2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 /* Bluetooth HCI Management interface */
25 #include <linux/uaccess.h>
26 #include <asm/unaligned.h>
28 #include <net/bluetooth/bluetooth.h>
29 #include <net/bluetooth/hci_core.h>
30 #include <net/bluetooth/mgmt.h>
32 #define MGMT_VERSION 0
33 #define MGMT_REVISION 1
36 struct list_head list;
46 static int cmd_status(struct sock *sk, u16 cmd, u8 status)
50 struct mgmt_ev_cmd_status *ev;
52 BT_DBG("sock %p", sk);
54 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
58 hdr = (void *) skb_put(skb, sizeof(*hdr));
60 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
61 hdr->len = cpu_to_le16(sizeof(*ev));
63 ev = (void *) skb_put(skb, sizeof(*ev));
65 put_unaligned_le16(cmd, &ev->opcode);
67 if (sock_queue_rcv_skb(sk, skb) < 0)
73 static int cmd_complete(struct sock *sk, u16 cmd, void *rp, size_t rp_len)
77 struct mgmt_ev_cmd_complete *ev;
79 BT_DBG("sock %p", sk);
81 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
85 hdr = (void *) skb_put(skb, sizeof(*hdr));
87 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
88 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
90 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
91 put_unaligned_le16(cmd, &ev->opcode);
92 memcpy(ev->data, rp, rp_len);
94 if (sock_queue_rcv_skb(sk, skb) < 0)
100 static int read_version(struct sock *sk)
102 struct mgmt_rp_read_version rp;
104 BT_DBG("sock %p", sk);
106 rp.version = MGMT_VERSION;
107 put_unaligned_le16(MGMT_REVISION, &rp.revision);
109 return cmd_complete(sk, MGMT_OP_READ_VERSION, &rp, sizeof(rp));
112 static int read_index_list(struct sock *sk)
114 struct mgmt_rp_read_index_list *rp;
120 BT_DBG("sock %p", sk);
122 read_lock(&hci_dev_list_lock);
125 list_for_each(p, &hci_dev_list) {
129 rp_len = sizeof(*rp) + (2 * count);
130 rp = kmalloc(rp_len, GFP_ATOMIC);
132 read_unlock(&hci_dev_list_lock);
136 put_unaligned_le16(count, &rp->num_controllers);
139 list_for_each(p, &hci_dev_list) {
140 struct hci_dev *d = list_entry(p, struct hci_dev, list);
142 hci_del_off_timer(d);
144 set_bit(HCI_MGMT, &d->flags);
146 if (test_bit(HCI_SETUP, &d->flags))
149 put_unaligned_le16(d->id, &rp->index[i++]);
150 BT_DBG("Added hci%u", d->id);
153 read_unlock(&hci_dev_list_lock);
155 err = cmd_complete(sk, MGMT_OP_READ_INDEX_LIST, rp, rp_len);
162 static int read_controller_info(struct sock *sk, unsigned char *data, u16 len)
164 struct mgmt_rp_read_info rp;
165 struct mgmt_cp_read_info *cp = (void *) data;
166 struct hci_dev *hdev;
169 BT_DBG("sock %p", sk);
172 return cmd_status(sk, MGMT_OP_READ_INFO, EINVAL);
174 dev_id = get_unaligned_le16(&cp->index);
176 BT_DBG("request for hci%u", dev_id);
178 hdev = hci_dev_get(dev_id);
180 return cmd_status(sk, MGMT_OP_READ_INFO, ENODEV);
182 hci_del_off_timer(hdev);
184 hci_dev_lock_bh(hdev);
186 set_bit(HCI_MGMT, &hdev->flags);
188 put_unaligned_le16(hdev->id, &rp.index);
189 rp.type = hdev->dev_type;
191 rp.powered = test_bit(HCI_UP, &hdev->flags);
192 rp.connectable = test_bit(HCI_PSCAN, &hdev->flags);
193 rp.discoverable = test_bit(HCI_ISCAN, &hdev->flags);
194 rp.pairable = test_bit(HCI_PSCAN, &hdev->flags);
196 if (test_bit(HCI_AUTH, &hdev->flags))
198 else if (hdev->ssp_mode > 0)
203 bacpy(&rp.bdaddr, &hdev->bdaddr);
204 memcpy(rp.features, hdev->features, 8);
205 memcpy(rp.dev_class, hdev->dev_class, 3);
206 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
207 rp.hci_ver = hdev->hci_ver;
208 put_unaligned_le16(hdev->hci_rev, &rp.hci_rev);
210 hci_dev_unlock_bh(hdev);
213 return cmd_complete(sk, MGMT_OP_READ_INFO, &rp, sizeof(rp));
216 static void mgmt_pending_free(struct pending_cmd *cmd)
223 static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
224 u16 index, void *data, u16 len)
226 struct pending_cmd *cmd;
228 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
232 cmd->opcode = opcode;
235 cmd->cmd = kmalloc(len, GFP_ATOMIC);
241 memcpy(cmd->cmd, data, len);
246 list_add(&cmd->list, &cmd_list);
251 static void mgmt_pending_foreach(u16 opcode, int index,
252 void (*cb)(struct pending_cmd *cmd, void *data),
255 struct list_head *p, *n;
257 list_for_each_safe(p, n, &cmd_list) {
258 struct pending_cmd *cmd;
260 cmd = list_entry(p, struct pending_cmd, list);
262 if (cmd->opcode != opcode)
265 if (index >= 0 && cmd->index != index)
272 static struct pending_cmd *mgmt_pending_find(u16 opcode, int index)
276 list_for_each(p, &cmd_list) {
277 struct pending_cmd *cmd;
279 cmd = list_entry(p, struct pending_cmd, list);
281 if (cmd->opcode != opcode)
284 if (index >= 0 && cmd->index != index)
293 static void mgmt_pending_remove(u16 opcode, int index)
295 struct pending_cmd *cmd;
297 cmd = mgmt_pending_find(opcode, index);
301 list_del(&cmd->list);
302 mgmt_pending_free(cmd);
305 static int set_powered(struct sock *sk, unsigned char *data, u16 len)
307 struct mgmt_mode *cp;
308 struct hci_dev *hdev;
309 struct pending_cmd *cmd;
314 dev_id = get_unaligned_le16(&cp->index);
316 BT_DBG("request for hci%u", dev_id);
318 hdev = hci_dev_get(dev_id);
320 return cmd_status(sk, MGMT_OP_SET_POWERED, ENODEV);
322 hci_dev_lock_bh(hdev);
324 up = test_bit(HCI_UP, &hdev->flags);
325 if ((cp->val && up) || (!cp->val && !up)) {
326 err = cmd_status(sk, MGMT_OP_SET_POWERED, EALREADY);
330 if (mgmt_pending_find(MGMT_OP_SET_POWERED, dev_id)) {
331 err = cmd_status(sk, MGMT_OP_SET_POWERED, EBUSY);
335 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, dev_id, data, len);
342 queue_work(hdev->workqueue, &hdev->power_on);
344 queue_work(hdev->workqueue, &hdev->power_off);
349 hci_dev_unlock_bh(hdev);
354 static int set_discoverable(struct sock *sk, unsigned char *data, u16 len)
356 struct mgmt_mode *cp;
357 struct hci_dev *hdev;
358 struct pending_cmd *cmd;
364 dev_id = get_unaligned_le16(&cp->index);
366 BT_DBG("request for hci%u", dev_id);
368 hdev = hci_dev_get(dev_id);
370 return cmd_status(sk, MGMT_OP_SET_DISCOVERABLE, ENODEV);
372 hci_dev_lock_bh(hdev);
374 if (!test_bit(HCI_UP, &hdev->flags)) {
375 err = cmd_status(sk, MGMT_OP_SET_DISCOVERABLE, ENETDOWN);
379 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, dev_id) ||
380 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, dev_id)) {
381 err = cmd_status(sk, MGMT_OP_SET_DISCOVERABLE, EBUSY);
385 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
386 test_bit(HCI_PSCAN, &hdev->flags)) {
387 err = cmd_status(sk, MGMT_OP_SET_DISCOVERABLE, EALREADY);
391 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, dev_id, data, len);
400 scan |= SCAN_INQUIRY;
402 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
404 mgmt_pending_remove(MGMT_OP_SET_DISCOVERABLE, dev_id);
407 hci_dev_unlock_bh(hdev);
413 static int set_connectable(struct sock *sk, unsigned char *data, u16 len)
415 struct mgmt_mode *cp;
416 struct hci_dev *hdev;
417 struct pending_cmd *cmd;
423 dev_id = get_unaligned_le16(&cp->index);
425 BT_DBG("request for hci%u", dev_id);
427 hdev = hci_dev_get(dev_id);
429 return cmd_status(sk, MGMT_OP_SET_CONNECTABLE, ENODEV);
431 hci_dev_lock_bh(hdev);
433 if (!test_bit(HCI_UP, &hdev->flags)) {
434 err = cmd_status(sk, MGMT_OP_SET_CONNECTABLE, ENETDOWN);
438 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, dev_id) ||
439 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, dev_id)) {
440 err = cmd_status(sk, MGMT_OP_SET_CONNECTABLE, EBUSY);
444 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
445 err = cmd_status(sk, MGMT_OP_SET_CONNECTABLE, EALREADY);
449 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, dev_id, data, len);
460 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
462 mgmt_pending_remove(MGMT_OP_SET_CONNECTABLE, dev_id);
465 hci_dev_unlock_bh(hdev);
471 static int mgmt_event(u16 event, void *data, u16 data_len, struct sock *skip_sk)
474 struct mgmt_hdr *hdr;
476 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
480 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL;
482 hdr = (void *) skb_put(skb, sizeof(*hdr));
483 hdr->opcode = cpu_to_le16(event);
484 hdr->len = cpu_to_le16(data_len);
486 memcpy(skb_put(skb, data_len), data, data_len);
488 hci_send_to_sock(NULL, skb, skip_sk);
494 static int send_mode_rsp(struct sock *sk, u16 opcode, u16 index, u8 val)
498 put_unaligned_le16(index, &rp.index);
501 return cmd_complete(sk, opcode, &rp, sizeof(rp));
504 static int set_pairable(struct sock *sk, unsigned char *data, u16 len)
506 struct mgmt_mode *cp, ev;
507 struct hci_dev *hdev;
512 dev_id = get_unaligned_le16(&cp->index);
514 BT_DBG("request for hci%u", dev_id);
516 hdev = hci_dev_get(dev_id);
518 return cmd_status(sk, MGMT_OP_SET_PAIRABLE, ENODEV);
520 hci_dev_lock_bh(hdev);
523 set_bit(HCI_PAIRABLE, &hdev->flags);
525 clear_bit(HCI_PAIRABLE, &hdev->flags);
527 err = send_mode_rsp(sk, MGMT_OP_SET_PAIRABLE, dev_id, cp->val);
531 put_unaligned_le16(dev_id, &ev.index);
534 err = mgmt_event(MGMT_EV_PAIRABLE, &ev, sizeof(ev), sk);
537 hci_dev_unlock_bh(hdev);
543 static u8 get_service_classes(struct hci_dev *hdev)
548 list_for_each(p, &hdev->uuids) {
549 struct bt_uuid *uuid = list_entry(p, struct bt_uuid, list);
551 val |= uuid->svc_hint;
557 static int update_class(struct hci_dev *hdev)
561 BT_DBG("%s", hdev->name);
563 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
566 cod[0] = hdev->minor_class;
567 cod[1] = hdev->major_class;
568 cod[2] = get_service_classes(hdev);
570 if (memcmp(cod, hdev->dev_class, 3) == 0)
573 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
576 static int add_uuid(struct sock *sk, unsigned char *data, u16 len)
578 struct mgmt_cp_add_uuid *cp;
579 struct hci_dev *hdev;
580 struct bt_uuid *uuid;
585 dev_id = get_unaligned_le16(&cp->index);
587 BT_DBG("request for hci%u", dev_id);
589 hdev = hci_dev_get(dev_id);
591 return cmd_status(sk, MGMT_OP_ADD_UUID, ENODEV);
593 hci_dev_lock_bh(hdev);
595 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
601 memcpy(uuid->uuid, cp->uuid, 16);
602 uuid->svc_hint = cp->svc_hint;
604 list_add(&uuid->list, &hdev->uuids);
606 err = update_class(hdev);
610 err = cmd_complete(sk, MGMT_OP_ADD_UUID, &dev_id, sizeof(dev_id));
613 hci_dev_unlock_bh(hdev);
619 static int remove_uuid(struct sock *sk, unsigned char *data, u16 len)
621 struct list_head *p, *n;
622 struct mgmt_cp_add_uuid *cp;
623 struct hci_dev *hdev;
624 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
629 dev_id = get_unaligned_le16(&cp->index);
631 BT_DBG("request for hci%u", dev_id);
633 hdev = hci_dev_get(dev_id);
635 return cmd_status(sk, MGMT_OP_REMOVE_UUID, ENODEV);
637 hci_dev_lock_bh(hdev);
639 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
640 err = hci_uuids_clear(hdev);
646 list_for_each_safe(p, n, &hdev->uuids) {
647 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
649 if (memcmp(match->uuid, cp->uuid, 16) != 0)
652 list_del(&match->list);
657 err = cmd_status(sk, MGMT_OP_REMOVE_UUID, ENOENT);
661 err = update_class(hdev);
665 err = cmd_complete(sk, MGMT_OP_REMOVE_UUID, &dev_id, sizeof(dev_id));
668 hci_dev_unlock_bh(hdev);
674 static int set_dev_class(struct sock *sk, unsigned char *data, u16 len)
676 struct hci_dev *hdev;
677 struct mgmt_cp_set_dev_class *cp;
682 dev_id = get_unaligned_le16(&cp->index);
684 BT_DBG("request for hci%u", dev_id);
686 hdev = hci_dev_get(dev_id);
688 return cmd_status(sk, MGMT_OP_SET_DEV_CLASS, ENODEV);
690 hci_dev_lock_bh(hdev);
692 hdev->major_class = cp->major;
693 hdev->minor_class = cp->minor;
695 err = update_class(hdev);
698 err = cmd_complete(sk, MGMT_OP_SET_DEV_CLASS, &dev_id,
701 hci_dev_unlock_bh(hdev);
707 static int set_service_cache(struct sock *sk, unsigned char *data, u16 len)
709 struct hci_dev *hdev;
710 struct mgmt_cp_set_service_cache *cp;
715 dev_id = get_unaligned_le16(&cp->index);
717 hdev = hci_dev_get(dev_id);
719 return cmd_status(sk, MGMT_OP_SET_SERVICE_CACHE, ENODEV);
721 hci_dev_lock_bh(hdev);
723 BT_DBG("hci%u enable %d", dev_id, cp->enable);
726 set_bit(HCI_SERVICE_CACHE, &hdev->flags);
729 clear_bit(HCI_SERVICE_CACHE, &hdev->flags);
730 err = update_class(hdev);
734 err = cmd_complete(sk, MGMT_OP_SET_SERVICE_CACHE, &dev_id,
737 hci_dev_unlock_bh(hdev);
743 static int load_keys(struct sock *sk, unsigned char *data, u16 len)
745 struct hci_dev *hdev;
746 struct mgmt_cp_load_keys *cp;
747 u16 dev_id, key_count, expected_len;
751 dev_id = get_unaligned_le16(&cp->index);
752 key_count = get_unaligned_le16(&cp->key_count);
754 expected_len = sizeof(*cp) + key_count * sizeof(struct mgmt_key_info);
755 if (expected_len != len) {
756 BT_ERR("load_keys: expected %u bytes, got %u bytes",
761 hdev = hci_dev_get(dev_id);
763 return cmd_status(sk, MGMT_OP_LOAD_KEYS, ENODEV);
765 BT_DBG("hci%u debug_keys %u key_count %u", dev_id, cp->debug_keys,
768 hci_dev_lock_bh(hdev);
770 hci_link_keys_clear(hdev);
772 set_bit(HCI_LINK_KEYS, &hdev->flags);
775 set_bit(HCI_DEBUG_KEYS, &hdev->flags);
777 clear_bit(HCI_DEBUG_KEYS, &hdev->flags);
779 for (i = 0; i < key_count; i++) {
780 struct mgmt_key_info *key = &cp->keys[i];
782 hci_add_link_key(hdev, 0, &key->bdaddr, key->val, key->type,
786 hci_dev_unlock_bh(hdev);
792 static int remove_key(struct sock *sk, unsigned char *data, u16 len)
794 struct hci_dev *hdev;
795 struct mgmt_cp_remove_key *cp;
796 struct hci_conn *conn;
801 dev_id = get_unaligned_le16(&cp->index);
803 hdev = hci_dev_get(dev_id);
805 return cmd_status(sk, MGMT_OP_REMOVE_KEY, ENODEV);
807 hci_dev_lock_bh(hdev);
809 err = hci_remove_link_key(hdev, &cp->bdaddr);
811 err = cmd_status(sk, MGMT_OP_REMOVE_KEY, -err);
817 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect)
820 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
822 struct hci_cp_disconnect dc;
824 put_unaligned_le16(conn->handle, &dc.handle);
825 dc.reason = 0x13; /* Remote User Terminated Connection */
826 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, 0, NULL);
830 hci_dev_unlock_bh(hdev);
836 static int disconnect(struct sock *sk, unsigned char *data, u16 len)
838 struct hci_dev *hdev;
839 struct mgmt_cp_disconnect *cp;
840 struct hci_cp_disconnect dc;
841 struct pending_cmd *cmd;
842 struct hci_conn *conn;
849 dev_id = get_unaligned_le16(&cp->index);
851 hdev = hci_dev_get(dev_id);
853 return cmd_status(sk, MGMT_OP_DISCONNECT, ENODEV);
855 hci_dev_lock_bh(hdev);
857 if (!test_bit(HCI_UP, &hdev->flags)) {
858 err = cmd_status(sk, MGMT_OP_DISCONNECT, ENETDOWN);
862 if (mgmt_pending_find(MGMT_OP_DISCONNECT, dev_id)) {
863 err = cmd_status(sk, MGMT_OP_DISCONNECT, EBUSY);
867 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
869 err = cmd_status(sk, MGMT_OP_DISCONNECT, ENOTCONN);
873 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, dev_id, data, len);
879 put_unaligned_le16(conn->handle, &dc.handle);
880 dc.reason = 0x13; /* Remote User Terminated Connection */
882 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
884 mgmt_pending_remove(MGMT_OP_DISCONNECT, dev_id);
887 hci_dev_unlock_bh(hdev);
893 static int get_connections(struct sock *sk, unsigned char *data, u16 len)
895 struct mgmt_cp_get_connections *cp;
896 struct mgmt_rp_get_connections *rp;
897 struct hci_dev *hdev;
906 dev_id = get_unaligned_le16(&cp->index);
908 hdev = hci_dev_get(dev_id);
910 return cmd_status(sk, MGMT_OP_GET_CONNECTIONS, ENODEV);
912 hci_dev_lock_bh(hdev);
915 list_for_each(p, &hdev->conn_hash.list) {
919 rp_len = sizeof(*rp) + (count * sizeof(bdaddr_t));
920 rp = kmalloc(rp_len, GFP_ATOMIC);
926 put_unaligned_le16(dev_id, &rp->index);
927 put_unaligned_le16(count, &rp->conn_count);
929 read_lock(&hci_dev_list_lock);
932 list_for_each(p, &hdev->conn_hash.list) {
933 struct hci_conn *c = list_entry(p, struct hci_conn, list);
935 bacpy(&rp->conn[i++], &c->dst);
938 read_unlock(&hci_dev_list_lock);
940 err = cmd_complete(sk, MGMT_OP_GET_CONNECTIONS, rp, rp_len);
944 hci_dev_unlock_bh(hdev);
949 static int pin_code_reply(struct sock *sk, unsigned char *data, u16 len)
951 struct hci_dev *hdev;
952 struct mgmt_cp_pin_code_reply *cp;
953 struct hci_cp_pin_code_reply reply;
954 struct pending_cmd *cmd;
961 dev_id = get_unaligned_le16(&cp->index);
963 hdev = hci_dev_get(dev_id);
965 return cmd_status(sk, MGMT_OP_DISCONNECT, ENODEV);
967 hci_dev_lock_bh(hdev);
969 if (!test_bit(HCI_UP, &hdev->flags)) {
970 err = cmd_status(sk, MGMT_OP_PIN_CODE_REPLY, ENETDOWN);
974 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, dev_id, data, len);
980 bacpy(&reply.bdaddr, &cp->bdaddr);
981 reply.pin_len = cp->pin_len;
982 memcpy(reply.pin_code, cp->pin_code, 16);
984 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
986 mgmt_pending_remove(MGMT_OP_PIN_CODE_REPLY, dev_id);
989 hci_dev_unlock_bh(hdev);
995 static int pin_code_neg_reply(struct sock *sk, unsigned char *data, u16 len)
997 struct hci_dev *hdev;
998 struct mgmt_cp_pin_code_neg_reply *cp;
999 struct pending_cmd *cmd;
1006 dev_id = get_unaligned_le16(&cp->index);
1008 hdev = hci_dev_get(dev_id);
1010 return cmd_status(sk, MGMT_OP_PIN_CODE_NEG_REPLY, ENODEV);
1012 hci_dev_lock_bh(hdev);
1014 if (!test_bit(HCI_UP, &hdev->flags)) {
1015 err = cmd_status(sk, MGMT_OP_PIN_CODE_NEG_REPLY, ENETDOWN);
1019 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, dev_id,
1026 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, sizeof(bdaddr_t),
1029 mgmt_pending_remove(MGMT_OP_PIN_CODE_NEG_REPLY, dev_id);
1032 hci_dev_unlock_bh(hdev);
1038 static int set_io_capability(struct sock *sk, unsigned char *data, u16 len)
1040 struct hci_dev *hdev;
1041 struct mgmt_cp_set_io_capability *cp;
1047 dev_id = get_unaligned_le16(&cp->index);
1049 hdev = hci_dev_get(dev_id);
1051 return cmd_status(sk, MGMT_OP_SET_IO_CAPABILITY, ENODEV);
1053 hci_dev_lock_bh(hdev);
1055 hdev->io_capability = cp->io_capability;
1057 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
1058 hdev->io_capability);
1060 hci_dev_unlock_bh(hdev);
1063 return cmd_complete(sk, MGMT_OP_SET_IO_CAPABILITY,
1064 &dev_id, sizeof(dev_id));
1067 static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1069 struct hci_dev *hdev = conn->hdev;
1070 struct list_head *p;
1072 list_for_each(p, &cmd_list) {
1073 struct pending_cmd *cmd;
1075 cmd = list_entry(p, struct pending_cmd, list);
1077 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1080 if (cmd->index != hdev->id)
1083 if (cmd->user_data != conn)
1092 static void pairing_complete(struct pending_cmd *cmd, u8 status)
1094 struct mgmt_rp_pair_device rp;
1095 struct hci_conn *conn = cmd->user_data;
1097 rp.index = cmd->index;
1098 bacpy(&rp.bdaddr, &conn->dst);
1101 cmd_complete(cmd->sk, MGMT_OP_PAIR_DEVICE, &rp, sizeof(rp));
1103 /* So we don't get further callbacks for this connection */
1104 conn->connect_cfm_cb = NULL;
1105 conn->security_cfm_cb = NULL;
1106 conn->disconn_cfm_cb = NULL;
1110 list_del(&cmd->list);
1111 mgmt_pending_free(cmd);
1114 static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1116 struct pending_cmd *cmd;
1118 BT_DBG("status %u", status);
1120 cmd = find_pairing(conn);
1122 BT_DBG("Unable to find a pending command");
1126 pairing_complete(cmd, status);
1129 static int pair_device(struct sock *sk, unsigned char *data, u16 len)
1131 struct hci_dev *hdev;
1132 struct mgmt_cp_pair_device *cp;
1133 struct pending_cmd *cmd;
1134 u8 sec_level, auth_type;
1135 struct hci_conn *conn;
1142 dev_id = get_unaligned_le16(&cp->index);
1144 hdev = hci_dev_get(dev_id);
1146 return cmd_status(sk, MGMT_OP_PAIR_DEVICE, ENODEV);
1148 hci_dev_lock_bh(hdev);
1150 if (cp->io_cap == 0x03) {
1151 sec_level = BT_SECURITY_MEDIUM;
1152 auth_type = HCI_AT_DEDICATED_BONDING;
1154 sec_level = BT_SECURITY_HIGH;
1155 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
1158 conn = hci_connect(hdev, ACL_LINK, &cp->bdaddr, sec_level, auth_type);
1164 if (conn->connect_cfm_cb) {
1166 err = cmd_status(sk, MGMT_OP_PAIR_DEVICE, EBUSY);
1170 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, dev_id, data, len);
1177 conn->connect_cfm_cb = pairing_complete_cb;
1178 conn->security_cfm_cb = pairing_complete_cb;
1179 conn->disconn_cfm_cb = pairing_complete_cb;
1180 conn->io_capability = cp->io_cap;
1181 cmd->user_data = conn;
1183 if (conn->state == BT_CONNECTED &&
1184 hci_conn_security(conn, sec_level, auth_type))
1185 pairing_complete(cmd, 0);
1190 hci_dev_unlock_bh(hdev);
1196 int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
1199 struct mgmt_hdr *hdr;
1203 BT_DBG("got %zu bytes", msglen);
1205 if (msglen < sizeof(*hdr))
1208 buf = kmalloc(msglen, GFP_ATOMIC);
1212 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
1217 hdr = (struct mgmt_hdr *) buf;
1218 opcode = get_unaligned_le16(&hdr->opcode);
1219 len = get_unaligned_le16(&hdr->len);
1221 if (len != msglen - sizeof(*hdr)) {
1227 case MGMT_OP_READ_VERSION:
1228 err = read_version(sk);
1230 case MGMT_OP_READ_INDEX_LIST:
1231 err = read_index_list(sk);
1233 case MGMT_OP_READ_INFO:
1234 err = read_controller_info(sk, buf + sizeof(*hdr), len);
1236 case MGMT_OP_SET_POWERED:
1237 err = set_powered(sk, buf + sizeof(*hdr), len);
1239 case MGMT_OP_SET_DISCOVERABLE:
1240 err = set_discoverable(sk, buf + sizeof(*hdr), len);
1242 case MGMT_OP_SET_CONNECTABLE:
1243 err = set_connectable(sk, buf + sizeof(*hdr), len);
1245 case MGMT_OP_SET_PAIRABLE:
1246 err = set_pairable(sk, buf + sizeof(*hdr), len);
1248 case MGMT_OP_ADD_UUID:
1249 err = add_uuid(sk, buf + sizeof(*hdr), len);
1251 case MGMT_OP_REMOVE_UUID:
1252 err = remove_uuid(sk, buf + sizeof(*hdr), len);
1254 case MGMT_OP_SET_DEV_CLASS:
1255 err = set_dev_class(sk, buf + sizeof(*hdr), len);
1257 case MGMT_OP_SET_SERVICE_CACHE:
1258 err = set_service_cache(sk, buf + sizeof(*hdr), len);
1260 case MGMT_OP_LOAD_KEYS:
1261 err = load_keys(sk, buf + sizeof(*hdr), len);
1263 case MGMT_OP_REMOVE_KEY:
1264 err = remove_key(sk, buf + sizeof(*hdr), len);
1266 case MGMT_OP_DISCONNECT:
1267 err = disconnect(sk, buf + sizeof(*hdr), len);
1269 case MGMT_OP_GET_CONNECTIONS:
1270 err = get_connections(sk, buf + sizeof(*hdr), len);
1272 case MGMT_OP_PIN_CODE_REPLY:
1273 err = pin_code_reply(sk, buf + sizeof(*hdr), len);
1275 case MGMT_OP_PIN_CODE_NEG_REPLY:
1276 err = pin_code_neg_reply(sk, buf + sizeof(*hdr), len);
1278 case MGMT_OP_SET_IO_CAPABILITY:
1279 err = set_io_capability(sk, buf + sizeof(*hdr), len);
1281 case MGMT_OP_PAIR_DEVICE:
1282 err = pair_device(sk, buf + sizeof(*hdr), len);
1285 BT_DBG("Unknown op %u", opcode);
1286 err = cmd_status(sk, opcode, 0x01);
1300 int mgmt_index_added(u16 index)
1302 struct mgmt_ev_index_added ev;
1304 put_unaligned_le16(index, &ev.index);
1306 return mgmt_event(MGMT_EV_INDEX_ADDED, &ev, sizeof(ev), NULL);
1309 int mgmt_index_removed(u16 index)
1311 struct mgmt_ev_index_added ev;
1313 put_unaligned_le16(index, &ev.index);
1315 return mgmt_event(MGMT_EV_INDEX_REMOVED, &ev, sizeof(ev), NULL);
1323 static void mode_rsp(struct pending_cmd *cmd, void *data)
1325 struct mgmt_mode *cp = cmd->cmd;
1326 struct cmd_lookup *match = data;
1328 if (cp->val != match->val)
1331 send_mode_rsp(cmd->sk, cmd->opcode, cmd->index, cp->val);
1333 list_del(&cmd->list);
1335 if (match->sk == NULL) {
1336 match->sk = cmd->sk;
1337 sock_hold(match->sk);
1340 mgmt_pending_free(cmd);
1343 int mgmt_powered(u16 index, u8 powered)
1345 struct mgmt_mode ev;
1346 struct cmd_lookup match = { powered, NULL };
1349 mgmt_pending_foreach(MGMT_OP_SET_POWERED, index, mode_rsp, &match);
1351 put_unaligned_le16(index, &ev.index);
1354 ret = mgmt_event(MGMT_EV_POWERED, &ev, sizeof(ev), match.sk);
1362 int mgmt_discoverable(u16 index, u8 discoverable)
1364 struct mgmt_mode ev;
1365 struct cmd_lookup match = { discoverable, NULL };
1368 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, index,
1371 put_unaligned_le16(index, &ev.index);
1372 ev.val = discoverable;
1374 ret = mgmt_event(MGMT_EV_DISCOVERABLE, &ev, sizeof(ev), match.sk);
1382 int mgmt_connectable(u16 index, u8 connectable)
1384 struct mgmt_mode ev;
1385 struct cmd_lookup match = { connectable, NULL };
1388 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, index, mode_rsp, &match);
1390 put_unaligned_le16(index, &ev.index);
1391 ev.val = connectable;
1393 ret = mgmt_event(MGMT_EV_CONNECTABLE, &ev, sizeof(ev), match.sk);
1401 int mgmt_new_key(u16 index, struct link_key *key, u8 old_key_type)
1403 struct mgmt_ev_new_key ev;
1405 memset(&ev, 0, sizeof(ev));
1407 put_unaligned_le16(index, &ev.index);
1409 bacpy(&ev.key.bdaddr, &key->bdaddr);
1410 ev.key.type = key->type;
1411 memcpy(ev.key.val, key->val, 16);
1412 ev.key.pin_len = key->pin_len;
1413 ev.old_key_type = old_key_type;
1415 return mgmt_event(MGMT_EV_NEW_KEY, &ev, sizeof(ev), NULL);
1418 int mgmt_connected(u16 index, bdaddr_t *bdaddr)
1420 struct mgmt_ev_connected ev;
1422 put_unaligned_le16(index, &ev.index);
1423 bacpy(&ev.bdaddr, bdaddr);
1425 return mgmt_event(MGMT_EV_CONNECTED, &ev, sizeof(ev), NULL);
1428 static void disconnect_rsp(struct pending_cmd *cmd, void *data)
1430 struct mgmt_cp_disconnect *cp = cmd->cmd;
1431 struct sock **sk = data;
1432 struct mgmt_rp_disconnect rp;
1434 put_unaligned_le16(cmd->index, &rp.index);
1435 bacpy(&rp.bdaddr, &cp->bdaddr);
1437 cmd_complete(cmd->sk, MGMT_OP_DISCONNECT, &rp, sizeof(rp));
1442 list_del(&cmd->list);
1443 mgmt_pending_free(cmd);
1446 int mgmt_disconnected(u16 index, bdaddr_t *bdaddr)
1448 struct mgmt_ev_disconnected ev;
1449 struct sock *sk = NULL;
1452 mgmt_pending_foreach(MGMT_OP_DISCONNECT, index, disconnect_rsp, &sk);
1454 put_unaligned_le16(index, &ev.index);
1455 bacpy(&ev.bdaddr, bdaddr);
1457 err = mgmt_event(MGMT_EV_DISCONNECTED, &ev, sizeof(ev), sk);
1465 int mgmt_disconnect_failed(u16 index)
1467 struct pending_cmd *cmd;
1470 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, index);
1474 err = cmd_status(cmd->sk, MGMT_OP_DISCONNECT, EIO);
1476 list_del(&cmd->list);
1477 mgmt_pending_free(cmd);
1482 int mgmt_connect_failed(u16 index, bdaddr_t *bdaddr, u8 status)
1484 struct mgmt_ev_connect_failed ev;
1486 put_unaligned_le16(index, &ev.index);
1487 bacpy(&ev.bdaddr, bdaddr);
1490 return mgmt_event(MGMT_EV_CONNECT_FAILED, &ev, sizeof(ev), NULL);
1493 int mgmt_pin_code_request(u16 index, bdaddr_t *bdaddr)
1495 struct mgmt_ev_pin_code_request ev;
1497 put_unaligned_le16(index, &ev.index);
1498 bacpy(&ev.bdaddr, bdaddr);
1500 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, &ev, sizeof(ev), NULL);
1503 int mgmt_pin_code_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
1505 struct pending_cmd *cmd;
1508 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, index);
1513 err = cmd_status(cmd->sk, MGMT_OP_PIN_CODE_REPLY, status);
1515 err = cmd_complete(cmd->sk, MGMT_OP_PIN_CODE_REPLY,
1516 bdaddr, sizeof(*bdaddr));
1518 list_del(&cmd->list);
1519 mgmt_pending_free(cmd);
1524 int mgmt_pin_code_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
1526 struct pending_cmd *cmd;
1529 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, index);
1534 err = cmd_status(cmd->sk, MGMT_OP_PIN_CODE_NEG_REPLY, status);
1536 err = cmd_complete(cmd->sk, MGMT_OP_PIN_CODE_NEG_REPLY,
1537 bdaddr, sizeof(*bdaddr));
1539 list_del(&cmd->list);
1540 mgmt_pending_free(cmd);
projects / karo-tx-linux.git / blob