/net/bluetooth/hci_event.c
C | 6167 lines | 4315 code | 1438 blank | 414 comment | 824 complexity | 20943b43737aa6ea0cb07baf7990615a MD5 | raw file
Large files files are truncated, but you can click here to view the full file
1/* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved. 4 5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 6 7 This program is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License version 2 as 9 published by the Free Software Foundation; 10 11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 22 SOFTWARE IS DISCLAIMED. 23*/ 24 25/* Bluetooth HCI event handling. */ 26 27#include <asm/unaligned.h> 28 29#include <net/bluetooth/bluetooth.h> 30#include <net/bluetooth/hci_core.h> 31#include <net/bluetooth/mgmt.h> 32 33#include "hci_request.h" 34#include "hci_debugfs.h" 35#include "a2mp.h" 36#include "amp.h" 37#include "smp.h" 38 39#define ZERO_KEY "\x00\x00\x00\x00\x00\x00\x00\x00" \ 40 "\x00\x00\x00\x00\x00\x00\x00\x00" 41 42/* Handle HCI Event packets */ 43 44static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb) 45{ 46 __u8 status = *((__u8 *) skb->data); 47 48 BT_DBG("%s status 0x%2.2x", hdev->name, status); 49 50 if (status) 51 return; 52 53 clear_bit(HCI_INQUIRY, &hdev->flags); 54 smp_mb__after_atomic(); /* wake_up_bit advises about this barrier */ 55 wake_up_bit(&hdev->flags, HCI_INQUIRY); 56 57 hci_dev_lock(hdev); 58 /* Set discovery state to stopped if we're not doing LE active 59 * scanning. 60 */ 61 if (!hci_dev_test_flag(hdev, HCI_LE_SCAN) || 62 hdev->le_scan_type != LE_SCAN_ACTIVE) 63 hci_discovery_set_state(hdev, DISCOVERY_STOPPED); 64 hci_dev_unlock(hdev); 65 66 hci_conn_check_pending(hdev); 67} 68 69static void hci_cc_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb) 70{ 71 __u8 status = *((__u8 *) skb->data); 72 73 BT_DBG("%s status 0x%2.2x", hdev->name, status); 74 75 if (status) 76 return; 77 78 hci_dev_set_flag(hdev, HCI_PERIODIC_INQ); 79} 80 81static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb) 82{ 83 __u8 status = *((__u8 *) skb->data); 84 85 BT_DBG("%s status 0x%2.2x", hdev->name, status); 86 87 if (status) 88 return; 89 90 hci_dev_clear_flag(hdev, HCI_PERIODIC_INQ); 91 92 hci_conn_check_pending(hdev); 93} 94 95static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, 96 struct sk_buff *skb) 97{ 98 BT_DBG("%s", hdev->name); 99} 100 101static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb) 102{ 103 struct hci_rp_role_discovery *rp = (void *) skb->data; 104 struct hci_conn *conn; 105 106 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 107 108 if (rp->status) 109 return; 110 111 hci_dev_lock(hdev); 112 113 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); 114 if (conn) 115 conn->role = rp->role; 116 117 hci_dev_unlock(hdev); 118} 119 120static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb) 121{ 122 struct hci_rp_read_link_policy *rp = (void *) skb->data; 123 struct hci_conn *conn; 124 125 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 126 127 if (rp->status) 128 return; 129 130 hci_dev_lock(hdev); 131 132 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); 133 if (conn) 134 conn->link_policy = __le16_to_cpu(rp->policy); 135 136 hci_dev_unlock(hdev); 137} 138 139static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb) 140{ 141 struct hci_rp_write_link_policy *rp = (void *) skb->data; 142 struct hci_conn *conn; 143 void *sent; 144 145 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 146 147 if (rp->status) 148 return; 149 150 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY); 151 if (!sent) 152 return; 153 154 hci_dev_lock(hdev); 155 156 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); 157 if (conn) 158 conn->link_policy = get_unaligned_le16(sent + 2); 159 160 hci_dev_unlock(hdev); 161} 162 163static void hci_cc_read_def_link_policy(struct hci_dev *hdev, 164 struct sk_buff *skb) 165{ 166 struct hci_rp_read_def_link_policy *rp = (void *) skb->data; 167 168 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 169 170 if (rp->status) 171 return; 172 173 hdev->link_policy = __le16_to_cpu(rp->policy); 174} 175 176static void hci_cc_write_def_link_policy(struct hci_dev *hdev, 177 struct sk_buff *skb) 178{ 179 __u8 status = *((__u8 *) skb->data); 180 void *sent; 181 182 BT_DBG("%s status 0x%2.2x", hdev->name, status); 183 184 if (status) 185 return; 186 187 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY); 188 if (!sent) 189 return; 190 191 hdev->link_policy = get_unaligned_le16(sent); 192} 193 194static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb) 195{ 196 __u8 status = *((__u8 *) skb->data); 197 198 BT_DBG("%s status 0x%2.2x", hdev->name, status); 199 200 clear_bit(HCI_RESET, &hdev->flags); 201 202 if (status) 203 return; 204 205 /* Reset all non-persistent flags */ 206 hci_dev_clear_volatile_flags(hdev); 207 208 hci_discovery_set_state(hdev, DISCOVERY_STOPPED); 209 210 hdev->inq_tx_power = HCI_TX_POWER_INVALID; 211 hdev->adv_tx_power = HCI_TX_POWER_INVALID; 212 213 memset(hdev->adv_data, 0, sizeof(hdev->adv_data)); 214 hdev->adv_data_len = 0; 215 216 memset(hdev->scan_rsp_data, 0, sizeof(hdev->scan_rsp_data)); 217 hdev->scan_rsp_data_len = 0; 218 219 hdev->le_scan_type = LE_SCAN_PASSIVE; 220 221 hdev->ssp_debug_mode = 0; 222 223 hci_bdaddr_list_clear(&hdev->le_white_list); 224 hci_bdaddr_list_clear(&hdev->le_resolv_list); 225} 226 227static void hci_cc_read_stored_link_key(struct hci_dev *hdev, 228 struct sk_buff *skb) 229{ 230 struct hci_rp_read_stored_link_key *rp = (void *)skb->data; 231 struct hci_cp_read_stored_link_key *sent; 232 233 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 234 235 sent = hci_sent_cmd_data(hdev, HCI_OP_READ_STORED_LINK_KEY); 236 if (!sent) 237 return; 238 239 if (!rp->status && sent->read_all == 0x01) { 240 hdev->stored_max_keys = rp->max_keys; 241 hdev->stored_num_keys = rp->num_keys; 242 } 243} 244 245static void hci_cc_delete_stored_link_key(struct hci_dev *hdev, 246 struct sk_buff *skb) 247{ 248 struct hci_rp_delete_stored_link_key *rp = (void *)skb->data; 249 250 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 251 252 if (rp->status) 253 return; 254 255 if (rp->num_keys <= hdev->stored_num_keys) 256 hdev->stored_num_keys -= rp->num_keys; 257 else 258 hdev->stored_num_keys = 0; 259} 260 261static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb) 262{ 263 __u8 status = *((__u8 *) skb->data); 264 void *sent; 265 266 BT_DBG("%s status 0x%2.2x", hdev->name, status); 267 268 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME); 269 if (!sent) 270 return; 271 272 hci_dev_lock(hdev); 273 274 if (hci_dev_test_flag(hdev, HCI_MGMT)) 275 mgmt_set_local_name_complete(hdev, sent, status); 276 else if (!status) 277 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH); 278 279 hci_dev_unlock(hdev); 280} 281 282static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb) 283{ 284 struct hci_rp_read_local_name *rp = (void *) skb->data; 285 286 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 287 288 if (rp->status) 289 return; 290 291 if (hci_dev_test_flag(hdev, HCI_SETUP) || 292 hci_dev_test_flag(hdev, HCI_CONFIG)) 293 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH); 294} 295 296static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb) 297{ 298 __u8 status = *((__u8 *) skb->data); 299 void *sent; 300 301 BT_DBG("%s status 0x%2.2x", hdev->name, status); 302 303 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE); 304 if (!sent) 305 return; 306 307 hci_dev_lock(hdev); 308 309 if (!status) { 310 __u8 param = *((__u8 *) sent); 311 312 if (param == AUTH_ENABLED) 313 set_bit(HCI_AUTH, &hdev->flags); 314 else 315 clear_bit(HCI_AUTH, &hdev->flags); 316 } 317 318 if (hci_dev_test_flag(hdev, HCI_MGMT)) 319 mgmt_auth_enable_complete(hdev, status); 320 321 hci_dev_unlock(hdev); 322} 323 324static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb) 325{ 326 __u8 status = *((__u8 *) skb->data); 327 __u8 param; 328 void *sent; 329 330 BT_DBG("%s status 0x%2.2x", hdev->name, status); 331 332 if (status) 333 return; 334 335 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE); 336 if (!sent) 337 return; 338 339 param = *((__u8 *) sent); 340 341 if (param) 342 set_bit(HCI_ENCRYPT, &hdev->flags); 343 else 344 clear_bit(HCI_ENCRYPT, &hdev->flags); 345} 346 347static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb) 348{ 349 __u8 status = *((__u8 *) skb->data); 350 __u8 param; 351 void *sent; 352 353 BT_DBG("%s status 0x%2.2x", hdev->name, status); 354 355 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE); 356 if (!sent) 357 return; 358 359 param = *((__u8 *) sent); 360 361 hci_dev_lock(hdev); 362 363 if (status) { 364 hdev->discov_timeout = 0; 365 goto done; 366 } 367 368 if (param & SCAN_INQUIRY) 369 set_bit(HCI_ISCAN, &hdev->flags); 370 else 371 clear_bit(HCI_ISCAN, &hdev->flags); 372 373 if (param & SCAN_PAGE) 374 set_bit(HCI_PSCAN, &hdev->flags); 375 else 376 clear_bit(HCI_PSCAN, &hdev->flags); 377 378done: 379 hci_dev_unlock(hdev); 380} 381 382static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb) 383{ 384 struct hci_rp_read_class_of_dev *rp = (void *) skb->data; 385 386 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 387 388 if (rp->status) 389 return; 390 391 memcpy(hdev->dev_class, rp->dev_class, 3); 392 393 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name, 394 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]); 395} 396 397static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb) 398{ 399 __u8 status = *((__u8 *) skb->data); 400 void *sent; 401 402 BT_DBG("%s status 0x%2.2x", hdev->name, status); 403 404 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV); 405 if (!sent) 406 return; 407 408 hci_dev_lock(hdev); 409 410 if (status == 0) 411 memcpy(hdev->dev_class, sent, 3); 412 413 if (hci_dev_test_flag(hdev, HCI_MGMT)) 414 mgmt_set_class_of_dev_complete(hdev, sent, status); 415 416 hci_dev_unlock(hdev); 417} 418 419static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb) 420{ 421 struct hci_rp_read_voice_setting *rp = (void *) skb->data; 422 __u16 setting; 423 424 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 425 426 if (rp->status) 427 return; 428 429 setting = __le16_to_cpu(rp->voice_setting); 430 431 if (hdev->voice_setting == setting) 432 return; 433 434 hdev->voice_setting = setting; 435 436 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting); 437 438 if (hdev->notify) 439 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING); 440} 441 442static void hci_cc_write_voice_setting(struct hci_dev *hdev, 443 struct sk_buff *skb) 444{ 445 __u8 status = *((__u8 *) skb->data); 446 __u16 setting; 447 void *sent; 448 449 BT_DBG("%s status 0x%2.2x", hdev->name, status); 450 451 if (status) 452 return; 453 454 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING); 455 if (!sent) 456 return; 457 458 setting = get_unaligned_le16(sent); 459 460 if (hdev->voice_setting == setting) 461 return; 462 463 hdev->voice_setting = setting; 464 465 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting); 466 467 if (hdev->notify) 468 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING); 469} 470 471static void hci_cc_read_num_supported_iac(struct hci_dev *hdev, 472 struct sk_buff *skb) 473{ 474 struct hci_rp_read_num_supported_iac *rp = (void *) skb->data; 475 476 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 477 478 if (rp->status) 479 return; 480 481 hdev->num_iac = rp->num_iac; 482 483 BT_DBG("%s num iac %d", hdev->name, hdev->num_iac); 484} 485 486static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb) 487{ 488 __u8 status = *((__u8 *) skb->data); 489 struct hci_cp_write_ssp_mode *sent; 490 491 BT_DBG("%s status 0x%2.2x", hdev->name, status); 492 493 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE); 494 if (!sent) 495 return; 496 497 hci_dev_lock(hdev); 498 499 if (!status) { 500 if (sent->mode) 501 hdev->features[1][0] |= LMP_HOST_SSP; 502 else 503 hdev->features[1][0] &= ~LMP_HOST_SSP; 504 } 505 506 if (hci_dev_test_flag(hdev, HCI_MGMT)) 507 mgmt_ssp_enable_complete(hdev, sent->mode, status); 508 else if (!status) { 509 if (sent->mode) 510 hci_dev_set_flag(hdev, HCI_SSP_ENABLED); 511 else 512 hci_dev_clear_flag(hdev, HCI_SSP_ENABLED); 513 } 514 515 hci_dev_unlock(hdev); 516} 517 518static void hci_cc_write_sc_support(struct hci_dev *hdev, struct sk_buff *skb) 519{ 520 u8 status = *((u8 *) skb->data); 521 struct hci_cp_write_sc_support *sent; 522 523 BT_DBG("%s status 0x%2.2x", hdev->name, status); 524 525 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SC_SUPPORT); 526 if (!sent) 527 return; 528 529 hci_dev_lock(hdev); 530 531 if (!status) { 532 if (sent->support) 533 hdev->features[1][0] |= LMP_HOST_SC; 534 else 535 hdev->features[1][0] &= ~LMP_HOST_SC; 536 } 537 538 if (!hci_dev_test_flag(hdev, HCI_MGMT) && !status) { 539 if (sent->support) 540 hci_dev_set_flag(hdev, HCI_SC_ENABLED); 541 else 542 hci_dev_clear_flag(hdev, HCI_SC_ENABLED); 543 } 544 545 hci_dev_unlock(hdev); 546} 547 548static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb) 549{ 550 struct hci_rp_read_local_version *rp = (void *) skb->data; 551 552 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 553 554 if (rp->status) 555 return; 556 557 if (hci_dev_test_flag(hdev, HCI_SETUP) || 558 hci_dev_test_flag(hdev, HCI_CONFIG)) { 559 hdev->hci_ver = rp->hci_ver; 560 hdev->hci_rev = __le16_to_cpu(rp->hci_rev); 561 hdev->lmp_ver = rp->lmp_ver; 562 hdev->manufacturer = __le16_to_cpu(rp->manufacturer); 563 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver); 564 } 565} 566 567static void hci_cc_read_local_commands(struct hci_dev *hdev, 568 struct sk_buff *skb) 569{ 570 struct hci_rp_read_local_commands *rp = (void *) skb->data; 571 572 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 573 574 if (rp->status) 575 return; 576 577 if (hci_dev_test_flag(hdev, HCI_SETUP) || 578 hci_dev_test_flag(hdev, HCI_CONFIG)) 579 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands)); 580} 581 582static void hci_cc_read_auth_payload_timeout(struct hci_dev *hdev, 583 struct sk_buff *skb) 584{ 585 struct hci_rp_read_auth_payload_to *rp = (void *)skb->data; 586 struct hci_conn *conn; 587 588 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 589 590 if (rp->status) 591 return; 592 593 hci_dev_lock(hdev); 594 595 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); 596 if (conn) 597 conn->auth_payload_timeout = __le16_to_cpu(rp->timeout); 598 599 hci_dev_unlock(hdev); 600} 601 602static void hci_cc_write_auth_payload_timeout(struct hci_dev *hdev, 603 struct sk_buff *skb) 604{ 605 struct hci_rp_write_auth_payload_to *rp = (void *)skb->data; 606 struct hci_conn *conn; 607 void *sent; 608 609 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 610 611 if (rp->status) 612 return; 613 614 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_PAYLOAD_TO); 615 if (!sent) 616 return; 617 618 hci_dev_lock(hdev); 619 620 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); 621 if (conn) 622 conn->auth_payload_timeout = get_unaligned_le16(sent + 2); 623 624 hci_dev_unlock(hdev); 625} 626 627static void hci_cc_read_local_features(struct hci_dev *hdev, 628 struct sk_buff *skb) 629{ 630 struct hci_rp_read_local_features *rp = (void *) skb->data; 631 632 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 633 634 if (rp->status) 635 return; 636 637 memcpy(hdev->features, rp->features, 8); 638 639 /* Adjust default settings according to features 640 * supported by device. */ 641 642 if (hdev->features[0][0] & LMP_3SLOT) 643 hdev->pkt_type |= (HCI_DM3 | HCI_DH3); 644 645 if (hdev->features[0][0] & LMP_5SLOT) 646 hdev->pkt_type |= (HCI_DM5 | HCI_DH5); 647 648 if (hdev->features[0][1] & LMP_HV2) { 649 hdev->pkt_type |= (HCI_HV2); 650 hdev->esco_type |= (ESCO_HV2); 651 } 652 653 if (hdev->features[0][1] & LMP_HV3) { 654 hdev->pkt_type |= (HCI_HV3); 655 hdev->esco_type |= (ESCO_HV3); 656 } 657 658 if (lmp_esco_capable(hdev)) 659 hdev->esco_type |= (ESCO_EV3); 660 661 if (hdev->features[0][4] & LMP_EV4) 662 hdev->esco_type |= (ESCO_EV4); 663 664 if (hdev->features[0][4] & LMP_EV5) 665 hdev->esco_type |= (ESCO_EV5); 666 667 if (hdev->features[0][5] & LMP_EDR_ESCO_2M) 668 hdev->esco_type |= (ESCO_2EV3); 669 670 if (hdev->features[0][5] & LMP_EDR_ESCO_3M) 671 hdev->esco_type |= (ESCO_3EV3); 672 673 if (hdev->features[0][5] & LMP_EDR_3S_ESCO) 674 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5); 675} 676 677static void hci_cc_read_local_ext_features(struct hci_dev *hdev, 678 struct sk_buff *skb) 679{ 680 struct hci_rp_read_local_ext_features *rp = (void *) skb->data; 681 682 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 683 684 if (rp->status) 685 return; 686 687 if (hdev->max_page < rp->max_page) 688 hdev->max_page = rp->max_page; 689 690 if (rp->page < HCI_MAX_PAGES) 691 memcpy(hdev->features[rp->page], rp->features, 8); 692} 693 694static void hci_cc_read_flow_control_mode(struct hci_dev *hdev, 695 struct sk_buff *skb) 696{ 697 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data; 698 699 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 700 701 if (rp->status) 702 return; 703 704 hdev->flow_ctl_mode = rp->mode; 705} 706 707static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb) 708{ 709 struct hci_rp_read_buffer_size *rp = (void *) skb->data; 710 711 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 712 713 if (rp->status) 714 return; 715 716 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu); 717 hdev->sco_mtu = rp->sco_mtu; 718 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt); 719 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt); 720 721 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) { 722 hdev->sco_mtu = 64; 723 hdev->sco_pkts = 8; 724 } 725 726 hdev->acl_cnt = hdev->acl_pkts; 727 hdev->sco_cnt = hdev->sco_pkts; 728 729 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu, 730 hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts); 731} 732 733static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb) 734{ 735 struct hci_rp_read_bd_addr *rp = (void *) skb->data; 736 737 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 738 739 if (rp->status) 740 return; 741 742 if (test_bit(HCI_INIT, &hdev->flags)) 743 bacpy(&hdev->bdaddr, &rp->bdaddr); 744 745 if (hci_dev_test_flag(hdev, HCI_SETUP)) 746 bacpy(&hdev->setup_addr, &rp->bdaddr); 747} 748 749static void hci_cc_read_page_scan_activity(struct hci_dev *hdev, 750 struct sk_buff *skb) 751{ 752 struct hci_rp_read_page_scan_activity *rp = (void *) skb->data; 753 754 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 755 756 if (rp->status) 757 return; 758 759 if (test_bit(HCI_INIT, &hdev->flags)) { 760 hdev->page_scan_interval = __le16_to_cpu(rp->interval); 761 hdev->page_scan_window = __le16_to_cpu(rp->window); 762 } 763} 764 765static void hci_cc_write_page_scan_activity(struct hci_dev *hdev, 766 struct sk_buff *skb) 767{ 768 u8 status = *((u8 *) skb->data); 769 struct hci_cp_write_page_scan_activity *sent; 770 771 BT_DBG("%s status 0x%2.2x", hdev->name, status); 772 773 if (status) 774 return; 775 776 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY); 777 if (!sent) 778 return; 779 780 hdev->page_scan_interval = __le16_to_cpu(sent->interval); 781 hdev->page_scan_window = __le16_to_cpu(sent->window); 782} 783 784static void hci_cc_read_page_scan_type(struct hci_dev *hdev, 785 struct sk_buff *skb) 786{ 787 struct hci_rp_read_page_scan_type *rp = (void *) skb->data; 788 789 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 790 791 if (rp->status) 792 return; 793 794 if (test_bit(HCI_INIT, &hdev->flags)) 795 hdev->page_scan_type = rp->type; 796} 797 798static void hci_cc_write_page_scan_type(struct hci_dev *hdev, 799 struct sk_buff *skb) 800{ 801 u8 status = *((u8 *) skb->data); 802 u8 *type; 803 804 BT_DBG("%s status 0x%2.2x", hdev->name, status); 805 806 if (status) 807 return; 808 809 type = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE); 810 if (type) 811 hdev->page_scan_type = *type; 812} 813 814static void hci_cc_read_data_block_size(struct hci_dev *hdev, 815 struct sk_buff *skb) 816{ 817 struct hci_rp_read_data_block_size *rp = (void *) skb->data; 818 819 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 820 821 if (rp->status) 822 return; 823 824 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len); 825 hdev->block_len = __le16_to_cpu(rp->block_len); 826 hdev->num_blocks = __le16_to_cpu(rp->num_blocks); 827 828 hdev->block_cnt = hdev->num_blocks; 829 830 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu, 831 hdev->block_cnt, hdev->block_len); 832} 833 834static void hci_cc_read_clock(struct hci_dev *hdev, struct sk_buff *skb) 835{ 836 struct hci_rp_read_clock *rp = (void *) skb->data; 837 struct hci_cp_read_clock *cp; 838 struct hci_conn *conn; 839 840 BT_DBG("%s", hdev->name); 841 842 if (skb->len < sizeof(*rp)) 843 return; 844 845 if (rp->status) 846 return; 847 848 hci_dev_lock(hdev); 849 850 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_CLOCK); 851 if (!cp) 852 goto unlock; 853 854 if (cp->which == 0x00) { 855 hdev->clock = le32_to_cpu(rp->clock); 856 goto unlock; 857 } 858 859 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); 860 if (conn) { 861 conn->clock = le32_to_cpu(rp->clock); 862 conn->clock_accuracy = le16_to_cpu(rp->accuracy); 863 } 864 865unlock: 866 hci_dev_unlock(hdev); 867} 868 869static void hci_cc_read_local_amp_info(struct hci_dev *hdev, 870 struct sk_buff *skb) 871{ 872 struct hci_rp_read_local_amp_info *rp = (void *) skb->data; 873 874 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 875 876 if (rp->status) 877 return; 878 879 hdev->amp_status = rp->amp_status; 880 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw); 881 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw); 882 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency); 883 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu); 884 hdev->amp_type = rp->amp_type; 885 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap); 886 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size); 887 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to); 888 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to); 889} 890 891static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev, 892 struct sk_buff *skb) 893{ 894 struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data; 895 896 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 897 898 if (rp->status) 899 return; 900 901 hdev->inq_tx_power = rp->tx_power; 902} 903 904static void hci_cc_read_def_err_data_reporting(struct hci_dev *hdev, 905 struct sk_buff *skb) 906{ 907 struct hci_rp_read_def_err_data_reporting *rp = (void *)skb->data; 908 909 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 910 911 if (rp->status) 912 return; 913 914 hdev->err_data_reporting = rp->err_data_reporting; 915} 916 917static void hci_cc_write_def_err_data_reporting(struct hci_dev *hdev, 918 struct sk_buff *skb) 919{ 920 __u8 status = *((__u8 *)skb->data); 921 struct hci_cp_write_def_err_data_reporting *cp; 922 923 BT_DBG("%s status 0x%2.2x", hdev->name, status); 924 925 if (status) 926 return; 927 928 cp = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_ERR_DATA_REPORTING); 929 if (!cp) 930 return; 931 932 hdev->err_data_reporting = cp->err_data_reporting; 933} 934 935static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb) 936{ 937 struct hci_rp_pin_code_reply *rp = (void *) skb->data; 938 struct hci_cp_pin_code_reply *cp; 939 struct hci_conn *conn; 940 941 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 942 943 hci_dev_lock(hdev); 944 945 if (hci_dev_test_flag(hdev, HCI_MGMT)) 946 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status); 947 948 if (rp->status) 949 goto unlock; 950 951 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY); 952 if (!cp) 953 goto unlock; 954 955 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); 956 if (conn) 957 conn->pin_length = cp->pin_len; 958 959unlock: 960 hci_dev_unlock(hdev); 961} 962 963static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb) 964{ 965 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data; 966 967 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 968 969 hci_dev_lock(hdev); 970 971 if (hci_dev_test_flag(hdev, HCI_MGMT)) 972 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr, 973 rp->status); 974 975 hci_dev_unlock(hdev); 976} 977 978static void hci_cc_le_read_buffer_size(struct hci_dev *hdev, 979 struct sk_buff *skb) 980{ 981 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data; 982 983 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 984 985 if (rp->status) 986 return; 987 988 hdev->le_mtu = __le16_to_cpu(rp->le_mtu); 989 hdev->le_pkts = rp->le_max_pkt; 990 991 hdev->le_cnt = hdev->le_pkts; 992 993 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts); 994} 995 996static void hci_cc_le_read_local_features(struct hci_dev *hdev, 997 struct sk_buff *skb) 998{ 999 struct hci_rp_le_read_local_features *rp = (void *) skb->data; 1000 1001 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1002 1003 if (rp->status) 1004 return; 1005 1006 memcpy(hdev->le_features, rp->features, 8); 1007} 1008 1009static void hci_cc_le_read_adv_tx_power(struct hci_dev *hdev, 1010 struct sk_buff *skb) 1011{ 1012 struct hci_rp_le_read_adv_tx_power *rp = (void *) skb->data; 1013 1014 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1015 1016 if (rp->status) 1017 return; 1018 1019 hdev->adv_tx_power = rp->tx_power; 1020} 1021 1022static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb) 1023{ 1024 struct hci_rp_user_confirm_reply *rp = (void *) skb->data; 1025 1026 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1027 1028 hci_dev_lock(hdev); 1029 1030 if (hci_dev_test_flag(hdev, HCI_MGMT)) 1031 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0, 1032 rp->status); 1033 1034 hci_dev_unlock(hdev); 1035} 1036 1037static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev, 1038 struct sk_buff *skb) 1039{ 1040 struct hci_rp_user_confirm_reply *rp = (void *) skb->data; 1041 1042 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1043 1044 hci_dev_lock(hdev); 1045 1046 if (hci_dev_test_flag(hdev, HCI_MGMT)) 1047 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr, 1048 ACL_LINK, 0, rp->status); 1049 1050 hci_dev_unlock(hdev); 1051} 1052 1053static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb) 1054{ 1055 struct hci_rp_user_confirm_reply *rp = (void *) skb->data; 1056 1057 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1058 1059 hci_dev_lock(hdev); 1060 1061 if (hci_dev_test_flag(hdev, HCI_MGMT)) 1062 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 1063 0, rp->status); 1064 1065 hci_dev_unlock(hdev); 1066} 1067 1068static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev, 1069 struct sk_buff *skb) 1070{ 1071 struct hci_rp_user_confirm_reply *rp = (void *) skb->data; 1072 1073 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1074 1075 hci_dev_lock(hdev); 1076 1077 if (hci_dev_test_flag(hdev, HCI_MGMT)) 1078 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr, 1079 ACL_LINK, 0, rp->status); 1080 1081 hci_dev_unlock(hdev); 1082} 1083 1084static void hci_cc_read_local_oob_data(struct hci_dev *hdev, 1085 struct sk_buff *skb) 1086{ 1087 struct hci_rp_read_local_oob_data *rp = (void *) skb->data; 1088 1089 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1090} 1091 1092static void hci_cc_read_local_oob_ext_data(struct hci_dev *hdev, 1093 struct sk_buff *skb) 1094{ 1095 struct hci_rp_read_local_oob_ext_data *rp = (void *) skb->data; 1096 1097 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1098} 1099 1100static void hci_cc_le_set_random_addr(struct hci_dev *hdev, struct sk_buff *skb) 1101{ 1102 __u8 status = *((__u8 *) skb->data); 1103 bdaddr_t *sent; 1104 1105 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1106 1107 if (status) 1108 return; 1109 1110 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_RANDOM_ADDR); 1111 if (!sent) 1112 return; 1113 1114 hci_dev_lock(hdev); 1115 1116 bacpy(&hdev->random_addr, sent); 1117 1118 hci_dev_unlock(hdev); 1119} 1120 1121static void hci_cc_le_set_default_phy(struct hci_dev *hdev, struct sk_buff *skb) 1122{ 1123 __u8 status = *((__u8 *) skb->data); 1124 struct hci_cp_le_set_default_phy *cp; 1125 1126 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1127 1128 if (status) 1129 return; 1130 1131 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_DEFAULT_PHY); 1132 if (!cp) 1133 return; 1134 1135 hci_dev_lock(hdev); 1136 1137 hdev->le_tx_def_phys = cp->tx_phys; 1138 hdev->le_rx_def_phys = cp->rx_phys; 1139 1140 hci_dev_unlock(hdev); 1141} 1142 1143static void hci_cc_le_set_adv_set_random_addr(struct hci_dev *hdev, 1144 struct sk_buff *skb) 1145{ 1146 __u8 status = *((__u8 *) skb->data); 1147 struct hci_cp_le_set_adv_set_rand_addr *cp; 1148 struct adv_info *adv_instance; 1149 1150 if (status) 1151 return; 1152 1153 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_SET_RAND_ADDR); 1154 if (!cp) 1155 return; 1156 1157 hci_dev_lock(hdev); 1158 1159 if (!hdev->cur_adv_instance) { 1160 /* Store in hdev for instance 0 (Set adv and Directed advs) */ 1161 bacpy(&hdev->random_addr, &cp->bdaddr); 1162 } else { 1163 adv_instance = hci_find_adv_instance(hdev, 1164 hdev->cur_adv_instance); 1165 if (adv_instance) 1166 bacpy(&adv_instance->random_addr, &cp->bdaddr); 1167 } 1168 1169 hci_dev_unlock(hdev); 1170} 1171 1172static void hci_cc_le_set_adv_enable(struct hci_dev *hdev, struct sk_buff *skb) 1173{ 1174 __u8 *sent, status = *((__u8 *) skb->data); 1175 1176 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1177 1178 if (status) 1179 return; 1180 1181 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_ENABLE); 1182 if (!sent) 1183 return; 1184 1185 hci_dev_lock(hdev); 1186 1187 /* If we're doing connection initiation as peripheral. Set a 1188 * timeout in case something goes wrong. 1189 */ 1190 if (*sent) { 1191 struct hci_conn *conn; 1192 1193 hci_dev_set_flag(hdev, HCI_LE_ADV); 1194 1195 conn = hci_lookup_le_connect(hdev); 1196 if (conn) 1197 queue_delayed_work(hdev->workqueue, 1198 &conn->le_conn_timeout, 1199 conn->conn_timeout); 1200 } else { 1201 hci_dev_clear_flag(hdev, HCI_LE_ADV); 1202 } 1203 1204 hci_dev_unlock(hdev); 1205} 1206 1207static void hci_cc_le_set_ext_adv_enable(struct hci_dev *hdev, 1208 struct sk_buff *skb) 1209{ 1210 struct hci_cp_le_set_ext_adv_enable *cp; 1211 __u8 status = *((__u8 *) skb->data); 1212 1213 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1214 1215 if (status) 1216 return; 1217 1218 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_EXT_ADV_ENABLE); 1219 if (!cp) 1220 return; 1221 1222 hci_dev_lock(hdev); 1223 1224 if (cp->enable) { 1225 struct hci_conn *conn; 1226 1227 hci_dev_set_flag(hdev, HCI_LE_ADV); 1228 1229 conn = hci_lookup_le_connect(hdev); 1230 if (conn) 1231 queue_delayed_work(hdev->workqueue, 1232 &conn->le_conn_timeout, 1233 conn->conn_timeout); 1234 } else { 1235 hci_dev_clear_flag(hdev, HCI_LE_ADV); 1236 } 1237 1238 hci_dev_unlock(hdev); 1239} 1240 1241static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb) 1242{ 1243 struct hci_cp_le_set_scan_param *cp; 1244 __u8 status = *((__u8 *) skb->data); 1245 1246 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1247 1248 if (status) 1249 return; 1250 1251 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_PARAM); 1252 if (!cp) 1253 return; 1254 1255 hci_dev_lock(hdev); 1256 1257 hdev->le_scan_type = cp->type; 1258 1259 hci_dev_unlock(hdev); 1260} 1261 1262static void hci_cc_le_set_ext_scan_param(struct hci_dev *hdev, 1263 struct sk_buff *skb) 1264{ 1265 struct hci_cp_le_set_ext_scan_params *cp; 1266 __u8 status = *((__u8 *) skb->data); 1267 struct hci_cp_le_scan_phy_params *phy_param; 1268 1269 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1270 1271 if (status) 1272 return; 1273 1274 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_EXT_SCAN_PARAMS); 1275 if (!cp) 1276 return; 1277 1278 phy_param = (void *)cp->data; 1279 1280 hci_dev_lock(hdev); 1281 1282 hdev->le_scan_type = phy_param->type; 1283 1284 hci_dev_unlock(hdev); 1285} 1286 1287static bool has_pending_adv_report(struct hci_dev *hdev) 1288{ 1289 struct discovery_state *d = &hdev->discovery; 1290 1291 return bacmp(&d->last_adv_addr, BDADDR_ANY); 1292} 1293 1294static void clear_pending_adv_report(struct hci_dev *hdev) 1295{ 1296 struct discovery_state *d = &hdev->discovery; 1297 1298 bacpy(&d->last_adv_addr, BDADDR_ANY); 1299 d->last_adv_data_len = 0; 1300} 1301 1302static void store_pending_adv_report(struct hci_dev *hdev, bdaddr_t *bdaddr, 1303 u8 bdaddr_type, s8 rssi, u32 flags, 1304 u8 *data, u8 len) 1305{ 1306 struct discovery_state *d = &hdev->discovery; 1307 1308 bacpy(&d->last_adv_addr, bdaddr); 1309 d->last_adv_addr_type = bdaddr_type; 1310 d->last_adv_rssi = rssi; 1311 d->last_adv_flags = flags; 1312 memcpy(d->last_adv_data, data, len); 1313 d->last_adv_data_len = len; 1314} 1315 1316static void le_set_scan_enable_complete(struct hci_dev *hdev, u8 enable) 1317{ 1318 hci_dev_lock(hdev); 1319 1320 switch (enable) { 1321 case LE_SCAN_ENABLE: 1322 hci_dev_set_flag(hdev, HCI_LE_SCAN); 1323 if (hdev->le_scan_type == LE_SCAN_ACTIVE) 1324 clear_pending_adv_report(hdev); 1325 break; 1326 1327 case LE_SCAN_DISABLE: 1328 /* We do this here instead of when setting DISCOVERY_STOPPED 1329 * since the latter would potentially require waiting for 1330 * inquiry to stop too. 1331 */ 1332 if (has_pending_adv_report(hdev)) { 1333 struct discovery_state *d = &hdev->discovery; 1334 1335 mgmt_device_found(hdev, &d->last_adv_addr, LE_LINK, 1336 d->last_adv_addr_type, NULL, 1337 d->last_adv_rssi, d->last_adv_flags, 1338 d->last_adv_data, 1339 d->last_adv_data_len, NULL, 0); 1340 } 1341 1342 /* Cancel this timer so that we don't try to disable scanning 1343 * when it's already disabled. 1344 */ 1345 cancel_delayed_work(&hdev->le_scan_disable); 1346 1347 hci_dev_clear_flag(hdev, HCI_LE_SCAN); 1348 1349 /* The HCI_LE_SCAN_INTERRUPTED flag indicates that we 1350 * interrupted scanning due to a connect request. Mark 1351 * therefore discovery as stopped. If this was not 1352 * because of a connect request advertising might have 1353 * been disabled because of active scanning, so 1354 * re-enable it again if necessary. 1355 */ 1356 if (hci_dev_test_and_clear_flag(hdev, HCI_LE_SCAN_INTERRUPTED)) 1357 hci_discovery_set_state(hdev, DISCOVERY_STOPPED); 1358 else if (!hci_dev_test_flag(hdev, HCI_LE_ADV) && 1359 hdev->discovery.state == DISCOVERY_FINDING) 1360 hci_req_reenable_advertising(hdev); 1361 1362 break; 1363 1364 default: 1365 bt_dev_err(hdev, "use of reserved LE_Scan_Enable param %d", 1366 enable); 1367 break; 1368 } 1369 1370 hci_dev_unlock(hdev); 1371} 1372 1373static void hci_cc_le_set_scan_enable(struct hci_dev *hdev, 1374 struct sk_buff *skb) 1375{ 1376 struct hci_cp_le_set_scan_enable *cp; 1377 __u8 status = *((__u8 *) skb->data); 1378 1379 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1380 1381 if (status) 1382 return; 1383 1384 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE); 1385 if (!cp) 1386 return; 1387 1388 le_set_scan_enable_complete(hdev, cp->enable); 1389} 1390 1391static void hci_cc_le_set_ext_scan_enable(struct hci_dev *hdev, 1392 struct sk_buff *skb) 1393{ 1394 struct hci_cp_le_set_ext_scan_enable *cp; 1395 __u8 status = *((__u8 *) skb->data); 1396 1397 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1398 1399 if (status) 1400 return; 1401 1402 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_EXT_SCAN_ENABLE); 1403 if (!cp) 1404 return; 1405 1406 le_set_scan_enable_complete(hdev, cp->enable); 1407} 1408 1409static void hci_cc_le_read_num_adv_sets(struct hci_dev *hdev, 1410 struct sk_buff *skb) 1411{ 1412 struct hci_rp_le_read_num_supported_adv_sets *rp = (void *) skb->data; 1413 1414 BT_DBG("%s status 0x%2.2x No of Adv sets %u", hdev->name, rp->status, 1415 rp->num_of_sets); 1416 1417 if (rp->status) 1418 return; 1419 1420 hdev->le_num_of_adv_sets = rp->num_of_sets; 1421} 1422 1423static void hci_cc_le_read_white_list_size(struct hci_dev *hdev, 1424 struct sk_buff *skb) 1425{ 1426 struct hci_rp_le_read_white_list_size *rp = (void *) skb->data; 1427 1428 BT_DBG("%s status 0x%2.2x size %u", hdev->name, rp->status, rp->size); 1429 1430 if (rp->status) 1431 return; 1432 1433 hdev->le_white_list_size = rp->size; 1434} 1435 1436static void hci_cc_le_clear_white_list(struct hci_dev *hdev, 1437 struct sk_buff *skb) 1438{ 1439 __u8 status = *((__u8 *) skb->data); 1440 1441 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1442 1443 if (status) 1444 return; 1445 1446 hci_bdaddr_list_clear(&hdev->le_white_list); 1447} 1448 1449static void hci_cc_le_add_to_white_list(struct hci_dev *hdev, 1450 struct sk_buff *skb) 1451{ 1452 struct hci_cp_le_add_to_white_list *sent; 1453 __u8 status = *((__u8 *) skb->data); 1454 1455 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1456 1457 if (status) 1458 return; 1459 1460 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_ADD_TO_WHITE_LIST); 1461 if (!sent) 1462 return; 1463 1464 hci_bdaddr_list_add(&hdev->le_white_list, &sent->bdaddr, 1465 sent->bdaddr_type); 1466} 1467 1468static void hci_cc_le_del_from_white_list(struct hci_dev *hdev, 1469 struct sk_buff *skb) 1470{ 1471 struct hci_cp_le_del_from_white_list *sent; 1472 __u8 status = *((__u8 *) skb->data); 1473 1474 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1475 1476 if (status) 1477 return; 1478 1479 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_DEL_FROM_WHITE_LIST); 1480 if (!sent) 1481 return; 1482 1483 hci_bdaddr_list_del(&hdev->le_white_list, &sent->bdaddr, 1484 sent->bdaddr_type); 1485} 1486 1487static void hci_cc_le_read_supported_states(struct hci_dev *hdev, 1488 struct sk_buff *skb) 1489{ 1490 struct hci_rp_le_read_supported_states *rp = (void *) skb->data; 1491 1492 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1493 1494 if (rp->status) 1495 return; 1496 1497 memcpy(hdev->le_states, rp->le_states, 8); 1498} 1499 1500static void hci_cc_le_read_def_data_len(struct hci_dev *hdev, 1501 struct sk_buff *skb) 1502{ 1503 struct hci_rp_le_read_def_data_len *rp = (void *) skb->data; 1504 1505 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1506 1507 if (rp->status) 1508 return; 1509 1510 hdev->le_def_tx_len = le16_to_cpu(rp->tx_len); 1511 hdev->le_def_tx_time = le16_to_cpu(rp->tx_time); 1512} 1513 1514static void hci_cc_le_write_def_data_len(struct hci_dev *hdev, 1515 struct sk_buff *skb) 1516{ 1517 struct hci_cp_le_write_def_data_len *sent; 1518 __u8 status = *((__u8 *) skb->data); 1519 1520 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1521 1522 if (status) 1523 return; 1524 1525 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_WRITE_DEF_DATA_LEN); 1526 if (!sent) 1527 return; 1528 1529 hdev->le_def_tx_len = le16_to_cpu(sent->tx_len); 1530 hdev->le_def_tx_time = le16_to_cpu(sent->tx_time); 1531} 1532 1533static void hci_cc_le_add_to_resolv_list(struct hci_dev *hdev, 1534 struct sk_buff *skb) 1535{ 1536 struct hci_cp_le_add_to_resolv_list *sent; 1537 __u8 status = *((__u8 *) skb->data); 1538 1539 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1540 1541 if (status) 1542 return; 1543 1544 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_ADD_TO_RESOLV_LIST); 1545 if (!sent) 1546 return; 1547 1548 hci_bdaddr_list_add_with_irk(&hdev->le_resolv_list, &sent->bdaddr, 1549 sent->bdaddr_type, sent->peer_irk, 1550 sent->local_irk); 1551} 1552 1553static void hci_cc_le_del_from_resolv_list(struct hci_dev *hdev, 1554 struct sk_buff *skb) 1555{ 1556 struct hci_cp_le_del_from_resolv_list *sent; 1557 __u8 status = *((__u8 *) skb->data); 1558 1559 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1560 1561 if (status) 1562 return; 1563 1564 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_DEL_FROM_RESOLV_LIST); 1565 if (!sent) 1566 return; 1567 1568 hci_bdaddr_list_del_with_irk(&hdev->le_resolv_list, &sent->bdaddr, 1569 sent->bdaddr_type); 1570} 1571 1572static void hci_cc_le_clear_resolv_list(struct hci_dev *hdev, 1573 struct sk_buff *skb) 1574{ 1575 __u8 status = *((__u8 *) skb->data); 1576 1577 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1578 1579 if (status) 1580 return; 1581 1582 hci_bdaddr_list_clear(&hdev->le_resolv_list); 1583} 1584 1585static void hci_cc_le_read_resolv_list_size(struct hci_dev *hdev, 1586 struct sk_buff *skb) 1587{ 1588 struct hci_rp_le_read_resolv_list_size *rp = (void *) skb->data; 1589 1590 BT_DBG("%s status 0x%2.2x size %u", hdev->name, rp->status, rp->size); 1591 1592 if (rp->status) 1593 return; 1594 1595 hdev->le_resolv_list_size = rp->size; 1596} 1597 1598static void hci_cc_le_set_addr_resolution_enable(struct hci_dev *hdev, 1599 struct sk_buff *skb) 1600{ 1601 __u8 *sent, status = *((__u8 *) skb->data); 1602 1603 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1604 1605 if (status) 1606 return; 1607 1608 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADDR_RESOLV_ENABLE); 1609 if (!sent) 1610 return; 1611 1612 hci_dev_lock(hdev); 1613 1614 if (*sent) 1615 hci_dev_set_flag(hdev, HCI_LL_RPA_RESOLUTION); 1616 else 1617 hci_dev_clear_flag(hdev, HCI_LL_RPA_RESOLUTION); 1618 1619 hci_dev_unlock(hdev); 1620} 1621 1622static void hci_cc_le_read_max_data_len(struct hci_dev *hdev, 1623 struct sk_buff *skb) 1624{ 1625 struct hci_rp_le_read_max_data_len *rp = (void *) skb->data; 1626 1627 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1628 1629 if (rp->status) 1630 return; 1631 1632 hdev->le_max_tx_len = le16_to_cpu(rp->tx_len); 1633 hdev->le_max_tx_time = le16_to_cpu(rp->tx_time); 1634 hdev->le_max_rx_len = le16_to_cpu(rp->rx_len); 1635 hdev->le_max_rx_time = le16_to_cpu(rp->rx_time); 1636} 1637 1638static void hci_cc_write_le_host_supported(struct hci_dev *hdev, 1639 struct sk_buff *skb) 1640{ 1641 struct hci_cp_write_le_host_supported *sent; 1642 __u8 status = *((__u8 *) skb->data); 1643 1644 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1645 1646 if (status) 1647 return; 1648 1649 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED); 1650 if (!sent) 1651 return; 1652 1653 hci_dev_lock(hdev); 1654 1655 if (sent->le) { 1656 hdev->features[1][0] |= LMP_HOST_LE; 1657 hci_dev_set_flag(hdev, HCI_LE_ENABLED); 1658 } else { 1659 hdev->features[1][0] &= ~LMP_HOST_LE; 1660 hci_dev_clear_flag(hdev, HCI_LE_ENABLED); 1661 hci_dev_clear_flag(hdev, HCI_ADVERTISING); 1662 } 1663 1664 if (sent->simul) 1665 hdev->features[1][0] |= LMP_HOST_LE_BREDR; 1666 else 1667 hdev->features[1][0] &= ~LMP_HOST_LE_BREDR; 1668 1669 hci_dev_unlock(hdev); 1670} 1671 1672static void hci_cc_set_adv_param(struct hci_dev *hdev, struct sk_buff *skb) 1673{ 1674 struct hci_cp_le_set_adv_param *cp; 1675 u8 status = *((u8 *) skb->data); 1676 1677 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1678 1679 if (status) 1680 return; 1681 1682 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_PARAM); 1683 if (!cp) 1684 return; 1685 1686 hci_dev_lock(hdev); 1687 hdev->adv_addr_type = cp->own_address_type; 1688 hci_dev_unlock(hdev); 1689} 1690 1691static void hci_cc_set_ext_adv_param(struct hci_dev *hdev, struct sk_buff *skb) 1692{ 1693 struct hci_rp_le_set_ext_adv_params *rp = (void *) skb->data; 1694 struct hci_cp_le_set_ext_adv_params *cp; 1695 struct adv_info *adv_instance; 1696 1697 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1698 1699 if (rp->status) 1700 return; 1701 1702 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_EXT_ADV_PARAMS); 1703 if (!cp) 1704 return; 1705 1706 hci_dev_lock(hdev); 1707 hdev->adv_addr_type = cp->own_addr_type; 1708 if (!hdev->cur_adv_instance) { 1709 /* Store in hdev for instance 0 */ 1710 hdev->adv_tx_power = rp->tx_power; 1711 } else { 1712 adv_instance = hci_find_adv_instance(hdev, 1713 hdev->cur_adv_instance); 1714 if (adv_instance) 1715 adv_instance->tx_power = rp->tx_power; 1716 } 1717 /* Update adv data as tx power is known now */ 1718 hci_req_update_adv_data(hdev, hdev->cur_adv_instance); 1719 hci_dev_unlock(hdev); 1720} 1721 1722static void hci_cc_read_rssi(struct hci_dev *hdev, struct sk_buff *skb) 1723{ 1724 struct hci_rp_read_rssi *rp = (void *) skb->data; 1725 struct hci_conn *conn; 1726 1727 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1728 1729 if (rp->status) 1730 return; 1731 1732 hci_dev_lock(hdev); 1733 1734 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); 1735 if (conn) 1736 conn->rssi = rp->rssi; 1737 1738 hci_dev_unlock(hdev); 1739} 1740 1741static void hci_cc_read_tx_power(struct hci_dev *hdev, struct sk_buff *skb) 1742{ 1743 struct hci_cp_read_tx_power *sent; 1744 struct hci_rp_read_tx_power *rp = (void *) skb->data; 1745 struct hci_conn *conn; 1746 1747 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1748 1749 if (rp->status) 1750 return; 1751 1752 sent = hci_sent_cmd_data(hdev, HCI_OP_READ_TX_POWER); 1753 if (!sent) 1754 return; 1755 1756 hci_dev_lock(hdev); 1757 1758 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); 1759 if (!conn) 1760 goto unlock; 1761 1762 switch (sent->type) { 1763 case 0x00: 1764 conn->tx_power = rp->tx_power; 1765 break; 1766 case 0x01: 1767 conn->max_tx_power = rp->tx_power; 1768 break; 1769 } 1770 1771unlock: 1772 hci_dev_unlock(hdev); 1773} 1774 1775static void hci_cc_write_ssp_debug_mode(struct hci_dev *hdev, struct sk_buff *skb) 1776{ 1777 u8 status = *((u8 *) skb->data); 1778 u8 *mode; 1779 1780 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1781 1782 if (status) 1783 return; 1784 1785 mode = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_DEBUG_MODE); 1786 if (mode) 1787 hdev->ssp_debug_mode = *mode; 1788} 1789 1790static void hci_cs_inquiry(struct hci_dev *hdev, __u8 status) 1791{ 1792 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1793 1794 if (status) { 1795 hci_conn_check_pending(hdev); 1796 return; 1797 } 1798 1799 set_bit(HCI_INQUIRY, &hdev->flags); 1800} 1801 1802static void hci_cs_create_conn(struct hci_dev *hdev, __u8 status) 1803{ 1804 struct hci_cp_create_conn *cp; 1805 struct hci_conn *conn; 1806 1807 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1808 1809 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN); 1810 if (!cp) 1811 return; 1812 1813 hci_dev_lock(hdev); 1814 1815 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); 1816 1817 BT_DBG("%s bdaddr %pMR hcon %p", hdev->name, &cp->bdaddr, conn); 1818 1819 if (status) { 1820 if (conn && conn->state == BT_CONNECT) { 1821 if (status != 0x0c || conn->attempt > 2) { 1822 conn->state = BT_CLOSED; 1823 hci_connect_cfm(conn, status); 1824 hci_conn_del(conn); 1825 } else 1826 conn->state = BT_CONNECT2; 1827 } 1828 } else { 1829 if (!conn) { 1830 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr, 1831 HCI_ROLE_MASTER); 1832 if (!conn) 1833 bt_dev_err(hdev, "no memory for new connection"); 1834 } 1835 } 1836 1837 hci_dev_unlock(hdev); 1838} 1839 1840static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status) 1841{ 1842 struct hci_cp_add_sco *cp; 1843 struct hci_conn *acl, *sco; 1844 __u16 handle; 1845 1846 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1847 1848 if (!status) 1849 return; 1850 1851 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO); 1852 if (!cp) 1853 return; 1854 1855 handle = __le16_to_cpu(cp->handle); 1856 1857 BT_DBG("%s handle 0x%4.4x", hdev->name, handle); 1858 1859 hci_dev_lock(hdev); 1860 1861 acl = hci_conn_hash_lookup_handle(hdev, handle); 1862 if (acl) { 1863 sco = acl->link; 1864 if (sco) { 1865 sco->state = BT_CLOSED; 1866 1867 hci_connect_cfm(sco, status); 1868 hci_conn_del(sco); 1869 } 1870 } 1871 1872 hci_dev_unlock(hdev); 1873} 1874 1875static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status) 1876{ 1877 struct hci_cp_auth_requested *cp; 1878 struct hci_conn *conn; 1879 1880 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1881 1882 if (!status) 1883 return; 1884 1885 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED); 1886 if (!cp) 1887 return; 1888 1889 hci_dev_lock(hdev); 1890 1891 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 1892 if (conn) { 1893 if (conn->state == BT_CONFIG) { 1894 hci_connect_cfm(conn, status); 1895 hci_conn_drop(conn); 1896 } 1897 } 1898 1899 hci_dev_unlock(hdev); 1900} 1901 1902static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status) 1903{ 1904 struct hci_cp_set_conn_encrypt *cp; 1905 struct hci_conn *conn; 1906 1907 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1908 1909 if (!status) 1910 return; 1911 1912 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT); 1913 if (!cp) 1914 return; 1915 1916 hci_dev_lock(hdev); 1917 1918 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 1919 if (conn) { 1920 if (conn->state == BT_CONFIG) { 1921 hci_connect_cfm(conn, status); 1922 hci_conn_drop(conn); 1923 } 1924 } 1925 1926 hci_dev_unlock(hdev); 1927} 1928 1929static int hci_outgoing_auth_needed(struct hci_dev *hdev, 1930 struct hci_conn *conn) 1931{ 1932 if (conn->state != BT_CONFIG || !conn->out) 1933 return 0; 1934 1935 if (conn->pending_sec_level == BT_SECURITY_SDP) 1936 return 0; 1937 1938 /* Only request authentication for SSP connections or non-SSP 1939 * devices with sec_level MEDIUM or HIGH or if MITM protection 1940 * is requested. 1941 */ 1942 if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) && 1943 conn->pending_sec_level != BT_SECURITY_FIPS && 1944 conn->pending_sec_level != BT_SECURITY_HIGH && 1945 conn->pending_sec_level != BT_SECURITY_MEDIUM) 1946 return 0; 1947 1948 return 1; 1949} 1950 1951static int hci_resolve_name(struct hci_dev *hdev, 1952 struct inquiry_entry *e) 1953{ 1954 struct hci_cp_remote_name_req cp; 1955 1956 memset(&cp, 0, sizeof(cp)); 1957 1958 bacpy(&cp.bdaddr, &e->data.bdaddr); 1959 cp.pscan_rep_mode = e->data.pscan_rep_mode; 1960 cp.pscan_mode = e->data.pscan_mode; 1961 cp.clock_offset = e->data.clock_offset; 1962 1963 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp); 1964} 1965 1966static bool hci_resolve_next_name(struct hci_dev *hdev) 1967{ 1968 struct discovery_state *discov = &hdev->discovery; 1969 struct inquiry_entry *e; 1970 1971 if (list_empty(&discov->resolve)) 1972 return false; 1973 1974 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED); 1975 if (!e) 1976 return false; 1977 1978 if (hci_resolve_name(hdev, e) == 0) { 1979 e->name_state = NAME_PENDING; 1980 return true; 1981 } 1982 1983 return false; 1984} 1985 1986static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn, 1987 bdaddr_t *bdaddr, u8 *name, u8 name_len) 1988{ 1989 struct discovery_state *discov = &hdev->discovery; 1990 struct inquiry_entry *e; 1991 1992 /* Update the mgmt connected state if necessary. Be careful with 1993 * conn objects that exist but are not (yet) connected however. 1994 * Only those in BT_CONFIG or BT_CONNECTED states can be 1995 * considered connected. 1996 */ 1997 if (conn && 1998 (conn->state == BT_CONFIG || conn->state == BT_CONNECTED) && 1999 !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) 2000 mgmt_device_connected(hdev, conn, 0, name, name_len); 2001 2002 if (discov->state == DISCOVERY_STOPPED) 2003 return; 2004 2005 if (discov->state == DISCOVERY_STOPPING) 2006 goto discov_complete; 2007 2008 if (discov->state != DISCOVERY_RESOLVING) 2009 return; 2010 2011 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING); 2012 /* If the device was not found in a list of found devices names of which 2013 * are pending. there is no need to continue resolving a next name as it 2014 * will be done upon receiving another Remote Name Request Complete 2015 * Event */ 2016 if (!e) 2017 return; 2018 2019 list_del(&e->list); 2020 if (name) { 2021 e->name_state = NAME_KNOWN; 2022 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00, 2023 e->data.rssi, name, name_len); 2024 } else { 2025 e->name_state = NAME_NOT_KNOWN; 2026 } 2027 2028 if (hci_resolve_next_name(hdev)) 2029 return; 2030 2031discov_complete: 2032 hci_discovery_set_state(hdev, DISCOVERY_STOPPED); 2033} 2034 2035static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status) 2036{ 2037 struct hci_cp_remote_name_req *cp; 2038 struct hci_conn *conn; 2039 2040 BT_DBG("%s status 0x%2.2x", hdev->name, status); 2041 2042 /* If successful wait for the name req complete event before 2043 * checking for the need to do authentication */ 2044 if (!status) 2045 return; 2046 2047 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ); 2048 if (!cp) 2049 return; 2050 2051 hci_dev_lock(hdev); 2052 2053 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); 2054 2055 if (hci_dev_test_flag(hdev, HCI_MGMT)) 2056 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0); 2057 2058 if (!conn) 2059 goto unlock; 2060 2061 if (!hci_outgoing_auth_needed(hdev, conn)) 2062 goto unlock; 2063 2064 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) { 2065 struct hci_cp_auth_requested auth_cp; 2066 2067 set_bit(HCI_CONN_AUTH_INITIATOR, &conn->flags); 2068 2069 auth_cp.handle = __cpu_to_le16(conn->handle); 2070 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, 2071 sizeof(auth_cp), &auth_cp); 2072 } 2073 2074unlock: 2075 hci_dev_unlock(hdev); 2076} 2077 2078static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status) 2079{ 2080 struct hci_cp_read_remote_features *cp; 2081 struct hci_conn *conn; 2082 2083 BT_DBG("%s status 0x%2.2x", hdev->name, status); 2084 2085 if (!status) 2086 return; 2087 2088 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES); 2089 if (!cp) 2090 return; 2091 2092 hci_dev_lock(hdev); 2093 2094 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 2095 if (conn) { 2096 if (conn->state == BT_CONFIG) { 2097 hci_connect_cfm(conn, status); 2098 hci_conn_drop(conn); 2099 } 2100 } 2101 2102 hci_dev_unlock(hdev); 2103} 2104 2105static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status) 2106{ 2107 struct hci_cp_read_remote_ext_features *cp; 2108 struct hci_conn *conn; 2109 2110 BT_DBG("%s status 0x%2.2x", hdev->name, status); 2111 2112 if (!status) 2113 return; 2114 2115 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES); 2116 if (!cp) 2117 return; 2118 2119 hci_dev_lock(hdev); 2120 2121 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 2122 if (conn) { 2123 if (conn->state == BT_CONFIG) { 2124 hci_connect_cfm(conn, status); 2125 hci_conn_drop(conn); 2126 } 2127 } 2128 2129 hci_dev_unlock(hdev); 2130} 2131 2132static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status) 2133{ 2134 struct hci_cp_setup_sync_conn *cp; 2135 struct hci_conn *acl, *sco; 2136 __u16 handle; 2137 2138 BT_DBG("%s status 0x%2.2x", hdev->name, status); 2139 2140 if (!status) 2141 return; 2142 2143 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN); 2144 if (!cp) 2145 return; 2146 2147 handle = __le16_to_cpu(cp->handle); 2148 2149 BT_DBG("%s handle 0x%4.4x", hdev->name, handle); 2150 2151 hci_dev_lock(hdev); 2152 2153 acl = hci_conn_hash_lookup_handle(hdev, handle); 2154 if (acl) { 2155 sco = acl->link; 2156 if (sco) { 2157 sco->state = BT_CLOSED; 2158 2159 hci_connect_cfm(sco, status); 2160 hci_conn_del(sco); 2161 } 2162 } 2163 2164 hci_dev_unlock(hdev); 2165} 2166 2167static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status) 2168{ 2169 struct hci_cp_sniff_mode *cp; 2170 struct hci_conn *conn; 2171 2172 BT_DBG("%s status 0x%2.2x", hdev->name, status); 2173 2174 if (!status) 2175 return; 2176 2177 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE); 2178 if (!cp) 2179 return; 2180 2181 hci_dev_lock(hdev); 2182 2183 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 2184 if (conn) { 2185 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags); 2186 2187 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags)) 2188 hci_sco_setup(c…
Large files files are truncated, but you can click here to view the full file