2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 /* Bluetooth HCI Management interface */
25 #include <asm/uaccess.h>
26 #include <asm/unaligned.h>
28 #include <net/bluetooth/bluetooth.h>
29 #include <net/bluetooth/hci_core.h>
30 #include <net/bluetooth/mgmt.h>
32 #define MGMT_VERSION 0
33 #define MGMT_REVISION 1
36 struct list_head list;
45 static int cmd_status(struct sock *sk, u16 cmd, u8 status)
49 struct mgmt_ev_cmd_status *ev;
51 BT_DBG("sock %p", sk);
53 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
57 hdr = (void *) skb_put(skb, sizeof(*hdr));
59 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
60 hdr->len = cpu_to_le16(sizeof(*ev));
62 ev = (void *) skb_put(skb, sizeof(*ev));
64 put_unaligned_le16(cmd, &ev->opcode);
66 if (sock_queue_rcv_skb(sk, skb) < 0)
72 static int read_version(struct sock *sk)
76 struct mgmt_ev_cmd_complete *ev;
77 struct mgmt_rp_read_version *rp;
79 BT_DBG("sock %p", sk);
81 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + sizeof(*rp), GFP_ATOMIC);
85 hdr = (void *) skb_put(skb, sizeof(*hdr));
86 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
87 hdr->len = cpu_to_le16(sizeof(*ev) + sizeof(*rp));
89 ev = (void *) skb_put(skb, sizeof(*ev));
90 put_unaligned_le16(MGMT_OP_READ_VERSION, &ev->opcode);
92 rp = (void *) skb_put(skb, sizeof(*rp));
93 rp->version = MGMT_VERSION;
94 put_unaligned_le16(MGMT_REVISION, &rp->revision);
96 if (sock_queue_rcv_skb(sk, skb) < 0)
102 static int read_index_list(struct sock *sk)
105 struct mgmt_hdr *hdr;
106 struct mgmt_ev_cmd_complete *ev;
107 struct mgmt_rp_read_index_list *rp;
113 BT_DBG("sock %p", sk);
115 read_lock(&hci_dev_list_lock);
118 list_for_each(p, &hci_dev_list) {
122 body_len = sizeof(*ev) + sizeof(*rp) + (2 * count);
123 skb = alloc_skb(sizeof(*hdr) + body_len, GFP_ATOMIC);
125 read_unlock(&hci_dev_list_lock);
129 hdr = (void *) skb_put(skb, sizeof(*hdr));
130 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
131 hdr->len = cpu_to_le16(body_len);
133 ev = (void *) skb_put(skb, sizeof(*ev));
134 put_unaligned_le16(MGMT_OP_READ_INDEX_LIST, &ev->opcode);
136 rp = (void *) skb_put(skb, sizeof(*rp) + (2 * count));
137 put_unaligned_le16(count, &rp->num_controllers);
140 list_for_each(p, &hci_dev_list) {
141 struct hci_dev *d = list_entry(p, struct hci_dev, list);
143 hci_del_off_timer(d);
145 set_bit(HCI_MGMT, &d->flags);
147 if (test_bit(HCI_SETUP, &d->flags))
150 put_unaligned_le16(d->id, &rp->index[i++]);
151 BT_DBG("Added hci%u", d->id);
154 read_unlock(&hci_dev_list_lock);
156 if (sock_queue_rcv_skb(sk, skb) < 0)
162 static int read_controller_info(struct sock *sk, unsigned char *data, u16 len)
165 struct mgmt_hdr *hdr;
166 struct mgmt_ev_cmd_complete *ev;
167 struct mgmt_rp_read_info *rp;
168 struct mgmt_cp_read_info *cp;
169 struct hci_dev *hdev;
172 BT_DBG("sock %p", sk);
175 return cmd_status(sk, MGMT_OP_READ_INFO, EINVAL);
177 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + sizeof(*rp), GFP_ATOMIC);
181 hdr = (void *) skb_put(skb, sizeof(*hdr));
182 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
183 hdr->len = cpu_to_le16(sizeof(*ev) + sizeof(*rp));
185 ev = (void *) skb_put(skb, sizeof(*ev));
186 put_unaligned_le16(MGMT_OP_READ_INFO, &ev->opcode);
188 rp = (void *) skb_put(skb, sizeof(*rp));
191 dev_id = get_unaligned_le16(&cp->index);
193 BT_DBG("request for hci%u", dev_id);
195 hdev = hci_dev_get(dev_id);
198 return cmd_status(sk, MGMT_OP_READ_INFO, ENODEV);
201 hci_del_off_timer(hdev);
203 hci_dev_lock_bh(hdev);
205 set_bit(HCI_MGMT, &hdev->flags);
207 put_unaligned_le16(hdev->id, &rp->index);
208 rp->type = hdev->dev_type;
210 rp->powered = test_bit(HCI_UP, &hdev->flags);
211 rp->connectable = test_bit(HCI_PSCAN, &hdev->flags);
212 rp->discoverable = test_bit(HCI_ISCAN, &hdev->flags);
213 rp->pairable = test_bit(HCI_PSCAN, &hdev->flags);
215 if (test_bit(HCI_AUTH, &hdev->flags))
217 else if (hdev->ssp_mode > 0)
222 bacpy(&rp->bdaddr, &hdev->bdaddr);
223 memcpy(rp->features, hdev->features, 8);
224 memcpy(rp->dev_class, hdev->dev_class, 3);
225 put_unaligned_le16(hdev->manufacturer, &rp->manufacturer);
226 rp->hci_ver = hdev->hci_ver;
227 put_unaligned_le16(hdev->hci_rev, &rp->hci_rev);
229 hci_dev_unlock_bh(hdev);
232 if (sock_queue_rcv_skb(sk, skb) < 0)
238 static void mgmt_pending_free(struct pending_cmd *cmd)
245 static int mgmt_pending_add(struct sock *sk, u16 opcode, int index,
248 struct pending_cmd *cmd;
250 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
254 cmd->opcode = opcode;
257 cmd->cmd = kmalloc(len, GFP_ATOMIC);
263 memcpy(cmd->cmd, data, len);
268 list_add(&cmd->list, &cmd_list);
273 static void mgmt_pending_foreach(u16 opcode, int index,
274 void (*cb)(struct pending_cmd *cmd, void *data),
277 struct list_head *p, *n;
279 list_for_each_safe(p, n, &cmd_list) {
280 struct pending_cmd *cmd;
282 cmd = list_entry(p, struct pending_cmd, list);
284 if (cmd->opcode != opcode)
287 if (index >= 0 && cmd->index != index)
294 static struct pending_cmd *mgmt_pending_find(u16 opcode, int index)
298 list_for_each(p, &cmd_list) {
299 struct pending_cmd *cmd;
301 cmd = list_entry(p, struct pending_cmd, list);
303 if (cmd->opcode != opcode)
306 if (index >= 0 && cmd->index != index)
315 static void mgmt_pending_remove(u16 opcode, int index)
317 struct pending_cmd *cmd;
319 cmd = mgmt_pending_find(opcode, index);
323 list_del(&cmd->list);
324 mgmt_pending_free(cmd);
327 static int set_powered(struct sock *sk, unsigned char *data, u16 len)
329 struct mgmt_mode *cp;
330 struct hci_dev *hdev;
335 dev_id = get_unaligned_le16(&cp->index);
337 BT_DBG("request for hci%u", dev_id);
339 hdev = hci_dev_get(dev_id);
341 return cmd_status(sk, MGMT_OP_SET_POWERED, ENODEV);
343 hci_dev_lock_bh(hdev);
345 up = test_bit(HCI_UP, &hdev->flags);
346 if ((cp->val && up) || (!cp->val && !up)) {
347 ret = cmd_status(sk, MGMT_OP_SET_POWERED, EALREADY);
351 if (mgmt_pending_find(MGMT_OP_SET_POWERED, dev_id)) {
352 ret = cmd_status(sk, MGMT_OP_SET_POWERED, EBUSY);
356 ret = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, dev_id, data, len);
361 queue_work(hdev->workqueue, &hdev->power_on);
363 queue_work(hdev->workqueue, &hdev->power_off);
368 hci_dev_unlock_bh(hdev);
373 static int set_discoverable(struct sock *sk, unsigned char *data, u16 len)
375 struct mgmt_mode *cp;
376 struct hci_dev *hdev;
382 dev_id = get_unaligned_le16(&cp->index);
384 BT_DBG("request for hci%u", dev_id);
386 hdev = hci_dev_get(dev_id);
388 return cmd_status(sk, MGMT_OP_SET_DISCOVERABLE, ENODEV);
390 hci_dev_lock_bh(hdev);
392 if (!test_bit(HCI_UP, &hdev->flags)) {
393 err = cmd_status(sk, MGMT_OP_SET_DISCOVERABLE, ENETDOWN);
397 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, dev_id) ||
398 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, dev_id)) {
399 err = cmd_status(sk, MGMT_OP_SET_DISCOVERABLE, EBUSY);
403 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
404 test_bit(HCI_PSCAN, &hdev->flags)) {
405 err = cmd_status(sk, MGMT_OP_SET_DISCOVERABLE, EALREADY);
409 err = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, dev_id, data, len);
416 scan |= SCAN_INQUIRY;
418 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
420 mgmt_pending_remove(MGMT_OP_SET_DISCOVERABLE, dev_id);
423 hci_dev_unlock_bh(hdev);
429 static int set_connectable(struct sock *sk, unsigned char *data, u16 len)
431 struct mgmt_mode *cp;
432 struct hci_dev *hdev;
438 dev_id = get_unaligned_le16(&cp->index);
440 BT_DBG("request for hci%u", dev_id);
442 hdev = hci_dev_get(dev_id);
444 return cmd_status(sk, MGMT_OP_SET_CONNECTABLE, ENODEV);
446 hci_dev_lock_bh(hdev);
448 if (!test_bit(HCI_UP, &hdev->flags)) {
449 err = cmd_status(sk, MGMT_OP_SET_CONNECTABLE, ENETDOWN);
453 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, dev_id) ||
454 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, dev_id)) {
455 err = cmd_status(sk, MGMT_OP_SET_CONNECTABLE, EBUSY);
459 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
460 err = cmd_status(sk, MGMT_OP_SET_CONNECTABLE, EALREADY);
464 err = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, dev_id, data, len);
473 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
475 mgmt_pending_remove(MGMT_OP_SET_CONNECTABLE, dev_id);
478 hci_dev_unlock_bh(hdev);
484 static int mgmt_event(u16 event, void *data, u16 data_len, struct sock *skip_sk)
487 struct mgmt_hdr *hdr;
489 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
493 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL;
495 hdr = (void *) skb_put(skb, sizeof(*hdr));
496 hdr->opcode = cpu_to_le16(event);
497 hdr->len = cpu_to_le16(data_len);
499 memcpy(skb_put(skb, data_len), data, data_len);
501 hci_send_to_sock(NULL, skb, skip_sk);
507 static int send_mode_rsp(struct sock *sk, u16 opcode, u16 index, u8 val)
509 struct mgmt_hdr *hdr;
510 struct mgmt_ev_cmd_complete *ev;
511 struct mgmt_mode *rp;
514 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + sizeof(*rp), GFP_ATOMIC);
518 hdr = (void *) skb_put(skb, sizeof(*hdr));
519 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
520 hdr->len = cpu_to_le16(sizeof(*ev) + sizeof(*rp));
522 ev = (void *) skb_put(skb, sizeof(*ev));
523 put_unaligned_le16(opcode, &ev->opcode);
525 rp = (void *) skb_put(skb, sizeof(*rp));
526 put_unaligned_le16(index, &rp->index);
529 if (sock_queue_rcv_skb(sk, skb) < 0)
535 static int set_pairable(struct sock *sk, unsigned char *data, u16 len)
537 struct mgmt_mode *cp, ev;
538 struct hci_dev *hdev;
543 dev_id = get_unaligned_le16(&cp->index);
545 BT_DBG("request for hci%u", dev_id);
547 hdev = hci_dev_get(dev_id);
549 return cmd_status(sk, MGMT_OP_SET_PAIRABLE, ENODEV);
551 hci_dev_lock_bh(hdev);
554 set_bit(HCI_PAIRABLE, &hdev->flags);
556 clear_bit(HCI_PAIRABLE, &hdev->flags);
558 err = send_mode_rsp(sk, MGMT_OP_SET_PAIRABLE, dev_id, cp->val);
562 put_unaligned_le16(dev_id, &ev.index);
565 err = mgmt_event(MGMT_EV_PAIRABLE, &ev, sizeof(ev), sk);
568 hci_dev_unlock_bh(hdev);
574 static int index_rsp(struct sock *sk, u16 opcode, u16 index)
576 struct mgmt_hdr *hdr;
577 struct mgmt_ev_cmd_complete *ev;
580 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + sizeof(index), GFP_ATOMIC);
584 hdr = (void *) skb_put(skb, sizeof(*hdr));
585 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
586 hdr->len = cpu_to_le16(sizeof(*ev) + sizeof(index));
588 ev = (void *) skb_put(skb, sizeof(*ev));
589 put_unaligned_le16(opcode, &ev->opcode);
591 put_unaligned_le16(index, skb_put(skb, sizeof(index)));
593 if (sock_queue_rcv_skb(sk, skb) < 0)
599 static u8 get_service_classes(struct hci_dev *hdev)
604 list_for_each(p, &hdev->uuids) {
605 struct bt_uuid *uuid = list_entry(p, struct bt_uuid, list);
607 val |= uuid->svc_hint;
613 static int update_class(struct hci_dev *hdev)
617 BT_DBG("%s", hdev->name);
619 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
622 cod[0] = hdev->minor_class;
623 cod[1] = hdev->major_class;
624 cod[2] = get_service_classes(hdev);
626 if (memcmp(cod, hdev->dev_class, 3) == 0)
629 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
632 static int add_uuid(struct sock *sk, unsigned char *data, u16 len)
634 struct mgmt_cp_add_uuid *cp;
635 struct hci_dev *hdev;
636 struct bt_uuid *uuid;
641 dev_id = get_unaligned_le16(&cp->index);
643 BT_DBG("request for hci%u", dev_id);
645 hdev = hci_dev_get(dev_id);
647 return cmd_status(sk, MGMT_OP_ADD_UUID, ENODEV);
649 hci_dev_lock_bh(hdev);
651 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
657 memcpy(uuid->uuid, cp->uuid, 16);
658 uuid->svc_hint = cp->svc_hint;
660 list_add(&uuid->list, &hdev->uuids);
662 err = update_class(hdev);
666 err = index_rsp(sk, MGMT_OP_ADD_UUID, dev_id);
669 hci_dev_unlock_bh(hdev);
675 static int remove_uuid(struct sock *sk, unsigned char *data, u16 len)
677 struct list_head *p, *n;
678 struct mgmt_cp_add_uuid *cp;
679 struct hci_dev *hdev;
680 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
685 dev_id = get_unaligned_le16(&cp->index);
687 BT_DBG("request for hci%u", dev_id);
689 hdev = hci_dev_get(dev_id);
691 return cmd_status(sk, MGMT_OP_REMOVE_UUID, ENODEV);
693 hci_dev_lock_bh(hdev);
695 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
696 err = hci_uuids_clear(hdev);
702 list_for_each_safe(p, n, &hdev->uuids) {
703 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
705 if (memcmp(match->uuid, cp->uuid, 16) != 0)
708 list_del(&match->list);
713 err = cmd_status(sk, MGMT_OP_REMOVE_UUID, ENOENT);
717 err = update_class(hdev);
721 err = index_rsp(sk, MGMT_OP_REMOVE_UUID, dev_id);
724 hci_dev_unlock_bh(hdev);
730 static int set_dev_class(struct sock *sk, unsigned char *data, u16 len)
732 struct hci_dev *hdev;
733 struct mgmt_cp_set_dev_class *cp;
738 dev_id = get_unaligned_le16(&cp->index);
740 BT_DBG("request for hci%u", dev_id);
742 hdev = hci_dev_get(dev_id);
744 return cmd_status(sk, MGMT_OP_SET_DEV_CLASS, ENODEV);
746 hci_dev_lock_bh(hdev);
748 hdev->major_class = cp->major;
749 hdev->minor_class = cp->minor;
751 err = update_class(hdev);
754 err = index_rsp(sk, MGMT_OP_SET_DEV_CLASS, dev_id);
756 hci_dev_unlock_bh(hdev);
762 static int set_service_cache(struct sock *sk, unsigned char *data, u16 len)
764 struct hci_dev *hdev;
765 struct mgmt_cp_set_service_cache *cp;
770 dev_id = get_unaligned_le16(&cp->index);
772 hdev = hci_dev_get(dev_id);
774 return cmd_status(sk, MGMT_OP_SET_SERVICE_CACHE, ENODEV);
776 hci_dev_lock_bh(hdev);
778 BT_DBG("hci%u enable %d", dev_id, cp->enable);
781 set_bit(HCI_SERVICE_CACHE, &hdev->flags);
784 clear_bit(HCI_SERVICE_CACHE, &hdev->flags);
785 err = update_class(hdev);
789 err = index_rsp(sk, MGMT_OP_SET_SERVICE_CACHE, dev_id);
791 hci_dev_unlock_bh(hdev);
797 static int load_keys(struct sock *sk, unsigned char *data, u16 len)
799 struct hci_dev *hdev;
800 struct mgmt_cp_load_keys *cp;
801 u16 dev_id, key_count, expected_len;
805 dev_id = get_unaligned_le16(&cp->index);
806 key_count = get_unaligned_le16(&cp->key_count);
808 expected_len = sizeof(*cp) + key_count * sizeof(struct mgmt_key_info);
809 if (expected_len != len) {
810 BT_ERR("load_keys: expected %u bytes, got %u bytes",
815 hdev = hci_dev_get(dev_id);
817 return cmd_status(sk, MGMT_OP_LOAD_KEYS, ENODEV);
819 BT_DBG("hci%u debug_keys %u key_count %u", dev_id, cp->debug_keys,
822 hci_dev_lock_bh(hdev);
824 hci_link_keys_clear(hdev);
826 set_bit(HCI_LINK_KEYS, &hdev->flags);
829 set_bit(HCI_DEBUG_KEYS, &hdev->flags);
831 clear_bit(HCI_DEBUG_KEYS, &hdev->flags);
833 for (i = 0; i < key_count; i++) {
834 struct mgmt_key_info *key = &cp->keys[i];
836 hci_add_link_key(hdev, 0, &key->bdaddr, key->val, key->type,
840 hci_dev_unlock_bh(hdev);
846 static int remove_key(struct sock *sk, unsigned char *data, u16 len)
848 struct hci_dev *hdev;
849 struct mgmt_cp_remove_key *cp;
850 struct hci_conn *conn;
855 dev_id = get_unaligned_le16(&cp->index);
857 hdev = hci_dev_get(dev_id);
859 return cmd_status(sk, MGMT_OP_REMOVE_KEY, ENODEV);
861 hci_dev_lock_bh(hdev);
863 err = hci_remove_link_key(hdev, &cp->bdaddr);
865 err = cmd_status(sk, MGMT_OP_REMOVE_KEY, -err);
871 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect)
874 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
876 struct hci_cp_disconnect dc;
878 put_unaligned_le16(conn->handle, &dc.handle);
879 dc.reason = 0x13; /* Remote User Terminated Connection */
880 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, 0, NULL);
884 hci_dev_unlock_bh(hdev);
890 static int disconnect(struct sock *sk, unsigned char *data, u16 len)
892 struct hci_dev *hdev;
893 struct mgmt_cp_disconnect *cp;
894 struct hci_cp_disconnect dc;
895 struct hci_conn *conn;
902 dev_id = get_unaligned_le16(&cp->index);
904 hdev = hci_dev_get(dev_id);
906 return cmd_status(sk, MGMT_OP_DISCONNECT, ENODEV);
908 hci_dev_lock_bh(hdev);
910 if (!test_bit(HCI_UP, &hdev->flags)) {
911 err = cmd_status(sk, MGMT_OP_DISCONNECT, ENETDOWN);
915 if (mgmt_pending_find(MGMT_OP_DISCONNECT, dev_id)) {
916 err = cmd_status(sk, MGMT_OP_DISCONNECT, EBUSY);
920 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
922 err = cmd_status(sk, MGMT_OP_DISCONNECT, ENOTCONN);
926 err = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, dev_id, data, len);
930 put_unaligned_le16(conn->handle, &dc.handle);
931 dc.reason = 0x13; /* Remote User Terminated Connection */
933 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
935 mgmt_pending_remove(MGMT_OP_DISCONNECT, dev_id);
938 hci_dev_unlock_bh(hdev);
944 int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
947 struct mgmt_hdr *hdr;
951 BT_DBG("got %zu bytes", msglen);
953 if (msglen < sizeof(*hdr))
956 buf = kmalloc(msglen, GFP_ATOMIC);
960 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
965 hdr = (struct mgmt_hdr *) buf;
966 opcode = get_unaligned_le16(&hdr->opcode);
967 len = get_unaligned_le16(&hdr->len);
969 if (len != msglen - sizeof(*hdr)) {
975 case MGMT_OP_READ_VERSION:
976 err = read_version(sk);
978 case MGMT_OP_READ_INDEX_LIST:
979 err = read_index_list(sk);
981 case MGMT_OP_READ_INFO:
982 err = read_controller_info(sk, buf + sizeof(*hdr), len);
984 case MGMT_OP_SET_POWERED:
985 err = set_powered(sk, buf + sizeof(*hdr), len);
987 case MGMT_OP_SET_DISCOVERABLE:
988 err = set_discoverable(sk, buf + sizeof(*hdr), len);
990 case MGMT_OP_SET_CONNECTABLE:
991 err = set_connectable(sk, buf + sizeof(*hdr), len);
993 case MGMT_OP_SET_PAIRABLE:
994 err = set_pairable(sk, buf + sizeof(*hdr), len);
996 case MGMT_OP_ADD_UUID:
997 err = add_uuid(sk, buf + sizeof(*hdr), len);
999 case MGMT_OP_REMOVE_UUID:
1000 err = remove_uuid(sk, buf + sizeof(*hdr), len);
1002 case MGMT_OP_SET_DEV_CLASS:
1003 err = set_dev_class(sk, buf + sizeof(*hdr), len);
1005 case MGMT_OP_SET_SERVICE_CACHE:
1006 err = set_service_cache(sk, buf + sizeof(*hdr), len);
1008 case MGMT_OP_LOAD_KEYS:
1009 err = load_keys(sk, buf + sizeof(*hdr), len);
1011 case MGMT_OP_REMOVE_KEY:
1012 err = remove_key(sk, buf + sizeof(*hdr), len);
1014 case MGMT_OP_DISCONNECT:
1015 err = disconnect(sk, buf + sizeof(*hdr), len);
1018 BT_DBG("Unknown op %u", opcode);
1019 err = cmd_status(sk, opcode, 0x01);
1033 int mgmt_index_added(u16 index)
1035 struct mgmt_ev_index_added ev;
1037 put_unaligned_le16(index, &ev.index);
1039 return mgmt_event(MGMT_EV_INDEX_ADDED, &ev, sizeof(ev), NULL);
1042 int mgmt_index_removed(u16 index)
1044 struct mgmt_ev_index_added ev;
1046 put_unaligned_le16(index, &ev.index);
1048 return mgmt_event(MGMT_EV_INDEX_REMOVED, &ev, sizeof(ev), NULL);
1056 static void mode_rsp(struct pending_cmd *cmd, void *data)
1058 struct mgmt_mode *cp = cmd->cmd;
1059 struct cmd_lookup *match = data;
1061 if (cp->val != match->val)
1064 send_mode_rsp(cmd->sk, cmd->opcode, cmd->index, cp->val);
1066 list_del(&cmd->list);
1068 if (match->sk == NULL) {
1069 match->sk = cmd->sk;
1070 sock_hold(match->sk);
1073 mgmt_pending_free(cmd);
1076 int mgmt_powered(u16 index, u8 powered)
1078 struct mgmt_mode ev;
1079 struct cmd_lookup match = { powered, NULL };
1082 mgmt_pending_foreach(MGMT_OP_SET_POWERED, index, mode_rsp, &match);
1084 put_unaligned_le16(index, &ev.index);
1087 ret = mgmt_event(MGMT_EV_POWERED, &ev, sizeof(ev), match.sk);
1095 int mgmt_discoverable(u16 index, u8 discoverable)
1097 struct mgmt_mode ev;
1098 struct cmd_lookup match = { discoverable, NULL };
1101 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, index,
1104 put_unaligned_le16(index, &ev.index);
1105 ev.val = discoverable;
1107 ret = mgmt_event(MGMT_EV_DISCOVERABLE, &ev, sizeof(ev), match.sk);
1115 int mgmt_connectable(u16 index, u8 connectable)
1117 struct mgmt_mode ev;
1118 struct cmd_lookup match = { connectable, NULL };
1121 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, index, mode_rsp, &match);
1123 put_unaligned_le16(index, &ev.index);
1124 ev.val = connectable;
1126 ret = mgmt_event(MGMT_EV_CONNECTABLE, &ev, sizeof(ev), match.sk);
1134 int mgmt_new_key(u16 index, struct link_key *key, u8 old_key_type)
1136 struct mgmt_ev_new_key ev;
1138 memset(&ev, 0, sizeof(ev));
1140 put_unaligned_le16(index, &ev.index);
1142 bacpy(&ev.key.bdaddr, &key->bdaddr);
1143 ev.key.type = key->type;
1144 memcpy(ev.key.val, key->val, 16);
1145 ev.key.pin_len = key->pin_len;
1146 ev.old_key_type = old_key_type;
1148 return mgmt_event(MGMT_EV_NEW_KEY, &ev, sizeof(ev), NULL);
1151 int mgmt_connected(u16 index, bdaddr_t *bdaddr)
1153 struct mgmt_ev_connected ev;
1155 put_unaligned_le16(index, &ev.index);
1156 bacpy(&ev.bdaddr, bdaddr);
1158 return mgmt_event(MGMT_EV_CONNECTED, &ev, sizeof(ev), NULL);
1161 static void disconnect_rsp(struct pending_cmd *cmd, void *data)
1163 struct mgmt_cp_disconnect *cp = cmd->cmd;
1164 struct sock **sk = data;
1165 struct sk_buff *skb;
1166 struct mgmt_hdr *hdr;
1167 struct mgmt_ev_cmd_complete *ev;
1168 struct mgmt_rp_disconnect *rp;
1170 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + sizeof(*rp), GFP_ATOMIC);
1174 hdr = (void *) skb_put(skb, sizeof(*hdr));
1175 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
1176 hdr->len = cpu_to_le16(sizeof(*ev) + sizeof(*rp));
1178 ev = (void *) skb_put(skb, sizeof(*ev));
1179 put_unaligned_le16(MGMT_OP_DISCONNECT, &ev->opcode);
1181 rp = (void *) skb_put(skb, sizeof(*rp));
1182 put_unaligned_le16(cmd->index, &rp->index);
1183 bacpy(&rp->bdaddr, &cp->bdaddr);
1185 if (sock_queue_rcv_skb(cmd->sk, skb) < 0)
1191 list_del(&cmd->list);
1192 mgmt_pending_free(cmd);
1195 int mgmt_disconnected(u16 index, bdaddr_t *bdaddr)
1197 struct mgmt_ev_disconnected ev;
1198 struct sock *sk = NULL;
1201 mgmt_pending_foreach(MGMT_OP_DISCONNECT, index, disconnect_rsp, &sk);
1203 put_unaligned_le16(index, &ev.index);
1204 bacpy(&ev.bdaddr, bdaddr);
1206 err = mgmt_event(MGMT_EV_DISCONNECTED, &ev, sizeof(ev), sk);
1214 int mgmt_disconnect_failed(u16 index)
1216 struct pending_cmd *cmd;
1219 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, index);
1223 err = cmd_status(cmd->sk, MGMT_OP_DISCONNECT, EIO);
1225 list_del(&cmd->list);
1226 mgmt_pending_free(cmd);