/net/bluetooth/hci_event.c

http://github.com/mirrors/linux · C · 6167 lines · 4315 code · 1438 blank · 414 comment · 824 complexity · 20943b43737aa6ea0cb07baf7990615a MD5 · raw file

Large files are truncated click here to view the full file

    

  1. /*
    2. 

  2.    BlueZ - Bluetooth protocol stack for Linux
    3. 

  3.    Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
    4. 

    5. 

  5.    Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
    6. 

    7. 

  7.    This program is free software; you can redistribute it and/or modify
    8. 

  8.    it under the terms of the GNU General Public License version 2 as
    9. 

  9.    published by the Free Software Foundation;
    10. 

    11. 

  11.    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
    12. 

  12.    OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
    13. 

  13.    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
    14. 

  14.    IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
    15. 

  15.    CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
    16. 

  16.    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
    17. 

  17.    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
    18. 

  18.    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
    19. 

    20. 

  20.    ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
    21. 

  21.    COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
    22. 

  22.    SOFTWARE IS DISCLAIMED.
    23. 

  23. */
    24. 

  24. 

  25. /* Bluetooth HCI event handling. */
    26. 

  26. 

  27. #include <asm/unaligned.h>
    28. 

  28. 

  29. #include <net/bluetooth/bluetooth.h>
    30. 

  30. #include <net/bluetooth/hci_core.h>
    31. 

  31. #include <net/bluetooth/mgmt.h>
    32. 

  32. 

  33. #include "hci_request.h"
    34. 

  34. #include "hci_debugfs.h"
    35. 

  35. #include "a2mp.h"
    36. 

  36. #include "amp.h"
    37. 

  37. #include "smp.h"
    38. 

  38. 

  39. #define ZERO_KEY "\x00\x00\x00\x00\x00\x00\x00\x00" \
    40. 

  40. 		 "\x00\x00\x00\x00\x00\x00\x00\x00"
    41. 

  41. 

  42. /* Handle HCI Event packets */
    43. 

  43. 

  44. static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
    45. 

  45. {
    46. 

  46. 	__u8 status = *((__u8 *) skb->data);
    47. 

  47. 

  48. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    49. 

  49. 

  50. 	if (status)
    51. 

  51. 		return;
    52. 

  52. 

  53. 	clear_bit(HCI_INQUIRY, &hdev->flags);
    54. 

  54. 	smp_mb__after_atomic(); /* wake_up_bit advises about this barrier */
    55. 

  55. 	wake_up_bit(&hdev->flags, HCI_INQUIRY);
    56. 

  56. 

  57. 	hci_dev_lock(hdev);
    58. 

  58. 	/* Set discovery state to stopped if we're not doing LE active
    59. 

  59. 	 * scanning.
    60. 

  60. 	 */
    61. 

  61. 	if (!hci_dev_test_flag(hdev, HCI_LE_SCAN) ||
    62. 

  62. 	    hdev->le_scan_type != LE_SCAN_ACTIVE)
    63. 

  63. 		hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
    64. 

  64. 	hci_dev_unlock(hdev);
    65. 

  65. 

  66. 	hci_conn_check_pending(hdev);
    67. 

  67. }
    68. 

  68. 

  69. static void hci_cc_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
    70. 

  70. {
    71. 

  71. 	__u8 status = *((__u8 *) skb->data);
    72. 

  72. 

  73. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    74. 

  74. 

  75. 	if (status)
    76. 

  76. 		return;
    77. 

  77. 

  78. 	hci_dev_set_flag(hdev, HCI_PERIODIC_INQ);
    79. 

  79. }
    80. 

  80. 

  81. static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
    82. 

  82. {
    83. 

  83. 	__u8 status = *((__u8 *) skb->data);
    84. 

  84. 

  85. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    86. 

  86. 

  87. 	if (status)
    88. 

  88. 		return;
    89. 

  89. 

  90. 	hci_dev_clear_flag(hdev, HCI_PERIODIC_INQ);
    91. 

  91. 

  92. 	hci_conn_check_pending(hdev);
    93. 

  93. }
    94. 

  94. 

  95. static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev,
    96. 

  96. 					  struct sk_buff *skb)
    97. 

  97. {
    98. 

  98. 	BT_DBG("%s", hdev->name);
    99. 

  99. }
    100. 

  100. 

  101. static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
    102. 

  102. {
    103. 

  103. 	struct hci_rp_role_discovery *rp = (void *) skb->data;
    104. 

  104. 	struct hci_conn *conn;
    105. 

  105. 

  106. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    107. 

  107. 

  108. 	if (rp->status)
    109. 

  109. 		return;
    110. 

  110. 

  111. 	hci_dev_lock(hdev);
    112. 

  112. 

  113. 	conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
    114. 

  114. 	if (conn)
    115. 

  115. 		conn->role = rp->role;
    116. 

  116. 

  117. 	hci_dev_unlock(hdev);
    118. 

  118. }
    119. 

  119. 

  120. static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
    121. 

  121. {
    122. 

  122. 	struct hci_rp_read_link_policy *rp = (void *) skb->data;
    123. 

  123. 	struct hci_conn *conn;
    124. 

  124. 

  125. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    126. 

  126. 

  127. 	if (rp->status)
    128. 

  128. 		return;
    129. 

  129. 

  130. 	hci_dev_lock(hdev);
    131. 

  131. 

  132. 	conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
    133. 

  133. 	if (conn)
    134. 

  134. 		conn->link_policy = __le16_to_cpu(rp->policy);
    135. 

  135. 

  136. 	hci_dev_unlock(hdev);
    137. 

  137. }
    138. 

  138. 

  139. static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
    140. 

  140. {
    141. 

  141. 	struct hci_rp_write_link_policy *rp = (void *) skb->data;
    142. 

  142. 	struct hci_conn *conn;
    143. 

  143. 	void *sent;
    144. 

  144. 

  145. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    146. 

  146. 

  147. 	if (rp->status)
    148. 

  148. 		return;
    149. 

  149. 

  150. 	sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
    151. 

  151. 	if (!sent)
    152. 

  152. 		return;
    153. 

  153. 

  154. 	hci_dev_lock(hdev);
    155. 

  155. 

  156. 	conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
    157. 

  157. 	if (conn)
    158. 

  158. 		conn->link_policy = get_unaligned_le16(sent + 2);
    159. 

  159. 

  160. 	hci_dev_unlock(hdev);
    161. 

  161. }
    162. 

  162. 

  163. static void hci_cc_read_def_link_policy(struct hci_dev *hdev,
    164. 

  164. 					struct sk_buff *skb)
    165. 

  165. {
    166. 

  166. 	struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
    167. 

  167. 

  168. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    169. 

  169. 

  170. 	if (rp->status)
    171. 

  171. 		return;
    172. 

  172. 

  173. 	hdev->link_policy = __le16_to_cpu(rp->policy);
    174. 

  174. }
    175. 

  175. 

  176. static void hci_cc_write_def_link_policy(struct hci_dev *hdev,
    177. 

  177. 					 struct sk_buff *skb)
    178. 

  178. {
    179. 

  179. 	__u8 status = *((__u8 *) skb->data);
    180. 

  180. 	void *sent;
    181. 

  181. 

  182. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    183. 

  183. 

  184. 	if (status)
    185. 

  185. 		return;
    186. 

  186. 

  187. 	sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
    188. 

  188. 	if (!sent)
    189. 

  189. 		return;
    190. 

  190. 

  191. 	hdev->link_policy = get_unaligned_le16(sent);
    192. 

  192. }
    193. 

  193. 

  194. static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
    195. 

  195. {
    196. 

  196. 	__u8 status = *((__u8 *) skb->data);
    197. 

  197. 

  198. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    199. 

  199. 

  200. 	clear_bit(HCI_RESET, &hdev->flags);
    201. 

  201. 

  202. 	if (status)
    203. 

  203. 		return;
    204. 

  204. 

  205. 	/* Reset all non-persistent flags */
    206. 

  206. 	hci_dev_clear_volatile_flags(hdev);
    207. 

  207. 

  208. 	hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
    209. 

  209. 

  210. 	hdev->inq_tx_power = HCI_TX_POWER_INVALID;
    211. 

  211. 	hdev->adv_tx_power = HCI_TX_POWER_INVALID;
    212. 

  212. 

  213. 	memset(hdev->adv_data, 0, sizeof(hdev->adv_data));
    214. 

  214. 	hdev->adv_data_len = 0;
    215. 

  215. 

  216. 	memset(hdev->scan_rsp_data, 0, sizeof(hdev->scan_rsp_data));
    217. 

  217. 	hdev->scan_rsp_data_len = 0;
    218. 

  218. 

  219. 	hdev->le_scan_type = LE_SCAN_PASSIVE;
    220. 

  220. 

  221. 	hdev->ssp_debug_mode = 0;
    222. 

  222. 

  223. 	hci_bdaddr_list_clear(&hdev->le_white_list);
    224. 

  224. 	hci_bdaddr_list_clear(&hdev->le_resolv_list);
    225. 

  225. }
    226. 

  226. 

  227. static void hci_cc_read_stored_link_key(struct hci_dev *hdev,
    228. 

  228. 					struct sk_buff *skb)
    229. 

  229. {
    230. 

  230. 	struct hci_rp_read_stored_link_key *rp = (void *)skb->data;
    231. 

  231. 	struct hci_cp_read_stored_link_key *sent;
    232. 

  232. 

  233. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    234. 

  234. 

  235. 	sent = hci_sent_cmd_data(hdev, HCI_OP_READ_STORED_LINK_KEY);
    236. 

  236. 	if (!sent)
    237. 

  237. 		return;
    238. 

  238. 

  239. 	if (!rp->status && sent->read_all == 0x01) {
    240. 

  240. 		hdev->stored_max_keys = rp->max_keys;
    241. 

  241. 		hdev->stored_num_keys = rp->num_keys;
    242. 

  242. 	}
    243. 

  243. }
    244. 

  244. 

  245. static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
    246. 

  246. 					  struct sk_buff *skb)
    247. 

  247. {
    248. 

  248. 	struct hci_rp_delete_stored_link_key *rp = (void *)skb->data;
    249. 

  249. 

  250. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    251. 

  251. 

  252. 	if (rp->status)
    253. 

  253. 		return;
    254. 

  254. 

  255. 	if (rp->num_keys <= hdev->stored_num_keys)
    256. 

  256. 		hdev->stored_num_keys -= rp->num_keys;
    257. 

  257. 	else
    258. 

  258. 		hdev->stored_num_keys = 0;
    259. 

  259. }
    260. 

  260. 

  261. static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
    262. 

  262. {
    263. 

  263. 	__u8 status = *((__u8 *) skb->data);
    264. 

  264. 	void *sent;
    265. 

  265. 

  266. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    267. 

  267. 

  268. 	sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
    269. 

  269. 	if (!sent)
    270. 

  270. 		return;
    271. 

  271. 

  272. 	hci_dev_lock(hdev);
    273. 

  273. 

  274. 	if (hci_dev_test_flag(hdev, HCI_MGMT))
    275. 

  275. 		mgmt_set_local_name_complete(hdev, sent, status);
    276. 

  276. 	else if (!status)
    277. 

  277. 		memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
    278. 

  278. 

  279. 	hci_dev_unlock(hdev);
    280. 

  280. }
    281. 

  281. 

  282. static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
    283. 

  283. {
    284. 

  284. 	struct hci_rp_read_local_name *rp = (void *) skb->data;
    285. 

  285. 

  286. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    287. 

  287. 

  288. 	if (rp->status)
    289. 

  289. 		return;
    290. 

  290. 

  291. 	if (hci_dev_test_flag(hdev, HCI_SETUP) ||
    292. 

  292. 	    hci_dev_test_flag(hdev, HCI_CONFIG))
    293. 

  293. 		memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
    294. 

  294. }
    295. 

  295. 

  296. static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
    297. 

  297. {
    298. 

  298. 	__u8 status = *((__u8 *) skb->data);
    299. 

  299. 	void *sent;
    300. 

  300. 

  301. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    302. 

  302. 

  303. 	sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
    304. 

  304. 	if (!sent)
    305. 

  305. 		return;
    306. 

  306. 

  307. 	hci_dev_lock(hdev);
    308. 

  308. 

  309. 	if (!status) {
    310. 

  310. 		__u8 param = *((__u8 *) sent);
    311. 

  311. 

  312. 		if (param == AUTH_ENABLED)
    313. 

  313. 			set_bit(HCI_AUTH, &hdev->flags);
    314. 

  314. 		else
    315. 

  315. 			clear_bit(HCI_AUTH, &hdev->flags);
    316. 

  316. 	}
    317. 

  317. 

  318. 	if (hci_dev_test_flag(hdev, HCI_MGMT))
    319. 

  319. 		mgmt_auth_enable_complete(hdev, status);
    320. 

  320. 

  321. 	hci_dev_unlock(hdev);
    322. 

  322. }
    323. 

  323. 

  324. static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
    325. 

  325. {
    326. 

  326. 	__u8 status = *((__u8 *) skb->data);
    327. 

  327. 	__u8 param;
    328. 

  328. 	void *sent;
    329. 

  329. 

  330. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    331. 

  331. 

  332. 	if (status)
    333. 

  333. 		return;
    334. 

  334. 

  335. 	sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
    336. 

  336. 	if (!sent)
    337. 

  337. 		return;
    338. 

  338. 

  339. 	param = *((__u8 *) sent);
    340. 

  340. 

  341. 	if (param)
    342. 

  342. 		set_bit(HCI_ENCRYPT, &hdev->flags);
    343. 

  343. 	else
    344. 

  344. 		clear_bit(HCI_ENCRYPT, &hdev->flags);
    345. 

  345. }
    346. 

  346. 

  347. static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
    348. 

  348. {
    349. 

  349. 	__u8 status = *((__u8 *) skb->data);
    350. 

  350. 	__u8 param;
    351. 

  351. 	void *sent;
    352. 

  352. 

  353. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    354. 

  354. 

  355. 	sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
    356. 

  356. 	if (!sent)
    357. 

  357. 		return;
    358. 

  358. 

  359. 	param = *((__u8 *) sent);
    360. 

  360. 

  361. 	hci_dev_lock(hdev);
    362. 

  362. 

  363. 	if (status) {
    364. 

  364. 		hdev->discov_timeout = 0;
    365. 

  365. 		goto done;
    366. 

  366. 	}
    367. 

  367. 

  368. 	if (param & SCAN_INQUIRY)
    369. 

  369. 		set_bit(HCI_ISCAN, &hdev->flags);
    370. 

  370. 	else
    371. 

  371. 		clear_bit(HCI_ISCAN, &hdev->flags);
    372. 

  372. 

  373. 	if (param & SCAN_PAGE)
    374. 

  374. 		set_bit(HCI_PSCAN, &hdev->flags);
    375. 

  375. 	else
    376. 

  376. 		clear_bit(HCI_PSCAN, &hdev->flags);
    377. 

  377. 

  378. done:
    379. 

  379. 	hci_dev_unlock(hdev);
    380. 

  380. }
    381. 

  381. 

  382. static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
    383. 

  383. {
    384. 

  384. 	struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
    385. 

  385. 

  386. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    387. 

  387. 

  388. 	if (rp->status)
    389. 

  389. 		return;
    390. 

  390. 

  391. 	memcpy(hdev->dev_class, rp->dev_class, 3);
    392. 

  392. 

  393. 	BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
    394. 

  394. 	       hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
    395. 

  395. }
    396. 

  396. 

  397. static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
    398. 

  398. {
    399. 

  399. 	__u8 status = *((__u8 *) skb->data);
    400. 

  400. 	void *sent;
    401. 

  401. 

  402. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    403. 

  403. 

  404. 	sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
    405. 

  405. 	if (!sent)
    406. 

  406. 		return;
    407. 

  407. 

  408. 	hci_dev_lock(hdev);
    409. 

  409. 

  410. 	if (status == 0)
    411. 

  411. 		memcpy(hdev->dev_class, sent, 3);
    412. 

  412. 

  413. 	if (hci_dev_test_flag(hdev, HCI_MGMT))
    414. 

  414. 		mgmt_set_class_of_dev_complete(hdev, sent, status);
    415. 

  415. 

  416. 	hci_dev_unlock(hdev);
    417. 

  417. }
    418. 

  418. 

  419. static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
    420. 

  420. {
    421. 

  421. 	struct hci_rp_read_voice_setting *rp = (void *) skb->data;
    422. 

  422. 	__u16 setting;
    423. 

  423. 

  424. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    425. 

  425. 

  426. 	if (rp->status)
    427. 

  427. 		return;
    428. 

  428. 

  429. 	setting = __le16_to_cpu(rp->voice_setting);
    430. 

  430. 

  431. 	if (hdev->voice_setting == setting)
    432. 

  432. 		return;
    433. 

  433. 

  434. 	hdev->voice_setting = setting;
    435. 

  435. 

  436. 	BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
    437. 

  437. 

  438. 	if (hdev->notify)
    439. 

  439. 		hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
    440. 

  440. }
    441. 

  441. 

  442. static void hci_cc_write_voice_setting(struct hci_dev *hdev,
    443. 

  443. 				       struct sk_buff *skb)
    444. 

  444. {
    445. 

  445. 	__u8 status = *((__u8 *) skb->data);
    446. 

  446. 	__u16 setting;
    447. 

  447. 	void *sent;
    448. 

  448. 

  449. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    450. 

  450. 

  451. 	if (status)
    452. 

  452. 		return;
    453. 

  453. 

  454. 	sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
    455. 

  455. 	if (!sent)
    456. 

  456. 		return;
    457. 

  457. 

  458. 	setting = get_unaligned_le16(sent);
    459. 

  459. 

  460. 	if (hdev->voice_setting == setting)
    461. 

  461. 		return;
    462. 

  462. 

  463. 	hdev->voice_setting = setting;
    464. 

  464. 

  465. 	BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
    466. 

  466. 

  467. 	if (hdev->notify)
    468. 

  468. 		hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
    469. 

  469. }
    470. 

  470. 

  471. static void hci_cc_read_num_supported_iac(struct hci_dev *hdev,
    472. 

  472. 					  struct sk_buff *skb)
    473. 

  473. {
    474. 

  474. 	struct hci_rp_read_num_supported_iac *rp = (void *) skb->data;
    475. 

  475. 

  476. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    477. 

  477. 

  478. 	if (rp->status)
    479. 

  479. 		return;
    480. 

  480. 

  481. 	hdev->num_iac = rp->num_iac;
    482. 

  482. 

  483. 	BT_DBG("%s num iac %d", hdev->name, hdev->num_iac);
    484. 

  484. }
    485. 

  485. 

  486. static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
    487. 

  487. {
    488. 

  488. 	__u8 status = *((__u8 *) skb->data);
    489. 

  489. 	struct hci_cp_write_ssp_mode *sent;
    490. 

  490. 

  491. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    492. 

  492. 

  493. 	sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
    494. 

  494. 	if (!sent)
    495. 

  495. 		return;
    496. 

  496. 

  497. 	hci_dev_lock(hdev);
    498. 

  498. 

  499. 	if (!status) {
    500. 

  500. 		if (sent->mode)
    501. 

  501. 			hdev->features[1][0] |= LMP_HOST_SSP;
    502. 

  502. 		else
    503. 

  503. 			hdev->features[1][0] &= ~LMP_HOST_SSP;
    504. 

  504. 	}
    505. 

  505. 

  506. 	if (hci_dev_test_flag(hdev, HCI_MGMT))
    507. 

  507. 		mgmt_ssp_enable_complete(hdev, sent->mode, status);
    508. 

  508. 	else if (!status) {
    509. 

  509. 		if (sent->mode)
    510. 

  510. 			hci_dev_set_flag(hdev, HCI_SSP_ENABLED);
    511. 

  511. 		else
    512. 

  512. 			hci_dev_clear_flag(hdev, HCI_SSP_ENABLED);
    513. 

  513. 	}
    514. 

  514. 

  515. 	hci_dev_unlock(hdev);
    516. 

  516. }
    517. 

  517. 

  518. static void hci_cc_write_sc_support(struct hci_dev *hdev, struct sk_buff *skb)
    519. 

  519. {
    520. 

  520. 	u8 status = *((u8 *) skb->data);
    521. 

  521. 	struct hci_cp_write_sc_support *sent;
    522. 

  522. 

  523. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    524. 

  524. 

  525. 	sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SC_SUPPORT);
    526. 

  526. 	if (!sent)
    527. 

  527. 		return;
    528. 

  528. 

  529. 	hci_dev_lock(hdev);
    530. 

  530. 

  531. 	if (!status) {
    532. 

  532. 		if (sent->support)
    533. 

  533. 			hdev->features[1][0] |= LMP_HOST_SC;
    534. 

  534. 		else
    535. 

  535. 			hdev->features[1][0] &= ~LMP_HOST_SC;
    536. 

  536. 	}
    537. 

  537. 

  538. 	if (!hci_dev_test_flag(hdev, HCI_MGMT) && !status) {
    539. 

  539. 		if (sent->support)
    540. 

  540. 			hci_dev_set_flag(hdev, HCI_SC_ENABLED);
    541. 

  541. 		else
    542. 

  542. 			hci_dev_clear_flag(hdev, HCI_SC_ENABLED);
    543. 

  543. 	}
    544. 

  544. 

  545. 	hci_dev_unlock(hdev);
    546. 

  546. }
    547. 

  547. 

  548. static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
    549. 

  549. {
    550. 

  550. 	struct hci_rp_read_local_version *rp = (void *) skb->data;
    551. 

  551. 

  552. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    553. 

  553. 

  554. 	if (rp->status)
    555. 

  555. 		return;
    556. 

  556. 

  557. 	if (hci_dev_test_flag(hdev, HCI_SETUP) ||
    558. 

  558. 	    hci_dev_test_flag(hdev, HCI_CONFIG)) {
    559. 

  559. 		hdev->hci_ver = rp->hci_ver;
    560. 

  560. 		hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
    561. 

  561. 		hdev->lmp_ver = rp->lmp_ver;
    562. 

  562. 		hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
    563. 

  563. 		hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
    564. 

  564. 	}
    565. 

  565. }
    566. 

  566. 

  567. static void hci_cc_read_local_commands(struct hci_dev *hdev,
    568. 

  568. 				       struct sk_buff *skb)
    569. 

  569. {
    570. 

  570. 	struct hci_rp_read_local_commands *rp = (void *) skb->data;
    571. 

  571. 

  572. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    573. 

  573. 

  574. 	if (rp->status)
    575. 

  575. 		return;
    576. 

  576. 

  577. 	if (hci_dev_test_flag(hdev, HCI_SETUP) ||
    578. 

  578. 	    hci_dev_test_flag(hdev, HCI_CONFIG))
    579. 

  579. 		memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
    580. 

  580. }
    581. 

  581. 

  582. static void hci_cc_read_auth_payload_timeout(struct hci_dev *hdev,
    583. 

  583. 					     struct sk_buff *skb)
    584. 

  584. {
    585. 

  585. 	struct hci_rp_read_auth_payload_to *rp = (void *)skb->data;
    586. 

  586. 	struct hci_conn *conn;
    587. 

  587. 

  588. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    589. 

  589. 

  590. 	if (rp->status)
    591. 

  591. 		return;
    592. 

  592. 

  593. 	hci_dev_lock(hdev);
    594. 

  594. 

  595. 	conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
    596. 

  596. 	if (conn)
    597. 

  597. 		conn->auth_payload_timeout = __le16_to_cpu(rp->timeout);
    598. 

  598. 

  599. 	hci_dev_unlock(hdev);
    600. 

  600. }
    601. 

  601. 

  602. static void hci_cc_write_auth_payload_timeout(struct hci_dev *hdev,
    603. 

  603. 					      struct sk_buff *skb)
    604. 

  604. {
    605. 

  605. 	struct hci_rp_write_auth_payload_to *rp = (void *)skb->data;
    606. 

  606. 	struct hci_conn *conn;
    607. 

  607. 	void *sent;
    608. 

  608. 

  609. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    610. 

  610. 

  611. 	if (rp->status)
    612. 

  612. 		return;
    613. 

  613. 

  614. 	sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_PAYLOAD_TO);
    615. 

  615. 	if (!sent)
    616. 

  616. 		return;
    617. 

  617. 

  618. 	hci_dev_lock(hdev);
    619. 

  619. 

  620. 	conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
    621. 

  621. 	if (conn)
    622. 

  622. 		conn->auth_payload_timeout = get_unaligned_le16(sent + 2);
    623. 

  623. 

  624. 	hci_dev_unlock(hdev);
    625. 

  625. }
    626. 

  626. 

  627. static void hci_cc_read_local_features(struct hci_dev *hdev,
    628. 

  628. 				       struct sk_buff *skb)
    629. 

  629. {
    630. 

  630. 	struct hci_rp_read_local_features *rp = (void *) skb->data;
    631. 

  631. 

  632. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    633. 

  633. 

  634. 	if (rp->status)
    635. 

  635. 		return;
    636. 

  636. 

  637. 	memcpy(hdev->features, rp->features, 8);
    638. 

  638. 

  639. 	/* Adjust default settings according to features
    640. 

  640. 	 * supported by device. */
    641. 

  641. 

  642. 	if (hdev->features[0][0] & LMP_3SLOT)
    643. 

  643. 		hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
    644. 

  644. 

  645. 	if (hdev->features[0][0] & LMP_5SLOT)
    646. 

  646. 		hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
    647. 

  647. 

  648. 	if (hdev->features[0][1] & LMP_HV2) {
    649. 

  649. 		hdev->pkt_type  |= (HCI_HV2);
    650. 

  650. 		hdev->esco_type |= (ESCO_HV2);
    651. 

  651. 	}
    652. 

  652. 

  653. 	if (hdev->features[0][1] & LMP_HV3) {
    654. 

  654. 		hdev->pkt_type  |= (HCI_HV3);
    655. 

  655. 		hdev->esco_type |= (ESCO_HV3);
    656. 

  656. 	}
    657. 

  657. 

  658. 	if (lmp_esco_capable(hdev))
    659. 

  659. 		hdev->esco_type |= (ESCO_EV3);
    660. 

  660. 

  661. 	if (hdev->features[0][4] & LMP_EV4)
    662. 

  662. 		hdev->esco_type |= (ESCO_EV4);
    663. 

  663. 

  664. 	if (hdev->features[0][4] & LMP_EV5)
    665. 

  665. 		hdev->esco_type |= (ESCO_EV5);
    666. 

  666. 

  667. 	if (hdev->features[0][5] & LMP_EDR_ESCO_2M)
    668. 

  668. 		hdev->esco_type |= (ESCO_2EV3);
    669. 

  669. 

  670. 	if (hdev->features[0][5] & LMP_EDR_ESCO_3M)
    671. 

  671. 		hdev->esco_type |= (ESCO_3EV3);
    672. 

  672. 

  673. 	if (hdev->features[0][5] & LMP_EDR_3S_ESCO)
    674. 

  674. 		hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
    675. 

  675. }
    676. 

  676. 

  677. static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
    678. 

  678. 					   struct sk_buff *skb)
    679. 

  679. {
    680. 

  680. 	struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
    681. 

  681. 

  682. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    683. 

  683. 

  684. 	if (rp->status)
    685. 

  685. 		return;
    686. 

  686. 

  687. 	if (hdev->max_page < rp->max_page)
    688. 

  688. 		hdev->max_page = rp->max_page;
    689. 

  689. 

  690. 	if (rp->page < HCI_MAX_PAGES)
    691. 

  691. 		memcpy(hdev->features[rp->page], rp->features, 8);
    692. 

  692. }
    693. 

  693. 

  694. static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
    695. 

  695. 					  struct sk_buff *skb)
    696. 

  696. {
    697. 

  697. 	struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
    698. 

  698. 

  699. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    700. 

  700. 

  701. 	if (rp->status)
    702. 

  702. 		return;
    703. 

  703. 

  704. 	hdev->flow_ctl_mode = rp->mode;
    705. 

  705. }
    706. 

  706. 

  707. static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
    708. 

  708. {
    709. 

  709. 	struct hci_rp_read_buffer_size *rp = (void *) skb->data;
    710. 

  710. 

  711. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    712. 

  712. 

  713. 	if (rp->status)
    714. 

  714. 		return;
    715. 

  715. 

  716. 	hdev->acl_mtu  = __le16_to_cpu(rp->acl_mtu);
    717. 

  717. 	hdev->sco_mtu  = rp->sco_mtu;
    718. 

  718. 	hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
    719. 

  719. 	hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
    720. 

  720. 

  721. 	if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
    722. 

  722. 		hdev->sco_mtu  = 64;
    723. 

  723. 		hdev->sco_pkts = 8;
    724. 

  724. 	}
    725. 

  725. 

  726. 	hdev->acl_cnt = hdev->acl_pkts;
    727. 

  727. 	hdev->sco_cnt = hdev->sco_pkts;
    728. 

  728. 

  729. 	BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu,
    730. 

  730. 	       hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts);
    731. 

  731. }
    732. 

  732. 

  733. static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
    734. 

  734. {
    735. 

  735. 	struct hci_rp_read_bd_addr *rp = (void *) skb->data;
    736. 

  736. 

  737. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    738. 

  738. 

  739. 	if (rp->status)
    740. 

  740. 		return;
    741. 

  741. 

  742. 	if (test_bit(HCI_INIT, &hdev->flags))
    743. 

  743. 		bacpy(&hdev->bdaddr, &rp->bdaddr);
    744. 

  744. 

  745. 	if (hci_dev_test_flag(hdev, HCI_SETUP))
    746. 

  746. 		bacpy(&hdev->setup_addr, &rp->bdaddr);
    747. 

  747. }
    748. 

  748. 

  749. static void hci_cc_read_page_scan_activity(struct hci_dev *hdev,
    750. 

  750. 					   struct sk_buff *skb)
    751. 

  751. {
    752. 

  752. 	struct hci_rp_read_page_scan_activity *rp = (void *) skb->data;
    753. 

  753. 

  754. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    755. 

  755. 

  756. 	if (rp->status)
    757. 

  757. 		return;
    758. 

  758. 

  759. 	if (test_bit(HCI_INIT, &hdev->flags)) {
    760. 

  760. 		hdev->page_scan_interval = __le16_to_cpu(rp->interval);
    761. 

  761. 		hdev->page_scan_window = __le16_to_cpu(rp->window);
    762. 

  762. 	}
    763. 

  763. }
    764. 

  764. 

  765. static void hci_cc_write_page_scan_activity(struct hci_dev *hdev,
    766. 

  766. 					    struct sk_buff *skb)
    767. 

  767. {
    768. 

  768. 	u8 status = *((u8 *) skb->data);
    769. 

  769. 	struct hci_cp_write_page_scan_activity *sent;
    770. 

  770. 

  771. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    772. 

  772. 

  773. 	if (status)
    774. 

  774. 		return;
    775. 

  775. 

  776. 	sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY);
    777. 

  777. 	if (!sent)
    778. 

  778. 		return;
    779. 

  779. 

  780. 	hdev->page_scan_interval = __le16_to_cpu(sent->interval);
    781. 

  781. 	hdev->page_scan_window = __le16_to_cpu(sent->window);
    782. 

  782. }
    783. 

  783. 

  784. static void hci_cc_read_page_scan_type(struct hci_dev *hdev,
    785. 

  785. 					   struct sk_buff *skb)
    786. 

  786. {
    787. 

  787. 	struct hci_rp_read_page_scan_type *rp = (void *) skb->data;
    788. 

  788. 

  789. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    790. 

  790. 

  791. 	if (rp->status)
    792. 

  792. 		return;
    793. 

  793. 

  794. 	if (test_bit(HCI_INIT, &hdev->flags))
    795. 

  795. 		hdev->page_scan_type = rp->type;
    796. 

  796. }
    797. 

  797. 

  798. static void hci_cc_write_page_scan_type(struct hci_dev *hdev,
    799. 

  799. 					struct sk_buff *skb)
    800. 

  800. {
    801. 

  801. 	u8 status = *((u8 *) skb->data);
    802. 

  802. 	u8 *type;
    803. 

  803. 

  804. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    805. 

  805. 

  806. 	if (status)
    807. 

  807. 		return;
    808. 

  808. 

  809. 	type = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE);
    810. 

  810. 	if (type)
    811. 

  811. 		hdev->page_scan_type = *type;
    812. 

  812. }
    813. 

  813. 

  814. static void hci_cc_read_data_block_size(struct hci_dev *hdev,
    815. 

  815. 					struct sk_buff *skb)
    816. 

  816. {
    817. 

  817. 	struct hci_rp_read_data_block_size *rp = (void *) skb->data;
    818. 

  818. 

  819. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    820. 

  820. 

  821. 	if (rp->status)
    822. 

  822. 		return;
    823. 

  823. 

  824. 	hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
    825. 

  825. 	hdev->block_len = __le16_to_cpu(rp->block_len);
    826. 

  826. 	hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
    827. 

  827. 

  828. 	hdev->block_cnt = hdev->num_blocks;
    829. 

  829. 

  830. 	BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
    831. 

  831. 	       hdev->block_cnt, hdev->block_len);
    832. 

  832. }
    833. 

  833. 

  834. static void hci_cc_read_clock(struct hci_dev *hdev, struct sk_buff *skb)
    835. 

  835. {
    836. 

  836. 	struct hci_rp_read_clock *rp = (void *) skb->data;
    837. 

  837. 	struct hci_cp_read_clock *cp;
    838. 

  838. 	struct hci_conn *conn;
    839. 

  839. 

  840. 	BT_DBG("%s", hdev->name);
    841. 

  841. 

  842. 	if (skb->len < sizeof(*rp))
    843. 

  843. 		return;
    844. 

  844. 

  845. 	if (rp->status)
    846. 

  846. 		return;
    847. 

  847. 

  848. 	hci_dev_lock(hdev);
    849. 

  849. 

  850. 	cp = hci_sent_cmd_data(hdev, HCI_OP_READ_CLOCK);
    851. 

  851. 	if (!cp)
    852. 

  852. 		goto unlock;
    853. 

  853. 

  854. 	if (cp->which == 0x00) {
    855. 

  855. 		hdev->clock = le32_to_cpu(rp->clock);
    856. 

  856. 		goto unlock;
    857. 

  857. 	}
    858. 

  858. 

  859. 	conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
    860. 

  860. 	if (conn) {
    861. 

  861. 		conn->clock = le32_to_cpu(rp->clock);
    862. 

  862. 		conn->clock_accuracy = le16_to_cpu(rp->accuracy);
    863. 

  863. 	}
    864. 

  864. 

  865. unlock:
    866. 

  866. 	hci_dev_unlock(hdev);
    867. 

  867. }
    868. 

  868. 

  869. static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
    870. 

  870. 				       struct sk_buff *skb)
    871. 

  871. {
    872. 

  872. 	struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
    873. 

  873. 

  874. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    875. 

  875. 

  876. 	if (rp->status)
    877. 

  877. 		return;
    878. 

  878. 

  879. 	hdev->amp_status = rp->amp_status;
    880. 

  880. 	hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
    881. 

  881. 	hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
    882. 

  882. 	hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
    883. 

  883. 	hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
    884. 

  884. 	hdev->amp_type = rp->amp_type;
    885. 

  885. 	hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
    886. 

  886. 	hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
    887. 

  887. 	hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
    888. 

  888. 	hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
    889. 

  889. }
    890. 

  890. 

  891. static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
    892. 

  892. 					 struct sk_buff *skb)
    893. 

  893. {
    894. 

  894. 	struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data;
    895. 

  895. 

  896. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    897. 

  897. 

  898. 	if (rp->status)
    899. 

  899. 		return;
    900. 

  900. 

  901. 	hdev->inq_tx_power = rp->tx_power;
    902. 

  902. }
    903. 

  903. 

  904. static void hci_cc_read_def_err_data_reporting(struct hci_dev *hdev,
    905. 

  905. 					       struct sk_buff *skb)
    906. 

  906. {
    907. 

  907. 	struct hci_rp_read_def_err_data_reporting *rp = (void *)skb->data;
    908. 

  908. 

  909. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    910. 

  910. 

  911. 	if (rp->status)
    912. 

  912. 		return;
    913. 

  913. 

  914. 	hdev->err_data_reporting = rp->err_data_reporting;
    915. 

  915. }
    916. 

  916. 

  917. static void hci_cc_write_def_err_data_reporting(struct hci_dev *hdev,
    918. 

  918. 						struct sk_buff *skb)
    919. 

  919. {
    920. 

  920. 	__u8 status = *((__u8 *)skb->data);
    921. 

  921. 	struct hci_cp_write_def_err_data_reporting *cp;
    922. 

  922. 

  923. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    924. 

  924. 

  925. 	if (status)
    926. 

  926. 		return;
    927. 

  927. 

  928. 	cp = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_ERR_DATA_REPORTING);
    929. 

  929. 	if (!cp)
    930. 

  930. 		return;
    931. 

  931. 

  932. 	hdev->err_data_reporting = cp->err_data_reporting;
    933. 

  933. }
    934. 

  934. 

  935. static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
    936. 

  936. {
    937. 

  937. 	struct hci_rp_pin_code_reply *rp = (void *) skb->data;
    938. 

  938. 	struct hci_cp_pin_code_reply *cp;
    939. 

  939. 	struct hci_conn *conn;
    940. 

  940. 

  941. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    942. 

  942. 

  943. 	hci_dev_lock(hdev);
    944. 

  944. 

  945. 	if (hci_dev_test_flag(hdev, HCI_MGMT))
    946. 

  946. 		mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
    947. 

  947. 

  948. 	if (rp->status)
    949. 

  949. 		goto unlock;
    950. 

  950. 

  951. 	cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
    952. 

  952. 	if (!cp)
    953. 

  953. 		goto unlock;
    954. 

  954. 

  955. 	conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
    956. 

  956. 	if (conn)
    957. 

  957. 		conn->pin_length = cp->pin_len;
    958. 

  958. 

  959. unlock:
    960. 

  960. 	hci_dev_unlock(hdev);
    961. 

  961. }
    962. 

  962. 

  963. static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
    964. 

  964. {
    965. 

  965. 	struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
    966. 

  966. 

  967. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    968. 

  968. 

  969. 	hci_dev_lock(hdev);
    970. 

  970. 

  971. 	if (hci_dev_test_flag(hdev, HCI_MGMT))
    972. 

  972. 		mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
    973. 

  973. 						 rp->status);
    974. 

  974. 

  975. 	hci_dev_unlock(hdev);
    976. 

  976. }
    977. 

  977. 

  978. static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
    979. 

  979. 				       struct sk_buff *skb)
    980. 

  980. {
    981. 

  981. 	struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
    982. 

  982. 

  983. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    984. 

  984. 

  985. 	if (rp->status)
    986. 

  986. 		return;
    987. 

  987. 

  988. 	hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
    989. 

  989. 	hdev->le_pkts = rp->le_max_pkt;
    990. 

  990. 

  991. 	hdev->le_cnt = hdev->le_pkts;
    992. 

  992. 

  993. 	BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
    994. 

  994. }
    995. 

  995. 

  996. static void hci_cc_le_read_local_features(struct hci_dev *hdev,
    997. 

  997. 					  struct sk_buff *skb)
    998. 

  998. {
    999. 

  999. 	struct hci_rp_le_read_local_features *rp = (void *) skb->data;
    1000. 

  1000. 

  1001. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    1002. 

  1002. 

  1003. 	if (rp->status)
    1004. 

  1004. 		return;
    1005. 

  1005. 

  1006. 	memcpy(hdev->le_features, rp->features, 8);
    1007. 

  1007. }
    1008. 

  1008. 

  1009. static void hci_cc_le_read_adv_tx_power(struct hci_dev *hdev,
    1010. 

  1010. 					struct sk_buff *skb)
    1011. 

  1011. {
    1012. 

  1012. 	struct hci_rp_le_read_adv_tx_power *rp = (void *) skb->data;
    1013. 

  1013. 

  1014. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    1015. 

  1015. 

  1016. 	if (rp->status)
    1017. 

  1017. 		return;
    1018. 

  1018. 

  1019. 	hdev->adv_tx_power = rp->tx_power;
    1020. 

  1020. }
    1021. 

  1021. 

  1022. static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
    1023. 

  1023. {
    1024. 

  1024. 	struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
    1025. 

  1025. 

  1026. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    1027. 

  1027. 

  1028. 	hci_dev_lock(hdev);
    1029. 

  1029. 

  1030. 	if (hci_dev_test_flag(hdev, HCI_MGMT))
    1031. 

  1031. 		mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0,
    1032. 

  1032. 						 rp->status);
    1033. 

  1033. 

  1034. 	hci_dev_unlock(hdev);
    1035. 

  1035. }
    1036. 

  1036. 

  1037. static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
    1038. 

  1038. 					  struct sk_buff *skb)
    1039. 

  1039. {
    1040. 

  1040. 	struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
    1041. 

  1041. 

  1042. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    1043. 

  1043. 

  1044. 	hci_dev_lock(hdev);
    1045. 

  1045. 

  1046. 	if (hci_dev_test_flag(hdev, HCI_MGMT))
    1047. 

  1047. 		mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
    1048. 

  1048. 						     ACL_LINK, 0, rp->status);
    1049. 

  1049. 

  1050. 	hci_dev_unlock(hdev);
    1051. 

  1051. }
    1052. 

  1052. 

  1053. static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
    1054. 

  1054. {
    1055. 

  1055. 	struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
    1056. 

  1056. 

  1057. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    1058. 

  1058. 

  1059. 	hci_dev_lock(hdev);
    1060. 

  1060. 

  1061. 	if (hci_dev_test_flag(hdev, HCI_MGMT))
    1062. 

  1062. 		mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
    1063. 

  1063. 						 0, rp->status);
    1064. 

  1064. 

  1065. 	hci_dev_unlock(hdev);
    1066. 

  1066. }
    1067. 

  1067. 

  1068. static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
    1069. 

  1069. 					  struct sk_buff *skb)
    1070. 

  1070. {
    1071. 

  1071. 	struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
    1072. 

  1072. 

  1073. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    1074. 

  1074. 

  1075. 	hci_dev_lock(hdev);
    1076. 

  1076. 

  1077. 	if (hci_dev_test_flag(hdev, HCI_MGMT))
    1078. 

  1078. 		mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
    1079. 

  1079. 						     ACL_LINK, 0, rp->status);
    1080. 

  1080. 

  1081. 	hci_dev_unlock(hdev);
    1082. 

  1082. }
    1083. 

  1083. 

  1084. static void hci_cc_read_local_oob_data(struct hci_dev *hdev,
    1085. 

  1085. 				       struct sk_buff *skb)
    1086. 

  1086. {
    1087. 

  1087. 	struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
    1088. 

  1088. 

  1089. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    1090. 

  1090. }
    1091. 

  1091. 

  1092. static void hci_cc_read_local_oob_ext_data(struct hci_dev *hdev,
    1093. 

  1093. 					   struct sk_buff *skb)
    1094. 

  1094. {
    1095. 

  1095. 	struct hci_rp_read_local_oob_ext_data *rp = (void *) skb->data;
    1096. 

  1096. 

  1097. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    1098. 

  1098. }
    1099. 

  1099. 

  1100. static void hci_cc_le_set_random_addr(struct hci_dev *hdev, struct sk_buff *skb)
    1101. 

  1101. {
    1102. 

  1102. 	__u8 status = *((__u8 *) skb->data);
    1103. 

  1103. 	bdaddr_t *sent;
    1104. 

  1104. 

  1105. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1106. 

  1106. 

  1107. 	if (status)
    1108. 

  1108. 		return;
    1109. 

  1109. 

  1110. 	sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_RANDOM_ADDR);
    1111. 

  1111. 	if (!sent)
    1112. 

  1112. 		return;
    1113. 

  1113. 

  1114. 	hci_dev_lock(hdev);
    1115. 

  1115. 

  1116. 	bacpy(&hdev->random_addr, sent);
    1117. 

  1117. 

  1118. 	hci_dev_unlock(hdev);
    1119. 

  1119. }
    1120. 

  1120. 

  1121. static void hci_cc_le_set_default_phy(struct hci_dev *hdev, struct sk_buff *skb)
    1122. 

  1122. {
    1123. 

  1123. 	__u8 status = *((__u8 *) skb->data);
    1124. 

  1124. 	struct hci_cp_le_set_default_phy *cp;
    1125. 

  1125. 

  1126. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1127. 

  1127. 

  1128. 	if (status)
    1129. 

  1129. 		return;
    1130. 

  1130. 

  1131. 	cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_DEFAULT_PHY);
    1132. 

  1132. 	if (!cp)
    1133. 

  1133. 		return;
    1134. 

  1134. 

  1135. 	hci_dev_lock(hdev);
    1136. 

  1136. 

  1137. 	hdev->le_tx_def_phys = cp->tx_phys;
    1138. 

  1138. 	hdev->le_rx_def_phys = cp->rx_phys;
    1139. 

  1139. 

  1140. 	hci_dev_unlock(hdev);
    1141. 

  1141. }
    1142. 

  1142. 

  1143. static void hci_cc_le_set_adv_set_random_addr(struct hci_dev *hdev,
    1144. 

  1144.                                               struct sk_buff *skb)
    1145. 

  1145. {
    1146. 

  1146. 	__u8 status = *((__u8 *) skb->data);
    1147. 

  1147. 	struct hci_cp_le_set_adv_set_rand_addr *cp;
    1148. 

  1148. 	struct adv_info *adv_instance;
    1149. 

  1149. 

  1150. 	if (status)
    1151. 

  1151. 		return;
    1152. 

  1152. 

  1153. 	cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_SET_RAND_ADDR);
    1154. 

  1154. 	if (!cp)
    1155. 

  1155. 		return;
    1156. 

  1156. 

  1157. 	hci_dev_lock(hdev);
    1158. 

  1158. 

  1159. 	if (!hdev->cur_adv_instance) {
    1160. 

  1160. 		/* Store in hdev for instance 0 (Set adv and Directed advs) */
    1161. 

  1161. 		bacpy(&hdev->random_addr, &cp->bdaddr);
    1162. 

  1162. 	} else {
    1163. 

  1163. 		adv_instance = hci_find_adv_instance(hdev,
    1164. 

  1164. 						     hdev->cur_adv_instance);
    1165. 

  1165. 		if (adv_instance)
    1166. 

  1166. 			bacpy(&adv_instance->random_addr, &cp->bdaddr);
    1167. 

  1167. 	}
    1168. 

  1168. 

  1169. 	hci_dev_unlock(hdev);
    1170. 

  1170. }
    1171. 

  1171. 

  1172. static void hci_cc_le_set_adv_enable(struct hci_dev *hdev, struct sk_buff *skb)
    1173. 

  1173. {
    1174. 

  1174. 	__u8 *sent, status = *((__u8 *) skb->data);
    1175. 

  1175. 

  1176. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1177. 

  1177. 

  1178. 	if (status)
    1179. 

  1179. 		return;
    1180. 

  1180. 

  1181. 	sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_ENABLE);
    1182. 

  1182. 	if (!sent)
    1183. 

  1183. 		return;
    1184. 

  1184. 

  1185. 	hci_dev_lock(hdev);
    1186. 

  1186. 

  1187. 	/* If we're doing connection initiation as peripheral. Set a
    1188. 

  1188. 	 * timeout in case something goes wrong.
    1189. 

  1189. 	 */
    1190. 

  1190. 	if (*sent) {
    1191. 

  1191. 		struct hci_conn *conn;
    1192. 

  1192. 

  1193. 		hci_dev_set_flag(hdev, HCI_LE_ADV);
    1194. 

  1194. 

  1195. 		conn = hci_lookup_le_connect(hdev);
    1196. 

  1196. 		if (conn)
    1197. 

  1197. 			queue_delayed_work(hdev->workqueue,
    1198. 

  1198. 					   &conn->le_conn_timeout,
    1199. 

  1199. 					   conn->conn_timeout);
    1200. 

  1200. 	} else {
    1201. 

  1201. 		hci_dev_clear_flag(hdev, HCI_LE_ADV);
    1202. 

  1202. 	}
    1203. 

  1203. 

  1204. 	hci_dev_unlock(hdev);
    1205. 

  1205. }
    1206. 

  1206. 

  1207. static void hci_cc_le_set_ext_adv_enable(struct hci_dev *hdev,
    1208. 

  1208. 					 struct sk_buff *skb)
    1209. 

  1209. {
    1210. 

  1210. 	struct hci_cp_le_set_ext_adv_enable *cp;
    1211. 

  1211. 	__u8 status = *((__u8 *) skb->data);
    1212. 

  1212. 

  1213. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1214. 

  1214. 

  1215. 	if (status)
    1216. 

  1216. 		return;
    1217. 

  1217. 

  1218. 	cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_EXT_ADV_ENABLE);
    1219. 

  1219. 	if (!cp)
    1220. 

  1220. 		return;
    1221. 

  1221. 

  1222. 	hci_dev_lock(hdev);
    1223. 

  1223. 

  1224. 	if (cp->enable) {
    1225. 

  1225. 		struct hci_conn *conn;
    1226. 

  1226. 

  1227. 		hci_dev_set_flag(hdev, HCI_LE_ADV);
    1228. 

  1228. 

  1229. 		conn = hci_lookup_le_connect(hdev);
    1230. 

  1230. 		if (conn)
    1231. 

  1231. 			queue_delayed_work(hdev->workqueue,
    1232. 

  1232. 					   &conn->le_conn_timeout,
    1233. 

  1233. 					   conn->conn_timeout);
    1234. 

  1234. 	} else {
    1235. 

  1235. 		hci_dev_clear_flag(hdev, HCI_LE_ADV);
    1236. 

  1236. 	}
    1237. 

  1237. 

  1238. 	hci_dev_unlock(hdev);
    1239. 

  1239. }
    1240. 

  1240. 

  1241. static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
    1242. 

  1242. {
    1243. 

  1243. 	struct hci_cp_le_set_scan_param *cp;
    1244. 

  1244. 	__u8 status = *((__u8 *) skb->data);
    1245. 

  1245. 

  1246. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1247. 

  1247. 

  1248. 	if (status)
    1249. 

  1249. 		return;
    1250. 

  1250. 

  1251. 	cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_PARAM);
    1252. 

  1252. 	if (!cp)
    1253. 

  1253. 		return;
    1254. 

  1254. 

  1255. 	hci_dev_lock(hdev);
    1256. 

  1256. 

  1257. 	hdev->le_scan_type = cp->type;
    1258. 

  1258. 

  1259. 	hci_dev_unlock(hdev);
    1260. 

  1260. }
    1261. 

  1261. 

  1262. static void hci_cc_le_set_ext_scan_param(struct hci_dev *hdev,
    1263. 

  1263. 					 struct sk_buff *skb)
    1264. 

  1264. {
    1265. 

  1265. 	struct hci_cp_le_set_ext_scan_params *cp;
    1266. 

  1266. 	__u8 status = *((__u8 *) skb->data);
    1267. 

  1267. 	struct hci_cp_le_scan_phy_params *phy_param;
    1268. 

  1268. 

  1269. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1270. 

  1270. 

  1271. 	if (status)
    1272. 

  1272. 		return;
    1273. 

  1273. 

  1274. 	cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_EXT_SCAN_PARAMS);
    1275. 

  1275. 	if (!cp)
    1276. 

  1276. 		return;
    1277. 

  1277. 

  1278. 	phy_param = (void *)cp->data;
    1279. 

  1279. 

  1280. 	hci_dev_lock(hdev);
    1281. 

  1281. 

  1282. 	hdev->le_scan_type = phy_param->type;
    1283. 

  1283. 

  1284. 	hci_dev_unlock(hdev);
    1285. 

  1285. }
    1286. 

  1286. 

  1287. static bool has_pending_adv_report(struct hci_dev *hdev)
    1288. 

  1288. {
    1289. 

  1289. 	struct discovery_state *d = &hdev->discovery;
    1290. 

  1290. 

  1291. 	return bacmp(&d->last_adv_addr, BDADDR_ANY);
    1292. 

  1292. }
    1293. 

  1293. 

  1294. static void clear_pending_adv_report(struct hci_dev *hdev)
    1295. 

  1295. {
    1296. 

  1296. 	struct discovery_state *d = &hdev->discovery;
    1297. 

  1297. 

  1298. 	bacpy(&d->last_adv_addr, BDADDR_ANY);
    1299. 

  1299. 	d->last_adv_data_len = 0;
    1300. 

  1300. }
    1301. 

  1301. 

  1302. static void store_pending_adv_report(struct hci_dev *hdev, bdaddr_t *bdaddr,
    1303. 

  1303. 				     u8 bdaddr_type, s8 rssi, u32 flags,
    1304. 

  1304. 				     u8 *data, u8 len)
    1305. 

  1305. {
    1306. 

  1306. 	struct discovery_state *d = &hdev->discovery;
    1307. 

  1307. 

  1308. 	bacpy(&d->last_adv_addr, bdaddr);
    1309. 

  1309. 	d->last_adv_addr_type = bdaddr_type;
    1310. 

  1310. 	d->last_adv_rssi = rssi;
    1311. 

  1311. 	d->last_adv_flags = flags;
    1312. 

  1312. 	memcpy(d->last_adv_data, data, len);
    1313. 

  1313. 	d->last_adv_data_len = len;
    1314. 

  1314. }
    1315. 

  1315. 

  1316. static void le_set_scan_enable_complete(struct hci_dev *hdev, u8 enable)
    1317. 

  1317. {
    1318. 

  1318. 	hci_dev_lock(hdev);
    1319. 

  1319. 

  1320. 	switch (enable) {
    1321. 

  1321. 	case LE_SCAN_ENABLE:
    1322. 

  1322. 		hci_dev_set_flag(hdev, HCI_LE_SCAN);
    1323. 

  1323. 		if (hdev->le_scan_type == LE_SCAN_ACTIVE)
    1324. 

  1324. 			clear_pending_adv_report(hdev);
    1325. 

  1325. 		break;
    1326. 

  1326. 

  1327. 	case LE_SCAN_DISABLE:
    1328. 

  1328. 		/* We do this here instead of when setting DISCOVERY_STOPPED
    1329. 

  1329. 		 * since the latter would potentially require waiting for
    1330. 

  1330. 		 * inquiry to stop too.
    1331. 

  1331. 		 */
    1332. 

  1332. 		if (has_pending_adv_report(hdev)) {
    1333. 

  1333. 			struct discovery_state *d = &hdev->discovery;
    1334. 

  1334. 

  1335. 			mgmt_device_found(hdev, &d->last_adv_addr, LE_LINK,
    1336. 

  1336. 					  d->last_adv_addr_type, NULL,
    1337. 

  1337. 					  d->last_adv_rssi, d->last_adv_flags,
    1338. 

  1338. 					  d->last_adv_data,
    1339. 

  1339. 					  d->last_adv_data_len, NULL, 0);
    1340. 

  1340. 		}
    1341. 

  1341. 

  1342. 		/* Cancel this timer so that we don't try to disable scanning
    1343. 

  1343. 		 * when it's already disabled.
    1344. 

  1344. 		 */
    1345. 

  1345. 		cancel_delayed_work(&hdev->le_scan_disable);
    1346. 

  1346. 

  1347. 		hci_dev_clear_flag(hdev, HCI_LE_SCAN);
    1348. 

  1348. 

  1349. 		/* The HCI_LE_SCAN_INTERRUPTED flag indicates that we
    1350. 

  1350. 		 * interrupted scanning due to a connect request. Mark
    1351. 

  1351. 		 * therefore discovery as stopped. If this was not
    1352. 

  1352. 		 * because of a connect request advertising might have
    1353. 

  1353. 		 * been disabled because of active scanning, so
    1354. 

  1354. 		 * re-enable it again if necessary.
    1355. 

  1355. 		 */
    1356. 

  1356. 		if (hci_dev_test_and_clear_flag(hdev, HCI_LE_SCAN_INTERRUPTED))
    1357. 

  1357. 			hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
    1358. 

  1358. 		else if (!hci_dev_test_flag(hdev, HCI_LE_ADV) &&
    1359. 

  1359. 			 hdev->discovery.state == DISCOVERY_FINDING)
    1360. 

  1360. 			hci_req_reenable_advertising(hdev);
    1361. 

  1361. 

  1362. 		break;
    1363. 

  1363. 

  1364. 	default:
    1365. 

  1365. 		bt_dev_err(hdev, "use of reserved LE_Scan_Enable param %d",
    1366. 

  1366. 			   enable);
    1367. 

  1367. 		break;
    1368. 

  1368. 	}
    1369. 

  1369. 

  1370. 	hci_dev_unlock(hdev);
    1371. 

  1371. }
    1372. 

  1372. 

  1373. static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
    1374. 

  1374. 				      struct sk_buff *skb)
    1375. 

  1375. {
    1376. 

  1376. 	struct hci_cp_le_set_scan_enable *cp;
    1377. 

  1377. 	__u8 status = *((__u8 *) skb->data);
    1378. 

  1378. 

  1379. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1380. 

  1380. 

  1381. 	if (status)
    1382. 

  1382. 		return;
    1383. 

  1383. 

  1384. 	cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
    1385. 

  1385. 	if (!cp)
    1386. 

  1386. 		return;
    1387. 

  1387. 

  1388. 	le_set_scan_enable_complete(hdev, cp->enable);
    1389. 

  1389. }
    1390. 

  1390. 

  1391. static void hci_cc_le_set_ext_scan_enable(struct hci_dev *hdev,
    1392. 

  1392. 				      struct sk_buff *skb)
    1393. 

  1393. {
    1394. 

  1394. 	struct hci_cp_le_set_ext_scan_enable *cp;
    1395. 

  1395. 	__u8 status = *((__u8 *) skb->data);
    1396. 

  1396. 

  1397. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1398. 

  1398. 

  1399. 	if (status)
    1400. 

  1400. 		return;
    1401. 

  1401. 

  1402. 	cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_EXT_SCAN_ENABLE);
    1403. 

  1403. 	if (!cp)
    1404. 

  1404. 		return;
    1405. 

  1405. 

  1406. 	le_set_scan_enable_complete(hdev, cp->enable);
    1407. 

  1407. }
    1408. 

  1408. 

  1409. static void hci_cc_le_read_num_adv_sets(struct hci_dev *hdev,
    1410. 

  1410. 				      struct sk_buff *skb)
    1411. 

  1411. {
    1412. 

  1412. 	struct hci_rp_le_read_num_supported_adv_sets *rp = (void *) skb->data;
    1413. 

  1413. 

  1414. 	BT_DBG("%s status 0x%2.2x No of Adv sets %u", hdev->name, rp->status,
    1415. 

  1415. 	       rp->num_of_sets);
    1416. 

  1416. 

  1417. 	if (rp->status)
    1418. 

  1418. 		return;
    1419. 

  1419. 

  1420. 	hdev->le_num_of_adv_sets = rp->num_of_sets;
    1421. 

  1421. }
    1422. 

  1422. 

  1423. static void hci_cc_le_read_white_list_size(struct hci_dev *hdev,
    1424. 

  1424. 					   struct sk_buff *skb)
    1425. 

  1425. {
    1426. 

  1426. 	struct hci_rp_le_read_white_list_size *rp = (void *) skb->data;
    1427. 

  1427. 

  1428. 	BT_DBG("%s status 0x%2.2x size %u", hdev->name, rp->status, rp->size);
    1429. 

  1429. 

  1430. 	if (rp->status)
    1431. 

  1431. 		return;
    1432. 

  1432. 

  1433. 	hdev->le_white_list_size = rp->size;
    1434. 

  1434. }
    1435. 

  1435. 

  1436. static void hci_cc_le_clear_white_list(struct hci_dev *hdev,
    1437. 

  1437. 				       struct sk_buff *skb)
    1438. 

  1438. {
    1439. 

  1439. 	__u8 status = *((__u8 *) skb->data);
    1440. 

  1440. 

  1441. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1442. 

  1442. 

  1443. 	if (status)
    1444. 

  1444. 		return;
    1445. 

  1445. 

  1446. 	hci_bdaddr_list_clear(&hdev->le_white_list);
    1447. 

  1447. }
    1448. 

  1448. 

  1449. static void hci_cc_le_add_to_white_list(struct hci_dev *hdev,
    1450. 

  1450. 					struct sk_buff *skb)
    1451. 

  1451. {
    1452. 

  1452. 	struct hci_cp_le_add_to_white_list *sent;
    1453. 

  1453. 	__u8 status = *((__u8 *) skb->data);
    1454. 

  1454. 

  1455. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1456. 

  1456. 

  1457. 	if (status)
    1458. 

  1458. 		return;
    1459. 

  1459. 

  1460. 	sent = hci_sent_cmd_data(hdev, HCI_OP_LE_ADD_TO_WHITE_LIST);
    1461. 

  1461. 	if (!sent)
    1462. 

  1462. 		return;
    1463. 

  1463. 

  1464. 	hci_bdaddr_list_add(&hdev->le_white_list, &sent->bdaddr,
    1465. 

  1465. 			   sent->bdaddr_type);
    1466. 

  1466. }
    1467. 

  1467. 

  1468. static void hci_cc_le_del_from_white_list(struct hci_dev *hdev,
    1469. 

  1469. 					  struct sk_buff *skb)
    1470. 

  1470. {
    1471. 

  1471. 	struct hci_cp_le_del_from_white_list *sent;
    1472. 

  1472. 	__u8 status = *((__u8 *) skb->data);
    1473. 

  1473. 

  1474. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1475. 

  1475. 

  1476. 	if (status)
    1477. 

  1477. 		return;
    1478. 

  1478. 

  1479. 	sent = hci_sent_cmd_data(hdev, HCI_OP_LE_DEL_FROM_WHITE_LIST);
    1480. 

  1480. 	if (!sent)
    1481. 

  1481. 		return;
    1482. 

  1482. 

  1483. 	hci_bdaddr_list_del(&hdev->le_white_list, &sent->bdaddr,
    1484. 

  1484. 			    sent->bdaddr_type);
    1485. 

  1485. }
    1486. 

  1486. 

  1487. static void hci_cc_le_read_supported_states(struct hci_dev *hdev,
    1488. 

  1488. 					    struct sk_buff *skb)
    1489. 

  1489. {
    1490. 

  1490. 	struct hci_rp_le_read_supported_states *rp = (void *) skb->data;
    1491. 

  1491. 

  1492. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    1493. 

  1493. 

  1494. 	if (rp->status)
    1495. 

  1495. 		return;
    1496. 

  1496. 

  1497. 	memcpy(hdev->le_states, rp->le_states, 8);
    1498. 

  1498. }
    1499. 

  1499. 

  1500. static void hci_cc_le_read_def_data_len(struct hci_dev *hdev,
    1501. 

  1501. 					struct sk_buff *skb)
    1502. 

  1502. {
    1503. 

  1503. 	struct hci_rp_le_read_def_data_len *rp = (void *) skb->data;
    1504. 

  1504. 

  1505. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    1506. 

  1506. 

  1507. 	if (rp->status)
    1508. 

  1508. 		return;
    1509. 

  1509. 

  1510. 	hdev->le_def_tx_len = le16_to_cpu(rp->tx_len);
    1511. 

  1511. 	hdev->le_def_tx_time = le16_to_cpu(rp->tx_time);
    1512. 

  1512. }
    1513. 

  1513. 

  1514. static void hci_cc_le_write_def_data_len(struct hci_dev *hdev,
    1515. 

  1515. 					 struct sk_buff *skb)
    1516. 

  1516. {
    1517. 

  1517. 	struct hci_cp_le_write_def_data_len *sent;
    1518. 

  1518. 	__u8 status = *((__u8 *) skb->data);
    1519. 

  1519. 

  1520. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1521. 

  1521. 

  1522. 	if (status)
    1523. 

  1523. 		return;
    1524. 

  1524. 

  1525. 	sent = hci_sent_cmd_data(hdev, HCI_OP_LE_WRITE_DEF_DATA_LEN);
    1526. 

  1526. 	if (!sent)
    1527. 

  1527. 		return;
    1528. 

  1528. 

  1529. 	hdev->le_def_tx_len = le16_to_cpu(sent->tx_len);
    1530. 

  1530. 	hdev->le_def_tx_time = le16_to_cpu(sent->tx_time);
    1531. 

  1531. }
    1532. 

  1532. 

  1533. static void hci_cc_le_add_to_resolv_list(struct hci_dev *hdev,
    1534. 

  1534. 					 struct sk_buff *skb)
    1535. 

  1535. {
    1536. 

  1536. 	struct hci_cp_le_add_to_resolv_list *sent;
    1537. 

  1537. 	__u8 status = *((__u8 *) skb->data);
    1538. 

  1538. 

  1539. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1540. 

  1540. 

  1541. 	if (status)
    1542. 

  1542. 		return;
    1543. 

  1543. 

  1544. 	sent = hci_sent_cmd_data(hdev, HCI_OP_LE_ADD_TO_RESOLV_LIST);
    1545. 

  1545. 	if (!sent)
    1546. 

  1546. 		return;
    1547. 

  1547. 

  1548. 	hci_bdaddr_list_add_with_irk(&hdev->le_resolv_list, &sent->bdaddr,
    1549. 

  1549. 				sent->bdaddr_type, sent->peer_irk,
    1550. 

  1550. 				sent->local_irk);
    1551. 

  1551. }
    1552. 

  1552. 

  1553. static void hci_cc_le_del_from_resolv_list(struct hci_dev *hdev,
    1554. 

  1554. 					  struct sk_buff *skb)
    1555. 

  1555. {
    1556. 

  1556. 	struct hci_cp_le_del_from_resolv_list *sent;
    1557. 

  1557. 	__u8 status = *((__u8 *) skb->data);
    1558. 

  1558. 

  1559. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1560. 

  1560. 

  1561. 	if (status)
    1562. 

  1562. 		return;
    1563. 

  1563. 

  1564. 	sent = hci_sent_cmd_data(hdev, HCI_OP_LE_DEL_FROM_RESOLV_LIST);
    1565. 

  1565. 	if (!sent)
    1566. 

  1566. 		return;
    1567. 

  1567. 

  1568. 	hci_bdaddr_list_del_with_irk(&hdev->le_resolv_list, &sent->bdaddr,
    1569. 

  1569. 			    sent->bdaddr_type);
    1570. 

  1570. }
    1571. 

  1571. 

  1572. static void hci_cc_le_clear_resolv_list(struct hci_dev *hdev,
    1573. 

  1573. 				       struct sk_buff *skb)
    1574. 

  1574. {
    1575. 

  1575. 	__u8 status = *((__u8 *) skb->data);
    1576. 

  1576. 

  1577. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1578. 

  1578. 

  1579. 	if (status)
    1580. 

  1580. 		return;
    1581. 

  1581. 

  1582. 	hci_bdaddr_list_clear(&hdev->le_resolv_list);
    1583. 

  1583. }
    1584. 

  1584. 

  1585. static void hci_cc_le_read_resolv_list_size(struct hci_dev *hdev,
    1586. 

  1586. 					   struct sk_buff *skb)
    1587. 

  1587. {
    1588. 

  1588. 	struct hci_rp_le_read_resolv_list_size *rp = (void *) skb->data;
    1589. 

  1589. 

  1590. 	BT_DBG("%s status 0x%2.2x size %u", hdev->name, rp->status, rp->size);
    1591. 

  1591. 

  1592. 	if (rp->status)
    1593. 

  1593. 		return;
    1594. 

  1594. 

  1595. 	hdev->le_resolv_list_size = rp->size;
    1596. 

  1596. }
    1597. 

  1597. 

  1598. static void hci_cc_le_set_addr_resolution_enable(struct hci_dev *hdev,
    1599. 

  1599. 						struct sk_buff *skb)
    1600. 

  1600. {
    1601. 

  1601. 	__u8 *sent, status = *((__u8 *) skb->data);
    1602. 

  1602. 

  1603. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1604. 

  1604. 

  1605. 	if (status)
    1606. 

  1606. 		return;
    1607. 

  1607. 

  1608. 	sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADDR_RESOLV_ENABLE);
    1609. 

  1609. 	if (!sent)
    1610. 

  1610. 		return;
    1611. 

  1611. 

  1612. 	hci_dev_lock(hdev);
    1613. 

  1613. 

  1614. 	if (*sent)
    1615. 

  1615. 		hci_dev_set_flag(hdev, HCI_LL_RPA_RESOLUTION);
    1616. 

  1616. 	else
    1617. 

  1617. 		hci_dev_clear_flag(hdev, HCI_LL_RPA_RESOLUTION);
    1618. 

  1618. 

  1619. 	hci_dev_unlock(hdev);
    1620. 

  1620. }
    1621. 

  1621. 

  1622. static void hci_cc_le_read_max_data_len(struct hci_dev *hdev,
    1623. 

  1623. 					struct sk_buff *skb)
    1624. 

  1624. {
    1625. 

  1625. 	struct hci_rp_le_read_max_data_len *rp = (void *) skb->data;
    1626. 

  1626. 

  1627. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    1628. 

  1628. 

  1629. 	if (rp->status)
    1630. 

  1630. 		return;
    1631. 

  1631. 

  1632. 	hdev->le_max_tx_len = le16_to_cpu(rp->tx_len);
    1633. 

  1633. 	hdev->le_max_tx_time = le16_to_cpu(rp->tx_time);
    1634. 

  1634. 	hdev->le_max_rx_len = le16_to_cpu(rp->rx_len);
    1635. 

  1635. 	hdev->le_max_rx_time = le16_to_cpu(rp->rx_time);
    1636. 

  1636. }
    1637. 

  1637. 

  1638. static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
    1639. 

  1639. 					   struct sk_buff *skb)
    1640. 

  1640. {
    1641. 

  1641. 	struct hci_cp_write_le_host_supported *sent;
    1642. 

  1642. 	__u8 status = *((__u8 *) skb->data);
    1643. 

  1643. 

  1644. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1645. 

  1645. 

  1646. 	if (status)
    1647. 

  1647. 		return;
    1648. 

  1648. 

  1649. 	sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED);
    1650. 

  1650. 	if (!sent)
    1651. 

  1651. 		return;
    1652. 

  1652. 

  1653. 	hci_dev_lock(hdev);
    1654. 

  1654. 

  1655. 	if (sent->le) {
    1656. 

  1656. 		hdev->features[1][0] |= LMP_HOST_LE;
    1657. 

  1657. 		hci_dev_set_flag(hdev, HCI_LE_ENABLED);
    1658. 

  1658. 	} else {
    1659. 

  1659. 		hdev->features[1][0] &= ~LMP_HOST_LE;
    1660. 

  1660. 		hci_dev_clear_flag(hdev, HCI_LE_ENABLED);
    1661. 

  1661. 		hci_dev_clear_flag(hdev, HCI_ADVERTISING);
    1662. 

  1662. 	}
    1663. 

  1663. 

  1664. 	if (sent->simul)
    1665. 

  1665. 		hdev->features[1][0] |= LMP_HOST_LE_BREDR;
    1666. 

  1666. 	else
    1667. 

  1667. 		hdev->features[1][0] &= ~LMP_HOST_LE_BREDR;
    1668. 

  1668. 

  1669. 	hci_dev_unlock(hdev);
    1670. 

  1670. }
    1671. 

  1671. 

  1672. static void hci_cc_set_adv_param(struct hci_dev *hdev, struct sk_buff *skb)
    1673. 

  1673. {
    1674. 

  1674. 	struct hci_cp_le_set_adv_param *cp;
    1675. 

  1675. 	u8 status = *((u8 *) skb->data);
    1676. 

  1676. 

  1677. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1678. 

  1678. 

  1679. 	if (status)
    1680. 

  1680. 		return;
    1681. 

  1681. 

  1682. 	cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_PARAM);
    1683. 

  1683. 	if (!cp)
    1684. 

  1684. 		return;
    1685. 

  1685. 

  1686. 	hci_dev_lock(hdev);
    1687. 

  1687. 	hdev->adv_addr_type = cp->own_address_type;
    1688. 

  1688. 	hci_dev_unlock(hdev);
    1689. 

  1689. }
    1690. 

  1690. 

  1691. static void hci_cc_set_ext_adv_param(struct hci_dev *hdev, struct sk_buff *skb)
    1692. 

  1692. {
    1693. 

  1693. 	struct hci_rp_le_set_ext_adv_params *rp = (void *) skb->data;
    1694. 

  1694. 	struct hci_cp_le_set_ext_adv_params *cp;
    1695. 

  1695. 	struct adv_info *adv_instance;
    1696. 

  1696. 

  1697. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    1698. 

  1698. 

  1699. 	if (rp->status)
    1700. 

  1700. 		return;
    1701. 

  1701. 

  1702. 	cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_EXT_ADV_PARAMS);
    1703. 

  1703. 	if (!cp)
    1704. 

  1704. 		return;
    1705. 

  1705. 

  1706. 	hci_dev_lock(hdev);
    1707. 

  1707. 	hdev->adv_addr_type = cp->own_addr_type;
    1708. 

  1708. 	if (!hdev->cur_adv_instance) {
    1709. 

  1709. 		/* Store in hdev for instance 0 */
    1710. 

  1710. 		hdev->adv_tx_power = rp->tx_power;
    1711. 

  1711. 	} else {
    1712. 

  1712. 		adv_instance = hci_find_adv_instance(hdev,
    1713. 

  1713. 						     hdev->cur_adv_instance);
    1714. 

  1714. 		if (adv_instance)
    1715. 

  1715. 			adv_instance->tx_power = rp->tx_power;
    1716. 

  1716. 	}
    1717. 

  1717. 	/* Update adv data as tx power is known now */
    1718. 

  1718. 	hci_req_update_adv_data(hdev, hdev->cur_adv_instance);
    1719. 

  1719. 	hci_dev_unlock(hdev);
    1720. 

  1720. }
    1721. 

  1721. 

  1722. static void hci_cc_read_rssi(struct hci_dev *hdev, struct sk_buff *skb)
    1723. 

  1723. {
    1724. 

  1724. 	struct hci_rp_read_rssi *rp = (void *) skb->data;
    1725. 

  1725. 	struct hci_conn *conn;
    1726. 

  1726. 

  1727. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    1728. 

  1728. 

  1729. 	if (rp->status)
    1730. 

  1730. 		return;
    1731. 

  1731. 

  1732. 	hci_dev_lock(hdev);
    1733. 

  1733. 

  1734. 	conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
    1735. 

  1735. 	if (conn)
    1736. 

  1736. 		conn->rssi = rp->rssi;
    1737. 

  1737. 

  1738. 	hci_dev_unlock(hdev);
    1739. 

  1739. }
    1740. 

  1740. 

  1741. static void hci_cc_read_tx_power(struct hci_dev *hdev, struct sk_buff *skb)
    1742. 

  1742. {
    1743. 

  1743. 	struct hci_cp_read_tx_power *sent;
    1744. 

  1744. 	struct hci_rp_read_tx_power *rp = (void *) skb->data;
    1745. 

  1745. 	struct hci_conn *conn;
    1746. 

  1746. 

  1747. 	BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
    1748. 

  1748. 

  1749. 	if (rp->status)
    1750. 

  1750. 		return;
    1751. 

  1751. 

  1752. 	sent = hci_sent_cmd_data(hdev, HCI_OP_READ_TX_POWER);
    1753. 

  1753. 	if (!sent)
    1754. 

  1754. 		return;
    1755. 

  1755. 

  1756. 	hci_dev_lock(hdev);
    1757. 

  1757. 

  1758. 	conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
    1759. 

  1759. 	if (!conn)
    1760. 

  1760. 		goto unlock;
    1761. 

  1761. 

  1762. 	switch (sent->type) {
    1763. 

  1763. 	case 0x00:
    1764. 

  1764. 		conn->tx_power = rp->tx_power;
    1765. 

  1765. 		break;
    1766. 

  1766. 	case 0x01:
    1767. 

  1767. 		conn->max_tx_power = rp->tx_power;
    1768. 

  1768. 		break;
    1769. 

  1769. 	}
    1770. 

  1770. 

  1771. unlock:
    1772. 

  1772. 	hci_dev_unlock(hdev);
    1773. 

  1773. }
    1774. 

  1774. 

  1775. static void hci_cc_write_ssp_debug_mode(struct hci_dev *hdev, struct sk_buff *skb)
    1776. 

  1776. {
    1777. 

  1777. 	u8 status = *((u8 *) skb->data);
    1778. 

  1778. 	u8 *mode;
    1779. 

  1779. 

  1780. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1781. 

  1781. 

  1782. 	if (status)
    1783. 

  1783. 		return;
    1784. 

  1784. 

  1785. 	mode = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_DEBUG_MODE);
    1786. 

  1786. 	if (mode)
    1787. 

  1787. 		hdev->ssp_debug_mode = *mode;
    1788. 

  1788. }
    1789. 

  1789. 

  1790. static void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
    1791. 

  1791. {
    1792. 

  1792. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1793. 

  1793. 

  1794. 	if (status) {
    1795. 

  1795. 		hci_conn_check_pending(hdev);
    1796. 

  1796. 		return;
    1797. 

  1797. 	}
    1798. 

  1798. 

  1799. 	set_bit(HCI_INQUIRY, &hdev->flags);
    1800. 

  1800. }
    1801. 

  1801. 

  1802. static void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
    1803. 

  1803. {
    1804. 

  1804. 	struct hci_cp_create_conn *cp;
    1805. 

  1805. 	struct hci_conn *conn;
    1806. 

  1806. 

  1807. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1808. 

  1808. 

  1809. 	cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
    1810. 

  1810. 	if (!cp)
    1811. 

  1811. 		return;
    1812. 

  1812. 

  1813. 	hci_dev_lock(hdev);
    1814. 

  1814. 

  1815. 	conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
    1816. 

  1816. 

  1817. 	BT_DBG("%s bdaddr %pMR hcon %p", hdev->name, &cp->bdaddr, conn);
    1818. 

  1818. 

  1819. 	if (status) {
    1820. 

  1820. 		if (conn && conn->state == BT_CONNECT) {
    1821. 

  1821. 			if (status != 0x0c || conn->attempt > 2) {
    1822. 

  1822. 				conn->state = BT_CLOSED;
    1823. 

  1823. 				hci_connect_cfm(conn, status);
    1824. 

  1824. 				hci_conn_del(conn);
    1825. 

  1825. 			} else
    1826. 

  1826. 				conn->state = BT_CONNECT2;
    1827. 

  1827. 		}
    1828. 

  1828. 	} else {
    1829. 

  1829. 		if (!conn) {
    1830. 

  1830. 			conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr,
    1831. 

  1831. 					    HCI_ROLE_MASTER);
    1832. 

  1832. 			if (!conn)
    1833. 

  1833. 				bt_dev_err(hdev, "no memory for new connection");
    1834. 

  1834. 		}
    1835. 

  1835. 	}
    1836. 

  1836. 

  1837. 	hci_dev_unlock(hdev);
    1838. 

  1838. }
    1839. 

  1839. 

  1840. static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
    1841. 

  1841. {
    1842. 

  1842. 	struct hci_cp_add_sco *cp;
    1843. 

  1843. 	struct hci_conn *acl, *sco;
    1844. 

  1844. 	__u16 handle;
    1845. 

  1845. 

  1846. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1847. 

  1847. 

  1848. 	if (!status)
    1849. 

  1849. 		return;
    1850. 

  1850. 

  1851. 	cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
    1852. 

  1852. 	if (!cp)
    1853. 

  1853. 		return;
    1854. 

  1854. 

  1855. 	handle = __le16_to_cpu(cp->handle);
    1856. 

  1856. 

  1857. 	BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
    1858. 

  1858. 

  1859. 	hci_dev_lock(hdev);
    1860. 

  1860. 

  1861. 	acl = hci_conn_hash_lookup_handle(hdev, handle);
    1862. 

  1862. 	if (acl) {
    1863. 

  1863. 		sco = acl->link;
    1864. 

  1864. 		if (sco) {
    1865. 

  1865. 			sco->state = BT_CLOSED;
    1866. 

  1866. 

  1867. 			hci_connect_cfm(sco, status);
    1868. 

  1868. 			hci_conn_del(sco);
    1869. 

  1869. 		}
    1870. 

  1870. 	}
    1871. 

  1871. 

  1872. 	hci_dev_unlock(hdev);
    1873. 

  1873. }
    1874. 

  1874. 

  1875. static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
    1876. 

  1876. {
    1877. 

  1877. 	struct hci_cp_auth_requested *cp;
    1878. 

  1878. 	struct hci_conn *conn;
    1879. 

  1879. 

  1880. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1881. 

  1881. 

  1882. 	if (!status)
    1883. 

  1883. 		return;
    1884. 

  1884. 

  1885. 	cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
    1886. 

  1886. 	if (!cp)
    1887. 

  1887. 		return;
    1888. 

  1888. 

  1889. 	hci_dev_lock(hdev);
    1890. 

  1890. 

  1891. 	conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
    1892. 

  1892. 	if (conn) {
    1893. 

  1893. 		if (conn->state == BT_CONFIG) {
    1894. 

  1894. 			hci_connect_cfm(conn, status);
    1895. 

  1895. 			hci_conn_drop(conn);
    1896. 

  1896. 		}
    1897. 

  1897. 	}
    1898. 

  1898. 

  1899. 	hci_dev_unlock(hdev);
    1900. 

  1900. }
    1901. 

  1901. 

  1902. static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
    1903. 

  1903. {
    1904. 

  1904. 	struct hci_cp_set_conn_encrypt *cp;
    1905. 

  1905. 	struct hci_conn *conn;
    1906. 

  1906. 

  1907. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    1908. 

  1908. 

  1909. 	if (!status)
    1910. 

  1910. 		return;
    1911. 

  1911. 

  1912. 	cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
    1913. 

  1913. 	if (!cp)
    1914. 

  1914. 		return;
    1915. 

  1915. 

  1916. 	hci_dev_lock(hdev);
    1917. 

  1917. 

  1918. 	conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
    1919. 

  1919. 	if (conn) {
    1920. 

  1920. 		if (conn->state == BT_CONFIG) {
    1921. 

  1921. 			hci_connect_cfm(conn, status);
    1922. 

  1922. 			hci_conn_drop(conn);
    1923. 

  1923. 		}
    1924. 

  1924. 	}
    1925. 

  1925. 

  1926. 	hci_dev_unlock(hdev);
    1927. 

  1927. }
    1928. 

  1928. 

  1929. static int hci_outgoing_auth_needed(struct hci_dev *hdev,
    1930. 

  1930. 				    struct hci_conn *conn)
    1931. 

  1931. {
    1932. 

  1932. 	if (conn->state != BT_CONFIG || !conn->out)
    1933. 

  1933. 		return 0;
    1934. 

  1934. 

  1935. 	if (conn->pending_sec_level == BT_SECURITY_SDP)
    1936. 

  1936. 		return 0;
    1937. 

  1937. 

  1938. 	/* Only request authentication for SSP connections or non-SSP
    1939. 

  1939. 	 * devices with sec_level MEDIUM or HIGH or if MITM protection
    1940. 

  1940. 	 * is requested.
    1941. 

  1941. 	 */
    1942. 

  1942. 	if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) &&
    1943. 

  1943. 	    conn->pending_sec_level != BT_SECURITY_FIPS &&
    1944. 

  1944. 	    conn->pending_sec_level != BT_SECURITY_HIGH &&
    1945. 

  1945. 	    conn->pending_sec_level != BT_SECURITY_MEDIUM)
    1946. 

  1946. 		return 0;
    1947. 

  1947. 

  1948. 	return 1;
    1949. 

  1949. }
    1950. 

  1950. 

  1951. static int hci_resolve_name(struct hci_dev *hdev,
    1952. 

  1952. 				   struct inquiry_entry *e)
    1953. 

  1953. {
    1954. 

  1954. 	struct hci_cp_remote_name_req cp;
    1955. 

  1955. 

  1956. 	memset(&cp, 0, sizeof(cp));
    1957. 

  1957. 

  1958. 	bacpy(&cp.bdaddr, &e->data.bdaddr);
    1959. 

  1959. 	cp.pscan_rep_mode = e->data.pscan_rep_mode;
    1960. 

  1960. 	cp.pscan_mode = e->data.pscan_mode;
    1961. 

  1961. 	cp.clock_offset = e->data.clock_offset;
    1962. 

  1962. 

  1963. 	return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
    1964. 

  1964. }
    1965. 

  1965. 

  1966. static bool hci_resolve_next_name(struct hci_dev *hdev)
    1967. 

  1967. {
    1968. 

  1968. 	struct discovery_state *discov = &hdev->discovery;
    1969. 

  1969. 	struct inquiry_entry *e;
    1970. 

  1970. 

  1971. 	if (list_empty(&discov->resolve))
    1972. 

  1972. 		return false;
    1973. 

  1973. 

  1974. 	e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
    1975. 

  1975. 	if (!e)
    1976. 

  1976. 		return false;
    1977. 

  1977. 

  1978. 	if (hci_resolve_name(hdev, e) == 0) {
    1979. 

  1979. 		e->name_state = NAME_PENDING;
    1980. 

  1980. 		return true;
    1981. 

  1981. 	}
    1982. 

  1982. 

  1983. 	return false;
    1984. 

  1984. }
    1985. 

  1985. 

  1986. static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
    1987. 

  1987. 				   bdaddr_t *bdaddr, u8 *name, u8 name_len)
    1988. 

  1988. {
    1989. 

  1989. 	struct discovery_state *discov = &hdev->discovery;
    1990. 

  1990. 	struct inquiry_entry *e;
    1991. 

  1991. 

  1992. 	/* Update the mgmt connected state if necessary. Be careful with
    1993. 

  1993. 	 * conn objects that exist but are not (yet) connected however.
    1994. 

  1994. 	 * Only those in BT_CONFIG or BT_CONNECTED states can be
    1995. 

  1995. 	 * considered connected.
    1996. 

  1996. 	 */
    1997. 

  1997. 	if (conn &&
    1998. 

  1998. 	    (conn->state == BT_CONFIG || conn->state == BT_CONNECTED) &&
    1999. 

  1999. 	    !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
    2000. 

  2000. 		mgmt_device_connected(hdev, conn, 0, name, name_len);
    2001. 

  2001. 

  2002. 	if (discov->state == DISCOVERY_STOPPED)
    2003. 

  2003. 		return;
    2004. 

  2004. 

  2005. 	if (discov->state == DISCOVERY_STOPPING)
    2006. 

  2006. 		goto discov_complete;
    2007. 

  2007. 

  2008. 	if (discov->state != DISCOVERY_RESOLVING)
    2009. 

  2009. 		return;
    2010. 

  2010. 

  2011. 	e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
    2012. 

  2012. 	/* If the device was not found in a list of found devices names of which
    2013. 

  2013. 	 * are pending. there is no need to continue resolving a next name as it
    2014. 

  2014. 	 * will be done upon receiving another Remote Name Request Complete
    2015. 

  2015. 	 * Event */
    2016. 

  2016. 	if (!e)
    2017. 

  2017. 		return;
    2018. 

  2018. 

  2019. 	list_del(&e->list);
    2020. 

  2020. 	if (name) {
    2021. 

  2021. 		e->name_state = NAME_KNOWN;
    2022. 

  2022. 		mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
    2023. 

  2023. 				 e->data.rssi, name, name_len);
    2024. 

  2024. 	} else {
    2025. 

  2025. 		e->name_state = NAME_NOT_KNOWN;
    2026. 

  2026. 	}
    2027. 

  2027. 

  2028. 	if (hci_resolve_next_name(hdev))
    2029. 

  2029. 		return;
    2030. 

  2030. 

  2031. discov_complete:
    2032. 

  2032. 	hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
    2033. 

  2033. }
    2034. 

  2034. 

  2035. static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
    2036. 

  2036. {
    2037. 

  2037. 	struct hci_cp_remote_name_req *cp;
    2038. 

  2038. 	struct hci_conn *conn;
    2039. 

  2039. 

  2040. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    2041. 

  2041. 

  2042. 	/* If successful wait for the name req complete event before
    2043. 

  2043. 	 * checking for the need to do authentication */
    2044. 

  2044. 	if (!status)
    2045. 

  2045. 		return;
    2046. 

  2046. 

  2047. 	cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
    2048. 

  2048. 	if (!cp)
    2049. 

  2049. 		return;
    2050. 

  2050. 

  2051. 	hci_dev_lock(hdev);
    2052. 

  2052. 

  2053. 	conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
    2054. 

  2054. 

  2055. 	if (hci_dev_test_flag(hdev, HCI_MGMT))
    2056. 

  2056. 		hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
    2057. 

  2057. 

  2058. 	if (!conn)
    2059. 

  2059. 		goto unlock;
    2060. 

  2060. 

  2061. 	if (!hci_outgoing_auth_needed(hdev, conn))
    2062. 

  2062. 		goto unlock;
    2063. 

  2063. 

  2064. 	if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
    2065. 

  2065. 		struct hci_cp_auth_requested auth_cp;
    2066. 

  2066. 

  2067. 		set_bit(HCI_CONN_AUTH_INITIATOR, &conn->flags);
    2068. 

  2068. 

  2069. 		auth_cp.handle = __cpu_to_le16(conn->handle);
    2070. 

  2070. 		hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED,
    2071. 

  2071. 			     sizeof(auth_cp), &auth_cp);
    2072. 

  2072. 	}
    2073. 

  2073. 

  2074. unlock:
    2075. 

  2075. 	hci_dev_unlock(hdev);
    2076. 

  2076. }
    2077. 

  2077. 

  2078. static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
    2079. 

  2079. {
    2080. 

  2080. 	struct hci_cp_read_remote_features *cp;
    2081. 

  2081. 	struct hci_conn *conn;
    2082. 

  2082. 

  2083. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    2084. 

  2084. 

  2085. 	if (!status)
    2086. 

  2086. 		return;
    2087. 

  2087. 

  2088. 	cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
    2089. 

  2089. 	if (!cp)
    2090. 

  2090. 		return;
    2091. 

  2091. 

  2092. 	hci_dev_lock(hdev);
    2093. 

  2093. 

  2094. 	conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
    2095. 

  2095. 	if (conn) {
    2096. 

  2096. 		if (conn->state == BT_CONFIG) {
    2097. 

  2097. 			hci_connect_cfm(conn, status);
    2098. 

  2098. 			hci_conn_drop(conn);
    2099. 

  2099. 		}
    2100. 

  2100. 	}
    2101. 

  2101. 

  2102. 	hci_dev_unlock(hdev);
    2103. 

  2103. }
    2104. 

  2104. 

  2105. static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
    2106. 

  2106. {
    2107. 

  2107. 	struct hci_cp_read_remote_ext_features *cp;
    2108. 

  2108. 	struct hci_conn *conn;
    2109. 

  2109. 

  2110. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    2111. 

  2111. 

  2112. 	if (!status)
    2113. 

  2113. 		return;
    2114. 

  2114. 

  2115. 	cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
    2116. 

  2116. 	if (!cp)
    2117. 

  2117. 		return;
    2118. 

  2118. 

  2119. 	hci_dev_lock(hdev);
    2120. 

  2120. 

  2121. 	conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
    2122. 

  2122. 	if (conn) {
    2123. 

  2123. 		if (conn->state == BT_CONFIG) {
    2124. 

  2124. 			hci_connect_cfm(conn, status);
    2125. 

  2125. 			hci_conn_drop(conn);
    2126. 

  2126. 		}
    2127. 

  2127. 	}
    2128. 

  2128. 

  2129. 	hci_dev_unlock(hdev);
    2130. 

  2130. }
    2131. 

  2131. 

  2132. static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
    2133. 

  2133. {
    2134. 

  2134. 	struct hci_cp_setup_sync_conn *cp;
    2135. 

  2135. 	struct hci_conn *acl, *sco;
    2136. 

  2136. 	__u16 handle;
    2137. 

  2137. 

  2138. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    2139. 

  2139. 

  2140. 	if (!status)
    2141. 

  2141. 		return;
    2142. 

  2142. 

  2143. 	cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
    2144. 

  2144. 	if (!cp)
    2145. 

  2145. 		return;
    2146. 

  2146. 

  2147. 	handle = __le16_to_cpu(cp->handle);
    2148. 

  2148. 

  2149. 	BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
    2150. 

  2150. 

  2151. 	hci_dev_lock(hdev);
    2152. 

  2152. 

  2153. 	acl = hci_conn_hash_lookup_handle(hdev, handle);
    2154. 

  2154. 	if (acl) {
    2155. 

  2155. 		sco = acl->link;
    2156. 

  2156. 		if (sco) {
    2157. 

  2157. 			sco->state = BT_CLOSED;
    2158. 

  2158. 

  2159. 			hci_connect_cfm(sco, status);
    2160. 

  2160. 			hci_conn_del(sco);
    2161. 

  2161. 		}
    2162. 

  2162. 	}
    2163. 

  2163. 

  2164. 	hci_dev_unlock(hdev);
    2165. 

  2165. }
    2166. 

  2166. 

  2167. static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
    2168. 

  2168. {
    2169. 

  2169. 	struct hci_cp_sniff_mode *cp;
    2170. 

  2170. 	struct hci_conn *conn;
    2171. 

  2171. 

  2172. 	BT_DBG("%s status 0x%2.2x", hdev->name, status);
    2173. 

  2173. 

  2174. 	if (!status)
    2175. 

  2175. 		return;
    2176. 

  2176. 

  2177. 	cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
    2178. 

  2178. 	if (!cp)
    2179. 

  2179. 		return;
    2180. 

  2180. 

  2181. 	hci_dev_lock(hdev);
    2182. 

  2182. 

  2183. 	conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
    2184. 

  2184. 	if (conn) {
    2185. 

  2185. 		clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
    2186. 

  2186. 

  2187. 		if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
    2188. 

  2188. 			hci_sco_setup(c
    2189.