projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Read current IAC LAP on controller setup
[deliverable/linux.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
ea585ab5 3
0381101f 4 Copyright (C) 2010 Nokia Corporation
ea585ab5 5 Copyright (C) 2011-2012 Intel Corporation
0381101f
JH		 6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI Management interface */
26
3a9a231d 27#include <linux/module.h>
0381101f
JH		 28#include <asm/unaligned.h>
29
30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h>
32#include <net/bluetooth/mgmt.h>
ac4b7236
MH		 33
34#include "smp.h"
0381101f 35
2da9c55c 36#define MGMT_VERSION 1
9ab8cf37 37#define MGMT_REVISION 4
02d98129 38
e70bb2e8
JH		 39static const u16 mgmt_commands[] = {
40 MGMT_OP_READ_INDEX_LIST,
41 MGMT_OP_READ_INFO,
42 MGMT_OP_SET_POWERED,
43 MGMT_OP_SET_DISCOVERABLE,
44 MGMT_OP_SET_CONNECTABLE,
45 MGMT_OP_SET_FAST_CONNECTABLE,
46 MGMT_OP_SET_PAIRABLE,
47 MGMT_OP_SET_LINK_SECURITY,
48 MGMT_OP_SET_SSP,
49 MGMT_OP_SET_HS,
50 MGMT_OP_SET_LE,
51 MGMT_OP_SET_DEV_CLASS,
52 MGMT_OP_SET_LOCAL_NAME,
53 MGMT_OP_ADD_UUID,
54 MGMT_OP_REMOVE_UUID,
55 MGMT_OP_LOAD_LINK_KEYS,
56 MGMT_OP_LOAD_LONG_TERM_KEYS,
57 MGMT_OP_DISCONNECT,
58 MGMT_OP_GET_CONNECTIONS,
59 MGMT_OP_PIN_CODE_REPLY,
60 MGMT_OP_PIN_CODE_NEG_REPLY,
61 MGMT_OP_SET_IO_CAPABILITY,
62 MGMT_OP_PAIR_DEVICE,
63 MGMT_OP_CANCEL_PAIR_DEVICE,
64 MGMT_OP_UNPAIR_DEVICE,
65 MGMT_OP_USER_CONFIRM_REPLY,
66 MGMT_OP_USER_CONFIRM_NEG_REPLY,
67 MGMT_OP_USER_PASSKEY_REPLY,
68 MGMT_OP_USER_PASSKEY_NEG_REPLY,
69 MGMT_OP_READ_LOCAL_OOB_DATA,
70 MGMT_OP_ADD_REMOTE_OOB_DATA,
71 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
72 MGMT_OP_START_DISCOVERY,
73 MGMT_OP_STOP_DISCOVERY,
74 MGMT_OP_CONFIRM_NAME,
75 MGMT_OP_BLOCK_DEVICE,
76 MGMT_OP_UNBLOCK_DEVICE,
cdbaccca 77 MGMT_OP_SET_DEVICE_ID,
4375f103 78 MGMT_OP_SET_ADVERTISING,
0663ca2a 79 MGMT_OP_SET_BREDR,
d13eafce 80 MGMT_OP_SET_STATIC_ADDRESS,
7f72134e 81 MGMT_OP_SET_SCAN_PARAMS,
e70bb2e8
JH		 82};
83
84static const u16 mgmt_events[] = {
85 MGMT_EV_CONTROLLER_ERROR,
86 MGMT_EV_INDEX_ADDED,
87 MGMT_EV_INDEX_REMOVED,
88 MGMT_EV_NEW_SETTINGS,
89 MGMT_EV_CLASS_OF_DEV_CHANGED,
90 MGMT_EV_LOCAL_NAME_CHANGED,
91 MGMT_EV_NEW_LINK_KEY,
92 MGMT_EV_NEW_LONG_TERM_KEY,
93 MGMT_EV_DEVICE_CONNECTED,
94 MGMT_EV_DEVICE_DISCONNECTED,
95 MGMT_EV_CONNECT_FAILED,
96 MGMT_EV_PIN_CODE_REQUEST,
97 MGMT_EV_USER_CONFIRM_REQUEST,
98 MGMT_EV_USER_PASSKEY_REQUEST,
99 MGMT_EV_AUTH_FAILED,
100 MGMT_EV_DEVICE_FOUND,
101 MGMT_EV_DISCOVERING,
102 MGMT_EV_DEVICE_BLOCKED,
103 MGMT_EV_DEVICE_UNBLOCKED,
104 MGMT_EV_DEVICE_UNPAIRED,
92a25256 105 MGMT_EV_PASSKEY_NOTIFY,
e70bb2e8
JH		 106};
107
17b02e62 108#define CACHE_TIMEOUT msecs_to_jiffies(2 * 1000)
7d78525d 109
4b34ee78
JH		 110#define hdev_is_powered(hdev) (test_bit(HCI_UP, &hdev->flags) && \
111 !test_bit(HCI_AUTO_OFF, &hdev->dev_flags))
112
eec8d2bc
JH		 113struct pending_cmd {
114 struct list_head list;
fc2f4b13 115 u16 opcode;
eec8d2bc 116 int index;
c68fb7ff 117 void *param;
eec8d2bc 118 struct sock *sk;
e9a416b5 119 void *user_data;
eec8d2bc
JH		 120};
121
ca69b795
JH		 122/* HCI to MGMT error code conversion table */
123static u8 mgmt_status_table[] = {
124 MGMT_STATUS_SUCCESS,
125 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
126 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
127 MGMT_STATUS_FAILED, /* Hardware Failure */
128 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
129 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
130 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
131 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
132 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
133 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
134 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
135 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
136 MGMT_STATUS_BUSY, /* Command Disallowed */
137 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
138 MGMT_STATUS_REJECTED, /* Rejected Security */
139 MGMT_STATUS_REJECTED, /* Rejected Personal */
140 MGMT_STATUS_TIMEOUT, /* Host Timeout */
141 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
142 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
143 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
144 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
145 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
146 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
147 MGMT_STATUS_BUSY, /* Repeated Attempts */
148 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
149 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
150 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
151 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
152 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
153 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
154 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
155 MGMT_STATUS_FAILED, /* Unspecified Error */
156 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
157 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
158 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
159 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
160 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
161 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
162 MGMT_STATUS_FAILED, /* Unit Link Key Used */
163 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
164 MGMT_STATUS_TIMEOUT, /* Instant Passed */
165 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
166 MGMT_STATUS_FAILED, /* Transaction Collision */
167 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
168 MGMT_STATUS_REJECTED, /* QoS Rejected */
169 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
170 MGMT_STATUS_REJECTED, /* Insufficient Security */
171 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
172 MGMT_STATUS_BUSY, /* Role Switch Pending */
173 MGMT_STATUS_FAILED, /* Slot Violation */
174 MGMT_STATUS_FAILED, /* Role Switch Failed */
175 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
176 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
177 MGMT_STATUS_BUSY, /* Host Busy Pairing */
178 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
179 MGMT_STATUS_BUSY, /* Controller Busy */
180 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
181 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
182 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
183 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
184 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
185};
186
187static u8 mgmt_status(u8 hci_status)
188{
189 if (hci_status < ARRAY_SIZE(mgmt_status_table))
190 return mgmt_status_table[hci_status];
191
192 return MGMT_STATUS_FAILED;
193}
194
4e51eae9 195static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 196{
197 struct sk_buff *skb;
198 struct mgmt_hdr *hdr;
199 struct mgmt_ev_cmd_status *ev;
56b7d137 200 int err;
f7b64e69 201
34eb525c 202 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69 203
790eff44 204 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_KERNEL);
f7b64e69
JH		 205 if (!skb)
206 return -ENOMEM;
207
208 hdr = (void *) skb_put(skb, sizeof(*hdr));
209
612dfce9 210 hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 211 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 212 hdr->len = cpu_to_le16(sizeof(*ev));
213
214 ev = (void *) skb_put(skb, sizeof(*ev));
215 ev->status = status;
eb55ef07 216 ev->opcode = cpu_to_le16(cmd);
f7b64e69 217
56b7d137
GP		 218 err = sock_queue_rcv_skb(sk, skb);
219 if (err < 0)
f7b64e69
JH		 220 kfree_skb(skb);
221
56b7d137 222 return err;
f7b64e69
JH		 223}
224
aee9b218 225static int cmd_complete(struct sock *sk, u16 index, u16 cmd, u8 status,
04124681 226 void *rp, size_t rp_len)
02d98129
JH		 227{
228 struct sk_buff *skb;
229 struct mgmt_hdr *hdr;
230 struct mgmt_ev_cmd_complete *ev;
56b7d137 231 int err;
02d98129
JH		 232
233 BT_DBG("sock %p", sk);
234
790eff44 235 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_KERNEL);
02d98129
JH		 236 if (!skb)
237 return -ENOMEM;
238
239 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 240
612dfce9 241 hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 242 hdr->index = cpu_to_le16(index);
a38528f1 243 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 244
a38528f1 245 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
eb55ef07 246 ev->opcode = cpu_to_le16(cmd);
aee9b218 247 ev->status = status;
8020c16a
SJ		 248
249 if (rp)
250 memcpy(ev->data, rp, rp_len);
02d98129 251
56b7d137
GP		 252 err = sock_queue_rcv_skb(sk, skb);
253 if (err < 0)
02d98129
JH		 254 kfree_skb(skb);
255
e5f0e151 256 return err;
02d98129
JH		 257}
258
04124681
GP		 259static int read_version(struct sock *sk, struct hci_dev *hdev, void *data,
260 u16 data_len)
a38528f1
JH		 261{
262 struct mgmt_rp_read_version rp;
263
264 BT_DBG("sock %p", sk);
265
266 rp.version = MGMT_VERSION;
eb55ef07 267 rp.revision = __constant_cpu_to_le16(MGMT_REVISION);
a38528f1 268
aee9b218 269 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, 0, &rp,
04124681 270 sizeof(rp));
a38528f1
JH		 271}
272
04124681
GP		 273static int read_commands(struct sock *sk, struct hci_dev *hdev, void *data,
274 u16 data_len)
e70bb2e8
JH		 275{
276 struct mgmt_rp_read_commands *rp;
eb55ef07
MH		 277 const u16 num_commands = ARRAY_SIZE(mgmt_commands);
278 const u16 num_events = ARRAY_SIZE(mgmt_events);
2e3c35ea 279 __le16 *opcode;
e70bb2e8
JH		 280 size_t rp_size;
281 int i, err;
282
283 BT_DBG("sock %p", sk);
284
285 rp_size = sizeof(*rp) + ((num_commands + num_events) * sizeof(u16));
286
287 rp = kmalloc(rp_size, GFP_KERNEL);
288 if (!rp)
289 return -ENOMEM;
290
eb55ef07
MH		 291 rp->num_commands = __constant_cpu_to_le16(num_commands);
292 rp->num_events = __constant_cpu_to_le16(num_events);
e70bb2e8
JH		 293
294 for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++)
295 put_unaligned_le16(mgmt_commands[i], opcode);
296
297 for (i = 0; i < num_events; i++, opcode++)
298 put_unaligned_le16(mgmt_events[i], opcode);
299
aee9b218 300 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0, rp,
04124681 301 rp_size);
e70bb2e8
JH		 302 kfree(rp);
303
304 return err;
305}
306
04124681
GP		 307static int read_index_list(struct sock *sk, struct hci_dev *hdev, void *data,
308 u16 data_len)
faba42eb 309{
faba42eb 310 struct mgmt_rp_read_index_list *rp;
8035ded4 311 struct hci_dev *d;
a38528f1 312 size_t rp_len;
faba42eb 313 u16 count;
476e44cb 314 int err;
faba42eb
JH		 315
316 BT_DBG("sock %p", sk);
317
318 read_lock(&hci_dev_list_lock);
319
320 count = 0;
bb4b2a9a 321 list_for_each_entry(d, &hci_dev_list, list) {
1514b892
MH		 322 if (d->dev_type == HCI_BREDR)
323 count++;
faba42eb
JH		 324 }
325
a38528f1
JH		 326 rp_len = sizeof(*rp) + (2 * count);
327 rp = kmalloc(rp_len, GFP_ATOMIC);
328 if (!rp) {
b2c60d42 329 read_unlock(&hci_dev_list_lock);
faba42eb 330 return -ENOMEM;
b2c60d42 331 }
faba42eb 332
476e44cb 333 count = 0;
8035ded4 334 list_for_each_entry(d, &hci_dev_list, list) {
a8b2d5c2 335 if (test_bit(HCI_SETUP, &d->dev_flags))
ab81cbf9
JH		 336 continue;
337
0736cfa8
MH		 338 if (test_bit(HCI_USER_CHANNEL, &d->dev_flags))
339 continue;
340
1514b892
MH		 341 if (d->dev_type == HCI_BREDR) {
342 rp->index[count++] = cpu_to_le16(d->id);
343 BT_DBG("Added hci%u", d->id);
344 }
faba42eb
JH		 345 }
346
476e44cb
JH		 347 rp->num_controllers = cpu_to_le16(count);
348 rp_len = sizeof(*rp) + (2 * count);
349
faba42eb
JH		 350 read_unlock(&hci_dev_list_lock);
351
aee9b218 352 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, 0, rp,
04124681 353 rp_len);
faba42eb 354
a38528f1
JH		 355 kfree(rp);
356
357 return err;
faba42eb
JH		 358}
359
69ab39ea
JH		 360static u32 get_supported_settings(struct hci_dev *hdev)
361{
362 u32 settings = 0;
363
364 settings |= MGMT_SETTING_POWERED;
69ab39ea
JH		 365 settings |= MGMT_SETTING_PAIRABLE;
366
ed3fa31f 367 if (lmp_bredr_capable(hdev)) {
33c525c0 368 settings |= MGMT_SETTING_CONNECTABLE;
1a47aee8
JH		 369 if (hdev->hci_ver >= BLUETOOTH_VER_1_2)
370 settings |= MGMT_SETTING_FAST_CONNECTABLE;
33c525c0 371 settings |= MGMT_SETTING_DISCOVERABLE;
69ab39ea
JH		 372 settings |= MGMT_SETTING_BREDR;
373 settings |= MGMT_SETTING_LINK_SECURITY;
a82974c9
MH		 374
375 if (lmp_ssp_capable(hdev)) {
376 settings |= MGMT_SETTING_SSP;
377 settings |= MGMT_SETTING_HS;
378 }
848566b3 379 }
d7b7e796 380
eeca6f89 381 if (lmp_le_capable(hdev)) {
9d42820f 382 settings |= MGMT_SETTING_LE;
eeca6f89
JH		 383 settings |= MGMT_SETTING_ADVERTISING;
384 }
69ab39ea
JH		 385
386 return settings;
387}
388
389static u32 get_current_settings(struct hci_dev *hdev)
390{
391 u32 settings = 0;
392
f1f0eb02 393 if (hdev_is_powered(hdev))
f0d4b78a
MH		 394 settings |= MGMT_SETTING_POWERED;
395
5e5282bb 396 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
69ab39ea
JH		 397 settings |= MGMT_SETTING_CONNECTABLE;
398
1a4d3c4b
JH		 399 if (test_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags))
400 settings |= MGMT_SETTING_FAST_CONNECTABLE;
401
5e5282bb 402 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
69ab39ea
JH		 403 settings |= MGMT_SETTING_DISCOVERABLE;
404
a8b2d5c2 405 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags))
69ab39ea
JH		 406 settings |= MGMT_SETTING_PAIRABLE;
407
56f87901 408 if (test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 409 settings |= MGMT_SETTING_BREDR;
410
06199cf8 411 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 412 settings |= MGMT_SETTING_LE;
413
47990ea0 414 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
69ab39ea
JH		 415 settings |= MGMT_SETTING_LINK_SECURITY;
416
84bde9d6 417 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 418 settings |= MGMT_SETTING_SSP;
419
6d80dfd0
JH		 420 if (test_bit(HCI_HS_ENABLED, &hdev->dev_flags))
421 settings |= MGMT_SETTING_HS;
422
f3d3444a 423 if (test_bit(HCI_ADVERTISING, &hdev->dev_flags))
eeca6f89
JH		 424 settings |= MGMT_SETTING_ADVERTISING;
425
69ab39ea
JH		 426 return settings;
427}
428
ef580372
JH		 429#define PNP_INFO_SVCLASS_ID 0x1200
430
213202ed
JH		 431static u8 *create_uuid16_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len)
432{
433 u8 *ptr = data, *uuids_start = NULL;
434 struct bt_uuid *uuid;
435
436 if (len < 4)
437 return ptr;
438
439 list_for_each_entry(uuid, &hdev->uuids, list) {
440 u16 uuid16;
441
442 if (uuid->size != 16)
443 continue;
444
445 uuid16 = get_unaligned_le16(&uuid->uuid[12]);
446 if (uuid16 < 0x1100)
447 continue;
448
449 if (uuid16 == PNP_INFO_SVCLASS_ID)
450 continue;
451
452 if (!uuids_start) {
453 uuids_start = ptr;
454 uuids_start[0] = 1;
455 uuids_start[1] = EIR_UUID16_ALL;
456 ptr += 2;
457 }
458
459 /* Stop if not enough space to put next UUID */
460 if ((ptr - data) + sizeof(u16) > len) {
461 uuids_start[1] = EIR_UUID16_SOME;
462 break;
463 }
464
465 *ptr++ = (uuid16 & 0x00ff);
466 *ptr++ = (uuid16 & 0xff00) >> 8;
467 uuids_start[0] += sizeof(uuid16);
468 }
469
470 return ptr;
471}
472
cdf1963f
JH		 473static u8 *create_uuid32_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len)
474{
475 u8 *ptr = data, *uuids_start = NULL;
476 struct bt_uuid *uuid;
477
478 if (len < 6)
479 return ptr;
480
481 list_for_each_entry(uuid, &hdev->uuids, list) {
482 if (uuid->size != 32)
483 continue;
484
485 if (!uuids_start) {
486 uuids_start = ptr;
487 uuids_start[0] = 1;
488 uuids_start[1] = EIR_UUID32_ALL;
489 ptr += 2;
490 }
491
492 /* Stop if not enough space to put next UUID */
493 if ((ptr - data) + sizeof(u32) > len) {
494 uuids_start[1] = EIR_UUID32_SOME;
495 break;
496 }
497
498 memcpy(ptr, &uuid->uuid[12], sizeof(u32));
499 ptr += sizeof(u32);
500 uuids_start[0] += sizeof(u32);
501 }
502
503 return ptr;
504}
505
c00d575b
JH		 506static u8 *create_uuid128_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len)
507{
508 u8 *ptr = data, *uuids_start = NULL;
509 struct bt_uuid *uuid;
510
511 if (len < 18)
512 return ptr;
513
514 list_for_each_entry(uuid, &hdev->uuids, list) {
515 if (uuid->size != 128)
516 continue;
517
518 if (!uuids_start) {
519 uuids_start = ptr;
520 uuids_start[0] = 1;
521 uuids_start[1] = EIR_UUID128_ALL;
522 ptr += 2;
523 }
524
525 /* Stop if not enough space to put next UUID */
526 if ((ptr - data) + 16 > len) {
527 uuids_start[1] = EIR_UUID128_SOME;
528 break;
529 }
530
531 memcpy(ptr, uuid->uuid, 16);
532 ptr += 16;
533 uuids_start[0] += 16;
534 }
535
536 return ptr;
537}
538
ef580372
JH		 539static void create_eir(struct hci_dev *hdev, u8 *data)
540{
541 u8 *ptr = data;
ef580372
JH		 542 size_t name_len;
543
544 name_len = strlen(hdev->dev_name);
545
546 if (name_len > 0) {
547 /* EIR Data type */
548 if (name_len > 48) {
549 name_len = 48;
550 ptr[1] = EIR_NAME_SHORT;
551 } else
552 ptr[1] = EIR_NAME_COMPLETE;
553
554 /* EIR Data length */
555 ptr[0] = name_len + 1;
556
557 memcpy(ptr + 2, hdev->dev_name, name_len);
558
ef580372
JH		 559 ptr += (name_len + 2);
560 }
561
bbaf444a 562 if (hdev->inq_tx_power != HCI_TX_POWER_INVALID) {
91c4e9b1
MH		 563 ptr[0] = 2;
564 ptr[1] = EIR_TX_POWER;
565 ptr[2] = (u8) hdev->inq_tx_power;
566
91c4e9b1
MH		 567 ptr += 3;
568 }
569
2b9be137
MH		 570 if (hdev->devid_source > 0) {
571 ptr[0] = 9;
572 ptr[1] = EIR_DEVICE_ID;
573
574 put_unaligned_le16(hdev->devid_source, ptr + 2);
575 put_unaligned_le16(hdev->devid_vendor, ptr + 4);
576 put_unaligned_le16(hdev->devid_product, ptr + 6);
577 put_unaligned_le16(hdev->devid_version, ptr + 8);
578
2b9be137
MH		 579 ptr += 10;
580 }
581
213202ed 582 ptr = create_uuid16_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data));
cdf1963f 583 ptr = create_uuid32_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data));
c00d575b 584 ptr = create_uuid128_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data));
ef580372
JH		 585}
586
890ea898 587static void update_eir(struct hci_request *req)
ef580372 588{
890ea898 589 struct hci_dev *hdev = req->hdev;
ef580372
JH		 590 struct hci_cp_write_eir cp;
591
504c8dcd 592 if (!hdev_is_powered(hdev))
890ea898 593 return;
7770c4aa 594
976eb20e 595 if (!lmp_ext_inq_capable(hdev))
890ea898 596 return;
ef580372 597
84bde9d6 598 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
890ea898 599 return;
ef580372 600
a8b2d5c2 601 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
890ea898 602 return;
ef580372
JH		 603
604 memset(&cp, 0, sizeof(cp));
605
606 create_eir(hdev, cp.data);
607
608 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
890ea898 609 return;
ef580372
JH		 610
611 memcpy(hdev->eir, cp.data, sizeof(cp.data));
612
890ea898 613 hci_req_add(req, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
ef580372
JH		 614}
615
616static u8 get_service_classes(struct hci_dev *hdev)
617{
618 struct bt_uuid *uuid;
619 u8 val = 0;
620
621 list_for_each_entry(uuid, &hdev->uuids, list)
622 val |= uuid->svc_hint;
623
624 return val;
625}
626
890ea898 627static void update_class(struct hci_request *req)
ef580372 628{
890ea898 629 struct hci_dev *hdev = req->hdev;
ef580372
JH		 630 u8 cod[3];
631
632 BT_DBG("%s", hdev->name);
633
504c8dcd 634 if (!hdev_is_powered(hdev))
890ea898 635 return;
7770c4aa 636
a8b2d5c2 637 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
890ea898 638 return;
ef580372
JH		 639
640 cod[0] = hdev->minor_class;
641 cod[1] = hdev->major_class;
642 cod[2] = get_service_classes(hdev);
643
644 if (memcmp(cod, hdev->dev_class, 3) == 0)
890ea898 645 return;
ef580372 646
890ea898 647 hci_req_add(req, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
ef580372
JH		 648}
649
7d78525d
JH		 650static void service_cache_off(struct work_struct *work)
651{
652 struct hci_dev *hdev = container_of(work, struct hci_dev,
04124681 653 service_cache.work);
890ea898 654 struct hci_request req;
7d78525d 655
a8b2d5c2 656 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 657 return;
658
890ea898
JH		 659 hci_req_init(&req, hdev);
660
7d78525d
JH		 661 hci_dev_lock(hdev);
662
890ea898
JH		 663 update_eir(&req);
664 update_class(&req);
7d78525d
JH		 665
666 hci_dev_unlock(hdev);
890ea898
JH		 667
668 hci_req_run(&req, NULL);
7d78525d
JH		 669}
670
6a919082 671static void mgmt_init_hdev(struct sock *sk, struct hci_dev *hdev)
7d78525d 672{
4f87da80 673 if (test_and_set_bit(HCI_MGMT, &hdev->dev_flags))
6a919082
JH		 674 return;
675
4f87da80 676 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
7d78525d 677
4f87da80
JH		 678 /* Non-mgmt controlled devices get this bit set
679 * implicitly so that pairing works for them, however
680 * for mgmt we require user-space to explicitly enable
681 * it
682 */
683 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
7d78525d
JH		 684}
685
0f4e68cf 686static int read_controller_info(struct sock *sk, struct hci_dev *hdev,
04124681 687 void *data, u16 data_len)
0381101f 688{
a38528f1 689 struct mgmt_rp_read_info rp;
f7b64e69 690
bdb6d971 691 BT_DBG("sock %p %s", sk, hdev->name);
f7b64e69 692
09fd0de5 693 hci_dev_lock(hdev);
f7b64e69 694
dc4fe30b
JH		 695 memset(&rp, 0, sizeof(rp));
696
69ab39ea 697 bacpy(&rp.bdaddr, &hdev->bdaddr);
f7b64e69 698
69ab39ea 699 rp.version = hdev->hci_ver;
eb55ef07 700 rp.manufacturer = cpu_to_le16(hdev->manufacturer);
69ab39ea
JH		 701
702 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
703 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
f7b64e69 704
a38528f1 705 memcpy(rp.dev_class, hdev->dev_class, 3);
f7b64e69 706
dc4fe30b 707 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
27fcc362 708 memcpy(rp.short_name, hdev->short_name, sizeof(hdev->short_name));
dc4fe30b 709
09fd0de5 710 hci_dev_unlock(hdev);
0381101f 711
bdb6d971 712 return cmd_complete(sk, hdev->id, MGMT_OP_READ_INFO, 0, &rp,
04124681 713 sizeof(rp));
0381101f
JH		 714}
715
eec8d2bc
JH		 716static void mgmt_pending_free(struct pending_cmd *cmd)
717{
718 sock_put(cmd->sk);
c68fb7ff 719 kfree(cmd->param);
eec8d2bc
JH		 720 kfree(cmd);
721}
722
366a0336 723static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
04124681
GP		 724 struct hci_dev *hdev, void *data,
725 u16 len)
eec8d2bc
JH		 726{
727 struct pending_cmd *cmd;
728
12b94565 729 cmd = kmalloc(sizeof(*cmd), GFP_KERNEL);
eec8d2bc 730 if (!cmd)
366a0336 731 return NULL;
eec8d2bc
JH		 732
733 cmd->opcode = opcode;
2e58ef3e 734 cmd->index = hdev->id;
eec8d2bc 735
12b94565 736 cmd->param = kmalloc(len, GFP_KERNEL);
c68fb7ff 737 if (!cmd->param) {
eec8d2bc 738 kfree(cmd);
366a0336 739 return NULL;
eec8d2bc
JH		 740 }
741
8fce6357
SJ		 742 if (data)
743 memcpy(cmd->param, data, len);
eec8d2bc
JH		 744
745 cmd->sk = sk;
746 sock_hold(sk);
747
2e58ef3e 748 list_add(&cmd->list, &hdev->mgmt_pending);
eec8d2bc 749
366a0336 750 return cmd;
eec8d2bc
JH		 751}
752
744cf19e 753static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
8fc9ced3
GP		 754 void (*cb)(struct pending_cmd *cmd,
755 void *data),
04124681 756 void *data)
eec8d2bc 757{
a3d09356 758 struct pending_cmd *cmd, *tmp;
eec8d2bc 759
a3d09356 760 list_for_each_entry_safe(cmd, tmp, &hdev->mgmt_pending, list) {
b24752fe 761 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 762 continue;
763
eec8d2bc
JH		 764 cb(cmd, data);
765 }
766}
767
2e58ef3e 768static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
eec8d2bc 769{
8035ded4 770 struct pending_cmd *cmd;
eec8d2bc 771
2e58ef3e 772 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
2aeabcbe
JH		 773 if (cmd->opcode == opcode)
774 return cmd;
eec8d2bc
JH		 775 }
776
777 return NULL;
778}
779
a664b5bc 780static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 781{
73f22f62
JH		 782 list_del(&cmd->list);
783 mgmt_pending_free(cmd);
784}
785
69ab39ea 786static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
8680570b 787{
69ab39ea 788 __le32 settings = cpu_to_le32(get_current_settings(hdev));
8680570b 789
aee9b218 790 return cmd_complete(sk, hdev->id, opcode, 0, &settings,
04124681 791 sizeof(settings));
8680570b
JH		 792}
793
bdb6d971 794static int set_powered(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 795 u16 len)
eec8d2bc 796{
650f726d 797 struct mgmt_mode *cp = data;
366a0336 798 struct pending_cmd *cmd;
4b34ee78 799 int err;
eec8d2bc 800
bdb6d971 801 BT_DBG("request for %s", hdev->name);
eec8d2bc 802
a7e80f25
JH		 803 if (cp->val != 0x00 && cp->val != 0x01)
804 return cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
805 MGMT_STATUS_INVALID_PARAMS);
806
09fd0de5 807 hci_dev_lock(hdev);
eec8d2bc 808
87b95ba6
JH		 809 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
810 err = cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
811 MGMT_STATUS_BUSY);
812 goto failed;
813 }
814
f0d4b78a
MH		 815 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) {
816 cancel_delayed_work(&hdev->power_off);
817
818 if (cp->val) {
a1d70450
JH		 819 mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev,
820 data, len);
821 err = mgmt_powered(hdev, 1);
f0d4b78a
MH		 822 goto failed;
823 }
824 }
825
4b34ee78 826 if (!!cp->val == hdev_is_powered(hdev)) {
69ab39ea 827 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
eec8d2bc
JH		 828 goto failed;
829 }
830
2e58ef3e 831 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
366a0336
JH		 832 if (!cmd) {
833 err = -ENOMEM;
eec8d2bc 834 goto failed;
366a0336 835 }
eec8d2bc 836
72a734ec 837 if (cp->val)
19202573 838 queue_work(hdev->req_workqueue, &hdev->power_on);
eec8d2bc 839 else
19202573 840 queue_work(hdev->req_workqueue, &hdev->power_off.work);
eec8d2bc 841
366a0336 842 err = 0;
eec8d2bc
JH		 843
844failed:
09fd0de5 845 hci_dev_unlock(hdev);
366a0336 846 return err;
eec8d2bc
JH		 847}
848
04124681
GP		 849static int mgmt_event(u16 event, struct hci_dev *hdev, void *data, u16 data_len,
850 struct sock *skip_sk)
beadb2bd
JH		 851{
852 struct sk_buff *skb;
853 struct mgmt_hdr *hdr;
854
790eff44 855 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_KERNEL);
beadb2bd
JH		 856 if (!skb)
857 return -ENOMEM;
858
859 hdr = (void *) skb_put(skb, sizeof(*hdr));
860 hdr->opcode = cpu_to_le16(event);
861 if (hdev)
862 hdr->index = cpu_to_le16(hdev->id);
863 else
612dfce9 864 hdr->index = __constant_cpu_to_le16(MGMT_INDEX_NONE);
beadb2bd
JH		 865 hdr->len = cpu_to_le16(data_len);
866
867 if (data)
868 memcpy(skb_put(skb, data_len), data, data_len);
869
97e0bdeb
MH		 870 /* Time stamp */
871 __net_timestamp(skb);
872
beadb2bd
JH		 873 hci_send_to_control(skb, skip_sk);
874 kfree_skb(skb);
875
876 return 0;
877}
878
879static int new_settings(struct hci_dev *hdev, struct sock *skip)
880{
881 __le32 ev;
882
883 ev = cpu_to_le32(get_current_settings(hdev));
884
885 return mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), skip);
886}
887
bd99abdd
JH		 888struct cmd_lookup {
889 struct sock *sk;
890 struct hci_dev *hdev;
891 u8 mgmt_status;
892};
893
894static void settings_rsp(struct pending_cmd *cmd, void *data)
895{
896 struct cmd_lookup *match = data;
897
898 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
899
900 list_del(&cmd->list);
901
902 if (match->sk == NULL) {
903 match->sk = cmd->sk;
904 sock_hold(match->sk);
905 }
906
907 mgmt_pending_free(cmd);
908}
909
910static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
911{
912 u8 *status = data;
913
914 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
915 mgmt_pending_remove(cmd);
916}
917
e6fe7986
JH		 918static u8 mgmt_bredr_support(struct hci_dev *hdev)
919{
920 if (!lmp_bredr_capable(hdev))
921 return MGMT_STATUS_NOT_SUPPORTED;
922 else if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags))
923 return MGMT_STATUS_REJECTED;
924 else
925 return MGMT_STATUS_SUCCESS;
926}
927
928static u8 mgmt_le_support(struct hci_dev *hdev)
929{
930 if (!lmp_le_capable(hdev))
931 return MGMT_STATUS_NOT_SUPPORTED;
932 else if (!test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
933 return MGMT_STATUS_REJECTED;
934 else
935 return MGMT_STATUS_SUCCESS;
936}
937
bfaf8c9f
JH		 938static void set_discoverable_complete(struct hci_dev *hdev, u8 status)
939{
940 struct pending_cmd *cmd;
941 struct mgmt_mode *cp;
942 bool changed;
943
944 BT_DBG("status 0x%02x", status);
945
946 hci_dev_lock(hdev);
947
948 cmd = mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev);
949 if (!cmd)
950 goto unlock;
951
952 if (status) {
953 u8 mgmt_err = mgmt_status(status);
954 cmd_status(cmd->sk, cmd->index, cmd->opcode, mgmt_err);
955 goto remove_cmd;
956 }
957
958 cp = cmd->param;
959 if (cp->val)
960 changed = !test_and_set_bit(HCI_DISCOVERABLE,
961 &hdev->dev_flags);
962 else
963 changed = test_and_clear_bit(HCI_DISCOVERABLE,
964 &hdev->dev_flags);
965
966 send_settings_rsp(cmd->sk, MGMT_OP_SET_DISCOVERABLE, hdev);
967
968 if (changed)
969 new_settings(hdev, cmd->sk);
970
971remove_cmd:
972 mgmt_pending_remove(cmd);
973
974unlock:
975 hci_dev_unlock(hdev);
976}
977
bdb6d971 978static int set_discoverable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 979 u16 len)
73f22f62 980{
650f726d 981 struct mgmt_cp_set_discoverable *cp = data;
366a0336 982 struct pending_cmd *cmd;
bfaf8c9f 983 struct hci_request req;
5e5282bb 984 u16 timeout;
e6fe7986 985 u8 scan, status;
73f22f62
JH		 986 int err;
987
bdb6d971 988 BT_DBG("request for %s", hdev->name);
73f22f62 989
e6fe7986
JH		 990 status = mgmt_bredr_support(hdev);
991 if (status)
33c525c0 992 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
e6fe7986 993 status);
33c525c0 994
a7e80f25
JH		 995 if (cp->val != 0x00 && cp->val != 0x01)
996 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
997 MGMT_STATUS_INVALID_PARAMS);
998
1f350c87 999 timeout = __le16_to_cpu(cp->timeout);
24c54a90 1000 if (!cp->val && timeout > 0)
bdb6d971 1001 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 1002 MGMT_STATUS_INVALID_PARAMS);
73f22f62 1003
09fd0de5 1004 hci_dev_lock(hdev);
73f22f62 1005
5e5282bb 1006 if (!hdev_is_powered(hdev) && timeout > 0) {
bdb6d971 1007 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 1008 MGMT_STATUS_NOT_POWERED);
73f22f62
JH		 1009 goto failed;
1010 }
1011
2e58ef3e 1012 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 1013 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 1014 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 1015 MGMT_STATUS_BUSY);
73f22f62
JH		 1016 goto failed;
1017 }
1018
5e5282bb 1019 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) {
bdb6d971 1020 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 1021 MGMT_STATUS_REJECTED);
5e5282bb
JH		 1022 goto failed;
1023 }
1024
1025 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 1026 bool changed = false;
1027
1028 if (!!cp->val != test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
1029 change_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
1030 changed = true;
1031 }
1032
5e5282bb 1033 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
0224d2fa
JH		 1034 if (err < 0)
1035 goto failed;
1036
1037 if (changed)
1038 err = new_settings(hdev, sk);
1039
5e5282bb
JH		 1040 goto failed;
1041 }
1042
1043 if (!!cp->val == test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
955638ec
MH		 1044 if (hdev->discov_timeout > 0) {
1045 cancel_delayed_work(&hdev->discov_off);
1046 hdev->discov_timeout = 0;
1047 }
1048
1049 if (cp->val && timeout > 0) {
1050 hdev->discov_timeout = timeout;
1051 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
1052 msecs_to_jiffies(hdev->discov_timeout * 1000));
1053 }
1054
69ab39ea 1055 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
73f22f62
JH		 1056 goto failed;
1057 }
1058
2e58ef3e 1059 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
366a0336
JH		 1060 if (!cmd) {
1061 err = -ENOMEM;
73f22f62 1062 goto failed;
366a0336 1063 }
73f22f62 1064
bfaf8c9f
JH		 1065 hci_req_init(&req, hdev);
1066
73f22f62
JH		 1067 scan = SCAN_PAGE;
1068
72a734ec 1069 if (cp->val)
73f22f62 1070 scan |= SCAN_INQUIRY;
16ab91ab 1071 else
e0f9309f 1072 cancel_delayed_work(&hdev->discov_off);
73f22f62 1073
bfaf8c9f
JH		 1074 hci_req_add(&req, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1075
1076 err = hci_req_run(&req, set_discoverable_complete);
73f22f62 1077 if (err < 0)
a664b5bc 1078 mgmt_pending_remove(cmd);
73f22f62 1079
16ab91ab 1080 if (cp->val)
5e5282bb 1081 hdev->discov_timeout = timeout;
16ab91ab 1082
73f22f62 1083failed:
09fd0de5 1084 hci_dev_unlock(hdev);
73f22f62
JH		 1085 return err;
1086}
1087
406d7804
JH		 1088static void write_fast_connectable(struct hci_request *req, bool enable)
1089{
bd98b996 1090 struct hci_dev *hdev = req->hdev;
406d7804
JH		 1091 struct hci_cp_write_page_scan_activity acp;
1092 u8 type;
1093
4c01f8b8
JH		 1094 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
1095 return;
1096
406d7804
JH		 1097 if (enable) {
1098 type = PAGE_SCAN_TYPE_INTERLACED;
1099
1100 /* 160 msec page scan interval */
1101 acp.interval = __constant_cpu_to_le16(0x0100);
1102 } else {
1103 type = PAGE_SCAN_TYPE_STANDARD; /* default */
1104
1105 /* default 1.28 sec page scan */
1106 acp.interval = __constant_cpu_to_le16(0x0800);
1107 }
1108
1109 acp.window = __constant_cpu_to_le16(0x0012);
1110
bd98b996
JH		 1111 if (__cpu_to_le16(hdev->page_scan_interval) != acp.interval ||
1112 __cpu_to_le16(hdev->page_scan_window) != acp.window)
1113 hci_req_add(req, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
1114 sizeof(acp), &acp);
1115
1116 if (hdev->page_scan_type != type)
1117 hci_req_add(req, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
406d7804
JH		 1118}
1119
1987fdc7
JH		 1120static u8 get_adv_type(struct hci_dev *hdev)
1121{
1122 struct pending_cmd *cmd;
1123 bool connectable;
1124
1125 /* If there's a pending mgmt command the flag will not yet have
1126 * it's final value, so check for this first.
1127 */
1128 cmd = mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev);
1129 if (cmd) {
1130 struct mgmt_mode *cp = cmd->param;
1131 connectable = !!cp->val;
1132 } else {
1133 connectable = test_bit(HCI_CONNECTABLE, &hdev->dev_flags);
1134 }
1135
1136 return connectable ? LE_ADV_IND : LE_ADV_NONCONN_IND;
1137}
1138
95c66e75
JH		 1139static void enable_advertising(struct hci_request *req)
1140{
1141 struct hci_dev *hdev = req->hdev;
1142 struct hci_cp_le_set_adv_param cp;
1143 u8 enable = 0x01;
1144
1145 memset(&cp, 0, sizeof(cp));
1146 cp.min_interval = __constant_cpu_to_le16(0x0800);
1147 cp.max_interval = __constant_cpu_to_le16(0x0800);
1987fdc7 1148 cp.type = get_adv_type(hdev);
95c66e75
JH		 1149 if (bacmp(&hdev->bdaddr, BDADDR_ANY))
1150 cp.own_address_type = ADDR_LE_DEV_PUBLIC;
1151 else
1152 cp.own_address_type = ADDR_LE_DEV_RANDOM;
1153 cp.channel_map = 0x07;
1154
1155 hci_req_add(req, HCI_OP_LE_SET_ADV_PARAM, sizeof(cp), &cp);
1156
1157 hci_req_add(req, HCI_OP_LE_SET_ADV_ENABLE, sizeof(enable), &enable);
1158}
1159
1160static void disable_advertising(struct hci_request *req)
1161{
1162 u8 enable = 0x00;
1163
1164 hci_req_add(req, HCI_OP_LE_SET_ADV_ENABLE, sizeof(enable), &enable);
1165}
1166
2b76f453
JH		 1167static void set_connectable_complete(struct hci_dev *hdev, u8 status)
1168{
1169 struct pending_cmd *cmd;
d7b856f9
JH		 1170 struct mgmt_mode *cp;
1171 bool changed;
2b76f453
JH		 1172
1173 BT_DBG("status 0x%02x", status);
1174
1175 hci_dev_lock(hdev);
1176
1177 cmd = mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev);
1178 if (!cmd)
1179 goto unlock;
1180
37438c1f
JH		 1181 if (status) {
1182 u8 mgmt_err = mgmt_status(status);
1183 cmd_status(cmd->sk, cmd->index, cmd->opcode, mgmt_err);
1184 goto remove_cmd;
1185 }
1186
d7b856f9
JH		 1187 cp = cmd->param;
1188 if (cp->val)
1189 changed = !test_and_set_bit(HCI_CONNECTABLE, &hdev->dev_flags);
1190 else
1191 changed = test_and_clear_bit(HCI_CONNECTABLE, &hdev->dev_flags);
1192
2b76f453
JH		 1193 send_settings_rsp(cmd->sk, MGMT_OP_SET_CONNECTABLE, hdev);
1194
d7b856f9
JH		 1195 if (changed)
1196 new_settings(hdev, cmd->sk);
1197
37438c1f 1198remove_cmd:
2b76f453
JH		 1199 mgmt_pending_remove(cmd);
1200
1201unlock:
1202 hci_dev_unlock(hdev);
1203}
1204
bdb6d971 1205static int set_connectable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1206 u16 len)
9fbcbb45 1207{
650f726d 1208 struct mgmt_mode *cp = data;
366a0336 1209 struct pending_cmd *cmd;
2b76f453 1210 struct hci_request req;
1987fdc7 1211 u8 scan;
9fbcbb45
JH		 1212 int err;
1213
bdb6d971 1214 BT_DBG("request for %s", hdev->name);
9fbcbb45 1215
1987fdc7
JH		 1216 if (!test_bit(HCI_LE_ENABLED, &hdev->dev_flags) &&
1217 !test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags))
33c525c0 1218 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
1987fdc7 1219 MGMT_STATUS_REJECTED);
33c525c0 1220
a7e80f25
JH		 1221 if (cp->val != 0x00 && cp->val != 0x01)
1222 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
1223 MGMT_STATUS_INVALID_PARAMS);
1224
09fd0de5 1225 hci_dev_lock(hdev);
9fbcbb45 1226
4b34ee78 1227 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 1228 bool changed = false;
1229
1230 if (!!cp->val != test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
1231 changed = true;
1232
6bf0e469 1233 if (cp->val) {
5e5282bb 1234 set_bit(HCI_CONNECTABLE, &hdev->dev_flags);
6bf0e469 1235 } else {
5e5282bb
JH		 1236 clear_bit(HCI_CONNECTABLE, &hdev->dev_flags);
1237 clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
1238 }
0224d2fa 1239
5e5282bb 1240 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
0224d2fa
JH		 1241 if (err < 0)
1242 goto failed;
1243
1244 if (changed)
1245 err = new_settings(hdev, sk);
1246
9fbcbb45
JH		 1247 goto failed;
1248 }
1249
2e58ef3e 1250 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 1251 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 1252 err = cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
04124681 1253 MGMT_STATUS_BUSY);
9fbcbb45
JH		 1254 goto failed;
1255 }
1256
2e58ef3e 1257 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
366a0336
JH		 1258 if (!cmd) {
1259 err = -ENOMEM;
9fbcbb45 1260 goto failed;
366a0336 1261 }
9fbcbb45 1262
9b74246f 1263 hci_req_init(&req, hdev);
9fbcbb45 1264
9b74246f
JH		 1265 if (test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags) &&
1266 cp->val != test_bit(HCI_PSCAN, &hdev->flags)) {
df2c6c5e 1267
9b74246f
JH		 1268 if (cp->val) {
1269 scan = SCAN_PAGE;
1270 } else {
1271 scan = 0;
1272
1273 if (test_bit(HCI_ISCAN, &hdev->flags) &&
1274 hdev->discov_timeout > 0)
1275 cancel_delayed_work(&hdev->discov_off);
1276 }
2b76f453 1277
9b74246f
JH		 1278 hci_req_add(&req, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1279 }
2b76f453 1280
4c01f8b8
JH		 1281 /* If we're going from non-connectable to connectable or
1282 * vice-versa when fast connectable is enabled ensure that fast
1283 * connectable gets disabled. write_fast_connectable won't do
1284 * anything if the page scan parameters are already what they
1285 * should be.
1286 */
1287 if (cp->val || test_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags))
e36a3769
JH		 1288 write_fast_connectable(&req, false);
1289
1987fdc7
JH		 1290 if (test_bit(HCI_ADVERTISING, &hdev->dev_flags) &&
1291 hci_conn_num(hdev, LE_LINK) == 0) {
1292 disable_advertising(&req);
1293 enable_advertising(&req);
1294 }
1295
2b76f453 1296 err = hci_req_run(&req, set_connectable_complete);
9b74246f 1297 if (err < 0) {
a664b5bc 1298 mgmt_pending_remove(cmd);
9b74246f
JH		 1299 if (err == -ENODATA)
1300 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE,
1301 hdev);
1302 goto failed;
1303 }
9fbcbb45
JH		 1304
1305failed:
09fd0de5 1306 hci_dev_unlock(hdev);
9fbcbb45
JH		 1307 return err;
1308}
1309
bdb6d971 1310static int set_pairable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1311 u16 len)
c542a06c 1312{
650f726d 1313 struct mgmt_mode *cp = data;
55594356 1314 bool changed;
c542a06c
JH		 1315 int err;
1316
bdb6d971 1317 BT_DBG("request for %s", hdev->name);
c542a06c 1318
a7e80f25
JH		 1319 if (cp->val != 0x00 && cp->val != 0x01)
1320 return cmd_status(sk, hdev->id, MGMT_OP_SET_PAIRABLE,
1321 MGMT_STATUS_INVALID_PARAMS);
1322
09fd0de5 1323 hci_dev_lock(hdev);
c542a06c
JH		 1324
1325 if (cp->val)
55594356 1326 changed = !test_and_set_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1327 else
55594356 1328 changed = test_and_clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1329
69ab39ea 1330 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
c542a06c 1331 if (err < 0)
55594356 1332 goto unlock;
c542a06c 1333
55594356
MH		 1334 if (changed)
1335 err = new_settings(hdev, sk);
c542a06c 1336
55594356 1337unlock:
09fd0de5 1338 hci_dev_unlock(hdev);
c542a06c
JH		 1339 return err;
1340}
1341
04124681
GP		 1342static int set_link_security(struct sock *sk, struct hci_dev *hdev, void *data,
1343 u16 len)
33ef95ed
JH		 1344{
1345 struct mgmt_mode *cp = data;
1346 struct pending_cmd *cmd;
e6fe7986 1347 u8 val, status;
33ef95ed
JH		 1348 int err;
1349
bdb6d971 1350 BT_DBG("request for %s", hdev->name);
33ef95ed 1351
e6fe7986
JH		 1352 status = mgmt_bredr_support(hdev);
1353 if (status)
33c525c0 1354 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
e6fe7986 1355 status);
33c525c0 1356
a7e80f25
JH		 1357 if (cp->val != 0x00 && cp->val != 0x01)
1358 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
1359 MGMT_STATUS_INVALID_PARAMS);
1360
33ef95ed
JH		 1361 hci_dev_lock(hdev);
1362
4b34ee78 1363 if (!hdev_is_powered(hdev)) {
47990ea0
JH		 1364 bool changed = false;
1365
1366 if (!!cp->val != test_bit(HCI_LINK_SECURITY,
8ce8e2b5 1367 &hdev->dev_flags)) {
47990ea0
JH		 1368 change_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
1369 changed = true;
1370 }
1371
1372 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1373 if (err < 0)
1374 goto failed;
1375
1376 if (changed)
1377 err = new_settings(hdev, sk);
1378
33ef95ed
JH		 1379 goto failed;
1380 }
1381
1382 if (mgmt_pending_find(MGMT_OP_SET_LINK_SECURITY, hdev)) {
bdb6d971 1383 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
04124681 1384 MGMT_STATUS_BUSY);
33ef95ed
JH		 1385 goto failed;
1386 }
1387
1388 val = !!cp->val;
1389
1390 if (test_bit(HCI_AUTH, &hdev->flags) == val) {
1391 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1392 goto failed;
1393 }
1394
1395 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LINK_SECURITY, hdev, data, len);
1396 if (!cmd) {
1397 err = -ENOMEM;
1398 goto failed;
1399 }
1400
1401 err = hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(val), &val);
1402 if (err < 0) {
1403 mgmt_pending_remove(cmd);
1404 goto failed;
1405 }
1406
1407failed:
1408 hci_dev_unlock(hdev);
33ef95ed
JH		 1409 return err;
1410}
1411
bdb6d971 1412static int set_ssp(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
ed2c4ee3
JH		 1413{
1414 struct mgmt_mode *cp = data;
1415 struct pending_cmd *cmd;
72ef0c1a 1416 u8 status;
ed2c4ee3
JH		 1417 int err;
1418
bdb6d971 1419 BT_DBG("request for %s", hdev->name);
ed2c4ee3 1420
cdba5281
MH		 1421 status = mgmt_bredr_support(hdev);
1422 if (status)
1423 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP, status);
1424
13ecd8b6
JH		 1425 if (!lmp_ssp_capable(hdev))
1426 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1427 MGMT_STATUS_NOT_SUPPORTED);
ed2c4ee3 1428
a7e80f25
JH		 1429 if (cp->val != 0x00 && cp->val != 0x01)
1430 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1431 MGMT_STATUS_INVALID_PARAMS);
1432
13ecd8b6 1433 hci_dev_lock(hdev);
6c8f12c1 1434
4b34ee78 1435 if (!hdev_is_powered(hdev)) {
9ecb3e24 1436 bool changed;
c0ecddc2 1437
9ecb3e24
MH		 1438 if (cp->val) {
1439 changed = !test_and_set_bit(HCI_SSP_ENABLED,
1440 &hdev->dev_flags);
1441 } else {
1442 changed = test_and_clear_bit(HCI_SSP_ENABLED,
1443 &hdev->dev_flags);
1444 if (!changed)
1445 changed = test_and_clear_bit(HCI_HS_ENABLED,
1446 &hdev->dev_flags);
1447 else
1448 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
c0ecddc2
JH		 1449 }
1450
1451 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1452 if (err < 0)
1453 goto failed;
1454
1455 if (changed)
1456 err = new_settings(hdev, sk);
1457
ed2c4ee3
JH		 1458 goto failed;
1459 }
1460
9ecb3e24
MH		 1461 if (mgmt_pending_find(MGMT_OP_SET_SSP, hdev) ||
1462 mgmt_pending_find(MGMT_OP_SET_HS, hdev)) {
d97dcb66
SJ		 1463 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1464 MGMT_STATUS_BUSY);
ed2c4ee3
JH		 1465 goto failed;
1466 }
1467
72ef0c1a 1468 if (!!cp->val == test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
ed2c4ee3
JH		 1469 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1470 goto failed;
1471 }
1472
1473 cmd = mgmt_pending_add(sk, MGMT_OP_SET_SSP, hdev, data, len);
1474 if (!cmd) {
1475 err = -ENOMEM;
1476 goto failed;
1477 }
1478
72ef0c1a 1479 err = hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, 1, &cp->val);
ed2c4ee3
JH		 1480 if (err < 0) {
1481 mgmt_pending_remove(cmd);
1482 goto failed;
1483 }
1484
1485failed:
1486 hci_dev_unlock(hdev);
ed2c4ee3
JH		 1487 return err;
1488}
1489
bdb6d971 1490static int set_hs(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
6d80dfd0
JH		 1491{
1492 struct mgmt_mode *cp = data;
ee392693 1493 bool changed;
e6fe7986 1494 u8 status;
ee392693 1495 int err;
6d80dfd0 1496
bdb6d971 1497 BT_DBG("request for %s", hdev->name);
6d80dfd0 1498
e6fe7986
JH		 1499 status = mgmt_bredr_support(hdev);
1500 if (status)
1501 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS, status);
6d80dfd0 1502
9ecb3e24
MH		 1503 if (!lmp_ssp_capable(hdev))
1504 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
1505 MGMT_STATUS_NOT_SUPPORTED);
1506
1507 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
1508 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
1509 MGMT_STATUS_REJECTED);
1510
a7e80f25
JH		 1511 if (cp->val != 0x00 && cp->val != 0x01)
1512 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
1513 MGMT_STATUS_INVALID_PARAMS);
1514
ee392693
MH		 1515 hci_dev_lock(hdev);
1516
a0cdf960 1517 if (cp->val) {
ee392693 1518 changed = !test_and_set_bit(HCI_HS_ENABLED, &hdev->dev_flags);
a0cdf960
MH		 1519 } else {
1520 if (hdev_is_powered(hdev)) {
1521 err = cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
1522 MGMT_STATUS_REJECTED);
1523 goto unlock;
1524 }
1525
ee392693 1526 changed = test_and_clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
a0cdf960 1527 }
ee392693
MH		 1528
1529 err = send_settings_rsp(sk, MGMT_OP_SET_HS, hdev);
1530 if (err < 0)
1531 goto unlock;
1532
1533 if (changed)
1534 err = new_settings(hdev, sk);
6d80dfd0 1535
ee392693
MH		 1536unlock:
1537 hci_dev_unlock(hdev);
1538 return err;
6d80dfd0
JH		 1539}
1540
416a4ae5
JH		 1541static void le_enable_complete(struct hci_dev *hdev, u8 status)
1542{
1543 struct cmd_lookup match = { NULL, hdev };
1544
1545 if (status) {
1546 u8 mgmt_err = mgmt_status(status);
1547
1548 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, cmd_status_rsp,
1549 &mgmt_err);
1550 return;
1551 }
1552
1553 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, settings_rsp, &match);
1554
1555 new_settings(hdev, match.sk);
1556
1557 if (match.sk)
1558 sock_put(match.sk);
1559}
1560
bdb6d971 1561static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
06199cf8
JH		 1562{
1563 struct mgmt_mode *cp = data;
1564 struct hci_cp_write_le_host_supported hci_cp;
1565 struct pending_cmd *cmd;
416a4ae5 1566 struct hci_request req;
06199cf8 1567 int err;
0b60eba1 1568 u8 val, enabled;
06199cf8 1569
bdb6d971 1570 BT_DBG("request for %s", hdev->name);
06199cf8 1571
13ecd8b6
JH		 1572 if (!lmp_le_capable(hdev))
1573 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1574 MGMT_STATUS_NOT_SUPPORTED);
1de028ce 1575
a7e80f25
JH		 1576 if (cp->val != 0x00 && cp->val != 0x01)
1577 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1578 MGMT_STATUS_INVALID_PARAMS);
1579
c73eee91 1580 /* LE-only devices do not allow toggling LE on/off */
56f87901 1581 if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags))
c73eee91
JH		 1582 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1583 MGMT_STATUS_REJECTED);
1584
13ecd8b6 1585 hci_dev_lock(hdev);
06199cf8
JH		 1586
1587 val = !!cp->val;
ffa88e02 1588 enabled = lmp_host_le_capable(hdev);
06199cf8 1589
0b60eba1 1590 if (!hdev_is_powered(hdev) || val == enabled) {
06199cf8
JH		 1591 bool changed = false;
1592
1593 if (val != test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
1594 change_bit(HCI_LE_ENABLED, &hdev->dev_flags);
1595 changed = true;
1596 }
1597
f3d3444a
JH		 1598 if (!val && test_bit(HCI_ADVERTISING, &hdev->dev_flags)) {
1599 clear_bit(HCI_ADVERTISING, &hdev->dev_flags);
eeca6f89
JH		 1600 changed = true;
1601 }
1602
06199cf8
JH		 1603 err = send_settings_rsp(sk, MGMT_OP_SET_LE, hdev);
1604 if (err < 0)
1de028ce 1605 goto unlock;
06199cf8
JH		 1606
1607 if (changed)
1608 err = new_settings(hdev, sk);
1609
1de028ce 1610 goto unlock;
06199cf8
JH		 1611 }
1612
4375f103
JH		 1613 if (mgmt_pending_find(MGMT_OP_SET_LE, hdev) ||
1614 mgmt_pending_find(MGMT_OP_SET_ADVERTISING, hdev)) {
bdb6d971 1615 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
04124681 1616 MGMT_STATUS_BUSY);
1de028ce 1617 goto unlock;
06199cf8
JH		 1618 }
1619
1620 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LE, hdev, data, len);
1621 if (!cmd) {
1622 err = -ENOMEM;
1de028ce 1623 goto unlock;
06199cf8
JH		 1624 }
1625
1626 memset(&hci_cp, 0, sizeof(hci_cp));
1627
1628 if (val) {
1629 hci_cp.le = val;
ffa88e02 1630 hci_cp.simul = lmp_le_br_capable(hdev);
06199cf8
JH		 1631 }
1632
416a4ae5
JH		 1633 hci_req_init(&req, hdev);
1634
bba3aa55
MH		 1635 if (test_bit(HCI_ADVERTISING, &hdev->dev_flags) && !val)
1636 disable_advertising(&req);
eeca6f89 1637
416a4ae5
JH		 1638 hci_req_add(&req, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(hci_cp),
1639 &hci_cp);
1640
1641 err = hci_req_run(&req, le_enable_complete);
0c01bc48 1642 if (err < 0)
06199cf8 1643 mgmt_pending_remove(cmd);
06199cf8 1644
1de028ce
JH		 1645unlock:
1646 hci_dev_unlock(hdev);
06199cf8
JH		 1647 return err;
1648}
1649
0cab9c80
JH		 1650/* This is a helper function to test for pending mgmt commands that can
1651 * cause CoD or EIR HCI commands. We can only allow one such pending
1652 * mgmt command at a time since otherwise we cannot easily track what
1653 * the current values are, will be, and based on that calculate if a new
1654 * HCI command needs to be sent and if yes with what value.
1655 */
1656static bool pending_eir_or_class(struct hci_dev *hdev)
1657{
1658 struct pending_cmd *cmd;
1659
1660 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
1661 switch (cmd->opcode) {
1662 case MGMT_OP_ADD_UUID:
1663 case MGMT_OP_REMOVE_UUID:
1664 case MGMT_OP_SET_DEV_CLASS:
1665 case MGMT_OP_SET_POWERED:
1666 return true;
1667 }
1668 }
1669
1670 return false;
1671}
1672
83be8eca
JH		 1673static const u8 bluetooth_base_uuid[] = {
1674 0xfb, 0x34, 0x9b, 0x5f, 0x80, 0x00, 0x00, 0x80,
1675 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1676};
1677
1678static u8 get_uuid_size(const u8 *uuid)
1679{
1680 u32 val;
1681
1682 if (memcmp(uuid, bluetooth_base_uuid, 12))
1683 return 128;
1684
1685 val = get_unaligned_le32(&uuid[12]);
1686 if (val > 0xffff)
1687 return 32;
1688
1689 return 16;
1690}
1691
92da6097
JH		 1692static void mgmt_class_complete(struct hci_dev *hdev, u16 mgmt_op, u8 status)
1693{
1694 struct pending_cmd *cmd;
1695
1696 hci_dev_lock(hdev);
1697
1698 cmd = mgmt_pending_find(mgmt_op, hdev);
1699 if (!cmd)
1700 goto unlock;
1701
1702 cmd_complete(cmd->sk, cmd->index, cmd->opcode, mgmt_status(status),
1703 hdev->dev_class, 3);
1704
1705 mgmt_pending_remove(cmd);
1706
1707unlock:
1708 hci_dev_unlock(hdev);
1709}
1710
1711static void add_uuid_complete(struct hci_dev *hdev, u8 status)
1712{
1713 BT_DBG("status 0x%02x", status);
1714
1715 mgmt_class_complete(hdev, MGMT_OP_ADD_UUID, status);
1716}
1717
bdb6d971 1718static int add_uuid(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
2aeb9a1a 1719{
650f726d 1720 struct mgmt_cp_add_uuid *cp = data;
90e70454 1721 struct pending_cmd *cmd;
890ea898 1722 struct hci_request req;
2aeb9a1a 1723 struct bt_uuid *uuid;
2aeb9a1a
JH		 1724 int err;
1725
bdb6d971 1726 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1727
09fd0de5 1728 hci_dev_lock(hdev);
2aeb9a1a 1729
0cab9c80 1730 if (pending_eir_or_class(hdev)) {
bdb6d971 1731 err = cmd_status(sk, hdev->id, MGMT_OP_ADD_UUID,
04124681 1732 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1733 goto failed;
1734 }
1735
92c4c204 1736 uuid = kmalloc(sizeof(*uuid), GFP_KERNEL);
2aeb9a1a
JH		 1737 if (!uuid) {
1738 err = -ENOMEM;
1739 goto failed;
1740 }
1741
1742 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 1743 uuid->svc_hint = cp->svc_hint;
83be8eca 1744 uuid->size = get_uuid_size(cp->uuid);
2aeb9a1a 1745
de66aa63 1746 list_add_tail(&uuid->list, &hdev->uuids);
2aeb9a1a 1747
890ea898 1748 hci_req_init(&req, hdev);
1aff6f09 1749
890ea898
JH		 1750 update_class(&req);
1751 update_eir(&req);
1752
92da6097
JH		 1753 err = hci_req_run(&req, add_uuid_complete);
1754 if (err < 0) {
1755 if (err != -ENODATA)
1756 goto failed;
80a1e1db 1757
bdb6d971 1758 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_UUID, 0,
04124681 1759 hdev->dev_class, 3);
90e70454
JH		 1760 goto failed;
1761 }
1762
1763 cmd = mgmt_pending_add(sk, MGMT_OP_ADD_UUID, hdev, data, len);
890ea898 1764 if (!cmd) {
90e70454 1765 err = -ENOMEM;
890ea898
JH		 1766 goto failed;
1767 }
1768
1769 err = 0;
2aeb9a1a
JH		 1770
1771failed:
09fd0de5 1772 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1773 return err;
1774}
1775
24b78d0f
JH		 1776static bool enable_service_cache(struct hci_dev *hdev)
1777{
1778 if (!hdev_is_powered(hdev))
1779 return false;
1780
1781 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
46818ed5
JH		 1782 queue_delayed_work(hdev->workqueue, &hdev->service_cache,
1783 CACHE_TIMEOUT);
24b78d0f
JH		 1784 return true;
1785 }
1786
1787 return false;
1788}
1789
92da6097
JH		 1790static void remove_uuid_complete(struct hci_dev *hdev, u8 status)
1791{
1792 BT_DBG("status 0x%02x", status);
1793
1794 mgmt_class_complete(hdev, MGMT_OP_REMOVE_UUID, status);
1795}
1796
bdb6d971 1797static int remove_uuid(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1798 u16 len)
2aeb9a1a 1799{
650f726d 1800 struct mgmt_cp_remove_uuid *cp = data;
90e70454 1801 struct pending_cmd *cmd;
056341c8 1802 struct bt_uuid *match, *tmp;
2aeb9a1a 1803 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
890ea898 1804 struct hci_request req;
2aeb9a1a
JH		 1805 int err, found;
1806
bdb6d971 1807 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1808
09fd0de5 1809 hci_dev_lock(hdev);
2aeb9a1a 1810
0cab9c80 1811 if (pending_eir_or_class(hdev)) {
bdb6d971 1812 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1813 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1814 goto unlock;
1815 }
1816
2aeb9a1a
JH		 1817 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
1818 err = hci_uuids_clear(hdev);
4004b6d9 1819
24b78d0f 1820 if (enable_service_cache(hdev)) {
bdb6d971 1821 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1822 0, hdev->dev_class, 3);
24b78d0f
JH		 1823 goto unlock;
1824 }
4004b6d9 1825
9246a869 1826 goto update_class;
2aeb9a1a
JH		 1827 }
1828
1829 found = 0;
1830
056341c8 1831 list_for_each_entry_safe(match, tmp, &hdev->uuids, list) {
2aeb9a1a
JH		 1832 if (memcmp(match->uuid, cp->uuid, 16) != 0)
1833 continue;
1834
1835 list_del(&match->list);
482049f7 1836 kfree(match);
2aeb9a1a
JH		 1837 found++;
1838 }
1839
1840 if (found == 0) {
bdb6d971 1841 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1842 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a
JH		 1843 goto unlock;
1844 }
1845
9246a869 1846update_class:
890ea898 1847 hci_req_init(&req, hdev);
1aff6f09 1848
890ea898
JH		 1849 update_class(&req);
1850 update_eir(&req);
1851
92da6097
JH		 1852 err = hci_req_run(&req, remove_uuid_complete);
1853 if (err < 0) {
1854 if (err != -ENODATA)
1855 goto unlock;
80a1e1db 1856
bdb6d971 1857 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID, 0,
04124681 1858 hdev->dev_class, 3);
90e70454
JH		 1859 goto unlock;
1860 }
1861
1862 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_UUID, hdev, data, len);
890ea898 1863 if (!cmd) {
90e70454 1864 err = -ENOMEM;
890ea898
JH		 1865 goto unlock;
1866 }
1867
1868 err = 0;
2aeb9a1a
JH		 1869
1870unlock:
09fd0de5 1871 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1872 return err;
1873}
1874
92da6097
JH		 1875static void set_class_complete(struct hci_dev *hdev, u8 status)
1876{
1877 BT_DBG("status 0x%02x", status);
1878
1879 mgmt_class_complete(hdev, MGMT_OP_SET_DEV_CLASS, status);
1880}
1881
bdb6d971 1882static int set_dev_class(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1883 u16 len)
1aff6f09 1884{
650f726d 1885 struct mgmt_cp_set_dev_class *cp = data;
90e70454 1886 struct pending_cmd *cmd;
890ea898 1887 struct hci_request req;
1aff6f09
JH		 1888 int err;
1889
bdb6d971 1890 BT_DBG("request for %s", hdev->name);
1aff6f09 1891
6203fc98 1892 if (!lmp_bredr_capable(hdev))
13ecd8b6
JH		 1893 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1894 MGMT_STATUS_NOT_SUPPORTED);
1aff6f09 1895
0cab9c80 1896 hci_dev_lock(hdev);
ee98f473 1897
0cab9c80
JH		 1898 if (pending_eir_or_class(hdev)) {
1899 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1900 MGMT_STATUS_BUSY);
1901 goto unlock;
1902 }
c95f0ba7 1903
0cab9c80
JH		 1904 if ((cp->minor & 0x03) != 0 || (cp->major & 0xe0) != 0) {
1905 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1906 MGMT_STATUS_INVALID_PARAMS);
1907 goto unlock;
1908 }
575b3a02 1909
932f5ff5
JH		 1910 hdev->major_class = cp->major;
1911 hdev->minor_class = cp->minor;
1912
b5235a65 1913 if (!hdev_is_powered(hdev)) {
bdb6d971 1914 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1915 hdev->dev_class, 3);
b5235a65
JH		 1916 goto unlock;
1917 }
1918
890ea898
JH		 1919 hci_req_init(&req, hdev);
1920
a8b2d5c2 1921 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
7d78525d
JH		 1922 hci_dev_unlock(hdev);
1923 cancel_delayed_work_sync(&hdev->service_cache);
1924 hci_dev_lock(hdev);
890ea898 1925 update_eir(&req);
7d78525d 1926 }
14c0b608 1927
890ea898
JH		 1928 update_class(&req);
1929
92da6097
JH		 1930 err = hci_req_run(&req, set_class_complete);
1931 if (err < 0) {
1932 if (err != -ENODATA)
1933 goto unlock;
1aff6f09 1934
bdb6d971 1935 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1936 hdev->dev_class, 3);
90e70454
JH		 1937 goto unlock;
1938 }
1939
1940 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DEV_CLASS, hdev, data, len);
890ea898 1941 if (!cmd) {
90e70454 1942 err = -ENOMEM;
890ea898
JH		 1943 goto unlock;
1944 }
1945
1946 err = 0;
1aff6f09 1947
b5235a65 1948unlock:
09fd0de5 1949 hci_dev_unlock(hdev);
1aff6f09
JH		 1950 return err;
1951}
1952
bdb6d971 1953static int load_link_keys(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1954 u16 len)
55ed8ca1 1955{
650f726d 1956 struct mgmt_cp_load_link_keys *cp = data;
4e51eae9 1957 u16 key_count, expected_len;
a492cd52 1958 int i;
55ed8ca1 1959
9060d5cf
MH		 1960 BT_DBG("request for %s", hdev->name);
1961
1962 if (!lmp_bredr_capable(hdev))
1963 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
1964 MGMT_STATUS_NOT_SUPPORTED);
1965
1f350c87 1966 key_count = __le16_to_cpu(cp->key_count);
55ed8ca1 1967
86742e1e
JH		 1968 expected_len = sizeof(*cp) + key_count *
1969 sizeof(struct mgmt_link_key_info);
a492cd52 1970 if (expected_len != len) {
86742e1e 1971 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
8ce8e2b5 1972 len, expected_len);
bdb6d971 1973 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
04124681 1974 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1
JH		 1975 }
1976
4ae14301
JH		 1977 if (cp->debug_keys != 0x00 && cp->debug_keys != 0x01)
1978 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
1979 MGMT_STATUS_INVALID_PARAMS);
1980
bdb6d971 1981 BT_DBG("%s debug_keys %u key_count %u", hdev->name, cp->debug_keys,
8ce8e2b5 1982 key_count);
55ed8ca1 1983
4ee71b20
JH		 1984 for (i = 0; i < key_count; i++) {
1985 struct mgmt_link_key_info *key = &cp->keys[i];
1986
1987 if (key->addr.type != BDADDR_BREDR)
1988 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
1989 MGMT_STATUS_INVALID_PARAMS);
1990 }
1991
09fd0de5 1992 hci_dev_lock(hdev);
55ed8ca1
JH		 1993
1994 hci_link_keys_clear(hdev);
1995
55ed8ca1 1996 if (cp->debug_keys)
a8b2d5c2 1997 set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1998 else
a8b2d5c2 1999 clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 2000
a492cd52 2001 for (i = 0; i < key_count; i++) {
86742e1e 2002 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 2003
d753fdc4 2004 hci_add_link_key(hdev, NULL, 0, &key->addr.bdaddr, key->val,
04124681 2005 key->type, key->pin_len);
55ed8ca1
JH		 2006 }
2007
bdb6d971 2008 cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS, 0, NULL, 0);
0e5f875a 2009
09fd0de5 2010 hci_dev_unlock(hdev);
55ed8ca1 2011
a492cd52 2012 return 0;
55ed8ca1
JH		 2013}
2014
b1078ad0 2015static int device_unpaired(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 2016 u8 addr_type, struct sock *skip_sk)
b1078ad0
JH		 2017{
2018 struct mgmt_ev_device_unpaired ev;
2019
2020 bacpy(&ev.addr.bdaddr, bdaddr);
2021 ev.addr.type = addr_type;
2022
2023 return mgmt_event(MGMT_EV_DEVICE_UNPAIRED, hdev, &ev, sizeof(ev),
04124681 2024 skip_sk);
b1078ad0
JH		 2025}
2026
bdb6d971 2027static int unpair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2028 u16 len)
55ed8ca1 2029{
124f6e35
JH		 2030 struct mgmt_cp_unpair_device *cp = data;
2031 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 2032 struct hci_cp_disconnect dc;
2033 struct pending_cmd *cmd;
55ed8ca1 2034 struct hci_conn *conn;
55ed8ca1
JH		 2035 int err;
2036
a8a1d19e 2037 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 2038 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
2039 rp.addr.type = cp->addr.type;
a8a1d19e 2040
4ee71b20
JH		 2041 if (!bdaddr_type_is_valid(cp->addr.type))
2042 return cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
2043 MGMT_STATUS_INVALID_PARAMS,
2044 &rp, sizeof(rp));
2045
118da70b
JH		 2046 if (cp->disconnect != 0x00 && cp->disconnect != 0x01)
2047 return cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
2048 MGMT_STATUS_INVALID_PARAMS,
2049 &rp, sizeof(rp));
2050
4ee71b20
JH		 2051 hci_dev_lock(hdev);
2052
86a8cfc6 2053 if (!hdev_is_powered(hdev)) {
bdb6d971 2054 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 2055 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
86a8cfc6
JH		 2056 goto unlock;
2057 }
2058
591f47f3 2059 if (cp->addr.type == BDADDR_BREDR)
124f6e35
JH		 2060 err = hci_remove_link_key(hdev, &cp->addr.bdaddr);
2061 else
2062 err = hci_remove_ltk(hdev, &cp->addr.bdaddr);
b0dbfb46 2063
55ed8ca1 2064 if (err < 0) {
bdb6d971 2065 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 2066 MGMT_STATUS_NOT_PAIRED, &rp, sizeof(rp));
55ed8ca1
JH		 2067 goto unlock;
2068 }
2069
86a8cfc6 2070 if (cp->disconnect) {
591f47f3 2071 if (cp->addr.type == BDADDR_BREDR)
86a8cfc6 2072 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
8ce8e2b5 2073 &cp->addr.bdaddr);
86a8cfc6
JH		 2074 else
2075 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK,
8ce8e2b5 2076 &cp->addr.bdaddr);
86a8cfc6
JH		 2077 } else {
2078 conn = NULL;
2079 }
124f6e35 2080
a8a1d19e 2081 if (!conn) {
bdb6d971 2082 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE, 0,
04124681 2083 &rp, sizeof(rp));
b1078ad0 2084 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
a8a1d19e
JH		 2085 goto unlock;
2086 }
55ed8ca1 2087
124f6e35 2088 cmd = mgmt_pending_add(sk, MGMT_OP_UNPAIR_DEVICE, hdev, cp,
04124681 2089 sizeof(*cp));
a8a1d19e
JH		 2090 if (!cmd) {
2091 err = -ENOMEM;
2092 goto unlock;
55ed8ca1
JH		 2093 }
2094
eb55ef07 2095 dc.handle = cpu_to_le16(conn->handle);
a8a1d19e
JH		 2096 dc.reason = 0x13; /* Remote User Terminated Connection */
2097 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
2098 if (err < 0)
2099 mgmt_pending_remove(cmd);
2100
55ed8ca1 2101unlock:
09fd0de5 2102 hci_dev_unlock(hdev);
55ed8ca1
JH		 2103 return err;
2104}
2105
bdb6d971 2106static int disconnect(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2107 u16 len)
8962ee74 2108{
650f726d 2109 struct mgmt_cp_disconnect *cp = data;
06a63b19 2110 struct mgmt_rp_disconnect rp;
8962ee74 2111 struct hci_cp_disconnect dc;
366a0336 2112 struct pending_cmd *cmd;
8962ee74 2113 struct hci_conn *conn;
8962ee74
JH		 2114 int err;
2115
2116 BT_DBG("");
2117
06a63b19
JH		 2118 memset(&rp, 0, sizeof(rp));
2119 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
2120 rp.addr.type = cp->addr.type;
2121
4ee71b20 2122 if (!bdaddr_type_is_valid(cp->addr.type))
06a63b19
JH		 2123 return cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
2124 MGMT_STATUS_INVALID_PARAMS,
2125 &rp, sizeof(rp));
4ee71b20 2126
09fd0de5 2127 hci_dev_lock(hdev);
8962ee74
JH		 2128
2129 if (!test_bit(HCI_UP, &hdev->flags)) {
06a63b19
JH		 2130 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
2131 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
8962ee74
JH		 2132 goto failed;
2133 }
2134
2e58ef3e 2135 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
06a63b19
JH		 2136 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
2137 MGMT_STATUS_BUSY, &rp, sizeof(rp));
8962ee74
JH		 2138 goto failed;
2139 }
2140
591f47f3 2141 if (cp->addr.type == BDADDR_BREDR)
8fc9ced3
GP		 2142 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
2143 &cp->addr.bdaddr);
88c3df13
JH		 2144 else
2145 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr);
365227e5 2146
f960727e 2147 if (!conn || conn->state == BT_OPEN || conn->state == BT_CLOSED) {
06a63b19
JH		 2148 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
2149 MGMT_STATUS_NOT_CONNECTED, &rp, sizeof(rp));
8962ee74
JH		 2150 goto failed;
2151 }
2152
2e58ef3e 2153 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
366a0336
JH		 2154 if (!cmd) {
2155 err = -ENOMEM;
8962ee74 2156 goto failed;
366a0336 2157 }
8962ee74 2158
eb55ef07 2159 dc.handle = cpu_to_le16(conn->handle);
3701f944 2160 dc.reason = HCI_ERROR_REMOTE_USER_TERM;
8962ee74
JH		 2161
2162 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
2163 if (err < 0)
a664b5bc 2164 mgmt_pending_remove(cmd);
8962ee74
JH		 2165
2166failed:
09fd0de5 2167 hci_dev_unlock(hdev);
8962ee74
JH		 2168 return err;
2169}
2170
57c1477c 2171static u8 link_to_bdaddr(u8 link_type, u8 addr_type)
4c659c39
JH		 2172{
2173 switch (link_type) {
2174 case LE_LINK:
48264f06
JH		 2175 switch (addr_type) {
2176 case ADDR_LE_DEV_PUBLIC:
591f47f3 2177 return BDADDR_LE_PUBLIC;
0ed09148 2178
48264f06 2179 default:
0ed09148 2180 /* Fallback to LE Random address type */
591f47f3 2181 return BDADDR_LE_RANDOM;
48264f06 2182 }
0ed09148 2183
4c659c39 2184 default:
0ed09148 2185 /* Fallback to BR/EDR type */
591f47f3 2186 return BDADDR_BREDR;
4c659c39
JH		 2187 }
2188}
2189
04124681
GP		 2190static int get_connections(struct sock *sk, struct hci_dev *hdev, void *data,
2191 u16 data_len)
2784eb41 2192{
2784eb41 2193 struct mgmt_rp_get_connections *rp;
8035ded4 2194 struct hci_conn *c;
a38528f1 2195 size_t rp_len;
60fc5fb6
JH		 2196 int err;
2197 u16 i;
2784eb41
JH		 2198
2199 BT_DBG("");
2200
09fd0de5 2201 hci_dev_lock(hdev);
2784eb41 2202
5f97c1df 2203 if (!hdev_is_powered(hdev)) {
bdb6d971 2204 err = cmd_status(sk, hdev->id, MGMT_OP_GET_CONNECTIONS,
04124681 2205 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 2206 goto unlock;
2207 }
2208
60fc5fb6 2209 i = 0;
b644ba33
JH		 2210 list_for_each_entry(c, &hdev->conn_hash.list, list) {
2211 if (test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
60fc5fb6 2212 i++;
2784eb41
JH		 2213 }
2214
60fc5fb6 2215 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
92c4c204 2216 rp = kmalloc(rp_len, GFP_KERNEL);
a38528f1 2217 if (!rp) {
2784eb41
JH		 2218 err = -ENOMEM;
2219 goto unlock;
2220 }
2221
2784eb41 2222 i = 0;
4c659c39 2223 list_for_each_entry(c, &hdev->conn_hash.list, list) {
b644ba33
JH		 2224 if (!test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
2225 continue;
4c659c39 2226 bacpy(&rp->addr[i].bdaddr, &c->dst);
57c1477c 2227 rp->addr[i].type = link_to_bdaddr(c->type, c->dst_type);
0ed09148 2228 if (c->type == SCO_LINK || c->type == ESCO_LINK)
4c659c39
JH		 2229 continue;
2230 i++;
2231 }
2232
eb55ef07 2233 rp->conn_count = cpu_to_le16(i);
60fc5fb6 2234
4c659c39
JH		 2235 /* Recalculate length in case of filtered SCO connections, etc */
2236 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
2784eb41 2237
bdb6d971 2238 err = cmd_complete(sk, hdev->id, MGMT_OP_GET_CONNECTIONS, 0, rp,
04124681 2239 rp_len);
2784eb41 2240
a38528f1 2241 kfree(rp);
5f97c1df
JH		 2242
2243unlock:
09fd0de5 2244 hci_dev_unlock(hdev);
2784eb41
JH		 2245 return err;
2246}
2247
bdb6d971 2248static int send_pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2249 struct mgmt_cp_pin_code_neg_reply *cp)
96d97a67
WR		 2250{
2251 struct pending_cmd *cmd;
2252 int err;
2253
2e58ef3e 2254 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
04124681 2255 sizeof(*cp));
96d97a67
WR		 2256 if (!cmd)
2257 return -ENOMEM;
2258
d8457698 2259 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
04124681 2260 sizeof(cp->addr.bdaddr), &cp->addr.bdaddr);
96d97a67
WR		 2261 if (err < 0)
2262 mgmt_pending_remove(cmd);
2263
2264 return err;
2265}
2266
bdb6d971 2267static int pin_code_reply(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2268 u16 len)
980e1a53 2269{
96d97a67 2270 struct hci_conn *conn;
650f726d 2271 struct mgmt_cp_pin_code_reply *cp = data;
980e1a53 2272 struct hci_cp_pin_code_reply reply;
366a0336 2273 struct pending_cmd *cmd;
980e1a53
JH		 2274 int err;
2275
2276 BT_DBG("");
2277
09fd0de5 2278 hci_dev_lock(hdev);
980e1a53 2279
4b34ee78 2280 if (!hdev_is_powered(hdev)) {
bdb6d971 2281 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 2282 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 2283 goto failed;
2284 }
2285
d8457698 2286 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
96d97a67 2287 if (!conn) {
bdb6d971 2288 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 2289 MGMT_STATUS_NOT_CONNECTED);
96d97a67
WR		 2290 goto failed;
2291 }
2292
2293 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
d8457698
JH		 2294 struct mgmt_cp_pin_code_neg_reply ncp;
2295
2296 memcpy(&ncp.addr, &cp->addr, sizeof(ncp.addr));
96d97a67
WR		 2297
2298 BT_ERR("PIN code is not 16 bytes long");
2299
bdb6d971 2300 err = send_pin_code_neg_reply(sk, hdev, &ncp);
96d97a67 2301 if (err >= 0)
bdb6d971 2302 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 2303 MGMT_STATUS_INVALID_PARAMS);
96d97a67
WR		 2304
2305 goto failed;
2306 }
2307
00abfe44 2308 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
366a0336
JH		 2309 if (!cmd) {
2310 err = -ENOMEM;
980e1a53 2311 goto failed;
366a0336 2312 }
980e1a53 2313
d8457698 2314 bacpy(&reply.bdaddr, &cp->addr.bdaddr);
980e1a53 2315 reply.pin_len = cp->pin_len;
24718ca5 2316 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 2317
2318 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
2319 if (err < 0)
a664b5bc 2320 mgmt_pending_remove(cmd);
980e1a53
JH		 2321
2322failed:
09fd0de5 2323 hci_dev_unlock(hdev);
980e1a53
JH		 2324 return err;
2325}
2326
04124681
GP		 2327static int set_io_capability(struct sock *sk, struct hci_dev *hdev, void *data,
2328 u16 len)
17fa4b9d 2329{
650f726d 2330 struct mgmt_cp_set_io_capability *cp = data;
17fa4b9d
JH		 2331
2332 BT_DBG("");
2333
09fd0de5 2334 hci_dev_lock(hdev);
17fa4b9d
JH		 2335
2336 hdev->io_capability = cp->io_capability;
2337
2338 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
8ce8e2b5 2339 hdev->io_capability);
17fa4b9d 2340
09fd0de5 2341 hci_dev_unlock(hdev);
17fa4b9d 2342
04124681
GP		 2343 return cmd_complete(sk, hdev->id, MGMT_OP_SET_IO_CAPABILITY, 0, NULL,
2344 0);
17fa4b9d
JH		 2345}
2346
6039aa73 2347static struct pending_cmd *find_pairing(struct hci_conn *conn)
e9a416b5
JH		 2348{
2349 struct hci_dev *hdev = conn->hdev;
8035ded4 2350 struct pending_cmd *cmd;
e9a416b5 2351
2e58ef3e 2352 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
e9a416b5
JH		 2353 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
2354 continue;
2355
e9a416b5
JH		 2356 if (cmd->user_data != conn)
2357 continue;
2358
2359 return cmd;
2360 }
2361
2362 return NULL;
2363}
2364
2365static void pairing_complete(struct pending_cmd *cmd, u8 status)
2366{
2367 struct mgmt_rp_pair_device rp;
2368 struct hci_conn *conn = cmd->user_data;
2369
ba4e564f 2370 bacpy(&rp.addr.bdaddr, &conn->dst);
57c1477c 2371 rp.addr.type = link_to_bdaddr(conn->type, conn->dst_type);
e9a416b5 2372
aee9b218 2373 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, status,
04124681 2374 &rp, sizeof(rp));
e9a416b5
JH		 2375
2376 /* So we don't get further callbacks for this connection */
2377 conn->connect_cfm_cb = NULL;
2378 conn->security_cfm_cb = NULL;
2379 conn->disconn_cfm_cb = NULL;
2380
76a68ba0 2381 hci_conn_drop(conn);
e9a416b5 2382
a664b5bc 2383 mgmt_pending_remove(cmd);
e9a416b5
JH		 2384}
2385
2386static void pairing_complete_cb(struct hci_conn *conn, u8 status)
2387{
2388 struct pending_cmd *cmd;
2389
2390 BT_DBG("status %u", status);
2391
2392 cmd = find_pairing(conn);
56e5cb86 2393 if (!cmd)
e9a416b5 2394 BT_DBG("Unable to find a pending command");
56e5cb86 2395 else
e211326c 2396 pairing_complete(cmd, mgmt_status(status));
e9a416b5
JH		 2397}
2398
4c47d739
VA		 2399static void le_connect_complete_cb(struct hci_conn *conn, u8 status)
2400{
2401 struct pending_cmd *cmd;
2402
2403 BT_DBG("status %u", status);
2404
2405 if (!status)
2406 return;
2407
2408 cmd = find_pairing(conn);
2409 if (!cmd)
2410 BT_DBG("Unable to find a pending command");
2411 else
2412 pairing_complete(cmd, mgmt_status(status));
2413}
2414
bdb6d971 2415static int pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2416 u16 len)
e9a416b5 2417{
650f726d 2418 struct mgmt_cp_pair_device *cp = data;
1425acb7 2419 struct mgmt_rp_pair_device rp;
e9a416b5
JH		 2420 struct pending_cmd *cmd;
2421 u8 sec_level, auth_type;
2422 struct hci_conn *conn;
e9a416b5
JH		 2423 int err;
2424
2425 BT_DBG("");
2426
f950a30e
SJ		 2427 memset(&rp, 0, sizeof(rp));
2428 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
2429 rp.addr.type = cp->addr.type;
2430
4ee71b20
JH		 2431 if (!bdaddr_type_is_valid(cp->addr.type))
2432 return cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
2433 MGMT_STATUS_INVALID_PARAMS,
2434 &rp, sizeof(rp));
2435
09fd0de5 2436 hci_dev_lock(hdev);
e9a416b5 2437
5f97c1df 2438 if (!hdev_is_powered(hdev)) {
f950a30e
SJ		 2439 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
2440 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
5f97c1df
JH		 2441 goto unlock;
2442 }
2443
c908df36
VCG		 2444 sec_level = BT_SECURITY_MEDIUM;
2445 if (cp->io_cap == 0x03)
e9a416b5 2446 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 2447 else
e9a416b5 2448 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 2449
591f47f3 2450 if (cp->addr.type == BDADDR_BREDR)
b12f62cf
AG		 2451 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr,
2452 cp->addr.type, sec_level, auth_type);
7a512d01 2453 else
b12f62cf
AG		 2454 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr,
2455 cp->addr.type, sec_level, auth_type);
7a512d01 2456
30e76272 2457 if (IS_ERR(conn)) {
489dc48e
AK		 2458 int status;
2459
2460 if (PTR_ERR(conn) == -EBUSY)
2461 status = MGMT_STATUS_BUSY;
2462 else
2463 status = MGMT_STATUS_CONNECT_FAILED;
2464
bdb6d971 2465 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
489dc48e 2466 status, &rp,
04124681 2467 sizeof(rp));
e9a416b5
JH		 2468 goto unlock;
2469 }
2470
2471 if (conn->connect_cfm_cb) {
76a68ba0 2472 hci_conn_drop(conn);
bdb6d971 2473 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 2474 MGMT_STATUS_BUSY, &rp, sizeof(rp));
e9a416b5
JH		 2475 goto unlock;
2476 }
2477
2e58ef3e 2478 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
e9a416b5
JH		 2479 if (!cmd) {
2480 err = -ENOMEM;
76a68ba0 2481 hci_conn_drop(conn);
e9a416b5
JH		 2482 goto unlock;
2483 }
2484
7a512d01 2485 /* For LE, just connecting isn't a proof that the pairing finished */
591f47f3 2486 if (cp->addr.type == BDADDR_BREDR)
7a512d01 2487 conn->connect_cfm_cb = pairing_complete_cb;
4c47d739
VA		 2488 else
2489 conn->connect_cfm_cb = le_connect_complete_cb;
7a512d01 2490
e9a416b5
JH		 2491 conn->security_cfm_cb = pairing_complete_cb;
2492 conn->disconn_cfm_cb = pairing_complete_cb;
2493 conn->io_capability = cp->io_cap;
2494 cmd->user_data = conn;
2495
2496 if (conn->state == BT_CONNECTED &&
8ce8e2b5 2497 hci_conn_security(conn, sec_level, auth_type))
e9a416b5
JH		 2498 pairing_complete(cmd, 0);
2499
2500 err = 0;
2501
2502unlock:
09fd0de5 2503 hci_dev_unlock(hdev);
e9a416b5
JH		 2504 return err;
2505}
2506
04124681
GP		 2507static int cancel_pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
2508 u16 len)
28424707 2509{
0f4e68cf 2510 struct mgmt_addr_info *addr = data;
28424707
JH		 2511 struct pending_cmd *cmd;
2512 struct hci_conn *conn;
2513 int err;
2514
2515 BT_DBG("");
2516
28424707
JH		 2517 hci_dev_lock(hdev);
2518
5f97c1df 2519 if (!hdev_is_powered(hdev)) {
bdb6d971 2520 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2521 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 2522 goto unlock;
2523 }
2524
28424707
JH		 2525 cmd = mgmt_pending_find(MGMT_OP_PAIR_DEVICE, hdev);
2526 if (!cmd) {
bdb6d971 2527 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2528 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2529 goto unlock;
2530 }
2531
2532 conn = cmd->user_data;
2533
2534 if (bacmp(&addr->bdaddr, &conn->dst) != 0) {
bdb6d971 2535 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2536 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2537 goto unlock;
2538 }
2539
2540 pairing_complete(cmd, MGMT_STATUS_CANCELLED);
2541
bdb6d971 2542 err = cmd_complete(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE, 0,
04124681 2543 addr, sizeof(*addr));
28424707
JH		 2544unlock:
2545 hci_dev_unlock(hdev);
28424707
JH		 2546 return err;
2547}
2548
bdb6d971 2549static int user_pairing_resp(struct sock *sk, struct hci_dev *hdev,
1707c60e 2550 struct mgmt_addr_info *addr, u16 mgmt_op,
04124681 2551 u16 hci_op, __le32 passkey)
a5c29683 2552{
a5c29683 2553 struct pending_cmd *cmd;
0df4c185 2554 struct hci_conn *conn;
a5c29683
JH		 2555 int err;
2556
09fd0de5 2557 hci_dev_lock(hdev);
08ba5382 2558
4b34ee78 2559 if (!hdev_is_powered(hdev)) {
feb94d3d
JH		 2560 err = cmd_complete(sk, hdev->id, mgmt_op,
2561 MGMT_STATUS_NOT_POWERED, addr,
2562 sizeof(*addr));
0df4c185 2563 goto done;
a5c29683
JH		 2564 }
2565
1707c60e
JH		 2566 if (addr->type == BDADDR_BREDR)
2567 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &addr->bdaddr);
272d90df 2568 else
1707c60e 2569 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &addr->bdaddr);
272d90df
JH		 2570
2571 if (!conn) {
feb94d3d
JH		 2572 err = cmd_complete(sk, hdev->id, mgmt_op,
2573 MGMT_STATUS_NOT_CONNECTED, addr,
2574 sizeof(*addr));
272d90df
JH		 2575 goto done;
2576 }
47c15e2b 2577
1707c60e 2578 if (addr->type == BDADDR_LE_PUBLIC || addr->type == BDADDR_LE_RANDOM) {
47c15e2b 2579 /* Continue with pairing via SMP */
5fe57d9e
BG		 2580 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
2581
2582 if (!err)
feb94d3d
JH		 2583 err = cmd_complete(sk, hdev->id, mgmt_op,
2584 MGMT_STATUS_SUCCESS, addr,
2585 sizeof(*addr));
5fe57d9e 2586 else
feb94d3d
JH		 2587 err = cmd_complete(sk, hdev->id, mgmt_op,
2588 MGMT_STATUS_FAILED, addr,
2589 sizeof(*addr));
47c15e2b 2590
47c15e2b
BG		 2591 goto done;
2592 }
2593
1707c60e 2594 cmd = mgmt_pending_add(sk, mgmt_op, hdev, addr, sizeof(*addr));
a5c29683
JH		 2595 if (!cmd) {
2596 err = -ENOMEM;
0df4c185 2597 goto done;
a5c29683
JH		 2598 }
2599
0df4c185 2600 /* Continue with pairing via HCI */
604086b7
BG		 2601 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
2602 struct hci_cp_user_passkey_reply cp;
2603
1707c60e 2604 bacpy(&cp.bdaddr, &addr->bdaddr);
604086b7
BG		 2605 cp.passkey = passkey;
2606 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
2607 } else
1707c60e
JH		 2608 err = hci_send_cmd(hdev, hci_op, sizeof(addr->bdaddr),
2609 &addr->bdaddr);
604086b7 2610
a664b5bc
JH		 2611 if (err < 0)
2612 mgmt_pending_remove(cmd);
a5c29683 2613
0df4c185 2614done:
09fd0de5 2615 hci_dev_unlock(hdev);
a5c29683
JH		 2616 return err;
2617}
2618
afeb019d
JK		 2619static int pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
2620 void *data, u16 len)
2621{
2622 struct mgmt_cp_pin_code_neg_reply *cp = data;
2623
2624 BT_DBG("");
2625
1707c60e 2626 return user_pairing_resp(sk, hdev, &cp->addr,
afeb019d
JK		 2627 MGMT_OP_PIN_CODE_NEG_REPLY,
2628 HCI_OP_PIN_CODE_NEG_REPLY, 0);
2629}
2630
04124681
GP		 2631static int user_confirm_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2632 u16 len)
0df4c185 2633{
650f726d 2634 struct mgmt_cp_user_confirm_reply *cp = data;
0df4c185
BG		 2635
2636 BT_DBG("");
2637
2638 if (len != sizeof(*cp))
bdb6d971 2639 return cmd_status(sk, hdev->id, MGMT_OP_USER_CONFIRM_REPLY,
04124681 2640 MGMT_STATUS_INVALID_PARAMS);
0df4c185 2641
1707c60e 2642 return user_pairing_resp(sk, hdev, &cp->addr,
04124681
GP		 2643 MGMT_OP_USER_CONFIRM_REPLY,
2644 HCI_OP_USER_CONFIRM_REPLY, 0);
0df4c185
BG		 2645}
2646
bdb6d971 2647static int user_confirm_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2648 void *data, u16 len)
0df4c185 2649{
c9c2659f 2650 struct mgmt_cp_user_confirm_neg_reply *cp = data;
0df4c185
BG		 2651
2652 BT_DBG("");
2653
1707c60e 2654 return user_pairing_resp(sk, hdev, &cp->addr,
04124681
GP		 2655 MGMT_OP_USER_CONFIRM_NEG_REPLY,
2656 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
0df4c185
BG		 2657}
2658
04124681
GP		 2659static int user_passkey_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2660 u16 len)
604086b7 2661{
650f726d 2662 struct mgmt_cp_user_passkey_reply *cp = data;
604086b7
BG		 2663
2664 BT_DBG("");
2665
1707c60e 2666 return user_pairing_resp(sk, hdev, &cp->addr,
04124681
GP		 2667 MGMT_OP_USER_PASSKEY_REPLY,
2668 HCI_OP_USER_PASSKEY_REPLY, cp->passkey);
604086b7
BG		 2669}
2670
bdb6d971 2671static int user_passkey_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2672 void *data, u16 len)
604086b7 2673{
650f726d 2674 struct mgmt_cp_user_passkey_neg_reply *cp = data;
604086b7
BG		 2675
2676 BT_DBG("");
2677
1707c60e 2678 return user_pairing_resp(sk, hdev, &cp->addr,
04124681
GP		 2679 MGMT_OP_USER_PASSKEY_NEG_REPLY,
2680 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
604086b7
BG		 2681}
2682
13928971 2683static void update_name(struct hci_request *req)
2b4bf397 2684{
13928971 2685 struct hci_dev *hdev = req->hdev;
2b4bf397
JH		 2686 struct hci_cp_write_local_name cp;
2687
13928971 2688 memcpy(cp.name, hdev->dev_name, sizeof(cp.name));
2b4bf397 2689
890ea898 2690 hci_req_add(req, HCI_OP_WRITE_LOCAL_NAME, sizeof(cp), &cp);
2b4bf397
JH		 2691}
2692
13928971
JH		 2693static void set_name_complete(struct hci_dev *hdev, u8 status)
2694{
2695 struct mgmt_cp_set_local_name *cp;
2696 struct pending_cmd *cmd;
2697
2698 BT_DBG("status 0x%02x", status);
2699
2700 hci_dev_lock(hdev);
2701
2702 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
2703 if (!cmd)
2704 goto unlock;
2705
2706 cp = cmd->param;
2707
2708 if (status)
2709 cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
2710 mgmt_status(status));
2711 else
2712 cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
2713 cp, sizeof(*cp));
2714
2715 mgmt_pending_remove(cmd);
2716
2717unlock:
2718 hci_dev_unlock(hdev);
2719}
2720
bdb6d971 2721static int set_local_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2722 u16 len)
b312b161 2723{
2b4bf397 2724 struct mgmt_cp_set_local_name *cp = data;
b312b161 2725 struct pending_cmd *cmd;
890ea898 2726 struct hci_request req;
b312b161
JH		 2727 int err;
2728
2729 BT_DBG("");
2730
09fd0de5 2731 hci_dev_lock(hdev);
b312b161 2732
b3f2ca94
JH		 2733 /* If the old values are the same as the new ones just return a
2734 * direct command complete event.
2735 */
2736 if (!memcmp(hdev->dev_name, cp->name, sizeof(hdev->dev_name)) &&
2737 !memcmp(hdev->short_name, cp->short_name,
2738 sizeof(hdev->short_name))) {
2739 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
2740 data, len);
2741 goto failed;
2742 }
2743
2b4bf397 2744 memcpy(hdev->short_name, cp->short_name, sizeof(hdev->short_name));
28cc7bde 2745
b5235a65 2746 if (!hdev_is_powered(hdev)) {
2b4bf397 2747 memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name));
28cc7bde
JH		 2748
2749 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
04124681 2750 data, len);
28cc7bde
JH		 2751 if (err < 0)
2752 goto failed;
2753
2754 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, data, len,
04124681 2755 sk);
28cc7bde 2756
b5235a65
JH		 2757 goto failed;
2758 }
2759
28cc7bde 2760 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
b312b161
JH		 2761 if (!cmd) {
2762 err = -ENOMEM;
2763 goto failed;
2764 }
2765
13928971
JH		 2766 memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name));
2767
890ea898 2768 hci_req_init(&req, hdev);
3f985050
JH		 2769
2770 if (lmp_bredr_capable(hdev)) {
2771 update_name(&req);
2772 update_eir(&req);
2773 }
2774
2775 if (lmp_le_capable(hdev))
2776 hci_update_ad(&req);
2777
13928971 2778 err = hci_req_run(&req, set_name_complete);
b312b161
JH		 2779 if (err < 0)
2780 mgmt_pending_remove(cmd);
2781
2782failed:
09fd0de5 2783 hci_dev_unlock(hdev);
b312b161
JH		 2784 return err;
2785}
2786
0f4e68cf 2787static int read_local_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2788 void *data, u16 data_len)
c35938b2 2789{
c35938b2
SJ		 2790 struct pending_cmd *cmd;
2791 int err;
2792
bdb6d971 2793 BT_DBG("%s", hdev->name);
c35938b2 2794
09fd0de5 2795 hci_dev_lock(hdev);
c35938b2 2796
4b34ee78 2797 if (!hdev_is_powered(hdev)) {
bdb6d971 2798 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2799 MGMT_STATUS_NOT_POWERED);
c35938b2
SJ		 2800 goto unlock;
2801 }
2802
9a1a1996 2803 if (!lmp_ssp_capable(hdev)) {
bdb6d971 2804 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2805 MGMT_STATUS_NOT_SUPPORTED);
c35938b2
SJ		 2806 goto unlock;
2807 }
2808
2e58ef3e 2809 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
bdb6d971 2810 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2811 MGMT_STATUS_BUSY);
c35938b2
SJ		 2812 goto unlock;
2813 }
2814
2e58ef3e 2815 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
c35938b2
SJ		 2816 if (!cmd) {
2817 err = -ENOMEM;
2818 goto unlock;
2819 }
2820
2821 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
2822 if (err < 0)
2823 mgmt_pending_remove(cmd);
2824
2825unlock:
09fd0de5 2826 hci_dev_unlock(hdev);
c35938b2
SJ		 2827 return err;
2828}
2829
bdb6d971 2830static int add_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2831 void *data, u16 len)
2763eda6 2832{
650f726d 2833 struct mgmt_cp_add_remote_oob_data *cp = data;
bf1e3541 2834 u8 status;
2763eda6
SJ		 2835 int err;
2836
bdb6d971 2837 BT_DBG("%s ", hdev->name);
2763eda6 2838
09fd0de5 2839 hci_dev_lock(hdev);
2763eda6 2840
664ce4cc 2841 err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, cp->hash,
04124681 2842 cp->randomizer);
2763eda6 2843 if (err < 0)
bf1e3541 2844 status = MGMT_STATUS_FAILED;
2763eda6 2845 else
a6785be2 2846 status = MGMT_STATUS_SUCCESS;
bf1e3541 2847
bdb6d971 2848 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA, status,
04124681 2849 &cp->addr, sizeof(cp->addr));
2763eda6 2850
09fd0de5 2851 hci_dev_unlock(hdev);
2763eda6
SJ		 2852 return err;
2853}
2854
bdb6d971 2855static int remove_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
8ce8e2b5 2856 void *data, u16 len)
2763eda6 2857{
650f726d 2858 struct mgmt_cp_remove_remote_oob_data *cp = data;
bf1e3541 2859 u8 status;
2763eda6
SJ		 2860 int err;
2861
bdb6d971 2862 BT_DBG("%s", hdev->name);
2763eda6 2863
09fd0de5 2864 hci_dev_lock(hdev);
2763eda6 2865
664ce4cc 2866 err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr);
2763eda6 2867 if (err < 0)
bf1e3541 2868 status = MGMT_STATUS_INVALID_PARAMS;
2763eda6 2869 else
a6785be2 2870 status = MGMT_STATUS_SUCCESS;
bf1e3541 2871
bdb6d971 2872 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
04124681 2873 status, &cp->addr, sizeof(cp->addr));
2763eda6 2874
09fd0de5 2875 hci_dev_unlock(hdev);
2763eda6
SJ		 2876 return err;
2877}
2878
41dc2bd6
AG		 2879static int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
2880{
2881 struct pending_cmd *cmd;
2882 u8 type;
2883 int err;
2884
2885 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2886
2887 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
2888 if (!cmd)
2889 return -ENOENT;
2890
2891 type = hdev->discovery.type;
2892
2893 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
2894 &type, sizeof(type));
2895 mgmt_pending_remove(cmd);
2896
2897 return err;
2898}
2899
7c307720
AG		 2900static void start_discovery_complete(struct hci_dev *hdev, u8 status)
2901{
2902 BT_DBG("status %d", status);
2903
2904 if (status) {
2905 hci_dev_lock(hdev);
2906 mgmt_start_discovery_failed(hdev, status);
2907 hci_dev_unlock(hdev);
2908 return;
2909 }
2910
2911 hci_dev_lock(hdev);
2912 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
2913 hci_dev_unlock(hdev);
2914
2915 switch (hdev->discovery.type) {
2916 case DISCOV_TYPE_LE:
2917 queue_delayed_work(hdev->workqueue, &hdev->le_scan_disable,
0d8cc935 2918 DISCOV_LE_TIMEOUT);
7c307720
AG		 2919 break;
2920
2921 case DISCOV_TYPE_INTERLEAVED:
2922 queue_delayed_work(hdev->workqueue, &hdev->le_scan_disable,
0d8cc935 2923 DISCOV_INTERLEAVED_TIMEOUT);
7c307720
AG		 2924 break;
2925
2926 case DISCOV_TYPE_BREDR:
2927 break;
2928
2929 default:
2930 BT_ERR("Invalid discovery type %d", hdev->discovery.type);
2931 }
2932}
2933
bdb6d971 2934static int start_discovery(struct sock *sk, struct hci_dev *hdev,
04124681 2935 void *data, u16 len)
14a53664 2936{
650f726d 2937 struct mgmt_cp_start_discovery *cp = data;
14a53664 2938 struct pending_cmd *cmd;
7c307720
AG		 2939 struct hci_cp_le_set_scan_param param_cp;
2940 struct hci_cp_le_set_scan_enable enable_cp;
2941 struct hci_cp_inquiry inq_cp;
2942 struct hci_request req;
2943 /* General inquiry access code (GIAC) */
2944 u8 lap[3] = { 0x33, 0x8b, 0x9e };
e6fe7986 2945 u8 status;
14a53664
JH		 2946 int err;
2947
bdb6d971 2948 BT_DBG("%s", hdev->name);
14a53664 2949
09fd0de5 2950 hci_dev_lock(hdev);
14a53664 2951
4b34ee78 2952 if (!hdev_is_powered(hdev)) {
bdb6d971 2953 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2954 MGMT_STATUS_NOT_POWERED);
bd2d1334
JH		 2955 goto failed;
2956 }
2957
642be6c7
AG		 2958 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags)) {
2959 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2960 MGMT_STATUS_BUSY);
2961 goto failed;
2962 }
2963
ff9ef578 2964 if (hdev->discovery.state != DISCOVERY_STOPPED) {
bdb6d971 2965 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2966 MGMT_STATUS_BUSY);
ff9ef578
JH		 2967 goto failed;
2968 }
2969
2e58ef3e 2970 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2971 if (!cmd) {
2972 err = -ENOMEM;
2973 goto failed;
2974 }
2975
4aab14e5
AG		 2976 hdev->discovery.type = cp->type;
2977
7c307720
AG		 2978 hci_req_init(&req, hdev);
2979
4aab14e5 2980 switch (hdev->discovery.type) {
f39799f5 2981 case DISCOV_TYPE_BREDR:
e6fe7986
JH		 2982 status = mgmt_bredr_support(hdev);
2983 if (status) {
04106755 2984 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
e6fe7986 2985 status);
04106755
JH		 2986 mgmt_pending_remove(cmd);
2987 goto failed;
2988 }
2989
7c307720
AG		 2990 if (test_bit(HCI_INQUIRY, &hdev->flags)) {
2991 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2992 MGMT_STATUS_BUSY);
2993 mgmt_pending_remove(cmd);
2994 goto failed;
2995 }
2996
2997 hci_inquiry_cache_flush(hdev);
2998
2999 memset(&inq_cp, 0, sizeof(inq_cp));
3000 memcpy(&inq_cp.lap, lap, sizeof(inq_cp.lap));
0d8cc935 3001 inq_cp.length = DISCOV_BREDR_INQUIRY_LEN;
7c307720 3002 hci_req_add(&req, HCI_OP_INQUIRY, sizeof(inq_cp), &inq_cp);
f39799f5
AG		 3003 break;
3004
3005 case DISCOV_TYPE_LE:
7c307720 3006 case DISCOV_TYPE_INTERLEAVED:
e6fe7986
JH		 3007 status = mgmt_le_support(hdev);
3008 if (status) {
04106755 3009 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
e6fe7986 3010 status);
04106755
JH		 3011 mgmt_pending_remove(cmd);
3012 goto failed;
3013 }
3014
7c307720 3015 if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED &&
56f87901 3016 !test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags)) {
04106755
JH		 3017 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
3018 MGMT_STATUS_NOT_SUPPORTED);
3019 mgmt_pending_remove(cmd);
3020 goto failed;
3021 }
3022
f3d3444a 3023 if (test_bit(HCI_ADVERTISING, &hdev->dev_flags)) {
7c307720
AG		 3024 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
3025 MGMT_STATUS_REJECTED);
3026 mgmt_pending_remove(cmd);
3027 goto failed;
3028 }
3029
3030 if (test_bit(HCI_LE_SCAN, &hdev->dev_flags)) {
3031 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
3032 MGMT_STATUS_BUSY);
3033 mgmt_pending_remove(cmd);
3034 goto failed;
3035 }
3036
3037 memset(&param_cp, 0, sizeof(param_cp));
3038 param_cp.type = LE_SCAN_ACTIVE;
0d8cc935
AG		 3039 param_cp.interval = cpu_to_le16(DISCOV_LE_SCAN_INT);
3040 param_cp.window = cpu_to_le16(DISCOV_LE_SCAN_WIN);
c25dfc61
MH		 3041 if (bacmp(&hdev->bdaddr, BDADDR_ANY))
3042 param_cp.own_address_type = ADDR_LE_DEV_PUBLIC;
3043 else
3044 param_cp.own_address_type = ADDR_LE_DEV_RANDOM;
7c307720
AG		 3045 hci_req_add(&req, HCI_OP_LE_SET_SCAN_PARAM, sizeof(param_cp),
3046 &param_cp);
3047
3048 memset(&enable_cp, 0, sizeof(enable_cp));
3049 enable_cp.enable = LE_SCAN_ENABLE;
3050 enable_cp.filter_dup = LE_SCAN_FILTER_DUP_ENABLE;
3051 hci_req_add(&req, HCI_OP_LE_SET_SCAN_ENABLE, sizeof(enable_cp),
3052 &enable_cp);
5e0452c0
AG		 3053 break;
3054
f39799f5 3055 default:
04106755
JH		 3056 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
3057 MGMT_STATUS_INVALID_PARAMS);
3058 mgmt_pending_remove(cmd);
3059 goto failed;
f39799f5 3060 }
3fd24153 3061
7c307720 3062 err = hci_req_run(&req, start_discovery_complete);
14a53664
JH		 3063 if (err < 0)
3064 mgmt_pending_remove(cmd);
ff9ef578
JH		 3065 else
3066 hci_discovery_set_state(hdev, DISCOVERY_STARTING);
14a53664
JH		 3067
3068failed:
09fd0de5 3069 hci_dev_unlock(hdev);
14a53664
JH		 3070 return err;
3071}
3072
1183fdca
AG		 3073static int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
3074{
3075 struct pending_cmd *cmd;
3076 int err;
3077
3078 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
3079 if (!cmd)
3080 return -ENOENT;
3081
3082 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
3083 &hdev->discovery.type, sizeof(hdev->discovery.type));
3084 mgmt_pending_remove(cmd);
3085
3086 return err;
3087}
3088
0e05bba6
AG		 3089static void stop_discovery_complete(struct hci_dev *hdev, u8 status)
3090{
3091 BT_DBG("status %d", status);
3092
3093 hci_dev_lock(hdev);
3094
3095 if (status) {
3096 mgmt_stop_discovery_failed(hdev, status);
3097 goto unlock;
3098 }
3099
3100 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3101
3102unlock:
3103 hci_dev_unlock(hdev);
3104}
3105
bdb6d971 3106static int stop_discovery(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 3107 u16 len)
14a53664 3108{
d930650b 3109 struct mgmt_cp_stop_discovery *mgmt_cp = data;
14a53664 3110 struct pending_cmd *cmd;
30dc78e1
JH		 3111 struct hci_cp_remote_name_req_cancel cp;
3112 struct inquiry_entry *e;
0e05bba6
AG		 3113 struct hci_request req;
3114 struct hci_cp_le_set_scan_enable enable_cp;
14a53664
JH		 3115 int err;
3116
bdb6d971 3117 BT_DBG("%s", hdev->name);
14a53664 3118
09fd0de5 3119 hci_dev_lock(hdev);
14a53664 3120
30dc78e1 3121 if (!hci_discovery_active(hdev)) {
bdb6d971 3122 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 3123 MGMT_STATUS_REJECTED, &mgmt_cp->type,
3124 sizeof(mgmt_cp->type));
d930650b
JH		 3125 goto unlock;
3126 }
3127
3128 if (hdev->discovery.type != mgmt_cp->type) {
bdb6d971 3129 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 3130 MGMT_STATUS_INVALID_PARAMS, &mgmt_cp->type,
3131 sizeof(mgmt_cp->type));
30dc78e1 3132 goto unlock;
ff9ef578
JH		 3133 }
3134
2e58ef3e 3135 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 3136 if (!cmd) {
3137 err = -ENOMEM;
30dc78e1
JH		 3138 goto unlock;
3139 }
3140
0e05bba6
AG		 3141 hci_req_init(&req, hdev);
3142
e0d9727e
AG		 3143 switch (hdev->discovery.state) {
3144 case DISCOVERY_FINDING:
0e05bba6
AG		 3145 if (test_bit(HCI_INQUIRY, &hdev->flags)) {
3146 hci_req_add(&req, HCI_OP_INQUIRY_CANCEL, 0, NULL);
3147 } else {
3148 cancel_delayed_work(&hdev->le_scan_disable);
3149
3150 memset(&enable_cp, 0, sizeof(enable_cp));
3151 enable_cp.enable = LE_SCAN_DISABLE;
3152 hci_req_add(&req, HCI_OP_LE_SET_SCAN_ENABLE,
3153 sizeof(enable_cp), &enable_cp);
3154 }
c9ecc48e 3155
e0d9727e
AG		 3156 break;
3157
3158 case DISCOVERY_RESOLVING:
3159 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY,
8ce8e2b5 3160 NAME_PENDING);
e0d9727e 3161 if (!e) {
30dc78e1 3162 mgmt_pending_remove(cmd);
e0d9727e
AG		 3163 err = cmd_complete(sk, hdev->id,
3164 MGMT_OP_STOP_DISCOVERY, 0,
3165 &mgmt_cp->type,
3166 sizeof(mgmt_cp->type));
3167 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3168 goto unlock;
3169 }
30dc78e1 3170
e0d9727e 3171 bacpy(&cp.bdaddr, &e->data.bdaddr);
0e05bba6
AG		 3172 hci_req_add(&req, HCI_OP_REMOTE_NAME_REQ_CANCEL, sizeof(cp),
3173 &cp);
e0d9727e
AG		 3174
3175 break;
3176
3177 default:
3178 BT_DBG("unknown discovery state %u", hdev->discovery.state);
0e05bba6
AG		 3179
3180 mgmt_pending_remove(cmd);
3181 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
3182 MGMT_STATUS_FAILED, &mgmt_cp->type,
3183 sizeof(mgmt_cp->type));
3184 goto unlock;
14a53664
JH		 3185 }
3186
0e05bba6 3187 err = hci_req_run(&req, stop_discovery_complete);
14a53664
JH		 3188 if (err < 0)
3189 mgmt_pending_remove(cmd);
ff9ef578
JH		 3190 else
3191 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
14a53664 3192
30dc78e1 3193unlock:
09fd0de5 3194 hci_dev_unlock(hdev);
14a53664
JH		 3195 return err;
3196}
3197
bdb6d971 3198static int confirm_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 3199 u16 len)
561aafbc 3200{
650f726d 3201 struct mgmt_cp_confirm_name *cp = data;
561aafbc 3202 struct inquiry_entry *e;
561aafbc
JH		 3203 int err;
3204
bdb6d971 3205 BT_DBG("%s", hdev->name);
561aafbc 3206
561aafbc
JH		 3207 hci_dev_lock(hdev);
3208
30dc78e1 3209 if (!hci_discovery_active(hdev)) {
bdb6d971 3210 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 3211 MGMT_STATUS_FAILED);
30dc78e1
JH		 3212 goto failed;
3213 }
3214
a198e7b1 3215 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->addr.bdaddr);
561aafbc 3216 if (!e) {
bdb6d971 3217 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 3218 MGMT_STATUS_INVALID_PARAMS);
561aafbc
JH		 3219 goto failed;
3220 }
3221
3222 if (cp->name_known) {
3223 e->name_state = NAME_KNOWN;
3224 list_del(&e->list);
3225 } else {
3226 e->name_state = NAME_NEEDED;
a3d4e20a 3227 hci_inquiry_cache_update_resolve(hdev, e);
561aafbc
JH		 3228 }
3229
e384662b
JH		 3230 err = cmd_complete(sk, hdev->id, MGMT_OP_CONFIRM_NAME, 0, &cp->addr,
3231 sizeof(cp->addr));
561aafbc
JH		 3232
3233failed:
3234 hci_dev_unlock(hdev);
561aafbc
JH		 3235 return err;
3236}
3237
bdb6d971 3238static int block_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 3239 u16 len)
7fbec224 3240{
650f726d 3241 struct mgmt_cp_block_device *cp = data;
f0eeea8b 3242 u8 status;
7fbec224
AJ		 3243 int err;
3244
bdb6d971 3245 BT_DBG("%s", hdev->name);
7fbec224 3246
4ee71b20 3247 if (!bdaddr_type_is_valid(cp->addr.type))
5d0846d4
JH		 3248 return cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE,
3249 MGMT_STATUS_INVALID_PARAMS,
3250 &cp->addr, sizeof(cp->addr));
4ee71b20 3251
09fd0de5 3252 hci_dev_lock(hdev);
5e762444 3253
88c1fe4b 3254 err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 3255 if (err < 0)
f0eeea8b 3256 status = MGMT_STATUS_FAILED;
7fbec224 3257 else
a6785be2 3258 status = MGMT_STATUS_SUCCESS;
f0eeea8b 3259
bdb6d971 3260 err = cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE, status,
04124681 3261 &cp->addr, sizeof(cp->addr));
5e762444 3262
09fd0de5 3263 hci_dev_unlock(hdev);
7fbec224
AJ		 3264
3265 return err;
3266}
3267
bdb6d971 3268static int unblock_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 3269 u16 len)
7fbec224 3270{
650f726d 3271 struct mgmt_cp_unblock_device *cp = data;
f0eeea8b 3272 u8 status;
7fbec224
AJ		 3273 int err;
3274
bdb6d971 3275 BT_DBG("%s", hdev->name);
7fbec224 3276
4ee71b20 3277 if (!bdaddr_type_is_valid(cp->addr.type))
5d0846d4
JH		 3278 return cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE,
3279 MGMT_STATUS_INVALID_PARAMS,
3280 &cp->addr, sizeof(cp->addr));
4ee71b20 3281
09fd0de5 3282 hci_dev_lock(hdev);
5e762444 3283
88c1fe4b 3284 err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 3285 if (err < 0)
f0eeea8b 3286 status = MGMT_STATUS_INVALID_PARAMS;
7fbec224 3287 else
a6785be2 3288 status = MGMT_STATUS_SUCCESS;
f0eeea8b 3289
bdb6d971 3290 err = cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE, status,
04124681 3291 &cp->addr, sizeof(cp->addr));
5e762444 3292
09fd0de5 3293 hci_dev_unlock(hdev);
7fbec224
AJ		 3294
3295 return err;
3296}
3297
cdbaccca
MH		 3298static int set_device_id(struct sock *sk, struct hci_dev *hdev, void *data,
3299 u16 len)
3300{
3301 struct mgmt_cp_set_device_id *cp = data;
890ea898 3302 struct hci_request req;
cdbaccca 3303 int err;
c72d4b8a 3304 __u16 source;
cdbaccca
MH		 3305
3306 BT_DBG("%s", hdev->name);
3307
c72d4b8a
SJ		 3308 source = __le16_to_cpu(cp->source);
3309
3310 if (source > 0x0002)
3311 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEVICE_ID,
3312 MGMT_STATUS_INVALID_PARAMS);
3313
cdbaccca
MH		 3314 hci_dev_lock(hdev);
3315
c72d4b8a 3316 hdev->devid_source = source;
cdbaccca
MH		 3317 hdev->devid_vendor = __le16_to_cpu(cp->vendor);
3318 hdev->devid_product = __le16_to_cpu(cp->product);
3319 hdev->devid_version = __le16_to_cpu(cp->version);
3320
3321 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEVICE_ID, 0, NULL, 0);
3322
890ea898
JH		 3323 hci_req_init(&req, hdev);
3324 update_eir(&req);
3325 hci_req_run(&req, NULL);
cdbaccca
MH		 3326
3327 hci_dev_unlock(hdev);
3328
3329 return err;
3330}
3331
4375f103
JH		 3332static void set_advertising_complete(struct hci_dev *hdev, u8 status)
3333{
3334 struct cmd_lookup match = { NULL, hdev };
3335
3336 if (status) {
3337 u8 mgmt_err = mgmt_status(status);
3338
3339 mgmt_pending_foreach(MGMT_OP_SET_ADVERTISING, hdev,
3340 cmd_status_rsp, &mgmt_err);
3341 return;
3342 }
3343
3344 mgmt_pending_foreach(MGMT_OP_SET_ADVERTISING, hdev, settings_rsp,
3345 &match);
3346
3347 new_settings(hdev, match.sk);
3348
3349 if (match.sk)
3350 sock_put(match.sk);
3351}
3352
21b5187f
MH		 3353static int set_advertising(struct sock *sk, struct hci_dev *hdev, void *data,
3354 u16 len)
4375f103
JH		 3355{
3356 struct mgmt_mode *cp = data;
3357 struct pending_cmd *cmd;
3358 struct hci_request req;
e6fe7986 3359 u8 val, enabled, status;
4375f103
JH		 3360 int err;
3361
3362 BT_DBG("request for %s", hdev->name);
3363
e6fe7986
JH		 3364 status = mgmt_le_support(hdev);
3365 if (status)
4375f103 3366 return cmd_status(sk, hdev->id, MGMT_OP_SET_ADVERTISING,
e6fe7986 3367 status);
4375f103
JH		 3368
3369 if (cp->val != 0x00 && cp->val != 0x01)
3370 return cmd_status(sk, hdev->id, MGMT_OP_SET_ADVERTISING,
3371 MGMT_STATUS_INVALID_PARAMS);
3372
3373 hci_dev_lock(hdev);
3374
3375 val = !!cp->val;
f3d3444a 3376 enabled = test_bit(HCI_ADVERTISING, &hdev->dev_flags);
4375f103 3377
f74ca9b8
JH		 3378 /* The following conditions are ones which mean that we should
3379 * not do any HCI communication but directly send a mgmt
3380 * response to user space (after toggling the flag if
3381 * necessary).
3382 */
3383 if (!hdev_is_powered(hdev) || val == enabled ||
b145edcd 3384 hci_conn_num(hdev, LE_LINK) > 0) {
4375f103
JH		 3385 bool changed = false;
3386
f3d3444a
JH		 3387 if (val != test_bit(HCI_ADVERTISING, &hdev->dev_flags)) {
3388 change_bit(HCI_ADVERTISING, &hdev->dev_flags);
4375f103
JH		 3389 changed = true;
3390 }
3391
3392 err = send_settings_rsp(sk, MGMT_OP_SET_ADVERTISING, hdev);
3393 if (err < 0)
3394 goto unlock;
3395
3396 if (changed)
3397 err = new_settings(hdev, sk);
3398
3399 goto unlock;
3400 }
3401
3402 if (mgmt_pending_find(MGMT_OP_SET_ADVERTISING, hdev) ||
3403 mgmt_pending_find(MGMT_OP_SET_LE, hdev)) {
3404 err = cmd_status(sk, hdev->id, MGMT_OP_SET_ADVERTISING,
3405 MGMT_STATUS_BUSY);
3406 goto unlock;
3407 }
3408
3409 cmd = mgmt_pending_add(sk, MGMT_OP_SET_ADVERTISING, hdev, data, len);
3410 if (!cmd) {
3411 err = -ENOMEM;
3412 goto unlock;
3413 }
3414
3415 hci_req_init(&req, hdev);
3416
bba3aa55
MH		 3417 if (val)
3418 enable_advertising(&req);
3419 else
3420 disable_advertising(&req);
4375f103
JH		 3421
3422 err = hci_req_run(&req, set_advertising_complete);
3423 if (err < 0)
3424 mgmt_pending_remove(cmd);
3425
3426unlock:
3427 hci_dev_unlock(hdev);
3428 return err;
3429}
3430
d13eafce
MH		 3431static int set_static_address(struct sock *sk, struct hci_dev *hdev,
3432 void *data, u16 len)
3433{
3434 struct mgmt_cp_set_static_address *cp = data;
3435 int err;
3436
3437 BT_DBG("%s", hdev->name);
3438
62af4443 3439 if (!lmp_le_capable(hdev))
d13eafce 3440 return cmd_status(sk, hdev->id, MGMT_OP_SET_STATIC_ADDRESS,
62af4443 3441 MGMT_STATUS_NOT_SUPPORTED);
d13eafce
MH		 3442
3443 if (hdev_is_powered(hdev))
3444 return cmd_status(sk, hdev->id, MGMT_OP_SET_STATIC_ADDRESS,
3445 MGMT_STATUS_REJECTED);
3446
3447 if (bacmp(&cp->bdaddr, BDADDR_ANY)) {
3448 if (!bacmp(&cp->bdaddr, BDADDR_NONE))
3449 return cmd_status(sk, hdev->id,
3450 MGMT_OP_SET_STATIC_ADDRESS,
3451 MGMT_STATUS_INVALID_PARAMS);
3452
3453 /* Two most significant bits shall be set */
3454 if ((cp->bdaddr.b[5] & 0xc0) != 0xc0)
3455 return cmd_status(sk, hdev->id,
3456 MGMT_OP_SET_STATIC_ADDRESS,
3457 MGMT_STATUS_INVALID_PARAMS);
3458 }
3459
3460 hci_dev_lock(hdev);
3461
3462 bacpy(&hdev->static_addr, &cp->bdaddr);
3463
3464 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_STATIC_ADDRESS, 0, NULL, 0);
3465
3466 hci_dev_unlock(hdev);
3467
3468 return err;
3469}
3470
14b49b9a
MH		 3471static int set_scan_params(struct sock *sk, struct hci_dev *hdev,
3472 void *data, u16 len)
3473{
3474 struct mgmt_cp_set_scan_params *cp = data;
3475 __u16 interval, window;
3476 int err;
3477
3478 BT_DBG("%s", hdev->name);
3479
3480 if (!lmp_le_capable(hdev))
3481 return cmd_status(sk, hdev->id, MGMT_OP_SET_SCAN_PARAMS,
3482 MGMT_STATUS_NOT_SUPPORTED);
3483
3484 interval = __le16_to_cpu(cp->interval);
3485
3486 if (interval < 0x0004 || interval > 0x4000)
3487 return cmd_status(sk, hdev->id, MGMT_OP_SET_SCAN_PARAMS,
3488 MGMT_STATUS_INVALID_PARAMS);
3489
3490 window = __le16_to_cpu(cp->window);
3491
3492 if (window < 0x0004 || window > 0x4000)
3493 return cmd_status(sk, hdev->id, MGMT_OP_SET_SCAN_PARAMS,
3494 MGMT_STATUS_INVALID_PARAMS);
3495
899e1075
MH		 3496 if (window > interval)
3497 return cmd_status(sk, hdev->id, MGMT_OP_SET_SCAN_PARAMS,
3498 MGMT_STATUS_INVALID_PARAMS);
3499
14b49b9a
MH		 3500 hci_dev_lock(hdev);
3501
3502 hdev->le_scan_interval = interval;
3503 hdev->le_scan_window = window;
3504
3505 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_SCAN_PARAMS, 0, NULL, 0);
3506
3507 hci_dev_unlock(hdev);
3508
3509 return err;
3510}
3511
33e38b3e
JH		 3512static void fast_connectable_complete(struct hci_dev *hdev, u8 status)
3513{
3514 struct pending_cmd *cmd;
3515
3516 BT_DBG("status 0x%02x", status);
3517
3518 hci_dev_lock(hdev);
3519
3520 cmd = mgmt_pending_find(MGMT_OP_SET_FAST_CONNECTABLE, hdev);
3521 if (!cmd)
3522 goto unlock;
3523
3524 if (status) {
3525 cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
3526 mgmt_status(status));
3527 } else {
1a4d3c4b
JH		 3528 struct mgmt_mode *cp = cmd->param;
3529
3530 if (cp->val)
3531 set_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags);
3532 else
3533 clear_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags);
3534
33e38b3e
JH		 3535 send_settings_rsp(cmd->sk, MGMT_OP_SET_FAST_CONNECTABLE, hdev);
3536 new_settings(hdev, cmd->sk);
3537 }
3538
3539 mgmt_pending_remove(cmd);
3540
3541unlock:
3542 hci_dev_unlock(hdev);
3543}
3544
bdb6d971 3545static int set_fast_connectable(struct sock *sk, struct hci_dev *hdev,
04124681 3546 void *data, u16 len)
f6422ec6 3547{
650f726d 3548 struct mgmt_mode *cp = data;
33e38b3e
JH		 3549 struct pending_cmd *cmd;
3550 struct hci_request req;
f6422ec6
AJ		 3551 int err;
3552
bdb6d971 3553 BT_DBG("%s", hdev->name);
f6422ec6 3554
56f87901
JH		 3555 if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags) ||
3556 hdev->hci_ver < BLUETOOTH_VER_1_2)
33c525c0
JH		 3557 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
3558 MGMT_STATUS_NOT_SUPPORTED);
3559
a7e80f25
JH		 3560 if (cp->val != 0x00 && cp->val != 0x01)
3561 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
3562 MGMT_STATUS_INVALID_PARAMS);
3563
5400c044 3564 if (!hdev_is_powered(hdev))
bdb6d971 3565 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 3566 MGMT_STATUS_NOT_POWERED);
5400c044
JH		 3567
3568 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
bdb6d971 3569 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 3570 MGMT_STATUS_REJECTED);
f6422ec6
AJ		 3571
3572 hci_dev_lock(hdev);
3573
05cbf29f
JH		 3574 if (mgmt_pending_find(MGMT_OP_SET_FAST_CONNECTABLE, hdev)) {
3575 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
3576 MGMT_STATUS_BUSY);
3577 goto unlock;
3578 }
3579
1a4d3c4b
JH		 3580 if (!!cp->val == test_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags)) {
3581 err = send_settings_rsp(sk, MGMT_OP_SET_FAST_CONNECTABLE,
3582 hdev);
3583 goto unlock;
3584 }
3585
33e38b3e
JH		 3586 cmd = mgmt_pending_add(sk, MGMT_OP_SET_FAST_CONNECTABLE, hdev,
3587 data, len);
3588 if (!cmd) {
3589 err = -ENOMEM;
3590 goto unlock;
f6422ec6
AJ		 3591 }
3592
33e38b3e
JH		 3593 hci_req_init(&req, hdev);
3594
406d7804 3595 write_fast_connectable(&req, cp->val);
33e38b3e
JH		 3596
3597 err = hci_req_run(&req, fast_connectable_complete);
f6422ec6 3598 if (err < 0) {
bdb6d971 3599 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 3600 MGMT_STATUS_FAILED);
33e38b3e 3601 mgmt_pending_remove(cmd);
f6422ec6
AJ		 3602 }
3603
33e38b3e 3604unlock:
f6422ec6 3605 hci_dev_unlock(hdev);
33e38b3e 3606
f6422ec6
AJ		 3607 return err;
3608}
3609
67e5a7a3
JH		 3610static void set_bredr_scan(struct hci_request *req)
3611{
3612 struct hci_dev *hdev = req->hdev;
3613 u8 scan = 0;
3614
3615 /* Ensure that fast connectable is disabled. This function will
3616 * not do anything if the page scan parameters are already what
3617 * they should be.
3618 */
3619 write_fast_connectable(req, false);
3620
3621 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
3622 scan |= SCAN_PAGE;
3623 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
3624 scan |= SCAN_INQUIRY;
3625
3626 if (scan)
3627 hci_req_add(req, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
3628}
3629
0663ca2a
JH		 3630static void set_bredr_complete(struct hci_dev *hdev, u8 status)
3631{
3632 struct pending_cmd *cmd;
3633
3634 BT_DBG("status 0x%02x", status);
3635
3636 hci_dev_lock(hdev);
3637
3638 cmd = mgmt_pending_find(MGMT_OP_SET_BREDR, hdev);
3639 if (!cmd)
3640 goto unlock;
3641
3642 if (status) {
3643 u8 mgmt_err = mgmt_status(status);
3644
3645 /* We need to restore the flag if related HCI commands
3646 * failed.
3647 */
3648 clear_bit(HCI_BREDR_ENABLED, &hdev->dev_flags);
3649
3650 cmd_status(cmd->sk, cmd->index, cmd->opcode, mgmt_err);
3651 } else {
3652 send_settings_rsp(cmd->sk, MGMT_OP_SET_BREDR, hdev);
3653 new_settings(hdev, cmd->sk);
3654 }
3655
3656 mgmt_pending_remove(cmd);
3657
3658unlock:
3659 hci_dev_unlock(hdev);
3660}
3661
3662static int set_bredr(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
3663{
3664 struct mgmt_mode *cp = data;
3665 struct pending_cmd *cmd;
3666 struct hci_request req;
3667 int err;
3668
3669 BT_DBG("request for %s", hdev->name);
3670
3671 if (!lmp_bredr_capable(hdev) || !lmp_le_capable(hdev))
3672 return cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR,
3673 MGMT_STATUS_NOT_SUPPORTED);
3674
3675 if (!test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3676 return cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR,
3677 MGMT_STATUS_REJECTED);
3678
3679 if (cp->val != 0x00 && cp->val != 0x01)
3680 return cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR,
3681 MGMT_STATUS_INVALID_PARAMS);
3682
3683 hci_dev_lock(hdev);
3684
3685 if (cp->val == test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags)) {
3686 err = send_settings_rsp(sk, MGMT_OP_SET_BREDR, hdev);
3687 goto unlock;
3688 }
3689
3690 if (!hdev_is_powered(hdev)) {
3691 if (!cp->val) {
0663ca2a
JH		 3692 clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
3693 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
3694 clear_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
3695 clear_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags);
3696 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
3697 }
3698
3699 change_bit(HCI_BREDR_ENABLED, &hdev->dev_flags);
3700
3701 err = send_settings_rsp(sk, MGMT_OP_SET_BREDR, hdev);
3702 if (err < 0)
3703 goto unlock;
3704
3705 err = new_settings(hdev, sk);
3706 goto unlock;
3707 }
3708
3709 /* Reject disabling when powered on */
3710 if (!cp->val) {
3711 err = cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR,
3712 MGMT_STATUS_REJECTED);
3713 goto unlock;
3714 }
3715
3716 if (mgmt_pending_find(MGMT_OP_SET_BREDR, hdev)) {
3717 err = cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR,
3718 MGMT_STATUS_BUSY);
3719 goto unlock;
3720 }
3721
3722 cmd = mgmt_pending_add(sk, MGMT_OP_SET_BREDR, hdev, data, len);
3723 if (!cmd) {
3724 err = -ENOMEM;
3725 goto unlock;
3726 }
3727
3728 /* We need to flip the bit already here so that hci_update_ad
3729 * generates the correct flags.
3730 */
3731 set_bit(HCI_BREDR_ENABLED, &hdev->dev_flags);
3732
3733 hci_req_init(&req, hdev);
aa8af46e
JH		 3734
3735 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
3736 set_bredr_scan(&req);
3737
0663ca2a 3738 hci_update_ad(&req);
aa8af46e 3739
0663ca2a
JH		 3740 err = hci_req_run(&req, set_bredr_complete);
3741 if (err < 0)
3742 mgmt_pending_remove(cmd);
3743
3744unlock:
3745 hci_dev_unlock(hdev);
3746 return err;
3747}
3748
3f706b72
JH		 3749static bool ltk_is_valid(struct mgmt_ltk_info *key)
3750{
44b20d33
JH		 3751 if (key->authenticated != 0x00 && key->authenticated != 0x01)
3752 return false;
3f706b72
JH		 3753 if (key->master != 0x00 && key->master != 0x01)
3754 return false;
4ee71b20
JH		 3755 if (!bdaddr_type_is_le(key->addr.type))
3756 return false;
3f706b72
JH		 3757 return true;
3758}
3759
bdb6d971 3760static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
04124681 3761 void *cp_data, u16 len)
346af67b 3762{
346af67b
VCG		 3763 struct mgmt_cp_load_long_term_keys *cp = cp_data;
3764 u16 key_count, expected_len;
715a5bf2 3765 int i, err;
346af67b 3766
cf99ba13
MH		 3767 BT_DBG("request for %s", hdev->name);
3768
3769 if (!lmp_le_capable(hdev))
3770 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS,
3771 MGMT_STATUS_NOT_SUPPORTED);
3772
1f350c87 3773 key_count = __le16_to_cpu(cp->key_count);
346af67b
VCG		 3774
3775 expected_len = sizeof(*cp) + key_count *
3776 sizeof(struct mgmt_ltk_info);
3777 if (expected_len != len) {
3778 BT_ERR("load_keys: expected %u bytes, got %u bytes",
8ce8e2b5 3779 len, expected_len);
bdb6d971 3780 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS,
e57e619f 3781 MGMT_STATUS_INVALID_PARAMS);
346af67b
VCG		 3782 }
3783
bdb6d971 3784 BT_DBG("%s key_count %u", hdev->name, key_count);
346af67b 3785
54ad6d8a
JH		 3786 for (i = 0; i < key_count; i++) {
3787 struct mgmt_ltk_info *key = &cp->keys[i];
3788
3f706b72 3789 if (!ltk_is_valid(key))
54ad6d8a
JH		 3790 return cmd_status(sk, hdev->id,
3791 MGMT_OP_LOAD_LONG_TERM_KEYS,
3792 MGMT_STATUS_INVALID_PARAMS);
3793 }
3794
346af67b
VCG		 3795 hci_dev_lock(hdev);
3796
3797 hci_smp_ltks_clear(hdev);
3798
3799 for (i = 0; i < key_count; i++) {
3800 struct mgmt_ltk_info *key = &cp->keys[i];
79d95a19
MH		 3801 u8 type, addr_type;
3802
3803 if (key->addr.type == BDADDR_LE_PUBLIC)
3804 addr_type = ADDR_LE_DEV_PUBLIC;
3805 else
3806 addr_type = ADDR_LE_DEV_RANDOM;
346af67b
VCG		 3807
3808 if (key->master)
3809 type = HCI_SMP_LTK;
3810 else
3811 type = HCI_SMP_LTK_SLAVE;
3812
79d95a19 3813 hci_add_ltk(hdev, &key->addr.bdaddr, addr_type,
04124681
GP		 3814 type, 0, key->authenticated, key->val,
3815 key->enc_size, key->ediv, key->rand);
346af67b
VCG		 3816 }
3817
715a5bf2
JH		 3818 err = cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS, 0,
3819 NULL, 0);
3820
346af67b 3821 hci_dev_unlock(hdev);
346af67b 3822
715a5bf2 3823 return err;
346af67b
VCG		 3824}
3825
2e3c35ea 3826static const struct mgmt_handler {
04124681
GP		 3827 int (*func) (struct sock *sk, struct hci_dev *hdev, void *data,
3828 u16 data_len);
be22b54e
JH		 3829 bool var_len;
3830 size_t data_len;
0f4e68cf
JH		 3831} mgmt_handlers[] = {
3832 { NULL }, /* 0x0000 (no command) */
be22b54e
JH		 3833 { read_version, false, MGMT_READ_VERSION_SIZE },
3834 { read_commands, false, MGMT_READ_COMMANDS_SIZE },
3835 { read_index_list, false, MGMT_READ_INDEX_LIST_SIZE },
3836 { read_controller_info, false, MGMT_READ_INFO_SIZE },
3837 { set_powered, false, MGMT_SETTING_SIZE },
3838 { set_discoverable, false, MGMT_SET_DISCOVERABLE_SIZE },
3839 { set_connectable, false, MGMT_SETTING_SIZE },
3840 { set_fast_connectable, false, MGMT_SETTING_SIZE },
3841 { set_pairable, false, MGMT_SETTING_SIZE },
3842 { set_link_security, false, MGMT_SETTING_SIZE },
3843 { set_ssp, false, MGMT_SETTING_SIZE },
3844 { set_hs, false, MGMT_SETTING_SIZE },
3845 { set_le, false, MGMT_SETTING_SIZE },
3846 { set_dev_class, false, MGMT_SET_DEV_CLASS_SIZE },
3847 { set_local_name, false, MGMT_SET_LOCAL_NAME_SIZE },
3848 { add_uuid, false, MGMT_ADD_UUID_SIZE },
3849 { remove_uuid, false, MGMT_REMOVE_UUID_SIZE },
3850 { load_link_keys, true, MGMT_LOAD_LINK_KEYS_SIZE },
3851 { load_long_term_keys, true, MGMT_LOAD_LONG_TERM_KEYS_SIZE },
3852 { disconnect, false, MGMT_DISCONNECT_SIZE },
3853 { get_connections, false, MGMT_GET_CONNECTIONS_SIZE },
3854 { pin_code_reply, false, MGMT_PIN_CODE_REPLY_SIZE },
3855 { pin_code_neg_reply, false, MGMT_PIN_CODE_NEG_REPLY_SIZE },
3856 { set_io_capability, false, MGMT_SET_IO_CAPABILITY_SIZE },
3857 { pair_device, false, MGMT_PAIR_DEVICE_SIZE },
3858 { cancel_pair_device, false, MGMT_CANCEL_PAIR_DEVICE_SIZE },
3859 { unpair_device, false, MGMT_UNPAIR_DEVICE_SIZE },
3860 { user_confirm_reply, false, MGMT_USER_CONFIRM_REPLY_SIZE },
3861 { user_confirm_neg_reply, false, MGMT_USER_CONFIRM_NEG_REPLY_SIZE },
3862 { user_passkey_reply, false, MGMT_USER_PASSKEY_REPLY_SIZE },
3863 { user_passkey_neg_reply, false, MGMT_USER_PASSKEY_NEG_REPLY_SIZE },
3864 { read_local_oob_data, false, MGMT_READ_LOCAL_OOB_DATA_SIZE },
3865 { add_remote_oob_data, false, MGMT_ADD_REMOTE_OOB_DATA_SIZE },
3866 { remove_remote_oob_data, false, MGMT_REMOVE_REMOTE_OOB_DATA_SIZE },
3867 { start_discovery, false, MGMT_START_DISCOVERY_SIZE },
3868 { stop_discovery, false, MGMT_STOP_DISCOVERY_SIZE },
3869 { confirm_name, false, MGMT_CONFIRM_NAME_SIZE },
3870 { block_device, false, MGMT_BLOCK_DEVICE_SIZE },
3871 { unblock_device, false, MGMT_UNBLOCK_DEVICE_SIZE },
cdbaccca 3872 { set_device_id, false, MGMT_SET_DEVICE_ID_SIZE },
4375f103 3873 { set_advertising, false, MGMT_SETTING_SIZE },
0663ca2a 3874 { set_bredr, false, MGMT_SETTING_SIZE },
d13eafce 3875 { set_static_address, false, MGMT_SET_STATIC_ADDRESS_SIZE },
14b49b9a 3876 { set_scan_params, false, MGMT_SET_SCAN_PARAMS_SIZE },
0f4e68cf
JH		 3877};
3878
3879
0381101f
JH		 3880int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
3881{
650f726d
VCG		 3882 void *buf;
3883 u8 *cp;
0381101f 3884 struct mgmt_hdr *hdr;
4e51eae9 3885 u16 opcode, index, len;
bdb6d971 3886 struct hci_dev *hdev = NULL;
2e3c35ea 3887 const struct mgmt_handler *handler;
0381101f
JH		 3888 int err;
3889
3890 BT_DBG("got %zu bytes", msglen);
3891
3892 if (msglen < sizeof(*hdr))
3893 return -EINVAL;
3894
e63a15ec 3895 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 3896 if (!buf)
3897 return -ENOMEM;
3898
3899 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
3900 err = -EFAULT;
3901 goto done;
3902 }
3903
650f726d 3904 hdr = buf;
1f350c87
MH		 3905 opcode = __le16_to_cpu(hdr->opcode);
3906 index = __le16_to_cpu(hdr->index);
3907 len = __le16_to_cpu(hdr->len);
0381101f
JH		 3908
3909 if (len != msglen - sizeof(*hdr)) {
3910 err = -EINVAL;
3911 goto done;
3912 }
3913
0f4e68cf 3914 if (index != MGMT_INDEX_NONE) {
bdb6d971
JH		 3915 hdev = hci_dev_get(index);
3916 if (!hdev) {
3917 err = cmd_status(sk, index, opcode,
04124681 3918 MGMT_STATUS_INVALID_INDEX);
bdb6d971
JH		 3919 goto done;
3920 }
0736cfa8 3921
cebf4cfd
JH		 3922 if (test_bit(HCI_SETUP, &hdev->dev_flags) ||
3923 test_bit(HCI_USER_CHANNEL, &hdev->dev_flags)) {
0736cfa8
MH		 3924 err = cmd_status(sk, index, opcode,
3925 MGMT_STATUS_INVALID_INDEX);
3926 goto done;
3927 }
bdb6d971
JH		 3928 }
3929
0f4e68cf 3930 if (opcode >= ARRAY_SIZE(mgmt_handlers) ||
8ce8e2b5 3931 mgmt_handlers[opcode].func == NULL) {
0381101f 3932 BT_DBG("Unknown op %u", opcode);
ca69b795 3933 err = cmd_status(sk, index, opcode,
04124681 3934 MGMT_STATUS_UNKNOWN_COMMAND);
0f4e68cf
JH		 3935 goto done;
3936 }
3937
3938 if ((hdev && opcode < MGMT_OP_READ_INFO) ||
8ce8e2b5 3939 (!hdev && opcode >= MGMT_OP_READ_INFO)) {
0f4e68cf 3940 err = cmd_status(sk, index, opcode,
04124681 3941 MGMT_STATUS_INVALID_INDEX);
0f4e68cf 3942 goto done;
0381101f
JH		 3943 }
3944
be22b54e
JH		 3945 handler = &mgmt_handlers[opcode];
3946
3947 if ((handler->var_len && len < handler->data_len) ||
8ce8e2b5 3948 (!handler->var_len && len != handler->data_len)) {
be22b54e 3949 err = cmd_status(sk, index, opcode,
04124681 3950 MGMT_STATUS_INVALID_PARAMS);
be22b54e
JH		 3951 goto done;
3952 }
3953
0f4e68cf
JH		 3954 if (hdev)
3955 mgmt_init_hdev(sk, hdev);
3956
3957 cp = buf + sizeof(*hdr);
3958
be22b54e 3959 err = handler->func(sk, hdev, cp, len);
e41d8b4e
JH		 3960 if (err < 0)
3961 goto done;
3962
0381101f
JH		 3963 err = msglen;
3964
3965done:
bdb6d971
JH		 3966 if (hdev)
3967 hci_dev_put(hdev);
3968
0381101f
JH		 3969 kfree(buf);
3970 return err;
3971}
c71e97bf 3972
bf6b56db 3973void mgmt_index_added(struct hci_dev *hdev)
c71e97bf 3974{
1514b892 3975 if (hdev->dev_type != HCI_BREDR)
bf6b56db 3976 return;
bb4b2a9a 3977
bf6b56db 3978 mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
c71e97bf
JH		 3979}
3980
bf6b56db 3981void mgmt_index_removed(struct hci_dev *hdev)
c71e97bf 3982{
5f159032 3983 u8 status = MGMT_STATUS_INVALID_INDEX;
b24752fe 3984
1514b892 3985 if (hdev->dev_type != HCI_BREDR)
bf6b56db 3986 return;
bb4b2a9a 3987
744cf19e 3988 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe 3989
bf6b56db 3990 mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
eec8d2bc
JH		 3991}
3992
229ab39c
JH		 3993static void powered_complete(struct hci_dev *hdev, u8 status)
3994{
3995 struct cmd_lookup match = { NULL, hdev };
3996
3997 BT_DBG("status 0x%02x", status);
3998
3999 hci_dev_lock(hdev);
4000
4001 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
4002
4003 new_settings(hdev, match.sk);
4004
4005 hci_dev_unlock(hdev);
4006
4007 if (match.sk)
4008 sock_put(match.sk);
4009}
4010
70da6243 4011static int powered_update_hci(struct hci_dev *hdev)
5add6af8 4012{
890ea898 4013 struct hci_request req;
70da6243 4014 u8 link_sec;
5add6af8 4015
890ea898
JH		 4016 hci_req_init(&req, hdev);
4017
70da6243
JH		 4018 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) &&
4019 !lmp_host_ssp_capable(hdev)) {
4020 u8 ssp = 1;
5e5282bb 4021
890ea898 4022 hci_req_add(&req, HCI_OP_WRITE_SSP_MODE, 1, &ssp);
70da6243 4023 }
5add6af8 4024
c73eee91
JH		 4025 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags) &&
4026 lmp_bredr_capable(hdev)) {
70da6243 4027 struct hci_cp_write_le_host_supported cp;
f0ff92fb 4028
70da6243
JH		 4029 cp.le = 1;
4030 cp.simul = lmp_le_br_capable(hdev);
3d1cbdd6 4031
70da6243
JH		 4032 /* Check first if we already have the right
4033 * host state (host features set)
4034 */
4035 if (cp.le != lmp_host_le_capable(hdev) ||
4036 cp.simul != lmp_host_le_br_capable(hdev))
890ea898
JH		 4037 hci_req_add(&req, HCI_OP_WRITE_LE_HOST_SUPPORTED,
4038 sizeof(cp), &cp);
0663ca2a
JH		 4039
4040 /* In case BR/EDR was toggled during the AUTO_OFF phase */
4041 hci_update_ad(&req);
70da6243 4042 }
3d1cbdd6 4043
d13eafce
MH		 4044 if (lmp_le_capable(hdev)) {
4045 /* Set random address to static address if configured */
4046 if (bacmp(&hdev->static_addr, BDADDR_ANY))
4047 hci_req_add(&req, HCI_OP_LE_SET_RANDOM_ADDR, 6,
4048 &hdev->static_addr);
eeca6f89 4049
bba3aa55
MH		 4050 if (test_bit(HCI_ADVERTISING, &hdev->dev_flags))
4051 enable_advertising(&req);
eeca6f89
JH		 4052 }
4053
70da6243
JH		 4054 link_sec = test_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
4055 if (link_sec != test_bit(HCI_AUTH, &hdev->flags))
890ea898
JH		 4056 hci_req_add(&req, HCI_OP_WRITE_AUTH_ENABLE,
4057 sizeof(link_sec), &link_sec);
562fcc24 4058
70da6243 4059 if (lmp_bredr_capable(hdev)) {
56f87901
JH		 4060 if (test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags))
4061 set_bredr_scan(&req);
890ea898 4062 update_class(&req);
13928971 4063 update_name(&req);
890ea898 4064 update_eir(&req);
70da6243 4065 }
562fcc24 4066
229ab39c 4067 return hci_req_run(&req, powered_complete);
70da6243 4068}
562fcc24 4069
70da6243
JH		 4070int mgmt_powered(struct hci_dev *hdev, u8 powered)
4071{
4072 struct cmd_lookup match = { NULL, hdev };
229ab39c
JH		 4073 u8 status_not_powered = MGMT_STATUS_NOT_POWERED;
4074 u8 zero_cod[] = { 0, 0, 0 };
70da6243 4075 int err;
f0ff92fb 4076
70da6243
JH		 4077 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
4078 return 0;
4079
70da6243 4080 if (powered) {
229ab39c
JH		 4081 if (powered_update_hci(hdev) == 0)
4082 return 0;
fe038884 4083
229ab39c
JH		 4084 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp,
4085 &match);
4086 goto new_settings;
b24752fe
JH		 4087 }
4088
229ab39c
JH		 4089 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
4090 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status_not_powered);
4091
4092 if (memcmp(hdev->dev_class, zero_cod, sizeof(zero_cod)) != 0)
4093 mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev,
4094 zero_cod, sizeof(zero_cod), NULL);
4095
4096new_settings:
beadb2bd 4097 err = new_settings(hdev, match.sk);
eec8d2bc
JH		 4098
4099 if (match.sk)
4100 sock_put(match.sk);
4101
7bb895d6 4102 return err;
5add6af8 4103}
73f22f62 4104
3eec705e 4105void mgmt_set_powered_failed(struct hci_dev *hdev, int err)
96570ffc
JH		 4106{
4107 struct pending_cmd *cmd;
4108 u8 status;
4109
4110 cmd = mgmt_pending_find(MGMT_OP_SET_POWERED, hdev);
4111 if (!cmd)
3eec705e 4112 return;
96570ffc
JH		 4113
4114 if (err == -ERFKILL)
4115 status = MGMT_STATUS_RFKILLED;
4116 else
4117 status = MGMT_STATUS_FAILED;
4118
3eec705e 4119 cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_POWERED, status);
96570ffc
JH		 4120
4121 mgmt_pending_remove(cmd);
96570ffc
JH		 4122}
4123
744cf19e 4124int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
73f22f62 4125{
5e5282bb
JH		 4126 bool changed = false;
4127 int err = 0;
73f22f62 4128
bfaf8c9f
JH		 4129 /* Nothing needed here if there's a pending command since that
4130 * commands request completion callback takes care of everything
4131 * necessary.
4132 */
4133 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev))
4134 return 0;
4135
5e5282bb
JH		 4136 if (discoverable) {
4137 if (!test_and_set_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
4138 changed = true;
4139 } else {
4140 if (test_and_clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
4141 changed = true;
4142 }
73f22f62 4143
beadb2bd 4144 if (changed)
bfaf8c9f 4145 err = new_settings(hdev, NULL);
73f22f62 4146
7bb895d6 4147 return err;
73f22f62 4148}
9fbcbb45 4149
744cf19e 4150int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
9fbcbb45 4151{
5e5282bb
JH		 4152 bool changed = false;
4153 int err = 0;
9fbcbb45 4154
d7b856f9
JH		 4155 /* Nothing needed here if there's a pending command since that
4156 * commands request completion callback takes care of everything
4157 * necessary.
4158 */
4159 if (mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev))
4160 return 0;
4161
5e5282bb
JH		 4162 if (connectable) {
4163 if (!test_and_set_bit(HCI_CONNECTABLE, &hdev->dev_flags))
4164 changed = true;
4165 } else {
4166 if (test_and_clear_bit(HCI_CONNECTABLE, &hdev->dev_flags))
4167 changed = true;
4168 }
9fbcbb45 4169
beadb2bd 4170 if (changed)
d7b856f9 4171 err = new_settings(hdev, NULL);
9fbcbb45 4172
7bb895d6 4173 return err;
9fbcbb45 4174}
55ed8ca1 4175
744cf19e 4176int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2d7cee58 4177{
ca69b795
JH		 4178 u8 mgmt_err = mgmt_status(status);
4179
2d7cee58 4180 if (scan & SCAN_PAGE)
744cf19e 4181 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
04124681 4182 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 4183
4184 if (scan & SCAN_INQUIRY)
744cf19e 4185 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
04124681 4186 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 4187
4188 return 0;
4189}
4190
53168e5b
CC		 4191int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
4192 bool persistent)
55ed8ca1 4193{
86742e1e 4194 struct mgmt_ev_new_link_key ev;
55ed8ca1 4195
a492cd52 4196 memset(&ev, 0, sizeof(ev));
55ed8ca1 4197
a492cd52 4198 ev.store_hint = persistent;
d753fdc4 4199 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
591f47f3 4200 ev.key.addr.type = BDADDR_BREDR;
a492cd52 4201 ev.key.type = key->type;
9b3b4460 4202 memcpy(ev.key.val, key->val, HCI_LINK_KEY_SIZE);
a492cd52 4203 ev.key.pin_len = key->pin_len;
55ed8ca1 4204
744cf19e 4205 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
55ed8ca1 4206}
f7520543 4207
346af67b
VCG		 4208int mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key, u8 persistent)
4209{
4210 struct mgmt_ev_new_long_term_key ev;
4211
4212 memset(&ev, 0, sizeof(ev));
4213
4214 ev.store_hint = persistent;
4215 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
57c1477c 4216 ev.key.addr.type = link_to_bdaddr(LE_LINK, key->bdaddr_type);
346af67b
VCG		 4217 ev.key.authenticated = key->authenticated;
4218 ev.key.enc_size = key->enc_size;
4219 ev.key.ediv = key->ediv;
4220
4221 if (key->type == HCI_SMP_LTK)
4222 ev.key.master = 1;
4223
4224 memcpy(ev.key.rand, key->rand, sizeof(key->rand));
4225 memcpy(ev.key.val, key->val, sizeof(key->val));
4226
04124681
GP		 4227 return mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY, hdev, &ev, sizeof(ev),
4228 NULL);
346af67b
VCG		 4229}
4230
ecd90ae7
MH		 4231void mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
4232 u8 addr_type, u32 flags, u8 *name, u8 name_len,
4233 u8 *dev_class)
f7520543 4234{
b644ba33
JH		 4235 char buf[512];
4236 struct mgmt_ev_device_connected *ev = (void *) buf;
4237 u16 eir_len = 0;
f7520543 4238
b644ba33 4239 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 4240 ev->addr.type = link_to_bdaddr(link_type, addr_type);
f7520543 4241
c95f0ba7 4242 ev->flags = __cpu_to_le32(flags);
08c79b61 4243
b644ba33
JH		 4244 if (name_len > 0)
4245 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE,
04124681 4246 name, name_len);
b644ba33
JH		 4247
4248 if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0)
53156385 4249 eir_len = eir_append_data(ev->eir, eir_len,
04124681 4250 EIR_CLASS_OF_DEV, dev_class, 3);
b644ba33 4251
eb55ef07 4252 ev->eir_len = cpu_to_le16(eir_len);
b644ba33 4253
ecd90ae7
MH		 4254 mgmt_event(MGMT_EV_DEVICE_CONNECTED, hdev, buf,
4255 sizeof(*ev) + eir_len, NULL);
f7520543
JH		 4256}
4257
8962ee74
JH		 4258static void disconnect_rsp(struct pending_cmd *cmd, void *data)
4259{
c68fb7ff 4260 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 4261 struct sock **sk = data;
a38528f1 4262 struct mgmt_rp_disconnect rp;
8962ee74 4263
88c3df13
JH		 4264 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
4265 rp.addr.type = cp->addr.type;
8962ee74 4266
aee9b218 4267 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, 0, &rp,
04124681 4268 sizeof(rp));
8962ee74
JH		 4269
4270 *sk = cmd->sk;
4271 sock_hold(*sk);
4272
a664b5bc 4273 mgmt_pending_remove(cmd);
8962ee74
JH		 4274}
4275
124f6e35 4276static void unpair_device_rsp(struct pending_cmd *cmd, void *data)
a8a1d19e 4277{
b1078ad0 4278 struct hci_dev *hdev = data;
124f6e35
JH		 4279 struct mgmt_cp_unpair_device *cp = cmd->param;
4280 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 4281
4282 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 4283 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
4284 rp.addr.type = cp->addr.type;
a8a1d19e 4285
b1078ad0
JH		 4286 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, cmd->sk);
4287
aee9b218 4288 cmd_complete(cmd->sk, cmd->index, cmd->opcode, 0, &rp, sizeof(rp));
a8a1d19e
JH		 4289
4290 mgmt_pending_remove(cmd);
4291}
4292
9b80ec5e
MH		 4293void mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr,
4294 u8 link_type, u8 addr_type, u8 reason)
f7520543 4295{
f0d6a0ea 4296 struct mgmt_ev_device_disconnected ev;
8962ee74 4297 struct sock *sk = NULL;
8962ee74 4298
744cf19e 4299 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
f7520543 4300
f0d6a0ea
MA		 4301 bacpy(&ev.addr.bdaddr, bdaddr);
4302 ev.addr.type = link_to_bdaddr(link_type, addr_type);
4303 ev.reason = reason;
f7520543 4304
9b80ec5e 4305 mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev), sk);
8962ee74
JH		 4306
4307 if (sk)
d97dcb66 4308 sock_put(sk);
8962ee74 4309
124f6e35 4310 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
04124681 4311 hdev);
8962ee74
JH		 4312}
4313
7892924c
MH		 4314void mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr,
4315 u8 link_type, u8 addr_type, u8 status)
8962ee74 4316{
88c3df13 4317 struct mgmt_rp_disconnect rp;
8962ee74 4318 struct pending_cmd *cmd;
8962ee74 4319
36a75f1b
JD		 4320 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
4321 hdev);
4322
2e58ef3e 4323 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
8962ee74 4324 if (!cmd)
7892924c 4325 return;
8962ee74 4326
88c3df13 4327 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 4328 rp.addr.type = link_to_bdaddr(link_type, addr_type);
37d9ef76 4329
7892924c
MH		 4330 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
4331 mgmt_status(status), &rp, sizeof(rp));
8962ee74 4332
a664b5bc 4333 mgmt_pending_remove(cmd);
f7520543 4334}
17d5c04c 4335
445608d0
MH		 4336void mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
4337 u8 addr_type, u8 status)
17d5c04c
JH		 4338{
4339 struct mgmt_ev_connect_failed ev;
4340
4c659c39 4341 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 4342 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 4343 ev.status = mgmt_status(status);
17d5c04c 4344
445608d0 4345 mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
17d5c04c 4346}
980e1a53 4347
744cf19e 4348int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 4349{
4350 struct mgmt_ev_pin_code_request ev;
4351
d8457698 4352 bacpy(&ev.addr.bdaddr, bdaddr);
591f47f3 4353 ev.addr.type = BDADDR_BREDR;
a770bb5a 4354 ev.secure = secure;
980e1a53 4355
744cf19e 4356 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
04124681 4357 NULL);
980e1a53
JH		 4358}
4359
744cf19e 4360int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 4361 u8 status)
980e1a53
JH		 4362{
4363 struct pending_cmd *cmd;
ac56fb13 4364 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 4365 int err;
4366
2e58ef3e 4367 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
980e1a53
JH		 4368 if (!cmd)
4369 return -ENOENT;
4370
d8457698 4371 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 4372 rp.addr.type = BDADDR_BREDR;
ac56fb13 4373
aee9b218 4374 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 4375 mgmt_status(status), &rp, sizeof(rp));
980e1a53 4376
a664b5bc 4377 mgmt_pending_remove(cmd);
980e1a53
JH		 4378
4379 return err;
4380}
4381
744cf19e 4382int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 4383 u8 status)
980e1a53
JH		 4384{
4385 struct pending_cmd *cmd;
ac56fb13 4386 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 4387 int err;
4388
2e58ef3e 4389 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
980e1a53
JH		 4390 if (!cmd)
4391 return -ENOENT;
4392
d8457698 4393 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 4394 rp.addr.type = BDADDR_BREDR;
ac56fb13 4395
aee9b218 4396 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY,
04124681 4397 mgmt_status(status), &rp, sizeof(rp));
980e1a53 4398
a664b5bc 4399 mgmt_pending_remove(cmd);
980e1a53
JH		 4400
4401 return err;
4402}
a5c29683 4403
744cf19e 4404int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681
GP		 4405 u8 link_type, u8 addr_type, __le32 value,
4406 u8 confirm_hint)
a5c29683
JH		 4407{
4408 struct mgmt_ev_user_confirm_request ev;
4409
744cf19e 4410 BT_DBG("%s", hdev->name);
a5c29683 4411
272d90df 4412 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 4413 ev.addr.type = link_to_bdaddr(link_type, addr_type);
55bc1a37 4414 ev.confirm_hint = confirm_hint;
78e8098e 4415 ev.value = value;
a5c29683 4416
744cf19e 4417 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
04124681 4418 NULL);
a5c29683
JH		 4419}
4420
272d90df 4421int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5 4422 u8 link_type, u8 addr_type)
604086b7
BG		 4423{
4424 struct mgmt_ev_user_passkey_request ev;
4425
4426 BT_DBG("%s", hdev->name);
4427
272d90df 4428 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 4429 ev.addr.type = link_to_bdaddr(link_type, addr_type);
604086b7
BG		 4430
4431 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
04124681 4432 NULL);
604086b7
BG		 4433}
4434
0df4c185 4435static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5
GP		 4436 u8 link_type, u8 addr_type, u8 status,
4437 u8 opcode)
a5c29683
JH		 4438{
4439 struct pending_cmd *cmd;
4440 struct mgmt_rp_user_confirm_reply rp;
4441 int err;
4442
2e58ef3e 4443 cmd = mgmt_pending_find(opcode, hdev);
a5c29683
JH		 4444 if (!cmd)
4445 return -ENOENT;
4446
272d90df 4447 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 4448 rp.addr.type = link_to_bdaddr(link_type, addr_type);
aee9b218 4449 err = cmd_complete(cmd->sk, hdev->id, opcode, mgmt_status(status),
04124681 4450 &rp, sizeof(rp));
a5c29683 4451
a664b5bc 4452 mgmt_pending_remove(cmd);
a5c29683
JH		 4453
4454 return err;
4455}
4456
744cf19e 4457int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 4458 u8 link_type, u8 addr_type, u8 status)
a5c29683 4459{
272d90df 4460 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 4461 status, MGMT_OP_USER_CONFIRM_REPLY);
a5c29683
JH		 4462}
4463
272d90df 4464int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 4465 u8 link_type, u8 addr_type, u8 status)
a5c29683 4466{
272d90df 4467 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 4468 status,
4469 MGMT_OP_USER_CONFIRM_NEG_REPLY);
a5c29683 4470}
2a611692 4471
604086b7 4472int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 4473 u8 link_type, u8 addr_type, u8 status)
604086b7 4474{
272d90df 4475 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 4476 status, MGMT_OP_USER_PASSKEY_REPLY);
604086b7
BG		 4477}
4478
272d90df 4479int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 4480 u8 link_type, u8 addr_type, u8 status)
604086b7 4481{
272d90df 4482 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 4483 status,
4484 MGMT_OP_USER_PASSKEY_NEG_REPLY);
604086b7
BG		 4485}
4486
92a25256
JH		 4487int mgmt_user_passkey_notify(struct hci_dev *hdev, bdaddr_t *bdaddr,
4488 u8 link_type, u8 addr_type, u32 passkey,
4489 u8 entered)
4490{
4491 struct mgmt_ev_passkey_notify ev;
4492
4493 BT_DBG("%s", hdev->name);
4494
4495 bacpy(&ev.addr.bdaddr, bdaddr);
4496 ev.addr.type = link_to_bdaddr(link_type, addr_type);
4497 ev.passkey = __cpu_to_le32(passkey);
4498 ev.entered = entered;
4499
4500 return mgmt_event(MGMT_EV_PASSKEY_NOTIFY, hdev, &ev, sizeof(ev), NULL);
4501}
4502
bab73cb6 4503int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 4504 u8 addr_type, u8 status)
2a611692
JH		 4505{
4506 struct mgmt_ev_auth_failed ev;
4507
bab73cb6 4508 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 4509 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 4510 ev.status = mgmt_status(status);
2a611692 4511
744cf19e 4512 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2a611692 4513}
b312b161 4514
33ef95ed
JH		 4515int mgmt_auth_enable_complete(struct hci_dev *hdev, u8 status)
4516{
4517 struct cmd_lookup match = { NULL, hdev };
47990ea0
JH		 4518 bool changed = false;
4519 int err = 0;
33ef95ed
JH		 4520
4521 if (status) {
4522 u8 mgmt_err = mgmt_status(status);
4523 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev,
04124681 4524 cmd_status_rsp, &mgmt_err);
33ef95ed
JH		 4525 return 0;
4526 }
4527
47990ea0
JH		 4528 if (test_bit(HCI_AUTH, &hdev->flags)) {
4529 if (!test_and_set_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
4530 changed = true;
4531 } else {
4532 if (test_and_clear_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
4533 changed = true;
4534 }
4535
33ef95ed 4536 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev, settings_rsp,
04124681 4537 &match);
33ef95ed 4538
47990ea0
JH		 4539 if (changed)
4540 err = new_settings(hdev, match.sk);
33ef95ed
JH		 4541
4542 if (match.sk)
4543 sock_put(match.sk);
4544
4545 return err;
4546}
4547
890ea898 4548static void clear_eir(struct hci_request *req)
cacaf52f 4549{
890ea898 4550 struct hci_dev *hdev = req->hdev;
cacaf52f
JH		 4551 struct hci_cp_write_eir cp;
4552
976eb20e 4553 if (!lmp_ext_inq_capable(hdev))
890ea898 4554 return;
cacaf52f 4555
c80da27e
JH		 4556 memset(hdev->eir, 0, sizeof(hdev->eir));
4557
cacaf52f
JH		 4558 memset(&cp, 0, sizeof(cp));
4559
890ea898 4560 hci_req_add(req, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
cacaf52f
JH		 4561}
4562
c0ecddc2 4563int mgmt_ssp_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
ed2c4ee3
JH		 4564{
4565 struct cmd_lookup match = { NULL, hdev };
890ea898 4566 struct hci_request req;
c0ecddc2
JH		 4567 bool changed = false;
4568 int err = 0;
ed2c4ee3
JH		 4569
4570 if (status) {
4571 u8 mgmt_err = mgmt_status(status);
c0ecddc2
JH		 4572
4573 if (enable && test_and_clear_bit(HCI_SSP_ENABLED,
9ecb3e24
MH		 4574 &hdev->dev_flags)) {
4575 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
c0ecddc2 4576 err = new_settings(hdev, NULL);
9ecb3e24 4577 }
c0ecddc2 4578
04124681
GP		 4579 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, cmd_status_rsp,
4580 &mgmt_err);
c0ecddc2
JH		 4581
4582 return err;
4583 }
4584
4585 if (enable) {
9ecb3e24 4586 changed = !test_and_set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
c0ecddc2 4587 } else {
9ecb3e24
MH		 4588 changed = test_and_clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
4589 if (!changed)
4590 changed = test_and_clear_bit(HCI_HS_ENABLED,
4591 &hdev->dev_flags);
4592 else
4593 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
ed2c4ee3
JH		 4594 }
4595
4596 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, settings_rsp, &match);
4597
c0ecddc2
JH		 4598 if (changed)
4599 err = new_settings(hdev, match.sk);
ed2c4ee3 4600
5fc6ebb1 4601 if (match.sk)
ed2c4ee3
JH		 4602 sock_put(match.sk);
4603
890ea898
JH		 4604 hci_req_init(&req, hdev);
4605
5fc6ebb1 4606 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
890ea898 4607 update_eir(&req);
5fc6ebb1 4608 else
890ea898
JH		 4609 clear_eir(&req);
4610
4611 hci_req_run(&req, NULL);
cacaf52f 4612
ed2c4ee3
JH		 4613 return err;
4614}
4615
92da6097 4616static void sk_lookup(struct pending_cmd *cmd, void *data)
90e70454
JH		 4617{
4618 struct cmd_lookup *match = data;
4619
90e70454
JH		 4620 if (match->sk == NULL) {
4621 match->sk = cmd->sk;
4622 sock_hold(match->sk);
4623 }
90e70454
JH		 4624}
4625
7f9a903c 4626int mgmt_set_class_of_dev_complete(struct hci_dev *hdev, u8 *dev_class,
04124681 4627 u8 status)
7f9a903c 4628{
90e70454
JH		 4629 struct cmd_lookup match = { NULL, hdev, mgmt_status(status) };
4630 int err = 0;
7f9a903c 4631
92da6097
JH		 4632 mgmt_pending_foreach(MGMT_OP_SET_DEV_CLASS, hdev, sk_lookup, &match);
4633 mgmt_pending_foreach(MGMT_OP_ADD_UUID, hdev, sk_lookup, &match);
4634 mgmt_pending_foreach(MGMT_OP_REMOVE_UUID, hdev, sk_lookup, &match);
90e70454
JH		 4635
4636 if (!status)
04124681
GP		 4637 err = mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev, dev_class,
4638 3, NULL);
90e70454
JH		 4639
4640 if (match.sk)
4641 sock_put(match.sk);
7f9a903c
MH		 4642
4643 return err;
4644}
4645
744cf19e 4646int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
b312b161 4647{
b312b161 4648 struct mgmt_cp_set_local_name ev;
13928971 4649 struct pending_cmd *cmd;
28cc7bde 4650
13928971
JH		 4651 if (status)
4652 return 0;
b312b161
JH		 4653
4654 memset(&ev, 0, sizeof(ev));
4655 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
28cc7bde 4656 memcpy(ev.short_name, hdev->short_name, HCI_MAX_SHORT_NAME_LENGTH);
b312b161 4657
2e58ef3e 4658 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
13928971
JH		 4659 if (!cmd) {
4660 memcpy(hdev->dev_name, name, sizeof(hdev->dev_name));
28cc7bde 4661
13928971
JH		 4662 /* If this is a HCI command related to powering on the
4663 * HCI dev don't send any mgmt signals.
4664 */
4665 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev))
4666 return 0;
890ea898 4667 }
b312b161 4668
13928971
JH		 4669 return mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev, sizeof(ev),
4670 cmd ? cmd->sk : NULL);
b312b161 4671}
c35938b2 4672
744cf19e 4673int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
04124681 4674 u8 *randomizer, u8 status)
c35938b2
SJ		 4675{
4676 struct pending_cmd *cmd;
4677 int err;
4678
744cf19e 4679 BT_DBG("%s status %u", hdev->name, status);
c35938b2 4680
2e58ef3e 4681 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
c35938b2
SJ		 4682 if (!cmd)
4683 return -ENOENT;
4684
4685 if (status) {
04124681
GP		 4686 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
4687 mgmt_status(status));
c35938b2
SJ		 4688 } else {
4689 struct mgmt_rp_read_local_oob_data rp;
4690
4691 memcpy(rp.hash, hash, sizeof(rp.hash));
4692 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
4693
744cf19e 4694 err = cmd_complete(cmd->sk, hdev->id,
04124681
GP		 4695 MGMT_OP_READ_LOCAL_OOB_DATA, 0, &rp,
4696 sizeof(rp));
c35938b2
SJ		 4697 }
4698
4699 mgmt_pending_remove(cmd);
4700
4701 return err;
4702}
e17acd40 4703
901801b9
MH		 4704void mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
4705 u8 addr_type, u8 *dev_class, s8 rssi, u8 cfm_name, u8
4706 ssp, u8 *eir, u16 eir_len)
e17acd40 4707{
e319d2e7
JH		 4708 char buf[512];
4709 struct mgmt_ev_device_found *ev = (void *) buf;
1dc06093 4710 size_t ev_size;
e17acd40 4711
12602d0c 4712 if (!hci_discovery_active(hdev))
901801b9 4713 return;
12602d0c 4714
1dc06093
JH		 4715 /* Leave 5 bytes for a potential CoD field */
4716 if (sizeof(*ev) + eir_len + 5 > sizeof(buf))
901801b9 4717 return;
7d262f86 4718
1dc06093
JH		 4719 memset(buf, 0, sizeof(buf));
4720
e319d2e7 4721 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 4722 ev->addr.type = link_to_bdaddr(link_type, addr_type);
e319d2e7 4723 ev->rssi = rssi;
9a395a80 4724 if (cfm_name)
612dfce9 4725 ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_CONFIRM_NAME);
388fc8fa 4726 if (!ssp)
612dfce9 4727 ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_LEGACY_PAIRING);
e17acd40 4728
1dc06093 4729 if (eir_len > 0)
e319d2e7 4730 memcpy(ev->eir, eir, eir_len);
e17acd40 4731
1dc06093
JH		 4732 if (dev_class && !eir_has_data_type(ev->eir, eir_len, EIR_CLASS_OF_DEV))
4733 eir_len = eir_append_data(ev->eir, eir_len, EIR_CLASS_OF_DEV,
04124681 4734 dev_class, 3);
1dc06093 4735
eb55ef07 4736 ev->eir_len = cpu_to_le16(eir_len);
1dc06093 4737 ev_size = sizeof(*ev) + eir_len;
f8523598 4738
901801b9 4739 mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, ev_size, NULL);
e17acd40 4740}
a88a9652 4741
9cf12aee
MH		 4742void mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
4743 u8 addr_type, s8 rssi, u8 *name, u8 name_len)
a88a9652 4744{
b644ba33
JH		 4745 struct mgmt_ev_device_found *ev;
4746 char buf[sizeof(*ev) + HCI_MAX_NAME_LENGTH + 2];
4747 u16 eir_len;
a88a9652 4748
b644ba33 4749 ev = (struct mgmt_ev_device_found *) buf;
a88a9652 4750
b644ba33
JH		 4751 memset(buf, 0, sizeof(buf));
4752
4753 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 4754 ev->addr.type = link_to_bdaddr(link_type, addr_type);
b644ba33
JH		 4755 ev->rssi = rssi;
4756
4757 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name,
04124681 4758 name_len);
b644ba33 4759
eb55ef07 4760 ev->eir_len = cpu_to_le16(eir_len);
a88a9652 4761
9cf12aee 4762 mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, sizeof(*ev) + eir_len, NULL);
a88a9652 4763}
314b2381 4764
2f1e063b 4765void mgmt_discovering(struct hci_dev *hdev, u8 discovering)
314b2381 4766{
f963e8e9 4767 struct mgmt_ev_discovering ev;
164a6e78
JH		 4768 struct pending_cmd *cmd;
4769
343fb145
AG		 4770 BT_DBG("%s discovering %u", hdev->name, discovering);
4771
164a6e78 4772 if (discovering)
2e58ef3e 4773 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78 4774 else
2e58ef3e 4775 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
164a6e78
JH		 4776
4777 if (cmd != NULL) {
f808e166
JH		 4778 u8 type = hdev->discovery.type;
4779
04124681
GP		 4780 cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0, &type,
4781 sizeof(type));
164a6e78
JH		 4782 mgmt_pending_remove(cmd);
4783 }
4784
f963e8e9
JH		 4785 memset(&ev, 0, sizeof(ev));
4786 ev.type = hdev->discovery.type;
4787 ev.discovering = discovering;
4788
2f1e063b 4789 mgmt_event(MGMT_EV_DISCOVERING, hdev, &ev, sizeof(ev), NULL);
314b2381 4790}
5e762444 4791
88c1fe4b 4792int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 4793{
4794 struct pending_cmd *cmd;
4795 struct mgmt_ev_device_blocked ev;
4796
2e58ef3e 4797 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
5e762444 4798
88c1fe4b
JH		 4799 bacpy(&ev.addr.bdaddr, bdaddr);
4800 ev.addr.type = type;
5e762444 4801
744cf19e 4802 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
04124681 4803 cmd ? cmd->sk : NULL);
5e762444
AJ		 4804}
4805
88c1fe4b 4806int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 4807{
4808 struct pending_cmd *cmd;
4809 struct mgmt_ev_device_unblocked ev;
4810
2e58ef3e 4811 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
5e762444 4812
88c1fe4b
JH		 4813 bacpy(&ev.addr.bdaddr, bdaddr);
4814 ev.addr.type = type;
5e762444 4815
744cf19e 4816 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
04124681 4817 cmd ? cmd->sk : NULL);
5e762444 4818}
5976e608
MH		 4819
4820static void adv_enable_complete(struct hci_dev *hdev, u8 status)
4821{
4822 BT_DBG("%s status %u", hdev->name, status);
4823
4824 /* Clear the advertising mgmt setting if we failed to re-enable it */
4825 if (status) {
4826 clear_bit(HCI_ADVERTISING, &hdev->dev_flags);
a6d811ed 4827 new_settings(hdev, NULL);
5976e608
MH		 4828 }
4829}
4830
4831void mgmt_reenable_advertising(struct hci_dev *hdev)
4832{
4833 struct hci_request req;
4834
b145edcd 4835 if (hci_conn_num(hdev, LE_LINK) > 0)
5976e608
MH		 4836 return;
4837
4838 if (!test_bit(HCI_ADVERTISING, &hdev->dev_flags))
4839 return;
4840
4841 hci_req_init(&req, hdev);
4842 enable_advertising(&req);
4843
4844 /* If this fails we have no option but to let user space know
4845 * that we've disabled advertising.
4846 */
4847 if (hci_req_run(&req, adv_enable_complete) < 0) {
4848 clear_bit(HCI_ADVERTISING, &hdev->dev_flags);
a6d811ed 4849 new_settings(hdev, NULL);
5976e608
MH		 4850 }
4851}
Linux kernel - Deliverables
This page took 0.748577 seconds and 5 git commands to generate.