Lines Matching +full:adv +full:- +full:extra +full:- +full:delay
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
50 __u8 status = *((__u8 *) skb->data); in hci_cc_inquiry_cancel()
52 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_inquiry_cancel()
61 if (status == 0x0c && !test_bit(HCI_INQUIRY, &hdev->flags)) { in hci_cc_inquiry_cancel()
71 clear_bit(HCI_INQUIRY, &hdev->flags); in hci_cc_inquiry_cancel()
73 wake_up_bit(&hdev->flags, HCI_INQUIRY); in hci_cc_inquiry_cancel()
80 hdev->le_scan_type != LE_SCAN_ACTIVE) in hci_cc_inquiry_cancel()
89 __u8 status = *((__u8 *) skb->data); in hci_cc_periodic_inq()
91 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_periodic_inq()
101 __u8 status = *((__u8 *) skb->data); in hci_cc_exit_periodic_inq()
103 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_exit_periodic_inq()
116 BT_DBG("%s", hdev->name); in hci_cc_remote_name_req_cancel()
121 struct hci_rp_role_discovery *rp = (void *) skb->data; in hci_cc_role_discovery()
124 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_role_discovery()
126 if (rp->status) in hci_cc_role_discovery()
131 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); in hci_cc_role_discovery()
133 conn->role = rp->role; in hci_cc_role_discovery()
140 struct hci_rp_read_link_policy *rp = (void *) skb->data; in hci_cc_read_link_policy()
143 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_link_policy()
145 if (rp->status) in hci_cc_read_link_policy()
150 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); in hci_cc_read_link_policy()
152 conn->link_policy = __le16_to_cpu(rp->policy); in hci_cc_read_link_policy()
159 struct hci_rp_write_link_policy *rp = (void *) skb->data; in hci_cc_write_link_policy()
163 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_write_link_policy()
165 if (rp->status) in hci_cc_write_link_policy()
174 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); in hci_cc_write_link_policy()
176 conn->link_policy = get_unaligned_le16(sent + 2); in hci_cc_write_link_policy()
184 struct hci_rp_read_def_link_policy *rp = (void *) skb->data; in hci_cc_read_def_link_policy()
186 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_def_link_policy()
188 if (rp->status) in hci_cc_read_def_link_policy()
191 hdev->link_policy = __le16_to_cpu(rp->policy); in hci_cc_read_def_link_policy()
197 __u8 status = *((__u8 *) skb->data); in hci_cc_write_def_link_policy()
200 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_write_def_link_policy()
209 hdev->link_policy = get_unaligned_le16(sent); in hci_cc_write_def_link_policy()
214 __u8 status = *((__u8 *) skb->data); in hci_cc_reset()
216 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_reset()
218 clear_bit(HCI_RESET, &hdev->flags); in hci_cc_reset()
223 /* Reset all non-persistent flags */ in hci_cc_reset()
228 hdev->inq_tx_power = HCI_TX_POWER_INVALID; in hci_cc_reset()
229 hdev->adv_tx_power = HCI_TX_POWER_INVALID; in hci_cc_reset()
231 memset(hdev->adv_data, 0, sizeof(hdev->adv_data)); in hci_cc_reset()
232 hdev->adv_data_len = 0; in hci_cc_reset()
234 memset(hdev->scan_rsp_data, 0, sizeof(hdev->scan_rsp_data)); in hci_cc_reset()
235 hdev->scan_rsp_data_len = 0; in hci_cc_reset()
237 hdev->le_scan_type = LE_SCAN_PASSIVE; in hci_cc_reset()
239 hdev->ssp_debug_mode = 0; in hci_cc_reset()
241 hci_bdaddr_list_clear(&hdev->le_accept_list); in hci_cc_reset()
242 hci_bdaddr_list_clear(&hdev->le_resolv_list); in hci_cc_reset()
248 struct hci_rp_read_stored_link_key *rp = (void *)skb->data; in hci_cc_read_stored_link_key()
251 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_stored_link_key()
257 if (!rp->status && sent->read_all == 0x01) { in hci_cc_read_stored_link_key()
258 hdev->stored_max_keys = rp->max_keys; in hci_cc_read_stored_link_key()
259 hdev->stored_num_keys = rp->num_keys; in hci_cc_read_stored_link_key()
266 struct hci_rp_delete_stored_link_key *rp = (void *)skb->data; in hci_cc_delete_stored_link_key()
268 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_delete_stored_link_key()
270 if (rp->status) in hci_cc_delete_stored_link_key()
273 if (rp->num_keys <= hdev->stored_num_keys) in hci_cc_delete_stored_link_key()
274 hdev->stored_num_keys -= rp->num_keys; in hci_cc_delete_stored_link_key()
276 hdev->stored_num_keys = 0; in hci_cc_delete_stored_link_key()
281 __u8 status = *((__u8 *) skb->data); in hci_cc_write_local_name()
284 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_write_local_name()
295 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH); in hci_cc_write_local_name()
302 struct hci_rp_read_local_name *rp = (void *) skb->data; in hci_cc_read_local_name()
304 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_local_name()
306 if (rp->status) in hci_cc_read_local_name()
311 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH); in hci_cc_read_local_name()
316 __u8 status = *((__u8 *) skb->data); in hci_cc_write_auth_enable()
319 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_write_auth_enable()
331 set_bit(HCI_AUTH, &hdev->flags); in hci_cc_write_auth_enable()
333 clear_bit(HCI_AUTH, &hdev->flags); in hci_cc_write_auth_enable()
344 __u8 status = *((__u8 *) skb->data); in hci_cc_write_encrypt_mode()
348 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_write_encrypt_mode()
360 set_bit(HCI_ENCRYPT, &hdev->flags); in hci_cc_write_encrypt_mode()
362 clear_bit(HCI_ENCRYPT, &hdev->flags); in hci_cc_write_encrypt_mode()
367 __u8 status = *((__u8 *) skb->data); in hci_cc_write_scan_enable()
371 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_write_scan_enable()
382 hdev->discov_timeout = 0; in hci_cc_write_scan_enable()
387 set_bit(HCI_ISCAN, &hdev->flags); in hci_cc_write_scan_enable()
389 clear_bit(HCI_ISCAN, &hdev->flags); in hci_cc_write_scan_enable()
392 set_bit(HCI_PSCAN, &hdev->flags); in hci_cc_write_scan_enable()
394 clear_bit(HCI_PSCAN, &hdev->flags); in hci_cc_write_scan_enable()
402 struct hci_rp_read_class_of_dev *rp = (void *) skb->data; in hci_cc_read_class_of_dev()
404 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_class_of_dev()
406 if (rp->status) in hci_cc_read_class_of_dev()
409 memcpy(hdev->dev_class, rp->dev_class, 3); in hci_cc_read_class_of_dev()
411 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name, in hci_cc_read_class_of_dev()
412 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]); in hci_cc_read_class_of_dev()
417 __u8 status = *((__u8 *) skb->data); in hci_cc_write_class_of_dev()
420 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_write_class_of_dev()
429 memcpy(hdev->dev_class, sent, 3); in hci_cc_write_class_of_dev()
439 struct hci_rp_read_voice_setting *rp = (void *) skb->data; in hci_cc_read_voice_setting()
442 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_voice_setting()
444 if (rp->status) in hci_cc_read_voice_setting()
447 setting = __le16_to_cpu(rp->voice_setting); in hci_cc_read_voice_setting()
449 if (hdev->voice_setting == setting) in hci_cc_read_voice_setting()
452 hdev->voice_setting = setting; in hci_cc_read_voice_setting()
454 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting); in hci_cc_read_voice_setting()
456 if (hdev->notify) in hci_cc_read_voice_setting()
457 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING); in hci_cc_read_voice_setting()
463 __u8 status = *((__u8 *) skb->data); in hci_cc_write_voice_setting()
467 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_write_voice_setting()
478 if (hdev->voice_setting == setting) in hci_cc_write_voice_setting()
481 hdev->voice_setting = setting; in hci_cc_write_voice_setting()
483 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting); in hci_cc_write_voice_setting()
485 if (hdev->notify) in hci_cc_write_voice_setting()
486 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING); in hci_cc_write_voice_setting()
492 struct hci_rp_read_num_supported_iac *rp = (void *) skb->data; in hci_cc_read_num_supported_iac()
494 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_num_supported_iac()
496 if (rp->status) in hci_cc_read_num_supported_iac()
499 hdev->num_iac = rp->num_iac; in hci_cc_read_num_supported_iac()
501 BT_DBG("%s num iac %d", hdev->name, hdev->num_iac); in hci_cc_read_num_supported_iac()
506 __u8 status = *((__u8 *) skb->data); in hci_cc_write_ssp_mode()
509 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_write_ssp_mode()
518 if (sent->mode) in hci_cc_write_ssp_mode()
519 hdev->features[1][0] |= LMP_HOST_SSP; in hci_cc_write_ssp_mode()
521 hdev->features[1][0] &= ~LMP_HOST_SSP; in hci_cc_write_ssp_mode()
525 mgmt_ssp_enable_complete(hdev, sent->mode, status); in hci_cc_write_ssp_mode()
527 if (sent->mode) in hci_cc_write_ssp_mode()
538 u8 status = *((u8 *) skb->data); in hci_cc_write_sc_support()
541 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_write_sc_support()
550 if (sent->support) in hci_cc_write_sc_support()
551 hdev->features[1][0] |= LMP_HOST_SC; in hci_cc_write_sc_support()
553 hdev->features[1][0] &= ~LMP_HOST_SC; in hci_cc_write_sc_support()
557 if (sent->support) in hci_cc_write_sc_support()
568 struct hci_rp_read_local_version *rp = (void *) skb->data; in hci_cc_read_local_version()
570 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_local_version()
572 if (rp->status) in hci_cc_read_local_version()
577 hdev->hci_ver = rp->hci_ver; in hci_cc_read_local_version()
578 hdev->hci_rev = __le16_to_cpu(rp->hci_rev); in hci_cc_read_local_version()
579 hdev->lmp_ver = rp->lmp_ver; in hci_cc_read_local_version()
580 hdev->manufacturer = __le16_to_cpu(rp->manufacturer); in hci_cc_read_local_version()
581 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver); in hci_cc_read_local_version()
588 struct hci_rp_read_local_commands *rp = (void *) skb->data; in hci_cc_read_local_commands()
590 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_local_commands()
592 if (rp->status) in hci_cc_read_local_commands()
597 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands)); in hci_cc_read_local_commands()
603 struct hci_rp_read_auth_payload_to *rp = (void *)skb->data; in hci_cc_read_auth_payload_timeout()
606 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_auth_payload_timeout()
608 if (rp->status) in hci_cc_read_auth_payload_timeout()
613 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); in hci_cc_read_auth_payload_timeout()
615 conn->auth_payload_timeout = __le16_to_cpu(rp->timeout); in hci_cc_read_auth_payload_timeout()
623 struct hci_rp_write_auth_payload_to *rp = (void *)skb->data; in hci_cc_write_auth_payload_timeout()
627 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_write_auth_payload_timeout()
629 if (rp->status) in hci_cc_write_auth_payload_timeout()
638 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); in hci_cc_write_auth_payload_timeout()
640 conn->auth_payload_timeout = get_unaligned_le16(sent + 2); in hci_cc_write_auth_payload_timeout()
648 struct hci_rp_read_local_features *rp = (void *) skb->data; in hci_cc_read_local_features()
650 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_local_features()
652 if (rp->status) in hci_cc_read_local_features()
655 memcpy(hdev->features, rp->features, 8); in hci_cc_read_local_features()
660 if (hdev->features[0][0] & LMP_3SLOT) in hci_cc_read_local_features()
661 hdev->pkt_type |= (HCI_DM3 | HCI_DH3); in hci_cc_read_local_features()
663 if (hdev->features[0][0] & LMP_5SLOT) in hci_cc_read_local_features()
664 hdev->pkt_type |= (HCI_DM5 | HCI_DH5); in hci_cc_read_local_features()
666 if (hdev->features[0][1] & LMP_HV2) { in hci_cc_read_local_features()
667 hdev->pkt_type |= (HCI_HV2); in hci_cc_read_local_features()
668 hdev->esco_type |= (ESCO_HV2); in hci_cc_read_local_features()
671 if (hdev->features[0][1] & LMP_HV3) { in hci_cc_read_local_features()
672 hdev->pkt_type |= (HCI_HV3); in hci_cc_read_local_features()
673 hdev->esco_type |= (ESCO_HV3); in hci_cc_read_local_features()
677 hdev->esco_type |= (ESCO_EV3); in hci_cc_read_local_features()
679 if (hdev->features[0][4] & LMP_EV4) in hci_cc_read_local_features()
680 hdev->esco_type |= (ESCO_EV4); in hci_cc_read_local_features()
682 if (hdev->features[0][4] & LMP_EV5) in hci_cc_read_local_features()
683 hdev->esco_type |= (ESCO_EV5); in hci_cc_read_local_features()
685 if (hdev->features[0][5] & LMP_EDR_ESCO_2M) in hci_cc_read_local_features()
686 hdev->esco_type |= (ESCO_2EV3); in hci_cc_read_local_features()
688 if (hdev->features[0][5] & LMP_EDR_ESCO_3M) in hci_cc_read_local_features()
689 hdev->esco_type |= (ESCO_3EV3); in hci_cc_read_local_features()
691 if (hdev->features[0][5] & LMP_EDR_3S_ESCO) in hci_cc_read_local_features()
692 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5); in hci_cc_read_local_features()
698 struct hci_rp_read_local_ext_features *rp = (void *) skb->data; in hci_cc_read_local_ext_features()
700 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_local_ext_features()
702 if (rp->status) in hci_cc_read_local_ext_features()
705 if (hdev->max_page < rp->max_page) in hci_cc_read_local_ext_features()
706 hdev->max_page = rp->max_page; in hci_cc_read_local_ext_features()
708 if (rp->page < HCI_MAX_PAGES) in hci_cc_read_local_ext_features()
709 memcpy(hdev->features[rp->page], rp->features, 8); in hci_cc_read_local_ext_features()
715 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data; in hci_cc_read_flow_control_mode()
717 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_flow_control_mode()
719 if (rp->status) in hci_cc_read_flow_control_mode()
722 hdev->flow_ctl_mode = rp->mode; in hci_cc_read_flow_control_mode()
727 struct hci_rp_read_buffer_size *rp = (void *) skb->data; in hci_cc_read_buffer_size()
729 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_buffer_size()
731 if (rp->status) in hci_cc_read_buffer_size()
734 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu); in hci_cc_read_buffer_size()
735 hdev->sco_mtu = rp->sco_mtu; in hci_cc_read_buffer_size()
736 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt); in hci_cc_read_buffer_size()
737 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt); in hci_cc_read_buffer_size()
739 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) { in hci_cc_read_buffer_size()
740 hdev->sco_mtu = 64; in hci_cc_read_buffer_size()
741 hdev->sco_pkts = 8; in hci_cc_read_buffer_size()
744 hdev->acl_cnt = hdev->acl_pkts; in hci_cc_read_buffer_size()
745 hdev->sco_cnt = hdev->sco_pkts; in hci_cc_read_buffer_size()
747 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu, in hci_cc_read_buffer_size()
748 hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts); in hci_cc_read_buffer_size()
753 struct hci_rp_read_bd_addr *rp = (void *) skb->data; in hci_cc_read_bd_addr()
755 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_bd_addr()
757 if (rp->status) in hci_cc_read_bd_addr()
760 if (test_bit(HCI_INIT, &hdev->flags)) in hci_cc_read_bd_addr()
761 bacpy(&hdev->bdaddr, &rp->bdaddr); in hci_cc_read_bd_addr()
764 bacpy(&hdev->setup_addr, &rp->bdaddr); in hci_cc_read_bd_addr()
770 struct hci_rp_read_local_pairing_opts *rp = (void *) skb->data; in hci_cc_read_local_pairing_opts()
772 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_local_pairing_opts()
774 if (rp->status) in hci_cc_read_local_pairing_opts()
779 hdev->pairing_opts = rp->pairing_opts; in hci_cc_read_local_pairing_opts()
780 hdev->max_enc_key_size = rp->max_key_size; in hci_cc_read_local_pairing_opts()
787 struct hci_rp_read_page_scan_activity *rp = (void *) skb->data; in hci_cc_read_page_scan_activity()
789 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_page_scan_activity()
791 if (rp->status) in hci_cc_read_page_scan_activity()
794 if (test_bit(HCI_INIT, &hdev->flags)) { in hci_cc_read_page_scan_activity()
795 hdev->page_scan_interval = __le16_to_cpu(rp->interval); in hci_cc_read_page_scan_activity()
796 hdev->page_scan_window = __le16_to_cpu(rp->window); in hci_cc_read_page_scan_activity()
803 u8 status = *((u8 *) skb->data); in hci_cc_write_page_scan_activity()
806 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_write_page_scan_activity()
815 hdev->page_scan_interval = __le16_to_cpu(sent->interval); in hci_cc_write_page_scan_activity()
816 hdev->page_scan_window = __le16_to_cpu(sent->window); in hci_cc_write_page_scan_activity()
822 struct hci_rp_read_page_scan_type *rp = (void *) skb->data; in hci_cc_read_page_scan_type()
824 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_page_scan_type()
826 if (rp->status) in hci_cc_read_page_scan_type()
829 if (test_bit(HCI_INIT, &hdev->flags)) in hci_cc_read_page_scan_type()
830 hdev->page_scan_type = rp->type; in hci_cc_read_page_scan_type()
836 u8 status = *((u8 *) skb->data); in hci_cc_write_page_scan_type()
839 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_write_page_scan_type()
846 hdev->page_scan_type = *type; in hci_cc_write_page_scan_type()
852 struct hci_rp_read_data_block_size *rp = (void *) skb->data; in hci_cc_read_data_block_size()
854 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_data_block_size()
856 if (rp->status) in hci_cc_read_data_block_size()
859 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len); in hci_cc_read_data_block_size()
860 hdev->block_len = __le16_to_cpu(rp->block_len); in hci_cc_read_data_block_size()
861 hdev->num_blocks = __le16_to_cpu(rp->num_blocks); in hci_cc_read_data_block_size()
863 hdev->block_cnt = hdev->num_blocks; in hci_cc_read_data_block_size()
865 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu, in hci_cc_read_data_block_size()
866 hdev->block_cnt, hdev->block_len); in hci_cc_read_data_block_size()
871 struct hci_rp_read_clock *rp = (void *) skb->data; in hci_cc_read_clock()
875 BT_DBG("%s", hdev->name); in hci_cc_read_clock()
877 if (skb->len < sizeof(*rp)) in hci_cc_read_clock()
880 if (rp->status) in hci_cc_read_clock()
889 if (cp->which == 0x00) { in hci_cc_read_clock()
890 hdev->clock = le32_to_cpu(rp->clock); in hci_cc_read_clock()
894 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); in hci_cc_read_clock()
896 conn->clock = le32_to_cpu(rp->clock); in hci_cc_read_clock()
897 conn->clock_accuracy = le16_to_cpu(rp->accuracy); in hci_cc_read_clock()
907 struct hci_rp_read_local_amp_info *rp = (void *) skb->data; in hci_cc_read_local_amp_info()
909 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_local_amp_info()
911 if (rp->status) in hci_cc_read_local_amp_info()
914 hdev->amp_status = rp->amp_status; in hci_cc_read_local_amp_info()
915 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw); in hci_cc_read_local_amp_info()
916 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw); in hci_cc_read_local_amp_info()
917 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency); in hci_cc_read_local_amp_info()
918 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu); in hci_cc_read_local_amp_info()
919 hdev->amp_type = rp->amp_type; in hci_cc_read_local_amp_info()
920 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap); in hci_cc_read_local_amp_info()
921 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size); in hci_cc_read_local_amp_info()
922 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to); in hci_cc_read_local_amp_info()
923 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to); in hci_cc_read_local_amp_info()
929 struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data; in hci_cc_read_inq_rsp_tx_power()
931 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_inq_rsp_tx_power()
933 if (rp->status) in hci_cc_read_inq_rsp_tx_power()
936 hdev->inq_tx_power = rp->tx_power; in hci_cc_read_inq_rsp_tx_power()
942 struct hci_rp_read_def_err_data_reporting *rp = (void *)skb->data; in hci_cc_read_def_err_data_reporting()
944 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_def_err_data_reporting()
946 if (rp->status) in hci_cc_read_def_err_data_reporting()
949 hdev->err_data_reporting = rp->err_data_reporting; in hci_cc_read_def_err_data_reporting()
955 __u8 status = *((__u8 *)skb->data); in hci_cc_write_def_err_data_reporting()
958 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_write_def_err_data_reporting()
967 hdev->err_data_reporting = cp->err_data_reporting; in hci_cc_write_def_err_data_reporting()
972 struct hci_rp_pin_code_reply *rp = (void *) skb->data; in hci_cc_pin_code_reply()
976 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_pin_code_reply()
981 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status); in hci_cc_pin_code_reply()
983 if (rp->status) in hci_cc_pin_code_reply()
990 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); in hci_cc_pin_code_reply()
992 conn->pin_length = cp->pin_len; in hci_cc_pin_code_reply()
1000 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data; in hci_cc_pin_code_neg_reply()
1002 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_pin_code_neg_reply()
1007 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr, in hci_cc_pin_code_neg_reply()
1008 rp->status); in hci_cc_pin_code_neg_reply()
1016 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data; in hci_cc_le_read_buffer_size()
1018 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_le_read_buffer_size()
1020 if (rp->status) in hci_cc_le_read_buffer_size()
1023 hdev->le_mtu = __le16_to_cpu(rp->le_mtu); in hci_cc_le_read_buffer_size()
1024 hdev->le_pkts = rp->le_max_pkt; in hci_cc_le_read_buffer_size()
1026 hdev->le_cnt = hdev->le_pkts; in hci_cc_le_read_buffer_size()
1028 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts); in hci_cc_le_read_buffer_size()
1034 struct hci_rp_le_read_local_features *rp = (void *) skb->data; in hci_cc_le_read_local_features()
1036 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_le_read_local_features()
1038 if (rp->status) in hci_cc_le_read_local_features()
1041 memcpy(hdev->le_features, rp->features, 8); in hci_cc_le_read_local_features()
1047 struct hci_rp_le_read_adv_tx_power *rp = (void *) skb->data; in hci_cc_le_read_adv_tx_power()
1049 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_le_read_adv_tx_power()
1051 if (rp->status) in hci_cc_le_read_adv_tx_power()
1054 hdev->adv_tx_power = rp->tx_power; in hci_cc_le_read_adv_tx_power()
1059 struct hci_rp_user_confirm_reply *rp = (void *) skb->data; in hci_cc_user_confirm_reply()
1061 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_user_confirm_reply()
1066 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0, in hci_cc_user_confirm_reply()
1067 rp->status); in hci_cc_user_confirm_reply()
1075 struct hci_rp_user_confirm_reply *rp = (void *) skb->data; in hci_cc_user_confirm_neg_reply()
1077 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_user_confirm_neg_reply()
1082 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr, in hci_cc_user_confirm_neg_reply()
1083 ACL_LINK, 0, rp->status); in hci_cc_user_confirm_neg_reply()
1090 struct hci_rp_user_confirm_reply *rp = (void *) skb->data; in hci_cc_user_passkey_reply()
1092 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_user_passkey_reply()
1097 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK, in hci_cc_user_passkey_reply()
1098 0, rp->status); in hci_cc_user_passkey_reply()
1106 struct hci_rp_user_confirm_reply *rp = (void *) skb->data; in hci_cc_user_passkey_neg_reply()
1108 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_user_passkey_neg_reply()
1113 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr, in hci_cc_user_passkey_neg_reply()
1114 ACL_LINK, 0, rp->status); in hci_cc_user_passkey_neg_reply()
1122 struct hci_rp_read_local_oob_data *rp = (void *) skb->data; in hci_cc_read_local_oob_data()
1124 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_local_oob_data()
1130 struct hci_rp_read_local_oob_ext_data *rp = (void *) skb->data; in hci_cc_read_local_oob_ext_data()
1132 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_local_oob_ext_data()
1137 __u8 status = *((__u8 *) skb->data); in hci_cc_le_set_random_addr()
1140 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_le_set_random_addr()
1151 bacpy(&hdev->random_addr, sent); in hci_cc_le_set_random_addr()
1158 __u8 status = *((__u8 *) skb->data); in hci_cc_le_set_default_phy()
1161 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_le_set_default_phy()
1172 hdev->le_tx_def_phys = cp->tx_phys; in hci_cc_le_set_default_phy()
1173 hdev->le_rx_def_phys = cp->rx_phys; in hci_cc_le_set_default_phy()
1181 __u8 status = *((__u8 *) skb->data); in hci_cc_le_set_adv_set_random_addr()
1194 if (!hdev->cur_adv_instance) { in hci_cc_le_set_adv_set_random_addr()
1195 /* Store in hdev for instance 0 (Set adv and Directed advs) */ in hci_cc_le_set_adv_set_random_addr()
1196 bacpy(&hdev->random_addr, &cp->bdaddr); in hci_cc_le_set_adv_set_random_addr()
1199 hdev->cur_adv_instance); in hci_cc_le_set_adv_set_random_addr()
1201 bacpy(&adv_instance->random_addr, &cp->bdaddr); in hci_cc_le_set_adv_set_random_addr()
1209 __u8 *sent, status = *((__u8 *) skb->data); in hci_cc_le_set_adv_enable()
1211 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_le_set_adv_enable()
1232 queue_delayed_work(hdev->workqueue, in hci_cc_le_set_adv_enable()
1233 &conn->le_conn_timeout, in hci_cc_le_set_adv_enable()
1234 conn->conn_timeout); in hci_cc_le_set_adv_enable()
1246 __u8 status = *((__u8 *) skb->data); in hci_cc_le_set_ext_adv_enable()
1248 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_le_set_ext_adv_enable()
1259 if (cp->enable) { in hci_cc_le_set_ext_adv_enable()
1266 queue_delayed_work(hdev->workqueue, in hci_cc_le_set_ext_adv_enable()
1267 &conn->le_conn_timeout, in hci_cc_le_set_ext_adv_enable()
1268 conn->conn_timeout); in hci_cc_le_set_ext_adv_enable()
1279 __u8 status = *((__u8 *) skb->data); in hci_cc_le_set_scan_param()
1281 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_le_set_scan_param()
1292 hdev->le_scan_type = cp->type; in hci_cc_le_set_scan_param()
1301 __u8 status = *((__u8 *) skb->data); in hci_cc_le_set_ext_scan_param()
1304 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_le_set_ext_scan_param()
1313 phy_param = (void *)cp->data; in hci_cc_le_set_ext_scan_param()
1317 hdev->le_scan_type = phy_param->type; in hci_cc_le_set_ext_scan_param()
1324 struct discovery_state *d = &hdev->discovery; in has_pending_adv_report()
1326 return bacmp(&d->last_adv_addr, BDADDR_ANY); in has_pending_adv_report()
1331 struct discovery_state *d = &hdev->discovery; in clear_pending_adv_report()
1333 bacpy(&d->last_adv_addr, BDADDR_ANY); in clear_pending_adv_report()
1334 d->last_adv_data_len = 0; in clear_pending_adv_report()
1341 struct discovery_state *d = &hdev->discovery; in store_pending_adv_report()
1346 bacpy(&d->last_adv_addr, bdaddr); in store_pending_adv_report()
1347 d->last_adv_addr_type = bdaddr_type; in store_pending_adv_report()
1348 d->last_adv_rssi = rssi; in store_pending_adv_report()
1349 d->last_adv_flags = flags; in store_pending_adv_report()
1350 memcpy(d->last_adv_data, data, len); in store_pending_adv_report()
1351 d->last_adv_data_len = len; in store_pending_adv_report()
1361 if (hdev->le_scan_type == LE_SCAN_ACTIVE) in le_set_scan_enable_complete()
1371 struct discovery_state *d = &hdev->discovery; in le_set_scan_enable_complete()
1373 mgmt_device_found(hdev, &d->last_adv_addr, LE_LINK, in le_set_scan_enable_complete()
1374 d->last_adv_addr_type, NULL, in le_set_scan_enable_complete()
1375 d->last_adv_rssi, d->last_adv_flags, in le_set_scan_enable_complete()
1376 d->last_adv_data, in le_set_scan_enable_complete()
1377 d->last_adv_data_len, NULL, 0); in le_set_scan_enable_complete()
1383 cancel_delayed_work(&hdev->le_scan_disable); in le_set_scan_enable_complete()
1392 * re-enable it again if necessary. in le_set_scan_enable_complete()
1397 hdev->discovery.state == DISCOVERY_FINDING) in le_set_scan_enable_complete()
1415 __u8 status = *((__u8 *) skb->data); in hci_cc_le_set_scan_enable()
1417 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_le_set_scan_enable()
1426 le_set_scan_enable_complete(hdev, cp->enable); in hci_cc_le_set_scan_enable()
1433 __u8 status = *((__u8 *) skb->data); in hci_cc_le_set_ext_scan_enable()
1435 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_le_set_ext_scan_enable()
1444 le_set_scan_enable_complete(hdev, cp->enable); in hci_cc_le_set_ext_scan_enable()
1450 struct hci_rp_le_read_num_supported_adv_sets *rp = (void *) skb->data; in hci_cc_le_read_num_adv_sets()
1452 BT_DBG("%s status 0x%2.2x No of Adv sets %u", hdev->name, rp->status, in hci_cc_le_read_num_adv_sets()
1453 rp->num_of_sets); in hci_cc_le_read_num_adv_sets()
1455 if (rp->status) in hci_cc_le_read_num_adv_sets()
1458 hdev->le_num_of_adv_sets = rp->num_of_sets; in hci_cc_le_read_num_adv_sets()
1464 struct hci_rp_le_read_accept_list_size *rp = (void *)skb->data; in hci_cc_le_read_accept_list_size()
1466 BT_DBG("%s status 0x%2.2x size %u", hdev->name, rp->status, rp->size); in hci_cc_le_read_accept_list_size()
1468 if (rp->status) in hci_cc_le_read_accept_list_size()
1471 hdev->le_accept_list_size = rp->size; in hci_cc_le_read_accept_list_size()
1477 __u8 status = *((__u8 *) skb->data); in hci_cc_le_clear_accept_list()
1479 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_le_clear_accept_list()
1484 hci_bdaddr_list_clear(&hdev->le_accept_list); in hci_cc_le_clear_accept_list()
1491 __u8 status = *((__u8 *) skb->data); in hci_cc_le_add_to_accept_list()
1493 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_le_add_to_accept_list()
1502 hci_bdaddr_list_add(&hdev->le_accept_list, &sent->bdaddr, in hci_cc_le_add_to_accept_list()
1503 sent->bdaddr_type); in hci_cc_le_add_to_accept_list()
1510 __u8 status = *((__u8 *) skb->data); in hci_cc_le_del_from_accept_list()
1512 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_le_del_from_accept_list()
1521 hci_bdaddr_list_del(&hdev->le_accept_list, &sent->bdaddr, in hci_cc_le_del_from_accept_list()
1522 sent->bdaddr_type); in hci_cc_le_del_from_accept_list()
1528 struct hci_rp_le_read_supported_states *rp = (void *) skb->data; in hci_cc_le_read_supported_states()
1530 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_le_read_supported_states()
1532 if (rp->status) in hci_cc_le_read_supported_states()
1535 memcpy(hdev->le_states, rp->le_states, 8); in hci_cc_le_read_supported_states()
1541 struct hci_rp_le_read_def_data_len *rp = (void *) skb->data; in hci_cc_le_read_def_data_len()
1543 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_le_read_def_data_len()
1545 if (rp->status) in hci_cc_le_read_def_data_len()
1548 hdev->le_def_tx_len = le16_to_cpu(rp->tx_len); in hci_cc_le_read_def_data_len()
1549 hdev->le_def_tx_time = le16_to_cpu(rp->tx_time); in hci_cc_le_read_def_data_len()
1556 __u8 status = *((__u8 *) skb->data); in hci_cc_le_write_def_data_len()
1558 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_le_write_def_data_len()
1567 hdev->le_def_tx_len = le16_to_cpu(sent->tx_len); in hci_cc_le_write_def_data_len()
1568 hdev->le_def_tx_time = le16_to_cpu(sent->tx_time); in hci_cc_le_write_def_data_len()
1575 __u8 status = *((__u8 *) skb->data); in hci_cc_le_add_to_resolv_list()
1577 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_le_add_to_resolv_list()
1586 hci_bdaddr_list_add_with_irk(&hdev->le_resolv_list, &sent->bdaddr, in hci_cc_le_add_to_resolv_list()
1587 sent->bdaddr_type, sent->peer_irk, in hci_cc_le_add_to_resolv_list()
1588 sent->local_irk); in hci_cc_le_add_to_resolv_list()
1595 __u8 status = *((__u8 *) skb->data); in hci_cc_le_del_from_resolv_list()
1597 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_le_del_from_resolv_list()
1606 hci_bdaddr_list_del_with_irk(&hdev->le_resolv_list, &sent->bdaddr, in hci_cc_le_del_from_resolv_list()
1607 sent->bdaddr_type); in hci_cc_le_del_from_resolv_list()
1613 __u8 status = *((__u8 *) skb->data); in hci_cc_le_clear_resolv_list()
1615 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_le_clear_resolv_list()
1620 hci_bdaddr_list_clear(&hdev->le_resolv_list); in hci_cc_le_clear_resolv_list()
1626 struct hci_rp_le_read_resolv_list_size *rp = (void *) skb->data; in hci_cc_le_read_resolv_list_size()
1628 BT_DBG("%s status 0x%2.2x size %u", hdev->name, rp->status, rp->size); in hci_cc_le_read_resolv_list_size()
1630 if (rp->status) in hci_cc_le_read_resolv_list_size()
1633 hdev->le_resolv_list_size = rp->size; in hci_cc_le_read_resolv_list_size()
1639 __u8 *sent, status = *((__u8 *) skb->data); in hci_cc_le_set_addr_resolution_enable()
1641 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_le_set_addr_resolution_enable()
1663 struct hci_rp_le_read_max_data_len *rp = (void *) skb->data; in hci_cc_le_read_max_data_len()
1665 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_le_read_max_data_len()
1667 if (rp->status) in hci_cc_le_read_max_data_len()
1670 hdev->le_max_tx_len = le16_to_cpu(rp->tx_len); in hci_cc_le_read_max_data_len()
1671 hdev->le_max_tx_time = le16_to_cpu(rp->tx_time); in hci_cc_le_read_max_data_len()
1672 hdev->le_max_rx_len = le16_to_cpu(rp->rx_len); in hci_cc_le_read_max_data_len()
1673 hdev->le_max_rx_time = le16_to_cpu(rp->rx_time); in hci_cc_le_read_max_data_len()
1680 __u8 status = *((__u8 *) skb->data); in hci_cc_write_le_host_supported()
1682 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_write_le_host_supported()
1693 if (sent->le) { in hci_cc_write_le_host_supported()
1694 hdev->features[1][0] |= LMP_HOST_LE; in hci_cc_write_le_host_supported()
1697 hdev->features[1][0] &= ~LMP_HOST_LE; in hci_cc_write_le_host_supported()
1702 if (sent->simul) in hci_cc_write_le_host_supported()
1703 hdev->features[1][0] |= LMP_HOST_LE_BREDR; in hci_cc_write_le_host_supported()
1705 hdev->features[1][0] &= ~LMP_HOST_LE_BREDR; in hci_cc_write_le_host_supported()
1713 u8 status = *((u8 *) skb->data); in hci_cc_set_adv_param()
1715 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_set_adv_param()
1725 hdev->adv_addr_type = cp->own_address_type; in hci_cc_set_adv_param()
1731 struct hci_rp_le_set_ext_adv_params *rp = (void *) skb->data; in hci_cc_set_ext_adv_param()
1735 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_set_ext_adv_param()
1737 if (rp->status) in hci_cc_set_ext_adv_param()
1745 hdev->adv_addr_type = cp->own_addr_type; in hci_cc_set_ext_adv_param()
1746 if (!hdev->cur_adv_instance) { in hci_cc_set_ext_adv_param()
1748 hdev->adv_tx_power = rp->tx_power; in hci_cc_set_ext_adv_param()
1751 hdev->cur_adv_instance); in hci_cc_set_ext_adv_param()
1753 adv_instance->tx_power = rp->tx_power; in hci_cc_set_ext_adv_param()
1755 /* Update adv data as tx power is known now */ in hci_cc_set_ext_adv_param()
1756 hci_req_update_adv_data(hdev, hdev->cur_adv_instance); in hci_cc_set_ext_adv_param()
1762 struct hci_rp_read_rssi *rp = (void *) skb->data; in hci_cc_read_rssi()
1765 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_rssi()
1767 if (rp->status) in hci_cc_read_rssi()
1772 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); in hci_cc_read_rssi()
1774 conn->rssi = rp->rssi; in hci_cc_read_rssi()
1782 struct hci_rp_read_tx_power *rp = (void *) skb->data; in hci_cc_read_tx_power()
1785 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); in hci_cc_read_tx_power()
1787 if (rp->status) in hci_cc_read_tx_power()
1796 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); in hci_cc_read_tx_power()
1800 switch (sent->type) { in hci_cc_read_tx_power()
1802 conn->tx_power = rp->tx_power; in hci_cc_read_tx_power()
1805 conn->max_tx_power = rp->tx_power; in hci_cc_read_tx_power()
1815 u8 status = *((u8 *) skb->data); in hci_cc_write_ssp_debug_mode()
1818 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cc_write_ssp_debug_mode()
1825 hdev->ssp_debug_mode = *mode; in hci_cc_write_ssp_debug_mode()
1830 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cs_inquiry()
1838 set_bit(HCI_INQUIRY, &hdev->flags); in hci_cs_inquiry()
1846 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cs_create_conn()
1854 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); in hci_cs_create_conn()
1856 BT_DBG("%s bdaddr %pMR hcon %p", hdev->name, &cp->bdaddr, conn); in hci_cs_create_conn()
1859 if (conn && conn->state == BT_CONNECT) { in hci_cs_create_conn()
1860 if (status != 0x0c || conn->attempt > 2) { in hci_cs_create_conn()
1861 conn->state = BT_CLOSED; in hci_cs_create_conn()
1865 conn->state = BT_CONNECT2; in hci_cs_create_conn()
1869 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr, in hci_cs_create_conn()
1885 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cs_add_sco()
1894 handle = __le16_to_cpu(cp->handle); in hci_cs_add_sco()
1896 BT_DBG("%s handle 0x%4.4x", hdev->name, handle); in hci_cs_add_sco()
1902 sco = acl->link; in hci_cs_add_sco()
1904 sco->state = BT_CLOSED; in hci_cs_add_sco()
1919 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cs_auth_requested()
1930 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); in hci_cs_auth_requested()
1932 if (conn->state == BT_CONFIG) { in hci_cs_auth_requested()
1946 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cs_set_conn_encrypt()
1957 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); in hci_cs_set_conn_encrypt()
1959 if (conn->state == BT_CONFIG) { in hci_cs_set_conn_encrypt()
1971 if (conn->state != BT_CONFIG || !conn->out) in hci_outgoing_auth_needed()
1974 if (conn->pending_sec_level == BT_SECURITY_SDP) in hci_outgoing_auth_needed()
1977 /* Only request authentication for SSP connections or non-SSP in hci_outgoing_auth_needed()
1981 if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) && in hci_outgoing_auth_needed()
1982 conn->pending_sec_level != BT_SECURITY_FIPS && in hci_outgoing_auth_needed()
1983 conn->pending_sec_level != BT_SECURITY_HIGH && in hci_outgoing_auth_needed()
1984 conn->pending_sec_level != BT_SECURITY_MEDIUM) in hci_outgoing_auth_needed()
1997 bacpy(&cp.bdaddr, &e->data.bdaddr); in hci_resolve_name()
1998 cp.pscan_rep_mode = e->data.pscan_rep_mode; in hci_resolve_name()
1999 cp.pscan_mode = e->data.pscan_mode; in hci_resolve_name()
2000 cp.clock_offset = e->data.clock_offset; in hci_resolve_name()
2007 struct discovery_state *discov = &hdev->discovery; in hci_resolve_next_name()
2010 if (list_empty(&discov->resolve)) in hci_resolve_next_name()
2018 e->name_state = NAME_PENDING; in hci_resolve_next_name()
2028 struct discovery_state *discov = &hdev->discovery; in hci_check_pending_name()
2037 (conn->state == BT_CONFIG || conn->state == BT_CONNECTED) && in hci_check_pending_name()
2038 !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) in hci_check_pending_name()
2041 if (discov->state == DISCOVERY_STOPPED) in hci_check_pending_name()
2044 if (discov->state == DISCOVERY_STOPPING) in hci_check_pending_name()
2047 if (discov->state != DISCOVERY_RESOLVING) in hci_check_pending_name()
2058 list_del(&e->list); in hci_check_pending_name()
2060 e->name_state = NAME_KNOWN; in hci_check_pending_name()
2062 e->data.rssi, name, name_len); in hci_check_pending_name()
2064 e->name_state = NAME_NOT_KNOWN; in hci_check_pending_name()
2079 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cs_remote_name_req()
2092 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); in hci_cs_remote_name_req()
2095 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0); in hci_cs_remote_name_req()
2103 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) { in hci_cs_remote_name_req()
2106 set_bit(HCI_CONN_AUTH_INITIATOR, &conn->flags); in hci_cs_remote_name_req()
2108 auth_cp.handle = __cpu_to_le16(conn->handle); in hci_cs_remote_name_req()
2122 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cs_read_remote_features()
2133 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); in hci_cs_read_remote_features()
2135 if (conn->state == BT_CONFIG) { in hci_cs_read_remote_features()
2149 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cs_read_remote_ext_features()
2160 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); in hci_cs_read_remote_ext_features()
2162 if (conn->state == BT_CONFIG) { in hci_cs_read_remote_ext_features()
2177 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cs_setup_sync_conn()
2186 handle = __le16_to_cpu(cp->handle); in hci_cs_setup_sync_conn()
2188 BT_DBG("%s handle 0x%4.4x", hdev->name, handle); in hci_cs_setup_sync_conn()
2194 sco = acl->link; in hci_cs_setup_sync_conn()
2196 sco->state = BT_CLOSED; in hci_cs_setup_sync_conn()
2211 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cs_sniff_mode()
2222 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); in hci_cs_sniff_mode()
2224 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags); in hci_cs_sniff_mode()
2226 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags)) in hci_cs_sniff_mode()
2238 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cs_exit_sniff_mode()
2249 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); in hci_cs_exit_sniff_mode()
2251 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags); in hci_cs_exit_sniff_mode()
2253 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags)) in hci_cs_exit_sniff_mode()
2274 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); in hci_cs_disconnect()
2276 u8 type = conn->type; in hci_cs_disconnect()
2278 mgmt_disconnect_failed(hdev, &conn->dst, conn->type, in hci_cs_disconnect()
2279 conn->dst_type, status); in hci_cs_disconnect()
2283 * Hence, we need to do some basic cleanup here and re-enable in hci_cs_disconnect()
2325 conn->init_addr_type = own_address_type; in cs_le_create_conn()
2327 bacpy(&conn->init_addr, &hdev->random_addr); in cs_le_create_conn()
2329 bacpy(&conn->init_addr, &hdev->bdaddr); in cs_le_create_conn()
2331 conn->resp_addr_type = peer_addr_type; in cs_le_create_conn()
2332 bacpy(&conn->resp_addr, peer_addr); in cs_le_create_conn()
2340 queue_delayed_work(conn->hdev->workqueue, in cs_le_create_conn()
2341 &conn->le_conn_timeout, in cs_le_create_conn()
2342 conn->conn_timeout); in cs_le_create_conn()
2349 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cs_le_create_conn()
2364 cs_le_create_conn(hdev, &cp->peer_addr, cp->peer_addr_type, in hci_cs_le_create_conn()
2365 cp->own_address_type, cp->filter_policy); in hci_cs_le_create_conn()
2374 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cs_le_ext_create_conn()
2389 cs_le_create_conn(hdev, &cp->peer_addr, cp->peer_addr_type, in hci_cs_le_ext_create_conn()
2390 cp->own_addr_type, cp->filter_policy); in hci_cs_le_ext_create_conn()
2400 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cs_le_read_remote_features()
2411 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); in hci_cs_le_read_remote_features()
2413 if (conn->state == BT_CONFIG) { in hci_cs_le_read_remote_features()
2427 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cs_le_start_enc()
2438 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle)); in hci_cs_le_start_enc()
2442 if (conn->state != BT_CONNECTED) in hci_cs_le_start_enc()
2457 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_cs_switch_role()
2468 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); in hci_cs_switch_role()
2470 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags); in hci_cs_switch_role()
2477 __u8 status = *((__u8 *) skb->data); in hci_inquiry_complete_evt()
2478 struct discovery_state *discov = &hdev->discovery; in hci_inquiry_complete_evt()
2481 BT_DBG("%s status 0x%2.2x", hdev->name, status); in hci_inquiry_complete_evt()
2485 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags)) in hci_inquiry_complete_evt()
2489 wake_up_bit(&hdev->flags, HCI_INQUIRY); in hci_inquiry_complete_evt()
2496 if (discov->state != DISCOVERY_FINDING) in hci_inquiry_complete_evt()
2499 if (list_empty(&discov->resolve)) { in hci_inquiry_complete_evt()
2508 !test_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks)) in hci_inquiry_complete_evt()
2515 e->name_state = NAME_PENDING; in hci_inquiry_complete_evt()
2526 !test_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks)) in hci_inquiry_complete_evt()
2537 struct inquiry_info *info = (void *) (skb->data + 1); in hci_inquiry_result_evt()
2538 int num_rsp = *((__u8 *) skb->data); in hci_inquiry_result_evt()
2540 BT_DBG("%s num_rsp %d", hdev->name, num_rsp); in hci_inquiry_result_evt()
2542 if (!num_rsp || skb->len < num_rsp * sizeof(*info) + 1) in hci_inquiry_result_evt()
2550 for (; num_rsp; num_rsp--, info++) { in hci_inquiry_result_evt()
2553 bacpy(&data.bdaddr, &info->bdaddr); in hci_inquiry_result_evt()
2554 data.pscan_rep_mode = info->pscan_rep_mode; in hci_inquiry_result_evt()
2555 data.pscan_period_mode = info->pscan_period_mode; in hci_inquiry_result_evt()
2556 data.pscan_mode = info->pscan_mode; in hci_inquiry_result_evt()
2557 memcpy(data.dev_class, info->dev_class, 3); in hci_inquiry_result_evt()
2558 data.clock_offset = info->clock_offset; in hci_inquiry_result_evt()
2564 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00, in hci_inquiry_result_evt()
2565 info->dev_class, HCI_RSSI_INVALID, in hci_inquiry_result_evt()
2574 struct hci_ev_conn_complete *ev = (void *) skb->data; in hci_conn_complete_evt()
2577 BT_DBG("%s", hdev->name); in hci_conn_complete_evt()
2581 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr); in hci_conn_complete_evt()
2583 /* Connection may not exist if auto-connected. Check the bredr in hci_conn_complete_evt()
2588 * Auto-connect will only occur if the event filter is in hci_conn_complete_evt()
2592 if (ev->link_type == ACL_LINK && in hci_conn_complete_evt()
2593 hci_bdaddr_list_lookup_with_flags(&hdev->accept_list, in hci_conn_complete_evt()
2594 &ev->bdaddr, in hci_conn_complete_evt()
2596 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr, in hci_conn_complete_evt()
2603 if (ev->link_type != SCO_LINK) in hci_conn_complete_evt()
2607 &ev->bdaddr); in hci_conn_complete_evt()
2611 conn->type = SCO_LINK; in hci_conn_complete_evt()
2615 if (!ev->status) { in hci_conn_complete_evt()
2616 conn->handle = __le16_to_cpu(ev->handle); in hci_conn_complete_evt()
2618 if (conn->type == ACL_LINK) { in hci_conn_complete_evt()
2619 conn->state = BT_CONFIG; in hci_conn_complete_evt()
2622 if (!conn->out && !hci_conn_ssp_enabled(conn) && in hci_conn_complete_evt()
2623 !hci_find_link_key(hdev, &ev->bdaddr)) in hci_conn_complete_evt()
2624 conn->disc_timeout = HCI_PAIRING_TIMEOUT; in hci_conn_complete_evt()
2626 conn->disc_timeout = HCI_DISCONN_TIMEOUT; in hci_conn_complete_evt()
2628 conn->state = BT_CONNECTED; in hci_conn_complete_evt()
2633 if (test_bit(HCI_AUTH, &hdev->flags)) in hci_conn_complete_evt()
2634 set_bit(HCI_CONN_AUTH, &conn->flags); in hci_conn_complete_evt()
2636 if (test_bit(HCI_ENCRYPT, &hdev->flags)) in hci_conn_complete_evt()
2637 set_bit(HCI_CONN_ENCRYPT, &conn->flags); in hci_conn_complete_evt()
2640 if (conn->type == ACL_LINK) { in hci_conn_complete_evt()
2642 cp.handle = ev->handle; in hci_conn_complete_evt()
2650 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) { in hci_conn_complete_evt()
2652 cp.handle = ev->handle; in hci_conn_complete_evt()
2653 cp.pkt_type = cpu_to_le16(conn->pkt_type); in hci_conn_complete_evt()
2658 conn->state = BT_CLOSED; in hci_conn_complete_evt()
2659 if (conn->type == ACL_LINK) in hci_conn_complete_evt()
2660 mgmt_connect_failed(hdev, &conn->dst, conn->type, in hci_conn_complete_evt()
2661 conn->dst_type, ev->status); in hci_conn_complete_evt()
2664 if (conn->type == ACL_LINK) in hci_conn_complete_evt()
2665 hci_sco_setup(conn, ev->status); in hci_conn_complete_evt()
2667 if (ev->status) { in hci_conn_complete_evt()
2668 hci_connect_cfm(conn, ev->status); in hci_conn_complete_evt()
2670 } else if (ev->link_type == SCO_LINK) { in hci_conn_complete_evt()
2671 switch (conn->setting & SCO_AIRMODE_MASK) { in hci_conn_complete_evt()
2673 if (hdev->notify) in hci_conn_complete_evt()
2674 hdev->notify(hdev, HCI_NOTIFY_ENABLE_SCO_CVSD); in hci_conn_complete_evt()
2678 hci_connect_cfm(conn, ev->status); in hci_conn_complete_evt()
2698 struct hci_ev_conn_request *ev = (void *) skb->data; in hci_conn_request_evt()
2699 int mask = hdev->link_mode; in hci_conn_request_evt()
2704 BT_DBG("%s bdaddr %pMR type 0x%x", hdev->name, &ev->bdaddr, in hci_conn_request_evt()
2705 ev->link_type); in hci_conn_request_evt()
2708 * CVE-2020-26555 in hci_conn_request_evt()
2710 if (hdev && !bacmp(&hdev->bdaddr, &ev->bdaddr)) { in hci_conn_request_evt()
2712 &ev->bdaddr); in hci_conn_request_evt()
2713 hci_reject_conn(hdev, &ev->bdaddr); in hci_conn_request_evt()
2717 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type, in hci_conn_request_evt()
2721 hci_reject_conn(hdev, &ev->bdaddr); in hci_conn_request_evt()
2727 if (hci_bdaddr_list_lookup(&hdev->reject_list, &ev->bdaddr, in hci_conn_request_evt()
2729 hci_reject_conn(hdev, &ev->bdaddr); in hci_conn_request_evt()
2739 !hci_bdaddr_list_lookup_with_flags(&hdev->accept_list, &ev->bdaddr, in hci_conn_request_evt()
2741 hci_reject_conn(hdev, &ev->bdaddr); in hci_conn_request_evt()
2747 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr); in hci_conn_request_evt()
2749 memcpy(ie->data.dev_class, ev->dev_class, 3); in hci_conn_request_evt()
2751 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, in hci_conn_request_evt()
2752 &ev->bdaddr); in hci_conn_request_evt()
2754 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr, in hci_conn_request_evt()
2762 memcpy(conn->dev_class, ev->dev_class, 3); in hci_conn_request_evt()
2766 if (ev->link_type == ACL_LINK || in hci_conn_request_evt()
2769 conn->state = BT_CONNECT; in hci_conn_request_evt()
2771 bacpy(&cp.bdaddr, &ev->bdaddr); in hci_conn_request_evt()
2781 conn->state = BT_CONNECT; in hci_conn_request_evt()
2783 bacpy(&cp.bdaddr, &ev->bdaddr); in hci_conn_request_evt()
2784 cp.pkt_type = cpu_to_le16(conn->pkt_type); in hci_conn_request_evt()
2789 cp.content_format = cpu_to_le16(hdev->voice_setting); in hci_conn_request_evt()
2795 conn->state = BT_CONNECT2; in hci_conn_request_evt()
2822 struct hci_ev_disconn_complete *ev = (void *) skb->data; in hci_disconn_complete_evt()
2829 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); in hci_disconn_complete_evt()
2833 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_disconn_complete_evt()
2837 if (ev->status) { in hci_disconn_complete_evt()
2838 mgmt_disconnect_failed(hdev, &conn->dst, conn->type, in hci_disconn_complete_evt()
2839 conn->dst_type, ev->status); in hci_disconn_complete_evt()
2843 conn->state = BT_CLOSED; in hci_disconn_complete_evt()
2845 mgmt_connected = test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags); in hci_disconn_complete_evt()
2847 if (test_bit(HCI_CONN_AUTH_FAILURE, &conn->flags)) in hci_disconn_complete_evt()
2850 reason = hci_to_mgmt_reason(ev->reason); in hci_disconn_complete_evt()
2852 mgmt_device_disconnected(hdev, &conn->dst, conn->type, conn->dst_type, in hci_disconn_complete_evt()
2855 if (conn->type == ACL_LINK) { in hci_disconn_complete_evt()
2856 if (test_bit(HCI_CONN_FLUSH_KEY, &conn->flags)) in hci_disconn_complete_evt()
2857 hci_remove_link_key(hdev, &conn->dst); in hci_disconn_complete_evt()
2862 params = hci_conn_params_lookup(hdev, &conn->dst, conn->dst_type); in hci_disconn_complete_evt()
2864 switch (params->auto_connect) { in hci_disconn_complete_evt()
2866 if (ev->reason != HCI_ERROR_CONNECTION_TIMEOUT) in hci_disconn_complete_evt()
2872 list_del_init(¶ms->action); in hci_disconn_complete_evt()
2873 list_add(¶ms->action, &hdev->pend_le_conns); in hci_disconn_complete_evt()
2882 type = conn->type; in hci_disconn_complete_evt()
2884 hci_disconn_cfm(conn, ev->reason); in hci_disconn_complete_evt()
2890 if (list_empty(&hdev->conn_hash.list) && in hci_disconn_complete_evt()
2891 test_and_clear_bit(SUSPEND_DISCONNECTING, hdev->suspend_tasks)) { in hci_disconn_complete_evt()
2892 wake_up(&hdev->suspend_wait_q); in hci_disconn_complete_evt()
2895 /* Re-enable advertising if necessary, since it might in hci_disconn_complete_evt()
2914 struct hci_ev_auth_complete *ev = (void *) skb->data; in hci_auth_complete_evt()
2917 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); in hci_auth_complete_evt()
2921 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_auth_complete_evt()
2925 if (!ev->status) { in hci_auth_complete_evt()
2926 clear_bit(HCI_CONN_AUTH_FAILURE, &conn->flags); in hci_auth_complete_evt()
2927 set_bit(HCI_CONN_AUTH, &conn->flags); in hci_auth_complete_evt()
2928 conn->sec_level = conn->pending_sec_level; in hci_auth_complete_evt()
2930 if (ev->status == HCI_ERROR_PIN_OR_KEY_MISSING) in hci_auth_complete_evt()
2931 set_bit(HCI_CONN_AUTH_FAILURE, &conn->flags); in hci_auth_complete_evt()
2933 mgmt_auth_failed(conn, ev->status); in hci_auth_complete_evt()
2936 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags); in hci_auth_complete_evt()
2938 if (conn->state == BT_CONFIG) { in hci_auth_complete_evt()
2939 if (!ev->status && hci_conn_ssp_enabled(conn)) { in hci_auth_complete_evt()
2941 cp.handle = ev->handle; in hci_auth_complete_evt()
2946 conn->state = BT_CONNECTED; in hci_auth_complete_evt()
2947 hci_connect_cfm(conn, ev->status); in hci_auth_complete_evt()
2951 hci_auth_cfm(conn, ev->status); in hci_auth_complete_evt()
2954 conn->disc_timeout = HCI_DISCONN_TIMEOUT; in hci_auth_complete_evt()
2958 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) { in hci_auth_complete_evt()
2959 if (!ev->status) { in hci_auth_complete_evt()
2961 cp.handle = ev->handle; in hci_auth_complete_evt()
2966 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags); in hci_auth_complete_evt()
2967 hci_encrypt_cfm(conn, ev->status); in hci_auth_complete_evt()
2977 struct hci_ev_remote_name *ev = (void *) skb->data; in hci_remote_name_evt()
2980 BT_DBG("%s", hdev->name); in hci_remote_name_evt()
2986 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_remote_name_evt()
2991 if (ev->status == 0) in hci_remote_name_evt()
2992 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name, in hci_remote_name_evt()
2993 strnlen(ev->name, HCI_MAX_NAME_LENGTH)); in hci_remote_name_evt()
2995 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0); in hci_remote_name_evt()
3004 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) { in hci_remote_name_evt()
3007 set_bit(HCI_CONN_AUTH_INITIATOR, &conn->flags); in hci_remote_name_evt()
3009 cp.handle = __cpu_to_le16(conn->handle); in hci_remote_name_evt()
3024 BT_DBG("%s status 0x%02x", hdev->name, status); in read_enc_key_size_complete()
3026 if (!skb || skb->len < sizeof(*rp)) { in read_enc_key_size_complete()
3031 rp = (void *)skb->data; in read_enc_key_size_complete()
3032 handle = le16_to_cpu(rp->handle); in read_enc_key_size_complete()
3044 if (rp->status) { in read_enc_key_size_complete()
3047 conn->enc_key_size = 0; in read_enc_key_size_complete()
3049 conn->enc_key_size = rp->key_size; in read_enc_key_size_complete()
3060 struct hci_ev_encrypt_change *ev = (void *) skb->data; in hci_encrypt_change_evt()
3063 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); in hci_encrypt_change_evt()
3067 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_encrypt_change_evt()
3071 if (!ev->status) { in hci_encrypt_change_evt()
3072 if (ev->encrypt) { in hci_encrypt_change_evt()
3074 set_bit(HCI_CONN_AUTH, &conn->flags); in hci_encrypt_change_evt()
3075 set_bit(HCI_CONN_ENCRYPT, &conn->flags); in hci_encrypt_change_evt()
3076 conn->sec_level = conn->pending_sec_level; in hci_encrypt_change_evt()
3078 /* P-256 authentication key implies FIPS */ in hci_encrypt_change_evt()
3079 if (conn->key_type == HCI_LK_AUTH_COMBINATION_P256) in hci_encrypt_change_evt()
3080 set_bit(HCI_CONN_FIPS, &conn->flags); in hci_encrypt_change_evt()
3082 if ((conn->type == ACL_LINK && ev->encrypt == 0x02) || in hci_encrypt_change_evt()
3083 conn->type == LE_LINK) in hci_encrypt_change_evt()
3084 set_bit(HCI_CONN_AES_CCM, &conn->flags); in hci_encrypt_change_evt()
3086 clear_bit(HCI_CONN_ENCRYPT, &conn->flags); in hci_encrypt_change_evt()
3087 clear_bit(HCI_CONN_AES_CCM, &conn->flags); in hci_encrypt_change_evt()
3094 if (ev->status && conn->type == LE_LINK) { in hci_encrypt_change_evt()
3099 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags); in hci_encrypt_change_evt()
3103 ev->status = HCI_ERROR_AUTH_FAILURE; in hci_encrypt_change_evt()
3105 if (ev->status && conn->state == BT_CONNECTED) { in hci_encrypt_change_evt()
3106 if (ev->status == HCI_ERROR_PIN_OR_KEY_MISSING) in hci_encrypt_change_evt()
3107 set_bit(HCI_CONN_AUTH_FAILURE, &conn->flags); in hci_encrypt_change_evt()
3112 hci_encrypt_cfm(conn, ev->status); in hci_encrypt_change_evt()
3119 if (!ev->status && ev->encrypt && conn->type == ACL_LINK) { in hci_encrypt_change_evt()
3127 if (!(hdev->commands[20] & 0x10)) { in hci_encrypt_change_evt()
3128 conn->enc_key_size = HCI_LINK_KEY_SIZE; in hci_encrypt_change_evt()
3134 cp.handle = cpu_to_le16(conn->handle); in hci_encrypt_change_evt()
3139 conn->enc_key_size = HCI_LINK_KEY_SIZE; in hci_encrypt_change_evt()
3151 * Ensure for AES-CCM encryption as well. in hci_encrypt_change_evt()
3153 if (test_bit(HCI_CONN_ENCRYPT, &conn->flags) && in hci_encrypt_change_evt()
3154 test_bit(HCI_CONN_AES_CCM, &conn->flags) && in hci_encrypt_change_evt()
3155 ((conn->type == ACL_LINK && lmp_ping_capable(hdev)) || in hci_encrypt_change_evt()
3156 (conn->type == LE_LINK && (hdev->le_features[0] & HCI_LE_PING)))) { in hci_encrypt_change_evt()
3159 cp.handle = cpu_to_le16(conn->handle); in hci_encrypt_change_evt()
3160 cp.timeout = cpu_to_le16(hdev->auth_payload_timeout); in hci_encrypt_change_evt()
3161 hci_send_cmd(conn->hdev, HCI_OP_WRITE_AUTH_PAYLOAD_TO, in hci_encrypt_change_evt()
3166 hci_encrypt_cfm(conn, ev->status); in hci_encrypt_change_evt()
3175 struct hci_ev_change_link_key_complete *ev = (void *) skb->data; in hci_change_link_key_complete_evt()
3178 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); in hci_change_link_key_complete_evt()
3182 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_change_link_key_complete_evt()
3184 if (!ev->status) in hci_change_link_key_complete_evt()
3185 set_bit(HCI_CONN_SECURE, &conn->flags); in hci_change_link_key_complete_evt()
3187 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags); in hci_change_link_key_complete_evt()
3189 hci_key_change_cfm(conn, ev->status); in hci_change_link_key_complete_evt()
3198 struct hci_ev_remote_features *ev = (void *) skb->data; in hci_remote_features_evt()
3201 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); in hci_remote_features_evt()
3205 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_remote_features_evt()
3209 if (!ev->status) in hci_remote_features_evt()
3210 memcpy(conn->features[0], ev->features, 8); in hci_remote_features_evt()
3212 if (conn->state != BT_CONFIG) in hci_remote_features_evt()
3215 if (!ev->status && lmp_ext_feat_capable(hdev) && in hci_remote_features_evt()
3218 cp.handle = ev->handle; in hci_remote_features_evt()
3225 if (!ev->status) { in hci_remote_features_evt()
3228 bacpy(&cp.bdaddr, &conn->dst); in hci_remote_features_evt()
3231 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) in hci_remote_features_evt()
3235 conn->state = BT_CONNECTED; in hci_remote_features_evt()
3236 hci_connect_cfm(conn, ev->status); in hci_remote_features_evt()
3249 struct hci_ev_cmd_complete *ev = (void *) skb->data; in hci_cmd_complete_evt()
3251 *opcode = __le16_to_cpu(ev->opcode); in hci_cmd_complete_evt()
3252 *status = skb->data[sizeof(*ev)]; in hci_cmd_complete_evt()
3594 BT_DBG("%s opcode 0x%4.4x", hdev->name, *opcode); in hci_cmd_complete_evt()
3599 cancel_delayed_work(&hdev->cmd_timer); in hci_cmd_complete_evt()
3601 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) in hci_cmd_complete_evt()
3602 atomic_set(&hdev->cmd_cnt, 1); in hci_cmd_complete_evt()
3613 if (atomic_read(&hdev->cmd_cnt) && !skb_queue_empty(&hdev->cmd_q)) in hci_cmd_complete_evt()
3614 queue_work(hdev->workqueue, &hdev->cmd_work); in hci_cmd_complete_evt()
3622 struct hci_ev_cmd_status *ev = (void *) skb->data; in hci_cmd_status_evt()
3626 *opcode = __le16_to_cpu(ev->opcode); in hci_cmd_status_evt()
3627 *status = ev->status; in hci_cmd_status_evt()
3631 hci_cs_inquiry(hdev, ev->status); in hci_cmd_status_evt()
3635 hci_cs_create_conn(hdev, ev->status); in hci_cmd_status_evt()
3639 hci_cs_disconnect(hdev, ev->status); in hci_cmd_status_evt()
3643 hci_cs_add_sco(hdev, ev->status); in hci_cmd_status_evt()
3647 hci_cs_auth_requested(hdev, ev->status); in hci_cmd_status_evt()
3651 hci_cs_set_conn_encrypt(hdev, ev->status); in hci_cmd_status_evt()
3655 hci_cs_remote_name_req(hdev, ev->status); in hci_cmd_status_evt()
3659 hci_cs_read_remote_features(hdev, ev->status); in hci_cmd_status_evt()
3663 hci_cs_read_remote_ext_features(hdev, ev->status); in hci_cmd_status_evt()
3667 hci_cs_setup_sync_conn(hdev, ev->status); in hci_cmd_status_evt()
3671 hci_cs_sniff_mode(hdev, ev->status); in hci_cmd_status_evt()
3675 hci_cs_exit_sniff_mode(hdev, ev->status); in hci_cmd_status_evt()
3679 hci_cs_switch_role(hdev, ev->status); in hci_cmd_status_evt()
3683 hci_cs_le_create_conn(hdev, ev->status); in hci_cmd_status_evt()
3687 hci_cs_le_read_remote_features(hdev, ev->status); in hci_cmd_status_evt()
3691 hci_cs_le_start_enc(hdev, ev->status); in hci_cmd_status_evt()
3695 hci_cs_le_ext_create_conn(hdev, ev->status); in hci_cmd_status_evt()
3699 BT_DBG("%s opcode 0x%4.4x", hdev->name, *opcode); in hci_cmd_status_evt()
3704 cancel_delayed_work(&hdev->cmd_timer); in hci_cmd_status_evt()
3706 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) in hci_cmd_status_evt()
3707 atomic_set(&hdev->cmd_cnt, 1); in hci_cmd_status_evt()
3715 if (ev->status || in hci_cmd_status_evt()
3716 (hdev->sent_cmd && !bt_cb(hdev->sent_cmd)->hci.req_event)) in hci_cmd_status_evt()
3717 hci_req_cmd_complete(hdev, *opcode, ev->status, req_complete, in hci_cmd_status_evt()
3726 if (atomic_read(&hdev->cmd_cnt) && !skb_queue_empty(&hdev->cmd_q)) in hci_cmd_status_evt()
3727 queue_work(hdev->workqueue, &hdev->cmd_work); in hci_cmd_status_evt()
3732 struct hci_ev_hardware_error *ev = (void *) skb->data; in hci_hardware_error_evt()
3734 hdev->hw_error_code = ev->code; in hci_hardware_error_evt()
3736 queue_work(hdev->req_workqueue, &hdev->error_reset); in hci_hardware_error_evt()
3741 struct hci_ev_role_change *ev = (void *) skb->data; in hci_role_change_evt()
3744 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); in hci_role_change_evt()
3748 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_role_change_evt()
3750 if (!ev->status) in hci_role_change_evt()
3751 conn->role = ev->role; in hci_role_change_evt()
3753 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags); in hci_role_change_evt()
3755 hci_role_switch_cfm(conn, ev->status, ev->role); in hci_role_change_evt()
3763 struct hci_ev_num_comp_pkts *ev = (void *) skb->data; in hci_num_comp_pkts_evt()
3766 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) { in hci_num_comp_pkts_evt()
3767 bt_dev_err(hdev, "wrong event for mode %d", hdev->flow_ctl_mode); in hci_num_comp_pkts_evt()
3771 if (skb->len < sizeof(*ev) || in hci_num_comp_pkts_evt()
3772 skb->len < struct_size(ev, handles, ev->num_hndl)) { in hci_num_comp_pkts_evt()
3773 BT_DBG("%s bad parameters", hdev->name); in hci_num_comp_pkts_evt()
3777 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl); in hci_num_comp_pkts_evt()
3779 for (i = 0; i < ev->num_hndl; i++) { in hci_num_comp_pkts_evt()
3780 struct hci_comp_pkts_info *info = &ev->handles[i]; in hci_num_comp_pkts_evt()
3784 handle = __le16_to_cpu(info->handle); in hci_num_comp_pkts_evt()
3785 count = __le16_to_cpu(info->count); in hci_num_comp_pkts_evt()
3791 conn->sent -= count; in hci_num_comp_pkts_evt()
3793 switch (conn->type) { in hci_num_comp_pkts_evt()
3795 hdev->acl_cnt += count; in hci_num_comp_pkts_evt()
3796 if (hdev->acl_cnt > hdev->acl_pkts) in hci_num_comp_pkts_evt()
3797 hdev->acl_cnt = hdev->acl_pkts; in hci_num_comp_pkts_evt()
3801 if (hdev->le_pkts) { in hci_num_comp_pkts_evt()
3802 hdev->le_cnt += count; in hci_num_comp_pkts_evt()
3803 if (hdev->le_cnt > hdev->le_pkts) in hci_num_comp_pkts_evt()
3804 hdev->le_cnt = hdev->le_pkts; in hci_num_comp_pkts_evt()
3806 hdev->acl_cnt += count; in hci_num_comp_pkts_evt()
3807 if (hdev->acl_cnt > hdev->acl_pkts) in hci_num_comp_pkts_evt()
3808 hdev->acl_cnt = hdev->acl_pkts; in hci_num_comp_pkts_evt()
3813 hdev->sco_cnt += count; in hci_num_comp_pkts_evt()
3814 if (hdev->sco_cnt > hdev->sco_pkts) in hci_num_comp_pkts_evt()
3815 hdev->sco_cnt = hdev->sco_pkts; in hci_num_comp_pkts_evt()
3820 conn->type, conn); in hci_num_comp_pkts_evt()
3825 queue_work(hdev->workqueue, &hdev->tx_work); in hci_num_comp_pkts_evt()
3833 switch (hdev->dev_type) { in __hci_conn_lookup_handle()
3839 return chan->conn; in __hci_conn_lookup_handle()
3842 bt_dev_err(hdev, "unknown dev_type %d", hdev->dev_type); in __hci_conn_lookup_handle()
3851 struct hci_ev_num_comp_blocks *ev = (void *) skb->data; in hci_num_comp_blocks_evt()
3854 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) { in hci_num_comp_blocks_evt()
3855 bt_dev_err(hdev, "wrong event for mode %d", hdev->flow_ctl_mode); in hci_num_comp_blocks_evt()
3859 if (skb->len < sizeof(*ev) || in hci_num_comp_blocks_evt()
3860 skb->len < struct_size(ev, handles, ev->num_hndl)) { in hci_num_comp_blocks_evt()
3861 BT_DBG("%s bad parameters", hdev->name); in hci_num_comp_blocks_evt()
3865 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks, in hci_num_comp_blocks_evt()
3866 ev->num_hndl); in hci_num_comp_blocks_evt()
3868 for (i = 0; i < ev->num_hndl; i++) { in hci_num_comp_blocks_evt()
3869 struct hci_comp_blocks_info *info = &ev->handles[i]; in hci_num_comp_blocks_evt()
3873 handle = __le16_to_cpu(info->handle); in hci_num_comp_blocks_evt()
3874 block_count = __le16_to_cpu(info->blocks); in hci_num_comp_blocks_evt()
3880 conn->sent -= block_count; in hci_num_comp_blocks_evt()
3882 switch (conn->type) { in hci_num_comp_blocks_evt()
3885 hdev->block_cnt += block_count; in hci_num_comp_blocks_evt()
3886 if (hdev->block_cnt > hdev->num_blocks) in hci_num_comp_blocks_evt()
3887 hdev->block_cnt = hdev->num_blocks; in hci_num_comp_blocks_evt()
3892 conn->type, conn); in hci_num_comp_blocks_evt()
3897 queue_work(hdev->workqueue, &hdev->tx_work); in hci_num_comp_blocks_evt()
3902 struct hci_ev_mode_change *ev = (void *) skb->data; in hci_mode_change_evt()
3905 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); in hci_mode_change_evt()
3909 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_mode_change_evt()
3911 conn->mode = ev->mode; in hci_mode_change_evt()
3914 &conn->flags)) { in hci_mode_change_evt()
3915 if (conn->mode == HCI_CM_ACTIVE) in hci_mode_change_evt()
3916 set_bit(HCI_CONN_POWER_SAVE, &conn->flags); in hci_mode_change_evt()
3918 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags); in hci_mode_change_evt()
3921 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags)) in hci_mode_change_evt()
3922 hci_sco_setup(conn, ev->status); in hci_mode_change_evt()
3930 struct hci_ev_pin_code_req *ev = (void *) skb->data; in hci_pin_code_request_evt()
3933 BT_DBG("%s", hdev->name); in hci_pin_code_request_evt()
3937 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_pin_code_request_evt()
3941 if (conn->state == BT_CONNECTED) { in hci_pin_code_request_evt()
3943 conn->disc_timeout = HCI_PAIRING_TIMEOUT; in hci_pin_code_request_evt()
3948 !test_bit(HCI_CONN_AUTH_INITIATOR, &conn->flags)) { in hci_pin_code_request_evt()
3950 sizeof(ev->bdaddr), &ev->bdaddr); in hci_pin_code_request_evt()
3954 if (conn->pending_sec_level == BT_SECURITY_HIGH) in hci_pin_code_request_evt()
3959 mgmt_pin_code_request(hdev, &ev->bdaddr, secure); in hci_pin_code_request_evt()
3971 conn->pin_length = pin_len; in conn_set_key()
3972 conn->key_type = key_type; in conn_set_key()
3981 conn->pending_sec_level = BT_SECURITY_HIGH; in conn_set_key()
3983 conn->pending_sec_level = BT_SECURITY_MEDIUM; in conn_set_key()
3987 conn->pending_sec_level = BT_SECURITY_MEDIUM; in conn_set_key()
3990 conn->pending_sec_level = BT_SECURITY_HIGH; in conn_set_key()
3993 conn->pending_sec_level = BT_SECURITY_FIPS; in conn_set_key()
4000 struct hci_ev_link_key_req *ev = (void *) skb->data; in hci_link_key_request_evt()
4005 BT_DBG("%s", hdev->name); in hci_link_key_request_evt()
4012 key = hci_find_link_key(hdev, &ev->bdaddr); in hci_link_key_request_evt()
4014 BT_DBG("%s link key not found for %pMR", hdev->name, in hci_link_key_request_evt()
4015 &ev->bdaddr); in hci_link_key_request_evt()
4019 BT_DBG("%s found key type %u for %pMR", hdev->name, key->type, in hci_link_key_request_evt()
4020 &ev->bdaddr); in hci_link_key_request_evt()
4022 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_link_key_request_evt()
4024 clear_bit(HCI_CONN_NEW_LINK_KEY, &conn->flags); in hci_link_key_request_evt()
4026 if ((key->type == HCI_LK_UNAUTH_COMBINATION_P192 || in hci_link_key_request_evt()
4027 key->type == HCI_LK_UNAUTH_COMBINATION_P256) && in hci_link_key_request_evt()
4028 conn->auth_type != 0xff && (conn->auth_type & 0x01)) { in hci_link_key_request_evt()
4029 BT_DBG("%s ignoring unauthenticated key", hdev->name); in hci_link_key_request_evt()
4033 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 && in hci_link_key_request_evt()
4034 (conn->pending_sec_level == BT_SECURITY_HIGH || in hci_link_key_request_evt()
4035 conn->pending_sec_level == BT_SECURITY_FIPS)) { in hci_link_key_request_evt()
4037 hdev->name); in hci_link_key_request_evt()
4041 conn_set_key(conn, key->type, key->pin_len); in hci_link_key_request_evt()
4044 bacpy(&cp.bdaddr, &ev->bdaddr); in hci_link_key_request_evt()
4045 memcpy(cp.link_key, key->val, HCI_LINK_KEY_SIZE); in hci_link_key_request_evt()
4054 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr); in hci_link_key_request_evt()
4060 struct hci_ev_link_key_notify *ev = (void *) skb->data; in hci_link_key_notify_evt()
4066 BT_DBG("%s", hdev->name); in hci_link_key_notify_evt()
4070 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_link_key_notify_evt()
4074 /* Ignore NULL link key against CVE-2020-26555 */ in hci_link_key_notify_evt()
4075 if (!crypto_memneq(ev->link_key, ZERO_KEY, HCI_LINK_KEY_SIZE)) { in hci_link_key_notify_evt()
4077 &ev->bdaddr); in hci_link_key_notify_evt()
4084 conn->disc_timeout = HCI_DISCONN_TIMEOUT; in hci_link_key_notify_evt()
4087 set_bit(HCI_CONN_NEW_LINK_KEY, &conn->flags); in hci_link_key_notify_evt()
4088 conn_set_key(conn, ev->key_type, conn->pin_length); in hci_link_key_notify_evt()
4093 key = hci_add_link_key(hdev, conn, &ev->bdaddr, ev->link_key, in hci_link_key_notify_evt()
4094 ev->key_type, pin_len, &persistent); in hci_link_key_notify_evt()
4101 if (ev->key_type == HCI_LK_CHANGED_COMBINATION) in hci_link_key_notify_evt()
4102 conn_set_key(conn, key->type, key->pin_len); in hci_link_key_notify_evt()
4111 if (key->type == HCI_LK_DEBUG_COMBINATION && in hci_link_key_notify_evt()
4113 list_del_rcu(&key->list); in hci_link_key_notify_evt()
4119 clear_bit(HCI_CONN_FLUSH_KEY, &conn->flags); in hci_link_key_notify_evt()
4121 set_bit(HCI_CONN_FLUSH_KEY, &conn->flags); in hci_link_key_notify_evt()
4129 struct hci_ev_clock_offset *ev = (void *) skb->data; in hci_clock_offset_evt()
4132 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); in hci_clock_offset_evt()
4136 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_clock_offset_evt()
4137 if (conn && !ev->status) { in hci_clock_offset_evt()
4140 ie = hci_inquiry_cache_lookup(hdev, &conn->dst); in hci_clock_offset_evt()
4142 ie->data.clock_offset = ev->clock_offset; in hci_clock_offset_evt()
4143 ie->timestamp = jiffies; in hci_clock_offset_evt()
4152 struct hci_ev_pkt_type_change *ev = (void *) skb->data; in hci_pkt_type_change_evt()
4155 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); in hci_pkt_type_change_evt()
4159 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_pkt_type_change_evt()
4160 if (conn && !ev->status) in hci_pkt_type_change_evt()
4161 conn->pkt_type = __le16_to_cpu(ev->pkt_type); in hci_pkt_type_change_evt()
4168 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data; in hci_pscan_rep_mode_evt()
4171 BT_DBG("%s", hdev->name); in hci_pscan_rep_mode_evt()
4175 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr); in hci_pscan_rep_mode_evt()
4177 ie->data.pscan_rep_mode = ev->pscan_rep_mode; in hci_pscan_rep_mode_evt()
4178 ie->timestamp = jiffies; in hci_pscan_rep_mode_evt()
4188 int num_rsp = *((__u8 *) skb->data); in hci_inquiry_result_with_rssi_evt()
4190 BT_DBG("%s num_rsp %d", hdev->name, num_rsp); in hci_inquiry_result_with_rssi_evt()
4200 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) { in hci_inquiry_result_with_rssi_evt()
4202 info = (void *) (skb->data + 1); in hci_inquiry_result_with_rssi_evt()
4204 if (skb->len < num_rsp * sizeof(*info) + 1) in hci_inquiry_result_with_rssi_evt()
4207 for (; num_rsp; num_rsp--, info++) { in hci_inquiry_result_with_rssi_evt()
4210 bacpy(&data.bdaddr, &info->bdaddr); in hci_inquiry_result_with_rssi_evt()
4211 data.pscan_rep_mode = info->pscan_rep_mode; in hci_inquiry_result_with_rssi_evt()
4212 data.pscan_period_mode = info->pscan_period_mode; in hci_inquiry_result_with_rssi_evt()
4213 data.pscan_mode = info->pscan_mode; in hci_inquiry_result_with_rssi_evt()
4214 memcpy(data.dev_class, info->dev_class, 3); in hci_inquiry_result_with_rssi_evt()
4215 data.clock_offset = info->clock_offset; in hci_inquiry_result_with_rssi_evt()
4216 data.rssi = info->rssi; in hci_inquiry_result_with_rssi_evt()
4221 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00, in hci_inquiry_result_with_rssi_evt()
4222 info->dev_class, info->rssi, in hci_inquiry_result_with_rssi_evt()
4226 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1); in hci_inquiry_result_with_rssi_evt()
4228 if (skb->len < num_rsp * sizeof(*info) + 1) in hci_inquiry_result_with_rssi_evt()
4231 for (; num_rsp; num_rsp--, info++) { in hci_inquiry_result_with_rssi_evt()
4234 bacpy(&data.bdaddr, &info->bdaddr); in hci_inquiry_result_with_rssi_evt()
4235 data.pscan_rep_mode = info->pscan_rep_mode; in hci_inquiry_result_with_rssi_evt()
4236 data.pscan_period_mode = info->pscan_period_mode; in hci_inquiry_result_with_rssi_evt()
4238 memcpy(data.dev_class, info->dev_class, 3); in hci_inquiry_result_with_rssi_evt()
4239 data.clock_offset = info->clock_offset; in hci_inquiry_result_with_rssi_evt()
4240 data.rssi = info->rssi; in hci_inquiry_result_with_rssi_evt()
4245 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00, in hci_inquiry_result_with_rssi_evt()
4246 info->dev_class, info->rssi, in hci_inquiry_result_with_rssi_evt()
4258 struct hci_ev_remote_ext_features *ev = (void *) skb->data; in hci_remote_ext_features_evt()
4261 BT_DBG("%s", hdev->name); in hci_remote_ext_features_evt()
4265 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_remote_ext_features_evt()
4269 if (ev->page < HCI_MAX_PAGES) in hci_remote_ext_features_evt()
4270 memcpy(conn->features[ev->page], ev->features, 8); in hci_remote_ext_features_evt()
4272 if (!ev->status && ev->page == 0x01) { in hci_remote_ext_features_evt()
4275 ie = hci_inquiry_cache_lookup(hdev, &conn->dst); in hci_remote_ext_features_evt()
4277 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP); in hci_remote_ext_features_evt()
4279 if (ev->features[0] & LMP_HOST_SSP) { in hci_remote_ext_features_evt()
4280 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags); in hci_remote_ext_features_evt()
4290 clear_bit(HCI_CONN_SSP_ENABLED, &conn->flags); in hci_remote_ext_features_evt()
4293 if (ev->features[0] & LMP_HOST_SC) in hci_remote_ext_features_evt()
4294 set_bit(HCI_CONN_SC_ENABLED, &conn->flags); in hci_remote_ext_features_evt()
4297 if (conn->state != BT_CONFIG) in hci_remote_ext_features_evt()
4300 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) { in hci_remote_ext_features_evt()
4303 bacpy(&cp.bdaddr, &conn->dst); in hci_remote_ext_features_evt()
4306 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) in hci_remote_ext_features_evt()
4310 conn->state = BT_CONNECTED; in hci_remote_ext_features_evt()
4311 hci_connect_cfm(conn, ev->status); in hci_remote_ext_features_evt()
4322 struct hci_ev_sync_conn_complete *ev = (void *) skb->data; in hci_sync_conn_complete_evt()
4325 switch (ev->link_type) { in hci_sync_conn_complete_evt()
4338 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); in hci_sync_conn_complete_evt()
4342 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr); in hci_sync_conn_complete_evt()
4344 if (ev->link_type == ESCO_LINK) in hci_sync_conn_complete_evt()
4356 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr); in hci_sync_conn_complete_evt()
4361 switch (ev->status) { in hci_sync_conn_complete_evt()
4373 if (conn->state == BT_CONNECTED) { in hci_sync_conn_complete_evt()
4378 conn->handle = __le16_to_cpu(ev->handle); in hci_sync_conn_complete_evt()
4379 conn->state = BT_CONNECTED; in hci_sync_conn_complete_evt()
4380 conn->type = ev->link_type; in hci_sync_conn_complete_evt()
4394 if (conn->out) { in hci_sync_conn_complete_evt()
4395 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) | in hci_sync_conn_complete_evt()
4396 (hdev->esco_type & EDR_ESCO_MASK); in hci_sync_conn_complete_evt()
4397 if (hci_setup_sync(conn, conn->link->handle)) in hci_sync_conn_complete_evt()
4403 conn->state = BT_CLOSED; in hci_sync_conn_complete_evt()
4407 bt_dev_dbg(hdev, "SCO connected with air mode: %02x", ev->air_mode); in hci_sync_conn_complete_evt()
4409 switch (ev->air_mode) { in hci_sync_conn_complete_evt()
4411 if (hdev->notify) in hci_sync_conn_complete_evt()
4412 hdev->notify(hdev, HCI_NOTIFY_ENABLE_SCO_CVSD); in hci_sync_conn_complete_evt()
4415 if (hdev->notify) in hci_sync_conn_complete_evt()
4416 hdev->notify(hdev, HCI_NOTIFY_ENABLE_SCO_TRANSP); in hci_sync_conn_complete_evt()
4420 hci_connect_cfm(conn, ev->status); in hci_sync_conn_complete_evt()
4421 if (ev->status) in hci_sync_conn_complete_evt()
4449 struct extended_inquiry_info *info = (void *) (skb->data + 1); in hci_extended_inquiry_result_evt()
4450 int num_rsp = *((__u8 *) skb->data); in hci_extended_inquiry_result_evt()
4453 BT_DBG("%s num_rsp %d", hdev->name, num_rsp); in hci_extended_inquiry_result_evt()
4455 if (!num_rsp || skb->len < num_rsp * sizeof(*info) + 1) in hci_extended_inquiry_result_evt()
4463 for (; num_rsp; num_rsp--, info++) { in hci_extended_inquiry_result_evt()
4467 bacpy(&data.bdaddr, &info->bdaddr); in hci_extended_inquiry_result_evt()
4468 data.pscan_rep_mode = info->pscan_rep_mode; in hci_extended_inquiry_result_evt()
4469 data.pscan_period_mode = info->pscan_period_mode; in hci_extended_inquiry_result_evt()
4471 memcpy(data.dev_class, info->dev_class, 3); in hci_extended_inquiry_result_evt()
4472 data.clock_offset = info->clock_offset; in hci_extended_inquiry_result_evt()
4473 data.rssi = info->rssi; in hci_extended_inquiry_result_evt()
4477 name_known = eir_get_data(info->data, in hci_extended_inquiry_result_evt()
4478 sizeof(info->data), in hci_extended_inquiry_result_evt()
4485 eir_len = eir_get_length(info->data, sizeof(info->data)); in hci_extended_inquiry_result_evt()
4487 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00, in hci_extended_inquiry_result_evt()
4488 info->dev_class, info->rssi, in hci_extended_inquiry_result_evt()
4489 flags, info->data, eir_len, NULL, 0); in hci_extended_inquiry_result_evt()
4498 struct hci_ev_key_refresh_complete *ev = (void *) skb->data; in hci_key_refresh_complete_evt()
4501 BT_DBG("%s status 0x%2.2x handle 0x%4.4x", hdev->name, ev->status, in hci_key_refresh_complete_evt()
4502 __le16_to_cpu(ev->handle)); in hci_key_refresh_complete_evt()
4506 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_key_refresh_complete_evt()
4513 if (conn->type != LE_LINK) in hci_key_refresh_complete_evt()
4516 if (!ev->status) in hci_key_refresh_complete_evt()
4517 conn->sec_level = conn->pending_sec_level; in hci_key_refresh_complete_evt()
4519 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags); in hci_key_refresh_complete_evt()
4521 if (ev->status && conn->state == BT_CONNECTED) { in hci_key_refresh_complete_evt()
4527 if (conn->state == BT_CONFIG) { in hci_key_refresh_complete_evt()
4528 if (!ev->status) in hci_key_refresh_complete_evt()
4529 conn->state = BT_CONNECTED; in hci_key_refresh_complete_evt()
4531 hci_connect_cfm(conn, ev->status); in hci_key_refresh_complete_evt()
4534 hci_auth_cfm(conn, ev->status); in hci_key_refresh_complete_evt()
4537 conn->disc_timeout = HCI_DISCONN_TIMEOUT; in hci_key_refresh_complete_evt()
4547 /* If remote requests no-bonding follow that lead */ in hci_get_auth_req()
4548 if (conn->remote_auth == HCI_AT_NO_BONDING || in hci_get_auth_req()
4549 conn->remote_auth == HCI_AT_NO_BONDING_MITM) in hci_get_auth_req()
4550 return conn->remote_auth | (conn->auth_type & 0x01); in hci_get_auth_req()
4555 if (conn->remote_cap != HCI_IO_NO_INPUT_OUTPUT && in hci_get_auth_req()
4556 conn->io_capability != HCI_IO_NO_INPUT_OUTPUT) in hci_get_auth_req()
4557 return conn->remote_auth | 0x01; in hci_get_auth_req()
4560 return (conn->remote_auth & ~0x01) | (conn->auth_type & 0x01); in hci_get_auth_req()
4565 struct hci_dev *hdev = conn->hdev; in bredr_oob_data_present()
4568 data = hci_find_remote_oob_data(hdev, &conn->dst, BDADDR_BREDR); in bredr_oob_data_present()
4580 return data->present; in bredr_oob_data_present()
4583 * the P-256 values are required. If they are not in bredr_oob_data_present()
4587 if (!crypto_memneq(data->rand256, ZERO_KEY, 16) || in bredr_oob_data_present()
4588 !crypto_memneq(data->hash256, ZERO_KEY, 16)) in bredr_oob_data_present()
4596 * P-192 data values are present. in bredr_oob_data_present()
4598 if (!crypto_memneq(data->rand192, ZERO_KEY, 16) || in bredr_oob_data_present()
4599 !crypto_memneq(data->hash192, ZERO_KEY, 16)) in bredr_oob_data_present()
4607 struct hci_ev_io_capa_request *ev = (void *) skb->data; in hci_io_capa_request_evt()
4610 BT_DBG("%s", hdev->name); in hci_io_capa_request_evt()
4614 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_io_capa_request_evt()
4619 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags); in hci_io_capa_request_evt()
4630 test_bit(HCI_CONN_AUTH_INITIATOR, &conn->flags) || in hci_io_capa_request_evt()
4631 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) { in hci_io_capa_request_evt()
4634 bacpy(&cp.bdaddr, &ev->bdaddr); in hci_io_capa_request_evt()
4637 cp.capability = (conn->io_capability == 0x04) ? in hci_io_capa_request_evt()
4638 HCI_IO_DISPLAY_YESNO : conn->io_capability; in hci_io_capa_request_evt()
4641 if (conn->remote_auth == 0xff) { in hci_io_capa_request_evt()
4643 * except for the no-bonding case. in hci_io_capa_request_evt()
4645 if (conn->io_capability != HCI_IO_NO_INPUT_OUTPUT && in hci_io_capa_request_evt()
4646 conn->auth_type != HCI_AT_NO_BONDING) in hci_io_capa_request_evt()
4647 conn->auth_type |= 0x01; in hci_io_capa_request_evt()
4649 conn->auth_type = hci_get_auth_req(conn); in hci_io_capa_request_evt()
4652 /* If we're not bondable, force one of the non-bondable in hci_io_capa_request_evt()
4656 conn->auth_type &= HCI_AT_NO_BONDING_MITM; in hci_io_capa_request_evt()
4658 cp.authentication = conn->auth_type; in hci_io_capa_request_evt()
4666 bacpy(&cp.bdaddr, &ev->bdaddr); in hci_io_capa_request_evt()
4679 struct hci_ev_io_capa_reply *ev = (void *) skb->data; in hci_io_capa_reply_evt()
4682 BT_DBG("%s", hdev->name); in hci_io_capa_reply_evt()
4686 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_io_capa_reply_evt()
4690 conn->remote_cap = ev->capability; in hci_io_capa_reply_evt()
4691 conn->remote_auth = ev->authentication; in hci_io_capa_reply_evt()
4700 struct hci_ev_user_confirm_req *ev = (void *) skb->data; in hci_user_confirm_request_evt()
4704 BT_DBG("%s", hdev->name); in hci_user_confirm_request_evt()
4711 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_user_confirm_request_evt()
4715 loc_mitm = (conn->auth_type & 0x01); in hci_user_confirm_request_evt()
4716 rem_mitm = (conn->remote_auth & 0x01); in hci_user_confirm_request_evt()
4721 * necessarily match conn->auth_type. in hci_user_confirm_request_evt()
4723 if (conn->pending_sec_level > BT_SECURITY_MEDIUM && in hci_user_confirm_request_evt()
4724 conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT) { in hci_user_confirm_request_evt()
4727 sizeof(ev->bdaddr), &ev->bdaddr); in hci_user_confirm_request_evt()
4732 if ((!loc_mitm || conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT) && in hci_user_confirm_request_evt()
4733 (!rem_mitm || conn->io_capability == HCI_IO_NO_INPUT_OUTPUT)) { in hci_user_confirm_request_evt()
4739 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && in hci_user_confirm_request_evt()
4740 conn->io_capability != HCI_IO_NO_INPUT_OUTPUT) { in hci_user_confirm_request_evt()
4741 BT_DBG("Confirming auto-accept as acceptor"); in hci_user_confirm_request_evt()
4750 if (hci_find_link_key(hdev, &ev->bdaddr)) { in hci_user_confirm_request_evt()
4756 BT_DBG("Auto-accept of user confirmation with %ums delay", in hci_user_confirm_request_evt()
4757 hdev->auto_accept_delay); in hci_user_confirm_request_evt()
4759 if (hdev->auto_accept_delay > 0) { in hci_user_confirm_request_evt()
4760 int delay = msecs_to_jiffies(hdev->auto_accept_delay); in hci_user_confirm_request_evt() local
4761 queue_delayed_work(conn->hdev->workqueue, in hci_user_confirm_request_evt()
4762 &conn->auto_accept_work, delay); in hci_user_confirm_request_evt()
4767 sizeof(ev->bdaddr), &ev->bdaddr); in hci_user_confirm_request_evt()
4772 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, in hci_user_confirm_request_evt()
4773 le32_to_cpu(ev->passkey), confirm_hint); in hci_user_confirm_request_evt()
4782 struct hci_ev_user_passkey_req *ev = (void *) skb->data; in hci_user_passkey_request_evt()
4784 BT_DBG("%s", hdev->name); in hci_user_passkey_request_evt()
4787 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0); in hci_user_passkey_request_evt()
4793 struct hci_ev_user_passkey_notify *ev = (void *) skb->data; in hci_user_passkey_notify_evt()
4796 BT_DBG("%s", hdev->name); in hci_user_passkey_notify_evt()
4798 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_user_passkey_notify_evt()
4802 conn->passkey_notify = __le32_to_cpu(ev->passkey); in hci_user_passkey_notify_evt()
4803 conn->passkey_entered = 0; in hci_user_passkey_notify_evt()
4806 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type, in hci_user_passkey_notify_evt()
4807 conn->dst_type, conn->passkey_notify, in hci_user_passkey_notify_evt()
4808 conn->passkey_entered); in hci_user_passkey_notify_evt()
4813 struct hci_ev_keypress_notify *ev = (void *) skb->data; in hci_keypress_notify_evt()
4816 BT_DBG("%s", hdev->name); in hci_keypress_notify_evt()
4818 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_keypress_notify_evt()
4822 switch (ev->type) { in hci_keypress_notify_evt()
4824 conn->passkey_entered = 0; in hci_keypress_notify_evt()
4828 conn->passkey_entered++; in hci_keypress_notify_evt()
4832 conn->passkey_entered--; in hci_keypress_notify_evt()
4836 conn->passkey_entered = 0; in hci_keypress_notify_evt()
4844 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type, in hci_keypress_notify_evt()
4845 conn->dst_type, conn->passkey_notify, in hci_keypress_notify_evt()
4846 conn->passkey_entered); in hci_keypress_notify_evt()
4852 struct hci_ev_simple_pair_complete *ev = (void *) skb->data; in hci_simple_pair_complete_evt()
4855 BT_DBG("%s", hdev->name); in hci_simple_pair_complete_evt()
4859 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_simple_pair_complete_evt()
4864 conn->remote_auth = 0xff; in hci_simple_pair_complete_evt()
4871 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status) in hci_simple_pair_complete_evt()
4872 mgmt_auth_failed(conn, ev->status); in hci_simple_pair_complete_evt()
4883 struct hci_ev_remote_host_features *ev = (void *) skb->data; in hci_remote_host_features_evt()
4887 BT_DBG("%s", hdev->name); in hci_remote_host_features_evt()
4891 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); in hci_remote_host_features_evt()
4893 memcpy(conn->features[1], ev->features, 8); in hci_remote_host_features_evt()
4895 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr); in hci_remote_host_features_evt()
4897 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP); in hci_remote_host_features_evt()
4905 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data; in hci_remote_oob_data_request_evt()
4908 BT_DBG("%s", hdev->name); in hci_remote_oob_data_request_evt()
4915 data = hci_find_remote_oob_data(hdev, &ev->bdaddr, BDADDR_BREDR); in hci_remote_oob_data_request_evt()
4919 bacpy(&cp.bdaddr, &ev->bdaddr); in hci_remote_oob_data_request_evt()
4928 bacpy(&cp.bdaddr, &ev->bdaddr); in hci_remote_oob_data_request_evt()
4933 memcpy(cp.hash192, data->hash192, sizeof(cp.hash192)); in hci_remote_oob_data_request_evt()
4934 memcpy(cp.rand192, data->rand192, sizeof(cp.rand192)); in hci_remote_oob_data_request_evt()
4936 memcpy(cp.hash256, data->hash256, sizeof(cp.hash256)); in hci_remote_oob_data_request_evt()
4937 memcpy(cp.rand256, data->rand256, sizeof(cp.rand256)); in hci_remote_oob_data_request_evt()
4944 bacpy(&cp.bdaddr, &ev->bdaddr); in hci_remote_oob_data_request_evt()
4945 memcpy(cp.hash, data->hash192, sizeof(cp.hash)); in hci_remote_oob_data_request_evt()
4946 memcpy(cp.rand, data->rand192, sizeof(cp.rand)); in hci_remote_oob_data_request_evt()
4959 struct hci_ev_channel_selected *ev = (void *)skb->data; in hci_chan_selected_evt()
4962 BT_DBG("%s handle 0x%2.2x", hdev->name, ev->phy_handle); in hci_chan_selected_evt()
4966 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle); in hci_chan_selected_evt()
4976 struct hci_ev_phy_link_complete *ev = (void *) skb->data; in hci_phy_link_complete_evt()
4979 BT_DBG("%s handle 0x%2.2x status 0x%2.2x", hdev->name, ev->phy_handle, in hci_phy_link_complete_evt()
4980 ev->status); in hci_phy_link_complete_evt()
4984 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle); in hci_phy_link_complete_evt()
4990 if (!hcon->amp_mgr) { in hci_phy_link_complete_evt()
4995 if (ev->status) { in hci_phy_link_complete_evt()
5001 bredr_hcon = hcon->amp_mgr->l2cap_conn->hcon; in hci_phy_link_complete_evt()
5003 hcon->state = BT_CONNECTED; in hci_phy_link_complete_evt()
5004 bacpy(&hcon->dst, &bredr_hcon->dst); in hci_phy_link_complete_evt()
5007 hcon->disc_timeout = HCI_DISCONN_TIMEOUT; in hci_phy_link_complete_evt()
5020 struct hci_ev_logical_link_complete *ev = (void *) skb->data; in hci_loglink_complete_evt()
5026 hdev->name, le16_to_cpu(ev->handle), ev->phy_handle, in hci_loglink_complete_evt()
5027 ev->status); in hci_loglink_complete_evt()
5029 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle); in hci_loglink_complete_evt()
5038 hchan->handle = le16_to_cpu(ev->handle); in hci_loglink_complete_evt()
5039 hchan->amp = true; in hci_loglink_complete_evt()
5041 BT_DBG("hcon %p mgr %p hchan %p", hcon, hcon->amp_mgr, hchan); in hci_loglink_complete_evt()
5043 mgr = hcon->amp_mgr; in hci_loglink_complete_evt()
5044 if (mgr && mgr->bredr_chan) { in hci_loglink_complete_evt()
5045 struct l2cap_chan *bredr_chan = mgr->bredr_chan; in hci_loglink_complete_evt()
5049 bredr_chan->conn->mtu = hdev->block_mtu; in hci_loglink_complete_evt()
5060 struct hci_ev_disconn_logical_link_complete *ev = (void *) skb->data; in hci_disconn_loglink_complete_evt()
5063 BT_DBG("%s log handle 0x%4.4x status 0x%2.2x", hdev->name, in hci_disconn_loglink_complete_evt()
5064 le16_to_cpu(ev->handle), ev->status); in hci_disconn_loglink_complete_evt()
5066 if (ev->status) in hci_disconn_loglink_complete_evt()
5071 hchan = hci_chan_lookup_handle(hdev, le16_to_cpu(ev->handle)); in hci_disconn_loglink_complete_evt()
5072 if (!hchan || !hchan->amp) in hci_disconn_loglink_complete_evt()
5075 amp_destroy_logical_link(hchan, ev->reason); in hci_disconn_loglink_complete_evt()
5084 struct hci_ev_disconn_phy_link_complete *ev = (void *) skb->data; in hci_disconn_phylink_complete_evt()
5087 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); in hci_disconn_phylink_complete_evt()
5089 if (ev->status) in hci_disconn_phylink_complete_evt()
5094 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle); in hci_disconn_phylink_complete_evt()
5095 if (hcon && hcon->type == AMP_LINK) { in hci_disconn_phylink_complete_evt()
5096 hcon->state = BT_CLOSED; in hci_disconn_phylink_complete_evt()
5097 hci_disconn_cfm(hcon, ev->reason); in hci_disconn_phylink_complete_evt()
5108 if (conn->out) { in le_conn_update_addr()
5109 conn->dst_type = bdaddr_type; in le_conn_update_addr()
5110 conn->resp_addr_type = bdaddr_type; in le_conn_update_addr()
5111 bacpy(&conn->resp_addr, bdaddr); in le_conn_update_addr()
5114 * used instead or hdev->rpa. in le_conn_update_addr()
5117 conn->init_addr_type = ADDR_LE_DEV_RANDOM; in le_conn_update_addr()
5118 bacpy(&conn->init_addr, local_rpa); in le_conn_update_addr()
5119 } else if (hci_dev_test_flag(conn->hdev, HCI_PRIVACY)) { in le_conn_update_addr()
5120 conn->init_addr_type = ADDR_LE_DEV_RANDOM; in le_conn_update_addr()
5121 bacpy(&conn->init_addr, &conn->hdev->rpa); in le_conn_update_addr()
5123 hci_copy_identity_address(conn->hdev, &conn->init_addr, in le_conn_update_addr()
5124 &conn->init_addr_type); in le_conn_update_addr()
5127 conn->resp_addr_type = conn->hdev->adv_addr_type; in le_conn_update_addr()
5129 * used instead or hdev->rpa. in le_conn_update_addr()
5132 conn->resp_addr_type = ADDR_LE_DEV_RANDOM; in le_conn_update_addr()
5133 bacpy(&conn->resp_addr, local_rpa); in le_conn_update_addr()
5134 } else if (conn->hdev->adv_addr_type == ADDR_LE_DEV_RANDOM) { in le_conn_update_addr()
5135 /* In case of ext adv, resp_addr will be updated in in le_conn_update_addr()
5136 * Adv Terminated event. in le_conn_update_addr()
5138 if (!ext_adv_capable(conn->hdev)) in le_conn_update_addr()
5139 bacpy(&conn->resp_addr, in le_conn_update_addr()
5140 &conn->hdev->random_addr); in le_conn_update_addr()
5142 bacpy(&conn->resp_addr, &conn->hdev->bdaddr); in le_conn_update_addr()
5145 conn->init_addr_type = bdaddr_type; in le_conn_update_addr()
5146 bacpy(&conn->init_addr, bdaddr); in le_conn_update_addr()
5153 conn->le_conn_min_interval = conn->hdev->le_conn_min_interval; in le_conn_update_addr()
5154 conn->le_conn_max_interval = conn->hdev->le_conn_max_interval; in le_conn_update_addr()
5184 conn->dst_type = bdaddr_type; in le_conn_complete_evt()
5194 if (conn->out) { in le_conn_complete_evt()
5195 conn->resp_addr_type = bdaddr_type; in le_conn_complete_evt()
5196 bacpy(&conn->resp_addr, bdaddr); in le_conn_complete_evt()
5198 conn->init_addr_type = ADDR_LE_DEV_RANDOM; in le_conn_complete_evt()
5199 bacpy(&conn->init_addr, &hdev->rpa); in le_conn_complete_evt()
5202 &conn->init_addr, in le_conn_complete_evt()
5203 &conn->init_addr_type); in le_conn_complete_evt()
5207 cancel_delayed_work(&conn->le_conn_timeout); in le_conn_complete_evt()
5221 irk = hci_get_irk(hdev, &conn->dst, conn->dst_type); in le_conn_complete_evt()
5223 bacpy(&conn->dst, &irk->bdaddr); in le_conn_complete_evt()
5224 conn->dst_type = irk->addr_type; in le_conn_complete_evt()
5232 if (conn->dst_type == ADDR_LE_DEV_PUBLIC) in le_conn_complete_evt()
5238 if (hci_bdaddr_list_lookup(&hdev->reject_list, &conn->dst, addr_type)) { in le_conn_complete_evt()
5243 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) in le_conn_complete_evt()
5246 conn->sec_level = BT_SECURITY_LOW; in le_conn_complete_evt()
5247 conn->handle = handle; in le_conn_complete_evt()
5248 conn->state = BT_CONFIG; in le_conn_complete_evt()
5250 conn->le_conn_interval = interval; in le_conn_complete_evt()
5251 conn->le_conn_latency = latency; in le_conn_complete_evt()
5252 conn->le_supv_timeout = supervision_timeout; in le_conn_complete_evt()
5261 * If the local controller supports slave-initiated features in le_conn_complete_evt()
5266 if (conn->out || in le_conn_complete_evt()
5267 (hdev->le_features[0] & HCI_LE_SLAVE_FEATURES)) { in le_conn_complete_evt()
5270 cp.handle = __cpu_to_le16(conn->handle); in le_conn_complete_evt()
5277 conn->state = BT_CONNECTED; in le_conn_complete_evt()
5281 params = hci_pend_le_action_lookup(&hdev->pend_le_conns, &conn->dst, in le_conn_complete_evt()
5282 conn->dst_type); in le_conn_complete_evt()
5284 list_del_init(¶ms->action); in le_conn_complete_evt()
5285 if (params->conn) { in le_conn_complete_evt()
5286 hci_conn_drop(params->conn); in le_conn_complete_evt()
5287 hci_conn_put(params->conn); in le_conn_complete_evt()
5288 params->conn = NULL; in le_conn_complete_evt()
5299 struct hci_ev_le_conn_complete *ev = (void *) skb->data; in hci_le_conn_complete_evt()
5301 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); in hci_le_conn_complete_evt()
5303 le_conn_complete_evt(hdev, ev->status, &ev->bdaddr, ev->bdaddr_type, in hci_le_conn_complete_evt()
5304 NULL, ev->role, le16_to_cpu(ev->handle), in hci_le_conn_complete_evt()
5305 le16_to_cpu(ev->interval), in hci_le_conn_complete_evt()
5306 le16_to_cpu(ev->latency), in hci_le_conn_complete_evt()
5307 le16_to_cpu(ev->supervision_timeout)); in hci_le_conn_complete_evt()
5313 struct hci_ev_le_enh_conn_complete *ev = (void *) skb->data; in hci_le_enh_conn_complete_evt()
5315 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); in hci_le_enh_conn_complete_evt()
5317 le_conn_complete_evt(hdev, ev->status, &ev->bdaddr, ev->bdaddr_type, in hci_le_enh_conn_complete_evt()
5318 &ev->local_rpa, ev->role, le16_to_cpu(ev->handle), in hci_le_enh_conn_complete_evt()
5319 le16_to_cpu(ev->interval), in hci_le_enh_conn_complete_evt()
5320 le16_to_cpu(ev->latency), in hci_le_enh_conn_complete_evt()
5321 le16_to_cpu(ev->supervision_timeout)); in hci_le_enh_conn_complete_evt()
5331 struct hci_evt_le_ext_adv_set_term *ev = (void *) skb->data; in hci_le_ext_adv_term_evt()
5334 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); in hci_le_ext_adv_term_evt()
5336 if (ev->status) { in hci_le_ext_adv_term_evt()
5337 struct adv_info *adv; in hci_le_ext_adv_term_evt() local
5339 adv = hci_find_adv_instance(hdev, ev->handle); in hci_le_ext_adv_term_evt()
5340 if (!adv) in hci_le_ext_adv_term_evt()
5344 hci_remove_adv_instance(hdev, ev->handle); in hci_le_ext_adv_term_evt()
5345 mgmt_advertising_removed(NULL, hdev, ev->handle); in hci_le_ext_adv_term_evt()
5350 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->conn_handle)); in hci_le_ext_adv_term_evt()
5354 if (hdev->adv_addr_type != ADDR_LE_DEV_RANDOM || in hci_le_ext_adv_term_evt()
5355 bacmp(&conn->resp_addr, BDADDR_ANY)) in hci_le_ext_adv_term_evt()
5358 if (!hdev->cur_adv_instance) { in hci_le_ext_adv_term_evt()
5359 bacpy(&conn->resp_addr, &hdev->random_addr); in hci_le_ext_adv_term_evt()
5363 adv_instance = hci_find_adv_instance(hdev, hdev->cur_adv_instance); in hci_le_ext_adv_term_evt()
5365 bacpy(&conn->resp_addr, &adv_instance->random_addr); in hci_le_ext_adv_term_evt()
5372 struct hci_ev_le_conn_update_complete *ev = (void *) skb->data; in hci_le_conn_update_complete_evt()
5375 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); in hci_le_conn_update_complete_evt()
5377 if (ev->status) in hci_le_conn_update_complete_evt()
5382 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_le_conn_update_complete_evt()
5384 conn->le_conn_interval = le16_to_cpu(ev->interval); in hci_le_conn_update_complete_evt()
5385 conn->le_conn_latency = le16_to_cpu(ev->latency); in hci_le_conn_update_complete_evt()
5386 conn->le_supv_timeout = le16_to_cpu(ev->supervision_timeout); in hci_le_conn_update_complete_evt()
5392 /* This function requires the caller holds hdev->lock */
5406 if (hci_bdaddr_list_lookup(&hdev->reject_list, addr, addr_type)) in check_pending_le_conn()
5412 if (hdev->conn_hash.le_num_slave > 0 && in check_pending_le_conn()
5413 (!test_bit(HCI_QUIRK_VALID_LE_STATES, &hdev->quirks) || in check_pending_le_conn()
5414 !(hdev->le_states[3] & 0x10))) in check_pending_le_conn()
5420 params = hci_pend_le_action_lookup(&hdev->pend_le_conns, addr, in check_pending_le_conn()
5425 if (!params->explicit_connect) { in check_pending_le_conn()
5426 switch (params->auto_connect) { in check_pending_le_conn()
5449 hdev->def_le_autoconnect_timeout, HCI_ROLE_MASTER, in check_pending_le_conn()
5461 if (!params->explicit_connect) in check_pending_le_conn()
5462 params->conn = hci_conn_get(conn); in check_pending_le_conn()
5468 case -EBUSY: in check_pending_le_conn()
5469 /* If hci_connect() returns -EBUSY it means there is already in check_pending_le_conn()
5488 struct discovery_state *d = &hdev->discovery; in process_adv_report()
5509 bt_dev_err_ratelimited(hdev, "legacy adv larger than 31 bytes"); in process_adv_report()
5516 * When data is NULL, len is 0 so there is no need for extra ptr in process_adv_report()
5527 len = ptr - data; in process_adv_report()
5551 if (!smp_irk_matches(hdev, hdev->irk, direct_addr)) in process_adv_report()
5558 bdaddr = &irk->bdaddr; in process_adv_report()
5559 bdaddr_type = irk->addr_type; in process_adv_report()
5573 memcpy(conn->le_adv_data, data, len); in process_adv_report()
5574 conn->le_adv_data_len = len; in process_adv_report()
5581 if (hdev->le_scan_type == LE_SCAN_PASSIVE) { in process_adv_report()
5585 if (!hci_pend_le_action_lookup(&hdev->pend_le_reports, in process_adv_report()
5587 idr_is_empty(&hdev->adv_monitors_idr)) in process_adv_report()
5599 /* When receiving non-connectable or scannable undirected in process_adv_report()
5640 match = (!bacmp(bdaddr, &d->last_adv_addr) && in process_adv_report()
5641 bdaddr_type == d->last_adv_addr_type); in process_adv_report()
5650 mgmt_device_found(hdev, &d->last_adv_addr, LE_LINK, in process_adv_report()
5651 d->last_adv_addr_type, NULL, in process_adv_report()
5652 d->last_adv_rssi, d->last_adv_flags, in process_adv_report()
5653 d->last_adv_data, in process_adv_report()
5654 d->last_adv_data_len, NULL, 0); in process_adv_report()
5679 mgmt_device_found(hdev, &d->last_adv_addr, LE_LINK, in process_adv_report()
5680 d->last_adv_addr_type, NULL, rssi, d->last_adv_flags, in process_adv_report()
5681 d->last_adv_data, d->last_adv_data_len, data, len); in process_adv_report()
5687 u8 num_reports = skb->data[0]; in hci_le_adv_report_evt()
5688 void *ptr = &skb->data[1]; in hci_le_adv_report_evt()
5692 while (num_reports--) { in hci_le_adv_report_evt()
5696 if (ptr > (void *)skb_tail_pointer(skb) - sizeof(*ev)) { in hci_le_adv_report_evt()
5701 if (ev->length <= HCI_MAX_AD_LENGTH && in hci_le_adv_report_evt()
5702 ev->data + ev->length <= skb_tail_pointer(skb)) { in hci_le_adv_report_evt()
5703 rssi = ev->data[ev->length]; in hci_le_adv_report_evt()
5704 process_adv_report(hdev, ev->evt_type, &ev->bdaddr, in hci_le_adv_report_evt()
5705 ev->bdaddr_type, NULL, 0, rssi, in hci_le_adv_report_evt()
5706 ev->data, ev->length, false); in hci_le_adv_report_evt()
5711 ptr += sizeof(*ev) + ev->length + 1; in hci_le_adv_report_evt()
5763 u8 num_reports = skb->data[0]; in hci_le_ext_adv_report_evt()
5764 void *ptr = &skb->data[1]; in hci_le_ext_adv_report_evt()
5768 while (num_reports--) { in hci_le_ext_adv_report_evt()
5773 evt_type = __le16_to_cpu(ev->evt_type); in hci_le_ext_adv_report_evt()
5776 process_adv_report(hdev, legacy_evt_type, &ev->bdaddr, in hci_le_ext_adv_report_evt()
5777 ev->bdaddr_type, NULL, 0, ev->rssi, in hci_le_ext_adv_report_evt()
5778 ev->data, ev->length, in hci_le_ext_adv_report_evt()
5782 ptr += sizeof(*ev) + ev->length; in hci_le_ext_adv_report_evt()
5791 struct hci_ev_le_remote_feat_complete *ev = (void *)skb->data; in hci_le_remote_feat_complete_evt()
5794 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); in hci_le_remote_feat_complete_evt()
5798 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_le_remote_feat_complete_evt()
5800 if (!ev->status) in hci_le_remote_feat_complete_evt()
5801 memcpy(conn->features[0], ev->features, 8); in hci_le_remote_feat_complete_evt()
5803 if (conn->state == BT_CONFIG) { in hci_le_remote_feat_complete_evt()
5806 /* If the local controller supports slave-initiated in hci_le_remote_feat_complete_evt()
5815 if ((hdev->le_features[0] & HCI_LE_SLAVE_FEATURES) && in hci_le_remote_feat_complete_evt()
5816 !conn->out && ev->status == 0x1a) in hci_le_remote_feat_complete_evt()
5819 status = ev->status; in hci_le_remote_feat_complete_evt()
5821 conn->state = BT_CONNECTED; in hci_le_remote_feat_complete_evt()
5832 struct hci_ev_le_ltk_req *ev = (void *) skb->data; in hci_le_ltk_request_evt()
5838 BT_DBG("%s handle 0x%4.4x", hdev->name, __le16_to_cpu(ev->handle)); in hci_le_ltk_request_evt()
5842 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_le_ltk_request_evt()
5846 ltk = hci_find_ltk(hdev, &conn->dst, conn->dst_type, conn->role); in hci_le_ltk_request_evt()
5852 if (ev->ediv || ev->rand) in hci_le_ltk_request_evt()
5855 /* For non-SC keys check that EDiv and Rand match */ in hci_le_ltk_request_evt()
5856 if (ev->ediv != ltk->ediv || ev->rand != ltk->rand) in hci_le_ltk_request_evt()
5860 memcpy(cp.ltk, ltk->val, ltk->enc_size); in hci_le_ltk_request_evt()
5861 memset(cp.ltk + ltk->enc_size, 0, sizeof(cp.ltk) - ltk->enc_size); in hci_le_ltk_request_evt()
5862 cp.handle = cpu_to_le16(conn->handle); in hci_le_ltk_request_evt()
5864 conn->pending_sec_level = smp_ltk_sec_level(ltk); in hci_le_ltk_request_evt()
5866 conn->enc_key_size = ltk->enc_size; in hci_le_ltk_request_evt()
5873 * distribute the keys. Later, security can be re-established in hci_le_ltk_request_evt()
5876 if (ltk->type == SMP_STK) { in hci_le_ltk_request_evt()
5877 set_bit(HCI_CONN_STK_ENCRYPT, &conn->flags); in hci_le_ltk_request_evt()
5878 list_del_rcu(<k->list); in hci_le_ltk_request_evt()
5881 clear_bit(HCI_CONN_STK_ENCRYPT, &conn->flags); in hci_le_ltk_request_evt()
5889 neg.handle = ev->handle; in hci_le_ltk_request_evt()
5909 struct hci_ev_le_remote_conn_param_req *ev = (void *) skb->data; in hci_le_remote_conn_param_req_evt()
5914 handle = le16_to_cpu(ev->handle); in hci_le_remote_conn_param_req_evt()
5915 min = le16_to_cpu(ev->interval_min); in hci_le_remote_conn_param_req_evt()
5916 max = le16_to_cpu(ev->interval_max); in hci_le_remote_conn_param_req_evt()
5917 latency = le16_to_cpu(ev->latency); in hci_le_remote_conn_param_req_evt()
5918 timeout = le16_to_cpu(ev->timeout); in hci_le_remote_conn_param_req_evt()
5921 if (!hcon || hcon->state != BT_CONNECTED) in hci_le_remote_conn_param_req_evt()
5929 if (hcon->role == HCI_ROLE_MASTER) { in hci_le_remote_conn_param_req_evt()
5935 params = hci_conn_params_lookup(hdev, &hcon->dst, in hci_le_remote_conn_param_req_evt()
5936 hcon->dst_type); in hci_le_remote_conn_param_req_evt()
5938 params->conn_min_interval = min; in hci_le_remote_conn_param_req_evt()
5939 params->conn_max_interval = max; in hci_le_remote_conn_param_req_evt()
5940 params->conn_latency = latency; in hci_le_remote_conn_param_req_evt()
5941 params->supervision_timeout = timeout; in hci_le_remote_conn_param_req_evt()
5949 mgmt_new_conn_param(hdev, &hcon->dst, hcon->dst_type, in hci_le_remote_conn_param_req_evt()
5953 cp.handle = ev->handle; in hci_le_remote_conn_param_req_evt()
5954 cp.interval_min = ev->interval_min; in hci_le_remote_conn_param_req_evt()
5955 cp.interval_max = ev->interval_max; in hci_le_remote_conn_param_req_evt()
5956 cp.latency = ev->latency; in hci_le_remote_conn_param_req_evt()
5957 cp.timeout = ev->timeout; in hci_le_remote_conn_param_req_evt()
5967 u8 num_reports = skb->data[0]; in hci_le_direct_adv_report_evt()
5968 struct hci_ev_le_direct_adv_info *ev = (void *)&skb->data[1]; in hci_le_direct_adv_report_evt()
5970 if (!num_reports || skb->len < num_reports * sizeof(*ev) + 1) in hci_le_direct_adv_report_evt()
5975 for (; num_reports; num_reports--, ev++) in hci_le_direct_adv_report_evt()
5976 process_adv_report(hdev, ev->evt_type, &ev->bdaddr, in hci_le_direct_adv_report_evt()
5977 ev->bdaddr_type, &ev->direct_addr, in hci_le_direct_adv_report_evt()
5978 ev->direct_addr_type, ev->rssi, NULL, 0, in hci_le_direct_adv_report_evt()
5986 struct hci_ev_le_phy_update_complete *ev = (void *) skb->data; in hci_le_phy_update_evt()
5989 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); in hci_le_phy_update_evt()
5991 if (ev->status) in hci_le_phy_update_evt()
5996 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle)); in hci_le_phy_update_evt()
6000 conn->le_tx_phy = ev->tx_phy; in hci_le_phy_update_evt()
6001 conn->le_rx_phy = ev->rx_phy; in hci_le_phy_update_evt()
6009 struct hci_ev_le_meta *le_ev = (void *) skb->data; in hci_le_meta_evt()
6013 switch (le_ev->subevent) { in hci_le_meta_evt()
6072 if (skb->len < sizeof(*hdr)) { in hci_get_cmd_complete()
6077 hdr = (void *) skb->data; in hci_get_cmd_complete()
6081 if (hdr->evt != event) in hci_get_cmd_complete()
6086 /* Check if request ended in Command Status - no way to retreive in hci_get_cmd_complete()
6087 * any extra parameters in this case. in hci_get_cmd_complete()
6089 if (hdr->evt == HCI_EV_CMD_STATUS) in hci_get_cmd_complete()
6092 if (hdr->evt != HCI_EV_CMD_COMPLETE) { in hci_get_cmd_complete()
6094 hdr->evt); in hci_get_cmd_complete()
6098 if (skb->len < sizeof(*ev)) { in hci_get_cmd_complete()
6103 ev = (void *) skb->data; in hci_get_cmd_complete()
6106 if (opcode != __le16_to_cpu(ev->opcode)) { in hci_get_cmd_complete()
6108 __le16_to_cpu(ev->opcode)); in hci_get_cmd_complete()
6118 struct hci_ev_le_advertising_info *adv; in hci_store_wake_reason() local
6121 const struct hci_ev_conn_complete *conn_complete = (void *)skb->data; in hci_store_wake_reason()
6122 const struct hci_ev_conn_request *conn_request = (void *)skb->data; in hci_store_wake_reason()
6129 if (!hdev->suspended || hdev->wake_reason) in hci_store_wake_reason()
6135 hdev->wake_reason = MGMT_WAKE_REASON_REMOTE_WAKE; in hci_store_wake_reason()
6142 bacpy(&hdev->wake_addr, &conn_complete->bdaddr); in hci_store_wake_reason()
6143 hdev->wake_addr_type = BDADDR_BREDR; in hci_store_wake_reason()
6145 bacpy(&hdev->wake_addr, &conn_request->bdaddr); in hci_store_wake_reason()
6146 hdev->wake_addr_type = BDADDR_BREDR; in hci_store_wake_reason()
6148 struct hci_ev_le_meta *le_ev = (void *)skb->data; in hci_store_wake_reason()
6149 u8 subevent = le_ev->subevent; in hci_store_wake_reason()
6150 u8 *ptr = &skb->data[sizeof(*le_ev)]; in hci_store_wake_reason()
6157 adv = (void *)(ptr + 1); in hci_store_wake_reason()
6163 bacpy(&hdev->wake_addr, &adv->bdaddr); in hci_store_wake_reason()
6164 hdev->wake_addr_type = adv->bdaddr_type; in hci_store_wake_reason()
6167 bacpy(&hdev->wake_addr, &direct_adv->bdaddr); in hci_store_wake_reason()
6168 hdev->wake_addr_type = direct_adv->bdaddr_type; in hci_store_wake_reason()
6171 bacpy(&hdev->wake_addr, &ext_adv->bdaddr); in hci_store_wake_reason()
6172 hdev->wake_addr_type = ext_adv->bdaddr_type; in hci_store_wake_reason()
6177 hdev->wake_reason = MGMT_WAKE_REASON_UNEXPECTED; in hci_store_wake_reason()
6186 struct hci_event_hdr *hdr = (void *) skb->data; in hci_event_packet()
6190 u8 status = 0, event = hdr->evt, req_evt = 0; in hci_event_packet()
6198 if (hdev->sent_cmd && bt_cb(hdev->sent_cmd)->hci.req_event == event) { in hci_event_packet()
6199 struct hci_command_hdr *cmd_hdr = (void *) hdev->sent_cmd->data; in hci_event_packet()
6200 opcode = __le16_to_cpu(cmd_hdr->opcode); in hci_event_packet()
6402 BT_DBG("%s event 0x%2.2x", hdev->name, event); in hci_event_packet()
6419 hdev->stat.evt_rx++; in hci_event_packet()