2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI event handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/sched.h>
33 #include <linux/slab.h>
34 #include <linux/poll.h>
35 #include <linux/fcntl.h>
36 #include <linux/init.h>
37 #include <linux/skbuff.h>
38 #include <linux/interrupt.h>
39 #include <linux/notifier.h>
42 #include <asm/system.h>
43 #include <asm/uaccess.h>
44 #include <asm/unaligned.h>
46 #include <net/bluetooth/bluetooth.h>
47 #include <net/bluetooth/hci_core.h>
49 #ifndef CONFIG_BT_HCI_CORE_DEBUG
54 /* Handle HCI Event packets */
56 /* Command Complete OGF LINK_CTL */
57 static void hci_cc_link_ctl(struct hci_dev *hdev, __u16 ocf, struct sk_buff *skb)
60 struct hci_conn *pend;
62 BT_DBG("%s ocf 0x%x", hdev->name, ocf);
65 case OCF_INQUIRY_CANCEL:
66 case OCF_EXIT_PERIODIC_INQ:
67 status = *((__u8 *) skb->data);
70 BT_DBG("%s Inquiry cancel error: status 0x%x", hdev->name, status);
72 clear_bit(HCI_INQUIRY, &hdev->flags);
73 hci_req_complete(hdev, status);
78 pend = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
80 hci_acl_connect(pend);
87 BT_DBG("%s Command complete: ogf LINK_CTL ocf %x", hdev->name, ocf);
92 /* Command Complete OGF LINK_POLICY */
93 static void hci_cc_link_policy(struct hci_dev *hdev, __u16 ocf, struct sk_buff *skb)
95 struct hci_conn *conn;
96 struct hci_rp_role_discovery *rd;
97 struct hci_rp_write_link_policy *lp;
100 BT_DBG("%s ocf 0x%x", hdev->name, ocf);
103 case OCF_ROLE_DISCOVERY:
104 rd = (void *) skb->data;
111 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rd->handle));
114 conn->link_mode &= ~HCI_LM_MASTER;
116 conn->link_mode |= HCI_LM_MASTER;
119 hci_dev_unlock(hdev);
122 case OCF_WRITE_LINK_POLICY:
123 sent = hci_sent_cmd_data(hdev, OGF_LINK_POLICY, OCF_WRITE_LINK_POLICY);
127 lp = (struct hci_rp_write_link_policy *) skb->data;
134 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(lp->handle));
136 __le16 policy = get_unaligned((__le16 *) (sent + 2));
137 conn->link_policy = __le16_to_cpu(policy);
140 hci_dev_unlock(hdev);
144 BT_DBG("%s: Command complete: ogf LINK_POLICY ocf %x",
150 /* Command Complete OGF HOST_CTL */
151 static void hci_cc_host_ctl(struct hci_dev *hdev, __u16 ocf, struct sk_buff *skb)
155 struct hci_rp_read_voice_setting *vs;
158 BT_DBG("%s ocf 0x%x", hdev->name, ocf);
162 status = *((__u8 *) skb->data);
163 hci_req_complete(hdev, status);
166 case OCF_SET_EVENT_FLT:
167 status = *((__u8 *) skb->data);
169 BT_DBG("%s SET_EVENT_FLT failed %d", hdev->name, status);
171 BT_DBG("%s SET_EVENT_FLT succeseful", hdev->name);
175 case OCF_WRITE_AUTH_ENABLE:
176 sent = hci_sent_cmd_data(hdev, OGF_HOST_CTL, OCF_WRITE_AUTH_ENABLE);
180 status = *((__u8 *) skb->data);
181 param = *((__u8 *) sent);
184 if (param == AUTH_ENABLED)
185 set_bit(HCI_AUTH, &hdev->flags);
187 clear_bit(HCI_AUTH, &hdev->flags);
189 hci_req_complete(hdev, status);
192 case OCF_WRITE_ENCRYPT_MODE:
193 sent = hci_sent_cmd_data(hdev, OGF_HOST_CTL, OCF_WRITE_ENCRYPT_MODE);
197 status = *((__u8 *) skb->data);
198 param = *((__u8 *) sent);
202 set_bit(HCI_ENCRYPT, &hdev->flags);
204 clear_bit(HCI_ENCRYPT, &hdev->flags);
206 hci_req_complete(hdev, status);
209 case OCF_WRITE_CA_TIMEOUT:
210 status = *((__u8 *) skb->data);
212 BT_DBG("%s OCF_WRITE_CA_TIMEOUT failed %d", hdev->name, status);
214 BT_DBG("%s OCF_WRITE_CA_TIMEOUT succeseful", hdev->name);
218 case OCF_WRITE_PG_TIMEOUT:
219 status = *((__u8 *) skb->data);
221 BT_DBG("%s OCF_WRITE_PG_TIMEOUT failed %d", hdev->name, status);
223 BT_DBG("%s: OCF_WRITE_PG_TIMEOUT succeseful", hdev->name);
227 case OCF_WRITE_SCAN_ENABLE:
228 sent = hci_sent_cmd_data(hdev, OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE);
232 status = *((__u8 *) skb->data);
233 param = *((__u8 *) sent);
235 BT_DBG("param 0x%x", param);
238 clear_bit(HCI_PSCAN, &hdev->flags);
239 clear_bit(HCI_ISCAN, &hdev->flags);
240 if (param & SCAN_INQUIRY)
241 set_bit(HCI_ISCAN, &hdev->flags);
243 if (param & SCAN_PAGE)
244 set_bit(HCI_PSCAN, &hdev->flags);
246 hci_req_complete(hdev, status);
249 case OCF_READ_VOICE_SETTING:
250 vs = (struct hci_rp_read_voice_setting *) skb->data;
253 BT_DBG("%s READ_VOICE_SETTING failed %d", hdev->name, vs->status);
257 setting = __le16_to_cpu(vs->voice_setting);
259 if (hdev->voice_setting != setting ) {
260 hdev->voice_setting = setting;
262 BT_DBG("%s: voice setting 0x%04x", hdev->name, setting);
265 tasklet_disable(&hdev->tx_task);
266 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
267 tasklet_enable(&hdev->tx_task);
272 case OCF_WRITE_VOICE_SETTING:
273 sent = hci_sent_cmd_data(hdev, OGF_HOST_CTL, OCF_WRITE_VOICE_SETTING);
277 status = *((__u8 *) skb->data);
278 setting = __le16_to_cpu(get_unaligned((__le16 *) sent));
280 if (!status && hdev->voice_setting != setting) {
281 hdev->voice_setting = setting;
283 BT_DBG("%s: voice setting 0x%04x", hdev->name, setting);
286 tasklet_disable(&hdev->tx_task);
287 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
288 tasklet_enable(&hdev->tx_task);
291 hci_req_complete(hdev, status);
294 case OCF_HOST_BUFFER_SIZE:
295 status = *((__u8 *) skb->data);
297 BT_DBG("%s OCF_BUFFER_SIZE failed %d", hdev->name, status);
298 hci_req_complete(hdev, status);
303 BT_DBG("%s Command complete: ogf HOST_CTL ocf %x", hdev->name, ocf);
308 /* Command Complete OGF INFO_PARAM */
309 static void hci_cc_info_param(struct hci_dev *hdev, __u16 ocf, struct sk_buff *skb)
311 struct hci_rp_read_loc_version *lv;
312 struct hci_rp_read_local_features *lf;
313 struct hci_rp_read_buffer_size *bs;
314 struct hci_rp_read_bd_addr *ba;
316 BT_DBG("%s ocf 0x%x", hdev->name, ocf);
319 case OCF_READ_LOCAL_VERSION:
320 lv = (struct hci_rp_read_loc_version *) skb->data;
323 BT_DBG("%s READ_LOCAL_VERSION failed %d", hdev->name, lf->status);
327 hdev->hci_ver = lv->hci_ver;
328 hdev->hci_rev = btohs(lv->hci_rev);
329 hdev->manufacturer = btohs(lv->manufacturer);
331 BT_DBG("%s: manufacturer %d hci_ver %d hci_rev %d", hdev->name,
332 hdev->manufacturer, hdev->hci_ver, hdev->hci_rev);
336 case OCF_READ_LOCAL_FEATURES:
337 lf = (struct hci_rp_read_local_features *) skb->data;
340 BT_DBG("%s READ_LOCAL_FEATURES failed %d", hdev->name, lf->status);
344 memcpy(hdev->features, lf->features, sizeof(hdev->features));
346 /* Adjust default settings according to features
347 * supported by device. */
348 if (hdev->features[0] & LMP_3SLOT)
349 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
351 if (hdev->features[0] & LMP_5SLOT)
352 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
354 if (hdev->features[1] & LMP_HV2)
355 hdev->pkt_type |= (HCI_HV2);
357 if (hdev->features[1] & LMP_HV3)
358 hdev->pkt_type |= (HCI_HV3);
360 BT_DBG("%s: features 0x%x 0x%x 0x%x", hdev->name,
361 lf->features[0], lf->features[1], lf->features[2]);
365 case OCF_READ_BUFFER_SIZE:
366 bs = (struct hci_rp_read_buffer_size *) skb->data;
369 BT_DBG("%s READ_BUFFER_SIZE failed %d", hdev->name, bs->status);
370 hci_req_complete(hdev, bs->status);
374 hdev->acl_mtu = __le16_to_cpu(bs->acl_mtu);
375 hdev->sco_mtu = bs->sco_mtu;
376 hdev->acl_pkts = __le16_to_cpu(bs->acl_max_pkt);
377 hdev->sco_pkts = __le16_to_cpu(bs->sco_max_pkt);
379 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
384 hdev->acl_cnt = hdev->acl_pkts;
385 hdev->sco_cnt = hdev->sco_pkts;
387 BT_DBG("%s mtu: acl %d, sco %d max_pkt: acl %d, sco %d", hdev->name,
388 hdev->acl_mtu, hdev->sco_mtu, hdev->acl_pkts, hdev->sco_pkts);
391 case OCF_READ_BD_ADDR:
392 ba = (struct hci_rp_read_bd_addr *) skb->data;
395 bacpy(&hdev->bdaddr, &ba->bdaddr);
397 BT_DBG("%s: READ_BD_ADDR failed %d", hdev->name, ba->status);
400 hci_req_complete(hdev, ba->status);
404 BT_DBG("%s Command complete: ogf INFO_PARAM ocf %x", hdev->name, ocf);
409 /* Command Status OGF LINK_CTL */
410 static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
412 struct hci_conn *conn;
413 struct hci_cp_create_conn *cp = hci_sent_cmd_data(hdev, OGF_LINK_CTL, OCF_CREATE_CONN);
420 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
422 BT_DBG("%s status 0x%x bdaddr %s conn %p", hdev->name,
423 status, batostr(&cp->bdaddr), conn);
426 if (conn && conn->state == BT_CONNECT) {
427 if (status != 0x0c || conn->attempt > 2) {
428 conn->state = BT_CLOSED;
429 hci_proto_connect_cfm(conn, status);
432 conn->state = BT_CONNECT2;
436 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
439 conn->link_mode |= HCI_LM_MASTER;
441 BT_ERR("No memmory for new connection");
445 hci_dev_unlock(hdev);
448 static void hci_cs_link_ctl(struct hci_dev *hdev, __u16 ocf, __u8 status)
450 BT_DBG("%s ocf 0x%x", hdev->name, ocf);
453 case OCF_CREATE_CONN:
454 hci_cs_create_conn(hdev, status);
459 struct hci_conn *acl, *sco;
460 struct hci_cp_add_sco *cp = hci_sent_cmd_data(hdev, OGF_LINK_CTL, OCF_ADD_SCO);
466 handle = __le16_to_cpu(cp->handle);
468 BT_DBG("%s Add SCO error: handle %d status 0x%x", hdev->name, handle, status);
472 acl = hci_conn_hash_lookup_handle(hdev, handle);
473 if (acl && (sco = acl->link)) {
474 sco->state = BT_CLOSED;
476 hci_proto_connect_cfm(sco, status);
480 hci_dev_unlock(hdev);
486 BT_DBG("%s Inquiry error: status 0x%x", hdev->name, status);
487 hci_req_complete(hdev, status);
489 set_bit(HCI_INQUIRY, &hdev->flags);
494 BT_DBG("%s Command status: ogf LINK_CTL ocf %x status %d",
495 hdev->name, ocf, status);
500 /* Command Status OGF LINK_POLICY */
501 static void hci_cs_link_policy(struct hci_dev *hdev, __u16 ocf, __u8 status)
503 BT_DBG("%s ocf 0x%x", hdev->name, ocf);
508 struct hci_conn *conn;
509 struct hci_cp_sniff_mode *cp = hci_sent_cmd_data(hdev, OGF_LINK_POLICY, OCF_SNIFF_MODE);
516 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
518 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
521 hci_dev_unlock(hdev);
525 case OCF_EXIT_SNIFF_MODE:
527 struct hci_conn *conn;
528 struct hci_cp_exit_sniff_mode *cp = hci_sent_cmd_data(hdev, OGF_LINK_POLICY, OCF_EXIT_SNIFF_MODE);
535 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
537 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
540 hci_dev_unlock(hdev);
545 BT_DBG("%s Command status: ogf LINK_POLICY ocf %x", hdev->name, ocf);
550 /* Command Status OGF HOST_CTL */
551 static void hci_cs_host_ctl(struct hci_dev *hdev, __u16 ocf, __u8 status)
553 BT_DBG("%s ocf 0x%x", hdev->name, ocf);
557 BT_DBG("%s Command status: ogf HOST_CTL ocf %x", hdev->name, ocf);
562 /* Command Status OGF INFO_PARAM */
563 static void hci_cs_info_param(struct hci_dev *hdev, __u16 ocf, __u8 status)
565 BT_DBG("%s: hci_cs_info_param: ocf 0x%x", hdev->name, ocf);
569 BT_DBG("%s Command status: ogf INFO_PARAM ocf %x", hdev->name, ocf);
574 /* Inquiry Complete */
575 static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
577 __u8 status = *((__u8 *) skb->data);
578 struct hci_conn *pend;
580 BT_DBG("%s status %d", hdev->name, status);
582 clear_bit(HCI_INQUIRY, &hdev->flags);
583 hci_req_complete(hdev, status);
587 pend = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
589 hci_acl_connect(pend);
591 hci_dev_unlock(hdev);
595 static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
597 struct inquiry_data data;
598 struct inquiry_info *info = (struct inquiry_info *) (skb->data + 1);
599 int num_rsp = *((__u8 *) skb->data);
601 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
608 for (; num_rsp; num_rsp--) {
609 bacpy(&data.bdaddr, &info->bdaddr);
610 data.pscan_rep_mode = info->pscan_rep_mode;
611 data.pscan_period_mode = info->pscan_period_mode;
612 data.pscan_mode = info->pscan_mode;
613 memcpy(data.dev_class, info->dev_class, 3);
614 data.clock_offset = info->clock_offset;
617 hci_inquiry_cache_update(hdev, &data);
620 hci_dev_unlock(hdev);
623 /* Inquiry Result With RSSI */
624 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
626 struct inquiry_data data;
627 int num_rsp = *((__u8 *) skb->data);
629 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
636 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
637 struct inquiry_info_with_rssi_and_pscan_mode *info =
638 (struct inquiry_info_with_rssi_and_pscan_mode *) (skb->data + 1);
640 for (; num_rsp; num_rsp--) {
641 bacpy(&data.bdaddr, &info->bdaddr);
642 data.pscan_rep_mode = info->pscan_rep_mode;
643 data.pscan_period_mode = info->pscan_period_mode;
644 data.pscan_mode = info->pscan_mode;
645 memcpy(data.dev_class, info->dev_class, 3);
646 data.clock_offset = info->clock_offset;
647 data.rssi = info->rssi;
649 hci_inquiry_cache_update(hdev, &data);
652 struct inquiry_info_with_rssi *info =
653 (struct inquiry_info_with_rssi *) (skb->data + 1);
655 for (; num_rsp; num_rsp--) {
656 bacpy(&data.bdaddr, &info->bdaddr);
657 data.pscan_rep_mode = info->pscan_rep_mode;
658 data.pscan_period_mode = info->pscan_period_mode;
659 data.pscan_mode = 0x00;
660 memcpy(data.dev_class, info->dev_class, 3);
661 data.clock_offset = info->clock_offset;
662 data.rssi = info->rssi;
664 hci_inquiry_cache_update(hdev, &data);
668 hci_dev_unlock(hdev);
671 /* Extended Inquiry Result */
672 static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
674 struct inquiry_data data;
675 struct extended_inquiry_info *info = (struct extended_inquiry_info *) (skb->data + 1);
676 int num_rsp = *((__u8 *) skb->data);
678 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
685 for (; num_rsp; num_rsp--) {
686 bacpy(&data.bdaddr, &info->bdaddr);
687 data.pscan_rep_mode = info->pscan_rep_mode;
688 data.pscan_period_mode = info->pscan_period_mode;
689 data.pscan_mode = 0x00;
690 memcpy(data.dev_class, info->dev_class, 3);
691 data.clock_offset = info->clock_offset;
692 data.rssi = info->rssi;
694 hci_inquiry_cache_update(hdev, &data);
697 hci_dev_unlock(hdev);
700 /* Connect Request */
701 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
703 struct hci_ev_conn_request *ev = (struct hci_ev_conn_request *) skb->data;
704 int mask = hdev->link_mode;
706 BT_DBG("%s Connection request: %s type 0x%x", hdev->name,
707 batostr(&ev->bdaddr), ev->link_type);
709 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
711 if (mask & HCI_LM_ACCEPT) {
712 /* Connection accepted */
713 struct hci_conn *conn;
714 struct hci_cp_accept_conn_req cp;
717 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
719 if (!(conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr))) {
720 BT_ERR("No memmory for new connection");
721 hci_dev_unlock(hdev);
725 memcpy(conn->dev_class, ev->dev_class, 3);
726 conn->state = BT_CONNECT;
727 hci_dev_unlock(hdev);
729 bacpy(&cp.bdaddr, &ev->bdaddr);
731 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
732 cp.role = 0x00; /* Become master */
734 cp.role = 0x01; /* Remain slave */
736 hci_send_cmd(hdev, OGF_LINK_CTL,
737 OCF_ACCEPT_CONN_REQ, sizeof(cp), &cp);
739 /* Connection rejected */
740 struct hci_cp_reject_conn_req cp;
742 bacpy(&cp.bdaddr, &ev->bdaddr);
744 hci_send_cmd(hdev, OGF_LINK_CTL,
745 OCF_REJECT_CONN_REQ, sizeof(cp), &cp);
749 /* Connect Complete */
750 static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
752 struct hci_ev_conn_complete *ev = (struct hci_ev_conn_complete *) skb->data;
753 struct hci_conn *conn, *pend;
755 BT_DBG("%s", hdev->name);
759 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
761 hci_dev_unlock(hdev);
766 conn->handle = __le16_to_cpu(ev->handle);
767 conn->state = BT_CONNECTED;
769 if (test_bit(HCI_AUTH, &hdev->flags))
770 conn->link_mode |= HCI_LM_AUTH;
772 if (test_bit(HCI_ENCRYPT, &hdev->flags))
773 conn->link_mode |= HCI_LM_ENCRYPT;
775 /* Get remote features */
776 if (conn->type == ACL_LINK) {
777 struct hci_cp_read_remote_features cp;
778 cp.handle = ev->handle;
779 hci_send_cmd(hdev, OGF_LINK_CTL,
780 OCF_READ_REMOTE_FEATURES, sizeof(cp), &cp);
783 /* Set link policy */
784 if (conn->type == ACL_LINK && hdev->link_policy) {
785 struct hci_cp_write_link_policy cp;
786 cp.handle = ev->handle;
787 cp.policy = __cpu_to_le16(hdev->link_policy);
788 hci_send_cmd(hdev, OGF_LINK_POLICY,
789 OCF_WRITE_LINK_POLICY, sizeof(cp), &cp);
792 /* Set packet type for incoming connection */
794 struct hci_cp_change_conn_ptype cp;
795 cp.handle = ev->handle;
796 cp.pkt_type = (conn->type == ACL_LINK) ?
797 __cpu_to_le16(hdev->pkt_type & ACL_PTYPE_MASK):
798 __cpu_to_le16(hdev->pkt_type & SCO_PTYPE_MASK);
800 hci_send_cmd(hdev, OGF_LINK_CTL,
801 OCF_CHANGE_CONN_PTYPE, sizeof(cp), &cp);
803 /* Update disconnect timer */
808 conn->state = BT_CLOSED;
810 if (conn->type == ACL_LINK) {
811 struct hci_conn *sco = conn->link;
814 hci_add_sco(sco, conn->handle);
816 hci_proto_connect_cfm(sco, ev->status);
822 hci_proto_connect_cfm(conn, ev->status);
826 pend = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
828 hci_acl_connect(pend);
830 hci_dev_unlock(hdev);
833 /* Disconnect Complete */
834 static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
836 struct hci_ev_disconn_complete *ev = (struct hci_ev_disconn_complete *) skb->data;
837 struct hci_conn *conn;
839 BT_DBG("%s status %d", hdev->name, ev->status);
846 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
848 conn->state = BT_CLOSED;
849 hci_proto_disconn_ind(conn, ev->reason);
853 hci_dev_unlock(hdev);
856 /* Number of completed packets */
857 static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
859 struct hci_ev_num_comp_pkts *ev = (struct hci_ev_num_comp_pkts *) skb->data;
863 skb_pull(skb, sizeof(*ev));
865 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
867 if (skb->len < ev->num_hndl * 4) {
868 BT_DBG("%s bad parameters", hdev->name);
872 tasklet_disable(&hdev->tx_task);
874 for (i = 0, ptr = (__le16 *) skb->data; i < ev->num_hndl; i++) {
875 struct hci_conn *conn;
878 handle = __le16_to_cpu(get_unaligned(ptr++));
879 count = __le16_to_cpu(get_unaligned(ptr++));
881 conn = hci_conn_hash_lookup_handle(hdev, handle);
885 if (conn->type == SCO_LINK) {
886 if ((hdev->sco_cnt += count) > hdev->sco_pkts)
887 hdev->sco_cnt = hdev->sco_pkts;
889 if ((hdev->acl_cnt += count) > hdev->acl_pkts)
890 hdev->acl_cnt = hdev->acl_pkts;
896 tasklet_enable(&hdev->tx_task);
900 static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
902 struct hci_ev_role_change *ev = (struct hci_ev_role_change *) skb->data;
903 struct hci_conn *conn;
905 BT_DBG("%s status %d", hdev->name, ev->status);
909 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
913 conn->link_mode &= ~HCI_LM_MASTER;
915 conn->link_mode |= HCI_LM_MASTER;
918 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
920 hci_role_switch_cfm(conn, ev->status, ev->role);
923 hci_dev_unlock(hdev);
927 static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
929 struct hci_ev_mode_change *ev = (struct hci_ev_mode_change *) skb->data;
930 struct hci_conn *conn;
932 BT_DBG("%s status %d", hdev->name, ev->status);
936 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
938 conn->mode = ev->mode;
939 conn->interval = __le16_to_cpu(ev->interval);
941 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
942 if (conn->mode == HCI_CM_ACTIVE)
943 conn->power_save = 1;
945 conn->power_save = 0;
949 hci_dev_unlock(hdev);
952 /* Authentication Complete */
953 static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
955 struct hci_ev_auth_complete *ev = (struct hci_ev_auth_complete *) skb->data;
956 struct hci_conn *conn;
958 BT_DBG("%s status %d", hdev->name, ev->status);
962 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
965 conn->link_mode |= HCI_LM_AUTH;
967 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
969 hci_auth_cfm(conn, ev->status);
971 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
973 struct hci_cp_set_conn_encrypt cp;
974 cp.handle = __cpu_to_le16(conn->handle);
976 hci_send_cmd(conn->hdev, OGF_LINK_CTL,
977 OCF_SET_CONN_ENCRYPT, sizeof(cp), &cp);
979 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
980 hci_encrypt_cfm(conn, ev->status, 0x00);
985 hci_dev_unlock(hdev);
988 /* Encryption Change */
989 static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
991 struct hci_ev_encrypt_change *ev = (struct hci_ev_encrypt_change *) skb->data;
992 struct hci_conn *conn;
994 BT_DBG("%s status %d", hdev->name, ev->status);
998 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1002 conn->link_mode |= HCI_LM_ENCRYPT;
1004 conn->link_mode &= ~HCI_LM_ENCRYPT;
1007 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1009 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1012 hci_dev_unlock(hdev);
1015 /* Change Connection Link Key Complete */
1016 static inline void hci_change_conn_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1018 struct hci_ev_change_conn_link_key_complete *ev = (struct hci_ev_change_conn_link_key_complete *) skb->data;
1019 struct hci_conn *conn;
1021 BT_DBG("%s status %d", hdev->name, ev->status);
1025 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1028 conn->link_mode |= HCI_LM_SECURE;
1030 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1032 hci_key_change_cfm(conn, ev->status);
1035 hci_dev_unlock(hdev);
1038 /* Pin Code Request*/
1039 static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1043 /* Link Key Request */
1044 static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1048 /* Link Key Notification */
1049 static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
1053 /* Remote Features */
1054 static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1056 struct hci_ev_remote_features *ev = (struct hci_ev_remote_features *) skb->data;
1057 struct hci_conn *conn;
1059 BT_DBG("%s status %d", hdev->name, ev->status);
1063 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1064 if (conn && !ev->status) {
1065 memcpy(conn->features, ev->features, sizeof(conn->features));
1068 hci_dev_unlock(hdev);
1072 static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
1074 struct hci_ev_clock_offset *ev = (struct hci_ev_clock_offset *) skb->data;
1075 struct hci_conn *conn;
1077 BT_DBG("%s status %d", hdev->name, ev->status);
1081 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1082 if (conn && !ev->status) {
1083 struct inquiry_entry *ie;
1085 if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst))) {
1086 ie->data.clock_offset = ev->clock_offset;
1087 ie->timestamp = jiffies;
1091 hci_dev_unlock(hdev);
1094 /* Page Scan Repetition Mode */
1095 static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
1097 struct hci_ev_pscan_rep_mode *ev = (struct hci_ev_pscan_rep_mode *) skb->data;
1098 struct inquiry_entry *ie;
1100 BT_DBG("%s", hdev->name);
1104 if ((ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr))) {
1105 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
1106 ie->timestamp = jiffies;
1109 hci_dev_unlock(hdev);
1113 static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
1115 struct hci_ev_sniff_subrate *ev = (struct hci_ev_sniff_subrate *) skb->data;
1116 struct hci_conn *conn;
1118 BT_DBG("%s status %d", hdev->name, ev->status);
1122 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1126 hci_dev_unlock(hdev);
1129 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
1131 struct hci_event_hdr *hdr = (struct hci_event_hdr *) skb->data;
1132 struct hci_ev_cmd_complete *ec;
1133 struct hci_ev_cmd_status *cs;
1134 u16 opcode, ocf, ogf;
1136 skb_pull(skb, HCI_EVENT_HDR_SIZE);
1138 BT_DBG("%s evt 0x%x", hdev->name, hdr->evt);
1141 case HCI_EV_NUM_COMP_PKTS:
1142 hci_num_comp_pkts_evt(hdev, skb);
1145 case HCI_EV_INQUIRY_COMPLETE:
1146 hci_inquiry_complete_evt(hdev, skb);
1149 case HCI_EV_INQUIRY_RESULT:
1150 hci_inquiry_result_evt(hdev, skb);
1153 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
1154 hci_inquiry_result_with_rssi_evt(hdev, skb);
1157 case HCI_EV_EXTENDED_INQUIRY_RESULT:
1158 hci_extended_inquiry_result_evt(hdev, skb);
1161 case HCI_EV_CONN_REQUEST:
1162 hci_conn_request_evt(hdev, skb);
1165 case HCI_EV_CONN_COMPLETE:
1166 hci_conn_complete_evt(hdev, skb);
1169 case HCI_EV_DISCONN_COMPLETE:
1170 hci_disconn_complete_evt(hdev, skb);
1173 case HCI_EV_ROLE_CHANGE:
1174 hci_role_change_evt(hdev, skb);
1177 case HCI_EV_MODE_CHANGE:
1178 hci_mode_change_evt(hdev, skb);
1181 case HCI_EV_AUTH_COMPLETE:
1182 hci_auth_complete_evt(hdev, skb);
1185 case HCI_EV_ENCRYPT_CHANGE:
1186 hci_encrypt_change_evt(hdev, skb);
1189 case HCI_EV_CHANGE_CONN_LINK_KEY_COMPLETE:
1190 hci_change_conn_link_key_complete_evt(hdev, skb);
1193 case HCI_EV_PIN_CODE_REQ:
1194 hci_pin_code_request_evt(hdev, skb);
1197 case HCI_EV_LINK_KEY_REQ:
1198 hci_link_key_request_evt(hdev, skb);
1201 case HCI_EV_LINK_KEY_NOTIFY:
1202 hci_link_key_notify_evt(hdev, skb);
1205 case HCI_EV_REMOTE_FEATURES:
1206 hci_remote_features_evt(hdev, skb);
1209 case HCI_EV_CLOCK_OFFSET:
1210 hci_clock_offset_evt(hdev, skb);
1213 case HCI_EV_PSCAN_REP_MODE:
1214 hci_pscan_rep_mode_evt(hdev, skb);
1217 case HCI_EV_SNIFF_SUBRATE:
1218 hci_sniff_subrate_evt(hdev, skb);
1221 case HCI_EV_CMD_STATUS:
1222 cs = (struct hci_ev_cmd_status *) skb->data;
1223 skb_pull(skb, sizeof(cs));
1225 opcode = __le16_to_cpu(cs->opcode);
1226 ogf = hci_opcode_ogf(opcode);
1227 ocf = hci_opcode_ocf(opcode);
1230 case OGF_INFO_PARAM:
1231 hci_cs_info_param(hdev, ocf, cs->status);
1235 hci_cs_host_ctl(hdev, ocf, cs->status);
1239 hci_cs_link_ctl(hdev, ocf, cs->status);
1242 case OGF_LINK_POLICY:
1243 hci_cs_link_policy(hdev, ocf, cs->status);
1247 BT_DBG("%s Command Status OGF %x", hdev->name, ogf);
1252 atomic_set(&hdev->cmd_cnt, 1);
1253 if (!skb_queue_empty(&hdev->cmd_q))
1254 hci_sched_cmd(hdev);
1258 case HCI_EV_CMD_COMPLETE:
1259 ec = (struct hci_ev_cmd_complete *) skb->data;
1260 skb_pull(skb, sizeof(*ec));
1262 opcode = __le16_to_cpu(ec->opcode);
1263 ogf = hci_opcode_ogf(opcode);
1264 ocf = hci_opcode_ocf(opcode);
1267 case OGF_INFO_PARAM:
1268 hci_cc_info_param(hdev, ocf, skb);
1272 hci_cc_host_ctl(hdev, ocf, skb);
1276 hci_cc_link_ctl(hdev, ocf, skb);
1279 case OGF_LINK_POLICY:
1280 hci_cc_link_policy(hdev, ocf, skb);
1284 BT_DBG("%s Command Completed OGF %x", hdev->name, ogf);
1289 atomic_set(&hdev->cmd_cnt, 1);
1290 if (!skb_queue_empty(&hdev->cmd_q))
1291 hci_sched_cmd(hdev);
1297 hdev->stat.evt_rx++;
1300 /* Generate internal stack event */
1301 void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
1303 struct hci_event_hdr *hdr;
1304 struct hci_ev_stack_internal *ev;
1305 struct sk_buff *skb;
1307 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
1311 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
1312 hdr->evt = HCI_EV_STACK_INTERNAL;
1313 hdr->plen = sizeof(*ev) + dlen;
1315 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
1317 memcpy(ev->data, data, dlen);
1319 bt_cb(skb)->incoming = 1;
1320 __net_timestamp(skb);
1322 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
1323 skb->dev = (void *) hdev;
1324 hci_send_to_sock(hdev, skb);