2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI connection handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
41 #include <asm/system.h>
42 #include <asm/uaccess.h>
43 #include <asm/unaligned.h>
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
48 void hci_acl_connect(struct hci_conn *conn)
50 struct hci_dev *hdev = conn->hdev;
51 struct inquiry_entry *ie;
52 struct hci_cp_create_conn cp;
56 conn->state = BT_CONNECT;
59 conn->link_mode = HCI_LM_MASTER;
63 conn->link_policy = hdev->link_policy;
65 memset(&cp, 0, sizeof(cp));
66 bacpy(&cp.bdaddr, &conn->dst);
67 cp.pscan_rep_mode = 0x02;
69 if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst))) {
70 if (inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) {
71 cp.pscan_rep_mode = ie->data.pscan_rep_mode;
72 cp.pscan_mode = ie->data.pscan_mode;
73 cp.clock_offset = ie->data.clock_offset |
77 memcpy(conn->dev_class, ie->data.dev_class, 3);
78 conn->ssp_mode = ie->data.ssp_mode;
81 cp.pkt_type = cpu_to_le16(conn->pkt_type);
82 if (lmp_rswitch_capable(hdev) && !(hdev->link_mode & HCI_LM_MASTER))
83 cp.role_switch = 0x01;
85 cp.role_switch = 0x00;
87 hci_send_cmd(hdev, HCI_OP_CREATE_CONN, sizeof(cp), &cp);
90 static void hci_acl_connect_cancel(struct hci_conn *conn)
92 struct hci_cp_create_conn_cancel cp;
96 if (conn->hdev->hci_ver < 2)
99 bacpy(&cp.bdaddr, &conn->dst);
100 hci_send_cmd(conn->hdev, HCI_OP_CREATE_CONN_CANCEL, sizeof(cp), &cp);
103 void hci_acl_disconn(struct hci_conn *conn, __u8 reason)
105 struct hci_cp_disconnect cp;
109 conn->state = BT_DISCONN;
111 cp.handle = cpu_to_le16(conn->handle);
113 hci_send_cmd(conn->hdev, HCI_OP_DISCONNECT, sizeof(cp), &cp);
116 void hci_add_sco(struct hci_conn *conn, __u16 handle)
118 struct hci_dev *hdev = conn->hdev;
119 struct hci_cp_add_sco cp;
123 conn->state = BT_CONNECT;
128 cp.handle = cpu_to_le16(handle);
129 cp.pkt_type = cpu_to_le16(conn->pkt_type);
131 hci_send_cmd(hdev, HCI_OP_ADD_SCO, sizeof(cp), &cp);
134 void hci_setup_sync(struct hci_conn *conn, __u16 handle)
136 struct hci_dev *hdev = conn->hdev;
137 struct hci_cp_setup_sync_conn cp;
141 conn->state = BT_CONNECT;
146 cp.handle = cpu_to_le16(handle);
147 cp.pkt_type = cpu_to_le16(conn->pkt_type);
149 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
150 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
151 cp.max_latency = cpu_to_le16(0xffff);
152 cp.voice_setting = cpu_to_le16(hdev->voice_setting);
153 cp.retrans_effort = 0xff;
155 hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp);
158 static void hci_conn_timeout(unsigned long arg)
160 struct hci_conn *conn = (void *) arg;
161 struct hci_dev *hdev = conn->hdev;
164 BT_DBG("conn %p state %d", conn, conn->state);
166 if (atomic_read(&conn->refcnt))
171 switch (conn->state) {
174 if (conn->type == ACL_LINK)
175 hci_acl_connect_cancel(conn);
177 hci_acl_disconn(conn, 0x13);
181 reason = hci_proto_disconn_ind(conn);
182 hci_acl_disconn(conn, reason);
185 conn->state = BT_CLOSED;
189 hci_dev_unlock(hdev);
192 static void hci_conn_idle(unsigned long arg)
194 struct hci_conn *conn = (void *) arg;
196 BT_DBG("conn %p mode %d", conn, conn->mode);
198 hci_conn_enter_sniff_mode(conn);
201 struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst)
203 struct hci_conn *conn;
205 BT_DBG("%s dst %s", hdev->name, batostr(dst));
207 conn = kzalloc(sizeof(struct hci_conn), GFP_ATOMIC);
211 bacpy(&conn->dst, dst);
214 conn->mode = HCI_CM_ACTIVE;
215 conn->state = BT_OPEN;
217 conn->power_save = 1;
218 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
222 conn->pkt_type = hdev->pkt_type & ACL_PTYPE_MASK;
225 if (lmp_esco_capable(hdev))
226 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
227 (hdev->esco_type & EDR_ESCO_MASK);
229 conn->pkt_type = hdev->pkt_type & SCO_PTYPE_MASK;
232 conn->pkt_type = hdev->esco_type & ~EDR_ESCO_MASK;
236 skb_queue_head_init(&conn->data_q);
238 setup_timer(&conn->disc_timer, hci_conn_timeout, (unsigned long)conn);
239 setup_timer(&conn->idle_timer, hci_conn_idle, (unsigned long)conn);
241 atomic_set(&conn->refcnt, 0);
245 tasklet_disable(&hdev->tx_task);
247 hci_conn_hash_add(hdev, conn);
249 hdev->notify(hdev, HCI_NOTIFY_CONN_ADD);
251 hci_conn_init_sysfs(conn);
253 tasklet_enable(&hdev->tx_task);
258 int hci_conn_del(struct hci_conn *conn)
260 struct hci_dev *hdev = conn->hdev;
262 BT_DBG("%s conn %p handle %d", hdev->name, conn, conn->handle);
264 del_timer(&conn->idle_timer);
266 del_timer(&conn->disc_timer);
268 if (conn->type == ACL_LINK) {
269 struct hci_conn *sco = conn->link;
274 hdev->acl_cnt += conn->sent;
276 struct hci_conn *acl = conn->link;
283 tasklet_disable(&hdev->tx_task);
285 hci_conn_hash_del(hdev, conn);
287 hdev->notify(hdev, HCI_NOTIFY_CONN_DEL);
289 tasklet_enable(&hdev->tx_task);
291 skb_queue_purge(&conn->data_q);
293 hci_conn_del_sysfs(conn);
300 struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
302 int use_src = bacmp(src, BDADDR_ANY);
303 struct hci_dev *hdev = NULL;
306 BT_DBG("%s -> %s", batostr(src), batostr(dst));
308 read_lock_bh(&hci_dev_list_lock);
310 list_for_each(p, &hci_dev_list) {
311 struct hci_dev *d = list_entry(p, struct hci_dev, list);
313 if (!test_bit(HCI_UP, &d->flags) || test_bit(HCI_RAW, &d->flags))
317 * No source address - find interface with bdaddr != dst
318 * Source address - find interface with bdaddr == src
322 if (!bacmp(&d->bdaddr, src)) {
326 if (bacmp(&d->bdaddr, dst)) {
333 hdev = hci_dev_hold(hdev);
335 read_unlock_bh(&hci_dev_list_lock);
338 EXPORT_SYMBOL(hci_get_route);
340 /* Create SCO or ACL connection.
341 * Device _must_ be locked */
342 struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst, __u8 sec_level, __u8 auth_type)
344 struct hci_conn *acl;
345 struct hci_conn *sco;
347 BT_DBG("%s dst %s", hdev->name, batostr(dst));
349 if (!(acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst))) {
350 if (!(acl = hci_conn_add(hdev, ACL_LINK, dst)))
356 if (acl->state == BT_OPEN || acl->state == BT_CLOSED) {
357 acl->sec_level = sec_level;
358 acl->auth_type = auth_type;
359 hci_acl_connect(acl);
362 if (type == ACL_LINK)
365 if (!(sco = hci_conn_hash_lookup_ba(hdev, type, dst))) {
366 if (!(sco = hci_conn_add(hdev, type, dst))) {
377 if (acl->state == BT_CONNECTED &&
378 (sco->state == BT_OPEN || sco->state == BT_CLOSED)) {
379 if (lmp_esco_capable(hdev))
380 hci_setup_sync(sco, acl->handle);
382 hci_add_sco(sco, acl->handle);
387 EXPORT_SYMBOL(hci_connect);
389 /* Check link security requirement */
390 int hci_conn_check_link_mode(struct hci_conn *conn)
392 BT_DBG("conn %p", conn);
394 if (conn->ssp_mode > 0 && conn->hdev->ssp_mode > 0 &&
395 !(conn->link_mode & HCI_LM_ENCRYPT))
400 EXPORT_SYMBOL(hci_conn_check_link_mode);
402 /* Authenticate remote device */
403 static int hci_conn_auth(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
405 BT_DBG("conn %p", conn);
407 if (sec_level > conn->sec_level)
408 conn->sec_level = sec_level;
409 else if (conn->link_mode & HCI_LM_AUTH)
412 conn->auth_type = auth_type;
414 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
415 struct hci_cp_auth_requested cp;
416 cp.handle = cpu_to_le16(conn->handle);
417 hci_send_cmd(conn->hdev, HCI_OP_AUTH_REQUESTED,
424 /* Enable security */
425 int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
427 BT_DBG("conn %p", conn);
429 if (sec_level == BT_SECURITY_SDP)
432 if (sec_level == BT_SECURITY_LOW &&
433 (!conn->ssp_mode || !conn->hdev->ssp_mode))
436 if (conn->link_mode & HCI_LM_ENCRYPT)
437 return hci_conn_auth(conn, sec_level, auth_type);
439 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend))
442 if (hci_conn_auth(conn, sec_level, auth_type)) {
443 struct hci_cp_set_conn_encrypt cp;
444 cp.handle = cpu_to_le16(conn->handle);
446 hci_send_cmd(conn->hdev, HCI_OP_SET_CONN_ENCRYPT,
452 EXPORT_SYMBOL(hci_conn_security);
454 /* Change link key */
455 int hci_conn_change_link_key(struct hci_conn *conn)
457 BT_DBG("conn %p", conn);
459 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
460 struct hci_cp_change_conn_link_key cp;
461 cp.handle = cpu_to_le16(conn->handle);
462 hci_send_cmd(conn->hdev, HCI_OP_CHANGE_CONN_LINK_KEY,
468 EXPORT_SYMBOL(hci_conn_change_link_key);
471 int hci_conn_switch_role(struct hci_conn *conn, __u8 role)
473 BT_DBG("conn %p", conn);
475 if (!role && conn->link_mode & HCI_LM_MASTER)
478 if (!test_and_set_bit(HCI_CONN_RSWITCH_PEND, &conn->pend)) {
479 struct hci_cp_switch_role cp;
480 bacpy(&cp.bdaddr, &conn->dst);
482 hci_send_cmd(conn->hdev, HCI_OP_SWITCH_ROLE, sizeof(cp), &cp);
487 EXPORT_SYMBOL(hci_conn_switch_role);
489 /* Enter active mode */
490 void hci_conn_enter_active_mode(struct hci_conn *conn)
492 struct hci_dev *hdev = conn->hdev;
494 BT_DBG("conn %p mode %d", conn, conn->mode);
496 if (test_bit(HCI_RAW, &hdev->flags))
499 if (conn->mode != HCI_CM_SNIFF || !conn->power_save)
502 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
503 struct hci_cp_exit_sniff_mode cp;
504 cp.handle = cpu_to_le16(conn->handle);
505 hci_send_cmd(hdev, HCI_OP_EXIT_SNIFF_MODE, sizeof(cp), &cp);
509 if (hdev->idle_timeout > 0)
510 mod_timer(&conn->idle_timer,
511 jiffies + msecs_to_jiffies(hdev->idle_timeout));
514 /* Enter sniff mode */
515 void hci_conn_enter_sniff_mode(struct hci_conn *conn)
517 struct hci_dev *hdev = conn->hdev;
519 BT_DBG("conn %p mode %d", conn, conn->mode);
521 if (test_bit(HCI_RAW, &hdev->flags))
524 if (!lmp_sniff_capable(hdev) || !lmp_sniff_capable(conn))
527 if (conn->mode != HCI_CM_ACTIVE || !(conn->link_policy & HCI_LP_SNIFF))
530 if (lmp_sniffsubr_capable(hdev) && lmp_sniffsubr_capable(conn)) {
531 struct hci_cp_sniff_subrate cp;
532 cp.handle = cpu_to_le16(conn->handle);
533 cp.max_latency = cpu_to_le16(0);
534 cp.min_remote_timeout = cpu_to_le16(0);
535 cp.min_local_timeout = cpu_to_le16(0);
536 hci_send_cmd(hdev, HCI_OP_SNIFF_SUBRATE, sizeof(cp), &cp);
539 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
540 struct hci_cp_sniff_mode cp;
541 cp.handle = cpu_to_le16(conn->handle);
542 cp.max_interval = cpu_to_le16(hdev->sniff_max_interval);
543 cp.min_interval = cpu_to_le16(hdev->sniff_min_interval);
544 cp.attempt = cpu_to_le16(4);
545 cp.timeout = cpu_to_le16(1);
546 hci_send_cmd(hdev, HCI_OP_SNIFF_MODE, sizeof(cp), &cp);
550 /* Drop all connection on the device */
551 void hci_conn_hash_flush(struct hci_dev *hdev)
553 struct hci_conn_hash *h = &hdev->conn_hash;
556 BT_DBG("hdev %s", hdev->name);
559 while (p != &h->list) {
562 c = list_entry(p, struct hci_conn, list);
565 c->state = BT_CLOSED;
567 hci_proto_disconn_cfm(c, 0x16);
572 /* Check pending connect attempts */
573 void hci_conn_check_pending(struct hci_dev *hdev)
575 struct hci_conn *conn;
577 BT_DBG("hdev %s", hdev->name);
581 conn = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
583 hci_acl_connect(conn);
585 hci_dev_unlock(hdev);
588 int hci_get_conn_list(void __user *arg)
590 struct hci_conn_list_req req, *cl;
591 struct hci_conn_info *ci;
592 struct hci_dev *hdev;
594 int n = 0, size, err;
596 if (copy_from_user(&req, arg, sizeof(req)))
599 if (!req.conn_num || req.conn_num > (PAGE_SIZE * 2) / sizeof(*ci))
602 size = sizeof(req) + req.conn_num * sizeof(*ci);
604 if (!(cl = kmalloc(size, GFP_KERNEL)))
607 if (!(hdev = hci_dev_get(req.dev_id))) {
614 hci_dev_lock_bh(hdev);
615 list_for_each(p, &hdev->conn_hash.list) {
616 register struct hci_conn *c;
617 c = list_entry(p, struct hci_conn, list);
619 bacpy(&(ci + n)->bdaddr, &c->dst);
620 (ci + n)->handle = c->handle;
621 (ci + n)->type = c->type;
622 (ci + n)->out = c->out;
623 (ci + n)->state = c->state;
624 (ci + n)->link_mode = c->link_mode;
625 if (++n >= req.conn_num)
628 hci_dev_unlock_bh(hdev);
630 cl->dev_id = hdev->id;
632 size = sizeof(req) + n * sizeof(*ci);
636 err = copy_to_user(arg, cl, size);
639 return err ? -EFAULT : 0;
642 int hci_get_conn_info(struct hci_dev *hdev, void __user *arg)
644 struct hci_conn_info_req req;
645 struct hci_conn_info ci;
646 struct hci_conn *conn;
647 char __user *ptr = arg + sizeof(req);
649 if (copy_from_user(&req, arg, sizeof(req)))
652 hci_dev_lock_bh(hdev);
653 conn = hci_conn_hash_lookup_ba(hdev, req.type, &req.bdaddr);
655 bacpy(&ci.bdaddr, &conn->dst);
656 ci.handle = conn->handle;
657 ci.type = conn->type;
659 ci.state = conn->state;
660 ci.link_mode = conn->link_mode;
662 hci_dev_unlock_bh(hdev);
667 return copy_to_user(ptr, &ci, sizeof(ci)) ? -EFAULT : 0;
670 int hci_get_auth_info(struct hci_dev *hdev, void __user *arg)
672 struct hci_auth_info_req req;
673 struct hci_conn *conn;
675 if (copy_from_user(&req, arg, sizeof(req)))
678 hci_dev_lock_bh(hdev);
679 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &req.bdaddr);
681 req.type = conn->auth_type;
682 hci_dev_unlock_bh(hdev);
687 return copy_to_user(arg, &req, sizeof(req)) ? -EFAULT : 0;
git.openpandora.org / pandora-kernel.git / blob