Lines Matching +full:adv +full:- +full:extra +full:- +full:delay
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
91 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_inquiry_cancel()
100 if (rp->status == HCI_ERROR_COMMAND_DISALLOWED && !test_bit(HCI_INQUIRY, &hdev->flags)) { in hci_cc_inquiry_cancel()
102 rp->status = 0x00; in hci_cc_inquiry_cancel()
105 if (rp->status) in hci_cc_inquiry_cancel()
106 return rp->status; in hci_cc_inquiry_cancel()
108 clear_bit(HCI_INQUIRY, &hdev->flags); in hci_cc_inquiry_cancel()
110 wake_up_bit(&hdev->flags, HCI_INQUIRY); in hci_cc_inquiry_cancel()
117 hdev->le_scan_type != LE_SCAN_ACTIVE) in hci_cc_inquiry_cancel()
121 return rp->status; in hci_cc_inquiry_cancel()
129 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_periodic_inq()
131 if (rp->status) in hci_cc_periodic_inq()
132 return rp->status; in hci_cc_periodic_inq()
136 return rp->status; in hci_cc_periodic_inq()
144 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_exit_periodic_inq()
146 if (rp->status) in hci_cc_exit_periodic_inq()
147 return rp->status; in hci_cc_exit_periodic_inq()
151 return rp->status; in hci_cc_exit_periodic_inq()
159 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_remote_name_req_cancel()
161 return rp->status; in hci_cc_remote_name_req_cancel()
170 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_role_discovery()
172 if (rp->status) in hci_cc_role_discovery()
173 return rp->status; in hci_cc_role_discovery()
177 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); in hci_cc_role_discovery()
179 conn->role = rp->role; in hci_cc_role_discovery()
183 return rp->status; in hci_cc_role_discovery()
192 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_link_policy()
194 if (rp->status) in hci_cc_read_link_policy()
195 return rp->status; in hci_cc_read_link_policy()
199 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); in hci_cc_read_link_policy()
201 conn->link_policy = __le16_to_cpu(rp->policy); in hci_cc_read_link_policy()
205 return rp->status; in hci_cc_read_link_policy()
215 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_write_link_policy()
217 if (rp->status) in hci_cc_write_link_policy()
218 return rp->status; in hci_cc_write_link_policy()
222 return rp->status; in hci_cc_write_link_policy()
226 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); in hci_cc_write_link_policy()
228 conn->link_policy = get_unaligned_le16(sent + 2); in hci_cc_write_link_policy()
232 return rp->status; in hci_cc_write_link_policy()
240 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_def_link_policy()
242 if (rp->status) in hci_cc_read_def_link_policy()
243 return rp->status; in hci_cc_read_def_link_policy()
245 hdev->link_policy = __le16_to_cpu(rp->policy); in hci_cc_read_def_link_policy()
247 return rp->status; in hci_cc_read_def_link_policy()
256 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_write_def_link_policy()
258 if (rp->status) in hci_cc_write_def_link_policy()
259 return rp->status; in hci_cc_write_def_link_policy()
263 return rp->status; in hci_cc_write_def_link_policy()
265 hdev->link_policy = get_unaligned_le16(sent); in hci_cc_write_def_link_policy()
267 return rp->status; in hci_cc_write_def_link_policy()
274 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_reset()
276 clear_bit(HCI_RESET, &hdev->flags); in hci_cc_reset()
278 if (rp->status) in hci_cc_reset()
279 return rp->status; in hci_cc_reset()
281 /* Reset all non-persistent flags */ in hci_cc_reset()
286 hdev->inq_tx_power = HCI_TX_POWER_INVALID; in hci_cc_reset()
287 hdev->adv_tx_power = HCI_TX_POWER_INVALID; in hci_cc_reset()
289 memset(hdev->adv_data, 0, sizeof(hdev->adv_data)); in hci_cc_reset()
290 hdev->adv_data_len = 0; in hci_cc_reset()
292 memset(hdev->scan_rsp_data, 0, sizeof(hdev->scan_rsp_data)); in hci_cc_reset()
293 hdev->scan_rsp_data_len = 0; in hci_cc_reset()
295 hdev->le_scan_type = LE_SCAN_PASSIVE; in hci_cc_reset()
297 hdev->ssp_debug_mode = 0; in hci_cc_reset()
299 hci_bdaddr_list_clear(&hdev->le_accept_list); in hci_cc_reset()
300 hci_bdaddr_list_clear(&hdev->le_resolv_list); in hci_cc_reset()
302 return rp->status; in hci_cc_reset()
311 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_stored_link_key()
315 return rp->status; in hci_cc_read_stored_link_key()
317 if (!rp->status && sent->read_all == 0x01) { in hci_cc_read_stored_link_key()
318 hdev->stored_max_keys = le16_to_cpu(rp->max_keys); in hci_cc_read_stored_link_key()
319 hdev->stored_num_keys = le16_to_cpu(rp->num_keys); in hci_cc_read_stored_link_key()
322 return rp->status; in hci_cc_read_stored_link_key()
331 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_delete_stored_link_key()
333 if (rp->status) in hci_cc_delete_stored_link_key()
334 return rp->status; in hci_cc_delete_stored_link_key()
336 num_keys = le16_to_cpu(rp->num_keys); in hci_cc_delete_stored_link_key()
338 if (num_keys <= hdev->stored_num_keys) in hci_cc_delete_stored_link_key()
339 hdev->stored_num_keys -= num_keys; in hci_cc_delete_stored_link_key()
341 hdev->stored_num_keys = 0; in hci_cc_delete_stored_link_key()
343 return rp->status; in hci_cc_delete_stored_link_key()
352 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_write_local_name()
356 return rp->status; in hci_cc_write_local_name()
361 mgmt_set_local_name_complete(hdev, sent, rp->status); in hci_cc_write_local_name()
362 else if (!rp->status) in hci_cc_write_local_name()
363 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH); in hci_cc_write_local_name()
367 return rp->status; in hci_cc_write_local_name()
375 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_local_name()
377 if (rp->status) in hci_cc_read_local_name()
378 return rp->status; in hci_cc_read_local_name()
382 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH); in hci_cc_read_local_name()
384 return rp->status; in hci_cc_read_local_name()
393 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_write_auth_enable()
397 return rp->status; in hci_cc_write_auth_enable()
401 if (!rp->status) { in hci_cc_write_auth_enable()
405 set_bit(HCI_AUTH, &hdev->flags); in hci_cc_write_auth_enable()
407 clear_bit(HCI_AUTH, &hdev->flags); in hci_cc_write_auth_enable()
411 mgmt_auth_enable_complete(hdev, rp->status); in hci_cc_write_auth_enable()
415 return rp->status; in hci_cc_write_auth_enable()
425 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_write_encrypt_mode()
427 if (rp->status) in hci_cc_write_encrypt_mode()
428 return rp->status; in hci_cc_write_encrypt_mode()
432 return rp->status; in hci_cc_write_encrypt_mode()
437 set_bit(HCI_ENCRYPT, &hdev->flags); in hci_cc_write_encrypt_mode()
439 clear_bit(HCI_ENCRYPT, &hdev->flags); in hci_cc_write_encrypt_mode()
441 return rp->status; in hci_cc_write_encrypt_mode()
451 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_write_scan_enable()
455 return rp->status; in hci_cc_write_scan_enable()
461 if (rp->status) { in hci_cc_write_scan_enable()
462 hdev->discov_timeout = 0; in hci_cc_write_scan_enable()
467 set_bit(HCI_ISCAN, &hdev->flags); in hci_cc_write_scan_enable()
469 clear_bit(HCI_ISCAN, &hdev->flags); in hci_cc_write_scan_enable()
472 set_bit(HCI_PSCAN, &hdev->flags); in hci_cc_write_scan_enable()
474 clear_bit(HCI_PSCAN, &hdev->flags); in hci_cc_write_scan_enable()
479 return rp->status; in hci_cc_write_scan_enable()
489 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_set_event_filter()
491 if (rp->status) in hci_cc_set_event_filter()
492 return rp->status; in hci_cc_set_event_filter()
496 return rp->status; in hci_cc_set_event_filter()
500 if (cp->flt_type == HCI_FLT_CLEAR_ALL) in hci_cc_set_event_filter()
505 return rp->status; in hci_cc_set_event_filter()
516 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_class_of_dev()
518 if (rp->status) in hci_cc_read_class_of_dev()
519 return rp->status; in hci_cc_read_class_of_dev()
521 memcpy(hdev->dev_class, rp->dev_class, 3); in hci_cc_read_class_of_dev()
523 bt_dev_dbg(hdev, "class 0x%.2x%.2x%.2x", hdev->dev_class[2], in hci_cc_read_class_of_dev()
524 hdev->dev_class[1], hdev->dev_class[0]); in hci_cc_read_class_of_dev()
526 return rp->status; in hci_cc_read_class_of_dev()
535 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_write_class_of_dev()
539 return rp->status; in hci_cc_write_class_of_dev()
543 if (!rp->status) in hci_cc_write_class_of_dev()
544 memcpy(hdev->dev_class, sent, 3); in hci_cc_write_class_of_dev()
547 mgmt_set_class_of_dev_complete(hdev, sent, rp->status); in hci_cc_write_class_of_dev()
551 return rp->status; in hci_cc_write_class_of_dev()
560 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_voice_setting()
562 if (rp->status) in hci_cc_read_voice_setting()
563 return rp->status; in hci_cc_read_voice_setting()
565 setting = __le16_to_cpu(rp->voice_setting); in hci_cc_read_voice_setting()
567 if (hdev->voice_setting == setting) in hci_cc_read_voice_setting()
568 return rp->status; in hci_cc_read_voice_setting()
570 hdev->voice_setting = setting; in hci_cc_read_voice_setting()
574 if (hdev->notify) in hci_cc_read_voice_setting()
575 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING); in hci_cc_read_voice_setting()
577 return rp->status; in hci_cc_read_voice_setting()
587 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_write_voice_setting()
589 if (rp->status) in hci_cc_write_voice_setting()
590 return rp->status; in hci_cc_write_voice_setting()
594 return rp->status; in hci_cc_write_voice_setting()
598 if (hdev->voice_setting == setting) in hci_cc_write_voice_setting()
599 return rp->status; in hci_cc_write_voice_setting()
601 hdev->voice_setting = setting; in hci_cc_write_voice_setting()
605 if (hdev->notify) in hci_cc_write_voice_setting()
606 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING); in hci_cc_write_voice_setting()
608 return rp->status; in hci_cc_write_voice_setting()
616 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_num_supported_iac()
618 if (rp->status) in hci_cc_read_num_supported_iac()
619 return rp->status; in hci_cc_read_num_supported_iac()
621 hdev->num_iac = rp->num_iac; in hci_cc_read_num_supported_iac()
623 bt_dev_dbg(hdev, "num iac %d", hdev->num_iac); in hci_cc_read_num_supported_iac()
625 return rp->status; in hci_cc_read_num_supported_iac()
634 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_write_ssp_mode()
638 return rp->status; in hci_cc_write_ssp_mode()
642 if (!rp->status) { in hci_cc_write_ssp_mode()
643 if (sent->mode) in hci_cc_write_ssp_mode()
644 hdev->features[1][0] |= LMP_HOST_SSP; in hci_cc_write_ssp_mode()
646 hdev->features[1][0] &= ~LMP_HOST_SSP; in hci_cc_write_ssp_mode()
649 if (!rp->status) { in hci_cc_write_ssp_mode()
650 if (sent->mode) in hci_cc_write_ssp_mode()
658 return rp->status; in hci_cc_write_ssp_mode()
667 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_write_sc_support()
671 return rp->status; in hci_cc_write_sc_support()
675 if (!rp->status) { in hci_cc_write_sc_support()
676 if (sent->support) in hci_cc_write_sc_support()
677 hdev->features[1][0] |= LMP_HOST_SC; in hci_cc_write_sc_support()
679 hdev->features[1][0] &= ~LMP_HOST_SC; in hci_cc_write_sc_support()
682 if (!hci_dev_test_flag(hdev, HCI_MGMT) && !rp->status) { in hci_cc_write_sc_support()
683 if (sent->support) in hci_cc_write_sc_support()
691 return rp->status; in hci_cc_write_sc_support()
699 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_local_version()
701 if (rp->status) in hci_cc_read_local_version()
702 return rp->status; in hci_cc_read_local_version()
706 hdev->hci_ver = rp->hci_ver; in hci_cc_read_local_version()
707 hdev->hci_rev = __le16_to_cpu(rp->hci_rev); in hci_cc_read_local_version()
708 hdev->lmp_ver = rp->lmp_ver; in hci_cc_read_local_version()
709 hdev->manufacturer = __le16_to_cpu(rp->manufacturer); in hci_cc_read_local_version()
710 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver); in hci_cc_read_local_version()
713 return rp->status; in hci_cc_read_local_version()
722 u8 status = rp->status; in hci_cc_read_enc_key_size()
726 handle = le16_to_cpu(rp->handle); in hci_cc_read_enc_key_size()
743 conn->enc_key_size = 0; in hci_cc_read_enc_key_size()
745 conn->enc_key_size = rp->key_size; in hci_cc_read_enc_key_size()
748 if (conn->enc_key_size < hdev->min_enc_key_size) { in hci_cc_read_enc_key_size()
749 /* As slave role, the conn->state has been set to in hci_cc_read_enc_key_size()
752 * nothing with the non-zero status. in hci_cc_read_enc_key_size()
758 clear_bit(HCI_CONN_ENCRYPT, &conn->flags); in hci_cc_read_enc_key_size()
759 clear_bit(HCI_CONN_AES_CCM, &conn->flags); in hci_cc_read_enc_key_size()
776 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_local_commands()
778 if (rp->status) in hci_cc_read_local_commands()
779 return rp->status; in hci_cc_read_local_commands()
783 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands)); in hci_cc_read_local_commands()
785 return rp->status; in hci_cc_read_local_commands()
794 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_auth_payload_timeout()
796 if (rp->status) in hci_cc_read_auth_payload_timeout()
797 return rp->status; in hci_cc_read_auth_payload_timeout()
801 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); in hci_cc_read_auth_payload_timeout()
803 conn->auth_payload_timeout = __le16_to_cpu(rp->timeout); in hci_cc_read_auth_payload_timeout()
807 return rp->status; in hci_cc_read_auth_payload_timeout()
817 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_write_auth_payload_timeout()
821 return rp->status; in hci_cc_write_auth_payload_timeout()
825 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); in hci_cc_write_auth_payload_timeout()
827 rp->status = 0xff; in hci_cc_write_auth_payload_timeout()
831 if (!rp->status) in hci_cc_write_auth_payload_timeout()
832 conn->auth_payload_timeout = get_unaligned_le16(sent + 2); in hci_cc_write_auth_payload_timeout()
837 return rp->status; in hci_cc_write_auth_payload_timeout()
845 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_local_features()
847 if (rp->status) in hci_cc_read_local_features()
848 return rp->status; in hci_cc_read_local_features()
850 memcpy(hdev->features, rp->features, 8); in hci_cc_read_local_features()
855 if (hdev->features[0][0] & LMP_3SLOT) in hci_cc_read_local_features()
856 hdev->pkt_type |= (HCI_DM3 | HCI_DH3); in hci_cc_read_local_features()
858 if (hdev->features[0][0] & LMP_5SLOT) in hci_cc_read_local_features()
859 hdev->pkt_type |= (HCI_DM5 | HCI_DH5); in hci_cc_read_local_features()
861 if (hdev->features[0][1] & LMP_HV2) { in hci_cc_read_local_features()
862 hdev->pkt_type |= (HCI_HV2); in hci_cc_read_local_features()
863 hdev->esco_type |= (ESCO_HV2); in hci_cc_read_local_features()
866 if (hdev->features[0][1] & LMP_HV3) { in hci_cc_read_local_features()
867 hdev->pkt_type |= (HCI_HV3); in hci_cc_read_local_features()
868 hdev->esco_type |= (ESCO_HV3); in hci_cc_read_local_features()
872 hdev->esco_type |= (ESCO_EV3); in hci_cc_read_local_features()
874 if (hdev->features[0][4] & LMP_EV4) in hci_cc_read_local_features()
875 hdev->esco_type |= (ESCO_EV4); in hci_cc_read_local_features()
877 if (hdev->features[0][4] & LMP_EV5) in hci_cc_read_local_features()
878 hdev->esco_type |= (ESCO_EV5); in hci_cc_read_local_features()
880 if (hdev->features[0][5] & LMP_EDR_ESCO_2M) in hci_cc_read_local_features()
881 hdev->esco_type |= (ESCO_2EV3); in hci_cc_read_local_features()
883 if (hdev->features[0][5] & LMP_EDR_ESCO_3M) in hci_cc_read_local_features()
884 hdev->esco_type |= (ESCO_3EV3); in hci_cc_read_local_features()
886 if (hdev->features[0][5] & LMP_EDR_3S_ESCO) in hci_cc_read_local_features()
887 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5); in hci_cc_read_local_features()
889 return rp->status; in hci_cc_read_local_features()
897 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_local_ext_features()
899 if (rp->status) in hci_cc_read_local_ext_features()
900 return rp->status; in hci_cc_read_local_ext_features()
902 if (hdev->max_page < rp->max_page) { in hci_cc_read_local_ext_features()
904 &hdev->quirks)) in hci_cc_read_local_ext_features()
907 hdev->max_page = rp->max_page; in hci_cc_read_local_ext_features()
910 if (rp->page < HCI_MAX_PAGES) in hci_cc_read_local_ext_features()
911 memcpy(hdev->features[rp->page], rp->features, 8); in hci_cc_read_local_ext_features()
913 return rp->status; in hci_cc_read_local_ext_features()
921 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_buffer_size()
923 if (rp->status) in hci_cc_read_buffer_size()
924 return rp->status; in hci_cc_read_buffer_size()
926 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu); in hci_cc_read_buffer_size()
927 hdev->sco_mtu = rp->sco_mtu; in hci_cc_read_buffer_size()
928 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt); in hci_cc_read_buffer_size()
929 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt); in hci_cc_read_buffer_size()
931 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) { in hci_cc_read_buffer_size()
932 hdev->sco_mtu = 64; in hci_cc_read_buffer_size()
933 hdev->sco_pkts = 8; in hci_cc_read_buffer_size()
936 hdev->acl_cnt = hdev->acl_pkts; in hci_cc_read_buffer_size()
937 hdev->sco_cnt = hdev->sco_pkts; in hci_cc_read_buffer_size()
939 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu, in hci_cc_read_buffer_size()
940 hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts); in hci_cc_read_buffer_size()
942 if (!hdev->acl_mtu || !hdev->acl_pkts) in hci_cc_read_buffer_size()
945 return rp->status; in hci_cc_read_buffer_size()
953 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_bd_addr()
955 if (rp->status) in hci_cc_read_bd_addr()
956 return rp->status; in hci_cc_read_bd_addr()
958 if (test_bit(HCI_INIT, &hdev->flags)) in hci_cc_read_bd_addr()
959 bacpy(&hdev->bdaddr, &rp->bdaddr); in hci_cc_read_bd_addr()
962 bacpy(&hdev->setup_addr, &rp->bdaddr); in hci_cc_read_bd_addr()
964 return rp->status; in hci_cc_read_bd_addr()
972 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_local_pairing_opts()
974 if (rp->status) in hci_cc_read_local_pairing_opts()
975 return rp->status; in hci_cc_read_local_pairing_opts()
979 hdev->pairing_opts = rp->pairing_opts; in hci_cc_read_local_pairing_opts()
980 hdev->max_enc_key_size = rp->max_key_size; in hci_cc_read_local_pairing_opts()
983 return rp->status; in hci_cc_read_local_pairing_opts()
991 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_page_scan_activity()
993 if (rp->status) in hci_cc_read_page_scan_activity()
994 return rp->status; in hci_cc_read_page_scan_activity()
996 if (test_bit(HCI_INIT, &hdev->flags)) { in hci_cc_read_page_scan_activity()
997 hdev->page_scan_interval = __le16_to_cpu(rp->interval); in hci_cc_read_page_scan_activity()
998 hdev->page_scan_window = __le16_to_cpu(rp->window); in hci_cc_read_page_scan_activity()
1001 return rp->status; in hci_cc_read_page_scan_activity()
1010 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_write_page_scan_activity()
1012 if (rp->status) in hci_cc_write_page_scan_activity()
1013 return rp->status; in hci_cc_write_page_scan_activity()
1017 return rp->status; in hci_cc_write_page_scan_activity()
1019 hdev->page_scan_interval = __le16_to_cpu(sent->interval); in hci_cc_write_page_scan_activity()
1020 hdev->page_scan_window = __le16_to_cpu(sent->window); in hci_cc_write_page_scan_activity()
1022 return rp->status; in hci_cc_write_page_scan_activity()
1030 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_page_scan_type()
1032 if (rp->status) in hci_cc_read_page_scan_type()
1033 return rp->status; in hci_cc_read_page_scan_type()
1035 if (test_bit(HCI_INIT, &hdev->flags)) in hci_cc_read_page_scan_type()
1036 hdev->page_scan_type = rp->type; in hci_cc_read_page_scan_type()
1038 return rp->status; in hci_cc_read_page_scan_type()
1047 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_write_page_scan_type()
1049 if (rp->status) in hci_cc_write_page_scan_type()
1050 return rp->status; in hci_cc_write_page_scan_type()
1054 hdev->page_scan_type = *type; in hci_cc_write_page_scan_type()
1056 return rp->status; in hci_cc_write_page_scan_type()
1066 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_clock()
1068 if (rp->status) in hci_cc_read_clock()
1069 return rp->status; in hci_cc_read_clock()
1077 if (cp->which == 0x00) { in hci_cc_read_clock()
1078 hdev->clock = le32_to_cpu(rp->clock); in hci_cc_read_clock()
1082 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); in hci_cc_read_clock()
1084 conn->clock = le32_to_cpu(rp->clock); in hci_cc_read_clock()
1085 conn->clock_accuracy = le16_to_cpu(rp->accuracy); in hci_cc_read_clock()
1090 return rp->status; in hci_cc_read_clock()
1098 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_inq_rsp_tx_power()
1100 if (rp->status) in hci_cc_read_inq_rsp_tx_power()
1101 return rp->status; in hci_cc_read_inq_rsp_tx_power()
1103 hdev->inq_tx_power = rp->tx_power; in hci_cc_read_inq_rsp_tx_power()
1105 return rp->status; in hci_cc_read_inq_rsp_tx_power()
1113 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_def_err_data_reporting()
1115 if (rp->status) in hci_cc_read_def_err_data_reporting()
1116 return rp->status; in hci_cc_read_def_err_data_reporting()
1118 hdev->err_data_reporting = rp->err_data_reporting; in hci_cc_read_def_err_data_reporting()
1120 return rp->status; in hci_cc_read_def_err_data_reporting()
1129 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_write_def_err_data_reporting()
1131 if (rp->status) in hci_cc_write_def_err_data_reporting()
1132 return rp->status; in hci_cc_write_def_err_data_reporting()
1136 return rp->status; in hci_cc_write_def_err_data_reporting()
1138 hdev->err_data_reporting = cp->err_data_reporting; in hci_cc_write_def_err_data_reporting()
1140 return rp->status; in hci_cc_write_def_err_data_reporting()
1150 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_pin_code_reply()
1155 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status); in hci_cc_pin_code_reply()
1157 if (rp->status) in hci_cc_pin_code_reply()
1164 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); in hci_cc_pin_code_reply()
1166 conn->pin_length = cp->pin_len; in hci_cc_pin_code_reply()
1170 return rp->status; in hci_cc_pin_code_reply()
1178 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_pin_code_neg_reply()
1183 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr, in hci_cc_pin_code_neg_reply()
1184 rp->status); in hci_cc_pin_code_neg_reply()
1188 return rp->status; in hci_cc_pin_code_neg_reply()
1196 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_read_buffer_size()
1198 if (rp->status) in hci_cc_le_read_buffer_size()
1199 return rp->status; in hci_cc_le_read_buffer_size()
1201 hdev->le_mtu = __le16_to_cpu(rp->le_mtu); in hci_cc_le_read_buffer_size()
1202 hdev->le_pkts = rp->le_max_pkt; in hci_cc_le_read_buffer_size()
1204 hdev->le_cnt = hdev->le_pkts; in hci_cc_le_read_buffer_size()
1206 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts); in hci_cc_le_read_buffer_size()
1208 if (hdev->le_mtu && hdev->le_mtu < HCI_MIN_LE_MTU) in hci_cc_le_read_buffer_size()
1211 return rp->status; in hci_cc_le_read_buffer_size()
1219 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_le_read_local_features()
1221 if (rp->status) in hci_cc_le_read_local_features()
1222 return rp->status; in hci_cc_le_read_local_features()
1224 memcpy(hdev->le_features, rp->features, 8); in hci_cc_le_read_local_features()
1226 return rp->status; in hci_cc_le_read_local_features()
1234 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_read_adv_tx_power()
1236 if (rp->status) in hci_cc_le_read_adv_tx_power()
1237 return rp->status; in hci_cc_le_read_adv_tx_power()
1239 hdev->adv_tx_power = rp->tx_power; in hci_cc_le_read_adv_tx_power()
1241 return rp->status; in hci_cc_le_read_adv_tx_power()
1249 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_user_confirm_reply()
1254 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0, in hci_cc_user_confirm_reply()
1255 rp->status); in hci_cc_user_confirm_reply()
1259 return rp->status; in hci_cc_user_confirm_reply()
1267 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_user_confirm_neg_reply()
1272 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr, in hci_cc_user_confirm_neg_reply()
1273 ACL_LINK, 0, rp->status); in hci_cc_user_confirm_neg_reply()
1277 return rp->status; in hci_cc_user_confirm_neg_reply()
1285 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_user_passkey_reply()
1290 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK, in hci_cc_user_passkey_reply()
1291 0, rp->status); in hci_cc_user_passkey_reply()
1295 return rp->status; in hci_cc_user_passkey_reply()
1303 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_user_passkey_neg_reply()
1308 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr, in hci_cc_user_passkey_neg_reply()
1309 ACL_LINK, 0, rp->status); in hci_cc_user_passkey_neg_reply()
1313 return rp->status; in hci_cc_user_passkey_neg_reply()
1321 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_local_oob_data()
1323 return rp->status; in hci_cc_read_local_oob_data()
1331 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_local_oob_ext_data()
1333 return rp->status; in hci_cc_read_local_oob_ext_data()
1342 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_set_random_addr()
1344 if (rp->status) in hci_cc_le_set_random_addr()
1345 return rp->status; in hci_cc_le_set_random_addr()
1349 return rp->status; in hci_cc_le_set_random_addr()
1353 bacpy(&hdev->random_addr, sent); in hci_cc_le_set_random_addr()
1355 if (!bacmp(&hdev->rpa, sent)) { in hci_cc_le_set_random_addr()
1357 queue_delayed_work(hdev->workqueue, &hdev->rpa_expired, in hci_cc_le_set_random_addr()
1358 secs_to_jiffies(hdev->rpa_timeout)); in hci_cc_le_set_random_addr()
1363 return rp->status; in hci_cc_le_set_random_addr()
1372 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_set_default_phy()
1374 if (rp->status) in hci_cc_le_set_default_phy()
1375 return rp->status; in hci_cc_le_set_default_phy()
1379 return rp->status; in hci_cc_le_set_default_phy()
1383 hdev->le_tx_def_phys = cp->tx_phys; in hci_cc_le_set_default_phy()
1384 hdev->le_rx_def_phys = cp->rx_phys; in hci_cc_le_set_default_phy()
1388 return rp->status; in hci_cc_le_set_default_phy()
1396 struct adv_info *adv; in hci_cc_le_set_adv_set_random_addr() local
1398 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_set_adv_set_random_addr()
1400 if (rp->status) in hci_cc_le_set_adv_set_random_addr()
1401 return rp->status; in hci_cc_le_set_adv_set_random_addr()
1404 /* Update only in case the adv instance since handle 0x00 shall be using in hci_cc_le_set_adv_set_random_addr()
1406 * non-extended adverting. in hci_cc_le_set_adv_set_random_addr()
1408 if (!cp || !cp->handle) in hci_cc_le_set_adv_set_random_addr()
1409 return rp->status; in hci_cc_le_set_adv_set_random_addr()
1413 adv = hci_find_adv_instance(hdev, cp->handle); in hci_cc_le_set_adv_set_random_addr()
1414 if (adv) { in hci_cc_le_set_adv_set_random_addr()
1415 bacpy(&adv->random_addr, &cp->bdaddr); in hci_cc_le_set_adv_set_random_addr()
1416 if (!bacmp(&hdev->rpa, &cp->bdaddr)) { in hci_cc_le_set_adv_set_random_addr()
1417 adv->rpa_expired = false; in hci_cc_le_set_adv_set_random_addr()
1418 queue_delayed_work(hdev->workqueue, in hci_cc_le_set_adv_set_random_addr()
1419 &adv->rpa_expired_cb, in hci_cc_le_set_adv_set_random_addr()
1420 secs_to_jiffies(hdev->rpa_timeout)); in hci_cc_le_set_adv_set_random_addr()
1426 return rp->status; in hci_cc_le_set_adv_set_random_addr()
1436 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_remove_adv_set()
1438 if (rp->status) in hci_cc_le_remove_adv_set()
1439 return rp->status; in hci_cc_le_remove_adv_set()
1443 return rp->status; in hci_cc_le_remove_adv_set()
1449 mgmt_advertising_removed(hci_skb_sk(hdev->sent_cmd), hdev, in hci_cc_le_remove_adv_set()
1454 return rp->status; in hci_cc_le_remove_adv_set()
1461 struct adv_info *adv, *n; in hci_cc_le_clear_adv_sets() local
1464 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_clear_adv_sets()
1466 if (rp->status) in hci_cc_le_clear_adv_sets()
1467 return rp->status; in hci_cc_le_clear_adv_sets()
1470 return rp->status; in hci_cc_le_clear_adv_sets()
1474 list_for_each_entry_safe(adv, n, &hdev->adv_instances, list) { in hci_cc_le_clear_adv_sets()
1475 u8 instance = adv->instance; in hci_cc_le_clear_adv_sets()
1479 mgmt_advertising_removed(hci_skb_sk(hdev->sent_cmd), in hci_cc_le_clear_adv_sets()
1485 return rp->status; in hci_cc_le_clear_adv_sets()
1493 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_read_transmit_power()
1495 if (rp->status) in hci_cc_le_read_transmit_power()
1496 return rp->status; in hci_cc_le_read_transmit_power()
1498 hdev->min_le_tx_power = rp->min_le_tx_power; in hci_cc_le_read_transmit_power()
1499 hdev->max_le_tx_power = rp->max_le_tx_power; in hci_cc_le_read_transmit_power()
1501 return rp->status; in hci_cc_le_read_transmit_power()
1511 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_set_privacy_mode()
1513 if (rp->status) in hci_cc_le_set_privacy_mode()
1514 return rp->status; in hci_cc_le_set_privacy_mode()
1518 return rp->status; in hci_cc_le_set_privacy_mode()
1522 params = hci_conn_params_lookup(hdev, &cp->bdaddr, cp->bdaddr_type); in hci_cc_le_set_privacy_mode()
1524 WRITE_ONCE(params->privacy_mode, cp->mode); in hci_cc_le_set_privacy_mode()
1528 return rp->status; in hci_cc_le_set_privacy_mode()
1537 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_set_adv_enable()
1539 if (rp->status) in hci_cc_le_set_adv_enable()
1540 return rp->status; in hci_cc_le_set_adv_enable()
1544 return rp->status; in hci_cc_le_set_adv_enable()
1558 queue_delayed_work(hdev->workqueue, in hci_cc_le_set_adv_enable()
1559 &conn->le_conn_timeout, in hci_cc_le_set_adv_enable()
1560 conn->conn_timeout); in hci_cc_le_set_adv_enable()
1567 return rp->status; in hci_cc_le_set_adv_enable()
1575 struct adv_info *adv = NULL, *n; in hci_cc_le_set_ext_adv_enable() local
1578 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_set_ext_adv_enable()
1580 if (rp->status) in hci_cc_le_set_ext_adv_enable()
1581 return rp->status; in hci_cc_le_set_ext_adv_enable()
1585 return rp->status; in hci_cc_le_set_ext_adv_enable()
1587 set = (void *)cp->data; in hci_cc_le_set_ext_adv_enable()
1591 if (cp->num_of_sets) in hci_cc_le_set_ext_adv_enable()
1592 adv = hci_find_adv_instance(hdev, set->handle); in hci_cc_le_set_ext_adv_enable()
1594 if (cp->enable) { in hci_cc_le_set_ext_adv_enable()
1599 if (adv && !adv->periodic) in hci_cc_le_set_ext_adv_enable()
1600 adv->enabled = true; in hci_cc_le_set_ext_adv_enable()
1604 queue_delayed_work(hdev->workqueue, in hci_cc_le_set_ext_adv_enable()
1605 &conn->le_conn_timeout, in hci_cc_le_set_ext_adv_enable()
1606 conn->conn_timeout); in hci_cc_le_set_ext_adv_enable()
1608 if (cp->num_of_sets) { in hci_cc_le_set_ext_adv_enable()
1609 if (adv) in hci_cc_le_set_ext_adv_enable()
1610 adv->enabled = false; in hci_cc_le_set_ext_adv_enable()
1615 list_for_each_entry_safe(adv, n, &hdev->adv_instances, in hci_cc_le_set_ext_adv_enable()
1617 if (adv->enabled) in hci_cc_le_set_ext_adv_enable()
1622 list_for_each_entry_safe(adv, n, &hdev->adv_instances, in hci_cc_le_set_ext_adv_enable()
1624 adv->enabled = false; in hci_cc_le_set_ext_adv_enable()
1632 return rp->status; in hci_cc_le_set_ext_adv_enable()
1641 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_set_scan_param()
1643 if (rp->status) in hci_cc_le_set_scan_param()
1644 return rp->status; in hci_cc_le_set_scan_param()
1648 return rp->status; in hci_cc_le_set_scan_param()
1652 hdev->le_scan_type = cp->type; in hci_cc_le_set_scan_param()
1656 return rp->status; in hci_cc_le_set_scan_param()
1666 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_set_ext_scan_param()
1668 if (rp->status) in hci_cc_le_set_ext_scan_param()
1669 return rp->status; in hci_cc_le_set_ext_scan_param()
1673 return rp->status; in hci_cc_le_set_ext_scan_param()
1675 phy_param = (void *)cp->data; in hci_cc_le_set_ext_scan_param()
1679 hdev->le_scan_type = phy_param->type; in hci_cc_le_set_ext_scan_param()
1683 return rp->status; in hci_cc_le_set_ext_scan_param()
1688 struct discovery_state *d = &hdev->discovery; in has_pending_adv_report()
1690 return bacmp(&d->last_adv_addr, BDADDR_ANY); in has_pending_adv_report()
1695 struct discovery_state *d = &hdev->discovery; in clear_pending_adv_report()
1697 bacpy(&d->last_adv_addr, BDADDR_ANY); in clear_pending_adv_report()
1698 d->last_adv_data_len = 0; in clear_pending_adv_report()
1705 struct discovery_state *d = &hdev->discovery; in store_pending_adv_report()
1710 bacpy(&d->last_adv_addr, bdaddr); in store_pending_adv_report()
1711 d->last_adv_addr_type = bdaddr_type; in store_pending_adv_report()
1712 d->last_adv_rssi = rssi; in store_pending_adv_report()
1713 d->last_adv_flags = flags; in store_pending_adv_report()
1714 memcpy(d->last_adv_data, data, len); in store_pending_adv_report()
1715 d->last_adv_data_len = len; in store_pending_adv_report()
1725 if (hdev->le_scan_type == LE_SCAN_ACTIVE) in le_set_scan_enable_complete()
1737 struct discovery_state *d = &hdev->discovery; in le_set_scan_enable_complete()
1739 mgmt_device_found(hdev, &d->last_adv_addr, LE_LINK, in le_set_scan_enable_complete()
1740 d->last_adv_addr_type, NULL, in le_set_scan_enable_complete()
1741 d->last_adv_rssi, d->last_adv_flags, in le_set_scan_enable_complete()
1742 d->last_adv_data, in le_set_scan_enable_complete()
1743 d->last_adv_data_len, NULL, 0, 0); in le_set_scan_enable_complete()
1749 cancel_delayed_work(&hdev->le_scan_disable); in le_set_scan_enable_complete()
1760 hdev->discovery.state == DISCOVERY_FINDING) in le_set_scan_enable_complete()
1761 queue_work(hdev->workqueue, &hdev->reenable_adv_work); in le_set_scan_enable_complete()
1780 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_set_scan_enable()
1782 if (rp->status) in hci_cc_le_set_scan_enable()
1783 return rp->status; in hci_cc_le_set_scan_enable()
1787 return rp->status; in hci_cc_le_set_scan_enable()
1789 le_set_scan_enable_complete(hdev, cp->enable); in hci_cc_le_set_scan_enable()
1791 return rp->status; in hci_cc_le_set_scan_enable()
1800 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_set_ext_scan_enable()
1802 if (rp->status) in hci_cc_le_set_ext_scan_enable()
1803 return rp->status; in hci_cc_le_set_ext_scan_enable()
1807 return rp->status; in hci_cc_le_set_ext_scan_enable()
1809 le_set_scan_enable_complete(hdev, cp->enable); in hci_cc_le_set_ext_scan_enable()
1811 return rp->status; in hci_cc_le_set_ext_scan_enable()
1819 bt_dev_dbg(hdev, "status 0x%2.2x No of Adv sets %u", rp->status, in hci_cc_le_read_num_adv_sets()
1820 rp->num_of_sets); in hci_cc_le_read_num_adv_sets()
1822 if (rp->status) in hci_cc_le_read_num_adv_sets()
1823 return rp->status; in hci_cc_le_read_num_adv_sets()
1825 hdev->le_num_of_adv_sets = rp->num_of_sets; in hci_cc_le_read_num_adv_sets()
1827 return rp->status; in hci_cc_le_read_num_adv_sets()
1835 bt_dev_dbg(hdev, "status 0x%2.2x size %u", rp->status, rp->size); in hci_cc_le_read_accept_list_size()
1837 if (rp->status) in hci_cc_le_read_accept_list_size()
1838 return rp->status; in hci_cc_le_read_accept_list_size()
1840 hdev->le_accept_list_size = rp->size; in hci_cc_le_read_accept_list_size()
1842 return rp->status; in hci_cc_le_read_accept_list_size()
1850 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_clear_accept_list()
1852 if (rp->status) in hci_cc_le_clear_accept_list()
1853 return rp->status; in hci_cc_le_clear_accept_list()
1856 hci_bdaddr_list_clear(&hdev->le_accept_list); in hci_cc_le_clear_accept_list()
1859 return rp->status; in hci_cc_le_clear_accept_list()
1868 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_add_to_accept_list()
1870 if (rp->status) in hci_cc_le_add_to_accept_list()
1871 return rp->status; in hci_cc_le_add_to_accept_list()
1875 return rp->status; in hci_cc_le_add_to_accept_list()
1878 hci_bdaddr_list_add(&hdev->le_accept_list, &sent->bdaddr, in hci_cc_le_add_to_accept_list()
1879 sent->bdaddr_type); in hci_cc_le_add_to_accept_list()
1882 return rp->status; in hci_cc_le_add_to_accept_list()
1891 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_del_from_accept_list()
1893 if (rp->status) in hci_cc_le_del_from_accept_list()
1894 return rp->status; in hci_cc_le_del_from_accept_list()
1898 return rp->status; in hci_cc_le_del_from_accept_list()
1901 hci_bdaddr_list_del(&hdev->le_accept_list, &sent->bdaddr, in hci_cc_le_del_from_accept_list()
1902 sent->bdaddr_type); in hci_cc_le_del_from_accept_list()
1905 return rp->status; in hci_cc_le_del_from_accept_list()
1913 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_read_supported_states()
1915 if (rp->status) in hci_cc_le_read_supported_states()
1916 return rp->status; in hci_cc_le_read_supported_states()
1918 memcpy(hdev->le_states, rp->le_states, 8); in hci_cc_le_read_supported_states()
1920 return rp->status; in hci_cc_le_read_supported_states()
1928 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_read_def_data_len()
1930 if (rp->status) in hci_cc_le_read_def_data_len()
1931 return rp->status; in hci_cc_le_read_def_data_len()
1933 hdev->le_def_tx_len = le16_to_cpu(rp->tx_len); in hci_cc_le_read_def_data_len()
1934 hdev->le_def_tx_time = le16_to_cpu(rp->tx_time); in hci_cc_le_read_def_data_len()
1936 return rp->status; in hci_cc_le_read_def_data_len()
1945 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_write_def_data_len()
1947 if (rp->status) in hci_cc_le_write_def_data_len()
1948 return rp->status; in hci_cc_le_write_def_data_len()
1952 return rp->status; in hci_cc_le_write_def_data_len()
1954 hdev->le_def_tx_len = le16_to_cpu(sent->tx_len); in hci_cc_le_write_def_data_len()
1955 hdev->le_def_tx_time = le16_to_cpu(sent->tx_time); in hci_cc_le_write_def_data_len()
1957 return rp->status; in hci_cc_le_write_def_data_len()
1966 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_add_to_resolv_list()
1968 if (rp->status) in hci_cc_le_add_to_resolv_list()
1969 return rp->status; in hci_cc_le_add_to_resolv_list()
1973 return rp->status; in hci_cc_le_add_to_resolv_list()
1976 hci_bdaddr_list_add_with_irk(&hdev->le_resolv_list, &sent->bdaddr, in hci_cc_le_add_to_resolv_list()
1977 sent->bdaddr_type, sent->peer_irk, in hci_cc_le_add_to_resolv_list()
1978 sent->local_irk); in hci_cc_le_add_to_resolv_list()
1981 return rp->status; in hci_cc_le_add_to_resolv_list()
1990 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_del_from_resolv_list()
1992 if (rp->status) in hci_cc_le_del_from_resolv_list()
1993 return rp->status; in hci_cc_le_del_from_resolv_list()
1997 return rp->status; in hci_cc_le_del_from_resolv_list()
2000 hci_bdaddr_list_del_with_irk(&hdev->le_resolv_list, &sent->bdaddr, in hci_cc_le_del_from_resolv_list()
2001 sent->bdaddr_type); in hci_cc_le_del_from_resolv_list()
2004 return rp->status; in hci_cc_le_del_from_resolv_list()
2012 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_clear_resolv_list()
2014 if (rp->status) in hci_cc_le_clear_resolv_list()
2015 return rp->status; in hci_cc_le_clear_resolv_list()
2018 hci_bdaddr_list_clear(&hdev->le_resolv_list); in hci_cc_le_clear_resolv_list()
2021 return rp->status; in hci_cc_le_clear_resolv_list()
2029 bt_dev_dbg(hdev, "status 0x%2.2x size %u", rp->status, rp->size); in hci_cc_le_read_resolv_list_size()
2031 if (rp->status) in hci_cc_le_read_resolv_list_size()
2032 return rp->status; in hci_cc_le_read_resolv_list_size()
2034 hdev->le_resolv_list_size = rp->size; in hci_cc_le_read_resolv_list_size()
2036 return rp->status; in hci_cc_le_read_resolv_list_size()
2045 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_set_addr_resolution_enable()
2047 if (rp->status) in hci_cc_le_set_addr_resolution_enable()
2048 return rp->status; in hci_cc_le_set_addr_resolution_enable()
2052 return rp->status; in hci_cc_le_set_addr_resolution_enable()
2063 return rp->status; in hci_cc_le_set_addr_resolution_enable()
2071 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_read_max_data_len()
2073 if (rp->status) in hci_cc_le_read_max_data_len()
2074 return rp->status; in hci_cc_le_read_max_data_len()
2076 hdev->le_max_tx_len = le16_to_cpu(rp->tx_len); in hci_cc_le_read_max_data_len()
2077 hdev->le_max_tx_time = le16_to_cpu(rp->tx_time); in hci_cc_le_read_max_data_len()
2078 hdev->le_max_rx_len = le16_to_cpu(rp->rx_len); in hci_cc_le_read_max_data_len()
2079 hdev->le_max_rx_time = le16_to_cpu(rp->rx_time); in hci_cc_le_read_max_data_len()
2081 return rp->status; in hci_cc_le_read_max_data_len()
2090 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_write_le_host_supported()
2092 if (rp->status) in hci_cc_write_le_host_supported()
2093 return rp->status; in hci_cc_write_le_host_supported()
2097 return rp->status; in hci_cc_write_le_host_supported()
2101 if (sent->le) { in hci_cc_write_le_host_supported()
2102 hdev->features[1][0] |= LMP_HOST_LE; in hci_cc_write_le_host_supported()
2105 hdev->features[1][0] &= ~LMP_HOST_LE; in hci_cc_write_le_host_supported()
2110 if (sent->simul) in hci_cc_write_le_host_supported()
2111 hdev->features[1][0] |= LMP_HOST_LE_BREDR; in hci_cc_write_le_host_supported()
2113 hdev->features[1][0] &= ~LMP_HOST_LE_BREDR; in hci_cc_write_le_host_supported()
2117 return rp->status; in hci_cc_write_le_host_supported()
2126 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_set_adv_param()
2128 if (rp->status) in hci_cc_set_adv_param()
2129 return rp->status; in hci_cc_set_adv_param()
2133 return rp->status; in hci_cc_set_adv_param()
2136 hdev->adv_addr_type = cp->own_address_type; in hci_cc_set_adv_param()
2139 return rp->status; in hci_cc_set_adv_param()
2149 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_set_ext_adv_param()
2151 if (rp->status) in hci_cc_set_ext_adv_param()
2152 return rp->status; in hci_cc_set_ext_adv_param()
2156 return rp->status; in hci_cc_set_ext_adv_param()
2159 hdev->adv_addr_type = cp->own_addr_type; in hci_cc_set_ext_adv_param()
2160 if (!cp->handle) { in hci_cc_set_ext_adv_param()
2162 hdev->adv_tx_power = rp->tx_power; in hci_cc_set_ext_adv_param()
2164 adv_instance = hci_find_adv_instance(hdev, cp->handle); in hci_cc_set_ext_adv_param()
2166 adv_instance->tx_power = rp->tx_power; in hci_cc_set_ext_adv_param()
2168 /* Update adv data as tx power is known now */ in hci_cc_set_ext_adv_param()
2169 hci_update_adv_data(hdev, cp->handle); in hci_cc_set_ext_adv_param()
2173 return rp->status; in hci_cc_set_ext_adv_param()
2182 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_rssi()
2184 if (rp->status) in hci_cc_read_rssi()
2185 return rp->status; in hci_cc_read_rssi()
2189 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); in hci_cc_read_rssi()
2191 conn->rssi = rp->rssi; in hci_cc_read_rssi()
2195 return rp->status; in hci_cc_read_rssi()
2205 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_read_tx_power()
2207 if (rp->status) in hci_cc_read_tx_power()
2208 return rp->status; in hci_cc_read_tx_power()
2212 return rp->status; in hci_cc_read_tx_power()
2216 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); in hci_cc_read_tx_power()
2220 switch (sent->type) { in hci_cc_read_tx_power()
2222 conn->tx_power = rp->tx_power; in hci_cc_read_tx_power()
2225 conn->max_tx_power = rp->tx_power; in hci_cc_read_tx_power()
2231 return rp->status; in hci_cc_read_tx_power()
2240 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_write_ssp_debug_mode()
2242 if (rp->status) in hci_cc_write_ssp_debug_mode()
2243 return rp->status; in hci_cc_write_ssp_debug_mode()
2247 hdev->ssp_debug_mode = *mode; in hci_cc_write_ssp_debug_mode()
2249 return rp->status; in hci_cc_write_ssp_debug_mode()
2260 set_bit(HCI_INQUIRY, &hdev->flags); in hci_cs_inquiry()
2276 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); in hci_cs_create_conn()
2278 bt_dev_dbg(hdev, "bdaddr %pMR hcon %p", &cp->bdaddr, conn); in hci_cs_create_conn()
2281 if (conn && conn->state == BT_CONNECT) { in hci_cs_create_conn()
2282 conn->state = BT_CLOSED; in hci_cs_create_conn()
2288 conn = hci_conn_add_unset(hdev, ACL_LINK, &cp->bdaddr, in hci_cs_create_conn()
2314 handle = __le16_to_cpu(cp->handle); in hci_cs_add_sco()
2322 link = list_first_entry_or_null(&acl->link_list, in hci_cs_add_sco()
2324 if (link && link->conn) { in hci_cs_add_sco()
2325 link->conn->state = BT_CLOSED; in hci_cs_add_sco()
2327 hci_connect_cfm(link->conn, status); in hci_cs_add_sco()
2328 hci_conn_del(link->conn); in hci_cs_add_sco()
2351 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); in hci_cs_auth_requested()
2353 if (conn->state == BT_CONFIG) { in hci_cs_auth_requested()
2378 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); in hci_cs_set_conn_encrypt()
2380 if (conn->state == BT_CONFIG) { in hci_cs_set_conn_encrypt()
2392 if (conn->state != BT_CONFIG || !conn->out) in hci_outgoing_auth_needed()
2395 if (conn->pending_sec_level == BT_SECURITY_SDP) in hci_outgoing_auth_needed()
2398 /* Only request authentication for SSP connections or non-SSP in hci_outgoing_auth_needed()
2402 if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) && in hci_outgoing_auth_needed()
2403 conn->pending_sec_level != BT_SECURITY_FIPS && in hci_outgoing_auth_needed()
2404 conn->pending_sec_level != BT_SECURITY_HIGH && in hci_outgoing_auth_needed()
2405 conn->pending_sec_level != BT_SECURITY_MEDIUM) in hci_outgoing_auth_needed()
2418 bacpy(&cp.bdaddr, &e->data.bdaddr); in hci_resolve_name()
2419 cp.pscan_rep_mode = e->data.pscan_rep_mode; in hci_resolve_name()
2420 cp.pscan_mode = e->data.pscan_mode; in hci_resolve_name()
2421 cp.clock_offset = e->data.clock_offset; in hci_resolve_name()
2428 struct discovery_state *discov = &hdev->discovery; in hci_resolve_next_name()
2431 if (list_empty(&discov->resolve)) in hci_resolve_next_name()
2435 if (time_after(jiffies, discov->name_resolve_timeout)) { in hci_resolve_next_name()
2445 e->name_state = NAME_PENDING; in hci_resolve_next_name()
2455 struct discovery_state *discov = &hdev->discovery; in hci_check_pending_name()
2463 if (conn && (conn->state == BT_CONFIG || conn->state == BT_CONNECTED)) in hci_check_pending_name()
2466 if (discov->state == DISCOVERY_STOPPED) in hci_check_pending_name()
2469 if (discov->state == DISCOVERY_STOPPING) in hci_check_pending_name()
2472 if (discov->state != DISCOVERY_RESOLVING) in hci_check_pending_name()
2483 list_del(&e->list); in hci_check_pending_name()
2485 e->name_state = name ? NAME_KNOWN : NAME_NOT_KNOWN; in hci_check_pending_name()
2486 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00, e->data.rssi, in hci_check_pending_name()
2514 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); in hci_cs_remote_name_req()
2517 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0); in hci_cs_remote_name_req()
2525 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) { in hci_cs_remote_name_req()
2528 set_bit(HCI_CONN_AUTH_INITIATOR, &conn->flags); in hci_cs_remote_name_req()
2530 auth_cp.handle = __cpu_to_le16(conn->handle); in hci_cs_remote_name_req()
2555 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); in hci_cs_read_remote_features()
2557 if (conn->state == BT_CONFIG) { in hci_cs_read_remote_features()
2582 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); in hci_cs_read_remote_ext_features()
2584 if (conn->state == BT_CONFIG) { in hci_cs_read_remote_ext_features()
2605 link = list_first_entry_or_null(&acl->link_list, in hci_setup_sync_conn_status()
2607 if (link && link->conn) { in hci_setup_sync_conn_status()
2608 link->conn->state = BT_CLOSED; in hci_setup_sync_conn_status()
2610 hci_connect_cfm(link->conn, status); in hci_setup_sync_conn_status()
2611 hci_conn_del(link->conn); in hci_setup_sync_conn_status()
2631 hci_setup_sync_conn_status(hdev, __le16_to_cpu(cp->handle), status); in hci_cs_setup_sync_conn()
2647 hci_setup_sync_conn_status(hdev, __le16_to_cpu(cp->handle), status); in hci_cs_enhanced_setup_sync_conn()
2666 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); in hci_cs_sniff_mode()
2668 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags); in hci_cs_sniff_mode()
2670 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags)) in hci_cs_sniff_mode()
2693 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); in hci_cs_exit_sniff_mode()
2695 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags); in hci_cs_exit_sniff_mode()
2697 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags)) in hci_cs_exit_sniff_mode()
2716 if (!status && !hdev->suspended) in hci_cs_disconnect()
2725 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); in hci_cs_disconnect()
2730 mgmt_disconnect_failed(hdev, &conn->dst, conn->type, in hci_cs_disconnect()
2731 conn->dst_type, status); in hci_cs_disconnect()
2733 if (conn->type == LE_LINK && conn->role == HCI_ROLE_SLAVE) { in hci_cs_disconnect()
2734 hdev->cur_adv_instance = conn->adv_instance; in hci_cs_disconnect()
2744 mgmt_conn = test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags); in hci_cs_disconnect()
2746 if (conn->type == ACL_LINK) { in hci_cs_disconnect()
2747 if (test_and_clear_bit(HCI_CONN_FLUSH_KEY, &conn->flags)) in hci_cs_disconnect()
2748 hci_remove_link_key(hdev, &conn->dst); in hci_cs_disconnect()
2751 params = hci_conn_params_lookup(hdev, &conn->dst, conn->dst_type); in hci_cs_disconnect()
2753 switch (params->auto_connect) { in hci_cs_disconnect()
2755 if (cp->reason != HCI_ERROR_CONNECTION_TIMEOUT) in hci_cs_disconnect()
2762 hci_pend_le_list_add(params, &hdev->pend_le_conns); in hci_cs_disconnect()
2770 mgmt_device_disconnected(hdev, &conn->dst, conn->type, conn->dst_type, in hci_cs_disconnect()
2771 cp->reason, mgmt_conn); in hci_cs_disconnect()
2773 hci_disconn_cfm(conn, cp->reason); in hci_cs_disconnect()
2778 * Hence, we need to do some basic cleanup here and re-enable in hci_cs_disconnect()
2825 conn->init_addr_type = own_address_type; in cs_le_create_conn()
2827 bacpy(&conn->init_addr, &hdev->random_addr); in cs_le_create_conn()
2829 bacpy(&conn->init_addr, &hdev->bdaddr); in cs_le_create_conn()
2831 conn->resp_addr_type = peer_addr_type; in cs_le_create_conn()
2832 bacpy(&conn->resp_addr, peer_addr); in cs_le_create_conn()
2854 cs_le_create_conn(hdev, &cp->peer_addr, cp->peer_addr_type, in hci_cs_le_create_conn()
2855 cp->own_address_type, cp->filter_policy); in hci_cs_le_create_conn()
2879 cs_le_create_conn(hdev, &cp->peer_addr, cp->peer_addr_type, in hci_cs_le_ext_create_conn()
2880 cp->own_addr_type, cp->filter_policy); in hci_cs_le_ext_create_conn()
2901 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); in hci_cs_le_read_remote_features()
2903 if (conn->state == BT_CONFIG) { in hci_cs_le_read_remote_features()
2928 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); in hci_cs_le_start_enc()
2932 if (conn->state != BT_CONNECTED) in hci_cs_le_start_enc()
2947 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cs_switch_role()
2958 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); in hci_cs_switch_role()
2960 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags); in hci_cs_switch_role()
2969 struct discovery_state *discov = &hdev->discovery; in hci_inquiry_complete_evt()
2972 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_inquiry_complete_evt()
2974 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags)) in hci_inquiry_complete_evt()
2978 wake_up_bit(&hdev->flags, HCI_INQUIRY); in hci_inquiry_complete_evt()
2985 if (discov->state != DISCOVERY_FINDING) in hci_inquiry_complete_evt()
2988 if (list_empty(&discov->resolve)) { in hci_inquiry_complete_evt()
2997 !test_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks)) in hci_inquiry_complete_evt()
3004 e->name_state = NAME_PENDING; in hci_inquiry_complete_evt()
3006 discov->name_resolve_timeout = jiffies + NAME_RESOLVE_DURATION; in hci_inquiry_complete_evt()
3016 !test_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks)) in hci_inquiry_complete_evt()
3032 flex_array_size(ev, info, ev->num))) in hci_inquiry_result_evt()
3035 bt_dev_dbg(hdev, "num %d", ev->num); in hci_inquiry_result_evt()
3037 if (!ev->num) in hci_inquiry_result_evt()
3045 for (i = 0; i < ev->num; i++) { in hci_inquiry_result_evt()
3046 struct inquiry_info *info = &ev->info[i]; in hci_inquiry_result_evt()
3049 bacpy(&data.bdaddr, &info->bdaddr); in hci_inquiry_result_evt()
3050 data.pscan_rep_mode = info->pscan_rep_mode; in hci_inquiry_result_evt()
3051 data.pscan_period_mode = info->pscan_period_mode; in hci_inquiry_result_evt()
3052 data.pscan_mode = info->pscan_mode; in hci_inquiry_result_evt()
3053 memcpy(data.dev_class, info->dev_class, 3); in hci_inquiry_result_evt()
3054 data.clock_offset = info->clock_offset; in hci_inquiry_result_evt()
3060 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00, in hci_inquiry_result_evt()
3061 info->dev_class, HCI_RSSI_INVALID, in hci_inquiry_result_evt()
3073 u8 status = ev->status; in hci_conn_complete_evt()
3079 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr); in hci_conn_complete_evt()
3084 if (ev->status) in hci_conn_complete_evt()
3087 /* Connection may not exist if auto-connected. Check the bredr in hci_conn_complete_evt()
3092 * Auto-connect will only occur if the event filter is in hci_conn_complete_evt()
3096 if (ev->link_type == ACL_LINK && in hci_conn_complete_evt()
3097 hci_bdaddr_list_lookup_with_flags(&hdev->accept_list, in hci_conn_complete_evt()
3098 &ev->bdaddr, in hci_conn_complete_evt()
3100 conn = hci_conn_add_unset(hdev, ev->link_type, in hci_conn_complete_evt()
3101 &ev->bdaddr, HCI_ROLE_SLAVE); in hci_conn_complete_evt()
3107 if (ev->link_type != SCO_LINK) in hci_conn_complete_evt()
3111 &ev->bdaddr); in hci_conn_complete_evt()
3115 conn->type = SCO_LINK; in hci_conn_complete_evt()
3125 if (!HCI_CONN_HANDLE_UNSET(conn->handle)) { in hci_conn_complete_evt()
3131 status = hci_conn_set_handle(conn, __le16_to_cpu(ev->handle)); in hci_conn_complete_evt()
3135 if (conn->type == ACL_LINK) { in hci_conn_complete_evt()
3136 conn->state = BT_CONFIG; in hci_conn_complete_evt()
3139 if (!conn->out && !hci_conn_ssp_enabled(conn) && in hci_conn_complete_evt()
3140 !hci_find_link_key(hdev, &ev->bdaddr)) in hci_conn_complete_evt()
3141 conn->disc_timeout = HCI_PAIRING_TIMEOUT; in hci_conn_complete_evt()
3143 conn->disc_timeout = HCI_DISCONN_TIMEOUT; in hci_conn_complete_evt()
3145 conn->state = BT_CONNECTED; in hci_conn_complete_evt()
3150 if (test_bit(HCI_AUTH, &hdev->flags)) in hci_conn_complete_evt()
3151 set_bit(HCI_CONN_AUTH, &conn->flags); in hci_conn_complete_evt()
3153 if (test_bit(HCI_ENCRYPT, &hdev->flags)) in hci_conn_complete_evt()
3154 set_bit(HCI_CONN_ENCRYPT, &conn->flags); in hci_conn_complete_evt()
3157 if (ev->encr_mode == 1 && !test_bit(HCI_CONN_ENCRYPT, &conn->flags) && in hci_conn_complete_evt()
3158 ev->link_type == ACL_LINK) { in hci_conn_complete_evt()
3162 key = hci_find_link_key(hdev, &ev->bdaddr); in hci_conn_complete_evt()
3164 set_bit(HCI_CONN_ENCRYPT, &conn->flags); in hci_conn_complete_evt()
3167 conn->enc_key_size = HCI_LINK_KEY_SIZE; in hci_conn_complete_evt()
3169 cp.handle = cpu_to_le16(conn->handle); in hci_conn_complete_evt()
3173 conn->enc_key_size = HCI_LINK_KEY_SIZE; in hci_conn_complete_evt()
3177 hci_encrypt_cfm(conn, ev->status); in hci_conn_complete_evt()
3182 if (conn->type == ACL_LINK) { in hci_conn_complete_evt()
3184 cp.handle = ev->handle; in hci_conn_complete_evt()
3192 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) { in hci_conn_complete_evt()
3194 cp.handle = ev->handle; in hci_conn_complete_evt()
3195 cp.pkt_type = cpu_to_le16(conn->pkt_type); in hci_conn_complete_evt()
3201 if (conn->type == ACL_LINK) in hci_conn_complete_evt()
3202 hci_sco_setup(conn, ev->status); in hci_conn_complete_evt()
3207 } else if (ev->link_type == SCO_LINK) { in hci_conn_complete_evt()
3208 switch (conn->setting & SCO_AIRMODE_MASK) { in hci_conn_complete_evt()
3210 if (hdev->notify) in hci_conn_complete_evt()
3211 hdev->notify(hdev, HCI_NOTIFY_ENABLE_SCO_CVSD); in hci_conn_complete_evt()
3235 int mask = hdev->link_mode; in hci_conn_request_evt()
3240 bt_dev_dbg(hdev, "bdaddr %pMR type 0x%x", &ev->bdaddr, ev->link_type); in hci_conn_request_evt()
3243 * CVE-2020-26555 in hci_conn_request_evt()
3245 if (hdev && !bacmp(&hdev->bdaddr, &ev->bdaddr)) { in hci_conn_request_evt()
3247 &ev->bdaddr); in hci_conn_request_evt()
3248 hci_reject_conn(hdev, &ev->bdaddr); in hci_conn_request_evt()
3252 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type, in hci_conn_request_evt()
3256 hci_reject_conn(hdev, &ev->bdaddr); in hci_conn_request_evt()
3262 if (hci_bdaddr_list_lookup(&hdev->reject_list, &ev->bdaddr, in hci_conn_request_evt()
3264 hci_reject_conn(hdev, &ev->bdaddr); in hci_conn_request_evt()
3274 !hci_bdaddr_list_lookup_with_flags(&hdev->accept_list, &ev->bdaddr, in hci_conn_request_evt()
3276 hci_reject_conn(hdev, &ev->bdaddr); in hci_conn_request_evt()
3282 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr); in hci_conn_request_evt()
3284 memcpy(ie->data.dev_class, ev->dev_class, 3); in hci_conn_request_evt()
3286 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, in hci_conn_request_evt()
3287 &ev->bdaddr); in hci_conn_request_evt()
3289 conn = hci_conn_add_unset(hdev, ev->link_type, &ev->bdaddr, in hci_conn_request_evt()
3297 memcpy(conn->dev_class, ev->dev_class, 3); in hci_conn_request_evt()
3301 if (ev->link_type == ACL_LINK || in hci_conn_request_evt()
3304 conn->state = BT_CONNECT; in hci_conn_request_evt()
3306 bacpy(&cp.bdaddr, &ev->bdaddr); in hci_conn_request_evt()
3316 conn->state = BT_CONNECT; in hci_conn_request_evt()
3318 bacpy(&cp.bdaddr, &ev->bdaddr); in hci_conn_request_evt()
3319 cp.pkt_type = cpu_to_le16(conn->pkt_type); in hci_conn_request_evt()
3324 cp.content_format = cpu_to_le16(hdev->voice_setting); in hci_conn_request_evt()
3330 conn->state = BT_CONNECT2; in hci_conn_request_evt()
3364 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_disconn_complete_evt()
3368 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_disconn_complete_evt()
3372 if (ev->status) { in hci_disconn_complete_evt()
3373 mgmt_disconnect_failed(hdev, &conn->dst, conn->type, in hci_disconn_complete_evt()
3374 conn->dst_type, ev->status); in hci_disconn_complete_evt()
3378 conn->state = BT_CLOSED; in hci_disconn_complete_evt()
3380 mgmt_connected = test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags); in hci_disconn_complete_evt()
3382 if (test_bit(HCI_CONN_AUTH_FAILURE, &conn->flags)) in hci_disconn_complete_evt()
3385 reason = hci_to_mgmt_reason(ev->reason); in hci_disconn_complete_evt()
3387 mgmt_device_disconnected(hdev, &conn->dst, conn->type, conn->dst_type, in hci_disconn_complete_evt()
3390 if (conn->type == ACL_LINK) { in hci_disconn_complete_evt()
3391 if (test_and_clear_bit(HCI_CONN_FLUSH_KEY, &conn->flags)) in hci_disconn_complete_evt()
3392 hci_remove_link_key(hdev, &conn->dst); in hci_disconn_complete_evt()
3397 /* Re-enable passive scanning if disconnected device is marked in hci_disconn_complete_evt()
3398 * as auto-connectable. in hci_disconn_complete_evt()
3400 if (conn->type == LE_LINK) { in hci_disconn_complete_evt()
3401 params = hci_conn_params_lookup(hdev, &conn->dst, in hci_disconn_complete_evt()
3402 conn->dst_type); in hci_disconn_complete_evt()
3404 switch (params->auto_connect) { in hci_disconn_complete_evt()
3406 if (ev->reason != HCI_ERROR_CONNECTION_TIMEOUT) in hci_disconn_complete_evt()
3414 &hdev->pend_le_conns); in hci_disconn_complete_evt()
3424 hci_disconn_cfm(conn, ev->reason); in hci_disconn_complete_evt()
3426 /* Re-enable advertising if necessary, since it might in hci_disconn_complete_evt()
3436 if (conn->type == LE_LINK && conn->role == HCI_ROLE_SLAVE) { in hci_disconn_complete_evt()
3437 hdev->cur_adv_instance = conn->adv_instance; in hci_disconn_complete_evt()
3453 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_auth_complete_evt()
3457 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_auth_complete_evt()
3461 if (!ev->status) { in hci_auth_complete_evt()
3462 clear_bit(HCI_CONN_AUTH_FAILURE, &conn->flags); in hci_auth_complete_evt()
3463 set_bit(HCI_CONN_AUTH, &conn->flags); in hci_auth_complete_evt()
3464 conn->sec_level = conn->pending_sec_level; in hci_auth_complete_evt()
3466 if (ev->status == HCI_ERROR_PIN_OR_KEY_MISSING) in hci_auth_complete_evt()
3467 set_bit(HCI_CONN_AUTH_FAILURE, &conn->flags); in hci_auth_complete_evt()
3469 mgmt_auth_failed(conn, ev->status); in hci_auth_complete_evt()
3472 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags); in hci_auth_complete_evt()
3474 if (conn->state == BT_CONFIG) { in hci_auth_complete_evt()
3475 if (!ev->status && hci_conn_ssp_enabled(conn)) { in hci_auth_complete_evt()
3477 cp.handle = ev->handle; in hci_auth_complete_evt()
3482 conn->state = BT_CONNECTED; in hci_auth_complete_evt()
3483 hci_connect_cfm(conn, ev->status); in hci_auth_complete_evt()
3487 hci_auth_cfm(conn, ev->status); in hci_auth_complete_evt()
3490 conn->disc_timeout = HCI_DISCONN_TIMEOUT; in hci_auth_complete_evt()
3494 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) { in hci_auth_complete_evt()
3495 if (!ev->status) { in hci_auth_complete_evt()
3497 cp.handle = ev->handle; in hci_auth_complete_evt()
3502 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags); in hci_auth_complete_evt()
3503 hci_encrypt_cfm(conn, ev->status); in hci_auth_complete_evt()
3517 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_remote_name_evt()
3521 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_remote_name_evt()
3526 if (ev->status == 0) in hci_remote_name_evt()
3527 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name, in hci_remote_name_evt()
3528 strnlen(ev->name, HCI_MAX_NAME_LENGTH)); in hci_remote_name_evt()
3530 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0); in hci_remote_name_evt()
3539 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) { in hci_remote_name_evt()
3542 set_bit(HCI_CONN_AUTH_INITIATOR, &conn->flags); in hci_remote_name_evt()
3544 cp.handle = __cpu_to_le16(conn->handle); in hci_remote_name_evt()
3558 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_encrypt_change_evt()
3562 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_encrypt_change_evt()
3566 if (!ev->status) { in hci_encrypt_change_evt()
3567 if (ev->encrypt) { in hci_encrypt_change_evt()
3569 set_bit(HCI_CONN_AUTH, &conn->flags); in hci_encrypt_change_evt()
3570 set_bit(HCI_CONN_ENCRYPT, &conn->flags); in hci_encrypt_change_evt()
3571 conn->sec_level = conn->pending_sec_level; in hci_encrypt_change_evt()
3573 /* P-256 authentication key implies FIPS */ in hci_encrypt_change_evt()
3574 if (conn->key_type == HCI_LK_AUTH_COMBINATION_P256) in hci_encrypt_change_evt()
3575 set_bit(HCI_CONN_FIPS, &conn->flags); in hci_encrypt_change_evt()
3577 if ((conn->type == ACL_LINK && ev->encrypt == 0x02) || in hci_encrypt_change_evt()
3578 conn->type == LE_LINK) in hci_encrypt_change_evt()
3579 set_bit(HCI_CONN_AES_CCM, &conn->flags); in hci_encrypt_change_evt()
3581 clear_bit(HCI_CONN_ENCRYPT, &conn->flags); in hci_encrypt_change_evt()
3582 clear_bit(HCI_CONN_AES_CCM, &conn->flags); in hci_encrypt_change_evt()
3589 if (ev->status && conn->type == LE_LINK) { in hci_encrypt_change_evt()
3594 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags); in hci_encrypt_change_evt()
3598 ev->status = HCI_ERROR_AUTH_FAILURE; in hci_encrypt_change_evt()
3600 if (ev->status && conn->state == BT_CONNECTED) { in hci_encrypt_change_evt()
3601 if (ev->status == HCI_ERROR_PIN_OR_KEY_MISSING) in hci_encrypt_change_evt()
3602 set_bit(HCI_CONN_AUTH_FAILURE, &conn->flags); in hci_encrypt_change_evt()
3607 hci_encrypt_cfm(conn, ev->status); in hci_encrypt_change_evt()
3614 if (!ev->status && ev->encrypt && conn->type == ACL_LINK) { in hci_encrypt_change_evt()
3622 conn->enc_key_size = HCI_LINK_KEY_SIZE; in hci_encrypt_change_evt()
3626 cp.handle = cpu_to_le16(conn->handle); in hci_encrypt_change_evt()
3630 conn->enc_key_size = HCI_LINK_KEY_SIZE; in hci_encrypt_change_evt()
3641 &hdev->quirks)) in hci_encrypt_change_evt()
3649 * Ensure for AES-CCM encryption as well. in hci_encrypt_change_evt()
3651 if (test_bit(HCI_CONN_ENCRYPT, &conn->flags) && in hci_encrypt_change_evt()
3652 test_bit(HCI_CONN_AES_CCM, &conn->flags) && in hci_encrypt_change_evt()
3653 ((conn->type == ACL_LINK && lmp_ping_capable(hdev)) || in hci_encrypt_change_evt()
3654 (conn->type == LE_LINK && (hdev->le_features[0] & HCI_LE_PING)))) { in hci_encrypt_change_evt()
3657 cp.handle = cpu_to_le16(conn->handle); in hci_encrypt_change_evt()
3658 cp.timeout = cpu_to_le16(hdev->auth_payload_timeout); in hci_encrypt_change_evt()
3659 if (hci_send_cmd(conn->hdev, HCI_OP_WRITE_AUTH_PAYLOAD_TO, in hci_encrypt_change_evt()
3665 hci_encrypt_cfm(conn, ev->status); in hci_encrypt_change_evt()
3677 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_change_link_key_complete_evt()
3681 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_change_link_key_complete_evt()
3683 if (!ev->status) in hci_change_link_key_complete_evt()
3684 set_bit(HCI_CONN_SECURE, &conn->flags); in hci_change_link_key_complete_evt()
3686 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags); in hci_change_link_key_complete_evt()
3688 hci_key_change_cfm(conn, ev->status); in hci_change_link_key_complete_evt()
3700 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_remote_features_evt()
3704 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_remote_features_evt()
3708 if (!ev->status) in hci_remote_features_evt()
3709 memcpy(conn->features[0], ev->features, 8); in hci_remote_features_evt()
3711 if (conn->state != BT_CONFIG) in hci_remote_features_evt()
3714 if (!ev->status && lmp_ext_feat_capable(hdev) && in hci_remote_features_evt()
3717 cp.handle = ev->handle; in hci_remote_features_evt()
3724 if (!ev->status) { in hci_remote_features_evt()
3727 bacpy(&cp.bdaddr, &conn->dst); in hci_remote_features_evt()
3735 conn->state = BT_CONNECTED; in hci_remote_features_evt()
3736 hci_connect_cfm(conn, ev->status); in hci_remote_features_evt()
3746 cancel_delayed_work(&hdev->cmd_timer); in handle_cmd_cnt_and_timer()
3749 if (!test_bit(HCI_RESET, &hdev->flags)) { in handle_cmd_cnt_and_timer()
3751 cancel_delayed_work(&hdev->ncmd_timer); in handle_cmd_cnt_and_timer()
3752 atomic_set(&hdev->cmd_cnt, 1); in handle_cmd_cnt_and_timer()
3755 queue_delayed_work(hdev->workqueue, &hdev->ncmd_timer, in handle_cmd_cnt_and_timer()
3767 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_read_buffer_size_v2()
3769 if (rp->status) in hci_cc_le_read_buffer_size_v2()
3770 return rp->status; in hci_cc_le_read_buffer_size_v2()
3772 hdev->le_mtu = __le16_to_cpu(rp->acl_mtu); in hci_cc_le_read_buffer_size_v2()
3773 hdev->le_pkts = rp->acl_max_pkt; in hci_cc_le_read_buffer_size_v2()
3774 hdev->iso_mtu = __le16_to_cpu(rp->iso_mtu); in hci_cc_le_read_buffer_size_v2()
3775 hdev->iso_pkts = rp->iso_max_pkt; in hci_cc_le_read_buffer_size_v2()
3777 hdev->le_cnt = hdev->le_pkts; in hci_cc_le_read_buffer_size_v2()
3778 hdev->iso_cnt = hdev->iso_pkts; in hci_cc_le_read_buffer_size_v2()
3780 BT_DBG("%s acl mtu %d:%d iso mtu %d:%d", hdev->name, hdev->acl_mtu, in hci_cc_le_read_buffer_size_v2()
3781 hdev->acl_pkts, hdev->iso_mtu, hdev->iso_pkts); in hci_cc_le_read_buffer_size_v2()
3783 if (hdev->le_mtu && hdev->le_mtu < HCI_MIN_LE_MTU) in hci_cc_le_read_buffer_size_v2()
3786 return rp->status; in hci_cc_le_read_buffer_size_v2()
3793 lockdep_assert_held(&hdev->lock); in hci_unbound_cis_failed()
3795 list_for_each_entry_safe(conn, tmp, &hdev->conn_hash.list, list) { in hci_unbound_cis_failed()
3796 if (conn->type != ISO_LINK || !bacmp(&conn->dst, BDADDR_ANY) || in hci_unbound_cis_failed()
3797 conn->state == BT_OPEN || conn->iso_qos.ucast.cig != cig) in hci_unbound_cis_failed()
3800 if (HCI_CONN_HANDLE_UNSET(conn->handle)) in hci_unbound_cis_failed()
3811 u8 status = rp->status; in hci_cc_le_set_cig_params()
3815 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_set_cig_params()
3818 if (!rp->status && (!cp || rp->num_handles != cp->num_cis || in hci_cc_le_set_cig_params()
3819 rp->cig_id != cp->cig_id)) { in hci_cc_le_set_cig_params()
3828 * If the Status return parameter is non-zero, then the state of the CIG in hci_cc_le_set_cig_params()
3834 hci_unbound_cis_failed(hdev, rp->cig_id, status); in hci_cc_le_set_cig_params()
3845 for (i = 0; i < rp->num_handles; ++i) { in hci_cc_le_set_cig_params()
3846 conn = hci_conn_hash_lookup_cis(hdev, NULL, 0, rp->cig_id, in hci_cc_le_set_cig_params()
3847 cp->cis[i].cis_id); in hci_cc_le_set_cig_params()
3848 if (!conn || !bacmp(&conn->dst, BDADDR_ANY)) in hci_cc_le_set_cig_params()
3851 if (conn->state != BT_BOUND && conn->state != BT_CONNECT) in hci_cc_le_set_cig_params()
3854 if (hci_conn_set_handle(conn, __le16_to_cpu(rp->handle[i]))) in hci_cc_le_set_cig_params()
3857 if (conn->state == BT_CONNECT) in hci_cc_le_set_cig_params()
3867 return rp->status; in hci_cc_le_set_cig_params()
3877 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_setup_iso_path()
3881 return rp->status; in hci_cc_le_setup_iso_path()
3885 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); in hci_cc_le_setup_iso_path()
3889 if (rp->status) { in hci_cc_le_setup_iso_path()
3890 hci_connect_cfm(conn, rp->status); in hci_cc_le_setup_iso_path()
3895 switch (cp->direction) { in hci_cc_le_setup_iso_path()
3899 if (conn->iso_qos.ucast.out.sdu && !conn->iso_qos.ucast.in.sdu) in hci_cc_le_setup_iso_path()
3900 hci_connect_cfm(conn, rp->status); in hci_cc_le_setup_iso_path()
3904 /* Confirm connection since conn->iso_qos is always configured in hci_cc_le_setup_iso_path()
3907 hci_connect_cfm(conn, rp->status); in hci_cc_le_setup_iso_path()
3910 if (!rp->status && test_bit(HCI_CONN_BIG_SYNC, &conn->flags)) in hci_cc_le_setup_iso_path()
3918 return rp->status; in hci_cc_le_setup_iso_path()
3932 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_set_per_adv_param()
3934 if (rp->status) in hci_cc_set_per_adv_param()
3935 return rp->status; in hci_cc_set_per_adv_param()
3939 return rp->status; in hci_cc_set_per_adv_param()
3942 return rp->status; in hci_cc_set_per_adv_param()
3950 struct adv_info *adv = NULL, *n; in hci_cc_le_set_per_adv_enable() local
3953 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); in hci_cc_le_set_per_adv_enable()
3955 if (rp->status) in hci_cc_le_set_per_adv_enable()
3956 return rp->status; in hci_cc_le_set_per_adv_enable()
3960 return rp->status; in hci_cc_le_set_per_adv_enable()
3964 adv = hci_find_adv_instance(hdev, cp->handle); in hci_cc_le_set_per_adv_enable()
3966 if (cp->enable) { in hci_cc_le_set_per_adv_enable()
3969 if (adv) in hci_cc_le_set_per_adv_enable()
3970 adv->enabled = true; in hci_cc_le_set_per_adv_enable()
3974 * The current periodic adv instance will be marked as in hci_cc_le_set_per_adv_enable()
3977 list_for_each_entry_safe(adv, n, &hdev->adv_instances, in hci_cc_le_set_per_adv_enable()
3979 if (adv->periodic && adv->enabled) in hci_cc_le_set_per_adv_enable()
3992 return rp->status; in hci_cc_le_set_per_adv_enable()
4183 if (skb->len < cc->min_len) { in hci_cc_func()
4185 cc->op, skb->len, cc->min_len); in hci_cc_func()
4193 if (skb->len > cc->max_len) in hci_cc_func()
4195 cc->op, skb->len, cc->max_len); in hci_cc_func()
4197 data = hci_cc_skb_pull(hdev, skb, cc->op, cc->min_len); in hci_cc_func()
4201 return cc->func(hdev, data, skb); in hci_cc_func()
4212 *opcode = __le16_to_cpu(ev->opcode); in hci_cmd_complete_evt()
4231 *status = skb->data[0]; in hci_cmd_complete_evt()
4234 handle_cmd_cnt_and_timer(hdev, ev->ncmd); in hci_cmd_complete_evt()
4245 if (atomic_read(&hdev->cmd_cnt) && !skb_queue_empty(&hdev->cmd_q)) in hci_cmd_complete_evt()
4246 queue_work(hdev->workqueue, &hdev->cmd_work); in hci_cmd_complete_evt()
4267 for (i = 0; cp->num_cis; cp->num_cis--, i++) { in hci_cs_le_create_cis()
4271 handle = __le16_to_cpu(cp->cis[i].cis_handle); in hci_cs_le_create_cis()
4276 &conn->flags)) in hci_cs_le_create_cis()
4278 conn->state = BT_CLOSED; in hci_cs_le_create_cis()
4332 *opcode = __le16_to_cpu(ev->opcode); in hci_cmd_status_evt()
4333 *status = ev->status; in hci_cmd_status_evt()
4339 hci_cs_table[i].func(hdev, ev->status); in hci_cmd_status_evt()
4344 handle_cmd_cnt_and_timer(hdev, ev->ncmd); in hci_cmd_status_evt()
4352 if (ev->status || (hdev->req_skb && !hci_skb_event(hdev->req_skb))) { in hci_cmd_status_evt()
4353 hci_req_cmd_complete(hdev, *opcode, ev->status, req_complete, in hci_cmd_status_evt()
4362 if (atomic_read(&hdev->cmd_cnt) && !skb_queue_empty(&hdev->cmd_q)) in hci_cmd_status_evt()
4363 queue_work(hdev->workqueue, &hdev->cmd_work); in hci_cmd_status_evt()
4371 bt_dev_dbg(hdev, "code 0x%2.2x", ev->code); in hci_hardware_error_evt()
4373 hdev->hw_error_code = ev->code; in hci_hardware_error_evt()
4375 queue_work(hdev->req_workqueue, &hdev->error_reset); in hci_hardware_error_evt()
4384 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_role_change_evt()
4388 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_role_change_evt()
4390 if (!ev->status) in hci_role_change_evt()
4391 conn->role = ev->role; in hci_role_change_evt()
4393 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags); in hci_role_change_evt()
4395 hci_role_switch_cfm(conn, ev->status, ev->role); in hci_role_change_evt()
4408 flex_array_size(ev, handles, ev->num))) in hci_num_comp_pkts_evt()
4411 bt_dev_dbg(hdev, "num %d", ev->num); in hci_num_comp_pkts_evt()
4413 for (i = 0; i < ev->num; i++) { in hci_num_comp_pkts_evt()
4414 struct hci_comp_pkts_info *info = &ev->handles[i]; in hci_num_comp_pkts_evt()
4418 handle = __le16_to_cpu(info->handle); in hci_num_comp_pkts_evt()
4419 count = __le16_to_cpu(info->count); in hci_num_comp_pkts_evt()
4425 conn->sent -= count; in hci_num_comp_pkts_evt()
4427 switch (conn->type) { in hci_num_comp_pkts_evt()
4429 hdev->acl_cnt += count; in hci_num_comp_pkts_evt()
4430 if (hdev->acl_cnt > hdev->acl_pkts) in hci_num_comp_pkts_evt()
4431 hdev->acl_cnt = hdev->acl_pkts; in hci_num_comp_pkts_evt()
4435 if (hdev->le_pkts) { in hci_num_comp_pkts_evt()
4436 hdev->le_cnt += count; in hci_num_comp_pkts_evt()
4437 if (hdev->le_cnt > hdev->le_pkts) in hci_num_comp_pkts_evt()
4438 hdev->le_cnt = hdev->le_pkts; in hci_num_comp_pkts_evt()
4440 hdev->acl_cnt += count; in hci_num_comp_pkts_evt()
4441 if (hdev->acl_cnt > hdev->acl_pkts) in hci_num_comp_pkts_evt()
4442 hdev->acl_cnt = hdev->acl_pkts; in hci_num_comp_pkts_evt()
4447 hdev->sco_cnt += count; in hci_num_comp_pkts_evt()
4448 if (hdev->sco_cnt > hdev->sco_pkts) in hci_num_comp_pkts_evt()
4449 hdev->sco_cnt = hdev->sco_pkts; in hci_num_comp_pkts_evt()
4453 if (hdev->iso_pkts) { in hci_num_comp_pkts_evt()
4454 hdev->iso_cnt += count; in hci_num_comp_pkts_evt()
4455 if (hdev->iso_cnt > hdev->iso_pkts) in hci_num_comp_pkts_evt()
4456 hdev->iso_cnt = hdev->iso_pkts; in hci_num_comp_pkts_evt()
4457 } else if (hdev->le_pkts) { in hci_num_comp_pkts_evt()
4458 hdev->le_cnt += count; in hci_num_comp_pkts_evt()
4459 if (hdev->le_cnt > hdev->le_pkts) in hci_num_comp_pkts_evt()
4460 hdev->le_cnt = hdev->le_pkts; in hci_num_comp_pkts_evt()
4462 hdev->acl_cnt += count; in hci_num_comp_pkts_evt()
4463 if (hdev->acl_cnt > hdev->acl_pkts) in hci_num_comp_pkts_evt()
4464 hdev->acl_cnt = hdev->acl_pkts; in hci_num_comp_pkts_evt()
4470 conn->type, conn); in hci_num_comp_pkts_evt()
4475 queue_work(hdev->workqueue, &hdev->tx_work); in hci_num_comp_pkts_evt()
4484 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_mode_change_evt()
4488 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_mode_change_evt()
4490 conn->mode = ev->mode; in hci_mode_change_evt()
4493 &conn->flags)) { in hci_mode_change_evt()
4494 if (conn->mode == HCI_CM_ACTIVE) in hci_mode_change_evt()
4495 set_bit(HCI_CONN_POWER_SAVE, &conn->flags); in hci_mode_change_evt()
4497 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags); in hci_mode_change_evt()
4500 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags)) in hci_mode_change_evt()
4501 hci_sco_setup(conn, ev->status); in hci_mode_change_evt()
4517 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_pin_code_request_evt()
4521 if (conn->state == BT_CONNECTED) { in hci_pin_code_request_evt()
4523 conn->disc_timeout = HCI_PAIRING_TIMEOUT; in hci_pin_code_request_evt()
4528 !test_bit(HCI_CONN_AUTH_INITIATOR, &conn->flags)) { in hci_pin_code_request_evt()
4530 sizeof(ev->bdaddr), &ev->bdaddr); in hci_pin_code_request_evt()
4534 if (conn->pending_sec_level == BT_SECURITY_HIGH) in hci_pin_code_request_evt()
4539 mgmt_pin_code_request(hdev, &ev->bdaddr, secure); in hci_pin_code_request_evt()
4551 conn->pin_length = pin_len; in conn_set_key()
4552 conn->key_type = key_type; in conn_set_key()
4561 conn->pending_sec_level = BT_SECURITY_HIGH; in conn_set_key()
4563 conn->pending_sec_level = BT_SECURITY_MEDIUM; in conn_set_key()
4567 conn->pending_sec_level = BT_SECURITY_MEDIUM; in conn_set_key()
4570 conn->pending_sec_level = BT_SECURITY_HIGH; in conn_set_key()
4573 conn->pending_sec_level = BT_SECURITY_FIPS; in conn_set_key()
4593 key = hci_find_link_key(hdev, &ev->bdaddr); in hci_link_key_request_evt()
4595 bt_dev_dbg(hdev, "link key not found for %pMR", &ev->bdaddr); in hci_link_key_request_evt()
4599 bt_dev_dbg(hdev, "found key type %u for %pMR", key->type, &ev->bdaddr); in hci_link_key_request_evt()
4601 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_link_key_request_evt()
4603 clear_bit(HCI_CONN_NEW_LINK_KEY, &conn->flags); in hci_link_key_request_evt()
4605 if ((key->type == HCI_LK_UNAUTH_COMBINATION_P192 || in hci_link_key_request_evt()
4606 key->type == HCI_LK_UNAUTH_COMBINATION_P256) && in hci_link_key_request_evt()
4607 conn->auth_type != 0xff && (conn->auth_type & 0x01)) { in hci_link_key_request_evt()
4612 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 && in hci_link_key_request_evt()
4613 (conn->pending_sec_level == BT_SECURITY_HIGH || in hci_link_key_request_evt()
4614 conn->pending_sec_level == BT_SECURITY_FIPS)) { in hci_link_key_request_evt()
4619 conn_set_key(conn, key->type, key->pin_len); in hci_link_key_request_evt()
4622 bacpy(&cp.bdaddr, &ev->bdaddr); in hci_link_key_request_evt()
4623 memcpy(cp.link_key, key->val, HCI_LINK_KEY_SIZE); in hci_link_key_request_evt()
4632 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr); in hci_link_key_request_evt()
4649 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_link_key_notify_evt()
4653 /* Ignore NULL link key against CVE-2020-26555 */ in hci_link_key_notify_evt()
4654 if (!crypto_memneq(ev->link_key, ZERO_KEY, HCI_LINK_KEY_SIZE)) { in hci_link_key_notify_evt()
4656 &ev->bdaddr); in hci_link_key_notify_evt()
4663 conn->disc_timeout = HCI_DISCONN_TIMEOUT; in hci_link_key_notify_evt()
4666 set_bit(HCI_CONN_NEW_LINK_KEY, &conn->flags); in hci_link_key_notify_evt()
4667 conn_set_key(conn, ev->key_type, conn->pin_length); in hci_link_key_notify_evt()
4672 key = hci_add_link_key(hdev, conn, &ev->bdaddr, ev->link_key, in hci_link_key_notify_evt()
4673 ev->key_type, pin_len, &persistent); in hci_link_key_notify_evt()
4680 if (ev->key_type == HCI_LK_CHANGED_COMBINATION) in hci_link_key_notify_evt()
4681 conn_set_key(conn, key->type, key->pin_len); in hci_link_key_notify_evt()
4690 if (key->type == HCI_LK_DEBUG_COMBINATION && in hci_link_key_notify_evt()
4692 list_del_rcu(&key->list); in hci_link_key_notify_evt()
4698 clear_bit(HCI_CONN_FLUSH_KEY, &conn->flags); in hci_link_key_notify_evt()
4700 set_bit(HCI_CONN_FLUSH_KEY, &conn->flags); in hci_link_key_notify_evt()
4712 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_clock_offset_evt()
4716 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_clock_offset_evt()
4717 if (conn && !ev->status) { in hci_clock_offset_evt()
4720 ie = hci_inquiry_cache_lookup(hdev, &conn->dst); in hci_clock_offset_evt()
4722 ie->data.clock_offset = ev->clock_offset; in hci_clock_offset_evt()
4723 ie->timestamp = jiffies; in hci_clock_offset_evt()
4736 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_pkt_type_change_evt()
4740 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_pkt_type_change_evt()
4741 if (conn && !ev->status) in hci_pkt_type_change_evt()
4742 conn->pkt_type = __le16_to_cpu(ev->pkt_type); in hci_pkt_type_change_evt()
4757 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr); in hci_pscan_rep_mode_evt()
4759 ie->data.pscan_rep_mode = ev->pscan_rep_mode; in hci_pscan_rep_mode_evt()
4760 ie->timestamp = jiffies; in hci_pscan_rep_mode_evt()
4773 bt_dev_dbg(hdev, "num_rsp %d", ev->num); in hci_inquiry_result_with_rssi_evt()
4775 if (!ev->num) in hci_inquiry_result_with_rssi_evt()
4783 if (skb->len == array_size(ev->num, in hci_inquiry_result_with_rssi_evt()
4787 for (i = 0; i < ev->num; i++) { in hci_inquiry_result_with_rssi_evt()
4799 bacpy(&data.bdaddr, &info->bdaddr); in hci_inquiry_result_with_rssi_evt()
4800 data.pscan_rep_mode = info->pscan_rep_mode; in hci_inquiry_result_with_rssi_evt()
4801 data.pscan_period_mode = info->pscan_period_mode; in hci_inquiry_result_with_rssi_evt()
4802 data.pscan_mode = info->pscan_mode; in hci_inquiry_result_with_rssi_evt()
4803 memcpy(data.dev_class, info->dev_class, 3); in hci_inquiry_result_with_rssi_evt()
4804 data.clock_offset = info->clock_offset; in hci_inquiry_result_with_rssi_evt()
4805 data.rssi = info->rssi; in hci_inquiry_result_with_rssi_evt()
4810 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00, in hci_inquiry_result_with_rssi_evt()
4811 info->dev_class, info->rssi, in hci_inquiry_result_with_rssi_evt()
4814 } else if (skb->len == array_size(ev->num, in hci_inquiry_result_with_rssi_evt()
4818 for (i = 0; i < ev->num; i++) { in hci_inquiry_result_with_rssi_evt()
4830 bacpy(&data.bdaddr, &info->bdaddr); in hci_inquiry_result_with_rssi_evt()
4831 data.pscan_rep_mode = info->pscan_rep_mode; in hci_inquiry_result_with_rssi_evt()
4832 data.pscan_period_mode = info->pscan_period_mode; in hci_inquiry_result_with_rssi_evt()
4834 memcpy(data.dev_class, info->dev_class, 3); in hci_inquiry_result_with_rssi_evt()
4835 data.clock_offset = info->clock_offset; in hci_inquiry_result_with_rssi_evt()
4836 data.rssi = info->rssi; in hci_inquiry_result_with_rssi_evt()
4841 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00, in hci_inquiry_result_with_rssi_evt()
4842 info->dev_class, info->rssi, in hci_inquiry_result_with_rssi_evt()
4859 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_remote_ext_features_evt()
4863 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_remote_ext_features_evt()
4867 if (ev->page < HCI_MAX_PAGES) in hci_remote_ext_features_evt()
4868 memcpy(conn->features[ev->page], ev->features, 8); in hci_remote_ext_features_evt()
4870 if (!ev->status && ev->page == 0x01) { in hci_remote_ext_features_evt()
4873 ie = hci_inquiry_cache_lookup(hdev, &conn->dst); in hci_remote_ext_features_evt()
4875 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP); in hci_remote_ext_features_evt()
4877 if (ev->features[0] & LMP_HOST_SSP) { in hci_remote_ext_features_evt()
4878 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags); in hci_remote_ext_features_evt()
4888 clear_bit(HCI_CONN_SSP_ENABLED, &conn->flags); in hci_remote_ext_features_evt()
4891 if (ev->features[0] & LMP_HOST_SC) in hci_remote_ext_features_evt()
4892 set_bit(HCI_CONN_SC_ENABLED, &conn->flags); in hci_remote_ext_features_evt()
4895 if (conn->state != BT_CONFIG) in hci_remote_ext_features_evt()
4898 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) { in hci_remote_ext_features_evt()
4901 bacpy(&cp.bdaddr, &conn->dst); in hci_remote_ext_features_evt()
4909 conn->state = BT_CONNECTED; in hci_remote_ext_features_evt()
4910 hci_connect_cfm(conn, ev->status); in hci_remote_ext_features_evt()
4923 u8 status = ev->status; in hci_sync_conn_complete_evt()
4925 switch (ev->link_type) { in hci_sync_conn_complete_evt()
4942 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr); in hci_sync_conn_complete_evt()
4944 if (ev->link_type == ESCO_LINK) in hci_sync_conn_complete_evt()
4956 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr); in hci_sync_conn_complete_evt()
4967 if (!HCI_CONN_HANDLE_UNSET(conn->handle)) { in hci_sync_conn_complete_evt()
4974 status = hci_conn_set_handle(conn, __le16_to_cpu(ev->handle)); in hci_sync_conn_complete_evt()
4976 conn->state = BT_CLOSED; in hci_sync_conn_complete_evt()
4980 conn->state = BT_CONNECTED; in hci_sync_conn_complete_evt()
4981 conn->type = ev->link_type; in hci_sync_conn_complete_evt()
4995 if (conn->out) { in hci_sync_conn_complete_evt()
4996 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) | in hci_sync_conn_complete_evt()
4997 (hdev->esco_type & EDR_ESCO_MASK); in hci_sync_conn_complete_evt()
4998 if (hci_setup_sync(conn, conn->parent->handle)) in hci_sync_conn_complete_evt()
5004 conn->state = BT_CLOSED; in hci_sync_conn_complete_evt()
5008 bt_dev_dbg(hdev, "SCO connected with air mode: %02x", ev->air_mode); in hci_sync_conn_complete_evt()
5010 * is zero and non-zero value shall be non-HCI transport data path in hci_sync_conn_complete_evt()
5012 if (conn->codec.data_path == 0 && hdev->notify) { in hci_sync_conn_complete_evt()
5013 switch (ev->air_mode) { in hci_sync_conn_complete_evt()
5015 hdev->notify(hdev, HCI_NOTIFY_ENABLE_SCO_CVSD); in hci_sync_conn_complete_evt()
5018 hdev->notify(hdev, HCI_NOTIFY_ENABLE_SCO_TRANSP); in hci_sync_conn_complete_evt()
5057 flex_array_size(ev, info, ev->num))) in hci_extended_inquiry_result_evt()
5060 bt_dev_dbg(hdev, "num %d", ev->num); in hci_extended_inquiry_result_evt()
5062 if (!ev->num) in hci_extended_inquiry_result_evt()
5070 for (i = 0; i < ev->num; i++) { in hci_extended_inquiry_result_evt()
5071 struct extended_inquiry_info *info = &ev->info[i]; in hci_extended_inquiry_result_evt()
5075 bacpy(&data.bdaddr, &info->bdaddr); in hci_extended_inquiry_result_evt()
5076 data.pscan_rep_mode = info->pscan_rep_mode; in hci_extended_inquiry_result_evt()
5077 data.pscan_period_mode = info->pscan_period_mode; in hci_extended_inquiry_result_evt()
5079 memcpy(data.dev_class, info->dev_class, 3); in hci_extended_inquiry_result_evt()
5080 data.clock_offset = info->clock_offset; in hci_extended_inquiry_result_evt()
5081 data.rssi = info->rssi; in hci_extended_inquiry_result_evt()
5085 name_known = eir_get_data(info->data, in hci_extended_inquiry_result_evt()
5086 sizeof(info->data), in hci_extended_inquiry_result_evt()
5093 eir_len = eir_get_length(info->data, sizeof(info->data)); in hci_extended_inquiry_result_evt()
5095 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00, in hci_extended_inquiry_result_evt()
5096 info->dev_class, info->rssi, in hci_extended_inquiry_result_evt()
5097 flags, info->data, eir_len, NULL, 0, 0); in hci_extended_inquiry_result_evt()
5109 bt_dev_dbg(hdev, "status 0x%2.2x handle 0x%4.4x", ev->status, in hci_key_refresh_complete_evt()
5110 __le16_to_cpu(ev->handle)); in hci_key_refresh_complete_evt()
5114 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_key_refresh_complete_evt()
5121 if (conn->type != LE_LINK) in hci_key_refresh_complete_evt()
5124 if (!ev->status) in hci_key_refresh_complete_evt()
5125 conn->sec_level = conn->pending_sec_level; in hci_key_refresh_complete_evt()
5127 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags); in hci_key_refresh_complete_evt()
5129 if (ev->status && conn->state == BT_CONNECTED) { in hci_key_refresh_complete_evt()
5135 if (conn->state == BT_CONFIG) { in hci_key_refresh_complete_evt()
5136 if (!ev->status) in hci_key_refresh_complete_evt()
5137 conn->state = BT_CONNECTED; in hci_key_refresh_complete_evt()
5139 hci_connect_cfm(conn, ev->status); in hci_key_refresh_complete_evt()
5142 hci_auth_cfm(conn, ev->status); in hci_key_refresh_complete_evt()
5145 conn->disc_timeout = HCI_DISCONN_TIMEOUT; in hci_key_refresh_complete_evt()
5155 /* If remote requests no-bonding follow that lead */ in hci_get_auth_req()
5156 if (conn->remote_auth == HCI_AT_NO_BONDING || in hci_get_auth_req()
5157 conn->remote_auth == HCI_AT_NO_BONDING_MITM) in hci_get_auth_req()
5158 return conn->remote_auth | (conn->auth_type & 0x01); in hci_get_auth_req()
5163 if (conn->remote_cap != HCI_IO_NO_INPUT_OUTPUT && in hci_get_auth_req()
5164 conn->io_capability != HCI_IO_NO_INPUT_OUTPUT) in hci_get_auth_req()
5165 return conn->remote_auth | 0x01; in hci_get_auth_req()
5168 return (conn->remote_auth & ~0x01) | (conn->auth_type & 0x01); in hci_get_auth_req()
5173 struct hci_dev *hdev = conn->hdev; in bredr_oob_data_present()
5176 data = hci_find_remote_oob_data(hdev, &conn->dst, BDADDR_BREDR); in bredr_oob_data_present()
5188 return data->present; in bredr_oob_data_present()
5191 * the P-256 values are required. If they are not in bredr_oob_data_present()
5195 if (!crypto_memneq(data->rand256, ZERO_KEY, 16) || in bredr_oob_data_present()
5196 !crypto_memneq(data->hash256, ZERO_KEY, 16)) in bredr_oob_data_present()
5204 * P-192 data values are present. in bredr_oob_data_present()
5206 if (!crypto_memneq(data->rand192, ZERO_KEY, 16) || in bredr_oob_data_present()
5207 !crypto_memneq(data->hash192, ZERO_KEY, 16)) in bredr_oob_data_present()
5223 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_io_capa_request_evt()
5228 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags); in hci_io_capa_request_evt()
5239 test_bit(HCI_CONN_AUTH_INITIATOR, &conn->flags) || in hci_io_capa_request_evt()
5240 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) { in hci_io_capa_request_evt()
5243 bacpy(&cp.bdaddr, &ev->bdaddr); in hci_io_capa_request_evt()
5246 cp.capability = (conn->io_capability == 0x04) ? in hci_io_capa_request_evt()
5247 HCI_IO_DISPLAY_YESNO : conn->io_capability; in hci_io_capa_request_evt()
5250 if (conn->remote_auth == 0xff) { in hci_io_capa_request_evt()
5252 * except for the no-bonding case. in hci_io_capa_request_evt()
5254 if (conn->io_capability != HCI_IO_NO_INPUT_OUTPUT && in hci_io_capa_request_evt()
5255 conn->auth_type != HCI_AT_NO_BONDING) in hci_io_capa_request_evt()
5256 conn->auth_type |= 0x01; in hci_io_capa_request_evt()
5258 conn->auth_type = hci_get_auth_req(conn); in hci_io_capa_request_evt()
5261 /* If we're not bondable, force one of the non-bondable in hci_io_capa_request_evt()
5265 conn->auth_type &= HCI_AT_NO_BONDING_MITM; in hci_io_capa_request_evt()
5267 cp.authentication = conn->auth_type; in hci_io_capa_request_evt()
5275 bacpy(&cp.bdaddr, &ev->bdaddr); in hci_io_capa_request_evt()
5296 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_io_capa_reply_evt()
5300 conn->remote_cap = ev->capability; in hci_io_capa_reply_evt()
5301 conn->remote_auth = ev->authentication; in hci_io_capa_reply_evt()
5321 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_user_confirm_request_evt()
5325 loc_mitm = (conn->auth_type & 0x01); in hci_user_confirm_request_evt()
5326 rem_mitm = (conn->remote_auth & 0x01); in hci_user_confirm_request_evt()
5331 * necessarily match conn->auth_type. in hci_user_confirm_request_evt()
5333 if (conn->pending_sec_level > BT_SECURITY_MEDIUM && in hci_user_confirm_request_evt()
5334 conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT) { in hci_user_confirm_request_evt()
5337 sizeof(ev->bdaddr), &ev->bdaddr); in hci_user_confirm_request_evt()
5342 if ((!loc_mitm || conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT) && in hci_user_confirm_request_evt()
5343 (!rem_mitm || conn->io_capability == HCI_IO_NO_INPUT_OUTPUT)) { in hci_user_confirm_request_evt()
5349 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && in hci_user_confirm_request_evt()
5350 conn->io_capability != HCI_IO_NO_INPUT_OUTPUT) { in hci_user_confirm_request_evt()
5351 bt_dev_dbg(hdev, "Confirming auto-accept as acceptor"); in hci_user_confirm_request_evt()
5360 if (hci_find_link_key(hdev, &ev->bdaddr)) { in hci_user_confirm_request_evt()
5366 BT_DBG("Auto-accept of user confirmation with %ums delay", in hci_user_confirm_request_evt()
5367 hdev->auto_accept_delay); in hci_user_confirm_request_evt()
5369 if (hdev->auto_accept_delay > 0) { in hci_user_confirm_request_evt()
5370 int delay = msecs_to_jiffies(hdev->auto_accept_delay); in hci_user_confirm_request_evt() local
5371 queue_delayed_work(conn->hdev->workqueue, in hci_user_confirm_request_evt()
5372 &conn->auto_accept_work, delay); in hci_user_confirm_request_evt()
5377 sizeof(ev->bdaddr), &ev->bdaddr); in hci_user_confirm_request_evt()
5382 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, in hci_user_confirm_request_evt()
5383 le32_to_cpu(ev->passkey), confirm_hint); in hci_user_confirm_request_evt()
5397 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0); in hci_user_passkey_request_evt()
5408 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_user_passkey_notify_evt()
5412 conn->passkey_notify = __le32_to_cpu(ev->passkey); in hci_user_passkey_notify_evt()
5413 conn->passkey_entered = 0; in hci_user_passkey_notify_evt()
5416 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type, in hci_user_passkey_notify_evt()
5417 conn->dst_type, conn->passkey_notify, in hci_user_passkey_notify_evt()
5418 conn->passkey_entered); in hci_user_passkey_notify_evt()
5429 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_keypress_notify_evt()
5433 switch (ev->type) { in hci_keypress_notify_evt()
5435 conn->passkey_entered = 0; in hci_keypress_notify_evt()
5439 conn->passkey_entered++; in hci_keypress_notify_evt()
5443 conn->passkey_entered--; in hci_keypress_notify_evt()
5447 conn->passkey_entered = 0; in hci_keypress_notify_evt()
5455 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type, in hci_keypress_notify_evt()
5456 conn->dst_type, conn->passkey_notify, in hci_keypress_notify_evt()
5457 conn->passkey_entered); in hci_keypress_notify_evt()
5470 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_simple_pair_complete_evt()
5475 conn->remote_auth = 0xff; in hci_simple_pair_complete_evt()
5482 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status) in hci_simple_pair_complete_evt()
5483 mgmt_auth_failed(conn, ev->status); in hci_simple_pair_complete_evt()
5502 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_remote_host_features_evt()
5504 memcpy(conn->features[1], ev->features, 8); in hci_remote_host_features_evt()
5506 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr); in hci_remote_host_features_evt()
5508 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP); in hci_remote_host_features_evt()
5526 data = hci_find_remote_oob_data(hdev, &ev->bdaddr, BDADDR_BREDR); in hci_remote_oob_data_request_evt()
5530 bacpy(&cp.bdaddr, &ev->bdaddr); in hci_remote_oob_data_request_evt()
5539 bacpy(&cp.bdaddr, &ev->bdaddr); in hci_remote_oob_data_request_evt()
5544 memcpy(cp.hash192, data->hash192, sizeof(cp.hash192)); in hci_remote_oob_data_request_evt()
5545 memcpy(cp.rand192, data->rand192, sizeof(cp.rand192)); in hci_remote_oob_data_request_evt()
5547 memcpy(cp.hash256, data->hash256, sizeof(cp.hash256)); in hci_remote_oob_data_request_evt()
5548 memcpy(cp.rand256, data->rand256, sizeof(cp.rand256)); in hci_remote_oob_data_request_evt()
5555 bacpy(&cp.bdaddr, &ev->bdaddr); in hci_remote_oob_data_request_evt()
5556 memcpy(cp.hash, data->hash192, sizeof(cp.hash)); in hci_remote_oob_data_request_evt()
5557 memcpy(cp.rand, data->rand192, sizeof(cp.rand)); in hci_remote_oob_data_request_evt()
5570 if (conn->out) { in le_conn_update_addr()
5571 conn->dst_type = bdaddr_type; in le_conn_update_addr()
5572 conn->resp_addr_type = bdaddr_type; in le_conn_update_addr()
5573 bacpy(&conn->resp_addr, bdaddr); in le_conn_update_addr()
5576 * used instead or hdev->rpa. in le_conn_update_addr()
5579 conn->init_addr_type = ADDR_LE_DEV_RANDOM; in le_conn_update_addr()
5580 bacpy(&conn->init_addr, local_rpa); in le_conn_update_addr()
5581 } else if (hci_dev_test_flag(conn->hdev, HCI_PRIVACY)) { in le_conn_update_addr()
5582 conn->init_addr_type = ADDR_LE_DEV_RANDOM; in le_conn_update_addr()
5583 bacpy(&conn->init_addr, &conn->hdev->rpa); in le_conn_update_addr()
5585 hci_copy_identity_address(conn->hdev, &conn->init_addr, in le_conn_update_addr()
5586 &conn->init_addr_type); in le_conn_update_addr()
5589 conn->resp_addr_type = conn->hdev->adv_addr_type; in le_conn_update_addr()
5591 * used instead or hdev->rpa. in le_conn_update_addr()
5594 conn->resp_addr_type = ADDR_LE_DEV_RANDOM; in le_conn_update_addr()
5595 bacpy(&conn->resp_addr, local_rpa); in le_conn_update_addr()
5596 } else if (conn->hdev->adv_addr_type == ADDR_LE_DEV_RANDOM) { in le_conn_update_addr()
5597 /* In case of ext adv, resp_addr will be updated in in le_conn_update_addr()
5598 * Adv Terminated event. in le_conn_update_addr()
5600 if (!ext_adv_capable(conn->hdev)) in le_conn_update_addr()
5601 bacpy(&conn->resp_addr, in le_conn_update_addr()
5602 &conn->hdev->random_addr); in le_conn_update_addr()
5604 bacpy(&conn->resp_addr, &conn->hdev->bdaddr); in le_conn_update_addr()
5607 conn->init_addr_type = bdaddr_type; in le_conn_update_addr()
5608 bacpy(&conn->init_addr, bdaddr); in le_conn_update_addr()
5615 conn->le_conn_min_interval = conn->hdev->le_conn_min_interval; in le_conn_update_addr()
5616 conn->le_conn_max_interval = conn->hdev->le_conn_max_interval; in le_conn_update_addr()
5652 conn->dst_type = bdaddr_type; in le_conn_complete_evt()
5662 if (conn->out) { in le_conn_complete_evt()
5663 conn->resp_addr_type = bdaddr_type; in le_conn_complete_evt()
5664 bacpy(&conn->resp_addr, bdaddr); in le_conn_complete_evt()
5666 conn->init_addr_type = ADDR_LE_DEV_RANDOM; in le_conn_complete_evt()
5667 bacpy(&conn->init_addr, &hdev->rpa); in le_conn_complete_evt()
5670 &conn->init_addr, in le_conn_complete_evt()
5671 &conn->init_addr_type); in le_conn_complete_evt()
5675 cancel_delayed_work(&conn->le_conn_timeout); in le_conn_complete_evt()
5684 if (!HCI_CONN_HANDLE_UNSET(conn->handle)) { in le_conn_complete_evt()
5700 irk = hci_get_irk(hdev, &conn->dst, conn->dst_type); in le_conn_complete_evt()
5702 bacpy(&conn->dst, &irk->bdaddr); in le_conn_complete_evt()
5703 conn->dst_type = irk->addr_type; in le_conn_complete_evt()
5706 conn->dst_type = ev_bdaddr_type(hdev, conn->dst_type, NULL); in le_conn_complete_evt()
5716 if (test_bit(HCI_CONN_CANCEL, &conn->flags)) { in le_conn_complete_evt()
5721 if (conn->dst_type == ADDR_LE_DEV_PUBLIC) in le_conn_complete_evt()
5727 if (hci_bdaddr_list_lookup(&hdev->reject_list, &conn->dst, addr_type)) { in le_conn_complete_evt()
5734 conn->sec_level = BT_SECURITY_LOW; in le_conn_complete_evt()
5735 conn->state = BT_CONFIG; in le_conn_complete_evt()
5738 * when sotfware rotation is in use so it can be re-enabled when in le_conn_complete_evt()
5742 conn->adv_instance = hdev->cur_adv_instance; in le_conn_complete_evt()
5744 conn->le_conn_interval = interval; in le_conn_complete_evt()
5745 conn->le_conn_latency = latency; in le_conn_complete_evt()
5746 conn->le_supv_timeout = supervision_timeout; in le_conn_complete_evt()
5755 * If the local controller supports peripheral-initiated features in le_conn_complete_evt()
5760 if (conn->out || in le_conn_complete_evt()
5761 (hdev->le_features[0] & HCI_LE_PERIPHERAL_FEATURES)) { in le_conn_complete_evt()
5764 cp.handle = __cpu_to_le16(conn->handle); in le_conn_complete_evt()
5771 conn->state = BT_CONNECTED; in le_conn_complete_evt()
5775 params = hci_pend_le_action_lookup(&hdev->pend_le_conns, &conn->dst, in le_conn_complete_evt()
5776 conn->dst_type); in le_conn_complete_evt()
5779 if (params->conn) { in le_conn_complete_evt()
5780 hci_conn_drop(params->conn); in le_conn_complete_evt()
5781 hci_conn_put(params->conn); in le_conn_complete_evt()
5782 params->conn = NULL; in le_conn_complete_evt()
5796 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_le_conn_complete_evt()
5798 le_conn_complete_evt(hdev, ev->status, &ev->bdaddr, ev->bdaddr_type, in hci_le_conn_complete_evt()
5799 NULL, ev->role, le16_to_cpu(ev->handle), in hci_le_conn_complete_evt()
5800 le16_to_cpu(ev->interval), in hci_le_conn_complete_evt()
5801 le16_to_cpu(ev->latency), in hci_le_conn_complete_evt()
5802 le16_to_cpu(ev->supervision_timeout)); in hci_le_conn_complete_evt()
5810 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_le_enh_conn_complete_evt()
5812 le_conn_complete_evt(hdev, ev->status, &ev->bdaddr, ev->bdaddr_type, in hci_le_enh_conn_complete_evt()
5813 &ev->local_rpa, ev->role, le16_to_cpu(ev->handle), in hci_le_enh_conn_complete_evt()
5814 le16_to_cpu(ev->interval), in hci_le_enh_conn_complete_evt()
5815 le16_to_cpu(ev->latency), in hci_le_enh_conn_complete_evt()
5816 le16_to_cpu(ev->supervision_timeout)); in hci_le_enh_conn_complete_evt()
5824 struct adv_info *adv, *n; in hci_le_ext_adv_term_evt() local
5826 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_le_ext_adv_term_evt()
5835 if (ev->status == HCI_ERROR_CANCELLED_BY_HOST) { in hci_le_ext_adv_term_evt()
5842 adv = hci_find_adv_instance(hdev, ev->handle); in hci_le_ext_adv_term_evt()
5844 if (ev->status) { in hci_le_ext_adv_term_evt()
5845 if (!adv) in hci_le_ext_adv_term_evt()
5849 hci_remove_adv_instance(hdev, ev->handle); in hci_le_ext_adv_term_evt()
5850 mgmt_advertising_removed(NULL, hdev, ev->handle); in hci_le_ext_adv_term_evt()
5852 list_for_each_entry_safe(adv, n, &hdev->adv_instances, list) { in hci_le_ext_adv_term_evt()
5853 if (adv->enabled) in hci_le_ext_adv_term_evt()
5862 if (adv) in hci_le_ext_adv_term_evt()
5863 adv->enabled = false; in hci_le_ext_adv_term_evt()
5865 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->conn_handle)); in hci_le_ext_adv_term_evt()
5868 * instance can be re-enabled when disconnected. in hci_le_ext_adv_term_evt()
5870 conn->adv_instance = ev->handle; in hci_le_ext_adv_term_evt()
5872 if (hdev->adv_addr_type != ADDR_LE_DEV_RANDOM || in hci_le_ext_adv_term_evt()
5873 bacmp(&conn->resp_addr, BDADDR_ANY)) in hci_le_ext_adv_term_evt()
5876 if (!ev->handle) { in hci_le_ext_adv_term_evt()
5877 bacpy(&conn->resp_addr, &hdev->random_addr); in hci_le_ext_adv_term_evt()
5881 if (adv) in hci_le_ext_adv_term_evt()
5882 bacpy(&conn->resp_addr, &adv->random_addr); in hci_le_ext_adv_term_evt()
5895 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_le_conn_update_complete_evt()
5897 if (ev->status) in hci_le_conn_update_complete_evt()
5902 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_le_conn_update_complete_evt()
5904 conn->le_conn_interval = le16_to_cpu(ev->interval); in hci_le_conn_update_complete_evt()
5905 conn->le_conn_latency = le16_to_cpu(ev->latency); in hci_le_conn_update_complete_evt()
5906 conn->le_supv_timeout = le16_to_cpu(ev->supervision_timeout); in hci_le_conn_update_complete_evt()
5912 /* This function requires the caller holds hdev->lock */
5926 if (hci_bdaddr_list_lookup(&hdev->reject_list, addr, addr_type) || in check_pending_le_conn()
5927 hdev->suspended) in check_pending_le_conn()
5933 if (hdev->conn_hash.le_num_peripheral > 0 && in check_pending_le_conn()
5934 (!test_bit(HCI_QUIRK_VALID_LE_STATES, &hdev->quirks) || in check_pending_le_conn()
5935 !(hdev->le_states[3] & 0x10))) in check_pending_le_conn()
5941 params = hci_pend_le_action_lookup(&hdev->pend_le_conns, addr, in check_pending_le_conn()
5946 if (!params->explicit_connect) { in check_pending_le_conn()
5947 switch (params->auto_connect) { in check_pending_le_conn()
5970 BT_SECURITY_LOW, hdev->def_le_autoconnect_timeout, in check_pending_le_conn()
5982 if (!params->explicit_connect) in check_pending_le_conn()
5983 params->conn = hci_conn_get(conn); in check_pending_le_conn()
5989 case -EBUSY: in check_pending_le_conn()
5990 /* If hci_connect() returns -EBUSY it means there is already in check_pending_le_conn()
6009 struct discovery_state *d = &hdev->discovery; in process_adv_report()
6031 "adv larger than maximum supported"); in process_adv_report()
6038 * When data is NULL, len is 0 so there is no need for extra ptr in process_adv_report()
6049 len = ptr - data; in process_adv_report()
6076 if (!smp_irk_matches(hdev, hdev->irk, direct_addr)) in process_adv_report()
6083 bdaddr = &irk->bdaddr; in process_adv_report()
6084 bdaddr_type = irk->addr_type; in process_adv_report()
6101 memcpy(conn->le_adv_data, data, len); in process_adv_report()
6102 conn->le_adv_data_len = len; in process_adv_report()
6121 if (hdev->le_scan_type == LE_SCAN_PASSIVE) { in process_adv_report()
6125 if (!hci_pend_le_action_lookup(&hdev->pend_le_reports, in process_adv_report()
6127 idr_is_empty(&hdev->adv_monitors_idr)) in process_adv_report()
6168 match = (!bacmp(bdaddr, &d->last_adv_addr) && in process_adv_report()
6169 bdaddr_type == d->last_adv_addr_type); in process_adv_report()
6178 mgmt_device_found(hdev, &d->last_adv_addr, LE_LINK, in process_adv_report()
6179 d->last_adv_addr_type, NULL, in process_adv_report()
6180 d->last_adv_rssi, d->last_adv_flags, in process_adv_report()
6181 d->last_adv_data, in process_adv_report()
6182 d->last_adv_data_len, NULL, 0, 0); in process_adv_report()
6207 mgmt_device_found(hdev, &d->last_adv_addr, LE_LINK, in process_adv_report()
6208 d->last_adv_addr_type, NULL, rssi, d->last_adv_flags, in process_adv_report()
6209 d->last_adv_data, d->last_adv_data_len, data, len, 0); in process_adv_report()
6219 if (!ev->num) in hci_le_adv_report_evt()
6224 while (ev->num--) { in hci_le_adv_report_evt()
6235 info->length + 1)) in hci_le_adv_report_evt()
6238 if (info->length <= max_adv_len(hdev)) { in hci_le_adv_report_evt()
6239 rssi = info->data[info->length]; in hci_le_adv_report_evt()
6240 process_adv_report(hdev, info->type, &info->bdaddr, in hci_le_adv_report_evt()
6241 info->bdaddr_type, NULL, 0, rssi, in hci_le_adv_report_evt()
6242 info->data, info->length, false, in hci_le_adv_report_evt()
6302 if (!ev->num) in hci_le_ext_adv_report_evt()
6307 while (ev->num--) { in hci_le_ext_adv_report_evt()
6318 info->length)) in hci_le_ext_adv_report_evt()
6321 evt_type = __le16_to_cpu(info->type) & LE_EXT_ADV_EVT_TYPE_MASK; in hci_le_ext_adv_report_evt()
6324 process_adv_report(hdev, legacy_evt_type, &info->bdaddr, in hci_le_ext_adv_report_evt()
6325 info->bdaddr_type, NULL, 0, in hci_le_ext_adv_report_evt()
6326 info->rssi, info->data, info->length, in hci_le_ext_adv_report_evt()
6349 int mask = hdev->link_mode; in hci_le_pa_sync_estabilished_evt()
6353 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_le_pa_sync_estabilished_evt()
6359 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ISO_LINK, &flags); in hci_le_pa_sync_estabilished_evt()
6361 hci_le_pa_term_sync(hdev, ev->handle); in hci_le_pa_sync_estabilished_evt()
6368 if (ev->status) { in hci_le_pa_sync_estabilished_evt()
6376 set_bit(HCI_CONN_PA_SYNC_FAILED, &pa_sync->flags); in hci_le_pa_sync_estabilished_evt()
6379 hci_connect_cfm(pa_sync, ev->status); in hci_le_pa_sync_estabilished_evt()
6390 int mask = hdev->link_mode; in hci_le_per_adv_report_evt()
6393 bt_dev_dbg(hdev, "sync_handle 0x%4.4x", le16_to_cpu(ev->sync_handle)); in hci_le_per_adv_report_evt()
6399 hci_le_pa_term_sync(hdev, ev->sync_handle); in hci_le_per_adv_report_evt()
6410 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_le_remote_feat_complete_evt()
6414 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_le_remote_feat_complete_evt()
6416 if (!ev->status) in hci_le_remote_feat_complete_evt()
6417 memcpy(conn->features[0], ev->features, 8); in hci_le_remote_feat_complete_evt()
6419 if (conn->state == BT_CONFIG) { in hci_le_remote_feat_complete_evt()
6422 /* If the local controller supports peripheral-initiated in hci_le_remote_feat_complete_evt()
6431 if (!conn->out && ev->status == HCI_ERROR_UNSUPPORTED_REMOTE_FEATURE && in hci_le_remote_feat_complete_evt()
6432 (hdev->le_features[0] & HCI_LE_PERIPHERAL_FEATURES)) in hci_le_remote_feat_complete_evt()
6435 status = ev->status; in hci_le_remote_feat_complete_evt()
6437 conn->state = BT_CONNECTED; in hci_le_remote_feat_complete_evt()
6455 bt_dev_dbg(hdev, "handle 0x%4.4x", __le16_to_cpu(ev->handle)); in hci_le_ltk_request_evt()
6459 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_le_ltk_request_evt()
6463 ltk = hci_find_ltk(hdev, &conn->dst, conn->dst_type, conn->role); in hci_le_ltk_request_evt()
6469 if (ev->ediv || ev->rand) in hci_le_ltk_request_evt()
6472 /* For non-SC keys check that EDiv and Rand match */ in hci_le_ltk_request_evt()
6473 if (ev->ediv != ltk->ediv || ev->rand != ltk->rand) in hci_le_ltk_request_evt()
6477 memcpy(cp.ltk, ltk->val, ltk->enc_size); in hci_le_ltk_request_evt()
6478 memset(cp.ltk + ltk->enc_size, 0, sizeof(cp.ltk) - ltk->enc_size); in hci_le_ltk_request_evt()
6479 cp.handle = cpu_to_le16(conn->handle); in hci_le_ltk_request_evt()
6481 conn->pending_sec_level = smp_ltk_sec_level(ltk); in hci_le_ltk_request_evt()
6483 conn->enc_key_size = ltk->enc_size; in hci_le_ltk_request_evt()
6490 * distribute the keys. Later, security can be re-established in hci_le_ltk_request_evt()
6493 if (ltk->type == SMP_STK) { in hci_le_ltk_request_evt()
6494 set_bit(HCI_CONN_STK_ENCRYPT, &conn->flags); in hci_le_ltk_request_evt()
6495 list_del_rcu(<k->list); in hci_le_ltk_request_evt()
6498 clear_bit(HCI_CONN_STK_ENCRYPT, &conn->flags); in hci_le_ltk_request_evt()
6506 neg.handle = ev->handle; in hci_le_ltk_request_evt()
6531 bt_dev_dbg(hdev, "handle 0x%4.4x", __le16_to_cpu(ev->handle)); in hci_le_remote_conn_param_req_evt()
6533 handle = le16_to_cpu(ev->handle); in hci_le_remote_conn_param_req_evt()
6534 min = le16_to_cpu(ev->interval_min); in hci_le_remote_conn_param_req_evt()
6535 max = le16_to_cpu(ev->interval_max); in hci_le_remote_conn_param_req_evt()
6536 latency = le16_to_cpu(ev->latency); in hci_le_remote_conn_param_req_evt()
6537 timeout = le16_to_cpu(ev->timeout); in hci_le_remote_conn_param_req_evt()
6540 if (!hcon || hcon->state != BT_CONNECTED) in hci_le_remote_conn_param_req_evt()
6544 if (max > hcon->le_conn_max_interval) in hci_le_remote_conn_param_req_evt()
6552 if (hcon->role == HCI_ROLE_MASTER) { in hci_le_remote_conn_param_req_evt()
6558 params = hci_conn_params_lookup(hdev, &hcon->dst, in hci_le_remote_conn_param_req_evt()
6559 hcon->dst_type); in hci_le_remote_conn_param_req_evt()
6561 params->conn_min_interval = min; in hci_le_remote_conn_param_req_evt()
6562 params->conn_max_interval = max; in hci_le_remote_conn_param_req_evt()
6563 params->conn_latency = latency; in hci_le_remote_conn_param_req_evt()
6564 params->supervision_timeout = timeout; in hci_le_remote_conn_param_req_evt()
6572 mgmt_new_conn_param(hdev, &hcon->dst, hcon->dst_type, in hci_le_remote_conn_param_req_evt()
6576 cp.handle = ev->handle; in hci_le_remote_conn_param_req_evt()
6577 cp.interval_min = ev->interval_min; in hci_le_remote_conn_param_req_evt()
6578 cp.interval_max = ev->interval_max; in hci_le_remote_conn_param_req_evt()
6579 cp.latency = ev->latency; in hci_le_remote_conn_param_req_evt()
6580 cp.timeout = ev->timeout; in hci_le_remote_conn_param_req_evt()
6595 flex_array_size(ev, info, ev->num))) in hci_le_direct_adv_report_evt()
6598 if (!ev->num) in hci_le_direct_adv_report_evt()
6603 for (i = 0; i < ev->num; i++) { in hci_le_direct_adv_report_evt()
6604 struct hci_ev_le_direct_adv_info *info = &ev->info[i]; in hci_le_direct_adv_report_evt()
6606 process_adv_report(hdev, info->type, &info->bdaddr, in hci_le_direct_adv_report_evt()
6607 info->bdaddr_type, &info->direct_addr, in hci_le_direct_adv_report_evt()
6608 info->direct_addr_type, info->rssi, NULL, 0, in hci_le_direct_adv_report_evt()
6621 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_le_phy_update_evt()
6623 if (ev->status) in hci_le_phy_update_evt()
6628 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_le_phy_update_evt()
6632 conn->le_tx_phy = ev->tx_phy; in hci_le_phy_update_evt()
6633 conn->le_rx_phy = ev->rx_phy; in hci_le_phy_update_evt()
6646 u16 handle = __le16_to_cpu(ev->handle); in hci_le_cis_estabilished_evt()
6649 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_le_cis_estabilished_evt()
6661 if (conn->type != ISO_LINK) { in hci_le_cis_estabilished_evt()
6668 qos = &conn->iso_qos; in hci_le_cis_estabilished_evt()
6670 pending = test_and_clear_bit(HCI_CONN_CREATE_CIS, &conn->flags); in hci_le_cis_estabilished_evt()
6677 * SDU_Interval = (CIG_Sync_Delay + (FT) x ISO_Interval) - in hci_le_cis_estabilished_evt()
6680 c_sdu_interval = (get_unaligned_le24(ev->cig_sync_delay) + in hci_le_cis_estabilished_evt()
6681 (ev->c_ft * le16_to_cpu(ev->interval) * 1250)) - in hci_le_cis_estabilished_evt()
6682 get_unaligned_le24(ev->c_latency); in hci_le_cis_estabilished_evt()
6683 p_sdu_interval = (get_unaligned_le24(ev->cig_sync_delay) + in hci_le_cis_estabilished_evt()
6684 (ev->p_ft * le16_to_cpu(ev->interval) * 1250)) - in hci_le_cis_estabilished_evt()
6685 get_unaligned_le24(ev->p_latency); in hci_le_cis_estabilished_evt()
6687 switch (conn->role) { in hci_le_cis_estabilished_evt()
6689 qos->ucast.in.interval = c_sdu_interval; in hci_le_cis_estabilished_evt()
6690 qos->ucast.out.interval = p_sdu_interval; in hci_le_cis_estabilished_evt()
6692 qos->ucast.in.latency = in hci_le_cis_estabilished_evt()
6693 DIV_ROUND_CLOSEST(get_unaligned_le24(ev->c_latency), in hci_le_cis_estabilished_evt()
6695 qos->ucast.out.latency = in hci_le_cis_estabilished_evt()
6696 DIV_ROUND_CLOSEST(get_unaligned_le24(ev->p_latency), in hci_le_cis_estabilished_evt()
6698 qos->ucast.in.sdu = le16_to_cpu(ev->c_mtu); in hci_le_cis_estabilished_evt()
6699 qos->ucast.out.sdu = le16_to_cpu(ev->p_mtu); in hci_le_cis_estabilished_evt()
6700 qos->ucast.in.phy = ev->c_phy; in hci_le_cis_estabilished_evt()
6701 qos->ucast.out.phy = ev->p_phy; in hci_le_cis_estabilished_evt()
6704 qos->ucast.in.interval = p_sdu_interval; in hci_le_cis_estabilished_evt()
6705 qos->ucast.out.interval = c_sdu_interval; in hci_le_cis_estabilished_evt()
6707 qos->ucast.out.latency = in hci_le_cis_estabilished_evt()
6708 DIV_ROUND_CLOSEST(get_unaligned_le24(ev->c_latency), in hci_le_cis_estabilished_evt()
6710 qos->ucast.in.latency = in hci_le_cis_estabilished_evt()
6711 DIV_ROUND_CLOSEST(get_unaligned_le24(ev->p_latency), in hci_le_cis_estabilished_evt()
6713 qos->ucast.out.sdu = le16_to_cpu(ev->c_mtu); in hci_le_cis_estabilished_evt()
6714 qos->ucast.in.sdu = le16_to_cpu(ev->p_mtu); in hci_le_cis_estabilished_evt()
6715 qos->ucast.out.phy = ev->c_phy; in hci_le_cis_estabilished_evt()
6716 qos->ucast.in.phy = ev->p_phy; in hci_le_cis_estabilished_evt()
6720 if (!ev->status) { in hci_le_cis_estabilished_evt()
6721 conn->state = BT_CONNECTED; in hci_le_cis_estabilished_evt()
6728 conn->state = BT_CLOSED; in hci_le_cis_estabilished_evt()
6729 hci_connect_cfm(conn, ev->status); in hci_le_cis_estabilished_evt()
6767 acl_handle = __le16_to_cpu(ev->acl_handle); in hci_le_cis_req_evt()
6768 cis_handle = __le16_to_cpu(ev->cis_handle); in hci_le_cis_req_evt()
6771 acl_handle, cis_handle, ev->cig_id, ev->cis_id); in hci_le_cis_req_evt()
6779 mask = hci_proto_connect_ind(hdev, &acl->dst, ISO_LINK, &flags); in hci_le_cis_req_evt()
6781 hci_le_reject_cis(hdev, ev->cis_handle); in hci_le_cis_req_evt()
6787 cis = hci_conn_add(hdev, ISO_LINK, &acl->dst, HCI_ROLE_SLAVE, in hci_le_cis_req_evt()
6790 hci_le_reject_cis(hdev, ev->cis_handle); in hci_le_cis_req_evt()
6795 cis->iso_qos.ucast.cig = ev->cig_id; in hci_le_cis_req_evt()
6796 cis->iso_qos.ucast.cis = ev->cis_id; in hci_le_cis_req_evt()
6799 hci_le_accept_cis(hdev, ev->cis_handle); in hci_le_cis_req_evt()
6801 cis->state = BT_CONNECT2; in hci_le_cis_req_evt()
6824 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); in hci_le_create_big_complete_evt()
6827 flex_array_size(ev, bis_handle, ev->num_bis))) in hci_le_create_big_complete_evt()
6833 while ((conn = hci_conn_hash_lookup_big_state(hdev, ev->handle, in hci_le_create_big_complete_evt()
6835 if (ev->status) { in hci_le_create_big_complete_evt()
6836 hci_connect_cfm(conn, ev->status); in hci_le_create_big_complete_evt()
6842 __le16_to_cpu(ev->bis_handle[i++]))) in hci_le_create_big_complete_evt()
6845 conn->state = BT_CONNECTED; in hci_le_create_big_complete_evt()
6846 set_bit(HCI_CONN_BIG_CREATED, &conn->flags); in hci_le_create_big_complete_evt()
6852 if (!ev->status && !i) in hci_le_create_big_complete_evt()
6859 UINT_PTR(ev->handle), NULL); in hci_le_create_big_complete_evt()
6872 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); in hci_le_big_sync_established_evt()
6875 flex_array_size(ev, bis, ev->num_bis))) in hci_le_big_sync_established_evt()
6880 if (!ev->status) { in hci_le_big_sync_established_evt()
6881 pa_sync = hci_conn_hash_lookup_pa_sync_big_handle(hdev, ev->handle); in hci_le_big_sync_established_evt()
6886 set_bit(HCI_CONN_BIG_SYNC, &pa_sync->flags); in hci_le_big_sync_established_evt()
6889 for (i = 0; i < ev->num_bis; i++) { in hci_le_big_sync_established_evt()
6890 u16 handle = le16_to_cpu(ev->bis[i]); in hci_le_big_sync_established_evt()
6905 if (ev->status != 0x42) in hci_le_big_sync_established_evt()
6907 set_bit(HCI_CONN_PA_SYNC, &bis->flags); in hci_le_big_sync_established_evt()
6909 bis->iso_qos.bcast.big = ev->handle; in hci_le_big_sync_established_evt()
6911 memcpy(&interval, ev->latency, sizeof(ev->latency)); in hci_le_big_sync_established_evt()
6912 bis->iso_qos.bcast.in.interval = le32_to_cpu(interval); in hci_le_big_sync_established_evt()
6914 bis->iso_qos.bcast.in.latency = le16_to_cpu(ev->interval) * 125 / 100; in hci_le_big_sync_established_evt()
6915 bis->iso_qos.bcast.in.sdu = le16_to_cpu(ev->max_pdu); in hci_le_big_sync_established_evt()
6917 if (!ev->status) { in hci_le_big_sync_established_evt()
6918 set_bit(HCI_CONN_BIG_SYNC, &bis->flags); in hci_le_big_sync_established_evt()
6926 if (ev->status) in hci_le_big_sync_established_evt()
6927 for (i = 0; i < ev->num_bis; i++) { in hci_le_big_sync_established_evt()
6928 u16 handle = le16_to_cpu(ev->bis[i]); in hci_le_big_sync_established_evt()
6934 set_bit(HCI_CONN_BIG_SYNC_FAILED, &bis->flags); in hci_le_big_sync_established_evt()
6935 hci_connect_cfm(bis, ev->status); in hci_le_big_sync_established_evt()
6945 int mask = hdev->link_mode; in hci_le_big_info_adv_report_evt()
6949 bt_dev_dbg(hdev, "sync_handle 0x%4.4x", le16_to_cpu(ev->sync_handle)); in hci_le_big_info_adv_report_evt()
6955 hci_le_pa_term_sync(hdev, ev->sync_handle); in hci_le_big_info_adv_report_evt()
6964 le16_to_cpu(ev->sync_handle)); in hci_le_big_info_adv_report_evt()
6976 pa_sync->sync_handle = le16_to_cpu(ev->sync_handle); in hci_le_big_info_adv_report_evt()
6977 set_bit(HCI_CONN_PA_SYNC, &pa_sync->flags); in hci_le_big_info_adv_report_evt()
7092 bt_dev_dbg(hdev, "subevent 0x%2.2x", ev->subevent); in hci_le_meta_evt()
7095 if (hdev->req_skb && in hci_le_meta_evt()
7096 hci_opcode_ogf(hci_skb_opcode(hdev->req_skb)) == 0x08 && in hci_le_meta_evt()
7097 hci_skb_event(hdev->req_skb) == ev->subevent) { in hci_le_meta_evt()
7098 *opcode = hci_skb_opcode(hdev->req_skb); in hci_le_meta_evt()
7103 subev = &hci_le_ev_table[ev->subevent]; in hci_le_meta_evt()
7104 if (!subev->func) in hci_le_meta_evt()
7107 if (skb->len < subev->min_len) { in hci_le_meta_evt()
7109 ev->subevent, skb->len, subev->min_len); in hci_le_meta_evt()
7117 if (skb->len > subev->max_len) in hci_le_meta_evt()
7119 ev->subevent, skb->len, subev->max_len); in hci_le_meta_evt()
7120 data = hci_le_ev_skb_pull(hdev, skb, ev->subevent, subev->min_len); in hci_le_meta_evt()
7124 subev->func(hdev, data, skb); in hci_le_meta_evt()
7141 if (hdr->evt != event) in hci_get_cmd_complete()
7146 /* Check if request ended in Command Status - no way to retrieve in hci_get_cmd_complete()
7147 * any extra parameters in this case. in hci_get_cmd_complete()
7149 if (hdr->evt == HCI_EV_CMD_STATUS) in hci_get_cmd_complete()
7152 if (hdr->evt != HCI_EV_CMD_COMPLETE) { in hci_get_cmd_complete()
7154 hdr->evt); in hci_get_cmd_complete()
7162 if (opcode != __le16_to_cpu(ev->opcode)) { in hci_get_cmd_complete()
7164 __le16_to_cpu(ev->opcode)); in hci_get_cmd_complete()
7174 struct hci_ev_le_advertising_info *adv; in hci_store_wake_reason() local
7177 const struct hci_ev_conn_complete *conn_complete = (void *)skb->data; in hci_store_wake_reason()
7178 const struct hci_ev_conn_request *conn_request = (void *)skb->data; in hci_store_wake_reason()
7185 if (!hdev->suspended || hdev->wake_reason) in hci_store_wake_reason()
7191 hdev->wake_reason = MGMT_WAKE_REASON_REMOTE_WAKE; in hci_store_wake_reason()
7198 bacpy(&hdev->wake_addr, &conn_request->bdaddr); in hci_store_wake_reason()
7199 hdev->wake_addr_type = BDADDR_BREDR; in hci_store_wake_reason()
7201 bacpy(&hdev->wake_addr, &conn_complete->bdaddr); in hci_store_wake_reason()
7202 hdev->wake_addr_type = BDADDR_BREDR; in hci_store_wake_reason()
7204 struct hci_ev_le_meta *le_ev = (void *)skb->data; in hci_store_wake_reason()
7205 u8 subevent = le_ev->subevent; in hci_store_wake_reason()
7206 u8 *ptr = &skb->data[sizeof(*le_ev)]; in hci_store_wake_reason()
7213 adv = (void *)(ptr + 1); in hci_store_wake_reason()
7219 bacpy(&hdev->wake_addr, &adv->bdaddr); in hci_store_wake_reason()
7220 hdev->wake_addr_type = adv->bdaddr_type; in hci_store_wake_reason()
7223 bacpy(&hdev->wake_addr, &direct_adv->bdaddr); in hci_store_wake_reason()
7224 hdev->wake_addr_type = direct_adv->bdaddr_type; in hci_store_wake_reason()
7227 bacpy(&hdev->wake_addr, &ext_adv->bdaddr); in hci_store_wake_reason()
7228 hdev->wake_addr_type = ext_adv->bdaddr_type; in hci_store_wake_reason()
7233 hdev->wake_reason = MGMT_WAKE_REASON_UNEXPECTED; in hci_store_wake_reason()
7409 if (!ev->func) in hci_event_func()
7412 if (skb->len < ev->min_len) { in hci_event_func()
7414 event, skb->len, ev->min_len); in hci_event_func()
7422 if (skb->len > ev->max_len) in hci_event_func()
7425 event, skb->len, ev->max_len); in hci_event_func()
7427 data = hci_ev_skb_pull(hdev, skb, event, ev->min_len); in hci_event_func()
7431 if (ev->req) in hci_event_func()
7432 ev->func_req(hdev, data, skb, opcode, status, req_complete, in hci_event_func()
7435 ev->func(hdev, data, skb); in hci_event_func()
7440 struct hci_event_hdr *hdr = (void *) skb->data; in hci_event_packet()
7447 if (skb->len < sizeof(*hdr)) { in hci_event_packet()
7452 kfree_skb(hdev->recv_event); in hci_event_packet()
7453 hdev->recv_event = skb_clone(skb, GFP_KERNEL); in hci_event_packet()
7455 event = hdr->evt; in hci_event_packet()
7463 if (hdev->req_skb && in hci_event_packet()
7464 hci_opcode_ogf(hci_skb_opcode(hdev->req_skb)) != 0x08 && in hci_event_packet()
7465 hci_skb_event(hdev->req_skb) == event) { in hci_event_packet()
7466 hci_req_cmd_complete(hdev, hci_skb_opcode(hdev->req_skb), in hci_event_packet()
7503 hdev->stat.evt_rx++; in hci_event_packet()