2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI connection handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
41 #include <asm/system.h>
42 #include <asm/uaccess.h>
43 #include <asm/unaligned.h>
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
48 void hci_acl_connect(struct hci_conn *conn)
50 struct hci_dev *hdev = conn->hdev;
51 struct inquiry_entry *ie;
52 struct hci_cp_create_conn cp;
56 conn->state = BT_CONNECT;
59 conn->link_mode = HCI_LM_MASTER;
63 conn->link_policy = hdev->link_policy;
65 memset(&cp, 0, sizeof(cp));
66 bacpy(&cp.bdaddr, &conn->dst);
67 cp.pscan_rep_mode = 0x02;
69 if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst))) {
70 if (inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) {
71 cp.pscan_rep_mode = ie->data.pscan_rep_mode;
72 cp.pscan_mode = ie->data.pscan_mode;
73 cp.clock_offset = ie->data.clock_offset |
77 memcpy(conn->dev_class, ie->data.dev_class, 3);
78 conn->ssp_mode = ie->data.ssp_mode;
81 cp.pkt_type = cpu_to_le16(conn->pkt_type);
82 if (lmp_rswitch_capable(hdev) && !(hdev->link_mode & HCI_LM_MASTER))
83 cp.role_switch = 0x01;
85 cp.role_switch = 0x00;
87 hci_send_cmd(hdev, HCI_OP_CREATE_CONN, sizeof(cp), &cp);
90 static void hci_acl_connect_cancel(struct hci_conn *conn)
92 struct hci_cp_create_conn_cancel cp;
96 if (conn->hdev->hci_ver < 2)
99 bacpy(&cp.bdaddr, &conn->dst);
100 hci_send_cmd(conn->hdev, HCI_OP_CREATE_CONN_CANCEL, sizeof(cp), &cp);
103 void hci_acl_disconn(struct hci_conn *conn, __u8 reason)
105 struct hci_cp_disconnect cp;
109 conn->state = BT_DISCONN;
111 cp.handle = cpu_to_le16(conn->handle);
113 hci_send_cmd(conn->hdev, HCI_OP_DISCONNECT, sizeof(cp), &cp);
116 void hci_add_sco(struct hci_conn *conn, __u16 handle)
118 struct hci_dev *hdev = conn->hdev;
119 struct hci_cp_add_sco cp;
123 conn->state = BT_CONNECT;
126 cp.handle = cpu_to_le16(handle);
127 cp.pkt_type = cpu_to_le16(conn->pkt_type);
129 hci_send_cmd(hdev, HCI_OP_ADD_SCO, sizeof(cp), &cp);
132 void hci_setup_sync(struct hci_conn *conn, __u16 handle)
134 struct hci_dev *hdev = conn->hdev;
135 struct hci_cp_setup_sync_conn cp;
139 conn->state = BT_CONNECT;
142 cp.handle = cpu_to_le16(handle);
143 cp.pkt_type = cpu_to_le16(conn->pkt_type);
145 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
146 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
147 cp.max_latency = cpu_to_le16(0xffff);
148 cp.voice_setting = cpu_to_le16(hdev->voice_setting);
149 cp.retrans_effort = 0xff;
151 hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp);
154 static void hci_conn_timeout(unsigned long arg)
156 struct hci_conn *conn = (void *) arg;
157 struct hci_dev *hdev = conn->hdev;
159 BT_DBG("conn %p state %d", conn, conn->state);
161 if (atomic_read(&conn->refcnt))
166 switch (conn->state) {
169 if (conn->type == ACL_LINK)
170 hci_acl_connect_cancel(conn);
172 hci_acl_disconn(conn, 0x13);
176 hci_acl_disconn(conn, 0x13);
179 conn->state = BT_CLOSED;
183 hci_dev_unlock(hdev);
186 static void hci_conn_idle(unsigned long arg)
188 struct hci_conn *conn = (void *) arg;
190 BT_DBG("conn %p mode %d", conn, conn->mode);
192 hci_conn_enter_sniff_mode(conn);
195 struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst)
197 struct hci_conn *conn;
199 BT_DBG("%s dst %s", hdev->name, batostr(dst));
201 conn = kzalloc(sizeof(struct hci_conn), GFP_ATOMIC);
205 bacpy(&conn->dst, dst);
208 conn->mode = HCI_CM_ACTIVE;
209 conn->state = BT_OPEN;
211 conn->power_save = 1;
215 conn->pkt_type = hdev->pkt_type & ACL_PTYPE_MASK;
218 if (lmp_esco_capable(hdev))
219 conn->pkt_type = hdev->esco_type & SCO_ESCO_MASK;
221 conn->pkt_type = hdev->pkt_type & SCO_PTYPE_MASK;
224 conn->pkt_type = hdev->esco_type;
228 skb_queue_head_init(&conn->data_q);
230 setup_timer(&conn->disc_timer, hci_conn_timeout, (unsigned long)conn);
231 setup_timer(&conn->idle_timer, hci_conn_idle, (unsigned long)conn);
233 atomic_set(&conn->refcnt, 0);
237 tasklet_disable(&hdev->tx_task);
239 hci_conn_hash_add(hdev, conn);
241 hdev->notify(hdev, HCI_NOTIFY_CONN_ADD);
243 tasklet_enable(&hdev->tx_task);
248 int hci_conn_del(struct hci_conn *conn)
250 struct hci_dev *hdev = conn->hdev;
252 BT_DBG("%s conn %p handle %d", hdev->name, conn, conn->handle);
254 del_timer(&conn->idle_timer);
256 del_timer(&conn->disc_timer);
258 if (conn->type == ACL_LINK) {
259 struct hci_conn *sco = conn->link;
264 hdev->acl_cnt += conn->sent;
266 struct hci_conn *acl = conn->link;
273 tasklet_disable(&hdev->tx_task);
275 hci_conn_hash_del(hdev, conn);
277 hdev->notify(hdev, HCI_NOTIFY_CONN_DEL);
279 tasklet_enable(&hdev->tx_task);
281 skb_queue_purge(&conn->data_q);
286 struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
288 int use_src = bacmp(src, BDADDR_ANY);
289 struct hci_dev *hdev = NULL;
292 BT_DBG("%s -> %s", batostr(src), batostr(dst));
294 read_lock_bh(&hci_dev_list_lock);
296 list_for_each(p, &hci_dev_list) {
297 struct hci_dev *d = list_entry(p, struct hci_dev, list);
299 if (!test_bit(HCI_UP, &d->flags) || test_bit(HCI_RAW, &d->flags))
303 * No source address - find interface with bdaddr != dst
304 * Source address - find interface with bdaddr == src
308 if (!bacmp(&d->bdaddr, src)) {
312 if (bacmp(&d->bdaddr, dst)) {
319 hdev = hci_dev_hold(hdev);
321 read_unlock_bh(&hci_dev_list_lock);
324 EXPORT_SYMBOL(hci_get_route);
326 /* Create SCO or ACL connection.
327 * Device _must_ be locked */
328 struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst, __u8 sec_level, __u8 auth_type)
330 struct hci_conn *acl;
331 struct hci_conn *sco;
333 BT_DBG("%s dst %s", hdev->name, batostr(dst));
335 if (!(acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst))) {
336 if (!(acl = hci_conn_add(hdev, ACL_LINK, dst)))
342 if (acl->state == BT_OPEN || acl->state == BT_CLOSED) {
343 acl->sec_level = sec_level;
344 acl->auth_type = auth_type;
345 hci_acl_connect(acl);
348 if (type == ACL_LINK)
351 if (!(sco = hci_conn_hash_lookup_ba(hdev, type, dst))) {
352 if (!(sco = hci_conn_add(hdev, type, dst))) {
363 if (acl->state == BT_CONNECTED &&
364 (sco->state == BT_OPEN || sco->state == BT_CLOSED)) {
365 if (lmp_esco_capable(hdev))
366 hci_setup_sync(sco, acl->handle);
368 hci_add_sco(sco, acl->handle);
373 EXPORT_SYMBOL(hci_connect);
375 /* Check link security requirement */
376 int hci_conn_check_link_mode(struct hci_conn *conn)
378 BT_DBG("conn %p", conn);
380 if (conn->ssp_mode > 0 && conn->hdev->ssp_mode > 0 &&
381 !(conn->link_mode & HCI_LM_ENCRYPT))
386 EXPORT_SYMBOL(hci_conn_check_link_mode);
388 /* Authenticate remote device */
389 static int hci_conn_auth(struct hci_conn *conn, __u8 sec_level)
391 BT_DBG("conn %p", conn);
393 if (sec_level > conn->sec_level)
394 conn->link_mode &= ~HCI_LM_AUTH;
396 conn->sec_level = sec_level;
398 if (sec_level == BT_SECURITY_HIGH)
399 conn->auth_type |= 0x01;
401 if (conn->link_mode & HCI_LM_AUTH)
404 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
405 struct hci_cp_auth_requested cp;
406 cp.handle = cpu_to_le16(conn->handle);
407 hci_send_cmd(conn->hdev, HCI_OP_AUTH_REQUESTED,
414 /* Enable security */
415 int hci_conn_security(struct hci_conn *conn, __u8 sec_level)
417 BT_DBG("conn %p", conn);
419 if (sec_level == BT_SECURITY_SDP)
422 if (sec_level == BT_SECURITY_LOW) {
423 if (conn->ssp_mode > 0 && conn->hdev->ssp_mode > 0)
424 return hci_conn_auth(conn, sec_level);
429 if (conn->link_mode & HCI_LM_ENCRYPT)
430 return hci_conn_auth(conn, sec_level);
432 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend))
435 if (hci_conn_auth(conn, sec_level)) {
436 struct hci_cp_set_conn_encrypt cp;
437 cp.handle = cpu_to_le16(conn->handle);
439 hci_send_cmd(conn->hdev, HCI_OP_SET_CONN_ENCRYPT,
445 EXPORT_SYMBOL(hci_conn_security);
447 /* Change link key */
448 int hci_conn_change_link_key(struct hci_conn *conn)
450 BT_DBG("conn %p", conn);
452 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
453 struct hci_cp_change_conn_link_key cp;
454 cp.handle = cpu_to_le16(conn->handle);
455 hci_send_cmd(conn->hdev, HCI_OP_CHANGE_CONN_LINK_KEY,
461 EXPORT_SYMBOL(hci_conn_change_link_key);
464 int hci_conn_switch_role(struct hci_conn *conn, __u8 role)
466 BT_DBG("conn %p", conn);
468 if (!role && conn->link_mode & HCI_LM_MASTER)
471 if (!test_and_set_bit(HCI_CONN_RSWITCH_PEND, &conn->pend)) {
472 struct hci_cp_switch_role cp;
473 bacpy(&cp.bdaddr, &conn->dst);
475 hci_send_cmd(conn->hdev, HCI_OP_SWITCH_ROLE, sizeof(cp), &cp);
480 EXPORT_SYMBOL(hci_conn_switch_role);
482 /* Enter active mode */
483 void hci_conn_enter_active_mode(struct hci_conn *conn)
485 struct hci_dev *hdev = conn->hdev;
487 BT_DBG("conn %p mode %d", conn, conn->mode);
489 if (test_bit(HCI_RAW, &hdev->flags))
492 if (conn->mode != HCI_CM_SNIFF || !conn->power_save)
495 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
496 struct hci_cp_exit_sniff_mode cp;
497 cp.handle = cpu_to_le16(conn->handle);
498 hci_send_cmd(hdev, HCI_OP_EXIT_SNIFF_MODE, sizeof(cp), &cp);
502 if (hdev->idle_timeout > 0)
503 mod_timer(&conn->idle_timer,
504 jiffies + msecs_to_jiffies(hdev->idle_timeout));
507 /* Enter sniff mode */
508 void hci_conn_enter_sniff_mode(struct hci_conn *conn)
510 struct hci_dev *hdev = conn->hdev;
512 BT_DBG("conn %p mode %d", conn, conn->mode);
514 if (test_bit(HCI_RAW, &hdev->flags))
517 if (!lmp_sniff_capable(hdev) || !lmp_sniff_capable(conn))
520 if (conn->mode != HCI_CM_ACTIVE || !(conn->link_policy & HCI_LP_SNIFF))
523 if (lmp_sniffsubr_capable(hdev) && lmp_sniffsubr_capable(conn)) {
524 struct hci_cp_sniff_subrate cp;
525 cp.handle = cpu_to_le16(conn->handle);
526 cp.max_latency = cpu_to_le16(0);
527 cp.min_remote_timeout = cpu_to_le16(0);
528 cp.min_local_timeout = cpu_to_le16(0);
529 hci_send_cmd(hdev, HCI_OP_SNIFF_SUBRATE, sizeof(cp), &cp);
532 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
533 struct hci_cp_sniff_mode cp;
534 cp.handle = cpu_to_le16(conn->handle);
535 cp.max_interval = cpu_to_le16(hdev->sniff_max_interval);
536 cp.min_interval = cpu_to_le16(hdev->sniff_min_interval);
537 cp.attempt = cpu_to_le16(4);
538 cp.timeout = cpu_to_le16(1);
539 hci_send_cmd(hdev, HCI_OP_SNIFF_MODE, sizeof(cp), &cp);
543 /* Drop all connection on the device */
544 void hci_conn_hash_flush(struct hci_dev *hdev)
546 struct hci_conn_hash *h = &hdev->conn_hash;
549 BT_DBG("hdev %s", hdev->name);
552 while (p != &h->list) {
555 c = list_entry(p, struct hci_conn, list);
558 c->state = BT_CLOSED;
560 hci_conn_del_sysfs(c);
562 hci_proto_disconn_ind(c, 0x16);
567 /* Check pending connect attempts */
568 void hci_conn_check_pending(struct hci_dev *hdev)
570 struct hci_conn *conn;
572 BT_DBG("hdev %s", hdev->name);
576 conn = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
578 hci_acl_connect(conn);
580 hci_dev_unlock(hdev);
583 int hci_get_conn_list(void __user *arg)
585 struct hci_conn_list_req req, *cl;
586 struct hci_conn_info *ci;
587 struct hci_dev *hdev;
589 int n = 0, size, err;
591 if (copy_from_user(&req, arg, sizeof(req)))
594 if (!req.conn_num || req.conn_num > (PAGE_SIZE * 2) / sizeof(*ci))
597 size = sizeof(req) + req.conn_num * sizeof(*ci);
599 if (!(cl = kmalloc(size, GFP_KERNEL)))
602 if (!(hdev = hci_dev_get(req.dev_id))) {
609 hci_dev_lock_bh(hdev);
610 list_for_each(p, &hdev->conn_hash.list) {
611 register struct hci_conn *c;
612 c = list_entry(p, struct hci_conn, list);
614 bacpy(&(ci + n)->bdaddr, &c->dst);
615 (ci + n)->handle = c->handle;
616 (ci + n)->type = c->type;
617 (ci + n)->out = c->out;
618 (ci + n)->state = c->state;
619 (ci + n)->link_mode = c->link_mode;
620 if (++n >= req.conn_num)
623 hci_dev_unlock_bh(hdev);
625 cl->dev_id = hdev->id;
627 size = sizeof(req) + n * sizeof(*ci);
631 err = copy_to_user(arg, cl, size);
634 return err ? -EFAULT : 0;
637 int hci_get_conn_info(struct hci_dev *hdev, void __user *arg)
639 struct hci_conn_info_req req;
640 struct hci_conn_info ci;
641 struct hci_conn *conn;
642 char __user *ptr = arg + sizeof(req);
644 if (copy_from_user(&req, arg, sizeof(req)))
647 hci_dev_lock_bh(hdev);
648 conn = hci_conn_hash_lookup_ba(hdev, req.type, &req.bdaddr);
650 bacpy(&ci.bdaddr, &conn->dst);
651 ci.handle = conn->handle;
652 ci.type = conn->type;
654 ci.state = conn->state;
655 ci.link_mode = conn->link_mode;
657 hci_dev_unlock_bh(hdev);
662 return copy_to_user(ptr, &ci, sizeof(ci)) ? -EFAULT : 0;
665 int hci_get_auth_info(struct hci_dev *hdev, void __user *arg)
667 struct hci_auth_info_req req;
668 struct hci_conn *conn;
670 if (copy_from_user(&req, arg, sizeof(req)))
673 hci_dev_lock_bh(hdev);
674 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &req.bdaddr);
676 req.type = conn->auth_type;
677 hci_dev_unlock_bh(hdev);
682 return copy_to_user(arg, &req, sizeof(req)) ? -EFAULT : 0;
git.openpandora.org / pandora-kernel.git / blob