blob: e6622bd1926dd18c61fde178904736433bfcb055 [file] [log] [blame]
Johan Hedberg0857dd32014-12-19 13:40:20 +02001/*
2 BlueZ - Bluetooth protocol stack for Linux
3
4 Copyright (C) 2014 Intel Corporation
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
9
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
22*/
23
24#include <net/bluetooth/bluetooth.h>
25#include <net/bluetooth/hci_core.h>
Johan Hedbergf2252572015-11-18 12:49:20 +020026#include <net/bluetooth/mgmt.h>
Johan Hedberg0857dd32014-12-19 13:40:20 +020027
28#include "smp.h"
29#include "hci_request.h"
30
Johan Hedbergbe91cd02015-11-10 09:44:54 +020031#define HCI_REQ_DONE 0
32#define HCI_REQ_PEND 1
33#define HCI_REQ_CANCELED 2
34
Johan Hedberg0857dd32014-12-19 13:40:20 +020035void hci_req_init(struct hci_request *req, struct hci_dev *hdev)
36{
37 skb_queue_head_init(&req->cmd_q);
38 req->hdev = hdev;
39 req->err = 0;
40}
41
Johan Hedberge62144872015-04-02 13:41:08 +030042static int req_run(struct hci_request *req, hci_req_complete_t complete,
43 hci_req_complete_skb_t complete_skb)
Johan Hedberg0857dd32014-12-19 13:40:20 +020044{
45 struct hci_dev *hdev = req->hdev;
46 struct sk_buff *skb;
47 unsigned long flags;
48
49 BT_DBG("length %u", skb_queue_len(&req->cmd_q));
50
51 /* If an error occurred during request building, remove all HCI
52 * commands queued on the HCI request queue.
53 */
54 if (req->err) {
55 skb_queue_purge(&req->cmd_q);
56 return req->err;
57 }
58
59 /* Do not allow empty requests */
60 if (skb_queue_empty(&req->cmd_q))
61 return -ENODATA;
62
63 skb = skb_peek_tail(&req->cmd_q);
Johan Hedberg44d27132015-11-05 09:31:40 +020064 if (complete) {
65 bt_cb(skb)->hci.req_complete = complete;
66 } else if (complete_skb) {
67 bt_cb(skb)->hci.req_complete_skb = complete_skb;
68 bt_cb(skb)->hci.req_flags |= HCI_REQ_SKB;
69 }
Johan Hedberg0857dd32014-12-19 13:40:20 +020070
71 spin_lock_irqsave(&hdev->cmd_q.lock, flags);
72 skb_queue_splice_tail(&req->cmd_q, &hdev->cmd_q);
73 spin_unlock_irqrestore(&hdev->cmd_q.lock, flags);
74
75 queue_work(hdev->workqueue, &hdev->cmd_work);
76
77 return 0;
78}
79
Johan Hedberge62144872015-04-02 13:41:08 +030080int hci_req_run(struct hci_request *req, hci_req_complete_t complete)
81{
82 return req_run(req, complete, NULL);
83}
84
85int hci_req_run_skb(struct hci_request *req, hci_req_complete_skb_t complete)
86{
87 return req_run(req, NULL, complete);
88}
89
Johan Hedbergbe91cd02015-11-10 09:44:54 +020090static void hci_req_sync_complete(struct hci_dev *hdev, u8 result, u16 opcode,
91 struct sk_buff *skb)
92{
93 BT_DBG("%s result 0x%2.2x", hdev->name, result);
94
95 if (hdev->req_status == HCI_REQ_PEND) {
96 hdev->req_result = result;
97 hdev->req_status = HCI_REQ_DONE;
98 if (skb)
99 hdev->req_skb = skb_get(skb);
100 wake_up_interruptible(&hdev->req_wait_q);
101 }
102}
103
Johan Hedbergb5044302015-11-10 09:44:55 +0200104void hci_req_sync_cancel(struct hci_dev *hdev, int err)
Johan Hedbergbe91cd02015-11-10 09:44:54 +0200105{
106 BT_DBG("%s err 0x%2.2x", hdev->name, err);
107
108 if (hdev->req_status == HCI_REQ_PEND) {
109 hdev->req_result = err;
110 hdev->req_status = HCI_REQ_CANCELED;
111 wake_up_interruptible(&hdev->req_wait_q);
112 }
113}
114
115struct sk_buff *__hci_cmd_sync_ev(struct hci_dev *hdev, u16 opcode, u32 plen,
116 const void *param, u8 event, u32 timeout)
117{
118 DECLARE_WAITQUEUE(wait, current);
119 struct hci_request req;
120 struct sk_buff *skb;
121 int err = 0;
122
123 BT_DBG("%s", hdev->name);
124
125 hci_req_init(&req, hdev);
126
127 hci_req_add_ev(&req, opcode, plen, param, event);
128
129 hdev->req_status = HCI_REQ_PEND;
130
131 add_wait_queue(&hdev->req_wait_q, &wait);
132 set_current_state(TASK_INTERRUPTIBLE);
133
134 err = hci_req_run_skb(&req, hci_req_sync_complete);
135 if (err < 0) {
136 remove_wait_queue(&hdev->req_wait_q, &wait);
137 set_current_state(TASK_RUNNING);
138 return ERR_PTR(err);
139 }
140
141 schedule_timeout(timeout);
142
143 remove_wait_queue(&hdev->req_wait_q, &wait);
144
145 if (signal_pending(current))
146 return ERR_PTR(-EINTR);
147
148 switch (hdev->req_status) {
149 case HCI_REQ_DONE:
150 err = -bt_to_errno(hdev->req_result);
151 break;
152
153 case HCI_REQ_CANCELED:
154 err = -hdev->req_result;
155 break;
156
157 default:
158 err = -ETIMEDOUT;
159 break;
160 }
161
162 hdev->req_status = hdev->req_result = 0;
163 skb = hdev->req_skb;
164 hdev->req_skb = NULL;
165
166 BT_DBG("%s end: err %d", hdev->name, err);
167
168 if (err < 0) {
169 kfree_skb(skb);
170 return ERR_PTR(err);
171 }
172
173 if (!skb)
174 return ERR_PTR(-ENODATA);
175
176 return skb;
177}
178EXPORT_SYMBOL(__hci_cmd_sync_ev);
179
180struct sk_buff *__hci_cmd_sync(struct hci_dev *hdev, u16 opcode, u32 plen,
181 const void *param, u32 timeout)
182{
183 return __hci_cmd_sync_ev(hdev, opcode, plen, param, 0, timeout);
184}
185EXPORT_SYMBOL(__hci_cmd_sync);
186
187/* Execute request and wait for completion. */
Johan Hedberga1d01db2015-11-11 08:11:25 +0200188int __hci_req_sync(struct hci_dev *hdev, int (*func)(struct hci_request *req,
189 unsigned long opt),
Johan Hedberg4ebeee22015-11-11 08:11:19 +0200190 unsigned long opt, u32 timeout, u8 *hci_status)
Johan Hedbergbe91cd02015-11-10 09:44:54 +0200191{
192 struct hci_request req;
193 DECLARE_WAITQUEUE(wait, current);
194 int err = 0;
195
196 BT_DBG("%s start", hdev->name);
197
198 hci_req_init(&req, hdev);
199
200 hdev->req_status = HCI_REQ_PEND;
201
Johan Hedberga1d01db2015-11-11 08:11:25 +0200202 err = func(&req, opt);
203 if (err) {
204 if (hci_status)
205 *hci_status = HCI_ERROR_UNSPECIFIED;
206 return err;
207 }
Johan Hedbergbe91cd02015-11-10 09:44:54 +0200208
209 add_wait_queue(&hdev->req_wait_q, &wait);
210 set_current_state(TASK_INTERRUPTIBLE);
211
212 err = hci_req_run_skb(&req, hci_req_sync_complete);
213 if (err < 0) {
214 hdev->req_status = 0;
215
216 remove_wait_queue(&hdev->req_wait_q, &wait);
217 set_current_state(TASK_RUNNING);
218
219 /* ENODATA means the HCI request command queue is empty.
220 * This can happen when a request with conditionals doesn't
221 * trigger any commands to be sent. This is normal behavior
222 * and should not trigger an error return.
223 */
Johan Hedberg568f44f2015-11-23 14:40:47 +0200224 if (err == -ENODATA) {
225 if (hci_status)
226 *hci_status = 0;
Johan Hedbergbe91cd02015-11-10 09:44:54 +0200227 return 0;
Johan Hedberg568f44f2015-11-23 14:40:47 +0200228 }
229
230 if (hci_status)
231 *hci_status = HCI_ERROR_UNSPECIFIED;
Johan Hedbergbe91cd02015-11-10 09:44:54 +0200232
233 return err;
234 }
235
236 schedule_timeout(timeout);
237
238 remove_wait_queue(&hdev->req_wait_q, &wait);
239
240 if (signal_pending(current))
241 return -EINTR;
242
243 switch (hdev->req_status) {
244 case HCI_REQ_DONE:
245 err = -bt_to_errno(hdev->req_result);
Johan Hedberg4ebeee22015-11-11 08:11:19 +0200246 if (hci_status)
247 *hci_status = hdev->req_result;
Johan Hedbergbe91cd02015-11-10 09:44:54 +0200248 break;
249
250 case HCI_REQ_CANCELED:
251 err = -hdev->req_result;
Johan Hedberg4ebeee22015-11-11 08:11:19 +0200252 if (hci_status)
253 *hci_status = HCI_ERROR_UNSPECIFIED;
Johan Hedbergbe91cd02015-11-10 09:44:54 +0200254 break;
255
256 default:
257 err = -ETIMEDOUT;
Johan Hedberg4ebeee22015-11-11 08:11:19 +0200258 if (hci_status)
259 *hci_status = HCI_ERROR_UNSPECIFIED;
Johan Hedbergbe91cd02015-11-10 09:44:54 +0200260 break;
261 }
262
263 hdev->req_status = hdev->req_result = 0;
264
265 BT_DBG("%s end: err %d", hdev->name, err);
266
267 return err;
268}
269
Johan Hedberga1d01db2015-11-11 08:11:25 +0200270int hci_req_sync(struct hci_dev *hdev, int (*req)(struct hci_request *req,
271 unsigned long opt),
Johan Hedberg4ebeee22015-11-11 08:11:19 +0200272 unsigned long opt, u32 timeout, u8 *hci_status)
Johan Hedbergbe91cd02015-11-10 09:44:54 +0200273{
274 int ret;
275
276 if (!test_bit(HCI_UP, &hdev->flags))
277 return -ENETDOWN;
278
279 /* Serialize all requests */
Johan Hedbergb5044302015-11-10 09:44:55 +0200280 hci_req_sync_lock(hdev);
Johan Hedberg4ebeee22015-11-11 08:11:19 +0200281 ret = __hci_req_sync(hdev, req, opt, timeout, hci_status);
Johan Hedbergb5044302015-11-10 09:44:55 +0200282 hci_req_sync_unlock(hdev);
Johan Hedbergbe91cd02015-11-10 09:44:54 +0200283
284 return ret;
285}
286
Johan Hedberg0857dd32014-12-19 13:40:20 +0200287struct sk_buff *hci_prepare_cmd(struct hci_dev *hdev, u16 opcode, u32 plen,
288 const void *param)
289{
290 int len = HCI_COMMAND_HDR_SIZE + plen;
291 struct hci_command_hdr *hdr;
292 struct sk_buff *skb;
293
294 skb = bt_skb_alloc(len, GFP_ATOMIC);
295 if (!skb)
296 return NULL;
297
298 hdr = (struct hci_command_hdr *) skb_put(skb, HCI_COMMAND_HDR_SIZE);
299 hdr->opcode = cpu_to_le16(opcode);
300 hdr->plen = plen;
301
302 if (plen)
303 memcpy(skb_put(skb, plen), param, plen);
304
305 BT_DBG("skb len %d", skb->len);
306
Marcel Holtmannd79f34e2015-11-05 07:10:00 +0100307 hci_skb_pkt_type(skb) = HCI_COMMAND_PKT;
308 hci_skb_opcode(skb) = opcode;
Johan Hedberg0857dd32014-12-19 13:40:20 +0200309
310 return skb;
311}
312
313/* Queue a command to an asynchronous HCI request */
314void hci_req_add_ev(struct hci_request *req, u16 opcode, u32 plen,
315 const void *param, u8 event)
316{
317 struct hci_dev *hdev = req->hdev;
318 struct sk_buff *skb;
319
320 BT_DBG("%s opcode 0x%4.4x plen %d", hdev->name, opcode, plen);
321
322 /* If an error occurred during request building, there is no point in
323 * queueing the HCI command. We can simply return.
324 */
325 if (req->err)
326 return;
327
328 skb = hci_prepare_cmd(hdev, opcode, plen, param);
329 if (!skb) {
330 BT_ERR("%s no memory for command (opcode 0x%4.4x)",
331 hdev->name, opcode);
332 req->err = -ENOMEM;
333 return;
334 }
335
336 if (skb_queue_empty(&req->cmd_q))
Johan Hedberg44d27132015-11-05 09:31:40 +0200337 bt_cb(skb)->hci.req_flags |= HCI_REQ_START;
Johan Hedberg0857dd32014-12-19 13:40:20 +0200338
Marcel Holtmann242c0eb2015-10-25 22:45:53 +0100339 bt_cb(skb)->hci.req_event = event;
Johan Hedberg0857dd32014-12-19 13:40:20 +0200340
341 skb_queue_tail(&req->cmd_q, skb);
342}
343
344void hci_req_add(struct hci_request *req, u16 opcode, u32 plen,
345 const void *param)
346{
347 hci_req_add_ev(req, opcode, plen, param, 0);
348}
349
Johan Hedberg196a5e92015-11-22 18:55:44 +0200350/* This function controls the background scanning based on hdev->pend_le_conns
351 * list. If there are pending LE connection we start the background scanning,
352 * otherwise we stop it.
353 *
354 * This function requires the caller holds hdev->lock.
355 */
356static void __hci_update_background_scan(struct hci_request *req)
357{
358 struct hci_dev *hdev = req->hdev;
359
360 if (!test_bit(HCI_UP, &hdev->flags) ||
361 test_bit(HCI_INIT, &hdev->flags) ||
362 hci_dev_test_flag(hdev, HCI_SETUP) ||
363 hci_dev_test_flag(hdev, HCI_CONFIG) ||
364 hci_dev_test_flag(hdev, HCI_AUTO_OFF) ||
365 hci_dev_test_flag(hdev, HCI_UNREGISTER))
366 return;
367
368 /* No point in doing scanning if LE support hasn't been enabled */
369 if (!hci_dev_test_flag(hdev, HCI_LE_ENABLED))
370 return;
371
372 /* If discovery is active don't interfere with it */
373 if (hdev->discovery.state != DISCOVERY_STOPPED)
374 return;
375
376 /* Reset RSSI and UUID filters when starting background scanning
377 * since these filters are meant for service discovery only.
378 *
379 * The Start Discovery and Start Service Discovery operations
380 * ensure to set proper values for RSSI threshold and UUID
381 * filter list. So it is safe to just reset them here.
382 */
383 hci_discovery_filter_clear(hdev);
384
385 if (list_empty(&hdev->pend_le_conns) &&
386 list_empty(&hdev->pend_le_reports)) {
387 /* If there is no pending LE connections or devices
388 * to be scanned for, we should stop the background
389 * scanning.
390 */
391
392 /* If controller is not scanning we are done. */
393 if (!hci_dev_test_flag(hdev, HCI_LE_SCAN))
394 return;
395
396 hci_req_add_le_scan_disable(req);
397
398 BT_DBG("%s stopping background scanning", hdev->name);
399 } else {
400 /* If there is at least one pending LE connection, we should
401 * keep the background scan running.
402 */
403
404 /* If controller is connecting, we should not start scanning
405 * since some controllers are not able to scan and connect at
406 * the same time.
407 */
408 if (hci_lookup_le_connect(hdev))
409 return;
410
411 /* If controller is currently scanning, we stop it to ensure we
412 * don't miss any advertising (due to duplicates filter).
413 */
414 if (hci_dev_test_flag(hdev, HCI_LE_SCAN))
415 hci_req_add_le_scan_disable(req);
416
417 hci_req_add_le_passive_scan(req);
418
419 BT_DBG("%s starting background scanning", hdev->name);
420 }
421}
422
Johan Hedberg0857dd32014-12-19 13:40:20 +0200423void hci_req_add_le_scan_disable(struct hci_request *req)
424{
425 struct hci_cp_le_set_scan_enable cp;
426
427 memset(&cp, 0, sizeof(cp));
428 cp.enable = LE_SCAN_DISABLE;
429 hci_req_add(req, HCI_OP_LE_SET_SCAN_ENABLE, sizeof(cp), &cp);
430}
431
432static void add_to_white_list(struct hci_request *req,
433 struct hci_conn_params *params)
434{
435 struct hci_cp_le_add_to_white_list cp;
436
437 cp.bdaddr_type = params->addr_type;
438 bacpy(&cp.bdaddr, &params->addr);
439
440 hci_req_add(req, HCI_OP_LE_ADD_TO_WHITE_LIST, sizeof(cp), &cp);
441}
442
443static u8 update_white_list(struct hci_request *req)
444{
445 struct hci_dev *hdev = req->hdev;
446 struct hci_conn_params *params;
447 struct bdaddr_list *b;
448 uint8_t white_list_entries = 0;
449
450 /* Go through the current white list programmed into the
451 * controller one by one and check if that address is still
452 * in the list of pending connections or list of devices to
453 * report. If not present in either list, then queue the
454 * command to remove it from the controller.
455 */
456 list_for_each_entry(b, &hdev->le_white_list, list) {
457 struct hci_cp_le_del_from_white_list cp;
458
459 if (hci_pend_le_action_lookup(&hdev->pend_le_conns,
460 &b->bdaddr, b->bdaddr_type) ||
461 hci_pend_le_action_lookup(&hdev->pend_le_reports,
462 &b->bdaddr, b->bdaddr_type)) {
463 white_list_entries++;
464 continue;
465 }
466
467 cp.bdaddr_type = b->bdaddr_type;
468 bacpy(&cp.bdaddr, &b->bdaddr);
469
470 hci_req_add(req, HCI_OP_LE_DEL_FROM_WHITE_LIST,
471 sizeof(cp), &cp);
472 }
473
474 /* Since all no longer valid white list entries have been
475 * removed, walk through the list of pending connections
476 * and ensure that any new device gets programmed into
477 * the controller.
478 *
479 * If the list of the devices is larger than the list of
480 * available white list entries in the controller, then
481 * just abort and return filer policy value to not use the
482 * white list.
483 */
484 list_for_each_entry(params, &hdev->pend_le_conns, action) {
485 if (hci_bdaddr_list_lookup(&hdev->le_white_list,
486 &params->addr, params->addr_type))
487 continue;
488
489 if (white_list_entries >= hdev->le_white_list_size) {
490 /* Select filter policy to accept all advertising */
491 return 0x00;
492 }
493
494 if (hci_find_irk_by_addr(hdev, &params->addr,
495 params->addr_type)) {
496 /* White list can not be used with RPAs */
497 return 0x00;
498 }
499
500 white_list_entries++;
501 add_to_white_list(req, params);
502 }
503
504 /* After adding all new pending connections, walk through
505 * the list of pending reports and also add these to the
506 * white list if there is still space.
507 */
508 list_for_each_entry(params, &hdev->pend_le_reports, action) {
509 if (hci_bdaddr_list_lookup(&hdev->le_white_list,
510 &params->addr, params->addr_type))
511 continue;
512
513 if (white_list_entries >= hdev->le_white_list_size) {
514 /* Select filter policy to accept all advertising */
515 return 0x00;
516 }
517
518 if (hci_find_irk_by_addr(hdev, &params->addr,
519 params->addr_type)) {
520 /* White list can not be used with RPAs */
521 return 0x00;
522 }
523
524 white_list_entries++;
525 add_to_white_list(req, params);
526 }
527
528 /* Select filter policy to use white list */
529 return 0x01;
530}
531
532void hci_req_add_le_passive_scan(struct hci_request *req)
533{
534 struct hci_cp_le_set_scan_param param_cp;
535 struct hci_cp_le_set_scan_enable enable_cp;
536 struct hci_dev *hdev = req->hdev;
537 u8 own_addr_type;
538 u8 filter_policy;
539
540 /* Set require_privacy to false since no SCAN_REQ are send
541 * during passive scanning. Not using an non-resolvable address
542 * here is important so that peer devices using direct
543 * advertising with our address will be correctly reported
544 * by the controller.
545 */
546 if (hci_update_random_address(req, false, &own_addr_type))
547 return;
548
549 /* Adding or removing entries from the white list must
550 * happen before enabling scanning. The controller does
551 * not allow white list modification while scanning.
552 */
553 filter_policy = update_white_list(req);
554
555 /* When the controller is using random resolvable addresses and
556 * with that having LE privacy enabled, then controllers with
557 * Extended Scanner Filter Policies support can now enable support
558 * for handling directed advertising.
559 *
560 * So instead of using filter polices 0x00 (no whitelist)
561 * and 0x01 (whitelist enabled) use the new filter policies
562 * 0x02 (no whitelist) and 0x03 (whitelist enabled).
563 */
Marcel Holtmannd7a5a112015-03-13 02:11:00 -0700564 if (hci_dev_test_flag(hdev, HCI_PRIVACY) &&
Johan Hedberg0857dd32014-12-19 13:40:20 +0200565 (hdev->le_features[0] & HCI_LE_EXT_SCAN_POLICY))
566 filter_policy |= 0x02;
567
568 memset(&param_cp, 0, sizeof(param_cp));
569 param_cp.type = LE_SCAN_PASSIVE;
570 param_cp.interval = cpu_to_le16(hdev->le_scan_interval);
571 param_cp.window = cpu_to_le16(hdev->le_scan_window);
572 param_cp.own_address_type = own_addr_type;
573 param_cp.filter_policy = filter_policy;
574 hci_req_add(req, HCI_OP_LE_SET_SCAN_PARAM, sizeof(param_cp),
575 &param_cp);
576
577 memset(&enable_cp, 0, sizeof(enable_cp));
578 enable_cp.enable = LE_SCAN_ENABLE;
579 enable_cp.filter_dup = LE_SCAN_FILTER_DUP_ENABLE;
580 hci_req_add(req, HCI_OP_LE_SET_SCAN_ENABLE, sizeof(enable_cp),
581 &enable_cp);
582}
583
Johan Hedbergf2252572015-11-18 12:49:20 +0200584static u8 get_current_adv_instance(struct hci_dev *hdev)
585{
586 /* The "Set Advertising" setting supersedes the "Add Advertising"
587 * setting. Here we set the advertising data based on which
588 * setting was set. When neither apply, default to the global settings,
589 * represented by instance "0".
590 */
591 if (hci_dev_test_flag(hdev, HCI_ADVERTISING_INSTANCE) &&
592 !hci_dev_test_flag(hdev, HCI_ADVERTISING))
593 return hdev->cur_adv_instance;
594
595 return 0x00;
596}
597
598static u8 get_cur_adv_instance_scan_rsp_len(struct hci_dev *hdev)
599{
600 u8 instance = get_current_adv_instance(hdev);
601 struct adv_info *adv_instance;
602
603 /* Ignore instance 0 */
604 if (instance == 0x00)
605 return 0;
606
607 adv_instance = hci_find_adv_instance(hdev, instance);
608 if (!adv_instance)
609 return 0;
610
611 /* TODO: Take into account the "appearance" and "local-name" flags here.
612 * These are currently being ignored as they are not supported.
613 */
614 return adv_instance->scan_rsp_len;
615}
616
617void __hci_req_disable_advertising(struct hci_request *req)
618{
619 u8 enable = 0x00;
620
621 hci_req_add(req, HCI_OP_LE_SET_ADV_ENABLE, sizeof(enable), &enable);
622}
623
624static u32 get_adv_instance_flags(struct hci_dev *hdev, u8 instance)
625{
626 u32 flags;
627 struct adv_info *adv_instance;
628
629 if (instance == 0x00) {
630 /* Instance 0 always manages the "Tx Power" and "Flags"
631 * fields
632 */
633 flags = MGMT_ADV_FLAG_TX_POWER | MGMT_ADV_FLAG_MANAGED_FLAGS;
634
635 /* For instance 0, the HCI_ADVERTISING_CONNECTABLE setting
636 * corresponds to the "connectable" instance flag.
637 */
638 if (hci_dev_test_flag(hdev, HCI_ADVERTISING_CONNECTABLE))
639 flags |= MGMT_ADV_FLAG_CONNECTABLE;
640
641 return flags;
642 }
643
644 adv_instance = hci_find_adv_instance(hdev, instance);
645
646 /* Return 0 when we got an invalid instance identifier. */
647 if (!adv_instance)
648 return 0;
649
650 return adv_instance->flags;
651}
652
653void __hci_req_enable_advertising(struct hci_request *req)
654{
655 struct hci_dev *hdev = req->hdev;
656 struct hci_cp_le_set_adv_param cp;
657 u8 own_addr_type, enable = 0x01;
658 bool connectable;
659 u8 instance;
660 u32 flags;
661
662 if (hci_conn_num(hdev, LE_LINK) > 0)
663 return;
664
665 if (hci_dev_test_flag(hdev, HCI_LE_ADV))
666 __hci_req_disable_advertising(req);
667
668 /* Clear the HCI_LE_ADV bit temporarily so that the
669 * hci_update_random_address knows that it's safe to go ahead
670 * and write a new random address. The flag will be set back on
671 * as soon as the SET_ADV_ENABLE HCI command completes.
672 */
673 hci_dev_clear_flag(hdev, HCI_LE_ADV);
674
675 instance = get_current_adv_instance(hdev);
676 flags = get_adv_instance_flags(hdev, instance);
677
678 /* If the "connectable" instance flag was not set, then choose between
679 * ADV_IND and ADV_NONCONN_IND based on the global connectable setting.
680 */
681 connectable = (flags & MGMT_ADV_FLAG_CONNECTABLE) ||
682 mgmt_get_connectable(hdev);
683
684 /* Set require_privacy to true only when non-connectable
685 * advertising is used. In that case it is fine to use a
686 * non-resolvable private address.
687 */
688 if (hci_update_random_address(req, !connectable, &own_addr_type) < 0)
689 return;
690
691 memset(&cp, 0, sizeof(cp));
692 cp.min_interval = cpu_to_le16(hdev->le_adv_min_interval);
693 cp.max_interval = cpu_to_le16(hdev->le_adv_max_interval);
694
695 if (connectable)
696 cp.type = LE_ADV_IND;
697 else if (get_cur_adv_instance_scan_rsp_len(hdev))
698 cp.type = LE_ADV_SCAN_IND;
699 else
700 cp.type = LE_ADV_NONCONN_IND;
701
702 cp.own_address_type = own_addr_type;
703 cp.channel_map = hdev->le_adv_channel_map;
704
705 hci_req_add(req, HCI_OP_LE_SET_ADV_PARAM, sizeof(cp), &cp);
706
707 hci_req_add(req, HCI_OP_LE_SET_ADV_ENABLE, sizeof(enable), &enable);
708}
709
710static u8 create_default_scan_rsp_data(struct hci_dev *hdev, u8 *ptr)
711{
712 u8 ad_len = 0;
713 size_t name_len;
714
715 name_len = strlen(hdev->dev_name);
716 if (name_len > 0) {
717 size_t max_len = HCI_MAX_AD_LENGTH - ad_len - 2;
718
719 if (name_len > max_len) {
720 name_len = max_len;
721 ptr[1] = EIR_NAME_SHORT;
722 } else
723 ptr[1] = EIR_NAME_COMPLETE;
724
725 ptr[0] = name_len + 1;
726
727 memcpy(ptr + 2, hdev->dev_name, name_len);
728
729 ad_len += (name_len + 2);
730 ptr += (name_len + 2);
731 }
732
733 return ad_len;
734}
735
736static u8 create_instance_scan_rsp_data(struct hci_dev *hdev, u8 instance,
737 u8 *ptr)
738{
739 struct adv_info *adv_instance;
740
741 adv_instance = hci_find_adv_instance(hdev, instance);
742 if (!adv_instance)
743 return 0;
744
745 /* TODO: Set the appropriate entries based on advertising instance flags
746 * here once flags other than 0 are supported.
747 */
748 memcpy(ptr, adv_instance->scan_rsp_data,
749 adv_instance->scan_rsp_len);
750
751 return adv_instance->scan_rsp_len;
752}
753
754static void update_inst_scan_rsp_data(struct hci_request *req, u8 instance)
755{
756 struct hci_dev *hdev = req->hdev;
757 struct hci_cp_le_set_scan_rsp_data cp;
758 u8 len;
759
760 if (!hci_dev_test_flag(hdev, HCI_LE_ENABLED))
761 return;
762
763 memset(&cp, 0, sizeof(cp));
764
765 if (instance)
766 len = create_instance_scan_rsp_data(hdev, instance, cp.data);
767 else
768 len = create_default_scan_rsp_data(hdev, cp.data);
769
770 if (hdev->scan_rsp_data_len == len &&
771 !memcmp(cp.data, hdev->scan_rsp_data, len))
772 return;
773
774 memcpy(hdev->scan_rsp_data, cp.data, sizeof(cp.data));
775 hdev->scan_rsp_data_len = len;
776
777 cp.length = len;
778
779 hci_req_add(req, HCI_OP_LE_SET_SCAN_RSP_DATA, sizeof(cp), &cp);
780}
781
782void __hci_req_update_scan_rsp_data(struct hci_request *req, int instance)
783{
784 if (instance == HCI_ADV_CURRENT)
785 instance = get_current_adv_instance(req->hdev);
786
787 update_inst_scan_rsp_data(req, get_current_adv_instance(req->hdev));
788}
789
790static u8 create_instance_adv_data(struct hci_dev *hdev, u8 instance, u8 *ptr)
791{
792 struct adv_info *adv_instance = NULL;
793 u8 ad_len = 0, flags = 0;
794 u32 instance_flags;
795
796 /* Return 0 when the current instance identifier is invalid. */
797 if (instance) {
798 adv_instance = hci_find_adv_instance(hdev, instance);
799 if (!adv_instance)
800 return 0;
801 }
802
803 instance_flags = get_adv_instance_flags(hdev, instance);
804
805 /* The Add Advertising command allows userspace to set both the general
806 * and limited discoverable flags.
807 */
808 if (instance_flags & MGMT_ADV_FLAG_DISCOV)
809 flags |= LE_AD_GENERAL;
810
811 if (instance_flags & MGMT_ADV_FLAG_LIMITED_DISCOV)
812 flags |= LE_AD_LIMITED;
813
814 if (flags || (instance_flags & MGMT_ADV_FLAG_MANAGED_FLAGS)) {
815 /* If a discovery flag wasn't provided, simply use the global
816 * settings.
817 */
818 if (!flags)
819 flags |= mgmt_get_adv_discov_flags(hdev);
820
821 if (!hci_dev_test_flag(hdev, HCI_BREDR_ENABLED))
822 flags |= LE_AD_NO_BREDR;
823
824 /* If flags would still be empty, then there is no need to
825 * include the "Flags" AD field".
826 */
827 if (flags) {
828 ptr[0] = 0x02;
829 ptr[1] = EIR_FLAGS;
830 ptr[2] = flags;
831
832 ad_len += 3;
833 ptr += 3;
834 }
835 }
836
837 if (adv_instance) {
838 memcpy(ptr, adv_instance->adv_data,
839 adv_instance->adv_data_len);
840 ad_len += adv_instance->adv_data_len;
841 ptr += adv_instance->adv_data_len;
842 }
843
844 /* Provide Tx Power only if we can provide a valid value for it */
845 if (hdev->adv_tx_power != HCI_TX_POWER_INVALID &&
846 (instance_flags & MGMT_ADV_FLAG_TX_POWER)) {
847 ptr[0] = 0x02;
848 ptr[1] = EIR_TX_POWER;
849 ptr[2] = (u8)hdev->adv_tx_power;
850
851 ad_len += 3;
852 ptr += 3;
853 }
854
855 return ad_len;
856}
857
858static void update_inst_adv_data(struct hci_request *req, u8 instance)
859{
860 struct hci_dev *hdev = req->hdev;
861 struct hci_cp_le_set_adv_data cp;
862 u8 len;
863
864 if (!hci_dev_test_flag(hdev, HCI_LE_ENABLED))
865 return;
866
867 memset(&cp, 0, sizeof(cp));
868
869 len = create_instance_adv_data(hdev, instance, cp.data);
870
871 /* There's nothing to do if the data hasn't changed */
872 if (hdev->adv_data_len == len &&
873 memcmp(cp.data, hdev->adv_data, len) == 0)
874 return;
875
876 memcpy(hdev->adv_data, cp.data, sizeof(cp.data));
877 hdev->adv_data_len = len;
878
879 cp.length = len;
880
881 hci_req_add(req, HCI_OP_LE_SET_ADV_DATA, sizeof(cp), &cp);
882}
883
884void __hci_req_update_adv_data(struct hci_request *req, int instance)
885{
886 if (instance == HCI_ADV_CURRENT)
887 instance = get_current_adv_instance(req->hdev);
888
889 update_inst_adv_data(req, instance);
890}
891
892int hci_req_update_adv_data(struct hci_dev *hdev, int instance)
893{
894 struct hci_request req;
895
896 hci_req_init(&req, hdev);
897 __hci_req_update_adv_data(&req, instance);
898
899 return hci_req_run(&req, NULL);
900}
901
902static void adv_enable_complete(struct hci_dev *hdev, u8 status, u16 opcode)
903{
904 BT_DBG("%s status %u", hdev->name, status);
905}
906
907void hci_req_reenable_advertising(struct hci_dev *hdev)
908{
909 struct hci_request req;
910 u8 instance;
911
912 if (!hci_dev_test_flag(hdev, HCI_ADVERTISING) &&
913 !hci_dev_test_flag(hdev, HCI_ADVERTISING_INSTANCE))
914 return;
915
916 instance = get_current_adv_instance(hdev);
917
918 hci_req_init(&req, hdev);
919
920 if (instance) {
921 __hci_req_schedule_adv_instance(&req, instance, true);
922 } else {
923 __hci_req_update_adv_data(&req, HCI_ADV_CURRENT);
924 __hci_req_update_scan_rsp_data(&req, HCI_ADV_CURRENT);
925 __hci_req_enable_advertising(&req);
926 }
927
928 hci_req_run(&req, adv_enable_complete);
929}
930
931static void adv_timeout_expire(struct work_struct *work)
932{
933 struct hci_dev *hdev = container_of(work, struct hci_dev,
934 adv_instance_expire.work);
935
936 struct hci_request req;
937 u8 instance;
938
939 BT_DBG("%s", hdev->name);
940
941 hci_dev_lock(hdev);
942
943 hdev->adv_instance_timeout = 0;
944
945 instance = get_current_adv_instance(hdev);
946 if (instance == 0x00)
947 goto unlock;
948
949 hci_req_init(&req, hdev);
950
951 hci_req_clear_adv_instance(hdev, &req, instance, false);
952
953 if (list_empty(&hdev->adv_instances))
954 __hci_req_disable_advertising(&req);
955
956 if (!skb_queue_empty(&req.cmd_q))
957 hci_req_run(&req, NULL);
958
959unlock:
960 hci_dev_unlock(hdev);
961}
962
963int __hci_req_schedule_adv_instance(struct hci_request *req, u8 instance,
964 bool force)
965{
966 struct hci_dev *hdev = req->hdev;
967 struct adv_info *adv_instance = NULL;
968 u16 timeout;
969
970 if (hci_dev_test_flag(hdev, HCI_ADVERTISING) ||
971 !hci_dev_test_flag(hdev, HCI_ADVERTISING_INSTANCE))
972 return -EPERM;
973
974 if (hdev->adv_instance_timeout)
975 return -EBUSY;
976
977 adv_instance = hci_find_adv_instance(hdev, instance);
978 if (!adv_instance)
979 return -ENOENT;
980
981 /* A zero timeout means unlimited advertising. As long as there is
982 * only one instance, duration should be ignored. We still set a timeout
983 * in case further instances are being added later on.
984 *
985 * If the remaining lifetime of the instance is more than the duration
986 * then the timeout corresponds to the duration, otherwise it will be
987 * reduced to the remaining instance lifetime.
988 */
989 if (adv_instance->timeout == 0 ||
990 adv_instance->duration <= adv_instance->remaining_time)
991 timeout = adv_instance->duration;
992 else
993 timeout = adv_instance->remaining_time;
994
995 /* The remaining time is being reduced unless the instance is being
996 * advertised without time limit.
997 */
998 if (adv_instance->timeout)
999 adv_instance->remaining_time =
1000 adv_instance->remaining_time - timeout;
1001
1002 hdev->adv_instance_timeout = timeout;
1003 queue_delayed_work(hdev->req_workqueue,
1004 &hdev->adv_instance_expire,
1005 msecs_to_jiffies(timeout * 1000));
1006
1007 /* If we're just re-scheduling the same instance again then do not
1008 * execute any HCI commands. This happens when a single instance is
1009 * being advertised.
1010 */
1011 if (!force && hdev->cur_adv_instance == instance &&
1012 hci_dev_test_flag(hdev, HCI_LE_ADV))
1013 return 0;
1014
1015 hdev->cur_adv_instance = instance;
1016 __hci_req_update_adv_data(req, HCI_ADV_CURRENT);
1017 __hci_req_update_scan_rsp_data(req, HCI_ADV_CURRENT);
1018 __hci_req_enable_advertising(req);
1019
1020 return 0;
1021}
1022
1023static void cancel_adv_timeout(struct hci_dev *hdev)
1024{
1025 if (hdev->adv_instance_timeout) {
1026 hdev->adv_instance_timeout = 0;
1027 cancel_delayed_work(&hdev->adv_instance_expire);
1028 }
1029}
1030
1031/* For a single instance:
1032 * - force == true: The instance will be removed even when its remaining
1033 * lifetime is not zero.
1034 * - force == false: the instance will be deactivated but kept stored unless
1035 * the remaining lifetime is zero.
1036 *
1037 * For instance == 0x00:
1038 * - force == true: All instances will be removed regardless of their timeout
1039 * setting.
1040 * - force == false: Only instances that have a timeout will be removed.
1041 */
1042void hci_req_clear_adv_instance(struct hci_dev *hdev, struct hci_request *req,
1043 u8 instance, bool force)
1044{
1045 struct adv_info *adv_instance, *n, *next_instance = NULL;
1046 int err;
1047 u8 rem_inst;
1048
1049 /* Cancel any timeout concerning the removed instance(s). */
1050 if (!instance || hdev->cur_adv_instance == instance)
1051 cancel_adv_timeout(hdev);
1052
1053 /* Get the next instance to advertise BEFORE we remove
1054 * the current one. This can be the same instance again
1055 * if there is only one instance.
1056 */
1057 if (instance && hdev->cur_adv_instance == instance)
1058 next_instance = hci_get_next_instance(hdev, instance);
1059
1060 if (instance == 0x00) {
1061 list_for_each_entry_safe(adv_instance, n, &hdev->adv_instances,
1062 list) {
1063 if (!(force || adv_instance->timeout))
1064 continue;
1065
1066 rem_inst = adv_instance->instance;
1067 err = hci_remove_adv_instance(hdev, rem_inst);
1068 if (!err)
1069 mgmt_advertising_removed(NULL, hdev, rem_inst);
1070 }
1071 hdev->cur_adv_instance = 0x00;
1072 } else {
1073 adv_instance = hci_find_adv_instance(hdev, instance);
1074
1075 if (force || (adv_instance && adv_instance->timeout &&
1076 !adv_instance->remaining_time)) {
1077 /* Don't advertise a removed instance. */
1078 if (next_instance &&
1079 next_instance->instance == instance)
1080 next_instance = NULL;
1081
1082 err = hci_remove_adv_instance(hdev, instance);
1083 if (!err)
1084 mgmt_advertising_removed(NULL, hdev, instance);
1085 }
1086 }
1087
1088 if (list_empty(&hdev->adv_instances)) {
1089 hdev->cur_adv_instance = 0x00;
1090 hci_dev_clear_flag(hdev, HCI_ADVERTISING_INSTANCE);
1091 }
1092
1093 if (!req || !hdev_is_powered(hdev) ||
1094 hci_dev_test_flag(hdev, HCI_ADVERTISING))
1095 return;
1096
1097 if (next_instance)
1098 __hci_req_schedule_adv_instance(req, next_instance->instance,
1099 false);
1100}
1101
Johan Hedberg0857dd32014-12-19 13:40:20 +02001102static void set_random_addr(struct hci_request *req, bdaddr_t *rpa)
1103{
1104 struct hci_dev *hdev = req->hdev;
1105
1106 /* If we're advertising or initiating an LE connection we can't
1107 * go ahead and change the random address at this time. This is
1108 * because the eventual initiator address used for the
1109 * subsequently created connection will be undefined (some
1110 * controllers use the new address and others the one we had
1111 * when the operation started).
1112 *
1113 * In this kind of scenario skip the update and let the random
1114 * address be updated at the next cycle.
1115 */
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07001116 if (hci_dev_test_flag(hdev, HCI_LE_ADV) ||
Jakub Pawlowskie7d9ab72015-08-07 20:22:52 +02001117 hci_lookup_le_connect(hdev)) {
Johan Hedberg0857dd32014-12-19 13:40:20 +02001118 BT_DBG("Deferring random address update");
Marcel Holtmanna1536da2015-03-13 02:11:01 -07001119 hci_dev_set_flag(hdev, HCI_RPA_EXPIRED);
Johan Hedberg0857dd32014-12-19 13:40:20 +02001120 return;
1121 }
1122
1123 hci_req_add(req, HCI_OP_LE_SET_RANDOM_ADDR, 6, rpa);
1124}
1125
1126int hci_update_random_address(struct hci_request *req, bool require_privacy,
1127 u8 *own_addr_type)
1128{
1129 struct hci_dev *hdev = req->hdev;
1130 int err;
1131
1132 /* If privacy is enabled use a resolvable private address. If
1133 * current RPA has expired or there is something else than
1134 * the current RPA in use, then generate a new one.
1135 */
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07001136 if (hci_dev_test_flag(hdev, HCI_PRIVACY)) {
Johan Hedberg0857dd32014-12-19 13:40:20 +02001137 int to;
1138
1139 *own_addr_type = ADDR_LE_DEV_RANDOM;
1140
Marcel Holtmanna69d8922015-03-13 02:11:05 -07001141 if (!hci_dev_test_and_clear_flag(hdev, HCI_RPA_EXPIRED) &&
Johan Hedberg0857dd32014-12-19 13:40:20 +02001142 !bacmp(&hdev->random_addr, &hdev->rpa))
1143 return 0;
1144
1145 err = smp_generate_rpa(hdev, hdev->irk, &hdev->rpa);
1146 if (err < 0) {
1147 BT_ERR("%s failed to generate new RPA", hdev->name);
1148 return err;
1149 }
1150
1151 set_random_addr(req, &hdev->rpa);
1152
1153 to = msecs_to_jiffies(hdev->rpa_timeout * 1000);
1154 queue_delayed_work(hdev->workqueue, &hdev->rpa_expired, to);
1155
1156 return 0;
1157 }
1158
1159 /* In case of required privacy without resolvable private address,
1160 * use an non-resolvable private address. This is useful for active
1161 * scanning and non-connectable advertising.
1162 */
1163 if (require_privacy) {
1164 bdaddr_t nrpa;
1165
1166 while (true) {
1167 /* The non-resolvable private address is generated
1168 * from random six bytes with the two most significant
1169 * bits cleared.
1170 */
1171 get_random_bytes(&nrpa, 6);
1172 nrpa.b[5] &= 0x3f;
1173
1174 /* The non-resolvable private address shall not be
1175 * equal to the public address.
1176 */
1177 if (bacmp(&hdev->bdaddr, &nrpa))
1178 break;
1179 }
1180
1181 *own_addr_type = ADDR_LE_DEV_RANDOM;
1182 set_random_addr(req, &nrpa);
1183 return 0;
1184 }
1185
1186 /* If forcing static address is in use or there is no public
1187 * address use the static address as random address (but skip
1188 * the HCI command if the current random address is already the
1189 * static one.
Marcel Holtmann50b5b952014-12-19 23:05:35 +01001190 *
1191 * In case BR/EDR has been disabled on a dual-mode controller
1192 * and a static address has been configured, then use that
1193 * address instead of the public BR/EDR address.
Johan Hedberg0857dd32014-12-19 13:40:20 +02001194 */
Marcel Holtmannb7cb93e2015-03-13 10:20:35 -07001195 if (hci_dev_test_flag(hdev, HCI_FORCE_STATIC_ADDR) ||
Marcel Holtmann50b5b952014-12-19 23:05:35 +01001196 !bacmp(&hdev->bdaddr, BDADDR_ANY) ||
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07001197 (!hci_dev_test_flag(hdev, HCI_BREDR_ENABLED) &&
Marcel Holtmann50b5b952014-12-19 23:05:35 +01001198 bacmp(&hdev->static_addr, BDADDR_ANY))) {
Johan Hedberg0857dd32014-12-19 13:40:20 +02001199 *own_addr_type = ADDR_LE_DEV_RANDOM;
1200 if (bacmp(&hdev->static_addr, &hdev->random_addr))
1201 hci_req_add(req, HCI_OP_LE_SET_RANDOM_ADDR, 6,
1202 &hdev->static_addr);
1203 return 0;
1204 }
1205
1206 /* Neither privacy nor static address is being used so use a
1207 * public address.
1208 */
1209 *own_addr_type = ADDR_LE_DEV_PUBLIC;
1210
1211 return 0;
1212}
Johan Hedberg2cf22212014-12-19 22:26:00 +02001213
Johan Hedberg405a2612014-12-19 23:18:22 +02001214static bool disconnected_whitelist_entries(struct hci_dev *hdev)
1215{
1216 struct bdaddr_list *b;
1217
1218 list_for_each_entry(b, &hdev->whitelist, list) {
1219 struct hci_conn *conn;
1220
1221 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &b->bdaddr);
1222 if (!conn)
1223 return true;
1224
1225 if (conn->state != BT_CONNECTED && conn->state != BT_CONFIG)
1226 return true;
1227 }
1228
1229 return false;
1230}
1231
Johan Hedberg01b1cb82015-11-16 12:52:21 +02001232void __hci_req_update_scan(struct hci_request *req)
Johan Hedberg405a2612014-12-19 23:18:22 +02001233{
1234 struct hci_dev *hdev = req->hdev;
1235 u8 scan;
1236
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07001237 if (!hci_dev_test_flag(hdev, HCI_BREDR_ENABLED))
Johan Hedberg405a2612014-12-19 23:18:22 +02001238 return;
1239
1240 if (!hdev_is_powered(hdev))
1241 return;
1242
1243 if (mgmt_powering_down(hdev))
1244 return;
1245
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07001246 if (hci_dev_test_flag(hdev, HCI_CONNECTABLE) ||
Johan Hedberg405a2612014-12-19 23:18:22 +02001247 disconnected_whitelist_entries(hdev))
1248 scan = SCAN_PAGE;
1249 else
1250 scan = SCAN_DISABLED;
1251
Marcel Holtmannd7a5a112015-03-13 02:11:00 -07001252 if (hci_dev_test_flag(hdev, HCI_DISCOVERABLE))
Johan Hedberg405a2612014-12-19 23:18:22 +02001253 scan |= SCAN_INQUIRY;
1254
Johan Hedberg01b1cb82015-11-16 12:52:21 +02001255 if (test_bit(HCI_PSCAN, &hdev->flags) == !!(scan & SCAN_PAGE) &&
1256 test_bit(HCI_ISCAN, &hdev->flags) == !!(scan & SCAN_INQUIRY))
1257 return;
1258
Johan Hedberg405a2612014-12-19 23:18:22 +02001259 hci_req_add(req, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1260}
1261
Johan Hedberg01b1cb82015-11-16 12:52:21 +02001262static int update_scan(struct hci_request *req, unsigned long opt)
Johan Hedberg405a2612014-12-19 23:18:22 +02001263{
Johan Hedberg01b1cb82015-11-16 12:52:21 +02001264 hci_dev_lock(req->hdev);
1265 __hci_req_update_scan(req);
1266 hci_dev_unlock(req->hdev);
1267 return 0;
1268}
Johan Hedberg405a2612014-12-19 23:18:22 +02001269
Johan Hedberg01b1cb82015-11-16 12:52:21 +02001270static void scan_update_work(struct work_struct *work)
1271{
1272 struct hci_dev *hdev = container_of(work, struct hci_dev, scan_update);
1273
1274 hci_req_sync(hdev, update_scan, 0, HCI_CMD_TIMEOUT, NULL);
Johan Hedberg405a2612014-12-19 23:18:22 +02001275}
1276
Johan Hedbergdcc0f0d92015-10-22 10:49:37 +03001277void __hci_abort_conn(struct hci_request *req, struct hci_conn *conn,
1278 u8 reason)
1279{
1280 switch (conn->state) {
1281 case BT_CONNECTED:
1282 case BT_CONFIG:
1283 if (conn->type == AMP_LINK) {
1284 struct hci_cp_disconn_phy_link cp;
1285
1286 cp.phy_handle = HCI_PHY_HANDLE(conn->handle);
1287 cp.reason = reason;
1288 hci_req_add(req, HCI_OP_DISCONN_PHY_LINK, sizeof(cp),
1289 &cp);
1290 } else {
1291 struct hci_cp_disconnect dc;
1292
1293 dc.handle = cpu_to_le16(conn->handle);
1294 dc.reason = reason;
1295 hci_req_add(req, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1296 }
1297
1298 conn->state = BT_DISCONN;
1299
1300 break;
1301 case BT_CONNECT:
1302 if (conn->type == LE_LINK) {
1303 if (test_bit(HCI_CONN_SCANNING, &conn->flags))
1304 break;
1305 hci_req_add(req, HCI_OP_LE_CREATE_CONN_CANCEL,
1306 0, NULL);
1307 } else if (conn->type == ACL_LINK) {
1308 if (req->hdev->hci_ver < BLUETOOTH_VER_1_2)
1309 break;
1310 hci_req_add(req, HCI_OP_CREATE_CONN_CANCEL,
1311 6, &conn->dst);
1312 }
1313 break;
1314 case BT_CONNECT2:
1315 if (conn->type == ACL_LINK) {
1316 struct hci_cp_reject_conn_req rej;
1317
1318 bacpy(&rej.bdaddr, &conn->dst);
1319 rej.reason = reason;
1320
1321 hci_req_add(req, HCI_OP_REJECT_CONN_REQ,
1322 sizeof(rej), &rej);
1323 } else if (conn->type == SCO_LINK || conn->type == ESCO_LINK) {
1324 struct hci_cp_reject_sync_conn_req rej;
1325
1326 bacpy(&rej.bdaddr, &conn->dst);
1327
1328 /* SCO rejection has its own limited set of
1329 * allowed error values (0x0D-0x0F) which isn't
1330 * compatible with most values passed to this
1331 * function. To be safe hard-code one of the
1332 * values that's suitable for SCO.
1333 */
1334 rej.reason = HCI_ERROR_REMOTE_LOW_RESOURCES;
1335
1336 hci_req_add(req, HCI_OP_REJECT_SYNC_CONN_REQ,
1337 sizeof(rej), &rej);
1338 }
1339 break;
1340 default:
1341 conn->state = BT_CLOSED;
1342 break;
1343 }
1344}
1345
1346static void abort_conn_complete(struct hci_dev *hdev, u8 status, u16 opcode)
1347{
1348 if (status)
1349 BT_DBG("Failed to abort connection: status 0x%2.2x", status);
1350}
1351
1352int hci_abort_conn(struct hci_conn *conn, u8 reason)
1353{
1354 struct hci_request req;
1355 int err;
1356
1357 hci_req_init(&req, conn->hdev);
1358
1359 __hci_abort_conn(&req, conn, reason);
1360
1361 err = hci_req_run(&req, abort_conn_complete);
1362 if (err && err != -ENODATA) {
1363 BT_ERR("Failed to run HCI request: err %d", err);
1364 return err;
1365 }
1366
1367 return 0;
1368}
Johan Hedberg5fc16cc2015-11-11 08:11:16 +02001369
Johan Hedberga1d01db2015-11-11 08:11:25 +02001370static int update_bg_scan(struct hci_request *req, unsigned long opt)
Johan Hedberg2e93e532015-11-11 08:11:17 +02001371{
1372 hci_dev_lock(req->hdev);
1373 __hci_update_background_scan(req);
1374 hci_dev_unlock(req->hdev);
Johan Hedberga1d01db2015-11-11 08:11:25 +02001375 return 0;
Johan Hedberg2e93e532015-11-11 08:11:17 +02001376}
1377
1378static void bg_scan_update(struct work_struct *work)
1379{
1380 struct hci_dev *hdev = container_of(work, struct hci_dev,
1381 bg_scan_update);
Johan Hedberg84235d22015-11-11 08:11:20 +02001382 struct hci_conn *conn;
1383 u8 status;
1384 int err;
Johan Hedberg2e93e532015-11-11 08:11:17 +02001385
Johan Hedberg84235d22015-11-11 08:11:20 +02001386 err = hci_req_sync(hdev, update_bg_scan, 0, HCI_CMD_TIMEOUT, &status);
1387 if (!err)
1388 return;
1389
1390 hci_dev_lock(hdev);
1391
1392 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
1393 if (conn)
1394 hci_le_conn_failed(conn, status);
1395
1396 hci_dev_unlock(hdev);
Johan Hedberg2e93e532015-11-11 08:11:17 +02001397}
1398
Johan Hedberga1d01db2015-11-11 08:11:25 +02001399static int le_scan_disable(struct hci_request *req, unsigned long opt)
Johan Hedberg7c1fbed2015-11-11 08:11:23 +02001400{
1401 hci_req_add_le_scan_disable(req);
Johan Hedberga1d01db2015-11-11 08:11:25 +02001402 return 0;
Johan Hedberg7c1fbed2015-11-11 08:11:23 +02001403}
1404
Johan Hedbergf4a2cb42015-11-11 12:24:22 +02001405static int bredr_inquiry(struct hci_request *req, unsigned long opt)
1406{
1407 u8 length = opt;
1408 /* General inquiry access code (GIAC) */
1409 u8 lap[3] = { 0x33, 0x8b, 0x9e };
1410 struct hci_cp_inquiry cp;
1411
1412 BT_DBG("%s", req->hdev->name);
1413
1414 hci_dev_lock(req->hdev);
1415 hci_inquiry_cache_flush(req->hdev);
1416 hci_dev_unlock(req->hdev);
1417
1418 memset(&cp, 0, sizeof(cp));
1419 memcpy(&cp.lap, lap, sizeof(cp.lap));
1420 cp.length = length;
1421
1422 hci_req_add(req, HCI_OP_INQUIRY, sizeof(cp), &cp);
1423
1424 return 0;
1425}
1426
Johan Hedberg7c1fbed2015-11-11 08:11:23 +02001427static void le_scan_disable_work(struct work_struct *work)
1428{
1429 struct hci_dev *hdev = container_of(work, struct hci_dev,
1430 le_scan_disable.work);
1431 u8 status;
Johan Hedberg7c1fbed2015-11-11 08:11:23 +02001432
1433 BT_DBG("%s", hdev->name);
1434
Johan Hedbergf4a2cb42015-11-11 12:24:22 +02001435 if (!hci_dev_test_flag(hdev, HCI_LE_SCAN))
Johan Hedberg7c1fbed2015-11-11 08:11:23 +02001436 return;
1437
Johan Hedbergf4a2cb42015-11-11 12:24:22 +02001438 cancel_delayed_work(&hdev->le_scan_restart);
1439
1440 hci_req_sync(hdev, le_scan_disable, 0, HCI_CMD_TIMEOUT, &status);
1441 if (status) {
1442 BT_ERR("Failed to disable LE scan: status 0x%02x", status);
1443 return;
1444 }
1445
1446 hdev->discovery.scan_start = 0;
1447
1448 /* If we were running LE only scan, change discovery state. If
1449 * we were running both LE and BR/EDR inquiry simultaneously,
1450 * and BR/EDR inquiry is already finished, stop discovery,
1451 * otherwise BR/EDR inquiry will stop discovery when finished.
1452 * If we will resolve remote device name, do not change
1453 * discovery state.
1454 */
1455
1456 if (hdev->discovery.type == DISCOV_TYPE_LE)
1457 goto discov_stopped;
1458
1459 if (hdev->discovery.type != DISCOV_TYPE_INTERLEAVED)
1460 return;
1461
1462 if (test_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks)) {
1463 if (!test_bit(HCI_INQUIRY, &hdev->flags) &&
1464 hdev->discovery.state != DISCOVERY_RESOLVING)
1465 goto discov_stopped;
1466
1467 return;
1468 }
1469
1470 hci_req_sync(hdev, bredr_inquiry, DISCOV_INTERLEAVED_INQUIRY_LEN,
1471 HCI_CMD_TIMEOUT, &status);
1472 if (status) {
1473 BT_ERR("Inquiry failed: status 0x%02x", status);
1474 goto discov_stopped;
1475 }
1476
1477 return;
1478
1479discov_stopped:
1480 hci_dev_lock(hdev);
1481 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1482 hci_dev_unlock(hdev);
Johan Hedberg7c1fbed2015-11-11 08:11:23 +02001483}
1484
Johan Hedberg3dfe5902015-11-11 12:24:23 +02001485static int le_scan_restart(struct hci_request *req, unsigned long opt)
Johan Hedberg7c1fbed2015-11-11 08:11:23 +02001486{
Johan Hedberg3dfe5902015-11-11 12:24:23 +02001487 struct hci_dev *hdev = req->hdev;
1488 struct hci_cp_le_set_scan_enable cp;
1489
1490 /* If controller is not scanning we are done. */
1491 if (!hci_dev_test_flag(hdev, HCI_LE_SCAN))
1492 return 0;
1493
1494 hci_req_add_le_scan_disable(req);
1495
1496 memset(&cp, 0, sizeof(cp));
1497 cp.enable = LE_SCAN_ENABLE;
1498 cp.filter_dup = LE_SCAN_FILTER_DUP_ENABLE;
1499 hci_req_add(req, HCI_OP_LE_SET_SCAN_ENABLE, sizeof(cp), &cp);
1500
1501 return 0;
1502}
1503
1504static void le_scan_restart_work(struct work_struct *work)
1505{
1506 struct hci_dev *hdev = container_of(work, struct hci_dev,
1507 le_scan_restart.work);
Johan Hedberg7c1fbed2015-11-11 08:11:23 +02001508 unsigned long timeout, duration, scan_start, now;
Johan Hedberg3dfe5902015-11-11 12:24:23 +02001509 u8 status;
Johan Hedberg7c1fbed2015-11-11 08:11:23 +02001510
1511 BT_DBG("%s", hdev->name);
1512
Johan Hedberg3dfe5902015-11-11 12:24:23 +02001513 hci_req_sync(hdev, le_scan_restart, 0, HCI_CMD_TIMEOUT, &status);
Johan Hedberg7c1fbed2015-11-11 08:11:23 +02001514 if (status) {
1515 BT_ERR("Failed to restart LE scan: status %d", status);
1516 return;
1517 }
1518
1519 hci_dev_lock(hdev);
1520
1521 if (!test_bit(HCI_QUIRK_STRICT_DUPLICATE_FILTER, &hdev->quirks) ||
1522 !hdev->discovery.scan_start)
1523 goto unlock;
1524
1525 /* When the scan was started, hdev->le_scan_disable has been queued
1526 * after duration from scan_start. During scan restart this job
1527 * has been canceled, and we need to queue it again after proper
1528 * timeout, to make sure that scan does not run indefinitely.
1529 */
1530 duration = hdev->discovery.scan_duration;
1531 scan_start = hdev->discovery.scan_start;
1532 now = jiffies;
1533 if (now - scan_start <= duration) {
1534 int elapsed;
1535
1536 if (now >= scan_start)
1537 elapsed = now - scan_start;
1538 else
1539 elapsed = ULONG_MAX - scan_start + now;
1540
1541 timeout = duration - elapsed;
1542 } else {
1543 timeout = 0;
1544 }
1545
1546 queue_delayed_work(hdev->req_workqueue,
1547 &hdev->le_scan_disable, timeout);
1548
1549unlock:
1550 hci_dev_unlock(hdev);
1551}
1552
Johan Hedberge68f0722015-11-11 08:30:30 +02001553static void disable_advertising(struct hci_request *req)
1554{
1555 u8 enable = 0x00;
1556
1557 hci_req_add(req, HCI_OP_LE_SET_ADV_ENABLE, sizeof(enable), &enable);
1558}
1559
1560static int active_scan(struct hci_request *req, unsigned long opt)
1561{
1562 uint16_t interval = opt;
1563 struct hci_dev *hdev = req->hdev;
1564 struct hci_cp_le_set_scan_param param_cp;
1565 struct hci_cp_le_set_scan_enable enable_cp;
1566 u8 own_addr_type;
1567 int err;
1568
1569 BT_DBG("%s", hdev->name);
1570
1571 if (hci_dev_test_flag(hdev, HCI_LE_ADV)) {
1572 hci_dev_lock(hdev);
1573
1574 /* Don't let discovery abort an outgoing connection attempt
1575 * that's using directed advertising.
1576 */
1577 if (hci_lookup_le_connect(hdev)) {
1578 hci_dev_unlock(hdev);
1579 return -EBUSY;
1580 }
1581
1582 cancel_adv_timeout(hdev);
1583 hci_dev_unlock(hdev);
1584
1585 disable_advertising(req);
1586 }
1587
1588 /* If controller is scanning, it means the background scanning is
1589 * running. Thus, we should temporarily stop it in order to set the
1590 * discovery scanning parameters.
1591 */
1592 if (hci_dev_test_flag(hdev, HCI_LE_SCAN))
1593 hci_req_add_le_scan_disable(req);
1594
1595 /* All active scans will be done with either a resolvable private
1596 * address (when privacy feature has been enabled) or non-resolvable
1597 * private address.
1598 */
1599 err = hci_update_random_address(req, true, &own_addr_type);
1600 if (err < 0)
1601 own_addr_type = ADDR_LE_DEV_PUBLIC;
1602
1603 memset(&param_cp, 0, sizeof(param_cp));
1604 param_cp.type = LE_SCAN_ACTIVE;
1605 param_cp.interval = cpu_to_le16(interval);
1606 param_cp.window = cpu_to_le16(DISCOV_LE_SCAN_WIN);
1607 param_cp.own_address_type = own_addr_type;
1608
1609 hci_req_add(req, HCI_OP_LE_SET_SCAN_PARAM, sizeof(param_cp),
1610 &param_cp);
1611
1612 memset(&enable_cp, 0, sizeof(enable_cp));
1613 enable_cp.enable = LE_SCAN_ENABLE;
1614 enable_cp.filter_dup = LE_SCAN_FILTER_DUP_ENABLE;
1615
1616 hci_req_add(req, HCI_OP_LE_SET_SCAN_ENABLE, sizeof(enable_cp),
1617 &enable_cp);
1618
1619 return 0;
1620}
1621
1622static int interleaved_discov(struct hci_request *req, unsigned long opt)
1623{
1624 int err;
1625
1626 BT_DBG("%s", req->hdev->name);
1627
1628 err = active_scan(req, opt);
1629 if (err)
1630 return err;
1631
Johan Hedberg7df26b52015-11-11 12:24:21 +02001632 return bredr_inquiry(req, DISCOV_BREDR_INQUIRY_LEN);
Johan Hedberge68f0722015-11-11 08:30:30 +02001633}
1634
1635static void start_discovery(struct hci_dev *hdev, u8 *status)
1636{
1637 unsigned long timeout;
1638
1639 BT_DBG("%s type %u", hdev->name, hdev->discovery.type);
1640
1641 switch (hdev->discovery.type) {
1642 case DISCOV_TYPE_BREDR:
1643 if (!hci_dev_test_flag(hdev, HCI_INQUIRY))
Johan Hedberg7df26b52015-11-11 12:24:21 +02001644 hci_req_sync(hdev, bredr_inquiry,
1645 DISCOV_BREDR_INQUIRY_LEN, HCI_CMD_TIMEOUT,
Johan Hedberge68f0722015-11-11 08:30:30 +02001646 status);
1647 return;
1648 case DISCOV_TYPE_INTERLEAVED:
1649 /* When running simultaneous discovery, the LE scanning time
1650 * should occupy the whole discovery time sine BR/EDR inquiry
1651 * and LE scanning are scheduled by the controller.
1652 *
1653 * For interleaving discovery in comparison, BR/EDR inquiry
1654 * and LE scanning are done sequentially with separate
1655 * timeouts.
1656 */
1657 if (test_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY,
1658 &hdev->quirks)) {
1659 timeout = msecs_to_jiffies(DISCOV_LE_TIMEOUT);
1660 /* During simultaneous discovery, we double LE scan
1661 * interval. We must leave some time for the controller
1662 * to do BR/EDR inquiry.
1663 */
1664 hci_req_sync(hdev, interleaved_discov,
1665 DISCOV_LE_SCAN_INT * 2, HCI_CMD_TIMEOUT,
1666 status);
1667 break;
1668 }
1669
1670 timeout = msecs_to_jiffies(hdev->discov_interleaved_timeout);
1671 hci_req_sync(hdev, active_scan, DISCOV_LE_SCAN_INT,
1672 HCI_CMD_TIMEOUT, status);
1673 break;
1674 case DISCOV_TYPE_LE:
1675 timeout = msecs_to_jiffies(DISCOV_LE_TIMEOUT);
1676 hci_req_sync(hdev, active_scan, DISCOV_LE_SCAN_INT,
1677 HCI_CMD_TIMEOUT, status);
1678 break;
1679 default:
1680 *status = HCI_ERROR_UNSPECIFIED;
1681 return;
1682 }
1683
1684 if (*status)
1685 return;
1686
1687 BT_DBG("%s timeout %u ms", hdev->name, jiffies_to_msecs(timeout));
1688
1689 /* When service discovery is used and the controller has a
1690 * strict duplicate filter, it is important to remember the
1691 * start and duration of the scan. This is required for
1692 * restarting scanning during the discovery phase.
1693 */
1694 if (test_bit(HCI_QUIRK_STRICT_DUPLICATE_FILTER, &hdev->quirks) &&
1695 hdev->discovery.result_filtering) {
1696 hdev->discovery.scan_start = jiffies;
1697 hdev->discovery.scan_duration = timeout;
1698 }
1699
1700 queue_delayed_work(hdev->req_workqueue, &hdev->le_scan_disable,
1701 timeout);
1702}
1703
Johan Hedberg2154d3f2015-11-11 08:30:45 +02001704bool hci_req_stop_discovery(struct hci_request *req)
1705{
1706 struct hci_dev *hdev = req->hdev;
1707 struct discovery_state *d = &hdev->discovery;
1708 struct hci_cp_remote_name_req_cancel cp;
1709 struct inquiry_entry *e;
1710 bool ret = false;
1711
1712 BT_DBG("%s state %u", hdev->name, hdev->discovery.state);
1713
1714 if (d->state == DISCOVERY_FINDING || d->state == DISCOVERY_STOPPING) {
1715 if (test_bit(HCI_INQUIRY, &hdev->flags))
1716 hci_req_add(req, HCI_OP_INQUIRY_CANCEL, 0, NULL);
1717
1718 if (hci_dev_test_flag(hdev, HCI_LE_SCAN)) {
1719 cancel_delayed_work(&hdev->le_scan_disable);
1720 hci_req_add_le_scan_disable(req);
1721 }
1722
1723 ret = true;
1724 } else {
1725 /* Passive scanning */
1726 if (hci_dev_test_flag(hdev, HCI_LE_SCAN)) {
1727 hci_req_add_le_scan_disable(req);
1728 ret = true;
1729 }
1730 }
1731
1732 /* No further actions needed for LE-only discovery */
1733 if (d->type == DISCOV_TYPE_LE)
1734 return ret;
1735
1736 if (d->state == DISCOVERY_RESOLVING || d->state == DISCOVERY_STOPPING) {
1737 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY,
1738 NAME_PENDING);
1739 if (!e)
1740 return ret;
1741
1742 bacpy(&cp.bdaddr, &e->data.bdaddr);
1743 hci_req_add(req, HCI_OP_REMOTE_NAME_REQ_CANCEL, sizeof(cp),
1744 &cp);
1745 ret = true;
1746 }
1747
1748 return ret;
1749}
1750
1751static int stop_discovery(struct hci_request *req, unsigned long opt)
1752{
1753 hci_dev_lock(req->hdev);
1754 hci_req_stop_discovery(req);
1755 hci_dev_unlock(req->hdev);
1756
1757 return 0;
1758}
1759
Johan Hedberge68f0722015-11-11 08:30:30 +02001760static void discov_update(struct work_struct *work)
1761{
1762 struct hci_dev *hdev = container_of(work, struct hci_dev,
1763 discov_update);
1764 u8 status = 0;
1765
1766 switch (hdev->discovery.state) {
1767 case DISCOVERY_STARTING:
1768 start_discovery(hdev, &status);
1769 mgmt_start_discovery_complete(hdev, status);
1770 if (status)
1771 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1772 else
1773 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
1774 break;
Johan Hedberg2154d3f2015-11-11 08:30:45 +02001775 case DISCOVERY_STOPPING:
1776 hci_req_sync(hdev, stop_discovery, 0, HCI_CMD_TIMEOUT, &status);
1777 mgmt_stop_discovery_complete(hdev, status);
1778 if (!status)
1779 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1780 break;
Johan Hedberge68f0722015-11-11 08:30:30 +02001781 case DISCOVERY_STOPPED:
1782 default:
1783 return;
1784 }
1785}
1786
Johan Hedberg5fc16cc2015-11-11 08:11:16 +02001787void hci_request_setup(struct hci_dev *hdev)
1788{
Johan Hedberge68f0722015-11-11 08:30:30 +02001789 INIT_WORK(&hdev->discov_update, discov_update);
Johan Hedberg2e93e532015-11-11 08:11:17 +02001790 INIT_WORK(&hdev->bg_scan_update, bg_scan_update);
Johan Hedberg01b1cb82015-11-16 12:52:21 +02001791 INIT_WORK(&hdev->scan_update, scan_update_work);
Johan Hedberg7c1fbed2015-11-11 08:11:23 +02001792 INIT_DELAYED_WORK(&hdev->le_scan_disable, le_scan_disable_work);
1793 INIT_DELAYED_WORK(&hdev->le_scan_restart, le_scan_restart_work);
Johan Hedbergf2252572015-11-18 12:49:20 +02001794 INIT_DELAYED_WORK(&hdev->adv_instance_expire, adv_timeout_expire);
Johan Hedberg5fc16cc2015-11-11 08:11:16 +02001795}
1796
1797void hci_request_cancel_all(struct hci_dev *hdev)
1798{
Johan Hedberg7df0f732015-11-12 15:15:00 +02001799 hci_req_sync_cancel(hdev, ENODEV);
1800
Johan Hedberge68f0722015-11-11 08:30:30 +02001801 cancel_work_sync(&hdev->discov_update);
Johan Hedberg2e93e532015-11-11 08:11:17 +02001802 cancel_work_sync(&hdev->bg_scan_update);
Johan Hedberg01b1cb82015-11-16 12:52:21 +02001803 cancel_work_sync(&hdev->scan_update);
Johan Hedberg7c1fbed2015-11-11 08:11:23 +02001804 cancel_delayed_work_sync(&hdev->le_scan_disable);
1805 cancel_delayed_work_sync(&hdev->le_scan_restart);
Johan Hedbergf2252572015-11-18 12:49:20 +02001806
1807 if (hdev->adv_instance_timeout) {
1808 cancel_delayed_work_sync(&hdev->adv_instance_expire);
1809 hdev->adv_instance_timeout = 0;
1810 }
Johan Hedberg5fc16cc2015-11-11 08:11:16 +02001811}