1 /* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved. 4 5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 6 7 This program is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License version 2 as 9 published by the Free Software Foundation; 10 11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 22 SOFTWARE IS DISCLAIMED. 23 */ 24 25 /* Bluetooth HCI event handling. */ 26 27 #include <linux/module.h> 28 29 #include <linux/types.h> 30 #include <linux/errno.h> 31 #include <linux/kernel.h> 32 #include <linux/slab.h> 33 #include <linux/poll.h> 34 #include <linux/fcntl.h> 35 #include <linux/init.h> 36 #include <linux/skbuff.h> 37 #include <linux/interrupt.h> 38 #include <linux/notifier.h> 39 #include <net/sock.h> 40 41 #include <asm/system.h> 42 #include <linux/uaccess.h> 43 #include <asm/unaligned.h> 44 45 #include <net/bluetooth/bluetooth.h> 46 #include <net/bluetooth/hci_core.h> 47 48 /* Handle HCI Event packets */ 49 50 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb) 51 { 52 __u8 status = *((__u8 *) skb->data); 53 54 BT_DBG("%s status 0x%x", hdev->name, status); 55 56 if (status) 57 return; 58 59 clear_bit(HCI_INQUIRY, &hdev->flags); 60 61 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status); 62 63 hci_conn_check_pending(hdev); 64 } 65 66 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb) 67 { 68 __u8 status = *((__u8 *) skb->data); 69 70 BT_DBG("%s status 0x%x", hdev->name, status); 71 72 if (status) 73 return; 74 75 clear_bit(HCI_INQUIRY, &hdev->flags); 76 77 hci_conn_check_pending(hdev); 78 } 79 80 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb) 81 { 82 BT_DBG("%s", hdev->name); 83 } 84 85 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb) 86 { 87 struct hci_rp_role_discovery *rp = (void *) skb->data; 88 struct hci_conn *conn; 89 90 BT_DBG("%s status 0x%x", hdev->name, rp->status); 91 92 if (rp->status) 93 return; 94 95 hci_dev_lock(hdev); 96 97 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); 98 if (conn) { 99 if (rp->role) 100 conn->link_mode &= ~HCI_LM_MASTER; 101 else 102 conn->link_mode |= HCI_LM_MASTER; 103 } 104 105 hci_dev_unlock(hdev); 106 } 107 108 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb) 109 { 110 struct hci_rp_read_link_policy *rp = (void *) skb->data; 111 struct hci_conn *conn; 112 113 BT_DBG("%s status 0x%x", hdev->name, rp->status); 114 115 if (rp->status) 116 return; 117 118 hci_dev_lock(hdev); 119 120 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); 121 if (conn) 122 conn->link_policy = __le16_to_cpu(rp->policy); 123 124 hci_dev_unlock(hdev); 125 } 126 127 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb) 128 { 129 struct hci_rp_write_link_policy *rp = (void *) skb->data; 130 struct hci_conn *conn; 131 void *sent; 132 133 BT_DBG("%s status 0x%x", hdev->name, rp->status); 134 135 if (rp->status) 136 return; 137 138 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY); 139 if (!sent) 140 return; 141 142 hci_dev_lock(hdev); 143 144 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); 145 if (conn) 146 conn->link_policy = get_unaligned_le16(sent + 2); 147 148 hci_dev_unlock(hdev); 149 } 150 151 static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb) 152 { 153 struct hci_rp_read_def_link_policy *rp = (void *) skb->data; 154 155 BT_DBG("%s status 0x%x", hdev->name, rp->status); 156 157 if (rp->status) 158 return; 159 160 hdev->link_policy = __le16_to_cpu(rp->policy); 161 } 162 163 static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb) 164 { 165 __u8 status = *((__u8 *) skb->data); 166 void *sent; 167 168 BT_DBG("%s status 0x%x", hdev->name, status); 169 170 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY); 171 if (!sent) 172 return; 173 174 if (!status) 175 hdev->link_policy = get_unaligned_le16(sent); 176 177 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status); 178 } 179 180 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb) 181 { 182 __u8 status = *((__u8 *) skb->data); 183 184 BT_DBG("%s status 0x%x", hdev->name, status); 185 186 hci_req_complete(hdev, HCI_OP_RESET, status); 187 } 188 189 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb) 190 { 191 __u8 status = *((__u8 *) skb->data); 192 void *sent; 193 194 BT_DBG("%s status 0x%x", hdev->name, status); 195 196 if (status) 197 return; 198 199 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME); 200 if (!sent) 201 return; 202 203 memcpy(hdev->dev_name, sent, 248); 204 } 205 206 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb) 207 { 208 struct hci_rp_read_local_name *rp = (void *) skb->data; 209 210 BT_DBG("%s status 0x%x", hdev->name, rp->status); 211 212 if (rp->status) 213 return; 214 215 memcpy(hdev->dev_name, rp->name, 248); 216 } 217 218 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb) 219 { 220 __u8 status = *((__u8 *) skb->data); 221 void *sent; 222 223 BT_DBG("%s status 0x%x", hdev->name, status); 224 225 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE); 226 if (!sent) 227 return; 228 229 if (!status) { 230 __u8 param = *((__u8 *) sent); 231 232 if (param == AUTH_ENABLED) 233 set_bit(HCI_AUTH, &hdev->flags); 234 else 235 clear_bit(HCI_AUTH, &hdev->flags); 236 } 237 238 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status); 239 } 240 241 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb) 242 { 243 __u8 status = *((__u8 *) skb->data); 244 void *sent; 245 246 BT_DBG("%s status 0x%x", hdev->name, status); 247 248 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE); 249 if (!sent) 250 return; 251 252 if (!status) { 253 __u8 param = *((__u8 *) sent); 254 255 if (param) 256 set_bit(HCI_ENCRYPT, &hdev->flags); 257 else 258 clear_bit(HCI_ENCRYPT, &hdev->flags); 259 } 260 261 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status); 262 } 263 264 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb) 265 { 266 __u8 status = *((__u8 *) skb->data); 267 void *sent; 268 269 BT_DBG("%s status 0x%x", hdev->name, status); 270 271 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE); 272 if (!sent) 273 return; 274 275 if (!status) { 276 __u8 param = *((__u8 *) sent); 277 278 clear_bit(HCI_PSCAN, &hdev->flags); 279 clear_bit(HCI_ISCAN, &hdev->flags); 280 281 if (param & SCAN_INQUIRY) 282 set_bit(HCI_ISCAN, &hdev->flags); 283 284 if (param & SCAN_PAGE) 285 set_bit(HCI_PSCAN, &hdev->flags); 286 } 287 288 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status); 289 } 290 291 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb) 292 { 293 struct hci_rp_read_class_of_dev *rp = (void *) skb->data; 294 295 BT_DBG("%s status 0x%x", hdev->name, rp->status); 296 297 if (rp->status) 298 return; 299 300 memcpy(hdev->dev_class, rp->dev_class, 3); 301 302 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name, 303 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]); 304 } 305 306 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb) 307 { 308 __u8 status = *((__u8 *) skb->data); 309 void *sent; 310 311 BT_DBG("%s status 0x%x", hdev->name, status); 312 313 if (status) 314 return; 315 316 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV); 317 if (!sent) 318 return; 319 320 memcpy(hdev->dev_class, sent, 3); 321 } 322 323 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb) 324 { 325 struct hci_rp_read_voice_setting *rp = (void *) skb->data; 326 __u16 setting; 327 328 BT_DBG("%s status 0x%x", hdev->name, rp->status); 329 330 if (rp->status) 331 return; 332 333 setting = __le16_to_cpu(rp->voice_setting); 334 335 if (hdev->voice_setting == setting) 336 return; 337 338 hdev->voice_setting = setting; 339 340 BT_DBG("%s voice setting 0x%04x", hdev->name, setting); 341 342 if (hdev->notify) { 343 tasklet_disable(&hdev->tx_task); 344 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING); 345 tasklet_enable(&hdev->tx_task); 346 } 347 } 348 349 static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb) 350 { 351 __u8 status = *((__u8 *) skb->data); 352 __u16 setting; 353 void *sent; 354 355 BT_DBG("%s status 0x%x", hdev->name, status); 356 357 if (status) 358 return; 359 360 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING); 361 if (!sent) 362 return; 363 364 setting = get_unaligned_le16(sent); 365 366 if (hdev->voice_setting == setting) 367 return; 368 369 hdev->voice_setting = setting; 370 371 BT_DBG("%s voice setting 0x%04x", hdev->name, setting); 372 373 if (hdev->notify) { 374 tasklet_disable(&hdev->tx_task); 375 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING); 376 tasklet_enable(&hdev->tx_task); 377 } 378 } 379 380 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb) 381 { 382 __u8 status = *((__u8 *) skb->data); 383 384 BT_DBG("%s status 0x%x", hdev->name, status); 385 386 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status); 387 } 388 389 static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb) 390 { 391 struct hci_rp_read_ssp_mode *rp = (void *) skb->data; 392 393 BT_DBG("%s status 0x%x", hdev->name, rp->status); 394 395 if (rp->status) 396 return; 397 398 hdev->ssp_mode = rp->mode; 399 } 400 401 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb) 402 { 403 __u8 status = *((__u8 *) skb->data); 404 void *sent; 405 406 BT_DBG("%s status 0x%x", hdev->name, status); 407 408 if (status) 409 return; 410 411 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE); 412 if (!sent) 413 return; 414 415 hdev->ssp_mode = *((__u8 *) sent); 416 } 417 418 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb) 419 { 420 struct hci_rp_read_local_version *rp = (void *) skb->data; 421 422 BT_DBG("%s status 0x%x", hdev->name, rp->status); 423 424 if (rp->status) 425 return; 426 427 hdev->hci_ver = rp->hci_ver; 428 hdev->hci_rev = __le16_to_cpu(rp->hci_rev); 429 hdev->manufacturer = __le16_to_cpu(rp->manufacturer); 430 431 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name, 432 hdev->manufacturer, 433 hdev->hci_ver, hdev->hci_rev); 434 } 435 436 static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb) 437 { 438 struct hci_rp_read_local_commands *rp = (void *) skb->data; 439 440 BT_DBG("%s status 0x%x", hdev->name, rp->status); 441 442 if (rp->status) 443 return; 444 445 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands)); 446 } 447 448 static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb) 449 { 450 struct hci_rp_read_local_features *rp = (void *) skb->data; 451 452 BT_DBG("%s status 0x%x", hdev->name, rp->status); 453 454 if (rp->status) 455 return; 456 457 memcpy(hdev->features, rp->features, 8); 458 459 /* Adjust default settings according to features 460 * supported by device. */ 461 462 if (hdev->features[0] & LMP_3SLOT) 463 hdev->pkt_type |= (HCI_DM3 | HCI_DH3); 464 465 if (hdev->features[0] & LMP_5SLOT) 466 hdev->pkt_type |= (HCI_DM5 | HCI_DH5); 467 468 if (hdev->features[1] & LMP_HV2) { 469 hdev->pkt_type |= (HCI_HV2); 470 hdev->esco_type |= (ESCO_HV2); 471 } 472 473 if (hdev->features[1] & LMP_HV3) { 474 hdev->pkt_type |= (HCI_HV3); 475 hdev->esco_type |= (ESCO_HV3); 476 } 477 478 if (hdev->features[3] & LMP_ESCO) 479 hdev->esco_type |= (ESCO_EV3); 480 481 if (hdev->features[4] & LMP_EV4) 482 hdev->esco_type |= (ESCO_EV4); 483 484 if (hdev->features[4] & LMP_EV5) 485 hdev->esco_type |= (ESCO_EV5); 486 487 if (hdev->features[5] & LMP_EDR_ESCO_2M) 488 hdev->esco_type |= (ESCO_2EV3); 489 490 if (hdev->features[5] & LMP_EDR_ESCO_3M) 491 hdev->esco_type |= (ESCO_3EV3); 492 493 if (hdev->features[5] & LMP_EDR_3S_ESCO) 494 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5); 495 496 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name, 497 hdev->features[0], hdev->features[1], 498 hdev->features[2], hdev->features[3], 499 hdev->features[4], hdev->features[5], 500 hdev->features[6], hdev->features[7]); 501 } 502 503 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb) 504 { 505 struct hci_rp_read_buffer_size *rp = (void *) skb->data; 506 507 BT_DBG("%s status 0x%x", hdev->name, rp->status); 508 509 if (rp->status) 510 return; 511 512 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu); 513 hdev->sco_mtu = rp->sco_mtu; 514 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt); 515 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt); 516 517 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) { 518 hdev->sco_mtu = 64; 519 hdev->sco_pkts = 8; 520 } 521 522 hdev->acl_cnt = hdev->acl_pkts; 523 hdev->sco_cnt = hdev->sco_pkts; 524 525 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, 526 hdev->acl_mtu, hdev->acl_pkts, 527 hdev->sco_mtu, hdev->sco_pkts); 528 } 529 530 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb) 531 { 532 struct hci_rp_read_bd_addr *rp = (void *) skb->data; 533 534 BT_DBG("%s status 0x%x", hdev->name, rp->status); 535 536 if (!rp->status) 537 bacpy(&hdev->bdaddr, &rp->bdaddr); 538 539 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status); 540 } 541 542 static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb) 543 { 544 __u8 status = *((__u8 *) skb->data); 545 546 BT_DBG("%s status 0x%x", hdev->name, status); 547 548 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status); 549 } 550 551 static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status) 552 { 553 BT_DBG("%s status 0x%x", hdev->name, status); 554 555 if (status) { 556 hci_req_complete(hdev, HCI_OP_INQUIRY, status); 557 558 hci_conn_check_pending(hdev); 559 } else 560 set_bit(HCI_INQUIRY, &hdev->flags); 561 } 562 563 static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status) 564 { 565 struct hci_cp_create_conn *cp; 566 struct hci_conn *conn; 567 568 BT_DBG("%s status 0x%x", hdev->name, status); 569 570 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN); 571 if (!cp) 572 return; 573 574 hci_dev_lock(hdev); 575 576 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); 577 578 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn); 579 580 if (status) { 581 if (conn && conn->state == BT_CONNECT) { 582 if (status != 0x0c || conn->attempt > 2) { 583 conn->state = BT_CLOSED; 584 hci_proto_connect_cfm(conn, status); 585 hci_conn_del(conn); 586 } else 587 conn->state = BT_CONNECT2; 588 } 589 } else { 590 if (!conn) { 591 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr); 592 if (conn) { 593 conn->out = 1; 594 conn->link_mode |= HCI_LM_MASTER; 595 } else 596 BT_ERR("No memory for new connection"); 597 } 598 } 599 600 hci_dev_unlock(hdev); 601 } 602 603 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status) 604 { 605 struct hci_cp_add_sco *cp; 606 struct hci_conn *acl, *sco; 607 __u16 handle; 608 609 BT_DBG("%s status 0x%x", hdev->name, status); 610 611 if (!status) 612 return; 613 614 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO); 615 if (!cp) 616 return; 617 618 handle = __le16_to_cpu(cp->handle); 619 620 BT_DBG("%s handle %d", hdev->name, handle); 621 622 hci_dev_lock(hdev); 623 624 acl = hci_conn_hash_lookup_handle(hdev, handle); 625 if (acl && (sco = acl->link)) { 626 sco->state = BT_CLOSED; 627 628 hci_proto_connect_cfm(sco, status); 629 hci_conn_del(sco); 630 } 631 632 hci_dev_unlock(hdev); 633 } 634 635 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status) 636 { 637 struct hci_cp_auth_requested *cp; 638 struct hci_conn *conn; 639 640 BT_DBG("%s status 0x%x", hdev->name, status); 641 642 if (!status) 643 return; 644 645 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED); 646 if (!cp) 647 return; 648 649 hci_dev_lock(hdev); 650 651 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 652 if (conn) { 653 if (conn->state == BT_CONFIG) { 654 hci_proto_connect_cfm(conn, status); 655 hci_conn_put(conn); 656 } 657 } 658 659 hci_dev_unlock(hdev); 660 } 661 662 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status) 663 { 664 struct hci_cp_set_conn_encrypt *cp; 665 struct hci_conn *conn; 666 667 BT_DBG("%s status 0x%x", hdev->name, status); 668 669 if (!status) 670 return; 671 672 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT); 673 if (!cp) 674 return; 675 676 hci_dev_lock(hdev); 677 678 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 679 if (conn) { 680 if (conn->state == BT_CONFIG) { 681 hci_proto_connect_cfm(conn, status); 682 hci_conn_put(conn); 683 } 684 } 685 686 hci_dev_unlock(hdev); 687 } 688 689 static int hci_outgoing_auth_needed(struct hci_dev *hdev, 690 struct hci_conn *conn) 691 { 692 if (conn->state != BT_CONFIG || !conn->out) 693 return 0; 694 695 if (conn->pending_sec_level == BT_SECURITY_SDP) 696 return 0; 697 698 /* Only request authentication for SSP connections or non-SSP 699 * devices with sec_level HIGH */ 700 if (!(hdev->ssp_mode > 0 && conn->ssp_mode > 0) && 701 conn->pending_sec_level != BT_SECURITY_HIGH) 702 return 0; 703 704 return 1; 705 } 706 707 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status) 708 { 709 struct hci_cp_remote_name_req *cp; 710 struct hci_conn *conn; 711 712 BT_DBG("%s status 0x%x", hdev->name, status); 713 714 /* If successful wait for the name req complete event before 715 * checking for the need to do authentication */ 716 if (!status) 717 return; 718 719 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ); 720 if (!cp) 721 return; 722 723 hci_dev_lock(hdev); 724 725 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); 726 if (conn && hci_outgoing_auth_needed(hdev, conn)) { 727 struct hci_cp_auth_requested cp; 728 cp.handle = __cpu_to_le16(conn->handle); 729 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp); 730 } 731 732 hci_dev_unlock(hdev); 733 } 734 735 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status) 736 { 737 struct hci_cp_read_remote_features *cp; 738 struct hci_conn *conn; 739 740 BT_DBG("%s status 0x%x", hdev->name, status); 741 742 if (!status) 743 return; 744 745 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES); 746 if (!cp) 747 return; 748 749 hci_dev_lock(hdev); 750 751 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 752 if (conn) { 753 if (conn->state == BT_CONFIG) { 754 hci_proto_connect_cfm(conn, status); 755 hci_conn_put(conn); 756 } 757 } 758 759 hci_dev_unlock(hdev); 760 } 761 762 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status) 763 { 764 struct hci_cp_read_remote_ext_features *cp; 765 struct hci_conn *conn; 766 767 BT_DBG("%s status 0x%x", hdev->name, status); 768 769 if (!status) 770 return; 771 772 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES); 773 if (!cp) 774 return; 775 776 hci_dev_lock(hdev); 777 778 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 779 if (conn) { 780 if (conn->state == BT_CONFIG) { 781 hci_proto_connect_cfm(conn, status); 782 hci_conn_put(conn); 783 } 784 } 785 786 hci_dev_unlock(hdev); 787 } 788 789 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status) 790 { 791 struct hci_cp_setup_sync_conn *cp; 792 struct hci_conn *acl, *sco; 793 __u16 handle; 794 795 BT_DBG("%s status 0x%x", hdev->name, status); 796 797 if (!status) 798 return; 799 800 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN); 801 if (!cp) 802 return; 803 804 handle = __le16_to_cpu(cp->handle); 805 806 BT_DBG("%s handle %d", hdev->name, handle); 807 808 hci_dev_lock(hdev); 809 810 acl = hci_conn_hash_lookup_handle(hdev, handle); 811 if (acl && (sco = acl->link)) { 812 sco->state = BT_CLOSED; 813 814 hci_proto_connect_cfm(sco, status); 815 hci_conn_del(sco); 816 } 817 818 hci_dev_unlock(hdev); 819 } 820 821 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status) 822 { 823 struct hci_cp_sniff_mode *cp; 824 struct hci_conn *conn; 825 826 BT_DBG("%s status 0x%x", hdev->name, status); 827 828 if (!status) 829 return; 830 831 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE); 832 if (!cp) 833 return; 834 835 hci_dev_lock(hdev); 836 837 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 838 if (conn) { 839 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend); 840 841 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend)) 842 hci_sco_setup(conn, status); 843 } 844 845 hci_dev_unlock(hdev); 846 } 847 848 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status) 849 { 850 struct hci_cp_exit_sniff_mode *cp; 851 struct hci_conn *conn; 852 853 BT_DBG("%s status 0x%x", hdev->name, status); 854 855 if (!status) 856 return; 857 858 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE); 859 if (!cp) 860 return; 861 862 hci_dev_lock(hdev); 863 864 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 865 if (conn) { 866 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend); 867 868 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend)) 869 hci_sco_setup(conn, status); 870 } 871 872 hci_dev_unlock(hdev); 873 } 874 875 static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 876 { 877 __u8 status = *((__u8 *) skb->data); 878 879 BT_DBG("%s status %d", hdev->name, status); 880 881 clear_bit(HCI_INQUIRY, &hdev->flags); 882 883 hci_req_complete(hdev, HCI_OP_INQUIRY, status); 884 885 hci_conn_check_pending(hdev); 886 } 887 888 static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb) 889 { 890 struct inquiry_data data; 891 struct inquiry_info *info = (void *) (skb->data + 1); 892 int num_rsp = *((__u8 *) skb->data); 893 894 BT_DBG("%s num_rsp %d", hdev->name, num_rsp); 895 896 if (!num_rsp) 897 return; 898 899 hci_dev_lock(hdev); 900 901 for (; num_rsp; num_rsp--) { 902 bacpy(&data.bdaddr, &info->bdaddr); 903 data.pscan_rep_mode = info->pscan_rep_mode; 904 data.pscan_period_mode = info->pscan_period_mode; 905 data.pscan_mode = info->pscan_mode; 906 memcpy(data.dev_class, info->dev_class, 3); 907 data.clock_offset = info->clock_offset; 908 data.rssi = 0x00; 909 data.ssp_mode = 0x00; 910 info++; 911 hci_inquiry_cache_update(hdev, &data); 912 } 913 914 hci_dev_unlock(hdev); 915 } 916 917 static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 918 { 919 struct hci_ev_conn_complete *ev = (void *) skb->data; 920 struct hci_conn *conn; 921 922 BT_DBG("%s", hdev->name); 923 924 hci_dev_lock(hdev); 925 926 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr); 927 if (!conn) { 928 if (ev->link_type != SCO_LINK) 929 goto unlock; 930 931 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr); 932 if (!conn) 933 goto unlock; 934 935 conn->type = SCO_LINK; 936 } 937 938 if (!ev->status) { 939 conn->handle = __le16_to_cpu(ev->handle); 940 941 if (conn->type == ACL_LINK) { 942 conn->state = BT_CONFIG; 943 hci_conn_hold(conn); 944 conn->disc_timeout = HCI_DISCONN_TIMEOUT; 945 } else 946 conn->state = BT_CONNECTED; 947 948 hci_conn_hold_device(conn); 949 hci_conn_add_sysfs(conn); 950 951 if (test_bit(HCI_AUTH, &hdev->flags)) 952 conn->link_mode |= HCI_LM_AUTH; 953 954 if (test_bit(HCI_ENCRYPT, &hdev->flags)) 955 conn->link_mode |= HCI_LM_ENCRYPT; 956 957 /* Get remote features */ 958 if (conn->type == ACL_LINK) { 959 struct hci_cp_read_remote_features cp; 960 cp.handle = ev->handle; 961 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES, 962 sizeof(cp), &cp); 963 } 964 965 /* Set packet type for incoming connection */ 966 if (!conn->out && hdev->hci_ver < 3) { 967 struct hci_cp_change_conn_ptype cp; 968 cp.handle = ev->handle; 969 cp.pkt_type = cpu_to_le16(conn->pkt_type); 970 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, 971 sizeof(cp), &cp); 972 } 973 } else 974 conn->state = BT_CLOSED; 975 976 if (conn->type == ACL_LINK) 977 hci_sco_setup(conn, ev->status); 978 979 if (ev->status) { 980 hci_proto_connect_cfm(conn, ev->status); 981 hci_conn_del(conn); 982 } else if (ev->link_type != ACL_LINK) 983 hci_proto_connect_cfm(conn, ev->status); 984 985 unlock: 986 hci_dev_unlock(hdev); 987 988 hci_conn_check_pending(hdev); 989 } 990 991 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb) 992 { 993 struct hci_ev_conn_request *ev = (void *) skb->data; 994 int mask = hdev->link_mode; 995 996 BT_DBG("%s bdaddr %s type 0x%x", hdev->name, 997 batostr(&ev->bdaddr), ev->link_type); 998 999 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type); 1000 1001 if ((mask & HCI_LM_ACCEPT) && !hci_blacklist_lookup(hdev, &ev->bdaddr)) { 1002 /* Connection accepted */ 1003 struct inquiry_entry *ie; 1004 struct hci_conn *conn; 1005 1006 hci_dev_lock(hdev); 1007 1008 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr); 1009 if (ie) 1010 memcpy(ie->data.dev_class, ev->dev_class, 3); 1011 1012 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr); 1013 if (!conn) { 1014 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr); 1015 if (!conn) { 1016 BT_ERR("No memory for new connection"); 1017 hci_dev_unlock(hdev); 1018 return; 1019 } 1020 } 1021 1022 memcpy(conn->dev_class, ev->dev_class, 3); 1023 conn->state = BT_CONNECT; 1024 1025 hci_dev_unlock(hdev); 1026 1027 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) { 1028 struct hci_cp_accept_conn_req cp; 1029 1030 bacpy(&cp.bdaddr, &ev->bdaddr); 1031 1032 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER)) 1033 cp.role = 0x00; /* Become master */ 1034 else 1035 cp.role = 0x01; /* Remain slave */ 1036 1037 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, 1038 sizeof(cp), &cp); 1039 } else { 1040 struct hci_cp_accept_sync_conn_req cp; 1041 1042 bacpy(&cp.bdaddr, &ev->bdaddr); 1043 cp.pkt_type = cpu_to_le16(conn->pkt_type); 1044 1045 cp.tx_bandwidth = cpu_to_le32(0x00001f40); 1046 cp.rx_bandwidth = cpu_to_le32(0x00001f40); 1047 cp.max_latency = cpu_to_le16(0xffff); 1048 cp.content_format = cpu_to_le16(hdev->voice_setting); 1049 cp.retrans_effort = 0xff; 1050 1051 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ, 1052 sizeof(cp), &cp); 1053 } 1054 } else { 1055 /* Connection rejected */ 1056 struct hci_cp_reject_conn_req cp; 1057 1058 bacpy(&cp.bdaddr, &ev->bdaddr); 1059 cp.reason = 0x0f; 1060 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp); 1061 } 1062 } 1063 1064 static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1065 { 1066 struct hci_ev_disconn_complete *ev = (void *) skb->data; 1067 struct hci_conn *conn; 1068 1069 BT_DBG("%s status %d", hdev->name, ev->status); 1070 1071 if (ev->status) 1072 return; 1073 1074 hci_dev_lock(hdev); 1075 1076 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1077 if (conn) { 1078 conn->state = BT_CLOSED; 1079 1080 hci_proto_disconn_cfm(conn, ev->reason); 1081 hci_conn_del(conn); 1082 } 1083 1084 hci_dev_unlock(hdev); 1085 } 1086 1087 static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1088 { 1089 struct hci_ev_auth_complete *ev = (void *) skb->data; 1090 struct hci_conn *conn; 1091 1092 BT_DBG("%s status %d", hdev->name, ev->status); 1093 1094 hci_dev_lock(hdev); 1095 1096 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1097 if (conn) { 1098 if (!ev->status) { 1099 conn->link_mode |= HCI_LM_AUTH; 1100 conn->sec_level = conn->pending_sec_level; 1101 } else 1102 conn->sec_level = BT_SECURITY_LOW; 1103 1104 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend); 1105 1106 if (conn->state == BT_CONFIG) { 1107 if (!ev->status && hdev->ssp_mode > 0 && 1108 conn->ssp_mode > 0) { 1109 struct hci_cp_set_conn_encrypt cp; 1110 cp.handle = ev->handle; 1111 cp.encrypt = 0x01; 1112 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, 1113 sizeof(cp), &cp); 1114 } else { 1115 conn->state = BT_CONNECTED; 1116 hci_proto_connect_cfm(conn, ev->status); 1117 hci_conn_put(conn); 1118 } 1119 } else { 1120 hci_auth_cfm(conn, ev->status); 1121 1122 hci_conn_hold(conn); 1123 conn->disc_timeout = HCI_DISCONN_TIMEOUT; 1124 hci_conn_put(conn); 1125 } 1126 1127 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) { 1128 if (!ev->status) { 1129 struct hci_cp_set_conn_encrypt cp; 1130 cp.handle = ev->handle; 1131 cp.encrypt = 0x01; 1132 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, 1133 sizeof(cp), &cp); 1134 } else { 1135 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend); 1136 hci_encrypt_cfm(conn, ev->status, 0x00); 1137 } 1138 } 1139 } 1140 1141 hci_dev_unlock(hdev); 1142 } 1143 1144 static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb) 1145 { 1146 struct hci_ev_remote_name *ev = (void *) skb->data; 1147 struct hci_conn *conn; 1148 1149 BT_DBG("%s", hdev->name); 1150 1151 hci_conn_check_pending(hdev); 1152 1153 hci_dev_lock(hdev); 1154 1155 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 1156 if (conn && hci_outgoing_auth_needed(hdev, conn)) { 1157 struct hci_cp_auth_requested cp; 1158 cp.handle = __cpu_to_le16(conn->handle); 1159 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp); 1160 } 1161 1162 hci_dev_unlock(hdev); 1163 } 1164 1165 static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb) 1166 { 1167 struct hci_ev_encrypt_change *ev = (void *) skb->data; 1168 struct hci_conn *conn; 1169 1170 BT_DBG("%s status %d", hdev->name, ev->status); 1171 1172 hci_dev_lock(hdev); 1173 1174 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1175 if (conn) { 1176 if (!ev->status) { 1177 if (ev->encrypt) { 1178 /* Encryption implies authentication */ 1179 conn->link_mode |= HCI_LM_AUTH; 1180 conn->link_mode |= HCI_LM_ENCRYPT; 1181 } else 1182 conn->link_mode &= ~HCI_LM_ENCRYPT; 1183 } 1184 1185 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend); 1186 1187 if (conn->state == BT_CONFIG) { 1188 if (!ev->status) 1189 conn->state = BT_CONNECTED; 1190 1191 hci_proto_connect_cfm(conn, ev->status); 1192 hci_conn_put(conn); 1193 } else 1194 hci_encrypt_cfm(conn, ev->status, ev->encrypt); 1195 } 1196 1197 hci_dev_unlock(hdev); 1198 } 1199 1200 static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1201 { 1202 struct hci_ev_change_link_key_complete *ev = (void *) skb->data; 1203 struct hci_conn *conn; 1204 1205 BT_DBG("%s status %d", hdev->name, ev->status); 1206 1207 hci_dev_lock(hdev); 1208 1209 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1210 if (conn) { 1211 if (!ev->status) 1212 conn->link_mode |= HCI_LM_SECURE; 1213 1214 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend); 1215 1216 hci_key_change_cfm(conn, ev->status); 1217 } 1218 1219 hci_dev_unlock(hdev); 1220 } 1221 1222 static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb) 1223 { 1224 struct hci_ev_remote_features *ev = (void *) skb->data; 1225 struct hci_conn *conn; 1226 1227 BT_DBG("%s status %d", hdev->name, ev->status); 1228 1229 hci_dev_lock(hdev); 1230 1231 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1232 if (!conn) 1233 goto unlock; 1234 1235 if (!ev->status) 1236 memcpy(conn->features, ev->features, 8); 1237 1238 if (conn->state != BT_CONFIG) 1239 goto unlock; 1240 1241 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) { 1242 struct hci_cp_read_remote_ext_features cp; 1243 cp.handle = ev->handle; 1244 cp.page = 0x01; 1245 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES, 1246 sizeof(cp), &cp); 1247 goto unlock; 1248 } 1249 1250 if (!ev->status) { 1251 struct hci_cp_remote_name_req cp; 1252 memset(&cp, 0, sizeof(cp)); 1253 bacpy(&cp.bdaddr, &conn->dst); 1254 cp.pscan_rep_mode = 0x02; 1255 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp); 1256 } 1257 1258 if (!hci_outgoing_auth_needed(hdev, conn)) { 1259 conn->state = BT_CONNECTED; 1260 hci_proto_connect_cfm(conn, ev->status); 1261 hci_conn_put(conn); 1262 } 1263 1264 unlock: 1265 hci_dev_unlock(hdev); 1266 } 1267 1268 static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb) 1269 { 1270 BT_DBG("%s", hdev->name); 1271 } 1272 1273 static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1274 { 1275 BT_DBG("%s", hdev->name); 1276 } 1277 1278 static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1279 { 1280 struct hci_ev_cmd_complete *ev = (void *) skb->data; 1281 __u16 opcode; 1282 1283 skb_pull(skb, sizeof(*ev)); 1284 1285 opcode = __le16_to_cpu(ev->opcode); 1286 1287 switch (opcode) { 1288 case HCI_OP_INQUIRY_CANCEL: 1289 hci_cc_inquiry_cancel(hdev, skb); 1290 break; 1291 1292 case HCI_OP_EXIT_PERIODIC_INQ: 1293 hci_cc_exit_periodic_inq(hdev, skb); 1294 break; 1295 1296 case HCI_OP_REMOTE_NAME_REQ_CANCEL: 1297 hci_cc_remote_name_req_cancel(hdev, skb); 1298 break; 1299 1300 case HCI_OP_ROLE_DISCOVERY: 1301 hci_cc_role_discovery(hdev, skb); 1302 break; 1303 1304 case HCI_OP_READ_LINK_POLICY: 1305 hci_cc_read_link_policy(hdev, skb); 1306 break; 1307 1308 case HCI_OP_WRITE_LINK_POLICY: 1309 hci_cc_write_link_policy(hdev, skb); 1310 break; 1311 1312 case HCI_OP_READ_DEF_LINK_POLICY: 1313 hci_cc_read_def_link_policy(hdev, skb); 1314 break; 1315 1316 case HCI_OP_WRITE_DEF_LINK_POLICY: 1317 hci_cc_write_def_link_policy(hdev, skb); 1318 break; 1319 1320 case HCI_OP_RESET: 1321 hci_cc_reset(hdev, skb); 1322 break; 1323 1324 case HCI_OP_WRITE_LOCAL_NAME: 1325 hci_cc_write_local_name(hdev, skb); 1326 break; 1327 1328 case HCI_OP_READ_LOCAL_NAME: 1329 hci_cc_read_local_name(hdev, skb); 1330 break; 1331 1332 case HCI_OP_WRITE_AUTH_ENABLE: 1333 hci_cc_write_auth_enable(hdev, skb); 1334 break; 1335 1336 case HCI_OP_WRITE_ENCRYPT_MODE: 1337 hci_cc_write_encrypt_mode(hdev, skb); 1338 break; 1339 1340 case HCI_OP_WRITE_SCAN_ENABLE: 1341 hci_cc_write_scan_enable(hdev, skb); 1342 break; 1343 1344 case HCI_OP_READ_CLASS_OF_DEV: 1345 hci_cc_read_class_of_dev(hdev, skb); 1346 break; 1347 1348 case HCI_OP_WRITE_CLASS_OF_DEV: 1349 hci_cc_write_class_of_dev(hdev, skb); 1350 break; 1351 1352 case HCI_OP_READ_VOICE_SETTING: 1353 hci_cc_read_voice_setting(hdev, skb); 1354 break; 1355 1356 case HCI_OP_WRITE_VOICE_SETTING: 1357 hci_cc_write_voice_setting(hdev, skb); 1358 break; 1359 1360 case HCI_OP_HOST_BUFFER_SIZE: 1361 hci_cc_host_buffer_size(hdev, skb); 1362 break; 1363 1364 case HCI_OP_READ_SSP_MODE: 1365 hci_cc_read_ssp_mode(hdev, skb); 1366 break; 1367 1368 case HCI_OP_WRITE_SSP_MODE: 1369 hci_cc_write_ssp_mode(hdev, skb); 1370 break; 1371 1372 case HCI_OP_READ_LOCAL_VERSION: 1373 hci_cc_read_local_version(hdev, skb); 1374 break; 1375 1376 case HCI_OP_READ_LOCAL_COMMANDS: 1377 hci_cc_read_local_commands(hdev, skb); 1378 break; 1379 1380 case HCI_OP_READ_LOCAL_FEATURES: 1381 hci_cc_read_local_features(hdev, skb); 1382 break; 1383 1384 case HCI_OP_READ_BUFFER_SIZE: 1385 hci_cc_read_buffer_size(hdev, skb); 1386 break; 1387 1388 case HCI_OP_READ_BD_ADDR: 1389 hci_cc_read_bd_addr(hdev, skb); 1390 break; 1391 1392 case HCI_OP_WRITE_CA_TIMEOUT: 1393 hci_cc_write_ca_timeout(hdev, skb); 1394 break; 1395 1396 default: 1397 BT_DBG("%s opcode 0x%x", hdev->name, opcode); 1398 break; 1399 } 1400 1401 if (ev->ncmd) { 1402 atomic_set(&hdev->cmd_cnt, 1); 1403 if (!skb_queue_empty(&hdev->cmd_q)) 1404 tasklet_schedule(&hdev->cmd_task); 1405 } 1406 } 1407 1408 static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb) 1409 { 1410 struct hci_ev_cmd_status *ev = (void *) skb->data; 1411 __u16 opcode; 1412 1413 skb_pull(skb, sizeof(*ev)); 1414 1415 opcode = __le16_to_cpu(ev->opcode); 1416 1417 switch (opcode) { 1418 case HCI_OP_INQUIRY: 1419 hci_cs_inquiry(hdev, ev->status); 1420 break; 1421 1422 case HCI_OP_CREATE_CONN: 1423 hci_cs_create_conn(hdev, ev->status); 1424 break; 1425 1426 case HCI_OP_ADD_SCO: 1427 hci_cs_add_sco(hdev, ev->status); 1428 break; 1429 1430 case HCI_OP_AUTH_REQUESTED: 1431 hci_cs_auth_requested(hdev, ev->status); 1432 break; 1433 1434 case HCI_OP_SET_CONN_ENCRYPT: 1435 hci_cs_set_conn_encrypt(hdev, ev->status); 1436 break; 1437 1438 case HCI_OP_REMOTE_NAME_REQ: 1439 hci_cs_remote_name_req(hdev, ev->status); 1440 break; 1441 1442 case HCI_OP_READ_REMOTE_FEATURES: 1443 hci_cs_read_remote_features(hdev, ev->status); 1444 break; 1445 1446 case HCI_OP_READ_REMOTE_EXT_FEATURES: 1447 hci_cs_read_remote_ext_features(hdev, ev->status); 1448 break; 1449 1450 case HCI_OP_SETUP_SYNC_CONN: 1451 hci_cs_setup_sync_conn(hdev, ev->status); 1452 break; 1453 1454 case HCI_OP_SNIFF_MODE: 1455 hci_cs_sniff_mode(hdev, ev->status); 1456 break; 1457 1458 case HCI_OP_EXIT_SNIFF_MODE: 1459 hci_cs_exit_sniff_mode(hdev, ev->status); 1460 break; 1461 1462 default: 1463 BT_DBG("%s opcode 0x%x", hdev->name, opcode); 1464 break; 1465 } 1466 1467 if (ev->ncmd) { 1468 atomic_set(&hdev->cmd_cnt, 1); 1469 if (!skb_queue_empty(&hdev->cmd_q)) 1470 tasklet_schedule(&hdev->cmd_task); 1471 } 1472 } 1473 1474 static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb) 1475 { 1476 struct hci_ev_role_change *ev = (void *) skb->data; 1477 struct hci_conn *conn; 1478 1479 BT_DBG("%s status %d", hdev->name, ev->status); 1480 1481 hci_dev_lock(hdev); 1482 1483 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 1484 if (conn) { 1485 if (!ev->status) { 1486 if (ev->role) 1487 conn->link_mode &= ~HCI_LM_MASTER; 1488 else 1489 conn->link_mode |= HCI_LM_MASTER; 1490 } 1491 1492 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend); 1493 1494 hci_role_switch_cfm(conn, ev->status, ev->role); 1495 } 1496 1497 hci_dev_unlock(hdev); 1498 } 1499 1500 static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb) 1501 { 1502 struct hci_ev_num_comp_pkts *ev = (void *) skb->data; 1503 __le16 *ptr; 1504 int i; 1505 1506 skb_pull(skb, sizeof(*ev)); 1507 1508 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl); 1509 1510 if (skb->len < ev->num_hndl * 4) { 1511 BT_DBG("%s bad parameters", hdev->name); 1512 return; 1513 } 1514 1515 tasklet_disable(&hdev->tx_task); 1516 1517 for (i = 0, ptr = (__le16 *) skb->data; i < ev->num_hndl; i++) { 1518 struct hci_conn *conn; 1519 __u16 handle, count; 1520 1521 handle = get_unaligned_le16(ptr++); 1522 count = get_unaligned_le16(ptr++); 1523 1524 conn = hci_conn_hash_lookup_handle(hdev, handle); 1525 if (conn) { 1526 conn->sent -= count; 1527 1528 if (conn->type == ACL_LINK) { 1529 hdev->acl_cnt += count; 1530 if (hdev->acl_cnt > hdev->acl_pkts) 1531 hdev->acl_cnt = hdev->acl_pkts; 1532 } else { 1533 hdev->sco_cnt += count; 1534 if (hdev->sco_cnt > hdev->sco_pkts) 1535 hdev->sco_cnt = hdev->sco_pkts; 1536 } 1537 } 1538 } 1539 1540 tasklet_schedule(&hdev->tx_task); 1541 1542 tasklet_enable(&hdev->tx_task); 1543 } 1544 1545 static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb) 1546 { 1547 struct hci_ev_mode_change *ev = (void *) skb->data; 1548 struct hci_conn *conn; 1549 1550 BT_DBG("%s status %d", hdev->name, ev->status); 1551 1552 hci_dev_lock(hdev); 1553 1554 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1555 if (conn) { 1556 conn->mode = ev->mode; 1557 conn->interval = __le16_to_cpu(ev->interval); 1558 1559 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) { 1560 if (conn->mode == HCI_CM_ACTIVE) 1561 conn->power_save = 1; 1562 else 1563 conn->power_save = 0; 1564 } 1565 1566 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend)) 1567 hci_sco_setup(conn, ev->status); 1568 } 1569 1570 hci_dev_unlock(hdev); 1571 } 1572 1573 static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb) 1574 { 1575 struct hci_ev_pin_code_req *ev = (void *) skb->data; 1576 struct hci_conn *conn; 1577 1578 BT_DBG("%s", hdev->name); 1579 1580 hci_dev_lock(hdev); 1581 1582 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 1583 if (conn && conn->state == BT_CONNECTED) { 1584 hci_conn_hold(conn); 1585 conn->disc_timeout = HCI_PAIRING_TIMEOUT; 1586 hci_conn_put(conn); 1587 } 1588 1589 hci_dev_unlock(hdev); 1590 } 1591 1592 static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb) 1593 { 1594 BT_DBG("%s", hdev->name); 1595 } 1596 1597 static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb) 1598 { 1599 struct hci_ev_link_key_notify *ev = (void *) skb->data; 1600 struct hci_conn *conn; 1601 1602 BT_DBG("%s", hdev->name); 1603 1604 hci_dev_lock(hdev); 1605 1606 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 1607 if (conn) { 1608 hci_conn_hold(conn); 1609 conn->disc_timeout = HCI_DISCONN_TIMEOUT; 1610 hci_conn_put(conn); 1611 } 1612 1613 hci_dev_unlock(hdev); 1614 } 1615 1616 static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb) 1617 { 1618 struct hci_ev_clock_offset *ev = (void *) skb->data; 1619 struct hci_conn *conn; 1620 1621 BT_DBG("%s status %d", hdev->name, ev->status); 1622 1623 hci_dev_lock(hdev); 1624 1625 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1626 if (conn && !ev->status) { 1627 struct inquiry_entry *ie; 1628 1629 ie = hci_inquiry_cache_lookup(hdev, &conn->dst); 1630 if (ie) { 1631 ie->data.clock_offset = ev->clock_offset; 1632 ie->timestamp = jiffies; 1633 } 1634 } 1635 1636 hci_dev_unlock(hdev); 1637 } 1638 1639 static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb) 1640 { 1641 struct hci_ev_pkt_type_change *ev = (void *) skb->data; 1642 struct hci_conn *conn; 1643 1644 BT_DBG("%s status %d", hdev->name, ev->status); 1645 1646 hci_dev_lock(hdev); 1647 1648 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1649 if (conn && !ev->status) 1650 conn->pkt_type = __le16_to_cpu(ev->pkt_type); 1651 1652 hci_dev_unlock(hdev); 1653 } 1654 1655 static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb) 1656 { 1657 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data; 1658 struct inquiry_entry *ie; 1659 1660 BT_DBG("%s", hdev->name); 1661 1662 hci_dev_lock(hdev); 1663 1664 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr); 1665 if (ie) { 1666 ie->data.pscan_rep_mode = ev->pscan_rep_mode; 1667 ie->timestamp = jiffies; 1668 } 1669 1670 hci_dev_unlock(hdev); 1671 } 1672 1673 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb) 1674 { 1675 struct inquiry_data data; 1676 int num_rsp = *((__u8 *) skb->data); 1677 1678 BT_DBG("%s num_rsp %d", hdev->name, num_rsp); 1679 1680 if (!num_rsp) 1681 return; 1682 1683 hci_dev_lock(hdev); 1684 1685 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) { 1686 struct inquiry_info_with_rssi_and_pscan_mode *info = (void *) (skb->data + 1); 1687 1688 for (; num_rsp; num_rsp--) { 1689 bacpy(&data.bdaddr, &info->bdaddr); 1690 data.pscan_rep_mode = info->pscan_rep_mode; 1691 data.pscan_period_mode = info->pscan_period_mode; 1692 data.pscan_mode = info->pscan_mode; 1693 memcpy(data.dev_class, info->dev_class, 3); 1694 data.clock_offset = info->clock_offset; 1695 data.rssi = info->rssi; 1696 data.ssp_mode = 0x00; 1697 info++; 1698 hci_inquiry_cache_update(hdev, &data); 1699 } 1700 } else { 1701 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1); 1702 1703 for (; num_rsp; num_rsp--) { 1704 bacpy(&data.bdaddr, &info->bdaddr); 1705 data.pscan_rep_mode = info->pscan_rep_mode; 1706 data.pscan_period_mode = info->pscan_period_mode; 1707 data.pscan_mode = 0x00; 1708 memcpy(data.dev_class, info->dev_class, 3); 1709 data.clock_offset = info->clock_offset; 1710 data.rssi = info->rssi; 1711 data.ssp_mode = 0x00; 1712 info++; 1713 hci_inquiry_cache_update(hdev, &data); 1714 } 1715 } 1716 1717 hci_dev_unlock(hdev); 1718 } 1719 1720 static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb) 1721 { 1722 struct hci_ev_remote_ext_features *ev = (void *) skb->data; 1723 struct hci_conn *conn; 1724 1725 BT_DBG("%s", hdev->name); 1726 1727 hci_dev_lock(hdev); 1728 1729 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1730 if (!conn) 1731 goto unlock; 1732 1733 if (!ev->status && ev->page == 0x01) { 1734 struct inquiry_entry *ie; 1735 1736 ie = hci_inquiry_cache_lookup(hdev, &conn->dst); 1737 if (ie) 1738 ie->data.ssp_mode = (ev->features[0] & 0x01); 1739 1740 conn->ssp_mode = (ev->features[0] & 0x01); 1741 } 1742 1743 if (conn->state != BT_CONFIG) 1744 goto unlock; 1745 1746 if (!ev->status) { 1747 struct hci_cp_remote_name_req cp; 1748 memset(&cp, 0, sizeof(cp)); 1749 bacpy(&cp.bdaddr, &conn->dst); 1750 cp.pscan_rep_mode = 0x02; 1751 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp); 1752 } 1753 1754 if (!hci_outgoing_auth_needed(hdev, conn)) { 1755 conn->state = BT_CONNECTED; 1756 hci_proto_connect_cfm(conn, ev->status); 1757 hci_conn_put(conn); 1758 } 1759 1760 unlock: 1761 hci_dev_unlock(hdev); 1762 } 1763 1764 static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1765 { 1766 struct hci_ev_sync_conn_complete *ev = (void *) skb->data; 1767 struct hci_conn *conn; 1768 1769 BT_DBG("%s status %d", hdev->name, ev->status); 1770 1771 hci_dev_lock(hdev); 1772 1773 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr); 1774 if (!conn) { 1775 if (ev->link_type == ESCO_LINK) 1776 goto unlock; 1777 1778 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr); 1779 if (!conn) 1780 goto unlock; 1781 1782 conn->type = SCO_LINK; 1783 } 1784 1785 switch (ev->status) { 1786 case 0x00: 1787 conn->handle = __le16_to_cpu(ev->handle); 1788 conn->state = BT_CONNECTED; 1789 1790 hci_conn_hold_device(conn); 1791 hci_conn_add_sysfs(conn); 1792 break; 1793 1794 case 0x11: /* Unsupported Feature or Parameter Value */ 1795 case 0x1c: /* SCO interval rejected */ 1796 case 0x1a: /* Unsupported Remote Feature */ 1797 case 0x1f: /* Unspecified error */ 1798 if (conn->out && conn->attempt < 2) { 1799 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) | 1800 (hdev->esco_type & EDR_ESCO_MASK); 1801 hci_setup_sync(conn, conn->link->handle); 1802 goto unlock; 1803 } 1804 /* fall through */ 1805 1806 default: 1807 conn->state = BT_CLOSED; 1808 break; 1809 } 1810 1811 hci_proto_connect_cfm(conn, ev->status); 1812 if (ev->status) 1813 hci_conn_del(conn); 1814 1815 unlock: 1816 hci_dev_unlock(hdev); 1817 } 1818 1819 static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb) 1820 { 1821 BT_DBG("%s", hdev->name); 1822 } 1823 1824 static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb) 1825 { 1826 struct hci_ev_sniff_subrate *ev = (void *) skb->data; 1827 struct hci_conn *conn; 1828 1829 BT_DBG("%s status %d", hdev->name, ev->status); 1830 1831 hci_dev_lock(hdev); 1832 1833 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1834 if (conn) { 1835 } 1836 1837 hci_dev_unlock(hdev); 1838 } 1839 1840 static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb) 1841 { 1842 struct inquiry_data data; 1843 struct extended_inquiry_info *info = (void *) (skb->data + 1); 1844 int num_rsp = *((__u8 *) skb->data); 1845 1846 BT_DBG("%s num_rsp %d", hdev->name, num_rsp); 1847 1848 if (!num_rsp) 1849 return; 1850 1851 hci_dev_lock(hdev); 1852 1853 for (; num_rsp; num_rsp--) { 1854 bacpy(&data.bdaddr, &info->bdaddr); 1855 data.pscan_rep_mode = info->pscan_rep_mode; 1856 data.pscan_period_mode = info->pscan_period_mode; 1857 data.pscan_mode = 0x00; 1858 memcpy(data.dev_class, info->dev_class, 3); 1859 data.clock_offset = info->clock_offset; 1860 data.rssi = info->rssi; 1861 data.ssp_mode = 0x01; 1862 info++; 1863 hci_inquiry_cache_update(hdev, &data); 1864 } 1865 1866 hci_dev_unlock(hdev); 1867 } 1868 1869 static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb) 1870 { 1871 struct hci_ev_io_capa_request *ev = (void *) skb->data; 1872 struct hci_conn *conn; 1873 1874 BT_DBG("%s", hdev->name); 1875 1876 hci_dev_lock(hdev); 1877 1878 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 1879 if (conn) 1880 hci_conn_hold(conn); 1881 1882 hci_dev_unlock(hdev); 1883 } 1884 1885 static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1886 { 1887 struct hci_ev_simple_pair_complete *ev = (void *) skb->data; 1888 struct hci_conn *conn; 1889 1890 BT_DBG("%s", hdev->name); 1891 1892 hci_dev_lock(hdev); 1893 1894 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 1895 if (conn) 1896 hci_conn_put(conn); 1897 1898 hci_dev_unlock(hdev); 1899 } 1900 1901 static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb) 1902 { 1903 struct hci_ev_remote_host_features *ev = (void *) skb->data; 1904 struct inquiry_entry *ie; 1905 1906 BT_DBG("%s", hdev->name); 1907 1908 hci_dev_lock(hdev); 1909 1910 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr); 1911 if (ie) 1912 ie->data.ssp_mode = (ev->features[0] & 0x01); 1913 1914 hci_dev_unlock(hdev); 1915 } 1916 1917 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb) 1918 { 1919 struct hci_event_hdr *hdr = (void *) skb->data; 1920 __u8 event = hdr->evt; 1921 1922 skb_pull(skb, HCI_EVENT_HDR_SIZE); 1923 1924 switch (event) { 1925 case HCI_EV_INQUIRY_COMPLETE: 1926 hci_inquiry_complete_evt(hdev, skb); 1927 break; 1928 1929 case HCI_EV_INQUIRY_RESULT: 1930 hci_inquiry_result_evt(hdev, skb); 1931 break; 1932 1933 case HCI_EV_CONN_COMPLETE: 1934 hci_conn_complete_evt(hdev, skb); 1935 break; 1936 1937 case HCI_EV_CONN_REQUEST: 1938 hci_conn_request_evt(hdev, skb); 1939 break; 1940 1941 case HCI_EV_DISCONN_COMPLETE: 1942 hci_disconn_complete_evt(hdev, skb); 1943 break; 1944 1945 case HCI_EV_AUTH_COMPLETE: 1946 hci_auth_complete_evt(hdev, skb); 1947 break; 1948 1949 case HCI_EV_REMOTE_NAME: 1950 hci_remote_name_evt(hdev, skb); 1951 break; 1952 1953 case HCI_EV_ENCRYPT_CHANGE: 1954 hci_encrypt_change_evt(hdev, skb); 1955 break; 1956 1957 case HCI_EV_CHANGE_LINK_KEY_COMPLETE: 1958 hci_change_link_key_complete_evt(hdev, skb); 1959 break; 1960 1961 case HCI_EV_REMOTE_FEATURES: 1962 hci_remote_features_evt(hdev, skb); 1963 break; 1964 1965 case HCI_EV_REMOTE_VERSION: 1966 hci_remote_version_evt(hdev, skb); 1967 break; 1968 1969 case HCI_EV_QOS_SETUP_COMPLETE: 1970 hci_qos_setup_complete_evt(hdev, skb); 1971 break; 1972 1973 case HCI_EV_CMD_COMPLETE: 1974 hci_cmd_complete_evt(hdev, skb); 1975 break; 1976 1977 case HCI_EV_CMD_STATUS: 1978 hci_cmd_status_evt(hdev, skb); 1979 break; 1980 1981 case HCI_EV_ROLE_CHANGE: 1982 hci_role_change_evt(hdev, skb); 1983 break; 1984 1985 case HCI_EV_NUM_COMP_PKTS: 1986 hci_num_comp_pkts_evt(hdev, skb); 1987 break; 1988 1989 case HCI_EV_MODE_CHANGE: 1990 hci_mode_change_evt(hdev, skb); 1991 break; 1992 1993 case HCI_EV_PIN_CODE_REQ: 1994 hci_pin_code_request_evt(hdev, skb); 1995 break; 1996 1997 case HCI_EV_LINK_KEY_REQ: 1998 hci_link_key_request_evt(hdev, skb); 1999 break; 2000 2001 case HCI_EV_LINK_KEY_NOTIFY: 2002 hci_link_key_notify_evt(hdev, skb); 2003 break; 2004 2005 case HCI_EV_CLOCK_OFFSET: 2006 hci_clock_offset_evt(hdev, skb); 2007 break; 2008 2009 case HCI_EV_PKT_TYPE_CHANGE: 2010 hci_pkt_type_change_evt(hdev, skb); 2011 break; 2012 2013 case HCI_EV_PSCAN_REP_MODE: 2014 hci_pscan_rep_mode_evt(hdev, skb); 2015 break; 2016 2017 case HCI_EV_INQUIRY_RESULT_WITH_RSSI: 2018 hci_inquiry_result_with_rssi_evt(hdev, skb); 2019 break; 2020 2021 case HCI_EV_REMOTE_EXT_FEATURES: 2022 hci_remote_ext_features_evt(hdev, skb); 2023 break; 2024 2025 case HCI_EV_SYNC_CONN_COMPLETE: 2026 hci_sync_conn_complete_evt(hdev, skb); 2027 break; 2028 2029 case HCI_EV_SYNC_CONN_CHANGED: 2030 hci_sync_conn_changed_evt(hdev, skb); 2031 break; 2032 2033 case HCI_EV_SNIFF_SUBRATE: 2034 hci_sniff_subrate_evt(hdev, skb); 2035 break; 2036 2037 case HCI_EV_EXTENDED_INQUIRY_RESULT: 2038 hci_extended_inquiry_result_evt(hdev, skb); 2039 break; 2040 2041 case HCI_EV_IO_CAPA_REQUEST: 2042 hci_io_capa_request_evt(hdev, skb); 2043 break; 2044 2045 case HCI_EV_SIMPLE_PAIR_COMPLETE: 2046 hci_simple_pair_complete_evt(hdev, skb); 2047 break; 2048 2049 case HCI_EV_REMOTE_HOST_FEATURES: 2050 hci_remote_host_features_evt(hdev, skb); 2051 break; 2052 2053 default: 2054 BT_DBG("%s event 0x%x", hdev->name, event); 2055 break; 2056 } 2057 2058 kfree_skb(skb); 2059 hdev->stat.evt_rx++; 2060 } 2061 2062 /* Generate internal stack event */ 2063 void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data) 2064 { 2065 struct hci_event_hdr *hdr; 2066 struct hci_ev_stack_internal *ev; 2067 struct sk_buff *skb; 2068 2069 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC); 2070 if (!skb) 2071 return; 2072 2073 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE); 2074 hdr->evt = HCI_EV_STACK_INTERNAL; 2075 hdr->plen = sizeof(*ev) + dlen; 2076 2077 ev = (void *) skb_put(skb, sizeof(*ev) + dlen); 2078 ev->type = type; 2079 memcpy(ev->data, data, dlen); 2080 2081 bt_cb(skb)->incoming = 1; 2082 __net_timestamp(skb); 2083 2084 bt_cb(skb)->pkt_type = HCI_EVENT_PKT; 2085 skb->dev = (void *) hdev; 2086 hci_send_to_sock(hdev, skb); 2087 kfree_skb(skb); 2088 } 2089