1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23 */
24
25 /* Bluetooth HCI connection handling. */
26
27 #include <linux/module.h>
28
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
39 #include <net/sock.h>
40
41 #include <asm/system.h>
42 #include <asm/uaccess.h>
43 #include <asm/unaligned.h>
44
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
47
48 #ifndef CONFIG_BT_HCI_CORE_DEBUG
49 #undef BT_DBG
50 #define BT_DBG(D...)
51 #endif
52
53 void hci_acl_connect(struct hci_conn *conn)
54 {
55 struct hci_dev *hdev = conn->hdev;
56 struct inquiry_entry *ie;
57 struct hci_cp_create_conn cp;
58
59 BT_DBG("%p", conn);
60
61 conn->state = BT_CONNECT;
62 conn->out = 1;
63 conn->link_mode = HCI_LM_MASTER;
64
65 conn->attempt++;
66
67 memset(&cp, 0, sizeof(cp));
68 bacpy(&cp.bdaddr, &conn->dst);
69 cp.pscan_rep_mode = 0x02;
70
71 if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst)) &&
72 inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) {
73 cp.pscan_rep_mode = ie->data.pscan_rep_mode;
74 cp.pscan_mode = ie->data.pscan_mode;
75 cp.clock_offset = ie->data.clock_offset | cpu_to_le16(0x8000);
76 memcpy(conn->dev_class, ie->data.dev_class, 3);
77 }
78
79 cp.pkt_type = cpu_to_le16(hdev->pkt_type & ACL_PTYPE_MASK);
80 if (lmp_rswitch_capable(hdev) && !(hdev->link_mode & HCI_LM_MASTER))
81 cp.role_switch = 0x01;
82 else
83 cp.role_switch = 0x00;
84
85 hci_send_cmd(hdev, HCI_OP_CREATE_CONN, sizeof(cp), &cp);
86 }
87
88 static void hci_acl_connect_cancel(struct hci_conn *conn)
89 {
90 struct hci_cp_create_conn_cancel cp;
91
92 BT_DBG("%p", conn);
93
94 if (conn->hdev->hci_ver < 2)
95 return;
96
97 bacpy(&cp.bdaddr, &conn->dst);
98 hci_send_cmd(conn->hdev, HCI_OP_CREATE_CONN_CANCEL, sizeof(cp), &cp);
99 }
100
101 void hci_acl_disconn(struct hci_conn *conn, __u8 reason)
102 {
103 struct hci_cp_disconnect cp;
104
105 BT_DBG("%p", conn);
106
107 conn->state = BT_DISCONN;
108
109 cp.handle = cpu_to_le16(conn->handle);
110 cp.reason = reason;
111 hci_send_cmd(conn->hdev, HCI_OP_DISCONNECT, sizeof(cp), &cp);
112 }
113
114 void hci_add_sco(struct hci_conn *conn, __u16 handle)
115 {
116 struct hci_dev *hdev = conn->hdev;
117 struct hci_cp_add_sco cp;
118
119 BT_DBG("%p", conn);
120
121 conn->state = BT_CONNECT;
122 conn->out = 1;
123
124 cp.handle = cpu_to_le16(handle);
125 cp.pkt_type = cpu_to_le16(hdev->pkt_type & SCO_PTYPE_MASK);
126
127 hci_send_cmd(hdev, HCI_OP_ADD_SCO, sizeof(cp), &cp);
128 }
129
130 void hci_setup_sync(struct hci_conn *conn, __u16 handle)
131 {
132 struct hci_dev *hdev = conn->hdev;
133 struct hci_cp_setup_sync_conn cp;
134
135 BT_DBG("%p", conn);
136
137 conn->state = BT_CONNECT;
138 conn->out = 1;
139
140 cp.handle = cpu_to_le16(handle);
141 cp.pkt_type = cpu_to_le16(hdev->esco_type);
142
143 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
144 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
145 cp.max_latency = cpu_to_le16(0xffff);
146 cp.voice_setting = cpu_to_le16(hdev->voice_setting);
147 cp.retrans_effort = 0xff;
148
149 hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp);
150 }
151
152 static void hci_conn_timeout(unsigned long arg)
153 {
154 struct hci_conn *conn = (void *) arg;
155 struct hci_dev *hdev = conn->hdev;
156
157 BT_DBG("conn %p state %d", conn, conn->state);
158
159 if (atomic_read(&conn->refcnt))
160 return;
161
162 hci_dev_lock(hdev);
163
164 switch (conn->state) {
165 case BT_CONNECT:
166 if (conn->type == ACL_LINK)
167 hci_acl_connect_cancel(conn);
168 else
169 hci_acl_disconn(conn, 0x13);
170 break;
171 case BT_CONNECTED:
172 hci_acl_disconn(conn, 0x13);
173 break;
174 default:
175 conn->state = BT_CLOSED;
176 break;
177 }
178
179 hci_dev_unlock(hdev);
180 }
181
182 static void hci_conn_idle(unsigned long arg)
183 {
184 struct hci_conn *conn = (void *) arg;
185
186 BT_DBG("conn %p mode %d", conn, conn->mode);
187
188 hci_conn_enter_sniff_mode(conn);
189 }
190
191 struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst)
192 {
193 struct hci_conn *conn;
194
195 BT_DBG("%s dst %s", hdev->name, batostr(dst));
196
197 conn = kzalloc(sizeof(struct hci_conn), GFP_ATOMIC);
198 if (!conn)
199 return NULL;
200
201 bacpy(&conn->dst, dst);
202 conn->hdev = hdev;
203 conn->type = type;
204 conn->mode = HCI_CM_ACTIVE;
205 conn->state = BT_OPEN;
206
207 conn->power_save = 1;
208
209 skb_queue_head_init(&conn->data_q);
210
211 setup_timer(&conn->disc_timer, hci_conn_timeout, (unsigned long)conn);
212 setup_timer(&conn->idle_timer, hci_conn_idle, (unsigned long)conn);
213
214 atomic_set(&conn->refcnt, 0);
215
216 hci_dev_hold(hdev);
217
218 tasklet_disable(&hdev->tx_task);
219
220 hci_conn_hash_add(hdev, conn);
221 if (hdev->notify)
222 hdev->notify(hdev, HCI_NOTIFY_CONN_ADD);
223
224 hci_conn_add_sysfs(conn);
225
226 tasklet_enable(&hdev->tx_task);
227
228 return conn;
229 }
230
231 int hci_conn_del(struct hci_conn *conn)
232 {
233 struct hci_dev *hdev = conn->hdev;
234
235 BT_DBG("%s conn %p handle %d", hdev->name, conn, conn->handle);
236
237 del_timer(&conn->idle_timer);
238
239 del_timer(&conn->disc_timer);
240
241 if (conn->type == ACL_LINK) {
242 struct hci_conn *sco = conn->link;
243 if (sco)
244 sco->link = NULL;
245
246 /* Unacked frames */
247 hdev->acl_cnt += conn->sent;
248 } else {
249 struct hci_conn *acl = conn->link;
250 if (acl) {
251 acl->link = NULL;
252 hci_conn_put(acl);
253 }
254 }
255
256 tasklet_disable(&hdev->tx_task);
257 hci_conn_hash_del(hdev, conn);
258 if (hdev->notify)
259 hdev->notify(hdev, HCI_NOTIFY_CONN_DEL);
260 tasklet_enable(&hdev->tx_task);
261 skb_queue_purge(&conn->data_q);
262 hci_conn_del_sysfs(conn);
263
264 return 0;
265 }
266
267 struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
268 {
269 int use_src = bacmp(src, BDADDR_ANY);
270 struct hci_dev *hdev = NULL;
271 struct list_head *p;
272
273 BT_DBG("%s -> %s", batostr(src), batostr(dst));
274
275 read_lock_bh(&hci_dev_list_lock);
276
277 list_for_each(p, &hci_dev_list) {
278 struct hci_dev *d = list_entry(p, struct hci_dev, list);
279
280 if (!test_bit(HCI_UP, &d->flags) || test_bit(HCI_RAW, &d->flags))
281 continue;
282
283 /* Simple routing:
284 * No source address - find interface with bdaddr != dst
285 * Source address - find interface with bdaddr == src
286 */
287
288 if (use_src) {
289 if (!bacmp(&d->bdaddr, src)) {
290 hdev = d; break;
291 }
292 } else {
293 if (bacmp(&d->bdaddr, dst)) {
294 hdev = d; break;
295 }
296 }
297 }
298
299 if (hdev)
300 hdev = hci_dev_hold(hdev);
301
302 read_unlock_bh(&hci_dev_list_lock);
303 return hdev;
304 }
305 EXPORT_SYMBOL(hci_get_route);
306
307 /* Create SCO or ACL connection.
308 * Device _must_ be locked */
309 struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst)
310 {
311 struct hci_conn *acl;
312 struct hci_conn *sco;
313
314 BT_DBG("%s dst %s", hdev->name, batostr(dst));
315
316 if (!(acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst))) {
317 if (!(acl = hci_conn_add(hdev, ACL_LINK, dst)))
318 return NULL;
319 }
320
321 hci_conn_hold(acl);
322
323 if (acl->state == BT_OPEN || acl->state == BT_CLOSED)
324 hci_acl_connect(acl);
325
326 if (type == ACL_LINK)
327 return acl;
328
329 if (!(sco = hci_conn_hash_lookup_ba(hdev, type, dst))) {
330 if (!(sco = hci_conn_add(hdev, type, dst))) {
331 hci_conn_put(acl);
332 return NULL;
333 }
334 }
335
336 acl->link = sco;
337 sco->link = acl;
338
339 hci_conn_hold(sco);
340
341 if (acl->state == BT_CONNECTED &&
342 (sco->state == BT_OPEN || sco->state == BT_CLOSED)) {
343 if (lmp_esco_capable(hdev))
344 hci_setup_sync(sco, acl->handle);
345 else
346 hci_add_sco(sco, acl->handle);
347 }
348
349 return sco;
350 }
351 EXPORT_SYMBOL(hci_connect);
352
353 /* Authenticate remote device */
354 int hci_conn_auth(struct hci_conn *conn)
355 {
356 BT_DBG("conn %p", conn);
357
358 if (conn->link_mode & HCI_LM_AUTH)
359 return 1;
360
361 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
362 struct hci_cp_auth_requested cp;
363 cp.handle = cpu_to_le16(conn->handle);
364 hci_send_cmd(conn->hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
365 }
366 return 0;
367 }
368 EXPORT_SYMBOL(hci_conn_auth);
369
370 /* Enable encryption */
371 int hci_conn_encrypt(struct hci_conn *conn)
372 {
373 BT_DBG("conn %p", conn);
374
375 if (conn->link_mode & HCI_LM_ENCRYPT)
376 return 1;
377
378 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend))
379 return 0;
380
381 if (hci_conn_auth(conn)) {
382 struct hci_cp_set_conn_encrypt cp;
383 cp.handle = cpu_to_le16(conn->handle);
384 cp.encrypt = 1;
385 hci_send_cmd(conn->hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp), &cp);
386 }
387 return 0;
388 }
389 EXPORT_SYMBOL(hci_conn_encrypt);
390
391 /* Change link key */
392 int hci_conn_change_link_key(struct hci_conn *conn)
393 {
394 BT_DBG("conn %p", conn);
395
396 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
397 struct hci_cp_change_conn_link_key cp;
398 cp.handle = cpu_to_le16(conn->handle);
399 hci_send_cmd(conn->hdev, HCI_OP_CHANGE_CONN_LINK_KEY, sizeof(cp), &cp);
400 }
401 return 0;
402 }
403 EXPORT_SYMBOL(hci_conn_change_link_key);
404
405 /* Switch role */
406 int hci_conn_switch_role(struct hci_conn *conn, uint8_t role)
407 {
408 BT_DBG("conn %p", conn);
409
410 if (!role && conn->link_mode & HCI_LM_MASTER)
411 return 1;
412
413 if (!test_and_set_bit(HCI_CONN_RSWITCH_PEND, &conn->pend)) {
414 struct hci_cp_switch_role cp;
415 bacpy(&cp.bdaddr, &conn->dst);
416 cp.role = role;
417 hci_send_cmd(conn->hdev, HCI_OP_SWITCH_ROLE, sizeof(cp), &cp);
418 }
419 return 0;
420 }
421 EXPORT_SYMBOL(hci_conn_switch_role);
422
423 /* Enter active mode */
424 void hci_conn_enter_active_mode(struct hci_conn *conn)
425 {
426 struct hci_dev *hdev = conn->hdev;
427
428 BT_DBG("conn %p mode %d", conn, conn->mode);
429
430 if (test_bit(HCI_RAW, &hdev->flags))
431 return;
432
433 if (conn->mode != HCI_CM_SNIFF || !conn->power_save)
434 goto timer;
435
436 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
437 struct hci_cp_exit_sniff_mode cp;
438 cp.handle = cpu_to_le16(conn->handle);
439 hci_send_cmd(hdev, HCI_OP_EXIT_SNIFF_MODE, sizeof(cp), &cp);
440 }
441
442 timer:
443 if (hdev->idle_timeout > 0)
444 mod_timer(&conn->idle_timer,
445 jiffies + msecs_to_jiffies(hdev->idle_timeout));
446 }
447
448 /* Enter sniff mode */
449 void hci_conn_enter_sniff_mode(struct hci_conn *conn)
450 {
451 struct hci_dev *hdev = conn->hdev;
452
453 BT_DBG("conn %p mode %d", conn, conn->mode);
454
455 if (test_bit(HCI_RAW, &hdev->flags))
456 return;
457
458 if (!lmp_sniff_capable(hdev) || !lmp_sniff_capable(conn))
459 return;
460
461 if (conn->mode != HCI_CM_ACTIVE || !(conn->link_policy & HCI_LP_SNIFF))
462 return;
463
464 if (lmp_sniffsubr_capable(hdev) && lmp_sniffsubr_capable(conn)) {
465 struct hci_cp_sniff_subrate cp;
466 cp.handle = cpu_to_le16(conn->handle);
467 cp.max_latency = cpu_to_le16(0);
468 cp.min_remote_timeout = cpu_to_le16(0);
469 cp.min_local_timeout = cpu_to_le16(0);
470 hci_send_cmd(hdev, HCI_OP_SNIFF_SUBRATE, sizeof(cp), &cp);
471 }
472
473 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
474 struct hci_cp_sniff_mode cp;
475 cp.handle = cpu_to_le16(conn->handle);
476 cp.max_interval = cpu_to_le16(hdev->sniff_max_interval);
477 cp.min_interval = cpu_to_le16(hdev->sniff_min_interval);
478 cp.attempt = cpu_to_le16(4);
479 cp.timeout = cpu_to_le16(1);
480 hci_send_cmd(hdev, HCI_OP_SNIFF_MODE, sizeof(cp), &cp);
481 }
482 }
483
484 /* Drop all connection on the device */
485 void hci_conn_hash_flush(struct hci_dev *hdev)
486 {
487 struct hci_conn_hash *h = &hdev->conn_hash;
488 struct list_head *p;
489
490 BT_DBG("hdev %s", hdev->name);
491
492 p = h->list.next;
493 while (p != &h->list) {
494 struct hci_conn *c;
495
496 c = list_entry(p, struct hci_conn, list);
497 p = p->next;
498
499 c->state = BT_CLOSED;
500
501 hci_proto_disconn_ind(c, 0x16);
502 hci_conn_del(c);
503 }
504 }
505
506 /* Check pending connect attempts */
507 void hci_conn_check_pending(struct hci_dev *hdev)
508 {
509 struct hci_conn *conn;
510
511 BT_DBG("hdev %s", hdev->name);
512
513 hci_dev_lock(hdev);
514
515 conn = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
516 if (conn)
517 hci_acl_connect(conn);
518
519 hci_dev_unlock(hdev);
520 }
521
522 int hci_get_conn_list(void __user *arg)
523 {
524 struct hci_conn_list_req req, *cl;
525 struct hci_conn_info *ci;
526 struct hci_dev *hdev;
527 struct list_head *p;
528 int n = 0, size, err;
529
530 if (copy_from_user(&req, arg, sizeof(req)))
531 return -EFAULT;
532
533 if (!req.conn_num || req.conn_num > (PAGE_SIZE * 2) / sizeof(*ci))
534 return -EINVAL;
535
536 size = sizeof(req) + req.conn_num * sizeof(*ci);
537
538 if (!(cl = kmalloc(size, GFP_KERNEL)))
539 return -ENOMEM;
540
541 if (!(hdev = hci_dev_get(req.dev_id))) {
542 kfree(cl);
543 return -ENODEV;
544 }
545
546 ci = cl->conn_info;
547
548 hci_dev_lock_bh(hdev);
549 list_for_each(p, &hdev->conn_hash.list) {
550 register struct hci_conn *c;
551 c = list_entry(p, struct hci_conn, list);
552
553 bacpy(&(ci + n)->bdaddr, &c->dst);
554 (ci + n)->handle = c->handle;
555 (ci + n)->type = c->type;
556 (ci + n)->out = c->out;
557 (ci + n)->state = c->state;
558 (ci + n)->link_mode = c->link_mode;
559 if (++n >= req.conn_num)
560 break;
561 }
562 hci_dev_unlock_bh(hdev);
563
564 cl->dev_id = hdev->id;
565 cl->conn_num = n;
566 size = sizeof(req) + n * sizeof(*ci);
567
568 hci_dev_put(hdev);
569
570 err = copy_to_user(arg, cl, size);
571 kfree(cl);
572
573 return err ? -EFAULT : 0;
574 }
575
576 int hci_get_conn_info(struct hci_dev *hdev, void __user *arg)
577 {
578 struct hci_conn_info_req req;
579 struct hci_conn_info ci;
580 struct hci_conn *conn;
581 char __user *ptr = arg + sizeof(req);
582
583 if (copy_from_user(&req, arg, sizeof(req)))
584 return -EFAULT;
585
586 hci_dev_lock_bh(hdev);
587 conn = hci_conn_hash_lookup_ba(hdev, req.type, &req.bdaddr);
588 if (conn) {
589 bacpy(&ci.bdaddr, &conn->dst);
590 ci.handle = conn->handle;
591 ci.type = conn->type;
592 ci.out = conn->out;
593 ci.state = conn->state;
594 ci.link_mode = conn->link_mode;
595 }
596 hci_dev_unlock_bh(hdev);
597
598 if (!conn)
599 return -ENOENT;
600
601 return copy_to_user(ptr, &ci, sizeof(ci)) ? -EFAULT : 0;
602 }
603
|
This page was automatically generated by the
LXR engine.
|