2 BlueZ - Bluetooth protocol stack for Linux
4 Copyright (C) 2014 Intel Corporation
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
24 #include <linux/sched/signal.h>
26 #include <net/bluetooth/bluetooth.h>
27 #include <net/bluetooth/hci_core.h>
28 #include <net/bluetooth/mgmt.h>
31 #include "hci_request.h"
33 #define HCI_REQ_DONE 0
34 #define HCI_REQ_PEND 1
35 #define HCI_REQ_CANCELED 2
37 void hci_req_init(struct hci_request *req, struct hci_dev *hdev)
39 skb_queue_head_init(&req->cmd_q);
44 void hci_req_purge(struct hci_request *req)
46 skb_queue_purge(&req->cmd_q);
49 bool hci_req_status_pend(struct hci_dev *hdev)
51 return hdev->req_status == HCI_REQ_PEND;
54 static int req_run(struct hci_request *req, hci_req_complete_t complete,
55 hci_req_complete_skb_t complete_skb)
57 struct hci_dev *hdev = req->hdev;
61 BT_DBG("length %u", skb_queue_len(&req->cmd_q));
63 /* If an error occurred during request building, remove all HCI
64 * commands queued on the HCI request queue.
67 skb_queue_purge(&req->cmd_q);
71 /* Do not allow empty requests */
72 if (skb_queue_empty(&req->cmd_q))
75 skb = skb_peek_tail(&req->cmd_q);
77 bt_cb(skb)->hci.req_complete = complete;
78 } else if (complete_skb) {
79 bt_cb(skb)->hci.req_complete_skb = complete_skb;
80 bt_cb(skb)->hci.req_flags |= HCI_REQ_SKB;
83 spin_lock_irqsave(&hdev->cmd_q.lock, flags);
84 skb_queue_splice_tail(&req->cmd_q, &hdev->cmd_q);
85 spin_unlock_irqrestore(&hdev->cmd_q.lock, flags);
87 queue_work(hdev->workqueue, &hdev->cmd_work);
92 int hci_req_run(struct hci_request *req, hci_req_complete_t complete)
94 return req_run(req, complete, NULL);
97 int hci_req_run_skb(struct hci_request *req, hci_req_complete_skb_t complete)
99 return req_run(req, NULL, complete);
102 static void hci_req_sync_complete(struct hci_dev *hdev, u8 result, u16 opcode,
105 BT_DBG("%s result 0x%2.2x", hdev->name, result);
107 if (hdev->req_status == HCI_REQ_PEND) {
108 hdev->req_result = result;
109 hdev->req_status = HCI_REQ_DONE;
111 hdev->req_skb = skb_get(skb);
112 wake_up_interruptible(&hdev->req_wait_q);
116 void hci_req_sync_cancel(struct hci_dev *hdev, int err)
118 BT_DBG("%s err 0x%2.2x", hdev->name, err);
120 if (hdev->req_status == HCI_REQ_PEND) {
121 hdev->req_result = err;
122 hdev->req_status = HCI_REQ_CANCELED;
123 wake_up_interruptible(&hdev->req_wait_q);
127 struct sk_buff *__hci_cmd_sync_ev(struct hci_dev *hdev, u16 opcode, u32 plen,
128 const void *param, u8 event, u32 timeout)
130 struct hci_request req;
134 BT_DBG("%s", hdev->name);
136 hci_req_init(&req, hdev);
138 hci_req_add_ev(&req, opcode, plen, param, event);
140 hdev->req_status = HCI_REQ_PEND;
142 err = hci_req_run_skb(&req, hci_req_sync_complete);
146 err = wait_event_interruptible_timeout(hdev->req_wait_q,
147 hdev->req_status != HCI_REQ_PEND, timeout);
149 if (err == -ERESTARTSYS)
150 return ERR_PTR(-EINTR);
152 switch (hdev->req_status) {
154 err = -bt_to_errno(hdev->req_result);
157 case HCI_REQ_CANCELED:
158 err = -hdev->req_result;
166 hdev->req_status = hdev->req_result = 0;
168 hdev->req_skb = NULL;
170 BT_DBG("%s end: err %d", hdev->name, err);
178 return ERR_PTR(-ENODATA);
182 EXPORT_SYMBOL(__hci_cmd_sync_ev);
184 struct sk_buff *__hci_cmd_sync(struct hci_dev *hdev, u16 opcode, u32 plen,
185 const void *param, u32 timeout)
187 return __hci_cmd_sync_ev(hdev, opcode, plen, param, 0, timeout);
189 EXPORT_SYMBOL(__hci_cmd_sync);
191 /* Execute request and wait for completion. */
192 int __hci_req_sync(struct hci_dev *hdev, int (*func)(struct hci_request *req,
194 unsigned long opt, u32 timeout, u8 *hci_status)
196 struct hci_request req;
199 BT_DBG("%s start", hdev->name);
201 hci_req_init(&req, hdev);
203 hdev->req_status = HCI_REQ_PEND;
205 err = func(&req, opt);
208 *hci_status = HCI_ERROR_UNSPECIFIED;
212 err = hci_req_run_skb(&req, hci_req_sync_complete);
214 hdev->req_status = 0;
216 /* ENODATA means the HCI request command queue is empty.
217 * This can happen when a request with conditionals doesn't
218 * trigger any commands to be sent. This is normal behavior
219 * and should not trigger an error return.
221 if (err == -ENODATA) {
228 *hci_status = HCI_ERROR_UNSPECIFIED;
233 err = wait_event_interruptible_timeout(hdev->req_wait_q,
234 hdev->req_status != HCI_REQ_PEND, timeout);
236 if (err == -ERESTARTSYS)
239 switch (hdev->req_status) {
241 err = -bt_to_errno(hdev->req_result);
243 *hci_status = hdev->req_result;
246 case HCI_REQ_CANCELED:
247 err = -hdev->req_result;
249 *hci_status = HCI_ERROR_UNSPECIFIED;
255 *hci_status = HCI_ERROR_UNSPECIFIED;
259 kfree_skb(hdev->req_skb);
260 hdev->req_skb = NULL;
261 hdev->req_status = hdev->req_result = 0;
263 BT_DBG("%s end: err %d", hdev->name, err);
268 int hci_req_sync(struct hci_dev *hdev, int (*req)(struct hci_request *req,
270 unsigned long opt, u32 timeout, u8 *hci_status)
274 if (!test_bit(HCI_UP, &hdev->flags))
277 /* Serialize all requests */
278 hci_req_sync_lock(hdev);
279 ret = __hci_req_sync(hdev, req, opt, timeout, hci_status);
280 hci_req_sync_unlock(hdev);
285 struct sk_buff *hci_prepare_cmd(struct hci_dev *hdev, u16 opcode, u32 plen,
288 int len = HCI_COMMAND_HDR_SIZE + plen;
289 struct hci_command_hdr *hdr;
292 skb = bt_skb_alloc(len, GFP_ATOMIC);
296 hdr = skb_put(skb, HCI_COMMAND_HDR_SIZE);
297 hdr->opcode = cpu_to_le16(opcode);
301 skb_put_data(skb, param, plen);
303 BT_DBG("skb len %d", skb->len);
305 hci_skb_pkt_type(skb) = HCI_COMMAND_PKT;
306 hci_skb_opcode(skb) = opcode;
311 /* Queue a command to an asynchronous HCI request */
312 void hci_req_add_ev(struct hci_request *req, u16 opcode, u32 plen,
313 const void *param, u8 event)
315 struct hci_dev *hdev = req->hdev;
318 BT_DBG("%s opcode 0x%4.4x plen %d", hdev->name, opcode, plen);
320 /* If an error occurred during request building, there is no point in
321 * queueing the HCI command. We can simply return.
326 skb = hci_prepare_cmd(hdev, opcode, plen, param);
328 bt_dev_err(hdev, "no memory for command (opcode 0x%4.4x)",
334 if (skb_queue_empty(&req->cmd_q))
335 bt_cb(skb)->hci.req_flags |= HCI_REQ_START;
337 bt_cb(skb)->hci.req_event = event;
339 skb_queue_tail(&req->cmd_q, skb);
342 void hci_req_add(struct hci_request *req, u16 opcode, u32 plen,
345 hci_req_add_ev(req, opcode, plen, param, 0);
348 void __hci_req_write_fast_connectable(struct hci_request *req, bool enable)
350 struct hci_dev *hdev = req->hdev;
351 struct hci_cp_write_page_scan_activity acp;
354 if (!hci_dev_test_flag(hdev, HCI_BREDR_ENABLED))
357 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
361 type = PAGE_SCAN_TYPE_INTERLACED;
363 /* 160 msec page scan interval */
364 acp.interval = cpu_to_le16(0x0100);
366 type = hdev->def_page_scan_type;
367 acp.interval = cpu_to_le16(hdev->def_page_scan_int);
370 acp.window = cpu_to_le16(hdev->def_page_scan_window);
372 if (__cpu_to_le16(hdev->page_scan_interval) != acp.interval ||
373 __cpu_to_le16(hdev->page_scan_window) != acp.window)
374 hci_req_add(req, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
377 if (hdev->page_scan_type != type)
378 hci_req_add(req, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
381 /* This function controls the background scanning based on hdev->pend_le_conns
382 * list. If there are pending LE connection we start the background scanning,
383 * otherwise we stop it.
385 * This function requires the caller holds hdev->lock.
387 static void __hci_update_background_scan(struct hci_request *req)
389 struct hci_dev *hdev = req->hdev;
391 if (!test_bit(HCI_UP, &hdev->flags) ||
392 test_bit(HCI_INIT, &hdev->flags) ||
393 hci_dev_test_flag(hdev, HCI_SETUP) ||
394 hci_dev_test_flag(hdev, HCI_CONFIG) ||
395 hci_dev_test_flag(hdev, HCI_AUTO_OFF) ||
396 hci_dev_test_flag(hdev, HCI_UNREGISTER))
399 /* No point in doing scanning if LE support hasn't been enabled */
400 if (!hci_dev_test_flag(hdev, HCI_LE_ENABLED))
403 /* If discovery is active don't interfere with it */
404 if (hdev->discovery.state != DISCOVERY_STOPPED)
407 /* Reset RSSI and UUID filters when starting background scanning
408 * since these filters are meant for service discovery only.
410 * The Start Discovery and Start Service Discovery operations
411 * ensure to set proper values for RSSI threshold and UUID
412 * filter list. So it is safe to just reset them here.
414 hci_discovery_filter_clear(hdev);
416 BT_DBG("%s ADV monitoring is %s", hdev->name,
417 hci_is_adv_monitoring(hdev) ? "on" : "off");
419 if (list_empty(&hdev->pend_le_conns) &&
420 list_empty(&hdev->pend_le_reports) &&
421 !hci_is_adv_monitoring(hdev)) {
422 /* If there is no pending LE connections or devices
423 * to be scanned for or no ADV monitors, we should stop the
424 * background scanning.
427 /* If controller is not scanning we are done. */
428 if (!hci_dev_test_flag(hdev, HCI_LE_SCAN))
431 hci_req_add_le_scan_disable(req, false);
433 BT_DBG("%s stopping background scanning", hdev->name);
435 /* If there is at least one pending LE connection, we should
436 * keep the background scan running.
439 /* If controller is connecting, we should not start scanning
440 * since some controllers are not able to scan and connect at
443 if (hci_lookup_le_connect(hdev))
446 /* If controller is currently scanning, we stop it to ensure we
447 * don't miss any advertising (due to duplicates filter).
449 if (hci_dev_test_flag(hdev, HCI_LE_SCAN))
450 hci_req_add_le_scan_disable(req, false);
452 hci_req_add_le_passive_scan(req);
454 BT_DBG("%s starting background scanning", hdev->name);
458 void __hci_req_update_name(struct hci_request *req)
460 struct hci_dev *hdev = req->hdev;
461 struct hci_cp_write_local_name cp;
463 memcpy(cp.name, hdev->dev_name, sizeof(cp.name));
465 hci_req_add(req, HCI_OP_WRITE_LOCAL_NAME, sizeof(cp), &cp);
468 #define PNP_INFO_SVCLASS_ID 0x1200
470 static u8 *create_uuid16_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len)
472 u8 *ptr = data, *uuids_start = NULL;
473 struct bt_uuid *uuid;
478 list_for_each_entry(uuid, &hdev->uuids, list) {
481 if (uuid->size != 16)
484 uuid16 = get_unaligned_le16(&uuid->uuid[12]);
488 if (uuid16 == PNP_INFO_SVCLASS_ID)
494 uuids_start[1] = EIR_UUID16_ALL;
498 /* Stop if not enough space to put next UUID */
499 if ((ptr - data) + sizeof(u16) > len) {
500 uuids_start[1] = EIR_UUID16_SOME;
504 *ptr++ = (uuid16 & 0x00ff);
505 *ptr++ = (uuid16 & 0xff00) >> 8;
506 uuids_start[0] += sizeof(uuid16);
512 static u8 *create_uuid32_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len)
514 u8 *ptr = data, *uuids_start = NULL;
515 struct bt_uuid *uuid;
520 list_for_each_entry(uuid, &hdev->uuids, list) {
521 if (uuid->size != 32)
527 uuids_start[1] = EIR_UUID32_ALL;
531 /* Stop if not enough space to put next UUID */
532 if ((ptr - data) + sizeof(u32) > len) {
533 uuids_start[1] = EIR_UUID32_SOME;
537 memcpy(ptr, &uuid->uuid[12], sizeof(u32));
539 uuids_start[0] += sizeof(u32);
545 static u8 *create_uuid128_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len)
547 u8 *ptr = data, *uuids_start = NULL;
548 struct bt_uuid *uuid;
553 list_for_each_entry(uuid, &hdev->uuids, list) {
554 if (uuid->size != 128)
560 uuids_start[1] = EIR_UUID128_ALL;
564 /* Stop if not enough space to put next UUID */
565 if ((ptr - data) + 16 > len) {
566 uuids_start[1] = EIR_UUID128_SOME;
570 memcpy(ptr, uuid->uuid, 16);
572 uuids_start[0] += 16;
578 static void create_eir(struct hci_dev *hdev, u8 *data)
583 name_len = strlen(hdev->dev_name);
589 ptr[1] = EIR_NAME_SHORT;
591 ptr[1] = EIR_NAME_COMPLETE;
593 /* EIR Data length */
594 ptr[0] = name_len + 1;
596 memcpy(ptr + 2, hdev->dev_name, name_len);
598 ptr += (name_len + 2);
601 if (hdev->inq_tx_power != HCI_TX_POWER_INVALID) {
603 ptr[1] = EIR_TX_POWER;
604 ptr[2] = (u8) hdev->inq_tx_power;
609 if (hdev->devid_source > 0) {
611 ptr[1] = EIR_DEVICE_ID;
613 put_unaligned_le16(hdev->devid_source, ptr + 2);
614 put_unaligned_le16(hdev->devid_vendor, ptr + 4);
615 put_unaligned_le16(hdev->devid_product, ptr + 6);
616 put_unaligned_le16(hdev->devid_version, ptr + 8);
621 ptr = create_uuid16_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data));
622 ptr = create_uuid32_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data));
623 ptr = create_uuid128_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data));
626 void __hci_req_update_eir(struct hci_request *req)
628 struct hci_dev *hdev = req->hdev;
629 struct hci_cp_write_eir cp;
631 if (!hdev_is_powered(hdev))
634 if (!lmp_ext_inq_capable(hdev))
637 if (!hci_dev_test_flag(hdev, HCI_SSP_ENABLED))
640 if (hci_dev_test_flag(hdev, HCI_SERVICE_CACHE))
643 memset(&cp, 0, sizeof(cp));
645 create_eir(hdev, cp.data);
647 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
650 memcpy(hdev->eir, cp.data, sizeof(cp.data));
652 hci_req_add(req, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
655 void hci_req_add_le_scan_disable(struct hci_request *req, bool rpa_le_conn)
657 struct hci_dev *hdev = req->hdev;
659 if (hdev->scanning_paused) {
660 bt_dev_dbg(hdev, "Scanning is paused for suspend");
664 if (use_ext_scan(hdev)) {
665 struct hci_cp_le_set_ext_scan_enable cp;
667 memset(&cp, 0, sizeof(cp));
668 cp.enable = LE_SCAN_DISABLE;
669 hci_req_add(req, HCI_OP_LE_SET_EXT_SCAN_ENABLE, sizeof(cp),
672 struct hci_cp_le_set_scan_enable cp;
674 memset(&cp, 0, sizeof(cp));
675 cp.enable = LE_SCAN_DISABLE;
676 hci_req_add(req, HCI_OP_LE_SET_SCAN_ENABLE, sizeof(cp), &cp);
679 /* Disable address resolution */
680 if (use_ll_privacy(hdev) &&
681 hci_dev_test_flag(hdev, HCI_ENABLE_LL_PRIVACY) &&
682 hci_dev_test_flag(hdev, HCI_LL_RPA_RESOLUTION) && !rpa_le_conn) {
685 hci_req_add(req, HCI_OP_LE_SET_ADDR_RESOLV_ENABLE, 1, &enable);
689 static void del_from_white_list(struct hci_request *req, bdaddr_t *bdaddr,
692 struct hci_cp_le_del_from_white_list cp;
694 cp.bdaddr_type = bdaddr_type;
695 bacpy(&cp.bdaddr, bdaddr);
697 bt_dev_dbg(req->hdev, "Remove %pMR (0x%x) from whitelist", &cp.bdaddr,
699 hci_req_add(req, HCI_OP_LE_DEL_FROM_WHITE_LIST, sizeof(cp), &cp);
701 if (use_ll_privacy(req->hdev)) {
704 irk = hci_find_irk_by_addr(req->hdev, bdaddr, bdaddr_type);
706 struct hci_cp_le_del_from_resolv_list cp;
708 cp.bdaddr_type = bdaddr_type;
709 bacpy(&cp.bdaddr, bdaddr);
711 hci_req_add(req, HCI_OP_LE_DEL_FROM_RESOLV_LIST,
717 /* Adds connection to white list if needed. On error, returns -1. */
718 static int add_to_white_list(struct hci_request *req,
719 struct hci_conn_params *params, u8 *num_entries,
722 struct hci_cp_le_add_to_white_list cp;
723 struct hci_dev *hdev = req->hdev;
725 /* Already in white list */
726 if (hci_bdaddr_list_lookup(&hdev->le_white_list, ¶ms->addr,
730 /* Select filter policy to accept all advertising */
731 if (*num_entries >= hdev->le_white_list_size)
734 /* White list can not be used with RPAs */
735 if (!allow_rpa && !use_ll_privacy(hdev) &&
736 hci_find_irk_by_addr(hdev, ¶ms->addr, params->addr_type)) {
740 /* During suspend, only wakeable devices can be in whitelist */
741 if (hdev->suspended && !hci_conn_test_flag(HCI_CONN_FLAG_REMOTE_WAKEUP,
742 params->current_flags))
746 cp.bdaddr_type = params->addr_type;
747 bacpy(&cp.bdaddr, ¶ms->addr);
749 bt_dev_dbg(hdev, "Add %pMR (0x%x) to whitelist", &cp.bdaddr,
751 hci_req_add(req, HCI_OP_LE_ADD_TO_WHITE_LIST, sizeof(cp), &cp);
753 if (use_ll_privacy(hdev)) {
756 irk = hci_find_irk_by_addr(hdev, ¶ms->addr,
759 struct hci_cp_le_add_to_resolv_list cp;
761 cp.bdaddr_type = params->addr_type;
762 bacpy(&cp.bdaddr, ¶ms->addr);
763 memcpy(cp.peer_irk, irk->val, 16);
765 if (hci_dev_test_flag(hdev, HCI_PRIVACY))
766 memcpy(cp.local_irk, hdev->irk, 16);
768 memset(cp.local_irk, 0, 16);
770 hci_req_add(req, HCI_OP_LE_ADD_TO_RESOLV_LIST,
778 static u8 update_white_list(struct hci_request *req)
780 struct hci_dev *hdev = req->hdev;
781 struct hci_conn_params *params;
782 struct bdaddr_list *b;
784 bool pend_conn, pend_report;
785 /* We allow whitelisting even with RPAs in suspend. In the worst case,
786 * we won't be able to wake from devices that use the privacy1.2
787 * features. Additionally, once we support privacy1.2 and IRK
788 * offloading, we can update this to also check for those conditions.
790 bool allow_rpa = hdev->suspended;
792 /* Go through the current white list programmed into the
793 * controller one by one and check if that address is still
794 * in the list of pending connections or list of devices to
795 * report. If not present in either list, then queue the
796 * command to remove it from the controller.
798 list_for_each_entry(b, &hdev->le_white_list, list) {
799 pend_conn = hci_pend_le_action_lookup(&hdev->pend_le_conns,
802 pend_report = hci_pend_le_action_lookup(&hdev->pend_le_reports,
806 /* If the device is not likely to connect or report,
807 * remove it from the whitelist.
809 if (!pend_conn && !pend_report) {
810 del_from_white_list(req, &b->bdaddr, b->bdaddr_type);
814 /* White list can not be used with RPAs */
815 if (!allow_rpa && !use_ll_privacy(hdev) &&
816 hci_find_irk_by_addr(hdev, &b->bdaddr, b->bdaddr_type)) {
823 /* Since all no longer valid white list entries have been
824 * removed, walk through the list of pending connections
825 * and ensure that any new device gets programmed into
828 * If the list of the devices is larger than the list of
829 * available white list entries in the controller, then
830 * just abort and return filer policy value to not use the
833 list_for_each_entry(params, &hdev->pend_le_conns, action) {
834 if (add_to_white_list(req, params, &num_entries, allow_rpa))
838 /* After adding all new pending connections, walk through
839 * the list of pending reports and also add these to the
840 * white list if there is still space. Abort if space runs out.
842 list_for_each_entry(params, &hdev->pend_le_reports, action) {
843 if (add_to_white_list(req, params, &num_entries, allow_rpa))
847 /* Once the controller offloading of advertisement monitor is in place,
848 * the if condition should include the support of MSFT extension
849 * support. If suspend is ongoing, whitelist should be the default to
850 * prevent waking by random advertisements.
852 if (!idr_is_empty(&hdev->adv_monitors_idr) && !hdev->suspended)
855 /* Select filter policy to use white list */
859 static bool scan_use_rpa(struct hci_dev *hdev)
861 return hci_dev_test_flag(hdev, HCI_PRIVACY);
864 static void hci_req_start_scan(struct hci_request *req, u8 type, u16 interval,
865 u16 window, u8 own_addr_type, u8 filter_policy,
868 struct hci_dev *hdev = req->hdev;
870 if (hdev->scanning_paused) {
871 bt_dev_dbg(hdev, "Scanning is paused for suspend");
875 if (use_ll_privacy(hdev) &&
876 hci_dev_test_flag(hdev, HCI_ENABLE_LL_PRIVACY) &&
880 hci_req_add(req, HCI_OP_LE_SET_ADDR_RESOLV_ENABLE, 1, &enable);
883 /* Use ext scanning if set ext scan param and ext scan enable is
886 if (use_ext_scan(hdev)) {
887 struct hci_cp_le_set_ext_scan_params *ext_param_cp;
888 struct hci_cp_le_set_ext_scan_enable ext_enable_cp;
889 struct hci_cp_le_scan_phy_params *phy_params;
890 u8 data[sizeof(*ext_param_cp) + sizeof(*phy_params) * 2];
893 ext_param_cp = (void *)data;
894 phy_params = (void *)ext_param_cp->data;
896 memset(ext_param_cp, 0, sizeof(*ext_param_cp));
897 ext_param_cp->own_addr_type = own_addr_type;
898 ext_param_cp->filter_policy = filter_policy;
900 plen = sizeof(*ext_param_cp);
902 if (scan_1m(hdev) || scan_2m(hdev)) {
903 ext_param_cp->scanning_phys |= LE_SCAN_PHY_1M;
905 memset(phy_params, 0, sizeof(*phy_params));
906 phy_params->type = type;
907 phy_params->interval = cpu_to_le16(interval);
908 phy_params->window = cpu_to_le16(window);
910 plen += sizeof(*phy_params);
914 if (scan_coded(hdev)) {
915 ext_param_cp->scanning_phys |= LE_SCAN_PHY_CODED;
917 memset(phy_params, 0, sizeof(*phy_params));
918 phy_params->type = type;
919 phy_params->interval = cpu_to_le16(interval);
920 phy_params->window = cpu_to_le16(window);
922 plen += sizeof(*phy_params);
926 hci_req_add(req, HCI_OP_LE_SET_EXT_SCAN_PARAMS,
929 memset(&ext_enable_cp, 0, sizeof(ext_enable_cp));
930 ext_enable_cp.enable = LE_SCAN_ENABLE;
931 ext_enable_cp.filter_dup = LE_SCAN_FILTER_DUP_ENABLE;
933 hci_req_add(req, HCI_OP_LE_SET_EXT_SCAN_ENABLE,
934 sizeof(ext_enable_cp), &ext_enable_cp);
936 struct hci_cp_le_set_scan_param param_cp;
937 struct hci_cp_le_set_scan_enable enable_cp;
939 memset(¶m_cp, 0, sizeof(param_cp));
940 param_cp.type = type;
941 param_cp.interval = cpu_to_le16(interval);
942 param_cp.window = cpu_to_le16(window);
943 param_cp.own_address_type = own_addr_type;
944 param_cp.filter_policy = filter_policy;
945 hci_req_add(req, HCI_OP_LE_SET_SCAN_PARAM, sizeof(param_cp),
948 memset(&enable_cp, 0, sizeof(enable_cp));
949 enable_cp.enable = LE_SCAN_ENABLE;
950 enable_cp.filter_dup = LE_SCAN_FILTER_DUP_ENABLE;
951 hci_req_add(req, HCI_OP_LE_SET_SCAN_ENABLE, sizeof(enable_cp),
956 /* Returns true if an le connection is in the scanning state */
957 static inline bool hci_is_le_conn_scanning(struct hci_dev *hdev)
959 struct hci_conn_hash *h = &hdev->conn_hash;
964 list_for_each_entry_rcu(c, &h->list, list) {
965 if (c->type == LE_LINK && c->state == BT_CONNECT &&
966 test_bit(HCI_CONN_SCANNING, &c->flags)) {
977 /* Ensure to call hci_req_add_le_scan_disable() first to disable the
978 * controller based address resolution to be able to reconfigure
981 void hci_req_add_le_passive_scan(struct hci_request *req)
983 struct hci_dev *hdev = req->hdev;
986 u16 window, interval;
987 /* Background scanning should run with address resolution */
988 bool addr_resolv = true;
990 if (hdev->scanning_paused) {
991 bt_dev_dbg(hdev, "Scanning is paused for suspend");
995 /* Set require_privacy to false since no SCAN_REQ are send
996 * during passive scanning. Not using an non-resolvable address
997 * here is important so that peer devices using direct
998 * advertising with our address will be correctly reported
1001 if (hci_update_random_address(req, false, scan_use_rpa(hdev),
1005 /* Adding or removing entries from the white list must
1006 * happen before enabling scanning. The controller does
1007 * not allow white list modification while scanning.
1009 filter_policy = update_white_list(req);
1011 /* When the controller is using random resolvable addresses and
1012 * with that having LE privacy enabled, then controllers with
1013 * Extended Scanner Filter Policies support can now enable support
1014 * for handling directed advertising.
1016 * So instead of using filter polices 0x00 (no whitelist)
1017 * and 0x01 (whitelist enabled) use the new filter policies
1018 * 0x02 (no whitelist) and 0x03 (whitelist enabled).
1020 if (hci_dev_test_flag(hdev, HCI_PRIVACY) &&
1021 (hdev->le_features[0] & HCI_LE_EXT_SCAN_POLICY))
1022 filter_policy |= 0x02;
1024 if (hdev->suspended) {
1025 window = hdev->le_scan_window_suspend;
1026 interval = hdev->le_scan_int_suspend;
1027 } else if (hci_is_le_conn_scanning(hdev)) {
1028 window = hdev->le_scan_window_connect;
1029 interval = hdev->le_scan_int_connect;
1030 } else if (hci_is_adv_monitoring(hdev)) {
1031 window = hdev->le_scan_window_adv_monitor;
1032 interval = hdev->le_scan_int_adv_monitor;
1034 window = hdev->le_scan_window;
1035 interval = hdev->le_scan_interval;
1038 bt_dev_dbg(hdev, "LE passive scan with whitelist = %d", filter_policy);
1039 hci_req_start_scan(req, LE_SCAN_PASSIVE, interval, window,
1040 own_addr_type, filter_policy, addr_resolv);
1043 static u8 get_adv_instance_scan_rsp_len(struct hci_dev *hdev, u8 instance)
1045 struct adv_info *adv_instance;
1047 /* Instance 0x00 always set local name */
1048 if (instance == 0x00)
1051 adv_instance = hci_find_adv_instance(hdev, instance);
1055 /* TODO: Take into account the "appearance" and "local-name" flags here.
1056 * These are currently being ignored as they are not supported.
1058 return adv_instance->scan_rsp_len;
1061 static void hci_req_clear_event_filter(struct hci_request *req)
1063 struct hci_cp_set_event_filter f;
1065 memset(&f, 0, sizeof(f));
1066 f.flt_type = HCI_FLT_CLEAR_ALL;
1067 hci_req_add(req, HCI_OP_SET_EVENT_FLT, 1, &f);
1069 /* Update page scan state (since we may have modified it when setting
1070 * the event filter).
1072 __hci_req_update_scan(req);
1075 static void hci_req_set_event_filter(struct hci_request *req)
1077 struct bdaddr_list_with_flags *b;
1078 struct hci_cp_set_event_filter f;
1079 struct hci_dev *hdev = req->hdev;
1080 u8 scan = SCAN_DISABLED;
1082 /* Always clear event filter when starting */
1083 hci_req_clear_event_filter(req);
1085 list_for_each_entry(b, &hdev->whitelist, list) {
1086 if (!hci_conn_test_flag(HCI_CONN_FLAG_REMOTE_WAKEUP,
1090 memset(&f, 0, sizeof(f));
1091 bacpy(&f.addr_conn_flt.bdaddr, &b->bdaddr);
1092 f.flt_type = HCI_FLT_CONN_SETUP;
1093 f.cond_type = HCI_CONN_SETUP_ALLOW_BDADDR;
1094 f.addr_conn_flt.auto_accept = HCI_CONN_SETUP_AUTO_ON;
1096 bt_dev_dbg(hdev, "Adding event filters for %pMR", &b->bdaddr);
1097 hci_req_add(req, HCI_OP_SET_EVENT_FLT, sizeof(f), &f);
1101 hci_req_add(req, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1104 static void hci_req_config_le_suspend_scan(struct hci_request *req)
1106 /* Before changing params disable scan if enabled */
1107 if (hci_dev_test_flag(req->hdev, HCI_LE_SCAN))
1108 hci_req_add_le_scan_disable(req, false);
1110 /* Configure params and enable scanning */
1111 hci_req_add_le_passive_scan(req);
1113 /* Block suspend notifier on response */
1114 set_bit(SUSPEND_SCAN_ENABLE, req->hdev->suspend_tasks);
1117 static void cancel_adv_timeout(struct hci_dev *hdev)
1119 if (hdev->adv_instance_timeout) {
1120 hdev->adv_instance_timeout = 0;
1121 cancel_delayed_work(&hdev->adv_instance_expire);
1125 /* This function requires the caller holds hdev->lock */
1126 static void hci_suspend_adv_instances(struct hci_request *req)
1128 bt_dev_dbg(req->hdev, "Suspending advertising instances");
1130 /* Call to disable any advertisements active on the controller.
1131 * This will succeed even if no advertisements are configured.
1133 __hci_req_disable_advertising(req);
1135 /* If we are using software rotation, pause the loop */
1136 if (!ext_adv_capable(req->hdev))
1137 cancel_adv_timeout(req->hdev);
1140 /* This function requires the caller holds hdev->lock */
1141 static void hci_resume_adv_instances(struct hci_request *req)
1143 struct adv_info *adv;
1145 bt_dev_dbg(req->hdev, "Resuming advertising instances");
1147 if (ext_adv_capable(req->hdev)) {
1148 /* Call for each tracked instance to be re-enabled */
1149 list_for_each_entry(adv, &req->hdev->adv_instances, list) {
1150 __hci_req_enable_ext_advertising(req,
1155 /* Schedule for most recent instance to be restarted and begin
1156 * the software rotation loop
1158 __hci_req_schedule_adv_instance(req,
1159 req->hdev->cur_adv_instance,
1164 static void suspend_req_complete(struct hci_dev *hdev, u8 status, u16 opcode)
1166 bt_dev_dbg(hdev, "Request complete opcode=0x%x, status=0x%x", opcode,
1168 if (test_and_clear_bit(SUSPEND_SCAN_ENABLE, hdev->suspend_tasks) ||
1169 test_and_clear_bit(SUSPEND_SCAN_DISABLE, hdev->suspend_tasks)) {
1170 wake_up(&hdev->suspend_wait_q);
1174 /* Call with hci_dev_lock */
1175 void hci_req_prepare_suspend(struct hci_dev *hdev, enum suspended_state next)
1178 struct hci_conn *conn;
1179 struct hci_request req;
1181 int disconnect_counter;
1183 if (next == hdev->suspend_state) {
1184 bt_dev_dbg(hdev, "Same state before and after: %d", next);
1188 hdev->suspend_state = next;
1189 hci_req_init(&req, hdev);
1191 if (next == BT_SUSPEND_DISCONNECT) {
1192 /* Mark device as suspended */
1193 hdev->suspended = true;
1195 /* Pause discovery if not already stopped */
1196 old_state = hdev->discovery.state;
1197 if (old_state != DISCOVERY_STOPPED) {
1198 set_bit(SUSPEND_PAUSE_DISCOVERY, hdev->suspend_tasks);
1199 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
1200 queue_work(hdev->req_workqueue, &hdev->discov_update);
1203 hdev->discovery_paused = true;
1204 hdev->discovery_old_state = old_state;
1206 /* Stop directed advertising */
1207 old_state = hci_dev_test_flag(hdev, HCI_ADVERTISING);
1209 set_bit(SUSPEND_PAUSE_ADVERTISING, hdev->suspend_tasks);
1210 cancel_delayed_work(&hdev->discov_off);
1211 queue_delayed_work(hdev->req_workqueue,
1212 &hdev->discov_off, 0);
1215 /* Pause other advertisements */
1216 if (hdev->adv_instance_cnt)
1217 hci_suspend_adv_instances(&req);
1219 hdev->advertising_paused = true;
1220 hdev->advertising_old_state = old_state;
1221 /* Disable page scan */
1222 page_scan = SCAN_DISABLED;
1223 hci_req_add(&req, HCI_OP_WRITE_SCAN_ENABLE, 1, &page_scan);
1225 /* Disable LE passive scan if enabled */
1226 if (hci_dev_test_flag(hdev, HCI_LE_SCAN))
1227 hci_req_add_le_scan_disable(&req, false);
1229 /* Mark task needing completion */
1230 set_bit(SUSPEND_SCAN_DISABLE, hdev->suspend_tasks);
1232 /* Prevent disconnects from causing scanning to be re-enabled */
1233 hdev->scanning_paused = true;
1235 /* Run commands before disconnecting */
1236 hci_req_run(&req, suspend_req_complete);
1238 disconnect_counter = 0;
1239 /* Soft disconnect everything (power off) */
1240 list_for_each_entry(conn, &hdev->conn_hash.list, list) {
1241 hci_disconnect(conn, HCI_ERROR_REMOTE_POWER_OFF);
1242 disconnect_counter++;
1245 if (disconnect_counter > 0) {
1247 "Had %d disconnects. Will wait on them",
1248 disconnect_counter);
1249 set_bit(SUSPEND_DISCONNECTING, hdev->suspend_tasks);
1251 } else if (next == BT_SUSPEND_CONFIGURE_WAKE) {
1252 /* Unpause to take care of updating scanning params */
1253 hdev->scanning_paused = false;
1254 /* Enable event filter for paired devices */
1255 hci_req_set_event_filter(&req);
1256 /* Enable passive scan at lower duty cycle */
1257 hci_req_config_le_suspend_scan(&req);
1258 /* Pause scan changes again. */
1259 hdev->scanning_paused = true;
1260 hci_req_run(&req, suspend_req_complete);
1262 hdev->suspended = false;
1263 hdev->scanning_paused = false;
1265 hci_req_clear_event_filter(&req);
1266 /* Reset passive/background scanning to normal */
1267 hci_req_config_le_suspend_scan(&req);
1269 /* Unpause directed advertising */
1270 hdev->advertising_paused = false;
1271 if (hdev->advertising_old_state) {
1272 set_bit(SUSPEND_UNPAUSE_ADVERTISING,
1273 hdev->suspend_tasks);
1274 hci_dev_set_flag(hdev, HCI_ADVERTISING);
1275 queue_work(hdev->req_workqueue,
1276 &hdev->discoverable_update);
1277 hdev->advertising_old_state = 0;
1280 /* Resume other advertisements */
1281 if (hdev->adv_instance_cnt)
1282 hci_resume_adv_instances(&req);
1284 /* Unpause discovery */
1285 hdev->discovery_paused = false;
1286 if (hdev->discovery_old_state != DISCOVERY_STOPPED &&
1287 hdev->discovery_old_state != DISCOVERY_STOPPING) {
1288 set_bit(SUSPEND_UNPAUSE_DISCOVERY, hdev->suspend_tasks);
1289 hci_discovery_set_state(hdev, DISCOVERY_STARTING);
1290 queue_work(hdev->req_workqueue, &hdev->discov_update);
1293 hci_req_run(&req, suspend_req_complete);
1296 hdev->suspend_state = next;
1299 clear_bit(SUSPEND_PREPARE_NOTIFIER, hdev->suspend_tasks);
1300 wake_up(&hdev->suspend_wait_q);
1303 static u8 get_cur_adv_instance_scan_rsp_len(struct hci_dev *hdev)
1305 u8 instance = hdev->cur_adv_instance;
1306 struct adv_info *adv_instance;
1308 /* Instance 0x00 always set local name */
1309 if (instance == 0x00)
1312 adv_instance = hci_find_adv_instance(hdev, instance);
1316 /* TODO: Take into account the "appearance" and "local-name" flags here.
1317 * These are currently being ignored as they are not supported.
1319 return adv_instance->scan_rsp_len;
1322 void __hci_req_disable_advertising(struct hci_request *req)
1324 if (ext_adv_capable(req->hdev)) {
1325 __hci_req_disable_ext_adv_instance(req, 0x00);
1330 hci_req_add(req, HCI_OP_LE_SET_ADV_ENABLE, sizeof(enable), &enable);
1334 static u32 get_adv_instance_flags(struct hci_dev *hdev, u8 instance)
1337 struct adv_info *adv_instance;
1339 if (instance == 0x00) {
1340 /* Instance 0 always manages the "Tx Power" and "Flags"
1343 flags = MGMT_ADV_FLAG_TX_POWER | MGMT_ADV_FLAG_MANAGED_FLAGS;
1345 /* For instance 0, the HCI_ADVERTISING_CONNECTABLE setting
1346 * corresponds to the "connectable" instance flag.
1348 if (hci_dev_test_flag(hdev, HCI_ADVERTISING_CONNECTABLE))
1349 flags |= MGMT_ADV_FLAG_CONNECTABLE;
1351 if (hci_dev_test_flag(hdev, HCI_LIMITED_DISCOVERABLE))
1352 flags |= MGMT_ADV_FLAG_LIMITED_DISCOV;
1353 else if (hci_dev_test_flag(hdev, HCI_DISCOVERABLE))
1354 flags |= MGMT_ADV_FLAG_DISCOV;
1359 adv_instance = hci_find_adv_instance(hdev, instance);
1361 /* Return 0 when we got an invalid instance identifier. */
1365 return adv_instance->flags;
1368 static bool adv_use_rpa(struct hci_dev *hdev, uint32_t flags)
1370 /* If privacy is not enabled don't use RPA */
1371 if (!hci_dev_test_flag(hdev, HCI_PRIVACY))
1374 /* If basic privacy mode is enabled use RPA */
1375 if (!hci_dev_test_flag(hdev, HCI_LIMITED_PRIVACY))
1378 /* If limited privacy mode is enabled don't use RPA if we're
1379 * both discoverable and bondable.
1381 if ((flags & MGMT_ADV_FLAG_DISCOV) &&
1382 hci_dev_test_flag(hdev, HCI_BONDABLE))
1385 /* We're neither bondable nor discoverable in the limited
1386 * privacy mode, therefore use RPA.
1391 static bool is_advertising_allowed(struct hci_dev *hdev, bool connectable)
1393 /* If there is no connection we are OK to advertise. */
1394 if (hci_conn_num(hdev, LE_LINK) == 0)
1397 /* Check le_states if there is any connection in slave role. */
1398 if (hdev->conn_hash.le_num_slave > 0) {
1399 /* Slave connection state and non connectable mode bit 20. */
1400 if (!connectable && !(hdev->le_states[2] & 0x10))
1403 /* Slave connection state and connectable mode bit 38
1404 * and scannable bit 21.
1406 if (connectable && (!(hdev->le_states[4] & 0x40) ||
1407 !(hdev->le_states[2] & 0x20)))
1411 /* Check le_states if there is any connection in master role. */
1412 if (hci_conn_num(hdev, LE_LINK) != hdev->conn_hash.le_num_slave) {
1413 /* Master connection state and non connectable mode bit 18. */
1414 if (!connectable && !(hdev->le_states[2] & 0x02))
1417 /* Master connection state and connectable mode bit 35 and
1420 if (connectable && (!(hdev->le_states[4] & 0x08) ||
1421 !(hdev->le_states[2] & 0x08)))
1428 void __hci_req_enable_advertising(struct hci_request *req)
1430 struct hci_dev *hdev = req->hdev;
1431 struct hci_cp_le_set_adv_param cp;
1432 u8 own_addr_type, enable = 0x01;
1434 u16 adv_min_interval, adv_max_interval;
1437 flags = get_adv_instance_flags(hdev, hdev->cur_adv_instance);
1439 /* If the "connectable" instance flag was not set, then choose between
1440 * ADV_IND and ADV_NONCONN_IND based on the global connectable setting.
1442 connectable = (flags & MGMT_ADV_FLAG_CONNECTABLE) ||
1443 mgmt_get_connectable(hdev);
1445 if (!is_advertising_allowed(hdev, connectable))
1448 if (hci_dev_test_flag(hdev, HCI_LE_ADV))
1449 __hci_req_disable_advertising(req);
1451 /* Clear the HCI_LE_ADV bit temporarily so that the
1452 * hci_update_random_address knows that it's safe to go ahead
1453 * and write a new random address. The flag will be set back on
1454 * as soon as the SET_ADV_ENABLE HCI command completes.
1456 hci_dev_clear_flag(hdev, HCI_LE_ADV);
1458 /* Set require_privacy to true only when non-connectable
1459 * advertising is used. In that case it is fine to use a
1460 * non-resolvable private address.
1462 if (hci_update_random_address(req, !connectable,
1463 adv_use_rpa(hdev, flags),
1464 &own_addr_type) < 0)
1467 memset(&cp, 0, sizeof(cp));
1470 cp.type = LE_ADV_IND;
1472 adv_min_interval = hdev->le_adv_min_interval;
1473 adv_max_interval = hdev->le_adv_max_interval;
1475 if (get_cur_adv_instance_scan_rsp_len(hdev))
1476 cp.type = LE_ADV_SCAN_IND;
1478 cp.type = LE_ADV_NONCONN_IND;
1480 if (!hci_dev_test_flag(hdev, HCI_DISCOVERABLE) ||
1481 hci_dev_test_flag(hdev, HCI_LIMITED_DISCOVERABLE)) {
1482 adv_min_interval = DISCOV_LE_FAST_ADV_INT_MIN;
1483 adv_max_interval = DISCOV_LE_FAST_ADV_INT_MAX;
1485 adv_min_interval = hdev->le_adv_min_interval;
1486 adv_max_interval = hdev->le_adv_max_interval;
1490 cp.min_interval = cpu_to_le16(adv_min_interval);
1491 cp.max_interval = cpu_to_le16(adv_max_interval);
1492 cp.own_address_type = own_addr_type;
1493 cp.channel_map = hdev->le_adv_channel_map;
1495 hci_req_add(req, HCI_OP_LE_SET_ADV_PARAM, sizeof(cp), &cp);
1497 hci_req_add(req, HCI_OP_LE_SET_ADV_ENABLE, sizeof(enable), &enable);
1500 u8 append_local_name(struct hci_dev *hdev, u8 *ptr, u8 ad_len)
1503 size_t complete_len;
1505 /* no space left for name (+ NULL + type + len) */
1506 if ((HCI_MAX_AD_LENGTH - ad_len) < HCI_MAX_SHORT_NAME_LENGTH + 3)
1509 /* use complete name if present and fits */
1510 complete_len = strlen(hdev->dev_name);
1511 if (complete_len && complete_len <= HCI_MAX_SHORT_NAME_LENGTH)
1512 return eir_append_data(ptr, ad_len, EIR_NAME_COMPLETE,
1513 hdev->dev_name, complete_len + 1);
1515 /* use short name if present */
1516 short_len = strlen(hdev->short_name);
1518 return eir_append_data(ptr, ad_len, EIR_NAME_SHORT,
1519 hdev->short_name, short_len + 1);
1521 /* use shortened full name if present, we already know that name
1522 * is longer then HCI_MAX_SHORT_NAME_LENGTH
1525 u8 name[HCI_MAX_SHORT_NAME_LENGTH + 1];
1527 memcpy(name, hdev->dev_name, HCI_MAX_SHORT_NAME_LENGTH);
1528 name[HCI_MAX_SHORT_NAME_LENGTH] = '\0';
1530 return eir_append_data(ptr, ad_len, EIR_NAME_SHORT, name,
1537 static u8 append_appearance(struct hci_dev *hdev, u8 *ptr, u8 ad_len)
1539 return eir_append_le16(ptr, ad_len, EIR_APPEARANCE, hdev->appearance);
1542 static u8 create_default_scan_rsp_data(struct hci_dev *hdev, u8 *ptr)
1544 u8 scan_rsp_len = 0;
1546 if (hdev->appearance) {
1547 scan_rsp_len = append_appearance(hdev, ptr, scan_rsp_len);
1550 return append_local_name(hdev, ptr, scan_rsp_len);
1553 static u8 create_instance_scan_rsp_data(struct hci_dev *hdev, u8 instance,
1556 struct adv_info *adv_instance;
1558 u8 scan_rsp_len = 0;
1560 adv_instance = hci_find_adv_instance(hdev, instance);
1564 instance_flags = adv_instance->flags;
1566 if ((instance_flags & MGMT_ADV_FLAG_APPEARANCE) && hdev->appearance) {
1567 scan_rsp_len = append_appearance(hdev, ptr, scan_rsp_len);
1570 memcpy(&ptr[scan_rsp_len], adv_instance->scan_rsp_data,
1571 adv_instance->scan_rsp_len);
1573 scan_rsp_len += adv_instance->scan_rsp_len;
1575 if (instance_flags & MGMT_ADV_FLAG_LOCAL_NAME)
1576 scan_rsp_len = append_local_name(hdev, ptr, scan_rsp_len);
1578 return scan_rsp_len;
1581 void __hci_req_update_scan_rsp_data(struct hci_request *req, u8 instance)
1583 struct hci_dev *hdev = req->hdev;
1586 if (!hci_dev_test_flag(hdev, HCI_LE_ENABLED))
1589 if (ext_adv_capable(hdev)) {
1590 struct hci_cp_le_set_ext_scan_rsp_data cp;
1592 memset(&cp, 0, sizeof(cp));
1594 /* Extended scan response data doesn't allow a response to be
1595 * set if the instance isn't scannable.
1597 if (get_adv_instance_scan_rsp_len(hdev, instance))
1598 len = create_instance_scan_rsp_data(hdev, instance,
1603 if (hdev->scan_rsp_data_len == len &&
1604 !memcmp(cp.data, hdev->scan_rsp_data, len))
1607 memcpy(hdev->scan_rsp_data, cp.data, sizeof(cp.data));
1608 hdev->scan_rsp_data_len = len;
1610 cp.handle = instance;
1612 cp.operation = LE_SET_ADV_DATA_OP_COMPLETE;
1613 cp.frag_pref = LE_SET_ADV_DATA_NO_FRAG;
1615 hci_req_add(req, HCI_OP_LE_SET_EXT_SCAN_RSP_DATA, sizeof(cp),
1618 struct hci_cp_le_set_scan_rsp_data cp;
1620 memset(&cp, 0, sizeof(cp));
1623 len = create_instance_scan_rsp_data(hdev, instance,
1626 len = create_default_scan_rsp_data(hdev, cp.data);
1628 if (hdev->scan_rsp_data_len == len &&
1629 !memcmp(cp.data, hdev->scan_rsp_data, len))
1632 memcpy(hdev->scan_rsp_data, cp.data, sizeof(cp.data));
1633 hdev->scan_rsp_data_len = len;
1637 hci_req_add(req, HCI_OP_LE_SET_SCAN_RSP_DATA, sizeof(cp), &cp);
1641 static u8 create_instance_adv_data(struct hci_dev *hdev, u8 instance, u8 *ptr)
1643 struct adv_info *adv_instance = NULL;
1644 u8 ad_len = 0, flags = 0;
1647 /* Return 0 when the current instance identifier is invalid. */
1649 adv_instance = hci_find_adv_instance(hdev, instance);
1654 instance_flags = get_adv_instance_flags(hdev, instance);
1656 /* If instance already has the flags set skip adding it once
1659 if (adv_instance && eir_get_data(adv_instance->adv_data,
1660 adv_instance->adv_data_len, EIR_FLAGS,
1664 /* The Add Advertising command allows userspace to set both the general
1665 * and limited discoverable flags.
1667 if (instance_flags & MGMT_ADV_FLAG_DISCOV)
1668 flags |= LE_AD_GENERAL;
1670 if (instance_flags & MGMT_ADV_FLAG_LIMITED_DISCOV)
1671 flags |= LE_AD_LIMITED;
1673 if (!hci_dev_test_flag(hdev, HCI_BREDR_ENABLED))
1674 flags |= LE_AD_NO_BREDR;
1676 if (flags || (instance_flags & MGMT_ADV_FLAG_MANAGED_FLAGS)) {
1677 /* If a discovery flag wasn't provided, simply use the global
1681 flags |= mgmt_get_adv_discov_flags(hdev);
1683 /* If flags would still be empty, then there is no need to
1684 * include the "Flags" AD field".
1698 memcpy(ptr, adv_instance->adv_data,
1699 adv_instance->adv_data_len);
1700 ad_len += adv_instance->adv_data_len;
1701 ptr += adv_instance->adv_data_len;
1704 if (instance_flags & MGMT_ADV_FLAG_TX_POWER) {
1707 if (ext_adv_capable(hdev)) {
1709 adv_tx_power = adv_instance->tx_power;
1711 adv_tx_power = hdev->adv_tx_power;
1713 adv_tx_power = hdev->adv_tx_power;
1716 /* Provide Tx Power only if we can provide a valid value for it */
1717 if (adv_tx_power != HCI_TX_POWER_INVALID) {
1719 ptr[1] = EIR_TX_POWER;
1720 ptr[2] = (u8)adv_tx_power;
1730 void __hci_req_update_adv_data(struct hci_request *req, u8 instance)
1732 struct hci_dev *hdev = req->hdev;
1735 if (!hci_dev_test_flag(hdev, HCI_LE_ENABLED))
1738 if (ext_adv_capable(hdev)) {
1739 struct hci_cp_le_set_ext_adv_data cp;
1741 memset(&cp, 0, sizeof(cp));
1743 len = create_instance_adv_data(hdev, instance, cp.data);
1745 /* There's nothing to do if the data hasn't changed */
1746 if (hdev->adv_data_len == len &&
1747 memcmp(cp.data, hdev->adv_data, len) == 0)
1750 memcpy(hdev->adv_data, cp.data, sizeof(cp.data));
1751 hdev->adv_data_len = len;
1754 cp.handle = instance;
1755 cp.operation = LE_SET_ADV_DATA_OP_COMPLETE;
1756 cp.frag_pref = LE_SET_ADV_DATA_NO_FRAG;
1758 hci_req_add(req, HCI_OP_LE_SET_EXT_ADV_DATA, sizeof(cp), &cp);
1760 struct hci_cp_le_set_adv_data cp;
1762 memset(&cp, 0, sizeof(cp));
1764 len = create_instance_adv_data(hdev, instance, cp.data);
1766 /* There's nothing to do if the data hasn't changed */
1767 if (hdev->adv_data_len == len &&
1768 memcmp(cp.data, hdev->adv_data, len) == 0)
1771 memcpy(hdev->adv_data, cp.data, sizeof(cp.data));
1772 hdev->adv_data_len = len;
1776 hci_req_add(req, HCI_OP_LE_SET_ADV_DATA, sizeof(cp), &cp);
1780 int hci_req_update_adv_data(struct hci_dev *hdev, u8 instance)
1782 struct hci_request req;
1784 hci_req_init(&req, hdev);
1785 __hci_req_update_adv_data(&req, instance);
1787 return hci_req_run(&req, NULL);
1790 static void enable_addr_resolution_complete(struct hci_dev *hdev, u8 status,
1793 BT_DBG("%s status %u", hdev->name, status);
1796 void hci_req_disable_address_resolution(struct hci_dev *hdev)
1798 struct hci_request req;
1801 if (!use_ll_privacy(hdev) &&
1802 !hci_dev_test_flag(hdev, HCI_LL_RPA_RESOLUTION))
1805 hci_req_init(&req, hdev);
1807 hci_req_add(&req, HCI_OP_LE_SET_ADDR_RESOLV_ENABLE, 1, &enable);
1809 hci_req_run(&req, enable_addr_resolution_complete);
1812 static void adv_enable_complete(struct hci_dev *hdev, u8 status, u16 opcode)
1814 BT_DBG("%s status %u", hdev->name, status);
1817 void hci_req_reenable_advertising(struct hci_dev *hdev)
1819 struct hci_request req;
1821 if (!hci_dev_test_flag(hdev, HCI_ADVERTISING) &&
1822 list_empty(&hdev->adv_instances))
1825 hci_req_init(&req, hdev);
1827 if (hdev->cur_adv_instance) {
1828 __hci_req_schedule_adv_instance(&req, hdev->cur_adv_instance,
1831 if (ext_adv_capable(hdev)) {
1832 __hci_req_start_ext_adv(&req, 0x00);
1834 __hci_req_update_adv_data(&req, 0x00);
1835 __hci_req_update_scan_rsp_data(&req, 0x00);
1836 __hci_req_enable_advertising(&req);
1840 hci_req_run(&req, adv_enable_complete);
1843 static void adv_timeout_expire(struct work_struct *work)
1845 struct hci_dev *hdev = container_of(work, struct hci_dev,
1846 adv_instance_expire.work);
1848 struct hci_request req;
1851 BT_DBG("%s", hdev->name);
1855 hdev->adv_instance_timeout = 0;
1857 instance = hdev->cur_adv_instance;
1858 if (instance == 0x00)
1861 hci_req_init(&req, hdev);
1863 hci_req_clear_adv_instance(hdev, NULL, &req, instance, false);
1865 if (list_empty(&hdev->adv_instances))
1866 __hci_req_disable_advertising(&req);
1868 hci_req_run(&req, NULL);
1871 hci_dev_unlock(hdev);
1874 int hci_get_random_address(struct hci_dev *hdev, bool require_privacy,
1875 bool use_rpa, struct adv_info *adv_instance,
1876 u8 *own_addr_type, bdaddr_t *rand_addr)
1880 bacpy(rand_addr, BDADDR_ANY);
1882 /* If privacy is enabled use a resolvable private address. If
1883 * current RPA has expired then generate a new one.
1888 /* If Controller supports LL Privacy use own address type is
1891 if (use_ll_privacy(hdev))
1892 *own_addr_type = ADDR_LE_DEV_RANDOM_RESOLVED;
1894 *own_addr_type = ADDR_LE_DEV_RANDOM;
1897 if (!adv_instance->rpa_expired &&
1898 !bacmp(&adv_instance->random_addr, &hdev->rpa))
1901 adv_instance->rpa_expired = false;
1903 if (!hci_dev_test_and_clear_flag(hdev, HCI_RPA_EXPIRED) &&
1904 !bacmp(&hdev->random_addr, &hdev->rpa))
1908 err = smp_generate_rpa(hdev, hdev->irk, &hdev->rpa);
1910 bt_dev_err(hdev, "failed to generate new RPA");
1914 bacpy(rand_addr, &hdev->rpa);
1916 to = msecs_to_jiffies(hdev->rpa_timeout * 1000);
1918 queue_delayed_work(hdev->workqueue,
1919 &adv_instance->rpa_expired_cb, to);
1921 queue_delayed_work(hdev->workqueue,
1922 &hdev->rpa_expired, to);
1927 /* In case of required privacy without resolvable private address,
1928 * use an non-resolvable private address. This is useful for
1929 * non-connectable advertising.
1931 if (require_privacy) {
1935 /* The non-resolvable private address is generated
1936 * from random six bytes with the two most significant
1939 get_random_bytes(&nrpa, 6);
1942 /* The non-resolvable private address shall not be
1943 * equal to the public address.
1945 if (bacmp(&hdev->bdaddr, &nrpa))
1949 *own_addr_type = ADDR_LE_DEV_RANDOM;
1950 bacpy(rand_addr, &nrpa);
1955 /* No privacy so use a public address. */
1956 *own_addr_type = ADDR_LE_DEV_PUBLIC;
1961 void __hci_req_clear_ext_adv_sets(struct hci_request *req)
1963 hci_req_add(req, HCI_OP_LE_CLEAR_ADV_SETS, 0, NULL);
1966 int __hci_req_setup_ext_adv_instance(struct hci_request *req, u8 instance)
1968 struct hci_cp_le_set_ext_adv_params cp;
1969 struct hci_dev *hdev = req->hdev;
1972 bdaddr_t random_addr;
1975 struct adv_info *adv_instance;
1979 adv_instance = hci_find_adv_instance(hdev, instance);
1983 adv_instance = NULL;
1986 flags = get_adv_instance_flags(hdev, instance);
1988 /* If the "connectable" instance flag was not set, then choose between
1989 * ADV_IND and ADV_NONCONN_IND based on the global connectable setting.
1991 connectable = (flags & MGMT_ADV_FLAG_CONNECTABLE) ||
1992 mgmt_get_connectable(hdev);
1994 if (!is_advertising_allowed(hdev, connectable))
1997 /* Set require_privacy to true only when non-connectable
1998 * advertising is used. In that case it is fine to use a
1999 * non-resolvable private address.
2001 err = hci_get_random_address(hdev, !connectable,
2002 adv_use_rpa(hdev, flags), adv_instance,
2003 &own_addr_type, &random_addr);
2007 memset(&cp, 0, sizeof(cp));
2009 /* In ext adv set param interval is 3 octets */
2010 hci_cpu_to_le24(hdev->le_adv_min_interval, cp.min_interval);
2011 hci_cpu_to_le24(hdev->le_adv_max_interval, cp.max_interval);
2013 secondary_adv = (flags & MGMT_ADV_FLAG_SEC_MASK);
2017 cp.evt_properties = cpu_to_le16(LE_EXT_ADV_CONN_IND);
2019 cp.evt_properties = cpu_to_le16(LE_LEGACY_ADV_IND);
2020 } else if (get_adv_instance_scan_rsp_len(hdev, instance)) {
2022 cp.evt_properties = cpu_to_le16(LE_EXT_ADV_SCAN_IND);
2024 cp.evt_properties = cpu_to_le16(LE_LEGACY_ADV_SCAN_IND);
2027 cp.evt_properties = cpu_to_le16(LE_EXT_ADV_NON_CONN_IND);
2029 cp.evt_properties = cpu_to_le16(LE_LEGACY_NONCONN_IND);
2032 cp.own_addr_type = own_addr_type;
2033 cp.channel_map = hdev->le_adv_channel_map;
2035 cp.handle = instance;
2037 if (flags & MGMT_ADV_FLAG_SEC_2M) {
2038 cp.primary_phy = HCI_ADV_PHY_1M;
2039 cp.secondary_phy = HCI_ADV_PHY_2M;
2040 } else if (flags & MGMT_ADV_FLAG_SEC_CODED) {
2041 cp.primary_phy = HCI_ADV_PHY_CODED;
2042 cp.secondary_phy = HCI_ADV_PHY_CODED;
2044 /* In all other cases use 1M */
2045 cp.primary_phy = HCI_ADV_PHY_1M;
2046 cp.secondary_phy = HCI_ADV_PHY_1M;
2049 hci_req_add(req, HCI_OP_LE_SET_EXT_ADV_PARAMS, sizeof(cp), &cp);
2051 if (own_addr_type == ADDR_LE_DEV_RANDOM &&
2052 bacmp(&random_addr, BDADDR_ANY)) {
2053 struct hci_cp_le_set_adv_set_rand_addr cp;
2055 /* Check if random address need to be updated */
2057 if (!bacmp(&random_addr, &adv_instance->random_addr))
2060 if (!bacmp(&random_addr, &hdev->random_addr))
2064 memset(&cp, 0, sizeof(cp));
2066 cp.handle = instance;
2067 bacpy(&cp.bdaddr, &random_addr);
2070 HCI_OP_LE_SET_ADV_SET_RAND_ADDR,
2077 int __hci_req_enable_ext_advertising(struct hci_request *req, u8 instance)
2079 struct hci_dev *hdev = req->hdev;
2080 struct hci_cp_le_set_ext_adv_enable *cp;
2081 struct hci_cp_ext_adv_set *adv_set;
2082 u8 data[sizeof(*cp) + sizeof(*adv_set) * 1];
2083 struct adv_info *adv_instance;
2086 adv_instance = hci_find_adv_instance(hdev, instance);
2090 adv_instance = NULL;
2094 adv_set = (void *) cp->data;
2096 memset(cp, 0, sizeof(*cp));
2099 cp->num_of_sets = 0x01;
2101 memset(adv_set, 0, sizeof(*adv_set));
2103 adv_set->handle = instance;
2105 /* Set duration per instance since controller is responsible for
2108 if (adv_instance && adv_instance->duration) {
2109 u16 duration = adv_instance->timeout * MSEC_PER_SEC;
2111 /* Time = N * 10 ms */
2112 adv_set->duration = cpu_to_le16(duration / 10);
2115 hci_req_add(req, HCI_OP_LE_SET_EXT_ADV_ENABLE,
2116 sizeof(*cp) + sizeof(*adv_set) * cp->num_of_sets,
2122 int __hci_req_disable_ext_adv_instance(struct hci_request *req, u8 instance)
2124 struct hci_dev *hdev = req->hdev;
2125 struct hci_cp_le_set_ext_adv_enable *cp;
2126 struct hci_cp_ext_adv_set *adv_set;
2127 u8 data[sizeof(*cp) + sizeof(*adv_set) * 1];
2130 /* If request specifies an instance that doesn't exist, fail */
2131 if (instance > 0 && !hci_find_adv_instance(hdev, instance))
2134 memset(data, 0, sizeof(data));
2137 adv_set = (void *)cp->data;
2139 /* Instance 0x00 indicates all advertising instances will be disabled */
2140 cp->num_of_sets = !!instance;
2143 adv_set->handle = instance;
2145 req_size = sizeof(*cp) + sizeof(*adv_set) * cp->num_of_sets;
2146 hci_req_add(req, HCI_OP_LE_SET_EXT_ADV_ENABLE, req_size, data);
2151 int __hci_req_remove_ext_adv_instance(struct hci_request *req, u8 instance)
2153 struct hci_dev *hdev = req->hdev;
2155 /* If request specifies an instance that doesn't exist, fail */
2156 if (instance > 0 && !hci_find_adv_instance(hdev, instance))
2159 hci_req_add(req, HCI_OP_LE_REMOVE_ADV_SET, sizeof(instance), &instance);
2164 int __hci_req_start_ext_adv(struct hci_request *req, u8 instance)
2166 struct hci_dev *hdev = req->hdev;
2167 struct adv_info *adv_instance = hci_find_adv_instance(hdev, instance);
2170 /* If instance isn't pending, the chip knows about it, and it's safe to
2173 if (adv_instance && !adv_instance->pending)
2174 __hci_req_disable_ext_adv_instance(req, instance);
2176 err = __hci_req_setup_ext_adv_instance(req, instance);
2180 __hci_req_update_scan_rsp_data(req, instance);
2181 __hci_req_enable_ext_advertising(req, instance);
2186 int __hci_req_schedule_adv_instance(struct hci_request *req, u8 instance,
2189 struct hci_dev *hdev = req->hdev;
2190 struct adv_info *adv_instance = NULL;
2193 if (hci_dev_test_flag(hdev, HCI_ADVERTISING) ||
2194 list_empty(&hdev->adv_instances))
2197 if (hdev->adv_instance_timeout)
2200 adv_instance = hci_find_adv_instance(hdev, instance);
2204 /* A zero timeout means unlimited advertising. As long as there is
2205 * only one instance, duration should be ignored. We still set a timeout
2206 * in case further instances are being added later on.
2208 * If the remaining lifetime of the instance is more than the duration
2209 * then the timeout corresponds to the duration, otherwise it will be
2210 * reduced to the remaining instance lifetime.
2212 if (adv_instance->timeout == 0 ||
2213 adv_instance->duration <= adv_instance->remaining_time)
2214 timeout = adv_instance->duration;
2216 timeout = adv_instance->remaining_time;
2218 /* The remaining time is being reduced unless the instance is being
2219 * advertised without time limit.
2221 if (adv_instance->timeout)
2222 adv_instance->remaining_time =
2223 adv_instance->remaining_time - timeout;
2225 /* Only use work for scheduling instances with legacy advertising */
2226 if (!ext_adv_capable(hdev)) {
2227 hdev->adv_instance_timeout = timeout;
2228 queue_delayed_work(hdev->req_workqueue,
2229 &hdev->adv_instance_expire,
2230 msecs_to_jiffies(timeout * 1000));
2233 /* If we're just re-scheduling the same instance again then do not
2234 * execute any HCI commands. This happens when a single instance is
2237 if (!force && hdev->cur_adv_instance == instance &&
2238 hci_dev_test_flag(hdev, HCI_LE_ADV))
2241 hdev->cur_adv_instance = instance;
2242 if (ext_adv_capable(hdev)) {
2243 __hci_req_start_ext_adv(req, instance);
2245 __hci_req_update_adv_data(req, instance);
2246 __hci_req_update_scan_rsp_data(req, instance);
2247 __hci_req_enable_advertising(req);
2253 /* For a single instance:
2254 * - force == true: The instance will be removed even when its remaining
2255 * lifetime is not zero.
2256 * - force == false: the instance will be deactivated but kept stored unless
2257 * the remaining lifetime is zero.
2259 * For instance == 0x00:
2260 * - force == true: All instances will be removed regardless of their timeout
2262 * - force == false: Only instances that have a timeout will be removed.
2264 void hci_req_clear_adv_instance(struct hci_dev *hdev, struct sock *sk,
2265 struct hci_request *req, u8 instance,
2268 struct adv_info *adv_instance, *n, *next_instance = NULL;
2272 /* Cancel any timeout concerning the removed instance(s). */
2273 if (!instance || hdev->cur_adv_instance == instance)
2274 cancel_adv_timeout(hdev);
2276 /* Get the next instance to advertise BEFORE we remove
2277 * the current one. This can be the same instance again
2278 * if there is only one instance.
2280 if (instance && hdev->cur_adv_instance == instance)
2281 next_instance = hci_get_next_instance(hdev, instance);
2283 if (instance == 0x00) {
2284 list_for_each_entry_safe(adv_instance, n, &hdev->adv_instances,
2286 if (!(force || adv_instance->timeout))
2289 rem_inst = adv_instance->instance;
2290 err = hci_remove_adv_instance(hdev, rem_inst);
2292 mgmt_advertising_removed(sk, hdev, rem_inst);
2295 adv_instance = hci_find_adv_instance(hdev, instance);
2297 if (force || (adv_instance && adv_instance->timeout &&
2298 !adv_instance->remaining_time)) {
2299 /* Don't advertise a removed instance. */
2300 if (next_instance &&
2301 next_instance->instance == instance)
2302 next_instance = NULL;
2304 err = hci_remove_adv_instance(hdev, instance);
2306 mgmt_advertising_removed(sk, hdev, instance);
2310 if (!req || !hdev_is_powered(hdev) ||
2311 hci_dev_test_flag(hdev, HCI_ADVERTISING))
2314 if (next_instance && !ext_adv_capable(hdev))
2315 __hci_req_schedule_adv_instance(req, next_instance->instance,
2319 static void set_random_addr(struct hci_request *req, bdaddr_t *rpa)
2321 struct hci_dev *hdev = req->hdev;
2323 /* If we're advertising or initiating an LE connection we can't
2324 * go ahead and change the random address at this time. This is
2325 * because the eventual initiator address used for the
2326 * subsequently created connection will be undefined (some
2327 * controllers use the new address and others the one we had
2328 * when the operation started).
2330 * In this kind of scenario skip the update and let the random
2331 * address be updated at the next cycle.
2333 if (hci_dev_test_flag(hdev, HCI_LE_ADV) ||
2334 hci_lookup_le_connect(hdev)) {
2335 BT_DBG("Deferring random address update");
2336 hci_dev_set_flag(hdev, HCI_RPA_EXPIRED);
2340 hci_req_add(req, HCI_OP_LE_SET_RANDOM_ADDR, 6, rpa);
2343 int hci_update_random_address(struct hci_request *req, bool require_privacy,
2344 bool use_rpa, u8 *own_addr_type)
2346 struct hci_dev *hdev = req->hdev;
2349 /* If privacy is enabled use a resolvable private address. If
2350 * current RPA has expired or there is something else than
2351 * the current RPA in use, then generate a new one.
2356 /* If Controller supports LL Privacy use own address type is
2359 if (use_ll_privacy(hdev))
2360 *own_addr_type = ADDR_LE_DEV_RANDOM_RESOLVED;
2362 *own_addr_type = ADDR_LE_DEV_RANDOM;
2364 if (!hci_dev_test_and_clear_flag(hdev, HCI_RPA_EXPIRED) &&
2365 !bacmp(&hdev->random_addr, &hdev->rpa))
2368 err = smp_generate_rpa(hdev, hdev->irk, &hdev->rpa);
2370 bt_dev_err(hdev, "failed to generate new RPA");
2374 set_random_addr(req, &hdev->rpa);
2376 to = msecs_to_jiffies(hdev->rpa_timeout * 1000);
2377 queue_delayed_work(hdev->workqueue, &hdev->rpa_expired, to);
2382 /* In case of required privacy without resolvable private address,
2383 * use an non-resolvable private address. This is useful for active
2384 * scanning and non-connectable advertising.
2386 if (require_privacy) {
2390 /* The non-resolvable private address is generated
2391 * from random six bytes with the two most significant
2394 get_random_bytes(&nrpa, 6);
2397 /* The non-resolvable private address shall not be
2398 * equal to the public address.
2400 if (bacmp(&hdev->bdaddr, &nrpa))
2404 *own_addr_type = ADDR_LE_DEV_RANDOM;
2405 set_random_addr(req, &nrpa);
2409 /* If forcing static address is in use or there is no public
2410 * address use the static address as random address (but skip
2411 * the HCI command if the current random address is already the
2414 * In case BR/EDR has been disabled on a dual-mode controller
2415 * and a static address has been configured, then use that
2416 * address instead of the public BR/EDR address.
2418 if (hci_dev_test_flag(hdev, HCI_FORCE_STATIC_ADDR) ||
2419 !bacmp(&hdev->bdaddr, BDADDR_ANY) ||
2420 (!hci_dev_test_flag(hdev, HCI_BREDR_ENABLED) &&
2421 bacmp(&hdev->static_addr, BDADDR_ANY))) {
2422 *own_addr_type = ADDR_LE_DEV_RANDOM;
2423 if (bacmp(&hdev->static_addr, &hdev->random_addr))
2424 hci_req_add(req, HCI_OP_LE_SET_RANDOM_ADDR, 6,
2425 &hdev->static_addr);
2429 /* Neither privacy nor static address is being used so use a
2432 *own_addr_type = ADDR_LE_DEV_PUBLIC;
2437 static bool disconnected_whitelist_entries(struct hci_dev *hdev)
2439 struct bdaddr_list *b;
2441 list_for_each_entry(b, &hdev->whitelist, list) {
2442 struct hci_conn *conn;
2444 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &b->bdaddr);
2448 if (conn->state != BT_CONNECTED && conn->state != BT_CONFIG)
2455 void __hci_req_update_scan(struct hci_request *req)
2457 struct hci_dev *hdev = req->hdev;
2460 if (!hci_dev_test_flag(hdev, HCI_BREDR_ENABLED))
2463 if (!hdev_is_powered(hdev))
2466 if (mgmt_powering_down(hdev))
2469 if (hdev->scanning_paused)
2472 if (hci_dev_test_flag(hdev, HCI_CONNECTABLE) ||
2473 disconnected_whitelist_entries(hdev))
2476 scan = SCAN_DISABLED;
2478 if (hci_dev_test_flag(hdev, HCI_DISCOVERABLE))
2479 scan |= SCAN_INQUIRY;
2481 if (test_bit(HCI_PSCAN, &hdev->flags) == !!(scan & SCAN_PAGE) &&
2482 test_bit(HCI_ISCAN, &hdev->flags) == !!(scan & SCAN_INQUIRY))
2485 hci_req_add(req, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
2488 static int update_scan(struct hci_request *req, unsigned long opt)
2490 hci_dev_lock(req->hdev);
2491 __hci_req_update_scan(req);
2492 hci_dev_unlock(req->hdev);
2496 static void scan_update_work(struct work_struct *work)
2498 struct hci_dev *hdev = container_of(work, struct hci_dev, scan_update);
2500 hci_req_sync(hdev, update_scan, 0, HCI_CMD_TIMEOUT, NULL);
2503 static int connectable_update(struct hci_request *req, unsigned long opt)
2505 struct hci_dev *hdev = req->hdev;
2509 __hci_req_update_scan(req);
2511 /* If BR/EDR is not enabled and we disable advertising as a
2512 * by-product of disabling connectable, we need to update the
2513 * advertising flags.
2515 if (!hci_dev_test_flag(hdev, HCI_BREDR_ENABLED))
2516 __hci_req_update_adv_data(req, hdev->cur_adv_instance);
2518 /* Update the advertising parameters if necessary */
2519 if (hci_dev_test_flag(hdev, HCI_ADVERTISING) ||
2520 !list_empty(&hdev->adv_instances)) {
2521 if (ext_adv_capable(hdev))
2522 __hci_req_start_ext_adv(req, hdev->cur_adv_instance);
2524 __hci_req_enable_advertising(req);
2527 __hci_update_background_scan(req);
2529 hci_dev_unlock(hdev);
2534 static void connectable_update_work(struct work_struct *work)
2536 struct hci_dev *hdev = container_of(work, struct hci_dev,
2537 connectable_update);
2540 hci_req_sync(hdev, connectable_update, 0, HCI_CMD_TIMEOUT, &status);
2541 mgmt_set_connectable_complete(hdev, status);
2544 static u8 get_service_classes(struct hci_dev *hdev)
2546 struct bt_uuid *uuid;
2549 list_for_each_entry(uuid, &hdev->uuids, list)
2550 val |= uuid->svc_hint;
2555 void __hci_req_update_class(struct hci_request *req)
2557 struct hci_dev *hdev = req->hdev;
2560 BT_DBG("%s", hdev->name);
2562 if (!hdev_is_powered(hdev))
2565 if (!hci_dev_test_flag(hdev, HCI_BREDR_ENABLED))
2568 if (hci_dev_test_flag(hdev, HCI_SERVICE_CACHE))
2571 cod[0] = hdev->minor_class;
2572 cod[1] = hdev->major_class;
2573 cod[2] = get_service_classes(hdev);
2575 if (hci_dev_test_flag(hdev, HCI_LIMITED_DISCOVERABLE))
2578 if (memcmp(cod, hdev->dev_class, 3) == 0)
2581 hci_req_add(req, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
2584 static void write_iac(struct hci_request *req)
2586 struct hci_dev *hdev = req->hdev;
2587 struct hci_cp_write_current_iac_lap cp;
2589 if (!hci_dev_test_flag(hdev, HCI_DISCOVERABLE))
2592 if (hci_dev_test_flag(hdev, HCI_LIMITED_DISCOVERABLE)) {
2593 /* Limited discoverable mode */
2594 cp.num_iac = min_t(u8, hdev->num_iac, 2);
2595 cp.iac_lap[0] = 0x00; /* LIAC */
2596 cp.iac_lap[1] = 0x8b;
2597 cp.iac_lap[2] = 0x9e;
2598 cp.iac_lap[3] = 0x33; /* GIAC */
2599 cp.iac_lap[4] = 0x8b;
2600 cp.iac_lap[5] = 0x9e;
2602 /* General discoverable mode */
2604 cp.iac_lap[0] = 0x33; /* GIAC */
2605 cp.iac_lap[1] = 0x8b;
2606 cp.iac_lap[2] = 0x9e;
2609 hci_req_add(req, HCI_OP_WRITE_CURRENT_IAC_LAP,
2610 (cp.num_iac * 3) + 1, &cp);
2613 static int discoverable_update(struct hci_request *req, unsigned long opt)
2615 struct hci_dev *hdev = req->hdev;
2619 if (hci_dev_test_flag(hdev, HCI_BREDR_ENABLED)) {
2621 __hci_req_update_scan(req);
2622 __hci_req_update_class(req);
2625 /* Advertising instances don't use the global discoverable setting, so
2626 * only update AD if advertising was enabled using Set Advertising.
2628 if (hci_dev_test_flag(hdev, HCI_ADVERTISING)) {
2629 __hci_req_update_adv_data(req, 0x00);
2631 /* Discoverable mode affects the local advertising
2632 * address in limited privacy mode.
2634 if (hci_dev_test_flag(hdev, HCI_LIMITED_PRIVACY)) {
2635 if (ext_adv_capable(hdev))
2636 __hci_req_start_ext_adv(req, 0x00);
2638 __hci_req_enable_advertising(req);
2642 hci_dev_unlock(hdev);
2647 static void discoverable_update_work(struct work_struct *work)
2649 struct hci_dev *hdev = container_of(work, struct hci_dev,
2650 discoverable_update);
2653 hci_req_sync(hdev, discoverable_update, 0, HCI_CMD_TIMEOUT, &status);
2654 mgmt_set_discoverable_complete(hdev, status);
2657 void __hci_abort_conn(struct hci_request *req, struct hci_conn *conn,
2660 switch (conn->state) {
2663 if (conn->type == AMP_LINK) {
2664 struct hci_cp_disconn_phy_link cp;
2666 cp.phy_handle = HCI_PHY_HANDLE(conn->handle);
2668 hci_req_add(req, HCI_OP_DISCONN_PHY_LINK, sizeof(cp),
2671 struct hci_cp_disconnect dc;
2673 dc.handle = cpu_to_le16(conn->handle);
2675 hci_req_add(req, HCI_OP_DISCONNECT, sizeof(dc), &dc);
2678 conn->state = BT_DISCONN;
2682 if (conn->type == LE_LINK) {
2683 if (test_bit(HCI_CONN_SCANNING, &conn->flags))
2685 hci_req_add(req, HCI_OP_LE_CREATE_CONN_CANCEL,
2687 } else if (conn->type == ACL_LINK) {
2688 if (req->hdev->hci_ver < BLUETOOTH_VER_1_2)
2690 hci_req_add(req, HCI_OP_CREATE_CONN_CANCEL,
2695 if (conn->type == ACL_LINK) {
2696 struct hci_cp_reject_conn_req rej;
2698 bacpy(&rej.bdaddr, &conn->dst);
2699 rej.reason = reason;
2701 hci_req_add(req, HCI_OP_REJECT_CONN_REQ,
2703 } else if (conn->type == SCO_LINK || conn->type == ESCO_LINK) {
2704 struct hci_cp_reject_sync_conn_req rej;
2706 bacpy(&rej.bdaddr, &conn->dst);
2708 /* SCO rejection has its own limited set of
2709 * allowed error values (0x0D-0x0F) which isn't
2710 * compatible with most values passed to this
2711 * function. To be safe hard-code one of the
2712 * values that's suitable for SCO.
2714 rej.reason = HCI_ERROR_REJ_LIMITED_RESOURCES;
2716 hci_req_add(req, HCI_OP_REJECT_SYNC_CONN_REQ,
2721 conn->state = BT_CLOSED;
2726 static void abort_conn_complete(struct hci_dev *hdev, u8 status, u16 opcode)
2729 BT_DBG("Failed to abort connection: status 0x%2.2x", status);
2732 int hci_abort_conn(struct hci_conn *conn, u8 reason)
2734 struct hci_request req;
2737 hci_req_init(&req, conn->hdev);
2739 __hci_abort_conn(&req, conn, reason);
2741 err = hci_req_run(&req, abort_conn_complete);
2742 if (err && err != -ENODATA) {
2743 bt_dev_err(conn->hdev, "failed to run HCI request: err %d", err);
2750 static int update_bg_scan(struct hci_request *req, unsigned long opt)
2752 hci_dev_lock(req->hdev);
2753 __hci_update_background_scan(req);
2754 hci_dev_unlock(req->hdev);
2758 static void bg_scan_update(struct work_struct *work)
2760 struct hci_dev *hdev = container_of(work, struct hci_dev,
2762 struct hci_conn *conn;
2766 err = hci_req_sync(hdev, update_bg_scan, 0, HCI_CMD_TIMEOUT, &status);
2772 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
2774 hci_le_conn_failed(conn, status);
2776 hci_dev_unlock(hdev);
2779 static int le_scan_disable(struct hci_request *req, unsigned long opt)
2781 hci_req_add_le_scan_disable(req, false);
2785 static int bredr_inquiry(struct hci_request *req, unsigned long opt)
2788 const u8 giac[3] = { 0x33, 0x8b, 0x9e };
2789 const u8 liac[3] = { 0x00, 0x8b, 0x9e };
2790 struct hci_cp_inquiry cp;
2792 BT_DBG("%s", req->hdev->name);
2794 hci_dev_lock(req->hdev);
2795 hci_inquiry_cache_flush(req->hdev);
2796 hci_dev_unlock(req->hdev);
2798 memset(&cp, 0, sizeof(cp));
2800 if (req->hdev->discovery.limited)
2801 memcpy(&cp.lap, liac, sizeof(cp.lap));
2803 memcpy(&cp.lap, giac, sizeof(cp.lap));
2807 hci_req_add(req, HCI_OP_INQUIRY, sizeof(cp), &cp);
2812 static void le_scan_disable_work(struct work_struct *work)
2814 struct hci_dev *hdev = container_of(work, struct hci_dev,
2815 le_scan_disable.work);
2818 BT_DBG("%s", hdev->name);
2820 if (!hci_dev_test_flag(hdev, HCI_LE_SCAN))
2823 cancel_delayed_work(&hdev->le_scan_restart);
2825 hci_req_sync(hdev, le_scan_disable, 0, HCI_CMD_TIMEOUT, &status);
2827 bt_dev_err(hdev, "failed to disable LE scan: status 0x%02x",
2832 hdev->discovery.scan_start = 0;
2834 /* If we were running LE only scan, change discovery state. If
2835 * we were running both LE and BR/EDR inquiry simultaneously,
2836 * and BR/EDR inquiry is already finished, stop discovery,
2837 * otherwise BR/EDR inquiry will stop discovery when finished.
2838 * If we will resolve remote device name, do not change
2842 if (hdev->discovery.type == DISCOV_TYPE_LE)
2843 goto discov_stopped;
2845 if (hdev->discovery.type != DISCOV_TYPE_INTERLEAVED)
2848 if (test_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks)) {
2849 if (!test_bit(HCI_INQUIRY, &hdev->flags) &&
2850 hdev->discovery.state != DISCOVERY_RESOLVING)
2851 goto discov_stopped;
2856 hci_req_sync(hdev, bredr_inquiry, DISCOV_INTERLEAVED_INQUIRY_LEN,
2857 HCI_CMD_TIMEOUT, &status);
2859 bt_dev_err(hdev, "inquiry failed: status 0x%02x", status);
2860 goto discov_stopped;
2867 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2868 hci_dev_unlock(hdev);
2871 static int le_scan_restart(struct hci_request *req, unsigned long opt)
2873 struct hci_dev *hdev = req->hdev;
2875 /* If controller is not scanning we are done. */
2876 if (!hci_dev_test_flag(hdev, HCI_LE_SCAN))
2879 if (hdev->scanning_paused) {
2880 bt_dev_dbg(hdev, "Scanning is paused for suspend");
2884 hci_req_add_le_scan_disable(req, false);
2886 if (use_ext_scan(hdev)) {
2887 struct hci_cp_le_set_ext_scan_enable ext_enable_cp;
2889 memset(&ext_enable_cp, 0, sizeof(ext_enable_cp));
2890 ext_enable_cp.enable = LE_SCAN_ENABLE;
2891 ext_enable_cp.filter_dup = LE_SCAN_FILTER_DUP_ENABLE;
2893 hci_req_add(req, HCI_OP_LE_SET_EXT_SCAN_ENABLE,
2894 sizeof(ext_enable_cp), &ext_enable_cp);
2896 struct hci_cp_le_set_scan_enable cp;
2898 memset(&cp, 0, sizeof(cp));
2899 cp.enable = LE_SCAN_ENABLE;
2900 cp.filter_dup = LE_SCAN_FILTER_DUP_ENABLE;
2901 hci_req_add(req, HCI_OP_LE_SET_SCAN_ENABLE, sizeof(cp), &cp);
2907 static void le_scan_restart_work(struct work_struct *work)
2909 struct hci_dev *hdev = container_of(work, struct hci_dev,
2910 le_scan_restart.work);
2911 unsigned long timeout, duration, scan_start, now;
2914 BT_DBG("%s", hdev->name);
2916 hci_req_sync(hdev, le_scan_restart, 0, HCI_CMD_TIMEOUT, &status);
2918 bt_dev_err(hdev, "failed to restart LE scan: status %d",
2925 if (!test_bit(HCI_QUIRK_STRICT_DUPLICATE_FILTER, &hdev->quirks) ||
2926 !hdev->discovery.scan_start)
2929 /* When the scan was started, hdev->le_scan_disable has been queued
2930 * after duration from scan_start. During scan restart this job
2931 * has been canceled, and we need to queue it again after proper
2932 * timeout, to make sure that scan does not run indefinitely.
2934 duration = hdev->discovery.scan_duration;
2935 scan_start = hdev->discovery.scan_start;
2937 if (now - scan_start <= duration) {
2940 if (now >= scan_start)
2941 elapsed = now - scan_start;
2943 elapsed = ULONG_MAX - scan_start + now;
2945 timeout = duration - elapsed;
2950 queue_delayed_work(hdev->req_workqueue,
2951 &hdev->le_scan_disable, timeout);
2954 hci_dev_unlock(hdev);
2957 static int active_scan(struct hci_request *req, unsigned long opt)
2959 uint16_t interval = opt;
2960 struct hci_dev *hdev = req->hdev;
2962 /* White list is not used for discovery */
2963 u8 filter_policy = 0x00;
2964 /* Discovery doesn't require controller address resolution */
2965 bool addr_resolv = false;
2968 BT_DBG("%s", hdev->name);
2970 /* If controller is scanning, it means the background scanning is
2971 * running. Thus, we should temporarily stop it in order to set the
2972 * discovery scanning parameters.
2974 if (hci_dev_test_flag(hdev, HCI_LE_SCAN))
2975 hci_req_add_le_scan_disable(req, false);
2977 /* All active scans will be done with either a resolvable private
2978 * address (when privacy feature has been enabled) or non-resolvable
2981 err = hci_update_random_address(req, true, scan_use_rpa(hdev),
2984 own_addr_type = ADDR_LE_DEV_PUBLIC;
2986 hci_req_start_scan(req, LE_SCAN_ACTIVE, interval,
2987 hdev->le_scan_window_discovery, own_addr_type,
2988 filter_policy, addr_resolv);
2992 static int interleaved_discov(struct hci_request *req, unsigned long opt)
2996 BT_DBG("%s", req->hdev->name);
2998 err = active_scan(req, opt);
3002 return bredr_inquiry(req, DISCOV_BREDR_INQUIRY_LEN);
3005 static void start_discovery(struct hci_dev *hdev, u8 *status)
3007 unsigned long timeout;
3009 BT_DBG("%s type %u", hdev->name, hdev->discovery.type);
3011 switch (hdev->discovery.type) {
3012 case DISCOV_TYPE_BREDR:
3013 if (!hci_dev_test_flag(hdev, HCI_INQUIRY))
3014 hci_req_sync(hdev, bredr_inquiry,
3015 DISCOV_BREDR_INQUIRY_LEN, HCI_CMD_TIMEOUT,
3018 case DISCOV_TYPE_INTERLEAVED:
3019 /* When running simultaneous discovery, the LE scanning time
3020 * should occupy the whole discovery time sine BR/EDR inquiry
3021 * and LE scanning are scheduled by the controller.
3023 * For interleaving discovery in comparison, BR/EDR inquiry
3024 * and LE scanning are done sequentially with separate
3027 if (test_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY,
3029 timeout = msecs_to_jiffies(DISCOV_LE_TIMEOUT);
3030 /* During simultaneous discovery, we double LE scan
3031 * interval. We must leave some time for the controller
3032 * to do BR/EDR inquiry.
3034 hci_req_sync(hdev, interleaved_discov,
3035 hdev->le_scan_int_discovery * 2, HCI_CMD_TIMEOUT,
3040 timeout = msecs_to_jiffies(hdev->discov_interleaved_timeout);
3041 hci_req_sync(hdev, active_scan, hdev->le_scan_int_discovery,
3042 HCI_CMD_TIMEOUT, status);
3044 case DISCOV_TYPE_LE:
3045 timeout = msecs_to_jiffies(DISCOV_LE_TIMEOUT);
3046 hci_req_sync(hdev, active_scan, hdev->le_scan_int_discovery,
3047 HCI_CMD_TIMEOUT, status);
3050 *status = HCI_ERROR_UNSPECIFIED;
3057 BT_DBG("%s timeout %u ms", hdev->name, jiffies_to_msecs(timeout));
3059 /* When service discovery is used and the controller has a
3060 * strict duplicate filter, it is important to remember the
3061 * start and duration of the scan. This is required for
3062 * restarting scanning during the discovery phase.
3064 if (test_bit(HCI_QUIRK_STRICT_DUPLICATE_FILTER, &hdev->quirks) &&
3065 hdev->discovery.result_filtering) {
3066 hdev->discovery.scan_start = jiffies;
3067 hdev->discovery.scan_duration = timeout;
3070 queue_delayed_work(hdev->req_workqueue, &hdev->le_scan_disable,
3074 bool hci_req_stop_discovery(struct hci_request *req)
3076 struct hci_dev *hdev = req->hdev;
3077 struct discovery_state *d = &hdev->discovery;
3078 struct hci_cp_remote_name_req_cancel cp;
3079 struct inquiry_entry *e;
3082 BT_DBG("%s state %u", hdev->name, hdev->discovery.state);
3084 if (d->state == DISCOVERY_FINDING || d->state == DISCOVERY_STOPPING) {
3085 if (test_bit(HCI_INQUIRY, &hdev->flags))
3086 hci_req_add(req, HCI_OP_INQUIRY_CANCEL, 0, NULL);
3088 if (hci_dev_test_flag(hdev, HCI_LE_SCAN)) {
3089 cancel_delayed_work(&hdev->le_scan_disable);
3090 hci_req_add_le_scan_disable(req, false);
3095 /* Passive scanning */
3096 if (hci_dev_test_flag(hdev, HCI_LE_SCAN)) {
3097 hci_req_add_le_scan_disable(req, false);
3102 /* No further actions needed for LE-only discovery */
3103 if (d->type == DISCOV_TYPE_LE)
3106 if (d->state == DISCOVERY_RESOLVING || d->state == DISCOVERY_STOPPING) {
3107 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY,
3112 bacpy(&cp.bdaddr, &e->data.bdaddr);
3113 hci_req_add(req, HCI_OP_REMOTE_NAME_REQ_CANCEL, sizeof(cp),
3121 static int stop_discovery(struct hci_request *req, unsigned long opt)
3123 hci_dev_lock(req->hdev);
3124 hci_req_stop_discovery(req);
3125 hci_dev_unlock(req->hdev);
3130 static void discov_update(struct work_struct *work)
3132 struct hci_dev *hdev = container_of(work, struct hci_dev,
3136 switch (hdev->discovery.state) {
3137 case DISCOVERY_STARTING:
3138 start_discovery(hdev, &status);
3139 mgmt_start_discovery_complete(hdev, status);
3141 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3143 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
3145 case DISCOVERY_STOPPING:
3146 hci_req_sync(hdev, stop_discovery, 0, HCI_CMD_TIMEOUT, &status);
3147 mgmt_stop_discovery_complete(hdev, status);
3149 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3151 case DISCOVERY_STOPPED:
3157 static void discov_off(struct work_struct *work)
3159 struct hci_dev *hdev = container_of(work, struct hci_dev,
3162 BT_DBG("%s", hdev->name);
3166 /* When discoverable timeout triggers, then just make sure
3167 * the limited discoverable flag is cleared. Even in the case
3168 * of a timeout triggered from general discoverable, it is
3169 * safe to unconditionally clear the flag.
3171 hci_dev_clear_flag(hdev, HCI_LIMITED_DISCOVERABLE);
3172 hci_dev_clear_flag(hdev, HCI_DISCOVERABLE);
3173 hdev->discov_timeout = 0;
3175 hci_dev_unlock(hdev);
3177 hci_req_sync(hdev, discoverable_update, 0, HCI_CMD_TIMEOUT, NULL);
3178 mgmt_new_settings(hdev);
3181 static int powered_update_hci(struct hci_request *req, unsigned long opt)
3183 struct hci_dev *hdev = req->hdev;
3188 if (hci_dev_test_flag(hdev, HCI_SSP_ENABLED) &&
3189 !lmp_host_ssp_capable(hdev)) {
3192 hci_req_add(req, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
3194 if (bredr_sc_enabled(hdev) && !lmp_host_sc_capable(hdev)) {
3197 hci_req_add(req, HCI_OP_WRITE_SC_SUPPORT,
3198 sizeof(support), &support);
3202 if (hci_dev_test_flag(hdev, HCI_LE_ENABLED) &&
3203 lmp_bredr_capable(hdev)) {
3204 struct hci_cp_write_le_host_supported cp;
3209 /* Check first if we already have the right
3210 * host state (host features set)
3212 if (cp.le != lmp_host_le_capable(hdev) ||
3213 cp.simul != lmp_host_le_br_capable(hdev))
3214 hci_req_add(req, HCI_OP_WRITE_LE_HOST_SUPPORTED,
3218 if (hci_dev_test_flag(hdev, HCI_LE_ENABLED)) {
3219 /* Make sure the controller has a good default for
3220 * advertising data. This also applies to the case
3221 * where BR/EDR was toggled during the AUTO_OFF phase.
3223 if (hci_dev_test_flag(hdev, HCI_ADVERTISING) ||
3224 list_empty(&hdev->adv_instances)) {
3227 if (ext_adv_capable(hdev)) {
3228 err = __hci_req_setup_ext_adv_instance(req,
3231 __hci_req_update_scan_rsp_data(req,
3235 __hci_req_update_adv_data(req, 0x00);
3236 __hci_req_update_scan_rsp_data(req, 0x00);
3239 if (hci_dev_test_flag(hdev, HCI_ADVERTISING)) {
3240 if (!ext_adv_capable(hdev))
3241 __hci_req_enable_advertising(req);
3243 __hci_req_enable_ext_advertising(req,
3246 } else if (!list_empty(&hdev->adv_instances)) {
3247 struct adv_info *adv_instance;
3249 adv_instance = list_first_entry(&hdev->adv_instances,
3250 struct adv_info, list);
3251 __hci_req_schedule_adv_instance(req,
3252 adv_instance->instance,
3257 link_sec = hci_dev_test_flag(hdev, HCI_LINK_SECURITY);
3258 if (link_sec != test_bit(HCI_AUTH, &hdev->flags))
3259 hci_req_add(req, HCI_OP_WRITE_AUTH_ENABLE,
3260 sizeof(link_sec), &link_sec);
3262 if (lmp_bredr_capable(hdev)) {
3263 if (hci_dev_test_flag(hdev, HCI_FAST_CONNECTABLE))
3264 __hci_req_write_fast_connectable(req, true);
3266 __hci_req_write_fast_connectable(req, false);
3267 __hci_req_update_scan(req);
3268 __hci_req_update_class(req);
3269 __hci_req_update_name(req);
3270 __hci_req_update_eir(req);
3273 hci_dev_unlock(hdev);
3277 int __hci_req_hci_power_on(struct hci_dev *hdev)
3279 /* Register the available SMP channels (BR/EDR and LE) only when
3280 * successfully powering on the controller. This late
3281 * registration is required so that LE SMP can clearly decide if
3282 * the public address or static address is used.
3286 return __hci_req_sync(hdev, powered_update_hci, 0, HCI_CMD_TIMEOUT,
3290 void hci_request_setup(struct hci_dev *hdev)
3292 INIT_WORK(&hdev->discov_update, discov_update);
3293 INIT_WORK(&hdev->bg_scan_update, bg_scan_update);
3294 INIT_WORK(&hdev->scan_update, scan_update_work);
3295 INIT_WORK(&hdev->connectable_update, connectable_update_work);
3296 INIT_WORK(&hdev->discoverable_update, discoverable_update_work);
3297 INIT_DELAYED_WORK(&hdev->discov_off, discov_off);
3298 INIT_DELAYED_WORK(&hdev->le_scan_disable, le_scan_disable_work);
3299 INIT_DELAYED_WORK(&hdev->le_scan_restart, le_scan_restart_work);
3300 INIT_DELAYED_WORK(&hdev->adv_instance_expire, adv_timeout_expire);
3303 void hci_request_cancel_all(struct hci_dev *hdev)
3305 hci_req_sync_cancel(hdev, ENODEV);
3307 cancel_work_sync(&hdev->discov_update);
3308 cancel_work_sync(&hdev->bg_scan_update);
3309 cancel_work_sync(&hdev->scan_update);
3310 cancel_work_sync(&hdev->connectable_update);
3311 cancel_work_sync(&hdev->discoverable_update);
3312 cancel_delayed_work_sync(&hdev->discov_off);
3313 cancel_delayed_work_sync(&hdev->le_scan_disable);
3314 cancel_delayed_work_sync(&hdev->le_scan_restart);
3316 if (hdev->adv_instance_timeout) {
3317 cancel_delayed_work_sync(&hdev->adv_instance_expire);
3318 hdev->adv_instance_timeout = 0;
projects / linux-2.6-microblaze.git / blob