projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Fix accepting set_dev_class for non-BR/EDR controllers
[deliverable/linux.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
ea585ab5 3
0381101f 4 Copyright (C) 2010 Nokia Corporation
ea585ab5 5 Copyright (C) 2011-2012 Intel Corporation
0381101f
JH		 6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI Management interface */
26
3a9a231d 27#include <linux/module.h>
0381101f
JH		 28#include <asm/unaligned.h>
29
30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h>
32#include <net/bluetooth/mgmt.h>
5fe57d9e 33#include <net/bluetooth/smp.h>
0381101f 34
d7b7e796 35bool enable_hs;
d7b7e796 36
2da9c55c 37#define MGMT_VERSION 1
23b3b133 38#define MGMT_REVISION 2
02d98129 39
e70bb2e8
JH		 40static const u16 mgmt_commands[] = {
41 MGMT_OP_READ_INDEX_LIST,
42 MGMT_OP_READ_INFO,
43 MGMT_OP_SET_POWERED,
44 MGMT_OP_SET_DISCOVERABLE,
45 MGMT_OP_SET_CONNECTABLE,
46 MGMT_OP_SET_FAST_CONNECTABLE,
47 MGMT_OP_SET_PAIRABLE,
48 MGMT_OP_SET_LINK_SECURITY,
49 MGMT_OP_SET_SSP,
50 MGMT_OP_SET_HS,
51 MGMT_OP_SET_LE,
52 MGMT_OP_SET_DEV_CLASS,
53 MGMT_OP_SET_LOCAL_NAME,
54 MGMT_OP_ADD_UUID,
55 MGMT_OP_REMOVE_UUID,
56 MGMT_OP_LOAD_LINK_KEYS,
57 MGMT_OP_LOAD_LONG_TERM_KEYS,
58 MGMT_OP_DISCONNECT,
59 MGMT_OP_GET_CONNECTIONS,
60 MGMT_OP_PIN_CODE_REPLY,
61 MGMT_OP_PIN_CODE_NEG_REPLY,
62 MGMT_OP_SET_IO_CAPABILITY,
63 MGMT_OP_PAIR_DEVICE,
64 MGMT_OP_CANCEL_PAIR_DEVICE,
65 MGMT_OP_UNPAIR_DEVICE,
66 MGMT_OP_USER_CONFIRM_REPLY,
67 MGMT_OP_USER_CONFIRM_NEG_REPLY,
68 MGMT_OP_USER_PASSKEY_REPLY,
69 MGMT_OP_USER_PASSKEY_NEG_REPLY,
70 MGMT_OP_READ_LOCAL_OOB_DATA,
71 MGMT_OP_ADD_REMOTE_OOB_DATA,
72 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
73 MGMT_OP_START_DISCOVERY,
74 MGMT_OP_STOP_DISCOVERY,
75 MGMT_OP_CONFIRM_NAME,
76 MGMT_OP_BLOCK_DEVICE,
77 MGMT_OP_UNBLOCK_DEVICE,
cdbaccca 78 MGMT_OP_SET_DEVICE_ID,
e70bb2e8
JH		 79};
80
81static const u16 mgmt_events[] = {
82 MGMT_EV_CONTROLLER_ERROR,
83 MGMT_EV_INDEX_ADDED,
84 MGMT_EV_INDEX_REMOVED,
85 MGMT_EV_NEW_SETTINGS,
86 MGMT_EV_CLASS_OF_DEV_CHANGED,
87 MGMT_EV_LOCAL_NAME_CHANGED,
88 MGMT_EV_NEW_LINK_KEY,
89 MGMT_EV_NEW_LONG_TERM_KEY,
90 MGMT_EV_DEVICE_CONNECTED,
91 MGMT_EV_DEVICE_DISCONNECTED,
92 MGMT_EV_CONNECT_FAILED,
93 MGMT_EV_PIN_CODE_REQUEST,
94 MGMT_EV_USER_CONFIRM_REQUEST,
95 MGMT_EV_USER_PASSKEY_REQUEST,
96 MGMT_EV_AUTH_FAILED,
97 MGMT_EV_DEVICE_FOUND,
98 MGMT_EV_DISCOVERING,
99 MGMT_EV_DEVICE_BLOCKED,
100 MGMT_EV_DEVICE_UNBLOCKED,
101 MGMT_EV_DEVICE_UNPAIRED,
92a25256 102 MGMT_EV_PASSKEY_NOTIFY,
e70bb2e8
JH		 103};
104
3fd24153
AG		 105/*
106 * These LE scan and inquiry parameters were chosen according to LE General
107 * Discovery Procedure specification.
108 */
109#define LE_SCAN_TYPE 0x01
110#define LE_SCAN_WIN 0x12
111#define LE_SCAN_INT 0x12
112#define LE_SCAN_TIMEOUT_LE_ONLY 10240 /* TGAP(gen_disc_scan_min) */
5e0452c0 113#define LE_SCAN_TIMEOUT_BREDR_LE 5120 /* TGAP(100)/2 */
3fd24153 114
e8777525 115#define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
5e0452c0 116#define INQUIRY_LEN_BREDR_LE 0x04 /* TGAP(100)/2 */
2519a1fc 117
17b02e62 118#define CACHE_TIMEOUT msecs_to_jiffies(2 * 1000)
7d78525d 119
4b34ee78
JH		 120#define hdev_is_powered(hdev) (test_bit(HCI_UP, &hdev->flags) && \
121 !test_bit(HCI_AUTO_OFF, &hdev->dev_flags))
122
eec8d2bc
JH		 123struct pending_cmd {
124 struct list_head list;
fc2f4b13 125 u16 opcode;
eec8d2bc 126 int index;
c68fb7ff 127 void *param;
eec8d2bc 128 struct sock *sk;
e9a416b5 129 void *user_data;
eec8d2bc
JH		 130};
131
ca69b795
JH		 132/* HCI to MGMT error code conversion table */
133static u8 mgmt_status_table[] = {
134 MGMT_STATUS_SUCCESS,
135 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
136 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
137 MGMT_STATUS_FAILED, /* Hardware Failure */
138 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
139 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
140 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
141 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
142 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
143 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
144 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
145 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
146 MGMT_STATUS_BUSY, /* Command Disallowed */
147 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
148 MGMT_STATUS_REJECTED, /* Rejected Security */
149 MGMT_STATUS_REJECTED, /* Rejected Personal */
150 MGMT_STATUS_TIMEOUT, /* Host Timeout */
151 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
152 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
153 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
154 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
155 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
156 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
157 MGMT_STATUS_BUSY, /* Repeated Attempts */
158 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
159 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
160 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
161 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
162 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
163 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
164 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
165 MGMT_STATUS_FAILED, /* Unspecified Error */
166 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
167 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
168 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
169 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
170 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
171 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
172 MGMT_STATUS_FAILED, /* Unit Link Key Used */
173 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
174 MGMT_STATUS_TIMEOUT, /* Instant Passed */
175 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
176 MGMT_STATUS_FAILED, /* Transaction Collision */
177 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
178 MGMT_STATUS_REJECTED, /* QoS Rejected */
179 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
180 MGMT_STATUS_REJECTED, /* Insufficient Security */
181 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
182 MGMT_STATUS_BUSY, /* Role Switch Pending */
183 MGMT_STATUS_FAILED, /* Slot Violation */
184 MGMT_STATUS_FAILED, /* Role Switch Failed */
185 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
186 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
187 MGMT_STATUS_BUSY, /* Host Busy Pairing */
188 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
189 MGMT_STATUS_BUSY, /* Controller Busy */
190 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
191 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
192 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
193 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
194 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
195};
196
bb4b2a9a
AE		 197bool mgmt_valid_hdev(struct hci_dev *hdev)
198{
199 return hdev->dev_type == HCI_BREDR;
200}
201
ca69b795
JH		 202static u8 mgmt_status(u8 hci_status)
203{
204 if (hci_status < ARRAY_SIZE(mgmt_status_table))
205 return mgmt_status_table[hci_status];
206
207 return MGMT_STATUS_FAILED;
208}
209
4e51eae9 210static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 211{
212 struct sk_buff *skb;
213 struct mgmt_hdr *hdr;
214 struct mgmt_ev_cmd_status *ev;
56b7d137 215 int err;
f7b64e69 216
34eb525c 217 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69 218
790eff44 219 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_KERNEL);
f7b64e69
JH		 220 if (!skb)
221 return -ENOMEM;
222
223 hdr = (void *) skb_put(skb, sizeof(*hdr));
224
612dfce9 225 hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 226 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 227 hdr->len = cpu_to_le16(sizeof(*ev));
228
229 ev = (void *) skb_put(skb, sizeof(*ev));
230 ev->status = status;
eb55ef07 231 ev->opcode = cpu_to_le16(cmd);
f7b64e69 232
56b7d137
GP		 233 err = sock_queue_rcv_skb(sk, skb);
234 if (err < 0)
f7b64e69
JH		 235 kfree_skb(skb);
236
56b7d137 237 return err;
f7b64e69
JH		 238}
239
aee9b218 240static int cmd_complete(struct sock *sk, u16 index, u16 cmd, u8 status,
04124681 241 void *rp, size_t rp_len)
02d98129
JH		 242{
243 struct sk_buff *skb;
244 struct mgmt_hdr *hdr;
245 struct mgmt_ev_cmd_complete *ev;
56b7d137 246 int err;
02d98129
JH		 247
248 BT_DBG("sock %p", sk);
249
790eff44 250 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_KERNEL);
02d98129
JH		 251 if (!skb)
252 return -ENOMEM;
253
254 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 255
612dfce9 256 hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 257 hdr->index = cpu_to_le16(index);
a38528f1 258 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 259
a38528f1 260 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
eb55ef07 261 ev->opcode = cpu_to_le16(cmd);
aee9b218 262 ev->status = status;
8020c16a
SJ		 263
264 if (rp)
265 memcpy(ev->data, rp, rp_len);
02d98129 266
56b7d137
GP		 267 err = sock_queue_rcv_skb(sk, skb);
268 if (err < 0)
02d98129
JH		 269 kfree_skb(skb);
270
e5f0e151 271 return err;
02d98129
JH		 272}
273
04124681
GP		 274static int read_version(struct sock *sk, struct hci_dev *hdev, void *data,
275 u16 data_len)
a38528f1
JH		 276{
277 struct mgmt_rp_read_version rp;
278
279 BT_DBG("sock %p", sk);
280
281 rp.version = MGMT_VERSION;
eb55ef07 282 rp.revision = __constant_cpu_to_le16(MGMT_REVISION);
a38528f1 283
aee9b218 284 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, 0, &rp,
04124681 285 sizeof(rp));
a38528f1
JH		 286}
287
04124681
GP		 288static int read_commands(struct sock *sk, struct hci_dev *hdev, void *data,
289 u16 data_len)
e70bb2e8
JH		 290{
291 struct mgmt_rp_read_commands *rp;
eb55ef07
MH		 292 const u16 num_commands = ARRAY_SIZE(mgmt_commands);
293 const u16 num_events = ARRAY_SIZE(mgmt_events);
2e3c35ea 294 __le16 *opcode;
e70bb2e8
JH		 295 size_t rp_size;
296 int i, err;
297
298 BT_DBG("sock %p", sk);
299
300 rp_size = sizeof(*rp) + ((num_commands + num_events) * sizeof(u16));
301
302 rp = kmalloc(rp_size, GFP_KERNEL);
303 if (!rp)
304 return -ENOMEM;
305
eb55ef07
MH		 306 rp->num_commands = __constant_cpu_to_le16(num_commands);
307 rp->num_events = __constant_cpu_to_le16(num_events);
e70bb2e8
JH		 308
309 for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++)
310 put_unaligned_le16(mgmt_commands[i], opcode);
311
312 for (i = 0; i < num_events; i++, opcode++)
313 put_unaligned_le16(mgmt_events[i], opcode);
314
aee9b218 315 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0, rp,
04124681 316 rp_size);
e70bb2e8
JH		 317 kfree(rp);
318
319 return err;
320}
321
04124681
GP		 322static int read_index_list(struct sock *sk, struct hci_dev *hdev, void *data,
323 u16 data_len)
faba42eb 324{
faba42eb 325 struct mgmt_rp_read_index_list *rp;
8035ded4 326 struct hci_dev *d;
a38528f1 327 size_t rp_len;
faba42eb 328 u16 count;
476e44cb 329 int err;
faba42eb
JH		 330
331 BT_DBG("sock %p", sk);
332
333 read_lock(&hci_dev_list_lock);
334
335 count = 0;
bb4b2a9a
AE		 336 list_for_each_entry(d, &hci_dev_list, list) {
337 if (!mgmt_valid_hdev(d))
338 continue;
339
faba42eb
JH		 340 count++;
341 }
342
a38528f1
JH		 343 rp_len = sizeof(*rp) + (2 * count);
344 rp = kmalloc(rp_len, GFP_ATOMIC);
345 if (!rp) {
b2c60d42 346 read_unlock(&hci_dev_list_lock);
faba42eb 347 return -ENOMEM;
b2c60d42 348 }
faba42eb 349
476e44cb 350 count = 0;
8035ded4 351 list_for_each_entry(d, &hci_dev_list, list) {
a8b2d5c2 352 if (test_bit(HCI_SETUP, &d->dev_flags))
ab81cbf9
JH		 353 continue;
354
bb4b2a9a
AE		 355 if (!mgmt_valid_hdev(d))
356 continue;
357
476e44cb 358 rp->index[count++] = cpu_to_le16(d->id);
faba42eb
JH		 359 BT_DBG("Added hci%u", d->id);
360 }
361
476e44cb
JH		 362 rp->num_controllers = cpu_to_le16(count);
363 rp_len = sizeof(*rp) + (2 * count);
364
faba42eb
JH		 365 read_unlock(&hci_dev_list_lock);
366
aee9b218 367 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, 0, rp,
04124681 368 rp_len);
faba42eb 369
a38528f1
JH		 370 kfree(rp);
371
372 return err;
faba42eb
JH		 373}
374
69ab39ea
JH		 375static u32 get_supported_settings(struct hci_dev *hdev)
376{
377 u32 settings = 0;
378
379 settings |= MGMT_SETTING_POWERED;
69ab39ea
JH		 380 settings |= MGMT_SETTING_PAIRABLE;
381
9a1a1996 382 if (lmp_ssp_capable(hdev))
69ab39ea
JH		 383 settings |= MGMT_SETTING_SSP;
384
ed3fa31f 385 if (lmp_bredr_capable(hdev)) {
33c525c0
JH		 386 settings |= MGMT_SETTING_CONNECTABLE;
387 settings |= MGMT_SETTING_FAST_CONNECTABLE;
388 settings |= MGMT_SETTING_DISCOVERABLE;
69ab39ea
JH		 389 settings |= MGMT_SETTING_BREDR;
390 settings |= MGMT_SETTING_LINK_SECURITY;
391 }
392
d7b7e796
MH		 393 if (enable_hs)
394 settings |= MGMT_SETTING_HS;
395
c383ddc4 396 if (lmp_le_capable(hdev))
9d42820f 397 settings |= MGMT_SETTING_LE;
69ab39ea
JH		 398
399 return settings;
400}
401
402static u32 get_current_settings(struct hci_dev *hdev)
403{
404 u32 settings = 0;
405
f1f0eb02 406 if (hdev_is_powered(hdev))
f0d4b78a
MH		 407 settings |= MGMT_SETTING_POWERED;
408
5e5282bb 409 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
69ab39ea
JH		 410 settings |= MGMT_SETTING_CONNECTABLE;
411
5e5282bb 412 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
69ab39ea
JH		 413 settings |= MGMT_SETTING_DISCOVERABLE;
414
a8b2d5c2 415 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags))
69ab39ea
JH		 416 settings |= MGMT_SETTING_PAIRABLE;
417
ed3fa31f 418 if (lmp_bredr_capable(hdev))
69ab39ea
JH		 419 settings |= MGMT_SETTING_BREDR;
420
06199cf8 421 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 422 settings |= MGMT_SETTING_LE;
423
47990ea0 424 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
69ab39ea
JH		 425 settings |= MGMT_SETTING_LINK_SECURITY;
426
84bde9d6 427 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 428 settings |= MGMT_SETTING_SSP;
429
6d80dfd0
JH		 430 if (test_bit(HCI_HS_ENABLED, &hdev->dev_flags))
431 settings |= MGMT_SETTING_HS;
432
69ab39ea
JH		 433 return settings;
434}
435
ef580372
JH		 436#define PNP_INFO_SVCLASS_ID 0x1200
437
438static u8 bluetooth_base_uuid[] = {
439 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
440 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
441};
442
443static u16 get_uuid16(u8 *uuid128)
444{
445 u32 val;
446 int i;
447
448 for (i = 0; i < 12; i++) {
449 if (bluetooth_base_uuid[i] != uuid128[i])
450 return 0;
451 }
452
3e9fb6d8 453 val = get_unaligned_le32(&uuid128[12]);
ef580372
JH		 454 if (val > 0xffff)
455 return 0;
456
457 return (u16) val;
458}
459
460static void create_eir(struct hci_dev *hdev, u8 *data)
461{
462 u8 *ptr = data;
463 u16 eir_len = 0;
464 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
465 int i, truncated = 0;
466 struct bt_uuid *uuid;
467 size_t name_len;
468
469 name_len = strlen(hdev->dev_name);
470
471 if (name_len > 0) {
472 /* EIR Data type */
473 if (name_len > 48) {
474 name_len = 48;
475 ptr[1] = EIR_NAME_SHORT;
476 } else
477 ptr[1] = EIR_NAME_COMPLETE;
478
479 /* EIR Data length */
480 ptr[0] = name_len + 1;
481
482 memcpy(ptr + 2, hdev->dev_name, name_len);
483
484 eir_len += (name_len + 2);
485 ptr += (name_len + 2);
486 }
487
bbaf444a 488 if (hdev->inq_tx_power != HCI_TX_POWER_INVALID) {
91c4e9b1
MH		 489 ptr[0] = 2;
490 ptr[1] = EIR_TX_POWER;
491 ptr[2] = (u8) hdev->inq_tx_power;
492
493 eir_len += 3;
494 ptr += 3;
495 }
496
2b9be137
MH		 497 if (hdev->devid_source > 0) {
498 ptr[0] = 9;
499 ptr[1] = EIR_DEVICE_ID;
500
501 put_unaligned_le16(hdev->devid_source, ptr + 2);
502 put_unaligned_le16(hdev->devid_vendor, ptr + 4);
503 put_unaligned_le16(hdev->devid_product, ptr + 6);
504 put_unaligned_le16(hdev->devid_version, ptr + 8);
505
506 eir_len += 10;
507 ptr += 10;
508 }
509
ef580372
JH		 510 memset(uuid16_list, 0, sizeof(uuid16_list));
511
512 /* Group all UUID16 types */
513 list_for_each_entry(uuid, &hdev->uuids, list) {
514 u16 uuid16;
515
516 uuid16 = get_uuid16(uuid->uuid);
517 if (uuid16 == 0)
518 return;
519
520 if (uuid16 < 0x1100)
521 continue;
522
523 if (uuid16 == PNP_INFO_SVCLASS_ID)
524 continue;
525
526 /* Stop if not enough space to put next UUID */
527 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
528 truncated = 1;
529 break;
530 }
531
532 /* Check for duplicates */
533 for (i = 0; uuid16_list[i] != 0; i++)
534 if (uuid16_list[i] == uuid16)
535 break;
536
537 if (uuid16_list[i] == 0) {
538 uuid16_list[i] = uuid16;
539 eir_len += sizeof(u16);
540 }
541 }
542
543 if (uuid16_list[0] != 0) {
544 u8 *length = ptr;
545
546 /* EIR Data type */
547 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
548
549 ptr += 2;
550 eir_len += 2;
551
552 for (i = 0; uuid16_list[i] != 0; i++) {
553 *ptr++ = (uuid16_list[i] & 0x00ff);
554 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
555 }
556
557 /* EIR Data length */
558 *length = (i * sizeof(u16)) + 1;
559 }
560}
561
562static int update_eir(struct hci_dev *hdev)
563{
564 struct hci_cp_write_eir cp;
565
504c8dcd 566 if (!hdev_is_powered(hdev))
7770c4aa
JH		 567 return 0;
568
976eb20e 569 if (!lmp_ext_inq_capable(hdev))
ef580372
JH		 570 return 0;
571
84bde9d6 572 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
ef580372
JH		 573 return 0;
574
a8b2d5c2 575 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 576 return 0;
577
578 memset(&cp, 0, sizeof(cp));
579
580 create_eir(hdev, cp.data);
581
582 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
583 return 0;
584
585 memcpy(hdev->eir, cp.data, sizeof(cp.data));
586
587 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
588}
589
590static u8 get_service_classes(struct hci_dev *hdev)
591{
592 struct bt_uuid *uuid;
593 u8 val = 0;
594
595 list_for_each_entry(uuid, &hdev->uuids, list)
596 val |= uuid->svc_hint;
597
598 return val;
599}
600
601static int update_class(struct hci_dev *hdev)
602{
603 u8 cod[3];
c95f0ba7 604 int err;
ef580372
JH		 605
606 BT_DBG("%s", hdev->name);
607
504c8dcd 608 if (!hdev_is_powered(hdev))
7770c4aa
JH		 609 return 0;
610
a8b2d5c2 611 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 612 return 0;
613
614 cod[0] = hdev->minor_class;
615 cod[1] = hdev->major_class;
616 cod[2] = get_service_classes(hdev);
617
618 if (memcmp(cod, hdev->dev_class, 3) == 0)
619 return 0;
620
c95f0ba7
JH		 621 err = hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
622 if (err == 0)
623 set_bit(HCI_PENDING_CLASS, &hdev->dev_flags);
624
625 return err;
ef580372
JH		 626}
627
7d78525d
JH		 628static void service_cache_off(struct work_struct *work)
629{
630 struct hci_dev *hdev = container_of(work, struct hci_dev,
04124681 631 service_cache.work);
7d78525d 632
a8b2d5c2 633 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 634 return;
635
636 hci_dev_lock(hdev);
637
638 update_eir(hdev);
639 update_class(hdev);
640
641 hci_dev_unlock(hdev);
642}
643
6a919082 644static void mgmt_init_hdev(struct sock *sk, struct hci_dev *hdev)
7d78525d 645{
4f87da80 646 if (test_and_set_bit(HCI_MGMT, &hdev->dev_flags))
6a919082
JH		 647 return;
648
4f87da80 649 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
7d78525d 650
4f87da80
JH		 651 /* Non-mgmt controlled devices get this bit set
652 * implicitly so that pairing works for them, however
653 * for mgmt we require user-space to explicitly enable
654 * it
655 */
656 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
7d78525d
JH		 657}
658
0f4e68cf 659static int read_controller_info(struct sock *sk, struct hci_dev *hdev,
04124681 660 void *data, u16 data_len)
0381101f 661{
a38528f1 662 struct mgmt_rp_read_info rp;
f7b64e69 663
bdb6d971 664 BT_DBG("sock %p %s", sk, hdev->name);
f7b64e69 665
09fd0de5 666 hci_dev_lock(hdev);
f7b64e69 667
dc4fe30b
JH		 668 memset(&rp, 0, sizeof(rp));
669
69ab39ea 670 bacpy(&rp.bdaddr, &hdev->bdaddr);
f7b64e69 671
69ab39ea 672 rp.version = hdev->hci_ver;
eb55ef07 673 rp.manufacturer = cpu_to_le16(hdev->manufacturer);
69ab39ea
JH		 674
675 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
676 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
f7b64e69 677
a38528f1 678 memcpy(rp.dev_class, hdev->dev_class, 3);
f7b64e69 679
dc4fe30b 680 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
27fcc362 681 memcpy(rp.short_name, hdev->short_name, sizeof(hdev->short_name));
dc4fe30b 682
09fd0de5 683 hci_dev_unlock(hdev);
0381101f 684
bdb6d971 685 return cmd_complete(sk, hdev->id, MGMT_OP_READ_INFO, 0, &rp,
04124681 686 sizeof(rp));
0381101f
JH		 687}
688
eec8d2bc
JH		 689static void mgmt_pending_free(struct pending_cmd *cmd)
690{
691 sock_put(cmd->sk);
c68fb7ff 692 kfree(cmd->param);
eec8d2bc
JH		 693 kfree(cmd);
694}
695
366a0336 696static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
04124681
GP		 697 struct hci_dev *hdev, void *data,
698 u16 len)
eec8d2bc
JH		 699{
700 struct pending_cmd *cmd;
701
12b94565 702 cmd = kmalloc(sizeof(*cmd), GFP_KERNEL);
eec8d2bc 703 if (!cmd)
366a0336 704 return NULL;
eec8d2bc
JH		 705
706 cmd->opcode = opcode;
2e58ef3e 707 cmd->index = hdev->id;
eec8d2bc 708
12b94565 709 cmd->param = kmalloc(len, GFP_KERNEL);
c68fb7ff 710 if (!cmd->param) {
eec8d2bc 711 kfree(cmd);
366a0336 712 return NULL;
eec8d2bc
JH		 713 }
714
8fce6357
SJ		 715 if (data)
716 memcpy(cmd->param, data, len);
eec8d2bc
JH		 717
718 cmd->sk = sk;
719 sock_hold(sk);
720
2e58ef3e 721 list_add(&cmd->list, &hdev->mgmt_pending);
eec8d2bc 722
366a0336 723 return cmd;
eec8d2bc
JH		 724}
725
744cf19e 726static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
8fc9ced3
GP		 727 void (*cb)(struct pending_cmd *cmd,
728 void *data),
04124681 729 void *data)
eec8d2bc
JH		 730{
731 struct list_head *p, *n;
732
2e58ef3e 733 list_for_each_safe(p, n, &hdev->mgmt_pending) {
eec8d2bc
JH		 734 struct pending_cmd *cmd;
735
736 cmd = list_entry(p, struct pending_cmd, list);
737
b24752fe 738 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 739 continue;
740
eec8d2bc
JH		 741 cb(cmd, data);
742 }
743}
744
2e58ef3e 745static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
eec8d2bc 746{
8035ded4 747 struct pending_cmd *cmd;
eec8d2bc 748
2e58ef3e 749 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
2aeabcbe
JH		 750 if (cmd->opcode == opcode)
751 return cmd;
eec8d2bc
JH		 752 }
753
754 return NULL;
755}
756
a664b5bc 757static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 758{
73f22f62
JH		 759 list_del(&cmd->list);
760 mgmt_pending_free(cmd);
761}
762
69ab39ea 763static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
8680570b 764{
69ab39ea 765 __le32 settings = cpu_to_le32(get_current_settings(hdev));
8680570b 766
aee9b218 767 return cmd_complete(sk, hdev->id, opcode, 0, &settings,
04124681 768 sizeof(settings));
8680570b
JH		 769}
770
bdb6d971 771static int set_powered(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 772 u16 len)
eec8d2bc 773{
650f726d 774 struct mgmt_mode *cp = data;
366a0336 775 struct pending_cmd *cmd;
4b34ee78 776 int err;
eec8d2bc 777
bdb6d971 778 BT_DBG("request for %s", hdev->name);
eec8d2bc 779
09fd0de5 780 hci_dev_lock(hdev);
eec8d2bc 781
f0d4b78a
MH		 782 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) {
783 cancel_delayed_work(&hdev->power_off);
784
785 if (cp->val) {
786 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
787 mgmt_powered(hdev, 1);
788 goto failed;
789 }
790 }
791
4b34ee78 792 if (!!cp->val == hdev_is_powered(hdev)) {
69ab39ea 793 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
eec8d2bc
JH		 794 goto failed;
795 }
796
2e58ef3e 797 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
bdb6d971 798 err = cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
04124681 799 MGMT_STATUS_BUSY);
eec8d2bc
JH		 800 goto failed;
801 }
802
2e58ef3e 803 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
366a0336
JH		 804 if (!cmd) {
805 err = -ENOMEM;
eec8d2bc 806 goto failed;
366a0336 807 }
eec8d2bc 808
72a734ec 809 if (cp->val)
7f971041 810 schedule_work(&hdev->power_on);
eec8d2bc 811 else
80b7ab33 812 schedule_work(&hdev->power_off.work);
eec8d2bc 813
366a0336 814 err = 0;
eec8d2bc
JH		 815
816failed:
09fd0de5 817 hci_dev_unlock(hdev);
366a0336 818 return err;
eec8d2bc
JH		 819}
820
04124681
GP		 821static int mgmt_event(u16 event, struct hci_dev *hdev, void *data, u16 data_len,
822 struct sock *skip_sk)
beadb2bd
JH		 823{
824 struct sk_buff *skb;
825 struct mgmt_hdr *hdr;
826
790eff44 827 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_KERNEL);
beadb2bd
JH		 828 if (!skb)
829 return -ENOMEM;
830
831 hdr = (void *) skb_put(skb, sizeof(*hdr));
832 hdr->opcode = cpu_to_le16(event);
833 if (hdev)
834 hdr->index = cpu_to_le16(hdev->id);
835 else
612dfce9 836 hdr->index = __constant_cpu_to_le16(MGMT_INDEX_NONE);
beadb2bd
JH		 837 hdr->len = cpu_to_le16(data_len);
838
839 if (data)
840 memcpy(skb_put(skb, data_len), data, data_len);
841
97e0bdeb
MH		 842 /* Time stamp */
843 __net_timestamp(skb);
844
beadb2bd
JH		 845 hci_send_to_control(skb, skip_sk);
846 kfree_skb(skb);
847
848 return 0;
849}
850
851static int new_settings(struct hci_dev *hdev, struct sock *skip)
852{
853 __le32 ev;
854
855 ev = cpu_to_le32(get_current_settings(hdev));
856
857 return mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), skip);
858}
859
bdb6d971 860static int set_discoverable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 861 u16 len)
73f22f62 862{
650f726d 863 struct mgmt_cp_set_discoverable *cp = data;
366a0336 864 struct pending_cmd *cmd;
5e5282bb 865 u16 timeout;
73f22f62
JH		 866 u8 scan;
867 int err;
868
bdb6d971 869 BT_DBG("request for %s", hdev->name);
73f22f62 870
33c525c0
JH		 871 if (!lmp_bredr_capable(hdev))
872 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
873 MGMT_STATUS_NOT_SUPPORTED);
874
1f350c87 875 timeout = __le16_to_cpu(cp->timeout);
24c54a90 876 if (!cp->val && timeout > 0)
bdb6d971 877 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 878 MGMT_STATUS_INVALID_PARAMS);
73f22f62 879
09fd0de5 880 hci_dev_lock(hdev);
73f22f62 881
5e5282bb 882 if (!hdev_is_powered(hdev) && timeout > 0) {
bdb6d971 883 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 884 MGMT_STATUS_NOT_POWERED);
73f22f62
JH		 885 goto failed;
886 }
887
2e58ef3e 888 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 889 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 890 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 891 MGMT_STATUS_BUSY);
73f22f62
JH		 892 goto failed;
893 }
894
5e5282bb 895 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) {
bdb6d971 896 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 897 MGMT_STATUS_REJECTED);
5e5282bb
JH		 898 goto failed;
899 }
900
901 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 902 bool changed = false;
903
904 if (!!cp->val != test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
905 change_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
906 changed = true;
907 }
908
5e5282bb 909 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
0224d2fa
JH		 910 if (err < 0)
911 goto failed;
912
913 if (changed)
914 err = new_settings(hdev, sk);
915
5e5282bb
JH		 916 goto failed;
917 }
918
919 if (!!cp->val == test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
955638ec
MH		 920 if (hdev->discov_timeout > 0) {
921 cancel_delayed_work(&hdev->discov_off);
922 hdev->discov_timeout = 0;
923 }
924
925 if (cp->val && timeout > 0) {
926 hdev->discov_timeout = timeout;
927 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
928 msecs_to_jiffies(hdev->discov_timeout * 1000));
929 }
930
69ab39ea 931 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
73f22f62
JH		 932 goto failed;
933 }
934
2e58ef3e 935 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
366a0336
JH		 936 if (!cmd) {
937 err = -ENOMEM;
73f22f62 938 goto failed;
366a0336 939 }
73f22f62
JH		 940
941 scan = SCAN_PAGE;
942
72a734ec 943 if (cp->val)
73f22f62 944 scan |= SCAN_INQUIRY;
16ab91ab 945 else
e0f9309f 946 cancel_delayed_work(&hdev->discov_off);
73f22f62
JH		 947
948 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
949 if (err < 0)
a664b5bc 950 mgmt_pending_remove(cmd);
73f22f62 951
16ab91ab 952 if (cp->val)
5e5282bb 953 hdev->discov_timeout = timeout;
16ab91ab 954
73f22f62 955failed:
09fd0de5 956 hci_dev_unlock(hdev);
73f22f62
JH		 957 return err;
958}
959
bdb6d971 960static int set_connectable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 961 u16 len)
9fbcbb45 962{
650f726d 963 struct mgmt_mode *cp = data;
366a0336 964 struct pending_cmd *cmd;
9fbcbb45
JH		 965 u8 scan;
966 int err;
967
bdb6d971 968 BT_DBG("request for %s", hdev->name);
9fbcbb45 969
33c525c0
JH		 970 if (!lmp_bredr_capable(hdev))
971 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
972 MGMT_STATUS_NOT_SUPPORTED);
973
09fd0de5 974 hci_dev_lock(hdev);
9fbcbb45 975
4b34ee78 976 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 977 bool changed = false;
978
979 if (!!cp->val != test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
980 changed = true;
981
6bf0e469 982 if (cp->val) {
5e5282bb 983 set_bit(HCI_CONNECTABLE, &hdev->dev_flags);
6bf0e469 984 } else {
5e5282bb
JH		 985 clear_bit(HCI_CONNECTABLE, &hdev->dev_flags);
986 clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
987 }
0224d2fa 988
5e5282bb 989 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
0224d2fa
JH		 990 if (err < 0)
991 goto failed;
992
993 if (changed)
994 err = new_settings(hdev, sk);
995
9fbcbb45
JH		 996 goto failed;
997 }
998
2e58ef3e 999 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 1000 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 1001 err = cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
04124681 1002 MGMT_STATUS_BUSY);
9fbcbb45
JH		 1003 goto failed;
1004 }
1005
5e5282bb 1006 if (!!cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
69ab39ea 1007 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
9fbcbb45
JH		 1008 goto failed;
1009 }
1010
2e58ef3e 1011 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
366a0336
JH		 1012 if (!cmd) {
1013 err = -ENOMEM;
9fbcbb45 1014 goto failed;
366a0336 1015 }
9fbcbb45 1016
6bf0e469 1017 if (cp->val) {
9fbcbb45 1018 scan = SCAN_PAGE;
6bf0e469 1019 } else {
9fbcbb45
JH		 1020 scan = 0;
1021
df2c6c5e 1022 if (test_bit(HCI_ISCAN, &hdev->flags) &&
8ce8e2b5 1023 hdev->discov_timeout > 0)
df2c6c5e
JH		 1024 cancel_delayed_work(&hdev->discov_off);
1025 }
1026
9fbcbb45
JH		 1027 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1028 if (err < 0)
a664b5bc 1029 mgmt_pending_remove(cmd);
9fbcbb45
JH		 1030
1031failed:
09fd0de5 1032 hci_dev_unlock(hdev);
9fbcbb45
JH		 1033 return err;
1034}
1035
bdb6d971 1036static int set_pairable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1037 u16 len)
c542a06c 1038{
650f726d 1039 struct mgmt_mode *cp = data;
c542a06c
JH		 1040 int err;
1041
bdb6d971 1042 BT_DBG("request for %s", hdev->name);
c542a06c 1043
09fd0de5 1044 hci_dev_lock(hdev);
c542a06c
JH		 1045
1046 if (cp->val)
a8b2d5c2 1047 set_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1048 else
a8b2d5c2 1049 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1050
69ab39ea 1051 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
c542a06c
JH		 1052 if (err < 0)
1053 goto failed;
1054
beadb2bd 1055 err = new_settings(hdev, sk);
c542a06c
JH		 1056
1057failed:
09fd0de5 1058 hci_dev_unlock(hdev);
c542a06c
JH		 1059 return err;
1060}
1061
04124681
GP		 1062static int set_link_security(struct sock *sk, struct hci_dev *hdev, void *data,
1063 u16 len)
33ef95ed
JH		 1064{
1065 struct mgmt_mode *cp = data;
1066 struct pending_cmd *cmd;
816a11d5 1067 u8 val;
33ef95ed
JH		 1068 int err;
1069
bdb6d971 1070 BT_DBG("request for %s", hdev->name);
33ef95ed 1071
33c525c0
JH		 1072 if (!lmp_bredr_capable(hdev))
1073 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
1074 MGMT_STATUS_NOT_SUPPORTED);
1075
33ef95ed
JH		 1076 hci_dev_lock(hdev);
1077
4b34ee78 1078 if (!hdev_is_powered(hdev)) {
47990ea0
JH		 1079 bool changed = false;
1080
1081 if (!!cp->val != test_bit(HCI_LINK_SECURITY,
8ce8e2b5 1082 &hdev->dev_flags)) {
47990ea0
JH		 1083 change_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
1084 changed = true;
1085 }
1086
1087 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1088 if (err < 0)
1089 goto failed;
1090
1091 if (changed)
1092 err = new_settings(hdev, sk);
1093
33ef95ed
JH		 1094 goto failed;
1095 }
1096
1097 if (mgmt_pending_find(MGMT_OP_SET_LINK_SECURITY, hdev)) {
bdb6d971 1098 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
04124681 1099 MGMT_STATUS_BUSY);
33ef95ed
JH		 1100 goto failed;
1101 }
1102
1103 val = !!cp->val;
1104
1105 if (test_bit(HCI_AUTH, &hdev->flags) == val) {
1106 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1107 goto failed;
1108 }
1109
1110 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LINK_SECURITY, hdev, data, len);
1111 if (!cmd) {
1112 err = -ENOMEM;
1113 goto failed;
1114 }
1115
1116 err = hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(val), &val);
1117 if (err < 0) {
1118 mgmt_pending_remove(cmd);
1119 goto failed;
1120 }
1121
1122failed:
1123 hci_dev_unlock(hdev);
33ef95ed
JH		 1124 return err;
1125}
1126
bdb6d971 1127static int set_ssp(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
ed2c4ee3
JH		 1128{
1129 struct mgmt_mode *cp = data;
1130 struct pending_cmd *cmd;
816a11d5 1131 u8 val;
ed2c4ee3
JH		 1132 int err;
1133
bdb6d971 1134 BT_DBG("request for %s", hdev->name);
ed2c4ee3 1135
ed2c4ee3
JH		 1136 hci_dev_lock(hdev);
1137
9a1a1996 1138 if (!lmp_ssp_capable(hdev)) {
bdb6d971 1139 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
04124681 1140 MGMT_STATUS_NOT_SUPPORTED);
6c8f12c1
JH		 1141 goto failed;
1142 }
1143
c0ecddc2
JH		 1144 val = !!cp->val;
1145
4b34ee78 1146 if (!hdev_is_powered(hdev)) {
c0ecddc2
JH		 1147 bool changed = false;
1148
1149 if (val != test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
1150 change_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
1151 changed = true;
1152 }
1153
1154 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1155 if (err < 0)
1156 goto failed;
1157
1158 if (changed)
1159 err = new_settings(hdev, sk);
1160
ed2c4ee3
JH		 1161 goto failed;
1162 }
1163
1164 if (mgmt_pending_find(MGMT_OP_SET_SSP, hdev)) {
d97dcb66
SJ		 1165 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1166 MGMT_STATUS_BUSY);
ed2c4ee3
JH		 1167 goto failed;
1168 }
1169
ed2c4ee3
JH		 1170 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) == val) {
1171 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1172 goto failed;
1173 }
1174
1175 cmd = mgmt_pending_add(sk, MGMT_OP_SET_SSP, hdev, data, len);
1176 if (!cmd) {
1177 err = -ENOMEM;
1178 goto failed;
1179 }
1180
1181 err = hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(val), &val);
1182 if (err < 0) {
1183 mgmt_pending_remove(cmd);
1184 goto failed;
1185 }
1186
1187failed:
1188 hci_dev_unlock(hdev);
ed2c4ee3
JH		 1189 return err;
1190}
1191
bdb6d971 1192static int set_hs(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
6d80dfd0
JH		 1193{
1194 struct mgmt_mode *cp = data;
6d80dfd0 1195
bdb6d971 1196 BT_DBG("request for %s", hdev->name);
6d80dfd0 1197
bdb6d971
JH		 1198 if (!enable_hs)
1199 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
04124681 1200 MGMT_STATUS_NOT_SUPPORTED);
6d80dfd0
JH		 1201
1202 if (cp->val)
1203 set_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1204 else
1205 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1206
bdb6d971 1207 return send_settings_rsp(sk, MGMT_OP_SET_HS, hdev);
6d80dfd0
JH		 1208}
1209
bdb6d971 1210static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
06199cf8
JH		 1211{
1212 struct mgmt_mode *cp = data;
1213 struct hci_cp_write_le_host_supported hci_cp;
1214 struct pending_cmd *cmd;
06199cf8 1215 int err;
0b60eba1 1216 u8 val, enabled;
06199cf8 1217
bdb6d971 1218 BT_DBG("request for %s", hdev->name);
06199cf8 1219
1de028ce
JH		 1220 hci_dev_lock(hdev);
1221
c383ddc4 1222 if (!lmp_le_capable(hdev)) {
bdb6d971 1223 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
04124681 1224 MGMT_STATUS_NOT_SUPPORTED);
1de028ce 1225 goto unlock;
06199cf8
JH		 1226 }
1227
1228 val = !!cp->val;
ffa88e02 1229 enabled = lmp_host_le_capable(hdev);
06199cf8 1230
0b60eba1 1231 if (!hdev_is_powered(hdev) || val == enabled) {
06199cf8
JH		 1232 bool changed = false;
1233
1234 if (val != test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
1235 change_bit(HCI_LE_ENABLED, &hdev->dev_flags);
1236 changed = true;
1237 }
1238
1239 err = send_settings_rsp(sk, MGMT_OP_SET_LE, hdev);
1240 if (err < 0)
1de028ce 1241 goto unlock;
06199cf8
JH		 1242
1243 if (changed)
1244 err = new_settings(hdev, sk);
1245
1de028ce 1246 goto unlock;
06199cf8
JH		 1247 }
1248
1249 if (mgmt_pending_find(MGMT_OP_SET_LE, hdev)) {
bdb6d971 1250 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
04124681 1251 MGMT_STATUS_BUSY);
1de028ce 1252 goto unlock;
06199cf8
JH		 1253 }
1254
1255 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LE, hdev, data, len);
1256 if (!cmd) {
1257 err = -ENOMEM;
1de028ce 1258 goto unlock;
06199cf8
JH		 1259 }
1260
1261 memset(&hci_cp, 0, sizeof(hci_cp));
1262
1263 if (val) {
1264 hci_cp.le = val;
ffa88e02 1265 hci_cp.simul = lmp_le_br_capable(hdev);
06199cf8
JH		 1266 }
1267
04124681
GP		 1268 err = hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(hci_cp),
1269 &hci_cp);
0c01bc48 1270 if (err < 0)
06199cf8 1271 mgmt_pending_remove(cmd);
06199cf8 1272
1de028ce
JH		 1273unlock:
1274 hci_dev_unlock(hdev);
06199cf8
JH		 1275 return err;
1276}
1277
bdb6d971 1278static int add_uuid(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
2aeb9a1a 1279{
650f726d 1280 struct mgmt_cp_add_uuid *cp = data;
90e70454 1281 struct pending_cmd *cmd;
2aeb9a1a 1282 struct bt_uuid *uuid;
2aeb9a1a
JH		 1283 int err;
1284
bdb6d971 1285 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1286
09fd0de5 1287 hci_dev_lock(hdev);
2aeb9a1a 1288
c95f0ba7 1289 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1290 err = cmd_status(sk, hdev->id, MGMT_OP_ADD_UUID,
04124681 1291 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1292 goto failed;
1293 }
1294
92c4c204 1295 uuid = kmalloc(sizeof(*uuid), GFP_KERNEL);
2aeb9a1a
JH		 1296 if (!uuid) {
1297 err = -ENOMEM;
1298 goto failed;
1299 }
1300
1301 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 1302 uuid->svc_hint = cp->svc_hint;
2aeb9a1a
JH		 1303
1304 list_add(&uuid->list, &hdev->uuids);
1305
1aff6f09
JH		 1306 err = update_class(hdev);
1307 if (err < 0)
1308 goto failed;
1309
80a1e1db
JH		 1310 err = update_eir(hdev);
1311 if (err < 0)
1312 goto failed;
1313
90e70454 1314 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1315 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_UUID, 0,
04124681 1316 hdev->dev_class, 3);
90e70454
JH		 1317 goto failed;
1318 }
1319
1320 cmd = mgmt_pending_add(sk, MGMT_OP_ADD_UUID, hdev, data, len);
0c01bc48 1321 if (!cmd)
90e70454 1322 err = -ENOMEM;
2aeb9a1a
JH		 1323
1324failed:
09fd0de5 1325 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1326 return err;
1327}
1328
24b78d0f
JH		 1329static bool enable_service_cache(struct hci_dev *hdev)
1330{
1331 if (!hdev_is_powered(hdev))
1332 return false;
1333
1334 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
17b02e62 1335 schedule_delayed_work(&hdev->service_cache, CACHE_TIMEOUT);
24b78d0f
JH		 1336 return true;
1337 }
1338
1339 return false;
1340}
1341
bdb6d971 1342static int remove_uuid(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1343 u16 len)
2aeb9a1a 1344{
650f726d 1345 struct mgmt_cp_remove_uuid *cp = data;
90e70454 1346 struct pending_cmd *cmd;
2aeb9a1a 1347 struct list_head *p, *n;
2aeb9a1a 1348 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
2aeb9a1a
JH		 1349 int err, found;
1350
bdb6d971 1351 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1352
09fd0de5 1353 hci_dev_lock(hdev);
2aeb9a1a 1354
c95f0ba7 1355 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1356 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1357 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1358 goto unlock;
1359 }
1360
2aeb9a1a
JH		 1361 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
1362 err = hci_uuids_clear(hdev);
4004b6d9 1363
24b78d0f 1364 if (enable_service_cache(hdev)) {
bdb6d971 1365 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1366 0, hdev->dev_class, 3);
24b78d0f
JH		 1367 goto unlock;
1368 }
4004b6d9 1369
9246a869 1370 goto update_class;
2aeb9a1a
JH		 1371 }
1372
1373 found = 0;
1374
1375 list_for_each_safe(p, n, &hdev->uuids) {
1376 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
1377
1378 if (memcmp(match->uuid, cp->uuid, 16) != 0)
1379 continue;
1380
1381 list_del(&match->list);
482049f7 1382 kfree(match);
2aeb9a1a
JH		 1383 found++;
1384 }
1385
1386 if (found == 0) {
bdb6d971 1387 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1388 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a
JH		 1389 goto unlock;
1390 }
1391
9246a869 1392update_class:
1aff6f09
JH		 1393 err = update_class(hdev);
1394 if (err < 0)
1395 goto unlock;
1396
80a1e1db
JH		 1397 err = update_eir(hdev);
1398 if (err < 0)
1399 goto unlock;
1400
90e70454 1401 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1402 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID, 0,
04124681 1403 hdev->dev_class, 3);
90e70454
JH		 1404 goto unlock;
1405 }
1406
1407 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_UUID, hdev, data, len);
0c01bc48 1408 if (!cmd)
90e70454 1409 err = -ENOMEM;
2aeb9a1a
JH		 1410
1411unlock:
09fd0de5 1412 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1413 return err;
1414}
1415
bdb6d971 1416static int set_dev_class(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1417 u16 len)
1aff6f09 1418{
650f726d 1419 struct mgmt_cp_set_dev_class *cp = data;
90e70454 1420 struct pending_cmd *cmd;
1aff6f09
JH		 1421 int err;
1422
bdb6d971 1423 BT_DBG("request for %s", hdev->name);
1aff6f09 1424
09fd0de5 1425 hci_dev_lock(hdev);
1aff6f09 1426
ee98f473
JH		 1427 if (!lmp_bredr_capable(hdev)) {
1428 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1429 MGMT_STATUS_NOT_SUPPORTED);
1430 goto unlock;
1431 }
1432
c95f0ba7 1433 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1434 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
04124681 1435 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1436 goto unlock;
1437 }
1438
575b3a02
JH		 1439 if ((cp->minor & 0x03) != 0 || (cp->major & 0xe0) != 0) {
1440 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1441 MGMT_STATUS_INVALID_PARAMS);
1442 goto unlock;
1443 }
1444
932f5ff5
JH		 1445 hdev->major_class = cp->major;
1446 hdev->minor_class = cp->minor;
1447
b5235a65 1448 if (!hdev_is_powered(hdev)) {
bdb6d971 1449 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1450 hdev->dev_class, 3);
b5235a65
JH		 1451 goto unlock;
1452 }
1453
a8b2d5c2 1454 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
7d78525d
JH		 1455 hci_dev_unlock(hdev);
1456 cancel_delayed_work_sync(&hdev->service_cache);
1457 hci_dev_lock(hdev);
14c0b608 1458 update_eir(hdev);
7d78525d 1459 }
14c0b608 1460
1aff6f09 1461 err = update_class(hdev);
90e70454
JH		 1462 if (err < 0)
1463 goto unlock;
1aff6f09 1464
90e70454 1465 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1466 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1467 hdev->dev_class, 3);
90e70454
JH		 1468 goto unlock;
1469 }
1470
1471 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DEV_CLASS, hdev, data, len);
0c01bc48 1472 if (!cmd)
90e70454 1473 err = -ENOMEM;
1aff6f09 1474
b5235a65 1475unlock:
09fd0de5 1476 hci_dev_unlock(hdev);
1aff6f09
JH		 1477 return err;
1478}
1479
bdb6d971 1480static int load_link_keys(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1481 u16 len)
55ed8ca1 1482{
650f726d 1483 struct mgmt_cp_load_link_keys *cp = data;
4e51eae9 1484 u16 key_count, expected_len;
a492cd52 1485 int i;
55ed8ca1 1486
1f350c87 1487 key_count = __le16_to_cpu(cp->key_count);
55ed8ca1 1488
86742e1e
JH		 1489 expected_len = sizeof(*cp) + key_count *
1490 sizeof(struct mgmt_link_key_info);
a492cd52 1491 if (expected_len != len) {
86742e1e 1492 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
8ce8e2b5 1493 len, expected_len);
bdb6d971 1494 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
04124681 1495 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1
JH		 1496 }
1497
bdb6d971 1498 BT_DBG("%s debug_keys %u key_count %u", hdev->name, cp->debug_keys,
8ce8e2b5 1499 key_count);
55ed8ca1 1500
09fd0de5 1501 hci_dev_lock(hdev);
55ed8ca1
JH		 1502
1503 hci_link_keys_clear(hdev);
1504
a8b2d5c2 1505 set_bit(HCI_LINK_KEYS, &hdev->dev_flags);
55ed8ca1
JH		 1506
1507 if (cp->debug_keys)
a8b2d5c2 1508 set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1509 else
a8b2d5c2 1510 clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1511
a492cd52 1512 for (i = 0; i < key_count; i++) {
86742e1e 1513 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 1514
d753fdc4 1515 hci_add_link_key(hdev, NULL, 0, &key->addr.bdaddr, key->val,
04124681 1516 key->type, key->pin_len);
55ed8ca1
JH		 1517 }
1518
bdb6d971 1519 cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS, 0, NULL, 0);
0e5f875a 1520
09fd0de5 1521 hci_dev_unlock(hdev);
55ed8ca1 1522
a492cd52 1523 return 0;
55ed8ca1
JH		 1524}
1525
b1078ad0 1526static int device_unpaired(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 1527 u8 addr_type, struct sock *skip_sk)
b1078ad0
JH		 1528{
1529 struct mgmt_ev_device_unpaired ev;
1530
1531 bacpy(&ev.addr.bdaddr, bdaddr);
1532 ev.addr.type = addr_type;
1533
1534 return mgmt_event(MGMT_EV_DEVICE_UNPAIRED, hdev, &ev, sizeof(ev),
04124681 1535 skip_sk);
b1078ad0
JH		 1536}
1537
bdb6d971 1538static int unpair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1539 u16 len)
55ed8ca1 1540{
124f6e35
JH		 1541 struct mgmt_cp_unpair_device *cp = data;
1542 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 1543 struct hci_cp_disconnect dc;
1544 struct pending_cmd *cmd;
55ed8ca1 1545 struct hci_conn *conn;
55ed8ca1
JH		 1546 int err;
1547
09fd0de5 1548 hci_dev_lock(hdev);
55ed8ca1 1549
a8a1d19e 1550 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 1551 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1552 rp.addr.type = cp->addr.type;
a8a1d19e 1553
86a8cfc6 1554 if (!hdev_is_powered(hdev)) {
bdb6d971 1555 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1556 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
86a8cfc6
JH		 1557 goto unlock;
1558 }
1559
591f47f3 1560 if (cp->addr.type == BDADDR_BREDR)
124f6e35
JH		 1561 err = hci_remove_link_key(hdev, &cp->addr.bdaddr);
1562 else
1563 err = hci_remove_ltk(hdev, &cp->addr.bdaddr);
b0dbfb46 1564
55ed8ca1 1565 if (err < 0) {
bdb6d971 1566 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1567 MGMT_STATUS_NOT_PAIRED, &rp, sizeof(rp));
55ed8ca1
JH		 1568 goto unlock;
1569 }
1570
86a8cfc6 1571 if (cp->disconnect) {
591f47f3 1572 if (cp->addr.type == BDADDR_BREDR)
86a8cfc6 1573 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
8ce8e2b5 1574 &cp->addr.bdaddr);
86a8cfc6
JH		 1575 else
1576 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK,
8ce8e2b5 1577 &cp->addr.bdaddr);
86a8cfc6
JH		 1578 } else {
1579 conn = NULL;
1580 }
124f6e35 1581
a8a1d19e 1582 if (!conn) {
bdb6d971 1583 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE, 0,
04124681 1584 &rp, sizeof(rp));
b1078ad0 1585 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
a8a1d19e
JH		 1586 goto unlock;
1587 }
55ed8ca1 1588
124f6e35 1589 cmd = mgmt_pending_add(sk, MGMT_OP_UNPAIR_DEVICE, hdev, cp,
04124681 1590 sizeof(*cp));
a8a1d19e
JH		 1591 if (!cmd) {
1592 err = -ENOMEM;
1593 goto unlock;
55ed8ca1
JH		 1594 }
1595
eb55ef07 1596 dc.handle = cpu_to_le16(conn->handle);
a8a1d19e
JH		 1597 dc.reason = 0x13; /* Remote User Terminated Connection */
1598 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1599 if (err < 0)
1600 mgmt_pending_remove(cmd);
1601
55ed8ca1 1602unlock:
09fd0de5 1603 hci_dev_unlock(hdev);
55ed8ca1
JH		 1604 return err;
1605}
1606
bdb6d971 1607static int disconnect(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1608 u16 len)
8962ee74 1609{
650f726d 1610 struct mgmt_cp_disconnect *cp = data;
8962ee74 1611 struct hci_cp_disconnect dc;
366a0336 1612 struct pending_cmd *cmd;
8962ee74 1613 struct hci_conn *conn;
8962ee74
JH		 1614 int err;
1615
1616 BT_DBG("");
1617
09fd0de5 1618 hci_dev_lock(hdev);
8962ee74
JH		 1619
1620 if (!test_bit(HCI_UP, &hdev->flags)) {
bdb6d971 1621 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1622 MGMT_STATUS_NOT_POWERED);
8962ee74
JH		 1623 goto failed;
1624 }
1625
2e58ef3e 1626 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
bdb6d971 1627 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1628 MGMT_STATUS_BUSY);
8962ee74
JH		 1629 goto failed;
1630 }
1631
591f47f3 1632 if (cp->addr.type == BDADDR_BREDR)
8fc9ced3
GP		 1633 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
1634 &cp->addr.bdaddr);
88c3df13
JH		 1635 else
1636 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr);
365227e5 1637
f960727e 1638 if (!conn || conn->state == BT_OPEN || conn->state == BT_CLOSED) {
bdb6d971 1639 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1640 MGMT_STATUS_NOT_CONNECTED);
8962ee74
JH		 1641 goto failed;
1642 }
1643
2e58ef3e 1644 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
366a0336
JH		 1645 if (!cmd) {
1646 err = -ENOMEM;
8962ee74 1647 goto failed;
366a0336 1648 }
8962ee74 1649
eb55ef07 1650 dc.handle = cpu_to_le16(conn->handle);
3701f944 1651 dc.reason = HCI_ERROR_REMOTE_USER_TERM;
8962ee74
JH		 1652
1653 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1654 if (err < 0)
a664b5bc 1655 mgmt_pending_remove(cmd);
8962ee74
JH		 1656
1657failed:
09fd0de5 1658 hci_dev_unlock(hdev);
8962ee74
JH		 1659 return err;
1660}
1661
57c1477c 1662static u8 link_to_bdaddr(u8 link_type, u8 addr_type)
4c659c39
JH		 1663{
1664 switch (link_type) {
1665 case LE_LINK:
48264f06
JH		 1666 switch (addr_type) {
1667 case ADDR_LE_DEV_PUBLIC:
591f47f3 1668 return BDADDR_LE_PUBLIC;
0ed09148 1669
48264f06 1670 default:
0ed09148 1671 /* Fallback to LE Random address type */
591f47f3 1672 return BDADDR_LE_RANDOM;
48264f06 1673 }
0ed09148 1674
4c659c39 1675 default:
0ed09148 1676 /* Fallback to BR/EDR type */
591f47f3 1677 return BDADDR_BREDR;
4c659c39
JH		 1678 }
1679}
1680
04124681
GP		 1681static int get_connections(struct sock *sk, struct hci_dev *hdev, void *data,
1682 u16 data_len)
2784eb41 1683{
2784eb41 1684 struct mgmt_rp_get_connections *rp;
8035ded4 1685 struct hci_conn *c;
a38528f1 1686 size_t rp_len;
60fc5fb6
JH		 1687 int err;
1688 u16 i;
2784eb41
JH		 1689
1690 BT_DBG("");
1691
09fd0de5 1692 hci_dev_lock(hdev);
2784eb41 1693
5f97c1df 1694 if (!hdev_is_powered(hdev)) {
bdb6d971 1695 err = cmd_status(sk, hdev->id, MGMT_OP_GET_CONNECTIONS,
04124681 1696 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1697 goto unlock;
1698 }
1699
60fc5fb6 1700 i = 0;
b644ba33
JH		 1701 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1702 if (test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
60fc5fb6 1703 i++;
2784eb41
JH		 1704 }
1705
60fc5fb6 1706 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
92c4c204 1707 rp = kmalloc(rp_len, GFP_KERNEL);
a38528f1 1708 if (!rp) {
2784eb41
JH		 1709 err = -ENOMEM;
1710 goto unlock;
1711 }
1712
2784eb41 1713 i = 0;
4c659c39 1714 list_for_each_entry(c, &hdev->conn_hash.list, list) {
b644ba33
JH		 1715 if (!test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
1716 continue;
4c659c39 1717 bacpy(&rp->addr[i].bdaddr, &c->dst);
57c1477c 1718 rp->addr[i].type = link_to_bdaddr(c->type, c->dst_type);
0ed09148 1719 if (c->type == SCO_LINK || c->type == ESCO_LINK)
4c659c39
JH		 1720 continue;
1721 i++;
1722 }
1723
eb55ef07 1724 rp->conn_count = cpu_to_le16(i);
60fc5fb6 1725
4c659c39
JH		 1726 /* Recalculate length in case of filtered SCO connections, etc */
1727 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
2784eb41 1728
bdb6d971 1729 err = cmd_complete(sk, hdev->id, MGMT_OP_GET_CONNECTIONS, 0, rp,
04124681 1730 rp_len);
2784eb41 1731
a38528f1 1732 kfree(rp);
5f97c1df
JH		 1733
1734unlock:
09fd0de5 1735 hci_dev_unlock(hdev);
2784eb41
JH		 1736 return err;
1737}
1738
bdb6d971 1739static int send_pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 1740 struct mgmt_cp_pin_code_neg_reply *cp)
96d97a67
WR		 1741{
1742 struct pending_cmd *cmd;
1743 int err;
1744
2e58ef3e 1745 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
04124681 1746 sizeof(*cp));
96d97a67
WR		 1747 if (!cmd)
1748 return -ENOMEM;
1749
d8457698 1750 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
04124681 1751 sizeof(cp->addr.bdaddr), &cp->addr.bdaddr);
96d97a67
WR		 1752 if (err < 0)
1753 mgmt_pending_remove(cmd);
1754
1755 return err;
1756}
1757
bdb6d971 1758static int pin_code_reply(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1759 u16 len)
980e1a53 1760{
96d97a67 1761 struct hci_conn *conn;
650f726d 1762 struct mgmt_cp_pin_code_reply *cp = data;
980e1a53 1763 struct hci_cp_pin_code_reply reply;
366a0336 1764 struct pending_cmd *cmd;
980e1a53
JH		 1765 int err;
1766
1767 BT_DBG("");
1768
09fd0de5 1769 hci_dev_lock(hdev);
980e1a53 1770
4b34ee78 1771 if (!hdev_is_powered(hdev)) {
bdb6d971 1772 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1773 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1774 goto failed;
1775 }
1776
d8457698 1777 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
96d97a67 1778 if (!conn) {
bdb6d971 1779 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1780 MGMT_STATUS_NOT_CONNECTED);
96d97a67
WR		 1781 goto failed;
1782 }
1783
1784 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
d8457698
JH		 1785 struct mgmt_cp_pin_code_neg_reply ncp;
1786
1787 memcpy(&ncp.addr, &cp->addr, sizeof(ncp.addr));
96d97a67
WR		 1788
1789 BT_ERR("PIN code is not 16 bytes long");
1790
bdb6d971 1791 err = send_pin_code_neg_reply(sk, hdev, &ncp);
96d97a67 1792 if (err >= 0)
bdb6d971 1793 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1794 MGMT_STATUS_INVALID_PARAMS);
96d97a67
WR		 1795
1796 goto failed;
1797 }
1798
00abfe44 1799 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
366a0336
JH		 1800 if (!cmd) {
1801 err = -ENOMEM;
980e1a53 1802 goto failed;
366a0336 1803 }
980e1a53 1804
d8457698 1805 bacpy(&reply.bdaddr, &cp->addr.bdaddr);
980e1a53 1806 reply.pin_len = cp->pin_len;
24718ca5 1807 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 1808
1809 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1810 if (err < 0)
a664b5bc 1811 mgmt_pending_remove(cmd);
980e1a53
JH		 1812
1813failed:
09fd0de5 1814 hci_dev_unlock(hdev);
980e1a53
JH		 1815 return err;
1816}
1817
04124681
GP		 1818static int set_io_capability(struct sock *sk, struct hci_dev *hdev, void *data,
1819 u16 len)
17fa4b9d 1820{
650f726d 1821 struct mgmt_cp_set_io_capability *cp = data;
17fa4b9d
JH		 1822
1823 BT_DBG("");
1824
09fd0de5 1825 hci_dev_lock(hdev);
17fa4b9d
JH		 1826
1827 hdev->io_capability = cp->io_capability;
1828
1829 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
8ce8e2b5 1830 hdev->io_capability);
17fa4b9d 1831
09fd0de5 1832 hci_dev_unlock(hdev);
17fa4b9d 1833
04124681
GP		 1834 return cmd_complete(sk, hdev->id, MGMT_OP_SET_IO_CAPABILITY, 0, NULL,
1835 0);
17fa4b9d
JH		 1836}
1837
6039aa73 1838static struct pending_cmd *find_pairing(struct hci_conn *conn)
e9a416b5
JH		 1839{
1840 struct hci_dev *hdev = conn->hdev;
8035ded4 1841 struct pending_cmd *cmd;
e9a416b5 1842
2e58ef3e 1843 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
e9a416b5
JH		 1844 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1845 continue;
1846
e9a416b5
JH		 1847 if (cmd->user_data != conn)
1848 continue;
1849
1850 return cmd;
1851 }
1852
1853 return NULL;
1854}
1855
1856static void pairing_complete(struct pending_cmd *cmd, u8 status)
1857{
1858 struct mgmt_rp_pair_device rp;
1859 struct hci_conn *conn = cmd->user_data;
1860
ba4e564f 1861 bacpy(&rp.addr.bdaddr, &conn->dst);
57c1477c 1862 rp.addr.type = link_to_bdaddr(conn->type, conn->dst_type);
e9a416b5 1863
aee9b218 1864 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, status,
04124681 1865 &rp, sizeof(rp));
e9a416b5
JH		 1866
1867 /* So we don't get further callbacks for this connection */
1868 conn->connect_cfm_cb = NULL;
1869 conn->security_cfm_cb = NULL;
1870 conn->disconn_cfm_cb = NULL;
1871
1872 hci_conn_put(conn);
1873
a664b5bc 1874 mgmt_pending_remove(cmd);
e9a416b5
JH		 1875}
1876
1877static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1878{
1879 struct pending_cmd *cmd;
1880
1881 BT_DBG("status %u", status);
1882
1883 cmd = find_pairing(conn);
56e5cb86 1884 if (!cmd)
e9a416b5 1885 BT_DBG("Unable to find a pending command");
56e5cb86 1886 else
e211326c 1887 pairing_complete(cmd, mgmt_status(status));
e9a416b5
JH		 1888}
1889
4c47d739
VA		 1890static void le_connect_complete_cb(struct hci_conn *conn, u8 status)
1891{
1892 struct pending_cmd *cmd;
1893
1894 BT_DBG("status %u", status);
1895
1896 if (!status)
1897 return;
1898
1899 cmd = find_pairing(conn);
1900 if (!cmd)
1901 BT_DBG("Unable to find a pending command");
1902 else
1903 pairing_complete(cmd, mgmt_status(status));
1904}
1905
bdb6d971 1906static int pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1907 u16 len)
e9a416b5 1908{
650f726d 1909 struct mgmt_cp_pair_device *cp = data;
1425acb7 1910 struct mgmt_rp_pair_device rp;
e9a416b5
JH		 1911 struct pending_cmd *cmd;
1912 u8 sec_level, auth_type;
1913 struct hci_conn *conn;
e9a416b5
JH		 1914 int err;
1915
1916 BT_DBG("");
1917
09fd0de5 1918 hci_dev_lock(hdev);
e9a416b5 1919
5f97c1df 1920 if (!hdev_is_powered(hdev)) {
bdb6d971 1921 err = cmd_status(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 1922 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1923 goto unlock;
1924 }
1925
c908df36
VCG		 1926 sec_level = BT_SECURITY_MEDIUM;
1927 if (cp->io_cap == 0x03)
e9a416b5 1928 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 1929 else
e9a416b5 1930 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 1931
591f47f3 1932 if (cp->addr.type == BDADDR_BREDR)
b12f62cf
AG		 1933 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr,
1934 cp->addr.type, sec_level, auth_type);
7a512d01 1935 else
b12f62cf
AG		 1936 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr,
1937 cp->addr.type, sec_level, auth_type);
7a512d01 1938
1425acb7
JH		 1939 memset(&rp, 0, sizeof(rp));
1940 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1941 rp.addr.type = cp->addr.type;
1942
30e76272 1943 if (IS_ERR(conn)) {
489dc48e
AK		 1944 int status;
1945
1946 if (PTR_ERR(conn) == -EBUSY)
1947 status = MGMT_STATUS_BUSY;
1948 else
1949 status = MGMT_STATUS_CONNECT_FAILED;
1950
bdb6d971 1951 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
489dc48e 1952 status, &rp,
04124681 1953 sizeof(rp));
e9a416b5
JH		 1954 goto unlock;
1955 }
1956
1957 if (conn->connect_cfm_cb) {
1958 hci_conn_put(conn);
bdb6d971 1959 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 1960 MGMT_STATUS_BUSY, &rp, sizeof(rp));
e9a416b5
JH		 1961 goto unlock;
1962 }
1963
2e58ef3e 1964 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
e9a416b5
JH		 1965 if (!cmd) {
1966 err = -ENOMEM;
1967 hci_conn_put(conn);
1968 goto unlock;
1969 }
1970
7a512d01 1971 /* For LE, just connecting isn't a proof that the pairing finished */
591f47f3 1972 if (cp->addr.type == BDADDR_BREDR)
7a512d01 1973 conn->connect_cfm_cb = pairing_complete_cb;
4c47d739
VA		 1974 else
1975 conn->connect_cfm_cb = le_connect_complete_cb;
7a512d01 1976
e9a416b5
JH		 1977 conn->security_cfm_cb = pairing_complete_cb;
1978 conn->disconn_cfm_cb = pairing_complete_cb;
1979 conn->io_capability = cp->io_cap;
1980 cmd->user_data = conn;
1981
1982 if (conn->state == BT_CONNECTED &&
8ce8e2b5 1983 hci_conn_security(conn, sec_level, auth_type))
e9a416b5
JH		 1984 pairing_complete(cmd, 0);
1985
1986 err = 0;
1987
1988unlock:
09fd0de5 1989 hci_dev_unlock(hdev);
e9a416b5
JH		 1990 return err;
1991}
1992
04124681
GP		 1993static int cancel_pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
1994 u16 len)
28424707 1995{
0f4e68cf 1996 struct mgmt_addr_info *addr = data;
28424707
JH		 1997 struct pending_cmd *cmd;
1998 struct hci_conn *conn;
1999 int err;
2000
2001 BT_DBG("");
2002
28424707
JH		 2003 hci_dev_lock(hdev);
2004
5f97c1df 2005 if (!hdev_is_powered(hdev)) {
bdb6d971 2006 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2007 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 2008 goto unlock;
2009 }
2010
28424707
JH		 2011 cmd = mgmt_pending_find(MGMT_OP_PAIR_DEVICE, hdev);
2012 if (!cmd) {
bdb6d971 2013 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2014 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2015 goto unlock;
2016 }
2017
2018 conn = cmd->user_data;
2019
2020 if (bacmp(&addr->bdaddr, &conn->dst) != 0) {
bdb6d971 2021 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2022 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2023 goto unlock;
2024 }
2025
2026 pairing_complete(cmd, MGMT_STATUS_CANCELLED);
2027
bdb6d971 2028 err = cmd_complete(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE, 0,
04124681 2029 addr, sizeof(*addr));
28424707
JH		 2030unlock:
2031 hci_dev_unlock(hdev);
28424707
JH		 2032 return err;
2033}
2034
bdb6d971 2035static int user_pairing_resp(struct sock *sk, struct hci_dev *hdev,
04124681
GP		 2036 bdaddr_t *bdaddr, u8 type, u16 mgmt_op,
2037 u16 hci_op, __le32 passkey)
a5c29683 2038{
a5c29683 2039 struct pending_cmd *cmd;
0df4c185 2040 struct hci_conn *conn;
a5c29683
JH		 2041 int err;
2042
09fd0de5 2043 hci_dev_lock(hdev);
08ba5382 2044
4b34ee78 2045 if (!hdev_is_powered(hdev)) {
bdb6d971 2046 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2047 MGMT_STATUS_NOT_POWERED);
0df4c185 2048 goto done;
a5c29683
JH		 2049 }
2050
591f47f3 2051 if (type == BDADDR_BREDR)
272d90df
JH		 2052 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, bdaddr);
2053 else
47c15e2b 2054 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, bdaddr);
272d90df
JH		 2055
2056 if (!conn) {
bdb6d971 2057 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2058 MGMT_STATUS_NOT_CONNECTED);
272d90df
JH		 2059 goto done;
2060 }
47c15e2b 2061
591f47f3 2062 if (type == BDADDR_LE_PUBLIC || type == BDADDR_LE_RANDOM) {
47c15e2b 2063 /* Continue with pairing via SMP */
5fe57d9e
BG		 2064 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
2065
2066 if (!err)
bdb6d971 2067 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2068 MGMT_STATUS_SUCCESS);
5fe57d9e 2069 else
bdb6d971 2070 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2071 MGMT_STATUS_FAILED);
47c15e2b 2072
47c15e2b
BG		 2073 goto done;
2074 }
2075
0df4c185 2076 cmd = mgmt_pending_add(sk, mgmt_op, hdev, bdaddr, sizeof(*bdaddr));
a5c29683
JH		 2077 if (!cmd) {
2078 err = -ENOMEM;
0df4c185 2079 goto done;
a5c29683
JH		 2080 }
2081
0df4c185 2082 /* Continue with pairing via HCI */
604086b7
BG		 2083 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
2084 struct hci_cp_user_passkey_reply cp;
2085
2086 bacpy(&cp.bdaddr, bdaddr);
2087 cp.passkey = passkey;
2088 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
2089 } else
2090 err = hci_send_cmd(hdev, hci_op, sizeof(*bdaddr), bdaddr);
2091
a664b5bc
JH		 2092 if (err < 0)
2093 mgmt_pending_remove(cmd);
a5c29683 2094
0df4c185 2095done:
09fd0de5 2096 hci_dev_unlock(hdev);
a5c29683
JH		 2097 return err;
2098}
2099
afeb019d
JK		 2100static int pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
2101 void *data, u16 len)
2102{
2103 struct mgmt_cp_pin_code_neg_reply *cp = data;
2104
2105 BT_DBG("");
2106
2107 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
2108 MGMT_OP_PIN_CODE_NEG_REPLY,
2109 HCI_OP_PIN_CODE_NEG_REPLY, 0);
2110}
2111
04124681
GP		 2112static int user_confirm_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2113 u16 len)
0df4c185 2114{
650f726d 2115 struct mgmt_cp_user_confirm_reply *cp = data;
0df4c185
BG		 2116
2117 BT_DBG("");
2118
2119 if (len != sizeof(*cp))
bdb6d971 2120 return cmd_status(sk, hdev->id, MGMT_OP_USER_CONFIRM_REPLY,
04124681 2121 MGMT_STATUS_INVALID_PARAMS);
0df4c185 2122
bdb6d971 2123 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2124 MGMT_OP_USER_CONFIRM_REPLY,
2125 HCI_OP_USER_CONFIRM_REPLY, 0);
0df4c185
BG		 2126}
2127
bdb6d971 2128static int user_confirm_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2129 void *data, u16 len)
0df4c185 2130{
c9c2659f 2131 struct mgmt_cp_user_confirm_neg_reply *cp = data;
0df4c185
BG		 2132
2133 BT_DBG("");
2134
bdb6d971 2135 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2136 MGMT_OP_USER_CONFIRM_NEG_REPLY,
2137 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
0df4c185
BG		 2138}
2139
04124681
GP		 2140static int user_passkey_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2141 u16 len)
604086b7 2142{
650f726d 2143 struct mgmt_cp_user_passkey_reply *cp = data;
604086b7
BG		 2144
2145 BT_DBG("");
2146
bdb6d971 2147 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2148 MGMT_OP_USER_PASSKEY_REPLY,
2149 HCI_OP_USER_PASSKEY_REPLY, cp->passkey);
604086b7
BG		 2150}
2151
bdb6d971 2152static int user_passkey_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2153 void *data, u16 len)
604086b7 2154{
650f726d 2155 struct mgmt_cp_user_passkey_neg_reply *cp = data;
604086b7
BG		 2156
2157 BT_DBG("");
2158
bdb6d971 2159 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2160 MGMT_OP_USER_PASSKEY_NEG_REPLY,
2161 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
604086b7
BG		 2162}
2163
2b4bf397
JH		 2164static int update_name(struct hci_dev *hdev, const char *name)
2165{
2166 struct hci_cp_write_local_name cp;
2167
2168 memcpy(cp.name, name, sizeof(cp.name));
2169
2170 return hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(cp), &cp);
2171}
2172
bdb6d971 2173static int set_local_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2174 u16 len)
b312b161 2175{
2b4bf397 2176 struct mgmt_cp_set_local_name *cp = data;
b312b161
JH		 2177 struct pending_cmd *cmd;
2178 int err;
2179
2180 BT_DBG("");
2181
09fd0de5 2182 hci_dev_lock(hdev);
b312b161 2183
2b4bf397 2184 memcpy(hdev->short_name, cp->short_name, sizeof(hdev->short_name));
28cc7bde 2185
b5235a65 2186 if (!hdev_is_powered(hdev)) {
2b4bf397 2187 memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name));
28cc7bde
JH		 2188
2189 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
04124681 2190 data, len);
28cc7bde
JH		 2191 if (err < 0)
2192 goto failed;
2193
2194 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, data, len,
04124681 2195 sk);
28cc7bde 2196
b5235a65
JH		 2197 goto failed;
2198 }
2199
28cc7bde 2200 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
b312b161
JH		 2201 if (!cmd) {
2202 err = -ENOMEM;
2203 goto failed;
2204 }
2205
2b4bf397 2206 err = update_name(hdev, cp->name);
b312b161
JH		 2207 if (err < 0)
2208 mgmt_pending_remove(cmd);
2209
2210failed:
09fd0de5 2211 hci_dev_unlock(hdev);
b312b161
JH		 2212 return err;
2213}
2214
0f4e68cf 2215static int read_local_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2216 void *data, u16 data_len)
c35938b2 2217{
c35938b2
SJ		 2218 struct pending_cmd *cmd;
2219 int err;
2220
bdb6d971 2221 BT_DBG("%s", hdev->name);
c35938b2 2222
09fd0de5 2223 hci_dev_lock(hdev);
c35938b2 2224
4b34ee78 2225 if (!hdev_is_powered(hdev)) {
bdb6d971 2226 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2227 MGMT_STATUS_NOT_POWERED);
c35938b2
SJ		 2228 goto unlock;
2229 }
2230
9a1a1996 2231 if (!lmp_ssp_capable(hdev)) {
bdb6d971 2232 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2233 MGMT_STATUS_NOT_SUPPORTED);
c35938b2
SJ		 2234 goto unlock;
2235 }
2236
2e58ef3e 2237 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
bdb6d971 2238 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2239 MGMT_STATUS_BUSY);
c35938b2
SJ		 2240 goto unlock;
2241 }
2242
2e58ef3e 2243 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
c35938b2
SJ		 2244 if (!cmd) {
2245 err = -ENOMEM;
2246 goto unlock;
2247 }
2248
2249 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
2250 if (err < 0)
2251 mgmt_pending_remove(cmd);
2252
2253unlock:
09fd0de5 2254 hci_dev_unlock(hdev);
c35938b2
SJ		 2255 return err;
2256}
2257
bdb6d971 2258static int add_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2259 void *data, u16 len)
2763eda6 2260{
650f726d 2261 struct mgmt_cp_add_remote_oob_data *cp = data;
bf1e3541 2262 u8 status;
2763eda6
SJ		 2263 int err;
2264
bdb6d971 2265 BT_DBG("%s ", hdev->name);
2763eda6 2266
09fd0de5 2267 hci_dev_lock(hdev);
2763eda6 2268
664ce4cc 2269 err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, cp->hash,
04124681 2270 cp->randomizer);
2763eda6 2271 if (err < 0)
bf1e3541 2272 status = MGMT_STATUS_FAILED;
2763eda6 2273 else
a6785be2 2274 status = MGMT_STATUS_SUCCESS;
bf1e3541 2275
bdb6d971 2276 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA, status,
04124681 2277 &cp->addr, sizeof(cp->addr));
2763eda6 2278
09fd0de5 2279 hci_dev_unlock(hdev);
2763eda6
SJ		 2280 return err;
2281}
2282
bdb6d971 2283static int remove_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
8ce8e2b5 2284 void *data, u16 len)
2763eda6 2285{
650f726d 2286 struct mgmt_cp_remove_remote_oob_data *cp = data;
bf1e3541 2287 u8 status;
2763eda6
SJ		 2288 int err;
2289
bdb6d971 2290 BT_DBG("%s", hdev->name);
2763eda6 2291
09fd0de5 2292 hci_dev_lock(hdev);
2763eda6 2293
664ce4cc 2294 err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr);
2763eda6 2295 if (err < 0)
bf1e3541 2296 status = MGMT_STATUS_INVALID_PARAMS;
2763eda6 2297 else
a6785be2 2298 status = MGMT_STATUS_SUCCESS;
bf1e3541 2299
bdb6d971 2300 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
04124681 2301 status, &cp->addr, sizeof(cp->addr));
2763eda6 2302
09fd0de5 2303 hci_dev_unlock(hdev);
2763eda6
SJ		 2304 return err;
2305}
2306
5e0452c0
AG		 2307int mgmt_interleaved_discovery(struct hci_dev *hdev)
2308{
2309 int err;
2310
2311 BT_DBG("%s", hdev->name);
2312
2313 hci_dev_lock(hdev);
2314
2315 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR_LE);
2316 if (err < 0)
2317 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2318
2319 hci_dev_unlock(hdev);
2320
2321 return err;
2322}
2323
bdb6d971 2324static int start_discovery(struct sock *sk, struct hci_dev *hdev,
04124681 2325 void *data, u16 len)
14a53664 2326{
650f726d 2327 struct mgmt_cp_start_discovery *cp = data;
14a53664 2328 struct pending_cmd *cmd;
14a53664
JH		 2329 int err;
2330
bdb6d971 2331 BT_DBG("%s", hdev->name);
14a53664 2332
09fd0de5 2333 hci_dev_lock(hdev);
14a53664 2334
4b34ee78 2335 if (!hdev_is_powered(hdev)) {
bdb6d971 2336 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2337 MGMT_STATUS_NOT_POWERED);
bd2d1334
JH		 2338 goto failed;
2339 }
2340
642be6c7
AG		 2341 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags)) {
2342 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2343 MGMT_STATUS_BUSY);
2344 goto failed;
2345 }
2346
ff9ef578 2347 if (hdev->discovery.state != DISCOVERY_STOPPED) {
bdb6d971 2348 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2349 MGMT_STATUS_BUSY);
ff9ef578
JH		 2350 goto failed;
2351 }
2352
2e58ef3e 2353 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2354 if (!cmd) {
2355 err = -ENOMEM;
2356 goto failed;
2357 }
2358
4aab14e5
AG		 2359 hdev->discovery.type = cp->type;
2360
2361 switch (hdev->discovery.type) {
f39799f5 2362 case DISCOV_TYPE_BREDR:
8b90129c
AG		 2363 if (lmp_bredr_capable(hdev))
2364 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
2365 else
2366 err = -ENOTSUPP;
f39799f5
AG		 2367 break;
2368
2369 case DISCOV_TYPE_LE:
8b90129c
AG		 2370 if (lmp_host_le_capable(hdev))
2371 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
04124681 2372 LE_SCAN_WIN, LE_SCAN_TIMEOUT_LE_ONLY);
8b90129c
AG		 2373 else
2374 err = -ENOTSUPP;
f39799f5
AG		 2375 break;
2376
5e0452c0 2377 case DISCOV_TYPE_INTERLEAVED:
426c189a
AG		 2378 if (lmp_host_le_capable(hdev) && lmp_bredr_capable(hdev))
2379 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
04124681
GP		 2380 LE_SCAN_WIN,
2381 LE_SCAN_TIMEOUT_BREDR_LE);
426c189a
AG		 2382 else
2383 err = -ENOTSUPP;
5e0452c0
AG		 2384 break;
2385
f39799f5 2386 default:
3fd24153 2387 err = -EINVAL;
f39799f5 2388 }
3fd24153 2389
14a53664
JH		 2390 if (err < 0)
2391 mgmt_pending_remove(cmd);
ff9ef578
JH		 2392 else
2393 hci_discovery_set_state(hdev, DISCOVERY_STARTING);
14a53664
JH		 2394
2395failed:
09fd0de5 2396 hci_dev_unlock(hdev);
14a53664
JH		 2397 return err;
2398}
2399
bdb6d971 2400static int stop_discovery(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2401 u16 len)
14a53664 2402{
d930650b 2403 struct mgmt_cp_stop_discovery *mgmt_cp = data;
14a53664 2404 struct pending_cmd *cmd;
30dc78e1
JH		 2405 struct hci_cp_remote_name_req_cancel cp;
2406 struct inquiry_entry *e;
14a53664
JH		 2407 int err;
2408
bdb6d971 2409 BT_DBG("%s", hdev->name);
14a53664 2410
09fd0de5 2411 hci_dev_lock(hdev);
14a53664 2412
30dc78e1 2413 if (!hci_discovery_active(hdev)) {
bdb6d971 2414 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2415 MGMT_STATUS_REJECTED, &mgmt_cp->type,
2416 sizeof(mgmt_cp->type));
d930650b
JH		 2417 goto unlock;
2418 }
2419
2420 if (hdev->discovery.type != mgmt_cp->type) {
bdb6d971 2421 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2422 MGMT_STATUS_INVALID_PARAMS, &mgmt_cp->type,
2423 sizeof(mgmt_cp->type));
30dc78e1 2424 goto unlock;
ff9ef578
JH		 2425 }
2426
2e58ef3e 2427 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2428 if (!cmd) {
2429 err = -ENOMEM;
30dc78e1
JH		 2430 goto unlock;
2431 }
2432
e0d9727e
AG		 2433 switch (hdev->discovery.state) {
2434 case DISCOVERY_FINDING:
c9ecc48e
AG		 2435 if (test_bit(HCI_INQUIRY, &hdev->flags))
2436 err = hci_cancel_inquiry(hdev);
2437 else
2438 err = hci_cancel_le_scan(hdev);
2439
e0d9727e
AG		 2440 break;
2441
2442 case DISCOVERY_RESOLVING:
2443 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY,
8ce8e2b5 2444 NAME_PENDING);
e0d9727e 2445 if (!e) {
30dc78e1 2446 mgmt_pending_remove(cmd);
e0d9727e
AG		 2447 err = cmd_complete(sk, hdev->id,
2448 MGMT_OP_STOP_DISCOVERY, 0,
2449 &mgmt_cp->type,
2450 sizeof(mgmt_cp->type));
2451 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2452 goto unlock;
2453 }
30dc78e1 2454
e0d9727e
AG		 2455 bacpy(&cp.bdaddr, &e->data.bdaddr);
2456 err = hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ_CANCEL,
2457 sizeof(cp), &cp);
2458
2459 break;
2460
2461 default:
2462 BT_DBG("unknown discovery state %u", hdev->discovery.state);
2463 err = -EFAULT;
14a53664
JH		 2464 }
2465
14a53664
JH		 2466 if (err < 0)
2467 mgmt_pending_remove(cmd);
ff9ef578
JH		 2468 else
2469 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
14a53664 2470
30dc78e1 2471unlock:
09fd0de5 2472 hci_dev_unlock(hdev);
14a53664
JH		 2473 return err;
2474}
2475
bdb6d971 2476static int confirm_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2477 u16 len)
561aafbc 2478{
650f726d 2479 struct mgmt_cp_confirm_name *cp = data;
561aafbc 2480 struct inquiry_entry *e;
561aafbc
JH		 2481 int err;
2482
bdb6d971 2483 BT_DBG("%s", hdev->name);
561aafbc 2484
561aafbc
JH		 2485 hci_dev_lock(hdev);
2486
30dc78e1 2487 if (!hci_discovery_active(hdev)) {
bdb6d971 2488 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2489 MGMT_STATUS_FAILED);
30dc78e1
JH		 2490 goto failed;
2491 }
2492
a198e7b1 2493 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->addr.bdaddr);
561aafbc 2494 if (!e) {
bdb6d971 2495 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2496 MGMT_STATUS_INVALID_PARAMS);
561aafbc
JH		 2497 goto failed;
2498 }
2499
2500 if (cp->name_known) {
2501 e->name_state = NAME_KNOWN;
2502 list_del(&e->list);
2503 } else {
2504 e->name_state = NAME_NEEDED;
a3d4e20a 2505 hci_inquiry_cache_update_resolve(hdev, e);
561aafbc
JH		 2506 }
2507
e384662b
JH		 2508 err = cmd_complete(sk, hdev->id, MGMT_OP_CONFIRM_NAME, 0, &cp->addr,
2509 sizeof(cp->addr));
561aafbc
JH		 2510
2511failed:
2512 hci_dev_unlock(hdev);
561aafbc
JH		 2513 return err;
2514}
2515
bdb6d971 2516static int block_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2517 u16 len)
7fbec224 2518{
650f726d 2519 struct mgmt_cp_block_device *cp = data;
f0eeea8b 2520 u8 status;
7fbec224
AJ		 2521 int err;
2522
bdb6d971 2523 BT_DBG("%s", hdev->name);
7fbec224 2524
09fd0de5 2525 hci_dev_lock(hdev);
5e762444 2526
88c1fe4b 2527 err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2528 if (err < 0)
f0eeea8b 2529 status = MGMT_STATUS_FAILED;
7fbec224 2530 else
a6785be2 2531 status = MGMT_STATUS_SUCCESS;
f0eeea8b 2532
bdb6d971 2533 err = cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE, status,
04124681 2534 &cp->addr, sizeof(cp->addr));
5e762444 2535
09fd0de5 2536 hci_dev_unlock(hdev);
7fbec224
AJ		 2537
2538 return err;
2539}
2540
bdb6d971 2541static int unblock_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2542 u16 len)
7fbec224 2543{
650f726d 2544 struct mgmt_cp_unblock_device *cp = data;
f0eeea8b 2545 u8 status;
7fbec224
AJ		 2546 int err;
2547
bdb6d971 2548 BT_DBG("%s", hdev->name);
7fbec224 2549
09fd0de5 2550 hci_dev_lock(hdev);
5e762444 2551
88c1fe4b 2552 err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2553 if (err < 0)
f0eeea8b 2554 status = MGMT_STATUS_INVALID_PARAMS;
7fbec224 2555 else
a6785be2 2556 status = MGMT_STATUS_SUCCESS;
f0eeea8b 2557
bdb6d971 2558 err = cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE, status,
04124681 2559 &cp->addr, sizeof(cp->addr));
5e762444 2560
09fd0de5 2561 hci_dev_unlock(hdev);
7fbec224
AJ		 2562
2563 return err;
2564}
2565
cdbaccca
MH		 2566static int set_device_id(struct sock *sk, struct hci_dev *hdev, void *data,
2567 u16 len)
2568{
2569 struct mgmt_cp_set_device_id *cp = data;
2570 int err;
c72d4b8a 2571 __u16 source;
cdbaccca
MH		 2572
2573 BT_DBG("%s", hdev->name);
2574
c72d4b8a
SJ		 2575 source = __le16_to_cpu(cp->source);
2576
2577 if (source > 0x0002)
2578 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEVICE_ID,
2579 MGMT_STATUS_INVALID_PARAMS);
2580
cdbaccca
MH		 2581 hci_dev_lock(hdev);
2582
c72d4b8a 2583 hdev->devid_source = source;
cdbaccca
MH		 2584 hdev->devid_vendor = __le16_to_cpu(cp->vendor);
2585 hdev->devid_product = __le16_to_cpu(cp->product);
2586 hdev->devid_version = __le16_to_cpu(cp->version);
2587
2588 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEVICE_ID, 0, NULL, 0);
2589
2590 update_eir(hdev);
2591
2592 hci_dev_unlock(hdev);
2593
2594 return err;
2595}
2596
bdb6d971 2597static int set_fast_connectable(struct sock *sk, struct hci_dev *hdev,
04124681 2598 void *data, u16 len)
f6422ec6 2599{
650f726d 2600 struct mgmt_mode *cp = data;
f6422ec6
AJ		 2601 struct hci_cp_write_page_scan_activity acp;
2602 u8 type;
2603 int err;
2604
bdb6d971 2605 BT_DBG("%s", hdev->name);
f6422ec6 2606
33c525c0
JH		 2607 if (!lmp_bredr_capable(hdev))
2608 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
2609 MGMT_STATUS_NOT_SUPPORTED);
2610
5400c044 2611 if (!hdev_is_powered(hdev))
bdb6d971 2612 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2613 MGMT_STATUS_NOT_POWERED);
5400c044
JH		 2614
2615 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
bdb6d971 2616 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2617 MGMT_STATUS_REJECTED);
f6422ec6
AJ		 2618
2619 hci_dev_lock(hdev);
2620
f7c6869c 2621 if (cp->val) {
f6422ec6 2622 type = PAGE_SCAN_TYPE_INTERLACED;
76ec9de8 2623
83ce9a06
JH		 2624 /* 160 msec page scan interval */
2625 acp.interval = __constant_cpu_to_le16(0x0100);
f6422ec6
AJ		 2626 } else {
2627 type = PAGE_SCAN_TYPE_STANDARD; /* default */
76ec9de8
AE		 2628
2629 /* default 1.28 sec page scan */
2630 acp.interval = __constant_cpu_to_le16(0x0800);
f6422ec6
AJ		 2631 }
2632
76ec9de8
AE		 2633 /* default 11.25 msec page scan window */
2634 acp.window = __constant_cpu_to_le16(0x0012);
f6422ec6 2635
04124681
GP		 2636 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY, sizeof(acp),
2637 &acp);
f6422ec6 2638 if (err < 0) {
bdb6d971 2639 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2640 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2641 goto done;
2642 }
2643
2644 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
2645 if (err < 0) {
bdb6d971 2646 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2647 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2648 goto done;
2649 }
2650
bdb6d971 2651 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE, 0,
04124681 2652 NULL, 0);
f6422ec6
AJ		 2653done:
2654 hci_dev_unlock(hdev);
f6422ec6
AJ		 2655 return err;
2656}
2657
bdb6d971 2658static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
04124681 2659 void *cp_data, u16 len)
346af67b 2660{
346af67b
VCG		 2661 struct mgmt_cp_load_long_term_keys *cp = cp_data;
2662 u16 key_count, expected_len;
715a5bf2 2663 int i, err;
346af67b 2664
1f350c87 2665 key_count = __le16_to_cpu(cp->key_count);
346af67b
VCG		 2666
2667 expected_len = sizeof(*cp) + key_count *
2668 sizeof(struct mgmt_ltk_info);
2669 if (expected_len != len) {
2670 BT_ERR("load_keys: expected %u bytes, got %u bytes",
8ce8e2b5 2671 len, expected_len);
bdb6d971 2672 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS,
04124681 2673 EINVAL);
346af67b
VCG		 2674 }
2675
bdb6d971 2676 BT_DBG("%s key_count %u", hdev->name, key_count);
346af67b
VCG		 2677
2678 hci_dev_lock(hdev);
2679
2680 hci_smp_ltks_clear(hdev);
2681
2682 for (i = 0; i < key_count; i++) {
2683 struct mgmt_ltk_info *key = &cp->keys[i];
2684 u8 type;
2685
2686 if (key->master)
2687 type = HCI_SMP_LTK;
2688 else
2689 type = HCI_SMP_LTK_SLAVE;
2690
4596fde5 2691 hci_add_ltk(hdev, &key->addr.bdaddr,
378b5b7e 2692 bdaddr_to_le(key->addr.type),
04124681
GP		 2693 type, 0, key->authenticated, key->val,
2694 key->enc_size, key->ediv, key->rand);
346af67b
VCG		 2695 }
2696
715a5bf2
JH		 2697 err = cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS, 0,
2698 NULL, 0);
2699
346af67b 2700 hci_dev_unlock(hdev);
346af67b 2701
715a5bf2 2702 return err;
346af67b
VCG		 2703}
2704
2e3c35ea 2705static const struct mgmt_handler {
04124681
GP		 2706 int (*func) (struct sock *sk, struct hci_dev *hdev, void *data,
2707 u16 data_len);
be22b54e
JH		 2708 bool var_len;
2709 size_t data_len;
0f4e68cf
JH		 2710} mgmt_handlers[] = {
2711 { NULL }, /* 0x0000 (no command) */
be22b54e
JH		 2712 { read_version, false, MGMT_READ_VERSION_SIZE },
2713 { read_commands, false, MGMT_READ_COMMANDS_SIZE },
2714 { read_index_list, false, MGMT_READ_INDEX_LIST_SIZE },
2715 { read_controller_info, false, MGMT_READ_INFO_SIZE },
2716 { set_powered, false, MGMT_SETTING_SIZE },
2717 { set_discoverable, false, MGMT_SET_DISCOVERABLE_SIZE },
2718 { set_connectable, false, MGMT_SETTING_SIZE },
2719 { set_fast_connectable, false, MGMT_SETTING_SIZE },
2720 { set_pairable, false, MGMT_SETTING_SIZE },
2721 { set_link_security, false, MGMT_SETTING_SIZE },
2722 { set_ssp, false, MGMT_SETTING_SIZE },
2723 { set_hs, false, MGMT_SETTING_SIZE },
2724 { set_le, false, MGMT_SETTING_SIZE },
2725 { set_dev_class, false, MGMT_SET_DEV_CLASS_SIZE },
2726 { set_local_name, false, MGMT_SET_LOCAL_NAME_SIZE },
2727 { add_uuid, false, MGMT_ADD_UUID_SIZE },
2728 { remove_uuid, false, MGMT_REMOVE_UUID_SIZE },
2729 { load_link_keys, true, MGMT_LOAD_LINK_KEYS_SIZE },
2730 { load_long_term_keys, true, MGMT_LOAD_LONG_TERM_KEYS_SIZE },
2731 { disconnect, false, MGMT_DISCONNECT_SIZE },
2732 { get_connections, false, MGMT_GET_CONNECTIONS_SIZE },
2733 { pin_code_reply, false, MGMT_PIN_CODE_REPLY_SIZE },
2734 { pin_code_neg_reply, false, MGMT_PIN_CODE_NEG_REPLY_SIZE },
2735 { set_io_capability, false, MGMT_SET_IO_CAPABILITY_SIZE },
2736 { pair_device, false, MGMT_PAIR_DEVICE_SIZE },
2737 { cancel_pair_device, false, MGMT_CANCEL_PAIR_DEVICE_SIZE },
2738 { unpair_device, false, MGMT_UNPAIR_DEVICE_SIZE },
2739 { user_confirm_reply, false, MGMT_USER_CONFIRM_REPLY_SIZE },
2740 { user_confirm_neg_reply, false, MGMT_USER_CONFIRM_NEG_REPLY_SIZE },
2741 { user_passkey_reply, false, MGMT_USER_PASSKEY_REPLY_SIZE },
2742 { user_passkey_neg_reply, false, MGMT_USER_PASSKEY_NEG_REPLY_SIZE },
2743 { read_local_oob_data, false, MGMT_READ_LOCAL_OOB_DATA_SIZE },
2744 { add_remote_oob_data, false, MGMT_ADD_REMOTE_OOB_DATA_SIZE },
2745 { remove_remote_oob_data, false, MGMT_REMOVE_REMOTE_OOB_DATA_SIZE },
2746 { start_discovery, false, MGMT_START_DISCOVERY_SIZE },
2747 { stop_discovery, false, MGMT_STOP_DISCOVERY_SIZE },
2748 { confirm_name, false, MGMT_CONFIRM_NAME_SIZE },
2749 { block_device, false, MGMT_BLOCK_DEVICE_SIZE },
2750 { unblock_device, false, MGMT_UNBLOCK_DEVICE_SIZE },
cdbaccca 2751 { set_device_id, false, MGMT_SET_DEVICE_ID_SIZE },
0f4e68cf
JH		 2752};
2753
2754
0381101f
JH		 2755int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
2756{
650f726d
VCG		 2757 void *buf;
2758 u8 *cp;
0381101f 2759 struct mgmt_hdr *hdr;
4e51eae9 2760 u16 opcode, index, len;
bdb6d971 2761 struct hci_dev *hdev = NULL;
2e3c35ea 2762 const struct mgmt_handler *handler;
0381101f
JH		 2763 int err;
2764
2765 BT_DBG("got %zu bytes", msglen);
2766
2767 if (msglen < sizeof(*hdr))
2768 return -EINVAL;
2769
e63a15ec 2770 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 2771 if (!buf)
2772 return -ENOMEM;
2773
2774 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
2775 err = -EFAULT;
2776 goto done;
2777 }
2778
650f726d 2779 hdr = buf;
1f350c87
MH		 2780 opcode = __le16_to_cpu(hdr->opcode);
2781 index = __le16_to_cpu(hdr->index);
2782 len = __le16_to_cpu(hdr->len);
0381101f
JH		 2783
2784 if (len != msglen - sizeof(*hdr)) {
2785 err = -EINVAL;
2786 goto done;
2787 }
2788
0f4e68cf 2789 if (index != MGMT_INDEX_NONE) {
bdb6d971
JH		 2790 hdev = hci_dev_get(index);
2791 if (!hdev) {
2792 err = cmd_status(sk, index, opcode,
04124681 2793 MGMT_STATUS_INVALID_INDEX);
bdb6d971
JH		 2794 goto done;
2795 }
2796 }
2797
0f4e68cf 2798 if (opcode >= ARRAY_SIZE(mgmt_handlers) ||
8ce8e2b5 2799 mgmt_handlers[opcode].func == NULL) {
0381101f 2800 BT_DBG("Unknown op %u", opcode);
ca69b795 2801 err = cmd_status(sk, index, opcode,
04124681 2802 MGMT_STATUS_UNKNOWN_COMMAND);
0f4e68cf
JH		 2803 goto done;
2804 }
2805
2806 if ((hdev && opcode < MGMT_OP_READ_INFO) ||
8ce8e2b5 2807 (!hdev && opcode >= MGMT_OP_READ_INFO)) {
0f4e68cf 2808 err = cmd_status(sk, index, opcode,
04124681 2809 MGMT_STATUS_INVALID_INDEX);
0f4e68cf 2810 goto done;
0381101f
JH		 2811 }
2812
be22b54e
JH		 2813 handler = &mgmt_handlers[opcode];
2814
2815 if ((handler->var_len && len < handler->data_len) ||
8ce8e2b5 2816 (!handler->var_len && len != handler->data_len)) {
be22b54e 2817 err = cmd_status(sk, index, opcode,
04124681 2818 MGMT_STATUS_INVALID_PARAMS);
be22b54e
JH		 2819 goto done;
2820 }
2821
0f4e68cf
JH		 2822 if (hdev)
2823 mgmt_init_hdev(sk, hdev);
2824
2825 cp = buf + sizeof(*hdr);
2826
be22b54e 2827 err = handler->func(sk, hdev, cp, len);
e41d8b4e
JH		 2828 if (err < 0)
2829 goto done;
2830
0381101f
JH		 2831 err = msglen;
2832
2833done:
bdb6d971
JH		 2834 if (hdev)
2835 hci_dev_put(hdev);
2836
0381101f
JH		 2837 kfree(buf);
2838 return err;
2839}
c71e97bf 2840
b24752fe
JH		 2841static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
2842{
2843 u8 *status = data;
2844
2845 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
2846 mgmt_pending_remove(cmd);
2847}
2848
744cf19e 2849int mgmt_index_added(struct hci_dev *hdev)
c71e97bf 2850{
bb4b2a9a
AE		 2851 if (!mgmt_valid_hdev(hdev))
2852 return -ENOTSUPP;
2853
744cf19e 2854 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
c71e97bf
JH		 2855}
2856
744cf19e 2857int mgmt_index_removed(struct hci_dev *hdev)
c71e97bf 2858{
5f159032 2859 u8 status = MGMT_STATUS_INVALID_INDEX;
b24752fe 2860
bb4b2a9a
AE		 2861 if (!mgmt_valid_hdev(hdev))
2862 return -ENOTSUPP;
2863
744cf19e 2864 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe 2865
744cf19e 2866 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
eec8d2bc
JH		 2867}
2868
73f22f62 2869struct cmd_lookup {
eec8d2bc 2870 struct sock *sk;
69ab39ea 2871 struct hci_dev *hdev;
90e70454 2872 u8 mgmt_status;
eec8d2bc
JH		 2873};
2874
69ab39ea 2875static void settings_rsp(struct pending_cmd *cmd, void *data)
eec8d2bc 2876{
73f22f62 2877 struct cmd_lookup *match = data;
eec8d2bc 2878
69ab39ea 2879 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
eec8d2bc
JH		 2880
2881 list_del(&cmd->list);
2882
2883 if (match->sk == NULL) {
2884 match->sk = cmd->sk;
2885 sock_hold(match->sk);
2886 }
2887
2888 mgmt_pending_free(cmd);
c71e97bf 2889}
5add6af8 2890
7f0ae647
JH		 2891static int set_bredr_scan(struct hci_dev *hdev)
2892{
2893 u8 scan = 0;
2894
2895 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2896 scan |= SCAN_PAGE;
2897 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2898 scan |= SCAN_INQUIRY;
2899
2900 if (!scan)
2901 return 0;
2902
2903 return hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
2904}
2905
744cf19e 2906int mgmt_powered(struct hci_dev *hdev, u8 powered)
5add6af8 2907{
76a7f3a4 2908 struct cmd_lookup match = { NULL, hdev };
7bb895d6 2909 int err;
5add6af8 2910
5e5282bb
JH		 2911 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
2912 return 0;
2913
69ab39ea 2914 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
5add6af8 2915
5e5282bb 2916 if (powered) {
6b4b73ee
JH		 2917 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) &&
2918 !lmp_host_ssp_capable(hdev)) {
3d1cbdd6
AK		 2919 u8 ssp = 1;
2920
2921 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, 1, &ssp);
2922 }
2923
562fcc24
AK		 2924 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
2925 struct hci_cp_write_le_host_supported cp;
2926
2927 cp.le = 1;
ffa88e02 2928 cp.simul = lmp_le_br_capable(hdev);
562fcc24 2929
430a61b8
JH		 2930 /* Check first if we already have the right
2931 * host state (host features set)
2932 */
ffa88e02
GP		 2933 if (cp.le != lmp_host_le_capable(hdev) ||
2934 cp.simul != lmp_host_le_br_capable(hdev))
430a61b8
JH		 2935 hci_send_cmd(hdev,
2936 HCI_OP_WRITE_LE_HOST_SUPPORTED,
2937 sizeof(cp), &cp);
562fcc24
AK		 2938 }
2939
7f0ae647
JH		 2940 if (lmp_bredr_capable(hdev)) {
2941 set_bredr_scan(hdev);
2942 update_class(hdev);
2943 update_name(hdev, hdev->dev_name);
2944 update_eir(hdev);
2945 }
5e5282bb 2946 } else {
d4f68526 2947 u8 status = MGMT_STATUS_NOT_POWERED;
744cf19e 2948 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe
JH		 2949 }
2950
beadb2bd 2951 err = new_settings(hdev, match.sk);
eec8d2bc
JH		 2952
2953 if (match.sk)
2954 sock_put(match.sk);
2955
7bb895d6 2956 return err;
5add6af8 2957}
73f22f62 2958
744cf19e 2959int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
73f22f62 2960{
76a7f3a4 2961 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 2962 bool changed = false;
2963 int err = 0;
73f22f62 2964
5e5282bb
JH		 2965 if (discoverable) {
2966 if (!test_and_set_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2967 changed = true;
2968 } else {
2969 if (test_and_clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2970 changed = true;
2971 }
73f22f62 2972
ed9b5f2f 2973 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp,
04124681 2974 &match);
ed9b5f2f 2975
beadb2bd
JH		 2976 if (changed)
2977 err = new_settings(hdev, match.sk);
5e5282bb 2978
73f22f62
JH		 2979 if (match.sk)
2980 sock_put(match.sk);
2981
7bb895d6 2982 return err;
73f22f62 2983}
9fbcbb45 2984
744cf19e 2985int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
9fbcbb45 2986{
76a7f3a4 2987 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 2988 bool changed = false;
2989 int err = 0;
9fbcbb45 2990
5e5282bb
JH		 2991 if (connectable) {
2992 if (!test_and_set_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2993 changed = true;
2994 } else {
2995 if (test_and_clear_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2996 changed = true;
2997 }
9fbcbb45 2998
ed9b5f2f 2999 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, settings_rsp,
04124681 3000 &match);
ed9b5f2f 3001
beadb2bd
JH		 3002 if (changed)
3003 err = new_settings(hdev, match.sk);
9fbcbb45
JH		 3004
3005 if (match.sk)
3006 sock_put(match.sk);
3007
7bb895d6 3008 return err;
9fbcbb45 3009}
55ed8ca1 3010
744cf19e 3011int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2d7cee58 3012{
ca69b795
JH		 3013 u8 mgmt_err = mgmt_status(status);
3014
2d7cee58 3015 if (scan & SCAN_PAGE)
744cf19e 3016 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
04124681 3017 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 3018
3019 if (scan & SCAN_INQUIRY)
744cf19e 3020 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
04124681 3021 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 3022
3023 return 0;
3024}
3025
53168e5b
CC		 3026int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
3027 bool persistent)
55ed8ca1 3028{
86742e1e 3029 struct mgmt_ev_new_link_key ev;
55ed8ca1 3030
a492cd52 3031 memset(&ev, 0, sizeof(ev));
55ed8ca1 3032
a492cd52 3033 ev.store_hint = persistent;
d753fdc4 3034 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
591f47f3 3035 ev.key.addr.type = BDADDR_BREDR;
a492cd52 3036 ev.key.type = key->type;
9b3b4460 3037 memcpy(ev.key.val, key->val, HCI_LINK_KEY_SIZE);
a492cd52 3038 ev.key.pin_len = key->pin_len;
55ed8ca1 3039
744cf19e 3040 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
55ed8ca1 3041}
f7520543 3042
346af67b
VCG		 3043int mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key, u8 persistent)
3044{
3045 struct mgmt_ev_new_long_term_key ev;
3046
3047 memset(&ev, 0, sizeof(ev));
3048
3049 ev.store_hint = persistent;
3050 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
57c1477c 3051 ev.key.addr.type = link_to_bdaddr(LE_LINK, key->bdaddr_type);
346af67b
VCG		 3052 ev.key.authenticated = key->authenticated;
3053 ev.key.enc_size = key->enc_size;
3054 ev.key.ediv = key->ediv;
3055
3056 if (key->type == HCI_SMP_LTK)
3057 ev.key.master = 1;
3058
3059 memcpy(ev.key.rand, key->rand, sizeof(key->rand));
3060 memcpy(ev.key.val, key->val, sizeof(key->val));
3061
04124681
GP		 3062 return mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY, hdev, &ev, sizeof(ev),
3063 NULL);
346af67b
VCG		 3064}
3065
afc747a6 3066int mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 3067 u8 addr_type, u32 flags, u8 *name, u8 name_len,
3068 u8 *dev_class)
f7520543 3069{
b644ba33
JH		 3070 char buf[512];
3071 struct mgmt_ev_device_connected *ev = (void *) buf;
3072 u16 eir_len = 0;
f7520543 3073
b644ba33 3074 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3075 ev->addr.type = link_to_bdaddr(link_type, addr_type);
f7520543 3076
c95f0ba7 3077 ev->flags = __cpu_to_le32(flags);
08c79b61 3078
b644ba33
JH		 3079 if (name_len > 0)
3080 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE,
04124681 3081 name, name_len);
b644ba33
JH		 3082
3083 if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0)
53156385 3084 eir_len = eir_append_data(ev->eir, eir_len,
04124681 3085 EIR_CLASS_OF_DEV, dev_class, 3);
b644ba33 3086
eb55ef07 3087 ev->eir_len = cpu_to_le16(eir_len);
b644ba33
JH		 3088
3089 return mgmt_event(MGMT_EV_DEVICE_CONNECTED, hdev, buf,
04124681 3090 sizeof(*ev) + eir_len, NULL);
f7520543
JH		 3091}
3092
8962ee74
JH		 3093static void disconnect_rsp(struct pending_cmd *cmd, void *data)
3094{
c68fb7ff 3095 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 3096 struct sock **sk = data;
a38528f1 3097 struct mgmt_rp_disconnect rp;
8962ee74 3098
88c3df13
JH		 3099 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3100 rp.addr.type = cp->addr.type;
8962ee74 3101
aee9b218 3102 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, 0, &rp,
04124681 3103 sizeof(rp));
8962ee74
JH		 3104
3105 *sk = cmd->sk;
3106 sock_hold(*sk);
3107
a664b5bc 3108 mgmt_pending_remove(cmd);
8962ee74
JH		 3109}
3110
124f6e35 3111static void unpair_device_rsp(struct pending_cmd *cmd, void *data)
a8a1d19e 3112{
b1078ad0 3113 struct hci_dev *hdev = data;
124f6e35
JH		 3114 struct mgmt_cp_unpair_device *cp = cmd->param;
3115 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 3116
3117 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 3118 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3119 rp.addr.type = cp->addr.type;
a8a1d19e 3120
b1078ad0
JH		 3121 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, cmd->sk);
3122
aee9b218 3123 cmd_complete(cmd->sk, cmd->index, cmd->opcode, 0, &rp, sizeof(rp));
a8a1d19e
JH		 3124
3125 mgmt_pending_remove(cmd);
3126}
3127
afc747a6 3128int mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr,
f0d6a0ea 3129 u8 link_type, u8 addr_type, u8 reason)
f7520543 3130{
f0d6a0ea 3131 struct mgmt_ev_device_disconnected ev;
8962ee74
JH		 3132 struct sock *sk = NULL;
3133 int err;
3134
744cf19e 3135 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
f7520543 3136
f0d6a0ea
MA		 3137 bacpy(&ev.addr.bdaddr, bdaddr);
3138 ev.addr.type = link_to_bdaddr(link_type, addr_type);
3139 ev.reason = reason;
f7520543 3140
afc747a6 3141 err = mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev),
04124681 3142 sk);
8962ee74
JH		 3143
3144 if (sk)
d97dcb66 3145 sock_put(sk);
8962ee74 3146
124f6e35 3147 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
04124681 3148 hdev);
a8a1d19e 3149
8962ee74
JH		 3150 return err;
3151}
3152
88c3df13 3153int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3154 u8 link_type, u8 addr_type, u8 status)
8962ee74 3155{
88c3df13 3156 struct mgmt_rp_disconnect rp;
8962ee74
JH		 3157 struct pending_cmd *cmd;
3158 int err;
3159
36a75f1b
JD		 3160 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
3161 hdev);
3162
2e58ef3e 3163 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
8962ee74
JH		 3164 if (!cmd)
3165 return -ENOENT;
3166
88c3df13 3167 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 3168 rp.addr.type = link_to_bdaddr(link_type, addr_type);
37d9ef76 3169
88c3df13 3170 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
04124681 3171 mgmt_status(status), &rp, sizeof(rp));
8962ee74 3172
a664b5bc 3173 mgmt_pending_remove(cmd);
8962ee74
JH		 3174
3175 return err;
f7520543 3176}
17d5c04c 3177
48264f06 3178int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3179 u8 addr_type, u8 status)
17d5c04c
JH		 3180{
3181 struct mgmt_ev_connect_failed ev;
3182
4c659c39 3183 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3184 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 3185 ev.status = mgmt_status(status);
17d5c04c 3186
744cf19e 3187 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
17d5c04c 3188}
980e1a53 3189
744cf19e 3190int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 3191{
3192 struct mgmt_ev_pin_code_request ev;
3193
d8457698 3194 bacpy(&ev.addr.bdaddr, bdaddr);
591f47f3 3195 ev.addr.type = BDADDR_BREDR;
a770bb5a 3196 ev.secure = secure;
980e1a53 3197
744cf19e 3198 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
04124681 3199 NULL);
980e1a53
JH		 3200}
3201
744cf19e 3202int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3203 u8 status)
980e1a53
JH		 3204{
3205 struct pending_cmd *cmd;
ac56fb13 3206 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3207 int err;
3208
2e58ef3e 3209 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
980e1a53
JH		 3210 if (!cmd)
3211 return -ENOENT;
3212
d8457698 3213 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 3214 rp.addr.type = BDADDR_BREDR;
ac56fb13 3215
aee9b218 3216 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 3217 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3218
a664b5bc 3219 mgmt_pending_remove(cmd);
980e1a53
JH		 3220
3221 return err;
3222}
3223
744cf19e 3224int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3225 u8 status)
980e1a53
JH		 3226{
3227 struct pending_cmd *cmd;
ac56fb13 3228 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3229 int err;
3230
2e58ef3e 3231 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
980e1a53
JH		 3232 if (!cmd)
3233 return -ENOENT;
3234
d8457698 3235 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 3236 rp.addr.type = BDADDR_BREDR;
ac56fb13 3237
aee9b218 3238 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY,
04124681 3239 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3240
a664b5bc 3241 mgmt_pending_remove(cmd);
980e1a53
JH		 3242
3243 return err;
3244}
a5c29683 3245
744cf19e 3246int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681
GP		 3247 u8 link_type, u8 addr_type, __le32 value,
3248 u8 confirm_hint)
a5c29683
JH		 3249{
3250 struct mgmt_ev_user_confirm_request ev;
3251
744cf19e 3252 BT_DBG("%s", hdev->name);
a5c29683 3253
272d90df 3254 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3255 ev.addr.type = link_to_bdaddr(link_type, addr_type);
55bc1a37 3256 ev.confirm_hint = confirm_hint;
78e8098e 3257 ev.value = value;
a5c29683 3258
744cf19e 3259 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
04124681 3260 NULL);
a5c29683
JH		 3261}
3262
272d90df 3263int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5 3264 u8 link_type, u8 addr_type)
604086b7
BG		 3265{
3266 struct mgmt_ev_user_passkey_request ev;
3267
3268 BT_DBG("%s", hdev->name);
3269
272d90df 3270 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3271 ev.addr.type = link_to_bdaddr(link_type, addr_type);
604086b7
BG		 3272
3273 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
04124681 3274 NULL);
604086b7
BG		 3275}
3276
0df4c185 3277static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5
GP		 3278 u8 link_type, u8 addr_type, u8 status,
3279 u8 opcode)
a5c29683
JH		 3280{
3281 struct pending_cmd *cmd;
3282 struct mgmt_rp_user_confirm_reply rp;
3283 int err;
3284
2e58ef3e 3285 cmd = mgmt_pending_find(opcode, hdev);
a5c29683
JH		 3286 if (!cmd)
3287 return -ENOENT;
3288
272d90df 3289 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 3290 rp.addr.type = link_to_bdaddr(link_type, addr_type);
aee9b218 3291 err = cmd_complete(cmd->sk, hdev->id, opcode, mgmt_status(status),
04124681 3292 &rp, sizeof(rp));
a5c29683 3293
a664b5bc 3294 mgmt_pending_remove(cmd);
a5c29683
JH		 3295
3296 return err;
3297}
3298
744cf19e 3299int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3300 u8 link_type, u8 addr_type, u8 status)
a5c29683 3301{
272d90df 3302 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3303 status, MGMT_OP_USER_CONFIRM_REPLY);
a5c29683
JH		 3304}
3305
272d90df 3306int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3307 u8 link_type, u8 addr_type, u8 status)
a5c29683 3308{
272d90df 3309 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 3310 status,
3311 MGMT_OP_USER_CONFIRM_NEG_REPLY);
a5c29683 3312}
2a611692 3313
604086b7 3314int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3315 u8 link_type, u8 addr_type, u8 status)
604086b7 3316{
272d90df 3317 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3318 status, MGMT_OP_USER_PASSKEY_REPLY);
604086b7
BG		 3319}
3320
272d90df 3321int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3322 u8 link_type, u8 addr_type, u8 status)
604086b7 3323{
272d90df 3324 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 3325 status,
3326 MGMT_OP_USER_PASSKEY_NEG_REPLY);
604086b7
BG		 3327}
3328
92a25256
JH		 3329int mgmt_user_passkey_notify(struct hci_dev *hdev, bdaddr_t *bdaddr,
3330 u8 link_type, u8 addr_type, u32 passkey,
3331 u8 entered)
3332{
3333 struct mgmt_ev_passkey_notify ev;
3334
3335 BT_DBG("%s", hdev->name);
3336
3337 bacpy(&ev.addr.bdaddr, bdaddr);
3338 ev.addr.type = link_to_bdaddr(link_type, addr_type);
3339 ev.passkey = __cpu_to_le32(passkey);
3340 ev.entered = entered;
3341
3342 return mgmt_event(MGMT_EV_PASSKEY_NOTIFY, hdev, &ev, sizeof(ev), NULL);
3343}
3344
bab73cb6 3345int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3346 u8 addr_type, u8 status)
2a611692
JH		 3347{
3348 struct mgmt_ev_auth_failed ev;
3349
bab73cb6 3350 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3351 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 3352 ev.status = mgmt_status(status);
2a611692 3353
744cf19e 3354 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2a611692 3355}
b312b161 3356
33ef95ed
JH		 3357int mgmt_auth_enable_complete(struct hci_dev *hdev, u8 status)
3358{
3359 struct cmd_lookup match = { NULL, hdev };
47990ea0
JH		 3360 bool changed = false;
3361 int err = 0;
33ef95ed
JH		 3362
3363 if (status) {
3364 u8 mgmt_err = mgmt_status(status);
3365 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev,
04124681 3366 cmd_status_rsp, &mgmt_err);
33ef95ed
JH		 3367 return 0;
3368 }
3369
47990ea0
JH		 3370 if (test_bit(HCI_AUTH, &hdev->flags)) {
3371 if (!test_and_set_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3372 changed = true;
3373 } else {
3374 if (test_and_clear_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3375 changed = true;
3376 }
3377
33ef95ed 3378 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev, settings_rsp,
04124681 3379 &match);
33ef95ed 3380
47990ea0
JH		 3381 if (changed)
3382 err = new_settings(hdev, match.sk);
33ef95ed
JH		 3383
3384 if (match.sk)
3385 sock_put(match.sk);
3386
3387 return err;
3388}
3389
cacaf52f
JH		 3390static int clear_eir(struct hci_dev *hdev)
3391{
3392 struct hci_cp_write_eir cp;
3393
976eb20e 3394 if (!lmp_ext_inq_capable(hdev))
cacaf52f
JH		 3395 return 0;
3396
c80da27e
JH		 3397 memset(hdev->eir, 0, sizeof(hdev->eir));
3398
cacaf52f
JH		 3399 memset(&cp, 0, sizeof(cp));
3400
3401 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
3402}
3403
c0ecddc2 3404int mgmt_ssp_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
ed2c4ee3
JH		 3405{
3406 struct cmd_lookup match = { NULL, hdev };
c0ecddc2
JH		 3407 bool changed = false;
3408 int err = 0;
ed2c4ee3
JH		 3409
3410 if (status) {
3411 u8 mgmt_err = mgmt_status(status);
c0ecddc2
JH		 3412
3413 if (enable && test_and_clear_bit(HCI_SSP_ENABLED,
04124681 3414 &hdev->dev_flags))
c0ecddc2
JH		 3415 err = new_settings(hdev, NULL);
3416
04124681
GP		 3417 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, cmd_status_rsp,
3418 &mgmt_err);
c0ecddc2
JH		 3419
3420 return err;
3421 }
3422
3423 if (enable) {
3424 if (!test_and_set_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3425 changed = true;
3426 } else {
3427 if (test_and_clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3428 changed = true;
ed2c4ee3
JH		 3429 }
3430
3431 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, settings_rsp, &match);
3432
c0ecddc2
JH		 3433 if (changed)
3434 err = new_settings(hdev, match.sk);
ed2c4ee3 3435
5fc6ebb1 3436 if (match.sk)
ed2c4ee3
JH		 3437 sock_put(match.sk);
3438
5fc6ebb1
JH		 3439 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3440 update_eir(hdev);
3441 else
3442 clear_eir(hdev);
cacaf52f 3443
ed2c4ee3
JH		 3444 return err;
3445}
3446
90e70454
JH		 3447static void class_rsp(struct pending_cmd *cmd, void *data)
3448{
3449 struct cmd_lookup *match = data;
3450
3451 cmd_complete(cmd->sk, cmd->index, cmd->opcode, match->mgmt_status,
04124681 3452 match->hdev->dev_class, 3);
90e70454
JH		 3453
3454 list_del(&cmd->list);
3455
3456 if (match->sk == NULL) {
3457 match->sk = cmd->sk;
3458 sock_hold(match->sk);
3459 }
3460
3461 mgmt_pending_free(cmd);
3462}
3463
7f9a903c 3464int mgmt_set_class_of_dev_complete(struct hci_dev *hdev, u8 *dev_class,
04124681 3465 u8 status)
7f9a903c 3466{
90e70454
JH		 3467 struct cmd_lookup match = { NULL, hdev, mgmt_status(status) };
3468 int err = 0;
7f9a903c 3469
c95f0ba7
JH		 3470 clear_bit(HCI_PENDING_CLASS, &hdev->dev_flags);
3471
90e70454
JH		 3472 mgmt_pending_foreach(MGMT_OP_SET_DEV_CLASS, hdev, class_rsp, &match);
3473 mgmt_pending_foreach(MGMT_OP_ADD_UUID, hdev, class_rsp, &match);
3474 mgmt_pending_foreach(MGMT_OP_REMOVE_UUID, hdev, class_rsp, &match);
3475
3476 if (!status)
04124681
GP		 3477 err = mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev, dev_class,
3478 3, NULL);
90e70454
JH		 3479
3480 if (match.sk)
3481 sock_put(match.sk);
7f9a903c
MH		 3482
3483 return err;
3484}
3485
744cf19e 3486int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
b312b161
JH		 3487{
3488 struct pending_cmd *cmd;
3489 struct mgmt_cp_set_local_name ev;
28cc7bde
JH		 3490 bool changed = false;
3491 int err = 0;
3492
3493 if (memcmp(name, hdev->dev_name, sizeof(hdev->dev_name)) != 0) {
3494 memcpy(hdev->dev_name, name, sizeof(hdev->dev_name));
3495 changed = true;
3496 }
b312b161
JH		 3497
3498 memset(&ev, 0, sizeof(ev));
3499 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
28cc7bde 3500 memcpy(ev.short_name, hdev->short_name, HCI_MAX_SHORT_NAME_LENGTH);
b312b161 3501
2e58ef3e 3502 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
b312b161
JH		 3503 if (!cmd)
3504 goto send_event;
3505
7bdaae4a
JH		 3506 /* Always assume that either the short or the complete name has
3507 * changed if there was a pending mgmt command */
3508 changed = true;
3509
b312b161 3510 if (status) {
744cf19e 3511 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
04124681 3512 mgmt_status(status));
b312b161
JH		 3513 goto failed;
3514 }
3515
aee9b218 3516 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0, &ev,
04124681 3517 sizeof(ev));
b312b161
JH		 3518 if (err < 0)
3519 goto failed;
3520
3521send_event:
28cc7bde
JH		 3522 if (changed)
3523 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev,
04124681 3524 sizeof(ev), cmd ? cmd->sk : NULL);
28cc7bde 3525
1225a6bd
JH		 3526 /* EIR is taken care of separately when powering on the
3527 * adapter so only update them here if this is a name change
3528 * unrelated to power on.
3529 */
3530 if (!test_bit(HCI_INIT, &hdev->flags))
3531 update_eir(hdev);
b312b161
JH		 3532
3533failed:
3534 if (cmd)
3535 mgmt_pending_remove(cmd);
3536 return err;
3537}
c35938b2 3538
744cf19e 3539int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
04124681 3540 u8 *randomizer, u8 status)
c35938b2
SJ		 3541{
3542 struct pending_cmd *cmd;
3543 int err;
3544
744cf19e 3545 BT_DBG("%s status %u", hdev->name, status);
c35938b2 3546
2e58ef3e 3547 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
c35938b2
SJ		 3548 if (!cmd)
3549 return -ENOENT;
3550
3551 if (status) {
04124681
GP		 3552 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
3553 mgmt_status(status));
c35938b2
SJ		 3554 } else {
3555 struct mgmt_rp_read_local_oob_data rp;
3556
3557 memcpy(rp.hash, hash, sizeof(rp.hash));
3558 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
3559
744cf19e 3560 err = cmd_complete(cmd->sk, hdev->id,
04124681
GP		 3561 MGMT_OP_READ_LOCAL_OOB_DATA, 0, &rp,
3562 sizeof(rp));
c35938b2
SJ		 3563 }
3564
3565 mgmt_pending_remove(cmd);
3566
3567 return err;
3568}
e17acd40 3569
06199cf8
JH		 3570int mgmt_le_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
3571{
3572 struct cmd_lookup match = { NULL, hdev };
3573 bool changed = false;
3574 int err = 0;
3575
3576 if (status) {
3577 u8 mgmt_err = mgmt_status(status);
3578
3579 if (enable && test_and_clear_bit(HCI_LE_ENABLED,
04124681 3580 &hdev->dev_flags))
d97dcb66 3581 err = new_settings(hdev, NULL);
06199cf8 3582
d97dcb66
SJ		 3583 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, cmd_status_rsp,
3584 &mgmt_err);
06199cf8
JH		 3585
3586 return err;
3587 }
3588
3589 if (enable) {
3590 if (!test_and_set_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3591 changed = true;
3592 } else {
3593 if (test_and_clear_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3594 changed = true;
3595 }
3596
3597 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, settings_rsp, &match);
3598
3599 if (changed)
3600 err = new_settings(hdev, match.sk);
3601
3602 if (match.sk)
3603 sock_put(match.sk);
3604
3605 return err;
3606}
3607
48264f06 3608int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 3609 u8 addr_type, u8 *dev_class, s8 rssi, u8 cfm_name, u8
3610 ssp, u8 *eir, u16 eir_len)
e17acd40 3611{
e319d2e7
JH		 3612 char buf[512];
3613 struct mgmt_ev_device_found *ev = (void *) buf;
1dc06093 3614 size_t ev_size;
e17acd40 3615
1dc06093
JH		 3616 /* Leave 5 bytes for a potential CoD field */
3617 if (sizeof(*ev) + eir_len + 5 > sizeof(buf))
7d262f86
AG		 3618 return -EINVAL;
3619
1dc06093
JH		 3620 memset(buf, 0, sizeof(buf));
3621
e319d2e7 3622 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3623 ev->addr.type = link_to_bdaddr(link_type, addr_type);
e319d2e7 3624 ev->rssi = rssi;
9a395a80 3625 if (cfm_name)
612dfce9 3626 ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_CONFIRM_NAME);
388fc8fa 3627 if (!ssp)
612dfce9 3628 ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_LEGACY_PAIRING);
e17acd40 3629
1dc06093 3630 if (eir_len > 0)
e319d2e7 3631 memcpy(ev->eir, eir, eir_len);
e17acd40 3632
1dc06093
JH		 3633 if (dev_class && !eir_has_data_type(ev->eir, eir_len, EIR_CLASS_OF_DEV))
3634 eir_len = eir_append_data(ev->eir, eir_len, EIR_CLASS_OF_DEV,
04124681 3635 dev_class, 3);
1dc06093 3636
eb55ef07 3637 ev->eir_len = cpu_to_le16(eir_len);
1dc06093 3638 ev_size = sizeof(*ev) + eir_len;
f8523598 3639
e319d2e7 3640 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, ev_size, NULL);
e17acd40 3641}
a88a9652 3642
b644ba33 3643int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3644 u8 addr_type, s8 rssi, u8 *name, u8 name_len)
a88a9652 3645{
b644ba33
JH		 3646 struct mgmt_ev_device_found *ev;
3647 char buf[sizeof(*ev) + HCI_MAX_NAME_LENGTH + 2];
3648 u16 eir_len;
a88a9652 3649
b644ba33 3650 ev = (struct mgmt_ev_device_found *) buf;
a88a9652 3651
b644ba33
JH		 3652 memset(buf, 0, sizeof(buf));
3653
3654 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3655 ev->addr.type = link_to_bdaddr(link_type, addr_type);
b644ba33
JH		 3656 ev->rssi = rssi;
3657
3658 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name,
04124681 3659 name_len);
b644ba33 3660
eb55ef07 3661 ev->eir_len = cpu_to_le16(eir_len);
a88a9652 3662
053c7e0c 3663 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev,
04124681 3664 sizeof(*ev) + eir_len, NULL);
a88a9652 3665}
314b2381 3666
7a135109 3667int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
164a6e78
JH		 3668{
3669 struct pending_cmd *cmd;
f808e166 3670 u8 type;
164a6e78
JH		 3671 int err;
3672
203159d4
AG		 3673 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3674
2e58ef3e 3675 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78
JH		 3676 if (!cmd)
3677 return -ENOENT;
3678
f808e166
JH		 3679 type = hdev->discovery.type;
3680
3681 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 3682 &type, sizeof(type));
164a6e78
JH		 3683 mgmt_pending_remove(cmd);
3684
3685 return err;
3686}
3687
e6d465cb
AG		 3688int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
3689{
3690 struct pending_cmd *cmd;
3691 int err;
3692
3693 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
3694 if (!cmd)
3695 return -ENOENT;
3696
d930650b 3697 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 3698 &hdev->discovery.type, sizeof(hdev->discovery.type));
164a6e78
JH		 3699 mgmt_pending_remove(cmd);
3700
3701 return err;
3702}
3703
744cf19e 3704int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
314b2381 3705{
f963e8e9 3706 struct mgmt_ev_discovering ev;
164a6e78
JH		 3707 struct pending_cmd *cmd;
3708
343fb145
AG		 3709 BT_DBG("%s discovering %u", hdev->name, discovering);
3710
164a6e78 3711 if (discovering)
2e58ef3e 3712 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78 3713 else
2e58ef3e 3714 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
164a6e78
JH		 3715
3716 if (cmd != NULL) {
f808e166
JH		 3717 u8 type = hdev->discovery.type;
3718
04124681
GP		 3719 cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0, &type,
3720 sizeof(type));
164a6e78
JH		 3721 mgmt_pending_remove(cmd);
3722 }
3723
f963e8e9
JH		 3724 memset(&ev, 0, sizeof(ev));
3725 ev.type = hdev->discovery.type;
3726 ev.discovering = discovering;
3727
3728 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &ev, sizeof(ev), NULL);
314b2381 3729}
5e762444 3730
88c1fe4b 3731int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3732{
3733 struct pending_cmd *cmd;
3734 struct mgmt_ev_device_blocked ev;
3735
2e58ef3e 3736 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
5e762444 3737
88c1fe4b
JH		 3738 bacpy(&ev.addr.bdaddr, bdaddr);
3739 ev.addr.type = type;
5e762444 3740
744cf19e 3741 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
04124681 3742 cmd ? cmd->sk : NULL);
5e762444
AJ		 3743}
3744
88c1fe4b 3745int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3746{
3747 struct pending_cmd *cmd;
3748 struct mgmt_ev_device_unblocked ev;
3749
2e58ef3e 3750 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
5e762444 3751
88c1fe4b
JH		 3752 bacpy(&ev.addr.bdaddr, bdaddr);
3753 ev.addr.type = type;
5e762444 3754
744cf19e 3755 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
04124681 3756 cmd ? cmd->sk : NULL);
5e762444 3757}
d7b7e796
MH		 3758
3759module_param(enable_hs, bool, 0644);
3760MODULE_PARM_DESC(enable_hs, "Enable High Speed support");
Linux kernel - Deliverables
This page took 0.386932 seconds and 5 git commands to generate.