1 files changed, 152 insertions, 66 deletions
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index 41ff978a33f9..2022b43c7353 100644
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -29,6 +29,7 @@
 #include <net/bluetooth/bluetooth.h>
 #include <net/bluetooth/hci_core.h>
+#include <net/bluetooth/mgmt.h>
 /* Handle HCI Event packets */
@@ -303,7 +304,7 @@ static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
        hci_dev_lock(hdev);
-        if (status != 0) {
+        if (status) {
                mgmt_write_scan_failed(hdev, param, status);
                hdev->discov_timeout = 0;
                goto done;
@@ -513,7 +514,7 @@ static void hci_setup_event_mask(struct hci_dev *hdev)
        if (hdev->features[3] & LMP_RSSI_INQ)
                events[4] |= 0x02; /* Inquiry Result with RSSI */
-        if (hdev->features[5] & LMP_SNIFF_SUBR)
+        if (lmp_sniffsubr_capable(hdev))
                events[5] |= 0x20; /* Sniff Subrating */
        if (hdev->features[5] & LMP_PAUSE_ENC)
@@ -522,13 +523,13 @@ static void hci_setup_event_mask(struct hci_dev *hdev)
        if (hdev->features[6] & LMP_EXT_INQ)
                events[5] |= 0x40; /* Extended Inquiry Result */
-        if (hdev->features[6] & LMP_NO_FLUSH)
+        if (lmp_no_flush_capable(hdev))
                events[7] |= 0x01; /* Enhanced Flush Complete */
        if (hdev->features[7] & LMP_LSTO)
                events[6] |= 0x80; /* Link Supervision Timeout Changed */
-        if (hdev->features[6] & LMP_SIMPLE_PAIR) {
+        if (lmp_ssp_capable(hdev)) {
                events[6] |= 0x01;      /* IO Capability Request */
                events[6] |= 0x02;      /* IO Capability Response */
                events[6] |= 0x04;      /* User Confirmation Request */
@@ -541,7 +542,7 @@ static void hci_setup_event_mask(struct hci_dev *hdev)
                                         * Features Notification */
        }
-        if (hdev->features[4] & LMP_LE)
+        if (lmp_le_capable(hdev))
                events[7] |= 0x20;      /* LE Meta-Event */
        hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
@@ -623,11 +624,11 @@ static void hci_setup_link_policy(struct hci_dev *hdev)
        struct hci_cp_write_def_link_policy cp;
        u16 link_policy = 0;
-        if (hdev->features[0] & LMP_RSWITCH)
+        if (lmp_rswitch_capable(hdev))
                link_policy |= HCI_LP_RSWITCH;
        if (hdev->features[0] & LMP_HOLD)
                link_policy |= HCI_LP_HOLD;
-        if (hdev->features[0] & LMP_SNIFF)
+        if (lmp_sniff_capable(hdev))
                link_policy |= HCI_LP_SNIFF;
        if (hdev->features[1] & LMP_PARK)
                link_policy |= HCI_LP_PARK;
@@ -686,7 +687,7 @@ static void hci_cc_read_local_features(struct hci_dev *hdev,
                hdev->esco_type |= (ESCO_HV3);
        }
-        if (hdev->features[3] & LMP_ESCO)
+        if (lmp_esco_capable(hdev))
                hdev->esco_type |= (ESCO_EV3);
        if (hdev->features[4] & LMP_EV4)
@@ -746,7 +747,7 @@ static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
                break;
        }
-        if (test_bit(HCI_INIT, &hdev->flags) && hdev->features[4] & LMP_LE)
+        if (test_bit(HCI_INIT, &hdev->flags) && lmp_le_capable(hdev))
                hci_set_le_support(hdev);
 done:
@@ -925,7 +926,7 @@ static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
        if (test_bit(HCI_MGMT, &hdev->dev_flags))
                mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
-        if (rp->status != 0)
+        if (rp->status)
                goto unlock;
        cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
@@ -1365,6 +1366,9 @@ static bool hci_resolve_next_name(struct hci_dev *hdev)
                return false;
        e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
+        if (!e)
+                return false;
        if (hci_resolve_name(hdev, e) == 0) {
                e->name_state = NAME_PENDING;
                return true;
@@ -1393,12 +1397,20 @@ static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
                return;
        e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
-        if (e) {
+        /* If the device was not found in a list of found devices names of which
+         * are pending. there is no need to continue resolving a next name as it
+         * will be done upon receiving another Remote Name Request Complete
+         * Event */
+        if (!e)
+                return;
+        list_del(&e->list);
+        if (name) {
                e->name_state = NAME_KNOWN;
-                list_del(&e->list);
+                mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
-                if (name)
+                                 e->data.rssi, name, name_len);
-                        mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
+        } else {
-                                         e->data.rssi, name, name_len);
+                e->name_state = NAME_NOT_KNOWN;
        }
        if (hci_resolve_next_name(hdev))
@@ -1614,43 +1626,30 @@ static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
 static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
 {
-        struct hci_cp_le_create_conn *cp;
        struct hci_conn *conn;
        BT_DBG("%s status 0x%2.2x", hdev->name, status);
-        cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
+        if (status) {
-        if (!cp)
+                hci_dev_lock(hdev);
-                return;
-        hci_dev_lock(hdev);
+                conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
+                if (!conn) {
+                        hci_dev_unlock(hdev);
+                        return;
+                }
-        conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
+                BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&conn->dst),
+                       conn);
-        BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
+                conn->state = BT_CLOSED;
-               conn);
+                mgmt_connect_failed(hdev, &conn->dst, conn->type,
+                                    conn->dst_type, status);
+                hci_proto_connect_cfm(conn, status);
+                hci_conn_del(conn);
-        if (status) {
+                hci_dev_unlock(hdev);
-                if (conn && conn->state == BT_CONNECT) {
-                        conn->state = BT_CLOSED;
-                        mgmt_connect_failed(hdev, &cp->peer_addr, conn->type,
-                                            conn->dst_type, status);
-                        hci_proto_connect_cfm(conn, status);
-                        hci_conn_del(conn);
-                }
-        } else {
-                if (!conn) {
-                        conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
-                        if (conn) {
-                                conn->dst_type = cp->peer_addr_type;
-                                conn->out = true;
-                        } else {
-                                BT_ERR("No memory for new connection");
-                        }
-                }
        }
-        hci_dev_unlock(hdev);
 }
 static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
@@ -1762,7 +1761,12 @@ static void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
                if (conn->type == ACL_LINK) {
                        conn->state = BT_CONFIG;
                        hci_conn_hold(conn);
-                        conn->disc_timeout = HCI_DISCONN_TIMEOUT;
+                        if (!conn->out && !hci_conn_ssp_enabled(conn) &&
+                            !hci_find_link_key(hdev, &ev->bdaddr))
+                                conn->disc_timeout = HCI_PAIRING_TIMEOUT;
+                        else
+                                conn->disc_timeout = HCI_DISCONN_TIMEOUT;
                } else
                        conn->state = BT_CONNECTED;
@@ -1888,6 +1892,22 @@ static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
        }
 }
+static u8 hci_to_mgmt_reason(u8 err)
+{
+        switch (err) {
+        case HCI_ERROR_CONNECTION_TIMEOUT:
+                return MGMT_DEV_DISCONN_TIMEOUT;
+        case HCI_ERROR_REMOTE_USER_TERM:
+        case HCI_ERROR_REMOTE_LOW_RESOURCES:
+        case HCI_ERROR_REMOTE_POWER_OFF:
+                return MGMT_DEV_DISCONN_REMOTE;
+        case HCI_ERROR_LOCAL_HOST_TERM:
+                return MGMT_DEV_DISCONN_LOCAL_HOST;
+        default:
+                return MGMT_DEV_DISCONN_UNKNOWN;
+        }
+}
 static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
 {
        struct hci_ev_disconn_complete *ev = (void *) skb->data;
@@ -1906,12 +1926,15 @@ static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
        if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
            (conn->type == ACL_LINK || conn->type == LE_LINK)) {
-                if (ev->status != 0)
+                if (ev->status) {
                        mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
                                               conn->dst_type, ev->status);
-                else
+                } else {
+                        u8 reason = hci_to_mgmt_reason(ev->reason);
                        mgmt_device_disconnected(hdev, &conn->dst, conn->type,
-                                                 conn->dst_type);
+                                                 conn->dst_type, reason);
+                }
        }
        if (ev->status == 0) {
@@ -3252,12 +3275,67 @@ static void hci_user_passkey_request_evt(struct hci_dev *hdev,
        BT_DBG("%s", hdev->name);
-        hci_dev_lock(hdev);
        if (test_bit(HCI_MGMT, &hdev->dev_flags))
                mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
+}
-        hci_dev_unlock(hdev);
+static void hci_user_passkey_notify_evt(struct hci_dev *hdev,
+                                        struct sk_buff *skb)
+{
+        struct hci_ev_user_passkey_notify *ev = (void *) skb->data;
+        struct hci_conn *conn;
+        BT_DBG("%s", hdev->name);
+        conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
+        if (!conn)
+                return;
+        conn->passkey_notify = __le32_to_cpu(ev->passkey);
+        conn->passkey_entered = 0;
+        if (test_bit(HCI_MGMT, &hdev->dev_flags))
+                mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
+                                         conn->dst_type, conn->passkey_notify,
+                                         conn->passkey_entered);
+}
+static void hci_keypress_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
+{
+        struct hci_ev_keypress_notify *ev = (void *) skb->data;
+        struct hci_conn *conn;
+        BT_DBG("%s", hdev->name);
+        conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
+        if (!conn)
+                return;
+        switch (ev->type) {
+        case HCI_KEYPRESS_STARTED:
+                conn->passkey_entered = 0;
+                return;
+        case HCI_KEYPRESS_ENTERED:
+                conn->passkey_entered++;
+                break;
+        case HCI_KEYPRESS_ERASED:
+                conn->passkey_entered--;
+                break;
+        case HCI_KEYPRESS_CLEARED:
+                conn->passkey_entered = 0;
+                break;
+        case HCI_KEYPRESS_COMPLETED:
+                return;
+        }
+        if (test_bit(HCI_MGMT, &hdev->dev_flags))
+                mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
+                                         conn->dst_type, conn->passkey_notify,
+                                         conn->passkey_entered);
 }
 static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
@@ -3279,7 +3357,7 @@ static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
         * initiated the authentication. A traditional auth_complete
         * event gets always produced as initiator and is also mapped to
         * the mgmt_auth_failed event */
-        if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status != 0)
+        if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status)
                mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
                                 ev->status);
@@ -3350,11 +3428,23 @@ static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
        hci_dev_lock(hdev);
-        if (ev->status) {
+        conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
-                conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
+        if (!conn) {
-                if (!conn)
+                conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
+                if (!conn) {
+                        BT_ERR("No memory for new connection");
                        goto unlock;
+                }
+                conn->dst_type = ev->bdaddr_type;
+                if (ev->role == LE_CONN_ROLE_MASTER) {
+                        conn->out = true;
+                        conn->link_mode |= HCI_LM_MASTER;
+                }
+        }
+        if (ev->status) {
                mgmt_connect_failed(hdev, &conn->dst, conn->type,
                                    conn->dst_type, ev->status);
                hci_proto_connect_cfm(conn, ev->status);
@@ -3363,18 +3453,6 @@ static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
                goto unlock;
        }
-        conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
-        if (!conn) {
-                conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
-                if (!conn) {
-                        BT_ERR("No memory for new connection");
-                        hci_dev_unlock(hdev);
-                        return;
-                }
-                conn->dst_type = ev->bdaddr_type;
-        }
        if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
                mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
                                      conn->dst_type, 0, NULL, 0, NULL);
@@ -3624,6 +3702,14 @@ void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
                hci_user_passkey_request_evt(hdev, skb);
                break;
+        case HCI_EV_USER_PASSKEY_NOTIFY:
+                hci_user_passkey_notify_evt(hdev, skb);
+                break;
+        case HCI_EV_KEYPRESS_NOTIFY:
+                hci_keypress_notify_evt(hdev, skb);
+                break;
        case HCI_EV_SIMPLE_PAIR_COMPLETE:
                hci_simple_pair_complete_evt(hdev, skb);
                break;

diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c index 41ff978a33f9..2022b43c7353 100644 --- a/net/bluetooth/hci_event.c +++ b/net/bluetooth/hci_event.c
@@ -29,6 +29,7 @@
29		29
30	#include <net/bluetooth/bluetooth.h>	30	#include <net/bluetooth/bluetooth.h>
31	#include <net/bluetooth/hci_core.h>	31	#include <net/bluetooth/hci_core.h>
		32	#include <net/bluetooth/mgmt.h>
32		33
33	/* Handle HCI Event packets */	34	/* Handle HCI Event packets */
34		35
@@ -303,7 +304,7 @@ static void hci_cc_write_scan_enable(struct hci_dev hdev, struct sk_buff skb)
303		304
304	hci_dev_lock(hdev);	305	hci_dev_lock(hdev);
305		306
306	if (status != 0) {	307	if (status) {
307	mgmt_write_scan_failed(hdev, param, status);	308	mgmt_write_scan_failed(hdev, param, status);
308	hdev->discov_timeout = 0;	309	hdev->discov_timeout = 0;
309	goto done;	310	goto done;
@@ -513,7 +514,7 @@ static void hci_setup_event_mask(struct hci_dev *hdev)
513	if (hdev->features[3] & LMP_RSSI_INQ)	514	if (hdev->features[3] & LMP_RSSI_INQ)
514	events[4] \|= 0x02; /* Inquiry Result with RSSI */	515	events[4] \|= 0x02; /* Inquiry Result with RSSI */
515		516
516	if (hdev->features[5] & LMP_SNIFF_SUBR)	517	if (lmp_sniffsubr_capable(hdev))
517	events[5] \|= 0x20; /* Sniff Subrating */	518	events[5] \|= 0x20; /* Sniff Subrating */
518		519
519	if (hdev->features[5] & LMP_PAUSE_ENC)	520	if (hdev->features[5] & LMP_PAUSE_ENC)
@@ -522,13 +523,13 @@ static void hci_setup_event_mask(struct hci_dev *hdev)
522	if (hdev->features[6] & LMP_EXT_INQ)	523	if (hdev->features[6] & LMP_EXT_INQ)
523	events[5] \|= 0x40; /* Extended Inquiry Result */	524	events[5] \|= 0x40; /* Extended Inquiry Result */
524		525
525	if (hdev->features[6] & LMP_NO_FLUSH)	526	if (lmp_no_flush_capable(hdev))
526	events[7] \|= 0x01; /* Enhanced Flush Complete */	527	events[7] \|= 0x01; /* Enhanced Flush Complete */
527		528
528	if (hdev->features[7] & LMP_LSTO)	529	if (hdev->features[7] & LMP_LSTO)
529	events[6] \|= 0x80; /* Link Supervision Timeout Changed */	530	events[6] \|= 0x80; /* Link Supervision Timeout Changed */
530		531
531	if (hdev->features[6] & LMP_SIMPLE_PAIR) {	532	if (lmp_ssp_capable(hdev)) {
532	events[6] \|= 0x01; /* IO Capability Request */	533	events[6] \|= 0x01; /* IO Capability Request */
533	events[6] \|= 0x02; /* IO Capability Response */	534	events[6] \|= 0x02; /* IO Capability Response */
534	events[6] \|= 0x04; /* User Confirmation Request */	535	events[6] \|= 0x04; /* User Confirmation Request */
@@ -541,7 +542,7 @@ static void hci_setup_event_mask(struct hci_dev *hdev)
541	* Features Notification */	542	* Features Notification */
542	}	543	}
543		544
544	if (hdev->features[4] & LMP_LE)	545	if (lmp_le_capable(hdev))
545	events[7] \|= 0x20; /* LE Meta-Event */	546	events[7] \|= 0x20; /* LE Meta-Event */
546		547
547	hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);	548	hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
@@ -623,11 +624,11 @@ static void hci_setup_link_policy(struct hci_dev *hdev)
623	struct hci_cp_write_def_link_policy cp;	624	struct hci_cp_write_def_link_policy cp;
624	u16 link_policy = 0;	625	u16 link_policy = 0;
625		626
626	if (hdev->features[0] & LMP_RSWITCH)	627	if (lmp_rswitch_capable(hdev))
627	link_policy \|= HCI_LP_RSWITCH;	628	link_policy \|= HCI_LP_RSWITCH;
628	if (hdev->features[0] & LMP_HOLD)	629	if (hdev->features[0] & LMP_HOLD)
629	link_policy \|= HCI_LP_HOLD;	630	link_policy \|= HCI_LP_HOLD;
630	if (hdev->features[0] & LMP_SNIFF)	631	if (lmp_sniff_capable(hdev))
631	link_policy \|= HCI_LP_SNIFF;	632	link_policy \|= HCI_LP_SNIFF;
632	if (hdev->features[1] & LMP_PARK)	633	if (hdev->features[1] & LMP_PARK)
633	link_policy \|= HCI_LP_PARK;	634	link_policy \|= HCI_LP_PARK;
@@ -686,7 +687,7 @@ static void hci_cc_read_local_features(struct hci_dev *hdev,
686	hdev->esco_type \|= (ESCO_HV3);	687	hdev->esco_type \|= (ESCO_HV3);
687	}	688	}
688		689
689	if (hdev->features[3] & LMP_ESCO)	690	if (lmp_esco_capable(hdev))
690	hdev->esco_type \|= (ESCO_EV3);	691	hdev->esco_type \|= (ESCO_EV3);
691		692
692	if (hdev->features[4] & LMP_EV4)	693	if (hdev->features[4] & LMP_EV4)
@@ -746,7 +747,7 @@ static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
746	break;	747	break;
747	}	748	}
748		749
749	if (test_bit(HCI_INIT, &hdev->flags) && hdev->features[4] & LMP_LE)	750	if (test_bit(HCI_INIT, &hdev->flags) && lmp_le_capable(hdev))
750	hci_set_le_support(hdev);	751	hci_set_le_support(hdev);
751		752
752	done:	753	done:
@@ -925,7 +926,7 @@ static void hci_cc_pin_code_reply(struct hci_dev hdev, struct sk_buff skb)
925	if (test_bit(HCI_MGMT, &hdev->dev_flags))	926	if (test_bit(HCI_MGMT, &hdev->dev_flags))
926	mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);	927	mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
927		928
928	if (rp->status != 0)	929	if (rp->status)
929	goto unlock;	930	goto unlock;
930		931
931	cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);	932	cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
@@ -1365,6 +1366,9 @@ static bool hci_resolve_next_name(struct hci_dev *hdev)
1365	return false;	1366	return false;
1366		1367
1367	e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);	1368	e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
		1369	if (!e)
		1370	return false;
		1371
1368	if (hci_resolve_name(hdev, e) == 0) {	1372	if (hci_resolve_name(hdev, e) == 0) {
1369	e->name_state = NAME_PENDING;	1373	e->name_state = NAME_PENDING;
1370	return true;	1374	return true;
@@ -1393,12 +1397,20 @@ static void hci_check_pending_name(struct hci_dev hdev, struct hci_conn conn,
1393	return;	1397	return;
1394		1398
1395	e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);	1399	e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
1396	if (e) {	1400	/* If the device was not found in a list of found devices names of which
		1401	* are pending. there is no need to continue resolving a next name as it
		1402	* will be done upon receiving another Remote Name Request Complete
		1403	* Event */
		1404	if (!e)
		1405	return;
		1406
		1407	list_del(&e->list);
		1408	if (name) {
1397	e->name_state = NAME_KNOWN;	1409	e->name_state = NAME_KNOWN;
1398	list_del(&e->list);	1410	mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1399	if (name)	1411	e->data.rssi, name, name_len);
1400	mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,	1412	} else {
1401	e->data.rssi, name, name_len);	1413	e->name_state = NAME_NOT_KNOWN;
1402	}	1414	}
1403		1415
1404	if (hci_resolve_next_name(hdev))	1416	if (hci_resolve_next_name(hdev))
@@ -1614,43 +1626,30 @@ static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1614		1626
1615	static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)	1627	static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1616	{	1628	{
1617	struct hci_cp_le_create_conn *cp;
1618	struct hci_conn *conn;	1629	struct hci_conn *conn;
1619		1630
1620	BT_DBG("%s status 0x%2.2x", hdev->name, status);	1631	BT_DBG("%s status 0x%2.2x", hdev->name, status);
1621		1632
1622	cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);	1633	if (status) {
1623	if (!cp)	1634	hci_dev_lock(hdev);
1624	return;
1625		1635
1626	hci_dev_lock(hdev);	1636	conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
		1637	if (!conn) {
		1638	hci_dev_unlock(hdev);
		1639	return;
		1640	}
1627		1641
1628	conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);	1642	BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&conn->dst),
		1643	conn);
1629		1644
1630	BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),	1645	conn->state = BT_CLOSED;
1631	conn);	1646	mgmt_connect_failed(hdev, &conn->dst, conn->type,
		1647	conn->dst_type, status);
		1648	hci_proto_connect_cfm(conn, status);
		1649	hci_conn_del(conn);
1632		1650
1633	if (status) {	1651	hci_dev_unlock(hdev);
1634	if (conn && conn->state == BT_CONNECT) {
1635	conn->state = BT_CLOSED;
1636	mgmt_connect_failed(hdev, &cp->peer_addr, conn->type,
1637	conn->dst_type, status);
1638	hci_proto_connect_cfm(conn, status);
1639	hci_conn_del(conn);
1640	}
1641	} else {
1642	if (!conn) {
1643	conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
1644	if (conn) {
1645	conn->dst_type = cp->peer_addr_type;
1646	conn->out = true;
1647	} else {
1648	BT_ERR("No memory for new connection");
1649	}
1650	}
1651	}	1652	}
1652
1653	hci_dev_unlock(hdev);
1654	}	1653	}
1655		1654
1656	static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)	1655	static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
@@ -1762,7 +1761,12 @@ static void hci_conn_complete_evt(struct hci_dev hdev, struct sk_buff skb)
1762	if (conn->type == ACL_LINK) {	1761	if (conn->type == ACL_LINK) {
1763	conn->state = BT_CONFIG;	1762	conn->state = BT_CONFIG;
1764	hci_conn_hold(conn);	1763	hci_conn_hold(conn);
1765	conn->disc_timeout = HCI_DISCONN_TIMEOUT;	1764
		1765	if (!conn->out && !hci_conn_ssp_enabled(conn) &&
		1766	!hci_find_link_key(hdev, &ev->bdaddr))
		1767	conn->disc_timeout = HCI_PAIRING_TIMEOUT;
		1768	else
		1769	conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1766	} else	1770	} else
1767	conn->state = BT_CONNECTED;	1771	conn->state = BT_CONNECTED;
1768		1772
@@ -1888,6 +1892,22 @@ static void hci_conn_request_evt(struct hci_dev hdev, struct sk_buff skb)
1888	}	1892	}
1889	}	1893	}
1890		1894
		1895	static u8 hci_to_mgmt_reason(u8 err)
		1896	{
		1897	switch (err) {
		1898	case HCI_ERROR_CONNECTION_TIMEOUT:
		1899	return MGMT_DEV_DISCONN_TIMEOUT;
		1900	case HCI_ERROR_REMOTE_USER_TERM:
		1901	case HCI_ERROR_REMOTE_LOW_RESOURCES:
		1902	case HCI_ERROR_REMOTE_POWER_OFF:
		1903	return MGMT_DEV_DISCONN_REMOTE;
		1904	case HCI_ERROR_LOCAL_HOST_TERM:
		1905	return MGMT_DEV_DISCONN_LOCAL_HOST;
		1906	default:
		1907	return MGMT_DEV_DISCONN_UNKNOWN;
		1908	}
		1909	}
		1910
1891	static void hci_disconn_complete_evt(struct hci_dev hdev, struct sk_buff skb)	1911	static void hci_disconn_complete_evt(struct hci_dev hdev, struct sk_buff skb)
1892	{	1912	{
1893	struct hci_ev_disconn_complete ev = (void ) skb->data;	1913	struct hci_ev_disconn_complete ev = (void ) skb->data;
@@ -1906,12 +1926,15 @@ static void hci_disconn_complete_evt(struct hci_dev hdev, struct sk_buff skb)
1906		1926
1907	if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&	1927	if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
1908	(conn->type == ACL_LINK \|\| conn->type == LE_LINK)) {	1928	(conn->type == ACL_LINK \|\| conn->type == LE_LINK)) {
1909	if (ev->status != 0)	1929	if (ev->status) {
1910	mgmt_disconnect_failed(hdev, &conn->dst, conn->type,	1930	mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
1911	conn->dst_type, ev->status);	1931	conn->dst_type, ev->status);
1912	else	1932	} else {
		1933	u8 reason = hci_to_mgmt_reason(ev->reason);
		1934
1913	mgmt_device_disconnected(hdev, &conn->dst, conn->type,	1935	mgmt_device_disconnected(hdev, &conn->dst, conn->type,
1914	conn->dst_type);	1936	conn->dst_type, reason);
		1937	}
1915	}	1938	}
1916		1939
1917	if (ev->status == 0) {	1940	if (ev->status == 0) {
@@ -3252,12 +3275,67 @@ static void hci_user_passkey_request_evt(struct hci_dev *hdev,
3252		3275
3253	BT_DBG("%s", hdev->name);	3276	BT_DBG("%s", hdev->name);
3254		3277
3255	hci_dev_lock(hdev);
3256
3257	if (test_bit(HCI_MGMT, &hdev->dev_flags))	3278	if (test_bit(HCI_MGMT, &hdev->dev_flags))
3258	mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);	3279	mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
		3280	}
3259		3281
3260	hci_dev_unlock(hdev);	3282	static void hci_user_passkey_notify_evt(struct hci_dev *hdev,
		3283	struct sk_buff *skb)
		3284	{
		3285	struct hci_ev_user_passkey_notify ev = (void ) skb->data;
		3286	struct hci_conn *conn;
		3287
		3288	BT_DBG("%s", hdev->name);
		3289
		3290	conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
		3291	if (!conn)
		3292	return;
		3293
		3294	conn->passkey_notify = __le32_to_cpu(ev->passkey);
		3295	conn->passkey_entered = 0;
		3296
		3297	if (test_bit(HCI_MGMT, &hdev->dev_flags))
		3298	mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
		3299	conn->dst_type, conn->passkey_notify,
		3300	conn->passkey_entered);
		3301	}
		3302
		3303	static void hci_keypress_notify_evt(struct hci_dev hdev, struct sk_buff skb)
		3304	{
		3305	struct hci_ev_keypress_notify ev = (void ) skb->data;
		3306	struct hci_conn *conn;
		3307
		3308	BT_DBG("%s", hdev->name);
		3309
		3310	conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
		3311	if (!conn)
		3312	return;
		3313
		3314	switch (ev->type) {
		3315	case HCI_KEYPRESS_STARTED:
		3316	conn->passkey_entered = 0;
		3317	return;
		3318
		3319	case HCI_KEYPRESS_ENTERED:
		3320	conn->passkey_entered++;
		3321	break;
		3322
		3323	case HCI_KEYPRESS_ERASED:
		3324	conn->passkey_entered--;
		3325	break;
		3326
		3327	case HCI_KEYPRESS_CLEARED:
		3328	conn->passkey_entered = 0;
		3329	break;
		3330
		3331	case HCI_KEYPRESS_COMPLETED:
		3332	return;
		3333	}
		3334
		3335	if (test_bit(HCI_MGMT, &hdev->dev_flags))
		3336	mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
		3337	conn->dst_type, conn->passkey_notify,
		3338	conn->passkey_entered);
3261	}	3339	}
3262		3340
3263	static void hci_simple_pair_complete_evt(struct hci_dev *hdev,	3341	static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
@@ -3279,7 +3357,7 @@ static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
3279	* initiated the authentication. A traditional auth_complete	3357	* initiated the authentication. A traditional auth_complete
3280	* event gets always produced as initiator and is also mapped to	3358	* event gets always produced as initiator and is also mapped to
3281	* the mgmt_auth_failed event */	3359	* the mgmt_auth_failed event */
3282	if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status != 0)	3360	if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status)
3283	mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,	3361	mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
3284	ev->status);	3362	ev->status);
3285		3363
@@ -3350,11 +3428,23 @@ static void hci_le_conn_complete_evt(struct hci_dev hdev, struct sk_buff skb)
3350		3428
3351	hci_dev_lock(hdev);	3429	hci_dev_lock(hdev);
3352		3430
3353	if (ev->status) {	3431	conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
3354	conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);	3432	if (!conn) {
3355	if (!conn)	3433	conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
		3434	if (!conn) {
		3435	BT_ERR("No memory for new connection");
3356	goto unlock;	3436	goto unlock;
		3437	}
3357		3438
		3439	conn->dst_type = ev->bdaddr_type;
		3440
		3441	if (ev->role == LE_CONN_ROLE_MASTER) {
		3442	conn->out = true;
		3443	conn->link_mode \|= HCI_LM_MASTER;
		3444	}
		3445	}
		3446
		3447	if (ev->status) {
3358	mgmt_connect_failed(hdev, &conn->dst, conn->type,	3448	mgmt_connect_failed(hdev, &conn->dst, conn->type,
3359	conn->dst_type, ev->status);	3449	conn->dst_type, ev->status);
3360	hci_proto_connect_cfm(conn, ev->status);	3450	hci_proto_connect_cfm(conn, ev->status);
@@ -3363,18 +3453,6 @@ static void hci_le_conn_complete_evt(struct hci_dev hdev, struct sk_buff skb)
3363	goto unlock;	3453	goto unlock;
3364	}	3454	}
3365		3455
3366	conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
3367	if (!conn) {
3368	conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3369	if (!conn) {
3370	BT_ERR("No memory for new connection");
3371	hci_dev_unlock(hdev);
3372	return;
3373	}
3374
3375	conn->dst_type = ev->bdaddr_type;
3376	}
3377
3378	if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))	3456	if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3379	mgmt_device_connected(hdev, &ev->bdaddr, conn->type,	3457	mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
3380	conn->dst_type, 0, NULL, 0, NULL);	3458	conn->dst_type, 0, NULL, 0, NULL);
@@ -3624,6 +3702,14 @@ void hci_event_packet(struct hci_dev hdev, struct sk_buff skb)
3624	hci_user_passkey_request_evt(hdev, skb);	3702	hci_user_passkey_request_evt(hdev, skb);
3625	break;	3703	break;
3626		3704
		3705	case HCI_EV_USER_PASSKEY_NOTIFY:
		3706	hci_user_passkey_notify_evt(hdev, skb);
		3707	break;
		3708
		3709	case HCI_EV_KEYPRESS_NOTIFY:
		3710	hci_keypress_notify_evt(hdev, skb);
		3711	break;
		3712
3627	case HCI_EV_SIMPLE_PAIR_COMPLETE:	3713	case HCI_EV_SIMPLE_PAIR_COMPLETE:
3628	hci_simple_pair_complete_evt(hdev, skb);	3714	hci_simple_pair_complete_evt(hdev, skb);
3629	break;	3715	break;