1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27#include <linux/module.h>
28
29#include <linux/types.h>
30#include <linux/errno.h>
31#include <linux/kernel.h>
32#include <linux/slab.h>
33#include <linux/poll.h>
34#include <linux/fcntl.h>
35#include <linux/init.h>
36#include <linux/skbuff.h>
37#include <linux/interrupt.h>
38#include <linux/notifier.h>
39#include <net/sock.h>
40
41#include <asm/system.h>
42#include <asm/uaccess.h>
43#include <asm/unaligned.h>
44
45#include <net/bluetooth/bluetooth.h>
46#include <net/bluetooth/hci_core.h>
47
48#ifndef CONFIG_BT_HCI_CORE_DEBUG
49#undef BT_DBG
50#define BT_DBG(D...)
51#endif
52
53
54
55static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
56{
57 __u8 status = *((__u8 *) skb->data);
58
59 BT_DBG("%s status 0x%x", hdev->name, status);
60
61 if (status)
62 return;
63
64 clear_bit(HCI_INQUIRY, &hdev->flags);
65
66 hci_req_complete(hdev, status);
67
68 hci_conn_check_pending(hdev);
69}
70
71static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
72{
73 __u8 status = *((__u8 *) skb->data);
74
75 BT_DBG("%s status 0x%x", hdev->name, status);
76
77 if (status)
78 return;
79
80 clear_bit(HCI_INQUIRY, &hdev->flags);
81
82 hci_conn_check_pending(hdev);
83}
84
85static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
86{
87 BT_DBG("%s", hdev->name);
88}
89
90static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
91{
92 struct hci_rp_role_discovery *rp = (void *) skb->data;
93 struct hci_conn *conn;
94
95 BT_DBG("%s status 0x%x", hdev->name, rp->status);
96
97 if (rp->status)
98 return;
99
100 hci_dev_lock(hdev);
101
102 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
103 if (conn) {
104 if (rp->role)
105 conn->link_mode &= ~HCI_LM_MASTER;
106 else
107 conn->link_mode |= HCI_LM_MASTER;
108 }
109
110 hci_dev_unlock(hdev);
111}
112
113static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
114{
115 struct hci_rp_read_link_policy *rp = (void *) skb->data;
116 struct hci_conn *conn;
117
118 BT_DBG("%s status 0x%x", hdev->name, rp->status);
119
120 if (rp->status)
121 return;
122
123 hci_dev_lock(hdev);
124
125 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
126 if (conn)
127 conn->link_policy = __le16_to_cpu(rp->policy);
128
129 hci_dev_unlock(hdev);
130}
131
132static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
133{
134 struct hci_rp_write_link_policy *rp = (void *) skb->data;
135 struct hci_conn *conn;
136 void *sent;
137
138 BT_DBG("%s status 0x%x", hdev->name, rp->status);
139
140 if (rp->status)
141 return;
142
143 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
144 if (!sent)
145 return;
146
147 hci_dev_lock(hdev);
148
149 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
150 if (conn)
151 conn->link_policy = get_unaligned_le16(sent + 2);
152
153 hci_dev_unlock(hdev);
154}
155
156static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
157{
158 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
159
160 BT_DBG("%s status 0x%x", hdev->name, rp->status);
161
162 if (rp->status)
163 return;
164
165 hdev->link_policy = __le16_to_cpu(rp->policy);
166}
167
168static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
169{
170 __u8 status = *((__u8 *) skb->data);
171 void *sent;
172
173 BT_DBG("%s status 0x%x", hdev->name, status);
174
175 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
176 if (!sent)
177 return;
178
179 if (!status)
180 hdev->link_policy = get_unaligned_le16(sent);
181
182 hci_req_complete(hdev, status);
183}
184
185static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
186{
187 __u8 status = *((__u8 *) skb->data);
188
189 BT_DBG("%s status 0x%x", hdev->name, status);
190
191 hci_req_complete(hdev, status);
192}
193
194static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
195{
196 __u8 status = *((__u8 *) skb->data);
197 void *sent;
198
199 BT_DBG("%s status 0x%x", hdev->name, status);
200
201 if (status)
202 return;
203
204 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
205 if (!sent)
206 return;
207
208 memcpy(hdev->dev_name, sent, 248);
209}
210
211static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
212{
213 struct hci_rp_read_local_name *rp = (void *) skb->data;
214
215 BT_DBG("%s status 0x%x", hdev->name, rp->status);
216
217 if (rp->status)
218 return;
219
220 memcpy(hdev->dev_name, rp->name, 248);
221}
222
223static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
224{
225 __u8 status = *((__u8 *) skb->data);
226 void *sent;
227
228 BT_DBG("%s status 0x%x", hdev->name, status);
229
230 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
231 if (!sent)
232 return;
233
234 if (!status) {
235 __u8 param = *((__u8 *) sent);
236
237 if (param == AUTH_ENABLED)
238 set_bit(HCI_AUTH, &hdev->flags);
239 else
240 clear_bit(HCI_AUTH, &hdev->flags);
241 }
242
243 hci_req_complete(hdev, status);
244}
245
246static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
247{
248 __u8 status = *((__u8 *) skb->data);
249 void *sent;
250
251 BT_DBG("%s status 0x%x", hdev->name, status);
252
253 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
254 if (!sent)
255 return;
256
257 if (!status) {
258 __u8 param = *((__u8 *) sent);
259
260 if (param)
261 set_bit(HCI_ENCRYPT, &hdev->flags);
262 else
263 clear_bit(HCI_ENCRYPT, &hdev->flags);
264 }
265
266 hci_req_complete(hdev, status);
267}
268
269static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
270{
271 __u8 status = *((__u8 *) skb->data);
272 void *sent;
273
274 BT_DBG("%s status 0x%x", hdev->name, status);
275
276 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
277 if (!sent)
278 return;
279
280 if (!status) {
281 __u8 param = *((__u8 *) sent);
282
283 clear_bit(HCI_PSCAN, &hdev->flags);
284 clear_bit(HCI_ISCAN, &hdev->flags);
285
286 if (param & SCAN_INQUIRY)
287 set_bit(HCI_ISCAN, &hdev->flags);
288
289 if (param & SCAN_PAGE)
290 set_bit(HCI_PSCAN, &hdev->flags);
291 }
292
293 hci_req_complete(hdev, status);
294}
295
296static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
297{
298 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
299
300 BT_DBG("%s status 0x%x", hdev->name, rp->status);
301
302 if (rp->status)
303 return;
304
305 memcpy(hdev->dev_class, rp->dev_class, 3);
306
307 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
308 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
309}
310
311static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
312{
313 __u8 status = *((__u8 *) skb->data);
314 void *sent;
315
316 BT_DBG("%s status 0x%x", hdev->name, status);
317
318 if (status)
319 return;
320
321 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
322 if (!sent)
323 return;
324
325 memcpy(hdev->dev_class, sent, 3);
326}
327
328static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
329{
330 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
331 __u16 setting;
332
333 BT_DBG("%s status 0x%x", hdev->name, rp->status);
334
335 if (rp->status)
336 return;
337
338 setting = __le16_to_cpu(rp->voice_setting);
339
340 if (hdev->voice_setting == setting)
341 return;
342
343 hdev->voice_setting = setting;
344
345 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
346
347 if (hdev->notify) {
348 tasklet_disable(&hdev->tx_task);
349 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
350 tasklet_enable(&hdev->tx_task);
351 }
352}
353
354static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
355{
356 __u8 status = *((__u8 *) skb->data);
357 __u16 setting;
358 void *sent;
359
360 BT_DBG("%s status 0x%x", hdev->name, status);
361
362 if (status)
363 return;
364
365 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
366 if (!sent)
367 return;
368
369 setting = get_unaligned_le16(sent);
370
371 if (hdev->voice_setting == setting)
372 return;
373
374 hdev->voice_setting = setting;
375
376 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
377
378 if (hdev->notify) {
379 tasklet_disable(&hdev->tx_task);
380 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
381 tasklet_enable(&hdev->tx_task);
382 }
383}
384
385static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
386{
387 __u8 status = *((__u8 *) skb->data);
388
389 BT_DBG("%s status 0x%x", hdev->name, status);
390
391 hci_req_complete(hdev, status);
392}
393
394static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
395{
396 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
397
398 BT_DBG("%s status 0x%x", hdev->name, rp->status);
399
400 if (rp->status)
401 return;
402
403 hdev->ssp_mode = rp->mode;
404}
405
406static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
407{
408 __u8 status = *((__u8 *) skb->data);
409 void *sent;
410
411 BT_DBG("%s status 0x%x", hdev->name, status);
412
413 if (status)
414 return;
415
416 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
417 if (!sent)
418 return;
419
420 hdev->ssp_mode = *((__u8 *) sent);
421}
422
423static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
424{
425 struct hci_rp_read_local_version *rp = (void *) skb->data;
426
427 BT_DBG("%s status 0x%x", hdev->name, rp->status);
428
429 if (rp->status)
430 return;
431
432 hdev->hci_ver = rp->hci_ver;
433 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
434 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
435
436 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
437 hdev->manufacturer,
438 hdev->hci_ver, hdev->hci_rev);
439}
440
441static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
442{
443 struct hci_rp_read_local_commands *rp = (void *) skb->data;
444
445 BT_DBG("%s status 0x%x", hdev->name, rp->status);
446
447 if (rp->status)
448 return;
449
450 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
451}
452
453static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
454{
455 struct hci_rp_read_local_features *rp = (void *) skb->data;
456
457 BT_DBG("%s status 0x%x", hdev->name, rp->status);
458
459 if (rp->status)
460 return;
461
462 memcpy(hdev->features, rp->features, 8);
463
464
465
466
467 if (hdev->features[0] & LMP_3SLOT)
468 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
469
470 if (hdev->features[0] & LMP_5SLOT)
471 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
472
473 if (hdev->features[1] & LMP_HV2) {
474 hdev->pkt_type |= (HCI_HV2);
475 hdev->esco_type |= (ESCO_HV2);
476 }
477
478 if (hdev->features[1] & LMP_HV3) {
479 hdev->pkt_type |= (HCI_HV3);
480 hdev->esco_type |= (ESCO_HV3);
481 }
482
483 if (hdev->features[3] & LMP_ESCO)
484 hdev->esco_type |= (ESCO_EV3);
485
486 if (hdev->features[4] & LMP_EV4)
487 hdev->esco_type |= (ESCO_EV4);
488
489 if (hdev->features[4] & LMP_EV5)
490 hdev->esco_type |= (ESCO_EV5);
491
492 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
493 hdev->features[0], hdev->features[1],
494 hdev->features[2], hdev->features[3],
495 hdev->features[4], hdev->features[5],
496 hdev->features[6], hdev->features[7]);
497}
498
499static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
500{
501 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
502
503 BT_DBG("%s status 0x%x", hdev->name, rp->status);
504
505 if (rp->status)
506 return;
507
508 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
509 hdev->sco_mtu = rp->sco_mtu;
510 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
511 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
512
513 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
514 hdev->sco_mtu = 64;
515 hdev->sco_pkts = 8;
516 }
517
518 hdev->acl_cnt = hdev->acl_pkts;
519 hdev->sco_cnt = hdev->sco_pkts;
520
521 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
522 hdev->acl_mtu, hdev->acl_pkts,
523 hdev->sco_mtu, hdev->sco_pkts);
524}
525
526static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
527{
528 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
529
530 BT_DBG("%s status 0x%x", hdev->name, rp->status);
531
532 if (!rp->status)
533 bacpy(&hdev->bdaddr, &rp->bdaddr);
534
535 hci_req_complete(hdev, rp->status);
536}
537
538static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
539{
540 BT_DBG("%s status 0x%x", hdev->name, status);
541
542 if (status) {
543 hci_req_complete(hdev, status);
544
545 hci_conn_check_pending(hdev);
546 } else
547 set_bit(HCI_INQUIRY, &hdev->flags);
548}
549
550static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
551{
552 struct hci_cp_create_conn *cp;
553 struct hci_conn *conn;
554
555 BT_DBG("%s status 0x%x", hdev->name, status);
556
557 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
558 if (!cp)
559 return;
560
561 hci_dev_lock(hdev);
562
563 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
564
565 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
566
567 if (status) {
568 if (conn && conn->state == BT_CONNECT) {
569 if (status != 0x0c || conn->attempt > 2) {
570 conn->state = BT_CLOSED;
571 hci_proto_connect_cfm(conn, status);
572 hci_conn_del(conn);
573 } else
574 conn->state = BT_CONNECT2;
575 }
576 } else {
577 if (!conn) {
578 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
579 if (conn) {
580 conn->out = 1;
581 conn->link_mode |= HCI_LM_MASTER;
582 } else
583 BT_ERR("No memmory for new connection");
584 }
585 }
586
587 hci_dev_unlock(hdev);
588}
589
590static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
591{
592 struct hci_cp_add_sco *cp;
593 struct hci_conn *acl, *sco;
594 __u16 handle;
595
596 BT_DBG("%s status 0x%x", hdev->name, status);
597
598 if (!status)
599 return;
600
601 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
602 if (!cp)
603 return;
604
605 handle = __le16_to_cpu(cp->handle);
606
607 BT_DBG("%s handle %d", hdev->name, handle);
608
609 hci_dev_lock(hdev);
610
611 acl = hci_conn_hash_lookup_handle(hdev, handle);
612 if (acl && (sco = acl->link)) {
613 sco->state = BT_CLOSED;
614
615 hci_proto_connect_cfm(sco, status);
616 hci_conn_del(sco);
617 }
618
619 hci_dev_unlock(hdev);
620}
621
622static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
623{
624 struct hci_cp_auth_requested *cp;
625 struct hci_conn *conn;
626
627 BT_DBG("%s status 0x%x", hdev->name, status);
628
629 if (!status)
630 return;
631
632 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
633 if (!cp)
634 return;
635
636 hci_dev_lock(hdev);
637
638 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
639 if (conn) {
640 if (conn->state == BT_CONFIG) {
641 hci_proto_connect_cfm(conn, status);
642 hci_conn_put(conn);
643 }
644 }
645
646 hci_dev_unlock(hdev);
647}
648
649static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
650{
651 struct hci_cp_set_conn_encrypt *cp;
652 struct hci_conn *conn;
653
654 BT_DBG("%s status 0x%x", hdev->name, status);
655
656 if (!status)
657 return;
658
659 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
660 if (!cp)
661 return;
662
663 hci_dev_lock(hdev);
664
665 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
666 if (conn) {
667 if (conn->state == BT_CONFIG) {
668 hci_proto_connect_cfm(conn, status);
669 hci_conn_put(conn);
670 }
671 }
672
673 hci_dev_unlock(hdev);
674}
675
676static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
677{
678 BT_DBG("%s status 0x%x", hdev->name, status);
679}
680
681static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
682{
683 struct hci_cp_read_remote_features *cp;
684 struct hci_conn *conn;
685
686 BT_DBG("%s status 0x%x", hdev->name, status);
687
688 if (!status)
689 return;
690
691 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
692 if (!cp)
693 return;
694
695 hci_dev_lock(hdev);
696
697 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
698 if (conn) {
699 if (conn->state == BT_CONFIG) {
700 hci_proto_connect_cfm(conn, status);
701 hci_conn_put(conn);
702 }
703 }
704
705 hci_dev_unlock(hdev);
706}
707
708static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
709{
710 struct hci_cp_read_remote_ext_features *cp;
711 struct hci_conn *conn;
712
713 BT_DBG("%s status 0x%x", hdev->name, status);
714
715 if (!status)
716 return;
717
718 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
719 if (!cp)
720 return;
721
722 hci_dev_lock(hdev);
723
724 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
725 if (conn) {
726 if (conn->state == BT_CONFIG) {
727 hci_proto_connect_cfm(conn, status);
728 hci_conn_put(conn);
729 }
730 }
731
732 hci_dev_unlock(hdev);
733}
734
735static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
736{
737 struct hci_cp_setup_sync_conn *cp;
738 struct hci_conn *acl, *sco;
739 __u16 handle;
740
741 BT_DBG("%s status 0x%x", hdev->name, status);
742
743 if (!status)
744 return;
745
746 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
747 if (!cp)
748 return;
749
750 handle = __le16_to_cpu(cp->handle);
751
752 BT_DBG("%s handle %d", hdev->name, handle);
753
754 hci_dev_lock(hdev);
755
756 acl = hci_conn_hash_lookup_handle(hdev, handle);
757 if (acl && (sco = acl->link)) {
758 sco->state = BT_CLOSED;
759
760 hci_proto_connect_cfm(sco, status);
761 hci_conn_del(sco);
762 }
763
764 hci_dev_unlock(hdev);
765}
766
767static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
768{
769 struct hci_cp_sniff_mode *cp;
770 struct hci_conn *conn;
771
772 BT_DBG("%s status 0x%x", hdev->name, status);
773
774 if (!status)
775 return;
776
777 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
778 if (!cp)
779 return;
780
781 hci_dev_lock(hdev);
782
783 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
784 if (conn)
785 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
786
787 hci_dev_unlock(hdev);
788}
789
790static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
791{
792 struct hci_cp_exit_sniff_mode *cp;
793 struct hci_conn *conn;
794
795 BT_DBG("%s status 0x%x", hdev->name, status);
796
797 if (!status)
798 return;
799
800 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
801 if (!cp)
802 return;
803
804 hci_dev_lock(hdev);
805
806 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
807 if (conn)
808 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
809
810 hci_dev_unlock(hdev);
811}
812
813static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
814{
815 __u8 status = *((__u8 *) skb->data);
816
817 BT_DBG("%s status %d", hdev->name, status);
818
819 clear_bit(HCI_INQUIRY, &hdev->flags);
820
821 hci_req_complete(hdev, status);
822
823 hci_conn_check_pending(hdev);
824}
825
826static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
827{
828 struct inquiry_data data;
829 struct inquiry_info *info = (void *) (skb->data + 1);
830 int num_rsp = *((__u8 *) skb->data);
831
832 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
833
834 if (!num_rsp)
835 return;
836
837 hci_dev_lock(hdev);
838
839 for (; num_rsp; num_rsp--) {
840 bacpy(&data.bdaddr, &info->bdaddr);
841 data.pscan_rep_mode = info->pscan_rep_mode;
842 data.pscan_period_mode = info->pscan_period_mode;
843 data.pscan_mode = info->pscan_mode;
844 memcpy(data.dev_class, info->dev_class, 3);
845 data.clock_offset = info->clock_offset;
846 data.rssi = 0x00;
847 data.ssp_mode = 0x00;
848 info++;
849 hci_inquiry_cache_update(hdev, &data);
850 }
851
852 hci_dev_unlock(hdev);
853}
854
855static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
856{
857 struct hci_ev_conn_complete *ev = (void *) skb->data;
858 struct hci_conn *conn;
859
860 BT_DBG("%s", hdev->name);
861
862 hci_dev_lock(hdev);
863
864 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
865 if (!conn)
866 goto unlock;
867
868 if (!ev->status) {
869 conn->handle = __le16_to_cpu(ev->handle);
870
871 if (conn->type == ACL_LINK) {
872 conn->state = BT_CONFIG;
873 hci_conn_hold(conn);
874 } else
875 conn->state = BT_CONNECTED;
876
877 hci_conn_add_sysfs(conn);
878
879 if (test_bit(HCI_AUTH, &hdev->flags))
880 conn->link_mode |= HCI_LM_AUTH;
881
882 if (test_bit(HCI_ENCRYPT, &hdev->flags))
883 conn->link_mode |= HCI_LM_ENCRYPT;
884
885
886 if (conn->type == ACL_LINK) {
887 struct hci_cp_read_remote_features cp;
888 cp.handle = ev->handle;
889 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
890 sizeof(cp), &cp);
891 }
892
893
894 if (!conn->out && hdev->hci_ver < 3) {
895 struct hci_cp_change_conn_ptype cp;
896 cp.handle = ev->handle;
897 cp.pkt_type = cpu_to_le16(conn->pkt_type);
898 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
899 sizeof(cp), &cp);
900 }
901 } else
902 conn->state = BT_CLOSED;
903
904 if (conn->type == ACL_LINK) {
905 struct hci_conn *sco = conn->link;
906 if (sco) {
907 if (!ev->status) {
908 if (lmp_esco_capable(hdev))
909 hci_setup_sync(sco, conn->handle);
910 else
911 hci_add_sco(sco, conn->handle);
912 } else {
913 hci_proto_connect_cfm(sco, ev->status);
914 hci_conn_del(sco);
915 }
916 }
917 }
918
919 if (ev->status) {
920 hci_proto_connect_cfm(conn, ev->status);
921 hci_conn_del(conn);
922 }
923
924unlock:
925 hci_dev_unlock(hdev);
926
927 hci_conn_check_pending(hdev);
928}
929
930static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
931{
932 struct hci_ev_conn_request *ev = (void *) skb->data;
933 int mask = hdev->link_mode;
934
935 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
936 batostr(&ev->bdaddr), ev->link_type);
937
938 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
939
940 if (mask & HCI_LM_ACCEPT) {
941
942 struct inquiry_entry *ie;
943 struct hci_conn *conn;
944
945 hci_dev_lock(hdev);
946
947 if ((ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr)))
948 memcpy(ie->data.dev_class, ev->dev_class, 3);
949
950 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
951 if (!conn) {
952 if (!(conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr))) {
953 BT_ERR("No memmory for new connection");
954 hci_dev_unlock(hdev);
955 return;
956 }
957 }
958
959 memcpy(conn->dev_class, ev->dev_class, 3);
960 conn->state = BT_CONNECT;
961
962 hci_dev_unlock(hdev);
963
964 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
965 struct hci_cp_accept_conn_req cp;
966
967 bacpy(&cp.bdaddr, &ev->bdaddr);
968
969 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
970 cp.role = 0x00;
971 else
972 cp.role = 0x01;
973
974 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
975 sizeof(cp), &cp);
976 } else {
977 struct hci_cp_accept_sync_conn_req cp;
978
979 bacpy(&cp.bdaddr, &ev->bdaddr);
980 cp.pkt_type = cpu_to_le16(conn->pkt_type);
981
982 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
983 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
984 cp.max_latency = cpu_to_le16(0xffff);
985 cp.content_format = cpu_to_le16(hdev->voice_setting);
986 cp.retrans_effort = 0xff;
987
988 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
989 sizeof(cp), &cp);
990 }
991 } else {
992
993 struct hci_cp_reject_conn_req cp;
994
995 bacpy(&cp.bdaddr, &ev->bdaddr);
996 cp.reason = 0x0f;
997 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
998 }
999}
1000
1001static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1002{
1003 struct hci_ev_disconn_complete *ev = (void *) skb->data;
1004 struct hci_conn *conn;
1005
1006 BT_DBG("%s status %d", hdev->name, ev->status);
1007
1008 if (ev->status)
1009 return;
1010
1011 hci_dev_lock(hdev);
1012
1013 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1014 if (conn) {
1015 conn->state = BT_CLOSED;
1016
1017 hci_conn_del_sysfs(conn);
1018
1019 hci_proto_disconn_ind(conn, ev->reason);
1020 hci_conn_del(conn);
1021 }
1022
1023 hci_dev_unlock(hdev);
1024}
1025
1026static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1027{
1028 struct hci_ev_auth_complete *ev = (void *) skb->data;
1029 struct hci_conn *conn;
1030
1031 BT_DBG("%s status %d", hdev->name, ev->status);
1032
1033 hci_dev_lock(hdev);
1034
1035 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1036 if (conn) {
1037 if (!ev->status)
1038 conn->link_mode |= HCI_LM_AUTH;
1039
1040 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1041
1042 if (conn->state == BT_CONFIG) {
1043 if (!ev->status && hdev->ssp_mode > 0 &&
1044 conn->ssp_mode > 0) {
1045 struct hci_cp_set_conn_encrypt cp;
1046 cp.handle = ev->handle;
1047 cp.encrypt = 0x01;
1048 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1049 sizeof(cp), &cp);
1050 } else {
1051 conn->state = BT_CONNECTED;
1052 hci_proto_connect_cfm(conn, ev->status);
1053 hci_conn_put(conn);
1054 }
1055 } else
1056 hci_auth_cfm(conn, ev->status);
1057
1058 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
1059 if (!ev->status) {
1060 struct hci_cp_set_conn_encrypt cp;
1061 cp.handle = ev->handle;
1062 cp.encrypt = 0x01;
1063 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1064 sizeof(cp), &cp);
1065 } else {
1066 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1067 hci_encrypt_cfm(conn, ev->status, 0x00);
1068 }
1069 }
1070 }
1071
1072 hci_dev_unlock(hdev);
1073}
1074
1075static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1076{
1077 BT_DBG("%s", hdev->name);
1078
1079 hci_conn_check_pending(hdev);
1080}
1081
1082static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1083{
1084 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1085 struct hci_conn *conn;
1086
1087 BT_DBG("%s status %d", hdev->name, ev->status);
1088
1089 hci_dev_lock(hdev);
1090
1091 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1092 if (conn) {
1093 if (!ev->status) {
1094 if (ev->encrypt) {
1095
1096 conn->link_mode |= HCI_LM_AUTH;
1097 conn->link_mode |= HCI_LM_ENCRYPT;
1098 } else
1099 conn->link_mode &= ~HCI_LM_ENCRYPT;
1100 }
1101
1102 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1103
1104 if (conn->state == BT_CONFIG) {
1105 if (!ev->status)
1106 conn->state = BT_CONNECTED;
1107
1108 hci_proto_connect_cfm(conn, ev->status);
1109 hci_conn_put(conn);
1110 } else
1111 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1112 }
1113
1114 hci_dev_unlock(hdev);
1115}
1116
1117static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1118{
1119 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
1120 struct hci_conn *conn;
1121
1122 BT_DBG("%s status %d", hdev->name, ev->status);
1123
1124 hci_dev_lock(hdev);
1125
1126 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1127 if (conn) {
1128 if (!ev->status)
1129 conn->link_mode |= HCI_LM_SECURE;
1130
1131 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1132
1133 hci_key_change_cfm(conn, ev->status);
1134 }
1135
1136 hci_dev_unlock(hdev);
1137}
1138
1139static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1140{
1141 struct hci_ev_remote_features *ev = (void *) skb->data;
1142 struct hci_conn *conn;
1143
1144 BT_DBG("%s status %d", hdev->name, ev->status);
1145
1146 hci_dev_lock(hdev);
1147
1148 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1149 if (conn) {
1150 if (!ev->status)
1151 memcpy(conn->features, ev->features, 8);
1152
1153 if (conn->state == BT_CONFIG) {
1154 if (!ev->status && lmp_ssp_capable(hdev) &&
1155 lmp_ssp_capable(conn)) {
1156 struct hci_cp_read_remote_ext_features cp;
1157 cp.handle = ev->handle;
1158 cp.page = 0x01;
1159 hci_send_cmd(hdev,
1160 HCI_OP_READ_REMOTE_EXT_FEATURES,
1161 sizeof(cp), &cp);
1162 } else {
1163 conn->state = BT_CONNECTED;
1164 hci_proto_connect_cfm(conn, ev->status);
1165 hci_conn_put(conn);
1166 }
1167 }
1168 }
1169
1170 hci_dev_unlock(hdev);
1171}
1172
1173static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1174{
1175 BT_DBG("%s", hdev->name);
1176}
1177
1178static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1179{
1180 BT_DBG("%s", hdev->name);
1181}
1182
1183static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1184{
1185 struct hci_ev_cmd_complete *ev = (void *) skb->data;
1186 __u16 opcode;
1187
1188 skb_pull(skb, sizeof(*ev));
1189
1190 opcode = __le16_to_cpu(ev->opcode);
1191
1192 switch (opcode) {
1193 case HCI_OP_INQUIRY_CANCEL:
1194 hci_cc_inquiry_cancel(hdev, skb);
1195 break;
1196
1197 case HCI_OP_EXIT_PERIODIC_INQ:
1198 hci_cc_exit_periodic_inq(hdev, skb);
1199 break;
1200
1201 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
1202 hci_cc_remote_name_req_cancel(hdev, skb);
1203 break;
1204
1205 case HCI_OP_ROLE_DISCOVERY:
1206 hci_cc_role_discovery(hdev, skb);
1207 break;
1208
1209 case HCI_OP_READ_LINK_POLICY:
1210 hci_cc_read_link_policy(hdev, skb);
1211 break;
1212
1213 case HCI_OP_WRITE_LINK_POLICY:
1214 hci_cc_write_link_policy(hdev, skb);
1215 break;
1216
1217 case HCI_OP_READ_DEF_LINK_POLICY:
1218 hci_cc_read_def_link_policy(hdev, skb);
1219 break;
1220
1221 case HCI_OP_WRITE_DEF_LINK_POLICY:
1222 hci_cc_write_def_link_policy(hdev, skb);
1223 break;
1224
1225 case HCI_OP_RESET:
1226 hci_cc_reset(hdev, skb);
1227 break;
1228
1229 case HCI_OP_WRITE_LOCAL_NAME:
1230 hci_cc_write_local_name(hdev, skb);
1231 break;
1232
1233 case HCI_OP_READ_LOCAL_NAME:
1234 hci_cc_read_local_name(hdev, skb);
1235 break;
1236
1237 case HCI_OP_WRITE_AUTH_ENABLE:
1238 hci_cc_write_auth_enable(hdev, skb);
1239 break;
1240
1241 case HCI_OP_WRITE_ENCRYPT_MODE:
1242 hci_cc_write_encrypt_mode(hdev, skb);
1243 break;
1244
1245 case HCI_OP_WRITE_SCAN_ENABLE:
1246 hci_cc_write_scan_enable(hdev, skb);
1247 break;
1248
1249 case HCI_OP_READ_CLASS_OF_DEV:
1250 hci_cc_read_class_of_dev(hdev, skb);
1251 break;
1252
1253 case HCI_OP_WRITE_CLASS_OF_DEV:
1254 hci_cc_write_class_of_dev(hdev, skb);
1255 break;
1256
1257 case HCI_OP_READ_VOICE_SETTING:
1258 hci_cc_read_voice_setting(hdev, skb);
1259 break;
1260
1261 case HCI_OP_WRITE_VOICE_SETTING:
1262 hci_cc_write_voice_setting(hdev, skb);
1263 break;
1264
1265 case HCI_OP_HOST_BUFFER_SIZE:
1266 hci_cc_host_buffer_size(hdev, skb);
1267 break;
1268
1269 case HCI_OP_READ_SSP_MODE:
1270 hci_cc_read_ssp_mode(hdev, skb);
1271 break;
1272
1273 case HCI_OP_WRITE_SSP_MODE:
1274 hci_cc_write_ssp_mode(hdev, skb);
1275 break;
1276
1277 case HCI_OP_READ_LOCAL_VERSION:
1278 hci_cc_read_local_version(hdev, skb);
1279 break;
1280
1281 case HCI_OP_READ_LOCAL_COMMANDS:
1282 hci_cc_read_local_commands(hdev, skb);
1283 break;
1284
1285 case HCI_OP_READ_LOCAL_FEATURES:
1286 hci_cc_read_local_features(hdev, skb);
1287 break;
1288
1289 case HCI_OP_READ_BUFFER_SIZE:
1290 hci_cc_read_buffer_size(hdev, skb);
1291 break;
1292
1293 case HCI_OP_READ_BD_ADDR:
1294 hci_cc_read_bd_addr(hdev, skb);
1295 break;
1296
1297 default:
1298 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1299 break;
1300 }
1301
1302 if (ev->ncmd) {
1303 atomic_set(&hdev->cmd_cnt, 1);
1304 if (!skb_queue_empty(&hdev->cmd_q))
1305 hci_sched_cmd(hdev);
1306 }
1307}
1308
1309static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
1310{
1311 struct hci_ev_cmd_status *ev = (void *) skb->data;
1312 __u16 opcode;
1313
1314 skb_pull(skb, sizeof(*ev));
1315
1316 opcode = __le16_to_cpu(ev->opcode);
1317
1318 switch (opcode) {
1319 case HCI_OP_INQUIRY:
1320 hci_cs_inquiry(hdev, ev->status);
1321 break;
1322
1323 case HCI_OP_CREATE_CONN:
1324 hci_cs_create_conn(hdev, ev->status);
1325 break;
1326
1327 case HCI_OP_ADD_SCO:
1328 hci_cs_add_sco(hdev, ev->status);
1329 break;
1330
1331 case HCI_OP_AUTH_REQUESTED:
1332 hci_cs_auth_requested(hdev, ev->status);
1333 break;
1334
1335 case HCI_OP_SET_CONN_ENCRYPT:
1336 hci_cs_set_conn_encrypt(hdev, ev->status);
1337 break;
1338
1339 case HCI_OP_REMOTE_NAME_REQ:
1340 hci_cs_remote_name_req(hdev, ev->status);
1341 break;
1342
1343 case HCI_OP_READ_REMOTE_FEATURES:
1344 hci_cs_read_remote_features(hdev, ev->status);
1345 break;
1346
1347 case HCI_OP_READ_REMOTE_EXT_FEATURES:
1348 hci_cs_read_remote_ext_features(hdev, ev->status);
1349 break;
1350
1351 case HCI_OP_SETUP_SYNC_CONN:
1352 hci_cs_setup_sync_conn(hdev, ev->status);
1353 break;
1354
1355 case HCI_OP_SNIFF_MODE:
1356 hci_cs_sniff_mode(hdev, ev->status);
1357 break;
1358
1359 case HCI_OP_EXIT_SNIFF_MODE:
1360 hci_cs_exit_sniff_mode(hdev, ev->status);
1361 break;
1362
1363 default:
1364 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1365 break;
1366 }
1367
1368 if (ev->ncmd) {
1369 atomic_set(&hdev->cmd_cnt, 1);
1370 if (!skb_queue_empty(&hdev->cmd_q))
1371 hci_sched_cmd(hdev);
1372 }
1373}
1374
1375static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1376{
1377 struct hci_ev_role_change *ev = (void *) skb->data;
1378 struct hci_conn *conn;
1379
1380 BT_DBG("%s status %d", hdev->name, ev->status);
1381
1382 hci_dev_lock(hdev);
1383
1384 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1385 if (conn) {
1386 if (!ev->status) {
1387 if (ev->role)
1388 conn->link_mode &= ~HCI_LM_MASTER;
1389 else
1390 conn->link_mode |= HCI_LM_MASTER;
1391 }
1392
1393 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
1394
1395 hci_role_switch_cfm(conn, ev->status, ev->role);
1396 }
1397
1398 hci_dev_unlock(hdev);
1399}
1400
1401static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
1402{
1403 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
1404 __le16 *ptr;
1405 int i;
1406
1407 skb_pull(skb, sizeof(*ev));
1408
1409 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
1410
1411 if (skb->len < ev->num_hndl * 4) {
1412 BT_DBG("%s bad parameters", hdev->name);
1413 return;
1414 }
1415
1416 tasklet_disable(&hdev->tx_task);
1417
1418 for (i = 0, ptr = (__le16 *) skb->data; i < ev->num_hndl; i++) {
1419 struct hci_conn *conn;
1420 __u16 handle, count;
1421
1422 handle = get_unaligned_le16(ptr++);
1423 count = get_unaligned_le16(ptr++);
1424
1425 conn = hci_conn_hash_lookup_handle(hdev, handle);
1426 if (conn) {
1427 conn->sent -= count;
1428
1429 if (conn->type == ACL_LINK) {
1430 if ((hdev->acl_cnt += count) > hdev->acl_pkts)
1431 hdev->acl_cnt = hdev->acl_pkts;
1432 } else {
1433 if ((hdev->sco_cnt += count) > hdev->sco_pkts)
1434 hdev->sco_cnt = hdev->sco_pkts;
1435 }
1436 }
1437 }
1438
1439 hci_sched_tx(hdev);
1440
1441 tasklet_enable(&hdev->tx_task);
1442}
1443
1444static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1445{
1446 struct hci_ev_mode_change *ev = (void *) skb->data;
1447 struct hci_conn *conn;
1448
1449 BT_DBG("%s status %d", hdev->name, ev->status);
1450
1451 hci_dev_lock(hdev);
1452
1453 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1454 if (conn) {
1455 conn->mode = ev->mode;
1456 conn->interval = __le16_to_cpu(ev->interval);
1457
1458 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
1459 if (conn->mode == HCI_CM_ACTIVE)
1460 conn->power_save = 1;
1461 else
1462 conn->power_save = 0;
1463 }
1464 }
1465
1466 hci_dev_unlock(hdev);
1467}
1468
1469static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1470{
1471 BT_DBG("%s", hdev->name);
1472}
1473
1474static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1475{
1476 BT_DBG("%s", hdev->name);
1477}
1478
1479static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
1480{
1481 BT_DBG("%s", hdev->name);
1482}
1483
1484static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
1485{
1486 struct hci_ev_clock_offset *ev = (void *) skb->data;
1487 struct hci_conn *conn;
1488
1489 BT_DBG("%s status %d", hdev->name, ev->status);
1490
1491 hci_dev_lock(hdev);
1492
1493 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1494 if (conn && !ev->status) {
1495 struct inquiry_entry *ie;
1496
1497 if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst))) {
1498 ie->data.clock_offset = ev->clock_offset;
1499 ie->timestamp = jiffies;
1500 }
1501 }
1502
1503 hci_dev_unlock(hdev);
1504}
1505
1506static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1507{
1508 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
1509 struct hci_conn *conn;
1510
1511 BT_DBG("%s status %d", hdev->name, ev->status);
1512
1513 hci_dev_lock(hdev);
1514
1515 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1516 if (conn && !ev->status)
1517 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
1518
1519 hci_dev_unlock(hdev);
1520}
1521
1522static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
1523{
1524 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
1525 struct inquiry_entry *ie;
1526
1527 BT_DBG("%s", hdev->name);
1528
1529 hci_dev_lock(hdev);
1530
1531 if ((ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr))) {
1532 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
1533 ie->timestamp = jiffies;
1534 }
1535
1536 hci_dev_unlock(hdev);
1537}
1538
1539static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
1540{
1541 struct inquiry_data data;
1542 int num_rsp = *((__u8 *) skb->data);
1543
1544 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1545
1546 if (!num_rsp)
1547 return;
1548
1549 hci_dev_lock(hdev);
1550
1551 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
1552 struct inquiry_info_with_rssi_and_pscan_mode *info = (void *) (skb->data + 1);
1553
1554 for (; num_rsp; num_rsp--) {
1555 bacpy(&data.bdaddr, &info->bdaddr);
1556 data.pscan_rep_mode = info->pscan_rep_mode;
1557 data.pscan_period_mode = info->pscan_period_mode;
1558 data.pscan_mode = info->pscan_mode;
1559 memcpy(data.dev_class, info->dev_class, 3);
1560 data.clock_offset = info->clock_offset;
1561 data.rssi = info->rssi;
1562 data.ssp_mode = 0x00;
1563 info++;
1564 hci_inquiry_cache_update(hdev, &data);
1565 }
1566 } else {
1567 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
1568
1569 for (; num_rsp; num_rsp--) {
1570 bacpy(&data.bdaddr, &info->bdaddr);
1571 data.pscan_rep_mode = info->pscan_rep_mode;
1572 data.pscan_period_mode = info->pscan_period_mode;
1573 data.pscan_mode = 0x00;
1574 memcpy(data.dev_class, info->dev_class, 3);
1575 data.clock_offset = info->clock_offset;
1576 data.rssi = info->rssi;
1577 data.ssp_mode = 0x00;
1578 info++;
1579 hci_inquiry_cache_update(hdev, &data);
1580 }
1581 }
1582
1583 hci_dev_unlock(hdev);
1584}
1585
1586static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1587{
1588 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
1589 struct hci_conn *conn;
1590
1591 BT_DBG("%s", hdev->name);
1592
1593 hci_dev_lock(hdev);
1594
1595 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1596 if (conn) {
1597 if (!ev->status && ev->page == 0x01) {
1598 struct inquiry_entry *ie;
1599
1600 if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst)))
1601 ie->data.ssp_mode = (ev->features[0] & 0x01);
1602
1603 conn->ssp_mode = (ev->features[0] & 0x01);
1604 }
1605
1606 if (conn->state == BT_CONFIG) {
1607 if (!ev->status && hdev->ssp_mode > 0 &&
1608 conn->ssp_mode > 0 && conn->out) {
1609 struct hci_cp_auth_requested cp;
1610 cp.handle = ev->handle;
1611 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED,
1612 sizeof(cp), &cp);
1613 } else {
1614 conn->state = BT_CONNECTED;
1615 hci_proto_connect_cfm(conn, ev->status);
1616 hci_conn_put(conn);
1617 }
1618 }
1619 }
1620
1621 hci_dev_unlock(hdev);
1622}
1623
1624static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1625{
1626 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
1627 struct hci_conn *conn;
1628
1629 BT_DBG("%s status %d", hdev->name, ev->status);
1630
1631 hci_dev_lock(hdev);
1632
1633 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1634 if (!conn) {
1635 if (ev->link_type == ESCO_LINK)
1636 goto unlock;
1637
1638 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1639 if (!conn)
1640 goto unlock;
1641
1642 conn->type = SCO_LINK;
1643 }
1644
1645 if (!ev->status) {
1646 conn->handle = __le16_to_cpu(ev->handle);
1647 conn->state = BT_CONNECTED;
1648
1649 hci_conn_add_sysfs(conn);
1650 } else
1651 conn->state = BT_CLOSED;
1652
1653 hci_proto_connect_cfm(conn, ev->status);
1654 if (ev->status)
1655 hci_conn_del(conn);
1656
1657unlock:
1658 hci_dev_unlock(hdev);
1659}
1660
1661static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
1662{
1663 BT_DBG("%s", hdev->name);
1664}
1665
1666static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
1667{
1668 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
1669 struct hci_conn *conn;
1670
1671 BT_DBG("%s status %d", hdev->name, ev->status);
1672
1673 hci_dev_lock(hdev);
1674
1675 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1676 if (conn) {
1677 }
1678
1679 hci_dev_unlock(hdev);
1680}
1681
1682static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1683{
1684 struct inquiry_data data;
1685 struct extended_inquiry_info *info = (void *) (skb->data + 1);
1686 int num_rsp = *((__u8 *) skb->data);
1687
1688 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1689
1690 if (!num_rsp)
1691 return;
1692
1693 hci_dev_lock(hdev);
1694
1695 for (; num_rsp; num_rsp--) {
1696 bacpy(&data.bdaddr, &info->bdaddr);
1697 data.pscan_rep_mode = info->pscan_rep_mode;
1698 data.pscan_period_mode = info->pscan_period_mode;
1699 data.pscan_mode = 0x00;
1700 memcpy(data.dev_class, info->dev_class, 3);
1701 data.clock_offset = info->clock_offset;
1702 data.rssi = info->rssi;
1703 data.ssp_mode = 0x01;
1704 info++;
1705 hci_inquiry_cache_update(hdev, &data);
1706 }
1707
1708 hci_dev_unlock(hdev);
1709}
1710
1711static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1712{
1713 struct hci_ev_io_capa_request *ev = (void *) skb->data;
1714 struct hci_conn *conn;
1715
1716 BT_DBG("%s", hdev->name);
1717
1718 hci_dev_lock(hdev);
1719
1720 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1721 if (conn)
1722 hci_conn_hold(conn);
1723
1724 hci_dev_unlock(hdev);
1725}
1726
1727static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1728{
1729 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
1730 struct hci_conn *conn;
1731
1732 BT_DBG("%s", hdev->name);
1733
1734 hci_dev_lock(hdev);
1735
1736 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1737 if (conn)
1738 hci_conn_put(conn);
1739
1740 hci_dev_unlock(hdev);
1741}
1742
1743static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1744{
1745 struct hci_ev_remote_host_features *ev = (void *) skb->data;
1746 struct inquiry_entry *ie;
1747
1748 BT_DBG("%s", hdev->name);
1749
1750 hci_dev_lock(hdev);
1751
1752 if ((ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr)))
1753 ie->data.ssp_mode = (ev->features[0] & 0x01);
1754
1755 hci_dev_unlock(hdev);
1756}
1757
1758void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
1759{
1760 struct hci_event_hdr *hdr = (void *) skb->data;
1761 __u8 event = hdr->evt;
1762
1763 skb_pull(skb, HCI_EVENT_HDR_SIZE);
1764
1765 switch (event) {
1766 case HCI_EV_INQUIRY_COMPLETE:
1767 hci_inquiry_complete_evt(hdev, skb);
1768 break;
1769
1770 case HCI_EV_INQUIRY_RESULT:
1771 hci_inquiry_result_evt(hdev, skb);
1772 break;
1773
1774 case HCI_EV_CONN_COMPLETE:
1775 hci_conn_complete_evt(hdev, skb);
1776 break;
1777
1778 case HCI_EV_CONN_REQUEST:
1779 hci_conn_request_evt(hdev, skb);
1780 break;
1781
1782 case HCI_EV_DISCONN_COMPLETE:
1783 hci_disconn_complete_evt(hdev, skb);
1784 break;
1785
1786 case HCI_EV_AUTH_COMPLETE:
1787 hci_auth_complete_evt(hdev, skb);
1788 break;
1789
1790 case HCI_EV_REMOTE_NAME:
1791 hci_remote_name_evt(hdev, skb);
1792 break;
1793
1794 case HCI_EV_ENCRYPT_CHANGE:
1795 hci_encrypt_change_evt(hdev, skb);
1796 break;
1797
1798 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
1799 hci_change_link_key_complete_evt(hdev, skb);
1800 break;
1801
1802 case HCI_EV_REMOTE_FEATURES:
1803 hci_remote_features_evt(hdev, skb);
1804 break;
1805
1806 case HCI_EV_REMOTE_VERSION:
1807 hci_remote_version_evt(hdev, skb);
1808 break;
1809
1810 case HCI_EV_QOS_SETUP_COMPLETE:
1811 hci_qos_setup_complete_evt(hdev, skb);
1812 break;
1813
1814 case HCI_EV_CMD_COMPLETE:
1815 hci_cmd_complete_evt(hdev, skb);
1816 break;
1817
1818 case HCI_EV_CMD_STATUS:
1819 hci_cmd_status_evt(hdev, skb);
1820 break;
1821
1822 case HCI_EV_ROLE_CHANGE:
1823 hci_role_change_evt(hdev, skb);
1824 break;
1825
1826 case HCI_EV_NUM_COMP_PKTS:
1827 hci_num_comp_pkts_evt(hdev, skb);
1828 break;
1829
1830 case HCI_EV_MODE_CHANGE:
1831 hci_mode_change_evt(hdev, skb);
1832 break;
1833
1834 case HCI_EV_PIN_CODE_REQ:
1835 hci_pin_code_request_evt(hdev, skb);
1836 break;
1837
1838 case HCI_EV_LINK_KEY_REQ:
1839 hci_link_key_request_evt(hdev, skb);
1840 break;
1841
1842 case HCI_EV_LINK_KEY_NOTIFY:
1843 hci_link_key_notify_evt(hdev, skb);
1844 break;
1845
1846 case HCI_EV_CLOCK_OFFSET:
1847 hci_clock_offset_evt(hdev, skb);
1848 break;
1849
1850 case HCI_EV_PKT_TYPE_CHANGE:
1851 hci_pkt_type_change_evt(hdev, skb);
1852 break;
1853
1854 case HCI_EV_PSCAN_REP_MODE:
1855 hci_pscan_rep_mode_evt(hdev, skb);
1856 break;
1857
1858 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
1859 hci_inquiry_result_with_rssi_evt(hdev, skb);
1860 break;
1861
1862 case HCI_EV_REMOTE_EXT_FEATURES:
1863 hci_remote_ext_features_evt(hdev, skb);
1864 break;
1865
1866 case HCI_EV_SYNC_CONN_COMPLETE:
1867 hci_sync_conn_complete_evt(hdev, skb);
1868 break;
1869
1870 case HCI_EV_SYNC_CONN_CHANGED:
1871 hci_sync_conn_changed_evt(hdev, skb);
1872 break;
1873
1874 case HCI_EV_SNIFF_SUBRATE:
1875 hci_sniff_subrate_evt(hdev, skb);
1876 break;
1877
1878 case HCI_EV_EXTENDED_INQUIRY_RESULT:
1879 hci_extended_inquiry_result_evt(hdev, skb);
1880 break;
1881
1882 case HCI_EV_IO_CAPA_REQUEST:
1883 hci_io_capa_request_evt(hdev, skb);
1884 break;
1885
1886 case HCI_EV_SIMPLE_PAIR_COMPLETE:
1887 hci_simple_pair_complete_evt(hdev, skb);
1888 break;
1889
1890 case HCI_EV_REMOTE_HOST_FEATURES:
1891 hci_remote_host_features_evt(hdev, skb);
1892 break;
1893
1894 default:
1895 BT_DBG("%s event 0x%x", hdev->name, event);
1896 break;
1897 }
1898
1899 kfree_skb(skb);
1900 hdev->stat.evt_rx++;
1901}
1902
1903
1904void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
1905{
1906 struct hci_event_hdr *hdr;
1907 struct hci_ev_stack_internal *ev;
1908 struct sk_buff *skb;
1909
1910 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
1911 if (!skb)
1912 return;
1913
1914 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
1915 hdr->evt = HCI_EV_STACK_INTERNAL;
1916 hdr->plen = sizeof(*ev) + dlen;
1917
1918 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
1919 ev->type = type;
1920 memcpy(ev->data, data, dlen);
1921
1922 bt_cb(skb)->incoming = 1;
1923 __net_timestamp(skb);
1924
1925 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
1926 skb->dev = (void *) hdev;
1927 hci_send_to_sock(hdev, skb);
1928 kfree_skb(skb);
1929}
1930
