1508 static bool hci_resolve_next_name(struct hci_dev *hdev)
1510 struct discovery_state *discov = &hdev->discovery;
1511 struct inquiry_entry *e;
1513 if (list_empty(&discov->resolve))
1516 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1520 if (hci_resolve_name(hdev, e) == 0) {
1521 e->name_state = NAME_PENDING;
1528 static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
1529 bdaddr_t *bdaddr, u8 *name, u8 name_len)
1531 struct discovery_state *discov = &hdev->discovery;
1532 struct inquiry_entry *e;
1534 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
1535 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00, 0, name,
1536 name_len, conn->dev_class);
1538 if (discov->state == DISCOVERY_STOPPED)
1541 if (discov->state == DISCOVERY_STOPPING)
1542 goto discov_complete;
1544 if (discov->state != DISCOVERY_RESOLVING)
1547 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
1548 /* If the device was not found in a list of found devices names of which
1549 * are pending. there is no need to continue resolving a next name as it
1550 * will be done upon receiving another Remote Name Request Complete
1557 e->name_state = NAME_KNOWN;
1558 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1559 e->data.rssi, name, name_len);
1561 e->name_state = NAME_NOT_KNOWN;
1564 if (hci_resolve_next_name(hdev))
1568 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1571 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1573 struct hci_cp_remote_name_req *cp;
1574 struct hci_conn *conn;
1576 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1578 /* If successful wait for the name req complete event before
1579 * checking for the need to do authentication */
1583 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1589 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1591 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1592 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
1597 if (!hci_outgoing_auth_needed(hdev, conn))
1600 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
1601 struct hci_cp_auth_requested cp;
1602 cp.handle = __cpu_to_le16(conn->handle);
1603 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1607 hci_dev_unlock(hdev);
1610 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1612 struct hci_cp_read_remote_features *cp;
1613 struct hci_conn *conn;
1615 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1620 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1626 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1628 if (conn->state == BT_CONFIG) {
1629 hci_proto_connect_cfm(conn, status);
1634 hci_dev_unlock(hdev);
1637 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1639 struct hci_cp_read_remote_ext_features *cp;
1640 struct hci_conn *conn;
1642 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1647 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1653 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1655 if (conn->state == BT_CONFIG) {
1656 hci_proto_connect_cfm(conn, status);
1661 hci_dev_unlock(hdev);
1664 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1666 struct hci_cp_setup_sync_conn *cp;
1667 struct hci_conn *acl, *sco;
1670 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1675 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1679 handle = __le16_to_cpu(cp->handle);
1681 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
1685 acl = hci_conn_hash_lookup_handle(hdev, handle);
1689 sco->state = BT_CLOSED;
1691 hci_proto_connect_cfm(sco, status);
1696 hci_dev_unlock(hdev);
1699 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1701 struct hci_cp_sniff_mode *cp;
1702 struct hci_conn *conn;
1704 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1709 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1715 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1717 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1719 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
1720 hci_sco_setup(conn, status);
1723 hci_dev_unlock(hdev);
1726 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1728 struct hci_cp_exit_sniff_mode *cp;
1729 struct hci_conn *conn;
1731 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1736 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1742 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1744 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1746 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
1747 hci_sco_setup(conn, status);
1750 hci_dev_unlock(hdev);
1753 static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1755 struct hci_cp_disconnect *cp;
1756 struct hci_conn *conn;
1761 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
1767 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1769 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
1770 conn->dst_type, status);
1772 hci_dev_unlock(hdev);
1775 static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1777 struct hci_conn *conn;
1779 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1784 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
1786 hci_dev_unlock(hdev);
1790 BT_DBG("%s bdaddr %pMR conn %p", hdev->name, &conn->dst, conn);
1792 conn->state = BT_CLOSED;
1793 mgmt_connect_failed(hdev, &conn->dst, conn->type,
1794 conn->dst_type, status);
1795 hci_proto_connect_cfm(conn, status);
1798 hci_dev_unlock(hdev);
1802 static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1804 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1807 static void hci_cs_create_phylink(struct hci_dev *hdev, u8 status)
1809 struct hci_cp_create_phy_link *cp;
1811 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1816 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_PHY_LINK);
1820 amp_write_remote_assoc(hdev, cp->phy_handle);
1823 static void hci_cs_accept_phylink(struct hci_dev *hdev, u8 status)
1825 struct hci_cp_accept_phy_link *cp;
1827 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1832 cp = hci_sent_cmd_data(hdev, HCI_OP_ACCEPT_PHY_LINK);
1836 amp_write_remote_assoc(hdev, cp->phy_handle);
1839 static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1841 __u8 status = *((__u8 *) skb->data);
1842 struct discovery_state *discov = &hdev->discovery;
1843 struct inquiry_entry *e;
1845 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1847 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1849 hci_conn_check_pending(hdev);
1851 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1854 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
1859 if (discov->state != DISCOVERY_FINDING)
1862 if (list_empty(&discov->resolve)) {
1863 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1867 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1868 if (e && hci_resolve_name(hdev, e) == 0) {
1869 e->name_state = NAME_PENDING;
1870 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1872 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1876 hci_dev_unlock(hdev);
1879 static void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1881 struct inquiry_data data;
1882 struct inquiry_info *info = (void *) (skb->data + 1);
1883 int num_rsp = *((__u8 *) skb->data);
1885 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1890 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
1895 for (; num_rsp; num_rsp--, info++) {
1896 bool name_known, ssp;
1898 bacpy(&data.bdaddr, &info->bdaddr);
1899 data.pscan_rep_mode = info->pscan_rep_mode;
1900 data.pscan_period_mode = info->pscan_period_mode;
1901 data.pscan_mode = info->pscan_mode;
1902 memcpy(data.dev_class, info->dev_class, 3);
1903 data.clock_offset = info->clock_offset;
1905 data.ssp_mode = 0x00;
1907 name_known = hci_inquiry_cache_update(hdev, &data, false, &ssp);
1908 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
1909 info->dev_class, 0, !name_known, ssp, NULL,
1913 hci_dev_unlock(hdev);
1916 static void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1918 struct hci_ev_conn_complete *ev = (void *) skb->data;
1919 struct hci_conn *conn;
1921 BT_DBG("%s", hdev->name);
1925 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1927 if (ev->link_type != SCO_LINK)
1930 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1934 conn->type = SCO_LINK;
1938 conn->handle = __le16_to_cpu(ev->handle);
1940 if (conn->type == ACL_LINK) {
1941 conn->state = BT_CONFIG;
1942 hci_conn_hold(conn);
1944 if (!conn->out && !hci_conn_ssp_enabled(conn) &&
1945 !hci_find_link_key(hdev, &ev->bdaddr))
1946 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1948 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1950 conn->state = BT_CONNECTED;
1952 hci_conn_hold_device(conn);
1953 hci_conn_add_sysfs(conn);
1955 if (test_bit(HCI_AUTH, &hdev->flags))
1956 conn->link_mode |= HCI_LM_AUTH;
1958 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1959 conn->link_mode |= HCI_LM_ENCRYPT;
1961 /* Get remote features */
1962 if (conn->type == ACL_LINK) {
1963 struct hci_cp_read_remote_features cp;
1964 cp.handle = ev->handle;
1965 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1969 /* Set packet type for incoming connection */
1970 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1971 struct hci_cp_change_conn_ptype cp;
1972 cp.handle = ev->handle;
1973 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1974 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, sizeof(cp),
1978 conn->state = BT_CLOSED;
1979 if (conn->type == ACL_LINK)
1980 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
1981 conn->dst_type, ev->status);
1984 if (conn->type == ACL_LINK)
1985 hci_sco_setup(conn, ev->status);
1988 hci_proto_connect_cfm(conn, ev->status);
1990 } else if (ev->link_type != ACL_LINK)
1991 hci_proto_connect_cfm(conn, ev->status);
1994 hci_dev_unlock(hdev);
1996 hci_conn_check_pending(hdev);
1999 static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2001 struct hci_ev_conn_request *ev = (void *) skb->data;
2002 int mask = hdev->link_mode;
2004 BT_DBG("%s bdaddr %pMR type 0x%x", hdev->name, &ev->bdaddr,
2007 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
2009 if ((mask & HCI_LM_ACCEPT) &&
2010 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
2011 /* Connection accepted */
2012 struct inquiry_entry *ie;
2013 struct hci_conn *conn;
2017 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2019 memcpy(ie->data.dev_class, ev->dev_class, 3);
2021 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type,
2024 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
2026 BT_ERR("No memory for new connection");
2027 hci_dev_unlock(hdev);
2032 memcpy(conn->dev_class, ev->dev_class, 3);
2033 conn->state = BT_CONNECT;
2035 hci_dev_unlock(hdev);
2037 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
2038 struct hci_cp_accept_conn_req cp;
2040 bacpy(&cp.bdaddr, &ev->bdaddr);
2042 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
2043 cp.role = 0x00; /* Become master */
2045 cp.role = 0x01; /* Remain slave */
2047 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp),
2050 struct hci_cp_accept_sync_conn_req cp;
2052 bacpy(&cp.bdaddr, &ev->bdaddr);
2053 cp.pkt_type = cpu_to_le16(conn->pkt_type);
2055 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
2056 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
2057 cp.max_latency = __constant_cpu_to_le16(0xffff);
2058 cp.content_format = cpu_to_le16(hdev->voice_setting);
2059 cp.retrans_effort = 0xff;
2061 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
2065 /* Connection rejected */
2066 struct hci_cp_reject_conn_req cp;
2068 bacpy(&cp.bdaddr, &ev->bdaddr);
2069 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
2070 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
2074 static u8 hci_to_mgmt_reason(u8 err)
2077 case HCI_ERROR_CONNECTION_TIMEOUT:
2078 return MGMT_DEV_DISCONN_TIMEOUT;
2079 case HCI_ERROR_REMOTE_USER_TERM:
2080 case HCI_ERROR_REMOTE_LOW_RESOURCES:
2081 case HCI_ERROR_REMOTE_POWER_OFF:
2082 return MGMT_DEV_DISCONN_REMOTE;
2083 case HCI_ERROR_LOCAL_HOST_TERM:
2084 return MGMT_DEV_DISCONN_LOCAL_HOST;
2086 return MGMT_DEV_DISCONN_UNKNOWN;
2090 static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2092 struct hci_ev_disconn_complete *ev = (void *) skb->data;
2093 struct hci_conn *conn;
2095 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2099 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2103 if (ev->status == 0)
2104 conn->state = BT_CLOSED;
2106 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
2107 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
2109 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
2110 conn->dst_type, ev->status);
2112 u8 reason = hci_to_mgmt_reason(ev->reason);
2114 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
2115 conn->dst_type, reason);
2119 if (ev->status == 0) {
2120 if (conn->type == ACL_LINK && conn->flush_key)
2121 hci_remove_link_key(hdev, &conn->dst);
2122 hci_proto_disconn_cfm(conn, ev->reason);
2127 hci_dev_unlock(hdev);
2130 static void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2132 struct hci_ev_auth_complete *ev = (void *) skb->data;
2133 struct hci_conn *conn;
2135 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2139 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2144 if (!hci_conn_ssp_enabled(conn) &&
2145 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
2146 BT_INFO("re-auth of legacy device is not possible.");
2148 conn->link_mode |= HCI_LM_AUTH;
2149 conn->sec_level = conn->pending_sec_level;
2152 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
2156 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
2157 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
2159 if (conn->state == BT_CONFIG) {
2160 if (!ev->status && hci_conn_ssp_enabled(conn)) {
2161 struct hci_cp_set_conn_encrypt cp;
2162 cp.handle = ev->handle;
2164 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
2167 conn->state = BT_CONNECTED;
2168 hci_proto_connect_cfm(conn, ev->status);
2172 hci_auth_cfm(conn, ev->status);
2174 hci_conn_hold(conn);
2175 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2179 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
2181 struct hci_cp_set_conn_encrypt cp;
2182 cp.handle = ev->handle;
2184 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
2187 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
2188 hci_encrypt_cfm(conn, ev->status, 0x00);
2193 hci_dev_unlock(hdev);
2196 static void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
2198 struct hci_ev_remote_name *ev = (void *) skb->data;
2199 struct hci_conn *conn;
2201 BT_DBG("%s", hdev->name);
2203 hci_conn_check_pending(hdev);
2207 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2209 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
2212 if (ev->status == 0)
2213 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
2214 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
2216 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
2222 if (!hci_outgoing_auth_needed(hdev, conn))
2225 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
2226 struct hci_cp_auth_requested cp;
2227 cp.handle = __cpu_to_le16(conn->handle);
2228 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
2232 hci_dev_unlock(hdev);
2235 static void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2237 struct hci_ev_encrypt_change *ev = (void *) skb->data;
2238 struct hci_conn *conn;
2240 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2244 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2248 /* Encryption implies authentication */
2249 conn->link_mode |= HCI_LM_AUTH;
2250 conn->link_mode |= HCI_LM_ENCRYPT;
2251 conn->sec_level = conn->pending_sec_level;
2253 conn->link_mode &= ~HCI_LM_ENCRYPT;
2256 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
2258 if (ev->status && conn->state == BT_CONNECTED) {
2259 hci_acl_disconn(conn, HCI_ERROR_AUTH_FAILURE);
2264 if (conn->state == BT_CONFIG) {
2266 conn->state = BT_CONNECTED;
2268 hci_proto_connect_cfm(conn, ev->status);
2271 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
2275 hci_dev_unlock(hdev);
2278 static void hci_change_link_key_complete_evt(struct hci_dev *hdev,
2279 struct sk_buff *skb)
2281 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
2282 struct hci_conn *conn;
2284 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2288 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2291 conn->link_mode |= HCI_LM_SECURE;
2293 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
2295 hci_key_change_cfm(conn, ev->status);
2298 hci_dev_unlock(hdev);
2301 static void hci_remote_features_evt(struct hci_dev *hdev,
2302 struct sk_buff *skb)
2304 struct hci_ev_remote_features *ev = (void *) skb->data;
2305 struct hci_conn *conn;
2307 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2311 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2316 memcpy(conn->features, ev->features, 8);
2318 if (conn->state != BT_CONFIG)
2321 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2322 struct hci_cp_read_remote_ext_features cp;
2323 cp.handle = ev->handle;
2325 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
2330 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
2331 struct hci_cp_remote_name_req cp;
2332 memset(&cp, 0, sizeof(cp));
2333 bacpy(&cp.bdaddr, &conn->dst);
2334 cp.pscan_rep_mode = 0x02;
2335 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2336 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2337 mgmt_device_connected(hdev, &conn->dst, conn->type,
2338 conn->dst_type, 0, NULL, 0,
2341 if (!hci_outgoing_auth_needed(hdev, conn)) {
2342 conn->state = BT_CONNECTED;
2343 hci_proto_connect_cfm(conn, ev->status);
2348 hci_dev_unlock(hdev);
2351 static void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
2353 BT_DBG("%s", hdev->name);
2356 static void hci_qos_setup_complete_evt(struct hci_dev *hdev,
2357 struct sk_buff *skb)
2359 BT_DBG("%s", hdev->name);
2362 static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2364 struct hci_ev_cmd_complete *ev = (void *) skb->data;
2367 skb_pull(skb, sizeof(*ev));
2369 opcode = __le16_to_cpu(ev->opcode);
2372 case HCI_OP_INQUIRY_CANCEL:
2373 hci_cc_inquiry_cancel(hdev, skb);
2376 case HCI_OP_PERIODIC_INQ:
2377 hci_cc_periodic_inq(hdev, skb);
2380 case HCI_OP_EXIT_PERIODIC_INQ:
2381 hci_cc_exit_periodic_inq(hdev, skb);
2384 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2385 hci_cc_remote_name_req_cancel(hdev, skb);
2388 case HCI_OP_ROLE_DISCOVERY:
2389 hci_cc_role_discovery(hdev, skb);
2392 case HCI_OP_READ_LINK_POLICY:
2393 hci_cc_read_link_policy(hdev, skb);
2396 case HCI_OP_WRITE_LINK_POLICY:
2397 hci_cc_write_link_policy(hdev, skb);
2400 case HCI_OP_READ_DEF_LINK_POLICY:
2401 hci_cc_read_def_link_policy(hdev, skb);
2404 case HCI_OP_WRITE_DEF_LINK_POLICY:
2405 hci_cc_write_def_link_policy(hdev, skb);
2409 hci_cc_reset(hdev, skb);
2412 case HCI_OP_WRITE_LOCAL_NAME:
2413 hci_cc_write_local_name(hdev, skb);
2416 case HCI_OP_READ_LOCAL_NAME:
2417 hci_cc_read_local_name(hdev, skb);
2420 case HCI_OP_WRITE_AUTH_ENABLE:
2421 hci_cc_write_auth_enable(hdev, skb);
2424 case HCI_OP_WRITE_ENCRYPT_MODE:
2425 hci_cc_write_encrypt_mode(hdev, skb);
2428 case HCI_OP_WRITE_SCAN_ENABLE:
2429 hci_cc_write_scan_enable(hdev, skb);
2432 case HCI_OP_READ_CLASS_OF_DEV:
2433 hci_cc_read_class_of_dev(hdev, skb);
2436 case HCI_OP_WRITE_CLASS_OF_DEV:
2437 hci_cc_write_class_of_dev(hdev, skb);
2440 case HCI_OP_READ_VOICE_SETTING:
2441 hci_cc_read_voice_setting(hdev, skb);
2444 case HCI_OP_WRITE_VOICE_SETTING:
2445 hci_cc_write_voice_setting(hdev, skb);
2448 case HCI_OP_HOST_BUFFER_SIZE:
2449 hci_cc_host_buffer_size(hdev, skb);
2452 case HCI_OP_WRITE_SSP_MODE:
2453 hci_cc_write_ssp_mode(hdev, skb);
2456 case HCI_OP_READ_LOCAL_VERSION:
2457 hci_cc_read_local_version(hdev, skb);
2460 case HCI_OP_READ_LOCAL_COMMANDS:
2461 hci_cc_read_local_commands(hdev, skb);
2464 case HCI_OP_READ_LOCAL_FEATURES:
2465 hci_cc_read_local_features(hdev, skb);
2468 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2469 hci_cc_read_local_ext_features(hdev, skb);
2472 case HCI_OP_READ_BUFFER_SIZE:
2473 hci_cc_read_buffer_size(hdev, skb);
2476 case HCI_OP_READ_BD_ADDR:
2477 hci_cc_read_bd_addr(hdev, skb);
2480 case HCI_OP_READ_DATA_BLOCK_SIZE:
2481 hci_cc_read_data_block_size(hdev, skb);
2484 case HCI_OP_WRITE_CA_TIMEOUT:
2485 hci_cc_write_ca_timeout(hdev, skb);
2488 case HCI_OP_READ_FLOW_CONTROL_MODE:
2489 hci_cc_read_flow_control_mode(hdev, skb);
2492 case HCI_OP_READ_LOCAL_AMP_INFO:
2493 hci_cc_read_local_amp_info(hdev, skb);
2496 case HCI_OP_READ_LOCAL_AMP_ASSOC:
2497 hci_cc_read_local_amp_assoc(hdev, skb);
2500 case HCI_OP_DELETE_STORED_LINK_KEY:
2501 hci_cc_delete_stored_link_key(hdev, skb);
2504 case HCI_OP_SET_EVENT_MASK:
2505 hci_cc_set_event_mask(hdev, skb);
2508 case HCI_OP_WRITE_INQUIRY_MODE:
2509 hci_cc_write_inquiry_mode(hdev, skb);
2512 case HCI_OP_READ_INQ_RSP_TX_POWER:
2513 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2516 case HCI_OP_SET_EVENT_FLT:
2517 hci_cc_set_event_flt(hdev, skb);
2520 case HCI_OP_PIN_CODE_REPLY:
2521 hci_cc_pin_code_reply(hdev, skb);
2524 case HCI_OP_PIN_CODE_NEG_REPLY:
2525 hci_cc_pin_code_neg_reply(hdev, skb);
2528 case HCI_OP_READ_LOCAL_OOB_DATA:
2529 hci_cc_read_local_oob_data_reply(hdev, skb);
2532 case HCI_OP_LE_READ_BUFFER_SIZE:
2533 hci_cc_le_read_buffer_size(hdev, skb);
2536 case HCI_OP_LE_READ_ADV_TX_POWER:
2537 hci_cc_le_read_adv_tx_power(hdev, skb);
2540 case HCI_OP_LE_SET_EVENT_MASK:
2541 hci_cc_le_set_event_mask(hdev, skb);
2544 case HCI_OP_USER_CONFIRM_REPLY:
2545 hci_cc_user_confirm_reply(hdev, skb);
2548 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2549 hci_cc_user_confirm_neg_reply(hdev, skb);
2552 case HCI_OP_USER_PASSKEY_REPLY:
2553 hci_cc_user_passkey_reply(hdev, skb);
2556 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2557 hci_cc_user_passkey_neg_reply(hdev, skb);
2560 case HCI_OP_LE_SET_SCAN_PARAM:
2561 hci_cc_le_set_scan_param(hdev, skb);
2564 case HCI_OP_LE_SET_SCAN_ENABLE:
2565 hci_cc_le_set_scan_enable(hdev, skb);
2568 case HCI_OP_LE_LTK_REPLY:
2569 hci_cc_le_ltk_reply(hdev, skb);
2572 case HCI_OP_LE_LTK_NEG_REPLY:
2573 hci_cc_le_ltk_neg_reply(hdev, skb);
2576 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2577 hci_cc_write_le_host_supported(hdev, skb);
2580 case HCI_OP_WRITE_REMOTE_AMP_ASSOC:
2581 hci_cc_write_remote_amp_assoc(hdev, skb);
2585 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
2589 if (ev->opcode != HCI_OP_NOP)
2590 del_timer(&hdev->cmd_timer);
2593 atomic_set(&hdev->cmd_cnt, 1);
2594 if (!skb_queue_empty(&hdev->cmd_q))
2595 queue_work(hdev->workqueue, &hdev->cmd_work);
2599 static void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2601 struct hci_ev_cmd_status *ev = (void *) skb->data;
2604 skb_pull(skb, sizeof(*ev));
2606 opcode = __le16_to_cpu(ev->opcode);
2609 case HCI_OP_INQUIRY:
2610 hci_cs_inquiry(hdev, ev->status);
2613 case HCI_OP_CREATE_CONN:
2614 hci_cs_create_conn(hdev, ev->status);
2617 case HCI_OP_ADD_SCO:
2618 hci_cs_add_sco(hdev, ev->status);
2621 case HCI_OP_AUTH_REQUESTED:
2622 hci_cs_auth_requested(hdev, ev->status);
2625 case HCI_OP_SET_CONN_ENCRYPT:
2626 hci_cs_set_conn_encrypt(hdev, ev->status);
2629 case HCI_OP_REMOTE_NAME_REQ:
2630 hci_cs_remote_name_req(hdev, ev->status);
2633 case HCI_OP_READ_REMOTE_FEATURES:
2634 hci_cs_read_remote_features(hdev, ev->status);
2637 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2638 hci_cs_read_remote_ext_features(hdev, ev->status);
2641 case HCI_OP_SETUP_SYNC_CONN:
2642 hci_cs_setup_sync_conn(hdev, ev->status);
2645 case HCI_OP_SNIFF_MODE:
2646 hci_cs_sniff_mode(hdev, ev->status);
2649 case HCI_OP_EXIT_SNIFF_MODE:
2650 hci_cs_exit_sniff_mode(hdev, ev->status);
2653 case HCI_OP_DISCONNECT:
2654 hci_cs_disconnect(hdev, ev->status);
2657 case HCI_OP_LE_CREATE_CONN:
2658 hci_cs_le_create_conn(hdev, ev->status);
2661 case HCI_OP_LE_START_ENC:
2662 hci_cs_le_start_enc(hdev, ev->status);
2665 case HCI_OP_CREATE_PHY_LINK:
2666 hci_cs_create_phylink(hdev, ev->status);
2669 case HCI_OP_ACCEPT_PHY_LINK:
2670 hci_cs_accept_phylink(hdev, ev->status);
2674 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
2678 if (ev->opcode != HCI_OP_NOP)
2679 del_timer(&hdev->cmd_timer);
2681 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
2682 atomic_set(&hdev->cmd_cnt, 1);
2683 if (!skb_queue_empty(&hdev->cmd_q))
2684 queue_work(hdev->workqueue, &hdev->cmd_work);
2688 static void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2690 struct hci_ev_role_change *ev = (void *) skb->data;
2691 struct hci_conn *conn;
2693 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2697 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2701 conn->link_mode &= ~HCI_LM_MASTER;
2703 conn->link_mode |= HCI_LM_MASTER;
2706 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
2708 hci_role_switch_cfm(conn, ev->status, ev->role);
2711 hci_dev_unlock(hdev);
2714 static void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
2716 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
2719 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2720 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2724 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2725 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
2726 BT_DBG("%s bad parameters", hdev->name);
2730 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2732 for (i = 0; i < ev->num_hndl; i++) {
2733 struct hci_comp_pkts_info *info = &ev->handles[i];
2734 struct hci_conn *conn;
2735 __u16 handle, count;
2737 handle = __le16_to_cpu(info->handle);
2738 count = __le16_to_cpu(info->count);
2740 conn = hci_conn_hash_lookup_handle(hdev, handle);
2744 conn->sent -= count;
2746 switch (conn->type) {
2748 hdev->acl_cnt += count;
2749 if (hdev->acl_cnt > hdev->acl_pkts)
2750 hdev->acl_cnt = hdev->acl_pkts;
2754 if (hdev->le_pkts) {
2755 hdev->le_cnt += count;
2756 if (hdev->le_cnt > hdev->le_pkts)
2757 hdev->le_cnt = hdev->le_pkts;
2759 hdev->acl_cnt += count;
2760 if (hdev->acl_cnt > hdev->acl_pkts)
2761 hdev->acl_cnt = hdev->acl_pkts;
2766 hdev->sco_cnt += count;
2767 if (hdev->sco_cnt > hdev->sco_pkts)
2768 hdev->sco_cnt = hdev->sco_pkts;
2772 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2777 queue_work(hdev->workqueue, &hdev->tx_work);
2780 static struct hci_conn *__hci_conn_lookup_handle(struct hci_dev *hdev,
2783 struct hci_chan *chan;
2785 switch (hdev->dev_type) {
2787 return hci_conn_hash_lookup_handle(hdev, handle);
2789 chan = hci_chan_lookup_handle(hdev, handle);
2794 BT_ERR("%s unknown dev_type %d", hdev->name, hdev->dev_type);
2801 static void hci_num_comp_blocks_evt(struct hci_dev *hdev, struct sk_buff *skb)
2803 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2806 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2807 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2811 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2812 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
2813 BT_DBG("%s bad parameters", hdev->name);
2817 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
2820 for (i = 0; i < ev->num_hndl; i++) {
2821 struct hci_comp_blocks_info *info = &ev->handles[i];
2822 struct hci_conn *conn = NULL;
2823 __u16 handle, block_count;
2825 handle = __le16_to_cpu(info->handle);
2826 block_count = __le16_to_cpu(info->blocks);
2828 conn = __hci_conn_lookup_handle(hdev, handle);
2832 conn->sent -= block_count;
2834 switch (conn->type) {
2837 hdev->block_cnt += block_count;
2838 if (hdev->block_cnt > hdev->num_blocks)
2839 hdev->block_cnt = hdev->num_blocks;
2843 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2848 queue_work(hdev->workqueue, &hdev->tx_work);
2851 static void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2853 struct hci_ev_mode_change *ev = (void *) skb->data;
2854 struct hci_conn *conn;
2856 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
2860 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2862 conn->mode = ev->mode;
2863 conn->interval = __le16_to_cpu(ev->interval);
2865 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND,
2867 if (conn->mode == HCI_CM_ACTIVE)
2868 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
2870 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
2873 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
2874 hci_sco_setup(conn, ev->status);
2877 hci_dev_unlock(hdev);
2880 static void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2882 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2883 struct hci_conn *conn;
2885 BT_DBG("%s", hdev->name);
2889 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2893 if (conn->state == BT_CONNECTED) {
2894 hci_conn_hold(conn);
2895 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2899 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
2900 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2901 sizeof(ev->bdaddr), &ev->bdaddr);
2902 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
2905 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2910 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
2914 hci_dev_unlock(hdev);
2917 static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2919 struct hci_ev_link_key_req *ev = (void *) skb->data;
2920 struct hci_cp_link_key_reply cp;
2921 struct hci_conn *conn;
2922 struct link_key *key;
2924 BT_DBG("%s", hdev->name);
2926 if (!test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
2931 key = hci_find_link_key(hdev, &ev->bdaddr);
2933 BT_DBG("%s link key not found for %pMR", hdev->name,
2938 BT_DBG("%s found key type %u for %pMR", hdev->name, key->type,
2941 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
2942 key->type == HCI_LK_DEBUG_COMBINATION) {
2943 BT_DBG("%s ignoring debug key", hdev->name);
2947 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2949 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
2950 conn->auth_type != 0xff && (conn->auth_type & 0x01)) {
2951 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2955 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
2956 conn->pending_sec_level == BT_SECURITY_HIGH) {
2957 BT_DBG("%s ignoring key unauthenticated for high security",
2962 conn->key_type = key->type;
2963 conn->pin_length = key->pin_len;
2966 bacpy(&cp.bdaddr, &ev->bdaddr);
2967 memcpy(cp.link_key, key->val, HCI_LINK_KEY_SIZE);
2969 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2971 hci_dev_unlock(hdev);
2976 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2977 hci_dev_unlock(hdev);
2980 static void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2982 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2983 struct hci_conn *conn;
2986 BT_DBG("%s", hdev->name);
2990 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2992 hci_conn_hold(conn);
2993 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2994 pin_len = conn->pin_length;
2996 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2997 conn->key_type = ev->key_type;
3002 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
3003 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
3004 ev->key_type, pin_len);
3006 hci_dev_unlock(hdev);
3009 static void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
3011 struct hci_ev_clock_offset *ev = (void *) skb->data;
3012 struct hci_conn *conn;
3014 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3018 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3019 if (conn && !ev->status) {
3020 struct inquiry_entry *ie;
3022 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
3024 ie->data.clock_offset = ev->clock_offset;
3025 ie->timestamp = jiffies;
3029 hci_dev_unlock(hdev);
3032 static void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
3034 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
3035 struct hci_conn *conn;
3037 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3041 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3042 if (conn && !ev->status)
3043 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
3045 hci_dev_unlock(hdev);
3048 static void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
3050 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
3051 struct inquiry_entry *ie;
3053 BT_DBG("%s", hdev->name);
3057 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3059 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
3060 ie->timestamp = jiffies;
3063 hci_dev_unlock(hdev);
3066 static void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev,
3067 struct sk_buff *skb)
3069 struct inquiry_data data;
3070 int num_rsp = *((__u8 *) skb->data);
3071 bool name_known, ssp;
3073 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
3078 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
3083 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
3084 struct inquiry_info_with_rssi_and_pscan_mode *info;
3085 info = (void *) (skb->data + 1);
3087 for (; num_rsp; num_rsp--, info++) {
3088 bacpy(&data.bdaddr, &info->bdaddr);
3089 data.pscan_rep_mode = info->pscan_rep_mode;
3090 data.pscan_period_mode = info->pscan_period_mode;
3091 data.pscan_mode = info->pscan_mode;
3092 memcpy(data.dev_class, info->dev_class, 3);
3093 data.clock_offset = info->clock_offset;
3094 data.rssi = info->rssi;
3095 data.ssp_mode = 0x00;
3097 name_known = hci_inquiry_cache_update(hdev, &data,
3099 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
3100 info->dev_class, info->rssi,
3101 !name_known, ssp, NULL, 0);
3104 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
3106 for (; num_rsp; num_rsp--, info++) {
3107 bacpy(&data.bdaddr, &info->bdaddr);
3108 data.pscan_rep_mode = info->pscan_rep_mode;
3109 data.pscan_period_mode = info->pscan_period_mode;
3110 data.pscan_mode = 0x00;
3111 memcpy(data.dev_class, info->dev_class, 3);
3112 data.clock_offset = info->clock_offset;
3113 data.rssi = info->rssi;
3114 data.ssp_mode = 0x00;
3115 name_known = hci_inquiry_cache_update(hdev, &data,
3117 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
3118 info->dev_class, info->rssi,
3119 !name_known, ssp, NULL, 0);
3123 hci_dev_unlock(hdev);
3126 static void hci_remote_ext_features_evt(struct hci_dev *hdev,
3127 struct sk_buff *skb)
3129 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
3130 struct hci_conn *conn;
3132 BT_DBG("%s", hdev->name);
3136 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3140 if (!ev->status && ev->page == 0x01) {
3141 struct inquiry_entry *ie;
3143 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
3145 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
3147 if (ev->features[0] & LMP_HOST_SSP)
3148 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
3151 if (conn->state != BT_CONFIG)
3154 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
3155 struct hci_cp_remote_name_req cp;
3156 memset(&cp, 0, sizeof(cp));
3157 bacpy(&cp.bdaddr, &conn->dst);
3158 cp.pscan_rep_mode = 0x02;
3159 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
3160 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3161 mgmt_device_connected(hdev, &conn->dst, conn->type,
3162 conn->dst_type, 0, NULL, 0,
3165 if (!hci_outgoing_auth_needed(hdev, conn)) {
3166 conn->state = BT_CONNECTED;
3167 hci_proto_connect_cfm(conn, ev->status);
3172 hci_dev_unlock(hdev);
3175 static void hci_sync_conn_complete_evt(struct hci_dev *hdev,
3176 struct sk_buff *skb)
3178 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
3179 struct hci_conn *conn;
3181 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3185 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
3187 if (ev->link_type == ESCO_LINK)
3190 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
3194 conn->type = SCO_LINK;
3197 switch (ev->status) {
3199 conn->handle = __le16_to_cpu(ev->handle);
3200 conn->state = BT_CONNECTED;
3202 hci_conn_hold_device(conn);
3203 hci_conn_add_sysfs(conn);
3206 case 0x11: /* Unsupported Feature or Parameter Value */
3207 case 0x1c: /* SCO interval rejected */
3208 case 0x1a: /* Unsupported Remote Feature */
3209 case 0x1f: /* Unspecified error */
3210 if (conn->out && conn->attempt < 2) {
3211 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
3212 (hdev->esco_type & EDR_ESCO_MASK);
3213 hci_setup_sync(conn, conn->link->handle);
3219 conn->state = BT_CLOSED;
3223 hci_proto_connect_cfm(conn, ev->status);
3228 hci_dev_unlock(hdev);
3231 static void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
3233 BT_DBG("%s", hdev->name);
3236 static void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
3238 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
3240 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3243 static void hci_extended_inquiry_result_evt(struct hci_dev *hdev,
3244 struct sk_buff *skb)
3246 struct inquiry_data data;
3247 struct extended_inquiry_info *info = (void *) (skb->data + 1);
3248 int num_rsp = *((__u8 *) skb->data);
3251 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
3256 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
3261 for (; num_rsp; num_rsp--, info++) {
3262 bool name_known, ssp;
3264 bacpy(&data.bdaddr, &info->bdaddr);
3265 data.pscan_rep_mode = info->pscan_rep_mode;
3266 data.pscan_period_mode = info->pscan_period_mode;
3267 data.pscan_mode = 0x00;
3268 memcpy(data.dev_class, info->dev_class, 3);
3269 data.clock_offset = info->clock_offset;
3270 data.rssi = info->rssi;
3271 data.ssp_mode = 0x01;
3273 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3274 name_known = eir_has_data_type(info->data,
3280 name_known = hci_inquiry_cache_update(hdev, &data, name_known,
3282 eir_len = eir_get_length(info->data, sizeof(info->data));
3283 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
3284 info->dev_class, info->rssi, !name_known,
3285 ssp, info->data, eir_len);
3288 hci_dev_unlock(hdev);
3291 static void hci_key_refresh_complete_evt(struct hci_dev *hdev,
3292 struct sk_buff *skb)
3294 struct hci_ev_key_refresh_complete *ev = (void *) skb->data;
3295 struct hci_conn *conn;
3297 BT_DBG("%s status 0x%2.2x handle 0x%4.4x", hdev->name, ev->status,
3298 __le16_to_cpu(ev->handle));
3302 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3307 conn->sec_level = conn->pending_sec_level;
3309 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
3311 if (ev->status && conn->state == BT_CONNECTED) {
3312 hci_acl_disconn(conn, HCI_ERROR_AUTH_FAILURE);
3317 if (conn->state == BT_CONFIG) {
3319 conn->state = BT_CONNECTED;
3321 hci_proto_connect_cfm(conn, ev->status);
3324 hci_auth_cfm(conn, ev->status);
3326 hci_conn_hold(conn);
3327 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
3332 hci_dev_unlock(hdev);
3335 static u8 hci_get_auth_req(struct hci_conn *conn)
3337 /* If remote requests dedicated bonding follow that lead */
3338 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
3339 /* If both remote and local IO capabilities allow MITM
3340 * protection then require it, otherwise don't */
3341 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
3347 /* If remote requests no-bonding follow that lead */
3348 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
3349 return conn->remote_auth | (conn->auth_type & 0x01);
3351 return conn->auth_type;
3354 static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
3356 struct hci_ev_io_capa_request *ev = (void *) skb->data;
3357 struct hci_conn *conn;
3359 BT_DBG("%s", hdev->name);
3363 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3367 hci_conn_hold(conn);
3369 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
3372 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
3373 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
3374 struct hci_cp_io_capability_reply cp;
3376 bacpy(&cp.bdaddr, &ev->bdaddr);
3377 /* Change the IO capability from KeyboardDisplay
3378 * to DisplayYesNo as it is not supported by BT spec. */
3379 cp.capability = (conn->io_capability == 0x04) ?
3380 0x01 : conn->io_capability;
3381 conn->auth_type = hci_get_auth_req(conn);
3382 cp.authentication = conn->auth_type;
3384 if (hci_find_remote_oob_data(hdev, &conn->dst) &&
3385 (conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)))
3390 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
3393 struct hci_cp_io_capability_neg_reply cp;
3395 bacpy(&cp.bdaddr, &ev->bdaddr);
3396 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
3398 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
3403 hci_dev_unlock(hdev);
3406 static void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
3408 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3409 struct hci_conn *conn;
3411 BT_DBG("%s", hdev->name);
3415 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3419 conn->remote_cap = ev->capability;
3420 conn->remote_auth = ev->authentication;
3422 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
3425 hci_dev_unlock(hdev);
3428 static void hci_user_confirm_request_evt(struct hci_dev *hdev,
3429 struct sk_buff *skb)
3431 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
3432 int loc_mitm, rem_mitm, confirm_hint = 0;
3433 struct hci_conn *conn;
3435 BT_DBG("%s", hdev->name);
3439 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
3442 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3446 loc_mitm = (conn->auth_type & 0x01);
3447 rem_mitm = (conn->remote_auth & 0x01);
3449 /* If we require MITM but the remote device can't provide that
3450 * (it has NoInputNoOutput) then reject the confirmation
3451 * request. The only exception is when we're dedicated bonding
3452 * initiators (connect_cfm_cb set) since then we always have the MITM
3454 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
3455 BT_DBG("Rejecting request: remote device can't provide MITM");
3456 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
3457 sizeof(ev->bdaddr), &ev->bdaddr);
3461 /* If no side requires MITM protection; auto-accept */
3462 if ((!loc_mitm || conn->remote_cap == 0x03) &&
3463 (!rem_mitm || conn->io_capability == 0x03)) {
3465 /* If we're not the initiators request authorization to
3466 * proceed from user space (mgmt_user_confirm with
3467 * confirm_hint set to 1). */
3468 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
3469 BT_DBG("Confirming auto-accept as acceptor");
3474 BT_DBG("Auto-accept of user confirmation with %ums delay",
3475 hdev->auto_accept_delay);
3477 if (hdev->auto_accept_delay > 0) {
3478 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3479 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3483 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
3484 sizeof(ev->bdaddr), &ev->bdaddr);
3489 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, ev->passkey,
3493 hci_dev_unlock(hdev);
3496 static void hci_user_passkey_request_evt(struct hci_dev *hdev,
3497 struct sk_buff *skb)
3499 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3501 BT_DBG("%s", hdev->name);
3503 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3504 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
3507 static void hci_user_passkey_notify_evt(struct hci_dev *hdev,
3508 struct sk_buff *skb)
3510 struct hci_ev_user_passkey_notify *ev = (void *) skb->data;
3511 struct hci_conn *conn;
3513 BT_DBG("%s", hdev->name);
3515 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3519 conn->passkey_notify = __le32_to_cpu(ev->passkey);
3520 conn->passkey_entered = 0;
3522 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3523 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3524 conn->dst_type, conn->passkey_notify,
3525 conn->passkey_entered);
3528 static void hci_keypress_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
3530 struct hci_ev_keypress_notify *ev = (void *) skb->data;
3531 struct hci_conn *conn;
3533 BT_DBG("%s", hdev->name);
3535 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3540 case HCI_KEYPRESS_STARTED:
3541 conn->passkey_entered = 0;
3544 case HCI_KEYPRESS_ENTERED:
3545 conn->passkey_entered++;
3548 case HCI_KEYPRESS_ERASED:
3549 conn->passkey_entered--;
3552 case HCI_KEYPRESS_CLEARED:
3553 conn->passkey_entered = 0;
3556 case HCI_KEYPRESS_COMPLETED:
3560 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3561 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3562 conn->dst_type, conn->passkey_notify,
3563 conn->passkey_entered);
3566 static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
3567 struct sk_buff *skb)
3569 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3570 struct hci_conn *conn;
3572 BT_DBG("%s", hdev->name);
3576 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3580 /* To avoid duplicate auth_failed events to user space we check
3581 * the HCI_CONN_AUTH_PEND flag which will be set if we
3582 * initiated the authentication. A traditional auth_complete
3583 * event gets always produced as initiator and is also mapped to
3584 * the mgmt_auth_failed event */
3585 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status)
3586 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
3592 hci_dev_unlock(hdev);
3595 static void hci_remote_host_features_evt(struct hci_dev *hdev,
3596 struct sk_buff *skb)
3598 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3599 struct inquiry_entry *ie;
3601 BT_DBG("%s", hdev->name);
3605 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3607 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
3609 hci_dev_unlock(hdev);
3612 static void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3613 struct sk_buff *skb)
3615 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3616 struct oob_data *data;
3618 BT_DBG("%s", hdev->name);
3622 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
3625 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3627 struct hci_cp_remote_oob_data_reply cp;
3629 bacpy(&cp.bdaddr, &ev->bdaddr);
3630 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3631 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3633 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
3636 struct hci_cp_remote_oob_data_neg_reply cp;
3638 bacpy(&cp.bdaddr, &ev->bdaddr);
3639 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
3644 hci_dev_unlock(hdev);
3647 static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3649 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3650 struct hci_conn *conn;
3652 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3656 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
3658 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3660 BT_ERR("No memory for new connection");
3664 conn->dst_type = ev->bdaddr_type;
3666 if (ev->role == LE_CONN_ROLE_MASTER) {
3668 conn->link_mode |= HCI_LM_MASTER;
3673 mgmt_connect_failed(hdev, &conn->dst, conn->type,
3674 conn->dst_type, ev->status);
3675 hci_proto_connect_cfm(conn, ev->status);
3676 conn->state = BT_CLOSED;
3681 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3682 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
3683 conn->dst_type, 0, NULL, 0, NULL);
3685 conn->sec_level = BT_SECURITY_LOW;
3686 conn->handle = __le16_to_cpu(ev->handle);
3687 conn->state = BT_CONNECTED;
3689 hci_conn_hold_device(conn);
3690 hci_conn_add_sysfs(conn);
3692 hci_proto_connect_cfm(conn, ev->status);
3695 hci_dev_unlock(hdev);
3698 static void hci_le_adv_report_evt(struct hci_dev *hdev, struct sk_buff *skb)
3700 u8 num_reports = skb->data[0];
3701 void *ptr = &skb->data[1];
3706 while (num_reports--) {
3707 struct hci_ev_le_advertising_info *ev = ptr;
3709 rssi = ev->data[ev->length];
3710 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
3711 NULL, rssi, 0, 1, ev->data, ev->length);
3713 ptr += sizeof(*ev) + ev->length + 1;
3716 hci_dev_unlock(hdev);
3719 static void hci_le_ltk_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
3721 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3722 struct hci_cp_le_ltk_reply cp;
3723 struct hci_cp_le_ltk_neg_reply neg;
3724 struct hci_conn *conn;
3725 struct smp_ltk *ltk;
3727 BT_DBG("%s handle 0x%4.4x", hdev->name, __le16_to_cpu(ev->handle));
3731 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3735 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3739 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
3740 cp.handle = cpu_to_le16(conn->handle);
3742 if (ltk->authenticated)
3743 conn->sec_level = BT_SECURITY_HIGH;
3745 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3747 if (ltk->type & HCI_SMP_STK) {
3748 list_del(<k->list);
3752 hci_dev_unlock(hdev);
3757 neg.handle = ev->handle;
3758 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3759 hci_dev_unlock(hdev);
3762 static void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
3764 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3766 skb_pull(skb, sizeof(*le_ev));
3768 switch (le_ev->subevent) {
3769 case HCI_EV_LE_CONN_COMPLETE:
3770 hci_le_conn_complete_evt(hdev, skb);
3773 case HCI_EV_LE_ADVERTISING_REPORT:
3774 hci_le_adv_report_evt(hdev, skb);
3777 case HCI_EV_LE_LTK_REQ:
3778 hci_le_ltk_request_evt(hdev, skb);
3786 static void hci_chan_selected_evt(struct hci_dev *hdev, struct sk_buff *skb)
3788 struct hci_ev_channel_selected *ev = (void *) skb->data;
3789 struct hci_conn *hcon;
3791 BT_DBG("%s handle 0x%2.2x", hdev->name, ev->phy_handle);
3793 skb_pull(skb, sizeof(*ev));
3795 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3799 amp_read_loc_assoc_final_data(hdev, hcon);
3802 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3804 struct hci_event_hdr *hdr = (void *) skb->data;
3805 __u8 event = hdr->evt;
3807 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3810 case HCI_EV_INQUIRY_COMPLETE:
3811 hci_inquiry_complete_evt(hdev, skb);
3814 case HCI_EV_INQUIRY_RESULT:
3815 hci_inquiry_result_evt(hdev, skb);
3818 case HCI_EV_CONN_COMPLETE:
3819 hci_conn_complete_evt(hdev, skb);
3822 case HCI_EV_CONN_REQUEST:
3823 hci_conn_request_evt(hdev, skb);
3826 case HCI_EV_DISCONN_COMPLETE:
3827 hci_disconn_complete_evt(hdev, skb);
3830 case HCI_EV_AUTH_COMPLETE:
3831 hci_auth_complete_evt(hdev, skb);
3834 case HCI_EV_REMOTE_NAME:
3835 hci_remote_name_evt(hdev, skb);
3838 case HCI_EV_ENCRYPT_CHANGE:
3839 hci_encrypt_change_evt(hdev, skb);
3842 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3843 hci_change_link_key_complete_evt(hdev, skb);
3846 case HCI_EV_REMOTE_FEATURES:
3847 hci_remote_features_evt(hdev, skb);
3850 case HCI_EV_REMOTE_VERSION:
3851 hci_remote_version_evt(hdev, skb);
3854 case HCI_EV_QOS_SETUP_COMPLETE:
3855 hci_qos_setup_complete_evt(hdev, skb);
3858 case HCI_EV_CMD_COMPLETE:
3859 hci_cmd_complete_evt(hdev, skb);
3862 case HCI_EV_CMD_STATUS:
3863 hci_cmd_status_evt(hdev, skb);
3866 case HCI_EV_ROLE_CHANGE:
3867 hci_role_change_evt(hdev, skb);
3870 case HCI_EV_NUM_COMP_PKTS:
3871 hci_num_comp_pkts_evt(hdev, skb);
3874 case HCI_EV_MODE_CHANGE:
3875 hci_mode_change_evt(hdev, skb);
3878 case HCI_EV_PIN_CODE_REQ:
3879 hci_pin_code_request_evt(hdev, skb);
3882 case HCI_EV_LINK_KEY_REQ:
3883 hci_link_key_request_evt(hdev, skb);
3886 case HCI_EV_LINK_KEY_NOTIFY:
3887 hci_link_key_notify_evt(hdev, skb);
3890 case HCI_EV_CLOCK_OFFSET:
3891 hci_clock_offset_evt(hdev, skb);
3894 case HCI_EV_PKT_TYPE_CHANGE:
3895 hci_pkt_type_change_evt(hdev, skb);
3898 case HCI_EV_PSCAN_REP_MODE:
3899 hci_pscan_rep_mode_evt(hdev, skb);
3902 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3903 hci_inquiry_result_with_rssi_evt(hdev, skb);
3906 case HCI_EV_REMOTE_EXT_FEATURES:
3907 hci_remote_ext_features_evt(hdev, skb);
3910 case HCI_EV_SYNC_CONN_COMPLETE:
3911 hci_sync_conn_complete_evt(hdev, skb);
3914 case HCI_EV_SYNC_CONN_CHANGED:
3915 hci_sync_conn_changed_evt(hdev, skb);
3918 case HCI_EV_SNIFF_SUBRATE:
3919 hci_sniff_subrate_evt(hdev, skb);
3922 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3923 hci_extended_inquiry_result_evt(hdev, skb);
3926 case HCI_EV_KEY_REFRESH_COMPLETE:
3927 hci_key_refresh_complete_evt(hdev, skb);
3930 case HCI_EV_IO_CAPA_REQUEST:
3931 hci_io_capa_request_evt(hdev, skb);
3934 case HCI_EV_IO_CAPA_REPLY:
3935 hci_io_capa_reply_evt(hdev, skb);
3938 case HCI_EV_USER_CONFIRM_REQUEST:
3939 hci_user_confirm_request_evt(hdev, skb);
3942 case HCI_EV_USER_PASSKEY_REQUEST:
3943 hci_user_passkey_request_evt(hdev, skb);
3946 case HCI_EV_USER_PASSKEY_NOTIFY:
3947 hci_user_passkey_notify_evt(hdev, skb);
3950 case HCI_EV_KEYPRESS_NOTIFY:
3951 hci_keypress_notify_evt(hdev, skb);
3954 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3955 hci_simple_pair_complete_evt(hdev, skb);
3958 case HCI_EV_REMOTE_HOST_FEATURES:
3959 hci_remote_host_features_evt(hdev, skb);
3962 case HCI_EV_LE_META:
3963 hci_le_meta_evt(hdev, skb);
3966 case HCI_EV_CHANNEL_SELECTED:
3967 hci_chan_selected_evt(hdev, skb);
3970 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3971 hci_remote_oob_data_request_evt(hdev, skb);
3974 case HCI_EV_NUM_COMP_BLOCKS:
3975 hci_num_comp_blocks_evt(hdev, skb);
3979 BT_DBG("%s event 0x%2.2x", hdev->name, event);
3984 hdev->stat.evt_rx++;
projects / firefly-linux-kernel-4.4.55.git / blob