Lines Matching defs:hdev
50 static void *hci_ev_skb_pull(struct hci_dev *hdev, struct sk_buff *skb,
57 bt_dev_err(hdev, "Malformed Event: 0x%2.2x", ev);
62 static void *hci_cc_skb_pull(struct hci_dev *hdev, struct sk_buff *skb,
69 bt_dev_err(hdev, "Malformed Command Complete: 0x%4.4x", op);
74 static void *hci_le_ev_skb_pull(struct hci_dev *hdev, struct sk_buff *skb,
81 bt_dev_err(hdev, "Malformed LE Event: 0x%2.2x", ev);
86 static u8 hci_cc_inquiry_cancel(struct hci_dev *hdev, void *data,
91 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
100 if (rp->status == HCI_ERROR_COMMAND_DISALLOWED && !test_bit(HCI_INQUIRY, &hdev->flags)) {
101 bt_dev_warn(hdev, "Ignoring error of Inquiry Cancel command");
108 clear_bit(HCI_INQUIRY, &hdev->flags);
110 wake_up_bit(&hdev->flags, HCI_INQUIRY);
112 hci_dev_lock(hdev);
116 if (!hci_dev_test_flag(hdev, HCI_LE_SCAN) ||
117 hdev->le_scan_type != LE_SCAN_ACTIVE)
118 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
119 hci_dev_unlock(hdev);
124 static u8 hci_cc_periodic_inq(struct hci_dev *hdev, void *data,
129 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
134 hci_dev_set_flag(hdev, HCI_PERIODIC_INQ);
139 static u8 hci_cc_exit_periodic_inq(struct hci_dev *hdev, void *data,
144 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
149 hci_dev_clear_flag(hdev, HCI_PERIODIC_INQ);
154 static u8 hci_cc_remote_name_req_cancel(struct hci_dev *hdev, void *data,
159 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
164 static u8 hci_cc_role_discovery(struct hci_dev *hdev, void *data,
170 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
175 hci_dev_lock(hdev);
177 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
181 hci_dev_unlock(hdev);
186 static u8 hci_cc_read_link_policy(struct hci_dev *hdev, void *data,
192 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
197 hci_dev_lock(hdev);
199 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
203 hci_dev_unlock(hdev);
208 static u8 hci_cc_write_link_policy(struct hci_dev *hdev, void *data,
215 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
220 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
224 hci_dev_lock(hdev);
226 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
230 hci_dev_unlock(hdev);
235 static u8 hci_cc_read_def_link_policy(struct hci_dev *hdev, void *data,
240 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
245 hdev->link_policy = __le16_to_cpu(rp->policy);
250 static u8 hci_cc_write_def_link_policy(struct hci_dev *hdev, void *data,
256 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
261 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
265 hdev->link_policy = get_unaligned_le16(sent);
270 static u8 hci_cc_reset(struct hci_dev *hdev, void *data, struct sk_buff *skb)
274 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
276 clear_bit(HCI_RESET, &hdev->flags);
282 hci_dev_clear_volatile_flags(hdev);
284 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
286 hdev->inq_tx_power = HCI_TX_POWER_INVALID;
287 hdev->adv_tx_power = HCI_TX_POWER_INVALID;
289 memset(hdev->adv_data, 0, sizeof(hdev->adv_data));
290 hdev->adv_data_len = 0;
292 memset(hdev->scan_rsp_data, 0, sizeof(hdev->scan_rsp_data));
293 hdev->scan_rsp_data_len = 0;
295 hdev->le_scan_type = LE_SCAN_PASSIVE;
297 hdev->ssp_debug_mode = 0;
299 hci_bdaddr_list_clear(&hdev->le_accept_list);
300 hci_bdaddr_list_clear(&hdev->le_resolv_list);
305 static u8 hci_cc_read_stored_link_key(struct hci_dev *hdev, void *data,
311 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
313 sent = hci_sent_cmd_data(hdev, HCI_OP_READ_STORED_LINK_KEY);
318 hdev->stored_max_keys = le16_to_cpu(rp->max_keys);
319 hdev->stored_num_keys = le16_to_cpu(rp->num_keys);
325 static u8 hci_cc_delete_stored_link_key(struct hci_dev *hdev, void *data,
331 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
338 if (num_keys <= hdev->stored_num_keys)
339 hdev->stored_num_keys -= num_keys;
341 hdev->stored_num_keys = 0;
346 static u8 hci_cc_write_local_name(struct hci_dev *hdev, void *data,
352 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
354 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
358 hci_dev_lock(hdev);
360 if (hci_dev_test_flag(hdev, HCI_MGMT))
361 mgmt_set_local_name_complete(hdev, sent, rp->status);
363 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
365 hci_dev_unlock(hdev);
370 static u8 hci_cc_read_local_name(struct hci_dev *hdev, void *data,
375 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
380 if (hci_dev_test_flag(hdev, HCI_SETUP) ||
381 hci_dev_test_flag(hdev, HCI_CONFIG))
382 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
387 static u8 hci_cc_write_auth_enable(struct hci_dev *hdev, void *data,
393 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
395 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
399 hci_dev_lock(hdev);
405 set_bit(HCI_AUTH, &hdev->flags);
407 clear_bit(HCI_AUTH, &hdev->flags);
410 if (hci_dev_test_flag(hdev, HCI_MGMT))
411 mgmt_auth_enable_complete(hdev, rp->status);
413 hci_dev_unlock(hdev);
418 static u8 hci_cc_write_encrypt_mode(struct hci_dev *hdev, void *data,
425 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
430 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
437 set_bit(HCI_ENCRYPT, &hdev->flags);
439 clear_bit(HCI_ENCRYPT, &hdev->flags);
444 static u8 hci_cc_write_scan_enable(struct hci_dev *hdev, void *data,
451 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
453 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
459 hci_dev_lock(hdev);
462 hdev->discov_timeout = 0;
467 set_bit(HCI_ISCAN, &hdev->flags);
469 clear_bit(HCI_ISCAN, &hdev->flags);
472 set_bit(HCI_PSCAN, &hdev->flags);
474 clear_bit(HCI_PSCAN, &hdev->flags);
477 hci_dev_unlock(hdev);
482 static u8 hci_cc_set_event_filter(struct hci_dev *hdev, void *data,
489 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
494 sent = hci_sent_cmd_data(hdev, HCI_OP_SET_EVENT_FLT);
501 hci_dev_clear_flag(hdev, HCI_EVENT_FILTER_CONFIGURED);
503 hci_dev_set_flag(hdev, HCI_EVENT_FILTER_CONFIGURED);
508 static u8 hci_cc_read_class_of_dev(struct hci_dev *hdev, void *data,
513 if (WARN_ON(!hdev))
516 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
521 memcpy(hdev->dev_class, rp->dev_class, 3);
523 bt_dev_dbg(hdev, "class 0x%.2x%.2x%.2x", hdev->dev_class[2],
524 hdev->dev_class[1], hdev->dev_class[0]);
529 static u8 hci_cc_write_class_of_dev(struct hci_dev *hdev, void *data,
535 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
537 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
541 hci_dev_lock(hdev);
544 memcpy(hdev->dev_class, sent, 3);
546 if (hci_dev_test_flag(hdev, HCI_MGMT))
547 mgmt_set_class_of_dev_complete(hdev, sent, rp->status);
549 hci_dev_unlock(hdev);
554 static u8 hci_cc_read_voice_setting(struct hci_dev *hdev, void *data,
560 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
567 if (hdev->voice_setting == setting)
570 hdev->voice_setting = setting;
572 bt_dev_dbg(hdev, "voice setting 0x%4.4x", setting);
574 if (hdev->notify)
575 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
580 static u8 hci_cc_write_voice_setting(struct hci_dev *hdev, void *data,
587 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
592 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
598 if (hdev->voice_setting == setting)
601 hdev->voice_setting = setting;
603 bt_dev_dbg(hdev, "voice setting 0x%4.4x", setting);
605 if (hdev->notify)
606 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
611 static u8 hci_cc_read_num_supported_iac(struct hci_dev *hdev, void *data,
616 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
621 hdev->num_iac = rp->num_iac;
623 bt_dev_dbg(hdev, "num iac %d", hdev->num_iac);
628 static u8 hci_cc_write_ssp_mode(struct hci_dev *hdev, void *data,
634 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
636 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
640 hci_dev_lock(hdev);
644 hdev->features[1][0] |= LMP_HOST_SSP;
646 hdev->features[1][0] &= ~LMP_HOST_SSP;
651 hci_dev_set_flag(hdev, HCI_SSP_ENABLED);
653 hci_dev_clear_flag(hdev, HCI_SSP_ENABLED);
656 hci_dev_unlock(hdev);
661 static u8 hci_cc_write_sc_support(struct hci_dev *hdev, void *data,
667 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
669 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SC_SUPPORT);
673 hci_dev_lock(hdev);
677 hdev->features[1][0] |= LMP_HOST_SC;
679 hdev->features[1][0] &= ~LMP_HOST_SC;
682 if (!hci_dev_test_flag(hdev, HCI_MGMT) && !rp->status) {
684 hci_dev_set_flag(hdev, HCI_SC_ENABLED);
686 hci_dev_clear_flag(hdev, HCI_SC_ENABLED);
689 hci_dev_unlock(hdev);
694 static u8 hci_cc_read_local_version(struct hci_dev *hdev, void *data,
699 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
704 if (hci_dev_test_flag(hdev, HCI_SETUP) ||
705 hci_dev_test_flag(hdev, HCI_CONFIG)) {
706 hdev->hci_ver = rp->hci_ver;
707 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
708 hdev->lmp_ver = rp->lmp_ver;
709 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
710 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
716 static u8 hci_cc_read_enc_key_size(struct hci_dev *hdev, void *data,
724 bt_dev_dbg(hdev, "status 0x%2.2x", status);
728 hci_dev_lock(hdev);
730 conn = hci_conn_hash_lookup_handle(hdev, handle);
741 bt_dev_err(hdev, "failed to read key size for handle %u",
748 if (conn->enc_key_size < hdev->min_enc_key_size) {
766 hci_dev_unlock(hdev);
771 static u8 hci_cc_read_local_commands(struct hci_dev *hdev, void *data,
776 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
781 if (hci_dev_test_flag(hdev, HCI_SETUP) ||
782 hci_dev_test_flag(hdev, HCI_CONFIG))
783 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
788 static u8 hci_cc_read_auth_payload_timeout(struct hci_dev *hdev, void *data,
794 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
799 hci_dev_lock(hdev);
801 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
805 hci_dev_unlock(hdev);
810 static u8 hci_cc_write_auth_payload_timeout(struct hci_dev *hdev, void *data,
817 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
819 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_PAYLOAD_TO);
823 hci_dev_lock(hdev);
825 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
835 hci_dev_unlock(hdev);
840 static u8 hci_cc_read_local_features(struct hci_dev *hdev, void *data,
845 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
850 memcpy(hdev->features, rp->features, 8);
855 if (hdev->features[0][0] & LMP_3SLOT)
856 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
858 if (hdev->features[0][0] & LMP_5SLOT)
859 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
861 if (hdev->features[0][1] & LMP_HV2) {
862 hdev->pkt_type |= (HCI_HV2);
863 hdev->esco_type |= (ESCO_HV2);
866 if (hdev->features[0][1] & LMP_HV3) {
867 hdev->pkt_type |= (HCI_HV3);
868 hdev->esco_type |= (ESCO_HV3);
871 if (lmp_esco_capable(hdev))
872 hdev->esco_type |= (ESCO_EV3);
874 if (hdev->features[0][4] & LMP_EV4)
875 hdev->esco_type |= (ESCO_EV4);
877 if (hdev->features[0][4] & LMP_EV5)
878 hdev->esco_type |= (ESCO_EV5);
880 if (hdev->features[0][5] & LMP_EDR_ESCO_2M)
881 hdev->esco_type |= (ESCO_2EV3);
883 if (hdev->features[0][5] & LMP_EDR_ESCO_3M)
884 hdev->esco_type |= (ESCO_3EV3);
886 if (hdev->features[0][5] & LMP_EDR_3S_ESCO)
887 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
892 static u8 hci_cc_read_local_ext_features(struct hci_dev *hdev, void *data,
897 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
902 if (hdev->max_page < rp->max_page) {
904 &hdev->quirks))
905 bt_dev_warn(hdev, "broken local ext features page 2");
907 hdev->max_page = rp->max_page;
911 memcpy(hdev->features[rp->page], rp->features, 8);
916 static u8 hci_cc_read_buffer_size(struct hci_dev *hdev, void *data,
921 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
926 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
927 hdev->sco_mtu = rp->sco_mtu;
928 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
929 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
931 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
932 hdev->sco_mtu = 64;
933 hdev->sco_pkts = 8;
936 hdev->acl_cnt = hdev->acl_pkts;
937 hdev->sco_cnt = hdev->sco_pkts;
939 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu,
940 hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts);
942 if (!hdev->acl_mtu || !hdev->acl_pkts)
948 static u8 hci_cc_read_bd_addr(struct hci_dev *hdev, void *data,
953 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
958 if (test_bit(HCI_INIT, &hdev->flags))
959 bacpy(&hdev->bdaddr, &rp->bdaddr);
961 if (hci_dev_test_flag(hdev, HCI_SETUP))
962 bacpy(&hdev->setup_addr, &rp->bdaddr);
967 static u8 hci_cc_read_local_pairing_opts(struct hci_dev *hdev, void *data,
972 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
977 if (hci_dev_test_flag(hdev, HCI_SETUP) ||
978 hci_dev_test_flag(hdev, HCI_CONFIG)) {
979 hdev->pairing_opts = rp->pairing_opts;
980 hdev->max_enc_key_size = rp->max_key_size;
986 static u8 hci_cc_read_page_scan_activity(struct hci_dev *hdev, void *data,
991 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
996 if (test_bit(HCI_INIT, &hdev->flags)) {
997 hdev->page_scan_interval = __le16_to_cpu(rp->interval);
998 hdev->page_scan_window = __le16_to_cpu(rp->window);
1004 static u8 hci_cc_write_page_scan_activity(struct hci_dev *hdev, void *data,
1010 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1015 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY);
1019 hdev->page_scan_interval = __le16_to_cpu(sent->interval);
1020 hdev->page_scan_window = __le16_to_cpu(sent->window);
1025 static u8 hci_cc_read_page_scan_type(struct hci_dev *hdev, void *data,
1030 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1035 if (test_bit(HCI_INIT, &hdev->flags))
1036 hdev->page_scan_type = rp->type;
1041 static u8 hci_cc_write_page_scan_type(struct hci_dev *hdev, void *data,
1047 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1052 type = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE);
1054 hdev->page_scan_type = *type;
1059 static u8 hci_cc_read_clock(struct hci_dev *hdev, void *data,
1066 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1071 hci_dev_lock(hdev);
1073 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_CLOCK);
1078 hdev->clock = le32_to_cpu(rp->clock);
1082 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
1089 hci_dev_unlock(hdev);
1093 static u8 hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev, void *data,
1098 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1103 hdev->inq_tx_power = rp->tx_power;
1108 static u8 hci_cc_read_def_err_data_reporting(struct hci_dev *hdev, void *data,
1113 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1118 hdev->err_data_reporting = rp->err_data_reporting;
1123 static u8 hci_cc_write_def_err_data_reporting(struct hci_dev *hdev, void *data,
1129 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1134 cp = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_ERR_DATA_REPORTING);
1138 hdev->err_data_reporting = cp->err_data_reporting;
1143 static u8 hci_cc_pin_code_reply(struct hci_dev *hdev, void *data,
1150 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1152 hci_dev_lock(hdev);
1154 if (hci_dev_test_flag(hdev, HCI_MGMT))
1155 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
1160 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
1164 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1169 hci_dev_unlock(hdev);
1173 static u8 hci_cc_pin_code_neg_reply(struct hci_dev *hdev, void *data,
1178 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1180 hci_dev_lock(hdev);
1182 if (hci_dev_test_flag(hdev, HCI_MGMT))
1183 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
1186 hci_dev_unlock(hdev);
1191 static u8 hci_cc_le_read_buffer_size(struct hci_dev *hdev, void *data,
1196 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1201 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
1202 hdev->le_pkts = rp->le_max_pkt;
1204 hdev->le_cnt = hdev->le_pkts;
1206 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
1208 if (hdev->le_mtu && hdev->le_mtu < HCI_MIN_LE_MTU)
1214 static u8 hci_cc_le_read_local_features(struct hci_dev *hdev, void *data,
1219 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1224 memcpy(hdev->le_features, rp->features, 8);
1229 static u8 hci_cc_le_read_adv_tx_power(struct hci_dev *hdev, void *data,
1234 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1239 hdev->adv_tx_power = rp->tx_power;
1244 static u8 hci_cc_user_confirm_reply(struct hci_dev *hdev, void *data,
1249 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1251 hci_dev_lock(hdev);
1253 if (hci_dev_test_flag(hdev, HCI_MGMT))
1254 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0,
1257 hci_dev_unlock(hdev);
1262 static u8 hci_cc_user_confirm_neg_reply(struct hci_dev *hdev, void *data,
1267 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1269 hci_dev_lock(hdev);
1271 if (hci_dev_test_flag(hdev, HCI_MGMT))
1272 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
1275 hci_dev_unlock(hdev);
1280 static u8 hci_cc_user_passkey_reply(struct hci_dev *hdev, void *data,
1285 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1287 hci_dev_lock(hdev);
1289 if (hci_dev_test_flag(hdev, HCI_MGMT))
1290 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
1293 hci_dev_unlock(hdev);
1298 static u8 hci_cc_user_passkey_neg_reply(struct hci_dev *hdev, void *data,
1303 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1305 hci_dev_lock(hdev);
1307 if (hci_dev_test_flag(hdev, HCI_MGMT))
1308 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
1311 hci_dev_unlock(hdev);
1316 static u8 hci_cc_read_local_oob_data(struct hci_dev *hdev, void *data,
1321 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1326 static u8 hci_cc_read_local_oob_ext_data(struct hci_dev *hdev, void *data,
1331 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1336 static u8 hci_cc_le_set_random_addr(struct hci_dev *hdev, void *data,
1342 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1347 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_RANDOM_ADDR);
1351 hci_dev_lock(hdev);
1353 bacpy(&hdev->random_addr, sent);
1355 if (!bacmp(&hdev->rpa, sent)) {
1356 hci_dev_clear_flag(hdev, HCI_RPA_EXPIRED);
1357 queue_delayed_work(hdev->workqueue, &hdev->rpa_expired,
1358 secs_to_jiffies(hdev->rpa_timeout));
1361 hci_dev_unlock(hdev);
1366 static u8 hci_cc_le_set_default_phy(struct hci_dev *hdev, void *data,
1372 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1377 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_DEFAULT_PHY);
1381 hci_dev_lock(hdev);
1383 hdev->le_tx_def_phys = cp->tx_phys;
1384 hdev->le_rx_def_phys = cp->rx_phys;
1386 hci_dev_unlock(hdev);
1391 static u8 hci_cc_le_set_adv_set_random_addr(struct hci_dev *hdev, void *data,
1398 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1403 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_SET_RAND_ADDR);
1411 hci_dev_lock(hdev);
1413 adv = hci_find_adv_instance(hdev, cp->handle);
1416 if (!bacmp(&hdev->rpa, &cp->bdaddr)) {
1418 queue_delayed_work(hdev->workqueue,
1420 secs_to_jiffies(hdev->rpa_timeout));
1424 hci_dev_unlock(hdev);
1429 static u8 hci_cc_le_remove_adv_set(struct hci_dev *hdev, void *data,
1436 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1441 instance = hci_sent_cmd_data(hdev, HCI_OP_LE_REMOVE_ADV_SET);
1445 hci_dev_lock(hdev);
1447 err = hci_remove_adv_instance(hdev, *instance);
1449 mgmt_advertising_removed(hci_skb_sk(hdev->sent_cmd), hdev,
1452 hci_dev_unlock(hdev);
1457 static u8 hci_cc_le_clear_adv_sets(struct hci_dev *hdev, void *data,
1464 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1469 if (!hci_sent_cmd_data(hdev, HCI_OP_LE_CLEAR_ADV_SETS))
1472 hci_dev_lock(hdev);
1474 list_for_each_entry_safe(adv, n, &hdev->adv_instances, list) {
1477 err = hci_remove_adv_instance(hdev, instance);
1479 mgmt_advertising_removed(hci_skb_sk(hdev->sent_cmd),
1480 hdev, instance);
1483 hci_dev_unlock(hdev);
1488 static u8 hci_cc_le_read_transmit_power(struct hci_dev *hdev, void *data,
1493 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1498 hdev->min_le_tx_power = rp->min_le_tx_power;
1499 hdev->max_le_tx_power = rp->max_le_tx_power;
1504 static u8 hci_cc_le_set_privacy_mode(struct hci_dev *hdev, void *data,
1511 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1516 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_PRIVACY_MODE);
1520 hci_dev_lock(hdev);
1522 params = hci_conn_params_lookup(hdev, &cp->bdaddr, cp->bdaddr_type);
1526 hci_dev_unlock(hdev);
1531 static u8 hci_cc_le_set_adv_enable(struct hci_dev *hdev, void *data,
1537 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1542 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_ENABLE);
1546 hci_dev_lock(hdev);
1554 hci_dev_set_flag(hdev, HCI_LE_ADV);
1556 conn = hci_lookup_le_connect(hdev);
1558 queue_delayed_work(hdev->workqueue,
1562 hci_dev_clear_flag(hdev, HCI_LE_ADV);
1565 hci_dev_unlock(hdev);
1570 static u8 hci_cc_le_set_ext_adv_enable(struct hci_dev *hdev, void *data,
1578 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1583 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_EXT_ADV_ENABLE);
1589 hci_dev_lock(hdev);
1592 adv = hci_find_adv_instance(hdev, set->handle);
1597 hci_dev_set_flag(hdev, HCI_LE_ADV);
1602 conn = hci_lookup_le_connect(hdev);
1604 queue_delayed_work(hdev->workqueue,
1615 list_for_each_entry_safe(adv, n, &hdev->adv_instances,
1622 list_for_each_entry_safe(adv, n, &hdev->adv_instances,
1627 hci_dev_clear_flag(hdev, HCI_LE_ADV);
1631 hci_dev_unlock(hdev);
1635 static u8 hci_cc_le_set_scan_param(struct hci_dev *hdev, void *data,
1641 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1646 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_PARAM);
1650 hci_dev_lock(hdev);
1652 hdev->le_scan_type = cp->type;
1654 hci_dev_unlock(hdev);
1659 static u8 hci_cc_le_set_ext_scan_param(struct hci_dev *hdev, void *data,
1666 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1671 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_EXT_SCAN_PARAMS);
1677 hci_dev_lock(hdev);
1679 hdev->le_scan_type = phy_param->type;
1681 hci_dev_unlock(hdev);
1686 static bool has_pending_adv_report(struct hci_dev *hdev)
1688 struct discovery_state *d = &hdev->discovery;
1693 static void clear_pending_adv_report(struct hci_dev *hdev)
1695 struct discovery_state *d = &hdev->discovery;
1701 static void store_pending_adv_report(struct hci_dev *hdev, bdaddr_t *bdaddr,
1705 struct discovery_state *d = &hdev->discovery;
1707 if (len > max_adv_len(hdev))
1718 static void le_set_scan_enable_complete(struct hci_dev *hdev, u8 enable)
1720 hci_dev_lock(hdev);
1724 hci_dev_set_flag(hdev, HCI_LE_SCAN);
1725 if (hdev->le_scan_type == LE_SCAN_ACTIVE)
1726 clear_pending_adv_report(hdev);
1727 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
1735 if (has_pending_adv_report(hdev)) {
1736 struct discovery_state *d = &hdev->discovery;
1738 mgmt_device_found(hdev, &d->last_adv_addr, LE_LINK,
1748 cancel_delayed_work(&hdev->le_scan_disable);
1750 hci_dev_clear_flag(hdev, HCI_LE_SCAN);
1756 if (hci_dev_test_and_clear_flag(hdev, HCI_LE_SCAN_INTERRUPTED))
1757 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1758 else if (!hci_dev_test_flag(hdev, HCI_LE_ADV) &&
1759 hdev->discovery.state == DISCOVERY_FINDING)
1760 queue_work(hdev->workqueue, &hdev->reenable_adv_work);
1765 bt_dev_err(hdev, "use of reserved LE_Scan_Enable param %d",
1770 hci_dev_unlock(hdev);
1773 static u8 hci_cc_le_set_scan_enable(struct hci_dev *hdev, void *data,
1779 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1784 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1788 le_set_scan_enable_complete(hdev, cp->enable);
1793 static u8 hci_cc_le_set_ext_scan_enable(struct hci_dev *hdev, void *data,
1799 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1804 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_EXT_SCAN_ENABLE);
1808 le_set_scan_enable_complete(hdev, cp->enable);
1813 static u8 hci_cc_le_read_num_adv_sets(struct hci_dev *hdev, void *data,
1818 bt_dev_dbg(hdev, "status 0x%2.2x No of Adv sets %u", rp->status,
1824 hdev->le_num_of_adv_sets = rp->num_of_sets;
1829 static u8 hci_cc_le_read_accept_list_size(struct hci_dev *hdev, void *data,
1834 bt_dev_dbg(hdev, "status 0x%2.2x size %u", rp->status, rp->size);
1839 hdev->le_accept_list_size = rp->size;
1844 static u8 hci_cc_le_clear_accept_list(struct hci_dev *hdev, void *data,
1849 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1854 hci_dev_lock(hdev);
1855 hci_bdaddr_list_clear(&hdev->le_accept_list);
1856 hci_dev_unlock(hdev);
1861 static u8 hci_cc_le_add_to_accept_list(struct hci_dev *hdev, void *data,
1867 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1872 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_ADD_TO_ACCEPT_LIST);
1876 hci_dev_lock(hdev);
1877 hci_bdaddr_list_add(&hdev->le_accept_list, &sent->bdaddr,
1879 hci_dev_unlock(hdev);
1884 static u8 hci_cc_le_del_from_accept_list(struct hci_dev *hdev, void *data,
1890 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1895 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_DEL_FROM_ACCEPT_LIST);
1899 hci_dev_lock(hdev);
1900 hci_bdaddr_list_del(&hdev->le_accept_list, &sent->bdaddr,
1902 hci_dev_unlock(hdev);
1907 static u8 hci_cc_le_read_supported_states(struct hci_dev *hdev, void *data,
1912 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1917 memcpy(hdev->le_states, rp->le_states, 8);
1922 static u8 hci_cc_le_read_def_data_len(struct hci_dev *hdev, void *data,
1927 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1932 hdev->le_def_tx_len = le16_to_cpu(rp->tx_len);
1933 hdev->le_def_tx_time = le16_to_cpu(rp->tx_time);
1938 static u8 hci_cc_le_write_def_data_len(struct hci_dev *hdev, void *data,
1944 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1949 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_WRITE_DEF_DATA_LEN);
1953 hdev->le_def_tx_len = le16_to_cpu(sent->tx_len);
1954 hdev->le_def_tx_time = le16_to_cpu(sent->tx_time);
1959 static u8 hci_cc_le_add_to_resolv_list(struct hci_dev *hdev, void *data,
1965 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1970 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_ADD_TO_RESOLV_LIST);
1974 hci_dev_lock(hdev);
1975 hci_bdaddr_list_add_with_irk(&hdev->le_resolv_list, &sent->bdaddr,
1978 hci_dev_unlock(hdev);
1983 static u8 hci_cc_le_del_from_resolv_list(struct hci_dev *hdev, void *data,
1989 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
1994 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_DEL_FROM_RESOLV_LIST);
1998 hci_dev_lock(hdev);
1999 hci_bdaddr_list_del_with_irk(&hdev->le_resolv_list, &sent->bdaddr,
2001 hci_dev_unlock(hdev);
2006 static u8 hci_cc_le_clear_resolv_list(struct hci_dev *hdev, void *data,
2011 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
2016 hci_dev_lock(hdev);
2017 hci_bdaddr_list_clear(&hdev->le_resolv_list);
2018 hci_dev_unlock(hdev);
2023 static u8 hci_cc_le_read_resolv_list_size(struct hci_dev *hdev, void *data,
2028 bt_dev_dbg(hdev, "status 0x%2.2x size %u", rp->status, rp->size);
2033 hdev->le_resolv_list_size = rp->size;
2038 static u8 hci_cc_le_set_addr_resolution_enable(struct hci_dev *hdev, void *data,
2044 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
2049 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADDR_RESOLV_ENABLE);
2053 hci_dev_lock(hdev);
2056 hci_dev_set_flag(hdev, HCI_LL_RPA_RESOLUTION);
2058 hci_dev_clear_flag(hdev, HCI_LL_RPA_RESOLUTION);
2060 hci_dev_unlock(hdev);
2065 static u8 hci_cc_le_read_max_data_len(struct hci_dev *hdev, void *data,
2070 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
2075 hdev->le_max_tx_len = le16_to_cpu(rp->tx_len);
2076 hdev->le_max_tx_time = le16_to_cpu(rp->tx_time);
2077 hdev->le_max_rx_len = le16_to_cpu(rp->rx_len);
2078 hdev->le_max_rx_time = le16_to_cpu(rp->rx_time);
2083 static u8 hci_cc_write_le_host_supported(struct hci_dev *hdev, void *data,
2089 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
2094 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED);
2098 hci_dev_lock(hdev);
2101 hdev->features[1][0] |= LMP_HOST_LE;
2102 hci_dev_set_flag(hdev, HCI_LE_ENABLED);
2104 hdev->features[1][0] &= ~LMP_HOST_LE;
2105 hci_dev_clear_flag(hdev, HCI_LE_ENABLED);
2106 hci_dev_clear_flag(hdev, HCI_ADVERTISING);
2110 hdev->features[1][0] |= LMP_HOST_LE_BREDR;
2112 hdev->features[1][0] &= ~LMP_HOST_LE_BREDR;
2114 hci_dev_unlock(hdev);
2119 static u8 hci_cc_set_adv_param(struct hci_dev *hdev, void *data,
2125 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
2130 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_PARAM);
2134 hci_dev_lock(hdev);
2135 hdev->adv_addr_type = cp->own_address_type;
2136 hci_dev_unlock(hdev);
2141 static u8 hci_cc_set_ext_adv_param(struct hci_dev *hdev, void *data,
2148 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
2153 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_EXT_ADV_PARAMS);
2157 hci_dev_lock(hdev);
2158 hdev->adv_addr_type = cp->own_addr_type;
2160 /* Store in hdev for instance 0 */
2161 hdev->adv_tx_power = rp->tx_power;
2163 adv_instance = hci_find_adv_instance(hdev, cp->handle);
2168 hci_update_adv_data(hdev, cp->handle);
2170 hci_dev_unlock(hdev);
2175 static u8 hci_cc_read_rssi(struct hci_dev *hdev, void *data,
2181 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
2186 hci_dev_lock(hdev);
2188 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
2192 hci_dev_unlock(hdev);
2197 static u8 hci_cc_read_tx_power(struct hci_dev *hdev, void *data,
2204 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
2209 sent = hci_sent_cmd_data(hdev, HCI_OP_READ_TX_POWER);
2213 hci_dev_lock(hdev);
2215 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
2229 hci_dev_unlock(hdev);
2233 static u8 hci_cc_write_ssp_debug_mode(struct hci_dev *hdev, void *data,
2239 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
2244 mode = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_DEBUG_MODE);
2246 hdev->ssp_debug_mode = *mode;
2251 static void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
2253 bt_dev_dbg(hdev, "status 0x%2.2x", status);
2258 if (hci_sent_cmd_data(hdev, HCI_OP_INQUIRY))
2259 set_bit(HCI_INQUIRY, &hdev->flags);
2262 static void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
2267 bt_dev_dbg(hdev, "status 0x%2.2x", status);
2269 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
2273 hci_dev_lock(hdev);
2275 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
2277 bt_dev_dbg(hdev, "bdaddr %pMR hcon %p", &cp->bdaddr, conn);
2287 conn = hci_conn_add_unset(hdev, ACL_LINK, &cp->bdaddr,
2290 bt_dev_err(hdev, "connection err: %ld", PTR_ERR(conn));
2294 hci_dev_unlock(hdev);
2297 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
2304 bt_dev_dbg(hdev, "status 0x%2.2x", status);
2309 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
2315 bt_dev_dbg(hdev, "handle 0x%4.4x", handle);
2317 hci_dev_lock(hdev);
2319 acl = hci_conn_hash_lookup_handle(hdev, handle);
2331 hci_dev_unlock(hdev);
2334 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
2339 bt_dev_dbg(hdev, "status 0x%2.2x", status);
2344 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
2348 hci_dev_lock(hdev);
2350 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
2358 hci_dev_unlock(hdev);
2361 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
2366 bt_dev_dbg(hdev, "status 0x%2.2x", status);
2371 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
2375 hci_dev_lock(hdev);
2377 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
2385 hci_dev_unlock(hdev);
2388 static int hci_outgoing_auth_needed(struct hci_dev *hdev,
2410 static int hci_resolve_name(struct hci_dev *hdev,
2422 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2425 static bool hci_resolve_next_name(struct hci_dev *hdev)
2427 struct discovery_state *discov = &hdev->discovery;
2435 bt_dev_warn_ratelimited(hdev, "Name resolve takes too long.");
2439 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
2443 if (hci_resolve_name(hdev, e) == 0) {
2451 static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
2454 struct discovery_state *discov = &hdev->discovery;
2463 mgmt_device_connected(hdev, conn, name, name_len);
2474 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
2485 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00, e->data.rssi,
2488 if (hci_resolve_next_name(hdev))
2492 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2495 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
2500 bt_dev_dbg(hdev, "status 0x%2.2x", status);
2507 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
2511 hci_dev_lock(hdev);
2513 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
2515 if (hci_dev_test_flag(hdev, HCI_MGMT))
2516 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
2521 if (!hci_outgoing_auth_needed(hdev, conn))
2530 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED,
2535 hci_dev_unlock(hdev);
2538 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
2543 bt_dev_dbg(hdev, "status 0x%2.2x", status);
2548 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
2552 hci_dev_lock(hdev);
2554 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
2562 hci_dev_unlock(hdev);
2565 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
2570 bt_dev_dbg(hdev, "status 0x%2.2x", status);
2575 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
2579 hci_dev_lock(hdev);
2581 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
2589 hci_dev_unlock(hdev);
2592 static void hci_setup_sync_conn_status(struct hci_dev *hdev, __u16 handle,
2598 bt_dev_dbg(hdev, "handle 0x%4.4x status 0x%2.2x", handle, status);
2600 hci_dev_lock(hdev);
2602 acl = hci_conn_hash_lookup_handle(hdev, handle);
2614 hci_dev_unlock(hdev);
2617 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
2621 bt_dev_dbg(hdev, "status 0x%2.2x", status);
2626 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
2630 hci_setup_sync_conn_status(hdev, __le16_to_cpu(cp->handle), status);
2633 static void hci_cs_enhanced_setup_sync_conn(struct hci_dev *hdev, __u8 status)
2637 bt_dev_dbg(hdev, "status 0x%2.2x", status);
2642 cp = hci_sent_cmd_data(hdev, HCI_OP_ENHANCED_SETUP_SYNC_CONN);
2646 hci_setup_sync_conn_status(hdev, __le16_to_cpu(cp->handle), status);
2649 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
2654 bt_dev_dbg(hdev, "status 0x%2.2x", status);
2659 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
2663 hci_dev_lock(hdev);
2665 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
2673 hci_dev_unlock(hdev);
2676 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
2681 bt_dev_dbg(hdev, "status 0x%2.2x", status);
2686 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
2690 hci_dev_lock(hdev);
2692 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
2700 hci_dev_unlock(hdev);
2703 static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
2710 bt_dev_dbg(hdev, "status 0x%2.2x", status);
2715 if (!status && !hdev->suspended)
2718 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
2722 hci_dev_lock(hdev);
2724 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
2729 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
2733 hdev->cur_adv_instance = conn->adv_instance;
2734 hci_enable_advertising(hdev);
2747 hci_remove_link_key(hdev, &conn->dst);
2750 params = hci_conn_params_lookup(hdev, &conn->dst, conn->dst_type);
2761 hci_pend_le_list_add(params, &hdev->pend_le_conns);
2769 mgmt_device_disconnected(hdev, &conn->dst, conn->type, conn->dst_type,
2782 hci_dev_unlock(hdev);
2785 static u8 ev_bdaddr_type(struct hci_dev *hdev, u8 type, bool *resolved)
2807 static void cs_le_create_conn(struct hci_dev *hdev, bdaddr_t *peer_addr,
2813 conn = hci_conn_hash_lookup_le(hdev, peer_addr,
2818 own_address_type = ev_bdaddr_type(hdev, own_address_type, NULL);
2826 bacpy(&conn->init_addr, &hdev->random_addr);
2828 bacpy(&conn->init_addr, &hdev->bdaddr);
2834 static void hci_cs_le_create_conn(struct hci_dev *hdev, u8 status)
2838 bt_dev_dbg(hdev, "status 0x%2.2x", status);
2847 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
2851 hci_dev_lock(hdev);
2853 cs_le_create_conn(hdev, &cp->peer_addr, cp->peer_addr_type,
2856 hci_dev_unlock(hdev);
2859 static void hci_cs_le_ext_create_conn(struct hci_dev *hdev, u8 status)
2863 bt_dev_dbg(hdev, "status 0x%2.2x", status);
2872 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_EXT_CREATE_CONN);
2876 hci_dev_lock(hdev);
2878 cs_le_create_conn(hdev, &cp->peer_addr, cp->peer_addr_type,
2881 hci_dev_unlock(hdev);
2884 static void hci_cs_le_read_remote_features(struct hci_dev *hdev, u8 status)
2889 bt_dev_dbg(hdev, "status 0x%2.2x", status);
2894 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_READ_REMOTE_FEATURES);
2898 hci_dev_lock(hdev);
2900 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
2908 hci_dev_unlock(hdev);
2911 static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
2916 bt_dev_dbg(hdev, "status 0x%2.2x", status);
2921 hci_dev_lock(hdev);
2923 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_START_ENC);
2927 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
2938 hci_dev_unlock(hdev);
2941 static void hci_cs_switch_role(struct hci_dev *hdev, u8 status)
2946 BT_DBG("%s status 0x%2.2x", hdev->name, status);
2951 cp = hci_sent_cmd_data(hdev, HCI_OP_SWITCH_ROLE);
2955 hci_dev_lock(hdev);
2957 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
2961 hci_dev_unlock(hdev);
2964 static void hci_inquiry_complete_evt(struct hci_dev *hdev, void *data,
2968 struct discovery_state *discov = &hdev->discovery;
2971 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
2973 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
2977 wake_up_bit(&hdev->flags, HCI_INQUIRY);
2979 if (!hci_dev_test_flag(hdev, HCI_MGMT))
2982 hci_dev_lock(hdev);
2995 if (!hci_dev_test_flag(hdev, HCI_LE_SCAN) ||
2996 !test_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks))
2997 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3001 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
3002 if (e && hci_resolve_name(hdev, e) == 0) {
3004 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
3014 if (!hci_dev_test_flag(hdev, HCI_LE_SCAN) ||
3015 !test_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks))
3016 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3020 hci_dev_unlock(hdev);
3023 static void hci_inquiry_result_evt(struct hci_dev *hdev, void *edata,
3030 if (!hci_ev_skb_pull(hdev, skb, HCI_EV_INQUIRY_RESULT,
3034 bt_dev_dbg(hdev, "num %d", ev->num);
3039 if (hci_dev_test_flag(hdev, HCI_PERIODIC_INQ))
3042 hci_dev_lock(hdev);
3057 flags = hci_inquiry_cache_update(hdev, &data, false);
3059 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
3064 hci_dev_unlock(hdev);
3067 static void hci_conn_complete_evt(struct hci_dev *hdev, void *data,
3074 bt_dev_dbg(hdev, "status 0x%2.2x", status);
3076 hci_dev_lock(hdev);
3078 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
3096 hci_bdaddr_list_lookup_with_flags(&hdev->accept_list,
3099 conn = hci_conn_add_unset(hdev, ev->link_type,
3102 bt_dev_err(hdev, "connection err: %ld", PTR_ERR(conn));
3109 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK,
3125 bt_dev_err(hdev, "Ignoring HCI_Connection_Complete for existing connection");
3139 !hci_find_link_key(hdev, &ev->bdaddr))
3149 if (test_bit(HCI_AUTH, &hdev->flags))
3152 if (test_bit(HCI_ENCRYPT, &hdev->flags))
3161 key = hci_find_link_key(hdev, &ev->bdaddr);
3165 if (!read_key_size_capable(hdev)) {
3169 if (hci_send_cmd(hdev, HCI_OP_READ_ENC_KEY_SIZE,
3171 bt_dev_err(hdev, "sending read key size failed");
3184 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
3187 hci_update_scan(hdev);
3191 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
3195 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, sizeof(cp),
3209 if (hdev->notify)
3210 hdev->notify(hdev, HCI_NOTIFY_ENABLE_SCO_CVSD);
3218 hci_dev_unlock(hdev);
3221 static void hci_reject_conn(struct hci_dev *hdev, bdaddr_t *bdaddr)
3227 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
3230 static void hci_conn_request_evt(struct hci_dev *hdev, void *data,
3234 int mask = hdev->link_mode;
3239 bt_dev_dbg(hdev, "bdaddr %pMR type 0x%x", &ev->bdaddr, ev->link_type);
3244 if (hdev && !bacmp(&hdev->bdaddr, &ev->bdaddr)) {
3245 bt_dev_dbg(hdev, "Reject connection with same BD_ADDR %pMR\n",
3247 hci_reject_conn(hdev, &ev->bdaddr);
3251 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type,
3255 hci_reject_conn(hdev, &ev->bdaddr);
3259 hci_dev_lock(hdev);
3261 if (hci_bdaddr_list_lookup(&hdev->reject_list, &ev->bdaddr,
3263 hci_reject_conn(hdev, &ev->bdaddr);
3271 if (hci_dev_test_flag(hdev, HCI_MGMT) &&
3272 !hci_dev_test_flag(hdev, HCI_CONNECTABLE) &&
3273 !hci_bdaddr_list_lookup_with_flags(&hdev->accept_list, &ev->bdaddr,
3275 hci_reject_conn(hdev, &ev->bdaddr);
3281 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3285 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type,
3288 conn = hci_conn_add_unset(hdev, ev->link_type, &ev->bdaddr,
3291 bt_dev_err(hdev, "connection err: %ld", PTR_ERR(conn));
3298 hci_dev_unlock(hdev);
3301 (!(flags & HCI_PROTO_DEFER) && !lmp_esco_capable(hdev))) {
3307 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
3312 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp), &cp);
3323 cp.content_format = cpu_to_le16(hdev->voice_setting);
3326 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ, sizeof(cp),
3335 hci_dev_unlock(hdev);
3354 static void hci_disconn_complete_evt(struct hci_dev *hdev, void *data,
3363 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
3365 hci_dev_lock(hdev);
3367 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3372 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
3386 mgmt_device_disconnected(hdev, &conn->dst, conn->type, conn->dst_type,
3391 hci_remove_link_key(hdev, &conn->dst);
3393 hci_update_scan(hdev);
3396 params = hci_conn_params_lookup(hdev, &conn->dst, conn->dst_type);
3407 hci_pend_le_list_add(params, &hdev->pend_le_conns);
3408 hci_update_passive_scan(hdev);
3429 hdev->cur_adv_instance = conn->adv_instance;
3430 hci_enable_advertising(hdev);
3436 hci_dev_unlock(hdev);
3439 static void hci_auth_complete_evt(struct hci_dev *hdev, void *data,
3445 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
3447 hci_dev_lock(hdev);
3449 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3471 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
3491 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
3500 hci_dev_unlock(hdev);
3503 static void hci_remote_name_evt(struct hci_dev *hdev, void *data,
3509 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
3511 hci_dev_lock(hdev);
3513 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3515 if (!hci_dev_test_flag(hdev, HCI_MGMT))
3519 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
3522 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
3528 if (!hci_outgoing_auth_needed(hdev, conn))
3537 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
3541 hci_dev_unlock(hdev);
3544 static void hci_encrypt_change_evt(struct hci_dev *hdev, void *data,
3550 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
3552 hci_dev_lock(hdev);
3554 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3582 hci_dev_set_flag(hdev, HCI_RPA_EXPIRED);
3583 hci_adv_instances_set_rpa_expired(hdev, true);
3613 if (!read_key_size_capable(hdev)) {
3619 if (hci_send_cmd(hdev, HCI_OP_READ_ENC_KEY_SIZE,
3621 bt_dev_err(hdev, "sending read key size failed");
3638 ((conn->type == ACL_LINK && lmp_ping_capable(hdev)) ||
3639 (conn->type == LE_LINK && (hdev->le_features[0] & HCI_LE_PING)))) {
3643 cp.timeout = cpu_to_le16(hdev->auth_payload_timeout);
3644 if (hci_send_cmd(conn->hdev, HCI_OP_WRITE_AUTH_PAYLOAD_TO,
3646 bt_dev_err(hdev, "write auth payload timeout failed");
3653 hci_dev_unlock(hdev);
3656 static void hci_change_link_key_complete_evt(struct hci_dev *hdev, void *data,
3662 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
3664 hci_dev_lock(hdev);
3666 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3676 hci_dev_unlock(hdev);
3679 static void hci_remote_features_evt(struct hci_dev *hdev, void *data,
3685 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
3687 hci_dev_lock(hdev);
3689 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3699 if (!ev->status && lmp_ext_feat_capable(hdev) &&
3704 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
3714 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
3716 mgmt_device_connected(hdev, conn, NULL, 0);
3719 if (!hci_outgoing_auth_needed(hdev, conn)) {
3726 hci_dev_unlock(hdev);
3729 static inline void handle_cmd_cnt_and_timer(struct hci_dev *hdev, u8 ncmd)
3731 cancel_delayed_work(&hdev->cmd_timer);
3734 if (!test_bit(HCI_RESET, &hdev->flags)) {
3736 cancel_delayed_work(&hdev->ncmd_timer);
3737 atomic_set(&hdev->cmd_cnt, 1);
3739 if (!hci_dev_test_flag(hdev, HCI_CMD_DRAIN_WORKQUEUE))
3740 queue_delayed_work(hdev->workqueue, &hdev->ncmd_timer,
3747 static u8 hci_cc_le_read_buffer_size_v2(struct hci_dev *hdev, void *data,
3752 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
3757 hdev->le_mtu = __le16_to_cpu(rp->acl_mtu);
3758 hdev->le_pkts = rp->acl_max_pkt;
3759 hdev->iso_mtu = __le16_to_cpu(rp->iso_mtu);
3760 hdev->iso_pkts = rp->iso_max_pkt;
3762 hdev->le_cnt = hdev->le_pkts;
3763 hdev->iso_cnt = hdev->iso_pkts;
3765 BT_DBG("%s acl mtu %d:%d iso mtu %d:%d", hdev->name, hdev->acl_mtu,
3766 hdev->acl_pkts, hdev->iso_mtu, hdev->iso_pkts);
3768 if (hdev->le_mtu && hdev->le_mtu < HCI_MIN_LE_MTU)
3774 static void hci_unbound_cis_failed(struct hci_dev *hdev, u8 cig, u8 status)
3778 lockdep_assert_held(&hdev->lock);
3780 list_for_each_entry_safe(conn, tmp, &hdev->conn_hash.list, list) {
3790 static u8 hci_cc_le_set_cig_params(struct hci_dev *hdev, void *data,
3800 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
3802 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_CIG_PARAMS);
3805 bt_dev_err(hdev, "unexpected Set CIG Parameters response data");
3809 hci_dev_lock(hdev);
3819 hci_unbound_cis_failed(hdev, rp->cig_id, status);
3831 conn = hci_conn_hash_lookup_cis(hdev, NULL, 0, rp->cig_id,
3848 hci_le_create_cis_pending(hdev);
3850 hci_dev_unlock(hdev);
3855 static u8 hci_cc_le_setup_iso_path(struct hci_dev *hdev, void *data,
3862 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
3864 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SETUP_ISO_PATH);
3868 hci_dev_lock(hdev);
3870 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
3896 mgmt_device_connected(hdev, conn, NULL, 0);
3902 hci_dev_unlock(hdev);
3906 static void hci_cs_le_create_big(struct hci_dev *hdev, u8 status)
3908 bt_dev_dbg(hdev, "status 0x%2.2x", status);
3911 static u8 hci_cc_set_per_adv_param(struct hci_dev *hdev, void *data,
3917 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
3922 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_PER_ADV_PARAMS);
3930 static u8 hci_cc_le_set_per_adv_enable(struct hci_dev *hdev, void *data,
3938 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
3943 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_PER_ADV_ENABLE);
3947 hci_dev_lock(hdev);
3949 adv = hci_find_adv_instance(hdev, cp->handle);
3952 hci_dev_set_flag(hdev, HCI_LE_PER_ADV);
3962 list_for_each_entry_safe(adv, n, &hdev->adv_instances,
3971 hci_dev_clear_flag(hdev, HCI_LE_PER_ADV);
3975 hci_dev_unlock(hdev);
3996 u8 (*func)(struct hci_dev *hdev, void *data, struct sk_buff *skb);
4163 static u8 hci_cc_func(struct hci_dev *hdev, const struct hci_cc *cc,
4169 bt_dev_err(hdev, "unexpected cc 0x%4.4x length: %u < %u",
4179 bt_dev_warn(hdev, "unexpected cc 0x%4.4x length: %u > %u",
4182 data = hci_cc_skb_pull(hdev, skb, cc->op, cc->min_len);
4186 return cc->func(hdev, data, skb);
4189 static void hci_cmd_complete_evt(struct hci_dev *hdev, void *data,
4199 bt_dev_dbg(hdev, "opcode 0x%4.4x", *opcode);
4203 *status = hci_cc_func(hdev, &hci_cc_table[i], skb);
4219 handle_cmd_cnt_and_timer(hdev, ev->ncmd);
4221 hci_req_cmd_complete(hdev, *opcode, *status, req_complete,
4224 if (hci_dev_test_flag(hdev, HCI_CMD_PENDING)) {
4225 bt_dev_err(hdev,
4230 if (atomic_read(&hdev->cmd_cnt) && !skb_queue_empty(&hdev->cmd_q))
4231 queue_work(hdev->workqueue, &hdev->cmd_work);
4234 static void hci_cs_le_create_cis(struct hci_dev *hdev, u8 status)
4240 bt_dev_dbg(hdev, "status 0x%2.2x", status);
4245 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CIS);
4249 hci_dev_lock(hdev);
4258 conn = hci_conn_hash_lookup_handle(hdev, handle);
4271 hci_le_create_cis_pending(hdev);
4273 hci_dev_unlock(hdev);
4284 void (*func)(struct hci_dev *hdev, __u8 status);
4310 static void hci_cmd_status_evt(struct hci_dev *hdev, void *data,
4321 bt_dev_dbg(hdev, "opcode 0x%4.4x", *opcode);
4325 hci_cs_table[i].func(hdev, ev->status);
4330 handle_cmd_cnt_and_timer(hdev, ev->ncmd);
4338 if (ev->status || (hdev->req_skb && !hci_skb_event(hdev->req_skb))) {
4339 hci_req_cmd_complete(hdev, *opcode, ev->status, req_complete,
4341 if (hci_dev_test_flag(hdev, HCI_CMD_PENDING)) {
4342 bt_dev_err(hdev, "unexpected event for opcode 0x%4.4x",
4348 if (atomic_read(&hdev->cmd_cnt) && !skb_queue_empty(&hdev->cmd_q))
4349 queue_work(hdev->workqueue, &hdev->cmd_work);
4352 static void hci_hardware_error_evt(struct hci_dev *hdev, void *data,
4357 bt_dev_dbg(hdev, "code 0x%2.2x", ev->code);
4359 hdev->hw_error_code = ev->code;
4361 queue_work(hdev->req_workqueue, &hdev->error_reset);
4364 static void hci_role_change_evt(struct hci_dev *hdev, void *data,
4370 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
4372 hci_dev_lock(hdev);
4374 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
4384 hci_dev_unlock(hdev);
4387 static void hci_num_comp_pkts_evt(struct hci_dev *hdev, void *data,
4393 if (!hci_ev_skb_pull(hdev, skb, HCI_EV_NUM_COMP_PKTS,
4397 bt_dev_dbg(hdev, "num %d", ev->num);
4407 conn = hci_conn_hash_lookup_handle(hdev, handle);
4415 hdev->acl_cnt += count;
4416 if (hdev->acl_cnt > hdev->acl_pkts)
4417 hdev->acl_cnt = hdev->acl_pkts;
4421 if (hdev->le_pkts) {
4422 hdev->le_cnt += count;
4423 if (hdev->le_cnt > hdev->le_pkts)
4424 hdev->le_cnt = hdev->le_pkts;
4426 hdev->acl_cnt += count;
4427 if (hdev->acl_cnt > hdev->acl_pkts)
4428 hdev->acl_cnt = hdev->acl_pkts;
4433 hdev->sco_cnt += count;
4434 if (hdev->sco_cnt > hdev->sco_pkts)
4435 hdev->sco_cnt = hdev->sco_pkts;
4439 if (hdev->iso_pkts) {
4440 hdev->iso_cnt += count;
4441 if (hdev->iso_cnt > hdev->iso_pkts)
4442 hdev->iso_cnt = hdev->iso_pkts;
4443 } else if (hdev->le_pkts) {
4444 hdev->le_cnt += count;
4445 if (hdev->le_cnt > hdev->le_pkts)
4446 hdev->le_cnt = hdev->le_pkts;
4448 hdev->acl_cnt += count;
4449 if (hdev->acl_cnt > hdev->acl_pkts)
4450 hdev->acl_cnt = hdev->acl_pkts;
4455 bt_dev_err(hdev, "unknown type %d conn %p",
4461 queue_work(hdev->workqueue, &hdev->tx_work);
4464 static void hci_mode_change_evt(struct hci_dev *hdev, void *data,
4470 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
4472 hci_dev_lock(hdev);
4474 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
4490 hci_dev_unlock(hdev);
4493 static void hci_pin_code_request_evt(struct hci_dev *hdev, void *data,
4499 bt_dev_dbg(hdev, "");
4501 hci_dev_lock(hdev);
4503 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
4513 if (!hci_dev_test_flag(hdev, HCI_BONDABLE) &&
4515 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
4517 } else if (hci_dev_test_flag(hdev, HCI_MGMT)) {
4525 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
4529 hci_dev_unlock(hdev);
4564 static void hci_link_key_request_evt(struct hci_dev *hdev, void *data,
4572 bt_dev_dbg(hdev, "");
4574 if (!hci_dev_test_flag(hdev, HCI_MGMT))
4577 hci_dev_lock(hdev);
4579 key = hci_find_link_key(hdev, &ev->bdaddr);
4581 bt_dev_dbg(hdev, "link key not found for %pMR", &ev->bdaddr);
4585 bt_dev_dbg(hdev, "found key type %u for %pMR", key->type, &ev->bdaddr);
4587 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
4594 bt_dev_dbg(hdev, "ignoring unauthenticated key");
4601 bt_dev_dbg(hdev, "ignoring key unauthenticated for high security");
4611 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
4613 hci_dev_unlock(hdev);
4618 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
4619 hci_dev_unlock(hdev);
4622 static void hci_link_key_notify_evt(struct hci_dev *hdev, void *data,
4631 bt_dev_dbg(hdev, "");
4633 hci_dev_lock(hdev);
4635 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
4641 bt_dev_dbg(hdev, "Ignore NULL link key (ZERO KEY) for %pMR",
4655 if (!hci_dev_test_flag(hdev, HCI_MGMT))
4658 key = hci_add_link_key(hdev, conn, &ev->bdaddr, ev->link_key,
4669 mgmt_new_link_key(hdev, key, persistent);
4677 !hci_dev_test_flag(hdev, HCI_KEEP_DEBUG_KEYS)) {
4689 hci_dev_unlock(hdev);
4692 static void hci_clock_offset_evt(struct hci_dev *hdev, void *data,
4698 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
4700 hci_dev_lock(hdev);
4702 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
4706 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
4713 hci_dev_unlock(hdev);
4716 static void hci_pkt_type_change_evt(struct hci_dev *hdev, void *data,
4722 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
4724 hci_dev_lock(hdev);
4726 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
4730 hci_dev_unlock(hdev);
4733 static void hci_pscan_rep_mode_evt(struct hci_dev *hdev, void *data,
4739 bt_dev_dbg(hdev, "");
4741 hci_dev_lock(hdev);
4743 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
4749 hci_dev_unlock(hdev);
4752 static void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, void *edata,
4759 bt_dev_dbg(hdev, "num_rsp %d", ev->num);
4764 if (hci_dev_test_flag(hdev, HCI_PERIODIC_INQ))
4767 hci_dev_lock(hdev);
4776 info = hci_ev_skb_pull(hdev, skb,
4780 bt_dev_err(hdev, "Malformed HCI Event: 0x%2.2x",
4794 flags = hci_inquiry_cache_update(hdev, &data, false);
4796 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
4807 info = hci_ev_skb_pull(hdev, skb,
4811 bt_dev_err(hdev, "Malformed HCI Event: 0x%2.2x",
4825 flags = hci_inquiry_cache_update(hdev, &data, false);
4827 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
4832 bt_dev_err(hdev, "Malformed HCI Event: 0x%2.2x",
4836 hci_dev_unlock(hdev);
4839 static void hci_remote_ext_features_evt(struct hci_dev *hdev, void *data,
4845 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
4847 hci_dev_lock(hdev);
4849 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
4859 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
4889 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
4891 mgmt_device_connected(hdev, conn, NULL, 0);
4894 if (!hci_outgoing_auth_needed(hdev, conn)) {
4901 hci_dev_unlock(hdev);
4904 static void hci_sync_conn_complete_evt(struct hci_dev *hdev, void *data,
4920 bt_dev_err(hdev, "Ignoring connect complete event for invalid link type");
4924 bt_dev_dbg(hdev, "status 0x%2.2x", status);
4926 hci_dev_lock(hdev);
4928 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
4942 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
4954 bt_dev_err(hdev, "Ignoring HCI_Sync_Conn_Complete event for existing connection");
4982 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
4983 (hdev->esco_type & EDR_ESCO_MASK);
4994 bt_dev_dbg(hdev, "SCO connected with air mode: %02x", ev->air_mode);
4998 if (conn->codec.data_path == 0 && hdev->notify) {
5001 hdev->notify(hdev, HCI_NOTIFY_ENABLE_SCO_CVSD);
5004 hdev->notify(hdev, HCI_NOTIFY_ENABLE_SCO_TRANSP);
5014 hci_dev_unlock(hdev);
5034 static void hci_extended_inquiry_result_evt(struct hci_dev *hdev, void *edata,
5042 if (!hci_ev_skb_pull(hdev, skb, HCI_EV_EXTENDED_INQUIRY_RESULT,
5046 bt_dev_dbg(hdev, "num %d", ev->num);
5051 if (hci_dev_test_flag(hdev, HCI_PERIODIC_INQ))
5054 hci_dev_lock(hdev);
5070 if (hci_dev_test_flag(hdev, HCI_MGMT))
5077 flags = hci_inquiry_cache_update(hdev, &data, name_known);
5081 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
5086 hci_dev_unlock(hdev);
5089 static void hci_key_refresh_complete_evt(struct hci_dev *hdev, void *data,
5095 bt_dev_dbg(hdev, "status 0x%2.2x handle 0x%4.4x", ev->status,
5098 hci_dev_lock(hdev);
5100 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
5136 hci_dev_unlock(hdev);
5159 struct hci_dev *hdev = conn->hdev;
5162 data = hci_find_remote_oob_data(hdev, &conn->dst, BDADDR_BREDR);
5166 if (bredr_sc_enabled(hdev)) {
5173 if (!hci_dev_test_flag(hdev, HCI_SC_ONLY))
5199 static void hci_io_capa_request_evt(struct hci_dev *hdev, void *data,
5205 bt_dev_dbg(hdev, "");
5207 hci_dev_lock(hdev);
5209 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
5210 if (!conn || !hci_dev_test_flag(hdev, HCI_SSP_ENABLED))
5218 if (!hci_dev_test_flag(hdev, HCI_MGMT))
5224 if (hci_dev_test_flag(hdev, HCI_BONDABLE) ||
5250 if (!hci_dev_test_flag(hdev, HCI_BONDABLE))
5256 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
5264 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
5269 hci_dev_unlock(hdev);
5272 static void hci_io_capa_reply_evt(struct hci_dev *hdev, void *data,
5278 bt_dev_dbg(hdev, "");
5280 hci_dev_lock(hdev);
5282 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
5290 hci_dev_unlock(hdev);
5293 static void hci_user_confirm_request_evt(struct hci_dev *hdev, void *data,
5300 bt_dev_dbg(hdev, "");
5302 hci_dev_lock(hdev);
5304 if (!hci_dev_test_flag(hdev, HCI_MGMT))
5307 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
5321 bt_dev_dbg(hdev, "Rejecting request: remote device can't provide MITM");
5322 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
5340 bt_dev_dbg(hdev, "Confirming auto-accept as acceptor");
5349 if (hci_find_link_key(hdev, &ev->bdaddr)) {
5350 bt_dev_dbg(hdev, "Local host already has link key");
5356 hdev->auto_accept_delay);
5358 if (hdev->auto_accept_delay > 0) {
5359 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
5360 queue_delayed_work(conn->hdev->workqueue,
5365 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
5371 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0,
5375 hci_dev_unlock(hdev);
5378 static void hci_user_passkey_request_evt(struct hci_dev *hdev, void *data,
5383 bt_dev_dbg(hdev, "");
5385 if (hci_dev_test_flag(hdev, HCI_MGMT))
5386 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
5389 static void hci_user_passkey_notify_evt(struct hci_dev *hdev, void *data,
5395 bt_dev_dbg(hdev, "");
5397 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
5404 if (hci_dev_test_flag(hdev, HCI_MGMT))
5405 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
5410 static void hci_keypress_notify_evt(struct hci_dev *hdev, void *data,
5416 bt_dev_dbg(hdev, "");
5418 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
5443 if (hci_dev_test_flag(hdev, HCI_MGMT))
5444 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
5449 static void hci_simple_pair_complete_evt(struct hci_dev *hdev, void *data,
5455 bt_dev_dbg(hdev, "");
5457 hci_dev_lock(hdev);
5459 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
5477 hci_dev_unlock(hdev);
5480 static void hci_remote_host_features_evt(struct hci_dev *hdev, void *data,
5487 bt_dev_dbg(hdev, "");
5489 hci_dev_lock(hdev);
5491 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
5495 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
5499 hci_dev_unlock(hdev);
5502 static void hci_remote_oob_data_request_evt(struct hci_dev *hdev, void *edata,
5508 bt_dev_dbg(hdev, "");
5510 hci_dev_lock(hdev);
5512 if (!hci_dev_test_flag(hdev, HCI_MGMT))
5515 data = hci_find_remote_oob_data(hdev, &ev->bdaddr, BDADDR_BREDR);
5520 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY,
5525 if (bredr_sc_enabled(hdev)) {
5529 if (hci_dev_test_flag(hdev, HCI_SC_ONLY)) {
5539 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_EXT_DATA_REPLY,
5548 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY,
5553 hci_dev_unlock(hdev);
5565 * used instead or hdev->rpa.
5570 } else if (hci_dev_test_flag(conn->hdev, HCI_PRIVACY)) {
5572 bacpy(&conn->init_addr, &conn->hdev->rpa);
5574 hci_copy_identity_address(conn->hdev, &conn->init_addr,
5578 conn->resp_addr_type = conn->hdev->adv_addr_type;
5580 * used instead or hdev->rpa.
5585 } else if (conn->hdev->adv_addr_type == ADDR_LE_DEV_RANDOM) {
5589 if (!ext_adv_capable(conn->hdev))
5591 &conn->hdev->random_addr);
5593 bacpy(&conn->resp_addr, &conn->hdev->bdaddr);
5604 conn->le_conn_min_interval = conn->hdev->le_conn_min_interval;
5605 conn->le_conn_max_interval = conn->hdev->le_conn_max_interval;
5609 static void le_conn_complete_evt(struct hci_dev *hdev, u8 status,
5620 hci_dev_lock(hdev);
5625 hci_dev_clear_flag(hdev, HCI_LE_ADV);
5627 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, bdaddr);
5635 conn = hci_conn_add_unset(hdev, LE_LINK, bdaddr, role);
5637 bt_dev_err(hdev, "connection err: %ld", PTR_ERR(conn));
5654 if (hci_dev_test_flag(hdev, HCI_PRIVACY)) {
5656 bacpy(&conn->init_addr, &hdev->rpa);
5658 hci_copy_identity_address(hdev,
5674 bt_dev_err(hdev, "Ignoring HCI_Connection_Complete for existing connection");
5689 irk = hci_get_irk(hdev, &conn->dst, conn->dst_type);
5695 conn->dst_type = ev_bdaddr_type(hdev, conn->dst_type, NULL);
5716 if (hci_bdaddr_list_lookup(&hdev->reject_list, &conn->dst, addr_type)) {
5721 mgmt_device_connected(hdev, conn, NULL, 0);
5730 if (!ext_adv_capable(hdev))
5731 conn->adv_instance = hdev->cur_adv_instance;
5750 (hdev->le_features[0] & HCI_LE_PERIPHERAL_FEATURES)) {
5755 hci_send_cmd(hdev, HCI_OP_LE_READ_REMOTE_FEATURES,
5764 params = hci_pend_le_action_lookup(&hdev->pend_le_conns, &conn->dst,
5776 hci_update_passive_scan(hdev);
5777 hci_dev_unlock(hdev);
5780 static void hci_le_conn_complete_evt(struct hci_dev *hdev, void *data,
5785 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
5787 le_conn_complete_evt(hdev, ev->status, &ev->bdaddr, ev->bdaddr_type,
5794 static void hci_le_enh_conn_complete_evt(struct hci_dev *hdev, void *data,
5799 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
5801 le_conn_complete_evt(hdev, ev->status, &ev->bdaddr, ev->bdaddr_type,
5808 static void hci_le_ext_adv_term_evt(struct hci_dev *hdev, void *data,
5815 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
5825 bt_dev_warn_ratelimited(hdev, "Unexpected advertising set terminated event");
5829 hci_dev_lock(hdev);
5831 adv = hci_find_adv_instance(hdev, ev->handle);
5838 hci_remove_adv_instance(hdev, ev->handle);
5839 mgmt_advertising_removed(NULL, hdev, ev->handle);
5841 list_for_each_entry_safe(adv, n, &hdev->adv_instances, list) {
5847 hci_dev_clear_flag(hdev, HCI_LE_ADV);
5854 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->conn_handle));
5861 if (hdev->adv_addr_type != ADDR_LE_DEV_RANDOM ||
5866 bacpy(&conn->resp_addr, &hdev->random_addr);
5875 hci_dev_unlock(hdev);
5878 static void hci_le_conn_update_complete_evt(struct hci_dev *hdev, void *data,
5884 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
5889 hci_dev_lock(hdev);
5891 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
5898 hci_dev_unlock(hdev);
5901 /* This function requires the caller holds hdev->lock */
5902 static struct hci_conn *check_pending_le_conn(struct hci_dev *hdev,
5914 /* Ignore if the device is blocked or hdev is suspended */
5915 if (hci_bdaddr_list_lookup(&hdev->reject_list, addr, addr_type) ||
5916 hdev->suspended)
5922 if (hdev->conn_hash.le_num_peripheral > 0 &&
5923 (!test_bit(HCI_QUIRK_VALID_LE_STATES, &hdev->quirks) ||
5924 !(hdev->le_states[3] & 0x10)))
5930 params = hci_pend_le_action_lookup(&hdev->pend_le_conns, addr,
5958 conn = hci_connect_le(hdev, addr, addr_type, addr_resolved,
5959 BT_SECURITY_LOW, hdev->def_le_autoconnect_timeout,
5993 static void process_adv_report(struct hci_dev *hdev, u8 type, bdaddr_t *bdaddr,
5999 struct discovery_state *d = &hdev->discovery;
6014 bt_dev_err_ratelimited(hdev, "unknown advertising packet "
6019 if (len > max_adv_len(hdev)) {
6020 bt_dev_err_ratelimited(hdev,
6046 if (!hci_dev_test_flag(hdev, HCI_MESH) && direct_addr) {
6047 direct_addr_type = ev_bdaddr_type(hdev, direct_addr_type,
6059 if (!hci_dev_test_flag(hdev, HCI_PRIVACY))
6066 if (!smp_irk_matches(hdev, hdev->irk, direct_addr))
6071 irk = hci_get_irk(hdev, bdaddr, bdaddr_type);
6077 bdaddr_type = ev_bdaddr_type(hdev, bdaddr_type, &bdaddr_resolved);
6084 conn = check_pending_le_conn(hdev, bdaddr, bdaddr_type, bdaddr_resolved,
6087 len <= max_adv_len(hdev)) {
6101 if (hci_dev_test_flag(hdev, HCI_MESH)) {
6102 mgmt_device_found(hdev, bdaddr, LE_LINK, bdaddr_type, NULL,
6111 if (hdev->le_scan_type == LE_SCAN_PASSIVE) {
6115 if (!hci_pend_le_action_lookup(&hdev->pend_le_reports,
6117 idr_is_empty(&hdev->adv_monitors_idr))
6120 mgmt_device_found(hdev, bdaddr, LE_LINK, bdaddr_type, NULL,
6142 if (!ext_adv && !has_pending_adv_report(hdev)) {
6147 store_pending_adv_report(hdev, bdaddr, bdaddr_type,
6152 mgmt_device_found(hdev, bdaddr, LE_LINK, bdaddr_type, NULL,
6168 mgmt_device_found(hdev, &d->last_adv_addr, LE_LINK,
6179 store_pending_adv_report(hdev, bdaddr, bdaddr_type,
6187 clear_pending_adv_report(hdev);
6188 mgmt_device_found(hdev, bdaddr, LE_LINK, bdaddr_type, NULL,
6197 mgmt_device_found(hdev, &d->last_adv_addr, LE_LINK,
6200 clear_pending_adv_report(hdev);
6203 static void hci_le_adv_report_evt(struct hci_dev *hdev, void *data,
6212 hci_dev_lock(hdev);
6218 info = hci_le_ev_skb_pull(hdev, skb,
6224 if (!hci_le_ev_skb_pull(hdev, skb, HCI_EV_LE_ADVERTISING_REPORT,
6228 if (info->length <= max_adv_len(hdev)) {
6230 process_adv_report(hdev, info->type, &info->bdaddr,
6236 bt_dev_err(hdev, "Dropping invalid advertising data");
6240 hci_dev_unlock(hdev);
6243 static u8 ext_evt_type_to_legacy(struct hci_dev *hdev, u16 evt_type)
6281 bt_dev_err_ratelimited(hdev, "Unknown advertising packet type: 0x%02x",
6287 static void hci_le_ext_adv_report_evt(struct hci_dev *hdev, void *data,
6296 hci_dev_lock(hdev);
6303 info = hci_le_ev_skb_pull(hdev, skb, HCI_EV_LE_EXT_ADV_REPORT,
6308 if (!hci_le_ev_skb_pull(hdev, skb, HCI_EV_LE_EXT_ADV_REPORT,
6313 legacy_evt_type = ext_evt_type_to_legacy(hdev, evt_type);
6315 process_adv_report(hdev, legacy_evt_type, &info->bdaddr,
6325 hci_dev_unlock(hdev);
6328 static int hci_le_pa_term_sync(struct hci_dev *hdev, __le16 handle)
6335 return hci_send_cmd(hdev, HCI_OP_LE_PA_TERM_SYNC, sizeof(cp), &cp);
6338 static void hci_le_pa_sync_estabilished_evt(struct hci_dev *hdev, void *data,
6342 int mask = hdev->link_mode;
6346 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
6348 hci_dev_lock(hdev);
6350 hci_dev_clear_flag(hdev, HCI_PA_SYNC);
6352 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ISO_LINK, &flags);
6354 hci_le_pa_term_sync(hdev, ev->handle);
6362 pa_sync = hci_conn_add_unset(hdev, ISO_LINK, BDADDR_ANY,
6378 hci_dev_unlock(hdev);
6381 static void hci_le_per_adv_report_evt(struct hci_dev *hdev, void *data,
6385 int mask = hdev->link_mode;
6389 bt_dev_dbg(hdev, "sync_handle 0x%4.4x", le16_to_cpu(ev->sync_handle));
6391 hci_dev_lock(hdev);
6393 mask |= hci_proto_connect_ind(hdev, BDADDR_ANY, ISO_LINK, &flags);
6401 (hdev,
6413 mgmt_device_connected(hdev, pa_sync, NULL, 0);
6417 hci_dev_unlock(hdev);
6420 static void hci_le_remote_feat_complete_evt(struct hci_dev *hdev, void *data,
6426 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
6428 hci_dev_lock(hdev);
6430 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
6448 (hdev->le_features[0] & HCI_LE_PERIPHERAL_FEATURES))
6459 hci_dev_unlock(hdev);
6462 static void hci_le_ltk_request_evt(struct hci_dev *hdev, void *data,
6471 bt_dev_dbg(hdev, "handle 0x%4.4x", __le16_to_cpu(ev->handle));
6473 hci_dev_lock(hdev);
6475 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
6479 ltk = hci_find_ltk(hdev, &conn->dst, conn->dst_type, conn->role);
6501 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
6517 hci_dev_unlock(hdev);
6523 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
6524 hci_dev_unlock(hdev);
6527 static void send_conn_param_neg_reply(struct hci_dev *hdev, u16 handle,
6535 hci_send_cmd(hdev, HCI_OP_LE_CONN_PARAM_REQ_NEG_REPLY, sizeof(cp),
6539 static void hci_le_remote_conn_param_req_evt(struct hci_dev *hdev, void *data,
6547 bt_dev_dbg(hdev, "handle 0x%4.4x", __le16_to_cpu(ev->handle));
6555 hcon = hci_conn_hash_lookup_handle(hdev, handle);
6557 return send_conn_param_neg_reply(hdev, handle,
6561 return send_conn_param_neg_reply(hdev, handle,
6565 return send_conn_param_neg_reply(hdev, handle,
6572 hci_dev_lock(hdev);
6574 params = hci_conn_params_lookup(hdev, &hcon->dst,
6586 hci_dev_unlock(hdev);
6588 mgmt_new_conn_param(hdev, &hcon->dst, hcon->dst_type,
6600 hci_send_cmd(hdev, HCI_OP_LE_CONN_PARAM_REQ_REPLY, sizeof(cp), &cp);
6603 static void hci_le_direct_adv_report_evt(struct hci_dev *hdev, void *data,
6610 if (!hci_le_ev_skb_pull(hdev, skb, HCI_EV_LE_DIRECT_ADV_REPORT,
6617 hci_dev_lock(hdev);
6622 process_adv_report(hdev, info->type, &info->bdaddr,
6628 hci_dev_unlock(hdev);
6631 static void hci_le_phy_update_evt(struct hci_dev *hdev, void *data,
6637 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
6642 hci_dev_lock(hdev);
6644 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
6652 hci_dev_unlock(hdev);
6655 static void hci_le_cis_estabilished_evt(struct hci_dev *hdev, void *data,
6664 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
6666 hci_dev_lock(hdev);
6668 conn = hci_conn_hash_lookup_handle(hdev, handle);
6670 bt_dev_err(hdev,
6677 bt_dev_err(hdev,
6734 hci_le_create_cis_pending(hdev);
6736 hci_dev_unlock(hdev);
6739 static void hci_le_reject_cis(struct hci_dev *hdev, __le16 handle)
6746 hci_send_cmd(hdev, HCI_OP_LE_REJECT_CIS, sizeof(cp), &cp);
6749 static void hci_le_accept_cis(struct hci_dev *hdev, __le16 handle)
6755 hci_send_cmd(hdev, HCI_OP_LE_ACCEPT_CIS, sizeof(cp), &cp);
6758 static void hci_le_cis_req_evt(struct hci_dev *hdev, void *data,
6770 bt_dev_dbg(hdev, "acl 0x%4.4x handle 0x%4.4x cig 0x%2.2x cis 0x%2.2x",
6773 hci_dev_lock(hdev);
6775 acl = hci_conn_hash_lookup_handle(hdev, acl_handle);
6779 mask = hci_proto_connect_ind(hdev, &acl->dst, ISO_LINK, &flags);
6781 hci_le_reject_cis(hdev, ev->cis_handle);
6785 cis = hci_conn_hash_lookup_handle(hdev, cis_handle);
6787 cis = hci_conn_add(hdev, ISO_LINK, &acl->dst, HCI_ROLE_SLAVE,
6790 hci_le_reject_cis(hdev, ev->cis_handle);
6799 hci_le_accept_cis(hdev, ev->cis_handle);
6806 hci_dev_unlock(hdev);
6809 static int hci_iso_term_big_sync(struct hci_dev *hdev, void *data)
6813 return hci_le_terminate_big_sync(hdev, handle,
6817 static void hci_le_create_big_complete_evt(struct hci_dev *hdev, void *data,
6824 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
6826 if (!hci_le_ev_skb_pull(hdev, skb, HCI_EVT_LE_CREATE_BIG_COMPLETE,
6830 hci_dev_lock(hdev);
6834 list_for_each_entry_rcu(conn, &hdev->conn_hash.list, list) {
6869 hci_cmd_sync_queue(hdev, hci_iso_term_big_sync,
6872 hci_dev_unlock(hdev);
6875 static void hci_le_big_sync_established_evt(struct hci_dev *hdev, void *data,
6882 bt_dev_dbg(hdev, "status 0x%2.2x", ev->status);
6884 if (!hci_le_ev_skb_pull(hdev, skb, HCI_EVT_LE_BIG_SYNC_ESTABILISHED,
6888 hci_dev_lock(hdev);
6894 bis = hci_conn_hash_lookup_handle(hdev, handle);
6896 bis = hci_conn_add(hdev, ISO_LINK, BDADDR_ANY,
6927 bis = hci_conn_hash_lookup_handle(hdev, handle);
6935 hci_dev_unlock(hdev);
6938 static void hci_le_big_info_adv_report_evt(struct hci_dev *hdev, void *data,
6942 int mask = hdev->link_mode;
6946 bt_dev_dbg(hdev, "sync_handle 0x%4.4x", le16_to_cpu(ev->sync_handle));
6948 hci_dev_lock(hdev);
6950 mask |= hci_proto_connect_ind(hdev, BDADDR_ANY, ISO_LINK, &flags);
6958 (hdev,
6968 hci_dev_unlock(hdev);
6990 void (*func)(struct hci_dev *hdev, void *data, struct sk_buff *skb);
7066 static void hci_le_meta_evt(struct hci_dev *hdev, void *data,
7074 bt_dev_dbg(hdev, "subevent 0x%2.2x", ev->subevent);
7077 if (hdev->req_skb &&
7078 hci_opcode_ogf(hci_skb_opcode(hdev->req_skb)) == 0x08 &&
7079 hci_skb_event(hdev->req_skb) == ev->subevent) {
7080 *opcode = hci_skb_opcode(hdev->req_skb);
7081 hci_req_cmd_complete(hdev, *opcode, 0x00, req_complete,
7090 bt_dev_err(hdev, "unexpected subevent 0x%2.2x length: %u < %u",
7100 bt_dev_warn(hdev, "unexpected subevent 0x%2.2x length: %u > %u",
7102 data = hci_le_ev_skb_pull(hdev, skb, ev->subevent, subev->min_len);
7106 subev->func(hdev, data, skb);
7109 static bool hci_get_cmd_complete(struct hci_dev *hdev, u16 opcode,
7118 hdr = hci_ev_skb_pull(hdev, skb, event, sizeof(*hdr));
7135 bt_dev_err(hdev, "last event is not cmd complete (0x%2.2x)",
7140 ev = hci_cc_skb_pull(hdev, skb, opcode, sizeof(*ev));
7153 static void hci_store_wake_reason(struct hci_dev *hdev, u8 event,
7162 hci_dev_lock(hdev);
7167 if (!hdev->suspended || hdev->wake_reason)
7173 hdev->wake_reason = MGMT_WAKE_REASON_REMOTE_WAKE;
7180 bacpy(&hdev->wake_addr, &conn_request->bdaddr);
7181 hdev->wake_addr_type = BDADDR_BREDR;
7183 bacpy(&hdev->wake_addr, &conn_complete->bdaddr);
7184 hdev->wake_addr_type = BDADDR_BREDR;
7201 bacpy(&hdev->wake_addr, &adv->bdaddr);
7202 hdev->wake_addr_type = adv->bdaddr_type;
7205 bacpy(&hdev->wake_addr, &direct_adv->bdaddr);
7206 hdev->wake_addr_type = direct_adv->bdaddr_type;
7209 bacpy(&hdev->wake_addr, &ext_adv->bdaddr);
7210 hdev->wake_addr_type = ext_adv->bdaddr_type;
7215 hdev->wake_reason = MGMT_WAKE_REASON_UNEXPECTED;
7219 hci_dev_unlock(hdev);
7255 void (*func)(struct hci_dev *hdev, void *data,
7257 void (*func_req)(struct hci_dev *hdev, void *data,
7383 static void hci_event_func(struct hci_dev *hdev, u8 event, struct sk_buff *skb,
7395 bt_dev_err(hdev, "unexpected event 0x%2.2x length: %u < %u",
7405 bt_dev_warn_ratelimited(hdev,
7409 data = hci_ev_skb_pull(hdev, skb, event, ev->min_len);
7414 ev->func_req(hdev, data, skb, opcode, status, req_complete,
7417 ev->func(hdev, data, skb);
7420 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
7430 bt_dev_err(hdev, "Malformed HCI Event");
7434 kfree_skb(hdev->recv_event);
7435 hdev->recv_event = skb_clone(skb, GFP_KERNEL);
7439 bt_dev_warn(hdev, "Received unexpected HCI Event 0x%2.2x",
7445 if (hdev->req_skb &&
7446 hci_opcode_ogf(hci_skb_opcode(hdev->req_skb)) != 0x08 &&
7447 hci_skb_event(hdev->req_skb) == event) {
7448 hci_req_cmd_complete(hdev, hci_skb_opcode(hdev->req_skb),
7465 hci_store_wake_reason(hdev, event, skb);
7467 bt_dev_dbg(hdev, "event 0x%2.2x", event);
7469 hci_event_func(hdev, event, skb, &opcode, &status, &req_complete,
7473 req_complete(hdev, status, opcode);
7475 if (!hci_get_cmd_complete(hdev, opcode, req_evt, orig_skb)) {
7479 req_complete_skb(hdev, status, opcode, orig_skb);
7485 hdev->stat.evt_rx++;