net/bluetooth/hci_core.c

1da177e4SLinus Torvalds/*
1da177e4SLinus Torvalds   BlueZ - Bluetooth protocol stack for Linux
1da177e4SLinus Torvalds   Copyright (C) 2000-2001 Qualcomm Incorporated
590051deSGustavo F. Padovan   Copyright (C) 2011 ProFUSION Embedded Systems
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds   Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds   This program is free software; you can redistribute it and/or modify
1da177e4SLinus Torvalds   it under the terms of the GNU General Public License version 2 as
1da177e4SLinus Torvalds   published by the Free Software Foundation;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
1da177e4SLinus Torvalds   OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
1da177e4SLinus Torvalds   FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
1da177e4SLinus Torvalds   IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
1da177e4SLinus Torvalds   CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
1da177e4SLinus Torvalds   WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
1da177e4SLinus Torvalds   ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4SLinus Torvalds   OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds   ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
1da177e4SLinus Torvalds   COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4SLinus Torvalds   SOFTWARE IS DISCLAIMED.
1da177e4SLinus Torvalds*/
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds/* Bluetooth HCI core. */
1da177e4SLinus Torvalds
8c520a59SGustavo Padovan#include <linux/export.h>
3df92b31SSasha Levin#include <linux/idr.h>
611b30f7SMarcel Holtmann#include <linux/rfkill.h>
baf27f6eSMarcel Holtmann#include <linux/debugfs.h>
99780a7bSJohan Hedberg#include <linux/crypto.h>
47219839SMarcel Holtmann#include <asm/unaligned.h>
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds#include <net/bluetooth/bluetooth.h>
1da177e4SLinus Torvalds#include <net/bluetooth/hci_core.h>
4bc58f51SJohan Hedberg#include <net/bluetooth/l2cap.h>
af58925cSMarcel Holtmann#include <net/bluetooth/mgmt.h>
1da177e4SLinus Torvalds
0857dd3bSJohan Hedberg#include "hci_request.h"
60c5f5fbSMarcel Holtmann#include "hci_debugfs.h"
970c4e46SJohan Hedberg#include "smp.h"
970c4e46SJohan Hedberg
b78752ccSMarcel Holtmannstatic void hci_rx_work(struct work_struct *work);
c347b765SGustavo F. Padovanstatic void hci_cmd_work(struct work_struct *work);
3eff45eaSGustavo F. Padovanstatic void hci_tx_work(struct work_struct *work);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds/* HCI device list */
1da177e4SLinus TorvaldsLIST_HEAD(hci_dev_list);
1da177e4SLinus TorvaldsDEFINE_RWLOCK(hci_dev_list_lock);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds/* HCI callback list */
1da177e4SLinus TorvaldsLIST_HEAD(hci_cb_list);
fba7ecf0SJohan HedbergDEFINE_MUTEX(hci_cb_list_lock);
1da177e4SLinus Torvalds
3df92b31SSasha Levin/* HCI ID Numbering */
3df92b31SSasha Levinstatic DEFINE_IDA(hci_index_ida);
3df92b31SSasha Levin
899de765SMarcel Holtmann/* ----- HCI requests ----- */
899de765SMarcel Holtmann
899de765SMarcel Holtmann#define HCI_REQ_DONE	  0
899de765SMarcel Holtmann#define HCI_REQ_PEND	  1
899de765SMarcel Holtmann#define HCI_REQ_CANCELED  2
899de765SMarcel Holtmann
899de765SMarcel Holtmann#define hci_req_lock(d)		mutex_lock(&d->req_lock)
899de765SMarcel Holtmann#define hci_req_unlock(d)	mutex_unlock(&d->req_lock)
899de765SMarcel Holtmann
1da177e4SLinus Torvalds/* ---- HCI notifications ---- */
1da177e4SLinus Torvalds
6516455dSMarcel Holtmannstatic void hci_notify(struct hci_dev *hdev, int event)
1da177e4SLinus Torvalds{
040030efSMarcel Holtmann	hci_sock_dev_event(hdev, event);
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
baf27f6eSMarcel Holtmann/* ---- HCI debugfs entries ---- */
baf27f6eSMarcel Holtmann
4b4148e9SMarcel Holtmannstatic ssize_t dut_mode_read(struct file *file, char __user *user_buf,
4b4148e9SMarcel Holtmann			     size_t count, loff_t *ppos)
4b4148e9SMarcel Holtmann{
4b4148e9SMarcel Holtmann	struct hci_dev *hdev = file->private_data;
4b4148e9SMarcel Holtmann	char buf[3];
4b4148e9SMarcel Holtmann
b7cb93e5SMarcel Holtmann	buf[0] = hci_dev_test_flag(hdev, HCI_DUT_MODE) ? 'Y': 'N';
4b4148e9SMarcel Holtmann	buf[1] = '\n';
4b4148e9SMarcel Holtmann	buf[2] = '\0';
4b4148e9SMarcel Holtmann	return simple_read_from_buffer(user_buf, count, ppos, buf, 2);
4b4148e9SMarcel Holtmann}
4b4148e9SMarcel Holtmann
4b4148e9SMarcel Holtmannstatic ssize_t dut_mode_write(struct file *file, const char __user *user_buf,
4b4148e9SMarcel Holtmann			      size_t count, loff_t *ppos)
4b4148e9SMarcel Holtmann{
4b4148e9SMarcel Holtmann	struct hci_dev *hdev = file->private_data;
4b4148e9SMarcel Holtmann	struct sk_buff *skb;
4b4148e9SMarcel Holtmann	char buf[32];
4b4148e9SMarcel Holtmann	size_t buf_size = min(count, (sizeof(buf)-1));
4b4148e9SMarcel Holtmann	bool enable;
4b4148e9SMarcel Holtmann
4b4148e9SMarcel Holtmann	if (!test_bit(HCI_UP, &hdev->flags))
4b4148e9SMarcel Holtmann		return -ENETDOWN;
4b4148e9SMarcel Holtmann
4b4148e9SMarcel Holtmann	if (copy_from_user(buf, user_buf, buf_size))
4b4148e9SMarcel Holtmann		return -EFAULT;
4b4148e9SMarcel Holtmann
4b4148e9SMarcel Holtmann	buf[buf_size] = '\0';
4b4148e9SMarcel Holtmann	if (strtobool(buf, &enable))
4b4148e9SMarcel Holtmann		return -EINVAL;
4b4148e9SMarcel Holtmann
b7cb93e5SMarcel Holtmann	if (enable == hci_dev_test_flag(hdev, HCI_DUT_MODE))
4b4148e9SMarcel Holtmann		return -EALREADY;
4b4148e9SMarcel Holtmann
4b4148e9SMarcel Holtmann	hci_req_lock(hdev);
4b4148e9SMarcel Holtmann	if (enable)
4b4148e9SMarcel Holtmann		skb = __hci_cmd_sync(hdev, HCI_OP_ENABLE_DUT_MODE, 0, NULL,
4b4148e9SMarcel Holtmann				     HCI_CMD_TIMEOUT);
4b4148e9SMarcel Holtmann	else
4b4148e9SMarcel Holtmann		skb = __hci_cmd_sync(hdev, HCI_OP_RESET, 0, NULL,
4b4148e9SMarcel Holtmann				     HCI_CMD_TIMEOUT);
4b4148e9SMarcel Holtmann	hci_req_unlock(hdev);
4b4148e9SMarcel Holtmann
4b4148e9SMarcel Holtmann	if (IS_ERR(skb))
4b4148e9SMarcel Holtmann		return PTR_ERR(skb);
4b4148e9SMarcel Holtmann
4b4148e9SMarcel Holtmann	kfree_skb(skb);
4b4148e9SMarcel Holtmann
b7cb93e5SMarcel Holtmann	hci_dev_change_flag(hdev, HCI_DUT_MODE);
4b4148e9SMarcel Holtmann
4b4148e9SMarcel Holtmann	return count;
4b4148e9SMarcel Holtmann}
4b4148e9SMarcel Holtmann
4b4148e9SMarcel Holtmannstatic const struct file_operations dut_mode_fops = {
4b4148e9SMarcel Holtmann	.open		= simple_open,
4b4148e9SMarcel Holtmann	.read		= dut_mode_read,
4b4148e9SMarcel Holtmann	.write		= dut_mode_write,
4b4148e9SMarcel Holtmann	.llseek		= default_llseek,
4b4148e9SMarcel Holtmann};
4b4148e9SMarcel Holtmann
4b4113d6SMarcel Holtmannstatic ssize_t vendor_diag_read(struct file *file, char __user *user_buf,
4b4113d6SMarcel Holtmann				size_t count, loff_t *ppos)
4b4113d6SMarcel Holtmann{
4b4113d6SMarcel Holtmann	struct hci_dev *hdev = file->private_data;
4b4113d6SMarcel Holtmann	char buf[3];
4b4113d6SMarcel Holtmann
4b4113d6SMarcel Holtmann	buf[0] = hci_dev_test_flag(hdev, HCI_VENDOR_DIAG) ? 'Y': 'N';
4b4113d6SMarcel Holtmann	buf[1] = '\n';
4b4113d6SMarcel Holtmann	buf[2] = '\0';
4b4113d6SMarcel Holtmann	return simple_read_from_buffer(user_buf, count, ppos, buf, 2);
4b4113d6SMarcel Holtmann}
4b4113d6SMarcel Holtmann
4b4113d6SMarcel Holtmannstatic ssize_t vendor_diag_write(struct file *file, const char __user *user_buf,
4b4113d6SMarcel Holtmann				 size_t count, loff_t *ppos)
4b4113d6SMarcel Holtmann{
4b4113d6SMarcel Holtmann	struct hci_dev *hdev = file->private_data;
4b4113d6SMarcel Holtmann	char buf[32];
4b4113d6SMarcel Holtmann	size_t buf_size = min(count, (sizeof(buf)-1));
4b4113d6SMarcel Holtmann	bool enable;
4b4113d6SMarcel Holtmann	int err;
4b4113d6SMarcel Holtmann
4b4113d6SMarcel Holtmann	if (copy_from_user(buf, user_buf, buf_size))
4b4113d6SMarcel Holtmann		return -EFAULT;
4b4113d6SMarcel Holtmann
4b4113d6SMarcel Holtmann	buf[buf_size] = '\0';
4b4113d6SMarcel Holtmann	if (strtobool(buf, &enable))
4b4113d6SMarcel Holtmann		return -EINVAL;
4b4113d6SMarcel Holtmann
7e995b9eSMarcel Holtmann	/* When the diagnostic flags are not persistent and the transport
7e995b9eSMarcel Holtmann	 * is not active, then there is no need for the vendor callback.
7e995b9eSMarcel Holtmann	 *
7e995b9eSMarcel Holtmann	 * Instead just store the desired value. If needed the setting
7e995b9eSMarcel Holtmann	 * will be programmed when the controller gets powered on.
7e995b9eSMarcel Holtmann	 */
7e995b9eSMarcel Holtmann	if (test_bit(HCI_QUIRK_NON_PERSISTENT_DIAG, &hdev->quirks) &&
7e995b9eSMarcel Holtmann	    !test_bit(HCI_RUNNING, &hdev->flags))
7e995b9eSMarcel Holtmann		goto done;
7e995b9eSMarcel Holtmann
4b4113d6SMarcel Holtmann	hci_req_lock(hdev);
4b4113d6SMarcel Holtmann	err = hdev->set_diag(hdev, enable);
4b4113d6SMarcel Holtmann	hci_req_unlock(hdev);
4b4113d6SMarcel Holtmann
4b4113d6SMarcel Holtmann	if (err < 0)
4b4113d6SMarcel Holtmann		return err;
4b4113d6SMarcel Holtmann
7e995b9eSMarcel Holtmanndone:
4b4113d6SMarcel Holtmann	if (enable)
4b4113d6SMarcel Holtmann		hci_dev_set_flag(hdev, HCI_VENDOR_DIAG);
4b4113d6SMarcel Holtmann	else
4b4113d6SMarcel Holtmann		hci_dev_clear_flag(hdev, HCI_VENDOR_DIAG);
4b4113d6SMarcel Holtmann
4b4113d6SMarcel Holtmann	return count;
4b4113d6SMarcel Holtmann}
4b4113d6SMarcel Holtmann
4b4113d6SMarcel Holtmannstatic const struct file_operations vendor_diag_fops = {
4b4113d6SMarcel Holtmann	.open		= simple_open,
4b4113d6SMarcel Holtmann	.read		= vendor_diag_read,
4b4113d6SMarcel Holtmann	.write		= vendor_diag_write,
4b4113d6SMarcel Holtmann	.llseek		= default_llseek,
4b4113d6SMarcel Holtmann};
4b4113d6SMarcel Holtmann
f640ee98SMarcel Holtmannstatic void hci_debugfs_create_basic(struct hci_dev *hdev)
f640ee98SMarcel Holtmann{
f640ee98SMarcel Holtmann	debugfs_create_file("dut_mode", 0644, hdev->debugfs, hdev,
f640ee98SMarcel Holtmann			    &dut_mode_fops);
f640ee98SMarcel Holtmann
f640ee98SMarcel Holtmann	if (hdev->set_diag)
f640ee98SMarcel Holtmann		debugfs_create_file("vendor_diag", 0644, hdev->debugfs, hdev,
f640ee98SMarcel Holtmann				    &vendor_diag_fops);
f640ee98SMarcel Holtmann}
f640ee98SMarcel Holtmann
1da177e4SLinus Torvalds/* ---- HCI requests ---- */
1da177e4SLinus Torvalds
f60cb305SJohan Hedbergstatic void hci_req_sync_complete(struct hci_dev *hdev, u8 result, u16 opcode,
f60cb305SJohan Hedberg				  struct sk_buff *skb)
1da177e4SLinus Torvalds{
42c6b129SJohan Hedberg	BT_DBG("%s result 0x%2.2x", hdev->name, result);
75fb0e32SJohan Hedberg
1da177e4SLinus Torvalds	if (hdev->req_status == HCI_REQ_PEND) {
1da177e4SLinus Torvalds		hdev->req_result = result;
1da177e4SLinus Torvalds		hdev->req_status = HCI_REQ_DONE;
f60cb305SJohan Hedberg		if (skb)
f60cb305SJohan Hedberg			hdev->req_skb = skb_get(skb);
1da177e4SLinus Torvalds		wake_up_interruptible(&hdev->req_wait_q);
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
1da177e4SLinus Torvaldsstatic void hci_req_cancel(struct hci_dev *hdev, int err)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	BT_DBG("%s err 0x%2.2x", hdev->name, err);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	if (hdev->req_status == HCI_REQ_PEND) {
1da177e4SLinus Torvalds		hdev->req_result = err;
1da177e4SLinus Torvalds		hdev->req_status = HCI_REQ_CANCELED;
1da177e4SLinus Torvalds		wake_up_interruptible(&hdev->req_wait_q);
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
7b1abbbeSJohan Hedbergstruct sk_buff *__hci_cmd_sync_ev(struct hci_dev *hdev, u16 opcode, u32 plen,
07dc93ddSJohan Hedberg				  const void *param, u8 event, u32 timeout)
75e84b7cSJohan Hedberg{
75e84b7cSJohan Hedberg	DECLARE_WAITQUEUE(wait, current);
75e84b7cSJohan Hedberg	struct hci_request req;
f60cb305SJohan Hedberg	struct sk_buff *skb;
75e84b7cSJohan Hedberg	int err = 0;
75e84b7cSJohan Hedberg
75e84b7cSJohan Hedberg	BT_DBG("%s", hdev->name);
75e84b7cSJohan Hedberg
75e84b7cSJohan Hedberg	hci_req_init(&req, hdev);
75e84b7cSJohan Hedberg
7b1abbbeSJohan Hedberg	hci_req_add_ev(&req, opcode, plen, param, event);
75e84b7cSJohan Hedberg
75e84b7cSJohan Hedberg	hdev->req_status = HCI_REQ_PEND;
75e84b7cSJohan Hedberg
75e84b7cSJohan Hedberg	add_wait_queue(&hdev->req_wait_q, &wait);
75e84b7cSJohan Hedberg	set_current_state(TASK_INTERRUPTIBLE);
75e84b7cSJohan Hedberg
f60cb305SJohan Hedberg	err = hci_req_run_skb(&req, hci_req_sync_complete);
039fada5SChan-yeol Park	if (err < 0) {
039fada5SChan-yeol Park		remove_wait_queue(&hdev->req_wait_q, &wait);
22a3ceabSJohan Hedberg		set_current_state(TASK_RUNNING);
039fada5SChan-yeol Park		return ERR_PTR(err);
039fada5SChan-yeol Park	}
039fada5SChan-yeol Park
75e84b7cSJohan Hedberg	schedule_timeout(timeout);
75e84b7cSJohan Hedberg
75e84b7cSJohan Hedberg	remove_wait_queue(&hdev->req_wait_q, &wait);
75e84b7cSJohan Hedberg
75e84b7cSJohan Hedberg	if (signal_pending(current))
75e84b7cSJohan Hedberg		return ERR_PTR(-EINTR);
75e84b7cSJohan Hedberg
75e84b7cSJohan Hedberg	switch (hdev->req_status) {
75e84b7cSJohan Hedberg	case HCI_REQ_DONE:
75e84b7cSJohan Hedberg		err = -bt_to_errno(hdev->req_result);
75e84b7cSJohan Hedberg		break;
75e84b7cSJohan Hedberg
75e84b7cSJohan Hedberg	case HCI_REQ_CANCELED:
75e84b7cSJohan Hedberg		err = -hdev->req_result;
75e84b7cSJohan Hedberg		break;
75e84b7cSJohan Hedberg
75e84b7cSJohan Hedberg	default:
75e84b7cSJohan Hedberg		err = -ETIMEDOUT;
75e84b7cSJohan Hedberg		break;
75e84b7cSJohan Hedberg	}
75e84b7cSJohan Hedberg
75e84b7cSJohan Hedberg	hdev->req_status = hdev->req_result = 0;
f60cb305SJohan Hedberg	skb = hdev->req_skb;
f60cb305SJohan Hedberg	hdev->req_skb = NULL;
75e84b7cSJohan Hedberg
75e84b7cSJohan Hedberg	BT_DBG("%s end: err %d", hdev->name, err);
75e84b7cSJohan Hedberg
f60cb305SJohan Hedberg	if (err < 0) {
f60cb305SJohan Hedberg		kfree_skb(skb);
75e84b7cSJohan Hedberg		return ERR_PTR(err);
f60cb305SJohan Hedberg	}
75e84b7cSJohan Hedberg
757aa0b5SJohan Hedberg	if (!skb)
757aa0b5SJohan Hedberg		return ERR_PTR(-ENODATA);
757aa0b5SJohan Hedberg
757aa0b5SJohan Hedberg	return skb;
7b1abbbeSJohan Hedberg}
7b1abbbeSJohan HedbergEXPORT_SYMBOL(__hci_cmd_sync_ev);
7b1abbbeSJohan Hedberg
7b1abbbeSJohan Hedbergstruct sk_buff *__hci_cmd_sync(struct hci_dev *hdev, u16 opcode, u32 plen,
07dc93ddSJohan Hedberg			       const void *param, u32 timeout)
7b1abbbeSJohan Hedberg{
7b1abbbeSJohan Hedberg	return __hci_cmd_sync_ev(hdev, opcode, plen, param, 0, timeout);
75e84b7cSJohan Hedberg}
75e84b7cSJohan HedbergEXPORT_SYMBOL(__hci_cmd_sync);
75e84b7cSJohan Hedberg
1da177e4SLinus Torvalds/* Execute request and wait for completion. */
01178cd4SJohan Hedbergstatic int __hci_req_sync(struct hci_dev *hdev,
42c6b129SJohan Hedberg			  void (*func)(struct hci_request *req,
42c6b129SJohan Hedberg				      unsigned long opt),
1da177e4SLinus Torvalds			  unsigned long opt, __u32 timeout)
1da177e4SLinus Torvalds{
42c6b129SJohan Hedberg	struct hci_request req;
1da177e4SLinus Torvalds	DECLARE_WAITQUEUE(wait, current);
1da177e4SLinus Torvalds	int err = 0;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	BT_DBG("%s start", hdev->name);
1da177e4SLinus Torvalds
42c6b129SJohan Hedberg	hci_req_init(&req, hdev);
42c6b129SJohan Hedberg
1da177e4SLinus Torvalds	hdev->req_status = HCI_REQ_PEND;
1da177e4SLinus Torvalds
42c6b129SJohan Hedberg	func(&req, opt);
53cce22dSJohan Hedberg
039fada5SChan-yeol Park	add_wait_queue(&hdev->req_wait_q, &wait);
039fada5SChan-yeol Park	set_current_state(TASK_INTERRUPTIBLE);
039fada5SChan-yeol Park
f60cb305SJohan Hedberg	err = hci_req_run_skb(&req, hci_req_sync_complete);
42c6b129SJohan Hedberg	if (err < 0) {
53cce22dSJohan Hedberg		hdev->req_status = 0;
920c8300SAndre Guedes
039fada5SChan-yeol Park		remove_wait_queue(&hdev->req_wait_q, &wait);
22a3ceabSJohan Hedberg		set_current_state(TASK_RUNNING);
039fada5SChan-yeol Park
920c8300SAndre Guedes		/* ENODATA means the HCI request command queue is empty.
920c8300SAndre Guedes		 * This can happen when a request with conditionals doesn't
920c8300SAndre Guedes		 * trigger any commands to be sent. This is normal behavior
920c8300SAndre Guedes		 * and should not trigger an error return.
42c6b129SJohan Hedberg		 */
920c8300SAndre Guedes		if (err == -ENODATA)
42c6b129SJohan Hedberg			return 0;
920c8300SAndre Guedes
920c8300SAndre Guedes		return err;
53cce22dSJohan Hedberg	}
53cce22dSJohan Hedberg
1da177e4SLinus Torvalds	schedule_timeout(timeout);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	remove_wait_queue(&hdev->req_wait_q, &wait);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	if (signal_pending(current))
1da177e4SLinus Torvalds		return -EINTR;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	switch (hdev->req_status) {
1da177e4SLinus Torvalds	case HCI_REQ_DONE:
e175072fSJoe Perches		err = -bt_to_errno(hdev->req_result);
1da177e4SLinus Torvalds		break;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	case HCI_REQ_CANCELED:
1da177e4SLinus Torvalds		err = -hdev->req_result;
1da177e4SLinus Torvalds		break;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	default:
1da177e4SLinus Torvalds		err = -ETIMEDOUT;
1da177e4SLinus Torvalds		break;
3ff50b79SStephen Hemminger	}
1da177e4SLinus Torvalds
a5040efaSJohan Hedberg	hdev->req_status = hdev->req_result = 0;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	BT_DBG("%s end: err %d", hdev->name, err);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	return err;
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
01178cd4SJohan Hedbergstatic int hci_req_sync(struct hci_dev *hdev,
42c6b129SJohan Hedberg			void (*req)(struct hci_request *req,
42c6b129SJohan Hedberg				    unsigned long opt),
1da177e4SLinus Torvalds			unsigned long opt, __u32 timeout)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	int ret;
1da177e4SLinus Torvalds
7c6a329eSMarcel Holtmann	if (!test_bit(HCI_UP, &hdev->flags))
7c6a329eSMarcel Holtmann		return -ENETDOWN;
7c6a329eSMarcel Holtmann
1da177e4SLinus Torvalds	/* Serialize all requests */
1da177e4SLinus Torvalds	hci_req_lock(hdev);
01178cd4SJohan Hedberg	ret = __hci_req_sync(hdev, req, opt, timeout);
1da177e4SLinus Torvalds	hci_req_unlock(hdev);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	return ret;
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
42c6b129SJohan Hedbergstatic void hci_reset_req(struct hci_request *req, unsigned long opt)
1da177e4SLinus Torvalds{
42c6b129SJohan Hedberg	BT_DBG("%s %ld", req->hdev->name, opt);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	/* Reset device */
42c6b129SJohan Hedberg	set_bit(HCI_RESET, &req->hdev->flags);
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_RESET, 0, NULL);
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
42c6b129SJohan Hedbergstatic void bredr_init(struct hci_request *req)
1da177e4SLinus Torvalds{
42c6b129SJohan Hedberg	req->hdev->flow_ctl_mode = HCI_FLOW_CTL_MODE_PACKET_BASED;
2455a3eaSAndrei Emeltchenko
1da177e4SLinus Torvalds	/* Read Local Supported Features */
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_READ_LOCAL_FEATURES, 0, NULL);
1da177e4SLinus Torvalds
1143e5a6SMarcel Holtmann	/* Read Local Version */
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_READ_LOCAL_VERSION, 0, NULL);
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	/* Read BD Address */
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_READ_BD_ADDR, 0, NULL);
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
0af801b9SJohan Hedbergstatic void amp_init1(struct hci_request *req)
e61ef499SAndrei Emeltchenko{
42c6b129SJohan Hedberg	req->hdev->flow_ctl_mode = HCI_FLOW_CTL_MODE_BLOCK_BASED;
2455a3eaSAndrei Emeltchenko
e61ef499SAndrei Emeltchenko	/* Read Local Version */
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_READ_LOCAL_VERSION, 0, NULL);
6bcbc489SAndrei Emeltchenko
f6996cfeSMarcel Holtmann	/* Read Local Supported Commands */
f6996cfeSMarcel Holtmann	hci_req_add(req, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
f6996cfeSMarcel Holtmann
6bcbc489SAndrei Emeltchenko	/* Read Local AMP Info */
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_READ_LOCAL_AMP_INFO, 0, NULL);
e71dfabaSAndrei Emeltchenko
e71dfabaSAndrei Emeltchenko	/* Read Data Blk size */
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_READ_DATA_BLOCK_SIZE, 0, NULL);
7528ca1cSMarcel Holtmann
f38ba941SMarcel Holtmann	/* Read Flow Control Mode */
f38ba941SMarcel Holtmann	hci_req_add(req, HCI_OP_READ_FLOW_CONTROL_MODE, 0, NULL);
f38ba941SMarcel Holtmann
7528ca1cSMarcel Holtmann	/* Read Location Data */
7528ca1cSMarcel Holtmann	hci_req_add(req, HCI_OP_READ_LOCATION_DATA, 0, NULL);
e61ef499SAndrei Emeltchenko}
e61ef499SAndrei Emeltchenko
0af801b9SJohan Hedbergstatic void amp_init2(struct hci_request *req)
0af801b9SJohan Hedberg{
0af801b9SJohan Hedberg	/* Read Local Supported Features. Not all AMP controllers
0af801b9SJohan Hedberg	 * support this so it's placed conditionally in the second
0af801b9SJohan Hedberg	 * stage init.
0af801b9SJohan Hedberg	 */
0af801b9SJohan Hedberg	if (req->hdev->commands[14] & 0x20)
0af801b9SJohan Hedberg		hci_req_add(req, HCI_OP_READ_LOCAL_FEATURES, 0, NULL);
0af801b9SJohan Hedberg}
0af801b9SJohan Hedberg
42c6b129SJohan Hedbergstatic void hci_init1_req(struct hci_request *req, unsigned long opt)
e61ef499SAndrei Emeltchenko{
42c6b129SJohan Hedberg	struct hci_dev *hdev = req->hdev;
e61ef499SAndrei Emeltchenko
e61ef499SAndrei Emeltchenko	BT_DBG("%s %ld", hdev->name, opt);
e61ef499SAndrei Emeltchenko
11778716SAndrei Emeltchenko	/* Reset */
11778716SAndrei Emeltchenko	if (!test_bit(HCI_QUIRK_RESET_ON_CLOSE, &hdev->quirks))
42c6b129SJohan Hedberg		hci_reset_req(req, 0);
11778716SAndrei Emeltchenko
e61ef499SAndrei Emeltchenko	switch (hdev->dev_type) {
e61ef499SAndrei Emeltchenko	case HCI_BREDR:
42c6b129SJohan Hedberg		bredr_init(req);
e61ef499SAndrei Emeltchenko		break;
e61ef499SAndrei Emeltchenko
e61ef499SAndrei Emeltchenko	case HCI_AMP:
0af801b9SJohan Hedberg		amp_init1(req);
e61ef499SAndrei Emeltchenko		break;
e61ef499SAndrei Emeltchenko
e61ef499SAndrei Emeltchenko	default:
e61ef499SAndrei Emeltchenko		BT_ERR("Unknown device type %d", hdev->dev_type);
e61ef499SAndrei Emeltchenko		break;
e61ef499SAndrei Emeltchenko	}
e61ef499SAndrei Emeltchenko}
e61ef499SAndrei Emeltchenko
42c6b129SJohan Hedbergstatic void bredr_setup(struct hci_request *req)
2177bab5SJohan Hedberg{
2177bab5SJohan Hedberg	__le16 param;
2177bab5SJohan Hedberg	__u8 flt_type;
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	/* Read Buffer Size (ACL mtu, max pkt, etc.) */
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_READ_BUFFER_SIZE, 0, NULL);
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	/* Read Class of Device */
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_READ_CLASS_OF_DEV, 0, NULL);
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	/* Read Local Name */
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_READ_LOCAL_NAME, 0, NULL);
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	/* Read Voice Setting */
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_READ_VOICE_SETTING, 0, NULL);
2177bab5SJohan Hedberg
b4cb9fb2SMarcel Holtmann	/* Read Number of Supported IAC */
b4cb9fb2SMarcel Holtmann	hci_req_add(req, HCI_OP_READ_NUM_SUPPORTED_IAC, 0, NULL);
b4cb9fb2SMarcel Holtmann
4b836f39SMarcel Holtmann	/* Read Current IAC LAP */
4b836f39SMarcel Holtmann	hci_req_add(req, HCI_OP_READ_CURRENT_IAC_LAP, 0, NULL);
4b836f39SMarcel Holtmann
2177bab5SJohan Hedberg	/* Clear Event Filters */
2177bab5SJohan Hedberg	flt_type = HCI_FLT_CLEAR_ALL;
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_SET_EVENT_FLT, 1, &flt_type);
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	/* Connection accept timeout ~20 secs */
dcf4adbfSJoe Perches	param = cpu_to_le16(0x7d00);
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_WRITE_CA_TIMEOUT, 2, &param);
2177bab5SJohan Hedberg}
2177bab5SJohan Hedberg
42c6b129SJohan Hedbergstatic void le_setup(struct hci_request *req)
2177bab5SJohan Hedberg{
c73eee91SJohan Hedberg	struct hci_dev *hdev = req->hdev;
c73eee91SJohan Hedberg
2177bab5SJohan Hedberg	/* Read LE Buffer Size */
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_LE_READ_BUFFER_SIZE, 0, NULL);
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	/* Read LE Local Supported Features */
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_LE_READ_LOCAL_FEATURES, 0, NULL);
2177bab5SJohan Hedberg
747d3f03SMarcel Holtmann	/* Read LE Supported States */
747d3f03SMarcel Holtmann	hci_req_add(req, HCI_OP_LE_READ_SUPPORTED_STATES, 0, NULL);
747d3f03SMarcel Holtmann
2177bab5SJohan Hedberg	/* Read LE White List Size */
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_LE_READ_WHITE_LIST_SIZE, 0, NULL);
2177bab5SJohan Hedberg
747d3f03SMarcel Holtmann	/* Clear LE White List */
747d3f03SMarcel Holtmann	hci_req_add(req, HCI_OP_LE_CLEAR_WHITE_LIST, 0, NULL);
c73eee91SJohan Hedberg
c73eee91SJohan Hedberg	/* LE-only controllers have LE implicitly enabled */
c73eee91SJohan Hedberg	if (!lmp_bredr_capable(hdev))
a1536da2SMarcel Holtmann		hci_dev_set_flag(hdev, HCI_LE_ENABLED);
2177bab5SJohan Hedberg}
2177bab5SJohan Hedberg
42c6b129SJohan Hedbergstatic void hci_setup_event_mask(struct hci_request *req)
2177bab5SJohan Hedberg{
42c6b129SJohan Hedberg	struct hci_dev *hdev = req->hdev;
42c6b129SJohan Hedberg
2177bab5SJohan Hedberg	/* The second byte is 0xff instead of 0x9f (two reserved bits
2177bab5SJohan Hedberg	 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
2177bab5SJohan Hedberg	 * command otherwise.
2177bab5SJohan Hedberg	 */
2177bab5SJohan Hedberg	u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	/* CSR 1.1 dongles does not accept any bitfield so don't try to set
2177bab5SJohan Hedberg	 * any event mask for pre 1.2 devices.
2177bab5SJohan Hedberg	 */
2177bab5SJohan Hedberg	if (hdev->hci_ver < BLUETOOTH_VER_1_2)
2177bab5SJohan Hedberg		return;
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	if (lmp_bredr_capable(hdev)) {
2177bab5SJohan Hedberg		events[4] |= 0x01; /* Flow Specification Complete */
2177bab5SJohan Hedberg		events[4] |= 0x02; /* Inquiry Result with RSSI */
2177bab5SJohan Hedberg		events[4] |= 0x04; /* Read Remote Extended Features Complete */
2177bab5SJohan Hedberg		events[5] |= 0x08; /* Synchronous Connection Complete */
2177bab5SJohan Hedberg		events[5] |= 0x10; /* Synchronous Connection Changed */
c7882cbdSMarcel Holtmann	} else {
c7882cbdSMarcel Holtmann		/* Use a different default for LE-only devices */
c7882cbdSMarcel Holtmann		memset(events, 0, sizeof(events));
c7882cbdSMarcel Holtmann		events[0] |= 0x10; /* Disconnection Complete */
c7882cbdSMarcel Holtmann		events[1] |= 0x08; /* Read Remote Version Information Complete */
c7882cbdSMarcel Holtmann		events[1] |= 0x20; /* Command Complete */
c7882cbdSMarcel Holtmann		events[1] |= 0x40; /* Command Status */
c7882cbdSMarcel Holtmann		events[1] |= 0x80; /* Hardware Error */
c7882cbdSMarcel Holtmann		events[2] |= 0x04; /* Number of Completed Packets */
c7882cbdSMarcel Holtmann		events[3] |= 0x02; /* Data Buffer Overflow */
0da71f1bSMarcel Holtmann
0da71f1bSMarcel Holtmann		if (hdev->le_features[0] & HCI_LE_ENCRYPTION) {
0da71f1bSMarcel Holtmann			events[0] |= 0x80; /* Encryption Change */
c7882cbdSMarcel Holtmann			events[5] |= 0x80; /* Encryption Key Refresh Complete */
2177bab5SJohan Hedberg		}
0da71f1bSMarcel Holtmann	}
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	if (lmp_inq_rssi_capable(hdev))
2177bab5SJohan Hedberg		events[4] |= 0x02; /* Inquiry Result with RSSI */
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	if (lmp_sniffsubr_capable(hdev))
2177bab5SJohan Hedberg		events[5] |= 0x20; /* Sniff Subrating */
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	if (lmp_pause_enc_capable(hdev))
2177bab5SJohan Hedberg		events[5] |= 0x80; /* Encryption Key Refresh Complete */
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	if (lmp_ext_inq_capable(hdev))
2177bab5SJohan Hedberg		events[5] |= 0x40; /* Extended Inquiry Result */
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	if (lmp_no_flush_capable(hdev))
2177bab5SJohan Hedberg		events[7] |= 0x01; /* Enhanced Flush Complete */
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	if (lmp_lsto_capable(hdev))
2177bab5SJohan Hedberg		events[6] |= 0x80; /* Link Supervision Timeout Changed */
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	if (lmp_ssp_capable(hdev)) {
2177bab5SJohan Hedberg		events[6] |= 0x01;	/* IO Capability Request */
2177bab5SJohan Hedberg		events[6] |= 0x02;	/* IO Capability Response */
2177bab5SJohan Hedberg		events[6] |= 0x04;	/* User Confirmation Request */
2177bab5SJohan Hedberg		events[6] |= 0x08;	/* User Passkey Request */
2177bab5SJohan Hedberg		events[6] |= 0x10;	/* Remote OOB Data Request */
2177bab5SJohan Hedberg		events[6] |= 0x20;	/* Simple Pairing Complete */
2177bab5SJohan Hedberg		events[7] |= 0x04;	/* User Passkey Notification */
2177bab5SJohan Hedberg		events[7] |= 0x08;	/* Keypress Notification */
2177bab5SJohan Hedberg		events[7] |= 0x10;	/* Remote Host Supported
2177bab5SJohan Hedberg					 * Features Notification
2177bab5SJohan Hedberg					 */
2177bab5SJohan Hedberg	}
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	if (lmp_le_capable(hdev))
2177bab5SJohan Hedberg		events[7] |= 0x20;	/* LE Meta-Event */
2177bab5SJohan Hedberg
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
2177bab5SJohan Hedberg}
2177bab5SJohan Hedberg
42c6b129SJohan Hedbergstatic void hci_init2_req(struct hci_request *req, unsigned long opt)
2177bab5SJohan Hedberg{
42c6b129SJohan Hedberg	struct hci_dev *hdev = req->hdev;
42c6b129SJohan Hedberg
0af801b9SJohan Hedberg	if (hdev->dev_type == HCI_AMP)
0af801b9SJohan Hedberg		return amp_init2(req);
0af801b9SJohan Hedberg
2177bab5SJohan Hedberg	if (lmp_bredr_capable(hdev))
42c6b129SJohan Hedberg		bredr_setup(req);
56f87901SJohan Hedberg	else
a358dc11SMarcel Holtmann		hci_dev_clear_flag(hdev, HCI_BREDR_ENABLED);
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	if (lmp_le_capable(hdev))
42c6b129SJohan Hedberg		le_setup(req);
2177bab5SJohan Hedberg
0f3adeaeSMarcel Holtmann	/* All Bluetooth 1.2 and later controllers should support the
0f3adeaeSMarcel Holtmann	 * HCI command for reading the local supported commands.
0f3adeaeSMarcel Holtmann	 *
0f3adeaeSMarcel Holtmann	 * Unfortunately some controllers indicate Bluetooth 1.2 support,
0f3adeaeSMarcel Holtmann	 * but do not have support for this command. If that is the case,
0f3adeaeSMarcel Holtmann	 * the driver can quirk the behavior and skip reading the local
0f3adeaeSMarcel Holtmann	 * supported commands.
3f8e2d75SJohan Hedberg	 */
0f3adeaeSMarcel Holtmann	if (hdev->hci_ver > BLUETOOTH_VER_1_1 &&
0f3adeaeSMarcel Holtmann	    !test_bit(HCI_QUIRK_BROKEN_LOCAL_COMMANDS, &hdev->quirks))
42c6b129SJohan Hedberg		hci_req_add(req, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	if (lmp_ssp_capable(hdev)) {
57af75a8SMarcel Holtmann		/* When SSP is available, then the host features page
57af75a8SMarcel Holtmann		 * should also be available as well. However some
57af75a8SMarcel Holtmann		 * controllers list the max_page as 0 as long as SSP
57af75a8SMarcel Holtmann		 * has not been enabled. To achieve proper debugging
57af75a8SMarcel Holtmann		 * output, force the minimum max_page to 1 at least.
57af75a8SMarcel Holtmann		 */
57af75a8SMarcel Holtmann		hdev->max_page = 0x01;
57af75a8SMarcel Holtmann
d7a5a11dSMarcel Holtmann		if (hci_dev_test_flag(hdev, HCI_SSP_ENABLED)) {
2177bab5SJohan Hedberg			u8 mode = 0x01;
574ea3c7SMarcel Holtmann
42c6b129SJohan Hedberg			hci_req_add(req, HCI_OP_WRITE_SSP_MODE,
2177bab5SJohan Hedberg				    sizeof(mode), &mode);
2177bab5SJohan Hedberg		} else {
2177bab5SJohan Hedberg			struct hci_cp_write_eir cp;
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg			memset(hdev->eir, 0, sizeof(hdev->eir));
2177bab5SJohan Hedberg			memset(&cp, 0, sizeof(cp));
2177bab5SJohan Hedberg
42c6b129SJohan Hedberg			hci_req_add(req, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
2177bab5SJohan Hedberg		}
2177bab5SJohan Hedberg	}
2177bab5SJohan Hedberg
043ec9bfSMarcel Holtmann	if (lmp_inq_rssi_capable(hdev) ||
043ec9bfSMarcel Holtmann	    test_bit(HCI_QUIRK_FIXUP_INQUIRY_MODE, &hdev->quirks)) {
04422da9SMarcel Holtmann		u8 mode;
04422da9SMarcel Holtmann
04422da9SMarcel Holtmann		/* If Extended Inquiry Result events are supported, then
04422da9SMarcel Holtmann		 * they are clearly preferred over Inquiry Result with RSSI
04422da9SMarcel Holtmann		 * events.
04422da9SMarcel Holtmann		 */
04422da9SMarcel Holtmann		mode = lmp_ext_inq_capable(hdev) ? 0x02 : 0x01;
04422da9SMarcel Holtmann
04422da9SMarcel Holtmann		hci_req_add(req, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
04422da9SMarcel Holtmann	}
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	if (lmp_inq_tx_pwr_capable(hdev))
42c6b129SJohan Hedberg		hci_req_add(req, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	if (lmp_ext_feat_capable(hdev)) {
2177bab5SJohan Hedberg		struct hci_cp_read_local_ext_features cp;
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg		cp.page = 0x01;
42c6b129SJohan Hedberg		hci_req_add(req, HCI_OP_READ_LOCAL_EXT_FEATURES,
42c6b129SJohan Hedberg			    sizeof(cp), &cp);
2177bab5SJohan Hedberg	}
2177bab5SJohan Hedberg
d7a5a11dSMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_LINK_SECURITY)) {
2177bab5SJohan Hedberg		u8 enable = 1;
42c6b129SJohan Hedberg		hci_req_add(req, HCI_OP_WRITE_AUTH_ENABLE, sizeof(enable),
2177bab5SJohan Hedberg			    &enable);
2177bab5SJohan Hedberg	}
2177bab5SJohan Hedberg}
2177bab5SJohan Hedberg
42c6b129SJohan Hedbergstatic void hci_setup_link_policy(struct hci_request *req)
2177bab5SJohan Hedberg{
42c6b129SJohan Hedberg	struct hci_dev *hdev = req->hdev;
2177bab5SJohan Hedberg	struct hci_cp_write_def_link_policy cp;
2177bab5SJohan Hedberg	u16 link_policy = 0;
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	if (lmp_rswitch_capable(hdev))
2177bab5SJohan Hedberg		link_policy |= HCI_LP_RSWITCH;
2177bab5SJohan Hedberg	if (lmp_hold_capable(hdev))
2177bab5SJohan Hedberg		link_policy |= HCI_LP_HOLD;
2177bab5SJohan Hedberg	if (lmp_sniff_capable(hdev))
2177bab5SJohan Hedberg		link_policy |= HCI_LP_SNIFF;
2177bab5SJohan Hedberg	if (lmp_park_capable(hdev))
2177bab5SJohan Hedberg		link_policy |= HCI_LP_PARK;
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	cp.policy = cpu_to_le16(link_policy);
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_WRITE_DEF_LINK_POLICY, sizeof(cp), &cp);
2177bab5SJohan Hedberg}
2177bab5SJohan Hedberg
42c6b129SJohan Hedbergstatic void hci_set_le_support(struct hci_request *req)
2177bab5SJohan Hedberg{
42c6b129SJohan Hedberg	struct hci_dev *hdev = req->hdev;
2177bab5SJohan Hedberg	struct hci_cp_write_le_host_supported cp;
2177bab5SJohan Hedberg
c73eee91SJohan Hedberg	/* LE-only devices do not support explicit enablement */
c73eee91SJohan Hedberg	if (!lmp_bredr_capable(hdev))
c73eee91SJohan Hedberg		return;
c73eee91SJohan Hedberg
2177bab5SJohan Hedberg	memset(&cp, 0, sizeof(cp));
2177bab5SJohan Hedberg
d7a5a11dSMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_LE_ENABLED)) {
2177bab5SJohan Hedberg		cp.le = 0x01;
32226e4fSMarcel Holtmann		cp.simul = 0x00;
2177bab5SJohan Hedberg	}
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	if (cp.le != lmp_host_le_capable(hdev))
42c6b129SJohan Hedberg		hci_req_add(req, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp),
2177bab5SJohan Hedberg			    &cp);
2177bab5SJohan Hedberg}
2177bab5SJohan Hedberg
d62e6d67SJohan Hedbergstatic void hci_set_event_mask_page_2(struct hci_request *req)
d62e6d67SJohan Hedberg{
d62e6d67SJohan Hedberg	struct hci_dev *hdev = req->hdev;
d62e6d67SJohan Hedberg	u8 events[8] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
d62e6d67SJohan Hedberg
d62e6d67SJohan Hedberg	/* If Connectionless Slave Broadcast master role is supported
d62e6d67SJohan Hedberg	 * enable all necessary events for it.
d62e6d67SJohan Hedberg	 */
53b834d2SMarcel Holtmann	if (lmp_csb_master_capable(hdev)) {
d62e6d67SJohan Hedberg		events[1] |= 0x40;	/* Triggered Clock Capture */
d62e6d67SJohan Hedberg		events[1] |= 0x80;	/* Synchronization Train Complete */
d62e6d67SJohan Hedberg		events[2] |= 0x10;	/* Slave Page Response Timeout */
d62e6d67SJohan Hedberg		events[2] |= 0x20;	/* CSB Channel Map Change */
d62e6d67SJohan Hedberg	}
d62e6d67SJohan Hedberg
d62e6d67SJohan Hedberg	/* If Connectionless Slave Broadcast slave role is supported
d62e6d67SJohan Hedberg	 * enable all necessary events for it.
d62e6d67SJohan Hedberg	 */
53b834d2SMarcel Holtmann	if (lmp_csb_slave_capable(hdev)) {
d62e6d67SJohan Hedberg		events[2] |= 0x01;	/* Synchronization Train Received */
d62e6d67SJohan Hedberg		events[2] |= 0x02;	/* CSB Receive */
d62e6d67SJohan Hedberg		events[2] |= 0x04;	/* CSB Timeout */
d62e6d67SJohan Hedberg		events[2] |= 0x08;	/* Truncated Page Complete */
d62e6d67SJohan Hedberg	}
d62e6d67SJohan Hedberg
40c59fcbSMarcel Holtmann	/* Enable Authenticated Payload Timeout Expired event if supported */
cd7ca0ecSMarcel Holtmann	if (lmp_ping_capable(hdev) || hdev->le_features[0] & HCI_LE_PING)
40c59fcbSMarcel Holtmann		events[2] |= 0x80;
40c59fcbSMarcel Holtmann
d62e6d67SJohan Hedberg	hci_req_add(req, HCI_OP_SET_EVENT_MASK_PAGE_2, sizeof(events), events);
d62e6d67SJohan Hedberg}
d62e6d67SJohan Hedberg
42c6b129SJohan Hedbergstatic void hci_init3_req(struct hci_request *req, unsigned long opt)
2177bab5SJohan Hedberg{
42c6b129SJohan Hedberg	struct hci_dev *hdev = req->hdev;
d2c5d77fSJohan Hedberg	u8 p;
42c6b129SJohan Hedberg
0da71f1bSMarcel Holtmann	hci_setup_event_mask(req);
0da71f1bSMarcel Holtmann
e81be90bSJohan Hedberg	if (hdev->commands[6] & 0x20 &&
e81be90bSJohan Hedberg	    !test_bit(HCI_QUIRK_BROKEN_STORED_LINK_KEY, &hdev->quirks)) {
48ce62c4SMarcel Holtmann		struct hci_cp_read_stored_link_key cp;
48ce62c4SMarcel Holtmann
48ce62c4SMarcel Holtmann		bacpy(&cp.bdaddr, BDADDR_ANY);
48ce62c4SMarcel Holtmann		cp.read_all = 0x01;
48ce62c4SMarcel Holtmann		hci_req_add(req, HCI_OP_READ_STORED_LINK_KEY, sizeof(cp), &cp);
48ce62c4SMarcel Holtmann	}
48ce62c4SMarcel Holtmann
2177bab5SJohan Hedberg	if (hdev->commands[5] & 0x10)
42c6b129SJohan Hedberg		hci_setup_link_policy(req);
2177bab5SJohan Hedberg
417287deSMarcel Holtmann	if (hdev->commands[8] & 0x01)
417287deSMarcel Holtmann		hci_req_add(req, HCI_OP_READ_PAGE_SCAN_ACTIVITY, 0, NULL);
417287deSMarcel Holtmann
417287deSMarcel Holtmann	/* Some older Broadcom based Bluetooth 1.2 controllers do not
417287deSMarcel Holtmann	 * support the Read Page Scan Type command. Check support for
417287deSMarcel Holtmann	 * this command in the bit mask of supported commands.
417287deSMarcel Holtmann	 */
417287deSMarcel Holtmann	if (hdev->commands[13] & 0x01)
417287deSMarcel Holtmann		hci_req_add(req, HCI_OP_READ_PAGE_SCAN_TYPE, 0, NULL);
417287deSMarcel Holtmann
9193c6e8SAndre Guedes	if (lmp_le_capable(hdev)) {
9193c6e8SAndre Guedes		u8 events[8];
9193c6e8SAndre Guedes
9193c6e8SAndre Guedes		memset(events, 0, sizeof(events));
4d6c705bSMarcel Holtmann		events[0] = 0x0f;
4d6c705bSMarcel Holtmann
4d6c705bSMarcel Holtmann		if (hdev->le_features[0] & HCI_LE_ENCRYPTION)
4d6c705bSMarcel Holtmann			events[0] |= 0x10;	/* LE Long Term Key Request */
662bc2e6SAndre Guedes
662bc2e6SAndre Guedes		/* If controller supports the Connection Parameters Request
662bc2e6SAndre Guedes		 * Link Layer Procedure, enable the corresponding event.
662bc2e6SAndre Guedes		 */
662bc2e6SAndre Guedes		if (hdev->le_features[0] & HCI_LE_CONN_PARAM_REQ_PROC)
662bc2e6SAndre Guedes			events[0] |= 0x20;	/* LE Remote Connection
662bc2e6SAndre Guedes						 * Parameter Request
662bc2e6SAndre Guedes						 */
662bc2e6SAndre Guedes
a9f6068eSMarcel Holtmann		/* If the controller supports the Data Length Extension
a9f6068eSMarcel Holtmann		 * feature, enable the corresponding event.
a9f6068eSMarcel Holtmann		 */
a9f6068eSMarcel Holtmann		if (hdev->le_features[0] & HCI_LE_DATA_LEN_EXT)
a9f6068eSMarcel Holtmann			events[0] |= 0x40;	/* LE Data Length Change */
a9f6068eSMarcel Holtmann
4b71bba4SMarcel Holtmann		/* If the controller supports Extended Scanner Filter
4b71bba4SMarcel Holtmann		 * Policies, enable the correspondig event.
4b71bba4SMarcel Holtmann		 */
4b71bba4SMarcel Holtmann		if (hdev->le_features[0] & HCI_LE_EXT_SCAN_POLICY)
4b71bba4SMarcel Holtmann			events[1] |= 0x04;	/* LE Direct Advertising
4b71bba4SMarcel Holtmann						 * Report
4b71bba4SMarcel Holtmann						 */
4b71bba4SMarcel Holtmann
5a34bd5fSMarcel Holtmann		/* If the controller supports the LE Read Local P-256
5a34bd5fSMarcel Holtmann		 * Public Key command, enable the corresponding event.
5a34bd5fSMarcel Holtmann		 */
5a34bd5fSMarcel Holtmann		if (hdev->commands[34] & 0x02)
5a34bd5fSMarcel Holtmann			events[0] |= 0x80;	/* LE Read Local P-256
5a34bd5fSMarcel Holtmann						 * Public Key Complete
5a34bd5fSMarcel Holtmann						 */
5a34bd5fSMarcel Holtmann
5a34bd5fSMarcel Holtmann		/* If the controller supports the LE Generate DHKey
5a34bd5fSMarcel Holtmann		 * command, enable the corresponding event.
5a34bd5fSMarcel Holtmann		 */
5a34bd5fSMarcel Holtmann		if (hdev->commands[34] & 0x04)
5a34bd5fSMarcel Holtmann			events[1] |= 0x01;	/* LE Generate DHKey Complete */
5a34bd5fSMarcel Holtmann
9193c6e8SAndre Guedes		hci_req_add(req, HCI_OP_LE_SET_EVENT_MASK, sizeof(events),
9193c6e8SAndre Guedes			    events);
9193c6e8SAndre Guedes
15a49ccaSMarcel Holtmann		if (hdev->commands[25] & 0x40) {
15a49ccaSMarcel Holtmann			/* Read LE Advertising Channel TX Power */
15a49ccaSMarcel Holtmann			hci_req_add(req, HCI_OP_LE_READ_ADV_TX_POWER, 0, NULL);
15a49ccaSMarcel Holtmann		}
15a49ccaSMarcel Holtmann
a9f6068eSMarcel Holtmann		if (hdev->le_features[0] & HCI_LE_DATA_LEN_EXT) {
a9f6068eSMarcel Holtmann			/* Read LE Maximum Data Length */
a9f6068eSMarcel Holtmann			hci_req_add(req, HCI_OP_LE_READ_MAX_DATA_LEN, 0, NULL);
a9f6068eSMarcel Holtmann
a9f6068eSMarcel Holtmann			/* Read LE Suggested Default Data Length */
a9f6068eSMarcel Holtmann			hci_req_add(req, HCI_OP_LE_READ_DEF_DATA_LEN, 0, NULL);
a9f6068eSMarcel Holtmann		}
a9f6068eSMarcel Holtmann
42c6b129SJohan Hedberg		hci_set_le_support(req);
9193c6e8SAndre Guedes	}
d2c5d77fSJohan Hedberg
d2c5d77fSJohan Hedberg	/* Read features beyond page 1 if available */
d2c5d77fSJohan Hedberg	for (p = 2; p < HCI_MAX_PAGES && p <= hdev->max_page; p++) {
d2c5d77fSJohan Hedberg		struct hci_cp_read_local_ext_features cp;
d2c5d77fSJohan Hedberg
d2c5d77fSJohan Hedberg		cp.page = p;
d2c5d77fSJohan Hedberg		hci_req_add(req, HCI_OP_READ_LOCAL_EXT_FEATURES,
d2c5d77fSJohan Hedberg			    sizeof(cp), &cp);
d2c5d77fSJohan Hedberg	}
2177bab5SJohan Hedberg}
2177bab5SJohan Hedberg
5d4e7e8dSJohan Hedbergstatic void hci_init4_req(struct hci_request *req, unsigned long opt)
5d4e7e8dSJohan Hedberg{
5d4e7e8dSJohan Hedberg	struct hci_dev *hdev = req->hdev;
5d4e7e8dSJohan Hedberg
36f260ceSMarcel Holtmann	/* Some Broadcom based Bluetooth controllers do not support the
36f260ceSMarcel Holtmann	 * Delete Stored Link Key command. They are clearly indicating its
36f260ceSMarcel Holtmann	 * absence in the bit mask of supported commands.
36f260ceSMarcel Holtmann	 *
36f260ceSMarcel Holtmann	 * Check the supported commands and only if the the command is marked
36f260ceSMarcel Holtmann	 * as supported send it. If not supported assume that the controller
36f260ceSMarcel Holtmann	 * does not have actual support for stored link keys which makes this
36f260ceSMarcel Holtmann	 * command redundant anyway.
36f260ceSMarcel Holtmann	 *
36f260ceSMarcel Holtmann	 * Some controllers indicate that they support handling deleting
36f260ceSMarcel Holtmann	 * stored link keys, but they don't. The quirk lets a driver
36f260ceSMarcel Holtmann	 * just disable this command.
36f260ceSMarcel Holtmann	 */
36f260ceSMarcel Holtmann	if (hdev->commands[6] & 0x80 &&
36f260ceSMarcel Holtmann	    !test_bit(HCI_QUIRK_BROKEN_STORED_LINK_KEY, &hdev->quirks)) {
36f260ceSMarcel Holtmann		struct hci_cp_delete_stored_link_key cp;
36f260ceSMarcel Holtmann
36f260ceSMarcel Holtmann		bacpy(&cp.bdaddr, BDADDR_ANY);
36f260ceSMarcel Holtmann		cp.delete_all = 0x01;
36f260ceSMarcel Holtmann		hci_req_add(req, HCI_OP_DELETE_STORED_LINK_KEY,
36f260ceSMarcel Holtmann			    sizeof(cp), &cp);
36f260ceSMarcel Holtmann	}
36f260ceSMarcel Holtmann
d62e6d67SJohan Hedberg	/* Set event mask page 2 if the HCI command for it is supported */
d62e6d67SJohan Hedberg	if (hdev->commands[22] & 0x04)
d62e6d67SJohan Hedberg		hci_set_event_mask_page_2(req);
d62e6d67SJohan Hedberg
109e3191SMarcel Holtmann	/* Read local codec list if the HCI command is supported */
109e3191SMarcel Holtmann	if (hdev->commands[29] & 0x20)
109e3191SMarcel Holtmann		hci_req_add(req, HCI_OP_READ_LOCAL_CODECS, 0, NULL);
109e3191SMarcel Holtmann
f4fe73edSMarcel Holtmann	/* Get MWS transport configuration if the HCI command is supported */
f4fe73edSMarcel Holtmann	if (hdev->commands[30] & 0x08)
f4fe73edSMarcel Holtmann		hci_req_add(req, HCI_OP_GET_MWS_TRANSPORT_CONFIG, 0, NULL);
f4fe73edSMarcel Holtmann
5d4e7e8dSJohan Hedberg	/* Check for Synchronization Train support */
53b834d2SMarcel Holtmann	if (lmp_sync_train_capable(hdev))
5d4e7e8dSJohan Hedberg		hci_req_add(req, HCI_OP_READ_SYNC_TRAIN_PARAMS, 0, NULL);
a6d0d690SMarcel Holtmann
a6d0d690SMarcel Holtmann	/* Enable Secure Connections if supported and configured */
d7a5a11dSMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_SSP_ENABLED) &&
574ea3c7SMarcel Holtmann	    bredr_sc_enabled(hdev)) {
a6d0d690SMarcel Holtmann		u8 support = 0x01;
574ea3c7SMarcel Holtmann
a6d0d690SMarcel Holtmann		hci_req_add(req, HCI_OP_WRITE_SC_SUPPORT,
a6d0d690SMarcel Holtmann			    sizeof(support), &support);
a6d0d690SMarcel Holtmann	}
5d4e7e8dSJohan Hedberg}
5d4e7e8dSJohan Hedberg
2177bab5SJohan Hedbergstatic int __hci_init(struct hci_dev *hdev)
2177bab5SJohan Hedberg{
2177bab5SJohan Hedberg	int err;
2177bab5SJohan Hedberg
2177bab5SJohan Hedberg	err = __hci_req_sync(hdev, hci_init1_req, 0, HCI_INIT_TIMEOUT);
2177bab5SJohan Hedberg	if (err < 0)
2177bab5SJohan Hedberg		return err;
2177bab5SJohan Hedberg
f640ee98SMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_SETUP))
f640ee98SMarcel Holtmann		hci_debugfs_create_basic(hdev);
4b4148e9SMarcel Holtmann
2177bab5SJohan Hedberg	err = __hci_req_sync(hdev, hci_init2_req, 0, HCI_INIT_TIMEOUT);
2177bab5SJohan Hedberg	if (err < 0)
2177bab5SJohan Hedberg		return err;
2177bab5SJohan Hedberg
0af801b9SJohan Hedberg	/* HCI_BREDR covers both single-mode LE, BR/EDR and dual-mode
0af801b9SJohan Hedberg	 * BR/EDR/LE type controllers. AMP controllers only need the
0af801b9SJohan Hedberg	 * first two stages of init.
0af801b9SJohan Hedberg	 */
0af801b9SJohan Hedberg	if (hdev->dev_type != HCI_BREDR)
0af801b9SJohan Hedberg		return 0;
0af801b9SJohan Hedberg
5d4e7e8dSJohan Hedberg	err = __hci_req_sync(hdev, hci_init3_req, 0, HCI_INIT_TIMEOUT);
5d4e7e8dSJohan Hedberg	if (err < 0)
5d4e7e8dSJohan Hedberg		return err;
5d4e7e8dSJohan Hedberg
baf27f6eSMarcel Holtmann	err = __hci_req_sync(hdev, hci_init4_req, 0, HCI_INIT_TIMEOUT);
baf27f6eSMarcel Holtmann	if (err < 0)
baf27f6eSMarcel Holtmann		return err;
baf27f6eSMarcel Holtmann
ec6cef9cSMarcel Holtmann	/* This function is only called when the controller is actually in
ec6cef9cSMarcel Holtmann	 * configured state. When the controller is marked as unconfigured,
ec6cef9cSMarcel Holtmann	 * this initialization procedure is not run.
ec6cef9cSMarcel Holtmann	 *
ec6cef9cSMarcel Holtmann	 * It means that it is possible that a controller runs through its
ec6cef9cSMarcel Holtmann	 * setup phase and then discovers missing settings. If that is the
ec6cef9cSMarcel Holtmann	 * case, then this function will not be called. It then will only
ec6cef9cSMarcel Holtmann	 * be called during the config phase.
ec6cef9cSMarcel Holtmann	 *
ec6cef9cSMarcel Holtmann	 * So only when in setup phase or config phase, create the debugfs
ec6cef9cSMarcel Holtmann	 * entries and register the SMP channels.
baf27f6eSMarcel Holtmann	 */
d7a5a11dSMarcel Holtmann	if (!hci_dev_test_flag(hdev, HCI_SETUP) &&
d7a5a11dSMarcel Holtmann	    !hci_dev_test_flag(hdev, HCI_CONFIG))
baf27f6eSMarcel Holtmann		return 0;
baf27f6eSMarcel Holtmann
60c5f5fbSMarcel Holtmann	hci_debugfs_create_common(hdev);
60c5f5fbSMarcel Holtmann
71c3b60eSMarcel Holtmann	if (lmp_bredr_capable(hdev))
60c5f5fbSMarcel Holtmann		hci_debugfs_create_bredr(hdev);
2bfa3531SMarcel Holtmann
162a3bacSMarcel Holtmann	if (lmp_le_capable(hdev))
60c5f5fbSMarcel Holtmann		hci_debugfs_create_le(hdev);
e7b8fc92SMarcel Holtmann
baf27f6eSMarcel Holtmann	return 0;
2177bab5SJohan Hedberg}
2177bab5SJohan Hedberg
0ebca7d6SMarcel Holtmannstatic void hci_init0_req(struct hci_request *req, unsigned long opt)
0ebca7d6SMarcel Holtmann{
0ebca7d6SMarcel Holtmann	struct hci_dev *hdev = req->hdev;
0ebca7d6SMarcel Holtmann
0ebca7d6SMarcel Holtmann	BT_DBG("%s %ld", hdev->name, opt);
0ebca7d6SMarcel Holtmann
0ebca7d6SMarcel Holtmann	/* Reset */
0ebca7d6SMarcel Holtmann	if (!test_bit(HCI_QUIRK_RESET_ON_CLOSE, &hdev->quirks))
0ebca7d6SMarcel Holtmann		hci_reset_req(req, 0);
0ebca7d6SMarcel Holtmann
0ebca7d6SMarcel Holtmann	/* Read Local Version */
0ebca7d6SMarcel Holtmann	hci_req_add(req, HCI_OP_READ_LOCAL_VERSION, 0, NULL);
0ebca7d6SMarcel Holtmann
0ebca7d6SMarcel Holtmann	/* Read BD Address */
0ebca7d6SMarcel Holtmann	if (hdev->set_bdaddr)
0ebca7d6SMarcel Holtmann		hci_req_add(req, HCI_OP_READ_BD_ADDR, 0, NULL);
0ebca7d6SMarcel Holtmann}
0ebca7d6SMarcel Holtmann
0ebca7d6SMarcel Holtmannstatic int __hci_unconf_init(struct hci_dev *hdev)
0ebca7d6SMarcel Holtmann{
0ebca7d6SMarcel Holtmann	int err;
0ebca7d6SMarcel Holtmann
cc78b44bSMarcel Holtmann	if (test_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks))
cc78b44bSMarcel Holtmann		return 0;
cc78b44bSMarcel Holtmann
0ebca7d6SMarcel Holtmann	err = __hci_req_sync(hdev, hci_init0_req, 0, HCI_INIT_TIMEOUT);
0ebca7d6SMarcel Holtmann	if (err < 0)
0ebca7d6SMarcel Holtmann		return err;
0ebca7d6SMarcel Holtmann
f640ee98SMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_SETUP))
f640ee98SMarcel Holtmann		hci_debugfs_create_basic(hdev);
f640ee98SMarcel Holtmann
0ebca7d6SMarcel Holtmann	return 0;
0ebca7d6SMarcel Holtmann}
0ebca7d6SMarcel Holtmann
42c6b129SJohan Hedbergstatic void hci_scan_req(struct hci_request *req, unsigned long opt)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	__u8 scan = opt;
1da177e4SLinus Torvalds
42c6b129SJohan Hedberg	BT_DBG("%s %x", req->hdev->name, scan);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	/* Inquiry and Page scans */
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
42c6b129SJohan Hedbergstatic void hci_auth_req(struct hci_request *req, unsigned long opt)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	__u8 auth = opt;
1da177e4SLinus Torvalds
42c6b129SJohan Hedberg	BT_DBG("%s %x", req->hdev->name, auth);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	/* Authentication */
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_WRITE_AUTH_ENABLE, 1, &auth);
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
42c6b129SJohan Hedbergstatic void hci_encrypt_req(struct hci_request *req, unsigned long opt)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	__u8 encrypt = opt;
1da177e4SLinus Torvalds
42c6b129SJohan Hedberg	BT_DBG("%s %x", req->hdev->name, encrypt);
1da177e4SLinus Torvalds
e4e8e37cSMarcel Holtmann	/* Encryption */
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_WRITE_ENCRYPT_MODE, 1, &encrypt);
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
42c6b129SJohan Hedbergstatic void hci_linkpol_req(struct hci_request *req, unsigned long opt)
e4e8e37cSMarcel Holtmann{
e4e8e37cSMarcel Holtmann	__le16 policy = cpu_to_le16(opt);
e4e8e37cSMarcel Holtmann
42c6b129SJohan Hedberg	BT_DBG("%s %x", req->hdev->name, policy);
e4e8e37cSMarcel Holtmann
e4e8e37cSMarcel Holtmann	/* Default link policy */
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_WRITE_DEF_LINK_POLICY, 2, &policy);
e4e8e37cSMarcel Holtmann}
e4e8e37cSMarcel Holtmann
1da177e4SLinus Torvalds/* Get HCI device by index.
1da177e4SLinus Torvalds * Device is held on return. */
1da177e4SLinus Torvaldsstruct hci_dev *hci_dev_get(int index)
1da177e4SLinus Torvalds{
8035ded4SLuiz Augusto von Dentz	struct hci_dev *hdev = NULL, *d;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	BT_DBG("%d", index);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	if (index < 0)
1da177e4SLinus Torvalds		return NULL;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	read_lock(&hci_dev_list_lock);
8035ded4SLuiz Augusto von Dentz	list_for_each_entry(d, &hci_dev_list, list) {
1da177e4SLinus Torvalds		if (d->id == index) {
1da177e4SLinus Torvalds			hdev = hci_dev_hold(d);
1da177e4SLinus Torvalds			break;
1da177e4SLinus Torvalds		}
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds	read_unlock(&hci_dev_list_lock);
1da177e4SLinus Torvalds	return hdev;
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds/* ---- Inquiry support ---- */
ff9ef578SJohan Hedberg
30dc78e1SJohan Hedbergbool hci_discovery_active(struct hci_dev *hdev)
30dc78e1SJohan Hedberg{
30dc78e1SJohan Hedberg	struct discovery_state *discov = &hdev->discovery;
30dc78e1SJohan Hedberg
6fbe195dSAndre Guedes	switch (discov->state) {
343f935bSAndre Guedes	case DISCOVERY_FINDING:
6fbe195dSAndre Guedes	case DISCOVERY_RESOLVING:
30dc78e1SJohan Hedberg		return true;
30dc78e1SJohan Hedberg
6fbe195dSAndre Guedes	default:
30dc78e1SJohan Hedberg		return false;
30dc78e1SJohan Hedberg	}
6fbe195dSAndre Guedes}
30dc78e1SJohan Hedberg
ff9ef578SJohan Hedbergvoid hci_discovery_set_state(struct hci_dev *hdev, int state)
ff9ef578SJohan Hedberg{
bb3e0a33SJohan Hedberg	int old_state = hdev->discovery.state;
bb3e0a33SJohan Hedberg
ff9ef578SJohan Hedberg	BT_DBG("%s state %u -> %u", hdev->name, hdev->discovery.state, state);
ff9ef578SJohan Hedberg
bb3e0a33SJohan Hedberg	if (old_state == state)
ff9ef578SJohan Hedberg		return;
ff9ef578SJohan Hedberg
bb3e0a33SJohan Hedberg	hdev->discovery.state = state;
bb3e0a33SJohan Hedberg
ff9ef578SJohan Hedberg	switch (state) {
ff9ef578SJohan Hedberg	case DISCOVERY_STOPPED:
c54c3860SAndre Guedes		hci_update_background_scan(hdev);
c54c3860SAndre Guedes
bb3e0a33SJohan Hedberg		if (old_state != DISCOVERY_STARTING)
ff9ef578SJohan Hedberg			mgmt_discovering(hdev, 0);
ff9ef578SJohan Hedberg		break;
ff9ef578SJohan Hedberg	case DISCOVERY_STARTING:
ff9ef578SJohan Hedberg		break;
343f935bSAndre Guedes	case DISCOVERY_FINDING:
ff9ef578SJohan Hedberg		mgmt_discovering(hdev, 1);
ff9ef578SJohan Hedberg		break;
30dc78e1SJohan Hedberg	case DISCOVERY_RESOLVING:
30dc78e1SJohan Hedberg		break;
ff9ef578SJohan Hedberg	case DISCOVERY_STOPPING:
ff9ef578SJohan Hedberg		break;
ff9ef578SJohan Hedberg	}
ff9ef578SJohan Hedberg}
ff9ef578SJohan Hedberg
1f9b9a5dSAndre Guedesvoid hci_inquiry_cache_flush(struct hci_dev *hdev)
1da177e4SLinus Torvalds{
30883512SJohan Hedberg	struct discovery_state *cache = &hdev->discovery;
b57c1a56SJohan Hedberg	struct inquiry_entry *p, *n;
1da177e4SLinus Torvalds
561aafbcSJohan Hedberg	list_for_each_entry_safe(p, n, &cache->all, all) {
561aafbcSJohan Hedberg		list_del(&p->all);
b57c1a56SJohan Hedberg		kfree(p);
1da177e4SLinus Torvalds	}
561aafbcSJohan Hedberg
561aafbcSJohan Hedberg	INIT_LIST_HEAD(&cache->unknown);
561aafbcSJohan Hedberg	INIT_LIST_HEAD(&cache->resolve);
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
a8c5fb1aSGustavo Padovanstruct inquiry_entry *hci_inquiry_cache_lookup(struct hci_dev *hdev,
a8c5fb1aSGustavo Padovan					       bdaddr_t *bdaddr)
1da177e4SLinus Torvalds{
30883512SJohan Hedberg	struct discovery_state *cache = &hdev->discovery;
1da177e4SLinus Torvalds	struct inquiry_entry *e;
1da177e4SLinus Torvalds
6ed93dc6SAndrei Emeltchenko	BT_DBG("cache %p, %pMR", cache, bdaddr);
1da177e4SLinus Torvalds
561aafbcSJohan Hedberg	list_for_each_entry(e, &cache->all, all) {
1da177e4SLinus Torvalds		if (!bacmp(&e->data.bdaddr, bdaddr))
1da177e4SLinus Torvalds			return e;
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds
b57c1a56SJohan Hedberg	return NULL;
b57c1a56SJohan Hedberg}
b57c1a56SJohan Hedberg
561aafbcSJohan Hedbergstruct inquiry_entry *hci_inquiry_cache_lookup_unknown(struct hci_dev *hdev,
561aafbcSJohan Hedberg						       bdaddr_t *bdaddr)
561aafbcSJohan Hedberg{
30883512SJohan Hedberg	struct discovery_state *cache = &hdev->discovery;
561aafbcSJohan Hedberg	struct inquiry_entry *e;
561aafbcSJohan Hedberg
6ed93dc6SAndrei Emeltchenko	BT_DBG("cache %p, %pMR", cache, bdaddr);
561aafbcSJohan Hedberg
561aafbcSJohan Hedberg	list_for_each_entry(e, &cache->unknown, list) {
561aafbcSJohan Hedberg		if (!bacmp(&e->data.bdaddr, bdaddr))
561aafbcSJohan Hedberg			return e;
561aafbcSJohan Hedberg	}
561aafbcSJohan Hedberg
561aafbcSJohan Hedberg	return NULL;
561aafbcSJohan Hedberg}
561aafbcSJohan Hedberg
30dc78e1SJohan Hedbergstruct inquiry_entry *hci_inquiry_cache_lookup_resolve(struct hci_dev *hdev,
30dc78e1SJohan Hedberg						       bdaddr_t *bdaddr,
30dc78e1SJohan Hedberg						       int state)
30dc78e1SJohan Hedberg{
30dc78e1SJohan Hedberg	struct discovery_state *cache = &hdev->discovery;
30dc78e1SJohan Hedberg	struct inquiry_entry *e;
30dc78e1SJohan Hedberg
6ed93dc6SAndrei Emeltchenko	BT_DBG("cache %p bdaddr %pMR state %d", cache, bdaddr, state);
30dc78e1SJohan Hedberg
30dc78e1SJohan Hedberg	list_for_each_entry(e, &cache->resolve, list) {
30dc78e1SJohan Hedberg		if (!bacmp(bdaddr, BDADDR_ANY) && e->name_state == state)
30dc78e1SJohan Hedberg			return e;
30dc78e1SJohan Hedberg		if (!bacmp(&e->data.bdaddr, bdaddr))
30dc78e1SJohan Hedberg			return e;
30dc78e1SJohan Hedberg	}
30dc78e1SJohan Hedberg
30dc78e1SJohan Hedberg	return NULL;
30dc78e1SJohan Hedberg}
30dc78e1SJohan Hedberg
a3d4e20aSJohan Hedbergvoid hci_inquiry_cache_update_resolve(struct hci_dev *hdev,
a3d4e20aSJohan Hedberg				      struct inquiry_entry *ie)
a3d4e20aSJohan Hedberg{
a3d4e20aSJohan Hedberg	struct discovery_state *cache = &hdev->discovery;
a3d4e20aSJohan Hedberg	struct list_head *pos = &cache->resolve;
a3d4e20aSJohan Hedberg	struct inquiry_entry *p;
a3d4e20aSJohan Hedberg
a3d4e20aSJohan Hedberg	list_del(&ie->list);
a3d4e20aSJohan Hedberg
a3d4e20aSJohan Hedberg	list_for_each_entry(p, &cache->resolve, list) {
a3d4e20aSJohan Hedberg		if (p->name_state != NAME_PENDING &&
a3d4e20aSJohan Hedberg		    abs(p->data.rssi) >= abs(ie->data.rssi))
a3d4e20aSJohan Hedberg			break;
a3d4e20aSJohan Hedberg		pos = &p->list;
a3d4e20aSJohan Hedberg	}
a3d4e20aSJohan Hedberg
a3d4e20aSJohan Hedberg	list_add(&ie->list, pos);
a3d4e20aSJohan Hedberg}
a3d4e20aSJohan Hedberg
af58925cSMarcel Holtmannu32 hci_inquiry_cache_update(struct hci_dev *hdev, struct inquiry_data *data,
af58925cSMarcel Holtmann			     bool name_known)
1da177e4SLinus Torvalds{
30883512SJohan Hedberg	struct discovery_state *cache = &hdev->discovery;
70f23020SAndrei Emeltchenko	struct inquiry_entry *ie;
af58925cSMarcel Holtmann	u32 flags = 0;
1da177e4SLinus Torvalds
6ed93dc6SAndrei Emeltchenko	BT_DBG("cache %p, %pMR", cache, &data->bdaddr);
1da177e4SLinus Torvalds
6928a924SJohan Hedberg	hci_remove_remote_oob_data(hdev, &data->bdaddr, BDADDR_BREDR);
2b2fec4dSSzymon Janc
af58925cSMarcel Holtmann	if (!data->ssp_mode)
af58925cSMarcel Holtmann		flags |= MGMT_DEV_FOUND_LEGACY_PAIRING;
388fc8faSJohan Hedberg
70f23020SAndrei Emeltchenko	ie = hci_inquiry_cache_lookup(hdev, &data->bdaddr);
a3d4e20aSJohan Hedberg	if (ie) {
af58925cSMarcel Holtmann		if (!ie->data.ssp_mode)
af58925cSMarcel Holtmann			flags |= MGMT_DEV_FOUND_LEGACY_PAIRING;
388fc8faSJohan Hedberg
a3d4e20aSJohan Hedberg		if (ie->name_state == NAME_NEEDED &&
a3d4e20aSJohan Hedberg		    data->rssi != ie->data.rssi) {
a3d4e20aSJohan Hedberg			ie->data.rssi = data->rssi;
a3d4e20aSJohan Hedberg			hci_inquiry_cache_update_resolve(hdev, ie);
a3d4e20aSJohan Hedberg		}
a3d4e20aSJohan Hedberg
561aafbcSJohan Hedberg		goto update;
a3d4e20aSJohan Hedberg	}
561aafbcSJohan Hedberg
1da177e4SLinus Torvalds	/* Entry not in the cache. Add new one. */
27f70f3eSJohan Hedberg	ie = kzalloc(sizeof(*ie), GFP_KERNEL);
af58925cSMarcel Holtmann	if (!ie) {
af58925cSMarcel Holtmann		flags |= MGMT_DEV_FOUND_CONFIRM_NAME;
af58925cSMarcel Holtmann		goto done;
af58925cSMarcel Holtmann	}
70f23020SAndrei Emeltchenko
561aafbcSJohan Hedberg	list_add(&ie->all, &cache->all);
561aafbcSJohan Hedberg
561aafbcSJohan Hedberg	if (name_known) {
561aafbcSJohan Hedberg		ie->name_state = NAME_KNOWN;
561aafbcSJohan Hedberg	} else {
561aafbcSJohan Hedberg		ie->name_state = NAME_NOT_KNOWN;
561aafbcSJohan Hedberg		list_add(&ie->list, &cache->unknown);
561aafbcSJohan Hedberg	}
561aafbcSJohan Hedberg
561aafbcSJohan Hedbergupdate:
561aafbcSJohan Hedberg	if (name_known && ie->name_state != NAME_KNOWN &&
561aafbcSJohan Hedberg	    ie->name_state != NAME_PENDING) {
561aafbcSJohan Hedberg		ie->name_state = NAME_KNOWN;
561aafbcSJohan Hedberg		list_del(&ie->list);
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds
70f23020SAndrei Emeltchenko	memcpy(&ie->data, data, sizeof(*data));
70f23020SAndrei Emeltchenko	ie->timestamp = jiffies;
1da177e4SLinus Torvalds	cache->timestamp = jiffies;
3175405bSJohan Hedberg
3175405bSJohan Hedberg	if (ie->name_state == NAME_NOT_KNOWN)
af58925cSMarcel Holtmann		flags |= MGMT_DEV_FOUND_CONFIRM_NAME;
3175405bSJohan Hedberg
af58925cSMarcel Holtmanndone:
af58925cSMarcel Holtmann	return flags;
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
1da177e4SLinus Torvaldsstatic int inquiry_cache_dump(struct hci_dev *hdev, int num, __u8 *buf)
1da177e4SLinus Torvalds{
30883512SJohan Hedberg	struct discovery_state *cache = &hdev->discovery;
1da177e4SLinus Torvalds	struct inquiry_info *info = (struct inquiry_info *) buf;
1da177e4SLinus Torvalds	struct inquiry_entry *e;
1da177e4SLinus Torvalds	int copied = 0;
1da177e4SLinus Torvalds
561aafbcSJohan Hedberg	list_for_each_entry(e, &cache->all, all) {
1da177e4SLinus Torvalds		struct inquiry_data *data = &e->data;
b57c1a56SJohan Hedberg
b57c1a56SJohan Hedberg		if (copied >= num)
b57c1a56SJohan Hedberg			break;
b57c1a56SJohan Hedberg
1da177e4SLinus Torvalds		bacpy(&info->bdaddr, &data->bdaddr);
1da177e4SLinus Torvalds		info->pscan_rep_mode	= data->pscan_rep_mode;
1da177e4SLinus Torvalds		info->pscan_period_mode	= data->pscan_period_mode;
1da177e4SLinus Torvalds		info->pscan_mode	= data->pscan_mode;
1da177e4SLinus Torvalds		memcpy(info->dev_class, data->dev_class, 3);
1da177e4SLinus Torvalds		info->clock_offset	= data->clock_offset;
b57c1a56SJohan Hedberg
1da177e4SLinus Torvalds		info++;
b57c1a56SJohan Hedberg		copied++;
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	BT_DBG("cache %p, copied %d", cache, copied);
1da177e4SLinus Torvalds	return copied;
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
42c6b129SJohan Hedbergstatic void hci_inq_req(struct hci_request *req, unsigned long opt)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	struct hci_inquiry_req *ir = (struct hci_inquiry_req *) opt;
42c6b129SJohan Hedberg	struct hci_dev *hdev = req->hdev;
1da177e4SLinus Torvalds	struct hci_cp_inquiry cp;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	BT_DBG("%s", hdev->name);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	if (test_bit(HCI_INQUIRY, &hdev->flags))
1da177e4SLinus Torvalds		return;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	/* Start Inquiry */
1da177e4SLinus Torvalds	memcpy(&cp.lap, &ir->lap, 3);
1da177e4SLinus Torvalds	cp.length  = ir->length;
1da177e4SLinus Torvalds	cp.num_rsp = ir->num_rsp;
42c6b129SJohan Hedberg	hci_req_add(req, HCI_OP_INQUIRY, sizeof(cp), &cp);
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
1da177e4SLinus Torvaldsint hci_inquiry(void __user *arg)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	__u8 __user *ptr = arg;
1da177e4SLinus Torvalds	struct hci_inquiry_req ir;
1da177e4SLinus Torvalds	struct hci_dev *hdev;
1da177e4SLinus Torvalds	int err = 0, do_inquiry = 0, max_rsp;
1da177e4SLinus Torvalds	long timeo;
1da177e4SLinus Torvalds	__u8 *buf;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	if (copy_from_user(&ir, ptr, sizeof(ir)))
1da177e4SLinus Torvalds		return -EFAULT;
1da177e4SLinus Torvalds
5a08ecceSAndrei Emeltchenko	hdev = hci_dev_get(ir.dev_id);
5a08ecceSAndrei Emeltchenko	if (!hdev)
1da177e4SLinus Torvalds		return -ENODEV;
1da177e4SLinus Torvalds
d7a5a11dSMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_USER_CHANNEL)) {
0736cfa8SMarcel Holtmann		err = -EBUSY;
0736cfa8SMarcel Holtmann		goto done;
0736cfa8SMarcel Holtmann	}
0736cfa8SMarcel Holtmann
d7a5a11dSMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_UNCONFIGURED)) {
fee746b0SMarcel Holtmann		err = -EOPNOTSUPP;
fee746b0SMarcel Holtmann		goto done;
fee746b0SMarcel Holtmann	}
fee746b0SMarcel Holtmann
5b69bef5SMarcel Holtmann	if (hdev->dev_type != HCI_BREDR) {
5b69bef5SMarcel Holtmann		err = -EOPNOTSUPP;
5b69bef5SMarcel Holtmann		goto done;
5b69bef5SMarcel Holtmann	}
5b69bef5SMarcel Holtmann
d7a5a11dSMarcel Holtmann	if (!hci_dev_test_flag(hdev, HCI_BREDR_ENABLED)) {
56f87901SJohan Hedberg		err = -EOPNOTSUPP;
56f87901SJohan Hedberg		goto done;
56f87901SJohan Hedberg	}
56f87901SJohan Hedberg
09fd0de5SGustavo F. Padovan	hci_dev_lock(hdev);
1da177e4SLinus Torvalds	if (inquiry_cache_age(hdev) > INQUIRY_CACHE_AGE_MAX ||
a8c5fb1aSGustavo Padovan	    inquiry_cache_empty(hdev) || ir.flags & IREQ_CACHE_FLUSH) {
1f9b9a5dSAndre Guedes		hci_inquiry_cache_flush(hdev);
1da177e4SLinus Torvalds		do_inquiry = 1;
1da177e4SLinus Torvalds	}
09fd0de5SGustavo F. Padovan	hci_dev_unlock(hdev);
1da177e4SLinus Torvalds
04837f64SMarcel Holtmann	timeo = ir.length * msecs_to_jiffies(2000);
70f23020SAndrei Emeltchenko
70f23020SAndrei Emeltchenko	if (do_inquiry) {
01178cd4SJohan Hedberg		err = hci_req_sync(hdev, hci_inq_req, (unsigned long) &ir,
01178cd4SJohan Hedberg				   timeo);
70f23020SAndrei Emeltchenko		if (err < 0)
1da177e4SLinus Torvalds			goto done;
3e13fa1eSAndre Guedes
3e13fa1eSAndre Guedes		/* Wait until Inquiry procedure finishes (HCI_INQUIRY flag is
3e13fa1eSAndre Guedes		 * cleared). If it is interrupted by a signal, return -EINTR.
3e13fa1eSAndre Guedes		 */
74316201SNeilBrown		if (wait_on_bit(&hdev->flags, HCI_INQUIRY,
3e13fa1eSAndre Guedes				TASK_INTERRUPTIBLE))
3e13fa1eSAndre Guedes			return -EINTR;
70f23020SAndrei Emeltchenko	}
1da177e4SLinus Torvalds
8fc9ced3SGustavo Padovan	/* for unlimited number of responses we will use buffer with
8fc9ced3SGustavo Padovan	 * 255 entries
8fc9ced3SGustavo Padovan	 */
1da177e4SLinus Torvalds	max_rsp = (ir.num_rsp == 0) ? 255 : ir.num_rsp;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	/* cache_dump can't sleep. Therefore we allocate temp buffer and then
1da177e4SLinus Torvalds	 * copy it to the user space.
1da177e4SLinus Torvalds	 */
70f23020SAndrei Emeltchenko	buf = kmalloc(sizeof(struct inquiry_info) * max_rsp, GFP_KERNEL);
70f23020SAndrei Emeltchenko	if (!buf) {
1da177e4SLinus Torvalds		err = -ENOMEM;
1da177e4SLinus Torvalds		goto done;
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds
09fd0de5SGustavo F. Padovan	hci_dev_lock(hdev);
1da177e4SLinus Torvalds	ir.num_rsp = inquiry_cache_dump(hdev, max_rsp, buf);
09fd0de5SGustavo F. Padovan	hci_dev_unlock(hdev);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	BT_DBG("num_rsp %d", ir.num_rsp);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	if (!copy_to_user(ptr, &ir, sizeof(ir))) {
1da177e4SLinus Torvalds		ptr += sizeof(ir);
1da177e4SLinus Torvalds		if (copy_to_user(ptr, buf, sizeof(struct inquiry_info) *
1da177e4SLinus Torvalds				 ir.num_rsp))
1da177e4SLinus Torvalds			err = -EFAULT;
1da177e4SLinus Torvalds	} else
1da177e4SLinus Torvalds		err = -EFAULT;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	kfree(buf);
1da177e4SLinus Torvalds
1da177e4SLinus Torvaldsdone:
1da177e4SLinus Torvalds	hci_dev_put(hdev);
1da177e4SLinus Torvalds	return err;
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
cbed0ca1SJohan Hedbergstatic int hci_dev_do_open(struct hci_dev *hdev)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	int ret = 0;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	BT_DBG("%s %p", hdev->name, hdev);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	hci_req_lock(hdev);
1da177e4SLinus Torvalds
d7a5a11dSMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_UNREGISTER)) {
94324962SJohan Hovold		ret = -ENODEV;
94324962SJohan Hovold		goto done;
94324962SJohan Hovold	}
94324962SJohan Hovold
d7a5a11dSMarcel Holtmann	if (!hci_dev_test_flag(hdev, HCI_SETUP) &&
d7a5a11dSMarcel Holtmann	    !hci_dev_test_flag(hdev, HCI_CONFIG)) {
a5c8f270SMarcel Holtmann		/* Check for rfkill but allow the HCI setup stage to
a5c8f270SMarcel Holtmann		 * proceed (which in itself doesn't cause any RF activity).
bf543036SJohan Hedberg		 */
d7a5a11dSMarcel Holtmann		if (hci_dev_test_flag(hdev, HCI_RFKILLED)) {
611b30f7SMarcel Holtmann			ret = -ERFKILL;
611b30f7SMarcel Holtmann			goto done;
611b30f7SMarcel Holtmann		}
611b30f7SMarcel Holtmann
a5c8f270SMarcel Holtmann		/* Check for valid public address or a configured static
a5c8f270SMarcel Holtmann		 * random adddress, but let the HCI setup proceed to
a5c8f270SMarcel Holtmann		 * be able to determine if there is a public address
a5c8f270SMarcel Holtmann		 * or not.
a5c8f270SMarcel Holtmann		 *
c6beca0eSMarcel Holtmann		 * In case of user channel usage, it is not important
c6beca0eSMarcel Holtmann		 * if a public address or static random address is
c6beca0eSMarcel Holtmann		 * available.
c6beca0eSMarcel Holtmann		 *
a5c8f270SMarcel Holtmann		 * This check is only valid for BR/EDR controllers
a5c8f270SMarcel Holtmann		 * since AMP controllers do not have an address.
a5c8f270SMarcel Holtmann		 */
d7a5a11dSMarcel Holtmann		if (!hci_dev_test_flag(hdev, HCI_USER_CHANNEL) &&
c6beca0eSMarcel Holtmann		    hdev->dev_type == HCI_BREDR &&
a5c8f270SMarcel Holtmann		    !bacmp(&hdev->bdaddr, BDADDR_ANY) &&
a5c8f270SMarcel Holtmann		    !bacmp(&hdev->static_addr, BDADDR_ANY)) {
a5c8f270SMarcel Holtmann			ret = -EADDRNOTAVAIL;
a5c8f270SMarcel Holtmann			goto done;
a5c8f270SMarcel Holtmann		}
a5c8f270SMarcel Holtmann	}
a5c8f270SMarcel Holtmann
1da177e4SLinus Torvalds	if (test_bit(HCI_UP, &hdev->flags)) {
1da177e4SLinus Torvalds		ret = -EALREADY;
1da177e4SLinus Torvalds		goto done;
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	if (hdev->open(hdev)) {
1da177e4SLinus Torvalds		ret = -EIO;
1da177e4SLinus Torvalds		goto done;
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds
e9ca8bf1SMarcel Holtmann	set_bit(HCI_RUNNING, &hdev->flags);
4a3f95b7SMarcel Holtmann	hci_notify(hdev, HCI_DEV_OPEN);
4a3f95b7SMarcel Holtmann
1da177e4SLinus Torvalds	atomic_set(&hdev->cmd_cnt, 1);
1da177e4SLinus Torvalds	set_bit(HCI_INIT, &hdev->flags);
f41c70c4SMarcel Holtmann
d7a5a11dSMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_SETUP)) {
e131d74aSMarcel Holtmann		hci_sock_dev_event(hdev, HCI_DEV_SETUP);
e131d74aSMarcel Holtmann
af202f84SMarcel Holtmann		if (hdev->setup)
f41c70c4SMarcel Holtmann			ret = hdev->setup(hdev);
f41c70c4SMarcel Holtmann
af202f84SMarcel Holtmann		/* The transport driver can set these quirks before
af202f84SMarcel Holtmann		 * creating the HCI device or in its setup callback.
af202f84SMarcel Holtmann		 *
af202f84SMarcel Holtmann		 * In case any of them is set, the controller has to
af202f84SMarcel Holtmann		 * start up as unconfigured.
af202f84SMarcel Holtmann		 */
eb1904f4SMarcel Holtmann		if (test_bit(HCI_QUIRK_EXTERNAL_CONFIG, &hdev->quirks) ||
eb1904f4SMarcel Holtmann		    test_bit(HCI_QUIRK_INVALID_BDADDR, &hdev->quirks))
a1536da2SMarcel Holtmann			hci_dev_set_flag(hdev, HCI_UNCONFIGURED);
f41c70c4SMarcel Holtmann
0ebca7d6SMarcel Holtmann		/* For an unconfigured controller it is required to
0ebca7d6SMarcel Holtmann		 * read at least the version information provided by
0ebca7d6SMarcel Holtmann		 * the Read Local Version Information command.
0ebca7d6SMarcel Holtmann		 *
0ebca7d6SMarcel Holtmann		 * If the set_bdaddr driver callback is provided, then
0ebca7d6SMarcel Holtmann		 * also the original Bluetooth public device address
0ebca7d6SMarcel Holtmann		 * will be read using the Read BD Address command.
0ebca7d6SMarcel Holtmann		 */
d7a5a11dSMarcel Holtmann		if (hci_dev_test_flag(hdev, HCI_UNCONFIGURED))
0ebca7d6SMarcel Holtmann			ret = __hci_unconf_init(hdev);
89bc22d2SMarcel Holtmann	}
89bc22d2SMarcel Holtmann
d7a5a11dSMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_CONFIG)) {
9713c17bSMarcel Holtmann		/* If public address change is configured, ensure that
9713c17bSMarcel Holtmann		 * the address gets programmed. If the driver does not
9713c17bSMarcel Holtmann		 * support changing the public address, fail the power
9713c17bSMarcel Holtmann		 * on procedure.
24c457e2SMarcel Holtmann		 */
9713c17bSMarcel Holtmann		if (bacmp(&hdev->public_addr, BDADDR_ANY) &&
9713c17bSMarcel Holtmann		    hdev->set_bdaddr)
24c457e2SMarcel Holtmann			ret = hdev->set_bdaddr(hdev, &hdev->public_addr);
24c457e2SMarcel Holtmann		else
24c457e2SMarcel Holtmann			ret = -EADDRNOTAVAIL;
24c457e2SMarcel Holtmann	}
24c457e2SMarcel Holtmann
f41c70c4SMarcel Holtmann	if (!ret) {
d7a5a11dSMarcel Holtmann		if (!hci_dev_test_flag(hdev, HCI_UNCONFIGURED) &&
98a63aafSMarcel Holtmann		    !hci_dev_test_flag(hdev, HCI_USER_CHANNEL)) {
2177bab5SJohan Hedberg			ret = __hci_init(hdev);
98a63aafSMarcel Holtmann			if (!ret && hdev->post_init)
98a63aafSMarcel Holtmann				ret = hdev->post_init(hdev);
98a63aafSMarcel Holtmann		}
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds
7e995b9eSMarcel Holtmann	/* If the HCI Reset command is clearing all diagnostic settings,
7e995b9eSMarcel Holtmann	 * then they need to be reprogrammed after the init procedure
7e995b9eSMarcel Holtmann	 * completed.
7e995b9eSMarcel Holtmann	 */
7e995b9eSMarcel Holtmann	if (test_bit(HCI_QUIRK_NON_PERSISTENT_DIAG, &hdev->quirks) &&
7e995b9eSMarcel Holtmann	    hci_dev_test_flag(hdev, HCI_VENDOR_DIAG) && hdev->set_diag)
7e995b9eSMarcel Holtmann		ret = hdev->set_diag(hdev, true);
7e995b9eSMarcel Holtmann
f41c70c4SMarcel Holtmann	clear_bit(HCI_INIT, &hdev->flags);
f41c70c4SMarcel Holtmann
1da177e4SLinus Torvalds	if (!ret) {
1da177e4SLinus Torvalds		hci_dev_hold(hdev);
a1536da2SMarcel Holtmann		hci_dev_set_flag(hdev, HCI_RPA_EXPIRED);
1da177e4SLinus Torvalds		set_bit(HCI_UP, &hdev->flags);
1da177e4SLinus Torvalds		hci_notify(hdev, HCI_DEV_UP);
d7a5a11dSMarcel Holtmann		if (!hci_dev_test_flag(hdev, HCI_SETUP) &&
d7a5a11dSMarcel Holtmann		    !hci_dev_test_flag(hdev, HCI_CONFIG) &&
d7a5a11dSMarcel Holtmann		    !hci_dev_test_flag(hdev, HCI_UNCONFIGURED) &&
d7a5a11dSMarcel Holtmann		    !hci_dev_test_flag(hdev, HCI_USER_CHANNEL) &&
1514b892SMarcel Holtmann		    hdev->dev_type == HCI_BREDR) {
09fd0de5SGustavo F. Padovan			hci_dev_lock(hdev);
744cf19eSJohan Hedberg			mgmt_powered(hdev, 1);
09fd0de5SGustavo F. Padovan			hci_dev_unlock(hdev);
56e5cb86SJohan Hedberg		}
1da177e4SLinus Torvalds	} else {
1da177e4SLinus Torvalds		/* Init failed, cleanup */
3eff45eaSGustavo F. Padovan		flush_work(&hdev->tx_work);
c347b765SGustavo F. Padovan		flush_work(&hdev->cmd_work);
b78752ccSMarcel Holtmann		flush_work(&hdev->rx_work);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds		skb_queue_purge(&hdev->cmd_q);
1da177e4SLinus Torvalds		skb_queue_purge(&hdev->rx_q);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds		if (hdev->flush)
1da177e4SLinus Torvalds			hdev->flush(hdev);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds		if (hdev->sent_cmd) {
1da177e4SLinus Torvalds			kfree_skb(hdev->sent_cmd);
1da177e4SLinus Torvalds			hdev->sent_cmd = NULL;
1da177e4SLinus Torvalds		}
1da177e4SLinus Torvalds
e9ca8bf1SMarcel Holtmann		clear_bit(HCI_RUNNING, &hdev->flags);
4a3f95b7SMarcel Holtmann		hci_notify(hdev, HCI_DEV_CLOSE);
4a3f95b7SMarcel Holtmann
1da177e4SLinus Torvalds		hdev->close(hdev);
fee746b0SMarcel Holtmann		hdev->flags &= BIT(HCI_RAW);
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds
1da177e4SLinus Torvaldsdone:
1da177e4SLinus Torvalds	hci_req_unlock(hdev);
1da177e4SLinus Torvalds	return ret;
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
cbed0ca1SJohan Hedberg/* ---- HCI ioctl helpers ---- */
cbed0ca1SJohan Hedberg
cbed0ca1SJohan Hedbergint hci_dev_open(__u16 dev)
cbed0ca1SJohan Hedberg{
cbed0ca1SJohan Hedberg	struct hci_dev *hdev;
cbed0ca1SJohan Hedberg	int err;
cbed0ca1SJohan Hedberg
cbed0ca1SJohan Hedberg	hdev = hci_dev_get(dev);
cbed0ca1SJohan Hedberg	if (!hdev)
cbed0ca1SJohan Hedberg		return -ENODEV;
cbed0ca1SJohan Hedberg
4a964404SMarcel Holtmann	/* Devices that are marked as unconfigured can only be powered
fee746b0SMarcel Holtmann	 * up as user channel. Trying to bring them up as normal devices
fee746b0SMarcel Holtmann	 * will result into a failure. Only user channel operation is
fee746b0SMarcel Holtmann	 * possible.
fee746b0SMarcel Holtmann	 *
fee746b0SMarcel Holtmann	 * When this function is called for a user channel, the flag
fee746b0SMarcel Holtmann	 * HCI_USER_CHANNEL will be set first before attempting to
fee746b0SMarcel Holtmann	 * open the device.
fee746b0SMarcel Holtmann	 */
d7a5a11dSMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_UNCONFIGURED) &&
d7a5a11dSMarcel Holtmann	    !hci_dev_test_flag(hdev, HCI_USER_CHANNEL)) {
fee746b0SMarcel Holtmann		err = -EOPNOTSUPP;
fee746b0SMarcel Holtmann		goto done;
fee746b0SMarcel Holtmann	}
fee746b0SMarcel Holtmann
e1d08f40SJohan Hedberg	/* We need to ensure that no other power on/off work is pending
e1d08f40SJohan Hedberg	 * before proceeding to call hci_dev_do_open. This is
e1d08f40SJohan Hedberg	 * particularly important if the setup procedure has not yet
e1d08f40SJohan Hedberg	 * completed.
e1d08f40SJohan Hedberg	 */
a69d8927SMarcel Holtmann	if (hci_dev_test_and_clear_flag(hdev, HCI_AUTO_OFF))
e1d08f40SJohan Hedberg		cancel_delayed_work(&hdev->power_off);
e1d08f40SJohan Hedberg
a5c8f270SMarcel Holtmann	/* After this call it is guaranteed that the setup procedure
a5c8f270SMarcel Holtmann	 * has finished. This means that error conditions like RFKILL
a5c8f270SMarcel Holtmann	 * or no valid public or static random address apply.
a5c8f270SMarcel Holtmann	 */
e1d08f40SJohan Hedberg	flush_workqueue(hdev->req_workqueue);
e1d08f40SJohan Hedberg
12aa4f0aSMarcel Holtmann	/* For controllers not using the management interface and that
b6ae8457SJohan Hedberg	 * are brought up using legacy ioctl, set the HCI_BONDABLE bit
12aa4f0aSMarcel Holtmann	 * so that pairing works for them. Once the management interface
12aa4f0aSMarcel Holtmann	 * is in use this bit will be cleared again and userspace has
12aa4f0aSMarcel Holtmann	 * to explicitly enable it.
12aa4f0aSMarcel Holtmann	 */
d7a5a11dSMarcel Holtmann	if (!hci_dev_test_flag(hdev, HCI_USER_CHANNEL) &&
d7a5a11dSMarcel Holtmann	    !hci_dev_test_flag(hdev, HCI_MGMT))
a1536da2SMarcel Holtmann		hci_dev_set_flag(hdev, HCI_BONDABLE);
12aa4f0aSMarcel Holtmann
cbed0ca1SJohan Hedberg	err = hci_dev_do_open(hdev);
cbed0ca1SJohan Hedberg
fee746b0SMarcel Holtmanndone:
cbed0ca1SJohan Hedberg	hci_dev_put(hdev);
cbed0ca1SJohan Hedberg	return err;
cbed0ca1SJohan Hedberg}
cbed0ca1SJohan Hedberg
d7347f3cSJohan Hedberg/* This function requires the caller holds hdev->lock */
d7347f3cSJohan Hedbergstatic void hci_pend_le_actions_clear(struct hci_dev *hdev)
d7347f3cSJohan Hedberg{
d7347f3cSJohan Hedberg	struct hci_conn_params *p;
d7347f3cSJohan Hedberg
f161dd41SJohan Hedberg	list_for_each_entry(p, &hdev->le_conn_params, list) {
f161dd41SJohan Hedberg		if (p->conn) {
f161dd41SJohan Hedberg			hci_conn_drop(p->conn);
f8aaf9b6SJohan Hedberg			hci_conn_put(p->conn);
f161dd41SJohan Hedberg			p->conn = NULL;
f161dd41SJohan Hedberg		}
d7347f3cSJohan Hedberg		list_del_init(&p->action);
f161dd41SJohan Hedberg	}
d7347f3cSJohan Hedberg
d7347f3cSJohan Hedberg	BT_DBG("All LE pending actions cleared");
d7347f3cSJohan Hedberg}
d7347f3cSJohan Hedberg
6b3cc1dbSSimon Felsint hci_dev_do_close(struct hci_dev *hdev)
1da177e4SLinus Torvalds{
acc649c6SMarcel Holtmann	bool auto_off;
acc649c6SMarcel Holtmann
1da177e4SLinus Torvalds	BT_DBG("%s %p", hdev->name, hdev);
1da177e4SLinus Torvalds
d24d8144SGabriele Mazzotta	if (!hci_dev_test_flag(hdev, HCI_UNREGISTER) &&
867146a0SLoic Poulain	    !hci_dev_test_flag(hdev, HCI_USER_CHANNEL) &&
d24d8144SGabriele Mazzotta	    test_bit(HCI_UP, &hdev->flags)) {
a44fecbdSTedd Ho-Jeong An		/* Execute vendor specific shutdown routine */
a44fecbdSTedd Ho-Jeong An		if (hdev->shutdown)
a44fecbdSTedd Ho-Jeong An			hdev->shutdown(hdev);
a44fecbdSTedd Ho-Jeong An	}
a44fecbdSTedd Ho-Jeong An
78c04c0bSVinicius Costa Gomes	cancel_delayed_work(&hdev->power_off);
78c04c0bSVinicius Costa Gomes
1da177e4SLinus Torvalds	hci_req_cancel(hdev, ENODEV);
1da177e4SLinus Torvalds	hci_req_lock(hdev);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	if (!test_and_clear_bit(HCI_UP, &hdev->flags)) {
65cc2b49SMarcel Holtmann		cancel_delayed_work_sync(&hdev->cmd_timer);
1da177e4SLinus Torvalds		hci_req_unlock(hdev);
1da177e4SLinus Torvalds		return 0;
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds
3eff45eaSGustavo F. Padovan	/* Flush RX and TX works */
3eff45eaSGustavo F. Padovan	flush_work(&hdev->tx_work);
b78752ccSMarcel Holtmann	flush_work(&hdev->rx_work);
1da177e4SLinus Torvalds
16ab91abSJohan Hedberg	if (hdev->discov_timeout > 0) {
e0f9309fSJohan Hedberg		cancel_delayed_work(&hdev->discov_off);
16ab91abSJohan Hedberg		hdev->discov_timeout = 0;
a358dc11SMarcel Holtmann		hci_dev_clear_flag(hdev, HCI_DISCOVERABLE);
a358dc11SMarcel Holtmann		hci_dev_clear_flag(hdev, HCI_LIMITED_DISCOVERABLE);
16ab91abSJohan Hedberg	}
16ab91abSJohan Hedberg
a69d8927SMarcel Holtmann	if (hci_dev_test_and_clear_flag(hdev, HCI_SERVICE_CACHE))
7d78525dSJohan Hedberg		cancel_delayed_work(&hdev->service_cache);
7d78525dSJohan Hedberg
7ba8b4beSAndre Guedes	cancel_delayed_work_sync(&hdev->le_scan_disable);
2d28cfe7SJakub Pawlowski	cancel_delayed_work_sync(&hdev->le_scan_restart);
4518bb0fSJohan Hedberg
d7a5a11dSMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_MGMT))
d6bfd59cSJohan Hedberg		cancel_delayed_work_sync(&hdev->rpa_expired);
7ba8b4beSAndre Guedes
5d900e46SFlorian Grandel	if (hdev->adv_instance_timeout) {
5d900e46SFlorian Grandel		cancel_delayed_work_sync(&hdev->adv_instance_expire);
5d900e46SFlorian Grandel		hdev->adv_instance_timeout = 0;
5d900e46SFlorian Grandel	}
5d900e46SFlorian Grandel
76727c02SJohan Hedberg	/* Avoid potential lockdep warnings from the *_flush() calls by
76727c02SJohan Hedberg	 * ensuring the workqueue is empty up front.
76727c02SJohan Hedberg	 */
76727c02SJohan Hedberg	drain_workqueue(hdev->workqueue);
76727c02SJohan Hedberg
09fd0de5SGustavo F. Padovan	hci_dev_lock(hdev);
1aeb9c65SJohan Hedberg
8f502f84SJohan Hedberg	hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
8f502f84SJohan Hedberg
acc649c6SMarcel Holtmann	auto_off = hci_dev_test_and_clear_flag(hdev, HCI_AUTO_OFF);
acc649c6SMarcel Holtmann
acc649c6SMarcel Holtmann	if (!auto_off && hdev->dev_type == HCI_BREDR)
1aeb9c65SJohan Hedberg		mgmt_powered(hdev, 0);
1aeb9c65SJohan Hedberg
1f9b9a5dSAndre Guedes	hci_inquiry_cache_flush(hdev);
d7347f3cSJohan Hedberg	hci_pend_le_actions_clear(hdev);
f161dd41SJohan Hedberg	hci_conn_hash_flush(hdev);
09fd0de5SGustavo F. Padovan	hci_dev_unlock(hdev);
1da177e4SLinus Torvalds
64dae967SMarcel Holtmann	smp_unregister(hdev);
64dae967SMarcel Holtmann
1da177e4SLinus Torvalds	hci_notify(hdev, HCI_DEV_DOWN);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	if (hdev->flush)
1da177e4SLinus Torvalds		hdev->flush(hdev);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	/* Reset device */
1da177e4SLinus Torvalds	skb_queue_purge(&hdev->cmd_q);
1da177e4SLinus Torvalds	atomic_set(&hdev->cmd_cnt, 1);
acc649c6SMarcel Holtmann	if (test_bit(HCI_QUIRK_RESET_ON_CLOSE, &hdev->quirks) &&
acc649c6SMarcel Holtmann	    !auto_off && !hci_dev_test_flag(hdev, HCI_UNCONFIGURED)) {
1da177e4SLinus Torvalds		set_bit(HCI_INIT, &hdev->flags);
01178cd4SJohan Hedberg		__hci_req_sync(hdev, hci_reset_req, 0, HCI_CMD_TIMEOUT);
1da177e4SLinus Torvalds		clear_bit(HCI_INIT, &hdev->flags);
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds
c347b765SGustavo F. Padovan	/* flush cmd  work */
c347b765SGustavo F. Padovan	flush_work(&hdev->cmd_work);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	/* Drop queues */
1da177e4SLinus Torvalds	skb_queue_purge(&hdev->rx_q);
1da177e4SLinus Torvalds	skb_queue_purge(&hdev->cmd_q);
1da177e4SLinus Torvalds	skb_queue_purge(&hdev->raw_q);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	/* Drop last sent command */
1da177e4SLinus Torvalds	if (hdev->sent_cmd) {
65cc2b49SMarcel Holtmann		cancel_delayed_work_sync(&hdev->cmd_timer);
1da177e4SLinus Torvalds		kfree_skb(hdev->sent_cmd);
1da177e4SLinus Torvalds		hdev->sent_cmd = NULL;
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds
e9ca8bf1SMarcel Holtmann	clear_bit(HCI_RUNNING, &hdev->flags);
4a3f95b7SMarcel Holtmann	hci_notify(hdev, HCI_DEV_CLOSE);
4a3f95b7SMarcel Holtmann
1da177e4SLinus Torvalds	/* After this point our queues are empty
1da177e4SLinus Torvalds	 * and no tasks are scheduled. */
1da177e4SLinus Torvalds	hdev->close(hdev);
1da177e4SLinus Torvalds
35b973c9SJohan Hedberg	/* Clear flags */
fee746b0SMarcel Holtmann	hdev->flags &= BIT(HCI_RAW);
eacb44dfSMarcel Holtmann	hci_dev_clear_volatile_flags(hdev);
35b973c9SJohan Hedberg
ced5c338SAndrei Emeltchenko	/* Controller radio is available but is currently powered down */
536619e8SMarcel Holtmann	hdev->amp_status = AMP_STATUS_POWERED_DOWN;
ced5c338SAndrei Emeltchenko
e59fda8dSJohan Hedberg	memset(hdev->eir, 0, sizeof(hdev->eir));
09b3c3fbSJohan Hedberg	memset(hdev->dev_class, 0, sizeof(hdev->dev_class));
7a4cd51dSMarcel Holtmann	bacpy(&hdev->random_addr, BDADDR_ANY);
e59fda8dSJohan Hedberg
1da177e4SLinus Torvalds	hci_req_unlock(hdev);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	hci_dev_put(hdev);
1da177e4SLinus Torvalds	return 0;
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
1da177e4SLinus Torvaldsint hci_dev_close(__u16 dev)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	struct hci_dev *hdev;
1da177e4SLinus Torvalds	int err;
1da177e4SLinus Torvalds
70f23020SAndrei Emeltchenko	hdev = hci_dev_get(dev);
70f23020SAndrei Emeltchenko	if (!hdev)
1da177e4SLinus Torvalds		return -ENODEV;
8ee56540SMarcel Holtmann
d7a5a11dSMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_USER_CHANNEL)) {
0736cfa8SMarcel Holtmann		err = -EBUSY;
0736cfa8SMarcel Holtmann		goto done;
0736cfa8SMarcel Holtmann	}
0736cfa8SMarcel Holtmann
a69d8927SMarcel Holtmann	if (hci_dev_test_and_clear_flag(hdev, HCI_AUTO_OFF))
8ee56540SMarcel Holtmann		cancel_delayed_work(&hdev->power_off);
8ee56540SMarcel Holtmann
1da177e4SLinus Torvalds	err = hci_dev_do_close(hdev);
8ee56540SMarcel Holtmann
0736cfa8SMarcel Holtmanndone:
1da177e4SLinus Torvalds	hci_dev_put(hdev);
1da177e4SLinus Torvalds	return err;
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
5c912495SMarcel Holtmannstatic int hci_dev_do_reset(struct hci_dev *hdev)
1da177e4SLinus Torvalds{
5c912495SMarcel Holtmann	int ret;
1da177e4SLinus Torvalds
5c912495SMarcel Holtmann	BT_DBG("%s %p", hdev->name, hdev);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	hci_req_lock(hdev);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	/* Drop queues */
1da177e4SLinus Torvalds	skb_queue_purge(&hdev->rx_q);
1da177e4SLinus Torvalds	skb_queue_purge(&hdev->cmd_q);
1da177e4SLinus Torvalds
76727c02SJohan Hedberg	/* Avoid potential lockdep warnings from the *_flush() calls by
76727c02SJohan Hedberg	 * ensuring the workqueue is empty up front.
76727c02SJohan Hedberg	 */
76727c02SJohan Hedberg	drain_workqueue(hdev->workqueue);
76727c02SJohan Hedberg
09fd0de5SGustavo F. Padovan	hci_dev_lock(hdev);
1f9b9a5dSAndre Guedes	hci_inquiry_cache_flush(hdev);
1da177e4SLinus Torvalds	hci_conn_hash_flush(hdev);
09fd0de5SGustavo F. Padovan	hci_dev_unlock(hdev);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	if (hdev->flush)
1da177e4SLinus Torvalds		hdev->flush(hdev);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	atomic_set(&hdev->cmd_cnt, 1);
6ed58ec5SVille Tervo	hdev->acl_cnt = 0; hdev->sco_cnt = 0; hdev->le_cnt = 0;
1da177e4SLinus Torvalds
01178cd4SJohan Hedberg	ret = __hci_req_sync(hdev, hci_reset_req, 0, HCI_INIT_TIMEOUT);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	hci_req_unlock(hdev);
1da177e4SLinus Torvalds	return ret;
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
5c912495SMarcel Holtmannint hci_dev_reset(__u16 dev)
5c912495SMarcel Holtmann{
5c912495SMarcel Holtmann	struct hci_dev *hdev;
5c912495SMarcel Holtmann	int err;
5c912495SMarcel Holtmann
5c912495SMarcel Holtmann	hdev = hci_dev_get(dev);
5c912495SMarcel Holtmann	if (!hdev)
5c912495SMarcel Holtmann		return -ENODEV;
5c912495SMarcel Holtmann
5c912495SMarcel Holtmann	if (!test_bit(HCI_UP, &hdev->flags)) {
5c912495SMarcel Holtmann		err = -ENETDOWN;
5c912495SMarcel Holtmann		goto done;
5c912495SMarcel Holtmann	}
5c912495SMarcel Holtmann
d7a5a11dSMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_USER_CHANNEL)) {
5c912495SMarcel Holtmann		err = -EBUSY;
5c912495SMarcel Holtmann		goto done;
5c912495SMarcel Holtmann	}
5c912495SMarcel Holtmann
d7a5a11dSMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_UNCONFIGURED)) {
5c912495SMarcel Holtmann		err = -EOPNOTSUPP;
5c912495SMarcel Holtmann		goto done;
5c912495SMarcel Holtmann	}
5c912495SMarcel Holtmann
5c912495SMarcel Holtmann	err = hci_dev_do_reset(hdev);
5c912495SMarcel Holtmann
5c912495SMarcel Holtmanndone:
5c912495SMarcel Holtmann	hci_dev_put(hdev);
5c912495SMarcel Holtmann	return err;
5c912495SMarcel Holtmann}
5c912495SMarcel Holtmann
1da177e4SLinus Torvaldsint hci_dev_reset_stat(__u16 dev)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	struct hci_dev *hdev;
1da177e4SLinus Torvalds	int ret = 0;
1da177e4SLinus Torvalds
70f23020SAndrei Emeltchenko	hdev = hci_dev_get(dev);
70f23020SAndrei Emeltchenko	if (!hdev)
1da177e4SLinus Torvalds		return -ENODEV;
1da177e4SLinus Torvalds
d7a5a11dSMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_USER_CHANNEL)) {
0736cfa8SMarcel Holtmann		ret = -EBUSY;
0736cfa8SMarcel Holtmann		goto done;
0736cfa8SMarcel Holtmann	}
0736cfa8SMarcel Holtmann
d7a5a11dSMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_UNCONFIGURED)) {
fee746b0SMarcel Holtmann		ret = -EOPNOTSUPP;
fee746b0SMarcel Holtmann		goto done;
fee746b0SMarcel Holtmann	}
fee746b0SMarcel Holtmann
1da177e4SLinus Torvalds	memset(&hdev->stat, 0, sizeof(struct hci_dev_stats));
1da177e4SLinus Torvalds
0736cfa8SMarcel Holtmanndone:
1da177e4SLinus Torvalds	hci_dev_put(hdev);
1da177e4SLinus Torvalds	return ret;
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
123abc08SJohan Hedbergstatic void hci_update_scan_state(struct hci_dev *hdev, u8 scan)
123abc08SJohan Hedberg{
bc6d2d04SJohan Hedberg	bool conn_changed, discov_changed;
123abc08SJohan Hedberg
123abc08SJohan Hedberg	BT_DBG("%s scan 0x%02x", hdev->name, scan);
123abc08SJohan Hedberg
123abc08SJohan Hedberg	if ((scan & SCAN_PAGE))
238be788SMarcel Holtmann		conn_changed = !hci_dev_test_and_set_flag(hdev,
238be788SMarcel Holtmann							  HCI_CONNECTABLE);
123abc08SJohan Hedberg	else
a69d8927SMarcel Holtmann		conn_changed = hci_dev_test_and_clear_flag(hdev,
a69d8927SMarcel Holtmann							   HCI_CONNECTABLE);
123abc08SJohan Hedberg
bc6d2d04SJohan Hedberg	if ((scan & SCAN_INQUIRY)) {
238be788SMarcel Holtmann		discov_changed = !hci_dev_test_and_set_flag(hdev,
238be788SMarcel Holtmann							    HCI_DISCOVERABLE);
bc6d2d04SJohan Hedberg	} else {
a358dc11SMarcel Holtmann		hci_dev_clear_flag(hdev, HCI_LIMITED_DISCOVERABLE);
a69d8927SMarcel Holtmann		discov_changed = hci_dev_test_and_clear_flag(hdev,
a69d8927SMarcel Holtmann							     HCI_DISCOVERABLE);
bc6d2d04SJohan Hedberg	}
bc6d2d04SJohan Hedberg
d7a5a11dSMarcel Holtmann	if (!hci_dev_test_flag(hdev, HCI_MGMT))
123abc08SJohan Hedberg		return;
123abc08SJohan Hedberg
bc6d2d04SJohan Hedberg	if (conn_changed || discov_changed) {
bc6d2d04SJohan Hedberg		/* In case this was disabled through mgmt */
a1536da2SMarcel Holtmann		hci_dev_set_flag(hdev, HCI_BREDR_ENABLED);
bc6d2d04SJohan Hedberg
d7a5a11dSMarcel Holtmann		if (hci_dev_test_flag(hdev, HCI_LE_ENABLED))
bc6d2d04SJohan Hedberg			mgmt_update_adv_data(hdev);
bc6d2d04SJohan Hedberg
123abc08SJohan Hedberg		mgmt_new_settings(hdev);
123abc08SJohan Hedberg	}
bc6d2d04SJohan Hedberg}
123abc08SJohan Hedberg
1da177e4SLinus Torvaldsint hci_dev_cmd(unsigned int cmd, void __user *arg)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	struct hci_dev *hdev;
1da177e4SLinus Torvalds	struct hci_dev_req dr;
1da177e4SLinus Torvalds	int err = 0;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	if (copy_from_user(&dr, arg, sizeof(dr)))
1da177e4SLinus Torvalds		return -EFAULT;
1da177e4SLinus Torvalds
70f23020SAndrei Emeltchenko	hdev = hci_dev_get(dr.dev_id);
70f23020SAndrei Emeltchenko	if (!hdev)
1da177e4SLinus Torvalds		return -ENODEV;
1da177e4SLinus Torvalds
d7a5a11dSMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_USER_CHANNEL)) {
0736cfa8SMarcel Holtmann		err = -EBUSY;
0736cfa8SMarcel Holtmann		goto done;
0736cfa8SMarcel Holtmann	}
0736cfa8SMarcel Holtmann
d7a5a11dSMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_UNCONFIGURED)) {
fee746b0SMarcel Holtmann		err = -EOPNOTSUPP;
fee746b0SMarcel Holtmann		goto done;
fee746b0SMarcel Holtmann	}
fee746b0SMarcel Holtmann
5b69bef5SMarcel Holtmann	if (hdev->dev_type != HCI_BREDR) {
5b69bef5SMarcel Holtmann		err = -EOPNOTSUPP;
5b69bef5SMarcel Holtmann		goto done;
5b69bef5SMarcel Holtmann	}
5b69bef5SMarcel Holtmann
d7a5a11dSMarcel Holtmann	if (!hci_dev_test_flag(hdev, HCI_BREDR_ENABLED)) {
56f87901SJohan Hedberg		err = -EOPNOTSUPP;
56f87901SJohan Hedberg		goto done;
56f87901SJohan Hedberg	}
56f87901SJohan Hedberg
1da177e4SLinus Torvalds	switch (cmd) {
1da177e4SLinus Torvalds	case HCISETAUTH:
01178cd4SJohan Hedberg		err = hci_req_sync(hdev, hci_auth_req, dr.dev_opt,
5f246e89SAndrei Emeltchenko				   HCI_INIT_TIMEOUT);
1da177e4SLinus Torvalds		break;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	case HCISETENCRYPT:
1da177e4SLinus Torvalds		if (!lmp_encrypt_capable(hdev)) {
1da177e4SLinus Torvalds			err = -EOPNOTSUPP;
1da177e4SLinus Torvalds			break;
1da177e4SLinus Torvalds		}
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds		if (!test_bit(HCI_AUTH, &hdev->flags)) {
1da177e4SLinus Torvalds			/* Auth must be enabled first */
01178cd4SJohan Hedberg			err = hci_req_sync(hdev, hci_auth_req, dr.dev_opt,
5f246e89SAndrei Emeltchenko					   HCI_INIT_TIMEOUT);
1da177e4SLinus Torvalds			if (err)
1da177e4SLinus Torvalds				break;
1da177e4SLinus Torvalds		}
1da177e4SLinus Torvalds
01178cd4SJohan Hedberg		err = hci_req_sync(hdev, hci_encrypt_req, dr.dev_opt,
5f246e89SAndrei Emeltchenko				   HCI_INIT_TIMEOUT);
1da177e4SLinus Torvalds		break;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	case HCISETSCAN:
01178cd4SJohan Hedberg		err = hci_req_sync(hdev, hci_scan_req, dr.dev_opt,
5f246e89SAndrei Emeltchenko				   HCI_INIT_TIMEOUT);
91a668b0SJohan Hedberg
bc6d2d04SJohan Hedberg		/* Ensure that the connectable and discoverable states
bc6d2d04SJohan Hedberg		 * get correctly modified as this was a non-mgmt change.
91a668b0SJohan Hedberg		 */
123abc08SJohan Hedberg		if (!err)
123abc08SJohan Hedberg			hci_update_scan_state(hdev, dr.dev_opt);
1da177e4SLinus Torvalds		break;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	case HCISETLINKPOL:
01178cd4SJohan Hedberg		err = hci_req_sync(hdev, hci_linkpol_req, dr.dev_opt,
5f246e89SAndrei Emeltchenko				   HCI_INIT_TIMEOUT);
1da177e4SLinus Torvalds		break;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	case HCISETLINKMODE:
e4e8e37cSMarcel Holtmann		hdev->link_mode = ((__u16) dr.dev_opt) &
e4e8e37cSMarcel Holtmann					(HCI_LM_MASTER | HCI_LM_ACCEPT);
e4e8e37cSMarcel Holtmann		break;
e4e8e37cSMarcel Holtmann
e4e8e37cSMarcel Holtmann	case HCISETPTYPE:
e4e8e37cSMarcel Holtmann		hdev->pkt_type = (__u16) dr.dev_opt;
1da177e4SLinus Torvalds		break;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	case HCISETACLMTU:
1da177e4SLinus Torvalds		hdev->acl_mtu  = *((__u16 *) &dr.dev_opt + 1);
1da177e4SLinus Torvalds		hdev->acl_pkts = *((__u16 *) &dr.dev_opt + 0);
1da177e4SLinus Torvalds		break;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	case HCISETSCOMTU:
1da177e4SLinus Torvalds		hdev->sco_mtu  = *((__u16 *) &dr.dev_opt + 1);
1da177e4SLinus Torvalds		hdev->sco_pkts = *((__u16 *) &dr.dev_opt + 0);
1da177e4SLinus Torvalds		break;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	default:
1da177e4SLinus Torvalds		err = -EINVAL;
1da177e4SLinus Torvalds		break;
1da177e4SLinus Torvalds	}
e4e8e37cSMarcel Holtmann
0736cfa8SMarcel Holtmanndone:
1da177e4SLinus Torvalds	hci_dev_put(hdev);
1da177e4SLinus Torvalds	return err;
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
1da177e4SLinus Torvaldsint hci_get_dev_list(void __user *arg)
1da177e4SLinus Torvalds{
8035ded4SLuiz Augusto von Dentz	struct hci_dev *hdev;
1da177e4SLinus Torvalds	struct hci_dev_list_req *dl;
1da177e4SLinus Torvalds	struct hci_dev_req *dr;
1da177e4SLinus Torvalds	int n = 0, size, err;
1da177e4SLinus Torvalds	__u16 dev_num;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	if (get_user(dev_num, (__u16 __user *) arg))
1da177e4SLinus Torvalds		return -EFAULT;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	if (!dev_num || dev_num > (PAGE_SIZE * 2) / sizeof(*dr))
1da177e4SLinus Torvalds		return -EINVAL;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	size = sizeof(*dl) + dev_num * sizeof(*dr);
1da177e4SLinus Torvalds
70f23020SAndrei Emeltchenko	dl = kzalloc(size, GFP_KERNEL);
70f23020SAndrei Emeltchenko	if (!dl)
1da177e4SLinus Torvalds		return -ENOMEM;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	dr = dl->dev_req;
1da177e4SLinus Torvalds
f20d09d5SGustavo F. Padovan	read_lock(&hci_dev_list_lock);
8035ded4SLuiz Augusto von Dentz	list_for_each_entry(hdev, &hci_dev_list, list) {
2e84d8dbSMarcel Holtmann		unsigned long flags = hdev->flags;
c542a06cSJohan Hedberg
2e84d8dbSMarcel Holtmann		/* When the auto-off is configured it means the transport
2e84d8dbSMarcel Holtmann		 * is running, but in that case still indicate that the
2e84d8dbSMarcel Holtmann		 * device is actually down.
2e84d8dbSMarcel Holtmann		 */
d7a5a11dSMarcel Holtmann		if (hci_dev_test_flag(hdev, HCI_AUTO_OFF))
2e84d8dbSMarcel Holtmann			flags &= ~BIT(HCI_UP);
c542a06cSJohan Hedberg
1da177e4SLinus Torvalds		(dr + n)->dev_id  = hdev->id;
2e84d8dbSMarcel Holtmann		(dr + n)->dev_opt = flags;
c542a06cSJohan Hedberg
1da177e4SLinus Torvalds		if (++n >= dev_num)
1da177e4SLinus Torvalds			break;
1da177e4SLinus Torvalds	}
f20d09d5SGustavo F. Padovan	read_unlock(&hci_dev_list_lock);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	dl->dev_num = n;
1da177e4SLinus Torvalds	size = sizeof(*dl) + n * sizeof(*dr);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	err = copy_to_user(arg, dl, size);
1da177e4SLinus Torvalds	kfree(dl);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	return err ? -EFAULT : 0;
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
1da177e4SLinus Torvaldsint hci_get_dev_info(void __user *arg)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	struct hci_dev *hdev;
1da177e4SLinus Torvalds	struct hci_dev_info di;
2e84d8dbSMarcel Holtmann	unsigned long flags;
1da177e4SLinus Torvalds	int err = 0;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	if (copy_from_user(&di, arg, sizeof(di)))
1da177e4SLinus Torvalds		return -EFAULT;
1da177e4SLinus Torvalds
70f23020SAndrei Emeltchenko	hdev = hci_dev_get(di.dev_id);
70f23020SAndrei Emeltchenko	if (!hdev)
1da177e4SLinus Torvalds		return -ENODEV;
1da177e4SLinus Torvalds
2e84d8dbSMarcel Holtmann	/* When the auto-off is configured it means the transport
2e84d8dbSMarcel Holtmann	 * is running, but in that case still indicate that the
2e84d8dbSMarcel Holtmann	 * device is actually down.
2e84d8dbSMarcel Holtmann	 */
d7a5a11dSMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_AUTO_OFF))
2e84d8dbSMarcel Holtmann		flags = hdev->flags & ~BIT(HCI_UP);
2e84d8dbSMarcel Holtmann	else
2e84d8dbSMarcel Holtmann		flags = hdev->flags;
c542a06cSJohan Hedberg
1da177e4SLinus Torvalds	strcpy(di.name, hdev->name);
1da177e4SLinus Torvalds	di.bdaddr   = hdev->bdaddr;
60f2a3edSMarcel Holtmann	di.type     = (hdev->bus & 0x0f) | ((hdev->dev_type & 0x03) << 4);
2e84d8dbSMarcel Holtmann	di.flags    = flags;
1da177e4SLinus Torvalds	di.pkt_type = hdev->pkt_type;
572c7f84SJohan Hedberg	if (lmp_bredr_capable(hdev)) {
1da177e4SLinus Torvalds		di.acl_mtu  = hdev->acl_mtu;
1da177e4SLinus Torvalds		di.acl_pkts = hdev->acl_pkts;
1da177e4SLinus Torvalds		di.sco_mtu  = hdev->sco_mtu;
1da177e4SLinus Torvalds		di.sco_pkts = hdev->sco_pkts;
572c7f84SJohan Hedberg	} else {
572c7f84SJohan Hedberg		di.acl_mtu  = hdev->le_mtu;
572c7f84SJohan Hedberg		di.acl_pkts = hdev->le_pkts;
572c7f84SJohan Hedberg		di.sco_mtu  = 0;
572c7f84SJohan Hedberg		di.sco_pkts = 0;
572c7f84SJohan Hedberg	}
1da177e4SLinus Torvalds	di.link_policy = hdev->link_policy;
1da177e4SLinus Torvalds	di.link_mode   = hdev->link_mode;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	memcpy(&di.stat, &hdev->stat, sizeof(di.stat));
1da177e4SLinus Torvalds	memcpy(&di.features, &hdev->features, sizeof(di.features));
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	if (copy_to_user(arg, &di, sizeof(di)))
1da177e4SLinus Torvalds		err = -EFAULT;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	hci_dev_put(hdev);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	return err;
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds/* ---- Interface to HCI drivers ---- */
1da177e4SLinus Torvalds
611b30f7SMarcel Holtmannstatic int hci_rfkill_set_block(void *data, bool blocked)
611b30f7SMarcel Holtmann{
611b30f7SMarcel Holtmann	struct hci_dev *hdev = data;
611b30f7SMarcel Holtmann
611b30f7SMarcel Holtmann	BT_DBG("%p name %s blocked %d", hdev, hdev->name, blocked);
611b30f7SMarcel Holtmann
d7a5a11dSMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_USER_CHANNEL))
0736cfa8SMarcel Holtmann		return -EBUSY;
0736cfa8SMarcel Holtmann
5e130367SJohan Hedberg	if (blocked) {
a1536da2SMarcel Holtmann		hci_dev_set_flag(hdev, HCI_RFKILLED);
d7a5a11dSMarcel Holtmann		if (!hci_dev_test_flag(hdev, HCI_SETUP) &&
d7a5a11dSMarcel Holtmann		    !hci_dev_test_flag(hdev, HCI_CONFIG))
611b30f7SMarcel Holtmann			hci_dev_do_close(hdev);
5e130367SJohan Hedberg	} else {
a358dc11SMarcel Holtmann		hci_dev_clear_flag(hdev, HCI_RFKILLED);
5e130367SJohan Hedberg	}
611b30f7SMarcel Holtmann
611b30f7SMarcel Holtmann	return 0;
611b30f7SMarcel Holtmann}
611b30f7SMarcel Holtmann
611b30f7SMarcel Holtmannstatic const struct rfkill_ops hci_rfkill_ops = {
611b30f7SMarcel Holtmann	.set_block = hci_rfkill_set_block,
611b30f7SMarcel Holtmann};
611b30f7SMarcel Holtmann
ab81cbf9SJohan Hedbergstatic void hci_power_on(struct work_struct *work)
ab81cbf9SJohan Hedberg{
ab81cbf9SJohan Hedberg	struct hci_dev *hdev = container_of(work, struct hci_dev, power_on);
96570ffcSJohan Hedberg	int err;
ab81cbf9SJohan Hedberg
ab81cbf9SJohan Hedberg	BT_DBG("%s", hdev->name);
ab81cbf9SJohan Hedberg
cbed0ca1SJohan Hedberg	err = hci_dev_do_open(hdev);
96570ffcSJohan Hedberg	if (err < 0) {
3ad67582SJaganath Kanakkassery		hci_dev_lock(hdev);
96570ffcSJohan Hedberg		mgmt_set_powered_failed(hdev, err);
3ad67582SJaganath Kanakkassery		hci_dev_unlock(hdev);
ab81cbf9SJohan Hedberg		return;
96570ffcSJohan Hedberg	}
ab81cbf9SJohan Hedberg
a5c8f270SMarcel Holtmann	/* During the HCI setup phase, a few error conditions are
a5c8f270SMarcel Holtmann	 * ignored and they need to be checked now. If they are still
a5c8f270SMarcel Holtmann	 * valid, it is important to turn the device back off.
a5c8f270SMarcel Holtmann	 */
d7a5a11dSMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_RFKILLED) ||
d7a5a11dSMarcel Holtmann	    hci_dev_test_flag(hdev, HCI_UNCONFIGURED) ||
a5c8f270SMarcel Holtmann	    (hdev->dev_type == HCI_BREDR &&
a5c8f270SMarcel Holtmann	     !bacmp(&hdev->bdaddr, BDADDR_ANY) &&
a5c8f270SMarcel Holtmann	     !bacmp(&hdev->static_addr, BDADDR_ANY))) {
a358dc11SMarcel Holtmann		hci_dev_clear_flag(hdev, HCI_AUTO_OFF);
bf543036SJohan Hedberg		hci_dev_do_close(hdev);
d7a5a11dSMarcel Holtmann	} else if (hci_dev_test_flag(hdev, HCI_AUTO_OFF)) {
19202573SJohan Hedberg		queue_delayed_work(hdev->req_workqueue, &hdev->power_off,
19202573SJohan Hedberg				   HCI_AUTO_OFF_TIMEOUT);
bf543036SJohan Hedberg	}
ab81cbf9SJohan Hedberg
a69d8927SMarcel Holtmann	if (hci_dev_test_and_clear_flag(hdev, HCI_SETUP)) {
4a964404SMarcel Holtmann		/* For unconfigured devices, set the HCI_RAW flag
4a964404SMarcel Holtmann		 * so that userspace can easily identify them.
4a964404SMarcel Holtmann		 */
d7a5a11dSMarcel Holtmann		if (hci_dev_test_flag(hdev, HCI_UNCONFIGURED))
4a964404SMarcel Holtmann			set_bit(HCI_RAW, &hdev->flags);
0602a8adSMarcel Holtmann
0602a8adSMarcel Holtmann		/* For fully configured devices, this will send
0602a8adSMarcel Holtmann		 * the Index Added event. For unconfigured devices,
0602a8adSMarcel Holtmann		 * it will send Unconfigued Index Added event.
0602a8adSMarcel Holtmann		 *
0602a8adSMarcel Holtmann		 * Devices with HCI_QUIRK_RAW_DEVICE are ignored
0602a8adSMarcel Holtmann		 * and no event will be send.
0602a8adSMarcel Holtmann		 */
744cf19eSJohan Hedberg		mgmt_index_added(hdev);
a69d8927SMarcel Holtmann	} else if (hci_dev_test_and_clear_flag(hdev, HCI_CONFIG)) {
5ea234d3SMarcel Holtmann		/* When the controller is now configured, then it
5ea234d3SMarcel Holtmann		 * is important to clear the HCI_RAW flag.
5ea234d3SMarcel Holtmann		 */
d7a5a11dSMarcel Holtmann		if (!hci_dev_test_flag(hdev, HCI_UNCONFIGURED))
5ea234d3SMarcel Holtmann			clear_bit(HCI_RAW, &hdev->flags);
5ea234d3SMarcel Holtmann
d603b76bSMarcel Holtmann		/* Powering on the controller with HCI_CONFIG set only
d603b76bSMarcel Holtmann		 * happens with the transition from unconfigured to
d603b76bSMarcel Holtmann		 * configured. This will send the Index Added event.
d603b76bSMarcel Holtmann		 */
d603b76bSMarcel Holtmann		mgmt_index_added(hdev);
ab81cbf9SJohan Hedberg	}
ab81cbf9SJohan Hedberg}
ab81cbf9SJohan Hedberg
ab81cbf9SJohan Hedbergstatic void hci_power_off(struct work_struct *work)
ab81cbf9SJohan Hedberg{
3243553fSJohan Hedberg	struct hci_dev *hdev = container_of(work, struct hci_dev,
3243553fSJohan Hedberg					    power_off.work);
ab81cbf9SJohan Hedberg
ab81cbf9SJohan Hedberg	BT_DBG("%s", hdev->name);
ab81cbf9SJohan Hedberg
8ee56540SMarcel Holtmann	hci_dev_do_close(hdev);
ab81cbf9SJohan Hedberg}
ab81cbf9SJohan Hedberg
c7741d16SMarcel Holtmannstatic void hci_error_reset(struct work_struct *work)
c7741d16SMarcel Holtmann{
c7741d16SMarcel Holtmann	struct hci_dev *hdev = container_of(work, struct hci_dev, error_reset);
c7741d16SMarcel Holtmann
c7741d16SMarcel Holtmann	BT_DBG("%s", hdev->name);
c7741d16SMarcel Holtmann
c7741d16SMarcel Holtmann	if (hdev->hw_error)
c7741d16SMarcel Holtmann		hdev->hw_error(hdev, hdev->hw_error_code);
c7741d16SMarcel Holtmann	else
c7741d16SMarcel Holtmann		BT_ERR("%s hardware error 0x%2.2x", hdev->name,
c7741d16SMarcel Holtmann		       hdev->hw_error_code);
c7741d16SMarcel Holtmann
c7741d16SMarcel Holtmann	if (hci_dev_do_close(hdev))
c7741d16SMarcel Holtmann		return;
c7741d16SMarcel Holtmann
c7741d16SMarcel Holtmann	hci_dev_do_open(hdev);
c7741d16SMarcel Holtmann}
c7741d16SMarcel Holtmann
16ab91abSJohan Hedbergstatic void hci_discov_off(struct work_struct *work)
16ab91abSJohan Hedberg{
16ab91abSJohan Hedberg	struct hci_dev *hdev;
16ab91abSJohan Hedberg
16ab91abSJohan Hedberg	hdev = container_of(work, struct hci_dev, discov_off.work);
16ab91abSJohan Hedberg
16ab91abSJohan Hedberg	BT_DBG("%s", hdev->name);
16ab91abSJohan Hedberg
d1967ff8SMarcel Holtmann	mgmt_discoverable_timeout(hdev);
16ab91abSJohan Hedberg}
16ab91abSJohan Hedberg
5d900e46SFlorian Grandelstatic void hci_adv_timeout_expire(struct work_struct *work)
5d900e46SFlorian Grandel{
5d900e46SFlorian Grandel	struct hci_dev *hdev;
5d900e46SFlorian Grandel
5d900e46SFlorian Grandel	hdev = container_of(work, struct hci_dev, adv_instance_expire.work);
5d900e46SFlorian Grandel
5d900e46SFlorian Grandel	BT_DBG("%s", hdev->name);
5d900e46SFlorian Grandel
5d900e46SFlorian Grandel	mgmt_adv_timeout_expired(hdev);
5d900e46SFlorian Grandel}
5d900e46SFlorian Grandel
35f7498aSJohan Hedbergvoid hci_uuids_clear(struct hci_dev *hdev)
2aeb9a1aSJohan Hedberg{
4821002cSJohan Hedberg	struct bt_uuid *uuid, *tmp;
2aeb9a1aSJohan Hedberg
4821002cSJohan Hedberg	list_for_each_entry_safe(uuid, tmp, &hdev->uuids, list) {
4821002cSJohan Hedberg		list_del(&uuid->list);
2aeb9a1aSJohan Hedberg		kfree(uuid);
2aeb9a1aSJohan Hedberg	}
2aeb9a1aSJohan Hedberg}
2aeb9a1aSJohan Hedberg
35f7498aSJohan Hedbergvoid hci_link_keys_clear(struct hci_dev *hdev)
55ed8ca1SJohan Hedberg{
55ed8ca1SJohan Hedberg	struct link_key *key;
55ed8ca1SJohan Hedberg
0378b597SJohan Hedberg	list_for_each_entry_rcu(key, &hdev->link_keys, list) {
0378b597SJohan Hedberg		list_del_rcu(&key->list);
0378b597SJohan Hedberg		kfree_rcu(key, rcu);
55ed8ca1SJohan Hedberg	}
55ed8ca1SJohan Hedberg}
55ed8ca1SJohan Hedberg
35f7498aSJohan Hedbergvoid hci_smp_ltks_clear(struct hci_dev *hdev)
b899efafSVinicius Costa Gomes{
970d0f1bSJohan Hedberg	struct smp_ltk *k;
b899efafSVinicius Costa Gomes
970d0f1bSJohan Hedberg	list_for_each_entry_rcu(k, &hdev->long_term_keys, list) {
970d0f1bSJohan Hedberg		list_del_rcu(&k->list);
970d0f1bSJohan Hedberg		kfree_rcu(k, rcu);
b899efafSVinicius Costa Gomes	}
b899efafSVinicius Costa Gomes}
b899efafSVinicius Costa Gomes
970c4e46SJohan Hedbergvoid hci_smp_irks_clear(struct hci_dev *hdev)
970c4e46SJohan Hedberg{
adae20cbSJohan Hedberg	struct smp_irk *k;
970c4e46SJohan Hedberg
adae20cbSJohan Hedberg	list_for_each_entry_rcu(k, &hdev->identity_resolving_keys, list) {
adae20cbSJohan Hedberg		list_del_rcu(&k->list);
adae20cbSJohan Hedberg		kfree_rcu(k, rcu);
970c4e46SJohan Hedberg	}
970c4e46SJohan Hedberg}
970c4e46SJohan Hedberg
55ed8ca1SJohan Hedbergstruct link_key *hci_find_link_key(struct hci_dev *hdev, bdaddr_t *bdaddr)
55ed8ca1SJohan Hedberg{
55ed8ca1SJohan Hedberg	struct link_key *k;
55ed8ca1SJohan Hedberg
0378b597SJohan Hedberg	rcu_read_lock();
0378b597SJohan Hedberg	list_for_each_entry_rcu(k, &hdev->link_keys, list) {
0378b597SJohan Hedberg		if (bacmp(bdaddr, &k->bdaddr) == 0) {
0378b597SJohan Hedberg			rcu_read_unlock();
55ed8ca1SJohan Hedberg			return k;
0378b597SJohan Hedberg		}
0378b597SJohan Hedberg	}
0378b597SJohan Hedberg	rcu_read_unlock();
55ed8ca1SJohan Hedberg
55ed8ca1SJohan Hedberg	return NULL;
55ed8ca1SJohan Hedberg}
55ed8ca1SJohan Hedberg
745c0ce3SVishal Agarwalstatic bool hci_persistent_key(struct hci_dev *hdev, struct hci_conn *conn,
d25e28abSJohan Hedberg			       u8 key_type, u8 old_key_type)
d25e28abSJohan Hedberg{
d25e28abSJohan Hedberg	/* Legacy key */
d25e28abSJohan Hedberg	if (key_type < 0x03)
745c0ce3SVishal Agarwal		return true;
d25e28abSJohan Hedberg
d25e28abSJohan Hedberg	/* Debug keys are insecure so don't store them persistently */
d25e28abSJohan Hedberg	if (key_type == HCI_LK_DEBUG_COMBINATION)
745c0ce3SVishal Agarwal		return false;
d25e28abSJohan Hedberg
d25e28abSJohan Hedberg	/* Changed combination key and there's no previous one */
d25e28abSJohan Hedberg	if (key_type == HCI_LK_CHANGED_COMBINATION && old_key_type == 0xff)
745c0ce3SVishal Agarwal		return false;
d25e28abSJohan Hedberg
d25e28abSJohan Hedberg	/* Security mode 3 case */
d25e28abSJohan Hedberg	if (!conn)
745c0ce3SVishal Agarwal		return true;
d25e28abSJohan Hedberg
e3befab9SJohan Hedberg	/* BR/EDR key derived using SC from an LE link */
e3befab9SJohan Hedberg	if (conn->type == LE_LINK)
e3befab9SJohan Hedberg		return true;
e3befab9SJohan Hedberg
d25e28abSJohan Hedberg	/* Neither local nor remote side had no-bonding as requirement */
d25e28abSJohan Hedberg	if (conn->auth_type > 0x01 && conn->remote_auth > 0x01)
745c0ce3SVishal Agarwal		return true;
d25e28abSJohan Hedberg
d25e28abSJohan Hedberg	/* Local side had dedicated bonding as requirement */
d25e28abSJohan Hedberg	if (conn->auth_type == 0x02 || conn->auth_type == 0x03)
745c0ce3SVishal Agarwal		return true;
d25e28abSJohan Hedberg
d25e28abSJohan Hedberg	/* Remote side had dedicated bonding as requirement */
d25e28abSJohan Hedberg	if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03)
745c0ce3SVishal Agarwal		return true;
d25e28abSJohan Hedberg
d25e28abSJohan Hedberg	/* If none of the above criteria match, then don't store the key
d25e28abSJohan Hedberg	 * persistently */
745c0ce3SVishal Agarwal	return false;
d25e28abSJohan Hedberg}
d25e28abSJohan Hedberg
e804d25dSJohan Hedbergstatic u8 ltk_role(u8 type)
98a0b845SJohan Hedberg{
e804d25dSJohan Hedberg	if (type == SMP_LTK)
e804d25dSJohan Hedberg		return HCI_ROLE_MASTER;
98a0b845SJohan Hedberg
e804d25dSJohan Hedberg	return HCI_ROLE_SLAVE;
98a0b845SJohan Hedberg}
98a0b845SJohan Hedberg
f3a73d97SJohan Hedbergstruct smp_ltk *hci_find_ltk(struct hci_dev *hdev, bdaddr_t *bdaddr,
e804d25dSJohan Hedberg			     u8 addr_type, u8 role)
75d262c2SVinicius Costa Gomes{
c9839a11SVinicius Costa Gomes	struct smp_ltk *k;
75d262c2SVinicius Costa Gomes
970d0f1bSJohan Hedberg	rcu_read_lock();
970d0f1bSJohan Hedberg	list_for_each_entry_rcu(k, &hdev->long_term_keys, list) {
5378bc56SJohan Hedberg		if (addr_type != k->bdaddr_type || bacmp(bdaddr, &k->bdaddr))
5378bc56SJohan Hedberg			continue;
5378bc56SJohan Hedberg
923e2414SJohan Hedberg		if (smp_ltk_is_sc(k) || ltk_role(k->type) == role) {
970d0f1bSJohan Hedberg			rcu_read_unlock();
75d262c2SVinicius Costa Gomes			return k;
970d0f1bSJohan Hedberg		}
970d0f1bSJohan Hedberg	}
970d0f1bSJohan Hedberg	rcu_read_unlock();
75d262c2SVinicius Costa Gomes
75d262c2SVinicius Costa Gomes	return NULL;
75d262c2SVinicius Costa Gomes}
75d262c2SVinicius Costa Gomes
970c4e46SJohan Hedbergstruct smp_irk *hci_find_irk_by_rpa(struct hci_dev *hdev, bdaddr_t *rpa)
970c4e46SJohan Hedberg{
970c4e46SJohan Hedberg	struct smp_irk *irk;
970c4e46SJohan Hedberg
adae20cbSJohan Hedberg	rcu_read_lock();
adae20cbSJohan Hedberg	list_for_each_entry_rcu(irk, &hdev->identity_resolving_keys, list) {
adae20cbSJohan Hedberg		if (!bacmp(&irk->rpa, rpa)) {
adae20cbSJohan Hedberg			rcu_read_unlock();
970c4e46SJohan Hedberg			return irk;
970c4e46SJohan Hedberg		}
adae20cbSJohan Hedberg	}
970c4e46SJohan Hedberg
adae20cbSJohan Hedberg	list_for_each_entry_rcu(irk, &hdev->identity_resolving_keys, list) {
defce9e8SJohan Hedberg		if (smp_irk_matches(hdev, irk->val, rpa)) {
970c4e46SJohan Hedberg			bacpy(&irk->rpa, rpa);
adae20cbSJohan Hedberg			rcu_read_unlock();
970c4e46SJohan Hedberg			return irk;
970c4e46SJohan Hedberg		}
970c4e46SJohan Hedberg	}
adae20cbSJohan Hedberg	rcu_read_unlock();
970c4e46SJohan Hedberg
970c4e46SJohan Hedberg	return NULL;
970c4e46SJohan Hedberg}
970c4e46SJohan Hedberg
970c4e46SJohan Hedbergstruct smp_irk *hci_find_irk_by_addr(struct hci_dev *hdev, bdaddr_t *bdaddr,
970c4e46SJohan Hedberg				     u8 addr_type)
970c4e46SJohan Hedberg{
970c4e46SJohan Hedberg	struct smp_irk *irk;
970c4e46SJohan Hedberg
6cfc9988SJohan Hedberg	/* Identity Address must be public or static random */
6cfc9988SJohan Hedberg	if (addr_type == ADDR_LE_DEV_RANDOM && (bdaddr->b[5] & 0xc0) != 0xc0)
6cfc9988SJohan Hedberg		return NULL;
6cfc9988SJohan Hedberg
adae20cbSJohan Hedberg	rcu_read_lock();
adae20cbSJohan Hedberg	list_for_each_entry_rcu(irk, &hdev->identity_resolving_keys, list) {
970c4e46SJohan Hedberg		if (addr_type == irk->addr_type &&
adae20cbSJohan Hedberg		    bacmp(bdaddr, &irk->bdaddr) == 0) {
adae20cbSJohan Hedberg			rcu_read_unlock();
970c4e46SJohan Hedberg			return irk;
970c4e46SJohan Hedberg		}
adae20cbSJohan Hedberg	}
adae20cbSJohan Hedberg	rcu_read_unlock();
970c4e46SJohan Hedberg
970c4e46SJohan Hedberg	return NULL;
970c4e46SJohan Hedberg}
970c4e46SJohan Hedberg
567fa2aaSJohan Hedbergstruct link_key *hci_add_link_key(struct hci_dev *hdev, struct hci_conn *conn,
7652ff6aSJohan Hedberg				  bdaddr_t *bdaddr, u8 *val, u8 type,
7652ff6aSJohan Hedberg				  u8 pin_len, bool *persistent)
55ed8ca1SJohan Hedberg{
55ed8ca1SJohan Hedberg	struct link_key *key, *old_key;
745c0ce3SVishal Agarwal	u8 old_key_type;
55ed8ca1SJohan Hedberg
55ed8ca1SJohan Hedberg	old_key = hci_find_link_key(hdev, bdaddr);
55ed8ca1SJohan Hedberg	if (old_key) {
55ed8ca1SJohan Hedberg		old_key_type = old_key->type;
55ed8ca1SJohan Hedberg		key = old_key;
55ed8ca1SJohan Hedberg	} else {
12adcf3aSJohan Hedberg		old_key_type = conn ? conn->key_type : 0xff;
0a14ab41SJohan Hedberg		key = kzalloc(sizeof(*key), GFP_KERNEL);
55ed8ca1SJohan Hedberg		if (!key)
567fa2aaSJohan Hedberg			return NULL;
0378b597SJohan Hedberg		list_add_rcu(&key->list, &hdev->link_keys);
55ed8ca1SJohan Hedberg	}
55ed8ca1SJohan Hedberg
6ed93dc6SAndrei Emeltchenko	BT_DBG("%s key for %pMR type %u", hdev->name, bdaddr, type);
55ed8ca1SJohan Hedberg
d25e28abSJohan Hedberg	/* Some buggy controller combinations generate a changed
d25e28abSJohan Hedberg	 * combination key for legacy pairing even when there's no
d25e28abSJohan Hedberg	 * previous key */
d25e28abSJohan Hedberg	if (type == HCI_LK_CHANGED_COMBINATION &&
a8c5fb1aSGustavo Padovan	    (!conn || conn->remote_auth == 0xff) && old_key_type == 0xff) {
d25e28abSJohan Hedberg		type = HCI_LK_COMBINATION;
655fe6ecSJohan Hedberg		if (conn)
655fe6ecSJohan Hedberg			conn->key_type = type;
655fe6ecSJohan Hedberg	}
d25e28abSJohan Hedberg
55ed8ca1SJohan Hedberg	bacpy(&key->bdaddr, bdaddr);
9b3b4460SAndrei Emeltchenko	memcpy(key->val, val, HCI_LINK_KEY_SIZE);
55ed8ca1SJohan Hedberg	key->pin_len = pin_len;
55ed8ca1SJohan Hedberg
b6020ba0SWaldemar Rymarkiewicz	if (type == HCI_LK_CHANGED_COMBINATION)
55ed8ca1SJohan Hedberg		key->type = old_key_type;
4748fed2SJohan Hedberg	else
4748fed2SJohan Hedberg		key->type = type;
4748fed2SJohan Hedberg
7652ff6aSJohan Hedberg	if (persistent)
7652ff6aSJohan Hedberg		*persistent = hci_persistent_key(hdev, conn, type,
7652ff6aSJohan Hedberg						 old_key_type);
4df378a1SJohan Hedberg
567fa2aaSJohan Hedberg	return key;
55ed8ca1SJohan Hedberg}
55ed8ca1SJohan Hedberg
ca9142b8SJohan Hedbergstruct smp_ltk *hci_add_ltk(struct hci_dev *hdev, bdaddr_t *bdaddr,
35d70271SJohan Hedberg			    u8 addr_type, u8 type, u8 authenticated,
fe39c7b2SMarcel Holtmann			    u8 tk[16], u8 enc_size, __le16 ediv, __le64 rand)
75d262c2SVinicius Costa Gomes{
c9839a11SVinicius Costa Gomes	struct smp_ltk *key, *old_key;
e804d25dSJohan Hedberg	u8 role = ltk_role(type);
75d262c2SVinicius Costa Gomes
f3a73d97SJohan Hedberg	old_key = hci_find_ltk(hdev, bdaddr, addr_type, role);
c9839a11SVinicius Costa Gomes	if (old_key)
75d262c2SVinicius Costa Gomes		key = old_key;
c9839a11SVinicius Costa Gomes	else {
0a14ab41SJohan Hedberg		key = kzalloc(sizeof(*key), GFP_KERNEL);
75d262c2SVinicius Costa Gomes		if (!key)
ca9142b8SJohan Hedberg			return NULL;
970d0f1bSJohan Hedberg		list_add_rcu(&key->list, &hdev->long_term_keys);
75d262c2SVinicius Costa Gomes	}
75d262c2SVinicius Costa Gomes
75d262c2SVinicius Costa Gomes	bacpy(&key->bdaddr, bdaddr);
c9839a11SVinicius Costa Gomes	key->bdaddr_type = addr_type;
c9839a11SVinicius Costa Gomes	memcpy(key->val, tk, sizeof(key->val));
c9839a11SVinicius Costa Gomes	key->authenticated = authenticated;
c9839a11SVinicius Costa Gomes	key->ediv = ediv;
fe39c7b2SMarcel Holtmann	key->rand = rand;
c9839a11SVinicius Costa Gomes	key->enc_size = enc_size;
c9839a11SVinicius Costa Gomes	key->type = type;
75d262c2SVinicius Costa Gomes
ca9142b8SJohan Hedberg	return key;
75d262c2SVinicius Costa Gomes}
75d262c2SVinicius Costa Gomes
ca9142b8SJohan Hedbergstruct smp_irk *hci_add_irk(struct hci_dev *hdev, bdaddr_t *bdaddr,
ca9142b8SJohan Hedberg			    u8 addr_type, u8 val[16], bdaddr_t *rpa)
970c4e46SJohan Hedberg{
970c4e46SJohan Hedberg	struct smp_irk *irk;
970c4e46SJohan Hedberg
970c4e46SJohan Hedberg	irk = hci_find_irk_by_addr(hdev, bdaddr, addr_type);
970c4e46SJohan Hedberg	if (!irk) {
970c4e46SJohan Hedberg		irk = kzalloc(sizeof(*irk), GFP_KERNEL);
970c4e46SJohan Hedberg		if (!irk)
ca9142b8SJohan Hedberg			return NULL;
970c4e46SJohan Hedberg
970c4e46SJohan Hedberg		bacpy(&irk->bdaddr, bdaddr);
970c4e46SJohan Hedberg		irk->addr_type = addr_type;
970c4e46SJohan Hedberg
adae20cbSJohan Hedberg		list_add_rcu(&irk->list, &hdev->identity_resolving_keys);
970c4e46SJohan Hedberg	}
970c4e46SJohan Hedberg
970c4e46SJohan Hedberg	memcpy(irk->val, val, 16);
970c4e46SJohan Hedberg	bacpy(&irk->rpa, rpa);
970c4e46SJohan Hedberg
ca9142b8SJohan Hedberg	return irk;
970c4e46SJohan Hedberg}
970c4e46SJohan Hedberg
55ed8ca1SJohan Hedbergint hci_remove_link_key(struct hci_dev *hdev, bdaddr_t *bdaddr)
55ed8ca1SJohan Hedberg{
55ed8ca1SJohan Hedberg	struct link_key *key;
55ed8ca1SJohan Hedberg
55ed8ca1SJohan Hedberg	key = hci_find_link_key(hdev, bdaddr);
55ed8ca1SJohan Hedberg	if (!key)
55ed8ca1SJohan Hedberg		return -ENOENT;
55ed8ca1SJohan Hedberg
6ed93dc6SAndrei Emeltchenko	BT_DBG("%s removing %pMR", hdev->name, bdaddr);
55ed8ca1SJohan Hedberg
0378b597SJohan Hedberg	list_del_rcu(&key->list);
0378b597SJohan Hedberg	kfree_rcu(key, rcu);
55ed8ca1SJohan Hedberg
55ed8ca1SJohan Hedberg	return 0;
55ed8ca1SJohan Hedberg}
55ed8ca1SJohan Hedberg
e0b2b27eSJohan Hedbergint hci_remove_ltk(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 bdaddr_type)
b899efafSVinicius Costa Gomes{
970d0f1bSJohan Hedberg	struct smp_ltk *k;
c51ffa0bSJohan Hedberg	int removed = 0;
b899efafSVinicius Costa Gomes
970d0f1bSJohan Hedberg	list_for_each_entry_rcu(k, &hdev->long_term_keys, list) {
e0b2b27eSJohan Hedberg		if (bacmp(bdaddr, &k->bdaddr) || k->bdaddr_type != bdaddr_type)
b899efafSVinicius Costa Gomes			continue;
b899efafSVinicius Costa Gomes
6ed93dc6SAndrei Emeltchenko		BT_DBG("%s removing %pMR", hdev->name, bdaddr);
b899efafSVinicius Costa Gomes
970d0f1bSJohan Hedberg		list_del_rcu(&k->list);
970d0f1bSJohan Hedberg		kfree_rcu(k, rcu);
c51ffa0bSJohan Hedberg		removed++;
b899efafSVinicius Costa Gomes	}
b899efafSVinicius Costa Gomes
c51ffa0bSJohan Hedberg	return removed ? 0 : -ENOENT;
b899efafSVinicius Costa Gomes}
b899efafSVinicius Costa Gomes
a7ec7338SJohan Hedbergvoid hci_remove_irk(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 addr_type)
a7ec7338SJohan Hedberg{
adae20cbSJohan Hedberg	struct smp_irk *k;
a7ec7338SJohan Hedberg
adae20cbSJohan Hedberg	list_for_each_entry_rcu(k, &hdev->identity_resolving_keys, list) {
a7ec7338SJohan Hedberg		if (bacmp(bdaddr, &k->bdaddr) || k->addr_type != addr_type)
a7ec7338SJohan Hedberg			continue;
a7ec7338SJohan Hedberg
a7ec7338SJohan Hedberg		BT_DBG("%s removing %pMR", hdev->name, bdaddr);
a7ec7338SJohan Hedberg
adae20cbSJohan Hedberg		list_del_rcu(&k->list);
adae20cbSJohan Hedberg		kfree_rcu(k, rcu);
a7ec7338SJohan Hedberg	}
a7ec7338SJohan Hedberg}
a7ec7338SJohan Hedberg
55e76b38SJohan Hedbergbool hci_bdaddr_is_paired(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
55e76b38SJohan Hedberg{
55e76b38SJohan Hedberg	struct smp_ltk *k;
4ba9faf3SJohan Hedberg	struct smp_irk *irk;
55e76b38SJohan Hedberg	u8 addr_type;
55e76b38SJohan Hedberg
55e76b38SJohan Hedberg	if (type == BDADDR_BREDR) {
55e76b38SJohan Hedberg		if (hci_find_link_key(hdev, bdaddr))
55e76b38SJohan Hedberg			return true;
55e76b38SJohan Hedberg		return false;
55e76b38SJohan Hedberg	}
55e76b38SJohan Hedberg
55e76b38SJohan Hedberg	/* Convert to HCI addr type which struct smp_ltk uses */
55e76b38SJohan Hedberg	if (type == BDADDR_LE_PUBLIC)
55e76b38SJohan Hedberg		addr_type = ADDR_LE_DEV_PUBLIC;
55e76b38SJohan Hedberg	else
55e76b38SJohan Hedberg		addr_type = ADDR_LE_DEV_RANDOM;
55e76b38SJohan Hedberg
4ba9faf3SJohan Hedberg	irk = hci_get_irk(hdev, bdaddr, addr_type);
4ba9faf3SJohan Hedberg	if (irk) {
4ba9faf3SJohan Hedberg		bdaddr = &irk->bdaddr;
4ba9faf3SJohan Hedberg		addr_type = irk->addr_type;
4ba9faf3SJohan Hedberg	}
4ba9faf3SJohan Hedberg
55e76b38SJohan Hedberg	rcu_read_lock();
55e76b38SJohan Hedberg	list_for_each_entry_rcu(k, &hdev->long_term_keys, list) {
87c8b28dSJohan Hedberg		if (k->bdaddr_type == addr_type && !bacmp(bdaddr, &k->bdaddr)) {
87c8b28dSJohan Hedberg			rcu_read_unlock();
55e76b38SJohan Hedberg			return true;
55e76b38SJohan Hedberg		}
87c8b28dSJohan Hedberg	}
55e76b38SJohan Hedberg	rcu_read_unlock();
55e76b38SJohan Hedberg
55e76b38SJohan Hedberg	return false;
55e76b38SJohan Hedberg}
55e76b38SJohan Hedberg
6bd32326SVille Tervo/* HCI command timer function */
65cc2b49SMarcel Holtmannstatic void hci_cmd_timeout(struct work_struct *work)
6bd32326SVille Tervo{
65cc2b49SMarcel Holtmann	struct hci_dev *hdev = container_of(work, struct hci_dev,
65cc2b49SMarcel Holtmann					    cmd_timer.work);
6bd32326SVille Tervo
bda4f23aSAndrei Emeltchenko	if (hdev->sent_cmd) {
bda4f23aSAndrei Emeltchenko		struct hci_command_hdr *sent = (void *) hdev->sent_cmd->data;
bda4f23aSAndrei Emeltchenko		u16 opcode = __le16_to_cpu(sent->opcode);
bda4f23aSAndrei Emeltchenko
bda4f23aSAndrei Emeltchenko		BT_ERR("%s command 0x%4.4x tx timeout", hdev->name, opcode);
bda4f23aSAndrei Emeltchenko	} else {
6bd32326SVille Tervo		BT_ERR("%s command tx timeout", hdev->name);
bda4f23aSAndrei Emeltchenko	}
bda4f23aSAndrei Emeltchenko
6bd32326SVille Tervo	atomic_set(&hdev->cmd_cnt, 1);
c347b765SGustavo F. Padovan	queue_work(hdev->workqueue, &hdev->cmd_work);
6bd32326SVille Tervo}
6bd32326SVille Tervo
2763eda6SSzymon Jancstruct oob_data *hci_find_remote_oob_data(struct hci_dev *hdev,
6928a924SJohan Hedberg					  bdaddr_t *bdaddr, u8 bdaddr_type)
2763eda6SSzymon Janc{
2763eda6SSzymon Janc	struct oob_data *data;
2763eda6SSzymon Janc
6928a924SJohan Hedberg	list_for_each_entry(data, &hdev->remote_oob_data, list) {
6928a924SJohan Hedberg		if (bacmp(bdaddr, &data->bdaddr) != 0)
6928a924SJohan Hedberg			continue;
6928a924SJohan Hedberg		if (data->bdaddr_type != bdaddr_type)
6928a924SJohan Hedberg			continue;
2763eda6SSzymon Janc		return data;
6928a924SJohan Hedberg	}
2763eda6SSzymon Janc
2763eda6SSzymon Janc	return NULL;
2763eda6SSzymon Janc}
2763eda6SSzymon Janc
6928a924SJohan Hedbergint hci_remove_remote_oob_data(struct hci_dev *hdev, bdaddr_t *bdaddr,
6928a924SJohan Hedberg			       u8 bdaddr_type)
2763eda6SSzymon Janc{
2763eda6SSzymon Janc	struct oob_data *data;
2763eda6SSzymon Janc
6928a924SJohan Hedberg	data = hci_find_remote_oob_data(hdev, bdaddr, bdaddr_type);
2763eda6SSzymon Janc	if (!data)
2763eda6SSzymon Janc		return -ENOENT;
2763eda6SSzymon Janc
6928a924SJohan Hedberg	BT_DBG("%s removing %pMR (%u)", hdev->name, bdaddr, bdaddr_type);
2763eda6SSzymon Janc
2763eda6SSzymon Janc	list_del(&data->list);
2763eda6SSzymon Janc	kfree(data);
2763eda6SSzymon Janc
2763eda6SSzymon Janc	return 0;
2763eda6SSzymon Janc}
2763eda6SSzymon Janc
35f7498aSJohan Hedbergvoid hci_remote_oob_data_clear(struct hci_dev *hdev)
2763eda6SSzymon Janc{
2763eda6SSzymon Janc	struct oob_data *data, *n;
2763eda6SSzymon Janc
2763eda6SSzymon Janc	list_for_each_entry_safe(data, n, &hdev->remote_oob_data, list) {
2763eda6SSzymon Janc		list_del(&data->list);
2763eda6SSzymon Janc		kfree(data);
2763eda6SSzymon Janc	}
2763eda6SSzymon Janc}
2763eda6SSzymon Janc
0798872eSMarcel Holtmannint hci_add_remote_oob_data(struct hci_dev *hdev, bdaddr_t *bdaddr,
6928a924SJohan Hedberg			    u8 bdaddr_type, u8 *hash192, u8 *rand192,
38da1703SJohan Hedberg			    u8 *hash256, u8 *rand256)
0798872eSMarcel Holtmann{
0798872eSMarcel Holtmann	struct oob_data *data;
0798872eSMarcel Holtmann
6928a924SJohan Hedberg	data = hci_find_remote_oob_data(hdev, bdaddr, bdaddr_type);
0798872eSMarcel Holtmann	if (!data) {
0a14ab41SJohan Hedberg		data = kmalloc(sizeof(*data), GFP_KERNEL);
0798872eSMarcel Holtmann		if (!data)
0798872eSMarcel Holtmann			return -ENOMEM;
0798872eSMarcel Holtmann
0798872eSMarcel Holtmann		bacpy(&data->bdaddr, bdaddr);
6928a924SJohan Hedberg		data->bdaddr_type = bdaddr_type;
0798872eSMarcel Holtmann		list_add(&data->list, &hdev->remote_oob_data);
0798872eSMarcel Holtmann	}
0798872eSMarcel Holtmann
81328d5cSJohan Hedberg	if (hash192 && rand192) {
0798872eSMarcel Holtmann		memcpy(data->hash192, hash192, sizeof(data->hash192));
38da1703SJohan Hedberg		memcpy(data->rand192, rand192, sizeof(data->rand192));
f7697b16SMarcel Holtmann		if (hash256 && rand256)
f7697b16SMarcel Holtmann			data->present = 0x03;
81328d5cSJohan Hedberg	} else {
81328d5cSJohan Hedberg		memset(data->hash192, 0, sizeof(data->hash192));
81328d5cSJohan Hedberg		memset(data->rand192, 0, sizeof(data->rand192));
f7697b16SMarcel Holtmann		if (hash256 && rand256)
f7697b16SMarcel Holtmann			data->present = 0x02;
f7697b16SMarcel Holtmann		else
f7697b16SMarcel Holtmann			data->present = 0x00;
81328d5cSJohan Hedberg	}
0798872eSMarcel Holtmann
81328d5cSJohan Hedberg	if (hash256 && rand256) {
0798872eSMarcel Holtmann		memcpy(data->hash256, hash256, sizeof(data->hash256));
38da1703SJohan Hedberg		memcpy(data->rand256, rand256, sizeof(data->rand256));
81328d5cSJohan Hedberg	} else {
81328d5cSJohan Hedberg		memset(data->hash256, 0, sizeof(data->hash256));
81328d5cSJohan Hedberg		memset(data->rand256, 0, sizeof(data->rand256));
f7697b16SMarcel Holtmann		if (hash192 && rand192)
f7697b16SMarcel Holtmann			data->present = 0x01;
81328d5cSJohan Hedberg	}
0798872eSMarcel Holtmann
6ed93dc6SAndrei Emeltchenko	BT_DBG("%s for %pMR", hdev->name, bdaddr);
2763eda6SSzymon Janc
2763eda6SSzymon Janc	return 0;
2763eda6SSzymon Janc}
2763eda6SSzymon Janc
d2609b34SFlorian Grandel/* This function requires the caller holds hdev->lock */
d2609b34SFlorian Grandelstruct adv_info *hci_find_adv_instance(struct hci_dev *hdev, u8 instance)
d2609b34SFlorian Grandel{
d2609b34SFlorian Grandel	struct adv_info *adv_instance;
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel	list_for_each_entry(adv_instance, &hdev->adv_instances, list) {
d2609b34SFlorian Grandel		if (adv_instance->instance == instance)
d2609b34SFlorian Grandel			return adv_instance;
d2609b34SFlorian Grandel	}
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel	return NULL;
d2609b34SFlorian Grandel}
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel/* This function requires the caller holds hdev->lock */
d2609b34SFlorian Grandelstruct adv_info *hci_get_next_instance(struct hci_dev *hdev, u8 instance) {
d2609b34SFlorian Grandel	struct adv_info *cur_instance;
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel	cur_instance = hci_find_adv_instance(hdev, instance);
d2609b34SFlorian Grandel	if (!cur_instance)
d2609b34SFlorian Grandel		return NULL;
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel	if (cur_instance == list_last_entry(&hdev->adv_instances,
d2609b34SFlorian Grandel					    struct adv_info, list))
d2609b34SFlorian Grandel		return list_first_entry(&hdev->adv_instances,
d2609b34SFlorian Grandel						 struct adv_info, list);
d2609b34SFlorian Grandel	else
d2609b34SFlorian Grandel		return list_next_entry(cur_instance, list);
d2609b34SFlorian Grandel}
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel/* This function requires the caller holds hdev->lock */
d2609b34SFlorian Grandelint hci_remove_adv_instance(struct hci_dev *hdev, u8 instance)
d2609b34SFlorian Grandel{
d2609b34SFlorian Grandel	struct adv_info *adv_instance;
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel	adv_instance = hci_find_adv_instance(hdev, instance);
d2609b34SFlorian Grandel	if (!adv_instance)
d2609b34SFlorian Grandel		return -ENOENT;
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel	BT_DBG("%s removing %dMR", hdev->name, instance);
d2609b34SFlorian Grandel
5d900e46SFlorian Grandel	if (hdev->cur_adv_instance == instance && hdev->adv_instance_timeout) {
5d900e46SFlorian Grandel		cancel_delayed_work(&hdev->adv_instance_expire);
5d900e46SFlorian Grandel		hdev->adv_instance_timeout = 0;
5d900e46SFlorian Grandel	}
5d900e46SFlorian Grandel
d2609b34SFlorian Grandel	list_del(&adv_instance->list);
d2609b34SFlorian Grandel	kfree(adv_instance);
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel	hdev->adv_instance_cnt--;
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel	return 0;
d2609b34SFlorian Grandel}
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel/* This function requires the caller holds hdev->lock */
d2609b34SFlorian Grandelvoid hci_adv_instances_clear(struct hci_dev *hdev)
d2609b34SFlorian Grandel{
d2609b34SFlorian Grandel	struct adv_info *adv_instance, *n;
d2609b34SFlorian Grandel
5d900e46SFlorian Grandel	if (hdev->adv_instance_timeout) {
5d900e46SFlorian Grandel		cancel_delayed_work(&hdev->adv_instance_expire);
5d900e46SFlorian Grandel		hdev->adv_instance_timeout = 0;
5d900e46SFlorian Grandel	}
5d900e46SFlorian Grandel
d2609b34SFlorian Grandel	list_for_each_entry_safe(adv_instance, n, &hdev->adv_instances, list) {
d2609b34SFlorian Grandel		list_del(&adv_instance->list);
d2609b34SFlorian Grandel		kfree(adv_instance);
d2609b34SFlorian Grandel	}
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel	hdev->adv_instance_cnt = 0;
d2609b34SFlorian Grandel}
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel/* This function requires the caller holds hdev->lock */
d2609b34SFlorian Grandelint hci_add_adv_instance(struct hci_dev *hdev, u8 instance, u32 flags,
d2609b34SFlorian Grandel			 u16 adv_data_len, u8 *adv_data,
d2609b34SFlorian Grandel			 u16 scan_rsp_len, u8 *scan_rsp_data,
d2609b34SFlorian Grandel			 u16 timeout, u16 duration)
d2609b34SFlorian Grandel{
d2609b34SFlorian Grandel	struct adv_info *adv_instance;
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel	adv_instance = hci_find_adv_instance(hdev, instance);
d2609b34SFlorian Grandel	if (adv_instance) {
d2609b34SFlorian Grandel		memset(adv_instance->adv_data, 0,
d2609b34SFlorian Grandel		       sizeof(adv_instance->adv_data));
d2609b34SFlorian Grandel		memset(adv_instance->scan_rsp_data, 0,
d2609b34SFlorian Grandel		       sizeof(adv_instance->scan_rsp_data));
d2609b34SFlorian Grandel	} else {
d2609b34SFlorian Grandel		if (hdev->adv_instance_cnt >= HCI_MAX_ADV_INSTANCES ||
d2609b34SFlorian Grandel		    instance < 1 || instance > HCI_MAX_ADV_INSTANCES)
d2609b34SFlorian Grandel			return -EOVERFLOW;
d2609b34SFlorian Grandel
39ecfad6SJohan Hedberg		adv_instance = kzalloc(sizeof(*adv_instance), GFP_KERNEL);
d2609b34SFlorian Grandel		if (!adv_instance)
d2609b34SFlorian Grandel			return -ENOMEM;
d2609b34SFlorian Grandel
fffd38bcSFlorian Grandel		adv_instance->pending = true;
d2609b34SFlorian Grandel		adv_instance->instance = instance;
d2609b34SFlorian Grandel		list_add(&adv_instance->list, &hdev->adv_instances);
d2609b34SFlorian Grandel		hdev->adv_instance_cnt++;
d2609b34SFlorian Grandel	}
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel	adv_instance->flags = flags;
d2609b34SFlorian Grandel	adv_instance->adv_data_len = adv_data_len;
d2609b34SFlorian Grandel	adv_instance->scan_rsp_len = scan_rsp_len;
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel	if (adv_data_len)
d2609b34SFlorian Grandel		memcpy(adv_instance->adv_data, adv_data, adv_data_len);
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel	if (scan_rsp_len)
d2609b34SFlorian Grandel		memcpy(adv_instance->scan_rsp_data,
d2609b34SFlorian Grandel		       scan_rsp_data, scan_rsp_len);
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel	adv_instance->timeout = timeout;
5d900e46SFlorian Grandel	adv_instance->remaining_time = timeout;
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel	if (duration == 0)
d2609b34SFlorian Grandel		adv_instance->duration = HCI_DEFAULT_ADV_DURATION;
d2609b34SFlorian Grandel	else
d2609b34SFlorian Grandel		adv_instance->duration = duration;
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel	BT_DBG("%s for %dMR", hdev->name, instance);
d2609b34SFlorian Grandel
d2609b34SFlorian Grandel	return 0;
d2609b34SFlorian Grandel}
d2609b34SFlorian Grandel
dcc36c16SJohan Hedbergstruct bdaddr_list *hci_bdaddr_list_lookup(struct list_head *bdaddr_list,
b9ee0a78SMarcel Holtmann					 bdaddr_t *bdaddr, u8 type)
b2a66aadSAntti Julku{
b2a66aadSAntti Julku	struct bdaddr_list *b;
b2a66aadSAntti Julku
dcc36c16SJohan Hedberg	list_for_each_entry(b, bdaddr_list, list) {
b9ee0a78SMarcel Holtmann		if (!bacmp(&b->bdaddr, bdaddr) && b->bdaddr_type == type)
b2a66aadSAntti Julku			return b;
b9ee0a78SMarcel Holtmann	}
b2a66aadSAntti Julku
b2a66aadSAntti Julku	return NULL;
b2a66aadSAntti Julku}
b2a66aadSAntti Julku
dcc36c16SJohan Hedbergvoid hci_bdaddr_list_clear(struct list_head *bdaddr_list)
b2a66aadSAntti Julku{
b2a66aadSAntti Julku	struct list_head *p, *n;
b2a66aadSAntti Julku
dcc36c16SJohan Hedberg	list_for_each_safe(p, n, bdaddr_list) {
b9ee0a78SMarcel Holtmann		struct bdaddr_list *b = list_entry(p, struct bdaddr_list, list);
b2a66aadSAntti Julku
b2a66aadSAntti Julku		list_del(p);
b2a66aadSAntti Julku		kfree(b);
b2a66aadSAntti Julku	}
b2a66aadSAntti Julku}
b2a66aadSAntti Julku
dcc36c16SJohan Hedbergint hci_bdaddr_list_add(struct list_head *list, bdaddr_t *bdaddr, u8 type)
b2a66aadSAntti Julku{
b2a66aadSAntti Julku	struct bdaddr_list *entry;
b2a66aadSAntti Julku
b9ee0a78SMarcel Holtmann	if (!bacmp(bdaddr, BDADDR_ANY))
b2a66aadSAntti Julku		return -EBADF;
b2a66aadSAntti Julku
dcc36c16SJohan Hedberg	if (hci_bdaddr_list_lookup(list, bdaddr, type))
5e762444SAntti Julku		return -EEXIST;
b2a66aadSAntti Julku
27f70f3eSJohan Hedberg	entry = kzalloc(sizeof(*entry), GFP_KERNEL);
5e762444SAntti Julku	if (!entry)
5e762444SAntti Julku		return -ENOMEM;
b2a66aadSAntti Julku
b2a66aadSAntti Julku	bacpy(&entry->bdaddr, bdaddr);
b9ee0a78SMarcel Holtmann	entry->bdaddr_type = type;
b2a66aadSAntti Julku
dcc36c16SJohan Hedberg	list_add(&entry->list, list);
b2a66aadSAntti Julku
2a8357f2SJohan Hedberg	return 0;
b2a66aadSAntti Julku}
b2a66aadSAntti Julku
dcc36c16SJohan Hedbergint hci_bdaddr_list_del(struct list_head *list, bdaddr_t *bdaddr, u8 type)
b2a66aadSAntti Julku{
b2a66aadSAntti Julku	struct bdaddr_list *entry;
b2a66aadSAntti Julku
35f7498aSJohan Hedberg	if (!bacmp(bdaddr, BDADDR_ANY)) {
dcc36c16SJohan Hedberg		hci_bdaddr_list_clear(list);
35f7498aSJohan Hedberg		return 0;
35f7498aSJohan Hedberg	}
b2a66aadSAntti Julku
dcc36c16SJohan Hedberg	entry = hci_bdaddr_list_lookup(list, bdaddr, type);
d2ab0ac1SMarcel Holtmann	if (!entry)
d2ab0ac1SMarcel Holtmann		return -ENOENT;
d2ab0ac1SMarcel Holtmann
d2ab0ac1SMarcel Holtmann	list_del(&entry->list);
d2ab0ac1SMarcel Holtmann	kfree(entry);
d2ab0ac1SMarcel Holtmann
d2ab0ac1SMarcel Holtmann	return 0;
d2ab0ac1SMarcel Holtmann}
d2ab0ac1SMarcel Holtmann
15819a70SAndre Guedes/* This function requires the caller holds hdev->lock */
15819a70SAndre Guedesstruct hci_conn_params *hci_conn_params_lookup(struct hci_dev *hdev,
15819a70SAndre Guedes					       bdaddr_t *addr, u8 addr_type)
15819a70SAndre Guedes{
15819a70SAndre Guedes	struct hci_conn_params *params;
15819a70SAndre Guedes
15819a70SAndre Guedes	list_for_each_entry(params, &hdev->le_conn_params, list) {
15819a70SAndre Guedes		if (bacmp(&params->addr, addr) == 0 &&
15819a70SAndre Guedes		    params->addr_type == addr_type) {
15819a70SAndre Guedes			return params;
15819a70SAndre Guedes		}
15819a70SAndre Guedes	}
15819a70SAndre Guedes
15819a70SAndre Guedes	return NULL;
15819a70SAndre Guedes}
15819a70SAndre Guedes
15819a70SAndre Guedes/* This function requires the caller holds hdev->lock */
501f8827SJohan Hedbergstruct hci_conn_params *hci_pend_le_action_lookup(struct list_head *list,
4b10966fSMarcel Holtmann						  bdaddr_t *addr, u8 addr_type)
15819a70SAndre Guedes{
912b42efSJohan Hedberg	struct hci_conn_params *param;
15819a70SAndre Guedes
501f8827SJohan Hedberg	list_for_each_entry(param, list, action) {
912b42efSJohan Hedberg		if (bacmp(&param->addr, addr) == 0 &&
912b42efSJohan Hedberg		    param->addr_type == addr_type)
912b42efSJohan Hedberg			return param;
4b10966fSMarcel Holtmann	}
4b10966fSMarcel Holtmann
4b10966fSMarcel Holtmann	return NULL;
15819a70SAndre Guedes}
15819a70SAndre Guedes
15819a70SAndre Guedes/* This function requires the caller holds hdev->lock */
51d167c0SMarcel Holtmannstruct hci_conn_params *hci_conn_params_add(struct hci_dev *hdev,
51d167c0SMarcel Holtmann					    bdaddr_t *addr, u8 addr_type)
15819a70SAndre Guedes{
15819a70SAndre Guedes	struct hci_conn_params *params;
15819a70SAndre Guedes
15819a70SAndre Guedes	params = hci_conn_params_lookup(hdev, addr, addr_type);
cef952ceSAndre Guedes	if (params)
51d167c0SMarcel Holtmann		return params;
15819a70SAndre Guedes
15819a70SAndre Guedes	params = kzalloc(sizeof(*params), GFP_KERNEL);
15819a70SAndre Guedes	if (!params) {
15819a70SAndre Guedes		BT_ERR("Out of memory");
51d167c0SMarcel Holtmann		return NULL;
15819a70SAndre Guedes	}
15819a70SAndre Guedes
15819a70SAndre Guedes	bacpy(&params->addr, addr);
15819a70SAndre Guedes	params->addr_type = addr_type;
cef952ceSAndre Guedes
cef952ceSAndre Guedes	list_add(&params->list, &hdev->le_conn_params);
93450c75SJohan Hedberg	INIT_LIST_HEAD(&params->action);
cef952ceSAndre Guedes
bf5b3c8bSMarcel Holtmann	params->conn_min_interval = hdev->le_conn_min_interval;
bf5b3c8bSMarcel Holtmann	params->conn_max_interval = hdev->le_conn_max_interval;
bf5b3c8bSMarcel Holtmann	params->conn_latency = hdev->le_conn_latency;
bf5b3c8bSMarcel Holtmann	params->supervision_timeout = hdev->le_supv_timeout;
bf5b3c8bSMarcel Holtmann	params->auto_connect = HCI_AUTO_CONN_DISABLED;
bf5b3c8bSMarcel Holtmann
bf5b3c8bSMarcel Holtmann	BT_DBG("addr %pMR (type %u)", addr, addr_type);
bf5b3c8bSMarcel Holtmann
51d167c0SMarcel Holtmann	return params;
bf5b3c8bSMarcel Holtmann}
bf5b3c8bSMarcel Holtmann
f6c63249SJohan Hedbergstatic void hci_conn_params_free(struct hci_conn_params *params)
f6c63249SJohan Hedberg{
f6c63249SJohan Hedberg	if (params->conn) {
f6c63249SJohan Hedberg		hci_conn_drop(params->conn);
f6c63249SJohan Hedberg		hci_conn_put(params->conn);
f6c63249SJohan Hedberg	}
f6c63249SJohan Hedberg
f6c63249SJohan Hedberg	list_del(&params->action);
f6c63249SJohan Hedberg	list_del(&params->list);
f6c63249SJohan Hedberg	kfree(params);
f6c63249SJohan Hedberg}
f6c63249SJohan Hedberg
15819a70SAndre Guedes/* This function requires the caller holds hdev->lock */
15819a70SAndre Guedesvoid hci_conn_params_del(struct hci_dev *hdev, bdaddr_t *addr, u8 addr_type)
15819a70SAndre Guedes{
15819a70SAndre Guedes	struct hci_conn_params *params;
15819a70SAndre Guedes
15819a70SAndre Guedes	params = hci_conn_params_lookup(hdev, addr, addr_type);
15819a70SAndre Guedes	if (!params)
15819a70SAndre Guedes		return;
15819a70SAndre Guedes
f6c63249SJohan Hedberg	hci_conn_params_free(params);
15819a70SAndre Guedes
95305baaSJohan Hedberg	hci_update_background_scan(hdev);
95305baaSJohan Hedberg
15819a70SAndre Guedes	BT_DBG("addr %pMR (type %u)", addr, addr_type);
15819a70SAndre Guedes}
15819a70SAndre Guedes
15819a70SAndre Guedes/* This function requires the caller holds hdev->lock */
55af49a8SJohan Hedbergvoid hci_conn_params_clear_disabled(struct hci_dev *hdev)
15819a70SAndre Guedes{
15819a70SAndre Guedes	struct hci_conn_params *params, *tmp;
15819a70SAndre Guedes
15819a70SAndre Guedes	list_for_each_entry_safe(params, tmp, &hdev->le_conn_params, list) {
55af49a8SJohan Hedberg		if (params->auto_connect != HCI_AUTO_CONN_DISABLED)
55af49a8SJohan Hedberg			continue;
f75113a2SJakub Pawlowski
f75113a2SJakub Pawlowski		/* If trying to estabilish one time connection to disabled
f75113a2SJakub Pawlowski		 * device, leave the params, but mark them as just once.
f75113a2SJakub Pawlowski		 */
f75113a2SJakub Pawlowski		if (params->explicit_connect) {
f75113a2SJakub Pawlowski			params->auto_connect = HCI_AUTO_CONN_EXPLICIT;
f75113a2SJakub Pawlowski			continue;
f75113a2SJakub Pawlowski		}
f75113a2SJakub Pawlowski
15819a70SAndre Guedes		list_del(&params->list);
15819a70SAndre Guedes		kfree(params);
15819a70SAndre Guedes	}
15819a70SAndre Guedes
55af49a8SJohan Hedberg	BT_DBG("All LE disabled connection parameters were removed");
55af49a8SJohan Hedberg}
55af49a8SJohan Hedberg
55af49a8SJohan Hedberg/* This function requires the caller holds hdev->lock */
373110c5SJohan Hedbergvoid hci_conn_params_clear_all(struct hci_dev *hdev)
15819a70SAndre Guedes{
15819a70SAndre Guedes	struct hci_conn_params *params, *tmp;
15819a70SAndre Guedes
f6c63249SJohan Hedberg	list_for_each_entry_safe(params, tmp, &hdev->le_conn_params, list)
f6c63249SJohan Hedberg		hci_conn_params_free(params);
15819a70SAndre Guedes
a2f41a8fSJohan Hedberg	hci_update_background_scan(hdev);
1089b67dSMarcel Holtmann
15819a70SAndre Guedes	BT_DBG("All LE connection parameters were removed");
15819a70SAndre Guedes}
15819a70SAndre Guedes
1904a853SMarcel Holtmannstatic void inquiry_complete(struct hci_dev *hdev, u8 status, u16 opcode)
7ba8b4beSAndre Guedes{
4c87eaabSAndre Guedes	if (status) {
4c87eaabSAndre Guedes		BT_ERR("Failed to start inquiry: status %d", status);
7ba8b4beSAndre Guedes
4c87eaabSAndre Guedes		hci_dev_lock(hdev);
4c87eaabSAndre Guedes		hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
4c87eaabSAndre Guedes		hci_dev_unlock(hdev);
4c87eaabSAndre Guedes		return;
4c87eaabSAndre Guedes	}
7ba8b4beSAndre Guedes}
7ba8b4beSAndre Guedes
1904a853SMarcel Holtmannstatic void le_scan_disable_work_complete(struct hci_dev *hdev, u8 status,
1904a853SMarcel Holtmann					  u16 opcode)
7ba8b4beSAndre Guedes{
4c87eaabSAndre Guedes	/* General inquiry access code (GIAC) */
4c87eaabSAndre Guedes	u8 lap[3] = { 0x33, 0x8b, 0x9e };
4c87eaabSAndre Guedes	struct hci_cp_inquiry cp;
7ba8b4beSAndre Guedes	int err;
7ba8b4beSAndre Guedes
4c87eaabSAndre Guedes	if (status) {
4c87eaabSAndre Guedes		BT_ERR("Failed to disable LE scanning: status %d", status);
4c87eaabSAndre Guedes		return;
7ba8b4beSAndre Guedes	}
7ba8b4beSAndre Guedes
2d28cfe7SJakub Pawlowski	hdev->discovery.scan_start = 0;
2d28cfe7SJakub Pawlowski
4c87eaabSAndre Guedes	switch (hdev->discovery.type) {
4c87eaabSAndre Guedes	case DISCOV_TYPE_LE:
4c87eaabSAndre Guedes		hci_dev_lock(hdev);
4c87eaabSAndre Guedes		hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
4c87eaabSAndre Guedes		hci_dev_unlock(hdev);
4c87eaabSAndre Guedes		break;
7dbfac1dSAndre Guedes
4c87eaabSAndre Guedes	case DISCOV_TYPE_INTERLEAVED:
4c87eaabSAndre Guedes		hci_dev_lock(hdev);
4c87eaabSAndre Guedes
07d2334aSJakub Pawlowski		if (test_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY,
07d2334aSJakub Pawlowski			     &hdev->quirks)) {
07d2334aSJakub Pawlowski			/* If we were running LE only scan, change discovery
07d2334aSJakub Pawlowski			 * state. If we were running both LE and BR/EDR inquiry
07d2334aSJakub Pawlowski			 * simultaneously, and BR/EDR inquiry is already
07d2334aSJakub Pawlowski			 * finished, stop discovery, otherwise BR/EDR inquiry
177d0506SWesley Kuo			 * will stop discovery when finished. If we will resolve
177d0506SWesley Kuo			 * remote device name, do not change discovery state.
07d2334aSJakub Pawlowski			 */
177d0506SWesley Kuo			if (!test_bit(HCI_INQUIRY, &hdev->flags) &&
177d0506SWesley Kuo			    hdev->discovery.state != DISCOVERY_RESOLVING)
07d2334aSJakub Pawlowski				hci_discovery_set_state(hdev,
07d2334aSJakub Pawlowski							DISCOVERY_STOPPED);
07d2334aSJakub Pawlowski		} else {
baf880a9SJohan Hedberg			struct hci_request req;
baf880a9SJohan Hedberg
4c87eaabSAndre Guedes			hci_inquiry_cache_flush(hdev);
4c87eaabSAndre Guedes
baf880a9SJohan Hedberg			hci_req_init(&req, hdev);
baf880a9SJohan Hedberg
baf880a9SJohan Hedberg			memset(&cp, 0, sizeof(cp));
baf880a9SJohan Hedberg			memcpy(&cp.lap, lap, sizeof(cp.lap));
baf880a9SJohan Hedberg			cp.length = DISCOV_INTERLEAVED_INQUIRY_LEN;
baf880a9SJohan Hedberg			hci_req_add(&req, HCI_OP_INQUIRY, sizeof(cp), &cp);
baf880a9SJohan Hedberg
4c87eaabSAndre Guedes			err = hci_req_run(&req, inquiry_complete);
4c87eaabSAndre Guedes			if (err) {
4c87eaabSAndre Guedes				BT_ERR("Inquiry request failed: err %d", err);
07d2334aSJakub Pawlowski				hci_discovery_set_state(hdev,
07d2334aSJakub Pawlowski							DISCOVERY_STOPPED);
07d2334aSJakub Pawlowski			}
7dbfac1dSAndre Guedes		}
7dbfac1dSAndre Guedes
4c87eaabSAndre Guedes		hci_dev_unlock(hdev);
4c87eaabSAndre Guedes		break;
4c87eaabSAndre Guedes	}
7dbfac1dSAndre Guedes}
7dbfac1dSAndre Guedes
7ba8b4beSAndre Guedesstatic void le_scan_disable_work(struct work_struct *work)
7ba8b4beSAndre Guedes{
7ba8b4beSAndre Guedes	struct hci_dev *hdev = container_of(work, struct hci_dev,
7ba8b4beSAndre Guedes					    le_scan_disable.work);
4c87eaabSAndre Guedes	struct hci_request req;
4c87eaabSAndre Guedes	int err;
7ba8b4beSAndre Guedes
7ba8b4beSAndre Guedes	BT_DBG("%s", hdev->name);
7ba8b4beSAndre Guedes
2d28cfe7SJakub Pawlowski	cancel_delayed_work_sync(&hdev->le_scan_restart);
2d28cfe7SJakub Pawlowski
4c87eaabSAndre Guedes	hci_req_init(&req, hdev);
7ba8b4beSAndre Guedes
b1efcc28SAndre Guedes	hci_req_add_le_scan_disable(&req);
7ba8b4beSAndre Guedes
4c87eaabSAndre Guedes	err = hci_req_run(&req, le_scan_disable_work_complete);
4c87eaabSAndre Guedes	if (err)
4c87eaabSAndre Guedes		BT_ERR("Disable LE scanning request failed: err %d", err);
28b75a89SAndre Guedes}
28b75a89SAndre Guedes
2d28cfe7SJakub Pawlowskistatic void le_scan_restart_work_complete(struct hci_dev *hdev, u8 status,
2d28cfe7SJakub Pawlowski					  u16 opcode)
2d28cfe7SJakub Pawlowski{
2d28cfe7SJakub Pawlowski	unsigned long timeout, duration, scan_start, now;
2d28cfe7SJakub Pawlowski
2d28cfe7SJakub Pawlowski	BT_DBG("%s", hdev->name);
2d28cfe7SJakub Pawlowski
2d28cfe7SJakub Pawlowski	if (status) {
2d28cfe7SJakub Pawlowski		BT_ERR("Failed to restart LE scan: status %d", status);
2d28cfe7SJakub Pawlowski		return;
2d28cfe7SJakub Pawlowski	}
2d28cfe7SJakub Pawlowski
2d28cfe7SJakub Pawlowski	if (!test_bit(HCI_QUIRK_STRICT_DUPLICATE_FILTER, &hdev->quirks) ||
2d28cfe7SJakub Pawlowski	    !hdev->discovery.scan_start)
2d28cfe7SJakub Pawlowski		return;
2d28cfe7SJakub Pawlowski
2d28cfe7SJakub Pawlowski	/* When the scan was started, hdev->le_scan_disable has been queued
2d28cfe7SJakub Pawlowski	 * after duration from scan_start. During scan restart this job
2d28cfe7SJakub Pawlowski	 * has been canceled, and we need to queue it again after proper
2d28cfe7SJakub Pawlowski	 * timeout, to make sure that scan does not run indefinitely.
2d28cfe7SJakub Pawlowski	 */
2d28cfe7SJakub Pawlowski	duration = hdev->discovery.scan_duration;
2d28cfe7SJakub Pawlowski	scan_start = hdev->discovery.scan_start;
2d28cfe7SJakub Pawlowski	now = jiffies;
2d28cfe7SJakub Pawlowski	if (now - scan_start <= duration) {
2d28cfe7SJakub Pawlowski		int elapsed;
2d28cfe7SJakub Pawlowski
2d28cfe7SJakub Pawlowski		if (now >= scan_start)
2d28cfe7SJakub Pawlowski			elapsed = now - scan_start;
2d28cfe7SJakub Pawlowski		else
2d28cfe7SJakub Pawlowski			elapsed = ULONG_MAX - scan_start + now;
2d28cfe7SJakub Pawlowski
2d28cfe7SJakub Pawlowski		timeout = duration - elapsed;
2d28cfe7SJakub Pawlowski	} else {
2d28cfe7SJakub Pawlowski		timeout = 0;
2d28cfe7SJakub Pawlowski	}
2d28cfe7SJakub Pawlowski	queue_delayed_work(hdev->workqueue,
2d28cfe7SJakub Pawlowski			   &hdev->le_scan_disable, timeout);
2d28cfe7SJakub Pawlowski}
2d28cfe7SJakub Pawlowski
2d28cfe7SJakub Pawlowskistatic void le_scan_restart_work(struct work_struct *work)
2d28cfe7SJakub Pawlowski{
2d28cfe7SJakub Pawlowski	struct hci_dev *hdev = container_of(work, struct hci_dev,
2d28cfe7SJakub Pawlowski					    le_scan_restart.work);
2d28cfe7SJakub Pawlowski	struct hci_request req;
2d28cfe7SJakub Pawlowski	struct hci_cp_le_set_scan_enable cp;
2d28cfe7SJakub Pawlowski	int err;
2d28cfe7SJakub Pawlowski
2d28cfe7SJakub Pawlowski	BT_DBG("%s", hdev->name);
2d28cfe7SJakub Pawlowski
2d28cfe7SJakub Pawlowski	/* If controller is not scanning we are done. */
d7a5a11dSMarcel Holtmann	if (!hci_dev_test_flag(hdev, HCI_LE_SCAN))
2d28cfe7SJakub Pawlowski		return;
2d28cfe7SJakub Pawlowski
2d28cfe7SJakub Pawlowski	hci_req_init(&req, hdev);
2d28cfe7SJakub Pawlowski
2d28cfe7SJakub Pawlowski	hci_req_add_le_scan_disable(&req);
2d28cfe7SJakub Pawlowski
2d28cfe7SJakub Pawlowski	memset(&cp, 0, sizeof(cp));
2d28cfe7SJakub Pawlowski	cp.enable = LE_SCAN_ENABLE;
2d28cfe7SJakub Pawlowski	cp.filter_dup = LE_SCAN_FILTER_DUP_ENABLE;
2d28cfe7SJakub Pawlowski	hci_req_add(&req, HCI_OP_LE_SET_SCAN_ENABLE, sizeof(cp), &cp);
2d28cfe7SJakub Pawlowski
2d28cfe7SJakub Pawlowski	err = hci_req_run(&req, le_scan_restart_work_complete);
2d28cfe7SJakub Pawlowski	if (err)
2d28cfe7SJakub Pawlowski		BT_ERR("Restart LE scan request failed: err %d", err);
2d28cfe7SJakub Pawlowski}
2d28cfe7SJakub Pawlowski
a1f4c318SJohan Hedberg/* Copy the Identity Address of the controller.
a1f4c318SJohan Hedberg *
a1f4c318SJohan Hedberg * If the controller has a public BD_ADDR, then by default use that one.
a1f4c318SJohan Hedberg * If this is a LE only controller without a public address, default to
a1f4c318SJohan Hedberg * the static random address.
a1f4c318SJohan Hedberg *
a1f4c318SJohan Hedberg * For debugging purposes it is possible to force controllers with a
a1f4c318SJohan Hedberg * public address to use the static random address instead.
50b5b952SMarcel Holtmann *
50b5b952SMarcel Holtmann * In case BR/EDR has been disabled on a dual-mode controller and
50b5b952SMarcel Holtmann * userspace has configured a static address, then that address
50b5b952SMarcel Holtmann * becomes the identity address instead of the public BR/EDR address.
a1f4c318SJohan Hedberg */
a1f4c318SJohan Hedbergvoid hci_copy_identity_address(struct hci_dev *hdev, bdaddr_t *bdaddr,
a1f4c318SJohan Hedberg			       u8 *bdaddr_type)
a1f4c318SJohan Hedberg{
b7cb93e5SMarcel Holtmann	if (hci_dev_test_flag(hdev, HCI_FORCE_STATIC_ADDR) ||
50b5b952SMarcel Holtmann	    !bacmp(&hdev->bdaddr, BDADDR_ANY) ||
d7a5a11dSMarcel Holtmann	    (!hci_dev_test_flag(hdev, HCI_BREDR_ENABLED) &&
50b5b952SMarcel Holtmann	     bacmp(&hdev->static_addr, BDADDR_ANY))) {
a1f4c318SJohan Hedberg		bacpy(bdaddr, &hdev->static_addr);
a1f4c318SJohan Hedberg		*bdaddr_type = ADDR_LE_DEV_RANDOM;
a1f4c318SJohan Hedberg	} else {
a1f4c318SJohan Hedberg		bacpy(bdaddr, &hdev->bdaddr);
a1f4c318SJohan Hedberg		*bdaddr_type = ADDR_LE_DEV_PUBLIC;
a1f4c318SJohan Hedberg	}
a1f4c318SJohan Hedberg}
a1f4c318SJohan Hedberg
9be0dab7SDavid Herrmann/* Alloc HCI device */
9be0dab7SDavid Herrmannstruct hci_dev *hci_alloc_dev(void)
9be0dab7SDavid Herrmann{
9be0dab7SDavid Herrmann	struct hci_dev *hdev;
9be0dab7SDavid Herrmann
27f70f3eSJohan Hedberg	hdev = kzalloc(sizeof(*hdev), GFP_KERNEL);
9be0dab7SDavid Herrmann	if (!hdev)
9be0dab7SDavid Herrmann		return NULL;
9be0dab7SDavid Herrmann
b1b813d4SDavid Herrmann	hdev->pkt_type  = (HCI_DM1 | HCI_DH1 | HCI_HV1);
b1b813d4SDavid Herrmann	hdev->esco_type = (ESCO_HV1);
b1b813d4SDavid Herrmann	hdev->link_mode = (HCI_LM_ACCEPT);
b4cb9fb2SMarcel Holtmann	hdev->num_iac = 0x01;		/* One IAC support is mandatory */
b1b813d4SDavid Herrmann	hdev->io_capability = 0x03;	/* No Input No Output */
96c2103aSMarcel Holtmann	hdev->manufacturer = 0xffff;	/* Default to internal use */
bbaf444aSJohan Hedberg	hdev->inq_tx_power = HCI_TX_POWER_INVALID;
bbaf444aSJohan Hedberg	hdev->adv_tx_power = HCI_TX_POWER_INVALID;
d2609b34SFlorian Grandel	hdev->adv_instance_cnt = 0;
d2609b34SFlorian Grandel	hdev->cur_adv_instance = 0x00;
5d900e46SFlorian Grandel	hdev->adv_instance_timeout = 0;
b1b813d4SDavid Herrmann
b1b813d4SDavid Herrmann	hdev->sniff_max_interval = 800;
b1b813d4SDavid Herrmann	hdev->sniff_min_interval = 80;
b1b813d4SDavid Herrmann
3f959d46SMarcel Holtmann	hdev->le_adv_channel_map = 0x07;
628531c9SGeorg Lukas	hdev->le_adv_min_interval = 0x0800;
628531c9SGeorg Lukas	hdev->le_adv_max_interval = 0x0800;
bef64738SMarcel Holtmann	hdev->le_scan_interval = 0x0060;
bef64738SMarcel Holtmann	hdev->le_scan_window = 0x0030;
4e70c7e7SMarcel Holtmann	hdev->le_conn_min_interval = 0x0028;
4e70c7e7SMarcel Holtmann	hdev->le_conn_max_interval = 0x0038;
04fb7d90SMarcel Holtmann	hdev->le_conn_latency = 0x0000;
04fb7d90SMarcel Holtmann	hdev->le_supv_timeout = 0x002a;
a8e1bfaaSMarcel Holtmann	hdev->le_def_tx_len = 0x001b;
a8e1bfaaSMarcel Holtmann	hdev->le_def_tx_time = 0x0148;
a8e1bfaaSMarcel Holtmann	hdev->le_max_tx_len = 0x001b;
a8e1bfaaSMarcel Holtmann	hdev->le_max_tx_time = 0x0148;
a8e1bfaaSMarcel Holtmann	hdev->le_max_rx_len = 0x001b;
a8e1bfaaSMarcel Holtmann	hdev->le_max_rx_time = 0x0148;
bef64738SMarcel Holtmann
d6bfd59cSJohan Hedberg	hdev->rpa_timeout = HCI_DEFAULT_RPA_TIMEOUT;
b9a7a61eSLukasz Rymanowski	hdev->discov_interleaved_timeout = DISCOV_INTERLEAVED_TIMEOUT;
31ad1691SAndrzej Kaczmarek	hdev->conn_info_min_age = DEFAULT_CONN_INFO_MIN_AGE;
31ad1691SAndrzej Kaczmarek	hdev->conn_info_max_age = DEFAULT_CONN_INFO_MAX_AGE;
d6bfd59cSJohan Hedberg
b1b813d4SDavid Herrmann	mutex_init(&hdev->lock);
b1b813d4SDavid Herrmann	mutex_init(&hdev->req_lock);
b1b813d4SDavid Herrmann
b1b813d4SDavid Herrmann	INIT_LIST_HEAD(&hdev->mgmt_pending);
b1b813d4SDavid Herrmann	INIT_LIST_HEAD(&hdev->blacklist);
6659358eSJohan Hedberg	INIT_LIST_HEAD(&hdev->whitelist);
b1b813d4SDavid Herrmann	INIT_LIST_HEAD(&hdev->uuids);
b1b813d4SDavid Herrmann	INIT_LIST_HEAD(&hdev->link_keys);
b1b813d4SDavid Herrmann	INIT_LIST_HEAD(&hdev->long_term_keys);
970c4e46SJohan Hedberg	INIT_LIST_HEAD(&hdev->identity_resolving_keys);
b1b813d4SDavid Herrmann	INIT_LIST_HEAD(&hdev->remote_oob_data);
d2ab0ac1SMarcel Holtmann	INIT_LIST_HEAD(&hdev->le_white_list);
15819a70SAndre Guedes	INIT_LIST_HEAD(&hdev->le_conn_params);
77a77a30SAndre Guedes	INIT_LIST_HEAD(&hdev->pend_le_conns);
66f8455aSJohan Hedberg	INIT_LIST_HEAD(&hdev->pend_le_reports);
6b536b5eSAndrei Emeltchenko	INIT_LIST_HEAD(&hdev->conn_hash.list);
d2609b34SFlorian Grandel	INIT_LIST_HEAD(&hdev->adv_instances);
b1b813d4SDavid Herrmann
b1b813d4SDavid Herrmann	INIT_WORK(&hdev->rx_work, hci_rx_work);
b1b813d4SDavid Herrmann	INIT_WORK(&hdev->cmd_work, hci_cmd_work);
b1b813d4SDavid Herrmann	INIT_WORK(&hdev->tx_work, hci_tx_work);
b1b813d4SDavid Herrmann	INIT_WORK(&hdev->power_on, hci_power_on);
c7741d16SMarcel Holtmann	INIT_WORK(&hdev->error_reset, hci_error_reset);
b1b813d4SDavid Herrmann
b1b813d4SDavid Herrmann	INIT_DELAYED_WORK(&hdev->power_off, hci_power_off);
b1b813d4SDavid Herrmann	INIT_DELAYED_WORK(&hdev->discov_off, hci_discov_off);
b1b813d4SDavid Herrmann	INIT_DELAYED_WORK(&hdev->le_scan_disable, le_scan_disable_work);
2d28cfe7SJakub Pawlowski	INIT_DELAYED_WORK(&hdev->le_scan_restart, le_scan_restart_work);
5d900e46SFlorian Grandel	INIT_DELAYED_WORK(&hdev->adv_instance_expire, hci_adv_timeout_expire);
b1b813d4SDavid Herrmann
b1b813d4SDavid Herrmann	skb_queue_head_init(&hdev->rx_q);
b1b813d4SDavid Herrmann	skb_queue_head_init(&hdev->cmd_q);
b1b813d4SDavid Herrmann	skb_queue_head_init(&hdev->raw_q);
b1b813d4SDavid Herrmann
b1b813d4SDavid Herrmann	init_waitqueue_head(&hdev->req_wait_q);
b1b813d4SDavid Herrmann
65cc2b49SMarcel Holtmann	INIT_DELAYED_WORK(&hdev->cmd_timer, hci_cmd_timeout);
b1b813d4SDavid Herrmann
b1b813d4SDavid Herrmann	hci_init_sysfs(hdev);
b1b813d4SDavid Herrmann	discovery_init(hdev);
9be0dab7SDavid Herrmann
9be0dab7SDavid Herrmann	return hdev;
9be0dab7SDavid Herrmann}
9be0dab7SDavid HerrmannEXPORT_SYMBOL(hci_alloc_dev);
9be0dab7SDavid Herrmann
9be0dab7SDavid Herrmann/* Free HCI device */
9be0dab7SDavid Herrmannvoid hci_free_dev(struct hci_dev *hdev)
9be0dab7SDavid Herrmann{
9be0dab7SDavid Herrmann	/* will free via device release */
9be0dab7SDavid Herrmann	put_device(&hdev->dev);
9be0dab7SDavid Herrmann}
9be0dab7SDavid HerrmannEXPORT_SYMBOL(hci_free_dev);
9be0dab7SDavid Herrmann
1da177e4SLinus Torvalds/* Register HCI device */
1da177e4SLinus Torvaldsint hci_register_dev(struct hci_dev *hdev)
1da177e4SLinus Torvalds{
b1b813d4SDavid Herrmann	int id, error;
1da177e4SLinus Torvalds
74292d5aSMarcel Holtmann	if (!hdev->open || !hdev->close || !hdev->send)
1da177e4SLinus Torvalds		return -EINVAL;
1da177e4SLinus Torvalds
08add513SMat Martineau	/* Do not allow HCI_AMP devices to register at index 0,
08add513SMat Martineau	 * so the index can be used as the AMP controller ID.
08add513SMat Martineau	 */
3df92b31SSasha Levin	switch (hdev->dev_type) {
3df92b31SSasha Levin	case HCI_BREDR:
3df92b31SSasha Levin		id = ida_simple_get(&hci_index_ida, 0, 0, GFP_KERNEL);
1da177e4SLinus Torvalds		break;
3df92b31SSasha Levin	case HCI_AMP:
3df92b31SSasha Levin		id = ida_simple_get(&hci_index_ida, 1, 0, GFP_KERNEL);
3df92b31SSasha Levin		break;
3df92b31SSasha Levin	default:
3df92b31SSasha Levin		return -EINVAL;
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds
3df92b31SSasha Levin	if (id < 0)
3df92b31SSasha Levin		return id;
3df92b31SSasha Levin
1da177e4SLinus Torvalds	sprintf(hdev->name, "hci%d", id);
1da177e4SLinus Torvalds	hdev->id = id;
2d8b3a11SAndrei Emeltchenko
2d8b3a11SAndrei Emeltchenko	BT_DBG("%p name %s bus %d", hdev, hdev->name, hdev->bus);
2d8b3a11SAndrei Emeltchenko
d8537548SKees Cook	hdev->workqueue = alloc_workqueue("%s", WQ_HIGHPRI | WQ_UNBOUND |
d8537548SKees Cook					  WQ_MEM_RECLAIM, 1, hdev->name);
33ca954dSDavid Herrmann	if (!hdev->workqueue) {
33ca954dSDavid Herrmann		error = -ENOMEM;
33ca954dSDavid Herrmann		goto err;
33ca954dSDavid Herrmann	}
f48fd9c8SMarcel Holtmann
d8537548SKees Cook	hdev->req_workqueue = alloc_workqueue("%s", WQ_HIGHPRI | WQ_UNBOUND |
d8537548SKees Cook					      WQ_MEM_RECLAIM, 1, hdev->name);
6ead1bbcSJohan Hedberg	if (!hdev->req_workqueue) {
6ead1bbcSJohan Hedberg		destroy_workqueue(hdev->workqueue);
6ead1bbcSJohan Hedberg		error = -ENOMEM;
6ead1bbcSJohan Hedberg		goto err;
6ead1bbcSJohan Hedberg	}
6ead1bbcSJohan Hedberg
0153e2ecSMarcel Holtmann	if (!IS_ERR_OR_NULL(bt_debugfs))
0153e2ecSMarcel Holtmann		hdev->debugfs = debugfs_create_dir(hdev->name, bt_debugfs);
0153e2ecSMarcel Holtmann
bdc3e0f1SMarcel Holtmann	dev_set_name(&hdev->dev, "%s", hdev->name);
bdc3e0f1SMarcel Holtmann
bdc3e0f1SMarcel Holtmann	error = device_add(&hdev->dev);
33ca954dSDavid Herrmann	if (error < 0)
54506918SJohan Hedberg		goto err_wqueue;
1da177e4SLinus Torvalds
611b30f7SMarcel Holtmann	hdev->rfkill = rfkill_alloc(hdev->name, &hdev->dev,
a8c5fb1aSGustavo Padovan				    RFKILL_TYPE_BLUETOOTH, &hci_rfkill_ops,
a8c5fb1aSGustavo Padovan				    hdev);
611b30f7SMarcel Holtmann	if (hdev->rfkill) {
611b30f7SMarcel Holtmann		if (rfkill_register(hdev->rfkill) < 0) {
611b30f7SMarcel Holtmann			rfkill_destroy(hdev->rfkill);
611b30f7SMarcel Holtmann			hdev->rfkill = NULL;
611b30f7SMarcel Holtmann		}
611b30f7SMarcel Holtmann	}
611b30f7SMarcel Holtmann
5e130367SJohan Hedberg	if (hdev->rfkill && rfkill_blocked(hdev->rfkill))
a1536da2SMarcel Holtmann		hci_dev_set_flag(hdev, HCI_RFKILLED);
5e130367SJohan Hedberg
a1536da2SMarcel Holtmann	hci_dev_set_flag(hdev, HCI_SETUP);
a1536da2SMarcel Holtmann	hci_dev_set_flag(hdev, HCI_AUTO_OFF);
ce2be9acSAndrei Emeltchenko
01cd3404SMarcel Holtmann	if (hdev->dev_type == HCI_BREDR) {
56f87901SJohan Hedberg		/* Assume BR/EDR support until proven otherwise (such as
56f87901SJohan Hedberg		 * through reading supported features during init.
56f87901SJohan Hedberg		 */
a1536da2SMarcel Holtmann		hci_dev_set_flag(hdev, HCI_BREDR_ENABLED);
56f87901SJohan Hedberg	}
ce2be9acSAndrei Emeltchenko
fcee3377SGustavo Padovan	write_lock(&hci_dev_list_lock);
fcee3377SGustavo Padovan	list_add(&hdev->list, &hci_dev_list);
fcee3377SGustavo Padovan	write_unlock(&hci_dev_list_lock);
fcee3377SGustavo Padovan
4a964404SMarcel Holtmann	/* Devices that are marked for raw-only usage are unconfigured
4a964404SMarcel Holtmann	 * and should not be included in normal operation.
fee746b0SMarcel Holtmann	 */
fee746b0SMarcel Holtmann	if (test_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks))
a1536da2SMarcel Holtmann		hci_dev_set_flag(hdev, HCI_UNCONFIGURED);
fee746b0SMarcel Holtmann
1da177e4SLinus Torvalds	hci_notify(hdev, HCI_DEV_REG);
dc946bd8SDavid Herrmann	hci_dev_hold(hdev);
1da177e4SLinus Torvalds
19202573SJohan Hedberg	queue_work(hdev->req_workqueue, &hdev->power_on);
fbe96d6fSMarcel Holtmann
1da177e4SLinus Torvalds	return id;
f48fd9c8SMarcel Holtmann
33ca954dSDavid Herrmannerr_wqueue:
33ca954dSDavid Herrmann	destroy_workqueue(hdev->workqueue);
6ead1bbcSJohan Hedberg	destroy_workqueue(hdev->req_workqueue);
33ca954dSDavid Herrmannerr:
3df92b31SSasha Levin	ida_simple_remove(&hci_index_ida, hdev->id);
f48fd9c8SMarcel Holtmann
33ca954dSDavid Herrmann	return error;
1da177e4SLinus Torvalds}
1da177e4SLinus TorvaldsEXPORT_SYMBOL(hci_register_dev);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds/* Unregister HCI device */
59735631SDavid Herrmannvoid hci_unregister_dev(struct hci_dev *hdev)
1da177e4SLinus Torvalds{
2d7cc19eSMarcel Holtmann	int id;
ef222013SMarcel Holtmann
c13854ceSMarcel Holtmann	BT_DBG("%p name %s bus %d", hdev, hdev->name, hdev->bus);
1da177e4SLinus Torvalds
a1536da2SMarcel Holtmann	hci_dev_set_flag(hdev, HCI_UNREGISTER);
94324962SJohan Hovold
3df92b31SSasha Levin	id = hdev->id;
3df92b31SSasha Levin
f20d09d5SGustavo F. Padovan	write_lock(&hci_dev_list_lock);
1da177e4SLinus Torvalds	list_del(&hdev->list);
f20d09d5SGustavo F. Padovan	write_unlock(&hci_dev_list_lock);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	hci_dev_do_close(hdev);
1da177e4SLinus Torvalds
b9b5ef18SGustavo Padovan	cancel_work_sync(&hdev->power_on);
b9b5ef18SGustavo Padovan
ab81cbf9SJohan Hedberg	if (!test_bit(HCI_INIT, &hdev->flags) &&
d7a5a11dSMarcel Holtmann	    !hci_dev_test_flag(hdev, HCI_SETUP) &&
d7a5a11dSMarcel Holtmann	    !hci_dev_test_flag(hdev, HCI_CONFIG)) {
09fd0de5SGustavo F. Padovan		hci_dev_lock(hdev);
744cf19eSJohan Hedberg		mgmt_index_removed(hdev);
09fd0de5SGustavo F. Padovan		hci_dev_unlock(hdev);
56e5cb86SJohan Hedberg	}
ab81cbf9SJohan Hedberg
2e58ef3eSJohan Hedberg	/* mgmt_index_removed should take care of emptying the
2e58ef3eSJohan Hedberg	 * pending list */
2e58ef3eSJohan Hedberg	BUG_ON(!list_empty(&hdev->mgmt_pending));
2e58ef3eSJohan Hedberg
1da177e4SLinus Torvalds	hci_notify(hdev, HCI_DEV_UNREG);
1da177e4SLinus Torvalds
611b30f7SMarcel Holtmann	if (hdev->rfkill) {
611b30f7SMarcel Holtmann		rfkill_unregister(hdev->rfkill);
611b30f7SMarcel Holtmann		rfkill_destroy(hdev->rfkill);
611b30f7SMarcel Holtmann	}
611b30f7SMarcel Holtmann
bdc3e0f1SMarcel Holtmann	device_del(&hdev->dev);
147e2d59SDave Young
0153e2ecSMarcel Holtmann	debugfs_remove_recursive(hdev->debugfs);
0153e2ecSMarcel Holtmann
f48fd9c8SMarcel Holtmann	destroy_workqueue(hdev->workqueue);
6ead1bbcSJohan Hedberg	destroy_workqueue(hdev->req_workqueue);
f48fd9c8SMarcel Holtmann
09fd0de5SGustavo F. Padovan	hci_dev_lock(hdev);
dcc36c16SJohan Hedberg	hci_bdaddr_list_clear(&hdev->blacklist);
6659358eSJohan Hedberg	hci_bdaddr_list_clear(&hdev->whitelist);
2aeb9a1aSJohan Hedberg	hci_uuids_clear(hdev);
55ed8ca1SJohan Hedberg	hci_link_keys_clear(hdev);
b899efafSVinicius Costa Gomes	hci_smp_ltks_clear(hdev);
970c4e46SJohan Hedberg	hci_smp_irks_clear(hdev);
2763eda6SSzymon Janc	hci_remote_oob_data_clear(hdev);
d2609b34SFlorian Grandel	hci_adv_instances_clear(hdev);
dcc36c16SJohan Hedberg	hci_bdaddr_list_clear(&hdev->le_white_list);
373110c5SJohan Hedberg	hci_conn_params_clear_all(hdev);
22078800SMarcel Holtmann	hci_discovery_filter_clear(hdev);
09fd0de5SGustavo F. Padovan	hci_dev_unlock(hdev);
e2e0cacbSJohan Hedberg
dc946bd8SDavid Herrmann	hci_dev_put(hdev);
3df92b31SSasha Levin
3df92b31SSasha Levin	ida_simple_remove(&hci_index_ida, id);
1da177e4SLinus Torvalds}
1da177e4SLinus TorvaldsEXPORT_SYMBOL(hci_unregister_dev);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds/* Suspend HCI device */
1da177e4SLinus Torvaldsint hci_suspend_dev(struct hci_dev *hdev)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	hci_notify(hdev, HCI_DEV_SUSPEND);
1da177e4SLinus Torvalds	return 0;
1da177e4SLinus Torvalds}
1da177e4SLinus TorvaldsEXPORT_SYMBOL(hci_suspend_dev);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds/* Resume HCI device */
1da177e4SLinus Torvaldsint hci_resume_dev(struct hci_dev *hdev)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	hci_notify(hdev, HCI_DEV_RESUME);
1da177e4SLinus Torvalds	return 0;
1da177e4SLinus Torvalds}
1da177e4SLinus TorvaldsEXPORT_SYMBOL(hci_resume_dev);
1da177e4SLinus Torvalds
75e0569fSMarcel Holtmann/* Reset HCI device */
75e0569fSMarcel Holtmannint hci_reset_dev(struct hci_dev *hdev)
75e0569fSMarcel Holtmann{
75e0569fSMarcel Holtmann	const u8 hw_err[] = { HCI_EV_HARDWARE_ERROR, 0x01, 0x00 };
75e0569fSMarcel Holtmann	struct sk_buff *skb;
75e0569fSMarcel Holtmann
75e0569fSMarcel Holtmann	skb = bt_skb_alloc(3, GFP_ATOMIC);
75e0569fSMarcel Holtmann	if (!skb)
75e0569fSMarcel Holtmann		return -ENOMEM;
75e0569fSMarcel Holtmann
75e0569fSMarcel Holtmann	bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
75e0569fSMarcel Holtmann	memcpy(skb_put(skb, 3), hw_err, 3);
75e0569fSMarcel Holtmann
75e0569fSMarcel Holtmann	/* Send Hardware Error to upper stack */
75e0569fSMarcel Holtmann	return hci_recv_frame(hdev, skb);
75e0569fSMarcel Holtmann}
75e0569fSMarcel HoltmannEXPORT_SYMBOL(hci_reset_dev);
75e0569fSMarcel Holtmann
76bca880SMarcel Holtmann/* Receive frame from HCI drivers */
e1a26170SMarcel Holtmannint hci_recv_frame(struct hci_dev *hdev, struct sk_buff *skb)
76bca880SMarcel Holtmann{
76bca880SMarcel Holtmann	if (!hdev || (!test_bit(HCI_UP, &hdev->flags)
76bca880SMarcel Holtmann		      && !test_bit(HCI_INIT, &hdev->flags))) {
76bca880SMarcel Holtmann		kfree_skb(skb);
76bca880SMarcel Holtmann		return -ENXIO;
76bca880SMarcel Holtmann	}
76bca880SMarcel Holtmann
fe806dceSMarcel Holtmann	if (bt_cb(skb)->pkt_type != HCI_EVENT_PKT &&
fe806dceSMarcel Holtmann	    bt_cb(skb)->pkt_type != HCI_ACLDATA_PKT &&
fe806dceSMarcel Holtmann	    bt_cb(skb)->pkt_type != HCI_SCODATA_PKT) {
fe806dceSMarcel Holtmann		kfree_skb(skb);
fe806dceSMarcel Holtmann		return -EINVAL;
fe806dceSMarcel Holtmann	}
fe806dceSMarcel Holtmann
d82603c6SJorrit Schippers	/* Incoming skb */
76bca880SMarcel Holtmann	bt_cb(skb)->incoming = 1;
76bca880SMarcel Holtmann
76bca880SMarcel Holtmann	/* Time stamp */
76bca880SMarcel Holtmann	__net_timestamp(skb);
76bca880SMarcel Holtmann
76bca880SMarcel Holtmann	skb_queue_tail(&hdev->rx_q, skb);
b78752ccSMarcel Holtmann	queue_work(hdev->workqueue, &hdev->rx_work);
c78ae283SMarcel Holtmann
76bca880SMarcel Holtmann	return 0;
76bca880SMarcel Holtmann}
76bca880SMarcel HoltmannEXPORT_SYMBOL(hci_recv_frame);
76bca880SMarcel Holtmann
e875ff84SMarcel Holtmann/* Receive diagnostic message from HCI drivers */
e875ff84SMarcel Holtmannint hci_recv_diag(struct hci_dev *hdev, struct sk_buff *skb)
e875ff84SMarcel Holtmann{
581d6fd6SMarcel Holtmann	/* Mark as diagnostic packet */
581d6fd6SMarcel Holtmann	bt_cb(skb)->pkt_type = HCI_DIAG_PKT;
581d6fd6SMarcel Holtmann
e875ff84SMarcel Holtmann	/* Time stamp */
e875ff84SMarcel Holtmann	__net_timestamp(skb);
e875ff84SMarcel Holtmann
581d6fd6SMarcel Holtmann	skb_queue_tail(&hdev->rx_q, skb);
581d6fd6SMarcel Holtmann	queue_work(hdev->workqueue, &hdev->rx_work);
e875ff84SMarcel Holtmann
e875ff84SMarcel Holtmann	return 0;
e875ff84SMarcel Holtmann}
e875ff84SMarcel HoltmannEXPORT_SYMBOL(hci_recv_diag);
e875ff84SMarcel Holtmann
1da177e4SLinus Torvalds/* ---- Interface to upper protocols ---- */
1da177e4SLinus Torvalds
1da177e4SLinus Torvaldsint hci_register_cb(struct hci_cb *cb)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	BT_DBG("%p name %s", cb, cb->name);
1da177e4SLinus Torvalds
fba7ecf0SJohan Hedberg	mutex_lock(&hci_cb_list_lock);
00629e0fSJohan Hedberg	list_add_tail(&cb->list, &hci_cb_list);
fba7ecf0SJohan Hedberg	mutex_unlock(&hci_cb_list_lock);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	return 0;
1da177e4SLinus Torvalds}
1da177e4SLinus TorvaldsEXPORT_SYMBOL(hci_register_cb);
1da177e4SLinus Torvalds
1da177e4SLinus Torvaldsint hci_unregister_cb(struct hci_cb *cb)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	BT_DBG("%p name %s", cb, cb->name);
1da177e4SLinus Torvalds
fba7ecf0SJohan Hedberg	mutex_lock(&hci_cb_list_lock);
1da177e4SLinus Torvalds	list_del(&cb->list);
fba7ecf0SJohan Hedberg	mutex_unlock(&hci_cb_list_lock);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	return 0;
1da177e4SLinus Torvalds}
1da177e4SLinus TorvaldsEXPORT_SYMBOL(hci_unregister_cb);
1da177e4SLinus Torvalds
51086991SMarcel Holtmannstatic void hci_send_frame(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4SLinus Torvalds{
cdc52faaSMarcel Holtmann	int err;
cdc52faaSMarcel Holtmann
0d48d939SMarcel Holtmann	BT_DBG("%s type %d len %d", hdev->name, bt_cb(skb)->pkt_type, skb->len);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	/* Time stamp */
a61bbcf2SPatrick McHardy	__net_timestamp(skb);
1da177e4SLinus Torvalds
cd82e61cSMarcel Holtmann	/* Send copy to monitor */
cd82e61cSMarcel Holtmann	hci_send_to_monitor(hdev, skb);
cd82e61cSMarcel Holtmann
cd82e61cSMarcel Holtmann	if (atomic_read(&hdev->promisc)) {
cd82e61cSMarcel Holtmann		/* Send copy to the sockets */
470fe1b5SMarcel Holtmann		hci_send_to_sock(hdev, skb);
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	/* Get rid of skb owner, prior to sending to the driver. */
1da177e4SLinus Torvalds	skb_orphan(skb);
1da177e4SLinus Torvalds
73d0d3c8SMarcel Holtmann	if (!test_bit(HCI_RUNNING, &hdev->flags)) {
73d0d3c8SMarcel Holtmann		kfree_skb(skb);
73d0d3c8SMarcel Holtmann		return;
73d0d3c8SMarcel Holtmann	}
73d0d3c8SMarcel Holtmann
cdc52faaSMarcel Holtmann	err = hdev->send(hdev, skb);
cdc52faaSMarcel Holtmann	if (err < 0) {
cdc52faaSMarcel Holtmann		BT_ERR("%s sending frame failed (%d)", hdev->name, err);
cdc52faaSMarcel Holtmann		kfree_skb(skb);
cdc52faaSMarcel Holtmann	}
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
1ca3a9d0SJohan Hedberg/* Send HCI command */
07dc93ddSJohan Hedbergint hci_send_cmd(struct hci_dev *hdev, __u16 opcode, __u32 plen,
07dc93ddSJohan Hedberg		 const void *param)
1ca3a9d0SJohan Hedberg{
1ca3a9d0SJohan Hedberg	struct sk_buff *skb;
1ca3a9d0SJohan Hedberg
1ca3a9d0SJohan Hedberg	BT_DBG("%s opcode 0x%4.4x plen %d", hdev->name, opcode, plen);
1ca3a9d0SJohan Hedberg
1ca3a9d0SJohan Hedberg	skb = hci_prepare_cmd(hdev, opcode, plen, param);
1ca3a9d0SJohan Hedberg	if (!skb) {
1ca3a9d0SJohan Hedberg		BT_ERR("%s no memory for command", hdev->name);
1ca3a9d0SJohan Hedberg		return -ENOMEM;
1ca3a9d0SJohan Hedberg	}
1ca3a9d0SJohan Hedberg
49c922bbSStephen Hemminger	/* Stand-alone HCI commands must be flagged as
11714b3dSJohan Hedberg	 * single-command requests.
11714b3dSJohan Hedberg	 */
*242c0ebdSMarcel Holtmann	bt_cb(skb)->hci.req_start = true;
11714b3dSJohan Hedberg
1da177e4SLinus Torvalds	skb_queue_tail(&hdev->cmd_q, skb);
c347b765SGustavo F. Padovan	queue_work(hdev->workqueue, &hdev->cmd_work);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	return 0;
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds/* Get data from the previously sent command */
a9de9248SMarcel Holtmannvoid *hci_sent_cmd_data(struct hci_dev *hdev, __u16 opcode)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	struct hci_command_hdr *hdr;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	if (!hdev->sent_cmd)
1da177e4SLinus Torvalds		return NULL;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	hdr = (void *) hdev->sent_cmd->data;
1da177e4SLinus Torvalds
a9de9248SMarcel Holtmann	if (hdr->opcode != cpu_to_le16(opcode))
1da177e4SLinus Torvalds		return NULL;
1da177e4SLinus Torvalds
f0e09510SAndrei Emeltchenko	BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	return hdev->sent_cmd->data + HCI_COMMAND_HDR_SIZE;
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
fbef168fSLoic Poulain/* Send HCI command and wait for command commplete event */
fbef168fSLoic Poulainstruct sk_buff *hci_cmd_sync(struct hci_dev *hdev, u16 opcode, u32 plen,
fbef168fSLoic Poulain			     const void *param, u32 timeout)
fbef168fSLoic Poulain{
fbef168fSLoic Poulain	struct sk_buff *skb;
fbef168fSLoic Poulain
fbef168fSLoic Poulain	if (!test_bit(HCI_UP, &hdev->flags))
fbef168fSLoic Poulain		return ERR_PTR(-ENETDOWN);
fbef168fSLoic Poulain
fbef168fSLoic Poulain	bt_dev_dbg(hdev, "opcode 0x%4.4x plen %d", opcode, plen);
fbef168fSLoic Poulain
fbef168fSLoic Poulain	hci_req_lock(hdev);
fbef168fSLoic Poulain	skb = __hci_cmd_sync(hdev, opcode, plen, param, timeout);
fbef168fSLoic Poulain	hci_req_unlock(hdev);
fbef168fSLoic Poulain
fbef168fSLoic Poulain	return skb;
fbef168fSLoic Poulain}
fbef168fSLoic PoulainEXPORT_SYMBOL(hci_cmd_sync);
fbef168fSLoic Poulain
1da177e4SLinus Torvalds/* Send ACL data */
1da177e4SLinus Torvaldsstatic void hci_add_acl_hdr(struct sk_buff *skb, __u16 handle, __u16 flags)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	struct hci_acl_hdr *hdr;
1da177e4SLinus Torvalds	int len = skb->len;
1da177e4SLinus Torvalds
badff6d0SArnaldo Carvalho de Melo	skb_push(skb, HCI_ACL_HDR_SIZE);
badff6d0SArnaldo Carvalho de Melo	skb_reset_transport_header(skb);
9c70220bSArnaldo Carvalho de Melo	hdr = (struct hci_acl_hdr *)skb_transport_header(skb);
aca3192cSYOSHIFUJI Hideaki	hdr->handle = cpu_to_le16(hci_handle_pack(handle, flags));
aca3192cSYOSHIFUJI Hideaki	hdr->dlen   = cpu_to_le16(len);
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
ee22be7eSAndrei Emeltchenkostatic void hci_queue_acl(struct hci_chan *chan, struct sk_buff_head *queue,
73d80debSLuiz Augusto von Dentz			  struct sk_buff *skb, __u16 flags)
1da177e4SLinus Torvalds{
ee22be7eSAndrei Emeltchenko	struct hci_conn *conn = chan->conn;
1da177e4SLinus Torvalds	struct hci_dev *hdev = conn->hdev;
1da177e4SLinus Torvalds	struct sk_buff *list;
1da177e4SLinus Torvalds
087bfd99SGustavo Padovan	skb->len = skb_headlen(skb);
087bfd99SGustavo Padovan	skb->data_len = 0;
087bfd99SGustavo Padovan
087bfd99SGustavo Padovan	bt_cb(skb)->pkt_type = HCI_ACLDATA_PKT;
204a6e54SAndrei Emeltchenko
204a6e54SAndrei Emeltchenko	switch (hdev->dev_type) {
204a6e54SAndrei Emeltchenko	case HCI_BREDR:
087bfd99SGustavo Padovan		hci_add_acl_hdr(skb, conn->handle, flags);
204a6e54SAndrei Emeltchenko		break;
204a6e54SAndrei Emeltchenko	case HCI_AMP:
204a6e54SAndrei Emeltchenko		hci_add_acl_hdr(skb, chan->handle, flags);
204a6e54SAndrei Emeltchenko		break;
204a6e54SAndrei Emeltchenko	default:
204a6e54SAndrei Emeltchenko		BT_ERR("%s unknown dev_type %d", hdev->name, hdev->dev_type);
204a6e54SAndrei Emeltchenko		return;
204a6e54SAndrei Emeltchenko	}
087bfd99SGustavo Padovan
70f23020SAndrei Emeltchenko	list = skb_shinfo(skb)->frag_list;
70f23020SAndrei Emeltchenko	if (!list) {
1da177e4SLinus Torvalds		/* Non fragmented */
1da177e4SLinus Torvalds		BT_DBG("%s nonfrag skb %p len %d", hdev->name, skb, skb->len);
1da177e4SLinus Torvalds
73d80debSLuiz Augusto von Dentz		skb_queue_tail(queue, skb);
1da177e4SLinus Torvalds	} else {
1da177e4SLinus Torvalds		/* Fragmented */
1da177e4SLinus Torvalds		BT_DBG("%s frag %p len %d", hdev->name, skb, skb->len);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds		skb_shinfo(skb)->frag_list = NULL;
1da177e4SLinus Torvalds
9cfd5a23SJukka Rissanen		/* Queue all fragments atomically. We need to use spin_lock_bh
9cfd5a23SJukka Rissanen		 * here because of 6LoWPAN links, as there this function is
9cfd5a23SJukka Rissanen		 * called from softirq and using normal spin lock could cause
9cfd5a23SJukka Rissanen		 * deadlocks.
9cfd5a23SJukka Rissanen		 */
9cfd5a23SJukka Rissanen		spin_lock_bh(&queue->lock);
1da177e4SLinus Torvalds
73d80debSLuiz Augusto von Dentz		__skb_queue_tail(queue, skb);
e702112fSAndrei Emeltchenko
e702112fSAndrei Emeltchenko		flags &= ~ACL_START;
e702112fSAndrei Emeltchenko		flags |= ACL_CONT;
1da177e4SLinus Torvalds		do {
1da177e4SLinus Torvalds			skb = list; list = list->next;
1da177e4SLinus Torvalds
0d48d939SMarcel Holtmann			bt_cb(skb)->pkt_type = HCI_ACLDATA_PKT;
e702112fSAndrei Emeltchenko			hci_add_acl_hdr(skb, conn->handle, flags);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds			BT_DBG("%s frag %p len %d", hdev->name, skb, skb->len);
1da177e4SLinus Torvalds
73d80debSLuiz Augusto von Dentz			__skb_queue_tail(queue, skb);
1da177e4SLinus Torvalds		} while (list);
1da177e4SLinus Torvalds
9cfd5a23SJukka Rissanen		spin_unlock_bh(&queue->lock);
1da177e4SLinus Torvalds	}
73d80debSLuiz Augusto von Dentz}
73d80debSLuiz Augusto von Dentz
73d80debSLuiz Augusto von Dentzvoid hci_send_acl(struct hci_chan *chan, struct sk_buff *skb, __u16 flags)
73d80debSLuiz Augusto von Dentz{
ee22be7eSAndrei Emeltchenko	struct hci_dev *hdev = chan->conn->hdev;
73d80debSLuiz Augusto von Dentz
f0e09510SAndrei Emeltchenko	BT_DBG("%s chan %p flags 0x%4.4x", hdev->name, chan, flags);
73d80debSLuiz Augusto von Dentz
ee22be7eSAndrei Emeltchenko	hci_queue_acl(chan, &chan->data_q, skb, flags);
1da177e4SLinus Torvalds
3eff45eaSGustavo F. Padovan	queue_work(hdev->workqueue, &hdev->tx_work);
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds/* Send SCO data */
0d861d8bSGustavo F. Padovanvoid hci_send_sco(struct hci_conn *conn, struct sk_buff *skb)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	struct hci_dev *hdev = conn->hdev;
1da177e4SLinus Torvalds	struct hci_sco_hdr hdr;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	BT_DBG("%s len %d", hdev->name, skb->len);
1da177e4SLinus Torvalds
aca3192cSYOSHIFUJI Hideaki	hdr.handle = cpu_to_le16(conn->handle);
1da177e4SLinus Torvalds	hdr.dlen   = skb->len;
1da177e4SLinus Torvalds
badff6d0SArnaldo Carvalho de Melo	skb_push(skb, HCI_SCO_HDR_SIZE);
badff6d0SArnaldo Carvalho de Melo	skb_reset_transport_header(skb);
9c70220bSArnaldo Carvalho de Melo	memcpy(skb_transport_header(skb), &hdr, HCI_SCO_HDR_SIZE);
1da177e4SLinus Torvalds
0d48d939SMarcel Holtmann	bt_cb(skb)->pkt_type = HCI_SCODATA_PKT;
c78ae283SMarcel Holtmann
1da177e4SLinus Torvalds	skb_queue_tail(&conn->data_q, skb);
3eff45eaSGustavo F. Padovan	queue_work(hdev->workqueue, &hdev->tx_work);
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds/* ---- HCI TX task (outgoing data) ---- */
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds/* HCI Connection scheduler */
6039aa73SGustavo Padovanstatic struct hci_conn *hci_low_sent(struct hci_dev *hdev, __u8 type,
a8c5fb1aSGustavo Padovan				     int *quote)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	struct hci_conn_hash *h = &hdev->conn_hash;
8035ded4SLuiz Augusto von Dentz	struct hci_conn *conn = NULL, *c;
abc5de8fSMikel Astiz	unsigned int num = 0, min = ~0;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	/* We don't have to lock device here. Connections are always
1da177e4SLinus Torvalds	 * added and removed with TX task disabled. */
bf4c6325SGustavo F. Padovan
bf4c6325SGustavo F. Padovan	rcu_read_lock();
bf4c6325SGustavo F. Padovan
bf4c6325SGustavo F. Padovan	list_for_each_entry_rcu(c, &h->list, list) {
769be974SMarcel Holtmann		if (c->type != type || skb_queue_empty(&c->data_q))
1da177e4SLinus Torvalds			continue;
769be974SMarcel Holtmann
769be974SMarcel Holtmann		if (c->state != BT_CONNECTED && c->state != BT_CONFIG)
769be974SMarcel Holtmann			continue;
769be974SMarcel Holtmann
1da177e4SLinus Torvalds		num++;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds		if (c->sent < min) {
1da177e4SLinus Torvalds			min  = c->sent;
1da177e4SLinus Torvalds			conn = c;
1da177e4SLinus Torvalds		}
52087a79SLuiz Augusto von Dentz
52087a79SLuiz Augusto von Dentz		if (hci_conn_num(hdev, type) == num)
52087a79SLuiz Augusto von Dentz			break;
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds
bf4c6325SGustavo F. Padovan	rcu_read_unlock();
bf4c6325SGustavo F. Padovan
1da177e4SLinus Torvalds	if (conn) {
6ed58ec5SVille Tervo		int cnt, q;
6ed58ec5SVille Tervo
6ed58ec5SVille Tervo		switch (conn->type) {
6ed58ec5SVille Tervo		case ACL_LINK:
6ed58ec5SVille Tervo			cnt = hdev->acl_cnt;
6ed58ec5SVille Tervo			break;
6ed58ec5SVille Tervo		case SCO_LINK:
6ed58ec5SVille Tervo		case ESCO_LINK:
6ed58ec5SVille Tervo			cnt = hdev->sco_cnt;
6ed58ec5SVille Tervo			break;
6ed58ec5SVille Tervo		case LE_LINK:
6ed58ec5SVille Tervo			cnt = hdev->le_mtu ? hdev->le_cnt : hdev->acl_cnt;
6ed58ec5SVille Tervo			break;
6ed58ec5SVille Tervo		default:
6ed58ec5SVille Tervo			cnt = 0;
6ed58ec5SVille Tervo			BT_ERR("Unknown link type");
6ed58ec5SVille Tervo		}
6ed58ec5SVille Tervo
6ed58ec5SVille Tervo		q = cnt / num;
1da177e4SLinus Torvalds		*quote = q ? q : 1;
1da177e4SLinus Torvalds	} else
1da177e4SLinus Torvalds		*quote = 0;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	BT_DBG("conn %p quote %d", conn, *quote);
1da177e4SLinus Torvalds	return conn;
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
6039aa73SGustavo Padovanstatic void hci_link_tx_to(struct hci_dev *hdev, __u8 type)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	struct hci_conn_hash *h = &hdev->conn_hash;
1da177e4SLinus Torvalds	struct hci_conn *c;
1da177e4SLinus Torvalds
bae1f5d9SVille Tervo	BT_ERR("%s link tx timeout", hdev->name);
1da177e4SLinus Torvalds
bf4c6325SGustavo F. Padovan	rcu_read_lock();
bf4c6325SGustavo F. Padovan
1da177e4SLinus Torvalds	/* Kill stalled connections */
bf4c6325SGustavo F. Padovan	list_for_each_entry_rcu(c, &h->list, list) {
bae1f5d9SVille Tervo		if (c->type == type && c->sent) {
6ed93dc6SAndrei Emeltchenko			BT_ERR("%s killing stalled connection %pMR",
6ed93dc6SAndrei Emeltchenko			       hdev->name, &c->dst);
bed71748SAndre Guedes			hci_disconnect(c, HCI_ERROR_REMOTE_USER_TERM);
1da177e4SLinus Torvalds		}
1da177e4SLinus Torvalds	}
bf4c6325SGustavo F. Padovan
bf4c6325SGustavo F. Padovan	rcu_read_unlock();
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
6039aa73SGustavo Padovanstatic struct hci_chan *hci_chan_sent(struct hci_dev *hdev, __u8 type,
73d80debSLuiz Augusto von Dentz				      int *quote)
73d80debSLuiz Augusto von Dentz{
73d80debSLuiz Augusto von Dentz	struct hci_conn_hash *h = &hdev->conn_hash;
73d80debSLuiz Augusto von Dentz	struct hci_chan *chan = NULL;
abc5de8fSMikel Astiz	unsigned int num = 0, min = ~0, cur_prio = 0;
73d80debSLuiz Augusto von Dentz	struct hci_conn *conn;
73d80debSLuiz Augusto von Dentz	int cnt, q, conn_num = 0;
73d80debSLuiz Augusto von Dentz
73d80debSLuiz Augusto von Dentz	BT_DBG("%s", hdev->name);
73d80debSLuiz Augusto von Dentz
bf4c6325SGustavo F. Padovan	rcu_read_lock();
bf4c6325SGustavo F. Padovan
bf4c6325SGustavo F. Padovan	list_for_each_entry_rcu(conn, &h->list, list) {
73d80debSLuiz Augusto von Dentz		struct hci_chan *tmp;
73d80debSLuiz Augusto von Dentz
73d80debSLuiz Augusto von Dentz		if (conn->type != type)
73d80debSLuiz Augusto von Dentz			continue;
73d80debSLuiz Augusto von Dentz
73d80debSLuiz Augusto von Dentz		if (conn->state != BT_CONNECTED && conn->state != BT_CONFIG)
73d80debSLuiz Augusto von Dentz			continue;
73d80debSLuiz Augusto von Dentz
73d80debSLuiz Augusto von Dentz		conn_num++;
73d80debSLuiz Augusto von Dentz
8192edefSGustavo F. Padovan		list_for_each_entry_rcu(tmp, &conn->chan_list, list) {
73d80debSLuiz Augusto von Dentz			struct sk_buff *skb;
73d80debSLuiz Augusto von Dentz
73d80debSLuiz Augusto von Dentz			if (skb_queue_empty(&tmp->data_q))
73d80debSLuiz Augusto von Dentz				continue;
73d80debSLuiz Augusto von Dentz
73d80debSLuiz Augusto von Dentz			skb = skb_peek(&tmp->data_q);
73d80debSLuiz Augusto von Dentz			if (skb->priority < cur_prio)
73d80debSLuiz Augusto von Dentz				continue;
73d80debSLuiz Augusto von Dentz
73d80debSLuiz Augusto von Dentz			if (skb->priority > cur_prio) {
73d80debSLuiz Augusto von Dentz				num = 0;
73d80debSLuiz Augusto von Dentz				min = ~0;
73d80debSLuiz Augusto von Dentz				cur_prio = skb->priority;
73d80debSLuiz Augusto von Dentz			}
73d80debSLuiz Augusto von Dentz
73d80debSLuiz Augusto von Dentz			num++;
73d80debSLuiz Augusto von Dentz
73d80debSLuiz Augusto von Dentz			if (conn->sent < min) {
73d80debSLuiz Augusto von Dentz				min  = conn->sent;
73d80debSLuiz Augusto von Dentz				chan = tmp;
73d80debSLuiz Augusto von Dentz			}
73d80debSLuiz Augusto von Dentz		}
73d80debSLuiz Augusto von Dentz
73d80debSLuiz Augusto von Dentz		if (hci_conn_num(hdev, type) == conn_num)
73d80debSLuiz Augusto von Dentz			break;
73d80debSLuiz Augusto von Dentz	}
73d80debSLuiz Augusto von Dentz
bf4c6325SGustavo F. Padovan	rcu_read_unlock();
bf4c6325SGustavo F. Padovan
73d80debSLuiz Augusto von Dentz	if (!chan)
73d80debSLuiz Augusto von Dentz		return NULL;
73d80debSLuiz Augusto von Dentz
73d80debSLuiz Augusto von Dentz	switch (chan->conn->type) {
73d80debSLuiz Augusto von Dentz	case ACL_LINK:
73d80debSLuiz Augusto von Dentz		cnt = hdev->acl_cnt;
73d80debSLuiz Augusto von Dentz		break;
bd1eb66bSAndrei Emeltchenko	case AMP_LINK:
bd1eb66bSAndrei Emeltchenko		cnt = hdev->block_cnt;
bd1eb66bSAndrei Emeltchenko		break;
73d80debSLuiz Augusto von Dentz	case SCO_LINK:
73d80debSLuiz Augusto von Dentz	case ESCO_LINK:
73d80debSLuiz Augusto von Dentz		cnt = hdev->sco_cnt;
73d80debSLuiz Augusto von Dentz		break;
73d80debSLuiz Augusto von Dentz	case LE_LINK:
73d80debSLuiz Augusto von Dentz		cnt = hdev->le_mtu ? hdev->le_cnt : hdev->acl_cnt;
73d80debSLuiz Augusto von Dentz		break;
73d80debSLuiz Augusto von Dentz	default:
73d80debSLuiz Augusto von Dentz		cnt = 0;
73d80debSLuiz Augusto von Dentz		BT_ERR("Unknown link type");
73d80debSLuiz Augusto von Dentz	}
73d80debSLuiz Augusto von Dentz
73d80debSLuiz Augusto von Dentz	q = cnt / num;
73d80debSLuiz Augusto von Dentz	*quote = q ? q : 1;
73d80debSLuiz Augusto von Dentz	BT_DBG("chan %p quote %d", chan, *quote);
73d80debSLuiz Augusto von Dentz	return chan;
73d80debSLuiz Augusto von Dentz}
73d80debSLuiz Augusto von Dentz
02b20f0bSLuiz Augusto von Dentzstatic void hci_prio_recalculate(struct hci_dev *hdev, __u8 type)
02b20f0bSLuiz Augusto von Dentz{
02b20f0bSLuiz Augusto von Dentz	struct hci_conn_hash *h = &hdev->conn_hash;
02b20f0bSLuiz Augusto von Dentz	struct hci_conn *conn;
02b20f0bSLuiz Augusto von Dentz	int num = 0;
02b20f0bSLuiz Augusto von Dentz
02b20f0bSLuiz Augusto von Dentz	BT_DBG("%s", hdev->name);
02b20f0bSLuiz Augusto von Dentz
bf4c6325SGustavo F. Padovan	rcu_read_lock();
bf4c6325SGustavo F. Padovan
bf4c6325SGustavo F. Padovan	list_for_each_entry_rcu(conn, &h->list, list) {
02b20f0bSLuiz Augusto von Dentz		struct hci_chan *chan;
02b20f0bSLuiz Augusto von Dentz
02b20f0bSLuiz Augusto von Dentz		if (conn->type != type)
02b20f0bSLuiz Augusto von Dentz			continue;
02b20f0bSLuiz Augusto von Dentz
02b20f0bSLuiz Augusto von Dentz		if (conn->state != BT_CONNECTED && conn->state != BT_CONFIG)
02b20f0bSLuiz Augusto von Dentz			continue;
02b20f0bSLuiz Augusto von Dentz
02b20f0bSLuiz Augusto von Dentz		num++;
02b20f0bSLuiz Augusto von Dentz
8192edefSGustavo F. Padovan		list_for_each_entry_rcu(chan, &conn->chan_list, list) {
02b20f0bSLuiz Augusto von Dentz			struct sk_buff *skb;
02b20f0bSLuiz Augusto von Dentz
02b20f0bSLuiz Augusto von Dentz			if (chan->sent) {
02b20f0bSLuiz Augusto von Dentz				chan->sent = 0;
02b20f0bSLuiz Augusto von Dentz				continue;
02b20f0bSLuiz Augusto von Dentz			}
02b20f0bSLuiz Augusto von Dentz
02b20f0bSLuiz Augusto von Dentz			if (skb_queue_empty(&chan->data_q))
02b20f0bSLuiz Augusto von Dentz				continue;
02b20f0bSLuiz Augusto von Dentz
02b20f0bSLuiz Augusto von Dentz			skb = skb_peek(&chan->data_q);
02b20f0bSLuiz Augusto von Dentz			if (skb->priority >= HCI_PRIO_MAX - 1)
02b20f0bSLuiz Augusto von Dentz				continue;
02b20f0bSLuiz Augusto von Dentz
02b20f0bSLuiz Augusto von Dentz			skb->priority = HCI_PRIO_MAX - 1;
02b20f0bSLuiz Augusto von Dentz
02b20f0bSLuiz Augusto von Dentz			BT_DBG("chan %p skb %p promoted to %d", chan, skb,
02b20f0bSLuiz Augusto von Dentz			       skb->priority);
02b20f0bSLuiz Augusto von Dentz		}
02b20f0bSLuiz Augusto von Dentz
02b20f0bSLuiz Augusto von Dentz		if (hci_conn_num(hdev, type) == num)
02b20f0bSLuiz Augusto von Dentz			break;
02b20f0bSLuiz Augusto von Dentz	}
bf4c6325SGustavo F. Padovan
bf4c6325SGustavo F. Padovan	rcu_read_unlock();
bf4c6325SGustavo F. Padovan
02b20f0bSLuiz Augusto von Dentz}
02b20f0bSLuiz Augusto von Dentz
b71d385aSAndrei Emeltchenkostatic inline int __get_blocks(struct hci_dev *hdev, struct sk_buff *skb)
b71d385aSAndrei Emeltchenko{
b71d385aSAndrei Emeltchenko	/* Calculate count of blocks used by this packet */
b71d385aSAndrei Emeltchenko	return DIV_ROUND_UP(skb->len - HCI_ACL_HDR_SIZE, hdev->block_len);
b71d385aSAndrei Emeltchenko}
b71d385aSAndrei Emeltchenko
6039aa73SGustavo Padovanstatic void __check_timeout(struct hci_dev *hdev, unsigned int cnt)
1da177e4SLinus Torvalds{
d7a5a11dSMarcel Holtmann	if (!hci_dev_test_flag(hdev, HCI_UNCONFIGURED)) {
1da177e4SLinus Torvalds		/* ACL tx timeout must be longer than maximum
1da177e4SLinus Torvalds		 * link supervision timeout (40.9 seconds) */
63d2bc1bSAndrei Emeltchenko		if (!cnt && time_after(jiffies, hdev->acl_last_tx +
5f246e89SAndrei Emeltchenko				       HCI_ACL_TX_TIMEOUT))
bae1f5d9SVille Tervo			hci_link_tx_to(hdev, ACL_LINK);
1da177e4SLinus Torvalds	}
63d2bc1bSAndrei Emeltchenko}
1da177e4SLinus Torvalds
6039aa73SGustavo Padovanstatic void hci_sched_acl_pkt(struct hci_dev *hdev)
63d2bc1bSAndrei Emeltchenko{
63d2bc1bSAndrei Emeltchenko	unsigned int cnt = hdev->acl_cnt;
63d2bc1bSAndrei Emeltchenko	struct hci_chan *chan;
63d2bc1bSAndrei Emeltchenko	struct sk_buff *skb;
63d2bc1bSAndrei Emeltchenko	int quote;
63d2bc1bSAndrei Emeltchenko
63d2bc1bSAndrei Emeltchenko	__check_timeout(hdev, cnt);
04837f64SMarcel Holtmann
73d80debSLuiz Augusto von Dentz	while (hdev->acl_cnt &&
73d80debSLuiz Augusto von Dentz	       (chan = hci_chan_sent(hdev, ACL_LINK, &quote))) {
ec1cce24SLuiz Augusto von Dentz		u32 priority = (skb_peek(&chan->data_q))->priority;
ec1cce24SLuiz Augusto von Dentz		while (quote-- && (skb = skb_peek(&chan->data_q))) {
73d80debSLuiz Augusto von Dentz			BT_DBG("chan %p skb %p len %d priority %u", chan, skb,
73d80debSLuiz Augusto von Dentz			       skb->len, skb->priority);
73d80debSLuiz Augusto von Dentz
ec1cce24SLuiz Augusto von Dentz			/* Stop if priority has changed */
ec1cce24SLuiz Augusto von Dentz			if (skb->priority < priority)
ec1cce24SLuiz Augusto von Dentz				break;
ec1cce24SLuiz Augusto von Dentz
ec1cce24SLuiz Augusto von Dentz			skb = skb_dequeue(&chan->data_q);
ec1cce24SLuiz Augusto von Dentz
73d80debSLuiz Augusto von Dentz			hci_conn_enter_active_mode(chan->conn,
73d80debSLuiz Augusto von Dentz						   bt_cb(skb)->force_active);
04837f64SMarcel Holtmann
57d17d70SMarcel Holtmann			hci_send_frame(hdev, skb);
1da177e4SLinus Torvalds			hdev->acl_last_tx = jiffies;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds			hdev->acl_cnt--;
73d80debSLuiz Augusto von Dentz			chan->sent++;
73d80debSLuiz Augusto von Dentz			chan->conn->sent++;
1da177e4SLinus Torvalds		}
1da177e4SLinus Torvalds	}
02b20f0bSLuiz Augusto von Dentz
02b20f0bSLuiz Augusto von Dentz	if (cnt != hdev->acl_cnt)
02b20f0bSLuiz Augusto von Dentz		hci_prio_recalculate(hdev, ACL_LINK);
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
6039aa73SGustavo Padovanstatic void hci_sched_acl_blk(struct hci_dev *hdev)
b71d385aSAndrei Emeltchenko{
63d2bc1bSAndrei Emeltchenko	unsigned int cnt = hdev->block_cnt;
b71d385aSAndrei Emeltchenko	struct hci_chan *chan;
b71d385aSAndrei Emeltchenko	struct sk_buff *skb;
b71d385aSAndrei Emeltchenko	int quote;
bd1eb66bSAndrei Emeltchenko	u8 type;
b71d385aSAndrei Emeltchenko
63d2bc1bSAndrei Emeltchenko	__check_timeout(hdev, cnt);
b71d385aSAndrei Emeltchenko
bd1eb66bSAndrei Emeltchenko	BT_DBG("%s", hdev->name);
bd1eb66bSAndrei Emeltchenko
bd1eb66bSAndrei Emeltchenko	if (hdev->dev_type == HCI_AMP)
bd1eb66bSAndrei Emeltchenko		type = AMP_LINK;
bd1eb66bSAndrei Emeltchenko	else
bd1eb66bSAndrei Emeltchenko		type = ACL_LINK;
bd1eb66bSAndrei Emeltchenko
b71d385aSAndrei Emeltchenko	while (hdev->block_cnt > 0 &&
bd1eb66bSAndrei Emeltchenko	       (chan = hci_chan_sent(hdev, type, &quote))) {
b71d385aSAndrei Emeltchenko		u32 priority = (skb_peek(&chan->data_q))->priority;
b71d385aSAndrei Emeltchenko		while (quote > 0 && (skb = skb_peek(&chan->data_q))) {
b71d385aSAndrei Emeltchenko			int blocks;
b71d385aSAndrei Emeltchenko
b71d385aSAndrei Emeltchenko			BT_DBG("chan %p skb %p len %d priority %u", chan, skb,
b71d385aSAndrei Emeltchenko			       skb->len, skb->priority);
b71d385aSAndrei Emeltchenko
b71d385aSAndrei Emeltchenko			/* Stop if priority has changed */
b71d385aSAndrei Emeltchenko			if (skb->priority < priority)
b71d385aSAndrei Emeltchenko				break;
b71d385aSAndrei Emeltchenko
b71d385aSAndrei Emeltchenko			skb = skb_dequeue(&chan->data_q);
b71d385aSAndrei Emeltchenko
b71d385aSAndrei Emeltchenko			blocks = __get_blocks(hdev, skb);
b71d385aSAndrei Emeltchenko			if (blocks > hdev->block_cnt)
b71d385aSAndrei Emeltchenko				return;
b71d385aSAndrei Emeltchenko
b71d385aSAndrei Emeltchenko			hci_conn_enter_active_mode(chan->conn,
b71d385aSAndrei Emeltchenko						   bt_cb(skb)->force_active);
b71d385aSAndrei Emeltchenko
57d17d70SMarcel Holtmann			hci_send_frame(hdev, skb);
b71d385aSAndrei Emeltchenko			hdev->acl_last_tx = jiffies;
b71d385aSAndrei Emeltchenko
b71d385aSAndrei Emeltchenko			hdev->block_cnt -= blocks;
b71d385aSAndrei Emeltchenko			quote -= blocks;
b71d385aSAndrei Emeltchenko
b71d385aSAndrei Emeltchenko			chan->sent += blocks;
b71d385aSAndrei Emeltchenko			chan->conn->sent += blocks;
b71d385aSAndrei Emeltchenko		}
b71d385aSAndrei Emeltchenko	}
b71d385aSAndrei Emeltchenko
b71d385aSAndrei Emeltchenko	if (cnt != hdev->block_cnt)
bd1eb66bSAndrei Emeltchenko		hci_prio_recalculate(hdev, type);
b71d385aSAndrei Emeltchenko}
b71d385aSAndrei Emeltchenko
6039aa73SGustavo Padovanstatic void hci_sched_acl(struct hci_dev *hdev)
b71d385aSAndrei Emeltchenko{
b71d385aSAndrei Emeltchenko	BT_DBG("%s", hdev->name);
b71d385aSAndrei Emeltchenko
bd1eb66bSAndrei Emeltchenko	/* No ACL link over BR/EDR controller */
bd1eb66bSAndrei Emeltchenko	if (!hci_conn_num(hdev, ACL_LINK) && hdev->dev_type == HCI_BREDR)
bd1eb66bSAndrei Emeltchenko		return;
bd1eb66bSAndrei Emeltchenko
bd1eb66bSAndrei Emeltchenko	/* No AMP link over AMP controller */
bd1eb66bSAndrei Emeltchenko	if (!hci_conn_num(hdev, AMP_LINK) && hdev->dev_type == HCI_AMP)
b71d385aSAndrei Emeltchenko		return;
b71d385aSAndrei Emeltchenko
b71d385aSAndrei Emeltchenko	switch (hdev->flow_ctl_mode) {
b71d385aSAndrei Emeltchenko	case HCI_FLOW_CTL_MODE_PACKET_BASED:
b71d385aSAndrei Emeltchenko		hci_sched_acl_pkt(hdev);
b71d385aSAndrei Emeltchenko		break;
b71d385aSAndrei Emeltchenko
b71d385aSAndrei Emeltchenko	case HCI_FLOW_CTL_MODE_BLOCK_BASED:
b71d385aSAndrei Emeltchenko		hci_sched_acl_blk(hdev);
b71d385aSAndrei Emeltchenko		break;
b71d385aSAndrei Emeltchenko	}
b71d385aSAndrei Emeltchenko}
b71d385aSAndrei Emeltchenko
1da177e4SLinus Torvalds/* Schedule SCO */
6039aa73SGustavo Padovanstatic void hci_sched_sco(struct hci_dev *hdev)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	struct hci_conn *conn;
1da177e4SLinus Torvalds	struct sk_buff *skb;
1da177e4SLinus Torvalds	int quote;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	BT_DBG("%s", hdev->name);
1da177e4SLinus Torvalds
52087a79SLuiz Augusto von Dentz	if (!hci_conn_num(hdev, SCO_LINK))
52087a79SLuiz Augusto von Dentz		return;
52087a79SLuiz Augusto von Dentz
1da177e4SLinus Torvalds	while (hdev->sco_cnt && (conn = hci_low_sent(hdev, SCO_LINK, &quote))) {
1da177e4SLinus Torvalds		while (quote-- && (skb = skb_dequeue(&conn->data_q))) {
1da177e4SLinus Torvalds			BT_DBG("skb %p len %d", skb, skb->len);
57d17d70SMarcel Holtmann			hci_send_frame(hdev, skb);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds			conn->sent++;
1da177e4SLinus Torvalds			if (conn->sent == ~0)
1da177e4SLinus Torvalds				conn->sent = 0;
1da177e4SLinus Torvalds		}
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
6039aa73SGustavo Padovanstatic void hci_sched_esco(struct hci_dev *hdev)
b6a0dc82SMarcel Holtmann{
b6a0dc82SMarcel Holtmann	struct hci_conn *conn;
b6a0dc82SMarcel Holtmann	struct sk_buff *skb;
b6a0dc82SMarcel Holtmann	int quote;
b6a0dc82SMarcel Holtmann
b6a0dc82SMarcel Holtmann	BT_DBG("%s", hdev->name);
b6a0dc82SMarcel Holtmann
52087a79SLuiz Augusto von Dentz	if (!hci_conn_num(hdev, ESCO_LINK))
52087a79SLuiz Augusto von Dentz		return;
52087a79SLuiz Augusto von Dentz
8fc9ced3SGustavo Padovan	while (hdev->sco_cnt && (conn = hci_low_sent(hdev, ESCO_LINK,
8fc9ced3SGustavo Padovan						     &quote))) {
b6a0dc82SMarcel Holtmann		while (quote-- && (skb = skb_dequeue(&conn->data_q))) {
b6a0dc82SMarcel Holtmann			BT_DBG("skb %p len %d", skb, skb->len);
57d17d70SMarcel Holtmann			hci_send_frame(hdev, skb);
b6a0dc82SMarcel Holtmann
b6a0dc82SMarcel Holtmann			conn->sent++;
b6a0dc82SMarcel Holtmann			if (conn->sent == ~0)
b6a0dc82SMarcel Holtmann				conn->sent = 0;
b6a0dc82SMarcel Holtmann		}
b6a0dc82SMarcel Holtmann	}
b6a0dc82SMarcel Holtmann}
b6a0dc82SMarcel Holtmann
6039aa73SGustavo Padovanstatic void hci_sched_le(struct hci_dev *hdev)
6ed58ec5SVille Tervo{
73d80debSLuiz Augusto von Dentz	struct hci_chan *chan;
6ed58ec5SVille Tervo	struct sk_buff *skb;
02b20f0bSLuiz Augusto von Dentz	int quote, cnt, tmp;
6ed58ec5SVille Tervo
6ed58ec5SVille Tervo	BT_DBG("%s", hdev->name);
6ed58ec5SVille Tervo
52087a79SLuiz Augusto von Dentz	if (!hci_conn_num(hdev, LE_LINK))
52087a79SLuiz Augusto von Dentz		return;
52087a79SLuiz Augusto von Dentz
d7a5a11dSMarcel Holtmann	if (!hci_dev_test_flag(hdev, HCI_UNCONFIGURED)) {
6ed58ec5SVille Tervo		/* LE tx timeout must be longer than maximum
6ed58ec5SVille Tervo		 * link supervision timeout (40.9 seconds) */
bae1f5d9SVille Tervo		if (!hdev->le_cnt && hdev->le_pkts &&
6ed58ec5SVille Tervo		    time_after(jiffies, hdev->le_last_tx + HZ * 45))
bae1f5d9SVille Tervo			hci_link_tx_to(hdev, LE_LINK);
6ed58ec5SVille Tervo	}
6ed58ec5SVille Tervo
6ed58ec5SVille Tervo	cnt = hdev->le_pkts ? hdev->le_cnt : hdev->acl_cnt;
02b20f0bSLuiz Augusto von Dentz	tmp = cnt;
73d80debSLuiz Augusto von Dentz	while (cnt && (chan = hci_chan_sent(hdev, LE_LINK, &quote))) {
ec1cce24SLuiz Augusto von Dentz		u32 priority = (skb_peek(&chan->data_q))->priority;
ec1cce24SLuiz Augusto von Dentz		while (quote-- && (skb = skb_peek(&chan->data_q))) {
73d80debSLuiz Augusto von Dentz			BT_DBG("chan %p skb %p len %d priority %u", chan, skb,
73d80debSLuiz Augusto von Dentz			       skb->len, skb->priority);
6ed58ec5SVille Tervo
ec1cce24SLuiz Augusto von Dentz			/* Stop if priority has changed */
ec1cce24SLuiz Augusto von Dentz			if (skb->priority < priority)
ec1cce24SLuiz Augusto von Dentz				break;
ec1cce24SLuiz Augusto von Dentz
ec1cce24SLuiz Augusto von Dentz			skb = skb_dequeue(&chan->data_q);
ec1cce24SLuiz Augusto von Dentz
57d17d70SMarcel Holtmann			hci_send_frame(hdev, skb);
6ed58ec5SVille Tervo			hdev->le_last_tx = jiffies;
6ed58ec5SVille Tervo
6ed58ec5SVille Tervo			cnt--;
73d80debSLuiz Augusto von Dentz			chan->sent++;
73d80debSLuiz Augusto von Dentz			chan->conn->sent++;
6ed58ec5SVille Tervo		}
6ed58ec5SVille Tervo	}
73d80debSLuiz Augusto von Dentz
6ed58ec5SVille Tervo	if (hdev->le_pkts)
6ed58ec5SVille Tervo		hdev->le_cnt = cnt;
6ed58ec5SVille Tervo	else
6ed58ec5SVille Tervo		hdev->acl_cnt = cnt;
02b20f0bSLuiz Augusto von Dentz
02b20f0bSLuiz Augusto von Dentz	if (cnt != tmp)
02b20f0bSLuiz Augusto von Dentz		hci_prio_recalculate(hdev, LE_LINK);
6ed58ec5SVille Tervo}
6ed58ec5SVille Tervo
3eff45eaSGustavo F. Padovanstatic void hci_tx_work(struct work_struct *work)
1da177e4SLinus Torvalds{
3eff45eaSGustavo F. Padovan	struct hci_dev *hdev = container_of(work, struct hci_dev, tx_work);
1da177e4SLinus Torvalds	struct sk_buff *skb;
1da177e4SLinus Torvalds
6ed58ec5SVille Tervo	BT_DBG("%s acl %d sco %d le %d", hdev->name, hdev->acl_cnt,
6ed58ec5SVille Tervo	       hdev->sco_cnt, hdev->le_cnt);
1da177e4SLinus Torvalds
d7a5a11dSMarcel Holtmann	if (!hci_dev_test_flag(hdev, HCI_USER_CHANNEL)) {
1da177e4SLinus Torvalds		/* Schedule queues and send stuff to HCI driver */
1da177e4SLinus Torvalds		hci_sched_acl(hdev);
1da177e4SLinus Torvalds		hci_sched_sco(hdev);
b6a0dc82SMarcel Holtmann		hci_sched_esco(hdev);
6ed58ec5SVille Tervo		hci_sched_le(hdev);
52de599eSMarcel Holtmann	}
6ed58ec5SVille Tervo
1da177e4SLinus Torvalds	/* Send next queued raw (unknown type) packet */
1da177e4SLinus Torvalds	while ((skb = skb_dequeue(&hdev->raw_q)))
57d17d70SMarcel Holtmann		hci_send_frame(hdev, skb);
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
25985edcSLucas De Marchi/* ----- HCI RX task (incoming data processing) ----- */
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds/* ACL data packet */
6039aa73SGustavo Padovanstatic void hci_acldata_packet(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	struct hci_acl_hdr *hdr = (void *) skb->data;
1da177e4SLinus Torvalds	struct hci_conn *conn;
1da177e4SLinus Torvalds	__u16 handle, flags;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	skb_pull(skb, HCI_ACL_HDR_SIZE);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	handle = __le16_to_cpu(hdr->handle);
1da177e4SLinus Torvalds	flags  = hci_flags(handle);
1da177e4SLinus Torvalds	handle = hci_handle(handle);
1da177e4SLinus Torvalds
f0e09510SAndrei Emeltchenko	BT_DBG("%s len %d handle 0x%4.4x flags 0x%4.4x", hdev->name, skb->len,
a8c5fb1aSGustavo Padovan	       handle, flags);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	hdev->stat.acl_rx++;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	hci_dev_lock(hdev);
1da177e4SLinus Torvalds	conn = hci_conn_hash_lookup_handle(hdev, handle);
1da177e4SLinus Torvalds	hci_dev_unlock(hdev);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	if (conn) {
65983fc7SMat Martineau		hci_conn_enter_active_mode(conn, BT_POWER_FORCE_ACTIVE_OFF);
04837f64SMarcel Holtmann
1da177e4SLinus Torvalds		/* Send to upper protocol */
686ebf28SUlisses Furquim		l2cap_recv_acldata(conn, skb, flags);
1da177e4SLinus Torvalds		return;
1da177e4SLinus Torvalds	} else {
1da177e4SLinus Torvalds		BT_ERR("%s ACL packet for unknown connection handle %d",
1da177e4SLinus Torvalds		       hdev->name, handle);
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	kfree_skb(skb);
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds/* SCO data packet */
6039aa73SGustavo Padovanstatic void hci_scodata_packet(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4SLinus Torvalds{
1da177e4SLinus Torvalds	struct hci_sco_hdr *hdr = (void *) skb->data;
1da177e4SLinus Torvalds	struct hci_conn *conn;
1da177e4SLinus Torvalds	__u16 handle;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	skb_pull(skb, HCI_SCO_HDR_SIZE);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	handle = __le16_to_cpu(hdr->handle);
1da177e4SLinus Torvalds
f0e09510SAndrei Emeltchenko	BT_DBG("%s len %d handle 0x%4.4x", hdev->name, skb->len, handle);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	hdev->stat.sco_rx++;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	hci_dev_lock(hdev);
1da177e4SLinus Torvalds	conn = hci_conn_hash_lookup_handle(hdev, handle);
1da177e4SLinus Torvalds	hci_dev_unlock(hdev);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	if (conn) {
1da177e4SLinus Torvalds		/* Send to upper protocol */
686ebf28SUlisses Furquim		sco_recv_scodata(conn, skb);
1da177e4SLinus Torvalds		return;
1da177e4SLinus Torvalds	} else {
1da177e4SLinus Torvalds		BT_ERR("%s SCO packet for unknown connection handle %d",
1da177e4SLinus Torvalds		       hdev->name, handle);
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	kfree_skb(skb);
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
9238f36aSJohan Hedbergstatic bool hci_req_is_complete(struct hci_dev *hdev)
9238f36aSJohan Hedberg{
9238f36aSJohan Hedberg	struct sk_buff *skb;
9238f36aSJohan Hedberg
9238f36aSJohan Hedberg	skb = skb_peek(&hdev->cmd_q);
9238f36aSJohan Hedberg	if (!skb)
9238f36aSJohan Hedberg		return true;
9238f36aSJohan Hedberg
*242c0ebdSMarcel Holtmann	return bt_cb(skb)->hci.req_start;
9238f36aSJohan Hedberg}
9238f36aSJohan Hedberg
42c6b129SJohan Hedbergstatic void hci_resend_last(struct hci_dev *hdev)
42c6b129SJohan Hedberg{
42c6b129SJohan Hedberg	struct hci_command_hdr *sent;
42c6b129SJohan Hedberg	struct sk_buff *skb;
42c6b129SJohan Hedberg	u16 opcode;
42c6b129SJohan Hedberg
42c6b129SJohan Hedberg	if (!hdev->sent_cmd)
42c6b129SJohan Hedberg		return;
42c6b129SJohan Hedberg
42c6b129SJohan Hedberg	sent = (void *) hdev->sent_cmd->data;
42c6b129SJohan Hedberg	opcode = __le16_to_cpu(sent->opcode);
42c6b129SJohan Hedberg	if (opcode == HCI_OP_RESET)
42c6b129SJohan Hedberg		return;
42c6b129SJohan Hedberg
42c6b129SJohan Hedberg	skb = skb_clone(hdev->sent_cmd, GFP_KERNEL);
42c6b129SJohan Hedberg	if (!skb)
42c6b129SJohan Hedberg		return;
42c6b129SJohan Hedberg
42c6b129SJohan Hedberg	skb_queue_head(&hdev->cmd_q, skb);
42c6b129SJohan Hedberg	queue_work(hdev->workqueue, &hdev->cmd_work);
42c6b129SJohan Hedberg}
42c6b129SJohan Hedberg
e6214487SJohan Hedbergvoid hci_req_cmd_complete(struct hci_dev *hdev, u16 opcode, u8 status,
e6214487SJohan Hedberg			  hci_req_complete_t *req_complete,
e6214487SJohan Hedberg			  hci_req_complete_skb_t *req_complete_skb)
9238f36aSJohan Hedberg{
9238f36aSJohan Hedberg	struct sk_buff *skb;
9238f36aSJohan Hedberg	unsigned long flags;
9238f36aSJohan Hedberg
9238f36aSJohan Hedberg	BT_DBG("opcode 0x%04x status 0x%02x", opcode, status);
9238f36aSJohan Hedberg
42c6b129SJohan Hedberg	/* If the completed command doesn't match the last one that was
42c6b129SJohan Hedberg	 * sent we need to do special handling of it.
9238f36aSJohan Hedberg	 */
42c6b129SJohan Hedberg	if (!hci_sent_cmd_data(hdev, opcode)) {
42c6b129SJohan Hedberg		/* Some CSR based controllers generate a spontaneous
42c6b129SJohan Hedberg		 * reset complete event during init and any pending
42c6b129SJohan Hedberg		 * command will never be completed. In such a case we
42c6b129SJohan Hedberg		 * need to resend whatever was the last sent
42c6b129SJohan Hedberg		 * command.
42c6b129SJohan Hedberg		 */
42c6b129SJohan Hedberg		if (test_bit(HCI_INIT, &hdev->flags) && opcode == HCI_OP_RESET)
42c6b129SJohan Hedberg			hci_resend_last(hdev);
42c6b129SJohan Hedberg
9238f36aSJohan Hedberg		return;
42c6b129SJohan Hedberg	}
9238f36aSJohan Hedberg
9238f36aSJohan Hedberg	/* If the command succeeded and there's still more commands in
9238f36aSJohan Hedberg	 * this request the request is not yet complete.
9238f36aSJohan Hedberg	 */
9238f36aSJohan Hedberg	if (!status && !hci_req_is_complete(hdev))
9238f36aSJohan Hedberg		return;
9238f36aSJohan Hedberg
9238f36aSJohan Hedberg	/* If this was the last command in a request the complete
9238f36aSJohan Hedberg	 * callback would be found in hdev->sent_cmd instead of the
9238f36aSJohan Hedberg	 * command queue (hdev->cmd_q).
9238f36aSJohan Hedberg	 */
*242c0ebdSMarcel Holtmann	if (bt_cb(hdev->sent_cmd)->hci.req_complete) {
*242c0ebdSMarcel Holtmann		*req_complete = bt_cb(hdev->sent_cmd)->hci.req_complete;
e6214487SJohan Hedberg		return;
9238f36aSJohan Hedberg	}
e6214487SJohan Hedberg
*242c0ebdSMarcel Holtmann	if (bt_cb(hdev->sent_cmd)->hci.req_complete_skb) {
*242c0ebdSMarcel Holtmann		*req_complete_skb = bt_cb(hdev->sent_cmd)->hci.req_complete_skb;
e6214487SJohan Hedberg		return;
53e21fbcSJohan Hedberg	}
9238f36aSJohan Hedberg
9238f36aSJohan Hedberg	/* Remove all pending commands belonging to this request */
9238f36aSJohan Hedberg	spin_lock_irqsave(&hdev->cmd_q.lock, flags);
9238f36aSJohan Hedberg	while ((skb = __skb_dequeue(&hdev->cmd_q))) {
*242c0ebdSMarcel Holtmann		if (bt_cb(skb)->hci.req_start) {
9238f36aSJohan Hedberg			__skb_queue_head(&hdev->cmd_q, skb);
9238f36aSJohan Hedberg			break;
9238f36aSJohan Hedberg		}
9238f36aSJohan Hedberg
*242c0ebdSMarcel Holtmann		*req_complete = bt_cb(skb)->hci.req_complete;
*242c0ebdSMarcel Holtmann		*req_complete_skb = bt_cb(skb)->hci.req_complete_skb;
9238f36aSJohan Hedberg		kfree_skb(skb);
9238f36aSJohan Hedberg	}
9238f36aSJohan Hedberg	spin_unlock_irqrestore(&hdev->cmd_q.lock, flags);
9238f36aSJohan Hedberg}
9238f36aSJohan Hedberg
b78752ccSMarcel Holtmannstatic void hci_rx_work(struct work_struct *work)
1da177e4SLinus Torvalds{
b78752ccSMarcel Holtmann	struct hci_dev *hdev = container_of(work, struct hci_dev, rx_work);
1da177e4SLinus Torvalds	struct sk_buff *skb;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	BT_DBG("%s", hdev->name);
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	while ((skb = skb_dequeue(&hdev->rx_q))) {
cd82e61cSMarcel Holtmann		/* Send copy to monitor */
cd82e61cSMarcel Holtmann		hci_send_to_monitor(hdev, skb);
cd82e61cSMarcel Holtmann
1da177e4SLinus Torvalds		if (atomic_read(&hdev->promisc)) {
1da177e4SLinus Torvalds			/* Send copy to the sockets */
470fe1b5SMarcel Holtmann			hci_send_to_sock(hdev, skb);
1da177e4SLinus Torvalds		}
1da177e4SLinus Torvalds
d7a5a11dSMarcel Holtmann		if (hci_dev_test_flag(hdev, HCI_USER_CHANNEL)) {
1da177e4SLinus Torvalds			kfree_skb(skb);
1da177e4SLinus Torvalds			continue;
1da177e4SLinus Torvalds		}
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds		if (test_bit(HCI_INIT, &hdev->flags)) {
1da177e4SLinus Torvalds			/* Don't process data packets in this states. */
0d48d939SMarcel Holtmann			switch (bt_cb(skb)->pkt_type) {
1da177e4SLinus Torvalds			case HCI_ACLDATA_PKT:
1da177e4SLinus Torvalds			case HCI_SCODATA_PKT:
1da177e4SLinus Torvalds				kfree_skb(skb);
1da177e4SLinus Torvalds				continue;
3ff50b79SStephen Hemminger			}
1da177e4SLinus Torvalds		}
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds		/* Process frame */
0d48d939SMarcel Holtmann		switch (bt_cb(skb)->pkt_type) {
1da177e4SLinus Torvalds		case HCI_EVENT_PKT:
b78752ccSMarcel Holtmann			BT_DBG("%s Event packet", hdev->name);
1da177e4SLinus Torvalds			hci_event_packet(hdev, skb);
1da177e4SLinus Torvalds			break;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds		case HCI_ACLDATA_PKT:
1da177e4SLinus Torvalds			BT_DBG("%s ACL data packet", hdev->name);
1da177e4SLinus Torvalds			hci_acldata_packet(hdev, skb);
1da177e4SLinus Torvalds			break;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds		case HCI_SCODATA_PKT:
1da177e4SLinus Torvalds			BT_DBG("%s SCO data packet", hdev->name);
1da177e4SLinus Torvalds			hci_scodata_packet(hdev, skb);
1da177e4SLinus Torvalds			break;
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds		default:
1da177e4SLinus Torvalds			kfree_skb(skb);
1da177e4SLinus Torvalds			break;
1da177e4SLinus Torvalds		}
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds}
1da177e4SLinus Torvalds
c347b765SGustavo F. Padovanstatic void hci_cmd_work(struct work_struct *work)
1da177e4SLinus Torvalds{
c347b765SGustavo F. Padovan	struct hci_dev *hdev = container_of(work, struct hci_dev, cmd_work);
1da177e4SLinus Torvalds	struct sk_buff *skb;
1da177e4SLinus Torvalds
2104786bSAndrei Emeltchenko	BT_DBG("%s cmd_cnt %d cmd queued %d", hdev->name,
2104786bSAndrei Emeltchenko	       atomic_read(&hdev->cmd_cnt), skb_queue_len(&hdev->cmd_q));
1da177e4SLinus Torvalds
1da177e4SLinus Torvalds	/* Send queued commands */
5a08ecceSAndrei Emeltchenko	if (atomic_read(&hdev->cmd_cnt)) {
5a08ecceSAndrei Emeltchenko		skb = skb_dequeue(&hdev->cmd_q);
5a08ecceSAndrei Emeltchenko		if (!skb)
5a08ecceSAndrei Emeltchenko			return;
5a08ecceSAndrei Emeltchenko
1da177e4SLinus Torvalds		kfree_skb(hdev->sent_cmd);
1da177e4SLinus Torvalds
a675d7f1SMarcel Holtmann		hdev->sent_cmd = skb_clone(skb, GFP_KERNEL);
70f23020SAndrei Emeltchenko		if (hdev->sent_cmd) {
1da177e4SLinus Torvalds			atomic_dec(&hdev->cmd_cnt);
57d17d70SMarcel Holtmann			hci_send_frame(hdev, skb);
7bdb8a5cSSzymon Janc			if (test_bit(HCI_RESET, &hdev->flags))
65cc2b49SMarcel Holtmann				cancel_delayed_work(&hdev->cmd_timer);
7bdb8a5cSSzymon Janc			else
65cc2b49SMarcel Holtmann				schedule_delayed_work(&hdev->cmd_timer,
65cc2b49SMarcel Holtmann						      HCI_CMD_TIMEOUT);
1da177e4SLinus Torvalds		} else {
1da177e4SLinus Torvalds			skb_queue_head(&hdev->cmd_q, skb);
c347b765SGustavo F. Padovan			queue_work(hdev->workqueue, &hdev->cmd_work);
1da177e4SLinus Torvalds		}
1da177e4SLinus Torvalds	}
1da177e4SLinus Torvalds}