aboutsummaryrefslogtreecommitdiffstats
path: root/net/bluetooth/hci_event.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/bluetooth/hci_event.c')
-rw-r--r--net/bluetooth/hci_event.c781
1 files changed, 186 insertions, 595 deletions
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index 477726a63512..b93cd2eb5d58 100644
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -48,13 +48,13 @@ static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
48 } 48 }
49 49
50 clear_bit(HCI_INQUIRY, &hdev->flags); 50 clear_bit(HCI_INQUIRY, &hdev->flags);
51 smp_mb__after_clear_bit(); /* wake_up_bit advises about this barrier */
52 wake_up_bit(&hdev->flags, HCI_INQUIRY);
51 53
52 hci_dev_lock(hdev); 54 hci_dev_lock(hdev);
53 hci_discovery_set_state(hdev, DISCOVERY_STOPPED); 55 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
54 hci_dev_unlock(hdev); 56 hci_dev_unlock(hdev);
55 57
56 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
57
58 hci_conn_check_pending(hdev); 58 hci_conn_check_pending(hdev);
59} 59}
60 60
@@ -183,8 +183,6 @@ static void hci_cc_write_def_link_policy(struct hci_dev *hdev,
183 183
184 if (!status) 184 if (!status)
185 hdev->link_policy = get_unaligned_le16(sent); 185 hdev->link_policy = get_unaligned_le16(sent);
186
187 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
188} 186}
189 187
190static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb) 188static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
@@ -195,11 +193,8 @@ static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
195 193
196 clear_bit(HCI_RESET, &hdev->flags); 194 clear_bit(HCI_RESET, &hdev->flags);
197 195
198 hci_req_complete(hdev, HCI_OP_RESET, status);
199
200 /* Reset all non-persistent flags */ 196 /* Reset all non-persistent flags */
201 hdev->dev_flags &= ~(BIT(HCI_LE_SCAN) | BIT(HCI_PENDING_CLASS) | 197 hdev->dev_flags &= ~HCI_PERSISTENT_MASK;
202 BIT(HCI_PERIODIC_INQ));
203 198
204 hdev->discovery.state = DISCOVERY_STOPPED; 199 hdev->discovery.state = DISCOVERY_STOPPED;
205 hdev->inq_tx_power = HCI_TX_POWER_INVALID; 200 hdev->inq_tx_power = HCI_TX_POWER_INVALID;
@@ -228,11 +223,6 @@ static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
228 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH); 223 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
229 224
230 hci_dev_unlock(hdev); 225 hci_dev_unlock(hdev);
231
232 if (!status && !test_bit(HCI_INIT, &hdev->flags))
233 hci_update_ad(hdev);
234
235 hci_req_complete(hdev, HCI_OP_WRITE_LOCAL_NAME, status);
236} 226}
237 227
238static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb) 228static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
@@ -270,8 +260,6 @@ static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
270 260
271 if (test_bit(HCI_MGMT, &hdev->dev_flags)) 261 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272 mgmt_auth_enable_complete(hdev, status); 262 mgmt_auth_enable_complete(hdev, status);
273
274 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
275} 263}
276 264
277static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb) 265static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
@@ -293,8 +281,6 @@ static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
293 else 281 else
294 clear_bit(HCI_ENCRYPT, &hdev->flags); 282 clear_bit(HCI_ENCRYPT, &hdev->flags);
295 } 283 }
296
297 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
298} 284}
299 285
300static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb) 286static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
@@ -343,7 +329,6 @@ static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
343 329
344done: 330done:
345 hci_dev_unlock(hdev); 331 hci_dev_unlock(hdev);
346 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
347} 332}
348 333
349static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb) 334static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
@@ -435,15 +420,6 @@ static void hci_cc_write_voice_setting(struct hci_dev *hdev,
435 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING); 420 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
436} 421}
437 422
438static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
439{
440 __u8 status = *((__u8 *) skb->data);
441
442 BT_DBG("%s status 0x%2.2x", hdev->name, status);
443
444 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
445}
446
447static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb) 423static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
448{ 424{
449 __u8 status = *((__u8 *) skb->data); 425 __u8 status = *((__u8 *) skb->data);
@@ -457,9 +433,9 @@ static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
457 433
458 if (!status) { 434 if (!status) {
459 if (sent->mode) 435 if (sent->mode)
460 hdev->host_features[0] |= LMP_HOST_SSP; 436 hdev->features[1][0] |= LMP_HOST_SSP;
461 else 437 else
462 hdev->host_features[0] &= ~LMP_HOST_SSP; 438 hdev->features[1][0] &= ~LMP_HOST_SSP;
463 } 439 }
464 440
465 if (test_bit(HCI_MGMT, &hdev->dev_flags)) 441 if (test_bit(HCI_MGMT, &hdev->dev_flags))
@@ -472,211 +448,6 @@ static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
472 } 448 }
473} 449}
474 450
475static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
476{
477 if (lmp_ext_inq_capable(hdev))
478 return 2;
479
480 if (lmp_inq_rssi_capable(hdev))
481 return 1;
482
483 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
484 hdev->lmp_subver == 0x0757)
485 return 1;
486
487 if (hdev->manufacturer == 15) {
488 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
489 return 1;
490 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
491 return 1;
492 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
493 return 1;
494 }
495
496 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
497 hdev->lmp_subver == 0x1805)
498 return 1;
499
500 return 0;
501}
502
503static void hci_setup_inquiry_mode(struct hci_dev *hdev)
504{
505 u8 mode;
506
507 mode = hci_get_inquiry_mode(hdev);
508
509 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
510}
511
512static void hci_setup_event_mask(struct hci_dev *hdev)
513{
514 /* The second byte is 0xff instead of 0x9f (two reserved bits
515 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
516 * command otherwise */
517 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
518
519 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
520 * any event mask for pre 1.2 devices */
521 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
522 return;
523
524 if (lmp_bredr_capable(hdev)) {
525 events[4] |= 0x01; /* Flow Specification Complete */
526 events[4] |= 0x02; /* Inquiry Result with RSSI */
527 events[4] |= 0x04; /* Read Remote Extended Features Complete */
528 events[5] |= 0x08; /* Synchronous Connection Complete */
529 events[5] |= 0x10; /* Synchronous Connection Changed */
530 }
531
532 if (lmp_inq_rssi_capable(hdev))
533 events[4] |= 0x02; /* Inquiry Result with RSSI */
534
535 if (lmp_sniffsubr_capable(hdev))
536 events[5] |= 0x20; /* Sniff Subrating */
537
538 if (lmp_pause_enc_capable(hdev))
539 events[5] |= 0x80; /* Encryption Key Refresh Complete */
540
541 if (lmp_ext_inq_capable(hdev))
542 events[5] |= 0x40; /* Extended Inquiry Result */
543
544 if (lmp_no_flush_capable(hdev))
545 events[7] |= 0x01; /* Enhanced Flush Complete */
546
547 if (lmp_lsto_capable(hdev))
548 events[6] |= 0x80; /* Link Supervision Timeout Changed */
549
550 if (lmp_ssp_capable(hdev)) {
551 events[6] |= 0x01; /* IO Capability Request */
552 events[6] |= 0x02; /* IO Capability Response */
553 events[6] |= 0x04; /* User Confirmation Request */
554 events[6] |= 0x08; /* User Passkey Request */
555 events[6] |= 0x10; /* Remote OOB Data Request */
556 events[6] |= 0x20; /* Simple Pairing Complete */
557 events[7] |= 0x04; /* User Passkey Notification */
558 events[7] |= 0x08; /* Keypress Notification */
559 events[7] |= 0x10; /* Remote Host Supported
560 * Features Notification */
561 }
562
563 if (lmp_le_capable(hdev))
564 events[7] |= 0x20; /* LE Meta-Event */
565
566 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
567
568 if (lmp_le_capable(hdev)) {
569 memset(events, 0, sizeof(events));
570 events[0] = 0x1f;
571 hci_send_cmd(hdev, HCI_OP_LE_SET_EVENT_MASK,
572 sizeof(events), events);
573 }
574}
575
576static void bredr_setup(struct hci_dev *hdev)
577{
578 struct hci_cp_delete_stored_link_key cp;
579 __le16 param;
580 __u8 flt_type;
581
582 /* Read Buffer Size (ACL mtu, max pkt, etc.) */
583 hci_send_cmd(hdev, HCI_OP_READ_BUFFER_SIZE, 0, NULL);
584
585 /* Read Class of Device */
586 hci_send_cmd(hdev, HCI_OP_READ_CLASS_OF_DEV, 0, NULL);
587
588 /* Read Local Name */
589 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_NAME, 0, NULL);
590
591 /* Read Voice Setting */
592 hci_send_cmd(hdev, HCI_OP_READ_VOICE_SETTING, 0, NULL);
593
594 /* Clear Event Filters */
595 flt_type = HCI_FLT_CLEAR_ALL;
596 hci_send_cmd(hdev, HCI_OP_SET_EVENT_FLT, 1, &flt_type);
597
598 /* Connection accept timeout ~20 secs */
599 param = __constant_cpu_to_le16(0x7d00);
600 hci_send_cmd(hdev, HCI_OP_WRITE_CA_TIMEOUT, 2, &param);
601
602 bacpy(&cp.bdaddr, BDADDR_ANY);
603 cp.delete_all = 1;
604 hci_send_cmd(hdev, HCI_OP_DELETE_STORED_LINK_KEY, sizeof(cp), &cp);
605}
606
607static void le_setup(struct hci_dev *hdev)
608{
609 /* Read LE Buffer Size */
610 hci_send_cmd(hdev, HCI_OP_LE_READ_BUFFER_SIZE, 0, NULL);
611
612 /* Read LE Local Supported Features */
613 hci_send_cmd(hdev, HCI_OP_LE_READ_LOCAL_FEATURES, 0, NULL);
614
615 /* Read LE Advertising Channel TX Power */
616 hci_send_cmd(hdev, HCI_OP_LE_READ_ADV_TX_POWER, 0, NULL);
617
618 /* Read LE White List Size */
619 hci_send_cmd(hdev, HCI_OP_LE_READ_WHITE_LIST_SIZE, 0, NULL);
620
621 /* Read LE Supported States */
622 hci_send_cmd(hdev, HCI_OP_LE_READ_SUPPORTED_STATES, 0, NULL);
623}
624
625static void hci_setup(struct hci_dev *hdev)
626{
627 if (hdev->dev_type != HCI_BREDR)
628 return;
629
630 /* Read BD Address */
631 hci_send_cmd(hdev, HCI_OP_READ_BD_ADDR, 0, NULL);
632
633 if (lmp_bredr_capable(hdev))
634 bredr_setup(hdev);
635
636 if (lmp_le_capable(hdev))
637 le_setup(hdev);
638
639 hci_setup_event_mask(hdev);
640
641 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
642 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
643
644 if (lmp_ssp_capable(hdev)) {
645 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
646 u8 mode = 0x01;
647 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE,
648 sizeof(mode), &mode);
649 } else {
650 struct hci_cp_write_eir cp;
651
652 memset(hdev->eir, 0, sizeof(hdev->eir));
653 memset(&cp, 0, sizeof(cp));
654
655 hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
656 }
657 }
658
659 if (lmp_inq_rssi_capable(hdev))
660 hci_setup_inquiry_mode(hdev);
661
662 if (lmp_inq_tx_pwr_capable(hdev))
663 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
664
665 if (lmp_ext_feat_capable(hdev)) {
666 struct hci_cp_read_local_ext_features cp;
667
668 cp.page = 0x01;
669 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp),
670 &cp);
671 }
672
673 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags)) {
674 u8 enable = 1;
675 hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(enable),
676 &enable);
677 }
678}
679
680static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb) 451static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
681{ 452{
682 struct hci_rp_read_local_version *rp = (void *) skb->data; 453 struct hci_rp_read_local_version *rp = (void *) skb->data;
@@ -684,7 +455,7 @@ static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
684 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 455 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
685 456
686 if (rp->status) 457 if (rp->status)
687 goto done; 458 return;
688 459
689 hdev->hci_ver = rp->hci_ver; 460 hdev->hci_ver = rp->hci_ver;
690 hdev->hci_rev = __le16_to_cpu(rp->hci_rev); 461 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
@@ -694,30 +465,6 @@ static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
694 465
695 BT_DBG("%s manufacturer 0x%4.4x hci ver %d:%d", hdev->name, 466 BT_DBG("%s manufacturer 0x%4.4x hci ver %d:%d", hdev->name,
696 hdev->manufacturer, hdev->hci_ver, hdev->hci_rev); 467 hdev->manufacturer, hdev->hci_ver, hdev->hci_rev);
697
698 if (test_bit(HCI_INIT, &hdev->flags))
699 hci_setup(hdev);
700
701done:
702 hci_req_complete(hdev, HCI_OP_READ_LOCAL_VERSION, rp->status);
703}
704
705static void hci_setup_link_policy(struct hci_dev *hdev)
706{
707 struct hci_cp_write_def_link_policy cp;
708 u16 link_policy = 0;
709
710 if (lmp_rswitch_capable(hdev))
711 link_policy |= HCI_LP_RSWITCH;
712 if (lmp_hold_capable(hdev))
713 link_policy |= HCI_LP_HOLD;
714 if (lmp_sniff_capable(hdev))
715 link_policy |= HCI_LP_SNIFF;
716 if (lmp_park_capable(hdev))
717 link_policy |= HCI_LP_PARK;
718
719 cp.policy = cpu_to_le16(link_policy);
720 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, sizeof(cp), &cp);
721} 468}
722 469
723static void hci_cc_read_local_commands(struct hci_dev *hdev, 470static void hci_cc_read_local_commands(struct hci_dev *hdev,
@@ -727,16 +474,8 @@ static void hci_cc_read_local_commands(struct hci_dev *hdev,
727 474
728 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 475 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
729 476
730 if (rp->status) 477 if (!rp->status)
731 goto done; 478 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
732
733 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
734
735 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
736 hci_setup_link_policy(hdev);
737
738done:
739 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
740} 479}
741 480
742static void hci_cc_read_local_features(struct hci_dev *hdev, 481static void hci_cc_read_local_features(struct hci_dev *hdev,
@@ -754,18 +493,18 @@ static void hci_cc_read_local_features(struct hci_dev *hdev,
754 /* Adjust default settings according to features 493 /* Adjust default settings according to features
755 * supported by device. */ 494 * supported by device. */
756 495
757 if (hdev->features[0] & LMP_3SLOT) 496 if (hdev->features[0][0] & LMP_3SLOT)
758 hdev->pkt_type |= (HCI_DM3 | HCI_DH3); 497 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
759 498
760 if (hdev->features[0] & LMP_5SLOT) 499 if (hdev->features[0][0] & LMP_5SLOT)
761 hdev->pkt_type |= (HCI_DM5 | HCI_DH5); 500 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
762 501
763 if (hdev->features[1] & LMP_HV2) { 502 if (hdev->features[0][1] & LMP_HV2) {
764 hdev->pkt_type |= (HCI_HV2); 503 hdev->pkt_type |= (HCI_HV2);
765 hdev->esco_type |= (ESCO_HV2); 504 hdev->esco_type |= (ESCO_HV2);
766 } 505 }
767 506
768 if (hdev->features[1] & LMP_HV3) { 507 if (hdev->features[0][1] & LMP_HV3) {
769 hdev->pkt_type |= (HCI_HV3); 508 hdev->pkt_type |= (HCI_HV3);
770 hdev->esco_type |= (ESCO_HV3); 509 hdev->esco_type |= (ESCO_HV3);
771 } 510 }
@@ -773,42 +512,26 @@ static void hci_cc_read_local_features(struct hci_dev *hdev,
773 if (lmp_esco_capable(hdev)) 512 if (lmp_esco_capable(hdev))
774 hdev->esco_type |= (ESCO_EV3); 513 hdev->esco_type |= (ESCO_EV3);
775 514
776 if (hdev->features[4] & LMP_EV4) 515 if (hdev->features[0][4] & LMP_EV4)
777 hdev->esco_type |= (ESCO_EV4); 516 hdev->esco_type |= (ESCO_EV4);
778 517
779 if (hdev->features[4] & LMP_EV5) 518 if (hdev->features[0][4] & LMP_EV5)
780 hdev->esco_type |= (ESCO_EV5); 519 hdev->esco_type |= (ESCO_EV5);
781 520
782 if (hdev->features[5] & LMP_EDR_ESCO_2M) 521 if (hdev->features[0][5] & LMP_EDR_ESCO_2M)
783 hdev->esco_type |= (ESCO_2EV3); 522 hdev->esco_type |= (ESCO_2EV3);
784 523
785 if (hdev->features[5] & LMP_EDR_ESCO_3M) 524 if (hdev->features[0][5] & LMP_EDR_ESCO_3M)
786 hdev->esco_type |= (ESCO_3EV3); 525 hdev->esco_type |= (ESCO_3EV3);
787 526
788 if (hdev->features[5] & LMP_EDR_3S_ESCO) 527 if (hdev->features[0][5] & LMP_EDR_3S_ESCO)
789 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5); 528 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
790 529
791 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name, 530 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
792 hdev->features[0], hdev->features[1], 531 hdev->features[0][0], hdev->features[0][1],
793 hdev->features[2], hdev->features[3], 532 hdev->features[0][2], hdev->features[0][3],
794 hdev->features[4], hdev->features[5], 533 hdev->features[0][4], hdev->features[0][5],
795 hdev->features[6], hdev->features[7]); 534 hdev->features[0][6], hdev->features[0][7]);
796}
797
798static void hci_set_le_support(struct hci_dev *hdev)
799{
800 struct hci_cp_write_le_host_supported cp;
801
802 memset(&cp, 0, sizeof(cp));
803
804 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
805 cp.le = 1;
806 cp.simul = lmp_le_br_capable(hdev);
807 }
808
809 if (cp.le != lmp_host_le_capable(hdev))
810 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp),
811 &cp);
812} 535}
813 536
814static void hci_cc_read_local_ext_features(struct hci_dev *hdev, 537static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
@@ -819,22 +542,12 @@ static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
819 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 542 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
820 543
821 if (rp->status) 544 if (rp->status)
822 goto done; 545 return;
823
824 switch (rp->page) {
825 case 0:
826 memcpy(hdev->features, rp->features, 8);
827 break;
828 case 1:
829 memcpy(hdev->host_features, rp->features, 8);
830 break;
831 }
832 546
833 if (test_bit(HCI_INIT, &hdev->flags) && lmp_le_capable(hdev)) 547 hdev->max_page = rp->max_page;
834 hci_set_le_support(hdev);
835 548
836done: 549 if (rp->page < HCI_MAX_PAGES)
837 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status); 550 memcpy(hdev->features[rp->page], rp->features, 8);
838} 551}
839 552
840static void hci_cc_read_flow_control_mode(struct hci_dev *hdev, 553static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
@@ -844,12 +557,8 @@ static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
844 557
845 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 558 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
846 559
847 if (rp->status) 560 if (!rp->status)
848 return; 561 hdev->flow_ctl_mode = rp->mode;
849
850 hdev->flow_ctl_mode = rp->mode;
851
852 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
853} 562}
854 563
855static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb) 564static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
@@ -886,8 +595,65 @@ static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
886 595
887 if (!rp->status) 596 if (!rp->status)
888 bacpy(&hdev->bdaddr, &rp->bdaddr); 597 bacpy(&hdev->bdaddr, &rp->bdaddr);
598}
599
600static void hci_cc_read_page_scan_activity(struct hci_dev *hdev,
601 struct sk_buff *skb)
602{
603 struct hci_rp_read_page_scan_activity *rp = (void *) skb->data;
604
605 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
889 606
890 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status); 607 if (test_bit(HCI_INIT, &hdev->flags) && !rp->status) {
608 hdev->page_scan_interval = __le16_to_cpu(rp->interval);
609 hdev->page_scan_window = __le16_to_cpu(rp->window);
610 }
611}
612
613static void hci_cc_write_page_scan_activity(struct hci_dev *hdev,
614 struct sk_buff *skb)
615{
616 u8 status = *((u8 *) skb->data);
617 struct hci_cp_write_page_scan_activity *sent;
618
619 BT_DBG("%s status 0x%2.2x", hdev->name, status);
620
621 if (status)
622 return;
623
624 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY);
625 if (!sent)
626 return;
627
628 hdev->page_scan_interval = __le16_to_cpu(sent->interval);
629 hdev->page_scan_window = __le16_to_cpu(sent->window);
630}
631
632static void hci_cc_read_page_scan_type(struct hci_dev *hdev,
633 struct sk_buff *skb)
634{
635 struct hci_rp_read_page_scan_type *rp = (void *) skb->data;
636
637 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
638
639 if (test_bit(HCI_INIT, &hdev->flags) && !rp->status)
640 hdev->page_scan_type = rp->type;
641}
642
643static void hci_cc_write_page_scan_type(struct hci_dev *hdev,
644 struct sk_buff *skb)
645{
646 u8 status = *((u8 *) skb->data);
647 u8 *type;
648
649 BT_DBG("%s status 0x%2.2x", hdev->name, status);
650
651 if (status)
652 return;
653
654 type = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE);
655 if (type)
656 hdev->page_scan_type = *type;
891} 657}
892 658
893static void hci_cc_read_data_block_size(struct hci_dev *hdev, 659static void hci_cc_read_data_block_size(struct hci_dev *hdev,
@@ -908,17 +674,6 @@ static void hci_cc_read_data_block_size(struct hci_dev *hdev,
908 674
909 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu, 675 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
910 hdev->block_cnt, hdev->block_len); 676 hdev->block_cnt, hdev->block_len);
911
912 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
913}
914
915static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
916{
917 __u8 status = *((__u8 *) skb->data);
918
919 BT_DBG("%s status 0x%2.2x", hdev->name, status);
920
921 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
922} 677}
923 678
924static void hci_cc_read_local_amp_info(struct hci_dev *hdev, 679static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
@@ -942,8 +697,6 @@ static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
942 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to); 697 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
943 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to); 698 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
944 699
945 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
946
947a2mp_rsp: 700a2mp_rsp:
948 a2mp_send_getinfo_rsp(hdev); 701 a2mp_send_getinfo_rsp(hdev);
949} 702}
@@ -985,35 +738,6 @@ a2mp_rsp:
985 a2mp_send_create_phy_link_req(hdev, rp->status); 738 a2mp_send_create_phy_link_req(hdev, rp->status);
986} 739}
987 740
988static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
989 struct sk_buff *skb)
990{
991 __u8 status = *((__u8 *) skb->data);
992
993 BT_DBG("%s status 0x%2.2x", hdev->name, status);
994
995 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
996}
997
998static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
999{
1000 __u8 status = *((__u8 *) skb->data);
1001
1002 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1003
1004 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
1005}
1006
1007static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
1008 struct sk_buff *skb)
1009{
1010 __u8 status = *((__u8 *) skb->data);
1011
1012 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1013
1014 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
1015}
1016
1017static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev, 741static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
1018 struct sk_buff *skb) 742 struct sk_buff *skb)
1019{ 743{
@@ -1023,17 +747,6 @@ static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
1023 747
1024 if (!rp->status) 748 if (!rp->status)
1025 hdev->inq_tx_power = rp->tx_power; 749 hdev->inq_tx_power = rp->tx_power;
1026
1027 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, rp->status);
1028}
1029
1030static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
1031{
1032 __u8 status = *((__u8 *) skb->data);
1033
1034 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1035
1036 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
1037} 750}
1038 751
1039static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb) 752static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
@@ -1095,8 +808,6 @@ static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
1095 hdev->le_cnt = hdev->le_pkts; 808 hdev->le_cnt = hdev->le_pkts;
1096 809
1097 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts); 810 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
1098
1099 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
1100} 811}
1101 812
1102static void hci_cc_le_read_local_features(struct hci_dev *hdev, 813static void hci_cc_le_read_local_features(struct hci_dev *hdev,
@@ -1108,8 +819,6 @@ static void hci_cc_le_read_local_features(struct hci_dev *hdev,
1108 819
1109 if (!rp->status) 820 if (!rp->status)
1110 memcpy(hdev->le_features, rp->features, 8); 821 memcpy(hdev->le_features, rp->features, 8);
1111
1112 hci_req_complete(hdev, HCI_OP_LE_READ_LOCAL_FEATURES, rp->status);
1113} 822}
1114 823
1115static void hci_cc_le_read_adv_tx_power(struct hci_dev *hdev, 824static void hci_cc_le_read_adv_tx_power(struct hci_dev *hdev,
@@ -1119,22 +828,8 @@ static void hci_cc_le_read_adv_tx_power(struct hci_dev *hdev,
1119 828
1120 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 829 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1121 830
1122 if (!rp->status) { 831 if (!rp->status)
1123 hdev->adv_tx_power = rp->tx_power; 832 hdev->adv_tx_power = rp->tx_power;
1124 if (!test_bit(HCI_INIT, &hdev->flags))
1125 hci_update_ad(hdev);
1126 }
1127
1128 hci_req_complete(hdev, HCI_OP_LE_READ_ADV_TX_POWER, rp->status);
1129}
1130
1131static void hci_cc_le_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
1132{
1133 __u8 status = *((__u8 *) skb->data);
1134
1135 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1136
1137 hci_req_complete(hdev, HCI_OP_LE_SET_EVENT_MASK, status);
1138} 833}
1139 834
1140static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb) 835static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
@@ -1231,12 +926,15 @@ static void hci_cc_le_set_adv_enable(struct hci_dev *hdev, struct sk_buff *skb)
1231 clear_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags); 926 clear_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags);
1232 } 927 }
1233 928
1234 hci_dev_unlock(hdev); 929 if (!test_bit(HCI_INIT, &hdev->flags)) {
930 struct hci_request req;
1235 931
1236 if (!test_bit(HCI_INIT, &hdev->flags)) 932 hci_req_init(&req, hdev);
1237 hci_update_ad(hdev); 933 hci_update_ad(&req);
934 hci_req_run(&req, NULL);
935 }
1238 936
1239 hci_req_complete(hdev, HCI_OP_LE_SET_ADV_ENABLE, status); 937 hci_dev_unlock(hdev);
1240} 938}
1241 939
1242static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb) 940static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
@@ -1245,8 +943,6 @@ static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1245 943
1246 BT_DBG("%s status 0x%2.2x", hdev->name, status); 944 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1247 945
1248 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_PARAM, status);
1249
1250 if (status) { 946 if (status) {
1251 hci_dev_lock(hdev); 947 hci_dev_lock(hdev);
1252 mgmt_start_discovery_failed(hdev, status); 948 mgmt_start_discovery_failed(hdev, status);
@@ -1268,9 +964,7 @@ static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1268 return; 964 return;
1269 965
1270 switch (cp->enable) { 966 switch (cp->enable) {
1271 case LE_SCANNING_ENABLED: 967 case LE_SCAN_ENABLE:
1272 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_ENABLE, status);
1273
1274 if (status) { 968 if (status) {
1275 hci_dev_lock(hdev); 969 hci_dev_lock(hdev);
1276 mgmt_start_discovery_failed(hdev, status); 970 mgmt_start_discovery_failed(hdev, status);
@@ -1285,7 +979,7 @@ static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1285 hci_dev_unlock(hdev); 979 hci_dev_unlock(hdev);
1286 break; 980 break;
1287 981
1288 case LE_SCANNING_DISABLED: 982 case LE_SCAN_DISABLE:
1289 if (status) { 983 if (status) {
1290 hci_dev_lock(hdev); 984 hci_dev_lock(hdev);
1291 mgmt_stop_discovery_failed(hdev, status); 985 mgmt_stop_discovery_failed(hdev, status);
@@ -1321,32 +1015,6 @@ static void hci_cc_le_read_white_list_size(struct hci_dev *hdev,
1321 1015
1322 if (!rp->status) 1016 if (!rp->status)
1323 hdev->le_white_list_size = rp->size; 1017 hdev->le_white_list_size = rp->size;
1324
1325 hci_req_complete(hdev, HCI_OP_LE_READ_WHITE_LIST_SIZE, rp->status);
1326}
1327
1328static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1329{
1330 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1331
1332 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1333
1334 if (rp->status)
1335 return;
1336
1337 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1338}
1339
1340static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1341{
1342 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1343
1344 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1345
1346 if (rp->status)
1347 return;
1348
1349 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1350} 1018}
1351 1019
1352static void hci_cc_le_read_supported_states(struct hci_dev *hdev, 1020static void hci_cc_le_read_supported_states(struct hci_dev *hdev,
@@ -1358,8 +1026,6 @@ static void hci_cc_le_read_supported_states(struct hci_dev *hdev,
1358 1026
1359 if (!rp->status) 1027 if (!rp->status)
1360 memcpy(hdev->le_states, rp->le_states, 8); 1028 memcpy(hdev->le_states, rp->le_states, 8);
1361
1362 hci_req_complete(hdev, HCI_OP_LE_READ_SUPPORTED_STATES, rp->status);
1363} 1029}
1364 1030
1365static void hci_cc_write_le_host_supported(struct hci_dev *hdev, 1031static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
@@ -1376,21 +1042,19 @@ static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1376 1042
1377 if (!status) { 1043 if (!status) {
1378 if (sent->le) 1044 if (sent->le)
1379 hdev->host_features[0] |= LMP_HOST_LE; 1045 hdev->features[1][0] |= LMP_HOST_LE;
1380 else 1046 else
1381 hdev->host_features[0] &= ~LMP_HOST_LE; 1047 hdev->features[1][0] &= ~LMP_HOST_LE;
1382 1048
1383 if (sent->simul) 1049 if (sent->simul)
1384 hdev->host_features[0] |= LMP_HOST_LE_BREDR; 1050 hdev->features[1][0] |= LMP_HOST_LE_BREDR;
1385 else 1051 else
1386 hdev->host_features[0] &= ~LMP_HOST_LE_BREDR; 1052 hdev->features[1][0] &= ~LMP_HOST_LE_BREDR;
1387 } 1053 }
1388 1054
1389 if (test_bit(HCI_MGMT, &hdev->dev_flags) && 1055 if (test_bit(HCI_MGMT, &hdev->dev_flags) &&
1390 !test_bit(HCI_INIT, &hdev->flags)) 1056 !test_bit(HCI_INIT, &hdev->flags))
1391 mgmt_le_enable_complete(hdev, sent->le, status); 1057 mgmt_le_enable_complete(hdev, sent->le, status);
1392
1393 hci_req_complete(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, status);
1394} 1058}
1395 1059
1396static void hci_cc_write_remote_amp_assoc(struct hci_dev *hdev, 1060static void hci_cc_write_remote_amp_assoc(struct hci_dev *hdev,
@@ -1412,7 +1076,6 @@ static void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
1412 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1076 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1413 1077
1414 if (status) { 1078 if (status) {
1415 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1416 hci_conn_check_pending(hdev); 1079 hci_conn_check_pending(hdev);
1417 hci_dev_lock(hdev); 1080 hci_dev_lock(hdev);
1418 if (test_bit(HCI_MGMT, &hdev->dev_flags)) 1081 if (test_bit(HCI_MGMT, &hdev->dev_flags))
@@ -1523,7 +1186,7 @@ static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1523 if (conn) { 1186 if (conn) {
1524 if (conn->state == BT_CONFIG) { 1187 if (conn->state == BT_CONFIG) {
1525 hci_proto_connect_cfm(conn, status); 1188 hci_proto_connect_cfm(conn, status);
1526 hci_conn_put(conn); 1189 hci_conn_drop(conn);
1527 } 1190 }
1528 } 1191 }
1529 1192
@@ -1550,7 +1213,7 @@ static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1550 if (conn) { 1213 if (conn) {
1551 if (conn->state == BT_CONFIG) { 1214 if (conn->state == BT_CONFIG) {
1552 hci_proto_connect_cfm(conn, status); 1215 hci_proto_connect_cfm(conn, status);
1553 hci_conn_put(conn); 1216 hci_conn_drop(conn);
1554 } 1217 }
1555 } 1218 }
1556 1219
@@ -1712,7 +1375,7 @@ static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1712 if (conn) { 1375 if (conn) {
1713 if (conn->state == BT_CONFIG) { 1376 if (conn->state == BT_CONFIG) {
1714 hci_proto_connect_cfm(conn, status); 1377 hci_proto_connect_cfm(conn, status);
1715 hci_conn_put(conn); 1378 hci_conn_drop(conn);
1716 } 1379 }
1717 } 1380 }
1718 1381
@@ -1739,7 +1402,7 @@ static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1739 if (conn) { 1402 if (conn) {
1740 if (conn->state == BT_CONFIG) { 1403 if (conn->state == BT_CONFIG) {
1741 hci_proto_connect_cfm(conn, status); 1404 hci_proto_connect_cfm(conn, status);
1742 hci_conn_put(conn); 1405 hci_conn_drop(conn);
1743 } 1406 }
1744 } 1407 }
1745 1408
@@ -1884,11 +1547,6 @@ static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1884 } 1547 }
1885} 1548}
1886 1549
1887static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1888{
1889 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1890}
1891
1892static void hci_cs_create_phylink(struct hci_dev *hdev, u8 status) 1550static void hci_cs_create_phylink(struct hci_dev *hdev, u8 status)
1893{ 1551{
1894 struct hci_cp_create_phy_link *cp; 1552 struct hci_cp_create_phy_link *cp;
@@ -1930,11 +1588,6 @@ static void hci_cs_accept_phylink(struct hci_dev *hdev, u8 status)
1930 amp_write_remote_assoc(hdev, cp->phy_handle); 1588 amp_write_remote_assoc(hdev, cp->phy_handle);
1931} 1589}
1932 1590
1933static void hci_cs_create_logical_link(struct hci_dev *hdev, u8 status)
1934{
1935 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1936}
1937
1938static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1591static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1939{ 1592{
1940 __u8 status = *((__u8 *) skb->data); 1593 __u8 status = *((__u8 *) skb->data);
@@ -1943,13 +1596,14 @@ static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1943 1596
1944 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1597 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1945 1598
1946 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1947
1948 hci_conn_check_pending(hdev); 1599 hci_conn_check_pending(hdev);
1949 1600
1950 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags)) 1601 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1951 return; 1602 return;
1952 1603
1604 smp_mb__after_clear_bit(); /* wake_up_bit advises about this barrier */
1605 wake_up_bit(&hdev->flags, HCI_INQUIRY);
1606
1953 if (!test_bit(HCI_MGMT, &hdev->dev_flags)) 1607 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
1954 return; 1608 return;
1955 1609
@@ -2048,7 +1702,6 @@ static void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2048 } else 1702 } else
2049 conn->state = BT_CONNECTED; 1703 conn->state = BT_CONNECTED;
2050 1704
2051 hci_conn_hold_device(conn);
2052 hci_conn_add_sysfs(conn); 1705 hci_conn_add_sysfs(conn);
2053 1706
2054 if (test_bit(HCI_AUTH, &hdev->flags)) 1707 if (test_bit(HCI_AUTH, &hdev->flags))
@@ -2095,42 +1748,6 @@ unlock:
2095 hci_conn_check_pending(hdev); 1748 hci_conn_check_pending(hdev);
2096} 1749}
2097 1750
2098void hci_conn_accept(struct hci_conn *conn, int mask)
2099{
2100 struct hci_dev *hdev = conn->hdev;
2101
2102 BT_DBG("conn %p", conn);
2103
2104 conn->state = BT_CONFIG;
2105
2106 if (!lmp_esco_capable(hdev)) {
2107 struct hci_cp_accept_conn_req cp;
2108
2109 bacpy(&cp.bdaddr, &conn->dst);
2110
2111 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
2112 cp.role = 0x00; /* Become master */
2113 else
2114 cp.role = 0x01; /* Remain slave */
2115
2116 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp), &cp);
2117 } else /* lmp_esco_capable(hdev)) */ {
2118 struct hci_cp_accept_sync_conn_req cp;
2119
2120 bacpy(&cp.bdaddr, &conn->dst);
2121 cp.pkt_type = cpu_to_le16(conn->pkt_type);
2122
2123 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
2124 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
2125 cp.max_latency = __constant_cpu_to_le16(0xffff);
2126 cp.content_format = cpu_to_le16(hdev->voice_setting);
2127 cp.retrans_effort = 0xff;
2128
2129 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
2130 sizeof(cp), &cp);
2131 }
2132}
2133
2134static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb) 1751static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2135{ 1752{
2136 struct hci_ev_conn_request *ev = (void *) skb->data; 1753 struct hci_ev_conn_request *ev = (void *) skb->data;
@@ -2202,7 +1819,6 @@ static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2202 } else { 1819 } else {
2203 conn->state = BT_CONNECT2; 1820 conn->state = BT_CONNECT2;
2204 hci_proto_connect_cfm(conn, 0); 1821 hci_proto_connect_cfm(conn, 0);
2205 hci_conn_put(conn);
2206 } 1822 }
2207 } else { 1823 } else {
2208 /* Connection rejected */ 1824 /* Connection rejected */
@@ -2309,14 +1925,14 @@ static void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2309 } else { 1925 } else {
2310 conn->state = BT_CONNECTED; 1926 conn->state = BT_CONNECTED;
2311 hci_proto_connect_cfm(conn, ev->status); 1927 hci_proto_connect_cfm(conn, ev->status);
2312 hci_conn_put(conn); 1928 hci_conn_drop(conn);
2313 } 1929 }
2314 } else { 1930 } else {
2315 hci_auth_cfm(conn, ev->status); 1931 hci_auth_cfm(conn, ev->status);
2316 1932
2317 hci_conn_hold(conn); 1933 hci_conn_hold(conn);
2318 conn->disc_timeout = HCI_DISCONN_TIMEOUT; 1934 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2319 hci_conn_put(conn); 1935 hci_conn_drop(conn);
2320 } 1936 }
2321 1937
2322 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) { 1938 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
@@ -2399,8 +2015,8 @@ static void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2399 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags); 2015 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
2400 2016
2401 if (ev->status && conn->state == BT_CONNECTED) { 2017 if (ev->status && conn->state == BT_CONNECTED) {
2402 hci_acl_disconn(conn, HCI_ERROR_AUTH_FAILURE); 2018 hci_disconnect(conn, HCI_ERROR_AUTH_FAILURE);
2403 hci_conn_put(conn); 2019 hci_conn_drop(conn);
2404 goto unlock; 2020 goto unlock;
2405 } 2021 }
2406 2022
@@ -2409,7 +2025,7 @@ static void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2409 conn->state = BT_CONNECTED; 2025 conn->state = BT_CONNECTED;
2410 2026
2411 hci_proto_connect_cfm(conn, ev->status); 2027 hci_proto_connect_cfm(conn, ev->status);
2412 hci_conn_put(conn); 2028 hci_conn_drop(conn);
2413 } else 2029 } else
2414 hci_encrypt_cfm(conn, ev->status, ev->encrypt); 2030 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
2415 } 2031 }
@@ -2456,7 +2072,7 @@ static void hci_remote_features_evt(struct hci_dev *hdev,
2456 goto unlock; 2072 goto unlock;
2457 2073
2458 if (!ev->status) 2074 if (!ev->status)
2459 memcpy(conn->features, ev->features, 8); 2075 memcpy(conn->features[0], ev->features, 8);
2460 2076
2461 if (conn->state != BT_CONFIG) 2077 if (conn->state != BT_CONFIG)
2462 goto unlock; 2078 goto unlock;
@@ -2484,27 +2100,17 @@ static void hci_remote_features_evt(struct hci_dev *hdev,
2484 if (!hci_outgoing_auth_needed(hdev, conn)) { 2100 if (!hci_outgoing_auth_needed(hdev, conn)) {
2485 conn->state = BT_CONNECTED; 2101 conn->state = BT_CONNECTED;
2486 hci_proto_connect_cfm(conn, ev->status); 2102 hci_proto_connect_cfm(conn, ev->status);
2487 hci_conn_put(conn); 2103 hci_conn_drop(conn);
2488 } 2104 }
2489 2105
2490unlock: 2106unlock:
2491 hci_dev_unlock(hdev); 2107 hci_dev_unlock(hdev);
2492} 2108}
2493 2109
2494static void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
2495{
2496 BT_DBG("%s", hdev->name);
2497}
2498
2499static void hci_qos_setup_complete_evt(struct hci_dev *hdev,
2500 struct sk_buff *skb)
2501{
2502 BT_DBG("%s", hdev->name);
2503}
2504
2505static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 2110static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2506{ 2111{
2507 struct hci_ev_cmd_complete *ev = (void *) skb->data; 2112 struct hci_ev_cmd_complete *ev = (void *) skb->data;
2113 u8 status = skb->data[sizeof(*ev)];
2508 __u16 opcode; 2114 __u16 opcode;
2509 2115
2510 skb_pull(skb, sizeof(*ev)); 2116 skb_pull(skb, sizeof(*ev));
@@ -2588,10 +2194,6 @@ static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2588 hci_cc_write_voice_setting(hdev, skb); 2194 hci_cc_write_voice_setting(hdev, skb);
2589 break; 2195 break;
2590 2196
2591 case HCI_OP_HOST_BUFFER_SIZE:
2592 hci_cc_host_buffer_size(hdev, skb);
2593 break;
2594
2595 case HCI_OP_WRITE_SSP_MODE: 2197 case HCI_OP_WRITE_SSP_MODE:
2596 hci_cc_write_ssp_mode(hdev, skb); 2198 hci_cc_write_ssp_mode(hdev, skb);
2597 break; 2199 break;
@@ -2620,46 +2222,42 @@ static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2620 hci_cc_read_bd_addr(hdev, skb); 2222 hci_cc_read_bd_addr(hdev, skb);
2621 break; 2223 break;
2622 2224
2623 case HCI_OP_READ_DATA_BLOCK_SIZE: 2225 case HCI_OP_READ_PAGE_SCAN_ACTIVITY:
2624 hci_cc_read_data_block_size(hdev, skb); 2226 hci_cc_read_page_scan_activity(hdev, skb);
2625 break; 2227 break;
2626 2228
2627 case HCI_OP_WRITE_CA_TIMEOUT: 2229 case HCI_OP_WRITE_PAGE_SCAN_ACTIVITY:
2628 hci_cc_write_ca_timeout(hdev, skb); 2230 hci_cc_write_page_scan_activity(hdev, skb);
2629 break; 2231 break;
2630 2232
2631 case HCI_OP_READ_FLOW_CONTROL_MODE: 2233 case HCI_OP_READ_PAGE_SCAN_TYPE:
2632 hci_cc_read_flow_control_mode(hdev, skb); 2234 hci_cc_read_page_scan_type(hdev, skb);
2633 break; 2235 break;
2634 2236
2635 case HCI_OP_READ_LOCAL_AMP_INFO: 2237 case HCI_OP_WRITE_PAGE_SCAN_TYPE:
2636 hci_cc_read_local_amp_info(hdev, skb); 2238 hci_cc_write_page_scan_type(hdev, skb);
2637 break; 2239 break;
2638 2240
2639 case HCI_OP_READ_LOCAL_AMP_ASSOC: 2241 case HCI_OP_READ_DATA_BLOCK_SIZE:
2640 hci_cc_read_local_amp_assoc(hdev, skb); 2242 hci_cc_read_data_block_size(hdev, skb);
2641 break; 2243 break;
2642 2244
2643 case HCI_OP_DELETE_STORED_LINK_KEY: 2245 case HCI_OP_READ_FLOW_CONTROL_MODE:
2644 hci_cc_delete_stored_link_key(hdev, skb); 2246 hci_cc_read_flow_control_mode(hdev, skb);
2645 break; 2247 break;
2646 2248
2647 case HCI_OP_SET_EVENT_MASK: 2249 case HCI_OP_READ_LOCAL_AMP_INFO:
2648 hci_cc_set_event_mask(hdev, skb); 2250 hci_cc_read_local_amp_info(hdev, skb);
2649 break; 2251 break;
2650 2252
2651 case HCI_OP_WRITE_INQUIRY_MODE: 2253 case HCI_OP_READ_LOCAL_AMP_ASSOC:
2652 hci_cc_write_inquiry_mode(hdev, skb); 2254 hci_cc_read_local_amp_assoc(hdev, skb);
2653 break; 2255 break;
2654 2256
2655 case HCI_OP_READ_INQ_RSP_TX_POWER: 2257 case HCI_OP_READ_INQ_RSP_TX_POWER:
2656 hci_cc_read_inq_rsp_tx_power(hdev, skb); 2258 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2657 break; 2259 break;
2658 2260
2659 case HCI_OP_SET_EVENT_FLT:
2660 hci_cc_set_event_flt(hdev, skb);
2661 break;
2662
2663 case HCI_OP_PIN_CODE_REPLY: 2261 case HCI_OP_PIN_CODE_REPLY:
2664 hci_cc_pin_code_reply(hdev, skb); 2262 hci_cc_pin_code_reply(hdev, skb);
2665 break; 2263 break;
@@ -2684,10 +2282,6 @@ static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2684 hci_cc_le_read_adv_tx_power(hdev, skb); 2282 hci_cc_le_read_adv_tx_power(hdev, skb);
2685 break; 2283 break;
2686 2284
2687 case HCI_OP_LE_SET_EVENT_MASK:
2688 hci_cc_le_set_event_mask(hdev, skb);
2689 break;
2690
2691 case HCI_OP_USER_CONFIRM_REPLY: 2285 case HCI_OP_USER_CONFIRM_REPLY:
2692 hci_cc_user_confirm_reply(hdev, skb); 2286 hci_cc_user_confirm_reply(hdev, skb);
2693 break; 2287 break;
@@ -2720,14 +2314,6 @@ static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2720 hci_cc_le_read_white_list_size(hdev, skb); 2314 hci_cc_le_read_white_list_size(hdev, skb);
2721 break; 2315 break;
2722 2316
2723 case HCI_OP_LE_LTK_REPLY:
2724 hci_cc_le_ltk_reply(hdev, skb);
2725 break;
2726
2727 case HCI_OP_LE_LTK_NEG_REPLY:
2728 hci_cc_le_ltk_neg_reply(hdev, skb);
2729 break;
2730
2731 case HCI_OP_LE_READ_SUPPORTED_STATES: 2317 case HCI_OP_LE_READ_SUPPORTED_STATES:
2732 hci_cc_le_read_supported_states(hdev, skb); 2318 hci_cc_le_read_supported_states(hdev, skb);
2733 break; 2319 break;
@@ -2745,9 +2331,11 @@ static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2745 break; 2331 break;
2746 } 2332 }
2747 2333
2748 if (ev->opcode != HCI_OP_NOP) 2334 if (opcode != HCI_OP_NOP)
2749 del_timer(&hdev->cmd_timer); 2335 del_timer(&hdev->cmd_timer);
2750 2336
2337 hci_req_cmd_complete(hdev, opcode, status);
2338
2751 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) { 2339 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
2752 atomic_set(&hdev->cmd_cnt, 1); 2340 atomic_set(&hdev->cmd_cnt, 1);
2753 if (!skb_queue_empty(&hdev->cmd_q)) 2341 if (!skb_queue_empty(&hdev->cmd_q))
@@ -2817,10 +2405,6 @@ static void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2817 hci_cs_le_create_conn(hdev, ev->status); 2405 hci_cs_le_create_conn(hdev, ev->status);
2818 break; 2406 break;
2819 2407
2820 case HCI_OP_LE_START_ENC:
2821 hci_cs_le_start_enc(hdev, ev->status);
2822 break;
2823
2824 case HCI_OP_CREATE_PHY_LINK: 2408 case HCI_OP_CREATE_PHY_LINK:
2825 hci_cs_create_phylink(hdev, ev->status); 2409 hci_cs_create_phylink(hdev, ev->status);
2826 break; 2410 break;
@@ -2829,18 +2413,18 @@ static void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2829 hci_cs_accept_phylink(hdev, ev->status); 2413 hci_cs_accept_phylink(hdev, ev->status);
2830 break; 2414 break;
2831 2415
2832 case HCI_OP_CREATE_LOGICAL_LINK:
2833 hci_cs_create_logical_link(hdev, ev->status);
2834 break;
2835
2836 default: 2416 default:
2837 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode); 2417 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
2838 break; 2418 break;
2839 } 2419 }
2840 2420
2841 if (ev->opcode != HCI_OP_NOP) 2421 if (opcode != HCI_OP_NOP)
2842 del_timer(&hdev->cmd_timer); 2422 del_timer(&hdev->cmd_timer);
2843 2423
2424 if (ev->status ||
2425 (hdev->sent_cmd && !bt_cb(hdev->sent_cmd)->req.event))
2426 hci_req_cmd_complete(hdev, opcode, ev->status);
2427
2844 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) { 2428 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
2845 atomic_set(&hdev->cmd_cnt, 1); 2429 atomic_set(&hdev->cmd_cnt, 1);
2846 if (!skb_queue_empty(&hdev->cmd_q)) 2430 if (!skb_queue_empty(&hdev->cmd_q))
@@ -3056,7 +2640,7 @@ static void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
3056 if (conn->state == BT_CONNECTED) { 2640 if (conn->state == BT_CONNECTED) {
3057 hci_conn_hold(conn); 2641 hci_conn_hold(conn);
3058 conn->disc_timeout = HCI_PAIRING_TIMEOUT; 2642 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
3059 hci_conn_put(conn); 2643 hci_conn_drop(conn);
3060 } 2644 }
3061 2645
3062 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags)) 2646 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
@@ -3159,7 +2743,7 @@ static void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
3159 if (ev->key_type != HCI_LK_CHANGED_COMBINATION) 2743 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
3160 conn->key_type = ev->key_type; 2744 conn->key_type = ev->key_type;
3161 2745
3162 hci_conn_put(conn); 2746 hci_conn_drop(conn);
3163 } 2747 }
3164 2748
3165 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags)) 2749 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
@@ -3300,6 +2884,9 @@ static void hci_remote_ext_features_evt(struct hci_dev *hdev,
3300 if (!conn) 2884 if (!conn)
3301 goto unlock; 2885 goto unlock;
3302 2886
2887 if (ev->page < HCI_MAX_PAGES)
2888 memcpy(conn->features[ev->page], ev->features, 8);
2889
3303 if (!ev->status && ev->page == 0x01) { 2890 if (!ev->status && ev->page == 0x01) {
3304 struct inquiry_entry *ie; 2891 struct inquiry_entry *ie;
3305 2892
@@ -3307,8 +2894,19 @@ static void hci_remote_ext_features_evt(struct hci_dev *hdev,
3307 if (ie) 2894 if (ie)
3308 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP); 2895 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
3309 2896
3310 if (ev->features[0] & LMP_HOST_SSP) 2897 if (ev->features[0] & LMP_HOST_SSP) {
3311 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags); 2898 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
2899 } else {
2900 /* It is mandatory by the Bluetooth specification that
2901 * Extended Inquiry Results are only used when Secure
2902 * Simple Pairing is enabled, but some devices violate
2903 * this.
2904 *
2905 * To make these devices work, the internal SSP
2906 * enabled flag needs to be cleared if the remote host
2907 * features do not indicate SSP support */
2908 clear_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
2909 }
3312 } 2910 }
3313 2911
3314 if (conn->state != BT_CONFIG) 2912 if (conn->state != BT_CONFIG)
@@ -3328,7 +2926,7 @@ static void hci_remote_ext_features_evt(struct hci_dev *hdev,
3328 if (!hci_outgoing_auth_needed(hdev, conn)) { 2926 if (!hci_outgoing_auth_needed(hdev, conn)) {
3329 conn->state = BT_CONNECTED; 2927 conn->state = BT_CONNECTED;
3330 hci_proto_connect_cfm(conn, ev->status); 2928 hci_proto_connect_cfm(conn, ev->status);
3331 hci_conn_put(conn); 2929 hci_conn_drop(conn);
3332 } 2930 }
3333 2931
3334unlock: 2932unlock:
@@ -3362,7 +2960,6 @@ static void hci_sync_conn_complete_evt(struct hci_dev *hdev,
3362 conn->handle = __le16_to_cpu(ev->handle); 2960 conn->handle = __le16_to_cpu(ev->handle);
3363 conn->state = BT_CONNECTED; 2961 conn->state = BT_CONNECTED;
3364 2962
3365 hci_conn_hold_device(conn);
3366 hci_conn_add_sysfs(conn); 2963 hci_conn_add_sysfs(conn);
3367 break; 2964 break;
3368 2965
@@ -3391,18 +2988,6 @@ unlock:
3391 hci_dev_unlock(hdev); 2988 hci_dev_unlock(hdev);
3392} 2989}
3393 2990
3394static void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
3395{
3396 BT_DBG("%s", hdev->name);
3397}
3398
3399static void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
3400{
3401 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
3402
3403 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3404}
3405
3406static void hci_extended_inquiry_result_evt(struct hci_dev *hdev, 2991static void hci_extended_inquiry_result_evt(struct hci_dev *hdev,
3407 struct sk_buff *skb) 2992 struct sk_buff *skb)
3408{ 2993{
@@ -3472,8 +3057,8 @@ static void hci_key_refresh_complete_evt(struct hci_dev *hdev,
3472 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags); 3057 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
3473 3058
3474 if (ev->status && conn->state == BT_CONNECTED) { 3059 if (ev->status && conn->state == BT_CONNECTED) {
3475 hci_acl_disconn(conn, HCI_ERROR_AUTH_FAILURE); 3060 hci_disconnect(conn, HCI_ERROR_AUTH_FAILURE);
3476 hci_conn_put(conn); 3061 hci_conn_drop(conn);
3477 goto unlock; 3062 goto unlock;
3478 } 3063 }
3479 3064
@@ -3482,13 +3067,13 @@ static void hci_key_refresh_complete_evt(struct hci_dev *hdev,
3482 conn->state = BT_CONNECTED; 3067 conn->state = BT_CONNECTED;
3483 3068
3484 hci_proto_connect_cfm(conn, ev->status); 3069 hci_proto_connect_cfm(conn, ev->status);
3485 hci_conn_put(conn); 3070 hci_conn_drop(conn);
3486 } else { 3071 } else {
3487 hci_auth_cfm(conn, ev->status); 3072 hci_auth_cfm(conn, ev->status);
3488 3073
3489 hci_conn_hold(conn); 3074 hci_conn_hold(conn);
3490 conn->disc_timeout = HCI_DISCONN_TIMEOUT; 3075 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
3491 hci_conn_put(conn); 3076 hci_conn_drop(conn);
3492 } 3077 }
3493 3078
3494unlock: 3079unlock:
@@ -3749,7 +3334,7 @@ static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
3749 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type, 3334 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
3750 ev->status); 3335 ev->status);
3751 3336
3752 hci_conn_put(conn); 3337 hci_conn_drop(conn);
3753 3338
3754unlock: 3339unlock:
3755 hci_dev_unlock(hdev); 3340 hci_dev_unlock(hdev);
@@ -3760,11 +3345,16 @@ static void hci_remote_host_features_evt(struct hci_dev *hdev,
3760{ 3345{
3761 struct hci_ev_remote_host_features *ev = (void *) skb->data; 3346 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3762 struct inquiry_entry *ie; 3347 struct inquiry_entry *ie;
3348 struct hci_conn *conn;
3763 3349
3764 BT_DBG("%s", hdev->name); 3350 BT_DBG("%s", hdev->name);
3765 3351
3766 hci_dev_lock(hdev); 3352 hci_dev_lock(hdev);
3767 3353
3354 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3355 if (conn)
3356 memcpy(conn->features[1], ev->features, 8);
3357
3768 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr); 3358 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3769 if (ie) 3359 if (ie)
3770 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP); 3360 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
@@ -3837,9 +3427,8 @@ static void hci_phy_link_complete_evt(struct hci_dev *hdev,
3837 3427
3838 hci_conn_hold(hcon); 3428 hci_conn_hold(hcon);
3839 hcon->disc_timeout = HCI_DISCONN_TIMEOUT; 3429 hcon->disc_timeout = HCI_DISCONN_TIMEOUT;
3840 hci_conn_put(hcon); 3430 hci_conn_drop(hcon);
3841 3431
3842 hci_conn_hold_device(hcon);
3843 hci_conn_add_sysfs(hcon); 3432 hci_conn_add_sysfs(hcon);
3844 3433
3845 amp_physical_cfm(bredr_hcon, hcon); 3434 amp_physical_cfm(bredr_hcon, hcon);
@@ -3973,7 +3562,6 @@ static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3973 conn->handle = __le16_to_cpu(ev->handle); 3562 conn->handle = __le16_to_cpu(ev->handle);
3974 conn->state = BT_CONNECTED; 3563 conn->state = BT_CONNECTED;
3975 3564
3976 hci_conn_hold_device(conn);
3977 hci_conn_add_sysfs(conn); 3565 hci_conn_add_sysfs(conn);
3978 3566
3979 hci_proto_connect_cfm(conn, ev->status); 3567 hci_proto_connect_cfm(conn, ev->status);
@@ -4087,8 +3675,27 @@ void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
4087 struct hci_event_hdr *hdr = (void *) skb->data; 3675 struct hci_event_hdr *hdr = (void *) skb->data;
4088 __u8 event = hdr->evt; 3676 __u8 event = hdr->evt;
4089 3677
3678 hci_dev_lock(hdev);
3679
3680 /* Received events are (currently) only needed when a request is
3681 * ongoing so avoid unnecessary memory allocation.
3682 */
3683 if (hdev->req_status == HCI_REQ_PEND) {
3684 kfree_skb(hdev->recv_evt);
3685 hdev->recv_evt = skb_clone(skb, GFP_KERNEL);
3686 }
3687
3688 hci_dev_unlock(hdev);
3689
4090 skb_pull(skb, HCI_EVENT_HDR_SIZE); 3690 skb_pull(skb, HCI_EVENT_HDR_SIZE);
4091 3691
3692 if (hdev->sent_cmd && bt_cb(hdev->sent_cmd)->req.event == event) {
3693 struct hci_command_hdr *hdr = (void *) hdev->sent_cmd->data;
3694 u16 opcode = __le16_to_cpu(hdr->opcode);
3695
3696 hci_req_cmd_complete(hdev, opcode, 0);
3697 }
3698
4092 switch (event) { 3699 switch (event) {
4093 case HCI_EV_INQUIRY_COMPLETE: 3700 case HCI_EV_INQUIRY_COMPLETE:
4094 hci_inquiry_complete_evt(hdev, skb); 3701 hci_inquiry_complete_evt(hdev, skb);
@@ -4130,14 +3737,6 @@ void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
4130 hci_remote_features_evt(hdev, skb); 3737 hci_remote_features_evt(hdev, skb);
4131 break; 3738 break;
4132 3739
4133 case HCI_EV_REMOTE_VERSION:
4134 hci_remote_version_evt(hdev, skb);
4135 break;
4136
4137 case HCI_EV_QOS_SETUP_COMPLETE:
4138 hci_qos_setup_complete_evt(hdev, skb);
4139 break;
4140
4141 case HCI_EV_CMD_COMPLETE: 3740 case HCI_EV_CMD_COMPLETE:
4142 hci_cmd_complete_evt(hdev, skb); 3741 hci_cmd_complete_evt(hdev, skb);
4143 break; 3742 break;
@@ -4194,14 +3793,6 @@ void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
4194 hci_sync_conn_complete_evt(hdev, skb); 3793 hci_sync_conn_complete_evt(hdev, skb);
4195 break; 3794 break;
4196 3795
4197 case HCI_EV_SYNC_CONN_CHANGED:
4198 hci_sync_conn_changed_evt(hdev, skb);
4199 break;
4200
4201 case HCI_EV_SNIFF_SUBRATE:
4202 hci_sniff_subrate_evt(hdev, skb);
4203 break;
4204
4205 case HCI_EV_EXTENDED_INQUIRY_RESULT: 3796 case HCI_EV_EXTENDED_INQUIRY_RESULT:
4206 hci_extended_inquiry_result_evt(hdev, skb); 3797 hci_extended_inquiry_result_evt(hdev, skb);
4207 break; 3798 break;
generated by cgit v1.2.2 (git 2.25.0) at 2025-02-16 23:47:59 -0500