Merge remote-tracking branch 'moduleh/module.h-split'
[linux-2.6/next.git] / net / bluetooth / mgmt.c
blob4f91a00db2716c72220f0ddaf317a6119d332479
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 /* Bluetooth HCI Management interface */
25 #include <linux/uaccess.h>
26 #include <asm/unaligned.h>
28 #include <net/bluetooth/bluetooth.h>
29 #include <net/bluetooth/hci_core.h>
30 #include <net/bluetooth/mgmt.h>
32 #define MGMT_VERSION 0
33 #define MGMT_REVISION 1
35 struct pending_cmd {
36 struct list_head list;
37 __u16 opcode;
38 int index;
39 void *param;
40 struct sock *sk;
41 void *user_data;
44 static LIST_HEAD(cmd_list);
46 static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
48 struct sk_buff *skb;
49 struct mgmt_hdr *hdr;
50 struct mgmt_ev_cmd_status *ev;
52 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
54 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
55 if (!skb)
56 return -ENOMEM;
58 hdr = (void *) skb_put(skb, sizeof(*hdr));
60 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
61 hdr->index = cpu_to_le16(index);
62 hdr->len = cpu_to_le16(sizeof(*ev));
64 ev = (void *) skb_put(skb, sizeof(*ev));
65 ev->status = status;
66 put_unaligned_le16(cmd, &ev->opcode);
68 if (sock_queue_rcv_skb(sk, skb) < 0)
69 kfree_skb(skb);
71 return 0;
74 static int cmd_complete(struct sock *sk, u16 index, u16 cmd, void *rp,
75 size_t rp_len)
77 struct sk_buff *skb;
78 struct mgmt_hdr *hdr;
79 struct mgmt_ev_cmd_complete *ev;
81 BT_DBG("sock %p", sk);
83 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
84 if (!skb)
85 return -ENOMEM;
87 hdr = (void *) skb_put(skb, sizeof(*hdr));
89 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
90 hdr->index = cpu_to_le16(index);
91 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
93 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
94 put_unaligned_le16(cmd, &ev->opcode);
96 if (rp)
97 memcpy(ev->data, rp, rp_len);
99 if (sock_queue_rcv_skb(sk, skb) < 0)
100 kfree_skb(skb);
102 return 0;
105 static int read_version(struct sock *sk)
107 struct mgmt_rp_read_version rp;
109 BT_DBG("sock %p", sk);
111 rp.version = MGMT_VERSION;
112 put_unaligned_le16(MGMT_REVISION, &rp.revision);
114 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, &rp,
115 sizeof(rp));
118 static int read_index_list(struct sock *sk)
120 struct mgmt_rp_read_index_list *rp;
121 struct list_head *p;
122 size_t rp_len;
123 u16 count;
124 int i, err;
126 BT_DBG("sock %p", sk);
128 read_lock(&hci_dev_list_lock);
130 count = 0;
131 list_for_each(p, &hci_dev_list) {
132 count++;
135 rp_len = sizeof(*rp) + (2 * count);
136 rp = kmalloc(rp_len, GFP_ATOMIC);
137 if (!rp) {
138 read_unlock(&hci_dev_list_lock);
139 return -ENOMEM;
142 put_unaligned_le16(count, &rp->num_controllers);
144 i = 0;
145 list_for_each(p, &hci_dev_list) {
146 struct hci_dev *d = list_entry(p, struct hci_dev, list);
148 hci_del_off_timer(d);
150 set_bit(HCI_MGMT, &d->flags);
152 if (test_bit(HCI_SETUP, &d->flags))
153 continue;
155 put_unaligned_le16(d->id, &rp->index[i++]);
156 BT_DBG("Added hci%u", d->id);
159 read_unlock(&hci_dev_list_lock);
161 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, rp,
162 rp_len);
164 kfree(rp);
166 return err;
169 static int read_controller_info(struct sock *sk, u16 index)
171 struct mgmt_rp_read_info rp;
172 struct hci_dev *hdev;
174 BT_DBG("sock %p hci%u", sk, index);
176 hdev = hci_dev_get(index);
177 if (!hdev)
178 return cmd_status(sk, index, MGMT_OP_READ_INFO, ENODEV);
180 hci_del_off_timer(hdev);
182 hci_dev_lock_bh(hdev);
184 set_bit(HCI_MGMT, &hdev->flags);
186 memset(&rp, 0, sizeof(rp));
188 rp.type = hdev->dev_type;
190 rp.powered = test_bit(HCI_UP, &hdev->flags);
191 rp.connectable = test_bit(HCI_PSCAN, &hdev->flags);
192 rp.discoverable = test_bit(HCI_ISCAN, &hdev->flags);
193 rp.pairable = test_bit(HCI_PSCAN, &hdev->flags);
195 if (test_bit(HCI_AUTH, &hdev->flags))
196 rp.sec_mode = 3;
197 else if (hdev->ssp_mode > 0)
198 rp.sec_mode = 4;
199 else
200 rp.sec_mode = 2;
202 bacpy(&rp.bdaddr, &hdev->bdaddr);
203 memcpy(rp.features, hdev->features, 8);
204 memcpy(rp.dev_class, hdev->dev_class, 3);
205 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
206 rp.hci_ver = hdev->hci_ver;
207 put_unaligned_le16(hdev->hci_rev, &rp.hci_rev);
209 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
211 hci_dev_unlock_bh(hdev);
212 hci_dev_put(hdev);
214 return cmd_complete(sk, index, MGMT_OP_READ_INFO, &rp, sizeof(rp));
217 static void mgmt_pending_free(struct pending_cmd *cmd)
219 sock_put(cmd->sk);
220 kfree(cmd->param);
221 kfree(cmd);
224 static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
225 u16 index, void *data, u16 len)
227 struct pending_cmd *cmd;
229 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
230 if (!cmd)
231 return NULL;
233 cmd->opcode = opcode;
234 cmd->index = index;
236 cmd->param = kmalloc(len, GFP_ATOMIC);
237 if (!cmd->param) {
238 kfree(cmd);
239 return NULL;
242 if (data)
243 memcpy(cmd->param, data, len);
245 cmd->sk = sk;
246 sock_hold(sk);
248 list_add(&cmd->list, &cmd_list);
250 return cmd;
253 static void mgmt_pending_foreach(u16 opcode, int index,
254 void (*cb)(struct pending_cmd *cmd, void *data),
255 void *data)
257 struct list_head *p, *n;
259 list_for_each_safe(p, n, &cmd_list) {
260 struct pending_cmd *cmd;
262 cmd = list_entry(p, struct pending_cmd, list);
264 if (cmd->opcode != opcode)
265 continue;
267 if (index >= 0 && cmd->index != index)
268 continue;
270 cb(cmd, data);
274 static struct pending_cmd *mgmt_pending_find(u16 opcode, int index)
276 struct list_head *p;
278 list_for_each(p, &cmd_list) {
279 struct pending_cmd *cmd;
281 cmd = list_entry(p, struct pending_cmd, list);
283 if (cmd->opcode != opcode)
284 continue;
286 if (index >= 0 && cmd->index != index)
287 continue;
289 return cmd;
292 return NULL;
295 static void mgmt_pending_remove(struct pending_cmd *cmd)
297 list_del(&cmd->list);
298 mgmt_pending_free(cmd);
301 static int set_powered(struct sock *sk, u16 index, unsigned char *data, u16 len)
303 struct mgmt_mode *cp;
304 struct hci_dev *hdev;
305 struct pending_cmd *cmd;
306 int err, up;
308 cp = (void *) data;
310 BT_DBG("request for hci%u", index);
312 if (len != sizeof(*cp))
313 return cmd_status(sk, index, MGMT_OP_SET_POWERED, EINVAL);
315 hdev = hci_dev_get(index);
316 if (!hdev)
317 return cmd_status(sk, index, MGMT_OP_SET_POWERED, ENODEV);
319 hci_dev_lock_bh(hdev);
321 up = test_bit(HCI_UP, &hdev->flags);
322 if ((cp->val && up) || (!cp->val && !up)) {
323 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EALREADY);
324 goto failed;
327 if (mgmt_pending_find(MGMT_OP_SET_POWERED, index)) {
328 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EBUSY);
329 goto failed;
332 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, index, data, len);
333 if (!cmd) {
334 err = -ENOMEM;
335 goto failed;
338 if (cp->val)
339 queue_work(hdev->workqueue, &hdev->power_on);
340 else
341 queue_work(hdev->workqueue, &hdev->power_off);
343 err = 0;
345 failed:
346 hci_dev_unlock_bh(hdev);
347 hci_dev_put(hdev);
348 return err;
351 static int set_discoverable(struct sock *sk, u16 index, unsigned char *data,
352 u16 len)
354 struct mgmt_mode *cp;
355 struct hci_dev *hdev;
356 struct pending_cmd *cmd;
357 u8 scan;
358 int err;
360 cp = (void *) data;
362 BT_DBG("request for hci%u", index);
364 if (len != sizeof(*cp))
365 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EINVAL);
367 hdev = hci_dev_get(index);
368 if (!hdev)
369 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENODEV);
371 hci_dev_lock_bh(hdev);
373 if (!test_bit(HCI_UP, &hdev->flags)) {
374 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENETDOWN);
375 goto failed;
378 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, index) ||
379 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, index)) {
380 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EBUSY);
381 goto failed;
384 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
385 test_bit(HCI_PSCAN, &hdev->flags)) {
386 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EALREADY);
387 goto failed;
390 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, index, data, len);
391 if (!cmd) {
392 err = -ENOMEM;
393 goto failed;
396 scan = SCAN_PAGE;
398 if (cp->val)
399 scan |= SCAN_INQUIRY;
401 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
402 if (err < 0)
403 mgmt_pending_remove(cmd);
405 failed:
406 hci_dev_unlock_bh(hdev);
407 hci_dev_put(hdev);
409 return err;
412 static int set_connectable(struct sock *sk, u16 index, unsigned char *data,
413 u16 len)
415 struct mgmt_mode *cp;
416 struct hci_dev *hdev;
417 struct pending_cmd *cmd;
418 u8 scan;
419 int err;
421 cp = (void *) data;
423 BT_DBG("request for hci%u", index);
425 if (len != sizeof(*cp))
426 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EINVAL);
428 hdev = hci_dev_get(index);
429 if (!hdev)
430 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENODEV);
432 hci_dev_lock_bh(hdev);
434 if (!test_bit(HCI_UP, &hdev->flags)) {
435 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENETDOWN);
436 goto failed;
439 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, index) ||
440 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, index)) {
441 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EBUSY);
442 goto failed;
445 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
446 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EALREADY);
447 goto failed;
450 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, index, data, len);
451 if (!cmd) {
452 err = -ENOMEM;
453 goto failed;
456 if (cp->val)
457 scan = SCAN_PAGE;
458 else
459 scan = 0;
461 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
462 if (err < 0)
463 mgmt_pending_remove(cmd);
465 failed:
466 hci_dev_unlock_bh(hdev);
467 hci_dev_put(hdev);
469 return err;
472 static int mgmt_event(u16 event, u16 index, void *data, u16 data_len,
473 struct sock *skip_sk)
475 struct sk_buff *skb;
476 struct mgmt_hdr *hdr;
478 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
479 if (!skb)
480 return -ENOMEM;
482 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL;
484 hdr = (void *) skb_put(skb, sizeof(*hdr));
485 hdr->opcode = cpu_to_le16(event);
486 hdr->index = cpu_to_le16(index);
487 hdr->len = cpu_to_le16(data_len);
489 if (data)
490 memcpy(skb_put(skb, data_len), data, data_len);
492 hci_send_to_sock(NULL, skb, skip_sk);
493 kfree_skb(skb);
495 return 0;
498 static int send_mode_rsp(struct sock *sk, u16 opcode, u16 index, u8 val)
500 struct mgmt_mode rp;
502 rp.val = val;
504 return cmd_complete(sk, index, opcode, &rp, sizeof(rp));
507 static int set_pairable(struct sock *sk, u16 index, unsigned char *data,
508 u16 len)
510 struct mgmt_mode *cp, ev;
511 struct hci_dev *hdev;
512 int err;
514 cp = (void *) data;
516 BT_DBG("request for hci%u", index);
518 if (len != sizeof(*cp))
519 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, EINVAL);
521 hdev = hci_dev_get(index);
522 if (!hdev)
523 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, ENODEV);
525 hci_dev_lock_bh(hdev);
527 if (cp->val)
528 set_bit(HCI_PAIRABLE, &hdev->flags);
529 else
530 clear_bit(HCI_PAIRABLE, &hdev->flags);
532 err = send_mode_rsp(sk, MGMT_OP_SET_PAIRABLE, index, cp->val);
533 if (err < 0)
534 goto failed;
536 ev.val = cp->val;
538 err = mgmt_event(MGMT_EV_PAIRABLE, index, &ev, sizeof(ev), sk);
540 failed:
541 hci_dev_unlock_bh(hdev);
542 hci_dev_put(hdev);
544 return err;
547 #define EIR_FLAGS 0x01 /* flags */
548 #define EIR_UUID16_SOME 0x02 /* 16-bit UUID, more available */
549 #define EIR_UUID16_ALL 0x03 /* 16-bit UUID, all listed */
550 #define EIR_UUID32_SOME 0x04 /* 32-bit UUID, more available */
551 #define EIR_UUID32_ALL 0x05 /* 32-bit UUID, all listed */
552 #define EIR_UUID128_SOME 0x06 /* 128-bit UUID, more available */
553 #define EIR_UUID128_ALL 0x07 /* 128-bit UUID, all listed */
554 #define EIR_NAME_SHORT 0x08 /* shortened local name */
555 #define EIR_NAME_COMPLETE 0x09 /* complete local name */
556 #define EIR_TX_POWER 0x0A /* transmit power level */
557 #define EIR_DEVICE_ID 0x10 /* device ID */
559 #define PNP_INFO_SVCLASS_ID 0x1200
561 static u8 bluetooth_base_uuid[] = {
562 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
563 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
566 static u16 get_uuid16(u8 *uuid128)
568 u32 val;
569 int i;
571 for (i = 0; i < 12; i++) {
572 if (bluetooth_base_uuid[i] != uuid128[i])
573 return 0;
576 memcpy(&val, &uuid128[12], 4);
578 val = le32_to_cpu(val);
579 if (val > 0xffff)
580 return 0;
582 return (u16) val;
585 static void create_eir(struct hci_dev *hdev, u8 *data)
587 u8 *ptr = data;
588 u16 eir_len = 0;
589 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
590 int i, truncated = 0;
591 struct list_head *p;
592 size_t name_len;
594 name_len = strlen(hdev->dev_name);
596 if (name_len > 0) {
597 /* EIR Data type */
598 if (name_len > 48) {
599 name_len = 48;
600 ptr[1] = EIR_NAME_SHORT;
601 } else
602 ptr[1] = EIR_NAME_COMPLETE;
604 /* EIR Data length */
605 ptr[0] = name_len + 1;
607 memcpy(ptr + 2, hdev->dev_name, name_len);
609 eir_len += (name_len + 2);
610 ptr += (name_len + 2);
613 memset(uuid16_list, 0, sizeof(uuid16_list));
615 /* Group all UUID16 types */
616 list_for_each(p, &hdev->uuids) {
617 struct bt_uuid *uuid = list_entry(p, struct bt_uuid, list);
618 u16 uuid16;
620 uuid16 = get_uuid16(uuid->uuid);
621 if (uuid16 == 0)
622 return;
624 if (uuid16 < 0x1100)
625 continue;
627 if (uuid16 == PNP_INFO_SVCLASS_ID)
628 continue;
630 /* Stop if not enough space to put next UUID */
631 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
632 truncated = 1;
633 break;
636 /* Check for duplicates */
637 for (i = 0; uuid16_list[i] != 0; i++)
638 if (uuid16_list[i] == uuid16)
639 break;
641 if (uuid16_list[i] == 0) {
642 uuid16_list[i] = uuid16;
643 eir_len += sizeof(u16);
647 if (uuid16_list[0] != 0) {
648 u8 *length = ptr;
650 /* EIR Data type */
651 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
653 ptr += 2;
654 eir_len += 2;
656 for (i = 0; uuid16_list[i] != 0; i++) {
657 *ptr++ = (uuid16_list[i] & 0x00ff);
658 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
661 /* EIR Data length */
662 *length = (i * sizeof(u16)) + 1;
666 static int update_eir(struct hci_dev *hdev)
668 struct hci_cp_write_eir cp;
670 if (!(hdev->features[6] & LMP_EXT_INQ))
671 return 0;
673 if (hdev->ssp_mode == 0)
674 return 0;
676 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
677 return 0;
679 memset(&cp, 0, sizeof(cp));
681 create_eir(hdev, cp.data);
683 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
684 return 0;
686 memcpy(hdev->eir, cp.data, sizeof(cp.data));
688 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
691 static u8 get_service_classes(struct hci_dev *hdev)
693 struct list_head *p;
694 u8 val = 0;
696 list_for_each(p, &hdev->uuids) {
697 struct bt_uuid *uuid = list_entry(p, struct bt_uuid, list);
699 val |= uuid->svc_hint;
702 return val;
705 static int update_class(struct hci_dev *hdev)
707 u8 cod[3];
709 BT_DBG("%s", hdev->name);
711 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
712 return 0;
714 cod[0] = hdev->minor_class;
715 cod[1] = hdev->major_class;
716 cod[2] = get_service_classes(hdev);
718 if (memcmp(cod, hdev->dev_class, 3) == 0)
719 return 0;
721 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
724 static int add_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
726 struct mgmt_cp_add_uuid *cp;
727 struct hci_dev *hdev;
728 struct bt_uuid *uuid;
729 int err;
731 cp = (void *) data;
733 BT_DBG("request for hci%u", index);
735 if (len != sizeof(*cp))
736 return cmd_status(sk, index, MGMT_OP_ADD_UUID, EINVAL);
738 hdev = hci_dev_get(index);
739 if (!hdev)
740 return cmd_status(sk, index, MGMT_OP_ADD_UUID, ENODEV);
742 hci_dev_lock_bh(hdev);
744 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
745 if (!uuid) {
746 err = -ENOMEM;
747 goto failed;
750 memcpy(uuid->uuid, cp->uuid, 16);
751 uuid->svc_hint = cp->svc_hint;
753 list_add(&uuid->list, &hdev->uuids);
755 err = update_class(hdev);
756 if (err < 0)
757 goto failed;
759 err = update_eir(hdev);
760 if (err < 0)
761 goto failed;
763 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, NULL, 0);
765 failed:
766 hci_dev_unlock_bh(hdev);
767 hci_dev_put(hdev);
769 return err;
772 static int remove_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
774 struct list_head *p, *n;
775 struct mgmt_cp_remove_uuid *cp;
776 struct hci_dev *hdev;
777 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
778 int err, found;
780 cp = (void *) data;
782 BT_DBG("request for hci%u", index);
784 if (len != sizeof(*cp))
785 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, EINVAL);
787 hdev = hci_dev_get(index);
788 if (!hdev)
789 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENODEV);
791 hci_dev_lock_bh(hdev);
793 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
794 err = hci_uuids_clear(hdev);
795 goto unlock;
798 found = 0;
800 list_for_each_safe(p, n, &hdev->uuids) {
801 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
803 if (memcmp(match->uuid, cp->uuid, 16) != 0)
804 continue;
806 list_del(&match->list);
807 found++;
810 if (found == 0) {
811 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENOENT);
812 goto unlock;
815 err = update_class(hdev);
816 if (err < 0)
817 goto unlock;
819 err = update_eir(hdev);
820 if (err < 0)
821 goto unlock;
823 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, NULL, 0);
825 unlock:
826 hci_dev_unlock_bh(hdev);
827 hci_dev_put(hdev);
829 return err;
832 static int set_dev_class(struct sock *sk, u16 index, unsigned char *data,
833 u16 len)
835 struct hci_dev *hdev;
836 struct mgmt_cp_set_dev_class *cp;
837 int err;
839 cp = (void *) data;
841 BT_DBG("request for hci%u", index);
843 if (len != sizeof(*cp))
844 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, EINVAL);
846 hdev = hci_dev_get(index);
847 if (!hdev)
848 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, ENODEV);
850 hci_dev_lock_bh(hdev);
852 hdev->major_class = cp->major;
853 hdev->minor_class = cp->minor;
855 err = update_class(hdev);
857 if (err == 0)
858 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, NULL, 0);
860 hci_dev_unlock_bh(hdev);
861 hci_dev_put(hdev);
863 return err;
866 static int set_service_cache(struct sock *sk, u16 index, unsigned char *data,
867 u16 len)
869 struct hci_dev *hdev;
870 struct mgmt_cp_set_service_cache *cp;
871 int err;
873 cp = (void *) data;
875 if (len != sizeof(*cp))
876 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, EINVAL);
878 hdev = hci_dev_get(index);
879 if (!hdev)
880 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, ENODEV);
882 hci_dev_lock_bh(hdev);
884 BT_DBG("hci%u enable %d", index, cp->enable);
886 if (cp->enable) {
887 set_bit(HCI_SERVICE_CACHE, &hdev->flags);
888 err = 0;
889 } else {
890 clear_bit(HCI_SERVICE_CACHE, &hdev->flags);
891 err = update_class(hdev);
892 if (err == 0)
893 err = update_eir(hdev);
896 if (err == 0)
897 err = cmd_complete(sk, index, MGMT_OP_SET_SERVICE_CACHE, NULL,
900 hci_dev_unlock_bh(hdev);
901 hci_dev_put(hdev);
903 return err;
906 static int load_keys(struct sock *sk, u16 index, unsigned char *data, u16 len)
908 struct hci_dev *hdev;
909 struct mgmt_cp_load_keys *cp;
910 u16 key_count, expected_len;
911 int i, err;
913 cp = (void *) data;
915 if (len < sizeof(*cp))
916 return -EINVAL;
918 key_count = get_unaligned_le16(&cp->key_count);
920 expected_len = sizeof(*cp) + key_count * sizeof(struct mgmt_key_info);
921 if (expected_len > len) {
922 BT_ERR("load_keys: expected at least %u bytes, got %u bytes",
923 expected_len, len);
924 return -EINVAL;
927 hdev = hci_dev_get(index);
928 if (!hdev)
929 return cmd_status(sk, index, MGMT_OP_LOAD_KEYS, ENODEV);
931 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys,
932 key_count);
934 hci_dev_lock_bh(hdev);
936 hci_link_keys_clear(hdev);
938 set_bit(HCI_LINK_KEYS, &hdev->flags);
940 if (cp->debug_keys)
941 set_bit(HCI_DEBUG_KEYS, &hdev->flags);
942 else
943 clear_bit(HCI_DEBUG_KEYS, &hdev->flags);
945 len -= sizeof(*cp);
946 i = 0;
948 while (i < len) {
949 struct mgmt_key_info *key = (void *) cp->keys + i;
951 i += sizeof(*key) + key->dlen;
953 if (key->type == HCI_LK_SMP_LTK) {
954 struct key_master_id *id = (void *) key->data;
956 if (key->dlen != sizeof(struct key_master_id))
957 continue;
959 hci_add_ltk(hdev, 0, &key->bdaddr, key->pin_len,
960 id->ediv, id->rand, key->val);
962 continue;
965 hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type,
966 key->pin_len);
969 err = cmd_complete(sk, index, MGMT_OP_LOAD_KEYS, NULL, 0);
971 hci_dev_unlock_bh(hdev);
972 hci_dev_put(hdev);
974 return err;
977 static int remove_key(struct sock *sk, u16 index, unsigned char *data, u16 len)
979 struct hci_dev *hdev;
980 struct mgmt_cp_remove_key *cp;
981 struct hci_conn *conn;
982 int err;
984 cp = (void *) data;
986 if (len != sizeof(*cp))
987 return cmd_status(sk, index, MGMT_OP_REMOVE_KEY, EINVAL);
989 hdev = hci_dev_get(index);
990 if (!hdev)
991 return cmd_status(sk, index, MGMT_OP_REMOVE_KEY, ENODEV);
993 hci_dev_lock_bh(hdev);
995 err = hci_remove_link_key(hdev, &cp->bdaddr);
996 if (err < 0) {
997 err = cmd_status(sk, index, MGMT_OP_REMOVE_KEY, -err);
998 goto unlock;
1001 err = 0;
1003 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect)
1004 goto unlock;
1006 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1007 if (conn) {
1008 struct hci_cp_disconnect dc;
1010 put_unaligned_le16(conn->handle, &dc.handle);
1011 dc.reason = 0x13; /* Remote User Terminated Connection */
1012 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1015 unlock:
1016 hci_dev_unlock_bh(hdev);
1017 hci_dev_put(hdev);
1019 return err;
1022 static int disconnect(struct sock *sk, u16 index, unsigned char *data, u16 len)
1024 struct hci_dev *hdev;
1025 struct mgmt_cp_disconnect *cp;
1026 struct hci_cp_disconnect dc;
1027 struct pending_cmd *cmd;
1028 struct hci_conn *conn;
1029 int err;
1031 BT_DBG("");
1033 cp = (void *) data;
1035 if (len != sizeof(*cp))
1036 return cmd_status(sk, index, MGMT_OP_DISCONNECT, EINVAL);
1038 hdev = hci_dev_get(index);
1039 if (!hdev)
1040 return cmd_status(sk, index, MGMT_OP_DISCONNECT, ENODEV);
1042 hci_dev_lock_bh(hdev);
1044 if (!test_bit(HCI_UP, &hdev->flags)) {
1045 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENETDOWN);
1046 goto failed;
1049 if (mgmt_pending_find(MGMT_OP_DISCONNECT, index)) {
1050 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, EBUSY);
1051 goto failed;
1054 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1055 if (!conn)
1056 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->bdaddr);
1058 if (!conn) {
1059 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENOTCONN);
1060 goto failed;
1063 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, index, data, len);
1064 if (!cmd) {
1065 err = -ENOMEM;
1066 goto failed;
1069 put_unaligned_le16(conn->handle, &dc.handle);
1070 dc.reason = 0x13; /* Remote User Terminated Connection */
1072 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1073 if (err < 0)
1074 mgmt_pending_remove(cmd);
1076 failed:
1077 hci_dev_unlock_bh(hdev);
1078 hci_dev_put(hdev);
1080 return err;
1083 static int get_connections(struct sock *sk, u16 index)
1085 struct mgmt_rp_get_connections *rp;
1086 struct hci_dev *hdev;
1087 struct list_head *p;
1088 size_t rp_len;
1089 u16 count;
1090 int i, err;
1092 BT_DBG("");
1094 hdev = hci_dev_get(index);
1095 if (!hdev)
1096 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS, ENODEV);
1098 hci_dev_lock_bh(hdev);
1100 count = 0;
1101 list_for_each(p, &hdev->conn_hash.list) {
1102 count++;
1105 rp_len = sizeof(*rp) + (count * sizeof(bdaddr_t));
1106 rp = kmalloc(rp_len, GFP_ATOMIC);
1107 if (!rp) {
1108 err = -ENOMEM;
1109 goto unlock;
1112 put_unaligned_le16(count, &rp->conn_count);
1114 i = 0;
1115 list_for_each(p, &hdev->conn_hash.list) {
1116 struct hci_conn *c = list_entry(p, struct hci_conn, list);
1118 bacpy(&rp->conn[i++], &c->dst);
1121 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, rp, rp_len);
1123 unlock:
1124 kfree(rp);
1125 hci_dev_unlock_bh(hdev);
1126 hci_dev_put(hdev);
1127 return err;
1130 static int send_pin_code_neg_reply(struct sock *sk, u16 index,
1131 struct hci_dev *hdev, struct mgmt_cp_pin_code_neg_reply *cp)
1133 struct pending_cmd *cmd;
1134 int err;
1136 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, index, cp,
1137 sizeof(*cp));
1138 if (!cmd)
1139 return -ENOMEM;
1141 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, sizeof(cp->bdaddr),
1142 &cp->bdaddr);
1143 if (err < 0)
1144 mgmt_pending_remove(cmd);
1146 return err;
1149 static int pin_code_reply(struct sock *sk, u16 index, unsigned char *data,
1150 u16 len)
1152 struct hci_dev *hdev;
1153 struct hci_conn *conn;
1154 struct mgmt_cp_pin_code_reply *cp;
1155 struct mgmt_cp_pin_code_neg_reply ncp;
1156 struct hci_cp_pin_code_reply reply;
1157 struct pending_cmd *cmd;
1158 int err;
1160 BT_DBG("");
1162 cp = (void *) data;
1164 if (len != sizeof(*cp))
1165 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, EINVAL);
1167 hdev = hci_dev_get(index);
1168 if (!hdev)
1169 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENODEV);
1171 hci_dev_lock_bh(hdev);
1173 if (!test_bit(HCI_UP, &hdev->flags)) {
1174 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENETDOWN);
1175 goto failed;
1178 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1179 if (!conn) {
1180 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENOTCONN);
1181 goto failed;
1184 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
1185 bacpy(&ncp.bdaddr, &cp->bdaddr);
1187 BT_ERR("PIN code is not 16 bytes long");
1189 err = send_pin_code_neg_reply(sk, index, hdev, &ncp);
1190 if (err >= 0)
1191 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1192 EINVAL);
1194 goto failed;
1197 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, index, data, len);
1198 if (!cmd) {
1199 err = -ENOMEM;
1200 goto failed;
1203 bacpy(&reply.bdaddr, &cp->bdaddr);
1204 reply.pin_len = cp->pin_len;
1205 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
1207 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1208 if (err < 0)
1209 mgmt_pending_remove(cmd);
1211 failed:
1212 hci_dev_unlock_bh(hdev);
1213 hci_dev_put(hdev);
1215 return err;
1218 static int pin_code_neg_reply(struct sock *sk, u16 index, unsigned char *data,
1219 u16 len)
1221 struct hci_dev *hdev;
1222 struct mgmt_cp_pin_code_neg_reply *cp;
1223 int err;
1225 BT_DBG("");
1227 cp = (void *) data;
1229 if (len != sizeof(*cp))
1230 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1231 EINVAL);
1233 hdev = hci_dev_get(index);
1234 if (!hdev)
1235 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1236 ENODEV);
1238 hci_dev_lock_bh(hdev);
1240 if (!test_bit(HCI_UP, &hdev->flags)) {
1241 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1242 ENETDOWN);
1243 goto failed;
1246 err = send_pin_code_neg_reply(sk, index, hdev, cp);
1248 failed:
1249 hci_dev_unlock_bh(hdev);
1250 hci_dev_put(hdev);
1252 return err;
1255 static int set_io_capability(struct sock *sk, u16 index, unsigned char *data,
1256 u16 len)
1258 struct hci_dev *hdev;
1259 struct mgmt_cp_set_io_capability *cp;
1261 BT_DBG("");
1263 cp = (void *) data;
1265 if (len != sizeof(*cp))
1266 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, EINVAL);
1268 hdev = hci_dev_get(index);
1269 if (!hdev)
1270 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, ENODEV);
1272 hci_dev_lock_bh(hdev);
1274 hdev->io_capability = cp->io_capability;
1276 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
1277 hdev->io_capability);
1279 hci_dev_unlock_bh(hdev);
1280 hci_dev_put(hdev);
1282 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, NULL, 0);
1285 static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1287 struct hci_dev *hdev = conn->hdev;
1288 struct list_head *p;
1290 list_for_each(p, &cmd_list) {
1291 struct pending_cmd *cmd;
1293 cmd = list_entry(p, struct pending_cmd, list);
1295 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1296 continue;
1298 if (cmd->index != hdev->id)
1299 continue;
1301 if (cmd->user_data != conn)
1302 continue;
1304 return cmd;
1307 return NULL;
1310 static void pairing_complete(struct pending_cmd *cmd, u8 status)
1312 struct mgmt_rp_pair_device rp;
1313 struct hci_conn *conn = cmd->user_data;
1315 bacpy(&rp.bdaddr, &conn->dst);
1316 rp.status = status;
1318 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, &rp, sizeof(rp));
1320 /* So we don't get further callbacks for this connection */
1321 conn->connect_cfm_cb = NULL;
1322 conn->security_cfm_cb = NULL;
1323 conn->disconn_cfm_cb = NULL;
1325 hci_conn_put(conn);
1327 mgmt_pending_remove(cmd);
1330 static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1332 struct pending_cmd *cmd;
1334 BT_DBG("status %u", status);
1336 cmd = find_pairing(conn);
1337 if (!cmd) {
1338 BT_DBG("Unable to find a pending command");
1339 return;
1342 pairing_complete(cmd, status);
1345 static int pair_device(struct sock *sk, u16 index, unsigned char *data, u16 len)
1347 struct hci_dev *hdev;
1348 struct mgmt_cp_pair_device *cp;
1349 struct pending_cmd *cmd;
1350 struct adv_entry *entry;
1351 u8 sec_level, auth_type;
1352 struct hci_conn *conn;
1353 int err;
1355 BT_DBG("");
1357 cp = (void *) data;
1359 if (len != sizeof(*cp))
1360 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EINVAL);
1362 hdev = hci_dev_get(index);
1363 if (!hdev)
1364 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, ENODEV);
1366 hci_dev_lock_bh(hdev);
1368 if (cp->io_cap == 0x03) {
1369 sec_level = BT_SECURITY_MEDIUM;
1370 auth_type = HCI_AT_DEDICATED_BONDING;
1371 } else {
1372 sec_level = BT_SECURITY_HIGH;
1373 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
1376 entry = hci_find_adv_entry(hdev, &cp->bdaddr);
1377 if (entry)
1378 conn = hci_connect(hdev, LE_LINK, &cp->bdaddr, sec_level,
1379 auth_type);
1380 else
1381 conn = hci_connect(hdev, ACL_LINK, &cp->bdaddr, sec_level,
1382 auth_type);
1384 if (IS_ERR(conn)) {
1385 err = PTR_ERR(conn);
1386 goto unlock;
1389 if (conn->connect_cfm_cb) {
1390 hci_conn_put(conn);
1391 err = cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EBUSY);
1392 goto unlock;
1395 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, index, data, len);
1396 if (!cmd) {
1397 err = -ENOMEM;
1398 hci_conn_put(conn);
1399 goto unlock;
1402 /* For LE, just connecting isn't a proof that the pairing finished */
1403 if (!entry)
1404 conn->connect_cfm_cb = pairing_complete_cb;
1406 conn->security_cfm_cb = pairing_complete_cb;
1407 conn->disconn_cfm_cb = pairing_complete_cb;
1408 conn->io_capability = cp->io_cap;
1409 cmd->user_data = conn;
1411 if (conn->state == BT_CONNECTED &&
1412 hci_conn_security(conn, sec_level, auth_type))
1413 pairing_complete(cmd, 0);
1415 err = 0;
1417 unlock:
1418 hci_dev_unlock_bh(hdev);
1419 hci_dev_put(hdev);
1421 return err;
1424 static int user_confirm_reply(struct sock *sk, u16 index, unsigned char *data,
1425 u16 len, int success)
1427 struct mgmt_cp_user_confirm_reply *cp = (void *) data;
1428 u16 mgmt_op, hci_op;
1429 struct pending_cmd *cmd;
1430 struct hci_dev *hdev;
1431 int err;
1433 BT_DBG("");
1435 if (success) {
1436 mgmt_op = MGMT_OP_USER_CONFIRM_REPLY;
1437 hci_op = HCI_OP_USER_CONFIRM_REPLY;
1438 } else {
1439 mgmt_op = MGMT_OP_USER_CONFIRM_NEG_REPLY;
1440 hci_op = HCI_OP_USER_CONFIRM_NEG_REPLY;
1443 if (len != sizeof(*cp))
1444 return cmd_status(sk, index, mgmt_op, EINVAL);
1446 hdev = hci_dev_get(index);
1447 if (!hdev)
1448 return cmd_status(sk, index, mgmt_op, ENODEV);
1450 hci_dev_lock_bh(hdev);
1452 if (!test_bit(HCI_UP, &hdev->flags)) {
1453 err = cmd_status(sk, index, mgmt_op, ENETDOWN);
1454 goto failed;
1457 cmd = mgmt_pending_add(sk, mgmt_op, index, data, len);
1458 if (!cmd) {
1459 err = -ENOMEM;
1460 goto failed;
1463 err = hci_send_cmd(hdev, hci_op, sizeof(cp->bdaddr), &cp->bdaddr);
1464 if (err < 0)
1465 mgmt_pending_remove(cmd);
1467 failed:
1468 hci_dev_unlock_bh(hdev);
1469 hci_dev_put(hdev);
1471 return err;
1474 static int set_local_name(struct sock *sk, u16 index, unsigned char *data,
1475 u16 len)
1477 struct mgmt_cp_set_local_name *mgmt_cp = (void *) data;
1478 struct hci_cp_write_local_name hci_cp;
1479 struct hci_dev *hdev;
1480 struct pending_cmd *cmd;
1481 int err;
1483 BT_DBG("");
1485 if (len != sizeof(*mgmt_cp))
1486 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, EINVAL);
1488 hdev = hci_dev_get(index);
1489 if (!hdev)
1490 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, ENODEV);
1492 hci_dev_lock_bh(hdev);
1494 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, index, data, len);
1495 if (!cmd) {
1496 err = -ENOMEM;
1497 goto failed;
1500 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name));
1501 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp),
1502 &hci_cp);
1503 if (err < 0)
1504 mgmt_pending_remove(cmd);
1506 failed:
1507 hci_dev_unlock_bh(hdev);
1508 hci_dev_put(hdev);
1510 return err;
1513 static int read_local_oob_data(struct sock *sk, u16 index)
1515 struct hci_dev *hdev;
1516 struct pending_cmd *cmd;
1517 int err;
1519 BT_DBG("hci%u", index);
1521 hdev = hci_dev_get(index);
1522 if (!hdev)
1523 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1524 ENODEV);
1526 hci_dev_lock_bh(hdev);
1528 if (!test_bit(HCI_UP, &hdev->flags)) {
1529 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1530 ENETDOWN);
1531 goto unlock;
1534 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
1535 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1536 EOPNOTSUPP);
1537 goto unlock;
1540 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, index)) {
1541 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA, EBUSY);
1542 goto unlock;
1545 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, index, NULL, 0);
1546 if (!cmd) {
1547 err = -ENOMEM;
1548 goto unlock;
1551 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
1552 if (err < 0)
1553 mgmt_pending_remove(cmd);
1555 unlock:
1556 hci_dev_unlock_bh(hdev);
1557 hci_dev_put(hdev);
1559 return err;
1562 static int add_remote_oob_data(struct sock *sk, u16 index, unsigned char *data,
1563 u16 len)
1565 struct hci_dev *hdev;
1566 struct mgmt_cp_add_remote_oob_data *cp = (void *) data;
1567 int err;
1569 BT_DBG("hci%u ", index);
1571 if (len != sizeof(*cp))
1572 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1573 EINVAL);
1575 hdev = hci_dev_get(index);
1576 if (!hdev)
1577 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1578 ENODEV);
1580 hci_dev_lock_bh(hdev);
1582 err = hci_add_remote_oob_data(hdev, &cp->bdaddr, cp->hash,
1583 cp->randomizer);
1584 if (err < 0)
1585 err = cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, -err);
1586 else
1587 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, NULL,
1590 hci_dev_unlock_bh(hdev);
1591 hci_dev_put(hdev);
1593 return err;
1596 static int remove_remote_oob_data(struct sock *sk, u16 index,
1597 unsigned char *data, u16 len)
1599 struct hci_dev *hdev;
1600 struct mgmt_cp_remove_remote_oob_data *cp = (void *) data;
1601 int err;
1603 BT_DBG("hci%u ", index);
1605 if (len != sizeof(*cp))
1606 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1607 EINVAL);
1609 hdev = hci_dev_get(index);
1610 if (!hdev)
1611 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1612 ENODEV);
1614 hci_dev_lock_bh(hdev);
1616 err = hci_remove_remote_oob_data(hdev, &cp->bdaddr);
1617 if (err < 0)
1618 err = cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1619 -err);
1620 else
1621 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1622 NULL, 0);
1624 hci_dev_unlock_bh(hdev);
1625 hci_dev_put(hdev);
1627 return err;
1630 static int start_discovery(struct sock *sk, u16 index)
1632 u8 lap[3] = { 0x33, 0x8b, 0x9e };
1633 struct hci_cp_inquiry cp;
1634 struct pending_cmd *cmd;
1635 struct hci_dev *hdev;
1636 int err;
1638 BT_DBG("hci%u", index);
1640 hdev = hci_dev_get(index);
1641 if (!hdev)
1642 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY, ENODEV);
1644 hci_dev_lock_bh(hdev);
1646 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, index, NULL, 0);
1647 if (!cmd) {
1648 err = -ENOMEM;
1649 goto failed;
1652 memset(&cp, 0, sizeof(cp));
1653 memcpy(&cp.lap, lap, 3);
1654 cp.length = 0x08;
1655 cp.num_rsp = 0x00;
1657 err = hci_send_cmd(hdev, HCI_OP_INQUIRY, sizeof(cp), &cp);
1658 if (err < 0)
1659 mgmt_pending_remove(cmd);
1661 failed:
1662 hci_dev_unlock_bh(hdev);
1663 hci_dev_put(hdev);
1665 return err;
1668 static int stop_discovery(struct sock *sk, u16 index)
1670 struct hci_dev *hdev;
1671 struct pending_cmd *cmd;
1672 int err;
1674 BT_DBG("hci%u", index);
1676 hdev = hci_dev_get(index);
1677 if (!hdev)
1678 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY, ENODEV);
1680 hci_dev_lock_bh(hdev);
1682 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, index, NULL, 0);
1683 if (!cmd) {
1684 err = -ENOMEM;
1685 goto failed;
1688 err = hci_send_cmd(hdev, HCI_OP_INQUIRY_CANCEL, 0, NULL);
1689 if (err < 0)
1690 mgmt_pending_remove(cmd);
1692 failed:
1693 hci_dev_unlock_bh(hdev);
1694 hci_dev_put(hdev);
1696 return err;
1699 static int block_device(struct sock *sk, u16 index, unsigned char *data,
1700 u16 len)
1702 struct hci_dev *hdev;
1703 struct pending_cmd *cmd;
1704 struct mgmt_cp_block_device *cp = (void *) data;
1705 int err;
1707 BT_DBG("hci%u", index);
1709 if (len != sizeof(*cp))
1710 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1711 EINVAL);
1713 hdev = hci_dev_get(index);
1714 if (!hdev)
1715 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1716 ENODEV);
1718 hci_dev_lock_bh(hdev);
1720 cmd = mgmt_pending_add(sk, MGMT_OP_BLOCK_DEVICE, index, NULL, 0);
1721 if (!cmd) {
1722 err = -ENOMEM;
1723 goto failed;
1726 err = hci_blacklist_add(hdev, &cp->bdaddr);
1728 if (err < 0)
1729 err = cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE, -err);
1730 else
1731 err = cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE,
1732 NULL, 0);
1734 mgmt_pending_remove(cmd);
1736 failed:
1737 hci_dev_unlock_bh(hdev);
1738 hci_dev_put(hdev);
1740 return err;
1743 static int unblock_device(struct sock *sk, u16 index, unsigned char *data,
1744 u16 len)
1746 struct hci_dev *hdev;
1747 struct pending_cmd *cmd;
1748 struct mgmt_cp_unblock_device *cp = (void *) data;
1749 int err;
1751 BT_DBG("hci%u", index);
1753 if (len != sizeof(*cp))
1754 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1755 EINVAL);
1757 hdev = hci_dev_get(index);
1758 if (!hdev)
1759 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1760 ENODEV);
1762 hci_dev_lock_bh(hdev);
1764 cmd = mgmt_pending_add(sk, MGMT_OP_UNBLOCK_DEVICE, index, NULL, 0);
1765 if (!cmd) {
1766 err = -ENOMEM;
1767 goto failed;
1770 err = hci_blacklist_del(hdev, &cp->bdaddr);
1772 if (err < 0)
1773 err = cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE, -err);
1774 else
1775 err = cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1776 NULL, 0);
1778 mgmt_pending_remove(cmd);
1780 failed:
1781 hci_dev_unlock_bh(hdev);
1782 hci_dev_put(hdev);
1784 return err;
1787 int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
1789 unsigned char *buf;
1790 struct mgmt_hdr *hdr;
1791 u16 opcode, index, len;
1792 int err;
1794 BT_DBG("got %zu bytes", msglen);
1796 if (msglen < sizeof(*hdr))
1797 return -EINVAL;
1799 buf = kmalloc(msglen, GFP_KERNEL);
1800 if (!buf)
1801 return -ENOMEM;
1803 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
1804 err = -EFAULT;
1805 goto done;
1808 hdr = (struct mgmt_hdr *) buf;
1809 opcode = get_unaligned_le16(&hdr->opcode);
1810 index = get_unaligned_le16(&hdr->index);
1811 len = get_unaligned_le16(&hdr->len);
1813 if (len != msglen - sizeof(*hdr)) {
1814 err = -EINVAL;
1815 goto done;
1818 switch (opcode) {
1819 case MGMT_OP_READ_VERSION:
1820 err = read_version(sk);
1821 break;
1822 case MGMT_OP_READ_INDEX_LIST:
1823 err = read_index_list(sk);
1824 break;
1825 case MGMT_OP_READ_INFO:
1826 err = read_controller_info(sk, index);
1827 break;
1828 case MGMT_OP_SET_POWERED:
1829 err = set_powered(sk, index, buf + sizeof(*hdr), len);
1830 break;
1831 case MGMT_OP_SET_DISCOVERABLE:
1832 err = set_discoverable(sk, index, buf + sizeof(*hdr), len);
1833 break;
1834 case MGMT_OP_SET_CONNECTABLE:
1835 err = set_connectable(sk, index, buf + sizeof(*hdr), len);
1836 break;
1837 case MGMT_OP_SET_PAIRABLE:
1838 err = set_pairable(sk, index, buf + sizeof(*hdr), len);
1839 break;
1840 case MGMT_OP_ADD_UUID:
1841 err = add_uuid(sk, index, buf + sizeof(*hdr), len);
1842 break;
1843 case MGMT_OP_REMOVE_UUID:
1844 err = remove_uuid(sk, index, buf + sizeof(*hdr), len);
1845 break;
1846 case MGMT_OP_SET_DEV_CLASS:
1847 err = set_dev_class(sk, index, buf + sizeof(*hdr), len);
1848 break;
1849 case MGMT_OP_SET_SERVICE_CACHE:
1850 err = set_service_cache(sk, index, buf + sizeof(*hdr), len);
1851 break;
1852 case MGMT_OP_LOAD_KEYS:
1853 err = load_keys(sk, index, buf + sizeof(*hdr), len);
1854 break;
1855 case MGMT_OP_REMOVE_KEY:
1856 err = remove_key(sk, index, buf + sizeof(*hdr), len);
1857 break;
1858 case MGMT_OP_DISCONNECT:
1859 err = disconnect(sk, index, buf + sizeof(*hdr), len);
1860 break;
1861 case MGMT_OP_GET_CONNECTIONS:
1862 err = get_connections(sk, index);
1863 break;
1864 case MGMT_OP_PIN_CODE_REPLY:
1865 err = pin_code_reply(sk, index, buf + sizeof(*hdr), len);
1866 break;
1867 case MGMT_OP_PIN_CODE_NEG_REPLY:
1868 err = pin_code_neg_reply(sk, index, buf + sizeof(*hdr), len);
1869 break;
1870 case MGMT_OP_SET_IO_CAPABILITY:
1871 err = set_io_capability(sk, index, buf + sizeof(*hdr), len);
1872 break;
1873 case MGMT_OP_PAIR_DEVICE:
1874 err = pair_device(sk, index, buf + sizeof(*hdr), len);
1875 break;
1876 case MGMT_OP_USER_CONFIRM_REPLY:
1877 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 1);
1878 break;
1879 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
1880 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 0);
1881 break;
1882 case MGMT_OP_SET_LOCAL_NAME:
1883 err = set_local_name(sk, index, buf + sizeof(*hdr), len);
1884 break;
1885 case MGMT_OP_READ_LOCAL_OOB_DATA:
1886 err = read_local_oob_data(sk, index);
1887 break;
1888 case MGMT_OP_ADD_REMOTE_OOB_DATA:
1889 err = add_remote_oob_data(sk, index, buf + sizeof(*hdr), len);
1890 break;
1891 case MGMT_OP_REMOVE_REMOTE_OOB_DATA:
1892 err = remove_remote_oob_data(sk, index, buf + sizeof(*hdr),
1893 len);
1894 break;
1895 case MGMT_OP_START_DISCOVERY:
1896 err = start_discovery(sk, index);
1897 break;
1898 case MGMT_OP_STOP_DISCOVERY:
1899 err = stop_discovery(sk, index);
1900 break;
1901 case MGMT_OP_BLOCK_DEVICE:
1902 err = block_device(sk, index, buf + sizeof(*hdr), len);
1903 break;
1904 case MGMT_OP_UNBLOCK_DEVICE:
1905 err = unblock_device(sk, index, buf + sizeof(*hdr), len);
1906 break;
1907 default:
1908 BT_DBG("Unknown op %u", opcode);
1909 err = cmd_status(sk, index, opcode, 0x01);
1910 break;
1913 if (err < 0)
1914 goto done;
1916 err = msglen;
1918 done:
1919 kfree(buf);
1920 return err;
1923 int mgmt_index_added(u16 index)
1925 return mgmt_event(MGMT_EV_INDEX_ADDED, index, NULL, 0, NULL);
1928 int mgmt_index_removed(u16 index)
1930 return mgmt_event(MGMT_EV_INDEX_REMOVED, index, NULL, 0, NULL);
1933 struct cmd_lookup {
1934 u8 val;
1935 struct sock *sk;
1938 static void mode_rsp(struct pending_cmd *cmd, void *data)
1940 struct mgmt_mode *cp = cmd->param;
1941 struct cmd_lookup *match = data;
1943 if (cp->val != match->val)
1944 return;
1946 send_mode_rsp(cmd->sk, cmd->opcode, cmd->index, cp->val);
1948 list_del(&cmd->list);
1950 if (match->sk == NULL) {
1951 match->sk = cmd->sk;
1952 sock_hold(match->sk);
1955 mgmt_pending_free(cmd);
1958 int mgmt_powered(u16 index, u8 powered)
1960 struct mgmt_mode ev;
1961 struct cmd_lookup match = { powered, NULL };
1962 int ret;
1964 mgmt_pending_foreach(MGMT_OP_SET_POWERED, index, mode_rsp, &match);
1966 ev.val = powered;
1968 ret = mgmt_event(MGMT_EV_POWERED, index, &ev, sizeof(ev), match.sk);
1970 if (match.sk)
1971 sock_put(match.sk);
1973 return ret;
1976 int mgmt_discoverable(u16 index, u8 discoverable)
1978 struct mgmt_mode ev;
1979 struct cmd_lookup match = { discoverable, NULL };
1980 int ret;
1982 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, index, mode_rsp, &match);
1984 ev.val = discoverable;
1986 ret = mgmt_event(MGMT_EV_DISCOVERABLE, index, &ev, sizeof(ev),
1987 match.sk);
1989 if (match.sk)
1990 sock_put(match.sk);
1992 return ret;
1995 int mgmt_connectable(u16 index, u8 connectable)
1997 struct mgmt_mode ev;
1998 struct cmd_lookup match = { connectable, NULL };
1999 int ret;
2001 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, index, mode_rsp, &match);
2003 ev.val = connectable;
2005 ret = mgmt_event(MGMT_EV_CONNECTABLE, index, &ev, sizeof(ev), match.sk);
2007 if (match.sk)
2008 sock_put(match.sk);
2010 return ret;
2013 int mgmt_new_key(u16 index, struct link_key *key, u8 persistent)
2015 struct mgmt_ev_new_key *ev;
2016 int err, total;
2018 total = sizeof(struct mgmt_ev_new_key) + key->dlen;
2019 ev = kzalloc(total, GFP_ATOMIC);
2020 if (!ev)
2021 return -ENOMEM;
2023 bacpy(&ev->key.bdaddr, &key->bdaddr);
2024 ev->key.type = key->type;
2025 memcpy(ev->key.val, key->val, 16);
2026 ev->key.pin_len = key->pin_len;
2027 ev->key.dlen = key->dlen;
2028 ev->store_hint = persistent;
2030 memcpy(ev->key.data, key->data, key->dlen);
2032 err = mgmt_event(MGMT_EV_NEW_KEY, index, ev, total, NULL);
2034 kfree(ev);
2036 return err;
2039 int mgmt_connected(u16 index, bdaddr_t *bdaddr, u8 link_type)
2041 struct mgmt_ev_connected ev;
2043 bacpy(&ev.bdaddr, bdaddr);
2044 ev.link_type = link_type;
2046 return mgmt_event(MGMT_EV_CONNECTED, index, &ev, sizeof(ev), NULL);
2049 static void disconnect_rsp(struct pending_cmd *cmd, void *data)
2051 struct mgmt_cp_disconnect *cp = cmd->param;
2052 struct sock **sk = data;
2053 struct mgmt_rp_disconnect rp;
2055 bacpy(&rp.bdaddr, &cp->bdaddr);
2057 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, &rp, sizeof(rp));
2059 *sk = cmd->sk;
2060 sock_hold(*sk);
2062 mgmt_pending_remove(cmd);
2065 int mgmt_disconnected(u16 index, bdaddr_t *bdaddr)
2067 struct mgmt_ev_disconnected ev;
2068 struct sock *sk = NULL;
2069 int err;
2071 mgmt_pending_foreach(MGMT_OP_DISCONNECT, index, disconnect_rsp, &sk);
2073 bacpy(&ev.bdaddr, bdaddr);
2075 err = mgmt_event(MGMT_EV_DISCONNECTED, index, &ev, sizeof(ev), sk);
2077 if (sk)
2078 sock_put(sk);
2080 return err;
2083 int mgmt_disconnect_failed(u16 index)
2085 struct pending_cmd *cmd;
2086 int err;
2088 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, index);
2089 if (!cmd)
2090 return -ENOENT;
2092 err = cmd_status(cmd->sk, index, MGMT_OP_DISCONNECT, EIO);
2094 mgmt_pending_remove(cmd);
2096 return err;
2099 int mgmt_connect_failed(u16 index, bdaddr_t *bdaddr, u8 status)
2101 struct mgmt_ev_connect_failed ev;
2103 bacpy(&ev.bdaddr, bdaddr);
2104 ev.status = status;
2106 return mgmt_event(MGMT_EV_CONNECT_FAILED, index, &ev, sizeof(ev), NULL);
2109 int mgmt_pin_code_request(u16 index, bdaddr_t *bdaddr, u8 secure)
2111 struct mgmt_ev_pin_code_request ev;
2113 bacpy(&ev.bdaddr, bdaddr);
2114 ev.secure = secure;
2116 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, index, &ev, sizeof(ev),
2117 NULL);
2120 int mgmt_pin_code_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2122 struct pending_cmd *cmd;
2123 struct mgmt_rp_pin_code_reply rp;
2124 int err;
2126 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, index);
2127 if (!cmd)
2128 return -ENOENT;
2130 bacpy(&rp.bdaddr, bdaddr);
2131 rp.status = status;
2133 err = cmd_complete(cmd->sk, index, MGMT_OP_PIN_CODE_REPLY, &rp,
2134 sizeof(rp));
2136 mgmt_pending_remove(cmd);
2138 return err;
2141 int mgmt_pin_code_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2143 struct pending_cmd *cmd;
2144 struct mgmt_rp_pin_code_reply rp;
2145 int err;
2147 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, index);
2148 if (!cmd)
2149 return -ENOENT;
2151 bacpy(&rp.bdaddr, bdaddr);
2152 rp.status = status;
2154 err = cmd_complete(cmd->sk, index, MGMT_OP_PIN_CODE_NEG_REPLY, &rp,
2155 sizeof(rp));
2157 mgmt_pending_remove(cmd);
2159 return err;
2162 int mgmt_user_confirm_request(u16 index, bdaddr_t *bdaddr, __le32 value,
2163 u8 confirm_hint)
2165 struct mgmt_ev_user_confirm_request ev;
2167 BT_DBG("hci%u", index);
2169 bacpy(&ev.bdaddr, bdaddr);
2170 ev.confirm_hint = confirm_hint;
2171 put_unaligned_le32(value, &ev.value);
2173 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, index, &ev, sizeof(ev),
2174 NULL);
2177 static int confirm_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status,
2178 u8 opcode)
2180 struct pending_cmd *cmd;
2181 struct mgmt_rp_user_confirm_reply rp;
2182 int err;
2184 cmd = mgmt_pending_find(opcode, index);
2185 if (!cmd)
2186 return -ENOENT;
2188 bacpy(&rp.bdaddr, bdaddr);
2189 rp.status = status;
2190 err = cmd_complete(cmd->sk, index, opcode, &rp, sizeof(rp));
2192 mgmt_pending_remove(cmd);
2194 return err;
2197 int mgmt_user_confirm_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2199 return confirm_reply_complete(index, bdaddr, status,
2200 MGMT_OP_USER_CONFIRM_REPLY);
2203 int mgmt_user_confirm_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2205 return confirm_reply_complete(index, bdaddr, status,
2206 MGMT_OP_USER_CONFIRM_NEG_REPLY);
2209 int mgmt_auth_failed(u16 index, bdaddr_t *bdaddr, u8 status)
2211 struct mgmt_ev_auth_failed ev;
2213 bacpy(&ev.bdaddr, bdaddr);
2214 ev.status = status;
2216 return mgmt_event(MGMT_EV_AUTH_FAILED, index, &ev, sizeof(ev), NULL);
2219 int mgmt_set_local_name_complete(u16 index, u8 *name, u8 status)
2221 struct pending_cmd *cmd;
2222 struct hci_dev *hdev;
2223 struct mgmt_cp_set_local_name ev;
2224 int err;
2226 memset(&ev, 0, sizeof(ev));
2227 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2229 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, index);
2230 if (!cmd)
2231 goto send_event;
2233 if (status) {
2234 err = cmd_status(cmd->sk, index, MGMT_OP_SET_LOCAL_NAME, EIO);
2235 goto failed;
2238 hdev = hci_dev_get(index);
2239 if (hdev) {
2240 hci_dev_lock_bh(hdev);
2241 update_eir(hdev);
2242 hci_dev_unlock_bh(hdev);
2243 hci_dev_put(hdev);
2246 err = cmd_complete(cmd->sk, index, MGMT_OP_SET_LOCAL_NAME, &ev,
2247 sizeof(ev));
2248 if (err < 0)
2249 goto failed;
2251 send_event:
2252 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, index, &ev, sizeof(ev),
2253 cmd ? cmd->sk : NULL);
2255 failed:
2256 if (cmd)
2257 mgmt_pending_remove(cmd);
2258 return err;
2261 int mgmt_read_local_oob_data_reply_complete(u16 index, u8 *hash, u8 *randomizer,
2262 u8 status)
2264 struct pending_cmd *cmd;
2265 int err;
2267 BT_DBG("hci%u status %u", index, status);
2269 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, index);
2270 if (!cmd)
2271 return -ENOENT;
2273 if (status) {
2274 err = cmd_status(cmd->sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
2275 EIO);
2276 } else {
2277 struct mgmt_rp_read_local_oob_data rp;
2279 memcpy(rp.hash, hash, sizeof(rp.hash));
2280 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
2282 err = cmd_complete(cmd->sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
2283 &rp, sizeof(rp));
2286 mgmt_pending_remove(cmd);
2288 return err;
2291 int mgmt_device_found(u16 index, bdaddr_t *bdaddr, u8 *dev_class, s8 rssi,
2292 u8 *eir)
2294 struct mgmt_ev_device_found ev;
2296 memset(&ev, 0, sizeof(ev));
2298 bacpy(&ev.bdaddr, bdaddr);
2299 memcpy(ev.dev_class, dev_class, sizeof(ev.dev_class));
2300 ev.rssi = rssi;
2302 if (eir)
2303 memcpy(ev.eir, eir, sizeof(ev.eir));
2305 return mgmt_event(MGMT_EV_DEVICE_FOUND, index, &ev, sizeof(ev), NULL);
2308 int mgmt_remote_name(u16 index, bdaddr_t *bdaddr, u8 *name)
2310 struct mgmt_ev_remote_name ev;
2312 memset(&ev, 0, sizeof(ev));
2314 bacpy(&ev.bdaddr, bdaddr);
2315 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2317 return mgmt_event(MGMT_EV_REMOTE_NAME, index, &ev, sizeof(ev), NULL);
2320 int mgmt_discovering(u16 index, u8 discovering)
2322 return mgmt_event(MGMT_EV_DISCOVERING, index, &discovering,
2323 sizeof(discovering), NULL);
2326 int mgmt_device_blocked(u16 index, bdaddr_t *bdaddr)
2328 struct pending_cmd *cmd;
2329 struct mgmt_ev_device_blocked ev;
2331 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, index);
2333 bacpy(&ev.bdaddr, bdaddr);
2335 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, index, &ev, sizeof(ev),
2336 cmd ? cmd->sk : NULL);
2339 int mgmt_device_unblocked(u16 index, bdaddr_t *bdaddr)
2341 struct pending_cmd *cmd;
2342 struct mgmt_ev_device_unblocked ev;
2344 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, index);
2346 bacpy(&ev.bdaddr, bdaddr);
2348 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, index, &ev, sizeof(ev),
2349 cmd ? cmd->sk : NULL);