2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI connection handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
41 #include <asm/system.h>
42 #include <asm/uaccess.h>
43 #include <asm/unaligned.h>
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
48 void hci_acl_connect(struct hci_conn *conn)
50 struct hci_dev *hdev = conn->hdev;
51 struct inquiry_entry *ie;
52 struct hci_cp_create_conn cp;
56 conn->state = BT_CONNECT;
59 conn->link_mode = HCI_LM_MASTER;
63 conn->link_policy = hdev->link_policy;
65 memset(&cp, 0, sizeof(cp));
66 bacpy(&cp.bdaddr, &conn->dst);
67 cp.pscan_rep_mode = 0x02;
69 if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst))) {
70 if (inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) {
71 cp.pscan_rep_mode = ie->data.pscan_rep_mode;
72 cp.pscan_mode = ie->data.pscan_mode;
73 cp.clock_offset = ie->data.clock_offset |
77 memcpy(conn->dev_class, ie->data.dev_class, 3);
78 conn->ssp_mode = ie->data.ssp_mode;
81 cp.pkt_type = cpu_to_le16(conn->pkt_type);
82 if (lmp_rswitch_capable(hdev) && !(hdev->link_mode & HCI_LM_MASTER))
83 cp.role_switch = 0x01;
85 cp.role_switch = 0x00;
87 hci_send_cmd(hdev, HCI_OP_CREATE_CONN, sizeof(cp), &cp);
90 static void hci_acl_connect_cancel(struct hci_conn *conn)
92 struct hci_cp_create_conn_cancel cp;
96 if (conn->hdev->hci_ver < 2)
99 bacpy(&cp.bdaddr, &conn->dst);
100 hci_send_cmd(conn->hdev, HCI_OP_CREATE_CONN_CANCEL, sizeof(cp), &cp);
103 void hci_acl_disconn(struct hci_conn *conn, __u8 reason)
105 struct hci_cp_disconnect cp;
109 conn->state = BT_DISCONN;
111 cp.handle = cpu_to_le16(conn->handle);
113 hci_send_cmd(conn->hdev, HCI_OP_DISCONNECT, sizeof(cp), &cp);
116 void hci_add_sco(struct hci_conn *conn, __u16 handle)
118 struct hci_dev *hdev = conn->hdev;
119 struct hci_cp_add_sco cp;
123 conn->state = BT_CONNECT;
128 cp.handle = cpu_to_le16(handle);
129 cp.pkt_type = cpu_to_le16(conn->pkt_type);
131 hci_send_cmd(hdev, HCI_OP_ADD_SCO, sizeof(cp), &cp);
134 void hci_setup_sync(struct hci_conn *conn, __u16 handle)
136 struct hci_dev *hdev = conn->hdev;
137 struct hci_cp_setup_sync_conn cp;
141 conn->state = BT_CONNECT;
146 cp.handle = cpu_to_le16(handle);
147 cp.pkt_type = cpu_to_le16(conn->pkt_type);
149 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
150 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
151 cp.max_latency = cpu_to_le16(0xffff);
152 cp.voice_setting = cpu_to_le16(hdev->voice_setting);
153 cp.retrans_effort = 0xff;
155 hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp);
158 static void hci_conn_timeout(unsigned long arg)
160 struct hci_conn *conn = (void *) arg;
161 struct hci_dev *hdev = conn->hdev;
164 BT_DBG("conn %p state %d", conn, conn->state);
166 if (atomic_read(&conn->refcnt))
171 switch (conn->state) {
174 if (conn->type == ACL_LINK)
175 hci_acl_connect_cancel(conn);
177 hci_acl_disconn(conn, 0x13);
181 reason = hci_proto_disconn_ind(conn);
182 hci_acl_disconn(conn, reason);
185 conn->state = BT_CLOSED;
189 hci_dev_unlock(hdev);
192 static void hci_conn_idle(unsigned long arg)
194 struct hci_conn *conn = (void *) arg;
196 BT_DBG("conn %p mode %d", conn, conn->mode);
198 hci_conn_enter_sniff_mode(conn);
201 struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst)
203 struct hci_conn *conn;
205 BT_DBG("%s dst %s", hdev->name, batostr(dst));
207 conn = kzalloc(sizeof(struct hci_conn), GFP_ATOMIC);
211 bacpy(&conn->dst, dst);
214 conn->mode = HCI_CM_ACTIVE;
215 conn->state = BT_OPEN;
217 conn->power_save = 1;
218 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
222 conn->pkt_type = hdev->pkt_type & ACL_PTYPE_MASK;
225 if (lmp_esco_capable(hdev))
226 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
227 (hdev->esco_type & EDR_ESCO_MASK);
229 conn->pkt_type = hdev->pkt_type & SCO_PTYPE_MASK;
232 conn->pkt_type = hdev->esco_type & ~EDR_ESCO_MASK;
236 skb_queue_head_init(&conn->data_q);
238 setup_timer(&conn->disc_timer, hci_conn_timeout, (unsigned long)conn);
239 setup_timer(&conn->idle_timer, hci_conn_idle, (unsigned long)conn);
241 atomic_set(&conn->refcnt, 0);
245 tasklet_disable(&hdev->tx_task);
247 hci_conn_hash_add(hdev, conn);
249 hdev->notify(hdev, HCI_NOTIFY_CONN_ADD);
251 tasklet_enable(&hdev->tx_task);
256 int hci_conn_del(struct hci_conn *conn)
258 struct hci_dev *hdev = conn->hdev;
260 BT_DBG("%s conn %p handle %d", hdev->name, conn, conn->handle);
262 del_timer(&conn->idle_timer);
264 del_timer(&conn->disc_timer);
266 if (conn->type == ACL_LINK) {
267 struct hci_conn *sco = conn->link;
272 hdev->acl_cnt += conn->sent;
274 struct hci_conn *acl = conn->link;
281 tasklet_disable(&hdev->tx_task);
283 hci_conn_hash_del(hdev, conn);
285 hdev->notify(hdev, HCI_NOTIFY_CONN_DEL);
287 tasklet_enable(&hdev->tx_task);
289 skb_queue_purge(&conn->data_q);
291 hci_conn_del_sysfs(conn);
296 struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
298 int use_src = bacmp(src, BDADDR_ANY);
299 struct hci_dev *hdev = NULL;
302 BT_DBG("%s -> %s", batostr(src), batostr(dst));
304 read_lock_bh(&hci_dev_list_lock);
306 list_for_each(p, &hci_dev_list) {
307 struct hci_dev *d = list_entry(p, struct hci_dev, list);
309 if (!test_bit(HCI_UP, &d->flags) || test_bit(HCI_RAW, &d->flags))
313 * No source address - find interface with bdaddr != dst
314 * Source address - find interface with bdaddr == src
318 if (!bacmp(&d->bdaddr, src)) {
322 if (bacmp(&d->bdaddr, dst)) {
329 hdev = hci_dev_hold(hdev);
331 read_unlock_bh(&hci_dev_list_lock);
334 EXPORT_SYMBOL(hci_get_route);
336 /* Create SCO or ACL connection.
337 * Device _must_ be locked */
338 struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst, __u8 sec_level, __u8 auth_type)
340 struct hci_conn *acl;
341 struct hci_conn *sco;
343 BT_DBG("%s dst %s", hdev->name, batostr(dst));
345 if (!(acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst))) {
346 if (!(acl = hci_conn_add(hdev, ACL_LINK, dst)))
352 if (acl->state == BT_OPEN || acl->state == BT_CLOSED) {
353 acl->sec_level = sec_level;
354 acl->auth_type = auth_type;
355 hci_acl_connect(acl);
358 if (type == ACL_LINK)
361 if (!(sco = hci_conn_hash_lookup_ba(hdev, type, dst))) {
362 if (!(sco = hci_conn_add(hdev, type, dst))) {
373 if (acl->state == BT_CONNECTED &&
374 (sco->state == BT_OPEN || sco->state == BT_CLOSED)) {
375 if (lmp_esco_capable(hdev))
376 hci_setup_sync(sco, acl->handle);
378 hci_add_sco(sco, acl->handle);
383 EXPORT_SYMBOL(hci_connect);
385 /* Check link security requirement */
386 int hci_conn_check_link_mode(struct hci_conn *conn)
388 BT_DBG("conn %p", conn);
390 if (conn->ssp_mode > 0 && conn->hdev->ssp_mode > 0 &&
391 !(conn->link_mode & HCI_LM_ENCRYPT))
396 EXPORT_SYMBOL(hci_conn_check_link_mode);
398 /* Authenticate remote device */
399 static int hci_conn_auth(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
401 BT_DBG("conn %p", conn);
403 if (sec_level > conn->sec_level)
404 conn->sec_level = sec_level;
405 else if (conn->link_mode & HCI_LM_AUTH)
408 conn->auth_type = auth_type;
410 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
411 struct hci_cp_auth_requested cp;
412 cp.handle = cpu_to_le16(conn->handle);
413 hci_send_cmd(conn->hdev, HCI_OP_AUTH_REQUESTED,
420 /* Enable security */
421 int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
423 BT_DBG("conn %p", conn);
425 if (sec_level == BT_SECURITY_SDP)
428 if (sec_level == BT_SECURITY_LOW) {
429 if (conn->ssp_mode > 0 && conn->hdev->ssp_mode > 0)
430 return hci_conn_auth(conn, sec_level, auth_type);
435 if (conn->link_mode & HCI_LM_ENCRYPT)
436 return hci_conn_auth(conn, sec_level, auth_type);
438 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend))
441 if (hci_conn_auth(conn, sec_level, auth_type)) {
442 struct hci_cp_set_conn_encrypt cp;
443 cp.handle = cpu_to_le16(conn->handle);
445 hci_send_cmd(conn->hdev, HCI_OP_SET_CONN_ENCRYPT,
451 EXPORT_SYMBOL(hci_conn_security);
453 /* Change link key */
454 int hci_conn_change_link_key(struct hci_conn *conn)
456 BT_DBG("conn %p", conn);
458 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
459 struct hci_cp_change_conn_link_key cp;
460 cp.handle = cpu_to_le16(conn->handle);
461 hci_send_cmd(conn->hdev, HCI_OP_CHANGE_CONN_LINK_KEY,
467 EXPORT_SYMBOL(hci_conn_change_link_key);
470 int hci_conn_switch_role(struct hci_conn *conn, __u8 role)
472 BT_DBG("conn %p", conn);
474 if (!role && conn->link_mode & HCI_LM_MASTER)
477 if (!test_and_set_bit(HCI_CONN_RSWITCH_PEND, &conn->pend)) {
478 struct hci_cp_switch_role cp;
479 bacpy(&cp.bdaddr, &conn->dst);
481 hci_send_cmd(conn->hdev, HCI_OP_SWITCH_ROLE, sizeof(cp), &cp);
486 EXPORT_SYMBOL(hci_conn_switch_role);
488 /* Enter active mode */
489 void hci_conn_enter_active_mode(struct hci_conn *conn)
491 struct hci_dev *hdev = conn->hdev;
493 BT_DBG("conn %p mode %d", conn, conn->mode);
495 if (test_bit(HCI_RAW, &hdev->flags))
498 if (conn->mode != HCI_CM_SNIFF || !conn->power_save)
501 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
502 struct hci_cp_exit_sniff_mode cp;
503 cp.handle = cpu_to_le16(conn->handle);
504 hci_send_cmd(hdev, HCI_OP_EXIT_SNIFF_MODE, sizeof(cp), &cp);
508 if (hdev->idle_timeout > 0)
509 mod_timer(&conn->idle_timer,
510 jiffies + msecs_to_jiffies(hdev->idle_timeout));
513 /* Enter sniff mode */
514 void hci_conn_enter_sniff_mode(struct hci_conn *conn)
516 struct hci_dev *hdev = conn->hdev;
518 BT_DBG("conn %p mode %d", conn, conn->mode);
520 if (test_bit(HCI_RAW, &hdev->flags))
523 if (!lmp_sniff_capable(hdev) || !lmp_sniff_capable(conn))
526 if (conn->mode != HCI_CM_ACTIVE || !(conn->link_policy & HCI_LP_SNIFF))
529 if (lmp_sniffsubr_capable(hdev) && lmp_sniffsubr_capable(conn)) {
530 struct hci_cp_sniff_subrate cp;
531 cp.handle = cpu_to_le16(conn->handle);
532 cp.max_latency = cpu_to_le16(0);
533 cp.min_remote_timeout = cpu_to_le16(0);
534 cp.min_local_timeout = cpu_to_le16(0);
535 hci_send_cmd(hdev, HCI_OP_SNIFF_SUBRATE, sizeof(cp), &cp);
538 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
539 struct hci_cp_sniff_mode cp;
540 cp.handle = cpu_to_le16(conn->handle);
541 cp.max_interval = cpu_to_le16(hdev->sniff_max_interval);
542 cp.min_interval = cpu_to_le16(hdev->sniff_min_interval);
543 cp.attempt = cpu_to_le16(4);
544 cp.timeout = cpu_to_le16(1);
545 hci_send_cmd(hdev, HCI_OP_SNIFF_MODE, sizeof(cp), &cp);
549 /* Drop all connection on the device */
550 void hci_conn_hash_flush(struct hci_dev *hdev)
552 struct hci_conn_hash *h = &hdev->conn_hash;
555 BT_DBG("hdev %s", hdev->name);
558 while (p != &h->list) {
561 c = list_entry(p, struct hci_conn, list);
564 c->state = BT_CLOSED;
566 hci_proto_disconn_cfm(c, 0x16);
571 /* Check pending connect attempts */
572 void hci_conn_check_pending(struct hci_dev *hdev)
574 struct hci_conn *conn;
576 BT_DBG("hdev %s", hdev->name);
580 conn = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
582 hci_acl_connect(conn);
584 hci_dev_unlock(hdev);
587 int hci_get_conn_list(void __user *arg)
589 struct hci_conn_list_req req, *cl;
590 struct hci_conn_info *ci;
591 struct hci_dev *hdev;
593 int n = 0, size, err;
595 if (copy_from_user(&req, arg, sizeof(req)))
598 if (!req.conn_num || req.conn_num > (PAGE_SIZE * 2) / sizeof(*ci))
601 size = sizeof(req) + req.conn_num * sizeof(*ci);
603 if (!(cl = kmalloc(size, GFP_KERNEL)))
606 if (!(hdev = hci_dev_get(req.dev_id))) {
613 hci_dev_lock_bh(hdev);
614 list_for_each(p, &hdev->conn_hash.list) {
615 register struct hci_conn *c;
616 c = list_entry(p, struct hci_conn, list);
618 bacpy(&(ci + n)->bdaddr, &c->dst);
619 (ci + n)->handle = c->handle;
620 (ci + n)->type = c->type;
621 (ci + n)->out = c->out;
622 (ci + n)->state = c->state;
623 (ci + n)->link_mode = c->link_mode;
624 if (++n >= req.conn_num)
627 hci_dev_unlock_bh(hdev);
629 cl->dev_id = hdev->id;
631 size = sizeof(req) + n * sizeof(*ci);
635 err = copy_to_user(arg, cl, size);
638 return err ? -EFAULT : 0;
641 int hci_get_conn_info(struct hci_dev *hdev, void __user *arg)
643 struct hci_conn_info_req req;
644 struct hci_conn_info ci;
645 struct hci_conn *conn;
646 char __user *ptr = arg + sizeof(req);
648 if (copy_from_user(&req, arg, sizeof(req)))
651 hci_dev_lock_bh(hdev);
652 conn = hci_conn_hash_lookup_ba(hdev, req.type, &req.bdaddr);
654 bacpy(&ci.bdaddr, &conn->dst);
655 ci.handle = conn->handle;
656 ci.type = conn->type;
658 ci.state = conn->state;
659 ci.link_mode = conn->link_mode;
661 hci_dev_unlock_bh(hdev);
666 return copy_to_user(ptr, &ci, sizeof(ci)) ? -EFAULT : 0;
669 int hci_get_auth_info(struct hci_dev *hdev, void __user *arg)
671 struct hci_auth_info_req req;
672 struct hci_conn *conn;
674 if (copy_from_user(&req, arg, sizeof(req)))
677 hci_dev_lock_bh(hdev);
678 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &req.bdaddr);
680 req.type = conn->auth_type;
681 hci_dev_unlock_bh(hdev);
686 return copy_to_user(arg, &req, sizeof(req)) ? -EFAULT : 0;
git.openpandora.org / pandora-kernel.git / blob