2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 /* Bluetooth HCI Management interface */
25 #include <linux/uaccess.h>
26 #include <asm/unaligned.h>
28 #include <net/bluetooth/bluetooth.h>
29 #include <net/bluetooth/hci_core.h>
30 #include <net/bluetooth/mgmt.h>
32 #define MGMT_VERSION 0
33 #define MGMT_REVISION 1
35 #define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
38 struct list_head list;
46 static LIST_HEAD(cmd_list);
48 static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
52 struct mgmt_ev_cmd_status *ev;
55 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
57 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
61 hdr = (void *) skb_put(skb, sizeof(*hdr));
63 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
64 hdr->index = cpu_to_le16(index);
65 hdr->len = cpu_to_le16(sizeof(*ev));
67 ev = (void *) skb_put(skb, sizeof(*ev));
69 put_unaligned_le16(cmd, &ev->opcode);
71 err = sock_queue_rcv_skb(sk, skb);
78 static int cmd_complete(struct sock *sk, u16 index, u16 cmd, void *rp,
83 struct mgmt_ev_cmd_complete *ev;
86 BT_DBG("sock %p", sk);
88 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
92 hdr = (void *) skb_put(skb, sizeof(*hdr));
94 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
95 hdr->index = cpu_to_le16(index);
96 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
98 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
99 put_unaligned_le16(cmd, &ev->opcode);
102 memcpy(ev->data, rp, rp_len);
104 err = sock_queue_rcv_skb(sk, skb);
111 static int read_version(struct sock *sk)
113 struct mgmt_rp_read_version rp;
115 BT_DBG("sock %p", sk);
117 rp.version = MGMT_VERSION;
118 put_unaligned_le16(MGMT_REVISION, &rp.revision);
120 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, &rp,
124 static int read_index_list(struct sock *sk)
126 struct mgmt_rp_read_index_list *rp;
133 BT_DBG("sock %p", sk);
135 read_lock(&hci_dev_list_lock);
138 list_for_each(p, &hci_dev_list) {
142 rp_len = sizeof(*rp) + (2 * count);
143 rp = kmalloc(rp_len, GFP_ATOMIC);
145 read_unlock(&hci_dev_list_lock);
149 put_unaligned_le16(count, &rp->num_controllers);
152 list_for_each_entry(d, &hci_dev_list, list) {
153 hci_del_off_timer(d);
155 if (test_bit(HCI_SETUP, &d->flags))
158 put_unaligned_le16(d->id, &rp->index[i++]);
159 BT_DBG("Added hci%u", d->id);
162 read_unlock(&hci_dev_list_lock);
164 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, rp,
172 static int read_controller_info(struct sock *sk, u16 index)
174 struct mgmt_rp_read_info rp;
175 struct hci_dev *hdev;
177 BT_DBG("sock %p hci%u", sk, index);
179 hdev = hci_dev_get(index);
181 return cmd_status(sk, index, MGMT_OP_READ_INFO, ENODEV);
183 hci_del_off_timer(hdev);
185 hci_dev_lock_bh(hdev);
187 set_bit(HCI_MGMT, &hdev->flags);
189 memset(&rp, 0, sizeof(rp));
191 rp.type = hdev->dev_type;
193 rp.powered = test_bit(HCI_UP, &hdev->flags);
194 rp.connectable = test_bit(HCI_PSCAN, &hdev->flags);
195 rp.discoverable = test_bit(HCI_ISCAN, &hdev->flags);
196 rp.pairable = test_bit(HCI_PSCAN, &hdev->flags);
198 if (test_bit(HCI_AUTH, &hdev->flags))
200 else if (hdev->ssp_mode > 0)
205 bacpy(&rp.bdaddr, &hdev->bdaddr);
206 memcpy(rp.features, hdev->features, 8);
207 memcpy(rp.dev_class, hdev->dev_class, 3);
208 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
209 rp.hci_ver = hdev->hci_ver;
210 put_unaligned_le16(hdev->hci_rev, &rp.hci_rev);
212 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
214 hci_dev_unlock_bh(hdev);
217 return cmd_complete(sk, index, MGMT_OP_READ_INFO, &rp, sizeof(rp));
220 static void mgmt_pending_free(struct pending_cmd *cmd)
227 static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
228 u16 index, void *data, u16 len)
230 struct pending_cmd *cmd;
232 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
236 cmd->opcode = opcode;
239 cmd->param = kmalloc(len, GFP_ATOMIC);
246 memcpy(cmd->param, data, len);
251 list_add(&cmd->list, &cmd_list);
256 static void mgmt_pending_foreach(u16 opcode, int index,
257 void (*cb)(struct pending_cmd *cmd, void *data),
260 struct list_head *p, *n;
262 list_for_each_safe(p, n, &cmd_list) {
263 struct pending_cmd *cmd;
265 cmd = list_entry(p, struct pending_cmd, list);
267 if (opcode > 0 && cmd->opcode != opcode)
270 if (index >= 0 && cmd->index != index)
277 static struct pending_cmd *mgmt_pending_find(u16 opcode, int index)
279 struct pending_cmd *cmd;
281 list_for_each_entry(cmd, &cmd_list, list) {
282 if (cmd->opcode != opcode)
285 if (index >= 0 && cmd->index != index)
294 static void mgmt_pending_remove(struct pending_cmd *cmd)
296 list_del(&cmd->list);
297 mgmt_pending_free(cmd);
300 static int set_powered(struct sock *sk, u16 index, unsigned char *data, u16 len)
302 struct mgmt_mode *cp;
303 struct hci_dev *hdev;
304 struct pending_cmd *cmd;
309 BT_DBG("request for hci%u", index);
311 if (len != sizeof(*cp))
312 return cmd_status(sk, index, MGMT_OP_SET_POWERED, EINVAL);
314 hdev = hci_dev_get(index);
316 return cmd_status(sk, index, MGMT_OP_SET_POWERED, ENODEV);
318 hci_dev_lock_bh(hdev);
320 up = test_bit(HCI_UP, &hdev->flags);
321 if ((cp->val && up) || (!cp->val && !up)) {
322 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EALREADY);
326 if (mgmt_pending_find(MGMT_OP_SET_POWERED, index)) {
327 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EBUSY);
331 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, index, data, len);
338 queue_work(hdev->workqueue, &hdev->power_on);
340 queue_work(hdev->workqueue, &hdev->power_off);
345 hci_dev_unlock_bh(hdev);
350 static int set_discoverable(struct sock *sk, u16 index, unsigned char *data,
353 struct mgmt_mode *cp;
354 struct hci_dev *hdev;
355 struct pending_cmd *cmd;
361 BT_DBG("request for hci%u", index);
363 if (len != sizeof(*cp))
364 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EINVAL);
366 hdev = hci_dev_get(index);
368 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENODEV);
370 hci_dev_lock_bh(hdev);
372 if (!test_bit(HCI_UP, &hdev->flags)) {
373 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENETDOWN);
377 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, index) ||
378 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, index)) {
379 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EBUSY);
383 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
384 test_bit(HCI_PSCAN, &hdev->flags)) {
385 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EALREADY);
389 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, index, data, len);
398 scan |= SCAN_INQUIRY;
400 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
402 mgmt_pending_remove(cmd);
405 hci_dev_unlock_bh(hdev);
411 static int set_connectable(struct sock *sk, u16 index, unsigned char *data,
414 struct mgmt_mode *cp;
415 struct hci_dev *hdev;
416 struct pending_cmd *cmd;
422 BT_DBG("request for hci%u", index);
424 if (len != sizeof(*cp))
425 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EINVAL);
427 hdev = hci_dev_get(index);
429 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENODEV);
431 hci_dev_lock_bh(hdev);
433 if (!test_bit(HCI_UP, &hdev->flags)) {
434 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENETDOWN);
438 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, index) ||
439 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, index)) {
440 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EBUSY);
444 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
445 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EALREADY);
449 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, index, data, len);
460 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
462 mgmt_pending_remove(cmd);
465 hci_dev_unlock_bh(hdev);
471 static int mgmt_event(u16 event, u16 index, void *data, u16 data_len,
472 struct sock *skip_sk)
475 struct mgmt_hdr *hdr;
477 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
481 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL;
483 hdr = (void *) skb_put(skb, sizeof(*hdr));
484 hdr->opcode = cpu_to_le16(event);
485 hdr->index = cpu_to_le16(index);
486 hdr->len = cpu_to_le16(data_len);
489 memcpy(skb_put(skb, data_len), data, data_len);
491 hci_send_to_sock(NULL, skb, skip_sk);
497 static int send_mode_rsp(struct sock *sk, u16 opcode, u16 index, u8 val)
503 return cmd_complete(sk, index, opcode, &rp, sizeof(rp));
506 static int set_pairable(struct sock *sk, u16 index, unsigned char *data,
509 struct mgmt_mode *cp, ev;
510 struct hci_dev *hdev;
515 BT_DBG("request for hci%u", index);
517 if (len != sizeof(*cp))
518 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, EINVAL);
520 hdev = hci_dev_get(index);
522 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, ENODEV);
524 hci_dev_lock_bh(hdev);
527 set_bit(HCI_PAIRABLE, &hdev->flags);
529 clear_bit(HCI_PAIRABLE, &hdev->flags);
531 err = send_mode_rsp(sk, MGMT_OP_SET_PAIRABLE, index, cp->val);
537 err = mgmt_event(MGMT_EV_PAIRABLE, index, &ev, sizeof(ev), sk);
540 hci_dev_unlock_bh(hdev);
546 #define EIR_FLAGS 0x01 /* flags */
547 #define EIR_UUID16_SOME 0x02 /* 16-bit UUID, more available */
548 #define EIR_UUID16_ALL 0x03 /* 16-bit UUID, all listed */
549 #define EIR_UUID32_SOME 0x04 /* 32-bit UUID, more available */
550 #define EIR_UUID32_ALL 0x05 /* 32-bit UUID, all listed */
551 #define EIR_UUID128_SOME 0x06 /* 128-bit UUID, more available */
552 #define EIR_UUID128_ALL 0x07 /* 128-bit UUID, all listed */
553 #define EIR_NAME_SHORT 0x08 /* shortened local name */
554 #define EIR_NAME_COMPLETE 0x09 /* complete local name */
555 #define EIR_TX_POWER 0x0A /* transmit power level */
556 #define EIR_DEVICE_ID 0x10 /* device ID */
558 #define PNP_INFO_SVCLASS_ID 0x1200
560 static u8 bluetooth_base_uuid[] = {
561 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
562 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
565 static u16 get_uuid16(u8 *uuid128)
570 for (i = 0; i < 12; i++) {
571 if (bluetooth_base_uuid[i] != uuid128[i])
575 memcpy(&val, &uuid128[12], 4);
577 val = le32_to_cpu(val);
584 static void create_eir(struct hci_dev *hdev, u8 *data)
588 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
589 int i, truncated = 0;
590 struct bt_uuid *uuid;
593 name_len = strlen(hdev->dev_name);
599 ptr[1] = EIR_NAME_SHORT;
601 ptr[1] = EIR_NAME_COMPLETE;
603 /* EIR Data length */
604 ptr[0] = name_len + 1;
606 memcpy(ptr + 2, hdev->dev_name, name_len);
608 eir_len += (name_len + 2);
609 ptr += (name_len + 2);
612 memset(uuid16_list, 0, sizeof(uuid16_list));
614 /* Group all UUID16 types */
615 list_for_each_entry(uuid, &hdev->uuids, list) {
618 uuid16 = get_uuid16(uuid->uuid);
625 if (uuid16 == PNP_INFO_SVCLASS_ID)
628 /* Stop if not enough space to put next UUID */
629 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
634 /* Check for duplicates */
635 for (i = 0; uuid16_list[i] != 0; i++)
636 if (uuid16_list[i] == uuid16)
639 if (uuid16_list[i] == 0) {
640 uuid16_list[i] = uuid16;
641 eir_len += sizeof(u16);
645 if (uuid16_list[0] != 0) {
649 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
654 for (i = 0; uuid16_list[i] != 0; i++) {
655 *ptr++ = (uuid16_list[i] & 0x00ff);
656 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
659 /* EIR Data length */
660 *length = (i * sizeof(u16)) + 1;
664 static int update_eir(struct hci_dev *hdev)
666 struct hci_cp_write_eir cp;
668 if (!(hdev->features[6] & LMP_EXT_INQ))
671 if (hdev->ssp_mode == 0)
674 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
677 memset(&cp, 0, sizeof(cp));
679 create_eir(hdev, cp.data);
681 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
684 memcpy(hdev->eir, cp.data, sizeof(cp.data));
686 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
689 static u8 get_service_classes(struct hci_dev *hdev)
691 struct bt_uuid *uuid;
694 list_for_each_entry(uuid, &hdev->uuids, list)
695 val |= uuid->svc_hint;
700 static int update_class(struct hci_dev *hdev)
704 BT_DBG("%s", hdev->name);
706 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
709 cod[0] = hdev->minor_class;
710 cod[1] = hdev->major_class;
711 cod[2] = get_service_classes(hdev);
713 if (memcmp(cod, hdev->dev_class, 3) == 0)
716 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
719 static int add_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
721 struct mgmt_cp_add_uuid *cp;
722 struct hci_dev *hdev;
723 struct bt_uuid *uuid;
728 BT_DBG("request for hci%u", index);
730 if (len != sizeof(*cp))
731 return cmd_status(sk, index, MGMT_OP_ADD_UUID, EINVAL);
733 hdev = hci_dev_get(index);
735 return cmd_status(sk, index, MGMT_OP_ADD_UUID, ENODEV);
737 hci_dev_lock_bh(hdev);
739 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
745 memcpy(uuid->uuid, cp->uuid, 16);
746 uuid->svc_hint = cp->svc_hint;
748 list_add(&uuid->list, &hdev->uuids);
750 err = update_class(hdev);
754 err = update_eir(hdev);
758 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, NULL, 0);
761 hci_dev_unlock_bh(hdev);
767 static int remove_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
769 struct list_head *p, *n;
770 struct mgmt_cp_remove_uuid *cp;
771 struct hci_dev *hdev;
772 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
777 BT_DBG("request for hci%u", index);
779 if (len != sizeof(*cp))
780 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, EINVAL);
782 hdev = hci_dev_get(index);
784 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENODEV);
786 hci_dev_lock_bh(hdev);
788 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
789 err = hci_uuids_clear(hdev);
795 list_for_each_safe(p, n, &hdev->uuids) {
796 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
798 if (memcmp(match->uuid, cp->uuid, 16) != 0)
801 list_del(&match->list);
806 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENOENT);
810 err = update_class(hdev);
814 err = update_eir(hdev);
818 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, NULL, 0);
821 hci_dev_unlock_bh(hdev);
827 static int set_dev_class(struct sock *sk, u16 index, unsigned char *data,
830 struct hci_dev *hdev;
831 struct mgmt_cp_set_dev_class *cp;
836 BT_DBG("request for hci%u", index);
838 if (len != sizeof(*cp))
839 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, EINVAL);
841 hdev = hci_dev_get(index);
843 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, ENODEV);
845 hci_dev_lock_bh(hdev);
847 hdev->major_class = cp->major;
848 hdev->minor_class = cp->minor;
850 err = update_class(hdev);
853 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, NULL, 0);
855 hci_dev_unlock_bh(hdev);
861 static int set_service_cache(struct sock *sk, u16 index, unsigned char *data,
864 struct hci_dev *hdev;
865 struct mgmt_cp_set_service_cache *cp;
870 if (len != sizeof(*cp))
871 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, EINVAL);
873 hdev = hci_dev_get(index);
875 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, ENODEV);
877 hci_dev_lock_bh(hdev);
879 BT_DBG("hci%u enable %d", index, cp->enable);
882 set_bit(HCI_SERVICE_CACHE, &hdev->flags);
885 clear_bit(HCI_SERVICE_CACHE, &hdev->flags);
886 err = update_class(hdev);
888 err = update_eir(hdev);
892 err = cmd_complete(sk, index, MGMT_OP_SET_SERVICE_CACHE, NULL,
895 cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, -err);
898 hci_dev_unlock_bh(hdev);
904 static int load_keys(struct sock *sk, u16 index, unsigned char *data, u16 len)
906 struct hci_dev *hdev;
907 struct mgmt_cp_load_keys *cp;
908 u16 key_count, expected_len;
913 if (len < sizeof(*cp))
914 return cmd_status(sk, index, MGMT_OP_LOAD_KEYS, EINVAL);
916 key_count = get_unaligned_le16(&cp->key_count);
918 expected_len = sizeof(*cp) + key_count * sizeof(struct mgmt_key_info);
919 if (expected_len != len) {
920 BT_ERR("load_keys: expected %u bytes, got %u bytes",
922 return cmd_status(sk, index, MGMT_OP_LOAD_KEYS, EINVAL);
925 hdev = hci_dev_get(index);
927 return cmd_status(sk, index, MGMT_OP_LOAD_KEYS, ENODEV);
929 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys,
932 hci_dev_lock_bh(hdev);
934 hci_link_keys_clear(hdev);
936 set_bit(HCI_LINK_KEYS, &hdev->flags);
939 set_bit(HCI_DEBUG_KEYS, &hdev->flags);
941 clear_bit(HCI_DEBUG_KEYS, &hdev->flags);
943 for (i = 0; i < key_count; i++) {
944 struct mgmt_key_info *key = &cp->keys[i];
946 hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type,
950 hci_dev_unlock_bh(hdev);
956 static int remove_key(struct sock *sk, u16 index, unsigned char *data, u16 len)
958 struct hci_dev *hdev;
959 struct mgmt_cp_remove_key *cp;
960 struct hci_conn *conn;
965 if (len != sizeof(*cp))
966 return cmd_status(sk, index, MGMT_OP_REMOVE_KEY, EINVAL);
968 hdev = hci_dev_get(index);
970 return cmd_status(sk, index, MGMT_OP_REMOVE_KEY, ENODEV);
972 hci_dev_lock_bh(hdev);
974 err = hci_remove_link_key(hdev, &cp->bdaddr);
976 err = cmd_status(sk, index, MGMT_OP_REMOVE_KEY, -err);
982 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect)
985 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
987 struct hci_cp_disconnect dc;
989 put_unaligned_le16(conn->handle, &dc.handle);
990 dc.reason = 0x13; /* Remote User Terminated Connection */
991 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
995 hci_dev_unlock_bh(hdev);
1001 static int disconnect(struct sock *sk, u16 index, unsigned char *data, u16 len)
1003 struct hci_dev *hdev;
1004 struct mgmt_cp_disconnect *cp;
1005 struct hci_cp_disconnect dc;
1006 struct pending_cmd *cmd;
1007 struct hci_conn *conn;
1014 if (len != sizeof(*cp))
1015 return cmd_status(sk, index, MGMT_OP_DISCONNECT, EINVAL);
1017 hdev = hci_dev_get(index);
1019 return cmd_status(sk, index, MGMT_OP_DISCONNECT, ENODEV);
1021 hci_dev_lock_bh(hdev);
1023 if (!test_bit(HCI_UP, &hdev->flags)) {
1024 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENETDOWN);
1028 if (mgmt_pending_find(MGMT_OP_DISCONNECT, index)) {
1029 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, EBUSY);
1033 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1035 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->bdaddr);
1038 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENOTCONN);
1042 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, index, data, len);
1048 put_unaligned_le16(conn->handle, &dc.handle);
1049 dc.reason = 0x13; /* Remote User Terminated Connection */
1051 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1053 mgmt_pending_remove(cmd);
1056 hci_dev_unlock_bh(hdev);
1062 static int get_connections(struct sock *sk, u16 index)
1064 struct mgmt_rp_get_connections *rp;
1065 struct hci_dev *hdev;
1067 struct list_head *p;
1074 hdev = hci_dev_get(index);
1076 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS, ENODEV);
1078 hci_dev_lock_bh(hdev);
1081 list_for_each(p, &hdev->conn_hash.list) {
1085 rp_len = sizeof(*rp) + (count * sizeof(bdaddr_t));
1086 rp = kmalloc(rp_len, GFP_ATOMIC);
1092 put_unaligned_le16(count, &rp->conn_count);
1095 list_for_each_entry(c, &hdev->conn_hash.list, list)
1096 bacpy(&rp->conn[i++], &c->dst);
1098 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, rp, rp_len);
1102 hci_dev_unlock_bh(hdev);
1107 static int send_pin_code_neg_reply(struct sock *sk, u16 index,
1108 struct hci_dev *hdev, struct mgmt_cp_pin_code_neg_reply *cp)
1110 struct pending_cmd *cmd;
1113 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, index, cp,
1118 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, sizeof(cp->bdaddr),
1121 mgmt_pending_remove(cmd);
1126 static int pin_code_reply(struct sock *sk, u16 index, unsigned char *data,
1129 struct hci_dev *hdev;
1130 struct hci_conn *conn;
1131 struct mgmt_cp_pin_code_reply *cp;
1132 struct mgmt_cp_pin_code_neg_reply ncp;
1133 struct hci_cp_pin_code_reply reply;
1134 struct pending_cmd *cmd;
1141 if (len != sizeof(*cp))
1142 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, EINVAL);
1144 hdev = hci_dev_get(index);
1146 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENODEV);
1148 hci_dev_lock_bh(hdev);
1150 if (!test_bit(HCI_UP, &hdev->flags)) {
1151 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENETDOWN);
1155 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1157 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENOTCONN);
1161 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
1162 bacpy(&ncp.bdaddr, &cp->bdaddr);
1164 BT_ERR("PIN code is not 16 bytes long");
1166 err = send_pin_code_neg_reply(sk, index, hdev, &ncp);
1168 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1174 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, index, data, len);
1180 bacpy(&reply.bdaddr, &cp->bdaddr);
1181 reply.pin_len = cp->pin_len;
1182 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
1184 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1186 mgmt_pending_remove(cmd);
1189 hci_dev_unlock_bh(hdev);
1195 static int pin_code_neg_reply(struct sock *sk, u16 index, unsigned char *data,
1198 struct hci_dev *hdev;
1199 struct mgmt_cp_pin_code_neg_reply *cp;
1206 if (len != sizeof(*cp))
1207 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1210 hdev = hci_dev_get(index);
1212 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1215 hci_dev_lock_bh(hdev);
1217 if (!test_bit(HCI_UP, &hdev->flags)) {
1218 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1223 err = send_pin_code_neg_reply(sk, index, hdev, cp);
1226 hci_dev_unlock_bh(hdev);
1232 static int set_io_capability(struct sock *sk, u16 index, unsigned char *data,
1235 struct hci_dev *hdev;
1236 struct mgmt_cp_set_io_capability *cp;
1242 if (len != sizeof(*cp))
1243 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, EINVAL);
1245 hdev = hci_dev_get(index);
1247 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, ENODEV);
1249 hci_dev_lock_bh(hdev);
1251 hdev->io_capability = cp->io_capability;
1253 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
1254 hdev->io_capability);
1256 hci_dev_unlock_bh(hdev);
1259 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, NULL, 0);
1262 static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1264 struct hci_dev *hdev = conn->hdev;
1265 struct pending_cmd *cmd;
1267 list_for_each_entry(cmd, &cmd_list, list) {
1268 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1271 if (cmd->index != hdev->id)
1274 if (cmd->user_data != conn)
1283 static void pairing_complete(struct pending_cmd *cmd, u8 status)
1285 struct mgmt_rp_pair_device rp;
1286 struct hci_conn *conn = cmd->user_data;
1288 bacpy(&rp.bdaddr, &conn->dst);
1291 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, &rp, sizeof(rp));
1293 /* So we don't get further callbacks for this connection */
1294 conn->connect_cfm_cb = NULL;
1295 conn->security_cfm_cb = NULL;
1296 conn->disconn_cfm_cb = NULL;
1300 mgmt_pending_remove(cmd);
1303 static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1305 struct pending_cmd *cmd;
1307 BT_DBG("status %u", status);
1309 cmd = find_pairing(conn);
1311 BT_DBG("Unable to find a pending command");
1315 pairing_complete(cmd, status);
1318 static int pair_device(struct sock *sk, u16 index, unsigned char *data, u16 len)
1320 struct hci_dev *hdev;
1321 struct mgmt_cp_pair_device *cp;
1322 struct pending_cmd *cmd;
1323 struct adv_entry *entry;
1324 u8 sec_level, auth_type;
1325 struct hci_conn *conn;
1332 if (len != sizeof(*cp))
1333 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EINVAL);
1335 hdev = hci_dev_get(index);
1337 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, ENODEV);
1339 hci_dev_lock_bh(hdev);
1341 sec_level = BT_SECURITY_MEDIUM;
1342 if (cp->io_cap == 0x03)
1343 auth_type = HCI_AT_DEDICATED_BONDING;
1345 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
1347 entry = hci_find_adv_entry(hdev, &cp->bdaddr);
1349 conn = hci_connect(hdev, LE_LINK, &cp->bdaddr, sec_level,
1352 conn = hci_connect(hdev, ACL_LINK, &cp->bdaddr, sec_level,
1356 err = PTR_ERR(conn);
1360 if (conn->connect_cfm_cb) {
1362 err = cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EBUSY);
1366 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, index, data, len);
1373 /* For LE, just connecting isn't a proof that the pairing finished */
1375 conn->connect_cfm_cb = pairing_complete_cb;
1377 conn->security_cfm_cb = pairing_complete_cb;
1378 conn->disconn_cfm_cb = pairing_complete_cb;
1379 conn->io_capability = cp->io_cap;
1380 cmd->user_data = conn;
1382 if (conn->state == BT_CONNECTED &&
1383 hci_conn_security(conn, sec_level, auth_type))
1384 pairing_complete(cmd, 0);
1389 hci_dev_unlock_bh(hdev);
1395 static int user_confirm_reply(struct sock *sk, u16 index, unsigned char *data,
1396 u16 len, int success)
1398 struct mgmt_cp_user_confirm_reply *cp = (void *) data;
1399 u16 mgmt_op, hci_op;
1400 struct pending_cmd *cmd;
1401 struct hci_dev *hdev;
1407 mgmt_op = MGMT_OP_USER_CONFIRM_REPLY;
1408 hci_op = HCI_OP_USER_CONFIRM_REPLY;
1410 mgmt_op = MGMT_OP_USER_CONFIRM_NEG_REPLY;
1411 hci_op = HCI_OP_USER_CONFIRM_NEG_REPLY;
1414 if (len != sizeof(*cp))
1415 return cmd_status(sk, index, mgmt_op, EINVAL);
1417 hdev = hci_dev_get(index);
1419 return cmd_status(sk, index, mgmt_op, ENODEV);
1421 hci_dev_lock_bh(hdev);
1423 if (!test_bit(HCI_UP, &hdev->flags)) {
1424 err = cmd_status(sk, index, mgmt_op, ENETDOWN);
1428 cmd = mgmt_pending_add(sk, mgmt_op, index, data, len);
1434 err = hci_send_cmd(hdev, hci_op, sizeof(cp->bdaddr), &cp->bdaddr);
1436 mgmt_pending_remove(cmd);
1439 hci_dev_unlock_bh(hdev);
1445 static int set_local_name(struct sock *sk, u16 index, unsigned char *data,
1448 struct mgmt_cp_set_local_name *mgmt_cp = (void *) data;
1449 struct hci_cp_write_local_name hci_cp;
1450 struct hci_dev *hdev;
1451 struct pending_cmd *cmd;
1456 if (len != sizeof(*mgmt_cp))
1457 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, EINVAL);
1459 hdev = hci_dev_get(index);
1461 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, ENODEV);
1463 hci_dev_lock_bh(hdev);
1465 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, index, data, len);
1471 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name));
1472 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp),
1475 mgmt_pending_remove(cmd);
1478 hci_dev_unlock_bh(hdev);
1484 static int read_local_oob_data(struct sock *sk, u16 index)
1486 struct hci_dev *hdev;
1487 struct pending_cmd *cmd;
1490 BT_DBG("hci%u", index);
1492 hdev = hci_dev_get(index);
1494 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1497 hci_dev_lock_bh(hdev);
1499 if (!test_bit(HCI_UP, &hdev->flags)) {
1500 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1505 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
1506 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1511 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, index)) {
1512 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA, EBUSY);
1516 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, index, NULL, 0);
1522 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
1524 mgmt_pending_remove(cmd);
1527 hci_dev_unlock_bh(hdev);
1533 static int add_remote_oob_data(struct sock *sk, u16 index, unsigned char *data,
1536 struct hci_dev *hdev;
1537 struct mgmt_cp_add_remote_oob_data *cp = (void *) data;
1540 BT_DBG("hci%u ", index);
1542 if (len != sizeof(*cp))
1543 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1546 hdev = hci_dev_get(index);
1548 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1551 hci_dev_lock_bh(hdev);
1553 err = hci_add_remote_oob_data(hdev, &cp->bdaddr, cp->hash,
1556 err = cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, -err);
1558 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, NULL,
1561 hci_dev_unlock_bh(hdev);
1567 static int remove_remote_oob_data(struct sock *sk, u16 index,
1568 unsigned char *data, u16 len)
1570 struct hci_dev *hdev;
1571 struct mgmt_cp_remove_remote_oob_data *cp = (void *) data;
1574 BT_DBG("hci%u ", index);
1576 if (len != sizeof(*cp))
1577 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1580 hdev = hci_dev_get(index);
1582 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1585 hci_dev_lock_bh(hdev);
1587 err = hci_remove_remote_oob_data(hdev, &cp->bdaddr);
1589 err = cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1592 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1595 hci_dev_unlock_bh(hdev);
1601 static int start_discovery(struct sock *sk, u16 index)
1603 struct pending_cmd *cmd;
1604 struct hci_dev *hdev;
1607 BT_DBG("hci%u", index);
1609 hdev = hci_dev_get(index);
1611 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY, ENODEV);
1613 hci_dev_lock_bh(hdev);
1615 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, index, NULL, 0);
1621 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
1623 mgmt_pending_remove(cmd);
1626 hci_dev_unlock_bh(hdev);
1632 static int stop_discovery(struct sock *sk, u16 index)
1634 struct hci_dev *hdev;
1635 struct pending_cmd *cmd;
1638 BT_DBG("hci%u", index);
1640 hdev = hci_dev_get(index);
1642 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY, ENODEV);
1644 hci_dev_lock_bh(hdev);
1646 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, index, NULL, 0);
1652 err = hci_cancel_inquiry(hdev);
1654 mgmt_pending_remove(cmd);
1657 hci_dev_unlock_bh(hdev);
1663 static int block_device(struct sock *sk, u16 index, unsigned char *data,
1666 struct hci_dev *hdev;
1667 struct pending_cmd *cmd;
1668 struct mgmt_cp_block_device *cp = (void *) data;
1671 BT_DBG("hci%u", index);
1673 if (len != sizeof(*cp))
1674 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1677 hdev = hci_dev_get(index);
1679 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1682 hci_dev_lock_bh(hdev);
1684 cmd = mgmt_pending_add(sk, MGMT_OP_BLOCK_DEVICE, index, NULL, 0);
1690 err = hci_blacklist_add(hdev, &cp->bdaddr);
1693 err = cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE, -err);
1695 err = cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE,
1698 mgmt_pending_remove(cmd);
1701 hci_dev_unlock_bh(hdev);
1707 static int unblock_device(struct sock *sk, u16 index, unsigned char *data,
1710 struct hci_dev *hdev;
1711 struct pending_cmd *cmd;
1712 struct mgmt_cp_unblock_device *cp = (void *) data;
1715 BT_DBG("hci%u", index);
1717 if (len != sizeof(*cp))
1718 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1721 hdev = hci_dev_get(index);
1723 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1726 hci_dev_lock_bh(hdev);
1728 cmd = mgmt_pending_add(sk, MGMT_OP_UNBLOCK_DEVICE, index, NULL, 0);
1734 err = hci_blacklist_del(hdev, &cp->bdaddr);
1737 err = cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE, -err);
1739 err = cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1742 mgmt_pending_remove(cmd);
1745 hci_dev_unlock_bh(hdev);
1751 static int set_fast_connectable(struct sock *sk, u16 index,
1752 unsigned char *data, u16 len)
1754 struct hci_dev *hdev;
1755 struct mgmt_cp_set_fast_connectable *cp = (void *) data;
1756 struct hci_cp_write_page_scan_activity acp;
1760 BT_DBG("hci%u", index);
1762 if (len != sizeof(*cp))
1763 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1766 hdev = hci_dev_get(index);
1768 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1774 type = PAGE_SCAN_TYPE_INTERLACED;
1775 acp.interval = 0x0024; /* 22.5 msec page scan interval */
1777 type = PAGE_SCAN_TYPE_STANDARD; /* default */
1778 acp.interval = 0x0800; /* default 1.28 sec page scan */
1781 acp.window = 0x0012; /* default 11.25 msec page scan window */
1783 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
1786 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1791 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
1793 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1798 err = cmd_complete(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1801 hci_dev_unlock(hdev);
1807 int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
1810 struct mgmt_hdr *hdr;
1811 u16 opcode, index, len;
1814 BT_DBG("got %zu bytes", msglen);
1816 if (msglen < sizeof(*hdr))
1819 buf = kmalloc(msglen, GFP_KERNEL);
1823 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
1828 hdr = (struct mgmt_hdr *) buf;
1829 opcode = get_unaligned_le16(&hdr->opcode);
1830 index = get_unaligned_le16(&hdr->index);
1831 len = get_unaligned_le16(&hdr->len);
1833 if (len != msglen - sizeof(*hdr)) {
1839 case MGMT_OP_READ_VERSION:
1840 err = read_version(sk);
1842 case MGMT_OP_READ_INDEX_LIST:
1843 err = read_index_list(sk);
1845 case MGMT_OP_READ_INFO:
1846 err = read_controller_info(sk, index);
1848 case MGMT_OP_SET_POWERED:
1849 err = set_powered(sk, index, buf + sizeof(*hdr), len);
1851 case MGMT_OP_SET_DISCOVERABLE:
1852 err = set_discoverable(sk, index, buf + sizeof(*hdr), len);
1854 case MGMT_OP_SET_CONNECTABLE:
1855 err = set_connectable(sk, index, buf + sizeof(*hdr), len);
1857 case MGMT_OP_SET_PAIRABLE:
1858 err = set_pairable(sk, index, buf + sizeof(*hdr), len);
1860 case MGMT_OP_ADD_UUID:
1861 err = add_uuid(sk, index, buf + sizeof(*hdr), len);
1863 case MGMT_OP_REMOVE_UUID:
1864 err = remove_uuid(sk, index, buf + sizeof(*hdr), len);
1866 case MGMT_OP_SET_DEV_CLASS:
1867 err = set_dev_class(sk, index, buf + sizeof(*hdr), len);
1869 case MGMT_OP_SET_SERVICE_CACHE:
1870 err = set_service_cache(sk, index, buf + sizeof(*hdr), len);
1872 case MGMT_OP_LOAD_KEYS:
1873 err = load_keys(sk, index, buf + sizeof(*hdr), len);
1875 case MGMT_OP_REMOVE_KEY:
1876 err = remove_key(sk, index, buf + sizeof(*hdr), len);
1878 case MGMT_OP_DISCONNECT:
1879 err = disconnect(sk, index, buf + sizeof(*hdr), len);
1881 case MGMT_OP_GET_CONNECTIONS:
1882 err = get_connections(sk, index);
1884 case MGMT_OP_PIN_CODE_REPLY:
1885 err = pin_code_reply(sk, index, buf + sizeof(*hdr), len);
1887 case MGMT_OP_PIN_CODE_NEG_REPLY:
1888 err = pin_code_neg_reply(sk, index, buf + sizeof(*hdr), len);
1890 case MGMT_OP_SET_IO_CAPABILITY:
1891 err = set_io_capability(sk, index, buf + sizeof(*hdr), len);
1893 case MGMT_OP_PAIR_DEVICE:
1894 err = pair_device(sk, index, buf + sizeof(*hdr), len);
1896 case MGMT_OP_USER_CONFIRM_REPLY:
1897 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 1);
1899 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
1900 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 0);
1902 case MGMT_OP_SET_LOCAL_NAME:
1903 err = set_local_name(sk, index, buf + sizeof(*hdr), len);
1905 case MGMT_OP_READ_LOCAL_OOB_DATA:
1906 err = read_local_oob_data(sk, index);
1908 case MGMT_OP_ADD_REMOTE_OOB_DATA:
1909 err = add_remote_oob_data(sk, index, buf + sizeof(*hdr), len);
1911 case MGMT_OP_REMOVE_REMOTE_OOB_DATA:
1912 err = remove_remote_oob_data(sk, index, buf + sizeof(*hdr),
1915 case MGMT_OP_START_DISCOVERY:
1916 err = start_discovery(sk, index);
1918 case MGMT_OP_STOP_DISCOVERY:
1919 err = stop_discovery(sk, index);
1921 case MGMT_OP_BLOCK_DEVICE:
1922 err = block_device(sk, index, buf + sizeof(*hdr), len);
1924 case MGMT_OP_UNBLOCK_DEVICE:
1925 err = unblock_device(sk, index, buf + sizeof(*hdr), len);
1927 case MGMT_OP_SET_FAST_CONNECTABLE:
1928 err = set_fast_connectable(sk, index, buf + sizeof(*hdr),
1932 BT_DBG("Unknown op %u", opcode);
1933 err = cmd_status(sk, index, opcode, 0x01);
1947 static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
1951 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
1952 mgmt_pending_remove(cmd);
1955 int mgmt_index_added(u16 index)
1957 return mgmt_event(MGMT_EV_INDEX_ADDED, index, NULL, 0, NULL);
1960 int mgmt_index_removed(u16 index)
1964 mgmt_pending_foreach(0, index, cmd_status_rsp, &status);
1966 return mgmt_event(MGMT_EV_INDEX_REMOVED, index, NULL, 0, NULL);
1974 static void mode_rsp(struct pending_cmd *cmd, void *data)
1976 struct mgmt_mode *cp = cmd->param;
1977 struct cmd_lookup *match = data;
1979 if (cp->val != match->val)
1982 send_mode_rsp(cmd->sk, cmd->opcode, cmd->index, cp->val);
1984 list_del(&cmd->list);
1986 if (match->sk == NULL) {
1987 match->sk = cmd->sk;
1988 sock_hold(match->sk);
1991 mgmt_pending_free(cmd);
1994 int mgmt_powered(u16 index, u8 powered)
1996 struct mgmt_mode ev;
1997 struct cmd_lookup match = { powered, NULL };
2000 mgmt_pending_foreach(MGMT_OP_SET_POWERED, index, mode_rsp, &match);
2003 u8 status = ENETDOWN;
2004 mgmt_pending_foreach(0, index, cmd_status_rsp, &status);
2009 ret = mgmt_event(MGMT_EV_POWERED, index, &ev, sizeof(ev), match.sk);
2017 int mgmt_discoverable(u16 index, u8 discoverable)
2019 struct mgmt_mode ev;
2020 struct cmd_lookup match = { discoverable, NULL };
2023 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, index, mode_rsp, &match);
2025 ev.val = discoverable;
2027 ret = mgmt_event(MGMT_EV_DISCOVERABLE, index, &ev, sizeof(ev),
2036 int mgmt_connectable(u16 index, u8 connectable)
2038 struct mgmt_mode ev;
2039 struct cmd_lookup match = { connectable, NULL };
2042 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, index, mode_rsp, &match);
2044 ev.val = connectable;
2046 ret = mgmt_event(MGMT_EV_CONNECTABLE, index, &ev, sizeof(ev), match.sk);
2054 int mgmt_new_key(u16 index, struct link_key *key, u8 persistent)
2056 struct mgmt_ev_new_key ev;
2058 memset(&ev, 0, sizeof(ev));
2060 ev.store_hint = persistent;
2061 bacpy(&ev.key.bdaddr, &key->bdaddr);
2062 ev.key.type = key->type;
2063 memcpy(ev.key.val, key->val, 16);
2064 ev.key.pin_len = key->pin_len;
2066 return mgmt_event(MGMT_EV_NEW_KEY, index, &ev, sizeof(ev), NULL);
2069 int mgmt_connected(u16 index, bdaddr_t *bdaddr, u8 link_type)
2071 struct mgmt_ev_connected ev;
2073 bacpy(&ev.bdaddr, bdaddr);
2074 ev.link_type = link_type;
2076 return mgmt_event(MGMT_EV_CONNECTED, index, &ev, sizeof(ev), NULL);
2079 static void disconnect_rsp(struct pending_cmd *cmd, void *data)
2081 struct mgmt_cp_disconnect *cp = cmd->param;
2082 struct sock **sk = data;
2083 struct mgmt_rp_disconnect rp;
2085 bacpy(&rp.bdaddr, &cp->bdaddr);
2087 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, &rp, sizeof(rp));
2092 mgmt_pending_remove(cmd);
2095 int mgmt_disconnected(u16 index, bdaddr_t *bdaddr)
2097 struct mgmt_ev_disconnected ev;
2098 struct sock *sk = NULL;
2101 mgmt_pending_foreach(MGMT_OP_DISCONNECT, index, disconnect_rsp, &sk);
2103 bacpy(&ev.bdaddr, bdaddr);
2105 err = mgmt_event(MGMT_EV_DISCONNECTED, index, &ev, sizeof(ev), sk);
2113 int mgmt_disconnect_failed(u16 index)
2115 struct pending_cmd *cmd;
2118 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, index);
2122 err = cmd_status(cmd->sk, index, MGMT_OP_DISCONNECT, EIO);
2124 mgmt_pending_remove(cmd);
2129 int mgmt_connect_failed(u16 index, bdaddr_t *bdaddr, u8 status)
2131 struct mgmt_ev_connect_failed ev;
2133 bacpy(&ev.bdaddr, bdaddr);
2136 return mgmt_event(MGMT_EV_CONNECT_FAILED, index, &ev, sizeof(ev), NULL);
2139 int mgmt_pin_code_request(u16 index, bdaddr_t *bdaddr, u8 secure)
2141 struct mgmt_ev_pin_code_request ev;
2143 bacpy(&ev.bdaddr, bdaddr);
2146 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, index, &ev, sizeof(ev),
2150 int mgmt_pin_code_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2152 struct pending_cmd *cmd;
2153 struct mgmt_rp_pin_code_reply rp;
2156 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, index);
2160 bacpy(&rp.bdaddr, bdaddr);
2163 err = cmd_complete(cmd->sk, index, MGMT_OP_PIN_CODE_REPLY, &rp,
2166 mgmt_pending_remove(cmd);
2171 int mgmt_pin_code_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2173 struct pending_cmd *cmd;
2174 struct mgmt_rp_pin_code_reply rp;
2177 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, index);
2181 bacpy(&rp.bdaddr, bdaddr);
2184 err = cmd_complete(cmd->sk, index, MGMT_OP_PIN_CODE_NEG_REPLY, &rp,
2187 mgmt_pending_remove(cmd);
2192 int mgmt_user_confirm_request(u16 index, bdaddr_t *bdaddr, __le32 value,
2195 struct mgmt_ev_user_confirm_request ev;
2197 BT_DBG("hci%u", index);
2199 bacpy(&ev.bdaddr, bdaddr);
2200 ev.confirm_hint = confirm_hint;
2201 put_unaligned_le32(value, &ev.value);
2203 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, index, &ev, sizeof(ev),
2207 static int confirm_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status,
2210 struct pending_cmd *cmd;
2211 struct mgmt_rp_user_confirm_reply rp;
2214 cmd = mgmt_pending_find(opcode, index);
2218 bacpy(&rp.bdaddr, bdaddr);
2220 err = cmd_complete(cmd->sk, index, opcode, &rp, sizeof(rp));
2222 mgmt_pending_remove(cmd);
2227 int mgmt_user_confirm_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2229 return confirm_reply_complete(index, bdaddr, status,
2230 MGMT_OP_USER_CONFIRM_REPLY);
2233 int mgmt_user_confirm_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2235 return confirm_reply_complete(index, bdaddr, status,
2236 MGMT_OP_USER_CONFIRM_NEG_REPLY);
2239 int mgmt_auth_failed(u16 index, bdaddr_t *bdaddr, u8 status)
2241 struct mgmt_ev_auth_failed ev;
2243 bacpy(&ev.bdaddr, bdaddr);
2246 return mgmt_event(MGMT_EV_AUTH_FAILED, index, &ev, sizeof(ev), NULL);
2249 int mgmt_set_local_name_complete(u16 index, u8 *name, u8 status)
2251 struct pending_cmd *cmd;
2252 struct hci_dev *hdev;
2253 struct mgmt_cp_set_local_name ev;
2256 memset(&ev, 0, sizeof(ev));
2257 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2259 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, index);
2264 err = cmd_status(cmd->sk, index, MGMT_OP_SET_LOCAL_NAME, EIO);
2268 hdev = hci_dev_get(index);
2270 hci_dev_lock_bh(hdev);
2272 hci_dev_unlock_bh(hdev);
2276 err = cmd_complete(cmd->sk, index, MGMT_OP_SET_LOCAL_NAME, &ev,
2282 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, index, &ev, sizeof(ev),
2283 cmd ? cmd->sk : NULL);
2287 mgmt_pending_remove(cmd);
2291 int mgmt_read_local_oob_data_reply_complete(u16 index, u8 *hash, u8 *randomizer,
2294 struct pending_cmd *cmd;
2297 BT_DBG("hci%u status %u", index, status);
2299 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, index);
2304 err = cmd_status(cmd->sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
2307 struct mgmt_rp_read_local_oob_data rp;
2309 memcpy(rp.hash, hash, sizeof(rp.hash));
2310 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
2312 err = cmd_complete(cmd->sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
2316 mgmt_pending_remove(cmd);
2321 int mgmt_device_found(u16 index, bdaddr_t *bdaddr, u8 *dev_class, s8 rssi,
2324 struct mgmt_ev_device_found ev;
2326 memset(&ev, 0, sizeof(ev));
2328 bacpy(&ev.bdaddr, bdaddr);
2332 memcpy(ev.eir, eir, sizeof(ev.eir));
2335 memcpy(ev.dev_class, dev_class, sizeof(ev.dev_class));
2337 return mgmt_event(MGMT_EV_DEVICE_FOUND, index, &ev, sizeof(ev), NULL);
2340 int mgmt_remote_name(u16 index, bdaddr_t *bdaddr, u8 *name)
2342 struct mgmt_ev_remote_name ev;
2344 memset(&ev, 0, sizeof(ev));
2346 bacpy(&ev.bdaddr, bdaddr);
2347 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2349 return mgmt_event(MGMT_EV_REMOTE_NAME, index, &ev, sizeof(ev), NULL);
2352 int mgmt_inquiry_failed(u16 index, u8 status)
2354 struct pending_cmd *cmd;
2357 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, index);
2361 err = cmd_status(cmd->sk, index, cmd->opcode, status);
2362 mgmt_pending_remove(cmd);
2367 int mgmt_discovering(u16 index, u8 discovering)
2369 struct pending_cmd *cmd;
2372 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, index);
2374 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, index);
2377 cmd_complete(cmd->sk, index, cmd->opcode, NULL, 0);
2378 mgmt_pending_remove(cmd);
2381 return mgmt_event(MGMT_EV_DISCOVERING, index, &discovering,
2382 sizeof(discovering), NULL);
2385 int mgmt_device_blocked(u16 index, bdaddr_t *bdaddr)
2387 struct pending_cmd *cmd;
2388 struct mgmt_ev_device_blocked ev;
2390 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, index);
2392 bacpy(&ev.bdaddr, bdaddr);
2394 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, index, &ev, sizeof(ev),
2395 cmd ? cmd->sk : NULL);
2398 int mgmt_device_unblocked(u16 index, bdaddr_t *bdaddr)
2400 struct pending_cmd *cmd;
2401 struct mgmt_ev_device_unblocked ev;
2403 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, index);
2405 bacpy(&ev.bdaddr, bdaddr);
2407 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, index, &ev, sizeof(ev),
2408 cmd ? cmd->sk : NULL);
projects / karo-tx-linux.git / blob