2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI connection handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
41 #include <asm/system.h>
42 #include <asm/uaccess.h>
43 #include <asm/unaligned.h>
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
48 #ifndef CONFIG_BT_HCI_CORE_DEBUG
53 void hci_acl_connect(struct hci_conn *conn)
55 struct hci_dev *hdev = conn->hdev;
56 struct inquiry_entry *ie;
57 struct hci_cp_create_conn cp;
61 conn->state = BT_CONNECT;
64 conn->link_mode = HCI_LM_MASTER;
68 conn->link_policy = hdev->link_policy;
70 memset(&cp, 0, sizeof(cp));
71 bacpy(&cp.bdaddr, &conn->dst);
72 cp.pscan_rep_mode = 0x02;
74 if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst))) {
75 if (inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) {
76 cp.pscan_rep_mode = ie->data.pscan_rep_mode;
77 cp.pscan_mode = ie->data.pscan_mode;
78 cp.clock_offset = ie->data.clock_offset |
82 memcpy(conn->dev_class, ie->data.dev_class, 3);
83 conn->ssp_mode = ie->data.ssp_mode;
86 cp.pkt_type = cpu_to_le16(conn->pkt_type);
87 if (lmp_rswitch_capable(hdev) && !(hdev->link_mode & HCI_LM_MASTER))
88 cp.role_switch = 0x01;
90 cp.role_switch = 0x00;
92 hci_send_cmd(hdev, HCI_OP_CREATE_CONN, sizeof(cp), &cp);
95 static void hci_acl_connect_cancel(struct hci_conn *conn)
97 struct hci_cp_create_conn_cancel cp;
101 if (conn->hdev->hci_ver < 2)
104 bacpy(&cp.bdaddr, &conn->dst);
105 hci_send_cmd(conn->hdev, HCI_OP_CREATE_CONN_CANCEL, sizeof(cp), &cp);
108 void hci_acl_disconn(struct hci_conn *conn, __u8 reason)
110 struct hci_cp_disconnect cp;
114 conn->state = BT_DISCONN;
116 cp.handle = cpu_to_le16(conn->handle);
118 hci_send_cmd(conn->hdev, HCI_OP_DISCONNECT, sizeof(cp), &cp);
121 void hci_add_sco(struct hci_conn *conn, __u16 handle)
123 struct hci_dev *hdev = conn->hdev;
124 struct hci_cp_add_sco cp;
128 conn->state = BT_CONNECT;
131 cp.handle = cpu_to_le16(handle);
132 cp.pkt_type = cpu_to_le16(conn->pkt_type);
134 hci_send_cmd(hdev, HCI_OP_ADD_SCO, sizeof(cp), &cp);
137 void hci_setup_sync(struct hci_conn *conn, __u16 handle)
139 struct hci_dev *hdev = conn->hdev;
140 struct hci_cp_setup_sync_conn cp;
144 conn->state = BT_CONNECT;
147 cp.handle = cpu_to_le16(handle);
148 cp.pkt_type = cpu_to_le16(conn->pkt_type);
150 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
151 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
152 cp.max_latency = cpu_to_le16(0xffff);
153 cp.voice_setting = cpu_to_le16(hdev->voice_setting);
154 cp.retrans_effort = 0xff;
156 hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp);
159 static void hci_conn_timeout(unsigned long arg)
161 struct hci_conn *conn = (void *) arg;
162 struct hci_dev *hdev = conn->hdev;
164 BT_DBG("conn %p state %d", conn, conn->state);
166 if (atomic_read(&conn->refcnt))
171 switch (conn->state) {
174 if (conn->type == ACL_LINK)
175 hci_acl_connect_cancel(conn);
177 hci_acl_disconn(conn, 0x13);
181 hci_acl_disconn(conn, 0x13);
184 conn->state = BT_CLOSED;
188 hci_dev_unlock(hdev);
191 static void hci_conn_idle(unsigned long arg)
193 struct hci_conn *conn = (void *) arg;
195 BT_DBG("conn %p mode %d", conn, conn->mode);
197 hci_conn_enter_sniff_mode(conn);
200 struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst)
202 struct hci_conn *conn;
204 BT_DBG("%s dst %s", hdev->name, batostr(dst));
206 conn = kzalloc(sizeof(struct hci_conn), GFP_ATOMIC);
210 bacpy(&conn->dst, dst);
213 conn->mode = HCI_CM_ACTIVE;
214 conn->state = BT_OPEN;
216 conn->power_save = 1;
220 conn->pkt_type = hdev->pkt_type & ACL_PTYPE_MASK;
223 if (lmp_esco_capable(hdev))
224 conn->pkt_type = hdev->esco_type & SCO_ESCO_MASK;
226 conn->pkt_type = hdev->pkt_type & SCO_PTYPE_MASK;
229 conn->pkt_type = hdev->esco_type;
233 skb_queue_head_init(&conn->data_q);
235 setup_timer(&conn->disc_timer, hci_conn_timeout, (unsigned long)conn);
236 setup_timer(&conn->idle_timer, hci_conn_idle, (unsigned long)conn);
238 atomic_set(&conn->refcnt, 0);
242 tasklet_disable(&hdev->tx_task);
244 hci_conn_hash_add(hdev, conn);
246 hdev->notify(hdev, HCI_NOTIFY_CONN_ADD);
248 tasklet_enable(&hdev->tx_task);
253 int hci_conn_del(struct hci_conn *conn)
255 struct hci_dev *hdev = conn->hdev;
257 BT_DBG("%s conn %p handle %d", hdev->name, conn, conn->handle);
259 del_timer(&conn->idle_timer);
261 del_timer(&conn->disc_timer);
263 if (conn->type == ACL_LINK) {
264 struct hci_conn *sco = conn->link;
269 hdev->acl_cnt += conn->sent;
271 struct hci_conn *acl = conn->link;
278 tasklet_disable(&hdev->tx_task);
280 hci_conn_hash_del(hdev, conn);
282 hdev->notify(hdev, HCI_NOTIFY_CONN_DEL);
284 tasklet_enable(&hdev->tx_task);
286 skb_queue_purge(&conn->data_q);
291 struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
293 int use_src = bacmp(src, BDADDR_ANY);
294 struct hci_dev *hdev = NULL;
297 BT_DBG("%s -> %s", batostr(src), batostr(dst));
299 read_lock_bh(&hci_dev_list_lock);
301 list_for_each(p, &hci_dev_list) {
302 struct hci_dev *d = list_entry(p, struct hci_dev, list);
304 if (!test_bit(HCI_UP, &d->flags) || test_bit(HCI_RAW, &d->flags))
308 * No source address - find interface with bdaddr != dst
309 * Source address - find interface with bdaddr == src
313 if (!bacmp(&d->bdaddr, src)) {
317 if (bacmp(&d->bdaddr, dst)) {
324 hdev = hci_dev_hold(hdev);
326 read_unlock_bh(&hci_dev_list_lock);
329 EXPORT_SYMBOL(hci_get_route);
331 /* Create SCO or ACL connection.
332 * Device _must_ be locked */
333 struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst, __u8 auth_type)
335 struct hci_conn *acl;
336 struct hci_conn *sco;
338 BT_DBG("%s dst %s", hdev->name, batostr(dst));
340 if (!(acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst))) {
341 if (!(acl = hci_conn_add(hdev, ACL_LINK, dst)))
347 if (acl->state == BT_OPEN || acl->state == BT_CLOSED) {
348 acl->auth_type = auth_type;
349 hci_acl_connect(acl);
352 if (type == ACL_LINK)
355 if (!(sco = hci_conn_hash_lookup_ba(hdev, type, dst))) {
356 if (!(sco = hci_conn_add(hdev, type, dst))) {
367 if (acl->state == BT_CONNECTED &&
368 (sco->state == BT_OPEN || sco->state == BT_CLOSED)) {
369 if (lmp_esco_capable(hdev))
370 hci_setup_sync(sco, acl->handle);
372 hci_add_sco(sco, acl->handle);
377 EXPORT_SYMBOL(hci_connect);
379 /* Authenticate remote device */
380 int hci_conn_auth(struct hci_conn *conn)
382 BT_DBG("conn %p", conn);
384 if (conn->ssp_mode > 0 && conn->hdev->ssp_mode > 0) {
385 if (!(conn->auth_type & 0x01)) {
386 conn->auth_type |= 0x01;
387 conn->link_mode &= ~HCI_LM_AUTH;
391 if (conn->link_mode & HCI_LM_AUTH)
394 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
395 struct hci_cp_auth_requested cp;
396 cp.handle = cpu_to_le16(conn->handle);
397 hci_send_cmd(conn->hdev, HCI_OP_AUTH_REQUESTED,
402 EXPORT_SYMBOL(hci_conn_auth);
404 /* Enable encryption */
405 int hci_conn_encrypt(struct hci_conn *conn)
407 BT_DBG("conn %p", conn);
409 if (conn->link_mode & HCI_LM_ENCRYPT)
410 return hci_conn_auth(conn);
412 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend))
415 if (hci_conn_auth(conn)) {
416 struct hci_cp_set_conn_encrypt cp;
417 cp.handle = cpu_to_le16(conn->handle);
419 hci_send_cmd(conn->hdev, HCI_OP_SET_CONN_ENCRYPT,
424 EXPORT_SYMBOL(hci_conn_encrypt);
426 /* Change link key */
427 int hci_conn_change_link_key(struct hci_conn *conn)
429 BT_DBG("conn %p", conn);
431 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
432 struct hci_cp_change_conn_link_key cp;
433 cp.handle = cpu_to_le16(conn->handle);
434 hci_send_cmd(conn->hdev, HCI_OP_CHANGE_CONN_LINK_KEY,
439 EXPORT_SYMBOL(hci_conn_change_link_key);
442 int hci_conn_switch_role(struct hci_conn *conn, uint8_t role)
444 BT_DBG("conn %p", conn);
446 if (!role && conn->link_mode & HCI_LM_MASTER)
449 if (!test_and_set_bit(HCI_CONN_RSWITCH_PEND, &conn->pend)) {
450 struct hci_cp_switch_role cp;
451 bacpy(&cp.bdaddr, &conn->dst);
453 hci_send_cmd(conn->hdev, HCI_OP_SWITCH_ROLE, sizeof(cp), &cp);
457 EXPORT_SYMBOL(hci_conn_switch_role);
459 /* Enter active mode */
460 void hci_conn_enter_active_mode(struct hci_conn *conn)
462 struct hci_dev *hdev = conn->hdev;
464 BT_DBG("conn %p mode %d", conn, conn->mode);
466 if (test_bit(HCI_RAW, &hdev->flags))
469 if (conn->mode != HCI_CM_SNIFF || !conn->power_save)
472 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
473 struct hci_cp_exit_sniff_mode cp;
474 cp.handle = cpu_to_le16(conn->handle);
475 hci_send_cmd(hdev, HCI_OP_EXIT_SNIFF_MODE, sizeof(cp), &cp);
479 if (hdev->idle_timeout > 0)
480 mod_timer(&conn->idle_timer,
481 jiffies + msecs_to_jiffies(hdev->idle_timeout));
484 /* Enter sniff mode */
485 void hci_conn_enter_sniff_mode(struct hci_conn *conn)
487 struct hci_dev *hdev = conn->hdev;
489 BT_DBG("conn %p mode %d", conn, conn->mode);
491 if (test_bit(HCI_RAW, &hdev->flags))
494 if (!lmp_sniff_capable(hdev) || !lmp_sniff_capable(conn))
497 if (conn->mode != HCI_CM_ACTIVE || !(conn->link_policy & HCI_LP_SNIFF))
500 if (lmp_sniffsubr_capable(hdev) && lmp_sniffsubr_capable(conn)) {
501 struct hci_cp_sniff_subrate cp;
502 cp.handle = cpu_to_le16(conn->handle);
503 cp.max_latency = cpu_to_le16(0);
504 cp.min_remote_timeout = cpu_to_le16(0);
505 cp.min_local_timeout = cpu_to_le16(0);
506 hci_send_cmd(hdev, HCI_OP_SNIFF_SUBRATE, sizeof(cp), &cp);
509 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
510 struct hci_cp_sniff_mode cp;
511 cp.handle = cpu_to_le16(conn->handle);
512 cp.max_interval = cpu_to_le16(hdev->sniff_max_interval);
513 cp.min_interval = cpu_to_le16(hdev->sniff_min_interval);
514 cp.attempt = cpu_to_le16(4);
515 cp.timeout = cpu_to_le16(1);
516 hci_send_cmd(hdev, HCI_OP_SNIFF_MODE, sizeof(cp), &cp);
520 /* Drop all connection on the device */
521 void hci_conn_hash_flush(struct hci_dev *hdev)
523 struct hci_conn_hash *h = &hdev->conn_hash;
526 BT_DBG("hdev %s", hdev->name);
529 while (p != &h->list) {
532 c = list_entry(p, struct hci_conn, list);
535 c->state = BT_CLOSED;
537 hci_conn_del_sysfs(c);
539 hci_proto_disconn_ind(c, 0x16);
544 /* Check pending connect attempts */
545 void hci_conn_check_pending(struct hci_dev *hdev)
547 struct hci_conn *conn;
549 BT_DBG("hdev %s", hdev->name);
553 conn = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
555 hci_acl_connect(conn);
557 hci_dev_unlock(hdev);
560 int hci_get_conn_list(void __user *arg)
562 struct hci_conn_list_req req, *cl;
563 struct hci_conn_info *ci;
564 struct hci_dev *hdev;
566 int n = 0, size, err;
568 if (copy_from_user(&req, arg, sizeof(req)))
571 if (!req.conn_num || req.conn_num > (PAGE_SIZE * 2) / sizeof(*ci))
574 size = sizeof(req) + req.conn_num * sizeof(*ci);
576 if (!(cl = kmalloc(size, GFP_KERNEL)))
579 if (!(hdev = hci_dev_get(req.dev_id))) {
586 hci_dev_lock_bh(hdev);
587 list_for_each(p, &hdev->conn_hash.list) {
588 register struct hci_conn *c;
589 c = list_entry(p, struct hci_conn, list);
591 bacpy(&(ci + n)->bdaddr, &c->dst);
592 (ci + n)->handle = c->handle;
593 (ci + n)->type = c->type;
594 (ci + n)->out = c->out;
595 (ci + n)->state = c->state;
596 (ci + n)->link_mode = c->link_mode;
597 if (++n >= req.conn_num)
600 hci_dev_unlock_bh(hdev);
602 cl->dev_id = hdev->id;
604 size = sizeof(req) + n * sizeof(*ci);
608 err = copy_to_user(arg, cl, size);
611 return err ? -EFAULT : 0;
614 int hci_get_conn_info(struct hci_dev *hdev, void __user *arg)
616 struct hci_conn_info_req req;
617 struct hci_conn_info ci;
618 struct hci_conn *conn;
619 char __user *ptr = arg + sizeof(req);
621 if (copy_from_user(&req, arg, sizeof(req)))
624 hci_dev_lock_bh(hdev);
625 conn = hci_conn_hash_lookup_ba(hdev, req.type, &req.bdaddr);
627 bacpy(&ci.bdaddr, &conn->dst);
628 ci.handle = conn->handle;
629 ci.type = conn->type;
631 ci.state = conn->state;
632 ci.link_mode = conn->link_mode;
634 hci_dev_unlock_bh(hdev);
639 return copy_to_user(ptr, &ci, sizeof(ci)) ? -EFAULT : 0;
642 int hci_get_auth_info(struct hci_dev *hdev, void __user *arg)
644 struct hci_auth_info_req req;
645 struct hci_conn *conn;
647 if (copy_from_user(&req, arg, sizeof(req)))
650 hci_dev_lock_bh(hdev);
651 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &req.bdaddr);
653 req.type = conn->auth_type;
654 hci_dev_unlock_bh(hdev);
659 return copy_to_user(arg, &req, sizeof(req)) ? -EFAULT : 0;