+39

drivers/bluetooth/btbcm.c

reviewed

··· 8 8 9 9 #include <linux/module.h> 10 10 #include <linux/firmware.h> 11 11 + #include <linux/dmi.h> 11 12 #include <asm/unaligned.h> 12 13 13 14 #include <net/bluetooth/bluetooth.h> ··· 344 343 return skb; 345 344 } 346 345 346 346 + static const struct dmi_system_id disable_broken_read_transmit_power[] = { 347 347 + { 348 348 + .matches = { 349 349 + DMI_MATCH(DMI_BOARD_VENDOR, "Apple Inc."), 350 350 + DMI_MATCH(DMI_PRODUCT_NAME, "MacBookPro16,1"), 351 351 + }, 352 352 + }, 353 353 + { 354 354 + .matches = { 355 355 + DMI_MATCH(DMI_BOARD_VENDOR, "Apple Inc."), 356 356 + DMI_MATCH(DMI_PRODUCT_NAME, "MacBookPro16,2"), 357 357 + }, 358 358 + }, 359 359 + { 360 360 + .matches = { 361 361 + DMI_MATCH(DMI_BOARD_VENDOR, "Apple Inc."), 362 362 + DMI_MATCH(DMI_PRODUCT_NAME, "MacBookPro16,4"), 363 363 + }, 364 364 + }, 365 365 + { 366 366 + .matches = { 367 367 + DMI_MATCH(DMI_BOARD_VENDOR, "Apple Inc."), 368 368 + DMI_MATCH(DMI_PRODUCT_NAME, "iMac20,1"), 369 369 + }, 370 370 + }, 371 371 + { 372 372 + .matches = { 373 373 + DMI_MATCH(DMI_BOARD_VENDOR, "Apple Inc."), 374 374 + DMI_MATCH(DMI_PRODUCT_NAME, "iMac20,2"), 375 375 + }, 376 376 + }, 377 377 + { } 378 378 + }; 379 379 + 347 380 static int btbcm_read_info(struct hci_dev *hdev) 348 381 { 349 382 struct sk_buff *skb; ··· 397 362 398 363 bt_dev_info(hdev, "BCM: features 0x%2.2x", skb->data[1]); 399 364 kfree_skb(skb); 365 365 + 366 366 + /* Read DMI and disable broken Read LE Min/Max Tx Power */ 367 367 + if (dmi_first_match(disable_broken_read_transmit_power)) 368 368 + set_bit(HCI_QUIRK_BROKEN_READ_TRANSMIT_POWER, &hdev->quirks); 400 369 401 370 return 0; 402 371 }

+22 -4

drivers/bluetooth/btintel.c

reviewed

··· 2498 2498 case 0x12: /* ThP */ 2499 2499 case 0x13: /* HrP */ 2500 2500 case 0x14: /* CcP */ 2501 2501 - /* Some legacy bootloader devices from JfP supports both old 2502 2502 - * and TLV based HCI_Intel_Read_Version command. But we don't 2503 2503 - * want to use the TLV based setup routines for those legacy 2504 2504 - * bootloader device. 2501 2501 + /* Some legacy bootloader devices starting from JfP, 2502 2502 + * the operational firmware supports both old and TLV based 2503 2503 + * HCI_Intel_Read_Version command based on the command 2504 2504 + * parameter. 2505 2505 + * 2506 2506 + * For upgrading firmware case, the TLV based version cannot 2507 2507 + * be used because the firmware filename for legacy bootloader 2508 2508 + * is based on the old format. 2505 2509 * 2506 2510 * Also, it is not easy to convert TLV based version from the 2507 2511 * legacy version format. ··· 2517 2513 err = btintel_read_version(hdev, &ver); 2518 2514 if (err) 2519 2515 return err; 2516 2516 + 2517 2517 + /* Apply the device specific HCI quirks 2518 2518 + * 2519 2519 + * All Legacy bootloader devices support WBS 2520 2520 + */ 2521 2521 + set_bit(HCI_QUIRK_WIDEBAND_SPEECH_SUPPORTED, &hdev->quirks); 2522 2522 + 2523 2523 + /* Valid LE States quirk for JfP/ThP familiy */ 2524 2524 + if (ver.hw_variant == 0x11 || ver.hw_variant == 0x12) 2525 2525 + set_bit(HCI_QUIRK_VALID_LE_STATES, &hdev->quirks); 2526 2526 + 2527 2527 + /* Setup MSFT Extension support */ 2528 2528 + btintel_set_msft_opcode(hdev, ver.hw_variant); 2529 2529 + 2520 2530 err = btintel_bootloader_setup(hdev, &ver); 2521 2531 break; 2522 2532 case 0x17:

+1

drivers/bluetooth/btmtk.c

reviewed

··· 121 121 } else { 122 122 bt_dev_err(hdev, "Failed wmt patch dwnld status (%d)", 123 123 status); 124 124 + err = -EIO; 124 125 goto err_release_fw; 125 126 } 126 127 }

+43 -6

drivers/bluetooth/btmtksdio.c

reviewed

··· 98 98 #define MTK_SDIO_BLOCK_SIZE 256 99 99 100 100 #define BTMTKSDIO_TX_WAIT_VND_EVT 1 101 101 + #define BTMTKSDIO_HW_TX_READY 2 102 102 + #define BTMTKSDIO_FUNC_ENABLED 3 101 103 102 104 struct mtkbtsdio_hdr { 103 105 __le16 len; ··· 115 113 struct work_struct txrx_work; 116 114 unsigned long tx_state; 117 115 struct sk_buff_head txq; 118 118 - bool hw_tx_ready; 119 116 120 117 struct sk_buff *evt_skb; 121 118 ··· 255 254 sdio_hdr->reserved = cpu_to_le16(0); 256 255 sdio_hdr->bt_type = hci_skb_pkt_type(skb); 257 256 258 258 - bdev->hw_tx_ready = false; 257 257 + clear_bit(BTMTKSDIO_HW_TX_READY, &bdev->tx_state); 259 258 err = sdio_writesb(bdev->func, MTK_REG_CTDR, skb->data, 260 259 round_up(skb->len, MTK_SDIO_BLOCK_SIZE)); 261 260 if (err < 0) ··· 325 324 return err; 326 325 } 327 326 327 327 + static int btmtksdio_recv_acl(struct hci_dev *hdev, struct sk_buff *skb) 328 328 + { 329 329 + struct btmtksdio_dev *bdev = hci_get_drvdata(hdev); 330 330 + u16 handle = le16_to_cpu(hci_acl_hdr(skb)->handle); 331 331 + 332 332 + switch (handle) { 333 333 + case 0xfc6f: 334 334 + /* Firmware dump from device: when the firmware hangs, the 335 335 + * device can no longer suspend and thus disable auto-suspend. 336 336 + */ 337 337 + pm_runtime_forbid(bdev->dev); 338 338 + fallthrough; 339 339 + case 0x05ff: 340 340 + case 0x05fe: 341 341 + /* Firmware debug logging */ 342 342 + return hci_recv_diag(hdev, skb); 343 343 + } 344 344 + 345 345 + return hci_recv_frame(hdev, skb); 346 346 + } 347 347 + 328 348 static const struct h4_recv_pkt mtk_recv_pkts[] = { 329 329 - { H4_RECV_ACL, .recv = hci_recv_frame }, 349 349 + { H4_RECV_ACL, .recv = btmtksdio_recv_acl }, 330 350 { H4_RECV_SCO, .recv = hci_recv_frame }, 331 351 { H4_RECV_EVENT, .recv = btmtksdio_recv_event }, 332 352 }; ··· 485 463 bt_dev_dbg(bdev->hdev, "Get fw own back"); 486 464 487 465 if (int_status & TX_EMPTY) 488 488 - bdev->hw_tx_ready = true; 466 466 + set_bit(BTMTKSDIO_HW_TX_READY, &bdev->tx_state); 467 467 + 489 468 else if (unlikely(int_status & TX_FIFO_OVERFLOW)) 490 469 bt_dev_warn(bdev->hdev, "Tx fifo overflow"); 491 470 492 492 - if (bdev->hw_tx_ready) { 471 471 + if (test_bit(BTMTKSDIO_HW_TX_READY, &bdev->tx_state)) { 493 472 skb = skb_dequeue(&bdev->txq); 494 473 if (skb) { 495 474 err = btmtksdio_tx_packet(bdev, skb); ··· 539 516 err = sdio_enable_func(bdev->func); 540 517 if (err < 0) 541 518 goto err_release_host; 519 519 + 520 520 + set_bit(BTMTKSDIO_FUNC_ENABLED, &bdev->tx_state); 542 521 543 522 /* Get ownership from the device */ 544 523 sdio_writel(bdev->func, C_FW_OWN_REQ_CLR, MTK_REG_CHLPCR, &err); ··· 643 618 if (err < 0) 644 619 bt_dev_err(bdev->hdev, "Cannot return ownership to device"); 645 620 621 621 + clear_bit(BTMTKSDIO_FUNC_ENABLED, &bdev->tx_state); 646 622 sdio_disable_func(bdev->func); 647 623 648 624 sdio_release_host(bdev->func); ··· 791 765 return err; 792 766 } 793 767 768 768 + hci_set_msft_opcode(hdev, 0xFD30); 769 769 + hci_set_aosp_capable(hdev); 770 770 + 794 771 return err; 795 772 } 796 773 ··· 840 811 u32 fw_version = 0; 841 812 842 813 calltime = ktime_get(); 843 843 - bdev->hw_tx_ready = true; 814 814 + set_bit(BTMTKSDIO_HW_TX_READY, &bdev->tx_state); 844 815 845 816 switch (bdev->data->chipid) { 846 817 case 0x7921: ··· 1065 1036 if (!bdev) 1066 1037 return 0; 1067 1038 1039 1039 + if (!test_bit(BTMTKSDIO_FUNC_ENABLED, &bdev->tx_state)) 1040 1040 + return 0; 1041 1041 + 1042 1042 + sdio_set_host_pm_flags(func, MMC_PM_KEEP_POWER); 1043 1043 + 1068 1044 sdio_claim_host(bdev->func); 1069 1045 1070 1046 sdio_writel(bdev->func, C_FW_OWN_REQ_SET, MTK_REG_CHLPCR, &err); ··· 1095 1061 1096 1062 bdev = sdio_get_drvdata(func); 1097 1063 if (!bdev) 1064 1064 + return 0; 1065 1065 + 1066 1066 + if (!test_bit(BTMTKSDIO_FUNC_ENABLED, &bdev->tx_state)) 1098 1067 return 0; 1099 1068 1100 1069 sdio_claim_host(bdev->func);

+175 -9

drivers/bluetooth/btusb.c

reviewed

··· 16 16 #include <linux/of_irq.h> 17 17 #include <linux/suspend.h> 18 18 #include <linux/gpio/consumer.h> 19 19 + #include <linux/debugfs.h> 19 20 #include <asm/unaligned.h> 20 21 21 22 #include <net/bluetooth/bluetooth.h> ··· 32 31 static bool disable_scofix; 33 32 static bool force_scofix; 34 33 static bool enable_autosuspend = IS_ENABLED(CONFIG_BT_HCIBTUSB_AUTOSUSPEND); 35 35 - 36 34 static bool reset = true; 37 35 38 36 static struct usb_driver btusb_driver; ··· 296 296 { USB_DEVICE(0x0cf3, 0xe600), .driver_info = BTUSB_QCA_WCN6855 | 297 297 BTUSB_WIDEBAND_SPEECH | 298 298 BTUSB_VALID_LE_STATES }, 299 299 + { USB_DEVICE(0x0489, 0xe0cc), .driver_info = BTUSB_QCA_WCN6855 | 300 300 + BTUSB_WIDEBAND_SPEECH | 301 301 + BTUSB_VALID_LE_STATES }, 302 302 + { USB_DEVICE(0x0489, 0xe0d6), .driver_info = BTUSB_QCA_WCN6855 | 303 303 + BTUSB_WIDEBAND_SPEECH | 304 304 + BTUSB_VALID_LE_STATES }, 305 305 + { USB_DEVICE(0x0489, 0xe0e3), .driver_info = BTUSB_QCA_WCN6855 | 306 306 + BTUSB_WIDEBAND_SPEECH | 307 307 + BTUSB_VALID_LE_STATES }, 308 308 + { USB_DEVICE(0x10ab, 0x9309), .driver_info = BTUSB_QCA_WCN6855 | 309 309 + BTUSB_WIDEBAND_SPEECH | 310 310 + BTUSB_VALID_LE_STATES }, 311 311 + { USB_DEVICE(0x10ab, 0x9409), .driver_info = BTUSB_QCA_WCN6855 | 312 312 + BTUSB_WIDEBAND_SPEECH | 313 313 + BTUSB_VALID_LE_STATES }, 299 314 300 315 /* Broadcom BCM2035 */ 301 316 { USB_DEVICE(0x0a5c, 0x2009), .driver_info = BTUSB_BCM92035 }, ··· 400 385 /* Realtek 8852AE Bluetooth devices */ 401 386 { USB_DEVICE(0x0bda, 0xc852), .driver_info = BTUSB_REALTEK | 402 387 BTUSB_WIDEBAND_SPEECH }, 388 388 + { USB_DEVICE(0x0bda, 0x385a), .driver_info = BTUSB_REALTEK | 389 389 + BTUSB_WIDEBAND_SPEECH }, 403 390 { USB_DEVICE(0x0bda, 0x4852), .driver_info = BTUSB_REALTEK | 404 391 BTUSB_WIDEBAND_SPEECH }, 405 392 { USB_DEVICE(0x04c5, 0x165c), .driver_info = BTUSB_REALTEK | ··· 438 421 BTUSB_WIDEBAND_SPEECH | 439 422 BTUSB_VALID_LE_STATES }, 440 423 { USB_DEVICE(0x0489, 0xe0cd), .driver_info = BTUSB_MEDIATEK | 424 424 + BTUSB_WIDEBAND_SPEECH | 425 425 + BTUSB_VALID_LE_STATES }, 426 426 + 427 427 + /* MediaTek MT7922A Bluetooth devices */ 428 428 + { USB_DEVICE(0x0489, 0xe0d8), .driver_info = BTUSB_MEDIATEK | 429 429 + BTUSB_WIDEBAND_SPEECH | 430 430 + BTUSB_VALID_LE_STATES }, 431 431 + { USB_DEVICE(0x0489, 0xe0d9), .driver_info = BTUSB_MEDIATEK | 441 432 BTUSB_WIDEBAND_SPEECH | 442 433 BTUSB_VALID_LE_STATES }, 443 434 ··· 575 550 576 551 unsigned long flags; 577 552 578 578 - struct work_struct work; 579 579 - struct work_struct waker; 553 553 + bool poll_sync; 554 554 + int intr_interval; 555 555 + struct work_struct work; 556 556 + struct work_struct waker; 557 557 + struct delayed_work rx_work; 558 558 + 559 559 + struct sk_buff_head acl_q; 580 560 581 561 struct usb_anchor deferred; 582 562 struct usb_anchor tx_anchor; ··· 746 716 spin_unlock_irqrestore(&data->rxlock, flags); 747 717 } 748 718 719 719 + static int btusb_recv_event(struct btusb_data *data, struct sk_buff *skb) 720 720 + { 721 721 + if (data->intr_interval) { 722 722 + /* Trigger dequeue immediatelly if an event is received */ 723 723 + schedule_delayed_work(&data->rx_work, 0); 724 724 + } 725 725 + 726 726 + return data->recv_event(data->hdev, skb); 727 727 + } 728 728 + 749 729 static int btusb_recv_intr(struct btusb_data *data, void *buffer, int count) 750 730 { 751 731 struct sk_buff *skb; ··· 801 761 802 762 if (!hci_skb_expect(skb)) { 803 763 /* Complete frame */ 804 804 - data->recv_event(data->hdev, skb); 764 764 + btusb_recv_event(data, skb); 805 765 skb = NULL; 806 766 } 807 767 } ··· 810 770 spin_unlock_irqrestore(&data->rxlock, flags); 811 771 812 772 return err; 773 773 + } 774 774 + 775 775 + static int btusb_recv_acl(struct btusb_data *data, struct sk_buff *skb) 776 776 + { 777 777 + /* Only queue ACL packet if intr_interval is set as it means 778 778 + * force_poll_sync has been enabled. 779 779 + */ 780 780 + if (!data->intr_interval) 781 781 + return data->recv_acl(data->hdev, skb); 782 782 + 783 783 + skb_queue_tail(&data->acl_q, skb); 784 784 + schedule_delayed_work(&data->rx_work, data->intr_interval); 785 785 + 786 786 + return 0; 813 787 } 814 788 815 789 static int btusb_recv_bulk(struct btusb_data *data, void *buffer, int count) ··· 873 819 874 820 if (!hci_skb_expect(skb)) { 875 821 /* Complete frame */ 876 876 - data->recv_acl(data->hdev, skb); 822 822 + btusb_recv_acl(data, skb); 877 823 skb = NULL; 878 824 } 879 825 } ··· 979 925 if (err != -EPERM && err != -ENODEV) 980 926 bt_dev_err(hdev, "urb %p failed to resubmit (%d)", 981 927 urb, -err); 928 928 + if (err != -EPERM) 929 929 + hci_cmd_sync_cancel(hdev, -err); 982 930 usb_unanchor_urb(urb); 983 931 } 984 932 } ··· 1024 968 if (err != -EPERM && err != -ENODEV) 1025 969 bt_dev_err(hdev, "urb %p submission failed (%d)", 1026 970 urb, -err); 971 971 + if (err != -EPERM) 972 972 + hci_cmd_sync_cancel(hdev, -err); 1027 973 usb_unanchor_urb(urb); 1028 974 } 1029 975 976 976 + /* Only initialize intr_interval if URB poll sync is enabled */ 977 977 + if (!data->poll_sync) 978 978 + goto done; 979 979 + 980 980 + /* The units are frames (milliseconds) for full and low speed devices, 981 981 + * and microframes (1/8 millisecond) for highspeed and SuperSpeed 982 982 + * devices. 983 983 + * 984 984 + * This is done once on open/resume so it shouldn't change even if 985 985 + * force_poll_sync changes. 986 986 + */ 987 987 + switch (urb->dev->speed) { 988 988 + case USB_SPEED_SUPER_PLUS: 989 989 + case USB_SPEED_SUPER: /* units are 125us */ 990 990 + data->intr_interval = usecs_to_jiffies(urb->interval * 125); 991 991 + break; 992 992 + default: 993 993 + data->intr_interval = msecs_to_jiffies(urb->interval); 994 994 + break; 995 995 + } 996 996 + 997 997 + done: 1030 998 usb_free_urb(urb); 1031 999 1032 1000 return err; ··· 1403 1323 if (!test_bit(HCI_RUNNING, &hdev->flags)) 1404 1324 goto done; 1405 1325 1406 1406 - if (!urb->status) 1326 1326 + if (!urb->status) { 1407 1327 hdev->stat.byte_tx += urb->transfer_buffer_length; 1408 1408 - else 1328 1328 + } else { 1329 1329 + if (hci_skb_pkt_type(skb) == HCI_COMMAND_PKT) 1330 1330 + hci_cmd_sync_cancel(hdev, -urb->status); 1409 1331 hdev->stat.err_tx++; 1332 1332 + } 1410 1333 1411 1334 done: 1412 1335 spin_lock_irqsave(&data->txlock, flags); ··· 1513 1430 1514 1431 BT_DBG("%s", hdev->name); 1515 1432 1433 1433 + cancel_delayed_work(&data->rx_work); 1516 1434 cancel_work_sync(&data->work); 1517 1435 cancel_work_sync(&data->waker); 1436 1436 + 1437 1437 + skb_queue_purge(&data->acl_q); 1518 1438 1519 1439 clear_bit(BTUSB_ISOC_RUNNING, &data->flags); 1520 1440 clear_bit(BTUSB_BULK_RUNNING, &data->flags); ··· 1549 1463 struct btusb_data *data = hci_get_drvdata(hdev); 1550 1464 1551 1465 BT_DBG("%s", hdev->name); 1466 1466 + 1467 1467 + cancel_delayed_work(&data->rx_work); 1468 1468 + 1469 1469 + skb_queue_purge(&data->acl_q); 1552 1470 1553 1471 usb_kill_anchored_urbs(&data->tx_anchor); 1554 1472 btusb_free_frags(data); ··· 1915 1825 return; 1916 1826 1917 1827 usb_autopm_put_interface(data->intf); 1828 1828 + } 1829 1829 + 1830 1830 + static void btusb_rx_work(struct work_struct *work) 1831 1831 + { 1832 1832 + struct btusb_data *data = container_of(work, struct btusb_data, 1833 1833 + rx_work.work); 1834 1834 + struct sk_buff *skb; 1835 1835 + 1836 1836 + /* Dequeue ACL data received during the interval */ 1837 1837 + while ((skb = skb_dequeue(&data->acl_q))) 1838 1838 + data->recv_acl(data->hdev, skb); 1918 1839 } 1919 1840 1920 1841 static int btusb_setup_bcm92035(struct hci_dev *hdev) ··· 2647 2546 dev_id & 0xffff, (fw_version & 0xff) + 1); 2648 2547 err = btmtk_setup_firmware_79xx(hdev, fw_bin_name, 2649 2548 btusb_mtk_hci_wmt_sync); 2549 2549 + if (err < 0) { 2550 2550 + bt_dev_err(hdev, "Failed to set up firmware (%d)", err); 2551 2551 + return err; 2552 2552 + } 2650 2553 2651 2554 /* It's Device EndPoint Reset Option Register */ 2652 2555 btusb_mtk_uhw_reg_write(data, MTK_EP_RST_OPT, MTK_EP_RST_IN_OUT_OPT); ··· 2989 2884 __le32 rom_version; 2990 2885 __le32 patch_version; 2991 2886 __le32 ram_version; 2992 2992 - __le16 board_id; 2887 2887 + __u8 chip_id; 2888 2888 + __u8 platform_id; 2993 2889 __le16 flag; 2994 2890 __u8 reserved[4]; 2995 2891 } __packed; ··· 3179 3073 u16 flag = le16_to_cpu(ver->flag); 3180 3074 3181 3075 if (((flag >> 8) & 0xff) == QCA_FLAG_MULTI_NVM) { 3182 3182 - u16 board_id = le16_to_cpu(ver->board_id); 3076 3076 + /* The board_id should be split into two bytes 3077 3077 + * The 1st byte is chip ID, and the 2nd byte is platform ID 3078 3078 + * For example, board ID 0x010A, 0x01 is platform ID. 0x0A is chip ID 3079 3079 + * we have several platforms, and platform IDs are continuously added 3080 3080 + * Platform ID: 3081 3081 + * 0x00 is for Mobile 3082 3082 + * 0x01 is for X86 3083 3083 + * 0x02 is for Automotive 3084 3084 + * 0x03 is for Consumer electronic 3085 3085 + */ 3086 3086 + u16 board_id = (ver->chip_id << 8) + ver->platform_id; 3183 3087 const char *variant; 3184 3088 3185 3089 switch (le32_to_cpu(ver->ram_version)) { ··· 3489 3373 return 0; 3490 3374 } 3491 3375 3376 3376 + static ssize_t force_poll_sync_read(struct file *file, char __user *user_buf, 3377 3377 + size_t count, loff_t *ppos) 3378 3378 + { 3379 3379 + struct btusb_data *data = file->private_data; 3380 3380 + char buf[3]; 3381 3381 + 3382 3382 + buf[0] = data->poll_sync ? 'Y' : 'N'; 3383 3383 + buf[1] = '\n'; 3384 3384 + buf[2] = '\0'; 3385 3385 + return simple_read_from_buffer(user_buf, count, ppos, buf, 2); 3386 3386 + } 3387 3387 + 3388 3388 + static ssize_t force_poll_sync_write(struct file *file, 3389 3389 + const char __user *user_buf, 3390 3390 + size_t count, loff_t *ppos) 3391 3391 + { 3392 3392 + struct btusb_data *data = file->private_data; 3393 3393 + bool enable; 3394 3394 + int err; 3395 3395 + 3396 3396 + err = kstrtobool_from_user(user_buf, count, &enable); 3397 3397 + if (err) 3398 3398 + return err; 3399 3399 + 3400 3400 + /* Only allow changes while the adapter is down */ 3401 3401 + if (test_bit(HCI_UP, &data->hdev->flags)) 3402 3402 + return -EPERM; 3403 3403 + 3404 3404 + if (data->poll_sync == enable) 3405 3405 + return -EALREADY; 3406 3406 + 3407 3407 + data->poll_sync = enable; 3408 3408 + 3409 3409 + return count; 3410 3410 + } 3411 3411 + 3412 3412 + static const struct file_operations force_poll_sync_fops = { 3413 3413 + .open = simple_open, 3414 3414 + .read = force_poll_sync_read, 3415 3415 + .write = force_poll_sync_write, 3416 3416 + .llseek = default_llseek, 3417 3417 + }; 3418 3418 + 3492 3419 static int btusb_probe(struct usb_interface *intf, 3493 3420 const struct usb_device_id *id) 3494 3421 { ··· 3615 3456 3616 3457 INIT_WORK(&data->work, btusb_work); 3617 3458 INIT_WORK(&data->waker, btusb_waker); 3459 3459 + INIT_DELAYED_WORK(&data->rx_work, btusb_rx_work); 3460 3460 + 3461 3461 + skb_queue_head_init(&data->acl_q); 3462 3462 + 3618 3463 init_usb_anchor(&data->deferred); 3619 3464 init_usb_anchor(&data->tx_anchor); 3620 3465 spin_lock_init(&data->txlock); ··· 3883 3720 goto out_free_dev; 3884 3721 3885 3722 usb_set_intfdata(intf, data); 3723 3723 + 3724 3724 + debugfs_create_file("force_poll_sync", 0644, hdev->debugfs, data, 3725 3725 + &force_poll_sync_fops); 3886 3726 3887 3727 return 0; 3888 3728

+3

drivers/bluetooth/hci_qca.c

reviewed

··· 1928 1928 hu->hdev->hw_error = NULL; 1929 1929 hu->hdev->cmd_timeout = NULL; 1930 1930 1931 1931 + del_timer_sync(&qca->wake_retrans_timer); 1932 1932 + del_timer_sync(&qca->tx_idle_timer); 1933 1933 + 1931 1934 /* Stop sending shutdown command if soc crashes. */ 1932 1935 if (soc_type != QCA_ROME 1933 1936 && qca->memdump_state == QCA_MEMDUMP_IDLE) {

+2

drivers/bluetooth/hci_vhci.c

reviewed

··· 331 331 if (opcode & 0x80) 332 332 set_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks); 333 333 334 334 + set_bit(HCI_QUIRK_VALID_LE_STATES, &hdev->quirks); 335 335 + 334 336 if (hci_register_dev(hdev) < 0) { 335 337 BT_ERR("Can't register HCI device"); 336 338 hci_free_dev(hdev);

+2

include/linux/skbuff.h

reviewed

··· 2376 2376 return unlikely(len > skb->len) ? NULL : __skb_pull(skb, len); 2377 2377 } 2378 2378 2379 2379 + void *skb_pull_data(struct sk_buff *skb, size_t len); 2380 2380 + 2379 2381 void *__pskb_pull_tail(struct sk_buff *skb, int delta); 2380 2382 2381 2383 static inline void *__pskb_pull(struct sk_buff *skb, unsigned int len)

+7

include/net/bluetooth/bluetooth.h

reviewed

··· 390 390 }; 391 391 }; 392 392 393 393 + struct mgmt_ctrl { 394 394 + struct hci_dev *hdev; 395 395 + u16 opcode; 396 396 + }; 397 397 + 393 398 struct bt_skb_cb { 394 399 u8 pkt_type; 395 400 u8 force_active; ··· 404 399 struct l2cap_ctrl l2cap; 405 400 struct sco_ctrl sco; 406 401 struct hci_ctrl hci; 402 402 + struct mgmt_ctrl mgmt; 407 403 }; 408 404 }; 409 405 #define bt_cb(skb) ((struct bt_skb_cb *)((skb)->cb)) ··· 412 406 #define hci_skb_pkt_type(skb) bt_cb((skb))->pkt_type 413 407 #define hci_skb_expect(skb) bt_cb((skb))->expect 414 408 #define hci_skb_opcode(skb) bt_cb((skb))->hci.opcode 409 409 + #define hci_skb_event(skb) bt_cb((skb))->hci.req_event 415 410 #define hci_skb_sk(skb) bt_cb((skb))->hci.sk 416 411 417 412 static inline struct sk_buff *bt_skb_alloc(unsigned int len, gfp_t how)

+71 -14

include/net/bluetooth/hci.h

reviewed

··· 246 246 * HCI after resume. 247 247 */ 248 248 HCI_QUIRK_NO_SUSPEND_NOTIFIER, 249 249 + 250 250 + /* 251 251 + * When this quirk is set, LE tx power is not queried on startup 252 252 + * and the min/max tx power values default to HCI_TX_POWER_INVALID. 253 253 + * 254 254 + * This quirk can be set before hci_register_dev is called or 255 255 + * during the hdev->setup vendor callback. 256 256 + */ 257 257 + HCI_QUIRK_BROKEN_READ_TRANSMIT_POWER, 249 258 }; 250 259 251 260 /* HCI device flags */ ··· 341 332 HCI_FORCE_NO_MITM, 342 333 HCI_QUALITY_REPORT, 343 334 HCI_OFFLOAD_CODECS_ENABLED, 335 335 + HCI_LE_SIMULTANEOUS_ROLES, 344 336 345 337 __HCI_NUM_FLAGS, 346 338 }; ··· 1057 1047 } __packed; 1058 1048 struct hci_rp_read_stored_link_key { 1059 1049 __u8 status; 1060 1060 - __u8 max_keys; 1061 1061 - __u8 num_keys; 1050 1050 + __le16 max_keys; 1051 1051 + __le16 num_keys; 1062 1052 } __packed; 1063 1053 1064 1054 #define HCI_OP_DELETE_STORED_LINK_KEY 0x0c12 ··· 1068 1058 } __packed; 1069 1059 struct hci_rp_delete_stored_link_key { 1070 1060 __u8 status; 1071 1071 - __u8 num_keys; 1061 1061 + __le16 num_keys; 1072 1062 } __packed; 1073 1063 1074 1064 #define HCI_MAX_NAME_LENGTH 248 ··· 1941 1931 __s8 max_le_tx_power; 1942 1932 } __packed; 1943 1933 1934 1934 + #define HCI_NETWORK_PRIVACY 0x00 1935 1935 + #define HCI_DEVICE_PRIVACY 0x01 1936 1936 + 1937 1937 + #define HCI_OP_LE_SET_PRIVACY_MODE 0x204e 1938 1938 + struct hci_cp_le_set_privacy_mode { 1939 1939 + __u8 bdaddr_type; 1940 1940 + bdaddr_t bdaddr; 1941 1941 + __u8 mode; 1942 1942 + } __packed; 1943 1943 + 1944 1944 #define HCI_OP_LE_READ_BUFFER_SIZE_V2 0x2060 1945 1945 struct hci_rp_le_read_buffer_size_v2 { 1946 1946 __u8 status; ··· 2032 2012 } __packed; 2033 2013 2034 2014 /* ---- HCI Events ---- */ 2015 2015 + struct hci_ev_status { 2016 2016 + __u8 status; 2017 2017 + } __packed; 2018 2018 + 2035 2019 #define HCI_EV_INQUIRY_COMPLETE 0x01 2036 2020 2037 2021 #define HCI_EV_INQUIRY_RESULT 0x02 ··· 2047 2023 __u8 dev_class[3]; 2048 2024 __le16 clock_offset; 2049 2025 } __packed; 2026 2026 + 2027 2027 + struct hci_ev_inquiry_result { 2028 2028 + __u8 num; 2029 2029 + struct inquiry_info info[]; 2030 2030 + }; 2050 2031 2051 2032 #define HCI_EV_CONN_COMPLETE 0x03 2052 2033 struct hci_ev_conn_complete { ··· 2164 2135 } __packed; 2165 2136 2166 2137 struct hci_ev_num_comp_pkts { 2167 2167 - __u8 num_hndl; 2138 2138 + __u8 num; 2168 2139 struct hci_comp_pkts_info handles[]; 2169 2140 } __packed; 2170 2141 ··· 2214 2185 } __packed; 2215 2186 2216 2187 #define HCI_EV_INQUIRY_RESULT_WITH_RSSI 0x22 2217 2217 - struct inquiry_info_with_rssi { 2188 2188 + struct inquiry_info_rssi { 2218 2189 bdaddr_t bdaddr; 2219 2190 __u8 pscan_rep_mode; 2220 2191 __u8 pscan_period_mode; ··· 2222 2193 __le16 clock_offset; 2223 2194 __s8 rssi; 2224 2195 } __packed; 2225 2225 - struct inquiry_info_with_rssi_and_pscan_mode { 2196 2196 + struct inquiry_info_rssi_pscan { 2226 2197 bdaddr_t bdaddr; 2227 2198 __u8 pscan_rep_mode; 2228 2199 __u8 pscan_period_mode; ··· 2230 2201 __u8 dev_class[3]; 2231 2202 __le16 clock_offset; 2232 2203 __s8 rssi; 2204 2204 + } __packed; 2205 2205 + struct hci_ev_inquiry_result_rssi { 2206 2206 + __u8 num; 2207 2207 + struct inquiry_info_rssi info[]; 2208 2208 + } __packed; 2209 2209 + struct hci_ev_inquiry_result_rssi_pscan { 2210 2210 + __u8 num; 2211 2211 + struct inquiry_info_rssi_pscan info[]; 2233 2212 } __packed; 2234 2213 2235 2214 #define HCI_EV_REMOTE_EXT_FEATURES 0x23 ··· 2291 2254 __le16 clock_offset; 2292 2255 __s8 rssi; 2293 2256 __u8 data[240]; 2257 2257 + } __packed; 2258 2258 + 2259 2259 + struct hci_ev_ext_inquiry_result { 2260 2260 + __u8 num; 2261 2261 + struct extended_inquiry_info info[]; 2294 2262 } __packed; 2295 2263 2296 2264 #define HCI_EV_KEY_REFRESH_COMPLETE 0x30 ··· 2465 2423 2466 2424 #define HCI_EV_LE_ADVERTISING_REPORT 0x02 2467 2425 struct hci_ev_le_advertising_info { 2468 2468 - __u8 evt_type; 2426 2426 + __u8 type; 2469 2427 __u8 bdaddr_type; 2470 2428 bdaddr_t bdaddr; 2471 2429 __u8 length; 2472 2430 __u8 data[]; 2431 2431 + } __packed; 2432 2432 + 2433 2433 + struct hci_ev_le_advertising_report { 2434 2434 + __u8 num; 2435 2435 + struct hci_ev_le_advertising_info info[]; 2473 2436 } __packed; 2474 2437 2475 2438 #define HCI_EV_LE_CONN_UPDATE_COMPLETE 0x03 ··· 2520 2473 2521 2474 #define HCI_EV_LE_DIRECT_ADV_REPORT 0x0B 2522 2475 struct hci_ev_le_direct_adv_info { 2523 2523 - __u8 evt_type; 2476 2476 + __u8 type; 2524 2477 __u8 bdaddr_type; 2525 2478 bdaddr_t bdaddr; 2526 2479 __u8 direct_addr_type; 2527 2480 bdaddr_t direct_addr; 2528 2481 __s8 rssi; 2482 2482 + } __packed; 2483 2483 + 2484 2484 + struct hci_ev_le_direct_adv_report { 2485 2485 + __u8 num; 2486 2486 + struct hci_ev_le_direct_adv_info info[]; 2529 2487 } __packed; 2530 2488 2531 2489 #define HCI_EV_LE_PHY_UPDATE_COMPLETE 0x0c ··· 2542 2490 } __packed; 2543 2491 2544 2492 #define HCI_EV_LE_EXT_ADV_REPORT 0x0d 2545 2545 - struct hci_ev_le_ext_adv_report { 2546 2546 - __le16 evt_type; 2493 2493 + struct hci_ev_le_ext_adv_info { 2494 2494 + __le16 type; 2547 2495 __u8 bdaddr_type; 2548 2496 bdaddr_t bdaddr; 2549 2497 __u8 primary_phy; ··· 2551 2499 __u8 sid; 2552 2500 __u8 tx_power; 2553 2501 __s8 rssi; 2554 2554 - __le16 interval; 2555 2555 - __u8 direct_addr_type; 2502 2502 + __le16 interval; 2503 2503 + __u8 direct_addr_type; 2556 2504 bdaddr_t direct_addr; 2557 2557 - __u8 length; 2558 2558 - __u8 data[]; 2505 2505 + __u8 length; 2506 2506 + __u8 data[]; 2507 2507 + } __packed; 2508 2508 + 2509 2509 + struct hci_ev_le_ext_adv_report { 2510 2510 + __u8 num; 2511 2511 + struct hci_ev_le_ext_adv_info info[]; 2559 2512 } __packed; 2560 2513 2561 2514 #define HCI_EV_LE_ENHANCED_CONN_COMPLETE 0x0a

+30 -16

include/net/bluetooth/hci_core.h

reviewed

··· 88 88 u8 (*uuids)[16]; 89 89 unsigned long scan_start; 90 90 unsigned long scan_duration; 91 91 + unsigned long name_resolve_timeout; 91 92 }; 92 93 93 94 #define SUSPEND_NOTIFIER_TIMEOUT msecs_to_jiffies(2000) /* 2 seconds */ ··· 152 151 u8 local_irk[16]; 153 152 }; 154 153 154 154 + enum hci_conn_flags { 155 155 + HCI_CONN_FLAG_REMOTE_WAKEUP, 156 156 + HCI_CONN_FLAG_DEVICE_PRIVACY, 157 157 + 158 158 + __HCI_CONN_NUM_FLAGS, 159 159 + }; 160 160 + 161 161 + /* Make sure number of flags doesn't exceed sizeof(current_flags) */ 162 162 + static_assert(__HCI_CONN_NUM_FLAGS < 32); 163 163 + 155 164 struct bdaddr_list_with_flags { 156 165 struct list_head list; 157 166 bdaddr_t bdaddr; 158 167 u8 bdaddr_type; 159 159 - u32 current_flags; 168 168 + DECLARE_BITMAP(flags, __HCI_CONN_NUM_FLAGS); 160 169 }; 161 161 - 162 162 - enum hci_conn_flags { 163 163 - HCI_CONN_FLAG_REMOTE_WAKEUP, 164 164 - HCI_CONN_FLAG_MAX 165 165 - }; 166 166 - 167 167 - #define hci_conn_test_flag(nr, flags) ((flags) & (1U << nr)) 168 168 - 169 169 - /* Make sure number of flags doesn't exceed sizeof(current_flags) */ 170 170 - static_assert(HCI_CONN_FLAG_MAX < 32); 171 170 172 171 struct bt_uuid { 173 172 struct list_head list; ··· 353 352 __u16 lmp_subver; 354 353 __u16 voice_setting; 355 354 __u8 num_iac; 356 356 - __u8 stored_max_keys; 357 357 - __u8 stored_num_keys; 355 355 + __u16 stored_max_keys; 356 356 + __u16 stored_num_keys; 358 357 __u8 io_capability; 359 358 __s8 inq_tx_power; 360 359 __u8 err_data_reporting; ··· 480 479 struct work_struct cmd_sync_work; 481 480 struct list_head cmd_sync_work_list; 482 481 struct mutex cmd_sync_work_lock; 482 482 + struct work_struct cmd_sync_cancel_work; 483 483 484 484 __u16 discov_timeout; 485 485 struct delayed_work discov_off; ··· 561 559 struct rfkill *rfkill; 562 560 563 561 DECLARE_BITMAP(dev_flags, __HCI_NUM_FLAGS); 562 562 + DECLARE_BITMAP(conn_flags, __HCI_CONN_NUM_FLAGS); 564 563 565 564 __s8 adv_tx_power; 566 565 __u8 adv_data[HCI_MAX_EXT_AD_LENGTH]; ··· 757 754 758 755 struct hci_conn *conn; 759 756 bool explicit_connect; 760 760 - u32 current_flags; 757 757 + DECLARE_BITMAP(flags, __HCI_CONN_NUM_FLAGS); 758 758 + u8 privacy_mode; 761 759 }; 762 760 763 761 extern struct list_head hci_dev_list; ··· 782 778 hci_dev_clear_flag(hdev, HCI_PERIODIC_INQ); \ 783 779 hci_dev_clear_flag(hdev, HCI_QUALITY_REPORT); \ 784 780 } while (0) 781 781 + 782 782 + #define hci_dev_le_state_simultaneous(hdev) \ 783 783 + (test_bit(HCI_QUIRK_VALID_LE_STATES, &hdev->quirks) && \ 784 784 + (hdev->le_states[4] & 0x08) && /* Central */ \ 785 785 + (hdev->le_states[4] & 0x40) && /* Peripheral */ \ 786 786 + (hdev->le_states[3] & 0x10)) /* Simultaneous */ 785 787 786 788 /* ----- HCI interface to upper protocols ----- */ 787 789 int l2cap_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr); ··· 1127 1117 enum conn_reasons conn_reason); 1128 1118 struct hci_conn *hci_connect_le(struct hci_dev *hdev, bdaddr_t *dst, 1129 1119 u8 dst_type, bool dst_resolved, u8 sec_level, 1130 1130 - u16 conn_timeout, u8 role, 1131 1131 - bdaddr_t *direct_rpa); 1120 1120 + u16 conn_timeout, u8 role); 1132 1121 struct hci_conn *hci_connect_acl(struct hci_dev *hdev, bdaddr_t *dst, 1133 1122 u8 sec_level, u8 auth_type, 1134 1123 enum conn_reasons conn_reason); ··· 1474 1465 #define use_ll_privacy(dev) (ll_privacy_capable(dev) && \ 1475 1466 hci_dev_test_flag(dev, HCI_ENABLE_LL_PRIVACY)) 1476 1467 1468 1468 + #define privacy_mode_capable(dev) (use_ll_privacy(dev) && \ 1469 1469 + (hdev->commands[39] & 0x04)) 1470 1470 + 1477 1471 /* Use enhanced synchronous connection if command is supported */ 1478 1472 #define enhanced_sco_capable(dev) ((dev)->commands[29] & 0x08) 1479 1473 ··· 1770 1758 #define DISCOV_LE_RESTART_DELAY msecs_to_jiffies(200) /* msec */ 1771 1759 #define DISCOV_LE_FAST_ADV_INT_MIN 0x00A0 /* 100 msec */ 1772 1760 #define DISCOV_LE_FAST_ADV_INT_MAX 0x00F0 /* 150 msec */ 1761 1761 + 1762 1762 + #define NAME_RESOLVE_DURATION msecs_to_jiffies(10240) /* 10.24 sec */ 1773 1763 1774 1764 void mgmt_fill_version_info(void *ver); 1775 1765 int mgmt_new_settings(struct hci_dev *hdev);

+6

include/net/bluetooth/hci_sync.h

reviewed

··· 37 37 38 38 void hci_cmd_sync_init(struct hci_dev *hdev); 39 39 void hci_cmd_sync_clear(struct hci_dev *hdev); 40 40 + void hci_cmd_sync_cancel(struct hci_dev *hdev, int err); 41 41 + void __hci_cmd_sync_cancel(struct hci_dev *hdev, int err); 40 42 41 43 int hci_cmd_sync_queue(struct hci_dev *hdev, hci_cmd_sync_work_func_t func, 42 44 void *data, hci_cmd_sync_work_destroy_t destroy); ··· 102 100 103 101 int hci_suspend_sync(struct hci_dev *hdev); 104 102 int hci_resume_sync(struct hci_dev *hdev); 103 103 + 104 104 + struct hci_conn; 105 105 + 106 106 + int hci_le_create_conn_sync(struct hci_dev *hdev, struct hci_conn *conn);

+5 -4

include/net/bluetooth/mgmt.h

reviewed

··· 936 936 __u8 status; 937 937 } __packed; 938 938 939 939 - #define MGMT_DEV_FOUND_CONFIRM_NAME 0x01 940 940 - #define MGMT_DEV_FOUND_LEGACY_PAIRING 0x02 941 941 - #define MGMT_DEV_FOUND_NOT_CONNECTABLE 0x04 942 942 - #define MGMT_DEV_FOUND_INITIATED_CONN 0x08 939 939 + #define MGMT_DEV_FOUND_CONFIRM_NAME 0x01 940 940 + #define MGMT_DEV_FOUND_LEGACY_PAIRING 0x02 941 941 + #define MGMT_DEV_FOUND_NOT_CONNECTABLE 0x04 942 942 + #define MGMT_DEV_FOUND_INITIATED_CONN 0x08 943 943 + #define MGMT_DEV_FOUND_NAME_REQUEST_FAILED 0x10 943 944 944 945 #define MGMT_EV_DEVICE_FOUND 0x0012 945 946 struct mgmt_ev_device_found {

+14 -291

net/bluetooth/hci_conn.c

reviewed

··· 911 911 hci_enable_advertising(hdev); 912 912 } 913 913 914 914 - static void create_le_conn_complete(struct hci_dev *hdev, u8 status, u16 opcode) 914 914 + static void create_le_conn_complete(struct hci_dev *hdev, void *data, int err) 915 915 { 916 916 - struct hci_conn *conn; 916 916 + struct hci_conn *conn = data; 917 917 918 918 hci_dev_lock(hdev); 919 919 920 920 - conn = hci_lookup_le_connect(hdev); 921 921 - 922 922 - if (hdev->adv_instance_cnt) 923 923 - hci_req_resume_adv_instances(hdev); 924 924 - 925 925 - if (!status) { 920 920 + if (!err) { 926 921 hci_connect_le_scan_cleanup(conn); 927 922 goto done; 928 923 } 929 924 930 930 - bt_dev_err(hdev, "request failed to create LE connection: " 931 931 - "status 0x%2.2x", status); 925 925 + bt_dev_err(hdev, "request failed to create LE connection: err %d", err); 932 926 933 927 if (!conn) 934 928 goto done; 935 929 936 936 - hci_le_conn_failed(conn, status); 930 930 + hci_le_conn_failed(conn, err); 937 931 938 932 done: 939 933 hci_dev_unlock(hdev); 940 934 } 941 935 942 942 - static bool conn_use_rpa(struct hci_conn *conn) 936 936 + static int hci_connect_le_sync(struct hci_dev *hdev, void *data) 943 937 { 944 944 - struct hci_dev *hdev = conn->hdev; 938 938 + struct hci_conn *conn = data; 945 939 946 946 - return hci_dev_test_flag(hdev, HCI_PRIVACY); 947 947 - } 940 940 + bt_dev_dbg(hdev, "conn %p", conn); 948 941 949 949 - static void set_ext_conn_params(struct hci_conn *conn, 950 950 - struct hci_cp_le_ext_conn_param *p) 951 951 - { 952 952 - struct hci_dev *hdev = conn->hdev; 953 953 - 954 954 - memset(p, 0, sizeof(*p)); 955 955 - 956 956 - p->scan_interval = cpu_to_le16(hdev->le_scan_int_connect); 957 957 - p->scan_window = cpu_to_le16(hdev->le_scan_window_connect); 958 958 - p->conn_interval_min = cpu_to_le16(conn->le_conn_min_interval); 959 959 - p->conn_interval_max = cpu_to_le16(conn->le_conn_max_interval); 960 960 - p->conn_latency = cpu_to_le16(conn->le_conn_latency); 961 961 - p->supervision_timeout = cpu_to_le16(conn->le_supv_timeout); 962 962 - p->min_ce_len = cpu_to_le16(0x0000); 963 963 - p->max_ce_len = cpu_to_le16(0x0000); 964 964 - } 965 965 - 966 966 - static void hci_req_add_le_create_conn(struct hci_request *req, 967 967 - struct hci_conn *conn, 968 968 - bdaddr_t *direct_rpa) 969 969 - { 970 970 - struct hci_dev *hdev = conn->hdev; 971 971 - u8 own_addr_type; 972 972 - 973 973 - /* If direct address was provided we use it instead of current 974 974 - * address. 975 975 - */ 976 976 - if (direct_rpa) { 977 977 - if (bacmp(&req->hdev->random_addr, direct_rpa)) 978 978 - hci_req_add(req, HCI_OP_LE_SET_RANDOM_ADDR, 6, 979 979 - direct_rpa); 980 980 - 981 981 - /* direct address is always RPA */ 982 982 - own_addr_type = ADDR_LE_DEV_RANDOM; 983 983 - } else { 984 984 - /* Update random address, but set require_privacy to false so 985 985 - * that we never connect with an non-resolvable address. 986 986 - */ 987 987 - if (hci_update_random_address(req, false, conn_use_rpa(conn), 988 988 - &own_addr_type)) 989 989 - return; 990 990 - } 991 991 - 992 992 - if (use_ext_conn(hdev)) { 993 993 - struct hci_cp_le_ext_create_conn *cp; 994 994 - struct hci_cp_le_ext_conn_param *p; 995 995 - u8 data[sizeof(*cp) + sizeof(*p) * 3]; 996 996 - u32 plen; 997 997 - 998 998 - cp = (void *) data; 999 999 - p = (void *) cp->data; 1000 1000 - 1001 1001 - memset(cp, 0, sizeof(*cp)); 1002 1002 - 1003 1003 - bacpy(&cp->peer_addr, &conn->dst); 1004 1004 - cp->peer_addr_type = conn->dst_type; 1005 1005 - cp->own_addr_type = own_addr_type; 1006 1006 - 1007 1007 - plen = sizeof(*cp); 1008 1008 - 1009 1009 - if (scan_1m(hdev)) { 1010 1010 - cp->phys |= LE_SCAN_PHY_1M; 1011 1011 - set_ext_conn_params(conn, p); 1012 1012 - 1013 1013 - p++; 1014 1014 - plen += sizeof(*p); 1015 1015 - } 1016 1016 - 1017 1017 - if (scan_2m(hdev)) { 1018 1018 - cp->phys |= LE_SCAN_PHY_2M; 1019 1019 - set_ext_conn_params(conn, p); 1020 1020 - 1021 1021 - p++; 1022 1022 - plen += sizeof(*p); 1023 1023 - } 1024 1024 - 1025 1025 - if (scan_coded(hdev)) { 1026 1026 - cp->phys |= LE_SCAN_PHY_CODED; 1027 1027 - set_ext_conn_params(conn, p); 1028 1028 - 1029 1029 - plen += sizeof(*p); 1030 1030 - } 1031 1031 - 1032 1032 - hci_req_add(req, HCI_OP_LE_EXT_CREATE_CONN, plen, data); 1033 1033 - 1034 1034 - } else { 1035 1035 - struct hci_cp_le_create_conn cp; 1036 1036 - 1037 1037 - memset(&cp, 0, sizeof(cp)); 1038 1038 - 1039 1039 - cp.scan_interval = cpu_to_le16(hdev->le_scan_int_connect); 1040 1040 - cp.scan_window = cpu_to_le16(hdev->le_scan_window_connect); 1041 1041 - 1042 1042 - bacpy(&cp.peer_addr, &conn->dst); 1043 1043 - cp.peer_addr_type = conn->dst_type; 1044 1044 - cp.own_address_type = own_addr_type; 1045 1045 - cp.conn_interval_min = cpu_to_le16(conn->le_conn_min_interval); 1046 1046 - cp.conn_interval_max = cpu_to_le16(conn->le_conn_max_interval); 1047 1047 - cp.conn_latency = cpu_to_le16(conn->le_conn_latency); 1048 1048 - cp.supervision_timeout = cpu_to_le16(conn->le_supv_timeout); 1049 1049 - cp.min_ce_len = cpu_to_le16(0x0000); 1050 1050 - cp.max_ce_len = cpu_to_le16(0x0000); 1051 1051 - 1052 1052 - hci_req_add(req, HCI_OP_LE_CREATE_CONN, sizeof(cp), &cp); 1053 1053 - } 1054 1054 - 1055 1055 - conn->state = BT_CONNECT; 1056 1056 - clear_bit(HCI_CONN_SCANNING, &conn->flags); 1057 1057 - } 1058 1058 - 1059 1059 - static void hci_req_directed_advertising(struct hci_request *req, 1060 1060 - struct hci_conn *conn) 1061 1061 - { 1062 1062 - struct hci_dev *hdev = req->hdev; 1063 1063 - u8 own_addr_type; 1064 1064 - u8 enable; 1065 1065 - 1066 1066 - if (ext_adv_capable(hdev)) { 1067 1067 - struct hci_cp_le_set_ext_adv_params cp; 1068 1068 - bdaddr_t random_addr; 1069 1069 - 1070 1070 - /* Set require_privacy to false so that the remote device has a 1071 1071 - * chance of identifying us. 1072 1072 - */ 1073 1073 - if (hci_get_random_address(hdev, false, conn_use_rpa(conn), NULL, 1074 1074 - &own_addr_type, &random_addr) < 0) 1075 1075 - return; 1076 1076 - 1077 1077 - memset(&cp, 0, sizeof(cp)); 1078 1078 - 1079 1079 - cp.evt_properties = cpu_to_le16(LE_LEGACY_ADV_DIRECT_IND); 1080 1080 - cp.own_addr_type = own_addr_type; 1081 1081 - cp.channel_map = hdev->le_adv_channel_map; 1082 1082 - cp.tx_power = HCI_TX_POWER_INVALID; 1083 1083 - cp.primary_phy = HCI_ADV_PHY_1M; 1084 1084 - cp.secondary_phy = HCI_ADV_PHY_1M; 1085 1085 - cp.handle = 0; /* Use instance 0 for directed adv */ 1086 1086 - cp.own_addr_type = own_addr_type; 1087 1087 - cp.peer_addr_type = conn->dst_type; 1088 1088 - bacpy(&cp.peer_addr, &conn->dst); 1089 1089 - 1090 1090 - /* As per Core Spec 5.2 Vol 2, PART E, Sec 7.8.53, for 1091 1091 - * advertising_event_property LE_LEGACY_ADV_DIRECT_IND 1092 1092 - * does not supports advertising data when the advertising set already 1093 1093 - * contains some, the controller shall return erroc code 'Invalid 1094 1094 - * HCI Command Parameters(0x12). 1095 1095 - * So it is required to remove adv set for handle 0x00. since we use 1096 1096 - * instance 0 for directed adv. 1097 1097 - */ 1098 1098 - __hci_req_remove_ext_adv_instance(req, cp.handle); 1099 1099 - 1100 1100 - hci_req_add(req, HCI_OP_LE_SET_EXT_ADV_PARAMS, sizeof(cp), &cp); 1101 1101 - 1102 1102 - if (own_addr_type == ADDR_LE_DEV_RANDOM && 1103 1103 - bacmp(&random_addr, BDADDR_ANY) && 1104 1104 - bacmp(&random_addr, &hdev->random_addr)) { 1105 1105 - struct hci_cp_le_set_adv_set_rand_addr cp; 1106 1106 - 1107 1107 - memset(&cp, 0, sizeof(cp)); 1108 1108 - 1109 1109 - cp.handle = 0; 1110 1110 - bacpy(&cp.bdaddr, &random_addr); 1111 1111 - 1112 1112 - hci_req_add(req, 1113 1113 - HCI_OP_LE_SET_ADV_SET_RAND_ADDR, 1114 1114 - sizeof(cp), &cp); 1115 1115 - } 1116 1116 - 1117 1117 - __hci_req_enable_ext_advertising(req, 0x00); 1118 1118 - } else { 1119 1119 - struct hci_cp_le_set_adv_param cp; 1120 1120 - 1121 1121 - /* Clear the HCI_LE_ADV bit temporarily so that the 1122 1122 - * hci_update_random_address knows that it's safe to go ahead 1123 1123 - * and write a new random address. The flag will be set back on 1124 1124 - * as soon as the SET_ADV_ENABLE HCI command completes. 1125 1125 - */ 1126 1126 - hci_dev_clear_flag(hdev, HCI_LE_ADV); 1127 1127 - 1128 1128 - /* Set require_privacy to false so that the remote device has a 1129 1129 - * chance of identifying us. 1130 1130 - */ 1131 1131 - if (hci_update_random_address(req, false, conn_use_rpa(conn), 1132 1132 - &own_addr_type) < 0) 1133 1133 - return; 1134 1134 - 1135 1135 - memset(&cp, 0, sizeof(cp)); 1136 1136 - 1137 1137 - /* Some controllers might reject command if intervals are not 1138 1138 - * within range for undirected advertising. 1139 1139 - * BCM20702A0 is known to be affected by this. 1140 1140 - */ 1141 1141 - cp.min_interval = cpu_to_le16(0x0020); 1142 1142 - cp.max_interval = cpu_to_le16(0x0020); 1143 1143 - 1144 1144 - cp.type = LE_ADV_DIRECT_IND; 1145 1145 - cp.own_address_type = own_addr_type; 1146 1146 - cp.direct_addr_type = conn->dst_type; 1147 1147 - bacpy(&cp.direct_addr, &conn->dst); 1148 1148 - cp.channel_map = hdev->le_adv_channel_map; 1149 1149 - 1150 1150 - hci_req_add(req, HCI_OP_LE_SET_ADV_PARAM, sizeof(cp), &cp); 1151 1151 - 1152 1152 - enable = 0x01; 1153 1153 - hci_req_add(req, HCI_OP_LE_SET_ADV_ENABLE, sizeof(enable), 1154 1154 - &enable); 1155 1155 - } 1156 1156 - 1157 1157 - conn->state = BT_CONNECT; 942 942 + return hci_le_create_conn_sync(hdev, conn); 1158 943 } 1159 944 1160 945 struct hci_conn *hci_connect_le(struct hci_dev *hdev, bdaddr_t *dst, 1161 946 u8 dst_type, bool dst_resolved, u8 sec_level, 1162 1162 - u16 conn_timeout, u8 role, bdaddr_t *direct_rpa) 947 947 + u16 conn_timeout, u8 role) 1163 948 { 1164 1164 - struct hci_conn_params *params; 1165 949 struct hci_conn *conn; 1166 950 struct smp_irk *irk; 1167 1167 - struct hci_request req; 1168 951 int err; 1169 1169 - 1170 1170 - /* This ensures that during disable le_scan address resolution 1171 1171 - * will not be disabled if it is followed by le_create_conn 1172 1172 - */ 1173 1173 - bool rpa_le_conn = true; 1174 952 1175 953 /* Let's make sure that le is enabled.*/ 1176 954 if (!hci_dev_test_flag(hdev, HCI_LE_ENABLED)) { ··· 1008 1230 conn->sec_level = BT_SECURITY_LOW; 1009 1231 conn->conn_timeout = conn_timeout; 1010 1232 1011 1011 - hci_req_init(&req, hdev); 1233 1233 + conn->state = BT_CONNECT; 1234 1234 + clear_bit(HCI_CONN_SCANNING, &conn->flags); 1012 1235 1013 1013 - /* Disable advertising if we're active. For central role 1014 1014 - * connections most controllers will refuse to connect if 1015 1015 - * advertising is enabled, and for peripheral role connections we 1016 1016 - * anyway have to disable it in order to start directed 1017 1017 - * advertising. Any registered advertisements will be 1018 1018 - * re-enabled after the connection attempt is finished. 1019 1019 - */ 1020 1020 - if (hci_dev_test_flag(hdev, HCI_LE_ADV)) 1021 1021 - __hci_req_pause_adv_instances(&req); 1022 1022 - 1023 1023 - /* If requested to connect as peripheral use directed advertising */ 1024 1024 - if (conn->role == HCI_ROLE_SLAVE) { 1025 1025 - /* If we're active scanning most controllers are unable 1026 1026 - * to initiate advertising. Simply reject the attempt. 1027 1027 - */ 1028 1028 - if (hci_dev_test_flag(hdev, HCI_LE_SCAN) && 1029 1029 - hdev->le_scan_type == LE_SCAN_ACTIVE) { 1030 1030 - hci_req_purge(&req); 1031 1031 - hci_conn_del(conn); 1032 1032 - return ERR_PTR(-EBUSY); 1033 1033 - } 1034 1034 - 1035 1035 - hci_req_directed_advertising(&req, conn); 1036 1036 - goto create_conn; 1037 1037 - } 1038 1038 - 1039 1039 - params = hci_conn_params_lookup(hdev, &conn->dst, conn->dst_type); 1040 1040 - if (params) { 1041 1041 - conn->le_conn_min_interval = params->conn_min_interval; 1042 1042 - conn->le_conn_max_interval = params->conn_max_interval; 1043 1043 - conn->le_conn_latency = params->conn_latency; 1044 1044 - conn->le_supv_timeout = params->supervision_timeout; 1045 1045 - } else { 1046 1046 - conn->le_conn_min_interval = hdev->le_conn_min_interval; 1047 1047 - conn->le_conn_max_interval = hdev->le_conn_max_interval; 1048 1048 - conn->le_conn_latency = hdev->le_conn_latency; 1049 1049 - conn->le_supv_timeout = hdev->le_supv_timeout; 1050 1050 - } 1051 1051 - 1052 1052 - /* If controller is scanning, we stop it since some controllers are 1053 1053 - * not able to scan and connect at the same time. Also set the 1054 1054 - * HCI_LE_SCAN_INTERRUPTED flag so that the command complete 1055 1055 - * handler for scan disabling knows to set the correct discovery 1056 1056 - * state. 1057 1057 - */ 1058 1058 - if (hci_dev_test_flag(hdev, HCI_LE_SCAN)) { 1059 1059 - hci_req_add_le_scan_disable(&req, rpa_le_conn); 1060 1060 - hci_dev_set_flag(hdev, HCI_LE_SCAN_INTERRUPTED); 1061 1061 - } 1062 1062 - 1063 1063 - hci_req_add_le_create_conn(&req, conn, direct_rpa); 1064 1064 - 1065 1065 - create_conn: 1066 1066 - err = hci_req_run(&req, create_le_conn_complete); 1236 1236 + err = hci_cmd_sync_queue(hdev, hci_connect_le_sync, conn, 1237 1237 + create_le_conn_complete); 1067 1238 if (err) { 1068 1239 hci_conn_del(conn); 1069 1069 - 1070 1070 - if (hdev->adv_instance_cnt) 1071 1071 - hci_req_resume_adv_instances(hdev); 1072 1072 - 1073 1240 return ERR_PTR(err); 1074 1241 } 1075 1242

+18 -4

net/bluetooth/hci_core.c

reviewed

··· 2153 2153 2154 2154 bacpy(&entry->bdaddr, bdaddr); 2155 2155 entry->bdaddr_type = type; 2156 2156 - entry->current_flags = flags; 2156 2156 + bitmap_from_u64(entry->flags, flags); 2157 2157 2158 2158 list_add(&entry->list, list); 2159 2159 ··· 2629 2629 if (test_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks)) 2630 2630 hci_dev_set_flag(hdev, HCI_UNCONFIGURED); 2631 2631 2632 2632 + /* Mark Remote Wakeup connection flag as supported if driver has wakeup 2633 2633 + * callback. 2634 2634 + */ 2635 2635 + if (hdev->wakeup) 2636 2636 + set_bit(HCI_CONN_FLAG_REMOTE_WAKEUP, hdev->conn_flags); 2637 2637 + 2632 2638 hci_sock_dev_event(hdev, HCI_DEV_REG); 2633 2639 hci_dev_hold(hdev); 2634 2640 ··· 2912 2906 } 2913 2907 EXPORT_SYMBOL(hci_unregister_cb); 2914 2908 2915 2915 - static void hci_send_frame(struct hci_dev *hdev, struct sk_buff *skb) 2909 2909 + static int hci_send_frame(struct hci_dev *hdev, struct sk_buff *skb) 2916 2910 { 2917 2911 int err; 2918 2912 ··· 2935 2929 2936 2930 if (!test_bit(HCI_RUNNING, &hdev->flags)) { 2937 2931 kfree_skb(skb); 2938 2938 - return; 2932 2932 + return -EINVAL; 2939 2933 } 2940 2934 2941 2935 err = hdev->send(hdev, skb); 2942 2936 if (err < 0) { 2943 2937 bt_dev_err(hdev, "sending frame failed (%d)", err); 2944 2938 kfree_skb(skb); 2939 2939 + return err; 2945 2940 } 2941 2941 + 2942 2942 + return 0; 2946 2943 } 2947 2944 2948 2945 /* Send HCI command */ ··· 3852 3843 3853 3844 hdev->sent_cmd = skb_clone(skb, GFP_KERNEL); 3854 3845 if (hdev->sent_cmd) { 3846 3846 + int res; 3855 3847 if (hci_req_status_pend(hdev)) 3856 3848 hci_dev_set_flag(hdev, HCI_CMD_PENDING); 3857 3849 atomic_dec(&hdev->cmd_cnt); 3858 3858 - hci_send_frame(hdev, skb); 3850 3850 + 3851 3851 + res = hci_send_frame(hdev, skb); 3852 3852 + if (res < 0) 3853 3853 + __hci_cmd_sync_cancel(hdev, -res); 3854 3854 + 3859 3855 if (test_bit(HCI_RESET, &hdev->flags)) 3860 3856 cancel_delayed_work(&hdev->cmd_timer); 3861 3857 else

+1716 -1459

net/bluetooth/hci_event.c

reviewed

··· 45 45 46 46 /* Handle HCI Event packets */ 47 47 48 48 - static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb, 49 49 - u8 *new_status) 48 48 + static void *hci_ev_skb_pull(struct hci_dev *hdev, struct sk_buff *skb, 49 49 + u8 ev, size_t len) 50 50 { 51 51 - __u8 status = *((__u8 *) skb->data); 51 51 + void *data; 52 52 53 53 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 53 53 + data = skb_pull_data(skb, len); 54 54 + if (!data) 55 55 + bt_dev_err(hdev, "Malformed Event: 0x%2.2x", ev); 56 56 + 57 57 + return data; 58 58 + } 59 59 + 60 60 + static void *hci_cc_skb_pull(struct hci_dev *hdev, struct sk_buff *skb, 61 61 + u16 op, size_t len) 62 62 + { 63 63 + void *data; 64 64 + 65 65 + data = skb_pull_data(skb, len); 66 66 + if (!data) 67 67 + bt_dev_err(hdev, "Malformed Command Complete: 0x%4.4x", op); 68 68 + 69 69 + return data; 70 70 + } 71 71 + 72 72 + static void *hci_le_ev_skb_pull(struct hci_dev *hdev, struct sk_buff *skb, 73 73 + u8 ev, size_t len) 74 74 + { 75 75 + void *data; 76 76 + 77 77 + data = skb_pull_data(skb, len); 78 78 + if (!data) 79 79 + bt_dev_err(hdev, "Malformed LE Event: 0x%2.2x", ev); 80 80 + 81 81 + return data; 82 82 + } 83 83 + 84 84 + static u8 hci_cc_inquiry_cancel(struct hci_dev *hdev, void *data, 85 85 + struct sk_buff *skb) 86 86 + { 87 87 + struct hci_ev_status *rp = data; 88 88 + 89 89 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 54 90 55 91 /* It is possible that we receive Inquiry Complete event right 56 92 * before we receive Inquiry Cancel Command Complete event, in ··· 95 59 * we actually achieve what Inquiry Cancel wants to achieve, 96 60 * which is to end the last Inquiry session. 97 61 */ 98 98 - if (status == 0x0c && !test_bit(HCI_INQUIRY, &hdev->flags)) { 62 62 + if (rp->status == 0x0c && !test_bit(HCI_INQUIRY, &hdev->flags)) { 99 63 bt_dev_warn(hdev, "Ignoring error of Inquiry Cancel command"); 100 100 - status = 0x00; 64 64 + rp->status = 0x00; 101 65 } 102 66 103 103 - *new_status = status; 104 104 - 105 105 - if (status) 106 106 - return; 67 67 + if (rp->status) 68 68 + return rp->status; 107 69 108 70 clear_bit(HCI_INQUIRY, &hdev->flags); 109 71 smp_mb__after_atomic(); /* wake_up_bit advises about this barrier */ ··· 117 83 hci_dev_unlock(hdev); 118 84 119 85 hci_conn_check_pending(hdev); 86 86 + 87 87 + return rp->status; 120 88 } 121 89 122 122 - static void hci_cc_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb) 90 90 + static u8 hci_cc_periodic_inq(struct hci_dev *hdev, void *data, 91 91 + struct sk_buff *skb) 123 92 { 124 124 - __u8 status = *((__u8 *) skb->data); 93 93 + struct hci_ev_status *rp = data; 125 94 126 126 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 95 95 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 127 96 128 128 - if (status) 129 129 - return; 97 97 + if (rp->status) 98 98 + return rp->status; 130 99 131 100 hci_dev_set_flag(hdev, HCI_PERIODIC_INQ); 101 101 + 102 102 + return rp->status; 132 103 } 133 104 134 134 - static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb) 105 105 + static u8 hci_cc_exit_periodic_inq(struct hci_dev *hdev, void *data, 106 106 + struct sk_buff *skb) 135 107 { 136 136 - __u8 status = *((__u8 *) skb->data); 108 108 + struct hci_ev_status *rp = data; 137 109 138 138 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 110 110 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 139 111 140 140 - if (status) 141 141 - return; 112 112 + if (rp->status) 113 113 + return rp->status; 142 114 143 115 hci_dev_clear_flag(hdev, HCI_PERIODIC_INQ); 144 116 145 117 hci_conn_check_pending(hdev); 118 118 + 119 119 + return rp->status; 146 120 } 147 121 148 148 - static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, 149 149 - struct sk_buff *skb) 122 122 + static u8 hci_cc_remote_name_req_cancel(struct hci_dev *hdev, void *data, 123 123 + struct sk_buff *skb) 150 124 { 151 151 - BT_DBG("%s", hdev->name); 125 125 + struct hci_ev_status *rp = data; 126 126 + 127 127 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 128 128 + 129 129 + return rp->status; 152 130 } 153 131 154 154 - static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb) 132 132 + static u8 hci_cc_role_discovery(struct hci_dev *hdev, void *data, 133 133 + struct sk_buff *skb) 155 134 { 156 156 - struct hci_rp_role_discovery *rp = (void *) skb->data; 135 135 + struct hci_rp_role_discovery *rp = data; 157 136 struct hci_conn *conn; 158 137 159 159 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 138 138 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 160 139 161 140 if (rp->status) 162 162 - return; 141 141 + return rp->status; 163 142 164 143 hci_dev_lock(hdev); 165 144 ··· 181 134 conn->role = rp->role; 182 135 183 136 hci_dev_unlock(hdev); 137 137 + 138 138 + return rp->status; 184 139 } 185 140 186 186 - static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb) 141 141 + static u8 hci_cc_read_link_policy(struct hci_dev *hdev, void *data, 142 142 + struct sk_buff *skb) 187 143 { 188 188 - struct hci_rp_read_link_policy *rp = (void *) skb->data; 144 144 + struct hci_rp_read_link_policy *rp = data; 189 145 struct hci_conn *conn; 190 146 191 191 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 147 147 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 192 148 193 149 if (rp->status) 194 194 - return; 150 150 + return rp->status; 195 151 196 152 hci_dev_lock(hdev); 197 153 ··· 203 153 conn->link_policy = __le16_to_cpu(rp->policy); 204 154 205 155 hci_dev_unlock(hdev); 156 156 + 157 157 + return rp->status; 206 158 } 207 159 208 208 - static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb) 160 160 + static u8 hci_cc_write_link_policy(struct hci_dev *hdev, void *data, 161 161 + struct sk_buff *skb) 209 162 { 210 210 - struct hci_rp_write_link_policy *rp = (void *) skb->data; 163 163 + struct hci_rp_write_link_policy *rp = data; 211 164 struct hci_conn *conn; 212 165 void *sent; 213 166 214 214 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 167 167 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 215 168 216 169 if (rp->status) 217 217 - return; 170 170 + return rp->status; 218 171 219 172 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY); 220 173 if (!sent) 221 221 - return; 174 174 + return rp->status; 222 175 223 176 hci_dev_lock(hdev); 224 177 ··· 230 177 conn->link_policy = get_unaligned_le16(sent + 2); 231 178 232 179 hci_dev_unlock(hdev); 180 180 + 181 181 + return rp->status; 233 182 } 234 183 235 235 - static void hci_cc_read_def_link_policy(struct hci_dev *hdev, 236 236 - struct sk_buff *skb) 184 184 + static u8 hci_cc_read_def_link_policy(struct hci_dev *hdev, void *data, 185 185 + struct sk_buff *skb) 237 186 { 238 238 - struct hci_rp_read_def_link_policy *rp = (void *) skb->data; 187 187 + struct hci_rp_read_def_link_policy *rp = data; 239 188 240 240 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 189 189 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 241 190 242 191 if (rp->status) 243 243 - return; 192 192 + return rp->status; 244 193 245 194 hdev->link_policy = __le16_to_cpu(rp->policy); 195 195 + 196 196 + return rp->status; 246 197 } 247 198 248 248 - static void hci_cc_write_def_link_policy(struct hci_dev *hdev, 249 249 - struct sk_buff *skb) 199 199 + static u8 hci_cc_write_def_link_policy(struct hci_dev *hdev, void *data, 200 200 + struct sk_buff *skb) 250 201 { 251 251 - __u8 status = *((__u8 *) skb->data); 202 202 + struct hci_ev_status *rp = data; 252 203 void *sent; 253 204 254 254 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 205 205 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 255 206 256 256 - if (status) 257 257 - return; 207 207 + if (rp->status) 208 208 + return rp->status; 258 209 259 210 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY); 260 211 if (!sent) 261 261 - return; 212 212 + return rp->status; 262 213 263 214 hdev->link_policy = get_unaligned_le16(sent); 215 215 + 216 216 + return rp->status; 264 217 } 265 218 266 266 - static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb) 219 219 + static u8 hci_cc_reset(struct hci_dev *hdev, void *data, struct sk_buff *skb) 267 220 { 268 268 - __u8 status = *((__u8 *) skb->data); 221 221 + struct hci_ev_status *rp = data; 269 222 270 270 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 223 223 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 271 224 272 225 clear_bit(HCI_RESET, &hdev->flags); 273 226 274 274 - if (status) 275 275 - return; 227 227 + if (rp->status) 228 228 + return rp->status; 276 229 277 230 /* Reset all non-persistent flags */ 278 231 hci_dev_clear_volatile_flags(hdev); ··· 300 241 301 242 hci_bdaddr_list_clear(&hdev->le_accept_list); 302 243 hci_bdaddr_list_clear(&hdev->le_resolv_list); 244 244 + 245 245 + return rp->status; 303 246 } 304 247 305 305 - static void hci_cc_read_stored_link_key(struct hci_dev *hdev, 306 306 - struct sk_buff *skb) 248 248 + static u8 hci_cc_read_stored_link_key(struct hci_dev *hdev, void *data, 249 249 + struct sk_buff *skb) 307 250 { 308 308 - struct hci_rp_read_stored_link_key *rp = (void *)skb->data; 251 251 + struct hci_rp_read_stored_link_key *rp = data; 309 252 struct hci_cp_read_stored_link_key *sent; 310 253 311 311 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 254 254 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 312 255 313 256 sent = hci_sent_cmd_data(hdev, HCI_OP_READ_STORED_LINK_KEY); 314 257 if (!sent) 315 315 - return; 258 258 + return rp->status; 316 259 317 260 if (!rp->status && sent->read_all == 0x01) { 318 318 - hdev->stored_max_keys = rp->max_keys; 319 319 - hdev->stored_num_keys = rp->num_keys; 261 261 + hdev->stored_max_keys = le16_to_cpu(rp->max_keys); 262 262 + hdev->stored_num_keys = le16_to_cpu(rp->num_keys); 320 263 } 264 264 + 265 265 + return rp->status; 321 266 } 322 267 323 323 - static void hci_cc_delete_stored_link_key(struct hci_dev *hdev, 324 324 - struct sk_buff *skb) 268 268 + static u8 hci_cc_delete_stored_link_key(struct hci_dev *hdev, void *data, 269 269 + struct sk_buff *skb) 325 270 { 326 326 - struct hci_rp_delete_stored_link_key *rp = (void *)skb->data; 271 271 + struct hci_rp_delete_stored_link_key *rp = data; 327 272 328 328 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 273 273 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 329 274 330 275 if (rp->status) 331 331 - return; 276 276 + return rp->status; 332 277 333 278 if (rp->num_keys <= hdev->stored_num_keys) 334 334 - hdev->stored_num_keys -= rp->num_keys; 279 279 + hdev->stored_num_keys -= le16_to_cpu(rp->num_keys); 335 280 else 336 281 hdev->stored_num_keys = 0; 282 282 + 283 283 + return rp->status; 337 284 } 338 285 339 339 - static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb) 286 286 + static u8 hci_cc_write_local_name(struct hci_dev *hdev, void *data, 287 287 + struct sk_buff *skb) 340 288 { 341 341 - __u8 status = *((__u8 *) skb->data); 289 289 + struct hci_ev_status *rp = data; 342 290 void *sent; 343 291 344 344 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 292 292 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 345 293 346 294 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME); 347 295 if (!sent) 348 348 - return; 296 296 + return rp->status; 349 297 350 298 hci_dev_lock(hdev); 351 299 352 300 if (hci_dev_test_flag(hdev, HCI_MGMT)) 353 353 - mgmt_set_local_name_complete(hdev, sent, status); 354 354 - else if (!status) 301 301 + mgmt_set_local_name_complete(hdev, sent, rp->status); 302 302 + else if (!rp->status) 355 303 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH); 356 304 357 305 hci_dev_unlock(hdev); 306 306 + 307 307 + return rp->status; 358 308 } 359 309 360 360 - static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb) 310 310 + static u8 hci_cc_read_local_name(struct hci_dev *hdev, void *data, 311 311 + struct sk_buff *skb) 361 312 { 362 362 - struct hci_rp_read_local_name *rp = (void *) skb->data; 313 313 + struct hci_rp_read_local_name *rp = data; 363 314 364 364 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 315 315 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 365 316 366 317 if (rp->status) 367 367 - return; 318 318 + return rp->status; 368 319 369 320 if (hci_dev_test_flag(hdev, HCI_SETUP) || 370 321 hci_dev_test_flag(hdev, HCI_CONFIG)) 371 322 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH); 323 323 + 324 324 + return rp->status; 372 325 } 373 326 374 374 - static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb) 327 327 + static u8 hci_cc_write_auth_enable(struct hci_dev *hdev, void *data, 328 328 + struct sk_buff *skb) 375 329 { 376 376 - __u8 status = *((__u8 *) skb->data); 330 330 + struct hci_ev_status *rp = data; 377 331 void *sent; 378 332 379 379 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 333 333 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 380 334 381 335 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE); 382 336 if (!sent) 383 383 - return; 337 337 + return rp->status; 384 338 385 339 hci_dev_lock(hdev); 386 340 387 387 - if (!status) { 341 341 + if (!rp->status) { 388 342 __u8 param = *((__u8 *) sent); 389 343 390 344 if (param == AUTH_ENABLED) ··· 407 335 } 408 336 409 337 if (hci_dev_test_flag(hdev, HCI_MGMT)) 410 410 - mgmt_auth_enable_complete(hdev, status); 338 338 + mgmt_auth_enable_complete(hdev, rp->status); 411 339 412 340 hci_dev_unlock(hdev); 341 341 + 342 342 + return rp->status; 413 343 } 414 344 415 415 - static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb) 345 345 + static u8 hci_cc_write_encrypt_mode(struct hci_dev *hdev, void *data, 346 346 + struct sk_buff *skb) 416 347 { 417 417 - __u8 status = *((__u8 *) skb->data); 348 348 + struct hci_ev_status *rp = data; 418 349 __u8 param; 419 350 void *sent; 420 351 421 421 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 352 352 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 422 353 423 423 - if (status) 424 424 - return; 354 354 + if (rp->status) 355 355 + return rp->status; 425 356 426 357 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE); 427 358 if (!sent) 428 428 - return; 359 359 + return rp->status; 429 360 430 361 param = *((__u8 *) sent); 431 362 ··· 436 361 set_bit(HCI_ENCRYPT, &hdev->flags); 437 362 else 438 363 clear_bit(HCI_ENCRYPT, &hdev->flags); 364 364 + 365 365 + return rp->status; 439 366 } 440 367 441 441 - static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb) 368 368 + static u8 hci_cc_write_scan_enable(struct hci_dev *hdev, void *data, 369 369 + struct sk_buff *skb) 442 370 { 443 443 - __u8 status = *((__u8 *) skb->data); 371 371 + struct hci_ev_status *rp = data; 444 372 __u8 param; 445 373 void *sent; 446 374 447 447 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 375 375 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 448 376 449 377 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE); 450 378 if (!sent) 451 451 - return; 379 379 + return rp->status; 452 380 453 381 param = *((__u8 *) sent); 454 382 455 383 hci_dev_lock(hdev); 456 384 457 457 - if (status) { 385 385 + if (rp->status) { 458 386 hdev->discov_timeout = 0; 459 387 goto done; 460 388 } ··· 474 396 475 397 done: 476 398 hci_dev_unlock(hdev); 399 399 + 400 400 + return rp->status; 477 401 } 478 402 479 479 - static void hci_cc_set_event_filter(struct hci_dev *hdev, struct sk_buff *skb) 403 403 + static u8 hci_cc_set_event_filter(struct hci_dev *hdev, void *data, 404 404 + struct sk_buff *skb) 480 405 { 481 481 - __u8 status = *((__u8 *)skb->data); 406 406 + struct hci_ev_status *rp = data; 482 407 struct hci_cp_set_event_filter *cp; 483 408 void *sent; 484 409 485 485 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 410 410 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 486 411 487 487 - if (status) 488 488 - return; 412 412 + if (rp->status) 413 413 + return rp->status; 489 414 490 415 sent = hci_sent_cmd_data(hdev, HCI_OP_SET_EVENT_FLT); 491 416 if (!sent) 492 492 - return; 417 417 + return rp->status; 493 418 494 419 cp = (struct hci_cp_set_event_filter *)sent; 495 420 ··· 500 419 hci_dev_clear_flag(hdev, HCI_EVENT_FILTER_CONFIGURED); 501 420 else 502 421 hci_dev_set_flag(hdev, HCI_EVENT_FILTER_CONFIGURED); 422 422 + 423 423 + return rp->status; 503 424 } 504 425 505 505 - static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb) 426 426 + static u8 hci_cc_read_class_of_dev(struct hci_dev *hdev, void *data, 427 427 + struct sk_buff *skb) 506 428 { 507 507 - struct hci_rp_read_class_of_dev *rp = (void *) skb->data; 429 429 + struct hci_rp_read_class_of_dev *rp = data; 508 430 509 509 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 431 431 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 510 432 511 433 if (rp->status) 512 512 - return; 434 434 + return rp->status; 513 435 514 436 memcpy(hdev->dev_class, rp->dev_class, 3); 515 437 516 516 - BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name, 517 517 - hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]); 438 438 + bt_dev_dbg(hdev, "class 0x%.2x%.2x%.2x", hdev->dev_class[2], 439 439 + hdev->dev_class[1], hdev->dev_class[0]); 440 440 + 441 441 + return rp->status; 518 442 } 519 443 520 520 - static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb) 444 444 + static u8 hci_cc_write_class_of_dev(struct hci_dev *hdev, void *data, 445 445 + struct sk_buff *skb) 521 446 { 522 522 - __u8 status = *((__u8 *) skb->data); 447 447 + struct hci_ev_status *rp = data; 523 448 void *sent; 524 449 525 525 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 450 450 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 526 451 527 452 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV); 528 453 if (!sent) 529 529 - return; 454 454 + return rp->status; 530 455 531 456 hci_dev_lock(hdev); 532 457 533 533 - if (status == 0) 458 458 + if (!rp->status) 534 459 memcpy(hdev->dev_class, sent, 3); 535 460 536 461 if (hci_dev_test_flag(hdev, HCI_MGMT)) 537 537 - mgmt_set_class_of_dev_complete(hdev, sent, status); 462 462 + mgmt_set_class_of_dev_complete(hdev, sent, rp->status); 538 463 539 464 hci_dev_unlock(hdev); 465 465 + 466 466 + return rp->status; 540 467 } 541 468 542 542 - static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb) 469 469 + static u8 hci_cc_read_voice_setting(struct hci_dev *hdev, void *data, 470 470 + struct sk_buff *skb) 543 471 { 544 544 - struct hci_rp_read_voice_setting *rp = (void *) skb->data; 472 472 + struct hci_rp_read_voice_setting *rp = data; 545 473 __u16 setting; 546 474 547 547 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 475 475 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 548 476 549 477 if (rp->status) 550 550 - return; 478 478 + return rp->status; 551 479 552 480 setting = __le16_to_cpu(rp->voice_setting); 553 481 554 482 if (hdev->voice_setting == setting) 555 555 - return; 483 483 + return rp->status; 556 484 557 485 hdev->voice_setting = setting; 558 486 559 559 - BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting); 487 487 + bt_dev_dbg(hdev, "voice setting 0x%4.4x", setting); 560 488 561 489 if (hdev->notify) 562 490 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING); 491 491 + 492 492 + return rp->status; 563 493 } 564 494 565 565 - static void hci_cc_write_voice_setting(struct hci_dev *hdev, 566 566 - struct sk_buff *skb) 495 495 + static u8 hci_cc_write_voice_setting(struct hci_dev *hdev, void *data, 496 496 + struct sk_buff *skb) 567 497 { 568 568 - __u8 status = *((__u8 *) skb->data); 498 498 + struct hci_ev_status *rp = data; 569 499 __u16 setting; 570 500 void *sent; 571 501 572 572 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 502 502 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 573 503 574 574 - if (status) 575 575 - return; 504 504 + if (rp->status) 505 505 + return rp->status; 576 506 577 507 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING); 578 508 if (!sent) 579 579 - return; 509 509 + return rp->status; 580 510 581 511 setting = get_unaligned_le16(sent); 582 512 583 513 if (hdev->voice_setting == setting) 584 584 - return; 514 514 + return rp->status; 585 515 586 516 hdev->voice_setting = setting; 587 517 588 588 - BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting); 518 518 + bt_dev_dbg(hdev, "voice setting 0x%4.4x", setting); 589 519 590 520 if (hdev->notify) 591 521 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING); 522 522 + 523 523 + return rp->status; 592 524 } 593 525 594 594 - static void hci_cc_read_num_supported_iac(struct hci_dev *hdev, 595 595 - struct sk_buff *skb) 526 526 + static u8 hci_cc_read_num_supported_iac(struct hci_dev *hdev, void *data, 527 527 + struct sk_buff *skb) 596 528 { 597 597 - struct hci_rp_read_num_supported_iac *rp = (void *) skb->data; 529 529 + struct hci_rp_read_num_supported_iac *rp = data; 598 530 599 599 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 531 531 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 600 532 601 533 if (rp->status) 602 602 - return; 534 534 + return rp->status; 603 535 604 536 hdev->num_iac = rp->num_iac; 605 537 606 606 - BT_DBG("%s num iac %d", hdev->name, hdev->num_iac); 538 538 + bt_dev_dbg(hdev, "num iac %d", hdev->num_iac); 539 539 + 540 540 + return rp->status; 607 541 } 608 542 609 609 - static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb) 543 543 + static u8 hci_cc_write_ssp_mode(struct hci_dev *hdev, void *data, 544 544 + struct sk_buff *skb) 610 545 { 611 611 - __u8 status = *((__u8 *) skb->data); 546 546 + struct hci_ev_status *rp = data; 612 547 struct hci_cp_write_ssp_mode *sent; 613 548 614 614 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 549 549 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 615 550 616 551 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE); 617 552 if (!sent) 618 618 - return; 553 553 + return rp->status; 619 554 620 555 hci_dev_lock(hdev); 621 556 622 622 - if (!status) { 557 557 + if (!rp->status) { 623 558 if (sent->mode) 624 559 hdev->features[1][0] |= LMP_HOST_SSP; 625 560 else 626 561 hdev->features[1][0] &= ~LMP_HOST_SSP; 627 562 } 628 563 629 629 - if (!status) { 564 564 + if (!rp->status) { 630 565 if (sent->mode) 631 566 hci_dev_set_flag(hdev, HCI_SSP_ENABLED); 632 567 else ··· 650 553 } 651 554 652 555 hci_dev_unlock(hdev); 556 556 + 557 557 + return rp->status; 653 558 } 654 559 655 655 - static void hci_cc_write_sc_support(struct hci_dev *hdev, struct sk_buff *skb) 560 560 + static u8 hci_cc_write_sc_support(struct hci_dev *hdev, void *data, 561 561 + struct sk_buff *skb) 656 562 { 657 657 - u8 status = *((u8 *) skb->data); 563 563 + struct hci_ev_status *rp = data; 658 564 struct hci_cp_write_sc_support *sent; 659 565 660 660 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 566 566 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 661 567 662 568 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SC_SUPPORT); 663 569 if (!sent) 664 664 - return; 570 570 + return rp->status; 665 571 666 572 hci_dev_lock(hdev); 667 573 668 668 - if (!status) { 574 574 + if (!rp->status) { 669 575 if (sent->support) 670 576 hdev->features[1][0] |= LMP_HOST_SC; 671 577 else 672 578 hdev->features[1][0] &= ~LMP_HOST_SC; 673 579 } 674 580 675 675 - if (!hci_dev_test_flag(hdev, HCI_MGMT) && !status) { 581 581 + if (!hci_dev_test_flag(hdev, HCI_MGMT) && !rp->status) { 676 582 if (sent->support) 677 583 hci_dev_set_flag(hdev, HCI_SC_ENABLED); 678 584 else ··· 683 583 } 684 584 685 585 hci_dev_unlock(hdev); 586 586 + 587 587 + return rp->status; 686 588 } 687 589 688 688 - static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb) 590 590 + static u8 hci_cc_read_local_version(struct hci_dev *hdev, void *data, 591 591 + struct sk_buff *skb) 689 592 { 690 690 - struct hci_rp_read_local_version *rp = (void *) skb->data; 593 593 + struct hci_rp_read_local_version *rp = data; 691 594 692 692 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 595 595 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 693 596 694 597 if (rp->status) 695 695 - return; 598 598 + return rp->status; 696 599 697 600 if (hci_dev_test_flag(hdev, HCI_SETUP) || 698 601 hci_dev_test_flag(hdev, HCI_CONFIG)) { ··· 705 602 hdev->manufacturer = __le16_to_cpu(rp->manufacturer); 706 603 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver); 707 604 } 605 605 + 606 606 + return rp->status; 708 607 } 709 608 710 710 - static void hci_cc_read_local_commands(struct hci_dev *hdev, 711 711 - struct sk_buff *skb) 609 609 + static u8 hci_cc_read_local_commands(struct hci_dev *hdev, void *data, 610 610 + struct sk_buff *skb) 712 611 { 713 713 - struct hci_rp_read_local_commands *rp = (void *) skb->data; 612 612 + struct hci_rp_read_local_commands *rp = data; 714 613 715 715 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 614 614 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 716 615 717 616 if (rp->status) 718 718 - return; 617 617 + return rp->status; 719 618 720 619 if (hci_dev_test_flag(hdev, HCI_SETUP) || 721 620 hci_dev_test_flag(hdev, HCI_CONFIG)) 722 621 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands)); 622 622 + 623 623 + return rp->status; 723 624 } 724 625 725 725 - static void hci_cc_read_auth_payload_timeout(struct hci_dev *hdev, 726 726 - struct sk_buff *skb) 626 626 + static u8 hci_cc_read_auth_payload_timeout(struct hci_dev *hdev, void *data, 627 627 + struct sk_buff *skb) 727 628 { 728 728 - struct hci_rp_read_auth_payload_to *rp = (void *)skb->data; 629 629 + struct hci_rp_read_auth_payload_to *rp = data; 729 630 struct hci_conn *conn; 730 631 731 731 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 632 632 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 732 633 733 634 if (rp->status) 734 734 - return; 635 635 + return rp->status; 735 636 736 637 hci_dev_lock(hdev); 737 638 ··· 744 637 conn->auth_payload_timeout = __le16_to_cpu(rp->timeout); 745 638 746 639 hci_dev_unlock(hdev); 640 640 + 641 641 + return rp->status; 747 642 } 748 643 749 749 - static void hci_cc_write_auth_payload_timeout(struct hci_dev *hdev, 750 750 - struct sk_buff *skb) 644 644 + static u8 hci_cc_write_auth_payload_timeout(struct hci_dev *hdev, void *data, 645 645 + struct sk_buff *skb) 751 646 { 752 752 - struct hci_rp_write_auth_payload_to *rp = (void *)skb->data; 647 647 + struct hci_rp_write_auth_payload_to *rp = data; 753 648 struct hci_conn *conn; 754 649 void *sent; 755 650 756 756 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 651 651 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 757 652 758 653 if (rp->status) 759 759 - return; 654 654 + return rp->status; 760 655 761 656 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_PAYLOAD_TO); 762 657 if (!sent) 763 763 - return; 658 658 + return rp->status; 764 659 765 660 hci_dev_lock(hdev); 766 661 ··· 771 662 conn->auth_payload_timeout = get_unaligned_le16(sent + 2); 772 663 773 664 hci_dev_unlock(hdev); 665 665 + 666 666 + return rp->status; 774 667 } 775 668 776 776 - static void hci_cc_read_local_features(struct hci_dev *hdev, 777 777 - struct sk_buff *skb) 669 669 + static u8 hci_cc_read_local_features(struct hci_dev *hdev, void *data, 670 670 + struct sk_buff *skb) 778 671 { 779 779 - struct hci_rp_read_local_features *rp = (void *) skb->data; 672 672 + struct hci_rp_read_local_features *rp = data; 780 673 781 781 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 674 674 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 782 675 783 676 if (rp->status) 784 784 - return; 677 677 + return rp->status; 785 678 786 679 memcpy(hdev->features, rp->features, 8); 787 680 ··· 823 712 824 713 if (hdev->features[0][5] & LMP_EDR_3S_ESCO) 825 714 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5); 715 715 + 716 716 + return rp->status; 826 717 } 827 718 828 828 - static void hci_cc_read_local_ext_features(struct hci_dev *hdev, 829 829 - struct sk_buff *skb) 719 719 + static u8 hci_cc_read_local_ext_features(struct hci_dev *hdev, void *data, 720 720 + struct sk_buff *skb) 830 721 { 831 831 - struct hci_rp_read_local_ext_features *rp = (void *) skb->data; 722 722 + struct hci_rp_read_local_ext_features *rp = data; 832 723 833 833 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 724 724 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 834 725 835 726 if (rp->status) 836 836 - return; 727 727 + return rp->status; 837 728 838 729 if (hdev->max_page < rp->max_page) 839 730 hdev->max_page = rp->max_page; 840 731 841 732 if (rp->page < HCI_MAX_PAGES) 842 733 memcpy(hdev->features[rp->page], rp->features, 8); 734 734 + 735 735 + return rp->status; 843 736 } 844 737 845 845 - static void hci_cc_read_flow_control_mode(struct hci_dev *hdev, 846 846 - struct sk_buff *skb) 738 738 + static u8 hci_cc_read_flow_control_mode(struct hci_dev *hdev, void *data, 739 739 + struct sk_buff *skb) 847 740 { 848 848 - struct hci_rp_read_flow_control_mode *rp = (void *) skb->data; 741 741 + struct hci_rp_read_flow_control_mode *rp = data; 849 742 850 850 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 743 743 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 851 744 852 745 if (rp->status) 853 853 - return; 746 746 + return rp->status; 854 747 855 748 hdev->flow_ctl_mode = rp->mode; 749 749 + 750 750 + return rp->status; 856 751 } 857 752 858 858 - static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb) 753 753 + static u8 hci_cc_read_buffer_size(struct hci_dev *hdev, void *data, 754 754 + struct sk_buff *skb) 859 755 { 860 860 - struct hci_rp_read_buffer_size *rp = (void *) skb->data; 756 756 + struct hci_rp_read_buffer_size *rp = data; 861 757 862 862 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 758 758 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 863 759 864 760 if (rp->status) 865 865 - return; 761 761 + return rp->status; 866 762 867 763 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu); 868 764 hdev->sco_mtu = rp->sco_mtu; ··· 886 768 887 769 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu, 888 770 hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts); 771 771 + 772 772 + return rp->status; 889 773 } 890 774 891 891 - static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb) 775 775 + static u8 hci_cc_read_bd_addr(struct hci_dev *hdev, void *data, 776 776 + struct sk_buff *skb) 892 777 { 893 893 - struct hci_rp_read_bd_addr *rp = (void *) skb->data; 778 778 + struct hci_rp_read_bd_addr *rp = data; 894 779 895 895 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 780 780 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 896 781 897 782 if (rp->status) 898 898 - return; 783 783 + return rp->status; 899 784 900 785 if (test_bit(HCI_INIT, &hdev->flags)) 901 786 bacpy(&hdev->bdaddr, &rp->bdaddr); 902 787 903 788 if (hci_dev_test_flag(hdev, HCI_SETUP)) 904 789 bacpy(&hdev->setup_addr, &rp->bdaddr); 790 790 + 791 791 + return rp->status; 905 792 } 906 793 907 907 - static void hci_cc_read_local_pairing_opts(struct hci_dev *hdev, 908 908 - struct sk_buff *skb) 794 794 + static u8 hci_cc_read_local_pairing_opts(struct hci_dev *hdev, void *data, 795 795 + struct sk_buff *skb) 909 796 { 910 910 - struct hci_rp_read_local_pairing_opts *rp = (void *) skb->data; 797 797 + struct hci_rp_read_local_pairing_opts *rp = data; 911 798 912 912 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 799 799 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 913 800 914 801 if (rp->status) 915 915 - return; 802 802 + return rp->status; 916 803 917 804 if (hci_dev_test_flag(hdev, HCI_SETUP) || 918 805 hci_dev_test_flag(hdev, HCI_CONFIG)) { 919 806 hdev->pairing_opts = rp->pairing_opts; 920 807 hdev->max_enc_key_size = rp->max_key_size; 921 808 } 809 809 + 810 810 + return rp->status; 922 811 } 923 812 924 924 - static void hci_cc_read_page_scan_activity(struct hci_dev *hdev, 925 925 - struct sk_buff *skb) 813 813 + static u8 hci_cc_read_page_scan_activity(struct hci_dev *hdev, void *data, 814 814 + struct sk_buff *skb) 926 815 { 927 927 - struct hci_rp_read_page_scan_activity *rp = (void *) skb->data; 816 816 + struct hci_rp_read_page_scan_activity *rp = data; 928 817 929 929 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 818 818 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 930 819 931 820 if (rp->status) 932 932 - return; 821 821 + return rp->status; 933 822 934 823 if (test_bit(HCI_INIT, &hdev->flags)) { 935 824 hdev->page_scan_interval = __le16_to_cpu(rp->interval); 936 825 hdev->page_scan_window = __le16_to_cpu(rp->window); 937 826 } 827 827 + 828 828 + return rp->status; 938 829 } 939 830 940 940 - static void hci_cc_write_page_scan_activity(struct hci_dev *hdev, 941 941 - struct sk_buff *skb) 831 831 + static u8 hci_cc_write_page_scan_activity(struct hci_dev *hdev, void *data, 832 832 + struct sk_buff *skb) 942 833 { 943 943 - u8 status = *((u8 *) skb->data); 834 834 + struct hci_ev_status *rp = data; 944 835 struct hci_cp_write_page_scan_activity *sent; 945 836 946 946 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 837 837 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 947 838 948 948 - if (status) 949 949 - return; 839 839 + if (rp->status) 840 840 + return rp->status; 950 841 951 842 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY); 952 843 if (!sent) 953 953 - return; 844 844 + return rp->status; 954 845 955 846 hdev->page_scan_interval = __le16_to_cpu(sent->interval); 956 847 hdev->page_scan_window = __le16_to_cpu(sent->window); 848 848 + 849 849 + return rp->status; 957 850 } 958 851 959 959 - static void hci_cc_read_page_scan_type(struct hci_dev *hdev, 960 960 - struct sk_buff *skb) 852 852 + static u8 hci_cc_read_page_scan_type(struct hci_dev *hdev, void *data, 853 853 + struct sk_buff *skb) 961 854 { 962 962 - struct hci_rp_read_page_scan_type *rp = (void *) skb->data; 855 855 + struct hci_rp_read_page_scan_type *rp = data; 963 856 964 964 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 857 857 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 965 858 966 859 if (rp->status) 967 967 - return; 860 860 + return rp->status; 968 861 969 862 if (test_bit(HCI_INIT, &hdev->flags)) 970 863 hdev->page_scan_type = rp->type; 864 864 + 865 865 + return rp->status; 971 866 } 972 867 973 973 - static void hci_cc_write_page_scan_type(struct hci_dev *hdev, 974 974 - struct sk_buff *skb) 868 868 + static u8 hci_cc_write_page_scan_type(struct hci_dev *hdev, void *data, 869 869 + struct sk_buff *skb) 975 870 { 976 976 - u8 status = *((u8 *) skb->data); 871 871 + struct hci_ev_status *rp = data; 977 872 u8 *type; 978 873 979 979 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 874 874 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 980 875 981 981 - if (status) 982 982 - return; 876 876 + if (rp->status) 877 877 + return rp->status; 983 878 984 879 type = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE); 985 880 if (type) 986 881 hdev->page_scan_type = *type; 882 882 + 883 883 + return rp->status; 987 884 } 988 885 989 989 - static void hci_cc_read_data_block_size(struct hci_dev *hdev, 990 990 - struct sk_buff *skb) 886 886 + static u8 hci_cc_read_data_block_size(struct hci_dev *hdev, void *data, 887 887 + struct sk_buff *skb) 991 888 { 992 992 - struct hci_rp_read_data_block_size *rp = (void *) skb->data; 889 889 + struct hci_rp_read_data_block_size *rp = data; 993 890 994 994 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 891 891 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 995 892 996 893 if (rp->status) 997 997 - return; 894 894 + return rp->status; 998 895 999 896 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len); 1000 897 hdev->block_len = __le16_to_cpu(rp->block_len); ··· 1019 886 1020 887 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu, 1021 888 hdev->block_cnt, hdev->block_len); 889 889 + 890 890 + return rp->status; 1022 891 } 1023 892 1024 1024 - static void hci_cc_read_clock(struct hci_dev *hdev, struct sk_buff *skb) 893 893 + static u8 hci_cc_read_clock(struct hci_dev *hdev, void *data, 894 894 + struct sk_buff *skb) 1025 895 { 1026 1026 - struct hci_rp_read_clock *rp = (void *) skb->data; 896 896 + struct hci_rp_read_clock *rp = data; 1027 897 struct hci_cp_read_clock *cp; 1028 898 struct hci_conn *conn; 1029 899 1030 1030 - BT_DBG("%s", hdev->name); 1031 1031 - 1032 1032 - if (skb->len < sizeof(*rp)) 1033 1033 - return; 900 900 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1034 901 1035 902 if (rp->status) 1036 1036 - return; 903 903 + return rp->status; 1037 904 1038 905 hci_dev_lock(hdev); 1039 906 ··· 1054 921 1055 922 unlock: 1056 923 hci_dev_unlock(hdev); 924 924 + return rp->status; 1057 925 } 1058 926 1059 1059 - static void hci_cc_read_local_amp_info(struct hci_dev *hdev, 1060 1060 - struct sk_buff *skb) 927 927 + static u8 hci_cc_read_local_amp_info(struct hci_dev *hdev, void *data, 928 928 + struct sk_buff *skb) 1061 929 { 1062 1062 - struct hci_rp_read_local_amp_info *rp = (void *) skb->data; 930 930 + struct hci_rp_read_local_amp_info *rp = data; 1063 931 1064 1064 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 932 932 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1065 933 1066 934 if (rp->status) 1067 1067 - return; 935 935 + return rp->status; 1068 936 1069 937 hdev->amp_status = rp->amp_status; 1070 938 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw); ··· 1077 943 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size); 1078 944 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to); 1079 945 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to); 946 946 + 947 947 + return rp->status; 1080 948 } 1081 949 1082 1082 - static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev, 1083 1083 - struct sk_buff *skb) 950 950 + static u8 hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev, void *data, 951 951 + struct sk_buff *skb) 1084 952 { 1085 1085 - struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data; 953 953 + struct hci_rp_read_inq_rsp_tx_power *rp = data; 1086 954 1087 1087 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 955 955 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1088 956 1089 957 if (rp->status) 1090 1090 - return; 958 958 + return rp->status; 1091 959 1092 960 hdev->inq_tx_power = rp->tx_power; 961 961 + 962 962 + return rp->status; 1093 963 } 1094 964 1095 1095 - static void hci_cc_read_def_err_data_reporting(struct hci_dev *hdev, 1096 1096 - struct sk_buff *skb) 965 965 + static u8 hci_cc_read_def_err_data_reporting(struct hci_dev *hdev, void *data, 966 966 + struct sk_buff *skb) 1097 967 { 1098 1098 - struct hci_rp_read_def_err_data_reporting *rp = (void *)skb->data; 968 968 + struct hci_rp_read_def_err_data_reporting *rp = data; 1099 969 1100 1100 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 970 970 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1101 971 1102 972 if (rp->status) 1103 1103 - return; 973 973 + return rp->status; 1104 974 1105 975 hdev->err_data_reporting = rp->err_data_reporting; 976 976 + 977 977 + return rp->status; 1106 978 } 1107 979 1108 1108 - static void hci_cc_write_def_err_data_reporting(struct hci_dev *hdev, 1109 1109 - struct sk_buff *skb) 980 980 + static u8 hci_cc_write_def_err_data_reporting(struct hci_dev *hdev, void *data, 981 981 + struct sk_buff *skb) 1110 982 { 1111 1111 - __u8 status = *((__u8 *)skb->data); 983 983 + struct hci_ev_status *rp = data; 1112 984 struct hci_cp_write_def_err_data_reporting *cp; 1113 985 1114 1114 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 986 986 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1115 987 1116 1116 - if (status) 1117 1117 - return; 988 988 + if (rp->status) 989 989 + return rp->status; 1118 990 1119 991 cp = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_ERR_DATA_REPORTING); 1120 992 if (!cp) 1121 1121 - return; 993 993 + return rp->status; 1122 994 1123 995 hdev->err_data_reporting = cp->err_data_reporting; 996 996 + 997 997 + return rp->status; 1124 998 } 1125 999 1126 1126 - static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb) 1000 1000 + static u8 hci_cc_pin_code_reply(struct hci_dev *hdev, void *data, 1001 1001 + struct sk_buff *skb) 1127 1002 { 1128 1128 - struct hci_rp_pin_code_reply *rp = (void *) skb->data; 1003 1003 + struct hci_rp_pin_code_reply *rp = data; 1129 1004 struct hci_cp_pin_code_reply *cp; 1130 1005 struct hci_conn *conn; 1131 1006 1132 1132 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1007 1007 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1133 1008 1134 1009 hci_dev_lock(hdev); 1135 1010 ··· 1158 1015 1159 1016 unlock: 1160 1017 hci_dev_unlock(hdev); 1018 1018 + return rp->status; 1161 1019 } 1162 1020 1163 1163 - static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb) 1021 1021 + static u8 hci_cc_pin_code_neg_reply(struct hci_dev *hdev, void *data, 1022 1022 + struct sk_buff *skb) 1164 1023 { 1165 1165 - struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data; 1024 1024 + struct hci_rp_pin_code_neg_reply *rp = data; 1166 1025 1167 1167 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1026 1026 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1168 1027 1169 1028 hci_dev_lock(hdev); 1170 1029 ··· 1175 1030 rp->status); 1176 1031 1177 1032 hci_dev_unlock(hdev); 1033 1033 + 1034 1034 + return rp->status; 1178 1035 } 1179 1036 1180 1180 - static void hci_cc_le_read_buffer_size(struct hci_dev *hdev, 1181 1181 - struct sk_buff *skb) 1037 1037 + static u8 hci_cc_le_read_buffer_size(struct hci_dev *hdev, void *data, 1038 1038 + struct sk_buff *skb) 1182 1039 { 1183 1183 - struct hci_rp_le_read_buffer_size *rp = (void *) skb->data; 1040 1040 + struct hci_rp_le_read_buffer_size *rp = data; 1184 1041 1185 1185 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1042 1042 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1186 1043 1187 1044 if (rp->status) 1188 1188 - return; 1045 1045 + return rp->status; 1189 1046 1190 1047 hdev->le_mtu = __le16_to_cpu(rp->le_mtu); 1191 1048 hdev->le_pkts = rp->le_max_pkt; ··· 1195 1048 hdev->le_cnt = hdev->le_pkts; 1196 1049 1197 1050 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts); 1051 1051 + 1052 1052 + return rp->status; 1198 1053 } 1199 1054 1200 1200 - static void hci_cc_le_read_local_features(struct hci_dev *hdev, 1201 1201 - struct sk_buff *skb) 1202 1202 - { 1203 1203 - struct hci_rp_le_read_local_features *rp = (void *) skb->data; 1204 1204 - 1205 1205 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1206 1206 - 1207 1207 - if (rp->status) 1208 1208 - return; 1209 1209 - 1210 1210 - memcpy(hdev->le_features, rp->features, 8); 1211 1211 - } 1212 1212 - 1213 1213 - static void hci_cc_le_read_adv_tx_power(struct hci_dev *hdev, 1055 1055 + static u8 hci_cc_le_read_local_features(struct hci_dev *hdev, void *data, 1214 1056 struct sk_buff *skb) 1215 1057 { 1216 1216 - struct hci_rp_le_read_adv_tx_power *rp = (void *) skb->data; 1058 1058 + struct hci_rp_le_read_local_features *rp = data; 1217 1059 1218 1060 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1219 1061 1220 1062 if (rp->status) 1221 1221 - return; 1063 1063 + return rp->status; 1222 1064 1223 1223 - hdev->adv_tx_power = rp->tx_power; 1065 1065 + memcpy(hdev->le_features, rp->features, 8); 1066 1066 + 1067 1067 + return rp->status; 1224 1068 } 1225 1069 1226 1226 - static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb) 1070 1070 + static u8 hci_cc_le_read_adv_tx_power(struct hci_dev *hdev, void *data, 1071 1071 + struct sk_buff *skb) 1227 1072 { 1228 1228 - struct hci_rp_user_confirm_reply *rp = (void *) skb->data; 1073 1073 + struct hci_rp_le_read_adv_tx_power *rp = data; 1229 1074 1230 1230 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1075 1075 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1076 1076 + 1077 1077 + if (rp->status) 1078 1078 + return rp->status; 1079 1079 + 1080 1080 + hdev->adv_tx_power = rp->tx_power; 1081 1081 + 1082 1082 + return rp->status; 1083 1083 + } 1084 1084 + 1085 1085 + static u8 hci_cc_user_confirm_reply(struct hci_dev *hdev, void *data, 1086 1086 + struct sk_buff *skb) 1087 1087 + { 1088 1088 + struct hci_rp_user_confirm_reply *rp = data; 1089 1089 + 1090 1090 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1231 1091 1232 1092 hci_dev_lock(hdev); 1233 1093 ··· 1243 1089 rp->status); 1244 1090 1245 1091 hci_dev_unlock(hdev); 1092 1092 + 1093 1093 + return rp->status; 1246 1094 } 1247 1095 1248 1248 - static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev, 1249 1249 - struct sk_buff *skb) 1096 1096 + static u8 hci_cc_user_confirm_neg_reply(struct hci_dev *hdev, void *data, 1097 1097 + struct sk_buff *skb) 1250 1098 { 1251 1251 - struct hci_rp_user_confirm_reply *rp = (void *) skb->data; 1099 1099 + struct hci_rp_user_confirm_reply *rp = data; 1252 1100 1253 1253 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1101 1101 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1254 1102 1255 1103 hci_dev_lock(hdev); 1256 1104 ··· 1261 1105 ACL_LINK, 0, rp->status); 1262 1106 1263 1107 hci_dev_unlock(hdev); 1108 1108 + 1109 1109 + return rp->status; 1264 1110 } 1265 1111 1266 1266 - static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb) 1112 1112 + static u8 hci_cc_user_passkey_reply(struct hci_dev *hdev, void *data, 1113 1113 + struct sk_buff *skb) 1267 1114 { 1268 1268 - struct hci_rp_user_confirm_reply *rp = (void *) skb->data; 1115 1115 + struct hci_rp_user_confirm_reply *rp = data; 1269 1116 1270 1270 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1117 1117 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1271 1118 1272 1119 hci_dev_lock(hdev); 1273 1120 ··· 1279 1120 0, rp->status); 1280 1121 1281 1122 hci_dev_unlock(hdev); 1123 1123 + 1124 1124 + return rp->status; 1282 1125 } 1283 1126 1284 1284 - static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev, 1285 1285 - struct sk_buff *skb) 1127 1127 + static u8 hci_cc_user_passkey_neg_reply(struct hci_dev *hdev, void *data, 1128 1128 + struct sk_buff *skb) 1286 1129 { 1287 1287 - struct hci_rp_user_confirm_reply *rp = (void *) skb->data; 1130 1130 + struct hci_rp_user_confirm_reply *rp = data; 1288 1131 1289 1289 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1132 1132 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1290 1133 1291 1134 hci_dev_lock(hdev); 1292 1135 ··· 1297 1136 ACL_LINK, 0, rp->status); 1298 1137 1299 1138 hci_dev_unlock(hdev); 1139 1139 + 1140 1140 + return rp->status; 1300 1141 } 1301 1142 1302 1302 - static void hci_cc_read_local_oob_data(struct hci_dev *hdev, 1303 1303 - struct sk_buff *skb) 1143 1143 + static u8 hci_cc_read_local_oob_data(struct hci_dev *hdev, void *data, 1144 1144 + struct sk_buff *skb) 1304 1145 { 1305 1305 - struct hci_rp_read_local_oob_data *rp = (void *) skb->data; 1146 1146 + struct hci_rp_read_local_oob_data *rp = data; 1306 1147 1307 1307 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1148 1148 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1149 1149 + 1150 1150 + return rp->status; 1308 1151 } 1309 1152 1310 1310 - static void hci_cc_read_local_oob_ext_data(struct hci_dev *hdev, 1311 1311 - struct sk_buff *skb) 1153 1153 + static u8 hci_cc_read_local_oob_ext_data(struct hci_dev *hdev, void *data, 1154 1154 + struct sk_buff *skb) 1312 1155 { 1313 1313 - struct hci_rp_read_local_oob_ext_data *rp = (void *) skb->data; 1156 1156 + struct hci_rp_read_local_oob_ext_data *rp = data; 1314 1157 1315 1315 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1158 1158 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1159 1159 + 1160 1160 + return rp->status; 1316 1161 } 1317 1162 1318 1318 - static void hci_cc_le_set_random_addr(struct hci_dev *hdev, struct sk_buff *skb) 1163 1163 + static u8 hci_cc_le_set_random_addr(struct hci_dev *hdev, void *data, 1164 1164 + struct sk_buff *skb) 1319 1165 { 1320 1320 - __u8 status = *((__u8 *) skb->data); 1166 1166 + struct hci_ev_status *rp = data; 1321 1167 bdaddr_t *sent; 1322 1168 1323 1323 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1169 1169 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1324 1170 1325 1325 - if (status) 1326 1326 - return; 1171 1171 + if (rp->status) 1172 1172 + return rp->status; 1327 1173 1328 1174 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_RANDOM_ADDR); 1329 1175 if (!sent) 1330 1330 - return; 1176 1176 + return rp->status; 1331 1177 1332 1178 hci_dev_lock(hdev); 1333 1179 ··· 1347 1179 } 1348 1180 1349 1181 hci_dev_unlock(hdev); 1182 1182 + 1183 1183 + return rp->status; 1350 1184 } 1351 1185 1352 1352 - static void hci_cc_le_set_default_phy(struct hci_dev *hdev, struct sk_buff *skb) 1186 1186 + static u8 hci_cc_le_set_default_phy(struct hci_dev *hdev, void *data, 1187 1187 + struct sk_buff *skb) 1353 1188 { 1354 1354 - __u8 status = *((__u8 *) skb->data); 1189 1189 + struct hci_ev_status *rp = data; 1355 1190 struct hci_cp_le_set_default_phy *cp; 1356 1191 1357 1357 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1192 1192 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1358 1193 1359 1359 - if (status) 1360 1360 - return; 1194 1194 + if (rp->status) 1195 1195 + return rp->status; 1361 1196 1362 1197 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_DEFAULT_PHY); 1363 1198 if (!cp) 1364 1364 - return; 1199 1199 + return rp->status; 1365 1200 1366 1201 hci_dev_lock(hdev); 1367 1202 ··· 1372 1201 hdev->le_rx_def_phys = cp->rx_phys; 1373 1202 1374 1203 hci_dev_unlock(hdev); 1204 1204 + 1205 1205 + return rp->status; 1375 1206 } 1376 1207 1377 1377 - static void hci_cc_le_set_adv_set_random_addr(struct hci_dev *hdev, 1378 1378 - struct sk_buff *skb) 1208 1208 + static u8 hci_cc_le_set_adv_set_random_addr(struct hci_dev *hdev, void *data, 1209 1209 + struct sk_buff *skb) 1379 1210 { 1380 1380 - __u8 status = *((__u8 *) skb->data); 1211 1211 + struct hci_ev_status *rp = data; 1381 1212 struct hci_cp_le_set_adv_set_rand_addr *cp; 1382 1213 struct adv_info *adv; 1383 1214 1384 1384 - if (status) 1385 1385 - return; 1215 1215 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1216 1216 + 1217 1217 + if (rp->status) 1218 1218 + return rp->status; 1386 1219 1387 1220 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_SET_RAND_ADDR); 1388 1221 /* Update only in case the adv instance since handle 0x00 shall be using ··· 1394 1219 * non-extended adverting. 1395 1220 */ 1396 1221 if (!cp || !cp->handle) 1397 1397 - return; 1222 1222 + return rp->status; 1398 1223 1399 1224 hci_dev_lock(hdev); 1400 1225 ··· 1410 1235 } 1411 1236 1412 1237 hci_dev_unlock(hdev); 1238 1238 + 1239 1239 + return rp->status; 1413 1240 } 1414 1241 1415 1415 - static void hci_cc_le_remove_adv_set(struct hci_dev *hdev, struct sk_buff *skb) 1242 1242 + static u8 hci_cc_le_remove_adv_set(struct hci_dev *hdev, void *data, 1243 1243 + struct sk_buff *skb) 1416 1244 { 1417 1417 - __u8 status = *((__u8 *)skb->data); 1245 1245 + struct hci_ev_status *rp = data; 1418 1246 u8 *instance; 1419 1247 int err; 1420 1248 1421 1421 - if (status) 1422 1422 - return; 1249 1249 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1250 1250 + 1251 1251 + if (rp->status) 1252 1252 + return rp->status; 1423 1253 1424 1254 instance = hci_sent_cmd_data(hdev, HCI_OP_LE_REMOVE_ADV_SET); 1425 1255 if (!instance) 1426 1426 - return; 1256 1256 + return rp->status; 1427 1257 1428 1258 hci_dev_lock(hdev); 1429 1259 ··· 1438 1258 *instance); 1439 1259 1440 1260 hci_dev_unlock(hdev); 1261 1261 + 1262 1262 + return rp->status; 1441 1263 } 1442 1264 1443 1443 - static void hci_cc_le_clear_adv_sets(struct hci_dev *hdev, struct sk_buff *skb) 1265 1265 + static u8 hci_cc_le_clear_adv_sets(struct hci_dev *hdev, void *data, 1266 1266 + struct sk_buff *skb) 1444 1267 { 1445 1445 - __u8 status = *((__u8 *)skb->data); 1268 1268 + struct hci_ev_status *rp = data; 1446 1269 struct adv_info *adv, *n; 1447 1270 int err; 1448 1271 1449 1449 - if (status) 1450 1450 - return; 1272 1272 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1273 1273 + 1274 1274 + if (rp->status) 1275 1275 + return rp->status; 1451 1276 1452 1277 if (!hci_sent_cmd_data(hdev, HCI_OP_LE_CLEAR_ADV_SETS)) 1453 1453 - return; 1278 1278 + return rp->status; 1454 1279 1455 1280 hci_dev_lock(hdev); 1456 1281 ··· 1469 1284 } 1470 1285 1471 1286 hci_dev_unlock(hdev); 1287 1287 + 1288 1288 + return rp->status; 1472 1289 } 1473 1290 1474 1474 - static void hci_cc_le_read_transmit_power(struct hci_dev *hdev, 1475 1475 - struct sk_buff *skb) 1291 1291 + static u8 hci_cc_le_read_transmit_power(struct hci_dev *hdev, void *data, 1292 1292 + struct sk_buff *skb) 1476 1293 { 1477 1477 - struct hci_rp_le_read_transmit_power *rp = (void *)skb->data; 1294 1294 + struct hci_rp_le_read_transmit_power *rp = data; 1478 1295 1479 1479 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1296 1296 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1480 1297 1481 1298 if (rp->status) 1482 1482 - return; 1299 1299 + return rp->status; 1483 1300 1484 1301 hdev->min_le_tx_power = rp->min_le_tx_power; 1485 1302 hdev->max_le_tx_power = rp->max_le_tx_power; 1303 1303 + 1304 1304 + return rp->status; 1486 1305 } 1487 1306 1488 1488 - static void hci_cc_le_set_adv_enable(struct hci_dev *hdev, struct sk_buff *skb) 1307 1307 + static u8 hci_cc_le_set_privacy_mode(struct hci_dev *hdev, void *data, 1308 1308 + struct sk_buff *skb) 1489 1309 { 1490 1490 - __u8 *sent, status = *((__u8 *) skb->data); 1310 1310 + struct hci_ev_status *rp = data; 1311 1311 + struct hci_cp_le_set_privacy_mode *cp; 1312 1312 + struct hci_conn_params *params; 1491 1313 1492 1492 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1314 1314 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1493 1315 1494 1494 - if (status) 1495 1495 - return; 1316 1316 + if (rp->status) 1317 1317 + return rp->status; 1318 1318 + 1319 1319 + cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_PRIVACY_MODE); 1320 1320 + if (!cp) 1321 1321 + return rp->status; 1322 1322 + 1323 1323 + hci_dev_lock(hdev); 1324 1324 + 1325 1325 + params = hci_conn_params_lookup(hdev, &cp->bdaddr, cp->bdaddr_type); 1326 1326 + if (params) 1327 1327 + params->privacy_mode = cp->mode; 1328 1328 + 1329 1329 + hci_dev_unlock(hdev); 1330 1330 + 1331 1331 + return rp->status; 1332 1332 + } 1333 1333 + 1334 1334 + static u8 hci_cc_le_set_adv_enable(struct hci_dev *hdev, void *data, 1335 1335 + struct sk_buff *skb) 1336 1336 + { 1337 1337 + struct hci_ev_status *rp = data; 1338 1338 + __u8 *sent; 1339 1339 + 1340 1340 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1341 1341 + 1342 1342 + if (rp->status) 1343 1343 + return rp->status; 1496 1344 1497 1345 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_ENABLE); 1498 1346 if (!sent) 1499 1499 - return; 1347 1347 + return rp->status; 1500 1348 1501 1349 hci_dev_lock(hdev); 1502 1350 ··· 1551 1333 } 1552 1334 1553 1335 hci_dev_unlock(hdev); 1336 1336 + 1337 1337 + return rp->status; 1554 1338 } 1555 1339 1556 1556 - static void hci_cc_le_set_ext_adv_enable(struct hci_dev *hdev, 1557 1557 - struct sk_buff *skb) 1340 1340 + static u8 hci_cc_le_set_ext_adv_enable(struct hci_dev *hdev, void *data, 1341 1341 + struct sk_buff *skb) 1558 1342 { 1559 1343 struct hci_cp_le_set_ext_adv_enable *cp; 1560 1344 struct hci_cp_ext_adv_set *set; 1561 1561 - __u8 status = *((__u8 *) skb->data); 1562 1345 struct adv_info *adv = NULL, *n; 1346 1346 + struct hci_ev_status *rp = data; 1563 1347 1564 1564 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1348 1348 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1565 1349 1566 1566 - if (status) 1567 1567 - return; 1350 1350 + if (rp->status) 1351 1351 + return rp->status; 1568 1352 1569 1353 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_EXT_ADV_ENABLE); 1570 1354 if (!cp) 1571 1571 - return; 1355 1355 + return rp->status; 1572 1356 1573 1357 set = (void *)cp->data; 1574 1358 ··· 1617 1397 1618 1398 unlock: 1619 1399 hci_dev_unlock(hdev); 1400 1400 + return rp->status; 1620 1401 } 1621 1402 1622 1622 - static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb) 1403 1403 + static u8 hci_cc_le_set_scan_param(struct hci_dev *hdev, void *data, 1404 1404 + struct sk_buff *skb) 1623 1405 { 1624 1406 struct hci_cp_le_set_scan_param *cp; 1625 1625 - __u8 status = *((__u8 *) skb->data); 1407 1407 + struct hci_ev_status *rp = data; 1626 1408 1627 1627 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1409 1409 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1628 1410 1629 1629 - if (status) 1630 1630 - return; 1411 1411 + if (rp->status) 1412 1412 + return rp->status; 1631 1413 1632 1414 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_PARAM); 1633 1415 if (!cp) 1634 1634 - return; 1416 1416 + return rp->status; 1635 1417 1636 1418 hci_dev_lock(hdev); 1637 1419 1638 1420 hdev->le_scan_type = cp->type; 1639 1421 1640 1422 hci_dev_unlock(hdev); 1423 1423 + 1424 1424 + return rp->status; 1641 1425 } 1642 1426 1643 1643 - static void hci_cc_le_set_ext_scan_param(struct hci_dev *hdev, 1644 1644 - struct sk_buff *skb) 1427 1427 + static u8 hci_cc_le_set_ext_scan_param(struct hci_dev *hdev, void *data, 1428 1428 + struct sk_buff *skb) 1645 1429 { 1646 1430 struct hci_cp_le_set_ext_scan_params *cp; 1647 1647 - __u8 status = *((__u8 *) skb->data); 1431 1431 + struct hci_ev_status *rp = data; 1648 1432 struct hci_cp_le_scan_phy_params *phy_param; 1649 1433 1650 1650 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1434 1434 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1651 1435 1652 1652 - if (status) 1653 1653 - return; 1436 1436 + if (rp->status) 1437 1437 + return rp->status; 1654 1438 1655 1439 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_EXT_SCAN_PARAMS); 1656 1440 if (!cp) 1657 1657 - return; 1441 1441 + return rp->status; 1658 1442 1659 1443 phy_param = (void *)cp->data; 1660 1444 ··· 1667 1443 hdev->le_scan_type = phy_param->type; 1668 1444 1669 1445 hci_dev_unlock(hdev); 1446 1446 + 1447 1447 + return rp->status; 1670 1448 } 1671 1449 1672 1450 static bool has_pending_adv_report(struct hci_dev *hdev) ··· 1754 1528 hci_dev_unlock(hdev); 1755 1529 } 1756 1530 1757 1757 - static void hci_cc_le_set_scan_enable(struct hci_dev *hdev, 1758 1758 - struct sk_buff *skb) 1531 1531 + static u8 hci_cc_le_set_scan_enable(struct hci_dev *hdev, void *data, 1532 1532 + struct sk_buff *skb) 1759 1533 { 1760 1534 struct hci_cp_le_set_scan_enable *cp; 1761 1761 - __u8 status = *((__u8 *) skb->data); 1535 1535 + struct hci_ev_status *rp = data; 1762 1536 1763 1763 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1537 1537 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1764 1538 1765 1765 - if (status) 1766 1766 - return; 1539 1539 + if (rp->status) 1540 1540 + return rp->status; 1767 1541 1768 1542 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE); 1769 1543 if (!cp) 1770 1770 - return; 1544 1544 + return rp->status; 1771 1545 1772 1546 le_set_scan_enable_complete(hdev, cp->enable); 1547 1547 + 1548 1548 + return rp->status; 1773 1549 } 1774 1550 1775 1775 - static void hci_cc_le_set_ext_scan_enable(struct hci_dev *hdev, 1776 1776 - struct sk_buff *skb) 1551 1551 + static u8 hci_cc_le_set_ext_scan_enable(struct hci_dev *hdev, void *data, 1552 1552 + struct sk_buff *skb) 1777 1553 { 1778 1554 struct hci_cp_le_set_ext_scan_enable *cp; 1779 1779 - __u8 status = *((__u8 *) skb->data); 1555 1555 + struct hci_ev_status *rp = data; 1780 1556 1781 1781 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1557 1557 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1782 1558 1783 1783 - if (status) 1784 1784 - return; 1559 1559 + if (rp->status) 1560 1560 + return rp->status; 1785 1561 1786 1562 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_EXT_SCAN_ENABLE); 1787 1563 if (!cp) 1788 1788 - return; 1564 1564 + return rp->status; 1789 1565 1790 1566 le_set_scan_enable_complete(hdev, cp->enable); 1567 1567 + 1568 1568 + return rp->status; 1791 1569 } 1792 1570 1793 1793 - static void hci_cc_le_read_num_adv_sets(struct hci_dev *hdev, 1571 1571 + static u8 hci_cc_le_read_num_adv_sets(struct hci_dev *hdev, void *data, 1794 1572 struct sk_buff *skb) 1795 1573 { 1796 1796 - struct hci_rp_le_read_num_supported_adv_sets *rp = (void *) skb->data; 1574 1574 + struct hci_rp_le_read_num_supported_adv_sets *rp = data; 1797 1575 1798 1798 - BT_DBG("%s status 0x%2.2x No of Adv sets %u", hdev->name, rp->status, 1799 1799 - rp->num_of_sets); 1576 1576 + bt_dev_dbg(hdev, "status 0x%2.2x No of Adv sets %u", rp->status, 1577 1577 + rp->num_of_sets); 1800 1578 1801 1579 if (rp->status) 1802 1802 - return; 1580 1580 + return rp->status; 1803 1581 1804 1582 hdev->le_num_of_adv_sets = rp->num_of_sets; 1583 1583 + 1584 1584 + return rp->status; 1805 1585 } 1806 1586 1807 1807 - static void hci_cc_le_read_accept_list_size(struct hci_dev *hdev, 1808 1808 - struct sk_buff *skb) 1587 1587 + static u8 hci_cc_le_read_accept_list_size(struct hci_dev *hdev, void *data, 1588 1588 + struct sk_buff *skb) 1809 1589 { 1810 1810 - struct hci_rp_le_read_accept_list_size *rp = (void *)skb->data; 1590 1590 + struct hci_rp_le_read_accept_list_size *rp = data; 1811 1591 1812 1812 - BT_DBG("%s status 0x%2.2x size %u", hdev->name, rp->status, rp->size); 1592 1592 + bt_dev_dbg(hdev, "status 0x%2.2x size %u", rp->status, rp->size); 1813 1593 1814 1594 if (rp->status) 1815 1815 - return; 1595 1595 + return rp->status; 1816 1596 1817 1597 hdev->le_accept_list_size = rp->size; 1598 1598 + 1599 1599 + return rp->status; 1818 1600 } 1819 1601 1820 1820 - static void hci_cc_le_clear_accept_list(struct hci_dev *hdev, 1821 1821 - struct sk_buff *skb) 1602 1602 + static u8 hci_cc_le_clear_accept_list(struct hci_dev *hdev, void *data, 1603 1603 + struct sk_buff *skb) 1822 1604 { 1823 1823 - __u8 status = *((__u8 *) skb->data); 1605 1605 + struct hci_ev_status *rp = data; 1824 1606 1825 1825 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1607 1607 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1826 1608 1827 1827 - if (status) 1828 1828 - return; 1609 1609 + if (rp->status) 1610 1610 + return rp->status; 1829 1611 1830 1612 hci_bdaddr_list_clear(&hdev->le_accept_list); 1613 1613 + 1614 1614 + return rp->status; 1831 1615 } 1832 1616 1833 1833 - static void hci_cc_le_add_to_accept_list(struct hci_dev *hdev, 1834 1834 - struct sk_buff *skb) 1617 1617 + static u8 hci_cc_le_add_to_accept_list(struct hci_dev *hdev, void *data, 1618 1618 + struct sk_buff *skb) 1835 1619 { 1836 1620 struct hci_cp_le_add_to_accept_list *sent; 1837 1837 - __u8 status = *((__u8 *) skb->data); 1621 1621 + struct hci_ev_status *rp = data; 1838 1622 1839 1839 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1623 1623 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1840 1624 1841 1841 - if (status) 1842 1842 - return; 1625 1625 + if (rp->status) 1626 1626 + return rp->status; 1843 1627 1844 1628 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_ADD_TO_ACCEPT_LIST); 1845 1629 if (!sent) 1846 1846 - return; 1630 1630 + return rp->status; 1847 1631 1848 1632 hci_bdaddr_list_add(&hdev->le_accept_list, &sent->bdaddr, 1849 1633 sent->bdaddr_type); 1634 1634 + 1635 1635 + return rp->status; 1850 1636 } 1851 1637 1852 1852 - static void hci_cc_le_del_from_accept_list(struct hci_dev *hdev, 1853 1853 - struct sk_buff *skb) 1638 1638 + static u8 hci_cc_le_del_from_accept_list(struct hci_dev *hdev, void *data, 1639 1639 + struct sk_buff *skb) 1854 1640 { 1855 1641 struct hci_cp_le_del_from_accept_list *sent; 1856 1856 - __u8 status = *((__u8 *) skb->data); 1642 1642 + struct hci_ev_status *rp = data; 1857 1643 1858 1858 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1644 1644 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1859 1645 1860 1860 - if (status) 1861 1861 - return; 1646 1646 + if (rp->status) 1647 1647 + return rp->status; 1862 1648 1863 1649 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_DEL_FROM_ACCEPT_LIST); 1864 1650 if (!sent) 1865 1865 - return; 1651 1651 + return rp->status; 1866 1652 1867 1653 hci_bdaddr_list_del(&hdev->le_accept_list, &sent->bdaddr, 1868 1654 sent->bdaddr_type); 1655 1655 + 1656 1656 + return rp->status; 1869 1657 } 1870 1658 1871 1871 - static void hci_cc_le_read_supported_states(struct hci_dev *hdev, 1872 1872 - struct sk_buff *skb) 1659 1659 + static u8 hci_cc_le_read_supported_states(struct hci_dev *hdev, void *data, 1660 1660 + struct sk_buff *skb) 1873 1661 { 1874 1874 - struct hci_rp_le_read_supported_states *rp = (void *) skb->data; 1662 1662 + struct hci_rp_le_read_supported_states *rp = data; 1875 1663 1876 1876 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1664 1664 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1877 1665 1878 1666 if (rp->status) 1879 1879 - return; 1667 1667 + return rp->status; 1880 1668 1881 1669 memcpy(hdev->le_states, rp->le_states, 8); 1670 1670 + 1671 1671 + return rp->status; 1882 1672 } 1883 1673 1884 1884 - static void hci_cc_le_read_def_data_len(struct hci_dev *hdev, 1885 1885 - struct sk_buff *skb) 1674 1674 + static u8 hci_cc_le_read_def_data_len(struct hci_dev *hdev, void *data, 1675 1675 + struct sk_buff *skb) 1886 1676 { 1887 1887 - struct hci_rp_le_read_def_data_len *rp = (void *) skb->data; 1677 1677 + struct hci_rp_le_read_def_data_len *rp = data; 1888 1678 1889 1889 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1679 1679 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1890 1680 1891 1681 if (rp->status) 1892 1892 - return; 1682 1682 + return rp->status; 1893 1683 1894 1684 hdev->le_def_tx_len = le16_to_cpu(rp->tx_len); 1895 1685 hdev->le_def_tx_time = le16_to_cpu(rp->tx_time); 1686 1686 + 1687 1687 + return rp->status; 1896 1688 } 1897 1689 1898 1898 - static void hci_cc_le_write_def_data_len(struct hci_dev *hdev, 1899 1899 - struct sk_buff *skb) 1690 1690 + static u8 hci_cc_le_write_def_data_len(struct hci_dev *hdev, void *data, 1691 1691 + struct sk_buff *skb) 1900 1692 { 1901 1693 struct hci_cp_le_write_def_data_len *sent; 1902 1902 - __u8 status = *((__u8 *) skb->data); 1694 1694 + struct hci_ev_status *rp = data; 1903 1695 1904 1904 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1696 1696 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1905 1697 1906 1906 - if (status) 1907 1907 - return; 1698 1698 + if (rp->status) 1699 1699 + return rp->status; 1908 1700 1909 1701 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_WRITE_DEF_DATA_LEN); 1910 1702 if (!sent) 1911 1911 - return; 1703 1703 + return rp->status; 1912 1704 1913 1705 hdev->le_def_tx_len = le16_to_cpu(sent->tx_len); 1914 1706 hdev->le_def_tx_time = le16_to_cpu(sent->tx_time); 1707 1707 + 1708 1708 + return rp->status; 1915 1709 } 1916 1710 1917 1917 - static void hci_cc_le_add_to_resolv_list(struct hci_dev *hdev, 1918 1918 - struct sk_buff *skb) 1711 1711 + static u8 hci_cc_le_add_to_resolv_list(struct hci_dev *hdev, void *data, 1712 1712 + struct sk_buff *skb) 1919 1713 { 1920 1714 struct hci_cp_le_add_to_resolv_list *sent; 1921 1921 - __u8 status = *((__u8 *) skb->data); 1715 1715 + struct hci_ev_status *rp = data; 1922 1716 1923 1923 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1717 1717 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1924 1718 1925 1925 - if (status) 1926 1926 - return; 1719 1719 + if (rp->status) 1720 1720 + return rp->status; 1927 1721 1928 1722 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_ADD_TO_RESOLV_LIST); 1929 1723 if (!sent) 1930 1930 - return; 1724 1724 + return rp->status; 1931 1725 1932 1726 hci_bdaddr_list_add_with_irk(&hdev->le_resolv_list, &sent->bdaddr, 1933 1727 sent->bdaddr_type, sent->peer_irk, 1934 1728 sent->local_irk); 1729 1729 + 1730 1730 + return rp->status; 1935 1731 } 1936 1732 1937 1937 - static void hci_cc_le_del_from_resolv_list(struct hci_dev *hdev, 1938 1938 - struct sk_buff *skb) 1733 1733 + static u8 hci_cc_le_del_from_resolv_list(struct hci_dev *hdev, void *data, 1734 1734 + struct sk_buff *skb) 1939 1735 { 1940 1736 struct hci_cp_le_del_from_resolv_list *sent; 1941 1941 - __u8 status = *((__u8 *) skb->data); 1737 1737 + struct hci_ev_status *rp = data; 1942 1738 1943 1943 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1739 1739 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1944 1740 1945 1945 - if (status) 1946 1946 - return; 1741 1741 + if (rp->status) 1742 1742 + return rp->status; 1947 1743 1948 1744 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_DEL_FROM_RESOLV_LIST); 1949 1745 if (!sent) 1950 1950 - return; 1746 1746 + return rp->status; 1951 1747 1952 1748 hci_bdaddr_list_del_with_irk(&hdev->le_resolv_list, &sent->bdaddr, 1953 1749 sent->bdaddr_type); 1750 1750 + 1751 1751 + return rp->status; 1954 1752 } 1955 1753 1956 1956 - static void hci_cc_le_clear_resolv_list(struct hci_dev *hdev, 1957 1957 - struct sk_buff *skb) 1754 1754 + static u8 hci_cc_le_clear_resolv_list(struct hci_dev *hdev, void *data, 1755 1755 + struct sk_buff *skb) 1958 1756 { 1959 1959 - __u8 status = *((__u8 *) skb->data); 1757 1757 + struct hci_ev_status *rp = data; 1960 1758 1961 1961 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1962 1962 - 1963 1963 - if (status) 1964 1964 - return; 1965 1965 - 1966 1966 - hci_bdaddr_list_clear(&hdev->le_resolv_list); 1967 1967 - } 1968 1968 - 1969 1969 - static void hci_cc_le_read_resolv_list_size(struct hci_dev *hdev, 1970 1970 - struct sk_buff *skb) 1971 1971 - { 1972 1972 - struct hci_rp_le_read_resolv_list_size *rp = (void *) skb->data; 1973 1973 - 1974 1974 - BT_DBG("%s status 0x%2.2x size %u", hdev->name, rp->status, rp->size); 1759 1759 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1975 1760 1976 1761 if (rp->status) 1977 1977 - return; 1762 1762 + return rp->status; 1978 1763 1979 1979 - hdev->le_resolv_list_size = rp->size; 1764 1764 + hci_bdaddr_list_clear(&hdev->le_resolv_list); 1765 1765 + 1766 1766 + return rp->status; 1980 1767 } 1981 1768 1982 1982 - static void hci_cc_le_set_addr_resolution_enable(struct hci_dev *hdev, 1983 1983 - struct sk_buff *skb) 1769 1769 + static u8 hci_cc_le_read_resolv_list_size(struct hci_dev *hdev, void *data, 1770 1770 + struct sk_buff *skb) 1984 1771 { 1985 1985 - __u8 *sent, status = *((__u8 *) skb->data); 1772 1772 + struct hci_rp_le_read_resolv_list_size *rp = data; 1986 1773 1987 1987 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1774 1774 + bt_dev_dbg(hdev, "status 0x%2.2x size %u", rp->status, rp->size); 1988 1775 1989 1989 - if (status) 1990 1990 - return; 1776 1776 + if (rp->status) 1777 1777 + return rp->status; 1778 1778 + 1779 1779 + hdev->le_resolv_list_size = rp->size; 1780 1780 + 1781 1781 + return rp->status; 1782 1782 + } 1783 1783 + 1784 1784 + static u8 hci_cc_le_set_addr_resolution_enable(struct hci_dev *hdev, void *data, 1785 1785 + struct sk_buff *skb) 1786 1786 + { 1787 1787 + struct hci_ev_status *rp = data; 1788 1788 + __u8 *sent; 1789 1789 + 1790 1790 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 1791 1791 + 1792 1792 + if (rp->status) 1793 1793 + return rp->status; 1991 1794 1992 1795 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADDR_RESOLV_ENABLE); 1993 1796 if (!sent) 1994 1994 - return; 1797 1797 + return rp->status; 1995 1798 1996 1799 hci_dev_lock(hdev); 1997 1800 ··· 2030 1775 hci_dev_clear_flag(hdev, HCI_LL_RPA_RESOLUTION); 2031 1776 2032 1777 hci_dev_unlock(hdev); 1778 1778 + 1779 1779 + return rp->status; 2033 1780 } 2034 1781 2035 2035 - static void hci_cc_le_read_max_data_len(struct hci_dev *hdev, 2036 2036 - struct sk_buff *skb) 1782 1782 + static u8 hci_cc_le_read_max_data_len(struct hci_dev *hdev, void *data, 1783 1783 + struct sk_buff *skb) 2037 1784 { 2038 2038 - struct hci_rp_le_read_max_data_len *rp = (void *) skb->data; 1785 1785 + struct hci_rp_le_read_max_data_len *rp = data; 2039 1786 2040 2040 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1787 1787 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 2041 1788 2042 1789 if (rp->status) 2043 2043 - return; 1790 1790 + return rp->status; 2044 1791 2045 1792 hdev->le_max_tx_len = le16_to_cpu(rp->tx_len); 2046 1793 hdev->le_max_tx_time = le16_to_cpu(rp->tx_time); 2047 1794 hdev->le_max_rx_len = le16_to_cpu(rp->rx_len); 2048 1795 hdev->le_max_rx_time = le16_to_cpu(rp->rx_time); 1796 1796 + 1797 1797 + return rp->status; 2049 1798 } 2050 1799 2051 2051 - static void hci_cc_write_le_host_supported(struct hci_dev *hdev, 2052 2052 - struct sk_buff *skb) 1800 1800 + static u8 hci_cc_write_le_host_supported(struct hci_dev *hdev, void *data, 1801 1801 + struct sk_buff *skb) 2053 1802 { 2054 1803 struct hci_cp_write_le_host_supported *sent; 2055 2055 - __u8 status = *((__u8 *) skb->data); 1804 1804 + struct hci_ev_status *rp = data; 2056 1805 2057 2057 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1806 1806 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 2058 1807 2059 2059 - if (status) 2060 2060 - return; 1808 1808 + if (rp->status) 1809 1809 + return rp->status; 2061 1810 2062 1811 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED); 2063 1812 if (!sent) 2064 2064 - return; 1813 1813 + return rp->status; 2065 1814 2066 1815 hci_dev_lock(hdev); 2067 1816 ··· 2084 1825 hdev->features[1][0] &= ~LMP_HOST_LE_BREDR; 2085 1826 2086 1827 hci_dev_unlock(hdev); 1828 1828 + 1829 1829 + return rp->status; 2087 1830 } 2088 1831 2089 2089 - static void hci_cc_set_adv_param(struct hci_dev *hdev, struct sk_buff *skb) 1832 1832 + static u8 hci_cc_set_adv_param(struct hci_dev *hdev, void *data, 1833 1833 + struct sk_buff *skb) 2090 1834 { 2091 1835 struct hci_cp_le_set_adv_param *cp; 2092 2092 - u8 status = *((u8 *) skb->data); 1836 1836 + struct hci_ev_status *rp = data; 2093 1837 2094 2094 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1838 1838 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 2095 1839 2096 2096 - if (status) 2097 2097 - return; 1840 1840 + if (rp->status) 1841 1841 + return rp->status; 2098 1842 2099 1843 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_PARAM); 2100 1844 if (!cp) 2101 2101 - return; 1845 1845 + return rp->status; 2102 1846 2103 1847 hci_dev_lock(hdev); 2104 1848 hdev->adv_addr_type = cp->own_address_type; 2105 1849 hci_dev_unlock(hdev); 1850 1850 + 1851 1851 + return rp->status; 2106 1852 } 2107 1853 2108 2108 - static void hci_cc_set_ext_adv_param(struct hci_dev *hdev, struct sk_buff *skb) 1854 1854 + static u8 hci_cc_set_ext_adv_param(struct hci_dev *hdev, void *data, 1855 1855 + struct sk_buff *skb) 2109 1856 { 2110 2110 - struct hci_rp_le_set_ext_adv_params *rp = (void *) skb->data; 1857 1857 + struct hci_rp_le_set_ext_adv_params *rp = data; 2111 1858 struct hci_cp_le_set_ext_adv_params *cp; 2112 1859 struct adv_info *adv_instance; 2113 1860 2114 2114 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1861 1861 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 2115 1862 2116 1863 if (rp->status) 2117 2117 - return; 1864 1864 + return rp->status; 2118 1865 2119 1866 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_EXT_ADV_PARAMS); 2120 1867 if (!cp) 2121 2121 - return; 1868 1868 + return rp->status; 2122 1869 2123 1870 hci_dev_lock(hdev); 2124 1871 hdev->adv_addr_type = cp->own_addr_type; ··· 2140 1875 hci_req_update_adv_data(hdev, cp->handle); 2141 1876 2142 1877 hci_dev_unlock(hdev); 1878 1878 + 1879 1879 + return rp->status; 2143 1880 } 2144 1881 2145 2145 - static void hci_cc_read_rssi(struct hci_dev *hdev, struct sk_buff *skb) 1882 1882 + static u8 hci_cc_read_rssi(struct hci_dev *hdev, void *data, 1883 1883 + struct sk_buff *skb) 2146 1884 { 2147 2147 - struct hci_rp_read_rssi *rp = (void *) skb->data; 1885 1885 + struct hci_rp_read_rssi *rp = data; 2148 1886 struct hci_conn *conn; 2149 1887 2150 2150 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1888 1888 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 2151 1889 2152 1890 if (rp->status) 2153 2153 - return; 1891 1891 + return rp->status; 2154 1892 2155 1893 hci_dev_lock(hdev); 2156 1894 ··· 2162 1894 conn->rssi = rp->rssi; 2163 1895 2164 1896 hci_dev_unlock(hdev); 1897 1897 + 1898 1898 + return rp->status; 2165 1899 } 2166 1900 2167 2167 - static void hci_cc_read_tx_power(struct hci_dev *hdev, struct sk_buff *skb) 1901 1901 + static u8 hci_cc_read_tx_power(struct hci_dev *hdev, void *data, 1902 1902 + struct sk_buff *skb) 2168 1903 { 2169 1904 struct hci_cp_read_tx_power *sent; 2170 2170 - struct hci_rp_read_tx_power *rp = (void *) skb->data; 1905 1905 + struct hci_rp_read_tx_power *rp = data; 2171 1906 struct hci_conn *conn; 2172 1907 2173 2173 - BT_DBG("%s status 0x%2.2x", hdev->name, rp->status); 1908 1908 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 2174 1909 2175 1910 if (rp->status) 2176 2176 - return; 1911 1911 + return rp->status; 2177 1912 2178 1913 sent = hci_sent_cmd_data(hdev, HCI_OP_READ_TX_POWER); 2179 1914 if (!sent) 2180 2180 - return; 1915 1915 + return rp->status; 2181 1916 2182 1917 hci_dev_lock(hdev); 2183 1918 ··· 2199 1928 2200 1929 unlock: 2201 1930 hci_dev_unlock(hdev); 1931 1931 + return rp->status; 2202 1932 } 2203 1933 2204 2204 - static void hci_cc_write_ssp_debug_mode(struct hci_dev *hdev, struct sk_buff *skb) 1934 1934 + static u8 hci_cc_write_ssp_debug_mode(struct hci_dev *hdev, void *data, 1935 1935 + struct sk_buff *skb) 2205 1936 { 2206 2206 - u8 status = *((u8 *) skb->data); 1937 1937 + struct hci_ev_status *rp = data; 2207 1938 u8 *mode; 2208 1939 2209 2209 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1940 1940 + bt_dev_dbg(hdev, "status 0x%2.2x", rp->status); 2210 1941 2211 2211 - if (status) 2212 2212 - return; 1942 1942 + if (rp->status) 1943 1943 + return rp->status; 2213 1944 2214 1945 mode = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_DEBUG_MODE); 2215 1946 if (mode) 2216 1947 hdev->ssp_debug_mode = *mode; 1948 1948 + 1949 1949 + return rp->status; 2217 1950 } 2218 1951 2219 1952 static void hci_cs_inquiry(struct hci_dev *hdev, __u8 status) 2220 1953 { 2221 2221 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1954 1954 + bt_dev_dbg(hdev, "status 0x%2.2x", status); 2222 1955 2223 1956 if (status) { 2224 1957 hci_conn_check_pending(hdev); ··· 2237 1962 struct hci_cp_create_conn *cp; 2238 1963 struct hci_conn *conn; 2239 1964 2240 2240 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1965 1965 + bt_dev_dbg(hdev, "status 0x%2.2x", status); 2241 1966 2242 1967 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN); 2243 1968 if (!cp) ··· 2247 1972 2248 1973 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); 2249 1974 2250 2250 - BT_DBG("%s bdaddr %pMR hcon %p", hdev->name, &cp->bdaddr, conn); 1975 1975 + bt_dev_dbg(hdev, "bdaddr %pMR hcon %p", &cp->bdaddr, conn); 2251 1976 2252 1977 if (status) { 2253 1978 if (conn && conn->state == BT_CONNECT) { ··· 2276 2001 struct hci_conn *acl, *sco; 2277 2002 __u16 handle; 2278 2003 2279 2279 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 2004 2004 + bt_dev_dbg(hdev, "status 0x%2.2x", status); 2280 2005 2281 2006 if (!status) 2282 2007 return; ··· 2287 2012 2288 2013 handle = __le16_to_cpu(cp->handle); 2289 2014 2290 2290 - BT_DBG("%s handle 0x%4.4x", hdev->name, handle); 2015 2015 + bt_dev_dbg(hdev, "handle 0x%4.4x", handle); 2291 2016 2292 2017 hci_dev_lock(hdev); 2293 2018 ··· 2310 2035 struct hci_cp_auth_requested *cp; 2311 2036 struct hci_conn *conn; 2312 2037 2313 2313 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 2038 2038 + bt_dev_dbg(hdev, "status 0x%2.2x", status); 2314 2039 2315 2040 if (!status) 2316 2041 return; ··· 2337 2062 struct hci_cp_set_conn_encrypt *cp; 2338 2063 struct hci_conn *conn; 2339 2064 2340 2340 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 2065 2065 + bt_dev_dbg(hdev, "status 0x%2.2x", status); 2341 2066 2342 2067 if (!status) 2343 2068 return; ··· 2404 2129 if (list_empty(&discov->resolve)) 2405 2130 return false; 2406 2131 2132 2132 + /* We should stop if we already spent too much time resolving names. */ 2133 2133 + if (time_after(jiffies, discov->name_resolve_timeout)) { 2134 2134 + bt_dev_warn_ratelimited(hdev, "Name resolve takes too long."); 2135 2135 + return false; 2136 2136 + } 2137 2137 + 2407 2138 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED); 2408 2139 if (!e) 2409 2140 return false; ··· 2456 2175 return; 2457 2176 2458 2177 list_del(&e->list); 2459 2459 - if (name) { 2460 2460 - e->name_state = NAME_KNOWN; 2461 2461 - mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00, 2462 2462 - e->data.rssi, name, name_len); 2463 2463 - } else { 2464 2464 - e->name_state = NAME_NOT_KNOWN; 2465 2465 - } 2178 2178 + 2179 2179 + e->name_state = name ? NAME_KNOWN : NAME_NOT_KNOWN; 2180 2180 + mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00, e->data.rssi, 2181 2181 + name, name_len); 2466 2182 2467 2183 if (hci_resolve_next_name(hdev)) 2468 2184 return; ··· 2473 2195 struct hci_cp_remote_name_req *cp; 2474 2196 struct hci_conn *conn; 2475 2197 2476 2476 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 2198 2198 + bt_dev_dbg(hdev, "status 0x%2.2x", status); 2477 2199 2478 2200 /* If successful wait for the name req complete event before 2479 2201 * checking for the need to do authentication */ ··· 2516 2238 struct hci_cp_read_remote_features *cp; 2517 2239 struct hci_conn *conn; 2518 2240 2519 2519 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 2241 2241 + bt_dev_dbg(hdev, "status 0x%2.2x", status); 2520 2242 2521 2243 if (!status) 2522 2244 return; ··· 2543 2265 struct hci_cp_read_remote_ext_features *cp; 2544 2266 struct hci_conn *conn; 2545 2267 2546 2546 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 2268 2268 + bt_dev_dbg(hdev, "status 0x%2.2x", status); 2547 2269 2548 2270 if (!status) 2549 2271 return; ··· 2571 2293 struct hci_conn *acl, *sco; 2572 2294 __u16 handle; 2573 2295 2574 2574 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 2296 2296 + bt_dev_dbg(hdev, "status 0x%2.2x", status); 2575 2297 2576 2298 if (!status) 2577 2299 return; ··· 2582 2304 2583 2305 handle = __le16_to_cpu(cp->handle); 2584 2306 2585 2585 - BT_DBG("%s handle 0x%4.4x", hdev->name, handle); 2307 2307 + bt_dev_dbg(hdev, "handle 0x%4.4x", handle); 2586 2308 2587 2309 hci_dev_lock(hdev); 2588 2310 ··· 2640 2362 struct hci_cp_sniff_mode *cp; 2641 2363 struct hci_conn *conn; 2642 2364 2643 2643 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 2365 2365 + bt_dev_dbg(hdev, "status 0x%2.2x", status); 2644 2366 2645 2367 if (!status) 2646 2368 return; ··· 2667 2389 struct hci_cp_exit_sniff_mode *cp; 2668 2390 struct hci_conn *conn; 2669 2391 2670 2670 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 2392 2392 + bt_dev_dbg(hdev, "status 0x%2.2x", status); 2671 2393 2672 2394 if (!status) 2673 2395 return; ··· 2695 2417 struct hci_conn_params *params; 2696 2418 struct hci_conn *conn; 2697 2419 bool mgmt_conn; 2420 2420 + 2421 2421 + bt_dev_dbg(hdev, "status 0x%2.2x", status); 2698 2422 2699 2423 /* Wait for HCI_EV_DISCONN_COMPLETE if status 0x00 and not suspended 2700 2424 * otherwise cleanup the connection immediately. ··· 2831 2551 { 2832 2552 struct hci_cp_le_create_conn *cp; 2833 2553 2834 2834 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 2554 2554 + bt_dev_dbg(hdev, "status 0x%2.2x", status); 2835 2555 2836 2556 /* All connection failure handling is taken care of by the 2837 2557 * hci_le_conn_failed function which is triggered by the HCI ··· 2856 2576 { 2857 2577 struct hci_cp_le_ext_create_conn *cp; 2858 2578 2859 2859 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 2579 2579 + bt_dev_dbg(hdev, "status 0x%2.2x", status); 2860 2580 2861 2581 /* All connection failure handling is taken care of by the 2862 2582 * hci_le_conn_failed function which is triggered by the HCI ··· 2882 2602 struct hci_cp_le_read_remote_features *cp; 2883 2603 struct hci_conn *conn; 2884 2604 2885 2885 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 2605 2605 + bt_dev_dbg(hdev, "status 0x%2.2x", status); 2886 2606 2887 2607 if (!status) 2888 2608 return; ··· 2909 2629 struct hci_cp_le_start_enc *cp; 2910 2630 struct hci_conn *conn; 2911 2631 2912 2912 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 2632 2632 + bt_dev_dbg(hdev, "status 0x%2.2x", status); 2913 2633 2914 2634 if (!status) 2915 2635 return; ··· 2957 2677 hci_dev_unlock(hdev); 2958 2678 } 2959 2679 2960 2960 - static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 2680 2680 + static void hci_inquiry_complete_evt(struct hci_dev *hdev, void *data, 2681 2681 + struct sk_buff *skb) 2961 2682 { 2962 2962 - __u8 status = *((__u8 *) skb->data); 2683 2683 + struct hci_ev_status *ev = data; 2963 2684 struct discovery_state *discov = &hdev->discovery; 2964 2685 struct inquiry_entry *e; 2965 2686 2966 2966 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 2687 2687 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 2967 2688 2968 2689 hci_conn_check_pending(hdev); 2969 2690 ··· 3000 2719 if (e && hci_resolve_name(hdev, e) == 0) { 3001 2720 e->name_state = NAME_PENDING; 3002 2721 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING); 2722 2722 + discov->name_resolve_timeout = jiffies + NAME_RESOLVE_DURATION; 3003 2723 } else { 3004 2724 /* When BR/EDR inquiry is active and no LE scanning is in 3005 2725 * progress, then change discovery state to indicate completion. ··· 3018 2736 hci_dev_unlock(hdev); 3019 2737 } 3020 2738 3021 3021 - static void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb) 2739 2739 + static void hci_inquiry_result_evt(struct hci_dev *hdev, void *edata, 2740 2740 + struct sk_buff *skb) 3022 2741 { 2742 2742 + struct hci_ev_inquiry_result *ev = edata; 3023 2743 struct inquiry_data data; 3024 3024 - struct inquiry_info *info = (void *) (skb->data + 1); 3025 3025 - int num_rsp = *((__u8 *) skb->data); 2744 2744 + int i; 3026 2745 3027 3027 - BT_DBG("%s num_rsp %d", hdev->name, num_rsp); 2746 2746 + if (!hci_ev_skb_pull(hdev, skb, HCI_EV_INQUIRY_RESULT, 2747 2747 + flex_array_size(ev, info, ev->num))) 2748 2748 + return; 3028 2749 3029 3029 - if (!num_rsp || skb->len < num_rsp * sizeof(*info) + 1) 2750 2750 + bt_dev_dbg(hdev, "num %d", ev->num); 2751 2751 + 2752 2752 + if (!ev->num) 3030 2753 return; 3031 2754 3032 2755 if (hci_dev_test_flag(hdev, HCI_PERIODIC_INQ)) ··· 3039 2752 3040 2753 hci_dev_lock(hdev); 3041 2754 3042 3042 - for (; num_rsp; num_rsp--, info++) { 2755 2755 + for (i = 0; i < ev->num; i++) { 2756 2756 + struct inquiry_info *info = &ev->info[i]; 3043 2757 u32 flags; 3044 2758 3045 2759 bacpy(&data.bdaddr, &info->bdaddr); ··· 3062 2774 hci_dev_unlock(hdev); 3063 2775 } 3064 2776 3065 3065 - static void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 2777 2777 + static void hci_conn_complete_evt(struct hci_dev *hdev, void *data, 2778 2778 + struct sk_buff *skb) 3066 2779 { 3067 3067 - struct hci_ev_conn_complete *ev = (void *) skb->data; 2780 2780 + struct hci_ev_conn_complete *ev = data; 3068 2781 struct hci_conn *conn; 3069 2782 3070 3070 - BT_DBG("%s", hdev->name); 2783 2783 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 3071 2784 3072 2785 hci_dev_lock(hdev); 3073 2786 ··· 3187 2898 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp); 3188 2899 } 3189 2900 3190 3190 - static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb) 2901 2901 + static void hci_conn_request_evt(struct hci_dev *hdev, void *data, 2902 2902 + struct sk_buff *skb) 3191 2903 { 3192 3192 - struct hci_ev_conn_request *ev = (void *) skb->data; 2904 2904 + struct hci_ev_conn_request *ev = data; 3193 2905 int mask = hdev->link_mode; 3194 2906 struct inquiry_entry *ie; 3195 2907 struct hci_conn *conn; 3196 2908 __u8 flags = 0; 3197 2909 3198 3198 - BT_DBG("%s bdaddr %pMR type 0x%x", hdev->name, &ev->bdaddr, 3199 3199 - ev->link_type); 2910 2910 + bt_dev_dbg(hdev, "bdaddr %pMR type 0x%x", &ev->bdaddr, ev->link_type); 3200 2911 3201 2912 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type, 3202 2913 &flags); ··· 3298 3009 } 3299 3010 } 3300 3011 3301 3301 - static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 3012 3012 + static void hci_disconn_complete_evt(struct hci_dev *hdev, void *data, 3013 3013 + struct sk_buff *skb) 3302 3014 { 3303 3303 - struct hci_ev_disconn_complete *ev = (void *) skb->data; 3015 3015 + struct hci_ev_disconn_complete *ev = data; 3304 3016 u8 reason; 3305 3017 struct hci_conn_params *params; 3306 3018 struct hci_conn *conn; 3307 3019 bool mgmt_connected; 3308 3020 3309 3309 - BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); 3021 3021 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 3310 3022 3311 3023 hci_dev_lock(hdev); 3312 3024 ··· 3383 3093 hci_dev_unlock(hdev); 3384 3094 } 3385 3095 3386 3386 - static void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 3096 3096 + static void hci_auth_complete_evt(struct hci_dev *hdev, void *data, 3097 3097 + struct sk_buff *skb) 3387 3098 { 3388 3388 - struct hci_ev_auth_complete *ev = (void *) skb->data; 3099 3099 + struct hci_ev_auth_complete *ev = data; 3389 3100 struct hci_conn *conn; 3390 3101 3391 3391 - BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); 3102 3102 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 3392 3103 3393 3104 hci_dev_lock(hdev); 3394 3105 ··· 3454 3163 hci_dev_unlock(hdev); 3455 3164 } 3456 3165 3457 3457 - static void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb) 3166 3166 + static void hci_remote_name_evt(struct hci_dev *hdev, void *data, 3167 3167 + struct sk_buff *skb) 3458 3168 { 3459 3459 - struct hci_ev_remote_name *ev = (void *) skb->data; 3169 3169 + struct hci_ev_remote_name *ev = data; 3460 3170 struct hci_conn *conn; 3461 3171 3462 3462 - BT_DBG("%s", hdev->name); 3172 3172 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 3463 3173 3464 3174 hci_conn_check_pending(hdev); 3465 3175 ··· 3538 3246 hci_dev_unlock(hdev); 3539 3247 } 3540 3248 3541 3541 - static void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb) 3249 3249 + static void hci_encrypt_change_evt(struct hci_dev *hdev, void *data, 3250 3250 + struct sk_buff *skb) 3542 3251 { 3543 3543 - struct hci_ev_encrypt_change *ev = (void *) skb->data; 3252 3252 + struct hci_ev_encrypt_change *ev = data; 3544 3253 struct hci_conn *conn; 3545 3254 3546 3546 - BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); 3255 3255 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 3547 3256 3548 3257 hci_dev_lock(hdev); 3549 3258 ··· 3653 3360 hci_dev_unlock(hdev); 3654 3361 } 3655 3362 3656 3656 - static void hci_change_link_key_complete_evt(struct hci_dev *hdev, 3363 3363 + static void hci_change_link_key_complete_evt(struct hci_dev *hdev, void *data, 3657 3364 struct sk_buff *skb) 3658 3365 { 3659 3659 - struct hci_ev_change_link_key_complete *ev = (void *) skb->data; 3366 3366 + struct hci_ev_change_link_key_complete *ev = data; 3660 3367 struct hci_conn *conn; 3661 3368 3662 3662 - BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); 3369 3369 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 3663 3370 3664 3371 hci_dev_lock(hdev); 3665 3372 ··· 3676 3383 hci_dev_unlock(hdev); 3677 3384 } 3678 3385 3679 3679 - static void hci_remote_features_evt(struct hci_dev *hdev, 3386 3386 + static void hci_remote_features_evt(struct hci_dev *hdev, void *data, 3680 3387 struct sk_buff *skb) 3681 3388 { 3682 3682 - struct hci_ev_remote_features *ev = (void *) skb->data; 3389 3389 + struct hci_ev_remote_features *ev = data; 3683 3390 struct hci_conn *conn; 3684 3391 3685 3685 - BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); 3392 3392 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 3686 3393 3687 3394 hci_dev_lock(hdev); 3688 3395 ··· 3740 3447 } 3741 3448 } 3742 3449 3743 3743 - static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb, 3744 3744 - u16 *opcode, u8 *status, 3450 3450 + #define HCI_CC_VL(_op, _func, _min, _max) \ 3451 3451 + { \ 3452 3452 + .op = _op, \ 3453 3453 + .func = _func, \ 3454 3454 + .min_len = _min, \ 3455 3455 + .max_len = _max, \ 3456 3456 + } 3457 3457 + 3458 3458 + #define HCI_CC(_op, _func, _len) \ 3459 3459 + HCI_CC_VL(_op, _func, _len, _len) 3460 3460 + 3461 3461 + #define HCI_CC_STATUS(_op, _func) \ 3462 3462 + HCI_CC(_op, _func, sizeof(struct hci_ev_status)) 3463 3463 + 3464 3464 + static const struct hci_cc { 3465 3465 + u16 op; 3466 3466 + u8 (*func)(struct hci_dev *hdev, void *data, struct sk_buff *skb); 3467 3467 + u16 min_len; 3468 3468 + u16 max_len; 3469 3469 + } hci_cc_table[] = { 3470 3470 + HCI_CC_STATUS(HCI_OP_INQUIRY_CANCEL, hci_cc_inquiry_cancel), 3471 3471 + HCI_CC_STATUS(HCI_OP_PERIODIC_INQ, hci_cc_periodic_inq), 3472 3472 + HCI_CC_STATUS(HCI_OP_EXIT_PERIODIC_INQ, hci_cc_exit_periodic_inq), 3473 3473 + HCI_CC_STATUS(HCI_OP_REMOTE_NAME_REQ_CANCEL, 3474 3474 + hci_cc_remote_name_req_cancel), 3475 3475 + HCI_CC(HCI_OP_ROLE_DISCOVERY, hci_cc_role_discovery, 3476 3476 + sizeof(struct hci_rp_role_discovery)), 3477 3477 + HCI_CC(HCI_OP_READ_LINK_POLICY, hci_cc_read_link_policy, 3478 3478 + sizeof(struct hci_rp_read_link_policy)), 3479 3479 + HCI_CC(HCI_OP_WRITE_LINK_POLICY, hci_cc_write_link_policy, 3480 3480 + sizeof(struct hci_rp_write_link_policy)), 3481 3481 + HCI_CC(HCI_OP_READ_DEF_LINK_POLICY, hci_cc_read_def_link_policy, 3482 3482 + sizeof(struct hci_rp_read_def_link_policy)), 3483 3483 + HCI_CC_STATUS(HCI_OP_WRITE_DEF_LINK_POLICY, 3484 3484 + hci_cc_write_def_link_policy), 3485 3485 + HCI_CC_STATUS(HCI_OP_RESET, hci_cc_reset), 3486 3486 + HCI_CC(HCI_OP_READ_STORED_LINK_KEY, hci_cc_read_stored_link_key, 3487 3487 + sizeof(struct hci_rp_read_stored_link_key)), 3488 3488 + HCI_CC(HCI_OP_DELETE_STORED_LINK_KEY, hci_cc_delete_stored_link_key, 3489 3489 + sizeof(struct hci_rp_delete_stored_link_key)), 3490 3490 + HCI_CC_STATUS(HCI_OP_WRITE_LOCAL_NAME, hci_cc_write_local_name), 3491 3491 + HCI_CC(HCI_OP_READ_LOCAL_NAME, hci_cc_read_local_name, 3492 3492 + sizeof(struct hci_rp_read_local_name)), 3493 3493 + HCI_CC_STATUS(HCI_OP_WRITE_AUTH_ENABLE, hci_cc_write_auth_enable), 3494 3494 + HCI_CC_STATUS(HCI_OP_WRITE_ENCRYPT_MODE, hci_cc_write_encrypt_mode), 3495 3495 + HCI_CC_STATUS(HCI_OP_WRITE_SCAN_ENABLE, hci_cc_write_scan_enable), 3496 3496 + HCI_CC_STATUS(HCI_OP_SET_EVENT_FLT, hci_cc_set_event_filter), 3497 3497 + HCI_CC(HCI_OP_READ_CLASS_OF_DEV, hci_cc_read_class_of_dev, 3498 3498 + sizeof(struct hci_rp_read_class_of_dev)), 3499 3499 + HCI_CC_STATUS(HCI_OP_WRITE_CLASS_OF_DEV, hci_cc_write_class_of_dev), 3500 3500 + HCI_CC(HCI_OP_READ_VOICE_SETTING, hci_cc_read_voice_setting, 3501 3501 + sizeof(struct hci_rp_read_voice_setting)), 3502 3502 + HCI_CC_STATUS(HCI_OP_WRITE_VOICE_SETTING, hci_cc_write_voice_setting), 3503 3503 + HCI_CC(HCI_OP_READ_NUM_SUPPORTED_IAC, hci_cc_read_num_supported_iac, 3504 3504 + sizeof(struct hci_rp_read_num_supported_iac)), 3505 3505 + HCI_CC_STATUS(HCI_OP_WRITE_SSP_MODE, hci_cc_write_ssp_mode), 3506 3506 + HCI_CC_STATUS(HCI_OP_WRITE_SC_SUPPORT, hci_cc_write_sc_support), 3507 3507 + HCI_CC(HCI_OP_READ_AUTH_PAYLOAD_TO, hci_cc_read_auth_payload_timeout, 3508 3508 + sizeof(struct hci_rp_read_auth_payload_to)), 3509 3509 + HCI_CC(HCI_OP_WRITE_AUTH_PAYLOAD_TO, hci_cc_write_auth_payload_timeout, 3510 3510 + sizeof(struct hci_rp_write_auth_payload_to)), 3511 3511 + HCI_CC(HCI_OP_READ_LOCAL_VERSION, hci_cc_read_local_version, 3512 3512 + sizeof(struct hci_rp_read_local_version)), 3513 3513 + HCI_CC(HCI_OP_READ_LOCAL_COMMANDS, hci_cc_read_local_commands, 3514 3514 + sizeof(struct hci_rp_read_local_commands)), 3515 3515 + HCI_CC(HCI_OP_READ_LOCAL_FEATURES, hci_cc_read_local_features, 3516 3516 + sizeof(struct hci_rp_read_local_features)), 3517 3517 + HCI_CC(HCI_OP_READ_LOCAL_EXT_FEATURES, hci_cc_read_local_ext_features, 3518 3518 + sizeof(struct hci_rp_read_local_ext_features)), 3519 3519 + HCI_CC(HCI_OP_READ_BUFFER_SIZE, hci_cc_read_buffer_size, 3520 3520 + sizeof(struct hci_rp_read_buffer_size)), 3521 3521 + HCI_CC(HCI_OP_READ_BD_ADDR, hci_cc_read_bd_addr, 3522 3522 + sizeof(struct hci_rp_read_bd_addr)), 3523 3523 + HCI_CC(HCI_OP_READ_LOCAL_PAIRING_OPTS, hci_cc_read_local_pairing_opts, 3524 3524 + sizeof(struct hci_rp_read_local_pairing_opts)), 3525 3525 + HCI_CC(HCI_OP_READ_PAGE_SCAN_ACTIVITY, hci_cc_read_page_scan_activity, 3526 3526 + sizeof(struct hci_rp_read_page_scan_activity)), 3527 3527 + HCI_CC_STATUS(HCI_OP_WRITE_PAGE_SCAN_ACTIVITY, 3528 3528 + hci_cc_write_page_scan_activity), 3529 3529 + HCI_CC(HCI_OP_READ_PAGE_SCAN_TYPE, hci_cc_read_page_scan_type, 3530 3530 + sizeof(struct hci_rp_read_page_scan_type)), 3531 3531 + HCI_CC_STATUS(HCI_OP_WRITE_PAGE_SCAN_TYPE, hci_cc_write_page_scan_type), 3532 3532 + HCI_CC(HCI_OP_READ_DATA_BLOCK_SIZE, hci_cc_read_data_block_size, 3533 3533 + sizeof(struct hci_rp_read_data_block_size)), 3534 3534 + HCI_CC(HCI_OP_READ_FLOW_CONTROL_MODE, hci_cc_read_flow_control_mode, 3535 3535 + sizeof(struct hci_rp_read_flow_control_mode)), 3536 3536 + HCI_CC(HCI_OP_READ_LOCAL_AMP_INFO, hci_cc_read_local_amp_info, 3537 3537 + sizeof(struct hci_rp_read_local_amp_info)), 3538 3538 + HCI_CC(HCI_OP_READ_CLOCK, hci_cc_read_clock, 3539 3539 + sizeof(struct hci_rp_read_clock)), 3540 3540 + HCI_CC(HCI_OP_READ_INQ_RSP_TX_POWER, hci_cc_read_inq_rsp_tx_power, 3541 3541 + sizeof(struct hci_rp_read_inq_rsp_tx_power)), 3542 3542 + HCI_CC(HCI_OP_READ_DEF_ERR_DATA_REPORTING, 3543 3543 + hci_cc_read_def_err_data_reporting, 3544 3544 + sizeof(struct hci_rp_read_def_err_data_reporting)), 3545 3545 + HCI_CC_STATUS(HCI_OP_WRITE_DEF_ERR_DATA_REPORTING, 3546 3546 + hci_cc_write_def_err_data_reporting), 3547 3547 + HCI_CC(HCI_OP_PIN_CODE_REPLY, hci_cc_pin_code_reply, 3548 3548 + sizeof(struct hci_rp_pin_code_reply)), 3549 3549 + HCI_CC(HCI_OP_PIN_CODE_NEG_REPLY, hci_cc_pin_code_neg_reply, 3550 3550 + sizeof(struct hci_rp_pin_code_neg_reply)), 3551 3551 + HCI_CC(HCI_OP_READ_LOCAL_OOB_DATA, hci_cc_read_local_oob_data, 3552 3552 + sizeof(struct hci_rp_read_local_oob_data)), 3553 3553 + HCI_CC(HCI_OP_READ_LOCAL_OOB_EXT_DATA, hci_cc_read_local_oob_ext_data, 3554 3554 + sizeof(struct hci_rp_read_local_oob_ext_data)), 3555 3555 + HCI_CC(HCI_OP_LE_READ_BUFFER_SIZE, hci_cc_le_read_buffer_size, 3556 3556 + sizeof(struct hci_rp_le_read_buffer_size)), 3557 3557 + HCI_CC(HCI_OP_LE_READ_LOCAL_FEATURES, hci_cc_le_read_local_features, 3558 3558 + sizeof(struct hci_rp_le_read_local_features)), 3559 3559 + HCI_CC(HCI_OP_LE_READ_ADV_TX_POWER, hci_cc_le_read_adv_tx_power, 3560 3560 + sizeof(struct hci_rp_le_read_adv_tx_power)), 3561 3561 + HCI_CC(HCI_OP_USER_CONFIRM_REPLY, hci_cc_user_confirm_reply, 3562 3562 + sizeof(struct hci_rp_user_confirm_reply)), 3563 3563 + HCI_CC(HCI_OP_USER_CONFIRM_NEG_REPLY, hci_cc_user_confirm_neg_reply, 3564 3564 + sizeof(struct hci_rp_user_confirm_reply)), 3565 3565 + HCI_CC(HCI_OP_USER_PASSKEY_REPLY, hci_cc_user_passkey_reply, 3566 3566 + sizeof(struct hci_rp_user_confirm_reply)), 3567 3567 + HCI_CC(HCI_OP_USER_PASSKEY_NEG_REPLY, hci_cc_user_passkey_neg_reply, 3568 3568 + sizeof(struct hci_rp_user_confirm_reply)), 3569 3569 + HCI_CC_STATUS(HCI_OP_LE_SET_RANDOM_ADDR, hci_cc_le_set_random_addr), 3570 3570 + HCI_CC_STATUS(HCI_OP_LE_SET_ADV_ENABLE, hci_cc_le_set_adv_enable), 3571 3571 + HCI_CC_STATUS(HCI_OP_LE_SET_SCAN_PARAM, hci_cc_le_set_scan_param), 3572 3572 + HCI_CC_STATUS(HCI_OP_LE_SET_SCAN_ENABLE, hci_cc_le_set_scan_enable), 3573 3573 + HCI_CC(HCI_OP_LE_READ_ACCEPT_LIST_SIZE, 3574 3574 + hci_cc_le_read_accept_list_size, 3575 3575 + sizeof(struct hci_rp_le_read_accept_list_size)), 3576 3576 + HCI_CC_STATUS(HCI_OP_LE_CLEAR_ACCEPT_LIST, hci_cc_le_clear_accept_list), 3577 3577 + HCI_CC_STATUS(HCI_OP_LE_ADD_TO_ACCEPT_LIST, 3578 3578 + hci_cc_le_add_to_accept_list), 3579 3579 + HCI_CC_STATUS(HCI_OP_LE_DEL_FROM_ACCEPT_LIST, 3580 3580 + hci_cc_le_del_from_accept_list), 3581 3581 + HCI_CC(HCI_OP_LE_READ_SUPPORTED_STATES, hci_cc_le_read_supported_states, 3582 3582 + sizeof(struct hci_rp_le_read_supported_states)), 3583 3583 + HCI_CC(HCI_OP_LE_READ_DEF_DATA_LEN, hci_cc_le_read_def_data_len, 3584 3584 + sizeof(struct hci_rp_le_read_def_data_len)), 3585 3585 + HCI_CC_STATUS(HCI_OP_LE_WRITE_DEF_DATA_LEN, 3586 3586 + hci_cc_le_write_def_data_len), 3587 3587 + HCI_CC_STATUS(HCI_OP_LE_ADD_TO_RESOLV_LIST, 3588 3588 + hci_cc_le_add_to_resolv_list), 3589 3589 + HCI_CC_STATUS(HCI_OP_LE_DEL_FROM_RESOLV_LIST, 3590 3590 + hci_cc_le_del_from_resolv_list), 3591 3591 + HCI_CC_STATUS(HCI_OP_LE_CLEAR_RESOLV_LIST, 3592 3592 + hci_cc_le_clear_resolv_list), 3593 3593 + HCI_CC(HCI_OP_LE_READ_RESOLV_LIST_SIZE, hci_cc_le_read_resolv_list_size, 3594 3594 + sizeof(struct hci_rp_le_read_resolv_list_size)), 3595 3595 + HCI_CC_STATUS(HCI_OP_LE_SET_ADDR_RESOLV_ENABLE, 3596 3596 + hci_cc_le_set_addr_resolution_enable), 3597 3597 + HCI_CC(HCI_OP_LE_READ_MAX_DATA_LEN, hci_cc_le_read_max_data_len, 3598 3598 + sizeof(struct hci_rp_le_read_max_data_len)), 3599 3599 + HCI_CC_STATUS(HCI_OP_WRITE_LE_HOST_SUPPORTED, 3600 3600 + hci_cc_write_le_host_supported), 3601 3601 + HCI_CC_STATUS(HCI_OP_LE_SET_ADV_PARAM, hci_cc_set_adv_param), 3602 3602 + HCI_CC(HCI_OP_READ_RSSI, hci_cc_read_rssi, 3603 3603 + sizeof(struct hci_rp_read_rssi)), 3604 3604 + HCI_CC(HCI_OP_READ_TX_POWER, hci_cc_read_tx_power, 3605 3605 + sizeof(struct hci_rp_read_tx_power)), 3606 3606 + HCI_CC_STATUS(HCI_OP_WRITE_SSP_DEBUG_MODE, hci_cc_write_ssp_debug_mode), 3607 3607 + HCI_CC_STATUS(HCI_OP_LE_SET_EXT_SCAN_PARAMS, 3608 3608 + hci_cc_le_set_ext_scan_param), 3609 3609 + HCI_CC_STATUS(HCI_OP_LE_SET_EXT_SCAN_ENABLE, 3610 3610 + hci_cc_le_set_ext_scan_enable), 3611 3611 + HCI_CC_STATUS(HCI_OP_LE_SET_DEFAULT_PHY, hci_cc_le_set_default_phy), 3612 3612 + HCI_CC(HCI_OP_LE_READ_NUM_SUPPORTED_ADV_SETS, 3613 3613 + hci_cc_le_read_num_adv_sets, 3614 3614 + sizeof(struct hci_rp_le_read_num_supported_adv_sets)), 3615 3615 + HCI_CC(HCI_OP_LE_SET_EXT_ADV_PARAMS, hci_cc_set_ext_adv_param, 3616 3616 + sizeof(struct hci_rp_le_set_ext_adv_params)), 3617 3617 + HCI_CC_STATUS(HCI_OP_LE_SET_EXT_ADV_ENABLE, 3618 3618 + hci_cc_le_set_ext_adv_enable), 3619 3619 + HCI_CC_STATUS(HCI_OP_LE_SET_ADV_SET_RAND_ADDR, 3620 3620 + hci_cc_le_set_adv_set_random_addr), 3621 3621 + HCI_CC_STATUS(HCI_OP_LE_REMOVE_ADV_SET, hci_cc_le_remove_adv_set), 3622 3622 + HCI_CC_STATUS(HCI_OP_LE_CLEAR_ADV_SETS, hci_cc_le_clear_adv_sets), 3623 3623 + HCI_CC(HCI_OP_LE_READ_TRANSMIT_POWER, hci_cc_le_read_transmit_power, 3624 3624 + sizeof(struct hci_rp_le_read_transmit_power)), 3625 3625 + HCI_CC_STATUS(HCI_OP_LE_SET_PRIVACY_MODE, hci_cc_le_set_privacy_mode) 3626 3626 + }; 3627 3627 + 3628 3628 + static u8 hci_cc_func(struct hci_dev *hdev, const struct hci_cc *cc, 3629 3629 + struct sk_buff *skb) 3630 3630 + { 3631 3631 + void *data; 3632 3632 + 3633 3633 + if (skb->len < cc->min_len) { 3634 3634 + bt_dev_err(hdev, "unexpected cc 0x%4.4x length: %u < %u", 3635 3635 + cc->op, skb->len, cc->min_len); 3636 3636 + return HCI_ERROR_UNSPECIFIED; 3637 3637 + } 3638 3638 + 3639 3639 + /* Just warn if the length is over max_len size it still be possible to 3640 3640 + * partially parse the cc so leave to callback to decide if that is 3641 3641 + * acceptable. 3642 3642 + */ 3643 3643 + if (skb->len > cc->max_len) 3644 3644 + bt_dev_warn(hdev, "unexpected cc 0x%4.4x length: %u > %u", 3645 3645 + cc->op, skb->len, cc->max_len); 3646 3646 + 3647 3647 + data = hci_cc_skb_pull(hdev, skb, cc->op, cc->min_len); 3648 3648 + if (!data) 3649 3649 + return HCI_ERROR_UNSPECIFIED; 3650 3650 + 3651 3651 + return cc->func(hdev, data, skb); 3652 3652 + } 3653 3653 + 3654 3654 + static void hci_cmd_complete_evt(struct hci_dev *hdev, void *data, 3655 3655 + struct sk_buff *skb, u16 *opcode, u8 *status, 3745 3656 hci_req_complete_t *req_complete, 3746 3657 hci_req_complete_skb_t *req_complete_skb) 3747 3658 { 3748 3748 - struct hci_ev_cmd_complete *ev = (void *) skb->data; 3659 3659 + struct hci_ev_cmd_complete *ev = data; 3660 3660 + int i; 3749 3661 3750 3662 *opcode = __le16_to_cpu(ev->opcode); 3751 3751 - *status = skb->data[sizeof(*ev)]; 3752 3663 3753 3753 - skb_pull(skb, sizeof(*ev)); 3664 3664 + bt_dev_dbg(hdev, "opcode 0x%4.4x", *opcode); 3754 3665 3755 3755 - switch (*opcode) { 3756 3756 - case HCI_OP_INQUIRY_CANCEL: 3757 3757 - hci_cc_inquiry_cancel(hdev, skb, status); 3758 3758 - break; 3759 3759 - 3760 3760 - case HCI_OP_PERIODIC_INQ: 3761 3761 - hci_cc_periodic_inq(hdev, skb); 3762 3762 - break; 3763 3763 - 3764 3764 - case HCI_OP_EXIT_PERIODIC_INQ: 3765 3765 - hci_cc_exit_periodic_inq(hdev, skb); 3766 3766 - break; 3767 3767 - 3768 3768 - case HCI_OP_REMOTE_NAME_REQ_CANCEL: 3769 3769 - hci_cc_remote_name_req_cancel(hdev, skb); 3770 3770 - break; 3771 3771 - 3772 3772 - case HCI_OP_ROLE_DISCOVERY: 3773 3773 - hci_cc_role_discovery(hdev, skb); 3774 3774 - break; 3775 3775 - 3776 3776 - case HCI_OP_READ_LINK_POLICY: 3777 3777 - hci_cc_read_link_policy(hdev, skb); 3778 3778 - break; 3779 3779 - 3780 3780 - case HCI_OP_WRITE_LINK_POLICY: 3781 3781 - hci_cc_write_link_policy(hdev, skb); 3782 3782 - break; 3783 3783 - 3784 3784 - case HCI_OP_READ_DEF_LINK_POLICY: 3785 3785 - hci_cc_read_def_link_policy(hdev, skb); 3786 3786 - break; 3787 3787 - 3788 3788 - case HCI_OP_WRITE_DEF_LINK_POLICY: 3789 3789 - hci_cc_write_def_link_policy(hdev, skb); 3790 3790 - break; 3791 3791 - 3792 3792 - case HCI_OP_RESET: 3793 3793 - hci_cc_reset(hdev, skb); 3794 3794 - break; 3795 3795 - 3796 3796 - case HCI_OP_READ_STORED_LINK_KEY: 3797 3797 - hci_cc_read_stored_link_key(hdev, skb); 3798 3798 - break; 3799 3799 - 3800 3800 - case HCI_OP_DELETE_STORED_LINK_KEY: 3801 3801 - hci_cc_delete_stored_link_key(hdev, skb); 3802 3802 - break; 3803 3803 - 3804 3804 - case HCI_OP_WRITE_LOCAL_NAME: 3805 3805 - hci_cc_write_local_name(hdev, skb); 3806 3806 - break; 3807 3807 - 3808 3808 - case HCI_OP_READ_LOCAL_NAME: 3809 3809 - hci_cc_read_local_name(hdev, skb); 3810 3810 - break; 3811 3811 - 3812 3812 - case HCI_OP_WRITE_AUTH_ENABLE: 3813 3813 - hci_cc_write_auth_enable(hdev, skb); 3814 3814 - break; 3815 3815 - 3816 3816 - case HCI_OP_WRITE_ENCRYPT_MODE: 3817 3817 - hci_cc_write_encrypt_mode(hdev, skb); 3818 3818 - break; 3819 3819 - 3820 3820 - case HCI_OP_WRITE_SCAN_ENABLE: 3821 3821 - hci_cc_write_scan_enable(hdev, skb); 3822 3822 - break; 3823 3823 - 3824 3824 - case HCI_OP_SET_EVENT_FLT: 3825 3825 - hci_cc_set_event_filter(hdev, skb); 3826 3826 - break; 3827 3827 - 3828 3828 - case HCI_OP_READ_CLASS_OF_DEV: 3829 3829 - hci_cc_read_class_of_dev(hdev, skb); 3830 3830 - break; 3831 3831 - 3832 3832 - case HCI_OP_WRITE_CLASS_OF_DEV: 3833 3833 - hci_cc_write_class_of_dev(hdev, skb); 3834 3834 - break; 3835 3835 - 3836 3836 - case HCI_OP_READ_VOICE_SETTING: 3837 3837 - hci_cc_read_voice_setting(hdev, skb); 3838 3838 - break; 3839 3839 - 3840 3840 - case HCI_OP_WRITE_VOICE_SETTING: 3841 3841 - hci_cc_write_voice_setting(hdev, skb); 3842 3842 - break; 3843 3843 - 3844 3844 - case HCI_OP_READ_NUM_SUPPORTED_IAC: 3845 3845 - hci_cc_read_num_supported_iac(hdev, skb); 3846 3846 - break; 3847 3847 - 3848 3848 - case HCI_OP_WRITE_SSP_MODE: 3849 3849 - hci_cc_write_ssp_mode(hdev, skb); 3850 3850 - break; 3851 3851 - 3852 3852 - case HCI_OP_WRITE_SC_SUPPORT: 3853 3853 - hci_cc_write_sc_support(hdev, skb); 3854 3854 - break; 3855 3855 - 3856 3856 - case HCI_OP_READ_AUTH_PAYLOAD_TO: 3857 3857 - hci_cc_read_auth_payload_timeout(hdev, skb); 3858 3858 - break; 3859 3859 - 3860 3860 - case HCI_OP_WRITE_AUTH_PAYLOAD_TO: 3861 3861 - hci_cc_write_auth_payload_timeout(hdev, skb); 3862 3862 - break; 3863 3863 - 3864 3864 - case HCI_OP_READ_LOCAL_VERSION: 3865 3865 - hci_cc_read_local_version(hdev, skb); 3866 3866 - break; 3867 3867 - 3868 3868 - case HCI_OP_READ_LOCAL_COMMANDS: 3869 3869 - hci_cc_read_local_commands(hdev, skb); 3870 3870 - break; 3871 3871 - 3872 3872 - case HCI_OP_READ_LOCAL_FEATURES: 3873 3873 - hci_cc_read_local_features(hdev, skb); 3874 3874 - break; 3875 3875 - 3876 3876 - case HCI_OP_READ_LOCAL_EXT_FEATURES: 3877 3877 - hci_cc_read_local_ext_features(hdev, skb); 3878 3878 - break; 3879 3879 - 3880 3880 - case HCI_OP_READ_BUFFER_SIZE: 3881 3881 - hci_cc_read_buffer_size(hdev, skb); 3882 3882 - break; 3883 3883 - 3884 3884 - case HCI_OP_READ_BD_ADDR: 3885 3885 - hci_cc_read_bd_addr(hdev, skb); 3886 3886 - break; 3887 3887 - 3888 3888 - case HCI_OP_READ_LOCAL_PAIRING_OPTS: 3889 3889 - hci_cc_read_local_pairing_opts(hdev, skb); 3890 3890 - break; 3891 3891 - 3892 3892 - case HCI_OP_READ_PAGE_SCAN_ACTIVITY: 3893 3893 - hci_cc_read_page_scan_activity(hdev, skb); 3894 3894 - break; 3895 3895 - 3896 3896 - case HCI_OP_WRITE_PAGE_SCAN_ACTIVITY: 3897 3897 - hci_cc_write_page_scan_activity(hdev, skb); 3898 3898 - break; 3899 3899 - 3900 3900 - case HCI_OP_READ_PAGE_SCAN_TYPE: 3901 3901 - hci_cc_read_page_scan_type(hdev, skb); 3902 3902 - break; 3903 3903 - 3904 3904 - case HCI_OP_WRITE_PAGE_SCAN_TYPE: 3905 3905 - hci_cc_write_page_scan_type(hdev, skb); 3906 3906 - break; 3907 3907 - 3908 3908 - case HCI_OP_READ_DATA_BLOCK_SIZE: 3909 3909 - hci_cc_read_data_block_size(hdev, skb); 3910 3910 - break; 3911 3911 - 3912 3912 - case HCI_OP_READ_FLOW_CONTROL_MODE: 3913 3913 - hci_cc_read_flow_control_mode(hdev, skb); 3914 3914 - break; 3915 3915 - 3916 3916 - case HCI_OP_READ_LOCAL_AMP_INFO: 3917 3917 - hci_cc_read_local_amp_info(hdev, skb); 3918 3918 - break; 3919 3919 - 3920 3920 - case HCI_OP_READ_CLOCK: 3921 3921 - hci_cc_read_clock(hdev, skb); 3922 3922 - break; 3923 3923 - 3924 3924 - case HCI_OP_READ_INQ_RSP_TX_POWER: 3925 3925 - hci_cc_read_inq_rsp_tx_power(hdev, skb); 3926 3926 - break; 3927 3927 - 3928 3928 - case HCI_OP_READ_DEF_ERR_DATA_REPORTING: 3929 3929 - hci_cc_read_def_err_data_reporting(hdev, skb); 3930 3930 - break; 3931 3931 - 3932 3932 - case HCI_OP_WRITE_DEF_ERR_DATA_REPORTING: 3933 3933 - hci_cc_write_def_err_data_reporting(hdev, skb); 3934 3934 - break; 3935 3935 - 3936 3936 - case HCI_OP_PIN_CODE_REPLY: 3937 3937 - hci_cc_pin_code_reply(hdev, skb); 3938 3938 - break; 3939 3939 - 3940 3940 - case HCI_OP_PIN_CODE_NEG_REPLY: 3941 3941 - hci_cc_pin_code_neg_reply(hdev, skb); 3942 3942 - break; 3943 3943 - 3944 3944 - case HCI_OP_READ_LOCAL_OOB_DATA: 3945 3945 - hci_cc_read_local_oob_data(hdev, skb); 3946 3946 - break; 3947 3947 - 3948 3948 - case HCI_OP_READ_LOCAL_OOB_EXT_DATA: 3949 3949 - hci_cc_read_local_oob_ext_data(hdev, skb); 3950 3950 - break; 3951 3951 - 3952 3952 - case HCI_OP_LE_READ_BUFFER_SIZE: 3953 3953 - hci_cc_le_read_buffer_size(hdev, skb); 3954 3954 - break; 3955 3955 - 3956 3956 - case HCI_OP_LE_READ_LOCAL_FEATURES: 3957 3957 - hci_cc_le_read_local_features(hdev, skb); 3958 3958 - break; 3959 3959 - 3960 3960 - case HCI_OP_LE_READ_ADV_TX_POWER: 3961 3961 - hci_cc_le_read_adv_tx_power(hdev, skb); 3962 3962 - break; 3963 3963 - 3964 3964 - case HCI_OP_USER_CONFIRM_REPLY: 3965 3965 - hci_cc_user_confirm_reply(hdev, skb); 3966 3966 - break; 3967 3967 - 3968 3968 - case HCI_OP_USER_CONFIRM_NEG_REPLY: 3969 3969 - hci_cc_user_confirm_neg_reply(hdev, skb); 3970 3970 - break; 3971 3971 - 3972 3972 - case HCI_OP_USER_PASSKEY_REPLY: 3973 3973 - hci_cc_user_passkey_reply(hdev, skb); 3974 3974 - break; 3975 3975 - 3976 3976 - case HCI_OP_USER_PASSKEY_NEG_REPLY: 3977 3977 - hci_cc_user_passkey_neg_reply(hdev, skb); 3978 3978 - break; 3979 3979 - 3980 3980 - case HCI_OP_LE_SET_RANDOM_ADDR: 3981 3981 - hci_cc_le_set_random_addr(hdev, skb); 3982 3982 - break; 3983 3983 - 3984 3984 - case HCI_OP_LE_SET_ADV_ENABLE: 3985 3985 - hci_cc_le_set_adv_enable(hdev, skb); 3986 3986 - break; 3987 3987 - 3988 3988 - case HCI_OP_LE_SET_SCAN_PARAM: 3989 3989 - hci_cc_le_set_scan_param(hdev, skb); 3990 3990 - break; 3991 3991 - 3992 3992 - case HCI_OP_LE_SET_SCAN_ENABLE: 3993 3993 - hci_cc_le_set_scan_enable(hdev, skb); 3994 3994 - break; 3995 3995 - 3996 3996 - case HCI_OP_LE_READ_ACCEPT_LIST_SIZE: 3997 3997 - hci_cc_le_read_accept_list_size(hdev, skb); 3998 3998 - break; 3999 3999 - 4000 4000 - case HCI_OP_LE_CLEAR_ACCEPT_LIST: 4001 4001 - hci_cc_le_clear_accept_list(hdev, skb); 4002 4002 - break; 4003 4003 - 4004 4004 - case HCI_OP_LE_ADD_TO_ACCEPT_LIST: 4005 4005 - hci_cc_le_add_to_accept_list(hdev, skb); 4006 4006 - break; 4007 4007 - 4008 4008 - case HCI_OP_LE_DEL_FROM_ACCEPT_LIST: 4009 4009 - hci_cc_le_del_from_accept_list(hdev, skb); 4010 4010 - break; 4011 4011 - 4012 4012 - case HCI_OP_LE_READ_SUPPORTED_STATES: 4013 4013 - hci_cc_le_read_supported_states(hdev, skb); 4014 4014 - break; 4015 4015 - 4016 4016 - case HCI_OP_LE_READ_DEF_DATA_LEN: 4017 4017 - hci_cc_le_read_def_data_len(hdev, skb); 4018 4018 - break; 4019 4019 - 4020 4020 - case HCI_OP_LE_WRITE_DEF_DATA_LEN: 4021 4021 - hci_cc_le_write_def_data_len(hdev, skb); 4022 4022 - break; 4023 4023 - 4024 4024 - case HCI_OP_LE_ADD_TO_RESOLV_LIST: 4025 4025 - hci_cc_le_add_to_resolv_list(hdev, skb); 4026 4026 - break; 4027 4027 - 4028 4028 - case HCI_OP_LE_DEL_FROM_RESOLV_LIST: 4029 4029 - hci_cc_le_del_from_resolv_list(hdev, skb); 4030 4030 - break; 4031 4031 - 4032 4032 - case HCI_OP_LE_CLEAR_RESOLV_LIST: 4033 4033 - hci_cc_le_clear_resolv_list(hdev, skb); 4034 4034 - break; 4035 4035 - 4036 4036 - case HCI_OP_LE_READ_RESOLV_LIST_SIZE: 4037 4037 - hci_cc_le_read_resolv_list_size(hdev, skb); 4038 4038 - break; 4039 4039 - 4040 4040 - case HCI_OP_LE_SET_ADDR_RESOLV_ENABLE: 4041 4041 - hci_cc_le_set_addr_resolution_enable(hdev, skb); 4042 4042 - break; 4043 4043 - 4044 4044 - case HCI_OP_LE_READ_MAX_DATA_LEN: 4045 4045 - hci_cc_le_read_max_data_len(hdev, skb); 4046 4046 - break; 4047 4047 - 4048 4048 - case HCI_OP_WRITE_LE_HOST_SUPPORTED: 4049 4049 - hci_cc_write_le_host_supported(hdev, skb); 4050 4050 - break; 4051 4051 - 4052 4052 - case HCI_OP_LE_SET_ADV_PARAM: 4053 4053 - hci_cc_set_adv_param(hdev, skb); 4054 4054 - break; 4055 4055 - 4056 4056 - case HCI_OP_READ_RSSI: 4057 4057 - hci_cc_read_rssi(hdev, skb); 4058 4058 - break; 4059 4059 - 4060 4060 - case HCI_OP_READ_TX_POWER: 4061 4061 - hci_cc_read_tx_power(hdev, skb); 4062 4062 - break; 4063 4063 - 4064 4064 - case HCI_OP_WRITE_SSP_DEBUG_MODE: 4065 4065 - hci_cc_write_ssp_debug_mode(hdev, skb); 4066 4066 - break; 4067 4067 - 4068 4068 - case HCI_OP_LE_SET_EXT_SCAN_PARAMS: 4069 4069 - hci_cc_le_set_ext_scan_param(hdev, skb); 4070 4070 - break; 4071 4071 - 4072 4072 - case HCI_OP_LE_SET_EXT_SCAN_ENABLE: 4073 4073 - hci_cc_le_set_ext_scan_enable(hdev, skb); 4074 4074 - break; 4075 4075 - 4076 4076 - case HCI_OP_LE_SET_DEFAULT_PHY: 4077 4077 - hci_cc_le_set_default_phy(hdev, skb); 4078 4078 - break; 4079 4079 - 4080 4080 - case HCI_OP_LE_READ_NUM_SUPPORTED_ADV_SETS: 4081 4081 - hci_cc_le_read_num_adv_sets(hdev, skb); 4082 4082 - break; 4083 4083 - 4084 4084 - case HCI_OP_LE_SET_EXT_ADV_PARAMS: 4085 4085 - hci_cc_set_ext_adv_param(hdev, skb); 4086 4086 - break; 4087 4087 - 4088 4088 - case HCI_OP_LE_SET_EXT_ADV_ENABLE: 4089 4089 - hci_cc_le_set_ext_adv_enable(hdev, skb); 4090 4090 - break; 4091 4091 - 4092 4092 - case HCI_OP_LE_SET_ADV_SET_RAND_ADDR: 4093 4093 - hci_cc_le_set_adv_set_random_addr(hdev, skb); 4094 4094 - break; 4095 4095 - 4096 4096 - case HCI_OP_LE_REMOVE_ADV_SET: 4097 4097 - hci_cc_le_remove_adv_set(hdev, skb); 4098 4098 - break; 4099 4099 - 4100 4100 - case HCI_OP_LE_CLEAR_ADV_SETS: 4101 4101 - hci_cc_le_clear_adv_sets(hdev, skb); 4102 4102 - break; 4103 4103 - 4104 4104 - case HCI_OP_LE_READ_TRANSMIT_POWER: 4105 4105 - hci_cc_le_read_transmit_power(hdev, skb); 4106 4106 - break; 4107 4107 - 4108 4108 - default: 4109 4109 - BT_DBG("%s opcode 0x%4.4x", hdev->name, *opcode); 4110 4110 - break; 3666 3666 + for (i = 0; i < ARRAY_SIZE(hci_cc_table); i++) { 3667 3667 + if (hci_cc_table[i].op == *opcode) { 3668 3668 + *status = hci_cc_func(hdev, &hci_cc_table[i], skb); 3669 3669 + break; 3670 3670 + } 4111 3671 } 4112 3672 4113 3673 handle_cmd_cnt_and_timer(hdev, ev->ncmd); ··· 3978 3832 queue_work(hdev->workqueue, &hdev->cmd_work); 3979 3833 } 3980 3834 3981 3981 - static void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb, 3982 3982 - u16 *opcode, u8 *status, 3835 3835 + #define HCI_CS(_op, _func) \ 3836 3836 + { \ 3837 3837 + .op = _op, \ 3838 3838 + .func = _func, \ 3839 3839 + } 3840 3840 + 3841 3841 + static const struct hci_cs { 3842 3842 + u16 op; 3843 3843 + void (*func)(struct hci_dev *hdev, __u8 status); 3844 3844 + } hci_cs_table[] = { 3845 3845 + HCI_CS(HCI_OP_INQUIRY, hci_cs_inquiry), 3846 3846 + HCI_CS(HCI_OP_CREATE_CONN, hci_cs_create_conn), 3847 3847 + HCI_CS(HCI_OP_DISCONNECT, hci_cs_disconnect), 3848 3848 + HCI_CS(HCI_OP_ADD_SCO, hci_cs_add_sco), 3849 3849 + HCI_CS(HCI_OP_AUTH_REQUESTED, hci_cs_auth_requested), 3850 3850 + HCI_CS(HCI_OP_SET_CONN_ENCRYPT, hci_cs_set_conn_encrypt), 3851 3851 + HCI_CS(HCI_OP_REMOTE_NAME_REQ, hci_cs_remote_name_req), 3852 3852 + HCI_CS(HCI_OP_READ_REMOTE_FEATURES, hci_cs_read_remote_features), 3853 3853 + HCI_CS(HCI_OP_READ_REMOTE_EXT_FEATURES, 3854 3854 + hci_cs_read_remote_ext_features), 3855 3855 + HCI_CS(HCI_OP_SETUP_SYNC_CONN, hci_cs_setup_sync_conn), 3856 3856 + HCI_CS(HCI_OP_ENHANCED_SETUP_SYNC_CONN, 3857 3857 + hci_cs_enhanced_setup_sync_conn), 3858 3858 + HCI_CS(HCI_OP_SNIFF_MODE, hci_cs_sniff_mode), 3859 3859 + HCI_CS(HCI_OP_EXIT_SNIFF_MODE, hci_cs_exit_sniff_mode), 3860 3860 + HCI_CS(HCI_OP_SWITCH_ROLE, hci_cs_switch_role), 3861 3861 + HCI_CS(HCI_OP_LE_CREATE_CONN, hci_cs_le_create_conn), 3862 3862 + HCI_CS(HCI_OP_LE_READ_REMOTE_FEATURES, hci_cs_le_read_remote_features), 3863 3863 + HCI_CS(HCI_OP_LE_START_ENC, hci_cs_le_start_enc), 3864 3864 + HCI_CS(HCI_OP_LE_EXT_CREATE_CONN, hci_cs_le_ext_create_conn) 3865 3865 + }; 3866 3866 + 3867 3867 + static void hci_cmd_status_evt(struct hci_dev *hdev, void *data, 3868 3868 + struct sk_buff *skb, u16 *opcode, u8 *status, 3983 3869 hci_req_complete_t *req_complete, 3984 3870 hci_req_complete_skb_t *req_complete_skb) 3985 3871 { 3986 3986 - struct hci_ev_cmd_status *ev = (void *) skb->data; 3987 3987 - 3988 3988 - skb_pull(skb, sizeof(*ev)); 3872 3872 + struct hci_ev_cmd_status *ev = data; 3873 3873 + int i; 3989 3874 3990 3875 *opcode = __le16_to_cpu(ev->opcode); 3991 3876 *status = ev->status; 3992 3877 3993 3993 - switch (*opcode) { 3994 3994 - case HCI_OP_INQUIRY: 3995 3995 - hci_cs_inquiry(hdev, ev->status); 3996 3996 - break; 3878 3878 + bt_dev_dbg(hdev, "opcode 0x%4.4x", *opcode); 3997 3879 3998 3998 - case HCI_OP_CREATE_CONN: 3999 3999 - hci_cs_create_conn(hdev, ev->status); 4000 4000 - break; 4001 4001 - 4002 4002 - case HCI_OP_DISCONNECT: 4003 4003 - hci_cs_disconnect(hdev, ev->status); 4004 4004 - break; 4005 4005 - 4006 4006 - case HCI_OP_ADD_SCO: 4007 4007 - hci_cs_add_sco(hdev, ev->status); 4008 4008 - break; 4009 4009 - 4010 4010 - case HCI_OP_AUTH_REQUESTED: 4011 4011 - hci_cs_auth_requested(hdev, ev->status); 4012 4012 - break; 4013 4013 - 4014 4014 - case HCI_OP_SET_CONN_ENCRYPT: 4015 4015 - hci_cs_set_conn_encrypt(hdev, ev->status); 4016 4016 - break; 4017 4017 - 4018 4018 - case HCI_OP_REMOTE_NAME_REQ: 4019 4019 - hci_cs_remote_name_req(hdev, ev->status); 4020 4020 - break; 4021 4021 - 4022 4022 - case HCI_OP_READ_REMOTE_FEATURES: 4023 4023 - hci_cs_read_remote_features(hdev, ev->status); 4024 4024 - break; 4025 4025 - 4026 4026 - case HCI_OP_READ_REMOTE_EXT_FEATURES: 4027 4027 - hci_cs_read_remote_ext_features(hdev, ev->status); 4028 4028 - break; 4029 4029 - 4030 4030 - case HCI_OP_SETUP_SYNC_CONN: 4031 4031 - hci_cs_setup_sync_conn(hdev, ev->status); 4032 4032 - break; 4033 4033 - 4034 4034 - case HCI_OP_ENHANCED_SETUP_SYNC_CONN: 4035 4035 - hci_cs_enhanced_setup_sync_conn(hdev, ev->status); 4036 4036 - break; 4037 4037 - 4038 4038 - case HCI_OP_SNIFF_MODE: 4039 4039 - hci_cs_sniff_mode(hdev, ev->status); 4040 4040 - break; 4041 4041 - 4042 4042 - case HCI_OP_EXIT_SNIFF_MODE: 4043 4043 - hci_cs_exit_sniff_mode(hdev, ev->status); 4044 4044 - break; 4045 4045 - 4046 4046 - case HCI_OP_SWITCH_ROLE: 4047 4047 - hci_cs_switch_role(hdev, ev->status); 4048 4048 - break; 4049 4049 - 4050 4050 - case HCI_OP_LE_CREATE_CONN: 4051 4051 - hci_cs_le_create_conn(hdev, ev->status); 4052 4052 - break; 4053 4053 - 4054 4054 - case HCI_OP_LE_READ_REMOTE_FEATURES: 4055 4055 - hci_cs_le_read_remote_features(hdev, ev->status); 4056 4056 - break; 4057 4057 - 4058 4058 - case HCI_OP_LE_START_ENC: 4059 4059 - hci_cs_le_start_enc(hdev, ev->status); 4060 4060 - break; 4061 4061 - 4062 4062 - case HCI_OP_LE_EXT_CREATE_CONN: 4063 4063 - hci_cs_le_ext_create_conn(hdev, ev->status); 4064 4064 - break; 4065 4065 - 4066 4066 - default: 4067 4067 - BT_DBG("%s opcode 0x%4.4x", hdev->name, *opcode); 4068 4068 - break; 3880 3880 + for (i = 0; i < ARRAY_SIZE(hci_cs_table); i++) { 3881 3881 + if (hci_cs_table[i].op == *opcode) { 3882 3882 + hci_cs_table[i].func(hdev, ev->status); 3883 3883 + break; 3884 3884 + } 4069 3885 } 4070 3886 4071 3887 handle_cmd_cnt_and_timer(hdev, ev->ncmd); ··· 4038 3930 * (since for this kind of commands there will not be a command 4039 3931 * complete event). 4040 3932 */ 4041 4041 - if (ev->status || 4042 4042 - (hdev->sent_cmd && !bt_cb(hdev->sent_cmd)->hci.req_event)) 3933 3933 + if (ev->status || (hdev->sent_cmd && !hci_skb_event(hdev->sent_cmd))) { 4043 3934 hci_req_cmd_complete(hdev, *opcode, ev->status, req_complete, 4044 3935 req_complete_skb); 4045 4045 - 4046 4046 - if (hci_dev_test_flag(hdev, HCI_CMD_PENDING)) { 4047 4047 - bt_dev_err(hdev, 4048 4048 - "unexpected event for opcode 0x%4.4x", *opcode); 4049 4049 - return; 3936 3936 + if (hci_dev_test_flag(hdev, HCI_CMD_PENDING)) { 3937 3937 + bt_dev_err(hdev, "unexpected event for opcode 0x%4.4x", 3938 3938 + *opcode); 3939 3939 + return; 3940 3940 + } 4050 3941 } 4051 3942 4052 3943 if (atomic_read(&hdev->cmd_cnt) && !skb_queue_empty(&hdev->cmd_q)) 4053 3944 queue_work(hdev->workqueue, &hdev->cmd_work); 4054 3945 } 4055 3946 4056 4056 - static void hci_hardware_error_evt(struct hci_dev *hdev, struct sk_buff *skb) 3947 3947 + static void hci_hardware_error_evt(struct hci_dev *hdev, void *data, 3948 3948 + struct sk_buff *skb) 4057 3949 { 4058 4058 - struct hci_ev_hardware_error *ev = (void *) skb->data; 3950 3950 + struct hci_ev_hardware_error *ev = data; 3951 3951 + 3952 3952 + bt_dev_dbg(hdev, "code 0x%2.2x", ev->code); 4059 3953 4060 3954 hdev->hw_error_code = ev->code; 4061 3955 4062 3956 queue_work(hdev->req_workqueue, &hdev->error_reset); 4063 3957 } 4064 3958 4065 4065 - static void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb) 3959 3959 + static void hci_role_change_evt(struct hci_dev *hdev, void *data, 3960 3960 + struct sk_buff *skb) 4066 3961 { 4067 4067 - struct hci_ev_role_change *ev = (void *) skb->data; 3962 3962 + struct hci_ev_role_change *ev = data; 4068 3963 struct hci_conn *conn; 4069 3964 4070 4070 - BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); 3965 3965 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 4071 3966 4072 3967 hci_dev_lock(hdev); 4073 3968 ··· 4087 3976 hci_dev_unlock(hdev); 4088 3977 } 4089 3978 4090 4090 - static void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb) 3979 3979 + static void hci_num_comp_pkts_evt(struct hci_dev *hdev, void *data, 3980 3980 + struct sk_buff *skb) 4091 3981 { 4092 4092 - struct hci_ev_num_comp_pkts *ev = (void *) skb->data; 3982 3982 + struct hci_ev_num_comp_pkts *ev = data; 4093 3983 int i; 3984 3984 + 3985 3985 + if (!hci_ev_skb_pull(hdev, skb, HCI_EV_NUM_COMP_PKTS, 3986 3986 + flex_array_size(ev, handles, ev->num))) 3987 3987 + return; 4094 3988 4095 3989 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) { 4096 3990 bt_dev_err(hdev, "wrong event for mode %d", hdev->flow_ctl_mode); 4097 3991 return; 4098 3992 } 4099 3993 4100 4100 - if (skb->len < sizeof(*ev) || 4101 4101 - skb->len < struct_size(ev, handles, ev->num_hndl)) { 4102 4102 - BT_DBG("%s bad parameters", hdev->name); 4103 4103 - return; 4104 4104 - } 3994 3994 + bt_dev_dbg(hdev, "num %d", ev->num); 4105 3995 4106 4106 - BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl); 4107 4107 - 4108 4108 - for (i = 0; i < ev->num_hndl; i++) { 3996 3996 + for (i = 0; i < ev->num; i++) { 4109 3997 struct hci_comp_pkts_info *info = &ev->handles[i]; 4110 3998 struct hci_conn *conn; 4111 3999 __u16 handle, count; ··· 4174 4064 return NULL; 4175 4065 } 4176 4066 4177 4177 - static void hci_num_comp_blocks_evt(struct hci_dev *hdev, struct sk_buff *skb) 4067 4067 + static void hci_num_comp_blocks_evt(struct hci_dev *hdev, void *data, 4068 4068 + struct sk_buff *skb) 4178 4069 { 4179 4179 - struct hci_ev_num_comp_blocks *ev = (void *) skb->data; 4070 4070 + struct hci_ev_num_comp_blocks *ev = data; 4180 4071 int i; 4181 4072 4073 4073 + if (!hci_ev_skb_pull(hdev, skb, HCI_EV_NUM_COMP_BLOCKS, 4074 4074 + flex_array_size(ev, handles, ev->num_hndl))) 4075 4075 + return; 4076 4076 + 4182 4077 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) { 4183 4183 - bt_dev_err(hdev, "wrong event for mode %d", hdev->flow_ctl_mode); 4078 4078 + bt_dev_err(hdev, "wrong event for mode %d", 4079 4079 + hdev->flow_ctl_mode); 4184 4080 return; 4185 4081 } 4186 4082 4187 4187 - if (skb->len < sizeof(*ev) || 4188 4188 - skb->len < struct_size(ev, handles, ev->num_hndl)) { 4189 4189 - BT_DBG("%s bad parameters", hdev->name); 4190 4190 - return; 4191 4191 - } 4192 4192 - 4193 4193 - BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks, 4194 4194 - ev->num_hndl); 4083 4083 + bt_dev_dbg(hdev, "num_blocks %d num_hndl %d", ev->num_blocks, 4084 4084 + ev->num_hndl); 4195 4085 4196 4086 for (i = 0; i < ev->num_hndl; i++) { 4197 4087 struct hci_comp_blocks_info *info = &ev->handles[i]; ··· 4225 4115 queue_work(hdev->workqueue, &hdev->tx_work); 4226 4116 } 4227 4117 4228 4228 - static void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb) 4118 4118 + static void hci_mode_change_evt(struct hci_dev *hdev, void *data, 4119 4119 + struct sk_buff *skb) 4229 4120 { 4230 4230 - struct hci_ev_mode_change *ev = (void *) skb->data; 4121 4121 + struct hci_ev_mode_change *ev = data; 4231 4122 struct hci_conn *conn; 4232 4123 4233 4233 - BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); 4124 4124 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 4234 4125 4235 4126 hci_dev_lock(hdev); 4236 4127 ··· 4254 4143 hci_dev_unlock(hdev); 4255 4144 } 4256 4145 4257 4257 - static void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb) 4146 4146 + static void hci_pin_code_request_evt(struct hci_dev *hdev, void *data, 4147 4147 + struct sk_buff *skb) 4258 4148 { 4259 4259 - struct hci_ev_pin_code_req *ev = (void *) skb->data; 4149 4149 + struct hci_ev_pin_code_req *ev = data; 4260 4150 struct hci_conn *conn; 4261 4151 4262 4262 - BT_DBG("%s", hdev->name); 4152 4152 + bt_dev_dbg(hdev, ""); 4263 4153 4264 4154 hci_dev_lock(hdev); 4265 4155 ··· 4325 4213 } 4326 4214 } 4327 4215 4328 4328 - static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb) 4216 4216 + static void hci_link_key_request_evt(struct hci_dev *hdev, void *data, 4217 4217 + struct sk_buff *skb) 4329 4218 { 4330 4330 - struct hci_ev_link_key_req *ev = (void *) skb->data; 4219 4219 + struct hci_ev_link_key_req *ev = data; 4331 4220 struct hci_cp_link_key_reply cp; 4332 4221 struct hci_conn *conn; 4333 4222 struct link_key *key; 4334 4223 4335 4335 - BT_DBG("%s", hdev->name); 4224 4224 + bt_dev_dbg(hdev, ""); 4336 4225 4337 4226 if (!hci_dev_test_flag(hdev, HCI_MGMT)) 4338 4227 return; ··· 4342 4229 4343 4230 key = hci_find_link_key(hdev, &ev->bdaddr); 4344 4231 if (!key) { 4345 4345 - BT_DBG("%s link key not found for %pMR", hdev->name, 4346 4346 - &ev->bdaddr); 4232 4232 + bt_dev_dbg(hdev, "link key not found for %pMR", &ev->bdaddr); 4347 4233 goto not_found; 4348 4234 } 4349 4235 4350 4350 - BT_DBG("%s found key type %u for %pMR", hdev->name, key->type, 4351 4351 - &ev->bdaddr); 4236 4236 + bt_dev_dbg(hdev, "found key type %u for %pMR", key->type, &ev->bdaddr); 4352 4237 4353 4238 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 4354 4239 if (conn) { ··· 4355 4244 if ((key->type == HCI_LK_UNAUTH_COMBINATION_P192 || 4356 4245 key->type == HCI_LK_UNAUTH_COMBINATION_P256) && 4357 4246 conn->auth_type != 0xff && (conn->auth_type & 0x01)) { 4358 4358 - BT_DBG("%s ignoring unauthenticated key", hdev->name); 4247 4247 + bt_dev_dbg(hdev, "ignoring unauthenticated key"); 4359 4248 goto not_found; 4360 4249 } 4361 4250 4362 4251 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 && 4363 4252 (conn->pending_sec_level == BT_SECURITY_HIGH || 4364 4253 conn->pending_sec_level == BT_SECURITY_FIPS)) { 4365 4365 - BT_DBG("%s ignoring key unauthenticated for high security", 4366 4366 - hdev->name); 4254 4254 + bt_dev_dbg(hdev, "ignoring key unauthenticated for high security"); 4367 4255 goto not_found; 4368 4256 } 4369 4257 ··· 4383 4273 hci_dev_unlock(hdev); 4384 4274 } 4385 4275 4386 4386 - static void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb) 4276 4276 + static void hci_link_key_notify_evt(struct hci_dev *hdev, void *data, 4277 4277 + struct sk_buff *skb) 4387 4278 { 4388 4388 - struct hci_ev_link_key_notify *ev = (void *) skb->data; 4279 4279 + struct hci_ev_link_key_notify *ev = data; 4389 4280 struct hci_conn *conn; 4390 4281 struct link_key *key; 4391 4282 bool persistent; 4392 4283 u8 pin_len = 0; 4393 4284 4394 4394 - BT_DBG("%s", hdev->name); 4285 4285 + bt_dev_dbg(hdev, ""); 4395 4286 4396 4287 hci_dev_lock(hdev); 4397 4288 ··· 4444 4333 hci_dev_unlock(hdev); 4445 4334 } 4446 4335 4447 4447 - static void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb) 4336 4336 + static void hci_clock_offset_evt(struct hci_dev *hdev, void *data, 4337 4337 + struct sk_buff *skb) 4448 4338 { 4449 4449 - struct hci_ev_clock_offset *ev = (void *) skb->data; 4339 4339 + struct hci_ev_clock_offset *ev = data; 4450 4340 struct hci_conn *conn; 4451 4341 4452 4452 - BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); 4342 4342 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 4453 4343 4454 4344 hci_dev_lock(hdev); 4455 4345 ··· 4468 4356 hci_dev_unlock(hdev); 4469 4357 } 4470 4358 4471 4471 - static void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb) 4359 4359 + static void hci_pkt_type_change_evt(struct hci_dev *hdev, void *data, 4360 4360 + struct sk_buff *skb) 4472 4361 { 4473 4473 - struct hci_ev_pkt_type_change *ev = (void *) skb->data; 4362 4362 + struct hci_ev_pkt_type_change *ev = data; 4474 4363 struct hci_conn *conn; 4475 4364 4476 4476 - BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); 4365 4365 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 4477 4366 4478 4367 hci_dev_lock(hdev); 4479 4368 ··· 4485 4372 hci_dev_unlock(hdev); 4486 4373 } 4487 4374 4488 4488 - static void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb) 4375 4375 + static void hci_pscan_rep_mode_evt(struct hci_dev *hdev, void *data, 4376 4376 + struct sk_buff *skb) 4489 4377 { 4490 4490 - struct hci_ev_pscan_rep_mode *ev = (void *) skb->data; 4378 4378 + struct hci_ev_pscan_rep_mode *ev = data; 4491 4379 struct inquiry_entry *ie; 4492 4380 4493 4493 - BT_DBG("%s", hdev->name); 4381 4381 + bt_dev_dbg(hdev, ""); 4494 4382 4495 4383 hci_dev_lock(hdev); 4496 4384 ··· 4504 4390 hci_dev_unlock(hdev); 4505 4391 } 4506 4392 4507 4507 - static void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, 4393 4393 + static void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, void *edata, 4508 4394 struct sk_buff *skb) 4509 4395 { 4396 4396 + union { 4397 4397 + struct hci_ev_inquiry_result_rssi *res1; 4398 4398 + struct hci_ev_inquiry_result_rssi_pscan *res2; 4399 4399 + } *ev = edata; 4510 4400 struct inquiry_data data; 4511 4511 - int num_rsp = *((__u8 *) skb->data); 4401 4401 + int i; 4512 4402 4513 4513 - BT_DBG("%s num_rsp %d", hdev->name, num_rsp); 4403 4403 + bt_dev_dbg(hdev, "num_rsp %d", ev->res1->num); 4514 4404 4515 4515 - if (!num_rsp) 4405 4405 + if (!ev->res1->num) 4516 4406 return; 4517 4407 4518 4408 if (hci_dev_test_flag(hdev, HCI_PERIODIC_INQ)) ··· 4524 4406 4525 4407 hci_dev_lock(hdev); 4526 4408 4527 4527 - if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) { 4528 4528 - struct inquiry_info_with_rssi_and_pscan_mode *info; 4529 4529 - info = (void *) (skb->data + 1); 4409 4409 + if (skb->len == flex_array_size(ev, res2->info, ev->res2->num)) { 4410 4410 + struct inquiry_info_rssi_pscan *info; 4530 4411 4531 4531 - if (skb->len < num_rsp * sizeof(*info) + 1) 4532 4532 - goto unlock; 4533 4533 - 4534 4534 - for (; num_rsp; num_rsp--, info++) { 4412 4412 + for (i = 0; i < ev->res2->num; i++) { 4535 4413 u32 flags; 4414 4414 + 4415 4415 + info = hci_ev_skb_pull(hdev, skb, 4416 4416 + HCI_EV_INQUIRY_RESULT_WITH_RSSI, 4417 4417 + sizeof(*info)); 4418 4418 + if (!info) { 4419 4419 + bt_dev_err(hdev, "Malformed HCI Event: 0x%2.2x", 4420 4420 + HCI_EV_INQUIRY_RESULT_WITH_RSSI); 4421 4421 + return; 4422 4422 + } 4536 4423 4537 4424 bacpy(&data.bdaddr, &info->bdaddr); 4538 4425 data.pscan_rep_mode = info->pscan_rep_mode; ··· 4554 4431 info->dev_class, info->rssi, 4555 4432 flags, NULL, 0, NULL, 0); 4556 4433 } 4557 4557 - } else { 4558 4558 - struct inquiry_info_with_rssi *info = (void *) (skb->data + 1); 4434 4434 + } else if (skb->len == flex_array_size(ev, res1->info, ev->res1->num)) { 4435 4435 + struct inquiry_info_rssi *info; 4559 4436 4560 4560 - if (skb->len < num_rsp * sizeof(*info) + 1) 4561 4561 - goto unlock; 4562 4562 - 4563 4563 - for (; num_rsp; num_rsp--, info++) { 4437 4437 + for (i = 0; i < ev->res1->num; i++) { 4564 4438 u32 flags; 4439 4439 + 4440 4440 + info = hci_ev_skb_pull(hdev, skb, 4441 4441 + HCI_EV_INQUIRY_RESULT_WITH_RSSI, 4442 4442 + sizeof(*info)); 4443 4443 + if (!info) { 4444 4444 + bt_dev_err(hdev, "Malformed HCI Event: 0x%2.2x", 4445 4445 + HCI_EV_INQUIRY_RESULT_WITH_RSSI); 4446 4446 + return; 4447 4447 + } 4565 4448 4566 4449 bacpy(&data.bdaddr, &info->bdaddr); 4567 4450 data.pscan_rep_mode = info->pscan_rep_mode; ··· 4584 4455 info->dev_class, info->rssi, 4585 4456 flags, NULL, 0, NULL, 0); 4586 4457 } 4458 4458 + } else { 4459 4459 + bt_dev_err(hdev, "Malformed HCI Event: 0x%2.2x", 4460 4460 + HCI_EV_INQUIRY_RESULT_WITH_RSSI); 4587 4461 } 4588 4462 4589 4589 - unlock: 4590 4463 hci_dev_unlock(hdev); 4591 4464 } 4592 4465 4593 4593 - static void hci_remote_ext_features_evt(struct hci_dev *hdev, 4466 4466 + static void hci_remote_ext_features_evt(struct hci_dev *hdev, void *data, 4594 4467 struct sk_buff *skb) 4595 4468 { 4596 4596 - struct hci_ev_remote_ext_features *ev = (void *) skb->data; 4469 4469 + struct hci_ev_remote_ext_features *ev = data; 4597 4470 struct hci_conn *conn; 4598 4471 4599 4599 - BT_DBG("%s", hdev->name); 4472 4472 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 4600 4473 4601 4474 hci_dev_lock(hdev); 4602 4475 ··· 4656 4525 hci_dev_unlock(hdev); 4657 4526 } 4658 4527 4659 4659 - static void hci_sync_conn_complete_evt(struct hci_dev *hdev, 4528 4528 + static void hci_sync_conn_complete_evt(struct hci_dev *hdev, void *data, 4660 4529 struct sk_buff *skb) 4661 4530 { 4662 4662 - struct hci_ev_sync_conn_complete *ev = (void *) skb->data; 4531 4531 + struct hci_ev_sync_conn_complete *ev = data; 4663 4532 struct hci_conn *conn; 4664 4533 4665 4665 - BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); 4534 4534 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 4666 4535 4667 4536 hci_dev_lock(hdev); 4668 4537 ··· 4771 4640 return eir_len; 4772 4641 } 4773 4642 4774 4774 - static void hci_extended_inquiry_result_evt(struct hci_dev *hdev, 4643 4643 + static void hci_extended_inquiry_result_evt(struct hci_dev *hdev, void *edata, 4775 4644 struct sk_buff *skb) 4776 4645 { 4646 4646 + struct hci_ev_ext_inquiry_result *ev = edata; 4777 4647 struct inquiry_data data; 4778 4778 - struct extended_inquiry_info *info = (void *) (skb->data + 1); 4779 4779 - int num_rsp = *((__u8 *) skb->data); 4780 4648 size_t eir_len; 4649 4649 + int i; 4781 4650 4782 4782 - BT_DBG("%s num_rsp %d", hdev->name, num_rsp); 4651 4651 + if (!hci_ev_skb_pull(hdev, skb, HCI_EV_EXTENDED_INQUIRY_RESULT, 4652 4652 + flex_array_size(ev, info, ev->num))) 4653 4653 + return; 4783 4654 4784 4784 - if (!num_rsp || skb->len < num_rsp * sizeof(*info) + 1) 4655 4655 + bt_dev_dbg(hdev, "num %d", ev->num); 4656 4656 + 4657 4657 + if (!ev->num) 4785 4658 return; 4786 4659 4787 4660 if (hci_dev_test_flag(hdev, HCI_PERIODIC_INQ)) ··· 4793 4658 4794 4659 hci_dev_lock(hdev); 4795 4660 4796 4796 - for (; num_rsp; num_rsp--, info++) { 4661 4661 + for (i = 0; i < ev->num; i++) { 4662 4662 + struct extended_inquiry_info *info = &ev->info[i]; 4797 4663 u32 flags; 4798 4664 bool name_known; 4799 4665 ··· 4826 4690 hci_dev_unlock(hdev); 4827 4691 } 4828 4692 4829 4829 - static void hci_key_refresh_complete_evt(struct hci_dev *hdev, 4693 4693 + static void hci_key_refresh_complete_evt(struct hci_dev *hdev, void *data, 4830 4694 struct sk_buff *skb) 4831 4695 { 4832 4832 - struct hci_ev_key_refresh_complete *ev = (void *) skb->data; 4696 4696 + struct hci_ev_key_refresh_complete *ev = data; 4833 4697 struct hci_conn *conn; 4834 4698 4835 4835 - BT_DBG("%s status 0x%2.2x handle 0x%4.4x", hdev->name, ev->status, 4836 4836 - __le16_to_cpu(ev->handle)); 4699 4699 + bt_dev_dbg(hdev, "status 0x%2.2x handle 0x%4.4x", ev->status, 4700 4700 + __le16_to_cpu(ev->handle)); 4837 4701 4838 4702 hci_dev_lock(hdev); 4839 4703 ··· 4936 4800 return 0x01; 4937 4801 } 4938 4802 4939 4939 - static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb) 4803 4803 + static void hci_io_capa_request_evt(struct hci_dev *hdev, void *data, 4804 4804 + struct sk_buff *skb) 4940 4805 { 4941 4941 - struct hci_ev_io_capa_request *ev = (void *) skb->data; 4806 4806 + struct hci_ev_io_capa_request *ev = data; 4942 4807 struct hci_conn *conn; 4943 4808 4944 4944 - BT_DBG("%s", hdev->name); 4809 4809 + bt_dev_dbg(hdev, ""); 4945 4810 4946 4811 hci_dev_lock(hdev); 4947 4812 ··· 5006 4869 hci_dev_unlock(hdev); 5007 4870 } 5008 4871 5009 5009 - static void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb) 4872 4872 + static void hci_io_capa_reply_evt(struct hci_dev *hdev, void *data, 4873 4873 + struct sk_buff *skb) 5010 4874 { 5011 5011 - struct hci_ev_io_capa_reply *ev = (void *) skb->data; 4875 4875 + struct hci_ev_io_capa_reply *ev = data; 5012 4876 struct hci_conn *conn; 5013 4877 5014 5014 - BT_DBG("%s", hdev->name); 4878 4878 + bt_dev_dbg(hdev, ""); 5015 4879 5016 4880 hci_dev_lock(hdev); 5017 4881 ··· 5027 4889 hci_dev_unlock(hdev); 5028 4890 } 5029 4891 5030 5030 - static void hci_user_confirm_request_evt(struct hci_dev *hdev, 4892 4892 + static void hci_user_confirm_request_evt(struct hci_dev *hdev, void *data, 5031 4893 struct sk_buff *skb) 5032 4894 { 5033 5033 - struct hci_ev_user_confirm_req *ev = (void *) skb->data; 4895 4895 + struct hci_ev_user_confirm_req *ev = data; 5034 4896 int loc_mitm, rem_mitm, confirm_hint = 0; 5035 4897 struct hci_conn *conn; 5036 4898 5037 5037 - BT_DBG("%s", hdev->name); 4899 4899 + bt_dev_dbg(hdev, ""); 5038 4900 5039 4901 hci_dev_lock(hdev); 5040 4902 ··· 5055 4917 */ 5056 4918 if (conn->pending_sec_level > BT_SECURITY_MEDIUM && 5057 4919 conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT) { 5058 5058 - BT_DBG("Rejecting request: remote device can't provide MITM"); 4920 4920 + bt_dev_dbg(hdev, "Rejecting request: remote device can't provide MITM"); 5059 4921 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY, 5060 4922 sizeof(ev->bdaddr), &ev->bdaddr); 5061 4923 goto unlock; ··· 5074 4936 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && 5075 4937 conn->io_capability != HCI_IO_NO_INPUT_OUTPUT && 5076 4938 (loc_mitm || rem_mitm)) { 5077 5077 - BT_DBG("Confirming auto-accept as acceptor"); 4939 4939 + bt_dev_dbg(hdev, "Confirming auto-accept as acceptor"); 5078 4940 confirm_hint = 1; 5079 4941 goto confirm; 5080 4942 } ··· 5112 4974 hci_dev_unlock(hdev); 5113 4975 } 5114 4976 5115 5115 - static void hci_user_passkey_request_evt(struct hci_dev *hdev, 4977 4977 + static void hci_user_passkey_request_evt(struct hci_dev *hdev, void *data, 5116 4978 struct sk_buff *skb) 5117 4979 { 5118 5118 - struct hci_ev_user_passkey_req *ev = (void *) skb->data; 4980 4980 + struct hci_ev_user_passkey_req *ev = data; 5119 4981 5120 5120 - BT_DBG("%s", hdev->name); 4982 4982 + bt_dev_dbg(hdev, ""); 5121 4983 5122 4984 if (hci_dev_test_flag(hdev, HCI_MGMT)) 5123 4985 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0); 5124 4986 } 5125 4987 5126 5126 - static void hci_user_passkey_notify_evt(struct hci_dev *hdev, 4988 4988 + static void hci_user_passkey_notify_evt(struct hci_dev *hdev, void *data, 5127 4989 struct sk_buff *skb) 5128 4990 { 5129 5129 - struct hci_ev_user_passkey_notify *ev = (void *) skb->data; 4991 4991 + struct hci_ev_user_passkey_notify *ev = data; 5130 4992 struct hci_conn *conn; 5131 4993 5132 5132 - BT_DBG("%s", hdev->name); 4994 4994 + bt_dev_dbg(hdev, ""); 5133 4995 5134 4996 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 5135 4997 if (!conn) ··· 5144 5006 conn->passkey_entered); 5145 5007 } 5146 5008 5147 5147 - static void hci_keypress_notify_evt(struct hci_dev *hdev, struct sk_buff *skb) 5009 5009 + static void hci_keypress_notify_evt(struct hci_dev *hdev, void *data, 5010 5010 + struct sk_buff *skb) 5148 5011 { 5149 5149 - struct hci_ev_keypress_notify *ev = (void *) skb->data; 5012 5012 + struct hci_ev_keypress_notify *ev = data; 5150 5013 struct hci_conn *conn; 5151 5014 5152 5152 - BT_DBG("%s", hdev->name); 5015 5015 + bt_dev_dbg(hdev, ""); 5153 5016 5154 5017 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); 5155 5018 if (!conn) ··· 5183 5044 conn->passkey_entered); 5184 5045 } 5185 5046 5186 5186 - static void hci_simple_pair_complete_evt(struct hci_dev *hdev, 5047 5047 + static void hci_simple_pair_complete_evt(struct hci_dev *hdev, void *data, 5187 5048 struct sk_buff *skb) 5188 5049 { 5189 5189 - struct hci_ev_simple_pair_complete *ev = (void *) skb->data; 5050 5050 + struct hci_ev_simple_pair_complete *ev = data; 5190 5051 struct hci_conn *conn; 5191 5052 5192 5192 - BT_DBG("%s", hdev->name); 5053 5053 + bt_dev_dbg(hdev, ""); 5193 5054 5194 5055 hci_dev_lock(hdev); 5195 5056 ··· 5214 5075 hci_dev_unlock(hdev); 5215 5076 } 5216 5077 5217 5217 - static void hci_remote_host_features_evt(struct hci_dev *hdev, 5078 5078 + static void hci_remote_host_features_evt(struct hci_dev *hdev, void *data, 5218 5079 struct sk_buff *skb) 5219 5080 { 5220 5220 - struct hci_ev_remote_host_features *ev = (void *) skb->data; 5081 5081 + struct hci_ev_remote_host_features *ev = data; 5221 5082 struct inquiry_entry *ie; 5222 5083 struct hci_conn *conn; 5223 5084 5224 5224 - BT_DBG("%s", hdev->name); 5085 5085 + bt_dev_dbg(hdev, ""); 5225 5086 5226 5087 hci_dev_lock(hdev); 5227 5088 ··· 5236 5097 hci_dev_unlock(hdev); 5237 5098 } 5238 5099 5239 5239 - static void hci_remote_oob_data_request_evt(struct hci_dev *hdev, 5100 5100 + static void hci_remote_oob_data_request_evt(struct hci_dev *hdev, void *edata, 5240 5101 struct sk_buff *skb) 5241 5102 { 5242 5242 - struct hci_ev_remote_oob_data_request *ev = (void *) skb->data; 5103 5103 + struct hci_ev_remote_oob_data_request *ev = edata; 5243 5104 struct oob_data *data; 5244 5105 5245 5245 - BT_DBG("%s", hdev->name); 5106 5106 + bt_dev_dbg(hdev, ""); 5246 5107 5247 5108 hci_dev_lock(hdev); 5248 5109 ··· 5291 5152 } 5292 5153 5293 5154 #if IS_ENABLED(CONFIG_BT_HS) 5294 5294 - static void hci_chan_selected_evt(struct hci_dev *hdev, struct sk_buff *skb) 5155 5155 + static void hci_chan_selected_evt(struct hci_dev *hdev, void *data, 5156 5156 + struct sk_buff *skb) 5295 5157 { 5296 5296 - struct hci_ev_channel_selected *ev = (void *)skb->data; 5158 5158 + struct hci_ev_channel_selected *ev = data; 5297 5159 struct hci_conn *hcon; 5298 5160 5299 5299 - BT_DBG("%s handle 0x%2.2x", hdev->name, ev->phy_handle); 5300 5300 - 5301 5301 - skb_pull(skb, sizeof(*ev)); 5161 5161 + bt_dev_dbg(hdev, "handle 0x%2.2x", ev->phy_handle); 5302 5162 5303 5163 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle); 5304 5164 if (!hcon) ··· 5306 5168 amp_read_loc_assoc_final_data(hdev, hcon); 5307 5169 } 5308 5170 5309 5309 - static void hci_phy_link_complete_evt(struct hci_dev *hdev, 5171 5171 + static void hci_phy_link_complete_evt(struct hci_dev *hdev, void *data, 5310 5172 struct sk_buff *skb) 5311 5173 { 5312 5312 - struct hci_ev_phy_link_complete *ev = (void *) skb->data; 5174 5174 + struct hci_ev_phy_link_complete *ev = data; 5313 5175 struct hci_conn *hcon, *bredr_hcon; 5314 5176 5315 5315 - BT_DBG("%s handle 0x%2.2x status 0x%2.2x", hdev->name, ev->phy_handle, 5316 5316 - ev->status); 5177 5177 + bt_dev_dbg(hdev, "handle 0x%2.2x status 0x%2.2x", ev->phy_handle, 5178 5178 + ev->status); 5317 5179 5318 5180 hci_dev_lock(hdev); 5319 5181 ··· 5347 5209 hci_dev_unlock(hdev); 5348 5210 } 5349 5211 5350 5350 - static void hci_loglink_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 5212 5212 + static void hci_loglink_complete_evt(struct hci_dev *hdev, void *data, 5213 5213 + struct sk_buff *skb) 5351 5214 { 5352 5352 - struct hci_ev_logical_link_complete *ev = (void *) skb->data; 5215 5215 + struct hci_ev_logical_link_complete *ev = data; 5353 5216 struct hci_conn *hcon; 5354 5217 struct hci_chan *hchan; 5355 5218 struct amp_mgr *mgr; 5356 5219 5357 5357 - BT_DBG("%s log_handle 0x%4.4x phy_handle 0x%2.2x status 0x%2.2x", 5358 5358 - hdev->name, le16_to_cpu(ev->handle), ev->phy_handle, 5359 5359 - ev->status); 5220 5220 + bt_dev_dbg(hdev, "log_handle 0x%4.4x phy_handle 0x%2.2x status 0x%2.2x", 5221 5221 + le16_to_cpu(ev->handle), ev->phy_handle, ev->status); 5360 5222 5361 5223 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle); 5362 5224 if (!hcon) ··· 5386 5248 } 5387 5249 } 5388 5250 5389 5389 - static void hci_disconn_loglink_complete_evt(struct hci_dev *hdev, 5251 5251 + static void hci_disconn_loglink_complete_evt(struct hci_dev *hdev, void *data, 5390 5252 struct sk_buff *skb) 5391 5253 { 5392 5392 - struct hci_ev_disconn_logical_link_complete *ev = (void *) skb->data; 5254 5254 + struct hci_ev_disconn_logical_link_complete *ev = data; 5393 5255 struct hci_chan *hchan; 5394 5256 5395 5395 - BT_DBG("%s log handle 0x%4.4x status 0x%2.2x", hdev->name, 5396 5396 - le16_to_cpu(ev->handle), ev->status); 5257 5257 + bt_dev_dbg(hdev, "handle 0x%4.4x status 0x%2.2x", 5258 5258 + le16_to_cpu(ev->handle), ev->status); 5397 5259 5398 5260 if (ev->status) 5399 5261 return; ··· 5410 5272 hci_dev_unlock(hdev); 5411 5273 } 5412 5274 5413 5413 - static void hci_disconn_phylink_complete_evt(struct hci_dev *hdev, 5275 5275 + static void hci_disconn_phylink_complete_evt(struct hci_dev *hdev, void *data, 5414 5276 struct sk_buff *skb) 5415 5277 { 5416 5416 - struct hci_ev_disconn_phy_link_complete *ev = (void *) skb->data; 5278 5278 + struct hci_ev_disconn_phy_link_complete *ev = data; 5417 5279 struct hci_conn *hcon; 5418 5280 5419 5419 - BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); 5281 5281 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 5420 5282 5421 5283 if (ev->status) 5422 5284 return; ··· 5634 5496 hci_dev_unlock(hdev); 5635 5497 } 5636 5498 5637 5637 - static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 5499 5499 + static void hci_le_conn_complete_evt(struct hci_dev *hdev, void *data, 5500 5500 + struct sk_buff *skb) 5638 5501 { 5639 5639 - struct hci_ev_le_conn_complete *ev = (void *) skb->data; 5502 5502 + struct hci_ev_le_conn_complete *ev = data; 5640 5503 5641 5641 - BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); 5504 5504 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 5642 5505 5643 5506 le_conn_complete_evt(hdev, ev->status, &ev->bdaddr, ev->bdaddr_type, 5644 5507 NULL, ev->role, le16_to_cpu(ev->handle), ··· 5648 5509 le16_to_cpu(ev->supervision_timeout)); 5649 5510 } 5650 5511 5651 5651 - static void hci_le_enh_conn_complete_evt(struct hci_dev *hdev, 5512 5512 + static void hci_le_enh_conn_complete_evt(struct hci_dev *hdev, void *data, 5652 5513 struct sk_buff *skb) 5653 5514 { 5654 5654 - struct hci_ev_le_enh_conn_complete *ev = (void *) skb->data; 5515 5515 + struct hci_ev_le_enh_conn_complete *ev = data; 5655 5516 5656 5656 - BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); 5517 5517 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 5657 5518 5658 5519 le_conn_complete_evt(hdev, ev->status, &ev->bdaddr, ev->bdaddr_type, 5659 5520 &ev->local_rpa, ev->role, le16_to_cpu(ev->handle), ··· 5662 5523 le16_to_cpu(ev->supervision_timeout)); 5663 5524 } 5664 5525 5665 5665 - static void hci_le_ext_adv_term_evt(struct hci_dev *hdev, struct sk_buff *skb) 5526 5526 + static void hci_le_ext_adv_term_evt(struct hci_dev *hdev, void *data, 5527 5527 + struct sk_buff *skb) 5666 5528 { 5667 5667 - struct hci_evt_le_ext_adv_set_term *ev = (void *) skb->data; 5529 5529 + struct hci_evt_le_ext_adv_set_term *ev = data; 5668 5530 struct hci_conn *conn; 5669 5531 struct adv_info *adv, *n; 5670 5532 5671 5671 - BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); 5533 5533 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 5672 5534 5673 5535 adv = hci_find_adv_instance(hdev, ev->handle); 5674 5536 ··· 5727 5587 } 5728 5588 } 5729 5589 5730 5730 - static void hci_le_conn_update_complete_evt(struct hci_dev *hdev, 5590 5590 + static void hci_le_conn_update_complete_evt(struct hci_dev *hdev, void *data, 5731 5591 struct sk_buff *skb) 5732 5592 { 5733 5733 - struct hci_ev_le_conn_update_complete *ev = (void *) skb->data; 5593 5593 + struct hci_ev_le_conn_update_complete *ev = data; 5734 5594 struct hci_conn *conn; 5735 5595 5736 5736 - BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); 5596 5596 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 5737 5597 5738 5598 if (ev->status) 5739 5599 return; ··· 5754 5614 static struct hci_conn *check_pending_le_conn(struct hci_dev *hdev, 5755 5615 bdaddr_t *addr, 5756 5616 u8 addr_type, bool addr_resolved, 5757 5757 - u8 adv_type, bdaddr_t *direct_rpa) 5617 5617 + u8 adv_type) 5758 5618 { 5759 5619 struct hci_conn *conn; 5760 5620 struct hci_conn_params *params; ··· 5809 5669 5810 5670 conn = hci_connect_le(hdev, addr, addr_type, addr_resolved, 5811 5671 BT_SECURITY_LOW, hdev->def_le_autoconnect_timeout, 5812 5812 - HCI_ROLE_MASTER, direct_rpa); 5672 5672 + HCI_ROLE_MASTER); 5813 5673 if (!IS_ERR(conn)) { 5814 5674 /* If HCI_AUTO_CONN_EXPLICIT is set, conn is already owned 5815 5675 * by higher layer that tried to connect, if no then ··· 5932 5792 * for advertising reports) and is already verified to be RPA above. 5933 5793 */ 5934 5794 conn = check_pending_le_conn(hdev, bdaddr, bdaddr_type, bdaddr_resolved, 5935 5935 - type, direct_addr); 5795 5795 + type); 5936 5796 if (!ext_adv && conn && type == LE_ADV_IND && len <= HCI_MAX_AD_LENGTH) { 5937 5797 /* Store report for later inclusion by 5938 5798 * mgmt_device_connected ··· 6049 5909 clear_pending_adv_report(hdev); 6050 5910 } 6051 5911 6052 6052 - static void hci_le_adv_report_evt(struct hci_dev *hdev, struct sk_buff *skb) 5912 5912 + static void hci_le_adv_report_evt(struct hci_dev *hdev, void *data, 5913 5913 + struct sk_buff *skb) 6053 5914 { 6054 6054 - u8 num_reports = skb->data[0]; 6055 6055 - void *ptr = &skb->data[1]; 5915 5915 + struct hci_ev_le_advertising_report *ev = data; 5916 5916 + 5917 5917 + if (!ev->num) 5918 5918 + return; 6056 5919 6057 5920 hci_dev_lock(hdev); 6058 5921 6059 6059 - while (num_reports--) { 6060 6060 - struct hci_ev_le_advertising_info *ev = ptr; 5922 5922 + while (ev->num--) { 5923 5923 + struct hci_ev_le_advertising_info *info; 6061 5924 s8 rssi; 6062 5925 6063 6063 - if (ev->length <= HCI_MAX_AD_LENGTH && 6064 6064 - ev->data + ev->length <= skb_tail_pointer(skb)) { 6065 6065 - rssi = ev->data[ev->length]; 6066 6066 - process_adv_report(hdev, ev->evt_type, &ev->bdaddr, 6067 6067 - ev->bdaddr_type, NULL, 0, rssi, 6068 6068 - ev->data, ev->length, false); 5926 5926 + info = hci_le_ev_skb_pull(hdev, skb, 5927 5927 + HCI_EV_LE_ADVERTISING_REPORT, 5928 5928 + sizeof(*info)); 5929 5929 + if (!info) 5930 5930 + break; 5931 5931 + 5932 5932 + if (!hci_le_ev_skb_pull(hdev, skb, HCI_EV_LE_ADVERTISING_REPORT, 5933 5933 + info->length + 1)) 5934 5934 + break; 5935 5935 + 5936 5936 + if (info->length <= HCI_MAX_AD_LENGTH) { 5937 5937 + rssi = info->data[info->length]; 5938 5938 + process_adv_report(hdev, info->type, &info->bdaddr, 5939 5939 + info->bdaddr_type, NULL, 0, rssi, 5940 5940 + info->data, info->length, false); 6069 5941 } else { 6070 5942 bt_dev_err(hdev, "Dropping invalid advertising data"); 6071 6071 - } 6072 6072 - 6073 6073 - ptr += sizeof(*ev) + ev->length + 1; 6074 6074 - 6075 6075 - if (ptr > (void *) skb_tail_pointer(skb) - sizeof(*ev)) { 6076 6076 - bt_dev_err(hdev, "Malicious advertising data. Stopping processing"); 6077 6077 - break; 6078 5943 } 6079 5944 } 6080 5945 ··· 6130 5985 return LE_ADV_INVALID; 6131 5986 } 6132 5987 6133 6133 - static void hci_le_ext_adv_report_evt(struct hci_dev *hdev, struct sk_buff *skb) 5988 5988 + static void hci_le_ext_adv_report_evt(struct hci_dev *hdev, void *data, 5989 5989 + struct sk_buff *skb) 6134 5990 { 6135 6135 - u8 num_reports = skb->data[0]; 6136 6136 - void *ptr = &skb->data[1]; 5991 5991 + struct hci_ev_le_ext_adv_report *ev = data; 5992 5992 + 5993 5993 + if (!ev->num) 5994 5994 + return; 6137 5995 6138 5996 hci_dev_lock(hdev); 6139 5997 6140 6140 - while (num_reports--) { 6141 6141 - struct hci_ev_le_ext_adv_report *ev = ptr; 5998 5998 + while (ev->num--) { 5999 5999 + struct hci_ev_le_ext_adv_info *info; 6142 6000 u8 legacy_evt_type; 6143 6001 u16 evt_type; 6144 6002 6145 6145 - evt_type = __le16_to_cpu(ev->evt_type); 6003 6003 + info = hci_le_ev_skb_pull(hdev, skb, HCI_EV_LE_EXT_ADV_REPORT, 6004 6004 + sizeof(*info)); 6005 6005 + if (!info) 6006 6006 + break; 6007 6007 + 6008 6008 + if (!hci_le_ev_skb_pull(hdev, skb, HCI_EV_LE_EXT_ADV_REPORT, 6009 6009 + info->length)) 6010 6010 + break; 6011 6011 + 6012 6012 + evt_type = __le16_to_cpu(info->type); 6146 6013 legacy_evt_type = ext_evt_type_to_legacy(hdev, evt_type); 6147 6014 if (legacy_evt_type != LE_ADV_INVALID) { 6148 6148 - process_adv_report(hdev, legacy_evt_type, &ev->bdaddr, 6149 6149 - ev->bdaddr_type, NULL, 0, ev->rssi, 6150 6150 - ev->data, ev->length, 6015 6015 + process_adv_report(hdev, legacy_evt_type, &info->bdaddr, 6016 6016 + info->bdaddr_type, NULL, 0, 6017 6017 + info->rssi, info->data, info->length, 6151 6018 !(evt_type & LE_EXT_ADV_LEGACY_PDU)); 6152 6019 } 6153 6153 - 6154 6154 - ptr += sizeof(*ev) + ev->length; 6155 6020 } 6156 6021 6157 6022 hci_dev_unlock(hdev); 6158 6023 } 6159 6024 6160 6160 - static void hci_le_remote_feat_complete_evt(struct hci_dev *hdev, 6025 6025 + static void hci_le_remote_feat_complete_evt(struct hci_dev *hdev, void *data, 6161 6026 struct sk_buff *skb) 6162 6027 { 6163 6163 - struct hci_ev_le_remote_feat_complete *ev = (void *)skb->data; 6028 6028 + struct hci_ev_le_remote_feat_complete *ev = data; 6164 6029 struct hci_conn *conn; 6165 6030 6166 6166 - BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); 6031 6031 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 6167 6032 6168 6033 hci_dev_lock(hdev); 6169 6034 ··· 6209 6054 hci_dev_unlock(hdev); 6210 6055 } 6211 6056 6212 6212 - static void hci_le_ltk_request_evt(struct hci_dev *hdev, struct sk_buff *skb) 6057 6057 + static void hci_le_ltk_request_evt(struct hci_dev *hdev, void *data, 6058 6058 + struct sk_buff *skb) 6213 6059 { 6214 6214 - struct hci_ev_le_ltk_req *ev = (void *) skb->data; 6060 6060 + struct hci_ev_le_ltk_req *ev = data; 6215 6061 struct hci_cp_le_ltk_reply cp; 6216 6062 struct hci_cp_le_ltk_neg_reply neg; 6217 6063 struct hci_conn *conn; 6218 6064 struct smp_ltk *ltk; 6219 6065 6220 6220 - BT_DBG("%s handle 0x%4.4x", hdev->name, __le16_to_cpu(ev->handle)); 6066 6066 + bt_dev_dbg(hdev, "handle 0x%4.4x", __le16_to_cpu(ev->handle)); 6221 6067 6222 6068 hci_dev_lock(hdev); 6223 6069 ··· 6286 6130 &cp); 6287 6131 } 6288 6132 6289 6289 - static void hci_le_remote_conn_param_req_evt(struct hci_dev *hdev, 6133 6133 + static void hci_le_remote_conn_param_req_evt(struct hci_dev *hdev, void *data, 6290 6134 struct sk_buff *skb) 6291 6135 { 6292 6292 - struct hci_ev_le_remote_conn_param_req *ev = (void *) skb->data; 6136 6136 + struct hci_ev_le_remote_conn_param_req *ev = data; 6293 6137 struct hci_cp_le_conn_param_req_reply cp; 6294 6138 struct hci_conn *hcon; 6295 6139 u16 handle, min, max, latency, timeout; 6140 6140 + 6141 6141 + bt_dev_dbg(hdev, "handle 0x%4.4x", __le16_to_cpu(ev->handle)); 6296 6142 6297 6143 handle = le16_to_cpu(ev->handle); 6298 6144 min = le16_to_cpu(ev->interval_min); ··· 6346 6188 hci_send_cmd(hdev, HCI_OP_LE_CONN_PARAM_REQ_REPLY, sizeof(cp), &cp); 6347 6189 } 6348 6190 6349 6349 - static void hci_le_direct_adv_report_evt(struct hci_dev *hdev, 6191 6191 + static void hci_le_direct_adv_report_evt(struct hci_dev *hdev, void *data, 6350 6192 struct sk_buff *skb) 6351 6193 { 6352 6352 - u8 num_reports = skb->data[0]; 6353 6353 - struct hci_ev_le_direct_adv_info *ev = (void *)&skb->data[1]; 6194 6194 + struct hci_ev_le_direct_adv_report *ev = data; 6195 6195 + int i; 6354 6196 6355 6355 - if (!num_reports || skb->len < num_reports * sizeof(*ev) + 1) 6197 6197 + if (!hci_le_ev_skb_pull(hdev, skb, HCI_EV_LE_DIRECT_ADV_REPORT, 6198 6198 + flex_array_size(ev, info, ev->num))) 6199 6199 + return; 6200 6200 + 6201 6201 + if (!ev->num) 6356 6202 return; 6357 6203 6358 6204 hci_dev_lock(hdev); 6359 6205 6360 6360 - for (; num_reports; num_reports--, ev++) 6361 6361 - process_adv_report(hdev, ev->evt_type, &ev->bdaddr, 6362 6362 - ev->bdaddr_type, &ev->direct_addr, 6363 6363 - ev->direct_addr_type, ev->rssi, NULL, 0, 6206 6206 + for (i = 0; i < ev->num; i++) { 6207 6207 + struct hci_ev_le_direct_adv_info *info = &ev->info[i]; 6208 6208 + 6209 6209 + process_adv_report(hdev, info->type, &info->bdaddr, 6210 6210 + info->bdaddr_type, &info->direct_addr, 6211 6211 + info->direct_addr_type, info->rssi, NULL, 0, 6364 6212 false); 6213 6213 + } 6365 6214 6366 6215 hci_dev_unlock(hdev); 6367 6216 } 6368 6217 6369 6369 - static void hci_le_phy_update_evt(struct hci_dev *hdev, struct sk_buff *skb) 6218 6218 + static void hci_le_phy_update_evt(struct hci_dev *hdev, void *data, 6219 6219 + struct sk_buff *skb) 6370 6220 { 6371 6371 - struct hci_ev_le_phy_update_complete *ev = (void *) skb->data; 6221 6221 + struct hci_ev_le_phy_update_complete *ev = data; 6372 6222 struct hci_conn *conn; 6373 6223 6374 6374 - BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); 6224 6224 + bt_dev_dbg(hdev, "status 0x%2.2x", ev->status); 6375 6225 6376 6226 if (ev->status) 6377 6227 return; ··· 6397 6231 hci_dev_unlock(hdev); 6398 6232 } 6399 6233 6400 6400 - static void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb) 6234 6234 + #define HCI_LE_EV_VL(_op, _func, _min_len, _max_len) \ 6235 6235 + [_op] = { \ 6236 6236 + .func = _func, \ 6237 6237 + .min_len = _min_len, \ 6238 6238 + .max_len = _max_len, \ 6239 6239 + } 6240 6240 + 6241 6241 + #define HCI_LE_EV(_op, _func, _len) \ 6242 6242 + HCI_LE_EV_VL(_op, _func, _len, _len) 6243 6243 + 6244 6244 + #define HCI_LE_EV_STATUS(_op, _func) \ 6245 6245 + HCI_LE_EV(_op, _func, sizeof(struct hci_ev_status)) 6246 6246 + 6247 6247 + /* Entries in this table shall have their position according to the subevent 6248 6248 + * opcode they handle so the use of the macros above is recommend since it does 6249 6249 + * attempt to initialize at its proper index using Designated Initializers that 6250 6250 + * way events without a callback function can be ommited. 6251 6251 + */ 6252 6252 + static const struct hci_le_ev { 6253 6253 + void (*func)(struct hci_dev *hdev, void *data, struct sk_buff *skb); 6254 6254 + u16 min_len; 6255 6255 + u16 max_len; 6256 6256 + } hci_le_ev_table[U8_MAX + 1] = { 6257 6257 + /* [0x01 = HCI_EV_LE_CONN_COMPLETE] */ 6258 6258 + HCI_LE_EV(HCI_EV_LE_CONN_COMPLETE, hci_le_conn_complete_evt, 6259 6259 + sizeof(struct hci_ev_le_conn_complete)), 6260 6260 + /* [0x02 = HCI_EV_LE_ADVERTISING_REPORT] */ 6261 6261 + HCI_LE_EV_VL(HCI_EV_LE_ADVERTISING_REPORT, hci_le_adv_report_evt, 6262 6262 + sizeof(struct hci_ev_le_advertising_report), 6263 6263 + HCI_MAX_EVENT_SIZE), 6264 6264 + /* [0x03 = HCI_EV_LE_CONN_UPDATE_COMPLETE] */ 6265 6265 + HCI_LE_EV(HCI_EV_LE_CONN_UPDATE_COMPLETE, 6266 6266 + hci_le_conn_update_complete_evt, 6267 6267 + sizeof(struct hci_ev_le_conn_update_complete)), 6268 6268 + /* [0x04 = HCI_EV_LE_REMOTE_FEAT_COMPLETE] */ 6269 6269 + HCI_LE_EV(HCI_EV_LE_REMOTE_FEAT_COMPLETE, 6270 6270 + hci_le_remote_feat_complete_evt, 6271 6271 + sizeof(struct hci_ev_le_remote_feat_complete)), 6272 6272 + /* [0x05 = HCI_EV_LE_LTK_REQ] */ 6273 6273 + HCI_LE_EV(HCI_EV_LE_LTK_REQ, hci_le_ltk_request_evt, 6274 6274 + sizeof(struct hci_ev_le_ltk_req)), 6275 6275 + /* [0x06 = HCI_EV_LE_REMOTE_CONN_PARAM_REQ] */ 6276 6276 + HCI_LE_EV(HCI_EV_LE_REMOTE_CONN_PARAM_REQ, 6277 6277 + hci_le_remote_conn_param_req_evt, 6278 6278 + sizeof(struct hci_ev_le_remote_conn_param_req)), 6279 6279 + /* [0x0a = HCI_EV_LE_ENHANCED_CONN_COMPLETE] */ 6280 6280 + HCI_LE_EV(HCI_EV_LE_ENHANCED_CONN_COMPLETE, 6281 6281 + hci_le_enh_conn_complete_evt, 6282 6282 + sizeof(struct hci_ev_le_enh_conn_complete)), 6283 6283 + /* [0x0b = HCI_EV_LE_DIRECT_ADV_REPORT] */ 6284 6284 + HCI_LE_EV_VL(HCI_EV_LE_DIRECT_ADV_REPORT, hci_le_direct_adv_report_evt, 6285 6285 + sizeof(struct hci_ev_le_direct_adv_report), 6286 6286 + HCI_MAX_EVENT_SIZE), 6287 6287 + /* [0x0c = HCI_EV_LE_PHY_UPDATE_COMPLETE] */ 6288 6288 + HCI_LE_EV(HCI_EV_LE_PHY_UPDATE_COMPLETE, hci_le_phy_update_evt, 6289 6289 + sizeof(struct hci_ev_le_phy_update_complete)), 6290 6290 + /* [0x0d = HCI_EV_LE_EXT_ADV_REPORT] */ 6291 6291 + HCI_LE_EV_VL(HCI_EV_LE_EXT_ADV_REPORT, hci_le_ext_adv_report_evt, 6292 6292 + sizeof(struct hci_ev_le_ext_adv_report), 6293 6293 + HCI_MAX_EVENT_SIZE), 6294 6294 + /* [0x12 = HCI_EV_LE_EXT_ADV_SET_TERM] */ 6295 6295 + HCI_LE_EV(HCI_EV_LE_EXT_ADV_SET_TERM, hci_le_ext_adv_term_evt, 6296 6296 + sizeof(struct hci_evt_le_ext_adv_set_term)), 6297 6297 + }; 6298 6298 + 6299 6299 + static void hci_le_meta_evt(struct hci_dev *hdev, void *data, 6300 6300 + struct sk_buff *skb, u16 *opcode, u8 *status, 6301 6301 + hci_req_complete_t *req_complete, 6302 6302 + hci_req_complete_skb_t *req_complete_skb) 6401 6303 { 6402 6402 - struct hci_ev_le_meta *le_ev = (void *) skb->data; 6304 6304 + struct hci_ev_le_meta *ev = data; 6305 6305 + const struct hci_le_ev *subev; 6403 6306 6404 6404 - skb_pull(skb, sizeof(*le_ev)); 6307 6307 + bt_dev_dbg(hdev, "subevent 0x%2.2x", ev->subevent); 6405 6308 6406 6406 - switch (le_ev->subevent) { 6407 6407 - case HCI_EV_LE_CONN_COMPLETE: 6408 6408 - hci_le_conn_complete_evt(hdev, skb); 6409 6409 - break; 6410 6410 - 6411 6411 - case HCI_EV_LE_CONN_UPDATE_COMPLETE: 6412 6412 - hci_le_conn_update_complete_evt(hdev, skb); 6413 6413 - break; 6414 6414 - 6415 6415 - case HCI_EV_LE_ADVERTISING_REPORT: 6416 6416 - hci_le_adv_report_evt(hdev, skb); 6417 6417 - break; 6418 6418 - 6419 6419 - case HCI_EV_LE_REMOTE_FEAT_COMPLETE: 6420 6420 - hci_le_remote_feat_complete_evt(hdev, skb); 6421 6421 - break; 6422 6422 - 6423 6423 - case HCI_EV_LE_LTK_REQ: 6424 6424 - hci_le_ltk_request_evt(hdev, skb); 6425 6425 - break; 6426 6426 - 6427 6427 - case HCI_EV_LE_REMOTE_CONN_PARAM_REQ: 6428 6428 - hci_le_remote_conn_param_req_evt(hdev, skb); 6429 6429 - break; 6430 6430 - 6431 6431 - case HCI_EV_LE_DIRECT_ADV_REPORT: 6432 6432 - hci_le_direct_adv_report_evt(hdev, skb); 6433 6433 - break; 6434 6434 - 6435 6435 - case HCI_EV_LE_PHY_UPDATE_COMPLETE: 6436 6436 - hci_le_phy_update_evt(hdev, skb); 6437 6437 - break; 6438 6438 - 6439 6439 - case HCI_EV_LE_EXT_ADV_REPORT: 6440 6440 - hci_le_ext_adv_report_evt(hdev, skb); 6441 6441 - break; 6442 6442 - 6443 6443 - case HCI_EV_LE_ENHANCED_CONN_COMPLETE: 6444 6444 - hci_le_enh_conn_complete_evt(hdev, skb); 6445 6445 - break; 6446 6446 - 6447 6447 - case HCI_EV_LE_EXT_ADV_SET_TERM: 6448 6448 - hci_le_ext_adv_term_evt(hdev, skb); 6449 6449 - break; 6450 6450 - 6451 6451 - default: 6452 6452 - break; 6309 6309 + /* Only match event if command OGF is for LE */ 6310 6310 + if (hdev->sent_cmd && 6311 6311 + hci_opcode_ogf(hci_skb_opcode(hdev->sent_cmd)) == 0x08 && 6312 6312 + hci_skb_event(hdev->sent_cmd) == ev->subevent) { 6313 6313 + *opcode = hci_skb_opcode(hdev->sent_cmd); 6314 6314 + hci_req_cmd_complete(hdev, *opcode, 0x00, req_complete, 6315 6315 + req_complete_skb); 6453 6316 } 6317 6317 + 6318 6318 + subev = &hci_le_ev_table[ev->subevent]; 6319 6319 + if (!subev->func) 6320 6320 + return; 6321 6321 + 6322 6322 + if (skb->len < subev->min_len) { 6323 6323 + bt_dev_err(hdev, "unexpected subevent 0x%2.2x length: %u < %u", 6324 6324 + ev->subevent, skb->len, subev->min_len); 6325 6325 + return; 6326 6326 + } 6327 6327 + 6328 6328 + /* Just warn if the length is over max_len size it still be 6329 6329 + * possible to partially parse the event so leave to callback to 6330 6330 + * decide if that is acceptable. 6331 6331 + */ 6332 6332 + if (skb->len > subev->max_len) 6333 6333 + bt_dev_warn(hdev, "unexpected subevent 0x%2.2x length: %u > %u", 6334 6334 + ev->subevent, skb->len, subev->max_len); 6335 6335 + 6336 6336 + data = hci_le_ev_skb_pull(hdev, skb, ev->subevent, subev->min_len); 6337 6337 + if (!data) 6338 6338 + return; 6339 6339 + 6340 6340 + subev->func(hdev, data, skb); 6454 6341 } 6455 6342 6456 6343 static bool hci_get_cmd_complete(struct hci_dev *hdev, u16 opcode, ··· 6515 6296 if (!skb) 6516 6297 return false; 6517 6298 6518 6518 - if (skb->len < sizeof(*hdr)) { 6519 6519 - bt_dev_err(hdev, "too short HCI event"); 6299 6299 + hdr = hci_ev_skb_pull(hdev, skb, event, sizeof(*hdr)); 6300 6300 + if (!hdr) 6520 6301 return false; 6521 6521 - } 6522 6522 - 6523 6523 - hdr = (void *) skb->data; 6524 6524 - skb_pull(skb, HCI_EVENT_HDR_SIZE); 6525 6302 6526 6303 if (event) { 6527 6304 if (hdr->evt != event) ··· 6537 6322 return false; 6538 6323 } 6539 6324 6540 6540 - if (skb->len < sizeof(*ev)) { 6541 6541 - bt_dev_err(hdev, "too short cmd_complete event"); 6325 6325 + ev = hci_cc_skb_pull(hdev, skb, opcode, sizeof(*ev)); 6326 6326 + if (!ev) 6542 6327 return false; 6543 6543 - } 6544 6544 - 6545 6545 - ev = (void *) skb->data; 6546 6546 - skb_pull(skb, sizeof(*ev)); 6547 6328 6548 6329 if (opcode != __le16_to_cpu(ev->opcode)) { 6549 6330 BT_DBG("opcode doesn't match (0x%2.2x != 0x%2.2x)", opcode, ··· 6555 6344 { 6556 6345 struct hci_ev_le_advertising_info *adv; 6557 6346 struct hci_ev_le_direct_adv_info *direct_adv; 6558 6558 - struct hci_ev_le_ext_adv_report *ext_adv; 6347 6347 + struct hci_ev_le_ext_adv_info *ext_adv; 6559 6348 const struct hci_ev_conn_complete *conn_complete = (void *)skb->data; 6560 6349 const struct hci_ev_conn_request *conn_request = (void *)skb->data; 6561 6350 ··· 6619 6408 hci_dev_unlock(hdev); 6620 6409 } 6621 6410 6411 6411 + #define HCI_EV_VL(_op, _func, _min_len, _max_len) \ 6412 6412 + [_op] = { \ 6413 6413 + .req = false, \ 6414 6414 + .func = _func, \ 6415 6415 + .min_len = _min_len, \ 6416 6416 + .max_len = _max_len, \ 6417 6417 + } 6418 6418 + 6419 6419 + #define HCI_EV(_op, _func, _len) \ 6420 6420 + HCI_EV_VL(_op, _func, _len, _len) 6421 6421 + 6422 6422 + #define HCI_EV_STATUS(_op, _func) \ 6423 6423 + HCI_EV(_op, _func, sizeof(struct hci_ev_status)) 6424 6424 + 6425 6425 + #define HCI_EV_REQ_VL(_op, _func, _min_len, _max_len) \ 6426 6426 + [_op] = { \ 6427 6427 + .req = true, \ 6428 6428 + .func_req = _func, \ 6429 6429 + .min_len = _min_len, \ 6430 6430 + .max_len = _max_len, \ 6431 6431 + } 6432 6432 + 6433 6433 + #define HCI_EV_REQ(_op, _func, _len) \ 6434 6434 + HCI_EV_REQ_VL(_op, _func, _len, _len) 6435 6435 + 6436 6436 + /* Entries in this table shall have their position according to the event opcode 6437 6437 + * they handle so the use of the macros above is recommend since it does attempt 6438 6438 + * to initialize at its proper index using Designated Initializers that way 6439 6439 + * events without a callback function don't have entered. 6440 6440 + */ 6441 6441 + static const struct hci_ev { 6442 6442 + bool req; 6443 6443 + union { 6444 6444 + void (*func)(struct hci_dev *hdev, void *data, 6445 6445 + struct sk_buff *skb); 6446 6446 + void (*func_req)(struct hci_dev *hdev, void *data, 6447 6447 + struct sk_buff *skb, u16 *opcode, u8 *status, 6448 6448 + hci_req_complete_t *req_complete, 6449 6449 + hci_req_complete_skb_t *req_complete_skb); 6450 6450 + }; 6451 6451 + u16 min_len; 6452 6452 + u16 max_len; 6453 6453 + } hci_ev_table[U8_MAX + 1] = { 6454 6454 + /* [0x01 = HCI_EV_INQUIRY_COMPLETE] */ 6455 6455 + HCI_EV_STATUS(HCI_EV_INQUIRY_COMPLETE, hci_inquiry_complete_evt), 6456 6456 + /* [0x02 = HCI_EV_INQUIRY_RESULT] */ 6457 6457 + HCI_EV_VL(HCI_EV_INQUIRY_RESULT, hci_inquiry_result_evt, 6458 6458 + sizeof(struct hci_ev_inquiry_result), HCI_MAX_EVENT_SIZE), 6459 6459 + /* [0x03 = HCI_EV_CONN_COMPLETE] */ 6460 6460 + HCI_EV(HCI_EV_CONN_COMPLETE, hci_conn_complete_evt, 6461 6461 + sizeof(struct hci_ev_conn_complete)), 6462 6462 + /* [0x04 = HCI_EV_CONN_REQUEST] */ 6463 6463 + HCI_EV(HCI_EV_CONN_REQUEST, hci_conn_request_evt, 6464 6464 + sizeof(struct hci_ev_conn_request)), 6465 6465 + /* [0x05 = HCI_EV_DISCONN_COMPLETE] */ 6466 6466 + HCI_EV(HCI_EV_DISCONN_COMPLETE, hci_disconn_complete_evt, 6467 6467 + sizeof(struct hci_ev_disconn_complete)), 6468 6468 + /* [0x06 = HCI_EV_AUTH_COMPLETE] */ 6469 6469 + HCI_EV(HCI_EV_AUTH_COMPLETE, hci_auth_complete_evt, 6470 6470 + sizeof(struct hci_ev_auth_complete)), 6471 6471 + /* [0x07 = HCI_EV_REMOTE_NAME] */ 6472 6472 + HCI_EV(HCI_EV_REMOTE_NAME, hci_remote_name_evt, 6473 6473 + sizeof(struct hci_ev_remote_name)), 6474 6474 + /* [0x08 = HCI_EV_ENCRYPT_CHANGE] */ 6475 6475 + HCI_EV(HCI_EV_ENCRYPT_CHANGE, hci_encrypt_change_evt, 6476 6476 + sizeof(struct hci_ev_encrypt_change)), 6477 6477 + /* [0x09 = HCI_EV_CHANGE_LINK_KEY_COMPLETE] */ 6478 6478 + HCI_EV(HCI_EV_CHANGE_LINK_KEY_COMPLETE, 6479 6479 + hci_change_link_key_complete_evt, 6480 6480 + sizeof(struct hci_ev_change_link_key_complete)), 6481 6481 + /* [0x0b = HCI_EV_REMOTE_FEATURES] */ 6482 6482 + HCI_EV(HCI_EV_REMOTE_FEATURES, hci_remote_features_evt, 6483 6483 + sizeof(struct hci_ev_remote_features)), 6484 6484 + /* [0x0e = HCI_EV_CMD_COMPLETE] */ 6485 6485 + HCI_EV_REQ_VL(HCI_EV_CMD_COMPLETE, hci_cmd_complete_evt, 6486 6486 + sizeof(struct hci_ev_cmd_complete), HCI_MAX_EVENT_SIZE), 6487 6487 + /* [0x0f = HCI_EV_CMD_STATUS] */ 6488 6488 + HCI_EV_REQ(HCI_EV_CMD_STATUS, hci_cmd_status_evt, 6489 6489 + sizeof(struct hci_ev_cmd_status)), 6490 6490 + /* [0x10 = HCI_EV_CMD_STATUS] */ 6491 6491 + HCI_EV(HCI_EV_HARDWARE_ERROR, hci_hardware_error_evt, 6492 6492 + sizeof(struct hci_ev_hardware_error)), 6493 6493 + /* [0x12 = HCI_EV_ROLE_CHANGE] */ 6494 6494 + HCI_EV(HCI_EV_ROLE_CHANGE, hci_role_change_evt, 6495 6495 + sizeof(struct hci_ev_role_change)), 6496 6496 + /* [0x13 = HCI_EV_NUM_COMP_PKTS] */ 6497 6497 + HCI_EV_VL(HCI_EV_NUM_COMP_PKTS, hci_num_comp_pkts_evt, 6498 6498 + sizeof(struct hci_ev_num_comp_pkts), HCI_MAX_EVENT_SIZE), 6499 6499 + /* [0x14 = HCI_EV_MODE_CHANGE] */ 6500 6500 + HCI_EV(HCI_EV_MODE_CHANGE, hci_mode_change_evt, 6501 6501 + sizeof(struct hci_ev_mode_change)), 6502 6502 + /* [0x16 = HCI_EV_PIN_CODE_REQ] */ 6503 6503 + HCI_EV(HCI_EV_PIN_CODE_REQ, hci_pin_code_request_evt, 6504 6504 + sizeof(struct hci_ev_pin_code_req)), 6505 6505 + /* [0x17 = HCI_EV_LINK_KEY_REQ] */ 6506 6506 + HCI_EV(HCI_EV_LINK_KEY_REQ, hci_link_key_request_evt, 6507 6507 + sizeof(struct hci_ev_link_key_req)), 6508 6508 + /* [0x18 = HCI_EV_LINK_KEY_NOTIFY] */ 6509 6509 + HCI_EV(HCI_EV_LINK_KEY_NOTIFY, hci_link_key_notify_evt, 6510 6510 + sizeof(struct hci_ev_link_key_notify)), 6511 6511 + /* [0x1c = HCI_EV_CLOCK_OFFSET] */ 6512 6512 + HCI_EV(HCI_EV_CLOCK_OFFSET, hci_clock_offset_evt, 6513 6513 + sizeof(struct hci_ev_clock_offset)), 6514 6514 + /* [0x1d = HCI_EV_PKT_TYPE_CHANGE] */ 6515 6515 + HCI_EV(HCI_EV_PKT_TYPE_CHANGE, hci_pkt_type_change_evt, 6516 6516 + sizeof(struct hci_ev_pkt_type_change)), 6517 6517 + /* [0x20 = HCI_EV_PSCAN_REP_MODE] */ 6518 6518 + HCI_EV(HCI_EV_PSCAN_REP_MODE, hci_pscan_rep_mode_evt, 6519 6519 + sizeof(struct hci_ev_pscan_rep_mode)), 6520 6520 + /* [0x22 = HCI_EV_INQUIRY_RESULT_WITH_RSSI] */ 6521 6521 + HCI_EV_VL(HCI_EV_INQUIRY_RESULT_WITH_RSSI, 6522 6522 + hci_inquiry_result_with_rssi_evt, 6523 6523 + sizeof(struct hci_ev_inquiry_result_rssi), 6524 6524 + HCI_MAX_EVENT_SIZE), 6525 6525 + /* [0x23 = HCI_EV_REMOTE_EXT_FEATURES] */ 6526 6526 + HCI_EV(HCI_EV_REMOTE_EXT_FEATURES, hci_remote_ext_features_evt, 6527 6527 + sizeof(struct hci_ev_remote_ext_features)), 6528 6528 + /* [0x2c = HCI_EV_SYNC_CONN_COMPLETE] */ 6529 6529 + HCI_EV(HCI_EV_SYNC_CONN_COMPLETE, hci_sync_conn_complete_evt, 6530 6530 + sizeof(struct hci_ev_sync_conn_complete)), 6531 6531 + /* [0x2d = HCI_EV_EXTENDED_INQUIRY_RESULT] */ 6532 6532 + HCI_EV_VL(HCI_EV_EXTENDED_INQUIRY_RESULT, 6533 6533 + hci_extended_inquiry_result_evt, 6534 6534 + sizeof(struct hci_ev_ext_inquiry_result), HCI_MAX_EVENT_SIZE), 6535 6535 + /* [0x30 = HCI_EV_KEY_REFRESH_COMPLETE] */ 6536 6536 + HCI_EV(HCI_EV_KEY_REFRESH_COMPLETE, hci_key_refresh_complete_evt, 6537 6537 + sizeof(struct hci_ev_key_refresh_complete)), 6538 6538 + /* [0x31 = HCI_EV_IO_CAPA_REQUEST] */ 6539 6539 + HCI_EV(HCI_EV_IO_CAPA_REQUEST, hci_io_capa_request_evt, 6540 6540 + sizeof(struct hci_ev_io_capa_request)), 6541 6541 + /* [0x32 = HCI_EV_IO_CAPA_REPLY] */ 6542 6542 + HCI_EV(HCI_EV_IO_CAPA_REPLY, hci_io_capa_reply_evt, 6543 6543 + sizeof(struct hci_ev_io_capa_reply)), 6544 6544 + /* [0x33 = HCI_EV_USER_CONFIRM_REQUEST] */ 6545 6545 + HCI_EV(HCI_EV_USER_CONFIRM_REQUEST, hci_user_confirm_request_evt, 6546 6546 + sizeof(struct hci_ev_user_confirm_req)), 6547 6547 + /* [0x34 = HCI_EV_USER_PASSKEY_REQUEST] */ 6548 6548 + HCI_EV(HCI_EV_USER_PASSKEY_REQUEST, hci_user_passkey_request_evt, 6549 6549 + sizeof(struct hci_ev_user_passkey_req)), 6550 6550 + /* [0x35 = HCI_EV_REMOTE_OOB_DATA_REQUEST] */ 6551 6551 + HCI_EV(HCI_EV_REMOTE_OOB_DATA_REQUEST, hci_remote_oob_data_request_evt, 6552 6552 + sizeof(struct hci_ev_remote_oob_data_request)), 6553 6553 + /* [0x36 = HCI_EV_SIMPLE_PAIR_COMPLETE] */ 6554 6554 + HCI_EV(HCI_EV_SIMPLE_PAIR_COMPLETE, hci_simple_pair_complete_evt, 6555 6555 + sizeof(struct hci_ev_simple_pair_complete)), 6556 6556 + /* [0x3b = HCI_EV_USER_PASSKEY_NOTIFY] */ 6557 6557 + HCI_EV(HCI_EV_USER_PASSKEY_NOTIFY, hci_user_passkey_notify_evt, 6558 6558 + sizeof(struct hci_ev_user_passkey_notify)), 6559 6559 + /* [0x3c = HCI_EV_KEYPRESS_NOTIFY] */ 6560 6560 + HCI_EV(HCI_EV_KEYPRESS_NOTIFY, hci_keypress_notify_evt, 6561 6561 + sizeof(struct hci_ev_keypress_notify)), 6562 6562 + /* [0x3d = HCI_EV_REMOTE_HOST_FEATURES] */ 6563 6563 + HCI_EV(HCI_EV_REMOTE_HOST_FEATURES, hci_remote_host_features_evt, 6564 6564 + sizeof(struct hci_ev_remote_host_features)), 6565 6565 + /* [0x3e = HCI_EV_LE_META] */ 6566 6566 + HCI_EV_REQ_VL(HCI_EV_LE_META, hci_le_meta_evt, 6567 6567 + sizeof(struct hci_ev_le_meta), HCI_MAX_EVENT_SIZE), 6568 6568 + #if IS_ENABLED(CONFIG_BT_HS) 6569 6569 + /* [0x40 = HCI_EV_PHY_LINK_COMPLETE] */ 6570 6570 + HCI_EV(HCI_EV_PHY_LINK_COMPLETE, hci_phy_link_complete_evt, 6571 6571 + sizeof(struct hci_ev_phy_link_complete)), 6572 6572 + /* [0x41 = HCI_EV_CHANNEL_SELECTED] */ 6573 6573 + HCI_EV(HCI_EV_CHANNEL_SELECTED, hci_chan_selected_evt, 6574 6574 + sizeof(struct hci_ev_channel_selected)), 6575 6575 + /* [0x42 = HCI_EV_DISCONN_PHY_LINK_COMPLETE] */ 6576 6576 + HCI_EV(HCI_EV_DISCONN_LOGICAL_LINK_COMPLETE, 6577 6577 + hci_disconn_loglink_complete_evt, 6578 6578 + sizeof(struct hci_ev_disconn_logical_link_complete)), 6579 6579 + /* [0x45 = HCI_EV_LOGICAL_LINK_COMPLETE] */ 6580 6580 + HCI_EV(HCI_EV_LOGICAL_LINK_COMPLETE, hci_loglink_complete_evt, 6581 6581 + sizeof(struct hci_ev_logical_link_complete)), 6582 6582 + /* [0x46 = HCI_EV_DISCONN_LOGICAL_LINK_COMPLETE] */ 6583 6583 + HCI_EV(HCI_EV_DISCONN_PHY_LINK_COMPLETE, 6584 6584 + hci_disconn_phylink_complete_evt, 6585 6585 + sizeof(struct hci_ev_disconn_phy_link_complete)), 6586 6586 + #endif 6587 6587 + /* [0x48 = HCI_EV_NUM_COMP_BLOCKS] */ 6588 6588 + HCI_EV(HCI_EV_NUM_COMP_BLOCKS, hci_num_comp_blocks_evt, 6589 6589 + sizeof(struct hci_ev_num_comp_blocks)), 6590 6590 + /* [0xff = HCI_EV_VENDOR] */ 6591 6591 + HCI_EV(HCI_EV_VENDOR, msft_vendor_evt, 0), 6592 6592 + }; 6593 6593 + 6594 6594 + static void hci_event_func(struct hci_dev *hdev, u8 event, struct sk_buff *skb, 6595 6595 + u16 *opcode, u8 *status, 6596 6596 + hci_req_complete_t *req_complete, 6597 6597 + hci_req_complete_skb_t *req_complete_skb) 6598 6598 + { 6599 6599 + const struct hci_ev *ev = &hci_ev_table[event]; 6600 6600 + void *data; 6601 6601 + 6602 6602 + if (!ev->func) 6603 6603 + return; 6604 6604 + 6605 6605 + if (skb->len < ev->min_len) { 6606 6606 + bt_dev_err(hdev, "unexpected event 0x%2.2x length: %u < %u", 6607 6607 + event, skb->len, ev->min_len); 6608 6608 + return; 6609 6609 + } 6610 6610 + 6611 6611 + /* Just warn if the length is over max_len size it still be 6612 6612 + * possible to partially parse the event so leave to callback to 6613 6613 + * decide if that is acceptable. 6614 6614 + */ 6615 6615 + if (skb->len > ev->max_len) 6616 6616 + bt_dev_warn(hdev, "unexpected event 0x%2.2x length: %u > %u", 6617 6617 + event, skb->len, ev->max_len); 6618 6618 + 6619 6619 + data = hci_ev_skb_pull(hdev, skb, event, ev->min_len); 6620 6620 + if (!data) 6621 6621 + return; 6622 6622 + 6623 6623 + if (ev->req) 6624 6624 + ev->func_req(hdev, data, skb, opcode, status, req_complete, 6625 6625 + req_complete_skb); 6626 6626 + else 6627 6627 + ev->func(hdev, data, skb); 6628 6628 + } 6629 6629 + 6622 6630 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb) 6623 6631 { 6624 6632 struct hci_event_hdr *hdr = (void *) skb->data; 6625 6633 hci_req_complete_t req_complete = NULL; 6626 6634 hci_req_complete_skb_t req_complete_skb = NULL; 6627 6635 struct sk_buff *orig_skb = NULL; 6628 6628 - u8 status = 0, event = hdr->evt, req_evt = 0; 6636 6636 + u8 status = 0, event, req_evt = 0; 6629 6637 u16 opcode = HCI_OP_NOP; 6630 6638 6631 6631 - if (!event) { 6632 6632 - bt_dev_warn(hdev, "Received unexpected HCI Event 00000000"); 6639 6639 + if (skb->len < sizeof(*hdr)) { 6640 6640 + bt_dev_err(hdev, "Malformed HCI Event"); 6633 6641 goto done; 6634 6642 } 6635 6643 6636 6636 - if (hdev->sent_cmd && bt_cb(hdev->sent_cmd)->hci.req_event == event) { 6637 6637 - struct hci_command_hdr *cmd_hdr = (void *) hdev->sent_cmd->data; 6638 6638 - opcode = __le16_to_cpu(cmd_hdr->opcode); 6639 6639 - hci_req_cmd_complete(hdev, opcode, status, &req_complete, 6640 6640 - &req_complete_skb); 6644 6644 + event = hdr->evt; 6645 6645 + if (!event) { 6646 6646 + bt_dev_warn(hdev, "Received unexpected HCI Event 0x%2.2x", 6647 6647 + event); 6648 6648 + goto done; 6649 6649 + } 6650 6650 + 6651 6651 + /* Only match event if command OGF is not for LE */ 6652 6652 + if (hdev->sent_cmd && 6653 6653 + hci_opcode_ogf(hci_skb_opcode(hdev->sent_cmd)) != 0x08 && 6654 6654 + hci_skb_event(hdev->sent_cmd) == event) { 6655 6655 + hci_req_cmd_complete(hdev, hci_skb_opcode(hdev->sent_cmd), 6656 6656 + status, &req_complete, &req_complete_skb); 6641 6657 req_evt = event; 6642 6658 } 6643 6659 ··· 6882 6444 /* Store wake reason if we're suspended */ 6883 6445 hci_store_wake_reason(hdev, event, skb); 6884 6446 6885 6885 - switch (event) { 6886 6886 - case HCI_EV_INQUIRY_COMPLETE: 6887 6887 - hci_inquiry_complete_evt(hdev, skb); 6888 6888 - break; 6447 6447 + bt_dev_dbg(hdev, "event 0x%2.2x", event); 6889 6448 6890 6890 - case HCI_EV_INQUIRY_RESULT: 6891 6891 - hci_inquiry_result_evt(hdev, skb); 6892 6892 - break; 6893 6893 - 6894 6894 - case HCI_EV_CONN_COMPLETE: 6895 6895 - hci_conn_complete_evt(hdev, skb); 6896 6896 - break; 6897 6897 - 6898 6898 - case HCI_EV_CONN_REQUEST: 6899 6899 - hci_conn_request_evt(hdev, skb); 6900 6900 - break; 6901 6901 - 6902 6902 - case HCI_EV_DISCONN_COMPLETE: 6903 6903 - hci_disconn_complete_evt(hdev, skb); 6904 6904 - break; 6905 6905 - 6906 6906 - case HCI_EV_AUTH_COMPLETE: 6907 6907 - hci_auth_complete_evt(hdev, skb); 6908 6908 - break; 6909 6909 - 6910 6910 - case HCI_EV_REMOTE_NAME: 6911 6911 - hci_remote_name_evt(hdev, skb); 6912 6912 - break; 6913 6913 - 6914 6914 - case HCI_EV_ENCRYPT_CHANGE: 6915 6915 - hci_encrypt_change_evt(hdev, skb); 6916 6916 - break; 6917 6917 - 6918 6918 - case HCI_EV_CHANGE_LINK_KEY_COMPLETE: 6919 6919 - hci_change_link_key_complete_evt(hdev, skb); 6920 6920 - break; 6921 6921 - 6922 6922 - case HCI_EV_REMOTE_FEATURES: 6923 6923 - hci_remote_features_evt(hdev, skb); 6924 6924 - break; 6925 6925 - 6926 6926 - case HCI_EV_CMD_COMPLETE: 6927 6927 - hci_cmd_complete_evt(hdev, skb, &opcode, &status, 6928 6928 - &req_complete, &req_complete_skb); 6929 6929 - break; 6930 6930 - 6931 6931 - case HCI_EV_CMD_STATUS: 6932 6932 - hci_cmd_status_evt(hdev, skb, &opcode, &status, &req_complete, 6933 6933 - &req_complete_skb); 6934 6934 - break; 6935 6935 - 6936 6936 - case HCI_EV_HARDWARE_ERROR: 6937 6937 - hci_hardware_error_evt(hdev, skb); 6938 6938 - break; 6939 6939 - 6940 6940 - case HCI_EV_ROLE_CHANGE: 6941 6941 - hci_role_change_evt(hdev, skb); 6942 6942 - break; 6943 6943 - 6944 6944 - case HCI_EV_NUM_COMP_PKTS: 6945 6945 - hci_num_comp_pkts_evt(hdev, skb); 6946 6946 - break; 6947 6947 - 6948 6948 - case HCI_EV_MODE_CHANGE: 6949 6949 - hci_mode_change_evt(hdev, skb); 6950 6950 - break; 6951 6951 - 6952 6952 - case HCI_EV_PIN_CODE_REQ: 6953 6953 - hci_pin_code_request_evt(hdev, skb); 6954 6954 - break; 6955 6955 - 6956 6956 - case HCI_EV_LINK_KEY_REQ: 6957 6957 - hci_link_key_request_evt(hdev, skb); 6958 6958 - break; 6959 6959 - 6960 6960 - case HCI_EV_LINK_KEY_NOTIFY: 6961 6961 - hci_link_key_notify_evt(hdev, skb); 6962 6962 - break; 6963 6963 - 6964 6964 - case HCI_EV_CLOCK_OFFSET: 6965 6965 - hci_clock_offset_evt(hdev, skb); 6966 6966 - break; 6967 6967 - 6968 6968 - case HCI_EV_PKT_TYPE_CHANGE: 6969 6969 - hci_pkt_type_change_evt(hdev, skb); 6970 6970 - break; 6971 6971 - 6972 6972 - case HCI_EV_PSCAN_REP_MODE: 6973 6973 - hci_pscan_rep_mode_evt(hdev, skb); 6974 6974 - break; 6975 6975 - 6976 6976 - case HCI_EV_INQUIRY_RESULT_WITH_RSSI: 6977 6977 - hci_inquiry_result_with_rssi_evt(hdev, skb); 6978 6978 - break; 6979 6979 - 6980 6980 - case HCI_EV_REMOTE_EXT_FEATURES: 6981 6981 - hci_remote_ext_features_evt(hdev, skb); 6982 6982 - break; 6983 6983 - 6984 6984 - case HCI_EV_SYNC_CONN_COMPLETE: 6985 6985 - hci_sync_conn_complete_evt(hdev, skb); 6986 6986 - break; 6987 6987 - 6988 6988 - case HCI_EV_EXTENDED_INQUIRY_RESULT: 6989 6989 - hci_extended_inquiry_result_evt(hdev, skb); 6990 6990 - break; 6991 6991 - 6992 6992 - case HCI_EV_KEY_REFRESH_COMPLETE: 6993 6993 - hci_key_refresh_complete_evt(hdev, skb); 6994 6994 - break; 6995 6995 - 6996 6996 - case HCI_EV_IO_CAPA_REQUEST: 6997 6997 - hci_io_capa_request_evt(hdev, skb); 6998 6998 - break; 6999 6999 - 7000 7000 - case HCI_EV_IO_CAPA_REPLY: 7001 7001 - hci_io_capa_reply_evt(hdev, skb); 7002 7002 - break; 7003 7003 - 7004 7004 - case HCI_EV_USER_CONFIRM_REQUEST: 7005 7005 - hci_user_confirm_request_evt(hdev, skb); 7006 7006 - break; 7007 7007 - 7008 7008 - case HCI_EV_USER_PASSKEY_REQUEST: 7009 7009 - hci_user_passkey_request_evt(hdev, skb); 7010 7010 - break; 7011 7011 - 7012 7012 - case HCI_EV_USER_PASSKEY_NOTIFY: 7013 7013 - hci_user_passkey_notify_evt(hdev, skb); 7014 7014 - break; 7015 7015 - 7016 7016 - case HCI_EV_KEYPRESS_NOTIFY: 7017 7017 - hci_keypress_notify_evt(hdev, skb); 7018 7018 - break; 7019 7019 - 7020 7020 - case HCI_EV_SIMPLE_PAIR_COMPLETE: 7021 7021 - hci_simple_pair_complete_evt(hdev, skb); 7022 7022 - break; 7023 7023 - 7024 7024 - case HCI_EV_REMOTE_HOST_FEATURES: 7025 7025 - hci_remote_host_features_evt(hdev, skb); 7026 7026 - break; 7027 7027 - 7028 7028 - case HCI_EV_LE_META: 7029 7029 - hci_le_meta_evt(hdev, skb); 7030 7030 - break; 7031 7031 - 7032 7032 - case HCI_EV_REMOTE_OOB_DATA_REQUEST: 7033 7033 - hci_remote_oob_data_request_evt(hdev, skb); 7034 7034 - break; 7035 7035 - 7036 7036 - #if IS_ENABLED(CONFIG_BT_HS) 7037 7037 - case HCI_EV_CHANNEL_SELECTED: 7038 7038 - hci_chan_selected_evt(hdev, skb); 7039 7039 - break; 7040 7040 - 7041 7041 - case HCI_EV_PHY_LINK_COMPLETE: 7042 7042 - hci_phy_link_complete_evt(hdev, skb); 7043 7043 - break; 7044 7044 - 7045 7045 - case HCI_EV_LOGICAL_LINK_COMPLETE: 7046 7046 - hci_loglink_complete_evt(hdev, skb); 7047 7047 - break; 7048 7048 - 7049 7049 - case HCI_EV_DISCONN_LOGICAL_LINK_COMPLETE: 7050 7050 - hci_disconn_loglink_complete_evt(hdev, skb); 7051 7051 - break; 7052 7052 - 7053 7053 - case HCI_EV_DISCONN_PHY_LINK_COMPLETE: 7054 7054 - hci_disconn_phylink_complete_evt(hdev, skb); 7055 7055 - break; 7056 7056 - #endif 7057 7057 - 7058 7058 - case HCI_EV_NUM_COMP_BLOCKS: 7059 7059 - hci_num_comp_blocks_evt(hdev, skb); 7060 7060 - break; 7061 7061 - 7062 7062 - case HCI_EV_VENDOR: 7063 7063 - msft_vendor_evt(hdev, skb); 7064 7064 - break; 7065 7065 - 7066 7066 - default: 7067 7067 - BT_DBG("%s event 0x%2.2x", hdev->name, event); 7068 7068 - break; 7069 7069 - } 6449 6449 + hci_event_func(hdev, event, skb, &opcode, &status, &req_complete, 6450 6450 + &req_complete_skb); 7070 6451 7071 6452 if (req_complete) { 7072 6453 req_complete(hdev, status, opcode);

+3 -64

net/bluetooth/hci_request.c

reviewed

··· 111 111 } 112 112 } 113 113 114 114 - void hci_req_sync_cancel(struct hci_dev *hdev, int err) 115 115 - { 116 116 - bt_dev_dbg(hdev, "err 0x%2.2x", err); 117 117 - 118 118 - if (hdev->req_status == HCI_REQ_PEND) { 119 119 - hdev->req_result = err; 120 120 - hdev->req_status = HCI_REQ_CANCELED; 121 121 - wake_up_interruptible(&hdev->req_wait_q); 122 122 - } 123 123 - } 124 124 - 125 114 /* Execute request and wait for completion. */ 126 115 int __hci_req_sync(struct hci_dev *hdev, int (*func)(struct hci_request *req, 127 116 unsigned long opt), ··· 481 492 } 482 493 483 494 /* During suspend, only wakeable devices can be in accept list */ 484 484 - if (hdev->suspended && !hci_conn_test_flag(HCI_CONN_FLAG_REMOTE_WAKEUP, 485 485 - params->current_flags)) 495 495 + if (hdev->suspended && 496 496 + !test_bit(HCI_CONN_FLAG_REMOTE_WAKEUP, params->flags)) 486 497 return 0; 487 498 488 499 *num_entries += 1; ··· 816 827 hdev->adv_instance_timeout = 0; 817 828 cancel_delayed_work(&hdev->adv_instance_expire); 818 829 } 819 819 - } 820 820 - 821 821 - /* This function requires the caller holds hdev->lock */ 822 822 - void __hci_req_pause_adv_instances(struct hci_request *req) 823 823 - { 824 824 - bt_dev_dbg(req->hdev, "Pausing advertising instances"); 825 825 - 826 826 - /* Call to disable any advertisements active on the controller. 827 827 - * This will succeed even if no advertisements are configured. 828 828 - */ 829 829 - __hci_req_disable_advertising(req); 830 830 - 831 831 - /* If we are using software rotation, pause the loop */ 832 832 - if (!ext_adv_capable(req->hdev)) 833 833 - cancel_adv_timeout(req->hdev); 834 834 - } 835 835 - 836 836 - /* This function requires the caller holds hdev->lock */ 837 837 - static void __hci_req_resume_adv_instances(struct hci_request *req) 838 838 - { 839 839 - struct adv_info *adv; 840 840 - 841 841 - bt_dev_dbg(req->hdev, "Resuming advertising instances"); 842 842 - 843 843 - if (ext_adv_capable(req->hdev)) { 844 844 - /* Call for each tracked instance to be re-enabled */ 845 845 - list_for_each_entry(adv, &req->hdev->adv_instances, list) { 846 846 - __hci_req_enable_ext_advertising(req, 847 847 - adv->instance); 848 848 - } 849 849 - 850 850 - } else { 851 851 - /* Schedule for most recent instance to be restarted and begin 852 852 - * the software rotation loop 853 853 - */ 854 854 - __hci_req_schedule_adv_instance(req, 855 855 - req->hdev->cur_adv_instance, 856 856 - true); 857 857 - } 858 858 - } 859 859 - 860 860 - /* This function requires the caller holds hdev->lock */ 861 861 - int hci_req_resume_adv_instances(struct hci_dev *hdev) 862 862 - { 863 863 - struct hci_request req; 864 864 - 865 865 - hci_req_init(&req, hdev); 866 866 - __hci_req_resume_adv_instances(&req); 867 867 - 868 868 - return hci_req_run(&req, NULL); 869 830 } 870 831 871 832 static bool adv_cur_instance_is_scannable(struct hci_dev *hdev) ··· 2642 2703 2643 2704 void hci_request_cancel_all(struct hci_dev *hdev) 2644 2705 { 2645 2645 - hci_req_sync_cancel(hdev, ENODEV); 2706 2706 + __hci_cmd_sync_cancel(hdev, ENODEV); 2646 2707 2647 2708 cancel_work_sync(&hdev->discov_update); 2648 2709 cancel_work_sync(&hdev->scan_update);

-3

net/bluetooth/hci_request.h

reviewed

··· 64 64 int __hci_req_sync(struct hci_dev *hdev, int (*func)(struct hci_request *req, 65 65 unsigned long opt), 66 66 unsigned long opt, u32 timeout, u8 *hci_status); 67 67 - void hci_req_sync_cancel(struct hci_dev *hdev, int err); 68 67 69 68 struct sk_buff *hci_prepare_cmd(struct hci_dev *hdev, u16 opcode, u32 plen, 70 69 const void *param); ··· 80 81 void hci_req_prepare_suspend(struct hci_dev *hdev, enum suspended_state next); 81 82 82 83 void hci_req_disable_address_resolution(struct hci_dev *hdev); 83 83 - void __hci_req_pause_adv_instances(struct hci_request *req); 84 84 - int hci_req_resume_adv_instances(struct hci_dev *hdev); 85 84 void hci_req_reenable_advertising(struct hci_dev *hdev); 86 85 void __hci_req_enable_advertising(struct hci_request *req); 87 86 void __hci_req_disable_advertising(struct hci_request *req);

+375 -16

net/bluetooth/hci_sync.c

reviewed

··· 103 103 if (skb_queue_empty(&req->cmd_q)) 104 104 bt_cb(skb)->hci.req_flags |= HCI_REQ_START; 105 105 106 106 - bt_cb(skb)->hci.req_event = event; 106 106 + hci_skb_event(skb) = event; 107 107 108 108 skb_queue_tail(&req->cmd_q, skb); 109 109 } ··· 313 313 } 314 314 } 315 315 316 316 + static void hci_cmd_sync_cancel_work(struct work_struct *work) 317 317 + { 318 318 + struct hci_dev *hdev = container_of(work, struct hci_dev, cmd_sync_cancel_work); 319 319 + 320 320 + cancel_delayed_work_sync(&hdev->cmd_timer); 321 321 + cancel_delayed_work_sync(&hdev->ncmd_timer); 322 322 + atomic_set(&hdev->cmd_cnt, 1); 323 323 + 324 324 + wake_up_interruptible(&hdev->req_wait_q); 325 325 + } 326 326 + 316 327 void hci_cmd_sync_init(struct hci_dev *hdev) 317 328 { 318 329 INIT_WORK(&hdev->cmd_sync_work, hci_cmd_sync_work); 319 330 INIT_LIST_HEAD(&hdev->cmd_sync_work_list); 320 331 mutex_init(&hdev->cmd_sync_work_lock); 332 332 + 333 333 + INIT_WORK(&hdev->cmd_sync_cancel_work, hci_cmd_sync_cancel_work); 321 334 } 322 335 323 336 void hci_cmd_sync_clear(struct hci_dev *hdev) ··· 347 334 kfree(entry); 348 335 } 349 336 } 337 337 + 338 338 + void __hci_cmd_sync_cancel(struct hci_dev *hdev, int err) 339 339 + { 340 340 + bt_dev_dbg(hdev, "err 0x%2.2x", err); 341 341 + 342 342 + if (hdev->req_status == HCI_REQ_PEND) { 343 343 + hdev->req_result = err; 344 344 + hdev->req_status = HCI_REQ_CANCELED; 345 345 + 346 346 + cancel_delayed_work_sync(&hdev->cmd_timer); 347 347 + cancel_delayed_work_sync(&hdev->ncmd_timer); 348 348 + atomic_set(&hdev->cmd_cnt, 1); 349 349 + 350 350 + wake_up_interruptible(&hdev->req_wait_q); 351 351 + } 352 352 + } 353 353 + 354 354 + void hci_cmd_sync_cancel(struct hci_dev *hdev, int err) 355 355 + { 356 356 + bt_dev_dbg(hdev, "err 0x%2.2x", err); 357 357 + 358 358 + if (hdev->req_status == HCI_REQ_PEND) { 359 359 + hdev->req_result = err; 360 360 + hdev->req_status = HCI_REQ_CANCELED; 361 361 + 362 362 + queue_work(hdev->workqueue, &hdev->cmd_sync_cancel_work); 363 363 + } 364 364 + } 365 365 + EXPORT_SYMBOL(hci_cmd_sync_cancel); 350 366 351 367 int hci_cmd_sync_queue(struct hci_dev *hdev, hci_cmd_sync_work_func_t func, 352 368 void *data, hci_cmd_sync_work_destroy_t destroy) ··· 1622 1580 sizeof(cp), &cp, HCI_CMD_TIMEOUT); 1623 1581 } 1624 1582 1583 1583 + /* Set Device Privacy Mode. */ 1584 1584 + static int hci_le_set_privacy_mode_sync(struct hci_dev *hdev, 1585 1585 + struct hci_conn_params *params) 1586 1586 + { 1587 1587 + struct hci_cp_le_set_privacy_mode cp; 1588 1588 + struct smp_irk *irk; 1589 1589 + 1590 1590 + /* If device privacy mode has already been set there is nothing to do */ 1591 1591 + if (params->privacy_mode == HCI_DEVICE_PRIVACY) 1592 1592 + return 0; 1593 1593 + 1594 1594 + /* Check if HCI_CONN_FLAG_DEVICE_PRIVACY has been set as it also 1595 1595 + * indicates that LL Privacy has been enabled and 1596 1596 + * HCI_OP_LE_SET_PRIVACY_MODE is supported. 1597 1597 + */ 1598 1598 + if (!test_bit(HCI_CONN_FLAG_DEVICE_PRIVACY, params->flags)) 1599 1599 + return 0; 1600 1600 + 1601 1601 + irk = hci_find_irk_by_addr(hdev, &params->addr, params->addr_type); 1602 1602 + if (!irk) 1603 1603 + return 0; 1604 1604 + 1605 1605 + memset(&cp, 0, sizeof(cp)); 1606 1606 + cp.bdaddr_type = irk->addr_type; 1607 1607 + bacpy(&cp.bdaddr, &irk->bdaddr); 1608 1608 + cp.mode = HCI_DEVICE_PRIVACY; 1609 1609 + 1610 1610 + return __hci_cmd_sync_status(hdev, HCI_OP_LE_SET_PRIVACY_MODE, 1611 1611 + sizeof(cp), &cp, HCI_CMD_TIMEOUT); 1612 1612 + } 1613 1613 + 1625 1614 /* Adds connection to allow list if needed, if the device uses RPA (has IRK) 1626 1626 - * this attempts to program the device in the resolving list as well. 1615 1615 + * this attempts to program the device in the resolving list as well and 1616 1616 + * properly set the privacy mode. 1627 1617 */ 1628 1618 static int hci_le_add_accept_list_sync(struct hci_dev *hdev, 1629 1619 struct hci_conn_params *params, ··· 1663 1589 { 1664 1590 struct hci_cp_le_add_to_accept_list cp; 1665 1591 int err; 1666 1666 - 1667 1667 - /* Already in accept list */ 1668 1668 - if (hci_bdaddr_list_lookup(&hdev->le_accept_list, &params->addr, 1669 1669 - params->addr_type)) 1670 1670 - return 0; 1671 1592 1672 1593 /* Select filter policy to accept all advertising */ 1673 1594 if (*num_entries >= hdev->le_accept_list_size) ··· 1675 1606 } 1676 1607 1677 1608 /* During suspend, only wakeable devices can be in acceptlist */ 1678 1678 - if (hdev->suspended && !hci_conn_test_flag(HCI_CONN_FLAG_REMOTE_WAKEUP, 1679 1679 - params->current_flags)) 1609 1609 + if (hdev->suspended && 1610 1610 + !test_bit(HCI_CONN_FLAG_REMOTE_WAKEUP, params->flags)) 1680 1611 return 0; 1681 1612 1682 1613 /* Attempt to program the device in the resolving list first to avoid ··· 1688 1619 bt_dev_err(hdev, "Unable to add to resolve list: %d", err); 1689 1620 return err; 1690 1621 } 1622 1622 + 1623 1623 + /* Set Privacy Mode */ 1624 1624 + err = hci_le_set_privacy_mode_sync(hdev, params); 1625 1625 + if (err) { 1626 1626 + bt_dev_err(hdev, "Unable to set privacy mode: %d", err); 1627 1627 + return err; 1628 1628 + } 1629 1629 + 1630 1630 + /* Check if already in accept list */ 1631 1631 + if (hci_bdaddr_list_lookup(&hdev->le_accept_list, &params->addr, 1632 1632 + params->addr_type)) 1633 1633 + return 0; 1691 1634 1692 1635 *num_entries += 1; 1693 1636 cp.bdaddr_type = params->addr_type; ··· 1726 1645 int err; 1727 1646 int old_state; 1728 1647 1729 1729 - /* If there are no instances or advertising has already been paused 1730 1730 - * there is nothing to do. 1731 1731 - */ 1732 1732 - if (!hdev->adv_instance_cnt || hdev->advertising_paused) 1648 1648 + /* If already been paused there is nothing to do. */ 1649 1649 + if (hdev->advertising_paused) 1733 1650 return 0; 1734 1651 1735 1652 bt_dev_dbg(hdev, "Pausing directed advertising"); ··· 3362 3283 /* Read LE Min/Max Tx Power*/ 3363 3284 static int hci_le_read_tx_power_sync(struct hci_dev *hdev) 3364 3285 { 3365 3365 - if (!(hdev->commands[38] & 0x80)) 3286 3286 + if (!(hdev->commands[38] & 0x80) || 3287 3287 + test_bit(HCI_QUIRK_BROKEN_READ_TRANSMIT_POWER, &hdev->quirks)) 3366 3288 return 0; 3367 3289 3368 3290 return __hci_cmd_sync_status(hdev, HCI_OP_LE_READ_TRANSMIT_POWER, ··· 4829 4749 hci_clear_event_filter_sync(hdev); 4830 4750 4831 4751 list_for_each_entry(b, &hdev->accept_list, list) { 4832 4832 - if (!hci_conn_test_flag(HCI_CONN_FLAG_REMOTE_WAKEUP, 4833 4833 - b->current_flags)) 4752 4752 + if (!test_bit(HCI_CONN_FLAG_REMOTE_WAKEUP, b->flags)) 4834 4753 continue; 4835 4754 4836 4755 bt_dev_dbg(hdev, "Adding event filters for %pMR", &b->bdaddr); ··· 4998 4919 hci_resume_discovery_sync(hdev); 4999 4920 5000 4921 return 0; 4922 4922 + } 4923 4923 + 4924 4924 + static bool conn_use_rpa(struct hci_conn *conn) 4925 4925 + { 4926 4926 + struct hci_dev *hdev = conn->hdev; 4927 4927 + 4928 4928 + return hci_dev_test_flag(hdev, HCI_PRIVACY); 4929 4929 + } 4930 4930 + 4931 4931 + static int hci_le_ext_directed_advertising_sync(struct hci_dev *hdev, 4932 4932 + struct hci_conn *conn) 4933 4933 + { 4934 4934 + struct hci_cp_le_set_ext_adv_params cp; 4935 4935 + int err; 4936 4936 + bdaddr_t random_addr; 4937 4937 + u8 own_addr_type; 4938 4938 + 4939 4939 + err = hci_update_random_address_sync(hdev, false, conn_use_rpa(conn), 4940 4940 + &own_addr_type); 4941 4941 + if (err) 4942 4942 + return err; 4943 4943 + 4944 4944 + /* Set require_privacy to false so that the remote device has a 4945 4945 + * chance of identifying us. 4946 4946 + */ 4947 4947 + err = hci_get_random_address(hdev, false, conn_use_rpa(conn), NULL, 4948 4948 + &own_addr_type, &random_addr); 4949 4949 + if (err) 4950 4950 + return err; 4951 4951 + 4952 4952 + memset(&cp, 0, sizeof(cp)); 4953 4953 + 4954 4954 + cp.evt_properties = cpu_to_le16(LE_LEGACY_ADV_DIRECT_IND); 4955 4955 + cp.own_addr_type = own_addr_type; 4956 4956 + cp.channel_map = hdev->le_adv_channel_map; 4957 4957 + cp.tx_power = HCI_TX_POWER_INVALID; 4958 4958 + cp.primary_phy = HCI_ADV_PHY_1M; 4959 4959 + cp.secondary_phy = HCI_ADV_PHY_1M; 4960 4960 + cp.handle = 0x00; /* Use instance 0 for directed adv */ 4961 4961 + cp.own_addr_type = own_addr_type; 4962 4962 + cp.peer_addr_type = conn->dst_type; 4963 4963 + bacpy(&cp.peer_addr, &conn->dst); 4964 4964 + 4965 4965 + /* As per Core Spec 5.2 Vol 2, PART E, Sec 7.8.53, for 4966 4966 + * advertising_event_property LE_LEGACY_ADV_DIRECT_IND 4967 4967 + * does not supports advertising data when the advertising set already 4968 4968 + * contains some, the controller shall return erroc code 'Invalid 4969 4969 + * HCI Command Parameters(0x12). 4970 4970 + * So it is required to remove adv set for handle 0x00. since we use 4971 4971 + * instance 0 for directed adv. 4972 4972 + */ 4973 4973 + err = hci_remove_ext_adv_instance_sync(hdev, cp.handle, NULL); 4974 4974 + if (err) 4975 4975 + return err; 4976 4976 + 4977 4977 + err = __hci_cmd_sync_status(hdev, HCI_OP_LE_SET_EXT_ADV_PARAMS, 4978 4978 + sizeof(cp), &cp, HCI_CMD_TIMEOUT); 4979 4979 + if (err) 4980 4980 + return err; 4981 4981 + 4982 4982 + /* Check if random address need to be updated */ 4983 4983 + if (own_addr_type == ADDR_LE_DEV_RANDOM && 4984 4984 + bacmp(&random_addr, BDADDR_ANY) && 4985 4985 + bacmp(&random_addr, &hdev->random_addr)) { 4986 4986 + err = hci_set_adv_set_random_addr_sync(hdev, 0x00, 4987 4987 + &random_addr); 4988 4988 + if (err) 4989 4989 + return err; 4990 4990 + } 4991 4991 + 4992 4992 + return hci_enable_ext_advertising_sync(hdev, 0x00); 4993 4993 + } 4994 4994 + 4995 4995 + static int hci_le_directed_advertising_sync(struct hci_dev *hdev, 4996 4996 + struct hci_conn *conn) 4997 4997 + { 4998 4998 + struct hci_cp_le_set_adv_param cp; 4999 4999 + u8 status; 5000 5000 + u8 own_addr_type; 5001 5001 + u8 enable; 5002 5002 + 5003 5003 + if (ext_adv_capable(hdev)) 5004 5004 + return hci_le_ext_directed_advertising_sync(hdev, conn); 5005 5005 + 5006 5006 + /* Clear the HCI_LE_ADV bit temporarily so that the 5007 5007 + * hci_update_random_address knows that it's safe to go ahead 5008 5008 + * and write a new random address. The flag will be set back on 5009 5009 + * as soon as the SET_ADV_ENABLE HCI command completes. 5010 5010 + */ 5011 5011 + hci_dev_clear_flag(hdev, HCI_LE_ADV); 5012 5012 + 5013 5013 + /* Set require_privacy to false so that the remote device has a 5014 5014 + * chance of identifying us. 5015 5015 + */ 5016 5016 + status = hci_update_random_address_sync(hdev, false, conn_use_rpa(conn), 5017 5017 + &own_addr_type); 5018 5018 + if (status) 5019 5019 + return status; 5020 5020 + 5021 5021 + memset(&cp, 0, sizeof(cp)); 5022 5022 + 5023 5023 + /* Some controllers might reject command if intervals are not 5024 5024 + * within range for undirected advertising. 5025 5025 + * BCM20702A0 is known to be affected by this. 5026 5026 + */ 5027 5027 + cp.min_interval = cpu_to_le16(0x0020); 5028 5028 + cp.max_interval = cpu_to_le16(0x0020); 5029 5029 + 5030 5030 + cp.type = LE_ADV_DIRECT_IND; 5031 5031 + cp.own_address_type = own_addr_type; 5032 5032 + cp.direct_addr_type = conn->dst_type; 5033 5033 + bacpy(&cp.direct_addr, &conn->dst); 5034 5034 + cp.channel_map = hdev->le_adv_channel_map; 5035 5035 + 5036 5036 + status = __hci_cmd_sync_status(hdev, HCI_OP_LE_SET_ADV_PARAM, 5037 5037 + sizeof(cp), &cp, HCI_CMD_TIMEOUT); 5038 5038 + if (status) 5039 5039 + return status; 5040 5040 + 5041 5041 + enable = 0x01; 5042 5042 + 5043 5043 + return __hci_cmd_sync_status(hdev, HCI_OP_LE_SET_ADV_ENABLE, 5044 5044 + sizeof(enable), &enable, HCI_CMD_TIMEOUT); 5045 5045 + } 5046 5046 + 5047 5047 + static void set_ext_conn_params(struct hci_conn *conn, 5048 5048 + struct hci_cp_le_ext_conn_param *p) 5049 5049 + { 5050 5050 + struct hci_dev *hdev = conn->hdev; 5051 5051 + 5052 5052 + memset(p, 0, sizeof(*p)); 5053 5053 + 5054 5054 + p->scan_interval = cpu_to_le16(hdev->le_scan_int_connect); 5055 5055 + p->scan_window = cpu_to_le16(hdev->le_scan_window_connect); 5056 5056 + p->conn_interval_min = cpu_to_le16(conn->le_conn_min_interval); 5057 5057 + p->conn_interval_max = cpu_to_le16(conn->le_conn_max_interval); 5058 5058 + p->conn_latency = cpu_to_le16(conn->le_conn_latency); 5059 5059 + p->supervision_timeout = cpu_to_le16(conn->le_supv_timeout); 5060 5060 + p->min_ce_len = cpu_to_le16(0x0000); 5061 5061 + p->max_ce_len = cpu_to_le16(0x0000); 5062 5062 + } 5063 5063 + 5064 5064 + int hci_le_ext_create_conn_sync(struct hci_dev *hdev, struct hci_conn *conn, 5065 5065 + u8 own_addr_type) 5066 5066 + { 5067 5067 + struct hci_cp_le_ext_create_conn *cp; 5068 5068 + struct hci_cp_le_ext_conn_param *p; 5069 5069 + u8 data[sizeof(*cp) + sizeof(*p) * 3]; 5070 5070 + u32 plen; 5071 5071 + 5072 5072 + cp = (void *)data; 5073 5073 + p = (void *)cp->data; 5074 5074 + 5075 5075 + memset(cp, 0, sizeof(*cp)); 5076 5076 + 5077 5077 + bacpy(&cp->peer_addr, &conn->dst); 5078 5078 + cp->peer_addr_type = conn->dst_type; 5079 5079 + cp->own_addr_type = own_addr_type; 5080 5080 + 5081 5081 + plen = sizeof(*cp); 5082 5082 + 5083 5083 + if (scan_1m(hdev)) { 5084 5084 + cp->phys |= LE_SCAN_PHY_1M; 5085 5085 + set_ext_conn_params(conn, p); 5086 5086 + 5087 5087 + p++; 5088 5088 + plen += sizeof(*p); 5089 5089 + } 5090 5090 + 5091 5091 + if (scan_2m(hdev)) { 5092 5092 + cp->phys |= LE_SCAN_PHY_2M; 5093 5093 + set_ext_conn_params(conn, p); 5094 5094 + 5095 5095 + p++; 5096 5096 + plen += sizeof(*p); 5097 5097 + } 5098 5098 + 5099 5099 + if (scan_coded(hdev)) { 5100 5100 + cp->phys |= LE_SCAN_PHY_CODED; 5101 5101 + set_ext_conn_params(conn, p); 5102 5102 + 5103 5103 + plen += sizeof(*p); 5104 5104 + } 5105 5105 + 5106 5106 + return __hci_cmd_sync_status_sk(hdev, HCI_OP_LE_EXT_CREATE_CONN, 5107 5107 + plen, data, 5108 5108 + HCI_EV_LE_ENHANCED_CONN_COMPLETE, 5109 5109 + HCI_CMD_TIMEOUT, NULL); 5110 5110 + } 5111 5111 + 5112 5112 + int hci_le_create_conn_sync(struct hci_dev *hdev, struct hci_conn *conn) 5113 5113 + { 5114 5114 + struct hci_cp_le_create_conn cp; 5115 5115 + struct hci_conn_params *params; 5116 5116 + u8 own_addr_type; 5117 5117 + int err; 5118 5118 + 5119 5119 + /* If requested to connect as peripheral use directed advertising */ 5120 5120 + if (conn->role == HCI_ROLE_SLAVE) { 5121 5121 + /* If we're active scanning and simultaneous roles is not 5122 5122 + * enabled simply reject the attempt. 5123 5123 + */ 5124 5124 + if (hci_dev_test_flag(hdev, HCI_LE_SCAN) && 5125 5125 + hdev->le_scan_type == LE_SCAN_ACTIVE && 5126 5126 + !hci_dev_test_flag(hdev, HCI_LE_SIMULTANEOUS_ROLES)) { 5127 5127 + hci_conn_del(conn); 5128 5128 + return -EBUSY; 5129 5129 + } 5130 5130 + 5131 5131 + /* Pause advertising while doing directed advertising. */ 5132 5132 + hci_pause_advertising_sync(hdev); 5133 5133 + 5134 5134 + err = hci_le_directed_advertising_sync(hdev, conn); 5135 5135 + goto done; 5136 5136 + } 5137 5137 + 5138 5138 + /* Disable advertising if simultaneous roles is not in use. */ 5139 5139 + if (!hci_dev_test_flag(hdev, HCI_LE_SIMULTANEOUS_ROLES)) 5140 5140 + hci_pause_advertising_sync(hdev); 5141 5141 + 5142 5142 + params = hci_conn_params_lookup(hdev, &conn->dst, conn->dst_type); 5143 5143 + if (params) { 5144 5144 + conn->le_conn_min_interval = params->conn_min_interval; 5145 5145 + conn->le_conn_max_interval = params->conn_max_interval; 5146 5146 + conn->le_conn_latency = params->conn_latency; 5147 5147 + conn->le_supv_timeout = params->supervision_timeout; 5148 5148 + } else { 5149 5149 + conn->le_conn_min_interval = hdev->le_conn_min_interval; 5150 5150 + conn->le_conn_max_interval = hdev->le_conn_max_interval; 5151 5151 + conn->le_conn_latency = hdev->le_conn_latency; 5152 5152 + conn->le_supv_timeout = hdev->le_supv_timeout; 5153 5153 + } 5154 5154 + 5155 5155 + /* If controller is scanning, we stop it since some controllers are 5156 5156 + * not able to scan and connect at the same time. Also set the 5157 5157 + * HCI_LE_SCAN_INTERRUPTED flag so that the command complete 5158 5158 + * handler for scan disabling knows to set the correct discovery 5159 5159 + * state. 5160 5160 + */ 5161 5161 + if (hci_dev_test_flag(hdev, HCI_LE_SCAN)) { 5162 5162 + hci_scan_disable_sync(hdev); 5163 5163 + hci_dev_set_flag(hdev, HCI_LE_SCAN_INTERRUPTED); 5164 5164 + } 5165 5165 + 5166 5166 + /* Update random address, but set require_privacy to false so 5167 5167 + * that we never connect with an non-resolvable address. 5168 5168 + */ 5169 5169 + err = hci_update_random_address_sync(hdev, false, conn_use_rpa(conn), 5170 5170 + &own_addr_type); 5171 5171 + if (err) 5172 5172 + goto done; 5173 5173 + 5174 5174 + if (use_ext_conn(hdev)) { 5175 5175 + err = hci_le_ext_create_conn_sync(hdev, conn, own_addr_type); 5176 5176 + goto done; 5177 5177 + } 5178 5178 + 5179 5179 + memset(&cp, 0, sizeof(cp)); 5180 5180 + 5181 5181 + cp.scan_interval = cpu_to_le16(hdev->le_scan_int_connect); 5182 5182 + cp.scan_window = cpu_to_le16(hdev->le_scan_window_connect); 5183 5183 + 5184 5184 + bacpy(&cp.peer_addr, &conn->dst); 5185 5185 + cp.peer_addr_type = conn->dst_type; 5186 5186 + cp.own_address_type = own_addr_type; 5187 5187 + cp.conn_interval_min = cpu_to_le16(conn->le_conn_min_interval); 5188 5188 + cp.conn_interval_max = cpu_to_le16(conn->le_conn_max_interval); 5189 5189 + cp.conn_latency = cpu_to_le16(conn->le_conn_latency); 5190 5190 + cp.supervision_timeout = cpu_to_le16(conn->le_supv_timeout); 5191 5191 + cp.min_ce_len = cpu_to_le16(0x0000); 5192 5192 + cp.max_ce_len = cpu_to_le16(0x0000); 5193 5193 + 5194 5194 + err = __hci_cmd_sync_status_sk(hdev, HCI_OP_LE_CREATE_CONN, 5195 5195 + sizeof(cp), &cp, HCI_EV_LE_CONN_COMPLETE, 5196 5196 + HCI_CMD_TIMEOUT, NULL); 5197 5197 + 5198 5198 + done: 5199 5199 + /* Re-enable advertising after the connection attempt is finished. */ 5200 5200 + hci_resume_advertising_sync(hdev); 5201 5201 + return err; 5001 5202 }

+1 -1

net/bluetooth/l2cap_core.c

reviewed

··· 7905 7905 hcon = hci_connect_le(hdev, dst, dst_type, false, 7906 7906 chan->sec_level, 7907 7907 HCI_LE_CONN_TIMEOUT, 7908 7908 - HCI_ROLE_SLAVE, NULL); 7908 7908 + HCI_ROLE_SLAVE); 7909 7909 else 7910 7910 hcon = hci_connect_le_scan(hdev, dst, dst_type, 7911 7911 chan->sec_level,

+10 -2

net/bluetooth/l2cap_sock.c

reviewed

··· 161 161 break; 162 162 } 163 163 164 164 - if (chan->psm && bdaddr_type_is_le(chan->src_type)) 164 164 + /* Use L2CAP_MODE_LE_FLOWCTL (CoC) in case of LE address and 165 165 + * L2CAP_MODE_EXT_FLOWCTL (ECRED) has not been set. 166 166 + */ 167 167 + if (chan->psm && bdaddr_type_is_le(chan->src_type) && 168 168 + chan->mode != L2CAP_MODE_EXT_FLOWCTL) 165 169 chan->mode = L2CAP_MODE_LE_FLOWCTL; 166 170 167 171 chan->state = BT_BOUND; ··· 259 255 return -EINVAL; 260 256 } 261 257 262 262 - if (chan->psm && bdaddr_type_is_le(chan->src_type) && !chan->mode) 258 258 + /* Use L2CAP_MODE_LE_FLOWCTL (CoC) in case of LE address and 259 259 + * L2CAP_MODE_EXT_FLOWCTL (ECRED) has not been set. 260 260 + */ 261 261 + if (chan->psm && bdaddr_type_is_le(chan->src_type) && 262 262 + chan->mode != L2CAP_MODE_EXT_FLOWCTL) 263 263 chan->mode = L2CAP_MODE_LE_FLOWCTL; 264 264 265 265 l2cap_sock_init_pid(sk);

+170 -93

net/bluetooth/mgmt.c

reviewed

··· 335 335 HCI_SOCK_TRUSTED, skip_sk); 336 336 } 337 337 338 338 + static int mgmt_event_skb(struct sk_buff *skb, struct sock *skip_sk) 339 339 + { 340 340 + return mgmt_send_event_skb(HCI_CHANNEL_CONTROL, skb, HCI_SOCK_TRUSTED, 341 341 + skip_sk); 342 342 + } 343 343 + 338 344 static u8 le_addr_type(u8 mgmt_addr_type) 339 345 { 340 346 if (mgmt_addr_type == BDADDR_LE_PUBLIC) ··· 3882 3876 }; 3883 3877 3884 3878 /* 671b10b5-42c0-4696-9227-eb28d1b049d6 */ 3885 3885 - static const u8 simult_central_periph_uuid[16] = { 3879 3879 + static const u8 le_simultaneous_roles_uuid[16] = { 3886 3880 0xd6, 0x49, 0xb0, 0xd1, 0x28, 0xeb, 0x27, 0x92, 3887 3881 0x96, 0x46, 0xc0, 0x42, 0xb5, 0x10, 0x1b, 0x67, 3888 3882 }; ··· 3915 3909 } 3916 3910 #endif 3917 3911 3918 3918 - if (hdev) { 3919 3919 - if (test_bit(HCI_QUIRK_VALID_LE_STATES, &hdev->quirks) && 3920 3920 - (hdev->le_states[4] & 0x08) && /* Central */ 3921 3921 - (hdev->le_states[4] & 0x40) && /* Peripheral */ 3922 3922 - (hdev->le_states[3] & 0x10)) /* Simultaneous */ 3912 3912 + if (hdev && hci_dev_le_state_simultaneous(hdev)) { 3913 3913 + if (hci_dev_test_flag(hdev, HCI_LE_SIMULTANEOUS_ROLES)) 3923 3914 flags = BIT(0); 3924 3915 else 3925 3916 flags = 0; 3926 3917 3927 3927 - memcpy(rp->features[idx].uuid, simult_central_periph_uuid, 16); 3918 3918 + memcpy(rp->features[idx].uuid, le_simultaneous_roles_uuid, 16); 3928 3919 rp->features[idx].flags = cpu_to_le32(flags); 3929 3920 idx++; 3930 3921 } ··· 3981 3978 memcpy(ev.uuid, rpa_resolution_uuid, 16); 3982 3979 ev.flags = cpu_to_le32((enabled ? BIT(0) : 0) | BIT(1)); 3983 3980 3981 3981 + if (enabled && privacy_mode_capable(hdev)) 3982 3982 + set_bit(HCI_CONN_FLAG_DEVICE_PRIVACY, hdev->conn_flags); 3983 3983 + else 3984 3984 + clear_bit(HCI_CONN_FLAG_DEVICE_PRIVACY, hdev->conn_flags); 3985 3985 + 3984 3986 return mgmt_limited_event(MGMT_EV_EXP_FEATURE_CHANGED, hdev, 3985 3987 &ev, sizeof(ev), 3986 3988 HCI_MGMT_EXP_FEATURE_EVENTS, skip); 3987 3989 3988 3990 } 3989 3991 3990 3990 - #ifdef CONFIG_BT_FEATURE_DEBUG 3991 3991 - static int exp_debug_feature_changed(bool enabled, struct sock *skip) 3992 3992 + static int exp_feature_changed(struct hci_dev *hdev, const u8 *uuid, 3993 3993 + bool enabled, struct sock *skip) 3992 3994 { 3993 3995 struct mgmt_ev_exp_feature_changed ev; 3994 3996 3995 3997 memset(&ev, 0, sizeof(ev)); 3996 3996 - memcpy(ev.uuid, debug_uuid, 16); 3997 3997 - ev.flags = cpu_to_le32(enabled ? BIT(0) : 0); 3998 3998 - 3999 3999 - return mgmt_limited_event(MGMT_EV_EXP_FEATURE_CHANGED, NULL, 4000 4000 - &ev, sizeof(ev), 4001 4001 - HCI_MGMT_EXP_FEATURE_EVENTS, skip); 4002 4002 - } 4003 4003 - #endif 4004 4004 - 4005 4005 - static int exp_quality_report_feature_changed(bool enabled, 4006 4006 - struct hci_dev *hdev, 4007 4007 - struct sock *skip) 4008 4008 - { 4009 4009 - struct mgmt_ev_exp_feature_changed ev; 4010 4010 - 4011 4011 - memset(&ev, 0, sizeof(ev)); 4012 4012 - memcpy(ev.uuid, quality_report_uuid, 16); 3998 3998 + memcpy(ev.uuid, uuid, 16); 4013 3999 ev.flags = cpu_to_le32(enabled ? BIT(0) : 0); 4014 4000 4015 4001 return mgmt_limited_event(MGMT_EV_EXP_FEATURE_CHANGED, hdev, ··· 4028 4036 bt_dbg_set(false); 4029 4037 4030 4038 if (changed) 4031 4031 - exp_debug_feature_changed(false, sk); 4039 4039 + exp_feature_changed(NULL, ZERO_KEY, false, sk); 4032 4040 } 4033 4041 #endif 4034 4042 4035 4043 if (hdev && use_ll_privacy(hdev) && !hdev_is_powered(hdev)) { 4036 4036 - bool changed = hci_dev_test_flag(hdev, HCI_ENABLE_LL_PRIVACY); 4044 4044 + bool changed; 4037 4045 4038 4038 - hci_dev_clear_flag(hdev, HCI_ENABLE_LL_PRIVACY); 4039 4039 - 4046 4046 + changed = hci_dev_test_and_clear_flag(hdev, 4047 4047 + HCI_ENABLE_LL_PRIVACY); 4040 4048 if (changed) 4041 4041 - exp_ll_privacy_feature_changed(false, hdev, sk); 4049 4049 + exp_feature_changed(hdev, rpa_resolution_uuid, false, 4050 4050 + sk); 4042 4051 } 4043 4052 4044 4053 hci_sock_set_flag(sk, HCI_MGMT_EXP_FEATURE_EVENTS); ··· 4090 4097 &rp, sizeof(rp)); 4091 4098 4092 4099 if (changed) 4093 4093 - exp_debug_feature_changed(val, sk); 4100 4100 + exp_feature_changed(hdev, debug_uuid, val, sk); 4094 4101 4095 4102 return err; 4096 4103 } ··· 4132 4139 val = !!cp->param[0]; 4133 4140 4134 4141 if (val) { 4135 4135 - changed = !hci_dev_test_flag(hdev, HCI_ENABLE_LL_PRIVACY); 4136 4136 - hci_dev_set_flag(hdev, HCI_ENABLE_LL_PRIVACY); 4142 4142 + changed = !hci_dev_test_and_set_flag(hdev, 4143 4143 + HCI_ENABLE_LL_PRIVACY); 4137 4144 hci_dev_clear_flag(hdev, HCI_ADVERTISING); 4138 4145 4139 4146 /* Enable LL privacy + supported settings changed */ 4140 4147 flags = BIT(0) | BIT(1); 4141 4148 } else { 4142 4142 - changed = hci_dev_test_flag(hdev, HCI_ENABLE_LL_PRIVACY); 4143 4143 - hci_dev_clear_flag(hdev, HCI_ENABLE_LL_PRIVACY); 4149 4149 + changed = hci_dev_test_and_clear_flag(hdev, 4150 4150 + HCI_ENABLE_LL_PRIVACY); 4144 4151 4145 4152 /* Disable LL privacy + supported settings changed */ 4146 4153 flags = BIT(1); ··· 4228 4235 &rp, sizeof(rp)); 4229 4236 4230 4237 if (changed) 4231 4231 - exp_quality_report_feature_changed(val, hdev, sk); 4238 4238 + exp_feature_changed(hdev, quality_report_uuid, val, sk); 4232 4239 4233 4240 unlock_quality_report: 4234 4241 hci_req_sync_unlock(hdev); 4235 4242 return err; 4236 4236 - } 4237 4237 - 4238 4238 - static int exp_offload_codec_feature_changed(bool enabled, struct hci_dev *hdev, 4239 4239 - struct sock *skip) 4240 4240 - { 4241 4241 - struct mgmt_ev_exp_feature_changed ev; 4242 4242 - 4243 4243 - memset(&ev, 0, sizeof(ev)); 4244 4244 - memcpy(ev.uuid, offload_codecs_uuid, 16); 4245 4245 - ev.flags = cpu_to_le32(enabled ? BIT(0) : 0); 4246 4246 - 4247 4247 - return mgmt_limited_event(MGMT_EV_EXP_FEATURE_CHANGED, hdev, 4248 4248 - &ev, sizeof(ev), 4249 4249 - HCI_MGMT_EXP_FEATURE_EVENTS, skip); 4250 4243 } 4251 4244 4252 4245 static int set_offload_codec_func(struct sock *sk, struct hci_dev *hdev, ··· 4288 4309 &rp, sizeof(rp)); 4289 4310 4290 4311 if (changed) 4291 4291 - exp_offload_codec_feature_changed(val, hdev, sk); 4312 4312 + exp_feature_changed(hdev, offload_codecs_uuid, val, sk); 4313 4313 + 4314 4314 + return err; 4315 4315 + } 4316 4316 + 4317 4317 + static int set_le_simultaneous_roles_func(struct sock *sk, struct hci_dev *hdev, 4318 4318 + struct mgmt_cp_set_exp_feature *cp, 4319 4319 + u16 data_len) 4320 4320 + { 4321 4321 + bool val, changed; 4322 4322 + int err; 4323 4323 + struct mgmt_rp_set_exp_feature rp; 4324 4324 + 4325 4325 + /* Command requires to use a valid controller index */ 4326 4326 + if (!hdev) 4327 4327 + return mgmt_cmd_status(sk, MGMT_INDEX_NONE, 4328 4328 + MGMT_OP_SET_EXP_FEATURE, 4329 4329 + MGMT_STATUS_INVALID_INDEX); 4330 4330 + 4331 4331 + /* Parameters are limited to a single octet */ 4332 4332 + if (data_len != MGMT_SET_EXP_FEATURE_SIZE + 1) 4333 4333 + return mgmt_cmd_status(sk, hdev->id, 4334 4334 + MGMT_OP_SET_EXP_FEATURE, 4335 4335 + MGMT_STATUS_INVALID_PARAMS); 4336 4336 + 4337 4337 + /* Only boolean on/off is supported */ 4338 4338 + if (cp->param[0] != 0x00 && cp->param[0] != 0x01) 4339 4339 + return mgmt_cmd_status(sk, hdev->id, 4340 4340 + MGMT_OP_SET_EXP_FEATURE, 4341 4341 + MGMT_STATUS_INVALID_PARAMS); 4342 4342 + 4343 4343 + val = !!cp->param[0]; 4344 4344 + changed = (val != hci_dev_test_flag(hdev, HCI_LE_SIMULTANEOUS_ROLES)); 4345 4345 + 4346 4346 + if (!hci_dev_le_state_simultaneous(hdev)) { 4347 4347 + return mgmt_cmd_status(sk, hdev->id, 4348 4348 + MGMT_OP_SET_EXP_FEATURE, 4349 4349 + MGMT_STATUS_NOT_SUPPORTED); 4350 4350 + } 4351 4351 + 4352 4352 + if (changed) { 4353 4353 + if (val) 4354 4354 + hci_dev_set_flag(hdev, HCI_LE_SIMULTANEOUS_ROLES); 4355 4355 + else 4356 4356 + hci_dev_clear_flag(hdev, HCI_LE_SIMULTANEOUS_ROLES); 4357 4357 + } 4358 4358 + 4359 4359 + bt_dev_info(hdev, "LE simultaneous roles enable %d changed %d", 4360 4360 + val, changed); 4361 4361 + 4362 4362 + memcpy(rp.uuid, le_simultaneous_roles_uuid, 16); 4363 4363 + rp.flags = cpu_to_le32(val ? BIT(0) : 0); 4364 4364 + hci_sock_set_flag(sk, HCI_MGMT_EXP_FEATURE_EVENTS); 4365 4365 + err = mgmt_cmd_complete(sk, hdev->id, 4366 4366 + MGMT_OP_SET_EXP_FEATURE, 0, 4367 4367 + &rp, sizeof(rp)); 4368 4368 + 4369 4369 + if (changed) 4370 4370 + exp_feature_changed(hdev, le_simultaneous_roles_uuid, val, sk); 4292 4371 4293 4372 return err; 4294 4373 } ··· 4363 4326 EXP_FEAT(rpa_resolution_uuid, set_rpa_resolution_func), 4364 4327 EXP_FEAT(quality_report_uuid, set_quality_report_func), 4365 4328 EXP_FEAT(offload_codecs_uuid, set_offload_codec_func), 4329 4329 + EXP_FEAT(le_simultaneous_roles_uuid, set_le_simultaneous_roles_func), 4366 4330 4367 4331 /* end with a null feature */ 4368 4332 EXP_FEAT(NULL, NULL) ··· 4387 4349 MGMT_STATUS_NOT_SUPPORTED); 4388 4350 } 4389 4351 4390 4390 - #define SUPPORTED_DEVICE_FLAGS() ((1U << HCI_CONN_FLAG_MAX) - 1) 4391 4391 - 4392 4352 static int get_device_flags(struct sock *sk, struct hci_dev *hdev, void *data, 4393 4353 u16 data_len) 4394 4354 { ··· 4394 4358 struct mgmt_rp_get_device_flags rp; 4395 4359 struct bdaddr_list_with_flags *br_params; 4396 4360 struct hci_conn_params *params; 4397 4397 - u32 supported_flags = SUPPORTED_DEVICE_FLAGS(); 4361 4361 + u32 supported_flags; 4398 4362 u32 current_flags = 0; 4399 4363 u8 status = MGMT_STATUS_INVALID_PARAMS; 4400 4364 ··· 4402 4366 &cp->addr.bdaddr, cp->addr.type); 4403 4367 4404 4368 hci_dev_lock(hdev); 4369 4369 + 4370 4370 + bitmap_to_arr32(&supported_flags, hdev->conn_flags, 4371 4371 + __HCI_CONN_NUM_FLAGS); 4405 4372 4406 4373 memset(&rp, 0, sizeof(rp)); 4407 4374 ··· 4415 4376 if (!br_params) 4416 4377 goto done; 4417 4378 4418 4418 - current_flags = br_params->current_flags; 4379 4379 + bitmap_to_arr32(&current_flags, br_params->flags, 4380 4380 + __HCI_CONN_NUM_FLAGS); 4419 4381 } else { 4420 4382 params = hci_conn_params_lookup(hdev, &cp->addr.bdaddr, 4421 4383 le_addr_type(cp->addr.type)); ··· 4424 4384 if (!params) 4425 4385 goto done; 4426 4386 4427 4427 - current_flags = params->current_flags; 4387 4387 + bitmap_to_arr32(&current_flags, params->flags, 4388 4388 + __HCI_CONN_NUM_FLAGS); 4428 4389 } 4429 4390 4430 4391 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr); ··· 4463 4422 struct bdaddr_list_with_flags *br_params; 4464 4423 struct hci_conn_params *params; 4465 4424 u8 status = MGMT_STATUS_INVALID_PARAMS; 4466 4466 - u32 supported_flags = SUPPORTED_DEVICE_FLAGS(); 4425 4425 + u32 supported_flags; 4467 4426 u32 current_flags = __le32_to_cpu(cp->current_flags); 4468 4427 4469 4428 bt_dev_dbg(hdev, "Set device flags %pMR (type 0x%x) = 0x%x", 4470 4429 &cp->addr.bdaddr, cp->addr.type, 4471 4430 __le32_to_cpu(current_flags)); 4431 4431 + 4432 4432 + bitmap_to_arr32(&supported_flags, hdev->conn_flags, 4433 4433 + __HCI_CONN_NUM_FLAGS); 4472 4434 4473 4435 if ((supported_flags | current_flags) != supported_flags) { 4474 4436 bt_dev_warn(hdev, "Bad flag given (0x%x) vs supported (0x%0x)", ··· 4487 4443 cp->addr.type); 4488 4444 4489 4445 if (br_params) { 4490 4490 - br_params->current_flags = current_flags; 4446 4446 + bitmap_from_u64(br_params->flags, current_flags); 4491 4447 status = MGMT_STATUS_SUCCESS; 4492 4448 } else { 4493 4449 bt_dev_warn(hdev, "No such BR/EDR device %pMR (0x%x)", ··· 4497 4453 params = hci_conn_params_lookup(hdev, &cp->addr.bdaddr, 4498 4454 le_addr_type(cp->addr.type)); 4499 4455 if (params) { 4500 4500 - params->current_flags = current_flags; 4456 4456 + bitmap_from_u64(params->flags, current_flags); 4501 4457 status = MGMT_STATUS_SUCCESS; 4458 4458 + 4459 4459 + /* Update passive scan if HCI_CONN_FLAG_DEVICE_PRIVACY 4460 4460 + * has been set. 4461 4461 + */ 4462 4462 + if (test_bit(HCI_CONN_FLAG_DEVICE_PRIVACY, 4463 4463 + params->flags)) 4464 4464 + hci_update_passive_scan(hdev); 4502 4465 } else { 4503 4466 bt_dev_warn(hdev, "No such LE device %pMR (0x%x)", 4504 4467 &cp->addr.bdaddr, ··· 7030 6979 struct hci_conn_params *params; 7031 6980 int err; 7032 6981 u32 current_flags = 0; 6982 6982 + u32 supported_flags; 7033 6983 7034 6984 bt_dev_dbg(hdev, "sock %p", sk); 7035 6985 ··· 7102 7050 params = hci_conn_params_lookup(hdev, &cp->addr.bdaddr, 7103 7051 addr_type); 7104 7052 if (params) 7105 7105 - current_flags = params->current_flags; 7053 7053 + bitmap_to_arr32(&current_flags, params->flags, 7054 7054 + __HCI_CONN_NUM_FLAGS); 7106 7055 } 7107 7056 7108 7057 err = hci_cmd_sync_queue(hdev, add_device_sync, NULL, NULL); ··· 7112 7059 7113 7060 added: 7114 7061 device_added(sk, hdev, &cp->addr.bdaddr, cp->addr.type, cp->action); 7062 7062 + bitmap_to_arr32(&supported_flags, hdev->conn_flags, 7063 7063 + __HCI_CONN_NUM_FLAGS); 7115 7064 device_flags_changed(NULL, hdev, &cp->addr.bdaddr, cp->addr.type, 7116 7116 - SUPPORTED_DEVICE_FLAGS(), current_flags); 7065 7065 + supported_flags, current_flags); 7117 7066 7118 7067 err = mgmt_cmd_complete(sk, hdev->id, MGMT_OP_ADD_DEVICE, 7119 7068 MGMT_STATUS_SUCCESS, &cp->addr, ··· 9054 8999 void mgmt_device_connected(struct hci_dev *hdev, struct hci_conn *conn, 9055 9000 u8 *name, u8 name_len) 9056 9001 { 9057 9057 - char buf[512]; 9058 9058 - struct mgmt_ev_device_connected *ev = (void *) buf; 9002 9002 + struct sk_buff *skb; 9003 9003 + struct mgmt_ev_device_connected *ev; 9059 9004 u16 eir_len = 0; 9060 9005 u32 flags = 0; 9061 9006 9007 9007 + if (conn->le_adv_data_len > 0) 9008 9008 + skb = mgmt_alloc_skb(hdev, MGMT_EV_DEVICE_CONNECTED, 9009 9009 + conn->le_adv_data_len); 9010 9010 + else 9011 9011 + skb = mgmt_alloc_skb(hdev, MGMT_EV_DEVICE_CONNECTED, 9012 9012 + 2 + name_len + 5); 9013 9013 + 9014 9014 + ev = skb_put(skb, sizeof(*ev)); 9062 9015 bacpy(&ev->addr.bdaddr, &conn->dst); 9063 9016 ev->addr.type = link_to_bdaddr(conn->type, conn->dst_type); 9064 9017 ··· 9080 9017 * adding any BR/EDR data to the LE adv. 9081 9018 */ 9082 9019 if (conn->le_adv_data_len > 0) { 9083 9083 - memcpy(&ev->eir[eir_len], 9084 9084 - conn->le_adv_data, conn->le_adv_data_len); 9020 9020 + skb_put_data(skb, conn->le_adv_data, conn->le_adv_data_len); 9085 9021 eir_len = conn->le_adv_data_len; 9086 9022 } else { 9087 9087 - if (name_len > 0) 9023 9023 + if (name_len > 0) { 9088 9024 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, 9089 9025 name, name_len); 9026 9026 + skb_put(skb, eir_len); 9027 9027 + } 9090 9028 9091 9091 - if (memcmp(conn->dev_class, "\0\0\0", 3) != 0) 9029 9029 + if (memcmp(conn->dev_class, "\0\0\0", 3) != 0) { 9092 9030 eir_len = eir_append_data(ev->eir, eir_len, 9093 9031 EIR_CLASS_OF_DEV, 9094 9032 conn->dev_class, 3); 9033 9033 + skb_put(skb, 5); 9034 9034 + } 9095 9035 } 9096 9036 9097 9037 ev->eir_len = cpu_to_le16(eir_len); 9098 9038 9099 9099 - mgmt_event(MGMT_EV_DEVICE_CONNECTED, hdev, buf, 9100 9100 - sizeof(*ev) + eir_len, NULL); 9039 9039 + mgmt_event_skb(skb, NULL); 9101 9040 } 9102 9041 9103 9042 static void disconnect_rsp(struct mgmt_pending_cmd *cmd, void *data) ··· 9593 9528 u8 addr_type, u8 *dev_class, s8 rssi, u32 flags, 9594 9529 u8 *eir, u16 eir_len, u8 *scan_rsp, u8 scan_rsp_len) 9595 9530 { 9596 9596 - char buf[512]; 9597 9597 - struct mgmt_ev_device_found *ev = (void *)buf; 9598 9598 - size_t ev_size; 9531 9531 + struct sk_buff *skb; 9532 9532 + struct mgmt_ev_device_found *ev; 9599 9533 9600 9534 /* Don't send events for a non-kernel initiated discovery. With 9601 9535 * LE one exception is if we have pend_le_reports > 0 in which ··· 9629 9565 } 9630 9566 } 9631 9567 9632 9632 - /* Make sure that the buffer is big enough. The 5 extra bytes 9633 9633 - * are for the potential CoD field. 9634 9634 - */ 9635 9635 - if (sizeof(*ev) + eir_len + scan_rsp_len + 5 > sizeof(buf)) 9568 9568 + /* Allocate skb. The 5 extra bytes are for the potential CoD field */ 9569 9569 + skb = mgmt_alloc_skb(hdev, MGMT_EV_DEVICE_FOUND, 9570 9570 + sizeof(*ev) + eir_len + scan_rsp_len + 5); 9571 9571 + if (!skb) 9636 9572 return; 9637 9573 9638 9638 - memset(buf, 0, sizeof(buf)); 9574 9574 + ev = skb_put(skb, sizeof(*ev)); 9639 9575 9640 9576 /* In case of device discovery with BR/EDR devices (pre 1.2), the 9641 9577 * RSSI value was reported as 0 when not available. This behavior ··· 9656 9592 9657 9593 if (eir_len > 0) 9658 9594 /* Copy EIR or advertising data into event */ 9659 9659 - memcpy(ev->eir, eir, eir_len); 9595 9595 + skb_put_data(skb, eir, eir_len); 9660 9596 9661 9661 - if (dev_class && !eir_get_data(ev->eir, eir_len, EIR_CLASS_OF_DEV, 9662 9662 - NULL)) 9663 9663 - eir_len = eir_append_data(ev->eir, eir_len, EIR_CLASS_OF_DEV, 9664 9664 - dev_class, 3); 9597 9597 + if (dev_class && !eir_get_data(eir, eir_len, EIR_CLASS_OF_DEV, NULL)) { 9598 9598 + u8 eir_cod[5]; 9599 9599 + 9600 9600 + eir_len += eir_append_data(eir_cod, 0, EIR_CLASS_OF_DEV, 9601 9601 + dev_class, 3); 9602 9602 + skb_put_data(skb, eir_cod, sizeof(eir_cod)); 9603 9603 + } 9665 9604 9666 9605 if (scan_rsp_len > 0) 9667 9606 /* Append scan response data to event */ 9668 9668 - memcpy(ev->eir + eir_len, scan_rsp, scan_rsp_len); 9607 9607 + skb_put_data(skb, scan_rsp, scan_rsp_len); 9669 9608 9670 9609 ev->eir_len = cpu_to_le16(eir_len + scan_rsp_len); 9671 9671 - ev_size = sizeof(*ev) + eir_len + scan_rsp_len; 9672 9610 9673 9673 - mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, ev_size, NULL); 9611 9611 + mgmt_event_skb(skb, NULL); 9674 9612 } 9675 9613 9676 9614 void mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type, 9677 9615 u8 addr_type, s8 rssi, u8 *name, u8 name_len) 9678 9616 { 9617 9617 + struct sk_buff *skb; 9679 9618 struct mgmt_ev_device_found *ev; 9680 9680 - char buf[sizeof(*ev) + HCI_MAX_NAME_LENGTH + 2]; 9681 9619 u16 eir_len; 9620 9620 + u32 flags; 9682 9621 9683 9683 - ev = (struct mgmt_ev_device_found *) buf; 9622 9622 + if (name_len) 9623 9623 + skb = mgmt_alloc_skb(hdev, MGMT_EV_DEVICE_FOUND, 2 + name_len); 9624 9624 + else 9625 9625 + skb = mgmt_alloc_skb(hdev, MGMT_EV_DEVICE_FOUND, 0); 9684 9626 9685 9685 - memset(buf, 0, sizeof(buf)); 9686 9686 - 9627 9627 + ev = skb_put(skb, sizeof(*ev)); 9687 9628 bacpy(&ev->addr.bdaddr, bdaddr); 9688 9629 ev->addr.type = link_to_bdaddr(link_type, addr_type); 9689 9630 ev->rssi = rssi; 9690 9631 9691 9691 - eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name, 9692 9692 - name_len); 9632 9632 + if (name) { 9633 9633 + eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name, 9634 9634 + name_len); 9635 9635 + flags = 0; 9636 9636 + skb_put(skb, eir_len); 9637 9637 + } else { 9638 9638 + eir_len = 0; 9639 9639 + flags = MGMT_DEV_FOUND_NAME_REQUEST_FAILED; 9640 9640 + } 9693 9641 9694 9642 ev->eir_len = cpu_to_le16(eir_len); 9643 9643 + ev->flags = cpu_to_le32(flags); 9695 9644 9696 9696 - mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, sizeof(*ev) + eir_len, NULL); 9645 9645 + mgmt_event_skb(skb, NULL); 9697 9646 } 9698 9647 9699 9648 void mgmt_discovering(struct hci_dev *hdev, u8 discovering)

+49 -17

net/bluetooth/mgmt_util.c

reviewed

··· 56 56 return skb; 57 57 } 58 58 59 59 - int mgmt_send_event(u16 event, struct hci_dev *hdev, unsigned short channel, 60 60 - void *data, u16 data_len, int flag, struct sock *skip_sk) 59 59 + struct sk_buff *mgmt_alloc_skb(struct hci_dev *hdev, u16 opcode, 60 60 + unsigned int size) 61 61 { 62 62 struct sk_buff *skb; 63 63 - struct mgmt_hdr *hdr; 64 63 65 65 - skb = alloc_skb(sizeof(*hdr) + data_len, GFP_KERNEL); 64 64 + skb = alloc_skb(sizeof(struct mgmt_hdr) + size, GFP_KERNEL); 66 65 if (!skb) 67 67 - return -ENOMEM; 66 66 + return skb; 68 67 69 69 - hdr = skb_put(skb, sizeof(*hdr)); 70 70 - hdr->opcode = cpu_to_le16(event); 71 71 - if (hdev) 72 72 - hdr->index = cpu_to_le16(hdev->id); 73 73 - else 74 74 - hdr->index = cpu_to_le16(MGMT_INDEX_NONE); 75 75 - hdr->len = cpu_to_le16(data_len); 68 68 + skb_reserve(skb, sizeof(struct mgmt_hdr)); 69 69 + bt_cb(skb)->mgmt.hdev = hdev; 70 70 + bt_cb(skb)->mgmt.opcode = opcode; 76 71 77 77 - if (data) 78 78 - skb_put_data(skb, data, data_len); 72 72 + return skb; 73 73 + } 74 74 + 75 75 + int mgmt_send_event_skb(unsigned short channel, struct sk_buff *skb, int flag, 76 76 + struct sock *skip_sk) 77 77 + { 78 78 + struct hci_dev *hdev; 79 79 + struct mgmt_hdr *hdr; 80 80 + int len = skb->len; 81 81 + 82 82 + if (!skb) 83 83 + return -EINVAL; 84 84 + 85 85 + hdev = bt_cb(skb)->mgmt.hdev; 79 86 80 87 /* Time stamp */ 81 88 __net_timestamp(skb); 82 89 83 83 - hci_send_to_channel(channel, skb, flag, skip_sk); 84 84 - 90 90 + /* Send just the data, without headers, to the monitor */ 85 91 if (channel == HCI_CHANNEL_CONTROL) 86 86 - hci_send_monitor_ctrl_event(hdev, event, data, data_len, 92 92 + hci_send_monitor_ctrl_event(hdev, bt_cb(skb)->mgmt.opcode, 93 93 + skb->data, skb->len, 87 94 skb_get_ktime(skb), flag, skip_sk); 95 95 + 96 96 + hdr = skb_push(skb, sizeof(*hdr)); 97 97 + hdr->opcode = cpu_to_le16(bt_cb(skb)->mgmt.opcode); 98 98 + if (hdev) 99 99 + hdr->index = cpu_to_le16(hdev->id); 100 100 + else 101 101 + hdr->index = cpu_to_le16(MGMT_INDEX_NONE); 102 102 + hdr->len = cpu_to_le16(len); 103 103 + 104 104 + hci_send_to_channel(channel, skb, flag, skip_sk); 88 105 89 106 kfree_skb(skb); 90 107 return 0; 108 108 + } 109 109 + 110 110 + int mgmt_send_event(u16 event, struct hci_dev *hdev, unsigned short channel, 111 111 + void *data, u16 data_len, int flag, struct sock *skip_sk) 112 112 + { 113 113 + struct sk_buff *skb; 114 114 + 115 115 + skb = mgmt_alloc_skb(hdev, event, data_len); 116 116 + if (!skb) 117 117 + return -ENOMEM; 118 118 + 119 119 + if (data) 120 120 + skb_put_data(skb, data, data_len); 121 121 + 122 122 + return mgmt_send_event_skb(channel, skb, flag, skip_sk); 91 123 } 92 124 93 125 int mgmt_cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)

+4

net/bluetooth/mgmt_util.h

reviewed

··· 32 32 int (*cmd_complete)(struct mgmt_pending_cmd *cmd, u8 status); 33 33 }; 34 34 35 35 + struct sk_buff *mgmt_alloc_skb(struct hci_dev *hdev, u16 opcode, 36 36 + unsigned int size); 37 37 + int mgmt_send_event_skb(unsigned short channel, struct sk_buff *skb, int flag, 38 38 + struct sock *skip_sk); 35 39 int mgmt_send_event(u16 event, struct hci_dev *hdev, unsigned short channel, 36 40 void *data, u16 data_len, int flag, struct sock *skip_sk); 37 41 int mgmt_cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status);

+1 -1

net/bluetooth/msft.c

reviewed

··· 590 590 kfree(msft); 591 591 } 592 592 593 593 - void msft_vendor_evt(struct hci_dev *hdev, struct sk_buff *skb) 593 593 + void msft_vendor_evt(struct hci_dev *hdev, void *data, struct sk_buff *skb) 594 594 { 595 595 struct msft_data *msft = hdev->msft_data; 596 596 u8 event;

+3 -2

net/bluetooth/msft.h

reviewed

··· 17 17 void msft_unregister(struct hci_dev *hdev); 18 18 void msft_do_open(struct hci_dev *hdev); 19 19 void msft_do_close(struct hci_dev *hdev); 20 20 - void msft_vendor_evt(struct hci_dev *hdev, struct sk_buff *skb); 20 20 + void msft_vendor_evt(struct hci_dev *hdev, void *data, struct sk_buff *skb); 21 21 __u64 msft_get_features(struct hci_dev *hdev); 22 22 int msft_add_monitor_pattern(struct hci_dev *hdev, struct adv_monitor *monitor); 23 23 int msft_remove_monitor(struct hci_dev *hdev, struct adv_monitor *monitor, ··· 39 39 static inline void msft_unregister(struct hci_dev *hdev) {} 40 40 static inline void msft_do_open(struct hci_dev *hdev) {} 41 41 static inline void msft_do_close(struct hci_dev *hdev) {} 42 42 - static inline void msft_vendor_evt(struct hci_dev *hdev, struct sk_buff *skb) {} 42 42 + static inline void msft_vendor_evt(struct hci_dev *hdev, void *data, 43 43 + struct sk_buff *skb) {} 43 44 static inline __u64 msft_get_features(struct hci_dev *hdev) { return 0; } 44 45 static inline int msft_add_monitor_pattern(struct hci_dev *hdev, 45 46 struct adv_monitor *monitor)

+24

net/core/skbuff.c

reviewed

··· 2024 2024 EXPORT_SYMBOL(skb_pull); 2025 2025 2026 2026 /** 2027 2027 + * skb_pull_data - remove data from the start of a buffer returning its 2028 2028 + * original position. 2029 2029 + * @skb: buffer to use 2030 2030 + * @len: amount of data to remove 2031 2031 + * 2032 2032 + * This function removes data from the start of a buffer, returning 2033 2033 + * the memory to the headroom. A pointer to the original data in the buffer 2034 2034 + * is returned after checking if there is enough data to pull. Once the 2035 2035 + * data has been pulled future pushes will overwrite the old data. 2036 2036 + */ 2037 2037 + void *skb_pull_data(struct sk_buff *skb, size_t len) 2038 2038 + { 2039 2039 + void *data = skb->data; 2040 2040 + 2041 2041 + if (skb->len < len) 2042 2042 + return NULL; 2043 2043 + 2044 2044 + skb_pull(skb, len); 2045 2045 + 2046 2046 + return data; 2047 2047 + } 2048 2048 + EXPORT_SYMBOL(skb_pull_data); 2049 2049 + 2050 2050 + /** 2027 2051 * skb_trim - remove end from a buffer 2028 2052 * @skb: buffer to alter 2029 2053 * @len: new length