git.openpandora.org / pandora-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input
[pandora-kernel.git] / net / bluetooth / hidp / core.c
1 /*
2    HIDP implementation for Linux Bluetooth stack (BlueZ).
3    Copyright (C) 2003-2004 Marcel Holtmann <marcel@holtmann.org>
4
5    This program is free software; you can redistribute it and/or modify
6    it under the terms of the GNU General Public License version 2 as
7    published by the Free Software Foundation;
8
9    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10    OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12    IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13    CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18    ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19    COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20    SOFTWARE IS DISCLAIMED.
21 */
22
23 #include <linux/module.h>
24
25 #include <linux/types.h>
26 #include <linux/errno.h>
27 #include <linux/kernel.h>
28 #include <linux/sched.h>
29 #include <linux/slab.h>
30 #include <linux/poll.h>
31 #include <linux/freezer.h>
32 #include <linux/fcntl.h>
33 #include <linux/skbuff.h>
34 #include <linux/socket.h>
35 #include <linux/ioctl.h>
36 #include <linux/file.h>
37 #include <linux/init.h>
38 #include <linux/wait.h>
39 #include <net/sock.h>
40
41 #include <linux/input.h>
42 #include <linux/hid.h>
43 #include <linux/hidraw.h>
44
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
47 #include <net/bluetooth/l2cap.h>
48
49 #include "hidp.h"
50
51 #define VERSION "1.2"
52
53 static DECLARE_RWSEM(hidp_session_sem);
54 static LIST_HEAD(hidp_session_list);
55
56 static unsigned char hidp_keycode[256] = {
57           0,  0,  0,  0, 30, 48, 46, 32, 18, 33, 34, 35, 23, 36, 37, 38,
58          50, 49, 24, 25, 16, 19, 31, 20, 22, 47, 17, 45, 21, 44,  2,  3,
59           4,  5,  6,  7,  8,  9, 10, 11, 28,  1, 14, 15, 57, 12, 13, 26,
60          27, 43, 43, 39, 40, 41, 51, 52, 53, 58, 59, 60, 61, 62, 63, 64,
61          65, 66, 67, 68, 87, 88, 99, 70,119,110,102,104,111,107,109,106,
62         105,108,103, 69, 98, 55, 74, 78, 96, 79, 80, 81, 75, 76, 77, 71,
63          72, 73, 82, 83, 86,127,116,117,183,184,185,186,187,188,189,190,
64         191,192,193,194,134,138,130,132,128,129,131,137,133,135,136,113,
65         115,114,  0,  0,  0,121,  0, 89, 93,124, 92, 94, 95,  0,  0,  0,
66         122,123, 90, 91, 85,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
67           0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
68           0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
69           0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
70           0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
71          29, 42, 56,125, 97, 54,100,126,164,166,165,163,161,115,114,113,
72         150,158,159,128,136,177,178,176,142,152,173,140
73 };
74
75 static unsigned char hidp_mkeyspat[] = { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 };
76
77 static struct hidp_session *__hidp_get_session(bdaddr_t *bdaddr)
78 {
79         struct hidp_session *session;
80         struct list_head *p;
81
82         BT_DBG("");
83
84         list_for_each(p, &hidp_session_list) {
85                 session = list_entry(p, struct hidp_session, list);
86                 if (!bacmp(bdaddr, &session->bdaddr))
87                         return session;
88         }
89         return NULL;
90 }
91
92 static void __hidp_link_session(struct hidp_session *session)
93 {
94         __module_get(THIS_MODULE);
95         list_add(&session->list, &hidp_session_list);
96
97         hci_conn_hold_device(session->conn);
98 }
99
100 static void __hidp_unlink_session(struct hidp_session *session)
101 {
102         hci_conn_put_device(session->conn);
103
104         list_del(&session->list);
105         module_put(THIS_MODULE);
106 }
107
108 static void __hidp_copy_session(struct hidp_session *session, struct hidp_conninfo *ci)
109 {
110         bacpy(&ci->bdaddr, &session->bdaddr);
111
112         ci->flags = session->flags;
113         ci->state = session->state;
114
115         ci->vendor  = 0x0000;
116         ci->product = 0x0000;
117         ci->version = 0x0000;
118         memset(ci->name, 0, 128);
119
120         if (session->input) {
121                 ci->vendor  = session->input->id.vendor;
122                 ci->product = session->input->id.product;
123                 ci->version = session->input->id.version;
124                 if (session->input->name)
125                         strncpy(ci->name, session->input->name, 128);
126                 else
127                         strncpy(ci->name, "HID Boot Device", 128);
128         }
129
130         if (session->hid) {
131                 ci->vendor  = session->hid->vendor;
132                 ci->product = session->hid->product;
133                 ci->version = session->hid->version;
134                 strncpy(ci->name, session->hid->name, 128);
135         }
136 }
137
138 static int hidp_queue_event(struct hidp_session *session, struct input_dev *dev,
139                                 unsigned int type, unsigned int code, int value)
140 {
141         unsigned char newleds;
142         struct sk_buff *skb;
143
144         BT_DBG("session %p type %d code %d value %d", session, type, code, value);
145
146         if (type != EV_LED)
147                 return -1;
148
149         newleds = (!!test_bit(LED_KANA,    dev->led) << 3) |
150                   (!!test_bit(LED_COMPOSE, dev->led) << 3) |
151                   (!!test_bit(LED_SCROLLL, dev->led) << 2) |
152                   (!!test_bit(LED_CAPSL,   dev->led) << 1) |
153                   (!!test_bit(LED_NUML,    dev->led));
154
155         if (session->leds == newleds)
156                 return 0;
157
158         session->leds = newleds;
159
160         if (!(skb = alloc_skb(3, GFP_ATOMIC))) {
161                 BT_ERR("Can't allocate memory for new frame");
162                 return -ENOMEM;
163         }
164
165         *skb_put(skb, 1) = HIDP_TRANS_DATA | HIDP_DATA_RTYPE_OUPUT;
166         *skb_put(skb, 1) = 0x01;
167         *skb_put(skb, 1) = newleds;
168
169         skb_queue_tail(&session->intr_transmit, skb);
170
171         hidp_schedule(session);
172
173         return 0;
174 }
175
176 static int hidp_hidinput_event(struct input_dev *dev, unsigned int type, unsigned int code, int value)
177 {
178         struct hid_device *hid = input_get_drvdata(dev);
179         struct hidp_session *session = hid->driver_data;
180
181         return hidp_queue_event(session, dev, type, code, value);
182 }
183
184 static int hidp_input_event(struct input_dev *dev, unsigned int type, unsigned int code, int value)
185 {
186         struct hidp_session *session = input_get_drvdata(dev);
187
188         return hidp_queue_event(session, dev, type, code, value);
189 }
190
191 static void hidp_input_report(struct hidp_session *session, struct sk_buff *skb)
192 {
193         struct input_dev *dev = session->input;
194         unsigned char *keys = session->keys;
195         unsigned char *udata = skb->data + 1;
196         signed char *sdata = skb->data + 1;
197         int i, size = skb->len - 1;
198
199         switch (skb->data[0]) {
200         case 0x01:      /* Keyboard report */
201                 for (i = 0; i < 8; i++)
202                         input_report_key(dev, hidp_keycode[i + 224], (udata[0] >> i) & 1);
203
204                 /* If all the key codes have been set to 0x01, it means
205                  * too many keys were pressed at the same time. */
206                 if (!memcmp(udata + 2, hidp_mkeyspat, 6))
207                         break;
208
209                 for (i = 2; i < 8; i++) {
210                         if (keys[i] > 3 && memscan(udata + 2, keys[i], 6) == udata + 8) {
211                                 if (hidp_keycode[keys[i]])
212                                         input_report_key(dev, hidp_keycode[keys[i]], 0);
213                                 else
214                                         BT_ERR("Unknown key (scancode %#x) released.", keys[i]);
215                         }
216
217                         if (udata[i] > 3 && memscan(keys + 2, udata[i], 6) == keys + 8) {
218                                 if (hidp_keycode[udata[i]])
219                                         input_report_key(dev, hidp_keycode[udata[i]], 1);
220                                 else
221                                         BT_ERR("Unknown key (scancode %#x) pressed.", udata[i]);
222                         }
223                 }
224
225                 memcpy(keys, udata, 8);
226                 break;
227
228         case 0x02:      /* Mouse report */
229                 input_report_key(dev, BTN_LEFT,   sdata[0] & 0x01);
230                 input_report_key(dev, BTN_RIGHT,  sdata[0] & 0x02);
231                 input_report_key(dev, BTN_MIDDLE, sdata[0] & 0x04);
232                 input_report_key(dev, BTN_SIDE,   sdata[0] & 0x08);
233                 input_report_key(dev, BTN_EXTRA,  sdata[0] & 0x10);
234
235                 input_report_rel(dev, REL_X, sdata[1]);
236                 input_report_rel(dev, REL_Y, sdata[2]);
237
238                 if (size > 3)
239                         input_report_rel(dev, REL_WHEEL, sdata[3]);
240                 break;
241         }
242
243         input_sync(dev);
244 }
245
246 static int hidp_queue_report(struct hidp_session *session,
247                                 unsigned char *data, int size)
248 {
249         struct sk_buff *skb;
250
251         BT_DBG("session %p hid %p data %p size %d", session, session->hid, data, size);
252
253         if (!(skb = alloc_skb(size + 1, GFP_ATOMIC))) {
254                 BT_ERR("Can't allocate memory for new frame");
255                 return -ENOMEM;
256         }
257
258         *skb_put(skb, 1) = 0xa2;
259         if (size > 0)
260                 memcpy(skb_put(skb, size), data, size);
261
262         skb_queue_tail(&session->intr_transmit, skb);
263
264         hidp_schedule(session);
265
266         return 0;
267 }
268
269 static int hidp_send_report(struct hidp_session *session, struct hid_report *report)
270 {
271         unsigned char buf[32];
272         int rsize;
273
274         rsize = ((report->size - 1) >> 3) + 1 + (report->id > 0);
275         if (rsize > sizeof(buf))
276                 return -EIO;
277
278         hid_output_report(report, buf);
279
280         return hidp_queue_report(session, buf, rsize);
281 }
282
283 static int hidp_output_raw_report(struct hid_device *hid, unsigned char *data, size_t count)
284 {
285         if (hidp_queue_report(hid->driver_data, data, count))
286                 return -ENOMEM;
287         return count;
288 }
289
290 static void hidp_idle_timeout(unsigned long arg)
291 {
292         struct hidp_session *session = (struct hidp_session *) arg;
293
294         atomic_inc(&session->terminate);
295         hidp_schedule(session);
296 }
297
298 static void hidp_set_timer(struct hidp_session *session)
299 {
300         if (session->idle_to > 0)
301                 mod_timer(&session->timer, jiffies + HZ * session->idle_to);
302 }
303
304 static inline void hidp_del_timer(struct hidp_session *session)
305 {
306         if (session->idle_to > 0)
307                 del_timer(&session->timer);
308 }
309
310 static int __hidp_send_ctrl_message(struct hidp_session *session,
311                         unsigned char hdr, unsigned char *data, int size)
312 {
313         struct sk_buff *skb;
314
315         BT_DBG("session %p data %p size %d", session, data, size);
316
317         if (!(skb = alloc_skb(size + 1, GFP_ATOMIC))) {
318                 BT_ERR("Can't allocate memory for new frame");
319                 return -ENOMEM;
320         }
321
322         *skb_put(skb, 1) = hdr;
323         if (data && size > 0)
324                 memcpy(skb_put(skb, size), data, size);
325
326         skb_queue_tail(&session->ctrl_transmit, skb);
327
328         return 0;
329 }
330
331 static inline int hidp_send_ctrl_message(struct hidp_session *session,
332                         unsigned char hdr, unsigned char *data, int size)
333 {
334         int err;
335
336         err = __hidp_send_ctrl_message(session, hdr, data, size);
337
338         hidp_schedule(session);
339
340         return err;
341 }
342
343 static void hidp_process_handshake(struct hidp_session *session,
344                                         unsigned char param)
345 {
346         BT_DBG("session %p param 0x%02x", session, param);
347
348         switch (param) {
349         case HIDP_HSHK_SUCCESSFUL:
350                 /* FIXME: Call into SET_ GET_ handlers here */
351                 break;
352
353         case HIDP_HSHK_NOT_READY:
354         case HIDP_HSHK_ERR_INVALID_REPORT_ID:
355         case HIDP_HSHK_ERR_UNSUPPORTED_REQUEST:
356         case HIDP_HSHK_ERR_INVALID_PARAMETER:
357                 /* FIXME: Call into SET_ GET_ handlers here */
358                 break;
359
360         case HIDP_HSHK_ERR_UNKNOWN:
361                 break;
362
363         case HIDP_HSHK_ERR_FATAL:
364                 /* Device requests a reboot, as this is the only way this error
365                  * can be recovered. */
366                 __hidp_send_ctrl_message(session,
367                         HIDP_TRANS_HID_CONTROL | HIDP_CTRL_SOFT_RESET, NULL, 0);
368                 break;
369
370         default:
371                 __hidp_send_ctrl_message(session,
372                         HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0);
373                 break;
374         }
375 }
376
377 static void hidp_process_hid_control(struct hidp_session *session,
378                                         unsigned char param)
379 {
380         BT_DBG("session %p param 0x%02x", session, param);
381
382         if (param == HIDP_CTRL_VIRTUAL_CABLE_UNPLUG) {
383                 /* Flush the transmit queues */
384                 skb_queue_purge(&session->ctrl_transmit);
385                 skb_queue_purge(&session->intr_transmit);
386
387                 /* Kill session thread */
388                 atomic_inc(&session->terminate);
389                 hidp_schedule(session);
390         }
391 }
392
393 static void hidp_process_data(struct hidp_session *session, struct sk_buff *skb,
394                                 unsigned char param)
395 {
396         BT_DBG("session %p skb %p len %d param 0x%02x", session, skb, skb->len, param);
397
398         switch (param) {
399         case HIDP_DATA_RTYPE_INPUT:
400                 hidp_set_timer(session);
401
402                 if (session->input)
403                         hidp_input_report(session, skb);
404
405                 if (session->hid)
406                         hid_input_report(session->hid, HID_INPUT_REPORT, skb->data, skb->len, 0);
407
408                 break;
409
410         case HIDP_DATA_RTYPE_OTHER:
411         case HIDP_DATA_RTYPE_OUPUT:
412         case HIDP_DATA_RTYPE_FEATURE:
413                 break;
414
415         default:
416                 __hidp_send_ctrl_message(session,
417                         HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0);
418         }
419 }
420
421 static void hidp_recv_ctrl_frame(struct hidp_session *session,
422                                         struct sk_buff *skb)
423 {
424         unsigned char hdr, type, param;
425
426         BT_DBG("session %p skb %p len %d", session, skb, skb->len);
427
428         hdr = skb->data[0];
429         skb_pull(skb, 1);
430
431         type = hdr & HIDP_HEADER_TRANS_MASK;
432         param = hdr & HIDP_HEADER_PARAM_MASK;
433
434         switch (type) {
435         case HIDP_TRANS_HANDSHAKE:
436                 hidp_process_handshake(session, param);
437                 break;
438
439         case HIDP_TRANS_HID_CONTROL:
440                 hidp_process_hid_control(session, param);
441                 break;
442
443         case HIDP_TRANS_DATA:
444                 hidp_process_data(session, skb, param);
445                 break;
446
447         default:
448                 __hidp_send_ctrl_message(session,
449                         HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_UNSUPPORTED_REQUEST, NULL, 0);
450                 break;
451         }
452
453         kfree_skb(skb);
454 }
455
456 static void hidp_recv_intr_frame(struct hidp_session *session,
457                                 struct sk_buff *skb)
458 {
459         unsigned char hdr;
460
461         BT_DBG("session %p skb %p len %d", session, skb, skb->len);
462
463         hdr = skb->data[0];
464         skb_pull(skb, 1);
465
466         if (hdr == (HIDP_TRANS_DATA | HIDP_DATA_RTYPE_INPUT)) {
467                 hidp_set_timer(session);
468
469                 if (session->input)
470                         hidp_input_report(session, skb);
471
472                 if (session->hid) {
473                         hid_input_report(session->hid, HID_INPUT_REPORT, skb->data, skb->len, 1);
474                         BT_DBG("report len %d", skb->len);
475                 }
476         } else {
477                 BT_DBG("Unsupported protocol header 0x%02x", hdr);
478         }
479
480         kfree_skb(skb);
481 }
482
483 static int hidp_send_frame(struct socket *sock, unsigned char *data, int len)
484 {
485         struct kvec iv = { data, len };
486         struct msghdr msg;
487
488         BT_DBG("sock %p data %p len %d", sock, data, len);
489
490         if (!len)
491                 return 0;
492
493         memset(&msg, 0, sizeof(msg));
494
495         return kernel_sendmsg(sock, &msg, &iv, 1, len);
496 }
497
498 static void hidp_process_transmit(struct hidp_session *session)
499 {
500         struct sk_buff *skb;
501
502         BT_DBG("session %p", session);
503
504         while ((skb = skb_dequeue(&session->ctrl_transmit))) {
505                 if (hidp_send_frame(session->ctrl_sock, skb->data, skb->len) < 0) {
506                         skb_queue_head(&session->ctrl_transmit, skb);
507                         break;
508                 }
509
510                 hidp_set_timer(session);
511                 kfree_skb(skb);
512         }
513
514         while ((skb = skb_dequeue(&session->intr_transmit))) {
515                 if (hidp_send_frame(session->intr_sock, skb->data, skb->len) < 0) {
516                         skb_queue_head(&session->intr_transmit, skb);
517                         break;
518                 }
519
520                 hidp_set_timer(session);
521                 kfree_skb(skb);
522         }
523 }
524
525 static int hidp_session(void *arg)
526 {
527         struct hidp_session *session = arg;
528         struct sock *ctrl_sk = session->ctrl_sock->sk;
529         struct sock *intr_sk = session->intr_sock->sk;
530         struct sk_buff *skb;
531         int vendor = 0x0000, product = 0x0000;
532         wait_queue_t ctrl_wait, intr_wait;
533
534         BT_DBG("session %p", session);
535
536         if (session->input) {
537                 vendor  = session->input->id.vendor;
538                 product = session->input->id.product;
539         }
540
541         if (session->hid) {
542                 vendor  = session->hid->vendor;
543                 product = session->hid->product;
544         }
545
546         daemonize("khidpd_%04x%04x", vendor, product);
547         set_user_nice(current, -15);
548
549         init_waitqueue_entry(&ctrl_wait, current);
550         init_waitqueue_entry(&intr_wait, current);
551         add_wait_queue(ctrl_sk->sk_sleep, &ctrl_wait);
552         add_wait_queue(intr_sk->sk_sleep, &intr_wait);
553         while (!atomic_read(&session->terminate)) {
554                 set_current_state(TASK_INTERRUPTIBLE);
555
556                 if (ctrl_sk->sk_state != BT_CONNECTED || intr_sk->sk_state != BT_CONNECTED)
557                         break;
558
559                 while ((skb = skb_dequeue(&ctrl_sk->sk_receive_queue))) {
560                         skb_orphan(skb);
561                         hidp_recv_ctrl_frame(session, skb);
562                 }
563
564                 while ((skb = skb_dequeue(&intr_sk->sk_receive_queue))) {
565                         skb_orphan(skb);
566                         hidp_recv_intr_frame(session, skb);
567                 }
568
569                 hidp_process_transmit(session);
570
571                 schedule();
572         }
573         set_current_state(TASK_RUNNING);
574         remove_wait_queue(intr_sk->sk_sleep, &intr_wait);
575         remove_wait_queue(ctrl_sk->sk_sleep, &ctrl_wait);
576
577         down_write(&hidp_session_sem);
578
579         hidp_del_timer(session);
580
581         if (session->input) {
582                 input_unregister_device(session->input);
583                 session->input = NULL;
584         }
585
586         if (session->hid) {
587                 hid_destroy_device(session->hid);
588                 session->hid = NULL;
589         }
590
591         /* Wakeup user-space polling for socket errors */
592         session->intr_sock->sk->sk_err = EUNATCH;
593         session->ctrl_sock->sk->sk_err = EUNATCH;
594
595         hidp_schedule(session);
596
597         fput(session->intr_sock->file);
598
599         wait_event_timeout(*(ctrl_sk->sk_sleep),
600                 (ctrl_sk->sk_state == BT_CLOSED), msecs_to_jiffies(500));
601
602         fput(session->ctrl_sock->file);
603
604         __hidp_unlink_session(session);
605
606         up_write(&hidp_session_sem);
607
608         kfree(session);
609         return 0;
610 }
611
612 static struct device *hidp_get_device(struct hidp_session *session)
613 {
614         bdaddr_t *src = &bt_sk(session->ctrl_sock->sk)->src;
615         bdaddr_t *dst = &bt_sk(session->ctrl_sock->sk)->dst;
616         struct device *device = NULL;
617         struct hci_dev *hdev;
618
619         hdev = hci_get_route(dst, src);
620         if (!hdev)
621                 return NULL;
622
623         session->conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst);
624         if (session->conn)
625                 device = &session->conn->dev;
626
627         hci_dev_put(hdev);
628
629         return device;
630 }
631
632 static int hidp_setup_input(struct hidp_session *session,
633                                 struct hidp_connadd_req *req)
634 {
635         struct input_dev *input;
636         int err, i;
637
638         input = input_allocate_device();
639         if (!input)
640                 return -ENOMEM;
641
642         session->input = input;
643
644         input_set_drvdata(input, session);
645
646         input->name = "Bluetooth HID Boot Protocol Device";
647
648         input->id.bustype = BUS_BLUETOOTH;
649         input->id.vendor  = req->vendor;
650         input->id.product = req->product;
651         input->id.version = req->version;
652
653         if (req->subclass & 0x40) {
654                 set_bit(EV_KEY, input->evbit);
655                 set_bit(EV_LED, input->evbit);
656                 set_bit(EV_REP, input->evbit);
657
658                 set_bit(LED_NUML,    input->ledbit);
659                 set_bit(LED_CAPSL,   input->ledbit);
660                 set_bit(LED_SCROLLL, input->ledbit);
661                 set_bit(LED_COMPOSE, input->ledbit);
662                 set_bit(LED_KANA,    input->ledbit);
663
664                 for (i = 0; i < sizeof(hidp_keycode); i++)
665                         set_bit(hidp_keycode[i], input->keybit);
666                 clear_bit(0, input->keybit);
667         }
668
669         if (req->subclass & 0x80) {
670                 input->evbit[0] = BIT_MASK(EV_KEY) | BIT_MASK(EV_REL);
671                 input->keybit[BIT_WORD(BTN_MOUSE)] = BIT_MASK(BTN_LEFT) |
672                         BIT_MASK(BTN_RIGHT) | BIT_MASK(BTN_MIDDLE);
673                 input->relbit[0] = BIT_MASK(REL_X) | BIT_MASK(REL_Y);
674                 input->keybit[BIT_WORD(BTN_MOUSE)] |= BIT_MASK(BTN_SIDE) |
675                         BIT_MASK(BTN_EXTRA);
676                 input->relbit[0] |= BIT_MASK(REL_WHEEL);
677         }
678
679         input->dev.parent = hidp_get_device(session);
680
681         input->event = hidp_input_event;
682
683         err = input_register_device(input);
684         if (err < 0) {
685                 hci_conn_put_device(session->conn);
686                 return err;
687         }
688
689         return 0;
690 }
691
692 static int hidp_open(struct hid_device *hid)
693 {
694         return 0;
695 }
696
697 static void hidp_close(struct hid_device *hid)
698 {
699 }
700
701 static int hidp_parse(struct hid_device *hid)
702 {
703         struct hidp_session *session = hid->driver_data;
704         struct hidp_connadd_req *req = session->req;
705         unsigned char *buf;
706         int ret;
707
708         buf = kmalloc(req->rd_size, GFP_KERNEL);
709         if (!buf)
710                 return -ENOMEM;
711
712         if (copy_from_user(buf, req->rd_data, req->rd_size)) {
713                 kfree(buf);
714                 return -EFAULT;
715         }
716
717         ret = hid_parse_report(session->hid, buf, req->rd_size);
718
719         kfree(buf);
720
721         if (ret)
722                 return ret;
723
724         session->req = NULL;
725
726         return 0;
727 }
728
729 static int hidp_start(struct hid_device *hid)
730 {
731         struct hidp_session *session = hid->driver_data;
732         struct hid_report *report;
733
734         list_for_each_entry(report, &hid->report_enum[HID_INPUT_REPORT].
735                         report_list, list)
736                 hidp_send_report(session, report);
737
738         list_for_each_entry(report, &hid->report_enum[HID_FEATURE_REPORT].
739                         report_list, list)
740                 hidp_send_report(session, report);
741
742         return 0;
743 }
744
745 static void hidp_stop(struct hid_device *hid)
746 {
747         struct hidp_session *session = hid->driver_data;
748
749         skb_queue_purge(&session->ctrl_transmit);
750         skb_queue_purge(&session->intr_transmit);
751
752         hid->claimed = 0;
753 }
754
755 static struct hid_ll_driver hidp_hid_driver = {
756         .parse = hidp_parse,
757         .start = hidp_start,
758         .stop = hidp_stop,
759         .open  = hidp_open,
760         .close = hidp_close,
761         .hidinput_input_event = hidp_hidinput_event,
762 };
763
764 static int hidp_setup_hid(struct hidp_session *session,
765                                 struct hidp_connadd_req *req)
766 {
767         struct hid_device *hid;
768         bdaddr_t src, dst;
769         int err;
770
771         hid = hid_allocate_device();
772         if (IS_ERR(hid))
773                 return PTR_ERR(hid);
774
775         session->hid = hid;
776         session->req = req;
777         hid->driver_data = session;
778
779         baswap(&src, &bt_sk(session->ctrl_sock->sk)->src);
780         baswap(&dst, &bt_sk(session->ctrl_sock->sk)->dst);
781
782         hid->bus     = BUS_BLUETOOTH;
783         hid->vendor  = req->vendor;
784         hid->product = req->product;
785         hid->version = req->version;
786         hid->country = req->country;
787
788         strncpy(hid->name, req->name, 128);
789         strncpy(hid->phys, batostr(&src), 64);
790         strncpy(hid->uniq, batostr(&dst), 64);
791
792         hid->dev.parent = hidp_get_device(session);
793         hid->ll_driver = &hidp_hid_driver;
794
795         hid->hid_output_raw_report = hidp_output_raw_report;
796
797         err = hid_add_device(hid);
798         if (err < 0)
799                 goto failed;
800
801         return 0;
802
803 failed:
804         hid_destroy_device(hid);
805         session->hid = NULL;
806
807         return err;
808 }
809
810 int hidp_add_connection(struct hidp_connadd_req *req, struct socket *ctrl_sock, struct socket *intr_sock)
811 {
812         struct hidp_session *session, *s;
813         int err;
814
815         BT_DBG("");
816
817         if (bacmp(&bt_sk(ctrl_sock->sk)->src, &bt_sk(intr_sock->sk)->src) ||
818                         bacmp(&bt_sk(ctrl_sock->sk)->dst, &bt_sk(intr_sock->sk)->dst))
819                 return -ENOTUNIQ;
820
821         session = kzalloc(sizeof(struct hidp_session), GFP_KERNEL);
822         if (!session)
823                 return -ENOMEM;
824
825         BT_DBG("rd_data %p rd_size %d", req->rd_data, req->rd_size);
826
827         down_write(&hidp_session_sem);
828
829         s = __hidp_get_session(&bt_sk(ctrl_sock->sk)->dst);
830         if (s && s->state == BT_CONNECTED) {
831                 err = -EEXIST;
832                 goto failed;
833         }
834
835         bacpy(&session->bdaddr, &bt_sk(ctrl_sock->sk)->dst);
836
837         session->ctrl_mtu = min_t(uint, l2cap_pi(ctrl_sock->sk)->omtu, l2cap_pi(ctrl_sock->sk)->imtu);
838         session->intr_mtu = min_t(uint, l2cap_pi(intr_sock->sk)->omtu, l2cap_pi(intr_sock->sk)->imtu);
839
840         BT_DBG("ctrl mtu %d intr mtu %d", session->ctrl_mtu, session->intr_mtu);
841
842         session->ctrl_sock = ctrl_sock;
843         session->intr_sock = intr_sock;
844         session->state     = BT_CONNECTED;
845
846         setup_timer(&session->timer, hidp_idle_timeout, (unsigned long)session);
847
848         skb_queue_head_init(&session->ctrl_transmit);
849         skb_queue_head_init(&session->intr_transmit);
850
851         session->flags   = req->flags & (1 << HIDP_BLUETOOTH_VENDOR_ID);
852         session->idle_to = req->idle_to;
853
854         if (req->rd_size > 0) {
855                 err = hidp_setup_hid(session, req);
856                 if (err && err != -ENODEV)
857                         goto purge;
858         }
859
860         if (!session->hid) {
861                 err = hidp_setup_input(session, req);
862                 if (err < 0)
863                         goto purge;
864         }
865
866         __hidp_link_session(session);
867
868         hidp_set_timer(session);
869
870         err = kernel_thread(hidp_session, session, CLONE_KERNEL);
871         if (err < 0)
872                 goto unlink;
873
874         if (session->input) {
875                 hidp_send_ctrl_message(session,
876                         HIDP_TRANS_SET_PROTOCOL | HIDP_PROTO_BOOT, NULL, 0);
877                 session->flags |= (1 << HIDP_BOOT_PROTOCOL_MODE);
878
879                 session->leds = 0xff;
880                 hidp_input_event(session->input, EV_LED, 0, 0);
881         }
882
883         up_write(&hidp_session_sem);
884         return 0;
885
886 unlink:
887         hidp_del_timer(session);
888
889         __hidp_unlink_session(session);
890
891         if (session->input) {
892                 input_unregister_device(session->input);
893                 session->input = NULL;
894         }
895
896         if (session->hid) {
897                 hid_destroy_device(session->hid);
898                 session->hid = NULL;
899         }
900
901 purge:
902         skb_queue_purge(&session->ctrl_transmit);
903         skb_queue_purge(&session->intr_transmit);
904
905 failed:
906         up_write(&hidp_session_sem);
907
908         input_free_device(session->input);
909         kfree(session);
910         return err;
911 }
912
913 int hidp_del_connection(struct hidp_conndel_req *req)
914 {
915         struct hidp_session *session;
916         int err = 0;
917
918         BT_DBG("");
919
920         down_read(&hidp_session_sem);
921
922         session = __hidp_get_session(&req->bdaddr);
923         if (session) {
924                 if (req->flags & (1 << HIDP_VIRTUAL_CABLE_UNPLUG)) {
925                         hidp_send_ctrl_message(session,
926                                 HIDP_TRANS_HID_CONTROL | HIDP_CTRL_VIRTUAL_CABLE_UNPLUG, NULL, 0);
927                 } else {
928                         /* Flush the transmit queues */
929                         skb_queue_purge(&session->ctrl_transmit);
930                         skb_queue_purge(&session->intr_transmit);
931
932                         /* Wakeup user-space polling for socket errors */
933                         session->intr_sock->sk->sk_err = EUNATCH;
934                         session->ctrl_sock->sk->sk_err = EUNATCH;
935
936                         /* Kill session thread */
937                         atomic_inc(&session->terminate);
938                         hidp_schedule(session);
939                 }
940         } else
941                 err = -ENOENT;
942
943         up_read(&hidp_session_sem);
944         return err;
945 }
946
947 int hidp_get_connlist(struct hidp_connlist_req *req)
948 {
949         struct list_head *p;
950         int err = 0, n = 0;
951
952         BT_DBG("");
953
954         down_read(&hidp_session_sem);
955
956         list_for_each(p, &hidp_session_list) {
957                 struct hidp_session *session;
958                 struct hidp_conninfo ci;
959
960                 session = list_entry(p, struct hidp_session, list);
961
962                 __hidp_copy_session(session, &ci);
963
964                 if (copy_to_user(req->ci, &ci, sizeof(ci))) {
965                         err = -EFAULT;
966                         break;
967                 }
968
969                 if (++n >= req->cnum)
970                         break;
971
972                 req->ci++;
973         }
974         req->cnum = n;
975
976         up_read(&hidp_session_sem);
977         return err;
978 }
979
980 int hidp_get_conninfo(struct hidp_conninfo *ci)
981 {
982         struct hidp_session *session;
983         int err = 0;
984
985         down_read(&hidp_session_sem);
986
987         session = __hidp_get_session(&ci->bdaddr);
988         if (session)
989                 __hidp_copy_session(session, ci);
990         else
991                 err = -ENOENT;
992
993         up_read(&hidp_session_sem);
994         return err;
995 }
996
997 static const struct hid_device_id hidp_table[] = {
998         { HID_BLUETOOTH_DEVICE(HID_ANY_ID, HID_ANY_ID) },
999         { }
1000 };
1001
1002 static struct hid_driver hidp_driver = {
1003         .name = "generic-bluetooth",
1004         .id_table = hidp_table,
1005 };
1006
1007 static int __init hidp_init(void)
1008 {
1009         int ret;
1010
1011         l2cap_load();
1012
1013         BT_INFO("HIDP (Human Interface Emulation) ver %s", VERSION);
1014
1015         ret = hid_register_driver(&hidp_driver);
1016         if (ret)
1017                 goto err;
1018
1019         ret = hidp_init_sockets();
1020         if (ret)
1021                 goto err_drv;
1022
1023         return 0;
1024 err_drv:
1025         hid_unregister_driver(&hidp_driver);
1026 err:
1027         return ret;
1028 }
1029
1030 static void __exit hidp_exit(void)
1031 {
1032         hidp_cleanup_sockets();
1033         hid_unregister_driver(&hidp_driver);
1034 }
1035
1036 module_init(hidp_init);
1037 module_exit(hidp_exit);
1038
1039 MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
1040 MODULE_DESCRIPTION("Bluetooth HIDP ver " VERSION);
1041 MODULE_VERSION(VERSION);
1042 MODULE_LICENSE("GPL");
1043 MODULE_ALIAS("bt-proto-6");
Pandora Kernel Repository