1 /* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (C) 2000-2001 Qualcomm Incorporated 4 5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 6 7 This program is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License version 2 as 9 published by the Free Software Foundation; 10 11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 22 SOFTWARE IS DISCLAIMED. 23 */ 24 25 /* Bluetooth HCI event handling. */ 26 27 #include <linux/module.h> 28 29 #include <linux/types.h> 30 #include <linux/errno.h> 31 #include <linux/kernel.h> 32 #include <linux/slab.h> 33 #include <linux/poll.h> 34 #include <linux/fcntl.h> 35 #include <linux/init.h> 36 #include <linux/skbuff.h> 37 #include <linux/interrupt.h> 38 #include <linux/notifier.h> 39 #include <net/sock.h> 40 41 #include <asm/system.h> 42 #include <asm/uaccess.h> 43 #include <asm/unaligned.h> 44 45 #include <net/bluetooth/bluetooth.h> 46 #include <net/bluetooth/hci_core.h> 47 48 /* Handle HCI Event packets */ 49 50 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb) 51 { 52 __u8 status = *((__u8 *) skb->data); 53 54 BT_DBG("%s status 0x%x", hdev->name, status); 55 56 if (status) 57 return; 58 59 clear_bit(HCI_INQUIRY, &hdev->flags); 60 61 hci_req_complete(hdev, status); 62 63 hci_conn_check_pending(hdev); 64 } 65 66 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb) 67 { 68 __u8 status = *((__u8 *) skb->data); 69 70 BT_DBG("%s status 0x%x", hdev->name, status); 71 72 if (status) 73 return; 74 75 clear_bit(HCI_INQUIRY, &hdev->flags); 76 77 hci_conn_check_pending(hdev); 78 } 79 80 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb) 81 { 82 BT_DBG("%s", hdev->name); 83 } 84 85 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb) 86 { 87 struct hci_rp_role_discovery *rp = (void *) skb->data; 88 struct hci_conn *conn; 89 90 BT_DBG("%s status 0x%x", hdev->name, rp->status); 91 92 if (rp->status) 93 return; 94 95 hci_dev_lock(hdev); 96 97 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); 98 if (conn) { 99 if (rp->role) 100 conn->link_mode &= ~HCI_LM_MASTER; 101 else 102 conn->link_mode |= HCI_LM_MASTER; 103 } 104 105 hci_dev_unlock(hdev); 106 } 107 108 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb) 109 { 110 struct hci_rp_read_link_policy *rp = (void *) skb->data; 111 struct hci_conn *conn; 112 113 BT_DBG("%s status 0x%x", hdev->name, rp->status); 114 115 if (rp->status) 116 return; 117 118 hci_dev_lock(hdev); 119 120 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); 121 if (conn) 122 conn->link_policy = __le16_to_cpu(rp->policy); 123 124 hci_dev_unlock(hdev); 125 } 126 127 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb) 128 { 129 struct hci_rp_write_link_policy *rp = (void *) skb->data; 130 struct hci_conn *conn; 131 void *sent; 132 133 BT_DBG("%s status 0x%x", hdev->name, rp->status); 134 135 if (rp->status) 136 return; 137 138 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY); 139 if (!sent) 140 return; 141 142 hci_dev_lock(hdev); 143 144 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); 145 if (conn) 146 conn->link_policy = get_unaligned_le16(sent + 2); 147 148 hci_dev_unlock(hdev); 149 } 150 151 static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb) 152 { 153 struct hci_rp_read_def_link_policy *rp = (void *) skb->data; 154 155 BT_DBG("%s status 0x%x", hdev->name, rp->status); 156 157 if (rp->status) 158 return; 159 160 hdev->link_policy = __le16_to_cpu(rp->policy); 161 } 162 163 static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb) 164 { 165 __u8 status = *((__u8 *) skb->data); 166 void *sent; 167 168 BT_DBG("%s status 0x%x", hdev->name, status); 169 170 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY); 171 if (!sent) 172 return; 173 174 if (!status) 175 hdev->link_policy = get_unaligned_le16(sent); 176 177 hci_req_complete(hdev, status); 178 } 179 180 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb) 181 { 182 __u8 status = *((__u8 *) skb->data); 183 184 BT_DBG("%s status 0x%x", hdev->name, status); 185 186 hci_req_complete(hdev, status); 187 } 188 189 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb) 190 { 191 __u8 status = *((__u8 *) skb->data); 192 void *sent; 193 194 BT_DBG("%s status 0x%x", hdev->name, status); 195 196 if (status) 197 return; 198 199 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME); 200 if (!sent) 201 return; 202 203 memcpy(hdev->dev_name, sent, 248); 204 } 205 206 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb) 207 { 208 struct hci_rp_read_local_name *rp = (void *) skb->data; 209 210 BT_DBG("%s status 0x%x", hdev->name, rp->status); 211 212 if (rp->status) 213 return; 214 215 memcpy(hdev->dev_name, rp->name, 248); 216 } 217 218 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb) 219 { 220 __u8 status = *((__u8 *) skb->data); 221 void *sent; 222 223 BT_DBG("%s status 0x%x", hdev->name, status); 224 225 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE); 226 if (!sent) 227 return; 228 229 if (!status) { 230 __u8 param = *((__u8 *) sent); 231 232 if (param == AUTH_ENABLED) 233 set_bit(HCI_AUTH, &hdev->flags); 234 else 235 clear_bit(HCI_AUTH, &hdev->flags); 236 } 237 238 hci_req_complete(hdev, status); 239 } 240 241 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb) 242 { 243 __u8 status = *((__u8 *) skb->data); 244 void *sent; 245 246 BT_DBG("%s status 0x%x", hdev->name, status); 247 248 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE); 249 if (!sent) 250 return; 251 252 if (!status) { 253 __u8 param = *((__u8 *) sent); 254 255 if (param) 256 set_bit(HCI_ENCRYPT, &hdev->flags); 257 else 258 clear_bit(HCI_ENCRYPT, &hdev->flags); 259 } 260 261 hci_req_complete(hdev, status); 262 } 263 264 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb) 265 { 266 __u8 status = *((__u8 *) skb->data); 267 void *sent; 268 269 BT_DBG("%s status 0x%x", hdev->name, status); 270 271 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE); 272 if (!sent) 273 return; 274 275 if (!status) { 276 __u8 param = *((__u8 *) sent); 277 278 clear_bit(HCI_PSCAN, &hdev->flags); 279 clear_bit(HCI_ISCAN, &hdev->flags); 280 281 if (param & SCAN_INQUIRY) 282 set_bit(HCI_ISCAN, &hdev->flags); 283 284 if (param & SCAN_PAGE) 285 set_bit(HCI_PSCAN, &hdev->flags); 286 } 287 288 hci_req_complete(hdev, status); 289 } 290 291 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb) 292 { 293 struct hci_rp_read_class_of_dev *rp = (void *) skb->data; 294 295 BT_DBG("%s status 0x%x", hdev->name, rp->status); 296 297 if (rp->status) 298 return; 299 300 memcpy(hdev->dev_class, rp->dev_class, 3); 301 302 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name, 303 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]); 304 } 305 306 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb) 307 { 308 __u8 status = *((__u8 *) skb->data); 309 void *sent; 310 311 BT_DBG("%s status 0x%x", hdev->name, status); 312 313 if (status) 314 return; 315 316 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV); 317 if (!sent) 318 return; 319 320 memcpy(hdev->dev_class, sent, 3); 321 } 322 323 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb) 324 { 325 struct hci_rp_read_voice_setting *rp = (void *) skb->data; 326 __u16 setting; 327 328 BT_DBG("%s status 0x%x", hdev->name, rp->status); 329 330 if (rp->status) 331 return; 332 333 setting = __le16_to_cpu(rp->voice_setting); 334 335 if (hdev->voice_setting == setting) 336 return; 337 338 hdev->voice_setting = setting; 339 340 BT_DBG("%s voice setting 0x%04x", hdev->name, setting); 341 342 if (hdev->notify) { 343 tasklet_disable(&hdev->tx_task); 344 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING); 345 tasklet_enable(&hdev->tx_task); 346 } 347 } 348 349 static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb) 350 { 351 __u8 status = *((__u8 *) skb->data); 352 __u16 setting; 353 void *sent; 354 355 BT_DBG("%s status 0x%x", hdev->name, status); 356 357 if (status) 358 return; 359 360 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING); 361 if (!sent) 362 return; 363 364 setting = get_unaligned_le16(sent); 365 366 if (hdev->voice_setting == setting) 367 return; 368 369 hdev->voice_setting = setting; 370 371 BT_DBG("%s voice setting 0x%04x", hdev->name, setting); 372 373 if (hdev->notify) { 374 tasklet_disable(&hdev->tx_task); 375 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING); 376 tasklet_enable(&hdev->tx_task); 377 } 378 } 379 380 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb) 381 { 382 __u8 status = *((__u8 *) skb->data); 383 384 BT_DBG("%s status 0x%x", hdev->name, status); 385 386 hci_req_complete(hdev, status); 387 } 388 389 static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb) 390 { 391 struct hci_rp_read_ssp_mode *rp = (void *) skb->data; 392 393 BT_DBG("%s status 0x%x", hdev->name, rp->status); 394 395 if (rp->status) 396 return; 397 398 hdev->ssp_mode = rp->mode; 399 } 400 401 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb) 402 { 403 __u8 status = *((__u8 *) skb->data); 404 void *sent; 405 406 BT_DBG("%s status 0x%x", hdev->name, status); 407 408 if (status) 409 return; 410 411 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE); 412 if (!sent) 413 return; 414 415 hdev->ssp_mode = *((__u8 *) sent); 416 } 417 418 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb) 419 { 420 struct hci_rp_read_local_version *rp = (void *) skb->data; 421 422 BT_DBG("%s status 0x%x", hdev->name, rp->status); 423 424 if (rp->status) 425 return; 426 427 hdev->hci_ver = rp->hci_ver; 428 hdev->hci_rev = __le16_to_cpu(rp->hci_rev); 429 hdev->manufacturer = __le16_to_cpu(rp->manufacturer); 430 431 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name, 432 hdev->manufacturer, 433 hdev->hci_ver, hdev->hci_rev); 434 } 435 436 static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb) 437 { 438 struct hci_rp_read_local_commands *rp = (void *) skb->data; 439 440 BT_DBG("%s status 0x%x", hdev->name, rp->status); 441 442 if (rp->status) 443 return; 444 445 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands)); 446 } 447 448 static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb) 449 { 450 struct hci_rp_read_local_features *rp = (void *) skb->data; 451 452 BT_DBG("%s status 0x%x", hdev->name, rp->status); 453 454 if (rp->status) 455 return; 456 457 memcpy(hdev->features, rp->features, 8); 458 459 /* Adjust default settings according to features 460 * supported by device. */ 461 462 if (hdev->features[0] & LMP_3SLOT) 463 hdev->pkt_type |= (HCI_DM3 | HCI_DH3); 464 465 if (hdev->features[0] & LMP_5SLOT) 466 hdev->pkt_type |= (HCI_DM5 | HCI_DH5); 467 468 if (hdev->features[1] & LMP_HV2) { 469 hdev->pkt_type |= (HCI_HV2); 470 hdev->esco_type |= (ESCO_HV2); 471 } 472 473 if (hdev->features[1] & LMP_HV3) { 474 hdev->pkt_type |= (HCI_HV3); 475 hdev->esco_type |= (ESCO_HV3); 476 } 477 478 if (hdev->features[3] & LMP_ESCO) 479 hdev->esco_type |= (ESCO_EV3); 480 481 if (hdev->features[4] & LMP_EV4) 482 hdev->esco_type |= (ESCO_EV4); 483 484 if (hdev->features[4] & LMP_EV5) 485 hdev->esco_type |= (ESCO_EV5); 486 487 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name, 488 hdev->features[0], hdev->features[1], 489 hdev->features[2], hdev->features[3], 490 hdev->features[4], hdev->features[5], 491 hdev->features[6], hdev->features[7]); 492 } 493 494 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb) 495 { 496 struct hci_rp_read_buffer_size *rp = (void *) skb->data; 497 498 BT_DBG("%s status 0x%x", hdev->name, rp->status); 499 500 if (rp->status) 501 return; 502 503 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu); 504 hdev->sco_mtu = rp->sco_mtu; 505 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt); 506 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt); 507 508 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) { 509 hdev->sco_mtu = 64; 510 hdev->sco_pkts = 8; 511 } 512 513 hdev->acl_cnt = hdev->acl_pkts; 514 hdev->sco_cnt = hdev->sco_pkts; 515 516 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, 517 hdev->acl_mtu, hdev->acl_pkts, 518 hdev->sco_mtu, hdev->sco_pkts); 519 } 520 521 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb) 522 { 523 struct hci_rp_read_bd_addr *rp = (void *) skb->data; 524 525 BT_DBG("%s status 0x%x", hdev->name, rp->status); 526 527 if (!rp->status) 528 bacpy(&hdev->bdaddr, &rp->bdaddr); 529 530 hci_req_complete(hdev, rp->status); 531 } 532 533 static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status) 534 { 535 BT_DBG("%s status 0x%x", hdev->name, status); 536 537 if (status) { 538 hci_req_complete(hdev, status); 539 540 hci_conn_check_pending(hdev); 541 } else 542 set_bit(HCI_INQUIRY, &hdev->flags); 543 } 544 545 static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status) 546 { 547 struct hci_cp_create_conn *cp; 548 struct hci_conn *conn; 549 550 BT_DBG("%s status 0x%x", hdev->name, status); 551 552 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN); 553 if (!cp) 554 return; 555 556 hci_dev_lock(hdev); 557 558 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); 559 560 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn); 561 562 if (status) { 563 if (conn && conn->state == BT_CONNECT) { 564 if (status != 0x0c || conn->attempt > 2) { 565 conn->state = BT_CLOSED; 566 hci_proto_connect_cfm(conn, status); 567 hci_conn_del(conn); 568 } else 569 conn->state = BT_CONNECT2; 570 } 571 } else { 572 if (!conn) { 573 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr); 574 if (conn) { 575 conn->out = 1; 576 conn->link_mode |= HCI_LM_MASTER; 577 } else 578 BT_ERR("No memmory for new connection"); 579 } 580 } 581 582 hci_dev_unlock(hdev); 583 } 584 585 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status) 586 { 587 struct hci_cp_add_sco *cp; 588 struct hci_conn *acl, *sco; 589 __u16 handle; 590 591 BT_DBG("%s status 0x%x", hdev->name, status); 592 593 if (!status) 594 return; 595 596 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO); 597 if (!cp) 598 return; 599 600 handle = __le16_to_cpu(cp->handle); 601 602 BT_DBG("%s handle %d", hdev->name, handle); 603 604 hci_dev_lock(hdev); 605 606 acl = hci_conn_hash_lookup_handle(hdev, handle); 607 if (acl && (sco = acl->link)) { 608 sco->state = BT_CLOSED; 609 610 hci_proto_connect_cfm(sco, status); 611 hci_conn_del(sco); 612 } 613 614 hci_dev_unlock(hdev); 615 } 616 617 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status) 618 { 619 struct hci_cp_auth_requested *cp; 620 struct hci_conn *conn; 621 622 BT_DBG("%s status 0x%x", hdev->name, status); 623 624 if (!status) 625 return; 626 627 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED); 628 if (!cp) 629 return; 630 631 hci_dev_lock(hdev); 632 633 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 634 if (conn) { 635 if (conn->state == BT_CONFIG) { 636 hci_proto_connect_cfm(conn, status); 637 hci_conn_put(conn); 638 } 639 } 640 641 hci_dev_unlock(hdev); 642 } 643 644 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status) 645 { 646 struct hci_cp_set_conn_encrypt *cp; 647 struct hci_conn *conn; 648 649 BT_DBG("%s status 0x%x", hdev->name, status); 650 651 if (!status) 652 return; 653 654 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT); 655 if (!cp) 656 return; 657 658 hci_dev_lock(hdev); 659 660 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 661 if (conn) { 662 if (conn->state == BT_CONFIG) { 663 hci_proto_connect_cfm(conn, status); 664 hci_conn_put(conn); 665 } 666 } 667 668 hci_dev_unlock(hdev); 669 } 670 671 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status) 672 { 673 BT_DBG("%s status 0x%x", hdev->name, status); 674 } 675 676 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status) 677 { 678 struct hci_cp_read_remote_features *cp; 679 struct hci_conn *conn; 680 681 BT_DBG("%s status 0x%x", hdev->name, status); 682 683 if (!status) 684 return; 685 686 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES); 687 if (!cp) 688 return; 689 690 hci_dev_lock(hdev); 691 692 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 693 if (conn) { 694 if (conn->state == BT_CONFIG) { 695 hci_proto_connect_cfm(conn, status); 696 hci_conn_put(conn); 697 } 698 } 699 700 hci_dev_unlock(hdev); 701 } 702 703 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status) 704 { 705 struct hci_cp_read_remote_ext_features *cp; 706 struct hci_conn *conn; 707 708 BT_DBG("%s status 0x%x", hdev->name, status); 709 710 if (!status) 711 return; 712 713 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES); 714 if (!cp) 715 return; 716 717 hci_dev_lock(hdev); 718 719 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 720 if (conn) { 721 if (conn->state == BT_CONFIG) { 722 hci_proto_connect_cfm(conn, status); 723 hci_conn_put(conn); 724 } 725 } 726 727 hci_dev_unlock(hdev); 728 } 729 730 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status) 731 { 732 struct hci_cp_setup_sync_conn *cp; 733 struct hci_conn *acl, *sco; 734 __u16 handle; 735 736 BT_DBG("%s status 0x%x", hdev->name, status); 737 738 if (!status) 739 return; 740 741 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN); 742 if (!cp) 743 return; 744 745 handle = __le16_to_cpu(cp->handle); 746 747 BT_DBG("%s handle %d", hdev->name, handle); 748 749 hci_dev_lock(hdev); 750 751 acl = hci_conn_hash_lookup_handle(hdev, handle); 752 if (acl && (sco = acl->link)) { 753 sco->state = BT_CLOSED; 754 755 hci_proto_connect_cfm(sco, status); 756 hci_conn_del(sco); 757 } 758 759 hci_dev_unlock(hdev); 760 } 761 762 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status) 763 { 764 struct hci_cp_sniff_mode *cp; 765 struct hci_conn *conn; 766 767 BT_DBG("%s status 0x%x", hdev->name, status); 768 769 if (!status) 770 return; 771 772 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE); 773 if (!cp) 774 return; 775 776 hci_dev_lock(hdev); 777 778 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 779 if (conn) 780 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend); 781 782 hci_dev_unlock(hdev); 783 } 784 785 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status) 786 { 787 struct hci_cp_exit_sniff_mode *cp; 788 struct hci_conn *conn; 789 790 BT_DBG("%s status 0x%x", hdev->name, status); 791 792 if (!status) 793 return; 794 795 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE); 796 if (!cp) 797 return; 798 799 hci_dev_lock(hdev); 800 801 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); 802 if (conn) 803 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend); 804 805 hci_dev_unlock(hdev); 806 } 807 808 static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 809 { 810 __u8 status = *((__u8 *) skb->data); 811 812 BT_DBG("%s status %d", hdev->name, status); 813 814 clear_bit(HCI_INQUIRY, &hdev->flags); 815 816 hci_req_complete(hdev, status); 817 818 hci_conn_check_pending(hdev); 819 } 820 821 static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb) 822 { 823 struct inquiry_data data; 824 struct inquiry_info *info = (void *) (skb->data + 1); 825 int num_rsp = *((__u8 *) skb->data); 826 827 BT_DBG("%s num_rsp %d", hdev->name, num_rsp); 828 829 if (!num_rsp) 830 return; 831 832 hci_dev_lock(hdev); 833 834 for (; num_rsp; num_rsp--) { 835 bacpy(&data.bdaddr, &info->bdaddr); 836 data.pscan_rep_mode = info->pscan_rep_mode; 837 data.pscan_period_mode = info->pscan_period_mode; 838 data.pscan_mode = info->pscan_mode; 839 memcpy(data.dev_class, info->dev_class, 3); 840 data.clock_offset = info->clock_offset; 841 data.rssi = 0x00; 842 data.ssp_mode = 0x00; 843 info++; 844 hci_inquiry_cache_update(hdev, &data); 845 } 846 847 hci_dev_unlock(hdev); 848 } 849 850 static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 851 { 852 struct hci_ev_conn_complete *ev = (void *) skb->data; 853 struct hci_conn *conn; 854 855 BT_DBG("%s", hdev->name); 856 857 hci_dev_lock(hdev); 858 859 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr); 860 if (!conn) 861 goto unlock; 862 863 if (!ev->status) { 864 conn->handle = __le16_to_cpu(ev->handle); 865 866 if (conn->type == ACL_LINK) { 867 conn->state = BT_CONFIG; 868 hci_conn_hold(conn); 869 } else 870 conn->state = BT_CONNECTED; 871 872 hci_conn_add_sysfs(conn); 873 874 if (test_bit(HCI_AUTH, &hdev->flags)) 875 conn->link_mode |= HCI_LM_AUTH; 876 877 if (test_bit(HCI_ENCRYPT, &hdev->flags)) 878 conn->link_mode |= HCI_LM_ENCRYPT; 879 880 /* Get remote features */ 881 if (conn->type == ACL_LINK) { 882 struct hci_cp_read_remote_features cp; 883 cp.handle = ev->handle; 884 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES, 885 sizeof(cp), &cp); 886 } 887 888 /* Set packet type for incoming connection */ 889 if (!conn->out && hdev->hci_ver < 3) { 890 struct hci_cp_change_conn_ptype cp; 891 cp.handle = ev->handle; 892 cp.pkt_type = cpu_to_le16(conn->pkt_type); 893 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, 894 sizeof(cp), &cp); 895 } 896 } else 897 conn->state = BT_CLOSED; 898 899 if (conn->type == ACL_LINK) { 900 struct hci_conn *sco = conn->link; 901 if (sco) { 902 if (!ev->status) { 903 if (lmp_esco_capable(hdev)) 904 hci_setup_sync(sco, conn->handle); 905 else 906 hci_add_sco(sco, conn->handle); 907 } else { 908 hci_proto_connect_cfm(sco, ev->status); 909 hci_conn_del(sco); 910 } 911 } 912 } 913 914 if (ev->status) { 915 hci_proto_connect_cfm(conn, ev->status); 916 hci_conn_del(conn); 917 } 918 919 unlock: 920 hci_dev_unlock(hdev); 921 922 hci_conn_check_pending(hdev); 923 } 924 925 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb) 926 { 927 struct hci_ev_conn_request *ev = (void *) skb->data; 928 int mask = hdev->link_mode; 929 930 BT_DBG("%s bdaddr %s type 0x%x", hdev->name, 931 batostr(&ev->bdaddr), ev->link_type); 932 933 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type); 934 935 if (mask & HCI_LM_ACCEPT) { 936 /* Connection accepted */ 937 struct inquiry_entry *ie; 938 struct hci_conn *conn; 939 940 hci_dev_lock(hdev); 941 942 if ((ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr))) 943 memcpy(ie->data.dev_class, ev->dev_class, 3); 944 945 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr); 946 if (!conn) { 947 if (!(conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr))) { 948 BT_ERR("No memmory for new connection"); 949 hci_dev_unlock(hdev); 950 return; 951 } 952 } 953 954 memcpy(conn->dev_class, ev->dev_class, 3); 955 conn->state = BT_CONNECT; 956 957 hci_dev_unlock(hdev); 958 959 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) { 960 struct hci_cp_accept_conn_req cp; 961 962 bacpy(&cp.bdaddr, &ev->bdaddr); 963 964 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER)) 965 cp.role = 0x00; /* Become master */ 966 else 967 cp.role = 0x01; /* Remain slave */ 968 969 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, 970 sizeof(cp), &cp); 971 } else { 972 struct hci_cp_accept_sync_conn_req cp; 973 974 bacpy(&cp.bdaddr, &ev->bdaddr); 975 cp.pkt_type = cpu_to_le16(conn->pkt_type); 976 977 cp.tx_bandwidth = cpu_to_le32(0x00001f40); 978 cp.rx_bandwidth = cpu_to_le32(0x00001f40); 979 cp.max_latency = cpu_to_le16(0xffff); 980 cp.content_format = cpu_to_le16(hdev->voice_setting); 981 cp.retrans_effort = 0xff; 982 983 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ, 984 sizeof(cp), &cp); 985 } 986 } else { 987 /* Connection rejected */ 988 struct hci_cp_reject_conn_req cp; 989 990 bacpy(&cp.bdaddr, &ev->bdaddr); 991 cp.reason = 0x0f; 992 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp); 993 } 994 } 995 996 static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 997 { 998 struct hci_ev_disconn_complete *ev = (void *) skb->data; 999 struct hci_conn *conn; 1000 1001 BT_DBG("%s status %d", hdev->name, ev->status); 1002 1003 if (ev->status) 1004 return; 1005 1006 hci_dev_lock(hdev); 1007 1008 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1009 if (conn) { 1010 conn->state = BT_CLOSED; 1011 1012 hci_conn_del_sysfs(conn); 1013 1014 hci_proto_disconn_ind(conn, ev->reason); 1015 hci_conn_del(conn); 1016 } 1017 1018 hci_dev_unlock(hdev); 1019 } 1020 1021 static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1022 { 1023 struct hci_ev_auth_complete *ev = (void *) skb->data; 1024 struct hci_conn *conn; 1025 1026 BT_DBG("%s status %d", hdev->name, ev->status); 1027 1028 hci_dev_lock(hdev); 1029 1030 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1031 if (conn) { 1032 if (!ev->status) 1033 conn->link_mode |= HCI_LM_AUTH; 1034 1035 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend); 1036 1037 if (conn->state == BT_CONFIG) { 1038 if (!ev->status && hdev->ssp_mode > 0 && 1039 conn->ssp_mode > 0) { 1040 struct hci_cp_set_conn_encrypt cp; 1041 cp.handle = ev->handle; 1042 cp.encrypt = 0x01; 1043 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, 1044 sizeof(cp), &cp); 1045 } else { 1046 conn->state = BT_CONNECTED; 1047 hci_proto_connect_cfm(conn, ev->status); 1048 hci_conn_put(conn); 1049 } 1050 } else 1051 hci_auth_cfm(conn, ev->status); 1052 1053 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) { 1054 if (!ev->status) { 1055 struct hci_cp_set_conn_encrypt cp; 1056 cp.handle = ev->handle; 1057 cp.encrypt = 0x01; 1058 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, 1059 sizeof(cp), &cp); 1060 } else { 1061 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend); 1062 hci_encrypt_cfm(conn, ev->status, 0x00); 1063 } 1064 } 1065 } 1066 1067 hci_dev_unlock(hdev); 1068 } 1069 1070 static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb) 1071 { 1072 BT_DBG("%s", hdev->name); 1073 1074 hci_conn_check_pending(hdev); 1075 } 1076 1077 static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb) 1078 { 1079 struct hci_ev_encrypt_change *ev = (void *) skb->data; 1080 struct hci_conn *conn; 1081 1082 BT_DBG("%s status %d", hdev->name, ev->status); 1083 1084 hci_dev_lock(hdev); 1085 1086 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1087 if (conn) { 1088 if (!ev->status) { 1089 if (ev->encrypt) { 1090 /* Encryption implies authentication */ 1091 conn->link_mode |= HCI_LM_AUTH; 1092 conn->link_mode |= HCI_LM_ENCRYPT; 1093 } else 1094 conn->link_mode &= ~HCI_LM_ENCRYPT; 1095 } 1096 1097 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend); 1098 1099 if (conn->state == BT_CONFIG) { 1100 if (!ev->status) 1101 conn->state = BT_CONNECTED; 1102 1103 hci_proto_connect_cfm(conn, ev->status); 1104 hci_conn_put(conn); 1105 } else 1106 hci_encrypt_cfm(conn, ev->status, ev->encrypt); 1107 } 1108 1109 hci_dev_unlock(hdev); 1110 } 1111 1112 static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1113 { 1114 struct hci_ev_change_link_key_complete *ev = (void *) skb->data; 1115 struct hci_conn *conn; 1116 1117 BT_DBG("%s status %d", hdev->name, ev->status); 1118 1119 hci_dev_lock(hdev); 1120 1121 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1122 if (conn) { 1123 if (!ev->status) 1124 conn->link_mode |= HCI_LM_SECURE; 1125 1126 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend); 1127 1128 hci_key_change_cfm(conn, ev->status); 1129 } 1130 1131 hci_dev_unlock(hdev); 1132 } 1133 1134 static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb) 1135 { 1136 struct hci_ev_remote_features *ev = (void *) skb->data; 1137 struct hci_conn *conn; 1138 1139 BT_DBG("%s status %d", hdev->name, ev->status); 1140 1141 hci_dev_lock(hdev); 1142 1143 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1144 if (conn) { 1145 if (!ev->status) 1146 memcpy(conn->features, ev->features, 8); 1147 1148 if (conn->state == BT_CONFIG) { 1149 if (!ev->status && lmp_ssp_capable(hdev) && 1150 lmp_ssp_capable(conn)) { 1151 struct hci_cp_read_remote_ext_features cp; 1152 cp.handle = ev->handle; 1153 cp.page = 0x01; 1154 hci_send_cmd(hdev, 1155 HCI_OP_READ_REMOTE_EXT_FEATURES, 1156 sizeof(cp), &cp); 1157 } else { 1158 conn->state = BT_CONNECTED; 1159 hci_proto_connect_cfm(conn, ev->status); 1160 hci_conn_put(conn); 1161 } 1162 } 1163 } 1164 1165 hci_dev_unlock(hdev); 1166 } 1167 1168 static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb) 1169 { 1170 BT_DBG("%s", hdev->name); 1171 } 1172 1173 static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1174 { 1175 BT_DBG("%s", hdev->name); 1176 } 1177 1178 static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1179 { 1180 struct hci_ev_cmd_complete *ev = (void *) skb->data; 1181 __u16 opcode; 1182 1183 skb_pull(skb, sizeof(*ev)); 1184 1185 opcode = __le16_to_cpu(ev->opcode); 1186 1187 switch (opcode) { 1188 case HCI_OP_INQUIRY_CANCEL: 1189 hci_cc_inquiry_cancel(hdev, skb); 1190 break; 1191 1192 case HCI_OP_EXIT_PERIODIC_INQ: 1193 hci_cc_exit_periodic_inq(hdev, skb); 1194 break; 1195 1196 case HCI_OP_REMOTE_NAME_REQ_CANCEL: 1197 hci_cc_remote_name_req_cancel(hdev, skb); 1198 break; 1199 1200 case HCI_OP_ROLE_DISCOVERY: 1201 hci_cc_role_discovery(hdev, skb); 1202 break; 1203 1204 case HCI_OP_READ_LINK_POLICY: 1205 hci_cc_read_link_policy(hdev, skb); 1206 break; 1207 1208 case HCI_OP_WRITE_LINK_POLICY: 1209 hci_cc_write_link_policy(hdev, skb); 1210 break; 1211 1212 case HCI_OP_READ_DEF_LINK_POLICY: 1213 hci_cc_read_def_link_policy(hdev, skb); 1214 break; 1215 1216 case HCI_OP_WRITE_DEF_LINK_POLICY: 1217 hci_cc_write_def_link_policy(hdev, skb); 1218 break; 1219 1220 case HCI_OP_RESET: 1221 hci_cc_reset(hdev, skb); 1222 break; 1223 1224 case HCI_OP_WRITE_LOCAL_NAME: 1225 hci_cc_write_local_name(hdev, skb); 1226 break; 1227 1228 case HCI_OP_READ_LOCAL_NAME: 1229 hci_cc_read_local_name(hdev, skb); 1230 break; 1231 1232 case HCI_OP_WRITE_AUTH_ENABLE: 1233 hci_cc_write_auth_enable(hdev, skb); 1234 break; 1235 1236 case HCI_OP_WRITE_ENCRYPT_MODE: 1237 hci_cc_write_encrypt_mode(hdev, skb); 1238 break; 1239 1240 case HCI_OP_WRITE_SCAN_ENABLE: 1241 hci_cc_write_scan_enable(hdev, skb); 1242 break; 1243 1244 case HCI_OP_READ_CLASS_OF_DEV: 1245 hci_cc_read_class_of_dev(hdev, skb); 1246 break; 1247 1248 case HCI_OP_WRITE_CLASS_OF_DEV: 1249 hci_cc_write_class_of_dev(hdev, skb); 1250 break; 1251 1252 case HCI_OP_READ_VOICE_SETTING: 1253 hci_cc_read_voice_setting(hdev, skb); 1254 break; 1255 1256 case HCI_OP_WRITE_VOICE_SETTING: 1257 hci_cc_write_voice_setting(hdev, skb); 1258 break; 1259 1260 case HCI_OP_HOST_BUFFER_SIZE: 1261 hci_cc_host_buffer_size(hdev, skb); 1262 break; 1263 1264 case HCI_OP_READ_SSP_MODE: 1265 hci_cc_read_ssp_mode(hdev, skb); 1266 break; 1267 1268 case HCI_OP_WRITE_SSP_MODE: 1269 hci_cc_write_ssp_mode(hdev, skb); 1270 break; 1271 1272 case HCI_OP_READ_LOCAL_VERSION: 1273 hci_cc_read_local_version(hdev, skb); 1274 break; 1275 1276 case HCI_OP_READ_LOCAL_COMMANDS: 1277 hci_cc_read_local_commands(hdev, skb); 1278 break; 1279 1280 case HCI_OP_READ_LOCAL_FEATURES: 1281 hci_cc_read_local_features(hdev, skb); 1282 break; 1283 1284 case HCI_OP_READ_BUFFER_SIZE: 1285 hci_cc_read_buffer_size(hdev, skb); 1286 break; 1287 1288 case HCI_OP_READ_BD_ADDR: 1289 hci_cc_read_bd_addr(hdev, skb); 1290 break; 1291 1292 default: 1293 BT_DBG("%s opcode 0x%x", hdev->name, opcode); 1294 break; 1295 } 1296 1297 if (ev->ncmd) { 1298 atomic_set(&hdev->cmd_cnt, 1); 1299 if (!skb_queue_empty(&hdev->cmd_q)) 1300 hci_sched_cmd(hdev); 1301 } 1302 } 1303 1304 static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb) 1305 { 1306 struct hci_ev_cmd_status *ev = (void *) skb->data; 1307 __u16 opcode; 1308 1309 skb_pull(skb, sizeof(*ev)); 1310 1311 opcode = __le16_to_cpu(ev->opcode); 1312 1313 switch (opcode) { 1314 case HCI_OP_INQUIRY: 1315 hci_cs_inquiry(hdev, ev->status); 1316 break; 1317 1318 case HCI_OP_CREATE_CONN: 1319 hci_cs_create_conn(hdev, ev->status); 1320 break; 1321 1322 case HCI_OP_ADD_SCO: 1323 hci_cs_add_sco(hdev, ev->status); 1324 break; 1325 1326 case HCI_OP_AUTH_REQUESTED: 1327 hci_cs_auth_requested(hdev, ev->status); 1328 break; 1329 1330 case HCI_OP_SET_CONN_ENCRYPT: 1331 hci_cs_set_conn_encrypt(hdev, ev->status); 1332 break; 1333 1334 case HCI_OP_REMOTE_NAME_REQ: 1335 hci_cs_remote_name_req(hdev, ev->status); 1336 break; 1337 1338 case HCI_OP_READ_REMOTE_FEATURES: 1339 hci_cs_read_remote_features(hdev, ev->status); 1340 break; 1341 1342 case HCI_OP_READ_REMOTE_EXT_FEATURES: 1343 hci_cs_read_remote_ext_features(hdev, ev->status); 1344 break; 1345 1346 case HCI_OP_SETUP_SYNC_CONN: 1347 hci_cs_setup_sync_conn(hdev, ev->status); 1348 break; 1349 1350 case HCI_OP_SNIFF_MODE: 1351 hci_cs_sniff_mode(hdev, ev->status); 1352 break; 1353 1354 case HCI_OP_EXIT_SNIFF_MODE: 1355 hci_cs_exit_sniff_mode(hdev, ev->status); 1356 break; 1357 1358 default: 1359 BT_DBG("%s opcode 0x%x", hdev->name, opcode); 1360 break; 1361 } 1362 1363 if (ev->ncmd) { 1364 atomic_set(&hdev->cmd_cnt, 1); 1365 if (!skb_queue_empty(&hdev->cmd_q)) 1366 hci_sched_cmd(hdev); 1367 } 1368 } 1369 1370 static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb) 1371 { 1372 struct hci_ev_role_change *ev = (void *) skb->data; 1373 struct hci_conn *conn; 1374 1375 BT_DBG("%s status %d", hdev->name, ev->status); 1376 1377 hci_dev_lock(hdev); 1378 1379 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 1380 if (conn) { 1381 if (!ev->status) { 1382 if (ev->role) 1383 conn->link_mode &= ~HCI_LM_MASTER; 1384 else 1385 conn->link_mode |= HCI_LM_MASTER; 1386 } 1387 1388 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend); 1389 1390 hci_role_switch_cfm(conn, ev->status, ev->role); 1391 } 1392 1393 hci_dev_unlock(hdev); 1394 } 1395 1396 static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb) 1397 { 1398 struct hci_ev_num_comp_pkts *ev = (void *) skb->data; 1399 __le16 *ptr; 1400 int i; 1401 1402 skb_pull(skb, sizeof(*ev)); 1403 1404 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl); 1405 1406 if (skb->len < ev->num_hndl * 4) { 1407 BT_DBG("%s bad parameters", hdev->name); 1408 return; 1409 } 1410 1411 tasklet_disable(&hdev->tx_task); 1412 1413 for (i = 0, ptr = (__le16 *) skb->data; i < ev->num_hndl; i++) { 1414 struct hci_conn *conn; 1415 __u16 handle, count; 1416 1417 handle = get_unaligned_le16(ptr++); 1418 count = get_unaligned_le16(ptr++); 1419 1420 conn = hci_conn_hash_lookup_handle(hdev, handle); 1421 if (conn) { 1422 conn->sent -= count; 1423 1424 if (conn->type == ACL_LINK) { 1425 if ((hdev->acl_cnt += count) > hdev->acl_pkts) 1426 hdev->acl_cnt = hdev->acl_pkts; 1427 } else { 1428 if ((hdev->sco_cnt += count) > hdev->sco_pkts) 1429 hdev->sco_cnt = hdev->sco_pkts; 1430 } 1431 } 1432 } 1433 1434 hci_sched_tx(hdev); 1435 1436 tasklet_enable(&hdev->tx_task); 1437 } 1438 1439 static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb) 1440 { 1441 struct hci_ev_mode_change *ev = (void *) skb->data; 1442 struct hci_conn *conn; 1443 1444 BT_DBG("%s status %d", hdev->name, ev->status); 1445 1446 hci_dev_lock(hdev); 1447 1448 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1449 if (conn) { 1450 conn->mode = ev->mode; 1451 conn->interval = __le16_to_cpu(ev->interval); 1452 1453 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) { 1454 if (conn->mode == HCI_CM_ACTIVE) 1455 conn->power_save = 1; 1456 else 1457 conn->power_save = 0; 1458 } 1459 } 1460 1461 hci_dev_unlock(hdev); 1462 } 1463 1464 static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb) 1465 { 1466 BT_DBG("%s", hdev->name); 1467 } 1468 1469 static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb) 1470 { 1471 BT_DBG("%s", hdev->name); 1472 } 1473 1474 static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb) 1475 { 1476 BT_DBG("%s", hdev->name); 1477 } 1478 1479 static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb) 1480 { 1481 struct hci_ev_clock_offset *ev = (void *) skb->data; 1482 struct hci_conn *conn; 1483 1484 BT_DBG("%s status %d", hdev->name, ev->status); 1485 1486 hci_dev_lock(hdev); 1487 1488 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1489 if (conn && !ev->status) { 1490 struct inquiry_entry *ie; 1491 1492 if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst))) { 1493 ie->data.clock_offset = ev->clock_offset; 1494 ie->timestamp = jiffies; 1495 } 1496 } 1497 1498 hci_dev_unlock(hdev); 1499 } 1500 1501 static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb) 1502 { 1503 struct hci_ev_pkt_type_change *ev = (void *) skb->data; 1504 struct hci_conn *conn; 1505 1506 BT_DBG("%s status %d", hdev->name, ev->status); 1507 1508 hci_dev_lock(hdev); 1509 1510 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1511 if (conn && !ev->status) 1512 conn->pkt_type = __le16_to_cpu(ev->pkt_type); 1513 1514 hci_dev_unlock(hdev); 1515 } 1516 1517 static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb) 1518 { 1519 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data; 1520 struct inquiry_entry *ie; 1521 1522 BT_DBG("%s", hdev->name); 1523 1524 hci_dev_lock(hdev); 1525 1526 if ((ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr))) { 1527 ie->data.pscan_rep_mode = ev->pscan_rep_mode; 1528 ie->timestamp = jiffies; 1529 } 1530 1531 hci_dev_unlock(hdev); 1532 } 1533 1534 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb) 1535 { 1536 struct inquiry_data data; 1537 int num_rsp = *((__u8 *) skb->data); 1538 1539 BT_DBG("%s num_rsp %d", hdev->name, num_rsp); 1540 1541 if (!num_rsp) 1542 return; 1543 1544 hci_dev_lock(hdev); 1545 1546 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) { 1547 struct inquiry_info_with_rssi_and_pscan_mode *info = (void *) (skb->data + 1); 1548 1549 for (; num_rsp; num_rsp--) { 1550 bacpy(&data.bdaddr, &info->bdaddr); 1551 data.pscan_rep_mode = info->pscan_rep_mode; 1552 data.pscan_period_mode = info->pscan_period_mode; 1553 data.pscan_mode = info->pscan_mode; 1554 memcpy(data.dev_class, info->dev_class, 3); 1555 data.clock_offset = info->clock_offset; 1556 data.rssi = info->rssi; 1557 data.ssp_mode = 0x00; 1558 info++; 1559 hci_inquiry_cache_update(hdev, &data); 1560 } 1561 } else { 1562 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1); 1563 1564 for (; num_rsp; num_rsp--) { 1565 bacpy(&data.bdaddr, &info->bdaddr); 1566 data.pscan_rep_mode = info->pscan_rep_mode; 1567 data.pscan_period_mode = info->pscan_period_mode; 1568 data.pscan_mode = 0x00; 1569 memcpy(data.dev_class, info->dev_class, 3); 1570 data.clock_offset = info->clock_offset; 1571 data.rssi = info->rssi; 1572 data.ssp_mode = 0x00; 1573 info++; 1574 hci_inquiry_cache_update(hdev, &data); 1575 } 1576 } 1577 1578 hci_dev_unlock(hdev); 1579 } 1580 1581 static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb) 1582 { 1583 struct hci_ev_remote_ext_features *ev = (void *) skb->data; 1584 struct hci_conn *conn; 1585 1586 BT_DBG("%s", hdev->name); 1587 1588 hci_dev_lock(hdev); 1589 1590 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1591 if (conn) { 1592 if (!ev->status && ev->page == 0x01) { 1593 struct inquiry_entry *ie; 1594 1595 if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst))) 1596 ie->data.ssp_mode = (ev->features[0] & 0x01); 1597 1598 conn->ssp_mode = (ev->features[0] & 0x01); 1599 } 1600 1601 if (conn->state == BT_CONFIG) { 1602 if (!ev->status && hdev->ssp_mode > 0 && 1603 conn->ssp_mode > 0 && conn->out) { 1604 struct hci_cp_auth_requested cp; 1605 cp.handle = ev->handle; 1606 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, 1607 sizeof(cp), &cp); 1608 } else { 1609 conn->state = BT_CONNECTED; 1610 hci_proto_connect_cfm(conn, ev->status); 1611 hci_conn_put(conn); 1612 } 1613 } 1614 } 1615 1616 hci_dev_unlock(hdev); 1617 } 1618 1619 static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1620 { 1621 struct hci_ev_sync_conn_complete *ev = (void *) skb->data; 1622 struct hci_conn *conn; 1623 1624 BT_DBG("%s status %d", hdev->name, ev->status); 1625 1626 hci_dev_lock(hdev); 1627 1628 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr); 1629 if (!conn) { 1630 if (ev->link_type == ESCO_LINK) 1631 goto unlock; 1632 1633 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr); 1634 if (!conn) 1635 goto unlock; 1636 1637 conn->type = SCO_LINK; 1638 } 1639 1640 if (!ev->status) { 1641 conn->handle = __le16_to_cpu(ev->handle); 1642 conn->state = BT_CONNECTED; 1643 1644 hci_conn_add_sysfs(conn); 1645 } else 1646 conn->state = BT_CLOSED; 1647 1648 hci_proto_connect_cfm(conn, ev->status); 1649 if (ev->status) 1650 hci_conn_del(conn); 1651 1652 unlock: 1653 hci_dev_unlock(hdev); 1654 } 1655 1656 static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb) 1657 { 1658 BT_DBG("%s", hdev->name); 1659 } 1660 1661 static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb) 1662 { 1663 struct hci_ev_sniff_subrate *ev = (void *) skb->data; 1664 struct hci_conn *conn; 1665 1666 BT_DBG("%s status %d", hdev->name, ev->status); 1667 1668 hci_dev_lock(hdev); 1669 1670 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); 1671 if (conn) { 1672 } 1673 1674 hci_dev_unlock(hdev); 1675 } 1676 1677 static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb) 1678 { 1679 struct inquiry_data data; 1680 struct extended_inquiry_info *info = (void *) (skb->data + 1); 1681 int num_rsp = *((__u8 *) skb->data); 1682 1683 BT_DBG("%s num_rsp %d", hdev->name, num_rsp); 1684 1685 if (!num_rsp) 1686 return; 1687 1688 hci_dev_lock(hdev); 1689 1690 for (; num_rsp; num_rsp--) { 1691 bacpy(&data.bdaddr, &info->bdaddr); 1692 data.pscan_rep_mode = info->pscan_rep_mode; 1693 data.pscan_period_mode = info->pscan_period_mode; 1694 data.pscan_mode = 0x00; 1695 memcpy(data.dev_class, info->dev_class, 3); 1696 data.clock_offset = info->clock_offset; 1697 data.rssi = info->rssi; 1698 data.ssp_mode = 0x01; 1699 info++; 1700 hci_inquiry_cache_update(hdev, &data); 1701 } 1702 1703 hci_dev_unlock(hdev); 1704 } 1705 1706 static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb) 1707 { 1708 struct hci_ev_io_capa_request *ev = (void *) skb->data; 1709 struct hci_conn *conn; 1710 1711 BT_DBG("%s", hdev->name); 1712 1713 hci_dev_lock(hdev); 1714 1715 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 1716 if (conn) 1717 hci_conn_hold(conn); 1718 1719 hci_dev_unlock(hdev); 1720 } 1721 1722 static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1723 { 1724 struct hci_ev_simple_pair_complete *ev = (void *) skb->data; 1725 struct hci_conn *conn; 1726 1727 BT_DBG("%s", hdev->name); 1728 1729 hci_dev_lock(hdev); 1730 1731 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 1732 if (conn) 1733 hci_conn_put(conn); 1734 1735 hci_dev_unlock(hdev); 1736 } 1737 1738 static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb) 1739 { 1740 struct hci_ev_remote_host_features *ev = (void *) skb->data; 1741 struct inquiry_entry *ie; 1742 1743 BT_DBG("%s", hdev->name); 1744 1745 hci_dev_lock(hdev); 1746 1747 if ((ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr))) 1748 ie->data.ssp_mode = (ev->features[0] & 0x01); 1749 1750 hci_dev_unlock(hdev); 1751 } 1752 1753 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb) 1754 { 1755 struct hci_event_hdr *hdr = (void *) skb->data; 1756 __u8 event = hdr->evt; 1757 1758 skb_pull(skb, HCI_EVENT_HDR_SIZE); 1759 1760 switch (event) { 1761 case HCI_EV_INQUIRY_COMPLETE: 1762 hci_inquiry_complete_evt(hdev, skb); 1763 break; 1764 1765 case HCI_EV_INQUIRY_RESULT: 1766 hci_inquiry_result_evt(hdev, skb); 1767 break; 1768 1769 case HCI_EV_CONN_COMPLETE: 1770 hci_conn_complete_evt(hdev, skb); 1771 break; 1772 1773 case HCI_EV_CONN_REQUEST: 1774 hci_conn_request_evt(hdev, skb); 1775 break; 1776 1777 case HCI_EV_DISCONN_COMPLETE: 1778 hci_disconn_complete_evt(hdev, skb); 1779 break; 1780 1781 case HCI_EV_AUTH_COMPLETE: 1782 hci_auth_complete_evt(hdev, skb); 1783 break; 1784 1785 case HCI_EV_REMOTE_NAME: 1786 hci_remote_name_evt(hdev, skb); 1787 break; 1788 1789 case HCI_EV_ENCRYPT_CHANGE: 1790 hci_encrypt_change_evt(hdev, skb); 1791 break; 1792 1793 case HCI_EV_CHANGE_LINK_KEY_COMPLETE: 1794 hci_change_link_key_complete_evt(hdev, skb); 1795 break; 1796 1797 case HCI_EV_REMOTE_FEATURES: 1798 hci_remote_features_evt(hdev, skb); 1799 break; 1800 1801 case HCI_EV_REMOTE_VERSION: 1802 hci_remote_version_evt(hdev, skb); 1803 break; 1804 1805 case HCI_EV_QOS_SETUP_COMPLETE: 1806 hci_qos_setup_complete_evt(hdev, skb); 1807 break; 1808 1809 case HCI_EV_CMD_COMPLETE: 1810 hci_cmd_complete_evt(hdev, skb); 1811 break; 1812 1813 case HCI_EV_CMD_STATUS: 1814 hci_cmd_status_evt(hdev, skb); 1815 break; 1816 1817 case HCI_EV_ROLE_CHANGE: 1818 hci_role_change_evt(hdev, skb); 1819 break; 1820 1821 case HCI_EV_NUM_COMP_PKTS: 1822 hci_num_comp_pkts_evt(hdev, skb); 1823 break; 1824 1825 case HCI_EV_MODE_CHANGE: 1826 hci_mode_change_evt(hdev, skb); 1827 break; 1828 1829 case HCI_EV_PIN_CODE_REQ: 1830 hci_pin_code_request_evt(hdev, skb); 1831 break; 1832 1833 case HCI_EV_LINK_KEY_REQ: 1834 hci_link_key_request_evt(hdev, skb); 1835 break; 1836 1837 case HCI_EV_LINK_KEY_NOTIFY: 1838 hci_link_key_notify_evt(hdev, skb); 1839 break; 1840 1841 case HCI_EV_CLOCK_OFFSET: 1842 hci_clock_offset_evt(hdev, skb); 1843 break; 1844 1845 case HCI_EV_PKT_TYPE_CHANGE: 1846 hci_pkt_type_change_evt(hdev, skb); 1847 break; 1848 1849 case HCI_EV_PSCAN_REP_MODE: 1850 hci_pscan_rep_mode_evt(hdev, skb); 1851 break; 1852 1853 case HCI_EV_INQUIRY_RESULT_WITH_RSSI: 1854 hci_inquiry_result_with_rssi_evt(hdev, skb); 1855 break; 1856 1857 case HCI_EV_REMOTE_EXT_FEATURES: 1858 hci_remote_ext_features_evt(hdev, skb); 1859 break; 1860 1861 case HCI_EV_SYNC_CONN_COMPLETE: 1862 hci_sync_conn_complete_evt(hdev, skb); 1863 break; 1864 1865 case HCI_EV_SYNC_CONN_CHANGED: 1866 hci_sync_conn_changed_evt(hdev, skb); 1867 break; 1868 1869 case HCI_EV_SNIFF_SUBRATE: 1870 hci_sniff_subrate_evt(hdev, skb); 1871 break; 1872 1873 case HCI_EV_EXTENDED_INQUIRY_RESULT: 1874 hci_extended_inquiry_result_evt(hdev, skb); 1875 break; 1876 1877 case HCI_EV_IO_CAPA_REQUEST: 1878 hci_io_capa_request_evt(hdev, skb); 1879 break; 1880 1881 case HCI_EV_SIMPLE_PAIR_COMPLETE: 1882 hci_simple_pair_complete_evt(hdev, skb); 1883 break; 1884 1885 case HCI_EV_REMOTE_HOST_FEATURES: 1886 hci_remote_host_features_evt(hdev, skb); 1887 break; 1888 1889 default: 1890 BT_DBG("%s event 0x%x", hdev->name, event); 1891 break; 1892 } 1893 1894 kfree_skb(skb); 1895 hdev->stat.evt_rx++; 1896 } 1897 1898 /* Generate internal stack event */ 1899 void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data) 1900 { 1901 struct hci_event_hdr *hdr; 1902 struct hci_ev_stack_internal *ev; 1903 struct sk_buff *skb; 1904 1905 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC); 1906 if (!skb) 1907 return; 1908 1909 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE); 1910 hdr->evt = HCI_EV_STACK_INTERNAL; 1911 hdr->plen = sizeof(*ev) + dlen; 1912 1913 ev = (void *) skb_put(skb, sizeof(*ev) + dlen); 1914 ev->type = type; 1915 memcpy(ev->data, data, dlen); 1916 1917 bt_cb(skb)->incoming = 1; 1918 __net_timestamp(skb); 1919 1920 bt_cb(skb)->pkt_type = HCI_EVENT_PKT; 1921 skb->dev = (void *) hdev; 1922 hci_send_to_sock(hdev, skb); 1923 kfree_skb(skb); 1924 } 1925