projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: mgmt: Fix some code style and indentation issues
[deliverable/linux.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
ea585ab5 3
0381101f 4 Copyright (C) 2010 Nokia Corporation
ea585ab5 5 Copyright (C) 2011-2012 Intel Corporation
0381101f
JH		 6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI Management interface */
26
ca69b795 27#include <linux/kernel.h>
72359753 28#include <linux/uaccess.h>
3a9a231d 29#include <linux/module.h>
0381101f
JH		 30#include <asm/unaligned.h>
31
32#include <net/bluetooth/bluetooth.h>
33#include <net/bluetooth/hci_core.h>
34#include <net/bluetooth/mgmt.h>
5fe57d9e 35#include <net/bluetooth/smp.h>
0381101f 36
d7b7e796
MH		 37bool enable_hs;
38bool enable_le;
39
2da9c55c
JH		 40#define MGMT_VERSION 1
41#define MGMT_REVISION 0
02d98129 42
e70bb2e8
JH		 43static const u16 mgmt_commands[] = {
44 MGMT_OP_READ_INDEX_LIST,
45 MGMT_OP_READ_INFO,
46 MGMT_OP_SET_POWERED,
47 MGMT_OP_SET_DISCOVERABLE,
48 MGMT_OP_SET_CONNECTABLE,
49 MGMT_OP_SET_FAST_CONNECTABLE,
50 MGMT_OP_SET_PAIRABLE,
51 MGMT_OP_SET_LINK_SECURITY,
52 MGMT_OP_SET_SSP,
53 MGMT_OP_SET_HS,
54 MGMT_OP_SET_LE,
55 MGMT_OP_SET_DEV_CLASS,
56 MGMT_OP_SET_LOCAL_NAME,
57 MGMT_OP_ADD_UUID,
58 MGMT_OP_REMOVE_UUID,
59 MGMT_OP_LOAD_LINK_KEYS,
60 MGMT_OP_LOAD_LONG_TERM_KEYS,
61 MGMT_OP_DISCONNECT,
62 MGMT_OP_GET_CONNECTIONS,
63 MGMT_OP_PIN_CODE_REPLY,
64 MGMT_OP_PIN_CODE_NEG_REPLY,
65 MGMT_OP_SET_IO_CAPABILITY,
66 MGMT_OP_PAIR_DEVICE,
67 MGMT_OP_CANCEL_PAIR_DEVICE,
68 MGMT_OP_UNPAIR_DEVICE,
69 MGMT_OP_USER_CONFIRM_REPLY,
70 MGMT_OP_USER_CONFIRM_NEG_REPLY,
71 MGMT_OP_USER_PASSKEY_REPLY,
72 MGMT_OP_USER_PASSKEY_NEG_REPLY,
73 MGMT_OP_READ_LOCAL_OOB_DATA,
74 MGMT_OP_ADD_REMOTE_OOB_DATA,
75 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
76 MGMT_OP_START_DISCOVERY,
77 MGMT_OP_STOP_DISCOVERY,
78 MGMT_OP_CONFIRM_NAME,
79 MGMT_OP_BLOCK_DEVICE,
80 MGMT_OP_UNBLOCK_DEVICE,
cdbaccca 81 MGMT_OP_SET_DEVICE_ID,
e70bb2e8
JH		 82};
83
84static const u16 mgmt_events[] = {
85 MGMT_EV_CONTROLLER_ERROR,
86 MGMT_EV_INDEX_ADDED,
87 MGMT_EV_INDEX_REMOVED,
88 MGMT_EV_NEW_SETTINGS,
89 MGMT_EV_CLASS_OF_DEV_CHANGED,
90 MGMT_EV_LOCAL_NAME_CHANGED,
91 MGMT_EV_NEW_LINK_KEY,
92 MGMT_EV_NEW_LONG_TERM_KEY,
93 MGMT_EV_DEVICE_CONNECTED,
94 MGMT_EV_DEVICE_DISCONNECTED,
95 MGMT_EV_CONNECT_FAILED,
96 MGMT_EV_PIN_CODE_REQUEST,
97 MGMT_EV_USER_CONFIRM_REQUEST,
98 MGMT_EV_USER_PASSKEY_REQUEST,
99 MGMT_EV_AUTH_FAILED,
100 MGMT_EV_DEVICE_FOUND,
101 MGMT_EV_DISCOVERING,
102 MGMT_EV_DEVICE_BLOCKED,
103 MGMT_EV_DEVICE_UNBLOCKED,
104 MGMT_EV_DEVICE_UNPAIRED,
105};
106
3fd24153
AG		 107/*
108 * These LE scan and inquiry parameters were chosen according to LE General
109 * Discovery Procedure specification.
110 */
111#define LE_SCAN_TYPE 0x01
112#define LE_SCAN_WIN 0x12
113#define LE_SCAN_INT 0x12
114#define LE_SCAN_TIMEOUT_LE_ONLY 10240 /* TGAP(gen_disc_scan_min) */
5e0452c0 115#define LE_SCAN_TIMEOUT_BREDR_LE 5120 /* TGAP(100)/2 */
3fd24153 116
e8777525 117#define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
5e0452c0 118#define INQUIRY_LEN_BREDR_LE 0x04 /* TGAP(100)/2 */
2519a1fc 119
17b02e62 120#define CACHE_TIMEOUT msecs_to_jiffies(2 * 1000)
7d78525d 121
4b34ee78
JH		 122#define hdev_is_powered(hdev) (test_bit(HCI_UP, &hdev->flags) && \
123 !test_bit(HCI_AUTO_OFF, &hdev->dev_flags))
124
eec8d2bc
JH		 125struct pending_cmd {
126 struct list_head list;
fc2f4b13 127 u16 opcode;
eec8d2bc 128 int index;
c68fb7ff 129 void *param;
eec8d2bc 130 struct sock *sk;
e9a416b5 131 void *user_data;
eec8d2bc
JH		 132};
133
ca69b795
JH		 134/* HCI to MGMT error code conversion table */
135static u8 mgmt_status_table[] = {
136 MGMT_STATUS_SUCCESS,
137 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
138 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
139 MGMT_STATUS_FAILED, /* Hardware Failure */
140 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
141 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
142 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
143 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
144 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
145 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
146 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
147 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
148 MGMT_STATUS_BUSY, /* Command Disallowed */
149 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
150 MGMT_STATUS_REJECTED, /* Rejected Security */
151 MGMT_STATUS_REJECTED, /* Rejected Personal */
152 MGMT_STATUS_TIMEOUT, /* Host Timeout */
153 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
154 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
155 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
156 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
157 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
158 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
159 MGMT_STATUS_BUSY, /* Repeated Attempts */
160 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
161 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
162 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
163 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
164 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
165 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
166 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
167 MGMT_STATUS_FAILED, /* Unspecified Error */
168 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
169 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
170 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
171 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
172 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
173 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
174 MGMT_STATUS_FAILED, /* Unit Link Key Used */
175 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
176 MGMT_STATUS_TIMEOUT, /* Instant Passed */
177 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
178 MGMT_STATUS_FAILED, /* Transaction Collision */
179 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
180 MGMT_STATUS_REJECTED, /* QoS Rejected */
181 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
182 MGMT_STATUS_REJECTED, /* Insufficient Security */
183 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
184 MGMT_STATUS_BUSY, /* Role Switch Pending */
185 MGMT_STATUS_FAILED, /* Slot Violation */
186 MGMT_STATUS_FAILED, /* Role Switch Failed */
187 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
188 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
189 MGMT_STATUS_BUSY, /* Host Busy Pairing */
190 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
191 MGMT_STATUS_BUSY, /* Controller Busy */
192 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
193 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
194 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
195 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
196 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
197};
198
199static u8 mgmt_status(u8 hci_status)
200{
201 if (hci_status < ARRAY_SIZE(mgmt_status_table))
202 return mgmt_status_table[hci_status];
203
204 return MGMT_STATUS_FAILED;
205}
206
4e51eae9 207static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 208{
209 struct sk_buff *skb;
210 struct mgmt_hdr *hdr;
211 struct mgmt_ev_cmd_status *ev;
56b7d137 212 int err;
f7b64e69 213
34eb525c 214 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69
JH		 215
216 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
217 if (!skb)
218 return -ENOMEM;
219
220 hdr = (void *) skb_put(skb, sizeof(*hdr));
221
222 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 223 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 224 hdr->len = cpu_to_le16(sizeof(*ev));
225
226 ev = (void *) skb_put(skb, sizeof(*ev));
227 ev->status = status;
eb55ef07 228 ev->opcode = cpu_to_le16(cmd);
f7b64e69 229
56b7d137
GP		 230 err = sock_queue_rcv_skb(sk, skb);
231 if (err < 0)
f7b64e69
JH		 232 kfree_skb(skb);
233
56b7d137 234 return err;
f7b64e69
JH		 235}
236
aee9b218 237static int cmd_complete(struct sock *sk, u16 index, u16 cmd, u8 status,
04124681 238 void *rp, size_t rp_len)
02d98129
JH		 239{
240 struct sk_buff *skb;
241 struct mgmt_hdr *hdr;
242 struct mgmt_ev_cmd_complete *ev;
56b7d137 243 int err;
02d98129
JH		 244
245 BT_DBG("sock %p", sk);
246
a38528f1 247 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
02d98129
JH		 248 if (!skb)
249 return -ENOMEM;
250
251 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 252
a38528f1 253 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 254 hdr->index = cpu_to_le16(index);
a38528f1 255 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 256
a38528f1 257 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
eb55ef07 258 ev->opcode = cpu_to_le16(cmd);
aee9b218 259 ev->status = status;
8020c16a
SJ		 260
261 if (rp)
262 memcpy(ev->data, rp, rp_len);
02d98129 263
56b7d137
GP		 264 err = sock_queue_rcv_skb(sk, skb);
265 if (err < 0)
02d98129
JH		 266 kfree_skb(skb);
267
e5f0e151 268 return err;
02d98129
JH		 269}
270
04124681
GP		 271static int read_version(struct sock *sk, struct hci_dev *hdev, void *data,
272 u16 data_len)
a38528f1
JH		 273{
274 struct mgmt_rp_read_version rp;
275
276 BT_DBG("sock %p", sk);
277
278 rp.version = MGMT_VERSION;
eb55ef07 279 rp.revision = __constant_cpu_to_le16(MGMT_REVISION);
a38528f1 280
aee9b218 281 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, 0, &rp,
04124681 282 sizeof(rp));
a38528f1
JH		 283}
284
04124681
GP		 285static int read_commands(struct sock *sk, struct hci_dev *hdev, void *data,
286 u16 data_len)
e70bb2e8
JH		 287{
288 struct mgmt_rp_read_commands *rp;
eb55ef07
MH		 289 const u16 num_commands = ARRAY_SIZE(mgmt_commands);
290 const u16 num_events = ARRAY_SIZE(mgmt_events);
2e3c35ea 291 __le16 *opcode;
e70bb2e8
JH		 292 size_t rp_size;
293 int i, err;
294
295 BT_DBG("sock %p", sk);
296
297 rp_size = sizeof(*rp) + ((num_commands + num_events) * sizeof(u16));
298
299 rp = kmalloc(rp_size, GFP_KERNEL);
300 if (!rp)
301 return -ENOMEM;
302
eb55ef07
MH		 303 rp->num_commands = __constant_cpu_to_le16(num_commands);
304 rp->num_events = __constant_cpu_to_le16(num_events);
e70bb2e8
JH		 305
306 for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++)
307 put_unaligned_le16(mgmt_commands[i], opcode);
308
309 for (i = 0; i < num_events; i++, opcode++)
310 put_unaligned_le16(mgmt_events[i], opcode);
311
aee9b218 312 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0, rp,
04124681 313 rp_size);
e70bb2e8
JH		 314 kfree(rp);
315
316 return err;
317}
318
04124681
GP		 319static int read_index_list(struct sock *sk, struct hci_dev *hdev, void *data,
320 u16 data_len)
faba42eb 321{
faba42eb
JH		 322 struct mgmt_rp_read_index_list *rp;
323 struct list_head *p;
8035ded4 324 struct hci_dev *d;
a38528f1 325 size_t rp_len;
faba42eb 326 u16 count;
a38528f1 327 int i, err;
faba42eb
JH		 328
329 BT_DBG("sock %p", sk);
330
331 read_lock(&hci_dev_list_lock);
332
333 count = 0;
334 list_for_each(p, &hci_dev_list) {
335 count++;
336 }
337
a38528f1
JH		 338 rp_len = sizeof(*rp) + (2 * count);
339 rp = kmalloc(rp_len, GFP_ATOMIC);
340 if (!rp) {
b2c60d42 341 read_unlock(&hci_dev_list_lock);
faba42eb 342 return -ENOMEM;
b2c60d42 343 }
faba42eb 344
eb55ef07 345 rp->num_controllers = cpu_to_le16(count);
faba42eb
JH		 346
347 i = 0;
8035ded4 348 list_for_each_entry(d, &hci_dev_list, list) {
a8b2d5c2 349 if (test_bit(HCI_SETUP, &d->dev_flags))
ab81cbf9
JH		 350 continue;
351
eb55ef07 352 rp->index[i++] = cpu_to_le16(d->id);
faba42eb
JH		 353 BT_DBG("Added hci%u", d->id);
354 }
355
356 read_unlock(&hci_dev_list_lock);
357
aee9b218 358 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, 0, rp,
04124681 359 rp_len);
faba42eb 360
a38528f1
JH		 361 kfree(rp);
362
363 return err;
faba42eb
JH		 364}
365
69ab39ea
JH		 366static u32 get_supported_settings(struct hci_dev *hdev)
367{
368 u32 settings = 0;
369
370 settings |= MGMT_SETTING_POWERED;
371 settings |= MGMT_SETTING_CONNECTABLE;
372 settings |= MGMT_SETTING_FAST_CONNECTABLE;
373 settings |= MGMT_SETTING_DISCOVERABLE;
374 settings |= MGMT_SETTING_PAIRABLE;
375
376 if (hdev->features[6] & LMP_SIMPLE_PAIR)
377 settings |= MGMT_SETTING_SSP;
378
379 if (!(hdev->features[4] & LMP_NO_BREDR)) {
380 settings |= MGMT_SETTING_BREDR;
381 settings |= MGMT_SETTING_LINK_SECURITY;
382 }
383
d7b7e796
MH		 384 if (enable_hs)
385 settings |= MGMT_SETTING_HS;
386
387 if (enable_le) {
388 if (hdev->features[4] & LMP_LE)
389 settings |= MGMT_SETTING_LE;
390 }
69ab39ea
JH		 391
392 return settings;
393}
394
395static u32 get_current_settings(struct hci_dev *hdev)
396{
397 u32 settings = 0;
398
f1f0eb02 399 if (hdev_is_powered(hdev))
f0d4b78a
MH		 400 settings |= MGMT_SETTING_POWERED;
401
5e5282bb 402 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
69ab39ea
JH		 403 settings |= MGMT_SETTING_CONNECTABLE;
404
5e5282bb 405 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
69ab39ea
JH		 406 settings |= MGMT_SETTING_DISCOVERABLE;
407
a8b2d5c2 408 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags))
69ab39ea
JH		 409 settings |= MGMT_SETTING_PAIRABLE;
410
411 if (!(hdev->features[4] & LMP_NO_BREDR))
412 settings |= MGMT_SETTING_BREDR;
413
06199cf8 414 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 415 settings |= MGMT_SETTING_LE;
416
47990ea0 417 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
69ab39ea
JH		 418 settings |= MGMT_SETTING_LINK_SECURITY;
419
84bde9d6 420 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 421 settings |= MGMT_SETTING_SSP;
422
6d80dfd0
JH		 423 if (test_bit(HCI_HS_ENABLED, &hdev->dev_flags))
424 settings |= MGMT_SETTING_HS;
425
69ab39ea
JH		 426 return settings;
427}
428
ef580372
JH		 429#define PNP_INFO_SVCLASS_ID 0x1200
430
431static u8 bluetooth_base_uuid[] = {
432 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
433 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
434};
435
436static u16 get_uuid16(u8 *uuid128)
437{
438 u32 val;
439 int i;
440
441 for (i = 0; i < 12; i++) {
442 if (bluetooth_base_uuid[i] != uuid128[i])
443 return 0;
444 }
445
446 memcpy(&val, &uuid128[12], 4);
447
448 val = le32_to_cpu(val);
449 if (val > 0xffff)
450 return 0;
451
452 return (u16) val;
453}
454
455static void create_eir(struct hci_dev *hdev, u8 *data)
456{
457 u8 *ptr = data;
458 u16 eir_len = 0;
459 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
460 int i, truncated = 0;
461 struct bt_uuid *uuid;
462 size_t name_len;
463
464 name_len = strlen(hdev->dev_name);
465
466 if (name_len > 0) {
467 /* EIR Data type */
468 if (name_len > 48) {
469 name_len = 48;
470 ptr[1] = EIR_NAME_SHORT;
471 } else
472 ptr[1] = EIR_NAME_COMPLETE;
473
474 /* EIR Data length */
475 ptr[0] = name_len + 1;
476
477 memcpy(ptr + 2, hdev->dev_name, name_len);
478
479 eir_len += (name_len + 2);
480 ptr += (name_len + 2);
481 }
482
91c4e9b1
MH		 483 if (hdev->inq_tx_power) {
484 ptr[0] = 2;
485 ptr[1] = EIR_TX_POWER;
486 ptr[2] = (u8) hdev->inq_tx_power;
487
488 eir_len += 3;
489 ptr += 3;
490 }
491
2b9be137
MH		 492 if (hdev->devid_source > 0) {
493 ptr[0] = 9;
494 ptr[1] = EIR_DEVICE_ID;
495
496 put_unaligned_le16(hdev->devid_source, ptr + 2);
497 put_unaligned_le16(hdev->devid_vendor, ptr + 4);
498 put_unaligned_le16(hdev->devid_product, ptr + 6);
499 put_unaligned_le16(hdev->devid_version, ptr + 8);
500
501 eir_len += 10;
502 ptr += 10;
503 }
504
ef580372
JH		 505 memset(uuid16_list, 0, sizeof(uuid16_list));
506
507 /* Group all UUID16 types */
508 list_for_each_entry(uuid, &hdev->uuids, list) {
509 u16 uuid16;
510
511 uuid16 = get_uuid16(uuid->uuid);
512 if (uuid16 == 0)
513 return;
514
515 if (uuid16 < 0x1100)
516 continue;
517
518 if (uuid16 == PNP_INFO_SVCLASS_ID)
519 continue;
520
521 /* Stop if not enough space to put next UUID */
522 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
523 truncated = 1;
524 break;
525 }
526
527 /* Check for duplicates */
528 for (i = 0; uuid16_list[i] != 0; i++)
529 if (uuid16_list[i] == uuid16)
530 break;
531
532 if (uuid16_list[i] == 0) {
533 uuid16_list[i] = uuid16;
534 eir_len += sizeof(u16);
535 }
536 }
537
538 if (uuid16_list[0] != 0) {
539 u8 *length = ptr;
540
541 /* EIR Data type */
542 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
543
544 ptr += 2;
545 eir_len += 2;
546
547 for (i = 0; uuid16_list[i] != 0; i++) {
548 *ptr++ = (uuid16_list[i] & 0x00ff);
549 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
550 }
551
552 /* EIR Data length */
553 *length = (i * sizeof(u16)) + 1;
554 }
555}
556
557static int update_eir(struct hci_dev *hdev)
558{
559 struct hci_cp_write_eir cp;
560
504c8dcd 561 if (!hdev_is_powered(hdev))
7770c4aa
JH		 562 return 0;
563
ef580372
JH		 564 if (!(hdev->features[6] & LMP_EXT_INQ))
565 return 0;
566
84bde9d6 567 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
ef580372
JH		 568 return 0;
569
a8b2d5c2 570 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 571 return 0;
572
573 memset(&cp, 0, sizeof(cp));
574
575 create_eir(hdev, cp.data);
576
577 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
578 return 0;
579
580 memcpy(hdev->eir, cp.data, sizeof(cp.data));
581
582 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
583}
584
585static u8 get_service_classes(struct hci_dev *hdev)
586{
587 struct bt_uuid *uuid;
588 u8 val = 0;
589
590 list_for_each_entry(uuid, &hdev->uuids, list)
591 val |= uuid->svc_hint;
592
593 return val;
594}
595
596static int update_class(struct hci_dev *hdev)
597{
598 u8 cod[3];
c95f0ba7 599 int err;
ef580372
JH		 600
601 BT_DBG("%s", hdev->name);
602
504c8dcd 603 if (!hdev_is_powered(hdev))
7770c4aa
JH		 604 return 0;
605
a8b2d5c2 606 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 607 return 0;
608
609 cod[0] = hdev->minor_class;
610 cod[1] = hdev->major_class;
611 cod[2] = get_service_classes(hdev);
612
613 if (memcmp(cod, hdev->dev_class, 3) == 0)
614 return 0;
615
c95f0ba7
JH		 616 err = hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
617 if (err == 0)
618 set_bit(HCI_PENDING_CLASS, &hdev->dev_flags);
619
620 return err;
ef580372
JH		 621}
622
7d78525d
JH		 623static void service_cache_off(struct work_struct *work)
624{
625 struct hci_dev *hdev = container_of(work, struct hci_dev,
04124681 626 service_cache.work);
7d78525d 627
a8b2d5c2 628 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 629 return;
630
631 hci_dev_lock(hdev);
632
633 update_eir(hdev);
634 update_class(hdev);
635
636 hci_dev_unlock(hdev);
637}
638
6a919082 639static void mgmt_init_hdev(struct sock *sk, struct hci_dev *hdev)
7d78525d 640{
4f87da80 641 if (test_and_set_bit(HCI_MGMT, &hdev->dev_flags))
6a919082
JH		 642 return;
643
4f87da80 644 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
7d78525d 645
4f87da80
JH		 646 /* Non-mgmt controlled devices get this bit set
647 * implicitly so that pairing works for them, however
648 * for mgmt we require user-space to explicitly enable
649 * it
650 */
651 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
7d78525d
JH		 652}
653
0f4e68cf 654static int read_controller_info(struct sock *sk, struct hci_dev *hdev,
04124681 655 void *data, u16 data_len)
0381101f 656{
a38528f1 657 struct mgmt_rp_read_info rp;
f7b64e69 658
bdb6d971 659 BT_DBG("sock %p %s", sk, hdev->name);
f7b64e69 660
09fd0de5 661 hci_dev_lock(hdev);
f7b64e69 662
dc4fe30b
JH		 663 memset(&rp, 0, sizeof(rp));
664
69ab39ea 665 bacpy(&rp.bdaddr, &hdev->bdaddr);
f7b64e69 666
69ab39ea 667 rp.version = hdev->hci_ver;
eb55ef07 668 rp.manufacturer = cpu_to_le16(hdev->manufacturer);
69ab39ea
JH		 669
670 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
671 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
f7b64e69 672
a38528f1 673 memcpy(rp.dev_class, hdev->dev_class, 3);
f7b64e69 674
dc4fe30b 675 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
27fcc362 676 memcpy(rp.short_name, hdev->short_name, sizeof(hdev->short_name));
dc4fe30b 677
09fd0de5 678 hci_dev_unlock(hdev);
0381101f 679
bdb6d971 680 return cmd_complete(sk, hdev->id, MGMT_OP_READ_INFO, 0, &rp,
04124681 681 sizeof(rp));
0381101f
JH		 682}
683
eec8d2bc
JH		 684static void mgmt_pending_free(struct pending_cmd *cmd)
685{
686 sock_put(cmd->sk);
c68fb7ff 687 kfree(cmd->param);
eec8d2bc
JH		 688 kfree(cmd);
689}
690
366a0336 691static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
04124681
GP		 692 struct hci_dev *hdev, void *data,
693 u16 len)
eec8d2bc
JH		 694{
695 struct pending_cmd *cmd;
696
697 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
698 if (!cmd)
366a0336 699 return NULL;
eec8d2bc
JH		 700
701 cmd->opcode = opcode;
2e58ef3e 702 cmd->index = hdev->id;
eec8d2bc 703
c68fb7ff
SJ		 704 cmd->param = kmalloc(len, GFP_ATOMIC);
705 if (!cmd->param) {
eec8d2bc 706 kfree(cmd);
366a0336 707 return NULL;
eec8d2bc
JH		 708 }
709
8fce6357
SJ		 710 if (data)
711 memcpy(cmd->param, data, len);
eec8d2bc
JH		 712
713 cmd->sk = sk;
714 sock_hold(sk);
715
2e58ef3e 716 list_add(&cmd->list, &hdev->mgmt_pending);
eec8d2bc 717
366a0336 718 return cmd;
eec8d2bc
JH		 719}
720
744cf19e 721static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
04124681
GP		 722 void (*cb)(struct pending_cmd *cmd, void *data),
723 void *data)
eec8d2bc
JH		 724{
725 struct list_head *p, *n;
726
2e58ef3e 727 list_for_each_safe(p, n, &hdev->mgmt_pending) {
eec8d2bc
JH		 728 struct pending_cmd *cmd;
729
730 cmd = list_entry(p, struct pending_cmd, list);
731
b24752fe 732 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 733 continue;
734
eec8d2bc
JH		 735 cb(cmd, data);
736 }
737}
738
2e58ef3e 739static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
eec8d2bc 740{
8035ded4 741 struct pending_cmd *cmd;
eec8d2bc 742
2e58ef3e 743 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
2aeabcbe
JH		 744 if (cmd->opcode == opcode)
745 return cmd;
eec8d2bc
JH		 746 }
747
748 return NULL;
749}
750
a664b5bc 751static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 752{
73f22f62
JH		 753 list_del(&cmd->list);
754 mgmt_pending_free(cmd);
755}
756
69ab39ea 757static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
8680570b 758{
69ab39ea 759 __le32 settings = cpu_to_le32(get_current_settings(hdev));
8680570b 760
aee9b218 761 return cmd_complete(sk, hdev->id, opcode, 0, &settings,
04124681 762 sizeof(settings));
8680570b
JH		 763}
764
bdb6d971 765static int set_powered(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 766 u16 len)
eec8d2bc 767{
650f726d 768 struct mgmt_mode *cp = data;
366a0336 769 struct pending_cmd *cmd;
4b34ee78 770 int err;
eec8d2bc 771
bdb6d971 772 BT_DBG("request for %s", hdev->name);
eec8d2bc 773
09fd0de5 774 hci_dev_lock(hdev);
eec8d2bc 775
f0d4b78a
MH		 776 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) {
777 cancel_delayed_work(&hdev->power_off);
778
779 if (cp->val) {
780 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
781 mgmt_powered(hdev, 1);
782 goto failed;
783 }
784 }
785
4b34ee78 786 if (!!cp->val == hdev_is_powered(hdev)) {
69ab39ea 787 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
eec8d2bc
JH		 788 goto failed;
789 }
790
2e58ef3e 791 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
bdb6d971 792 err = cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
04124681 793 MGMT_STATUS_BUSY);
eec8d2bc
JH		 794 goto failed;
795 }
796
2e58ef3e 797 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
366a0336
JH		 798 if (!cmd) {
799 err = -ENOMEM;
eec8d2bc 800 goto failed;
366a0336 801 }
eec8d2bc 802
72a734ec 803 if (cp->val)
7f971041 804 schedule_work(&hdev->power_on);
eec8d2bc 805 else
80b7ab33 806 schedule_work(&hdev->power_off.work);
eec8d2bc 807
366a0336 808 err = 0;
eec8d2bc
JH		 809
810failed:
09fd0de5 811 hci_dev_unlock(hdev);
366a0336 812 return err;
eec8d2bc
JH		 813}
814
04124681
GP		 815static int mgmt_event(u16 event, struct hci_dev *hdev, void *data, u16 data_len,
816 struct sock *skip_sk)
beadb2bd
JH		 817{
818 struct sk_buff *skb;
819 struct mgmt_hdr *hdr;
820
821 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
822 if (!skb)
823 return -ENOMEM;
824
825 hdr = (void *) skb_put(skb, sizeof(*hdr));
826 hdr->opcode = cpu_to_le16(event);
827 if (hdev)
828 hdr->index = cpu_to_le16(hdev->id);
829 else
830 hdr->index = cpu_to_le16(MGMT_INDEX_NONE);
831 hdr->len = cpu_to_le16(data_len);
832
833 if (data)
834 memcpy(skb_put(skb, data_len), data, data_len);
835
97e0bdeb
MH		 836 /* Time stamp */
837 __net_timestamp(skb);
838
beadb2bd
JH		 839 hci_send_to_control(skb, skip_sk);
840 kfree_skb(skb);
841
842 return 0;
843}
844
845static int new_settings(struct hci_dev *hdev, struct sock *skip)
846{
847 __le32 ev;
848
849 ev = cpu_to_le32(get_current_settings(hdev));
850
851 return mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), skip);
852}
853
bdb6d971 854static int set_discoverable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 855 u16 len)
73f22f62 856{
650f726d 857 struct mgmt_cp_set_discoverable *cp = data;
366a0336 858 struct pending_cmd *cmd;
5e5282bb 859 u16 timeout;
73f22f62
JH		 860 u8 scan;
861 int err;
862
bdb6d971 863 BT_DBG("request for %s", hdev->name);
73f22f62 864
1f350c87 865 timeout = __le16_to_cpu(cp->timeout);
24c54a90 866 if (!cp->val && timeout > 0)
bdb6d971 867 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 868 MGMT_STATUS_INVALID_PARAMS);
73f22f62 869
09fd0de5 870 hci_dev_lock(hdev);
73f22f62 871
5e5282bb 872 if (!hdev_is_powered(hdev) && timeout > 0) {
bdb6d971 873 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 874 MGMT_STATUS_NOT_POWERED);
73f22f62
JH		 875 goto failed;
876 }
877
2e58ef3e
JH		 878 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
879 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 880 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 881 MGMT_STATUS_BUSY);
73f22f62
JH		 882 goto failed;
883 }
884
5e5282bb 885 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) {
bdb6d971 886 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 887 MGMT_STATUS_REJECTED);
5e5282bb
JH		 888 goto failed;
889 }
890
891 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 892 bool changed = false;
893
894 if (!!cp->val != test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
895 change_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
896 changed = true;
897 }
898
5e5282bb 899 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
0224d2fa
JH		 900 if (err < 0)
901 goto failed;
902
903 if (changed)
904 err = new_settings(hdev, sk);
905
5e5282bb
JH		 906 goto failed;
907 }
908
909 if (!!cp->val == test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
955638ec
MH		 910 if (hdev->discov_timeout > 0) {
911 cancel_delayed_work(&hdev->discov_off);
912 hdev->discov_timeout = 0;
913 }
914
915 if (cp->val && timeout > 0) {
916 hdev->discov_timeout = timeout;
917 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
918 msecs_to_jiffies(hdev->discov_timeout * 1000));
919 }
920
69ab39ea 921 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
73f22f62
JH		 922 goto failed;
923 }
924
2e58ef3e 925 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
366a0336
JH		 926 if (!cmd) {
927 err = -ENOMEM;
73f22f62 928 goto failed;
366a0336 929 }
73f22f62
JH		 930
931 scan = SCAN_PAGE;
932
72a734ec 933 if (cp->val)
73f22f62 934 scan |= SCAN_INQUIRY;
16ab91ab 935 else
e0f9309f 936 cancel_delayed_work(&hdev->discov_off);
73f22f62
JH		 937
938 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
939 if (err < 0)
a664b5bc 940 mgmt_pending_remove(cmd);
73f22f62 941
16ab91ab 942 if (cp->val)
5e5282bb 943 hdev->discov_timeout = timeout;
16ab91ab 944
73f22f62 945failed:
09fd0de5 946 hci_dev_unlock(hdev);
73f22f62
JH		 947 return err;
948}
949
bdb6d971 950static int set_connectable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 951 u16 len)
9fbcbb45 952{
650f726d 953 struct mgmt_mode *cp = data;
366a0336 954 struct pending_cmd *cmd;
9fbcbb45
JH		 955 u8 scan;
956 int err;
957
bdb6d971 958 BT_DBG("request for %s", hdev->name);
9fbcbb45 959
09fd0de5 960 hci_dev_lock(hdev);
9fbcbb45 961
4b34ee78 962 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 963 bool changed = false;
964
965 if (!!cp->val != test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
966 changed = true;
967
6bf0e469 968 if (cp->val) {
5e5282bb 969 set_bit(HCI_CONNECTABLE, &hdev->dev_flags);
6bf0e469 970 } else {
5e5282bb
JH		 971 clear_bit(HCI_CONNECTABLE, &hdev->dev_flags);
972 clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
973 }
0224d2fa 974
5e5282bb 975 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
0224d2fa
JH		 976 if (err < 0)
977 goto failed;
978
979 if (changed)
980 err = new_settings(hdev, sk);
981
9fbcbb45
JH		 982 goto failed;
983 }
984
2e58ef3e
JH		 985 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
986 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 987 err = cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
04124681 988 MGMT_STATUS_BUSY);
9fbcbb45
JH		 989 goto failed;
990 }
991
5e5282bb 992 if (!!cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
69ab39ea 993 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
9fbcbb45
JH		 994 goto failed;
995 }
996
2e58ef3e 997 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
366a0336
JH		 998 if (!cmd) {
999 err = -ENOMEM;
9fbcbb45 1000 goto failed;
366a0336 1001 }
9fbcbb45 1002
6bf0e469 1003 if (cp->val) {
9fbcbb45 1004 scan = SCAN_PAGE;
6bf0e469 1005 } else {
9fbcbb45
JH		 1006 scan = 0;
1007
df2c6c5e
JH		 1008 if (test_bit(HCI_ISCAN, &hdev->flags) &&
1009 hdev->discov_timeout > 0)
1010 cancel_delayed_work(&hdev->discov_off);
1011 }
1012
9fbcbb45
JH		 1013 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1014 if (err < 0)
a664b5bc 1015 mgmt_pending_remove(cmd);
9fbcbb45
JH		 1016
1017failed:
09fd0de5 1018 hci_dev_unlock(hdev);
9fbcbb45
JH		 1019 return err;
1020}
1021
bdb6d971 1022static int set_pairable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1023 u16 len)
c542a06c 1024{
650f726d 1025 struct mgmt_mode *cp = data;
c542a06c
JH		 1026 int err;
1027
bdb6d971 1028 BT_DBG("request for %s", hdev->name);
c542a06c 1029
09fd0de5 1030 hci_dev_lock(hdev);
c542a06c
JH		 1031
1032 if (cp->val)
a8b2d5c2 1033 set_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1034 else
a8b2d5c2 1035 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1036
69ab39ea 1037 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
c542a06c
JH		 1038 if (err < 0)
1039 goto failed;
1040
beadb2bd 1041 err = new_settings(hdev, sk);
c542a06c
JH		 1042
1043failed:
09fd0de5 1044 hci_dev_unlock(hdev);
c542a06c
JH		 1045 return err;
1046}
1047
04124681
GP		 1048static int set_link_security(struct sock *sk, struct hci_dev *hdev, void *data,
1049 u16 len)
33ef95ed
JH		 1050{
1051 struct mgmt_mode *cp = data;
1052 struct pending_cmd *cmd;
816a11d5 1053 u8 val;
33ef95ed
JH		 1054 int err;
1055
bdb6d971 1056 BT_DBG("request for %s", hdev->name);
33ef95ed 1057
33ef95ed
JH		 1058 hci_dev_lock(hdev);
1059
4b34ee78 1060 if (!hdev_is_powered(hdev)) {
47990ea0
JH		 1061 bool changed = false;
1062
1063 if (!!cp->val != test_bit(HCI_LINK_SECURITY,
1064 &hdev->dev_flags)) {
1065 change_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
1066 changed = true;
1067 }
1068
1069 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1070 if (err < 0)
1071 goto failed;
1072
1073 if (changed)
1074 err = new_settings(hdev, sk);
1075
33ef95ed
JH		 1076 goto failed;
1077 }
1078
1079 if (mgmt_pending_find(MGMT_OP_SET_LINK_SECURITY, hdev)) {
bdb6d971 1080 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
04124681 1081 MGMT_STATUS_BUSY);
33ef95ed
JH		 1082 goto failed;
1083 }
1084
1085 val = !!cp->val;
1086
1087 if (test_bit(HCI_AUTH, &hdev->flags) == val) {
1088 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1089 goto failed;
1090 }
1091
1092 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LINK_SECURITY, hdev, data, len);
1093 if (!cmd) {
1094 err = -ENOMEM;
1095 goto failed;
1096 }
1097
1098 err = hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(val), &val);
1099 if (err < 0) {
1100 mgmt_pending_remove(cmd);
1101 goto failed;
1102 }
1103
1104failed:
1105 hci_dev_unlock(hdev);
33ef95ed
JH		 1106 return err;
1107}
1108
bdb6d971 1109static int set_ssp(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
ed2c4ee3
JH		 1110{
1111 struct mgmt_mode *cp = data;
1112 struct pending_cmd *cmd;
816a11d5 1113 u8 val;
ed2c4ee3
JH		 1114 int err;
1115
bdb6d971 1116 BT_DBG("request for %s", hdev->name);
ed2c4ee3 1117
ed2c4ee3
JH		 1118 hci_dev_lock(hdev);
1119
6c8f12c1 1120 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
bdb6d971 1121 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
04124681 1122 MGMT_STATUS_NOT_SUPPORTED);
6c8f12c1
JH		 1123 goto failed;
1124 }
1125
c0ecddc2
JH		 1126 val = !!cp->val;
1127
4b34ee78 1128 if (!hdev_is_powered(hdev)) {
c0ecddc2
JH		 1129 bool changed = false;
1130
1131 if (val != test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
1132 change_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
1133 changed = true;
1134 }
1135
1136 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1137 if (err < 0)
1138 goto failed;
1139
1140 if (changed)
1141 err = new_settings(hdev, sk);
1142
ed2c4ee3
JH		 1143 goto failed;
1144 }
1145
1146 if (mgmt_pending_find(MGMT_OP_SET_SSP, hdev)) {
d97dcb66
SJ		 1147 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1148 MGMT_STATUS_BUSY);
ed2c4ee3
JH		 1149 goto failed;
1150 }
1151
ed2c4ee3
JH		 1152 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) == val) {
1153 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1154 goto failed;
1155 }
1156
1157 cmd = mgmt_pending_add(sk, MGMT_OP_SET_SSP, hdev, data, len);
1158 if (!cmd) {
1159 err = -ENOMEM;
1160 goto failed;
1161 }
1162
1163 err = hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(val), &val);
1164 if (err < 0) {
1165 mgmt_pending_remove(cmd);
1166 goto failed;
1167 }
1168
1169failed:
1170 hci_dev_unlock(hdev);
ed2c4ee3
JH		 1171 return err;
1172}
1173
bdb6d971 1174static int set_hs(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
6d80dfd0
JH		 1175{
1176 struct mgmt_mode *cp = data;
6d80dfd0 1177
bdb6d971 1178 BT_DBG("request for %s", hdev->name);
6d80dfd0 1179
bdb6d971
JH		 1180 if (!enable_hs)
1181 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
04124681 1182 MGMT_STATUS_NOT_SUPPORTED);
6d80dfd0
JH		 1183
1184 if (cp->val)
1185 set_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1186 else
1187 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1188
bdb6d971 1189 return send_settings_rsp(sk, MGMT_OP_SET_HS, hdev);
6d80dfd0
JH		 1190}
1191
bdb6d971 1192static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
06199cf8
JH		 1193{
1194 struct mgmt_mode *cp = data;
1195 struct hci_cp_write_le_host_supported hci_cp;
1196 struct pending_cmd *cmd;
06199cf8 1197 int err;
0b60eba1 1198 u8 val, enabled;
06199cf8 1199
bdb6d971 1200 BT_DBG("request for %s", hdev->name);
06199cf8 1201
1de028ce
JH		 1202 hci_dev_lock(hdev);
1203
06199cf8 1204 if (!enable_le || !(hdev->features[4] & LMP_LE)) {
bdb6d971 1205 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
04124681 1206 MGMT_STATUS_NOT_SUPPORTED);
1de028ce 1207 goto unlock;
06199cf8
JH		 1208 }
1209
1210 val = !!cp->val;
0b60eba1 1211 enabled = !!(hdev->host_features[0] & LMP_HOST_LE);
06199cf8 1212
0b60eba1 1213 if (!hdev_is_powered(hdev) || val == enabled) {
06199cf8
JH		 1214 bool changed = false;
1215
1216 if (val != test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
1217 change_bit(HCI_LE_ENABLED, &hdev->dev_flags);
1218 changed = true;
1219 }
1220
1221 err = send_settings_rsp(sk, MGMT_OP_SET_LE, hdev);
1222 if (err < 0)
1de028ce 1223 goto unlock;
06199cf8
JH		 1224
1225 if (changed)
1226 err = new_settings(hdev, sk);
1227
1de028ce 1228 goto unlock;
06199cf8
JH		 1229 }
1230
1231 if (mgmt_pending_find(MGMT_OP_SET_LE, hdev)) {
bdb6d971 1232 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
04124681 1233 MGMT_STATUS_BUSY);
1de028ce 1234 goto unlock;
06199cf8
JH		 1235 }
1236
1237 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LE, hdev, data, len);
1238 if (!cmd) {
1239 err = -ENOMEM;
1de028ce 1240 goto unlock;
06199cf8
JH		 1241 }
1242
1243 memset(&hci_cp, 0, sizeof(hci_cp));
1244
1245 if (val) {
1246 hci_cp.le = val;
1247 hci_cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
1248 }
1249
04124681
GP		 1250 err = hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(hci_cp),
1251 &hci_cp);
06199cf8
JH		 1252 if (err < 0) {
1253 mgmt_pending_remove(cmd);
1de028ce 1254 goto unlock;
06199cf8
JH		 1255 }
1256
1de028ce
JH		 1257unlock:
1258 hci_dev_unlock(hdev);
06199cf8
JH		 1259 return err;
1260}
1261
bdb6d971 1262static int add_uuid(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
2aeb9a1a 1263{
650f726d 1264 struct mgmt_cp_add_uuid *cp = data;
90e70454 1265 struct pending_cmd *cmd;
2aeb9a1a 1266 struct bt_uuid *uuid;
2aeb9a1a
JH		 1267 int err;
1268
bdb6d971 1269 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1270
09fd0de5 1271 hci_dev_lock(hdev);
2aeb9a1a 1272
c95f0ba7 1273 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1274 err = cmd_status(sk, hdev->id, MGMT_OP_ADD_UUID,
04124681 1275 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1276 goto failed;
1277 }
1278
2aeb9a1a
JH		 1279 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
1280 if (!uuid) {
1281 err = -ENOMEM;
1282 goto failed;
1283 }
1284
1285 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 1286 uuid->svc_hint = cp->svc_hint;
2aeb9a1a
JH		 1287
1288 list_add(&uuid->list, &hdev->uuids);
1289
1aff6f09
JH		 1290 err = update_class(hdev);
1291 if (err < 0)
1292 goto failed;
1293
80a1e1db
JH		 1294 err = update_eir(hdev);
1295 if (err < 0)
1296 goto failed;
1297
90e70454 1298 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1299 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_UUID, 0,
04124681 1300 hdev->dev_class, 3);
90e70454
JH		 1301 goto failed;
1302 }
1303
1304 cmd = mgmt_pending_add(sk, MGMT_OP_ADD_UUID, hdev, data, len);
1305 if (!cmd) {
1306 err = -ENOMEM;
1307 goto failed;
1308 }
2aeb9a1a
JH		 1309
1310failed:
09fd0de5 1311 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1312 return err;
1313}
1314
24b78d0f
JH		 1315static bool enable_service_cache(struct hci_dev *hdev)
1316{
1317 if (!hdev_is_powered(hdev))
1318 return false;
1319
1320 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
17b02e62 1321 schedule_delayed_work(&hdev->service_cache, CACHE_TIMEOUT);
24b78d0f
JH		 1322 return true;
1323 }
1324
1325 return false;
1326}
1327
bdb6d971
JH		 1328static int remove_uuid(struct sock *sk, struct hci_dev *hdev, void *data,
1329 u16 len)
2aeb9a1a 1330{
650f726d 1331 struct mgmt_cp_remove_uuid *cp = data;
90e70454 1332 struct pending_cmd *cmd;
2aeb9a1a 1333 struct list_head *p, *n;
2aeb9a1a 1334 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
2aeb9a1a
JH		 1335 int err, found;
1336
bdb6d971 1337 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1338
09fd0de5 1339 hci_dev_lock(hdev);
2aeb9a1a 1340
c95f0ba7 1341 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1342 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1343 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1344 goto unlock;
1345 }
1346
2aeb9a1a
JH		 1347 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
1348 err = hci_uuids_clear(hdev);
4004b6d9 1349
24b78d0f 1350 if (enable_service_cache(hdev)) {
bdb6d971 1351 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1352 0, hdev->dev_class, 3);
24b78d0f
JH		 1353 goto unlock;
1354 }
4004b6d9 1355
9246a869 1356 goto update_class;
2aeb9a1a
JH		 1357 }
1358
1359 found = 0;
1360
1361 list_for_each_safe(p, n, &hdev->uuids) {
1362 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
1363
1364 if (memcmp(match->uuid, cp->uuid, 16) != 0)
1365 continue;
1366
1367 list_del(&match->list);
1368 found++;
1369 }
1370
1371 if (found == 0) {
bdb6d971 1372 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1373 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a
JH		 1374 goto unlock;
1375 }
1376
9246a869 1377update_class:
1aff6f09
JH		 1378 err = update_class(hdev);
1379 if (err < 0)
1380 goto unlock;
1381
80a1e1db
JH		 1382 err = update_eir(hdev);
1383 if (err < 0)
1384 goto unlock;
1385
90e70454 1386 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1387 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID, 0,
04124681 1388 hdev->dev_class, 3);
90e70454
JH		 1389 goto unlock;
1390 }
1391
1392 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_UUID, hdev, data, len);
1393 if (!cmd) {
1394 err = -ENOMEM;
1395 goto unlock;
1396 }
2aeb9a1a
JH		 1397
1398unlock:
09fd0de5 1399 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1400 return err;
1401}
1402
bdb6d971 1403static int set_dev_class(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1404 u16 len)
1aff6f09 1405{
650f726d 1406 struct mgmt_cp_set_dev_class *cp = data;
90e70454 1407 struct pending_cmd *cmd;
1aff6f09
JH		 1408 int err;
1409
bdb6d971 1410 BT_DBG("request for %s", hdev->name);
1aff6f09 1411
09fd0de5 1412 hci_dev_lock(hdev);
1aff6f09 1413
c95f0ba7 1414 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1415 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
04124681 1416 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1417 goto unlock;
1418 }
1419
932f5ff5
JH		 1420 hdev->major_class = cp->major;
1421 hdev->minor_class = cp->minor;
1422
b5235a65 1423 if (!hdev_is_powered(hdev)) {
bdb6d971 1424 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1425 hdev->dev_class, 3);
b5235a65
JH		 1426 goto unlock;
1427 }
1428
a8b2d5c2 1429 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
7d78525d
JH		 1430 hci_dev_unlock(hdev);
1431 cancel_delayed_work_sync(&hdev->service_cache);
1432 hci_dev_lock(hdev);
14c0b608 1433 update_eir(hdev);
7d78525d 1434 }
14c0b608 1435
1aff6f09 1436 err = update_class(hdev);
90e70454
JH		 1437 if (err < 0)
1438 goto unlock;
1aff6f09 1439
90e70454 1440 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1441 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1442 hdev->dev_class, 3);
90e70454
JH		 1443 goto unlock;
1444 }
1445
1446 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DEV_CLASS, hdev, data, len);
1447 if (!cmd) {
1448 err = -ENOMEM;
1449 goto unlock;
1450 }
1aff6f09 1451
b5235a65 1452unlock:
09fd0de5 1453 hci_dev_unlock(hdev);
1aff6f09
JH		 1454 return err;
1455}
1456
bdb6d971
JH		 1457static int load_link_keys(struct sock *sk, struct hci_dev *hdev, void *data,
1458 u16 len)
55ed8ca1 1459{
650f726d 1460 struct mgmt_cp_load_link_keys *cp = data;
4e51eae9 1461 u16 key_count, expected_len;
a492cd52 1462 int i;
55ed8ca1 1463
1f350c87 1464 key_count = __le16_to_cpu(cp->key_count);
55ed8ca1 1465
86742e1e
JH		 1466 expected_len = sizeof(*cp) + key_count *
1467 sizeof(struct mgmt_link_key_info);
a492cd52 1468 if (expected_len != len) {
86742e1e 1469 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
a492cd52 1470 len, expected_len);
bdb6d971 1471 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
04124681 1472 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1
JH		 1473 }
1474
bdb6d971 1475 BT_DBG("%s debug_keys %u key_count %u", hdev->name, cp->debug_keys,
55ed8ca1
JH		 1476 key_count);
1477
09fd0de5 1478 hci_dev_lock(hdev);
55ed8ca1
JH		 1479
1480 hci_link_keys_clear(hdev);
1481
a8b2d5c2 1482 set_bit(HCI_LINK_KEYS, &hdev->dev_flags);
55ed8ca1
JH		 1483
1484 if (cp->debug_keys)
a8b2d5c2 1485 set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1486 else
a8b2d5c2 1487 clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1488
a492cd52 1489 for (i = 0; i < key_count; i++) {
86742e1e 1490 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 1491
d753fdc4 1492 hci_add_link_key(hdev, NULL, 0, &key->addr.bdaddr, key->val,
04124681 1493 key->type, key->pin_len);
55ed8ca1
JH		 1494 }
1495
bdb6d971 1496 cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS, 0, NULL, 0);
0e5f875a 1497
09fd0de5 1498 hci_dev_unlock(hdev);
55ed8ca1 1499
a492cd52 1500 return 0;
55ed8ca1
JH		 1501}
1502
b1078ad0 1503static int device_unpaired(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 1504 u8 addr_type, struct sock *skip_sk)
b1078ad0
JH		 1505{
1506 struct mgmt_ev_device_unpaired ev;
1507
1508 bacpy(&ev.addr.bdaddr, bdaddr);
1509 ev.addr.type = addr_type;
1510
1511 return mgmt_event(MGMT_EV_DEVICE_UNPAIRED, hdev, &ev, sizeof(ev),
04124681 1512 skip_sk);
b1078ad0
JH		 1513}
1514
bdb6d971 1515static int unpair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1516 u16 len)
55ed8ca1 1517{
124f6e35
JH		 1518 struct mgmt_cp_unpair_device *cp = data;
1519 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 1520 struct hci_cp_disconnect dc;
1521 struct pending_cmd *cmd;
55ed8ca1 1522 struct hci_conn *conn;
55ed8ca1
JH		 1523 int err;
1524
09fd0de5 1525 hci_dev_lock(hdev);
55ed8ca1 1526
a8a1d19e 1527 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 1528 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1529 rp.addr.type = cp->addr.type;
a8a1d19e 1530
86a8cfc6 1531 if (!hdev_is_powered(hdev)) {
bdb6d971 1532 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1533 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
86a8cfc6
JH		 1534 goto unlock;
1535 }
1536
124f6e35
JH		 1537 if (cp->addr.type == MGMT_ADDR_BREDR)
1538 err = hci_remove_link_key(hdev, &cp->addr.bdaddr);
1539 else
1540 err = hci_remove_ltk(hdev, &cp->addr.bdaddr);
b0dbfb46 1541
55ed8ca1 1542 if (err < 0) {
bdb6d971 1543 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1544 MGMT_STATUS_NOT_PAIRED, &rp, sizeof(rp));
55ed8ca1
JH		 1545 goto unlock;
1546 }
1547
86a8cfc6
JH		 1548 if (cp->disconnect) {
1549 if (cp->addr.type == MGMT_ADDR_BREDR)
1550 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
124f6e35 1551 &cp->addr.bdaddr);
86a8cfc6
JH		 1552 else
1553 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK,
124f6e35 1554 &cp->addr.bdaddr);
86a8cfc6
JH		 1555 } else {
1556 conn = NULL;
1557 }
124f6e35 1558
a8a1d19e 1559 if (!conn) {
bdb6d971 1560 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE, 0,
04124681 1561 &rp, sizeof(rp));
b1078ad0 1562 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
a8a1d19e
JH		 1563 goto unlock;
1564 }
55ed8ca1 1565
124f6e35 1566 cmd = mgmt_pending_add(sk, MGMT_OP_UNPAIR_DEVICE, hdev, cp,
04124681 1567 sizeof(*cp));
a8a1d19e
JH		 1568 if (!cmd) {
1569 err = -ENOMEM;
1570 goto unlock;
55ed8ca1
JH		 1571 }
1572
eb55ef07 1573 dc.handle = cpu_to_le16(conn->handle);
a8a1d19e
JH		 1574 dc.reason = 0x13; /* Remote User Terminated Connection */
1575 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1576 if (err < 0)
1577 mgmt_pending_remove(cmd);
1578
55ed8ca1 1579unlock:
09fd0de5 1580 hci_dev_unlock(hdev);
55ed8ca1
JH		 1581 return err;
1582}
1583
bdb6d971 1584static int disconnect(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1585 u16 len)
8962ee74 1586{
650f726d 1587 struct mgmt_cp_disconnect *cp = data;
8962ee74 1588 struct hci_cp_disconnect dc;
366a0336 1589 struct pending_cmd *cmd;
8962ee74 1590 struct hci_conn *conn;
8962ee74
JH		 1591 int err;
1592
1593 BT_DBG("");
1594
09fd0de5 1595 hci_dev_lock(hdev);
8962ee74
JH		 1596
1597 if (!test_bit(HCI_UP, &hdev->flags)) {
bdb6d971 1598 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1599 MGMT_STATUS_NOT_POWERED);
8962ee74
JH		 1600 goto failed;
1601 }
1602
2e58ef3e 1603 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
bdb6d971 1604 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1605 MGMT_STATUS_BUSY);
8962ee74
JH		 1606 goto failed;
1607 }
1608
88c3df13
JH		 1609 if (cp->addr.type == MGMT_ADDR_BREDR)
1610 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
1611 else
1612 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr);
365227e5 1613
8962ee74 1614 if (!conn) {
bdb6d971 1615 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1616 MGMT_STATUS_NOT_CONNECTED);
8962ee74
JH		 1617 goto failed;
1618 }
1619
2e58ef3e 1620 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
366a0336
JH		 1621 if (!cmd) {
1622 err = -ENOMEM;
8962ee74 1623 goto failed;
366a0336 1624 }
8962ee74 1625
eb55ef07 1626 dc.handle = cpu_to_le16(conn->handle);
8962ee74
JH		 1627 dc.reason = 0x13; /* Remote User Terminated Connection */
1628
1629 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1630 if (err < 0)
a664b5bc 1631 mgmt_pending_remove(cmd);
8962ee74
JH		 1632
1633failed:
09fd0de5 1634 hci_dev_unlock(hdev);
8962ee74
JH		 1635 return err;
1636}
1637
48264f06 1638static u8 link_to_mgmt(u8 link_type, u8 addr_type)
4c659c39
JH		 1639{
1640 switch (link_type) {
1641 case LE_LINK:
48264f06
JH		 1642 switch (addr_type) {
1643 case ADDR_LE_DEV_PUBLIC:
1644 return MGMT_ADDR_LE_PUBLIC;
1645 case ADDR_LE_DEV_RANDOM:
1646 return MGMT_ADDR_LE_RANDOM;
1647 default:
1648 return MGMT_ADDR_INVALID;
1649 }
4c659c39
JH		 1650 case ACL_LINK:
1651 return MGMT_ADDR_BREDR;
1652 default:
1653 return MGMT_ADDR_INVALID;
1654 }
1655}
1656
04124681
GP		 1657static int get_connections(struct sock *sk, struct hci_dev *hdev, void *data,
1658 u16 data_len)
2784eb41 1659{
2784eb41 1660 struct mgmt_rp_get_connections *rp;
8035ded4 1661 struct hci_conn *c;
a38528f1 1662 size_t rp_len;
60fc5fb6
JH		 1663 int err;
1664 u16 i;
2784eb41
JH		 1665
1666 BT_DBG("");
1667
09fd0de5 1668 hci_dev_lock(hdev);
2784eb41 1669
5f97c1df 1670 if (!hdev_is_powered(hdev)) {
bdb6d971 1671 err = cmd_status(sk, hdev->id, MGMT_OP_GET_CONNECTIONS,
04124681 1672 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1673 goto unlock;
1674 }
1675
60fc5fb6 1676 i = 0;
b644ba33
JH		 1677 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1678 if (test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
60fc5fb6 1679 i++;
2784eb41
JH		 1680 }
1681
60fc5fb6 1682 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
a38528f1
JH		 1683 rp = kmalloc(rp_len, GFP_ATOMIC);
1684 if (!rp) {
2784eb41
JH		 1685 err = -ENOMEM;
1686 goto unlock;
1687 }
1688
2784eb41 1689 i = 0;
4c659c39 1690 list_for_each_entry(c, &hdev->conn_hash.list, list) {
b644ba33
JH		 1691 if (!test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
1692 continue;
4c659c39 1693 bacpy(&rp->addr[i].bdaddr, &c->dst);
48264f06 1694 rp->addr[i].type = link_to_mgmt(c->type, c->dst_type);
4c659c39
JH		 1695 if (rp->addr[i].type == MGMT_ADDR_INVALID)
1696 continue;
1697 i++;
1698 }
1699
eb55ef07 1700 rp->conn_count = cpu_to_le16(i);
60fc5fb6 1701
4c659c39
JH		 1702 /* Recalculate length in case of filtered SCO connections, etc */
1703 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
2784eb41 1704
bdb6d971 1705 err = cmd_complete(sk, hdev->id, MGMT_OP_GET_CONNECTIONS, 0, rp,
04124681 1706 rp_len);
2784eb41 1707
a38528f1 1708 kfree(rp);
5f97c1df
JH		 1709
1710unlock:
09fd0de5 1711 hci_dev_unlock(hdev);
2784eb41
JH		 1712 return err;
1713}
1714
bdb6d971 1715static int send_pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 1716 struct mgmt_cp_pin_code_neg_reply *cp)
96d97a67
WR		 1717{
1718 struct pending_cmd *cmd;
1719 int err;
1720
2e58ef3e 1721 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
04124681 1722 sizeof(*cp));
96d97a67
WR		 1723 if (!cmd)
1724 return -ENOMEM;
1725
d8457698 1726 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
04124681 1727 sizeof(cp->addr.bdaddr), &cp->addr.bdaddr);
96d97a67
WR		 1728 if (err < 0)
1729 mgmt_pending_remove(cmd);
1730
1731 return err;
1732}
1733
bdb6d971 1734static int pin_code_reply(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1735 u16 len)
980e1a53 1736{
96d97a67 1737 struct hci_conn *conn;
650f726d 1738 struct mgmt_cp_pin_code_reply *cp = data;
980e1a53 1739 struct hci_cp_pin_code_reply reply;
366a0336 1740 struct pending_cmd *cmd;
980e1a53
JH		 1741 int err;
1742
1743 BT_DBG("");
1744
09fd0de5 1745 hci_dev_lock(hdev);
980e1a53 1746
4b34ee78 1747 if (!hdev_is_powered(hdev)) {
bdb6d971 1748 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1749 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1750 goto failed;
1751 }
1752
d8457698 1753 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
96d97a67 1754 if (!conn) {
bdb6d971 1755 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1756 MGMT_STATUS_NOT_CONNECTED);
96d97a67
WR		 1757 goto failed;
1758 }
1759
1760 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
d8457698
JH		 1761 struct mgmt_cp_pin_code_neg_reply ncp;
1762
1763 memcpy(&ncp.addr, &cp->addr, sizeof(ncp.addr));
96d97a67
WR		 1764
1765 BT_ERR("PIN code is not 16 bytes long");
1766
bdb6d971 1767 err = send_pin_code_neg_reply(sk, hdev, &ncp);
96d97a67 1768 if (err >= 0)
bdb6d971 1769 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1770 MGMT_STATUS_INVALID_PARAMS);
96d97a67
WR		 1771
1772 goto failed;
1773 }
1774
00abfe44 1775 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
366a0336
JH		 1776 if (!cmd) {
1777 err = -ENOMEM;
980e1a53 1778 goto failed;
366a0336 1779 }
980e1a53 1780
d8457698 1781 bacpy(&reply.bdaddr, &cp->addr.bdaddr);
980e1a53 1782 reply.pin_len = cp->pin_len;
24718ca5 1783 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 1784
1785 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1786 if (err < 0)
a664b5bc 1787 mgmt_pending_remove(cmd);
980e1a53
JH		 1788
1789failed:
09fd0de5 1790 hci_dev_unlock(hdev);
980e1a53
JH		 1791 return err;
1792}
1793
bdb6d971 1794static int pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 1795 void *data, u16 len)
980e1a53 1796{
650f726d 1797 struct mgmt_cp_pin_code_neg_reply *cp = data;
980e1a53
JH		 1798 int err;
1799
1800 BT_DBG("");
1801
09fd0de5 1802 hci_dev_lock(hdev);
980e1a53 1803
4b34ee78 1804 if (!hdev_is_powered(hdev)) {
bdb6d971 1805 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY,
04124681 1806 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1807 goto failed;
1808 }
1809
bdb6d971 1810 err = send_pin_code_neg_reply(sk, hdev, cp);
980e1a53
JH		 1811
1812failed:
09fd0de5 1813 hci_dev_unlock(hdev);
980e1a53
JH		 1814 return err;
1815}
1816
04124681
GP		 1817static int set_io_capability(struct sock *sk, struct hci_dev *hdev, void *data,
1818 u16 len)
17fa4b9d 1819{
650f726d 1820 struct mgmt_cp_set_io_capability *cp = data;
17fa4b9d
JH		 1821
1822 BT_DBG("");
1823
09fd0de5 1824 hci_dev_lock(hdev);
17fa4b9d
JH		 1825
1826 hdev->io_capability = cp->io_capability;
1827
1828 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
b8534e0f 1829 hdev->io_capability);
17fa4b9d 1830
09fd0de5 1831 hci_dev_unlock(hdev);
17fa4b9d 1832
04124681
GP		 1833 return cmd_complete(sk, hdev->id, MGMT_OP_SET_IO_CAPABILITY, 0, NULL,
1834 0);
17fa4b9d
JH		 1835}
1836
e9a416b5
JH		 1837static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1838{
1839 struct hci_dev *hdev = conn->hdev;
8035ded4 1840 struct pending_cmd *cmd;
e9a416b5 1841
2e58ef3e 1842 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
e9a416b5
JH		 1843 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1844 continue;
1845
e9a416b5
JH		 1846 if (cmd->user_data != conn)
1847 continue;
1848
1849 return cmd;
1850 }
1851
1852 return NULL;
1853}
1854
1855static void pairing_complete(struct pending_cmd *cmd, u8 status)
1856{
1857 struct mgmt_rp_pair_device rp;
1858 struct hci_conn *conn = cmd->user_data;
1859
ba4e564f
JH		 1860 bacpy(&rp.addr.bdaddr, &conn->dst);
1861 rp.addr.type = link_to_mgmt(conn->type, conn->dst_type);
e9a416b5 1862
aee9b218 1863 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, status,
04124681 1864 &rp, sizeof(rp));
e9a416b5
JH		 1865
1866 /* So we don't get further callbacks for this connection */
1867 conn->connect_cfm_cb = NULL;
1868 conn->security_cfm_cb = NULL;
1869 conn->disconn_cfm_cb = NULL;
1870
1871 hci_conn_put(conn);
1872
a664b5bc 1873 mgmt_pending_remove(cmd);
e9a416b5
JH		 1874}
1875
1876static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1877{
1878 struct pending_cmd *cmd;
1879
1880 BT_DBG("status %u", status);
1881
1882 cmd = find_pairing(conn);
56e5cb86 1883 if (!cmd)
e9a416b5 1884 BT_DBG("Unable to find a pending command");
56e5cb86 1885 else
e211326c 1886 pairing_complete(cmd, mgmt_status(status));
e9a416b5
JH		 1887}
1888
bdb6d971 1889static int pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1890 u16 len)
e9a416b5 1891{
650f726d 1892 struct mgmt_cp_pair_device *cp = data;
1425acb7 1893 struct mgmt_rp_pair_device rp;
e9a416b5
JH		 1894 struct pending_cmd *cmd;
1895 u8 sec_level, auth_type;
1896 struct hci_conn *conn;
e9a416b5
JH		 1897 int err;
1898
1899 BT_DBG("");
1900
09fd0de5 1901 hci_dev_lock(hdev);
e9a416b5 1902
5f97c1df 1903 if (!hdev_is_powered(hdev)) {
bdb6d971 1904 err = cmd_status(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 1905 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1906 goto unlock;
1907 }
1908
c908df36
VCG		 1909 sec_level = BT_SECURITY_MEDIUM;
1910 if (cp->io_cap == 0x03)
e9a416b5 1911 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 1912 else
e9a416b5 1913 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 1914
ba4e564f
JH		 1915 if (cp->addr.type == MGMT_ADDR_BREDR)
1916 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr, sec_level,
04124681 1917 auth_type);
7a512d01 1918 else
ba4e564f 1919 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr, sec_level,
04124681 1920 auth_type);
7a512d01 1921
1425acb7
JH		 1922 memset(&rp, 0, sizeof(rp));
1923 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1924 rp.addr.type = cp->addr.type;
1925
30e76272 1926 if (IS_ERR(conn)) {
bdb6d971 1927 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681
GP		 1928 MGMT_STATUS_CONNECT_FAILED, &rp,
1929 sizeof(rp));
e9a416b5
JH		 1930 goto unlock;
1931 }
1932
1933 if (conn->connect_cfm_cb) {
1934 hci_conn_put(conn);
bdb6d971 1935 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 1936 MGMT_STATUS_BUSY, &rp, sizeof(rp));
e9a416b5
JH		 1937 goto unlock;
1938 }
1939
2e58ef3e 1940 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
e9a416b5
JH		 1941 if (!cmd) {
1942 err = -ENOMEM;
1943 hci_conn_put(conn);
1944 goto unlock;
1945 }
1946
7a512d01 1947 /* For LE, just connecting isn't a proof that the pairing finished */
ba4e564f 1948 if (cp->addr.type == MGMT_ADDR_BREDR)
7a512d01
VCG		 1949 conn->connect_cfm_cb = pairing_complete_cb;
1950
e9a416b5
JH		 1951 conn->security_cfm_cb = pairing_complete_cb;
1952 conn->disconn_cfm_cb = pairing_complete_cb;
1953 conn->io_capability = cp->io_cap;
1954 cmd->user_data = conn;
1955
1956 if (conn->state == BT_CONNECTED &&
1957 hci_conn_security(conn, sec_level, auth_type))
1958 pairing_complete(cmd, 0);
1959
1960 err = 0;
1961
1962unlock:
09fd0de5 1963 hci_dev_unlock(hdev);
e9a416b5
JH		 1964 return err;
1965}
1966
04124681
GP		 1967static int cancel_pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
1968 u16 len)
28424707 1969{
0f4e68cf 1970 struct mgmt_addr_info *addr = data;
28424707
JH		 1971 struct pending_cmd *cmd;
1972 struct hci_conn *conn;
1973 int err;
1974
1975 BT_DBG("");
1976
28424707
JH		 1977 hci_dev_lock(hdev);
1978
5f97c1df 1979 if (!hdev_is_powered(hdev)) {
bdb6d971 1980 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 1981 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1982 goto unlock;
1983 }
1984
28424707
JH		 1985 cmd = mgmt_pending_find(MGMT_OP_PAIR_DEVICE, hdev);
1986 if (!cmd) {
bdb6d971 1987 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 1988 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 1989 goto unlock;
1990 }
1991
1992 conn = cmd->user_data;
1993
1994 if (bacmp(&addr->bdaddr, &conn->dst) != 0) {
bdb6d971 1995 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 1996 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 1997 goto unlock;
1998 }
1999
2000 pairing_complete(cmd, MGMT_STATUS_CANCELLED);
2001
bdb6d971 2002 err = cmd_complete(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE, 0,
04124681 2003 addr, sizeof(*addr));
28424707
JH		 2004unlock:
2005 hci_dev_unlock(hdev);
28424707
JH		 2006 return err;
2007}
2008
bdb6d971 2009static int user_pairing_resp(struct sock *sk, struct hci_dev *hdev,
04124681
GP		 2010 bdaddr_t *bdaddr, u8 type, u16 mgmt_op,
2011 u16 hci_op, __le32 passkey)
a5c29683 2012{
a5c29683 2013 struct pending_cmd *cmd;
0df4c185 2014 struct hci_conn *conn;
a5c29683
JH		 2015 int err;
2016
09fd0de5 2017 hci_dev_lock(hdev);
08ba5382 2018
4b34ee78 2019 if (!hdev_is_powered(hdev)) {
bdb6d971 2020 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2021 MGMT_STATUS_NOT_POWERED);
0df4c185 2022 goto done;
a5c29683
JH		 2023 }
2024
272d90df
JH		 2025 if (type == MGMT_ADDR_BREDR)
2026 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, bdaddr);
2027 else
47c15e2b 2028 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, bdaddr);
272d90df
JH		 2029
2030 if (!conn) {
bdb6d971 2031 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2032 MGMT_STATUS_NOT_CONNECTED);
272d90df
JH		 2033 goto done;
2034 }
47c15e2b 2035
272d90df 2036 if (type == MGMT_ADDR_LE_PUBLIC || type == MGMT_ADDR_LE_RANDOM) {
47c15e2b 2037 /* Continue with pairing via SMP */
5fe57d9e
BG		 2038 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
2039
2040 if (!err)
bdb6d971 2041 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2042 MGMT_STATUS_SUCCESS);
5fe57d9e 2043 else
bdb6d971 2044 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2045 MGMT_STATUS_FAILED);
47c15e2b 2046
47c15e2b
BG		 2047 goto done;
2048 }
2049
0df4c185 2050 cmd = mgmt_pending_add(sk, mgmt_op, hdev, bdaddr, sizeof(*bdaddr));
a5c29683
JH		 2051 if (!cmd) {
2052 err = -ENOMEM;
0df4c185 2053 goto done;
a5c29683
JH		 2054 }
2055
0df4c185 2056 /* Continue with pairing via HCI */
604086b7
BG		 2057 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
2058 struct hci_cp_user_passkey_reply cp;
2059
2060 bacpy(&cp.bdaddr, bdaddr);
2061 cp.passkey = passkey;
2062 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
2063 } else
2064 err = hci_send_cmd(hdev, hci_op, sizeof(*bdaddr), bdaddr);
2065
a664b5bc
JH		 2066 if (err < 0)
2067 mgmt_pending_remove(cmd);
a5c29683 2068
0df4c185 2069done:
09fd0de5 2070 hci_dev_unlock(hdev);
a5c29683
JH		 2071 return err;
2072}
2073
04124681
GP		 2074static int user_confirm_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2075 u16 len)
0df4c185 2076{
650f726d 2077 struct mgmt_cp_user_confirm_reply *cp = data;
0df4c185
BG		 2078
2079 BT_DBG("");
2080
2081 if (len != sizeof(*cp))
bdb6d971 2082 return cmd_status(sk, hdev->id, MGMT_OP_USER_CONFIRM_REPLY,
04124681 2083 MGMT_STATUS_INVALID_PARAMS);
0df4c185 2084
bdb6d971 2085 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2086 MGMT_OP_USER_CONFIRM_REPLY,
2087 HCI_OP_USER_CONFIRM_REPLY, 0);
0df4c185
BG		 2088}
2089
bdb6d971 2090static int user_confirm_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2091 void *data, u16 len)
0df4c185 2092{
c9c2659f 2093 struct mgmt_cp_user_confirm_neg_reply *cp = data;
0df4c185
BG		 2094
2095 BT_DBG("");
2096
bdb6d971 2097 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2098 MGMT_OP_USER_CONFIRM_NEG_REPLY,
2099 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
0df4c185
BG		 2100}
2101
04124681
GP		 2102static int user_passkey_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2103 u16 len)
604086b7 2104{
650f726d 2105 struct mgmt_cp_user_passkey_reply *cp = data;
604086b7
BG		 2106
2107 BT_DBG("");
2108
bdb6d971 2109 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2110 MGMT_OP_USER_PASSKEY_REPLY,
2111 HCI_OP_USER_PASSKEY_REPLY, cp->passkey);
604086b7
BG		 2112}
2113
bdb6d971 2114static int user_passkey_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2115 void *data, u16 len)
604086b7 2116{
650f726d 2117 struct mgmt_cp_user_passkey_neg_reply *cp = data;
604086b7
BG		 2118
2119 BT_DBG("");
2120
bdb6d971 2121 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2122 MGMT_OP_USER_PASSKEY_NEG_REPLY,
2123 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
604086b7
BG		 2124}
2125
2b4bf397
JH		 2126static int update_name(struct hci_dev *hdev, const char *name)
2127{
2128 struct hci_cp_write_local_name cp;
2129
2130 memcpy(cp.name, name, sizeof(cp.name));
2131
2132 return hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(cp), &cp);
2133}
2134
bdb6d971 2135static int set_local_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2136 u16 len)
b312b161 2137{
2b4bf397 2138 struct mgmt_cp_set_local_name *cp = data;
b312b161
JH		 2139 struct pending_cmd *cmd;
2140 int err;
2141
2142 BT_DBG("");
2143
09fd0de5 2144 hci_dev_lock(hdev);
b312b161 2145
2b4bf397 2146 memcpy(hdev->short_name, cp->short_name, sizeof(hdev->short_name));
28cc7bde 2147
b5235a65 2148 if (!hdev_is_powered(hdev)) {
2b4bf397 2149 memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name));
28cc7bde
JH		 2150
2151 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
04124681 2152 data, len);
28cc7bde
JH		 2153 if (err < 0)
2154 goto failed;
2155
2156 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, data, len,
04124681 2157 sk);
28cc7bde 2158
b5235a65
JH		 2159 goto failed;
2160 }
2161
28cc7bde 2162 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
b312b161
JH		 2163 if (!cmd) {
2164 err = -ENOMEM;
2165 goto failed;
2166 }
2167
2b4bf397 2168 err = update_name(hdev, cp->name);
b312b161
JH		 2169 if (err < 0)
2170 mgmt_pending_remove(cmd);
2171
2172failed:
09fd0de5 2173 hci_dev_unlock(hdev);
b312b161
JH		 2174 return err;
2175}
2176
0f4e68cf 2177static int read_local_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2178 void *data, u16 data_len)
c35938b2 2179{
c35938b2
SJ		 2180 struct pending_cmd *cmd;
2181 int err;
2182
bdb6d971 2183 BT_DBG("%s", hdev->name);
c35938b2 2184
09fd0de5 2185 hci_dev_lock(hdev);
c35938b2 2186
4b34ee78 2187 if (!hdev_is_powered(hdev)) {
bdb6d971 2188 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2189 MGMT_STATUS_NOT_POWERED);
c35938b2
SJ		 2190 goto unlock;
2191 }
2192
2193 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
bdb6d971 2194 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2195 MGMT_STATUS_NOT_SUPPORTED);
c35938b2
SJ		 2196 goto unlock;
2197 }
2198
2e58ef3e 2199 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
bdb6d971 2200 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2201 MGMT_STATUS_BUSY);
c35938b2
SJ		 2202 goto unlock;
2203 }
2204
2e58ef3e 2205 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
c35938b2
SJ		 2206 if (!cmd) {
2207 err = -ENOMEM;
2208 goto unlock;
2209 }
2210
2211 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
2212 if (err < 0)
2213 mgmt_pending_remove(cmd);
2214
2215unlock:
09fd0de5 2216 hci_dev_unlock(hdev);
c35938b2
SJ		 2217 return err;
2218}
2219
bdb6d971 2220static int add_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2221 void *data, u16 len)
2763eda6 2222{
650f726d 2223 struct mgmt_cp_add_remote_oob_data *cp = data;
bf1e3541 2224 u8 status;
2763eda6
SJ		 2225 int err;
2226
bdb6d971 2227 BT_DBG("%s ", hdev->name);
2763eda6 2228
09fd0de5 2229 hci_dev_lock(hdev);
2763eda6 2230
5f97c1df 2231 if (!hdev_is_powered(hdev)) {
bdb6d971 2232 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA,
04124681
GP		 2233 MGMT_STATUS_NOT_POWERED, &cp->addr,
2234 sizeof(cp->addr));
5f97c1df
JH		 2235 goto unlock;
2236 }
2237
664ce4cc 2238 err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, cp->hash,
04124681 2239 cp->randomizer);
2763eda6 2240 if (err < 0)
bf1e3541 2241 status = MGMT_STATUS_FAILED;
2763eda6 2242 else
bf1e3541
JH		 2243 status = 0;
2244
bdb6d971 2245 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA, status,
04124681 2246 &cp->addr, sizeof(cp->addr));
2763eda6 2247
5f97c1df 2248unlock:
09fd0de5 2249 hci_dev_unlock(hdev);
2763eda6
SJ		 2250 return err;
2251}
2252
bdb6d971 2253static int remove_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
650f726d 2254 void *data, u16 len)
2763eda6 2255{
650f726d 2256 struct mgmt_cp_remove_remote_oob_data *cp = data;
bf1e3541 2257 u8 status;
2763eda6
SJ		 2258 int err;
2259
bdb6d971 2260 BT_DBG("%s", hdev->name);
2763eda6 2261
09fd0de5 2262 hci_dev_lock(hdev);
2763eda6 2263
5f97c1df 2264 if (!hdev_is_powered(hdev)) {
bdb6d971 2265 err = cmd_complete(sk, hdev->id,
04124681
GP		 2266 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
2267 MGMT_STATUS_NOT_POWERED, &cp->addr,
2268 sizeof(cp->addr));
5f97c1df
JH		 2269 goto unlock;
2270 }
2271
664ce4cc 2272 err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr);
2763eda6 2273 if (err < 0)
bf1e3541 2274 status = MGMT_STATUS_INVALID_PARAMS;
2763eda6 2275 else
bf1e3541
JH		 2276 status = 0;
2277
bdb6d971 2278 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
04124681 2279 status, &cp->addr, sizeof(cp->addr));
2763eda6 2280
5f97c1df 2281unlock:
09fd0de5 2282 hci_dev_unlock(hdev);
2763eda6
SJ		 2283 return err;
2284}
2285
5e0452c0
AG		 2286int mgmt_interleaved_discovery(struct hci_dev *hdev)
2287{
2288 int err;
2289
2290 BT_DBG("%s", hdev->name);
2291
2292 hci_dev_lock(hdev);
2293
2294 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR_LE);
2295 if (err < 0)
2296 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2297
2298 hci_dev_unlock(hdev);
2299
2300 return err;
2301}
2302
bdb6d971 2303static int start_discovery(struct sock *sk, struct hci_dev *hdev,
04124681 2304 void *data, u16 len)
14a53664 2305{
650f726d 2306 struct mgmt_cp_start_discovery *cp = data;
14a53664 2307 struct pending_cmd *cmd;
14a53664
JH		 2308 int err;
2309
bdb6d971 2310 BT_DBG("%s", hdev->name);
14a53664 2311
09fd0de5 2312 hci_dev_lock(hdev);
14a53664 2313
4b34ee78 2314 if (!hdev_is_powered(hdev)) {
bdb6d971 2315 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2316 MGMT_STATUS_NOT_POWERED);
bd2d1334
JH		 2317 goto failed;
2318 }
2319
ff9ef578 2320 if (hdev->discovery.state != DISCOVERY_STOPPED) {
bdb6d971 2321 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2322 MGMT_STATUS_BUSY);
ff9ef578
JH		 2323 goto failed;
2324 }
2325
2e58ef3e 2326 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2327 if (!cmd) {
2328 err = -ENOMEM;
2329 goto failed;
2330 }
2331
4aab14e5
AG		 2332 hdev->discovery.type = cp->type;
2333
2334 switch (hdev->discovery.type) {
f39799f5 2335 case DISCOV_TYPE_BREDR:
8b90129c
AG		 2336 if (lmp_bredr_capable(hdev))
2337 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
2338 else
2339 err = -ENOTSUPP;
f39799f5
AG		 2340 break;
2341
2342 case DISCOV_TYPE_LE:
8b90129c
AG		 2343 if (lmp_host_le_capable(hdev))
2344 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
04124681 2345 LE_SCAN_WIN, LE_SCAN_TIMEOUT_LE_ONLY);
8b90129c
AG		 2346 else
2347 err = -ENOTSUPP;
f39799f5
AG		 2348 break;
2349
5e0452c0 2350 case DISCOV_TYPE_INTERLEAVED:
426c189a
AG		 2351 if (lmp_host_le_capable(hdev) && lmp_bredr_capable(hdev))
2352 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
04124681
GP		 2353 LE_SCAN_WIN,
2354 LE_SCAN_TIMEOUT_BREDR_LE);
426c189a
AG		 2355 else
2356 err = -ENOTSUPP;
5e0452c0
AG		 2357 break;
2358
f39799f5 2359 default:
3fd24153 2360 err = -EINVAL;
f39799f5 2361 }
3fd24153 2362
14a53664
JH		 2363 if (err < 0)
2364 mgmt_pending_remove(cmd);
ff9ef578
JH		 2365 else
2366 hci_discovery_set_state(hdev, DISCOVERY_STARTING);
14a53664
JH		 2367
2368failed:
09fd0de5 2369 hci_dev_unlock(hdev);
14a53664
JH		 2370 return err;
2371}
2372
bdb6d971 2373static int stop_discovery(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2374 u16 len)
14a53664 2375{
d930650b 2376 struct mgmt_cp_stop_discovery *mgmt_cp = data;
14a53664 2377 struct pending_cmd *cmd;
30dc78e1
JH		 2378 struct hci_cp_remote_name_req_cancel cp;
2379 struct inquiry_entry *e;
14a53664
JH		 2380 int err;
2381
bdb6d971 2382 BT_DBG("%s", hdev->name);
14a53664 2383
09fd0de5 2384 hci_dev_lock(hdev);
14a53664 2385
30dc78e1 2386 if (!hci_discovery_active(hdev)) {
bdb6d971 2387 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2388 MGMT_STATUS_REJECTED, &mgmt_cp->type,
2389 sizeof(mgmt_cp->type));
d930650b
JH		 2390 goto unlock;
2391 }
2392
2393 if (hdev->discovery.type != mgmt_cp->type) {
bdb6d971 2394 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2395 MGMT_STATUS_INVALID_PARAMS, &mgmt_cp->type,
2396 sizeof(mgmt_cp->type));
30dc78e1 2397 goto unlock;
ff9ef578
JH		 2398 }
2399
2e58ef3e 2400 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2401 if (!cmd) {
2402 err = -ENOMEM;
30dc78e1
JH		 2403 goto unlock;
2404 }
2405
343f935b 2406 if (hdev->discovery.state == DISCOVERY_FINDING) {
c9ecc48e
AG		 2407 if (test_bit(HCI_INQUIRY, &hdev->flags))
2408 err = hci_cancel_inquiry(hdev);
2409 else
2410 err = hci_cancel_le_scan(hdev);
2411
30dc78e1
JH		 2412 if (err < 0)
2413 mgmt_pending_remove(cmd);
2414 else
2415 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
2416 goto unlock;
2417 }
2418
2419 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_PENDING);
2420 if (!e) {
2421 mgmt_pending_remove(cmd);
bdb6d971 2422 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY, 0,
04124681 2423 &mgmt_cp->type, sizeof(mgmt_cp->type));
30dc78e1
JH		 2424 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2425 goto unlock;
14a53664
JH		 2426 }
2427
30dc78e1 2428 bacpy(&cp.bdaddr, &e->data.bdaddr);
04124681
GP		 2429 err = hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ_CANCEL, sizeof(cp),
2430 &cp);
14a53664
JH		 2431 if (err < 0)
2432 mgmt_pending_remove(cmd);
ff9ef578
JH		 2433 else
2434 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
14a53664 2435
30dc78e1 2436unlock:
09fd0de5 2437 hci_dev_unlock(hdev);
14a53664
JH		 2438 return err;
2439}
2440
bdb6d971 2441static int confirm_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2442 u16 len)
561aafbc 2443{
650f726d 2444 struct mgmt_cp_confirm_name *cp = data;
561aafbc 2445 struct inquiry_entry *e;
561aafbc
JH		 2446 int err;
2447
bdb6d971 2448 BT_DBG("%s", hdev->name);
561aafbc 2449
561aafbc
JH		 2450 hci_dev_lock(hdev);
2451
30dc78e1 2452 if (!hci_discovery_active(hdev)) {
bdb6d971 2453 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2454 MGMT_STATUS_FAILED);
30dc78e1
JH		 2455 goto failed;
2456 }
2457
a198e7b1 2458 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->addr.bdaddr);
561aafbc 2459 if (!e) {
bdb6d971 2460 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2461 MGMT_STATUS_INVALID_PARAMS);
561aafbc
JH		 2462 goto failed;
2463 }
2464
2465 if (cp->name_known) {
2466 e->name_state = NAME_KNOWN;
2467 list_del(&e->list);
2468 } else {
2469 e->name_state = NAME_NEEDED;
a3d4e20a 2470 hci_inquiry_cache_update_resolve(hdev, e);
561aafbc
JH		 2471 }
2472
2473 err = 0;
2474
2475failed:
2476 hci_dev_unlock(hdev);
561aafbc
JH		 2477 return err;
2478}
2479
bdb6d971 2480static int block_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2481 u16 len)
7fbec224 2482{
650f726d 2483 struct mgmt_cp_block_device *cp = data;
f0eeea8b 2484 u8 status;
7fbec224
AJ		 2485 int err;
2486
bdb6d971 2487 BT_DBG("%s", hdev->name);
7fbec224 2488
09fd0de5 2489 hci_dev_lock(hdev);
5e762444 2490
88c1fe4b 2491 err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2492 if (err < 0)
f0eeea8b 2493 status = MGMT_STATUS_FAILED;
7fbec224 2494 else
f0eeea8b
JH		 2495 status = 0;
2496
bdb6d971 2497 err = cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE, status,
04124681 2498 &cp->addr, sizeof(cp->addr));
5e762444 2499
09fd0de5 2500 hci_dev_unlock(hdev);
7fbec224
AJ		 2501
2502 return err;
2503}
2504
bdb6d971 2505static int unblock_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2506 u16 len)
7fbec224 2507{
650f726d 2508 struct mgmt_cp_unblock_device *cp = data;
f0eeea8b 2509 u8 status;
7fbec224
AJ		 2510 int err;
2511
bdb6d971 2512 BT_DBG("%s", hdev->name);
7fbec224 2513
09fd0de5 2514 hci_dev_lock(hdev);
5e762444 2515
88c1fe4b 2516 err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2517 if (err < 0)
f0eeea8b 2518 status = MGMT_STATUS_INVALID_PARAMS;
7fbec224 2519 else
f0eeea8b
JH		 2520 status = 0;
2521
bdb6d971 2522 err = cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE, status,
04124681 2523 &cp->addr, sizeof(cp->addr));
5e762444 2524
09fd0de5 2525 hci_dev_unlock(hdev);
7fbec224
AJ		 2526
2527 return err;
2528}
2529
cdbaccca
MH		 2530static int set_device_id(struct sock *sk, struct hci_dev *hdev, void *data,
2531 u16 len)
2532{
2533 struct mgmt_cp_set_device_id *cp = data;
2534 int err;
2535
2536 BT_DBG("%s", hdev->name);
2537
2538 hci_dev_lock(hdev);
2539
2540 hdev->devid_source = __le16_to_cpu(cp->source);
2541 hdev->devid_vendor = __le16_to_cpu(cp->vendor);
2542 hdev->devid_product = __le16_to_cpu(cp->product);
2543 hdev->devid_version = __le16_to_cpu(cp->version);
2544
2545 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEVICE_ID, 0, NULL, 0);
2546
2547 update_eir(hdev);
2548
2549 hci_dev_unlock(hdev);
2550
2551 return err;
2552}
2553
bdb6d971 2554static int set_fast_connectable(struct sock *sk, struct hci_dev *hdev,
04124681 2555 void *data, u16 len)
f6422ec6 2556{
650f726d 2557 struct mgmt_mode *cp = data;
f6422ec6
AJ		 2558 struct hci_cp_write_page_scan_activity acp;
2559 u8 type;
2560 int err;
2561
bdb6d971 2562 BT_DBG("%s", hdev->name);
f6422ec6 2563
5400c044 2564 if (!hdev_is_powered(hdev))
bdb6d971 2565 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2566 MGMT_STATUS_NOT_POWERED);
5400c044
JH		 2567
2568 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
bdb6d971 2569 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2570 MGMT_STATUS_REJECTED);
f6422ec6
AJ		 2571
2572 hci_dev_lock(hdev);
2573
f7c6869c 2574 if (cp->val) {
f6422ec6 2575 type = PAGE_SCAN_TYPE_INTERLACED;
76ec9de8
AE		 2576
2577 /* 22.5 msec page scan interval */
2578 acp.interval = __constant_cpu_to_le16(0x0024);
f6422ec6
AJ		 2579 } else {
2580 type = PAGE_SCAN_TYPE_STANDARD; /* default */
76ec9de8
AE		 2581
2582 /* default 1.28 sec page scan */
2583 acp.interval = __constant_cpu_to_le16(0x0800);
f6422ec6
AJ		 2584 }
2585
76ec9de8
AE		 2586 /* default 11.25 msec page scan window */
2587 acp.window = __constant_cpu_to_le16(0x0012);
f6422ec6 2588
04124681
GP		 2589 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY, sizeof(acp),
2590 &acp);
f6422ec6 2591 if (err < 0) {
bdb6d971 2592 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2593 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2594 goto done;
2595 }
2596
2597 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
2598 if (err < 0) {
bdb6d971 2599 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2600 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2601 goto done;
2602 }
2603
bdb6d971 2604 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE, 0,
04124681 2605 NULL, 0);
f6422ec6
AJ		 2606done:
2607 hci_dev_unlock(hdev);
f6422ec6
AJ		 2608 return err;
2609}
2610
bdb6d971 2611static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
04124681 2612 void *cp_data, u16 len)
346af67b 2613{
346af67b
VCG		 2614 struct mgmt_cp_load_long_term_keys *cp = cp_data;
2615 u16 key_count, expected_len;
2616 int i;
2617
1f350c87 2618 key_count = __le16_to_cpu(cp->key_count);
346af67b
VCG		 2619
2620 expected_len = sizeof(*cp) + key_count *
2621 sizeof(struct mgmt_ltk_info);
2622 if (expected_len != len) {
2623 BT_ERR("load_keys: expected %u bytes, got %u bytes",
2624 len, expected_len);
bdb6d971 2625 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS,
04124681 2626 EINVAL);
346af67b
VCG		 2627 }
2628
bdb6d971 2629 BT_DBG("%s key_count %u", hdev->name, key_count);
346af67b
VCG		 2630
2631 hci_dev_lock(hdev);
2632
2633 hci_smp_ltks_clear(hdev);
2634
2635 for (i = 0; i < key_count; i++) {
2636 struct mgmt_ltk_info *key = &cp->keys[i];
2637 u8 type;
2638
2639 if (key->master)
2640 type = HCI_SMP_LTK;
2641 else
2642 type = HCI_SMP_LTK_SLAVE;
2643
2644 hci_add_ltk(hdev, &key->addr.bdaddr, key->addr.type,
04124681
GP		 2645 type, 0, key->authenticated, key->val,
2646 key->enc_size, key->ediv, key->rand);
346af67b
VCG		 2647 }
2648
2649 hci_dev_unlock(hdev);
346af67b
VCG		 2650
2651 return 0;
2652}
2653
2e3c35ea 2654static const struct mgmt_handler {
04124681
GP		 2655 int (*func) (struct sock *sk, struct hci_dev *hdev, void *data,
2656 u16 data_len);
be22b54e
JH		 2657 bool var_len;
2658 size_t data_len;
0f4e68cf
JH		 2659} mgmt_handlers[] = {
2660 { NULL }, /* 0x0000 (no command) */
be22b54e
JH		 2661 { read_version, false, MGMT_READ_VERSION_SIZE },
2662 { read_commands, false, MGMT_READ_COMMANDS_SIZE },
2663 { read_index_list, false, MGMT_READ_INDEX_LIST_SIZE },
2664 { read_controller_info, false, MGMT_READ_INFO_SIZE },
2665 { set_powered, false, MGMT_SETTING_SIZE },
2666 { set_discoverable, false, MGMT_SET_DISCOVERABLE_SIZE },
2667 { set_connectable, false, MGMT_SETTING_SIZE },
2668 { set_fast_connectable, false, MGMT_SETTING_SIZE },
2669 { set_pairable, false, MGMT_SETTING_SIZE },
2670 { set_link_security, false, MGMT_SETTING_SIZE },
2671 { set_ssp, false, MGMT_SETTING_SIZE },
2672 { set_hs, false, MGMT_SETTING_SIZE },
2673 { set_le, false, MGMT_SETTING_SIZE },
2674 { set_dev_class, false, MGMT_SET_DEV_CLASS_SIZE },
2675 { set_local_name, false, MGMT_SET_LOCAL_NAME_SIZE },
2676 { add_uuid, false, MGMT_ADD_UUID_SIZE },
2677 { remove_uuid, false, MGMT_REMOVE_UUID_SIZE },
2678 { load_link_keys, true, MGMT_LOAD_LINK_KEYS_SIZE },
2679 { load_long_term_keys, true, MGMT_LOAD_LONG_TERM_KEYS_SIZE },
2680 { disconnect, false, MGMT_DISCONNECT_SIZE },
2681 { get_connections, false, MGMT_GET_CONNECTIONS_SIZE },
2682 { pin_code_reply, false, MGMT_PIN_CODE_REPLY_SIZE },
2683 { pin_code_neg_reply, false, MGMT_PIN_CODE_NEG_REPLY_SIZE },
2684 { set_io_capability, false, MGMT_SET_IO_CAPABILITY_SIZE },
2685 { pair_device, false, MGMT_PAIR_DEVICE_SIZE },
2686 { cancel_pair_device, false, MGMT_CANCEL_PAIR_DEVICE_SIZE },
2687 { unpair_device, false, MGMT_UNPAIR_DEVICE_SIZE },
2688 { user_confirm_reply, false, MGMT_USER_CONFIRM_REPLY_SIZE },
2689 { user_confirm_neg_reply, false, MGMT_USER_CONFIRM_NEG_REPLY_SIZE },
2690 { user_passkey_reply, false, MGMT_USER_PASSKEY_REPLY_SIZE },
2691 { user_passkey_neg_reply, false, MGMT_USER_PASSKEY_NEG_REPLY_SIZE },
2692 { read_local_oob_data, false, MGMT_READ_LOCAL_OOB_DATA_SIZE },
2693 { add_remote_oob_data, false, MGMT_ADD_REMOTE_OOB_DATA_SIZE },
2694 { remove_remote_oob_data, false, MGMT_REMOVE_REMOTE_OOB_DATA_SIZE },
2695 { start_discovery, false, MGMT_START_DISCOVERY_SIZE },
2696 { stop_discovery, false, MGMT_STOP_DISCOVERY_SIZE },
2697 { confirm_name, false, MGMT_CONFIRM_NAME_SIZE },
2698 { block_device, false, MGMT_BLOCK_DEVICE_SIZE },
2699 { unblock_device, false, MGMT_UNBLOCK_DEVICE_SIZE },
cdbaccca 2700 { set_device_id, false, MGMT_SET_DEVICE_ID_SIZE },
0f4e68cf
JH		 2701};
2702
2703
0381101f
JH		 2704int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
2705{
650f726d
VCG		 2706 void *buf;
2707 u8 *cp;
0381101f 2708 struct mgmt_hdr *hdr;
4e51eae9 2709 u16 opcode, index, len;
bdb6d971 2710 struct hci_dev *hdev = NULL;
2e3c35ea 2711 const struct mgmt_handler *handler;
0381101f
JH		 2712 int err;
2713
2714 BT_DBG("got %zu bytes", msglen);
2715
2716 if (msglen < sizeof(*hdr))
2717 return -EINVAL;
2718
e63a15ec 2719 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 2720 if (!buf)
2721 return -ENOMEM;
2722
2723 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
2724 err = -EFAULT;
2725 goto done;
2726 }
2727
650f726d 2728 hdr = buf;
1f350c87
MH		 2729 opcode = __le16_to_cpu(hdr->opcode);
2730 index = __le16_to_cpu(hdr->index);
2731 len = __le16_to_cpu(hdr->len);
0381101f
JH		 2732
2733 if (len != msglen - sizeof(*hdr)) {
2734 err = -EINVAL;
2735 goto done;
2736 }
2737
0f4e68cf 2738 if (index != MGMT_INDEX_NONE) {
bdb6d971
JH		 2739 hdev = hci_dev_get(index);
2740 if (!hdev) {
2741 err = cmd_status(sk, index, opcode,
04124681 2742 MGMT_STATUS_INVALID_INDEX);
bdb6d971
JH		 2743 goto done;
2744 }
2745 }
2746
0f4e68cf
JH		 2747 if (opcode >= ARRAY_SIZE(mgmt_handlers) ||
2748 mgmt_handlers[opcode].func == NULL) {
0381101f 2749 BT_DBG("Unknown op %u", opcode);
ca69b795 2750 err = cmd_status(sk, index, opcode,
04124681 2751 MGMT_STATUS_UNKNOWN_COMMAND);
0f4e68cf
JH		 2752 goto done;
2753 }
2754
2755 if ((hdev && opcode < MGMT_OP_READ_INFO) ||
2756 (!hdev && opcode >= MGMT_OP_READ_INFO)) {
2757 err = cmd_status(sk, index, opcode,
04124681 2758 MGMT_STATUS_INVALID_INDEX);
0f4e68cf 2759 goto done;
0381101f
JH		 2760 }
2761
be22b54e
JH		 2762 handler = &mgmt_handlers[opcode];
2763
2764 if ((handler->var_len && len < handler->data_len) ||
2765 (!handler->var_len && len != handler->data_len)) {
2766 err = cmd_status(sk, index, opcode,
04124681 2767 MGMT_STATUS_INVALID_PARAMS);
be22b54e
JH		 2768 goto done;
2769 }
2770
0f4e68cf
JH		 2771 if (hdev)
2772 mgmt_init_hdev(sk, hdev);
2773
2774 cp = buf + sizeof(*hdr);
2775
be22b54e 2776 err = handler->func(sk, hdev, cp, len);
e41d8b4e
JH		 2777 if (err < 0)
2778 goto done;
2779
0381101f
JH		 2780 err = msglen;
2781
2782done:
bdb6d971
JH		 2783 if (hdev)
2784 hci_dev_put(hdev);
2785
0381101f
JH		 2786 kfree(buf);
2787 return err;
2788}
c71e97bf 2789
b24752fe
JH		 2790static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
2791{
2792 u8 *status = data;
2793
2794 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
2795 mgmt_pending_remove(cmd);
2796}
2797
744cf19e 2798int mgmt_index_added(struct hci_dev *hdev)
c71e97bf 2799{
744cf19e 2800 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
c71e97bf
JH		 2801}
2802
744cf19e 2803int mgmt_index_removed(struct hci_dev *hdev)
c71e97bf 2804{
5f159032 2805 u8 status = MGMT_STATUS_INVALID_INDEX;
b24752fe 2806
744cf19e 2807 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe 2808
744cf19e 2809 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
eec8d2bc
JH		 2810}
2811
73f22f62 2812struct cmd_lookup {
eec8d2bc 2813 struct sock *sk;
69ab39ea 2814 struct hci_dev *hdev;
90e70454 2815 u8 mgmt_status;
eec8d2bc
JH		 2816};
2817
69ab39ea 2818static void settings_rsp(struct pending_cmd *cmd, void *data)
eec8d2bc 2819{
73f22f62 2820 struct cmd_lookup *match = data;
eec8d2bc 2821
69ab39ea 2822 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
eec8d2bc
JH		 2823
2824 list_del(&cmd->list);
2825
2826 if (match->sk == NULL) {
2827 match->sk = cmd->sk;
2828 sock_hold(match->sk);
2829 }
2830
2831 mgmt_pending_free(cmd);
c71e97bf 2832}
5add6af8 2833
744cf19e 2834int mgmt_powered(struct hci_dev *hdev, u8 powered)
5add6af8 2835{
76a7f3a4 2836 struct cmd_lookup match = { NULL, hdev };
7bb895d6 2837 int err;
5add6af8 2838
5e5282bb
JH		 2839 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
2840 return 0;
2841
69ab39ea 2842 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
5add6af8 2843
5e5282bb
JH		 2844 if (powered) {
2845 u8 scan = 0;
2846
2847 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2848 scan |= SCAN_PAGE;
2849 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2850 scan |= SCAN_INQUIRY;
2851
2852 if (scan)
2853 hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
504c8dcd
JH		 2854
2855 update_class(hdev);
2b4bf397 2856 update_name(hdev, hdev->dev_name);
504c8dcd 2857 update_eir(hdev);
5e5282bb 2858 } else {
d4f68526 2859 u8 status = MGMT_STATUS_NOT_POWERED;
744cf19e 2860 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe
JH		 2861 }
2862
beadb2bd 2863 err = new_settings(hdev, match.sk);
eec8d2bc
JH		 2864
2865 if (match.sk)
2866 sock_put(match.sk);
2867
7bb895d6 2868 return err;
5add6af8 2869}
73f22f62 2870
744cf19e 2871int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
73f22f62 2872{
76a7f3a4 2873 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 2874 bool changed = false;
2875 int err = 0;
73f22f62 2876
5e5282bb
JH		 2877 if (discoverable) {
2878 if (!test_and_set_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2879 changed = true;
2880 } else {
2881 if (test_and_clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2882 changed = true;
2883 }
73f22f62 2884
ed9b5f2f 2885 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp,
04124681 2886 &match);
ed9b5f2f 2887
beadb2bd
JH		 2888 if (changed)
2889 err = new_settings(hdev, match.sk);
5e5282bb 2890
73f22f62
JH		 2891 if (match.sk)
2892 sock_put(match.sk);
2893
7bb895d6 2894 return err;
73f22f62 2895}
9fbcbb45 2896
744cf19e 2897int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
9fbcbb45 2898{
76a7f3a4 2899 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 2900 bool changed = false;
2901 int err = 0;
9fbcbb45 2902
5e5282bb
JH		 2903 if (connectable) {
2904 if (!test_and_set_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2905 changed = true;
2906 } else {
2907 if (test_and_clear_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2908 changed = true;
2909 }
9fbcbb45 2910
ed9b5f2f 2911 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, settings_rsp,
04124681 2912 &match);
ed9b5f2f 2913
beadb2bd
JH		 2914 if (changed)
2915 err = new_settings(hdev, match.sk);
9fbcbb45
JH		 2916
2917 if (match.sk)
2918 sock_put(match.sk);
2919
7bb895d6 2920 return err;
9fbcbb45 2921}
55ed8ca1 2922
744cf19e 2923int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2d7cee58 2924{
ca69b795
JH		 2925 u8 mgmt_err = mgmt_status(status);
2926
2d7cee58 2927 if (scan & SCAN_PAGE)
744cf19e 2928 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
04124681 2929 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 2930
2931 if (scan & SCAN_INQUIRY)
744cf19e 2932 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
04124681 2933 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 2934
2935 return 0;
2936}
2937
745c0ce3 2938int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key, bool persistent)
55ed8ca1 2939{
86742e1e 2940 struct mgmt_ev_new_link_key ev;
55ed8ca1 2941
a492cd52 2942 memset(&ev, 0, sizeof(ev));
55ed8ca1 2943
a492cd52 2944 ev.store_hint = persistent;
d753fdc4
JH		 2945 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
2946 ev.key.addr.type = MGMT_ADDR_BREDR;
a492cd52
VCG		 2947 ev.key.type = key->type;
2948 memcpy(ev.key.val, key->val, 16);
2949 ev.key.pin_len = key->pin_len;
55ed8ca1 2950
744cf19e 2951 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
55ed8ca1 2952}
f7520543 2953
346af67b
VCG		 2954int mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key, u8 persistent)
2955{
2956 struct mgmt_ev_new_long_term_key ev;
2957
2958 memset(&ev, 0, sizeof(ev));
2959
2960 ev.store_hint = persistent;
2961 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
2962 ev.key.addr.type = key->bdaddr_type;
2963 ev.key.authenticated = key->authenticated;
2964 ev.key.enc_size = key->enc_size;
2965 ev.key.ediv = key->ediv;
2966
2967 if (key->type == HCI_SMP_LTK)
2968 ev.key.master = 1;
2969
2970 memcpy(ev.key.rand, key->rand, sizeof(key->rand));
2971 memcpy(ev.key.val, key->val, sizeof(key->val));
2972
04124681
GP		 2973 return mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY, hdev, &ev, sizeof(ev),
2974 NULL);
346af67b
VCG		 2975}
2976
afc747a6 2977int mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 2978 u8 addr_type, u32 flags, u8 *name, u8 name_len,
2979 u8 *dev_class)
f7520543 2980{
b644ba33
JH		 2981 char buf[512];
2982 struct mgmt_ev_device_connected *ev = (void *) buf;
2983 u16 eir_len = 0;
f7520543 2984
b644ba33
JH		 2985 bacpy(&ev->addr.bdaddr, bdaddr);
2986 ev->addr.type = link_to_mgmt(link_type, addr_type);
f7520543 2987
c95f0ba7 2988 ev->flags = __cpu_to_le32(flags);
08c79b61 2989
b644ba33
JH		 2990 if (name_len > 0)
2991 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE,
04124681 2992 name, name_len);
b644ba33
JH		 2993
2994 if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0)
53156385 2995 eir_len = eir_append_data(ev->eir, eir_len,
04124681 2996 EIR_CLASS_OF_DEV, dev_class, 3);
b644ba33 2997
eb55ef07 2998 ev->eir_len = cpu_to_le16(eir_len);
b644ba33
JH		 2999
3000 return mgmt_event(MGMT_EV_DEVICE_CONNECTED, hdev, buf,
04124681 3001 sizeof(*ev) + eir_len, NULL);
f7520543
JH		 3002}
3003
8962ee74
JH		 3004static void disconnect_rsp(struct pending_cmd *cmd, void *data)
3005{
c68fb7ff 3006 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 3007 struct sock **sk = data;
a38528f1 3008 struct mgmt_rp_disconnect rp;
8962ee74 3009
88c3df13
JH		 3010 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3011 rp.addr.type = cp->addr.type;
8962ee74 3012
aee9b218 3013 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, 0, &rp,
04124681 3014 sizeof(rp));
8962ee74
JH		 3015
3016 *sk = cmd->sk;
3017 sock_hold(*sk);
3018
a664b5bc 3019 mgmt_pending_remove(cmd);
8962ee74
JH		 3020}
3021
124f6e35 3022static void unpair_device_rsp(struct pending_cmd *cmd, void *data)
a8a1d19e 3023{
b1078ad0 3024 struct hci_dev *hdev = data;
124f6e35
JH		 3025 struct mgmt_cp_unpair_device *cp = cmd->param;
3026 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 3027
3028 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 3029 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3030 rp.addr.type = cp->addr.type;
a8a1d19e 3031
b1078ad0
JH		 3032 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, cmd->sk);
3033
aee9b218 3034 cmd_complete(cmd->sk, cmd->index, cmd->opcode, 0, &rp, sizeof(rp));
a8a1d19e
JH		 3035
3036 mgmt_pending_remove(cmd);
3037}
3038
afc747a6 3039int mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3040 u8 link_type, u8 addr_type)
f7520543 3041{
4c659c39 3042 struct mgmt_addr_info ev;
8962ee74
JH		 3043 struct sock *sk = NULL;
3044 int err;
3045
744cf19e 3046 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
f7520543 3047
f7520543 3048 bacpy(&ev.bdaddr, bdaddr);
48264f06 3049 ev.type = link_to_mgmt(link_type, addr_type);
f7520543 3050
afc747a6 3051 err = mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev),
04124681 3052 sk);
8962ee74
JH		 3053
3054 if (sk)
d97dcb66 3055 sock_put(sk);
8962ee74 3056
124f6e35 3057 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
04124681 3058 hdev);
a8a1d19e 3059
8962ee74
JH		 3060 return err;
3061}
3062
88c3df13 3063int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3064 u8 link_type, u8 addr_type, u8 status)
8962ee74 3065{
88c3df13 3066 struct mgmt_rp_disconnect rp;
8962ee74
JH		 3067 struct pending_cmd *cmd;
3068 int err;
3069
2e58ef3e 3070 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
8962ee74
JH		 3071 if (!cmd)
3072 return -ENOENT;
3073
88c3df13
JH		 3074 bacpy(&rp.addr.bdaddr, bdaddr);
3075 rp.addr.type = link_to_mgmt(link_type, addr_type);
37d9ef76 3076
88c3df13 3077 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
04124681 3078 mgmt_status(status), &rp, sizeof(rp));
8962ee74 3079
a664b5bc 3080 mgmt_pending_remove(cmd);
8962ee74 3081
b1078ad0
JH		 3082 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
3083 hdev);
8962ee74 3084 return err;
f7520543 3085}
17d5c04c 3086
48264f06 3087int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3088 u8 addr_type, u8 status)
17d5c04c
JH		 3089{
3090 struct mgmt_ev_connect_failed ev;
3091
4c659c39 3092 bacpy(&ev.addr.bdaddr, bdaddr);
48264f06 3093 ev.addr.type = link_to_mgmt(link_type, addr_type);
ca69b795 3094 ev.status = mgmt_status(status);
17d5c04c 3095
744cf19e 3096 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
17d5c04c 3097}
980e1a53 3098
744cf19e 3099int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 3100{
3101 struct mgmt_ev_pin_code_request ev;
3102
d8457698
JH		 3103 bacpy(&ev.addr.bdaddr, bdaddr);
3104 ev.addr.type = MGMT_ADDR_BREDR;
a770bb5a 3105 ev.secure = secure;
980e1a53 3106
744cf19e 3107 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
04124681 3108 NULL);
980e1a53
JH		 3109}
3110
744cf19e 3111int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3112 u8 status)
980e1a53
JH		 3113{
3114 struct pending_cmd *cmd;
ac56fb13 3115 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3116 int err;
3117
2e58ef3e 3118 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
980e1a53
JH		 3119 if (!cmd)
3120 return -ENOENT;
3121
d8457698
JH		 3122 bacpy(&rp.addr.bdaddr, bdaddr);
3123 rp.addr.type = MGMT_ADDR_BREDR;
ac56fb13 3124
aee9b218 3125 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 3126 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3127
a664b5bc 3128 mgmt_pending_remove(cmd);
980e1a53
JH		 3129
3130 return err;
3131}
3132
744cf19e 3133int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3134 u8 status)
980e1a53
JH		 3135{
3136 struct pending_cmd *cmd;
ac56fb13 3137 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3138 int err;
3139
2e58ef3e 3140 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
980e1a53
JH		 3141 if (!cmd)
3142 return -ENOENT;
3143
d8457698
JH		 3144 bacpy(&rp.addr.bdaddr, bdaddr);
3145 rp.addr.type = MGMT_ADDR_BREDR;
ac56fb13 3146
aee9b218 3147 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY,
04124681 3148 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3149
a664b5bc 3150 mgmt_pending_remove(cmd);
980e1a53
JH		 3151
3152 return err;
3153}
a5c29683 3154
744cf19e 3155int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681
GP		 3156 u8 link_type, u8 addr_type, __le32 value,
3157 u8 confirm_hint)
a5c29683
JH		 3158{
3159 struct mgmt_ev_user_confirm_request ev;
3160
744cf19e 3161 BT_DBG("%s", hdev->name);
a5c29683 3162
272d90df
JH		 3163 bacpy(&ev.addr.bdaddr, bdaddr);
3164 ev.addr.type = link_to_mgmt(link_type, addr_type);
55bc1a37 3165 ev.confirm_hint = confirm_hint;
78e8098e 3166 ev.value = value;
a5c29683 3167
744cf19e 3168 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
04124681 3169 NULL);
a5c29683
JH		 3170}
3171
272d90df
JH		 3172int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
3173 u8 link_type, u8 addr_type)
604086b7
BG		 3174{
3175 struct mgmt_ev_user_passkey_request ev;
3176
3177 BT_DBG("%s", hdev->name);
3178
272d90df
JH		 3179 bacpy(&ev.addr.bdaddr, bdaddr);
3180 ev.addr.type = link_to_mgmt(link_type, addr_type);
604086b7
BG		 3181
3182 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
04124681 3183 NULL);
604086b7
BG		 3184}
3185
0df4c185 3186static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
272d90df
JH		 3187 u8 link_type, u8 addr_type, u8 status,
3188 u8 opcode)
a5c29683
JH		 3189{
3190 struct pending_cmd *cmd;
3191 struct mgmt_rp_user_confirm_reply rp;
3192 int err;
3193
2e58ef3e 3194 cmd = mgmt_pending_find(opcode, hdev);
a5c29683
JH		 3195 if (!cmd)
3196 return -ENOENT;
3197
272d90df
JH		 3198 bacpy(&rp.addr.bdaddr, bdaddr);
3199 rp.addr.type = link_to_mgmt(link_type, addr_type);
aee9b218 3200 err = cmd_complete(cmd->sk, hdev->id, opcode, mgmt_status(status),
04124681 3201 &rp, sizeof(rp));
a5c29683 3202
a664b5bc 3203 mgmt_pending_remove(cmd);
a5c29683
JH		 3204
3205 return err;
3206}
3207
744cf19e 3208int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3209 u8 link_type, u8 addr_type, u8 status)
a5c29683 3210{
272d90df 3211 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3212 status, MGMT_OP_USER_CONFIRM_REPLY);
a5c29683
JH		 3213}
3214
272d90df 3215int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3216 u8 link_type, u8 addr_type, u8 status)
a5c29683 3217{
272d90df 3218 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3219 status, MGMT_OP_USER_CONFIRM_NEG_REPLY);
a5c29683 3220}
2a611692 3221
604086b7 3222int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3223 u8 link_type, u8 addr_type, u8 status)
604086b7 3224{
272d90df 3225 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3226 status, MGMT_OP_USER_PASSKEY_REPLY);
604086b7
BG		 3227}
3228
272d90df 3229int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3230 u8 link_type, u8 addr_type, u8 status)
604086b7 3231{
272d90df 3232 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3233 status, MGMT_OP_USER_PASSKEY_NEG_REPLY);
604086b7
BG		 3234}
3235
bab73cb6 3236int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3237 u8 addr_type, u8 status)
2a611692
JH		 3238{
3239 struct mgmt_ev_auth_failed ev;
3240
bab73cb6
JH		 3241 bacpy(&ev.addr.bdaddr, bdaddr);
3242 ev.addr.type = link_to_mgmt(link_type, addr_type);
ca69b795 3243 ev.status = mgmt_status(status);
2a611692 3244
744cf19e 3245 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2a611692 3246}
b312b161 3247
33ef95ed
JH		 3248int mgmt_auth_enable_complete(struct hci_dev *hdev, u8 status)
3249{
3250 struct cmd_lookup match = { NULL, hdev };
47990ea0
JH		 3251 bool changed = false;
3252 int err = 0;
33ef95ed
JH		 3253
3254 if (status) {
3255 u8 mgmt_err = mgmt_status(status);
3256 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev,
04124681 3257 cmd_status_rsp, &mgmt_err);
33ef95ed
JH		 3258 return 0;
3259 }
3260
47990ea0
JH		 3261 if (test_bit(HCI_AUTH, &hdev->flags)) {
3262 if (!test_and_set_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3263 changed = true;
3264 } else {
3265 if (test_and_clear_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3266 changed = true;
3267 }
3268
33ef95ed 3269 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev, settings_rsp,
04124681 3270 &match);
33ef95ed 3271
47990ea0
JH		 3272 if (changed)
3273 err = new_settings(hdev, match.sk);
33ef95ed
JH		 3274
3275 if (match.sk)
3276 sock_put(match.sk);
3277
3278 return err;
3279}
3280
cacaf52f
JH		 3281static int clear_eir(struct hci_dev *hdev)
3282{
3283 struct hci_cp_write_eir cp;
3284
3285 if (!(hdev->features[6] & LMP_EXT_INQ))
3286 return 0;
3287
c80da27e
JH		 3288 memset(hdev->eir, 0, sizeof(hdev->eir));
3289
cacaf52f
JH		 3290 memset(&cp, 0, sizeof(cp));
3291
3292 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
3293}
3294
c0ecddc2 3295int mgmt_ssp_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
ed2c4ee3
JH		 3296{
3297 struct cmd_lookup match = { NULL, hdev };
c0ecddc2
JH		 3298 bool changed = false;
3299 int err = 0;
ed2c4ee3
JH		 3300
3301 if (status) {
3302 u8 mgmt_err = mgmt_status(status);
c0ecddc2
JH		 3303
3304 if (enable && test_and_clear_bit(HCI_SSP_ENABLED,
04124681 3305 &hdev->dev_flags))
c0ecddc2
JH		 3306 err = new_settings(hdev, NULL);
3307
04124681
GP		 3308 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, cmd_status_rsp,
3309 &mgmt_err);
c0ecddc2
JH		 3310
3311 return err;
3312 }
3313
3314 if (enable) {
3315 if (!test_and_set_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3316 changed = true;
3317 } else {
3318 if (test_and_clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3319 changed = true;
ed2c4ee3
JH		 3320 }
3321
3322 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, settings_rsp, &match);
3323
c0ecddc2
JH		 3324 if (changed)
3325 err = new_settings(hdev, match.sk);
ed2c4ee3 3326
5fc6ebb1 3327 if (match.sk)
ed2c4ee3
JH		 3328 sock_put(match.sk);
3329
5fc6ebb1
JH		 3330 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3331 update_eir(hdev);
3332 else
3333 clear_eir(hdev);
cacaf52f 3334
ed2c4ee3
JH		 3335 return err;
3336}
3337
90e70454
JH		 3338static void class_rsp(struct pending_cmd *cmd, void *data)
3339{
3340 struct cmd_lookup *match = data;
3341
3342 cmd_complete(cmd->sk, cmd->index, cmd->opcode, match->mgmt_status,
04124681 3343 match->hdev->dev_class, 3);
90e70454
JH		 3344
3345 list_del(&cmd->list);
3346
3347 if (match->sk == NULL) {
3348 match->sk = cmd->sk;
3349 sock_hold(match->sk);
3350 }
3351
3352 mgmt_pending_free(cmd);
3353}
3354
7f9a903c 3355int mgmt_set_class_of_dev_complete(struct hci_dev *hdev, u8 *dev_class,
04124681 3356 u8 status)
7f9a903c 3357{
90e70454
JH		 3358 struct cmd_lookup match = { NULL, hdev, mgmt_status(status) };
3359 int err = 0;
7f9a903c 3360
c95f0ba7
JH		 3361 clear_bit(HCI_PENDING_CLASS, &hdev->dev_flags);
3362
90e70454
JH		 3363 mgmt_pending_foreach(MGMT_OP_SET_DEV_CLASS, hdev, class_rsp, &match);
3364 mgmt_pending_foreach(MGMT_OP_ADD_UUID, hdev, class_rsp, &match);
3365 mgmt_pending_foreach(MGMT_OP_REMOVE_UUID, hdev, class_rsp, &match);
3366
3367 if (!status)
04124681
GP		 3368 err = mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev, dev_class,
3369 3, NULL);
90e70454
JH		 3370
3371 if (match.sk)
3372 sock_put(match.sk);
7f9a903c
MH		 3373
3374 return err;
3375}
3376
744cf19e 3377int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
b312b161
JH		 3378{
3379 struct pending_cmd *cmd;
3380 struct mgmt_cp_set_local_name ev;
28cc7bde
JH		 3381 bool changed = false;
3382 int err = 0;
3383
3384 if (memcmp(name, hdev->dev_name, sizeof(hdev->dev_name)) != 0) {
3385 memcpy(hdev->dev_name, name, sizeof(hdev->dev_name));
3386 changed = true;
3387 }
b312b161
JH		 3388
3389 memset(&ev, 0, sizeof(ev));
3390 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
28cc7bde 3391 memcpy(ev.short_name, hdev->short_name, HCI_MAX_SHORT_NAME_LENGTH);
b312b161 3392
2e58ef3e 3393 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
b312b161
JH		 3394 if (!cmd)
3395 goto send_event;
3396
7bdaae4a
JH		 3397 /* Always assume that either the short or the complete name has
3398 * changed if there was a pending mgmt command */
3399 changed = true;
3400
b312b161 3401 if (status) {
744cf19e 3402 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
04124681 3403 mgmt_status(status));
b312b161
JH		 3404 goto failed;
3405 }
3406
aee9b218 3407 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0, &ev,
04124681 3408 sizeof(ev));
b312b161
JH		 3409 if (err < 0)
3410 goto failed;
3411
3412send_event:
28cc7bde
JH		 3413 if (changed)
3414 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev,
04124681 3415 sizeof(ev), cmd ? cmd->sk : NULL);
28cc7bde 3416
f51d5b24 3417 update_eir(hdev);
b312b161
JH		 3418
3419failed:
3420 if (cmd)
3421 mgmt_pending_remove(cmd);
3422 return err;
3423}
c35938b2 3424
744cf19e 3425int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
04124681 3426 u8 *randomizer, u8 status)
c35938b2
SJ		 3427{
3428 struct pending_cmd *cmd;
3429 int err;
3430
744cf19e 3431 BT_DBG("%s status %u", hdev->name, status);
c35938b2 3432
2e58ef3e 3433 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
c35938b2
SJ		 3434 if (!cmd)
3435 return -ENOENT;
3436
3437 if (status) {
04124681
GP		 3438 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
3439 mgmt_status(status));
c35938b2
SJ		 3440 } else {
3441 struct mgmt_rp_read_local_oob_data rp;
3442
3443 memcpy(rp.hash, hash, sizeof(rp.hash));
3444 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
3445
744cf19e 3446 err = cmd_complete(cmd->sk, hdev->id,
04124681
GP		 3447 MGMT_OP_READ_LOCAL_OOB_DATA, 0, &rp,
3448 sizeof(rp));
c35938b2
SJ		 3449 }
3450
3451 mgmt_pending_remove(cmd);
3452
3453 return err;
3454}
e17acd40 3455
06199cf8
JH		 3456int mgmt_le_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
3457{
3458 struct cmd_lookup match = { NULL, hdev };
3459 bool changed = false;
3460 int err = 0;
3461
3462 if (status) {
3463 u8 mgmt_err = mgmt_status(status);
3464
3465 if (enable && test_and_clear_bit(HCI_LE_ENABLED,
04124681 3466 &hdev->dev_flags))
d97dcb66 3467 err = new_settings(hdev, NULL);
06199cf8 3468
d97dcb66
SJ		 3469 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, cmd_status_rsp,
3470 &mgmt_err);
06199cf8
JH		 3471
3472 return err;
3473 }
3474
3475 if (enable) {
3476 if (!test_and_set_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3477 changed = true;
3478 } else {
3479 if (test_and_clear_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3480 changed = true;
3481 }
3482
3483 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, settings_rsp, &match);
3484
3485 if (changed)
3486 err = new_settings(hdev, match.sk);
3487
3488 if (match.sk)
3489 sock_put(match.sk);
3490
3491 return err;
3492}
3493
48264f06 3494int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 3495 u8 addr_type, u8 *dev_class, s8 rssi, u8 cfm_name, u8
3496 ssp, u8 *eir, u16 eir_len)
e17acd40 3497{
e319d2e7
JH		 3498 char buf[512];
3499 struct mgmt_ev_device_found *ev = (void *) buf;
1dc06093 3500 size_t ev_size;
e17acd40 3501
1dc06093
JH		 3502 /* Leave 5 bytes for a potential CoD field */
3503 if (sizeof(*ev) + eir_len + 5 > sizeof(buf))
7d262f86
AG		 3504 return -EINVAL;
3505
1dc06093
JH		 3506 memset(buf, 0, sizeof(buf));
3507
e319d2e7
JH		 3508 bacpy(&ev->addr.bdaddr, bdaddr);
3509 ev->addr.type = link_to_mgmt(link_type, addr_type);
3510 ev->rssi = rssi;
9a395a80
JH		 3511 if (cfm_name)
3512 ev->flags[0] |= MGMT_DEV_FOUND_CONFIRM_NAME;
388fc8fa
JH		 3513 if (!ssp)
3514 ev->flags[0] |= MGMT_DEV_FOUND_LEGACY_PAIRING;
e17acd40 3515
1dc06093 3516 if (eir_len > 0)
e319d2e7 3517 memcpy(ev->eir, eir, eir_len);
e17acd40 3518
1dc06093
JH		 3519 if (dev_class && !eir_has_data_type(ev->eir, eir_len, EIR_CLASS_OF_DEV))
3520 eir_len = eir_append_data(ev->eir, eir_len, EIR_CLASS_OF_DEV,
04124681 3521 dev_class, 3);
1dc06093 3522
eb55ef07 3523 ev->eir_len = cpu_to_le16(eir_len);
1dc06093
JH		 3524
3525 ev_size = sizeof(*ev) + eir_len;
f8523598 3526
e319d2e7 3527 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, ev_size, NULL);
e17acd40 3528}
a88a9652 3529
b644ba33 3530int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3531 u8 addr_type, s8 rssi, u8 *name, u8 name_len)
a88a9652 3532{
b644ba33
JH		 3533 struct mgmt_ev_device_found *ev;
3534 char buf[sizeof(*ev) + HCI_MAX_NAME_LENGTH + 2];
3535 u16 eir_len;
a88a9652 3536
b644ba33 3537 ev = (struct mgmt_ev_device_found *) buf;
a88a9652 3538
b644ba33
JH		 3539 memset(buf, 0, sizeof(buf));
3540
3541 bacpy(&ev->addr.bdaddr, bdaddr);
3542 ev->addr.type = link_to_mgmt(link_type, addr_type);
3543 ev->rssi = rssi;
3544
3545 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name,
04124681 3546 name_len);
b644ba33 3547
eb55ef07 3548 ev->eir_len = cpu_to_le16(eir_len);
a88a9652 3549
053c7e0c 3550 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev,
04124681 3551 sizeof(*ev) + eir_len, NULL);
a88a9652 3552}
314b2381 3553
7a135109 3554int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
164a6e78
JH		 3555{
3556 struct pending_cmd *cmd;
f808e166 3557 u8 type;
164a6e78
JH		 3558 int err;
3559
203159d4
AG		 3560 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3561
2e58ef3e 3562 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78
JH		 3563 if (!cmd)
3564 return -ENOENT;
3565
f808e166
JH		 3566 type = hdev->discovery.type;
3567
3568 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 3569 &type, sizeof(type));
164a6e78
JH		 3570 mgmt_pending_remove(cmd);
3571
3572 return err;
3573}
3574
e6d465cb
AG		 3575int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
3576{
3577 struct pending_cmd *cmd;
3578 int err;
3579
3580 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
3581 if (!cmd)
3582 return -ENOENT;
3583
d930650b 3584 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 3585 &hdev->discovery.type, sizeof(hdev->discovery.type));
164a6e78
JH		 3586 mgmt_pending_remove(cmd);
3587
3588 return err;
3589}
3590
744cf19e 3591int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
314b2381 3592{
f963e8e9 3593 struct mgmt_ev_discovering ev;
164a6e78
JH		 3594 struct pending_cmd *cmd;
3595
343fb145
AG		 3596 BT_DBG("%s discovering %u", hdev->name, discovering);
3597
164a6e78 3598 if (discovering)
2e58ef3e 3599 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78 3600 else
2e58ef3e 3601 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
164a6e78
JH		 3602
3603 if (cmd != NULL) {
f808e166
JH		 3604 u8 type = hdev->discovery.type;
3605
04124681
GP		 3606 cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0, &type,
3607 sizeof(type));
164a6e78
JH		 3608 mgmt_pending_remove(cmd);
3609 }
3610
f963e8e9
JH		 3611 memset(&ev, 0, sizeof(ev));
3612 ev.type = hdev->discovery.type;
3613 ev.discovering = discovering;
3614
3615 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &ev, sizeof(ev), NULL);
314b2381 3616}
5e762444 3617
88c1fe4b 3618int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3619{
3620 struct pending_cmd *cmd;
3621 struct mgmt_ev_device_blocked ev;
3622
2e58ef3e 3623 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
5e762444 3624
88c1fe4b
JH		 3625 bacpy(&ev.addr.bdaddr, bdaddr);
3626 ev.addr.type = type;
5e762444 3627
744cf19e 3628 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
04124681 3629 cmd ? cmd->sk : NULL);
5e762444
AJ		 3630}
3631
88c1fe4b 3632int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3633{
3634 struct pending_cmd *cmd;
3635 struct mgmt_ev_device_unblocked ev;
3636
2e58ef3e 3637 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
5e762444 3638
88c1fe4b
JH		 3639 bacpy(&ev.addr.bdaddr, bdaddr);
3640 ev.addr.type = type;
5e762444 3641
744cf19e 3642 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
04124681 3643 cmd ? cmd->sk : NULL);
5e762444 3644}
d7b7e796
MH		 3645
3646module_param(enable_hs, bool, 0644);
3647MODULE_PARM_DESC(enable_hs, "Enable High Speed support");
3648
3649module_param(enable_le, bool, 0644);
3650MODULE_PARM_DESC(enable_le, "Enable Low Energy support");
Linux kernel - Deliverables
This page took 0.401239 seconds and 5 git commands to generate.