projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Simplify UUIDs clearing code
[deliverable/linux.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
ea585ab5 3
0381101f 4 Copyright (C) 2010 Nokia Corporation
ea585ab5 5 Copyright (C) 2011-2012 Intel Corporation
0381101f
JH		 6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI Management interface */
26
3a9a231d 27#include <linux/module.h>
0381101f
JH		 28#include <asm/unaligned.h>
29
30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h>
32#include <net/bluetooth/mgmt.h>
5fe57d9e 33#include <net/bluetooth/smp.h>
0381101f 34
d7b7e796 35bool enable_hs;
d7b7e796 36
2da9c55c 37#define MGMT_VERSION 1
23b3b133 38#define MGMT_REVISION 2
02d98129 39
e70bb2e8
JH		 40static const u16 mgmt_commands[] = {
41 MGMT_OP_READ_INDEX_LIST,
42 MGMT_OP_READ_INFO,
43 MGMT_OP_SET_POWERED,
44 MGMT_OP_SET_DISCOVERABLE,
45 MGMT_OP_SET_CONNECTABLE,
46 MGMT_OP_SET_FAST_CONNECTABLE,
47 MGMT_OP_SET_PAIRABLE,
48 MGMT_OP_SET_LINK_SECURITY,
49 MGMT_OP_SET_SSP,
50 MGMT_OP_SET_HS,
51 MGMT_OP_SET_LE,
52 MGMT_OP_SET_DEV_CLASS,
53 MGMT_OP_SET_LOCAL_NAME,
54 MGMT_OP_ADD_UUID,
55 MGMT_OP_REMOVE_UUID,
56 MGMT_OP_LOAD_LINK_KEYS,
57 MGMT_OP_LOAD_LONG_TERM_KEYS,
58 MGMT_OP_DISCONNECT,
59 MGMT_OP_GET_CONNECTIONS,
60 MGMT_OP_PIN_CODE_REPLY,
61 MGMT_OP_PIN_CODE_NEG_REPLY,
62 MGMT_OP_SET_IO_CAPABILITY,
63 MGMT_OP_PAIR_DEVICE,
64 MGMT_OP_CANCEL_PAIR_DEVICE,
65 MGMT_OP_UNPAIR_DEVICE,
66 MGMT_OP_USER_CONFIRM_REPLY,
67 MGMT_OP_USER_CONFIRM_NEG_REPLY,
68 MGMT_OP_USER_PASSKEY_REPLY,
69 MGMT_OP_USER_PASSKEY_NEG_REPLY,
70 MGMT_OP_READ_LOCAL_OOB_DATA,
71 MGMT_OP_ADD_REMOTE_OOB_DATA,
72 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
73 MGMT_OP_START_DISCOVERY,
74 MGMT_OP_STOP_DISCOVERY,
75 MGMT_OP_CONFIRM_NAME,
76 MGMT_OP_BLOCK_DEVICE,
77 MGMT_OP_UNBLOCK_DEVICE,
cdbaccca 78 MGMT_OP_SET_DEVICE_ID,
e70bb2e8
JH		 79};
80
81static const u16 mgmt_events[] = {
82 MGMT_EV_CONTROLLER_ERROR,
83 MGMT_EV_INDEX_ADDED,
84 MGMT_EV_INDEX_REMOVED,
85 MGMT_EV_NEW_SETTINGS,
86 MGMT_EV_CLASS_OF_DEV_CHANGED,
87 MGMT_EV_LOCAL_NAME_CHANGED,
88 MGMT_EV_NEW_LINK_KEY,
89 MGMT_EV_NEW_LONG_TERM_KEY,
90 MGMT_EV_DEVICE_CONNECTED,
91 MGMT_EV_DEVICE_DISCONNECTED,
92 MGMT_EV_CONNECT_FAILED,
93 MGMT_EV_PIN_CODE_REQUEST,
94 MGMT_EV_USER_CONFIRM_REQUEST,
95 MGMT_EV_USER_PASSKEY_REQUEST,
96 MGMT_EV_AUTH_FAILED,
97 MGMT_EV_DEVICE_FOUND,
98 MGMT_EV_DISCOVERING,
99 MGMT_EV_DEVICE_BLOCKED,
100 MGMT_EV_DEVICE_UNBLOCKED,
101 MGMT_EV_DEVICE_UNPAIRED,
92a25256 102 MGMT_EV_PASSKEY_NOTIFY,
e70bb2e8
JH		 103};
104
3fd24153
AG		 105/*
106 * These LE scan and inquiry parameters were chosen according to LE General
107 * Discovery Procedure specification.
108 */
109#define LE_SCAN_TYPE 0x01
110#define LE_SCAN_WIN 0x12
111#define LE_SCAN_INT 0x12
112#define LE_SCAN_TIMEOUT_LE_ONLY 10240 /* TGAP(gen_disc_scan_min) */
5e0452c0 113#define LE_SCAN_TIMEOUT_BREDR_LE 5120 /* TGAP(100)/2 */
3fd24153 114
e8777525 115#define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
5e0452c0 116#define INQUIRY_LEN_BREDR_LE 0x04 /* TGAP(100)/2 */
2519a1fc 117
17b02e62 118#define CACHE_TIMEOUT msecs_to_jiffies(2 * 1000)
7d78525d 119
4b34ee78
JH		 120#define hdev_is_powered(hdev) (test_bit(HCI_UP, &hdev->flags) && \
121 !test_bit(HCI_AUTO_OFF, &hdev->dev_flags))
122
eec8d2bc
JH		 123struct pending_cmd {
124 struct list_head list;
fc2f4b13 125 u16 opcode;
eec8d2bc 126 int index;
c68fb7ff 127 void *param;
eec8d2bc 128 struct sock *sk;
e9a416b5 129 void *user_data;
eec8d2bc
JH		 130};
131
ca69b795
JH		 132/* HCI to MGMT error code conversion table */
133static u8 mgmt_status_table[] = {
134 MGMT_STATUS_SUCCESS,
135 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
136 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
137 MGMT_STATUS_FAILED, /* Hardware Failure */
138 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
139 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
140 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
141 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
142 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
143 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
144 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
145 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
146 MGMT_STATUS_BUSY, /* Command Disallowed */
147 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
148 MGMT_STATUS_REJECTED, /* Rejected Security */
149 MGMT_STATUS_REJECTED, /* Rejected Personal */
150 MGMT_STATUS_TIMEOUT, /* Host Timeout */
151 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
152 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
153 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
154 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
155 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
156 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
157 MGMT_STATUS_BUSY, /* Repeated Attempts */
158 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
159 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
160 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
161 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
162 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
163 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
164 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
165 MGMT_STATUS_FAILED, /* Unspecified Error */
166 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
167 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
168 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
169 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
170 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
171 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
172 MGMT_STATUS_FAILED, /* Unit Link Key Used */
173 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
174 MGMT_STATUS_TIMEOUT, /* Instant Passed */
175 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
176 MGMT_STATUS_FAILED, /* Transaction Collision */
177 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
178 MGMT_STATUS_REJECTED, /* QoS Rejected */
179 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
180 MGMT_STATUS_REJECTED, /* Insufficient Security */
181 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
182 MGMT_STATUS_BUSY, /* Role Switch Pending */
183 MGMT_STATUS_FAILED, /* Slot Violation */
184 MGMT_STATUS_FAILED, /* Role Switch Failed */
185 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
186 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
187 MGMT_STATUS_BUSY, /* Host Busy Pairing */
188 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
189 MGMT_STATUS_BUSY, /* Controller Busy */
190 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
191 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
192 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
193 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
194 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
195};
196
bb4b2a9a
AE		 197bool mgmt_valid_hdev(struct hci_dev *hdev)
198{
199 return hdev->dev_type == HCI_BREDR;
200}
201
ca69b795
JH		 202static u8 mgmt_status(u8 hci_status)
203{
204 if (hci_status < ARRAY_SIZE(mgmt_status_table))
205 return mgmt_status_table[hci_status];
206
207 return MGMT_STATUS_FAILED;
208}
209
4e51eae9 210static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 211{
212 struct sk_buff *skb;
213 struct mgmt_hdr *hdr;
214 struct mgmt_ev_cmd_status *ev;
56b7d137 215 int err;
f7b64e69 216
34eb525c 217 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69 218
790eff44 219 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_KERNEL);
f7b64e69
JH		 220 if (!skb)
221 return -ENOMEM;
222
223 hdr = (void *) skb_put(skb, sizeof(*hdr));
224
612dfce9 225 hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 226 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 227 hdr->len = cpu_to_le16(sizeof(*ev));
228
229 ev = (void *) skb_put(skb, sizeof(*ev));
230 ev->status = status;
eb55ef07 231 ev->opcode = cpu_to_le16(cmd);
f7b64e69 232
56b7d137
GP		 233 err = sock_queue_rcv_skb(sk, skb);
234 if (err < 0)
f7b64e69
JH		 235 kfree_skb(skb);
236
56b7d137 237 return err;
f7b64e69
JH		 238}
239
aee9b218 240static int cmd_complete(struct sock *sk, u16 index, u16 cmd, u8 status,
04124681 241 void *rp, size_t rp_len)
02d98129
JH		 242{
243 struct sk_buff *skb;
244 struct mgmt_hdr *hdr;
245 struct mgmt_ev_cmd_complete *ev;
56b7d137 246 int err;
02d98129
JH		 247
248 BT_DBG("sock %p", sk);
249
790eff44 250 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_KERNEL);
02d98129
JH		 251 if (!skb)
252 return -ENOMEM;
253
254 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 255
612dfce9 256 hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 257 hdr->index = cpu_to_le16(index);
a38528f1 258 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 259
a38528f1 260 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
eb55ef07 261 ev->opcode = cpu_to_le16(cmd);
aee9b218 262 ev->status = status;
8020c16a
SJ		 263
264 if (rp)
265 memcpy(ev->data, rp, rp_len);
02d98129 266
56b7d137
GP		 267 err = sock_queue_rcv_skb(sk, skb);
268 if (err < 0)
02d98129
JH		 269 kfree_skb(skb);
270
e5f0e151 271 return err;
02d98129
JH		 272}
273
04124681
GP		 274static int read_version(struct sock *sk, struct hci_dev *hdev, void *data,
275 u16 data_len)
a38528f1
JH		 276{
277 struct mgmt_rp_read_version rp;
278
279 BT_DBG("sock %p", sk);
280
281 rp.version = MGMT_VERSION;
eb55ef07 282 rp.revision = __constant_cpu_to_le16(MGMT_REVISION);
a38528f1 283
aee9b218 284 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, 0, &rp,
04124681 285 sizeof(rp));
a38528f1
JH		 286}
287
04124681
GP		 288static int read_commands(struct sock *sk, struct hci_dev *hdev, void *data,
289 u16 data_len)
e70bb2e8
JH		 290{
291 struct mgmt_rp_read_commands *rp;
eb55ef07
MH		 292 const u16 num_commands = ARRAY_SIZE(mgmt_commands);
293 const u16 num_events = ARRAY_SIZE(mgmt_events);
2e3c35ea 294 __le16 *opcode;
e70bb2e8
JH		 295 size_t rp_size;
296 int i, err;
297
298 BT_DBG("sock %p", sk);
299
300 rp_size = sizeof(*rp) + ((num_commands + num_events) * sizeof(u16));
301
302 rp = kmalloc(rp_size, GFP_KERNEL);
303 if (!rp)
304 return -ENOMEM;
305
eb55ef07
MH		 306 rp->num_commands = __constant_cpu_to_le16(num_commands);
307 rp->num_events = __constant_cpu_to_le16(num_events);
e70bb2e8
JH		 308
309 for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++)
310 put_unaligned_le16(mgmt_commands[i], opcode);
311
312 for (i = 0; i < num_events; i++, opcode++)
313 put_unaligned_le16(mgmt_events[i], opcode);
314
aee9b218 315 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0, rp,
04124681 316 rp_size);
e70bb2e8
JH		 317 kfree(rp);
318
319 return err;
320}
321
04124681
GP		 322static int read_index_list(struct sock *sk, struct hci_dev *hdev, void *data,
323 u16 data_len)
faba42eb 324{
faba42eb 325 struct mgmt_rp_read_index_list *rp;
8035ded4 326 struct hci_dev *d;
a38528f1 327 size_t rp_len;
faba42eb 328 u16 count;
476e44cb 329 int err;
faba42eb
JH		 330
331 BT_DBG("sock %p", sk);
332
333 read_lock(&hci_dev_list_lock);
334
335 count = 0;
bb4b2a9a
AE		 336 list_for_each_entry(d, &hci_dev_list, list) {
337 if (!mgmt_valid_hdev(d))
338 continue;
339
faba42eb
JH		 340 count++;
341 }
342
a38528f1
JH		 343 rp_len = sizeof(*rp) + (2 * count);
344 rp = kmalloc(rp_len, GFP_ATOMIC);
345 if (!rp) {
b2c60d42 346 read_unlock(&hci_dev_list_lock);
faba42eb 347 return -ENOMEM;
b2c60d42 348 }
faba42eb 349
476e44cb 350 count = 0;
8035ded4 351 list_for_each_entry(d, &hci_dev_list, list) {
a8b2d5c2 352 if (test_bit(HCI_SETUP, &d->dev_flags))
ab81cbf9
JH		 353 continue;
354
bb4b2a9a
AE		 355 if (!mgmt_valid_hdev(d))
356 continue;
357
476e44cb 358 rp->index[count++] = cpu_to_le16(d->id);
faba42eb
JH		 359 BT_DBG("Added hci%u", d->id);
360 }
361
476e44cb
JH		 362 rp->num_controllers = cpu_to_le16(count);
363 rp_len = sizeof(*rp) + (2 * count);
364
faba42eb
JH		 365 read_unlock(&hci_dev_list_lock);
366
aee9b218 367 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, 0, rp,
04124681 368 rp_len);
faba42eb 369
a38528f1
JH		 370 kfree(rp);
371
372 return err;
faba42eb
JH		 373}
374
69ab39ea
JH		 375static u32 get_supported_settings(struct hci_dev *hdev)
376{
377 u32 settings = 0;
378
379 settings |= MGMT_SETTING_POWERED;
69ab39ea
JH		 380 settings |= MGMT_SETTING_PAIRABLE;
381
9a1a1996 382 if (lmp_ssp_capable(hdev))
69ab39ea
JH		 383 settings |= MGMT_SETTING_SSP;
384
ed3fa31f 385 if (lmp_bredr_capable(hdev)) {
33c525c0
JH		 386 settings |= MGMT_SETTING_CONNECTABLE;
387 settings |= MGMT_SETTING_FAST_CONNECTABLE;
388 settings |= MGMT_SETTING_DISCOVERABLE;
69ab39ea
JH		 389 settings |= MGMT_SETTING_BREDR;
390 settings |= MGMT_SETTING_LINK_SECURITY;
391 }
392
d7b7e796
MH		 393 if (enable_hs)
394 settings |= MGMT_SETTING_HS;
395
c383ddc4 396 if (lmp_le_capable(hdev))
9d42820f 397 settings |= MGMT_SETTING_LE;
69ab39ea
JH		 398
399 return settings;
400}
401
402static u32 get_current_settings(struct hci_dev *hdev)
403{
404 u32 settings = 0;
405
f1f0eb02 406 if (hdev_is_powered(hdev))
f0d4b78a
MH		 407 settings |= MGMT_SETTING_POWERED;
408
5e5282bb 409 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
69ab39ea
JH		 410 settings |= MGMT_SETTING_CONNECTABLE;
411
5e5282bb 412 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
69ab39ea
JH		 413 settings |= MGMT_SETTING_DISCOVERABLE;
414
a8b2d5c2 415 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags))
69ab39ea
JH		 416 settings |= MGMT_SETTING_PAIRABLE;
417
ed3fa31f 418 if (lmp_bredr_capable(hdev))
69ab39ea
JH		 419 settings |= MGMT_SETTING_BREDR;
420
06199cf8 421 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 422 settings |= MGMT_SETTING_LE;
423
47990ea0 424 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
69ab39ea
JH		 425 settings |= MGMT_SETTING_LINK_SECURITY;
426
84bde9d6 427 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 428 settings |= MGMT_SETTING_SSP;
429
6d80dfd0
JH		 430 if (test_bit(HCI_HS_ENABLED, &hdev->dev_flags))
431 settings |= MGMT_SETTING_HS;
432
69ab39ea
JH		 433 return settings;
434}
435
ef580372
JH		 436#define PNP_INFO_SVCLASS_ID 0x1200
437
438static u8 bluetooth_base_uuid[] = {
439 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
440 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
441};
442
443static u16 get_uuid16(u8 *uuid128)
444{
445 u32 val;
446 int i;
447
448 for (i = 0; i < 12; i++) {
449 if (bluetooth_base_uuid[i] != uuid128[i])
450 return 0;
451 }
452
3e9fb6d8 453 val = get_unaligned_le32(&uuid128[12]);
ef580372
JH		 454 if (val > 0xffff)
455 return 0;
456
457 return (u16) val;
458}
459
460static void create_eir(struct hci_dev *hdev, u8 *data)
461{
462 u8 *ptr = data;
463 u16 eir_len = 0;
464 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
465 int i, truncated = 0;
466 struct bt_uuid *uuid;
467 size_t name_len;
468
469 name_len = strlen(hdev->dev_name);
470
471 if (name_len > 0) {
472 /* EIR Data type */
473 if (name_len > 48) {
474 name_len = 48;
475 ptr[1] = EIR_NAME_SHORT;
476 } else
477 ptr[1] = EIR_NAME_COMPLETE;
478
479 /* EIR Data length */
480 ptr[0] = name_len + 1;
481
482 memcpy(ptr + 2, hdev->dev_name, name_len);
483
484 eir_len += (name_len + 2);
485 ptr += (name_len + 2);
486 }
487
bbaf444a 488 if (hdev->inq_tx_power != HCI_TX_POWER_INVALID) {
91c4e9b1
MH		 489 ptr[0] = 2;
490 ptr[1] = EIR_TX_POWER;
491 ptr[2] = (u8) hdev->inq_tx_power;
492
493 eir_len += 3;
494 ptr += 3;
495 }
496
2b9be137
MH		 497 if (hdev->devid_source > 0) {
498 ptr[0] = 9;
499 ptr[1] = EIR_DEVICE_ID;
500
501 put_unaligned_le16(hdev->devid_source, ptr + 2);
502 put_unaligned_le16(hdev->devid_vendor, ptr + 4);
503 put_unaligned_le16(hdev->devid_product, ptr + 6);
504 put_unaligned_le16(hdev->devid_version, ptr + 8);
505
506 eir_len += 10;
507 ptr += 10;
508 }
509
ef580372
JH		 510 memset(uuid16_list, 0, sizeof(uuid16_list));
511
512 /* Group all UUID16 types */
513 list_for_each_entry(uuid, &hdev->uuids, list) {
514 u16 uuid16;
515
516 uuid16 = get_uuid16(uuid->uuid);
517 if (uuid16 == 0)
518 return;
519
520 if (uuid16 < 0x1100)
521 continue;
522
523 if (uuid16 == PNP_INFO_SVCLASS_ID)
524 continue;
525
526 /* Stop if not enough space to put next UUID */
527 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
528 truncated = 1;
529 break;
530 }
531
532 /* Check for duplicates */
533 for (i = 0; uuid16_list[i] != 0; i++)
534 if (uuid16_list[i] == uuid16)
535 break;
536
537 if (uuid16_list[i] == 0) {
538 uuid16_list[i] = uuid16;
539 eir_len += sizeof(u16);
540 }
541 }
542
543 if (uuid16_list[0] != 0) {
544 u8 *length = ptr;
545
546 /* EIR Data type */
547 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
548
549 ptr += 2;
550 eir_len += 2;
551
552 for (i = 0; uuid16_list[i] != 0; i++) {
553 *ptr++ = (uuid16_list[i] & 0x00ff);
554 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
555 }
556
557 /* EIR Data length */
558 *length = (i * sizeof(u16)) + 1;
559 }
560}
561
562static int update_eir(struct hci_dev *hdev)
563{
564 struct hci_cp_write_eir cp;
565
504c8dcd 566 if (!hdev_is_powered(hdev))
7770c4aa
JH		 567 return 0;
568
976eb20e 569 if (!lmp_ext_inq_capable(hdev))
ef580372
JH		 570 return 0;
571
84bde9d6 572 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
ef580372
JH		 573 return 0;
574
a8b2d5c2 575 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 576 return 0;
577
578 memset(&cp, 0, sizeof(cp));
579
580 create_eir(hdev, cp.data);
581
582 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
583 return 0;
584
585 memcpy(hdev->eir, cp.data, sizeof(cp.data));
586
587 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
588}
589
590static u8 get_service_classes(struct hci_dev *hdev)
591{
592 struct bt_uuid *uuid;
593 u8 val = 0;
594
595 list_for_each_entry(uuid, &hdev->uuids, list)
596 val |= uuid->svc_hint;
597
598 return val;
599}
600
601static int update_class(struct hci_dev *hdev)
602{
603 u8 cod[3];
c95f0ba7 604 int err;
ef580372
JH		 605
606 BT_DBG("%s", hdev->name);
607
504c8dcd 608 if (!hdev_is_powered(hdev))
7770c4aa
JH		 609 return 0;
610
a8b2d5c2 611 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 612 return 0;
613
614 cod[0] = hdev->minor_class;
615 cod[1] = hdev->major_class;
616 cod[2] = get_service_classes(hdev);
617
618 if (memcmp(cod, hdev->dev_class, 3) == 0)
619 return 0;
620
c95f0ba7
JH		 621 err = hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
622 if (err == 0)
623 set_bit(HCI_PENDING_CLASS, &hdev->dev_flags);
624
625 return err;
ef580372
JH		 626}
627
7d78525d
JH		 628static void service_cache_off(struct work_struct *work)
629{
630 struct hci_dev *hdev = container_of(work, struct hci_dev,
04124681 631 service_cache.work);
7d78525d 632
a8b2d5c2 633 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 634 return;
635
636 hci_dev_lock(hdev);
637
638 update_eir(hdev);
639 update_class(hdev);
640
641 hci_dev_unlock(hdev);
642}
643
6a919082 644static void mgmt_init_hdev(struct sock *sk, struct hci_dev *hdev)
7d78525d 645{
4f87da80 646 if (test_and_set_bit(HCI_MGMT, &hdev->dev_flags))
6a919082
JH		 647 return;
648
4f87da80 649 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
7d78525d 650
4f87da80
JH		 651 /* Non-mgmt controlled devices get this bit set
652 * implicitly so that pairing works for them, however
653 * for mgmt we require user-space to explicitly enable
654 * it
655 */
656 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
7d78525d
JH		 657}
658
0f4e68cf 659static int read_controller_info(struct sock *sk, struct hci_dev *hdev,
04124681 660 void *data, u16 data_len)
0381101f 661{
a38528f1 662 struct mgmt_rp_read_info rp;
f7b64e69 663
bdb6d971 664 BT_DBG("sock %p %s", sk, hdev->name);
f7b64e69 665
09fd0de5 666 hci_dev_lock(hdev);
f7b64e69 667
dc4fe30b
JH		 668 memset(&rp, 0, sizeof(rp));
669
69ab39ea 670 bacpy(&rp.bdaddr, &hdev->bdaddr);
f7b64e69 671
69ab39ea 672 rp.version = hdev->hci_ver;
eb55ef07 673 rp.manufacturer = cpu_to_le16(hdev->manufacturer);
69ab39ea
JH		 674
675 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
676 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
f7b64e69 677
a38528f1 678 memcpy(rp.dev_class, hdev->dev_class, 3);
f7b64e69 679
dc4fe30b 680 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
27fcc362 681 memcpy(rp.short_name, hdev->short_name, sizeof(hdev->short_name));
dc4fe30b 682
09fd0de5 683 hci_dev_unlock(hdev);
0381101f 684
bdb6d971 685 return cmd_complete(sk, hdev->id, MGMT_OP_READ_INFO, 0, &rp,
04124681 686 sizeof(rp));
0381101f
JH		 687}
688
eec8d2bc
JH		 689static void mgmt_pending_free(struct pending_cmd *cmd)
690{
691 sock_put(cmd->sk);
c68fb7ff 692 kfree(cmd->param);
eec8d2bc
JH		 693 kfree(cmd);
694}
695
366a0336 696static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
04124681
GP		 697 struct hci_dev *hdev, void *data,
698 u16 len)
eec8d2bc
JH		 699{
700 struct pending_cmd *cmd;
701
12b94565 702 cmd = kmalloc(sizeof(*cmd), GFP_KERNEL);
eec8d2bc 703 if (!cmd)
366a0336 704 return NULL;
eec8d2bc
JH		 705
706 cmd->opcode = opcode;
2e58ef3e 707 cmd->index = hdev->id;
eec8d2bc 708
12b94565 709 cmd->param = kmalloc(len, GFP_KERNEL);
c68fb7ff 710 if (!cmd->param) {
eec8d2bc 711 kfree(cmd);
366a0336 712 return NULL;
eec8d2bc
JH		 713 }
714
8fce6357
SJ		 715 if (data)
716 memcpy(cmd->param, data, len);
eec8d2bc
JH		 717
718 cmd->sk = sk;
719 sock_hold(sk);
720
2e58ef3e 721 list_add(&cmd->list, &hdev->mgmt_pending);
eec8d2bc 722
366a0336 723 return cmd;
eec8d2bc
JH		 724}
725
744cf19e 726static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
8fc9ced3
GP		 727 void (*cb)(struct pending_cmd *cmd,
728 void *data),
04124681 729 void *data)
eec8d2bc
JH		 730{
731 struct list_head *p, *n;
732
2e58ef3e 733 list_for_each_safe(p, n, &hdev->mgmt_pending) {
eec8d2bc
JH		 734 struct pending_cmd *cmd;
735
736 cmd = list_entry(p, struct pending_cmd, list);
737
b24752fe 738 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 739 continue;
740
eec8d2bc
JH		 741 cb(cmd, data);
742 }
743}
744
2e58ef3e 745static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
eec8d2bc 746{
8035ded4 747 struct pending_cmd *cmd;
eec8d2bc 748
2e58ef3e 749 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
2aeabcbe
JH		 750 if (cmd->opcode == opcode)
751 return cmd;
eec8d2bc
JH		 752 }
753
754 return NULL;
755}
756
a664b5bc 757static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 758{
73f22f62
JH		 759 list_del(&cmd->list);
760 mgmt_pending_free(cmd);
761}
762
69ab39ea 763static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
8680570b 764{
69ab39ea 765 __le32 settings = cpu_to_le32(get_current_settings(hdev));
8680570b 766
aee9b218 767 return cmd_complete(sk, hdev->id, opcode, 0, &settings,
04124681 768 sizeof(settings));
8680570b
JH		 769}
770
bdb6d971 771static int set_powered(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 772 u16 len)
eec8d2bc 773{
650f726d 774 struct mgmt_mode *cp = data;
366a0336 775 struct pending_cmd *cmd;
4b34ee78 776 int err;
eec8d2bc 777
bdb6d971 778 BT_DBG("request for %s", hdev->name);
eec8d2bc 779
a7e80f25
JH		 780 if (cp->val != 0x00 && cp->val != 0x01)
781 return cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
782 MGMT_STATUS_INVALID_PARAMS);
783
09fd0de5 784 hci_dev_lock(hdev);
eec8d2bc 785
f0d4b78a
MH		 786 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) {
787 cancel_delayed_work(&hdev->power_off);
788
789 if (cp->val) {
a1d70450
JH		 790 mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev,
791 data, len);
792 err = mgmt_powered(hdev, 1);
f0d4b78a
MH		 793 goto failed;
794 }
795 }
796
4b34ee78 797 if (!!cp->val == hdev_is_powered(hdev)) {
69ab39ea 798 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
eec8d2bc
JH		 799 goto failed;
800 }
801
2e58ef3e 802 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
bdb6d971 803 err = cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
04124681 804 MGMT_STATUS_BUSY);
eec8d2bc
JH		 805 goto failed;
806 }
807
2e58ef3e 808 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
366a0336
JH		 809 if (!cmd) {
810 err = -ENOMEM;
eec8d2bc 811 goto failed;
366a0336 812 }
eec8d2bc 813
72a734ec 814 if (cp->val)
19202573 815 queue_work(hdev->req_workqueue, &hdev->power_on);
eec8d2bc 816 else
19202573 817 queue_work(hdev->req_workqueue, &hdev->power_off.work);
eec8d2bc 818
366a0336 819 err = 0;
eec8d2bc
JH		 820
821failed:
09fd0de5 822 hci_dev_unlock(hdev);
366a0336 823 return err;
eec8d2bc
JH		 824}
825
04124681
GP		 826static int mgmt_event(u16 event, struct hci_dev *hdev, void *data, u16 data_len,
827 struct sock *skip_sk)
beadb2bd
JH		 828{
829 struct sk_buff *skb;
830 struct mgmt_hdr *hdr;
831
790eff44 832 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_KERNEL);
beadb2bd
JH		 833 if (!skb)
834 return -ENOMEM;
835
836 hdr = (void *) skb_put(skb, sizeof(*hdr));
837 hdr->opcode = cpu_to_le16(event);
838 if (hdev)
839 hdr->index = cpu_to_le16(hdev->id);
840 else
612dfce9 841 hdr->index = __constant_cpu_to_le16(MGMT_INDEX_NONE);
beadb2bd
JH		 842 hdr->len = cpu_to_le16(data_len);
843
844 if (data)
845 memcpy(skb_put(skb, data_len), data, data_len);
846
97e0bdeb
MH		 847 /* Time stamp */
848 __net_timestamp(skb);
849
beadb2bd
JH		 850 hci_send_to_control(skb, skip_sk);
851 kfree_skb(skb);
852
853 return 0;
854}
855
856static int new_settings(struct hci_dev *hdev, struct sock *skip)
857{
858 __le32 ev;
859
860 ev = cpu_to_le32(get_current_settings(hdev));
861
862 return mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), skip);
863}
864
bdb6d971 865static int set_discoverable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 866 u16 len)
73f22f62 867{
650f726d 868 struct mgmt_cp_set_discoverable *cp = data;
366a0336 869 struct pending_cmd *cmd;
5e5282bb 870 u16 timeout;
73f22f62
JH		 871 u8 scan;
872 int err;
873
bdb6d971 874 BT_DBG("request for %s", hdev->name);
73f22f62 875
33c525c0
JH		 876 if (!lmp_bredr_capable(hdev))
877 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
878 MGMT_STATUS_NOT_SUPPORTED);
879
a7e80f25
JH		 880 if (cp->val != 0x00 && cp->val != 0x01)
881 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
882 MGMT_STATUS_INVALID_PARAMS);
883
1f350c87 884 timeout = __le16_to_cpu(cp->timeout);
24c54a90 885 if (!cp->val && timeout > 0)
bdb6d971 886 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 887 MGMT_STATUS_INVALID_PARAMS);
73f22f62 888
09fd0de5 889 hci_dev_lock(hdev);
73f22f62 890
5e5282bb 891 if (!hdev_is_powered(hdev) && timeout > 0) {
bdb6d971 892 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 893 MGMT_STATUS_NOT_POWERED);
73f22f62
JH		 894 goto failed;
895 }
896
2e58ef3e 897 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 898 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 899 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 900 MGMT_STATUS_BUSY);
73f22f62
JH		 901 goto failed;
902 }
903
5e5282bb 904 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) {
bdb6d971 905 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 906 MGMT_STATUS_REJECTED);
5e5282bb
JH		 907 goto failed;
908 }
909
910 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 911 bool changed = false;
912
913 if (!!cp->val != test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
914 change_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
915 changed = true;
916 }
917
5e5282bb 918 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
0224d2fa
JH		 919 if (err < 0)
920 goto failed;
921
922 if (changed)
923 err = new_settings(hdev, sk);
924
5e5282bb
JH		 925 goto failed;
926 }
927
928 if (!!cp->val == test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
955638ec
MH		 929 if (hdev->discov_timeout > 0) {
930 cancel_delayed_work(&hdev->discov_off);
931 hdev->discov_timeout = 0;
932 }
933
934 if (cp->val && timeout > 0) {
935 hdev->discov_timeout = timeout;
936 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
937 msecs_to_jiffies(hdev->discov_timeout * 1000));
938 }
939
69ab39ea 940 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
73f22f62
JH		 941 goto failed;
942 }
943
2e58ef3e 944 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
366a0336
JH		 945 if (!cmd) {
946 err = -ENOMEM;
73f22f62 947 goto failed;
366a0336 948 }
73f22f62
JH		 949
950 scan = SCAN_PAGE;
951
72a734ec 952 if (cp->val)
73f22f62 953 scan |= SCAN_INQUIRY;
16ab91ab 954 else
e0f9309f 955 cancel_delayed_work(&hdev->discov_off);
73f22f62
JH		 956
957 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
958 if (err < 0)
a664b5bc 959 mgmt_pending_remove(cmd);
73f22f62 960
16ab91ab 961 if (cp->val)
5e5282bb 962 hdev->discov_timeout = timeout;
16ab91ab 963
73f22f62 964failed:
09fd0de5 965 hci_dev_unlock(hdev);
73f22f62
JH		 966 return err;
967}
968
bdb6d971 969static int set_connectable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 970 u16 len)
9fbcbb45 971{
650f726d 972 struct mgmt_mode *cp = data;
366a0336 973 struct pending_cmd *cmd;
9fbcbb45
JH		 974 u8 scan;
975 int err;
976
bdb6d971 977 BT_DBG("request for %s", hdev->name);
9fbcbb45 978
33c525c0
JH		 979 if (!lmp_bredr_capable(hdev))
980 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
981 MGMT_STATUS_NOT_SUPPORTED);
982
a7e80f25
JH		 983 if (cp->val != 0x00 && cp->val != 0x01)
984 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
985 MGMT_STATUS_INVALID_PARAMS);
986
09fd0de5 987 hci_dev_lock(hdev);
9fbcbb45 988
4b34ee78 989 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 990 bool changed = false;
991
992 if (!!cp->val != test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
993 changed = true;
994
6bf0e469 995 if (cp->val) {
5e5282bb 996 set_bit(HCI_CONNECTABLE, &hdev->dev_flags);
6bf0e469 997 } else {
5e5282bb
JH		 998 clear_bit(HCI_CONNECTABLE, &hdev->dev_flags);
999 clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
1000 }
0224d2fa 1001
5e5282bb 1002 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
0224d2fa
JH		 1003 if (err < 0)
1004 goto failed;
1005
1006 if (changed)
1007 err = new_settings(hdev, sk);
1008
9fbcbb45
JH		 1009 goto failed;
1010 }
1011
2e58ef3e 1012 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 1013 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 1014 err = cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
04124681 1015 MGMT_STATUS_BUSY);
9fbcbb45
JH		 1016 goto failed;
1017 }
1018
5e5282bb 1019 if (!!cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
69ab39ea 1020 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
9fbcbb45
JH		 1021 goto failed;
1022 }
1023
2e58ef3e 1024 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
366a0336
JH		 1025 if (!cmd) {
1026 err = -ENOMEM;
9fbcbb45 1027 goto failed;
366a0336 1028 }
9fbcbb45 1029
6bf0e469 1030 if (cp->val) {
9fbcbb45 1031 scan = SCAN_PAGE;
6bf0e469 1032 } else {
9fbcbb45
JH		 1033 scan = 0;
1034
df2c6c5e 1035 if (test_bit(HCI_ISCAN, &hdev->flags) &&
8ce8e2b5 1036 hdev->discov_timeout > 0)
df2c6c5e
JH		 1037 cancel_delayed_work(&hdev->discov_off);
1038 }
1039
9fbcbb45
JH		 1040 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1041 if (err < 0)
a664b5bc 1042 mgmt_pending_remove(cmd);
9fbcbb45
JH		 1043
1044failed:
09fd0de5 1045 hci_dev_unlock(hdev);
9fbcbb45
JH		 1046 return err;
1047}
1048
bdb6d971 1049static int set_pairable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1050 u16 len)
c542a06c 1051{
650f726d 1052 struct mgmt_mode *cp = data;
c542a06c
JH		 1053 int err;
1054
bdb6d971 1055 BT_DBG("request for %s", hdev->name);
c542a06c 1056
a7e80f25
JH		 1057 if (cp->val != 0x00 && cp->val != 0x01)
1058 return cmd_status(sk, hdev->id, MGMT_OP_SET_PAIRABLE,
1059 MGMT_STATUS_INVALID_PARAMS);
1060
09fd0de5 1061 hci_dev_lock(hdev);
c542a06c
JH		 1062
1063 if (cp->val)
a8b2d5c2 1064 set_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1065 else
a8b2d5c2 1066 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1067
69ab39ea 1068 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
c542a06c
JH		 1069 if (err < 0)
1070 goto failed;
1071
beadb2bd 1072 err = new_settings(hdev, sk);
c542a06c
JH		 1073
1074failed:
09fd0de5 1075 hci_dev_unlock(hdev);
c542a06c
JH		 1076 return err;
1077}
1078
04124681
GP		 1079static int set_link_security(struct sock *sk, struct hci_dev *hdev, void *data,
1080 u16 len)
33ef95ed
JH		 1081{
1082 struct mgmt_mode *cp = data;
1083 struct pending_cmd *cmd;
816a11d5 1084 u8 val;
33ef95ed
JH		 1085 int err;
1086
bdb6d971 1087 BT_DBG("request for %s", hdev->name);
33ef95ed 1088
33c525c0
JH		 1089 if (!lmp_bredr_capable(hdev))
1090 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
1091 MGMT_STATUS_NOT_SUPPORTED);
1092
a7e80f25
JH		 1093 if (cp->val != 0x00 && cp->val != 0x01)
1094 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
1095 MGMT_STATUS_INVALID_PARAMS);
1096
33ef95ed
JH		 1097 hci_dev_lock(hdev);
1098
4b34ee78 1099 if (!hdev_is_powered(hdev)) {
47990ea0
JH		 1100 bool changed = false;
1101
1102 if (!!cp->val != test_bit(HCI_LINK_SECURITY,
8ce8e2b5 1103 &hdev->dev_flags)) {
47990ea0
JH		 1104 change_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
1105 changed = true;
1106 }
1107
1108 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1109 if (err < 0)
1110 goto failed;
1111
1112 if (changed)
1113 err = new_settings(hdev, sk);
1114
33ef95ed
JH		 1115 goto failed;
1116 }
1117
1118 if (mgmt_pending_find(MGMT_OP_SET_LINK_SECURITY, hdev)) {
bdb6d971 1119 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
04124681 1120 MGMT_STATUS_BUSY);
33ef95ed
JH		 1121 goto failed;
1122 }
1123
1124 val = !!cp->val;
1125
1126 if (test_bit(HCI_AUTH, &hdev->flags) == val) {
1127 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1128 goto failed;
1129 }
1130
1131 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LINK_SECURITY, hdev, data, len);
1132 if (!cmd) {
1133 err = -ENOMEM;
1134 goto failed;
1135 }
1136
1137 err = hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(val), &val);
1138 if (err < 0) {
1139 mgmt_pending_remove(cmd);
1140 goto failed;
1141 }
1142
1143failed:
1144 hci_dev_unlock(hdev);
33ef95ed
JH		 1145 return err;
1146}
1147
bdb6d971 1148static int set_ssp(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
ed2c4ee3
JH		 1149{
1150 struct mgmt_mode *cp = data;
1151 struct pending_cmd *cmd;
816a11d5 1152 u8 val;
ed2c4ee3
JH		 1153 int err;
1154
bdb6d971 1155 BT_DBG("request for %s", hdev->name);
ed2c4ee3 1156
13ecd8b6
JH		 1157 if (!lmp_ssp_capable(hdev))
1158 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1159 MGMT_STATUS_NOT_SUPPORTED);
ed2c4ee3 1160
a7e80f25
JH		 1161 if (cp->val != 0x00 && cp->val != 0x01)
1162 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1163 MGMT_STATUS_INVALID_PARAMS);
1164
13ecd8b6 1165 hci_dev_lock(hdev);
6c8f12c1 1166
c0ecddc2
JH		 1167 val = !!cp->val;
1168
4b34ee78 1169 if (!hdev_is_powered(hdev)) {
c0ecddc2
JH		 1170 bool changed = false;
1171
1172 if (val != test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
1173 change_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
1174 changed = true;
1175 }
1176
1177 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1178 if (err < 0)
1179 goto failed;
1180
1181 if (changed)
1182 err = new_settings(hdev, sk);
1183
ed2c4ee3
JH		 1184 goto failed;
1185 }
1186
1187 if (mgmt_pending_find(MGMT_OP_SET_SSP, hdev)) {
d97dcb66
SJ		 1188 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1189 MGMT_STATUS_BUSY);
ed2c4ee3
JH		 1190 goto failed;
1191 }
1192
ed2c4ee3
JH		 1193 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) == val) {
1194 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1195 goto failed;
1196 }
1197
1198 cmd = mgmt_pending_add(sk, MGMT_OP_SET_SSP, hdev, data, len);
1199 if (!cmd) {
1200 err = -ENOMEM;
1201 goto failed;
1202 }
1203
1204 err = hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(val), &val);
1205 if (err < 0) {
1206 mgmt_pending_remove(cmd);
1207 goto failed;
1208 }
1209
1210failed:
1211 hci_dev_unlock(hdev);
ed2c4ee3
JH		 1212 return err;
1213}
1214
bdb6d971 1215static int set_hs(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
6d80dfd0
JH		 1216{
1217 struct mgmt_mode *cp = data;
6d80dfd0 1218
bdb6d971 1219 BT_DBG("request for %s", hdev->name);
6d80dfd0 1220
bdb6d971
JH		 1221 if (!enable_hs)
1222 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
04124681 1223 MGMT_STATUS_NOT_SUPPORTED);
6d80dfd0 1224
a7e80f25
JH		 1225 if (cp->val != 0x00 && cp->val != 0x01)
1226 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
1227 MGMT_STATUS_INVALID_PARAMS);
1228
6d80dfd0
JH		 1229 if (cp->val)
1230 set_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1231 else
1232 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1233
bdb6d971 1234 return send_settings_rsp(sk, MGMT_OP_SET_HS, hdev);
6d80dfd0
JH		 1235}
1236
bdb6d971 1237static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
06199cf8
JH		 1238{
1239 struct mgmt_mode *cp = data;
1240 struct hci_cp_write_le_host_supported hci_cp;
1241 struct pending_cmd *cmd;
06199cf8 1242 int err;
0b60eba1 1243 u8 val, enabled;
06199cf8 1244
bdb6d971 1245 BT_DBG("request for %s", hdev->name);
06199cf8 1246
13ecd8b6
JH		 1247 if (!lmp_le_capable(hdev))
1248 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1249 MGMT_STATUS_NOT_SUPPORTED);
1de028ce 1250
a7e80f25
JH		 1251 if (cp->val != 0x00 && cp->val != 0x01)
1252 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1253 MGMT_STATUS_INVALID_PARAMS);
1254
13ecd8b6 1255 hci_dev_lock(hdev);
06199cf8
JH		 1256
1257 val = !!cp->val;
ffa88e02 1258 enabled = lmp_host_le_capable(hdev);
06199cf8 1259
0b60eba1 1260 if (!hdev_is_powered(hdev) || val == enabled) {
06199cf8
JH		 1261 bool changed = false;
1262
1263 if (val != test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
1264 change_bit(HCI_LE_ENABLED, &hdev->dev_flags);
1265 changed = true;
1266 }
1267
1268 err = send_settings_rsp(sk, MGMT_OP_SET_LE, hdev);
1269 if (err < 0)
1de028ce 1270 goto unlock;
06199cf8
JH		 1271
1272 if (changed)
1273 err = new_settings(hdev, sk);
1274
1de028ce 1275 goto unlock;
06199cf8
JH		 1276 }
1277
1278 if (mgmt_pending_find(MGMT_OP_SET_LE, hdev)) {
bdb6d971 1279 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
04124681 1280 MGMT_STATUS_BUSY);
1de028ce 1281 goto unlock;
06199cf8
JH		 1282 }
1283
1284 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LE, hdev, data, len);
1285 if (!cmd) {
1286 err = -ENOMEM;
1de028ce 1287 goto unlock;
06199cf8
JH		 1288 }
1289
1290 memset(&hci_cp, 0, sizeof(hci_cp));
1291
1292 if (val) {
1293 hci_cp.le = val;
ffa88e02 1294 hci_cp.simul = lmp_le_br_capable(hdev);
06199cf8
JH		 1295 }
1296
04124681
GP		 1297 err = hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(hci_cp),
1298 &hci_cp);
0c01bc48 1299 if (err < 0)
06199cf8 1300 mgmt_pending_remove(cmd);
06199cf8 1301
1de028ce
JH		 1302unlock:
1303 hci_dev_unlock(hdev);
06199cf8
JH		 1304 return err;
1305}
1306
bdb6d971 1307static int add_uuid(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
2aeb9a1a 1308{
650f726d 1309 struct mgmt_cp_add_uuid *cp = data;
90e70454 1310 struct pending_cmd *cmd;
2aeb9a1a 1311 struct bt_uuid *uuid;
2aeb9a1a
JH		 1312 int err;
1313
bdb6d971 1314 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1315
09fd0de5 1316 hci_dev_lock(hdev);
2aeb9a1a 1317
c95f0ba7 1318 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1319 err = cmd_status(sk, hdev->id, MGMT_OP_ADD_UUID,
04124681 1320 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1321 goto failed;
1322 }
1323
92c4c204 1324 uuid = kmalloc(sizeof(*uuid), GFP_KERNEL);
2aeb9a1a
JH		 1325 if (!uuid) {
1326 err = -ENOMEM;
1327 goto failed;
1328 }
1329
1330 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 1331 uuid->svc_hint = cp->svc_hint;
2aeb9a1a 1332
de66aa63 1333 list_add_tail(&uuid->list, &hdev->uuids);
2aeb9a1a 1334
1aff6f09
JH		 1335 err = update_class(hdev);
1336 if (err < 0)
1337 goto failed;
1338
80a1e1db
JH		 1339 err = update_eir(hdev);
1340 if (err < 0)
1341 goto failed;
1342
90e70454 1343 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1344 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_UUID, 0,
04124681 1345 hdev->dev_class, 3);
90e70454
JH		 1346 goto failed;
1347 }
1348
1349 cmd = mgmt_pending_add(sk, MGMT_OP_ADD_UUID, hdev, data, len);
0c01bc48 1350 if (!cmd)
90e70454 1351 err = -ENOMEM;
2aeb9a1a
JH		 1352
1353failed:
09fd0de5 1354 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1355 return err;
1356}
1357
24b78d0f
JH		 1358static bool enable_service_cache(struct hci_dev *hdev)
1359{
1360 if (!hdev_is_powered(hdev))
1361 return false;
1362
1363 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
46818ed5
JH		 1364 queue_delayed_work(hdev->workqueue, &hdev->service_cache,
1365 CACHE_TIMEOUT);
24b78d0f
JH		 1366 return true;
1367 }
1368
1369 return false;
1370}
1371
bdb6d971 1372static int remove_uuid(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1373 u16 len)
2aeb9a1a 1374{
650f726d 1375 struct mgmt_cp_remove_uuid *cp = data;
90e70454 1376 struct pending_cmd *cmd;
2aeb9a1a 1377 struct list_head *p, *n;
2aeb9a1a 1378 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
2aeb9a1a
JH		 1379 int err, found;
1380
bdb6d971 1381 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1382
09fd0de5 1383 hci_dev_lock(hdev);
2aeb9a1a 1384
c95f0ba7 1385 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1386 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1387 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1388 goto unlock;
1389 }
1390
2aeb9a1a
JH		 1391 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
1392 err = hci_uuids_clear(hdev);
4004b6d9 1393
24b78d0f 1394 if (enable_service_cache(hdev)) {
bdb6d971 1395 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1396 0, hdev->dev_class, 3);
24b78d0f
JH		 1397 goto unlock;
1398 }
4004b6d9 1399
9246a869 1400 goto update_class;
2aeb9a1a
JH		 1401 }
1402
1403 found = 0;
1404
1405 list_for_each_safe(p, n, &hdev->uuids) {
1406 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
1407
1408 if (memcmp(match->uuid, cp->uuid, 16) != 0)
1409 continue;
1410
1411 list_del(&match->list);
482049f7 1412 kfree(match);
2aeb9a1a
JH		 1413 found++;
1414 }
1415
1416 if (found == 0) {
bdb6d971 1417 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1418 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a
JH		 1419 goto unlock;
1420 }
1421
9246a869 1422update_class:
1aff6f09
JH		 1423 err = update_class(hdev);
1424 if (err < 0)
1425 goto unlock;
1426
80a1e1db
JH		 1427 err = update_eir(hdev);
1428 if (err < 0)
1429 goto unlock;
1430
90e70454 1431 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1432 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID, 0,
04124681 1433 hdev->dev_class, 3);
90e70454
JH		 1434 goto unlock;
1435 }
1436
1437 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_UUID, hdev, data, len);
0c01bc48 1438 if (!cmd)
90e70454 1439 err = -ENOMEM;
2aeb9a1a
JH		 1440
1441unlock:
09fd0de5 1442 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1443 return err;
1444}
1445
bdb6d971 1446static int set_dev_class(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1447 u16 len)
1aff6f09 1448{
650f726d 1449 struct mgmt_cp_set_dev_class *cp = data;
90e70454 1450 struct pending_cmd *cmd;
1aff6f09
JH		 1451 int err;
1452
bdb6d971 1453 BT_DBG("request for %s", hdev->name);
1aff6f09 1454
13ecd8b6
JH		 1455 if (!lmp_bredr_capable(hdev))
1456 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1457 MGMT_STATUS_NOT_SUPPORTED);
1aff6f09 1458
13ecd8b6
JH		 1459 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags))
1460 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1461 MGMT_STATUS_BUSY);
ee98f473 1462
13ecd8b6
JH		 1463 if ((cp->minor & 0x03) != 0 || (cp->major & 0xe0) != 0)
1464 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1465 MGMT_STATUS_INVALID_PARAMS);
c95f0ba7 1466
13ecd8b6 1467 hci_dev_lock(hdev);
575b3a02 1468
932f5ff5
JH		 1469 hdev->major_class = cp->major;
1470 hdev->minor_class = cp->minor;
1471
b5235a65 1472 if (!hdev_is_powered(hdev)) {
bdb6d971 1473 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1474 hdev->dev_class, 3);
b5235a65
JH		 1475 goto unlock;
1476 }
1477
a8b2d5c2 1478 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
7d78525d
JH		 1479 hci_dev_unlock(hdev);
1480 cancel_delayed_work_sync(&hdev->service_cache);
1481 hci_dev_lock(hdev);
14c0b608 1482 update_eir(hdev);
7d78525d 1483 }
14c0b608 1484
1aff6f09 1485 err = update_class(hdev);
90e70454
JH		 1486 if (err < 0)
1487 goto unlock;
1aff6f09 1488
90e70454 1489 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1490 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1491 hdev->dev_class, 3);
90e70454
JH		 1492 goto unlock;
1493 }
1494
1495 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DEV_CLASS, hdev, data, len);
0c01bc48 1496 if (!cmd)
90e70454 1497 err = -ENOMEM;
1aff6f09 1498
b5235a65 1499unlock:
09fd0de5 1500 hci_dev_unlock(hdev);
1aff6f09
JH		 1501 return err;
1502}
1503
bdb6d971 1504static int load_link_keys(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1505 u16 len)
55ed8ca1 1506{
650f726d 1507 struct mgmt_cp_load_link_keys *cp = data;
4e51eae9 1508 u16 key_count, expected_len;
a492cd52 1509 int i;
55ed8ca1 1510
1f350c87 1511 key_count = __le16_to_cpu(cp->key_count);
55ed8ca1 1512
86742e1e
JH		 1513 expected_len = sizeof(*cp) + key_count *
1514 sizeof(struct mgmt_link_key_info);
a492cd52 1515 if (expected_len != len) {
86742e1e 1516 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
8ce8e2b5 1517 len, expected_len);
bdb6d971 1518 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
04124681 1519 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1
JH		 1520 }
1521
4ae14301
JH		 1522 if (cp->debug_keys != 0x00 && cp->debug_keys != 0x01)
1523 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
1524 MGMT_STATUS_INVALID_PARAMS);
1525
bdb6d971 1526 BT_DBG("%s debug_keys %u key_count %u", hdev->name, cp->debug_keys,
8ce8e2b5 1527 key_count);
55ed8ca1 1528
4ee71b20
JH		 1529 for (i = 0; i < key_count; i++) {
1530 struct mgmt_link_key_info *key = &cp->keys[i];
1531
1532 if (key->addr.type != BDADDR_BREDR)
1533 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
1534 MGMT_STATUS_INVALID_PARAMS);
1535 }
1536
09fd0de5 1537 hci_dev_lock(hdev);
55ed8ca1
JH		 1538
1539 hci_link_keys_clear(hdev);
1540
a8b2d5c2 1541 set_bit(HCI_LINK_KEYS, &hdev->dev_flags);
55ed8ca1
JH		 1542
1543 if (cp->debug_keys)
a8b2d5c2 1544 set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1545 else
a8b2d5c2 1546 clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1547
a492cd52 1548 for (i = 0; i < key_count; i++) {
86742e1e 1549 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 1550
d753fdc4 1551 hci_add_link_key(hdev, NULL, 0, &key->addr.bdaddr, key->val,
04124681 1552 key->type, key->pin_len);
55ed8ca1
JH		 1553 }
1554
bdb6d971 1555 cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS, 0, NULL, 0);
0e5f875a 1556
09fd0de5 1557 hci_dev_unlock(hdev);
55ed8ca1 1558
a492cd52 1559 return 0;
55ed8ca1
JH		 1560}
1561
b1078ad0 1562static int device_unpaired(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 1563 u8 addr_type, struct sock *skip_sk)
b1078ad0
JH		 1564{
1565 struct mgmt_ev_device_unpaired ev;
1566
1567 bacpy(&ev.addr.bdaddr, bdaddr);
1568 ev.addr.type = addr_type;
1569
1570 return mgmt_event(MGMT_EV_DEVICE_UNPAIRED, hdev, &ev, sizeof(ev),
04124681 1571 skip_sk);
b1078ad0
JH		 1572}
1573
bdb6d971 1574static int unpair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1575 u16 len)
55ed8ca1 1576{
124f6e35
JH		 1577 struct mgmt_cp_unpair_device *cp = data;
1578 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 1579 struct hci_cp_disconnect dc;
1580 struct pending_cmd *cmd;
55ed8ca1 1581 struct hci_conn *conn;
55ed8ca1
JH		 1582 int err;
1583
a8a1d19e 1584 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 1585 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1586 rp.addr.type = cp->addr.type;
a8a1d19e 1587
4ee71b20
JH		 1588 if (!bdaddr_type_is_valid(cp->addr.type))
1589 return cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
1590 MGMT_STATUS_INVALID_PARAMS,
1591 &rp, sizeof(rp));
1592
118da70b
JH		 1593 if (cp->disconnect != 0x00 && cp->disconnect != 0x01)
1594 return cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
1595 MGMT_STATUS_INVALID_PARAMS,
1596 &rp, sizeof(rp));
1597
4ee71b20
JH		 1598 hci_dev_lock(hdev);
1599
86a8cfc6 1600 if (!hdev_is_powered(hdev)) {
bdb6d971 1601 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1602 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
86a8cfc6
JH		 1603 goto unlock;
1604 }
1605
591f47f3 1606 if (cp->addr.type == BDADDR_BREDR)
124f6e35
JH		 1607 err = hci_remove_link_key(hdev, &cp->addr.bdaddr);
1608 else
1609 err = hci_remove_ltk(hdev, &cp->addr.bdaddr);
b0dbfb46 1610
55ed8ca1 1611 if (err < 0) {
bdb6d971 1612 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1613 MGMT_STATUS_NOT_PAIRED, &rp, sizeof(rp));
55ed8ca1
JH		 1614 goto unlock;
1615 }
1616
86a8cfc6 1617 if (cp->disconnect) {
591f47f3 1618 if (cp->addr.type == BDADDR_BREDR)
86a8cfc6 1619 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
8ce8e2b5 1620 &cp->addr.bdaddr);
86a8cfc6
JH		 1621 else
1622 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK,
8ce8e2b5 1623 &cp->addr.bdaddr);
86a8cfc6
JH		 1624 } else {
1625 conn = NULL;
1626 }
124f6e35 1627
a8a1d19e 1628 if (!conn) {
bdb6d971 1629 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE, 0,
04124681 1630 &rp, sizeof(rp));
b1078ad0 1631 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
a8a1d19e
JH		 1632 goto unlock;
1633 }
55ed8ca1 1634
124f6e35 1635 cmd = mgmt_pending_add(sk, MGMT_OP_UNPAIR_DEVICE, hdev, cp,
04124681 1636 sizeof(*cp));
a8a1d19e
JH		 1637 if (!cmd) {
1638 err = -ENOMEM;
1639 goto unlock;
55ed8ca1
JH		 1640 }
1641
eb55ef07 1642 dc.handle = cpu_to_le16(conn->handle);
a8a1d19e
JH		 1643 dc.reason = 0x13; /* Remote User Terminated Connection */
1644 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1645 if (err < 0)
1646 mgmt_pending_remove(cmd);
1647
55ed8ca1 1648unlock:
09fd0de5 1649 hci_dev_unlock(hdev);
55ed8ca1
JH		 1650 return err;
1651}
1652
bdb6d971 1653static int disconnect(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1654 u16 len)
8962ee74 1655{
650f726d 1656 struct mgmt_cp_disconnect *cp = data;
06a63b19 1657 struct mgmt_rp_disconnect rp;
8962ee74 1658 struct hci_cp_disconnect dc;
366a0336 1659 struct pending_cmd *cmd;
8962ee74 1660 struct hci_conn *conn;
8962ee74
JH		 1661 int err;
1662
1663 BT_DBG("");
1664
06a63b19
JH		 1665 memset(&rp, 0, sizeof(rp));
1666 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1667 rp.addr.type = cp->addr.type;
1668
4ee71b20 1669 if (!bdaddr_type_is_valid(cp->addr.type))
06a63b19
JH		 1670 return cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
1671 MGMT_STATUS_INVALID_PARAMS,
1672 &rp, sizeof(rp));
4ee71b20 1673
09fd0de5 1674 hci_dev_lock(hdev);
8962ee74
JH		 1675
1676 if (!test_bit(HCI_UP, &hdev->flags)) {
06a63b19
JH		 1677 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
1678 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
8962ee74
JH		 1679 goto failed;
1680 }
1681
2e58ef3e 1682 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
06a63b19
JH		 1683 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
1684 MGMT_STATUS_BUSY, &rp, sizeof(rp));
8962ee74
JH		 1685 goto failed;
1686 }
1687
591f47f3 1688 if (cp->addr.type == BDADDR_BREDR)
8fc9ced3
GP		 1689 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
1690 &cp->addr.bdaddr);
88c3df13
JH		 1691 else
1692 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr);
365227e5 1693
f960727e 1694 if (!conn || conn->state == BT_OPEN || conn->state == BT_CLOSED) {
06a63b19
JH		 1695 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
1696 MGMT_STATUS_NOT_CONNECTED, &rp, sizeof(rp));
8962ee74
JH		 1697 goto failed;
1698 }
1699
2e58ef3e 1700 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
366a0336
JH		 1701 if (!cmd) {
1702 err = -ENOMEM;
8962ee74 1703 goto failed;
366a0336 1704 }
8962ee74 1705
eb55ef07 1706 dc.handle = cpu_to_le16(conn->handle);
3701f944 1707 dc.reason = HCI_ERROR_REMOTE_USER_TERM;
8962ee74
JH		 1708
1709 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1710 if (err < 0)
a664b5bc 1711 mgmt_pending_remove(cmd);
8962ee74
JH		 1712
1713failed:
09fd0de5 1714 hci_dev_unlock(hdev);
8962ee74
JH		 1715 return err;
1716}
1717
57c1477c 1718static u8 link_to_bdaddr(u8 link_type, u8 addr_type)
4c659c39
JH		 1719{
1720 switch (link_type) {
1721 case LE_LINK:
48264f06
JH		 1722 switch (addr_type) {
1723 case ADDR_LE_DEV_PUBLIC:
591f47f3 1724 return BDADDR_LE_PUBLIC;
0ed09148 1725
48264f06 1726 default:
0ed09148 1727 /* Fallback to LE Random address type */
591f47f3 1728 return BDADDR_LE_RANDOM;
48264f06 1729 }
0ed09148 1730
4c659c39 1731 default:
0ed09148 1732 /* Fallback to BR/EDR type */
591f47f3 1733 return BDADDR_BREDR;
4c659c39
JH		 1734 }
1735}
1736
04124681
GP		 1737static int get_connections(struct sock *sk, struct hci_dev *hdev, void *data,
1738 u16 data_len)
2784eb41 1739{
2784eb41 1740 struct mgmt_rp_get_connections *rp;
8035ded4 1741 struct hci_conn *c;
a38528f1 1742 size_t rp_len;
60fc5fb6
JH		 1743 int err;
1744 u16 i;
2784eb41
JH		 1745
1746 BT_DBG("");
1747
09fd0de5 1748 hci_dev_lock(hdev);
2784eb41 1749
5f97c1df 1750 if (!hdev_is_powered(hdev)) {
bdb6d971 1751 err = cmd_status(sk, hdev->id, MGMT_OP_GET_CONNECTIONS,
04124681 1752 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1753 goto unlock;
1754 }
1755
60fc5fb6 1756 i = 0;
b644ba33
JH		 1757 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1758 if (test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
60fc5fb6 1759 i++;
2784eb41
JH		 1760 }
1761
60fc5fb6 1762 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
92c4c204 1763 rp = kmalloc(rp_len, GFP_KERNEL);
a38528f1 1764 if (!rp) {
2784eb41
JH		 1765 err = -ENOMEM;
1766 goto unlock;
1767 }
1768
2784eb41 1769 i = 0;
4c659c39 1770 list_for_each_entry(c, &hdev->conn_hash.list, list) {
b644ba33
JH		 1771 if (!test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
1772 continue;
4c659c39 1773 bacpy(&rp->addr[i].bdaddr, &c->dst);
57c1477c 1774 rp->addr[i].type = link_to_bdaddr(c->type, c->dst_type);
0ed09148 1775 if (c->type == SCO_LINK || c->type == ESCO_LINK)
4c659c39
JH		 1776 continue;
1777 i++;
1778 }
1779
eb55ef07 1780 rp->conn_count = cpu_to_le16(i);
60fc5fb6 1781
4c659c39
JH		 1782 /* Recalculate length in case of filtered SCO connections, etc */
1783 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
2784eb41 1784
bdb6d971 1785 err = cmd_complete(sk, hdev->id, MGMT_OP_GET_CONNECTIONS, 0, rp,
04124681 1786 rp_len);
2784eb41 1787
a38528f1 1788 kfree(rp);
5f97c1df
JH		 1789
1790unlock:
09fd0de5 1791 hci_dev_unlock(hdev);
2784eb41
JH		 1792 return err;
1793}
1794
bdb6d971 1795static int send_pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 1796 struct mgmt_cp_pin_code_neg_reply *cp)
96d97a67
WR		 1797{
1798 struct pending_cmd *cmd;
1799 int err;
1800
2e58ef3e 1801 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
04124681 1802 sizeof(*cp));
96d97a67
WR		 1803 if (!cmd)
1804 return -ENOMEM;
1805
d8457698 1806 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
04124681 1807 sizeof(cp->addr.bdaddr), &cp->addr.bdaddr);
96d97a67
WR		 1808 if (err < 0)
1809 mgmt_pending_remove(cmd);
1810
1811 return err;
1812}
1813
bdb6d971 1814static int pin_code_reply(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1815 u16 len)
980e1a53 1816{
96d97a67 1817 struct hci_conn *conn;
650f726d 1818 struct mgmt_cp_pin_code_reply *cp = data;
980e1a53 1819 struct hci_cp_pin_code_reply reply;
366a0336 1820 struct pending_cmd *cmd;
980e1a53
JH		 1821 int err;
1822
1823 BT_DBG("");
1824
09fd0de5 1825 hci_dev_lock(hdev);
980e1a53 1826
4b34ee78 1827 if (!hdev_is_powered(hdev)) {
bdb6d971 1828 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1829 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1830 goto failed;
1831 }
1832
d8457698 1833 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
96d97a67 1834 if (!conn) {
bdb6d971 1835 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1836 MGMT_STATUS_NOT_CONNECTED);
96d97a67
WR		 1837 goto failed;
1838 }
1839
1840 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
d8457698
JH		 1841 struct mgmt_cp_pin_code_neg_reply ncp;
1842
1843 memcpy(&ncp.addr, &cp->addr, sizeof(ncp.addr));
96d97a67
WR		 1844
1845 BT_ERR("PIN code is not 16 bytes long");
1846
bdb6d971 1847 err = send_pin_code_neg_reply(sk, hdev, &ncp);
96d97a67 1848 if (err >= 0)
bdb6d971 1849 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1850 MGMT_STATUS_INVALID_PARAMS);
96d97a67
WR		 1851
1852 goto failed;
1853 }
1854
00abfe44 1855 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
366a0336
JH		 1856 if (!cmd) {
1857 err = -ENOMEM;
980e1a53 1858 goto failed;
366a0336 1859 }
980e1a53 1860
d8457698 1861 bacpy(&reply.bdaddr, &cp->addr.bdaddr);
980e1a53 1862 reply.pin_len = cp->pin_len;
24718ca5 1863 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 1864
1865 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1866 if (err < 0)
a664b5bc 1867 mgmt_pending_remove(cmd);
980e1a53
JH		 1868
1869failed:
09fd0de5 1870 hci_dev_unlock(hdev);
980e1a53
JH		 1871 return err;
1872}
1873
04124681
GP		 1874static int set_io_capability(struct sock *sk, struct hci_dev *hdev, void *data,
1875 u16 len)
17fa4b9d 1876{
650f726d 1877 struct mgmt_cp_set_io_capability *cp = data;
17fa4b9d
JH		 1878
1879 BT_DBG("");
1880
09fd0de5 1881 hci_dev_lock(hdev);
17fa4b9d
JH		 1882
1883 hdev->io_capability = cp->io_capability;
1884
1885 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
8ce8e2b5 1886 hdev->io_capability);
17fa4b9d 1887
09fd0de5 1888 hci_dev_unlock(hdev);
17fa4b9d 1889
04124681
GP		 1890 return cmd_complete(sk, hdev->id, MGMT_OP_SET_IO_CAPABILITY, 0, NULL,
1891 0);
17fa4b9d
JH		 1892}
1893
6039aa73 1894static struct pending_cmd *find_pairing(struct hci_conn *conn)
e9a416b5
JH		 1895{
1896 struct hci_dev *hdev = conn->hdev;
8035ded4 1897 struct pending_cmd *cmd;
e9a416b5 1898
2e58ef3e 1899 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
e9a416b5
JH		 1900 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1901 continue;
1902
e9a416b5
JH		 1903 if (cmd->user_data != conn)
1904 continue;
1905
1906 return cmd;
1907 }
1908
1909 return NULL;
1910}
1911
1912static void pairing_complete(struct pending_cmd *cmd, u8 status)
1913{
1914 struct mgmt_rp_pair_device rp;
1915 struct hci_conn *conn = cmd->user_data;
1916
ba4e564f 1917 bacpy(&rp.addr.bdaddr, &conn->dst);
57c1477c 1918 rp.addr.type = link_to_bdaddr(conn->type, conn->dst_type);
e9a416b5 1919
aee9b218 1920 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, status,
04124681 1921 &rp, sizeof(rp));
e9a416b5
JH		 1922
1923 /* So we don't get further callbacks for this connection */
1924 conn->connect_cfm_cb = NULL;
1925 conn->security_cfm_cb = NULL;
1926 conn->disconn_cfm_cb = NULL;
1927
1928 hci_conn_put(conn);
1929
a664b5bc 1930 mgmt_pending_remove(cmd);
e9a416b5
JH		 1931}
1932
1933static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1934{
1935 struct pending_cmd *cmd;
1936
1937 BT_DBG("status %u", status);
1938
1939 cmd = find_pairing(conn);
56e5cb86 1940 if (!cmd)
e9a416b5 1941 BT_DBG("Unable to find a pending command");
56e5cb86 1942 else
e211326c 1943 pairing_complete(cmd, mgmt_status(status));
e9a416b5
JH		 1944}
1945
4c47d739
VA		 1946static void le_connect_complete_cb(struct hci_conn *conn, u8 status)
1947{
1948 struct pending_cmd *cmd;
1949
1950 BT_DBG("status %u", status);
1951
1952 if (!status)
1953 return;
1954
1955 cmd = find_pairing(conn);
1956 if (!cmd)
1957 BT_DBG("Unable to find a pending command");
1958 else
1959 pairing_complete(cmd, mgmt_status(status));
1960}
1961
bdb6d971 1962static int pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1963 u16 len)
e9a416b5 1964{
650f726d 1965 struct mgmt_cp_pair_device *cp = data;
1425acb7 1966 struct mgmt_rp_pair_device rp;
e9a416b5
JH		 1967 struct pending_cmd *cmd;
1968 u8 sec_level, auth_type;
1969 struct hci_conn *conn;
e9a416b5
JH		 1970 int err;
1971
1972 BT_DBG("");
1973
f950a30e
SJ		 1974 memset(&rp, 0, sizeof(rp));
1975 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1976 rp.addr.type = cp->addr.type;
1977
4ee71b20
JH		 1978 if (!bdaddr_type_is_valid(cp->addr.type))
1979 return cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
1980 MGMT_STATUS_INVALID_PARAMS,
1981 &rp, sizeof(rp));
1982
09fd0de5 1983 hci_dev_lock(hdev);
e9a416b5 1984
5f97c1df 1985 if (!hdev_is_powered(hdev)) {
f950a30e
SJ		 1986 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
1987 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
5f97c1df
JH		 1988 goto unlock;
1989 }
1990
c908df36
VCG		 1991 sec_level = BT_SECURITY_MEDIUM;
1992 if (cp->io_cap == 0x03)
e9a416b5 1993 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 1994 else
e9a416b5 1995 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 1996
591f47f3 1997 if (cp->addr.type == BDADDR_BREDR)
b12f62cf
AG		 1998 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr,
1999 cp->addr.type, sec_level, auth_type);
7a512d01 2000 else
b12f62cf
AG		 2001 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr,
2002 cp->addr.type, sec_level, auth_type);
7a512d01 2003
30e76272 2004 if (IS_ERR(conn)) {
489dc48e
AK		 2005 int status;
2006
2007 if (PTR_ERR(conn) == -EBUSY)
2008 status = MGMT_STATUS_BUSY;
2009 else
2010 status = MGMT_STATUS_CONNECT_FAILED;
2011
bdb6d971 2012 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
489dc48e 2013 status, &rp,
04124681 2014 sizeof(rp));
e9a416b5
JH		 2015 goto unlock;
2016 }
2017
2018 if (conn->connect_cfm_cb) {
2019 hci_conn_put(conn);
bdb6d971 2020 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 2021 MGMT_STATUS_BUSY, &rp, sizeof(rp));
e9a416b5
JH		 2022 goto unlock;
2023 }
2024
2e58ef3e 2025 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
e9a416b5
JH		 2026 if (!cmd) {
2027 err = -ENOMEM;
2028 hci_conn_put(conn);
2029 goto unlock;
2030 }
2031
7a512d01 2032 /* For LE, just connecting isn't a proof that the pairing finished */
591f47f3 2033 if (cp->addr.type == BDADDR_BREDR)
7a512d01 2034 conn->connect_cfm_cb = pairing_complete_cb;
4c47d739
VA		 2035 else
2036 conn->connect_cfm_cb = le_connect_complete_cb;
7a512d01 2037
e9a416b5
JH		 2038 conn->security_cfm_cb = pairing_complete_cb;
2039 conn->disconn_cfm_cb = pairing_complete_cb;
2040 conn->io_capability = cp->io_cap;
2041 cmd->user_data = conn;
2042
2043 if (conn->state == BT_CONNECTED &&
8ce8e2b5 2044 hci_conn_security(conn, sec_level, auth_type))
e9a416b5
JH		 2045 pairing_complete(cmd, 0);
2046
2047 err = 0;
2048
2049unlock:
09fd0de5 2050 hci_dev_unlock(hdev);
e9a416b5
JH		 2051 return err;
2052}
2053
04124681
GP		 2054static int cancel_pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
2055 u16 len)
28424707 2056{
0f4e68cf 2057 struct mgmt_addr_info *addr = data;
28424707
JH		 2058 struct pending_cmd *cmd;
2059 struct hci_conn *conn;
2060 int err;
2061
2062 BT_DBG("");
2063
28424707
JH		 2064 hci_dev_lock(hdev);
2065
5f97c1df 2066 if (!hdev_is_powered(hdev)) {
bdb6d971 2067 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2068 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 2069 goto unlock;
2070 }
2071
28424707
JH		 2072 cmd = mgmt_pending_find(MGMT_OP_PAIR_DEVICE, hdev);
2073 if (!cmd) {
bdb6d971 2074 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2075 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2076 goto unlock;
2077 }
2078
2079 conn = cmd->user_data;
2080
2081 if (bacmp(&addr->bdaddr, &conn->dst) != 0) {
bdb6d971 2082 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2083 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2084 goto unlock;
2085 }
2086
2087 pairing_complete(cmd, MGMT_STATUS_CANCELLED);
2088
bdb6d971 2089 err = cmd_complete(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE, 0,
04124681 2090 addr, sizeof(*addr));
28424707
JH		 2091unlock:
2092 hci_dev_unlock(hdev);
28424707
JH		 2093 return err;
2094}
2095
bdb6d971 2096static int user_pairing_resp(struct sock *sk, struct hci_dev *hdev,
04124681
GP		 2097 bdaddr_t *bdaddr, u8 type, u16 mgmt_op,
2098 u16 hci_op, __le32 passkey)
a5c29683 2099{
a5c29683 2100 struct pending_cmd *cmd;
0df4c185 2101 struct hci_conn *conn;
a5c29683
JH		 2102 int err;
2103
09fd0de5 2104 hci_dev_lock(hdev);
08ba5382 2105
4b34ee78 2106 if (!hdev_is_powered(hdev)) {
bdb6d971 2107 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2108 MGMT_STATUS_NOT_POWERED);
0df4c185 2109 goto done;
a5c29683
JH		 2110 }
2111
591f47f3 2112 if (type == BDADDR_BREDR)
272d90df
JH		 2113 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, bdaddr);
2114 else
47c15e2b 2115 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, bdaddr);
272d90df
JH		 2116
2117 if (!conn) {
bdb6d971 2118 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2119 MGMT_STATUS_NOT_CONNECTED);
272d90df
JH		 2120 goto done;
2121 }
47c15e2b 2122
591f47f3 2123 if (type == BDADDR_LE_PUBLIC || type == BDADDR_LE_RANDOM) {
47c15e2b 2124 /* Continue with pairing via SMP */
5fe57d9e
BG		 2125 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
2126
2127 if (!err)
bdb6d971 2128 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2129 MGMT_STATUS_SUCCESS);
5fe57d9e 2130 else
bdb6d971 2131 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2132 MGMT_STATUS_FAILED);
47c15e2b 2133
47c15e2b
BG		 2134 goto done;
2135 }
2136
0df4c185 2137 cmd = mgmt_pending_add(sk, mgmt_op, hdev, bdaddr, sizeof(*bdaddr));
a5c29683
JH		 2138 if (!cmd) {
2139 err = -ENOMEM;
0df4c185 2140 goto done;
a5c29683
JH		 2141 }
2142
0df4c185 2143 /* Continue with pairing via HCI */
604086b7
BG		 2144 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
2145 struct hci_cp_user_passkey_reply cp;
2146
2147 bacpy(&cp.bdaddr, bdaddr);
2148 cp.passkey = passkey;
2149 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
2150 } else
2151 err = hci_send_cmd(hdev, hci_op, sizeof(*bdaddr), bdaddr);
2152
a664b5bc
JH		 2153 if (err < 0)
2154 mgmt_pending_remove(cmd);
a5c29683 2155
0df4c185 2156done:
09fd0de5 2157 hci_dev_unlock(hdev);
a5c29683
JH		 2158 return err;
2159}
2160
afeb019d
JK		 2161static int pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
2162 void *data, u16 len)
2163{
2164 struct mgmt_cp_pin_code_neg_reply *cp = data;
2165
2166 BT_DBG("");
2167
2168 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
2169 MGMT_OP_PIN_CODE_NEG_REPLY,
2170 HCI_OP_PIN_CODE_NEG_REPLY, 0);
2171}
2172
04124681
GP		 2173static int user_confirm_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2174 u16 len)
0df4c185 2175{
650f726d 2176 struct mgmt_cp_user_confirm_reply *cp = data;
0df4c185
BG		 2177
2178 BT_DBG("");
2179
2180 if (len != sizeof(*cp))
bdb6d971 2181 return cmd_status(sk, hdev->id, MGMT_OP_USER_CONFIRM_REPLY,
04124681 2182 MGMT_STATUS_INVALID_PARAMS);
0df4c185 2183
bdb6d971 2184 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2185 MGMT_OP_USER_CONFIRM_REPLY,
2186 HCI_OP_USER_CONFIRM_REPLY, 0);
0df4c185
BG		 2187}
2188
bdb6d971 2189static int user_confirm_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2190 void *data, u16 len)
0df4c185 2191{
c9c2659f 2192 struct mgmt_cp_user_confirm_neg_reply *cp = data;
0df4c185
BG		 2193
2194 BT_DBG("");
2195
bdb6d971 2196 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2197 MGMT_OP_USER_CONFIRM_NEG_REPLY,
2198 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
0df4c185
BG		 2199}
2200
04124681
GP		 2201static int user_passkey_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2202 u16 len)
604086b7 2203{
650f726d 2204 struct mgmt_cp_user_passkey_reply *cp = data;
604086b7
BG		 2205
2206 BT_DBG("");
2207
bdb6d971 2208 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2209 MGMT_OP_USER_PASSKEY_REPLY,
2210 HCI_OP_USER_PASSKEY_REPLY, cp->passkey);
604086b7
BG		 2211}
2212
bdb6d971 2213static int user_passkey_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2214 void *data, u16 len)
604086b7 2215{
650f726d 2216 struct mgmt_cp_user_passkey_neg_reply *cp = data;
604086b7
BG		 2217
2218 BT_DBG("");
2219
bdb6d971 2220 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2221 MGMT_OP_USER_PASSKEY_NEG_REPLY,
2222 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
604086b7
BG		 2223}
2224
2b4bf397
JH		 2225static int update_name(struct hci_dev *hdev, const char *name)
2226{
2227 struct hci_cp_write_local_name cp;
2228
2229 memcpy(cp.name, name, sizeof(cp.name));
2230
2231 return hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(cp), &cp);
2232}
2233
bdb6d971 2234static int set_local_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2235 u16 len)
b312b161 2236{
2b4bf397 2237 struct mgmt_cp_set_local_name *cp = data;
b312b161
JH		 2238 struct pending_cmd *cmd;
2239 int err;
2240
2241 BT_DBG("");
2242
09fd0de5 2243 hci_dev_lock(hdev);
b312b161 2244
2b4bf397 2245 memcpy(hdev->short_name, cp->short_name, sizeof(hdev->short_name));
28cc7bde 2246
b5235a65 2247 if (!hdev_is_powered(hdev)) {
2b4bf397 2248 memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name));
28cc7bde
JH		 2249
2250 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
04124681 2251 data, len);
28cc7bde
JH		 2252 if (err < 0)
2253 goto failed;
2254
2255 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, data, len,
04124681 2256 sk);
28cc7bde 2257
b5235a65
JH		 2258 goto failed;
2259 }
2260
28cc7bde 2261 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
b312b161
JH		 2262 if (!cmd) {
2263 err = -ENOMEM;
2264 goto failed;
2265 }
2266
2b4bf397 2267 err = update_name(hdev, cp->name);
b312b161
JH		 2268 if (err < 0)
2269 mgmt_pending_remove(cmd);
2270
2271failed:
09fd0de5 2272 hci_dev_unlock(hdev);
b312b161
JH		 2273 return err;
2274}
2275
0f4e68cf 2276static int read_local_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2277 void *data, u16 data_len)
c35938b2 2278{
c35938b2
SJ		 2279 struct pending_cmd *cmd;
2280 int err;
2281
bdb6d971 2282 BT_DBG("%s", hdev->name);
c35938b2 2283
09fd0de5 2284 hci_dev_lock(hdev);
c35938b2 2285
4b34ee78 2286 if (!hdev_is_powered(hdev)) {
bdb6d971 2287 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2288 MGMT_STATUS_NOT_POWERED);
c35938b2
SJ		 2289 goto unlock;
2290 }
2291
9a1a1996 2292 if (!lmp_ssp_capable(hdev)) {
bdb6d971 2293 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2294 MGMT_STATUS_NOT_SUPPORTED);
c35938b2
SJ		 2295 goto unlock;
2296 }
2297
2e58ef3e 2298 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
bdb6d971 2299 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2300 MGMT_STATUS_BUSY);
c35938b2
SJ		 2301 goto unlock;
2302 }
2303
2e58ef3e 2304 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
c35938b2
SJ		 2305 if (!cmd) {
2306 err = -ENOMEM;
2307 goto unlock;
2308 }
2309
2310 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
2311 if (err < 0)
2312 mgmt_pending_remove(cmd);
2313
2314unlock:
09fd0de5 2315 hci_dev_unlock(hdev);
c35938b2
SJ		 2316 return err;
2317}
2318
bdb6d971 2319static int add_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2320 void *data, u16 len)
2763eda6 2321{
650f726d 2322 struct mgmt_cp_add_remote_oob_data *cp = data;
bf1e3541 2323 u8 status;
2763eda6
SJ		 2324 int err;
2325
bdb6d971 2326 BT_DBG("%s ", hdev->name);
2763eda6 2327
09fd0de5 2328 hci_dev_lock(hdev);
2763eda6 2329
664ce4cc 2330 err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, cp->hash,
04124681 2331 cp->randomizer);
2763eda6 2332 if (err < 0)
bf1e3541 2333 status = MGMT_STATUS_FAILED;
2763eda6 2334 else
a6785be2 2335 status = MGMT_STATUS_SUCCESS;
bf1e3541 2336
bdb6d971 2337 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA, status,
04124681 2338 &cp->addr, sizeof(cp->addr));
2763eda6 2339
09fd0de5 2340 hci_dev_unlock(hdev);
2763eda6
SJ		 2341 return err;
2342}
2343
bdb6d971 2344static int remove_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
8ce8e2b5 2345 void *data, u16 len)
2763eda6 2346{
650f726d 2347 struct mgmt_cp_remove_remote_oob_data *cp = data;
bf1e3541 2348 u8 status;
2763eda6
SJ		 2349 int err;
2350
bdb6d971 2351 BT_DBG("%s", hdev->name);
2763eda6 2352
09fd0de5 2353 hci_dev_lock(hdev);
2763eda6 2354
664ce4cc 2355 err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr);
2763eda6 2356 if (err < 0)
bf1e3541 2357 status = MGMT_STATUS_INVALID_PARAMS;
2763eda6 2358 else
a6785be2 2359 status = MGMT_STATUS_SUCCESS;
bf1e3541 2360
bdb6d971 2361 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
04124681 2362 status, &cp->addr, sizeof(cp->addr));
2763eda6 2363
09fd0de5 2364 hci_dev_unlock(hdev);
2763eda6
SJ		 2365 return err;
2366}
2367
5e0452c0
AG		 2368int mgmt_interleaved_discovery(struct hci_dev *hdev)
2369{
2370 int err;
2371
2372 BT_DBG("%s", hdev->name);
2373
2374 hci_dev_lock(hdev);
2375
2376 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR_LE);
2377 if (err < 0)
2378 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2379
2380 hci_dev_unlock(hdev);
2381
2382 return err;
2383}
2384
bdb6d971 2385static int start_discovery(struct sock *sk, struct hci_dev *hdev,
04124681 2386 void *data, u16 len)
14a53664 2387{
650f726d 2388 struct mgmt_cp_start_discovery *cp = data;
14a53664 2389 struct pending_cmd *cmd;
14a53664
JH		 2390 int err;
2391
bdb6d971 2392 BT_DBG("%s", hdev->name);
14a53664 2393
09fd0de5 2394 hci_dev_lock(hdev);
14a53664 2395
4b34ee78 2396 if (!hdev_is_powered(hdev)) {
bdb6d971 2397 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2398 MGMT_STATUS_NOT_POWERED);
bd2d1334
JH		 2399 goto failed;
2400 }
2401
642be6c7
AG		 2402 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags)) {
2403 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2404 MGMT_STATUS_BUSY);
2405 goto failed;
2406 }
2407
ff9ef578 2408 if (hdev->discovery.state != DISCOVERY_STOPPED) {
bdb6d971 2409 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2410 MGMT_STATUS_BUSY);
ff9ef578
JH		 2411 goto failed;
2412 }
2413
2e58ef3e 2414 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2415 if (!cmd) {
2416 err = -ENOMEM;
2417 goto failed;
2418 }
2419
4aab14e5
AG		 2420 hdev->discovery.type = cp->type;
2421
2422 switch (hdev->discovery.type) {
f39799f5 2423 case DISCOV_TYPE_BREDR:
04106755
JH		 2424 if (!lmp_bredr_capable(hdev)) {
2425 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2426 MGMT_STATUS_NOT_SUPPORTED);
2427 mgmt_pending_remove(cmd);
2428 goto failed;
2429 }
2430
2431 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
f39799f5
AG		 2432 break;
2433
2434 case DISCOV_TYPE_LE:
04106755
JH		 2435 if (!lmp_host_le_capable(hdev)) {
2436 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2437 MGMT_STATUS_NOT_SUPPORTED);
2438 mgmt_pending_remove(cmd);
2439 goto failed;
2440 }
2441
2442 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
2443 LE_SCAN_WIN, LE_SCAN_TIMEOUT_LE_ONLY);
f39799f5
AG		 2444 break;
2445
5e0452c0 2446 case DISCOV_TYPE_INTERLEAVED:
04106755
JH		 2447 if (!lmp_host_le_capable(hdev) || !lmp_bredr_capable(hdev)) {
2448 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2449 MGMT_STATUS_NOT_SUPPORTED);
2450 mgmt_pending_remove(cmd);
2451 goto failed;
2452 }
2453
2454 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT, LE_SCAN_WIN,
2455 LE_SCAN_TIMEOUT_BREDR_LE);
5e0452c0
AG		 2456 break;
2457
f39799f5 2458 default:
04106755
JH		 2459 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2460 MGMT_STATUS_INVALID_PARAMS);
2461 mgmt_pending_remove(cmd);
2462 goto failed;
f39799f5 2463 }
3fd24153 2464
14a53664
JH		 2465 if (err < 0)
2466 mgmt_pending_remove(cmd);
ff9ef578
JH		 2467 else
2468 hci_discovery_set_state(hdev, DISCOVERY_STARTING);
14a53664
JH		 2469
2470failed:
09fd0de5 2471 hci_dev_unlock(hdev);
14a53664
JH		 2472 return err;
2473}
2474
bdb6d971 2475static int stop_discovery(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2476 u16 len)
14a53664 2477{
d930650b 2478 struct mgmt_cp_stop_discovery *mgmt_cp = data;
14a53664 2479 struct pending_cmd *cmd;
30dc78e1
JH		 2480 struct hci_cp_remote_name_req_cancel cp;
2481 struct inquiry_entry *e;
14a53664
JH		 2482 int err;
2483
bdb6d971 2484 BT_DBG("%s", hdev->name);
14a53664 2485
09fd0de5 2486 hci_dev_lock(hdev);
14a53664 2487
30dc78e1 2488 if (!hci_discovery_active(hdev)) {
bdb6d971 2489 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2490 MGMT_STATUS_REJECTED, &mgmt_cp->type,
2491 sizeof(mgmt_cp->type));
d930650b
JH		 2492 goto unlock;
2493 }
2494
2495 if (hdev->discovery.type != mgmt_cp->type) {
bdb6d971 2496 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2497 MGMT_STATUS_INVALID_PARAMS, &mgmt_cp->type,
2498 sizeof(mgmt_cp->type));
30dc78e1 2499 goto unlock;
ff9ef578
JH		 2500 }
2501
2e58ef3e 2502 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2503 if (!cmd) {
2504 err = -ENOMEM;
30dc78e1
JH		 2505 goto unlock;
2506 }
2507
e0d9727e
AG		 2508 switch (hdev->discovery.state) {
2509 case DISCOVERY_FINDING:
c9ecc48e
AG		 2510 if (test_bit(HCI_INQUIRY, &hdev->flags))
2511 err = hci_cancel_inquiry(hdev);
2512 else
2513 err = hci_cancel_le_scan(hdev);
2514
e0d9727e
AG		 2515 break;
2516
2517 case DISCOVERY_RESOLVING:
2518 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY,
8ce8e2b5 2519 NAME_PENDING);
e0d9727e 2520 if (!e) {
30dc78e1 2521 mgmt_pending_remove(cmd);
e0d9727e
AG		 2522 err = cmd_complete(sk, hdev->id,
2523 MGMT_OP_STOP_DISCOVERY, 0,
2524 &mgmt_cp->type,
2525 sizeof(mgmt_cp->type));
2526 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2527 goto unlock;
2528 }
30dc78e1 2529
e0d9727e
AG		 2530 bacpy(&cp.bdaddr, &e->data.bdaddr);
2531 err = hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ_CANCEL,
2532 sizeof(cp), &cp);
2533
2534 break;
2535
2536 default:
2537 BT_DBG("unknown discovery state %u", hdev->discovery.state);
2538 err = -EFAULT;
14a53664
JH		 2539 }
2540
14a53664
JH		 2541 if (err < 0)
2542 mgmt_pending_remove(cmd);
ff9ef578
JH		 2543 else
2544 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
14a53664 2545
30dc78e1 2546unlock:
09fd0de5 2547 hci_dev_unlock(hdev);
14a53664
JH		 2548 return err;
2549}
2550
bdb6d971 2551static int confirm_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2552 u16 len)
561aafbc 2553{
650f726d 2554 struct mgmt_cp_confirm_name *cp = data;
561aafbc 2555 struct inquiry_entry *e;
561aafbc
JH		 2556 int err;
2557
bdb6d971 2558 BT_DBG("%s", hdev->name);
561aafbc 2559
561aafbc
JH		 2560 hci_dev_lock(hdev);
2561
30dc78e1 2562 if (!hci_discovery_active(hdev)) {
bdb6d971 2563 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2564 MGMT_STATUS_FAILED);
30dc78e1
JH		 2565 goto failed;
2566 }
2567
a198e7b1 2568 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->addr.bdaddr);
561aafbc 2569 if (!e) {
bdb6d971 2570 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2571 MGMT_STATUS_INVALID_PARAMS);
561aafbc
JH		 2572 goto failed;
2573 }
2574
2575 if (cp->name_known) {
2576 e->name_state = NAME_KNOWN;
2577 list_del(&e->list);
2578 } else {
2579 e->name_state = NAME_NEEDED;
a3d4e20a 2580 hci_inquiry_cache_update_resolve(hdev, e);
561aafbc
JH		 2581 }
2582
e384662b
JH		 2583 err = cmd_complete(sk, hdev->id, MGMT_OP_CONFIRM_NAME, 0, &cp->addr,
2584 sizeof(cp->addr));
561aafbc
JH		 2585
2586failed:
2587 hci_dev_unlock(hdev);
561aafbc
JH		 2588 return err;
2589}
2590
bdb6d971 2591static int block_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2592 u16 len)
7fbec224 2593{
650f726d 2594 struct mgmt_cp_block_device *cp = data;
f0eeea8b 2595 u8 status;
7fbec224
AJ		 2596 int err;
2597
bdb6d971 2598 BT_DBG("%s", hdev->name);
7fbec224 2599
4ee71b20 2600 if (!bdaddr_type_is_valid(cp->addr.type))
5d0846d4
JH		 2601 return cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE,
2602 MGMT_STATUS_INVALID_PARAMS,
2603 &cp->addr, sizeof(cp->addr));
4ee71b20 2604
09fd0de5 2605 hci_dev_lock(hdev);
5e762444 2606
88c1fe4b 2607 err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2608 if (err < 0)
f0eeea8b 2609 status = MGMT_STATUS_FAILED;
7fbec224 2610 else
a6785be2 2611 status = MGMT_STATUS_SUCCESS;
f0eeea8b 2612
bdb6d971 2613 err = cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE, status,
04124681 2614 &cp->addr, sizeof(cp->addr));
5e762444 2615
09fd0de5 2616 hci_dev_unlock(hdev);
7fbec224
AJ		 2617
2618 return err;
2619}
2620
bdb6d971 2621static int unblock_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2622 u16 len)
7fbec224 2623{
650f726d 2624 struct mgmt_cp_unblock_device *cp = data;
f0eeea8b 2625 u8 status;
7fbec224
AJ		 2626 int err;
2627
bdb6d971 2628 BT_DBG("%s", hdev->name);
7fbec224 2629
4ee71b20 2630 if (!bdaddr_type_is_valid(cp->addr.type))
5d0846d4
JH		 2631 return cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE,
2632 MGMT_STATUS_INVALID_PARAMS,
2633 &cp->addr, sizeof(cp->addr));
4ee71b20 2634
09fd0de5 2635 hci_dev_lock(hdev);
5e762444 2636
88c1fe4b 2637 err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2638 if (err < 0)
f0eeea8b 2639 status = MGMT_STATUS_INVALID_PARAMS;
7fbec224 2640 else
a6785be2 2641 status = MGMT_STATUS_SUCCESS;
f0eeea8b 2642
bdb6d971 2643 err = cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE, status,
04124681 2644 &cp->addr, sizeof(cp->addr));
5e762444 2645
09fd0de5 2646 hci_dev_unlock(hdev);
7fbec224
AJ		 2647
2648 return err;
2649}
2650
cdbaccca
MH		 2651static int set_device_id(struct sock *sk, struct hci_dev *hdev, void *data,
2652 u16 len)
2653{
2654 struct mgmt_cp_set_device_id *cp = data;
2655 int err;
c72d4b8a 2656 __u16 source;
cdbaccca
MH		 2657
2658 BT_DBG("%s", hdev->name);
2659
c72d4b8a
SJ		 2660 source = __le16_to_cpu(cp->source);
2661
2662 if (source > 0x0002)
2663 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEVICE_ID,
2664 MGMT_STATUS_INVALID_PARAMS);
2665
cdbaccca
MH		 2666 hci_dev_lock(hdev);
2667
c72d4b8a 2668 hdev->devid_source = source;
cdbaccca
MH		 2669 hdev->devid_vendor = __le16_to_cpu(cp->vendor);
2670 hdev->devid_product = __le16_to_cpu(cp->product);
2671 hdev->devid_version = __le16_to_cpu(cp->version);
2672
2673 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEVICE_ID, 0, NULL, 0);
2674
2675 update_eir(hdev);
2676
2677 hci_dev_unlock(hdev);
2678
2679 return err;
2680}
2681
bdb6d971 2682static int set_fast_connectable(struct sock *sk, struct hci_dev *hdev,
04124681 2683 void *data, u16 len)
f6422ec6 2684{
650f726d 2685 struct mgmt_mode *cp = data;
f6422ec6
AJ		 2686 struct hci_cp_write_page_scan_activity acp;
2687 u8 type;
2688 int err;
2689
bdb6d971 2690 BT_DBG("%s", hdev->name);
f6422ec6 2691
33c525c0
JH		 2692 if (!lmp_bredr_capable(hdev))
2693 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
2694 MGMT_STATUS_NOT_SUPPORTED);
2695
a7e80f25
JH		 2696 if (cp->val != 0x00 && cp->val != 0x01)
2697 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
2698 MGMT_STATUS_INVALID_PARAMS);
2699
5400c044 2700 if (!hdev_is_powered(hdev))
bdb6d971 2701 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2702 MGMT_STATUS_NOT_POWERED);
5400c044
JH		 2703
2704 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
bdb6d971 2705 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2706 MGMT_STATUS_REJECTED);
f6422ec6
AJ		 2707
2708 hci_dev_lock(hdev);
2709
f7c6869c 2710 if (cp->val) {
f6422ec6 2711 type = PAGE_SCAN_TYPE_INTERLACED;
76ec9de8 2712
83ce9a06
JH		 2713 /* 160 msec page scan interval */
2714 acp.interval = __constant_cpu_to_le16(0x0100);
f6422ec6
AJ		 2715 } else {
2716 type = PAGE_SCAN_TYPE_STANDARD; /* default */
76ec9de8
AE		 2717
2718 /* default 1.28 sec page scan */
2719 acp.interval = __constant_cpu_to_le16(0x0800);
f6422ec6
AJ		 2720 }
2721
76ec9de8
AE		 2722 /* default 11.25 msec page scan window */
2723 acp.window = __constant_cpu_to_le16(0x0012);
f6422ec6 2724
04124681
GP		 2725 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY, sizeof(acp),
2726 &acp);
f6422ec6 2727 if (err < 0) {
bdb6d971 2728 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2729 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2730 goto done;
2731 }
2732
2733 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
2734 if (err < 0) {
bdb6d971 2735 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2736 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2737 goto done;
2738 }
2739
bdb6d971 2740 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE, 0,
04124681 2741 NULL, 0);
f6422ec6
AJ		 2742done:
2743 hci_dev_unlock(hdev);
f6422ec6
AJ		 2744 return err;
2745}
2746
3f706b72
JH		 2747static bool ltk_is_valid(struct mgmt_ltk_info *key)
2748{
44b20d33
JH		 2749 if (key->authenticated != 0x00 && key->authenticated != 0x01)
2750 return false;
3f706b72
JH		 2751 if (key->master != 0x00 && key->master != 0x01)
2752 return false;
4ee71b20
JH		 2753 if (!bdaddr_type_is_le(key->addr.type))
2754 return false;
3f706b72
JH		 2755 return true;
2756}
2757
bdb6d971 2758static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
04124681 2759 void *cp_data, u16 len)
346af67b 2760{
346af67b
VCG		 2761 struct mgmt_cp_load_long_term_keys *cp = cp_data;
2762 u16 key_count, expected_len;
715a5bf2 2763 int i, err;
346af67b 2764
1f350c87 2765 key_count = __le16_to_cpu(cp->key_count);
346af67b
VCG		 2766
2767 expected_len = sizeof(*cp) + key_count *
2768 sizeof(struct mgmt_ltk_info);
2769 if (expected_len != len) {
2770 BT_ERR("load_keys: expected %u bytes, got %u bytes",
8ce8e2b5 2771 len, expected_len);
bdb6d971 2772 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS,
e57e619f 2773 MGMT_STATUS_INVALID_PARAMS);
346af67b
VCG		 2774 }
2775
bdb6d971 2776 BT_DBG("%s key_count %u", hdev->name, key_count);
346af67b 2777
54ad6d8a
JH		 2778 for (i = 0; i < key_count; i++) {
2779 struct mgmt_ltk_info *key = &cp->keys[i];
2780
3f706b72 2781 if (!ltk_is_valid(key))
54ad6d8a
JH		 2782 return cmd_status(sk, hdev->id,
2783 MGMT_OP_LOAD_LONG_TERM_KEYS,
2784 MGMT_STATUS_INVALID_PARAMS);
2785 }
2786
346af67b
VCG		 2787 hci_dev_lock(hdev);
2788
2789 hci_smp_ltks_clear(hdev);
2790
2791 for (i = 0; i < key_count; i++) {
2792 struct mgmt_ltk_info *key = &cp->keys[i];
2793 u8 type;
2794
2795 if (key->master)
2796 type = HCI_SMP_LTK;
2797 else
2798 type = HCI_SMP_LTK_SLAVE;
2799
4596fde5 2800 hci_add_ltk(hdev, &key->addr.bdaddr,
378b5b7e 2801 bdaddr_to_le(key->addr.type),
04124681
GP		 2802 type, 0, key->authenticated, key->val,
2803 key->enc_size, key->ediv, key->rand);
346af67b
VCG		 2804 }
2805
715a5bf2
JH		 2806 err = cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS, 0,
2807 NULL, 0);
2808
346af67b 2809 hci_dev_unlock(hdev);
346af67b 2810
715a5bf2 2811 return err;
346af67b
VCG		 2812}
2813
2e3c35ea 2814static const struct mgmt_handler {
04124681
GP		 2815 int (*func) (struct sock *sk, struct hci_dev *hdev, void *data,
2816 u16 data_len);
be22b54e
JH		 2817 bool var_len;
2818 size_t data_len;
0f4e68cf
JH		 2819} mgmt_handlers[] = {
2820 { NULL }, /* 0x0000 (no command) */
be22b54e
JH		 2821 { read_version, false, MGMT_READ_VERSION_SIZE },
2822 { read_commands, false, MGMT_READ_COMMANDS_SIZE },
2823 { read_index_list, false, MGMT_READ_INDEX_LIST_SIZE },
2824 { read_controller_info, false, MGMT_READ_INFO_SIZE },
2825 { set_powered, false, MGMT_SETTING_SIZE },
2826 { set_discoverable, false, MGMT_SET_DISCOVERABLE_SIZE },
2827 { set_connectable, false, MGMT_SETTING_SIZE },
2828 { set_fast_connectable, false, MGMT_SETTING_SIZE },
2829 { set_pairable, false, MGMT_SETTING_SIZE },
2830 { set_link_security, false, MGMT_SETTING_SIZE },
2831 { set_ssp, false, MGMT_SETTING_SIZE },
2832 { set_hs, false, MGMT_SETTING_SIZE },
2833 { set_le, false, MGMT_SETTING_SIZE },
2834 { set_dev_class, false, MGMT_SET_DEV_CLASS_SIZE },
2835 { set_local_name, false, MGMT_SET_LOCAL_NAME_SIZE },
2836 { add_uuid, false, MGMT_ADD_UUID_SIZE },
2837 { remove_uuid, false, MGMT_REMOVE_UUID_SIZE },
2838 { load_link_keys, true, MGMT_LOAD_LINK_KEYS_SIZE },
2839 { load_long_term_keys, true, MGMT_LOAD_LONG_TERM_KEYS_SIZE },
2840 { disconnect, false, MGMT_DISCONNECT_SIZE },
2841 { get_connections, false, MGMT_GET_CONNECTIONS_SIZE },
2842 { pin_code_reply, false, MGMT_PIN_CODE_REPLY_SIZE },
2843 { pin_code_neg_reply, false, MGMT_PIN_CODE_NEG_REPLY_SIZE },
2844 { set_io_capability, false, MGMT_SET_IO_CAPABILITY_SIZE },
2845 { pair_device, false, MGMT_PAIR_DEVICE_SIZE },
2846 { cancel_pair_device, false, MGMT_CANCEL_PAIR_DEVICE_SIZE },
2847 { unpair_device, false, MGMT_UNPAIR_DEVICE_SIZE },
2848 { user_confirm_reply, false, MGMT_USER_CONFIRM_REPLY_SIZE },
2849 { user_confirm_neg_reply, false, MGMT_USER_CONFIRM_NEG_REPLY_SIZE },
2850 { user_passkey_reply, false, MGMT_USER_PASSKEY_REPLY_SIZE },
2851 { user_passkey_neg_reply, false, MGMT_USER_PASSKEY_NEG_REPLY_SIZE },
2852 { read_local_oob_data, false, MGMT_READ_LOCAL_OOB_DATA_SIZE },
2853 { add_remote_oob_data, false, MGMT_ADD_REMOTE_OOB_DATA_SIZE },
2854 { remove_remote_oob_data, false, MGMT_REMOVE_REMOTE_OOB_DATA_SIZE },
2855 { start_discovery, false, MGMT_START_DISCOVERY_SIZE },
2856 { stop_discovery, false, MGMT_STOP_DISCOVERY_SIZE },
2857 { confirm_name, false, MGMT_CONFIRM_NAME_SIZE },
2858 { block_device, false, MGMT_BLOCK_DEVICE_SIZE },
2859 { unblock_device, false, MGMT_UNBLOCK_DEVICE_SIZE },
cdbaccca 2860 { set_device_id, false, MGMT_SET_DEVICE_ID_SIZE },
0f4e68cf
JH		 2861};
2862
2863
0381101f
JH		 2864int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
2865{
650f726d
VCG		 2866 void *buf;
2867 u8 *cp;
0381101f 2868 struct mgmt_hdr *hdr;
4e51eae9 2869 u16 opcode, index, len;
bdb6d971 2870 struct hci_dev *hdev = NULL;
2e3c35ea 2871 const struct mgmt_handler *handler;
0381101f
JH		 2872 int err;
2873
2874 BT_DBG("got %zu bytes", msglen);
2875
2876 if (msglen < sizeof(*hdr))
2877 return -EINVAL;
2878
e63a15ec 2879 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 2880 if (!buf)
2881 return -ENOMEM;
2882
2883 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
2884 err = -EFAULT;
2885 goto done;
2886 }
2887
650f726d 2888 hdr = buf;
1f350c87
MH		 2889 opcode = __le16_to_cpu(hdr->opcode);
2890 index = __le16_to_cpu(hdr->index);
2891 len = __le16_to_cpu(hdr->len);
0381101f
JH		 2892
2893 if (len != msglen - sizeof(*hdr)) {
2894 err = -EINVAL;
2895 goto done;
2896 }
2897
0f4e68cf 2898 if (index != MGMT_INDEX_NONE) {
bdb6d971
JH		 2899 hdev = hci_dev_get(index);
2900 if (!hdev) {
2901 err = cmd_status(sk, index, opcode,
04124681 2902 MGMT_STATUS_INVALID_INDEX);
bdb6d971
JH		 2903 goto done;
2904 }
2905 }
2906
0f4e68cf 2907 if (opcode >= ARRAY_SIZE(mgmt_handlers) ||
8ce8e2b5 2908 mgmt_handlers[opcode].func == NULL) {
0381101f 2909 BT_DBG("Unknown op %u", opcode);
ca69b795 2910 err = cmd_status(sk, index, opcode,
04124681 2911 MGMT_STATUS_UNKNOWN_COMMAND);
0f4e68cf
JH		 2912 goto done;
2913 }
2914
2915 if ((hdev && opcode < MGMT_OP_READ_INFO) ||
8ce8e2b5 2916 (!hdev && opcode >= MGMT_OP_READ_INFO)) {
0f4e68cf 2917 err = cmd_status(sk, index, opcode,
04124681 2918 MGMT_STATUS_INVALID_INDEX);
0f4e68cf 2919 goto done;
0381101f
JH		 2920 }
2921
be22b54e
JH		 2922 handler = &mgmt_handlers[opcode];
2923
2924 if ((handler->var_len && len < handler->data_len) ||
8ce8e2b5 2925 (!handler->var_len && len != handler->data_len)) {
be22b54e 2926 err = cmd_status(sk, index, opcode,
04124681 2927 MGMT_STATUS_INVALID_PARAMS);
be22b54e
JH		 2928 goto done;
2929 }
2930
0f4e68cf
JH		 2931 if (hdev)
2932 mgmt_init_hdev(sk, hdev);
2933
2934 cp = buf + sizeof(*hdr);
2935
be22b54e 2936 err = handler->func(sk, hdev, cp, len);
e41d8b4e
JH		 2937 if (err < 0)
2938 goto done;
2939
0381101f
JH		 2940 err = msglen;
2941
2942done:
bdb6d971
JH		 2943 if (hdev)
2944 hci_dev_put(hdev);
2945
0381101f
JH		 2946 kfree(buf);
2947 return err;
2948}
c71e97bf 2949
b24752fe
JH		 2950static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
2951{
2952 u8 *status = data;
2953
2954 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
2955 mgmt_pending_remove(cmd);
2956}
2957
744cf19e 2958int mgmt_index_added(struct hci_dev *hdev)
c71e97bf 2959{
bb4b2a9a
AE		 2960 if (!mgmt_valid_hdev(hdev))
2961 return -ENOTSUPP;
2962
744cf19e 2963 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
c71e97bf
JH		 2964}
2965
744cf19e 2966int mgmt_index_removed(struct hci_dev *hdev)
c71e97bf 2967{
5f159032 2968 u8 status = MGMT_STATUS_INVALID_INDEX;
b24752fe 2969
bb4b2a9a
AE		 2970 if (!mgmt_valid_hdev(hdev))
2971 return -ENOTSUPP;
2972
744cf19e 2973 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe 2974
744cf19e 2975 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
eec8d2bc
JH		 2976}
2977
73f22f62 2978struct cmd_lookup {
eec8d2bc 2979 struct sock *sk;
69ab39ea 2980 struct hci_dev *hdev;
90e70454 2981 u8 mgmt_status;
eec8d2bc
JH		 2982};
2983
69ab39ea 2984static void settings_rsp(struct pending_cmd *cmd, void *data)
eec8d2bc 2985{
73f22f62 2986 struct cmd_lookup *match = data;
eec8d2bc 2987
69ab39ea 2988 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
eec8d2bc
JH		 2989
2990 list_del(&cmd->list);
2991
2992 if (match->sk == NULL) {
2993 match->sk = cmd->sk;
2994 sock_hold(match->sk);
2995 }
2996
2997 mgmt_pending_free(cmd);
c71e97bf 2998}
5add6af8 2999
7f0ae647
JH		 3000static int set_bredr_scan(struct hci_dev *hdev)
3001{
3002 u8 scan = 0;
3003
3004 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
3005 scan |= SCAN_PAGE;
3006 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
3007 scan |= SCAN_INQUIRY;
3008
3009 if (!scan)
3010 return 0;
3011
3012 return hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
3013}
3014
744cf19e 3015int mgmt_powered(struct hci_dev *hdev, u8 powered)
5add6af8 3016{
76a7f3a4 3017 struct cmd_lookup match = { NULL, hdev };
7bb895d6 3018 int err;
5add6af8 3019
5e5282bb
JH		 3020 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
3021 return 0;
3022
69ab39ea 3023 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
5add6af8 3024
5e5282bb 3025 if (powered) {
6b4b73ee
JH		 3026 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) &&
3027 !lmp_host_ssp_capable(hdev)) {
3d1cbdd6
AK		 3028 u8 ssp = 1;
3029
3030 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, 1, &ssp);
3031 }
3032
562fcc24
AK		 3033 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
3034 struct hci_cp_write_le_host_supported cp;
3035
3036 cp.le = 1;
ffa88e02 3037 cp.simul = lmp_le_br_capable(hdev);
562fcc24 3038
430a61b8
JH		 3039 /* Check first if we already have the right
3040 * host state (host features set)
3041 */
ffa88e02
GP		 3042 if (cp.le != lmp_host_le_capable(hdev) ||
3043 cp.simul != lmp_host_le_br_capable(hdev))
430a61b8
JH		 3044 hci_send_cmd(hdev,
3045 HCI_OP_WRITE_LE_HOST_SUPPORTED,
3046 sizeof(cp), &cp);
562fcc24
AK		 3047 }
3048
7f0ae647
JH		 3049 if (lmp_bredr_capable(hdev)) {
3050 set_bredr_scan(hdev);
3051 update_class(hdev);
3052 update_name(hdev, hdev->dev_name);
3053 update_eir(hdev);
3054 }
5e5282bb 3055 } else {
d4f68526 3056 u8 status = MGMT_STATUS_NOT_POWERED;
fe038884
JH		 3057 u8 zero_cod[] = { 0, 0, 0 };
3058
744cf19e 3059 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
fe038884
JH		 3060
3061 if (memcmp(hdev->dev_class, zero_cod, sizeof(zero_cod)) != 0)
3062 mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev,
3063 zero_cod, sizeof(zero_cod), NULL);
b24752fe
JH		 3064 }
3065
beadb2bd 3066 err = new_settings(hdev, match.sk);
eec8d2bc
JH		 3067
3068 if (match.sk)
3069 sock_put(match.sk);
3070
7bb895d6 3071 return err;
5add6af8 3072}
73f22f62 3073
744cf19e 3074int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
73f22f62 3075{
76a7f3a4 3076 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 3077 bool changed = false;
3078 int err = 0;
73f22f62 3079
5e5282bb
JH		 3080 if (discoverable) {
3081 if (!test_and_set_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
3082 changed = true;
3083 } else {
3084 if (test_and_clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
3085 changed = true;
3086 }
73f22f62 3087
ed9b5f2f 3088 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp,
04124681 3089 &match);
ed9b5f2f 3090
beadb2bd
JH		 3091 if (changed)
3092 err = new_settings(hdev, match.sk);
5e5282bb 3093
73f22f62
JH		 3094 if (match.sk)
3095 sock_put(match.sk);
3096
7bb895d6 3097 return err;
73f22f62 3098}
9fbcbb45 3099
744cf19e 3100int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
9fbcbb45 3101{
76a7f3a4 3102 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 3103 bool changed = false;
3104 int err = 0;
9fbcbb45 3105
5e5282bb
JH		 3106 if (connectable) {
3107 if (!test_and_set_bit(HCI_CONNECTABLE, &hdev->dev_flags))
3108 changed = true;
3109 } else {
3110 if (test_and_clear_bit(HCI_CONNECTABLE, &hdev->dev_flags))
3111 changed = true;
3112 }
9fbcbb45 3113
ed9b5f2f 3114 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, settings_rsp,
04124681 3115 &match);
ed9b5f2f 3116
beadb2bd
JH		 3117 if (changed)
3118 err = new_settings(hdev, match.sk);
9fbcbb45
JH		 3119
3120 if (match.sk)
3121 sock_put(match.sk);
3122
7bb895d6 3123 return err;
9fbcbb45 3124}
55ed8ca1 3125
744cf19e 3126int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2d7cee58 3127{
ca69b795
JH		 3128 u8 mgmt_err = mgmt_status(status);
3129
2d7cee58 3130 if (scan & SCAN_PAGE)
744cf19e 3131 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
04124681 3132 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 3133
3134 if (scan & SCAN_INQUIRY)
744cf19e 3135 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
04124681 3136 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 3137
3138 return 0;
3139}
3140
53168e5b
CC		 3141int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
3142 bool persistent)
55ed8ca1 3143{
86742e1e 3144 struct mgmt_ev_new_link_key ev;
55ed8ca1 3145
a492cd52 3146 memset(&ev, 0, sizeof(ev));
55ed8ca1 3147
a492cd52 3148 ev.store_hint = persistent;
d753fdc4 3149 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
591f47f3 3150 ev.key.addr.type = BDADDR_BREDR;
a492cd52 3151 ev.key.type = key->type;
9b3b4460 3152 memcpy(ev.key.val, key->val, HCI_LINK_KEY_SIZE);
a492cd52 3153 ev.key.pin_len = key->pin_len;
55ed8ca1 3154
744cf19e 3155 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
55ed8ca1 3156}
f7520543 3157
346af67b
VCG		 3158int mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key, u8 persistent)
3159{
3160 struct mgmt_ev_new_long_term_key ev;
3161
3162 memset(&ev, 0, sizeof(ev));
3163
3164 ev.store_hint = persistent;
3165 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
57c1477c 3166 ev.key.addr.type = link_to_bdaddr(LE_LINK, key->bdaddr_type);
346af67b
VCG		 3167 ev.key.authenticated = key->authenticated;
3168 ev.key.enc_size = key->enc_size;
3169 ev.key.ediv = key->ediv;
3170
3171 if (key->type == HCI_SMP_LTK)
3172 ev.key.master = 1;
3173
3174 memcpy(ev.key.rand, key->rand, sizeof(key->rand));
3175 memcpy(ev.key.val, key->val, sizeof(key->val));
3176
04124681
GP		 3177 return mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY, hdev, &ev, sizeof(ev),
3178 NULL);
346af67b
VCG		 3179}
3180
afc747a6 3181int mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 3182 u8 addr_type, u32 flags, u8 *name, u8 name_len,
3183 u8 *dev_class)
f7520543 3184{
b644ba33
JH		 3185 char buf[512];
3186 struct mgmt_ev_device_connected *ev = (void *) buf;
3187 u16 eir_len = 0;
f7520543 3188
b644ba33 3189 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3190 ev->addr.type = link_to_bdaddr(link_type, addr_type);
f7520543 3191
c95f0ba7 3192 ev->flags = __cpu_to_le32(flags);
08c79b61 3193
b644ba33
JH		 3194 if (name_len > 0)
3195 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE,
04124681 3196 name, name_len);
b644ba33
JH		 3197
3198 if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0)
53156385 3199 eir_len = eir_append_data(ev->eir, eir_len,
04124681 3200 EIR_CLASS_OF_DEV, dev_class, 3);
b644ba33 3201
eb55ef07 3202 ev->eir_len = cpu_to_le16(eir_len);
b644ba33
JH		 3203
3204 return mgmt_event(MGMT_EV_DEVICE_CONNECTED, hdev, buf,
04124681 3205 sizeof(*ev) + eir_len, NULL);
f7520543
JH		 3206}
3207
8962ee74
JH		 3208static void disconnect_rsp(struct pending_cmd *cmd, void *data)
3209{
c68fb7ff 3210 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 3211 struct sock **sk = data;
a38528f1 3212 struct mgmt_rp_disconnect rp;
8962ee74 3213
88c3df13
JH		 3214 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3215 rp.addr.type = cp->addr.type;
8962ee74 3216
aee9b218 3217 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, 0, &rp,
04124681 3218 sizeof(rp));
8962ee74
JH		 3219
3220 *sk = cmd->sk;
3221 sock_hold(*sk);
3222
a664b5bc 3223 mgmt_pending_remove(cmd);
8962ee74
JH		 3224}
3225
124f6e35 3226static void unpair_device_rsp(struct pending_cmd *cmd, void *data)
a8a1d19e 3227{
b1078ad0 3228 struct hci_dev *hdev = data;
124f6e35
JH		 3229 struct mgmt_cp_unpair_device *cp = cmd->param;
3230 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 3231
3232 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 3233 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3234 rp.addr.type = cp->addr.type;
a8a1d19e 3235
b1078ad0
JH		 3236 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, cmd->sk);
3237
aee9b218 3238 cmd_complete(cmd->sk, cmd->index, cmd->opcode, 0, &rp, sizeof(rp));
a8a1d19e
JH		 3239
3240 mgmt_pending_remove(cmd);
3241}
3242
afc747a6 3243int mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr,
f0d6a0ea 3244 u8 link_type, u8 addr_type, u8 reason)
f7520543 3245{
f0d6a0ea 3246 struct mgmt_ev_device_disconnected ev;
8962ee74
JH		 3247 struct sock *sk = NULL;
3248 int err;
3249
744cf19e 3250 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
f7520543 3251
f0d6a0ea
MA		 3252 bacpy(&ev.addr.bdaddr, bdaddr);
3253 ev.addr.type = link_to_bdaddr(link_type, addr_type);
3254 ev.reason = reason;
f7520543 3255
afc747a6 3256 err = mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev),
04124681 3257 sk);
8962ee74
JH		 3258
3259 if (sk)
d97dcb66 3260 sock_put(sk);
8962ee74 3261
124f6e35 3262 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
04124681 3263 hdev);
a8a1d19e 3264
8962ee74
JH		 3265 return err;
3266}
3267
88c3df13 3268int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3269 u8 link_type, u8 addr_type, u8 status)
8962ee74 3270{
88c3df13 3271 struct mgmt_rp_disconnect rp;
8962ee74
JH		 3272 struct pending_cmd *cmd;
3273 int err;
3274
36a75f1b
JD		 3275 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
3276 hdev);
3277
2e58ef3e 3278 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
8962ee74
JH		 3279 if (!cmd)
3280 return -ENOENT;
3281
88c3df13 3282 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 3283 rp.addr.type = link_to_bdaddr(link_type, addr_type);
37d9ef76 3284
88c3df13 3285 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
04124681 3286 mgmt_status(status), &rp, sizeof(rp));
8962ee74 3287
a664b5bc 3288 mgmt_pending_remove(cmd);
8962ee74
JH		 3289
3290 return err;
f7520543 3291}
17d5c04c 3292
48264f06 3293int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3294 u8 addr_type, u8 status)
17d5c04c
JH		 3295{
3296 struct mgmt_ev_connect_failed ev;
3297
4c659c39 3298 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3299 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 3300 ev.status = mgmt_status(status);
17d5c04c 3301
744cf19e 3302 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
17d5c04c 3303}
980e1a53 3304
744cf19e 3305int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 3306{
3307 struct mgmt_ev_pin_code_request ev;
3308
d8457698 3309 bacpy(&ev.addr.bdaddr, bdaddr);
591f47f3 3310 ev.addr.type = BDADDR_BREDR;
a770bb5a 3311 ev.secure = secure;
980e1a53 3312
744cf19e 3313 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
04124681 3314 NULL);
980e1a53
JH		 3315}
3316
744cf19e 3317int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3318 u8 status)
980e1a53
JH		 3319{
3320 struct pending_cmd *cmd;
ac56fb13 3321 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3322 int err;
3323
2e58ef3e 3324 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
980e1a53
JH		 3325 if (!cmd)
3326 return -ENOENT;
3327
d8457698 3328 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 3329 rp.addr.type = BDADDR_BREDR;
ac56fb13 3330
aee9b218 3331 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 3332 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3333
a664b5bc 3334 mgmt_pending_remove(cmd);
980e1a53
JH		 3335
3336 return err;
3337}
3338
744cf19e 3339int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3340 u8 status)
980e1a53
JH		 3341{
3342 struct pending_cmd *cmd;
ac56fb13 3343 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3344 int err;
3345
2e58ef3e 3346 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
980e1a53
JH		 3347 if (!cmd)
3348 return -ENOENT;
3349
d8457698 3350 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 3351 rp.addr.type = BDADDR_BREDR;
ac56fb13 3352
aee9b218 3353 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY,
04124681 3354 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3355
a664b5bc 3356 mgmt_pending_remove(cmd);
980e1a53
JH		 3357
3358 return err;
3359}
a5c29683 3360
744cf19e 3361int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681
GP		 3362 u8 link_type, u8 addr_type, __le32 value,
3363 u8 confirm_hint)
a5c29683
JH		 3364{
3365 struct mgmt_ev_user_confirm_request ev;
3366
744cf19e 3367 BT_DBG("%s", hdev->name);
a5c29683 3368
272d90df 3369 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3370 ev.addr.type = link_to_bdaddr(link_type, addr_type);
55bc1a37 3371 ev.confirm_hint = confirm_hint;
78e8098e 3372 ev.value = value;
a5c29683 3373
744cf19e 3374 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
04124681 3375 NULL);
a5c29683
JH		 3376}
3377
272d90df 3378int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5 3379 u8 link_type, u8 addr_type)
604086b7
BG		 3380{
3381 struct mgmt_ev_user_passkey_request ev;
3382
3383 BT_DBG("%s", hdev->name);
3384
272d90df 3385 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3386 ev.addr.type = link_to_bdaddr(link_type, addr_type);
604086b7
BG		 3387
3388 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
04124681 3389 NULL);
604086b7
BG		 3390}
3391
0df4c185 3392static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5
GP		 3393 u8 link_type, u8 addr_type, u8 status,
3394 u8 opcode)
a5c29683
JH		 3395{
3396 struct pending_cmd *cmd;
3397 struct mgmt_rp_user_confirm_reply rp;
3398 int err;
3399
2e58ef3e 3400 cmd = mgmt_pending_find(opcode, hdev);
a5c29683
JH		 3401 if (!cmd)
3402 return -ENOENT;
3403
272d90df 3404 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 3405 rp.addr.type = link_to_bdaddr(link_type, addr_type);
aee9b218 3406 err = cmd_complete(cmd->sk, hdev->id, opcode, mgmt_status(status),
04124681 3407 &rp, sizeof(rp));
a5c29683 3408
a664b5bc 3409 mgmt_pending_remove(cmd);
a5c29683
JH		 3410
3411 return err;
3412}
3413
744cf19e 3414int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3415 u8 link_type, u8 addr_type, u8 status)
a5c29683 3416{
272d90df 3417 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3418 status, MGMT_OP_USER_CONFIRM_REPLY);
a5c29683
JH		 3419}
3420
272d90df 3421int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3422 u8 link_type, u8 addr_type, u8 status)
a5c29683 3423{
272d90df 3424 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 3425 status,
3426 MGMT_OP_USER_CONFIRM_NEG_REPLY);
a5c29683 3427}
2a611692 3428
604086b7 3429int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3430 u8 link_type, u8 addr_type, u8 status)
604086b7 3431{
272d90df 3432 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3433 status, MGMT_OP_USER_PASSKEY_REPLY);
604086b7
BG		 3434}
3435
272d90df 3436int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3437 u8 link_type, u8 addr_type, u8 status)
604086b7 3438{
272d90df 3439 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 3440 status,
3441 MGMT_OP_USER_PASSKEY_NEG_REPLY);
604086b7
BG		 3442}
3443
92a25256
JH		 3444int mgmt_user_passkey_notify(struct hci_dev *hdev, bdaddr_t *bdaddr,
3445 u8 link_type, u8 addr_type, u32 passkey,
3446 u8 entered)
3447{
3448 struct mgmt_ev_passkey_notify ev;
3449
3450 BT_DBG("%s", hdev->name);
3451
3452 bacpy(&ev.addr.bdaddr, bdaddr);
3453 ev.addr.type = link_to_bdaddr(link_type, addr_type);
3454 ev.passkey = __cpu_to_le32(passkey);
3455 ev.entered = entered;
3456
3457 return mgmt_event(MGMT_EV_PASSKEY_NOTIFY, hdev, &ev, sizeof(ev), NULL);
3458}
3459
bab73cb6 3460int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3461 u8 addr_type, u8 status)
2a611692
JH		 3462{
3463 struct mgmt_ev_auth_failed ev;
3464
bab73cb6 3465 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3466 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 3467 ev.status = mgmt_status(status);
2a611692 3468
744cf19e 3469 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2a611692 3470}
b312b161 3471
33ef95ed
JH		 3472int mgmt_auth_enable_complete(struct hci_dev *hdev, u8 status)
3473{
3474 struct cmd_lookup match = { NULL, hdev };
47990ea0
JH		 3475 bool changed = false;
3476 int err = 0;
33ef95ed
JH		 3477
3478 if (status) {
3479 u8 mgmt_err = mgmt_status(status);
3480 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev,
04124681 3481 cmd_status_rsp, &mgmt_err);
33ef95ed
JH		 3482 return 0;
3483 }
3484
47990ea0
JH		 3485 if (test_bit(HCI_AUTH, &hdev->flags)) {
3486 if (!test_and_set_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3487 changed = true;
3488 } else {
3489 if (test_and_clear_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3490 changed = true;
3491 }
3492
33ef95ed 3493 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev, settings_rsp,
04124681 3494 &match);
33ef95ed 3495
47990ea0
JH		 3496 if (changed)
3497 err = new_settings(hdev, match.sk);
33ef95ed
JH		 3498
3499 if (match.sk)
3500 sock_put(match.sk);
3501
3502 return err;
3503}
3504
cacaf52f
JH		 3505static int clear_eir(struct hci_dev *hdev)
3506{
3507 struct hci_cp_write_eir cp;
3508
976eb20e 3509 if (!lmp_ext_inq_capable(hdev))
cacaf52f
JH		 3510 return 0;
3511
c80da27e
JH		 3512 memset(hdev->eir, 0, sizeof(hdev->eir));
3513
cacaf52f
JH		 3514 memset(&cp, 0, sizeof(cp));
3515
3516 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
3517}
3518
c0ecddc2 3519int mgmt_ssp_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
ed2c4ee3
JH		 3520{
3521 struct cmd_lookup match = { NULL, hdev };
c0ecddc2
JH		 3522 bool changed = false;
3523 int err = 0;
ed2c4ee3
JH		 3524
3525 if (status) {
3526 u8 mgmt_err = mgmt_status(status);
c0ecddc2
JH		 3527
3528 if (enable && test_and_clear_bit(HCI_SSP_ENABLED,
04124681 3529 &hdev->dev_flags))
c0ecddc2
JH		 3530 err = new_settings(hdev, NULL);
3531
04124681
GP		 3532 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, cmd_status_rsp,
3533 &mgmt_err);
c0ecddc2
JH		 3534
3535 return err;
3536 }
3537
3538 if (enable) {
3539 if (!test_and_set_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3540 changed = true;
3541 } else {
3542 if (test_and_clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3543 changed = true;
ed2c4ee3
JH		 3544 }
3545
3546 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, settings_rsp, &match);
3547
c0ecddc2
JH		 3548 if (changed)
3549 err = new_settings(hdev, match.sk);
ed2c4ee3 3550
5fc6ebb1 3551 if (match.sk)
ed2c4ee3
JH		 3552 sock_put(match.sk);
3553
5fc6ebb1
JH		 3554 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3555 update_eir(hdev);
3556 else
3557 clear_eir(hdev);
cacaf52f 3558
ed2c4ee3
JH		 3559 return err;
3560}
3561
90e70454
JH		 3562static void class_rsp(struct pending_cmd *cmd, void *data)
3563{
3564 struct cmd_lookup *match = data;
3565
3566 cmd_complete(cmd->sk, cmd->index, cmd->opcode, match->mgmt_status,
04124681 3567 match->hdev->dev_class, 3);
90e70454
JH		 3568
3569 list_del(&cmd->list);
3570
3571 if (match->sk == NULL) {
3572 match->sk = cmd->sk;
3573 sock_hold(match->sk);
3574 }
3575
3576 mgmt_pending_free(cmd);
3577}
3578
7f9a903c 3579int mgmt_set_class_of_dev_complete(struct hci_dev *hdev, u8 *dev_class,
04124681 3580 u8 status)
7f9a903c 3581{
90e70454
JH		 3582 struct cmd_lookup match = { NULL, hdev, mgmt_status(status) };
3583 int err = 0;
7f9a903c 3584
c95f0ba7
JH		 3585 clear_bit(HCI_PENDING_CLASS, &hdev->dev_flags);
3586
90e70454
JH		 3587 mgmt_pending_foreach(MGMT_OP_SET_DEV_CLASS, hdev, class_rsp, &match);
3588 mgmt_pending_foreach(MGMT_OP_ADD_UUID, hdev, class_rsp, &match);
3589 mgmt_pending_foreach(MGMT_OP_REMOVE_UUID, hdev, class_rsp, &match);
3590
3591 if (!status)
04124681
GP		 3592 err = mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev, dev_class,
3593 3, NULL);
90e70454
JH		 3594
3595 if (match.sk)
3596 sock_put(match.sk);
7f9a903c
MH		 3597
3598 return err;
3599}
3600
744cf19e 3601int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
b312b161
JH		 3602{
3603 struct pending_cmd *cmd;
3604 struct mgmt_cp_set_local_name ev;
28cc7bde
JH		 3605 bool changed = false;
3606 int err = 0;
3607
3608 if (memcmp(name, hdev->dev_name, sizeof(hdev->dev_name)) != 0) {
3609 memcpy(hdev->dev_name, name, sizeof(hdev->dev_name));
3610 changed = true;
3611 }
b312b161
JH		 3612
3613 memset(&ev, 0, sizeof(ev));
3614 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
28cc7bde 3615 memcpy(ev.short_name, hdev->short_name, HCI_MAX_SHORT_NAME_LENGTH);
b312b161 3616
2e58ef3e 3617 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
b312b161
JH		 3618 if (!cmd)
3619 goto send_event;
3620
7bdaae4a
JH		 3621 /* Always assume that either the short or the complete name has
3622 * changed if there was a pending mgmt command */
3623 changed = true;
3624
b312b161 3625 if (status) {
744cf19e 3626 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
04124681 3627 mgmt_status(status));
b312b161
JH		 3628 goto failed;
3629 }
3630
aee9b218 3631 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0, &ev,
04124681 3632 sizeof(ev));
b312b161
JH		 3633 if (err < 0)
3634 goto failed;
3635
3636send_event:
28cc7bde
JH		 3637 if (changed)
3638 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev,
04124681 3639 sizeof(ev), cmd ? cmd->sk : NULL);
28cc7bde 3640
1225a6bd
JH		 3641 /* EIR is taken care of separately when powering on the
3642 * adapter so only update them here if this is a name change
3643 * unrelated to power on.
3644 */
3645 if (!test_bit(HCI_INIT, &hdev->flags))
3646 update_eir(hdev);
b312b161
JH		 3647
3648failed:
3649 if (cmd)
3650 mgmt_pending_remove(cmd);
3651 return err;
3652}
c35938b2 3653
744cf19e 3654int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
04124681 3655 u8 *randomizer, u8 status)
c35938b2
SJ		 3656{
3657 struct pending_cmd *cmd;
3658 int err;
3659
744cf19e 3660 BT_DBG("%s status %u", hdev->name, status);
c35938b2 3661
2e58ef3e 3662 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
c35938b2
SJ		 3663 if (!cmd)
3664 return -ENOENT;
3665
3666 if (status) {
04124681
GP		 3667 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
3668 mgmt_status(status));
c35938b2
SJ		 3669 } else {
3670 struct mgmt_rp_read_local_oob_data rp;
3671
3672 memcpy(rp.hash, hash, sizeof(rp.hash));
3673 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
3674
744cf19e 3675 err = cmd_complete(cmd->sk, hdev->id,
04124681
GP		 3676 MGMT_OP_READ_LOCAL_OOB_DATA, 0, &rp,
3677 sizeof(rp));
c35938b2
SJ		 3678 }
3679
3680 mgmt_pending_remove(cmd);
3681
3682 return err;
3683}
e17acd40 3684
06199cf8
JH		 3685int mgmt_le_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
3686{
3687 struct cmd_lookup match = { NULL, hdev };
3688 bool changed = false;
3689 int err = 0;
3690
3691 if (status) {
3692 u8 mgmt_err = mgmt_status(status);
3693
3694 if (enable && test_and_clear_bit(HCI_LE_ENABLED,
04124681 3695 &hdev->dev_flags))
d97dcb66 3696 err = new_settings(hdev, NULL);
06199cf8 3697
d97dcb66
SJ		 3698 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, cmd_status_rsp,
3699 &mgmt_err);
06199cf8
JH		 3700
3701 return err;
3702 }
3703
3704 if (enable) {
3705 if (!test_and_set_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3706 changed = true;
3707 } else {
3708 if (test_and_clear_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3709 changed = true;
3710 }
3711
3712 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, settings_rsp, &match);
3713
3714 if (changed)
3715 err = new_settings(hdev, match.sk);
3716
3717 if (match.sk)
3718 sock_put(match.sk);
3719
3720 return err;
3721}
3722
48264f06 3723int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 3724 u8 addr_type, u8 *dev_class, s8 rssi, u8 cfm_name, u8
3725 ssp, u8 *eir, u16 eir_len)
e17acd40 3726{
e319d2e7
JH		 3727 char buf[512];
3728 struct mgmt_ev_device_found *ev = (void *) buf;
1dc06093 3729 size_t ev_size;
e17acd40 3730
1dc06093
JH		 3731 /* Leave 5 bytes for a potential CoD field */
3732 if (sizeof(*ev) + eir_len + 5 > sizeof(buf))
7d262f86
AG		 3733 return -EINVAL;
3734
1dc06093
JH		 3735 memset(buf, 0, sizeof(buf));
3736
e319d2e7 3737 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3738 ev->addr.type = link_to_bdaddr(link_type, addr_type);
e319d2e7 3739 ev->rssi = rssi;
9a395a80 3740 if (cfm_name)
612dfce9 3741 ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_CONFIRM_NAME);
388fc8fa 3742 if (!ssp)
612dfce9 3743 ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_LEGACY_PAIRING);
e17acd40 3744
1dc06093 3745 if (eir_len > 0)
e319d2e7 3746 memcpy(ev->eir, eir, eir_len);
e17acd40 3747
1dc06093
JH		 3748 if (dev_class && !eir_has_data_type(ev->eir, eir_len, EIR_CLASS_OF_DEV))
3749 eir_len = eir_append_data(ev->eir, eir_len, EIR_CLASS_OF_DEV,
04124681 3750 dev_class, 3);
1dc06093 3751
eb55ef07 3752 ev->eir_len = cpu_to_le16(eir_len);
1dc06093 3753 ev_size = sizeof(*ev) + eir_len;
f8523598 3754
e319d2e7 3755 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, ev_size, NULL);
e17acd40 3756}
a88a9652 3757
b644ba33 3758int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3759 u8 addr_type, s8 rssi, u8 *name, u8 name_len)
a88a9652 3760{
b644ba33
JH		 3761 struct mgmt_ev_device_found *ev;
3762 char buf[sizeof(*ev) + HCI_MAX_NAME_LENGTH + 2];
3763 u16 eir_len;
a88a9652 3764
b644ba33 3765 ev = (struct mgmt_ev_device_found *) buf;
a88a9652 3766
b644ba33
JH		 3767 memset(buf, 0, sizeof(buf));
3768
3769 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3770 ev->addr.type = link_to_bdaddr(link_type, addr_type);
b644ba33
JH		 3771 ev->rssi = rssi;
3772
3773 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name,
04124681 3774 name_len);
b644ba33 3775
eb55ef07 3776 ev->eir_len = cpu_to_le16(eir_len);
a88a9652 3777
053c7e0c 3778 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev,
04124681 3779 sizeof(*ev) + eir_len, NULL);
a88a9652 3780}
314b2381 3781
7a135109 3782int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
164a6e78
JH		 3783{
3784 struct pending_cmd *cmd;
f808e166 3785 u8 type;
164a6e78
JH		 3786 int err;
3787
203159d4
AG		 3788 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3789
2e58ef3e 3790 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78
JH		 3791 if (!cmd)
3792 return -ENOENT;
3793
f808e166
JH		 3794 type = hdev->discovery.type;
3795
3796 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 3797 &type, sizeof(type));
164a6e78
JH		 3798 mgmt_pending_remove(cmd);
3799
3800 return err;
3801}
3802
e6d465cb
AG		 3803int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
3804{
3805 struct pending_cmd *cmd;
3806 int err;
3807
3808 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
3809 if (!cmd)
3810 return -ENOENT;
3811
d930650b 3812 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 3813 &hdev->discovery.type, sizeof(hdev->discovery.type));
164a6e78
JH		 3814 mgmt_pending_remove(cmd);
3815
3816 return err;
3817}
3818
744cf19e 3819int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
314b2381 3820{
f963e8e9 3821 struct mgmt_ev_discovering ev;
164a6e78
JH		 3822 struct pending_cmd *cmd;
3823
343fb145
AG		 3824 BT_DBG("%s discovering %u", hdev->name, discovering);
3825
164a6e78 3826 if (discovering)
2e58ef3e 3827 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78 3828 else
2e58ef3e 3829 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
164a6e78
JH		 3830
3831 if (cmd != NULL) {
f808e166
JH		 3832 u8 type = hdev->discovery.type;
3833
04124681
GP		 3834 cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0, &type,
3835 sizeof(type));
164a6e78
JH		 3836 mgmt_pending_remove(cmd);
3837 }
3838
f963e8e9
JH		 3839 memset(&ev, 0, sizeof(ev));
3840 ev.type = hdev->discovery.type;
3841 ev.discovering = discovering;
3842
3843 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &ev, sizeof(ev), NULL);
314b2381 3844}
5e762444 3845
88c1fe4b 3846int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3847{
3848 struct pending_cmd *cmd;
3849 struct mgmt_ev_device_blocked ev;
3850
2e58ef3e 3851 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
5e762444 3852
88c1fe4b
JH		 3853 bacpy(&ev.addr.bdaddr, bdaddr);
3854 ev.addr.type = type;
5e762444 3855
744cf19e 3856 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
04124681 3857 cmd ? cmd->sk : NULL);
5e762444
AJ		 3858}
3859
88c1fe4b 3860int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3861{
3862 struct pending_cmd *cmd;
3863 struct mgmt_ev_device_unblocked ev;
3864
2e58ef3e 3865 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
5e762444 3866
88c1fe4b
JH		 3867 bacpy(&ev.addr.bdaddr, bdaddr);
3868 ev.addr.type = type;
5e762444 3869
744cf19e 3870 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
04124681 3871 cmd ? cmd->sk : NULL);
5e762444 3872}
d7b7e796
MH		 3873
3874module_param(enable_hs, bool, 0644);
3875MODULE_PARM_DESC(enable_hs, "Enable High Speed support");
Linux kernel - Deliverables
This page took 0.475318 seconds and 5 git commands to generate.