2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 /* Bluetooth HCI Management interface */
25 #include <linux/uaccess.h>
26 #include <asm/unaligned.h>
28 #include <net/bluetooth/bluetooth.h>
29 #include <net/bluetooth/hci_core.h>
30 #include <net/bluetooth/mgmt.h>
32 #define MGMT_VERSION 0
33 #define MGMT_REVISION 1
35 #define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
38 struct list_head list;
46 static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
50 struct mgmt_ev_cmd_status *ev;
53 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
55 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
59 hdr = (void *) skb_put(skb, sizeof(*hdr));
61 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
62 hdr->index = cpu_to_le16(index);
63 hdr->len = cpu_to_le16(sizeof(*ev));
65 ev = (void *) skb_put(skb, sizeof(*ev));
67 put_unaligned_le16(cmd, &ev->opcode);
69 err = sock_queue_rcv_skb(sk, skb);
76 static int cmd_complete(struct sock *sk, u16 index, u16 cmd, void *rp,
81 struct mgmt_ev_cmd_complete *ev;
84 BT_DBG("sock %p", sk);
86 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
90 hdr = (void *) skb_put(skb, sizeof(*hdr));
92 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
93 hdr->index = cpu_to_le16(index);
94 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
96 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
97 put_unaligned_le16(cmd, &ev->opcode);
100 memcpy(ev->data, rp, rp_len);
102 err = sock_queue_rcv_skb(sk, skb);
109 static int read_version(struct sock *sk)
111 struct mgmt_rp_read_version rp;
113 BT_DBG("sock %p", sk);
115 rp.version = MGMT_VERSION;
116 put_unaligned_le16(MGMT_REVISION, &rp.revision);
118 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, &rp,
122 static int read_index_list(struct sock *sk)
124 struct mgmt_rp_read_index_list *rp;
131 BT_DBG("sock %p", sk);
133 read_lock(&hci_dev_list_lock);
136 list_for_each(p, &hci_dev_list) {
140 rp_len = sizeof(*rp) + (2 * count);
141 rp = kmalloc(rp_len, GFP_ATOMIC);
143 read_unlock(&hci_dev_list_lock);
147 put_unaligned_le16(count, &rp->num_controllers);
150 list_for_each_entry(d, &hci_dev_list, list) {
151 if (test_and_clear_bit(HCI_AUTO_OFF, &d->flags))
152 cancel_delayed_work_sync(&d->power_off);
154 if (test_bit(HCI_SETUP, &d->flags))
157 put_unaligned_le16(d->id, &rp->index[i++]);
158 BT_DBG("Added hci%u", d->id);
161 read_unlock(&hci_dev_list_lock);
163 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, rp,
171 static int read_controller_info(struct sock *sk, u16 index)
173 struct mgmt_rp_read_info rp;
174 struct hci_dev *hdev;
176 BT_DBG("sock %p hci%u", sk, index);
178 hdev = hci_dev_get(index);
180 return cmd_status(sk, index, MGMT_OP_READ_INFO, ENODEV);
182 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->flags))
183 cancel_delayed_work_sync(&hdev->power_off);
185 hci_dev_lock_bh(hdev);
187 set_bit(HCI_MGMT, &hdev->flags);
189 memset(&rp, 0, sizeof(rp));
191 rp.type = hdev->dev_type;
193 rp.powered = test_bit(HCI_UP, &hdev->flags);
194 rp.connectable = test_bit(HCI_PSCAN, &hdev->flags);
195 rp.discoverable = test_bit(HCI_ISCAN, &hdev->flags);
196 rp.pairable = test_bit(HCI_PSCAN, &hdev->flags);
198 if (test_bit(HCI_AUTH, &hdev->flags))
200 else if (hdev->ssp_mode > 0)
205 bacpy(&rp.bdaddr, &hdev->bdaddr);
206 memcpy(rp.features, hdev->features, 8);
207 memcpy(rp.dev_class, hdev->dev_class, 3);
208 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
209 rp.hci_ver = hdev->hci_ver;
210 put_unaligned_le16(hdev->hci_rev, &rp.hci_rev);
212 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
214 hci_dev_unlock_bh(hdev);
217 return cmd_complete(sk, index, MGMT_OP_READ_INFO, &rp, sizeof(rp));
220 static void mgmt_pending_free(struct pending_cmd *cmd)
227 static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
228 struct hci_dev *hdev,
231 struct pending_cmd *cmd;
233 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
237 cmd->opcode = opcode;
238 cmd->index = hdev->id;
240 cmd->param = kmalloc(len, GFP_ATOMIC);
247 memcpy(cmd->param, data, len);
252 list_add(&cmd->list, &hdev->mgmt_pending);
257 static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
258 void (*cb)(struct pending_cmd *cmd, void *data),
261 struct list_head *p, *n;
263 list_for_each_safe(p, n, &hdev->mgmt_pending) {
264 struct pending_cmd *cmd;
266 cmd = list_entry(p, struct pending_cmd, list);
268 if (opcode > 0 && cmd->opcode != opcode)
271 if (hdev && cmd->index != hdev->id)
278 static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
280 struct pending_cmd *cmd;
282 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
283 if (cmd->opcode != opcode)
286 if (hdev && cmd->index != hdev->id)
295 static void mgmt_pending_remove(struct pending_cmd *cmd)
297 list_del(&cmd->list);
298 mgmt_pending_free(cmd);
301 static int set_powered(struct sock *sk, u16 index, unsigned char *data, u16 len)
303 struct mgmt_mode *cp;
304 struct hci_dev *hdev;
305 struct pending_cmd *cmd;
310 BT_DBG("request for hci%u", index);
312 if (len != sizeof(*cp))
313 return cmd_status(sk, index, MGMT_OP_SET_POWERED, EINVAL);
315 hdev = hci_dev_get(index);
317 return cmd_status(sk, index, MGMT_OP_SET_POWERED, ENODEV);
319 hci_dev_lock_bh(hdev);
321 up = test_bit(HCI_UP, &hdev->flags);
322 if ((cp->val && up) || (!cp->val && !up)) {
323 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EALREADY);
327 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
328 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EBUSY);
332 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
339 queue_work(hdev->workqueue, &hdev->power_on);
341 queue_work(hdev->workqueue, &hdev->power_off.work);
346 hci_dev_unlock_bh(hdev);
351 static int set_discoverable(struct sock *sk, u16 index, unsigned char *data,
354 struct mgmt_cp_set_discoverable *cp;
355 struct hci_dev *hdev;
356 struct pending_cmd *cmd;
362 BT_DBG("request for hci%u", index);
364 if (len != sizeof(*cp))
365 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EINVAL);
367 hdev = hci_dev_get(index);
369 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENODEV);
371 hci_dev_lock_bh(hdev);
373 if (!test_bit(HCI_UP, &hdev->flags)) {
374 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENETDOWN);
378 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
379 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
380 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EBUSY);
384 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
385 test_bit(HCI_PSCAN, &hdev->flags)) {
386 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EALREADY);
390 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
399 scan |= SCAN_INQUIRY;
401 cancel_delayed_work_sync(&hdev->discov_off);
403 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
405 mgmt_pending_remove(cmd);
408 hdev->discov_timeout = get_unaligned_le16(&cp->timeout);
411 hci_dev_unlock_bh(hdev);
417 static int set_connectable(struct sock *sk, u16 index, unsigned char *data,
420 struct mgmt_mode *cp;
421 struct hci_dev *hdev;
422 struct pending_cmd *cmd;
428 BT_DBG("request for hci%u", index);
430 if (len != sizeof(*cp))
431 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EINVAL);
433 hdev = hci_dev_get(index);
435 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENODEV);
437 hci_dev_lock_bh(hdev);
439 if (!test_bit(HCI_UP, &hdev->flags)) {
440 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENETDOWN);
444 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
445 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
446 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EBUSY);
450 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
451 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EALREADY);
455 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
466 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
468 mgmt_pending_remove(cmd);
471 hci_dev_unlock_bh(hdev);
477 static int mgmt_event(u16 event, struct hci_dev *hdev, void *data,
478 u16 data_len, struct sock *skip_sk)
481 struct mgmt_hdr *hdr;
483 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
487 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL;
489 hdr = (void *) skb_put(skb, sizeof(*hdr));
490 hdr->opcode = cpu_to_le16(event);
492 hdr->index = cpu_to_le16(hdev->id);
494 hdr->index = cpu_to_le16(MGMT_INDEX_NONE);
495 hdr->len = cpu_to_le16(data_len);
498 memcpy(skb_put(skb, data_len), data, data_len);
500 hci_send_to_sock(NULL, skb, skip_sk);
506 static int send_mode_rsp(struct sock *sk, u16 opcode, u16 index, u8 val)
512 return cmd_complete(sk, index, opcode, &rp, sizeof(rp));
515 static int set_pairable(struct sock *sk, u16 index, unsigned char *data,
518 struct mgmt_mode *cp, ev;
519 struct hci_dev *hdev;
524 BT_DBG("request for hci%u", index);
526 if (len != sizeof(*cp))
527 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, EINVAL);
529 hdev = hci_dev_get(index);
531 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, ENODEV);
533 hci_dev_lock_bh(hdev);
536 set_bit(HCI_PAIRABLE, &hdev->flags);
538 clear_bit(HCI_PAIRABLE, &hdev->flags);
540 err = send_mode_rsp(sk, MGMT_OP_SET_PAIRABLE, index, cp->val);
546 err = mgmt_event(MGMT_EV_PAIRABLE, hdev, &ev, sizeof(ev), sk);
549 hci_dev_unlock_bh(hdev);
555 #define EIR_FLAGS 0x01 /* flags */
556 #define EIR_UUID16_SOME 0x02 /* 16-bit UUID, more available */
557 #define EIR_UUID16_ALL 0x03 /* 16-bit UUID, all listed */
558 #define EIR_UUID32_SOME 0x04 /* 32-bit UUID, more available */
559 #define EIR_UUID32_ALL 0x05 /* 32-bit UUID, all listed */
560 #define EIR_UUID128_SOME 0x06 /* 128-bit UUID, more available */
561 #define EIR_UUID128_ALL 0x07 /* 128-bit UUID, all listed */
562 #define EIR_NAME_SHORT 0x08 /* shortened local name */
563 #define EIR_NAME_COMPLETE 0x09 /* complete local name */
564 #define EIR_TX_POWER 0x0A /* transmit power level */
565 #define EIR_DEVICE_ID 0x10 /* device ID */
567 #define PNP_INFO_SVCLASS_ID 0x1200
569 static u8 bluetooth_base_uuid[] = {
570 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
571 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
574 static u16 get_uuid16(u8 *uuid128)
579 for (i = 0; i < 12; i++) {
580 if (bluetooth_base_uuid[i] != uuid128[i])
584 memcpy(&val, &uuid128[12], 4);
586 val = le32_to_cpu(val);
593 static void create_eir(struct hci_dev *hdev, u8 *data)
597 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
598 int i, truncated = 0;
599 struct bt_uuid *uuid;
602 name_len = strlen(hdev->dev_name);
608 ptr[1] = EIR_NAME_SHORT;
610 ptr[1] = EIR_NAME_COMPLETE;
612 /* EIR Data length */
613 ptr[0] = name_len + 1;
615 memcpy(ptr + 2, hdev->dev_name, name_len);
617 eir_len += (name_len + 2);
618 ptr += (name_len + 2);
621 memset(uuid16_list, 0, sizeof(uuid16_list));
623 /* Group all UUID16 types */
624 list_for_each_entry(uuid, &hdev->uuids, list) {
627 uuid16 = get_uuid16(uuid->uuid);
634 if (uuid16 == PNP_INFO_SVCLASS_ID)
637 /* Stop if not enough space to put next UUID */
638 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
643 /* Check for duplicates */
644 for (i = 0; uuid16_list[i] != 0; i++)
645 if (uuid16_list[i] == uuid16)
648 if (uuid16_list[i] == 0) {
649 uuid16_list[i] = uuid16;
650 eir_len += sizeof(u16);
654 if (uuid16_list[0] != 0) {
658 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
663 for (i = 0; uuid16_list[i] != 0; i++) {
664 *ptr++ = (uuid16_list[i] & 0x00ff);
665 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
668 /* EIR Data length */
669 *length = (i * sizeof(u16)) + 1;
673 static int update_eir(struct hci_dev *hdev)
675 struct hci_cp_write_eir cp;
677 if (!(hdev->features[6] & LMP_EXT_INQ))
680 if (hdev->ssp_mode == 0)
683 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
686 memset(&cp, 0, sizeof(cp));
688 create_eir(hdev, cp.data);
690 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
693 memcpy(hdev->eir, cp.data, sizeof(cp.data));
695 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
698 static u8 get_service_classes(struct hci_dev *hdev)
700 struct bt_uuid *uuid;
703 list_for_each_entry(uuid, &hdev->uuids, list)
704 val |= uuid->svc_hint;
709 static int update_class(struct hci_dev *hdev)
713 BT_DBG("%s", hdev->name);
715 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
718 cod[0] = hdev->minor_class;
719 cod[1] = hdev->major_class;
720 cod[2] = get_service_classes(hdev);
722 if (memcmp(cod, hdev->dev_class, 3) == 0)
725 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
728 static int add_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
730 struct mgmt_cp_add_uuid *cp;
731 struct hci_dev *hdev;
732 struct bt_uuid *uuid;
737 BT_DBG("request for hci%u", index);
739 if (len != sizeof(*cp))
740 return cmd_status(sk, index, MGMT_OP_ADD_UUID, EINVAL);
742 hdev = hci_dev_get(index);
744 return cmd_status(sk, index, MGMT_OP_ADD_UUID, ENODEV);
746 hci_dev_lock_bh(hdev);
748 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
754 memcpy(uuid->uuid, cp->uuid, 16);
755 uuid->svc_hint = cp->svc_hint;
757 list_add(&uuid->list, &hdev->uuids);
759 err = update_class(hdev);
763 err = update_eir(hdev);
767 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, NULL, 0);
770 hci_dev_unlock_bh(hdev);
776 static int remove_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
778 struct list_head *p, *n;
779 struct mgmt_cp_remove_uuid *cp;
780 struct hci_dev *hdev;
781 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
786 BT_DBG("request for hci%u", index);
788 if (len != sizeof(*cp))
789 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, EINVAL);
791 hdev = hci_dev_get(index);
793 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENODEV);
795 hci_dev_lock_bh(hdev);
797 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
798 err = hci_uuids_clear(hdev);
804 list_for_each_safe(p, n, &hdev->uuids) {
805 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
807 if (memcmp(match->uuid, cp->uuid, 16) != 0)
810 list_del(&match->list);
815 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENOENT);
819 err = update_class(hdev);
823 err = update_eir(hdev);
827 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, NULL, 0);
830 hci_dev_unlock_bh(hdev);
836 static int set_dev_class(struct sock *sk, u16 index, unsigned char *data,
839 struct hci_dev *hdev;
840 struct mgmt_cp_set_dev_class *cp;
845 BT_DBG("request for hci%u", index);
847 if (len != sizeof(*cp))
848 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, EINVAL);
850 hdev = hci_dev_get(index);
852 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, ENODEV);
854 hci_dev_lock_bh(hdev);
856 hdev->major_class = cp->major;
857 hdev->minor_class = cp->minor;
859 err = update_class(hdev);
862 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, NULL, 0);
864 hci_dev_unlock_bh(hdev);
870 static int set_service_cache(struct sock *sk, u16 index, unsigned char *data,
873 struct hci_dev *hdev;
874 struct mgmt_cp_set_service_cache *cp;
879 if (len != sizeof(*cp))
880 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, EINVAL);
882 hdev = hci_dev_get(index);
884 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, ENODEV);
886 hci_dev_lock_bh(hdev);
888 BT_DBG("hci%u enable %d", index, cp->enable);
891 set_bit(HCI_SERVICE_CACHE, &hdev->flags);
894 clear_bit(HCI_SERVICE_CACHE, &hdev->flags);
895 err = update_class(hdev);
897 err = update_eir(hdev);
901 err = cmd_complete(sk, index, MGMT_OP_SET_SERVICE_CACHE, NULL,
904 cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, -err);
907 hci_dev_unlock_bh(hdev);
913 static int load_link_keys(struct sock *sk, u16 index, unsigned char *data,
916 struct hci_dev *hdev;
917 struct mgmt_cp_load_link_keys *cp;
918 u16 key_count, expected_len;
923 if (len < sizeof(*cp))
924 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS, EINVAL);
926 key_count = get_unaligned_le16(&cp->key_count);
928 expected_len = sizeof(*cp) + key_count *
929 sizeof(struct mgmt_link_key_info);
930 if (expected_len != len) {
931 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
933 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS, EINVAL);
936 hdev = hci_dev_get(index);
938 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS, ENODEV);
940 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys,
943 hci_dev_lock_bh(hdev);
945 hci_link_keys_clear(hdev);
947 set_bit(HCI_LINK_KEYS, &hdev->flags);
950 set_bit(HCI_DEBUG_KEYS, &hdev->flags);
952 clear_bit(HCI_DEBUG_KEYS, &hdev->flags);
954 for (i = 0; i < key_count; i++) {
955 struct mgmt_link_key_info *key = &cp->keys[i];
957 hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type,
961 hci_dev_unlock_bh(hdev);
967 static int remove_keys(struct sock *sk, u16 index, unsigned char *data,
970 struct hci_dev *hdev;
971 struct mgmt_cp_remove_keys *cp;
972 struct hci_conn *conn;
977 if (len != sizeof(*cp))
978 return cmd_status(sk, index, MGMT_OP_REMOVE_KEYS, EINVAL);
980 hdev = hci_dev_get(index);
982 return cmd_status(sk, index, MGMT_OP_REMOVE_KEYS, ENODEV);
984 hci_dev_lock_bh(hdev);
986 err = hci_remove_link_key(hdev, &cp->bdaddr);
988 err = cmd_status(sk, index, MGMT_OP_REMOVE_KEYS, -err);
994 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect)
997 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
999 struct hci_cp_disconnect dc;
1001 put_unaligned_le16(conn->handle, &dc.handle);
1002 dc.reason = 0x13; /* Remote User Terminated Connection */
1003 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1007 hci_dev_unlock_bh(hdev);
1013 static int disconnect(struct sock *sk, u16 index, unsigned char *data, u16 len)
1015 struct hci_dev *hdev;
1016 struct mgmt_cp_disconnect *cp;
1017 struct hci_cp_disconnect dc;
1018 struct pending_cmd *cmd;
1019 struct hci_conn *conn;
1026 if (len != sizeof(*cp))
1027 return cmd_status(sk, index, MGMT_OP_DISCONNECT, EINVAL);
1029 hdev = hci_dev_get(index);
1031 return cmd_status(sk, index, MGMT_OP_DISCONNECT, ENODEV);
1033 hci_dev_lock_bh(hdev);
1035 if (!test_bit(HCI_UP, &hdev->flags)) {
1036 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENETDOWN);
1040 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
1041 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, EBUSY);
1045 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1047 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->bdaddr);
1050 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENOTCONN);
1054 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
1060 put_unaligned_le16(conn->handle, &dc.handle);
1061 dc.reason = 0x13; /* Remote User Terminated Connection */
1063 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1065 mgmt_pending_remove(cmd);
1068 hci_dev_unlock_bh(hdev);
1074 static u8 link_to_mgmt(u8 link_type)
1076 switch (link_type) {
1078 return MGMT_ADDR_LE;
1080 return MGMT_ADDR_BREDR;
1082 return MGMT_ADDR_INVALID;
1086 static int get_connections(struct sock *sk, u16 index)
1088 struct mgmt_rp_get_connections *rp;
1089 struct hci_dev *hdev;
1091 struct list_head *p;
1098 hdev = hci_dev_get(index);
1100 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS, ENODEV);
1102 hci_dev_lock_bh(hdev);
1105 list_for_each(p, &hdev->conn_hash.list) {
1109 rp_len = sizeof(*rp) + (count * sizeof(struct mgmt_addr_info));
1110 rp = kmalloc(rp_len, GFP_ATOMIC);
1116 put_unaligned_le16(count, &rp->conn_count);
1119 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1120 bacpy(&rp->addr[i].bdaddr, &c->dst);
1121 rp->addr[i].type = link_to_mgmt(c->type);
1122 if (rp->addr[i].type == MGMT_ADDR_INVALID)
1127 /* Recalculate length in case of filtered SCO connections, etc */
1128 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
1130 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, rp, rp_len);
1134 hci_dev_unlock_bh(hdev);
1139 static int send_pin_code_neg_reply(struct sock *sk, u16 index,
1140 struct hci_dev *hdev, struct mgmt_cp_pin_code_neg_reply *cp)
1142 struct pending_cmd *cmd;
1145 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
1150 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, sizeof(cp->bdaddr),
1153 mgmt_pending_remove(cmd);
1158 static int pin_code_reply(struct sock *sk, u16 index, unsigned char *data,
1161 struct hci_dev *hdev;
1162 struct hci_conn *conn;
1163 struct mgmt_cp_pin_code_reply *cp;
1164 struct mgmt_cp_pin_code_neg_reply ncp;
1165 struct hci_cp_pin_code_reply reply;
1166 struct pending_cmd *cmd;
1173 if (len != sizeof(*cp))
1174 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, EINVAL);
1176 hdev = hci_dev_get(index);
1178 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENODEV);
1180 hci_dev_lock_bh(hdev);
1182 if (!test_bit(HCI_UP, &hdev->flags)) {
1183 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENETDOWN);
1187 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1189 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENOTCONN);
1193 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
1194 bacpy(&ncp.bdaddr, &cp->bdaddr);
1196 BT_ERR("PIN code is not 16 bytes long");
1198 err = send_pin_code_neg_reply(sk, index, hdev, &ncp);
1200 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1206 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
1212 bacpy(&reply.bdaddr, &cp->bdaddr);
1213 reply.pin_len = cp->pin_len;
1214 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
1216 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1218 mgmt_pending_remove(cmd);
1221 hci_dev_unlock_bh(hdev);
1227 static int pin_code_neg_reply(struct sock *sk, u16 index, unsigned char *data,
1230 struct hci_dev *hdev;
1231 struct mgmt_cp_pin_code_neg_reply *cp;
1238 if (len != sizeof(*cp))
1239 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1242 hdev = hci_dev_get(index);
1244 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1247 hci_dev_lock_bh(hdev);
1249 if (!test_bit(HCI_UP, &hdev->flags)) {
1250 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1255 err = send_pin_code_neg_reply(sk, index, hdev, cp);
1258 hci_dev_unlock_bh(hdev);
1264 static int set_io_capability(struct sock *sk, u16 index, unsigned char *data,
1267 struct hci_dev *hdev;
1268 struct mgmt_cp_set_io_capability *cp;
1274 if (len != sizeof(*cp))
1275 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, EINVAL);
1277 hdev = hci_dev_get(index);
1279 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, ENODEV);
1281 hci_dev_lock_bh(hdev);
1283 hdev->io_capability = cp->io_capability;
1285 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
1286 hdev->io_capability);
1288 hci_dev_unlock_bh(hdev);
1291 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, NULL, 0);
1294 static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1296 struct hci_dev *hdev = conn->hdev;
1297 struct pending_cmd *cmd;
1299 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
1300 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1303 if (cmd->index != hdev->id)
1306 if (cmd->user_data != conn)
1315 static void pairing_complete(struct pending_cmd *cmd, u8 status)
1317 struct mgmt_rp_pair_device rp;
1318 struct hci_conn *conn = cmd->user_data;
1320 bacpy(&rp.bdaddr, &conn->dst);
1323 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, &rp, sizeof(rp));
1325 /* So we don't get further callbacks for this connection */
1326 conn->connect_cfm_cb = NULL;
1327 conn->security_cfm_cb = NULL;
1328 conn->disconn_cfm_cb = NULL;
1332 mgmt_pending_remove(cmd);
1335 static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1337 struct pending_cmd *cmd;
1338 struct hci_dev *hdev = conn->hdev;
1340 BT_DBG("status %u", status);
1342 hci_dev_lock_bh(hdev);
1344 cmd = find_pairing(conn);
1346 BT_DBG("Unable to find a pending command");
1348 pairing_complete(cmd, status);
1350 hci_dev_unlock_bh(hdev);
1353 static int pair_device(struct sock *sk, u16 index, unsigned char *data, u16 len)
1355 struct hci_dev *hdev;
1356 struct mgmt_cp_pair_device *cp;
1357 struct pending_cmd *cmd;
1358 struct adv_entry *entry;
1359 u8 sec_level, auth_type;
1360 struct hci_conn *conn;
1367 if (len != sizeof(*cp))
1368 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EINVAL);
1370 hdev = hci_dev_get(index);
1372 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, ENODEV);
1374 hci_dev_lock_bh(hdev);
1376 sec_level = BT_SECURITY_MEDIUM;
1377 if (cp->io_cap == 0x03)
1378 auth_type = HCI_AT_DEDICATED_BONDING;
1380 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
1382 entry = hci_find_adv_entry(hdev, &cp->bdaddr);
1384 conn = hci_connect(hdev, LE_LINK, &cp->bdaddr, sec_level,
1387 conn = hci_connect(hdev, ACL_LINK, &cp->bdaddr, sec_level,
1391 err = PTR_ERR(conn);
1395 if (conn->connect_cfm_cb) {
1397 err = cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EBUSY);
1401 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
1408 /* For LE, just connecting isn't a proof that the pairing finished */
1410 conn->connect_cfm_cb = pairing_complete_cb;
1412 conn->security_cfm_cb = pairing_complete_cb;
1413 conn->disconn_cfm_cb = pairing_complete_cb;
1414 conn->io_capability = cp->io_cap;
1415 cmd->user_data = conn;
1417 if (conn->state == BT_CONNECTED &&
1418 hci_conn_security(conn, sec_level, auth_type))
1419 pairing_complete(cmd, 0);
1424 hci_dev_unlock_bh(hdev);
1430 static int user_confirm_reply(struct sock *sk, u16 index, unsigned char *data,
1431 u16 len, int success)
1433 struct mgmt_cp_user_confirm_reply *cp = (void *) data;
1434 u16 mgmt_op, hci_op;
1435 struct pending_cmd *cmd;
1436 struct hci_dev *hdev;
1442 mgmt_op = MGMT_OP_USER_CONFIRM_REPLY;
1443 hci_op = HCI_OP_USER_CONFIRM_REPLY;
1445 mgmt_op = MGMT_OP_USER_CONFIRM_NEG_REPLY;
1446 hci_op = HCI_OP_USER_CONFIRM_NEG_REPLY;
1449 if (len != sizeof(*cp))
1450 return cmd_status(sk, index, mgmt_op, EINVAL);
1452 hdev = hci_dev_get(index);
1454 return cmd_status(sk, index, mgmt_op, ENODEV);
1456 hci_dev_lock_bh(hdev);
1458 if (!test_bit(HCI_UP, &hdev->flags)) {
1459 err = cmd_status(sk, index, mgmt_op, ENETDOWN);
1463 cmd = mgmt_pending_add(sk, mgmt_op, hdev, data, len);
1469 err = hci_send_cmd(hdev, hci_op, sizeof(cp->bdaddr), &cp->bdaddr);
1471 mgmt_pending_remove(cmd);
1474 hci_dev_unlock_bh(hdev);
1480 static int set_local_name(struct sock *sk, u16 index, unsigned char *data,
1483 struct mgmt_cp_set_local_name *mgmt_cp = (void *) data;
1484 struct hci_cp_write_local_name hci_cp;
1485 struct hci_dev *hdev;
1486 struct pending_cmd *cmd;
1491 if (len != sizeof(*mgmt_cp))
1492 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, EINVAL);
1494 hdev = hci_dev_get(index);
1496 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, ENODEV);
1498 hci_dev_lock_bh(hdev);
1500 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
1506 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name));
1507 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp),
1510 mgmt_pending_remove(cmd);
1513 hci_dev_unlock_bh(hdev);
1519 static int read_local_oob_data(struct sock *sk, u16 index)
1521 struct hci_dev *hdev;
1522 struct pending_cmd *cmd;
1525 BT_DBG("hci%u", index);
1527 hdev = hci_dev_get(index);
1529 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1532 hci_dev_lock_bh(hdev);
1534 if (!test_bit(HCI_UP, &hdev->flags)) {
1535 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1540 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
1541 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1546 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
1547 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA, EBUSY);
1551 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
1557 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
1559 mgmt_pending_remove(cmd);
1562 hci_dev_unlock_bh(hdev);
1568 static int add_remote_oob_data(struct sock *sk, u16 index, unsigned char *data,
1571 struct hci_dev *hdev;
1572 struct mgmt_cp_add_remote_oob_data *cp = (void *) data;
1575 BT_DBG("hci%u ", index);
1577 if (len != sizeof(*cp))
1578 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1581 hdev = hci_dev_get(index);
1583 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1586 hci_dev_lock_bh(hdev);
1588 err = hci_add_remote_oob_data(hdev, &cp->bdaddr, cp->hash,
1591 err = cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, -err);
1593 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, NULL,
1596 hci_dev_unlock_bh(hdev);
1602 static int remove_remote_oob_data(struct sock *sk, u16 index,
1603 unsigned char *data, u16 len)
1605 struct hci_dev *hdev;
1606 struct mgmt_cp_remove_remote_oob_data *cp = (void *) data;
1609 BT_DBG("hci%u ", index);
1611 if (len != sizeof(*cp))
1612 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1615 hdev = hci_dev_get(index);
1617 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1620 hci_dev_lock_bh(hdev);
1622 err = hci_remove_remote_oob_data(hdev, &cp->bdaddr);
1624 err = cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1627 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1630 hci_dev_unlock_bh(hdev);
1636 static int start_discovery(struct sock *sk, u16 index)
1638 struct pending_cmd *cmd;
1639 struct hci_dev *hdev;
1642 BT_DBG("hci%u", index);
1644 hdev = hci_dev_get(index);
1646 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY, ENODEV);
1648 hci_dev_lock_bh(hdev);
1650 if (!test_bit(HCI_UP, &hdev->flags)) {
1651 err = cmd_status(sk, index, MGMT_OP_START_DISCOVERY, ENETDOWN);
1655 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
1661 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
1663 mgmt_pending_remove(cmd);
1666 hci_dev_unlock_bh(hdev);
1672 static int stop_discovery(struct sock *sk, u16 index)
1674 struct hci_dev *hdev;
1675 struct pending_cmd *cmd;
1678 BT_DBG("hci%u", index);
1680 hdev = hci_dev_get(index);
1682 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY, ENODEV);
1684 hci_dev_lock_bh(hdev);
1686 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
1692 err = hci_cancel_inquiry(hdev);
1694 mgmt_pending_remove(cmd);
1697 hci_dev_unlock_bh(hdev);
1703 static int block_device(struct sock *sk, u16 index, unsigned char *data,
1706 struct hci_dev *hdev;
1707 struct mgmt_cp_block_device *cp = (void *) data;
1710 BT_DBG("hci%u", index);
1712 if (len != sizeof(*cp))
1713 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1716 hdev = hci_dev_get(index);
1718 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1721 hci_dev_lock_bh(hdev);
1723 err = hci_blacklist_add(hdev, &cp->bdaddr);
1725 err = cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE, -err);
1727 err = cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE,
1730 hci_dev_unlock_bh(hdev);
1736 static int unblock_device(struct sock *sk, u16 index, unsigned char *data,
1739 struct hci_dev *hdev;
1740 struct mgmt_cp_unblock_device *cp = (void *) data;
1743 BT_DBG("hci%u", index);
1745 if (len != sizeof(*cp))
1746 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1749 hdev = hci_dev_get(index);
1751 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1754 hci_dev_lock_bh(hdev);
1756 err = hci_blacklist_del(hdev, &cp->bdaddr);
1759 err = cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE, -err);
1761 err = cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1764 hci_dev_unlock_bh(hdev);
1770 static int set_fast_connectable(struct sock *sk, u16 index,
1771 unsigned char *data, u16 len)
1773 struct hci_dev *hdev;
1774 struct mgmt_cp_set_fast_connectable *cp = (void *) data;
1775 struct hci_cp_write_page_scan_activity acp;
1779 BT_DBG("hci%u", index);
1781 if (len != sizeof(*cp))
1782 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1785 hdev = hci_dev_get(index);
1787 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1793 type = PAGE_SCAN_TYPE_INTERLACED;
1794 acp.interval = 0x0024; /* 22.5 msec page scan interval */
1796 type = PAGE_SCAN_TYPE_STANDARD; /* default */
1797 acp.interval = 0x0800; /* default 1.28 sec page scan */
1800 acp.window = 0x0012; /* default 11.25 msec page scan window */
1802 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
1805 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1810 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
1812 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1817 err = cmd_complete(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1820 hci_dev_unlock(hdev);
1826 int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
1829 struct mgmt_hdr *hdr;
1830 u16 opcode, index, len;
1833 BT_DBG("got %zu bytes", msglen);
1835 if (msglen < sizeof(*hdr))
1838 buf = kmalloc(msglen, GFP_KERNEL);
1842 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
1847 hdr = (struct mgmt_hdr *) buf;
1848 opcode = get_unaligned_le16(&hdr->opcode);
1849 index = get_unaligned_le16(&hdr->index);
1850 len = get_unaligned_le16(&hdr->len);
1852 if (len != msglen - sizeof(*hdr)) {
1858 case MGMT_OP_READ_VERSION:
1859 err = read_version(sk);
1861 case MGMT_OP_READ_INDEX_LIST:
1862 err = read_index_list(sk);
1864 case MGMT_OP_READ_INFO:
1865 err = read_controller_info(sk, index);
1867 case MGMT_OP_SET_POWERED:
1868 err = set_powered(sk, index, buf + sizeof(*hdr), len);
1870 case MGMT_OP_SET_DISCOVERABLE:
1871 err = set_discoverable(sk, index, buf + sizeof(*hdr), len);
1873 case MGMT_OP_SET_CONNECTABLE:
1874 err = set_connectable(sk, index, buf + sizeof(*hdr), len);
1876 case MGMT_OP_SET_PAIRABLE:
1877 err = set_pairable(sk, index, buf + sizeof(*hdr), len);
1879 case MGMT_OP_ADD_UUID:
1880 err = add_uuid(sk, index, buf + sizeof(*hdr), len);
1882 case MGMT_OP_REMOVE_UUID:
1883 err = remove_uuid(sk, index, buf + sizeof(*hdr), len);
1885 case MGMT_OP_SET_DEV_CLASS:
1886 err = set_dev_class(sk, index, buf + sizeof(*hdr), len);
1888 case MGMT_OP_SET_SERVICE_CACHE:
1889 err = set_service_cache(sk, index, buf + sizeof(*hdr), len);
1891 case MGMT_OP_LOAD_LINK_KEYS:
1892 err = load_link_keys(sk, index, buf + sizeof(*hdr), len);
1894 case MGMT_OP_REMOVE_KEYS:
1895 err = remove_keys(sk, index, buf + sizeof(*hdr), len);
1897 case MGMT_OP_DISCONNECT:
1898 err = disconnect(sk, index, buf + sizeof(*hdr), len);
1900 case MGMT_OP_GET_CONNECTIONS:
1901 err = get_connections(sk, index);
1903 case MGMT_OP_PIN_CODE_REPLY:
1904 err = pin_code_reply(sk, index, buf + sizeof(*hdr), len);
1906 case MGMT_OP_PIN_CODE_NEG_REPLY:
1907 err = pin_code_neg_reply(sk, index, buf + sizeof(*hdr), len);
1909 case MGMT_OP_SET_IO_CAPABILITY:
1910 err = set_io_capability(sk, index, buf + sizeof(*hdr), len);
1912 case MGMT_OP_PAIR_DEVICE:
1913 err = pair_device(sk, index, buf + sizeof(*hdr), len);
1915 case MGMT_OP_USER_CONFIRM_REPLY:
1916 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 1);
1918 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
1919 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 0);
1921 case MGMT_OP_SET_LOCAL_NAME:
1922 err = set_local_name(sk, index, buf + sizeof(*hdr), len);
1924 case MGMT_OP_READ_LOCAL_OOB_DATA:
1925 err = read_local_oob_data(sk, index);
1927 case MGMT_OP_ADD_REMOTE_OOB_DATA:
1928 err = add_remote_oob_data(sk, index, buf + sizeof(*hdr), len);
1930 case MGMT_OP_REMOVE_REMOTE_OOB_DATA:
1931 err = remove_remote_oob_data(sk, index, buf + sizeof(*hdr),
1934 case MGMT_OP_START_DISCOVERY:
1935 err = start_discovery(sk, index);
1937 case MGMT_OP_STOP_DISCOVERY:
1938 err = stop_discovery(sk, index);
1940 case MGMT_OP_BLOCK_DEVICE:
1941 err = block_device(sk, index, buf + sizeof(*hdr), len);
1943 case MGMT_OP_UNBLOCK_DEVICE:
1944 err = unblock_device(sk, index, buf + sizeof(*hdr), len);
1946 case MGMT_OP_SET_FAST_CONNECTABLE:
1947 err = set_fast_connectable(sk, index, buf + sizeof(*hdr),
1951 BT_DBG("Unknown op %u", opcode);
1952 err = cmd_status(sk, index, opcode, 0x01);
1966 static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
1970 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
1971 mgmt_pending_remove(cmd);
1974 int mgmt_index_added(struct hci_dev *hdev)
1976 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
1979 int mgmt_index_removed(struct hci_dev *hdev)
1983 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
1985 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
1993 static void mode_rsp(struct pending_cmd *cmd, void *data)
1995 struct mgmt_mode *cp = cmd->param;
1996 struct cmd_lookup *match = data;
1998 if (cp->val != match->val)
2001 send_mode_rsp(cmd->sk, cmd->opcode, cmd->index, cp->val);
2003 list_del(&cmd->list);
2005 if (match->sk == NULL) {
2006 match->sk = cmd->sk;
2007 sock_hold(match->sk);
2010 mgmt_pending_free(cmd);
2013 int mgmt_powered(struct hci_dev *hdev, u8 powered)
2015 struct mgmt_mode ev;
2016 struct cmd_lookup match = { powered, NULL };
2019 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, mode_rsp, &match);
2022 u8 status = ENETDOWN;
2023 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
2028 ret = mgmt_event(MGMT_EV_POWERED, hdev, &ev, sizeof(ev), match.sk);
2036 int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
2038 struct mgmt_mode ev;
2039 struct cmd_lookup match = { discoverable, NULL };
2042 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, mode_rsp, &match);
2044 ev.val = discoverable;
2046 ret = mgmt_event(MGMT_EV_DISCOVERABLE, hdev, &ev, sizeof(ev),
2055 int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
2057 struct mgmt_mode ev;
2058 struct cmd_lookup match = { connectable, NULL };
2061 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, mode_rsp, &match);
2063 ev.val = connectable;
2065 ret = mgmt_event(MGMT_EV_CONNECTABLE, hdev, &ev, sizeof(ev), match.sk);
2073 int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2075 if (scan & SCAN_PAGE)
2076 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
2077 cmd_status_rsp, &status);
2079 if (scan & SCAN_INQUIRY)
2080 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
2081 cmd_status_rsp, &status);
2086 int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
2089 struct mgmt_ev_new_link_key ev;
2091 memset(&ev, 0, sizeof(ev));
2093 ev.store_hint = persistent;
2094 bacpy(&ev.key.bdaddr, &key->bdaddr);
2095 ev.key.type = key->type;
2096 memcpy(ev.key.val, key->val, 16);
2097 ev.key.pin_len = key->pin_len;
2099 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
2102 int mgmt_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type)
2104 struct mgmt_addr_info ev;
2106 bacpy(&ev.bdaddr, bdaddr);
2107 ev.type = link_to_mgmt(link_type);
2109 return mgmt_event(MGMT_EV_CONNECTED, hdev, &ev, sizeof(ev), NULL);
2112 static void disconnect_rsp(struct pending_cmd *cmd, void *data)
2114 struct mgmt_cp_disconnect *cp = cmd->param;
2115 struct sock **sk = data;
2116 struct mgmt_rp_disconnect rp;
2118 bacpy(&rp.bdaddr, &cp->bdaddr);
2120 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, &rp, sizeof(rp));
2125 mgmt_pending_remove(cmd);
2128 int mgmt_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
2130 struct mgmt_addr_info ev;
2131 struct sock *sk = NULL;
2134 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
2136 bacpy(&ev.bdaddr, bdaddr);
2137 ev.type = link_to_mgmt(type);
2139 err = mgmt_event(MGMT_EV_DISCONNECTED, hdev, &ev, sizeof(ev), sk);
2147 int mgmt_disconnect_failed(struct hci_dev *hdev)
2149 struct pending_cmd *cmd;
2152 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
2156 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_DISCONNECT, EIO);
2158 mgmt_pending_remove(cmd);
2163 int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type,
2166 struct mgmt_ev_connect_failed ev;
2168 bacpy(&ev.addr.bdaddr, bdaddr);
2169 ev.addr.type = link_to_mgmt(type);
2172 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
2175 int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
2177 struct mgmt_ev_pin_code_request ev;
2179 bacpy(&ev.bdaddr, bdaddr);
2182 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
2186 int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2189 struct pending_cmd *cmd;
2190 struct mgmt_rp_pin_code_reply rp;
2193 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
2197 bacpy(&rp.bdaddr, bdaddr);
2200 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY, &rp,
2203 mgmt_pending_remove(cmd);
2208 int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2211 struct pending_cmd *cmd;
2212 struct mgmt_rp_pin_code_reply rp;
2215 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
2219 bacpy(&rp.bdaddr, bdaddr);
2222 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY, &rp,
2225 mgmt_pending_remove(cmd);
2230 int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
2231 __le32 value, u8 confirm_hint)
2233 struct mgmt_ev_user_confirm_request ev;
2235 BT_DBG("%s", hdev->name);
2237 bacpy(&ev.bdaddr, bdaddr);
2238 ev.confirm_hint = confirm_hint;
2239 put_unaligned_le32(value, &ev.value);
2241 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
2245 static int confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2246 u8 status, u8 opcode)
2248 struct pending_cmd *cmd;
2249 struct mgmt_rp_user_confirm_reply rp;
2252 cmd = mgmt_pending_find(opcode, hdev);
2256 bacpy(&rp.bdaddr, bdaddr);
2258 err = cmd_complete(cmd->sk, hdev->id, opcode, &rp, sizeof(rp));
2260 mgmt_pending_remove(cmd);
2265 int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2268 return confirm_reply_complete(hdev, bdaddr, status,
2269 MGMT_OP_USER_CONFIRM_REPLY);
2272 int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev,
2273 bdaddr_t *bdaddr, u8 status)
2275 return confirm_reply_complete(hdev, bdaddr, status,
2276 MGMT_OP_USER_CONFIRM_NEG_REPLY);
2279 int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 status)
2281 struct mgmt_ev_auth_failed ev;
2283 bacpy(&ev.bdaddr, bdaddr);
2286 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2289 int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
2291 struct pending_cmd *cmd;
2292 struct mgmt_cp_set_local_name ev;
2295 memset(&ev, 0, sizeof(ev));
2296 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2298 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
2303 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
2310 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, &ev,
2316 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev, sizeof(ev),
2317 cmd ? cmd->sk : NULL);
2321 mgmt_pending_remove(cmd);
2325 int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
2326 u8 *randomizer, u8 status)
2328 struct pending_cmd *cmd;
2331 BT_DBG("%s status %u", hdev->name, status);
2333 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
2338 err = cmd_status(cmd->sk, hdev->id,
2339 MGMT_OP_READ_LOCAL_OOB_DATA, EIO);
2341 struct mgmt_rp_read_local_oob_data rp;
2343 memcpy(rp.hash, hash, sizeof(rp.hash));
2344 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
2346 err = cmd_complete(cmd->sk, hdev->id,
2347 MGMT_OP_READ_LOCAL_OOB_DATA,
2351 mgmt_pending_remove(cmd);
2356 int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type,
2357 u8 *dev_class, s8 rssi, u8 *eir)
2359 struct mgmt_ev_device_found ev;
2361 memset(&ev, 0, sizeof(ev));
2363 bacpy(&ev.addr.bdaddr, bdaddr);
2364 ev.addr.type = link_to_mgmt(type);
2368 memcpy(ev.eir, eir, sizeof(ev.eir));
2371 memcpy(ev.dev_class, dev_class, sizeof(ev.dev_class));
2373 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, &ev, sizeof(ev), NULL);
2376 int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 *name)
2378 struct mgmt_ev_remote_name ev;
2380 memset(&ev, 0, sizeof(ev));
2382 bacpy(&ev.bdaddr, bdaddr);
2383 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2385 return mgmt_event(MGMT_EV_REMOTE_NAME, hdev, &ev, sizeof(ev), NULL);
2388 int mgmt_inquiry_failed(struct hci_dev *hdev, u8 status)
2390 struct pending_cmd *cmd;
2393 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
2397 err = cmd_status(cmd->sk, hdev->id, cmd->opcode, status);
2398 mgmt_pending_remove(cmd);
2403 int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
2405 struct pending_cmd *cmd;
2408 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
2410 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
2413 cmd_complete(cmd->sk, hdev->id, cmd->opcode, NULL, 0);
2414 mgmt_pending_remove(cmd);
2417 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &discovering,
2418 sizeof(discovering), NULL);
2421 int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr)
2423 struct pending_cmd *cmd;
2424 struct mgmt_ev_device_blocked ev;
2426 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
2428 bacpy(&ev.bdaddr, bdaddr);
2430 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
2431 cmd ? cmd->sk : NULL);
2434 int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr)
2436 struct pending_cmd *cmd;
2437 struct mgmt_ev_device_unblocked ev;
2439 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
2441 bacpy(&ev.bdaddr, bdaddr);
2443 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
2444 cmd ? cmd->sk : NULL);
projects / linux-2.6-microblaze.git / blob