2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 /* Bluetooth HCI Management interface */
25 #include <linux/uaccess.h>
26 #include <asm/unaligned.h>
28 #include <net/bluetooth/bluetooth.h>
29 #include <net/bluetooth/hci_core.h>
30 #include <net/bluetooth/mgmt.h>
32 #define MGMT_VERSION 0
33 #define MGMT_REVISION 1
36 struct list_head list;
44 static LIST_HEAD(cmd_list);
46 static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
50 struct mgmt_ev_cmd_status *ev;
52 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
54 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
58 hdr = (void *) skb_put(skb, sizeof(*hdr));
60 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
61 hdr->index = cpu_to_le16(index);
62 hdr->len = cpu_to_le16(sizeof(*ev));
64 ev = (void *) skb_put(skb, sizeof(*ev));
66 put_unaligned_le16(cmd, &ev->opcode);
68 if (sock_queue_rcv_skb(sk, skb) < 0)
74 static int cmd_complete(struct sock *sk, u16 index, u16 cmd, void *rp,
79 struct mgmt_ev_cmd_complete *ev;
81 BT_DBG("sock %p", sk);
83 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
87 hdr = (void *) skb_put(skb, sizeof(*hdr));
89 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
90 hdr->index = cpu_to_le16(index);
91 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
93 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
94 put_unaligned_le16(cmd, &ev->opcode);
97 memcpy(ev->data, rp, rp_len);
99 if (sock_queue_rcv_skb(sk, skb) < 0)
105 static int read_version(struct sock *sk)
107 struct mgmt_rp_read_version rp;
109 BT_DBG("sock %p", sk);
111 rp.version = MGMT_VERSION;
112 put_unaligned_le16(MGMT_REVISION, &rp.revision);
114 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, &rp,
118 static int read_index_list(struct sock *sk)
120 struct mgmt_rp_read_index_list *rp;
126 BT_DBG("sock %p", sk);
128 read_lock(&hci_dev_list_lock);
131 list_for_each(p, &hci_dev_list) {
135 rp_len = sizeof(*rp) + (2 * count);
136 rp = kmalloc(rp_len, GFP_ATOMIC);
138 read_unlock(&hci_dev_list_lock);
142 put_unaligned_le16(count, &rp->num_controllers);
145 list_for_each(p, &hci_dev_list) {
146 struct hci_dev *d = list_entry(p, struct hci_dev, list);
148 hci_del_off_timer(d);
150 set_bit(HCI_MGMT, &d->flags);
152 if (test_bit(HCI_SETUP, &d->flags))
155 put_unaligned_le16(d->id, &rp->index[i++]);
156 BT_DBG("Added hci%u", d->id);
159 read_unlock(&hci_dev_list_lock);
161 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, rp,
169 static int read_controller_info(struct sock *sk, u16 index)
171 struct mgmt_rp_read_info rp;
172 struct hci_dev *hdev;
174 BT_DBG("sock %p hci%u", sk, index);
176 hdev = hci_dev_get(index);
178 return cmd_status(sk, index, MGMT_OP_READ_INFO, ENODEV);
180 hci_del_off_timer(hdev);
182 hci_dev_lock_bh(hdev);
184 set_bit(HCI_MGMT, &hdev->flags);
186 memset(&rp, 0, sizeof(rp));
188 rp.type = hdev->dev_type;
190 rp.powered = test_bit(HCI_UP, &hdev->flags);
191 rp.connectable = test_bit(HCI_PSCAN, &hdev->flags);
192 rp.discoverable = test_bit(HCI_ISCAN, &hdev->flags);
193 rp.pairable = test_bit(HCI_PSCAN, &hdev->flags);
195 if (test_bit(HCI_AUTH, &hdev->flags))
197 else if (hdev->ssp_mode > 0)
202 bacpy(&rp.bdaddr, &hdev->bdaddr);
203 memcpy(rp.features, hdev->features, 8);
204 memcpy(rp.dev_class, hdev->dev_class, 3);
205 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
206 rp.hci_ver = hdev->hci_ver;
207 put_unaligned_le16(hdev->hci_rev, &rp.hci_rev);
209 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
211 hci_dev_unlock_bh(hdev);
214 return cmd_complete(sk, index, MGMT_OP_READ_INFO, &rp, sizeof(rp));
217 static void mgmt_pending_free(struct pending_cmd *cmd)
224 static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
225 u16 index, void *data, u16 len)
227 struct pending_cmd *cmd;
229 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
233 cmd->opcode = opcode;
236 cmd->param = kmalloc(len, GFP_ATOMIC);
243 memcpy(cmd->param, data, len);
248 list_add(&cmd->list, &cmd_list);
253 static void mgmt_pending_foreach(u16 opcode, int index,
254 void (*cb)(struct pending_cmd *cmd, void *data),
257 struct list_head *p, *n;
259 list_for_each_safe(p, n, &cmd_list) {
260 struct pending_cmd *cmd;
262 cmd = list_entry(p, struct pending_cmd, list);
264 if (cmd->opcode != opcode)
267 if (index >= 0 && cmd->index != index)
274 static struct pending_cmd *mgmt_pending_find(u16 opcode, int index)
278 list_for_each(p, &cmd_list) {
279 struct pending_cmd *cmd;
281 cmd = list_entry(p, struct pending_cmd, list);
283 if (cmd->opcode != opcode)
286 if (index >= 0 && cmd->index != index)
295 static void mgmt_pending_remove(struct pending_cmd *cmd)
297 list_del(&cmd->list);
298 mgmt_pending_free(cmd);
301 static int set_powered(struct sock *sk, u16 index, unsigned char *data, u16 len)
303 struct mgmt_mode *cp;
304 struct hci_dev *hdev;
305 struct pending_cmd *cmd;
310 BT_DBG("request for hci%u", index);
312 if (len != sizeof(*cp))
313 return cmd_status(sk, index, MGMT_OP_SET_POWERED, EINVAL);
315 hdev = hci_dev_get(index);
317 return cmd_status(sk, index, MGMT_OP_SET_POWERED, ENODEV);
319 hci_dev_lock_bh(hdev);
321 up = test_bit(HCI_UP, &hdev->flags);
322 if ((cp->val && up) || (!cp->val && !up)) {
323 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EALREADY);
327 if (mgmt_pending_find(MGMT_OP_SET_POWERED, index)) {
328 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EBUSY);
332 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, index, data, len);
339 queue_work(hdev->workqueue, &hdev->power_on);
341 queue_work(hdev->workqueue, &hdev->power_off);
346 hci_dev_unlock_bh(hdev);
351 static int set_discoverable(struct sock *sk, u16 index, unsigned char *data,
354 struct mgmt_mode *cp;
355 struct hci_dev *hdev;
356 struct pending_cmd *cmd;
362 BT_DBG("request for hci%u", index);
364 if (len != sizeof(*cp))
365 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EINVAL);
367 hdev = hci_dev_get(index);
369 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENODEV);
371 hci_dev_lock_bh(hdev);
373 if (!test_bit(HCI_UP, &hdev->flags)) {
374 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENETDOWN);
378 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, index) ||
379 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, index)) {
380 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EBUSY);
384 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
385 test_bit(HCI_PSCAN, &hdev->flags)) {
386 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EALREADY);
390 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, index, data, len);
399 scan |= SCAN_INQUIRY;
401 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
403 mgmt_pending_remove(cmd);
406 hci_dev_unlock_bh(hdev);
412 static int set_connectable(struct sock *sk, u16 index, unsigned char *data,
415 struct mgmt_mode *cp;
416 struct hci_dev *hdev;
417 struct pending_cmd *cmd;
423 BT_DBG("request for hci%u", index);
425 if (len != sizeof(*cp))
426 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EINVAL);
428 hdev = hci_dev_get(index);
430 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENODEV);
432 hci_dev_lock_bh(hdev);
434 if (!test_bit(HCI_UP, &hdev->flags)) {
435 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENETDOWN);
439 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, index) ||
440 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, index)) {
441 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EBUSY);
445 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
446 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EALREADY);
450 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, index, data, len);
461 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
463 mgmt_pending_remove(cmd);
466 hci_dev_unlock_bh(hdev);
472 static int mgmt_event(u16 event, u16 index, void *data, u16 data_len,
473 struct sock *skip_sk)
476 struct mgmt_hdr *hdr;
478 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
482 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL;
484 hdr = (void *) skb_put(skb, sizeof(*hdr));
485 hdr->opcode = cpu_to_le16(event);
486 hdr->index = cpu_to_le16(index);
487 hdr->len = cpu_to_le16(data_len);
490 memcpy(skb_put(skb, data_len), data, data_len);
492 hci_send_to_sock(NULL, skb, skip_sk);
498 static int send_mode_rsp(struct sock *sk, u16 opcode, u16 index, u8 val)
504 return cmd_complete(sk, index, opcode, &rp, sizeof(rp));
507 static int set_pairable(struct sock *sk, u16 index, unsigned char *data,
510 struct mgmt_mode *cp, ev;
511 struct hci_dev *hdev;
516 BT_DBG("request for hci%u", index);
518 if (len != sizeof(*cp))
519 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, EINVAL);
521 hdev = hci_dev_get(index);
523 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, ENODEV);
525 hci_dev_lock_bh(hdev);
528 set_bit(HCI_PAIRABLE, &hdev->flags);
530 clear_bit(HCI_PAIRABLE, &hdev->flags);
532 err = send_mode_rsp(sk, MGMT_OP_SET_PAIRABLE, index, cp->val);
538 err = mgmt_event(MGMT_EV_PAIRABLE, index, &ev, sizeof(ev), sk);
541 hci_dev_unlock_bh(hdev);
547 #define EIR_FLAGS 0x01 /* flags */
548 #define EIR_UUID16_SOME 0x02 /* 16-bit UUID, more available */
549 #define EIR_UUID16_ALL 0x03 /* 16-bit UUID, all listed */
550 #define EIR_UUID32_SOME 0x04 /* 32-bit UUID, more available */
551 #define EIR_UUID32_ALL 0x05 /* 32-bit UUID, all listed */
552 #define EIR_UUID128_SOME 0x06 /* 128-bit UUID, more available */
553 #define EIR_UUID128_ALL 0x07 /* 128-bit UUID, all listed */
554 #define EIR_NAME_SHORT 0x08 /* shortened local name */
555 #define EIR_NAME_COMPLETE 0x09 /* complete local name */
556 #define EIR_TX_POWER 0x0A /* transmit power level */
557 #define EIR_DEVICE_ID 0x10 /* device ID */
559 #define PNP_INFO_SVCLASS_ID 0x1200
561 static u8 bluetooth_base_uuid[] = {
562 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
563 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
566 static u16 get_uuid16(u8 *uuid128)
571 for (i = 0; i < 12; i++) {
572 if (bluetooth_base_uuid[i] != uuid128[i])
576 memcpy(&val, &uuid128[12], 4);
578 val = le32_to_cpu(val);
585 static void create_eir(struct hci_dev *hdev, u8 *data)
589 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
590 int i, truncated = 0;
594 name_len = strlen(hdev->dev_name);
600 ptr[1] = EIR_NAME_SHORT;
602 ptr[1] = EIR_NAME_COMPLETE;
604 /* EIR Data length */
605 ptr[0] = name_len + 1;
607 memcpy(ptr + 2, hdev->dev_name, name_len);
609 eir_len += (name_len + 2);
610 ptr += (name_len + 2);
613 memset(uuid16_list, 0, sizeof(uuid16_list));
615 /* Group all UUID16 types */
616 list_for_each(p, &hdev->uuids) {
617 struct bt_uuid *uuid = list_entry(p, struct bt_uuid, list);
620 uuid16 = get_uuid16(uuid->uuid);
627 if (uuid16 == PNP_INFO_SVCLASS_ID)
630 /* Stop if not enough space to put next UUID */
631 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
636 /* Check for duplicates */
637 for (i = 0; uuid16_list[i] != 0; i++)
638 if (uuid16_list[i] == uuid16)
641 if (uuid16_list[i] == 0) {
642 uuid16_list[i] = uuid16;
643 eir_len += sizeof(u16);
647 if (uuid16_list[0] != 0) {
651 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
656 for (i = 0; uuid16_list[i] != 0; i++) {
657 *ptr++ = (uuid16_list[i] & 0x00ff);
658 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
661 /* EIR Data length */
662 *length = (i * sizeof(u16)) + 1;
666 static int update_eir(struct hci_dev *hdev)
668 struct hci_cp_write_eir cp;
670 if (!(hdev->features[6] & LMP_EXT_INQ))
673 if (hdev->ssp_mode == 0)
676 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
679 memset(&cp, 0, sizeof(cp));
681 create_eir(hdev, cp.data);
683 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
686 memcpy(hdev->eir, cp.data, sizeof(cp.data));
688 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
691 static u8 get_service_classes(struct hci_dev *hdev)
696 list_for_each(p, &hdev->uuids) {
697 struct bt_uuid *uuid = list_entry(p, struct bt_uuid, list);
699 val |= uuid->svc_hint;
705 static int update_class(struct hci_dev *hdev)
709 BT_DBG("%s", hdev->name);
711 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
714 cod[0] = hdev->minor_class;
715 cod[1] = hdev->major_class;
716 cod[2] = get_service_classes(hdev);
718 if (memcmp(cod, hdev->dev_class, 3) == 0)
721 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
724 static int add_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
726 struct mgmt_cp_add_uuid *cp;
727 struct hci_dev *hdev;
728 struct bt_uuid *uuid;
733 BT_DBG("request for hci%u", index);
735 if (len != sizeof(*cp))
736 return cmd_status(sk, index, MGMT_OP_ADD_UUID, EINVAL);
738 hdev = hci_dev_get(index);
740 return cmd_status(sk, index, MGMT_OP_ADD_UUID, ENODEV);
742 hci_dev_lock_bh(hdev);
744 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
750 memcpy(uuid->uuid, cp->uuid, 16);
751 uuid->svc_hint = cp->svc_hint;
753 list_add(&uuid->list, &hdev->uuids);
755 err = update_class(hdev);
759 err = update_eir(hdev);
763 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, NULL, 0);
766 hci_dev_unlock_bh(hdev);
772 static int remove_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
774 struct list_head *p, *n;
775 struct mgmt_cp_remove_uuid *cp;
776 struct hci_dev *hdev;
777 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
782 BT_DBG("request for hci%u", index);
784 if (len != sizeof(*cp))
785 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, EINVAL);
787 hdev = hci_dev_get(index);
789 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENODEV);
791 hci_dev_lock_bh(hdev);
793 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
794 err = hci_uuids_clear(hdev);
800 list_for_each_safe(p, n, &hdev->uuids) {
801 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
803 if (memcmp(match->uuid, cp->uuid, 16) != 0)
806 list_del(&match->list);
811 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENOENT);
815 err = update_class(hdev);
819 err = update_eir(hdev);
823 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, NULL, 0);
826 hci_dev_unlock_bh(hdev);
832 static int set_dev_class(struct sock *sk, u16 index, unsigned char *data,
835 struct hci_dev *hdev;
836 struct mgmt_cp_set_dev_class *cp;
841 BT_DBG("request for hci%u", index);
843 if (len != sizeof(*cp))
844 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, EINVAL);
846 hdev = hci_dev_get(index);
848 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, ENODEV);
850 hci_dev_lock_bh(hdev);
852 hdev->major_class = cp->major;
853 hdev->minor_class = cp->minor;
855 err = update_class(hdev);
858 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, NULL, 0);
860 hci_dev_unlock_bh(hdev);
866 static int set_service_cache(struct sock *sk, u16 index, unsigned char *data,
869 struct hci_dev *hdev;
870 struct mgmt_cp_set_service_cache *cp;
875 if (len != sizeof(*cp))
876 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, EINVAL);
878 hdev = hci_dev_get(index);
880 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, ENODEV);
882 hci_dev_lock_bh(hdev);
884 BT_DBG("hci%u enable %d", index, cp->enable);
887 set_bit(HCI_SERVICE_CACHE, &hdev->flags);
890 clear_bit(HCI_SERVICE_CACHE, &hdev->flags);
891 err = update_class(hdev);
893 err = update_eir(hdev);
897 err = cmd_complete(sk, index, MGMT_OP_SET_SERVICE_CACHE, NULL,
900 hci_dev_unlock_bh(hdev);
906 static int load_keys(struct sock *sk, u16 index, unsigned char *data, u16 len)
908 struct hci_dev *hdev;
909 struct mgmt_cp_load_keys *cp;
910 u16 key_count, expected_len;
915 if (len < sizeof(*cp))
918 key_count = get_unaligned_le16(&cp->key_count);
920 expected_len = sizeof(*cp) + key_count * sizeof(struct mgmt_key_info);
921 if (expected_len > len) {
922 BT_ERR("load_keys: expected at least %u bytes, got %u bytes",
927 hdev = hci_dev_get(index);
929 return cmd_status(sk, index, MGMT_OP_LOAD_KEYS, ENODEV);
931 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys,
934 hci_dev_lock_bh(hdev);
936 hci_link_keys_clear(hdev);
938 set_bit(HCI_LINK_KEYS, &hdev->flags);
941 set_bit(HCI_DEBUG_KEYS, &hdev->flags);
943 clear_bit(HCI_DEBUG_KEYS, &hdev->flags);
949 struct mgmt_key_info *key = (void *) cp->keys + i;
951 i += sizeof(*key) + key->dlen;
953 if (key->type == HCI_LK_SMP_LTK) {
954 struct key_master_id *id = (void *) key->data;
956 if (key->dlen != sizeof(struct key_master_id))
959 hci_add_ltk(hdev, 0, &key->bdaddr, key->pin_len,
960 id->ediv, id->rand, key->val);
965 hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type,
969 err = cmd_complete(sk, index, MGMT_OP_LOAD_KEYS, NULL, 0);
971 hci_dev_unlock_bh(hdev);
977 static int remove_key(struct sock *sk, u16 index, unsigned char *data, u16 len)
979 struct hci_dev *hdev;
980 struct mgmt_cp_remove_key *cp;
981 struct hci_conn *conn;
986 if (len != sizeof(*cp))
987 return cmd_status(sk, index, MGMT_OP_REMOVE_KEY, EINVAL);
989 hdev = hci_dev_get(index);
991 return cmd_status(sk, index, MGMT_OP_REMOVE_KEY, ENODEV);
993 hci_dev_lock_bh(hdev);
995 err = hci_remove_link_key(hdev, &cp->bdaddr);
997 err = cmd_status(sk, index, MGMT_OP_REMOVE_KEY, -err);
1003 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect)
1006 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1008 struct hci_cp_disconnect dc;
1010 put_unaligned_le16(conn->handle, &dc.handle);
1011 dc.reason = 0x13; /* Remote User Terminated Connection */
1012 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1016 hci_dev_unlock_bh(hdev);
1022 static int disconnect(struct sock *sk, u16 index, unsigned char *data, u16 len)
1024 struct hci_dev *hdev;
1025 struct mgmt_cp_disconnect *cp;
1026 struct hci_cp_disconnect dc;
1027 struct pending_cmd *cmd;
1028 struct hci_conn *conn;
1035 if (len != sizeof(*cp))
1036 return cmd_status(sk, index, MGMT_OP_DISCONNECT, EINVAL);
1038 hdev = hci_dev_get(index);
1040 return cmd_status(sk, index, MGMT_OP_DISCONNECT, ENODEV);
1042 hci_dev_lock_bh(hdev);
1044 if (!test_bit(HCI_UP, &hdev->flags)) {
1045 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENETDOWN);
1049 if (mgmt_pending_find(MGMT_OP_DISCONNECT, index)) {
1050 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, EBUSY);
1054 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1056 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->bdaddr);
1059 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENOTCONN);
1063 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, index, data, len);
1069 put_unaligned_le16(conn->handle, &dc.handle);
1070 dc.reason = 0x13; /* Remote User Terminated Connection */
1072 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1074 mgmt_pending_remove(cmd);
1077 hci_dev_unlock_bh(hdev);
1083 static int get_connections(struct sock *sk, u16 index)
1085 struct mgmt_rp_get_connections *rp;
1086 struct hci_dev *hdev;
1087 struct list_head *p;
1094 hdev = hci_dev_get(index);
1096 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS, ENODEV);
1098 hci_dev_lock_bh(hdev);
1101 list_for_each(p, &hdev->conn_hash.list) {
1105 rp_len = sizeof(*rp) + (count * sizeof(bdaddr_t));
1106 rp = kmalloc(rp_len, GFP_ATOMIC);
1112 put_unaligned_le16(count, &rp->conn_count);
1115 list_for_each(p, &hdev->conn_hash.list) {
1116 struct hci_conn *c = list_entry(p, struct hci_conn, list);
1118 bacpy(&rp->conn[i++], &c->dst);
1121 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, rp, rp_len);
1125 hci_dev_unlock_bh(hdev);
1130 static int send_pin_code_neg_reply(struct sock *sk, u16 index,
1131 struct hci_dev *hdev, struct mgmt_cp_pin_code_neg_reply *cp)
1133 struct pending_cmd *cmd;
1136 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, index, cp,
1141 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, sizeof(cp->bdaddr),
1144 mgmt_pending_remove(cmd);
1149 static int pin_code_reply(struct sock *sk, u16 index, unsigned char *data,
1152 struct hci_dev *hdev;
1153 struct hci_conn *conn;
1154 struct mgmt_cp_pin_code_reply *cp;
1155 struct mgmt_cp_pin_code_neg_reply ncp;
1156 struct hci_cp_pin_code_reply reply;
1157 struct pending_cmd *cmd;
1164 if (len != sizeof(*cp))
1165 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, EINVAL);
1167 hdev = hci_dev_get(index);
1169 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENODEV);
1171 hci_dev_lock_bh(hdev);
1173 if (!test_bit(HCI_UP, &hdev->flags)) {
1174 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENETDOWN);
1178 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1180 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENOTCONN);
1184 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
1185 bacpy(&ncp.bdaddr, &cp->bdaddr);
1187 BT_ERR("PIN code is not 16 bytes long");
1189 err = send_pin_code_neg_reply(sk, index, hdev, &ncp);
1191 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1197 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, index, data, len);
1203 bacpy(&reply.bdaddr, &cp->bdaddr);
1204 reply.pin_len = cp->pin_len;
1205 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
1207 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1209 mgmt_pending_remove(cmd);
1212 hci_dev_unlock_bh(hdev);
1218 static int pin_code_neg_reply(struct sock *sk, u16 index, unsigned char *data,
1221 struct hci_dev *hdev;
1222 struct mgmt_cp_pin_code_neg_reply *cp;
1229 if (len != sizeof(*cp))
1230 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1233 hdev = hci_dev_get(index);
1235 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1238 hci_dev_lock_bh(hdev);
1240 if (!test_bit(HCI_UP, &hdev->flags)) {
1241 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1246 err = send_pin_code_neg_reply(sk, index, hdev, cp);
1249 hci_dev_unlock_bh(hdev);
1255 static int set_io_capability(struct sock *sk, u16 index, unsigned char *data,
1258 struct hci_dev *hdev;
1259 struct mgmt_cp_set_io_capability *cp;
1265 if (len != sizeof(*cp))
1266 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, EINVAL);
1268 hdev = hci_dev_get(index);
1270 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, ENODEV);
1272 hci_dev_lock_bh(hdev);
1274 hdev->io_capability = cp->io_capability;
1276 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
1277 hdev->io_capability);
1279 hci_dev_unlock_bh(hdev);
1282 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, NULL, 0);
1285 static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1287 struct hci_dev *hdev = conn->hdev;
1288 struct list_head *p;
1290 list_for_each(p, &cmd_list) {
1291 struct pending_cmd *cmd;
1293 cmd = list_entry(p, struct pending_cmd, list);
1295 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1298 if (cmd->index != hdev->id)
1301 if (cmd->user_data != conn)
1310 static void pairing_complete(struct pending_cmd *cmd, u8 status)
1312 struct mgmt_rp_pair_device rp;
1313 struct hci_conn *conn = cmd->user_data;
1315 bacpy(&rp.bdaddr, &conn->dst);
1318 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, &rp, sizeof(rp));
1320 /* So we don't get further callbacks for this connection */
1321 conn->connect_cfm_cb = NULL;
1322 conn->security_cfm_cb = NULL;
1323 conn->disconn_cfm_cb = NULL;
1327 mgmt_pending_remove(cmd);
1330 static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1332 struct pending_cmd *cmd;
1334 BT_DBG("status %u", status);
1336 cmd = find_pairing(conn);
1338 BT_DBG("Unable to find a pending command");
1342 pairing_complete(cmd, status);
1345 static int pair_device(struct sock *sk, u16 index, unsigned char *data, u16 len)
1347 struct hci_dev *hdev;
1348 struct mgmt_cp_pair_device *cp;
1349 struct pending_cmd *cmd;
1350 struct adv_entry *entry;
1351 u8 sec_level, auth_type;
1352 struct hci_conn *conn;
1359 if (len != sizeof(*cp))
1360 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EINVAL);
1362 hdev = hci_dev_get(index);
1364 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, ENODEV);
1366 hci_dev_lock_bh(hdev);
1368 if (cp->io_cap == 0x03) {
1369 sec_level = BT_SECURITY_MEDIUM;
1370 auth_type = HCI_AT_DEDICATED_BONDING;
1372 sec_level = BT_SECURITY_HIGH;
1373 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
1376 entry = hci_find_adv_entry(hdev, &cp->bdaddr);
1378 conn = hci_connect(hdev, LE_LINK, &cp->bdaddr, sec_level,
1381 conn = hci_connect(hdev, ACL_LINK, &cp->bdaddr, sec_level,
1385 err = PTR_ERR(conn);
1389 if (conn->connect_cfm_cb) {
1391 err = cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EBUSY);
1395 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, index, data, len);
1402 /* For LE, just connecting isn't a proof that the pairing finished */
1404 conn->connect_cfm_cb = pairing_complete_cb;
1406 conn->security_cfm_cb = pairing_complete_cb;
1407 conn->disconn_cfm_cb = pairing_complete_cb;
1408 conn->io_capability = cp->io_cap;
1409 cmd->user_data = conn;
1411 if (conn->state == BT_CONNECTED &&
1412 hci_conn_security(conn, sec_level, auth_type))
1413 pairing_complete(cmd, 0);
1418 hci_dev_unlock_bh(hdev);
1424 static int user_confirm_reply(struct sock *sk, u16 index, unsigned char *data,
1425 u16 len, int success)
1427 struct mgmt_cp_user_confirm_reply *cp = (void *) data;
1428 u16 mgmt_op, hci_op;
1429 struct pending_cmd *cmd;
1430 struct hci_dev *hdev;
1436 mgmt_op = MGMT_OP_USER_CONFIRM_REPLY;
1437 hci_op = HCI_OP_USER_CONFIRM_REPLY;
1439 mgmt_op = MGMT_OP_USER_CONFIRM_NEG_REPLY;
1440 hci_op = HCI_OP_USER_CONFIRM_NEG_REPLY;
1443 if (len != sizeof(*cp))
1444 return cmd_status(sk, index, mgmt_op, EINVAL);
1446 hdev = hci_dev_get(index);
1448 return cmd_status(sk, index, mgmt_op, ENODEV);
1450 hci_dev_lock_bh(hdev);
1452 if (!test_bit(HCI_UP, &hdev->flags)) {
1453 err = cmd_status(sk, index, mgmt_op, ENETDOWN);
1457 cmd = mgmt_pending_add(sk, mgmt_op, index, data, len);
1463 err = hci_send_cmd(hdev, hci_op, sizeof(cp->bdaddr), &cp->bdaddr);
1465 mgmt_pending_remove(cmd);
1468 hci_dev_unlock_bh(hdev);
1474 static int set_local_name(struct sock *sk, u16 index, unsigned char *data,
1477 struct mgmt_cp_set_local_name *mgmt_cp = (void *) data;
1478 struct hci_cp_write_local_name hci_cp;
1479 struct hci_dev *hdev;
1480 struct pending_cmd *cmd;
1485 if (len != sizeof(*mgmt_cp))
1486 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, EINVAL);
1488 hdev = hci_dev_get(index);
1490 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, ENODEV);
1492 hci_dev_lock_bh(hdev);
1494 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, index, data, len);
1500 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name));
1501 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp),
1504 mgmt_pending_remove(cmd);
1507 hci_dev_unlock_bh(hdev);
1513 static int read_local_oob_data(struct sock *sk, u16 index)
1515 struct hci_dev *hdev;
1516 struct pending_cmd *cmd;
1519 BT_DBG("hci%u", index);
1521 hdev = hci_dev_get(index);
1523 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1526 hci_dev_lock_bh(hdev);
1528 if (!test_bit(HCI_UP, &hdev->flags)) {
1529 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1534 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
1535 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1540 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, index)) {
1541 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA, EBUSY);
1545 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, index, NULL, 0);
1551 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
1553 mgmt_pending_remove(cmd);
1556 hci_dev_unlock_bh(hdev);
1562 static int add_remote_oob_data(struct sock *sk, u16 index, unsigned char *data,
1565 struct hci_dev *hdev;
1566 struct mgmt_cp_add_remote_oob_data *cp = (void *) data;
1569 BT_DBG("hci%u ", index);
1571 if (len != sizeof(*cp))
1572 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1575 hdev = hci_dev_get(index);
1577 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1580 hci_dev_lock_bh(hdev);
1582 err = hci_add_remote_oob_data(hdev, &cp->bdaddr, cp->hash,
1585 err = cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, -err);
1587 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, NULL,
1590 hci_dev_unlock_bh(hdev);
1596 static int remove_remote_oob_data(struct sock *sk, u16 index,
1597 unsigned char *data, u16 len)
1599 struct hci_dev *hdev;
1600 struct mgmt_cp_remove_remote_oob_data *cp = (void *) data;
1603 BT_DBG("hci%u ", index);
1605 if (len != sizeof(*cp))
1606 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1609 hdev = hci_dev_get(index);
1611 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1614 hci_dev_lock_bh(hdev);
1616 err = hci_remove_remote_oob_data(hdev, &cp->bdaddr);
1618 err = cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1621 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1624 hci_dev_unlock_bh(hdev);
1630 static int start_discovery(struct sock *sk, u16 index)
1632 u8 lap[3] = { 0x33, 0x8b, 0x9e };
1633 struct hci_cp_inquiry cp;
1634 struct pending_cmd *cmd;
1635 struct hci_dev *hdev;
1638 BT_DBG("hci%u", index);
1640 hdev = hci_dev_get(index);
1642 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY, ENODEV);
1644 hci_dev_lock_bh(hdev);
1646 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, index, NULL, 0);
1652 memset(&cp, 0, sizeof(cp));
1653 memcpy(&cp.lap, lap, 3);
1657 err = hci_send_cmd(hdev, HCI_OP_INQUIRY, sizeof(cp), &cp);
1659 mgmt_pending_remove(cmd);
1662 hci_dev_unlock_bh(hdev);
1668 static int stop_discovery(struct sock *sk, u16 index)
1670 struct hci_dev *hdev;
1671 struct pending_cmd *cmd;
1674 BT_DBG("hci%u", index);
1676 hdev = hci_dev_get(index);
1678 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY, ENODEV);
1680 hci_dev_lock_bh(hdev);
1682 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, index, NULL, 0);
1688 err = hci_send_cmd(hdev, HCI_OP_INQUIRY_CANCEL, 0, NULL);
1690 mgmt_pending_remove(cmd);
1693 hci_dev_unlock_bh(hdev);
1699 static int block_device(struct sock *sk, u16 index, unsigned char *data,
1702 struct hci_dev *hdev;
1703 struct mgmt_cp_block_device *cp;
1706 BT_DBG("hci%u", index);
1710 if (len != sizeof(*cp))
1711 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1714 hdev = hci_dev_get(index);
1716 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1719 err = hci_blacklist_add(hdev, &cp->bdaddr);
1722 err = cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE, -err);
1724 err = cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE,
1731 static int unblock_device(struct sock *sk, u16 index, unsigned char *data,
1734 struct hci_dev *hdev;
1735 struct mgmt_cp_unblock_device *cp;
1738 BT_DBG("hci%u", index);
1742 if (len != sizeof(*cp))
1743 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1746 hdev = hci_dev_get(index);
1748 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1751 err = hci_blacklist_del(hdev, &cp->bdaddr);
1754 err = cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE, -err);
1756 err = cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1763 int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
1766 struct mgmt_hdr *hdr;
1767 u16 opcode, index, len;
1770 BT_DBG("got %zu bytes", msglen);
1772 if (msglen < sizeof(*hdr))
1775 buf = kmalloc(msglen, GFP_KERNEL);
1779 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
1784 hdr = (struct mgmt_hdr *) buf;
1785 opcode = get_unaligned_le16(&hdr->opcode);
1786 index = get_unaligned_le16(&hdr->index);
1787 len = get_unaligned_le16(&hdr->len);
1789 if (len != msglen - sizeof(*hdr)) {
1795 case MGMT_OP_READ_VERSION:
1796 err = read_version(sk);
1798 case MGMT_OP_READ_INDEX_LIST:
1799 err = read_index_list(sk);
1801 case MGMT_OP_READ_INFO:
1802 err = read_controller_info(sk, index);
1804 case MGMT_OP_SET_POWERED:
1805 err = set_powered(sk, index, buf + sizeof(*hdr), len);
1807 case MGMT_OP_SET_DISCOVERABLE:
1808 err = set_discoverable(sk, index, buf + sizeof(*hdr), len);
1810 case MGMT_OP_SET_CONNECTABLE:
1811 err = set_connectable(sk, index, buf + sizeof(*hdr), len);
1813 case MGMT_OP_SET_PAIRABLE:
1814 err = set_pairable(sk, index, buf + sizeof(*hdr), len);
1816 case MGMT_OP_ADD_UUID:
1817 err = add_uuid(sk, index, buf + sizeof(*hdr), len);
1819 case MGMT_OP_REMOVE_UUID:
1820 err = remove_uuid(sk, index, buf + sizeof(*hdr), len);
1822 case MGMT_OP_SET_DEV_CLASS:
1823 err = set_dev_class(sk, index, buf + sizeof(*hdr), len);
1825 case MGMT_OP_SET_SERVICE_CACHE:
1826 err = set_service_cache(sk, index, buf + sizeof(*hdr), len);
1828 case MGMT_OP_LOAD_KEYS:
1829 err = load_keys(sk, index, buf + sizeof(*hdr), len);
1831 case MGMT_OP_REMOVE_KEY:
1832 err = remove_key(sk, index, buf + sizeof(*hdr), len);
1834 case MGMT_OP_DISCONNECT:
1835 err = disconnect(sk, index, buf + sizeof(*hdr), len);
1837 case MGMT_OP_GET_CONNECTIONS:
1838 err = get_connections(sk, index);
1840 case MGMT_OP_PIN_CODE_REPLY:
1841 err = pin_code_reply(sk, index, buf + sizeof(*hdr), len);
1843 case MGMT_OP_PIN_CODE_NEG_REPLY:
1844 err = pin_code_neg_reply(sk, index, buf + sizeof(*hdr), len);
1846 case MGMT_OP_SET_IO_CAPABILITY:
1847 err = set_io_capability(sk, index, buf + sizeof(*hdr), len);
1849 case MGMT_OP_PAIR_DEVICE:
1850 err = pair_device(sk, index, buf + sizeof(*hdr), len);
1852 case MGMT_OP_USER_CONFIRM_REPLY:
1853 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 1);
1855 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
1856 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 0);
1858 case MGMT_OP_SET_LOCAL_NAME:
1859 err = set_local_name(sk, index, buf + sizeof(*hdr), len);
1861 case MGMT_OP_READ_LOCAL_OOB_DATA:
1862 err = read_local_oob_data(sk, index);
1864 case MGMT_OP_ADD_REMOTE_OOB_DATA:
1865 err = add_remote_oob_data(sk, index, buf + sizeof(*hdr), len);
1867 case MGMT_OP_REMOVE_REMOTE_OOB_DATA:
1868 err = remove_remote_oob_data(sk, index, buf + sizeof(*hdr),
1871 case MGMT_OP_START_DISCOVERY:
1872 err = start_discovery(sk, index);
1874 case MGMT_OP_STOP_DISCOVERY:
1875 err = stop_discovery(sk, index);
1877 case MGMT_OP_BLOCK_DEVICE:
1878 err = block_device(sk, index, buf + sizeof(*hdr), len);
1880 case MGMT_OP_UNBLOCK_DEVICE:
1881 err = unblock_device(sk, index, buf + sizeof(*hdr), len);
1884 BT_DBG("Unknown op %u", opcode);
1885 err = cmd_status(sk, index, opcode, 0x01);
1899 int mgmt_index_added(u16 index)
1901 return mgmt_event(MGMT_EV_INDEX_ADDED, index, NULL, 0, NULL);
1904 int mgmt_index_removed(u16 index)
1906 return mgmt_event(MGMT_EV_INDEX_REMOVED, index, NULL, 0, NULL);
1914 static void mode_rsp(struct pending_cmd *cmd, void *data)
1916 struct mgmt_mode *cp = cmd->param;
1917 struct cmd_lookup *match = data;
1919 if (cp->val != match->val)
1922 send_mode_rsp(cmd->sk, cmd->opcode, cmd->index, cp->val);
1924 list_del(&cmd->list);
1926 if (match->sk == NULL) {
1927 match->sk = cmd->sk;
1928 sock_hold(match->sk);
1931 mgmt_pending_free(cmd);
1934 int mgmt_powered(u16 index, u8 powered)
1936 struct mgmt_mode ev;
1937 struct cmd_lookup match = { powered, NULL };
1940 mgmt_pending_foreach(MGMT_OP_SET_POWERED, index, mode_rsp, &match);
1944 ret = mgmt_event(MGMT_EV_POWERED, index, &ev, sizeof(ev), match.sk);
1952 int mgmt_discoverable(u16 index, u8 discoverable)
1954 struct mgmt_mode ev;
1955 struct cmd_lookup match = { discoverable, NULL };
1958 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, index, mode_rsp, &match);
1960 ev.val = discoverable;
1962 ret = mgmt_event(MGMT_EV_DISCOVERABLE, index, &ev, sizeof(ev),
1971 int mgmt_connectable(u16 index, u8 connectable)
1973 struct mgmt_mode ev;
1974 struct cmd_lookup match = { connectable, NULL };
1977 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, index, mode_rsp, &match);
1979 ev.val = connectable;
1981 ret = mgmt_event(MGMT_EV_CONNECTABLE, index, &ev, sizeof(ev), match.sk);
1989 int mgmt_new_key(u16 index, struct link_key *key, u8 persistent)
1991 struct mgmt_ev_new_key *ev;
1994 total = sizeof(struct mgmt_ev_new_key) + key->dlen;
1995 ev = kzalloc(total, GFP_ATOMIC);
1999 bacpy(&ev->key.bdaddr, &key->bdaddr);
2000 ev->key.type = key->type;
2001 memcpy(ev->key.val, key->val, 16);
2002 ev->key.pin_len = key->pin_len;
2003 ev->key.dlen = key->dlen;
2004 ev->store_hint = persistent;
2006 memcpy(ev->key.data, key->data, key->dlen);
2008 err = mgmt_event(MGMT_EV_NEW_KEY, index, ev, total, NULL);
2015 int mgmt_connected(u16 index, bdaddr_t *bdaddr)
2017 struct mgmt_ev_connected ev;
2019 bacpy(&ev.bdaddr, bdaddr);
2021 return mgmt_event(MGMT_EV_CONNECTED, index, &ev, sizeof(ev), NULL);
2024 static void disconnect_rsp(struct pending_cmd *cmd, void *data)
2026 struct mgmt_cp_disconnect *cp = cmd->param;
2027 struct sock **sk = data;
2028 struct mgmt_rp_disconnect rp;
2030 bacpy(&rp.bdaddr, &cp->bdaddr);
2032 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, &rp, sizeof(rp));
2037 mgmt_pending_remove(cmd);
2040 int mgmt_disconnected(u16 index, bdaddr_t *bdaddr)
2042 struct mgmt_ev_disconnected ev;
2043 struct sock *sk = NULL;
2046 mgmt_pending_foreach(MGMT_OP_DISCONNECT, index, disconnect_rsp, &sk);
2048 bacpy(&ev.bdaddr, bdaddr);
2050 err = mgmt_event(MGMT_EV_DISCONNECTED, index, &ev, sizeof(ev), sk);
2058 int mgmt_disconnect_failed(u16 index)
2060 struct pending_cmd *cmd;
2063 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, index);
2067 err = cmd_status(cmd->sk, index, MGMT_OP_DISCONNECT, EIO);
2069 mgmt_pending_remove(cmd);
2074 int mgmt_connect_failed(u16 index, bdaddr_t *bdaddr, u8 status)
2076 struct mgmt_ev_connect_failed ev;
2078 bacpy(&ev.bdaddr, bdaddr);
2081 return mgmt_event(MGMT_EV_CONNECT_FAILED, index, &ev, sizeof(ev), NULL);
2084 int mgmt_pin_code_request(u16 index, bdaddr_t *bdaddr, u8 secure)
2086 struct mgmt_ev_pin_code_request ev;
2088 bacpy(&ev.bdaddr, bdaddr);
2091 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, index, &ev, sizeof(ev),
2095 int mgmt_pin_code_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2097 struct pending_cmd *cmd;
2098 struct mgmt_rp_pin_code_reply rp;
2101 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, index);
2105 bacpy(&rp.bdaddr, bdaddr);
2108 err = cmd_complete(cmd->sk, index, MGMT_OP_PIN_CODE_REPLY, &rp,
2111 mgmt_pending_remove(cmd);
2116 int mgmt_pin_code_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2118 struct pending_cmd *cmd;
2119 struct mgmt_rp_pin_code_reply rp;
2122 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, index);
2126 bacpy(&rp.bdaddr, bdaddr);
2129 err = cmd_complete(cmd->sk, index, MGMT_OP_PIN_CODE_NEG_REPLY, &rp,
2132 mgmt_pending_remove(cmd);
2137 int mgmt_user_confirm_request(u16 index, bdaddr_t *bdaddr, __le32 value,
2140 struct mgmt_ev_user_confirm_request ev;
2142 BT_DBG("hci%u", index);
2144 bacpy(&ev.bdaddr, bdaddr);
2145 ev.confirm_hint = confirm_hint;
2146 put_unaligned_le32(value, &ev.value);
2148 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, index, &ev, sizeof(ev),
2152 static int confirm_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status,
2155 struct pending_cmd *cmd;
2156 struct mgmt_rp_user_confirm_reply rp;
2159 cmd = mgmt_pending_find(opcode, index);
2163 bacpy(&rp.bdaddr, bdaddr);
2165 err = cmd_complete(cmd->sk, index, opcode, &rp, sizeof(rp));
2167 mgmt_pending_remove(cmd);
2172 int mgmt_user_confirm_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2174 return confirm_reply_complete(index, bdaddr, status,
2175 MGMT_OP_USER_CONFIRM_REPLY);
2178 int mgmt_user_confirm_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2180 return confirm_reply_complete(index, bdaddr, status,
2181 MGMT_OP_USER_CONFIRM_NEG_REPLY);
2184 int mgmt_auth_failed(u16 index, bdaddr_t *bdaddr, u8 status)
2186 struct mgmt_ev_auth_failed ev;
2188 bacpy(&ev.bdaddr, bdaddr);
2191 return mgmt_event(MGMT_EV_AUTH_FAILED, index, &ev, sizeof(ev), NULL);
2194 int mgmt_set_local_name_complete(u16 index, u8 *name, u8 status)
2196 struct pending_cmd *cmd;
2197 struct hci_dev *hdev;
2198 struct mgmt_cp_set_local_name ev;
2201 memset(&ev, 0, sizeof(ev));
2202 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2204 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, index);
2209 err = cmd_status(cmd->sk, index, MGMT_OP_SET_LOCAL_NAME, EIO);
2213 hdev = hci_dev_get(index);
2215 hci_dev_lock_bh(hdev);
2217 hci_dev_unlock_bh(hdev);
2221 err = cmd_complete(cmd->sk, index, MGMT_OP_SET_LOCAL_NAME, &ev,
2227 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, index, &ev, sizeof(ev),
2228 cmd ? cmd->sk : NULL);
2232 mgmt_pending_remove(cmd);
2236 int mgmt_read_local_oob_data_reply_complete(u16 index, u8 *hash, u8 *randomizer,
2239 struct pending_cmd *cmd;
2242 BT_DBG("hci%u status %u", index, status);
2244 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, index);
2249 err = cmd_status(cmd->sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
2252 struct mgmt_rp_read_local_oob_data rp;
2254 memcpy(rp.hash, hash, sizeof(rp.hash));
2255 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
2257 err = cmd_complete(cmd->sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
2261 mgmt_pending_remove(cmd);
2266 int mgmt_device_found(u16 index, bdaddr_t *bdaddr, u8 *dev_class, s8 rssi,
2269 struct mgmt_ev_device_found ev;
2271 memset(&ev, 0, sizeof(ev));
2273 bacpy(&ev.bdaddr, bdaddr);
2274 memcpy(ev.dev_class, dev_class, sizeof(ev.dev_class));
2278 memcpy(ev.eir, eir, sizeof(ev.eir));
2280 return mgmt_event(MGMT_EV_DEVICE_FOUND, index, &ev, sizeof(ev), NULL);
2283 int mgmt_remote_name(u16 index, bdaddr_t *bdaddr, u8 *name)
2285 struct mgmt_ev_remote_name ev;
2287 memset(&ev, 0, sizeof(ev));
2289 bacpy(&ev.bdaddr, bdaddr);
2290 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2292 return mgmt_event(MGMT_EV_REMOTE_NAME, index, &ev, sizeof(ev), NULL);
2295 int mgmt_discovering(u16 index, u8 discovering)
2297 return mgmt_event(MGMT_EV_DISCOVERING, index, &discovering,
2298 sizeof(discovering), NULL);
projects / firefly-linux-kernel-4.4.55.git / blob