projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Use kernel int types instead of ones from stdint.h
[deliverable/linux.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
ea585ab5 3
0381101f 4 Copyright (C) 2010 Nokia Corporation
ea585ab5 5 Copyright (C) 2011-2012 Intel Corporation
0381101f
JH		 6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI Management interface */
26
ca69b795 27#include <linux/kernel.h>
72359753 28#include <linux/uaccess.h>
3a9a231d 29#include <linux/module.h>
0381101f
JH		 30#include <asm/unaligned.h>
31
32#include <net/bluetooth/bluetooth.h>
33#include <net/bluetooth/hci_core.h>
34#include <net/bluetooth/mgmt.h>
5fe57d9e 35#include <net/bluetooth/smp.h>
0381101f 36
d7b7e796
MH		 37bool enable_hs;
38bool enable_le;
39
2da9c55c
JH		 40#define MGMT_VERSION 1
41#define MGMT_REVISION 0
02d98129 42
e70bb2e8
JH		 43static const u16 mgmt_commands[] = {
44 MGMT_OP_READ_INDEX_LIST,
45 MGMT_OP_READ_INFO,
46 MGMT_OP_SET_POWERED,
47 MGMT_OP_SET_DISCOVERABLE,
48 MGMT_OP_SET_CONNECTABLE,
49 MGMT_OP_SET_FAST_CONNECTABLE,
50 MGMT_OP_SET_PAIRABLE,
51 MGMT_OP_SET_LINK_SECURITY,
52 MGMT_OP_SET_SSP,
53 MGMT_OP_SET_HS,
54 MGMT_OP_SET_LE,
55 MGMT_OP_SET_DEV_CLASS,
56 MGMT_OP_SET_LOCAL_NAME,
57 MGMT_OP_ADD_UUID,
58 MGMT_OP_REMOVE_UUID,
59 MGMT_OP_LOAD_LINK_KEYS,
60 MGMT_OP_LOAD_LONG_TERM_KEYS,
61 MGMT_OP_DISCONNECT,
62 MGMT_OP_GET_CONNECTIONS,
63 MGMT_OP_PIN_CODE_REPLY,
64 MGMT_OP_PIN_CODE_NEG_REPLY,
65 MGMT_OP_SET_IO_CAPABILITY,
66 MGMT_OP_PAIR_DEVICE,
67 MGMT_OP_CANCEL_PAIR_DEVICE,
68 MGMT_OP_UNPAIR_DEVICE,
69 MGMT_OP_USER_CONFIRM_REPLY,
70 MGMT_OP_USER_CONFIRM_NEG_REPLY,
71 MGMT_OP_USER_PASSKEY_REPLY,
72 MGMT_OP_USER_PASSKEY_NEG_REPLY,
73 MGMT_OP_READ_LOCAL_OOB_DATA,
74 MGMT_OP_ADD_REMOTE_OOB_DATA,
75 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
76 MGMT_OP_START_DISCOVERY,
77 MGMT_OP_STOP_DISCOVERY,
78 MGMT_OP_CONFIRM_NAME,
79 MGMT_OP_BLOCK_DEVICE,
80 MGMT_OP_UNBLOCK_DEVICE,
81};
82
83static const u16 mgmt_events[] = {
84 MGMT_EV_CONTROLLER_ERROR,
85 MGMT_EV_INDEX_ADDED,
86 MGMT_EV_INDEX_REMOVED,
87 MGMT_EV_NEW_SETTINGS,
88 MGMT_EV_CLASS_OF_DEV_CHANGED,
89 MGMT_EV_LOCAL_NAME_CHANGED,
90 MGMT_EV_NEW_LINK_KEY,
91 MGMT_EV_NEW_LONG_TERM_KEY,
92 MGMT_EV_DEVICE_CONNECTED,
93 MGMT_EV_DEVICE_DISCONNECTED,
94 MGMT_EV_CONNECT_FAILED,
95 MGMT_EV_PIN_CODE_REQUEST,
96 MGMT_EV_USER_CONFIRM_REQUEST,
97 MGMT_EV_USER_PASSKEY_REQUEST,
98 MGMT_EV_AUTH_FAILED,
99 MGMT_EV_DEVICE_FOUND,
100 MGMT_EV_DISCOVERING,
101 MGMT_EV_DEVICE_BLOCKED,
102 MGMT_EV_DEVICE_UNBLOCKED,
103 MGMT_EV_DEVICE_UNPAIRED,
104};
105
3fd24153
AG		 106/*
107 * These LE scan and inquiry parameters were chosen according to LE General
108 * Discovery Procedure specification.
109 */
110#define LE_SCAN_TYPE 0x01
111#define LE_SCAN_WIN 0x12
112#define LE_SCAN_INT 0x12
113#define LE_SCAN_TIMEOUT_LE_ONLY 10240 /* TGAP(gen_disc_scan_min) */
5e0452c0 114#define LE_SCAN_TIMEOUT_BREDR_LE 5120 /* TGAP(100)/2 */
3fd24153 115
e8777525 116#define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
5e0452c0 117#define INQUIRY_LEN_BREDR_LE 0x04 /* TGAP(100)/2 */
2519a1fc 118
7d78525d
JH		 119#define SERVICE_CACHE_TIMEOUT (5 * 1000)
120
4b34ee78
JH		 121#define hdev_is_powered(hdev) (test_bit(HCI_UP, &hdev->flags) && \
122 !test_bit(HCI_AUTO_OFF, &hdev->dev_flags))
123
eec8d2bc
JH		 124struct pending_cmd {
125 struct list_head list;
fc2f4b13 126 u16 opcode;
eec8d2bc 127 int index;
c68fb7ff 128 void *param;
eec8d2bc 129 struct sock *sk;
e9a416b5 130 void *user_data;
eec8d2bc
JH		 131};
132
ca69b795
JH		 133/* HCI to MGMT error code conversion table */
134static u8 mgmt_status_table[] = {
135 MGMT_STATUS_SUCCESS,
136 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
137 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
138 MGMT_STATUS_FAILED, /* Hardware Failure */
139 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
140 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
141 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
142 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
143 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
144 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
145 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
146 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
147 MGMT_STATUS_BUSY, /* Command Disallowed */
148 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
149 MGMT_STATUS_REJECTED, /* Rejected Security */
150 MGMT_STATUS_REJECTED, /* Rejected Personal */
151 MGMT_STATUS_TIMEOUT, /* Host Timeout */
152 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
153 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
154 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
155 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
156 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
157 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
158 MGMT_STATUS_BUSY, /* Repeated Attempts */
159 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
160 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
161 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
162 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
163 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
164 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
165 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
166 MGMT_STATUS_FAILED, /* Unspecified Error */
167 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
168 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
169 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
170 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
171 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
172 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
173 MGMT_STATUS_FAILED, /* Unit Link Key Used */
174 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
175 MGMT_STATUS_TIMEOUT, /* Instant Passed */
176 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
177 MGMT_STATUS_FAILED, /* Transaction Collision */
178 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
179 MGMT_STATUS_REJECTED, /* QoS Rejected */
180 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
181 MGMT_STATUS_REJECTED, /* Insufficient Security */
182 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
183 MGMT_STATUS_BUSY, /* Role Switch Pending */
184 MGMT_STATUS_FAILED, /* Slot Violation */
185 MGMT_STATUS_FAILED, /* Role Switch Failed */
186 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
187 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
188 MGMT_STATUS_BUSY, /* Host Busy Pairing */
189 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
190 MGMT_STATUS_BUSY, /* Controller Busy */
191 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
192 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
193 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
194 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
195 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
196};
197
198static u8 mgmt_status(u8 hci_status)
199{
200 if (hci_status < ARRAY_SIZE(mgmt_status_table))
201 return mgmt_status_table[hci_status];
202
203 return MGMT_STATUS_FAILED;
204}
205
4e51eae9 206static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 207{
208 struct sk_buff *skb;
209 struct mgmt_hdr *hdr;
210 struct mgmt_ev_cmd_status *ev;
56b7d137 211 int err;
f7b64e69 212
34eb525c 213 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69
JH		 214
215 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
216 if (!skb)
217 return -ENOMEM;
218
219 hdr = (void *) skb_put(skb, sizeof(*hdr));
220
221 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 222 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 223 hdr->len = cpu_to_le16(sizeof(*ev));
224
225 ev = (void *) skb_put(skb, sizeof(*ev));
226 ev->status = status;
227 put_unaligned_le16(cmd, &ev->opcode);
228
56b7d137
GP		 229 err = sock_queue_rcv_skb(sk, skb);
230 if (err < 0)
f7b64e69
JH		 231 kfree_skb(skb);
232
56b7d137 233 return err;
f7b64e69
JH		 234}
235
aee9b218
JH		 236static int cmd_complete(struct sock *sk, u16 index, u16 cmd, u8 status,
237 void *rp, size_t rp_len)
02d98129
JH		 238{
239 struct sk_buff *skb;
240 struct mgmt_hdr *hdr;
241 struct mgmt_ev_cmd_complete *ev;
56b7d137 242 int err;
02d98129
JH		 243
244 BT_DBG("sock %p", sk);
245
a38528f1 246 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
02d98129
JH		 247 if (!skb)
248 return -ENOMEM;
249
250 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 251
a38528f1 252 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 253 hdr->index = cpu_to_le16(index);
a38528f1 254 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 255
a38528f1
JH		 256 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
257 put_unaligned_le16(cmd, &ev->opcode);
aee9b218 258 ev->status = status;
8020c16a
SJ		 259
260 if (rp)
261 memcpy(ev->data, rp, rp_len);
02d98129 262
56b7d137
GP		 263 err = sock_queue_rcv_skb(sk, skb);
264 if (err < 0)
02d98129
JH		 265 kfree_skb(skb);
266
e5f0e151 267 return err;
02d98129
JH		 268}
269
a38528f1
JH		 270static int read_version(struct sock *sk)
271{
272 struct mgmt_rp_read_version rp;
273
274 BT_DBG("sock %p", sk);
275
276 rp.version = MGMT_VERSION;
277 put_unaligned_le16(MGMT_REVISION, &rp.revision);
278
aee9b218 279 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, 0, &rp,
4e51eae9 280 sizeof(rp));
a38528f1
JH		 281}
282
e70bb2e8
JH		 283static int read_commands(struct sock *sk)
284{
285 struct mgmt_rp_read_commands *rp;
286 u16 num_commands = ARRAY_SIZE(mgmt_commands);
287 u16 num_events = ARRAY_SIZE(mgmt_events);
288 u16 *opcode;
289 size_t rp_size;
290 int i, err;
291
292 BT_DBG("sock %p", sk);
293
294 rp_size = sizeof(*rp) + ((num_commands + num_events) * sizeof(u16));
295
296 rp = kmalloc(rp_size, GFP_KERNEL);
297 if (!rp)
298 return -ENOMEM;
299
300 put_unaligned_le16(num_commands, &rp->num_commands);
301 put_unaligned_le16(num_events, &rp->num_events);
302
303 for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++)
304 put_unaligned_le16(mgmt_commands[i], opcode);
305
306 for (i = 0; i < num_events; i++, opcode++)
307 put_unaligned_le16(mgmt_events[i], opcode);
308
aee9b218 309 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0, rp,
e70bb2e8
JH		 310 rp_size);
311 kfree(rp);
312
313 return err;
314}
315
faba42eb
JH		 316static int read_index_list(struct sock *sk)
317{
faba42eb
JH		 318 struct mgmt_rp_read_index_list *rp;
319 struct list_head *p;
8035ded4 320 struct hci_dev *d;
a38528f1 321 size_t rp_len;
faba42eb 322 u16 count;
a38528f1 323 int i, err;
faba42eb
JH		 324
325 BT_DBG("sock %p", sk);
326
327 read_lock(&hci_dev_list_lock);
328
329 count = 0;
330 list_for_each(p, &hci_dev_list) {
331 count++;
332 }
333
a38528f1
JH		 334 rp_len = sizeof(*rp) + (2 * count);
335 rp = kmalloc(rp_len, GFP_ATOMIC);
336 if (!rp) {
b2c60d42 337 read_unlock(&hci_dev_list_lock);
faba42eb 338 return -ENOMEM;
b2c60d42 339 }
faba42eb 340
faba42eb
JH		 341 put_unaligned_le16(count, &rp->num_controllers);
342
343 i = 0;
8035ded4 344 list_for_each_entry(d, &hci_dev_list, list) {
a8b2d5c2 345 if (test_bit(HCI_SETUP, &d->dev_flags))
ab81cbf9
JH		 346 continue;
347
faba42eb
JH		 348 put_unaligned_le16(d->id, &rp->index[i++]);
349 BT_DBG("Added hci%u", d->id);
350 }
351
352 read_unlock(&hci_dev_list_lock);
353
aee9b218 354 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, 0, rp,
4e51eae9 355 rp_len);
faba42eb 356
a38528f1
JH		 357 kfree(rp);
358
359 return err;
faba42eb
JH		 360}
361
69ab39ea
JH		 362static u32 get_supported_settings(struct hci_dev *hdev)
363{
364 u32 settings = 0;
365
366 settings |= MGMT_SETTING_POWERED;
367 settings |= MGMT_SETTING_CONNECTABLE;
368 settings |= MGMT_SETTING_FAST_CONNECTABLE;
369 settings |= MGMT_SETTING_DISCOVERABLE;
370 settings |= MGMT_SETTING_PAIRABLE;
371
372 if (hdev->features[6] & LMP_SIMPLE_PAIR)
373 settings |= MGMT_SETTING_SSP;
374
375 if (!(hdev->features[4] & LMP_NO_BREDR)) {
376 settings |= MGMT_SETTING_BREDR;
377 settings |= MGMT_SETTING_LINK_SECURITY;
378 }
379
d7b7e796
MH		 380 if (enable_hs)
381 settings |= MGMT_SETTING_HS;
382
383 if (enable_le) {
384 if (hdev->features[4] & LMP_LE)
385 settings |= MGMT_SETTING_LE;
386 }
69ab39ea
JH		 387
388 return settings;
389}
390
391static u32 get_current_settings(struct hci_dev *hdev)
392{
393 u32 settings = 0;
394
f1f0eb02 395 if (hdev_is_powered(hdev))
f0d4b78a
MH		 396 settings |= MGMT_SETTING_POWERED;
397
5e5282bb 398 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
69ab39ea
JH		 399 settings |= MGMT_SETTING_CONNECTABLE;
400
5e5282bb 401 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
69ab39ea
JH		 402 settings |= MGMT_SETTING_DISCOVERABLE;
403
a8b2d5c2 404 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags))
69ab39ea
JH		 405 settings |= MGMT_SETTING_PAIRABLE;
406
407 if (!(hdev->features[4] & LMP_NO_BREDR))
408 settings |= MGMT_SETTING_BREDR;
409
06199cf8 410 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 411 settings |= MGMT_SETTING_LE;
412
47990ea0 413 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
69ab39ea
JH		 414 settings |= MGMT_SETTING_LINK_SECURITY;
415
84bde9d6 416 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 417 settings |= MGMT_SETTING_SSP;
418
6d80dfd0
JH		 419 if (test_bit(HCI_HS_ENABLED, &hdev->dev_flags))
420 settings |= MGMT_SETTING_HS;
421
69ab39ea
JH		 422 return settings;
423}
424
ef580372
JH		 425#define PNP_INFO_SVCLASS_ID 0x1200
426
427static u8 bluetooth_base_uuid[] = {
428 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
429 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
430};
431
432static u16 get_uuid16(u8 *uuid128)
433{
434 u32 val;
435 int i;
436
437 for (i = 0; i < 12; i++) {
438 if (bluetooth_base_uuid[i] != uuid128[i])
439 return 0;
440 }
441
442 memcpy(&val, &uuid128[12], 4);
443
444 val = le32_to_cpu(val);
445 if (val > 0xffff)
446 return 0;
447
448 return (u16) val;
449}
450
451static void create_eir(struct hci_dev *hdev, u8 *data)
452{
453 u8 *ptr = data;
454 u16 eir_len = 0;
455 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
456 int i, truncated = 0;
457 struct bt_uuid *uuid;
458 size_t name_len;
459
460 name_len = strlen(hdev->dev_name);
461
462 if (name_len > 0) {
463 /* EIR Data type */
464 if (name_len > 48) {
465 name_len = 48;
466 ptr[1] = EIR_NAME_SHORT;
467 } else
468 ptr[1] = EIR_NAME_COMPLETE;
469
470 /* EIR Data length */
471 ptr[0] = name_len + 1;
472
473 memcpy(ptr + 2, hdev->dev_name, name_len);
474
475 eir_len += (name_len + 2);
476 ptr += (name_len + 2);
477 }
478
479 memset(uuid16_list, 0, sizeof(uuid16_list));
480
481 /* Group all UUID16 types */
482 list_for_each_entry(uuid, &hdev->uuids, list) {
483 u16 uuid16;
484
485 uuid16 = get_uuid16(uuid->uuid);
486 if (uuid16 == 0)
487 return;
488
489 if (uuid16 < 0x1100)
490 continue;
491
492 if (uuid16 == PNP_INFO_SVCLASS_ID)
493 continue;
494
495 /* Stop if not enough space to put next UUID */
496 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
497 truncated = 1;
498 break;
499 }
500
501 /* Check for duplicates */
502 for (i = 0; uuid16_list[i] != 0; i++)
503 if (uuid16_list[i] == uuid16)
504 break;
505
506 if (uuid16_list[i] == 0) {
507 uuid16_list[i] = uuid16;
508 eir_len += sizeof(u16);
509 }
510 }
511
512 if (uuid16_list[0] != 0) {
513 u8 *length = ptr;
514
515 /* EIR Data type */
516 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
517
518 ptr += 2;
519 eir_len += 2;
520
521 for (i = 0; uuid16_list[i] != 0; i++) {
522 *ptr++ = (uuid16_list[i] & 0x00ff);
523 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
524 }
525
526 /* EIR Data length */
527 *length = (i * sizeof(u16)) + 1;
528 }
529}
530
531static int update_eir(struct hci_dev *hdev)
532{
533 struct hci_cp_write_eir cp;
534
504c8dcd 535 if (!hdev_is_powered(hdev))
7770c4aa
JH		 536 return 0;
537
ef580372
JH		 538 if (!(hdev->features[6] & LMP_EXT_INQ))
539 return 0;
540
84bde9d6 541 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
ef580372
JH		 542 return 0;
543
a8b2d5c2 544 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 545 return 0;
546
547 memset(&cp, 0, sizeof(cp));
548
549 create_eir(hdev, cp.data);
550
551 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
552 return 0;
553
554 memcpy(hdev->eir, cp.data, sizeof(cp.data));
555
556 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
557}
558
559static u8 get_service_classes(struct hci_dev *hdev)
560{
561 struct bt_uuid *uuid;
562 u8 val = 0;
563
564 list_for_each_entry(uuid, &hdev->uuids, list)
565 val |= uuid->svc_hint;
566
567 return val;
568}
569
570static int update_class(struct hci_dev *hdev)
571{
572 u8 cod[3];
c95f0ba7 573 int err;
ef580372
JH		 574
575 BT_DBG("%s", hdev->name);
576
504c8dcd 577 if (!hdev_is_powered(hdev))
7770c4aa
JH		 578 return 0;
579
a8b2d5c2 580 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 581 return 0;
582
583 cod[0] = hdev->minor_class;
584 cod[1] = hdev->major_class;
585 cod[2] = get_service_classes(hdev);
586
587 if (memcmp(cod, hdev->dev_class, 3) == 0)
588 return 0;
589
c95f0ba7
JH		 590 err = hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
591 if (err == 0)
592 set_bit(HCI_PENDING_CLASS, &hdev->dev_flags);
593
594 return err;
ef580372
JH		 595}
596
7d78525d
JH		 597static void service_cache_off(struct work_struct *work)
598{
599 struct hci_dev *hdev = container_of(work, struct hci_dev,
600 service_cache.work);
601
a8b2d5c2 602 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 603 return;
604
605 hci_dev_lock(hdev);
606
607 update_eir(hdev);
608 update_class(hdev);
609
610 hci_dev_unlock(hdev);
611}
612
613static void mgmt_init_hdev(struct hci_dev *hdev)
614{
0cbf4ed6 615 if (!test_and_set_bit(HCI_MGMT, &hdev->dev_flags)) {
7d78525d
JH		 616 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
617
0cbf4ed6
JH		 618 /* Non-mgmt controlled devices get this bit set
619 * implicitly so that pairing works for them, however
620 * for mgmt we require user-space to explicitly enable
621 * it
622 */
623 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
624 }
7d78525d
JH		 625}
626
4e51eae9 627static int read_controller_info(struct sock *sk, u16 index)
0381101f 628{
a38528f1 629 struct mgmt_rp_read_info rp;
f7b64e69 630 struct hci_dev *hdev;
0381101f 631
4e51eae9 632 BT_DBG("sock %p hci%u", sk, index);
f7b64e69 633
4e51eae9 634 hdev = hci_dev_get(index);
a38528f1 635 if (!hdev)
ca69b795
JH		 636 return cmd_status(sk, index, MGMT_OP_READ_INFO,
637 MGMT_STATUS_INVALID_PARAMS);
f7b64e69 638
09fd0de5 639 hci_dev_lock(hdev);
f7b64e69 640
7d78525d
JH		 641 if (test_and_clear_bit(HCI_PI_MGMT_INIT, &hci_pi(sk)->flags))
642 mgmt_init_hdev(hdev);
ebc99feb 643
dc4fe30b
JH		 644 memset(&rp, 0, sizeof(rp));
645
69ab39ea 646 bacpy(&rp.bdaddr, &hdev->bdaddr);
f7b64e69 647
69ab39ea 648 rp.version = hdev->hci_ver;
f7b64e69 649
69ab39ea
JH		 650 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
651
652 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
653 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
f7b64e69 654
a38528f1 655 memcpy(rp.dev_class, hdev->dev_class, 3);
f7b64e69 656
dc4fe30b 657 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
27fcc362 658 memcpy(rp.short_name, hdev->short_name, sizeof(hdev->short_name));
dc4fe30b 659
09fd0de5 660 hci_dev_unlock(hdev);
f7b64e69 661 hci_dev_put(hdev);
0381101f 662
aee9b218 663 return cmd_complete(sk, index, MGMT_OP_READ_INFO, 0, &rp, sizeof(rp));
0381101f
JH		 664}
665
eec8d2bc
JH		 666static void mgmt_pending_free(struct pending_cmd *cmd)
667{
668 sock_put(cmd->sk);
c68fb7ff 669 kfree(cmd->param);
eec8d2bc
JH		 670 kfree(cmd);
671}
672
366a0336 673static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
2e58ef3e
JH		 674 struct hci_dev *hdev,
675 void *data, u16 len)
eec8d2bc
JH		 676{
677 struct pending_cmd *cmd;
678
679 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
680 if (!cmd)
366a0336 681 return NULL;
eec8d2bc
JH		 682
683 cmd->opcode = opcode;
2e58ef3e 684 cmd->index = hdev->id;
eec8d2bc 685
c68fb7ff
SJ		 686 cmd->param = kmalloc(len, GFP_ATOMIC);
687 if (!cmd->param) {
eec8d2bc 688 kfree(cmd);
366a0336 689 return NULL;
eec8d2bc
JH		 690 }
691
8fce6357
SJ		 692 if (data)
693 memcpy(cmd->param, data, len);
eec8d2bc
JH		 694
695 cmd->sk = sk;
696 sock_hold(sk);
697
2e58ef3e 698 list_add(&cmd->list, &hdev->mgmt_pending);
eec8d2bc 699
366a0336 700 return cmd;
eec8d2bc
JH		 701}
702
744cf19e 703static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
eec8d2bc
JH		 704 void (*cb)(struct pending_cmd *cmd, void *data),
705 void *data)
706{
707 struct list_head *p, *n;
708
2e58ef3e 709 list_for_each_safe(p, n, &hdev->mgmt_pending) {
eec8d2bc
JH		 710 struct pending_cmd *cmd;
711
712 cmd = list_entry(p, struct pending_cmd, list);
713
b24752fe 714 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 715 continue;
716
eec8d2bc
JH		 717 cb(cmd, data);
718 }
719}
720
2e58ef3e 721static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
eec8d2bc 722{
8035ded4 723 struct pending_cmd *cmd;
eec8d2bc 724
2e58ef3e 725 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
2aeabcbe
JH		 726 if (cmd->opcode == opcode)
727 return cmd;
eec8d2bc
JH		 728 }
729
730 return NULL;
731}
732
a664b5bc 733static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 734{
73f22f62
JH		 735 list_del(&cmd->list);
736 mgmt_pending_free(cmd);
737}
738
69ab39ea 739static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
8680570b 740{
69ab39ea 741 __le32 settings = cpu_to_le32(get_current_settings(hdev));
8680570b 742
aee9b218
JH		 743 return cmd_complete(sk, hdev->id, opcode, 0, &settings,
744 sizeof(settings));
8680570b
JH		 745}
746
650f726d 747static int set_powered(struct sock *sk, u16 index, void *data, u16 len)
eec8d2bc 748{
650f726d 749 struct mgmt_mode *cp = data;
eec8d2bc 750 struct hci_dev *hdev;
366a0336 751 struct pending_cmd *cmd;
4b34ee78 752 int err;
eec8d2bc 753
4e51eae9 754 BT_DBG("request for hci%u", index);
eec8d2bc 755
bdce7baf 756 if (len != sizeof(*cp))
ca69b795
JH		 757 return cmd_status(sk, index, MGMT_OP_SET_POWERED,
758 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 759
4e51eae9 760 hdev = hci_dev_get(index);
eec8d2bc 761 if (!hdev)
ca69b795
JH		 762 return cmd_status(sk, index, MGMT_OP_SET_POWERED,
763 MGMT_STATUS_INVALID_PARAMS);
eec8d2bc 764
09fd0de5 765 hci_dev_lock(hdev);
eec8d2bc 766
f0d4b78a
MH		 767 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) {
768 cancel_delayed_work(&hdev->power_off);
769
770 if (cp->val) {
771 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
772 mgmt_powered(hdev, 1);
773 goto failed;
774 }
775 }
776
4b34ee78 777 if (!!cp->val == hdev_is_powered(hdev)) {
69ab39ea 778 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
eec8d2bc
JH		 779 goto failed;
780 }
781
2e58ef3e 782 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
ca69b795
JH		 783 err = cmd_status(sk, index, MGMT_OP_SET_POWERED,
784 MGMT_STATUS_BUSY);
eec8d2bc
JH		 785 goto failed;
786 }
787
2e58ef3e 788 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
366a0336
JH		 789 if (!cmd) {
790 err = -ENOMEM;
eec8d2bc 791 goto failed;
366a0336 792 }
eec8d2bc 793
72a734ec 794 if (cp->val)
7f971041 795 schedule_work(&hdev->power_on);
eec8d2bc 796 else
80b7ab33 797 schedule_work(&hdev->power_off.work);
eec8d2bc 798
366a0336 799 err = 0;
eec8d2bc
JH		 800
801failed:
09fd0de5 802 hci_dev_unlock(hdev);
eec8d2bc 803 hci_dev_put(hdev);
366a0336 804 return err;
eec8d2bc
JH		 805}
806
beadb2bd
JH		 807static int mgmt_event(u16 event, struct hci_dev *hdev, void *data,
808 u16 data_len, struct sock *skip_sk)
809{
810 struct sk_buff *skb;
811 struct mgmt_hdr *hdr;
812
813 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
814 if (!skb)
815 return -ENOMEM;
816
817 hdr = (void *) skb_put(skb, sizeof(*hdr));
818 hdr->opcode = cpu_to_le16(event);
819 if (hdev)
820 hdr->index = cpu_to_le16(hdev->id);
821 else
822 hdr->index = cpu_to_le16(MGMT_INDEX_NONE);
823 hdr->len = cpu_to_le16(data_len);
824
825 if (data)
826 memcpy(skb_put(skb, data_len), data, data_len);
827
97e0bdeb
MH		 828 /* Time stamp */
829 __net_timestamp(skb);
830
beadb2bd
JH		 831 hci_send_to_control(skb, skip_sk);
832 kfree_skb(skb);
833
834 return 0;
835}
836
837static int new_settings(struct hci_dev *hdev, struct sock *skip)
838{
839 __le32 ev;
840
841 ev = cpu_to_le32(get_current_settings(hdev));
842
843 return mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), skip);
844}
845
650f726d 846static int set_discoverable(struct sock *sk, u16 index, void *data, u16 len)
73f22f62 847{
650f726d 848 struct mgmt_cp_set_discoverable *cp = data;
73f22f62 849 struct hci_dev *hdev;
366a0336 850 struct pending_cmd *cmd;
5e5282bb 851 u16 timeout;
73f22f62
JH		 852 u8 scan;
853 int err;
854
4e51eae9 855 BT_DBG("request for hci%u", index);
73f22f62 856
bdce7baf 857 if (len != sizeof(*cp))
ca69b795
JH		 858 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
859 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 860
24c54a90
MH		 861 timeout = get_unaligned_le16(&cp->timeout);
862 if (!cp->val && timeout > 0)
863 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
864 MGMT_STATUS_INVALID_PARAMS);
865
4e51eae9 866 hdev = hci_dev_get(index);
73f22f62 867 if (!hdev)
ca69b795
JH		 868 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
869 MGMT_STATUS_INVALID_PARAMS);
73f22f62 870
09fd0de5 871 hci_dev_lock(hdev);
73f22f62 872
5e5282bb 873 if (!hdev_is_powered(hdev) && timeout > 0) {
ca69b795
JH		 874 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
875 MGMT_STATUS_NOT_POWERED);
73f22f62
JH		 876 goto failed;
877 }
878
2e58ef3e
JH		 879 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
880 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
ca69b795
JH		 881 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
882 MGMT_STATUS_BUSY);
73f22f62
JH		 883 goto failed;
884 }
885
5e5282bb
JH		 886 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) {
887 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
888 MGMT_STATUS_REJECTED);
889 goto failed;
890 }
891
892 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 893 bool changed = false;
894
895 if (!!cp->val != test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
896 change_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
897 changed = true;
898 }
899
5e5282bb 900 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
0224d2fa
JH		 901 if (err < 0)
902 goto failed;
903
904 if (changed)
905 err = new_settings(hdev, sk);
906
5e5282bb
JH		 907 goto failed;
908 }
909
910 if (!!cp->val == test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
955638ec
MH		 911 if (hdev->discov_timeout > 0) {
912 cancel_delayed_work(&hdev->discov_off);
913 hdev->discov_timeout = 0;
914 }
915
916 if (cp->val && timeout > 0) {
917 hdev->discov_timeout = timeout;
918 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
919 msecs_to_jiffies(hdev->discov_timeout * 1000));
920 }
921
69ab39ea 922 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
73f22f62
JH		 923 goto failed;
924 }
925
2e58ef3e 926 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
366a0336
JH		 927 if (!cmd) {
928 err = -ENOMEM;
73f22f62 929 goto failed;
366a0336 930 }
73f22f62
JH		 931
932 scan = SCAN_PAGE;
933
72a734ec 934 if (cp->val)
73f22f62 935 scan |= SCAN_INQUIRY;
16ab91ab 936 else
e0f9309f 937 cancel_delayed_work(&hdev->discov_off);
73f22f62
JH		 938
939 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
940 if (err < 0)
a664b5bc 941 mgmt_pending_remove(cmd);
73f22f62 942
16ab91ab 943 if (cp->val)
5e5282bb 944 hdev->discov_timeout = timeout;
16ab91ab 945
73f22f62 946failed:
09fd0de5 947 hci_dev_unlock(hdev);
73f22f62
JH		 948 hci_dev_put(hdev);
949
950 return err;
951}
952
650f726d 953static int set_connectable(struct sock *sk, u16 index, void *data, u16 len)
9fbcbb45 954{
650f726d 955 struct mgmt_mode *cp = data;
9fbcbb45 956 struct hci_dev *hdev;
366a0336 957 struct pending_cmd *cmd;
9fbcbb45
JH		 958 u8 scan;
959 int err;
960
4e51eae9 961 BT_DBG("request for hci%u", index);
9fbcbb45 962
bdce7baf 963 if (len != sizeof(*cp))
ca69b795
JH		 964 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
965 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 966
4e51eae9 967 hdev = hci_dev_get(index);
9fbcbb45 968 if (!hdev)
ca69b795
JH		 969 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
970 MGMT_STATUS_INVALID_PARAMS);
9fbcbb45 971
09fd0de5 972 hci_dev_lock(hdev);
9fbcbb45 973
4b34ee78 974 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 975 bool changed = false;
976
977 if (!!cp->val != test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
978 changed = true;
979
6bf0e469 980 if (cp->val) {
5e5282bb 981 set_bit(HCI_CONNECTABLE, &hdev->dev_flags);
6bf0e469 982 } else {
5e5282bb
JH		 983 clear_bit(HCI_CONNECTABLE, &hdev->dev_flags);
984 clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
985 }
0224d2fa 986
5e5282bb 987 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
0224d2fa
JH		 988 if (err < 0)
989 goto failed;
990
991 if (changed)
992 err = new_settings(hdev, sk);
993
9fbcbb45
JH		 994 goto failed;
995 }
996
2e58ef3e
JH		 997 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
998 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
ca69b795
JH		 999 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
1000 MGMT_STATUS_BUSY);
9fbcbb45
JH		 1001 goto failed;
1002 }
1003
5e5282bb 1004 if (!!cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
69ab39ea 1005 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
9fbcbb45
JH		 1006 goto failed;
1007 }
1008
2e58ef3e 1009 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
366a0336
JH		 1010 if (!cmd) {
1011 err = -ENOMEM;
9fbcbb45 1012 goto failed;
366a0336 1013 }
9fbcbb45 1014
6bf0e469 1015 if (cp->val) {
9fbcbb45 1016 scan = SCAN_PAGE;
6bf0e469 1017 } else {
9fbcbb45
JH		 1018 scan = 0;
1019
df2c6c5e
JH		 1020 if (test_bit(HCI_ISCAN, &hdev->flags) &&
1021 hdev->discov_timeout > 0)
1022 cancel_delayed_work(&hdev->discov_off);
1023 }
1024
9fbcbb45
JH		 1025 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1026 if (err < 0)
a664b5bc 1027 mgmt_pending_remove(cmd);
9fbcbb45
JH		 1028
1029failed:
09fd0de5 1030 hci_dev_unlock(hdev);
9fbcbb45
JH		 1031 hci_dev_put(hdev);
1032
1033 return err;
1034}
1035
650f726d 1036static int set_pairable(struct sock *sk, u16 index, void *data, u16 len)
c542a06c 1037{
650f726d 1038 struct mgmt_mode *cp = data;
c542a06c 1039 struct hci_dev *hdev;
c542a06c
JH		 1040 int err;
1041
4e51eae9 1042 BT_DBG("request for hci%u", index);
c542a06c 1043
bdce7baf 1044 if (len != sizeof(*cp))
ca69b795
JH		 1045 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE,
1046 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1047
4e51eae9 1048 hdev = hci_dev_get(index);
c542a06c 1049 if (!hdev)
ca69b795
JH		 1050 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE,
1051 MGMT_STATUS_INVALID_PARAMS);
c542a06c 1052
09fd0de5 1053 hci_dev_lock(hdev);
c542a06c
JH		 1054
1055 if (cp->val)
a8b2d5c2 1056 set_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1057 else
a8b2d5c2 1058 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1059
69ab39ea 1060 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
c542a06c
JH		 1061 if (err < 0)
1062 goto failed;
1063
beadb2bd 1064 err = new_settings(hdev, sk);
c542a06c
JH		 1065
1066failed:
09fd0de5 1067 hci_dev_unlock(hdev);
c542a06c
JH		 1068 hci_dev_put(hdev);
1069
1070 return err;
1071}
1072
33ef95ed
JH		 1073static int set_link_security(struct sock *sk, u16 index, void *data, u16 len)
1074{
1075 struct mgmt_mode *cp = data;
1076 struct pending_cmd *cmd;
1077 struct hci_dev *hdev;
816a11d5 1078 u8 val;
33ef95ed
JH		 1079 int err;
1080
1081 BT_DBG("request for hci%u", index);
1082
1083 if (len != sizeof(*cp))
1084 return cmd_status(sk, index, MGMT_OP_SET_LINK_SECURITY,
1085 MGMT_STATUS_INVALID_PARAMS);
1086
1087 hdev = hci_dev_get(index);
1088 if (!hdev)
1089 return cmd_status(sk, index, MGMT_OP_SET_LINK_SECURITY,
1090 MGMT_STATUS_INVALID_PARAMS);
1091
1092 hci_dev_lock(hdev);
1093
4b34ee78 1094 if (!hdev_is_powered(hdev)) {
47990ea0
JH		 1095 bool changed = false;
1096
1097 if (!!cp->val != test_bit(HCI_LINK_SECURITY,
1098 &hdev->dev_flags)) {
1099 change_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
1100 changed = true;
1101 }
1102
1103 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1104 if (err < 0)
1105 goto failed;
1106
1107 if (changed)
1108 err = new_settings(hdev, sk);
1109
33ef95ed
JH		 1110 goto failed;
1111 }
1112
1113 if (mgmt_pending_find(MGMT_OP_SET_LINK_SECURITY, hdev)) {
1114 err = cmd_status(sk, index, MGMT_OP_SET_LINK_SECURITY,
1115 MGMT_STATUS_BUSY);
1116 goto failed;
1117 }
1118
1119 val = !!cp->val;
1120
1121 if (test_bit(HCI_AUTH, &hdev->flags) == val) {
1122 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1123 goto failed;
1124 }
1125
1126 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LINK_SECURITY, hdev, data, len);
1127 if (!cmd) {
1128 err = -ENOMEM;
1129 goto failed;
1130 }
1131
1132 err = hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(val), &val);
1133 if (err < 0) {
1134 mgmt_pending_remove(cmd);
1135 goto failed;
1136 }
1137
1138failed:
1139 hci_dev_unlock(hdev);
1140 hci_dev_put(hdev);
1141
1142 return err;
1143}
1144
ed2c4ee3
JH		 1145static int set_ssp(struct sock *sk, u16 index, void *data, u16 len)
1146{
1147 struct mgmt_mode *cp = data;
1148 struct pending_cmd *cmd;
1149 struct hci_dev *hdev;
816a11d5 1150 u8 val;
ed2c4ee3
JH		 1151 int err;
1152
1153 BT_DBG("request for hci%u", index);
1154
1155 if (len != sizeof(*cp))
1156 return cmd_status(sk, index, MGMT_OP_SET_SSP,
1157 MGMT_STATUS_INVALID_PARAMS);
1158
1159 hdev = hci_dev_get(index);
1160 if (!hdev)
1161 return cmd_status(sk, index, MGMT_OP_SET_SSP,
1162 MGMT_STATUS_INVALID_PARAMS);
1163
1164 hci_dev_lock(hdev);
1165
6c8f12c1
JH		 1166 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
1167 err = cmd_status(sk, index, MGMT_OP_SET_SSP,
1168 MGMT_STATUS_NOT_SUPPORTED);
1169 goto failed;
1170 }
1171
c0ecddc2
JH		 1172 val = !!cp->val;
1173
4b34ee78 1174 if (!hdev_is_powered(hdev)) {
c0ecddc2
JH		 1175 bool changed = false;
1176
1177 if (val != test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
1178 change_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
1179 changed = true;
1180 }
1181
1182 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1183 if (err < 0)
1184 goto failed;
1185
1186 if (changed)
1187 err = new_settings(hdev, sk);
1188
ed2c4ee3
JH		 1189 goto failed;
1190 }
1191
1192 if (mgmt_pending_find(MGMT_OP_SET_SSP, hdev)) {
1193 err = cmd_status(sk, index, MGMT_OP_SET_SSP, MGMT_STATUS_BUSY);
1194 goto failed;
1195 }
1196
ed2c4ee3
JH		 1197 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) == val) {
1198 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1199 goto failed;
1200 }
1201
1202 cmd = mgmt_pending_add(sk, MGMT_OP_SET_SSP, hdev, data, len);
1203 if (!cmd) {
1204 err = -ENOMEM;
1205 goto failed;
1206 }
1207
1208 err = hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(val), &val);
1209 if (err < 0) {
1210 mgmt_pending_remove(cmd);
1211 goto failed;
1212 }
1213
1214failed:
1215 hci_dev_unlock(hdev);
1216 hci_dev_put(hdev);
1217
1218 return err;
1219}
1220
6d80dfd0
JH		 1221static int set_hs(struct sock *sk, u16 index, void *data, u16 len)
1222{
1223 struct mgmt_mode *cp = data;
1224 struct hci_dev *hdev;
1225 int err;
1226
1227 BT_DBG("request for hci%u", index);
1228
1229 if (len != sizeof(*cp))
1230 return cmd_status(sk, index, MGMT_OP_SET_HS,
1231 MGMT_STATUS_INVALID_PARAMS);
1232
1233 hdev = hci_dev_get(index);
1234 if (!hdev)
1235 return cmd_status(sk, index, MGMT_OP_SET_HS,
1236 MGMT_STATUS_INVALID_PARAMS);
1237
1238 if (!enable_hs) {
1239 err = cmd_status(sk, index, MGMT_OP_SET_HS,
1240 MGMT_STATUS_NOT_SUPPORTED);
1241 goto failed;
1242 }
1243
1244 if (cp->val)
1245 set_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1246 else
1247 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1248
1249 err = send_settings_rsp(sk, MGMT_OP_SET_HS, hdev);
1250
1251failed:
1252 hci_dev_put(hdev);
1253 return err;
1254}
1255
06199cf8
JH		 1256static int set_le(struct sock *sk, u16 index, void *data, u16 len)
1257{
1258 struct mgmt_mode *cp = data;
1259 struct hci_cp_write_le_host_supported hci_cp;
1260 struct pending_cmd *cmd;
1261 struct hci_dev *hdev;
1262 int err;
1263 u8 val;
1264
1265 BT_DBG("request for hci%u", index);
1266
1267 if (len != sizeof(*cp))
1268 return cmd_status(sk, index, MGMT_OP_SET_LE,
1269 MGMT_STATUS_INVALID_PARAMS);
1270
1271 hdev = hci_dev_get(index);
1272 if (!hdev)
1273 return cmd_status(sk, index, MGMT_OP_SET_LE,
1274 MGMT_STATUS_INVALID_PARAMS);
1275
1276 if (!enable_le || !(hdev->features[4] & LMP_LE)) {
1277 err = cmd_status(sk, index, MGMT_OP_SET_LE,
1278 MGMT_STATUS_NOT_SUPPORTED);
1279 goto failed;
1280 }
1281
1282 val = !!cp->val;
1283
1284 if (!hdev_is_powered(hdev)) {
1285 bool changed = false;
1286
1287 if (val != test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
1288 change_bit(HCI_LE_ENABLED, &hdev->dev_flags);
1289 changed = true;
1290 }
1291
1292 err = send_settings_rsp(sk, MGMT_OP_SET_LE, hdev);
1293 if (err < 0)
1294 goto failed;
1295
1296 if (changed)
1297 err = new_settings(hdev, sk);
1298
1299 goto failed;
1300 }
1301
1302 if (mgmt_pending_find(MGMT_OP_SET_LE, hdev)) {
1303 err = cmd_status(sk, index, MGMT_OP_SET_LE, MGMT_STATUS_BUSY);
1304 goto failed;
1305 }
1306
1307 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LE, hdev, data, len);
1308 if (!cmd) {
1309 err = -ENOMEM;
1310 goto failed;
1311 }
1312
1313 memset(&hci_cp, 0, sizeof(hci_cp));
1314
1315 if (val) {
1316 hci_cp.le = val;
1317 hci_cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
1318 }
1319
1320 err = hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED,
1321 sizeof(hci_cp), &hci_cp);
1322 if (err < 0) {
1323 mgmt_pending_remove(cmd);
1324 goto failed;
1325 }
1326
1327failed:
1328 hci_dev_put(hdev);
1329 return err;
1330}
1331
650f726d 1332static int add_uuid(struct sock *sk, u16 index, void *data, u16 len)
2aeb9a1a 1333{
650f726d 1334 struct mgmt_cp_add_uuid *cp = data;
90e70454 1335 struct pending_cmd *cmd;
2aeb9a1a
JH		 1336 struct hci_dev *hdev;
1337 struct bt_uuid *uuid;
2aeb9a1a
JH		 1338 int err;
1339
4e51eae9 1340 BT_DBG("request for hci%u", index);
2aeb9a1a 1341
bdce7baf 1342 if (len != sizeof(*cp))
ca69b795
JH		 1343 return cmd_status(sk, index, MGMT_OP_ADD_UUID,
1344 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1345
4e51eae9 1346 hdev = hci_dev_get(index);
2aeb9a1a 1347 if (!hdev)
ca69b795
JH		 1348 return cmd_status(sk, index, MGMT_OP_ADD_UUID,
1349 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a 1350
09fd0de5 1351 hci_dev_lock(hdev);
2aeb9a1a 1352
c95f0ba7
JH		 1353 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
1354 err = cmd_status(sk, index, MGMT_OP_ADD_UUID,
1355 MGMT_STATUS_BUSY);
1356 goto failed;
1357 }
1358
2aeb9a1a
JH		 1359 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
1360 if (!uuid) {
1361 err = -ENOMEM;
1362 goto failed;
1363 }
1364
1365 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 1366 uuid->svc_hint = cp->svc_hint;
2aeb9a1a
JH		 1367
1368 list_add(&uuid->list, &hdev->uuids);
1369
1aff6f09
JH		 1370 err = update_class(hdev);
1371 if (err < 0)
1372 goto failed;
1373
80a1e1db
JH		 1374 err = update_eir(hdev);
1375 if (err < 0)
1376 goto failed;
1377
90e70454
JH		 1378 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
1379 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, 0,
1380 hdev->dev_class, 3);
1381 goto failed;
1382 }
1383
1384 cmd = mgmt_pending_add(sk, MGMT_OP_ADD_UUID, hdev, data, len);
1385 if (!cmd) {
1386 err = -ENOMEM;
1387 goto failed;
1388 }
2aeb9a1a
JH		 1389
1390failed:
09fd0de5 1391 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1392 hci_dev_put(hdev);
1393
1394 return err;
1395}
1396
24b78d0f
JH		 1397static bool enable_service_cache(struct hci_dev *hdev)
1398{
1399 if (!hdev_is_powered(hdev))
1400 return false;
1401
1402 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
1403 schedule_delayed_work(&hdev->service_cache,
1404 msecs_to_jiffies(SERVICE_CACHE_TIMEOUT));
1405 return true;
1406 }
1407
1408 return false;
1409}
1410
650f726d 1411static int remove_uuid(struct sock *sk, u16 index, void *data, u16 len)
2aeb9a1a 1412{
650f726d 1413 struct mgmt_cp_remove_uuid *cp = data;
90e70454 1414 struct pending_cmd *cmd;
2aeb9a1a 1415 struct list_head *p, *n;
2aeb9a1a
JH		 1416 struct hci_dev *hdev;
1417 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
2aeb9a1a
JH		 1418 int err, found;
1419
4e51eae9 1420 BT_DBG("request for hci%u", index);
2aeb9a1a 1421
bdce7baf 1422 if (len != sizeof(*cp))
ca69b795
JH		 1423 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
1424 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1425
4e51eae9 1426 hdev = hci_dev_get(index);
2aeb9a1a 1427 if (!hdev)
ca69b795
JH		 1428 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
1429 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a 1430
09fd0de5 1431 hci_dev_lock(hdev);
2aeb9a1a 1432
c95f0ba7
JH		 1433 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
1434 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
1435 MGMT_STATUS_BUSY);
1436 goto unlock;
1437 }
1438
2aeb9a1a
JH		 1439 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
1440 err = hci_uuids_clear(hdev);
4004b6d9 1441
24b78d0f
JH		 1442 if (enable_service_cache(hdev)) {
1443 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, 0,
1444 hdev->dev_class, 3);
1445 goto unlock;
1446 }
4004b6d9 1447
9246a869 1448 goto update_class;
2aeb9a1a
JH		 1449 }
1450
1451 found = 0;
1452
1453 list_for_each_safe(p, n, &hdev->uuids) {
1454 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
1455
1456 if (memcmp(match->uuid, cp->uuid, 16) != 0)
1457 continue;
1458
1459 list_del(&match->list);
1460 found++;
1461 }
1462
1463 if (found == 0) {
ca69b795
JH		 1464 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
1465 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a
JH		 1466 goto unlock;
1467 }
1468
9246a869 1469update_class:
1aff6f09
JH		 1470 err = update_class(hdev);
1471 if (err < 0)
1472 goto unlock;
1473
80a1e1db
JH		 1474 err = update_eir(hdev);
1475 if (err < 0)
1476 goto unlock;
1477
90e70454
JH		 1478 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
1479 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, 0,
9997a533 1480 hdev->dev_class, 3);
90e70454
JH		 1481 goto unlock;
1482 }
1483
1484 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_UUID, hdev, data, len);
1485 if (!cmd) {
1486 err = -ENOMEM;
1487 goto unlock;
1488 }
2aeb9a1a
JH		 1489
1490unlock:
09fd0de5 1491 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1492 hci_dev_put(hdev);
1493
1494 return err;
1495}
1496
650f726d 1497static int set_dev_class(struct sock *sk, u16 index, void *data, u16 len)
1aff6f09
JH		 1498{
1499 struct hci_dev *hdev;
650f726d 1500 struct mgmt_cp_set_dev_class *cp = data;
90e70454 1501 struct pending_cmd *cmd;
1aff6f09
JH		 1502 int err;
1503
4e51eae9 1504 BT_DBG("request for hci%u", index);
1aff6f09 1505
bdce7baf 1506 if (len != sizeof(*cp))
ca69b795
JH		 1507 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
1508 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1509
4e51eae9 1510 hdev = hci_dev_get(index);
1aff6f09 1511 if (!hdev)
ca69b795
JH		 1512 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
1513 MGMT_STATUS_INVALID_PARAMS);
1aff6f09 1514
09fd0de5 1515 hci_dev_lock(hdev);
1aff6f09 1516
c95f0ba7
JH		 1517 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
1518 err = cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
1519 MGMT_STATUS_BUSY);
1520 goto unlock;
1521 }
1522
932f5ff5
JH		 1523 hdev->major_class = cp->major;
1524 hdev->minor_class = cp->minor;
1525
b5235a65 1526 if (!hdev_is_powered(hdev)) {
932f5ff5
JH		 1527 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, 0,
1528 hdev->dev_class, 3);
b5235a65
JH		 1529 goto unlock;
1530 }
1531
a8b2d5c2 1532 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
7d78525d
JH		 1533 hci_dev_unlock(hdev);
1534 cancel_delayed_work_sync(&hdev->service_cache);
1535 hci_dev_lock(hdev);
14c0b608 1536 update_eir(hdev);
7d78525d 1537 }
14c0b608 1538
1aff6f09 1539 err = update_class(hdev);
90e70454
JH		 1540 if (err < 0)
1541 goto unlock;
1aff6f09 1542
90e70454 1543 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
aee9b218 1544 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, 0,
8ec37034 1545 hdev->dev_class, 3);
90e70454
JH		 1546 goto unlock;
1547 }
1548
1549 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DEV_CLASS, hdev, data, len);
1550 if (!cmd) {
1551 err = -ENOMEM;
1552 goto unlock;
1553 }
1aff6f09 1554
b5235a65 1555unlock:
09fd0de5 1556 hci_dev_unlock(hdev);
1aff6f09
JH		 1557 hci_dev_put(hdev);
1558
1559 return err;
1560}
1561
650f726d 1562static int load_link_keys(struct sock *sk, u16 index, void *data, u16 len)
55ed8ca1
JH		 1563{
1564 struct hci_dev *hdev;
650f726d 1565 struct mgmt_cp_load_link_keys *cp = data;
4e51eae9 1566 u16 key_count, expected_len;
a492cd52 1567 int i;
55ed8ca1 1568
bdce7baf 1569 if (len < sizeof(*cp))
ca69b795
JH		 1570 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1571 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1572
55ed8ca1
JH		 1573 key_count = get_unaligned_le16(&cp->key_count);
1574
86742e1e
JH		 1575 expected_len = sizeof(*cp) + key_count *
1576 sizeof(struct mgmt_link_key_info);
a492cd52 1577 if (expected_len != len) {
86742e1e 1578 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
a492cd52 1579 len, expected_len);
ca69b795
JH		 1580 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1581 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1
JH		 1582 }
1583
4e51eae9 1584 hdev = hci_dev_get(index);
55ed8ca1 1585 if (!hdev)
ca69b795
JH		 1586 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1587 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1 1588
4e51eae9 1589 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys,
55ed8ca1
JH		 1590 key_count);
1591
09fd0de5 1592 hci_dev_lock(hdev);
55ed8ca1
JH		 1593
1594 hci_link_keys_clear(hdev);
1595
a8b2d5c2 1596 set_bit(HCI_LINK_KEYS, &hdev->dev_flags);
55ed8ca1
JH		 1597
1598 if (cp->debug_keys)
a8b2d5c2 1599 set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1600 else
a8b2d5c2 1601 clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1602
a492cd52 1603 for (i = 0; i < key_count; i++) {
86742e1e 1604 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 1605
d753fdc4
JH		 1606 hci_add_link_key(hdev, NULL, 0, &key->addr.bdaddr, key->val,
1607 key->type, key->pin_len);
55ed8ca1
JH		 1608 }
1609
aee9b218 1610 cmd_complete(sk, index, MGMT_OP_LOAD_LINK_KEYS, 0, NULL, 0);
0e5f875a 1611
09fd0de5 1612 hci_dev_unlock(hdev);
55ed8ca1
JH		 1613 hci_dev_put(hdev);
1614
a492cd52 1615 return 0;
55ed8ca1
JH		 1616}
1617
b1078ad0
JH		 1618static int device_unpaired(struct hci_dev *hdev, bdaddr_t *bdaddr,
1619 u8 addr_type, struct sock *skip_sk)
1620{
1621 struct mgmt_ev_device_unpaired ev;
1622
1623 bacpy(&ev.addr.bdaddr, bdaddr);
1624 ev.addr.type = addr_type;
1625
1626 return mgmt_event(MGMT_EV_DEVICE_UNPAIRED, hdev, &ev, sizeof(ev),
1627 skip_sk);
1628}
1629
124f6e35 1630static int unpair_device(struct sock *sk, u16 index, void *data, u16 len)
55ed8ca1
JH		 1631{
1632 struct hci_dev *hdev;
124f6e35
JH		 1633 struct mgmt_cp_unpair_device *cp = data;
1634 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 1635 struct hci_cp_disconnect dc;
1636 struct pending_cmd *cmd;
55ed8ca1 1637 struct hci_conn *conn;
55ed8ca1
JH		 1638 int err;
1639
bdce7baf 1640 if (len != sizeof(*cp))
124f6e35 1641 return cmd_status(sk, index, MGMT_OP_UNPAIR_DEVICE,
ca69b795 1642 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1643
4e51eae9 1644 hdev = hci_dev_get(index);
55ed8ca1 1645 if (!hdev)
124f6e35 1646 return cmd_status(sk, index, MGMT_OP_UNPAIR_DEVICE,
ca69b795 1647 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1 1648
09fd0de5 1649 hci_dev_lock(hdev);
55ed8ca1 1650
a8a1d19e 1651 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 1652 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1653 rp.addr.type = cp->addr.type;
a8a1d19e 1654
86a8cfc6
JH		 1655 if (!hdev_is_powered(hdev)) {
1656 err = cmd_complete(sk, index, MGMT_OP_UNPAIR_DEVICE,
1657 MGMT_STATUS_NOT_POWERED,
1658 &rp, sizeof(rp));
1659 goto unlock;
1660 }
1661
124f6e35
JH		 1662 if (cp->addr.type == MGMT_ADDR_BREDR)
1663 err = hci_remove_link_key(hdev, &cp->addr.bdaddr);
1664 else
1665 err = hci_remove_ltk(hdev, &cp->addr.bdaddr);
b0dbfb46 1666
55ed8ca1 1667 if (err < 0) {
86a8cfc6
JH		 1668 err = cmd_complete(sk, index, MGMT_OP_UNPAIR_DEVICE,
1669 MGMT_STATUS_NOT_PAIRED,
1670 &rp, sizeof(rp));
55ed8ca1
JH		 1671 goto unlock;
1672 }
1673
86a8cfc6
JH		 1674 if (cp->disconnect) {
1675 if (cp->addr.type == MGMT_ADDR_BREDR)
1676 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
124f6e35 1677 &cp->addr.bdaddr);
86a8cfc6
JH		 1678 else
1679 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK,
124f6e35 1680 &cp->addr.bdaddr);
86a8cfc6
JH		 1681 } else {
1682 conn = NULL;
1683 }
124f6e35 1684
a8a1d19e 1685 if (!conn) {
86a8cfc6 1686 err = cmd_complete(sk, index, MGMT_OP_UNPAIR_DEVICE, 0,
aee9b218 1687 &rp, sizeof(rp));
b1078ad0 1688 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
a8a1d19e
JH		 1689 goto unlock;
1690 }
55ed8ca1 1691
124f6e35
JH		 1692 cmd = mgmt_pending_add(sk, MGMT_OP_UNPAIR_DEVICE, hdev, cp,
1693 sizeof(*cp));
a8a1d19e
JH		 1694 if (!cmd) {
1695 err = -ENOMEM;
1696 goto unlock;
55ed8ca1
JH		 1697 }
1698
a8a1d19e
JH		 1699 put_unaligned_le16(conn->handle, &dc.handle);
1700 dc.reason = 0x13; /* Remote User Terminated Connection */
1701 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1702 if (err < 0)
1703 mgmt_pending_remove(cmd);
1704
55ed8ca1 1705unlock:
09fd0de5 1706 hci_dev_unlock(hdev);
55ed8ca1
JH		 1707 hci_dev_put(hdev);
1708
1709 return err;
1710}
1711
650f726d 1712static int disconnect(struct sock *sk, u16 index, void *data, u16 len)
8962ee74
JH		 1713{
1714 struct hci_dev *hdev;
650f726d 1715 struct mgmt_cp_disconnect *cp = data;
8962ee74 1716 struct hci_cp_disconnect dc;
366a0336 1717 struct pending_cmd *cmd;
8962ee74 1718 struct hci_conn *conn;
8962ee74
JH		 1719 int err;
1720
1721 BT_DBG("");
1722
bdce7baf 1723 if (len != sizeof(*cp))
ca69b795
JH		 1724 return cmd_status(sk, index, MGMT_OP_DISCONNECT,
1725 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1726
4e51eae9 1727 hdev = hci_dev_get(index);
8962ee74 1728 if (!hdev)
ca69b795
JH		 1729 return cmd_status(sk, index, MGMT_OP_DISCONNECT,
1730 MGMT_STATUS_INVALID_PARAMS);
8962ee74 1731
09fd0de5 1732 hci_dev_lock(hdev);
8962ee74
JH		 1733
1734 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 1735 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1736 MGMT_STATUS_NOT_POWERED);
8962ee74
JH		 1737 goto failed;
1738 }
1739
2e58ef3e 1740 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
ca69b795
JH		 1741 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1742 MGMT_STATUS_BUSY);
8962ee74
JH		 1743 goto failed;
1744 }
1745
88c3df13
JH		 1746 if (cp->addr.type == MGMT_ADDR_BREDR)
1747 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
1748 else
1749 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr);
365227e5 1750
8962ee74 1751 if (!conn) {
ca69b795
JH		 1752 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1753 MGMT_STATUS_NOT_CONNECTED);
8962ee74
JH		 1754 goto failed;
1755 }
1756
2e58ef3e 1757 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
366a0336
JH		 1758 if (!cmd) {
1759 err = -ENOMEM;
8962ee74 1760 goto failed;
366a0336 1761 }
8962ee74
JH		 1762
1763 put_unaligned_le16(conn->handle, &dc.handle);
1764 dc.reason = 0x13; /* Remote User Terminated Connection */
1765
1766 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1767 if (err < 0)
a664b5bc 1768 mgmt_pending_remove(cmd);
8962ee74
JH		 1769
1770failed:
09fd0de5 1771 hci_dev_unlock(hdev);
8962ee74
JH		 1772 hci_dev_put(hdev);
1773
1774 return err;
1775}
1776
48264f06 1777static u8 link_to_mgmt(u8 link_type, u8 addr_type)
4c659c39
JH		 1778{
1779 switch (link_type) {
1780 case LE_LINK:
48264f06
JH		 1781 switch (addr_type) {
1782 case ADDR_LE_DEV_PUBLIC:
1783 return MGMT_ADDR_LE_PUBLIC;
1784 case ADDR_LE_DEV_RANDOM:
1785 return MGMT_ADDR_LE_RANDOM;
1786 default:
1787 return MGMT_ADDR_INVALID;
1788 }
4c659c39
JH		 1789 case ACL_LINK:
1790 return MGMT_ADDR_BREDR;
1791 default:
1792 return MGMT_ADDR_INVALID;
1793 }
1794}
1795
8ce6284e 1796static int get_connections(struct sock *sk, u16 index)
2784eb41 1797{
2784eb41
JH		 1798 struct mgmt_rp_get_connections *rp;
1799 struct hci_dev *hdev;
8035ded4 1800 struct hci_conn *c;
a38528f1 1801 size_t rp_len;
60fc5fb6
JH		 1802 int err;
1803 u16 i;
2784eb41
JH		 1804
1805 BT_DBG("");
1806
4e51eae9 1807 hdev = hci_dev_get(index);
2784eb41 1808 if (!hdev)
ca69b795
JH		 1809 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS,
1810 MGMT_STATUS_INVALID_PARAMS);
2784eb41 1811
09fd0de5 1812 hci_dev_lock(hdev);
2784eb41 1813
5f97c1df
JH		 1814 if (!hdev_is_powered(hdev)) {
1815 err = cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS,
1816 MGMT_STATUS_NOT_POWERED);
1817 goto unlock;
1818 }
1819
60fc5fb6 1820 i = 0;
b644ba33
JH		 1821 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1822 if (test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
60fc5fb6 1823 i++;
2784eb41
JH		 1824 }
1825
60fc5fb6 1826 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
a38528f1
JH		 1827 rp = kmalloc(rp_len, GFP_ATOMIC);
1828 if (!rp) {
2784eb41
JH		 1829 err = -ENOMEM;
1830 goto unlock;
1831 }
1832
2784eb41 1833 i = 0;
4c659c39 1834 list_for_each_entry(c, &hdev->conn_hash.list, list) {
b644ba33
JH		 1835 if (!test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
1836 continue;
4c659c39 1837 bacpy(&rp->addr[i].bdaddr, &c->dst);
48264f06 1838 rp->addr[i].type = link_to_mgmt(c->type, c->dst_type);
4c659c39
JH		 1839 if (rp->addr[i].type == MGMT_ADDR_INVALID)
1840 continue;
1841 i++;
1842 }
1843
60fc5fb6
JH		 1844 put_unaligned_le16(i, &rp->conn_count);
1845
4c659c39
JH		 1846 /* Recalculate length in case of filtered SCO connections, etc */
1847 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
2784eb41 1848
aee9b218 1849 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, 0, rp, rp_len);
2784eb41 1850
a38528f1 1851 kfree(rp);
5f97c1df
JH		 1852
1853unlock:
09fd0de5 1854 hci_dev_unlock(hdev);
2784eb41
JH		 1855 hci_dev_put(hdev);
1856 return err;
1857}
1858
96d97a67
WR		 1859static int send_pin_code_neg_reply(struct sock *sk, u16 index,
1860 struct hci_dev *hdev, struct mgmt_cp_pin_code_neg_reply *cp)
1861{
1862 struct pending_cmd *cmd;
1863 int err;
1864
2e58ef3e 1865 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
96d97a67
WR		 1866 sizeof(*cp));
1867 if (!cmd)
1868 return -ENOMEM;
1869
d8457698
JH		 1870 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
1871 sizeof(cp->addr.bdaddr), &cp->addr.bdaddr);
96d97a67
WR		 1872 if (err < 0)
1873 mgmt_pending_remove(cmd);
1874
1875 return err;
1876}
1877
650f726d 1878static int pin_code_reply(struct sock *sk, u16 index, void *data, u16 len)
980e1a53
JH		 1879{
1880 struct hci_dev *hdev;
96d97a67 1881 struct hci_conn *conn;
650f726d 1882 struct mgmt_cp_pin_code_reply *cp = data;
980e1a53 1883 struct hci_cp_pin_code_reply reply;
366a0336 1884 struct pending_cmd *cmd;
980e1a53
JH		 1885 int err;
1886
1887 BT_DBG("");
1888
bdce7baf 1889 if (len != sizeof(*cp))
ca69b795
JH		 1890 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1891 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1892
4e51eae9 1893 hdev = hci_dev_get(index);
980e1a53 1894 if (!hdev)
ca69b795
JH		 1895 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1896 MGMT_STATUS_INVALID_PARAMS);
980e1a53 1897
09fd0de5 1898 hci_dev_lock(hdev);
980e1a53 1899
4b34ee78 1900 if (!hdev_is_powered(hdev)) {
ca69b795
JH		 1901 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1902 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1903 goto failed;
1904 }
1905
d8457698 1906 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
96d97a67 1907 if (!conn) {
ca69b795
JH		 1908 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1909 MGMT_STATUS_NOT_CONNECTED);
96d97a67
WR		 1910 goto failed;
1911 }
1912
1913 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
d8457698
JH		 1914 struct mgmt_cp_pin_code_neg_reply ncp;
1915
1916 memcpy(&ncp.addr, &cp->addr, sizeof(ncp.addr));
96d97a67
WR		 1917
1918 BT_ERR("PIN code is not 16 bytes long");
1919
1920 err = send_pin_code_neg_reply(sk, index, hdev, &ncp);
1921 if (err >= 0)
1922 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
ca69b795 1923 MGMT_STATUS_INVALID_PARAMS);
96d97a67
WR		 1924
1925 goto failed;
1926 }
1927
650f726d
VCG		 1928 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data,
1929 len);
366a0336
JH		 1930 if (!cmd) {
1931 err = -ENOMEM;
980e1a53 1932 goto failed;
366a0336 1933 }
980e1a53 1934
d8457698 1935 bacpy(&reply.bdaddr, &cp->addr.bdaddr);
980e1a53 1936 reply.pin_len = cp->pin_len;
24718ca5 1937 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 1938
1939 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1940 if (err < 0)
a664b5bc 1941 mgmt_pending_remove(cmd);
980e1a53
JH		 1942
1943failed:
09fd0de5 1944 hci_dev_unlock(hdev);
980e1a53
JH		 1945 hci_dev_put(hdev);
1946
1947 return err;
1948}
1949
650f726d 1950static int pin_code_neg_reply(struct sock *sk, u16 index, void *data, u16 len)
980e1a53
JH		 1951{
1952 struct hci_dev *hdev;
650f726d 1953 struct mgmt_cp_pin_code_neg_reply *cp = data;
980e1a53
JH		 1954 int err;
1955
1956 BT_DBG("");
1957
bdce7baf
SJ		 1958 if (len != sizeof(*cp))
1959 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
ca69b795 1960 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1961
4e51eae9 1962 hdev = hci_dev_get(index);
980e1a53 1963 if (!hdev)
4e51eae9 1964 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
ca69b795 1965 MGMT_STATUS_INVALID_PARAMS);
980e1a53 1966
09fd0de5 1967 hci_dev_lock(hdev);
980e1a53 1968
4b34ee78 1969 if (!hdev_is_powered(hdev)) {
4e51eae9 1970 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
ca69b795 1971 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1972 goto failed;
1973 }
1974
96d97a67 1975 err = send_pin_code_neg_reply(sk, index, hdev, cp);
980e1a53
JH		 1976
1977failed:
09fd0de5 1978 hci_dev_unlock(hdev);
980e1a53
JH		 1979 hci_dev_put(hdev);
1980
1981 return err;
1982}
1983
650f726d 1984static int set_io_capability(struct sock *sk, u16 index, void *data, u16 len)
17fa4b9d
JH		 1985{
1986 struct hci_dev *hdev;
650f726d 1987 struct mgmt_cp_set_io_capability *cp = data;
17fa4b9d
JH		 1988
1989 BT_DBG("");
1990
bdce7baf 1991 if (len != sizeof(*cp))
ca69b795
JH		 1992 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY,
1993 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1994
4e51eae9 1995 hdev = hci_dev_get(index);
17fa4b9d 1996 if (!hdev)
ca69b795
JH		 1997 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY,
1998 MGMT_STATUS_INVALID_PARAMS);
17fa4b9d 1999
09fd0de5 2000 hci_dev_lock(hdev);
17fa4b9d
JH		 2001
2002 hdev->io_capability = cp->io_capability;
2003
2004 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
b8534e0f 2005 hdev->io_capability);
17fa4b9d 2006
09fd0de5 2007 hci_dev_unlock(hdev);
17fa4b9d
JH		 2008 hci_dev_put(hdev);
2009
aee9b218 2010 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, 0, NULL, 0);
17fa4b9d
JH		 2011}
2012
e9a416b5
JH		 2013static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
2014{
2015 struct hci_dev *hdev = conn->hdev;
8035ded4 2016 struct pending_cmd *cmd;
e9a416b5 2017
2e58ef3e 2018 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
e9a416b5
JH		 2019 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
2020 continue;
2021
e9a416b5
JH		 2022 if (cmd->user_data != conn)
2023 continue;
2024
2025 return cmd;
2026 }
2027
2028 return NULL;
2029}
2030
2031static void pairing_complete(struct pending_cmd *cmd, u8 status)
2032{
2033 struct mgmt_rp_pair_device rp;
2034 struct hci_conn *conn = cmd->user_data;
2035
ba4e564f
JH		 2036 bacpy(&rp.addr.bdaddr, &conn->dst);
2037 rp.addr.type = link_to_mgmt(conn->type, conn->dst_type);
e9a416b5 2038
aee9b218
JH		 2039 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, status,
2040 &rp, sizeof(rp));
e9a416b5
JH		 2041
2042 /* So we don't get further callbacks for this connection */
2043 conn->connect_cfm_cb = NULL;
2044 conn->security_cfm_cb = NULL;
2045 conn->disconn_cfm_cb = NULL;
2046
2047 hci_conn_put(conn);
2048
a664b5bc 2049 mgmt_pending_remove(cmd);
e9a416b5
JH		 2050}
2051
2052static void pairing_complete_cb(struct hci_conn *conn, u8 status)
2053{
2054 struct pending_cmd *cmd;
2055
2056 BT_DBG("status %u", status);
2057
2058 cmd = find_pairing(conn);
56e5cb86 2059 if (!cmd)
e9a416b5 2060 BT_DBG("Unable to find a pending command");
56e5cb86 2061 else
e211326c 2062 pairing_complete(cmd, mgmt_status(status));
e9a416b5
JH		 2063}
2064
650f726d 2065static int pair_device(struct sock *sk, u16 index, void *data, u16 len)
e9a416b5
JH		 2066{
2067 struct hci_dev *hdev;
650f726d 2068 struct mgmt_cp_pair_device *cp = data;
1425acb7 2069 struct mgmt_rp_pair_device rp;
e9a416b5
JH		 2070 struct pending_cmd *cmd;
2071 u8 sec_level, auth_type;
2072 struct hci_conn *conn;
e9a416b5
JH		 2073 int err;
2074
2075 BT_DBG("");
2076
bdce7baf 2077 if (len != sizeof(*cp))
ca69b795
JH		 2078 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
2079 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 2080
4e51eae9 2081 hdev = hci_dev_get(index);
e9a416b5 2082 if (!hdev)
ca69b795
JH		 2083 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
2084 MGMT_STATUS_INVALID_PARAMS);
e9a416b5 2085
09fd0de5 2086 hci_dev_lock(hdev);
e9a416b5 2087
5f97c1df
JH		 2088 if (!hdev_is_powered(hdev)) {
2089 err = cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
2090 MGMT_STATUS_NOT_POWERED);
2091 goto unlock;
2092 }
2093
c908df36
VCG		 2094 sec_level = BT_SECURITY_MEDIUM;
2095 if (cp->io_cap == 0x03)
e9a416b5 2096 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 2097 else
e9a416b5 2098 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 2099
ba4e564f
JH		 2100 if (cp->addr.type == MGMT_ADDR_BREDR)
2101 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr, sec_level,
7a512d01
VCG		 2102 auth_type);
2103 else
ba4e564f 2104 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr, sec_level,
7a512d01
VCG		 2105 auth_type);
2106
1425acb7
JH		 2107 memset(&rp, 0, sizeof(rp));
2108 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
2109 rp.addr.type = cp->addr.type;
2110
30e76272 2111 if (IS_ERR(conn)) {
e211326c
JH		 2112 err = cmd_complete(sk, index, MGMT_OP_PAIR_DEVICE,
2113 MGMT_STATUS_CONNECT_FAILED,
2114 &rp, sizeof(rp));
e9a416b5
JH		 2115 goto unlock;
2116 }
2117
2118 if (conn->connect_cfm_cb) {
2119 hci_conn_put(conn);
e211326c
JH		 2120 err = cmd_complete(sk, index, MGMT_OP_PAIR_DEVICE,
2121 MGMT_STATUS_BUSY, &rp, sizeof(rp));
e9a416b5
JH		 2122 goto unlock;
2123 }
2124
2e58ef3e 2125 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
e9a416b5
JH		 2126 if (!cmd) {
2127 err = -ENOMEM;
2128 hci_conn_put(conn);
2129 goto unlock;
2130 }
2131
7a512d01 2132 /* For LE, just connecting isn't a proof that the pairing finished */
ba4e564f 2133 if (cp->addr.type == MGMT_ADDR_BREDR)
7a512d01
VCG		 2134 conn->connect_cfm_cb = pairing_complete_cb;
2135
e9a416b5
JH		 2136 conn->security_cfm_cb = pairing_complete_cb;
2137 conn->disconn_cfm_cb = pairing_complete_cb;
2138 conn->io_capability = cp->io_cap;
2139 cmd->user_data = conn;
2140
2141 if (conn->state == BT_CONNECTED &&
2142 hci_conn_security(conn, sec_level, auth_type))
2143 pairing_complete(cmd, 0);
2144
2145 err = 0;
2146
2147unlock:
09fd0de5 2148 hci_dev_unlock(hdev);
e9a416b5
JH		 2149 hci_dev_put(hdev);
2150
2151 return err;
2152}
2153
28424707
JH		 2154static int cancel_pair_device(struct sock *sk, u16 index,
2155 unsigned char *data, u16 len)
2156{
2157 struct mgmt_addr_info *addr = (void *) data;
2158 struct hci_dev *hdev;
2159 struct pending_cmd *cmd;
2160 struct hci_conn *conn;
2161 int err;
2162
2163 BT_DBG("");
2164
2165 if (len != sizeof(*addr))
2166 return cmd_status(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE,
2167 MGMT_STATUS_INVALID_PARAMS);
2168
2169 hdev = hci_dev_get(index);
2170 if (!hdev)
2171 return cmd_status(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE,
2172 MGMT_STATUS_INVALID_PARAMS);
2173
2174 hci_dev_lock(hdev);
2175
5f97c1df
JH		 2176 if (!hdev_is_powered(hdev)) {
2177 err = cmd_status(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE,
2178 MGMT_STATUS_NOT_POWERED);
2179 goto unlock;
2180 }
2181
28424707
JH		 2182 cmd = mgmt_pending_find(MGMT_OP_PAIR_DEVICE, hdev);
2183 if (!cmd) {
2184 err = cmd_status(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE,
2185 MGMT_STATUS_INVALID_PARAMS);
2186 goto unlock;
2187 }
2188
2189 conn = cmd->user_data;
2190
2191 if (bacmp(&addr->bdaddr, &conn->dst) != 0) {
2192 err = cmd_status(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE,
2193 MGMT_STATUS_INVALID_PARAMS);
2194 goto unlock;
2195 }
2196
2197 pairing_complete(cmd, MGMT_STATUS_CANCELLED);
2198
aee9b218 2199 err = cmd_complete(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE, 0, addr,
28424707
JH		 2200 sizeof(*addr));
2201unlock:
2202 hci_dev_unlock(hdev);
2203 hci_dev_put(hdev);
2204
2205 return err;
2206}
2207
0df4c185 2208static int user_pairing_resp(struct sock *sk, u16 index, bdaddr_t *bdaddr,
272d90df
JH		 2209 u8 type, u16 mgmt_op, u16 hci_op,
2210 __le32 passkey)
a5c29683 2211{
a5c29683
JH		 2212 struct pending_cmd *cmd;
2213 struct hci_dev *hdev;
0df4c185 2214 struct hci_conn *conn;
a5c29683
JH		 2215 int err;
2216
4e51eae9 2217 hdev = hci_dev_get(index);
a5c29683 2218 if (!hdev)
ca69b795
JH		 2219 return cmd_status(sk, index, mgmt_op,
2220 MGMT_STATUS_INVALID_PARAMS);
a5c29683 2221
09fd0de5 2222 hci_dev_lock(hdev);
08ba5382 2223
4b34ee78 2224 if (!hdev_is_powered(hdev)) {
0df4c185
BG		 2225 err = cmd_status(sk, index, mgmt_op, MGMT_STATUS_NOT_POWERED);
2226 goto done;
a5c29683
JH		 2227 }
2228
272d90df
JH		 2229 if (type == MGMT_ADDR_BREDR)
2230 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, bdaddr);
2231 else
47c15e2b 2232 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, bdaddr);
272d90df
JH		 2233
2234 if (!conn) {
2235 err = cmd_status(sk, index, mgmt_op,
47c15e2b 2236 MGMT_STATUS_NOT_CONNECTED);
272d90df
JH		 2237 goto done;
2238 }
47c15e2b 2239
272d90df 2240 if (type == MGMT_ADDR_LE_PUBLIC || type == MGMT_ADDR_LE_RANDOM) {
47c15e2b 2241 /* Continue with pairing via SMP */
5fe57d9e
BG		 2242 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
2243
2244 if (!err)
2245 err = cmd_status(sk, index, mgmt_op,
2246 MGMT_STATUS_SUCCESS);
2247 else
2248 err = cmd_status(sk, index, mgmt_op,
2249 MGMT_STATUS_FAILED);
47c15e2b 2250
47c15e2b
BG		 2251 goto done;
2252 }
2253
0df4c185 2254 cmd = mgmt_pending_add(sk, mgmt_op, hdev, bdaddr, sizeof(*bdaddr));
a5c29683
JH		 2255 if (!cmd) {
2256 err = -ENOMEM;
0df4c185 2257 goto done;
a5c29683
JH		 2258 }
2259
0df4c185 2260 /* Continue with pairing via HCI */
604086b7
BG		 2261 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
2262 struct hci_cp_user_passkey_reply cp;
2263
2264 bacpy(&cp.bdaddr, bdaddr);
2265 cp.passkey = passkey;
2266 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
2267 } else
2268 err = hci_send_cmd(hdev, hci_op, sizeof(*bdaddr), bdaddr);
2269
a664b5bc
JH		 2270 if (err < 0)
2271 mgmt_pending_remove(cmd);
a5c29683 2272
0df4c185 2273done:
09fd0de5 2274 hci_dev_unlock(hdev);
a5c29683
JH		 2275 hci_dev_put(hdev);
2276
2277 return err;
2278}
2279
0df4c185
BG		 2280static int user_confirm_reply(struct sock *sk, u16 index, void *data, u16 len)
2281{
650f726d 2282 struct mgmt_cp_user_confirm_reply *cp = data;
0df4c185
BG		 2283
2284 BT_DBG("");
2285
2286 if (len != sizeof(*cp))
2287 return cmd_status(sk, index, MGMT_OP_USER_CONFIRM_REPLY,
2288 MGMT_STATUS_INVALID_PARAMS);
2289
272d90df
JH		 2290 return user_pairing_resp(sk, index, &cp->addr.bdaddr, cp->addr.type,
2291 MGMT_OP_USER_CONFIRM_REPLY,
2292 HCI_OP_USER_CONFIRM_REPLY, 0);
0df4c185
BG		 2293}
2294
2295static int user_confirm_neg_reply(struct sock *sk, u16 index, void *data,
2296 u16 len)
2297{
c9c2659f 2298 struct mgmt_cp_user_confirm_neg_reply *cp = data;
0df4c185
BG		 2299
2300 BT_DBG("");
2301
2302 if (len != sizeof(*cp))
2303 return cmd_status(sk, index, MGMT_OP_USER_CONFIRM_NEG_REPLY,
2304 MGMT_STATUS_INVALID_PARAMS);
2305
272d90df
JH		 2306 return user_pairing_resp(sk, index, &cp->addr.bdaddr, cp->addr.type,
2307 MGMT_OP_USER_CONFIRM_NEG_REPLY,
2308 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
0df4c185
BG		 2309}
2310
604086b7
BG		 2311static int user_passkey_reply(struct sock *sk, u16 index, void *data, u16 len)
2312{
650f726d 2313 struct mgmt_cp_user_passkey_reply *cp = data;
604086b7
BG		 2314
2315 BT_DBG("");
2316
2317 if (len != sizeof(*cp))
2318 return cmd_status(sk, index, MGMT_OP_USER_PASSKEY_REPLY,
2319 EINVAL);
2320
272d90df
JH		 2321 return user_pairing_resp(sk, index, &cp->addr.bdaddr, cp->addr.type,
2322 MGMT_OP_USER_PASSKEY_REPLY,
2323 HCI_OP_USER_PASSKEY_REPLY,
2324 cp->passkey);
604086b7
BG		 2325}
2326
2327static int user_passkey_neg_reply(struct sock *sk, u16 index, void *data,
2328 u16 len)
2329{
650f726d 2330 struct mgmt_cp_user_passkey_neg_reply *cp = data;
604086b7
BG		 2331
2332 BT_DBG("");
2333
2334 if (len != sizeof(*cp))
2335 return cmd_status(sk, index, MGMT_OP_USER_PASSKEY_NEG_REPLY,
2336 EINVAL);
2337
272d90df
JH		 2338 return user_pairing_resp(sk, index, &cp->addr.bdaddr, cp->addr.type,
2339 MGMT_OP_USER_PASSKEY_NEG_REPLY,
2340 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
604086b7
BG		 2341}
2342
650f726d 2343static int set_local_name(struct sock *sk, u16 index, void *data,
b312b161
JH		 2344 u16 len)
2345{
650f726d 2346 struct mgmt_cp_set_local_name *mgmt_cp = data;
b312b161
JH		 2347 struct hci_cp_write_local_name hci_cp;
2348 struct hci_dev *hdev;
2349 struct pending_cmd *cmd;
2350 int err;
2351
2352 BT_DBG("");
2353
2354 if (len != sizeof(*mgmt_cp))
ca69b795
JH		 2355 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME,
2356 MGMT_STATUS_INVALID_PARAMS);
b312b161
JH		 2357
2358 hdev = hci_dev_get(index);
2359 if (!hdev)
ca69b795
JH		 2360 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME,
2361 MGMT_STATUS_INVALID_PARAMS);
b312b161 2362
09fd0de5 2363 hci_dev_lock(hdev);
b312b161 2364
28cc7bde
JH		 2365 memcpy(hdev->short_name, mgmt_cp->short_name,
2366 sizeof(hdev->short_name));
2367
b5235a65 2368 if (!hdev_is_powered(hdev)) {
28cc7bde
JH		 2369 memcpy(hdev->dev_name, mgmt_cp->name, sizeof(hdev->dev_name));
2370
2371 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
2372 data, len);
2373 if (err < 0)
2374 goto failed;
2375
2376 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, data, len,
2377 sk);
2378
b5235a65
JH		 2379 goto failed;
2380 }
2381
28cc7bde 2382 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
b312b161
JH		 2383 if (!cmd) {
2384 err = -ENOMEM;
2385 goto failed;
2386 }
2387
2388 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name));
2389 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp),
2390 &hci_cp);
2391 if (err < 0)
2392 mgmt_pending_remove(cmd);
2393
2394failed:
09fd0de5 2395 hci_dev_unlock(hdev);
b312b161
JH		 2396 hci_dev_put(hdev);
2397
2398 return err;
2399}
2400
c35938b2
SJ		 2401static int read_local_oob_data(struct sock *sk, u16 index)
2402{
2403 struct hci_dev *hdev;
2404 struct pending_cmd *cmd;
2405 int err;
2406
2407 BT_DBG("hci%u", index);
2408
2409 hdev = hci_dev_get(index);
2410 if (!hdev)
2411 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
ca69b795 2412 MGMT_STATUS_INVALID_PARAMS);
c35938b2 2413
09fd0de5 2414 hci_dev_lock(hdev);
c35938b2 2415
4b34ee78 2416 if (!hdev_is_powered(hdev)) {
c35938b2 2417 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
ca69b795 2418 MGMT_STATUS_NOT_POWERED);
c35938b2
SJ		 2419 goto unlock;
2420 }
2421
2422 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
2423 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
ca69b795 2424 MGMT_STATUS_NOT_SUPPORTED);
c35938b2
SJ		 2425 goto unlock;
2426 }
2427
2e58ef3e 2428 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
ca69b795
JH		 2429 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
2430 MGMT_STATUS_BUSY);
c35938b2
SJ		 2431 goto unlock;
2432 }
2433
2e58ef3e 2434 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
c35938b2
SJ		 2435 if (!cmd) {
2436 err = -ENOMEM;
2437 goto unlock;
2438 }
2439
2440 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
2441 if (err < 0)
2442 mgmt_pending_remove(cmd);
2443
2444unlock:
09fd0de5 2445 hci_dev_unlock(hdev);
c35938b2
SJ		 2446 hci_dev_put(hdev);
2447
2448 return err;
2449}
2450
650f726d
VCG		 2451static int add_remote_oob_data(struct sock *sk, u16 index, void *data,
2452 u16 len)
2763eda6
SJ		 2453{
2454 struct hci_dev *hdev;
650f726d 2455 struct mgmt_cp_add_remote_oob_data *cp = data;
bf1e3541 2456 u8 status;
2763eda6
SJ		 2457 int err;
2458
2459 BT_DBG("hci%u ", index);
2460
2461 if (len != sizeof(*cp))
2462 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
ca69b795 2463 MGMT_STATUS_INVALID_PARAMS);
2763eda6
SJ		 2464
2465 hdev = hci_dev_get(index);
2466 if (!hdev)
bf1e3541
JH		 2467 return cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
2468 MGMT_STATUS_INVALID_PARAMS,
2469 &cp->addr, sizeof(cp->addr));
2763eda6 2470
09fd0de5 2471 hci_dev_lock(hdev);
2763eda6 2472
5f97c1df
JH		 2473 if (!hdev_is_powered(hdev)) {
2474 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
2475 MGMT_STATUS_NOT_POWERED,
2476 &cp->addr, sizeof(cp->addr));
2477 goto unlock;
2478 }
2479
664ce4cc 2480 err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, cp->hash,
2763eda6
SJ		 2481 cp->randomizer);
2482 if (err < 0)
bf1e3541 2483 status = MGMT_STATUS_FAILED;
2763eda6 2484 else
bf1e3541
JH		 2485 status = 0;
2486
2487 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, status,
2488 &cp->addr, sizeof(cp->addr));
2763eda6 2489
5f97c1df 2490unlock:
09fd0de5 2491 hci_dev_unlock(hdev);
2763eda6
SJ		 2492 hci_dev_put(hdev);
2493
2494 return err;
2495}
2496
2497static int remove_remote_oob_data(struct sock *sk, u16 index,
650f726d 2498 void *data, u16 len)
2763eda6
SJ		 2499{
2500 struct hci_dev *hdev;
650f726d 2501 struct mgmt_cp_remove_remote_oob_data *cp = data;
bf1e3541 2502 u8 status;
2763eda6
SJ		 2503 int err;
2504
2505 BT_DBG("hci%u ", index);
2506
2507 if (len != sizeof(*cp))
2508 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
ca69b795 2509 MGMT_STATUS_INVALID_PARAMS);
2763eda6
SJ		 2510
2511 hdev = hci_dev_get(index);
2512 if (!hdev)
bf1e3541
JH		 2513 return cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
2514 MGMT_STATUS_INVALID_PARAMS,
2515 &cp->addr, sizeof(cp->addr));
2763eda6 2516
09fd0de5 2517 hci_dev_lock(hdev);
2763eda6 2518
5f97c1df
JH		 2519 if (!hdev_is_powered(hdev)) {
2520 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
2521 MGMT_STATUS_NOT_POWERED,
2522 &cp->addr, sizeof(cp->addr));
2523 goto unlock;
2524 }
2525
664ce4cc 2526 err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr);
2763eda6 2527 if (err < 0)
bf1e3541 2528 status = MGMT_STATUS_INVALID_PARAMS;
2763eda6 2529 else
bf1e3541
JH		 2530 status = 0;
2531
2532 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA, status,
2533 &cp->addr, sizeof(cp->addr));
2763eda6 2534
5f97c1df 2535unlock:
09fd0de5 2536 hci_dev_unlock(hdev);
2763eda6
SJ		 2537 hci_dev_put(hdev);
2538
2539 return err;
2540}
2541
5e0452c0
AG		 2542static int discovery(struct hci_dev *hdev)
2543{
2544 int err;
2545
2546 if (lmp_host_le_capable(hdev)) {
2547 if (lmp_bredr_capable(hdev)) {
2548 err = hci_le_scan(hdev, LE_SCAN_TYPE,
2549 LE_SCAN_INT, LE_SCAN_WIN,
2550 LE_SCAN_TIMEOUT_BREDR_LE);
2551 } else {
2552 hdev->discovery.type = DISCOV_TYPE_LE;
2553 err = hci_le_scan(hdev, LE_SCAN_TYPE,
2554 LE_SCAN_INT, LE_SCAN_WIN,
2555 LE_SCAN_TIMEOUT_LE_ONLY);
2556 }
2557 } else {
2558 hdev->discovery.type = DISCOV_TYPE_BREDR;
2559 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
2560 }
2561
2562 return err;
2563}
2564
2565int mgmt_interleaved_discovery(struct hci_dev *hdev)
2566{
2567 int err;
2568
2569 BT_DBG("%s", hdev->name);
2570
2571 hci_dev_lock(hdev);
2572
2573 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR_LE);
2574 if (err < 0)
2575 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2576
2577 hci_dev_unlock(hdev);
2578
2579 return err;
2580}
2581
450dfdaf 2582static int start_discovery(struct sock *sk, u16 index,
650f726d 2583 void *data, u16 len)
14a53664 2584{
650f726d 2585 struct mgmt_cp_start_discovery *cp = data;
14a53664
JH		 2586 struct pending_cmd *cmd;
2587 struct hci_dev *hdev;
2588 int err;
2589
2590 BT_DBG("hci%u", index);
2591
450dfdaf
JH		 2592 if (len != sizeof(*cp))
2593 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
2594 MGMT_STATUS_INVALID_PARAMS);
2595
14a53664
JH		 2596 hdev = hci_dev_get(index);
2597 if (!hdev)
ca69b795
JH		 2598 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
2599 MGMT_STATUS_INVALID_PARAMS);
14a53664 2600
09fd0de5 2601 hci_dev_lock(hdev);
14a53664 2602
4b34ee78 2603 if (!hdev_is_powered(hdev)) {
ca69b795
JH		 2604 err = cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
2605 MGMT_STATUS_NOT_POWERED);
bd2d1334
JH		 2606 goto failed;
2607 }
2608
ff9ef578
JH		 2609 if (hdev->discovery.state != DISCOVERY_STOPPED) {
2610 err = cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
2611 MGMT_STATUS_BUSY);
2612 goto failed;
2613 }
2614
2e58ef3e 2615 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2616 if (!cmd) {
2617 err = -ENOMEM;
2618 goto failed;
2619 }
2620
4aab14e5
AG		 2621 hdev->discovery.type = cp->type;
2622
2623 switch (hdev->discovery.type) {
f39799f5 2624 case DISCOV_TYPE_BREDR:
3fd24153 2625 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
f39799f5
AG		 2626 break;
2627
2628 case DISCOV_TYPE_LE:
3fd24153
AG		 2629 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
2630 LE_SCAN_WIN, LE_SCAN_TIMEOUT_LE_ONLY);
f39799f5
AG		 2631 break;
2632
5e0452c0
AG		 2633 case DISCOV_TYPE_INTERLEAVED:
2634 err = discovery(hdev);
2635 break;
2636
f39799f5 2637 default:
3fd24153 2638 err = -EINVAL;
f39799f5 2639 }
3fd24153 2640
14a53664
JH		 2641 if (err < 0)
2642 mgmt_pending_remove(cmd);
ff9ef578
JH		 2643 else
2644 hci_discovery_set_state(hdev, DISCOVERY_STARTING);
14a53664
JH		 2645
2646failed:
09fd0de5 2647 hci_dev_unlock(hdev);
14a53664
JH		 2648 hci_dev_put(hdev);
2649
2650 return err;
2651}
2652
d930650b 2653static int stop_discovery(struct sock *sk, u16 index, void *data, u16 len)
14a53664 2654{
d930650b 2655 struct mgmt_cp_stop_discovery *mgmt_cp = data;
14a53664
JH		 2656 struct hci_dev *hdev;
2657 struct pending_cmd *cmd;
30dc78e1
JH		 2658 struct hci_cp_remote_name_req_cancel cp;
2659 struct inquiry_entry *e;
14a53664
JH		 2660 int err;
2661
2662 BT_DBG("hci%u", index);
2663
d930650b
JH		 2664 if (len != sizeof(*mgmt_cp))
2665 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY,
2666 MGMT_STATUS_INVALID_PARAMS);
2667
14a53664
JH		 2668 hdev = hci_dev_get(index);
2669 if (!hdev)
ca69b795
JH		 2670 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY,
2671 MGMT_STATUS_INVALID_PARAMS);
14a53664 2672
09fd0de5 2673 hci_dev_lock(hdev);
14a53664 2674
30dc78e1 2675 if (!hci_discovery_active(hdev)) {
d930650b
JH		 2676 err = cmd_complete(sk, index, MGMT_OP_STOP_DISCOVERY,
2677 MGMT_STATUS_REJECTED,
2678 &mgmt_cp->type, sizeof(mgmt_cp->type));
2679 goto unlock;
2680 }
2681
2682 if (hdev->discovery.type != mgmt_cp->type) {
2683 err = cmd_complete(sk, index, MGMT_OP_STOP_DISCOVERY,
2684 MGMT_STATUS_INVALID_PARAMS,
2685 &mgmt_cp->type, sizeof(mgmt_cp->type));
30dc78e1 2686 goto unlock;
ff9ef578
JH		 2687 }
2688
2e58ef3e 2689 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2690 if (!cmd) {
2691 err = -ENOMEM;
30dc78e1
JH		 2692 goto unlock;
2693 }
2694
343f935b 2695 if (hdev->discovery.state == DISCOVERY_FINDING) {
30dc78e1
JH		 2696 err = hci_cancel_inquiry(hdev);
2697 if (err < 0)
2698 mgmt_pending_remove(cmd);
2699 else
2700 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
2701 goto unlock;
2702 }
2703
2704 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_PENDING);
2705 if (!e) {
2706 mgmt_pending_remove(cmd);
aee9b218 2707 err = cmd_complete(sk, index, MGMT_OP_STOP_DISCOVERY, 0,
d930650b 2708 &mgmt_cp->type, sizeof(mgmt_cp->type));
30dc78e1
JH		 2709 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2710 goto unlock;
14a53664
JH		 2711 }
2712
30dc78e1
JH		 2713 bacpy(&cp.bdaddr, &e->data.bdaddr);
2714 err = hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ_CANCEL,
2715 sizeof(cp), &cp);
14a53664
JH		 2716 if (err < 0)
2717 mgmt_pending_remove(cmd);
ff9ef578
JH		 2718 else
2719 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
14a53664 2720
30dc78e1 2721unlock:
09fd0de5 2722 hci_dev_unlock(hdev);
14a53664
JH		 2723 hci_dev_put(hdev);
2724
2725 return err;
2726}
2727
650f726d 2728static int confirm_name(struct sock *sk, u16 index, void *data, u16 len)
561aafbc 2729{
650f726d 2730 struct mgmt_cp_confirm_name *cp = data;
561aafbc
JH		 2731 struct inquiry_entry *e;
2732 struct hci_dev *hdev;
2733 int err;
2734
2735 BT_DBG("hci%u", index);
2736
2737 if (len != sizeof(*cp))
2738 return cmd_status(sk, index, MGMT_OP_CONFIRM_NAME,
2739 MGMT_STATUS_INVALID_PARAMS);
2740
2741 hdev = hci_dev_get(index);
2742 if (!hdev)
2743 return cmd_status(sk, index, MGMT_OP_CONFIRM_NAME,
2744 MGMT_STATUS_INVALID_PARAMS);
2745
2746 hci_dev_lock(hdev);
2747
30dc78e1
JH		 2748 if (!hci_discovery_active(hdev)) {
2749 err = cmd_status(sk, index, MGMT_OP_CONFIRM_NAME,
2750 MGMT_STATUS_FAILED);
2751 goto failed;
2752 }
2753
a198e7b1 2754 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->addr.bdaddr);
561aafbc 2755 if (!e) {
e5f0e151 2756 err = cmd_status(sk, index, MGMT_OP_CONFIRM_NAME,
561aafbc
JH		 2757 MGMT_STATUS_INVALID_PARAMS);
2758 goto failed;
2759 }
2760
2761 if (cp->name_known) {
2762 e->name_state = NAME_KNOWN;
2763 list_del(&e->list);
2764 } else {
2765 e->name_state = NAME_NEEDED;
a3d4e20a 2766 hci_inquiry_cache_update_resolve(hdev, e);
561aafbc
JH		 2767 }
2768
2769 err = 0;
2770
2771failed:
2772 hci_dev_unlock(hdev);
2773
2774 return err;
2775}
2776
650f726d 2777static int block_device(struct sock *sk, u16 index, void *data, u16 len)
7fbec224
AJ		 2778{
2779 struct hci_dev *hdev;
650f726d 2780 struct mgmt_cp_block_device *cp = data;
f0eeea8b 2781 u8 status;
7fbec224
AJ		 2782 int err;
2783
2784 BT_DBG("hci%u", index);
2785
7fbec224
AJ		 2786 if (len != sizeof(*cp))
2787 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
ca69b795 2788 MGMT_STATUS_INVALID_PARAMS);
7fbec224
AJ		 2789
2790 hdev = hci_dev_get(index);
2791 if (!hdev)
f0eeea8b
JH		 2792 return cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE,
2793 MGMT_STATUS_INVALID_PARAMS,
2794 &cp->addr, sizeof(cp->addr));
7fbec224 2795
09fd0de5 2796 hci_dev_lock(hdev);
5e762444 2797
88c1fe4b 2798 err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2799 if (err < 0)
f0eeea8b 2800 status = MGMT_STATUS_FAILED;
7fbec224 2801 else
f0eeea8b
JH		 2802 status = 0;
2803
2804 err = cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE, status,
2805 &cp->addr, sizeof(cp->addr));
5e762444 2806
09fd0de5 2807 hci_dev_unlock(hdev);
7fbec224
AJ		 2808 hci_dev_put(hdev);
2809
2810 return err;
2811}
2812
650f726d 2813static int unblock_device(struct sock *sk, u16 index, void *data, u16 len)
7fbec224
AJ		 2814{
2815 struct hci_dev *hdev;
650f726d 2816 struct mgmt_cp_unblock_device *cp = data;
f0eeea8b 2817 u8 status;
7fbec224
AJ		 2818 int err;
2819
2820 BT_DBG("hci%u", index);
2821
7fbec224
AJ		 2822 if (len != sizeof(*cp))
2823 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
ca69b795 2824 MGMT_STATUS_INVALID_PARAMS);
7fbec224
AJ		 2825
2826 hdev = hci_dev_get(index);
2827 if (!hdev)
f0eeea8b
JH		 2828 return cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2829 MGMT_STATUS_INVALID_PARAMS,
2830 &cp->addr, sizeof(cp->addr));
7fbec224 2831
09fd0de5 2832 hci_dev_lock(hdev);
5e762444 2833
88c1fe4b 2834 err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2835 if (err < 0)
f0eeea8b 2836 status = MGMT_STATUS_INVALID_PARAMS;
7fbec224 2837 else
f0eeea8b
JH		 2838 status = 0;
2839
2840 err = cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE, status,
2841 &cp->addr, sizeof(cp->addr));
5e762444 2842
09fd0de5 2843 hci_dev_unlock(hdev);
7fbec224
AJ		 2844 hci_dev_put(hdev);
2845
2846 return err;
2847}
2848
f6422ec6 2849static int set_fast_connectable(struct sock *sk, u16 index,
650f726d 2850 void *data, u16 len)
f6422ec6
AJ		 2851{
2852 struct hci_dev *hdev;
650f726d 2853 struct mgmt_mode *cp = data;
f6422ec6
AJ		 2854 struct hci_cp_write_page_scan_activity acp;
2855 u8 type;
2856 int err;
2857
2858 BT_DBG("hci%u", index);
2859
2860 if (len != sizeof(*cp))
2861 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
ca69b795 2862 MGMT_STATUS_INVALID_PARAMS);
f6422ec6
AJ		 2863
2864 hdev = hci_dev_get(index);
2865 if (!hdev)
2866 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
ca69b795 2867 MGMT_STATUS_INVALID_PARAMS);
5400c044
JH		 2868 if (!hdev_is_powered(hdev))
2869 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2870 MGMT_STATUS_NOT_POWERED);
2871
2872 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2873 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2874 MGMT_STATUS_REJECTED);
f6422ec6
AJ		 2875
2876 hci_dev_lock(hdev);
2877
f7c6869c 2878 if (cp->val) {
f6422ec6
AJ		 2879 type = PAGE_SCAN_TYPE_INTERLACED;
2880 acp.interval = 0x0024; /* 22.5 msec page scan interval */
2881 } else {
2882 type = PAGE_SCAN_TYPE_STANDARD; /* default */
2883 acp.interval = 0x0800; /* default 1.28 sec page scan */
2884 }
2885
2886 acp.window = 0x0012; /* default 11.25 msec page scan window */
2887
2888 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
2889 sizeof(acp), &acp);
2890 if (err < 0) {
2891 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
ca69b795 2892 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2893 goto done;
2894 }
2895
2896 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
2897 if (err < 0) {
2898 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
ca69b795 2899 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2900 goto done;
2901 }
2902
aee9b218
JH		 2903 err = cmd_complete(sk, index, MGMT_OP_SET_FAST_CONNECTABLE, 0,
2904 NULL, 0);
f6422ec6
AJ		 2905done:
2906 hci_dev_unlock(hdev);
2907 hci_dev_put(hdev);
2908
2909 return err;
2910}
2911
346af67b
VCG		 2912static int load_long_term_keys(struct sock *sk, u16 index,
2913 void *cp_data, u16 len)
2914{
2915 struct hci_dev *hdev;
2916 struct mgmt_cp_load_long_term_keys *cp = cp_data;
2917 u16 key_count, expected_len;
2918 int i;
2919
2920 if (len < sizeof(*cp))
2921 return cmd_status(sk, index, MGMT_OP_LOAD_LONG_TERM_KEYS,
2922 EINVAL);
2923
2924 key_count = get_unaligned_le16(&cp->key_count);
2925
2926 expected_len = sizeof(*cp) + key_count *
2927 sizeof(struct mgmt_ltk_info);
2928 if (expected_len != len) {
2929 BT_ERR("load_keys: expected %u bytes, got %u bytes",
2930 len, expected_len);
2931 return cmd_status(sk, index, MGMT_OP_LOAD_LONG_TERM_KEYS,
2932 EINVAL);
2933 }
2934
2935 hdev = hci_dev_get(index);
2936 if (!hdev)
2937 return cmd_status(sk, index, MGMT_OP_LOAD_LONG_TERM_KEYS,
2938 ENODEV);
2939
2940 BT_DBG("hci%u key_count %u", index, key_count);
2941
2942 hci_dev_lock(hdev);
2943
2944 hci_smp_ltks_clear(hdev);
2945
2946 for (i = 0; i < key_count; i++) {
2947 struct mgmt_ltk_info *key = &cp->keys[i];
2948 u8 type;
2949
2950 if (key->master)
2951 type = HCI_SMP_LTK;
2952 else
2953 type = HCI_SMP_LTK_SLAVE;
2954
2955 hci_add_ltk(hdev, &key->addr.bdaddr, key->addr.type,
2956 type, 0, key->authenticated, key->val,
2957 key->enc_size, key->ediv, key->rand);
2958 }
2959
2960 hci_dev_unlock(hdev);
2961 hci_dev_put(hdev);
2962
2963 return 0;
2964}
2965
0381101f
JH		 2966int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
2967{
650f726d
VCG		 2968 void *buf;
2969 u8 *cp;
0381101f 2970 struct mgmt_hdr *hdr;
4e51eae9 2971 u16 opcode, index, len;
0381101f
JH		 2972 int err;
2973
2974 BT_DBG("got %zu bytes", msglen);
2975
2976 if (msglen < sizeof(*hdr))
2977 return -EINVAL;
2978
e63a15ec 2979 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 2980 if (!buf)
2981 return -ENOMEM;
2982
2983 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
2984 err = -EFAULT;
2985 goto done;
2986 }
2987
650f726d 2988 hdr = buf;
0381101f 2989 opcode = get_unaligned_le16(&hdr->opcode);
4e51eae9 2990 index = get_unaligned_le16(&hdr->index);
0381101f
JH		 2991 len = get_unaligned_le16(&hdr->len);
2992
2993 if (len != msglen - sizeof(*hdr)) {
2994 err = -EINVAL;
2995 goto done;
2996 }
2997
650f726d
VCG		 2998 cp = buf + sizeof(*hdr);
2999
0381101f 3000 switch (opcode) {
02d98129
JH		 3001 case MGMT_OP_READ_VERSION:
3002 err = read_version(sk);
3003 break;
e70bb2e8
JH		 3004 case MGMT_OP_READ_COMMANDS:
3005 err = read_commands(sk);
3006 break;
faba42eb
JH		 3007 case MGMT_OP_READ_INDEX_LIST:
3008 err = read_index_list(sk);
3009 break;
f7b64e69 3010 case MGMT_OP_READ_INFO:
4e51eae9 3011 err = read_controller_info(sk, index);
f7b64e69 3012 break;
eec8d2bc 3013 case MGMT_OP_SET_POWERED:
650f726d 3014 err = set_powered(sk, index, cp, len);
eec8d2bc 3015 break;
73f22f62 3016 case MGMT_OP_SET_DISCOVERABLE:
650f726d 3017 err = set_discoverable(sk, index, cp, len);
73f22f62 3018 break;
9fbcbb45 3019 case MGMT_OP_SET_CONNECTABLE:
650f726d 3020 err = set_connectable(sk, index, cp, len);
9fbcbb45 3021 break;
f7c6869c 3022 case MGMT_OP_SET_FAST_CONNECTABLE:
650f726d 3023 err = set_fast_connectable(sk, index, cp, len);
f7c6869c 3024 break;
c542a06c 3025 case MGMT_OP_SET_PAIRABLE:
650f726d 3026 err = set_pairable(sk, index, cp, len);
c542a06c 3027 break;
33ef95ed
JH		 3028 case MGMT_OP_SET_LINK_SECURITY:
3029 err = set_link_security(sk, index, cp, len);
3030 break;
ed2c4ee3
JH		 3031 case MGMT_OP_SET_SSP:
3032 err = set_ssp(sk, index, cp, len);
3033 break;
6d80dfd0
JH		 3034 case MGMT_OP_SET_HS:
3035 err = set_hs(sk, index, cp, len);
3036 break;
06199cf8
JH		 3037 case MGMT_OP_SET_LE:
3038 err = set_le(sk, index, cp, len);
3039 break;
2aeb9a1a 3040 case MGMT_OP_ADD_UUID:
650f726d 3041 err = add_uuid(sk, index, cp, len);
2aeb9a1a
JH		 3042 break;
3043 case MGMT_OP_REMOVE_UUID:
650f726d 3044 err = remove_uuid(sk, index, cp, len);
2aeb9a1a 3045 break;
1aff6f09 3046 case MGMT_OP_SET_DEV_CLASS:
650f726d 3047 err = set_dev_class(sk, index, cp, len);
1aff6f09 3048 break;
86742e1e 3049 case MGMT_OP_LOAD_LINK_KEYS:
650f726d 3050 err = load_link_keys(sk, index, cp, len);
55ed8ca1 3051 break;
8962ee74 3052 case MGMT_OP_DISCONNECT:
650f726d 3053 err = disconnect(sk, index, cp, len);
8962ee74 3054 break;
2784eb41 3055 case MGMT_OP_GET_CONNECTIONS:
8ce6284e 3056 err = get_connections(sk, index);
2784eb41 3057 break;
980e1a53 3058 case MGMT_OP_PIN_CODE_REPLY:
650f726d 3059 err = pin_code_reply(sk, index, cp, len);
980e1a53
JH		 3060 break;
3061 case MGMT_OP_PIN_CODE_NEG_REPLY:
650f726d 3062 err = pin_code_neg_reply(sk, index, cp, len);
980e1a53 3063 break;
17fa4b9d 3064 case MGMT_OP_SET_IO_CAPABILITY:
650f726d 3065 err = set_io_capability(sk, index, cp, len);
17fa4b9d 3066 break;
e9a416b5 3067 case MGMT_OP_PAIR_DEVICE:
650f726d 3068 err = pair_device(sk, index, cp, len);
e9a416b5 3069 break;
28424707
JH		 3070 case MGMT_OP_CANCEL_PAIR_DEVICE:
3071 err = cancel_pair_device(sk, index, buf + sizeof(*hdr), len);
3072 break;
124f6e35
JH		 3073 case MGMT_OP_UNPAIR_DEVICE:
3074 err = unpair_device(sk, index, cp, len);
3075 break;
a5c29683 3076 case MGMT_OP_USER_CONFIRM_REPLY:
650f726d 3077 err = user_confirm_reply(sk, index, cp, len);
a5c29683
JH		 3078 break;
3079 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
650f726d 3080 err = user_confirm_neg_reply(sk, index, cp, len);
a5c29683 3081 break;
604086b7 3082 case MGMT_OP_USER_PASSKEY_REPLY:
650f726d 3083 err = user_passkey_reply(sk, index, cp, len);
604086b7
BG		 3084 break;
3085 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
650f726d 3086 err = user_passkey_neg_reply(sk, index, cp, len);
a5c29683 3087 break;
b312b161 3088 case MGMT_OP_SET_LOCAL_NAME:
650f726d 3089 err = set_local_name(sk, index, cp, len);
b312b161 3090 break;
c35938b2
SJ		 3091 case MGMT_OP_READ_LOCAL_OOB_DATA:
3092 err = read_local_oob_data(sk, index);
3093 break;
2763eda6 3094 case MGMT_OP_ADD_REMOTE_OOB_DATA:
650f726d 3095 err = add_remote_oob_data(sk, index, cp, len);
2763eda6
SJ		 3096 break;
3097 case MGMT_OP_REMOVE_REMOTE_OOB_DATA:
650f726d 3098 err = remove_remote_oob_data(sk, index, cp, len);
2763eda6 3099 break;
14a53664 3100 case MGMT_OP_START_DISCOVERY:
650f726d 3101 err = start_discovery(sk, index, cp, len);
14a53664
JH		 3102 break;
3103 case MGMT_OP_STOP_DISCOVERY:
d930650b 3104 err = stop_discovery(sk, index, cp, len);
14a53664 3105 break;
561aafbc 3106 case MGMT_OP_CONFIRM_NAME:
650f726d 3107 err = confirm_name(sk, index, cp, len);
561aafbc 3108 break;
7fbec224 3109 case MGMT_OP_BLOCK_DEVICE:
650f726d 3110 err = block_device(sk, index, cp, len);
7fbec224
AJ		 3111 break;
3112 case MGMT_OP_UNBLOCK_DEVICE:
650f726d 3113 err = unblock_device(sk, index, cp, len);
7fbec224 3114 break;
346af67b
VCG		 3115 case MGMT_OP_LOAD_LONG_TERM_KEYS:
3116 err = load_long_term_keys(sk, index, cp, len);
3117 break;
0381101f
JH		 3118 default:
3119 BT_DBG("Unknown op %u", opcode);
ca69b795
JH		 3120 err = cmd_status(sk, index, opcode,
3121 MGMT_STATUS_UNKNOWN_COMMAND);
0381101f
JH		 3122 break;
3123 }
3124
e41d8b4e
JH		 3125 if (err < 0)
3126 goto done;
3127
0381101f
JH		 3128 err = msglen;
3129
3130done:
3131 kfree(buf);
3132 return err;
3133}
c71e97bf 3134
b24752fe
JH		 3135static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
3136{
3137 u8 *status = data;
3138
3139 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
3140 mgmt_pending_remove(cmd);
3141}
3142
744cf19e 3143int mgmt_index_added(struct hci_dev *hdev)
c71e97bf 3144{
744cf19e 3145 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
c71e97bf
JH		 3146}
3147
744cf19e 3148int mgmt_index_removed(struct hci_dev *hdev)
c71e97bf 3149{
b24752fe
JH		 3150 u8 status = ENODEV;
3151
744cf19e 3152 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe 3153
744cf19e 3154 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
eec8d2bc
JH		 3155}
3156
73f22f62 3157struct cmd_lookup {
eec8d2bc 3158 struct sock *sk;
69ab39ea 3159 struct hci_dev *hdev;
90e70454 3160 u8 mgmt_status;
eec8d2bc
JH		 3161};
3162
69ab39ea 3163static void settings_rsp(struct pending_cmd *cmd, void *data)
eec8d2bc 3164{
73f22f62 3165 struct cmd_lookup *match = data;
eec8d2bc 3166
69ab39ea 3167 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
eec8d2bc
JH		 3168
3169 list_del(&cmd->list);
3170
3171 if (match->sk == NULL) {
3172 match->sk = cmd->sk;
3173 sock_hold(match->sk);
3174 }
3175
3176 mgmt_pending_free(cmd);
c71e97bf 3177}
5add6af8 3178
744cf19e 3179int mgmt_powered(struct hci_dev *hdev, u8 powered)
5add6af8 3180{
76a7f3a4 3181 struct cmd_lookup match = { NULL, hdev };
7bb895d6 3182 int err;
5add6af8 3183
5e5282bb
JH		 3184 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
3185 return 0;
3186
69ab39ea 3187 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
5add6af8 3188
5e5282bb
JH		 3189 if (powered) {
3190 u8 scan = 0;
3191
3192 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
3193 scan |= SCAN_PAGE;
3194 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
3195 scan |= SCAN_INQUIRY;
3196
3197 if (scan)
3198 hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
504c8dcd
JH		 3199
3200 update_class(hdev);
3201 update_eir(hdev);
5e5282bb 3202 } else {
b24752fe 3203 u8 status = ENETDOWN;
744cf19e 3204 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe
JH		 3205 }
3206
beadb2bd 3207 err = new_settings(hdev, match.sk);
eec8d2bc
JH		 3208
3209 if (match.sk)
3210 sock_put(match.sk);
3211
7bb895d6 3212 return err;
5add6af8 3213}
73f22f62 3214
744cf19e 3215int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
73f22f62 3216{
76a7f3a4 3217 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 3218 bool changed = false;
3219 int err = 0;
73f22f62 3220
5e5282bb
JH		 3221 if (discoverable) {
3222 if (!test_and_set_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
3223 changed = true;
3224 } else {
3225 if (test_and_clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
3226 changed = true;
3227 }
73f22f62 3228
ed9b5f2f
JH		 3229 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp,
3230 &match);
3231
beadb2bd
JH		 3232 if (changed)
3233 err = new_settings(hdev, match.sk);
5e5282bb 3234
73f22f62
JH		 3235 if (match.sk)
3236 sock_put(match.sk);
3237
7bb895d6 3238 return err;
73f22f62 3239}
9fbcbb45 3240
744cf19e 3241int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
9fbcbb45 3242{
76a7f3a4 3243 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 3244 bool changed = false;
3245 int err = 0;
9fbcbb45 3246
5e5282bb
JH		 3247 if (connectable) {
3248 if (!test_and_set_bit(HCI_CONNECTABLE, &hdev->dev_flags))
3249 changed = true;
3250 } else {
3251 if (test_and_clear_bit(HCI_CONNECTABLE, &hdev->dev_flags))
3252 changed = true;
3253 }
9fbcbb45 3254
ed9b5f2f
JH		 3255 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, settings_rsp,
3256 &match);
3257
beadb2bd
JH		 3258 if (changed)
3259 err = new_settings(hdev, match.sk);
9fbcbb45
JH		 3260
3261 if (match.sk)
3262 sock_put(match.sk);
3263
7bb895d6 3264 return err;
9fbcbb45 3265}
55ed8ca1 3266
744cf19e 3267int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2d7cee58 3268{
ca69b795
JH		 3269 u8 mgmt_err = mgmt_status(status);
3270
2d7cee58 3271 if (scan & SCAN_PAGE)
744cf19e 3272 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
ca69b795 3273 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 3274
3275 if (scan & SCAN_INQUIRY)
744cf19e 3276 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
ca69b795 3277 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 3278
3279 return 0;
3280}
3281
744cf19e
JH		 3282int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
3283 u8 persistent)
55ed8ca1 3284{
86742e1e 3285 struct mgmt_ev_new_link_key ev;
55ed8ca1 3286
a492cd52 3287 memset(&ev, 0, sizeof(ev));
55ed8ca1 3288
a492cd52 3289 ev.store_hint = persistent;
d753fdc4
JH		 3290 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
3291 ev.key.addr.type = MGMT_ADDR_BREDR;
a492cd52
VCG		 3292 ev.key.type = key->type;
3293 memcpy(ev.key.val, key->val, 16);
3294 ev.key.pin_len = key->pin_len;
55ed8ca1 3295
744cf19e 3296 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
55ed8ca1 3297}
f7520543 3298
346af67b
VCG		 3299int mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key, u8 persistent)
3300{
3301 struct mgmt_ev_new_long_term_key ev;
3302
3303 memset(&ev, 0, sizeof(ev));
3304
3305 ev.store_hint = persistent;
3306 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
3307 ev.key.addr.type = key->bdaddr_type;
3308 ev.key.authenticated = key->authenticated;
3309 ev.key.enc_size = key->enc_size;
3310 ev.key.ediv = key->ediv;
3311
3312 if (key->type == HCI_SMP_LTK)
3313 ev.key.master = 1;
3314
3315 memcpy(ev.key.rand, key->rand, sizeof(key->rand));
3316 memcpy(ev.key.val, key->val, sizeof(key->val));
3317
3318 return mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY, hdev,
3319 &ev, sizeof(ev), NULL);
3320}
3321
afc747a6 3322int mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
08c79b61
JH		 3323 u8 addr_type, u32 flags, u8 *name,
3324 u8 name_len, u8 *dev_class)
f7520543 3325{
b644ba33
JH		 3326 char buf[512];
3327 struct mgmt_ev_device_connected *ev = (void *) buf;
3328 u16 eir_len = 0;
f7520543 3329
b644ba33
JH		 3330 bacpy(&ev->addr.bdaddr, bdaddr);
3331 ev->addr.type = link_to_mgmt(link_type, addr_type);
f7520543 3332
c95f0ba7 3333 ev->flags = __cpu_to_le32(flags);
08c79b61 3334
b644ba33
JH		 3335 if (name_len > 0)
3336 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE,
3337 name, name_len);
3338
3339 if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0)
3340 eir_len = eir_append_data(&ev->eir[eir_len], eir_len,
3341 EIR_CLASS_OF_DEV, dev_class, 3);
3342
3343 put_unaligned_le16(eir_len, &ev->eir_len);
3344
3345 return mgmt_event(MGMT_EV_DEVICE_CONNECTED, hdev, buf,
3346 sizeof(*ev) + eir_len, NULL);
f7520543
JH		 3347}
3348
8962ee74
JH		 3349static void disconnect_rsp(struct pending_cmd *cmd, void *data)
3350{
c68fb7ff 3351 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 3352 struct sock **sk = data;
a38528f1 3353 struct mgmt_rp_disconnect rp;
8962ee74 3354
88c3df13
JH		 3355 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3356 rp.addr.type = cp->addr.type;
8962ee74 3357
aee9b218
JH		 3358 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, 0, &rp,
3359 sizeof(rp));
8962ee74
JH		 3360
3361 *sk = cmd->sk;
3362 sock_hold(*sk);
3363
a664b5bc 3364 mgmt_pending_remove(cmd);
8962ee74
JH		 3365}
3366
124f6e35 3367static void unpair_device_rsp(struct pending_cmd *cmd, void *data)
a8a1d19e 3368{
b1078ad0 3369 struct hci_dev *hdev = data;
124f6e35
JH		 3370 struct mgmt_cp_unpair_device *cp = cmd->param;
3371 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 3372
3373 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 3374 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3375 rp.addr.type = cp->addr.type;
a8a1d19e 3376
b1078ad0
JH		 3377 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, cmd->sk);
3378
aee9b218 3379 cmd_complete(cmd->sk, cmd->index, cmd->opcode, 0, &rp, sizeof(rp));
a8a1d19e
JH		 3380
3381 mgmt_pending_remove(cmd);
3382}
3383
afc747a6
JH		 3384int mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr,
3385 u8 link_type, u8 addr_type)
f7520543 3386{
4c659c39 3387 struct mgmt_addr_info ev;
8962ee74
JH		 3388 struct sock *sk = NULL;
3389 int err;
3390
744cf19e 3391 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
f7520543 3392
f7520543 3393 bacpy(&ev.bdaddr, bdaddr);
48264f06 3394 ev.type = link_to_mgmt(link_type, addr_type);
f7520543 3395
afc747a6
JH		 3396 err = mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev),
3397 sk);
8962ee74
JH		 3398
3399 if (sk)
3400 sock_put(sk);
3401
124f6e35 3402 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
b1078ad0 3403 hdev);
a8a1d19e 3404
8962ee74
JH		 3405 return err;
3406}
3407
88c3df13
JH		 3408int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr,
3409 u8 link_type, u8 addr_type, u8 status)
8962ee74 3410{
88c3df13 3411 struct mgmt_rp_disconnect rp;
8962ee74
JH		 3412 struct pending_cmd *cmd;
3413 int err;
3414
2e58ef3e 3415 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
8962ee74
JH		 3416 if (!cmd)
3417 return -ENOENT;
3418
88c3df13
JH		 3419 bacpy(&rp.addr.bdaddr, bdaddr);
3420 rp.addr.type = link_to_mgmt(link_type, addr_type);
37d9ef76 3421
88c3df13 3422 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
aee9b218 3423 mgmt_status(status), &rp, sizeof(rp));
8962ee74 3424
a664b5bc 3425 mgmt_pending_remove(cmd);
8962ee74 3426
b1078ad0
JH		 3427 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
3428 hdev);
8962ee74 3429 return err;
f7520543 3430}
17d5c04c 3431
48264f06
JH		 3432int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
3433 u8 addr_type, u8 status)
17d5c04c
JH		 3434{
3435 struct mgmt_ev_connect_failed ev;
3436
4c659c39 3437 bacpy(&ev.addr.bdaddr, bdaddr);
48264f06 3438 ev.addr.type = link_to_mgmt(link_type, addr_type);
ca69b795 3439 ev.status = mgmt_status(status);
17d5c04c 3440
744cf19e 3441 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
17d5c04c 3442}
980e1a53 3443
744cf19e 3444int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 3445{
3446 struct mgmt_ev_pin_code_request ev;
3447
d8457698
JH		 3448 bacpy(&ev.addr.bdaddr, bdaddr);
3449 ev.addr.type = MGMT_ADDR_BREDR;
a770bb5a 3450 ev.secure = secure;
980e1a53 3451
744cf19e 3452 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
4e51eae9 3453 NULL);
980e1a53
JH		 3454}
3455
744cf19e
JH		 3456int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
3457 u8 status)
980e1a53
JH		 3458{
3459 struct pending_cmd *cmd;
ac56fb13 3460 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3461 int err;
3462
2e58ef3e 3463 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
980e1a53
JH		 3464 if (!cmd)
3465 return -ENOENT;
3466
d8457698
JH		 3467 bacpy(&rp.addr.bdaddr, bdaddr);
3468 rp.addr.type = MGMT_ADDR_BREDR;
ac56fb13 3469
aee9b218
JH		 3470 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
3471 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3472
a664b5bc 3473 mgmt_pending_remove(cmd);
980e1a53
JH		 3474
3475 return err;
3476}
3477
744cf19e
JH		 3478int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
3479 u8 status)
980e1a53
JH		 3480{
3481 struct pending_cmd *cmd;
ac56fb13 3482 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3483 int err;
3484
2e58ef3e 3485 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
980e1a53
JH		 3486 if (!cmd)
3487 return -ENOENT;
3488
d8457698
JH		 3489 bacpy(&rp.addr.bdaddr, bdaddr);
3490 rp.addr.type = MGMT_ADDR_BREDR;
ac56fb13 3491
aee9b218
JH		 3492 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY,
3493 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3494
a664b5bc 3495 mgmt_pending_remove(cmd);
980e1a53
JH		 3496
3497 return err;
3498}
a5c29683 3499
744cf19e 3500int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
272d90df
JH		 3501 u8 link_type, u8 addr_type, __le32 value,
3502 u8 confirm_hint)
a5c29683
JH		 3503{
3504 struct mgmt_ev_user_confirm_request ev;
3505
744cf19e 3506 BT_DBG("%s", hdev->name);
a5c29683 3507
272d90df
JH		 3508 bacpy(&ev.addr.bdaddr, bdaddr);
3509 ev.addr.type = link_to_mgmt(link_type, addr_type);
55bc1a37 3510 ev.confirm_hint = confirm_hint;
a5c29683
JH		 3511 put_unaligned_le32(value, &ev.value);
3512
744cf19e 3513 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
4e51eae9 3514 NULL);
a5c29683
JH		 3515}
3516
272d90df
JH		 3517int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
3518 u8 link_type, u8 addr_type)
604086b7
BG		 3519{
3520 struct mgmt_ev_user_passkey_request ev;
3521
3522 BT_DBG("%s", hdev->name);
3523
272d90df
JH		 3524 bacpy(&ev.addr.bdaddr, bdaddr);
3525 ev.addr.type = link_to_mgmt(link_type, addr_type);
604086b7
BG		 3526
3527 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
3528 NULL);
3529}
3530
0df4c185 3531static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
272d90df
JH		 3532 u8 link_type, u8 addr_type, u8 status,
3533 u8 opcode)
a5c29683
JH		 3534{
3535 struct pending_cmd *cmd;
3536 struct mgmt_rp_user_confirm_reply rp;
3537 int err;
3538
2e58ef3e 3539 cmd = mgmt_pending_find(opcode, hdev);
a5c29683
JH		 3540 if (!cmd)
3541 return -ENOENT;
3542
272d90df
JH		 3543 bacpy(&rp.addr.bdaddr, bdaddr);
3544 rp.addr.type = link_to_mgmt(link_type, addr_type);
aee9b218
JH		 3545 err = cmd_complete(cmd->sk, hdev->id, opcode, mgmt_status(status),
3546 &rp, sizeof(rp));
a5c29683 3547
a664b5bc 3548 mgmt_pending_remove(cmd);
a5c29683
JH		 3549
3550 return err;
3551}
3552
744cf19e 3553int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
272d90df 3554 u8 link_type, u8 addr_type, u8 status)
a5c29683 3555{
272d90df
JH		 3556 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
3557 status, MGMT_OP_USER_CONFIRM_REPLY);
a5c29683
JH		 3558}
3559
272d90df
JH		 3560int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
3561 u8 link_type, u8 addr_type, u8 status)
a5c29683 3562{
272d90df
JH		 3563 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
3564 status, MGMT_OP_USER_CONFIRM_NEG_REPLY);
a5c29683 3565}
2a611692 3566
604086b7 3567int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
272d90df 3568 u8 link_type, u8 addr_type, u8 status)
604086b7 3569{
272d90df
JH		 3570 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
3571 status, MGMT_OP_USER_PASSKEY_REPLY);
604086b7
BG		 3572}
3573
272d90df
JH		 3574int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
3575 u8 link_type, u8 addr_type, u8 status)
604086b7 3576{
272d90df
JH		 3577 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
3578 status, MGMT_OP_USER_PASSKEY_NEG_REPLY);
604086b7
BG		 3579}
3580
bab73cb6
JH		 3581int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
3582 u8 addr_type, u8 status)
2a611692
JH		 3583{
3584 struct mgmt_ev_auth_failed ev;
3585
bab73cb6
JH		 3586 bacpy(&ev.addr.bdaddr, bdaddr);
3587 ev.addr.type = link_to_mgmt(link_type, addr_type);
ca69b795 3588 ev.status = mgmt_status(status);
2a611692 3589
744cf19e 3590 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2a611692 3591}
b312b161 3592
33ef95ed
JH		 3593int mgmt_auth_enable_complete(struct hci_dev *hdev, u8 status)
3594{
3595 struct cmd_lookup match = { NULL, hdev };
47990ea0
JH		 3596 bool changed = false;
3597 int err = 0;
33ef95ed
JH		 3598
3599 if (status) {
3600 u8 mgmt_err = mgmt_status(status);
3601 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev,
3602 cmd_status_rsp, &mgmt_err);
3603 return 0;
3604 }
3605
47990ea0
JH		 3606 if (test_bit(HCI_AUTH, &hdev->flags)) {
3607 if (!test_and_set_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3608 changed = true;
3609 } else {
3610 if (test_and_clear_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3611 changed = true;
3612 }
3613
33ef95ed
JH		 3614 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev, settings_rsp,
3615 &match);
3616
47990ea0
JH		 3617 if (changed)
3618 err = new_settings(hdev, match.sk);
33ef95ed
JH		 3619
3620 if (match.sk)
3621 sock_put(match.sk);
3622
3623 return err;
3624}
3625
cacaf52f
JH		 3626static int clear_eir(struct hci_dev *hdev)
3627{
3628 struct hci_cp_write_eir cp;
3629
3630 if (!(hdev->features[6] & LMP_EXT_INQ))
3631 return 0;
3632
c80da27e
JH		 3633 memset(hdev->eir, 0, sizeof(hdev->eir));
3634
cacaf52f
JH		 3635 memset(&cp, 0, sizeof(cp));
3636
3637 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
3638}
3639
c0ecddc2 3640int mgmt_ssp_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
ed2c4ee3
JH		 3641{
3642 struct cmd_lookup match = { NULL, hdev };
c0ecddc2
JH		 3643 bool changed = false;
3644 int err = 0;
ed2c4ee3
JH		 3645
3646 if (status) {
3647 u8 mgmt_err = mgmt_status(status);
c0ecddc2
JH		 3648
3649 if (enable && test_and_clear_bit(HCI_SSP_ENABLED,
3650 &hdev->dev_flags))
3651 err = new_settings(hdev, NULL);
3652
ed2c4ee3
JH		 3653 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev,
3654 cmd_status_rsp, &mgmt_err);
c0ecddc2
JH		 3655
3656 return err;
3657 }
3658
3659 if (enable) {
3660 if (!test_and_set_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3661 changed = true;
3662 } else {
3663 if (test_and_clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3664 changed = true;
ed2c4ee3
JH		 3665 }
3666
3667 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, settings_rsp, &match);
3668
c0ecddc2
JH		 3669 if (changed)
3670 err = new_settings(hdev, match.sk);
ed2c4ee3 3671
5fc6ebb1 3672 if (match.sk)
ed2c4ee3
JH		 3673 sock_put(match.sk);
3674
5fc6ebb1
JH		 3675 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3676 update_eir(hdev);
3677 else
3678 clear_eir(hdev);
cacaf52f 3679
ed2c4ee3
JH		 3680 return err;
3681}
3682
90e70454
JH		 3683static void class_rsp(struct pending_cmd *cmd, void *data)
3684{
3685 struct cmd_lookup *match = data;
3686
3687 cmd_complete(cmd->sk, cmd->index, cmd->opcode, match->mgmt_status,
3688 match->hdev->dev_class, 3);
3689
3690 list_del(&cmd->list);
3691
3692 if (match->sk == NULL) {
3693 match->sk = cmd->sk;
3694 sock_hold(match->sk);
3695 }
3696
3697 mgmt_pending_free(cmd);
3698}
3699
7f9a903c
MH		 3700int mgmt_set_class_of_dev_complete(struct hci_dev *hdev, u8 *dev_class,
3701 u8 status)
3702{
90e70454
JH		 3703 struct cmd_lookup match = { NULL, hdev, mgmt_status(status) };
3704 int err = 0;
7f9a903c 3705
c95f0ba7
JH		 3706 clear_bit(HCI_PENDING_CLASS, &hdev->dev_flags);
3707
90e70454
JH		 3708 mgmt_pending_foreach(MGMT_OP_SET_DEV_CLASS, hdev, class_rsp, &match);
3709 mgmt_pending_foreach(MGMT_OP_ADD_UUID, hdev, class_rsp, &match);
3710 mgmt_pending_foreach(MGMT_OP_REMOVE_UUID, hdev, class_rsp, &match);
3711
3712 if (!status)
3713 err = mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev,
3714 dev_class, 3, NULL);
3715
3716 if (match.sk)
3717 sock_put(match.sk);
7f9a903c
MH		 3718
3719 return err;
3720}
3721
744cf19e 3722int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
b312b161
JH		 3723{
3724 struct pending_cmd *cmd;
3725 struct mgmt_cp_set_local_name ev;
28cc7bde
JH		 3726 bool changed = false;
3727 int err = 0;
3728
3729 if (memcmp(name, hdev->dev_name, sizeof(hdev->dev_name)) != 0) {
3730 memcpy(hdev->dev_name, name, sizeof(hdev->dev_name));
3731 changed = true;
3732 }
b312b161
JH		 3733
3734 memset(&ev, 0, sizeof(ev));
3735 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
28cc7bde 3736 memcpy(ev.short_name, hdev->short_name, HCI_MAX_SHORT_NAME_LENGTH);
b312b161 3737
2e58ef3e 3738 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
b312b161
JH		 3739 if (!cmd)
3740 goto send_event;
3741
7bdaae4a
JH		 3742 /* Always assume that either the short or the complete name has
3743 * changed if there was a pending mgmt command */
3744 changed = true;
3745
b312b161 3746 if (status) {
744cf19e 3747 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
ca69b795 3748 mgmt_status(status));
b312b161
JH		 3749 goto failed;
3750 }
3751
aee9b218 3752 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0, &ev,
b312b161
JH		 3753 sizeof(ev));
3754 if (err < 0)
3755 goto failed;
3756
3757send_event:
28cc7bde
JH		 3758 if (changed)
3759 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev,
3760 sizeof(ev), cmd ? cmd->sk : NULL);
3761
f51d5b24 3762 update_eir(hdev);
b312b161
JH		 3763
3764failed:
3765 if (cmd)
3766 mgmt_pending_remove(cmd);
3767 return err;
3768}
c35938b2 3769
744cf19e
JH		 3770int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
3771 u8 *randomizer, u8 status)
c35938b2
SJ		 3772{
3773 struct pending_cmd *cmd;
3774 int err;
3775
744cf19e 3776 BT_DBG("%s status %u", hdev->name, status);
c35938b2 3777
2e58ef3e 3778 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
c35938b2
SJ		 3779 if (!cmd)
3780 return -ENOENT;
3781
3782 if (status) {
744cf19e 3783 err = cmd_status(cmd->sk, hdev->id,
ca69b795
JH		 3784 MGMT_OP_READ_LOCAL_OOB_DATA,
3785 mgmt_status(status));
c35938b2
SJ		 3786 } else {
3787 struct mgmt_rp_read_local_oob_data rp;
3788
3789 memcpy(rp.hash, hash, sizeof(rp.hash));
3790 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
3791
744cf19e
JH		 3792 err = cmd_complete(cmd->sk, hdev->id,
3793 MGMT_OP_READ_LOCAL_OOB_DATA,
aee9b218 3794 0, &rp, sizeof(rp));
c35938b2
SJ		 3795 }
3796
3797 mgmt_pending_remove(cmd);
3798
3799 return err;
3800}
e17acd40 3801
06199cf8
JH		 3802int mgmt_le_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
3803{
3804 struct cmd_lookup match = { NULL, hdev };
3805 bool changed = false;
3806 int err = 0;
3807
3808 if (status) {
3809 u8 mgmt_err = mgmt_status(status);
3810
3811 if (enable && test_and_clear_bit(HCI_LE_ENABLED,
3812 &hdev->dev_flags))
3813 err = new_settings(hdev, NULL);
3814
3815 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev,
3816 cmd_status_rsp, &mgmt_err);
3817
3818 return err;
3819 }
3820
3821 if (enable) {
3822 if (!test_and_set_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3823 changed = true;
3824 } else {
3825 if (test_and_clear_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3826 changed = true;
3827 }
3828
3829 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, settings_rsp, &match);
3830
3831 if (changed)
3832 err = new_settings(hdev, match.sk);
3833
3834 if (match.sk)
3835 sock_put(match.sk);
3836
3837 return err;
3838}
3839
48264f06 3840int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
561aafbc 3841 u8 addr_type, u8 *dev_class, s8 rssi,
388fc8fa 3842 u8 cfm_name, u8 ssp, u8 *eir, u16 eir_len)
e17acd40 3843{
e319d2e7
JH		 3844 char buf[512];
3845 struct mgmt_ev_device_found *ev = (void *) buf;
1dc06093 3846 size_t ev_size;
e17acd40 3847
1dc06093
JH		 3848 /* Leave 5 bytes for a potential CoD field */
3849 if (sizeof(*ev) + eir_len + 5 > sizeof(buf))
7d262f86
AG		 3850 return -EINVAL;
3851
1dc06093
JH		 3852 memset(buf, 0, sizeof(buf));
3853
e319d2e7
JH		 3854 bacpy(&ev->addr.bdaddr, bdaddr);
3855 ev->addr.type = link_to_mgmt(link_type, addr_type);
3856 ev->rssi = rssi;
9a395a80
JH		 3857 if (cfm_name)
3858 ev->flags[0] |= MGMT_DEV_FOUND_CONFIRM_NAME;
388fc8fa
JH		 3859 if (!ssp)
3860 ev->flags[0] |= MGMT_DEV_FOUND_LEGACY_PAIRING;
e17acd40 3861
1dc06093 3862 if (eir_len > 0)
e319d2e7 3863 memcpy(ev->eir, eir, eir_len);
e17acd40 3864
1dc06093
JH		 3865 if (dev_class && !eir_has_data_type(ev->eir, eir_len, EIR_CLASS_OF_DEV))
3866 eir_len = eir_append_data(ev->eir, eir_len, EIR_CLASS_OF_DEV,
3867 dev_class, 3);
3868
3869 put_unaligned_le16(eir_len, &ev->eir_len);
3870
3871 ev_size = sizeof(*ev) + eir_len;
f8523598 3872
e319d2e7 3873 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, ev_size, NULL);
e17acd40 3874}
a88a9652 3875
b644ba33
JH		 3876int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
3877 u8 addr_type, s8 rssi, u8 *name, u8 name_len)
a88a9652 3878{
b644ba33
JH		 3879 struct mgmt_ev_device_found *ev;
3880 char buf[sizeof(*ev) + HCI_MAX_NAME_LENGTH + 2];
3881 u16 eir_len;
a88a9652 3882
b644ba33 3883 ev = (struct mgmt_ev_device_found *) buf;
a88a9652 3884
b644ba33
JH		 3885 memset(buf, 0, sizeof(buf));
3886
3887 bacpy(&ev->addr.bdaddr, bdaddr);
3888 ev->addr.type = link_to_mgmt(link_type, addr_type);
3889 ev->rssi = rssi;
3890
3891 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name,
3892 name_len);
3893
3894 put_unaligned_le16(eir_len, &ev->eir_len);
a88a9652 3895
053c7e0c
JH		 3896 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev,
3897 sizeof(*ev) + eir_len, NULL);
a88a9652 3898}
314b2381 3899
7a135109 3900int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
164a6e78
JH		 3901{
3902 struct pending_cmd *cmd;
f808e166 3903 u8 type;
164a6e78
JH		 3904 int err;
3905
203159d4
AG		 3906 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3907
2e58ef3e 3908 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78
JH		 3909 if (!cmd)
3910 return -ENOENT;
3911
f808e166
JH		 3912 type = hdev->discovery.type;
3913
3914 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
3915 &type, sizeof(type));
164a6e78
JH		 3916 mgmt_pending_remove(cmd);
3917
3918 return err;
3919}
3920
e6d465cb
AG		 3921int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
3922{
3923 struct pending_cmd *cmd;
3924 int err;
3925
3926 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
3927 if (!cmd)
3928 return -ENOENT;
3929
d930650b
JH		 3930 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
3931 &hdev->discovery.type,
3932 sizeof(hdev->discovery.type));
164a6e78
JH		 3933 mgmt_pending_remove(cmd);
3934
3935 return err;
3936}
3937
744cf19e 3938int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
314b2381 3939{
f963e8e9 3940 struct mgmt_ev_discovering ev;
164a6e78
JH		 3941 struct pending_cmd *cmd;
3942
343fb145
AG		 3943 BT_DBG("%s discovering %u", hdev->name, discovering);
3944
164a6e78 3945 if (discovering)
2e58ef3e 3946 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78 3947 else
2e58ef3e 3948 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
164a6e78
JH		 3949
3950 if (cmd != NULL) {
f808e166
JH		 3951 u8 type = hdev->discovery.type;
3952
d930650b 3953 cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0,
f808e166 3954 &type, sizeof(type));
164a6e78
JH		 3955 mgmt_pending_remove(cmd);
3956 }
3957
f963e8e9
JH		 3958 memset(&ev, 0, sizeof(ev));
3959 ev.type = hdev->discovery.type;
3960 ev.discovering = discovering;
3961
3962 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &ev, sizeof(ev), NULL);
314b2381 3963}
5e762444 3964
88c1fe4b 3965int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3966{
3967 struct pending_cmd *cmd;
3968 struct mgmt_ev_device_blocked ev;
3969
2e58ef3e 3970 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
5e762444 3971
88c1fe4b
JH		 3972 bacpy(&ev.addr.bdaddr, bdaddr);
3973 ev.addr.type = type;
5e762444 3974
744cf19e
JH		 3975 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
3976 cmd ? cmd->sk : NULL);
5e762444
AJ		 3977}
3978
88c1fe4b 3979int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3980{
3981 struct pending_cmd *cmd;
3982 struct mgmt_ev_device_unblocked ev;
3983
2e58ef3e 3984 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
5e762444 3985
88c1fe4b
JH		 3986 bacpy(&ev.addr.bdaddr, bdaddr);
3987 ev.addr.type = type;
5e762444 3988
744cf19e
JH		 3989 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
3990 cmd ? cmd->sk : NULL);
5e762444 3991}
d7b7e796
MH		 3992
3993module_param(enable_hs, bool, 0644);
3994MODULE_PARM_DESC(enable_hs, "Enable High Speed support");
3995
3996module_param(enable_le, bool, 0644);
3997MODULE_PARM_DESC(enable_le, "Enable Low Energy support");
Linux kernel - Deliverables
This page took 0.455041 seconds and 5 git commands to generate.