projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Bluetooth: Create a unique mgmt error code hierarchy
[deliverable/linux.git] / net / bluetooth / mgmt.c
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21 */
22
23 /* Bluetooth HCI Management interface */
24
25 #include <linux/kernel.h>
26 #include <linux/uaccess.h>
27 #include <asm/unaligned.h>
28
29 #include <net/bluetooth/bluetooth.h>
30 #include <net/bluetooth/hci_core.h>
31 #include <net/bluetooth/mgmt.h>
32
33 #define MGMT_VERSION 0
34 #define MGMT_REVISION 1
35
36 #define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
37
38 struct pending_cmd {
39 struct list_head list;
40 u16 opcode;
41 int index;
42 void *param;
43 struct sock *sk;
44 void *user_data;
45 };
46
47 /* HCI to MGMT error code conversion table */
48 static u8 mgmt_status_table[] = {
49 MGMT_STATUS_SUCCESS,
50 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
51 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
52 MGMT_STATUS_FAILED, /* Hardware Failure */
53 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
54 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
55 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
56 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
57 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
58 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
59 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
60 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
61 MGMT_STATUS_BUSY, /* Command Disallowed */
62 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
63 MGMT_STATUS_REJECTED, /* Rejected Security */
64 MGMT_STATUS_REJECTED, /* Rejected Personal */
65 MGMT_STATUS_TIMEOUT, /* Host Timeout */
66 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
67 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
68 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
69 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
70 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
71 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
72 MGMT_STATUS_BUSY, /* Repeated Attempts */
73 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
74 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
75 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
76 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
77 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
78 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
79 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
80 MGMT_STATUS_FAILED, /* Unspecified Error */
81 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
82 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
83 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
84 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
85 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
86 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
87 MGMT_STATUS_FAILED, /* Unit Link Key Used */
88 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
89 MGMT_STATUS_TIMEOUT, /* Instant Passed */
90 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
91 MGMT_STATUS_FAILED, /* Transaction Collision */
92 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
93 MGMT_STATUS_REJECTED, /* QoS Rejected */
94 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
95 MGMT_STATUS_REJECTED, /* Insufficient Security */
96 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
97 MGMT_STATUS_BUSY, /* Role Switch Pending */
98 MGMT_STATUS_FAILED, /* Slot Violation */
99 MGMT_STATUS_FAILED, /* Role Switch Failed */
100 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
101 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
102 MGMT_STATUS_BUSY, /* Host Busy Pairing */
103 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
104 MGMT_STATUS_BUSY, /* Controller Busy */
105 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
106 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
107 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
108 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
109 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
110 };
111
112 static u8 mgmt_status(u8 hci_status)
113 {
114 if (hci_status < ARRAY_SIZE(mgmt_status_table))
115 return mgmt_status_table[hci_status];
116
117 return MGMT_STATUS_FAILED;
118 }
119
120 static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
121 {
122 struct sk_buff *skb;
123 struct mgmt_hdr *hdr;
124 struct mgmt_ev_cmd_status *ev;
125 int err;
126
127 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
128
129 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
130 if (!skb)
131 return -ENOMEM;
132
133 hdr = (void *) skb_put(skb, sizeof(*hdr));
134
135 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
136 hdr->index = cpu_to_le16(index);
137 hdr->len = cpu_to_le16(sizeof(*ev));
138
139 ev = (void *) skb_put(skb, sizeof(*ev));
140 ev->status = status;
141 put_unaligned_le16(cmd, &ev->opcode);
142
143 err = sock_queue_rcv_skb(sk, skb);
144 if (err < 0)
145 kfree_skb(skb);
146
147 return err;
148 }
149
150 static int cmd_complete(struct sock *sk, u16 index, u16 cmd, void *rp,
151 size_t rp_len)
152 {
153 struct sk_buff *skb;
154 struct mgmt_hdr *hdr;
155 struct mgmt_ev_cmd_complete *ev;
156 int err;
157
158 BT_DBG("sock %p", sk);
159
160 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
161 if (!skb)
162 return -ENOMEM;
163
164 hdr = (void *) skb_put(skb, sizeof(*hdr));
165
166 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
167 hdr->index = cpu_to_le16(index);
168 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
169
170 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
171 put_unaligned_le16(cmd, &ev->opcode);
172
173 if (rp)
174 memcpy(ev->data, rp, rp_len);
175
176 err = sock_queue_rcv_skb(sk, skb);
177 if (err < 0)
178 kfree_skb(skb);
179
180 return err;;
181 }
182
183 static int read_version(struct sock *sk)
184 {
185 struct mgmt_rp_read_version rp;
186
187 BT_DBG("sock %p", sk);
188
189 rp.version = MGMT_VERSION;
190 put_unaligned_le16(MGMT_REVISION, &rp.revision);
191
192 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, &rp,
193 sizeof(rp));
194 }
195
196 static int read_index_list(struct sock *sk)
197 {
198 struct mgmt_rp_read_index_list *rp;
199 struct list_head *p;
200 struct hci_dev *d;
201 size_t rp_len;
202 u16 count;
203 int i, err;
204
205 BT_DBG("sock %p", sk);
206
207 read_lock(&hci_dev_list_lock);
208
209 count = 0;
210 list_for_each(p, &hci_dev_list) {
211 count++;
212 }
213
214 rp_len = sizeof(*rp) + (2 * count);
215 rp = kmalloc(rp_len, GFP_ATOMIC);
216 if (!rp) {
217 read_unlock(&hci_dev_list_lock);
218 return -ENOMEM;
219 }
220
221 put_unaligned_le16(count, &rp->num_controllers);
222
223 i = 0;
224 list_for_each_entry(d, &hci_dev_list, list) {
225 if (test_and_clear_bit(HCI_AUTO_OFF, &d->flags))
226 cancel_delayed_work(&d->power_off);
227
228 if (test_bit(HCI_SETUP, &d->flags))
229 continue;
230
231 put_unaligned_le16(d->id, &rp->index[i++]);
232 BT_DBG("Added hci%u", d->id);
233 }
234
235 read_unlock(&hci_dev_list_lock);
236
237 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, rp,
238 rp_len);
239
240 kfree(rp);
241
242 return err;
243 }
244
245 static int read_controller_info(struct sock *sk, u16 index)
246 {
247 struct mgmt_rp_read_info rp;
248 struct hci_dev *hdev;
249
250 BT_DBG("sock %p hci%u", sk, index);
251
252 hdev = hci_dev_get(index);
253 if (!hdev)
254 return cmd_status(sk, index, MGMT_OP_READ_INFO,
255 MGMT_STATUS_INVALID_PARAMS);
256
257 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->flags))
258 cancel_delayed_work_sync(&hdev->power_off);
259
260 hci_dev_lock_bh(hdev);
261
262 set_bit(HCI_MGMT, &hdev->flags);
263
264 memset(&rp, 0, sizeof(rp));
265
266 rp.type = hdev->dev_type;
267
268 rp.powered = test_bit(HCI_UP, &hdev->flags);
269 rp.connectable = test_bit(HCI_PSCAN, &hdev->flags);
270 rp.discoverable = test_bit(HCI_ISCAN, &hdev->flags);
271 rp.pairable = test_bit(HCI_PSCAN, &hdev->flags);
272
273 if (test_bit(HCI_AUTH, &hdev->flags))
274 rp.sec_mode = 3;
275 else if (hdev->ssp_mode > 0)
276 rp.sec_mode = 4;
277 else
278 rp.sec_mode = 2;
279
280 bacpy(&rp.bdaddr, &hdev->bdaddr);
281 memcpy(rp.features, hdev->features, 8);
282 memcpy(rp.dev_class, hdev->dev_class, 3);
283 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
284 rp.hci_ver = hdev->hci_ver;
285 put_unaligned_le16(hdev->hci_rev, &rp.hci_rev);
286
287 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
288
289 hci_dev_unlock_bh(hdev);
290 hci_dev_put(hdev);
291
292 return cmd_complete(sk, index, MGMT_OP_READ_INFO, &rp, sizeof(rp));
293 }
294
295 static void mgmt_pending_free(struct pending_cmd *cmd)
296 {
297 sock_put(cmd->sk);
298 kfree(cmd->param);
299 kfree(cmd);
300 }
301
302 static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
303 struct hci_dev *hdev,
304 void *data, u16 len)
305 {
306 struct pending_cmd *cmd;
307
308 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
309 if (!cmd)
310 return NULL;
311
312 cmd->opcode = opcode;
313 cmd->index = hdev->id;
314
315 cmd->param = kmalloc(len, GFP_ATOMIC);
316 if (!cmd->param) {
317 kfree(cmd);
318 return NULL;
319 }
320
321 if (data)
322 memcpy(cmd->param, data, len);
323
324 cmd->sk = sk;
325 sock_hold(sk);
326
327 list_add(&cmd->list, &hdev->mgmt_pending);
328
329 return cmd;
330 }
331
332 static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
333 void (*cb)(struct pending_cmd *cmd, void *data),
334 void *data)
335 {
336 struct list_head *p, *n;
337
338 list_for_each_safe(p, n, &hdev->mgmt_pending) {
339 struct pending_cmd *cmd;
340
341 cmd = list_entry(p, struct pending_cmd, list);
342
343 if (opcode > 0 && cmd->opcode != opcode)
344 continue;
345
346 cb(cmd, data);
347 }
348 }
349
350 static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
351 {
352 struct pending_cmd *cmd;
353
354 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
355 if (cmd->opcode == opcode)
356 return cmd;
357 }
358
359 return NULL;
360 }
361
362 static void mgmt_pending_remove(struct pending_cmd *cmd)
363 {
364 list_del(&cmd->list);
365 mgmt_pending_free(cmd);
366 }
367
368 static int send_mode_rsp(struct sock *sk, u16 opcode, u16 index, u8 val)
369 {
370 struct mgmt_mode rp;
371
372 rp.val = val;
373
374 return cmd_complete(sk, index, opcode, &rp, sizeof(rp));
375 }
376
377 static int set_powered(struct sock *sk, u16 index, unsigned char *data, u16 len)
378 {
379 struct mgmt_mode *cp;
380 struct hci_dev *hdev;
381 struct pending_cmd *cmd;
382 int err, up;
383
384 cp = (void *) data;
385
386 BT_DBG("request for hci%u", index);
387
388 if (len != sizeof(*cp))
389 return cmd_status(sk, index, MGMT_OP_SET_POWERED,
390 MGMT_STATUS_INVALID_PARAMS);
391
392 hdev = hci_dev_get(index);
393 if (!hdev)
394 return cmd_status(sk, index, MGMT_OP_SET_POWERED,
395 MGMT_STATUS_INVALID_PARAMS);
396
397 hci_dev_lock_bh(hdev);
398
399 up = test_bit(HCI_UP, &hdev->flags);
400 if ((cp->val && up) || (!cp->val && !up)) {
401 err = send_mode_rsp(sk, index, MGMT_OP_SET_POWERED, cp->val);
402 goto failed;
403 }
404
405 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
406 err = cmd_status(sk, index, MGMT_OP_SET_POWERED,
407 MGMT_STATUS_BUSY);
408 goto failed;
409 }
410
411 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
412 if (!cmd) {
413 err = -ENOMEM;
414 goto failed;
415 }
416
417 if (cp->val)
418 queue_work(hdev->workqueue, &hdev->power_on);
419 else
420 queue_work(hdev->workqueue, &hdev->power_off.work);
421
422 err = 0;
423
424 failed:
425 hci_dev_unlock_bh(hdev);
426 hci_dev_put(hdev);
427 return err;
428 }
429
430 static int set_discoverable(struct sock *sk, u16 index, unsigned char *data,
431 u16 len)
432 {
433 struct mgmt_cp_set_discoverable *cp;
434 struct hci_dev *hdev;
435 struct pending_cmd *cmd;
436 u8 scan;
437 int err;
438
439 cp = (void *) data;
440
441 BT_DBG("request for hci%u", index);
442
443 if (len != sizeof(*cp))
444 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
445 MGMT_STATUS_INVALID_PARAMS);
446
447 hdev = hci_dev_get(index);
448 if (!hdev)
449 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
450 MGMT_STATUS_INVALID_PARAMS);
451
452 hci_dev_lock_bh(hdev);
453
454 if (!test_bit(HCI_UP, &hdev->flags)) {
455 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
456 MGMT_STATUS_NOT_POWERED);
457 goto failed;
458 }
459
460 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
461 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
462 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
463 MGMT_STATUS_BUSY);
464 goto failed;
465 }
466
467 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
468 test_bit(HCI_PSCAN, &hdev->flags)) {
469 err = send_mode_rsp(sk, index, MGMT_OP_SET_DISCOVERABLE,
470 cp->val);
471 goto failed;
472 }
473
474 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
475 if (!cmd) {
476 err = -ENOMEM;
477 goto failed;
478 }
479
480 scan = SCAN_PAGE;
481
482 if (cp->val)
483 scan |= SCAN_INQUIRY;
484 else
485 cancel_delayed_work(&hdev->discov_off);
486
487 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
488 if (err < 0)
489 mgmt_pending_remove(cmd);
490
491 if (cp->val)
492 hdev->discov_timeout = get_unaligned_le16(&cp->timeout);
493
494 failed:
495 hci_dev_unlock_bh(hdev);
496 hci_dev_put(hdev);
497
498 return err;
499 }
500
501 static int set_connectable(struct sock *sk, u16 index, unsigned char *data,
502 u16 len)
503 {
504 struct mgmt_mode *cp;
505 struct hci_dev *hdev;
506 struct pending_cmd *cmd;
507 u8 scan;
508 int err;
509
510 cp = (void *) data;
511
512 BT_DBG("request for hci%u", index);
513
514 if (len != sizeof(*cp))
515 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
516 MGMT_STATUS_INVALID_PARAMS);
517
518 hdev = hci_dev_get(index);
519 if (!hdev)
520 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
521 MGMT_STATUS_INVALID_PARAMS);
522
523 hci_dev_lock_bh(hdev);
524
525 if (!test_bit(HCI_UP, &hdev->flags)) {
526 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
527 MGMT_STATUS_NOT_POWERED);
528 goto failed;
529 }
530
531 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
532 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
533 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
534 MGMT_STATUS_BUSY);
535 goto failed;
536 }
537
538 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
539 err = send_mode_rsp(sk, index, MGMT_OP_SET_CONNECTABLE,
540 cp->val);
541 goto failed;
542 }
543
544 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
545 if (!cmd) {
546 err = -ENOMEM;
547 goto failed;
548 }
549
550 if (cp->val)
551 scan = SCAN_PAGE;
552 else
553 scan = 0;
554
555 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
556 if (err < 0)
557 mgmt_pending_remove(cmd);
558
559 failed:
560 hci_dev_unlock_bh(hdev);
561 hci_dev_put(hdev);
562
563 return err;
564 }
565
566 static int mgmt_event(u16 event, struct hci_dev *hdev, void *data,
567 u16 data_len, struct sock *skip_sk)
568 {
569 struct sk_buff *skb;
570 struct mgmt_hdr *hdr;
571
572 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
573 if (!skb)
574 return -ENOMEM;
575
576 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL;
577
578 hdr = (void *) skb_put(skb, sizeof(*hdr));
579 hdr->opcode = cpu_to_le16(event);
580 if (hdev)
581 hdr->index = cpu_to_le16(hdev->id);
582 else
583 hdr->index = cpu_to_le16(MGMT_INDEX_NONE);
584 hdr->len = cpu_to_le16(data_len);
585
586 if (data)
587 memcpy(skb_put(skb, data_len), data, data_len);
588
589 hci_send_to_sock(NULL, skb, skip_sk);
590 kfree_skb(skb);
591
592 return 0;
593 }
594
595 static int set_pairable(struct sock *sk, u16 index, unsigned char *data,
596 u16 len)
597 {
598 struct mgmt_mode *cp, ev;
599 struct hci_dev *hdev;
600 int err;
601
602 cp = (void *) data;
603
604 BT_DBG("request for hci%u", index);
605
606 if (len != sizeof(*cp))
607 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE,
608 MGMT_STATUS_INVALID_PARAMS);
609
610 hdev = hci_dev_get(index);
611 if (!hdev)
612 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE,
613 MGMT_STATUS_INVALID_PARAMS);
614
615 hci_dev_lock_bh(hdev);
616
617 if (cp->val)
618 set_bit(HCI_PAIRABLE, &hdev->flags);
619 else
620 clear_bit(HCI_PAIRABLE, &hdev->flags);
621
622 err = send_mode_rsp(sk, MGMT_OP_SET_PAIRABLE, index, cp->val);
623 if (err < 0)
624 goto failed;
625
626 ev.val = cp->val;
627
628 err = mgmt_event(MGMT_EV_PAIRABLE, hdev, &ev, sizeof(ev), sk);
629
630 failed:
631 hci_dev_unlock_bh(hdev);
632 hci_dev_put(hdev);
633
634 return err;
635 }
636
637 #define EIR_FLAGS 0x01 /* flags */
638 #define EIR_UUID16_SOME 0x02 /* 16-bit UUID, more available */
639 #define EIR_UUID16_ALL 0x03 /* 16-bit UUID, all listed */
640 #define EIR_UUID32_SOME 0x04 /* 32-bit UUID, more available */
641 #define EIR_UUID32_ALL 0x05 /* 32-bit UUID, all listed */
642 #define EIR_UUID128_SOME 0x06 /* 128-bit UUID, more available */
643 #define EIR_UUID128_ALL 0x07 /* 128-bit UUID, all listed */
644 #define EIR_NAME_SHORT 0x08 /* shortened local name */
645 #define EIR_NAME_COMPLETE 0x09 /* complete local name */
646 #define EIR_TX_POWER 0x0A /* transmit power level */
647 #define EIR_DEVICE_ID 0x10 /* device ID */
648
649 #define PNP_INFO_SVCLASS_ID 0x1200
650
651 static u8 bluetooth_base_uuid[] = {
652 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
653 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
654 };
655
656 static u16 get_uuid16(u8 *uuid128)
657 {
658 u32 val;
659 int i;
660
661 for (i = 0; i < 12; i++) {
662 if (bluetooth_base_uuid[i] != uuid128[i])
663 return 0;
664 }
665
666 memcpy(&val, &uuid128[12], 4);
667
668 val = le32_to_cpu(val);
669 if (val > 0xffff)
670 return 0;
671
672 return (u16) val;
673 }
674
675 static void create_eir(struct hci_dev *hdev, u8 *data)
676 {
677 u8 *ptr = data;
678 u16 eir_len = 0;
679 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
680 int i, truncated = 0;
681 struct bt_uuid *uuid;
682 size_t name_len;
683
684 name_len = strlen(hdev->dev_name);
685
686 if (name_len > 0) {
687 /* EIR Data type */
688 if (name_len > 48) {
689 name_len = 48;
690 ptr[1] = EIR_NAME_SHORT;
691 } else
692 ptr[1] = EIR_NAME_COMPLETE;
693
694 /* EIR Data length */
695 ptr[0] = name_len + 1;
696
697 memcpy(ptr + 2, hdev->dev_name, name_len);
698
699 eir_len += (name_len + 2);
700 ptr += (name_len + 2);
701 }
702
703 memset(uuid16_list, 0, sizeof(uuid16_list));
704
705 /* Group all UUID16 types */
706 list_for_each_entry(uuid, &hdev->uuids, list) {
707 u16 uuid16;
708
709 uuid16 = get_uuid16(uuid->uuid);
710 if (uuid16 == 0)
711 return;
712
713 if (uuid16 < 0x1100)
714 continue;
715
716 if (uuid16 == PNP_INFO_SVCLASS_ID)
717 continue;
718
719 /* Stop if not enough space to put next UUID */
720 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
721 truncated = 1;
722 break;
723 }
724
725 /* Check for duplicates */
726 for (i = 0; uuid16_list[i] != 0; i++)
727 if (uuid16_list[i] == uuid16)
728 break;
729
730 if (uuid16_list[i] == 0) {
731 uuid16_list[i] = uuid16;
732 eir_len += sizeof(u16);
733 }
734 }
735
736 if (uuid16_list[0] != 0) {
737 u8 *length = ptr;
738
739 /* EIR Data type */
740 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
741
742 ptr += 2;
743 eir_len += 2;
744
745 for (i = 0; uuid16_list[i] != 0; i++) {
746 *ptr++ = (uuid16_list[i] & 0x00ff);
747 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
748 }
749
750 /* EIR Data length */
751 *length = (i * sizeof(u16)) + 1;
752 }
753 }
754
755 static int update_eir(struct hci_dev *hdev)
756 {
757 struct hci_cp_write_eir cp;
758
759 if (!(hdev->features[6] & LMP_EXT_INQ))
760 return 0;
761
762 if (hdev->ssp_mode == 0)
763 return 0;
764
765 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
766 return 0;
767
768 memset(&cp, 0, sizeof(cp));
769
770 create_eir(hdev, cp.data);
771
772 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
773 return 0;
774
775 memcpy(hdev->eir, cp.data, sizeof(cp.data));
776
777 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
778 }
779
780 static u8 get_service_classes(struct hci_dev *hdev)
781 {
782 struct bt_uuid *uuid;
783 u8 val = 0;
784
785 list_for_each_entry(uuid, &hdev->uuids, list)
786 val |= uuid->svc_hint;
787
788 return val;
789 }
790
791 static int update_class(struct hci_dev *hdev)
792 {
793 u8 cod[3];
794
795 BT_DBG("%s", hdev->name);
796
797 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
798 return 0;
799
800 cod[0] = hdev->minor_class;
801 cod[1] = hdev->major_class;
802 cod[2] = get_service_classes(hdev);
803
804 if (memcmp(cod, hdev->dev_class, 3) == 0)
805 return 0;
806
807 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
808 }
809
810 static int add_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
811 {
812 struct mgmt_cp_add_uuid *cp;
813 struct hci_dev *hdev;
814 struct bt_uuid *uuid;
815 int err;
816
817 cp = (void *) data;
818
819 BT_DBG("request for hci%u", index);
820
821 if (len != sizeof(*cp))
822 return cmd_status(sk, index, MGMT_OP_ADD_UUID,
823 MGMT_STATUS_INVALID_PARAMS);
824
825 hdev = hci_dev_get(index);
826 if (!hdev)
827 return cmd_status(sk, index, MGMT_OP_ADD_UUID,
828 MGMT_STATUS_INVALID_PARAMS);
829
830 hci_dev_lock_bh(hdev);
831
832 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
833 if (!uuid) {
834 err = -ENOMEM;
835 goto failed;
836 }
837
838 memcpy(uuid->uuid, cp->uuid, 16);
839 uuid->svc_hint = cp->svc_hint;
840
841 list_add(&uuid->list, &hdev->uuids);
842
843 err = update_class(hdev);
844 if (err < 0)
845 goto failed;
846
847 err = update_eir(hdev);
848 if (err < 0)
849 goto failed;
850
851 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, NULL, 0);
852
853 failed:
854 hci_dev_unlock_bh(hdev);
855 hci_dev_put(hdev);
856
857 return err;
858 }
859
860 static int remove_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
861 {
862 struct list_head *p, *n;
863 struct mgmt_cp_remove_uuid *cp;
864 struct hci_dev *hdev;
865 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
866 int err, found;
867
868 cp = (void *) data;
869
870 BT_DBG("request for hci%u", index);
871
872 if (len != sizeof(*cp))
873 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
874 MGMT_STATUS_INVALID_PARAMS);
875
876 hdev = hci_dev_get(index);
877 if (!hdev)
878 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
879 MGMT_STATUS_INVALID_PARAMS);
880
881 hci_dev_lock_bh(hdev);
882
883 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
884 err = hci_uuids_clear(hdev);
885 goto unlock;
886 }
887
888 found = 0;
889
890 list_for_each_safe(p, n, &hdev->uuids) {
891 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
892
893 if (memcmp(match->uuid, cp->uuid, 16) != 0)
894 continue;
895
896 list_del(&match->list);
897 found++;
898 }
899
900 if (found == 0) {
901 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
902 MGMT_STATUS_INVALID_PARAMS);
903 goto unlock;
904 }
905
906 err = update_class(hdev);
907 if (err < 0)
908 goto unlock;
909
910 err = update_eir(hdev);
911 if (err < 0)
912 goto unlock;
913
914 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, NULL, 0);
915
916 unlock:
917 hci_dev_unlock_bh(hdev);
918 hci_dev_put(hdev);
919
920 return err;
921 }
922
923 static int set_dev_class(struct sock *sk, u16 index, unsigned char *data,
924 u16 len)
925 {
926 struct hci_dev *hdev;
927 struct mgmt_cp_set_dev_class *cp;
928 int err;
929
930 cp = (void *) data;
931
932 BT_DBG("request for hci%u", index);
933
934 if (len != sizeof(*cp))
935 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
936 MGMT_STATUS_INVALID_PARAMS);
937
938 hdev = hci_dev_get(index);
939 if (!hdev)
940 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
941 MGMT_STATUS_INVALID_PARAMS);
942
943 hci_dev_lock_bh(hdev);
944
945 hdev->major_class = cp->major;
946 hdev->minor_class = cp->minor;
947
948 err = update_class(hdev);
949
950 if (err == 0)
951 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, NULL, 0);
952
953 hci_dev_unlock_bh(hdev);
954 hci_dev_put(hdev);
955
956 return err;
957 }
958
959 static int set_service_cache(struct sock *sk, u16 index, unsigned char *data,
960 u16 len)
961 {
962 struct hci_dev *hdev;
963 struct mgmt_cp_set_service_cache *cp;
964 int err;
965
966 cp = (void *) data;
967
968 if (len != sizeof(*cp))
969 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE,
970 MGMT_STATUS_INVALID_PARAMS);
971
972 hdev = hci_dev_get(index);
973 if (!hdev)
974 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE,
975 MGMT_STATUS_INVALID_PARAMS);
976
977 hci_dev_lock_bh(hdev);
978
979 BT_DBG("hci%u enable %d", index, cp->enable);
980
981 if (cp->enable) {
982 set_bit(HCI_SERVICE_CACHE, &hdev->flags);
983 err = 0;
984 } else {
985 clear_bit(HCI_SERVICE_CACHE, &hdev->flags);
986 err = update_class(hdev);
987 if (err == 0)
988 err = update_eir(hdev);
989 }
990
991 if (err == 0)
992 err = cmd_complete(sk, index, MGMT_OP_SET_SERVICE_CACHE, NULL,
993 0);
994 else
995 cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, -err);
996
997
998 hci_dev_unlock_bh(hdev);
999 hci_dev_put(hdev);
1000
1001 return err;
1002 }
1003
1004 static int load_link_keys(struct sock *sk, u16 index, unsigned char *data,
1005 u16 len)
1006 {
1007 struct hci_dev *hdev;
1008 struct mgmt_cp_load_link_keys *cp;
1009 u16 key_count, expected_len;
1010 int i;
1011
1012 cp = (void *) data;
1013
1014 if (len < sizeof(*cp))
1015 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1016 MGMT_STATUS_INVALID_PARAMS);
1017
1018 key_count = get_unaligned_le16(&cp->key_count);
1019
1020 expected_len = sizeof(*cp) + key_count *
1021 sizeof(struct mgmt_link_key_info);
1022 if (expected_len != len) {
1023 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
1024 len, expected_len);
1025 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1026 MGMT_STATUS_INVALID_PARAMS);
1027 }
1028
1029 hdev = hci_dev_get(index);
1030 if (!hdev)
1031 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1032 MGMT_STATUS_INVALID_PARAMS);
1033
1034 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys,
1035 key_count);
1036
1037 hci_dev_lock_bh(hdev);
1038
1039 hci_link_keys_clear(hdev);
1040
1041 set_bit(HCI_LINK_KEYS, &hdev->flags);
1042
1043 if (cp->debug_keys)
1044 set_bit(HCI_DEBUG_KEYS, &hdev->flags);
1045 else
1046 clear_bit(HCI_DEBUG_KEYS, &hdev->flags);
1047
1048 for (i = 0; i < key_count; i++) {
1049 struct mgmt_link_key_info *key = &cp->keys[i];
1050
1051 hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type,
1052 key->pin_len);
1053 }
1054
1055 hci_dev_unlock_bh(hdev);
1056 hci_dev_put(hdev);
1057
1058 return 0;
1059 }
1060
1061 static int remove_keys(struct sock *sk, u16 index, unsigned char *data,
1062 u16 len)
1063 {
1064 struct hci_dev *hdev;
1065 struct mgmt_cp_remove_keys *cp;
1066 struct mgmt_rp_remove_keys rp;
1067 struct hci_cp_disconnect dc;
1068 struct pending_cmd *cmd;
1069 struct hci_conn *conn;
1070 int err;
1071
1072 cp = (void *) data;
1073
1074 if (len != sizeof(*cp))
1075 return cmd_status(sk, index, MGMT_OP_REMOVE_KEYS,
1076 MGMT_STATUS_INVALID_PARAMS);
1077
1078 hdev = hci_dev_get(index);
1079 if (!hdev)
1080 return cmd_status(sk, index, MGMT_OP_REMOVE_KEYS,
1081 MGMT_STATUS_INVALID_PARAMS);
1082
1083 hci_dev_lock_bh(hdev);
1084
1085 memset(&rp, 0, sizeof(rp));
1086 bacpy(&rp.bdaddr, &cp->bdaddr);
1087 rp.status = MGMT_STATUS_FAILED;
1088
1089 err = hci_remove_link_key(hdev, &cp->bdaddr);
1090 if (err < 0) {
1091 rp.status = MGMT_STATUS_NOT_PAIRED;
1092 goto unlock;
1093 }
1094
1095 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect) {
1096 err = cmd_complete(sk, index, MGMT_OP_REMOVE_KEYS, &rp,
1097 sizeof(rp));
1098 goto unlock;
1099 }
1100
1101 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1102 if (!conn) {
1103 err = cmd_complete(sk, index, MGMT_OP_REMOVE_KEYS, &rp,
1104 sizeof(rp));
1105 goto unlock;
1106 }
1107
1108 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_KEYS, hdev, cp, sizeof(*cp));
1109 if (!cmd) {
1110 err = -ENOMEM;
1111 goto unlock;
1112 }
1113
1114 put_unaligned_le16(conn->handle, &dc.handle);
1115 dc.reason = 0x13; /* Remote User Terminated Connection */
1116 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1117 if (err < 0)
1118 mgmt_pending_remove(cmd);
1119
1120 unlock:
1121 if (err < 0)
1122 err = cmd_complete(sk, index, MGMT_OP_REMOVE_KEYS, &rp,
1123 sizeof(rp));
1124 hci_dev_unlock_bh(hdev);
1125 hci_dev_put(hdev);
1126
1127 return err;
1128 }
1129
1130 static int disconnect(struct sock *sk, u16 index, unsigned char *data, u16 len)
1131 {
1132 struct hci_dev *hdev;
1133 struct mgmt_cp_disconnect *cp;
1134 struct hci_cp_disconnect dc;
1135 struct pending_cmd *cmd;
1136 struct hci_conn *conn;
1137 int err;
1138
1139 BT_DBG("");
1140
1141 cp = (void *) data;
1142
1143 if (len != sizeof(*cp))
1144 return cmd_status(sk, index, MGMT_OP_DISCONNECT,
1145 MGMT_STATUS_INVALID_PARAMS);
1146
1147 hdev = hci_dev_get(index);
1148 if (!hdev)
1149 return cmd_status(sk, index, MGMT_OP_DISCONNECT,
1150 MGMT_STATUS_INVALID_PARAMS);
1151
1152 hci_dev_lock_bh(hdev);
1153
1154 if (!test_bit(HCI_UP, &hdev->flags)) {
1155 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1156 MGMT_STATUS_NOT_POWERED);
1157 goto failed;
1158 }
1159
1160 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
1161 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1162 MGMT_STATUS_BUSY);
1163 goto failed;
1164 }
1165
1166 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1167 if (!conn)
1168 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->bdaddr);
1169
1170 if (!conn) {
1171 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1172 MGMT_STATUS_NOT_CONNECTED);
1173 goto failed;
1174 }
1175
1176 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
1177 if (!cmd) {
1178 err = -ENOMEM;
1179 goto failed;
1180 }
1181
1182 put_unaligned_le16(conn->handle, &dc.handle);
1183 dc.reason = 0x13; /* Remote User Terminated Connection */
1184
1185 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1186 if (err < 0)
1187 mgmt_pending_remove(cmd);
1188
1189 failed:
1190 hci_dev_unlock_bh(hdev);
1191 hci_dev_put(hdev);
1192
1193 return err;
1194 }
1195
1196 static u8 link_to_mgmt(u8 link_type, u8 addr_type)
1197 {
1198 switch (link_type) {
1199 case LE_LINK:
1200 switch (addr_type) {
1201 case ADDR_LE_DEV_PUBLIC:
1202 return MGMT_ADDR_LE_PUBLIC;
1203 case ADDR_LE_DEV_RANDOM:
1204 return MGMT_ADDR_LE_RANDOM;
1205 default:
1206 return MGMT_ADDR_INVALID;
1207 }
1208 case ACL_LINK:
1209 return MGMT_ADDR_BREDR;
1210 default:
1211 return MGMT_ADDR_INVALID;
1212 }
1213 }
1214
1215 static int get_connections(struct sock *sk, u16 index)
1216 {
1217 struct mgmt_rp_get_connections *rp;
1218 struct hci_dev *hdev;
1219 struct hci_conn *c;
1220 struct list_head *p;
1221 size_t rp_len;
1222 u16 count;
1223 int i, err;
1224
1225 BT_DBG("");
1226
1227 hdev = hci_dev_get(index);
1228 if (!hdev)
1229 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS,
1230 MGMT_STATUS_INVALID_PARAMS);
1231
1232 hci_dev_lock_bh(hdev);
1233
1234 count = 0;
1235 list_for_each(p, &hdev->conn_hash.list) {
1236 count++;
1237 }
1238
1239 rp_len = sizeof(*rp) + (count * sizeof(struct mgmt_addr_info));
1240 rp = kmalloc(rp_len, GFP_ATOMIC);
1241 if (!rp) {
1242 err = -ENOMEM;
1243 goto unlock;
1244 }
1245
1246 put_unaligned_le16(count, &rp->conn_count);
1247
1248 i = 0;
1249 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1250 bacpy(&rp->addr[i].bdaddr, &c->dst);
1251 rp->addr[i].type = link_to_mgmt(c->type, c->dst_type);
1252 if (rp->addr[i].type == MGMT_ADDR_INVALID)
1253 continue;
1254 i++;
1255 }
1256
1257 /* Recalculate length in case of filtered SCO connections, etc */
1258 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
1259
1260 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, rp, rp_len);
1261
1262 unlock:
1263 kfree(rp);
1264 hci_dev_unlock_bh(hdev);
1265 hci_dev_put(hdev);
1266 return err;
1267 }
1268
1269 static int send_pin_code_neg_reply(struct sock *sk, u16 index,
1270 struct hci_dev *hdev, struct mgmt_cp_pin_code_neg_reply *cp)
1271 {
1272 struct pending_cmd *cmd;
1273 int err;
1274
1275 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
1276 sizeof(*cp));
1277 if (!cmd)
1278 return -ENOMEM;
1279
1280 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, sizeof(cp->bdaddr),
1281 &cp->bdaddr);
1282 if (err < 0)
1283 mgmt_pending_remove(cmd);
1284
1285 return err;
1286 }
1287
1288 static int pin_code_reply(struct sock *sk, u16 index, unsigned char *data,
1289 u16 len)
1290 {
1291 struct hci_dev *hdev;
1292 struct hci_conn *conn;
1293 struct mgmt_cp_pin_code_reply *cp;
1294 struct mgmt_cp_pin_code_neg_reply ncp;
1295 struct hci_cp_pin_code_reply reply;
1296 struct pending_cmd *cmd;
1297 int err;
1298
1299 BT_DBG("");
1300
1301 cp = (void *) data;
1302
1303 if (len != sizeof(*cp))
1304 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1305 MGMT_STATUS_INVALID_PARAMS);
1306
1307 hdev = hci_dev_get(index);
1308 if (!hdev)
1309 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1310 MGMT_STATUS_INVALID_PARAMS);
1311
1312 hci_dev_lock_bh(hdev);
1313
1314 if (!test_bit(HCI_UP, &hdev->flags)) {
1315 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1316 MGMT_STATUS_NOT_POWERED);
1317 goto failed;
1318 }
1319
1320 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1321 if (!conn) {
1322 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1323 MGMT_STATUS_NOT_CONNECTED);
1324 goto failed;
1325 }
1326
1327 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
1328 bacpy(&ncp.bdaddr, &cp->bdaddr);
1329
1330 BT_ERR("PIN code is not 16 bytes long");
1331
1332 err = send_pin_code_neg_reply(sk, index, hdev, &ncp);
1333 if (err >= 0)
1334 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1335 MGMT_STATUS_INVALID_PARAMS);
1336
1337 goto failed;
1338 }
1339
1340 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
1341 if (!cmd) {
1342 err = -ENOMEM;
1343 goto failed;
1344 }
1345
1346 bacpy(&reply.bdaddr, &cp->bdaddr);
1347 reply.pin_len = cp->pin_len;
1348 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
1349
1350 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1351 if (err < 0)
1352 mgmt_pending_remove(cmd);
1353
1354 failed:
1355 hci_dev_unlock_bh(hdev);
1356 hci_dev_put(hdev);
1357
1358 return err;
1359 }
1360
1361 static int pin_code_neg_reply(struct sock *sk, u16 index, unsigned char *data,
1362 u16 len)
1363 {
1364 struct hci_dev *hdev;
1365 struct mgmt_cp_pin_code_neg_reply *cp;
1366 int err;
1367
1368 BT_DBG("");
1369
1370 cp = (void *) data;
1371
1372 if (len != sizeof(*cp))
1373 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1374 MGMT_STATUS_INVALID_PARAMS);
1375
1376 hdev = hci_dev_get(index);
1377 if (!hdev)
1378 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1379 MGMT_STATUS_INVALID_PARAMS);
1380
1381 hci_dev_lock_bh(hdev);
1382
1383 if (!test_bit(HCI_UP, &hdev->flags)) {
1384 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1385 MGMT_STATUS_NOT_POWERED);
1386 goto failed;
1387 }
1388
1389 err = send_pin_code_neg_reply(sk, index, hdev, cp);
1390
1391 failed:
1392 hci_dev_unlock_bh(hdev);
1393 hci_dev_put(hdev);
1394
1395 return err;
1396 }
1397
1398 static int set_io_capability(struct sock *sk, u16 index, unsigned char *data,
1399 u16 len)
1400 {
1401 struct hci_dev *hdev;
1402 struct mgmt_cp_set_io_capability *cp;
1403
1404 BT_DBG("");
1405
1406 cp = (void *) data;
1407
1408 if (len != sizeof(*cp))
1409 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY,
1410 MGMT_STATUS_INVALID_PARAMS);
1411
1412 hdev = hci_dev_get(index);
1413 if (!hdev)
1414 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY,
1415 MGMT_STATUS_INVALID_PARAMS);
1416
1417 hci_dev_lock_bh(hdev);
1418
1419 hdev->io_capability = cp->io_capability;
1420
1421 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
1422 hdev->io_capability);
1423
1424 hci_dev_unlock_bh(hdev);
1425 hci_dev_put(hdev);
1426
1427 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, NULL, 0);
1428 }
1429
1430 static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1431 {
1432 struct hci_dev *hdev = conn->hdev;
1433 struct pending_cmd *cmd;
1434
1435 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
1436 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1437 continue;
1438
1439 if (cmd->user_data != conn)
1440 continue;
1441
1442 return cmd;
1443 }
1444
1445 return NULL;
1446 }
1447
1448 static void pairing_complete(struct pending_cmd *cmd, u8 status)
1449 {
1450 struct mgmt_rp_pair_device rp;
1451 struct hci_conn *conn = cmd->user_data;
1452
1453 bacpy(&rp.addr.bdaddr, &conn->dst);
1454 rp.addr.type = link_to_mgmt(conn->type, conn->dst_type);
1455 rp.status = status;
1456
1457 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, &rp, sizeof(rp));
1458
1459 /* So we don't get further callbacks for this connection */
1460 conn->connect_cfm_cb = NULL;
1461 conn->security_cfm_cb = NULL;
1462 conn->disconn_cfm_cb = NULL;
1463
1464 hci_conn_put(conn);
1465
1466 mgmt_pending_remove(cmd);
1467 }
1468
1469 static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1470 {
1471 struct pending_cmd *cmd;
1472
1473 BT_DBG("status %u", status);
1474
1475 cmd = find_pairing(conn);
1476 if (!cmd)
1477 BT_DBG("Unable to find a pending command");
1478 else
1479 pairing_complete(cmd, status);
1480 }
1481
1482 static int pair_device(struct sock *sk, u16 index, unsigned char *data, u16 len)
1483 {
1484 struct hci_dev *hdev;
1485 struct mgmt_cp_pair_device *cp;
1486 struct mgmt_rp_pair_device rp;
1487 struct pending_cmd *cmd;
1488 u8 sec_level, auth_type;
1489 struct hci_conn *conn;
1490 int err;
1491
1492 BT_DBG("");
1493
1494 cp = (void *) data;
1495
1496 if (len != sizeof(*cp))
1497 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
1498 MGMT_STATUS_INVALID_PARAMS);
1499
1500 hdev = hci_dev_get(index);
1501 if (!hdev)
1502 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
1503 MGMT_STATUS_INVALID_PARAMS);
1504
1505 hci_dev_lock_bh(hdev);
1506
1507 sec_level = BT_SECURITY_MEDIUM;
1508 if (cp->io_cap == 0x03)
1509 auth_type = HCI_AT_DEDICATED_BONDING;
1510 else
1511 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
1512
1513 if (cp->addr.type == MGMT_ADDR_BREDR)
1514 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr, sec_level,
1515 auth_type);
1516 else
1517 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr, sec_level,
1518 auth_type);
1519
1520 memset(&rp, 0, sizeof(rp));
1521 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1522 rp.addr.type = cp->addr.type;
1523
1524 if (IS_ERR(conn)) {
1525 rp.status = -PTR_ERR(conn);
1526 err = cmd_complete(sk, index, MGMT_OP_PAIR_DEVICE,
1527 &rp, sizeof(rp));
1528 goto unlock;
1529 }
1530
1531 if (conn->connect_cfm_cb) {
1532 hci_conn_put(conn);
1533 rp.status = EBUSY;
1534 err = cmd_complete(sk, index, MGMT_OP_PAIR_DEVICE,
1535 &rp, sizeof(rp));
1536 goto unlock;
1537 }
1538
1539 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
1540 if (!cmd) {
1541 err = -ENOMEM;
1542 hci_conn_put(conn);
1543 goto unlock;
1544 }
1545
1546 /* For LE, just connecting isn't a proof that the pairing finished */
1547 if (cp->addr.type == MGMT_ADDR_BREDR)
1548 conn->connect_cfm_cb = pairing_complete_cb;
1549
1550 conn->security_cfm_cb = pairing_complete_cb;
1551 conn->disconn_cfm_cb = pairing_complete_cb;
1552 conn->io_capability = cp->io_cap;
1553 cmd->user_data = conn;
1554
1555 if (conn->state == BT_CONNECTED &&
1556 hci_conn_security(conn, sec_level, auth_type))
1557 pairing_complete(cmd, 0);
1558
1559 err = 0;
1560
1561 unlock:
1562 hci_dev_unlock_bh(hdev);
1563 hci_dev_put(hdev);
1564
1565 return err;
1566 }
1567
1568 static int user_confirm_reply(struct sock *sk, u16 index, unsigned char *data,
1569 u16 len, int success)
1570 {
1571 struct mgmt_cp_user_confirm_reply *cp = (void *) data;
1572 u16 mgmt_op, hci_op;
1573 struct pending_cmd *cmd;
1574 struct hci_dev *hdev;
1575 int err;
1576
1577 BT_DBG("");
1578
1579 if (success) {
1580 mgmt_op = MGMT_OP_USER_CONFIRM_REPLY;
1581 hci_op = HCI_OP_USER_CONFIRM_REPLY;
1582 } else {
1583 mgmt_op = MGMT_OP_USER_CONFIRM_NEG_REPLY;
1584 hci_op = HCI_OP_USER_CONFIRM_NEG_REPLY;
1585 }
1586
1587 if (len != sizeof(*cp))
1588 return cmd_status(sk, index, mgmt_op,
1589 MGMT_STATUS_INVALID_PARAMS);
1590
1591 hdev = hci_dev_get(index);
1592 if (!hdev)
1593 return cmd_status(sk, index, mgmt_op,
1594 MGMT_STATUS_INVALID_PARAMS);
1595
1596 hci_dev_lock_bh(hdev);
1597
1598 if (!test_bit(HCI_UP, &hdev->flags)) {
1599 err = cmd_status(sk, index, mgmt_op, ENETDOWN);
1600 goto failed;
1601 }
1602
1603 cmd = mgmt_pending_add(sk, mgmt_op, hdev, data, len);
1604 if (!cmd) {
1605 err = -ENOMEM;
1606 goto failed;
1607 }
1608
1609 err = hci_send_cmd(hdev, hci_op, sizeof(cp->bdaddr), &cp->bdaddr);
1610 if (err < 0)
1611 mgmt_pending_remove(cmd);
1612
1613 failed:
1614 hci_dev_unlock_bh(hdev);
1615 hci_dev_put(hdev);
1616
1617 return err;
1618 }
1619
1620 static int set_local_name(struct sock *sk, u16 index, unsigned char *data,
1621 u16 len)
1622 {
1623 struct mgmt_cp_set_local_name *mgmt_cp = (void *) data;
1624 struct hci_cp_write_local_name hci_cp;
1625 struct hci_dev *hdev;
1626 struct pending_cmd *cmd;
1627 int err;
1628
1629 BT_DBG("");
1630
1631 if (len != sizeof(*mgmt_cp))
1632 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME,
1633 MGMT_STATUS_INVALID_PARAMS);
1634
1635 hdev = hci_dev_get(index);
1636 if (!hdev)
1637 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME,
1638 MGMT_STATUS_INVALID_PARAMS);
1639
1640 hci_dev_lock_bh(hdev);
1641
1642 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
1643 if (!cmd) {
1644 err = -ENOMEM;
1645 goto failed;
1646 }
1647
1648 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name));
1649 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp),
1650 &hci_cp);
1651 if (err < 0)
1652 mgmt_pending_remove(cmd);
1653
1654 failed:
1655 hci_dev_unlock_bh(hdev);
1656 hci_dev_put(hdev);
1657
1658 return err;
1659 }
1660
1661 static int read_local_oob_data(struct sock *sk, u16 index)
1662 {
1663 struct hci_dev *hdev;
1664 struct pending_cmd *cmd;
1665 int err;
1666
1667 BT_DBG("hci%u", index);
1668
1669 hdev = hci_dev_get(index);
1670 if (!hdev)
1671 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1672 MGMT_STATUS_INVALID_PARAMS);
1673
1674 hci_dev_lock_bh(hdev);
1675
1676 if (!test_bit(HCI_UP, &hdev->flags)) {
1677 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1678 MGMT_STATUS_NOT_POWERED);
1679 goto unlock;
1680 }
1681
1682 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
1683 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1684 MGMT_STATUS_NOT_SUPPORTED);
1685 goto unlock;
1686 }
1687
1688 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
1689 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1690 MGMT_STATUS_BUSY);
1691 goto unlock;
1692 }
1693
1694 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
1695 if (!cmd) {
1696 err = -ENOMEM;
1697 goto unlock;
1698 }
1699
1700 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
1701 if (err < 0)
1702 mgmt_pending_remove(cmd);
1703
1704 unlock:
1705 hci_dev_unlock_bh(hdev);
1706 hci_dev_put(hdev);
1707
1708 return err;
1709 }
1710
1711 static int add_remote_oob_data(struct sock *sk, u16 index, unsigned char *data,
1712 u16 len)
1713 {
1714 struct hci_dev *hdev;
1715 struct mgmt_cp_add_remote_oob_data *cp = (void *) data;
1716 int err;
1717
1718 BT_DBG("hci%u ", index);
1719
1720 if (len != sizeof(*cp))
1721 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1722 MGMT_STATUS_INVALID_PARAMS);
1723
1724 hdev = hci_dev_get(index);
1725 if (!hdev)
1726 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1727 MGMT_STATUS_INVALID_PARAMS);
1728
1729 hci_dev_lock_bh(hdev);
1730
1731 err = hci_add_remote_oob_data(hdev, &cp->bdaddr, cp->hash,
1732 cp->randomizer);
1733 if (err < 0)
1734 err = cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1735 MGMT_STATUS_FAILED);
1736 else
1737 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, NULL,
1738 0);
1739
1740 hci_dev_unlock_bh(hdev);
1741 hci_dev_put(hdev);
1742
1743 return err;
1744 }
1745
1746 static int remove_remote_oob_data(struct sock *sk, u16 index,
1747 unsigned char *data, u16 len)
1748 {
1749 struct hci_dev *hdev;
1750 struct mgmt_cp_remove_remote_oob_data *cp = (void *) data;
1751 int err;
1752
1753 BT_DBG("hci%u ", index);
1754
1755 if (len != sizeof(*cp))
1756 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1757 MGMT_STATUS_INVALID_PARAMS);
1758
1759 hdev = hci_dev_get(index);
1760 if (!hdev)
1761 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1762 MGMT_STATUS_INVALID_PARAMS);
1763
1764 hci_dev_lock_bh(hdev);
1765
1766 err = hci_remove_remote_oob_data(hdev, &cp->bdaddr);
1767 if (err < 0)
1768 err = cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1769 MGMT_STATUS_INVALID_PARAMS);
1770 else
1771 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1772 NULL, 0);
1773
1774 hci_dev_unlock_bh(hdev);
1775 hci_dev_put(hdev);
1776
1777 return err;
1778 }
1779
1780 static int start_discovery(struct sock *sk, u16 index)
1781 {
1782 struct pending_cmd *cmd;
1783 struct hci_dev *hdev;
1784 int err;
1785
1786 BT_DBG("hci%u", index);
1787
1788 hdev = hci_dev_get(index);
1789 if (!hdev)
1790 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
1791 MGMT_STATUS_INVALID_PARAMS);
1792
1793 hci_dev_lock_bh(hdev);
1794
1795 if (!test_bit(HCI_UP, &hdev->flags)) {
1796 err = cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
1797 MGMT_STATUS_NOT_POWERED);
1798 goto failed;
1799 }
1800
1801 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
1802 if (!cmd) {
1803 err = -ENOMEM;
1804 goto failed;
1805 }
1806
1807 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
1808 if (err < 0)
1809 mgmt_pending_remove(cmd);
1810
1811 failed:
1812 hci_dev_unlock_bh(hdev);
1813 hci_dev_put(hdev);
1814
1815 return err;
1816 }
1817
1818 static int stop_discovery(struct sock *sk, u16 index)
1819 {
1820 struct hci_dev *hdev;
1821 struct pending_cmd *cmd;
1822 int err;
1823
1824 BT_DBG("hci%u", index);
1825
1826 hdev = hci_dev_get(index);
1827 if (!hdev)
1828 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY,
1829 MGMT_STATUS_INVALID_PARAMS);
1830
1831 hci_dev_lock_bh(hdev);
1832
1833 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
1834 if (!cmd) {
1835 err = -ENOMEM;
1836 goto failed;
1837 }
1838
1839 err = hci_cancel_inquiry(hdev);
1840 if (err < 0)
1841 mgmt_pending_remove(cmd);
1842
1843 failed:
1844 hci_dev_unlock_bh(hdev);
1845 hci_dev_put(hdev);
1846
1847 return err;
1848 }
1849
1850 static int block_device(struct sock *sk, u16 index, unsigned char *data,
1851 u16 len)
1852 {
1853 struct hci_dev *hdev;
1854 struct mgmt_cp_block_device *cp = (void *) data;
1855 int err;
1856
1857 BT_DBG("hci%u", index);
1858
1859 if (len != sizeof(*cp))
1860 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1861 MGMT_STATUS_INVALID_PARAMS);
1862
1863 hdev = hci_dev_get(index);
1864 if (!hdev)
1865 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1866 MGMT_STATUS_INVALID_PARAMS);
1867
1868 hci_dev_lock_bh(hdev);
1869
1870 err = hci_blacklist_add(hdev, &cp->bdaddr);
1871 if (err < 0)
1872 err = cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1873 MGMT_STATUS_FAILED);
1874 else
1875 err = cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE,
1876 NULL, 0);
1877
1878 hci_dev_unlock_bh(hdev);
1879 hci_dev_put(hdev);
1880
1881 return err;
1882 }
1883
1884 static int unblock_device(struct sock *sk, u16 index, unsigned char *data,
1885 u16 len)
1886 {
1887 struct hci_dev *hdev;
1888 struct mgmt_cp_unblock_device *cp = (void *) data;
1889 int err;
1890
1891 BT_DBG("hci%u", index);
1892
1893 if (len != sizeof(*cp))
1894 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1895 MGMT_STATUS_INVALID_PARAMS);
1896
1897 hdev = hci_dev_get(index);
1898 if (!hdev)
1899 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1900 MGMT_STATUS_INVALID_PARAMS);
1901
1902 hci_dev_lock_bh(hdev);
1903
1904 err = hci_blacklist_del(hdev, &cp->bdaddr);
1905
1906 if (err < 0)
1907 err = cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1908 MGMT_STATUS_INVALID_PARAMS);
1909 else
1910 err = cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1911 NULL, 0);
1912
1913 hci_dev_unlock_bh(hdev);
1914 hci_dev_put(hdev);
1915
1916 return err;
1917 }
1918
1919 static int set_fast_connectable(struct sock *sk, u16 index,
1920 unsigned char *data, u16 len)
1921 {
1922 struct hci_dev *hdev;
1923 struct mgmt_cp_set_fast_connectable *cp = (void *) data;
1924 struct hci_cp_write_page_scan_activity acp;
1925 u8 type;
1926 int err;
1927
1928 BT_DBG("hci%u", index);
1929
1930 if (len != sizeof(*cp))
1931 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1932 MGMT_STATUS_INVALID_PARAMS);
1933
1934 hdev = hci_dev_get(index);
1935 if (!hdev)
1936 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1937 MGMT_STATUS_INVALID_PARAMS);
1938
1939 hci_dev_lock(hdev);
1940
1941 if (cp->enable) {
1942 type = PAGE_SCAN_TYPE_INTERLACED;
1943 acp.interval = 0x0024; /* 22.5 msec page scan interval */
1944 } else {
1945 type = PAGE_SCAN_TYPE_STANDARD; /* default */
1946 acp.interval = 0x0800; /* default 1.28 sec page scan */
1947 }
1948
1949 acp.window = 0x0012; /* default 11.25 msec page scan window */
1950
1951 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
1952 sizeof(acp), &acp);
1953 if (err < 0) {
1954 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1955 MGMT_STATUS_FAILED);
1956 goto done;
1957 }
1958
1959 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
1960 if (err < 0) {
1961 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1962 MGMT_STATUS_FAILED);
1963 goto done;
1964 }
1965
1966 err = cmd_complete(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1967 NULL, 0);
1968 done:
1969 hci_dev_unlock(hdev);
1970 hci_dev_put(hdev);
1971
1972 return err;
1973 }
1974
1975 int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
1976 {
1977 unsigned char *buf;
1978 struct mgmt_hdr *hdr;
1979 u16 opcode, index, len;
1980 int err;
1981
1982 BT_DBG("got %zu bytes", msglen);
1983
1984 if (msglen < sizeof(*hdr))
1985 return -EINVAL;
1986
1987 buf = kmalloc(msglen, GFP_KERNEL);
1988 if (!buf)
1989 return -ENOMEM;
1990
1991 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
1992 err = -EFAULT;
1993 goto done;
1994 }
1995
1996 hdr = (struct mgmt_hdr *) buf;
1997 opcode = get_unaligned_le16(&hdr->opcode);
1998 index = get_unaligned_le16(&hdr->index);
1999 len = get_unaligned_le16(&hdr->len);
2000
2001 if (len != msglen - sizeof(*hdr)) {
2002 err = -EINVAL;
2003 goto done;
2004 }
2005
2006 switch (opcode) {
2007 case MGMT_OP_READ_VERSION:
2008 err = read_version(sk);
2009 break;
2010 case MGMT_OP_READ_INDEX_LIST:
2011 err = read_index_list(sk);
2012 break;
2013 case MGMT_OP_READ_INFO:
2014 err = read_controller_info(sk, index);
2015 break;
2016 case MGMT_OP_SET_POWERED:
2017 err = set_powered(sk, index, buf + sizeof(*hdr), len);
2018 break;
2019 case MGMT_OP_SET_DISCOVERABLE:
2020 err = set_discoverable(sk, index, buf + sizeof(*hdr), len);
2021 break;
2022 case MGMT_OP_SET_CONNECTABLE:
2023 err = set_connectable(sk, index, buf + sizeof(*hdr), len);
2024 break;
2025 case MGMT_OP_SET_PAIRABLE:
2026 err = set_pairable(sk, index, buf + sizeof(*hdr), len);
2027 break;
2028 case MGMT_OP_ADD_UUID:
2029 err = add_uuid(sk, index, buf + sizeof(*hdr), len);
2030 break;
2031 case MGMT_OP_REMOVE_UUID:
2032 err = remove_uuid(sk, index, buf + sizeof(*hdr), len);
2033 break;
2034 case MGMT_OP_SET_DEV_CLASS:
2035 err = set_dev_class(sk, index, buf + sizeof(*hdr), len);
2036 break;
2037 case MGMT_OP_SET_SERVICE_CACHE:
2038 err = set_service_cache(sk, index, buf + sizeof(*hdr), len);
2039 break;
2040 case MGMT_OP_LOAD_LINK_KEYS:
2041 err = load_link_keys(sk, index, buf + sizeof(*hdr), len);
2042 break;
2043 case MGMT_OP_REMOVE_KEYS:
2044 err = remove_keys(sk, index, buf + sizeof(*hdr), len);
2045 break;
2046 case MGMT_OP_DISCONNECT:
2047 err = disconnect(sk, index, buf + sizeof(*hdr), len);
2048 break;
2049 case MGMT_OP_GET_CONNECTIONS:
2050 err = get_connections(sk, index);
2051 break;
2052 case MGMT_OP_PIN_CODE_REPLY:
2053 err = pin_code_reply(sk, index, buf + sizeof(*hdr), len);
2054 break;
2055 case MGMT_OP_PIN_CODE_NEG_REPLY:
2056 err = pin_code_neg_reply(sk, index, buf + sizeof(*hdr), len);
2057 break;
2058 case MGMT_OP_SET_IO_CAPABILITY:
2059 err = set_io_capability(sk, index, buf + sizeof(*hdr), len);
2060 break;
2061 case MGMT_OP_PAIR_DEVICE:
2062 err = pair_device(sk, index, buf + sizeof(*hdr), len);
2063 break;
2064 case MGMT_OP_USER_CONFIRM_REPLY:
2065 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 1);
2066 break;
2067 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
2068 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 0);
2069 break;
2070 case MGMT_OP_SET_LOCAL_NAME:
2071 err = set_local_name(sk, index, buf + sizeof(*hdr), len);
2072 break;
2073 case MGMT_OP_READ_LOCAL_OOB_DATA:
2074 err = read_local_oob_data(sk, index);
2075 break;
2076 case MGMT_OP_ADD_REMOTE_OOB_DATA:
2077 err = add_remote_oob_data(sk, index, buf + sizeof(*hdr), len);
2078 break;
2079 case MGMT_OP_REMOVE_REMOTE_OOB_DATA:
2080 err = remove_remote_oob_data(sk, index, buf + sizeof(*hdr),
2081 len);
2082 break;
2083 case MGMT_OP_START_DISCOVERY:
2084 err = start_discovery(sk, index);
2085 break;
2086 case MGMT_OP_STOP_DISCOVERY:
2087 err = stop_discovery(sk, index);
2088 break;
2089 case MGMT_OP_BLOCK_DEVICE:
2090 err = block_device(sk, index, buf + sizeof(*hdr), len);
2091 break;
2092 case MGMT_OP_UNBLOCK_DEVICE:
2093 err = unblock_device(sk, index, buf + sizeof(*hdr), len);
2094 break;
2095 case MGMT_OP_SET_FAST_CONNECTABLE:
2096 err = set_fast_connectable(sk, index, buf + sizeof(*hdr),
2097 len);
2098 break;
2099 default:
2100 BT_DBG("Unknown op %u", opcode);
2101 err = cmd_status(sk, index, opcode,
2102 MGMT_STATUS_UNKNOWN_COMMAND);
2103 break;
2104 }
2105
2106 if (err < 0)
2107 goto done;
2108
2109 err = msglen;
2110
2111 done:
2112 kfree(buf);
2113 return err;
2114 }
2115
2116 static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
2117 {
2118 u8 *status = data;
2119
2120 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
2121 mgmt_pending_remove(cmd);
2122 }
2123
2124 int mgmt_index_added(struct hci_dev *hdev)
2125 {
2126 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
2127 }
2128
2129 int mgmt_index_removed(struct hci_dev *hdev)
2130 {
2131 u8 status = ENODEV;
2132
2133 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
2134
2135 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
2136 }
2137
2138 struct cmd_lookup {
2139 u8 val;
2140 struct sock *sk;
2141 };
2142
2143 static void mode_rsp(struct pending_cmd *cmd, void *data)
2144 {
2145 struct mgmt_mode *cp = cmd->param;
2146 struct cmd_lookup *match = data;
2147
2148 if (cp->val != match->val)
2149 return;
2150
2151 send_mode_rsp(cmd->sk, cmd->opcode, cmd->index, cp->val);
2152
2153 list_del(&cmd->list);
2154
2155 if (match->sk == NULL) {
2156 match->sk = cmd->sk;
2157 sock_hold(match->sk);
2158 }
2159
2160 mgmt_pending_free(cmd);
2161 }
2162
2163 int mgmt_powered(struct hci_dev *hdev, u8 powered)
2164 {
2165 struct mgmt_mode ev;
2166 struct cmd_lookup match = { powered, NULL };
2167 int ret;
2168
2169 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, mode_rsp, &match);
2170
2171 if (!powered) {
2172 u8 status = ENETDOWN;
2173 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
2174 }
2175
2176 ev.val = powered;
2177
2178 ret = mgmt_event(MGMT_EV_POWERED, hdev, &ev, sizeof(ev), match.sk);
2179
2180 if (match.sk)
2181 sock_put(match.sk);
2182
2183 return ret;
2184 }
2185
2186 int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
2187 {
2188 struct mgmt_mode ev;
2189 struct cmd_lookup match = { discoverable, NULL };
2190 int ret;
2191
2192 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, mode_rsp, &match);
2193
2194 ev.val = discoverable;
2195
2196 ret = mgmt_event(MGMT_EV_DISCOVERABLE, hdev, &ev, sizeof(ev),
2197 match.sk);
2198
2199 if (match.sk)
2200 sock_put(match.sk);
2201
2202 return ret;
2203 }
2204
2205 int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
2206 {
2207 struct mgmt_mode ev;
2208 struct cmd_lookup match = { connectable, NULL };
2209 int ret;
2210
2211 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, mode_rsp, &match);
2212
2213 ev.val = connectable;
2214
2215 ret = mgmt_event(MGMT_EV_CONNECTABLE, hdev, &ev, sizeof(ev), match.sk);
2216
2217 if (match.sk)
2218 sock_put(match.sk);
2219
2220 return ret;
2221 }
2222
2223 int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2224 {
2225 u8 mgmt_err = mgmt_status(status);
2226
2227 if (scan & SCAN_PAGE)
2228 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
2229 cmd_status_rsp, &mgmt_err);
2230
2231 if (scan & SCAN_INQUIRY)
2232 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
2233 cmd_status_rsp, &mgmt_err);
2234
2235 return 0;
2236 }
2237
2238 int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
2239 u8 persistent)
2240 {
2241 struct mgmt_ev_new_link_key ev;
2242
2243 memset(&ev, 0, sizeof(ev));
2244
2245 ev.store_hint = persistent;
2246 bacpy(&ev.key.bdaddr, &key->bdaddr);
2247 ev.key.type = key->type;
2248 memcpy(ev.key.val, key->val, 16);
2249 ev.key.pin_len = key->pin_len;
2250
2251 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
2252 }
2253
2254 int mgmt_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2255 u8 addr_type)
2256 {
2257 struct mgmt_addr_info ev;
2258
2259 bacpy(&ev.bdaddr, bdaddr);
2260 ev.type = link_to_mgmt(link_type, addr_type);
2261
2262 return mgmt_event(MGMT_EV_CONNECTED, hdev, &ev, sizeof(ev), NULL);
2263 }
2264
2265 static void disconnect_rsp(struct pending_cmd *cmd, void *data)
2266 {
2267 struct mgmt_cp_disconnect *cp = cmd->param;
2268 struct sock **sk = data;
2269 struct mgmt_rp_disconnect rp;
2270
2271 bacpy(&rp.bdaddr, &cp->bdaddr);
2272 rp.status = 0;
2273
2274 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, &rp, sizeof(rp));
2275
2276 *sk = cmd->sk;
2277 sock_hold(*sk);
2278
2279 mgmt_pending_remove(cmd);
2280 }
2281
2282 static void remove_keys_rsp(struct pending_cmd *cmd, void *data)
2283 {
2284 u8 *status = data;
2285 struct mgmt_cp_remove_keys *cp = cmd->param;
2286 struct mgmt_rp_remove_keys rp;
2287
2288 memset(&rp, 0, sizeof(rp));
2289 bacpy(&rp.bdaddr, &cp->bdaddr);
2290 if (status != NULL)
2291 rp.status = *status;
2292
2293 cmd_complete(cmd->sk, cmd->index, MGMT_OP_REMOVE_KEYS, &rp,
2294 sizeof(rp));
2295
2296 mgmt_pending_remove(cmd);
2297 }
2298
2299 int mgmt_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2300 u8 addr_type)
2301 {
2302 struct mgmt_addr_info ev;
2303 struct sock *sk = NULL;
2304 int err;
2305
2306 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
2307
2308 bacpy(&ev.bdaddr, bdaddr);
2309 ev.type = link_to_mgmt(link_type, addr_type);
2310
2311 err = mgmt_event(MGMT_EV_DISCONNECTED, hdev, &ev, sizeof(ev), sk);
2312
2313 if (sk)
2314 sock_put(sk);
2315
2316 mgmt_pending_foreach(MGMT_OP_REMOVE_KEYS, hdev, remove_keys_rsp, NULL);
2317
2318 return err;
2319 }
2320
2321 int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 status)
2322 {
2323 struct pending_cmd *cmd;
2324 u8 mgmt_err = mgmt_status(status);
2325 int err;
2326
2327 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
2328 if (!cmd)
2329 return -ENOENT;
2330
2331 if (bdaddr) {
2332 struct mgmt_rp_disconnect rp;
2333
2334 bacpy(&rp.bdaddr, bdaddr);
2335 rp.status = status;
2336
2337 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
2338 &rp, sizeof(rp));
2339 } else
2340 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_DISCONNECT,
2341 mgmt_err);
2342
2343 mgmt_pending_remove(cmd);
2344
2345 return err;
2346 }
2347
2348 int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2349 u8 addr_type, u8 status)
2350 {
2351 struct mgmt_ev_connect_failed ev;
2352
2353 bacpy(&ev.addr.bdaddr, bdaddr);
2354 ev.addr.type = link_to_mgmt(link_type, addr_type);
2355 ev.status = mgmt_status(status);
2356
2357 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
2358 }
2359
2360 int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
2361 {
2362 struct mgmt_ev_pin_code_request ev;
2363
2364 bacpy(&ev.bdaddr, bdaddr);
2365 ev.secure = secure;
2366
2367 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
2368 NULL);
2369 }
2370
2371 int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2372 u8 status)
2373 {
2374 struct pending_cmd *cmd;
2375 struct mgmt_rp_pin_code_reply rp;
2376 int err;
2377
2378 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
2379 if (!cmd)
2380 return -ENOENT;
2381
2382 bacpy(&rp.bdaddr, bdaddr);
2383 rp.status = mgmt_status(status);
2384
2385 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY, &rp,
2386 sizeof(rp));
2387
2388 mgmt_pending_remove(cmd);
2389
2390 return err;
2391 }
2392
2393 int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2394 u8 status)
2395 {
2396 struct pending_cmd *cmd;
2397 struct mgmt_rp_pin_code_reply rp;
2398 int err;
2399
2400 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
2401 if (!cmd)
2402 return -ENOENT;
2403
2404 bacpy(&rp.bdaddr, bdaddr);
2405 rp.status = mgmt_status(status);
2406
2407 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY, &rp,
2408 sizeof(rp));
2409
2410 mgmt_pending_remove(cmd);
2411
2412 return err;
2413 }
2414
2415 int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
2416 __le32 value, u8 confirm_hint)
2417 {
2418 struct mgmt_ev_user_confirm_request ev;
2419
2420 BT_DBG("%s", hdev->name);
2421
2422 bacpy(&ev.bdaddr, bdaddr);
2423 ev.confirm_hint = confirm_hint;
2424 put_unaligned_le32(value, &ev.value);
2425
2426 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
2427 NULL);
2428 }
2429
2430 static int confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2431 u8 status, u8 opcode)
2432 {
2433 struct pending_cmd *cmd;
2434 struct mgmt_rp_user_confirm_reply rp;
2435 int err;
2436
2437 cmd = mgmt_pending_find(opcode, hdev);
2438 if (!cmd)
2439 return -ENOENT;
2440
2441 bacpy(&rp.bdaddr, bdaddr);
2442 rp.status = mgmt_status(status);
2443 err = cmd_complete(cmd->sk, hdev->id, opcode, &rp, sizeof(rp));
2444
2445 mgmt_pending_remove(cmd);
2446
2447 return err;
2448 }
2449
2450 int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2451 u8 status)
2452 {
2453 return confirm_reply_complete(hdev, bdaddr, mgmt_status(status),
2454 MGMT_OP_USER_CONFIRM_REPLY);
2455 }
2456
2457 int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev,
2458 bdaddr_t *bdaddr, u8 status)
2459 {
2460 return confirm_reply_complete(hdev, bdaddr, mgmt_status(status),
2461 MGMT_OP_USER_CONFIRM_NEG_REPLY);
2462 }
2463
2464 int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 status)
2465 {
2466 struct mgmt_ev_auth_failed ev;
2467
2468 bacpy(&ev.bdaddr, bdaddr);
2469 ev.status = mgmt_status(status);
2470
2471 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2472 }
2473
2474 int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
2475 {
2476 struct pending_cmd *cmd;
2477 struct mgmt_cp_set_local_name ev;
2478 int err;
2479
2480 memset(&ev, 0, sizeof(ev));
2481 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2482
2483 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
2484 if (!cmd)
2485 goto send_event;
2486
2487 if (status) {
2488 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
2489 mgmt_status(status));
2490 goto failed;
2491 }
2492
2493 update_eir(hdev);
2494
2495 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, &ev,
2496 sizeof(ev));
2497 if (err < 0)
2498 goto failed;
2499
2500 send_event:
2501 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev, sizeof(ev),
2502 cmd ? cmd->sk : NULL);
2503
2504 failed:
2505 if (cmd)
2506 mgmt_pending_remove(cmd);
2507 return err;
2508 }
2509
2510 int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
2511 u8 *randomizer, u8 status)
2512 {
2513 struct pending_cmd *cmd;
2514 int err;
2515
2516 BT_DBG("%s status %u", hdev->name, status);
2517
2518 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
2519 if (!cmd)
2520 return -ENOENT;
2521
2522 if (status) {
2523 err = cmd_status(cmd->sk, hdev->id,
2524 MGMT_OP_READ_LOCAL_OOB_DATA,
2525 mgmt_status(status));
2526 } else {
2527 struct mgmt_rp_read_local_oob_data rp;
2528
2529 memcpy(rp.hash, hash, sizeof(rp.hash));
2530 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
2531
2532 err = cmd_complete(cmd->sk, hdev->id,
2533 MGMT_OP_READ_LOCAL_OOB_DATA,
2534 &rp, sizeof(rp));
2535 }
2536
2537 mgmt_pending_remove(cmd);
2538
2539 return err;
2540 }
2541
2542 int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2543 u8 addr_type, u8 *dev_class, s8 rssi, u8 *eir)
2544 {
2545 struct mgmt_ev_device_found ev;
2546
2547 memset(&ev, 0, sizeof(ev));
2548
2549 bacpy(&ev.addr.bdaddr, bdaddr);
2550 ev.addr.type = link_to_mgmt(link_type, addr_type);
2551 ev.rssi = rssi;
2552
2553 if (eir)
2554 memcpy(ev.eir, eir, sizeof(ev.eir));
2555
2556 if (dev_class)
2557 memcpy(ev.dev_class, dev_class, sizeof(ev.dev_class));
2558
2559 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, &ev, sizeof(ev), NULL);
2560 }
2561
2562 int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 *name)
2563 {
2564 struct mgmt_ev_remote_name ev;
2565
2566 memset(&ev, 0, sizeof(ev));
2567
2568 bacpy(&ev.bdaddr, bdaddr);
2569 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2570
2571 return mgmt_event(MGMT_EV_REMOTE_NAME, hdev, &ev, sizeof(ev), NULL);
2572 }
2573
2574 int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
2575 {
2576 struct pending_cmd *cmd;
2577 int err;
2578
2579 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
2580 if (!cmd)
2581 return -ENOENT;
2582
2583 err = cmd_status(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status));
2584 mgmt_pending_remove(cmd);
2585
2586 return err;
2587 }
2588
2589 int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
2590 {
2591 struct pending_cmd *cmd;
2592 int err;
2593
2594 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
2595 if (!cmd)
2596 return -ENOENT;
2597
2598 err = cmd_status(cmd->sk, hdev->id, cmd->opcode, status);
2599 mgmt_pending_remove(cmd);
2600
2601 return err;
2602 }
2603
2604 int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
2605 {
2606 struct pending_cmd *cmd;
2607
2608 if (discovering)
2609 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
2610 else
2611 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
2612
2613 if (cmd != NULL) {
2614 cmd_complete(cmd->sk, hdev->id, cmd->opcode, NULL, 0);
2615 mgmt_pending_remove(cmd);
2616 }
2617
2618 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &discovering,
2619 sizeof(discovering), NULL);
2620 }
2621
2622 int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr)
2623 {
2624 struct pending_cmd *cmd;
2625 struct mgmt_ev_device_blocked ev;
2626
2627 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
2628
2629 bacpy(&ev.bdaddr, bdaddr);
2630
2631 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
2632 cmd ? cmd->sk : NULL);
2633 }
2634
2635 int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr)
2636 {
2637 struct pending_cmd *cmd;
2638 struct mgmt_ev_device_unblocked ev;
2639
2640 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
2641
2642 bacpy(&ev.bdaddr, bdaddr);
2643
2644 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
2645 cmd ? cmd->sk : NULL);
2646 }
Linux kernel - Deliverables
This page took 0.098174 seconds and 5 git commands to generate.