hciops.c revision 5b1f949a427b39091959537f196c5d322997453f
1/* 2 * 3 * BlueZ - Bluetooth protocol stack for Linux 4 * 5 * Copyright (C) 2004-2010 Marcel Holtmann <marcel@holtmann.org> 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 20 * 21 */ 22 23#ifdef HAVE_CONFIG_H 24#include <config.h> 25#endif 26 27#include <stdio.h> 28#include <errno.h> 29#include <unistd.h> 30#include <stdlib.h> 31#include <sys/types.h> 32#include <sys/ioctl.h> 33#include <sys/wait.h> 34 35#include <bluetooth/bluetooth.h> 36#include <bluetooth/hci.h> 37#include <bluetooth/hci_lib.h> 38#include <bluetooth/sdp.h> 39#include <bluetooth/sdp_lib.h> 40 41#include <glib.h> 42 43#include "hcid.h" 44#include "sdpd.h" 45#include "btio.h" 46#include "adapter.h" 47#include "device.h" 48#include "plugin.h" 49#include "log.h" 50#include "storage.h" 51#include "event.h" 52#include "manager.h" 53#include "oob.h" 54#include "eir.h" 55 56#define DISCOV_HALTED 0 57#define DISCOV_INQ 1 58#define DISCOV_SCAN 2 59 60#define TIMEOUT_BR_LE_SCAN 5120 /* TGAP(100)/2 */ 61#define TIMEOUT_LE_SCAN 10240 /* TGAP(gen_disc_scan_min) */ 62 63#define LENGTH_BR_INQ 0x08 64#define LENGTH_BR_LE_INQ 0x04 65 66static int hciops_start_scanning(int index, int timeout); 67 68static int child_pipe[2] = { -1, -1 }; 69 70static guint child_io_id = 0; 71static guint ctl_io_id = 0; 72 73enum adapter_type { 74 BR_EDR, 75 LE_ONLY, 76 BR_EDR_LE, 77 UNKNOWN, 78}; 79 80/* Commands sent by kernel on starting an adapter */ 81enum { 82 PENDING_BDADDR, 83 PENDING_VERSION, 84 PENDING_FEATURES, 85 PENDING_NAME, 86}; 87 88struct bt_conn { 89 struct dev_info *dev; 90 bdaddr_t bdaddr; 91 uint16_t handle; 92 uint8_t loc_cap; 93 uint8_t loc_auth; 94 uint8_t rem_cap; 95 uint8_t rem_auth; 96 uint8_t rem_oob_data; 97 gboolean bonding_initiator; 98 gboolean secmode3; 99 GIOChannel *io; /* For raw L2CAP socket (bonding) */ 100}; 101 102struct oob_data { 103 bdaddr_t bdaddr; 104 uint8_t hash[16]; 105 uint8_t randomizer[16]; 106}; 107 108static int max_dev = -1; 109static struct dev_info { 110 int id; 111 int sk; 112 bdaddr_t bdaddr; 113 char name[249]; 114 uint8_t eir[HCI_MAX_EIR_LENGTH]; 115 uint8_t features[8]; 116 uint8_t extfeatures[8]; 117 uint8_t ssp_mode; 118 119 int8_t tx_power; 120 121 int discov_state; 122 123 uint32_t current_cod; 124 uint32_t wanted_cod; 125 uint32_t pending_cod; 126 gboolean cache_enable; 127 gboolean already_up; 128 gboolean registered; 129 gboolean pairable; 130 131 uint8_t io_capability; 132 133 struct hci_version ver; 134 135 uint16_t did_vendor; 136 uint16_t did_product; 137 uint16_t did_version; 138 139 gboolean up; 140 uint32_t pending; 141 142 GIOChannel *io; 143 guint watch_id; 144 145 gboolean debug_keys; 146 GSList *keys; 147 uint8_t pin_length; 148 149 GSList *oob_data; 150 151 GSList *uuids; 152 153 GSList *connections; 154 155 guint stop_scan_id; 156} *devs = NULL; 157 158static inline int get_state(int index) 159{ 160 struct dev_info *dev = &devs[index]; 161 162 return dev->discov_state; 163} 164 165static inline gboolean is_resolvname_enabled(void) 166{ 167 return main_opts.name_resolv ? TRUE : FALSE; 168} 169 170static void set_state(int index, int state) 171{ 172 struct btd_adapter *adapter; 173 struct dev_info *dev = &devs[index]; 174 175 if (dev->discov_state == state) 176 return; 177 178 adapter = manager_find_adapter_by_id(index); 179 if (!adapter) { 180 error("No matching adapter found"); 181 return; 182 } 183 184 dev->discov_state = state; 185 186 DBG("hci%d: new state %d", index, dev->discov_state); 187 188 switch (dev->discov_state) { 189 case DISCOV_HALTED: 190 if (adapter_get_state(adapter) == STATE_SUSPENDED) 191 return; 192 193 if (is_resolvname_enabled() && 194 adapter_has_discov_sessions(adapter)) 195 adapter_set_state(adapter, STATE_RESOLVNAME); 196 else 197 adapter_set_state(adapter, STATE_IDLE); 198 break; 199 case DISCOV_INQ: 200 case DISCOV_SCAN: 201 adapter_set_state(adapter, STATE_DISCOV); 202 break; 203 } 204} 205 206static inline gboolean is_le_capable(int index) 207{ 208 struct dev_info *dev = &devs[index]; 209 210 return (main_opts.le && dev->features[4] & LMP_LE && 211 dev->extfeatures[0] & LMP_HOST_LE) ? TRUE : FALSE; 212} 213 214static inline gboolean is_bredr_capable(int index) 215{ 216 struct dev_info *dev = &devs[index]; 217 218 return (dev->features[4] & LMP_NO_BREDR) == 0 ? TRUE : FALSE; 219} 220 221static int get_adapter_type(int index) 222{ 223 if (is_le_capable(index) && is_bredr_capable(index)) 224 return BR_EDR_LE; 225 else if (is_le_capable(index)) 226 return LE_ONLY; 227 else if (is_bredr_capable(index)) 228 return BR_EDR; 229 230 return UNKNOWN; 231} 232 233static int ignore_device(struct hci_dev_info *di) 234{ 235 return hci_test_bit(HCI_RAW, &di->flags) || di->type >> 4 != HCI_BREDR; 236} 237 238static struct dev_info *init_dev_info(int index, int sk, gboolean registered, 239 gboolean already_up) 240{ 241 struct dev_info *dev = &devs[index]; 242 243 memset(dev, 0, sizeof(*dev)); 244 245 dev->id = index; 246 dev->sk = sk; 247 dev->cache_enable = TRUE; 248 dev->registered = registered; 249 dev->already_up = already_up; 250 dev->io_capability = 0x03; /* No Input No Output */ 251 dev->discov_state = DISCOV_HALTED; 252 253 return dev; 254} 255 256/* Async HCI command handling with callback support */ 257 258struct hci_cmd_data { 259 bt_hci_result_t cb; 260 uint16_t handle; 261 uint16_t ocf; 262 gpointer caller_data; 263}; 264 265static gboolean hci_event_watch(GIOChannel *io, 266 GIOCondition cond, gpointer user_data) 267{ 268 unsigned char buf[HCI_MAX_EVENT_SIZE], *body; 269 struct hci_cmd_data *cmd = user_data; 270 evt_cmd_status *evt_status; 271 evt_auth_complete *evt_auth; 272 evt_encrypt_change *evt_enc; 273 hci_event_hdr *hdr; 274 set_conn_encrypt_cp cp; 275 int dd; 276 uint16_t ocf; 277 uint8_t status = HCI_OE_POWER_OFF; 278 279 if (cond & G_IO_NVAL) { 280 cmd->cb(status, cmd->caller_data); 281 return FALSE; 282 } 283 284 if (cond & (G_IO_ERR | G_IO_HUP)) 285 goto failed; 286 287 dd = g_io_channel_unix_get_fd(io); 288 289 if (read(dd, buf, sizeof(buf)) < 0) 290 goto failed; 291 292 hdr = (hci_event_hdr *) (buf + 1); 293 body = buf + (1 + HCI_EVENT_HDR_SIZE); 294 295 switch (hdr->evt) { 296 case EVT_CMD_STATUS: 297 evt_status = (evt_cmd_status *) body; 298 ocf = cmd_opcode_ocf(evt_status->opcode); 299 if (ocf != cmd->ocf) 300 return TRUE; 301 switch (ocf) { 302 case OCF_AUTH_REQUESTED: 303 case OCF_SET_CONN_ENCRYPT: 304 if (evt_status->status != 0) { 305 /* Baseband rejected command */ 306 status = evt_status->status; 307 goto failed; 308 } 309 break; 310 default: 311 return TRUE; 312 } 313 /* Wait for the next event */ 314 return TRUE; 315 case EVT_AUTH_COMPLETE: 316 evt_auth = (evt_auth_complete *) body; 317 if (evt_auth->handle != cmd->handle) { 318 /* Skipping */ 319 return TRUE; 320 } 321 322 if (evt_auth->status != 0x00) { 323 status = evt_auth->status; 324 /* Abort encryption */ 325 goto failed; 326 } 327 328 memset(&cp, 0, sizeof(cp)); 329 cp.handle = cmd->handle; 330 cp.encrypt = 1; 331 332 cmd->ocf = OCF_SET_CONN_ENCRYPT; 333 334 if (hci_send_cmd(dd, OGF_LINK_CTL, OCF_SET_CONN_ENCRYPT, 335 SET_CONN_ENCRYPT_CP_SIZE, &cp) < 0) { 336 status = HCI_COMMAND_DISALLOWED; 337 goto failed; 338 } 339 /* Wait for encrypt change event */ 340 return TRUE; 341 case EVT_ENCRYPT_CHANGE: 342 evt_enc = (evt_encrypt_change *) body; 343 if (evt_enc->handle != cmd->handle) 344 return TRUE; 345 346 /* Procedure finished: reporting status */ 347 status = evt_enc->status; 348 break; 349 default: 350 /* Skipping */ 351 return TRUE; 352 } 353 354failed: 355 cmd->cb(status, cmd->caller_data); 356 g_io_channel_shutdown(io, TRUE, NULL); 357 358 return FALSE; 359} 360 361static int write_inq_mode(int index, uint8_t mode) 362{ 363 struct dev_info *dev = &devs[index]; 364 write_inquiry_mode_cp cp; 365 366 memset(&cp, 0, sizeof(cp)); 367 cp.mode = mode; 368 369 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_INQUIRY_MODE, 370 WRITE_INQUIRY_MODE_CP_SIZE, &cp) < 0) 371 return -errno; 372 373 return 0; 374} 375 376static uint8_t get_inquiry_mode(int index) 377{ 378 struct dev_info *dev = &devs[index]; 379 380 if (dev->features[6] & LMP_EXT_INQ) 381 return 2; 382 383 if (dev->features[3] & LMP_RSSI_INQ) 384 return 1; 385 386 if (dev->ver.manufacturer == 11 && dev->ver.hci_rev == 0x00 && 387 dev->ver.lmp_subver == 0x0757) 388 return 1; 389 390 if (dev->ver.manufacturer == 15) { 391 if (dev->ver.hci_rev == 0x03 && 392 dev->ver.lmp_subver == 0x6963) 393 return 1; 394 if (dev->ver.hci_rev == 0x09 && 395 dev->ver.lmp_subver == 0x6963) 396 return 1; 397 if (dev->ver.hci_rev == 0x00 && 398 dev->ver.lmp_subver == 0x6965) 399 return 1; 400 } 401 402 if (dev->ver.manufacturer == 31 && dev->ver.hci_rev == 0x2005 && 403 dev->ver.lmp_subver == 0x1805) 404 return 1; 405 406 return 0; 407} 408 409static int init_ssp_mode(int index) 410{ 411 struct dev_info *dev = &devs[index]; 412 write_simple_pairing_mode_cp cp; 413 414 if (ioctl(dev->sk, HCIGETAUTHINFO, NULL) < 0 && errno == EINVAL) 415 return 0; 416 417 memset(&cp, 0, sizeof(cp)); 418 cp.mode = 0x01; 419 420 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 421 OCF_WRITE_SIMPLE_PAIRING_MODE, 422 WRITE_SIMPLE_PAIRING_MODE_CP_SIZE, &cp) < 0) 423 return -errno; 424 425 return 0; 426} 427 428static int hciops_set_discoverable(int index, gboolean discoverable) 429{ 430 struct dev_info *dev = &devs[index]; 431 uint8_t mode; 432 433 if (discoverable) 434 mode = (SCAN_PAGE | SCAN_INQUIRY); 435 else 436 mode = SCAN_PAGE; 437 438 DBG("hci%d discoverable %d", index, discoverable); 439 440 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE, 441 1, &mode) < 0) 442 return -errno; 443 444 return 0; 445} 446 447static int hciops_set_pairable(int index, gboolean pairable) 448{ 449 struct btd_adapter *adapter; 450 451 DBG("hci%d pairable %d", index, pairable); 452 453 adapter = manager_find_adapter(&devs[index].bdaddr); 454 if (adapter) 455 btd_adapter_pairable_changed(adapter, pairable); 456 457 devs[index].pairable = pairable; 458 459 return 0; 460} 461 462static int hciops_power_off(int index) 463{ 464 struct dev_info *dev = &devs[index]; 465 466 DBG("hci%d", index); 467 468 if (ioctl(dev->sk, HCIDEVDOWN, index) < 0 && errno != EALREADY) 469 return -errno; 470 471 return 0; 472} 473 474static void set_event_mask(int index) 475{ 476 struct dev_info *dev = &devs[index]; 477 /* The second byte is 0xff instead of 0x9f (two reserved bits 478 * disabled) since a Broadcom 1.2 dongle doesn't respond to the 479 * command otherwise */ 480 uint8_t events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 }; 481 482 /* Events for 1.2 and newer controllers */ 483 if (dev->ver.lmp_ver > 1) { 484 events[4] |= 0x01; /* Flow Specification Complete */ 485 events[4] |= 0x02; /* Inquiry Result with RSSI */ 486 events[4] |= 0x04; /* Read Remote Extended Features Complete */ 487 events[5] |= 0x08; /* Synchronous Connection Complete */ 488 events[5] |= 0x10; /* Synchronous Connection Changed */ 489 } 490 491 if (dev->features[3] & LMP_RSSI_INQ) 492 events[4] |= 0x04; /* Inquiry Result with RSSI */ 493 494 if (dev->features[5] & LMP_SNIFF_SUBR) 495 events[5] |= 0x20; /* Sniff Subrating */ 496 497 if (dev->features[5] & LMP_PAUSE_ENC) 498 events[5] |= 0x80; /* Encryption Key Refresh Complete */ 499 500 if (dev->features[6] & LMP_EXT_INQ) 501 events[5] |= 0x40; /* Extended Inquiry Result */ 502 503 if (dev->features[6] & LMP_NFLUSH_PKTS) 504 events[7] |= 0x01; /* Enhanced Flush Complete */ 505 506 if (dev->features[7] & LMP_LSTO) 507 events[6] |= 0x80; /* Link Supervision Timeout Changed */ 508 509 if (dev->features[6] & LMP_SIMPLE_PAIR) { 510 events[6] |= 0x01; /* IO Capability Request */ 511 events[6] |= 0x02; /* IO Capability Response */ 512 events[6] |= 0x04; /* User Confirmation Request */ 513 events[6] |= 0x08; /* User Passkey Request */ 514 events[6] |= 0x10; /* Remote OOB Data Request */ 515 events[6] |= 0x20; /* Simple Pairing Complete */ 516 events[7] |= 0x04; /* User Passkey Notification */ 517 events[7] |= 0x08; /* Keypress Notification */ 518 events[7] |= 0x10; /* Remote Host Supported 519 * Features Notification */ 520 } 521 522 if (dev->features[4] & LMP_LE) 523 events[7] |= 0x20; /* LE Meta-Event */ 524 525 hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_SET_EVENT_MASK, 526 sizeof(events), events); 527} 528 529static void start_adapter(int index) 530{ 531 struct dev_info *dev = &devs[index]; 532 uint8_t inqmode; 533 uint16_t link_policy; 534 535 set_event_mask(index); 536 537 if (dev->features[6] & LMP_SIMPLE_PAIR) 538 init_ssp_mode(index); 539 540 inqmode = get_inquiry_mode(index); 541 if (inqmode) 542 write_inq_mode(index, inqmode); 543 544 if (dev->features[7] & LMP_INQ_TX_PWR) 545 hci_send_cmd(dev->sk, OGF_HOST_CTL, 546 OCF_READ_INQ_RESPONSE_TX_POWER_LEVEL, 0, NULL); 547 548 /* Set default link policy */ 549 link_policy = main_opts.link_policy; 550 551 if (!(dev->features[0] & LMP_RSWITCH)) 552 link_policy &= ~HCI_LP_RSWITCH; 553 if (!(dev->features[0] & LMP_HOLD)) 554 link_policy &= ~HCI_LP_HOLD; 555 if (!(dev->features[0] & LMP_SNIFF)) 556 link_policy &= ~HCI_LP_SNIFF; 557 if (!(dev->features[1] & LMP_PARK)) 558 link_policy &= ~HCI_LP_PARK; 559 560 link_policy = htobs(link_policy); 561 hci_send_cmd(dev->sk, OGF_LINK_POLICY, OCF_WRITE_DEFAULT_LINK_POLICY, 562 sizeof(link_policy), &link_policy); 563 564 dev->current_cod = 0; 565 memset(dev->eir, 0, sizeof(dev->eir)); 566} 567 568static int hciops_stop_inquiry(int index) 569{ 570 struct dev_info *dev = &devs[index]; 571 572 DBG("hci%d", index); 573 574 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_INQUIRY_CANCEL, 0, 0) < 0) 575 return -errno; 576 577 return 0; 578} 579 580static gboolean init_adapter(int index) 581{ 582 struct dev_info *dev = &devs[index]; 583 struct btd_adapter *adapter = NULL; 584 gboolean existing_adapter = dev->registered; 585 uint8_t mode, on_mode; 586 gboolean pairable, discoverable; 587 588 if (!dev->registered) { 589 adapter = btd_manager_register_adapter(index); 590 if (adapter) 591 dev->registered = TRUE; 592 } else { 593 adapter = manager_find_adapter(&dev->bdaddr); 594 /* FIXME: manager_find_adapter should return a new ref */ 595 btd_adapter_ref(adapter); 596 } 597 598 if (adapter == NULL) 599 return FALSE; 600 601 btd_adapter_get_mode(adapter, &mode, &on_mode, &pairable); 602 603 if (existing_adapter) 604 mode = on_mode; 605 606 if (mode == MODE_OFF) { 607 hciops_power_off(index); 608 goto done; 609 } 610 611 start_adapter(index); 612 btd_adapter_start(adapter); 613 614 discoverable = (mode == MODE_DISCOVERABLE); 615 616 hciops_set_discoverable(index, discoverable); 617 hciops_set_pairable(index, pairable); 618 619 if (dev->already_up) 620 hciops_stop_inquiry(index); 621 622done: 623 btd_adapter_unref(adapter); 624 return TRUE; 625} 626 627static int hciops_encrypt_link(int index, bdaddr_t *dst, bt_hci_result_t cb, 628 gpointer user_data) 629{ 630 GIOChannel *io; 631 struct hci_cmd_data *cmd; 632 struct hci_conn_info_req *cr; 633 auth_requested_cp cp; 634 struct hci_filter nf; 635 int dd, err; 636 uint32_t link_mode; 637 uint16_t handle; 638 639 dd = hci_open_dev(index); 640 if (dd < 0) 641 return -errno; 642 643 cr = g_malloc0(sizeof(*cr) + sizeof(struct hci_conn_info)); 644 cr->type = ACL_LINK; 645 bacpy(&cr->bdaddr, dst); 646 647 err = ioctl(dd, HCIGETCONNINFO, cr); 648 link_mode = cr->conn_info->link_mode; 649 handle = cr->conn_info->handle; 650 g_free(cr); 651 652 if (err < 0) { 653 err = -errno; 654 goto fail; 655 } 656 657 if (link_mode & HCI_LM_ENCRYPT) { 658 err = -EALREADY; 659 goto fail; 660 } 661 662 memset(&cp, 0, sizeof(cp)); 663 cp.handle = htobs(handle); 664 665 if (hci_send_cmd(dd, OGF_LINK_CTL, OCF_AUTH_REQUESTED, 666 AUTH_REQUESTED_CP_SIZE, &cp) < 0) { 667 err = -errno; 668 goto fail; 669 } 670 671 cmd = g_new0(struct hci_cmd_data, 1); 672 cmd->handle = handle; 673 cmd->ocf = OCF_AUTH_REQUESTED; 674 cmd->cb = cb; 675 cmd->caller_data = user_data; 676 677 hci_filter_clear(&nf); 678 hci_filter_set_ptype(HCI_EVENT_PKT, &nf); 679 hci_filter_set_event(EVT_CMD_STATUS, &nf); 680 hci_filter_set_event(EVT_AUTH_COMPLETE, &nf); 681 hci_filter_set_event(EVT_ENCRYPT_CHANGE, &nf); 682 683 if (setsockopt(dd, SOL_HCI, HCI_FILTER, &nf, sizeof(nf)) < 0) { 684 err = -errno; 685 g_free(cmd); 686 goto fail; 687 } 688 689 io = g_io_channel_unix_new(dd); 690 g_io_channel_set_close_on_unref(io, FALSE); 691 g_io_add_watch_full(io, G_PRIORITY_DEFAULT, 692 G_IO_HUP | G_IO_ERR | G_IO_NVAL | G_IO_IN, 693 hci_event_watch, cmd, g_free); 694 g_io_channel_unref(io); 695 696 return 0; 697 698fail: 699 close(dd); 700 return err; 701} 702 703static int hciops_set_did(int index, uint16_t vendor, uint16_t product, 704 uint16_t version) 705{ 706 struct dev_info *dev = &devs[index]; 707 708 dev->did_vendor = vendor; 709 dev->did_product = product; 710 dev->did_version = version; 711 712 return 0; 713} 714 715/* End async HCI command handling */ 716 717/* Start of HCI event callbacks */ 718 719static gint conn_handle_cmp(gconstpointer a, gconstpointer b) 720{ 721 const struct bt_conn *conn = a; 722 uint16_t handle = *((const uint16_t *) b); 723 724 return (int) conn->handle - (int) handle; 725} 726 727static struct bt_conn *find_conn_by_handle(struct dev_info *dev, 728 uint16_t handle) 729{ 730 GSList *match; 731 732 match = g_slist_find_custom(dev->connections, &handle, 733 conn_handle_cmp); 734 if (match) 735 return match->data; 736 737 return NULL; 738} 739 740static gint conn_bdaddr_cmp(gconstpointer a, gconstpointer b) 741{ 742 const struct bt_conn *conn = a; 743 const bdaddr_t *bdaddr = b; 744 745 return bacmp(&conn->bdaddr, bdaddr); 746} 747 748static struct bt_conn *find_connection(struct dev_info *dev, bdaddr_t *bdaddr) 749{ 750 GSList *match; 751 752 match = g_slist_find_custom(dev->connections, bdaddr, conn_bdaddr_cmp); 753 if (match) 754 return match->data; 755 756 return NULL; 757} 758 759static struct bt_conn *get_connection(struct dev_info *dev, bdaddr_t *bdaddr) 760{ 761 struct bt_conn *conn; 762 763 conn = find_connection(dev, bdaddr); 764 if (conn) 765 return conn; 766 767 conn = g_new0(struct bt_conn, 1); 768 769 conn->dev = dev; 770 conn->loc_cap = dev->io_capability; 771 conn->loc_auth = 0xff; 772 conn->rem_auth = 0xff; 773 bacpy(&conn->bdaddr, bdaddr); 774 775 dev->connections = g_slist_append(dev->connections, conn); 776 777 return conn; 778} 779 780static int get_handle(int index, bdaddr_t *bdaddr, uint16_t *handle) 781{ 782 struct dev_info *dev = &devs[index]; 783 struct bt_conn *conn; 784 char addr[18]; 785 786 ba2str(bdaddr, addr); 787 DBG("hci%d dba %s", index, addr); 788 789 conn = find_connection(dev, bdaddr); 790 if (conn == NULL) 791 return -ENOENT; 792 793 *handle = conn->handle; 794 795 return 0; 796} 797 798static int disconnect_addr(int index, bdaddr_t *dba, uint8_t reason) 799{ 800 disconnect_cp cp; 801 uint16_t handle; 802 int err; 803 804 err = get_handle(index, dba, &handle); 805 if (err < 0) 806 return err; 807 808 memset(&cp, 0, sizeof(cp)); 809 cp.handle = htobs(handle); 810 cp.reason = reason; 811 812 if (hci_send_cmd(devs[index].sk, OGF_LINK_CTL, OCF_DISCONNECT, 813 DISCONNECT_CP_SIZE, &cp) < 0) 814 return -errno; 815 816 return 0; 817} 818 819static void bonding_complete(struct dev_info *dev, struct bt_conn *conn, 820 uint8_t status) 821{ 822 DBG("status 0x%02x", status); 823 824 if (conn->io != NULL) { 825 /* bonding_connect_cb takes care of the successul case */ 826 if (status != 0) 827 g_io_channel_shutdown(conn->io, TRUE, NULL); 828 g_io_channel_unref(conn->io); 829 conn->io = NULL; 830 } 831 832 conn->bonding_initiator = FALSE; 833 834 btd_event_bonding_complete(&dev->bdaddr, &conn->bdaddr, status); 835} 836 837static int get_auth_info(int index, bdaddr_t *bdaddr, uint8_t *auth) 838{ 839 struct dev_info *dev = &devs[index]; 840 struct hci_auth_info_req req; 841 char addr[18]; 842 843 ba2str(bdaddr, addr); 844 DBG("hci%d dba %s", index, addr); 845 846 memset(&req, 0, sizeof(req)); 847 bacpy(&req.bdaddr, bdaddr); 848 849 if (ioctl(dev->sk, HCIGETAUTHINFO, (unsigned long) &req) < 0) 850 return -errno; 851 852 if (auth) 853 *auth = req.type; 854 855 return 0; 856} 857 858/* Link Key handling */ 859 860static void link_key_request(int index, bdaddr_t *dba) 861{ 862 struct dev_info *dev = &devs[index]; 863 struct link_key_info *key_info; 864 struct bt_conn *conn; 865 GSList *match; 866 char da[18]; 867 868 ba2str(dba, da); 869 DBG("hci%d dba %s", index, da); 870 871 conn = get_connection(dev, dba); 872 if (conn->handle == 0) 873 conn->secmode3 = TRUE; 874 875 get_auth_info(index, dba, &conn->loc_auth); 876 877 DBG("kernel auth requirements = 0x%02x", conn->loc_auth); 878 879 match = g_slist_find_custom(dev->keys, dba, (GCompareFunc) bacmp); 880 if (match) 881 key_info = match->data; 882 else 883 key_info = NULL; 884 885 DBG("Matching key %s", key_info ? "found" : "not found"); 886 887 if (key_info == NULL || (!dev->debug_keys && key_info->type == 0x03)) { 888 /* Link key not found */ 889 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_LINK_KEY_NEG_REPLY, 890 6, dba); 891 return; 892 } 893 894 /* Link key found */ 895 896 DBG("link key type 0x%02x", key_info->type); 897 898 /* Don't use unauthenticated combination keys if MITM is 899 * required */ 900 if (key_info->type == 0x04 && conn->loc_auth != 0xff && 901 (conn->loc_auth & 0x01)) 902 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_LINK_KEY_NEG_REPLY, 903 6, dba); 904 else { 905 link_key_reply_cp lr; 906 907 memcpy(lr.link_key, key_info->key, 16); 908 bacpy(&lr.bdaddr, dba); 909 910 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_LINK_KEY_REPLY, 911 LINK_KEY_REPLY_CP_SIZE, &lr); 912 } 913} 914 915static void link_key_notify(int index, void *ptr) 916{ 917 struct dev_info *dev = &devs[index]; 918 evt_link_key_notify *evt = ptr; 919 bdaddr_t *dba = &evt->bdaddr; 920 struct link_key_info *key_info; 921 uint8_t old_key_type, key_type; 922 struct bt_conn *conn; 923 GSList *match; 924 char da[18]; 925 uint8_t status = 0; 926 927 ba2str(dba, da); 928 DBG("hci%d dba %s type %d", index, da, evt->key_type); 929 930 conn = get_connection(dev, &evt->bdaddr); 931 932 match = g_slist_find_custom(dev->keys, dba, (GCompareFunc) bacmp); 933 if (match) 934 key_info = match->data; 935 else 936 key_info = NULL; 937 938 if (key_info == NULL) { 939 key_info = g_new0(struct link_key_info, 1); 940 bacpy(&key_info->bdaddr, &evt->bdaddr); 941 old_key_type = 0xff; 942 } else { 943 dev->keys = g_slist_remove(dev->keys, key_info); 944 old_key_type = key_info->type; 945 } 946 947 memcpy(key_info->key, evt->link_key, sizeof(evt->link_key)); 948 key_info->type = evt->key_type; 949 key_info->pin_len = dev->pin_length; 950 951 key_type = evt->key_type; 952 953 DBG("key type 0x%02x old key type 0x%02x", key_type, old_key_type); 954 DBG("local auth 0x%02x and remote auth 0x%02x", 955 conn->loc_auth, conn->rem_auth); 956 957 if (key_type == 0x06) { 958 /* Some buggy controller combinations generate a changed 959 * combination key for legacy pairing even when there's no 960 * previous key */ 961 if (conn->rem_auth == 0xff && old_key_type == 0xff) 962 key_type = 0x00; 963 else if (old_key_type != 0xff) 964 key_type = old_key_type; 965 else 966 /* This is Changed Combination Link Key for 967 * a temporary link key.*/ 968 goto done; 969 } 970 971 key_info->type = key_type; 972 973 /* Skip the storage check if this is a debug key */ 974 if (key_type == 0x03) 975 goto done; 976 977 /* Store the link key persistently if one of the following is true: 978 * 1. this is a legacy link key 979 * 2. this is a changed combination key and there was a previously 980 * stored one 981 * 3. neither local nor remote side had no-bonding as a requirement 982 * 4. the local side had dedicated bonding as a requirement 983 * 5. the remote side is using dedicated bonding since in that case 984 * also the local requirements are set to dedicated bonding 985 * If none of the above match only keep the link key around for 986 * this connection and set the temporary flag for the device. 987 */ 988 if (key_type < 0x03 || (key_type == 0x06 && old_key_type != 0xff) || 989 (conn->loc_auth > 0x01 && conn->rem_auth > 0x01) || 990 (conn->loc_auth == 0x02 || conn->loc_auth == 0x03) || 991 (conn->rem_auth == 0x02 || conn->rem_auth == 0x03)) { 992 int err; 993 994 err = btd_event_link_key_notify(&dev->bdaddr, dba, 995 evt->link_key, key_type, 996 dev->pin_length); 997 998 if (err == -ENODEV) 999 status = HCI_OE_LOW_RESOURCES; 1000 else if (err < 0) 1001 status = HCI_MEMORY_FULL; 1002 1003 goto done; 1004 } 1005 1006done: 1007 dev->pin_length = 0; 1008 1009 if (status != 0) { 1010 g_free(key_info); 1011 bonding_complete(dev, conn, status); 1012 disconnect_addr(index, dba, status); 1013 return; 1014 } 1015 1016 dev->keys = g_slist_prepend(dev->keys, key_info); 1017 1018 /* If we're connected and not dedicated bonding initiators we're 1019 * done with the bonding process */ 1020 if (!conn->bonding_initiator && conn->handle != 0) 1021 bonding_complete(dev, conn, 0); 1022} 1023 1024static void return_link_keys(int index, void *ptr) 1025{ 1026 struct dev_info *dev = &devs[index]; 1027 evt_return_link_keys *evt = ptr; 1028 uint8_t num = evt->num_keys; 1029 unsigned char key[16]; 1030 char da[18]; 1031 bdaddr_t dba; 1032 int i; 1033 1034 DBG("hci%d num_keys %u", index, num); 1035 1036 ptr++; 1037 1038 for (i = 0; i < num; i++) { 1039 bacpy(&dba, ptr); ba2str(&dba, da); 1040 memcpy(key, ptr + 6, 16); 1041 1042 DBG("hci%d returned key for %s", index, da); 1043 1044 btd_event_returned_link_key(&dev->bdaddr, &dba); 1045 1046 ptr += 22; 1047 } 1048} 1049 1050/* Simple Pairing handling */ 1051 1052static int hciops_confirm_reply(int index, bdaddr_t *bdaddr, gboolean success) 1053{ 1054 struct dev_info *dev = &devs[index]; 1055 user_confirm_reply_cp cp; 1056 char addr[18]; 1057 int err; 1058 1059 ba2str(bdaddr, addr); 1060 DBG("hci%d dba %s success %d", index, addr, success); 1061 1062 memset(&cp, 0, sizeof(cp)); 1063 bacpy(&cp.bdaddr, bdaddr); 1064 1065 if (success) 1066 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 1067 OCF_USER_CONFIRM_REPLY, 1068 USER_CONFIRM_REPLY_CP_SIZE, &cp); 1069 else 1070 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 1071 OCF_USER_CONFIRM_NEG_REPLY, 1072 USER_CONFIRM_REPLY_CP_SIZE, &cp); 1073 1074 if (err < 0) 1075 err = -errno; 1076 1077 return err; 1078} 1079 1080static void user_confirm_request(int index, void *ptr) 1081{ 1082 struct dev_info *dev = &devs[index]; 1083 evt_user_confirm_request *req = ptr; 1084 gboolean loc_mitm, rem_mitm; 1085 struct bt_conn *conn; 1086 1087 DBG("hci%d", index); 1088 1089 conn = find_connection(dev, &req->bdaddr); 1090 if (conn == NULL) 1091 return; 1092 1093 loc_mitm = (conn->loc_auth & 0x01) ? TRUE : FALSE; 1094 rem_mitm = (conn->rem_auth & 0x01) ? TRUE : FALSE; 1095 1096 /* If we require MITM but the remote device can't provide that 1097 * (it has NoInputNoOutput) then reject the confirmation 1098 * request. The only exception is when we're dedicated bonding 1099 * initiators since then we always have the MITM bit set. */ 1100 if (!conn->bonding_initiator && loc_mitm && conn->rem_cap == 0x03) { 1101 error("Rejecting request: remote device can't provide MITM"); 1102 goto fail; 1103 } 1104 1105 /* If no side requires MITM protection; auto-accept */ 1106 if ((conn->loc_auth == 0xff || !loc_mitm || conn->rem_cap == 0x03) && 1107 (!rem_mitm || conn->loc_cap == 0x03)) { 1108 DBG("auto accept of confirmation"); 1109 1110 /* Wait 5 milliseconds before doing auto-accept */ 1111 usleep(5000); 1112 1113 if (hciops_confirm_reply(index, &req->bdaddr, TRUE) < 0) 1114 goto fail; 1115 1116 return; 1117 } 1118 1119 if (btd_event_user_confirm(&dev->bdaddr, &req->bdaddr, 1120 btohl(req->passkey)) == 0) 1121 return; 1122 1123fail: 1124 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_USER_CONFIRM_NEG_REPLY, 1125 6, ptr); 1126} 1127 1128static void user_passkey_request(int index, void *ptr) 1129{ 1130 struct dev_info *dev = &devs[index]; 1131 evt_user_passkey_request *req = ptr; 1132 1133 DBG("hci%d", index); 1134 1135 if (btd_event_user_passkey(&dev->bdaddr, &req->bdaddr) < 0) 1136 hci_send_cmd(dev->sk, OGF_LINK_CTL, 1137 OCF_USER_PASSKEY_NEG_REPLY, 6, ptr); 1138} 1139 1140static void user_passkey_notify(int index, void *ptr) 1141{ 1142 struct dev_info *dev = &devs[index]; 1143 evt_user_passkey_notify *req = ptr; 1144 1145 DBG("hci%d", index); 1146 1147 btd_event_user_notify(&dev->bdaddr, &req->bdaddr, 1148 btohl(req->passkey)); 1149} 1150 1151static gint oob_bdaddr_cmp(gconstpointer a, gconstpointer b) 1152{ 1153 const struct oob_data *data = a; 1154 const bdaddr_t *bdaddr = b; 1155 1156 return bacmp(&data->bdaddr, bdaddr); 1157} 1158 1159static void remote_oob_data_request(int index, bdaddr_t *bdaddr) 1160{ 1161 struct dev_info *dev = &devs[index]; 1162 GSList *match; 1163 1164 DBG("hci%d", index); 1165 1166 match = g_slist_find_custom(dev->oob_data, bdaddr, oob_bdaddr_cmp); 1167 1168 if (match) { 1169 struct oob_data *data; 1170 remote_oob_data_reply_cp cp; 1171 1172 data = match->data; 1173 1174 bacpy(&cp.bdaddr, &data->bdaddr); 1175 memcpy(cp.hash, data->hash, sizeof(cp.hash)); 1176 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer)); 1177 1178 dev->oob_data = g_slist_delete_link(dev->oob_data, match); 1179 1180 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_REMOTE_OOB_DATA_REPLY, 1181 REMOTE_OOB_DATA_REPLY_CP_SIZE, &cp); 1182 1183 } else { 1184 hci_send_cmd(dev->sk, OGF_LINK_CTL, 1185 OCF_REMOTE_OOB_DATA_NEG_REPLY, 6, bdaddr); 1186 } 1187} 1188 1189static int get_io_cap(int index, bdaddr_t *bdaddr, uint8_t *cap, uint8_t *auth) 1190{ 1191 struct dev_info *dev = &devs[index]; 1192 struct bt_conn *conn; 1193 int err; 1194 1195 conn = find_connection(dev, bdaddr); 1196 if (conn == NULL) 1197 return -ENOENT; 1198 1199 err = get_auth_info(index, bdaddr, &conn->loc_auth); 1200 if (err < 0) 1201 return err; 1202 1203 DBG("initial authentication requirement is 0x%02x", conn->loc_auth); 1204 1205 if (!dev->pairable && !conn->bonding_initiator) { 1206 if (conn->rem_auth < 0x02) { 1207 DBG("Allowing no bonding in non-bondable mode"); 1208 /* Kernel defaults to general bonding and so 1209 * overwrite for this special case. Otherwise 1210 * non-pairable test cases will fail. */ 1211 conn->loc_auth = conn->rem_auth; 1212 goto done; 1213 } 1214 1215 return -EPERM; 1216 } 1217 1218 /* If the kernel doesn't know the local requirement just mirror 1219 * the remote one */ 1220 if (conn->loc_auth == 0xff) 1221 conn->loc_auth = conn->rem_auth; 1222 1223 if (conn->loc_auth == 0x00 || conn->loc_auth == 0x04) { 1224 /* If remote requests dedicated bonding follow that lead */ 1225 if (conn->rem_auth == 0x02 || conn->rem_auth == 0x03) { 1226 1227 /* If both remote and local IO capabilities allow MITM 1228 * then require it, otherwise don't */ 1229 if (conn->rem_cap == 0x03 || conn->loc_cap == 0x03) 1230 conn->loc_auth = 0x02; 1231 else 1232 conn->loc_auth = 0x03; 1233 } 1234 1235 /* If remote indicates no bonding then follow that. This 1236 * is important since the kernel might give general bonding 1237 * as default. */ 1238 if (conn->rem_auth == 0x00 || conn->rem_auth == 0x01) 1239 conn->loc_auth = 0x00; 1240 1241 /* If remote requires MITM then also require it, unless 1242 * our IO capability is NoInputNoOutput (so some 1243 * just-works security cases can be tested) */ 1244 if (conn->rem_auth != 0xff && (conn->rem_auth & 0x01) && 1245 conn->loc_cap != 0x03) 1246 conn->loc_auth |= 0x01; 1247 } 1248 1249done: 1250 *cap = conn->loc_cap; 1251 *auth = conn->loc_auth; 1252 1253 DBG("final authentication requirement is 0x%02x", *auth); 1254 1255 return 0; 1256} 1257 1258static void io_capa_request(int index, void *ptr) 1259{ 1260 struct dev_info *dev = &devs[index]; 1261 bdaddr_t *dba = ptr; 1262 uint8_t cap, auth = 0xff; 1263 char da[18]; 1264 int err; 1265 1266 ba2str(dba, da); 1267 DBG("hci%d IO capability request for %s", index, da); 1268 1269 err = get_io_cap(index, dba, &cap, &auth); 1270 if (err < 0) { 1271 io_capability_neg_reply_cp cp; 1272 1273 error("Getting IO capability failed: %s (%d)", 1274 strerror(-err), -err); 1275 1276 memset(&cp, 0, sizeof(cp)); 1277 bacpy(&cp.bdaddr, dba); 1278 cp.reason = HCI_PAIRING_NOT_ALLOWED; 1279 hci_send_cmd(dev->sk, OGF_LINK_CTL, 1280 OCF_IO_CAPABILITY_NEG_REPLY, 1281 IO_CAPABILITY_NEG_REPLY_CP_SIZE, &cp); 1282 } else { 1283 io_capability_reply_cp cp; 1284 struct bt_conn *conn; 1285 GSList *match; 1286 1287 memset(&cp, 0, sizeof(cp)); 1288 bacpy(&cp.bdaddr, dba); 1289 cp.capability = cap; 1290 cp.authentication = auth; 1291 1292 conn = find_connection(dev, dba); 1293 match = g_slist_find_custom(dev->oob_data, dba, oob_bdaddr_cmp); 1294 1295 if ((conn->bonding_initiator || conn->rem_oob_data == 0x01) && 1296 match) 1297 cp.oob_data = 0x01; 1298 else 1299 cp.oob_data = 0x00; 1300 1301 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_IO_CAPABILITY_REPLY, 1302 IO_CAPABILITY_REPLY_CP_SIZE, &cp); 1303 } 1304} 1305 1306static void io_capa_response(int index, void *ptr) 1307{ 1308 struct dev_info *dev = &devs[index]; 1309 evt_io_capability_response *evt = ptr; 1310 struct bt_conn *conn; 1311 char da[18]; 1312 1313 ba2str(&evt->bdaddr, da); 1314 DBG("hci%d IO capability response from %s", index, da); 1315 1316 conn = find_connection(dev, &evt->bdaddr); 1317 if (conn) { 1318 conn->rem_cap = evt->capability; 1319 conn->rem_auth = evt->authentication; 1320 conn->rem_oob_data = evt->oob_data; 1321 } 1322} 1323 1324/* PIN code handling */ 1325 1326static void pin_code_request(int index, bdaddr_t *dba) 1327{ 1328 struct dev_info *dev = &devs[index]; 1329 struct bt_conn *conn; 1330 char addr[18]; 1331 int err; 1332 1333 ba2str(dba, addr); 1334 DBG("hci%d PIN request for %s", index, addr); 1335 1336 conn = get_connection(dev, dba); 1337 if (conn->handle == 0) 1338 conn->secmode3 = TRUE; 1339 1340 /* Check if the adapter is not pairable and if there isn't a bonding in 1341 * progress */ 1342 if (!dev->pairable && !conn->bonding_initiator) { 1343 DBG("Rejecting PIN request in non-pairable mode"); 1344 goto reject; 1345 } 1346 1347 err = btd_event_request_pin(&dev->bdaddr, dba); 1348 if (err < 0) { 1349 error("PIN code negative reply: %s", strerror(-err)); 1350 goto reject; 1351 } 1352 1353 return; 1354 1355reject: 1356 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_PIN_CODE_NEG_REPLY, 6, dba); 1357} 1358 1359static inline void remote_features_notify(int index, void *ptr) 1360{ 1361 struct dev_info *dev = &devs[index]; 1362 evt_remote_host_features_notify *evt = ptr; 1363 1364 if (evt->features[0] & 0x01) 1365 btd_event_set_legacy_pairing(&dev->bdaddr, &evt->bdaddr, 1366 FALSE); 1367 else 1368 btd_event_set_legacy_pairing(&dev->bdaddr, &evt->bdaddr, 1369 TRUE); 1370 1371 write_features_info(&dev->bdaddr, &evt->bdaddr, NULL, evt->features); 1372} 1373 1374static void write_le_host_complete(int index, uint8_t status) 1375{ 1376 struct dev_info *dev = &devs[index]; 1377 uint8_t page_num = 0x01; 1378 1379 if (status) 1380 return; 1381 1382 if (hci_send_cmd(dev->sk, OGF_INFO_PARAM, 1383 OCF_READ_LOCAL_EXT_FEATURES, 1, &page_num) < 0) 1384 error("Unable to read extended local features: %s (%d)", 1385 strerror(errno), errno); 1386} 1387 1388static void read_local_version_complete(int index, 1389 const read_local_version_rp *rp) 1390{ 1391 struct dev_info *dev = &devs[index]; 1392 1393 if (rp->status) 1394 return; 1395 1396 dev->ver.manufacturer = btohs(bt_get_unaligned(&rp->manufacturer)); 1397 dev->ver.hci_ver = rp->hci_ver; 1398 dev->ver.hci_rev = btohs(bt_get_unaligned(&rp->hci_rev)); 1399 dev->ver.lmp_ver = rp->lmp_ver; 1400 dev->ver.lmp_subver = btohs(bt_get_unaligned(&rp->lmp_subver)); 1401 1402 if (!dev->pending) 1403 return; 1404 1405 hci_clear_bit(PENDING_VERSION, &dev->pending); 1406 1407 DBG("Got version for hci%d", index); 1408 1409 if (!dev->pending && dev->up) 1410 init_adapter(index); 1411} 1412 1413static void read_local_features_complete(int index, 1414 const read_local_features_rp *rp) 1415{ 1416 struct dev_info *dev = &devs[index]; 1417 1418 if (rp->status) 1419 return; 1420 1421 memcpy(dev->features, rp->features, 8); 1422 1423 if (!dev->pending) 1424 return; 1425 1426 hci_clear_bit(PENDING_FEATURES, &dev->pending); 1427 1428 DBG("Got features for hci%d", index); 1429 1430 if (!dev->pending && dev->up) 1431 init_adapter(index); 1432} 1433 1434static void update_ext_inquiry_response(int index) 1435{ 1436 struct dev_info *dev = &devs[index]; 1437 write_ext_inquiry_response_cp cp; 1438 1439 DBG("hci%d", index); 1440 1441 if (!(dev->features[6] & LMP_EXT_INQ)) 1442 return; 1443 1444 if (dev->ssp_mode == 0) 1445 return; 1446 1447 if (dev->cache_enable) 1448 return; 1449 1450 memset(&cp, 0, sizeof(cp)); 1451 1452 eir_create(dev->name, dev->tx_power, dev->did_vendor, dev->did_product, 1453 dev->did_version, dev->uuids, cp.data); 1454 1455 if (memcmp(cp.data, dev->eir, sizeof(cp.data)) == 0) 1456 return; 1457 1458 memcpy(dev->eir, cp.data, sizeof(cp.data)); 1459 1460 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 1461 OCF_WRITE_EXT_INQUIRY_RESPONSE, 1462 WRITE_EXT_INQUIRY_RESPONSE_CP_SIZE, &cp) < 0) 1463 error("Unable to write EIR data: %s (%d)", 1464 strerror(errno), errno); 1465} 1466 1467static void update_name(int index, const char *name) 1468{ 1469 struct btd_adapter *adapter; 1470 1471 adapter = manager_find_adapter_by_id(index); 1472 if (adapter) 1473 adapter_update_local_name(adapter, name); 1474 1475 update_ext_inquiry_response(index); 1476} 1477 1478static void read_local_name_complete(int index, read_local_name_rp *rp) 1479{ 1480 struct dev_info *dev = &devs[index]; 1481 1482 DBG("hci%d status %u", index, rp->status); 1483 1484 if (rp->status) 1485 return; 1486 1487 memcpy(dev->name, rp->name, 248); 1488 1489 if (!dev->pending) { 1490 update_name(index, (char *) rp->name); 1491 return; 1492 } 1493 1494 hci_clear_bit(PENDING_NAME, &dev->pending); 1495 1496 DBG("Got name for hci%d", index); 1497 1498 /* Even though it shouldn't happen (assuming the kernel behaves 1499 * properly) it seems like we might miss the very first 1500 * initialization commands that the kernel sends. So check for 1501 * it here (since read_local_name is one of the last init 1502 * commands) and resend the first ones if we haven't seen 1503 * their results yet */ 1504 1505 if (hci_test_bit(PENDING_FEATURES, &dev->pending)) 1506 hci_send_cmd(dev->sk, OGF_INFO_PARAM, 1507 OCF_READ_LOCAL_FEATURES, 0, NULL); 1508 1509 if (hci_test_bit(PENDING_VERSION, &dev->pending)) 1510 hci_send_cmd(dev->sk, OGF_INFO_PARAM, 1511 OCF_READ_LOCAL_VERSION, 0, NULL); 1512 1513 if (!dev->pending && dev->up) 1514 init_adapter(index); 1515} 1516 1517static void read_tx_power_complete(int index, void *ptr) 1518{ 1519 struct dev_info *dev = &devs[index]; 1520 1521 read_inq_response_tx_power_level_rp *rp = ptr; 1522 1523 DBG("hci%d status %u", index, rp->status); 1524 1525 if (rp->status) 1526 return; 1527 1528 dev->tx_power = rp->level; 1529 update_ext_inquiry_response(index); 1530} 1531 1532static void read_simple_pairing_mode_complete(int index, void *ptr) 1533{ 1534 struct dev_info *dev = &devs[index]; 1535 read_simple_pairing_mode_rp *rp = ptr; 1536 1537 DBG("hci%d status %u", index, rp->status); 1538 1539 if (rp->status) 1540 return; 1541 1542 dev->ssp_mode = rp->mode; 1543 update_ext_inquiry_response(index); 1544} 1545 1546static void read_local_ext_features_complete(int index, 1547 const read_local_ext_features_rp *rp) 1548{ 1549 struct dev_info *dev = &devs[index]; 1550 1551 DBG("hci%d status %u", index, rp->status); 1552 1553 if (rp->status) 1554 return; 1555 1556 /* Local Extended feature page number is 1 */ 1557 if (rp->page_num != 1) 1558 return; 1559 1560 memcpy(dev->extfeatures, rp->features, sizeof(dev->extfeatures)); 1561} 1562 1563static void read_bd_addr_complete(int index, read_bd_addr_rp *rp) 1564{ 1565 struct dev_info *dev = &devs[index]; 1566 1567 DBG("hci%d status %u", index, rp->status); 1568 1569 if (rp->status) 1570 return; 1571 1572 bacpy(&dev->bdaddr, &rp->bdaddr); 1573 1574 if (!dev->pending) 1575 return; 1576 1577 hci_clear_bit(PENDING_BDADDR, &dev->pending); 1578 1579 DBG("Got bdaddr for hci%d", index); 1580 1581 if (!dev->pending && dev->up) 1582 init_adapter(index); 1583} 1584 1585static inline void cs_inquiry_evt(int index, uint8_t status) 1586{ 1587 if (status) { 1588 error("Inquiry Failed with status 0x%02x", status); 1589 return; 1590 } 1591 1592 set_state(index, DISCOV_INQ); 1593} 1594 1595static inline void cmd_status(int index, void *ptr) 1596{ 1597 evt_cmd_status *evt = ptr; 1598 uint16_t opcode = btohs(evt->opcode); 1599 1600 if (opcode == cmd_opcode_pack(OGF_LINK_CTL, OCF_INQUIRY)) 1601 cs_inquiry_evt(index, evt->status); 1602} 1603 1604static void read_scan_complete(int index, uint8_t status, void *ptr) 1605{ 1606 struct btd_adapter *adapter; 1607 read_scan_enable_rp *rp = ptr; 1608 1609 DBG("hci%d status %u", index, status); 1610 1611 adapter = manager_find_adapter_by_id(index); 1612 if (!adapter) { 1613 error("Unable to find matching adapter"); 1614 return; 1615 } 1616 1617 adapter_mode_changed(adapter, rp->enable); 1618} 1619 1620static int write_class(int index, uint32_t class) 1621{ 1622 struct dev_info *dev = &devs[index]; 1623 write_class_of_dev_cp cp; 1624 1625 DBG("hci%d class 0x%06x", index, class); 1626 1627 memcpy(cp.dev_class, &class, 3); 1628 1629 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_CLASS_OF_DEV, 1630 WRITE_CLASS_OF_DEV_CP_SIZE, &cp) < 0) 1631 return -errno; 1632 1633 dev->pending_cod = class; 1634 1635 return 0; 1636} 1637 1638/* Limited Discoverable bit mask in CoD */ 1639#define LIMITED_BIT 0x002000 1640 1641static int hciops_set_limited_discoverable(int index, gboolean limited) 1642{ 1643 struct dev_info *dev = &devs[index]; 1644 int num = (limited ? 2 : 1); 1645 uint8_t lap[] = { 0x33, 0x8b, 0x9e, 0x00, 0x8b, 0x9e }; 1646 write_current_iac_lap_cp cp; 1647 1648 DBG("hci%d limited %d", index, limited); 1649 1650 /* Check if limited bit needs to be set/reset */ 1651 if (limited) 1652 dev->wanted_cod |= LIMITED_BIT; 1653 else 1654 dev->wanted_cod &= ~LIMITED_BIT; 1655 1656 /* If we dont need the toggling, save an unnecessary CoD write */ 1657 if (dev->pending_cod || dev->wanted_cod == dev->current_cod) 1658 return 0; 1659 1660 /* 1661 * 1: giac 1662 * 2: giac + liac 1663 */ 1664 memset(&cp, 0, sizeof(cp)); 1665 cp.num_current_iac = num; 1666 memcpy(&cp.lap, lap, num * 3); 1667 1668 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_CURRENT_IAC_LAP, 1669 (num * 3 + 1), &cp) < 0) 1670 return -errno; 1671 1672 return write_class(index, dev->wanted_cod); 1673} 1674 1675static void write_class_complete(int index, uint8_t status) 1676{ 1677 struct dev_info *dev = &devs[index]; 1678 struct btd_adapter *adapter; 1679 1680 if (status) 1681 return; 1682 1683 if (dev->pending_cod == 0) 1684 return; 1685 1686 dev->current_cod = dev->pending_cod; 1687 dev->pending_cod = 0; 1688 1689 adapter = manager_find_adapter(&dev->bdaddr); 1690 if (adapter) 1691 btd_adapter_class_changed(adapter, dev->current_cod); 1692 1693 update_ext_inquiry_response(index); 1694 1695 if (dev->wanted_cod == dev->current_cod) 1696 return; 1697 1698 if (dev->wanted_cod & LIMITED_BIT && 1699 !(dev->current_cod & LIMITED_BIT)) 1700 hciops_set_limited_discoverable(index, TRUE); 1701 else if (!(dev->wanted_cod & LIMITED_BIT) && 1702 (dev->current_cod & LIMITED_BIT)) 1703 hciops_set_limited_discoverable(index, FALSE); 1704 else 1705 write_class(index, dev->wanted_cod); 1706} 1707 1708static void read_local_oob_data_complete(int index, uint8_t status, 1709 read_local_oob_data_rp *rp) 1710{ 1711 struct btd_adapter *adapter = manager_find_adapter_by_id(index); 1712 1713 if (!adapter) 1714 return; 1715 1716 if (status) 1717 oob_read_local_data_complete(adapter, NULL, NULL); 1718 else 1719 oob_read_local_data_complete(adapter, rp->hash, rp->randomizer); 1720} 1721 1722static inline void inquiry_complete_evt(int index, uint8_t status) 1723{ 1724 int adapter_type; 1725 struct btd_adapter *adapter; 1726 1727 if (status) { 1728 error("Inquiry Failed with status 0x%02x", status); 1729 return; 1730 } 1731 1732 adapter = manager_find_adapter_by_id(index); 1733 if (!adapter) { 1734 error("No matching adapter found"); 1735 return; 1736 } 1737 1738 adapter_type = get_adapter_type(index); 1739 1740 if (adapter_type == BR_EDR_LE && 1741 adapter_has_discov_sessions(adapter)) { 1742 int err = hciops_start_scanning(index, TIMEOUT_BR_LE_SCAN); 1743 if (err < 0) 1744 set_state(index, DISCOV_HALTED); 1745 } else { 1746 set_state(index, DISCOV_HALTED); 1747 } 1748} 1749 1750static inline void cc_inquiry_cancel(int index, uint8_t status) 1751{ 1752 if (status) { 1753 error("Inquiry Cancel Failed with status 0x%02x", status); 1754 return; 1755 } 1756 1757 set_state(index, DISCOV_HALTED); 1758} 1759 1760static inline void cc_le_set_scan_enable(int index, uint8_t status) 1761{ 1762 int state; 1763 1764 if (status) { 1765 error("LE Set Scan Enable Failed with status 0x%02x", status); 1766 return; 1767 } 1768 1769 state = get_state(index); 1770 if (state == DISCOV_SCAN) 1771 set_state(index, DISCOV_HALTED); 1772 else 1773 set_state(index, DISCOV_SCAN); 1774} 1775 1776static inline void cmd_complete(int index, void *ptr) 1777{ 1778 struct dev_info *dev = &devs[index]; 1779 evt_cmd_complete *evt = ptr; 1780 uint16_t opcode = btohs(evt->opcode); 1781 uint8_t status = *((uint8_t *) ptr + EVT_CMD_COMPLETE_SIZE); 1782 1783 switch (opcode) { 1784 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_VERSION): 1785 ptr += sizeof(evt_cmd_complete); 1786 read_local_version_complete(index, ptr); 1787 break; 1788 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_FEATURES): 1789 ptr += sizeof(evt_cmd_complete); 1790 read_local_features_complete(index, ptr); 1791 break; 1792 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_EXT_FEATURES): 1793 ptr += sizeof(evt_cmd_complete); 1794 read_local_ext_features_complete(index, ptr); 1795 break; 1796 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_BD_ADDR): 1797 ptr += sizeof(evt_cmd_complete); 1798 read_bd_addr_complete(index, ptr); 1799 break; 1800 case cmd_opcode_pack(OGF_LINK_CTL, OCF_INQUIRY_CANCEL): 1801 cc_inquiry_cancel(index, status); 1802 break; 1803 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_LE_HOST_SUPPORTED): 1804 write_le_host_complete(index, status); 1805 break; 1806 case cmd_opcode_pack(OGF_LE_CTL, OCF_LE_SET_SCAN_ENABLE): 1807 cc_le_set_scan_enable(index, status); 1808 break; 1809 case cmd_opcode_pack(OGF_HOST_CTL, OCF_CHANGE_LOCAL_NAME): 1810 if (!status) 1811 hci_send_cmd(dev->sk, OGF_HOST_CTL, 1812 OCF_READ_LOCAL_NAME, 0, 0); 1813 break; 1814 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE): 1815 hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_READ_SCAN_ENABLE, 1816 0, NULL); 1817 break; 1818 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_SCAN_ENABLE): 1819 ptr += sizeof(evt_cmd_complete); 1820 read_scan_complete(index, status, ptr); 1821 break; 1822 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_CLASS_OF_DEV): 1823 write_class_complete(index, status); 1824 break; 1825 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_SIMPLE_PAIRING_MODE): 1826 if (!status) 1827 hci_send_cmd(dev->sk, OGF_HOST_CTL, 1828 OCF_READ_SIMPLE_PAIRING_MODE, 0, NULL); 1829 break; 1830 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_SIMPLE_PAIRING_MODE): 1831 ptr += sizeof(evt_cmd_complete); 1832 read_simple_pairing_mode_complete(index, ptr); 1833 break; 1834 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_LOCAL_NAME): 1835 ptr += sizeof(evt_cmd_complete); 1836 read_local_name_complete(index, ptr); 1837 break; 1838 case cmd_opcode_pack(OGF_HOST_CTL, 1839 OCF_READ_INQ_RESPONSE_TX_POWER_LEVEL): 1840 ptr += sizeof(evt_cmd_complete); 1841 read_tx_power_complete(index, ptr); 1842 break; 1843 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_LOCAL_OOB_DATA): 1844 ptr += sizeof(evt_cmd_complete); 1845 read_local_oob_data_complete(index, status, ptr); 1846 break; 1847 }; 1848} 1849 1850static inline void remote_name_information(int index, void *ptr) 1851{ 1852 struct dev_info *dev = &devs[index]; 1853 evt_remote_name_req_complete *evt = ptr; 1854 char name[MAX_NAME_LENGTH + 1]; 1855 1856 DBG("hci%d status %u", index, evt->status); 1857 1858 memset(name, 0, sizeof(name)); 1859 1860 if (!evt->status) 1861 memcpy(name, evt->name, MAX_NAME_LENGTH); 1862 1863 btd_event_remote_name(&dev->bdaddr, &evt->bdaddr, evt->status, name); 1864} 1865 1866static inline void remote_version_information(int index, void *ptr) 1867{ 1868 struct dev_info *dev = &devs[index]; 1869 evt_read_remote_version_complete *evt = ptr; 1870 struct bt_conn *conn; 1871 1872 DBG("hci%d status %u", index, evt->status); 1873 1874 if (evt->status) 1875 return; 1876 1877 conn = find_conn_by_handle(dev, btohs(evt->handle)); 1878 if (conn == NULL) 1879 return; 1880 1881 write_version_info(&dev->bdaddr, &conn->bdaddr, 1882 btohs(evt->manufacturer), evt->lmp_ver, 1883 btohs(evt->lmp_subver)); 1884} 1885 1886static inline void inquiry_result(int index, int plen, void *ptr) 1887{ 1888 struct dev_info *dev = &devs[index]; 1889 uint8_t num = *(uint8_t *) ptr++; 1890 int i; 1891 1892 /* Skip if it is not in Inquiry state */ 1893 if (get_state(index) != DISCOV_INQ) 1894 return; 1895 1896 for (i = 0; i < num; i++) { 1897 inquiry_info *info = ptr; 1898 uint32_t class = info->dev_class[0] | 1899 (info->dev_class[1] << 8) | 1900 (info->dev_class[2] << 16); 1901 1902 btd_event_device_found(&dev->bdaddr, &info->bdaddr, class, 1903 0, NULL); 1904 ptr += INQUIRY_INFO_SIZE; 1905 } 1906} 1907 1908static inline void inquiry_result_with_rssi(int index, int plen, void *ptr) 1909{ 1910 struct dev_info *dev = &devs[index]; 1911 uint8_t num = *(uint8_t *) ptr++; 1912 int i; 1913 1914 if (!num) 1915 return; 1916 1917 if ((plen - 1) / num == INQUIRY_INFO_WITH_RSSI_AND_PSCAN_MODE_SIZE) { 1918 for (i = 0; i < num; i++) { 1919 inquiry_info_with_rssi_and_pscan_mode *info = ptr; 1920 uint32_t class = info->dev_class[0] 1921 | (info->dev_class[1] << 8) 1922 | (info->dev_class[2] << 16); 1923 1924 btd_event_device_found(&dev->bdaddr, &info->bdaddr, 1925 class, info->rssi, NULL); 1926 ptr += INQUIRY_INFO_WITH_RSSI_AND_PSCAN_MODE_SIZE; 1927 } 1928 } else { 1929 for (i = 0; i < num; i++) { 1930 inquiry_info_with_rssi *info = ptr; 1931 uint32_t class = info->dev_class[0] 1932 | (info->dev_class[1] << 8) 1933 | (info->dev_class[2] << 16); 1934 1935 btd_event_device_found(&dev->bdaddr, &info->bdaddr, 1936 class, info->rssi, NULL); 1937 ptr += INQUIRY_INFO_WITH_RSSI_SIZE; 1938 } 1939 } 1940} 1941 1942static inline void extended_inquiry_result(int index, int plen, void *ptr) 1943{ 1944 struct dev_info *dev = &devs[index]; 1945 uint8_t num = *(uint8_t *) ptr++; 1946 int i; 1947 1948 for (i = 0; i < num; i++) { 1949 extended_inquiry_info *info = ptr; 1950 uint32_t class = info->dev_class[0] 1951 | (info->dev_class[1] << 8) 1952 | (info->dev_class[2] << 16); 1953 1954 btd_event_device_found(&dev->bdaddr, &info->bdaddr, class, 1955 info->rssi, info->data); 1956 ptr += EXTENDED_INQUIRY_INFO_SIZE; 1957 } 1958} 1959 1960static inline void remote_features_information(int index, void *ptr) 1961{ 1962 struct dev_info *dev = &devs[index]; 1963 evt_read_remote_features_complete *evt = ptr; 1964 struct bt_conn *conn; 1965 1966 DBG("hci%d status %u", index, evt->status); 1967 1968 if (evt->status) 1969 return; 1970 1971 conn = find_conn_by_handle(dev, btohs(evt->handle)); 1972 if (conn == NULL) 1973 return; 1974 1975 write_features_info(&dev->bdaddr, &conn->bdaddr, evt->features, NULL); 1976} 1977 1978struct remote_version_req { 1979 int index; 1980 uint16_t handle; 1981}; 1982 1983static gboolean __get_remote_version(gpointer user_data) 1984{ 1985 struct remote_version_req *req = user_data; 1986 struct dev_info *dev = &devs[req->index]; 1987 read_remote_version_cp cp; 1988 1989 DBG("hci%d handle %u", req->index, req->handle); 1990 1991 memset(&cp, 0, sizeof(cp)); 1992 cp.handle = htobs(req->handle); 1993 1994 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_READ_REMOTE_VERSION, 1995 READ_REMOTE_VERSION_CP_SIZE, &cp); 1996 1997 return FALSE; 1998} 1999 2000static void get_remote_version(int index, uint16_t handle) 2001{ 2002 struct remote_version_req *req; 2003 2004 req = g_new0(struct remote_version_req, 1); 2005 req->handle = handle; 2006 req->index = index; 2007 2008 g_timeout_add_seconds_full(G_PRIORITY_DEFAULT, 1, __get_remote_version, 2009 req, g_free); 2010} 2011 2012static void conn_free(struct bt_conn *conn) 2013{ 2014 if (conn->io != NULL) { 2015 g_io_channel_shutdown(conn->io, TRUE, NULL); 2016 g_io_channel_unref(conn->io); 2017 } 2018 2019 g_free(conn); 2020} 2021 2022static inline void conn_failed(int index, bdaddr_t *bdaddr, uint8_t status) 2023{ 2024 struct dev_info *dev = &devs[index]; 2025 struct bt_conn *conn; 2026 2027 btd_event_conn_failed(&dev->bdaddr, bdaddr, status); 2028 2029 conn = find_connection(dev, bdaddr); 2030 if (conn == NULL) 2031 return; 2032 2033 bonding_complete(dev, conn, status); 2034 2035 dev->connections = g_slist_remove(dev->connections, conn); 2036 conn_free(conn); 2037} 2038 2039static inline void conn_complete(int index, void *ptr) 2040{ 2041 struct dev_info *dev = &devs[index]; 2042 evt_conn_complete *evt = ptr; 2043 char filename[PATH_MAX]; 2044 char local_addr[18], peer_addr[18], *str; 2045 struct bt_conn *conn; 2046 2047 if (evt->link_type != ACL_LINK) 2048 return; 2049 2050 DBG("status 0x%02x", evt->status); 2051 2052 if (evt->status != 0) { 2053 conn_failed(index, &evt->bdaddr, evt->status); 2054 return; 2055 } 2056 2057 conn = get_connection(dev, &evt->bdaddr); 2058 conn->handle = btohs(evt->handle); 2059 2060 btd_event_conn_complete(&dev->bdaddr, &evt->bdaddr); 2061 2062 if (conn->secmode3) 2063 bonding_complete(dev, conn, 0); 2064 2065 /* check if the remote version needs be requested */ 2066 ba2str(&dev->bdaddr, local_addr); 2067 ba2str(&evt->bdaddr, peer_addr); 2068 2069 create_name(filename, sizeof(filename), STORAGEDIR, local_addr, 2070 "manufacturers"); 2071 2072 str = textfile_get(filename, peer_addr); 2073 if (!str) 2074 get_remote_version(index, btohs(evt->handle)); 2075 else 2076 free(str); 2077} 2078 2079static inline void le_conn_complete(int index, void *ptr) 2080{ 2081 struct dev_info *dev = &devs[index]; 2082 evt_le_connection_complete *evt = ptr; 2083 char filename[PATH_MAX]; 2084 char local_addr[18], peer_addr[18], *str; 2085 struct bt_conn *conn; 2086 2087 if (evt->status) { 2088 btd_event_conn_failed(&dev->bdaddr, &evt->peer_bdaddr, 2089 evt->status); 2090 return; 2091 } 2092 2093 conn = get_connection(dev, &evt->peer_bdaddr); 2094 conn->handle = btohs(evt->handle); 2095 2096 btd_event_conn_complete(&dev->bdaddr, &evt->peer_bdaddr); 2097 2098 /* check if the remote version needs be requested */ 2099 ba2str(&dev->bdaddr, local_addr); 2100 ba2str(&evt->peer_bdaddr, peer_addr); 2101 2102 create_name(filename, sizeof(filename), STORAGEDIR, local_addr, 2103 "manufacturers"); 2104 2105 str = textfile_get(filename, peer_addr); 2106 if (!str) 2107 get_remote_version(index, btohs(evt->handle)); 2108 else 2109 free(str); 2110} 2111 2112static inline void disconn_complete(int index, void *ptr) 2113{ 2114 struct dev_info *dev = &devs[index]; 2115 evt_disconn_complete *evt = ptr; 2116 struct bt_conn *conn; 2117 2118 DBG("handle %u status 0x%02x", btohs(evt->handle), evt->status); 2119 2120 if (evt->status != 0) 2121 return; 2122 2123 conn = find_conn_by_handle(dev, btohs(evt->handle)); 2124 if (conn == NULL) 2125 return; 2126 2127 dev->connections = g_slist_remove(dev->connections, conn); 2128 2129 btd_event_disconn_complete(&dev->bdaddr, &conn->bdaddr); 2130 2131 conn_free(conn); 2132} 2133 2134static inline void auth_complete(int index, void *ptr) 2135{ 2136 struct dev_info *dev = &devs[index]; 2137 evt_auth_complete *evt = ptr; 2138 struct bt_conn *conn; 2139 2140 DBG("hci%d status %u", index, evt->status); 2141 2142 conn = find_conn_by_handle(dev, btohs(evt->handle)); 2143 if (conn == NULL) 2144 return; 2145 2146 bonding_complete(dev, conn, evt->status); 2147} 2148 2149static inline void simple_pairing_complete(int index, void *ptr) 2150{ 2151 struct dev_info *dev = &devs[index]; 2152 evt_simple_pairing_complete *evt = ptr; 2153 2154 DBG("hci%d status %u", index, evt->status); 2155 2156 btd_event_simple_pairing_complete(&dev->bdaddr, &evt->bdaddr, 2157 evt->status); 2158} 2159 2160static inline void conn_request(int index, void *ptr) 2161{ 2162 struct dev_info *dev = &devs[index]; 2163 evt_conn_request *evt = ptr; 2164 uint32_t class = evt->dev_class[0] | (evt->dev_class[1] << 8) 2165 | (evt->dev_class[2] << 16); 2166 2167 btd_event_remote_class(&dev->bdaddr, &evt->bdaddr, class); 2168} 2169 2170static inline void le_advertising_report(int index, evt_le_meta_event *meta) 2171{ 2172 struct dev_info *dev = &devs[index]; 2173 le_advertising_info *info; 2174 uint8_t num_reports, rssi; 2175 const uint8_t RSSI_SIZE = 1; 2176 2177 num_reports = meta->data[0]; 2178 2179 info = (le_advertising_info *) &meta->data[1]; 2180 rssi = *(info->data + info->length); 2181 2182 btd_event_device_found(&dev->bdaddr, &info->bdaddr, 0, rssi, 2183 info->data); 2184 2185 num_reports--; 2186 2187 while (num_reports--) { 2188 info = (le_advertising_info *) (info->data + info->length + 2189 RSSI_SIZE); 2190 rssi = *(info->data + info->length); 2191 2192 btd_event_device_found(&dev->bdaddr, &info->bdaddr, 0, rssi, 2193 info->data); 2194 } 2195} 2196 2197static inline void le_metaevent(int index, void *ptr) 2198{ 2199 evt_le_meta_event *meta = ptr; 2200 2201 DBG("hci%d LE Meta Event %u", index, meta->subevent); 2202 2203 switch (meta->subevent) { 2204 case EVT_LE_ADVERTISING_REPORT: 2205 le_advertising_report(index, meta); 2206 break; 2207 2208 case EVT_LE_CONN_COMPLETE: 2209 le_conn_complete(index, meta->data); 2210 break; 2211 } 2212} 2213 2214static void stop_hci_dev(int index) 2215{ 2216 struct dev_info *dev = &devs[index]; 2217 2218 if (dev->sk < 0) 2219 return; 2220 2221 info("Stopping hci%d event socket", index); 2222 2223 if (dev->watch_id > 0) 2224 g_source_remove(dev->watch_id); 2225 2226 if (dev->stop_scan_id > 0) 2227 g_source_remove(dev->stop_scan_id); 2228 2229 if (dev->io != NULL) 2230 g_io_channel_unref(dev->io); 2231 2232 hci_close_dev(dev->sk); 2233 2234 g_slist_foreach(dev->keys, (GFunc) g_free, NULL); 2235 g_slist_free(dev->keys); 2236 2237 g_slist_foreach(dev->uuids, (GFunc) g_free, NULL); 2238 g_slist_free(dev->uuids); 2239 2240 g_slist_foreach(dev->connections, (GFunc) conn_free, NULL); 2241 g_slist_free(dev->connections); 2242 2243 init_dev_info(index, -1, dev->registered, dev->already_up); 2244} 2245 2246static gboolean io_security_event(GIOChannel *chan, GIOCondition cond, 2247 gpointer data) 2248{ 2249 unsigned char buf[HCI_MAX_EVENT_SIZE], *ptr = buf; 2250 int type, index = GPOINTER_TO_INT(data); 2251 struct dev_info *dev = &devs[index]; 2252 struct hci_dev_info di; 2253 ssize_t len; 2254 hci_event_hdr *eh; 2255 evt_cmd_status *evt; 2256 int fd; 2257 2258 if (cond & (G_IO_NVAL | G_IO_HUP | G_IO_ERR)) { 2259 stop_hci_dev(index); 2260 return FALSE; 2261 } 2262 2263 fd = g_io_channel_unix_get_fd(chan); 2264 2265 len = read(fd, buf, sizeof(buf)); 2266 if (len < 0) { 2267 if (errno == EAGAIN) 2268 return TRUE; 2269 stop_hci_dev(index); 2270 return FALSE; 2271 } 2272 2273 type = *ptr++; 2274 2275 if (type != HCI_EVENT_PKT) 2276 return TRUE; 2277 2278 eh = (hci_event_hdr *) ptr; 2279 ptr += HCI_EVENT_HDR_SIZE; 2280 2281 memset(&di, 0, sizeof(di)); 2282 if (hci_devinfo(index, &di) == 0) { 2283 bacpy(&dev->bdaddr, &di.bdaddr); 2284 2285 if (ignore_device(&di)) 2286 return TRUE; 2287 } 2288 2289 switch (eh->evt) { 2290 case EVT_CMD_STATUS: 2291 cmd_status(index, ptr); 2292 break; 2293 2294 case EVT_CMD_COMPLETE: 2295 cmd_complete(index, ptr); 2296 break; 2297 2298 case EVT_REMOTE_NAME_REQ_COMPLETE: 2299 remote_name_information(index, ptr); 2300 break; 2301 2302 case EVT_READ_REMOTE_VERSION_COMPLETE: 2303 remote_version_information(index, ptr); 2304 break; 2305 2306 case EVT_READ_REMOTE_FEATURES_COMPLETE: 2307 remote_features_information(index, ptr); 2308 break; 2309 2310 case EVT_REMOTE_HOST_FEATURES_NOTIFY: 2311 remote_features_notify(index, ptr); 2312 break; 2313 2314 case EVT_INQUIRY_COMPLETE: 2315 evt = (evt_cmd_status *) ptr; 2316 inquiry_complete_evt(index, evt->status); 2317 break; 2318 2319 case EVT_INQUIRY_RESULT: 2320 inquiry_result(index, eh->plen, ptr); 2321 break; 2322 2323 case EVT_INQUIRY_RESULT_WITH_RSSI: 2324 inquiry_result_with_rssi(index, eh->plen, ptr); 2325 break; 2326 2327 case EVT_EXTENDED_INQUIRY_RESULT: 2328 extended_inquiry_result(index, eh->plen, ptr); 2329 break; 2330 2331 case EVT_CONN_COMPLETE: 2332 conn_complete(index, ptr); 2333 break; 2334 2335 case EVT_DISCONN_COMPLETE: 2336 disconn_complete(index, ptr); 2337 break; 2338 2339 case EVT_AUTH_COMPLETE: 2340 auth_complete(index, ptr); 2341 break; 2342 2343 case EVT_SIMPLE_PAIRING_COMPLETE: 2344 simple_pairing_complete(index, ptr); 2345 break; 2346 2347 case EVT_CONN_REQUEST: 2348 conn_request(index, ptr); 2349 break; 2350 case EVT_LE_META_EVENT: 2351 le_metaevent(index, ptr); 2352 break; 2353 case EVT_PIN_CODE_REQ: 2354 pin_code_request(index, (bdaddr_t *) ptr); 2355 break; 2356 2357 case EVT_LINK_KEY_REQ: 2358 link_key_request(index, (bdaddr_t *) ptr); 2359 break; 2360 2361 case EVT_LINK_KEY_NOTIFY: 2362 link_key_notify(index, ptr); 2363 break; 2364 2365 case EVT_RETURN_LINK_KEYS: 2366 return_link_keys(index, ptr); 2367 break; 2368 2369 case EVT_IO_CAPABILITY_REQUEST: 2370 io_capa_request(index, ptr); 2371 break; 2372 2373 case EVT_IO_CAPABILITY_RESPONSE: 2374 io_capa_response(index, ptr); 2375 break; 2376 2377 case EVT_USER_CONFIRM_REQUEST: 2378 user_confirm_request(index, ptr); 2379 break; 2380 2381 case EVT_USER_PASSKEY_REQUEST: 2382 user_passkey_request(index, ptr); 2383 break; 2384 2385 case EVT_USER_PASSKEY_NOTIFY: 2386 user_passkey_notify(index, ptr); 2387 break; 2388 2389 case EVT_REMOTE_OOB_DATA_REQUEST: 2390 remote_oob_data_request(index, (bdaddr_t *) ptr); 2391 break; 2392 } 2393 2394 return TRUE; 2395} 2396 2397static void start_hci_dev(int index) 2398{ 2399 struct dev_info *dev = &devs[index]; 2400 GIOChannel *chan = dev->io; 2401 GIOCondition cond; 2402 struct hci_filter flt; 2403 2404 if (chan) 2405 return; 2406 2407 info("Listening for HCI events on hci%d", index); 2408 2409 /* Set filter */ 2410 hci_filter_clear(&flt); 2411 hci_filter_set_ptype(HCI_EVENT_PKT, &flt); 2412 hci_filter_set_event(EVT_CMD_STATUS, &flt); 2413 hci_filter_set_event(EVT_CMD_COMPLETE, &flt); 2414 hci_filter_set_event(EVT_PIN_CODE_REQ, &flt); 2415 hci_filter_set_event(EVT_LINK_KEY_REQ, &flt); 2416 hci_filter_set_event(EVT_LINK_KEY_NOTIFY, &flt); 2417 hci_filter_set_event(EVT_RETURN_LINK_KEYS, &flt); 2418 hci_filter_set_event(EVT_IO_CAPABILITY_REQUEST, &flt); 2419 hci_filter_set_event(EVT_IO_CAPABILITY_RESPONSE, &flt); 2420 hci_filter_set_event(EVT_USER_CONFIRM_REQUEST, &flt); 2421 hci_filter_set_event(EVT_USER_PASSKEY_REQUEST, &flt); 2422 hci_filter_set_event(EVT_REMOTE_OOB_DATA_REQUEST, &flt); 2423 hci_filter_set_event(EVT_USER_PASSKEY_NOTIFY, &flt); 2424 hci_filter_set_event(EVT_KEYPRESS_NOTIFY, &flt); 2425 hci_filter_set_event(EVT_SIMPLE_PAIRING_COMPLETE, &flt); 2426 hci_filter_set_event(EVT_AUTH_COMPLETE, &flt); 2427 hci_filter_set_event(EVT_REMOTE_NAME_REQ_COMPLETE, &flt); 2428 hci_filter_set_event(EVT_READ_REMOTE_VERSION_COMPLETE, &flt); 2429 hci_filter_set_event(EVT_READ_REMOTE_FEATURES_COMPLETE, &flt); 2430 hci_filter_set_event(EVT_REMOTE_HOST_FEATURES_NOTIFY, &flt); 2431 hci_filter_set_event(EVT_INQUIRY_COMPLETE, &flt); 2432 hci_filter_set_event(EVT_INQUIRY_RESULT, &flt); 2433 hci_filter_set_event(EVT_INQUIRY_RESULT_WITH_RSSI, &flt); 2434 hci_filter_set_event(EVT_EXTENDED_INQUIRY_RESULT, &flt); 2435 hci_filter_set_event(EVT_CONN_REQUEST, &flt); 2436 hci_filter_set_event(EVT_CONN_COMPLETE, &flt); 2437 hci_filter_set_event(EVT_DISCONN_COMPLETE, &flt); 2438 hci_filter_set_event(EVT_LE_META_EVENT, &flt); 2439 if (setsockopt(dev->sk, SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) { 2440 error("Can't set filter on hci%d: %s (%d)", 2441 index, strerror(errno), errno); 2442 return; 2443 } 2444 2445 chan = g_io_channel_unix_new(dev->sk); 2446 cond = G_IO_IN | G_IO_NVAL | G_IO_HUP | G_IO_ERR; 2447 dev->watch_id = g_io_add_watch_full(chan, G_PRIORITY_LOW, cond, 2448 io_security_event, 2449 GINT_TO_POINTER(index), NULL); 2450 dev->io = chan; 2451 dev->pin_length = 0; 2452 2453} 2454 2455/* End of HCI event callbacks */ 2456 2457static gboolean child_exit(GIOChannel *io, GIOCondition cond, void *user_data) 2458{ 2459 int status, fd = g_io_channel_unix_get_fd(io); 2460 pid_t child_pid; 2461 2462 if (read(fd, &child_pid, sizeof(child_pid)) != sizeof(child_pid)) { 2463 error("child_exit: unable to read child pid from pipe"); 2464 return TRUE; 2465 } 2466 2467 if (waitpid(child_pid, &status, 0) != child_pid) 2468 error("waitpid(%d) failed", child_pid); 2469 else 2470 DBG("child %d exited", child_pid); 2471 2472 return TRUE; 2473} 2474 2475static void at_child_exit(void) 2476{ 2477 pid_t pid = getpid(); 2478 2479 if (write(child_pipe[1], &pid, sizeof(pid)) != sizeof(pid)) 2480 error("unable to write to child pipe"); 2481} 2482 2483static void device_devup_setup(int index) 2484{ 2485 struct dev_info *dev = &devs[index]; 2486 struct hci_dev_info di; 2487 read_stored_link_key_cp cp; 2488 2489 DBG("hci%d", index); 2490 2491 if (hci_devinfo(index, &di) < 0) 2492 return; 2493 2494 if (ignore_device(&di)) 2495 return; 2496 2497 bacpy(&dev->bdaddr, &di.bdaddr); 2498 memcpy(dev->features, di.features, 8); 2499 2500 /* Set page timeout */ 2501 if ((main_opts.flags & (1 << HCID_SET_PAGETO))) { 2502 write_page_timeout_cp cp; 2503 2504 cp.timeout = htobs(main_opts.pageto); 2505 hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_PAGE_TIMEOUT, 2506 WRITE_PAGE_TIMEOUT_CP_SIZE, &cp); 2507 } 2508 2509 bacpy(&cp.bdaddr, BDADDR_ANY); 2510 cp.read_all = 1; 2511 hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_READ_STORED_LINK_KEY, 2512 READ_STORED_LINK_KEY_CP_SIZE, &cp); 2513 2514 if (!dev->pending) 2515 init_adapter(index); 2516} 2517 2518static void init_pending(int index) 2519{ 2520 struct dev_info *dev = &devs[index]; 2521 2522 hci_set_bit(PENDING_BDADDR, &dev->pending); 2523 hci_set_bit(PENDING_VERSION, &dev->pending); 2524 hci_set_bit(PENDING_FEATURES, &dev->pending); 2525 hci_set_bit(PENDING_NAME, &dev->pending); 2526} 2527 2528static struct dev_info *init_device(int index, gboolean already_up) 2529{ 2530 struct dev_info *dev; 2531 struct hci_dev_req dr; 2532 int dd; 2533 pid_t pid; 2534 2535 DBG("hci%d", index); 2536 2537 dd = hci_open_dev(index); 2538 if (dd < 0) { 2539 error("Unable to open hci%d: %s (%d)", index, 2540 strerror(errno), errno); 2541 return NULL; 2542 } 2543 2544 if (index > max_dev) { 2545 max_dev = index; 2546 devs = g_realloc(devs, sizeof(devs[0]) * (max_dev + 1)); 2547 } 2548 2549 dev = init_dev_info(index, dd, FALSE, already_up); 2550 init_pending(index); 2551 start_hci_dev(index); 2552 2553 /* Avoid forking if nothing else has to be done */ 2554 if (already_up) 2555 return dev; 2556 2557 /* Do initialization in the separate process */ 2558 pid = fork(); 2559 switch (pid) { 2560 case 0: 2561 atexit(at_child_exit); 2562 break; 2563 case -1: 2564 error("Fork failed. Can't init device hci%d: %s (%d)", 2565 index, strerror(errno), errno); 2566 default: 2567 DBG("child %d forked", pid); 2568 return dev; 2569 } 2570 2571 memset(&dr, 0, sizeof(dr)); 2572 dr.dev_id = index; 2573 2574 /* Set link mode */ 2575 dr.dev_opt = main_opts.link_mode; 2576 if (ioctl(dd, HCISETLINKMODE, (unsigned long) &dr) < 0) 2577 error("Can't set link mode on hci%d: %s (%d)", 2578 index, strerror(errno), errno); 2579 2580 /* Start HCI device */ 2581 if (ioctl(dd, HCIDEVUP, index) < 0 && errno != EALREADY) { 2582 error("Can't init device hci%d: %s (%d)", 2583 index, strerror(errno), errno); 2584 goto fail; 2585 } 2586 2587 hci_close_dev(dd); 2588 exit(0); 2589 2590fail: 2591 hci_close_dev(dd); 2592 exit(1); 2593} 2594 2595static void init_conn_list(int index) 2596{ 2597 struct dev_info *dev = &devs[index]; 2598 struct hci_conn_list_req *cl; 2599 struct hci_conn_info *ci; 2600 int i; 2601 2602 DBG("hci%d", index); 2603 2604 cl = g_malloc0(10 * sizeof(*ci) + sizeof(*cl)); 2605 2606 cl->dev_id = index; 2607 cl->conn_num = 10; 2608 ci = cl->conn_info; 2609 2610 if (ioctl(dev->sk, HCIGETCONNLIST, cl) < 0) { 2611 error("Unable to get connection list: %s (%d)", 2612 strerror(errno), errno); 2613 goto failed; 2614 } 2615 2616 for (i = 0; i < cl->conn_num; i++, ci++) { 2617 struct bt_conn *conn; 2618 2619 if (ci->type != ACL_LINK) 2620 continue; 2621 2622 conn = get_connection(dev, &ci->bdaddr); 2623 conn->handle = ci->handle; 2624 } 2625 2626failed: 2627 g_free(cl); 2628} 2629 2630static void device_event(int event, int index) 2631{ 2632 switch (event) { 2633 case HCI_DEV_REG: 2634 info("HCI dev %d registered", index); 2635 init_device(index, FALSE); 2636 break; 2637 2638 case HCI_DEV_UNREG: 2639 info("HCI dev %d unregistered", index); 2640 stop_hci_dev(index); 2641 if (devs[index].registered) 2642 btd_manager_unregister_adapter(index); 2643 break; 2644 2645 case HCI_DEV_UP: 2646 info("HCI dev %d up", index); 2647 devs[index].up = TRUE; 2648 device_devup_setup(index); 2649 break; 2650 2651 case HCI_DEV_DOWN: 2652 info("HCI dev %d down", index); 2653 devs[index].up = FALSE; 2654 devs[index].pending_cod = 0; 2655 devs[index].cache_enable = TRUE; 2656 if (!devs[index].pending) { 2657 struct btd_adapter *adapter; 2658 2659 adapter = manager_find_adapter_by_id(index); 2660 if (adapter) 2661 btd_adapter_stop(adapter); 2662 2663 init_pending(index); 2664 } 2665 break; 2666 } 2667} 2668 2669static gboolean init_known_adapters(gpointer user_data) 2670{ 2671 struct hci_dev_list_req *dl; 2672 struct hci_dev_req *dr; 2673 int i, err, ctl = GPOINTER_TO_INT(user_data); 2674 size_t req_size; 2675 2676 DBG(""); 2677 2678 req_size = HCI_MAX_DEV * sizeof(struct hci_dev_req) + sizeof(uint16_t); 2679 2680 dl = g_try_malloc0(req_size); 2681 if (!dl) { 2682 error("Can't allocate devlist buffer"); 2683 return FALSE; 2684 } 2685 2686 dl->dev_num = HCI_MAX_DEV; 2687 dr = dl->dev_req; 2688 2689 if (ioctl(ctl, HCIGETDEVLIST, dl) < 0) { 2690 err = -errno; 2691 error("Can't get device list: %s (%d)", strerror(-err), -err); 2692 g_free(dl); 2693 return FALSE; 2694 } 2695 2696 for (i = 0; i < dl->dev_num; i++, dr++) { 2697 struct dev_info *dev; 2698 gboolean already_up; 2699 2700 already_up = hci_test_bit(HCI_UP, &dr->dev_opt); 2701 2702 dev = init_device(dr->dev_id, already_up); 2703 if (dev == NULL) 2704 continue; 2705 2706 if (!dev->already_up) 2707 continue; 2708 2709 init_conn_list(dr->dev_id); 2710 2711 dev->pending = 0; 2712 hci_set_bit(PENDING_VERSION, &dev->pending); 2713 hci_send_cmd(dev->sk, OGF_INFO_PARAM, 2714 OCF_READ_LOCAL_VERSION, 0, NULL); 2715 device_event(HCI_DEV_UP, dr->dev_id); 2716 } 2717 2718 g_free(dl); 2719 2720 return FALSE; 2721} 2722 2723static gboolean io_stack_event(GIOChannel *chan, GIOCondition cond, 2724 gpointer data) 2725{ 2726 unsigned char buf[HCI_MAX_FRAME_SIZE], *ptr; 2727 evt_stack_internal *si; 2728 evt_si_device *sd; 2729 hci_event_hdr *eh; 2730 int type, fd; 2731 ssize_t len; 2732 2733 ptr = buf; 2734 2735 fd = g_io_channel_unix_get_fd(chan); 2736 2737 len = read(fd, buf, sizeof(buf)); 2738 if (len < 0) { 2739 if (errno == EAGAIN) 2740 return TRUE; 2741 2742 error("Read from control socket failed: %s (%d)", 2743 strerror(errno), errno); 2744 return FALSE; 2745 } 2746 2747 type = *ptr++; 2748 2749 if (type != HCI_EVENT_PKT) 2750 return TRUE; 2751 2752 eh = (hci_event_hdr *) ptr; 2753 if (eh->evt != EVT_STACK_INTERNAL) 2754 return TRUE; 2755 2756 ptr += HCI_EVENT_HDR_SIZE; 2757 2758 si = (evt_stack_internal *) ptr; 2759 switch (si->type) { 2760 case EVT_SI_DEVICE: 2761 sd = (void *) &si->data; 2762 device_event(sd->event, sd->dev_id); 2763 break; 2764 } 2765 2766 return TRUE; 2767} 2768 2769static int hciops_setup(void) 2770{ 2771 struct sockaddr_hci addr; 2772 struct hci_filter flt; 2773 GIOChannel *ctl_io, *child_io; 2774 int sock, err; 2775 2776 DBG(""); 2777 2778 if (child_pipe[0] != -1) 2779 return -EALREADY; 2780 2781 if (pipe(child_pipe) < 0) { 2782 err = -errno; 2783 error("pipe(): %s (%d)", strerror(-err), -err); 2784 return err; 2785 } 2786 2787 child_io = g_io_channel_unix_new(child_pipe[0]); 2788 g_io_channel_set_close_on_unref(child_io, TRUE); 2789 child_io_id = g_io_add_watch(child_io, 2790 G_IO_IN | G_IO_ERR | G_IO_HUP | G_IO_NVAL, 2791 child_exit, NULL); 2792 g_io_channel_unref(child_io); 2793 2794 /* Create and bind HCI socket */ 2795 sock = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI); 2796 if (sock < 0) { 2797 err = -errno; 2798 error("Can't open HCI socket: %s (%d)", strerror(-err), 2799 -err); 2800 return err; 2801 } 2802 2803 /* Set filter */ 2804 hci_filter_clear(&flt); 2805 hci_filter_set_ptype(HCI_EVENT_PKT, &flt); 2806 hci_filter_set_event(EVT_STACK_INTERNAL, &flt); 2807 if (setsockopt(sock, SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) { 2808 err = -errno; 2809 error("Can't set filter: %s (%d)", strerror(-err), -err); 2810 return err; 2811 } 2812 2813 memset(&addr, 0, sizeof(addr)); 2814 addr.hci_family = AF_BLUETOOTH; 2815 addr.hci_dev = HCI_DEV_NONE; 2816 if (bind(sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) { 2817 err = -errno; 2818 error("Can't bind HCI socket: %s (%d)", strerror(-err), -err); 2819 return err; 2820 } 2821 2822 ctl_io = g_io_channel_unix_new(sock); 2823 g_io_channel_set_close_on_unref(ctl_io, TRUE); 2824 2825 ctl_io_id = g_io_add_watch(ctl_io, G_IO_IN, io_stack_event, NULL); 2826 2827 g_io_channel_unref(ctl_io); 2828 2829 g_idle_add(init_known_adapters, GINT_TO_POINTER(sock)); 2830 2831 return 0; 2832} 2833 2834static void hciops_cleanup(void) 2835{ 2836 int i; 2837 2838 DBG(""); 2839 2840 for (i = 0; i <= max_dev; i++) 2841 stop_hci_dev(i); 2842 2843 g_free(devs); 2844 devs = NULL; 2845 max_dev = -1; 2846 2847 if (child_io_id) { 2848 g_source_remove(child_io_id); 2849 child_io_id = 0; 2850 } 2851 2852 if (ctl_io_id) { 2853 g_source_remove(ctl_io_id); 2854 ctl_io_id = 0; 2855 } 2856 2857 if (child_pipe[0] >= 0) { 2858 close(child_pipe[0]); 2859 child_pipe[0] = -1; 2860 } 2861 2862 if (child_pipe[1] >= 0) { 2863 close(child_pipe[1]); 2864 child_pipe[1] = -1; 2865 } 2866} 2867 2868static int hciops_set_powered(int index, gboolean powered) 2869{ 2870 struct dev_info *dev = &devs[index]; 2871 int err; 2872 2873 DBG("hci%d powered %d", index, powered); 2874 2875 if (powered == FALSE) 2876 return hciops_power_off(index); 2877 2878 if (ioctl(dev->sk, HCIDEVUP, index) == 0) 2879 return 0; 2880 2881 if (errno == EALREADY) 2882 return 0; 2883 2884 err = -errno; 2885 error("Can't init device hci%d: %s (%d)", 2886 index, strerror(-err), -err); 2887 2888 return err; 2889} 2890 2891static int hciops_set_dev_class(int index, uint8_t major, uint8_t minor) 2892{ 2893 struct dev_info *dev = &devs[index]; 2894 int err; 2895 2896 DBG("hci%d major %u minor %u", index, major, minor); 2897 2898 /* Update only the major and minor class bits keeping remaining bits 2899 * intact*/ 2900 dev->wanted_cod &= 0xffe000; 2901 dev->wanted_cod |= ((major & 0x1f) << 8) | minor; 2902 2903 if (dev->wanted_cod == dev->current_cod || 2904 dev->cache_enable || dev->pending_cod) 2905 return 0; 2906 2907 DBG("Changing Major/Minor class to 0x%06x", dev->wanted_cod); 2908 2909 err = write_class(index, dev->wanted_cod); 2910 if (err < 0) 2911 error("Adapter class update failed: %s (%d)", 2912 strerror(-err), -err); 2913 2914 return err; 2915} 2916 2917static int hciops_start_inquiry(int index, uint8_t length) 2918{ 2919 struct dev_info *dev = &devs[index]; 2920 uint8_t lap[3] = { 0x33, 0x8b, 0x9e }; 2921 inquiry_cp inq_cp; 2922 2923 DBG("hci%d length %u", index, length); 2924 2925 memset(&inq_cp, 0, sizeof(inq_cp)); 2926 memcpy(&inq_cp.lap, lap, 3); 2927 inq_cp.length = length; 2928 inq_cp.num_rsp = 0x00; 2929 2930 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, 2931 OCF_INQUIRY, INQUIRY_CP_SIZE, &inq_cp) < 0) 2932 return -errno; 2933 2934 return 0; 2935} 2936 2937static int le_set_scan_enable(int index, uint8_t enable) 2938{ 2939 struct dev_info *dev = &devs[index]; 2940 le_set_scan_enable_cp cp; 2941 2942 DBG("hci%d enable %u", index, enable); 2943 2944 memset(&cp, 0, sizeof(cp)); 2945 cp.enable = enable; 2946 cp.filter_dup = 0; 2947 2948 if (hci_send_cmd(dev->sk, OGF_LE_CTL, OCF_LE_SET_SCAN_ENABLE, 2949 LE_SET_SCAN_ENABLE_CP_SIZE, &cp) < 0) 2950 return -errno; 2951 2952 return 0; 2953} 2954 2955static gboolean stop_le_scan_cb(gpointer user_data) 2956{ 2957 struct dev_info *dev = user_data; 2958 int err; 2959 2960 err = le_set_scan_enable(dev->id, 0); 2961 if (err < 0) 2962 return TRUE; 2963 2964 dev->stop_scan_id = 0; 2965 2966 return FALSE; 2967} 2968 2969static int hciops_start_scanning(int index, int timeout) 2970{ 2971 struct dev_info *dev = &devs[index]; 2972 le_set_scan_parameters_cp cp; 2973 int err; 2974 2975 DBG("hci%d", index); 2976 2977 memset(&cp, 0, sizeof(cp)); 2978 cp.type = 0x01; /* Active scanning */ 2979 /* The recommended value for scan interval and window is 11.25 msec. 2980 * It is calculated by: time = n * 0.625 msec */ 2981 cp.interval = htobs(0x0012); 2982 cp.window = htobs(0x0012); 2983 cp.own_bdaddr_type = 0; /* Public address */ 2984 cp.filter = 0; /* Accept all adv packets */ 2985 2986 if (hci_send_cmd(dev->sk, OGF_LE_CTL, OCF_LE_SET_SCAN_PARAMETERS, 2987 LE_SET_SCAN_PARAMETERS_CP_SIZE, &cp) < 0) 2988 return -errno; 2989 2990 err = le_set_scan_enable(index, 1); 2991 if (err < 0) 2992 return err; 2993 2994 /* Schedule a le scan disable in 'timeout' milliseconds */ 2995 dev->stop_scan_id = g_timeout_add(timeout, stop_le_scan_cb, dev); 2996 2997 return 0; 2998} 2999 3000static int hciops_stop_scanning(int index) 3001{ 3002 struct dev_info *dev = &devs[index]; 3003 3004 DBG("hci%d", index); 3005 3006 if (dev->stop_scan_id > 0) { 3007 g_source_remove(dev->stop_scan_id); 3008 dev->stop_scan_id = 0; 3009 } 3010 3011 return le_set_scan_enable(index, 0); 3012} 3013 3014static int hciops_resolve_name(int index, bdaddr_t *bdaddr) 3015{ 3016 struct dev_info *dev = &devs[index]; 3017 remote_name_req_cp cp; 3018 char addr[18]; 3019 3020 ba2str(bdaddr, addr); 3021 DBG("hci%d dba %s", index, addr); 3022 3023 memset(&cp, 0, sizeof(cp)); 3024 bacpy(&cp.bdaddr, bdaddr); 3025 cp.pscan_rep_mode = 0x02; 3026 3027 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_REMOTE_NAME_REQ, 3028 REMOTE_NAME_REQ_CP_SIZE, &cp) < 0) 3029 return -errno; 3030 3031 return 0; 3032} 3033 3034static int hciops_set_name(int index, const char *name) 3035{ 3036 struct dev_info *dev = &devs[index]; 3037 change_local_name_cp cp; 3038 3039 DBG("hci%d, name %s", index, name); 3040 3041 memset(&cp, 0, sizeof(cp)); 3042 strncpy((char *) cp.name, name, sizeof(cp.name)); 3043 3044 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_CHANGE_LOCAL_NAME, 3045 CHANGE_LOCAL_NAME_CP_SIZE, &cp) < 0) 3046 return -errno; 3047 3048 memcpy(dev->name, cp.name, 248); 3049 update_ext_inquiry_response(index); 3050 3051 return 0; 3052} 3053 3054static int hciops_cancel_resolve_name(int index, bdaddr_t *bdaddr) 3055{ 3056 struct dev_info *dev = &devs[index]; 3057 remote_name_req_cancel_cp cp; 3058 char addr[18]; 3059 3060 ba2str(bdaddr, addr); 3061 DBG("hci%d dba %s", index, addr); 3062 3063 memset(&cp, 0, sizeof(cp)); 3064 bacpy(&cp.bdaddr, bdaddr); 3065 3066 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_REMOTE_NAME_REQ_CANCEL, 3067 REMOTE_NAME_REQ_CANCEL_CP_SIZE, &cp) < 0) 3068 return -errno; 3069 3070 return 0; 3071} 3072 3073static int hciops_start_discovery(int index) 3074{ 3075 int adapter_type = get_adapter_type(index); 3076 3077 switch (adapter_type) { 3078 case BR_EDR_LE: 3079 return hciops_start_inquiry(index, LENGTH_BR_LE_INQ); 3080 case BR_EDR: 3081 return hciops_start_inquiry(index, LENGTH_BR_INQ); 3082 case LE_ONLY: 3083 return hciops_start_scanning(index, TIMEOUT_LE_SCAN); 3084 default: 3085 return -EINVAL; 3086 } 3087} 3088 3089static int hciops_stop_discovery(int index) 3090{ 3091 struct dev_info *dev = &devs[index]; 3092 3093 DBG("index %d", index); 3094 3095 switch (dev->discov_state) { 3096 case DISCOV_INQ: 3097 return hciops_stop_inquiry(index); 3098 case DISCOV_SCAN: 3099 return hciops_stop_scanning(index); 3100 default: 3101 return -EINVAL; 3102 } 3103} 3104 3105static int hciops_fast_connectable(int index, gboolean enable) 3106{ 3107 struct dev_info *dev = &devs[index]; 3108 write_page_activity_cp cp; 3109 uint8_t type; 3110 3111 DBG("hci%d enable %d", index, enable); 3112 3113 if (enable) { 3114 type = PAGE_SCAN_TYPE_INTERLACED; 3115 cp.interval = 0x0024; /* 22.5 msec page scan interval */ 3116 } else { 3117 type = PAGE_SCAN_TYPE_STANDARD; /* default */ 3118 cp.interval = 0x0800; /* default 1.28 sec page scan */ 3119 } 3120 3121 cp.window = 0x0012; /* default 11.25 msec page scan window */ 3122 3123 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_PAGE_ACTIVITY, 3124 WRITE_PAGE_ACTIVITY_CP_SIZE, &cp) < 0) 3125 return -errno; 3126 else if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 3127 OCF_WRITE_PAGE_SCAN_TYPE, 1, &type) < 0) 3128 return -errno; 3129 3130 return 0; 3131} 3132 3133static int hciops_read_clock(int index, bdaddr_t *bdaddr, int which, 3134 int timeout, uint32_t *clock, 3135 uint16_t *accuracy) 3136{ 3137 struct dev_info *dev = &devs[index]; 3138 uint16_t handle = 0; 3139 char addr[18]; 3140 int ret; 3141 3142 ba2str(bdaddr, addr); 3143 DBG("hci%d addr %s which %d timeout %d", index, addr, which, timeout); 3144 3145 ret = get_handle(index, bdaddr, &handle); 3146 if (ret < 0) 3147 return ret; 3148 3149 if (hci_read_clock(dev->sk, htobs(handle), which, clock, accuracy, 3150 timeout) < 0) 3151 return -errno; 3152 3153 return 0; 3154} 3155 3156static int hciops_read_bdaddr(int index, bdaddr_t *bdaddr) 3157{ 3158 struct dev_info *dev = &devs[index]; 3159 3160 DBG("hci%d", index); 3161 3162 bacpy(bdaddr, &dev->bdaddr); 3163 3164 return 0; 3165} 3166 3167static int hciops_block_device(int index, bdaddr_t *bdaddr) 3168{ 3169 struct dev_info *dev = &devs[index]; 3170 char addr[18]; 3171 3172 ba2str(bdaddr, addr); 3173 DBG("hci%d dba %s", index, addr); 3174 3175 if (ioctl(dev->sk, HCIBLOCKADDR, bdaddr) < 0) 3176 return -errno; 3177 3178 return 0; 3179} 3180 3181static int hciops_unblock_device(int index, bdaddr_t *bdaddr) 3182{ 3183 struct dev_info *dev = &devs[index]; 3184 char addr[18]; 3185 3186 ba2str(bdaddr, addr); 3187 DBG("hci%d dba %s", index, addr); 3188 3189 if (ioctl(dev->sk, HCIUNBLOCKADDR, bdaddr) < 0) 3190 return -errno; 3191 3192 return 0; 3193} 3194 3195static int hciops_get_conn_list(int index, GSList **conns) 3196{ 3197 struct dev_info *dev = &devs[index]; 3198 GSList *l; 3199 3200 DBG("hci%d", index); 3201 3202 *conns = NULL; 3203 3204 for (l = dev->connections; l != NULL; l = g_slist_next(l)) { 3205 struct bt_conn *conn = l->data; 3206 3207 *conns = g_slist_append(*conns, 3208 g_memdup(&conn->bdaddr, sizeof(bdaddr_t))); 3209 } 3210 3211 return 0; 3212} 3213 3214static int hciops_read_local_features(int index, uint8_t *features) 3215{ 3216 struct dev_info *dev = &devs[index]; 3217 3218 DBG("hci%d", index); 3219 3220 memcpy(features, dev->features, 8); 3221 3222 return 0; 3223} 3224 3225static int hciops_disconnect(int index, bdaddr_t *bdaddr) 3226{ 3227 DBG("hci%d", index); 3228 3229 return disconnect_addr(index, bdaddr, HCI_OE_USER_ENDED_CONNECTION); 3230} 3231 3232static int hciops_remove_bonding(int index, bdaddr_t *bdaddr) 3233{ 3234 struct dev_info *dev = &devs[index]; 3235 delete_stored_link_key_cp cp; 3236 GSList *match; 3237 char addr[18]; 3238 3239 ba2str(bdaddr, addr); 3240 DBG("hci%d dba %s", index, addr); 3241 3242 match = g_slist_find_custom(dev->keys, bdaddr, (GCompareFunc) bacmp); 3243 if (match) { 3244 g_free(match->data); 3245 dev->keys = g_slist_delete_link(dev->keys, match); 3246 } 3247 3248 memset(&cp, 0, sizeof(cp)); 3249 bacpy(&cp.bdaddr, bdaddr); 3250 3251 /* Delete the link key from the Bluetooth chip */ 3252 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_DELETE_STORED_LINK_KEY, 3253 DELETE_STORED_LINK_KEY_CP_SIZE, &cp) < 0) 3254 return -errno; 3255 3256 return 0; 3257} 3258 3259static int hciops_pincode_reply(int index, bdaddr_t *bdaddr, const char *pin, 3260 size_t pin_len) 3261{ 3262 struct dev_info *dev = &devs[index]; 3263 char addr[18]; 3264 int err; 3265 3266 ba2str(bdaddr, addr); 3267 DBG("hci%d dba %s", index, addr); 3268 3269 if (pin) { 3270 pin_code_reply_cp pr; 3271 3272 dev->pin_length = pin_len; 3273 3274 memset(&pr, 0, sizeof(pr)); 3275 bacpy(&pr.bdaddr, bdaddr); 3276 memcpy(pr.pin_code, pin, pin_len); 3277 pr.pin_len = pin_len; 3278 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 3279 OCF_PIN_CODE_REPLY, 3280 PIN_CODE_REPLY_CP_SIZE, &pr); 3281 } else 3282 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 3283 OCF_PIN_CODE_NEG_REPLY, 6, bdaddr); 3284 3285 if (err < 0) 3286 err = -errno; 3287 3288 return err; 3289} 3290 3291static int hciops_passkey_reply(int index, bdaddr_t *bdaddr, uint32_t passkey) 3292{ 3293 struct dev_info *dev = &devs[index]; 3294 char addr[18]; 3295 int err; 3296 3297 ba2str(bdaddr, addr); 3298 DBG("hci%d dba %s", index, addr); 3299 3300 if (passkey != INVALID_PASSKEY) { 3301 user_passkey_reply_cp cp; 3302 3303 memset(&cp, 0, sizeof(cp)); 3304 bacpy(&cp.bdaddr, bdaddr); 3305 cp.passkey = passkey; 3306 3307 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 3308 OCF_USER_PASSKEY_REPLY, 3309 USER_PASSKEY_REPLY_CP_SIZE, &cp); 3310 } else 3311 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 3312 OCF_USER_PASSKEY_NEG_REPLY, 6, bdaddr); 3313 3314 if (err < 0) 3315 err = -errno; 3316 3317 return err; 3318} 3319 3320static int hciops_enable_le(int index) 3321{ 3322 struct dev_info *dev = &devs[index]; 3323 write_le_host_supported_cp cp; 3324 3325 DBG("hci%d", index); 3326 3327 if (!(dev->features[4] & LMP_LE)) 3328 return -ENOTSUP; 3329 3330 cp.le = 0x01; 3331 cp.simul = (dev->features[6] & LMP_LE_BREDR) ? 0x01 : 0x00; 3332 3333 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 3334 OCF_WRITE_LE_HOST_SUPPORTED, 3335 WRITE_LE_HOST_SUPPORTED_CP_SIZE, &cp) < 0) 3336 return -errno; 3337 3338 return 0; 3339} 3340 3341static uint8_t generate_service_class(int index) 3342{ 3343 struct dev_info *dev = &devs[index]; 3344 GSList *l; 3345 uint8_t val = 0; 3346 3347 for (l = dev->uuids; l != NULL; l = g_slist_next(l)) { 3348 struct uuid_info *uuid = l->data; 3349 3350 val |= uuid->svc_hint; 3351 } 3352 3353 return val; 3354} 3355 3356static int update_service_classes(int index) 3357{ 3358 struct dev_info *dev = &devs[index]; 3359 uint8_t value; 3360 int err; 3361 3362 value = generate_service_class(index); 3363 3364 DBG("hci%d value %u", index, value); 3365 3366 /* Update only the service class, keep the limited bit, 3367 * major/minor class bits intact */ 3368 dev->wanted_cod &= 0x00ffff; 3369 dev->wanted_cod |= (value << 16); 3370 3371 /* If the cache is enabled or an existing CoD write is in progress 3372 * just bail out */ 3373 if (dev->cache_enable || dev->pending_cod) 3374 return 0; 3375 3376 /* If we already have the CoD we want, update EIR and return */ 3377 if (dev->current_cod == dev->wanted_cod) { 3378 update_ext_inquiry_response(index); 3379 return 0; 3380 } 3381 3382 DBG("Changing service classes to 0x%06x", dev->wanted_cod); 3383 3384 err = write_class(index, dev->wanted_cod); 3385 if (err < 0) 3386 error("Adapter class update failed: %s (%d)", 3387 strerror(-err), -err); 3388 3389 return err; 3390} 3391 3392static int hciops_add_uuid(int index, uuid_t *uuid, uint8_t svc_hint) 3393{ 3394 struct dev_info *dev = &devs[index]; 3395 struct uuid_info *info; 3396 3397 DBG("hci%d", index); 3398 3399 info = g_new0(struct uuid_info, 1); 3400 memcpy(&info->uuid, uuid, sizeof(*uuid)); 3401 info->svc_hint = svc_hint; 3402 3403 dev->uuids = g_slist_append(dev->uuids, info); 3404 3405 return update_service_classes(index); 3406} 3407 3408static int hciops_remove_uuid(int index, uuid_t *uuid) 3409{ 3410 struct dev_info *dev = &devs[index]; 3411 GSList *match; 3412 3413 match = g_slist_find_custom(dev->uuids, uuid, sdp_uuid_cmp); 3414 if (match) { 3415 g_free(match->data); 3416 dev->uuids = g_slist_delete_link(dev->uuids, match); 3417 } 3418 3419 DBG("hci%d", index); 3420 3421 return update_service_classes(index); 3422} 3423 3424static int hciops_disable_cod_cache(int index) 3425{ 3426 struct dev_info *dev = &devs[index]; 3427 3428 DBG("hci%d cache_enable %d", index, dev->cache_enable); 3429 3430 if (!dev->cache_enable) 3431 return 0; 3432 3433 DBG("hci%d current_cod 0x%06x wanted_cod 0x%06x", index, 3434 dev->current_cod, dev->wanted_cod); 3435 3436 /* Disable and flush svc cache. All successive service class 3437 * updates * will be written to the device */ 3438 dev->cache_enable = FALSE; 3439 3440 if (dev->current_cod == dev->wanted_cod) { 3441 update_ext_inquiry_response(index); 3442 return 0; 3443 } 3444 3445 return write_class(index, dev->wanted_cod); 3446} 3447 3448static int hciops_restore_powered(int index) 3449{ 3450 struct dev_info *dev = &devs[index]; 3451 3452 if (!dev->already_up && dev->up) 3453 return hciops_power_off(index); 3454 3455 return 0; 3456} 3457 3458static int hciops_load_keys(int index, GSList *keys, gboolean debug_keys) 3459{ 3460 struct dev_info *dev = &devs[index]; 3461 3462 DBG("hci%d keys %d debug_keys %d", index, g_slist_length(keys), 3463 debug_keys); 3464 3465 if (dev->keys != NULL) 3466 return -EEXIST; 3467 3468 dev->keys = keys; 3469 dev->debug_keys = debug_keys; 3470 3471 return 0; 3472} 3473 3474static int hciops_set_io_capability(int index, uint8_t io_capability) 3475{ 3476 struct dev_info *dev = &devs[index]; 3477 3478 dev->io_capability = io_capability; 3479 3480 return 0; 3481} 3482 3483static int request_authentication(int index, bdaddr_t *bdaddr) 3484{ 3485 struct dev_info *dev = &devs[index]; 3486 auth_requested_cp cp; 3487 uint16_t handle; 3488 int err; 3489 3490 DBG("hci%d", index); 3491 3492 err = get_handle(index, bdaddr, &handle); 3493 if (err < 0) 3494 return err; 3495 3496 memset(&cp, 0, sizeof(cp)); 3497 cp.handle = htobs(handle); 3498 3499 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_AUTH_REQUESTED, 3500 AUTH_REQUESTED_CP_SIZE, &cp) < 0) 3501 return -errno; 3502 3503 return 0; 3504} 3505 3506static void bonding_connect_cb(GIOChannel *io, GError *err, gpointer user_data) 3507{ 3508 struct bt_conn *conn = user_data; 3509 struct dev_info *dev = conn->dev; 3510 3511 if (!conn->io) { 3512 if (!err) 3513 g_io_channel_shutdown(io, TRUE, NULL); 3514 return; 3515 } 3516 3517 if (err) 3518 /* Wait proper error to be propagated by bonding complete */ 3519 return; 3520 3521 if (request_authentication(dev->id, &conn->bdaddr) < 0) 3522 goto failed; 3523 3524 return; 3525 3526failed: 3527 bonding_complete(dev, conn, HCI_UNSPECIFIED_ERROR); 3528} 3529 3530static int hciops_create_bonding(int index, bdaddr_t *bdaddr, uint8_t io_cap) 3531{ 3532 struct dev_info *dev = &devs[index]; 3533 BtIOSecLevel sec_level; 3534 struct bt_conn *conn; 3535 GError *err = NULL; 3536 3537 conn = get_connection(dev, bdaddr); 3538 3539 if (conn->io != NULL) 3540 return -EBUSY; 3541 3542 conn->loc_cap = io_cap; 3543 3544 /* If our IO capability is NoInputNoOutput use medium security 3545 * level (i.e. don't require MITM protection) else use high 3546 * security level */ 3547 if (io_cap == 0x03) 3548 sec_level = BT_IO_SEC_MEDIUM; 3549 else 3550 sec_level = BT_IO_SEC_HIGH; 3551 3552 conn->io = bt_io_connect(BT_IO_L2RAW, bonding_connect_cb, conn, 3553 NULL, &err, 3554 BT_IO_OPT_SOURCE_BDADDR, &dev->bdaddr, 3555 BT_IO_OPT_DEST_BDADDR, bdaddr, 3556 BT_IO_OPT_SEC_LEVEL, sec_level, 3557 BT_IO_OPT_INVALID); 3558 if (conn->io == NULL) { 3559 error("bt_io_connect: %s", err->message); 3560 g_error_free(err); 3561 return -EIO; 3562 } 3563 3564 conn->bonding_initiator = TRUE; 3565 3566 return 0; 3567} 3568 3569static int hciops_cancel_bonding(int index, bdaddr_t *bdaddr) 3570{ 3571 struct dev_info *dev = &devs[index]; 3572 struct bt_conn *conn; 3573 3574 DBG("hci%d", index); 3575 3576 conn = find_connection(dev, bdaddr); 3577 if (conn == NULL || conn->io == NULL) 3578 return -ENOTCONN; 3579 3580 g_io_channel_shutdown(conn->io, TRUE, NULL); 3581 g_io_channel_unref(conn->io); 3582 conn->io = NULL; 3583 3584 return 0; 3585} 3586 3587static int hciops_read_local_oob_data(int index) 3588{ 3589 struct dev_info *dev = &devs[index]; 3590 3591 DBG("hci%d", index); 3592 3593 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_READ_LOCAL_OOB_DATA, 0, 0) 3594 < 0) 3595 return -errno; 3596 3597 return 0; 3598} 3599 3600static int hciops_add_remote_oob_data(int index, bdaddr_t *bdaddr, 3601 uint8_t *hash, uint8_t *randomizer) 3602{ 3603 char addr[18]; 3604 struct dev_info *dev = &devs[index]; 3605 GSList *match; 3606 struct oob_data *data; 3607 3608 ba2str(bdaddr, addr); 3609 DBG("hci%d bdaddr %s", index, addr); 3610 3611 match = g_slist_find_custom(dev->oob_data, &bdaddr, oob_bdaddr_cmp); 3612 3613 if (match) { 3614 data = match->data; 3615 } else { 3616 data = g_new(struct oob_data, 1); 3617 bacpy(&data->bdaddr, bdaddr); 3618 dev->oob_data = g_slist_prepend(dev->oob_data, data); 3619 } 3620 3621 memcpy(data->hash, hash, sizeof(data->hash)); 3622 memcpy(data->randomizer, randomizer, sizeof(data->randomizer)); 3623 3624 return 0; 3625} 3626 3627static int hciops_remove_remote_oob_data(int index, bdaddr_t *bdaddr) 3628{ 3629 char addr[18]; 3630 struct dev_info *dev = &devs[index]; 3631 GSList *match; 3632 3633 ba2str(bdaddr, addr); 3634 DBG("hci%d bdaddr %s", index, addr); 3635 3636 match = g_slist_find_custom(dev->oob_data, &bdaddr, oob_bdaddr_cmp); 3637 3638 if (!match) 3639 return -ENOENT; 3640 3641 g_free(match->data); 3642 dev->oob_data = g_slist_delete_link(dev->oob_data, match); 3643 3644 return 0; 3645} 3646 3647static struct btd_adapter_ops hci_ops = { 3648 .setup = hciops_setup, 3649 .cleanup = hciops_cleanup, 3650 .set_powered = hciops_set_powered, 3651 .set_discoverable = hciops_set_discoverable, 3652 .set_pairable = hciops_set_pairable, 3653 .set_limited_discoverable = hciops_set_limited_discoverable, 3654 .start_discovery = hciops_start_discovery, 3655 .stop_discovery = hciops_stop_discovery, 3656 .resolve_name = hciops_resolve_name, 3657 .cancel_resolve_name = hciops_cancel_resolve_name, 3658 .set_name = hciops_set_name, 3659 .set_dev_class = hciops_set_dev_class, 3660 .set_fast_connectable = hciops_fast_connectable, 3661 .read_clock = hciops_read_clock, 3662 .read_bdaddr = hciops_read_bdaddr, 3663 .block_device = hciops_block_device, 3664 .unblock_device = hciops_unblock_device, 3665 .get_conn_list = hciops_get_conn_list, 3666 .read_local_features = hciops_read_local_features, 3667 .disconnect = hciops_disconnect, 3668 .remove_bonding = hciops_remove_bonding, 3669 .pincode_reply = hciops_pincode_reply, 3670 .confirm_reply = hciops_confirm_reply, 3671 .passkey_reply = hciops_passkey_reply, 3672 .enable_le = hciops_enable_le, 3673 .encrypt_link = hciops_encrypt_link, 3674 .set_did = hciops_set_did, 3675 .add_uuid = hciops_add_uuid, 3676 .remove_uuid = hciops_remove_uuid, 3677 .disable_cod_cache = hciops_disable_cod_cache, 3678 .restore_powered = hciops_restore_powered, 3679 .load_keys = hciops_load_keys, 3680 .set_io_capability = hciops_set_io_capability, 3681 .create_bonding = hciops_create_bonding, 3682 .cancel_bonding = hciops_cancel_bonding, 3683 .read_local_oob_data = hciops_read_local_oob_data, 3684 .add_remote_oob_data = hciops_add_remote_oob_data, 3685 .remove_remote_oob_data = hciops_remove_remote_oob_data, 3686}; 3687 3688static int hciops_init(void) 3689{ 3690 DBG(""); 3691 return btd_register_adapter_ops(&hci_ops, FALSE); 3692} 3693 3694static void hciops_exit(void) 3695{ 3696 DBG(""); 3697 btd_adapter_cleanup_ops(&hci_ops); 3698} 3699 3700BLUETOOTH_PLUGIN_DEFINE(hciops, VERSION, 3701 BLUETOOTH_PLUGIN_PRIORITY_LOW, hciops_init, hciops_exit) 3702