2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI connection handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
41 #include <asm/system.h>
42 #include <asm/uaccess.h>
43 #include <asm/unaligned.h>
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
48 void hci_acl_connect(struct hci_conn *conn)
50 struct hci_dev *hdev = conn->hdev;
51 struct inquiry_entry *ie;
52 struct hci_cp_create_conn cp;
56 conn->state = BT_CONNECT;
59 conn->link_mode = HCI_LM_MASTER;
63 conn->link_policy = hdev->link_policy;
65 memset(&cp, 0, sizeof(cp));
66 bacpy(&cp.bdaddr, &conn->dst);
67 cp.pscan_rep_mode = 0x02;
69 if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst))) {
70 if (inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) {
71 cp.pscan_rep_mode = ie->data.pscan_rep_mode;
72 cp.pscan_mode = ie->data.pscan_mode;
73 cp.clock_offset = ie->data.clock_offset |
77 memcpy(conn->dev_class, ie->data.dev_class, 3);
78 conn->ssp_mode = ie->data.ssp_mode;
81 cp.pkt_type = cpu_to_le16(conn->pkt_type);
82 if (lmp_rswitch_capable(hdev) && !(hdev->link_mode & HCI_LM_MASTER))
83 cp.role_switch = 0x01;
85 cp.role_switch = 0x00;
87 hci_send_cmd(hdev, HCI_OP_CREATE_CONN, sizeof(cp), &cp);
90 static void hci_acl_connect_cancel(struct hci_conn *conn)
92 struct hci_cp_create_conn_cancel cp;
96 if (conn->hdev->hci_ver < 2)
99 bacpy(&cp.bdaddr, &conn->dst);
100 hci_send_cmd(conn->hdev, HCI_OP_CREATE_CONN_CANCEL, sizeof(cp), &cp);
103 void hci_acl_disconn(struct hci_conn *conn, __u8 reason)
105 struct hci_cp_disconnect cp;
109 conn->state = BT_DISCONN;
111 cp.handle = cpu_to_le16(conn->handle);
113 hci_send_cmd(conn->hdev, HCI_OP_DISCONNECT, sizeof(cp), &cp);
116 void hci_add_sco(struct hci_conn *conn, __u16 handle)
118 struct hci_dev *hdev = conn->hdev;
119 struct hci_cp_add_sco cp;
123 conn->state = BT_CONNECT;
128 cp.handle = cpu_to_le16(handle);
129 cp.pkt_type = cpu_to_le16(conn->pkt_type);
131 hci_send_cmd(hdev, HCI_OP_ADD_SCO, sizeof(cp), &cp);
134 void hci_setup_sync(struct hci_conn *conn, __u16 handle)
136 struct hci_dev *hdev = conn->hdev;
137 struct hci_cp_setup_sync_conn cp;
141 conn->state = BT_CONNECT;
146 cp.handle = cpu_to_le16(handle);
147 cp.pkt_type = cpu_to_le16(conn->pkt_type);
149 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
150 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
151 cp.max_latency = cpu_to_le16(0xffff);
152 cp.voice_setting = cpu_to_le16(hdev->voice_setting);
153 cp.retrans_effort = 0xff;
155 hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp);
158 static void hci_conn_timeout(unsigned long arg)
160 struct hci_conn *conn = (void *) arg;
161 struct hci_dev *hdev = conn->hdev;
164 BT_DBG("conn %p state %d", conn, conn->state);
166 if (atomic_read(&conn->refcnt))
171 switch (conn->state) {
174 if (conn->type == ACL_LINK)
175 hci_acl_connect_cancel(conn);
177 hci_acl_disconn(conn, 0x13);
181 reason = hci_proto_disconn_ind(conn);
182 hci_acl_disconn(conn, reason);
185 conn->state = BT_CLOSED;
189 hci_dev_unlock(hdev);
192 static void hci_conn_idle(unsigned long arg)
194 struct hci_conn *conn = (void *) arg;
196 BT_DBG("conn %p mode %d", conn, conn->mode);
198 hci_conn_enter_sniff_mode(conn);
201 struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst)
203 struct hci_conn *conn;
205 BT_DBG("%s dst %s", hdev->name, batostr(dst));
207 conn = kzalloc(sizeof(struct hci_conn), GFP_ATOMIC);
211 bacpy(&conn->dst, dst);
214 conn->mode = HCI_CM_ACTIVE;
215 conn->state = BT_OPEN;
217 conn->power_save = 1;
221 conn->pkt_type = hdev->pkt_type & ACL_PTYPE_MASK;
224 if (lmp_esco_capable(hdev))
225 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
226 (hdev->esco_type & EDR_ESCO_MASK);
228 conn->pkt_type = hdev->pkt_type & SCO_PTYPE_MASK;
231 conn->pkt_type = hdev->esco_type & ~EDR_ESCO_MASK;
235 skb_queue_head_init(&conn->data_q);
237 setup_timer(&conn->disc_timer, hci_conn_timeout, (unsigned long)conn);
238 setup_timer(&conn->idle_timer, hci_conn_idle, (unsigned long)conn);
240 atomic_set(&conn->refcnt, 0);
244 tasklet_disable(&hdev->tx_task);
246 hci_conn_hash_add(hdev, conn);
248 hdev->notify(hdev, HCI_NOTIFY_CONN_ADD);
250 tasklet_enable(&hdev->tx_task);
255 int hci_conn_del(struct hci_conn *conn)
257 struct hci_dev *hdev = conn->hdev;
259 BT_DBG("%s conn %p handle %d", hdev->name, conn, conn->handle);
261 del_timer(&conn->idle_timer);
263 del_timer(&conn->disc_timer);
265 if (conn->type == ACL_LINK) {
266 struct hci_conn *sco = conn->link;
271 hdev->acl_cnt += conn->sent;
273 struct hci_conn *acl = conn->link;
280 tasklet_disable(&hdev->tx_task);
282 hci_conn_hash_del(hdev, conn);
284 hdev->notify(hdev, HCI_NOTIFY_CONN_DEL);
286 tasklet_enable(&hdev->tx_task);
288 skb_queue_purge(&conn->data_q);
293 struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
295 int use_src = bacmp(src, BDADDR_ANY);
296 struct hci_dev *hdev = NULL;
299 BT_DBG("%s -> %s", batostr(src), batostr(dst));
301 read_lock_bh(&hci_dev_list_lock);
303 list_for_each(p, &hci_dev_list) {
304 struct hci_dev *d = list_entry(p, struct hci_dev, list);
306 if (!test_bit(HCI_UP, &d->flags) || test_bit(HCI_RAW, &d->flags))
310 * No source address - find interface with bdaddr != dst
311 * Source address - find interface with bdaddr == src
315 if (!bacmp(&d->bdaddr, src)) {
319 if (bacmp(&d->bdaddr, dst)) {
326 hdev = hci_dev_hold(hdev);
328 read_unlock_bh(&hci_dev_list_lock);
331 EXPORT_SYMBOL(hci_get_route);
333 /* Create SCO or ACL connection.
334 * Device _must_ be locked */
335 struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst, __u8 sec_level, __u8 auth_type)
337 struct hci_conn *acl;
338 struct hci_conn *sco;
340 BT_DBG("%s dst %s", hdev->name, batostr(dst));
342 if (!(acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst))) {
343 if (!(acl = hci_conn_add(hdev, ACL_LINK, dst)))
349 if (acl->state == BT_OPEN || acl->state == BT_CLOSED) {
350 acl->sec_level = sec_level;
351 acl->auth_type = auth_type;
352 hci_acl_connect(acl);
355 if (type == ACL_LINK)
358 if (!(sco = hci_conn_hash_lookup_ba(hdev, type, dst))) {
359 if (!(sco = hci_conn_add(hdev, type, dst))) {
370 if (acl->state == BT_CONNECTED &&
371 (sco->state == BT_OPEN || sco->state == BT_CLOSED)) {
372 if (lmp_esco_capable(hdev))
373 hci_setup_sync(sco, acl->handle);
375 hci_add_sco(sco, acl->handle);
380 EXPORT_SYMBOL(hci_connect);
382 /* Check link security requirement */
383 int hci_conn_check_link_mode(struct hci_conn *conn)
385 BT_DBG("conn %p", conn);
387 if (conn->ssp_mode > 0 && conn->hdev->ssp_mode > 0 &&
388 !(conn->link_mode & HCI_LM_ENCRYPT))
393 EXPORT_SYMBOL(hci_conn_check_link_mode);
395 /* Authenticate remote device */
396 static int hci_conn_auth(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
398 BT_DBG("conn %p", conn);
400 if (sec_level > conn->sec_level) {
401 conn->sec_level = sec_level;
402 conn->auth_type = auth_type;
403 } else if (conn->link_mode & HCI_LM_AUTH)
406 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
407 struct hci_cp_auth_requested cp;
408 cp.handle = cpu_to_le16(conn->handle);
409 hci_send_cmd(conn->hdev, HCI_OP_AUTH_REQUESTED,
416 /* Enable security */
417 int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
419 BT_DBG("conn %p", conn);
421 if (conn->auth_type == 0xff)
422 conn->auth_type = auth_type;
424 if (sec_level == BT_SECURITY_SDP)
427 if (sec_level == BT_SECURITY_LOW) {
428 if (conn->ssp_mode > 0 && conn->hdev->ssp_mode > 0)
429 return hci_conn_auth(conn, sec_level, auth_type);
434 if (conn->link_mode & HCI_LM_ENCRYPT)
435 return hci_conn_auth(conn, sec_level, auth_type);
437 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend))
440 if (hci_conn_auth(conn, sec_level, auth_type)) {
441 struct hci_cp_set_conn_encrypt cp;
442 cp.handle = cpu_to_le16(conn->handle);
444 hci_send_cmd(conn->hdev, HCI_OP_SET_CONN_ENCRYPT,
450 EXPORT_SYMBOL(hci_conn_security);
452 /* Change link key */
453 int hci_conn_change_link_key(struct hci_conn *conn)
455 BT_DBG("conn %p", conn);
457 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
458 struct hci_cp_change_conn_link_key cp;
459 cp.handle = cpu_to_le16(conn->handle);
460 hci_send_cmd(conn->hdev, HCI_OP_CHANGE_CONN_LINK_KEY,
466 EXPORT_SYMBOL(hci_conn_change_link_key);
469 int hci_conn_switch_role(struct hci_conn *conn, __u8 role)
471 BT_DBG("conn %p", conn);
473 if (!role && conn->link_mode & HCI_LM_MASTER)
476 if (!test_and_set_bit(HCI_CONN_RSWITCH_PEND, &conn->pend)) {
477 struct hci_cp_switch_role cp;
478 bacpy(&cp.bdaddr, &conn->dst);
480 hci_send_cmd(conn->hdev, HCI_OP_SWITCH_ROLE, sizeof(cp), &cp);
485 EXPORT_SYMBOL(hci_conn_switch_role);
487 /* Enter active mode */
488 void hci_conn_enter_active_mode(struct hci_conn *conn)
490 struct hci_dev *hdev = conn->hdev;
492 BT_DBG("conn %p mode %d", conn, conn->mode);
494 if (test_bit(HCI_RAW, &hdev->flags))
497 if (conn->mode != HCI_CM_SNIFF || !conn->power_save)
500 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
501 struct hci_cp_exit_sniff_mode cp;
502 cp.handle = cpu_to_le16(conn->handle);
503 hci_send_cmd(hdev, HCI_OP_EXIT_SNIFF_MODE, sizeof(cp), &cp);
507 if (hdev->idle_timeout > 0)
508 mod_timer(&conn->idle_timer,
509 jiffies + msecs_to_jiffies(hdev->idle_timeout));
512 /* Enter sniff mode */
513 void hci_conn_enter_sniff_mode(struct hci_conn *conn)
515 struct hci_dev *hdev = conn->hdev;
517 BT_DBG("conn %p mode %d", conn, conn->mode);
519 if (test_bit(HCI_RAW, &hdev->flags))
522 if (!lmp_sniff_capable(hdev) || !lmp_sniff_capable(conn))
525 if (conn->mode != HCI_CM_ACTIVE || !(conn->link_policy & HCI_LP_SNIFF))
528 if (lmp_sniffsubr_capable(hdev) && lmp_sniffsubr_capable(conn)) {
529 struct hci_cp_sniff_subrate cp;
530 cp.handle = cpu_to_le16(conn->handle);
531 cp.max_latency = cpu_to_le16(0);
532 cp.min_remote_timeout = cpu_to_le16(0);
533 cp.min_local_timeout = cpu_to_le16(0);
534 hci_send_cmd(hdev, HCI_OP_SNIFF_SUBRATE, sizeof(cp), &cp);
537 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
538 struct hci_cp_sniff_mode cp;
539 cp.handle = cpu_to_le16(conn->handle);
540 cp.max_interval = cpu_to_le16(hdev->sniff_max_interval);
541 cp.min_interval = cpu_to_le16(hdev->sniff_min_interval);
542 cp.attempt = cpu_to_le16(4);
543 cp.timeout = cpu_to_le16(1);
544 hci_send_cmd(hdev, HCI_OP_SNIFF_MODE, sizeof(cp), &cp);
548 /* Drop all connection on the device */
549 void hci_conn_hash_flush(struct hci_dev *hdev)
551 struct hci_conn_hash *h = &hdev->conn_hash;
554 BT_DBG("hdev %s", hdev->name);
557 while (p != &h->list) {
560 c = list_entry(p, struct hci_conn, list);
563 c->state = BT_CLOSED;
565 hci_conn_del_sysfs(c);
567 hci_proto_disconn_cfm(c, 0x16);
572 /* Check pending connect attempts */
573 void hci_conn_check_pending(struct hci_dev *hdev)
575 struct hci_conn *conn;
577 BT_DBG("hdev %s", hdev->name);
581 conn = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
583 hci_acl_connect(conn);
585 hci_dev_unlock(hdev);
588 int hci_get_conn_list(void __user *arg)
590 struct hci_conn_list_req req, *cl;
591 struct hci_conn_info *ci;
592 struct hci_dev *hdev;
594 int n = 0, size, err;
596 if (copy_from_user(&req, arg, sizeof(req)))
599 if (!req.conn_num || req.conn_num > (PAGE_SIZE * 2) / sizeof(*ci))
602 size = sizeof(req) + req.conn_num * sizeof(*ci);
604 if (!(cl = kmalloc(size, GFP_KERNEL)))
607 if (!(hdev = hci_dev_get(req.dev_id))) {
614 hci_dev_lock_bh(hdev);
615 list_for_each(p, &hdev->conn_hash.list) {
616 register struct hci_conn *c;
617 c = list_entry(p, struct hci_conn, list);
619 bacpy(&(ci + n)->bdaddr, &c->dst);
620 (ci + n)->handle = c->handle;
621 (ci + n)->type = c->type;
622 (ci + n)->out = c->out;
623 (ci + n)->state = c->state;
624 (ci + n)->link_mode = c->link_mode;
625 if (++n >= req.conn_num)
628 hci_dev_unlock_bh(hdev);
630 cl->dev_id = hdev->id;
632 size = sizeof(req) + n * sizeof(*ci);
636 err = copy_to_user(arg, cl, size);
639 return err ? -EFAULT : 0;
642 int hci_get_conn_info(struct hci_dev *hdev, void __user *arg)
644 struct hci_conn_info_req req;
645 struct hci_conn_info ci;
646 struct hci_conn *conn;
647 char __user *ptr = arg + sizeof(req);
649 if (copy_from_user(&req, arg, sizeof(req)))
652 hci_dev_lock_bh(hdev);
653 conn = hci_conn_hash_lookup_ba(hdev, req.type, &req.bdaddr);
655 bacpy(&ci.bdaddr, &conn->dst);
656 ci.handle = conn->handle;
657 ci.type = conn->type;
659 ci.state = conn->state;
660 ci.link_mode = conn->link_mode;
662 hci_dev_unlock_bh(hdev);
667 return copy_to_user(ptr, &ci, sizeof(ci)) ? -EFAULT : 0;
670 int hci_get_auth_info(struct hci_dev *hdev, void __user *arg)
672 struct hci_auth_info_req req;
673 struct hci_conn *conn;
675 if (copy_from_user(&req, arg, sizeof(req)))
678 hci_dev_lock_bh(hdev);
679 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &req.bdaddr);
681 req.type = conn->auth_type;
682 hci_dev_unlock_bh(hdev);
687 return copy_to_user(arg, &req, sizeof(req)) ? -EFAULT : 0;
git.openpandora.org / pandora-kernel.git / blob