2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 /* Bluetooth HCI Management interface */
25 #include <linux/kernel.h>
26 #include <linux/uaccess.h>
27 #include <linux/module.h>
28 #include <asm/unaligned.h>
30 #include <net/bluetooth/bluetooth.h>
31 #include <net/bluetooth/hci_core.h>
32 #include <net/bluetooth/mgmt.h>
33 #include <net/bluetooth/smp.h>
35 #define MGMT_VERSION 0
36 #define MGMT_REVISION 1
38 static const u16 mgmt_commands
[] = {
39 MGMT_OP_READ_INDEX_LIST
,
42 MGMT_OP_SET_DISCOVERABLE
,
43 MGMT_OP_SET_CONNECTABLE
,
44 MGMT_OP_SET_FAST_CONNECTABLE
,
46 MGMT_OP_SET_LINK_SECURITY
,
50 MGMT_OP_SET_DEV_CLASS
,
51 MGMT_OP_SET_LOCAL_NAME
,
54 MGMT_OP_LOAD_LINK_KEYS
,
55 MGMT_OP_LOAD_LONG_TERM_KEYS
,
57 MGMT_OP_GET_CONNECTIONS
,
58 MGMT_OP_PIN_CODE_REPLY
,
59 MGMT_OP_PIN_CODE_NEG_REPLY
,
60 MGMT_OP_SET_IO_CAPABILITY
,
62 MGMT_OP_CANCEL_PAIR_DEVICE
,
63 MGMT_OP_UNPAIR_DEVICE
,
64 MGMT_OP_USER_CONFIRM_REPLY
,
65 MGMT_OP_USER_CONFIRM_NEG_REPLY
,
66 MGMT_OP_USER_PASSKEY_REPLY
,
67 MGMT_OP_USER_PASSKEY_NEG_REPLY
,
68 MGMT_OP_READ_LOCAL_OOB_DATA
,
69 MGMT_OP_ADD_REMOTE_OOB_DATA
,
70 MGMT_OP_REMOVE_REMOTE_OOB_DATA
,
71 MGMT_OP_START_DISCOVERY
,
72 MGMT_OP_STOP_DISCOVERY
,
75 MGMT_OP_UNBLOCK_DEVICE
,
78 static const u16 mgmt_events
[] = {
79 MGMT_EV_CONTROLLER_ERROR
,
81 MGMT_EV_INDEX_REMOVED
,
83 MGMT_EV_CLASS_OF_DEV_CHANGED
,
84 MGMT_EV_LOCAL_NAME_CHANGED
,
86 MGMT_EV_NEW_LONG_TERM_KEY
,
87 MGMT_EV_DEVICE_CONNECTED
,
88 MGMT_EV_DEVICE_DISCONNECTED
,
89 MGMT_EV_CONNECT_FAILED
,
90 MGMT_EV_PIN_CODE_REQUEST
,
91 MGMT_EV_USER_CONFIRM_REQUEST
,
92 MGMT_EV_USER_PASSKEY_REQUEST
,
96 MGMT_EV_DEVICE_BLOCKED
,
97 MGMT_EV_DEVICE_UNBLOCKED
,
98 MGMT_EV_DEVICE_UNPAIRED
,
102 * These LE scan and inquiry parameters were chosen according to LE General
103 * Discovery Procedure specification.
105 #define LE_SCAN_TYPE 0x01
106 #define LE_SCAN_WIN 0x12
107 #define LE_SCAN_INT 0x12
108 #define LE_SCAN_TIMEOUT_LE_ONLY 10240 /* TGAP(gen_disc_scan_min) */
110 #define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
112 #define SERVICE_CACHE_TIMEOUT (5 * 1000)
115 struct list_head list
;
123 /* HCI to MGMT error code conversion table */
124 static u8 mgmt_status_table
[] = {
126 MGMT_STATUS_UNKNOWN_COMMAND
, /* Unknown Command */
127 MGMT_STATUS_NOT_CONNECTED
, /* No Connection */
128 MGMT_STATUS_FAILED
, /* Hardware Failure */
129 MGMT_STATUS_CONNECT_FAILED
, /* Page Timeout */
130 MGMT_STATUS_AUTH_FAILED
, /* Authentication Failed */
131 MGMT_STATUS_NOT_PAIRED
, /* PIN or Key Missing */
132 MGMT_STATUS_NO_RESOURCES
, /* Memory Full */
133 MGMT_STATUS_TIMEOUT
, /* Connection Timeout */
134 MGMT_STATUS_NO_RESOURCES
, /* Max Number of Connections */
135 MGMT_STATUS_NO_RESOURCES
, /* Max Number of SCO Connections */
136 MGMT_STATUS_ALREADY_CONNECTED
, /* ACL Connection Exists */
137 MGMT_STATUS_BUSY
, /* Command Disallowed */
138 MGMT_STATUS_NO_RESOURCES
, /* Rejected Limited Resources */
139 MGMT_STATUS_REJECTED
, /* Rejected Security */
140 MGMT_STATUS_REJECTED
, /* Rejected Personal */
141 MGMT_STATUS_TIMEOUT
, /* Host Timeout */
142 MGMT_STATUS_NOT_SUPPORTED
, /* Unsupported Feature */
143 MGMT_STATUS_INVALID_PARAMS
, /* Invalid Parameters */
144 MGMT_STATUS_DISCONNECTED
, /* OE User Ended Connection */
145 MGMT_STATUS_NO_RESOURCES
, /* OE Low Resources */
146 MGMT_STATUS_DISCONNECTED
, /* OE Power Off */
147 MGMT_STATUS_DISCONNECTED
, /* Connection Terminated */
148 MGMT_STATUS_BUSY
, /* Repeated Attempts */
149 MGMT_STATUS_REJECTED
, /* Pairing Not Allowed */
150 MGMT_STATUS_FAILED
, /* Unknown LMP PDU */
151 MGMT_STATUS_NOT_SUPPORTED
, /* Unsupported Remote Feature */
152 MGMT_STATUS_REJECTED
, /* SCO Offset Rejected */
153 MGMT_STATUS_REJECTED
, /* SCO Interval Rejected */
154 MGMT_STATUS_REJECTED
, /* Air Mode Rejected */
155 MGMT_STATUS_INVALID_PARAMS
, /* Invalid LMP Parameters */
156 MGMT_STATUS_FAILED
, /* Unspecified Error */
157 MGMT_STATUS_NOT_SUPPORTED
, /* Unsupported LMP Parameter Value */
158 MGMT_STATUS_FAILED
, /* Role Change Not Allowed */
159 MGMT_STATUS_TIMEOUT
, /* LMP Response Timeout */
160 MGMT_STATUS_FAILED
, /* LMP Error Transaction Collision */
161 MGMT_STATUS_FAILED
, /* LMP PDU Not Allowed */
162 MGMT_STATUS_REJECTED
, /* Encryption Mode Not Accepted */
163 MGMT_STATUS_FAILED
, /* Unit Link Key Used */
164 MGMT_STATUS_NOT_SUPPORTED
, /* QoS Not Supported */
165 MGMT_STATUS_TIMEOUT
, /* Instant Passed */
166 MGMT_STATUS_NOT_SUPPORTED
, /* Pairing Not Supported */
167 MGMT_STATUS_FAILED
, /* Transaction Collision */
168 MGMT_STATUS_INVALID_PARAMS
, /* Unacceptable Parameter */
169 MGMT_STATUS_REJECTED
, /* QoS Rejected */
170 MGMT_STATUS_NOT_SUPPORTED
, /* Classification Not Supported */
171 MGMT_STATUS_REJECTED
, /* Insufficient Security */
172 MGMT_STATUS_INVALID_PARAMS
, /* Parameter Out Of Range */
173 MGMT_STATUS_BUSY
, /* Role Switch Pending */
174 MGMT_STATUS_FAILED
, /* Slot Violation */
175 MGMT_STATUS_FAILED
, /* Role Switch Failed */
176 MGMT_STATUS_INVALID_PARAMS
, /* EIR Too Large */
177 MGMT_STATUS_NOT_SUPPORTED
, /* Simple Pairing Not Supported */
178 MGMT_STATUS_BUSY
, /* Host Busy Pairing */
179 MGMT_STATUS_REJECTED
, /* Rejected, No Suitable Channel */
180 MGMT_STATUS_BUSY
, /* Controller Busy */
181 MGMT_STATUS_INVALID_PARAMS
, /* Unsuitable Connection Interval */
182 MGMT_STATUS_TIMEOUT
, /* Directed Advertising Timeout */
183 MGMT_STATUS_AUTH_FAILED
, /* Terminated Due to MIC Failure */
184 MGMT_STATUS_CONNECT_FAILED
, /* Connection Establishment Failed */
185 MGMT_STATUS_CONNECT_FAILED
, /* MAC Connection Failed */
188 static u8
mgmt_status(u8 hci_status
)
190 if (hci_status
< ARRAY_SIZE(mgmt_status_table
))
191 return mgmt_status_table
[hci_status
];
193 return MGMT_STATUS_FAILED
;
196 static int cmd_status(struct sock
*sk
, u16 index
, u16 cmd
, u8 status
)
199 struct mgmt_hdr
*hdr
;
200 struct mgmt_ev_cmd_status
*ev
;
203 BT_DBG("sock %p, index %u, cmd %u, status %u", sk
, index
, cmd
, status
);
205 skb
= alloc_skb(sizeof(*hdr
) + sizeof(*ev
), GFP_ATOMIC
);
209 hdr
= (void *) skb_put(skb
, sizeof(*hdr
));
211 hdr
->opcode
= cpu_to_le16(MGMT_EV_CMD_STATUS
);
212 hdr
->index
= cpu_to_le16(index
);
213 hdr
->len
= cpu_to_le16(sizeof(*ev
));
215 ev
= (void *) skb_put(skb
, sizeof(*ev
));
217 put_unaligned_le16(cmd
, &ev
->opcode
);
219 err
= sock_queue_rcv_skb(sk
, skb
);
226 static int cmd_complete(struct sock
*sk
, u16 index
, u16 cmd
, void *rp
,
230 struct mgmt_hdr
*hdr
;
231 struct mgmt_ev_cmd_complete
*ev
;
234 BT_DBG("sock %p", sk
);
236 skb
= alloc_skb(sizeof(*hdr
) + sizeof(*ev
) + rp_len
, GFP_ATOMIC
);
240 hdr
= (void *) skb_put(skb
, sizeof(*hdr
));
242 hdr
->opcode
= cpu_to_le16(MGMT_EV_CMD_COMPLETE
);
243 hdr
->index
= cpu_to_le16(index
);
244 hdr
->len
= cpu_to_le16(sizeof(*ev
) + rp_len
);
246 ev
= (void *) skb_put(skb
, sizeof(*ev
) + rp_len
);
247 put_unaligned_le16(cmd
, &ev
->opcode
);
250 memcpy(ev
->data
, rp
, rp_len
);
252 err
= sock_queue_rcv_skb(sk
, skb
);
259 static int read_version(struct sock
*sk
)
261 struct mgmt_rp_read_version rp
;
263 BT_DBG("sock %p", sk
);
265 rp
.version
= MGMT_VERSION
;
266 put_unaligned_le16(MGMT_REVISION
, &rp
.revision
);
268 return cmd_complete(sk
, MGMT_INDEX_NONE
, MGMT_OP_READ_VERSION
, &rp
,
272 static int read_commands(struct sock
*sk
)
274 struct mgmt_rp_read_commands
*rp
;
275 u16 num_commands
= ARRAY_SIZE(mgmt_commands
);
276 u16 num_events
= ARRAY_SIZE(mgmt_events
);
281 BT_DBG("sock %p", sk
);
283 rp_size
= sizeof(*rp
) + ((num_commands
+ num_events
) * sizeof(u16
));
285 rp
= kmalloc(rp_size
, GFP_KERNEL
);
289 put_unaligned_le16(num_commands
, &rp
->num_commands
);
290 put_unaligned_le16(num_events
, &rp
->num_events
);
292 for (i
= 0, opcode
= rp
->opcodes
; i
< num_commands
; i
++, opcode
++)
293 put_unaligned_le16(mgmt_commands
[i
], opcode
);
295 for (i
= 0; i
< num_events
; i
++, opcode
++)
296 put_unaligned_le16(mgmt_events
[i
], opcode
);
298 err
= cmd_complete(sk
, MGMT_INDEX_NONE
, MGMT_OP_READ_COMMANDS
, rp
,
305 static int read_index_list(struct sock
*sk
)
307 struct mgmt_rp_read_index_list
*rp
;
314 BT_DBG("sock %p", sk
);
316 read_lock(&hci_dev_list_lock
);
319 list_for_each(p
, &hci_dev_list
) {
323 rp_len
= sizeof(*rp
) + (2 * count
);
324 rp
= kmalloc(rp_len
, GFP_ATOMIC
);
326 read_unlock(&hci_dev_list_lock
);
330 put_unaligned_le16(count
, &rp
->num_controllers
);
333 list_for_each_entry(d
, &hci_dev_list
, list
) {
334 if (test_and_clear_bit(HCI_AUTO_OFF
, &d
->dev_flags
))
335 cancel_delayed_work(&d
->power_off
);
337 if (test_bit(HCI_SETUP
, &d
->dev_flags
))
340 put_unaligned_le16(d
->id
, &rp
->index
[i
++]);
341 BT_DBG("Added hci%u", d
->id
);
344 read_unlock(&hci_dev_list_lock
);
346 err
= cmd_complete(sk
, MGMT_INDEX_NONE
, MGMT_OP_READ_INDEX_LIST
, rp
,
354 static u32
get_supported_settings(struct hci_dev
*hdev
)
358 settings
|= MGMT_SETTING_POWERED
;
359 settings
|= MGMT_SETTING_CONNECTABLE
;
360 settings
|= MGMT_SETTING_FAST_CONNECTABLE
;
361 settings
|= MGMT_SETTING_DISCOVERABLE
;
362 settings
|= MGMT_SETTING_PAIRABLE
;
364 if (hdev
->features
[6] & LMP_SIMPLE_PAIR
)
365 settings
|= MGMT_SETTING_SSP
;
367 if (!(hdev
->features
[4] & LMP_NO_BREDR
)) {
368 settings
|= MGMT_SETTING_BREDR
;
369 settings
|= MGMT_SETTING_LINK_SECURITY
;
372 if (hdev
->features
[4] & LMP_LE
)
373 settings
|= MGMT_SETTING_LE
;
378 static u32
get_current_settings(struct hci_dev
*hdev
)
382 if (test_bit(HCI_UP
, &hdev
->flags
))
383 settings
|= MGMT_SETTING_POWERED
;
387 if (test_bit(HCI_PSCAN
, &hdev
->flags
))
388 settings
|= MGMT_SETTING_CONNECTABLE
;
390 if (test_bit(HCI_ISCAN
, &hdev
->flags
))
391 settings
|= MGMT_SETTING_DISCOVERABLE
;
393 if (test_bit(HCI_PAIRABLE
, &hdev
->dev_flags
))
394 settings
|= MGMT_SETTING_PAIRABLE
;
396 if (!(hdev
->features
[4] & LMP_NO_BREDR
))
397 settings
|= MGMT_SETTING_BREDR
;
399 if (hdev
->host_features
[0] & LMP_HOST_LE
)
400 settings
|= MGMT_SETTING_LE
;
402 if (test_bit(HCI_AUTH
, &hdev
->flags
))
403 settings
|= MGMT_SETTING_LINK_SECURITY
;
405 if (test_bit(HCI_SSP_ENABLED
, &hdev
->dev_flags
))
406 settings
|= MGMT_SETTING_SSP
;
411 #define PNP_INFO_SVCLASS_ID 0x1200
413 static u8 bluetooth_base_uuid
[] = {
414 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
415 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
418 static u16
get_uuid16(u8
*uuid128
)
423 for (i
= 0; i
< 12; i
++) {
424 if (bluetooth_base_uuid
[i
] != uuid128
[i
])
428 memcpy(&val
, &uuid128
[12], 4);
430 val
= le32_to_cpu(val
);
437 static void create_eir(struct hci_dev
*hdev
, u8
*data
)
441 u16 uuid16_list
[HCI_MAX_EIR_LENGTH
/ sizeof(u16
)];
442 int i
, truncated
= 0;
443 struct bt_uuid
*uuid
;
446 name_len
= strlen(hdev
->dev_name
);
452 ptr
[1] = EIR_NAME_SHORT
;
454 ptr
[1] = EIR_NAME_COMPLETE
;
456 /* EIR Data length */
457 ptr
[0] = name_len
+ 1;
459 memcpy(ptr
+ 2, hdev
->dev_name
, name_len
);
461 eir_len
+= (name_len
+ 2);
462 ptr
+= (name_len
+ 2);
465 memset(uuid16_list
, 0, sizeof(uuid16_list
));
467 /* Group all UUID16 types */
468 list_for_each_entry(uuid
, &hdev
->uuids
, list
) {
471 uuid16
= get_uuid16(uuid
->uuid
);
478 if (uuid16
== PNP_INFO_SVCLASS_ID
)
481 /* Stop if not enough space to put next UUID */
482 if (eir_len
+ 2 + sizeof(u16
) > HCI_MAX_EIR_LENGTH
) {
487 /* Check for duplicates */
488 for (i
= 0; uuid16_list
[i
] != 0; i
++)
489 if (uuid16_list
[i
] == uuid16
)
492 if (uuid16_list
[i
] == 0) {
493 uuid16_list
[i
] = uuid16
;
494 eir_len
+= sizeof(u16
);
498 if (uuid16_list
[0] != 0) {
502 ptr
[1] = truncated
? EIR_UUID16_SOME
: EIR_UUID16_ALL
;
507 for (i
= 0; uuid16_list
[i
] != 0; i
++) {
508 *ptr
++ = (uuid16_list
[i
] & 0x00ff);
509 *ptr
++ = (uuid16_list
[i
] & 0xff00) >> 8;
512 /* EIR Data length */
513 *length
= (i
* sizeof(u16
)) + 1;
517 static int update_eir(struct hci_dev
*hdev
)
519 struct hci_cp_write_eir cp
;
521 if (!(hdev
->features
[6] & LMP_EXT_INQ
))
524 if (!test_bit(HCI_SSP_ENABLED
, &hdev
->dev_flags
))
527 if (test_bit(HCI_SERVICE_CACHE
, &hdev
->dev_flags
))
530 memset(&cp
, 0, sizeof(cp
));
532 create_eir(hdev
, cp
.data
);
534 if (memcmp(cp
.data
, hdev
->eir
, sizeof(cp
.data
)) == 0)
537 memcpy(hdev
->eir
, cp
.data
, sizeof(cp
.data
));
539 return hci_send_cmd(hdev
, HCI_OP_WRITE_EIR
, sizeof(cp
), &cp
);
542 static u8
get_service_classes(struct hci_dev
*hdev
)
544 struct bt_uuid
*uuid
;
547 list_for_each_entry(uuid
, &hdev
->uuids
, list
)
548 val
|= uuid
->svc_hint
;
553 static int update_class(struct hci_dev
*hdev
)
557 BT_DBG("%s", hdev
->name
);
559 if (test_bit(HCI_SERVICE_CACHE
, &hdev
->dev_flags
))
562 cod
[0] = hdev
->minor_class
;
563 cod
[1] = hdev
->major_class
;
564 cod
[2] = get_service_classes(hdev
);
566 if (memcmp(cod
, hdev
->dev_class
, 3) == 0)
569 return hci_send_cmd(hdev
, HCI_OP_WRITE_CLASS_OF_DEV
, sizeof(cod
), cod
);
572 static void service_cache_off(struct work_struct
*work
)
574 struct hci_dev
*hdev
= container_of(work
, struct hci_dev
,
577 if (!test_and_clear_bit(HCI_SERVICE_CACHE
, &hdev
->dev_flags
))
585 hci_dev_unlock(hdev
);
588 static void mgmt_init_hdev(struct hci_dev
*hdev
)
590 if (!test_and_set_bit(HCI_MGMT
, &hdev
->dev_flags
))
591 INIT_DELAYED_WORK(&hdev
->service_cache
, service_cache_off
);
593 if (!test_and_set_bit(HCI_SERVICE_CACHE
, &hdev
->dev_flags
))
594 schedule_delayed_work(&hdev
->service_cache
,
595 msecs_to_jiffies(SERVICE_CACHE_TIMEOUT
));
598 static int read_controller_info(struct sock
*sk
, u16 index
)
600 struct mgmt_rp_read_info rp
;
601 struct hci_dev
*hdev
;
603 BT_DBG("sock %p hci%u", sk
, index
);
605 hdev
= hci_dev_get(index
);
607 return cmd_status(sk
, index
, MGMT_OP_READ_INFO
,
608 MGMT_STATUS_INVALID_PARAMS
);
610 if (test_and_clear_bit(HCI_AUTO_OFF
, &hdev
->dev_flags
))
611 cancel_delayed_work_sync(&hdev
->power_off
);
615 if (test_and_clear_bit(HCI_PI_MGMT_INIT
, &hci_pi(sk
)->flags
))
616 mgmt_init_hdev(hdev
);
618 memset(&rp
, 0, sizeof(rp
));
620 bacpy(&rp
.bdaddr
, &hdev
->bdaddr
);
622 rp
.version
= hdev
->hci_ver
;
624 put_unaligned_le16(hdev
->manufacturer
, &rp
.manufacturer
);
626 rp
.supported_settings
= cpu_to_le32(get_supported_settings(hdev
));
627 rp
.current_settings
= cpu_to_le32(get_current_settings(hdev
));
629 memcpy(rp
.dev_class
, hdev
->dev_class
, 3);
631 memcpy(rp
.name
, hdev
->dev_name
, sizeof(hdev
->dev_name
));
633 hci_dev_unlock(hdev
);
636 return cmd_complete(sk
, index
, MGMT_OP_READ_INFO
, &rp
, sizeof(rp
));
639 static void mgmt_pending_free(struct pending_cmd
*cmd
)
646 static struct pending_cmd
*mgmt_pending_add(struct sock
*sk
, u16 opcode
,
647 struct hci_dev
*hdev
,
650 struct pending_cmd
*cmd
;
652 cmd
= kmalloc(sizeof(*cmd
), GFP_ATOMIC
);
656 cmd
->opcode
= opcode
;
657 cmd
->index
= hdev
->id
;
659 cmd
->param
= kmalloc(len
, GFP_ATOMIC
);
666 memcpy(cmd
->param
, data
, len
);
671 list_add(&cmd
->list
, &hdev
->mgmt_pending
);
676 static void mgmt_pending_foreach(u16 opcode
, struct hci_dev
*hdev
,
677 void (*cb
)(struct pending_cmd
*cmd
, void *data
),
680 struct list_head
*p
, *n
;
682 list_for_each_safe(p
, n
, &hdev
->mgmt_pending
) {
683 struct pending_cmd
*cmd
;
685 cmd
= list_entry(p
, struct pending_cmd
, list
);
687 if (opcode
> 0 && cmd
->opcode
!= opcode
)
694 static struct pending_cmd
*mgmt_pending_find(u16 opcode
, struct hci_dev
*hdev
)
696 struct pending_cmd
*cmd
;
698 list_for_each_entry(cmd
, &hdev
->mgmt_pending
, list
) {
699 if (cmd
->opcode
== opcode
)
706 static void mgmt_pending_remove(struct pending_cmd
*cmd
)
708 list_del(&cmd
->list
);
709 mgmt_pending_free(cmd
);
712 static int send_settings_rsp(struct sock
*sk
, u16 opcode
, struct hci_dev
*hdev
)
714 __le32 settings
= cpu_to_le32(get_current_settings(hdev
));
716 return cmd_complete(sk
, hdev
->id
, opcode
, &settings
, sizeof(settings
));
719 static int set_powered(struct sock
*sk
, u16 index
, void *data
, u16 len
)
721 struct mgmt_mode
*cp
= data
;
722 struct hci_dev
*hdev
;
723 struct pending_cmd
*cmd
;
726 BT_DBG("request for hci%u", index
);
728 if (len
!= sizeof(*cp
))
729 return cmd_status(sk
, index
, MGMT_OP_SET_POWERED
,
730 MGMT_STATUS_INVALID_PARAMS
);
732 hdev
= hci_dev_get(index
);
734 return cmd_status(sk
, index
, MGMT_OP_SET_POWERED
,
735 MGMT_STATUS_INVALID_PARAMS
);
739 up
= test_bit(HCI_UP
, &hdev
->flags
);
740 if ((cp
->val
&& up
) || (!cp
->val
&& !up
)) {
741 err
= send_settings_rsp(sk
, MGMT_OP_SET_POWERED
, hdev
);
745 if (mgmt_pending_find(MGMT_OP_SET_POWERED
, hdev
)) {
746 err
= cmd_status(sk
, index
, MGMT_OP_SET_POWERED
,
751 cmd
= mgmt_pending_add(sk
, MGMT_OP_SET_POWERED
, hdev
, data
, len
);
758 schedule_work(&hdev
->power_on
);
760 schedule_work(&hdev
->power_off
.work
);
765 hci_dev_unlock(hdev
);
770 static int set_discoverable(struct sock
*sk
, u16 index
, void *data
, u16 len
)
772 struct mgmt_cp_set_discoverable
*cp
= data
;
773 struct hci_dev
*hdev
;
774 struct pending_cmd
*cmd
;
778 BT_DBG("request for hci%u", index
);
780 if (len
!= sizeof(*cp
))
781 return cmd_status(sk
, index
, MGMT_OP_SET_DISCOVERABLE
,
782 MGMT_STATUS_INVALID_PARAMS
);
784 hdev
= hci_dev_get(index
);
786 return cmd_status(sk
, index
, MGMT_OP_SET_DISCOVERABLE
,
787 MGMT_STATUS_INVALID_PARAMS
);
791 if (!test_bit(HCI_UP
, &hdev
->flags
)) {
792 err
= cmd_status(sk
, index
, MGMT_OP_SET_DISCOVERABLE
,
793 MGMT_STATUS_NOT_POWERED
);
797 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE
, hdev
) ||
798 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE
, hdev
)) {
799 err
= cmd_status(sk
, index
, MGMT_OP_SET_DISCOVERABLE
,
804 if (cp
->val
== test_bit(HCI_ISCAN
, &hdev
->flags
) &&
805 test_bit(HCI_PSCAN
, &hdev
->flags
)) {
806 err
= send_settings_rsp(sk
, MGMT_OP_SET_DISCOVERABLE
, hdev
);
810 cmd
= mgmt_pending_add(sk
, MGMT_OP_SET_DISCOVERABLE
, hdev
, data
, len
);
819 scan
|= SCAN_INQUIRY
;
821 cancel_delayed_work(&hdev
->discov_off
);
823 err
= hci_send_cmd(hdev
, HCI_OP_WRITE_SCAN_ENABLE
, 1, &scan
);
825 mgmt_pending_remove(cmd
);
828 hdev
->discov_timeout
= get_unaligned_le16(&cp
->timeout
);
831 hci_dev_unlock(hdev
);
837 static int set_connectable(struct sock
*sk
, u16 index
, void *data
, u16 len
)
839 struct mgmt_mode
*cp
= data
;
840 struct hci_dev
*hdev
;
841 struct pending_cmd
*cmd
;
845 BT_DBG("request for hci%u", index
);
847 if (len
!= sizeof(*cp
))
848 return cmd_status(sk
, index
, MGMT_OP_SET_CONNECTABLE
,
849 MGMT_STATUS_INVALID_PARAMS
);
851 hdev
= hci_dev_get(index
);
853 return cmd_status(sk
, index
, MGMT_OP_SET_CONNECTABLE
,
854 MGMT_STATUS_INVALID_PARAMS
);
858 if (!test_bit(HCI_UP
, &hdev
->flags
)) {
859 err
= cmd_status(sk
, index
, MGMT_OP_SET_CONNECTABLE
,
860 MGMT_STATUS_NOT_POWERED
);
864 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE
, hdev
) ||
865 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE
, hdev
)) {
866 err
= cmd_status(sk
, index
, MGMT_OP_SET_CONNECTABLE
,
871 if (cp
->val
== test_bit(HCI_PSCAN
, &hdev
->flags
)) {
872 err
= send_settings_rsp(sk
, MGMT_OP_SET_CONNECTABLE
, hdev
);
876 cmd
= mgmt_pending_add(sk
, MGMT_OP_SET_CONNECTABLE
, hdev
, data
, len
);
887 err
= hci_send_cmd(hdev
, HCI_OP_WRITE_SCAN_ENABLE
, 1, &scan
);
889 mgmt_pending_remove(cmd
);
892 hci_dev_unlock(hdev
);
898 static int mgmt_event(u16 event
, struct hci_dev
*hdev
, void *data
,
899 u16 data_len
, struct sock
*skip_sk
)
902 struct mgmt_hdr
*hdr
;
904 skb
= alloc_skb(sizeof(*hdr
) + data_len
, GFP_ATOMIC
);
908 bt_cb(skb
)->channel
= HCI_CHANNEL_CONTROL
;
910 hdr
= (void *) skb_put(skb
, sizeof(*hdr
));
911 hdr
->opcode
= cpu_to_le16(event
);
913 hdr
->index
= cpu_to_le16(hdev
->id
);
915 hdr
->index
= cpu_to_le16(MGMT_INDEX_NONE
);
916 hdr
->len
= cpu_to_le16(data_len
);
919 memcpy(skb_put(skb
, data_len
), data
, data_len
);
921 hci_send_to_sock(NULL
, skb
, skip_sk
);
927 static int set_pairable(struct sock
*sk
, u16 index
, void *data
, u16 len
)
929 struct mgmt_mode
*cp
= data
;
930 struct hci_dev
*hdev
;
934 BT_DBG("request for hci%u", index
);
936 if (len
!= sizeof(*cp
))
937 return cmd_status(sk
, index
, MGMT_OP_SET_PAIRABLE
,
938 MGMT_STATUS_INVALID_PARAMS
);
940 hdev
= hci_dev_get(index
);
942 return cmd_status(sk
, index
, MGMT_OP_SET_PAIRABLE
,
943 MGMT_STATUS_INVALID_PARAMS
);
948 set_bit(HCI_PAIRABLE
, &hdev
->dev_flags
);
950 clear_bit(HCI_PAIRABLE
, &hdev
->dev_flags
);
952 err
= send_settings_rsp(sk
, MGMT_OP_SET_PAIRABLE
, hdev
);
956 ev
= cpu_to_le32(get_current_settings(hdev
));
958 err
= mgmt_event(MGMT_EV_NEW_SETTINGS
, hdev
, &ev
, sizeof(ev
), sk
);
961 hci_dev_unlock(hdev
);
967 static int add_uuid(struct sock
*sk
, u16 index
, void *data
, u16 len
)
969 struct mgmt_cp_add_uuid
*cp
= data
;
970 struct hci_dev
*hdev
;
971 struct bt_uuid
*uuid
;
974 BT_DBG("request for hci%u", index
);
976 if (len
!= sizeof(*cp
))
977 return cmd_status(sk
, index
, MGMT_OP_ADD_UUID
,
978 MGMT_STATUS_INVALID_PARAMS
);
980 hdev
= hci_dev_get(index
);
982 return cmd_status(sk
, index
, MGMT_OP_ADD_UUID
,
983 MGMT_STATUS_INVALID_PARAMS
);
987 uuid
= kmalloc(sizeof(*uuid
), GFP_ATOMIC
);
993 memcpy(uuid
->uuid
, cp
->uuid
, 16);
994 uuid
->svc_hint
= cp
->svc_hint
;
996 list_add(&uuid
->list
, &hdev
->uuids
);
998 err
= update_class(hdev
);
1002 err
= update_eir(hdev
);
1006 err
= cmd_complete(sk
, index
, MGMT_OP_ADD_UUID
, NULL
, 0);
1009 hci_dev_unlock(hdev
);
1015 static int remove_uuid(struct sock
*sk
, u16 index
, void *data
, u16 len
)
1017 struct mgmt_cp_remove_uuid
*cp
= data
;
1018 struct list_head
*p
, *n
;
1019 struct hci_dev
*hdev
;
1020 u8 bt_uuid_any
[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
1023 BT_DBG("request for hci%u", index
);
1025 if (len
!= sizeof(*cp
))
1026 return cmd_status(sk
, index
, MGMT_OP_REMOVE_UUID
,
1027 MGMT_STATUS_INVALID_PARAMS
);
1029 hdev
= hci_dev_get(index
);
1031 return cmd_status(sk
, index
, MGMT_OP_REMOVE_UUID
,
1032 MGMT_STATUS_INVALID_PARAMS
);
1036 if (memcmp(cp
->uuid
, bt_uuid_any
, 16) == 0) {
1037 err
= hci_uuids_clear(hdev
);
1043 list_for_each_safe(p
, n
, &hdev
->uuids
) {
1044 struct bt_uuid
*match
= list_entry(p
, struct bt_uuid
, list
);
1046 if (memcmp(match
->uuid
, cp
->uuid
, 16) != 0)
1049 list_del(&match
->list
);
1054 err
= cmd_status(sk
, index
, MGMT_OP_REMOVE_UUID
,
1055 MGMT_STATUS_INVALID_PARAMS
);
1059 err
= update_class(hdev
);
1063 err
= update_eir(hdev
);
1067 err
= cmd_complete(sk
, index
, MGMT_OP_REMOVE_UUID
, NULL
, 0);
1070 hci_dev_unlock(hdev
);
1076 static int set_dev_class(struct sock
*sk
, u16 index
, void *data
, u16 len
)
1078 struct hci_dev
*hdev
;
1079 struct mgmt_cp_set_dev_class
*cp
= data
;
1082 BT_DBG("request for hci%u", index
);
1084 if (len
!= sizeof(*cp
))
1085 return cmd_status(sk
, index
, MGMT_OP_SET_DEV_CLASS
,
1086 MGMT_STATUS_INVALID_PARAMS
);
1088 hdev
= hci_dev_get(index
);
1090 return cmd_status(sk
, index
, MGMT_OP_SET_DEV_CLASS
,
1091 MGMT_STATUS_INVALID_PARAMS
);
1095 hdev
->major_class
= cp
->major
;
1096 hdev
->minor_class
= cp
->minor
;
1098 if (test_and_clear_bit(HCI_SERVICE_CACHE
, &hdev
->dev_flags
)) {
1099 hci_dev_unlock(hdev
);
1100 cancel_delayed_work_sync(&hdev
->service_cache
);
1105 err
= update_class(hdev
);
1108 err
= cmd_complete(sk
, index
, MGMT_OP_SET_DEV_CLASS
, NULL
, 0);
1110 hci_dev_unlock(hdev
);
1116 static int load_link_keys(struct sock
*sk
, u16 index
, void *data
, u16 len
)
1118 struct hci_dev
*hdev
;
1119 struct mgmt_cp_load_link_keys
*cp
= data
;
1120 u16 key_count
, expected_len
;
1123 if (len
< sizeof(*cp
))
1124 return cmd_status(sk
, index
, MGMT_OP_LOAD_LINK_KEYS
,
1125 MGMT_STATUS_INVALID_PARAMS
);
1127 key_count
= get_unaligned_le16(&cp
->key_count
);
1129 expected_len
= sizeof(*cp
) + key_count
*
1130 sizeof(struct mgmt_link_key_info
);
1131 if (expected_len
!= len
) {
1132 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
1134 return cmd_status(sk
, index
, MGMT_OP_LOAD_LINK_KEYS
,
1135 MGMT_STATUS_INVALID_PARAMS
);
1138 hdev
= hci_dev_get(index
);
1140 return cmd_status(sk
, index
, MGMT_OP_LOAD_LINK_KEYS
,
1141 MGMT_STATUS_INVALID_PARAMS
);
1143 BT_DBG("hci%u debug_keys %u key_count %u", index
, cp
->debug_keys
,
1148 hci_link_keys_clear(hdev
);
1150 set_bit(HCI_LINK_KEYS
, &hdev
->dev_flags
);
1153 set_bit(HCI_DEBUG_KEYS
, &hdev
->dev_flags
);
1155 clear_bit(HCI_DEBUG_KEYS
, &hdev
->dev_flags
);
1157 for (i
= 0; i
< key_count
; i
++) {
1158 struct mgmt_link_key_info
*key
= &cp
->keys
[i
];
1160 hci_add_link_key(hdev
, NULL
, 0, &key
->bdaddr
, key
->val
, key
->type
,
1164 cmd_complete(sk
, index
, MGMT_OP_LOAD_LINK_KEYS
, NULL
, 0);
1166 hci_dev_unlock(hdev
);
1172 static int device_unpaired(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
,
1173 u8 addr_type
, struct sock
*skip_sk
)
1175 struct mgmt_ev_device_unpaired ev
;
1177 bacpy(&ev
.addr
.bdaddr
, bdaddr
);
1178 ev
.addr
.type
= addr_type
;
1180 return mgmt_event(MGMT_EV_DEVICE_UNPAIRED
, hdev
, &ev
, sizeof(ev
),
1184 static int unpair_device(struct sock
*sk
, u16 index
, void *data
, u16 len
)
1186 struct hci_dev
*hdev
;
1187 struct mgmt_cp_unpair_device
*cp
= data
;
1188 struct mgmt_rp_unpair_device rp
;
1189 struct hci_cp_disconnect dc
;
1190 struct pending_cmd
*cmd
;
1191 struct hci_conn
*conn
;
1194 if (len
!= sizeof(*cp
))
1195 return cmd_status(sk
, index
, MGMT_OP_UNPAIR_DEVICE
,
1196 MGMT_STATUS_INVALID_PARAMS
);
1198 hdev
= hci_dev_get(index
);
1200 return cmd_status(sk
, index
, MGMT_OP_UNPAIR_DEVICE
,
1201 MGMT_STATUS_INVALID_PARAMS
);
1205 memset(&rp
, 0, sizeof(rp
));
1206 bacpy(&rp
.addr
.bdaddr
, &cp
->addr
.bdaddr
);
1207 rp
.addr
.type
= cp
->addr
.type
;
1209 if (cp
->addr
.type
== MGMT_ADDR_BREDR
)
1210 err
= hci_remove_link_key(hdev
, &cp
->addr
.bdaddr
);
1212 err
= hci_remove_ltk(hdev
, &cp
->addr
.bdaddr
);
1215 rp
.status
= MGMT_STATUS_NOT_PAIRED
;
1219 if (!test_bit(HCI_UP
, &hdev
->flags
) || !cp
->disconnect
) {
1220 err
= cmd_complete(sk
, index
, MGMT_OP_UNPAIR_DEVICE
, &rp
,
1222 device_unpaired(hdev
, &cp
->addr
.bdaddr
, cp
->addr
.type
, sk
);
1226 if (cp
->addr
.type
== MGMT_ADDR_BREDR
)
1227 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
,
1230 conn
= hci_conn_hash_lookup_ba(hdev
, LE_LINK
,
1234 err
= cmd_complete(sk
, index
, MGMT_OP_UNPAIR_DEVICE
, &rp
,
1236 device_unpaired(hdev
, &cp
->addr
.bdaddr
, cp
->addr
.type
, sk
);
1240 cmd
= mgmt_pending_add(sk
, MGMT_OP_UNPAIR_DEVICE
, hdev
, cp
,
1247 put_unaligned_le16(conn
->handle
, &dc
.handle
);
1248 dc
.reason
= 0x13; /* Remote User Terminated Connection */
1249 err
= hci_send_cmd(hdev
, HCI_OP_DISCONNECT
, sizeof(dc
), &dc
);
1251 mgmt_pending_remove(cmd
);
1255 err
= cmd_complete(sk
, index
, MGMT_OP_UNPAIR_DEVICE
, &rp
,
1257 hci_dev_unlock(hdev
);
1263 static int disconnect(struct sock
*sk
, u16 index
, void *data
, u16 len
)
1265 struct hci_dev
*hdev
;
1266 struct mgmt_cp_disconnect
*cp
= data
;
1267 struct hci_cp_disconnect dc
;
1268 struct pending_cmd
*cmd
;
1269 struct hci_conn
*conn
;
1274 if (len
!= sizeof(*cp
))
1275 return cmd_status(sk
, index
, MGMT_OP_DISCONNECT
,
1276 MGMT_STATUS_INVALID_PARAMS
);
1278 hdev
= hci_dev_get(index
);
1280 return cmd_status(sk
, index
, MGMT_OP_DISCONNECT
,
1281 MGMT_STATUS_INVALID_PARAMS
);
1285 if (!test_bit(HCI_UP
, &hdev
->flags
)) {
1286 err
= cmd_status(sk
, index
, MGMT_OP_DISCONNECT
,
1287 MGMT_STATUS_NOT_POWERED
);
1291 if (mgmt_pending_find(MGMT_OP_DISCONNECT
, hdev
)) {
1292 err
= cmd_status(sk
, index
, MGMT_OP_DISCONNECT
,
1297 if (cp
->addr
.type
== MGMT_ADDR_BREDR
)
1298 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &cp
->addr
.bdaddr
);
1300 conn
= hci_conn_hash_lookup_ba(hdev
, LE_LINK
, &cp
->addr
.bdaddr
);
1303 err
= cmd_status(sk
, index
, MGMT_OP_DISCONNECT
,
1304 MGMT_STATUS_NOT_CONNECTED
);
1308 cmd
= mgmt_pending_add(sk
, MGMT_OP_DISCONNECT
, hdev
, data
, len
);
1314 put_unaligned_le16(conn
->handle
, &dc
.handle
);
1315 dc
.reason
= 0x13; /* Remote User Terminated Connection */
1317 err
= hci_send_cmd(hdev
, HCI_OP_DISCONNECT
, sizeof(dc
), &dc
);
1319 mgmt_pending_remove(cmd
);
1322 hci_dev_unlock(hdev
);
1328 static u8
link_to_mgmt(u8 link_type
, u8 addr_type
)
1330 switch (link_type
) {
1332 switch (addr_type
) {
1333 case ADDR_LE_DEV_PUBLIC
:
1334 return MGMT_ADDR_LE_PUBLIC
;
1335 case ADDR_LE_DEV_RANDOM
:
1336 return MGMT_ADDR_LE_RANDOM
;
1338 return MGMT_ADDR_INVALID
;
1341 return MGMT_ADDR_BREDR
;
1343 return MGMT_ADDR_INVALID
;
1347 static int get_connections(struct sock
*sk
, u16 index
)
1349 struct mgmt_rp_get_connections
*rp
;
1350 struct hci_dev
*hdev
;
1358 hdev
= hci_dev_get(index
);
1360 return cmd_status(sk
, index
, MGMT_OP_GET_CONNECTIONS
,
1361 MGMT_STATUS_INVALID_PARAMS
);
1366 list_for_each_entry(c
, &hdev
->conn_hash
.list
, list
) {
1367 if (test_bit(HCI_CONN_MGMT_CONNECTED
, &c
->flags
))
1371 rp_len
= sizeof(*rp
) + (count
* sizeof(struct mgmt_addr_info
));
1372 rp
= kmalloc(rp_len
, GFP_ATOMIC
);
1378 put_unaligned_le16(count
, &rp
->conn_count
);
1381 list_for_each_entry(c
, &hdev
->conn_hash
.list
, list
) {
1382 if (!test_bit(HCI_CONN_MGMT_CONNECTED
, &c
->flags
))
1384 bacpy(&rp
->addr
[i
].bdaddr
, &c
->dst
);
1385 rp
->addr
[i
].type
= link_to_mgmt(c
->type
, c
->dst_type
);
1386 if (rp
->addr
[i
].type
== MGMT_ADDR_INVALID
)
1391 /* Recalculate length in case of filtered SCO connections, etc */
1392 rp_len
= sizeof(*rp
) + (i
* sizeof(struct mgmt_addr_info
));
1394 err
= cmd_complete(sk
, index
, MGMT_OP_GET_CONNECTIONS
, rp
, rp_len
);
1398 hci_dev_unlock(hdev
);
1403 static int send_pin_code_neg_reply(struct sock
*sk
, u16 index
,
1404 struct hci_dev
*hdev
, struct mgmt_cp_pin_code_neg_reply
*cp
)
1406 struct pending_cmd
*cmd
;
1409 cmd
= mgmt_pending_add(sk
, MGMT_OP_PIN_CODE_NEG_REPLY
, hdev
, cp
,
1414 err
= hci_send_cmd(hdev
, HCI_OP_PIN_CODE_NEG_REPLY
, sizeof(cp
->bdaddr
),
1417 mgmt_pending_remove(cmd
);
1422 static int pin_code_reply(struct sock
*sk
, u16 index
, void *data
, u16 len
)
1424 struct hci_dev
*hdev
;
1425 struct hci_conn
*conn
;
1426 struct mgmt_cp_pin_code_reply
*cp
= data
;
1427 struct mgmt_cp_pin_code_neg_reply ncp
;
1428 struct hci_cp_pin_code_reply reply
;
1429 struct pending_cmd
*cmd
;
1434 if (len
!= sizeof(*cp
))
1435 return cmd_status(sk
, index
, MGMT_OP_PIN_CODE_REPLY
,
1436 MGMT_STATUS_INVALID_PARAMS
);
1438 hdev
= hci_dev_get(index
);
1440 return cmd_status(sk
, index
, MGMT_OP_PIN_CODE_REPLY
,
1441 MGMT_STATUS_INVALID_PARAMS
);
1445 if (!test_bit(HCI_UP
, &hdev
->flags
)) {
1446 err
= cmd_status(sk
, index
, MGMT_OP_PIN_CODE_REPLY
,
1447 MGMT_STATUS_NOT_POWERED
);
1451 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &cp
->bdaddr
);
1453 err
= cmd_status(sk
, index
, MGMT_OP_PIN_CODE_REPLY
,
1454 MGMT_STATUS_NOT_CONNECTED
);
1458 if (conn
->pending_sec_level
== BT_SECURITY_HIGH
&& cp
->pin_len
!= 16) {
1459 bacpy(&ncp
.bdaddr
, &cp
->bdaddr
);
1461 BT_ERR("PIN code is not 16 bytes long");
1463 err
= send_pin_code_neg_reply(sk
, index
, hdev
, &ncp
);
1465 err
= cmd_status(sk
, index
, MGMT_OP_PIN_CODE_REPLY
,
1466 MGMT_STATUS_INVALID_PARAMS
);
1471 cmd
= mgmt_pending_add(sk
, MGMT_OP_PIN_CODE_REPLY
, hdev
, data
,
1478 bacpy(&reply
.bdaddr
, &cp
->bdaddr
);
1479 reply
.pin_len
= cp
->pin_len
;
1480 memcpy(reply
.pin_code
, cp
->pin_code
, sizeof(reply
.pin_code
));
1482 err
= hci_send_cmd(hdev
, HCI_OP_PIN_CODE_REPLY
, sizeof(reply
), &reply
);
1484 mgmt_pending_remove(cmd
);
1487 hci_dev_unlock(hdev
);
1493 static int pin_code_neg_reply(struct sock
*sk
, u16 index
, void *data
, u16 len
)
1495 struct hci_dev
*hdev
;
1496 struct mgmt_cp_pin_code_neg_reply
*cp
= data
;
1501 if (len
!= sizeof(*cp
))
1502 return cmd_status(sk
, index
, MGMT_OP_PIN_CODE_NEG_REPLY
,
1503 MGMT_STATUS_INVALID_PARAMS
);
1505 hdev
= hci_dev_get(index
);
1507 return cmd_status(sk
, index
, MGMT_OP_PIN_CODE_NEG_REPLY
,
1508 MGMT_STATUS_INVALID_PARAMS
);
1512 if (!test_bit(HCI_UP
, &hdev
->flags
)) {
1513 err
= cmd_status(sk
, index
, MGMT_OP_PIN_CODE_NEG_REPLY
,
1514 MGMT_STATUS_NOT_POWERED
);
1518 err
= send_pin_code_neg_reply(sk
, index
, hdev
, cp
);
1521 hci_dev_unlock(hdev
);
1527 static int set_io_capability(struct sock
*sk
, u16 index
, void *data
, u16 len
)
1529 struct hci_dev
*hdev
;
1530 struct mgmt_cp_set_io_capability
*cp
= data
;
1534 if (len
!= sizeof(*cp
))
1535 return cmd_status(sk
, index
, MGMT_OP_SET_IO_CAPABILITY
,
1536 MGMT_STATUS_INVALID_PARAMS
);
1538 hdev
= hci_dev_get(index
);
1540 return cmd_status(sk
, index
, MGMT_OP_SET_IO_CAPABILITY
,
1541 MGMT_STATUS_INVALID_PARAMS
);
1545 hdev
->io_capability
= cp
->io_capability
;
1547 BT_DBG("%s IO capability set to 0x%02x", hdev
->name
,
1548 hdev
->io_capability
);
1550 hci_dev_unlock(hdev
);
1553 return cmd_complete(sk
, index
, MGMT_OP_SET_IO_CAPABILITY
, NULL
, 0);
1556 static inline struct pending_cmd
*find_pairing(struct hci_conn
*conn
)
1558 struct hci_dev
*hdev
= conn
->hdev
;
1559 struct pending_cmd
*cmd
;
1561 list_for_each_entry(cmd
, &hdev
->mgmt_pending
, list
) {
1562 if (cmd
->opcode
!= MGMT_OP_PAIR_DEVICE
)
1565 if (cmd
->user_data
!= conn
)
1574 static void pairing_complete(struct pending_cmd
*cmd
, u8 status
)
1576 struct mgmt_rp_pair_device rp
;
1577 struct hci_conn
*conn
= cmd
->user_data
;
1579 bacpy(&rp
.addr
.bdaddr
, &conn
->dst
);
1580 rp
.addr
.type
= link_to_mgmt(conn
->type
, conn
->dst_type
);
1583 cmd_complete(cmd
->sk
, cmd
->index
, MGMT_OP_PAIR_DEVICE
, &rp
, sizeof(rp
));
1585 /* So we don't get further callbacks for this connection */
1586 conn
->connect_cfm_cb
= NULL
;
1587 conn
->security_cfm_cb
= NULL
;
1588 conn
->disconn_cfm_cb
= NULL
;
1592 mgmt_pending_remove(cmd
);
1595 static void pairing_complete_cb(struct hci_conn
*conn
, u8 status
)
1597 struct pending_cmd
*cmd
;
1599 BT_DBG("status %u", status
);
1601 cmd
= find_pairing(conn
);
1603 BT_DBG("Unable to find a pending command");
1605 pairing_complete(cmd
, status
);
1608 static int pair_device(struct sock
*sk
, u16 index
, void *data
, u16 len
)
1610 struct hci_dev
*hdev
;
1611 struct mgmt_cp_pair_device
*cp
= data
;
1612 struct mgmt_rp_pair_device rp
;
1613 struct pending_cmd
*cmd
;
1614 u8 sec_level
, auth_type
;
1615 struct hci_conn
*conn
;
1620 if (len
!= sizeof(*cp
))
1621 return cmd_status(sk
, index
, MGMT_OP_PAIR_DEVICE
,
1622 MGMT_STATUS_INVALID_PARAMS
);
1624 hdev
= hci_dev_get(index
);
1626 return cmd_status(sk
, index
, MGMT_OP_PAIR_DEVICE
,
1627 MGMT_STATUS_INVALID_PARAMS
);
1631 sec_level
= BT_SECURITY_MEDIUM
;
1632 if (cp
->io_cap
== 0x03)
1633 auth_type
= HCI_AT_DEDICATED_BONDING
;
1635 auth_type
= HCI_AT_DEDICATED_BONDING_MITM
;
1637 if (cp
->addr
.type
== MGMT_ADDR_BREDR
)
1638 conn
= hci_connect(hdev
, ACL_LINK
, &cp
->addr
.bdaddr
, sec_level
,
1641 conn
= hci_connect(hdev
, LE_LINK
, &cp
->addr
.bdaddr
, sec_level
,
1644 memset(&rp
, 0, sizeof(rp
));
1645 bacpy(&rp
.addr
.bdaddr
, &cp
->addr
.bdaddr
);
1646 rp
.addr
.type
= cp
->addr
.type
;
1649 rp
.status
= -PTR_ERR(conn
);
1650 err
= cmd_complete(sk
, index
, MGMT_OP_PAIR_DEVICE
,
1655 if (conn
->connect_cfm_cb
) {
1658 err
= cmd_complete(sk
, index
, MGMT_OP_PAIR_DEVICE
,
1663 cmd
= mgmt_pending_add(sk
, MGMT_OP_PAIR_DEVICE
, hdev
, data
, len
);
1670 /* For LE, just connecting isn't a proof that the pairing finished */
1671 if (cp
->addr
.type
== MGMT_ADDR_BREDR
)
1672 conn
->connect_cfm_cb
= pairing_complete_cb
;
1674 conn
->security_cfm_cb
= pairing_complete_cb
;
1675 conn
->disconn_cfm_cb
= pairing_complete_cb
;
1676 conn
->io_capability
= cp
->io_cap
;
1677 cmd
->user_data
= conn
;
1679 if (conn
->state
== BT_CONNECTED
&&
1680 hci_conn_security(conn
, sec_level
, auth_type
))
1681 pairing_complete(cmd
, 0);
1686 hci_dev_unlock(hdev
);
1692 static int cancel_pair_device(struct sock
*sk
, u16 index
,
1693 unsigned char *data
, u16 len
)
1695 struct mgmt_addr_info
*addr
= (void *) data
;
1696 struct hci_dev
*hdev
;
1697 struct pending_cmd
*cmd
;
1698 struct hci_conn
*conn
;
1703 if (len
!= sizeof(*addr
))
1704 return cmd_status(sk
, index
, MGMT_OP_CANCEL_PAIR_DEVICE
,
1705 MGMT_STATUS_INVALID_PARAMS
);
1707 hdev
= hci_dev_get(index
);
1709 return cmd_status(sk
, index
, MGMT_OP_CANCEL_PAIR_DEVICE
,
1710 MGMT_STATUS_INVALID_PARAMS
);
1714 cmd
= mgmt_pending_find(MGMT_OP_PAIR_DEVICE
, hdev
);
1716 err
= cmd_status(sk
, index
, MGMT_OP_CANCEL_PAIR_DEVICE
,
1717 MGMT_STATUS_INVALID_PARAMS
);
1721 conn
= cmd
->user_data
;
1723 if (bacmp(&addr
->bdaddr
, &conn
->dst
) != 0) {
1724 err
= cmd_status(sk
, index
, MGMT_OP_CANCEL_PAIR_DEVICE
,
1725 MGMT_STATUS_INVALID_PARAMS
);
1729 pairing_complete(cmd
, MGMT_STATUS_CANCELLED
);
1731 err
= cmd_complete(sk
, index
, MGMT_OP_CANCEL_PAIR_DEVICE
, addr
,
1734 hci_dev_unlock(hdev
);
1740 static int user_pairing_resp(struct sock
*sk
, u16 index
, bdaddr_t
*bdaddr
,
1741 u8 type
, u16 mgmt_op
, u16 hci_op
,
1744 struct pending_cmd
*cmd
;
1745 struct hci_dev
*hdev
;
1746 struct hci_conn
*conn
;
1749 hdev
= hci_dev_get(index
);
1751 return cmd_status(sk
, index
, mgmt_op
,
1752 MGMT_STATUS_INVALID_PARAMS
);
1756 if (!test_bit(HCI_UP
, &hdev
->flags
)) {
1757 err
= cmd_status(sk
, index
, mgmt_op
, MGMT_STATUS_NOT_POWERED
);
1761 if (type
== MGMT_ADDR_BREDR
)
1762 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, bdaddr
);
1764 conn
= hci_conn_hash_lookup_ba(hdev
, LE_LINK
, bdaddr
);
1767 err
= cmd_status(sk
, index
, mgmt_op
,
1768 MGMT_STATUS_NOT_CONNECTED
);
1772 if (type
== MGMT_ADDR_LE_PUBLIC
|| type
== MGMT_ADDR_LE_RANDOM
) {
1773 /* Continue with pairing via SMP */
1774 err
= smp_user_confirm_reply(conn
, mgmt_op
, passkey
);
1777 err
= cmd_status(sk
, index
, mgmt_op
,
1778 MGMT_STATUS_SUCCESS
);
1780 err
= cmd_status(sk
, index
, mgmt_op
,
1781 MGMT_STATUS_FAILED
);
1786 cmd
= mgmt_pending_add(sk
, mgmt_op
, hdev
, bdaddr
, sizeof(*bdaddr
));
1792 /* Continue with pairing via HCI */
1793 if (hci_op
== HCI_OP_USER_PASSKEY_REPLY
) {
1794 struct hci_cp_user_passkey_reply cp
;
1796 bacpy(&cp
.bdaddr
, bdaddr
);
1797 cp
.passkey
= passkey
;
1798 err
= hci_send_cmd(hdev
, hci_op
, sizeof(cp
), &cp
);
1800 err
= hci_send_cmd(hdev
, hci_op
, sizeof(*bdaddr
), bdaddr
);
1803 mgmt_pending_remove(cmd
);
1806 hci_dev_unlock(hdev
);
1812 static int user_confirm_reply(struct sock
*sk
, u16 index
, void *data
, u16 len
)
1814 struct mgmt_cp_user_confirm_reply
*cp
= data
;
1818 if (len
!= sizeof(*cp
))
1819 return cmd_status(sk
, index
, MGMT_OP_USER_CONFIRM_REPLY
,
1820 MGMT_STATUS_INVALID_PARAMS
);
1822 return user_pairing_resp(sk
, index
, &cp
->addr
.bdaddr
, cp
->addr
.type
,
1823 MGMT_OP_USER_CONFIRM_REPLY
,
1824 HCI_OP_USER_CONFIRM_REPLY
, 0);
1827 static int user_confirm_neg_reply(struct sock
*sk
, u16 index
, void *data
,
1830 struct mgmt_cp_user_confirm_neg_reply
*cp
= data
;
1834 if (len
!= sizeof(*cp
))
1835 return cmd_status(sk
, index
, MGMT_OP_USER_CONFIRM_NEG_REPLY
,
1836 MGMT_STATUS_INVALID_PARAMS
);
1838 return user_pairing_resp(sk
, index
, &cp
->addr
.bdaddr
, cp
->addr
.type
,
1839 MGMT_OP_USER_CONFIRM_NEG_REPLY
,
1840 HCI_OP_USER_CONFIRM_NEG_REPLY
, 0);
1843 static int user_passkey_reply(struct sock
*sk
, u16 index
, void *data
, u16 len
)
1845 struct mgmt_cp_user_passkey_reply
*cp
= data
;
1849 if (len
!= sizeof(*cp
))
1850 return cmd_status(sk
, index
, MGMT_OP_USER_PASSKEY_REPLY
,
1853 return user_pairing_resp(sk
, index
, &cp
->addr
.bdaddr
, cp
->addr
.type
,
1854 MGMT_OP_USER_PASSKEY_REPLY
,
1855 HCI_OP_USER_PASSKEY_REPLY
,
1859 static int user_passkey_neg_reply(struct sock
*sk
, u16 index
, void *data
,
1862 struct mgmt_cp_user_passkey_neg_reply
*cp
= data
;
1866 if (len
!= sizeof(*cp
))
1867 return cmd_status(sk
, index
, MGMT_OP_USER_PASSKEY_NEG_REPLY
,
1870 return user_pairing_resp(sk
, index
, &cp
->addr
.bdaddr
, cp
->addr
.type
,
1871 MGMT_OP_USER_PASSKEY_NEG_REPLY
,
1872 HCI_OP_USER_PASSKEY_NEG_REPLY
, 0);
1875 static int set_local_name(struct sock
*sk
, u16 index
, void *data
,
1878 struct mgmt_cp_set_local_name
*mgmt_cp
= data
;
1879 struct hci_cp_write_local_name hci_cp
;
1880 struct hci_dev
*hdev
;
1881 struct pending_cmd
*cmd
;
1886 if (len
!= sizeof(*mgmt_cp
))
1887 return cmd_status(sk
, index
, MGMT_OP_SET_LOCAL_NAME
,
1888 MGMT_STATUS_INVALID_PARAMS
);
1890 hdev
= hci_dev_get(index
);
1892 return cmd_status(sk
, index
, MGMT_OP_SET_LOCAL_NAME
,
1893 MGMT_STATUS_INVALID_PARAMS
);
1897 cmd
= mgmt_pending_add(sk
, MGMT_OP_SET_LOCAL_NAME
, hdev
, data
,
1904 memcpy(hci_cp
.name
, mgmt_cp
->name
, sizeof(hci_cp
.name
));
1905 err
= hci_send_cmd(hdev
, HCI_OP_WRITE_LOCAL_NAME
, sizeof(hci_cp
),
1908 mgmt_pending_remove(cmd
);
1911 hci_dev_unlock(hdev
);
1917 static int read_local_oob_data(struct sock
*sk
, u16 index
)
1919 struct hci_dev
*hdev
;
1920 struct pending_cmd
*cmd
;
1923 BT_DBG("hci%u", index
);
1925 hdev
= hci_dev_get(index
);
1927 return cmd_status(sk
, index
, MGMT_OP_READ_LOCAL_OOB_DATA
,
1928 MGMT_STATUS_INVALID_PARAMS
);
1932 if (!test_bit(HCI_UP
, &hdev
->flags
)) {
1933 err
= cmd_status(sk
, index
, MGMT_OP_READ_LOCAL_OOB_DATA
,
1934 MGMT_STATUS_NOT_POWERED
);
1938 if (!(hdev
->features
[6] & LMP_SIMPLE_PAIR
)) {
1939 err
= cmd_status(sk
, index
, MGMT_OP_READ_LOCAL_OOB_DATA
,
1940 MGMT_STATUS_NOT_SUPPORTED
);
1944 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA
, hdev
)) {
1945 err
= cmd_status(sk
, index
, MGMT_OP_READ_LOCAL_OOB_DATA
,
1950 cmd
= mgmt_pending_add(sk
, MGMT_OP_READ_LOCAL_OOB_DATA
, hdev
, NULL
, 0);
1956 err
= hci_send_cmd(hdev
, HCI_OP_READ_LOCAL_OOB_DATA
, 0, NULL
);
1958 mgmt_pending_remove(cmd
);
1961 hci_dev_unlock(hdev
);
1967 static int add_remote_oob_data(struct sock
*sk
, u16 index
, void *data
,
1970 struct hci_dev
*hdev
;
1971 struct mgmt_cp_add_remote_oob_data
*cp
= data
;
1974 BT_DBG("hci%u ", index
);
1976 if (len
!= sizeof(*cp
))
1977 return cmd_status(sk
, index
, MGMT_OP_ADD_REMOTE_OOB_DATA
,
1978 MGMT_STATUS_INVALID_PARAMS
);
1980 hdev
= hci_dev_get(index
);
1982 return cmd_status(sk
, index
, MGMT_OP_ADD_REMOTE_OOB_DATA
,
1983 MGMT_STATUS_INVALID_PARAMS
);
1987 err
= hci_add_remote_oob_data(hdev
, &cp
->addr
.bdaddr
, cp
->hash
,
1990 err
= cmd_status(sk
, index
, MGMT_OP_ADD_REMOTE_OOB_DATA
,
1991 MGMT_STATUS_FAILED
);
1993 err
= cmd_complete(sk
, index
, MGMT_OP_ADD_REMOTE_OOB_DATA
, NULL
,
1996 hci_dev_unlock(hdev
);
2002 static int remove_remote_oob_data(struct sock
*sk
, u16 index
,
2003 void *data
, u16 len
)
2005 struct hci_dev
*hdev
;
2006 struct mgmt_cp_remove_remote_oob_data
*cp
= data
;
2009 BT_DBG("hci%u ", index
);
2011 if (len
!= sizeof(*cp
))
2012 return cmd_status(sk
, index
, MGMT_OP_REMOVE_REMOTE_OOB_DATA
,
2013 MGMT_STATUS_INVALID_PARAMS
);
2015 hdev
= hci_dev_get(index
);
2017 return cmd_status(sk
, index
, MGMT_OP_REMOVE_REMOTE_OOB_DATA
,
2018 MGMT_STATUS_INVALID_PARAMS
);
2022 err
= hci_remove_remote_oob_data(hdev
, &cp
->addr
.bdaddr
);
2024 err
= cmd_status(sk
, index
, MGMT_OP_REMOVE_REMOTE_OOB_DATA
,
2025 MGMT_STATUS_INVALID_PARAMS
);
2027 err
= cmd_complete(sk
, index
, MGMT_OP_REMOVE_REMOTE_OOB_DATA
,
2030 hci_dev_unlock(hdev
);
2036 static int start_discovery(struct sock
*sk
, u16 index
,
2037 void *data
, u16 len
)
2039 struct mgmt_cp_start_discovery
*cp
= data
;
2040 unsigned long discov_type
= cp
->type
;
2041 struct pending_cmd
*cmd
;
2042 struct hci_dev
*hdev
;
2045 BT_DBG("hci%u", index
);
2047 if (len
!= sizeof(*cp
))
2048 return cmd_status(sk
, index
, MGMT_OP_START_DISCOVERY
,
2049 MGMT_STATUS_INVALID_PARAMS
);
2051 hdev
= hci_dev_get(index
);
2053 return cmd_status(sk
, index
, MGMT_OP_START_DISCOVERY
,
2054 MGMT_STATUS_INVALID_PARAMS
);
2058 if (!test_bit(HCI_UP
, &hdev
->flags
)) {
2059 err
= cmd_status(sk
, index
, MGMT_OP_START_DISCOVERY
,
2060 MGMT_STATUS_NOT_POWERED
);
2064 if (hdev
->discovery
.state
!= DISCOVERY_STOPPED
) {
2065 err
= cmd_status(sk
, index
, MGMT_OP_START_DISCOVERY
,
2070 cmd
= mgmt_pending_add(sk
, MGMT_OP_START_DISCOVERY
, hdev
, NULL
, 0);
2076 if (test_bit(MGMT_ADDR_BREDR
, &discov_type
))
2077 err
= hci_do_inquiry(hdev
, INQUIRY_LEN_BREDR
);
2078 else if (test_bit(MGMT_ADDR_LE_PUBLIC
, &discov_type
) &&
2079 test_bit(MGMT_ADDR_LE_RANDOM
, &discov_type
))
2080 err
= hci_le_scan(hdev
, LE_SCAN_TYPE
, LE_SCAN_INT
,
2081 LE_SCAN_WIN
, LE_SCAN_TIMEOUT_LE_ONLY
);
2086 mgmt_pending_remove(cmd
);
2088 hci_discovery_set_state(hdev
, DISCOVERY_STARTING
);
2091 hci_dev_unlock(hdev
);
2097 static int stop_discovery(struct sock
*sk
, u16 index
)
2099 struct hci_dev
*hdev
;
2100 struct pending_cmd
*cmd
;
2101 struct hci_cp_remote_name_req_cancel cp
;
2102 struct inquiry_entry
*e
;
2105 BT_DBG("hci%u", index
);
2107 hdev
= hci_dev_get(index
);
2109 return cmd_status(sk
, index
, MGMT_OP_STOP_DISCOVERY
,
2110 MGMT_STATUS_INVALID_PARAMS
);
2114 if (!hci_discovery_active(hdev
)) {
2115 err
= cmd_status(sk
, index
, MGMT_OP_STOP_DISCOVERY
,
2116 MGMT_STATUS_REJECTED
);
2120 cmd
= mgmt_pending_add(sk
, MGMT_OP_STOP_DISCOVERY
, hdev
, NULL
, 0);
2126 if (hdev
->discovery
.state
== DISCOVERY_INQUIRY
) {
2127 err
= hci_cancel_inquiry(hdev
);
2129 mgmt_pending_remove(cmd
);
2131 hci_discovery_set_state(hdev
, DISCOVERY_STOPPING
);
2135 e
= hci_inquiry_cache_lookup_resolve(hdev
, BDADDR_ANY
, NAME_PENDING
);
2137 mgmt_pending_remove(cmd
);
2138 err
= cmd_complete(sk
, index
, MGMT_OP_STOP_DISCOVERY
, NULL
, 0);
2139 hci_discovery_set_state(hdev
, DISCOVERY_STOPPED
);
2143 bacpy(&cp
.bdaddr
, &e
->data
.bdaddr
);
2144 err
= hci_send_cmd(hdev
, HCI_OP_REMOTE_NAME_REQ_CANCEL
,
2147 mgmt_pending_remove(cmd
);
2149 hci_discovery_set_state(hdev
, DISCOVERY_STOPPING
);
2152 hci_dev_unlock(hdev
);
2158 static int confirm_name(struct sock
*sk
, u16 index
, void *data
, u16 len
)
2160 struct mgmt_cp_confirm_name
*cp
= data
;
2161 struct inquiry_entry
*e
;
2162 struct hci_dev
*hdev
;
2165 BT_DBG("hci%u", index
);
2167 if (len
!= sizeof(*cp
))
2168 return cmd_status(sk
, index
, MGMT_OP_CONFIRM_NAME
,
2169 MGMT_STATUS_INVALID_PARAMS
);
2171 hdev
= hci_dev_get(index
);
2173 return cmd_status(sk
, index
, MGMT_OP_CONFIRM_NAME
,
2174 MGMT_STATUS_INVALID_PARAMS
);
2178 if (!hci_discovery_active(hdev
)) {
2179 err
= cmd_status(sk
, index
, MGMT_OP_CONFIRM_NAME
,
2180 MGMT_STATUS_FAILED
);
2184 e
= hci_inquiry_cache_lookup_unknown(hdev
, &cp
->bdaddr
);
2186 err
= cmd_status (sk
, index
, MGMT_OP_CONFIRM_NAME
,
2187 MGMT_STATUS_INVALID_PARAMS
);
2191 if (cp
->name_known
) {
2192 e
->name_state
= NAME_KNOWN
;
2195 e
->name_state
= NAME_NEEDED
;
2196 hci_inquiry_cache_update_resolve(hdev
, e
);
2202 hci_dev_unlock(hdev
);
2207 static int block_device(struct sock
*sk
, u16 index
, void *data
, u16 len
)
2209 struct hci_dev
*hdev
;
2210 struct mgmt_cp_block_device
*cp
= data
;
2213 BT_DBG("hci%u", index
);
2215 if (len
!= sizeof(*cp
))
2216 return cmd_status(sk
, index
, MGMT_OP_BLOCK_DEVICE
,
2217 MGMT_STATUS_INVALID_PARAMS
);
2219 hdev
= hci_dev_get(index
);
2221 return cmd_status(sk
, index
, MGMT_OP_BLOCK_DEVICE
,
2222 MGMT_STATUS_INVALID_PARAMS
);
2226 err
= hci_blacklist_add(hdev
, &cp
->addr
.bdaddr
, cp
->addr
.type
);
2228 err
= cmd_status(sk
, index
, MGMT_OP_BLOCK_DEVICE
,
2229 MGMT_STATUS_FAILED
);
2231 err
= cmd_complete(sk
, index
, MGMT_OP_BLOCK_DEVICE
,
2234 hci_dev_unlock(hdev
);
2240 static int unblock_device(struct sock
*sk
, u16 index
, void *data
, u16 len
)
2242 struct hci_dev
*hdev
;
2243 struct mgmt_cp_unblock_device
*cp
= data
;
2246 BT_DBG("hci%u", index
);
2248 if (len
!= sizeof(*cp
))
2249 return cmd_status(sk
, index
, MGMT_OP_UNBLOCK_DEVICE
,
2250 MGMT_STATUS_INVALID_PARAMS
);
2252 hdev
= hci_dev_get(index
);
2254 return cmd_status(sk
, index
, MGMT_OP_UNBLOCK_DEVICE
,
2255 MGMT_STATUS_INVALID_PARAMS
);
2259 err
= hci_blacklist_del(hdev
, &cp
->addr
.bdaddr
, cp
->addr
.type
);
2262 err
= cmd_status(sk
, index
, MGMT_OP_UNBLOCK_DEVICE
,
2263 MGMT_STATUS_INVALID_PARAMS
);
2265 err
= cmd_complete(sk
, index
, MGMT_OP_UNBLOCK_DEVICE
,
2268 hci_dev_unlock(hdev
);
2274 static int set_fast_connectable(struct sock
*sk
, u16 index
,
2275 void *data
, u16 len
)
2277 struct hci_dev
*hdev
;
2278 struct mgmt_mode
*cp
= data
;
2279 struct hci_cp_write_page_scan_activity acp
;
2283 BT_DBG("hci%u", index
);
2285 if (len
!= sizeof(*cp
))
2286 return cmd_status(sk
, index
, MGMT_OP_SET_FAST_CONNECTABLE
,
2287 MGMT_STATUS_INVALID_PARAMS
);
2289 hdev
= hci_dev_get(index
);
2291 return cmd_status(sk
, index
, MGMT_OP_SET_FAST_CONNECTABLE
,
2292 MGMT_STATUS_INVALID_PARAMS
);
2297 type
= PAGE_SCAN_TYPE_INTERLACED
;
2298 acp
.interval
= 0x0024; /* 22.5 msec page scan interval */
2300 type
= PAGE_SCAN_TYPE_STANDARD
; /* default */
2301 acp
.interval
= 0x0800; /* default 1.28 sec page scan */
2304 acp
.window
= 0x0012; /* default 11.25 msec page scan window */
2306 err
= hci_send_cmd(hdev
, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY
,
2309 err
= cmd_status(sk
, index
, MGMT_OP_SET_FAST_CONNECTABLE
,
2310 MGMT_STATUS_FAILED
);
2314 err
= hci_send_cmd(hdev
, HCI_OP_WRITE_PAGE_SCAN_TYPE
, 1, &type
);
2316 err
= cmd_status(sk
, index
, MGMT_OP_SET_FAST_CONNECTABLE
,
2317 MGMT_STATUS_FAILED
);
2321 err
= cmd_complete(sk
, index
, MGMT_OP_SET_FAST_CONNECTABLE
,
2324 hci_dev_unlock(hdev
);
2330 static int load_long_term_keys(struct sock
*sk
, u16 index
,
2331 void *cp_data
, u16 len
)
2333 struct hci_dev
*hdev
;
2334 struct mgmt_cp_load_long_term_keys
*cp
= cp_data
;
2335 u16 key_count
, expected_len
;
2338 if (len
< sizeof(*cp
))
2339 return cmd_status(sk
, index
, MGMT_OP_LOAD_LONG_TERM_KEYS
,
2342 key_count
= get_unaligned_le16(&cp
->key_count
);
2344 expected_len
= sizeof(*cp
) + key_count
*
2345 sizeof(struct mgmt_ltk_info
);
2346 if (expected_len
!= len
) {
2347 BT_ERR("load_keys: expected %u bytes, got %u bytes",
2349 return cmd_status(sk
, index
, MGMT_OP_LOAD_LONG_TERM_KEYS
,
2353 hdev
= hci_dev_get(index
);
2355 return cmd_status(sk
, index
, MGMT_OP_LOAD_LONG_TERM_KEYS
,
2358 BT_DBG("hci%u key_count %u", index
, key_count
);
2362 hci_smp_ltks_clear(hdev
);
2364 for (i
= 0; i
< key_count
; i
++) {
2365 struct mgmt_ltk_info
*key
= &cp
->keys
[i
];
2371 type
= HCI_SMP_LTK_SLAVE
;
2373 hci_add_ltk(hdev
, &key
->addr
.bdaddr
, key
->addr
.type
,
2374 type
, 0, key
->authenticated
, key
->val
,
2375 key
->enc_size
, key
->ediv
, key
->rand
);
2378 hci_dev_unlock(hdev
);
2384 int mgmt_control(struct sock
*sk
, struct msghdr
*msg
, size_t msglen
)
2388 struct mgmt_hdr
*hdr
;
2389 u16 opcode
, index
, len
;
2392 BT_DBG("got %zu bytes", msglen
);
2394 if (msglen
< sizeof(*hdr
))
2397 buf
= kmalloc(msglen
, GFP_KERNEL
);
2401 if (memcpy_fromiovec(buf
, msg
->msg_iov
, msglen
)) {
2407 opcode
= get_unaligned_le16(&hdr
->opcode
);
2408 index
= get_unaligned_le16(&hdr
->index
);
2409 len
= get_unaligned_le16(&hdr
->len
);
2411 if (len
!= msglen
- sizeof(*hdr
)) {
2416 cp
= buf
+ sizeof(*hdr
);
2419 case MGMT_OP_READ_VERSION
:
2420 err
= read_version(sk
);
2422 case MGMT_OP_READ_COMMANDS
:
2423 err
= read_commands(sk
);
2425 case MGMT_OP_READ_INDEX_LIST
:
2426 err
= read_index_list(sk
);
2428 case MGMT_OP_READ_INFO
:
2429 err
= read_controller_info(sk
, index
);
2431 case MGMT_OP_SET_POWERED
:
2432 err
= set_powered(sk
, index
, cp
, len
);
2434 case MGMT_OP_SET_DISCOVERABLE
:
2435 err
= set_discoverable(sk
, index
, cp
, len
);
2437 case MGMT_OP_SET_CONNECTABLE
:
2438 err
= set_connectable(sk
, index
, cp
, len
);
2440 case MGMT_OP_SET_FAST_CONNECTABLE
:
2441 err
= set_fast_connectable(sk
, index
, cp
, len
);
2443 case MGMT_OP_SET_PAIRABLE
:
2444 err
= set_pairable(sk
, index
, cp
, len
);
2446 case MGMT_OP_ADD_UUID
:
2447 err
= add_uuid(sk
, index
, cp
, len
);
2449 case MGMT_OP_REMOVE_UUID
:
2450 err
= remove_uuid(sk
, index
, cp
, len
);
2452 case MGMT_OP_SET_DEV_CLASS
:
2453 err
= set_dev_class(sk
, index
, cp
, len
);
2455 case MGMT_OP_LOAD_LINK_KEYS
:
2456 err
= load_link_keys(sk
, index
, cp
, len
);
2458 case MGMT_OP_DISCONNECT
:
2459 err
= disconnect(sk
, index
, cp
, len
);
2461 case MGMT_OP_GET_CONNECTIONS
:
2462 err
= get_connections(sk
, index
);
2464 case MGMT_OP_PIN_CODE_REPLY
:
2465 err
= pin_code_reply(sk
, index
, cp
, len
);
2467 case MGMT_OP_PIN_CODE_NEG_REPLY
:
2468 err
= pin_code_neg_reply(sk
, index
, cp
, len
);
2470 case MGMT_OP_SET_IO_CAPABILITY
:
2471 err
= set_io_capability(sk
, index
, cp
, len
);
2473 case MGMT_OP_PAIR_DEVICE
:
2474 err
= pair_device(sk
, index
, cp
, len
);
2476 case MGMT_OP_CANCEL_PAIR_DEVICE
:
2477 err
= cancel_pair_device(sk
, index
, buf
+ sizeof(*hdr
), len
);
2479 case MGMT_OP_UNPAIR_DEVICE
:
2480 err
= unpair_device(sk
, index
, cp
, len
);
2482 case MGMT_OP_USER_CONFIRM_REPLY
:
2483 err
= user_confirm_reply(sk
, index
, cp
, len
);
2485 case MGMT_OP_USER_CONFIRM_NEG_REPLY
:
2486 err
= user_confirm_neg_reply(sk
, index
, cp
, len
);
2488 case MGMT_OP_USER_PASSKEY_REPLY
:
2489 err
= user_passkey_reply(sk
, index
, cp
, len
);
2491 case MGMT_OP_USER_PASSKEY_NEG_REPLY
:
2492 err
= user_passkey_neg_reply(sk
, index
, cp
, len
);
2494 case MGMT_OP_SET_LOCAL_NAME
:
2495 err
= set_local_name(sk
, index
, cp
, len
);
2497 case MGMT_OP_READ_LOCAL_OOB_DATA
:
2498 err
= read_local_oob_data(sk
, index
);
2500 case MGMT_OP_ADD_REMOTE_OOB_DATA
:
2501 err
= add_remote_oob_data(sk
, index
, cp
, len
);
2503 case MGMT_OP_REMOVE_REMOTE_OOB_DATA
:
2504 err
= remove_remote_oob_data(sk
, index
, cp
, len
);
2506 case MGMT_OP_START_DISCOVERY
:
2507 err
= start_discovery(sk
, index
, cp
, len
);
2509 case MGMT_OP_STOP_DISCOVERY
:
2510 err
= stop_discovery(sk
, index
);
2512 case MGMT_OP_CONFIRM_NAME
:
2513 err
= confirm_name(sk
, index
, cp
, len
);
2515 case MGMT_OP_BLOCK_DEVICE
:
2516 err
= block_device(sk
, index
, cp
, len
);
2518 case MGMT_OP_UNBLOCK_DEVICE
:
2519 err
= unblock_device(sk
, index
, cp
, len
);
2521 case MGMT_OP_LOAD_LONG_TERM_KEYS
:
2522 err
= load_long_term_keys(sk
, index
, cp
, len
);
2525 BT_DBG("Unknown op %u", opcode
);
2526 err
= cmd_status(sk
, index
, opcode
,
2527 MGMT_STATUS_UNKNOWN_COMMAND
);
2541 static void cmd_status_rsp(struct pending_cmd
*cmd
, void *data
)
2545 cmd_status(cmd
->sk
, cmd
->index
, cmd
->opcode
, *status
);
2546 mgmt_pending_remove(cmd
);
2549 int mgmt_index_added(struct hci_dev
*hdev
)
2551 return mgmt_event(MGMT_EV_INDEX_ADDED
, hdev
, NULL
, 0, NULL
);
2554 int mgmt_index_removed(struct hci_dev
*hdev
)
2558 mgmt_pending_foreach(0, hdev
, cmd_status_rsp
, &status
);
2560 return mgmt_event(MGMT_EV_INDEX_REMOVED
, hdev
, NULL
, 0, NULL
);
2565 struct hci_dev
*hdev
;
2568 static void settings_rsp(struct pending_cmd
*cmd
, void *data
)
2570 struct cmd_lookup
*match
= data
;
2572 send_settings_rsp(cmd
->sk
, cmd
->opcode
, match
->hdev
);
2574 list_del(&cmd
->list
);
2576 if (match
->sk
== NULL
) {
2577 match
->sk
= cmd
->sk
;
2578 sock_hold(match
->sk
);
2581 mgmt_pending_free(cmd
);
2584 int mgmt_powered(struct hci_dev
*hdev
, u8 powered
)
2586 struct cmd_lookup match
= { NULL
, hdev
};
2590 mgmt_pending_foreach(MGMT_OP_SET_POWERED
, hdev
, settings_rsp
, &match
);
2593 u8 status
= ENETDOWN
;
2594 mgmt_pending_foreach(0, hdev
, cmd_status_rsp
, &status
);
2597 ev
= cpu_to_le32(get_current_settings(hdev
));
2599 err
= mgmt_event(MGMT_EV_NEW_SETTINGS
, hdev
, &ev
, sizeof(ev
),
2608 int mgmt_discoverable(struct hci_dev
*hdev
, u8 discoverable
)
2610 struct cmd_lookup match
= { NULL
, hdev
};
2614 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE
, hdev
, settings_rsp
, &match
);
2616 ev
= cpu_to_le32(get_current_settings(hdev
));
2618 err
= mgmt_event(MGMT_EV_NEW_SETTINGS
, hdev
, &ev
, sizeof(ev
),
2626 int mgmt_connectable(struct hci_dev
*hdev
, u8 connectable
)
2629 struct cmd_lookup match
= { NULL
, hdev
};
2632 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE
, hdev
, settings_rsp
,
2635 ev
= cpu_to_le32(get_current_settings(hdev
));
2637 err
= mgmt_event(MGMT_EV_NEW_SETTINGS
, hdev
, &ev
, sizeof(ev
), match
.sk
);
2645 int mgmt_write_scan_failed(struct hci_dev
*hdev
, u8 scan
, u8 status
)
2647 u8 mgmt_err
= mgmt_status(status
);
2649 if (scan
& SCAN_PAGE
)
2650 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE
, hdev
,
2651 cmd_status_rsp
, &mgmt_err
);
2653 if (scan
& SCAN_INQUIRY
)
2654 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE
, hdev
,
2655 cmd_status_rsp
, &mgmt_err
);
2660 int mgmt_new_link_key(struct hci_dev
*hdev
, struct link_key
*key
,
2663 struct mgmt_ev_new_link_key ev
;
2665 memset(&ev
, 0, sizeof(ev
));
2667 ev
.store_hint
= persistent
;
2668 bacpy(&ev
.key
.bdaddr
, &key
->bdaddr
);
2669 ev
.key
.type
= key
->type
;
2670 memcpy(ev
.key
.val
, key
->val
, 16);
2671 ev
.key
.pin_len
= key
->pin_len
;
2673 return mgmt_event(MGMT_EV_NEW_LINK_KEY
, hdev
, &ev
, sizeof(ev
), NULL
);
2676 int mgmt_new_ltk(struct hci_dev
*hdev
, struct smp_ltk
*key
, u8 persistent
)
2678 struct mgmt_ev_new_long_term_key ev
;
2680 memset(&ev
, 0, sizeof(ev
));
2682 ev
.store_hint
= persistent
;
2683 bacpy(&ev
.key
.addr
.bdaddr
, &key
->bdaddr
);
2684 ev
.key
.addr
.type
= key
->bdaddr_type
;
2685 ev
.key
.authenticated
= key
->authenticated
;
2686 ev
.key
.enc_size
= key
->enc_size
;
2687 ev
.key
.ediv
= key
->ediv
;
2689 if (key
->type
== HCI_SMP_LTK
)
2692 memcpy(ev
.key
.rand
, key
->rand
, sizeof(key
->rand
));
2693 memcpy(ev
.key
.val
, key
->val
, sizeof(key
->val
));
2695 return mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY
, hdev
,
2696 &ev
, sizeof(ev
), NULL
);
2699 int mgmt_device_connected(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
, u8 link_type
,
2700 u8 addr_type
, u8
*name
, u8 name_len
,
2704 struct mgmt_ev_device_connected
*ev
= (void *) buf
;
2707 bacpy(&ev
->addr
.bdaddr
, bdaddr
);
2708 ev
->addr
.type
= link_to_mgmt(link_type
, addr_type
);
2711 eir_len
= eir_append_data(ev
->eir
, 0, EIR_NAME_COMPLETE
,
2714 if (dev_class
&& memcmp(dev_class
, "\0\0\0", 3) != 0)
2715 eir_len
= eir_append_data(&ev
->eir
[eir_len
], eir_len
,
2716 EIR_CLASS_OF_DEV
, dev_class
, 3);
2718 put_unaligned_le16(eir_len
, &ev
->eir_len
);
2720 return mgmt_event(MGMT_EV_DEVICE_CONNECTED
, hdev
, buf
,
2721 sizeof(*ev
) + eir_len
, NULL
);
2724 static void disconnect_rsp(struct pending_cmd
*cmd
, void *data
)
2726 struct mgmt_cp_disconnect
*cp
= cmd
->param
;
2727 struct sock
**sk
= data
;
2728 struct mgmt_rp_disconnect rp
;
2730 bacpy(&rp
.addr
.bdaddr
, &cp
->addr
.bdaddr
);
2731 rp
.addr
.type
= cp
->addr
.type
;
2734 cmd_complete(cmd
->sk
, cmd
->index
, MGMT_OP_DISCONNECT
, &rp
, sizeof(rp
));
2739 mgmt_pending_remove(cmd
);
2742 static void unpair_device_rsp(struct pending_cmd
*cmd
, void *data
)
2744 struct hci_dev
*hdev
= data
;
2745 struct mgmt_cp_unpair_device
*cp
= cmd
->param
;
2746 struct mgmt_rp_unpair_device rp
;
2748 memset(&rp
, 0, sizeof(rp
));
2749 bacpy(&rp
.addr
.bdaddr
, &cp
->addr
.bdaddr
);
2750 rp
.addr
.type
= cp
->addr
.type
;
2752 device_unpaired(hdev
, &cp
->addr
.bdaddr
, cp
->addr
.type
, cmd
->sk
);
2754 cmd_complete(cmd
->sk
, cmd
->index
, cmd
->opcode
, &rp
, sizeof(rp
));
2756 mgmt_pending_remove(cmd
);
2759 int mgmt_device_disconnected(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
,
2760 u8 link_type
, u8 addr_type
)
2762 struct mgmt_addr_info ev
;
2763 struct sock
*sk
= NULL
;
2766 mgmt_pending_foreach(MGMT_OP_DISCONNECT
, hdev
, disconnect_rsp
, &sk
);
2768 bacpy(&ev
.bdaddr
, bdaddr
);
2769 ev
.type
= link_to_mgmt(link_type
, addr_type
);
2771 err
= mgmt_event(MGMT_EV_DEVICE_DISCONNECTED
, hdev
, &ev
, sizeof(ev
),
2777 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE
, hdev
, unpair_device_rsp
,
2783 int mgmt_disconnect_failed(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
,
2784 u8 link_type
, u8 addr_type
, u8 status
)
2786 struct mgmt_rp_disconnect rp
;
2787 struct pending_cmd
*cmd
;
2790 cmd
= mgmt_pending_find(MGMT_OP_DISCONNECT
, hdev
);
2794 bacpy(&rp
.addr
.bdaddr
, bdaddr
);
2795 rp
.addr
.type
= link_to_mgmt(link_type
, addr_type
);
2796 rp
.status
= mgmt_status(status
);
2798 err
= cmd_complete(cmd
->sk
, cmd
->index
, MGMT_OP_DISCONNECT
,
2801 mgmt_pending_remove(cmd
);
2803 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE
, hdev
, unpair_device_rsp
,
2808 int mgmt_connect_failed(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
, u8 link_type
,
2809 u8 addr_type
, u8 status
)
2811 struct mgmt_ev_connect_failed ev
;
2813 bacpy(&ev
.addr
.bdaddr
, bdaddr
);
2814 ev
.addr
.type
= link_to_mgmt(link_type
, addr_type
);
2815 ev
.status
= mgmt_status(status
);
2817 return mgmt_event(MGMT_EV_CONNECT_FAILED
, hdev
, &ev
, sizeof(ev
), NULL
);
2820 int mgmt_pin_code_request(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
, u8 secure
)
2822 struct mgmt_ev_pin_code_request ev
;
2824 bacpy(&ev
.bdaddr
, bdaddr
);
2827 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST
, hdev
, &ev
, sizeof(ev
),
2831 int mgmt_pin_code_reply_complete(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
,
2834 struct pending_cmd
*cmd
;
2835 struct mgmt_rp_pin_code_reply rp
;
2838 cmd
= mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY
, hdev
);
2842 bacpy(&rp
.bdaddr
, bdaddr
);
2843 rp
.status
= mgmt_status(status
);
2845 err
= cmd_complete(cmd
->sk
, hdev
->id
, MGMT_OP_PIN_CODE_REPLY
, &rp
,
2848 mgmt_pending_remove(cmd
);
2853 int mgmt_pin_code_neg_reply_complete(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
,
2856 struct pending_cmd
*cmd
;
2857 struct mgmt_rp_pin_code_reply rp
;
2860 cmd
= mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY
, hdev
);
2864 bacpy(&rp
.bdaddr
, bdaddr
);
2865 rp
.status
= mgmt_status(status
);
2867 err
= cmd_complete(cmd
->sk
, hdev
->id
, MGMT_OP_PIN_CODE_NEG_REPLY
, &rp
,
2870 mgmt_pending_remove(cmd
);
2875 int mgmt_user_confirm_request(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
,
2876 u8 link_type
, u8 addr_type
, __le32 value
,
2879 struct mgmt_ev_user_confirm_request ev
;
2881 BT_DBG("%s", hdev
->name
);
2883 bacpy(&ev
.addr
.bdaddr
, bdaddr
);
2884 ev
.addr
.type
= link_to_mgmt(link_type
, addr_type
);
2885 ev
.confirm_hint
= confirm_hint
;
2886 put_unaligned_le32(value
, &ev
.value
);
2888 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST
, hdev
, &ev
, sizeof(ev
),
2892 int mgmt_user_passkey_request(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
,
2893 u8 link_type
, u8 addr_type
)
2895 struct mgmt_ev_user_passkey_request ev
;
2897 BT_DBG("%s", hdev
->name
);
2899 bacpy(&ev
.addr
.bdaddr
, bdaddr
);
2900 ev
.addr
.type
= link_to_mgmt(link_type
, addr_type
);
2902 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST
, hdev
, &ev
, sizeof(ev
),
2906 static int user_pairing_resp_complete(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
,
2907 u8 link_type
, u8 addr_type
, u8 status
,
2910 struct pending_cmd
*cmd
;
2911 struct mgmt_rp_user_confirm_reply rp
;
2914 cmd
= mgmt_pending_find(opcode
, hdev
);
2918 bacpy(&rp
.addr
.bdaddr
, bdaddr
);
2919 rp
.addr
.type
= link_to_mgmt(link_type
, addr_type
);
2920 rp
.status
= mgmt_status(status
);
2921 err
= cmd_complete(cmd
->sk
, hdev
->id
, opcode
, &rp
, sizeof(rp
));
2923 mgmt_pending_remove(cmd
);
2928 int mgmt_user_confirm_reply_complete(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
,
2929 u8 link_type
, u8 addr_type
, u8 status
)
2931 return user_pairing_resp_complete(hdev
, bdaddr
, link_type
, addr_type
,
2932 status
, MGMT_OP_USER_CONFIRM_REPLY
);
2935 int mgmt_user_confirm_neg_reply_complete(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
,
2936 u8 link_type
, u8 addr_type
, u8 status
)
2938 return user_pairing_resp_complete(hdev
, bdaddr
, link_type
, addr_type
,
2939 status
, MGMT_OP_USER_CONFIRM_NEG_REPLY
);
2942 int mgmt_user_passkey_reply_complete(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
,
2943 u8 link_type
, u8 addr_type
, u8 status
)
2945 return user_pairing_resp_complete(hdev
, bdaddr
, link_type
, addr_type
,
2946 status
, MGMT_OP_USER_PASSKEY_REPLY
);
2949 int mgmt_user_passkey_neg_reply_complete(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
,
2950 u8 link_type
, u8 addr_type
, u8 status
)
2952 return user_pairing_resp_complete(hdev
, bdaddr
, link_type
, addr_type
,
2953 status
, MGMT_OP_USER_PASSKEY_NEG_REPLY
);
2956 int mgmt_auth_failed(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
, u8 link_type
,
2957 u8 addr_type
, u8 status
)
2959 struct mgmt_ev_auth_failed ev
;
2961 bacpy(&ev
.addr
.bdaddr
, bdaddr
);
2962 ev
.addr
.type
= link_to_mgmt(link_type
, addr_type
);
2963 ev
.status
= mgmt_status(status
);
2965 return mgmt_event(MGMT_EV_AUTH_FAILED
, hdev
, &ev
, sizeof(ev
), NULL
);
2968 int mgmt_set_local_name_complete(struct hci_dev
*hdev
, u8
*name
, u8 status
)
2970 struct pending_cmd
*cmd
;
2971 struct mgmt_cp_set_local_name ev
;
2974 memset(&ev
, 0, sizeof(ev
));
2975 memcpy(ev
.name
, name
, HCI_MAX_NAME_LENGTH
);
2977 cmd
= mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME
, hdev
);
2982 err
= cmd_status(cmd
->sk
, hdev
->id
, MGMT_OP_SET_LOCAL_NAME
,
2983 mgmt_status(status
));
2989 err
= cmd_complete(cmd
->sk
, hdev
->id
, MGMT_OP_SET_LOCAL_NAME
, &ev
,
2995 err
= mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED
, hdev
, &ev
, sizeof(ev
),
2996 cmd
? cmd
->sk
: NULL
);
3000 mgmt_pending_remove(cmd
);
3004 int mgmt_read_local_oob_data_reply_complete(struct hci_dev
*hdev
, u8
*hash
,
3005 u8
*randomizer
, u8 status
)
3007 struct pending_cmd
*cmd
;
3010 BT_DBG("%s status %u", hdev
->name
, status
);
3012 cmd
= mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA
, hdev
);
3017 err
= cmd_status(cmd
->sk
, hdev
->id
,
3018 MGMT_OP_READ_LOCAL_OOB_DATA
,
3019 mgmt_status(status
));
3021 struct mgmt_rp_read_local_oob_data rp
;
3023 memcpy(rp
.hash
, hash
, sizeof(rp
.hash
));
3024 memcpy(rp
.randomizer
, randomizer
, sizeof(rp
.randomizer
));
3026 err
= cmd_complete(cmd
->sk
, hdev
->id
,
3027 MGMT_OP_READ_LOCAL_OOB_DATA
,
3031 mgmt_pending_remove(cmd
);
3036 int mgmt_device_found(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
, u8 link_type
,
3037 u8 addr_type
, u8
*dev_class
, s8 rssi
,
3038 u8 cfm_name
, u8
*eir
, u16 eir_len
)
3041 struct mgmt_ev_device_found
*ev
= (void *) buf
;
3044 /* Leave 5 bytes for a potential CoD field */
3045 if (sizeof(*ev
) + eir_len
+ 5 > sizeof(buf
))
3048 memset(buf
, 0, sizeof(buf
));
3050 bacpy(&ev
->addr
.bdaddr
, bdaddr
);
3051 ev
->addr
.type
= link_to_mgmt(link_type
, addr_type
);
3053 ev
->confirm_name
= cfm_name
;
3056 memcpy(ev
->eir
, eir
, eir_len
);
3058 if (dev_class
&& !eir_has_data_type(ev
->eir
, eir_len
, EIR_CLASS_OF_DEV
))
3059 eir_len
= eir_append_data(ev
->eir
, eir_len
, EIR_CLASS_OF_DEV
,
3062 put_unaligned_le16(eir_len
, &ev
->eir_len
);
3064 ev_size
= sizeof(*ev
) + eir_len
;
3066 return mgmt_event(MGMT_EV_DEVICE_FOUND
, hdev
, ev
, ev_size
, NULL
);
3069 int mgmt_remote_name(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
, u8 link_type
,
3070 u8 addr_type
, s8 rssi
, u8
*name
, u8 name_len
)
3072 struct mgmt_ev_device_found
*ev
;
3073 char buf
[sizeof(*ev
) + HCI_MAX_NAME_LENGTH
+ 2];
3076 ev
= (struct mgmt_ev_device_found
*) buf
;
3078 memset(buf
, 0, sizeof(buf
));
3080 bacpy(&ev
->addr
.bdaddr
, bdaddr
);
3081 ev
->addr
.type
= link_to_mgmt(link_type
, addr_type
);
3084 eir_len
= eir_append_data(ev
->eir
, 0, EIR_NAME_COMPLETE
, name
,
3087 put_unaligned_le16(eir_len
, &ev
->eir_len
);
3089 return mgmt_event(MGMT_EV_DEVICE_FOUND
, hdev
, ev
,
3090 sizeof(*ev
) + eir_len
, NULL
);
3093 int mgmt_start_discovery_failed(struct hci_dev
*hdev
, u8 status
)
3095 struct pending_cmd
*cmd
;
3098 hci_discovery_set_state(hdev
, DISCOVERY_STOPPED
);
3100 cmd
= mgmt_pending_find(MGMT_OP_START_DISCOVERY
, hdev
);
3104 err
= cmd_status(cmd
->sk
, hdev
->id
, cmd
->opcode
, mgmt_status(status
));
3105 mgmt_pending_remove(cmd
);
3110 int mgmt_stop_discovery_failed(struct hci_dev
*hdev
, u8 status
)
3112 struct pending_cmd
*cmd
;
3115 cmd
= mgmt_pending_find(MGMT_OP_STOP_DISCOVERY
, hdev
);
3119 err
= cmd_status(cmd
->sk
, hdev
->id
, cmd
->opcode
, mgmt_status(status
));
3120 mgmt_pending_remove(cmd
);
3125 int mgmt_discovering(struct hci_dev
*hdev
, u8 discovering
)
3127 struct pending_cmd
*cmd
;
3129 BT_DBG("%s discovering %u", hdev
->name
, discovering
);
3132 cmd
= mgmt_pending_find(MGMT_OP_START_DISCOVERY
, hdev
);
3134 cmd
= mgmt_pending_find(MGMT_OP_STOP_DISCOVERY
, hdev
);
3137 cmd_complete(cmd
->sk
, hdev
->id
, cmd
->opcode
, NULL
, 0);
3138 mgmt_pending_remove(cmd
);
3141 return mgmt_event(MGMT_EV_DISCOVERING
, hdev
, &discovering
,
3142 sizeof(discovering
), NULL
);
3145 int mgmt_device_blocked(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
, u8 type
)
3147 struct pending_cmd
*cmd
;
3148 struct mgmt_ev_device_blocked ev
;
3150 cmd
= mgmt_pending_find(MGMT_OP_BLOCK_DEVICE
, hdev
);
3152 bacpy(&ev
.addr
.bdaddr
, bdaddr
);
3153 ev
.addr
.type
= type
;
3155 return mgmt_event(MGMT_EV_DEVICE_BLOCKED
, hdev
, &ev
, sizeof(ev
),
3156 cmd
? cmd
->sk
: NULL
);
3159 int mgmt_device_unblocked(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
, u8 type
)
3161 struct pending_cmd
*cmd
;
3162 struct mgmt_ev_device_unblocked ev
;
3164 cmd
= mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE
, hdev
);
3166 bacpy(&ev
.addr
.bdaddr
, bdaddr
);
3167 ev
.addr
.type
= type
;
3169 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED
, hdev
, &ev
, sizeof(ev
),
3170 cmd
? cmd
->sk
: NULL
);