1 /* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (C) 2010 Nokia Corporation 4 5 This program is free software; you can redistribute it and/or modify 6 it under the terms of the GNU General Public License version 2 as 7 published by the Free Software Foundation; 8 9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 20 SOFTWARE IS DISCLAIMED. 21 */ 22 23 /* Bluetooth HCI Management interface */ 24 25 #include <linux/uaccess.h> 26 #include <asm/unaligned.h> 27 28 #include <net/bluetooth/bluetooth.h> 29 #include <net/bluetooth/hci_core.h> 30 #include <net/bluetooth/mgmt.h> 31 32 #define MGMT_VERSION 0 33 #define MGMT_REVISION 1 34 35 struct pending_cmd { 36 struct list_head list; 37 __u16 opcode; 38 int index; 39 void *param; 40 struct sock *sk; 41 void *user_data; 42 }; 43 44 LIST_HEAD(cmd_list); 45 46 static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status) 47 { 48 struct sk_buff *skb; 49 struct mgmt_hdr *hdr; 50 struct mgmt_ev_cmd_status *ev; 51 52 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status); 53 54 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC); 55 if (!skb) 56 return -ENOMEM; 57 58 hdr = (void *) skb_put(skb, sizeof(*hdr)); 59 60 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS); 61 hdr->index = cpu_to_le16(index); 62 hdr->len = cpu_to_le16(sizeof(*ev)); 63 64 ev = (void *) skb_put(skb, sizeof(*ev)); 65 ev->status = status; 66 put_unaligned_le16(cmd, &ev->opcode); 67 68 if (sock_queue_rcv_skb(sk, skb) < 0) 69 kfree_skb(skb); 70 71 return 0; 72 } 73 74 static int cmd_complete(struct sock *sk, u16 index, u16 cmd, void *rp, 75 size_t rp_len) 76 { 77 struct sk_buff *skb; 78 struct mgmt_hdr *hdr; 79 struct mgmt_ev_cmd_complete *ev; 80 81 BT_DBG("sock %p", sk); 82 83 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC); 84 if (!skb) 85 return -ENOMEM; 86 87 hdr = (void *) skb_put(skb, sizeof(*hdr)); 88 89 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE); 90 hdr->index = cpu_to_le16(index); 91 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len); 92 93 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len); 94 put_unaligned_le16(cmd, &ev->opcode); 95 96 if (rp) 97 memcpy(ev->data, rp, rp_len); 98 99 if (sock_queue_rcv_skb(sk, skb) < 0) 100 kfree_skb(skb); 101 102 return 0; 103 } 104 105 static int read_version(struct sock *sk) 106 { 107 struct mgmt_rp_read_version rp; 108 109 BT_DBG("sock %p", sk); 110 111 rp.version = MGMT_VERSION; 112 put_unaligned_le16(MGMT_REVISION, &rp.revision); 113 114 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, &rp, 115 sizeof(rp)); 116 } 117 118 static int read_index_list(struct sock *sk) 119 { 120 struct mgmt_rp_read_index_list *rp; 121 struct list_head *p; 122 size_t rp_len; 123 u16 count; 124 int i, err; 125 126 BT_DBG("sock %p", sk); 127 128 read_lock(&hci_dev_list_lock); 129 130 count = 0; 131 list_for_each(p, &hci_dev_list) { 132 count++; 133 } 134 135 rp_len = sizeof(*rp) + (2 * count); 136 rp = kmalloc(rp_len, GFP_ATOMIC); 137 if (!rp) { 138 read_unlock(&hci_dev_list_lock); 139 return -ENOMEM; 140 } 141 142 put_unaligned_le16(count, &rp->num_controllers); 143 144 i = 0; 145 list_for_each(p, &hci_dev_list) { 146 struct hci_dev *d = list_entry(p, struct hci_dev, list); 147 148 hci_del_off_timer(d); 149 150 set_bit(HCI_MGMT, &d->flags); 151 152 if (test_bit(HCI_SETUP, &d->flags)) 153 continue; 154 155 put_unaligned_le16(d->id, &rp->index[i++]); 156 BT_DBG("Added hci%u", d->id); 157 } 158 159 read_unlock(&hci_dev_list_lock); 160 161 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, rp, 162 rp_len); 163 164 kfree(rp); 165 166 return err; 167 } 168 169 static int read_controller_info(struct sock *sk, u16 index) 170 { 171 struct mgmt_rp_read_info rp; 172 struct hci_dev *hdev; 173 174 BT_DBG("sock %p hci%u", sk, index); 175 176 hdev = hci_dev_get(index); 177 if (!hdev) 178 return cmd_status(sk, index, MGMT_OP_READ_INFO, ENODEV); 179 180 hci_del_off_timer(hdev); 181 182 hci_dev_lock(hdev); 183 184 set_bit(HCI_MGMT, &hdev->flags); 185 186 memset(&rp, 0, sizeof(rp)); 187 188 rp.type = hdev->dev_type; 189 190 rp.powered = test_bit(HCI_UP, &hdev->flags); 191 rp.connectable = test_bit(HCI_PSCAN, &hdev->flags); 192 rp.discoverable = test_bit(HCI_ISCAN, &hdev->flags); 193 rp.pairable = test_bit(HCI_PSCAN, &hdev->flags); 194 195 if (test_bit(HCI_AUTH, &hdev->flags)) 196 rp.sec_mode = 3; 197 else if (hdev->ssp_mode > 0) 198 rp.sec_mode = 4; 199 else 200 rp.sec_mode = 2; 201 202 bacpy(&rp.bdaddr, &hdev->bdaddr); 203 memcpy(rp.features, hdev->features, 8); 204 memcpy(rp.dev_class, hdev->dev_class, 3); 205 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer); 206 rp.hci_ver = hdev->hci_ver; 207 put_unaligned_le16(hdev->hci_rev, &rp.hci_rev); 208 209 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name)); 210 211 hci_dev_unlock(hdev); 212 hci_dev_put(hdev); 213 214 return cmd_complete(sk, index, MGMT_OP_READ_INFO, &rp, sizeof(rp)); 215 } 216 217 static void mgmt_pending_free(struct pending_cmd *cmd) 218 { 219 sock_put(cmd->sk); 220 kfree(cmd->param); 221 kfree(cmd); 222 } 223 224 static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode, 225 u16 index, void *data, u16 len) 226 { 227 struct pending_cmd *cmd; 228 229 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC); 230 if (!cmd) 231 return NULL; 232 233 cmd->opcode = opcode; 234 cmd->index = index; 235 236 cmd->param = kmalloc(len, GFP_ATOMIC); 237 if (!cmd->param) { 238 kfree(cmd); 239 return NULL; 240 } 241 242 if (data) 243 memcpy(cmd->param, data, len); 244 245 cmd->sk = sk; 246 sock_hold(sk); 247 248 list_add(&cmd->list, &cmd_list); 249 250 return cmd; 251 } 252 253 static void mgmt_pending_foreach(u16 opcode, int index, 254 void (*cb)(struct pending_cmd *cmd, void *data), 255 void *data) 256 { 257 struct list_head *p, *n; 258 259 list_for_each_safe(p, n, &cmd_list) { 260 struct pending_cmd *cmd; 261 262 cmd = list_entry(p, struct pending_cmd, list); 263 264 if (cmd->opcode != opcode) 265 continue; 266 267 if (index >= 0 && cmd->index != index) 268 continue; 269 270 cb(cmd, data); 271 } 272 } 273 274 static struct pending_cmd *mgmt_pending_find(u16 opcode, int index) 275 { 276 struct list_head *p; 277 278 list_for_each(p, &cmd_list) { 279 struct pending_cmd *cmd; 280 281 cmd = list_entry(p, struct pending_cmd, list); 282 283 if (cmd->opcode != opcode) 284 continue; 285 286 if (index >= 0 && cmd->index != index) 287 continue; 288 289 return cmd; 290 } 291 292 return NULL; 293 } 294 295 static void mgmt_pending_remove(struct pending_cmd *cmd) 296 { 297 list_del(&cmd->list); 298 mgmt_pending_free(cmd); 299 } 300 301 static int set_powered(struct sock *sk, u16 index, unsigned char *data, u16 len) 302 { 303 struct mgmt_mode *cp; 304 struct hci_dev *hdev; 305 struct pending_cmd *cmd; 306 int err, up; 307 308 cp = (void *) data; 309 310 BT_DBG("request for hci%u", index); 311 312 if (len != sizeof(*cp)) 313 return cmd_status(sk, index, MGMT_OP_SET_POWERED, EINVAL); 314 315 hdev = hci_dev_get(index); 316 if (!hdev) 317 return cmd_status(sk, index, MGMT_OP_SET_POWERED, ENODEV); 318 319 hci_dev_lock(hdev); 320 321 up = test_bit(HCI_UP, &hdev->flags); 322 if ((cp->val && up) || (!cp->val && !up)) { 323 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EALREADY); 324 goto failed; 325 } 326 327 if (mgmt_pending_find(MGMT_OP_SET_POWERED, index)) { 328 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EBUSY); 329 goto failed; 330 } 331 332 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, index, data, len); 333 if (!cmd) { 334 err = -ENOMEM; 335 goto failed; 336 } 337 338 if (cp->val) 339 queue_work(hdev->workqueue, &hdev->power_on); 340 else 341 queue_work(hdev->workqueue, &hdev->power_off); 342 343 err = 0; 344 345 failed: 346 hci_dev_unlock(hdev); 347 hci_dev_put(hdev); 348 return err; 349 } 350 351 static int set_discoverable(struct sock *sk, u16 index, unsigned char *data, 352 u16 len) 353 { 354 struct mgmt_mode *cp; 355 struct hci_dev *hdev; 356 struct pending_cmd *cmd; 357 u8 scan; 358 int err; 359 360 cp = (void *) data; 361 362 BT_DBG("request for hci%u", index); 363 364 if (len != sizeof(*cp)) 365 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EINVAL); 366 367 hdev = hci_dev_get(index); 368 if (!hdev) 369 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENODEV); 370 371 hci_dev_lock(hdev); 372 373 if (!test_bit(HCI_UP, &hdev->flags)) { 374 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENETDOWN); 375 goto failed; 376 } 377 378 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, index) || 379 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, index)) { 380 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EBUSY); 381 goto failed; 382 } 383 384 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) && 385 test_bit(HCI_PSCAN, &hdev->flags)) { 386 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EALREADY); 387 goto failed; 388 } 389 390 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, index, data, len); 391 if (!cmd) { 392 err = -ENOMEM; 393 goto failed; 394 } 395 396 scan = SCAN_PAGE; 397 398 if (cp->val) 399 scan |= SCAN_INQUIRY; 400 401 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan); 402 if (err < 0) 403 mgmt_pending_remove(cmd); 404 405 failed: 406 hci_dev_unlock(hdev); 407 hci_dev_put(hdev); 408 409 return err; 410 } 411 412 static int set_connectable(struct sock *sk, u16 index, unsigned char *data, 413 u16 len) 414 { 415 struct mgmt_mode *cp; 416 struct hci_dev *hdev; 417 struct pending_cmd *cmd; 418 u8 scan; 419 int err; 420 421 cp = (void *) data; 422 423 BT_DBG("request for hci%u", index); 424 425 if (len != sizeof(*cp)) 426 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EINVAL); 427 428 hdev = hci_dev_get(index); 429 if (!hdev) 430 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENODEV); 431 432 hci_dev_lock(hdev); 433 434 if (!test_bit(HCI_UP, &hdev->flags)) { 435 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENETDOWN); 436 goto failed; 437 } 438 439 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, index) || 440 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, index)) { 441 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EBUSY); 442 goto failed; 443 } 444 445 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) { 446 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EALREADY); 447 goto failed; 448 } 449 450 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, index, data, len); 451 if (!cmd) { 452 err = -ENOMEM; 453 goto failed; 454 } 455 456 if (cp->val) 457 scan = SCAN_PAGE; 458 else 459 scan = 0; 460 461 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan); 462 if (err < 0) 463 mgmt_pending_remove(cmd); 464 465 failed: 466 hci_dev_unlock(hdev); 467 hci_dev_put(hdev); 468 469 return err; 470 } 471 472 static int mgmt_event(u16 event, u16 index, void *data, u16 data_len, 473 struct sock *skip_sk) 474 { 475 struct sk_buff *skb; 476 struct mgmt_hdr *hdr; 477 478 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC); 479 if (!skb) 480 return -ENOMEM; 481 482 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL; 483 484 hdr = (void *) skb_put(skb, sizeof(*hdr)); 485 hdr->opcode = cpu_to_le16(event); 486 hdr->index = cpu_to_le16(index); 487 hdr->len = cpu_to_le16(data_len); 488 489 if (data) 490 memcpy(skb_put(skb, data_len), data, data_len); 491 492 hci_send_to_sock(NULL, skb, skip_sk); 493 kfree_skb(skb); 494 495 return 0; 496 } 497 498 static int send_mode_rsp(struct sock *sk, u16 opcode, u16 index, u8 val) 499 { 500 struct mgmt_mode rp; 501 502 rp.val = val; 503 504 return cmd_complete(sk, index, opcode, &rp, sizeof(rp)); 505 } 506 507 static int set_pairable(struct sock *sk, u16 index, unsigned char *data, 508 u16 len) 509 { 510 struct mgmt_mode *cp, ev; 511 struct hci_dev *hdev; 512 int err; 513 514 cp = (void *) data; 515 516 BT_DBG("request for hci%u", index); 517 518 if (len != sizeof(*cp)) 519 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, EINVAL); 520 521 hdev = hci_dev_get(index); 522 if (!hdev) 523 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, ENODEV); 524 525 hci_dev_lock(hdev); 526 527 if (cp->val) 528 set_bit(HCI_PAIRABLE, &hdev->flags); 529 else 530 clear_bit(HCI_PAIRABLE, &hdev->flags); 531 532 err = send_mode_rsp(sk, MGMT_OP_SET_PAIRABLE, index, cp->val); 533 if (err < 0) 534 goto failed; 535 536 ev.val = cp->val; 537 538 err = mgmt_event(MGMT_EV_PAIRABLE, index, &ev, sizeof(ev), sk); 539 540 failed: 541 hci_dev_unlock(hdev); 542 hci_dev_put(hdev); 543 544 return err; 545 } 546 547 #define EIR_FLAGS 0x01 /* flags */ 548 #define EIR_UUID16_SOME 0x02 /* 16-bit UUID, more available */ 549 #define EIR_UUID16_ALL 0x03 /* 16-bit UUID, all listed */ 550 #define EIR_UUID32_SOME 0x04 /* 32-bit UUID, more available */ 551 #define EIR_UUID32_ALL 0x05 /* 32-bit UUID, all listed */ 552 #define EIR_UUID128_SOME 0x06 /* 128-bit UUID, more available */ 553 #define EIR_UUID128_ALL 0x07 /* 128-bit UUID, all listed */ 554 #define EIR_NAME_SHORT 0x08 /* shortened local name */ 555 #define EIR_NAME_COMPLETE 0x09 /* complete local name */ 556 #define EIR_TX_POWER 0x0A /* transmit power level */ 557 #define EIR_DEVICE_ID 0x10 /* device ID */ 558 559 #define PNP_INFO_SVCLASS_ID 0x1200 560 561 static u8 bluetooth_base_uuid[] = { 562 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80, 563 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 564 }; 565 566 static u16 get_uuid16(u8 *uuid128) 567 { 568 u32 val; 569 int i; 570 571 for (i = 0; i < 12; i++) { 572 if (bluetooth_base_uuid[i] != uuid128[i]) 573 return 0; 574 } 575 576 memcpy(&val, &uuid128[12], 4); 577 578 val = le32_to_cpu(val); 579 if (val > 0xffff) 580 return 0; 581 582 return (u16) val; 583 } 584 585 static void create_eir(struct hci_dev *hdev, u8 *data) 586 { 587 u8 *ptr = data; 588 u16 eir_len = 0; 589 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)]; 590 int i, truncated = 0; 591 struct list_head *p; 592 size_t name_len; 593 594 name_len = strlen(hdev->dev_name); 595 596 if (name_len > 0) { 597 /* EIR Data type */ 598 if (name_len > 48) { 599 name_len = 48; 600 ptr[1] = EIR_NAME_SHORT; 601 } else 602 ptr[1] = EIR_NAME_COMPLETE; 603 604 /* EIR Data length */ 605 ptr[0] = name_len + 1; 606 607 memcpy(ptr + 2, hdev->dev_name, name_len); 608 609 eir_len += (name_len + 2); 610 ptr += (name_len + 2); 611 } 612 613 memset(uuid16_list, 0, sizeof(uuid16_list)); 614 615 /* Group all UUID16 types */ 616 list_for_each(p, &hdev->uuids) { 617 struct bt_uuid *uuid = list_entry(p, struct bt_uuid, list); 618 u16 uuid16; 619 620 uuid16 = get_uuid16(uuid->uuid); 621 if (uuid16 == 0) 622 return; 623 624 if (uuid16 < 0x1100) 625 continue; 626 627 if (uuid16 == PNP_INFO_SVCLASS_ID) 628 continue; 629 630 /* Stop if not enough space to put next UUID */ 631 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) { 632 truncated = 1; 633 break; 634 } 635 636 /* Check for duplicates */ 637 for (i = 0; uuid16_list[i] != 0; i++) 638 if (uuid16_list[i] == uuid16) 639 break; 640 641 if (uuid16_list[i] == 0) { 642 uuid16_list[i] = uuid16; 643 eir_len += sizeof(u16); 644 } 645 } 646 647 if (uuid16_list[0] != 0) { 648 u8 *length = ptr; 649 650 /* EIR Data type */ 651 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL; 652 653 ptr += 2; 654 eir_len += 2; 655 656 for (i = 0; uuid16_list[i] != 0; i++) { 657 *ptr++ = (uuid16_list[i] & 0x00ff); 658 *ptr++ = (uuid16_list[i] & 0xff00) >> 8; 659 } 660 661 /* EIR Data length */ 662 *length = (i * sizeof(u16)) + 1; 663 } 664 } 665 666 static int update_eir(struct hci_dev *hdev) 667 { 668 struct hci_cp_write_eir cp; 669 670 if (!(hdev->features[6] & LMP_EXT_INQ)) 671 return 0; 672 673 if (hdev->ssp_mode == 0) 674 return 0; 675 676 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags)) 677 return 0; 678 679 memset(&cp, 0, sizeof(cp)); 680 681 create_eir(hdev, cp.data); 682 683 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0) 684 return 0; 685 686 memcpy(hdev->eir, cp.data, sizeof(cp.data)); 687 688 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp); 689 } 690 691 static u8 get_service_classes(struct hci_dev *hdev) 692 { 693 struct list_head *p; 694 u8 val = 0; 695 696 list_for_each(p, &hdev->uuids) { 697 struct bt_uuid *uuid = list_entry(p, struct bt_uuid, list); 698 699 val |= uuid->svc_hint; 700 } 701 702 return val; 703 } 704 705 static int update_class(struct hci_dev *hdev) 706 { 707 u8 cod[3]; 708 709 BT_DBG("%s", hdev->name); 710 711 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags)) 712 return 0; 713 714 cod[0] = hdev->minor_class; 715 cod[1] = hdev->major_class; 716 cod[2] = get_service_classes(hdev); 717 718 if (memcmp(cod, hdev->dev_class, 3) == 0) 719 return 0; 720 721 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod); 722 } 723 724 static int add_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len) 725 { 726 struct mgmt_cp_add_uuid *cp; 727 struct hci_dev *hdev; 728 struct bt_uuid *uuid; 729 int err; 730 731 cp = (void *) data; 732 733 BT_DBG("request for hci%u", index); 734 735 if (len != sizeof(*cp)) 736 return cmd_status(sk, index, MGMT_OP_ADD_UUID, EINVAL); 737 738 hdev = hci_dev_get(index); 739 if (!hdev) 740 return cmd_status(sk, index, MGMT_OP_ADD_UUID, ENODEV); 741 742 hci_dev_lock(hdev); 743 744 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC); 745 if (!uuid) { 746 err = -ENOMEM; 747 goto failed; 748 } 749 750 memcpy(uuid->uuid, cp->uuid, 16); 751 uuid->svc_hint = cp->svc_hint; 752 753 list_add(&uuid->list, &hdev->uuids); 754 755 err = update_class(hdev); 756 if (err < 0) 757 goto failed; 758 759 err = update_eir(hdev); 760 if (err < 0) 761 goto failed; 762 763 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, NULL, 0); 764 765 failed: 766 hci_dev_unlock(hdev); 767 hci_dev_put(hdev); 768 769 return err; 770 } 771 772 static int remove_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len) 773 { 774 struct list_head *p, *n; 775 struct mgmt_cp_remove_uuid *cp; 776 struct hci_dev *hdev; 777 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; 778 int err, found; 779 780 cp = (void *) data; 781 782 BT_DBG("request for hci%u", index); 783 784 if (len != sizeof(*cp)) 785 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, EINVAL); 786 787 hdev = hci_dev_get(index); 788 if (!hdev) 789 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENODEV); 790 791 hci_dev_lock(hdev); 792 793 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) { 794 err = hci_uuids_clear(hdev); 795 goto unlock; 796 } 797 798 found = 0; 799 800 list_for_each_safe(p, n, &hdev->uuids) { 801 struct bt_uuid *match = list_entry(p, struct bt_uuid, list); 802 803 if (memcmp(match->uuid, cp->uuid, 16) != 0) 804 continue; 805 806 list_del(&match->list); 807 found++; 808 } 809 810 if (found == 0) { 811 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENOENT); 812 goto unlock; 813 } 814 815 err = update_class(hdev); 816 if (err < 0) 817 goto unlock; 818 819 err = update_eir(hdev); 820 if (err < 0) 821 goto unlock; 822 823 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, NULL, 0); 824 825 unlock: 826 hci_dev_unlock(hdev); 827 hci_dev_put(hdev); 828 829 return err; 830 } 831 832 static int set_dev_class(struct sock *sk, u16 index, unsigned char *data, 833 u16 len) 834 { 835 struct hci_dev *hdev; 836 struct mgmt_cp_set_dev_class *cp; 837 int err; 838 839 cp = (void *) data; 840 841 BT_DBG("request for hci%u", index); 842 843 if (len != sizeof(*cp)) 844 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, EINVAL); 845 846 hdev = hci_dev_get(index); 847 if (!hdev) 848 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, ENODEV); 849 850 hci_dev_lock(hdev); 851 852 hdev->major_class = cp->major; 853 hdev->minor_class = cp->minor; 854 855 err = update_class(hdev); 856 857 if (err == 0) 858 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, NULL, 0); 859 860 hci_dev_unlock(hdev); 861 hci_dev_put(hdev); 862 863 return err; 864 } 865 866 static int set_service_cache(struct sock *sk, u16 index, unsigned char *data, 867 u16 len) 868 { 869 struct hci_dev *hdev; 870 struct mgmt_cp_set_service_cache *cp; 871 int err; 872 873 cp = (void *) data; 874 875 if (len != sizeof(*cp)) 876 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, EINVAL); 877 878 hdev = hci_dev_get(index); 879 if (!hdev) 880 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, ENODEV); 881 882 hci_dev_lock(hdev); 883 884 BT_DBG("hci%u enable %d", index, cp->enable); 885 886 if (cp->enable) { 887 set_bit(HCI_SERVICE_CACHE, &hdev->flags); 888 err = 0; 889 } else { 890 clear_bit(HCI_SERVICE_CACHE, &hdev->flags); 891 err = update_class(hdev); 892 if (err == 0) 893 err = update_eir(hdev); 894 } 895 896 if (err == 0) 897 err = cmd_complete(sk, index, MGMT_OP_SET_SERVICE_CACHE, NULL, 898 0); 899 900 hci_dev_unlock(hdev); 901 hci_dev_put(hdev); 902 903 return err; 904 } 905 906 static int load_keys(struct sock *sk, u16 index, unsigned char *data, u16 len) 907 { 908 struct hci_dev *hdev; 909 struct mgmt_cp_load_keys *cp; 910 u16 key_count, expected_len; 911 int i; 912 913 cp = (void *) data; 914 915 if (len < sizeof(*cp)) 916 return -EINVAL; 917 918 key_count = get_unaligned_le16(&cp->key_count); 919 920 expected_len = sizeof(*cp) + key_count * sizeof(struct mgmt_key_info); 921 if (expected_len != len) { 922 BT_ERR("load_keys: expected %u bytes, got %u bytes", 923 len, expected_len); 924 return -EINVAL; 925 } 926 927 hdev = hci_dev_get(index); 928 if (!hdev) 929 return cmd_status(sk, index, MGMT_OP_LOAD_KEYS, ENODEV); 930 931 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys, 932 key_count); 933 934 hci_dev_lock(hdev); 935 936 hci_link_keys_clear(hdev); 937 938 set_bit(HCI_LINK_KEYS, &hdev->flags); 939 940 if (cp->debug_keys) 941 set_bit(HCI_DEBUG_KEYS, &hdev->flags); 942 else 943 clear_bit(HCI_DEBUG_KEYS, &hdev->flags); 944 945 for (i = 0; i < key_count; i++) { 946 struct mgmt_key_info *key = &cp->keys[i]; 947 948 hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type, 949 key->pin_len); 950 } 951 952 hci_dev_unlock(hdev); 953 hci_dev_put(hdev); 954 955 return 0; 956 } 957 958 static int remove_key(struct sock *sk, u16 index, unsigned char *data, u16 len) 959 { 960 struct hci_dev *hdev; 961 struct mgmt_cp_remove_key *cp; 962 struct hci_conn *conn; 963 int err; 964 965 cp = (void *) data; 966 967 if (len != sizeof(*cp)) 968 return cmd_status(sk, index, MGMT_OP_REMOVE_KEY, EINVAL); 969 970 hdev = hci_dev_get(index); 971 if (!hdev) 972 return cmd_status(sk, index, MGMT_OP_REMOVE_KEY, ENODEV); 973 974 hci_dev_lock(hdev); 975 976 err = hci_remove_link_key(hdev, &cp->bdaddr); 977 if (err < 0) { 978 err = cmd_status(sk, index, MGMT_OP_REMOVE_KEY, -err); 979 goto unlock; 980 } 981 982 err = 0; 983 984 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect) 985 goto unlock; 986 987 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); 988 if (conn) { 989 struct hci_cp_disconnect dc; 990 991 put_unaligned_le16(conn->handle, &dc.handle); 992 dc.reason = 0x13; /* Remote User Terminated Connection */ 993 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, 0, NULL); 994 } 995 996 unlock: 997 hci_dev_unlock(hdev); 998 hci_dev_put(hdev); 999 1000 return err; 1001 } 1002 1003 static int disconnect(struct sock *sk, u16 index, unsigned char *data, u16 len) 1004 { 1005 struct hci_dev *hdev; 1006 struct mgmt_cp_disconnect *cp; 1007 struct hci_cp_disconnect dc; 1008 struct pending_cmd *cmd; 1009 struct hci_conn *conn; 1010 int err; 1011 1012 BT_DBG(""); 1013 1014 cp = (void *) data; 1015 1016 if (len != sizeof(*cp)) 1017 return cmd_status(sk, index, MGMT_OP_DISCONNECT, EINVAL); 1018 1019 hdev = hci_dev_get(index); 1020 if (!hdev) 1021 return cmd_status(sk, index, MGMT_OP_DISCONNECT, ENODEV); 1022 1023 hci_dev_lock(hdev); 1024 1025 if (!test_bit(HCI_UP, &hdev->flags)) { 1026 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENETDOWN); 1027 goto failed; 1028 } 1029 1030 if (mgmt_pending_find(MGMT_OP_DISCONNECT, index)) { 1031 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, EBUSY); 1032 goto failed; 1033 } 1034 1035 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); 1036 if (!conn) 1037 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->bdaddr); 1038 1039 if (!conn) { 1040 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENOTCONN); 1041 goto failed; 1042 } 1043 1044 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, index, data, len); 1045 if (!cmd) { 1046 err = -ENOMEM; 1047 goto failed; 1048 } 1049 1050 put_unaligned_le16(conn->handle, &dc.handle); 1051 dc.reason = 0x13; /* Remote User Terminated Connection */ 1052 1053 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc); 1054 if (err < 0) 1055 mgmt_pending_remove(cmd); 1056 1057 failed: 1058 hci_dev_unlock(hdev); 1059 hci_dev_put(hdev); 1060 1061 return err; 1062 } 1063 1064 static int get_connections(struct sock *sk, u16 index) 1065 { 1066 struct mgmt_rp_get_connections *rp; 1067 struct hci_dev *hdev; 1068 struct list_head *p; 1069 size_t rp_len; 1070 u16 count; 1071 int i, err; 1072 1073 BT_DBG(""); 1074 1075 hdev = hci_dev_get(index); 1076 if (!hdev) 1077 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS, ENODEV); 1078 1079 hci_dev_lock(hdev); 1080 1081 count = 0; 1082 list_for_each(p, &hdev->conn_hash.list) { 1083 count++; 1084 } 1085 1086 rp_len = sizeof(*rp) + (count * sizeof(bdaddr_t)); 1087 rp = kmalloc(rp_len, GFP_ATOMIC); 1088 if (!rp) { 1089 err = -ENOMEM; 1090 goto unlock; 1091 } 1092 1093 put_unaligned_le16(count, &rp->conn_count); 1094 1095 read_lock(&hci_dev_list_lock); 1096 1097 i = 0; 1098 list_for_each(p, &hdev->conn_hash.list) { 1099 struct hci_conn *c = list_entry(p, struct hci_conn, list); 1100 1101 bacpy(&rp->conn[i++], &c->dst); 1102 } 1103 1104 read_unlock(&hci_dev_list_lock); 1105 1106 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, rp, rp_len); 1107 1108 unlock: 1109 kfree(rp); 1110 hci_dev_unlock(hdev); 1111 hci_dev_put(hdev); 1112 return err; 1113 } 1114 1115 static int pin_code_reply(struct sock *sk, u16 index, unsigned char *data, 1116 u16 len) 1117 { 1118 struct hci_dev *hdev; 1119 struct mgmt_cp_pin_code_reply *cp; 1120 struct hci_cp_pin_code_reply reply; 1121 struct pending_cmd *cmd; 1122 int err; 1123 1124 BT_DBG(""); 1125 1126 cp = (void *) data; 1127 1128 if (len != sizeof(*cp)) 1129 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, EINVAL); 1130 1131 hdev = hci_dev_get(index); 1132 if (!hdev) 1133 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENODEV); 1134 1135 hci_dev_lock(hdev); 1136 1137 if (!test_bit(HCI_UP, &hdev->flags)) { 1138 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENETDOWN); 1139 goto failed; 1140 } 1141 1142 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, index, data, len); 1143 if (!cmd) { 1144 err = -ENOMEM; 1145 goto failed; 1146 } 1147 1148 bacpy(&reply.bdaddr, &cp->bdaddr); 1149 reply.pin_len = cp->pin_len; 1150 memcpy(reply.pin_code, cp->pin_code, 16); 1151 1152 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply); 1153 if (err < 0) 1154 mgmt_pending_remove(cmd); 1155 1156 failed: 1157 hci_dev_unlock(hdev); 1158 hci_dev_put(hdev); 1159 1160 return err; 1161 } 1162 1163 static int pin_code_neg_reply(struct sock *sk, u16 index, unsigned char *data, 1164 u16 len) 1165 { 1166 struct hci_dev *hdev; 1167 struct mgmt_cp_pin_code_neg_reply *cp; 1168 struct pending_cmd *cmd; 1169 int err; 1170 1171 BT_DBG(""); 1172 1173 cp = (void *) data; 1174 1175 if (len != sizeof(*cp)) 1176 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY, 1177 EINVAL); 1178 1179 hdev = hci_dev_get(index); 1180 if (!hdev) 1181 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY, 1182 ENODEV); 1183 1184 hci_dev_lock(hdev); 1185 1186 if (!test_bit(HCI_UP, &hdev->flags)) { 1187 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY, 1188 ENETDOWN); 1189 goto failed; 1190 } 1191 1192 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, index, 1193 data, len); 1194 if (!cmd) { 1195 err = -ENOMEM; 1196 goto failed; 1197 } 1198 1199 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, sizeof(cp->bdaddr), 1200 &cp->bdaddr); 1201 if (err < 0) 1202 mgmt_pending_remove(cmd); 1203 1204 failed: 1205 hci_dev_unlock(hdev); 1206 hci_dev_put(hdev); 1207 1208 return err; 1209 } 1210 1211 static int set_io_capability(struct sock *sk, u16 index, unsigned char *data, 1212 u16 len) 1213 { 1214 struct hci_dev *hdev; 1215 struct mgmt_cp_set_io_capability *cp; 1216 1217 BT_DBG(""); 1218 1219 cp = (void *) data; 1220 1221 if (len != sizeof(*cp)) 1222 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, EINVAL); 1223 1224 hdev = hci_dev_get(index); 1225 if (!hdev) 1226 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, ENODEV); 1227 1228 hci_dev_lock(hdev); 1229 1230 hdev->io_capability = cp->io_capability; 1231 1232 BT_DBG("%s IO capability set to 0x%02x", hdev->name, 1233 hdev->io_capability); 1234 1235 hci_dev_unlock(hdev); 1236 hci_dev_put(hdev); 1237 1238 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, NULL, 0); 1239 } 1240 1241 static inline struct pending_cmd *find_pairing(struct hci_conn *conn) 1242 { 1243 struct hci_dev *hdev = conn->hdev; 1244 struct list_head *p; 1245 1246 list_for_each(p, &cmd_list) { 1247 struct pending_cmd *cmd; 1248 1249 cmd = list_entry(p, struct pending_cmd, list); 1250 1251 if (cmd->opcode != MGMT_OP_PAIR_DEVICE) 1252 continue; 1253 1254 if (cmd->index != hdev->id) 1255 continue; 1256 1257 if (cmd->user_data != conn) 1258 continue; 1259 1260 return cmd; 1261 } 1262 1263 return NULL; 1264 } 1265 1266 static void pairing_complete(struct pending_cmd *cmd, u8 status) 1267 { 1268 struct mgmt_rp_pair_device rp; 1269 struct hci_conn *conn = cmd->user_data; 1270 1271 bacpy(&rp.bdaddr, &conn->dst); 1272 rp.status = status; 1273 1274 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, &rp, sizeof(rp)); 1275 1276 /* So we don't get further callbacks for this connection */ 1277 conn->connect_cfm_cb = NULL; 1278 conn->security_cfm_cb = NULL; 1279 conn->disconn_cfm_cb = NULL; 1280 1281 hci_conn_put(conn); 1282 1283 mgmt_pending_remove(cmd); 1284 } 1285 1286 static void pairing_complete_cb(struct hci_conn *conn, u8 status) 1287 { 1288 struct pending_cmd *cmd; 1289 1290 BT_DBG("status %u", status); 1291 1292 cmd = find_pairing(conn); 1293 if (!cmd) { 1294 BT_DBG("Unable to find a pending command"); 1295 return; 1296 } 1297 1298 pairing_complete(cmd, status); 1299 } 1300 1301 static int pair_device(struct sock *sk, u16 index, unsigned char *data, u16 len) 1302 { 1303 struct hci_dev *hdev; 1304 struct mgmt_cp_pair_device *cp; 1305 struct pending_cmd *cmd; 1306 u8 sec_level, auth_type; 1307 struct hci_conn *conn; 1308 int err; 1309 1310 BT_DBG(""); 1311 1312 cp = (void *) data; 1313 1314 if (len != sizeof(*cp)) 1315 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EINVAL); 1316 1317 hdev = hci_dev_get(index); 1318 if (!hdev) 1319 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, ENODEV); 1320 1321 hci_dev_lock(hdev); 1322 1323 if (cp->io_cap == 0x03) { 1324 sec_level = BT_SECURITY_MEDIUM; 1325 auth_type = HCI_AT_DEDICATED_BONDING; 1326 } else { 1327 sec_level = BT_SECURITY_HIGH; 1328 auth_type = HCI_AT_DEDICATED_BONDING_MITM; 1329 } 1330 1331 conn = hci_connect(hdev, ACL_LINK, &cp->bdaddr, sec_level, auth_type); 1332 if (IS_ERR(conn)) { 1333 err = PTR_ERR(conn); 1334 goto unlock; 1335 } 1336 1337 if (conn->connect_cfm_cb) { 1338 hci_conn_put(conn); 1339 err = cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EBUSY); 1340 goto unlock; 1341 } 1342 1343 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, index, data, len); 1344 if (!cmd) { 1345 err = -ENOMEM; 1346 hci_conn_put(conn); 1347 goto unlock; 1348 } 1349 1350 conn->connect_cfm_cb = pairing_complete_cb; 1351 conn->security_cfm_cb = pairing_complete_cb; 1352 conn->disconn_cfm_cb = pairing_complete_cb; 1353 conn->io_capability = cp->io_cap; 1354 cmd->user_data = conn; 1355 1356 if (conn->state == BT_CONNECTED && 1357 hci_conn_security(conn, sec_level, auth_type)) 1358 pairing_complete(cmd, 0); 1359 1360 err = 0; 1361 1362 unlock: 1363 hci_dev_unlock(hdev); 1364 hci_dev_put(hdev); 1365 1366 return err; 1367 } 1368 1369 static int user_confirm_reply(struct sock *sk, u16 index, unsigned char *data, 1370 u16 len, int success) 1371 { 1372 struct mgmt_cp_user_confirm_reply *cp = (void *) data; 1373 u16 mgmt_op, hci_op; 1374 struct pending_cmd *cmd; 1375 struct hci_dev *hdev; 1376 int err; 1377 1378 BT_DBG(""); 1379 1380 if (success) { 1381 mgmt_op = MGMT_OP_USER_CONFIRM_REPLY; 1382 hci_op = HCI_OP_USER_CONFIRM_REPLY; 1383 } else { 1384 mgmt_op = MGMT_OP_USER_CONFIRM_NEG_REPLY; 1385 hci_op = HCI_OP_USER_CONFIRM_NEG_REPLY; 1386 } 1387 1388 if (len != sizeof(*cp)) 1389 return cmd_status(sk, index, mgmt_op, EINVAL); 1390 1391 hdev = hci_dev_get(index); 1392 if (!hdev) 1393 return cmd_status(sk, index, mgmt_op, ENODEV); 1394 1395 hci_dev_lock(hdev); 1396 1397 if (!test_bit(HCI_UP, &hdev->flags)) { 1398 err = cmd_status(sk, index, mgmt_op, ENETDOWN); 1399 goto failed; 1400 } 1401 1402 cmd = mgmt_pending_add(sk, mgmt_op, index, data, len); 1403 if (!cmd) { 1404 err = -ENOMEM; 1405 goto failed; 1406 } 1407 1408 err = hci_send_cmd(hdev, hci_op, sizeof(cp->bdaddr), &cp->bdaddr); 1409 if (err < 0) 1410 mgmt_pending_remove(cmd); 1411 1412 failed: 1413 hci_dev_unlock(hdev); 1414 hci_dev_put(hdev); 1415 1416 return err; 1417 } 1418 1419 static int set_local_name(struct sock *sk, u16 index, unsigned char *data, 1420 u16 len) 1421 { 1422 struct mgmt_cp_set_local_name *mgmt_cp = (void *) data; 1423 struct hci_cp_write_local_name hci_cp; 1424 struct hci_dev *hdev; 1425 struct pending_cmd *cmd; 1426 int err; 1427 1428 BT_DBG(""); 1429 1430 if (len != sizeof(*mgmt_cp)) 1431 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, EINVAL); 1432 1433 hdev = hci_dev_get(index); 1434 if (!hdev) 1435 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, ENODEV); 1436 1437 hci_dev_lock(hdev); 1438 1439 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, index, data, len); 1440 if (!cmd) { 1441 err = -ENOMEM; 1442 goto failed; 1443 } 1444 1445 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name)); 1446 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp), 1447 &hci_cp); 1448 if (err < 0) 1449 mgmt_pending_remove(cmd); 1450 1451 failed: 1452 hci_dev_unlock(hdev); 1453 hci_dev_put(hdev); 1454 1455 return err; 1456 } 1457 1458 static int read_local_oob_data(struct sock *sk, u16 index) 1459 { 1460 struct hci_dev *hdev; 1461 struct pending_cmd *cmd; 1462 int err; 1463 1464 BT_DBG("hci%u", index); 1465 1466 hdev = hci_dev_get(index); 1467 if (!hdev) 1468 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA, 1469 ENODEV); 1470 1471 hci_dev_lock(hdev); 1472 1473 if (!test_bit(HCI_UP, &hdev->flags)) { 1474 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA, 1475 ENETDOWN); 1476 goto unlock; 1477 } 1478 1479 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) { 1480 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA, 1481 EOPNOTSUPP); 1482 goto unlock; 1483 } 1484 1485 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, index)) { 1486 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA, EBUSY); 1487 goto unlock; 1488 } 1489 1490 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, index, NULL, 0); 1491 if (!cmd) { 1492 err = -ENOMEM; 1493 goto unlock; 1494 } 1495 1496 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL); 1497 if (err < 0) 1498 mgmt_pending_remove(cmd); 1499 1500 unlock: 1501 hci_dev_unlock(hdev); 1502 hci_dev_put(hdev); 1503 1504 return err; 1505 } 1506 1507 static int add_remote_oob_data(struct sock *sk, u16 index, unsigned char *data, 1508 u16 len) 1509 { 1510 struct hci_dev *hdev; 1511 struct mgmt_cp_add_remote_oob_data *cp = (void *) data; 1512 int err; 1513 1514 BT_DBG("hci%u ", index); 1515 1516 if (len != sizeof(*cp)) 1517 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, 1518 EINVAL); 1519 1520 hdev = hci_dev_get(index); 1521 if (!hdev) 1522 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, 1523 ENODEV); 1524 1525 hci_dev_lock(hdev); 1526 1527 err = hci_add_remote_oob_data(hdev, &cp->bdaddr, cp->hash, 1528 cp->randomizer); 1529 if (err < 0) 1530 err = cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, -err); 1531 else 1532 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, NULL, 1533 0); 1534 1535 hci_dev_unlock(hdev); 1536 hci_dev_put(hdev); 1537 1538 return err; 1539 } 1540 1541 static int remove_remote_oob_data(struct sock *sk, u16 index, 1542 unsigned char *data, u16 len) 1543 { 1544 struct hci_dev *hdev; 1545 struct mgmt_cp_remove_remote_oob_data *cp = (void *) data; 1546 int err; 1547 1548 BT_DBG("hci%u ", index); 1549 1550 if (len != sizeof(*cp)) 1551 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA, 1552 EINVAL); 1553 1554 hdev = hci_dev_get(index); 1555 if (!hdev) 1556 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA, 1557 ENODEV); 1558 1559 hci_dev_lock(hdev); 1560 1561 err = hci_remove_remote_oob_data(hdev, &cp->bdaddr); 1562 if (err < 0) 1563 err = cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA, 1564 -err); 1565 else 1566 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA, 1567 NULL, 0); 1568 1569 hci_dev_unlock(hdev); 1570 hci_dev_put(hdev); 1571 1572 return err; 1573 } 1574 1575 static int start_discovery(struct sock *sk, u16 index) 1576 { 1577 u8 lap[3] = { 0x33, 0x8b, 0x9e }; 1578 struct hci_cp_inquiry cp; 1579 struct pending_cmd *cmd; 1580 struct hci_dev *hdev; 1581 int err; 1582 1583 BT_DBG("hci%u", index); 1584 1585 hdev = hci_dev_get(index); 1586 if (!hdev) 1587 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY, ENODEV); 1588 1589 hci_dev_lock_bh(hdev); 1590 1591 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, index, NULL, 0); 1592 if (!cmd) { 1593 err = -ENOMEM; 1594 goto failed; 1595 } 1596 1597 memset(&cp, 0, sizeof(cp)); 1598 memcpy(&cp.lap, lap, 3); 1599 cp.length = 0x08; 1600 cp.num_rsp = 0x00; 1601 1602 err = hci_send_cmd(hdev, HCI_OP_INQUIRY, sizeof(cp), &cp); 1603 if (err < 0) 1604 mgmt_pending_remove(cmd); 1605 1606 failed: 1607 hci_dev_unlock_bh(hdev); 1608 hci_dev_put(hdev); 1609 1610 return err; 1611 } 1612 1613 static int stop_discovery(struct sock *sk, u16 index) 1614 { 1615 struct hci_dev *hdev; 1616 struct pending_cmd *cmd; 1617 int err; 1618 1619 BT_DBG("hci%u", index); 1620 1621 hdev = hci_dev_get(index); 1622 if (!hdev) 1623 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY, ENODEV); 1624 1625 hci_dev_lock_bh(hdev); 1626 1627 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, index, NULL, 0); 1628 if (!cmd) { 1629 err = -ENOMEM; 1630 goto failed; 1631 } 1632 1633 err = hci_send_cmd(hdev, HCI_OP_INQUIRY_CANCEL, 0, NULL); 1634 if (err < 0) 1635 mgmt_pending_remove(cmd); 1636 1637 failed: 1638 hci_dev_unlock_bh(hdev); 1639 hci_dev_put(hdev); 1640 1641 return err; 1642 } 1643 1644 int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen) 1645 { 1646 unsigned char *buf; 1647 struct mgmt_hdr *hdr; 1648 u16 opcode, index, len; 1649 int err; 1650 1651 BT_DBG("got %zu bytes", msglen); 1652 1653 if (msglen < sizeof(*hdr)) 1654 return -EINVAL; 1655 1656 buf = kmalloc(msglen, GFP_KERNEL); 1657 if (!buf) 1658 return -ENOMEM; 1659 1660 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) { 1661 err = -EFAULT; 1662 goto done; 1663 } 1664 1665 hdr = (struct mgmt_hdr *) buf; 1666 opcode = get_unaligned_le16(&hdr->opcode); 1667 index = get_unaligned_le16(&hdr->index); 1668 len = get_unaligned_le16(&hdr->len); 1669 1670 if (len != msglen - sizeof(*hdr)) { 1671 err = -EINVAL; 1672 goto done; 1673 } 1674 1675 switch (opcode) { 1676 case MGMT_OP_READ_VERSION: 1677 err = read_version(sk); 1678 break; 1679 case MGMT_OP_READ_INDEX_LIST: 1680 err = read_index_list(sk); 1681 break; 1682 case MGMT_OP_READ_INFO: 1683 err = read_controller_info(sk, index); 1684 break; 1685 case MGMT_OP_SET_POWERED: 1686 err = set_powered(sk, index, buf + sizeof(*hdr), len); 1687 break; 1688 case MGMT_OP_SET_DISCOVERABLE: 1689 err = set_discoverable(sk, index, buf + sizeof(*hdr), len); 1690 break; 1691 case MGMT_OP_SET_CONNECTABLE: 1692 err = set_connectable(sk, index, buf + sizeof(*hdr), len); 1693 break; 1694 case MGMT_OP_SET_PAIRABLE: 1695 err = set_pairable(sk, index, buf + sizeof(*hdr), len); 1696 break; 1697 case MGMT_OP_ADD_UUID: 1698 err = add_uuid(sk, index, buf + sizeof(*hdr), len); 1699 break; 1700 case MGMT_OP_REMOVE_UUID: 1701 err = remove_uuid(sk, index, buf + sizeof(*hdr), len); 1702 break; 1703 case MGMT_OP_SET_DEV_CLASS: 1704 err = set_dev_class(sk, index, buf + sizeof(*hdr), len); 1705 break; 1706 case MGMT_OP_SET_SERVICE_CACHE: 1707 err = set_service_cache(sk, index, buf + sizeof(*hdr), len); 1708 break; 1709 case MGMT_OP_LOAD_KEYS: 1710 err = load_keys(sk, index, buf + sizeof(*hdr), len); 1711 break; 1712 case MGMT_OP_REMOVE_KEY: 1713 err = remove_key(sk, index, buf + sizeof(*hdr), len); 1714 break; 1715 case MGMT_OP_DISCONNECT: 1716 err = disconnect(sk, index, buf + sizeof(*hdr), len); 1717 break; 1718 case MGMT_OP_GET_CONNECTIONS: 1719 err = get_connections(sk, index); 1720 break; 1721 case MGMT_OP_PIN_CODE_REPLY: 1722 err = pin_code_reply(sk, index, buf + sizeof(*hdr), len); 1723 break; 1724 case MGMT_OP_PIN_CODE_NEG_REPLY: 1725 err = pin_code_neg_reply(sk, index, buf + sizeof(*hdr), len); 1726 break; 1727 case MGMT_OP_SET_IO_CAPABILITY: 1728 err = set_io_capability(sk, index, buf + sizeof(*hdr), len); 1729 break; 1730 case MGMT_OP_PAIR_DEVICE: 1731 err = pair_device(sk, index, buf + sizeof(*hdr), len); 1732 break; 1733 case MGMT_OP_USER_CONFIRM_REPLY: 1734 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 1); 1735 break; 1736 case MGMT_OP_USER_CONFIRM_NEG_REPLY: 1737 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 0); 1738 break; 1739 case MGMT_OP_SET_LOCAL_NAME: 1740 err = set_local_name(sk, index, buf + sizeof(*hdr), len); 1741 break; 1742 case MGMT_OP_READ_LOCAL_OOB_DATA: 1743 err = read_local_oob_data(sk, index); 1744 break; 1745 case MGMT_OP_ADD_REMOTE_OOB_DATA: 1746 err = add_remote_oob_data(sk, index, buf + sizeof(*hdr), len); 1747 break; 1748 case MGMT_OP_REMOVE_REMOTE_OOB_DATA: 1749 err = remove_remote_oob_data(sk, index, buf + sizeof(*hdr), 1750 len); 1751 break; 1752 case MGMT_OP_START_DISCOVERY: 1753 err = start_discovery(sk, index); 1754 break; 1755 case MGMT_OP_STOP_DISCOVERY: 1756 err = stop_discovery(sk, index); 1757 break; 1758 default: 1759 BT_DBG("Unknown op %u", opcode); 1760 err = cmd_status(sk, index, opcode, 0x01); 1761 break; 1762 } 1763 1764 if (err < 0) 1765 goto done; 1766 1767 err = msglen; 1768 1769 done: 1770 kfree(buf); 1771 return err; 1772 } 1773 1774 int mgmt_index_added(u16 index) 1775 { 1776 return mgmt_event(MGMT_EV_INDEX_ADDED, index, NULL, 0, NULL); 1777 } 1778 1779 int mgmt_index_removed(u16 index) 1780 { 1781 return mgmt_event(MGMT_EV_INDEX_REMOVED, index, NULL, 0, NULL); 1782 } 1783 1784 struct cmd_lookup { 1785 u8 val; 1786 struct sock *sk; 1787 }; 1788 1789 static void mode_rsp(struct pending_cmd *cmd, void *data) 1790 { 1791 struct mgmt_mode *cp = cmd->param; 1792 struct cmd_lookup *match = data; 1793 1794 if (cp->val != match->val) 1795 return; 1796 1797 send_mode_rsp(cmd->sk, cmd->opcode, cmd->index, cp->val); 1798 1799 list_del(&cmd->list); 1800 1801 if (match->sk == NULL) { 1802 match->sk = cmd->sk; 1803 sock_hold(match->sk); 1804 } 1805 1806 mgmt_pending_free(cmd); 1807 } 1808 1809 int mgmt_powered(u16 index, u8 powered) 1810 { 1811 struct mgmt_mode ev; 1812 struct cmd_lookup match = { powered, NULL }; 1813 int ret; 1814 1815 mgmt_pending_foreach(MGMT_OP_SET_POWERED, index, mode_rsp, &match); 1816 1817 ev.val = powered; 1818 1819 ret = mgmt_event(MGMT_EV_POWERED, index, &ev, sizeof(ev), match.sk); 1820 1821 if (match.sk) 1822 sock_put(match.sk); 1823 1824 return ret; 1825 } 1826 1827 int mgmt_discoverable(u16 index, u8 discoverable) 1828 { 1829 struct mgmt_mode ev; 1830 struct cmd_lookup match = { discoverable, NULL }; 1831 int ret; 1832 1833 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, index, mode_rsp, &match); 1834 1835 ev.val = discoverable; 1836 1837 ret = mgmt_event(MGMT_EV_DISCOVERABLE, index, &ev, sizeof(ev), 1838 match.sk); 1839 1840 if (match.sk) 1841 sock_put(match.sk); 1842 1843 return ret; 1844 } 1845 1846 int mgmt_connectable(u16 index, u8 connectable) 1847 { 1848 struct mgmt_mode ev; 1849 struct cmd_lookup match = { connectable, NULL }; 1850 int ret; 1851 1852 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, index, mode_rsp, &match); 1853 1854 ev.val = connectable; 1855 1856 ret = mgmt_event(MGMT_EV_CONNECTABLE, index, &ev, sizeof(ev), match.sk); 1857 1858 if (match.sk) 1859 sock_put(match.sk); 1860 1861 return ret; 1862 } 1863 1864 int mgmt_new_key(u16 index, struct link_key *key, u8 persistent) 1865 { 1866 struct mgmt_ev_new_key ev; 1867 1868 memset(&ev, 0, sizeof(ev)); 1869 1870 ev.store_hint = persistent; 1871 bacpy(&ev.key.bdaddr, &key->bdaddr); 1872 ev.key.type = key->type; 1873 memcpy(ev.key.val, key->val, 16); 1874 ev.key.pin_len = key->pin_len; 1875 1876 return mgmt_event(MGMT_EV_NEW_KEY, index, &ev, sizeof(ev), NULL); 1877 } 1878 1879 int mgmt_connected(u16 index, bdaddr_t *bdaddr) 1880 { 1881 struct mgmt_ev_connected ev; 1882 1883 bacpy(&ev.bdaddr, bdaddr); 1884 1885 return mgmt_event(MGMT_EV_CONNECTED, index, &ev, sizeof(ev), NULL); 1886 } 1887 1888 static void disconnect_rsp(struct pending_cmd *cmd, void *data) 1889 { 1890 struct mgmt_cp_disconnect *cp = cmd->param; 1891 struct sock **sk = data; 1892 struct mgmt_rp_disconnect rp; 1893 1894 bacpy(&rp.bdaddr, &cp->bdaddr); 1895 1896 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, &rp, sizeof(rp)); 1897 1898 *sk = cmd->sk; 1899 sock_hold(*sk); 1900 1901 mgmt_pending_remove(cmd); 1902 } 1903 1904 int mgmt_disconnected(u16 index, bdaddr_t *bdaddr) 1905 { 1906 struct mgmt_ev_disconnected ev; 1907 struct sock *sk = NULL; 1908 int err; 1909 1910 mgmt_pending_foreach(MGMT_OP_DISCONNECT, index, disconnect_rsp, &sk); 1911 1912 bacpy(&ev.bdaddr, bdaddr); 1913 1914 err = mgmt_event(MGMT_EV_DISCONNECTED, index, &ev, sizeof(ev), sk); 1915 1916 if (sk) 1917 sock_put(sk); 1918 1919 return err; 1920 } 1921 1922 int mgmt_disconnect_failed(u16 index) 1923 { 1924 struct pending_cmd *cmd; 1925 int err; 1926 1927 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, index); 1928 if (!cmd) 1929 return -ENOENT; 1930 1931 err = cmd_status(cmd->sk, index, MGMT_OP_DISCONNECT, EIO); 1932 1933 mgmt_pending_remove(cmd); 1934 1935 return err; 1936 } 1937 1938 int mgmt_connect_failed(u16 index, bdaddr_t *bdaddr, u8 status) 1939 { 1940 struct mgmt_ev_connect_failed ev; 1941 1942 bacpy(&ev.bdaddr, bdaddr); 1943 ev.status = status; 1944 1945 return mgmt_event(MGMT_EV_CONNECT_FAILED, index, &ev, sizeof(ev), NULL); 1946 } 1947 1948 int mgmt_pin_code_request(u16 index, bdaddr_t *bdaddr, u8 secure) 1949 { 1950 struct mgmt_ev_pin_code_request ev; 1951 1952 bacpy(&ev.bdaddr, bdaddr); 1953 ev.secure = secure; 1954 1955 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, index, &ev, sizeof(ev), 1956 NULL); 1957 } 1958 1959 int mgmt_pin_code_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status) 1960 { 1961 struct pending_cmd *cmd; 1962 struct mgmt_rp_pin_code_reply rp; 1963 int err; 1964 1965 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, index); 1966 if (!cmd) 1967 return -ENOENT; 1968 1969 bacpy(&rp.bdaddr, bdaddr); 1970 rp.status = status; 1971 1972 err = cmd_complete(cmd->sk, index, MGMT_OP_PIN_CODE_REPLY, &rp, 1973 sizeof(rp)); 1974 1975 mgmt_pending_remove(cmd); 1976 1977 return err; 1978 } 1979 1980 int mgmt_pin_code_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status) 1981 { 1982 struct pending_cmd *cmd; 1983 struct mgmt_rp_pin_code_reply rp; 1984 int err; 1985 1986 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, index); 1987 if (!cmd) 1988 return -ENOENT; 1989 1990 bacpy(&rp.bdaddr, bdaddr); 1991 rp.status = status; 1992 1993 err = cmd_complete(cmd->sk, index, MGMT_OP_PIN_CODE_NEG_REPLY, &rp, 1994 sizeof(rp)); 1995 1996 mgmt_pending_remove(cmd); 1997 1998 return err; 1999 } 2000 2001 int mgmt_user_confirm_request(u16 index, bdaddr_t *bdaddr, __le32 value, 2002 u8 confirm_hint) 2003 { 2004 struct mgmt_ev_user_confirm_request ev; 2005 2006 BT_DBG("hci%u", index); 2007 2008 bacpy(&ev.bdaddr, bdaddr); 2009 ev.confirm_hint = confirm_hint; 2010 put_unaligned_le32(value, &ev.value); 2011 2012 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, index, &ev, sizeof(ev), 2013 NULL); 2014 } 2015 2016 static int confirm_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status, 2017 u8 opcode) 2018 { 2019 struct pending_cmd *cmd; 2020 struct mgmt_rp_user_confirm_reply rp; 2021 int err; 2022 2023 cmd = mgmt_pending_find(opcode, index); 2024 if (!cmd) 2025 return -ENOENT; 2026 2027 bacpy(&rp.bdaddr, bdaddr); 2028 rp.status = status; 2029 err = cmd_complete(cmd->sk, index, opcode, &rp, sizeof(rp)); 2030 2031 mgmt_pending_remove(cmd); 2032 2033 return err; 2034 } 2035 2036 int mgmt_user_confirm_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status) 2037 { 2038 return confirm_reply_complete(index, bdaddr, status, 2039 MGMT_OP_USER_CONFIRM_REPLY); 2040 } 2041 2042 int mgmt_user_confirm_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status) 2043 { 2044 return confirm_reply_complete(index, bdaddr, status, 2045 MGMT_OP_USER_CONFIRM_NEG_REPLY); 2046 } 2047 2048 int mgmt_auth_failed(u16 index, bdaddr_t *bdaddr, u8 status) 2049 { 2050 struct mgmt_ev_auth_failed ev; 2051 2052 bacpy(&ev.bdaddr, bdaddr); 2053 ev.status = status; 2054 2055 return mgmt_event(MGMT_EV_AUTH_FAILED, index, &ev, sizeof(ev), NULL); 2056 } 2057 2058 int mgmt_set_local_name_complete(u16 index, u8 *name, u8 status) 2059 { 2060 struct pending_cmd *cmd; 2061 struct hci_dev *hdev; 2062 struct mgmt_cp_set_local_name ev; 2063 int err; 2064 2065 memset(&ev, 0, sizeof(ev)); 2066 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH); 2067 2068 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, index); 2069 if (!cmd) 2070 goto send_event; 2071 2072 if (status) { 2073 err = cmd_status(cmd->sk, index, MGMT_OP_SET_LOCAL_NAME, EIO); 2074 goto failed; 2075 } 2076 2077 hdev = hci_dev_get(index); 2078 if (hdev) { 2079 hci_dev_lock_bh(hdev); 2080 update_eir(hdev); 2081 hci_dev_unlock_bh(hdev); 2082 hci_dev_put(hdev); 2083 } 2084 2085 err = cmd_complete(cmd->sk, index, MGMT_OP_SET_LOCAL_NAME, &ev, 2086 sizeof(ev)); 2087 if (err < 0) 2088 goto failed; 2089 2090 send_event: 2091 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, index, &ev, sizeof(ev), 2092 cmd ? cmd->sk : NULL); 2093 2094 failed: 2095 if (cmd) 2096 mgmt_pending_remove(cmd); 2097 return err; 2098 } 2099 2100 int mgmt_read_local_oob_data_reply_complete(u16 index, u8 *hash, u8 *randomizer, 2101 u8 status) 2102 { 2103 struct pending_cmd *cmd; 2104 int err; 2105 2106 BT_DBG("hci%u status %u", index, status); 2107 2108 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, index); 2109 if (!cmd) 2110 return -ENOENT; 2111 2112 if (status) { 2113 err = cmd_status(cmd->sk, index, MGMT_OP_READ_LOCAL_OOB_DATA, 2114 EIO); 2115 } else { 2116 struct mgmt_rp_read_local_oob_data rp; 2117 2118 memcpy(rp.hash, hash, sizeof(rp.hash)); 2119 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer)); 2120 2121 err = cmd_complete(cmd->sk, index, MGMT_OP_READ_LOCAL_OOB_DATA, 2122 &rp, sizeof(rp)); 2123 } 2124 2125 mgmt_pending_remove(cmd); 2126 2127 return err; 2128 } 2129 2130 int mgmt_device_found(u16 index, bdaddr_t *bdaddr, u8 *dev_class, s8 rssi, 2131 u8 *eir) 2132 { 2133 struct mgmt_ev_device_found ev; 2134 2135 memset(&ev, 0, sizeof(ev)); 2136 2137 bacpy(&ev.bdaddr, bdaddr); 2138 memcpy(ev.dev_class, dev_class, sizeof(ev.dev_class)); 2139 ev.rssi = rssi; 2140 2141 if (eir) 2142 memcpy(ev.eir, eir, sizeof(ev.eir)); 2143 2144 return mgmt_event(MGMT_EV_DEVICE_FOUND, index, &ev, sizeof(ev), NULL); 2145 } 2146 2147 int mgmt_remote_name(u16 index, bdaddr_t *bdaddr, u8 *name) 2148 { 2149 struct mgmt_ev_remote_name ev; 2150 2151 memset(&ev, 0, sizeof(ev)); 2152 2153 bacpy(&ev.bdaddr, bdaddr); 2154 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH); 2155 2156 return mgmt_event(MGMT_EV_REMOTE_NAME, index, &ev, sizeof(ev), NULL); 2157 } 2158 2159 int mgmt_discovering(u16 index, u8 discovering) 2160 { 2161 return mgmt_event(MGMT_EV_DISCOVERING, index, &discovering, 2162 sizeof(discovering), NULL); 2163 } 2164