Doug / smarc-fsl-linux-kernel

Download as
Browse Code ยป

Commit d839c81372d1f0caee47f87b26a68e91d4ff3847

Authored by Gustavo Padovan
Committed by Gustavo Padovan
1 parent c5daa683f2
Exists in smarc-l5.0.0_1.0.0-ga and in 5 other branches imx_3.10.17_1.0.1_ga, imx_3.10.53_1.1.0_ga, imx_3.14.28_1.0.0_ga, smarc-imx_3.10.53_1.1.0_ga, smarc-imx_3.14.28_1.0.0_ga

Bluetooth: Report proper error number in disconnection 

If encryption change fails we should disconnect with auth failure error
code.

Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>

Showing 1 changed file with 1 additions and 1 deletions Inline Diff

net/bluetooth/hci_event.c
Diff comments   View file @ d839c81
1 /* 1 /*
2 BlueZ - Bluetooth protocol stack for Linux 2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved. 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
4 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6 6
7 This program is free software; you can redistribute it and/or modify 7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as 8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation; 9 published by the Free Software Foundation;
10 10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED. 22 SOFTWARE IS DISCLAIMED.
23 */ 23 */
24 24
25 /* Bluetooth HCI event handling. */ 25 /* Bluetooth HCI event handling. */
26 26
27 #include <linux/module.h> 27 #include <linux/module.h>
28 28
29 #include <linux/types.h> 29 #include <linux/types.h>
30 #include <linux/errno.h> 30 #include <linux/errno.h>
31 #include <linux/kernel.h> 31 #include <linux/kernel.h>
32 #include <linux/slab.h> 32 #include <linux/slab.h>
33 #include <linux/poll.h> 33 #include <linux/poll.h>
34 #include <linux/fcntl.h> 34 #include <linux/fcntl.h>
35 #include <linux/init.h> 35 #include <linux/init.h>
36 #include <linux/skbuff.h> 36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h> 37 #include <linux/interrupt.h>
38 #include <net/sock.h> 38 #include <net/sock.h>
39 39
40 #include <linux/uaccess.h> 40 #include <linux/uaccess.h>
41 #include <asm/unaligned.h> 41 #include <asm/unaligned.h>
42 42
43 #include <net/bluetooth/bluetooth.h> 43 #include <net/bluetooth/bluetooth.h>
44 #include <net/bluetooth/hci_core.h> 44 #include <net/bluetooth/hci_core.h>
45 45
46 /* Handle HCI Event packets */ 46 /* Handle HCI Event packets */
47 47
48 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb) 48 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
49 { 49 {
50 __u8 status = *((__u8 *) skb->data); 50 __u8 status = *((__u8 *) skb->data);
51 51
52 BT_DBG("%s status 0x%x", hdev->name, status); 52 BT_DBG("%s status 0x%x", hdev->name, status);
53 53
54 if (status) { 54 if (status) {
55 hci_dev_lock(hdev); 55 hci_dev_lock(hdev);
56 mgmt_stop_discovery_failed(hdev, status); 56 mgmt_stop_discovery_failed(hdev, status);
57 hci_dev_unlock(hdev); 57 hci_dev_unlock(hdev);
58 return; 58 return;
59 } 59 }
60 60
61 clear_bit(HCI_INQUIRY, &hdev->flags); 61 clear_bit(HCI_INQUIRY, &hdev->flags);
62 62
63 hci_dev_lock(hdev); 63 hci_dev_lock(hdev);
64 hci_discovery_set_state(hdev, DISCOVERY_STOPPED); 64 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
65 hci_dev_unlock(hdev); 65 hci_dev_unlock(hdev);
66 66
67 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status); 67 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
68 68
69 hci_conn_check_pending(hdev); 69 hci_conn_check_pending(hdev);
70 } 70 }
71 71
72 static void hci_cc_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb) 72 static void hci_cc_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
73 { 73 {
74 __u8 status = *((__u8 *) skb->data); 74 __u8 status = *((__u8 *) skb->data);
75 75
76 BT_DBG("%s status 0x%x", hdev->name, status); 76 BT_DBG("%s status 0x%x", hdev->name, status);
77 77
78 if (status) 78 if (status)
79 return; 79 return;
80 80
81 set_bit(HCI_PERIODIC_INQ, &hdev->dev_flags); 81 set_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
82 } 82 }
83 83
84 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb) 84 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
85 { 85 {
86 __u8 status = *((__u8 *) skb->data); 86 __u8 status = *((__u8 *) skb->data);
87 87
88 BT_DBG("%s status 0x%x", hdev->name, status); 88 BT_DBG("%s status 0x%x", hdev->name, status);
89 89
90 if (status) 90 if (status)
91 return; 91 return;
92 92
93 clear_bit(HCI_PERIODIC_INQ, &hdev->dev_flags); 93 clear_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
94 94
95 hci_conn_check_pending(hdev); 95 hci_conn_check_pending(hdev);
96 } 96 }
97 97
98 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb) 98 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
99 { 99 {
100 BT_DBG("%s", hdev->name); 100 BT_DBG("%s", hdev->name);
101 } 101 }
102 102
103 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb) 103 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
104 { 104 {
105 struct hci_rp_role_discovery *rp = (void *) skb->data; 105 struct hci_rp_role_discovery *rp = (void *) skb->data;
106 struct hci_conn *conn; 106 struct hci_conn *conn;
107 107
108 BT_DBG("%s status 0x%x", hdev->name, rp->status); 108 BT_DBG("%s status 0x%x", hdev->name, rp->status);
109 109
110 if (rp->status) 110 if (rp->status)
111 return; 111 return;
112 112
113 hci_dev_lock(hdev); 113 hci_dev_lock(hdev);
114 114
115 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); 115 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
116 if (conn) { 116 if (conn) {
117 if (rp->role) 117 if (rp->role)
118 conn->link_mode &= ~HCI_LM_MASTER; 118 conn->link_mode &= ~HCI_LM_MASTER;
119 else 119 else
120 conn->link_mode |= HCI_LM_MASTER; 120 conn->link_mode |= HCI_LM_MASTER;
121 } 121 }
122 122
123 hci_dev_unlock(hdev); 123 hci_dev_unlock(hdev);
124 } 124 }
125 125
126 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb) 126 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
127 { 127 {
128 struct hci_rp_read_link_policy *rp = (void *) skb->data; 128 struct hci_rp_read_link_policy *rp = (void *) skb->data;
129 struct hci_conn *conn; 129 struct hci_conn *conn;
130 130
131 BT_DBG("%s status 0x%x", hdev->name, rp->status); 131 BT_DBG("%s status 0x%x", hdev->name, rp->status);
132 132
133 if (rp->status) 133 if (rp->status)
134 return; 134 return;
135 135
136 hci_dev_lock(hdev); 136 hci_dev_lock(hdev);
137 137
138 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); 138 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
139 if (conn) 139 if (conn)
140 conn->link_policy = __le16_to_cpu(rp->policy); 140 conn->link_policy = __le16_to_cpu(rp->policy);
141 141
142 hci_dev_unlock(hdev); 142 hci_dev_unlock(hdev);
143 } 143 }
144 144
145 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb) 145 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
146 { 146 {
147 struct hci_rp_write_link_policy *rp = (void *) skb->data; 147 struct hci_rp_write_link_policy *rp = (void *) skb->data;
148 struct hci_conn *conn; 148 struct hci_conn *conn;
149 void *sent; 149 void *sent;
150 150
151 BT_DBG("%s status 0x%x", hdev->name, rp->status); 151 BT_DBG("%s status 0x%x", hdev->name, rp->status);
152 152
153 if (rp->status) 153 if (rp->status)
154 return; 154 return;
155 155
156 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY); 156 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
157 if (!sent) 157 if (!sent)
158 return; 158 return;
159 159
160 hci_dev_lock(hdev); 160 hci_dev_lock(hdev);
161 161
162 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); 162 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
163 if (conn) 163 if (conn)
164 conn->link_policy = get_unaligned_le16(sent + 2); 164 conn->link_policy = get_unaligned_le16(sent + 2);
165 165
166 hci_dev_unlock(hdev); 166 hci_dev_unlock(hdev);
167 } 167 }
168 168
169 static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb) 169 static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
170 { 170 {
171 struct hci_rp_read_def_link_policy *rp = (void *) skb->data; 171 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
172 172
173 BT_DBG("%s status 0x%x", hdev->name, rp->status); 173 BT_DBG("%s status 0x%x", hdev->name, rp->status);
174 174
175 if (rp->status) 175 if (rp->status)
176 return; 176 return;
177 177
178 hdev->link_policy = __le16_to_cpu(rp->policy); 178 hdev->link_policy = __le16_to_cpu(rp->policy);
179 } 179 }
180 180
181 static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb) 181 static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
182 { 182 {
183 __u8 status = *((__u8 *) skb->data); 183 __u8 status = *((__u8 *) skb->data);
184 void *sent; 184 void *sent;
185 185
186 BT_DBG("%s status 0x%x", hdev->name, status); 186 BT_DBG("%s status 0x%x", hdev->name, status);
187 187
188 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY); 188 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
189 if (!sent) 189 if (!sent)
190 return; 190 return;
191 191
192 if (!status) 192 if (!status)
193 hdev->link_policy = get_unaligned_le16(sent); 193 hdev->link_policy = get_unaligned_le16(sent);
194 194
195 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status); 195 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
196 } 196 }
197 197
198 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb) 198 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
199 { 199 {
200 __u8 status = *((__u8 *) skb->data); 200 __u8 status = *((__u8 *) skb->data);
201 201
202 BT_DBG("%s status 0x%x", hdev->name, status); 202 BT_DBG("%s status 0x%x", hdev->name, status);
203 203
204 clear_bit(HCI_RESET, &hdev->flags); 204 clear_bit(HCI_RESET, &hdev->flags);
205 205
206 hci_req_complete(hdev, HCI_OP_RESET, status); 206 hci_req_complete(hdev, HCI_OP_RESET, status);
207 207
208 /* Reset all non-persistent flags */ 208 /* Reset all non-persistent flags */
209 hdev->dev_flags &= ~(BIT(HCI_LE_SCAN) | BIT(HCI_PENDING_CLASS) | 209 hdev->dev_flags &= ~(BIT(HCI_LE_SCAN) | BIT(HCI_PENDING_CLASS) |
210 BIT(HCI_PERIODIC_INQ)); 210 BIT(HCI_PERIODIC_INQ));
211 211
212 hdev->discovery.state = DISCOVERY_STOPPED; 212 hdev->discovery.state = DISCOVERY_STOPPED;
213 } 213 }
214 214
215 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb) 215 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
216 { 216 {
217 __u8 status = *((__u8 *) skb->data); 217 __u8 status = *((__u8 *) skb->data);
218 void *sent; 218 void *sent;
219 219
220 BT_DBG("%s status 0x%x", hdev->name, status); 220 BT_DBG("%s status 0x%x", hdev->name, status);
221 221
222 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME); 222 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
223 if (!sent) 223 if (!sent)
224 return; 224 return;
225 225
226 hci_dev_lock(hdev); 226 hci_dev_lock(hdev);
227 227
228 if (test_bit(HCI_MGMT, &hdev->dev_flags)) 228 if (test_bit(HCI_MGMT, &hdev->dev_flags))
229 mgmt_set_local_name_complete(hdev, sent, status); 229 mgmt_set_local_name_complete(hdev, sent, status);
230 else if (!status) 230 else if (!status)
231 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH); 231 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
232 232
233 hci_dev_unlock(hdev); 233 hci_dev_unlock(hdev);
234 234
235 hci_req_complete(hdev, HCI_OP_WRITE_LOCAL_NAME, status); 235 hci_req_complete(hdev, HCI_OP_WRITE_LOCAL_NAME, status);
236 } 236 }
237 237
238 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb) 238 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
239 { 239 {
240 struct hci_rp_read_local_name *rp = (void *) skb->data; 240 struct hci_rp_read_local_name *rp = (void *) skb->data;
241 241
242 BT_DBG("%s status 0x%x", hdev->name, rp->status); 242 BT_DBG("%s status 0x%x", hdev->name, rp->status);
243 243
244 if (rp->status) 244 if (rp->status)
245 return; 245 return;
246 246
247 if (test_bit(HCI_SETUP, &hdev->dev_flags)) 247 if (test_bit(HCI_SETUP, &hdev->dev_flags))
248 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH); 248 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
249 } 249 }
250 250
251 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb) 251 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
252 { 252 {
253 __u8 status = *((__u8 *) skb->data); 253 __u8 status = *((__u8 *) skb->data);
254 void *sent; 254 void *sent;
255 255
256 BT_DBG("%s status 0x%x", hdev->name, status); 256 BT_DBG("%s status 0x%x", hdev->name, status);
257 257
258 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE); 258 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
259 if (!sent) 259 if (!sent)
260 return; 260 return;
261 261
262 if (!status) { 262 if (!status) {
263 __u8 param = *((__u8 *) sent); 263 __u8 param = *((__u8 *) sent);
264 264
265 if (param == AUTH_ENABLED) 265 if (param == AUTH_ENABLED)
266 set_bit(HCI_AUTH, &hdev->flags); 266 set_bit(HCI_AUTH, &hdev->flags);
267 else 267 else
268 clear_bit(HCI_AUTH, &hdev->flags); 268 clear_bit(HCI_AUTH, &hdev->flags);
269 } 269 }
270 270
271 if (test_bit(HCI_MGMT, &hdev->dev_flags)) 271 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272 mgmt_auth_enable_complete(hdev, status); 272 mgmt_auth_enable_complete(hdev, status);
273 273
274 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status); 274 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
275 } 275 }
276 276
277 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb) 277 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
278 { 278 {
279 __u8 status = *((__u8 *) skb->data); 279 __u8 status = *((__u8 *) skb->data);
280 void *sent; 280 void *sent;
281 281
282 BT_DBG("%s status 0x%x", hdev->name, status); 282 BT_DBG("%s status 0x%x", hdev->name, status);
283 283
284 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE); 284 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
285 if (!sent) 285 if (!sent)
286 return; 286 return;
287 287
288 if (!status) { 288 if (!status) {
289 __u8 param = *((__u8 *) sent); 289 __u8 param = *((__u8 *) sent);
290 290
291 if (param) 291 if (param)
292 set_bit(HCI_ENCRYPT, &hdev->flags); 292 set_bit(HCI_ENCRYPT, &hdev->flags);
293 else 293 else
294 clear_bit(HCI_ENCRYPT, &hdev->flags); 294 clear_bit(HCI_ENCRYPT, &hdev->flags);
295 } 295 }
296 296
297 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status); 297 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
298 } 298 }
299 299
300 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb) 300 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
301 { 301 {
302 __u8 param, status = *((__u8 *) skb->data); 302 __u8 param, status = *((__u8 *) skb->data);
303 int old_pscan, old_iscan; 303 int old_pscan, old_iscan;
304 void *sent; 304 void *sent;
305 305
306 BT_DBG("%s status 0x%x", hdev->name, status); 306 BT_DBG("%s status 0x%x", hdev->name, status);
307 307
308 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE); 308 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
309 if (!sent) 309 if (!sent)
310 return; 310 return;
311 311
312 param = *((__u8 *) sent); 312 param = *((__u8 *) sent);
313 313
314 hci_dev_lock(hdev); 314 hci_dev_lock(hdev);
315 315
316 if (status != 0) { 316 if (status != 0) {
317 mgmt_write_scan_failed(hdev, param, status); 317 mgmt_write_scan_failed(hdev, param, status);
318 hdev->discov_timeout = 0; 318 hdev->discov_timeout = 0;
319 goto done; 319 goto done;
320 } 320 }
321 321
322 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags); 322 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
323 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags); 323 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
324 324
325 if (param & SCAN_INQUIRY) { 325 if (param & SCAN_INQUIRY) {
326 set_bit(HCI_ISCAN, &hdev->flags); 326 set_bit(HCI_ISCAN, &hdev->flags);
327 if (!old_iscan) 327 if (!old_iscan)
328 mgmt_discoverable(hdev, 1); 328 mgmt_discoverable(hdev, 1);
329 if (hdev->discov_timeout > 0) { 329 if (hdev->discov_timeout > 0) {
330 int to = msecs_to_jiffies(hdev->discov_timeout * 1000); 330 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
331 queue_delayed_work(hdev->workqueue, &hdev->discov_off, 331 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
332 to); 332 to);
333 } 333 }
334 } else if (old_iscan) 334 } else if (old_iscan)
335 mgmt_discoverable(hdev, 0); 335 mgmt_discoverable(hdev, 0);
336 336
337 if (param & SCAN_PAGE) { 337 if (param & SCAN_PAGE) {
338 set_bit(HCI_PSCAN, &hdev->flags); 338 set_bit(HCI_PSCAN, &hdev->flags);
339 if (!old_pscan) 339 if (!old_pscan)
340 mgmt_connectable(hdev, 1); 340 mgmt_connectable(hdev, 1);
341 } else if (old_pscan) 341 } else if (old_pscan)
342 mgmt_connectable(hdev, 0); 342 mgmt_connectable(hdev, 0);
343 343
344 done: 344 done:
345 hci_dev_unlock(hdev); 345 hci_dev_unlock(hdev);
346 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status); 346 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
347 } 347 }
348 348
349 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb) 349 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
350 { 350 {
351 struct hci_rp_read_class_of_dev *rp = (void *) skb->data; 351 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
352 352
353 BT_DBG("%s status 0x%x", hdev->name, rp->status); 353 BT_DBG("%s status 0x%x", hdev->name, rp->status);
354 354
355 if (rp->status) 355 if (rp->status)
356 return; 356 return;
357 357
358 memcpy(hdev->dev_class, rp->dev_class, 3); 358 memcpy(hdev->dev_class, rp->dev_class, 3);
359 359
360 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name, 360 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
361 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]); 361 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
362 } 362 }
363 363
364 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb) 364 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
365 { 365 {
366 __u8 status = *((__u8 *) skb->data); 366 __u8 status = *((__u8 *) skb->data);
367 void *sent; 367 void *sent;
368 368
369 BT_DBG("%s status 0x%x", hdev->name, status); 369 BT_DBG("%s status 0x%x", hdev->name, status);
370 370
371 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV); 371 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
372 if (!sent) 372 if (!sent)
373 return; 373 return;
374 374
375 hci_dev_lock(hdev); 375 hci_dev_lock(hdev);
376 376
377 if (status == 0) 377 if (status == 0)
378 memcpy(hdev->dev_class, sent, 3); 378 memcpy(hdev->dev_class, sent, 3);
379 379
380 if (test_bit(HCI_MGMT, &hdev->dev_flags)) 380 if (test_bit(HCI_MGMT, &hdev->dev_flags))
381 mgmt_set_class_of_dev_complete(hdev, sent, status); 381 mgmt_set_class_of_dev_complete(hdev, sent, status);
382 382
383 hci_dev_unlock(hdev); 383 hci_dev_unlock(hdev);
384 } 384 }
385 385
386 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb) 386 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
387 { 387 {
388 struct hci_rp_read_voice_setting *rp = (void *) skb->data; 388 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
389 __u16 setting; 389 __u16 setting;
390 390
391 BT_DBG("%s status 0x%x", hdev->name, rp->status); 391 BT_DBG("%s status 0x%x", hdev->name, rp->status);
392 392
393 if (rp->status) 393 if (rp->status)
394 return; 394 return;
395 395
396 setting = __le16_to_cpu(rp->voice_setting); 396 setting = __le16_to_cpu(rp->voice_setting);
397 397
398 if (hdev->voice_setting == setting) 398 if (hdev->voice_setting == setting)
399 return; 399 return;
400 400
401 hdev->voice_setting = setting; 401 hdev->voice_setting = setting;
402 402
403 BT_DBG("%s voice setting 0x%04x", hdev->name, setting); 403 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
404 404
405 if (hdev->notify) 405 if (hdev->notify)
406 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING); 406 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
407 } 407 }
408 408
409 static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb) 409 static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
410 { 410 {
411 __u8 status = *((__u8 *) skb->data); 411 __u8 status = *((__u8 *) skb->data);
412 __u16 setting; 412 __u16 setting;
413 void *sent; 413 void *sent;
414 414
415 BT_DBG("%s status 0x%x", hdev->name, status); 415 BT_DBG("%s status 0x%x", hdev->name, status);
416 416
417 if (status) 417 if (status)
418 return; 418 return;
419 419
420 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING); 420 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
421 if (!sent) 421 if (!sent)
422 return; 422 return;
423 423
424 setting = get_unaligned_le16(sent); 424 setting = get_unaligned_le16(sent);
425 425
426 if (hdev->voice_setting == setting) 426 if (hdev->voice_setting == setting)
427 return; 427 return;
428 428
429 hdev->voice_setting = setting; 429 hdev->voice_setting = setting;
430 430
431 BT_DBG("%s voice setting 0x%04x", hdev->name, setting); 431 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
432 432
433 if (hdev->notify) 433 if (hdev->notify)
434 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING); 434 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
435 } 435 }
436 436
437 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb) 437 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
438 { 438 {
439 __u8 status = *((__u8 *) skb->data); 439 __u8 status = *((__u8 *) skb->data);
440 440
441 BT_DBG("%s status 0x%x", hdev->name, status); 441 BT_DBG("%s status 0x%x", hdev->name, status);
442 442
443 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status); 443 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
444 } 444 }
445 445
446 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb) 446 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
447 { 447 {
448 __u8 status = *((__u8 *) skb->data); 448 __u8 status = *((__u8 *) skb->data);
449 void *sent; 449 void *sent;
450 450
451 BT_DBG("%s status 0x%x", hdev->name, status); 451 BT_DBG("%s status 0x%x", hdev->name, status);
452 452
453 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE); 453 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
454 if (!sent) 454 if (!sent)
455 return; 455 return;
456 456
457 if (test_bit(HCI_MGMT, &hdev->dev_flags)) 457 if (test_bit(HCI_MGMT, &hdev->dev_flags))
458 mgmt_ssp_enable_complete(hdev, *((u8 *) sent), status); 458 mgmt_ssp_enable_complete(hdev, *((u8 *) sent), status);
459 else if (!status) { 459 else if (!status) {
460 if (*((u8 *) sent)) 460 if (*((u8 *) sent))
461 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags); 461 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
462 else 462 else
463 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags); 463 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
464 } 464 }
465 } 465 }
466 466
467 static u8 hci_get_inquiry_mode(struct hci_dev *hdev) 467 static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
468 { 468 {
469 if (hdev->features[6] & LMP_EXT_INQ) 469 if (hdev->features[6] & LMP_EXT_INQ)
470 return 2; 470 return 2;
471 471
472 if (hdev->features[3] & LMP_RSSI_INQ) 472 if (hdev->features[3] & LMP_RSSI_INQ)
473 return 1; 473 return 1;
474 474
475 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 && 475 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
476 hdev->lmp_subver == 0x0757) 476 hdev->lmp_subver == 0x0757)
477 return 1; 477 return 1;
478 478
479 if (hdev->manufacturer == 15) { 479 if (hdev->manufacturer == 15) {
480 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963) 480 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
481 return 1; 481 return 1;
482 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963) 482 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
483 return 1; 483 return 1;
484 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965) 484 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
485 return 1; 485 return 1;
486 } 486 }
487 487
488 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 && 488 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
489 hdev->lmp_subver == 0x1805) 489 hdev->lmp_subver == 0x1805)
490 return 1; 490 return 1;
491 491
492 return 0; 492 return 0;
493 } 493 }
494 494
495 static void hci_setup_inquiry_mode(struct hci_dev *hdev) 495 static void hci_setup_inquiry_mode(struct hci_dev *hdev)
496 { 496 {
497 u8 mode; 497 u8 mode;
498 498
499 mode = hci_get_inquiry_mode(hdev); 499 mode = hci_get_inquiry_mode(hdev);
500 500
501 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode); 501 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
502 } 502 }
503 503
504 static void hci_setup_event_mask(struct hci_dev *hdev) 504 static void hci_setup_event_mask(struct hci_dev *hdev)
505 { 505 {
506 /* The second byte is 0xff instead of 0x9f (two reserved bits 506 /* The second byte is 0xff instead of 0x9f (two reserved bits
507 * disabled) since a Broadcom 1.2 dongle doesn't respond to the 507 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
508 * command otherwise */ 508 * command otherwise */
509 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 }; 509 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
510 510
511 /* CSR 1.1 dongles does not accept any bitfield so don't try to set 511 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
512 * any event mask for pre 1.2 devices */ 512 * any event mask for pre 1.2 devices */
513 if (hdev->hci_ver < BLUETOOTH_VER_1_2) 513 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
514 return; 514 return;
515 515
516 events[4] |= 0x01; /* Flow Specification Complete */ 516 events[4] |= 0x01; /* Flow Specification Complete */
517 events[4] |= 0x02; /* Inquiry Result with RSSI */ 517 events[4] |= 0x02; /* Inquiry Result with RSSI */
518 events[4] |= 0x04; /* Read Remote Extended Features Complete */ 518 events[4] |= 0x04; /* Read Remote Extended Features Complete */
519 events[5] |= 0x08; /* Synchronous Connection Complete */ 519 events[5] |= 0x08; /* Synchronous Connection Complete */
520 events[5] |= 0x10; /* Synchronous Connection Changed */ 520 events[5] |= 0x10; /* Synchronous Connection Changed */
521 521
522 if (hdev->features[3] & LMP_RSSI_INQ) 522 if (hdev->features[3] & LMP_RSSI_INQ)
523 events[4] |= 0x02; /* Inquiry Result with RSSI */ 523 events[4] |= 0x02; /* Inquiry Result with RSSI */
524 524
525 if (hdev->features[5] & LMP_SNIFF_SUBR) 525 if (hdev->features[5] & LMP_SNIFF_SUBR)
526 events[5] |= 0x20; /* Sniff Subrating */ 526 events[5] |= 0x20; /* Sniff Subrating */
527 527
528 if (hdev->features[5] & LMP_PAUSE_ENC) 528 if (hdev->features[5] & LMP_PAUSE_ENC)
529 events[5] |= 0x80; /* Encryption Key Refresh Complete */ 529 events[5] |= 0x80; /* Encryption Key Refresh Complete */
530 530
531 if (hdev->features[6] & LMP_EXT_INQ) 531 if (hdev->features[6] & LMP_EXT_INQ)
532 events[5] |= 0x40; /* Extended Inquiry Result */ 532 events[5] |= 0x40; /* Extended Inquiry Result */
533 533
534 if (hdev->features[6] & LMP_NO_FLUSH) 534 if (hdev->features[6] & LMP_NO_FLUSH)
535 events[7] |= 0x01; /* Enhanced Flush Complete */ 535 events[7] |= 0x01; /* Enhanced Flush Complete */
536 536
537 if (hdev->features[7] & LMP_LSTO) 537 if (hdev->features[7] & LMP_LSTO)
538 events[6] |= 0x80; /* Link Supervision Timeout Changed */ 538 events[6] |= 0x80; /* Link Supervision Timeout Changed */
539 539
540 if (hdev->features[6] & LMP_SIMPLE_PAIR) { 540 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
541 events[6] |= 0x01; /* IO Capability Request */ 541 events[6] |= 0x01; /* IO Capability Request */
542 events[6] |= 0x02; /* IO Capability Response */ 542 events[6] |= 0x02; /* IO Capability Response */
543 events[6] |= 0x04; /* User Confirmation Request */ 543 events[6] |= 0x04; /* User Confirmation Request */
544 events[6] |= 0x08; /* User Passkey Request */ 544 events[6] |= 0x08; /* User Passkey Request */
545 events[6] |= 0x10; /* Remote OOB Data Request */ 545 events[6] |= 0x10; /* Remote OOB Data Request */
546 events[6] |= 0x20; /* Simple Pairing Complete */ 546 events[6] |= 0x20; /* Simple Pairing Complete */
547 events[7] |= 0x04; /* User Passkey Notification */ 547 events[7] |= 0x04; /* User Passkey Notification */
548 events[7] |= 0x08; /* Keypress Notification */ 548 events[7] |= 0x08; /* Keypress Notification */
549 events[7] |= 0x10; /* Remote Host Supported 549 events[7] |= 0x10; /* Remote Host Supported
550 * Features Notification */ 550 * Features Notification */
551 } 551 }
552 552
553 if (hdev->features[4] & LMP_LE) 553 if (hdev->features[4] & LMP_LE)
554 events[7] |= 0x20; /* LE Meta-Event */ 554 events[7] |= 0x20; /* LE Meta-Event */
555 555
556 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events); 556 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
557 } 557 }
558 558
559 static void hci_setup(struct hci_dev *hdev) 559 static void hci_setup(struct hci_dev *hdev)
560 { 560 {
561 if (hdev->dev_type != HCI_BREDR) 561 if (hdev->dev_type != HCI_BREDR)
562 return; 562 return;
563 563
564 hci_setup_event_mask(hdev); 564 hci_setup_event_mask(hdev);
565 565
566 if (hdev->hci_ver > BLUETOOTH_VER_1_1) 566 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
567 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL); 567 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
568 568
569 if (hdev->features[6] & LMP_SIMPLE_PAIR) { 569 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
570 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) { 570 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
571 u8 mode = 0x01; 571 u8 mode = 0x01;
572 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, 572 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE,
573 sizeof(mode), &mode); 573 sizeof(mode), &mode);
574 } else { 574 } else {
575 struct hci_cp_write_eir cp; 575 struct hci_cp_write_eir cp;
576 576
577 memset(hdev->eir, 0, sizeof(hdev->eir)); 577 memset(hdev->eir, 0, sizeof(hdev->eir));
578 memset(&cp, 0, sizeof(cp)); 578 memset(&cp, 0, sizeof(cp));
579 579
580 hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp); 580 hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
581 } 581 }
582 } 582 }
583 583
584 if (hdev->features[3] & LMP_RSSI_INQ) 584 if (hdev->features[3] & LMP_RSSI_INQ)
585 hci_setup_inquiry_mode(hdev); 585 hci_setup_inquiry_mode(hdev);
586 586
587 if (hdev->features[7] & LMP_INQ_TX_PWR) 587 if (hdev->features[7] & LMP_INQ_TX_PWR)
588 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL); 588 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
589 589
590 if (hdev->features[7] & LMP_EXTFEATURES) { 590 if (hdev->features[7] & LMP_EXTFEATURES) {
591 struct hci_cp_read_local_ext_features cp; 591 struct hci_cp_read_local_ext_features cp;
592 592
593 cp.page = 0x01; 593 cp.page = 0x01;
594 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp), 594 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp),
595 &cp); 595 &cp);
596 } 596 }
597 597
598 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags)) { 598 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags)) {
599 u8 enable = 1; 599 u8 enable = 1;
600 hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(enable), 600 hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(enable),
601 &enable); 601 &enable);
602 } 602 }
603 } 603 }
604 604
605 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb) 605 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
606 { 606 {
607 struct hci_rp_read_local_version *rp = (void *) skb->data; 607 struct hci_rp_read_local_version *rp = (void *) skb->data;
608 608
609 BT_DBG("%s status 0x%x", hdev->name, rp->status); 609 BT_DBG("%s status 0x%x", hdev->name, rp->status);
610 610
611 if (rp->status) 611 if (rp->status)
612 goto done; 612 goto done;
613 613
614 hdev->hci_ver = rp->hci_ver; 614 hdev->hci_ver = rp->hci_ver;
615 hdev->hci_rev = __le16_to_cpu(rp->hci_rev); 615 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
616 hdev->lmp_ver = rp->lmp_ver; 616 hdev->lmp_ver = rp->lmp_ver;
617 hdev->manufacturer = __le16_to_cpu(rp->manufacturer); 617 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
618 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver); 618 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
619 619
620 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name, 620 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
621 hdev->manufacturer, 621 hdev->manufacturer,
622 hdev->hci_ver, hdev->hci_rev); 622 hdev->hci_ver, hdev->hci_rev);
623 623
624 if (test_bit(HCI_INIT, &hdev->flags)) 624 if (test_bit(HCI_INIT, &hdev->flags))
625 hci_setup(hdev); 625 hci_setup(hdev);
626 626
627 done: 627 done:
628 hci_req_complete(hdev, HCI_OP_READ_LOCAL_VERSION, rp->status); 628 hci_req_complete(hdev, HCI_OP_READ_LOCAL_VERSION, rp->status);
629 } 629 }
630 630
631 static void hci_setup_link_policy(struct hci_dev *hdev) 631 static void hci_setup_link_policy(struct hci_dev *hdev)
632 { 632 {
633 struct hci_cp_write_def_link_policy cp; 633 struct hci_cp_write_def_link_policy cp;
634 u16 link_policy = 0; 634 u16 link_policy = 0;
635 635
636 if (hdev->features[0] & LMP_RSWITCH) 636 if (hdev->features[0] & LMP_RSWITCH)
637 link_policy |= HCI_LP_RSWITCH; 637 link_policy |= HCI_LP_RSWITCH;
638 if (hdev->features[0] & LMP_HOLD) 638 if (hdev->features[0] & LMP_HOLD)
639 link_policy |= HCI_LP_HOLD; 639 link_policy |= HCI_LP_HOLD;
640 if (hdev->features[0] & LMP_SNIFF) 640 if (hdev->features[0] & LMP_SNIFF)
641 link_policy |= HCI_LP_SNIFF; 641 link_policy |= HCI_LP_SNIFF;
642 if (hdev->features[1] & LMP_PARK) 642 if (hdev->features[1] & LMP_PARK)
643 link_policy |= HCI_LP_PARK; 643 link_policy |= HCI_LP_PARK;
644 644
645 cp.policy = cpu_to_le16(link_policy); 645 cp.policy = cpu_to_le16(link_policy);
646 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, sizeof(cp), &cp); 646 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, sizeof(cp), &cp);
647 } 647 }
648 648
649 static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb) 649 static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
650 { 650 {
651 struct hci_rp_read_local_commands *rp = (void *) skb->data; 651 struct hci_rp_read_local_commands *rp = (void *) skb->data;
652 652
653 BT_DBG("%s status 0x%x", hdev->name, rp->status); 653 BT_DBG("%s status 0x%x", hdev->name, rp->status);
654 654
655 if (rp->status) 655 if (rp->status)
656 goto done; 656 goto done;
657 657
658 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands)); 658 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
659 659
660 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10)) 660 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
661 hci_setup_link_policy(hdev); 661 hci_setup_link_policy(hdev);
662 662
663 done: 663 done:
664 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status); 664 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
665 } 665 }
666 666
667 static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb) 667 static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
668 { 668 {
669 struct hci_rp_read_local_features *rp = (void *) skb->data; 669 struct hci_rp_read_local_features *rp = (void *) skb->data;
670 670
671 BT_DBG("%s status 0x%x", hdev->name, rp->status); 671 BT_DBG("%s status 0x%x", hdev->name, rp->status);
672 672
673 if (rp->status) 673 if (rp->status)
674 return; 674 return;
675 675
676 memcpy(hdev->features, rp->features, 8); 676 memcpy(hdev->features, rp->features, 8);
677 677
678 /* Adjust default settings according to features 678 /* Adjust default settings according to features
679 * supported by device. */ 679 * supported by device. */
680 680
681 if (hdev->features[0] & LMP_3SLOT) 681 if (hdev->features[0] & LMP_3SLOT)
682 hdev->pkt_type |= (HCI_DM3 | HCI_DH3); 682 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
683 683
684 if (hdev->features[0] & LMP_5SLOT) 684 if (hdev->features[0] & LMP_5SLOT)
685 hdev->pkt_type |= (HCI_DM5 | HCI_DH5); 685 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
686 686
687 if (hdev->features[1] & LMP_HV2) { 687 if (hdev->features[1] & LMP_HV2) {
688 hdev->pkt_type |= (HCI_HV2); 688 hdev->pkt_type |= (HCI_HV2);
689 hdev->esco_type |= (ESCO_HV2); 689 hdev->esco_type |= (ESCO_HV2);
690 } 690 }
691 691
692 if (hdev->features[1] & LMP_HV3) { 692 if (hdev->features[1] & LMP_HV3) {
693 hdev->pkt_type |= (HCI_HV3); 693 hdev->pkt_type |= (HCI_HV3);
694 hdev->esco_type |= (ESCO_HV3); 694 hdev->esco_type |= (ESCO_HV3);
695 } 695 }
696 696
697 if (hdev->features[3] & LMP_ESCO) 697 if (hdev->features[3] & LMP_ESCO)
698 hdev->esco_type |= (ESCO_EV3); 698 hdev->esco_type |= (ESCO_EV3);
699 699
700 if (hdev->features[4] & LMP_EV4) 700 if (hdev->features[4] & LMP_EV4)
701 hdev->esco_type |= (ESCO_EV4); 701 hdev->esco_type |= (ESCO_EV4);
702 702
703 if (hdev->features[4] & LMP_EV5) 703 if (hdev->features[4] & LMP_EV5)
704 hdev->esco_type |= (ESCO_EV5); 704 hdev->esco_type |= (ESCO_EV5);
705 705
706 if (hdev->features[5] & LMP_EDR_ESCO_2M) 706 if (hdev->features[5] & LMP_EDR_ESCO_2M)
707 hdev->esco_type |= (ESCO_2EV3); 707 hdev->esco_type |= (ESCO_2EV3);
708 708
709 if (hdev->features[5] & LMP_EDR_ESCO_3M) 709 if (hdev->features[5] & LMP_EDR_ESCO_3M)
710 hdev->esco_type |= (ESCO_3EV3); 710 hdev->esco_type |= (ESCO_3EV3);
711 711
712 if (hdev->features[5] & LMP_EDR_3S_ESCO) 712 if (hdev->features[5] & LMP_EDR_3S_ESCO)
713 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5); 713 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
714 714
715 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name, 715 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
716 hdev->features[0], hdev->features[1], 716 hdev->features[0], hdev->features[1],
717 hdev->features[2], hdev->features[3], 717 hdev->features[2], hdev->features[3],
718 hdev->features[4], hdev->features[5], 718 hdev->features[4], hdev->features[5],
719 hdev->features[6], hdev->features[7]); 719 hdev->features[6], hdev->features[7]);
720 } 720 }
721 721
722 static void hci_set_le_support(struct hci_dev *hdev) 722 static void hci_set_le_support(struct hci_dev *hdev)
723 { 723 {
724 struct hci_cp_write_le_host_supported cp; 724 struct hci_cp_write_le_host_supported cp;
725 725
726 memset(&cp, 0, sizeof(cp)); 726 memset(&cp, 0, sizeof(cp));
727 727
728 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) { 728 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
729 cp.le = 1; 729 cp.le = 1;
730 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR); 730 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
731 } 731 }
732 732
733 if (cp.le != !!(hdev->host_features[0] & LMP_HOST_LE)) 733 if (cp.le != !!(hdev->host_features[0] & LMP_HOST_LE))
734 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp), 734 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp),
735 &cp); 735 &cp);
736 } 736 }
737 737
738 static void hci_cc_read_local_ext_features(struct hci_dev *hdev, 738 static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
739 struct sk_buff *skb) 739 struct sk_buff *skb)
740 { 740 {
741 struct hci_rp_read_local_ext_features *rp = (void *) skb->data; 741 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
742 742
743 BT_DBG("%s status 0x%x", hdev->name, rp->status); 743 BT_DBG("%s status 0x%x", hdev->name, rp->status);
744 744
745 if (rp->status) 745 if (rp->status)
746 goto done; 746 goto done;
747 747
748 switch (rp->page) { 748 switch (rp->page) {
749 case 0: 749 case 0:
750 memcpy(hdev->features, rp->features, 8); 750 memcpy(hdev->features, rp->features, 8);
751 break; 751 break;
752 case 1: 752 case 1:
753 memcpy(hdev->host_features, rp->features, 8); 753 memcpy(hdev->host_features, rp->features, 8);
754 break; 754 break;
755 } 755 }
756 756
757 if (test_bit(HCI_INIT, &hdev->flags) && hdev->features[4] & LMP_LE) 757 if (test_bit(HCI_INIT, &hdev->flags) && hdev->features[4] & LMP_LE)
758 hci_set_le_support(hdev); 758 hci_set_le_support(hdev);
759 759
760 done: 760 done:
761 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status); 761 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
762 } 762 }
763 763
764 static void hci_cc_read_flow_control_mode(struct hci_dev *hdev, 764 static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
765 struct sk_buff *skb) 765 struct sk_buff *skb)
766 { 766 {
767 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data; 767 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
768 768
769 BT_DBG("%s status 0x%x", hdev->name, rp->status); 769 BT_DBG("%s status 0x%x", hdev->name, rp->status);
770 770
771 if (rp->status) 771 if (rp->status)
772 return; 772 return;
773 773
774 hdev->flow_ctl_mode = rp->mode; 774 hdev->flow_ctl_mode = rp->mode;
775 775
776 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status); 776 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
777 } 777 }
778 778
779 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb) 779 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
780 { 780 {
781 struct hci_rp_read_buffer_size *rp = (void *) skb->data; 781 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
782 782
783 BT_DBG("%s status 0x%x", hdev->name, rp->status); 783 BT_DBG("%s status 0x%x", hdev->name, rp->status);
784 784
785 if (rp->status) 785 if (rp->status)
786 return; 786 return;
787 787
788 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu); 788 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
789 hdev->sco_mtu = rp->sco_mtu; 789 hdev->sco_mtu = rp->sco_mtu;
790 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt); 790 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
791 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt); 791 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
792 792
793 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) { 793 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
794 hdev->sco_mtu = 64; 794 hdev->sco_mtu = 64;
795 hdev->sco_pkts = 8; 795 hdev->sco_pkts = 8;
796 } 796 }
797 797
798 hdev->acl_cnt = hdev->acl_pkts; 798 hdev->acl_cnt = hdev->acl_pkts;
799 hdev->sco_cnt = hdev->sco_pkts; 799 hdev->sco_cnt = hdev->sco_pkts;
800 800
801 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, 801 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
802 hdev->acl_mtu, hdev->acl_pkts, 802 hdev->acl_mtu, hdev->acl_pkts,
803 hdev->sco_mtu, hdev->sco_pkts); 803 hdev->sco_mtu, hdev->sco_pkts);
804 } 804 }
805 805
806 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb) 806 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
807 { 807 {
808 struct hci_rp_read_bd_addr *rp = (void *) skb->data; 808 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
809 809
810 BT_DBG("%s status 0x%x", hdev->name, rp->status); 810 BT_DBG("%s status 0x%x", hdev->name, rp->status);
811 811
812 if (!rp->status) 812 if (!rp->status)
813 bacpy(&hdev->bdaddr, &rp->bdaddr); 813 bacpy(&hdev->bdaddr, &rp->bdaddr);
814 814
815 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status); 815 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
816 } 816 }
817 817
818 static void hci_cc_read_data_block_size(struct hci_dev *hdev, 818 static void hci_cc_read_data_block_size(struct hci_dev *hdev,
819 struct sk_buff *skb) 819 struct sk_buff *skb)
820 { 820 {
821 struct hci_rp_read_data_block_size *rp = (void *) skb->data; 821 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
822 822
823 BT_DBG("%s status 0x%x", hdev->name, rp->status); 823 BT_DBG("%s status 0x%x", hdev->name, rp->status);
824 824
825 if (rp->status) 825 if (rp->status)
826 return; 826 return;
827 827
828 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len); 828 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
829 hdev->block_len = __le16_to_cpu(rp->block_len); 829 hdev->block_len = __le16_to_cpu(rp->block_len);
830 hdev->num_blocks = __le16_to_cpu(rp->num_blocks); 830 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
831 831
832 hdev->block_cnt = hdev->num_blocks; 832 hdev->block_cnt = hdev->num_blocks;
833 833
834 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu, 834 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
835 hdev->block_cnt, hdev->block_len); 835 hdev->block_cnt, hdev->block_len);
836 836
837 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status); 837 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
838 } 838 }
839 839
840 static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb) 840 static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
841 { 841 {
842 __u8 status = *((__u8 *) skb->data); 842 __u8 status = *((__u8 *) skb->data);
843 843
844 BT_DBG("%s status 0x%x", hdev->name, status); 844 BT_DBG("%s status 0x%x", hdev->name, status);
845 845
846 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status); 846 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
847 } 847 }
848 848
849 static void hci_cc_read_local_amp_info(struct hci_dev *hdev, 849 static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
850 struct sk_buff *skb) 850 struct sk_buff *skb)
851 { 851 {
852 struct hci_rp_read_local_amp_info *rp = (void *) skb->data; 852 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
853 853
854 BT_DBG("%s status 0x%x", hdev->name, rp->status); 854 BT_DBG("%s status 0x%x", hdev->name, rp->status);
855 855
856 if (rp->status) 856 if (rp->status)
857 return; 857 return;
858 858
859 hdev->amp_status = rp->amp_status; 859 hdev->amp_status = rp->amp_status;
860 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw); 860 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
861 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw); 861 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
862 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency); 862 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
863 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu); 863 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
864 hdev->amp_type = rp->amp_type; 864 hdev->amp_type = rp->amp_type;
865 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap); 865 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
866 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size); 866 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
867 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to); 867 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
868 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to); 868 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
869 869
870 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status); 870 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
871 } 871 }
872 872
873 static void hci_cc_delete_stored_link_key(struct hci_dev *hdev, 873 static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
874 struct sk_buff *skb) 874 struct sk_buff *skb)
875 { 875 {
876 __u8 status = *((__u8 *) skb->data); 876 __u8 status = *((__u8 *) skb->data);
877 877
878 BT_DBG("%s status 0x%x", hdev->name, status); 878 BT_DBG("%s status 0x%x", hdev->name, status);
879 879
880 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status); 880 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
881 } 881 }
882 882
883 static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb) 883 static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
884 { 884 {
885 __u8 status = *((__u8 *) skb->data); 885 __u8 status = *((__u8 *) skb->data);
886 886
887 BT_DBG("%s status 0x%x", hdev->name, status); 887 BT_DBG("%s status 0x%x", hdev->name, status);
888 888
889 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status); 889 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
890 } 890 }
891 891
892 static void hci_cc_write_inquiry_mode(struct hci_dev *hdev, 892 static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
893 struct sk_buff *skb) 893 struct sk_buff *skb)
894 { 894 {
895 __u8 status = *((__u8 *) skb->data); 895 __u8 status = *((__u8 *) skb->data);
896 896
897 BT_DBG("%s status 0x%x", hdev->name, status); 897 BT_DBG("%s status 0x%x", hdev->name, status);
898 898
899 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status); 899 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
900 } 900 }
901 901
902 static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev, 902 static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
903 struct sk_buff *skb) 903 struct sk_buff *skb)
904 { 904 {
905 struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data; 905 struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data;
906 906
907 BT_DBG("%s status 0x%x", hdev->name, rp->status); 907 BT_DBG("%s status 0x%x", hdev->name, rp->status);
908 908
909 if (!rp->status) 909 if (!rp->status)
910 hdev->inq_tx_power = rp->tx_power; 910 hdev->inq_tx_power = rp->tx_power;
911 911
912 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, rp->status); 912 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, rp->status);
913 } 913 }
914 914
915 static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb) 915 static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
916 { 916 {
917 __u8 status = *((__u8 *) skb->data); 917 __u8 status = *((__u8 *) skb->data);
918 918
919 BT_DBG("%s status 0x%x", hdev->name, status); 919 BT_DBG("%s status 0x%x", hdev->name, status);
920 920
921 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status); 921 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
922 } 922 }
923 923
924 static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb) 924 static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
925 { 925 {
926 struct hci_rp_pin_code_reply *rp = (void *) skb->data; 926 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
927 struct hci_cp_pin_code_reply *cp; 927 struct hci_cp_pin_code_reply *cp;
928 struct hci_conn *conn; 928 struct hci_conn *conn;
929 929
930 BT_DBG("%s status 0x%x", hdev->name, rp->status); 930 BT_DBG("%s status 0x%x", hdev->name, rp->status);
931 931
932 hci_dev_lock(hdev); 932 hci_dev_lock(hdev);
933 933
934 if (test_bit(HCI_MGMT, &hdev->dev_flags)) 934 if (test_bit(HCI_MGMT, &hdev->dev_flags))
935 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status); 935 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
936 936
937 if (rp->status != 0) 937 if (rp->status != 0)
938 goto unlock; 938 goto unlock;
939 939
940 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY); 940 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
941 if (!cp) 941 if (!cp)
942 goto unlock; 942 goto unlock;
943 943
944 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); 944 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
945 if (conn) 945 if (conn)
946 conn->pin_length = cp->pin_len; 946 conn->pin_length = cp->pin_len;
947 947
948 unlock: 948 unlock:
949 hci_dev_unlock(hdev); 949 hci_dev_unlock(hdev);
950 } 950 }
951 951
952 static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb) 952 static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
953 { 953 {
954 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data; 954 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
955 955
956 BT_DBG("%s status 0x%x", hdev->name, rp->status); 956 BT_DBG("%s status 0x%x", hdev->name, rp->status);
957 957
958 hci_dev_lock(hdev); 958 hci_dev_lock(hdev);
959 959
960 if (test_bit(HCI_MGMT, &hdev->dev_flags)) 960 if (test_bit(HCI_MGMT, &hdev->dev_flags))
961 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr, 961 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
962 rp->status); 962 rp->status);
963 963
964 hci_dev_unlock(hdev); 964 hci_dev_unlock(hdev);
965 } 965 }
966 966
967 static void hci_cc_le_read_buffer_size(struct hci_dev *hdev, 967 static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
968 struct sk_buff *skb) 968 struct sk_buff *skb)
969 { 969 {
970 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data; 970 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
971 971
972 BT_DBG("%s status 0x%x", hdev->name, rp->status); 972 BT_DBG("%s status 0x%x", hdev->name, rp->status);
973 973
974 if (rp->status) 974 if (rp->status)
975 return; 975 return;
976 976
977 hdev->le_mtu = __le16_to_cpu(rp->le_mtu); 977 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
978 hdev->le_pkts = rp->le_max_pkt; 978 hdev->le_pkts = rp->le_max_pkt;
979 979
980 hdev->le_cnt = hdev->le_pkts; 980 hdev->le_cnt = hdev->le_pkts;
981 981
982 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts); 982 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
983 983
984 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status); 984 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
985 } 985 }
986 986
987 static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb) 987 static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
988 { 988 {
989 struct hci_rp_user_confirm_reply *rp = (void *) skb->data; 989 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
990 990
991 BT_DBG("%s status 0x%x", hdev->name, rp->status); 991 BT_DBG("%s status 0x%x", hdev->name, rp->status);
992 992
993 hci_dev_lock(hdev); 993 hci_dev_lock(hdev);
994 994
995 if (test_bit(HCI_MGMT, &hdev->dev_flags)) 995 if (test_bit(HCI_MGMT, &hdev->dev_flags))
996 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0, 996 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0,
997 rp->status); 997 rp->status);
998 998
999 hci_dev_unlock(hdev); 999 hci_dev_unlock(hdev);
1000 } 1000 }
1001 1001
1002 static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev, 1002 static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
1003 struct sk_buff *skb) 1003 struct sk_buff *skb)
1004 { 1004 {
1005 struct hci_rp_user_confirm_reply *rp = (void *) skb->data; 1005 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1006 1006
1007 BT_DBG("%s status 0x%x", hdev->name, rp->status); 1007 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1008 1008
1009 hci_dev_lock(hdev); 1009 hci_dev_lock(hdev);
1010 1010
1011 if (test_bit(HCI_MGMT, &hdev->dev_flags)) 1011 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1012 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr, 1012 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
1013 ACL_LINK, 0, rp->status); 1013 ACL_LINK, 0, rp->status);
1014 1014
1015 hci_dev_unlock(hdev); 1015 hci_dev_unlock(hdev);
1016 } 1016 }
1017 1017
1018 static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb) 1018 static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
1019 { 1019 {
1020 struct hci_rp_user_confirm_reply *rp = (void *) skb->data; 1020 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1021 1021
1022 BT_DBG("%s status 0x%x", hdev->name, rp->status); 1022 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1023 1023
1024 hci_dev_lock(hdev); 1024 hci_dev_lock(hdev);
1025 1025
1026 if (test_bit(HCI_MGMT, &hdev->dev_flags)) 1026 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1027 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 1027 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
1028 0, rp->status); 1028 0, rp->status);
1029 1029
1030 hci_dev_unlock(hdev); 1030 hci_dev_unlock(hdev);
1031 } 1031 }
1032 1032
1033 static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev, 1033 static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
1034 struct sk_buff *skb) 1034 struct sk_buff *skb)
1035 { 1035 {
1036 struct hci_rp_user_confirm_reply *rp = (void *) skb->data; 1036 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1037 1037
1038 BT_DBG("%s status 0x%x", hdev->name, rp->status); 1038 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1039 1039
1040 hci_dev_lock(hdev); 1040 hci_dev_lock(hdev);
1041 1041
1042 if (test_bit(HCI_MGMT, &hdev->dev_flags)) 1042 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1043 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr, 1043 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
1044 ACL_LINK, 0, rp->status); 1044 ACL_LINK, 0, rp->status);
1045 1045
1046 hci_dev_unlock(hdev); 1046 hci_dev_unlock(hdev);
1047 } 1047 }
1048 1048
1049 static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev, 1049 static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
1050 struct sk_buff *skb) 1050 struct sk_buff *skb)
1051 { 1051 {
1052 struct hci_rp_read_local_oob_data *rp = (void *) skb->data; 1052 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1053 1053
1054 BT_DBG("%s status 0x%x", hdev->name, rp->status); 1054 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1055 1055
1056 hci_dev_lock(hdev); 1056 hci_dev_lock(hdev);
1057 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash, 1057 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
1058 rp->randomizer, rp->status); 1058 rp->randomizer, rp->status);
1059 hci_dev_unlock(hdev); 1059 hci_dev_unlock(hdev);
1060 } 1060 }
1061 1061
1062 static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb) 1062 static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1063 { 1063 {
1064 __u8 status = *((__u8 *) skb->data); 1064 __u8 status = *((__u8 *) skb->data);
1065 1065
1066 BT_DBG("%s status 0x%x", hdev->name, status); 1066 BT_DBG("%s status 0x%x", hdev->name, status);
1067 1067
1068 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_PARAM, status); 1068 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_PARAM, status);
1069 1069
1070 if (status) { 1070 if (status) {
1071 hci_dev_lock(hdev); 1071 hci_dev_lock(hdev);
1072 mgmt_start_discovery_failed(hdev, status); 1072 mgmt_start_discovery_failed(hdev, status);
1073 hci_dev_unlock(hdev); 1073 hci_dev_unlock(hdev);
1074 return; 1074 return;
1075 } 1075 }
1076 } 1076 }
1077 1077
1078 static void hci_cc_le_set_scan_enable(struct hci_dev *hdev, 1078 static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1079 struct sk_buff *skb) 1079 struct sk_buff *skb)
1080 { 1080 {
1081 struct hci_cp_le_set_scan_enable *cp; 1081 struct hci_cp_le_set_scan_enable *cp;
1082 __u8 status = *((__u8 *) skb->data); 1082 __u8 status = *((__u8 *) skb->data);
1083 1083
1084 BT_DBG("%s status 0x%x", hdev->name, status); 1084 BT_DBG("%s status 0x%x", hdev->name, status);
1085 1085
1086 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE); 1086 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1087 if (!cp) 1087 if (!cp)
1088 return; 1088 return;
1089 1089
1090 switch (cp->enable) { 1090 switch (cp->enable) {
1091 case LE_SCANNING_ENABLED: 1091 case LE_SCANNING_ENABLED:
1092 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_ENABLE, status); 1092 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_ENABLE, status);
1093 1093
1094 if (status) { 1094 if (status) {
1095 hci_dev_lock(hdev); 1095 hci_dev_lock(hdev);
1096 mgmt_start_discovery_failed(hdev, status); 1096 mgmt_start_discovery_failed(hdev, status);
1097 hci_dev_unlock(hdev); 1097 hci_dev_unlock(hdev);
1098 return; 1098 return;
1099 } 1099 }
1100 1100
1101 set_bit(HCI_LE_SCAN, &hdev->dev_flags); 1101 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1102 1102
1103 hci_dev_lock(hdev); 1103 hci_dev_lock(hdev);
1104 hci_discovery_set_state(hdev, DISCOVERY_FINDING); 1104 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
1105 hci_dev_unlock(hdev); 1105 hci_dev_unlock(hdev);
1106 break; 1106 break;
1107 1107
1108 case LE_SCANNING_DISABLED: 1108 case LE_SCANNING_DISABLED:
1109 if (status) { 1109 if (status) {
1110 hci_dev_lock(hdev); 1110 hci_dev_lock(hdev);
1111 mgmt_stop_discovery_failed(hdev, status); 1111 mgmt_stop_discovery_failed(hdev, status);
1112 hci_dev_unlock(hdev); 1112 hci_dev_unlock(hdev);
1113 return; 1113 return;
1114 } 1114 }
1115 1115
1116 clear_bit(HCI_LE_SCAN, &hdev->dev_flags); 1116 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1117 1117
1118 if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED && 1118 if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED &&
1119 hdev->discovery.state == DISCOVERY_FINDING) { 1119 hdev->discovery.state == DISCOVERY_FINDING) {
1120 mgmt_interleaved_discovery(hdev); 1120 mgmt_interleaved_discovery(hdev);
1121 } else { 1121 } else {
1122 hci_dev_lock(hdev); 1122 hci_dev_lock(hdev);
1123 hci_discovery_set_state(hdev, DISCOVERY_STOPPED); 1123 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1124 hci_dev_unlock(hdev); 1124 hci_dev_unlock(hdev);
1125 } 1125 }
1126 1126
1127 break; 1127 break;
1128 1128
1129 default: 1129 default:
1130 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable); 1130 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1131 break; 1131 break;
1132 } 1132 }
1133 } 1133 }
1134 1134
1135 static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb) 1135 static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1136 { 1136 {
1137 struct hci_rp_le_ltk_reply *rp = (void *) skb->data; 1137 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1138 1138
1139 BT_DBG("%s status 0x%x", hdev->name, rp->status); 1139 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1140 1140
1141 if (rp->status) 1141 if (rp->status)
1142 return; 1142 return;
1143 1143
1144 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status); 1144 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1145 } 1145 }
1146 1146
1147 static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb) 1147 static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1148 { 1148 {
1149 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data; 1149 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1150 1150
1151 BT_DBG("%s status 0x%x", hdev->name, rp->status); 1151 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1152 1152
1153 if (rp->status) 1153 if (rp->status)
1154 return; 1154 return;
1155 1155
1156 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status); 1156 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1157 } 1157 }
1158 1158
1159 static inline void hci_cc_write_le_host_supported(struct hci_dev *hdev, 1159 static inline void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1160 struct sk_buff *skb) 1160 struct sk_buff *skb)
1161 { 1161 {
1162 struct hci_cp_write_le_host_supported *sent; 1162 struct hci_cp_write_le_host_supported *sent;
1163 __u8 status = *((__u8 *) skb->data); 1163 __u8 status = *((__u8 *) skb->data);
1164 1164
1165 BT_DBG("%s status 0x%x", hdev->name, status); 1165 BT_DBG("%s status 0x%x", hdev->name, status);
1166 1166
1167 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED); 1167 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED);
1168 if (!sent) 1168 if (!sent)
1169 return; 1169 return;
1170 1170
1171 if (!status) { 1171 if (!status) {
1172 if (sent->le) 1172 if (sent->le)
1173 hdev->host_features[0] |= LMP_HOST_LE; 1173 hdev->host_features[0] |= LMP_HOST_LE;
1174 else 1174 else
1175 hdev->host_features[0] &= ~LMP_HOST_LE; 1175 hdev->host_features[0] &= ~LMP_HOST_LE;
1176 } 1176 }
1177 1177
1178 if (test_bit(HCI_MGMT, &hdev->dev_flags) && 1178 if (test_bit(HCI_MGMT, &hdev->dev_flags) &&
1179 !test_bit(HCI_INIT, &hdev->flags)) 1179 !test_bit(HCI_INIT, &hdev->flags))
1180 mgmt_le_enable_complete(hdev, sent->le, status); 1180 mgmt_le_enable_complete(hdev, sent->le, status);
1181 1181
1182 hci_req_complete(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, status); 1182 hci_req_complete(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, status);
1183 } 1183 }
1184 1184
1185 static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status) 1185 static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
1186 { 1186 {
1187 BT_DBG("%s status 0x%x", hdev->name, status); 1187 BT_DBG("%s status 0x%x", hdev->name, status);
1188 1188
1189 if (status) { 1189 if (status) {
1190 hci_req_complete(hdev, HCI_OP_INQUIRY, status); 1190 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1191 hci_conn_check_pending(hdev); 1191 hci_conn_check_pending(hdev);
1192 hci_dev_lock(hdev); 1192 hci_dev_lock(hdev);
1193 if (test_bit(HCI_MGMT, &hdev->dev_flags)) 1193 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1194 mgmt_start_discovery_failed(hdev, status); 1194 mgmt_start_discovery_failed(hdev, status);
1195 hci_dev_unlock(hdev); 1195 hci_dev_unlock(hdev);
1196 return; 1196 return;
1197 } 1197 }
1198 1198
1199 set_bit(HCI_INQUIRY, &hdev->flags); 1199 set_bit(HCI_INQUIRY, &hdev->flags);
1200 1200
1201 hci_dev_lock(hdev); 1201 hci_dev_lock(hdev);
1202 hci_discovery_set_state(hdev, DISCOVERY_FINDING); 1202 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
1203 hci_dev_unlock(hdev); 1203 hci_dev_unlock(hdev);
1204 } 1204 }
1205 1205
1206 static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status) 1206 static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1207 { 1207 {
1208 struct hci_cp_create_conn *cp; 1208 struct hci_cp_create_conn *cp;
1209 struct hci_conn *conn; 1209 struct hci_conn *conn;
1210 1210
1211 BT_DBG("%s status 0x%x", hdev->name, status); 1211 BT_DBG("%s status 0x%x", hdev->name, status);
1212 1212
1213 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN); 1213 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1214 if (!cp) 1214 if (!cp)
1215 return; 1215 return;
1216 1216
1217 hci_dev_lock(hdev); 1217 hci_dev_lock(hdev);
1218 1218
1219 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); 1219 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1220 1220
1221 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn); 1221 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
1222 1222
1223 if (status) { 1223 if (status) {
1224 if (conn && conn->state == BT_CONNECT) { 1224 if (conn && conn->state == BT_CONNECT) {
1225 if (status != 0x0c || conn->attempt > 2) { 1225 if (status != 0x0c || conn->attempt > 2) {
1226 conn->state = BT_CLOSED; 1226 conn->state = BT_CLOSED;
1227 hci_proto_connect_cfm(conn, status); 1227 hci_proto_connect_cfm(conn, status);
1228 hci_conn_del(conn); 1228 hci_conn_del(conn);
1229 } else 1229 } else
1230 conn->state = BT_CONNECT2; 1230 conn->state = BT_CONNECT2;
1231 } 1231 }
1232 } else { 1232 } else {
1233 if (!conn) { 1233 if (!conn) {
1234 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr); 1234 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1235 if (conn) { 1235 if (conn) {
1236 conn->out = true; 1236 conn->out = true;
1237 conn->link_mode |= HCI_LM_MASTER; 1237 conn->link_mode |= HCI_LM_MASTER;
1238 } else 1238 } else
1239 BT_ERR("No memory for new connection"); 1239 BT_ERR("No memory for new connection");
1240 } 1240 }
1241 } 1241 }
1242 1242
1243 hci_dev_unlock(hdev); 1243 hci_dev_unlock(hdev);
1244 } 1244 }
1245 1245
1246 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status) 1246 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1247 { 1247 {
1248 struct hci_cp_add_sco *cp; 1248 struct hci_cp_add_sco *cp;
1249 struct hci_conn *acl, *sco; 1249 struct hci_conn *acl, *sco;
1250 __u16 handle; 1250 __u16 handle;
1251 1251
1252 BT_DBG("%s status 0x%x", hdev->name, status); 1252 BT_DBG("%s status 0x%x", hdev->name, status);
1253 1253
1254 if (!status) 1254 if (!status)
1255 return; 1255 return;
1256 1256
1257 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO); 1257 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1258 if (!cp) 1258 if (!cp)
1259 return; 1259 return;
1260 1260
1261 handle = __le16_to_cpu(cp->handle); 1261 handle = __le16_to_cpu(cp->handle);
1262 1262
1263 BT_DBG("%s handle %d", hdev->name, handle); 1263 BT_DBG("%s handle %d", hdev->name, handle);
1264 1264
1265 hci_dev_lock(hdev); 1265 hci_dev_lock(hdev);
1266 1266
1267 acl = hci_conn_hash_lookup_handle(hdev, handle); 1267 acl = hci_conn_hash_lookup_handle(hdev, handle);
1268 if (acl) { 1268 if (acl) {
1269 sco = acl->link; 1269 sco = acl->link;
1270 if (sco) { 1270 if (sco) {
1271 sco->state = BT_CLOSED; 1271 sco->state = BT_CLOSED;
1272 1272
1273 hci_proto_connect_cfm(sco, status); 1273 hci_proto_connect_cfm(sco, status);
1274 hci_conn_del(sco); 1274 hci_conn_del(sco);
1275 } 1275 }
1276 } 1276 }
1277 1277
1278 hci_dev_unlock(hdev); 1278 hci_dev_unlock(hdev);
1279 } 1279 }
1280 1280
1281 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status) 1281 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1282 { 1282 {
1283 struct hci_cp_auth_requested *cp; 1283 struct hci_cp_auth_requested *cp;
1284 struct hci_conn *conn; 1284 struct hci_conn *conn;
1285 1285
1286 BT_DBG("%s status 0x%x", hdev->name, status); 1286 BT_DBG("%s status 0x%x", hdev->name, status);
1287 1287
1288 if (!status) 1288 if (!status)
1289 return; 1289 return;
1290 1290
1291 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED); 1291 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1292 if (!cp) 1292 if (!cp)
1293 return; 1293 return;
1294 1294
1295 hci_dev_lock(hdev); 1295 hci_dev_lock(hdev);
1296 1296
1297 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 1297 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1298 if (conn) { 1298 if (conn) {
1299 if (conn->state == BT_CONFIG) { 1299 if (conn->state == BT_CONFIG) {
1300 hci_proto_connect_cfm(conn, status); 1300 hci_proto_connect_cfm(conn, status);
1301 hci_conn_put(conn); 1301 hci_conn_put(conn);
1302 } 1302 }
1303 } 1303 }
1304 1304
1305 hci_dev_unlock(hdev); 1305 hci_dev_unlock(hdev);
1306 } 1306 }
1307 1307
1308 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status) 1308 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1309 { 1309 {
1310 struct hci_cp_set_conn_encrypt *cp; 1310 struct hci_cp_set_conn_encrypt *cp;
1311 struct hci_conn *conn; 1311 struct hci_conn *conn;
1312 1312
1313 BT_DBG("%s status 0x%x", hdev->name, status); 1313 BT_DBG("%s status 0x%x", hdev->name, status);
1314 1314
1315 if (!status) 1315 if (!status)
1316 return; 1316 return;
1317 1317
1318 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT); 1318 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1319 if (!cp) 1319 if (!cp)
1320 return; 1320 return;
1321 1321
1322 hci_dev_lock(hdev); 1322 hci_dev_lock(hdev);
1323 1323
1324 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 1324 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1325 if (conn) { 1325 if (conn) {
1326 if (conn->state == BT_CONFIG) { 1326 if (conn->state == BT_CONFIG) {
1327 hci_proto_connect_cfm(conn, status); 1327 hci_proto_connect_cfm(conn, status);
1328 hci_conn_put(conn); 1328 hci_conn_put(conn);
1329 } 1329 }
1330 } 1330 }
1331 1331
1332 hci_dev_unlock(hdev); 1332 hci_dev_unlock(hdev);
1333 } 1333 }
1334 1334
1335 static int hci_outgoing_auth_needed(struct hci_dev *hdev, 1335 static int hci_outgoing_auth_needed(struct hci_dev *hdev,
1336 struct hci_conn *conn) 1336 struct hci_conn *conn)
1337 { 1337 {
1338 if (conn->state != BT_CONFIG || !conn->out) 1338 if (conn->state != BT_CONFIG || !conn->out)
1339 return 0; 1339 return 0;
1340 1340
1341 if (conn->pending_sec_level == BT_SECURITY_SDP) 1341 if (conn->pending_sec_level == BT_SECURITY_SDP)
1342 return 0; 1342 return 0;
1343 1343
1344 /* Only request authentication for SSP connections or non-SSP 1344 /* Only request authentication for SSP connections or non-SSP
1345 * devices with sec_level HIGH or if MITM protection is requested */ 1345 * devices with sec_level HIGH or if MITM protection is requested */
1346 if (!hci_conn_ssp_enabled(conn) && 1346 if (!hci_conn_ssp_enabled(conn) &&
1347 conn->pending_sec_level != BT_SECURITY_HIGH && 1347 conn->pending_sec_level != BT_SECURITY_HIGH &&
1348 !(conn->auth_type & 0x01)) 1348 !(conn->auth_type & 0x01))
1349 return 0; 1349 return 0;
1350 1350
1351 return 1; 1351 return 1;
1352 } 1352 }
1353 1353
1354 static inline int hci_resolve_name(struct hci_dev *hdev, 1354 static inline int hci_resolve_name(struct hci_dev *hdev,
1355 struct inquiry_entry *e) 1355 struct inquiry_entry *e)
1356 { 1356 {
1357 struct hci_cp_remote_name_req cp; 1357 struct hci_cp_remote_name_req cp;
1358 1358
1359 memset(&cp, 0, sizeof(cp)); 1359 memset(&cp, 0, sizeof(cp));
1360 1360
1361 bacpy(&cp.bdaddr, &e->data.bdaddr); 1361 bacpy(&cp.bdaddr, &e->data.bdaddr);
1362 cp.pscan_rep_mode = e->data.pscan_rep_mode; 1362 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1363 cp.pscan_mode = e->data.pscan_mode; 1363 cp.pscan_mode = e->data.pscan_mode;
1364 cp.clock_offset = e->data.clock_offset; 1364 cp.clock_offset = e->data.clock_offset;
1365 1365
1366 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp); 1366 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1367 } 1367 }
1368 1368
1369 static bool hci_resolve_next_name(struct hci_dev *hdev) 1369 static bool hci_resolve_next_name(struct hci_dev *hdev)
1370 { 1370 {
1371 struct discovery_state *discov = &hdev->discovery; 1371 struct discovery_state *discov = &hdev->discovery;
1372 struct inquiry_entry *e; 1372 struct inquiry_entry *e;
1373 1373
1374 if (list_empty(&discov->resolve)) 1374 if (list_empty(&discov->resolve))
1375 return false; 1375 return false;
1376 1376
1377 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED); 1377 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1378 if (hci_resolve_name(hdev, e) == 0) { 1378 if (hci_resolve_name(hdev, e) == 0) {
1379 e->name_state = NAME_PENDING; 1379 e->name_state = NAME_PENDING;
1380 return true; 1380 return true;
1381 } 1381 }
1382 1382
1383 return false; 1383 return false;
1384 } 1384 }
1385 1385
1386 static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn, 1386 static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
1387 bdaddr_t *bdaddr, u8 *name, u8 name_len) 1387 bdaddr_t *bdaddr, u8 *name, u8 name_len)
1388 { 1388 {
1389 struct discovery_state *discov = &hdev->discovery; 1389 struct discovery_state *discov = &hdev->discovery;
1390 struct inquiry_entry *e; 1390 struct inquiry_entry *e;
1391 1391
1392 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) 1392 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
1393 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00, 0, name, 1393 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00, 0, name,
1394 name_len, conn->dev_class); 1394 name_len, conn->dev_class);
1395 1395
1396 if (discov->state == DISCOVERY_STOPPED) 1396 if (discov->state == DISCOVERY_STOPPED)
1397 return; 1397 return;
1398 1398
1399 if (discov->state == DISCOVERY_STOPPING) 1399 if (discov->state == DISCOVERY_STOPPING)
1400 goto discov_complete; 1400 goto discov_complete;
1401 1401
1402 if (discov->state != DISCOVERY_RESOLVING) 1402 if (discov->state != DISCOVERY_RESOLVING)
1403 return; 1403 return;
1404 1404
1405 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING); 1405 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
1406 if (e) { 1406 if (e) {
1407 e->name_state = NAME_KNOWN; 1407 e->name_state = NAME_KNOWN;
1408 list_del(&e->list); 1408 list_del(&e->list);
1409 if (name) 1409 if (name)
1410 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00, 1410 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1411 e->data.rssi, name, name_len); 1411 e->data.rssi, name, name_len);
1412 } 1412 }
1413 1413
1414 if (hci_resolve_next_name(hdev)) 1414 if (hci_resolve_next_name(hdev))
1415 return; 1415 return;
1416 1416
1417 discov_complete: 1417 discov_complete:
1418 hci_discovery_set_state(hdev, DISCOVERY_STOPPED); 1418 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1419 } 1419 }
1420 1420
1421 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status) 1421 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1422 { 1422 {
1423 struct hci_cp_remote_name_req *cp; 1423 struct hci_cp_remote_name_req *cp;
1424 struct hci_conn *conn; 1424 struct hci_conn *conn;
1425 1425
1426 BT_DBG("%s status 0x%x", hdev->name, status); 1426 BT_DBG("%s status 0x%x", hdev->name, status);
1427 1427
1428 /* If successful wait for the name req complete event before 1428 /* If successful wait for the name req complete event before
1429 * checking for the need to do authentication */ 1429 * checking for the need to do authentication */
1430 if (!status) 1430 if (!status)
1431 return; 1431 return;
1432 1432
1433 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ); 1433 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1434 if (!cp) 1434 if (!cp)
1435 return; 1435 return;
1436 1436
1437 hci_dev_lock(hdev); 1437 hci_dev_lock(hdev);
1438 1438
1439 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); 1439 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1440 1440
1441 if (test_bit(HCI_MGMT, &hdev->dev_flags)) 1441 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1442 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0); 1442 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
1443 1443
1444 if (!conn) 1444 if (!conn)
1445 goto unlock; 1445 goto unlock;
1446 1446
1447 if (!hci_outgoing_auth_needed(hdev, conn)) 1447 if (!hci_outgoing_auth_needed(hdev, conn))
1448 goto unlock; 1448 goto unlock;
1449 1449
1450 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) { 1450 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
1451 struct hci_cp_auth_requested cp; 1451 struct hci_cp_auth_requested cp;
1452 cp.handle = __cpu_to_le16(conn->handle); 1452 cp.handle = __cpu_to_le16(conn->handle);
1453 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp); 1453 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1454 } 1454 }
1455 1455
1456 unlock: 1456 unlock:
1457 hci_dev_unlock(hdev); 1457 hci_dev_unlock(hdev);
1458 } 1458 }
1459 1459
1460 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status) 1460 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1461 { 1461 {
1462 struct hci_cp_read_remote_features *cp; 1462 struct hci_cp_read_remote_features *cp;
1463 struct hci_conn *conn; 1463 struct hci_conn *conn;
1464 1464
1465 BT_DBG("%s status 0x%x", hdev->name, status); 1465 BT_DBG("%s status 0x%x", hdev->name, status);
1466 1466
1467 if (!status) 1467 if (!status)
1468 return; 1468 return;
1469 1469
1470 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES); 1470 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1471 if (!cp) 1471 if (!cp)
1472 return; 1472 return;
1473 1473
1474 hci_dev_lock(hdev); 1474 hci_dev_lock(hdev);
1475 1475
1476 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 1476 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1477 if (conn) { 1477 if (conn) {
1478 if (conn->state == BT_CONFIG) { 1478 if (conn->state == BT_CONFIG) {
1479 hci_proto_connect_cfm(conn, status); 1479 hci_proto_connect_cfm(conn, status);
1480 hci_conn_put(conn); 1480 hci_conn_put(conn);
1481 } 1481 }
1482 } 1482 }
1483 1483
1484 hci_dev_unlock(hdev); 1484 hci_dev_unlock(hdev);
1485 } 1485 }
1486 1486
1487 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status) 1487 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1488 { 1488 {
1489 struct hci_cp_read_remote_ext_features *cp; 1489 struct hci_cp_read_remote_ext_features *cp;
1490 struct hci_conn *conn; 1490 struct hci_conn *conn;
1491 1491
1492 BT_DBG("%s status 0x%x", hdev->name, status); 1492 BT_DBG("%s status 0x%x", hdev->name, status);
1493 1493
1494 if (!status) 1494 if (!status)
1495 return; 1495 return;
1496 1496
1497 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES); 1497 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1498 if (!cp) 1498 if (!cp)
1499 return; 1499 return;
1500 1500
1501 hci_dev_lock(hdev); 1501 hci_dev_lock(hdev);
1502 1502
1503 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 1503 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1504 if (conn) { 1504 if (conn) {
1505 if (conn->state == BT_CONFIG) { 1505 if (conn->state == BT_CONFIG) {
1506 hci_proto_connect_cfm(conn, status); 1506 hci_proto_connect_cfm(conn, status);
1507 hci_conn_put(conn); 1507 hci_conn_put(conn);
1508 } 1508 }
1509 } 1509 }
1510 1510
1511 hci_dev_unlock(hdev); 1511 hci_dev_unlock(hdev);
1512 } 1512 }
1513 1513
1514 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status) 1514 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1515 { 1515 {
1516 struct hci_cp_setup_sync_conn *cp; 1516 struct hci_cp_setup_sync_conn *cp;
1517 struct hci_conn *acl, *sco; 1517 struct hci_conn *acl, *sco;
1518 __u16 handle; 1518 __u16 handle;
1519 1519
1520 BT_DBG("%s status 0x%x", hdev->name, status); 1520 BT_DBG("%s status 0x%x", hdev->name, status);
1521 1521
1522 if (!status) 1522 if (!status)
1523 return; 1523 return;
1524 1524
1525 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN); 1525 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1526 if (!cp) 1526 if (!cp)
1527 return; 1527 return;
1528 1528
1529 handle = __le16_to_cpu(cp->handle); 1529 handle = __le16_to_cpu(cp->handle);
1530 1530
1531 BT_DBG("%s handle %d", hdev->name, handle); 1531 BT_DBG("%s handle %d", hdev->name, handle);
1532 1532
1533 hci_dev_lock(hdev); 1533 hci_dev_lock(hdev);
1534 1534
1535 acl = hci_conn_hash_lookup_handle(hdev, handle); 1535 acl = hci_conn_hash_lookup_handle(hdev, handle);
1536 if (acl) { 1536 if (acl) {
1537 sco = acl->link; 1537 sco = acl->link;
1538 if (sco) { 1538 if (sco) {
1539 sco->state = BT_CLOSED; 1539 sco->state = BT_CLOSED;
1540 1540
1541 hci_proto_connect_cfm(sco, status); 1541 hci_proto_connect_cfm(sco, status);
1542 hci_conn_del(sco); 1542 hci_conn_del(sco);
1543 } 1543 }
1544 } 1544 }
1545 1545
1546 hci_dev_unlock(hdev); 1546 hci_dev_unlock(hdev);
1547 } 1547 }
1548 1548
1549 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status) 1549 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1550 { 1550 {
1551 struct hci_cp_sniff_mode *cp; 1551 struct hci_cp_sniff_mode *cp;
1552 struct hci_conn *conn; 1552 struct hci_conn *conn;
1553 1553
1554 BT_DBG("%s status 0x%x", hdev->name, status); 1554 BT_DBG("%s status 0x%x", hdev->name, status);
1555 1555
1556 if (!status) 1556 if (!status)
1557 return; 1557 return;
1558 1558
1559 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE); 1559 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1560 if (!cp) 1560 if (!cp)
1561 return; 1561 return;
1562 1562
1563 hci_dev_lock(hdev); 1563 hci_dev_lock(hdev);
1564 1564
1565 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 1565 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1566 if (conn) { 1566 if (conn) {
1567 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags); 1567 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1568 1568
1569 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags)) 1569 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
1570 hci_sco_setup(conn, status); 1570 hci_sco_setup(conn, status);
1571 } 1571 }
1572 1572
1573 hci_dev_unlock(hdev); 1573 hci_dev_unlock(hdev);
1574 } 1574 }
1575 1575
1576 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status) 1576 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1577 { 1577 {
1578 struct hci_cp_exit_sniff_mode *cp; 1578 struct hci_cp_exit_sniff_mode *cp;
1579 struct hci_conn *conn; 1579 struct hci_conn *conn;
1580 1580
1581 BT_DBG("%s status 0x%x", hdev->name, status); 1581 BT_DBG("%s status 0x%x", hdev->name, status);
1582 1582
1583 if (!status) 1583 if (!status)
1584 return; 1584 return;
1585 1585
1586 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE); 1586 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1587 if (!cp) 1587 if (!cp)
1588 return; 1588 return;
1589 1589
1590 hci_dev_lock(hdev); 1590 hci_dev_lock(hdev);
1591 1591
1592 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 1592 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1593 if (conn) { 1593 if (conn) {
1594 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags); 1594 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1595 1595
1596 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags)) 1596 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
1597 hci_sco_setup(conn, status); 1597 hci_sco_setup(conn, status);
1598 } 1598 }
1599 1599
1600 hci_dev_unlock(hdev); 1600 hci_dev_unlock(hdev);
1601 } 1601 }
1602 1602
1603 static void hci_cs_disconnect(struct hci_dev *hdev, u8 status) 1603 static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1604 { 1604 {
1605 struct hci_cp_disconnect *cp; 1605 struct hci_cp_disconnect *cp;
1606 struct hci_conn *conn; 1606 struct hci_conn *conn;
1607 1607
1608 if (!status) 1608 if (!status)
1609 return; 1609 return;
1610 1610
1611 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT); 1611 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
1612 if (!cp) 1612 if (!cp)
1613 return; 1613 return;
1614 1614
1615 hci_dev_lock(hdev); 1615 hci_dev_lock(hdev);
1616 1616
1617 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 1617 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1618 if (conn) 1618 if (conn)
1619 mgmt_disconnect_failed(hdev, &conn->dst, conn->type, 1619 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
1620 conn->dst_type, status); 1620 conn->dst_type, status);
1621 1621
1622 hci_dev_unlock(hdev); 1622 hci_dev_unlock(hdev);
1623 } 1623 }
1624 1624
1625 static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status) 1625 static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1626 { 1626 {
1627 struct hci_cp_le_create_conn *cp; 1627 struct hci_cp_le_create_conn *cp;
1628 struct hci_conn *conn; 1628 struct hci_conn *conn;
1629 1629
1630 BT_DBG("%s status 0x%x", hdev->name, status); 1630 BT_DBG("%s status 0x%x", hdev->name, status);
1631 1631
1632 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN); 1632 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1633 if (!cp) 1633 if (!cp)
1634 return; 1634 return;
1635 1635
1636 hci_dev_lock(hdev); 1636 hci_dev_lock(hdev);
1637 1637
1638 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr); 1638 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1639 1639
1640 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr), 1640 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1641 conn); 1641 conn);
1642 1642
1643 if (status) { 1643 if (status) {
1644 if (conn && conn->state == BT_CONNECT) { 1644 if (conn && conn->state == BT_CONNECT) {
1645 conn->state = BT_CLOSED; 1645 conn->state = BT_CLOSED;
1646 mgmt_connect_failed(hdev, &cp->peer_addr, conn->type, 1646 mgmt_connect_failed(hdev, &cp->peer_addr, conn->type,
1647 conn->dst_type, status); 1647 conn->dst_type, status);
1648 hci_proto_connect_cfm(conn, status); 1648 hci_proto_connect_cfm(conn, status);
1649 hci_conn_del(conn); 1649 hci_conn_del(conn);
1650 } 1650 }
1651 } else { 1651 } else {
1652 if (!conn) { 1652 if (!conn) {
1653 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr); 1653 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
1654 if (conn) { 1654 if (conn) {
1655 conn->dst_type = cp->peer_addr_type; 1655 conn->dst_type = cp->peer_addr_type;
1656 conn->out = true; 1656 conn->out = true;
1657 } else { 1657 } else {
1658 BT_ERR("No memory for new connection"); 1658 BT_ERR("No memory for new connection");
1659 } 1659 }
1660 } 1660 }
1661 } 1661 }
1662 1662
1663 hci_dev_unlock(hdev); 1663 hci_dev_unlock(hdev);
1664 } 1664 }
1665 1665
1666 static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status) 1666 static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1667 { 1667 {
1668 BT_DBG("%s status 0x%x", hdev->name, status); 1668 BT_DBG("%s status 0x%x", hdev->name, status);
1669 } 1669 }
1670 1670
1671 static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1671 static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1672 { 1672 {
1673 __u8 status = *((__u8 *) skb->data); 1673 __u8 status = *((__u8 *) skb->data);
1674 struct discovery_state *discov = &hdev->discovery; 1674 struct discovery_state *discov = &hdev->discovery;
1675 struct inquiry_entry *e; 1675 struct inquiry_entry *e;
1676 1676
1677 BT_DBG("%s status %d", hdev->name, status); 1677 BT_DBG("%s status %d", hdev->name, status);
1678 1678
1679 hci_req_complete(hdev, HCI_OP_INQUIRY, status); 1679 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1680 1680
1681 hci_conn_check_pending(hdev); 1681 hci_conn_check_pending(hdev);
1682 1682
1683 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags)) 1683 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1684 return; 1684 return;
1685 1685
1686 if (!test_bit(HCI_MGMT, &hdev->dev_flags)) 1686 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
1687 return; 1687 return;
1688 1688
1689 hci_dev_lock(hdev); 1689 hci_dev_lock(hdev);
1690 1690
1691 if (discov->state != DISCOVERY_FINDING) 1691 if (discov->state != DISCOVERY_FINDING)
1692 goto unlock; 1692 goto unlock;
1693 1693
1694 if (list_empty(&discov->resolve)) { 1694 if (list_empty(&discov->resolve)) {
1695 hci_discovery_set_state(hdev, DISCOVERY_STOPPED); 1695 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1696 goto unlock; 1696 goto unlock;
1697 } 1697 }
1698 1698
1699 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED); 1699 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1700 if (e && hci_resolve_name(hdev, e) == 0) { 1700 if (e && hci_resolve_name(hdev, e) == 0) {
1701 e->name_state = NAME_PENDING; 1701 e->name_state = NAME_PENDING;
1702 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING); 1702 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1703 } else { 1703 } else {
1704 hci_discovery_set_state(hdev, DISCOVERY_STOPPED); 1704 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1705 } 1705 }
1706 1706
1707 unlock: 1707 unlock:
1708 hci_dev_unlock(hdev); 1708 hci_dev_unlock(hdev);
1709 } 1709 }
1710 1710
1711 static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb) 1711 static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1712 { 1712 {
1713 struct inquiry_data data; 1713 struct inquiry_data data;
1714 struct inquiry_info *info = (void *) (skb->data + 1); 1714 struct inquiry_info *info = (void *) (skb->data + 1);
1715 int num_rsp = *((__u8 *) skb->data); 1715 int num_rsp = *((__u8 *) skb->data);
1716 1716
1717 BT_DBG("%s num_rsp %d", hdev->name, num_rsp); 1717 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1718 1718
1719 if (!num_rsp) 1719 if (!num_rsp)
1720 return; 1720 return;
1721 1721
1722 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags)) 1722 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
1723 return; 1723 return;
1724 1724
1725 hci_dev_lock(hdev); 1725 hci_dev_lock(hdev);
1726 1726
1727 for (; num_rsp; num_rsp--, info++) { 1727 for (; num_rsp; num_rsp--, info++) {
1728 bool name_known, ssp; 1728 bool name_known, ssp;
1729 1729
1730 bacpy(&data.bdaddr, &info->bdaddr); 1730 bacpy(&data.bdaddr, &info->bdaddr);
1731 data.pscan_rep_mode = info->pscan_rep_mode; 1731 data.pscan_rep_mode = info->pscan_rep_mode;
1732 data.pscan_period_mode = info->pscan_period_mode; 1732 data.pscan_period_mode = info->pscan_period_mode;
1733 data.pscan_mode = info->pscan_mode; 1733 data.pscan_mode = info->pscan_mode;
1734 memcpy(data.dev_class, info->dev_class, 3); 1734 memcpy(data.dev_class, info->dev_class, 3);
1735 data.clock_offset = info->clock_offset; 1735 data.clock_offset = info->clock_offset;
1736 data.rssi = 0x00; 1736 data.rssi = 0x00;
1737 data.ssp_mode = 0x00; 1737 data.ssp_mode = 0x00;
1738 1738
1739 name_known = hci_inquiry_cache_update(hdev, &data, false, &ssp); 1739 name_known = hci_inquiry_cache_update(hdev, &data, false, &ssp);
1740 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00, 1740 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
1741 info->dev_class, 0, !name_known, ssp, NULL, 1741 info->dev_class, 0, !name_known, ssp, NULL,
1742 0); 1742 0);
1743 } 1743 }
1744 1744
1745 hci_dev_unlock(hdev); 1745 hci_dev_unlock(hdev);
1746 } 1746 }
1747 1747
1748 static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1748 static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1749 { 1749 {
1750 struct hci_ev_conn_complete *ev = (void *) skb->data; 1750 struct hci_ev_conn_complete *ev = (void *) skb->data;
1751 struct hci_conn *conn; 1751 struct hci_conn *conn;
1752 1752
1753 BT_DBG("%s", hdev->name); 1753 BT_DBG("%s", hdev->name);
1754 1754
1755 hci_dev_lock(hdev); 1755 hci_dev_lock(hdev);
1756 1756
1757 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr); 1757 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1758 if (!conn) { 1758 if (!conn) {
1759 if (ev->link_type != SCO_LINK) 1759 if (ev->link_type != SCO_LINK)
1760 goto unlock; 1760 goto unlock;
1761 1761
1762 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr); 1762 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1763 if (!conn) 1763 if (!conn)
1764 goto unlock; 1764 goto unlock;
1765 1765
1766 conn->type = SCO_LINK; 1766 conn->type = SCO_LINK;
1767 } 1767 }
1768 1768
1769 if (!ev->status) { 1769 if (!ev->status) {
1770 conn->handle = __le16_to_cpu(ev->handle); 1770 conn->handle = __le16_to_cpu(ev->handle);
1771 1771
1772 if (conn->type == ACL_LINK) { 1772 if (conn->type == ACL_LINK) {
1773 conn->state = BT_CONFIG; 1773 conn->state = BT_CONFIG;
1774 hci_conn_hold(conn); 1774 hci_conn_hold(conn);
1775 conn->disc_timeout = HCI_DISCONN_TIMEOUT; 1775 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1776 } else 1776 } else
1777 conn->state = BT_CONNECTED; 1777 conn->state = BT_CONNECTED;
1778 1778
1779 hci_conn_hold_device(conn); 1779 hci_conn_hold_device(conn);
1780 hci_conn_add_sysfs(conn); 1780 hci_conn_add_sysfs(conn);
1781 1781
1782 if (test_bit(HCI_AUTH, &hdev->flags)) 1782 if (test_bit(HCI_AUTH, &hdev->flags))
1783 conn->link_mode |= HCI_LM_AUTH; 1783 conn->link_mode |= HCI_LM_AUTH;
1784 1784
1785 if (test_bit(HCI_ENCRYPT, &hdev->flags)) 1785 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1786 conn->link_mode |= HCI_LM_ENCRYPT; 1786 conn->link_mode |= HCI_LM_ENCRYPT;
1787 1787
1788 /* Get remote features */ 1788 /* Get remote features */
1789 if (conn->type == ACL_LINK) { 1789 if (conn->type == ACL_LINK) {
1790 struct hci_cp_read_remote_features cp; 1790 struct hci_cp_read_remote_features cp;
1791 cp.handle = ev->handle; 1791 cp.handle = ev->handle;
1792 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES, 1792 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1793 sizeof(cp), &cp); 1793 sizeof(cp), &cp);
1794 } 1794 }
1795 1795
1796 /* Set packet type for incoming connection */ 1796 /* Set packet type for incoming connection */
1797 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) { 1797 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1798 struct hci_cp_change_conn_ptype cp; 1798 struct hci_cp_change_conn_ptype cp;
1799 cp.handle = ev->handle; 1799 cp.handle = ev->handle;
1800 cp.pkt_type = cpu_to_le16(conn->pkt_type); 1800 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1801 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, sizeof(cp), 1801 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, sizeof(cp),
1802 &cp); 1802 &cp);
1803 } 1803 }
1804 } else { 1804 } else {
1805 conn->state = BT_CLOSED; 1805 conn->state = BT_CLOSED;
1806 if (conn->type == ACL_LINK) 1806 if (conn->type == ACL_LINK)
1807 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type, 1807 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
1808 conn->dst_type, ev->status); 1808 conn->dst_type, ev->status);
1809 } 1809 }
1810 1810
1811 if (conn->type == ACL_LINK) 1811 if (conn->type == ACL_LINK)
1812 hci_sco_setup(conn, ev->status); 1812 hci_sco_setup(conn, ev->status);
1813 1813
1814 if (ev->status) { 1814 if (ev->status) {
1815 hci_proto_connect_cfm(conn, ev->status); 1815 hci_proto_connect_cfm(conn, ev->status);
1816 hci_conn_del(conn); 1816 hci_conn_del(conn);
1817 } else if (ev->link_type != ACL_LINK) 1817 } else if (ev->link_type != ACL_LINK)
1818 hci_proto_connect_cfm(conn, ev->status); 1818 hci_proto_connect_cfm(conn, ev->status);
1819 1819
1820 unlock: 1820 unlock:
1821 hci_dev_unlock(hdev); 1821 hci_dev_unlock(hdev);
1822 1822
1823 hci_conn_check_pending(hdev); 1823 hci_conn_check_pending(hdev);
1824 } 1824 }
1825 1825
1826 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb) 1826 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1827 { 1827 {
1828 struct hci_ev_conn_request *ev = (void *) skb->data; 1828 struct hci_ev_conn_request *ev = (void *) skb->data;
1829 int mask = hdev->link_mode; 1829 int mask = hdev->link_mode;
1830 1830
1831 BT_DBG("%s bdaddr %s type 0x%x", hdev->name, 1831 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1832 batostr(&ev->bdaddr), ev->link_type); 1832 batostr(&ev->bdaddr), ev->link_type);
1833 1833
1834 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type); 1834 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1835 1835
1836 if ((mask & HCI_LM_ACCEPT) && 1836 if ((mask & HCI_LM_ACCEPT) &&
1837 !hci_blacklist_lookup(hdev, &ev->bdaddr)) { 1837 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
1838 /* Connection accepted */ 1838 /* Connection accepted */
1839 struct inquiry_entry *ie; 1839 struct inquiry_entry *ie;
1840 struct hci_conn *conn; 1840 struct hci_conn *conn;
1841 1841
1842 hci_dev_lock(hdev); 1842 hci_dev_lock(hdev);
1843 1843
1844 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr); 1844 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1845 if (ie) 1845 if (ie)
1846 memcpy(ie->data.dev_class, ev->dev_class, 3); 1846 memcpy(ie->data.dev_class, ev->dev_class, 3);
1847 1847
1848 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr); 1848 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1849 if (!conn) { 1849 if (!conn) {
1850 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr); 1850 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1851 if (!conn) { 1851 if (!conn) {
1852 BT_ERR("No memory for new connection"); 1852 BT_ERR("No memory for new connection");
1853 hci_dev_unlock(hdev); 1853 hci_dev_unlock(hdev);
1854 return; 1854 return;
1855 } 1855 }
1856 } 1856 }
1857 1857
1858 memcpy(conn->dev_class, ev->dev_class, 3); 1858 memcpy(conn->dev_class, ev->dev_class, 3);
1859 conn->state = BT_CONNECT; 1859 conn->state = BT_CONNECT;
1860 1860
1861 hci_dev_unlock(hdev); 1861 hci_dev_unlock(hdev);
1862 1862
1863 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) { 1863 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1864 struct hci_cp_accept_conn_req cp; 1864 struct hci_cp_accept_conn_req cp;
1865 1865
1866 bacpy(&cp.bdaddr, &ev->bdaddr); 1866 bacpy(&cp.bdaddr, &ev->bdaddr);
1867 1867
1868 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER)) 1868 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1869 cp.role = 0x00; /* Become master */ 1869 cp.role = 0x00; /* Become master */
1870 else 1870 else
1871 cp.role = 0x01; /* Remain slave */ 1871 cp.role = 0x01; /* Remain slave */
1872 1872
1873 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp), 1873 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp),
1874 &cp); 1874 &cp);
1875 } else { 1875 } else {
1876 struct hci_cp_accept_sync_conn_req cp; 1876 struct hci_cp_accept_sync_conn_req cp;
1877 1877
1878 bacpy(&cp.bdaddr, &ev->bdaddr); 1878 bacpy(&cp.bdaddr, &ev->bdaddr);
1879 cp.pkt_type = cpu_to_le16(conn->pkt_type); 1879 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1880 1880
1881 cp.tx_bandwidth = cpu_to_le32(0x00001f40); 1881 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1882 cp.rx_bandwidth = cpu_to_le32(0x00001f40); 1882 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1883 cp.max_latency = cpu_to_le16(0xffff); 1883 cp.max_latency = cpu_to_le16(0xffff);
1884 cp.content_format = cpu_to_le16(hdev->voice_setting); 1884 cp.content_format = cpu_to_le16(hdev->voice_setting);
1885 cp.retrans_effort = 0xff; 1885 cp.retrans_effort = 0xff;
1886 1886
1887 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ, 1887 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1888 sizeof(cp), &cp); 1888 sizeof(cp), &cp);
1889 } 1889 }
1890 } else { 1890 } else {
1891 /* Connection rejected */ 1891 /* Connection rejected */
1892 struct hci_cp_reject_conn_req cp; 1892 struct hci_cp_reject_conn_req cp;
1893 1893
1894 bacpy(&cp.bdaddr, &ev->bdaddr); 1894 bacpy(&cp.bdaddr, &ev->bdaddr);
1895 cp.reason = HCI_ERROR_REJ_BAD_ADDR; 1895 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
1896 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp); 1896 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1897 } 1897 }
1898 } 1898 }
1899 1899
1900 static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1900 static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1901 { 1901 {
1902 struct hci_ev_disconn_complete *ev = (void *) skb->data; 1902 struct hci_ev_disconn_complete *ev = (void *) skb->data;
1903 struct hci_conn *conn; 1903 struct hci_conn *conn;
1904 1904
1905 BT_DBG("%s status %d", hdev->name, ev->status); 1905 BT_DBG("%s status %d", hdev->name, ev->status);
1906 1906
1907 hci_dev_lock(hdev); 1907 hci_dev_lock(hdev);
1908 1908
1909 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1909 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1910 if (!conn) 1910 if (!conn)
1911 goto unlock; 1911 goto unlock;
1912 1912
1913 if (ev->status == 0) 1913 if (ev->status == 0)
1914 conn->state = BT_CLOSED; 1914 conn->state = BT_CLOSED;
1915 1915
1916 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) && 1916 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
1917 (conn->type == ACL_LINK || conn->type == LE_LINK)) { 1917 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
1918 if (ev->status != 0) 1918 if (ev->status != 0)
1919 mgmt_disconnect_failed(hdev, &conn->dst, conn->type, 1919 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
1920 conn->dst_type, ev->status); 1920 conn->dst_type, ev->status);
1921 else 1921 else
1922 mgmt_device_disconnected(hdev, &conn->dst, conn->type, 1922 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
1923 conn->dst_type); 1923 conn->dst_type);
1924 } 1924 }
1925 1925
1926 if (ev->status == 0) { 1926 if (ev->status == 0) {
1927 if (conn->type == ACL_LINK && conn->flush_key) 1927 if (conn->type == ACL_LINK && conn->flush_key)
1928 hci_remove_link_key(hdev, &conn->dst); 1928 hci_remove_link_key(hdev, &conn->dst);
1929 hci_proto_disconn_cfm(conn, ev->reason); 1929 hci_proto_disconn_cfm(conn, ev->reason);
1930 hci_conn_del(conn); 1930 hci_conn_del(conn);
1931 } 1931 }
1932 1932
1933 unlock: 1933 unlock:
1934 hci_dev_unlock(hdev); 1934 hci_dev_unlock(hdev);
1935 } 1935 }
1936 1936
1937 static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1937 static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1938 { 1938 {
1939 struct hci_ev_auth_complete *ev = (void *) skb->data; 1939 struct hci_ev_auth_complete *ev = (void *) skb->data;
1940 struct hci_conn *conn; 1940 struct hci_conn *conn;
1941 1941
1942 BT_DBG("%s status %d", hdev->name, ev->status); 1942 BT_DBG("%s status %d", hdev->name, ev->status);
1943 1943
1944 hci_dev_lock(hdev); 1944 hci_dev_lock(hdev);
1945 1945
1946 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1946 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1947 if (!conn) 1947 if (!conn)
1948 goto unlock; 1948 goto unlock;
1949 1949
1950 if (!ev->status) { 1950 if (!ev->status) {
1951 if (!hci_conn_ssp_enabled(conn) && 1951 if (!hci_conn_ssp_enabled(conn) &&
1952 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) { 1952 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
1953 BT_INFO("re-auth of legacy device is not possible."); 1953 BT_INFO("re-auth of legacy device is not possible.");
1954 } else { 1954 } else {
1955 conn->link_mode |= HCI_LM_AUTH; 1955 conn->link_mode |= HCI_LM_AUTH;
1956 conn->sec_level = conn->pending_sec_level; 1956 conn->sec_level = conn->pending_sec_level;
1957 } 1957 }
1958 } else { 1958 } else {
1959 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type, 1959 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
1960 ev->status); 1960 ev->status);
1961 } 1961 }
1962 1962
1963 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags); 1963 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1964 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags); 1964 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1965 1965
1966 if (conn->state == BT_CONFIG) { 1966 if (conn->state == BT_CONFIG) {
1967 if (!ev->status && hci_conn_ssp_enabled(conn)) { 1967 if (!ev->status && hci_conn_ssp_enabled(conn)) {
1968 struct hci_cp_set_conn_encrypt cp; 1968 struct hci_cp_set_conn_encrypt cp;
1969 cp.handle = ev->handle; 1969 cp.handle = ev->handle;
1970 cp.encrypt = 0x01; 1970 cp.encrypt = 0x01;
1971 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp), 1971 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1972 &cp); 1972 &cp);
1973 } else { 1973 } else {
1974 conn->state = BT_CONNECTED; 1974 conn->state = BT_CONNECTED;
1975 hci_proto_connect_cfm(conn, ev->status); 1975 hci_proto_connect_cfm(conn, ev->status);
1976 hci_conn_put(conn); 1976 hci_conn_put(conn);
1977 } 1977 }
1978 } else { 1978 } else {
1979 hci_auth_cfm(conn, ev->status); 1979 hci_auth_cfm(conn, ev->status);
1980 1980
1981 hci_conn_hold(conn); 1981 hci_conn_hold(conn);
1982 conn->disc_timeout = HCI_DISCONN_TIMEOUT; 1982 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1983 hci_conn_put(conn); 1983 hci_conn_put(conn);
1984 } 1984 }
1985 1985
1986 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) { 1986 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
1987 if (!ev->status) { 1987 if (!ev->status) {
1988 struct hci_cp_set_conn_encrypt cp; 1988 struct hci_cp_set_conn_encrypt cp;
1989 cp.handle = ev->handle; 1989 cp.handle = ev->handle;
1990 cp.encrypt = 0x01; 1990 cp.encrypt = 0x01;
1991 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp), 1991 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1992 &cp); 1992 &cp);
1993 } else { 1993 } else {
1994 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags); 1994 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
1995 hci_encrypt_cfm(conn, ev->status, 0x00); 1995 hci_encrypt_cfm(conn, ev->status, 0x00);
1996 } 1996 }
1997 } 1997 }
1998 1998
1999 unlock: 1999 unlock:
2000 hci_dev_unlock(hdev); 2000 hci_dev_unlock(hdev);
2001 } 2001 }
2002 2002
2003 static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb) 2003 static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
2004 { 2004 {
2005 struct hci_ev_remote_name *ev = (void *) skb->data; 2005 struct hci_ev_remote_name *ev = (void *) skb->data;
2006 struct hci_conn *conn; 2006 struct hci_conn *conn;
2007 2007
2008 BT_DBG("%s", hdev->name); 2008 BT_DBG("%s", hdev->name);
2009 2009
2010 hci_conn_check_pending(hdev); 2010 hci_conn_check_pending(hdev);
2011 2011
2012 hci_dev_lock(hdev); 2012 hci_dev_lock(hdev);
2013 2013
2014 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 2014 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2015 2015
2016 if (!test_bit(HCI_MGMT, &hdev->dev_flags)) 2016 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
2017 goto check_auth; 2017 goto check_auth;
2018 2018
2019 if (ev->status == 0) 2019 if (ev->status == 0)
2020 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name, 2020 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
2021 strnlen(ev->name, HCI_MAX_NAME_LENGTH)); 2021 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
2022 else 2022 else
2023 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0); 2023 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
2024 2024
2025 check_auth: 2025 check_auth:
2026 if (!conn) 2026 if (!conn)
2027 goto unlock; 2027 goto unlock;
2028 2028
2029 if (!hci_outgoing_auth_needed(hdev, conn)) 2029 if (!hci_outgoing_auth_needed(hdev, conn))
2030 goto unlock; 2030 goto unlock;
2031 2031
2032 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) { 2032 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
2033 struct hci_cp_auth_requested cp; 2033 struct hci_cp_auth_requested cp;
2034 cp.handle = __cpu_to_le16(conn->handle); 2034 cp.handle = __cpu_to_le16(conn->handle);
2035 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp); 2035 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
2036 } 2036 }
2037 2037
2038 unlock: 2038 unlock:
2039 hci_dev_unlock(hdev); 2039 hci_dev_unlock(hdev);
2040 } 2040 }
2041 2041
2042 static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb) 2042 static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2043 { 2043 {
2044 struct hci_ev_encrypt_change *ev = (void *) skb->data; 2044 struct hci_ev_encrypt_change *ev = (void *) skb->data;
2045 struct hci_conn *conn; 2045 struct hci_conn *conn;
2046 2046
2047 BT_DBG("%s status %d", hdev->name, ev->status); 2047 BT_DBG("%s status %d", hdev->name, ev->status);
2048 2048
2049 hci_dev_lock(hdev); 2049 hci_dev_lock(hdev);
2050 2050
2051 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 2051 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2052 if (conn) { 2052 if (conn) {
2053 if (!ev->status) { 2053 if (!ev->status) {
2054 if (ev->encrypt) { 2054 if (ev->encrypt) {
2055 /* Encryption implies authentication */ 2055 /* Encryption implies authentication */
2056 conn->link_mode |= HCI_LM_AUTH; 2056 conn->link_mode |= HCI_LM_AUTH;
2057 conn->link_mode |= HCI_LM_ENCRYPT; 2057 conn->link_mode |= HCI_LM_ENCRYPT;
2058 conn->sec_level = conn->pending_sec_level; 2058 conn->sec_level = conn->pending_sec_level;
2059 } else 2059 } else
2060 conn->link_mode &= ~HCI_LM_ENCRYPT; 2060 conn->link_mode &= ~HCI_LM_ENCRYPT;
2061 } 2061 }
2062 2062
2063 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags); 2063 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
2064 2064
2065 if (ev->status && conn->state == BT_CONNECTED) { 2065 if (ev->status && conn->state == BT_CONNECTED) {
2066 hci_acl_disconn(conn, 0x13); 2066 hci_acl_disconn(conn, HCI_ERROR_AUTH_FAILURE);
2067 hci_conn_put(conn); 2067 hci_conn_put(conn);
2068 goto unlock; 2068 goto unlock;
2069 } 2069 }
2070 2070
2071 if (conn->state == BT_CONFIG) { 2071 if (conn->state == BT_CONFIG) {
2072 if (!ev->status) 2072 if (!ev->status)
2073 conn->state = BT_CONNECTED; 2073 conn->state = BT_CONNECTED;
2074 2074
2075 hci_proto_connect_cfm(conn, ev->status); 2075 hci_proto_connect_cfm(conn, ev->status);
2076 hci_conn_put(conn); 2076 hci_conn_put(conn);
2077 } else 2077 } else
2078 hci_encrypt_cfm(conn, ev->status, ev->encrypt); 2078 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
2079 } 2079 }
2080 2080
2081 unlock: 2081 unlock:
2082 hci_dev_unlock(hdev); 2082 hci_dev_unlock(hdev);
2083 } 2083 }
2084 2084
2085 static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 2085 static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2086 { 2086 {
2087 struct hci_ev_change_link_key_complete *ev = (void *) skb->data; 2087 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
2088 struct hci_conn *conn; 2088 struct hci_conn *conn;
2089 2089
2090 BT_DBG("%s status %d", hdev->name, ev->status); 2090 BT_DBG("%s status %d", hdev->name, ev->status);
2091 2091
2092 hci_dev_lock(hdev); 2092 hci_dev_lock(hdev);
2093 2093
2094 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 2094 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2095 if (conn) { 2095 if (conn) {
2096 if (!ev->status) 2096 if (!ev->status)
2097 conn->link_mode |= HCI_LM_SECURE; 2097 conn->link_mode |= HCI_LM_SECURE;
2098 2098
2099 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags); 2099 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
2100 2100
2101 hci_key_change_cfm(conn, ev->status); 2101 hci_key_change_cfm(conn, ev->status);
2102 } 2102 }
2103 2103
2104 hci_dev_unlock(hdev); 2104 hci_dev_unlock(hdev);
2105 } 2105 }
2106 2106
2107 static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb) 2107 static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2108 { 2108 {
2109 struct hci_ev_remote_features *ev = (void *) skb->data; 2109 struct hci_ev_remote_features *ev = (void *) skb->data;
2110 struct hci_conn *conn; 2110 struct hci_conn *conn;
2111 2111
2112 BT_DBG("%s status %d", hdev->name, ev->status); 2112 BT_DBG("%s status %d", hdev->name, ev->status);
2113 2113
2114 hci_dev_lock(hdev); 2114 hci_dev_lock(hdev);
2115 2115
2116 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 2116 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2117 if (!conn) 2117 if (!conn)
2118 goto unlock; 2118 goto unlock;
2119 2119
2120 if (!ev->status) 2120 if (!ev->status)
2121 memcpy(conn->features, ev->features, 8); 2121 memcpy(conn->features, ev->features, 8);
2122 2122
2123 if (conn->state != BT_CONFIG) 2123 if (conn->state != BT_CONFIG)
2124 goto unlock; 2124 goto unlock;
2125 2125
2126 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) { 2126 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2127 struct hci_cp_read_remote_ext_features cp; 2127 struct hci_cp_read_remote_ext_features cp;
2128 cp.handle = ev->handle; 2128 cp.handle = ev->handle;
2129 cp.page = 0x01; 2129 cp.page = 0x01;
2130 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES, 2130 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
2131 sizeof(cp), &cp); 2131 sizeof(cp), &cp);
2132 goto unlock; 2132 goto unlock;
2133 } 2133 }
2134 2134
2135 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) { 2135 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
2136 struct hci_cp_remote_name_req cp; 2136 struct hci_cp_remote_name_req cp;
2137 memset(&cp, 0, sizeof(cp)); 2137 memset(&cp, 0, sizeof(cp));
2138 bacpy(&cp.bdaddr, &conn->dst); 2138 bacpy(&cp.bdaddr, &conn->dst);
2139 cp.pscan_rep_mode = 0x02; 2139 cp.pscan_rep_mode = 0x02;
2140 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp); 2140 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2141 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) 2141 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2142 mgmt_device_connected(hdev, &conn->dst, conn->type, 2142 mgmt_device_connected(hdev, &conn->dst, conn->type,
2143 conn->dst_type, 0, NULL, 0, 2143 conn->dst_type, 0, NULL, 0,
2144 conn->dev_class); 2144 conn->dev_class);
2145 2145
2146 if (!hci_outgoing_auth_needed(hdev, conn)) { 2146 if (!hci_outgoing_auth_needed(hdev, conn)) {
2147 conn->state = BT_CONNECTED; 2147 conn->state = BT_CONNECTED;
2148 hci_proto_connect_cfm(conn, ev->status); 2148 hci_proto_connect_cfm(conn, ev->status);
2149 hci_conn_put(conn); 2149 hci_conn_put(conn);
2150 } 2150 }
2151 2151
2152 unlock: 2152 unlock:
2153 hci_dev_unlock(hdev); 2153 hci_dev_unlock(hdev);
2154 } 2154 }
2155 2155
2156 static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb) 2156 static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
2157 { 2157 {
2158 BT_DBG("%s", hdev->name); 2158 BT_DBG("%s", hdev->name);
2159 } 2159 }
2160 2160
2161 static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 2161 static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2162 { 2162 {
2163 BT_DBG("%s", hdev->name); 2163 BT_DBG("%s", hdev->name);
2164 } 2164 }
2165 2165
2166 static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 2166 static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2167 { 2167 {
2168 struct hci_ev_cmd_complete *ev = (void *) skb->data; 2168 struct hci_ev_cmd_complete *ev = (void *) skb->data;
2169 __u16 opcode; 2169 __u16 opcode;
2170 2170
2171 skb_pull(skb, sizeof(*ev)); 2171 skb_pull(skb, sizeof(*ev));
2172 2172
2173 opcode = __le16_to_cpu(ev->opcode); 2173 opcode = __le16_to_cpu(ev->opcode);
2174 2174
2175 switch (opcode) { 2175 switch (opcode) {
2176 case HCI_OP_INQUIRY_CANCEL: 2176 case HCI_OP_INQUIRY_CANCEL:
2177 hci_cc_inquiry_cancel(hdev, skb); 2177 hci_cc_inquiry_cancel(hdev, skb);
2178 break; 2178 break;
2179 2179
2180 case HCI_OP_PERIODIC_INQ: 2180 case HCI_OP_PERIODIC_INQ:
2181 hci_cc_periodic_inq(hdev, skb); 2181 hci_cc_periodic_inq(hdev, skb);
2182 break; 2182 break;
2183 2183
2184 case HCI_OP_EXIT_PERIODIC_INQ: 2184 case HCI_OP_EXIT_PERIODIC_INQ:
2185 hci_cc_exit_periodic_inq(hdev, skb); 2185 hci_cc_exit_periodic_inq(hdev, skb);
2186 break; 2186 break;
2187 2187
2188 case HCI_OP_REMOTE_NAME_REQ_CANCEL: 2188 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2189 hci_cc_remote_name_req_cancel(hdev, skb); 2189 hci_cc_remote_name_req_cancel(hdev, skb);
2190 break; 2190 break;
2191 2191
2192 case HCI_OP_ROLE_DISCOVERY: 2192 case HCI_OP_ROLE_DISCOVERY:
2193 hci_cc_role_discovery(hdev, skb); 2193 hci_cc_role_discovery(hdev, skb);
2194 break; 2194 break;
2195 2195
2196 case HCI_OP_READ_LINK_POLICY: 2196 case HCI_OP_READ_LINK_POLICY:
2197 hci_cc_read_link_policy(hdev, skb); 2197 hci_cc_read_link_policy(hdev, skb);
2198 break; 2198 break;
2199 2199
2200 case HCI_OP_WRITE_LINK_POLICY: 2200 case HCI_OP_WRITE_LINK_POLICY:
2201 hci_cc_write_link_policy(hdev, skb); 2201 hci_cc_write_link_policy(hdev, skb);
2202 break; 2202 break;
2203 2203
2204 case HCI_OP_READ_DEF_LINK_POLICY: 2204 case HCI_OP_READ_DEF_LINK_POLICY:
2205 hci_cc_read_def_link_policy(hdev, skb); 2205 hci_cc_read_def_link_policy(hdev, skb);
2206 break; 2206 break;
2207 2207
2208 case HCI_OP_WRITE_DEF_LINK_POLICY: 2208 case HCI_OP_WRITE_DEF_LINK_POLICY:
2209 hci_cc_write_def_link_policy(hdev, skb); 2209 hci_cc_write_def_link_policy(hdev, skb);
2210 break; 2210 break;
2211 2211
2212 case HCI_OP_RESET: 2212 case HCI_OP_RESET:
2213 hci_cc_reset(hdev, skb); 2213 hci_cc_reset(hdev, skb);
2214 break; 2214 break;
2215 2215
2216 case HCI_OP_WRITE_LOCAL_NAME: 2216 case HCI_OP_WRITE_LOCAL_NAME:
2217 hci_cc_write_local_name(hdev, skb); 2217 hci_cc_write_local_name(hdev, skb);
2218 break; 2218 break;
2219 2219
2220 case HCI_OP_READ_LOCAL_NAME: 2220 case HCI_OP_READ_LOCAL_NAME:
2221 hci_cc_read_local_name(hdev, skb); 2221 hci_cc_read_local_name(hdev, skb);
2222 break; 2222 break;
2223 2223
2224 case HCI_OP_WRITE_AUTH_ENABLE: 2224 case HCI_OP_WRITE_AUTH_ENABLE:
2225 hci_cc_write_auth_enable(hdev, skb); 2225 hci_cc_write_auth_enable(hdev, skb);
2226 break; 2226 break;
2227 2227
2228 case HCI_OP_WRITE_ENCRYPT_MODE: 2228 case HCI_OP_WRITE_ENCRYPT_MODE:
2229 hci_cc_write_encrypt_mode(hdev, skb); 2229 hci_cc_write_encrypt_mode(hdev, skb);
2230 break; 2230 break;
2231 2231
2232 case HCI_OP_WRITE_SCAN_ENABLE: 2232 case HCI_OP_WRITE_SCAN_ENABLE:
2233 hci_cc_write_scan_enable(hdev, skb); 2233 hci_cc_write_scan_enable(hdev, skb);
2234 break; 2234 break;
2235 2235
2236 case HCI_OP_READ_CLASS_OF_DEV: 2236 case HCI_OP_READ_CLASS_OF_DEV:
2237 hci_cc_read_class_of_dev(hdev, skb); 2237 hci_cc_read_class_of_dev(hdev, skb);
2238 break; 2238 break;
2239 2239
2240 case HCI_OP_WRITE_CLASS_OF_DEV: 2240 case HCI_OP_WRITE_CLASS_OF_DEV:
2241 hci_cc_write_class_of_dev(hdev, skb); 2241 hci_cc_write_class_of_dev(hdev, skb);
2242 break; 2242 break;
2243 2243
2244 case HCI_OP_READ_VOICE_SETTING: 2244 case HCI_OP_READ_VOICE_SETTING:
2245 hci_cc_read_voice_setting(hdev, skb); 2245 hci_cc_read_voice_setting(hdev, skb);
2246 break; 2246 break;
2247 2247
2248 case HCI_OP_WRITE_VOICE_SETTING: 2248 case HCI_OP_WRITE_VOICE_SETTING:
2249 hci_cc_write_voice_setting(hdev, skb); 2249 hci_cc_write_voice_setting(hdev, skb);
2250 break; 2250 break;
2251 2251
2252 case HCI_OP_HOST_BUFFER_SIZE: 2252 case HCI_OP_HOST_BUFFER_SIZE:
2253 hci_cc_host_buffer_size(hdev, skb); 2253 hci_cc_host_buffer_size(hdev, skb);
2254 break; 2254 break;
2255 2255
2256 case HCI_OP_WRITE_SSP_MODE: 2256 case HCI_OP_WRITE_SSP_MODE:
2257 hci_cc_write_ssp_mode(hdev, skb); 2257 hci_cc_write_ssp_mode(hdev, skb);
2258 break; 2258 break;
2259 2259
2260 case HCI_OP_READ_LOCAL_VERSION: 2260 case HCI_OP_READ_LOCAL_VERSION:
2261 hci_cc_read_local_version(hdev, skb); 2261 hci_cc_read_local_version(hdev, skb);
2262 break; 2262 break;
2263 2263
2264 case HCI_OP_READ_LOCAL_COMMANDS: 2264 case HCI_OP_READ_LOCAL_COMMANDS:
2265 hci_cc_read_local_commands(hdev, skb); 2265 hci_cc_read_local_commands(hdev, skb);
2266 break; 2266 break;
2267 2267
2268 case HCI_OP_READ_LOCAL_FEATURES: 2268 case HCI_OP_READ_LOCAL_FEATURES:
2269 hci_cc_read_local_features(hdev, skb); 2269 hci_cc_read_local_features(hdev, skb);
2270 break; 2270 break;
2271 2271
2272 case HCI_OP_READ_LOCAL_EXT_FEATURES: 2272 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2273 hci_cc_read_local_ext_features(hdev, skb); 2273 hci_cc_read_local_ext_features(hdev, skb);
2274 break; 2274 break;
2275 2275
2276 case HCI_OP_READ_BUFFER_SIZE: 2276 case HCI_OP_READ_BUFFER_SIZE:
2277 hci_cc_read_buffer_size(hdev, skb); 2277 hci_cc_read_buffer_size(hdev, skb);
2278 break; 2278 break;
2279 2279
2280 case HCI_OP_READ_BD_ADDR: 2280 case HCI_OP_READ_BD_ADDR:
2281 hci_cc_read_bd_addr(hdev, skb); 2281 hci_cc_read_bd_addr(hdev, skb);
2282 break; 2282 break;
2283 2283
2284 case HCI_OP_READ_DATA_BLOCK_SIZE: 2284 case HCI_OP_READ_DATA_BLOCK_SIZE:
2285 hci_cc_read_data_block_size(hdev, skb); 2285 hci_cc_read_data_block_size(hdev, skb);
2286 break; 2286 break;
2287 2287
2288 case HCI_OP_WRITE_CA_TIMEOUT: 2288 case HCI_OP_WRITE_CA_TIMEOUT:
2289 hci_cc_write_ca_timeout(hdev, skb); 2289 hci_cc_write_ca_timeout(hdev, skb);
2290 break; 2290 break;
2291 2291
2292 case HCI_OP_READ_FLOW_CONTROL_MODE: 2292 case HCI_OP_READ_FLOW_CONTROL_MODE:
2293 hci_cc_read_flow_control_mode(hdev, skb); 2293 hci_cc_read_flow_control_mode(hdev, skb);
2294 break; 2294 break;
2295 2295
2296 case HCI_OP_READ_LOCAL_AMP_INFO: 2296 case HCI_OP_READ_LOCAL_AMP_INFO:
2297 hci_cc_read_local_amp_info(hdev, skb); 2297 hci_cc_read_local_amp_info(hdev, skb);
2298 break; 2298 break;
2299 2299
2300 case HCI_OP_DELETE_STORED_LINK_KEY: 2300 case HCI_OP_DELETE_STORED_LINK_KEY:
2301 hci_cc_delete_stored_link_key(hdev, skb); 2301 hci_cc_delete_stored_link_key(hdev, skb);
2302 break; 2302 break;
2303 2303
2304 case HCI_OP_SET_EVENT_MASK: 2304 case HCI_OP_SET_EVENT_MASK:
2305 hci_cc_set_event_mask(hdev, skb); 2305 hci_cc_set_event_mask(hdev, skb);
2306 break; 2306 break;
2307 2307
2308 case HCI_OP_WRITE_INQUIRY_MODE: 2308 case HCI_OP_WRITE_INQUIRY_MODE:
2309 hci_cc_write_inquiry_mode(hdev, skb); 2309 hci_cc_write_inquiry_mode(hdev, skb);
2310 break; 2310 break;
2311 2311
2312 case HCI_OP_READ_INQ_RSP_TX_POWER: 2312 case HCI_OP_READ_INQ_RSP_TX_POWER:
2313 hci_cc_read_inq_rsp_tx_power(hdev, skb); 2313 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2314 break; 2314 break;
2315 2315
2316 case HCI_OP_SET_EVENT_FLT: 2316 case HCI_OP_SET_EVENT_FLT:
2317 hci_cc_set_event_flt(hdev, skb); 2317 hci_cc_set_event_flt(hdev, skb);
2318 break; 2318 break;
2319 2319
2320 case HCI_OP_PIN_CODE_REPLY: 2320 case HCI_OP_PIN_CODE_REPLY:
2321 hci_cc_pin_code_reply(hdev, skb); 2321 hci_cc_pin_code_reply(hdev, skb);
2322 break; 2322 break;
2323 2323
2324 case HCI_OP_PIN_CODE_NEG_REPLY: 2324 case HCI_OP_PIN_CODE_NEG_REPLY:
2325 hci_cc_pin_code_neg_reply(hdev, skb); 2325 hci_cc_pin_code_neg_reply(hdev, skb);
2326 break; 2326 break;
2327 2327
2328 case HCI_OP_READ_LOCAL_OOB_DATA: 2328 case HCI_OP_READ_LOCAL_OOB_DATA:
2329 hci_cc_read_local_oob_data_reply(hdev, skb); 2329 hci_cc_read_local_oob_data_reply(hdev, skb);
2330 break; 2330 break;
2331 2331
2332 case HCI_OP_LE_READ_BUFFER_SIZE: 2332 case HCI_OP_LE_READ_BUFFER_SIZE:
2333 hci_cc_le_read_buffer_size(hdev, skb); 2333 hci_cc_le_read_buffer_size(hdev, skb);
2334 break; 2334 break;
2335 2335
2336 case HCI_OP_USER_CONFIRM_REPLY: 2336 case HCI_OP_USER_CONFIRM_REPLY:
2337 hci_cc_user_confirm_reply(hdev, skb); 2337 hci_cc_user_confirm_reply(hdev, skb);
2338 break; 2338 break;
2339 2339
2340 case HCI_OP_USER_CONFIRM_NEG_REPLY: 2340 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2341 hci_cc_user_confirm_neg_reply(hdev, skb); 2341 hci_cc_user_confirm_neg_reply(hdev, skb);
2342 break; 2342 break;
2343 2343
2344 case HCI_OP_USER_PASSKEY_REPLY: 2344 case HCI_OP_USER_PASSKEY_REPLY:
2345 hci_cc_user_passkey_reply(hdev, skb); 2345 hci_cc_user_passkey_reply(hdev, skb);
2346 break; 2346 break;
2347 2347
2348 case HCI_OP_USER_PASSKEY_NEG_REPLY: 2348 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2349 hci_cc_user_passkey_neg_reply(hdev, skb); 2349 hci_cc_user_passkey_neg_reply(hdev, skb);
2350 break; 2350 break;
2351 2351
2352 case HCI_OP_LE_SET_SCAN_PARAM: 2352 case HCI_OP_LE_SET_SCAN_PARAM:
2353 hci_cc_le_set_scan_param(hdev, skb); 2353 hci_cc_le_set_scan_param(hdev, skb);
2354 break; 2354 break;
2355 2355
2356 case HCI_OP_LE_SET_SCAN_ENABLE: 2356 case HCI_OP_LE_SET_SCAN_ENABLE:
2357 hci_cc_le_set_scan_enable(hdev, skb); 2357 hci_cc_le_set_scan_enable(hdev, skb);
2358 break; 2358 break;
2359 2359
2360 case HCI_OP_LE_LTK_REPLY: 2360 case HCI_OP_LE_LTK_REPLY:
2361 hci_cc_le_ltk_reply(hdev, skb); 2361 hci_cc_le_ltk_reply(hdev, skb);
2362 break; 2362 break;
2363 2363
2364 case HCI_OP_LE_LTK_NEG_REPLY: 2364 case HCI_OP_LE_LTK_NEG_REPLY:
2365 hci_cc_le_ltk_neg_reply(hdev, skb); 2365 hci_cc_le_ltk_neg_reply(hdev, skb);
2366 break; 2366 break;
2367 2367
2368 case HCI_OP_WRITE_LE_HOST_SUPPORTED: 2368 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2369 hci_cc_write_le_host_supported(hdev, skb); 2369 hci_cc_write_le_host_supported(hdev, skb);
2370 break; 2370 break;
2371 2371
2372 default: 2372 default:
2373 BT_DBG("%s opcode 0x%x", hdev->name, opcode); 2373 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2374 break; 2374 break;
2375 } 2375 }
2376 2376
2377 if (ev->opcode != HCI_OP_NOP) 2377 if (ev->opcode != HCI_OP_NOP)
2378 del_timer(&hdev->cmd_timer); 2378 del_timer(&hdev->cmd_timer);
2379 2379
2380 if (ev->ncmd) { 2380 if (ev->ncmd) {
2381 atomic_set(&hdev->cmd_cnt, 1); 2381 atomic_set(&hdev->cmd_cnt, 1);
2382 if (!skb_queue_empty(&hdev->cmd_q)) 2382 if (!skb_queue_empty(&hdev->cmd_q))
2383 queue_work(hdev->workqueue, &hdev->cmd_work); 2383 queue_work(hdev->workqueue, &hdev->cmd_work);
2384 } 2384 }
2385 } 2385 }
2386 2386
2387 static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb) 2387 static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2388 { 2388 {
2389 struct hci_ev_cmd_status *ev = (void *) skb->data; 2389 struct hci_ev_cmd_status *ev = (void *) skb->data;
2390 __u16 opcode; 2390 __u16 opcode;
2391 2391
2392 skb_pull(skb, sizeof(*ev)); 2392 skb_pull(skb, sizeof(*ev));
2393 2393
2394 opcode = __le16_to_cpu(ev->opcode); 2394 opcode = __le16_to_cpu(ev->opcode);
2395 2395
2396 switch (opcode) { 2396 switch (opcode) {
2397 case HCI_OP_INQUIRY: 2397 case HCI_OP_INQUIRY:
2398 hci_cs_inquiry(hdev, ev->status); 2398 hci_cs_inquiry(hdev, ev->status);
2399 break; 2399 break;
2400 2400
2401 case HCI_OP_CREATE_CONN: 2401 case HCI_OP_CREATE_CONN:
2402 hci_cs_create_conn(hdev, ev->status); 2402 hci_cs_create_conn(hdev, ev->status);
2403 break; 2403 break;
2404 2404
2405 case HCI_OP_ADD_SCO: 2405 case HCI_OP_ADD_SCO:
2406 hci_cs_add_sco(hdev, ev->status); 2406 hci_cs_add_sco(hdev, ev->status);
2407 break; 2407 break;
2408 2408
2409 case HCI_OP_AUTH_REQUESTED: 2409 case HCI_OP_AUTH_REQUESTED:
2410 hci_cs_auth_requested(hdev, ev->status); 2410 hci_cs_auth_requested(hdev, ev->status);
2411 break; 2411 break;
2412 2412
2413 case HCI_OP_SET_CONN_ENCRYPT: 2413 case HCI_OP_SET_CONN_ENCRYPT:
2414 hci_cs_set_conn_encrypt(hdev, ev->status); 2414 hci_cs_set_conn_encrypt(hdev, ev->status);
2415 break; 2415 break;
2416 2416
2417 case HCI_OP_REMOTE_NAME_REQ: 2417 case HCI_OP_REMOTE_NAME_REQ:
2418 hci_cs_remote_name_req(hdev, ev->status); 2418 hci_cs_remote_name_req(hdev, ev->status);
2419 break; 2419 break;
2420 2420
2421 case HCI_OP_READ_REMOTE_FEATURES: 2421 case HCI_OP_READ_REMOTE_FEATURES:
2422 hci_cs_read_remote_features(hdev, ev->status); 2422 hci_cs_read_remote_features(hdev, ev->status);
2423 break; 2423 break;
2424 2424
2425 case HCI_OP_READ_REMOTE_EXT_FEATURES: 2425 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2426 hci_cs_read_remote_ext_features(hdev, ev->status); 2426 hci_cs_read_remote_ext_features(hdev, ev->status);
2427 break; 2427 break;
2428 2428
2429 case HCI_OP_SETUP_SYNC_CONN: 2429 case HCI_OP_SETUP_SYNC_CONN:
2430 hci_cs_setup_sync_conn(hdev, ev->status); 2430 hci_cs_setup_sync_conn(hdev, ev->status);
2431 break; 2431 break;
2432 2432
2433 case HCI_OP_SNIFF_MODE: 2433 case HCI_OP_SNIFF_MODE:
2434 hci_cs_sniff_mode(hdev, ev->status); 2434 hci_cs_sniff_mode(hdev, ev->status);
2435 break; 2435 break;
2436 2436
2437 case HCI_OP_EXIT_SNIFF_MODE: 2437 case HCI_OP_EXIT_SNIFF_MODE:
2438 hci_cs_exit_sniff_mode(hdev, ev->status); 2438 hci_cs_exit_sniff_mode(hdev, ev->status);
2439 break; 2439 break;
2440 2440
2441 case HCI_OP_DISCONNECT: 2441 case HCI_OP_DISCONNECT:
2442 hci_cs_disconnect(hdev, ev->status); 2442 hci_cs_disconnect(hdev, ev->status);
2443 break; 2443 break;
2444 2444
2445 case HCI_OP_LE_CREATE_CONN: 2445 case HCI_OP_LE_CREATE_CONN:
2446 hci_cs_le_create_conn(hdev, ev->status); 2446 hci_cs_le_create_conn(hdev, ev->status);
2447 break; 2447 break;
2448 2448
2449 case HCI_OP_LE_START_ENC: 2449 case HCI_OP_LE_START_ENC:
2450 hci_cs_le_start_enc(hdev, ev->status); 2450 hci_cs_le_start_enc(hdev, ev->status);
2451 break; 2451 break;
2452 2452
2453 default: 2453 default:
2454 BT_DBG("%s opcode 0x%x", hdev->name, opcode); 2454 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2455 break; 2455 break;
2456 } 2456 }
2457 2457
2458 if (ev->opcode != HCI_OP_NOP) 2458 if (ev->opcode != HCI_OP_NOP)
2459 del_timer(&hdev->cmd_timer); 2459 del_timer(&hdev->cmd_timer);
2460 2460
2461 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) { 2461 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
2462 atomic_set(&hdev->cmd_cnt, 1); 2462 atomic_set(&hdev->cmd_cnt, 1);
2463 if (!skb_queue_empty(&hdev->cmd_q)) 2463 if (!skb_queue_empty(&hdev->cmd_q))
2464 queue_work(hdev->workqueue, &hdev->cmd_work); 2464 queue_work(hdev->workqueue, &hdev->cmd_work);
2465 } 2465 }
2466 } 2466 }
2467 2467
2468 static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb) 2468 static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2469 { 2469 {
2470 struct hci_ev_role_change *ev = (void *) skb->data; 2470 struct hci_ev_role_change *ev = (void *) skb->data;
2471 struct hci_conn *conn; 2471 struct hci_conn *conn;
2472 2472
2473 BT_DBG("%s status %d", hdev->name, ev->status); 2473 BT_DBG("%s status %d", hdev->name, ev->status);
2474 2474
2475 hci_dev_lock(hdev); 2475 hci_dev_lock(hdev);
2476 2476
2477 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 2477 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2478 if (conn) { 2478 if (conn) {
2479 if (!ev->status) { 2479 if (!ev->status) {
2480 if (ev->role) 2480 if (ev->role)
2481 conn->link_mode &= ~HCI_LM_MASTER; 2481 conn->link_mode &= ~HCI_LM_MASTER;
2482 else 2482 else
2483 conn->link_mode |= HCI_LM_MASTER; 2483 conn->link_mode |= HCI_LM_MASTER;
2484 } 2484 }
2485 2485
2486 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags); 2486 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
2487 2487
2488 hci_role_switch_cfm(conn, ev->status, ev->role); 2488 hci_role_switch_cfm(conn, ev->status, ev->role);
2489 } 2489 }
2490 2490
2491 hci_dev_unlock(hdev); 2491 hci_dev_unlock(hdev);
2492 } 2492 }
2493 2493
2494 static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb) 2494 static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
2495 { 2495 {
2496 struct hci_ev_num_comp_pkts *ev = (void *) skb->data; 2496 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
2497 int i; 2497 int i;
2498 2498
2499 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) { 2499 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2500 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode); 2500 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2501 return; 2501 return;
2502 } 2502 }
2503 2503
2504 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) + 2504 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2505 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) { 2505 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
2506 BT_DBG("%s bad parameters", hdev->name); 2506 BT_DBG("%s bad parameters", hdev->name);
2507 return; 2507 return;
2508 } 2508 }
2509 2509
2510 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl); 2510 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2511 2511
2512 for (i = 0; i < ev->num_hndl; i++) { 2512 for (i = 0; i < ev->num_hndl; i++) {
2513 struct hci_comp_pkts_info *info = &ev->handles[i]; 2513 struct hci_comp_pkts_info *info = &ev->handles[i];
2514 struct hci_conn *conn; 2514 struct hci_conn *conn;
2515 __u16 handle, count; 2515 __u16 handle, count;
2516 2516
2517 handle = __le16_to_cpu(info->handle); 2517 handle = __le16_to_cpu(info->handle);
2518 count = __le16_to_cpu(info->count); 2518 count = __le16_to_cpu(info->count);
2519 2519
2520 conn = hci_conn_hash_lookup_handle(hdev, handle); 2520 conn = hci_conn_hash_lookup_handle(hdev, handle);
2521 if (!conn) 2521 if (!conn)
2522 continue; 2522 continue;
2523 2523
2524 conn->sent -= count; 2524 conn->sent -= count;
2525 2525
2526 switch (conn->type) { 2526 switch (conn->type) {
2527 case ACL_LINK: 2527 case ACL_LINK:
2528 hdev->acl_cnt += count; 2528 hdev->acl_cnt += count;
2529 if (hdev->acl_cnt > hdev->acl_pkts) 2529 if (hdev->acl_cnt > hdev->acl_pkts)
2530 hdev->acl_cnt = hdev->acl_pkts; 2530 hdev->acl_cnt = hdev->acl_pkts;
2531 break; 2531 break;
2532 2532
2533 case LE_LINK: 2533 case LE_LINK:
2534 if (hdev->le_pkts) { 2534 if (hdev->le_pkts) {
2535 hdev->le_cnt += count; 2535 hdev->le_cnt += count;
2536 if (hdev->le_cnt > hdev->le_pkts) 2536 if (hdev->le_cnt > hdev->le_pkts)
2537 hdev->le_cnt = hdev->le_pkts; 2537 hdev->le_cnt = hdev->le_pkts;
2538 } else { 2538 } else {
2539 hdev->acl_cnt += count; 2539 hdev->acl_cnt += count;
2540 if (hdev->acl_cnt > hdev->acl_pkts) 2540 if (hdev->acl_cnt > hdev->acl_pkts)
2541 hdev->acl_cnt = hdev->acl_pkts; 2541 hdev->acl_cnt = hdev->acl_pkts;
2542 } 2542 }
2543 break; 2543 break;
2544 2544
2545 case SCO_LINK: 2545 case SCO_LINK:
2546 hdev->sco_cnt += count; 2546 hdev->sco_cnt += count;
2547 if (hdev->sco_cnt > hdev->sco_pkts) 2547 if (hdev->sco_cnt > hdev->sco_pkts)
2548 hdev->sco_cnt = hdev->sco_pkts; 2548 hdev->sco_cnt = hdev->sco_pkts;
2549 break; 2549 break;
2550 2550
2551 default: 2551 default:
2552 BT_ERR("Unknown type %d conn %p", conn->type, conn); 2552 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2553 break; 2553 break;
2554 } 2554 }
2555 } 2555 }
2556 2556
2557 queue_work(hdev->workqueue, &hdev->tx_work); 2557 queue_work(hdev->workqueue, &hdev->tx_work);
2558 } 2558 }
2559 2559
2560 static inline void hci_num_comp_blocks_evt(struct hci_dev *hdev, 2560 static inline void hci_num_comp_blocks_evt(struct hci_dev *hdev,
2561 struct sk_buff *skb) 2561 struct sk_buff *skb)
2562 { 2562 {
2563 struct hci_ev_num_comp_blocks *ev = (void *) skb->data; 2563 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2564 int i; 2564 int i;
2565 2565
2566 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) { 2566 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2567 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode); 2567 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2568 return; 2568 return;
2569 } 2569 }
2570 2570
2571 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) + 2571 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2572 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) { 2572 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
2573 BT_DBG("%s bad parameters", hdev->name); 2573 BT_DBG("%s bad parameters", hdev->name);
2574 return; 2574 return;
2575 } 2575 }
2576 2576
2577 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks, 2577 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
2578 ev->num_hndl); 2578 ev->num_hndl);
2579 2579
2580 for (i = 0; i < ev->num_hndl; i++) { 2580 for (i = 0; i < ev->num_hndl; i++) {
2581 struct hci_comp_blocks_info *info = &ev->handles[i]; 2581 struct hci_comp_blocks_info *info = &ev->handles[i];
2582 struct hci_conn *conn; 2582 struct hci_conn *conn;
2583 __u16 handle, block_count; 2583 __u16 handle, block_count;
2584 2584
2585 handle = __le16_to_cpu(info->handle); 2585 handle = __le16_to_cpu(info->handle);
2586 block_count = __le16_to_cpu(info->blocks); 2586 block_count = __le16_to_cpu(info->blocks);
2587 2587
2588 conn = hci_conn_hash_lookup_handle(hdev, handle); 2588 conn = hci_conn_hash_lookup_handle(hdev, handle);
2589 if (!conn) 2589 if (!conn)
2590 continue; 2590 continue;
2591 2591
2592 conn->sent -= block_count; 2592 conn->sent -= block_count;
2593 2593
2594 switch (conn->type) { 2594 switch (conn->type) {
2595 case ACL_LINK: 2595 case ACL_LINK:
2596 hdev->block_cnt += block_count; 2596 hdev->block_cnt += block_count;
2597 if (hdev->block_cnt > hdev->num_blocks) 2597 if (hdev->block_cnt > hdev->num_blocks)
2598 hdev->block_cnt = hdev->num_blocks; 2598 hdev->block_cnt = hdev->num_blocks;
2599 break; 2599 break;
2600 2600
2601 default: 2601 default:
2602 BT_ERR("Unknown type %d conn %p", conn->type, conn); 2602 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2603 break; 2603 break;
2604 } 2604 }
2605 } 2605 }
2606 2606
2607 queue_work(hdev->workqueue, &hdev->tx_work); 2607 queue_work(hdev->workqueue, &hdev->tx_work);
2608 } 2608 }
2609 2609
2610 static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb) 2610 static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2611 { 2611 {
2612 struct hci_ev_mode_change *ev = (void *) skb->data; 2612 struct hci_ev_mode_change *ev = (void *) skb->data;
2613 struct hci_conn *conn; 2613 struct hci_conn *conn;
2614 2614
2615 BT_DBG("%s status %d", hdev->name, ev->status); 2615 BT_DBG("%s status %d", hdev->name, ev->status);
2616 2616
2617 hci_dev_lock(hdev); 2617 hci_dev_lock(hdev);
2618 2618
2619 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 2619 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2620 if (conn) { 2620 if (conn) {
2621 conn->mode = ev->mode; 2621 conn->mode = ev->mode;
2622 conn->interval = __le16_to_cpu(ev->interval); 2622 conn->interval = __le16_to_cpu(ev->interval);
2623 2623
2624 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) { 2624 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
2625 if (conn->mode == HCI_CM_ACTIVE) 2625 if (conn->mode == HCI_CM_ACTIVE)
2626 set_bit(HCI_CONN_POWER_SAVE, &conn->flags); 2626 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
2627 else 2627 else
2628 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags); 2628 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
2629 } 2629 }
2630 2630
2631 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags)) 2631 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
2632 hci_sco_setup(conn, ev->status); 2632 hci_sco_setup(conn, ev->status);
2633 } 2633 }
2634 2634
2635 hci_dev_unlock(hdev); 2635 hci_dev_unlock(hdev);
2636 } 2636 }
2637 2637
2638 static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb) 2638 static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2639 { 2639 {
2640 struct hci_ev_pin_code_req *ev = (void *) skb->data; 2640 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2641 struct hci_conn *conn; 2641 struct hci_conn *conn;
2642 2642
2643 BT_DBG("%s", hdev->name); 2643 BT_DBG("%s", hdev->name);
2644 2644
2645 hci_dev_lock(hdev); 2645 hci_dev_lock(hdev);
2646 2646
2647 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 2647 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2648 if (!conn) 2648 if (!conn)
2649 goto unlock; 2649 goto unlock;
2650 2650
2651 if (conn->state == BT_CONNECTED) { 2651 if (conn->state == BT_CONNECTED) {
2652 hci_conn_hold(conn); 2652 hci_conn_hold(conn);
2653 conn->disc_timeout = HCI_PAIRING_TIMEOUT; 2653 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2654 hci_conn_put(conn); 2654 hci_conn_put(conn);
2655 } 2655 }
2656 2656
2657 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags)) 2657 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
2658 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, 2658 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2659 sizeof(ev->bdaddr), &ev->bdaddr); 2659 sizeof(ev->bdaddr), &ev->bdaddr);
2660 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) { 2660 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
2661 u8 secure; 2661 u8 secure;
2662 2662
2663 if (conn->pending_sec_level == BT_SECURITY_HIGH) 2663 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2664 secure = 1; 2664 secure = 1;
2665 else 2665 else
2666 secure = 0; 2666 secure = 0;
2667 2667
2668 mgmt_pin_code_request(hdev, &ev->bdaddr, secure); 2668 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
2669 } 2669 }
2670 2670
2671 unlock: 2671 unlock:
2672 hci_dev_unlock(hdev); 2672 hci_dev_unlock(hdev);
2673 } 2673 }
2674 2674
2675 static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb) 2675 static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2676 { 2676 {
2677 struct hci_ev_link_key_req *ev = (void *) skb->data; 2677 struct hci_ev_link_key_req *ev = (void *) skb->data;
2678 struct hci_cp_link_key_reply cp; 2678 struct hci_cp_link_key_reply cp;
2679 struct hci_conn *conn; 2679 struct hci_conn *conn;
2680 struct link_key *key; 2680 struct link_key *key;
2681 2681
2682 BT_DBG("%s", hdev->name); 2682 BT_DBG("%s", hdev->name);
2683 2683
2684 if (!test_bit(HCI_LINK_KEYS, &hdev->dev_flags)) 2684 if (!test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
2685 return; 2685 return;
2686 2686
2687 hci_dev_lock(hdev); 2687 hci_dev_lock(hdev);
2688 2688
2689 key = hci_find_link_key(hdev, &ev->bdaddr); 2689 key = hci_find_link_key(hdev, &ev->bdaddr);
2690 if (!key) { 2690 if (!key) {
2691 BT_DBG("%s link key not found for %s", hdev->name, 2691 BT_DBG("%s link key not found for %s", hdev->name,
2692 batostr(&ev->bdaddr)); 2692 batostr(&ev->bdaddr));
2693 goto not_found; 2693 goto not_found;
2694 } 2694 }
2695 2695
2696 BT_DBG("%s found key type %u for %s", hdev->name, key->type, 2696 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2697 batostr(&ev->bdaddr)); 2697 batostr(&ev->bdaddr));
2698 2698
2699 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) && 2699 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
2700 key->type == HCI_LK_DEBUG_COMBINATION) { 2700 key->type == HCI_LK_DEBUG_COMBINATION) {
2701 BT_DBG("%s ignoring debug key", hdev->name); 2701 BT_DBG("%s ignoring debug key", hdev->name);
2702 goto not_found; 2702 goto not_found;
2703 } 2703 }
2704 2704
2705 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 2705 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2706 if (conn) { 2706 if (conn) {
2707 if (key->type == HCI_LK_UNAUTH_COMBINATION && 2707 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
2708 conn->auth_type != 0xff && 2708 conn->auth_type != 0xff &&
2709 (conn->auth_type & 0x01)) { 2709 (conn->auth_type & 0x01)) {
2710 BT_DBG("%s ignoring unauthenticated key", hdev->name); 2710 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2711 goto not_found; 2711 goto not_found;
2712 } 2712 }
2713 2713
2714 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 && 2714 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
2715 conn->pending_sec_level == BT_SECURITY_HIGH) { 2715 conn->pending_sec_level == BT_SECURITY_HIGH) {
2716 BT_DBG("%s ignoring key unauthenticated for high \ 2716 BT_DBG("%s ignoring key unauthenticated for high \
2717 security", hdev->name); 2717 security", hdev->name);
2718 goto not_found; 2718 goto not_found;
2719 } 2719 }
2720 2720
2721 conn->key_type = key->type; 2721 conn->key_type = key->type;
2722 conn->pin_length = key->pin_len; 2722 conn->pin_length = key->pin_len;
2723 } 2723 }
2724 2724
2725 bacpy(&cp.bdaddr, &ev->bdaddr); 2725 bacpy(&cp.bdaddr, &ev->bdaddr);
2726 memcpy(cp.link_key, key->val, 16); 2726 memcpy(cp.link_key, key->val, 16);
2727 2727
2728 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp); 2728 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2729 2729
2730 hci_dev_unlock(hdev); 2730 hci_dev_unlock(hdev);
2731 2731
2732 return; 2732 return;
2733 2733
2734 not_found: 2734 not_found:
2735 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr); 2735 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2736 hci_dev_unlock(hdev); 2736 hci_dev_unlock(hdev);
2737 } 2737 }
2738 2738
2739 static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb) 2739 static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2740 { 2740 {
2741 struct hci_ev_link_key_notify *ev = (void *) skb->data; 2741 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2742 struct hci_conn *conn; 2742 struct hci_conn *conn;
2743 u8 pin_len = 0; 2743 u8 pin_len = 0;
2744 2744
2745 BT_DBG("%s", hdev->name); 2745 BT_DBG("%s", hdev->name);
2746 2746
2747 hci_dev_lock(hdev); 2747 hci_dev_lock(hdev);
2748 2748
2749 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 2749 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2750 if (conn) { 2750 if (conn) {
2751 hci_conn_hold(conn); 2751 hci_conn_hold(conn);
2752 conn->disc_timeout = HCI_DISCONN_TIMEOUT; 2752 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2753 pin_len = conn->pin_length; 2753 pin_len = conn->pin_length;
2754 2754
2755 if (ev->key_type != HCI_LK_CHANGED_COMBINATION) 2755 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2756 conn->key_type = ev->key_type; 2756 conn->key_type = ev->key_type;
2757 2757
2758 hci_conn_put(conn); 2758 hci_conn_put(conn);
2759 } 2759 }
2760 2760
2761 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags)) 2761 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
2762 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key, 2762 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
2763 ev->key_type, pin_len); 2763 ev->key_type, pin_len);
2764 2764
2765 hci_dev_unlock(hdev); 2765 hci_dev_unlock(hdev);
2766 } 2766 }
2767 2767
2768 static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb) 2768 static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2769 { 2769 {
2770 struct hci_ev_clock_offset *ev = (void *) skb->data; 2770 struct hci_ev_clock_offset *ev = (void *) skb->data;
2771 struct hci_conn *conn; 2771 struct hci_conn *conn;
2772 2772
2773 BT_DBG("%s status %d", hdev->name, ev->status); 2773 BT_DBG("%s status %d", hdev->name, ev->status);
2774 2774
2775 hci_dev_lock(hdev); 2775 hci_dev_lock(hdev);
2776 2776
2777 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 2777 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2778 if (conn && !ev->status) { 2778 if (conn && !ev->status) {
2779 struct inquiry_entry *ie; 2779 struct inquiry_entry *ie;
2780 2780
2781 ie = hci_inquiry_cache_lookup(hdev, &conn->dst); 2781 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2782 if (ie) { 2782 if (ie) {
2783 ie->data.clock_offset = ev->clock_offset; 2783 ie->data.clock_offset = ev->clock_offset;
2784 ie->timestamp = jiffies; 2784 ie->timestamp = jiffies;
2785 } 2785 }
2786 } 2786 }
2787 2787
2788 hci_dev_unlock(hdev); 2788 hci_dev_unlock(hdev);
2789 } 2789 }
2790 2790
2791 static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb) 2791 static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2792 { 2792 {
2793 struct hci_ev_pkt_type_change *ev = (void *) skb->data; 2793 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2794 struct hci_conn *conn; 2794 struct hci_conn *conn;
2795 2795
2796 BT_DBG("%s status %d", hdev->name, ev->status); 2796 BT_DBG("%s status %d", hdev->name, ev->status);
2797 2797
2798 hci_dev_lock(hdev); 2798 hci_dev_lock(hdev);
2799 2799
2800 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 2800 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2801 if (conn && !ev->status) 2801 if (conn && !ev->status)
2802 conn->pkt_type = __le16_to_cpu(ev->pkt_type); 2802 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2803 2803
2804 hci_dev_unlock(hdev); 2804 hci_dev_unlock(hdev);
2805 } 2805 }
2806 2806
2807 static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb) 2807 static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2808 { 2808 {
2809 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data; 2809 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
2810 struct inquiry_entry *ie; 2810 struct inquiry_entry *ie;
2811 2811
2812 BT_DBG("%s", hdev->name); 2812 BT_DBG("%s", hdev->name);
2813 2813
2814 hci_dev_lock(hdev); 2814 hci_dev_lock(hdev);
2815 2815
2816 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr); 2816 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2817 if (ie) { 2817 if (ie) {
2818 ie->data.pscan_rep_mode = ev->pscan_rep_mode; 2818 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2819 ie->timestamp = jiffies; 2819 ie->timestamp = jiffies;
2820 } 2820 }
2821 2821
2822 hci_dev_unlock(hdev); 2822 hci_dev_unlock(hdev);
2823 } 2823 }
2824 2824
2825 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb) 2825 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2826 { 2826 {
2827 struct inquiry_data data; 2827 struct inquiry_data data;
2828 int num_rsp = *((__u8 *) skb->data); 2828 int num_rsp = *((__u8 *) skb->data);
2829 bool name_known, ssp; 2829 bool name_known, ssp;
2830 2830
2831 BT_DBG("%s num_rsp %d", hdev->name, num_rsp); 2831 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2832 2832
2833 if (!num_rsp) 2833 if (!num_rsp)
2834 return; 2834 return;
2835 2835
2836 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags)) 2836 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
2837 return; 2837 return;
2838 2838
2839 hci_dev_lock(hdev); 2839 hci_dev_lock(hdev);
2840 2840
2841 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) { 2841 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
2842 struct inquiry_info_with_rssi_and_pscan_mode *info; 2842 struct inquiry_info_with_rssi_and_pscan_mode *info;
2843 info = (void *) (skb->data + 1); 2843 info = (void *) (skb->data + 1);
2844 2844
2845 for (; num_rsp; num_rsp--, info++) { 2845 for (; num_rsp; num_rsp--, info++) {
2846 bacpy(&data.bdaddr, &info->bdaddr); 2846 bacpy(&data.bdaddr, &info->bdaddr);
2847 data.pscan_rep_mode = info->pscan_rep_mode; 2847 data.pscan_rep_mode = info->pscan_rep_mode;
2848 data.pscan_period_mode = info->pscan_period_mode; 2848 data.pscan_period_mode = info->pscan_period_mode;
2849 data.pscan_mode = info->pscan_mode; 2849 data.pscan_mode = info->pscan_mode;
2850 memcpy(data.dev_class, info->dev_class, 3); 2850 memcpy(data.dev_class, info->dev_class, 3);
2851 data.clock_offset = info->clock_offset; 2851 data.clock_offset = info->clock_offset;
2852 data.rssi = info->rssi; 2852 data.rssi = info->rssi;
2853 data.ssp_mode = 0x00; 2853 data.ssp_mode = 0x00;
2854 2854
2855 name_known = hci_inquiry_cache_update(hdev, &data, 2855 name_known = hci_inquiry_cache_update(hdev, &data,
2856 false, &ssp); 2856 false, &ssp);
2857 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00, 2857 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
2858 info->dev_class, info->rssi, 2858 info->dev_class, info->rssi,
2859 !name_known, ssp, NULL, 0); 2859 !name_known, ssp, NULL, 0);
2860 } 2860 }
2861 } else { 2861 } else {
2862 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1); 2862 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2863 2863
2864 for (; num_rsp; num_rsp--, info++) { 2864 for (; num_rsp; num_rsp--, info++) {
2865 bacpy(&data.bdaddr, &info->bdaddr); 2865 bacpy(&data.bdaddr, &info->bdaddr);
2866 data.pscan_rep_mode = info->pscan_rep_mode; 2866 data.pscan_rep_mode = info->pscan_rep_mode;
2867 data.pscan_period_mode = info->pscan_period_mode; 2867 data.pscan_period_mode = info->pscan_period_mode;
2868 data.pscan_mode = 0x00; 2868 data.pscan_mode = 0x00;
2869 memcpy(data.dev_class, info->dev_class, 3); 2869 memcpy(data.dev_class, info->dev_class, 3);
2870 data.clock_offset = info->clock_offset; 2870 data.clock_offset = info->clock_offset;
2871 data.rssi = info->rssi; 2871 data.rssi = info->rssi;
2872 data.ssp_mode = 0x00; 2872 data.ssp_mode = 0x00;
2873 name_known = hci_inquiry_cache_update(hdev, &data, 2873 name_known = hci_inquiry_cache_update(hdev, &data,
2874 false, &ssp); 2874 false, &ssp);
2875 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00, 2875 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
2876 info->dev_class, info->rssi, 2876 info->dev_class, info->rssi,
2877 !name_known, ssp, NULL, 0); 2877 !name_known, ssp, NULL, 0);
2878 } 2878 }
2879 } 2879 }
2880 2880
2881 hci_dev_unlock(hdev); 2881 hci_dev_unlock(hdev);
2882 } 2882 }
2883 2883
2884 static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb) 2884 static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2885 { 2885 {
2886 struct hci_ev_remote_ext_features *ev = (void *) skb->data; 2886 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2887 struct hci_conn *conn; 2887 struct hci_conn *conn;
2888 2888
2889 BT_DBG("%s", hdev->name); 2889 BT_DBG("%s", hdev->name);
2890 2890
2891 hci_dev_lock(hdev); 2891 hci_dev_lock(hdev);
2892 2892
2893 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 2893 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2894 if (!conn) 2894 if (!conn)
2895 goto unlock; 2895 goto unlock;
2896 2896
2897 if (!ev->status && ev->page == 0x01) { 2897 if (!ev->status && ev->page == 0x01) {
2898 struct inquiry_entry *ie; 2898 struct inquiry_entry *ie;
2899 2899
2900 ie = hci_inquiry_cache_lookup(hdev, &conn->dst); 2900 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2901 if (ie) 2901 if (ie)
2902 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP); 2902 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
2903 2903
2904 if (ev->features[0] & LMP_HOST_SSP) 2904 if (ev->features[0] & LMP_HOST_SSP)
2905 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags); 2905 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
2906 } 2906 }
2907 2907
2908 if (conn->state != BT_CONFIG) 2908 if (conn->state != BT_CONFIG)
2909 goto unlock; 2909 goto unlock;
2910 2910
2911 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) { 2911 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
2912 struct hci_cp_remote_name_req cp; 2912 struct hci_cp_remote_name_req cp;
2913 memset(&cp, 0, sizeof(cp)); 2913 memset(&cp, 0, sizeof(cp));
2914 bacpy(&cp.bdaddr, &conn->dst); 2914 bacpy(&cp.bdaddr, &conn->dst);
2915 cp.pscan_rep_mode = 0x02; 2915 cp.pscan_rep_mode = 0x02;
2916 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp); 2916 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2917 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) 2917 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2918 mgmt_device_connected(hdev, &conn->dst, conn->type, 2918 mgmt_device_connected(hdev, &conn->dst, conn->type,
2919 conn->dst_type, 0, NULL, 0, 2919 conn->dst_type, 0, NULL, 0,
2920 conn->dev_class); 2920 conn->dev_class);
2921 2921
2922 if (!hci_outgoing_auth_needed(hdev, conn)) { 2922 if (!hci_outgoing_auth_needed(hdev, conn)) {
2923 conn->state = BT_CONNECTED; 2923 conn->state = BT_CONNECTED;
2924 hci_proto_connect_cfm(conn, ev->status); 2924 hci_proto_connect_cfm(conn, ev->status);
2925 hci_conn_put(conn); 2925 hci_conn_put(conn);
2926 } 2926 }
2927 2927
2928 unlock: 2928 unlock:
2929 hci_dev_unlock(hdev); 2929 hci_dev_unlock(hdev);
2930 } 2930 }
2931 2931
2932 static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 2932 static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2933 { 2933 {
2934 struct hci_ev_sync_conn_complete *ev = (void *) skb->data; 2934 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2935 struct hci_conn *conn; 2935 struct hci_conn *conn;
2936 2936
2937 BT_DBG("%s status %d", hdev->name, ev->status); 2937 BT_DBG("%s status %d", hdev->name, ev->status);
2938 2938
2939 hci_dev_lock(hdev); 2939 hci_dev_lock(hdev);
2940 2940
2941 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr); 2941 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
2942 if (!conn) { 2942 if (!conn) {
2943 if (ev->link_type == ESCO_LINK) 2943 if (ev->link_type == ESCO_LINK)
2944 goto unlock; 2944 goto unlock;
2945 2945
2946 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr); 2946 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2947 if (!conn) 2947 if (!conn)
2948 goto unlock; 2948 goto unlock;
2949 2949
2950 conn->type = SCO_LINK; 2950 conn->type = SCO_LINK;
2951 } 2951 }
2952 2952
2953 switch (ev->status) { 2953 switch (ev->status) {
2954 case 0x00: 2954 case 0x00:
2955 conn->handle = __le16_to_cpu(ev->handle); 2955 conn->handle = __le16_to_cpu(ev->handle);
2956 conn->state = BT_CONNECTED; 2956 conn->state = BT_CONNECTED;
2957 2957
2958 hci_conn_hold_device(conn); 2958 hci_conn_hold_device(conn);
2959 hci_conn_add_sysfs(conn); 2959 hci_conn_add_sysfs(conn);
2960 break; 2960 break;
2961 2961
2962 case 0x11: /* Unsupported Feature or Parameter Value */ 2962 case 0x11: /* Unsupported Feature or Parameter Value */
2963 case 0x1c: /* SCO interval rejected */ 2963 case 0x1c: /* SCO interval rejected */
2964 case 0x1a: /* Unsupported Remote Feature */ 2964 case 0x1a: /* Unsupported Remote Feature */
2965 case 0x1f: /* Unspecified error */ 2965 case 0x1f: /* Unspecified error */
2966 if (conn->out && conn->attempt < 2) { 2966 if (conn->out && conn->attempt < 2) {
2967 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) | 2967 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2968 (hdev->esco_type & EDR_ESCO_MASK); 2968 (hdev->esco_type & EDR_ESCO_MASK);
2969 hci_setup_sync(conn, conn->link->handle); 2969 hci_setup_sync(conn, conn->link->handle);
2970 goto unlock; 2970 goto unlock;
2971 } 2971 }
2972 /* fall through */ 2972 /* fall through */
2973 2973
2974 default: 2974 default:
2975 conn->state = BT_CLOSED; 2975 conn->state = BT_CLOSED;
2976 break; 2976 break;
2977 } 2977 }
2978 2978
2979 hci_proto_connect_cfm(conn, ev->status); 2979 hci_proto_connect_cfm(conn, ev->status);
2980 if (ev->status) 2980 if (ev->status)
2981 hci_conn_del(conn); 2981 hci_conn_del(conn);
2982 2982
2983 unlock: 2983 unlock:
2984 hci_dev_unlock(hdev); 2984 hci_dev_unlock(hdev);
2985 } 2985 }
2986 2986
2987 static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb) 2987 static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2988 { 2988 {
2989 BT_DBG("%s", hdev->name); 2989 BT_DBG("%s", hdev->name);
2990 } 2990 }
2991 2991
2992 static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb) 2992 static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2993 { 2993 {
2994 struct hci_ev_sniff_subrate *ev = (void *) skb->data; 2994 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
2995 2995
2996 BT_DBG("%s status %d", hdev->name, ev->status); 2996 BT_DBG("%s status %d", hdev->name, ev->status);
2997 } 2997 }
2998 2998
2999 static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb) 2999 static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
3000 { 3000 {
3001 struct inquiry_data data; 3001 struct inquiry_data data;
3002 struct extended_inquiry_info *info = (void *) (skb->data + 1); 3002 struct extended_inquiry_info *info = (void *) (skb->data + 1);
3003 int num_rsp = *((__u8 *) skb->data); 3003 int num_rsp = *((__u8 *) skb->data);
3004 size_t eir_len; 3004 size_t eir_len;
3005 3005
3006 BT_DBG("%s num_rsp %d", hdev->name, num_rsp); 3006 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
3007 3007
3008 if (!num_rsp) 3008 if (!num_rsp)
3009 return; 3009 return;
3010 3010
3011 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags)) 3011 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
3012 return; 3012 return;
3013 3013
3014 hci_dev_lock(hdev); 3014 hci_dev_lock(hdev);
3015 3015
3016 for (; num_rsp; num_rsp--, info++) { 3016 for (; num_rsp; num_rsp--, info++) {
3017 bool name_known, ssp; 3017 bool name_known, ssp;
3018 3018
3019 bacpy(&data.bdaddr, &info->bdaddr); 3019 bacpy(&data.bdaddr, &info->bdaddr);
3020 data.pscan_rep_mode = info->pscan_rep_mode; 3020 data.pscan_rep_mode = info->pscan_rep_mode;
3021 data.pscan_period_mode = info->pscan_period_mode; 3021 data.pscan_period_mode = info->pscan_period_mode;
3022 data.pscan_mode = 0x00; 3022 data.pscan_mode = 0x00;
3023 memcpy(data.dev_class, info->dev_class, 3); 3023 memcpy(data.dev_class, info->dev_class, 3);
3024 data.clock_offset = info->clock_offset; 3024 data.clock_offset = info->clock_offset;
3025 data.rssi = info->rssi; 3025 data.rssi = info->rssi;
3026 data.ssp_mode = 0x01; 3026 data.ssp_mode = 0x01;
3027 3027
3028 if (test_bit(HCI_MGMT, &hdev->dev_flags)) 3028 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3029 name_known = eir_has_data_type(info->data, 3029 name_known = eir_has_data_type(info->data,
3030 sizeof(info->data), 3030 sizeof(info->data),
3031 EIR_NAME_COMPLETE); 3031 EIR_NAME_COMPLETE);
3032 else 3032 else
3033 name_known = true; 3033 name_known = true;
3034 3034
3035 name_known = hci_inquiry_cache_update(hdev, &data, name_known, 3035 name_known = hci_inquiry_cache_update(hdev, &data, name_known,
3036 &ssp); 3036 &ssp);
3037 eir_len = eir_get_length(info->data, sizeof(info->data)); 3037 eir_len = eir_get_length(info->data, sizeof(info->data));
3038 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00, 3038 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
3039 info->dev_class, info->rssi, !name_known, 3039 info->dev_class, info->rssi, !name_known,
3040 ssp, info->data, eir_len); 3040 ssp, info->data, eir_len);
3041 } 3041 }
3042 3042
3043 hci_dev_unlock(hdev); 3043 hci_dev_unlock(hdev);
3044 } 3044 }
3045 3045
3046 static inline u8 hci_get_auth_req(struct hci_conn *conn) 3046 static inline u8 hci_get_auth_req(struct hci_conn *conn)
3047 { 3047 {
3048 /* If remote requests dedicated bonding follow that lead */ 3048 /* If remote requests dedicated bonding follow that lead */
3049 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) { 3049 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
3050 /* If both remote and local IO capabilities allow MITM 3050 /* If both remote and local IO capabilities allow MITM
3051 * protection then require it, otherwise don't */ 3051 * protection then require it, otherwise don't */
3052 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03) 3052 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
3053 return 0x02; 3053 return 0x02;
3054 else 3054 else
3055 return 0x03; 3055 return 0x03;
3056 } 3056 }
3057 3057
3058 /* If remote requests no-bonding follow that lead */ 3058 /* If remote requests no-bonding follow that lead */
3059 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01) 3059 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
3060 return conn->remote_auth | (conn->auth_type & 0x01); 3060 return conn->remote_auth | (conn->auth_type & 0x01);
3061 3061
3062 return conn->auth_type; 3062 return conn->auth_type;
3063 } 3063 }
3064 3064
3065 static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb) 3065 static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
3066 { 3066 {
3067 struct hci_ev_io_capa_request *ev = (void *) skb->data; 3067 struct hci_ev_io_capa_request *ev = (void *) skb->data;
3068 struct hci_conn *conn; 3068 struct hci_conn *conn;
3069 3069
3070 BT_DBG("%s", hdev->name); 3070 BT_DBG("%s", hdev->name);
3071 3071
3072 hci_dev_lock(hdev); 3072 hci_dev_lock(hdev);
3073 3073
3074 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 3074 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3075 if (!conn) 3075 if (!conn)
3076 goto unlock; 3076 goto unlock;
3077 3077
3078 hci_conn_hold(conn); 3078 hci_conn_hold(conn);
3079 3079
3080 if (!test_bit(HCI_MGMT, &hdev->dev_flags)) 3080 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
3081 goto unlock; 3081 goto unlock;
3082 3082
3083 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) || 3083 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
3084 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) { 3084 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
3085 struct hci_cp_io_capability_reply cp; 3085 struct hci_cp_io_capability_reply cp;
3086 3086
3087 bacpy(&cp.bdaddr, &ev->bdaddr); 3087 bacpy(&cp.bdaddr, &ev->bdaddr);
3088 /* Change the IO capability from KeyboardDisplay 3088 /* Change the IO capability from KeyboardDisplay
3089 * to DisplayYesNo as it is not supported by BT spec. */ 3089 * to DisplayYesNo as it is not supported by BT spec. */
3090 cp.capability = (conn->io_capability == 0x04) ? 3090 cp.capability = (conn->io_capability == 0x04) ?
3091 0x01 : conn->io_capability; 3091 0x01 : conn->io_capability;
3092 conn->auth_type = hci_get_auth_req(conn); 3092 conn->auth_type = hci_get_auth_req(conn);
3093 cp.authentication = conn->auth_type; 3093 cp.authentication = conn->auth_type;
3094 3094
3095 if ((conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)) && 3095 if ((conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)) &&
3096 hci_find_remote_oob_data(hdev, &conn->dst)) 3096 hci_find_remote_oob_data(hdev, &conn->dst))
3097 cp.oob_data = 0x01; 3097 cp.oob_data = 0x01;
3098 else 3098 else
3099 cp.oob_data = 0x00; 3099 cp.oob_data = 0x00;
3100 3100
3101 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY, 3101 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
3102 sizeof(cp), &cp); 3102 sizeof(cp), &cp);
3103 } else { 3103 } else {
3104 struct hci_cp_io_capability_neg_reply cp; 3104 struct hci_cp_io_capability_neg_reply cp;
3105 3105
3106 bacpy(&cp.bdaddr, &ev->bdaddr); 3106 bacpy(&cp.bdaddr, &ev->bdaddr);
3107 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED; 3107 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
3108 3108
3109 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY, 3109 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
3110 sizeof(cp), &cp); 3110 sizeof(cp), &cp);
3111 } 3111 }
3112 3112
3113 unlock: 3113 unlock:
3114 hci_dev_unlock(hdev); 3114 hci_dev_unlock(hdev);
3115 } 3115 }
3116 3116
3117 static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb) 3117 static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
3118 { 3118 {
3119 struct hci_ev_io_capa_reply *ev = (void *) skb->data; 3119 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3120 struct hci_conn *conn; 3120 struct hci_conn *conn;
3121 3121
3122 BT_DBG("%s", hdev->name); 3122 BT_DBG("%s", hdev->name);
3123 3123
3124 hci_dev_lock(hdev); 3124 hci_dev_lock(hdev);
3125 3125
3126 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 3126 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3127 if (!conn) 3127 if (!conn)
3128 goto unlock; 3128 goto unlock;
3129 3129
3130 conn->remote_cap = ev->capability; 3130 conn->remote_cap = ev->capability;
3131 conn->remote_auth = ev->authentication; 3131 conn->remote_auth = ev->authentication;
3132 if (ev->oob_data) 3132 if (ev->oob_data)
3133 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags); 3133 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
3134 3134
3135 unlock: 3135 unlock:
3136 hci_dev_unlock(hdev); 3136 hci_dev_unlock(hdev);
3137 } 3137 }
3138 3138
3139 static inline void hci_user_confirm_request_evt(struct hci_dev *hdev, 3139 static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
3140 struct sk_buff *skb) 3140 struct sk_buff *skb)
3141 { 3141 {
3142 struct hci_ev_user_confirm_req *ev = (void *) skb->data; 3142 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
3143 int loc_mitm, rem_mitm, confirm_hint = 0; 3143 int loc_mitm, rem_mitm, confirm_hint = 0;
3144 struct hci_conn *conn; 3144 struct hci_conn *conn;
3145 3145
3146 BT_DBG("%s", hdev->name); 3146 BT_DBG("%s", hdev->name);
3147 3147
3148 hci_dev_lock(hdev); 3148 hci_dev_lock(hdev);
3149 3149
3150 if (!test_bit(HCI_MGMT, &hdev->dev_flags)) 3150 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
3151 goto unlock; 3151 goto unlock;
3152 3152
3153 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 3153 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3154 if (!conn) 3154 if (!conn)
3155 goto unlock; 3155 goto unlock;
3156 3156
3157 loc_mitm = (conn->auth_type & 0x01); 3157 loc_mitm = (conn->auth_type & 0x01);
3158 rem_mitm = (conn->remote_auth & 0x01); 3158 rem_mitm = (conn->remote_auth & 0x01);
3159 3159
3160 /* If we require MITM but the remote device can't provide that 3160 /* If we require MITM but the remote device can't provide that
3161 * (it has NoInputNoOutput) then reject the confirmation 3161 * (it has NoInputNoOutput) then reject the confirmation
3162 * request. The only exception is when we're dedicated bonding 3162 * request. The only exception is when we're dedicated bonding
3163 * initiators (connect_cfm_cb set) since then we always have the MITM 3163 * initiators (connect_cfm_cb set) since then we always have the MITM
3164 * bit set. */ 3164 * bit set. */
3165 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) { 3165 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
3166 BT_DBG("Rejecting request: remote device can't provide MITM"); 3166 BT_DBG("Rejecting request: remote device can't provide MITM");
3167 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY, 3167 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
3168 sizeof(ev->bdaddr), &ev->bdaddr); 3168 sizeof(ev->bdaddr), &ev->bdaddr);
3169 goto unlock; 3169 goto unlock;
3170 } 3170 }
3171 3171
3172 /* If no side requires MITM protection; auto-accept */ 3172 /* If no side requires MITM protection; auto-accept */
3173 if ((!loc_mitm || conn->remote_cap == 0x03) && 3173 if ((!loc_mitm || conn->remote_cap == 0x03) &&
3174 (!rem_mitm || conn->io_capability == 0x03)) { 3174 (!rem_mitm || conn->io_capability == 0x03)) {
3175 3175
3176 /* If we're not the initiators request authorization to 3176 /* If we're not the initiators request authorization to
3177 * proceed from user space (mgmt_user_confirm with 3177 * proceed from user space (mgmt_user_confirm with
3178 * confirm_hint set to 1). */ 3178 * confirm_hint set to 1). */
3179 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) { 3179 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
3180 BT_DBG("Confirming auto-accept as acceptor"); 3180 BT_DBG("Confirming auto-accept as acceptor");
3181 confirm_hint = 1; 3181 confirm_hint = 1;
3182 goto confirm; 3182 goto confirm;
3183 } 3183 }
3184 3184
3185 BT_DBG("Auto-accept of user confirmation with %ums delay", 3185 BT_DBG("Auto-accept of user confirmation with %ums delay",
3186 hdev->auto_accept_delay); 3186 hdev->auto_accept_delay);
3187 3187
3188 if (hdev->auto_accept_delay > 0) { 3188 if (hdev->auto_accept_delay > 0) {
3189 int delay = msecs_to_jiffies(hdev->auto_accept_delay); 3189 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3190 mod_timer(&conn->auto_accept_timer, jiffies + delay); 3190 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3191 goto unlock; 3191 goto unlock;
3192 } 3192 }
3193 3193
3194 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY, 3194 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
3195 sizeof(ev->bdaddr), &ev->bdaddr); 3195 sizeof(ev->bdaddr), &ev->bdaddr);
3196 goto unlock; 3196 goto unlock;
3197 } 3197 }
3198 3198
3199 confirm: 3199 confirm:
3200 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, ev->passkey, 3200 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, ev->passkey,
3201 confirm_hint); 3201 confirm_hint);
3202 3202
3203 unlock: 3203 unlock:
3204 hci_dev_unlock(hdev); 3204 hci_dev_unlock(hdev);
3205 } 3205 }
3206 3206
3207 static inline void hci_user_passkey_request_evt(struct hci_dev *hdev, 3207 static inline void hci_user_passkey_request_evt(struct hci_dev *hdev,
3208 struct sk_buff *skb) 3208 struct sk_buff *skb)
3209 { 3209 {
3210 struct hci_ev_user_passkey_req *ev = (void *) skb->data; 3210 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3211 3211
3212 BT_DBG("%s", hdev->name); 3212 BT_DBG("%s", hdev->name);
3213 3213
3214 hci_dev_lock(hdev); 3214 hci_dev_lock(hdev);
3215 3215
3216 if (test_bit(HCI_MGMT, &hdev->dev_flags)) 3216 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3217 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0); 3217 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
3218 3218
3219 hci_dev_unlock(hdev); 3219 hci_dev_unlock(hdev);
3220 } 3220 }
3221 3221
3222 static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 3222 static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3223 { 3223 {
3224 struct hci_ev_simple_pair_complete *ev = (void *) skb->data; 3224 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3225 struct hci_conn *conn; 3225 struct hci_conn *conn;
3226 3226
3227 BT_DBG("%s", hdev->name); 3227 BT_DBG("%s", hdev->name);
3228 3228
3229 hci_dev_lock(hdev); 3229 hci_dev_lock(hdev);
3230 3230
3231 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 3231 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3232 if (!conn) 3232 if (!conn)
3233 goto unlock; 3233 goto unlock;
3234 3234
3235 /* To avoid duplicate auth_failed events to user space we check 3235 /* To avoid duplicate auth_failed events to user space we check
3236 * the HCI_CONN_AUTH_PEND flag which will be set if we 3236 * the HCI_CONN_AUTH_PEND flag which will be set if we
3237 * initiated the authentication. A traditional auth_complete 3237 * initiated the authentication. A traditional auth_complete
3238 * event gets always produced as initiator and is also mapped to 3238 * event gets always produced as initiator and is also mapped to
3239 * the mgmt_auth_failed event */ 3239 * the mgmt_auth_failed event */
3240 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status != 0) 3240 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status != 0)
3241 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type, 3241 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
3242 ev->status); 3242 ev->status);
3243 3243
3244 hci_conn_put(conn); 3244 hci_conn_put(conn);
3245 3245
3246 unlock: 3246 unlock:
3247 hci_dev_unlock(hdev); 3247 hci_dev_unlock(hdev);
3248 } 3248 }
3249 3249
3250 static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb) 3250 static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
3251 { 3251 {
3252 struct hci_ev_remote_host_features *ev = (void *) skb->data; 3252 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3253 struct inquiry_entry *ie; 3253 struct inquiry_entry *ie;
3254 3254
3255 BT_DBG("%s", hdev->name); 3255 BT_DBG("%s", hdev->name);
3256 3256
3257 hci_dev_lock(hdev); 3257 hci_dev_lock(hdev);
3258 3258
3259 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr); 3259 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3260 if (ie) 3260 if (ie)
3261 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP); 3261 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
3262 3262
3263 hci_dev_unlock(hdev); 3263 hci_dev_unlock(hdev);
3264 } 3264 }
3265 3265
3266 static inline void hci_remote_oob_data_request_evt(struct hci_dev *hdev, 3266 static inline void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3267 struct sk_buff *skb) 3267 struct sk_buff *skb)
3268 { 3268 {
3269 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data; 3269 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3270 struct oob_data *data; 3270 struct oob_data *data;
3271 3271
3272 BT_DBG("%s", hdev->name); 3272 BT_DBG("%s", hdev->name);
3273 3273
3274 hci_dev_lock(hdev); 3274 hci_dev_lock(hdev);
3275 3275
3276 if (!test_bit(HCI_MGMT, &hdev->dev_flags)) 3276 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
3277 goto unlock; 3277 goto unlock;
3278 3278
3279 data = hci_find_remote_oob_data(hdev, &ev->bdaddr); 3279 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3280 if (data) { 3280 if (data) {
3281 struct hci_cp_remote_oob_data_reply cp; 3281 struct hci_cp_remote_oob_data_reply cp;
3282 3282
3283 bacpy(&cp.bdaddr, &ev->bdaddr); 3283 bacpy(&cp.bdaddr, &ev->bdaddr);
3284 memcpy(cp.hash, data->hash, sizeof(cp.hash)); 3284 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3285 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer)); 3285 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3286 3286
3287 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp), 3287 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
3288 &cp); 3288 &cp);
3289 } else { 3289 } else {
3290 struct hci_cp_remote_oob_data_neg_reply cp; 3290 struct hci_cp_remote_oob_data_neg_reply cp;
3291 3291
3292 bacpy(&cp.bdaddr, &ev->bdaddr); 3292 bacpy(&cp.bdaddr, &ev->bdaddr);
3293 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp), 3293 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
3294 &cp); 3294 &cp);
3295 } 3295 }
3296 3296
3297 unlock: 3297 unlock:
3298 hci_dev_unlock(hdev); 3298 hci_dev_unlock(hdev);
3299 } 3299 }
3300 3300
3301 static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 3301 static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3302 { 3302 {
3303 struct hci_ev_le_conn_complete *ev = (void *) skb->data; 3303 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3304 struct hci_conn *conn; 3304 struct hci_conn *conn;
3305 3305
3306 BT_DBG("%s status %d", hdev->name, ev->status); 3306 BT_DBG("%s status %d", hdev->name, ev->status);
3307 3307
3308 hci_dev_lock(hdev); 3308 hci_dev_lock(hdev);
3309 3309
3310 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr); 3310 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
3311 if (!conn) { 3311 if (!conn) {
3312 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr); 3312 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3313 if (!conn) { 3313 if (!conn) {
3314 BT_ERR("No memory for new connection"); 3314 BT_ERR("No memory for new connection");
3315 hci_dev_unlock(hdev); 3315 hci_dev_unlock(hdev);
3316 return; 3316 return;
3317 } 3317 }
3318 3318
3319 conn->dst_type = ev->bdaddr_type; 3319 conn->dst_type = ev->bdaddr_type;
3320 } 3320 }
3321 3321
3322 if (ev->status) { 3322 if (ev->status) {
3323 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type, 3323 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
3324 conn->dst_type, ev->status); 3324 conn->dst_type, ev->status);
3325 hci_proto_connect_cfm(conn, ev->status); 3325 hci_proto_connect_cfm(conn, ev->status);
3326 conn->state = BT_CLOSED; 3326 conn->state = BT_CLOSED;
3327 hci_conn_del(conn); 3327 hci_conn_del(conn);
3328 goto unlock; 3328 goto unlock;
3329 } 3329 }
3330 3330
3331 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) 3331 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3332 mgmt_device_connected(hdev, &ev->bdaddr, conn->type, 3332 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
3333 conn->dst_type, 0, NULL, 0, NULL); 3333 conn->dst_type, 0, NULL, 0, NULL);
3334 3334
3335 conn->sec_level = BT_SECURITY_LOW; 3335 conn->sec_level = BT_SECURITY_LOW;
3336 conn->handle = __le16_to_cpu(ev->handle); 3336 conn->handle = __le16_to_cpu(ev->handle);
3337 conn->state = BT_CONNECTED; 3337 conn->state = BT_CONNECTED;
3338 3338
3339 hci_conn_hold_device(conn); 3339 hci_conn_hold_device(conn);
3340 hci_conn_add_sysfs(conn); 3340 hci_conn_add_sysfs(conn);
3341 3341
3342 hci_proto_connect_cfm(conn, ev->status); 3342 hci_proto_connect_cfm(conn, ev->status);
3343 3343
3344 unlock: 3344 unlock:
3345 hci_dev_unlock(hdev); 3345 hci_dev_unlock(hdev);
3346 } 3346 }
3347 3347
3348 static inline void hci_le_adv_report_evt(struct hci_dev *hdev, 3348 static inline void hci_le_adv_report_evt(struct hci_dev *hdev,
3349 struct sk_buff *skb) 3349 struct sk_buff *skb)
3350 { 3350 {
3351 u8 num_reports = skb->data[0]; 3351 u8 num_reports = skb->data[0];
3352 void *ptr = &skb->data[1]; 3352 void *ptr = &skb->data[1];
3353 s8 rssi; 3353 s8 rssi;
3354 3354
3355 hci_dev_lock(hdev); 3355 hci_dev_lock(hdev);
3356 3356
3357 while (num_reports--) { 3357 while (num_reports--) {
3358 struct hci_ev_le_advertising_info *ev = ptr; 3358 struct hci_ev_le_advertising_info *ev = ptr;
3359 3359
3360 rssi = ev->data[ev->length]; 3360 rssi = ev->data[ev->length];
3361 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type, 3361 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
3362 NULL, rssi, 0, 1, ev->data, ev->length); 3362 NULL, rssi, 0, 1, ev->data, ev->length);
3363 3363
3364 ptr += sizeof(*ev) + ev->length + 1; 3364 ptr += sizeof(*ev) + ev->length + 1;
3365 } 3365 }
3366 3366
3367 hci_dev_unlock(hdev); 3367 hci_dev_unlock(hdev);
3368 } 3368 }
3369 3369
3370 static inline void hci_le_ltk_request_evt(struct hci_dev *hdev, 3370 static inline void hci_le_ltk_request_evt(struct hci_dev *hdev,
3371 struct sk_buff *skb) 3371 struct sk_buff *skb)
3372 { 3372 {
3373 struct hci_ev_le_ltk_req *ev = (void *) skb->data; 3373 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3374 struct hci_cp_le_ltk_reply cp; 3374 struct hci_cp_le_ltk_reply cp;
3375 struct hci_cp_le_ltk_neg_reply neg; 3375 struct hci_cp_le_ltk_neg_reply neg;
3376 struct hci_conn *conn; 3376 struct hci_conn *conn;
3377 struct smp_ltk *ltk; 3377 struct smp_ltk *ltk;
3378 3378
3379 BT_DBG("%s handle %d", hdev->name, __le16_to_cpu(ev->handle)); 3379 BT_DBG("%s handle %d", hdev->name, __le16_to_cpu(ev->handle));
3380 3380
3381 hci_dev_lock(hdev); 3381 hci_dev_lock(hdev);
3382 3382
3383 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 3383 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3384 if (conn == NULL) 3384 if (conn == NULL)
3385 goto not_found; 3385 goto not_found;
3386 3386
3387 ltk = hci_find_ltk(hdev, ev->ediv, ev->random); 3387 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3388 if (ltk == NULL) 3388 if (ltk == NULL)
3389 goto not_found; 3389 goto not_found;
3390 3390
3391 memcpy(cp.ltk, ltk->val, sizeof(ltk->val)); 3391 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
3392 cp.handle = cpu_to_le16(conn->handle); 3392 cp.handle = cpu_to_le16(conn->handle);
3393 3393
3394 if (ltk->authenticated) 3394 if (ltk->authenticated)
3395 conn->sec_level = BT_SECURITY_HIGH; 3395 conn->sec_level = BT_SECURITY_HIGH;
3396 3396
3397 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp); 3397 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3398 3398
3399 if (ltk->type & HCI_SMP_STK) { 3399 if (ltk->type & HCI_SMP_STK) {
3400 list_del(&ltk->list); 3400 list_del(&ltk->list);
3401 kfree(ltk); 3401 kfree(ltk);
3402 } 3402 }
3403 3403
3404 hci_dev_unlock(hdev); 3404 hci_dev_unlock(hdev);
3405 3405
3406 return; 3406 return;
3407 3407
3408 not_found: 3408 not_found:
3409 neg.handle = ev->handle; 3409 neg.handle = ev->handle;
3410 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg); 3410 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3411 hci_dev_unlock(hdev); 3411 hci_dev_unlock(hdev);
3412 } 3412 }
3413 3413
3414 static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb) 3414 static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
3415 { 3415 {
3416 struct hci_ev_le_meta *le_ev = (void *) skb->data; 3416 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3417 3417
3418 skb_pull(skb, sizeof(*le_ev)); 3418 skb_pull(skb, sizeof(*le_ev));
3419 3419
3420 switch (le_ev->subevent) { 3420 switch (le_ev->subevent) {
3421 case HCI_EV_LE_CONN_COMPLETE: 3421 case HCI_EV_LE_CONN_COMPLETE:
3422 hci_le_conn_complete_evt(hdev, skb); 3422 hci_le_conn_complete_evt(hdev, skb);
3423 break; 3423 break;
3424 3424
3425 case HCI_EV_LE_ADVERTISING_REPORT: 3425 case HCI_EV_LE_ADVERTISING_REPORT:
3426 hci_le_adv_report_evt(hdev, skb); 3426 hci_le_adv_report_evt(hdev, skb);
3427 break; 3427 break;
3428 3428
3429 case HCI_EV_LE_LTK_REQ: 3429 case HCI_EV_LE_LTK_REQ:
3430 hci_le_ltk_request_evt(hdev, skb); 3430 hci_le_ltk_request_evt(hdev, skb);
3431 break; 3431 break;
3432 3432
3433 default: 3433 default:
3434 break; 3434 break;
3435 } 3435 }
3436 } 3436 }
3437 3437
3438 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb) 3438 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3439 { 3439 {
3440 struct hci_event_hdr *hdr = (void *) skb->data; 3440 struct hci_event_hdr *hdr = (void *) skb->data;
3441 __u8 event = hdr->evt; 3441 __u8 event = hdr->evt;
3442 3442
3443 skb_pull(skb, HCI_EVENT_HDR_SIZE); 3443 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3444 3444
3445 switch (event) { 3445 switch (event) {
3446 case HCI_EV_INQUIRY_COMPLETE: 3446 case HCI_EV_INQUIRY_COMPLETE:
3447 hci_inquiry_complete_evt(hdev, skb); 3447 hci_inquiry_complete_evt(hdev, skb);
3448 break; 3448 break;
3449 3449
3450 case HCI_EV_INQUIRY_RESULT: 3450 case HCI_EV_INQUIRY_RESULT:
3451 hci_inquiry_result_evt(hdev, skb); 3451 hci_inquiry_result_evt(hdev, skb);
3452 break; 3452 break;
3453 3453
3454 case HCI_EV_CONN_COMPLETE: 3454 case HCI_EV_CONN_COMPLETE:
3455 hci_conn_complete_evt(hdev, skb); 3455 hci_conn_complete_evt(hdev, skb);
3456 break; 3456 break;
3457 3457
3458 case HCI_EV_CONN_REQUEST: 3458 case HCI_EV_CONN_REQUEST:
3459 hci_conn_request_evt(hdev, skb); 3459 hci_conn_request_evt(hdev, skb);
3460 break; 3460 break;
3461 3461
3462 case HCI_EV_DISCONN_COMPLETE: 3462 case HCI_EV_DISCONN_COMPLETE:
3463 hci_disconn_complete_evt(hdev, skb); 3463 hci_disconn_complete_evt(hdev, skb);
3464 break; 3464 break;
3465 3465
3466 case HCI_EV_AUTH_COMPLETE: 3466 case HCI_EV_AUTH_COMPLETE:
3467 hci_auth_complete_evt(hdev, skb); 3467 hci_auth_complete_evt(hdev, skb);
3468 break; 3468 break;
3469 3469
3470 case HCI_EV_REMOTE_NAME: 3470 case HCI_EV_REMOTE_NAME:
3471 hci_remote_name_evt(hdev, skb); 3471 hci_remote_name_evt(hdev, skb);
3472 break; 3472 break;
3473 3473
3474 case HCI_EV_ENCRYPT_CHANGE: 3474 case HCI_EV_ENCRYPT_CHANGE:
3475 hci_encrypt_change_evt(hdev, skb); 3475 hci_encrypt_change_evt(hdev, skb);
3476 break; 3476 break;
3477 3477
3478 case HCI_EV_CHANGE_LINK_KEY_COMPLETE: 3478 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3479 hci_change_link_key_complete_evt(hdev, skb); 3479 hci_change_link_key_complete_evt(hdev, skb);
3480 break; 3480 break;
3481 3481
3482 case HCI_EV_REMOTE_FEATURES: 3482 case HCI_EV_REMOTE_FEATURES:
3483 hci_remote_features_evt(hdev, skb); 3483 hci_remote_features_evt(hdev, skb);
3484 break; 3484 break;
3485 3485
3486 case HCI_EV_REMOTE_VERSION: 3486 case HCI_EV_REMOTE_VERSION:
3487 hci_remote_version_evt(hdev, skb); 3487 hci_remote_version_evt(hdev, skb);
3488 break; 3488 break;
3489 3489
3490 case HCI_EV_QOS_SETUP_COMPLETE: 3490 case HCI_EV_QOS_SETUP_COMPLETE:
3491 hci_qos_setup_complete_evt(hdev, skb); 3491 hci_qos_setup_complete_evt(hdev, skb);
3492 break; 3492 break;
3493 3493
3494 case HCI_EV_CMD_COMPLETE: 3494 case HCI_EV_CMD_COMPLETE:
3495 hci_cmd_complete_evt(hdev, skb); 3495 hci_cmd_complete_evt(hdev, skb);
3496 break; 3496 break;
3497 3497
3498 case HCI_EV_CMD_STATUS: 3498 case HCI_EV_CMD_STATUS:
3499 hci_cmd_status_evt(hdev, skb); 3499 hci_cmd_status_evt(hdev, skb);
3500 break; 3500 break;
3501 3501
3502 case HCI_EV_ROLE_CHANGE: 3502 case HCI_EV_ROLE_CHANGE:
3503 hci_role_change_evt(hdev, skb); 3503 hci_role_change_evt(hdev, skb);
3504 break; 3504 break;
3505 3505
3506 case HCI_EV_NUM_COMP_PKTS: 3506 case HCI_EV_NUM_COMP_PKTS:
3507 hci_num_comp_pkts_evt(hdev, skb); 3507 hci_num_comp_pkts_evt(hdev, skb);
3508 break; 3508 break;
3509 3509
3510 case HCI_EV_MODE_CHANGE: 3510 case HCI_EV_MODE_CHANGE:
3511 hci_mode_change_evt(hdev, skb); 3511 hci_mode_change_evt(hdev, skb);
3512 break; 3512 break;
3513 3513
3514 case HCI_EV_PIN_CODE_REQ: 3514 case HCI_EV_PIN_CODE_REQ:
3515 hci_pin_code_request_evt(hdev, skb); 3515 hci_pin_code_request_evt(hdev, skb);
3516 break; 3516 break;
3517 3517
3518 case HCI_EV_LINK_KEY_REQ: 3518 case HCI_EV_LINK_KEY_REQ:
3519 hci_link_key_request_evt(hdev, skb); 3519 hci_link_key_request_evt(hdev, skb);
3520 break; 3520 break;
3521 3521
3522 case HCI_EV_LINK_KEY_NOTIFY: 3522 case HCI_EV_LINK_KEY_NOTIFY:
3523 hci_link_key_notify_evt(hdev, skb); 3523 hci_link_key_notify_evt(hdev, skb);
3524 break; 3524 break;
3525 3525
3526 case HCI_EV_CLOCK_OFFSET: 3526 case HCI_EV_CLOCK_OFFSET:
3527 hci_clock_offset_evt(hdev, skb); 3527 hci_clock_offset_evt(hdev, skb);
3528 break; 3528 break;
3529 3529
3530 case HCI_EV_PKT_TYPE_CHANGE: 3530 case HCI_EV_PKT_TYPE_CHANGE:
3531 hci_pkt_type_change_evt(hdev, skb); 3531 hci_pkt_type_change_evt(hdev, skb);
3532 break; 3532 break;
3533 3533
3534 case HCI_EV_PSCAN_REP_MODE: 3534 case HCI_EV_PSCAN_REP_MODE:
3535 hci_pscan_rep_mode_evt(hdev, skb); 3535 hci_pscan_rep_mode_evt(hdev, skb);
3536 break; 3536 break;
3537 3537
3538 case HCI_EV_INQUIRY_RESULT_WITH_RSSI: 3538 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3539 hci_inquiry_result_with_rssi_evt(hdev, skb); 3539 hci_inquiry_result_with_rssi_evt(hdev, skb);
3540 break; 3540 break;
3541 3541
3542 case HCI_EV_REMOTE_EXT_FEATURES: 3542 case HCI_EV_REMOTE_EXT_FEATURES:
3543 hci_remote_ext_features_evt(hdev, skb); 3543 hci_remote_ext_features_evt(hdev, skb);
3544 break; 3544 break;
3545 3545
3546 case HCI_EV_SYNC_CONN_COMPLETE: 3546 case HCI_EV_SYNC_CONN_COMPLETE:
3547 hci_sync_conn_complete_evt(hdev, skb); 3547 hci_sync_conn_complete_evt(hdev, skb);
3548 break; 3548 break;
3549 3549
3550 case HCI_EV_SYNC_CONN_CHANGED: 3550 case HCI_EV_SYNC_CONN_CHANGED:
3551 hci_sync_conn_changed_evt(hdev, skb); 3551 hci_sync_conn_changed_evt(hdev, skb);
3552 break; 3552 break;
3553 3553
3554 case HCI_EV_SNIFF_SUBRATE: 3554 case HCI_EV_SNIFF_SUBRATE:
3555 hci_sniff_subrate_evt(hdev, skb); 3555 hci_sniff_subrate_evt(hdev, skb);
3556 break; 3556 break;
3557 3557
3558 case HCI_EV_EXTENDED_INQUIRY_RESULT: 3558 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3559 hci_extended_inquiry_result_evt(hdev, skb); 3559 hci_extended_inquiry_result_evt(hdev, skb);
3560 break; 3560 break;
3561 3561
3562 case HCI_EV_IO_CAPA_REQUEST: 3562 case HCI_EV_IO_CAPA_REQUEST:
3563 hci_io_capa_request_evt(hdev, skb); 3563 hci_io_capa_request_evt(hdev, skb);
3564 break; 3564 break;
3565 3565
3566 case HCI_EV_IO_CAPA_REPLY: 3566 case HCI_EV_IO_CAPA_REPLY:
3567 hci_io_capa_reply_evt(hdev, skb); 3567 hci_io_capa_reply_evt(hdev, skb);
3568 break; 3568 break;
3569 3569
3570 case HCI_EV_USER_CONFIRM_REQUEST: 3570 case HCI_EV_USER_CONFIRM_REQUEST:
3571 hci_user_confirm_request_evt(hdev, skb); 3571 hci_user_confirm_request_evt(hdev, skb);
3572 break; 3572 break;
3573 3573
3574 case HCI_EV_USER_PASSKEY_REQUEST: 3574 case HCI_EV_USER_PASSKEY_REQUEST:
3575 hci_user_passkey_request_evt(hdev, skb); 3575 hci_user_passkey_request_evt(hdev, skb);
3576 break; 3576 break;
3577 3577
3578 case HCI_EV_SIMPLE_PAIR_COMPLETE: 3578 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3579 hci_simple_pair_complete_evt(hdev, skb); 3579 hci_simple_pair_complete_evt(hdev, skb);
3580 break; 3580 break;
3581 3581
3582 case HCI_EV_REMOTE_HOST_FEATURES: 3582 case HCI_EV_REMOTE_HOST_FEATURES:
3583 hci_remote_host_features_evt(hdev, skb); 3583 hci_remote_host_features_evt(hdev, skb);
3584 break; 3584 break;
3585 3585
3586 case HCI_EV_LE_META: 3586 case HCI_EV_LE_META:
3587 hci_le_meta_evt(hdev, skb); 3587 hci_le_meta_evt(hdev, skb);
3588 break; 3588 break;
3589 3589
3590 case HCI_EV_REMOTE_OOB_DATA_REQUEST: 3590 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3591 hci_remote_oob_data_request_evt(hdev, skb); 3591 hci_remote_oob_data_request_evt(hdev, skb);
3592 break; 3592 break;
3593 3593
3594 case HCI_EV_NUM_COMP_BLOCKS: 3594 case HCI_EV_NUM_COMP_BLOCKS:
3595 hci_num_comp_blocks_evt(hdev, skb); 3595 hci_num_comp_blocks_evt(hdev, skb);
3596 break; 3596 break;
3597 3597
3598 default: 3598 default:
3599 BT_DBG("%s event 0x%x", hdev->name, event); 3599 BT_DBG("%s event 0x%x", hdev->name, event);
3600 break; 3600 break;
3601 } 3601 }
3602 3602
3603 kfree_skb(skb); 3603 kfree_skb(skb);
3604 hdev->stat.evt_rx++; 3604 hdev->stat.evt_rx++;
3605 } 3605 }
3606 3606