blob: cfeaee347db32d5502e56e25b8f92d6137613ae4 [file] [log] [blame]
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +09001/*
Linus Torvalds1da177e2005-04-16 15:20:36 -07002 BlueZ - Bluetooth protocol stack for Linux
Ron Shaffer2d0a0342010-05-28 11:53:46 -04003 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
Linus Torvalds1da177e2005-04-16 15:20:36 -07004
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +090015 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
Linus Torvalds1da177e2005-04-16 15:20:36 -070018 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +090020 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
Linus Torvalds1da177e2005-04-16 15:20:36 -070022 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
Linus Torvalds1da177e2005-04-16 15:20:36 -070027#include <asm/unaligned.h>
28
29#include <net/bluetooth/bluetooth.h>
30#include <net/bluetooth/hci_core.h>
Mikel Astizf0d6a0e2012-08-09 09:52:30 +020031#include <net/bluetooth/mgmt.h>
Marcel Holtmann7ef9fbf2013-10-10 14:54:14 -070032
Johan Hedberg0857dd32014-12-19 13:40:20 +020033#include "hci_request.h"
Marcel Holtmann23b9ceb2014-12-20 17:13:41 +010034#include "hci_debugfs.h"
Marcel Holtmann70247282013-10-10 14:54:15 -070035#include "a2mp.h"
Marcel Holtmann7ef9fbf2013-10-10 14:54:14 -070036#include "amp.h"
Johan Hedberg2ceba532014-06-16 19:25:16 +030037#include "smp.h"
Miao-chen Chou145373c2020-04-03 21:44:01 +020038#include "msft.h"
Linus Torvalds1da177e2005-04-16 15:20:36 -070039
Marcel Holtmannaa5b0342015-01-27 16:04:33 -080040#define ZERO_KEY "\x00\x00\x00\x00\x00\x00\x00\x00" \
41 "\x00\x00\x00\x00\x00\x00\x00\x00"
42
Linus Torvalds1da177e2005-04-16 15:20:36 -070043/* Handle HCI Event packets */
44
Sonny Sasakaadf1d692020-05-06 12:55:03 -070045static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb,
46 u8 *new_status)
Linus Torvalds1da177e2005-04-16 15:20:36 -070047{
Marcel Holtmanna9de9242007-10-20 13:33:56 +020048 __u8 status = *((__u8 *) skb->data);
Linus Torvalds1da177e2005-04-16 15:20:36 -070049
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +030050 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Linus Torvalds1da177e2005-04-16 15:20:36 -070051
Sonny Sasakaadf1d692020-05-06 12:55:03 -070052 /* It is possible that we receive Inquiry Complete event right
53 * before we receive Inquiry Cancel Command Complete event, in
54 * which case the latter event should have status of Command
55 * Disallowed (0x0c). This should not be treated as error, since
56 * we actually achieve what Inquiry Cancel wants to achieve,
57 * which is to end the last Inquiry session.
58 */
59 if (status == 0x0c && !test_bit(HCI_INQUIRY, &hdev->flags)) {
60 bt_dev_warn(hdev, "Ignoring error of Inquiry Cancel command");
61 status = 0x00;
62 }
63
64 *new_status = status;
65
Andre Guedes82f47852013-04-30 15:29:34 -030066 if (status)
Marcel Holtmanna9de9242007-10-20 13:33:56 +020067 return;
Linus Torvalds1da177e2005-04-16 15:20:36 -070068
Andre Guedes89352e72011-11-04 14:16:53 -030069 clear_bit(HCI_INQUIRY, &hdev->flags);
Peter Zijlstra4e857c52014-03-17 18:06:10 +010070 smp_mb__after_atomic(); /* wake_up_bit advises about this barrier */
Andre Guedes3e13fa12013-03-27 20:04:56 -030071 wake_up_bit(&hdev->flags, HCI_INQUIRY);
Andre Guedes89352e72011-11-04 14:16:53 -030072
Johan Hedberg50143a42014-06-10 14:05:57 +030073 hci_dev_lock(hdev);
Jakub Pawlowski168b8a22015-10-16 10:07:49 +030074 /* Set discovery state to stopped if we're not doing LE active
75 * scanning.
76 */
77 if (!hci_dev_test_flag(hdev, HCI_LE_SCAN) ||
78 hdev->le_scan_type != LE_SCAN_ACTIVE)
79 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
Johan Hedberg50143a42014-06-10 14:05:57 +030080 hci_dev_unlock(hdev);
81
Marcel Holtmanna9de9242007-10-20 13:33:56 +020082 hci_conn_check_pending(hdev);
Linus Torvalds1da177e2005-04-16 15:20:36 -070083}
84
Andre Guedes4d934832012-03-21 00:03:35 -030085static void hci_cc_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
86{
87 __u8 status = *((__u8 *) skb->data);
88
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +030089 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Andre Guedesae854a72012-03-21 00:03:36 -030090
91 if (status)
92 return;
93
Marcel Holtmanna1536da2015-03-13 02:11:01 -070094 hci_dev_set_flag(hdev, HCI_PERIODIC_INQ);
Andre Guedes4d934832012-03-21 00:03:35 -030095}
96
Marcel Holtmanna9de9242007-10-20 13:33:56 +020097static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -070098{
Marcel Holtmanna9de9242007-10-20 13:33:56 +020099 __u8 status = *((__u8 *) skb->data);
100
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300101 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200102
103 if (status)
104 return;
105
Marcel Holtmanna358dc12015-03-13 02:11:02 -0700106 hci_dev_clear_flag(hdev, HCI_PERIODIC_INQ);
Andre Guedesae854a72012-03-21 00:03:36 -0300107
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200108 hci_conn_check_pending(hdev);
109}
110
Gustavo Padovan807deac2012-05-17 00:36:24 -0300111static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev,
112 struct sk_buff *skb)
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200113{
114 BT_DBG("%s", hdev->name);
115}
116
117static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
118{
119 struct hci_rp_role_discovery *rp = (void *) skb->data;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700120 struct hci_conn *conn;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700121
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300122 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700123
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200124 if (rp->status)
125 return;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700126
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200127 hci_dev_lock(hdev);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700128
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200129 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
Johan Hedberg40bef302014-07-16 11:42:27 +0300130 if (conn)
131 conn->role = rp->role;
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200132
133 hci_dev_unlock(hdev);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700134}
135
Marcel Holtmanne4e8e372008-07-14 20:13:47 +0200136static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
137{
138 struct hci_rp_read_link_policy *rp = (void *) skb->data;
139 struct hci_conn *conn;
140
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300141 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Marcel Holtmanne4e8e372008-07-14 20:13:47 +0200142
143 if (rp->status)
144 return;
145
146 hci_dev_lock(hdev);
147
148 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
149 if (conn)
150 conn->link_policy = __le16_to_cpu(rp->policy);
151
152 hci_dev_unlock(hdev);
153}
154
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200155static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700156{
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200157 struct hci_rp_write_link_policy *rp = (void *) skb->data;
158 struct hci_conn *conn;
159 void *sent;
160
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300161 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200162
163 if (rp->status)
164 return;
165
166 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
167 if (!sent)
168 return;
169
170 hci_dev_lock(hdev);
171
172 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
Marcel Holtmanne4e8e372008-07-14 20:13:47 +0200173 if (conn)
Harvey Harrison83985312008-05-02 16:25:46 -0700174 conn->link_policy = get_unaligned_le16(sent + 2);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200175
176 hci_dev_unlock(hdev);
177}
178
Gustavo Padovan807deac2012-05-17 00:36:24 -0300179static void hci_cc_read_def_link_policy(struct hci_dev *hdev,
180 struct sk_buff *skb)
Marcel Holtmanne4e8e372008-07-14 20:13:47 +0200181{
182 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
183
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300184 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Marcel Holtmanne4e8e372008-07-14 20:13:47 +0200185
186 if (rp->status)
187 return;
188
189 hdev->link_policy = __le16_to_cpu(rp->policy);
190}
191
Gustavo Padovan807deac2012-05-17 00:36:24 -0300192static void hci_cc_write_def_link_policy(struct hci_dev *hdev,
193 struct sk_buff *skb)
Marcel Holtmanne4e8e372008-07-14 20:13:47 +0200194{
195 __u8 status = *((__u8 *) skb->data);
196 void *sent;
197
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300198 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Marcel Holtmanne4e8e372008-07-14 20:13:47 +0200199
Marcel Holtmann45296ac2014-07-05 10:48:01 +0200200 if (status)
201 return;
202
Marcel Holtmanne4e8e372008-07-14 20:13:47 +0200203 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
204 if (!sent)
205 return;
206
Marcel Holtmann45296ac2014-07-05 10:48:01 +0200207 hdev->link_policy = get_unaligned_le16(sent);
Marcel Holtmanne4e8e372008-07-14 20:13:47 +0200208}
209
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200210static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
211{
212 __u8 status = *((__u8 *) skb->data);
213
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300214 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200215
Gustavo F. Padovan10572132011-03-16 15:36:29 -0300216 clear_bit(HCI_RESET, &hdev->flags);
217
Marcel Holtmann8761f9d2014-11-02 02:45:58 +0100218 if (status)
219 return;
220
Johan Hedberga297e972012-02-21 17:55:47 +0200221 /* Reset all non-persistent flags */
Marcel Holtmanneacb44d2015-03-13 09:04:17 -0700222 hci_dev_clear_volatile_flags(hdev);
Andre Guedes69775ff2012-02-23 16:50:05 +0200223
Johan Hedberg39c5d972015-01-28 19:56:01 +0200224 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
225
Johan Hedbergbbaf4442012-11-08 01:22:59 +0100226 hdev->inq_tx_power = HCI_TX_POWER_INVALID;
227 hdev->adv_tx_power = HCI_TX_POWER_INVALID;
Johan Hedberg3f0f5242012-11-08 01:23:00 +0100228
229 memset(hdev->adv_data, 0, sizeof(hdev->adv_data));
230 hdev->adv_data_len = 0;
Marcel Holtmannf8e808b2013-10-16 00:16:47 -0700231
232 memset(hdev->scan_rsp_data, 0, sizeof(hdev->scan_rsp_data));
233 hdev->scan_rsp_data_len = 0;
Marcel Holtmann06f5b772013-10-19 07:09:11 -0700234
Marcel Holtmann533553f2014-03-21 12:18:10 -0700235 hdev->le_scan_type = LE_SCAN_PASSIVE;
236
Marcel Holtmann06f5b772013-10-19 07:09:11 -0700237 hdev->ssp_debug_mode = 0;
Marcel Holtmanna4d55042014-10-29 23:37:53 +0100238
239 hci_bdaddr_list_clear(&hdev->le_white_list);
Ankit Navikcfdb0c22018-06-29 12:12:50 +0530240 hci_bdaddr_list_clear(&hdev->le_resolv_list);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200241}
242
Marcel Holtmannc2f0f972015-01-12 09:21:25 -0800243static void hci_cc_read_stored_link_key(struct hci_dev *hdev,
244 struct sk_buff *skb)
245{
246 struct hci_rp_read_stored_link_key *rp = (void *)skb->data;
247 struct hci_cp_read_stored_link_key *sent;
248
249 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
250
251 sent = hci_sent_cmd_data(hdev, HCI_OP_READ_STORED_LINK_KEY);
252 if (!sent)
253 return;
254
255 if (!rp->status && sent->read_all == 0x01) {
256 hdev->stored_max_keys = rp->max_keys;
257 hdev->stored_num_keys = rp->num_keys;
258 }
259}
260
Marcel Holtmanna93661202015-01-12 09:21:28 -0800261static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
262 struct sk_buff *skb)
263{
264 struct hci_rp_delete_stored_link_key *rp = (void *)skb->data;
265
266 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
267
268 if (rp->status)
269 return;
270
271 if (rp->num_keys <= hdev->stored_num_keys)
272 hdev->stored_num_keys -= rp->num_keys;
273 else
274 hdev->stored_num_keys = 0;
275}
276
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200277static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
278{
279 __u8 status = *((__u8 *) skb->data);
280 void *sent;
281
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300282 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200283
284 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
285 if (!sent)
286 return;
287
Johan Hedberg56e5cb82011-11-08 20:40:16 +0200288 hci_dev_lock(hdev);
289
Marcel Holtmannd7a5a112015-03-13 02:11:00 -0700290 if (hci_dev_test_flag(hdev, HCI_MGMT))
Johan Hedbergf51d5b22012-02-22 18:17:32 +0200291 mgmt_set_local_name_complete(hdev, sent, status);
Johan Hedberg28cc7bd2012-02-22 21:06:55 +0200292 else if (!status)
293 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
Johan Hedbergf51d5b22012-02-22 18:17:32 +0200294
Johan Hedberg56e5cb82011-11-08 20:40:16 +0200295 hci_dev_unlock(hdev);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200296}
297
298static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
299{
300 struct hci_rp_read_local_name *rp = (void *) skb->data;
301
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300302 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200303
304 if (rp->status)
305 return;
306
Marcel Holtmannd7a5a112015-03-13 02:11:00 -0700307 if (hci_dev_test_flag(hdev, HCI_SETUP) ||
308 hci_dev_test_flag(hdev, HCI_CONFIG))
Johan Hedbergdb99b5f2012-02-22 20:14:22 +0200309 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200310}
311
312static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
313{
314 __u8 status = *((__u8 *) skb->data);
315 void *sent;
316
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300317 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200318
319 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
320 if (!sent)
321 return;
322
Jaganath Kanakkassery5c1a4c82014-12-11 18:58:15 +0530323 hci_dev_lock(hdev);
324
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200325 if (!status) {
326 __u8 param = *((__u8 *) sent);
327
328 if (param == AUTH_ENABLED)
329 set_bit(HCI_AUTH, &hdev->flags);
330 else
331 clear_bit(HCI_AUTH, &hdev->flags);
332 }
333
Marcel Holtmannd7a5a112015-03-13 02:11:00 -0700334 if (hci_dev_test_flag(hdev, HCI_MGMT))
Johan Hedberg33ef95e2012-02-16 23:56:27 +0200335 mgmt_auth_enable_complete(hdev, status);
Jaganath Kanakkassery5c1a4c82014-12-11 18:58:15 +0530336
337 hci_dev_unlock(hdev);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200338}
339
340static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
341{
342 __u8 status = *((__u8 *) skb->data);
Marcel Holtmann45296ac2014-07-05 10:48:01 +0200343 __u8 param;
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200344 void *sent;
345
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300346 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200347
Marcel Holtmann45296ac2014-07-05 10:48:01 +0200348 if (status)
349 return;
350
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200351 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
352 if (!sent)
353 return;
354
Marcel Holtmann45296ac2014-07-05 10:48:01 +0200355 param = *((__u8 *) sent);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200356
Marcel Holtmann45296ac2014-07-05 10:48:01 +0200357 if (param)
358 set_bit(HCI_ENCRYPT, &hdev->flags);
359 else
360 clear_bit(HCI_ENCRYPT, &hdev->flags);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200361}
362
363static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
364{
Marcel Holtmann45296ac2014-07-05 10:48:01 +0200365 __u8 status = *((__u8 *) skb->data);
366 __u8 param;
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200367 void *sent;
368
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300369 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200370
371 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
372 if (!sent)
373 return;
374
Johan Hedberg36f7fc72011-11-04 00:17:45 +0200375 param = *((__u8 *) sent);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200376
Johan Hedberg56e5cb82011-11-08 20:40:16 +0200377 hci_dev_lock(hdev);
378
Mikel Astizfa1bd912012-08-09 09:52:29 +0200379 if (status) {
Johan Hedberg2d7cee52011-11-07 22:16:03 +0200380 hdev->discov_timeout = 0;
381 goto done;
382 }
383
Johan Hedbergbc6d2d02014-07-10 12:09:08 +0300384 if (param & SCAN_INQUIRY)
Johan Hedberg36f7fc72011-11-04 00:17:45 +0200385 set_bit(HCI_ISCAN, &hdev->flags);
Johan Hedbergbc6d2d02014-07-10 12:09:08 +0300386 else
387 clear_bit(HCI_ISCAN, &hdev->flags);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200388
Johan Hedberg031547d2014-07-10 12:09:06 +0300389 if (param & SCAN_PAGE)
Johan Hedberg36f7fc72011-11-04 00:17:45 +0200390 set_bit(HCI_PSCAN, &hdev->flags);
Johan Hedbergbc6d2d02014-07-10 12:09:08 +0300391 else
Johan Hedberg204e3992014-07-28 15:45:31 +0300392 clear_bit(HCI_PSCAN, &hdev->flags);
Johan Hedberg36f7fc72011-11-04 00:17:45 +0200393
394done:
Johan Hedberg56e5cb82011-11-08 20:40:16 +0200395 hci_dev_unlock(hdev);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200396}
397
398static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
399{
400 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
401
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300402 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200403
404 if (rp->status)
405 return;
406
407 memcpy(hdev->dev_class, rp->dev_class, 3);
408
409 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
Gustavo Padovan807deac2012-05-17 00:36:24 -0300410 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200411}
412
413static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
414{
415 __u8 status = *((__u8 *) skb->data);
416 void *sent;
417
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300418 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200419
420 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
421 if (!sent)
422 return;
423
Marcel Holtmann7f9a9032012-02-22 18:38:01 +0100424 hci_dev_lock(hdev);
425
426 if (status == 0)
427 memcpy(hdev->dev_class, sent, 3);
428
Marcel Holtmannd7a5a112015-03-13 02:11:00 -0700429 if (hci_dev_test_flag(hdev, HCI_MGMT))
Marcel Holtmann7f9a9032012-02-22 18:38:01 +0100430 mgmt_set_class_of_dev_complete(hdev, sent, status);
431
432 hci_dev_unlock(hdev);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200433}
434
435static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
436{
437 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700438 __u16 setting;
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200439
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300440 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200441
442 if (rp->status)
443 return;
444
445 setting = __le16_to_cpu(rp->voice_setting);
446
Marcel Holtmannf383f272008-07-14 20:13:47 +0200447 if (hdev->voice_setting == setting)
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200448 return;
449
450 hdev->voice_setting = setting;
451
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300452 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200453
Gustavo F. Padovan3c547112011-12-14 22:58:44 -0200454 if (hdev->notify)
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200455 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200456}
457
Gustavo Padovan8fc9ced2012-05-23 04:04:21 -0300458static void hci_cc_write_voice_setting(struct hci_dev *hdev,
459 struct sk_buff *skb)
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200460{
461 __u8 status = *((__u8 *) skb->data);
Marcel Holtmannf383f272008-07-14 20:13:47 +0200462 __u16 setting;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700463 void *sent;
464
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300465 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700466
Marcel Holtmannf383f272008-07-14 20:13:47 +0200467 if (status)
468 return;
469
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200470 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
471 if (!sent)
472 return;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700473
Marcel Holtmannf383f272008-07-14 20:13:47 +0200474 setting = get_unaligned_le16(sent);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700475
Marcel Holtmannf383f272008-07-14 20:13:47 +0200476 if (hdev->voice_setting == setting)
477 return;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700478
Marcel Holtmannf383f272008-07-14 20:13:47 +0200479 hdev->voice_setting = setting;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700480
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300481 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
Marcel Holtmannf383f272008-07-14 20:13:47 +0200482
Gustavo F. Padovan3c547112011-12-14 22:58:44 -0200483 if (hdev->notify)
Marcel Holtmannf383f272008-07-14 20:13:47 +0200484 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700485}
486
Marcel Holtmannb4cb9fb2013-10-14 13:56:16 -0700487static void hci_cc_read_num_supported_iac(struct hci_dev *hdev,
488 struct sk_buff *skb)
489{
490 struct hci_rp_read_num_supported_iac *rp = (void *) skb->data;
491
492 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
493
494 if (rp->status)
495 return;
496
497 hdev->num_iac = rp->num_iac;
498
499 BT_DBG("%s num iac %d", hdev->name, hdev->num_iac);
500}
501
Marcel Holtmann333140b2008-07-14 20:13:48 +0200502static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
503{
504 __u8 status = *((__u8 *) skb->data);
Johan Hedberg5ed8eb22012-10-25 00:09:51 +0300505 struct hci_cp_write_ssp_mode *sent;
Marcel Holtmann333140b2008-07-14 20:13:48 +0200506
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300507 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Marcel Holtmann333140b2008-07-14 20:13:48 +0200508
Marcel Holtmann333140b2008-07-14 20:13:48 +0200509 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
510 if (!sent)
511 return;
512
Jaganath Kanakkassery5c1a4c82014-12-11 18:58:15 +0530513 hci_dev_lock(hdev);
514
Johan Hedberg5ed8eb22012-10-25 00:09:51 +0300515 if (!status) {
516 if (sent->mode)
Johan Hedbergcad718e2013-04-17 15:00:51 +0300517 hdev->features[1][0] |= LMP_HOST_SSP;
Johan Hedberg5ed8eb22012-10-25 00:09:51 +0300518 else
Johan Hedbergcad718e2013-04-17 15:00:51 +0300519 hdev->features[1][0] &= ~LMP_HOST_SSP;
Johan Hedberg5ed8eb22012-10-25 00:09:51 +0300520 }
521
Marcel Holtmannd7a5a112015-03-13 02:11:00 -0700522 if (hci_dev_test_flag(hdev, HCI_MGMT))
Johan Hedberg5ed8eb22012-10-25 00:09:51 +0300523 mgmt_ssp_enable_complete(hdev, sent->mode, status);
Johan Hedbergc0ecddc2012-02-22 12:38:31 +0200524 else if (!status) {
Johan Hedberg5ed8eb22012-10-25 00:09:51 +0300525 if (sent->mode)
Marcel Holtmanna1536da2015-03-13 02:11:01 -0700526 hci_dev_set_flag(hdev, HCI_SSP_ENABLED);
Johan Hedbergc0ecddc2012-02-22 12:38:31 +0200527 else
Marcel Holtmanna358dc12015-03-13 02:11:02 -0700528 hci_dev_clear_flag(hdev, HCI_SSP_ENABLED);
Johan Hedbergc0ecddc2012-02-22 12:38:31 +0200529 }
Jaganath Kanakkassery5c1a4c82014-12-11 18:58:15 +0530530
531 hci_dev_unlock(hdev);
Marcel Holtmann333140b2008-07-14 20:13:48 +0200532}
533
Marcel Holtmanneac83dc2014-01-10 02:07:23 -0800534static void hci_cc_write_sc_support(struct hci_dev *hdev, struct sk_buff *skb)
535{
536 u8 status = *((u8 *) skb->data);
537 struct hci_cp_write_sc_support *sent;
538
539 BT_DBG("%s status 0x%2.2x", hdev->name, status);
540
541 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SC_SUPPORT);
542 if (!sent)
543 return;
544
Jaganath Kanakkassery5c1a4c82014-12-11 18:58:15 +0530545 hci_dev_lock(hdev);
546
Marcel Holtmanneac83dc2014-01-10 02:07:23 -0800547 if (!status) {
548 if (sent->support)
549 hdev->features[1][0] |= LMP_HOST_SC;
550 else
551 hdev->features[1][0] &= ~LMP_HOST_SC;
552 }
553
Marcel Holtmannd7a5a112015-03-13 02:11:00 -0700554 if (!hci_dev_test_flag(hdev, HCI_MGMT) && !status) {
Marcel Holtmanneac83dc2014-01-10 02:07:23 -0800555 if (sent->support)
Marcel Holtmanna1536da2015-03-13 02:11:01 -0700556 hci_dev_set_flag(hdev, HCI_SC_ENABLED);
Marcel Holtmanneac83dc2014-01-10 02:07:23 -0800557 else
Marcel Holtmanna358dc12015-03-13 02:11:02 -0700558 hci_dev_clear_flag(hdev, HCI_SC_ENABLED);
Marcel Holtmanneac83dc2014-01-10 02:07:23 -0800559 }
Jaganath Kanakkassery5c1a4c82014-12-11 18:58:15 +0530560
561 hci_dev_unlock(hdev);
Marcel Holtmanneac83dc2014-01-10 02:07:23 -0800562}
563
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200564static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
565{
566 struct hci_rp_read_local_version *rp = (void *) skb->data;
567
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300568 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200569
570 if (rp->status)
Johan Hedberg42c6b122013-03-05 20:37:49 +0200571 return;
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200572
Marcel Holtmannd7a5a112015-03-13 02:11:00 -0700573 if (hci_dev_test_flag(hdev, HCI_SETUP) ||
574 hci_dev_test_flag(hdev, HCI_CONFIG)) {
Marcel Holtmann0d5551f2013-10-18 12:04:50 -0700575 hdev->hci_ver = rp->hci_ver;
576 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
577 hdev->lmp_ver = rp->lmp_ver;
578 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
579 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
580 }
Johan Hedbergd5859e22011-01-25 01:19:58 +0200581}
582
Gustavo Padovan8fc9ced2012-05-23 04:04:21 -0300583static void hci_cc_read_local_commands(struct hci_dev *hdev,
584 struct sk_buff *skb)
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200585{
586 struct hci_rp_read_local_commands *rp = (void *) skb->data;
587
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300588 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200589
Marcel Holtmann6a070e62013-10-31 04:54:33 -0700590 if (rp->status)
591 return;
592
Marcel Holtmannd7a5a112015-03-13 02:11:00 -0700593 if (hci_dev_test_flag(hdev, HCI_SETUP) ||
594 hci_dev_test_flag(hdev, HCI_CONFIG))
Johan Hedberg2177bab2013-03-05 20:37:43 +0200595 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200596}
597
Spoorthi Ravishankar Koppad302975c2019-06-21 14:51:56 +0530598static void hci_cc_read_auth_payload_timeout(struct hci_dev *hdev,
599 struct sk_buff *skb)
600{
601 struct hci_rp_read_auth_payload_to *rp = (void *)skb->data;
602 struct hci_conn *conn;
603
604 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
605
606 if (rp->status)
607 return;
608
609 hci_dev_lock(hdev);
610
611 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
612 if (conn)
613 conn->auth_payload_timeout = __le16_to_cpu(rp->timeout);
614
615 hci_dev_unlock(hdev);
616}
617
618static void hci_cc_write_auth_payload_timeout(struct hci_dev *hdev,
619 struct sk_buff *skb)
620{
621 struct hci_rp_write_auth_payload_to *rp = (void *)skb->data;
622 struct hci_conn *conn;
623 void *sent;
624
625 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
626
627 if (rp->status)
628 return;
629
630 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_PAYLOAD_TO);
631 if (!sent)
632 return;
633
634 hci_dev_lock(hdev);
635
636 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
637 if (conn)
638 conn->auth_payload_timeout = get_unaligned_le16(sent + 2);
639
640 hci_dev_unlock(hdev);
641}
642
Gustavo Padovan8fc9ced2012-05-23 04:04:21 -0300643static void hci_cc_read_local_features(struct hci_dev *hdev,
644 struct sk_buff *skb)
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200645{
646 struct hci_rp_read_local_features *rp = (void *) skb->data;
647
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300648 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200649
650 if (rp->status)
651 return;
652
653 memcpy(hdev->features, rp->features, 8);
654
655 /* Adjust default settings according to features
656 * supported by device. */
657
Johan Hedbergcad718e2013-04-17 15:00:51 +0300658 if (hdev->features[0][0] & LMP_3SLOT)
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200659 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
660
Johan Hedbergcad718e2013-04-17 15:00:51 +0300661 if (hdev->features[0][0] & LMP_5SLOT)
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200662 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
663
Johan Hedbergcad718e2013-04-17 15:00:51 +0300664 if (hdev->features[0][1] & LMP_HV2) {
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200665 hdev->pkt_type |= (HCI_HV2);
666 hdev->esco_type |= (ESCO_HV2);
667 }
668
Johan Hedbergcad718e2013-04-17 15:00:51 +0300669 if (hdev->features[0][1] & LMP_HV3) {
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200670 hdev->pkt_type |= (HCI_HV3);
671 hdev->esco_type |= (ESCO_HV3);
672 }
673
Andre Guedes45db810f2012-07-24 15:03:49 -0300674 if (lmp_esco_capable(hdev))
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200675 hdev->esco_type |= (ESCO_EV3);
676
Johan Hedbergcad718e2013-04-17 15:00:51 +0300677 if (hdev->features[0][4] & LMP_EV4)
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200678 hdev->esco_type |= (ESCO_EV4);
679
Johan Hedbergcad718e2013-04-17 15:00:51 +0300680 if (hdev->features[0][4] & LMP_EV5)
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200681 hdev->esco_type |= (ESCO_EV5);
682
Johan Hedbergcad718e2013-04-17 15:00:51 +0300683 if (hdev->features[0][5] & LMP_EDR_ESCO_2M)
Marcel Holtmannefc76882009-02-06 09:13:37 +0100684 hdev->esco_type |= (ESCO_2EV3);
685
Johan Hedbergcad718e2013-04-17 15:00:51 +0300686 if (hdev->features[0][5] & LMP_EDR_ESCO_3M)
Marcel Holtmannefc76882009-02-06 09:13:37 +0100687 hdev->esco_type |= (ESCO_3EV3);
688
Johan Hedbergcad718e2013-04-17 15:00:51 +0300689 if (hdev->features[0][5] & LMP_EDR_3S_ESCO)
Marcel Holtmannefc76882009-02-06 09:13:37 +0100690 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200691}
692
Andre Guedes971e3a42011-06-30 19:20:52 -0300693static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
Gustavo Padovan807deac2012-05-17 00:36:24 -0300694 struct sk_buff *skb)
Andre Guedes971e3a42011-06-30 19:20:52 -0300695{
696 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
697
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300698 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Andre Guedes971e3a42011-06-30 19:20:52 -0300699
700 if (rp->status)
Johan Hedberg42c6b122013-03-05 20:37:49 +0200701 return;
Andre Guedes971e3a42011-06-30 19:20:52 -0300702
Marcel Holtmann57af75a2013-10-18 12:04:47 -0700703 if (hdev->max_page < rp->max_page)
704 hdev->max_page = rp->max_page;
Johan Hedbergd2c5d772013-04-17 15:00:52 +0300705
Johan Hedbergcad718e2013-04-17 15:00:51 +0300706 if (rp->page < HCI_MAX_PAGES)
707 memcpy(hdev->features[rp->page], rp->features, 8);
Andre Guedes971e3a42011-06-30 19:20:52 -0300708}
709
Andrei Emeltchenko1e89cff2011-11-24 14:52:02 +0200710static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
Gustavo Padovan807deac2012-05-17 00:36:24 -0300711 struct sk_buff *skb)
Andrei Emeltchenko1e89cff2011-11-24 14:52:02 +0200712{
713 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
714
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300715 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Andrei Emeltchenko1e89cff2011-11-24 14:52:02 +0200716
Marcel Holtmann45296ac2014-07-05 10:48:01 +0200717 if (rp->status)
718 return;
719
720 hdev->flow_ctl_mode = rp->mode;
Andrei Emeltchenko1e89cff2011-11-24 14:52:02 +0200721}
722
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200723static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
724{
725 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
726
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300727 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200728
729 if (rp->status)
730 return;
731
732 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
733 hdev->sco_mtu = rp->sco_mtu;
734 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
735 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
736
737 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
738 hdev->sco_mtu = 64;
739 hdev->sco_pkts = 8;
740 }
741
742 hdev->acl_cnt = hdev->acl_pkts;
743 hdev->sco_cnt = hdev->sco_pkts;
744
Gustavo Padovan807deac2012-05-17 00:36:24 -0300745 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu,
746 hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200747}
748
749static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
750{
751 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
752
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300753 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200754
Marcel Holtmanne30d3f52014-07-05 10:48:03 +0200755 if (rp->status)
756 return;
757
758 if (test_bit(HCI_INIT, &hdev->flags))
Marcel Holtmanna9de9242007-10-20 13:33:56 +0200759 bacpy(&hdev->bdaddr, &rp->bdaddr);
Marcel Holtmanne30d3f52014-07-05 10:48:03 +0200760
Marcel Holtmannd7a5a112015-03-13 02:11:00 -0700761 if (hci_dev_test_flag(hdev, HCI_SETUP))
Marcel Holtmanne30d3f52014-07-05 10:48:03 +0200762 bacpy(&hdev->setup_addr, &rp->bdaddr);
Johan Hedberg23bb5762010-12-21 23:01:27 +0200763}
764
Marcel Holtmanna4790362020-04-03 21:44:04 +0200765static void hci_cc_read_local_pairing_opts(struct hci_dev *hdev,
766 struct sk_buff *skb)
767{
768 struct hci_rp_read_local_pairing_opts *rp = (void *) skb->data;
769
770 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
771
772 if (rp->status)
773 return;
774
775 if (hci_dev_test_flag(hdev, HCI_SETUP) ||
776 hci_dev_test_flag(hdev, HCI_CONFIG)) {
777 hdev->pairing_opts = rp->pairing_opts;
778 hdev->max_enc_key_size = rp->max_key_size;
779 }
780}
781
Johan Hedbergf332ec62013-03-15 17:07:11 -0500782static void hci_cc_read_page_scan_activity(struct hci_dev *hdev,
783 struct sk_buff *skb)
784{
785 struct hci_rp_read_page_scan_activity *rp = (void *) skb->data;
786
787 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
788
Marcel Holtmann45296ac2014-07-05 10:48:01 +0200789 if (rp->status)
790 return;
791
792 if (test_bit(HCI_INIT, &hdev->flags)) {
Johan Hedbergf332ec62013-03-15 17:07:11 -0500793 hdev->page_scan_interval = __le16_to_cpu(rp->interval);
794 hdev->page_scan_window = __le16_to_cpu(rp->window);
795 }
796}
797
Johan Hedberg4a3ee762013-03-15 17:07:12 -0500798static void hci_cc_write_page_scan_activity(struct hci_dev *hdev,
799 struct sk_buff *skb)
800{
801 u8 status = *((u8 *) skb->data);
802 struct hci_cp_write_page_scan_activity *sent;
803
804 BT_DBG("%s status 0x%2.2x", hdev->name, status);
805
806 if (status)
807 return;
808
809 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY);
810 if (!sent)
811 return;
812
813 hdev->page_scan_interval = __le16_to_cpu(sent->interval);
814 hdev->page_scan_window = __le16_to_cpu(sent->window);
815}
816
Johan Hedbergf332ec62013-03-15 17:07:11 -0500817static void hci_cc_read_page_scan_type(struct hci_dev *hdev,
818 struct sk_buff *skb)
819{
820 struct hci_rp_read_page_scan_type *rp = (void *) skb->data;
821
822 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
823
Marcel Holtmann45296ac2014-07-05 10:48:01 +0200824 if (rp->status)
825 return;
826
827 if (test_bit(HCI_INIT, &hdev->flags))
Johan Hedbergf332ec62013-03-15 17:07:11 -0500828 hdev->page_scan_type = rp->type;
829}
830
Johan Hedberg4a3ee762013-03-15 17:07:12 -0500831static void hci_cc_write_page_scan_type(struct hci_dev *hdev,
832 struct sk_buff *skb)
833{
834 u8 status = *((u8 *) skb->data);
835 u8 *type;
836
837 BT_DBG("%s status 0x%2.2x", hdev->name, status);
838
839 if (status)
840 return;
841
842 type = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE);
843 if (type)
844 hdev->page_scan_type = *type;
845}
846
Andrei Emeltchenko350ee4c2011-12-07 15:56:51 +0200847static void hci_cc_read_data_block_size(struct hci_dev *hdev,
Gustavo Padovan807deac2012-05-17 00:36:24 -0300848 struct sk_buff *skb)
Andrei Emeltchenko350ee4c2011-12-07 15:56:51 +0200849{
850 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
851
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300852 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Andrei Emeltchenko350ee4c2011-12-07 15:56:51 +0200853
854 if (rp->status)
855 return;
856
857 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
858 hdev->block_len = __le16_to_cpu(rp->block_len);
859 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
860
861 hdev->block_cnt = hdev->num_blocks;
862
863 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
Gustavo Padovan807deac2012-05-17 00:36:24 -0300864 hdev->block_cnt, hdev->block_len);
Andrei Emeltchenko350ee4c2011-12-07 15:56:51 +0200865}
866
Johan Hedberg33f35722014-06-28 17:54:06 +0300867static void hci_cc_read_clock(struct hci_dev *hdev, struct sk_buff *skb)
868{
869 struct hci_rp_read_clock *rp = (void *) skb->data;
870 struct hci_cp_read_clock *cp;
871 struct hci_conn *conn;
872
873 BT_DBG("%s", hdev->name);
874
875 if (skb->len < sizeof(*rp))
876 return;
877
878 if (rp->status)
879 return;
880
881 hci_dev_lock(hdev);
882
883 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_CLOCK);
884 if (!cp)
885 goto unlock;
886
887 if (cp->which == 0x00) {
888 hdev->clock = le32_to_cpu(rp->clock);
889 goto unlock;
890 }
891
892 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
893 if (conn) {
894 conn->clock = le32_to_cpu(rp->clock);
895 conn->clock_accuracy = le16_to_cpu(rp->accuracy);
896 }
897
898unlock:
899 hci_dev_unlock(hdev);
900}
901
Andrei Emeltchenko928abaa2011-10-12 10:53:57 +0300902static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
Gustavo Padovan807deac2012-05-17 00:36:24 -0300903 struct sk_buff *skb)
Andrei Emeltchenko928abaa2011-10-12 10:53:57 +0300904{
905 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
906
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300907 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Andrei Emeltchenko928abaa2011-10-12 10:53:57 +0300908
909 if (rp->status)
Arron Wang83927882015-07-24 17:10:16 +0800910 return;
Andrei Emeltchenko928abaa2011-10-12 10:53:57 +0300911
912 hdev->amp_status = rp->amp_status;
913 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
914 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
915 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
916 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
917 hdev->amp_type = rp->amp_type;
918 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
919 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
920 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
921 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
Andrei Emeltchenko928abaa2011-10-12 10:53:57 +0300922}
923
Johan Hedbergd5859e22011-01-25 01:19:58 +0200924static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
Gustavo Padovan807deac2012-05-17 00:36:24 -0300925 struct sk_buff *skb)
Johan Hedbergd5859e22011-01-25 01:19:58 +0200926{
Marcel Holtmann91c4e9b2012-03-11 19:27:21 -0700927 struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data;
Johan Hedbergd5859e22011-01-25 01:19:58 +0200928
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300929 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Johan Hedbergd5859e22011-01-25 01:19:58 +0200930
Marcel Holtmann45296ac2014-07-05 10:48:01 +0200931 if (rp->status)
932 return;
933
934 hdev->inq_tx_power = rp->tx_power;
Johan Hedbergd5859e22011-01-25 01:19:58 +0200935}
936
Alain Michaud00bce3f2020-03-05 16:14:59 +0000937static void hci_cc_read_def_err_data_reporting(struct hci_dev *hdev,
938 struct sk_buff *skb)
939{
940 struct hci_rp_read_def_err_data_reporting *rp = (void *)skb->data;
941
942 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
943
944 if (rp->status)
945 return;
946
947 hdev->err_data_reporting = rp->err_data_reporting;
948}
949
950static void hci_cc_write_def_err_data_reporting(struct hci_dev *hdev,
951 struct sk_buff *skb)
952{
953 __u8 status = *((__u8 *)skb->data);
954 struct hci_cp_write_def_err_data_reporting *cp;
955
956 BT_DBG("%s status 0x%2.2x", hdev->name, status);
957
958 if (status)
959 return;
960
961 cp = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_ERR_DATA_REPORTING);
962 if (!cp)
963 return;
964
965 hdev->err_data_reporting = cp->err_data_reporting;
966}
967
Johan Hedberg980e1a52011-01-22 06:10:07 +0200968static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
969{
970 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
971 struct hci_cp_pin_code_reply *cp;
972 struct hci_conn *conn;
973
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +0300974 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Johan Hedberg980e1a52011-01-22 06:10:07 +0200975
Johan Hedberg56e5cb82011-11-08 20:40:16 +0200976 hci_dev_lock(hdev);
977
Marcel Holtmannd7a5a112015-03-13 02:11:00 -0700978 if (hci_dev_test_flag(hdev, HCI_MGMT))
Johan Hedberg744cf192011-11-08 20:40:14 +0200979 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
Johan Hedberg980e1a52011-01-22 06:10:07 +0200980
Mikel Astizfa1bd912012-08-09 09:52:29 +0200981 if (rp->status)
Johan Hedberg56e5cb82011-11-08 20:40:16 +0200982 goto unlock;
Johan Hedberg980e1a52011-01-22 06:10:07 +0200983
984 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
985 if (!cp)
Johan Hedberg56e5cb82011-11-08 20:40:16 +0200986 goto unlock;
Johan Hedberg980e1a52011-01-22 06:10:07 +0200987
988 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
989 if (conn)
990 conn->pin_length = cp->pin_len;
Johan Hedberg56e5cb82011-11-08 20:40:16 +0200991
992unlock:
993 hci_dev_unlock(hdev);
Johan Hedberg980e1a52011-01-22 06:10:07 +0200994}
995
996static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
997{
998 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
999
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03001000 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Johan Hedberg980e1a52011-01-22 06:10:07 +02001001
Johan Hedberg56e5cb82011-11-08 20:40:16 +02001002 hci_dev_lock(hdev);
1003
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07001004 if (hci_dev_test_flag(hdev, HCI_MGMT))
Johan Hedberg744cf192011-11-08 20:40:14 +02001005 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
Gustavo Padovan807deac2012-05-17 00:36:24 -03001006 rp->status);
Johan Hedberg56e5cb82011-11-08 20:40:16 +02001007
1008 hci_dev_unlock(hdev);
Johan Hedberg980e1a52011-01-22 06:10:07 +02001009}
Johan Hedberg56e5cb82011-11-08 20:40:16 +02001010
Ville Tervo6ed58ec2011-02-10 22:38:48 -03001011static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
1012 struct sk_buff *skb)
1013{
1014 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
1015
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03001016 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Ville Tervo6ed58ec2011-02-10 22:38:48 -03001017
1018 if (rp->status)
1019 return;
1020
1021 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
1022 hdev->le_pkts = rp->le_max_pkt;
1023
1024 hdev->le_cnt = hdev->le_pkts;
1025
1026 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
Ville Tervo6ed58ec2011-02-10 22:38:48 -03001027}
Johan Hedberg980e1a52011-01-22 06:10:07 +02001028
Johan Hedberg60e77322013-01-22 14:01:59 +02001029static void hci_cc_le_read_local_features(struct hci_dev *hdev,
1030 struct sk_buff *skb)
1031{
1032 struct hci_rp_le_read_local_features *rp = (void *) skb->data;
1033
1034 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1035
Marcel Holtmann45296ac2014-07-05 10:48:01 +02001036 if (rp->status)
1037 return;
1038
1039 memcpy(hdev->le_features, rp->features, 8);
Johan Hedberg60e77322013-01-22 14:01:59 +02001040}
1041
Johan Hedberg8fa19092012-10-19 20:57:49 +03001042static void hci_cc_le_read_adv_tx_power(struct hci_dev *hdev,
1043 struct sk_buff *skb)
1044{
1045 struct hci_rp_le_read_adv_tx_power *rp = (void *) skb->data;
1046
1047 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1048
Marcel Holtmann45296ac2014-07-05 10:48:01 +02001049 if (rp->status)
1050 return;
1051
1052 hdev->adv_tx_power = rp->tx_power;
Johan Hedberg8fa19092012-10-19 20:57:49 +03001053}
1054
Johan Hedberga5c29682011-02-19 12:05:57 -03001055static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
1056{
1057 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1058
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03001059 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Johan Hedberga5c29682011-02-19 12:05:57 -03001060
Johan Hedberg56e5cb82011-11-08 20:40:16 +02001061 hci_dev_lock(hdev);
1062
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07001063 if (hci_dev_test_flag(hdev, HCI_MGMT))
Gustavo F. Padovan04124682012-03-08 01:25:00 -03001064 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0,
1065 rp->status);
Johan Hedberg56e5cb82011-11-08 20:40:16 +02001066
1067 hci_dev_unlock(hdev);
Johan Hedberga5c29682011-02-19 12:05:57 -03001068}
1069
1070static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
Gustavo Padovan807deac2012-05-17 00:36:24 -03001071 struct sk_buff *skb)
Johan Hedberga5c29682011-02-19 12:05:57 -03001072{
1073 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1074
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03001075 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Johan Hedberga5c29682011-02-19 12:05:57 -03001076
Johan Hedberg56e5cb82011-11-08 20:40:16 +02001077 hci_dev_lock(hdev);
1078
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07001079 if (hci_dev_test_flag(hdev, HCI_MGMT))
Johan Hedberg744cf192011-11-08 20:40:14 +02001080 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
Gustavo F. Padovan04124682012-03-08 01:25:00 -03001081 ACL_LINK, 0, rp->status);
Johan Hedberg56e5cb82011-11-08 20:40:16 +02001082
1083 hci_dev_unlock(hdev);
Johan Hedberga5c29682011-02-19 12:05:57 -03001084}
1085
Brian Gix1143d452011-11-23 08:28:34 -08001086static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
1087{
1088 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1089
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03001090 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Brian Gix1143d452011-11-23 08:28:34 -08001091
1092 hci_dev_lock(hdev);
1093
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07001094 if (hci_dev_test_flag(hdev, HCI_MGMT))
Johan Hedberg272d90d2012-02-09 15:26:12 +02001095 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
Gustavo F. Padovan04124682012-03-08 01:25:00 -03001096 0, rp->status);
Brian Gix1143d452011-11-23 08:28:34 -08001097
1098 hci_dev_unlock(hdev);
1099}
1100
1101static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
Gustavo Padovan807deac2012-05-17 00:36:24 -03001102 struct sk_buff *skb)
Brian Gix1143d452011-11-23 08:28:34 -08001103{
1104 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1105
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03001106 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Brian Gix1143d452011-11-23 08:28:34 -08001107
1108 hci_dev_lock(hdev);
1109
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07001110 if (hci_dev_test_flag(hdev, HCI_MGMT))
Brian Gix1143d452011-11-23 08:28:34 -08001111 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
Gustavo F. Padovan04124682012-03-08 01:25:00 -03001112 ACL_LINK, 0, rp->status);
Brian Gix1143d452011-11-23 08:28:34 -08001113
1114 hci_dev_unlock(hdev);
1115}
1116
Marcel Holtmann4d2d2792014-01-10 02:07:26 -08001117static void hci_cc_read_local_oob_data(struct hci_dev *hdev,
1118 struct sk_buff *skb)
Szymon Jancc35938b2011-03-22 13:12:21 +01001119{
1120 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1121
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03001122 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Marcel Holtmann4d2d2792014-01-10 02:07:26 -08001123}
1124
1125static void hci_cc_read_local_oob_ext_data(struct hci_dev *hdev,
1126 struct sk_buff *skb)
1127{
1128 struct hci_rp_read_local_oob_ext_data *rp = (void *) skb->data;
1129
1130 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
Szymon Jancc35938b2011-03-22 13:12:21 +01001131}
1132
Marcel Holtmann7a4cd512014-02-19 19:52:13 -08001133static void hci_cc_le_set_random_addr(struct hci_dev *hdev, struct sk_buff *skb)
1134{
1135 __u8 status = *((__u8 *) skb->data);
1136 bdaddr_t *sent;
1137
1138 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1139
Marcel Holtmann45296ac2014-07-05 10:48:01 +02001140 if (status)
1141 return;
1142
Marcel Holtmann7a4cd512014-02-19 19:52:13 -08001143 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_RANDOM_ADDR);
1144 if (!sent)
1145 return;
1146
1147 hci_dev_lock(hdev);
1148
Marcel Holtmann45296ac2014-07-05 10:48:01 +02001149 bacpy(&hdev->random_addr, sent);
Marcel Holtmann7a4cd512014-02-19 19:52:13 -08001150
1151 hci_dev_unlock(hdev);
1152}
1153
Jaganath Kanakkassery0314f282018-07-19 17:09:35 +05301154static void hci_cc_le_set_default_phy(struct hci_dev *hdev, struct sk_buff *skb)
1155{
1156 __u8 status = *((__u8 *) skb->data);
1157 struct hci_cp_le_set_default_phy *cp;
1158
1159 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1160
1161 if (status)
1162 return;
1163
1164 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_DEFAULT_PHY);
1165 if (!cp)
1166 return;
1167
1168 hci_dev_lock(hdev);
1169
1170 hdev->le_tx_def_phys = cp->tx_phys;
1171 hdev->le_rx_def_phys = cp->rx_phys;
1172
1173 hci_dev_unlock(hdev);
1174}
1175
Jaganath Kanakkasserya73c0462018-07-19 17:09:45 +05301176static void hci_cc_le_set_adv_set_random_addr(struct hci_dev *hdev,
1177 struct sk_buff *skb)
1178{
1179 __u8 status = *((__u8 *) skb->data);
1180 struct hci_cp_le_set_adv_set_rand_addr *cp;
1181 struct adv_info *adv_instance;
1182
1183 if (status)
1184 return;
1185
1186 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_SET_RAND_ADDR);
1187 if (!cp)
1188 return;
1189
1190 hci_dev_lock(hdev);
1191
1192 if (!hdev->cur_adv_instance) {
1193 /* Store in hdev for instance 0 (Set adv and Directed advs) */
1194 bacpy(&hdev->random_addr, &cp->bdaddr);
1195 } else {
1196 adv_instance = hci_find_adv_instance(hdev,
1197 hdev->cur_adv_instance);
1198 if (adv_instance)
1199 bacpy(&adv_instance->random_addr, &cp->bdaddr);
1200 }
1201
1202 hci_dev_unlock(hdev);
1203}
1204
Johan Hedbergc1d5dc42012-11-08 01:23:01 +01001205static void hci_cc_le_set_adv_enable(struct hci_dev *hdev, struct sk_buff *skb)
1206{
1207 __u8 *sent, status = *((__u8 *) skb->data);
1208
1209 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1210
Marcel Holtmann45296ac2014-07-05 10:48:01 +02001211 if (status)
Johan Hedbergc1d5dc42012-11-08 01:23:01 +01001212 return;
1213
Marcel Holtmann45296ac2014-07-05 10:48:01 +02001214 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_ENABLE);
1215 if (!sent)
Johan Hedberg3c857752014-03-25 10:30:49 +02001216 return;
1217
Johan Hedbergc1d5dc42012-11-08 01:23:01 +01001218 hci_dev_lock(hdev);
1219
Stephen Hemminger49c922b2014-10-27 21:12:20 -07001220 /* If we're doing connection initiation as peripheral. Set a
Johan Hedberg3c857752014-03-25 10:30:49 +02001221 * timeout in case something goes wrong.
1222 */
1223 if (*sent) {
1224 struct hci_conn *conn;
1225
Marcel Holtmanna1536da2015-03-13 02:11:01 -07001226 hci_dev_set_flag(hdev, HCI_LE_ADV);
Johan Hedberg66c417c2014-07-08 15:07:47 +03001227
Jakub Pawlowskie7d9ab72015-08-07 20:22:52 +02001228 conn = hci_lookup_le_connect(hdev);
Johan Hedberg3c857752014-03-25 10:30:49 +02001229 if (conn)
1230 queue_delayed_work(hdev->workqueue,
1231 &conn->le_conn_timeout,
Johan Hedberg09ae2602014-07-06 13:41:15 +03001232 conn->conn_timeout);
Johan Hedberg66c417c2014-07-08 15:07:47 +03001233 } else {
Marcel Holtmanna358dc12015-03-13 02:11:02 -07001234 hci_dev_clear_flag(hdev, HCI_LE_ADV);
Johan Hedberg3c857752014-03-25 10:30:49 +02001235 }
1236
Johan Hedberg04b4edc2013-03-15 17:07:01 -05001237 hci_dev_unlock(hdev);
Johan Hedbergc1d5dc42012-11-08 01:23:01 +01001238}
1239
Jaganath Kanakkasseryde181e82018-07-19 17:09:41 +05301240static void hci_cc_le_set_ext_adv_enable(struct hci_dev *hdev,
1241 struct sk_buff *skb)
1242{
1243 struct hci_cp_le_set_ext_adv_enable *cp;
Jaganath Kanakkasseryde181e82018-07-19 17:09:41 +05301244 __u8 status = *((__u8 *) skb->data);
1245
1246 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1247
1248 if (status)
1249 return;
1250
1251 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_EXT_ADV_ENABLE);
1252 if (!cp)
1253 return;
1254
Jaganath Kanakkasseryde181e82018-07-19 17:09:41 +05301255 hci_dev_lock(hdev);
1256
1257 if (cp->enable) {
1258 struct hci_conn *conn;
1259
1260 hci_dev_set_flag(hdev, HCI_LE_ADV);
1261
1262 conn = hci_lookup_le_connect(hdev);
1263 if (conn)
1264 queue_delayed_work(hdev->workqueue,
1265 &conn->le_conn_timeout,
1266 conn->conn_timeout);
Jaganath Kanakkassery45b77492018-07-19 17:09:43 +05301267 } else {
1268 hci_dev_clear_flag(hdev, HCI_LE_ADV);
Jaganath Kanakkasseryde181e82018-07-19 17:09:41 +05301269 }
1270
1271 hci_dev_unlock(hdev);
1272}
1273
Marcel Holtmann533553f2014-03-21 12:18:10 -07001274static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1275{
1276 struct hci_cp_le_set_scan_param *cp;
1277 __u8 status = *((__u8 *) skb->data);
1278
1279 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1280
Marcel Holtmann45296ac2014-07-05 10:48:01 +02001281 if (status)
1282 return;
1283
Marcel Holtmann533553f2014-03-21 12:18:10 -07001284 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_PARAM);
1285 if (!cp)
1286 return;
1287
1288 hci_dev_lock(hdev);
1289
Marcel Holtmann45296ac2014-07-05 10:48:01 +02001290 hdev->le_scan_type = cp->type;
Marcel Holtmann533553f2014-03-21 12:18:10 -07001291
1292 hci_dev_unlock(hdev);
1293}
1294
Jaganath Kanakkasserya2344b92018-07-06 17:05:28 +05301295static void hci_cc_le_set_ext_scan_param(struct hci_dev *hdev,
1296 struct sk_buff *skb)
1297{
1298 struct hci_cp_le_set_ext_scan_params *cp;
1299 __u8 status = *((__u8 *) skb->data);
1300 struct hci_cp_le_scan_phy_params *phy_param;
1301
1302 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1303
1304 if (status)
1305 return;
1306
1307 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_EXT_SCAN_PARAMS);
1308 if (!cp)
1309 return;
1310
1311 phy_param = (void *)cp->data;
1312
1313 hci_dev_lock(hdev);
1314
1315 hdev->le_scan_type = phy_param->type;
1316
1317 hci_dev_unlock(hdev);
1318}
1319
Johan Hedbergb9a63282014-03-25 10:51:52 +02001320static bool has_pending_adv_report(struct hci_dev *hdev)
1321{
1322 struct discovery_state *d = &hdev->discovery;
1323
1324 return bacmp(&d->last_adv_addr, BDADDR_ANY);
1325}
1326
1327static void clear_pending_adv_report(struct hci_dev *hdev)
1328{
1329 struct discovery_state *d = &hdev->discovery;
1330
1331 bacpy(&d->last_adv_addr, BDADDR_ANY);
1332 d->last_adv_data_len = 0;
1333}
1334
1335static void store_pending_adv_report(struct hci_dev *hdev, bdaddr_t *bdaddr,
Marcel Holtmannc70a7e42014-07-01 14:11:21 +02001336 u8 bdaddr_type, s8 rssi, u32 flags,
1337 u8 *data, u8 len)
Johan Hedbergb9a63282014-03-25 10:51:52 +02001338{
1339 struct discovery_state *d = &hdev->discovery;
1340
1341 bacpy(&d->last_adv_addr, bdaddr);
1342 d->last_adv_addr_type = bdaddr_type;
Johan Hedbergff5cd292014-03-25 14:40:52 +02001343 d->last_adv_rssi = rssi;
Marcel Holtmannc70a7e42014-07-01 14:11:21 +02001344 d->last_adv_flags = flags;
Johan Hedbergb9a63282014-03-25 10:51:52 +02001345 memcpy(d->last_adv_data, data, len);
1346 d->last_adv_data_len = len;
1347}
1348
Jaganath Kanakkassery3baef812018-07-06 17:05:27 +05301349static void le_set_scan_enable_complete(struct hci_dev *hdev, u8 enable)
Andre Guedeseb9d91f2011-05-26 16:23:52 -03001350{
Jaganath Kanakkassery5c1a4c82014-12-11 18:58:15 +05301351 hci_dev_lock(hdev);
1352
Jaganath Kanakkassery3baef812018-07-06 17:05:27 +05301353 switch (enable) {
Andre Guedes76a388be2013-04-04 20:21:02 -03001354 case LE_SCAN_ENABLE:
Marcel Holtmanna1536da2015-03-13 02:11:01 -07001355 hci_dev_set_flag(hdev, HCI_LE_SCAN);
Johan Hedbergb9a63282014-03-25 10:51:52 +02001356 if (hdev->le_scan_type == LE_SCAN_ACTIVE)
1357 clear_pending_adv_report(hdev);
Andrei Emeltchenko68a8aea2011-12-19 16:14:18 +02001358 break;
1359
Andre Guedes76a388be2013-04-04 20:21:02 -03001360 case LE_SCAN_DISABLE:
Johan Hedbergb9a63282014-03-25 10:51:52 +02001361 /* We do this here instead of when setting DISCOVERY_STOPPED
1362 * since the latter would potentially require waiting for
1363 * inquiry to stop too.
1364 */
1365 if (has_pending_adv_report(hdev)) {
1366 struct discovery_state *d = &hdev->discovery;
1367
1368 mgmt_device_found(hdev, &d->last_adv_addr, LE_LINK,
Johan Hedbergab0aa432014-03-26 14:17:12 +02001369 d->last_adv_addr_type, NULL,
Marcel Holtmannc70a7e42014-07-01 14:11:21 +02001370 d->last_adv_rssi, d->last_adv_flags,
Johan Hedbergab0aa432014-03-26 14:17:12 +02001371 d->last_adv_data,
Johan Hedbergb9a63282014-03-25 10:51:52 +02001372 d->last_adv_data_len, NULL, 0);
1373 }
1374
Johan Hedberg317ac8c2014-02-28 20:26:12 +02001375 /* Cancel this timer so that we don't try to disable scanning
1376 * when it's already disabled.
1377 */
1378 cancel_delayed_work(&hdev->le_scan_disable);
1379
Marcel Holtmanna358dc12015-03-13 02:11:02 -07001380 hci_dev_clear_flag(hdev, HCI_LE_SCAN);
Johan Hedberge8bb6b92014-07-08 15:07:53 +03001381
Johan Hedberg81ad6fd2014-02-28 20:26:13 +02001382 /* The HCI_LE_SCAN_INTERRUPTED flag indicates that we
1383 * interrupted scanning due to a connect request. Mark
Johan Hedberge8bb6b92014-07-08 15:07:53 +03001384 * therefore discovery as stopped. If this was not
1385 * because of a connect request advertising might have
1386 * been disabled because of active scanning, so
1387 * re-enable it again if necessary.
Johan Hedberg81ad6fd2014-02-28 20:26:13 +02001388 */
Marcel Holtmanna69d8922015-03-13 02:11:05 -07001389 if (hci_dev_test_and_clear_flag(hdev, HCI_LE_SCAN_INTERRUPTED))
Johan Hedberg81ad6fd2014-02-28 20:26:13 +02001390 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07001391 else if (!hci_dev_test_flag(hdev, HCI_LE_ADV) &&
Johan Hedberg34722272014-07-08 16:05:05 +03001392 hdev->discovery.state == DISCOVERY_FINDING)
Johan Hedbergf2252572015-11-18 12:49:20 +02001393 hci_req_reenable_advertising(hdev);
Johan Hedberge8bb6b92014-07-08 15:07:53 +03001394
Andrei Emeltchenko68a8aea2011-12-19 16:14:18 +02001395 break;
1396
1397 default:
Marcel Holtmann2064ee32017-10-30 10:42:59 +01001398 bt_dev_err(hdev, "use of reserved LE_Scan_Enable param %d",
Jaganath Kanakkassery3baef812018-07-06 17:05:27 +05301399 enable);
Andrei Emeltchenko68a8aea2011-12-19 16:14:18 +02001400 break;
Andre Guedes35815082011-05-26 16:23:53 -03001401 }
Jaganath Kanakkassery5c1a4c82014-12-11 18:58:15 +05301402
1403 hci_dev_unlock(hdev);
Andre Guedeseb9d91f2011-05-26 16:23:52 -03001404}
1405
Jaganath Kanakkassery3baef812018-07-06 17:05:27 +05301406static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1407 struct sk_buff *skb)
1408{
1409 struct hci_cp_le_set_scan_enable *cp;
1410 __u8 status = *((__u8 *) skb->data);
1411
1412 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1413
1414 if (status)
1415 return;
1416
1417 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1418 if (!cp)
1419 return;
1420
1421 le_set_scan_enable_complete(hdev, cp->enable);
1422}
1423
Jaganath Kanakkasserya2344b92018-07-06 17:05:28 +05301424static void hci_cc_le_set_ext_scan_enable(struct hci_dev *hdev,
1425 struct sk_buff *skb)
1426{
1427 struct hci_cp_le_set_ext_scan_enable *cp;
1428 __u8 status = *((__u8 *) skb->data);
1429
1430 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1431
1432 if (status)
1433 return;
1434
1435 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_EXT_SCAN_ENABLE);
1436 if (!cp)
1437 return;
1438
1439 le_set_scan_enable_complete(hdev, cp->enable);
1440}
1441
Jaganath Kanakkassery6b49bcb2018-07-19 17:09:40 +05301442static void hci_cc_le_read_num_adv_sets(struct hci_dev *hdev,
1443 struct sk_buff *skb)
1444{
1445 struct hci_rp_le_read_num_supported_adv_sets *rp = (void *) skb->data;
1446
1447 BT_DBG("%s status 0x%2.2x No of Adv sets %u", hdev->name, rp->status,
1448 rp->num_of_sets);
1449
1450 if (rp->status)
1451 return;
1452
1453 hdev->le_num_of_adv_sets = rp->num_of_sets;
1454}
1455
Johan Hedbergcf1d0812013-01-22 14:02:00 +02001456static void hci_cc_le_read_white_list_size(struct hci_dev *hdev,
1457 struct sk_buff *skb)
1458{
1459 struct hci_rp_le_read_white_list_size *rp = (void *) skb->data;
1460
1461 BT_DBG("%s status 0x%2.2x size %u", hdev->name, rp->status, rp->size);
1462
Marcel Holtmann45296ac2014-07-05 10:48:01 +02001463 if (rp->status)
1464 return;
1465
1466 hdev->le_white_list_size = rp->size;
Johan Hedbergcf1d0812013-01-22 14:02:00 +02001467}
1468
Marcel Holtmann0f36b582014-02-27 20:37:31 -08001469static void hci_cc_le_clear_white_list(struct hci_dev *hdev,
1470 struct sk_buff *skb)
1471{
1472 __u8 status = *((__u8 *) skb->data);
1473
1474 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1475
Marcel Holtmann45296ac2014-07-05 10:48:01 +02001476 if (status)
1477 return;
1478
Johan Hedbergdcc36c12014-07-09 12:59:13 +03001479 hci_bdaddr_list_clear(&hdev->le_white_list);
Marcel Holtmann0f36b582014-02-27 20:37:31 -08001480}
1481
1482static void hci_cc_le_add_to_white_list(struct hci_dev *hdev,
1483 struct sk_buff *skb)
1484{
1485 struct hci_cp_le_add_to_white_list *sent;
1486 __u8 status = *((__u8 *) skb->data);
1487
1488 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1489
Marcel Holtmann45296ac2014-07-05 10:48:01 +02001490 if (status)
1491 return;
1492
Marcel Holtmann0f36b582014-02-27 20:37:31 -08001493 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_ADD_TO_WHITE_LIST);
1494 if (!sent)
1495 return;
1496
Johan Hedbergdcc36c12014-07-09 12:59:13 +03001497 hci_bdaddr_list_add(&hdev->le_white_list, &sent->bdaddr,
1498 sent->bdaddr_type);
Marcel Holtmann0f36b582014-02-27 20:37:31 -08001499}
1500
1501static void hci_cc_le_del_from_white_list(struct hci_dev *hdev,
1502 struct sk_buff *skb)
1503{
1504 struct hci_cp_le_del_from_white_list *sent;
1505 __u8 status = *((__u8 *) skb->data);
1506
1507 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1508
Marcel Holtmann45296ac2014-07-05 10:48:01 +02001509 if (status)
1510 return;
1511
Marcel Holtmann0f36b582014-02-27 20:37:31 -08001512 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_DEL_FROM_WHITE_LIST);
1513 if (!sent)
1514 return;
1515
Johan Hedbergdcc36c12014-07-09 12:59:13 +03001516 hci_bdaddr_list_del(&hdev->le_white_list, &sent->bdaddr,
1517 sent->bdaddr_type);
Marcel Holtmann0f36b582014-02-27 20:37:31 -08001518}
1519
Johan Hedberg9b008c02013-01-22 14:02:01 +02001520static void hci_cc_le_read_supported_states(struct hci_dev *hdev,
1521 struct sk_buff *skb)
1522{
1523 struct hci_rp_le_read_supported_states *rp = (void *) skb->data;
1524
1525 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1526
Marcel Holtmann45296ac2014-07-05 10:48:01 +02001527 if (rp->status)
1528 return;
1529
1530 memcpy(hdev->le_states, rp->le_states, 8);
Johan Hedberg9b008c02013-01-22 14:02:01 +02001531}
1532
Marcel Holtmanna8e1bfa2014-12-20 16:28:40 +01001533static void hci_cc_le_read_def_data_len(struct hci_dev *hdev,
1534 struct sk_buff *skb)
1535{
1536 struct hci_rp_le_read_def_data_len *rp = (void *) skb->data;
1537
1538 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1539
1540 if (rp->status)
1541 return;
1542
1543 hdev->le_def_tx_len = le16_to_cpu(rp->tx_len);
1544 hdev->le_def_tx_time = le16_to_cpu(rp->tx_time);
1545}
1546
1547static void hci_cc_le_write_def_data_len(struct hci_dev *hdev,
1548 struct sk_buff *skb)
1549{
1550 struct hci_cp_le_write_def_data_len *sent;
1551 __u8 status = *((__u8 *) skb->data);
1552
1553 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1554
1555 if (status)
1556 return;
1557
1558 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_WRITE_DEF_DATA_LEN);
1559 if (!sent)
1560 return;
1561
1562 hdev->le_def_tx_len = le16_to_cpu(sent->tx_len);
1563 hdev->le_def_tx_time = le16_to_cpu(sent->tx_time);
1564}
1565
Ankit Navikb950aa82018-08-17 07:29:19 +05301566static void hci_cc_le_add_to_resolv_list(struct hci_dev *hdev,
1567 struct sk_buff *skb)
1568{
1569 struct hci_cp_le_add_to_resolv_list *sent;
1570 __u8 status = *((__u8 *) skb->data);
1571
1572 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1573
1574 if (status)
1575 return;
1576
1577 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_ADD_TO_RESOLV_LIST);
1578 if (!sent)
1579 return;
1580
1581 hci_bdaddr_list_add_with_irk(&hdev->le_resolv_list, &sent->bdaddr,
1582 sent->bdaddr_type, sent->peer_irk,
1583 sent->local_irk);
1584}
1585
1586static void hci_cc_le_del_from_resolv_list(struct hci_dev *hdev,
1587 struct sk_buff *skb)
1588{
1589 struct hci_cp_le_del_from_resolv_list *sent;
1590 __u8 status = *((__u8 *) skb->data);
1591
1592 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1593
1594 if (status)
1595 return;
1596
1597 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_DEL_FROM_RESOLV_LIST);
1598 if (!sent)
1599 return;
1600
1601 hci_bdaddr_list_del_with_irk(&hdev->le_resolv_list, &sent->bdaddr,
1602 sent->bdaddr_type);
1603}
1604
Ankit Navik545f2592018-06-29 12:13:20 +05301605static void hci_cc_le_clear_resolv_list(struct hci_dev *hdev,
1606 struct sk_buff *skb)
1607{
1608 __u8 status = *((__u8 *) skb->data);
1609
1610 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1611
1612 if (status)
1613 return;
1614
1615 hci_bdaddr_list_clear(&hdev->le_resolv_list);
1616}
1617
Ankit Navikcfdb0c22018-06-29 12:12:50 +05301618static void hci_cc_le_read_resolv_list_size(struct hci_dev *hdev,
1619 struct sk_buff *skb)
1620{
1621 struct hci_rp_le_read_resolv_list_size *rp = (void *) skb->data;
1622
1623 BT_DBG("%s status 0x%2.2x size %u", hdev->name, rp->status, rp->size);
1624
1625 if (rp->status)
1626 return;
1627
1628 hdev->le_resolv_list_size = rp->size;
1629}
1630
Ankit Navikaa12af72018-08-07 13:16:35 +05301631static void hci_cc_le_set_addr_resolution_enable(struct hci_dev *hdev,
1632 struct sk_buff *skb)
1633{
1634 __u8 *sent, status = *((__u8 *) skb->data);
1635
1636 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1637
1638 if (status)
1639 return;
1640
1641 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADDR_RESOLV_ENABLE);
1642 if (!sent)
1643 return;
1644
1645 hci_dev_lock(hdev);
1646
1647 if (*sent)
1648 hci_dev_set_flag(hdev, HCI_LL_RPA_RESOLUTION);
1649 else
1650 hci_dev_clear_flag(hdev, HCI_LL_RPA_RESOLUTION);
1651
1652 hci_dev_unlock(hdev);
1653}
1654
Marcel Holtmanna8e1bfa2014-12-20 16:28:40 +01001655static void hci_cc_le_read_max_data_len(struct hci_dev *hdev,
1656 struct sk_buff *skb)
1657{
1658 struct hci_rp_le_read_max_data_len *rp = (void *) skb->data;
1659
1660 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1661
1662 if (rp->status)
1663 return;
1664
1665 hdev->le_max_tx_len = le16_to_cpu(rp->tx_len);
1666 hdev->le_max_tx_time = le16_to_cpu(rp->tx_time);
1667 hdev->le_max_rx_len = le16_to_cpu(rp->rx_len);
1668 hdev->le_max_rx_time = le16_to_cpu(rp->rx_time);
1669}
1670
Gustavo Padovan6039aa72012-05-23 04:04:18 -03001671static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1672 struct sk_buff *skb)
Andre Guedesf9b49302011-06-30 19:20:53 -03001673{
Johan Hedberg06199cf2012-02-22 16:37:11 +02001674 struct hci_cp_write_le_host_supported *sent;
Andre Guedesf9b49302011-06-30 19:20:53 -03001675 __u8 status = *((__u8 *) skb->data);
1676
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03001677 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Andre Guedesf9b49302011-06-30 19:20:53 -03001678
Marcel Holtmann45296ac2014-07-05 10:48:01 +02001679 if (status)
1680 return;
1681
Johan Hedberg06199cf2012-02-22 16:37:11 +02001682 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED);
Johan Hedberg8f984df2012-02-28 01:07:22 +02001683 if (!sent)
Andre Guedesf9b49302011-06-30 19:20:53 -03001684 return;
1685
Jaganath Kanakkassery5c1a4c82014-12-11 18:58:15 +05301686 hci_dev_lock(hdev);
1687
Marcel Holtmann45296ac2014-07-05 10:48:01 +02001688 if (sent->le) {
1689 hdev->features[1][0] |= LMP_HOST_LE;
Marcel Holtmanna1536da2015-03-13 02:11:01 -07001690 hci_dev_set_flag(hdev, HCI_LE_ENABLED);
Marcel Holtmann45296ac2014-07-05 10:48:01 +02001691 } else {
1692 hdev->features[1][0] &= ~LMP_HOST_LE;
Marcel Holtmanna358dc12015-03-13 02:11:02 -07001693 hci_dev_clear_flag(hdev, HCI_LE_ENABLED);
1694 hci_dev_clear_flag(hdev, HCI_ADVERTISING);
Johan Hedberg8f984df2012-02-28 01:07:22 +02001695 }
Marcel Holtmann45296ac2014-07-05 10:48:01 +02001696
1697 if (sent->simul)
1698 hdev->features[1][0] |= LMP_HOST_LE_BREDR;
1699 else
1700 hdev->features[1][0] &= ~LMP_HOST_LE_BREDR;
Jaganath Kanakkassery5c1a4c82014-12-11 18:58:15 +05301701
1702 hci_dev_unlock(hdev);
Andre Guedesf9b49302011-06-30 19:20:53 -03001703}
1704
Johan Hedberg56ed2cb2014-02-27 14:05:40 +02001705static void hci_cc_set_adv_param(struct hci_dev *hdev, struct sk_buff *skb)
1706{
1707 struct hci_cp_le_set_adv_param *cp;
1708 u8 status = *((u8 *) skb->data);
1709
1710 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1711
1712 if (status)
1713 return;
1714
1715 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_PARAM);
1716 if (!cp)
1717 return;
1718
1719 hci_dev_lock(hdev);
1720 hdev->adv_addr_type = cp->own_address_type;
1721 hci_dev_unlock(hdev);
1722}
1723
Jaganath Kanakkasseryde181e82018-07-19 17:09:41 +05301724static void hci_cc_set_ext_adv_param(struct hci_dev *hdev, struct sk_buff *skb)
1725{
1726 struct hci_rp_le_set_ext_adv_params *rp = (void *) skb->data;
1727 struct hci_cp_le_set_ext_adv_params *cp;
1728 struct adv_info *adv_instance;
1729
1730 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1731
1732 if (rp->status)
1733 return;
1734
1735 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_EXT_ADV_PARAMS);
1736 if (!cp)
1737 return;
1738
1739 hci_dev_lock(hdev);
1740 hdev->adv_addr_type = cp->own_addr_type;
1741 if (!hdev->cur_adv_instance) {
1742 /* Store in hdev for instance 0 */
1743 hdev->adv_tx_power = rp->tx_power;
1744 } else {
1745 adv_instance = hci_find_adv_instance(hdev,
1746 hdev->cur_adv_instance);
1747 if (adv_instance)
1748 adv_instance->tx_power = rp->tx_power;
1749 }
Jaganath Kanakkasserya0fb3722018-07-19 17:09:42 +05301750 /* Update adv data as tx power is known now */
1751 hci_req_update_adv_data(hdev, hdev->cur_adv_instance);
Jaganath Kanakkasseryde181e82018-07-19 17:09:41 +05301752 hci_dev_unlock(hdev);
1753}
1754
Andrzej Kaczmarek5ae76a92014-05-08 15:32:08 +02001755static void hci_cc_read_rssi(struct hci_dev *hdev, struct sk_buff *skb)
1756{
1757 struct hci_rp_read_rssi *rp = (void *) skb->data;
1758 struct hci_conn *conn;
1759
1760 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1761
1762 if (rp->status)
1763 return;
1764
1765 hci_dev_lock(hdev);
1766
1767 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
1768 if (conn)
1769 conn->rssi = rp->rssi;
1770
1771 hci_dev_unlock(hdev);
1772}
1773
Andrzej Kaczmarek5a134fa2014-05-09 21:35:28 +02001774static void hci_cc_read_tx_power(struct hci_dev *hdev, struct sk_buff *skb)
1775{
1776 struct hci_cp_read_tx_power *sent;
1777 struct hci_rp_read_tx_power *rp = (void *) skb->data;
1778 struct hci_conn *conn;
1779
1780 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1781
1782 if (rp->status)
1783 return;
1784
1785 sent = hci_sent_cmd_data(hdev, HCI_OP_READ_TX_POWER);
1786 if (!sent)
1787 return;
1788
1789 hci_dev_lock(hdev);
1790
1791 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
Andrzej Kaczmarekd0455ed2014-05-14 13:43:05 +02001792 if (!conn)
1793 goto unlock;
Andrzej Kaczmarek5a134fa2014-05-09 21:35:28 +02001794
Andrzej Kaczmarekd0455ed2014-05-14 13:43:05 +02001795 switch (sent->type) {
1796 case 0x00:
1797 conn->tx_power = rp->tx_power;
1798 break;
1799 case 0x01:
1800 conn->max_tx_power = rp->tx_power;
1801 break;
1802 }
1803
1804unlock:
Andrzej Kaczmarek5a134fa2014-05-09 21:35:28 +02001805 hci_dev_unlock(hdev);
1806}
1807
Marcel Holtmannc50b33c2015-01-31 15:07:52 -08001808static void hci_cc_write_ssp_debug_mode(struct hci_dev *hdev, struct sk_buff *skb)
1809{
1810 u8 status = *((u8 *) skb->data);
1811 u8 *mode;
1812
1813 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1814
1815 if (status)
1816 return;
1817
1818 mode = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_DEBUG_MODE);
1819 if (mode)
1820 hdev->ssp_debug_mode = *mode;
1821}
1822
Gustavo Padovan6039aa72012-05-23 04:04:18 -03001823static void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
Marcel Holtmanna9de9242007-10-20 13:33:56 +02001824{
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03001825 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02001826
1827 if (status) {
Marcel Holtmanna9de9242007-10-20 13:33:56 +02001828 hci_conn_check_pending(hdev);
Johan Hedberg314b2382011-04-27 10:29:57 -04001829 return;
1830 }
1831
Andre Guedes89352e72011-11-04 14:16:53 -03001832 set_bit(HCI_INQUIRY, &hdev->flags);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02001833}
1834
Gustavo Padovan6039aa72012-05-23 04:04:18 -03001835static void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
Linus Torvalds1da177e2005-04-16 15:20:36 -07001836{
Marcel Holtmanna9de9242007-10-20 13:33:56 +02001837 struct hci_cp_create_conn *cp;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001838 struct hci_conn *conn;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001839
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03001840 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02001841
1842 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001843 if (!cp)
1844 return;
1845
1846 hci_dev_lock(hdev);
1847
1848 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1849
Andrei Emeltchenko6ed93dc2012-09-25 12:49:43 +03001850 BT_DBG("%s bdaddr %pMR hcon %p", hdev->name, &cp->bdaddr, conn);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001851
1852 if (status) {
1853 if (conn && conn->state == BT_CONNECT) {
Marcel Holtmann4c67bc72006-10-15 17:30:56 +02001854 if (status != 0x0c || conn->attempt > 2) {
1855 conn->state = BT_CLOSED;
Johan Hedberg539c4962015-02-18 14:53:57 +02001856 hci_connect_cfm(conn, status);
Marcel Holtmann4c67bc72006-10-15 17:30:56 +02001857 hci_conn_del(conn);
1858 } else
1859 conn->state = BT_CONNECT2;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001860 }
1861 } else {
1862 if (!conn) {
Johan Hedberga5c4e302014-07-16 11:56:07 +03001863 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr,
1864 HCI_ROLE_MASTER);
1865 if (!conn)
Marcel Holtmann2064ee32017-10-30 10:42:59 +01001866 bt_dev_err(hdev, "no memory for new connection");
Linus Torvalds1da177e2005-04-16 15:20:36 -07001867 }
1868 }
1869
1870 hci_dev_unlock(hdev);
1871}
1872
Marcel Holtmanna9de9242007-10-20 13:33:56 +02001873static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
Linus Torvalds1da177e2005-04-16 15:20:36 -07001874{
Marcel Holtmanna9de9242007-10-20 13:33:56 +02001875 struct hci_cp_add_sco *cp;
1876 struct hci_conn *acl, *sco;
1877 __u16 handle;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001878
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03001879 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Marcel Holtmannb6a0dc82007-10-20 14:55:10 +02001880
Marcel Holtmanna9de9242007-10-20 13:33:56 +02001881 if (!status)
1882 return;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001883
Marcel Holtmanna9de9242007-10-20 13:33:56 +02001884 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1885 if (!cp)
1886 return;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001887
Marcel Holtmanna9de9242007-10-20 13:33:56 +02001888 handle = __le16_to_cpu(cp->handle);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001889
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03001890 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
Marcel Holtmann6bd57412006-11-18 22:14:22 +01001891
1892 hci_dev_lock(hdev);
1893
Marcel Holtmanna9de9242007-10-20 13:33:56 +02001894 acl = hci_conn_hash_lookup_handle(hdev, handle);
Andrei Emeltchenko5a08ecc2011-01-11 17:20:20 +02001895 if (acl) {
1896 sco = acl->link;
1897 if (sco) {
1898 sco->state = BT_CLOSED;
Marcel Holtmanna9de9242007-10-20 13:33:56 +02001899
Johan Hedberg539c4962015-02-18 14:53:57 +02001900 hci_connect_cfm(sco, status);
Andrei Emeltchenko5a08ecc2011-01-11 17:20:20 +02001901 hci_conn_del(sco);
1902 }
Marcel Holtmanna9de9242007-10-20 13:33:56 +02001903 }
Marcel Holtmann6bd57412006-11-18 22:14:22 +01001904
1905 hci_dev_unlock(hdev);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001906}
1907
Marcel Holtmannf8558552008-07-14 20:13:49 +02001908static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1909{
1910 struct hci_cp_auth_requested *cp;
1911 struct hci_conn *conn;
1912
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03001913 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Marcel Holtmannf8558552008-07-14 20:13:49 +02001914
1915 if (!status)
1916 return;
1917
1918 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1919 if (!cp)
1920 return;
1921
1922 hci_dev_lock(hdev);
1923
1924 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1925 if (conn) {
1926 if (conn->state == BT_CONFIG) {
Johan Hedberg539c4962015-02-18 14:53:57 +02001927 hci_connect_cfm(conn, status);
David Herrmann76a68ba2013-04-06 20:28:37 +02001928 hci_conn_drop(conn);
Marcel Holtmannf8558552008-07-14 20:13:49 +02001929 }
1930 }
1931
1932 hci_dev_unlock(hdev);
1933}
1934
1935static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1936{
1937 struct hci_cp_set_conn_encrypt *cp;
1938 struct hci_conn *conn;
1939
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03001940 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Marcel Holtmannf8558552008-07-14 20:13:49 +02001941
1942 if (!status)
1943 return;
1944
1945 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1946 if (!cp)
1947 return;
1948
1949 hci_dev_lock(hdev);
1950
1951 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1952 if (conn) {
1953 if (conn->state == BT_CONFIG) {
Johan Hedberg539c4962015-02-18 14:53:57 +02001954 hci_connect_cfm(conn, status);
David Herrmann76a68ba2013-04-06 20:28:37 +02001955 hci_conn_drop(conn);
Marcel Holtmannf8558552008-07-14 20:13:49 +02001956 }
1957 }
1958
1959 hci_dev_unlock(hdev);
1960}
1961
Johan Hedberg127178d2010-11-18 22:22:29 +02001962static int hci_outgoing_auth_needed(struct hci_dev *hdev,
Gustavo Padovan807deac2012-05-17 00:36:24 -03001963 struct hci_conn *conn)
Johan Hedberg392599b2010-11-18 22:22:28 +02001964{
Johan Hedberg392599b2010-11-18 22:22:28 +02001965 if (conn->state != BT_CONFIG || !conn->out)
1966 return 0;
1967
Johan Hedberg765c2a92011-01-19 12:06:52 +05301968 if (conn->pending_sec_level == BT_SECURITY_SDP)
Johan Hedberg392599b2010-11-18 22:22:28 +02001969 return 0;
1970
1971 /* Only request authentication for SSP connections or non-SSP
Johan Hedberg264b8b42014-01-08 16:40:39 +02001972 * devices with sec_level MEDIUM or HIGH or if MITM protection
1973 * is requested.
1974 */
Gustavo Padovan807deac2012-05-17 00:36:24 -03001975 if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) &&
Johan Hedberg7e3691e2014-05-30 14:45:19 +03001976 conn->pending_sec_level != BT_SECURITY_FIPS &&
Johan Hedberg264b8b42014-01-08 16:40:39 +02001977 conn->pending_sec_level != BT_SECURITY_HIGH &&
1978 conn->pending_sec_level != BT_SECURITY_MEDIUM)
Johan Hedberg392599b2010-11-18 22:22:28 +02001979 return 0;
1980
Johan Hedberg392599b2010-11-18 22:22:28 +02001981 return 1;
1982}
1983
Gustavo Padovan6039aa72012-05-23 04:04:18 -03001984static int hci_resolve_name(struct hci_dev *hdev,
Gustavo F. Padovan04124682012-03-08 01:25:00 -03001985 struct inquiry_entry *e)
Johan Hedberg30dc78e2012-01-04 15:44:20 +02001986{
1987 struct hci_cp_remote_name_req cp;
1988
1989 memset(&cp, 0, sizeof(cp));
1990
1991 bacpy(&cp.bdaddr, &e->data.bdaddr);
1992 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1993 cp.pscan_mode = e->data.pscan_mode;
1994 cp.clock_offset = e->data.clock_offset;
1995
1996 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1997}
1998
Johan Hedbergb644ba32012-01-17 21:48:47 +02001999static bool hci_resolve_next_name(struct hci_dev *hdev)
Johan Hedberg30dc78e2012-01-04 15:44:20 +02002000{
2001 struct discovery_state *discov = &hdev->discovery;
2002 struct inquiry_entry *e;
2003
Johan Hedbergb644ba32012-01-17 21:48:47 +02002004 if (list_empty(&discov->resolve))
2005 return false;
2006
2007 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
Ram Malovanyc8100892012-07-19 10:26:09 +03002008 if (!e)
2009 return false;
2010
Johan Hedbergb644ba32012-01-17 21:48:47 +02002011 if (hci_resolve_name(hdev, e) == 0) {
2012 e->name_state = NAME_PENDING;
2013 return true;
2014 }
2015
2016 return false;
2017}
2018
2019static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
Gustavo F. Padovan04124682012-03-08 01:25:00 -03002020 bdaddr_t *bdaddr, u8 *name, u8 name_len)
Johan Hedbergb644ba32012-01-17 21:48:47 +02002021{
2022 struct discovery_state *discov = &hdev->discovery;
2023 struct inquiry_entry *e;
2024
Johan Hedberg60cb49d2014-11-11 11:33:24 +02002025 /* Update the mgmt connected state if necessary. Be careful with
2026 * conn objects that exist but are not (yet) connected however.
2027 * Only those in BT_CONFIG or BT_CONNECTED states can be
2028 * considered connected.
2029 */
2030 if (conn &&
2031 (conn->state == BT_CONFIG || conn->state == BT_CONNECTED) &&
Jaganath Kanakkasserycb77c3e2014-11-07 16:39:09 +05302032 !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
Alfonso Acosta48ec92f2014-10-07 08:44:10 +00002033 mgmt_device_connected(hdev, conn, 0, name, name_len);
Johan Hedbergb644ba32012-01-17 21:48:47 +02002034
2035 if (discov->state == DISCOVERY_STOPPED)
2036 return;
2037
Johan Hedberg30dc78e2012-01-04 15:44:20 +02002038 if (discov->state == DISCOVERY_STOPPING)
2039 goto discov_complete;
2040
2041 if (discov->state != DISCOVERY_RESOLVING)
2042 return;
2043
2044 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
Ram Malovany7cc83802012-07-19 10:26:10 +03002045 /* If the device was not found in a list of found devices names of which
2046 * are pending. there is no need to continue resolving a next name as it
2047 * will be done upon receiving another Remote Name Request Complete
2048 * Event */
2049 if (!e)
2050 return;
2051
2052 list_del(&e->list);
2053 if (name) {
Johan Hedberg30dc78e2012-01-04 15:44:20 +02002054 e->name_state = NAME_KNOWN;
Ram Malovany7cc83802012-07-19 10:26:10 +03002055 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
2056 e->data.rssi, name, name_len);
Ram Malovanyc3e7c0d2012-07-19 10:26:11 +03002057 } else {
2058 e->name_state = NAME_NOT_KNOWN;
Johan Hedberg30dc78e2012-01-04 15:44:20 +02002059 }
2060
Johan Hedbergb644ba32012-01-17 21:48:47 +02002061 if (hci_resolve_next_name(hdev))
Johan Hedberg30dc78e2012-01-04 15:44:20 +02002062 return;
Johan Hedberg30dc78e2012-01-04 15:44:20 +02002063
2064discov_complete:
2065 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2066}
2067
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002068static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
2069{
Johan Hedberg127178d2010-11-18 22:22:29 +02002070 struct hci_cp_remote_name_req *cp;
2071 struct hci_conn *conn;
2072
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03002073 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Johan Hedberg127178d2010-11-18 22:22:29 +02002074
2075 /* If successful wait for the name req complete event before
2076 * checking for the need to do authentication */
2077 if (!status)
2078 return;
2079
2080 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
2081 if (!cp)
2082 return;
2083
2084 hci_dev_lock(hdev);
2085
2086 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
Johan Hedbergb644ba32012-01-17 21:48:47 +02002087
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07002088 if (hci_dev_test_flag(hdev, HCI_MGMT))
Johan Hedbergb644ba32012-01-17 21:48:47 +02002089 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
2090
Johan Hedberg79c6c702011-04-28 11:28:55 -07002091 if (!conn)
2092 goto unlock;
2093
2094 if (!hci_outgoing_auth_needed(hdev, conn))
2095 goto unlock;
2096
Johan Hedberg51a8efd2012-01-16 06:10:31 +02002097 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
Johannes Bergc1f23a22013-10-07 18:19:16 +02002098 struct hci_cp_auth_requested auth_cp;
2099
Johan Hedberg977f8fc2014-07-17 15:35:39 +03002100 set_bit(HCI_CONN_AUTH_INITIATOR, &conn->flags);
2101
Johannes Bergc1f23a22013-10-07 18:19:16 +02002102 auth_cp.handle = __cpu_to_le16(conn->handle);
2103 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED,
2104 sizeof(auth_cp), &auth_cp);
Johan Hedberg127178d2010-11-18 22:22:29 +02002105 }
2106
Johan Hedberg79c6c702011-04-28 11:28:55 -07002107unlock:
Johan Hedberg127178d2010-11-18 22:22:29 +02002108 hci_dev_unlock(hdev);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002109}
2110
Marcel Holtmann769be972008-07-14 20:13:49 +02002111static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
2112{
2113 struct hci_cp_read_remote_features *cp;
2114 struct hci_conn *conn;
2115
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03002116 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Marcel Holtmann769be972008-07-14 20:13:49 +02002117
2118 if (!status)
2119 return;
2120
2121 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
2122 if (!cp)
2123 return;
2124
2125 hci_dev_lock(hdev);
2126
2127 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
2128 if (conn) {
2129 if (conn->state == BT_CONFIG) {
Johan Hedberg539c4962015-02-18 14:53:57 +02002130 hci_connect_cfm(conn, status);
David Herrmann76a68ba2013-04-06 20:28:37 +02002131 hci_conn_drop(conn);
Marcel Holtmann769be972008-07-14 20:13:49 +02002132 }
2133 }
2134
2135 hci_dev_unlock(hdev);
2136}
2137
2138static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
2139{
2140 struct hci_cp_read_remote_ext_features *cp;
2141 struct hci_conn *conn;
2142
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03002143 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Marcel Holtmann769be972008-07-14 20:13:49 +02002144
2145 if (!status)
2146 return;
2147
2148 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
2149 if (!cp)
2150 return;
2151
2152 hci_dev_lock(hdev);
2153
2154 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
2155 if (conn) {
2156 if (conn->state == BT_CONFIG) {
Johan Hedberg539c4962015-02-18 14:53:57 +02002157 hci_connect_cfm(conn, status);
David Herrmann76a68ba2013-04-06 20:28:37 +02002158 hci_conn_drop(conn);
Marcel Holtmann769be972008-07-14 20:13:49 +02002159 }
2160 }
2161
2162 hci_dev_unlock(hdev);
2163}
2164
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002165static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
2166{
Marcel Holtmannb6a0dc82007-10-20 14:55:10 +02002167 struct hci_cp_setup_sync_conn *cp;
2168 struct hci_conn *acl, *sco;
2169 __u16 handle;
2170
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03002171 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Marcel Holtmannb6a0dc82007-10-20 14:55:10 +02002172
2173 if (!status)
2174 return;
2175
2176 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
2177 if (!cp)
2178 return;
2179
2180 handle = __le16_to_cpu(cp->handle);
2181
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03002182 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
Marcel Holtmannb6a0dc82007-10-20 14:55:10 +02002183
2184 hci_dev_lock(hdev);
2185
2186 acl = hci_conn_hash_lookup_handle(hdev, handle);
Andrei Emeltchenko5a08ecc2011-01-11 17:20:20 +02002187 if (acl) {
2188 sco = acl->link;
2189 if (sco) {
2190 sco->state = BT_CLOSED;
Marcel Holtmannb6a0dc82007-10-20 14:55:10 +02002191
Johan Hedberg539c4962015-02-18 14:53:57 +02002192 hci_connect_cfm(sco, status);
Andrei Emeltchenko5a08ecc2011-01-11 17:20:20 +02002193 hci_conn_del(sco);
2194 }
Marcel Holtmannb6a0dc82007-10-20 14:55:10 +02002195 }
2196
2197 hci_dev_unlock(hdev);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002198}
2199
2200static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
2201{
2202 struct hci_cp_sniff_mode *cp;
2203 struct hci_conn *conn;
2204
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03002205 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002206
2207 if (!status)
2208 return;
2209
2210 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
2211 if (!cp)
2212 return;
2213
2214 hci_dev_lock(hdev);
2215
2216 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
Marcel Holtmanne73439d2010-07-26 10:06:00 -04002217 if (conn) {
Johan Hedberg51a8efd2012-01-16 06:10:31 +02002218 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002219
Johan Hedberg51a8efd2012-01-16 06:10:31 +02002220 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
Marcel Holtmanne73439d2010-07-26 10:06:00 -04002221 hci_sco_setup(conn, status);
2222 }
2223
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002224 hci_dev_unlock(hdev);
2225}
2226
2227static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
2228{
2229 struct hci_cp_exit_sniff_mode *cp;
2230 struct hci_conn *conn;
2231
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03002232 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002233
2234 if (!status)
2235 return;
2236
2237 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
2238 if (!cp)
2239 return;
2240
2241 hci_dev_lock(hdev);
2242
2243 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
Marcel Holtmanne73439d2010-07-26 10:06:00 -04002244 if (conn) {
Johan Hedberg51a8efd2012-01-16 06:10:31 +02002245 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002246
Johan Hedberg51a8efd2012-01-16 06:10:31 +02002247 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
Marcel Holtmanne73439d2010-07-26 10:06:00 -04002248 hci_sco_setup(conn, status);
2249 }
2250
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002251 hci_dev_unlock(hdev);
2252}
2253
Johan Hedberg88c3df12012-02-09 14:27:38 +02002254static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
2255{
2256 struct hci_cp_disconnect *cp;
2257 struct hci_conn *conn;
2258
2259 if (!status)
2260 return;
2261
2262 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
2263 if (!cp)
2264 return;
2265
2266 hci_dev_lock(hdev);
2267
2268 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
Joseph Hwangb8d29052020-03-11 19:20:14 -07002269 if (conn) {
2270 u8 type = conn->type;
2271
Johan Hedberg88c3df12012-02-09 14:27:38 +02002272 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
Gustavo F. Padovan04124682012-03-08 01:25:00 -03002273 conn->dst_type, status);
Johan Hedberg88c3df12012-02-09 14:27:38 +02002274
Joseph Hwangb8d29052020-03-11 19:20:14 -07002275 /* If the disconnection failed for any reason, the upper layer
2276 * does not retry to disconnect in current implementation.
2277 * Hence, we need to do some basic cleanup here and re-enable
2278 * advertising if necessary.
2279 */
2280 hci_conn_del(conn);
2281 if (type == LE_LINK)
2282 hci_req_reenable_advertising(hdev);
2283 }
2284
Johan Hedberg88c3df12012-02-09 14:27:38 +02002285 hci_dev_unlock(hdev);
2286}
2287
Jaganath Kanakkasseryd12fb052018-07-06 17:05:30 +05302288static void cs_le_create_conn(struct hci_dev *hdev, bdaddr_t *peer_addr,
2289 u8 peer_addr_type, u8 own_address_type,
2290 u8 filter_policy)
2291{
2292 struct hci_conn *conn;
2293
2294 conn = hci_conn_hash_lookup_le(hdev, peer_addr,
2295 peer_addr_type);
2296 if (!conn)
2297 return;
2298
2299 /* Store the initiator and responder address information which
2300 * is needed for SMP. These values will not change during the
2301 * lifetime of the connection.
2302 */
2303 conn->init_addr_type = own_address_type;
2304 if (own_address_type == ADDR_LE_DEV_RANDOM)
2305 bacpy(&conn->init_addr, &hdev->random_addr);
2306 else
2307 bacpy(&conn->init_addr, &hdev->bdaddr);
2308
2309 conn->resp_addr_type = peer_addr_type;
2310 bacpy(&conn->resp_addr, peer_addr);
2311
2312 /* We don't want the connection attempt to stick around
2313 * indefinitely since LE doesn't have a page timeout concept
2314 * like BR/EDR. Set a timer for any connection that doesn't use
2315 * the white list for connecting.
2316 */
2317 if (filter_policy == HCI_LE_USE_PEER_ADDR)
2318 queue_delayed_work(conn->hdev->workqueue,
2319 &conn->le_conn_timeout,
2320 conn->conn_timeout);
2321}
2322
Johan Hedbergcb1d68f2014-02-28 12:54:16 +02002323static void hci_cs_le_create_conn(struct hci_dev *hdev, u8 status)
2324{
2325 struct hci_cp_le_create_conn *cp;
Johan Hedbergcb1d68f2014-02-28 12:54:16 +02002326
2327 BT_DBG("%s status 0x%2.2x", hdev->name, status);
2328
2329 /* All connection failure handling is taken care of by the
2330 * hci_le_conn_failed function which is triggered by the HCI
2331 * request completion callbacks used for connecting.
2332 */
2333 if (status)
2334 return;
2335
2336 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
2337 if (!cp)
2338 return;
2339
2340 hci_dev_lock(hdev);
2341
Jaganath Kanakkasseryd12fb052018-07-06 17:05:30 +05302342 cs_le_create_conn(hdev, &cp->peer_addr, cp->peer_addr_type,
2343 cp->own_address_type, cp->filter_policy);
Johan Hedbergcb1d68f2014-02-28 12:54:16 +02002344
Johan Hedbergcb1d68f2014-02-28 12:54:16 +02002345 hci_dev_unlock(hdev);
2346}
2347
Jaganath Kanakkassery4d94f952018-07-06 22:50:32 +02002348static void hci_cs_le_ext_create_conn(struct hci_dev *hdev, u8 status)
2349{
2350 struct hci_cp_le_ext_create_conn *cp;
2351
2352 BT_DBG("%s status 0x%2.2x", hdev->name, status);
2353
2354 /* All connection failure handling is taken care of by the
2355 * hci_le_conn_failed function which is triggered by the HCI
2356 * request completion callbacks used for connecting.
2357 */
2358 if (status)
2359 return;
2360
2361 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_EXT_CREATE_CONN);
2362 if (!cp)
2363 return;
2364
2365 hci_dev_lock(hdev);
2366
2367 cs_le_create_conn(hdev, &cp->peer_addr, cp->peer_addr_type,
2368 cp->own_addr_type, cp->filter_policy);
2369
2370 hci_dev_unlock(hdev);
2371}
2372
Marcel Holtmann0fe29fd2015-04-08 09:05:27 -07002373static void hci_cs_le_read_remote_features(struct hci_dev *hdev, u8 status)
2374{
2375 struct hci_cp_le_read_remote_features *cp;
2376 struct hci_conn *conn;
2377
2378 BT_DBG("%s status 0x%2.2x", hdev->name, status);
2379
2380 if (!status)
2381 return;
2382
2383 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_READ_REMOTE_FEATURES);
2384 if (!cp)
2385 return;
2386
2387 hci_dev_lock(hdev);
2388
2389 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
2390 if (conn) {
2391 if (conn->state == BT_CONFIG) {
2392 hci_connect_cfm(conn, status);
2393 hci_conn_drop(conn);
2394 }
2395 }
2396
2397 hci_dev_unlock(hdev);
2398}
2399
Johan Hedberg81d0c8a2014-03-24 14:39:04 +02002400static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
2401{
2402 struct hci_cp_le_start_enc *cp;
2403 struct hci_conn *conn;
2404
2405 BT_DBG("%s status 0x%2.2x", hdev->name, status);
2406
2407 if (!status)
2408 return;
2409
2410 hci_dev_lock(hdev);
2411
2412 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_START_ENC);
2413 if (!cp)
2414 goto unlock;
2415
2416 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
2417 if (!conn)
2418 goto unlock;
2419
2420 if (conn->state != BT_CONNECTED)
2421 goto unlock;
2422
2423 hci_disconnect(conn, HCI_ERROR_AUTH_FAILURE);
2424 hci_conn_drop(conn);
2425
2426unlock:
2427 hci_dev_unlock(hdev);
2428}
2429
Kuba Pawlak50fc85f2014-11-06 19:36:52 +01002430static void hci_cs_switch_role(struct hci_dev *hdev, u8 status)
2431{
2432 struct hci_cp_switch_role *cp;
2433 struct hci_conn *conn;
2434
2435 BT_DBG("%s status 0x%2.2x", hdev->name, status);
2436
2437 if (!status)
2438 return;
2439
2440 cp = hci_sent_cmd_data(hdev, HCI_OP_SWITCH_ROLE);
2441 if (!cp)
2442 return;
2443
2444 hci_dev_lock(hdev);
2445
2446 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
2447 if (conn)
2448 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
2449
2450 hci_dev_unlock(hdev);
2451}
2452
Gustavo Padovan6039aa72012-05-23 04:04:18 -03002453static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002454{
2455 __u8 status = *((__u8 *) skb->data);
Johan Hedberg30dc78e2012-01-04 15:44:20 +02002456 struct discovery_state *discov = &hdev->discovery;
2457 struct inquiry_entry *e;
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002458
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03002459 BT_DBG("%s status 0x%2.2x", hdev->name, status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002460
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002461 hci_conn_check_pending(hdev);
Andre Guedes89352e72011-11-04 14:16:53 -03002462
2463 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
2464 return;
2465
Peter Zijlstra4e857c52014-03-17 18:06:10 +01002466 smp_mb__after_atomic(); /* wake_up_bit advises about this barrier */
Andre Guedes3e13fa12013-03-27 20:04:56 -03002467 wake_up_bit(&hdev->flags, HCI_INQUIRY);
2468
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07002469 if (!hci_dev_test_flag(hdev, HCI_MGMT))
Johan Hedberg30dc78e2012-01-04 15:44:20 +02002470 return;
2471
Johan Hedberg56e5cb82011-11-08 20:40:16 +02002472 hci_dev_lock(hdev);
Johan Hedberg30dc78e2012-01-04 15:44:20 +02002473
Andre Guedes343f9352012-02-17 20:39:37 -03002474 if (discov->state != DISCOVERY_FINDING)
Johan Hedberg30dc78e2012-01-04 15:44:20 +02002475 goto unlock;
2476
2477 if (list_empty(&discov->resolve)) {
Jakub Pawlowski07d23342015-03-17 09:04:14 -07002478 /* When BR/EDR inquiry is active and no LE scanning is in
2479 * progress, then change discovery state to indicate completion.
2480 *
2481 * When running LE scanning and BR/EDR inquiry simultaneously
2482 * and the LE scan already finished, then change the discovery
2483 * state to indicate completion.
2484 */
2485 if (!hci_dev_test_flag(hdev, HCI_LE_SCAN) ||
2486 !test_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks))
2487 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
Johan Hedberg30dc78e2012-01-04 15:44:20 +02002488 goto unlock;
2489 }
2490
2491 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
2492 if (e && hci_resolve_name(hdev, e) == 0) {
2493 e->name_state = NAME_PENDING;
2494 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
2495 } else {
Jakub Pawlowski07d23342015-03-17 09:04:14 -07002496 /* When BR/EDR inquiry is active and no LE scanning is in
2497 * progress, then change discovery state to indicate completion.
2498 *
2499 * When running LE scanning and BR/EDR inquiry simultaneously
2500 * and the LE scan already finished, then change the discovery
2501 * state to indicate completion.
2502 */
2503 if (!hci_dev_test_flag(hdev, HCI_LE_SCAN) ||
2504 !test_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks))
2505 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
Johan Hedberg30dc78e2012-01-04 15:44:20 +02002506 }
2507
2508unlock:
Johan Hedberg56e5cb82011-11-08 20:40:16 +02002509 hci_dev_unlock(hdev);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002510}
2511
Gustavo Padovan6039aa72012-05-23 04:04:18 -03002512static void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -07002513{
Marcel Holtmann45bb4bf2005-08-09 20:27:49 -07002514 struct inquiry_data data;
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002515 struct inquiry_info *info = (void *) (skb->data + 1);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002516 int num_rsp = *((__u8 *) skb->data);
2517
2518 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2519
Marcel Holtmann45bb4bf2005-08-09 20:27:49 -07002520 if (!num_rsp)
2521 return;
2522
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07002523 if (hci_dev_test_flag(hdev, HCI_PERIODIC_INQ))
Andre Guedes1519cc12012-03-21 00:03:38 -03002524 return;
2525
Linus Torvalds1da177e2005-04-16 15:20:36 -07002526 hci_dev_lock(hdev);
Marcel Holtmann45bb4bf2005-08-09 20:27:49 -07002527
Johan Hedberge17acd42011-03-30 23:57:16 +03002528 for (; num_rsp; num_rsp--, info++) {
Marcel Holtmannaf589252014-07-01 14:11:20 +02002529 u32 flags;
Johan Hedberg31754052012-01-04 13:39:52 +02002530
Linus Torvalds1da177e2005-04-16 15:20:36 -07002531 bacpy(&data.bdaddr, &info->bdaddr);
2532 data.pscan_rep_mode = info->pscan_rep_mode;
2533 data.pscan_period_mode = info->pscan_period_mode;
2534 data.pscan_mode = info->pscan_mode;
2535 memcpy(data.dev_class, info->dev_class, 3);
2536 data.clock_offset = info->clock_offset;
Marcel Holtmannefb25132014-12-05 13:03:34 +01002537 data.rssi = HCI_RSSI_INVALID;
Marcel Holtmann41a96212008-07-14 20:13:48 +02002538 data.ssp_mode = 0x00;
Johan Hedberg31754052012-01-04 13:39:52 +02002539
Marcel Holtmannaf589252014-07-01 14:11:20 +02002540 flags = hci_inquiry_cache_update(hdev, &data, false);
2541
Johan Hedberg48264f02011-11-09 13:58:58 +02002542 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
Marcel Holtmannefb25132014-12-05 13:03:34 +01002543 info->dev_class, HCI_RSSI_INVALID,
2544 flags, NULL, 0, NULL, 0);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002545 }
Marcel Holtmann45bb4bf2005-08-09 20:27:49 -07002546
Linus Torvalds1da177e2005-04-16 15:20:36 -07002547 hci_dev_unlock(hdev);
2548}
2549
Gustavo Padovan6039aa72012-05-23 04:04:18 -03002550static void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -07002551{
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002552 struct hci_ev_conn_complete *ev = (void *) skb->data;
Abhishek Pandit-Subedi4f40afc2020-03-11 08:54:01 -07002553 struct inquiry_entry *ie;
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002554 struct hci_conn *conn;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002555
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002556 BT_DBG("%s", hdev->name);
Marcel Holtmann45bb4bf2005-08-09 20:27:49 -07002557
Linus Torvalds1da177e2005-04-16 15:20:36 -07002558 hci_dev_lock(hdev);
Marcel Holtmann45bb4bf2005-08-09 20:27:49 -07002559
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002560 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
Marcel Holtmann94992372009-04-19 19:30:03 +02002561 if (!conn) {
Abhishek Pandit-Subedi4f40afc2020-03-11 08:54:01 -07002562 /* Connection may not exist if auto-connected. Check the inquiry
2563 * cache to see if we've already discovered this bdaddr before.
2564 * If found and link is an ACL type, create a connection class
2565 * automatically.
2566 */
2567 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2568 if (ie && ev->link_type == ACL_LINK) {
2569 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr,
2570 HCI_ROLE_SLAVE);
2571 if (!conn) {
2572 bt_dev_err(hdev, "no memory for new conn");
2573 goto unlock;
2574 }
Abhishek Pandit-Subedi2d186fc2020-03-19 17:07:13 -07002575 } else {
2576 if (ev->link_type != SCO_LINK)
2577 goto unlock;
2578
2579 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK,
2580 &ev->bdaddr);
2581 if (!conn)
2582 goto unlock;
2583
2584 conn->type = SCO_LINK;
Abhishek Pandit-Subedi4f40afc2020-03-11 08:54:01 -07002585 }
Marcel Holtmann94992372009-04-19 19:30:03 +02002586 }
Marcel Holtmann45bb4bf2005-08-09 20:27:49 -07002587
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002588 if (!ev->status) {
2589 conn->handle = __le16_to_cpu(ev->handle);
Marcel Holtmann769be972008-07-14 20:13:49 +02002590
2591 if (conn->type == ACL_LINK) {
2592 conn->state = BT_CONFIG;
2593 hci_conn_hold(conn);
Szymon Janca9ea3ed2012-07-19 14:46:08 +02002594
2595 if (!conn->out && !hci_conn_ssp_enabled(conn) &&
2596 !hci_find_link_key(hdev, &ev->bdaddr))
2597 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2598 else
2599 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
Marcel Holtmann769be972008-07-14 20:13:49 +02002600 } else
2601 conn->state = BT_CONNECTED;
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002602
Marcel Holtmann23b9ceb2014-12-20 17:13:41 +01002603 hci_debugfs_create_conn(conn);
Marcel Holtmann7d0db0a2008-07-14 20:13:51 +02002604 hci_conn_add_sysfs(conn);
2605
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002606 if (test_bit(HCI_AUTH, &hdev->flags))
Johan Hedberg4dae2792014-06-24 17:03:50 +03002607 set_bit(HCI_CONN_AUTH, &conn->flags);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002608
2609 if (test_bit(HCI_ENCRYPT, &hdev->flags))
Johan Hedberg4dae2792014-06-24 17:03:50 +03002610 set_bit(HCI_CONN_ENCRYPT, &conn->flags);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002611
2612 /* Get remote features */
2613 if (conn->type == ACL_LINK) {
2614 struct hci_cp_read_remote_features cp;
2615 cp.handle = ev->handle;
Marcel Holtmann769be972008-07-14 20:13:49 +02002616 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
Gustavo F. Padovan04124682012-03-08 01:25:00 -03002617 sizeof(cp), &cp);
Johan Hedberg22f433d2014-08-01 11:13:32 +03002618
Johan Hedberg01b1cb82015-11-16 12:52:21 +02002619 hci_req_update_scan(hdev);
Marcel Holtmann45bb4bf2005-08-09 20:27:49 -07002620 }
Marcel Holtmann45bb4bf2005-08-09 20:27:49 -07002621
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002622 /* Set packet type for incoming connection */
Andrei Emeltchenkod095c1e2011-12-01 14:33:27 +02002623 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002624 struct hci_cp_change_conn_ptype cp;
2625 cp.handle = ev->handle;
Marcel Holtmanna8746412008-07-14 20:13:46 +02002626 cp.pkt_type = cpu_to_le16(conn->pkt_type);
Gustavo F. Padovan04124682012-03-08 01:25:00 -03002627 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, sizeof(cp),
2628 &cp);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002629 }
Johan Hedberg17d5c042011-01-22 06:09:08 +02002630 } else {
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002631 conn->state = BT_CLOSED;
Johan Hedberg17d5c042011-01-22 06:09:08 +02002632 if (conn->type == ACL_LINK)
Marcel Holtmann64c7b772014-02-18 14:22:20 -08002633 mgmt_connect_failed(hdev, &conn->dst, conn->type,
Gustavo F. Padovan04124682012-03-08 01:25:00 -03002634 conn->dst_type, ev->status);
Johan Hedberg17d5c042011-01-22 06:09:08 +02002635 }
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002636
Marcel Holtmanne73439d2010-07-26 10:06:00 -04002637 if (conn->type == ACL_LINK)
2638 hci_sco_setup(conn, ev->status);
Marcel Holtmann45bb4bf2005-08-09 20:27:49 -07002639
Marcel Holtmann769be972008-07-14 20:13:49 +02002640 if (ev->status) {
Johan Hedberg539c4962015-02-18 14:53:57 +02002641 hci_connect_cfm(conn, ev->status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002642 hci_conn_del(conn);
Sathish Narsimman1f8330e2020-04-03 21:43:58 +02002643 } else if (ev->link_type == SCO_LINK) {
2644 switch (conn->setting & SCO_AIRMODE_MASK) {
2645 case SCO_AIRMODE_CVSD:
2646 if (hdev->notify)
2647 hdev->notify(hdev, HCI_NOTIFY_ENABLE_SCO_CVSD);
2648 break;
2649 }
2650
Johan Hedberg539c4962015-02-18 14:53:57 +02002651 hci_connect_cfm(conn, ev->status);
Sathish Narsimman1f8330e2020-04-03 21:43:58 +02002652 }
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002653
2654unlock:
Linus Torvalds1da177e2005-04-16 15:20:36 -07002655 hci_dev_unlock(hdev);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002656
2657 hci_conn_check_pending(hdev);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002658}
2659
Johan Hedberg70c46422014-07-09 12:59:17 +03002660static void hci_reject_conn(struct hci_dev *hdev, bdaddr_t *bdaddr)
2661{
2662 struct hci_cp_reject_conn_req cp;
2663
2664 bacpy(&cp.bdaddr, bdaddr);
2665 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
2666 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
2667}
2668
Gustavo Padovan6039aa72012-05-23 04:04:18 -03002669static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -07002670{
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002671 struct hci_ev_conn_request *ev = (void *) skb->data;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002672 int mask = hdev->link_mode;
Johan Hedberg70c46422014-07-09 12:59:17 +03002673 struct inquiry_entry *ie;
2674 struct hci_conn *conn;
Frédéric Dalleau20714bfe2012-11-21 10:51:12 +01002675 __u8 flags = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002676
Andrei Emeltchenko6ed93dc2012-09-25 12:49:43 +03002677 BT_DBG("%s bdaddr %pMR type 0x%x", hdev->name, &ev->bdaddr,
Gustavo Padovan807deac2012-05-17 00:36:24 -03002678 ev->link_type);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002679
Frédéric Dalleau20714bfe2012-11-21 10:51:12 +01002680 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type,
2681 &flags);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002682
Johan Hedberg70c46422014-07-09 12:59:17 +03002683 if (!(mask & HCI_LM_ACCEPT)) {
2684 hci_reject_conn(hdev, &ev->bdaddr);
2685 return;
2686 }
2687
Johan Hedberg46c4c942014-07-16 16:19:21 +03002688 if (hci_bdaddr_list_lookup(&hdev->blacklist, &ev->bdaddr,
2689 BDADDR_BREDR)) {
2690 hci_reject_conn(hdev, &ev->bdaddr);
2691 return;
2692 }
2693
Johan Hedberg6a8fc952014-12-24 20:43:11 +02002694 /* Require HCI_CONNECTABLE or a whitelist entry to accept the
2695 * connection. These features are only touched through mgmt so
2696 * only do the checks if HCI_MGMT is set.
2697 */
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07002698 if (hci_dev_test_flag(hdev, HCI_MGMT) &&
2699 !hci_dev_test_flag(hdev, HCI_CONNECTABLE) &&
Johan Hedberg46c4c942014-07-16 16:19:21 +03002700 !hci_bdaddr_list_lookup(&hdev->whitelist, &ev->bdaddr,
2701 BDADDR_BREDR)) {
2702 hci_reject_conn(hdev, &ev->bdaddr);
2703 return;
Johan Hedberg70c46422014-07-09 12:59:17 +03002704 }
Linus Torvalds1da177e2005-04-16 15:20:36 -07002705
Johan Hedberg70c46422014-07-09 12:59:17 +03002706 /* Connection accepted */
Marcel Holtmannb6a0dc82007-10-20 14:55:10 +02002707
Johan Hedberg70c46422014-07-09 12:59:17 +03002708 hci_dev_lock(hdev);
Marcel Holtmannc7bdd502008-07-14 20:13:47 +02002709
Johan Hedberg70c46422014-07-09 12:59:17 +03002710 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2711 if (ie)
2712 memcpy(ie->data.dev_class, ev->dev_class, 3);
2713
2714 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type,
2715 &ev->bdaddr);
2716 if (!conn) {
Johan Hedberga5c4e302014-07-16 11:56:07 +03002717 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr,
2718 HCI_ROLE_SLAVE);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002719 if (!conn) {
Marcel Holtmann2064ee32017-10-30 10:42:59 +01002720 bt_dev_err(hdev, "no memory for new connection");
Johan Hedberg70c46422014-07-09 12:59:17 +03002721 hci_dev_unlock(hdev);
2722 return;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002723 }
Johan Hedberg70c46422014-07-09 12:59:17 +03002724 }
Marcel Holtmannb6a0dc82007-10-20 14:55:10 +02002725
Johan Hedberg70c46422014-07-09 12:59:17 +03002726 memcpy(conn->dev_class, ev->dev_class, 3);
Marcel Holtmannb6a0dc82007-10-20 14:55:10 +02002727
Johan Hedberg70c46422014-07-09 12:59:17 +03002728 hci_dev_unlock(hdev);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002729
Johan Hedberg70c46422014-07-09 12:59:17 +03002730 if (ev->link_type == ACL_LINK ||
2731 (!(flags & HCI_PROTO_DEFER) && !lmp_esco_capable(hdev))) {
2732 struct hci_cp_accept_conn_req cp;
2733 conn->state = BT_CONNECT;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002734
2735 bacpy(&cp.bdaddr, &ev->bdaddr);
Johan Hedberg70c46422014-07-09 12:59:17 +03002736
2737 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
2738 cp.role = 0x00; /* Become master */
2739 else
2740 cp.role = 0x01; /* Remain slave */
2741
2742 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp), &cp);
2743 } else if (!(flags & HCI_PROTO_DEFER)) {
2744 struct hci_cp_accept_sync_conn_req cp;
2745 conn->state = BT_CONNECT;
2746
2747 bacpy(&cp.bdaddr, &ev->bdaddr);
2748 cp.pkt_type = cpu_to_le16(conn->pkt_type);
2749
2750 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
2751 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
2752 cp.max_latency = cpu_to_le16(0xffff);
2753 cp.content_format = cpu_to_le16(hdev->voice_setting);
2754 cp.retrans_effort = 0xff;
2755
2756 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ, sizeof(cp),
2757 &cp);
2758 } else {
2759 conn->state = BT_CONNECT2;
Johan Hedberg539c4962015-02-18 14:53:57 +02002760 hci_connect_cfm(conn, 0);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002761 }
2762}
2763
Mikel Astizf0d6a0e2012-08-09 09:52:30 +02002764static u8 hci_to_mgmt_reason(u8 err)
2765{
2766 switch (err) {
2767 case HCI_ERROR_CONNECTION_TIMEOUT:
2768 return MGMT_DEV_DISCONN_TIMEOUT;
2769 case HCI_ERROR_REMOTE_USER_TERM:
2770 case HCI_ERROR_REMOTE_LOW_RESOURCES:
2771 case HCI_ERROR_REMOTE_POWER_OFF:
2772 return MGMT_DEV_DISCONN_REMOTE;
2773 case HCI_ERROR_LOCAL_HOST_TERM:
2774 return MGMT_DEV_DISCONN_LOCAL_HOST;
2775 default:
2776 return MGMT_DEV_DISCONN_UNKNOWN;
2777 }
2778}
2779
Gustavo Padovan6039aa72012-05-23 04:04:18 -03002780static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -07002781{
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002782 struct hci_ev_disconn_complete *ev = (void *) skb->data;
Szymon Janc160b9252016-07-12 02:12:16 +02002783 u8 reason;
Andre Guedes9fcb18e2014-02-26 20:21:48 -03002784 struct hci_conn_params *params;
Marcel Holtmann04837f62006-07-03 10:02:33 +02002785 struct hci_conn *conn;
Johan Hedberg12d4a3b2014-02-24 14:52:18 +02002786 bool mgmt_connected;
Andre Guedes38462202013-11-07 17:36:10 -03002787 u8 type;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002788
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03002789 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002790
Linus Torvalds1da177e2005-04-16 15:20:36 -07002791 hci_dev_lock(hdev);
2792
Marcel Holtmann04837f62006-07-03 10:02:33 +02002793 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
Johan Hedbergf7520542011-01-20 12:34:39 +02002794 if (!conn)
2795 goto unlock;
Marcel Holtmann7d0db0a2008-07-14 20:13:51 +02002796
Andre Guedesabf54a52013-11-07 17:36:09 -03002797 if (ev->status) {
2798 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
2799 conn->dst_type, ev->status);
2800 goto unlock;
Johan Hedberg37d9ef72011-11-10 15:54:39 +02002801 }
Johan Hedbergf7520542011-01-20 12:34:39 +02002802
Andre Guedes38462202013-11-07 17:36:10 -03002803 conn->state = BT_CLOSED;
2804
Johan Hedberg12d4a3b2014-02-24 14:52:18 +02002805 mgmt_connected = test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags);
Szymon Janc160b9252016-07-12 02:12:16 +02002806
2807 if (test_bit(HCI_CONN_AUTH_FAILURE, &conn->flags))
2808 reason = MGMT_DEV_DISCONN_AUTH_FAILURE;
2809 else
2810 reason = hci_to_mgmt_reason(ev->reason);
2811
Johan Hedberg12d4a3b2014-02-24 14:52:18 +02002812 mgmt_device_disconnected(hdev, &conn->dst, conn->type, conn->dst_type,
2813 reason, mgmt_connected);
Andre Guedesabf54a52013-11-07 17:36:09 -03002814
Johan Hedberg22f433d2014-08-01 11:13:32 +03002815 if (conn->type == ACL_LINK) {
2816 if (test_bit(HCI_CONN_FLUSH_KEY, &conn->flags))
2817 hci_remove_link_key(hdev, &conn->dst);
2818
Johan Hedberg01b1cb82015-11-16 12:52:21 +02002819 hci_req_update_scan(hdev);
Johan Hedberg22f433d2014-08-01 11:13:32 +03002820 }
Johan Hedberg22102462013-10-05 12:01:06 +02002821
Andre Guedes9fcb18e2014-02-26 20:21:48 -03002822 params = hci_conn_params_lookup(hdev, &conn->dst, conn->dst_type);
2823 if (params) {
2824 switch (params->auto_connect) {
2825 case HCI_AUTO_CONN_LINK_LOSS:
2826 if (ev->reason != HCI_ERROR_CONNECTION_TIMEOUT)
2827 break;
2828 /* Fall through */
2829
Marcel Holtmann4b9e7e72014-07-23 21:55:23 +02002830 case HCI_AUTO_CONN_DIRECT:
Andre Guedes9fcb18e2014-02-26 20:21:48 -03002831 case HCI_AUTO_CONN_ALWAYS:
Johan Hedberg418025d2014-07-04 12:37:24 +03002832 list_del_init(&params->action);
2833 list_add(&params->action, &hdev->pend_le_conns);
2834 hci_update_background_scan(hdev);
Andre Guedes9fcb18e2014-02-26 20:21:48 -03002835 break;
2836
2837 default:
2838 break;
2839 }
2840 }
2841
Andre Guedes38462202013-11-07 17:36:10 -03002842 type = conn->type;
Johan Hedberg22102462013-10-05 12:01:06 +02002843
Johan Hedberg3a6d5762015-02-18 14:53:58 +02002844 hci_disconn_cfm(conn, ev->reason);
Andre Guedes38462202013-11-07 17:36:10 -03002845 hci_conn_del(conn);
2846
Abhishek Pandit-Subedi4f40afc2020-03-11 08:54:01 -07002847 /* The suspend notifier is waiting for all devices to disconnect so
2848 * clear the bit from pending tasks and inform the wait queue.
2849 */
2850 if (list_empty(&hdev->conn_hash.list) &&
2851 test_and_clear_bit(SUSPEND_DISCONNECTING, hdev->suspend_tasks)) {
2852 wake_up(&hdev->suspend_wait_q);
2853 }
2854
Andre Guedes38462202013-11-07 17:36:10 -03002855 /* Re-enable advertising if necessary, since it might
2856 * have been disabled by the connection. From the
2857 * HCI_LE_Set_Advertise_Enable command description in
2858 * the core specification (v4.0):
2859 * "The Controller shall continue advertising until the Host
2860 * issues an LE_Set_Advertise_Enable command with
2861 * Advertising_Enable set to 0x00 (Advertising is disabled)
2862 * or until a connection is created or until the Advertising
2863 * is timed out due to Directed Advertising."
2864 */
2865 if (type == LE_LINK)
Johan Hedbergf2252572015-11-18 12:49:20 +02002866 hci_req_reenable_advertising(hdev);
Johan Hedbergf7520542011-01-20 12:34:39 +02002867
2868unlock:
Linus Torvalds1da177e2005-04-16 15:20:36 -07002869 hci_dev_unlock(hdev);
2870}
2871
Gustavo Padovan6039aa72012-05-23 04:04:18 -03002872static void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002873{
2874 struct hci_ev_auth_complete *ev = (void *) skb->data;
2875 struct hci_conn *conn;
2876
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03002877 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002878
2879 hci_dev_lock(hdev);
2880
2881 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
Waldemar Rymarkiewiczd7556e22011-05-31 15:49:26 +02002882 if (!conn)
2883 goto unlock;
2884
2885 if (!ev->status) {
Szymon Janc160b9252016-07-12 02:12:16 +02002886 clear_bit(HCI_CONN_AUTH_FAILURE, &conn->flags);
2887
Johan Hedbergaa64a8b2012-01-18 21:33:12 +02002888 if (!hci_conn_ssp_enabled(conn) &&
Gustavo Padovan807deac2012-05-17 00:36:24 -03002889 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
Marcel Holtmann2064ee32017-10-30 10:42:59 +01002890 bt_dev_info(hdev, "re-auth of legacy device is not possible.");
Johan Hedberg2a611692011-02-19 12:06:00 -03002891 } else {
Johan Hedberg4dae2792014-06-24 17:03:50 +03002892 set_bit(HCI_CONN_AUTH, &conn->flags);
Waldemar Rymarkiewiczd7556e22011-05-31 15:49:26 +02002893 conn->sec_level = conn->pending_sec_level;
Johan Hedberg2a611692011-02-19 12:06:00 -03002894 }
Waldemar Rymarkiewiczd7556e22011-05-31 15:49:26 +02002895 } else {
Szymon Janc160b9252016-07-12 02:12:16 +02002896 if (ev->status == HCI_ERROR_PIN_OR_KEY_MISSING)
2897 set_bit(HCI_CONN_AUTH_FAILURE, &conn->flags);
2898
Johan Hedberge1e930f2014-09-08 17:09:49 -07002899 mgmt_auth_failed(conn, ev->status);
Waldemar Rymarkiewiczd7556e22011-05-31 15:49:26 +02002900 }
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002901
Johan Hedberg51a8efd2012-01-16 06:10:31 +02002902 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
2903 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002904
Waldemar Rymarkiewiczd7556e22011-05-31 15:49:26 +02002905 if (conn->state == BT_CONFIG) {
Johan Hedbergaa64a8b2012-01-18 21:33:12 +02002906 if (!ev->status && hci_conn_ssp_enabled(conn)) {
Waldemar Rymarkiewiczd7556e22011-05-31 15:49:26 +02002907 struct hci_cp_set_conn_encrypt cp;
2908 cp.handle = ev->handle;
2909 cp.encrypt = 0x01;
2910 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
Gustavo Padovan807deac2012-05-17 00:36:24 -03002911 &cp);
Marcel Holtmann052b30b2009-04-26 20:01:22 +02002912 } else {
Waldemar Rymarkiewiczd7556e22011-05-31 15:49:26 +02002913 conn->state = BT_CONNECTED;
Johan Hedberg539c4962015-02-18 14:53:57 +02002914 hci_connect_cfm(conn, ev->status);
David Herrmann76a68ba2013-04-06 20:28:37 +02002915 hci_conn_drop(conn);
Marcel Holtmann052b30b2009-04-26 20:01:22 +02002916 }
Waldemar Rymarkiewiczd7556e22011-05-31 15:49:26 +02002917 } else {
2918 hci_auth_cfm(conn, ev->status);
Marcel Holtmann052b30b2009-04-26 20:01:22 +02002919
Waldemar Rymarkiewiczd7556e22011-05-31 15:49:26 +02002920 hci_conn_hold(conn);
2921 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
David Herrmann76a68ba2013-04-06 20:28:37 +02002922 hci_conn_drop(conn);
Waldemar Rymarkiewiczd7556e22011-05-31 15:49:26 +02002923 }
2924
Johan Hedberg51a8efd2012-01-16 06:10:31 +02002925 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
Waldemar Rymarkiewiczd7556e22011-05-31 15:49:26 +02002926 if (!ev->status) {
2927 struct hci_cp_set_conn_encrypt cp;
2928 cp.handle = ev->handle;
2929 cp.encrypt = 0x01;
2930 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
Gustavo Padovan807deac2012-05-17 00:36:24 -03002931 &cp);
Waldemar Rymarkiewiczd7556e22011-05-31 15:49:26 +02002932 } else {
Johan Hedberg51a8efd2012-01-16 06:10:31 +02002933 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
Luiz Augusto von Dentz3ca44c12020-05-19 13:25:19 -07002934 hci_encrypt_cfm(conn, ev->status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002935 }
2936 }
2937
Waldemar Rymarkiewiczd7556e22011-05-31 15:49:26 +02002938unlock:
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002939 hci_dev_unlock(hdev);
2940}
2941
Gustavo Padovan6039aa72012-05-23 04:04:18 -03002942static void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002943{
Johan Hedberg127178d2010-11-18 22:22:29 +02002944 struct hci_ev_remote_name *ev = (void *) skb->data;
2945 struct hci_conn *conn;
2946
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002947 BT_DBG("%s", hdev->name);
2948
2949 hci_conn_check_pending(hdev);
Johan Hedberg127178d2010-11-18 22:22:29 +02002950
2951 hci_dev_lock(hdev);
2952
2953 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
Johan Hedbergb644ba32012-01-17 21:48:47 +02002954
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07002955 if (!hci_dev_test_flag(hdev, HCI_MGMT))
Johan Hedbergb644ba32012-01-17 21:48:47 +02002956 goto check_auth;
2957
2958 if (ev->status == 0)
2959 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
Gustavo F. Padovan04124682012-03-08 01:25:00 -03002960 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
Johan Hedbergb644ba32012-01-17 21:48:47 +02002961 else
2962 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
2963
2964check_auth:
Johan Hedberg79c6c702011-04-28 11:28:55 -07002965 if (!conn)
2966 goto unlock;
2967
2968 if (!hci_outgoing_auth_needed(hdev, conn))
2969 goto unlock;
2970
Johan Hedberg51a8efd2012-01-16 06:10:31 +02002971 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
Johan Hedberg127178d2010-11-18 22:22:29 +02002972 struct hci_cp_auth_requested cp;
Johan Hedberg977f8fc2014-07-17 15:35:39 +03002973
2974 set_bit(HCI_CONN_AUTH_INITIATOR, &conn->flags);
2975
Johan Hedberg127178d2010-11-18 22:22:29 +02002976 cp.handle = __cpu_to_le16(conn->handle);
2977 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
2978 }
2979
Johan Hedberg79c6c702011-04-28 11:28:55 -07002980unlock:
Johan Hedberg127178d2010-11-18 22:22:29 +02002981 hci_dev_unlock(hdev);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02002982}
2983
Johan Hedberg821f3762015-06-11 13:52:29 +03002984static void read_enc_key_size_complete(struct hci_dev *hdev, u8 status,
2985 u16 opcode, struct sk_buff *skb)
2986{
2987 const struct hci_rp_read_enc_key_size *rp;
2988 struct hci_conn *conn;
2989 u16 handle;
2990
2991 BT_DBG("%s status 0x%02x", hdev->name, status);
2992
2993 if (!skb || skb->len < sizeof(*rp)) {
Marcel Holtmann2064ee32017-10-30 10:42:59 +01002994 bt_dev_err(hdev, "invalid read key size response");
Johan Hedberg821f3762015-06-11 13:52:29 +03002995 return;
2996 }
2997
2998 rp = (void *)skb->data;
2999 handle = le16_to_cpu(rp->handle);
3000
3001 hci_dev_lock(hdev);
3002
3003 conn = hci_conn_hash_lookup_handle(hdev, handle);
3004 if (!conn)
3005 goto unlock;
3006
Alain Michaud32b50722020-03-25 14:48:34 +00003007 /* While unexpected, the read_enc_key_size command may fail. The most
3008 * secure approach is to then assume the key size is 0 to force a
3009 * disconnection.
Johan Hedberg821f3762015-06-11 13:52:29 +03003010 */
3011 if (rp->status) {
Marcel Holtmann2064ee32017-10-30 10:42:59 +01003012 bt_dev_err(hdev, "failed to read key size for handle %u",
3013 handle);
Alain Michaud32b50722020-03-25 14:48:34 +00003014 conn->enc_key_size = 0;
Johan Hedberg821f3762015-06-11 13:52:29 +03003015 } else {
3016 conn->enc_key_size = rp->key_size;
3017 }
3018
Luiz Augusto von Dentz3ca44c12020-05-19 13:25:19 -07003019 hci_encrypt_cfm(conn, 0);
Johan Hedberg821f3762015-06-11 13:52:29 +03003020
3021unlock:
3022 hci_dev_unlock(hdev);
3023}
3024
Gustavo Padovan6039aa72012-05-23 04:04:18 -03003025static void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003026{
3027 struct hci_ev_encrypt_change *ev = (void *) skb->data;
3028 struct hci_conn *conn;
3029
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03003030 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003031
3032 hci_dev_lock(hdev);
3033
3034 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
Marcel Holtmanndc8357c2014-01-31 16:24:27 -08003035 if (!conn)
3036 goto unlock;
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003037
Marcel Holtmanndc8357c2014-01-31 16:24:27 -08003038 if (!ev->status) {
3039 if (ev->encrypt) {
3040 /* Encryption implies authentication */
Johan Hedberg4dae2792014-06-24 17:03:50 +03003041 set_bit(HCI_CONN_AUTH, &conn->flags);
3042 set_bit(HCI_CONN_ENCRYPT, &conn->flags);
Marcel Holtmanndc8357c2014-01-31 16:24:27 -08003043 conn->sec_level = conn->pending_sec_level;
Marcel Holtmannabf76ba2014-01-31 16:24:28 -08003044
Marcel Holtmann914a6ff2014-02-01 11:52:02 -08003045 /* P-256 authentication key implies FIPS */
3046 if (conn->key_type == HCI_LK_AUTH_COMBINATION_P256)
Johan Hedberg4dae2792014-06-24 17:03:50 +03003047 set_bit(HCI_CONN_FIPS, &conn->flags);
Marcel Holtmann914a6ff2014-02-01 11:52:02 -08003048
Marcel Holtmannabf76ba2014-01-31 16:24:28 -08003049 if ((conn->type == ACL_LINK && ev->encrypt == 0x02) ||
3050 conn->type == LE_LINK)
3051 set_bit(HCI_CONN_AES_CCM, &conn->flags);
3052 } else {
Johan Hedberg4dae2792014-06-24 17:03:50 +03003053 clear_bit(HCI_CONN_ENCRYPT, &conn->flags);
Marcel Holtmannabf76ba2014-01-31 16:24:28 -08003054 clear_bit(HCI_CONN_AES_CCM, &conn->flags);
3055 }
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003056 }
3057
Johan Hedberg7ed3fa22014-09-10 22:16:35 -07003058 /* We should disregard the current RPA and generate a new one
3059 * whenever the encryption procedure fails.
3060 */
Jaganath Kanakkasserya73c0462018-07-19 17:09:45 +05303061 if (ev->status && conn->type == LE_LINK) {
Marcel Holtmanna1536da2015-03-13 02:11:01 -07003062 hci_dev_set_flag(hdev, HCI_RPA_EXPIRED);
Jaganath Kanakkasserya73c0462018-07-19 17:09:45 +05303063 hci_adv_instances_set_rpa_expired(hdev, true);
3064 }
Johan Hedberg7ed3fa22014-09-10 22:16:35 -07003065
Marcel Holtmanndc8357c2014-01-31 16:24:27 -08003066 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
3067
3068 if (ev->status && conn->state == BT_CONNECTED) {
Szymon Janc160b9252016-07-12 02:12:16 +02003069 if (ev->status == HCI_ERROR_PIN_OR_KEY_MISSING)
3070 set_bit(HCI_CONN_AUTH_FAILURE, &conn->flags);
3071
Marcel Holtmanndc8357c2014-01-31 16:24:27 -08003072 hci_disconnect(conn, HCI_ERROR_AUTH_FAILURE);
3073 hci_conn_drop(conn);
3074 goto unlock;
3075 }
3076
Johan Hedberg035ad622015-06-11 13:52:28 +03003077 /* In Secure Connections Only mode, do not allow any connections
3078 * that are not encrypted with AES-CCM using a P-256 authenticated
3079 * combination key.
3080 */
3081 if (hci_dev_test_flag(hdev, HCI_SC_ONLY) &&
3082 (!test_bit(HCI_CONN_AES_CCM, &conn->flags) ||
3083 conn->key_type != HCI_LK_AUTH_COMBINATION_P256)) {
3084 hci_connect_cfm(conn, HCI_ERROR_AUTH_FAILURE);
3085 hci_conn_drop(conn);
3086 goto unlock;
3087 }
3088
Johan Hedberg821f3762015-06-11 13:52:29 +03003089 /* Try reading the encryption key size for encrypted ACL links */
3090 if (!ev->status && ev->encrypt && conn->type == ACL_LINK) {
3091 struct hci_cp_read_enc_key_size cp;
3092 struct hci_request req;
3093
3094 /* Only send HCI_Read_Encryption_Key_Size if the
3095 * controller really supports it. If it doesn't, assume
3096 * the default size (16).
3097 */
3098 if (!(hdev->commands[20] & 0x10)) {
3099 conn->enc_key_size = HCI_LINK_KEY_SIZE;
3100 goto notify;
3101 }
3102
3103 hci_req_init(&req, hdev);
3104
3105 cp.handle = cpu_to_le16(conn->handle);
3106 hci_req_add(&req, HCI_OP_READ_ENC_KEY_SIZE, sizeof(cp), &cp);
3107
3108 if (hci_req_run_skb(&req, read_enc_key_size_complete)) {
Marcel Holtmann2064ee32017-10-30 10:42:59 +01003109 bt_dev_err(hdev, "sending read key size failed");
Johan Hedberg821f3762015-06-11 13:52:29 +03003110 conn->enc_key_size = HCI_LINK_KEY_SIZE;
3111 goto notify;
3112 }
3113
3114 goto unlock;
3115 }
3116
Spoorthi Ravishankar Koppad302975c2019-06-21 14:51:56 +05303117 /* Set the default Authenticated Payload Timeout after
3118 * an LE Link is established. As per Core Spec v5.0, Vol 2, Part B
3119 * Section 3.3, the HCI command WRITE_AUTH_PAYLOAD_TIMEOUT should be
3120 * sent when the link is active and Encryption is enabled, the conn
3121 * type can be either LE or ACL and controller must support LMP Ping.
3122 * Ensure for AES-CCM encryption as well.
3123 */
3124 if (test_bit(HCI_CONN_ENCRYPT, &conn->flags) &&
3125 test_bit(HCI_CONN_AES_CCM, &conn->flags) &&
3126 ((conn->type == ACL_LINK && lmp_ping_capable(hdev)) ||
3127 (conn->type == LE_LINK && (hdev->le_features[0] & HCI_LE_PING)))) {
3128 struct hci_cp_write_auth_payload_to cp;
3129
3130 cp.handle = cpu_to_le16(conn->handle);
3131 cp.timeout = cpu_to_le16(hdev->auth_payload_timeout);
3132 hci_send_cmd(conn->hdev, HCI_OP_WRITE_AUTH_PAYLOAD_TO,
3133 sizeof(cp), &cp);
3134 }
3135
Johan Hedberg821f3762015-06-11 13:52:29 +03003136notify:
Luiz Augusto von Dentz3ca44c12020-05-19 13:25:19 -07003137 hci_encrypt_cfm(conn, ev->status);
Marcel Holtmanndc8357c2014-01-31 16:24:27 -08003138
Gustavo Padovana7d77232012-05-13 03:20:07 -03003139unlock:
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003140 hci_dev_unlock(hdev);
3141}
3142
Gustavo Padovan6039aa72012-05-23 04:04:18 -03003143static void hci_change_link_key_complete_evt(struct hci_dev *hdev,
3144 struct sk_buff *skb)
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003145{
3146 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
3147 struct hci_conn *conn;
3148
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03003149 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003150
3151 hci_dev_lock(hdev);
3152
3153 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3154 if (conn) {
3155 if (!ev->status)
Johan Hedberg4dae2792014-06-24 17:03:50 +03003156 set_bit(HCI_CONN_SECURE, &conn->flags);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003157
Johan Hedberg51a8efd2012-01-16 06:10:31 +02003158 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003159
3160 hci_key_change_cfm(conn, ev->status);
3161 }
3162
3163 hci_dev_unlock(hdev);
3164}
3165
Gustavo Padovan6039aa72012-05-23 04:04:18 -03003166static void hci_remote_features_evt(struct hci_dev *hdev,
3167 struct sk_buff *skb)
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003168{
3169 struct hci_ev_remote_features *ev = (void *) skb->data;
3170 struct hci_conn *conn;
3171
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03003172 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003173
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003174 hci_dev_lock(hdev);
3175
3176 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
Johan Hedbergccd556f2010-11-10 17:11:51 +02003177 if (!conn)
3178 goto unlock;
Marcel Holtmann769be972008-07-14 20:13:49 +02003179
Johan Hedbergccd556f2010-11-10 17:11:51 +02003180 if (!ev->status)
Johan Hedbergcad718e2013-04-17 15:00:51 +03003181 memcpy(conn->features[0], ev->features, 8);
Johan Hedbergccd556f2010-11-10 17:11:51 +02003182
3183 if (conn->state != BT_CONFIG)
3184 goto unlock;
3185
Szymon Jancac363cf2015-01-29 16:36:59 +01003186 if (!ev->status && lmp_ext_feat_capable(hdev) &&
3187 lmp_ext_feat_capable(conn)) {
Johan Hedbergccd556f2010-11-10 17:11:51 +02003188 struct hci_cp_read_remote_ext_features cp;
3189 cp.handle = ev->handle;
3190 cp.page = 0x01;
3191 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
Gustavo Padovan807deac2012-05-17 00:36:24 -03003192 sizeof(cp), &cp);
Johan Hedberg392599b2010-11-18 22:22:28 +02003193 goto unlock;
3194 }
3195
Johan Hedberg671267b2012-05-12 16:11:50 -03003196 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
Johan Hedberg127178d2010-11-18 22:22:29 +02003197 struct hci_cp_remote_name_req cp;
3198 memset(&cp, 0, sizeof(cp));
3199 bacpy(&cp.bdaddr, &conn->dst);
3200 cp.pscan_rep_mode = 0x02;
3201 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
Johan Hedbergb644ba32012-01-17 21:48:47 +02003202 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
Alfonso Acosta48ec92f2014-10-07 08:44:10 +00003203 mgmt_device_connected(hdev, conn, 0, NULL, 0);
Johan Hedberg392599b2010-11-18 22:22:28 +02003204
Johan Hedberg127178d2010-11-18 22:22:29 +02003205 if (!hci_outgoing_auth_needed(hdev, conn)) {
Johan Hedbergccd556f2010-11-10 17:11:51 +02003206 conn->state = BT_CONNECTED;
Johan Hedberg539c4962015-02-18 14:53:57 +02003207 hci_connect_cfm(conn, ev->status);
David Herrmann76a68ba2013-04-06 20:28:37 +02003208 hci_conn_drop(conn);
Marcel Holtmann769be972008-07-14 20:13:49 +02003209 }
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003210
Johan Hedbergccd556f2010-11-10 17:11:51 +02003211unlock:
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003212 hci_dev_unlock(hdev);
3213}
3214
Johan Hedberge62144872015-04-02 13:41:08 +03003215static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb,
3216 u16 *opcode, u8 *status,
3217 hci_req_complete_t *req_complete,
3218 hci_req_complete_skb_t *req_complete_skb)
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003219{
3220 struct hci_ev_cmd_complete *ev = (void *) skb->data;
Johan Hedberge62144872015-04-02 13:41:08 +03003221
3222 *opcode = __le16_to_cpu(ev->opcode);
3223 *status = skb->data[sizeof(*ev)];
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003224
3225 skb_pull(skb, sizeof(*ev));
3226
Johan Hedberge62144872015-04-02 13:41:08 +03003227 switch (*opcode) {
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003228 case HCI_OP_INQUIRY_CANCEL:
Sonny Sasakaadf1d692020-05-06 12:55:03 -07003229 hci_cc_inquiry_cancel(hdev, skb, status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003230 break;
3231
Andre Guedes4d934832012-03-21 00:03:35 -03003232 case HCI_OP_PERIODIC_INQ:
3233 hci_cc_periodic_inq(hdev, skb);
3234 break;
3235
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003236 case HCI_OP_EXIT_PERIODIC_INQ:
3237 hci_cc_exit_periodic_inq(hdev, skb);
3238 break;
3239
3240 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
3241 hci_cc_remote_name_req_cancel(hdev, skb);
3242 break;
3243
3244 case HCI_OP_ROLE_DISCOVERY:
3245 hci_cc_role_discovery(hdev, skb);
3246 break;
3247
Marcel Holtmanne4e8e372008-07-14 20:13:47 +02003248 case HCI_OP_READ_LINK_POLICY:
3249 hci_cc_read_link_policy(hdev, skb);
3250 break;
3251
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003252 case HCI_OP_WRITE_LINK_POLICY:
3253 hci_cc_write_link_policy(hdev, skb);
3254 break;
3255
Marcel Holtmanne4e8e372008-07-14 20:13:47 +02003256 case HCI_OP_READ_DEF_LINK_POLICY:
3257 hci_cc_read_def_link_policy(hdev, skb);
3258 break;
3259
3260 case HCI_OP_WRITE_DEF_LINK_POLICY:
3261 hci_cc_write_def_link_policy(hdev, skb);
3262 break;
3263
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003264 case HCI_OP_RESET:
3265 hci_cc_reset(hdev, skb);
3266 break;
3267
Marcel Holtmannc2f0f972015-01-12 09:21:25 -08003268 case HCI_OP_READ_STORED_LINK_KEY:
3269 hci_cc_read_stored_link_key(hdev, skb);
3270 break;
3271
Marcel Holtmanna93661202015-01-12 09:21:28 -08003272 case HCI_OP_DELETE_STORED_LINK_KEY:
3273 hci_cc_delete_stored_link_key(hdev, skb);
3274 break;
3275
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003276 case HCI_OP_WRITE_LOCAL_NAME:
3277 hci_cc_write_local_name(hdev, skb);
3278 break;
3279
3280 case HCI_OP_READ_LOCAL_NAME:
3281 hci_cc_read_local_name(hdev, skb);
3282 break;
3283
3284 case HCI_OP_WRITE_AUTH_ENABLE:
3285 hci_cc_write_auth_enable(hdev, skb);
3286 break;
3287
3288 case HCI_OP_WRITE_ENCRYPT_MODE:
3289 hci_cc_write_encrypt_mode(hdev, skb);
3290 break;
3291
3292 case HCI_OP_WRITE_SCAN_ENABLE:
3293 hci_cc_write_scan_enable(hdev, skb);
3294 break;
3295
3296 case HCI_OP_READ_CLASS_OF_DEV:
3297 hci_cc_read_class_of_dev(hdev, skb);
3298 break;
3299
3300 case HCI_OP_WRITE_CLASS_OF_DEV:
3301 hci_cc_write_class_of_dev(hdev, skb);
3302 break;
3303
3304 case HCI_OP_READ_VOICE_SETTING:
3305 hci_cc_read_voice_setting(hdev, skb);
3306 break;
3307
3308 case HCI_OP_WRITE_VOICE_SETTING:
3309 hci_cc_write_voice_setting(hdev, skb);
3310 break;
3311
Marcel Holtmannb4cb9fb2013-10-14 13:56:16 -07003312 case HCI_OP_READ_NUM_SUPPORTED_IAC:
3313 hci_cc_read_num_supported_iac(hdev, skb);
3314 break;
3315
Marcel Holtmann333140b2008-07-14 20:13:48 +02003316 case HCI_OP_WRITE_SSP_MODE:
3317 hci_cc_write_ssp_mode(hdev, skb);
3318 break;
3319
Marcel Holtmanneac83dc2014-01-10 02:07:23 -08003320 case HCI_OP_WRITE_SC_SUPPORT:
3321 hci_cc_write_sc_support(hdev, skb);
3322 break;
3323
Spoorthi Ravishankar Koppad302975c2019-06-21 14:51:56 +05303324 case HCI_OP_READ_AUTH_PAYLOAD_TO:
3325 hci_cc_read_auth_payload_timeout(hdev, skb);
3326 break;
3327
3328 case HCI_OP_WRITE_AUTH_PAYLOAD_TO:
3329 hci_cc_write_auth_payload_timeout(hdev, skb);
3330 break;
3331
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003332 case HCI_OP_READ_LOCAL_VERSION:
3333 hci_cc_read_local_version(hdev, skb);
3334 break;
3335
3336 case HCI_OP_READ_LOCAL_COMMANDS:
3337 hci_cc_read_local_commands(hdev, skb);
3338 break;
3339
3340 case HCI_OP_READ_LOCAL_FEATURES:
3341 hci_cc_read_local_features(hdev, skb);
3342 break;
3343
Andre Guedes971e3a42011-06-30 19:20:52 -03003344 case HCI_OP_READ_LOCAL_EXT_FEATURES:
3345 hci_cc_read_local_ext_features(hdev, skb);
3346 break;
3347
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003348 case HCI_OP_READ_BUFFER_SIZE:
3349 hci_cc_read_buffer_size(hdev, skb);
3350 break;
3351
3352 case HCI_OP_READ_BD_ADDR:
3353 hci_cc_read_bd_addr(hdev, skb);
3354 break;
3355
Marcel Holtmanna4790362020-04-03 21:44:04 +02003356 case HCI_OP_READ_LOCAL_PAIRING_OPTS:
3357 hci_cc_read_local_pairing_opts(hdev, skb);
3358 break;
3359
Johan Hedbergf332ec62013-03-15 17:07:11 -05003360 case HCI_OP_READ_PAGE_SCAN_ACTIVITY:
3361 hci_cc_read_page_scan_activity(hdev, skb);
3362 break;
3363
Johan Hedberg4a3ee762013-03-15 17:07:12 -05003364 case HCI_OP_WRITE_PAGE_SCAN_ACTIVITY:
3365 hci_cc_write_page_scan_activity(hdev, skb);
3366 break;
3367
Johan Hedbergf332ec62013-03-15 17:07:11 -05003368 case HCI_OP_READ_PAGE_SCAN_TYPE:
3369 hci_cc_read_page_scan_type(hdev, skb);
3370 break;
3371
Johan Hedberg4a3ee762013-03-15 17:07:12 -05003372 case HCI_OP_WRITE_PAGE_SCAN_TYPE:
3373 hci_cc_write_page_scan_type(hdev, skb);
3374 break;
3375
Andrei Emeltchenko350ee4c2011-12-07 15:56:51 +02003376 case HCI_OP_READ_DATA_BLOCK_SIZE:
3377 hci_cc_read_data_block_size(hdev, skb);
3378 break;
3379
Andrei Emeltchenko1e89cff2011-11-24 14:52:02 +02003380 case HCI_OP_READ_FLOW_CONTROL_MODE:
3381 hci_cc_read_flow_control_mode(hdev, skb);
3382 break;
3383
Andrei Emeltchenko928abaa2011-10-12 10:53:57 +03003384 case HCI_OP_READ_LOCAL_AMP_INFO:
3385 hci_cc_read_local_amp_info(hdev, skb);
3386 break;
3387
Johan Hedberg33f35722014-06-28 17:54:06 +03003388 case HCI_OP_READ_CLOCK:
3389 hci_cc_read_clock(hdev, skb);
3390 break;
3391
Johan Hedbergd5859e22011-01-25 01:19:58 +02003392 case HCI_OP_READ_INQ_RSP_TX_POWER:
3393 hci_cc_read_inq_rsp_tx_power(hdev, skb);
3394 break;
3395
Alain Michaud00bce3f2020-03-05 16:14:59 +00003396 case HCI_OP_READ_DEF_ERR_DATA_REPORTING:
3397 hci_cc_read_def_err_data_reporting(hdev, skb);
3398 break;
3399
3400 case HCI_OP_WRITE_DEF_ERR_DATA_REPORTING:
3401 hci_cc_write_def_err_data_reporting(hdev, skb);
3402 break;
3403
Johan Hedberg980e1a52011-01-22 06:10:07 +02003404 case HCI_OP_PIN_CODE_REPLY:
3405 hci_cc_pin_code_reply(hdev, skb);
3406 break;
3407
3408 case HCI_OP_PIN_CODE_NEG_REPLY:
3409 hci_cc_pin_code_neg_reply(hdev, skb);
3410 break;
3411
Szymon Jancc35938b2011-03-22 13:12:21 +01003412 case HCI_OP_READ_LOCAL_OOB_DATA:
Marcel Holtmann4d2d2792014-01-10 02:07:26 -08003413 hci_cc_read_local_oob_data(hdev, skb);
3414 break;
3415
3416 case HCI_OP_READ_LOCAL_OOB_EXT_DATA:
3417 hci_cc_read_local_oob_ext_data(hdev, skb);
Szymon Jancc35938b2011-03-22 13:12:21 +01003418 break;
3419
Ville Tervo6ed58ec2011-02-10 22:38:48 -03003420 case HCI_OP_LE_READ_BUFFER_SIZE:
3421 hci_cc_le_read_buffer_size(hdev, skb);
3422 break;
3423
Johan Hedberg60e77322013-01-22 14:01:59 +02003424 case HCI_OP_LE_READ_LOCAL_FEATURES:
3425 hci_cc_le_read_local_features(hdev, skb);
3426 break;
3427
Johan Hedberg8fa19092012-10-19 20:57:49 +03003428 case HCI_OP_LE_READ_ADV_TX_POWER:
3429 hci_cc_le_read_adv_tx_power(hdev, skb);
3430 break;
3431
Johan Hedberga5c29682011-02-19 12:05:57 -03003432 case HCI_OP_USER_CONFIRM_REPLY:
3433 hci_cc_user_confirm_reply(hdev, skb);
3434 break;
3435
3436 case HCI_OP_USER_CONFIRM_NEG_REPLY:
3437 hci_cc_user_confirm_neg_reply(hdev, skb);
3438 break;
3439
Brian Gix1143d452011-11-23 08:28:34 -08003440 case HCI_OP_USER_PASSKEY_REPLY:
3441 hci_cc_user_passkey_reply(hdev, skb);
3442 break;
3443
3444 case HCI_OP_USER_PASSKEY_NEG_REPLY:
3445 hci_cc_user_passkey_neg_reply(hdev, skb);
Szymon Janc16cde992012-04-13 12:32:42 +02003446 break;
Andre Guedes07f7fa52011-12-02 21:13:31 +09003447
Marcel Holtmann7a4cd512014-02-19 19:52:13 -08003448 case HCI_OP_LE_SET_RANDOM_ADDR:
3449 hci_cc_le_set_random_addr(hdev, skb);
3450 break;
3451
Johan Hedbergc1d5dc42012-11-08 01:23:01 +01003452 case HCI_OP_LE_SET_ADV_ENABLE:
3453 hci_cc_le_set_adv_enable(hdev, skb);
3454 break;
3455
Marcel Holtmann533553f2014-03-21 12:18:10 -07003456 case HCI_OP_LE_SET_SCAN_PARAM:
3457 hci_cc_le_set_scan_param(hdev, skb);
3458 break;
3459
Andre Guedeseb9d91f2011-05-26 16:23:52 -03003460 case HCI_OP_LE_SET_SCAN_ENABLE:
3461 hci_cc_le_set_scan_enable(hdev, skb);
3462 break;
3463
Johan Hedbergcf1d0812013-01-22 14:02:00 +02003464 case HCI_OP_LE_READ_WHITE_LIST_SIZE:
3465 hci_cc_le_read_white_list_size(hdev, skb);
3466 break;
3467
Marcel Holtmann0f36b582014-02-27 20:37:31 -08003468 case HCI_OP_LE_CLEAR_WHITE_LIST:
3469 hci_cc_le_clear_white_list(hdev, skb);
3470 break;
3471
3472 case HCI_OP_LE_ADD_TO_WHITE_LIST:
3473 hci_cc_le_add_to_white_list(hdev, skb);
3474 break;
3475
3476 case HCI_OP_LE_DEL_FROM_WHITE_LIST:
3477 hci_cc_le_del_from_white_list(hdev, skb);
3478 break;
3479
Johan Hedberg9b008c02013-01-22 14:02:01 +02003480 case HCI_OP_LE_READ_SUPPORTED_STATES:
3481 hci_cc_le_read_supported_states(hdev, skb);
3482 break;
3483
Marcel Holtmanna8e1bfa2014-12-20 16:28:40 +01003484 case HCI_OP_LE_READ_DEF_DATA_LEN:
3485 hci_cc_le_read_def_data_len(hdev, skb);
3486 break;
3487
3488 case HCI_OP_LE_WRITE_DEF_DATA_LEN:
3489 hci_cc_le_write_def_data_len(hdev, skb);
3490 break;
3491
Ankit Navikb950aa82018-08-17 07:29:19 +05303492 case HCI_OP_LE_ADD_TO_RESOLV_LIST:
3493 hci_cc_le_add_to_resolv_list(hdev, skb);
3494 break;
3495
3496 case HCI_OP_LE_DEL_FROM_RESOLV_LIST:
3497 hci_cc_le_del_from_resolv_list(hdev, skb);
3498 break;
3499
Ankit Navik545f2592018-06-29 12:13:20 +05303500 case HCI_OP_LE_CLEAR_RESOLV_LIST:
3501 hci_cc_le_clear_resolv_list(hdev, skb);
3502 break;
3503
Ankit Navikcfdb0c22018-06-29 12:12:50 +05303504 case HCI_OP_LE_READ_RESOLV_LIST_SIZE:
3505 hci_cc_le_read_resolv_list_size(hdev, skb);
3506 break;
3507
Ankit Navikaa12af72018-08-07 13:16:35 +05303508 case HCI_OP_LE_SET_ADDR_RESOLV_ENABLE:
3509 hci_cc_le_set_addr_resolution_enable(hdev, skb);
3510 break;
3511
Marcel Holtmanna8e1bfa2014-12-20 16:28:40 +01003512 case HCI_OP_LE_READ_MAX_DATA_LEN:
3513 hci_cc_le_read_max_data_len(hdev, skb);
3514 break;
3515
Andre Guedesf9b49302011-06-30 19:20:53 -03003516 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
3517 hci_cc_write_le_host_supported(hdev, skb);
3518 break;
3519
Johan Hedberg56ed2cb2014-02-27 14:05:40 +02003520 case HCI_OP_LE_SET_ADV_PARAM:
3521 hci_cc_set_adv_param(hdev, skb);
3522 break;
3523
Andrzej Kaczmarek5ae76a92014-05-08 15:32:08 +02003524 case HCI_OP_READ_RSSI:
3525 hci_cc_read_rssi(hdev, skb);
3526 break;
3527
Andrzej Kaczmarek5a134fa2014-05-09 21:35:28 +02003528 case HCI_OP_READ_TX_POWER:
3529 hci_cc_read_tx_power(hdev, skb);
3530 break;
3531
Marcel Holtmannc50b33c2015-01-31 15:07:52 -08003532 case HCI_OP_WRITE_SSP_DEBUG_MODE:
3533 hci_cc_write_ssp_debug_mode(hdev, skb);
3534 break;
3535
Jaganath Kanakkasserya2344b92018-07-06 17:05:28 +05303536 case HCI_OP_LE_SET_EXT_SCAN_PARAMS:
3537 hci_cc_le_set_ext_scan_param(hdev, skb);
3538 break;
3539
3540 case HCI_OP_LE_SET_EXT_SCAN_ENABLE:
3541 hci_cc_le_set_ext_scan_enable(hdev, skb);
3542 break;
3543
Jaganath Kanakkassery0314f282018-07-19 17:09:35 +05303544 case HCI_OP_LE_SET_DEFAULT_PHY:
3545 hci_cc_le_set_default_phy(hdev, skb);
3546 break;
3547
Jaganath Kanakkassery6b49bcb2018-07-19 17:09:40 +05303548 case HCI_OP_LE_READ_NUM_SUPPORTED_ADV_SETS:
3549 hci_cc_le_read_num_adv_sets(hdev, skb);
3550 break;
3551
Jaganath Kanakkasseryde181e82018-07-19 17:09:41 +05303552 case HCI_OP_LE_SET_EXT_ADV_PARAMS:
3553 hci_cc_set_ext_adv_param(hdev, skb);
3554 break;
3555
3556 case HCI_OP_LE_SET_EXT_ADV_ENABLE:
3557 hci_cc_le_set_ext_adv_enable(hdev, skb);
3558 break;
3559
Jaganath Kanakkasserya73c0462018-07-19 17:09:45 +05303560 case HCI_OP_LE_SET_ADV_SET_RAND_ADDR:
3561 hci_cc_le_set_adv_set_random_addr(hdev, skb);
3562 break;
3563
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003564 default:
Johan Hedberge62144872015-04-02 13:41:08 +03003565 BT_DBG("%s opcode 0x%4.4x", hdev->name, *opcode);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003566 break;
3567 }
3568
Johan Hedberge62144872015-04-02 13:41:08 +03003569 if (*opcode != HCI_OP_NOP)
Marcel Holtmann65cc2b42014-06-16 12:30:56 +02003570 cancel_delayed_work(&hdev->cmd_timer);
Ville Tervo6bd32322011-02-16 16:32:41 +02003571
Johan Hedberg600b2152015-03-28 11:17:36 +02003572 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags))
3573 atomic_set(&hdev->cmd_cnt, 1);
3574
Johan Hedberge62144872015-04-02 13:41:08 +03003575 hci_req_cmd_complete(hdev, *opcode, *status, req_complete,
3576 req_complete_skb);
Johan Hedberg9238f362013-03-05 20:37:48 +02003577
João Paulo Rechi Vitaf80c5da2019-05-02 10:01:52 +08003578 if (hci_dev_test_flag(hdev, HCI_CMD_PENDING)) {
3579 bt_dev_err(hdev,
3580 "unexpected event for opcode 0x%4.4x", *opcode);
3581 return;
3582 }
3583
Johan Hedberg600b2152015-03-28 11:17:36 +02003584 if (atomic_read(&hdev->cmd_cnt) && !skb_queue_empty(&hdev->cmd_q))
3585 queue_work(hdev->workqueue, &hdev->cmd_work);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003586}
3587
Johan Hedberge62144872015-04-02 13:41:08 +03003588static void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb,
3589 u16 *opcode, u8 *status,
3590 hci_req_complete_t *req_complete,
3591 hci_req_complete_skb_t *req_complete_skb)
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003592{
3593 struct hci_ev_cmd_status *ev = (void *) skb->data;
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003594
3595 skb_pull(skb, sizeof(*ev));
3596
Johan Hedberge62144872015-04-02 13:41:08 +03003597 *opcode = __le16_to_cpu(ev->opcode);
3598 *status = ev->status;
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003599
Johan Hedberge62144872015-04-02 13:41:08 +03003600 switch (*opcode) {
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003601 case HCI_OP_INQUIRY:
3602 hci_cs_inquiry(hdev, ev->status);
3603 break;
3604
3605 case HCI_OP_CREATE_CONN:
3606 hci_cs_create_conn(hdev, ev->status);
3607 break;
3608
Kuba Pawlak9645c762014-11-06 19:36:53 +01003609 case HCI_OP_DISCONNECT:
3610 hci_cs_disconnect(hdev, ev->status);
3611 break;
3612
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003613 case HCI_OP_ADD_SCO:
3614 hci_cs_add_sco(hdev, ev->status);
3615 break;
3616
Marcel Holtmannf8558552008-07-14 20:13:49 +02003617 case HCI_OP_AUTH_REQUESTED:
3618 hci_cs_auth_requested(hdev, ev->status);
3619 break;
3620
3621 case HCI_OP_SET_CONN_ENCRYPT:
3622 hci_cs_set_conn_encrypt(hdev, ev->status);
3623 break;
3624
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003625 case HCI_OP_REMOTE_NAME_REQ:
3626 hci_cs_remote_name_req(hdev, ev->status);
3627 break;
3628
Marcel Holtmann769be972008-07-14 20:13:49 +02003629 case HCI_OP_READ_REMOTE_FEATURES:
3630 hci_cs_read_remote_features(hdev, ev->status);
3631 break;
3632
3633 case HCI_OP_READ_REMOTE_EXT_FEATURES:
3634 hci_cs_read_remote_ext_features(hdev, ev->status);
3635 break;
3636
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003637 case HCI_OP_SETUP_SYNC_CONN:
3638 hci_cs_setup_sync_conn(hdev, ev->status);
3639 break;
3640
3641 case HCI_OP_SNIFF_MODE:
3642 hci_cs_sniff_mode(hdev, ev->status);
3643 break;
3644
3645 case HCI_OP_EXIT_SNIFF_MODE:
3646 hci_cs_exit_sniff_mode(hdev, ev->status);
3647 break;
3648
Kuba Pawlak50fc85f2014-11-06 19:36:52 +01003649 case HCI_OP_SWITCH_ROLE:
3650 hci_cs_switch_role(hdev, ev->status);
3651 break;
3652
Johan Hedbergcb1d68f2014-02-28 12:54:16 +02003653 case HCI_OP_LE_CREATE_CONN:
3654 hci_cs_le_create_conn(hdev, ev->status);
3655 break;
3656
Marcel Holtmann0fe29fd2015-04-08 09:05:27 -07003657 case HCI_OP_LE_READ_REMOTE_FEATURES:
3658 hci_cs_le_read_remote_features(hdev, ev->status);
3659 break;
3660
Johan Hedberg81d0c8a2014-03-24 14:39:04 +02003661 case HCI_OP_LE_START_ENC:
3662 hci_cs_le_start_enc(hdev, ev->status);
3663 break;
3664
Jaganath Kanakkassery4d94f952018-07-06 22:50:32 +02003665 case HCI_OP_LE_EXT_CREATE_CONN:
3666 hci_cs_le_ext_create_conn(hdev, ev->status);
3667 break;
3668
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003669 default:
Johan Hedberge62144872015-04-02 13:41:08 +03003670 BT_DBG("%s opcode 0x%4.4x", hdev->name, *opcode);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003671 break;
3672 }
3673
Johan Hedberge62144872015-04-02 13:41:08 +03003674 if (*opcode != HCI_OP_NOP)
Marcel Holtmann65cc2b42014-06-16 12:30:56 +02003675 cancel_delayed_work(&hdev->cmd_timer);
Ville Tervo6bd32322011-02-16 16:32:41 +02003676
Johan Hedberg600b2152015-03-28 11:17:36 +02003677 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags))
3678 atomic_set(&hdev->cmd_cnt, 1);
3679
Johan Hedberg444c6dd2015-04-02 13:41:07 +03003680 /* Indicate request completion if the command failed. Also, if
3681 * we're not waiting for a special event and we get a success
3682 * command status we should try to flag the request as completed
3683 * (since for this kind of commands there will not be a command
3684 * complete event).
3685 */
Johan Hedberg02350a72013-04-03 21:50:29 +03003686 if (ev->status ||
Marcel Holtmann242c0eb2015-10-25 22:45:53 +01003687 (hdev->sent_cmd && !bt_cb(hdev->sent_cmd)->hci.req_event))
Johan Hedberge62144872015-04-02 13:41:08 +03003688 hci_req_cmd_complete(hdev, *opcode, ev->status, req_complete,
3689 req_complete_skb);
Johan Hedberg9238f362013-03-05 20:37:48 +02003690
João Paulo Rechi Vitaf80c5da2019-05-02 10:01:52 +08003691 if (hci_dev_test_flag(hdev, HCI_CMD_PENDING)) {
3692 bt_dev_err(hdev,
3693 "unexpected event for opcode 0x%4.4x", *opcode);
3694 return;
3695 }
3696
Johan Hedberg600b2152015-03-28 11:17:36 +02003697 if (atomic_read(&hdev->cmd_cnt) && !skb_queue_empty(&hdev->cmd_q))
3698 queue_work(hdev->workqueue, &hdev->cmd_work);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003699}
3700
Marcel Holtmann24dfa342014-11-02 02:56:41 +01003701static void hci_hardware_error_evt(struct hci_dev *hdev, struct sk_buff *skb)
3702{
3703 struct hci_ev_hardware_error *ev = (void *) skb->data;
3704
Marcel Holtmannc7741d12015-01-28 11:09:55 -08003705 hdev->hw_error_code = ev->code;
3706
3707 queue_work(hdev->req_workqueue, &hdev->error_reset);
Marcel Holtmann24dfa342014-11-02 02:56:41 +01003708}
3709
Gustavo Padovan6039aa72012-05-23 04:04:18 -03003710static void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003711{
3712 struct hci_ev_role_change *ev = (void *) skb->data;
3713 struct hci_conn *conn;
3714
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03003715 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003716
3717 hci_dev_lock(hdev);
3718
3719 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3720 if (conn) {
Johan Hedberg40bef302014-07-16 11:42:27 +03003721 if (!ev->status)
3722 conn->role = ev->role;
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003723
Johan Hedberg51a8efd2012-01-16 06:10:31 +02003724 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003725
3726 hci_role_switch_cfm(conn, ev->status, ev->role);
3727 }
3728
3729 hci_dev_unlock(hdev);
3730}
3731
Gustavo Padovan6039aa72012-05-23 04:04:18 -03003732static void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -07003733{
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003734 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
Linus Torvalds1da177e2005-04-16 15:20:36 -07003735 int i;
3736
Andrei Emeltchenko32ac5b92011-12-19 16:31:29 +02003737 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
Marcel Holtmann2064ee32017-10-30 10:42:59 +01003738 bt_dev_err(hdev, "wrong event for mode %d", hdev->flow_ctl_mode);
Andrei Emeltchenko32ac5b92011-12-19 16:31:29 +02003739 return;
3740 }
3741
Gustavo A. R. Silva16e18342019-02-07 18:40:33 -06003742 if (skb->len < sizeof(*ev) ||
3743 skb->len < struct_size(ev, handles, ev->num_hndl)) {
Linus Torvalds1da177e2005-04-16 15:20:36 -07003744 BT_DBG("%s bad parameters", hdev->name);
3745 return;
3746 }
3747
Andrei Emeltchenkoc5993de2011-12-30 12:07:47 +02003748 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
3749
Andrei Emeltchenko613a1c02011-12-19 16:31:30 +02003750 for (i = 0; i < ev->num_hndl; i++) {
3751 struct hci_comp_pkts_info *info = &ev->handles[i];
Linus Torvalds1da177e2005-04-16 15:20:36 -07003752 struct hci_conn *conn;
3753 __u16 handle, count;
3754
Andrei Emeltchenko613a1c02011-12-19 16:31:30 +02003755 handle = __le16_to_cpu(info->handle);
3756 count = __le16_to_cpu(info->count);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003757
3758 conn = hci_conn_hash_lookup_handle(hdev, handle);
Andrei Emeltchenkof4280912011-12-07 15:56:52 +02003759 if (!conn)
3760 continue;
Linus Torvalds1da177e2005-04-16 15:20:36 -07003761
Andrei Emeltchenkof4280912011-12-07 15:56:52 +02003762 conn->sent -= count;
3763
3764 switch (conn->type) {
3765 case ACL_LINK:
3766 hdev->acl_cnt += count;
3767 if (hdev->acl_cnt > hdev->acl_pkts)
3768 hdev->acl_cnt = hdev->acl_pkts;
3769 break;
3770
3771 case LE_LINK:
3772 if (hdev->le_pkts) {
3773 hdev->le_cnt += count;
3774 if (hdev->le_cnt > hdev->le_pkts)
3775 hdev->le_cnt = hdev->le_pkts;
3776 } else {
Andrei Emeltchenko70f230202010-12-01 16:58:25 +02003777 hdev->acl_cnt += count;
3778 if (hdev->acl_cnt > hdev->acl_pkts)
Linus Torvalds1da177e2005-04-16 15:20:36 -07003779 hdev->acl_cnt = hdev->acl_pkts;
3780 }
Andrei Emeltchenkof4280912011-12-07 15:56:52 +02003781 break;
3782
3783 case SCO_LINK:
3784 hdev->sco_cnt += count;
3785 if (hdev->sco_cnt > hdev->sco_pkts)
3786 hdev->sco_cnt = hdev->sco_pkts;
3787 break;
3788
3789 default:
Marcel Holtmann2064ee32017-10-30 10:42:59 +01003790 bt_dev_err(hdev, "unknown type %d conn %p",
3791 conn->type, conn);
Andrei Emeltchenkof4280912011-12-07 15:56:52 +02003792 break;
Linus Torvalds1da177e2005-04-16 15:20:36 -07003793 }
3794 }
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003795
Gustavo F. Padovan3eff45e2011-12-15 00:50:02 -02003796 queue_work(hdev->workqueue, &hdev->tx_work);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003797}
3798
Andrei Emeltchenko76ef7cf2012-10-10 17:38:29 +03003799static struct hci_conn *__hci_conn_lookup_handle(struct hci_dev *hdev,
3800 __u16 handle)
3801{
3802 struct hci_chan *chan;
3803
3804 switch (hdev->dev_type) {
Marcel Holtmannca8bee52016-07-05 14:30:14 +02003805 case HCI_PRIMARY:
Andrei Emeltchenko76ef7cf2012-10-10 17:38:29 +03003806 return hci_conn_hash_lookup_handle(hdev, handle);
3807 case HCI_AMP:
3808 chan = hci_chan_lookup_handle(hdev, handle);
3809 if (chan)
3810 return chan->conn;
3811 break;
3812 default:
Marcel Holtmann2064ee32017-10-30 10:42:59 +01003813 bt_dev_err(hdev, "unknown dev_type %d", hdev->dev_type);
Andrei Emeltchenko76ef7cf2012-10-10 17:38:29 +03003814 break;
3815 }
3816
3817 return NULL;
3818}
3819
Gustavo Padovan6039aa72012-05-23 04:04:18 -03003820static void hci_num_comp_blocks_evt(struct hci_dev *hdev, struct sk_buff *skb)
Andrei Emeltchenko25e89e92012-01-04 12:41:58 +02003821{
3822 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
3823 int i;
3824
3825 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
Marcel Holtmann2064ee32017-10-30 10:42:59 +01003826 bt_dev_err(hdev, "wrong event for mode %d", hdev->flow_ctl_mode);
Andrei Emeltchenko25e89e92012-01-04 12:41:58 +02003827 return;
3828 }
3829
Gustavo A. R. Silva16e18342019-02-07 18:40:33 -06003830 if (skb->len < sizeof(*ev) ||
3831 skb->len < struct_size(ev, handles, ev->num_hndl)) {
Andrei Emeltchenko25e89e92012-01-04 12:41:58 +02003832 BT_DBG("%s bad parameters", hdev->name);
3833 return;
3834 }
3835
3836 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
Gustavo Padovan807deac2012-05-17 00:36:24 -03003837 ev->num_hndl);
Andrei Emeltchenko25e89e92012-01-04 12:41:58 +02003838
3839 for (i = 0; i < ev->num_hndl; i++) {
3840 struct hci_comp_blocks_info *info = &ev->handles[i];
Andrei Emeltchenko76ef7cf2012-10-10 17:38:29 +03003841 struct hci_conn *conn = NULL;
Andrei Emeltchenko25e89e92012-01-04 12:41:58 +02003842 __u16 handle, block_count;
3843
3844 handle = __le16_to_cpu(info->handle);
3845 block_count = __le16_to_cpu(info->blocks);
3846
Andrei Emeltchenko76ef7cf2012-10-10 17:38:29 +03003847 conn = __hci_conn_lookup_handle(hdev, handle);
Andrei Emeltchenko25e89e92012-01-04 12:41:58 +02003848 if (!conn)
3849 continue;
3850
3851 conn->sent -= block_count;
3852
3853 switch (conn->type) {
3854 case ACL_LINK:
Andrei Emeltchenkobd1eb662012-10-10 17:38:30 +03003855 case AMP_LINK:
Andrei Emeltchenko25e89e92012-01-04 12:41:58 +02003856 hdev->block_cnt += block_count;
3857 if (hdev->block_cnt > hdev->num_blocks)
3858 hdev->block_cnt = hdev->num_blocks;
3859 break;
3860
3861 default:
Marcel Holtmann2064ee32017-10-30 10:42:59 +01003862 bt_dev_err(hdev, "unknown type %d conn %p",
3863 conn->type, conn);
Andrei Emeltchenko25e89e92012-01-04 12:41:58 +02003864 break;
3865 }
3866 }
3867
3868 queue_work(hdev->workqueue, &hdev->tx_work);
3869}
3870
Gustavo Padovan6039aa72012-05-23 04:04:18 -03003871static void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -07003872{
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003873 struct hci_ev_mode_change *ev = (void *) skb->data;
Marcel Holtmann04837f62006-07-03 10:02:33 +02003874 struct hci_conn *conn;
Linus Torvalds1da177e2005-04-16 15:20:36 -07003875
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03003876 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003877
3878 hci_dev_lock(hdev);
3879
Marcel Holtmann04837f62006-07-03 10:02:33 +02003880 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3881 if (conn) {
3882 conn->mode = ev->mode;
Marcel Holtmann04837f62006-07-03 10:02:33 +02003883
Gustavo Padovan8fc9ced2012-05-23 04:04:21 -03003884 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND,
3885 &conn->flags)) {
Marcel Holtmann04837f62006-07-03 10:02:33 +02003886 if (conn->mode == HCI_CM_ACTIVE)
Johan Hedberg58a681e2012-01-16 06:47:28 +02003887 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
Marcel Holtmann04837f62006-07-03 10:02:33 +02003888 else
Johan Hedberg58a681e2012-01-16 06:47:28 +02003889 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
Marcel Holtmann04837f62006-07-03 10:02:33 +02003890 }
Marcel Holtmanne73439d2010-07-26 10:06:00 -04003891
Johan Hedberg51a8efd2012-01-16 06:10:31 +02003892 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
Marcel Holtmanne73439d2010-07-26 10:06:00 -04003893 hci_sco_setup(conn, ev->status);
Marcel Holtmann04837f62006-07-03 10:02:33 +02003894 }
3895
3896 hci_dev_unlock(hdev);
3897}
3898
Gustavo Padovan6039aa72012-05-23 04:04:18 -03003899static void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -07003900{
Marcel Holtmann052b30b2009-04-26 20:01:22 +02003901 struct hci_ev_pin_code_req *ev = (void *) skb->data;
3902 struct hci_conn *conn;
3903
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003904 BT_DBG("%s", hdev->name);
Marcel Holtmann052b30b2009-04-26 20:01:22 +02003905
3906 hci_dev_lock(hdev);
3907
3908 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
Waldemar Rymarkiewiczb6f98042011-09-23 10:01:30 +02003909 if (!conn)
3910 goto unlock;
3911
3912 if (conn->state == BT_CONNECTED) {
Marcel Holtmann052b30b2009-04-26 20:01:22 +02003913 hci_conn_hold(conn);
3914 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
David Herrmann76a68ba2013-04-06 20:28:37 +02003915 hci_conn_drop(conn);
Marcel Holtmann052b30b2009-04-26 20:01:22 +02003916 }
3917
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07003918 if (!hci_dev_test_flag(hdev, HCI_BONDABLE) &&
Johan Hedberg2f407f02014-07-17 15:35:40 +03003919 !test_bit(HCI_CONN_AUTH_INITIATOR, &conn->flags)) {
Johan Hedberg03b555e2011-01-04 15:40:05 +02003920 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
Gustavo Padovan807deac2012-05-17 00:36:24 -03003921 sizeof(ev->bdaddr), &ev->bdaddr);
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07003922 } else if (hci_dev_test_flag(hdev, HCI_MGMT)) {
Waldemar Rymarkiewicza770bb52011-04-28 12:07:59 +02003923 u8 secure;
3924
3925 if (conn->pending_sec_level == BT_SECURITY_HIGH)
3926 secure = 1;
3927 else
3928 secure = 0;
3929
Johan Hedberg744cf192011-11-08 20:40:14 +02003930 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
Waldemar Rymarkiewicza770bb52011-04-28 12:07:59 +02003931 }
Johan Hedberg980e1a52011-01-22 06:10:07 +02003932
Waldemar Rymarkiewiczb6f98042011-09-23 10:01:30 +02003933unlock:
Marcel Holtmann052b30b2009-04-26 20:01:22 +02003934 hci_dev_unlock(hdev);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003935}
3936
Johan Hedbergcb6f3f72014-11-19 14:53:04 +02003937static void conn_set_key(struct hci_conn *conn, u8 key_type, u8 pin_len)
3938{
3939 if (key_type == HCI_LK_CHANGED_COMBINATION)
3940 return;
3941
3942 conn->pin_length = pin_len;
3943 conn->key_type = key_type;
3944
3945 switch (key_type) {
3946 case HCI_LK_LOCAL_UNIT:
3947 case HCI_LK_REMOTE_UNIT:
3948 case HCI_LK_DEBUG_COMBINATION:
3949 return;
3950 case HCI_LK_COMBINATION:
3951 if (pin_len == 16)
3952 conn->pending_sec_level = BT_SECURITY_HIGH;
3953 else
3954 conn->pending_sec_level = BT_SECURITY_MEDIUM;
3955 break;
3956 case HCI_LK_UNAUTH_COMBINATION_P192:
3957 case HCI_LK_UNAUTH_COMBINATION_P256:
3958 conn->pending_sec_level = BT_SECURITY_MEDIUM;
3959 break;
3960 case HCI_LK_AUTH_COMBINATION_P192:
3961 conn->pending_sec_level = BT_SECURITY_HIGH;
3962 break;
3963 case HCI_LK_AUTH_COMBINATION_P256:
3964 conn->pending_sec_level = BT_SECURITY_FIPS;
3965 break;
3966 }
3967}
3968
Gustavo Padovan6039aa72012-05-23 04:04:18 -03003969static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -07003970{
Johan Hedberg55ed8ca12011-01-17 14:41:05 +02003971 struct hci_ev_link_key_req *ev = (void *) skb->data;
3972 struct hci_cp_link_key_reply cp;
3973 struct hci_conn *conn;
3974 struct link_key *key;
3975
Marcel Holtmanna9de9242007-10-20 13:33:56 +02003976 BT_DBG("%s", hdev->name);
Johan Hedberg55ed8ca12011-01-17 14:41:05 +02003977
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07003978 if (!hci_dev_test_flag(hdev, HCI_MGMT))
Johan Hedberg55ed8ca12011-01-17 14:41:05 +02003979 return;
3980
3981 hci_dev_lock(hdev);
3982
3983 key = hci_find_link_key(hdev, &ev->bdaddr);
3984 if (!key) {
Andrei Emeltchenko6ed93dc2012-09-25 12:49:43 +03003985 BT_DBG("%s link key not found for %pMR", hdev->name,
3986 &ev->bdaddr);
Johan Hedberg55ed8ca12011-01-17 14:41:05 +02003987 goto not_found;
3988 }
3989
Andrei Emeltchenko6ed93dc2012-09-25 12:49:43 +03003990 BT_DBG("%s found key type %u for %pMR", hdev->name, key->type,
3991 &ev->bdaddr);
Johan Hedberg55ed8ca12011-01-17 14:41:05 +02003992
Johan Hedberg55ed8ca12011-01-17 14:41:05 +02003993 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
Waldemar Rymarkiewicz60b83f52011-04-28 12:07:56 +02003994 if (conn) {
Johan Hedbergfe8bc5a2014-08-14 12:33:17 +03003995 clear_bit(HCI_CONN_NEW_LINK_KEY, &conn->flags);
3996
Marcel Holtmann66138ce2014-01-10 02:07:20 -08003997 if ((key->type == HCI_LK_UNAUTH_COMBINATION_P192 ||
3998 key->type == HCI_LK_UNAUTH_COMBINATION_P256) &&
Gustavo Padovan807deac2012-05-17 00:36:24 -03003999 conn->auth_type != 0xff && (conn->auth_type & 0x01)) {
Waldemar Rymarkiewicz60b83f52011-04-28 12:07:56 +02004000 BT_DBG("%s ignoring unauthenticated key", hdev->name);
4001 goto not_found;
4002 }
Johan Hedberg55ed8ca12011-01-17 14:41:05 +02004003
Waldemar Rymarkiewicz60b83f52011-04-28 12:07:56 +02004004 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
Johan Hedbergf3fb0b52014-06-02 10:12:44 +03004005 (conn->pending_sec_level == BT_SECURITY_HIGH ||
4006 conn->pending_sec_level == BT_SECURITY_FIPS)) {
Gustavo Padovan8fc9ced2012-05-23 04:04:21 -03004007 BT_DBG("%s ignoring key unauthenticated for high security",
4008 hdev->name);
Waldemar Rymarkiewicz60b83f52011-04-28 12:07:56 +02004009 goto not_found;
4010 }
4011
Johan Hedbergcb6f3f72014-11-19 14:53:04 +02004012 conn_set_key(conn, key->type, key->pin_len);
Johan Hedberg55ed8ca12011-01-17 14:41:05 +02004013 }
4014
4015 bacpy(&cp.bdaddr, &ev->bdaddr);
Andrei Emeltchenko9b3b4462012-05-23 11:31:20 +03004016 memcpy(cp.link_key, key->val, HCI_LINK_KEY_SIZE);
Johan Hedberg55ed8ca12011-01-17 14:41:05 +02004017
4018 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
4019
4020 hci_dev_unlock(hdev);
4021
4022 return;
4023
4024not_found:
4025 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
4026 hci_dev_unlock(hdev);
Linus Torvalds1da177e2005-04-16 15:20:36 -07004027}
4028
Gustavo Padovan6039aa72012-05-23 04:04:18 -03004029static void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -07004030{
Marcel Holtmann052b30b2009-04-26 20:01:22 +02004031 struct hci_ev_link_key_notify *ev = (void *) skb->data;
4032 struct hci_conn *conn;
Johan Hedberg7652ff62014-06-24 13:15:49 +03004033 struct link_key *key;
4034 bool persistent;
Johan Hedberg55ed8ca12011-01-17 14:41:05 +02004035 u8 pin_len = 0;
Marcel Holtmann052b30b2009-04-26 20:01:22 +02004036
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004037 BT_DBG("%s", hdev->name);
Marcel Holtmann052b30b2009-04-26 20:01:22 +02004038
4039 hci_dev_lock(hdev);
4040
4041 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
Johan Hedberg82c13d42014-12-03 11:03:06 +02004042 if (!conn)
4043 goto unlock;
4044
4045 hci_conn_hold(conn);
4046 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
4047 hci_conn_drop(conn);
4048
Johan Hedbergfe8bc5a2014-08-14 12:33:17 +03004049 set_bit(HCI_CONN_NEW_LINK_KEY, &conn->flags);
Johan Hedberg82c13d42014-12-03 11:03:06 +02004050 conn_set_key(conn, ev->key_type, conn->pin_length);
Marcel Holtmann052b30b2009-04-26 20:01:22 +02004051
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07004052 if (!hci_dev_test_flag(hdev, HCI_MGMT))
Johan Hedberg7652ff62014-06-24 13:15:49 +03004053 goto unlock;
Johan Hedberg55ed8ca12011-01-17 14:41:05 +02004054
Johan Hedberg7652ff62014-06-24 13:15:49 +03004055 key = hci_add_link_key(hdev, conn, &ev->bdaddr, ev->link_key,
4056 ev->key_type, pin_len, &persistent);
4057 if (!key)
4058 goto unlock;
4059
Johan Hedbergcb6f3f72014-11-19 14:53:04 +02004060 /* Update connection information since adding the key will have
4061 * fixed up the type in the case of changed combination keys.
4062 */
4063 if (ev->key_type == HCI_LK_CHANGED_COMBINATION)
4064 conn_set_key(conn, key->type, key->pin_len);
4065
Johan Hedberg7652ff62014-06-24 13:15:49 +03004066 mgmt_new_link_key(hdev, key, persistent);
4067
Johan Hedberg6d5650c2014-06-24 13:15:51 +03004068 /* Keep debug keys around only if the HCI_KEEP_DEBUG_KEYS flag
4069 * is set. If it's not set simply remove the key from the kernel
4070 * list (we've still notified user space about it but with
4071 * store_hint being 0).
4072 */
4073 if (key->type == HCI_LK_DEBUG_COMBINATION &&
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07004074 !hci_dev_test_flag(hdev, HCI_KEEP_DEBUG_KEYS)) {
Johan Hedberg0378b592014-11-19 15:22:22 +02004075 list_del_rcu(&key->list);
4076 kfree_rcu(key, rcu);
Johan Hedberg82c13d42014-12-03 11:03:06 +02004077 goto unlock;
Johan Hedberg6d5650c2014-06-24 13:15:51 +03004078 }
Johan Hedberg7652ff62014-06-24 13:15:49 +03004079
Johan Hedberg82c13d42014-12-03 11:03:06 +02004080 if (persistent)
4081 clear_bit(HCI_CONN_FLUSH_KEY, &conn->flags);
4082 else
4083 set_bit(HCI_CONN_FLUSH_KEY, &conn->flags);
4084
Johan Hedberg7652ff62014-06-24 13:15:49 +03004085unlock:
Marcel Holtmann052b30b2009-04-26 20:01:22 +02004086 hci_dev_unlock(hdev);
Linus Torvalds1da177e2005-04-16 15:20:36 -07004087}
4088
Gustavo Padovan6039aa72012-05-23 04:04:18 -03004089static void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
Marcel Holtmann04837f62006-07-03 10:02:33 +02004090{
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004091 struct hci_ev_clock_offset *ev = (void *) skb->data;
Marcel Holtmann04837f62006-07-03 10:02:33 +02004092 struct hci_conn *conn;
4093
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03004094 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
Marcel Holtmann04837f62006-07-03 10:02:33 +02004095
4096 hci_dev_lock(hdev);
4097
4098 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
Linus Torvalds1da177e2005-04-16 15:20:36 -07004099 if (conn && !ev->status) {
4100 struct inquiry_entry *ie;
4101
Andrei Emeltchenkocc11b9c2010-11-22 13:21:37 +02004102 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
4103 if (ie) {
Linus Torvalds1da177e2005-04-16 15:20:36 -07004104 ie->data.clock_offset = ev->clock_offset;
4105 ie->timestamp = jiffies;
4106 }
4107 }
4108
4109 hci_dev_unlock(hdev);
4110}
4111
Gustavo Padovan6039aa72012-05-23 04:04:18 -03004112static void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
Marcel Holtmanna8746412008-07-14 20:13:46 +02004113{
4114 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
4115 struct hci_conn *conn;
4116
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03004117 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
Marcel Holtmanna8746412008-07-14 20:13:46 +02004118
4119 hci_dev_lock(hdev);
4120
4121 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
4122 if (conn && !ev->status)
4123 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
4124
4125 hci_dev_unlock(hdev);
4126}
4127
Gustavo Padovan6039aa72012-05-23 04:04:18 -03004128static void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
Marcel Holtmann85a1e932005-08-09 20:28:02 -07004129{
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004130 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
Marcel Holtmann85a1e932005-08-09 20:28:02 -07004131 struct inquiry_entry *ie;
4132
4133 BT_DBG("%s", hdev->name);
4134
4135 hci_dev_lock(hdev);
4136
Andrei Emeltchenkocc11b9c2010-11-22 13:21:37 +02004137 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
4138 if (ie) {
Marcel Holtmann85a1e932005-08-09 20:28:02 -07004139 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
4140 ie->timestamp = jiffies;
4141 }
4142
4143 hci_dev_unlock(hdev);
4144}
4145
Gustavo Padovan6039aa72012-05-23 04:04:18 -03004146static void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev,
4147 struct sk_buff *skb)
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004148{
4149 struct inquiry_data data;
4150 int num_rsp = *((__u8 *) skb->data);
4151
4152 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
4153
4154 if (!num_rsp)
4155 return;
4156
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07004157 if (hci_dev_test_flag(hdev, HCI_PERIODIC_INQ))
Andre Guedes1519cc12012-03-21 00:03:38 -03004158 return;
4159
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004160 hci_dev_lock(hdev);
4161
4162 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
Szymon Janc138d22e2011-02-17 16:44:23 +01004163 struct inquiry_info_with_rssi_and_pscan_mode *info;
4164 info = (void *) (skb->data + 1);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004165
Johan Hedberge17acd42011-03-30 23:57:16 +03004166 for (; num_rsp; num_rsp--, info++) {
Marcel Holtmannaf589252014-07-01 14:11:20 +02004167 u32 flags;
4168
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004169 bacpy(&data.bdaddr, &info->bdaddr);
4170 data.pscan_rep_mode = info->pscan_rep_mode;
4171 data.pscan_period_mode = info->pscan_period_mode;
4172 data.pscan_mode = info->pscan_mode;
4173 memcpy(data.dev_class, info->dev_class, 3);
4174 data.clock_offset = info->clock_offset;
4175 data.rssi = info->rssi;
Marcel Holtmann41a96212008-07-14 20:13:48 +02004176 data.ssp_mode = 0x00;
Johan Hedberg31754052012-01-04 13:39:52 +02004177
Marcel Holtmannaf589252014-07-01 14:11:20 +02004178 flags = hci_inquiry_cache_update(hdev, &data, false);
4179
Johan Hedberg48264f02011-11-09 13:58:58 +02004180 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
Gustavo F. Padovan04124682012-03-08 01:25:00 -03004181 info->dev_class, info->rssi,
Marcel Holtmannaf589252014-07-01 14:11:20 +02004182 flags, NULL, 0, NULL, 0);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004183 }
4184 } else {
4185 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
4186
Johan Hedberge17acd42011-03-30 23:57:16 +03004187 for (; num_rsp; num_rsp--, info++) {
Marcel Holtmannaf589252014-07-01 14:11:20 +02004188 u32 flags;
4189
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004190 bacpy(&data.bdaddr, &info->bdaddr);
4191 data.pscan_rep_mode = info->pscan_rep_mode;
4192 data.pscan_period_mode = info->pscan_period_mode;
4193 data.pscan_mode = 0x00;
4194 memcpy(data.dev_class, info->dev_class, 3);
4195 data.clock_offset = info->clock_offset;
4196 data.rssi = info->rssi;
Marcel Holtmann41a96212008-07-14 20:13:48 +02004197 data.ssp_mode = 0x00;
Marcel Holtmannaf589252014-07-01 14:11:20 +02004198
4199 flags = hci_inquiry_cache_update(hdev, &data, false);
4200
Johan Hedberg48264f02011-11-09 13:58:58 +02004201 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
Gustavo F. Padovan04124682012-03-08 01:25:00 -03004202 info->dev_class, info->rssi,
Marcel Holtmannaf589252014-07-01 14:11:20 +02004203 flags, NULL, 0, NULL, 0);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004204 }
4205 }
4206
4207 hci_dev_unlock(hdev);
4208}
4209
Gustavo Padovan6039aa72012-05-23 04:04:18 -03004210static void hci_remote_ext_features_evt(struct hci_dev *hdev,
4211 struct sk_buff *skb)
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004212{
Marcel Holtmann41a96212008-07-14 20:13:48 +02004213 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
4214 struct hci_conn *conn;
4215
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004216 BT_DBG("%s", hdev->name);
Marcel Holtmann41a96212008-07-14 20:13:48 +02004217
Marcel Holtmann41a96212008-07-14 20:13:48 +02004218 hci_dev_lock(hdev);
4219
4220 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
Johan Hedbergccd556f2010-11-10 17:11:51 +02004221 if (!conn)
4222 goto unlock;
Marcel Holtmann41a96212008-07-14 20:13:48 +02004223
Johan Hedbergcad718e2013-04-17 15:00:51 +03004224 if (ev->page < HCI_MAX_PAGES)
4225 memcpy(conn->features[ev->page], ev->features, 8);
4226
Johan Hedbergccd556f2010-11-10 17:11:51 +02004227 if (!ev->status && ev->page == 0x01) {
4228 struct inquiry_entry *ie;
Marcel Holtmann41a96212008-07-14 20:13:48 +02004229
Andrei Emeltchenkocc11b9c2010-11-22 13:21:37 +02004230 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
4231 if (ie)
Johan Hedberg02b7cc62012-02-28 02:28:43 +02004232 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
Marcel Holtmann769be972008-07-14 20:13:49 +02004233
Jaganath Kanakkasserybbb0ead2013-04-16 20:16:30 +05304234 if (ev->features[0] & LMP_HOST_SSP) {
Johan Hedberg58a681e2012-01-16 06:47:28 +02004235 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
Jaganath Kanakkasserybbb0ead2013-04-16 20:16:30 +05304236 } else {
4237 /* It is mandatory by the Bluetooth specification that
4238 * Extended Inquiry Results are only used when Secure
4239 * Simple Pairing is enabled, but some devices violate
4240 * this.
4241 *
4242 * To make these devices work, the internal SSP
4243 * enabled flag needs to be cleared if the remote host
4244 * features do not indicate SSP support */
4245 clear_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
4246 }
Marcel Holtmanneb9a8f32014-01-15 22:37:38 -08004247
4248 if (ev->features[0] & LMP_HOST_SC)
4249 set_bit(HCI_CONN_SC_ENABLED, &conn->flags);
Marcel Holtmann41a96212008-07-14 20:13:48 +02004250 }
4251
Johan Hedbergccd556f2010-11-10 17:11:51 +02004252 if (conn->state != BT_CONFIG)
4253 goto unlock;
4254
Johan Hedberg671267b2012-05-12 16:11:50 -03004255 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
Johan Hedberg127178d2010-11-18 22:22:29 +02004256 struct hci_cp_remote_name_req cp;
4257 memset(&cp, 0, sizeof(cp));
4258 bacpy(&cp.bdaddr, &conn->dst);
4259 cp.pscan_rep_mode = 0x02;
4260 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
Johan Hedbergb644ba32012-01-17 21:48:47 +02004261 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
Alfonso Acosta48ec92f2014-10-07 08:44:10 +00004262 mgmt_device_connected(hdev, conn, 0, NULL, 0);
Johan Hedberg392599b2010-11-18 22:22:28 +02004263
Johan Hedberg127178d2010-11-18 22:22:29 +02004264 if (!hci_outgoing_auth_needed(hdev, conn)) {
Johan Hedbergccd556f2010-11-10 17:11:51 +02004265 conn->state = BT_CONNECTED;
Johan Hedberg539c4962015-02-18 14:53:57 +02004266 hci_connect_cfm(conn, ev->status);
David Herrmann76a68ba2013-04-06 20:28:37 +02004267 hci_conn_drop(conn);
Johan Hedbergccd556f2010-11-10 17:11:51 +02004268 }
4269
4270unlock:
Marcel Holtmann41a96212008-07-14 20:13:48 +02004271 hci_dev_unlock(hdev);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004272}
4273
Gustavo Padovan6039aa72012-05-23 04:04:18 -03004274static void hci_sync_conn_complete_evt(struct hci_dev *hdev,
4275 struct sk_buff *skb)
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004276{
Marcel Holtmannb6a0dc82007-10-20 14:55:10 +02004277 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
4278 struct hci_conn *conn;
4279
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03004280 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
Marcel Holtmannb6a0dc82007-10-20 14:55:10 +02004281
4282 hci_dev_lock(hdev);
4283
4284 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
Marcel Holtmann9dc0a3a2008-07-14 20:13:46 +02004285 if (!conn) {
4286 if (ev->link_type == ESCO_LINK)
4287 goto unlock;
4288
Kuba Pawlak618353b2015-08-28 13:05:22 +01004289 /* When the link type in the event indicates SCO connection
4290 * and lookup of the connection object fails, then check
4291 * if an eSCO connection object exists.
4292 *
4293 * The core limits the synchronous connections to either
4294 * SCO or eSCO. The eSCO connection is preferred and tried
4295 * to be setup first and until successfully established,
4296 * the link type will be hinted as eSCO.
4297 */
Marcel Holtmann9dc0a3a2008-07-14 20:13:46 +02004298 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
4299 if (!conn)
4300 goto unlock;
Marcel Holtmann9dc0a3a2008-07-14 20:13:46 +02004301 }
Marcel Holtmannb6a0dc82007-10-20 14:55:10 +02004302
Marcel Holtmann732547f2009-04-19 19:14:14 +02004303 switch (ev->status) {
4304 case 0x00:
Marcel Holtmannb6a0dc82007-10-20 14:55:10 +02004305 conn->handle = __le16_to_cpu(ev->handle);
4306 conn->state = BT_CONNECTED;
Kuba Pawlak618353b2015-08-28 13:05:22 +01004307 conn->type = ev->link_type;
Marcel Holtmann7d0db0a2008-07-14 20:13:51 +02004308
Marcel Holtmann23b9ceb2014-12-20 17:13:41 +01004309 hci_debugfs_create_conn(conn);
Marcel Holtmann7d0db0a2008-07-14 20:13:51 +02004310 hci_conn_add_sysfs(conn);
Marcel Holtmann732547f2009-04-19 19:14:14 +02004311 break;
4312
Nick Pelly81218d22014-06-30 11:25:01 +05304313 case 0x10: /* Connection Accept Timeout */
Frédéric Dalleau1a4c9582013-08-19 14:24:02 +02004314 case 0x0d: /* Connection Rejected due to Limited Resources */
Stephen Coe705e5712010-02-16 11:29:44 -05004315 case 0x11: /* Unsupported Feature or Parameter Value */
Marcel Holtmann732547f2009-04-19 19:14:14 +02004316 case 0x1c: /* SCO interval rejected */
Nick Pelly1038a002010-02-03 11:42:26 -08004317 case 0x1a: /* Unsupported Remote Feature */
Hsin-Yu Chao56b54532020-05-15 17:27:04 +08004318 case 0x1e: /* Invalid LMP Parameters */
Marcel Holtmann732547f2009-04-19 19:14:14 +02004319 case 0x1f: /* Unspecified error */
Andrew Earl27539bc2014-03-10 10:31:04 +00004320 case 0x20: /* Unsupported LMP Parameter value */
Frédéric Dalleau2dea6322013-08-19 14:24:03 +02004321 if (conn->out) {
Marcel Holtmann732547f2009-04-19 19:14:14 +02004322 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
4323 (hdev->esco_type & EDR_ESCO_MASK);
Frédéric Dalleau2dea6322013-08-19 14:24:03 +02004324 if (hci_setup_sync(conn, conn->link->handle))
4325 goto unlock;
Marcel Holtmann732547f2009-04-19 19:14:14 +02004326 }
4327 /* fall through */
4328
4329 default:
Marcel Holtmannb6a0dc82007-10-20 14:55:10 +02004330 conn->state = BT_CLOSED;
Marcel Holtmann732547f2009-04-19 19:14:14 +02004331 break;
4332 }
Marcel Holtmannb6a0dc82007-10-20 14:55:10 +02004333
Sathish Narsimman1f8330e2020-04-03 21:43:58 +02004334 bt_dev_dbg(hdev, "SCO connected with air mode: %02x", ev->air_mode);
4335
4336 switch (conn->setting & SCO_AIRMODE_MASK) {
4337 case SCO_AIRMODE_CVSD:
4338 if (hdev->notify)
4339 hdev->notify(hdev, HCI_NOTIFY_ENABLE_SCO_CVSD);
4340 break;
4341 case SCO_AIRMODE_TRANSP:
4342 if (hdev->notify)
4343 hdev->notify(hdev, HCI_NOTIFY_ENABLE_SCO_TRANSP);
4344 break;
4345 }
4346
Johan Hedberg539c4962015-02-18 14:53:57 +02004347 hci_connect_cfm(conn, ev->status);
Marcel Holtmannb6a0dc82007-10-20 14:55:10 +02004348 if (ev->status)
4349 hci_conn_del(conn);
4350
4351unlock:
4352 hci_dev_unlock(hdev);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004353}
4354
Marcel Holtmannefdcf8e2013-10-15 10:31:12 -07004355static inline size_t eir_get_length(u8 *eir, size_t eir_len)
4356{
4357 size_t parsed = 0;
4358
4359 while (parsed < eir_len) {
4360 u8 field_len = eir[0];
4361
4362 if (field_len == 0)
4363 return parsed;
4364
4365 parsed += field_len + 1;
4366 eir += field_len + 1;
4367 }
4368
4369 return eir_len;
4370}
4371
Gustavo Padovan6039aa72012-05-23 04:04:18 -03004372static void hci_extended_inquiry_result_evt(struct hci_dev *hdev,
4373 struct sk_buff *skb)
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004374{
4375 struct inquiry_data data;
4376 struct extended_inquiry_info *info = (void *) (skb->data + 1);
4377 int num_rsp = *((__u8 *) skb->data);
Vishal Agarwal9d939d92012-04-26 19:19:56 +05304378 size_t eir_len;
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004379
4380 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
4381
4382 if (!num_rsp)
4383 return;
4384
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07004385 if (hci_dev_test_flag(hdev, HCI_PERIODIC_INQ))
Andre Guedes1519cc12012-03-21 00:03:38 -03004386 return;
4387
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004388 hci_dev_lock(hdev);
4389
Johan Hedberge17acd42011-03-30 23:57:16 +03004390 for (; num_rsp; num_rsp--, info++) {
Marcel Holtmannaf589252014-07-01 14:11:20 +02004391 u32 flags;
4392 bool name_known;
Johan Hedberg561aafb2012-01-04 13:31:59 +02004393
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004394 bacpy(&data.bdaddr, &info->bdaddr);
Szymon Janc138d22e2011-02-17 16:44:23 +01004395 data.pscan_rep_mode = info->pscan_rep_mode;
4396 data.pscan_period_mode = info->pscan_period_mode;
4397 data.pscan_mode = 0x00;
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004398 memcpy(data.dev_class, info->dev_class, 3);
Szymon Janc138d22e2011-02-17 16:44:23 +01004399 data.clock_offset = info->clock_offset;
4400 data.rssi = info->rssi;
Marcel Holtmann41a96212008-07-14 20:13:48 +02004401 data.ssp_mode = 0x01;
Johan Hedberg561aafb2012-01-04 13:31:59 +02004402
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07004403 if (hci_dev_test_flag(hdev, HCI_MGMT))
Johan Hedberg0d3b7f62016-01-05 13:19:31 +02004404 name_known = eir_get_data(info->data,
4405 sizeof(info->data),
4406 EIR_NAME_COMPLETE, NULL);
Johan Hedberg561aafb2012-01-04 13:31:59 +02004407 else
4408 name_known = true;
4409
Marcel Holtmannaf589252014-07-01 14:11:20 +02004410 flags = hci_inquiry_cache_update(hdev, &data, name_known);
4411
Vishal Agarwal9d939d92012-04-26 19:19:56 +05304412 eir_len = eir_get_length(info->data, sizeof(info->data));
Marcel Holtmannaf589252014-07-01 14:11:20 +02004413
Johan Hedberg48264f02011-11-09 13:58:58 +02004414 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
Marcel Holtmannaf589252014-07-01 14:11:20 +02004415 info->dev_class, info->rssi,
4416 flags, info->data, eir_len, NULL, 0);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02004417 }
4418
4419 hci_dev_unlock(hdev);
4420}
4421
Johan Hedberg1c2e0042012-06-08 23:31:13 +08004422static void hci_key_refresh_complete_evt(struct hci_dev *hdev,
4423 struct sk_buff *skb)
4424{
4425 struct hci_ev_key_refresh_complete *ev = (void *) skb->data;
4426 struct hci_conn *conn;
4427
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03004428 BT_DBG("%s status 0x%2.2x handle 0x%4.4x", hdev->name, ev->status,
Johan Hedberg1c2e0042012-06-08 23:31:13 +08004429 __le16_to_cpu(ev->handle));
4430
4431 hci_dev_lock(hdev);
4432
4433 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
4434 if (!conn)
4435 goto unlock;
4436
Johan Hedberg9eb1fbf2014-04-11 12:02:31 -07004437 /* For BR/EDR the necessary steps are taken through the
4438 * auth_complete event.
4439 */
4440 if (conn->type != LE_LINK)
4441 goto unlock;
4442
Johan Hedberg1c2e0042012-06-08 23:31:13 +08004443 if (!ev->status)
4444 conn->sec_level = conn->pending_sec_level;
4445
4446 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
4447
4448 if (ev->status && conn->state == BT_CONNECTED) {
Andre Guedesbed71742013-01-30 11:50:56 -03004449 hci_disconnect(conn, HCI_ERROR_AUTH_FAILURE);
David Herrmann76a68ba2013-04-06 20:28:37 +02004450 hci_conn_drop(conn);
Johan Hedberg1c2e0042012-06-08 23:31:13 +08004451 goto unlock;
4452 }
4453
4454 if (conn->state == BT_CONFIG) {
4455 if (!ev->status)
4456 conn->state = BT_CONNECTED;
4457
Johan Hedberg539c4962015-02-18 14:53:57 +02004458 hci_connect_cfm(conn, ev->status);
David Herrmann76a68ba2013-04-06 20:28:37 +02004459 hci_conn_drop(conn);
Johan Hedberg1c2e0042012-06-08 23:31:13 +08004460 } else {
4461 hci_auth_cfm(conn, ev->status);
4462
4463 hci_conn_hold(conn);
4464 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
David Herrmann76a68ba2013-04-06 20:28:37 +02004465 hci_conn_drop(conn);
Johan Hedberg1c2e0042012-06-08 23:31:13 +08004466 }
4467
4468unlock:
4469 hci_dev_unlock(hdev);
4470}
4471
Gustavo Padovan6039aa72012-05-23 04:04:18 -03004472static u8 hci_get_auth_req(struct hci_conn *conn)
Johan Hedberg17fa4b92011-01-25 13:28:33 +02004473{
Johan Hedberg17fa4b92011-01-25 13:28:33 +02004474 /* If remote requests no-bonding follow that lead */
Mikel Astizacabae92013-06-28 10:56:28 +02004475 if (conn->remote_auth == HCI_AT_NO_BONDING ||
4476 conn->remote_auth == HCI_AT_NO_BONDING_MITM)
Waldemar Rymarkiewicz58797bf2011-04-28 12:07:58 +02004477 return conn->remote_auth | (conn->auth_type & 0x01);
Johan Hedberg17fa4b92011-01-25 13:28:33 +02004478
Mikel Astizb7f94c82014-04-08 14:21:31 +02004479 /* If both remote and local have enough IO capabilities, require
4480 * MITM protection
4481 */
4482 if (conn->remote_cap != HCI_IO_NO_INPUT_OUTPUT &&
4483 conn->io_capability != HCI_IO_NO_INPUT_OUTPUT)
4484 return conn->remote_auth | 0x01;
4485
Timo Mueller7e741702014-04-08 14:21:33 +02004486 /* No MITM protection possible so ignore remote requirement */
4487 return (conn->remote_auth & ~0x01) | (conn->auth_type & 0x01);
Johan Hedberg17fa4b92011-01-25 13:28:33 +02004488}
4489
Marcel Holtmanna83ed81e2015-01-27 16:04:32 -08004490static u8 bredr_oob_data_present(struct hci_conn *conn)
4491{
4492 struct hci_dev *hdev = conn->hdev;
4493 struct oob_data *data;
4494
4495 data = hci_find_remote_oob_data(hdev, &conn->dst, BDADDR_BREDR);
4496 if (!data)
4497 return 0x00;
4498
Marcel Holtmann455c2ff2015-03-15 16:42:53 -07004499 if (bredr_sc_enabled(hdev)) {
4500 /* When Secure Connections is enabled, then just
4501 * return the present value stored with the OOB
4502 * data. The stored value contains the right present
4503 * information. However it can only be trusted when
4504 * not in Secure Connection Only mode.
Marcel Holtmann659c7fb2015-01-30 23:20:56 -08004505 */
Marcel Holtmann455c2ff2015-03-15 16:42:53 -07004506 if (!hci_dev_test_flag(hdev, HCI_SC_ONLY))
4507 return data->present;
4508
4509 /* When Secure Connections Only mode is enabled, then
4510 * the P-256 values are required. If they are not
4511 * available, then do not declare that OOB data is
4512 * present.
4513 */
4514 if (!memcmp(data->rand256, ZERO_KEY, 16) ||
4515 !memcmp(data->hash256, ZERO_KEY, 16))
Marcel Holtmann659c7fb2015-01-30 23:20:56 -08004516 return 0x00;
4517
Marcel Holtmann455c2ff2015-03-15 16:42:53 -07004518 return 0x02;
Marcel Holtmann659c7fb2015-01-30 23:20:56 -08004519 }
Marcel Holtmanna83ed81e2015-01-27 16:04:32 -08004520
Marcel Holtmann455c2ff2015-03-15 16:42:53 -07004521 /* When Secure Connections is not enabled or actually
4522 * not supported by the hardware, then check that if
4523 * P-192 data values are present.
4524 */
4525 if (!memcmp(data->rand192, ZERO_KEY, 16) ||
4526 !memcmp(data->hash192, ZERO_KEY, 16))
4527 return 0x00;
4528
4529 return 0x01;
Marcel Holtmanna83ed81e2015-01-27 16:04:32 -08004530}
4531
Gustavo Padovan6039aa72012-05-23 04:04:18 -03004532static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
Marcel Holtmann04936842008-07-14 20:13:48 +02004533{
4534 struct hci_ev_io_capa_request *ev = (void *) skb->data;
4535 struct hci_conn *conn;
4536
4537 BT_DBG("%s", hdev->name);
4538
4539 hci_dev_lock(hdev);
4540
4541 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
Johan Hedberg03b555e2011-01-04 15:40:05 +02004542 if (!conn)
4543 goto unlock;
Marcel Holtmann04936842008-07-14 20:13:48 +02004544
Johan Hedberg03b555e2011-01-04 15:40:05 +02004545 hci_conn_hold(conn);
4546
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07004547 if (!hci_dev_test_flag(hdev, HCI_MGMT))
Johan Hedberg03b555e2011-01-04 15:40:05 +02004548 goto unlock;
4549
Johan Hedberg2f407f02014-07-17 15:35:40 +03004550 /* Allow pairing if we're pairable, the initiators of the
4551 * pairing or if the remote is not requesting bonding.
4552 */
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07004553 if (hci_dev_test_flag(hdev, HCI_BONDABLE) ||
Johan Hedberg2f407f02014-07-17 15:35:40 +03004554 test_bit(HCI_CONN_AUTH_INITIATOR, &conn->flags) ||
Gustavo Padovan807deac2012-05-17 00:36:24 -03004555 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
Johan Hedberg17fa4b92011-01-25 13:28:33 +02004556 struct hci_cp_io_capability_reply cp;
4557
4558 bacpy(&cp.bdaddr, &ev->bdaddr);
Hemant Gupta7a7f1e72012-01-16 13:34:29 +05304559 /* Change the IO capability from KeyboardDisplay
4560 * to DisplayYesNo as it is not supported by BT spec. */
4561 cp.capability = (conn->io_capability == 0x04) ?
Mikel Astiza7676312013-06-28 10:56:29 +02004562 HCI_IO_DISPLAY_YESNO : conn->io_capability;
Mikel Astizb7f94c82014-04-08 14:21:31 +02004563
4564 /* If we are initiators, there is no remote information yet */
4565 if (conn->remote_auth == 0xff) {
Mikel Astizb16c6602014-04-08 14:21:34 +02004566 /* Request MITM protection if our IO caps allow it
Johan Hedberg4ad51a72014-06-09 14:41:25 +03004567 * except for the no-bonding case.
Mikel Astizb16c6602014-04-08 14:21:34 +02004568 */
Mikel Astiz6fd6b912014-04-08 14:21:32 +02004569 if (conn->io_capability != HCI_IO_NO_INPUT_OUTPUT &&
Johan Hedberg9f743d72014-07-17 11:56:33 +03004570 conn->auth_type != HCI_AT_NO_BONDING)
Johan Hedberg6c538232014-07-11 15:32:23 +03004571 conn->auth_type |= 0x01;
Mikel Astizb7f94c82014-04-08 14:21:31 +02004572 } else {
4573 conn->auth_type = hci_get_auth_req(conn);
Mikel Astizb7f94c82014-04-08 14:21:31 +02004574 }
Johan Hedberg17fa4b92011-01-25 13:28:33 +02004575
Johan Hedberg82c295b2014-07-30 09:22:24 +03004576 /* If we're not bondable, force one of the non-bondable
4577 * authentication requirement values.
4578 */
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07004579 if (!hci_dev_test_flag(hdev, HCI_BONDABLE))
Johan Hedberg82c295b2014-07-30 09:22:24 +03004580 conn->auth_type &= HCI_AT_NO_BONDING_MITM;
4581
4582 cp.authentication = conn->auth_type;
Marcel Holtmanna83ed81e2015-01-27 16:04:32 -08004583 cp.oob_data = bredr_oob_data_present(conn);
Szymon Jancce85ee12011-03-22 13:12:23 +01004584
Johan Hedberg17fa4b92011-01-25 13:28:33 +02004585 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
Gustavo Padovan807deac2012-05-17 00:36:24 -03004586 sizeof(cp), &cp);
Johan Hedberg03b555e2011-01-04 15:40:05 +02004587 } else {
4588 struct hci_cp_io_capability_neg_reply cp;
4589
4590 bacpy(&cp.bdaddr, &ev->bdaddr);
Andrei Emeltchenko9f5a0d72011-11-07 14:20:25 +02004591 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
Johan Hedberg03b555e2011-01-04 15:40:05 +02004592
4593 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
Gustavo Padovan807deac2012-05-17 00:36:24 -03004594 sizeof(cp), &cp);
Johan Hedberg03b555e2011-01-04 15:40:05 +02004595 }
4596
4597unlock:
4598 hci_dev_unlock(hdev);
4599}
4600
Gustavo Padovan6039aa72012-05-23 04:04:18 -03004601static void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
Johan Hedberg03b555e2011-01-04 15:40:05 +02004602{
4603 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
4604 struct hci_conn *conn;
4605
4606 BT_DBG("%s", hdev->name);
4607
4608 hci_dev_lock(hdev);
4609
4610 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
4611 if (!conn)
4612 goto unlock;
4613
Johan Hedberg03b555e2011-01-04 15:40:05 +02004614 conn->remote_cap = ev->capability;
Johan Hedberg03b555e2011-01-04 15:40:05 +02004615 conn->remote_auth = ev->authentication;
4616
4617unlock:
Marcel Holtmann04936842008-07-14 20:13:48 +02004618 hci_dev_unlock(hdev);
4619}
4620
Gustavo Padovan6039aa72012-05-23 04:04:18 -03004621static void hci_user_confirm_request_evt(struct hci_dev *hdev,
4622 struct sk_buff *skb)
Johan Hedberga5c29682011-02-19 12:05:57 -03004623{
4624 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
Johan Hedberg55bc1a32011-04-28 11:28:56 -07004625 int loc_mitm, rem_mitm, confirm_hint = 0;
Johan Hedberg7a828902011-04-28 11:28:53 -07004626 struct hci_conn *conn;
Johan Hedberga5c29682011-02-19 12:05:57 -03004627
4628 BT_DBG("%s", hdev->name);
4629
4630 hci_dev_lock(hdev);
4631
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07004632 if (!hci_dev_test_flag(hdev, HCI_MGMT))
Johan Hedberg7a828902011-04-28 11:28:53 -07004633 goto unlock;
Johan Hedberga5c29682011-02-19 12:05:57 -03004634
Johan Hedberg7a828902011-04-28 11:28:53 -07004635 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
4636 if (!conn)
4637 goto unlock;
4638
4639 loc_mitm = (conn->auth_type & 0x01);
4640 rem_mitm = (conn->remote_auth & 0x01);
4641
4642 /* If we require MITM but the remote device can't provide that
Johan Hedberg6c538232014-07-11 15:32:23 +03004643 * (it has NoInputNoOutput) then reject the confirmation
4644 * request. We check the security level here since it doesn't
4645 * necessarily match conn->auth_type.
Mikel Astiz6fd6b912014-04-08 14:21:32 +02004646 */
Johan Hedberg6c538232014-07-11 15:32:23 +03004647 if (conn->pending_sec_level > BT_SECURITY_MEDIUM &&
4648 conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT) {
Johan Hedberg7a828902011-04-28 11:28:53 -07004649 BT_DBG("Rejecting request: remote device can't provide MITM");
4650 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
Gustavo Padovan807deac2012-05-17 00:36:24 -03004651 sizeof(ev->bdaddr), &ev->bdaddr);
Johan Hedberg7a828902011-04-28 11:28:53 -07004652 goto unlock;
4653 }
4654
4655 /* If no side requires MITM protection; auto-accept */
Mikel Astiza7676312013-06-28 10:56:29 +02004656 if ((!loc_mitm || conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT) &&
4657 (!rem_mitm || conn->io_capability == HCI_IO_NO_INPUT_OUTPUT)) {
Johan Hedberg55bc1a32011-04-28 11:28:56 -07004658
4659 /* If we're not the initiators request authorization to
4660 * proceed from user space (mgmt_user_confirm with
Johan Hedbergba15a582014-06-09 13:58:14 +03004661 * confirm_hint set to 1). The exception is if neither
Johan Hedberg02f3e252014-07-16 15:09:13 +03004662 * side had MITM or if the local IO capability is
4663 * NoInputNoOutput, in which case we do auto-accept
Johan Hedbergba15a582014-06-09 13:58:14 +03004664 */
4665 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) &&
Johan Hedberg02f3e252014-07-16 15:09:13 +03004666 conn->io_capability != HCI_IO_NO_INPUT_OUTPUT &&
Johan Hedbergba15a582014-06-09 13:58:14 +03004667 (loc_mitm || rem_mitm)) {
Johan Hedberg55bc1a32011-04-28 11:28:56 -07004668 BT_DBG("Confirming auto-accept as acceptor");
4669 confirm_hint = 1;
4670 goto confirm;
4671 }
4672
Howard Chungcee5f202020-02-14 19:16:41 +08004673 /* If there already exists link key in local host, leave the
4674 * decision to user space since the remote device could be
4675 * legitimate or malicious.
4676 */
4677 if (hci_find_link_key(hdev, &ev->bdaddr)) {
4678 bt_dev_dbg(hdev, "Local host already has link key");
4679 confirm_hint = 1;
4680 goto confirm;
4681 }
4682
Johan Hedberg9f616562011-04-28 11:28:54 -07004683 BT_DBG("Auto-accept of user confirmation with %ums delay",
Gustavo Padovan807deac2012-05-17 00:36:24 -03004684 hdev->auto_accept_delay);
Johan Hedberg9f616562011-04-28 11:28:54 -07004685
4686 if (hdev->auto_accept_delay > 0) {
4687 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
Johan Hedberg7bc18d92013-10-16 18:11:39 +03004688 queue_delayed_work(conn->hdev->workqueue,
4689 &conn->auto_accept_work, delay);
Johan Hedberg9f616562011-04-28 11:28:54 -07004690 goto unlock;
4691 }
4692
Johan Hedberg7a828902011-04-28 11:28:53 -07004693 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
Gustavo Padovan807deac2012-05-17 00:36:24 -03004694 sizeof(ev->bdaddr), &ev->bdaddr);
Johan Hedberg7a828902011-04-28 11:28:53 -07004695 goto unlock;
4696 }
4697
Johan Hedberg55bc1a32011-04-28 11:28:56 -07004698confirm:
Johan Hedberg39adbff2014-03-20 08:18:14 +02004699 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0,
4700 le32_to_cpu(ev->passkey), confirm_hint);
Johan Hedberg7a828902011-04-28 11:28:53 -07004701
4702unlock:
Johan Hedberga5c29682011-02-19 12:05:57 -03004703 hci_dev_unlock(hdev);
4704}
4705
Gustavo Padovan6039aa72012-05-23 04:04:18 -03004706static void hci_user_passkey_request_evt(struct hci_dev *hdev,
4707 struct sk_buff *skb)
Brian Gix1143d452011-11-23 08:28:34 -08004708{
4709 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
4710
4711 BT_DBG("%s", hdev->name);
4712
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07004713 if (hci_dev_test_flag(hdev, HCI_MGMT))
Johan Hedberg272d90d2012-02-09 15:26:12 +02004714 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
Brian Gix1143d452011-11-23 08:28:34 -08004715}
4716
Johan Hedberg92a25252012-09-06 18:39:26 +03004717static void hci_user_passkey_notify_evt(struct hci_dev *hdev,
4718 struct sk_buff *skb)
4719{
4720 struct hci_ev_user_passkey_notify *ev = (void *) skb->data;
4721 struct hci_conn *conn;
4722
4723 BT_DBG("%s", hdev->name);
4724
4725 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
4726 if (!conn)
4727 return;
4728
4729 conn->passkey_notify = __le32_to_cpu(ev->passkey);
4730 conn->passkey_entered = 0;
4731
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07004732 if (hci_dev_test_flag(hdev, HCI_MGMT))
Johan Hedberg92a25252012-09-06 18:39:26 +03004733 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
4734 conn->dst_type, conn->passkey_notify,
4735 conn->passkey_entered);
4736}
4737
4738static void hci_keypress_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
4739{
4740 struct hci_ev_keypress_notify *ev = (void *) skb->data;
4741 struct hci_conn *conn;
4742
4743 BT_DBG("%s", hdev->name);
4744
4745 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
4746 if (!conn)
4747 return;
4748
4749 switch (ev->type) {
4750 case HCI_KEYPRESS_STARTED:
4751 conn->passkey_entered = 0;
4752 return;
4753
4754 case HCI_KEYPRESS_ENTERED:
4755 conn->passkey_entered++;
4756 break;
4757
4758 case HCI_KEYPRESS_ERASED:
4759 conn->passkey_entered--;
4760 break;
4761
4762 case HCI_KEYPRESS_CLEARED:
4763 conn->passkey_entered = 0;
4764 break;
4765
4766 case HCI_KEYPRESS_COMPLETED:
4767 return;
4768 }
4769
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07004770 if (hci_dev_test_flag(hdev, HCI_MGMT))
Johan Hedberg92a25252012-09-06 18:39:26 +03004771 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
4772 conn->dst_type, conn->passkey_notify,
4773 conn->passkey_entered);
4774}
4775
Gustavo Padovan6039aa72012-05-23 04:04:18 -03004776static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
4777 struct sk_buff *skb)
Marcel Holtmann04936842008-07-14 20:13:48 +02004778{
4779 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
4780 struct hci_conn *conn;
4781
4782 BT_DBG("%s", hdev->name);
4783
4784 hci_dev_lock(hdev);
4785
4786 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
Johan Hedberg2a611692011-02-19 12:06:00 -03004787 if (!conn)
4788 goto unlock;
Marcel Holtmann04936842008-07-14 20:13:48 +02004789
Johan Hedbergc1d4fa72014-07-17 15:14:50 +03004790 /* Reset the authentication requirement to unknown */
4791 conn->remote_auth = 0xff;
4792
Johan Hedberg2a611692011-02-19 12:06:00 -03004793 /* To avoid duplicate auth_failed events to user space we check
4794 * the HCI_CONN_AUTH_PEND flag which will be set if we
4795 * initiated the authentication. A traditional auth_complete
4796 * event gets always produced as initiator and is also mapped to
4797 * the mgmt_auth_failed event */
Mikel Astizfa1bd912012-08-09 09:52:29 +02004798 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status)
Johan Hedberge1e930f2014-09-08 17:09:49 -07004799 mgmt_auth_failed(conn, ev->status);
Johan Hedberg2a611692011-02-19 12:06:00 -03004800
David Herrmann76a68ba2013-04-06 20:28:37 +02004801 hci_conn_drop(conn);
Johan Hedberg2a611692011-02-19 12:06:00 -03004802
4803unlock:
Marcel Holtmann04936842008-07-14 20:13:48 +02004804 hci_dev_unlock(hdev);
4805}
4806
Gustavo Padovan6039aa72012-05-23 04:04:18 -03004807static void hci_remote_host_features_evt(struct hci_dev *hdev,
4808 struct sk_buff *skb)
Marcel Holtmann41a96212008-07-14 20:13:48 +02004809{
4810 struct hci_ev_remote_host_features *ev = (void *) skb->data;
4811 struct inquiry_entry *ie;
Johan Hedbergcad718e2013-04-17 15:00:51 +03004812 struct hci_conn *conn;
Marcel Holtmann41a96212008-07-14 20:13:48 +02004813
4814 BT_DBG("%s", hdev->name);
4815
4816 hci_dev_lock(hdev);
4817
Johan Hedbergcad718e2013-04-17 15:00:51 +03004818 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
4819 if (conn)
4820 memcpy(conn->features[1], ev->features, 8);
4821
Andrei Emeltchenkocc11b9c2010-11-22 13:21:37 +02004822 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
4823 if (ie)
Johan Hedberg02b7cc62012-02-28 02:28:43 +02004824 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
Marcel Holtmann41a96212008-07-14 20:13:48 +02004825
4826 hci_dev_unlock(hdev);
4827}
4828
Gustavo Padovan6039aa72012-05-23 04:04:18 -03004829static void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
4830 struct sk_buff *skb)
Szymon Janc2763eda2011-03-22 13:12:22 +01004831{
4832 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
4833 struct oob_data *data;
4834
4835 BT_DBG("%s", hdev->name);
4836
4837 hci_dev_lock(hdev);
4838
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07004839 if (!hci_dev_test_flag(hdev, HCI_MGMT))
Szymon Jance1ba1f12011-04-06 13:01:59 +02004840 goto unlock;
4841
Johan Hedberg6928a922014-10-26 20:46:09 +01004842 data = hci_find_remote_oob_data(hdev, &ev->bdaddr, BDADDR_BREDR);
Marcel Holtmann6665d052015-01-27 16:04:31 -08004843 if (!data) {
Szymon Janc2763eda2011-03-22 13:12:22 +01004844 struct hci_cp_remote_oob_data_neg_reply cp;
4845
4846 bacpy(&cp.bdaddr, &ev->bdaddr);
Marcel Holtmann519ca9d2014-01-10 02:07:28 -08004847 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY,
4848 sizeof(cp), &cp);
Marcel Holtmann6665d052015-01-27 16:04:31 -08004849 goto unlock;
4850 }
4851
4852 if (bredr_sc_enabled(hdev)) {
4853 struct hci_cp_remote_oob_ext_data_reply cp;
4854
4855 bacpy(&cp.bdaddr, &ev->bdaddr);
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07004856 if (hci_dev_test_flag(hdev, HCI_SC_ONLY)) {
Marcel Holtmann6665d052015-01-27 16:04:31 -08004857 memset(cp.hash192, 0, sizeof(cp.hash192));
4858 memset(cp.rand192, 0, sizeof(cp.rand192));
4859 } else {
4860 memcpy(cp.hash192, data->hash192, sizeof(cp.hash192));
4861 memcpy(cp.rand192, data->rand192, sizeof(cp.rand192));
4862 }
4863 memcpy(cp.hash256, data->hash256, sizeof(cp.hash256));
4864 memcpy(cp.rand256, data->rand256, sizeof(cp.rand256));
4865
4866 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_EXT_DATA_REPLY,
4867 sizeof(cp), &cp);
4868 } else {
4869 struct hci_cp_remote_oob_data_reply cp;
4870
4871 bacpy(&cp.bdaddr, &ev->bdaddr);
4872 memcpy(cp.hash, data->hash192, sizeof(cp.hash));
4873 memcpy(cp.rand, data->rand192, sizeof(cp.rand));
4874
4875 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY,
4876 sizeof(cp), &cp);
Szymon Janc2763eda2011-03-22 13:12:22 +01004877 }
4878
Szymon Jance1ba1f12011-04-06 13:01:59 +02004879unlock:
Szymon Janc2763eda2011-03-22 13:12:22 +01004880 hci_dev_unlock(hdev);
4881}
4882
Arron Wanga77a6a12015-07-24 17:13:15 +08004883#if IS_ENABLED(CONFIG_BT_HS)
4884static void hci_chan_selected_evt(struct hci_dev *hdev, struct sk_buff *skb)
4885{
4886 struct hci_ev_channel_selected *ev = (void *)skb->data;
4887 struct hci_conn *hcon;
4888
4889 BT_DBG("%s handle 0x%2.2x", hdev->name, ev->phy_handle);
4890
4891 skb_pull(skb, sizeof(*ev));
4892
4893 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
4894 if (!hcon)
4895 return;
4896
4897 amp_read_loc_assoc_final_data(hdev, hcon);
4898}
4899
Andrei Emeltchenkod5e91192012-10-25 15:20:44 +03004900static void hci_phy_link_complete_evt(struct hci_dev *hdev,
4901 struct sk_buff *skb)
4902{
4903 struct hci_ev_phy_link_complete *ev = (void *) skb->data;
4904 struct hci_conn *hcon, *bredr_hcon;
4905
4906 BT_DBG("%s handle 0x%2.2x status 0x%2.2x", hdev->name, ev->phy_handle,
4907 ev->status);
4908
4909 hci_dev_lock(hdev);
4910
4911 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
4912 if (!hcon) {
4913 hci_dev_unlock(hdev);
4914 return;
4915 }
4916
4917 if (ev->status) {
4918 hci_conn_del(hcon);
4919 hci_dev_unlock(hdev);
4920 return;
4921 }
4922
4923 bredr_hcon = hcon->amp_mgr->l2cap_conn->hcon;
4924
4925 hcon->state = BT_CONNECTED;
4926 bacpy(&hcon->dst, &bredr_hcon->dst);
4927
4928 hci_conn_hold(hcon);
4929 hcon->disc_timeout = HCI_DISCONN_TIMEOUT;
David Herrmann76a68ba2013-04-06 20:28:37 +02004930 hci_conn_drop(hcon);
Andrei Emeltchenkod5e91192012-10-25 15:20:44 +03004931
Marcel Holtmann23b9ceb2014-12-20 17:13:41 +01004932 hci_debugfs_create_conn(hcon);
Andrei Emeltchenkod5e91192012-10-25 15:20:44 +03004933 hci_conn_add_sysfs(hcon);
4934
Andrei Emeltchenkocf70ff22012-10-31 15:46:36 +02004935 amp_physical_cfm(bredr_hcon, hcon);
4936
Andrei Emeltchenkod5e91192012-10-25 15:20:44 +03004937 hci_dev_unlock(hdev);
Andrei Emeltchenkod5e91192012-10-25 15:20:44 +03004938}
4939
Andrei Emeltchenko27695fb2012-10-25 15:20:45 +03004940static void hci_loglink_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
4941{
4942 struct hci_ev_logical_link_complete *ev = (void *) skb->data;
4943 struct hci_conn *hcon;
4944 struct hci_chan *hchan;
4945 struct amp_mgr *mgr;
4946
4947 BT_DBG("%s log_handle 0x%4.4x phy_handle 0x%2.2x status 0x%2.2x",
4948 hdev->name, le16_to_cpu(ev->handle), ev->phy_handle,
4949 ev->status);
4950
4951 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
4952 if (!hcon)
4953 return;
4954
4955 /* Create AMP hchan */
4956 hchan = hci_chan_create(hcon);
4957 if (!hchan)
4958 return;
4959
4960 hchan->handle = le16_to_cpu(ev->handle);
4961
4962 BT_DBG("hcon %p mgr %p hchan %p", hcon, hcon->amp_mgr, hchan);
4963
4964 mgr = hcon->amp_mgr;
4965 if (mgr && mgr->bredr_chan) {
4966 struct l2cap_chan *bredr_chan = mgr->bredr_chan;
4967
4968 l2cap_chan_lock(bredr_chan);
4969
4970 bredr_chan->conn->mtu = hdev->block_mtu;
4971 l2cap_logical_cfm(bredr_chan, hchan, 0);
4972 hci_conn_hold(hcon);
4973
4974 l2cap_chan_unlock(bredr_chan);
4975 }
4976}
4977
Andrei Emeltchenko606e2a12012-10-31 15:46:31 +02004978static void hci_disconn_loglink_complete_evt(struct hci_dev *hdev,
4979 struct sk_buff *skb)
4980{
4981 struct hci_ev_disconn_logical_link_complete *ev = (void *) skb->data;
4982 struct hci_chan *hchan;
4983
4984 BT_DBG("%s log handle 0x%4.4x status 0x%2.2x", hdev->name,
4985 le16_to_cpu(ev->handle), ev->status);
4986
4987 if (ev->status)
4988 return;
4989
4990 hci_dev_lock(hdev);
4991
4992 hchan = hci_chan_lookup_handle(hdev, le16_to_cpu(ev->handle));
4993 if (!hchan)
4994 goto unlock;
4995
4996 amp_destroy_logical_link(hchan, ev->reason);
4997
4998unlock:
4999 hci_dev_unlock(hdev);
5000}
5001
Andrei Emeltchenko9eef6b32012-10-31 15:46:32 +02005002static void hci_disconn_phylink_complete_evt(struct hci_dev *hdev,
5003 struct sk_buff *skb)
5004{
5005 struct hci_ev_disconn_phy_link_complete *ev = (void *) skb->data;
5006 struct hci_conn *hcon;
5007
5008 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
5009
5010 if (ev->status)
5011 return;
5012
5013 hci_dev_lock(hdev);
5014
5015 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
5016 if (hcon) {
5017 hcon->state = BT_CLOSED;
5018 hci_conn_del(hcon);
5019 }
5020
5021 hci_dev_unlock(hdev);
5022}
Arron Wanga77a6a12015-07-24 17:13:15 +08005023#endif
Andrei Emeltchenko9eef6b32012-10-31 15:46:32 +02005024
Jaganath Kanakkasseryd12fb052018-07-06 17:05:30 +05305025static void le_conn_complete_evt(struct hci_dev *hdev, u8 status,
5026 bdaddr_t *bdaddr, u8 bdaddr_type, u8 role, u16 handle,
5027 u16 interval, u16 latency, u16 supervision_timeout)
Ville Tervofcd89c02011-02-10 22:38:47 -03005028{
Johan Hedberg912b42ef2014-07-03 19:33:49 +03005029 struct hci_conn_params *params;
Ville Tervofcd89c02011-02-10 22:38:47 -03005030 struct hci_conn *conn;
Johan Hedberg68d6f6d2014-02-18 21:41:32 +02005031 struct smp_irk *irk;
Johan Hedberg837d5022014-07-02 09:36:22 +03005032 u8 addr_type;
Ville Tervofcd89c02011-02-10 22:38:47 -03005033
Ville Tervofcd89c02011-02-10 22:38:47 -03005034 hci_dev_lock(hdev);
5035
Johan Hedbergfbd96c12014-07-08 17:21:51 +03005036 /* All controllers implicitly stop advertising in the event of a
5037 * connection, so ensure that the state bit is cleared.
5038 */
Marcel Holtmanna358dc12015-03-13 02:11:02 -07005039 hci_dev_clear_flag(hdev, HCI_LE_ADV);
Johan Hedbergfbd96c12014-07-08 17:21:51 +03005040
Jakub Pawlowskie7d9ab72015-08-07 20:22:52 +02005041 conn = hci_lookup_le_connect(hdev);
Ville Tervob62f3282011-02-10 22:38:50 -03005042 if (!conn) {
Jaganath Kanakkasseryd12fb052018-07-06 17:05:30 +05305043 conn = hci_conn_add(hdev, LE_LINK, bdaddr, role);
Ville Tervob62f3282011-02-10 22:38:50 -03005044 if (!conn) {
Marcel Holtmann2064ee32017-10-30 10:42:59 +01005045 bt_dev_err(hdev, "no memory for new connection");
Andre Guedes230fd162012-07-27 15:10:10 -03005046 goto unlock;
Ville Tervob62f3282011-02-10 22:38:50 -03005047 }
Andre Guedes29b79882011-05-31 14:20:54 -03005048
Jaganath Kanakkasseryd12fb052018-07-06 17:05:30 +05305049 conn->dst_type = bdaddr_type;
Andre Guedesb9b343d2012-07-27 15:10:11 -03005050
Johan Hedbergcb1d68f2014-02-28 12:54:16 +02005051 /* If we didn't have a hci_conn object previously
5052 * but we're in master role this must be something
5053 * initiated using a white list. Since white list based
5054 * connections are not "first class citizens" we don't
5055 * have full tracking of them. Therefore, we go ahead
5056 * with a "best effort" approach of determining the
5057 * initiator address based on the HCI_PRIVACY flag.
5058 */
5059 if (conn->out) {
Jaganath Kanakkasseryd12fb052018-07-06 17:05:30 +05305060 conn->resp_addr_type = bdaddr_type;
5061 bacpy(&conn->resp_addr, bdaddr);
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07005062 if (hci_dev_test_flag(hdev, HCI_PRIVACY)) {
Johan Hedbergcb1d68f2014-02-28 12:54:16 +02005063 conn->init_addr_type = ADDR_LE_DEV_RANDOM;
5064 bacpy(&conn->init_addr, &hdev->rpa);
5065 } else {
5066 hci_copy_identity_address(hdev,
5067 &conn->init_addr,
5068 &conn->init_addr_type);
5069 }
Johan Hedbergcb1d68f2014-02-28 12:54:16 +02005070 }
Johan Hedberg9489eca2014-02-28 17:45:46 +02005071 } else {
5072 cancel_delayed_work(&conn->le_conn_timeout);
Ville Tervob62f3282011-02-10 22:38:50 -03005073 }
Ville Tervofcd89c02011-02-10 22:38:47 -03005074
Johan Hedberg80c24ab2014-03-24 20:21:51 +02005075 if (!conn->out) {
5076 /* Set the responder (our side) address type based on
5077 * the advertising address type.
5078 */
5079 conn->resp_addr_type = hdev->adv_addr_type;
Jaganath Kanakkasseryacf0aea2018-07-19 17:09:46 +05305080 if (hdev->adv_addr_type == ADDR_LE_DEV_RANDOM) {
5081 /* In case of ext adv, resp_addr will be updated in
5082 * Adv Terminated event.
5083 */
5084 if (!ext_adv_capable(hdev))
5085 bacpy(&conn->resp_addr, &hdev->random_addr);
5086 } else {
Johan Hedberg80c24ab2014-03-24 20:21:51 +02005087 bacpy(&conn->resp_addr, &hdev->bdaddr);
Jaganath Kanakkasseryacf0aea2018-07-19 17:09:46 +05305088 }
Johan Hedberg80c24ab2014-03-24 20:21:51 +02005089
Jaganath Kanakkasseryd12fb052018-07-06 17:05:30 +05305090 conn->init_addr_type = bdaddr_type;
5091 bacpy(&conn->init_addr, bdaddr);
Marcel Holtmanna720d732014-06-23 12:14:51 +02005092
5093 /* For incoming connections, set the default minimum
5094 * and maximum connection interval. They will be used
5095 * to check if the parameters are in range and if not
5096 * trigger the connection update procedure.
5097 */
5098 conn->le_conn_min_interval = hdev->le_conn_min_interval;
5099 conn->le_conn_max_interval = hdev->le_conn_max_interval;
Johan Hedberg80c24ab2014-03-24 20:21:51 +02005100 }
Johan Hedberg7be2edb2014-02-23 19:42:17 +02005101
Marcel Holtmannedb4b462014-02-18 15:13:43 -08005102 /* Lookup the identity address from the stored connection
5103 * address and address type.
5104 *
5105 * When establishing connections to an identity address, the
5106 * connection procedure will store the resolvable random
5107 * address first. Now if it can be converted back into the
5108 * identity address, start using the identity address from
5109 * now on.
5110 */
5111 irk = hci_get_irk(hdev, &conn->dst, conn->dst_type);
Johan Hedberg68d6f6d2014-02-18 21:41:32 +02005112 if (irk) {
5113 bacpy(&conn->dst, &irk->bdaddr);
5114 conn->dst_type = irk->addr_type;
5115 }
5116
Jaganath Kanakkasseryd12fb052018-07-06 17:05:30 +05305117 if (status) {
5118 hci_le_conn_failed(conn, status);
Johan Hedberg837d5022014-07-02 09:36:22 +03005119 goto unlock;
5120 }
5121
Johan Hedberg08853f12014-08-15 21:06:55 +03005122 if (conn->dst_type == ADDR_LE_DEV_PUBLIC)
5123 addr_type = BDADDR_LE_PUBLIC;
5124 else
5125 addr_type = BDADDR_LE_RANDOM;
5126
Johan Hedberg2d3c2262014-07-15 11:51:28 +03005127 /* Drop the connection if the device is blocked */
5128 if (hci_bdaddr_list_lookup(&hdev->blacklist, &conn->dst, addr_type)) {
5129 hci_conn_drop(conn);
Andre Guedescd17dec2012-07-27 15:10:16 -03005130 goto unlock;
5131 }
5132
Johan Hedbergb644ba32012-01-17 21:48:47 +02005133 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
Alfonso Acosta48ec92f2014-10-07 08:44:10 +00005134 mgmt_device_connected(hdev, conn, 0, NULL, 0);
Vinicius Costa Gomes83bc71b2011-05-06 18:41:43 -03005135
Vinicius Costa Gomes7b5c0d52011-06-09 18:50:50 -03005136 conn->sec_level = BT_SECURITY_LOW;
Jaganath Kanakkasseryd12fb052018-07-06 17:05:30 +05305137 conn->handle = handle;
Marcel Holtmann0fe29fd2015-04-08 09:05:27 -07005138 conn->state = BT_CONFIG;
Ville Tervofcd89c02011-02-10 22:38:47 -03005139
Jaganath Kanakkasseryd12fb052018-07-06 17:05:30 +05305140 conn->le_conn_interval = interval;
5141 conn->le_conn_latency = latency;
5142 conn->le_supv_timeout = supervision_timeout;
Marcel Holtmanne04fde62014-06-23 11:40:04 +02005143
Marcel Holtmann23b9ceb2014-12-20 17:13:41 +01005144 hci_debugfs_create_conn(conn);
Ville Tervofcd89c02011-02-10 22:38:47 -03005145 hci_conn_add_sysfs(conn);
5146
Colin Ian Kingd17010b2018-10-10 15:37:31 +01005147 /* The remote features procedure is defined for master
5148 * role only. So only in case of an initiated connection
5149 * request the remote features.
5150 *
5151 * If the local controller supports slave-initiated features
5152 * exchange, then requesting the remote features in slave
5153 * role is possible. Otherwise just transition into the
5154 * connected state without requesting the remote features.
5155 */
5156 if (conn->out ||
5157 (hdev->le_features[0] & HCI_LE_SLAVE_FEATURES)) {
5158 struct hci_cp_le_read_remote_features cp;
Marcel Holtmann0fe29fd2015-04-08 09:05:27 -07005159
Colin Ian Kingd17010b2018-10-10 15:37:31 +01005160 cp.handle = __cpu_to_le16(conn->handle);
Marcel Holtmann0fe29fd2015-04-08 09:05:27 -07005161
Colin Ian Kingd17010b2018-10-10 15:37:31 +01005162 hci_send_cmd(hdev, HCI_OP_LE_READ_REMOTE_FEATURES,
5163 sizeof(cp), &cp);
Marcel Holtmann0fe29fd2015-04-08 09:05:27 -07005164
Colin Ian Kingd17010b2018-10-10 15:37:31 +01005165 hci_conn_hold(conn);
Marcel Holtmann0fe29fd2015-04-08 09:05:27 -07005166 } else {
Colin Ian Kingd17010b2018-10-10 15:37:31 +01005167 conn->state = BT_CONNECTED;
Jaganath Kanakkasseryd12fb052018-07-06 17:05:30 +05305168 hci_connect_cfm(conn, status);
Marcel Holtmann0fe29fd2015-04-08 09:05:27 -07005169 }
Ville Tervofcd89c02011-02-10 22:38:47 -03005170
Johan Hedberg54776102014-08-15 21:06:56 +03005171 params = hci_pend_le_action_lookup(&hdev->pend_le_conns, &conn->dst,
5172 conn->dst_type);
Johan Hedbergf161dd42014-08-15 21:06:54 +03005173 if (params) {
Johan Hedberg95305ba2014-07-04 12:37:21 +03005174 list_del_init(&params->action);
Johan Hedbergf161dd42014-08-15 21:06:54 +03005175 if (params->conn) {
5176 hci_conn_drop(params->conn);
Johan Hedbergf8aaf9b2014-08-17 23:28:57 +03005177 hci_conn_put(params->conn);
Johan Hedbergf161dd42014-08-15 21:06:54 +03005178 params->conn = NULL;
5179 }
5180 }
Andre Guedesa4790db2014-02-26 20:21:47 -03005181
Ville Tervofcd89c02011-02-10 22:38:47 -03005182unlock:
Johan Hedberg223683a52014-07-06 15:44:23 +03005183 hci_update_background_scan(hdev);
Ville Tervofcd89c02011-02-10 22:38:47 -03005184 hci_dev_unlock(hdev);
5185}
5186
Jaganath Kanakkasseryd12fb052018-07-06 17:05:30 +05305187static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
5188{
5189 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
5190
5191 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
5192
5193 le_conn_complete_evt(hdev, ev->status, &ev->bdaddr, ev->bdaddr_type,
5194 ev->role, le16_to_cpu(ev->handle),
5195 le16_to_cpu(ev->interval),
5196 le16_to_cpu(ev->latency),
5197 le16_to_cpu(ev->supervision_timeout));
5198}
5199
Jaganath Kanakkassery4d94f952018-07-06 22:50:32 +02005200static void hci_le_enh_conn_complete_evt(struct hci_dev *hdev,
5201 struct sk_buff *skb)
5202{
5203 struct hci_ev_le_enh_conn_complete *ev = (void *) skb->data;
5204
5205 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
5206
5207 le_conn_complete_evt(hdev, ev->status, &ev->bdaddr, ev->bdaddr_type,
5208 ev->role, le16_to_cpu(ev->handle),
5209 le16_to_cpu(ev->interval),
5210 le16_to_cpu(ev->latency),
5211 le16_to_cpu(ev->supervision_timeout));
5212}
5213
Jaganath Kanakkasseryacf0aea2018-07-19 17:09:46 +05305214static void hci_le_ext_adv_term_evt(struct hci_dev *hdev, struct sk_buff *skb)
5215{
5216 struct hci_evt_le_ext_adv_set_term *ev = (void *) skb->data;
5217 struct hci_conn *conn;
5218
5219 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
5220
5221 if (ev->status)
5222 return;
5223
5224 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->conn_handle));
5225 if (conn) {
5226 struct adv_info *adv_instance;
5227
5228 if (hdev->adv_addr_type != ADDR_LE_DEV_RANDOM)
5229 return;
5230
5231 if (!hdev->cur_adv_instance) {
5232 bacpy(&conn->resp_addr, &hdev->random_addr);
5233 return;
5234 }
5235
5236 adv_instance = hci_find_adv_instance(hdev, hdev->cur_adv_instance);
5237 if (adv_instance)
5238 bacpy(&conn->resp_addr, &adv_instance->random_addr);
5239 }
5240}
5241
Marcel Holtmann1855d922014-06-23 11:40:05 +02005242static void hci_le_conn_update_complete_evt(struct hci_dev *hdev,
5243 struct sk_buff *skb)
5244{
5245 struct hci_ev_le_conn_update_complete *ev = (void *) skb->data;
5246 struct hci_conn *conn;
5247
5248 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
5249
5250 if (ev->status)
5251 return;
5252
5253 hci_dev_lock(hdev);
5254
5255 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
5256 if (conn) {
5257 conn->le_conn_interval = le16_to_cpu(ev->interval);
5258 conn->le_conn_latency = le16_to_cpu(ev->latency);
5259 conn->le_supv_timeout = le16_to_cpu(ev->supervision_timeout);
5260 }
5261
5262 hci_dev_unlock(hdev);
5263}
5264
Andre Guedesa4790db2014-02-26 20:21:47 -03005265/* This function requires the caller holds hdev->lock */
Alfonso Acostafd45ada2014-10-07 08:44:11 +00005266static struct hci_conn *check_pending_le_conn(struct hci_dev *hdev,
5267 bdaddr_t *addr,
Szymon Janc082f2302018-04-03 13:40:06 +02005268 u8 addr_type, u8 adv_type,
5269 bdaddr_t *direct_rpa)
Andre Guedesa4790db2014-02-26 20:21:47 -03005270{
5271 struct hci_conn *conn;
Marcel Holtmann4b9e7e72014-07-23 21:55:23 +02005272 struct hci_conn_params *params;
Andre Guedesa4790db2014-02-26 20:21:47 -03005273
Johan Hedberg1c1abca2014-07-07 12:45:53 +03005274 /* If the event is not connectable don't proceed further */
5275 if (adv_type != LE_ADV_IND && adv_type != LE_ADV_DIRECT_IND)
Alfonso Acostafd45ada2014-10-07 08:44:11 +00005276 return NULL;
Johan Hedberg1c1abca2014-07-07 12:45:53 +03005277
5278 /* Ignore if the device is blocked */
Johan Hedbergdcc36c12014-07-09 12:59:13 +03005279 if (hci_bdaddr_list_lookup(&hdev->blacklist, addr, addr_type))
Alfonso Acostafd45ada2014-10-07 08:44:11 +00005280 return NULL;
Johan Hedberg1c1abca2014-07-07 12:45:53 +03005281
Johan Hedbergf99353c2014-07-16 11:56:09 +03005282 /* Most controller will fail if we try to create new connections
5283 * while we have an existing one in slave role.
5284 */
Alain Michaud4364f2e2020-04-23 14:43:29 +00005285 if (hdev->conn_hash.le_num_slave > 0 &&
5286 (!test_bit(HCI_QUIRK_VALID_LE_STATES, &hdev->quirks) ||
5287 !(hdev->le_states[3] & 0x10)))
Alfonso Acostafd45ada2014-10-07 08:44:11 +00005288 return NULL;
Johan Hedbergf99353c2014-07-16 11:56:09 +03005289
Johan Hedberg1c1abca2014-07-07 12:45:53 +03005290 /* If we're not connectable only connect devices that we have in
5291 * our pend_le_conns list.
5292 */
Johan Hedberg49c50922015-10-16 10:07:51 +03005293 params = hci_pend_le_action_lookup(&hdev->pend_le_conns, addr,
5294 addr_type);
Marcel Holtmann4b9e7e72014-07-23 21:55:23 +02005295 if (!params)
Alfonso Acostafd45ada2014-10-07 08:44:11 +00005296 return NULL;
Andre Guedesa4790db2014-02-26 20:21:47 -03005297
Jakub Pawlowski28a667c2015-08-07 20:22:54 +02005298 if (!params->explicit_connect) {
5299 switch (params->auto_connect) {
5300 case HCI_AUTO_CONN_DIRECT:
5301 /* Only devices advertising with ADV_DIRECT_IND are
5302 * triggering a connection attempt. This is allowing
5303 * incoming connections from slave devices.
5304 */
5305 if (adv_type != LE_ADV_DIRECT_IND)
5306 return NULL;
5307 break;
5308 case HCI_AUTO_CONN_ALWAYS:
5309 /* Devices advertising with ADV_IND or ADV_DIRECT_IND
5310 * are triggering a connection attempt. This means
Alain Michaud1e5479b2020-04-03 13:49:05 +00005311 * that incoming connections from slave device are
Jakub Pawlowski28a667c2015-08-07 20:22:54 +02005312 * accepted and also outgoing connections to slave
5313 * devices are established when found.
5314 */
5315 break;
5316 default:
Alfonso Acostafd45ada2014-10-07 08:44:11 +00005317 return NULL;
Jakub Pawlowski28a667c2015-08-07 20:22:54 +02005318 }
Marcel Holtmann4b9e7e72014-07-23 21:55:23 +02005319 }
5320
Andre Guedesa4790db2014-02-26 20:21:47 -03005321 conn = hci_connect_le(hdev, addr, addr_type, BT_SECURITY_LOW,
Szymon Janc082f2302018-04-03 13:40:06 +02005322 HCI_LE_AUTOCONN_TIMEOUT, HCI_ROLE_MASTER,
5323 direct_rpa);
Johan Hedbergf161dd42014-08-15 21:06:54 +03005324 if (!IS_ERR(conn)) {
Jakub Pawlowski28a667c2015-08-07 20:22:54 +02005325 /* If HCI_AUTO_CONN_EXPLICIT is set, conn is already owned
5326 * by higher layer that tried to connect, if no then
5327 * store the pointer since we don't really have any
Johan Hedbergf161dd42014-08-15 21:06:54 +03005328 * other owner of the object besides the params that
5329 * triggered it. This way we can abort the connection if
5330 * the parameters get removed and keep the reference
5331 * count consistent once the connection is established.
5332 */
Jakub Pawlowski28a667c2015-08-07 20:22:54 +02005333
5334 if (!params->explicit_connect)
5335 params->conn = hci_conn_get(conn);
5336
Alfonso Acostafd45ada2014-10-07 08:44:11 +00005337 return conn;
Johan Hedbergf161dd42014-08-15 21:06:54 +03005338 }
Andre Guedesa4790db2014-02-26 20:21:47 -03005339
5340 switch (PTR_ERR(conn)) {
5341 case -EBUSY:
5342 /* If hci_connect() returns -EBUSY it means there is already
5343 * an LE connection attempt going on. Since controllers don't
5344 * support more than one connection attempt at the time, we
5345 * don't consider this an error case.
5346 */
5347 break;
5348 default:
5349 BT_DBG("Failed to connect: err %ld", PTR_ERR(conn));
Alfonso Acostafd45ada2014-10-07 08:44:11 +00005350 return NULL;
Andre Guedesa4790db2014-02-26 20:21:47 -03005351 }
Alfonso Acostafd45ada2014-10-07 08:44:11 +00005352
5353 return NULL;
Andre Guedesa4790db2014-02-26 20:21:47 -03005354}
5355
Johan Hedberg4af605d2014-03-24 10:48:00 +02005356static void process_adv_report(struct hci_dev *hdev, u8 type, bdaddr_t *bdaddr,
Marcel Holtmann2f010b52014-12-05 16:20:13 +01005357 u8 bdaddr_type, bdaddr_t *direct_addr,
5358 u8 direct_addr_type, s8 rssi, u8 *data, u8 len)
Johan Hedberg4af605d2014-03-24 10:48:00 +02005359{
Johan Hedbergb9a63282014-03-25 10:51:52 +02005360 struct discovery_state *d = &hdev->discovery;
Johan Hedberg1c1abca2014-07-07 12:45:53 +03005361 struct smp_irk *irk;
Alfonso Acostafd45ada2014-10-07 08:44:11 +00005362 struct hci_conn *conn;
Johan Hedberg474ee062014-03-25 14:34:59 +02005363 bool match;
Marcel Holtmannc70a7e42014-07-01 14:11:21 +02005364 u32 flags;
Szymon Janc68183752015-09-16 20:21:54 +02005365 u8 *ptr, real_len;
5366
Johan Hedberg56b40fb2016-04-07 21:01:27 +03005367 switch (type) {
5368 case LE_ADV_IND:
5369 case LE_ADV_DIRECT_IND:
5370 case LE_ADV_SCAN_IND:
5371 case LE_ADV_NONCONN_IND:
5372 case LE_ADV_SCAN_RSP:
5373 break;
5374 default:
Marcel Holtmann2064ee32017-10-30 10:42:59 +01005375 bt_dev_err_ratelimited(hdev, "unknown advertising packet "
5376 "type: 0x%02x", type);
Johan Hedberg56b40fb2016-04-07 21:01:27 +03005377 return;
5378 }
5379
Szymon Janc68183752015-09-16 20:21:54 +02005380 /* Find the end of the data in case the report contains padded zero
5381 * bytes at the end causing an invalid length value.
5382 *
5383 * When data is NULL, len is 0 so there is no need for extra ptr
5384 * check as 'ptr < data + 0' is already false in such case.
5385 */
5386 for (ptr = data; ptr < data + len && *ptr; ptr += *ptr + 1) {
5387 if (ptr + 1 + *ptr > data + len)
5388 break;
5389 }
5390
5391 real_len = ptr - data;
5392
5393 /* Adjust for actual length */
5394 if (len != real_len) {
Daniels Umanovskis943d5d922020-04-09 13:18:29 +02005395 bt_dev_err_ratelimited(hdev, "advertising data len corrected %u -> %u",
5396 len, real_len);
Szymon Janc68183752015-09-16 20:21:54 +02005397 len = real_len;
5398 }
Johan Hedbergb9a63282014-03-25 10:51:52 +02005399
Marcel Holtmann2f010b52014-12-05 16:20:13 +01005400 /* If the direct address is present, then this report is from
5401 * a LE Direct Advertising Report event. In that case it is
5402 * important to see if the address is matching the local
5403 * controller address.
5404 */
5405 if (direct_addr) {
5406 /* Only resolvable random addresses are valid for these
5407 * kind of reports and others can be ignored.
5408 */
5409 if (!hci_bdaddr_is_rpa(direct_addr, direct_addr_type))
5410 return;
5411
5412 /* If the controller is not using resolvable random
5413 * addresses, then this report can be ignored.
5414 */
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07005415 if (!hci_dev_test_flag(hdev, HCI_PRIVACY))
Marcel Holtmann2f010b52014-12-05 16:20:13 +01005416 return;
5417
5418 /* If the local IRK of the controller does not match
5419 * with the resolvable random address provided, then
5420 * this report can be ignored.
5421 */
5422 if (!smp_irk_matches(hdev, hdev->irk, direct_addr))
5423 return;
5424 }
5425
Johan Hedberg1c1abca2014-07-07 12:45:53 +03005426 /* Check if we need to convert to identity address */
5427 irk = hci_get_irk(hdev, bdaddr, bdaddr_type);
5428 if (irk) {
5429 bdaddr = &irk->bdaddr;
5430 bdaddr_type = irk->addr_type;
5431 }
5432
Szymon Janc082f2302018-04-03 13:40:06 +02005433 /* Check if we have been requested to connect to this device.
5434 *
5435 * direct_addr is set only for directed advertising reports (it is NULL
5436 * for advertising reports) and is already verified to be RPA above.
5437 */
5438 conn = check_pending_le_conn(hdev, bdaddr, bdaddr_type, type,
5439 direct_addr);
Alfonso Acostafd45ada2014-10-07 08:44:11 +00005440 if (conn && type == LE_ADV_IND) {
5441 /* Store report for later inclusion by
5442 * mgmt_device_connected
5443 */
5444 memcpy(conn->le_adv_data, data, len);
5445 conn->le_adv_data_len = len;
5446 }
Johan Hedberg1c1abca2014-07-07 12:45:53 +03005447
Johan Hedberg0d2bf132014-07-02 22:42:02 +03005448 /* Passive scanning shouldn't trigger any device found events,
5449 * except for devices marked as CONN_REPORT for which we do send
5450 * device found events.
5451 */
Johan Hedbergca5c4be2014-03-25 10:30:46 +02005452 if (hdev->le_scan_type == LE_SCAN_PASSIVE) {
Johan Hedberg0d2bf132014-07-02 22:42:02 +03005453 if (type == LE_ADV_DIRECT_IND)
5454 return;
5455
Johan Hedberg3a19b6f2014-07-15 08:07:59 +03005456 if (!hci_pend_le_action_lookup(&hdev->pend_le_reports,
5457 bdaddr, bdaddr_type))
Johan Hedberg0d2bf132014-07-02 22:42:02 +03005458 return;
5459
5460 if (type == LE_ADV_NONCONN_IND || type == LE_ADV_SCAN_IND)
5461 flags = MGMT_DEV_FOUND_NOT_CONNECTABLE;
5462 else
5463 flags = 0;
5464 mgmt_device_found(hdev, bdaddr, LE_LINK, bdaddr_type, NULL,
5465 rssi, flags, data, len, NULL, 0);
Johan Hedberg97bf2e92014-07-04 12:37:16 +03005466 return;
Johan Hedbergca5c4be2014-03-25 10:30:46 +02005467 }
Johan Hedberg4af605d2014-03-24 10:48:00 +02005468
Marcel Holtmannc70a7e42014-07-01 14:11:21 +02005469 /* When receiving non-connectable or scannable undirected
5470 * advertising reports, this means that the remote device is
5471 * not connectable and then clearly indicate this in the
5472 * device found event.
5473 *
5474 * When receiving a scan response, then there is no way to
5475 * know if the remote device is connectable or not. However
5476 * since scan responses are merged with a previously seen
5477 * advertising report, the flags field from that report
5478 * will be used.
5479 *
5480 * In the really unlikely case that a controller get confused
5481 * and just sends a scan response event, then it is marked as
5482 * not connectable as well.
5483 */
5484 if (type == LE_ADV_NONCONN_IND || type == LE_ADV_SCAN_IND ||
5485 type == LE_ADV_SCAN_RSP)
5486 flags = MGMT_DEV_FOUND_NOT_CONNECTABLE;
5487 else
5488 flags = 0;
5489
Johan Hedbergb9a63282014-03-25 10:51:52 +02005490 /* If there's nothing pending either store the data from this
5491 * event or send an immediate device found event if the data
5492 * should not be stored for later.
5493 */
5494 if (!has_pending_adv_report(hdev)) {
5495 /* If the report will trigger a SCAN_REQ store it for
5496 * later merging.
5497 */
5498 if (type == LE_ADV_IND || type == LE_ADV_SCAN_IND) {
5499 store_pending_adv_report(hdev, bdaddr, bdaddr_type,
Marcel Holtmannc70a7e42014-07-01 14:11:21 +02005500 rssi, flags, data, len);
Johan Hedbergb9a63282014-03-25 10:51:52 +02005501 return;
5502 }
5503
5504 mgmt_device_found(hdev, bdaddr, LE_LINK, bdaddr_type, NULL,
Marcel Holtmannc70a7e42014-07-01 14:11:21 +02005505 rssi, flags, data, len, NULL, 0);
Johan Hedbergb9a63282014-03-25 10:51:52 +02005506 return;
5507 }
5508
Johan Hedberg474ee062014-03-25 14:34:59 +02005509 /* Check if the pending report is for the same device as the new one */
5510 match = (!bacmp(bdaddr, &d->last_adv_addr) &&
5511 bdaddr_type == d->last_adv_addr_type);
5512
Johan Hedbergb9a63282014-03-25 10:51:52 +02005513 /* If the pending data doesn't match this report or this isn't a
5514 * scan response (e.g. we got a duplicate ADV_IND) then force
5515 * sending of the pending data.
5516 */
Johan Hedberg474ee062014-03-25 14:34:59 +02005517 if (type != LE_ADV_SCAN_RSP || !match) {
5518 /* Send out whatever is in the cache, but skip duplicates */
5519 if (!match)
5520 mgmt_device_found(hdev, &d->last_adv_addr, LE_LINK,
Johan Hedbergff5cd292014-03-25 14:40:52 +02005521 d->last_adv_addr_type, NULL,
Marcel Holtmannc70a7e42014-07-01 14:11:21 +02005522 d->last_adv_rssi, d->last_adv_flags,
Johan Hedbergff5cd292014-03-25 14:40:52 +02005523 d->last_adv_data,
Johan Hedberg474ee062014-03-25 14:34:59 +02005524 d->last_adv_data_len, NULL, 0);
Johan Hedbergb9a63282014-03-25 10:51:52 +02005525
5526 /* If the new report will trigger a SCAN_REQ store it for
5527 * later merging.
5528 */
5529 if (type == LE_ADV_IND || type == LE_ADV_SCAN_IND) {
5530 store_pending_adv_report(hdev, bdaddr, bdaddr_type,
Marcel Holtmannc70a7e42014-07-01 14:11:21 +02005531 rssi, flags, data, len);
Johan Hedbergb9a63282014-03-25 10:51:52 +02005532 return;
5533 }
5534
5535 /* The advertising reports cannot be merged, so clear
5536 * the pending report and send out a device found event.
5537 */
5538 clear_pending_adv_report(hdev);
Johan Hedberg5c5b93e2014-03-29 08:39:53 +02005539 mgmt_device_found(hdev, bdaddr, LE_LINK, bdaddr_type, NULL,
Marcel Holtmannc70a7e42014-07-01 14:11:21 +02005540 rssi, flags, data, len, NULL, 0);
Johan Hedbergb9a63282014-03-25 10:51:52 +02005541 return;
5542 }
5543
5544 /* If we get here we've got a pending ADV_IND or ADV_SCAN_IND and
5545 * the new event is a SCAN_RSP. We can therefore proceed with
5546 * sending a merged device found event.
5547 */
5548 mgmt_device_found(hdev, &d->last_adv_addr, LE_LINK,
Marcel Holtmannc70a7e42014-07-01 14:11:21 +02005549 d->last_adv_addr_type, NULL, rssi, d->last_adv_flags,
Marcel Holtmann42bd6a52014-07-01 14:11:19 +02005550 d->last_adv_data, d->last_adv_data_len, data, len);
Johan Hedbergb9a63282014-03-25 10:51:52 +02005551 clear_pending_adv_report(hdev);
Johan Hedberg4af605d2014-03-24 10:48:00 +02005552}
5553
Gustavo Padovan6039aa72012-05-23 04:04:18 -03005554static void hci_le_adv_report_evt(struct hci_dev *hdev, struct sk_buff *skb)
Andre Guedes9aa04c92011-05-26 16:23:51 -03005555{
Andre Guedese95beb42011-09-26 20:48:35 -03005556 u8 num_reports = skb->data[0];
5557 void *ptr = &skb->data[1];
Andre Guedes9aa04c92011-05-26 16:23:51 -03005558
Andre Guedesa4790db2014-02-26 20:21:47 -03005559 hci_dev_lock(hdev);
5560
Andre Guedese95beb42011-09-26 20:48:35 -03005561 while (num_reports--) {
5562 struct hci_ev_le_advertising_info *ev = ptr;
Johan Hedberg4af605d2014-03-24 10:48:00 +02005563 s8 rssi;
Andre Guedesa4790db2014-02-26 20:21:47 -03005564
Chriz Chowee649342018-04-20 15:46:24 +08005565 if (ev->length <= HCI_MAX_AD_LENGTH) {
5566 rssi = ev->data[ev->length];
5567 process_adv_report(hdev, ev->evt_type, &ev->bdaddr,
5568 ev->bdaddr_type, NULL, 0, rssi,
5569 ev->data, ev->length);
5570 } else {
5571 bt_dev_err(hdev, "Dropping invalid advertising data");
5572 }
Andre Guedes3c9e9192012-01-10 18:20:50 -03005573
Andre Guedese95beb42011-09-26 20:48:35 -03005574 ptr += sizeof(*ev) + ev->length + 1;
Andre Guedes9aa04c92011-05-26 16:23:51 -03005575 }
Andre Guedesa4790db2014-02-26 20:21:47 -03005576
5577 hci_dev_unlock(hdev);
Andre Guedes9aa04c92011-05-26 16:23:51 -03005578}
5579
Marcel Holtmann657cc642019-12-11 11:34:36 +01005580static u8 ext_evt_type_to_legacy(struct hci_dev *hdev, u16 evt_type)
Jaganath Kanakkasseryc215e932018-07-06 17:05:29 +05305581{
Jaganath Kanakkasseryb2cc9762018-07-19 17:09:38 +05305582 if (evt_type & LE_EXT_ADV_LEGACY_PDU) {
5583 switch (evt_type) {
5584 case LE_LEGACY_ADV_IND:
5585 return LE_ADV_IND;
5586 case LE_LEGACY_ADV_DIRECT_IND:
5587 return LE_ADV_DIRECT_IND;
5588 case LE_LEGACY_ADV_SCAN_IND:
5589 return LE_ADV_SCAN_IND;
5590 case LE_LEGACY_NONCONN_IND:
5591 return LE_ADV_NONCONN_IND;
5592 case LE_LEGACY_SCAN_RSP_ADV:
5593 case LE_LEGACY_SCAN_RSP_ADV_SCAN:
5594 return LE_ADV_SCAN_RSP;
5595 }
5596
Marcel Holtmann657cc642019-12-11 11:34:36 +01005597 goto invalid;
Jaganath Kanakkasseryc215e932018-07-06 17:05:29 +05305598 }
5599
Jaganath Kanakkasseryb2cc9762018-07-19 17:09:38 +05305600 if (evt_type & LE_EXT_ADV_CONN_IND) {
5601 if (evt_type & LE_EXT_ADV_DIRECT_IND)
5602 return LE_ADV_DIRECT_IND;
5603
5604 return LE_ADV_IND;
5605 }
5606
5607 if (evt_type & LE_EXT_ADV_SCAN_RSP)
5608 return LE_ADV_SCAN_RSP;
5609
5610 if (evt_type & LE_EXT_ADV_SCAN_IND)
5611 return LE_ADV_SCAN_IND;
5612
5613 if (evt_type == LE_EXT_ADV_NON_CONN_IND ||
5614 evt_type & LE_EXT_ADV_DIRECT_IND)
5615 return LE_ADV_NONCONN_IND;
5616
Marcel Holtmann657cc642019-12-11 11:34:36 +01005617invalid:
5618 bt_dev_err_ratelimited(hdev, "Unknown advertising packet type: 0x%02x",
5619 evt_type);
Jaganath Kanakkasseryc215e932018-07-06 17:05:29 +05305620
5621 return LE_ADV_INVALID;
5622}
5623
5624static void hci_le_ext_adv_report_evt(struct hci_dev *hdev, struct sk_buff *skb)
5625{
5626 u8 num_reports = skb->data[0];
5627 void *ptr = &skb->data[1];
5628
5629 hci_dev_lock(hdev);
5630
5631 while (num_reports--) {
5632 struct hci_ev_le_ext_adv_report *ev = ptr;
5633 u8 legacy_evt_type;
5634 u16 evt_type;
5635
5636 evt_type = __le16_to_cpu(ev->evt_type);
Marcel Holtmann657cc642019-12-11 11:34:36 +01005637 legacy_evt_type = ext_evt_type_to_legacy(hdev, evt_type);
Jaganath Kanakkasseryc215e932018-07-06 17:05:29 +05305638 if (legacy_evt_type != LE_ADV_INVALID) {
5639 process_adv_report(hdev, legacy_evt_type, &ev->bdaddr,
5640 ev->bdaddr_type, NULL, 0, ev->rssi,
5641 ev->data, ev->length);
5642 }
5643
Jaganath Kanakkasserycd9151b2019-04-03 12:11:44 +05305644 ptr += sizeof(*ev) + ev->length;
Jaganath Kanakkasseryc215e932018-07-06 17:05:29 +05305645 }
5646
5647 hci_dev_unlock(hdev);
5648}
5649
Marcel Holtmann0fe29fd2015-04-08 09:05:27 -07005650static void hci_le_remote_feat_complete_evt(struct hci_dev *hdev,
5651 struct sk_buff *skb)
5652{
5653 struct hci_ev_le_remote_feat_complete *ev = (void *)skb->data;
5654 struct hci_conn *conn;
5655
5656 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
5657
5658 hci_dev_lock(hdev);
5659
5660 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
5661 if (conn) {
5662 if (!ev->status)
5663 memcpy(conn->features[0], ev->features, 8);
5664
5665 if (conn->state == BT_CONFIG) {
5666 __u8 status;
5667
5668 /* If the local controller supports slave-initiated
5669 * features exchange, but the remote controller does
5670 * not, then it is possible that the error code 0x1a
5671 * for unsupported remote feature gets returned.
5672 *
5673 * In this specific case, allow the connection to
5674 * transition into connected state and mark it as
5675 * successful.
5676 */
5677 if ((hdev->le_features[0] & HCI_LE_SLAVE_FEATURES) &&
5678 !conn->out && ev->status == 0x1a)
5679 status = 0x00;
5680 else
5681 status = ev->status;
5682
5683 conn->state = BT_CONNECTED;
5684 hci_connect_cfm(conn, status);
5685 hci_conn_drop(conn);
5686 }
5687 }
5688
5689 hci_dev_unlock(hdev);
5690}
5691
Gustavo Padovan6039aa72012-05-23 04:04:18 -03005692static void hci_le_ltk_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
Vinicius Costa Gomesa7a595f2011-06-09 18:50:47 -03005693{
5694 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
5695 struct hci_cp_le_ltk_reply cp;
Vinicius Costa Gomesbea710f2011-07-07 18:59:37 -03005696 struct hci_cp_le_ltk_neg_reply neg;
Vinicius Costa Gomesa7a595f2011-06-09 18:50:47 -03005697 struct hci_conn *conn;
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03005698 struct smp_ltk *ltk;
Vinicius Costa Gomesa7a595f2011-06-09 18:50:47 -03005699
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03005700 BT_DBG("%s handle 0x%4.4x", hdev->name, __le16_to_cpu(ev->handle));
Vinicius Costa Gomesa7a595f2011-06-09 18:50:47 -03005701
5702 hci_dev_lock(hdev);
5703
5704 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
Vinicius Costa Gomesbea710f2011-07-07 18:59:37 -03005705 if (conn == NULL)
5706 goto not_found;
Vinicius Costa Gomesa7a595f2011-06-09 18:50:47 -03005707
Johan Hedbergf3a73d92014-05-29 15:02:59 +03005708 ltk = hci_find_ltk(hdev, &conn->dst, conn->dst_type, conn->role);
Johan Hedberg5378bc52014-05-29 14:00:39 +03005709 if (!ltk)
Vinicius Costa Gomesbea710f2011-07-07 18:59:37 -03005710 goto not_found;
5711
Johan Hedberg5378bc52014-05-29 14:00:39 +03005712 if (smp_ltk_is_sc(ltk)) {
5713 /* With SC both EDiv and Rand are set to zero */
5714 if (ev->ediv || ev->rand)
5715 goto not_found;
5716 } else {
5717 /* For non-SC keys check that EDiv and Rand match */
5718 if (ev->ediv != ltk->ediv || ev->rand != ltk->rand)
5719 goto not_found;
5720 }
5721
Johan Hedberg8b76ce32015-06-08 18:14:39 +03005722 memcpy(cp.ltk, ltk->val, ltk->enc_size);
5723 memset(cp.ltk + ltk->enc_size, 0, sizeof(cp.ltk) - ltk->enc_size);
Vinicius Costa Gomesa7a595f2011-06-09 18:50:47 -03005724 cp.handle = cpu_to_le16(conn->handle);
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03005725
Johan Hedberga6f78332014-09-10 17:37:45 -07005726 conn->pending_sec_level = smp_ltk_sec_level(ltk);
Vinicius Costa Gomesa7a595f2011-06-09 18:50:47 -03005727
Andre Guedes89cbb4d2013-07-31 16:25:29 -03005728 conn->enc_key_size = ltk->enc_size;
Vinicius Costa Gomesa7a595f2011-06-09 18:50:47 -03005729
5730 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
5731
Claudio Takahasi5981a882013-07-25 16:34:24 -03005732 /* Ref. Bluetooth Core SPEC pages 1975 and 2004. STK is a
5733 * temporary key used to encrypt a connection following
5734 * pairing. It is used during the Encrypted Session Setup to
5735 * distribute the keys. Later, security can be re-established
5736 * using a distributed LTK.
5737 */
Johan Hedberg2ceba532014-06-16 19:25:16 +03005738 if (ltk->type == SMP_STK) {
Johan Hedbergfe59a052014-07-01 19:14:12 +03005739 set_bit(HCI_CONN_STK_ENCRYPT, &conn->flags);
Johan Hedberg970d0f12014-11-13 14:37:47 +02005740 list_del_rcu(&ltk->list);
5741 kfree_rcu(ltk, rcu);
Johan Hedbergfe59a052014-07-01 19:14:12 +03005742 } else {
5743 clear_bit(HCI_CONN_STK_ENCRYPT, &conn->flags);
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03005744 }
5745
Vinicius Costa Gomesa7a595f2011-06-09 18:50:47 -03005746 hci_dev_unlock(hdev);
Vinicius Costa Gomesbea710f2011-07-07 18:59:37 -03005747
5748 return;
5749
5750not_found:
5751 neg.handle = ev->handle;
5752 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
5753 hci_dev_unlock(hdev);
Vinicius Costa Gomesa7a595f2011-06-09 18:50:47 -03005754}
5755
Andre Guedes8e75b462014-07-01 18:10:08 -03005756static void send_conn_param_neg_reply(struct hci_dev *hdev, u16 handle,
5757 u8 reason)
5758{
5759 struct hci_cp_le_conn_param_req_neg_reply cp;
5760
5761 cp.handle = cpu_to_le16(handle);
5762 cp.reason = reason;
5763
5764 hci_send_cmd(hdev, HCI_OP_LE_CONN_PARAM_REQ_NEG_REPLY, sizeof(cp),
5765 &cp);
5766}
5767
5768static void hci_le_remote_conn_param_req_evt(struct hci_dev *hdev,
5769 struct sk_buff *skb)
5770{
5771 struct hci_ev_le_remote_conn_param_req *ev = (void *) skb->data;
5772 struct hci_cp_le_conn_param_req_reply cp;
5773 struct hci_conn *hcon;
5774 u16 handle, min, max, latency, timeout;
5775
5776 handle = le16_to_cpu(ev->handle);
5777 min = le16_to_cpu(ev->interval_min);
5778 max = le16_to_cpu(ev->interval_max);
5779 latency = le16_to_cpu(ev->latency);
5780 timeout = le16_to_cpu(ev->timeout);
5781
5782 hcon = hci_conn_hash_lookup_handle(hdev, handle);
5783 if (!hcon || hcon->state != BT_CONNECTED)
5784 return send_conn_param_neg_reply(hdev, handle,
5785 HCI_ERROR_UNKNOWN_CONN_ID);
5786
5787 if (hci_check_conn_params(min, max, latency, timeout))
5788 return send_conn_param_neg_reply(hdev, handle,
5789 HCI_ERROR_INVALID_LL_PARAMS);
5790
Johan Hedberg40bef302014-07-16 11:42:27 +03005791 if (hcon->role == HCI_ROLE_MASTER) {
Johan Hedberg348d50b2014-07-02 17:37:30 +03005792 struct hci_conn_params *params;
Johan Hedbergf4869e22014-07-02 17:37:32 +03005793 u8 store_hint;
Johan Hedberg348d50b2014-07-02 17:37:30 +03005794
5795 hci_dev_lock(hdev);
5796
5797 params = hci_conn_params_lookup(hdev, &hcon->dst,
5798 hcon->dst_type);
5799 if (params) {
5800 params->conn_min_interval = min;
5801 params->conn_max_interval = max;
5802 params->conn_latency = latency;
5803 params->supervision_timeout = timeout;
Johan Hedbergf4869e22014-07-02 17:37:32 +03005804 store_hint = 0x01;
5805 } else{
5806 store_hint = 0x00;
Johan Hedberg348d50b2014-07-02 17:37:30 +03005807 }
5808
5809 hci_dev_unlock(hdev);
5810
Johan Hedbergf4869e22014-07-02 17:37:32 +03005811 mgmt_new_conn_param(hdev, &hcon->dst, hcon->dst_type,
5812 store_hint, min, max, latency, timeout);
Johan Hedberg348d50b2014-07-02 17:37:30 +03005813 }
Andre Guedesffb5a8272014-07-01 18:10:11 -03005814
Andre Guedes8e75b462014-07-01 18:10:08 -03005815 cp.handle = ev->handle;
5816 cp.interval_min = ev->interval_min;
5817 cp.interval_max = ev->interval_max;
5818 cp.latency = ev->latency;
5819 cp.timeout = ev->timeout;
5820 cp.min_ce_len = 0;
5821 cp.max_ce_len = 0;
5822
5823 hci_send_cmd(hdev, HCI_OP_LE_CONN_PARAM_REQ_REPLY, sizeof(cp), &cp);
5824}
5825
Marcel Holtmann2f010b52014-12-05 16:20:13 +01005826static void hci_le_direct_adv_report_evt(struct hci_dev *hdev,
5827 struct sk_buff *skb)
5828{
5829 u8 num_reports = skb->data[0];
5830 void *ptr = &skb->data[1];
5831
5832 hci_dev_lock(hdev);
5833
5834 while (num_reports--) {
5835 struct hci_ev_le_direct_adv_info *ev = ptr;
5836
5837 process_adv_report(hdev, ev->evt_type, &ev->bdaddr,
5838 ev->bdaddr_type, &ev->direct_addr,
5839 ev->direct_addr_type, ev->rssi, NULL, 0);
5840
5841 ptr += sizeof(*ev);
5842 }
5843
5844 hci_dev_unlock(hdev);
5845}
5846
Luiz Augusto von Dentz1efd9272020-01-02 15:00:55 -08005847static void hci_le_phy_update_evt(struct hci_dev *hdev, struct sk_buff *skb)
5848{
5849 struct hci_ev_le_phy_update_complete *ev = (void *) skb->data;
5850 struct hci_conn *conn;
5851
5852 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
5853
5854 if (!ev->status)
5855 return;
5856
5857 hci_dev_lock(hdev);
5858
5859 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
5860 if (!conn)
5861 goto unlock;
5862
5863 conn->le_tx_phy = ev->tx_phy;
5864 conn->le_rx_phy = ev->rx_phy;
5865
5866unlock:
5867 hci_dev_unlock(hdev);
5868}
5869
Gustavo Padovan6039aa72012-05-23 04:04:18 -03005870static void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
Ville Tervofcd89c02011-02-10 22:38:47 -03005871{
5872 struct hci_ev_le_meta *le_ev = (void *) skb->data;
5873
5874 skb_pull(skb, sizeof(*le_ev));
5875
5876 switch (le_ev->subevent) {
5877 case HCI_EV_LE_CONN_COMPLETE:
5878 hci_le_conn_complete_evt(hdev, skb);
5879 break;
5880
Marcel Holtmann1855d922014-06-23 11:40:05 +02005881 case HCI_EV_LE_CONN_UPDATE_COMPLETE:
5882 hci_le_conn_update_complete_evt(hdev, skb);
5883 break;
5884
Andre Guedes9aa04c92011-05-26 16:23:51 -03005885 case HCI_EV_LE_ADVERTISING_REPORT:
5886 hci_le_adv_report_evt(hdev, skb);
5887 break;
5888
Marcel Holtmann0fe29fd2015-04-08 09:05:27 -07005889 case HCI_EV_LE_REMOTE_FEAT_COMPLETE:
5890 hci_le_remote_feat_complete_evt(hdev, skb);
5891 break;
5892
Vinicius Costa Gomesa7a595f2011-06-09 18:50:47 -03005893 case HCI_EV_LE_LTK_REQ:
5894 hci_le_ltk_request_evt(hdev, skb);
5895 break;
5896
Andre Guedes8e75b462014-07-01 18:10:08 -03005897 case HCI_EV_LE_REMOTE_CONN_PARAM_REQ:
5898 hci_le_remote_conn_param_req_evt(hdev, skb);
5899 break;
5900
Marcel Holtmann2f010b52014-12-05 16:20:13 +01005901 case HCI_EV_LE_DIRECT_ADV_REPORT:
5902 hci_le_direct_adv_report_evt(hdev, skb);
5903 break;
5904
Luiz Augusto von Dentz1efd9272020-01-02 15:00:55 -08005905 case HCI_EV_LE_PHY_UPDATE_COMPLETE:
5906 hci_le_phy_update_evt(hdev, skb);
5907 break;
5908
Jaganath Kanakkasseryc215e932018-07-06 17:05:29 +05305909 case HCI_EV_LE_EXT_ADV_REPORT:
5910 hci_le_ext_adv_report_evt(hdev, skb);
5911 break;
5912
Jaganath Kanakkassery4d94f952018-07-06 22:50:32 +02005913 case HCI_EV_LE_ENHANCED_CONN_COMPLETE:
5914 hci_le_enh_conn_complete_evt(hdev, skb);
5915 break;
5916
Jaganath Kanakkasseryacf0aea2018-07-19 17:09:46 +05305917 case HCI_EV_LE_EXT_ADV_SET_TERM:
5918 hci_le_ext_adv_term_evt(hdev, skb);
5919 break;
5920
Ville Tervofcd89c02011-02-10 22:38:47 -03005921 default:
5922 break;
5923 }
5924}
5925
Johan Hedberg757aa0b2015-04-02 13:41:12 +03005926static bool hci_get_cmd_complete(struct hci_dev *hdev, u16 opcode,
5927 u8 event, struct sk_buff *skb)
5928{
5929 struct hci_ev_cmd_complete *ev;
5930 struct hci_event_hdr *hdr;
5931
5932 if (!skb)
5933 return false;
5934
5935 if (skb->len < sizeof(*hdr)) {
Marcel Holtmann2064ee32017-10-30 10:42:59 +01005936 bt_dev_err(hdev, "too short HCI event");
Johan Hedberg757aa0b2015-04-02 13:41:12 +03005937 return false;
5938 }
5939
5940 hdr = (void *) skb->data;
5941 skb_pull(skb, HCI_EVENT_HDR_SIZE);
5942
5943 if (event) {
5944 if (hdr->evt != event)
5945 return false;
5946 return true;
5947 }
5948
Johan Hedberg1629db9c2018-11-27 11:37:46 +02005949 /* Check if request ended in Command Status - no way to retreive
5950 * any extra parameters in this case.
5951 */
5952 if (hdr->evt == HCI_EV_CMD_STATUS)
5953 return false;
5954
Johan Hedberg757aa0b2015-04-02 13:41:12 +03005955 if (hdr->evt != HCI_EV_CMD_COMPLETE) {
Marcel Holtmann2064ee32017-10-30 10:42:59 +01005956 bt_dev_err(hdev, "last event is not cmd complete (0x%2.2x)",
5957 hdr->evt);
Johan Hedberg757aa0b2015-04-02 13:41:12 +03005958 return false;
5959 }
5960
5961 if (skb->len < sizeof(*ev)) {
Marcel Holtmann2064ee32017-10-30 10:42:59 +01005962 bt_dev_err(hdev, "too short cmd_complete event");
Johan Hedberg757aa0b2015-04-02 13:41:12 +03005963 return false;
5964 }
5965
5966 ev = (void *) skb->data;
5967 skb_pull(skb, sizeof(*ev));
5968
5969 if (opcode != __le16_to_cpu(ev->opcode)) {
5970 BT_DBG("opcode doesn't match (0x%2.2x != 0x%2.2x)", opcode,
5971 __le16_to_cpu(ev->opcode));
5972 return false;
5973 }
5974
5975 return true;
5976}
5977
Linus Torvalds1da177e2005-04-16 15:20:36 -07005978void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
5979{
Marcel Holtmanna9de9242007-10-20 13:33:56 +02005980 struct hci_event_hdr *hdr = (void *) skb->data;
Johan Hedberge62144872015-04-02 13:41:08 +03005981 hci_req_complete_t req_complete = NULL;
5982 hci_req_complete_skb_t req_complete_skb = NULL;
5983 struct sk_buff *orig_skb = NULL;
Johan Hedberg757aa0b2015-04-02 13:41:12 +03005984 u8 status = 0, event = hdr->evt, req_evt = 0;
Johan Hedberge62144872015-04-02 13:41:08 +03005985 u16 opcode = HCI_OP_NOP;
Linus Torvalds1da177e2005-04-16 15:20:36 -07005986
Alain Michaud08bb4da2020-03-03 15:55:34 +00005987 if (!event) {
5988 bt_dev_warn(hdev, "Received unexpected HCI Event 00000000");
5989 goto done;
5990 }
5991
Marcel Holtmann242c0eb2015-10-25 22:45:53 +01005992 if (hdev->sent_cmd && bt_cb(hdev->sent_cmd)->hci.req_event == event) {
Johannes Bergc1f23a22013-10-07 18:19:16 +02005993 struct hci_command_hdr *cmd_hdr = (void *) hdev->sent_cmd->data;
Johan Hedberge62144872015-04-02 13:41:08 +03005994 opcode = __le16_to_cpu(cmd_hdr->opcode);
5995 hci_req_cmd_complete(hdev, opcode, status, &req_complete,
5996 &req_complete_skb);
Johan Hedberg757aa0b2015-04-02 13:41:12 +03005997 req_evt = event;
Johan Hedberg02350a72013-04-03 21:50:29 +03005998 }
5999
Johan Hedberge62144872015-04-02 13:41:08 +03006000 /* If it looks like we might end up having to call
6001 * req_complete_skb, store a pristine copy of the skb since the
6002 * various handlers may modify the original one through
6003 * skb_pull() calls, etc.
6004 */
6005 if (req_complete_skb || event == HCI_EV_CMD_STATUS ||
6006 event == HCI_EV_CMD_COMPLETE)
6007 orig_skb = skb_clone(skb, GFP_KERNEL);
6008
6009 skb_pull(skb, HCI_EVENT_HDR_SIZE);
6010
Marcel Holtmanna9de9242007-10-20 13:33:56 +02006011 switch (event) {
Linus Torvalds1da177e2005-04-16 15:20:36 -07006012 case HCI_EV_INQUIRY_COMPLETE:
6013 hci_inquiry_complete_evt(hdev, skb);
6014 break;
6015
6016 case HCI_EV_INQUIRY_RESULT:
6017 hci_inquiry_result_evt(hdev, skb);
6018 break;
6019
Marcel Holtmanna9de9242007-10-20 13:33:56 +02006020 case HCI_EV_CONN_COMPLETE:
6021 hci_conn_complete_evt(hdev, skb);
Marcel Holtmann21d9e302005-09-13 01:32:25 +02006022 break;
6023
Linus Torvalds1da177e2005-04-16 15:20:36 -07006024 case HCI_EV_CONN_REQUEST:
6025 hci_conn_request_evt(hdev, skb);
6026 break;
6027
Linus Torvalds1da177e2005-04-16 15:20:36 -07006028 case HCI_EV_DISCONN_COMPLETE:
6029 hci_disconn_complete_evt(hdev, skb);
6030 break;
6031
Linus Torvalds1da177e2005-04-16 15:20:36 -07006032 case HCI_EV_AUTH_COMPLETE:
6033 hci_auth_complete_evt(hdev, skb);
6034 break;
6035
Marcel Holtmanna9de9242007-10-20 13:33:56 +02006036 case HCI_EV_REMOTE_NAME:
6037 hci_remote_name_evt(hdev, skb);
6038 break;
6039
Linus Torvalds1da177e2005-04-16 15:20:36 -07006040 case HCI_EV_ENCRYPT_CHANGE:
6041 hci_encrypt_change_evt(hdev, skb);
6042 break;
6043
Marcel Holtmanna9de9242007-10-20 13:33:56 +02006044 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
6045 hci_change_link_key_complete_evt(hdev, skb);
6046 break;
6047
6048 case HCI_EV_REMOTE_FEATURES:
6049 hci_remote_features_evt(hdev, skb);
6050 break;
6051
Marcel Holtmanna9de9242007-10-20 13:33:56 +02006052 case HCI_EV_CMD_COMPLETE:
Johan Hedberge62144872015-04-02 13:41:08 +03006053 hci_cmd_complete_evt(hdev, skb, &opcode, &status,
6054 &req_complete, &req_complete_skb);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02006055 break;
6056
6057 case HCI_EV_CMD_STATUS:
Johan Hedberge62144872015-04-02 13:41:08 +03006058 hci_cmd_status_evt(hdev, skb, &opcode, &status, &req_complete,
6059 &req_complete_skb);
Marcel Holtmanna9de9242007-10-20 13:33:56 +02006060 break;
6061
Marcel Holtmann24dfa342014-11-02 02:56:41 +01006062 case HCI_EV_HARDWARE_ERROR:
6063 hci_hardware_error_evt(hdev, skb);
6064 break;
6065
Marcel Holtmanna9de9242007-10-20 13:33:56 +02006066 case HCI_EV_ROLE_CHANGE:
6067 hci_role_change_evt(hdev, skb);
6068 break;
6069
6070 case HCI_EV_NUM_COMP_PKTS:
6071 hci_num_comp_pkts_evt(hdev, skb);
6072 break;
6073
6074 case HCI_EV_MODE_CHANGE:
6075 hci_mode_change_evt(hdev, skb);
Linus Torvalds1da177e2005-04-16 15:20:36 -07006076 break;
6077
6078 case HCI_EV_PIN_CODE_REQ:
6079 hci_pin_code_request_evt(hdev, skb);
6080 break;
6081
6082 case HCI_EV_LINK_KEY_REQ:
6083 hci_link_key_request_evt(hdev, skb);
6084 break;
6085
6086 case HCI_EV_LINK_KEY_NOTIFY:
6087 hci_link_key_notify_evt(hdev, skb);
6088 break;
6089
6090 case HCI_EV_CLOCK_OFFSET:
6091 hci_clock_offset_evt(hdev, skb);
6092 break;
6093
Marcel Holtmanna8746412008-07-14 20:13:46 +02006094 case HCI_EV_PKT_TYPE_CHANGE:
6095 hci_pkt_type_change_evt(hdev, skb);
6096 break;
6097
Marcel Holtmann85a1e932005-08-09 20:28:02 -07006098 case HCI_EV_PSCAN_REP_MODE:
6099 hci_pscan_rep_mode_evt(hdev, skb);
6100 break;
6101
Marcel Holtmanna9de9242007-10-20 13:33:56 +02006102 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
6103 hci_inquiry_result_with_rssi_evt(hdev, skb);
6104 break;
6105
6106 case HCI_EV_REMOTE_EXT_FEATURES:
6107 hci_remote_ext_features_evt(hdev, skb);
6108 break;
6109
6110 case HCI_EV_SYNC_CONN_COMPLETE:
6111 hci_sync_conn_complete_evt(hdev, skb);
6112 break;
6113
Marcel Holtmanna9de9242007-10-20 13:33:56 +02006114 case HCI_EV_EXTENDED_INQUIRY_RESULT:
6115 hci_extended_inquiry_result_evt(hdev, skb);
Linus Torvalds1da177e2005-04-16 15:20:36 -07006116 break;
6117
Johan Hedberg1c2e0042012-06-08 23:31:13 +08006118 case HCI_EV_KEY_REFRESH_COMPLETE:
6119 hci_key_refresh_complete_evt(hdev, skb);
6120 break;
6121
Marcel Holtmann04936842008-07-14 20:13:48 +02006122 case HCI_EV_IO_CAPA_REQUEST:
6123 hci_io_capa_request_evt(hdev, skb);
6124 break;
6125
Johan Hedberg03b555e2011-01-04 15:40:05 +02006126 case HCI_EV_IO_CAPA_REPLY:
6127 hci_io_capa_reply_evt(hdev, skb);
6128 break;
6129
Johan Hedberga5c29682011-02-19 12:05:57 -03006130 case HCI_EV_USER_CONFIRM_REQUEST:
6131 hci_user_confirm_request_evt(hdev, skb);
6132 break;
6133
Brian Gix1143d452011-11-23 08:28:34 -08006134 case HCI_EV_USER_PASSKEY_REQUEST:
6135 hci_user_passkey_request_evt(hdev, skb);
6136 break;
6137
Johan Hedberg92a25252012-09-06 18:39:26 +03006138 case HCI_EV_USER_PASSKEY_NOTIFY:
6139 hci_user_passkey_notify_evt(hdev, skb);
6140 break;
6141
6142 case HCI_EV_KEYPRESS_NOTIFY:
6143 hci_keypress_notify_evt(hdev, skb);
6144 break;
6145
Marcel Holtmann04936842008-07-14 20:13:48 +02006146 case HCI_EV_SIMPLE_PAIR_COMPLETE:
6147 hci_simple_pair_complete_evt(hdev, skb);
6148 break;
6149
Marcel Holtmann41a96212008-07-14 20:13:48 +02006150 case HCI_EV_REMOTE_HOST_FEATURES:
6151 hci_remote_host_features_evt(hdev, skb);
6152 break;
6153
Ville Tervofcd89c02011-02-10 22:38:47 -03006154 case HCI_EV_LE_META:
6155 hci_le_meta_evt(hdev, skb);
6156 break;
6157
Szymon Janc2763eda2011-03-22 13:12:22 +01006158 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
6159 hci_remote_oob_data_request_evt(hdev, skb);
6160 break;
6161
Arron Wanga77a6a12015-07-24 17:13:15 +08006162#if IS_ENABLED(CONFIG_BT_HS)
6163 case HCI_EV_CHANNEL_SELECTED:
6164 hci_chan_selected_evt(hdev, skb);
6165 break;
6166
Andrei Emeltchenkod5e91192012-10-25 15:20:44 +03006167 case HCI_EV_PHY_LINK_COMPLETE:
6168 hci_phy_link_complete_evt(hdev, skb);
6169 break;
6170
Andrei Emeltchenko27695fb2012-10-25 15:20:45 +03006171 case HCI_EV_LOGICAL_LINK_COMPLETE:
6172 hci_loglink_complete_evt(hdev, skb);
6173 break;
6174
Andrei Emeltchenko606e2a12012-10-31 15:46:31 +02006175 case HCI_EV_DISCONN_LOGICAL_LINK_COMPLETE:
6176 hci_disconn_loglink_complete_evt(hdev, skb);
6177 break;
6178
Andrei Emeltchenko9eef6b32012-10-31 15:46:32 +02006179 case HCI_EV_DISCONN_PHY_LINK_COMPLETE:
6180 hci_disconn_phylink_complete_evt(hdev, skb);
6181 break;
Arron Wanga77a6a12015-07-24 17:13:15 +08006182#endif
Andrei Emeltchenko9eef6b32012-10-31 15:46:32 +02006183
Andrei Emeltchenko25e89e92012-01-04 12:41:58 +02006184 case HCI_EV_NUM_COMP_BLOCKS:
6185 hci_num_comp_blocks_evt(hdev, skb);
6186 break;
6187
Miao-chen Chou145373c2020-04-03 21:44:01 +02006188 case HCI_EV_VENDOR:
6189 msft_vendor_evt(hdev, skb);
6190 break;
6191
Marcel Holtmanna9de9242007-10-20 13:33:56 +02006192 default:
Andrei Emeltchenko9f1db002012-07-11 14:32:43 +03006193 BT_DBG("%s event 0x%2.2x", hdev->name, event);
Linus Torvalds1da177e2005-04-16 15:20:36 -07006194 break;
6195 }
6196
Johan Hedberg757aa0b2015-04-02 13:41:12 +03006197 if (req_complete) {
Johan Hedberge62144872015-04-02 13:41:08 +03006198 req_complete(hdev, status, opcode);
Johan Hedberg757aa0b2015-04-02 13:41:12 +03006199 } else if (req_complete_skb) {
6200 if (!hci_get_cmd_complete(hdev, opcode, req_evt, orig_skb)) {
6201 kfree_skb(orig_skb);
6202 orig_skb = NULL;
6203 }
Johan Hedberge62144872015-04-02 13:41:08 +03006204 req_complete_skb(hdev, status, opcode, orig_skb);
Johan Hedberg757aa0b2015-04-02 13:41:12 +03006205 }
Johan Hedberge62144872015-04-02 13:41:08 +03006206
Alain Michaud08bb4da2020-03-03 15:55:34 +00006207done:
Johan Hedberge62144872015-04-02 13:41:08 +03006208 kfree_skb(orig_skb);
Linus Torvalds1da177e2005-04-16 15:20:36 -07006209 kfree_skb(skb);
6210 hdev->stat.evt_rx++;
6211}