hciops.c revision 5c1c35eb38790bd068bfd37e0355aafb194f7812
1/* 2 * 3 * BlueZ - Bluetooth protocol stack for Linux 4 * 5 * Copyright (C) 2004-2010 Marcel Holtmann <marcel@holtmann.org> 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 20 * 21 */ 22 23#ifdef HAVE_CONFIG_H 24#include <config.h> 25#endif 26 27#include <stdio.h> 28#include <errno.h> 29#include <unistd.h> 30#include <stdlib.h> 31#include <sys/types.h> 32#include <sys/ioctl.h> 33#include <sys/wait.h> 34 35#include <bluetooth/bluetooth.h> 36#include <bluetooth/hci.h> 37#include <bluetooth/hci_lib.h> 38 39#include <glib.h> 40 41#include "hcid.h" 42#include "sdpd.h" 43#include "adapter.h" 44#include "plugin.h" 45#include "log.h" 46#include "storage.h" 47#include "event.h" 48#include "device.h" 49#include "manager.h" 50 51static int child_pipe[2] = { -1, -1 }; 52 53static guint child_io_id = 0; 54static guint ctl_io_id = 0; 55 56/* Commands sent by kernel on starting an adapter */ 57enum { 58 PENDING_BDADDR, 59 PENDING_VERSION, 60 PENDING_FEATURES, 61 PENDING_NAME, 62}; 63 64#define SK(index) devs[(index)].sk 65#define BDADDR(index) devs[(index)].bdaddr 66#define NAME(index) devs[(index)].name 67#define EIR(index) devs[(index)].eir 68#define FEATURES(index) devs[(index)].features 69#define SSP_MODE(index) devs[(index)].ssp_mode 70#define TX_POWER(index) devs[(index)].tx_power 71#define CURRENT_COD(index) devs[(index)].current_cod 72#define WANTED_COD(index) devs[(index)].wanted_cod 73#define PENDING_COD(index) devs[(index)].pending_cod 74#define CACHE_ENABLE(index) devs[(index)].cache_enable 75#define ALREADY_UP(index) devs[(index)].already_up 76#define REGISTERED(index) devs[(index)].registered 77#define VER(index) devs[(index)].ver 78#define DID_VENDOR(index) devs[(index)].did_vendor 79#define DID_PRODUCT(index) devs[(index)].did_product 80#define DID_VERSION(index) devs[(index)].did_version 81#define UP(index) devs[(index)].up 82#define PENDING(index) devs[(index)].pending 83#define CHANNEL(index) devs[(index)].channel 84#define WATCH_ID(index) devs[(index)].watch_id 85#define PIN_LENGTH(index) devs[(index)].pin_length 86 87static int max_dev = -1; 88static struct dev_info { 89 int sk; 90 bdaddr_t bdaddr; 91 char name[249]; 92 uint8_t eir[240]; 93 uint8_t features[8]; 94 uint8_t ssp_mode; 95 96 int8_t tx_power; 97 98 uint32_t current_cod; 99 uint32_t wanted_cod; 100 uint32_t pending_cod; 101 gboolean cache_enable; 102 gboolean already_up; 103 gboolean registered; 104 105 struct hci_version ver; 106 107 uint16_t did_vendor; 108 uint16_t did_product; 109 uint16_t did_version; 110 111 gboolean up; 112 unsigned long pending; 113 114 GIOChannel *channel; 115 guint watch_id; 116 int pin_length; 117} *devs = NULL; 118 119static int ignore_device(struct hci_dev_info *di) 120{ 121 return hci_test_bit(HCI_RAW, &di->flags) || di->type >> 4 != HCI_BREDR; 122} 123 124static void init_dev_info(int index, int sk, gboolean registered) 125{ 126 memset(&devs[index], 0, sizeof(struct dev_info)); 127 SK(index) = sk; 128 PIN_LENGTH(index) = -1; 129 CACHE_ENABLE(index) = TRUE; 130 REGISTERED(index) = registered; 131} 132 133/* Async HCI command handling with callback support */ 134 135struct hci_cmd_data { 136 bt_hci_result_t cb; 137 uint16_t handle; 138 uint16_t ocf; 139 gpointer caller_data; 140}; 141 142static gboolean hci_event_watch(GIOChannel *io, 143 GIOCondition cond, gpointer user_data) 144{ 145 unsigned char buf[HCI_MAX_EVENT_SIZE], *body; 146 struct hci_cmd_data *cmd = user_data; 147 evt_cmd_status *evt_status; 148 evt_auth_complete *evt_auth; 149 evt_encrypt_change *evt_enc; 150 hci_event_hdr *hdr; 151 set_conn_encrypt_cp cp; 152 int dd; 153 uint16_t ocf; 154 uint8_t status = HCI_OE_POWER_OFF; 155 156 if (cond & G_IO_NVAL) { 157 cmd->cb(status, cmd->caller_data); 158 return FALSE; 159 } 160 161 if (cond & (G_IO_ERR | G_IO_HUP)) 162 goto failed; 163 164 dd = g_io_channel_unix_get_fd(io); 165 166 if (read(dd, buf, sizeof(buf)) < 0) 167 goto failed; 168 169 hdr = (hci_event_hdr *) (buf + 1); 170 body = buf + (1 + HCI_EVENT_HDR_SIZE); 171 172 switch (hdr->evt) { 173 case EVT_CMD_STATUS: 174 evt_status = (evt_cmd_status *) body; 175 ocf = cmd_opcode_ocf(evt_status->opcode); 176 if (ocf != cmd->ocf) 177 return TRUE; 178 switch (ocf) { 179 case OCF_AUTH_REQUESTED: 180 case OCF_SET_CONN_ENCRYPT: 181 if (evt_status->status != 0) { 182 /* Baseband rejected command */ 183 status = evt_status->status; 184 goto failed; 185 } 186 break; 187 default: 188 return TRUE; 189 } 190 /* Wait for the next event */ 191 return TRUE; 192 case EVT_AUTH_COMPLETE: 193 evt_auth = (evt_auth_complete *) body; 194 if (evt_auth->handle != cmd->handle) { 195 /* Skipping */ 196 return TRUE; 197 } 198 199 if (evt_auth->status != 0x00) { 200 status = evt_auth->status; 201 /* Abort encryption */ 202 goto failed; 203 } 204 205 memset(&cp, 0, sizeof(cp)); 206 cp.handle = cmd->handle; 207 cp.encrypt = 1; 208 209 cmd->ocf = OCF_SET_CONN_ENCRYPT; 210 211 if (hci_send_cmd(dd, OGF_LINK_CTL, OCF_SET_CONN_ENCRYPT, 212 SET_CONN_ENCRYPT_CP_SIZE, &cp) < 0) { 213 status = HCI_COMMAND_DISALLOWED; 214 goto failed; 215 } 216 /* Wait for encrypt change event */ 217 return TRUE; 218 case EVT_ENCRYPT_CHANGE: 219 evt_enc = (evt_encrypt_change *) body; 220 if (evt_enc->handle != cmd->handle) 221 return TRUE; 222 223 /* Procedure finished: reporting status */ 224 status = evt_enc->status; 225 break; 226 default: 227 /* Skipping */ 228 return TRUE; 229 } 230 231failed: 232 cmd->cb(status, cmd->caller_data); 233 g_io_channel_shutdown(io, TRUE, NULL); 234 235 return FALSE; 236} 237 238static int write_inq_mode(int index, uint8_t mode) 239{ 240 write_inquiry_mode_cp cp; 241 242 memset(&cp, 0, sizeof(cp)); 243 cp.mode = mode; 244 245 if (hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_WRITE_INQUIRY_MODE, 246 WRITE_INQUIRY_MODE_CP_SIZE, &cp) < 0) 247 return -errno; 248 249 return 0; 250} 251 252static uint8_t get_inquiry_mode(int index) 253{ 254 if (FEATURES(index)[6] & LMP_EXT_INQ) 255 return 2; 256 257 if (FEATURES(index)[3] & LMP_RSSI_INQ) 258 return 1; 259 260 if (VER(index).manufacturer == 11 && VER(index).hci_rev == 0x00 && 261 VER(index).lmp_subver == 0x0757) 262 return 1; 263 264 if (VER(index).manufacturer == 15) { 265 if (VER(index).hci_rev == 0x03 && 266 VER(index).lmp_subver == 0x6963) 267 return 1; 268 if (VER(index).hci_rev == 0x09 && 269 VER(index).lmp_subver == 0x6963) 270 return 1; 271 if (VER(index).hci_rev == 0x00 && 272 VER(index).lmp_subver == 0x6965) 273 return 1; 274 } 275 276 if (VER(index).manufacturer == 31 && VER(index).hci_rev == 0x2005 && 277 VER(index).lmp_subver == 0x1805) 278 return 1; 279 280 return 0; 281} 282 283static int init_ssp_mode(int index) 284{ 285 write_simple_pairing_mode_cp cp; 286 287 if (ioctl(SK(index), HCIGETAUTHINFO, NULL) < 0 && errno == EINVAL) 288 return 0; 289 290 memset(&cp, 0, sizeof(cp)); 291 cp.mode = 0x01; 292 293 if (hci_send_cmd(SK(index), OGF_HOST_CTL, 294 OCF_WRITE_SIMPLE_PAIRING_MODE, 295 WRITE_SIMPLE_PAIRING_MODE_CP_SIZE, &cp) < 0) 296 return -errno; 297 298 return 0; 299} 300 301static int hciops_set_discoverable(int index, gboolean discoverable) 302{ 303 uint8_t mode; 304 305 if (discoverable) 306 mode = (SCAN_PAGE | SCAN_INQUIRY); 307 else 308 mode = SCAN_PAGE; 309 310 DBG("hci%d discoverable %d", index, discoverable); 311 312 if (hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE, 313 1, &mode) < 0) 314 return -errno; 315 316 return 0; 317} 318 319static int hciops_stop(int index) 320{ 321 int err = 0; 322 323 DBG("hci%d", index); 324 325 if (ioctl(SK(index), HCIDEVDOWN, index) == 0) 326 goto done; /* on success */ 327 328 if (errno != EALREADY) { 329 err = -errno; 330 error("Can't stop device hci%d: %s (%d)", 331 index, strerror(-err), -err); 332 } 333 334done: 335 return err; 336} 337 338static int hciops_set_pairable(int index, gboolean pairable) 339{ 340 DBG("hci%d pairable %d", index, pairable); 341 return -ENOSYS; 342} 343 344static void start_adapter(int index) 345{ 346 uint8_t events[8] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f, 0x00, 0x00 }; 347 uint8_t inqmode; 348 uint16_t link_policy; 349 350 if (VER(index).lmp_ver > 1) { 351 if (FEATURES(index)[5] & LMP_SNIFF_SUBR) 352 events[5] |= 0x20; 353 354 if (FEATURES(index)[5] & LMP_PAUSE_ENC) 355 events[5] |= 0x80; 356 357 if (FEATURES(index)[6] & LMP_EXT_INQ) 358 events[5] |= 0x40; 359 360 if (FEATURES(index)[6] & LMP_NFLUSH_PKTS) 361 events[7] |= 0x01; 362 363 if (FEATURES(index)[7] & LMP_LSTO) 364 events[6] |= 0x80; 365 366 if (FEATURES(index)[6] & LMP_SIMPLE_PAIR) { 367 events[6] |= 0x01; /* IO Capability Request */ 368 events[6] |= 0x02; /* IO Capability Response */ 369 events[6] |= 0x04; /* User Confirmation Request */ 370 events[6] |= 0x08; /* User Passkey Request */ 371 events[6] |= 0x10; /* Remote OOB Data Request */ 372 events[6] |= 0x20; /* Simple Pairing Complete */ 373 events[7] |= 0x04; /* User Passkey Notification */ 374 events[7] |= 0x08; /* Keypress Notification */ 375 events[7] |= 0x10; /* Remote Host Supported 376 * Features Notification */ 377 } 378 379 if (FEATURES(index)[4] & LMP_LE) 380 events[7] |= 0x20; /* LE Meta-Event */ 381 382 hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_SET_EVENT_MASK, 383 sizeof(events), events); 384 } 385 386 if (FEATURES(index)[6] & LMP_SIMPLE_PAIR) 387 init_ssp_mode(index); 388 389 inqmode = get_inquiry_mode(index); 390 if (inqmode) 391 write_inq_mode(index, inqmode); 392 393 if (FEATURES(index)[7] & LMP_INQ_TX_PWR) 394 hci_send_cmd(SK(index), OGF_HOST_CTL, 395 OCF_READ_INQ_RESPONSE_TX_POWER_LEVEL, 0, NULL); 396 397 /* Set default link policy */ 398 link_policy = main_opts.link_policy; 399 400 if (!(FEATURES(index)[0] & LMP_RSWITCH)) 401 link_policy &= ~HCI_LP_RSWITCH; 402 if (!(FEATURES(index)[0] & LMP_HOLD)) 403 link_policy &= ~HCI_LP_HOLD; 404 if (!(FEATURES(index)[0] & LMP_SNIFF)) 405 link_policy &= ~HCI_LP_SNIFF; 406 if (!(FEATURES(index)[1] & LMP_PARK)) 407 link_policy &= ~HCI_LP_PARK; 408 409 link_policy = htobs(link_policy); 410 hci_send_cmd(SK(index), OGF_LINK_POLICY, OCF_WRITE_DEFAULT_LINK_POLICY, 411 sizeof(link_policy), &link_policy); 412 413 CURRENT_COD(index) = 0; 414 memset(EIR(index), 0, sizeof(EIR(index))); 415} 416 417static gboolean init_adapter(int index) 418{ 419 struct btd_adapter *adapter = NULL; 420 gboolean existing_adapter = REGISTERED(index); 421 uint8_t mode, on_mode; 422 gboolean pairable, discoverable; 423 424 if (!REGISTERED(index)) { 425 adapter = btd_manager_register_adapter(index); 426 if (adapter) 427 REGISTERED(index) = TRUE; 428 } else { 429 adapter = manager_find_adapter(&BDADDR(index)); 430 /* FIXME: manager_find_adapter should return a new ref */ 431 btd_adapter_ref(adapter); 432 } 433 434 if (adapter == NULL) 435 return FALSE; 436 437 btd_adapter_get_state(adapter, &mode, &on_mode, &pairable); 438 439 if (existing_adapter) 440 mode = on_mode; 441 442 if (mode == MODE_OFF) { 443 hciops_stop(index); 444 goto done; 445 } 446 447 start_adapter(index); 448 btd_adapter_start(adapter); 449 450 discoverable = (mode == MODE_DISCOVERABLE); 451 452 hciops_set_discoverable(index, discoverable); 453 hciops_set_pairable(index, pairable); 454 455done: 456 btd_adapter_unref(adapter); 457 return TRUE; 458} 459 460static int hciops_encrypt_link(int index, bdaddr_t *dst, bt_hci_result_t cb, 461 gpointer user_data) 462{ 463 GIOChannel *io; 464 struct hci_cmd_data *cmd; 465 struct hci_conn_info_req *cr; 466 auth_requested_cp cp; 467 struct hci_filter nf; 468 int dd, err; 469 uint32_t link_mode; 470 uint16_t handle; 471 472 dd = hci_open_dev(index); 473 if (dd < 0) 474 return -errno; 475 476 cr = g_malloc0(sizeof(*cr) + sizeof(struct hci_conn_info)); 477 cr->type = ACL_LINK; 478 bacpy(&cr->bdaddr, dst); 479 480 err = ioctl(dd, HCIGETCONNINFO, cr); 481 link_mode = cr->conn_info->link_mode; 482 handle = cr->conn_info->handle; 483 g_free(cr); 484 485 if (err < 0) { 486 err = -errno; 487 goto fail; 488 } 489 490 if (link_mode & HCI_LM_ENCRYPT) { 491 err = -EALREADY; 492 goto fail; 493 } 494 495 memset(&cp, 0, sizeof(cp)); 496 cp.handle = htobs(handle); 497 498 if (hci_send_cmd(dd, OGF_LINK_CTL, OCF_AUTH_REQUESTED, 499 AUTH_REQUESTED_CP_SIZE, &cp) < 0) { 500 err = -errno; 501 goto fail; 502 } 503 504 cmd = g_new0(struct hci_cmd_data, 1); 505 cmd->handle = handle; 506 cmd->ocf = OCF_AUTH_REQUESTED; 507 cmd->cb = cb; 508 cmd->caller_data = user_data; 509 510 hci_filter_clear(&nf); 511 hci_filter_set_ptype(HCI_EVENT_PKT, &nf); 512 hci_filter_set_event(EVT_CMD_STATUS, &nf); 513 hci_filter_set_event(EVT_AUTH_COMPLETE, &nf); 514 hci_filter_set_event(EVT_ENCRYPT_CHANGE, &nf); 515 516 if (setsockopt(dd, SOL_HCI, HCI_FILTER, &nf, sizeof(nf)) < 0) { 517 err = -errno; 518 g_free(cmd); 519 goto fail; 520 } 521 522 io = g_io_channel_unix_new(dd); 523 g_io_channel_set_close_on_unref(io, FALSE); 524 g_io_add_watch_full(io, G_PRIORITY_DEFAULT, 525 G_IO_HUP | G_IO_ERR | G_IO_NVAL | G_IO_IN, 526 hci_event_watch, cmd, g_free); 527 g_io_channel_unref(io); 528 529 return 0; 530 531fail: 532 close(dd); 533 return err; 534} 535 536static int hciops_set_did(int index, uint16_t vendor, uint16_t product, 537 uint16_t version) 538{ 539 DID_VENDOR(index) = vendor; 540 DID_PRODUCT(index) = product; 541 DID_VERSION(index) = version; 542 543 return 0; 544} 545 546/* End async HCI command handling */ 547 548/* Start of HCI event callbacks */ 549 550static int get_handle(int index, bdaddr_t *dba, uint16_t *handle) 551{ 552 struct hci_conn_list_req *cl; 553 struct hci_conn_info *ci; 554 int i; 555 556 cl = g_malloc0(10 * sizeof(*ci) + sizeof(*cl)); 557 558 cl->dev_id = index; 559 cl->conn_num = 10; 560 ci = cl->conn_info; 561 562 if (ioctl(SK(index), HCIGETCONNLIST, (void *) cl) < 0) { 563 g_free(cl); 564 return -EIO; 565 } 566 567 for (i = 0; i < cl->conn_num; i++, ci++) { 568 if (bacmp(&ci->bdaddr, dba) == 0) { 569 *handle = ci->handle; 570 g_free(cl); 571 return 0; 572 } 573 } 574 575 g_free(cl); 576 577 return -ENOENT; 578} 579 580static inline int get_bdaddr(int index, uint16_t handle, bdaddr_t *dba) 581{ 582 struct hci_conn_list_req *cl; 583 struct hci_conn_info *ci; 584 int i; 585 586 cl = g_malloc0(10 * sizeof(*ci) + sizeof(*cl)); 587 588 cl->dev_id = index; 589 cl->conn_num = 10; 590 ci = cl->conn_info; 591 592 if (ioctl(SK(index), HCIGETCONNLIST, (void *) cl) < 0) { 593 g_free(cl); 594 return -EIO; 595 } 596 597 for (i = 0; i < cl->conn_num; i++, ci++) 598 if (ci->handle == handle) { 599 bacpy(dba, &ci->bdaddr); 600 g_free(cl); 601 return 0; 602 } 603 604 g_free(cl); 605 606 return -ENOENT; 607} 608 609static inline void update_lastseen(bdaddr_t *sba, bdaddr_t *dba) 610{ 611 time_t t; 612 struct tm *tm; 613 614 t = time(NULL); 615 tm = gmtime(&t); 616 617 write_lastseen_info(sba, dba, tm); 618} 619 620static inline void update_lastused(bdaddr_t *sba, bdaddr_t *dba) 621{ 622 time_t t; 623 struct tm *tm; 624 625 t = time(NULL); 626 tm = gmtime(&t); 627 628 write_lastused_info(sba, dba, tm); 629} 630 631/* Link Key handling */ 632 633static void link_key_request(int index, bdaddr_t *dba) 634{ 635 struct btd_adapter *adapter; 636 struct btd_device *device; 637 struct hci_auth_info_req req; 638 unsigned char key[16]; 639 char da[18]; 640 uint8_t type; 641 int err; 642 643 ba2str(dba, da); 644 DBG("hci%d dba %s", index, da); 645 646 adapter = manager_find_adapter(&BDADDR(index)); 647 if (adapter) 648 device = adapter_find_device(adapter, da); 649 else 650 device = NULL; 651 652 memset(&req, 0, sizeof(req)); 653 bacpy(&req.bdaddr, dba); 654 655 err = ioctl(SK(index), HCIGETAUTHINFO, (unsigned long) &req); 656 if (err < 0) { 657 if (errno != EINVAL) 658 DBG("HCIGETAUTHINFO failed %s (%d)", 659 strerror(errno), errno); 660 req.type = 0x00; 661 } 662 663 DBG("kernel auth requirements = 0x%02x", req.type); 664 665 if (main_opts.debug_keys && device && 666 device_get_debug_key(device, key)) 667 type = 0x03; 668 else if (read_link_key(&BDADDR(index), dba, key, &type) < 0 || 669 type == 0x03) { 670 /* Link key not found */ 671 hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_LINK_KEY_NEG_REPLY, 672 6, dba); 673 return; 674 } 675 676 /* Link key found */ 677 678 DBG("link key type 0x%02x", type); 679 680 /* Don't use unauthenticated combination keys if MITM is 681 * required */ 682 if (type == 0x04 && req.type != 0xff && (req.type & 0x01)) 683 hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_LINK_KEY_NEG_REPLY, 684 6, dba); 685 else { 686 link_key_reply_cp lr; 687 688 memcpy(lr.link_key, key, 16); 689 bacpy(&lr.bdaddr, dba); 690 691 hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_LINK_KEY_REPLY, 692 LINK_KEY_REPLY_CP_SIZE, &lr); 693 } 694} 695 696static void link_key_notify(int index, void *ptr) 697{ 698 evt_link_key_notify *evt = ptr; 699 bdaddr_t *dba = &evt->bdaddr; 700 char da[18]; 701 int err; 702 unsigned char old_key[16]; 703 uint8_t old_key_type; 704 705 ba2str(dba, da); 706 DBG("hci%d dba %s type %d", index, da, evt->key_type); 707 708 err = read_link_key(&BDADDR(index), dba, old_key, &old_key_type); 709 if (err < 0) 710 old_key_type = 0xff; 711 712 err = btd_event_link_key_notify(&BDADDR(index), dba, evt->link_key, 713 evt->key_type, PIN_LENGTH(index), 714 old_key_type); 715 PIN_LENGTH(index) = -1; 716 717 if (err < 0) { 718 uint16_t handle; 719 720 if (err == -ENODEV) 721 btd_event_bonding_process_complete(&BDADDR(index), dba, 722 HCI_OE_LOW_RESOURCES); 723 else 724 btd_event_bonding_process_complete(&BDADDR(index), dba, 725 HCI_MEMORY_FULL); 726 727 if (get_handle(index, dba, &handle) == 0) { 728 disconnect_cp cp; 729 730 memset(&cp, 0, sizeof(cp)); 731 cp.handle = htobs(handle); 732 cp.reason = HCI_OE_LOW_RESOURCES; 733 734 hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_DISCONNECT, 735 DISCONNECT_CP_SIZE, &cp); 736 } 737 } 738} 739 740static void return_link_keys(int index, void *ptr) 741{ 742 evt_return_link_keys *evt = ptr; 743 uint8_t num = evt->num_keys; 744 unsigned char key[16]; 745 char da[18]; 746 bdaddr_t dba; 747 int i; 748 749 DBG("hci%d num_keys %u", index, num); 750 751 ptr++; 752 753 for (i = 0; i < num; i++) { 754 bacpy(&dba, ptr); ba2str(&dba, da); 755 memcpy(key, ptr + 6, 16); 756 757 DBG("hci%d returned key for %s", index, da); 758 759 btd_event_returned_link_key(&BDADDR(index), &dba); 760 761 ptr += 22; 762 } 763} 764 765/* Simple Pairing handling */ 766 767static void user_confirm_request(int index, void *ptr) 768{ 769 evt_user_confirm_request *req = ptr; 770 771 DBG("hci%d", index); 772 773 if (btd_event_user_confirm(&BDADDR(index), &req->bdaddr, 774 btohl(req->passkey)) < 0) 775 hci_send_cmd(SK(index), OGF_LINK_CTL, 776 OCF_USER_CONFIRM_NEG_REPLY, 6, ptr); 777} 778 779static void user_passkey_request(int index, void *ptr) 780{ 781 evt_user_passkey_request *req = ptr; 782 783 DBG("hci%d", index); 784 785 if (btd_event_user_passkey(&BDADDR(index), &req->bdaddr) < 0) 786 hci_send_cmd(SK(index), OGF_LINK_CTL, 787 OCF_USER_PASSKEY_NEG_REPLY, 6, ptr); 788} 789 790static void user_passkey_notify(int index, void *ptr) 791{ 792 evt_user_passkey_notify *req = ptr; 793 794 DBG("hci%d", index); 795 796 btd_event_user_notify(&BDADDR(index), &req->bdaddr, 797 btohl(req->passkey)); 798} 799 800static void remote_oob_data_request(int index, void *ptr) 801{ 802 DBG("hci%d", index); 803 hci_send_cmd(SK(index), OGF_LINK_CTL, 804 OCF_REMOTE_OOB_DATA_NEG_REPLY, 6, ptr); 805} 806 807static void io_capa_request(int index, void *ptr) 808{ 809 bdaddr_t *dba = ptr; 810 char da[18]; 811 uint8_t cap, auth; 812 813 ba2str(dba, da); 814 DBG("hci%d IO capability request for %s", index, da); 815 816 if (btd_event_get_io_cap(&BDADDR(index), dba, &cap, &auth) < 0) { 817 io_capability_neg_reply_cp cp; 818 memset(&cp, 0, sizeof(cp)); 819 bacpy(&cp.bdaddr, dba); 820 cp.reason = HCI_PAIRING_NOT_ALLOWED; 821 hci_send_cmd(SK(index), OGF_LINK_CTL, 822 OCF_IO_CAPABILITY_NEG_REPLY, 823 IO_CAPABILITY_NEG_REPLY_CP_SIZE, &cp); 824 } else { 825 io_capability_reply_cp cp; 826 memset(&cp, 0, sizeof(cp)); 827 bacpy(&cp.bdaddr, dba); 828 cp.capability = cap; 829 cp.oob_data = 0x00; 830 cp.authentication = auth; 831 hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_IO_CAPABILITY_REPLY, 832 IO_CAPABILITY_REPLY_CP_SIZE, &cp); 833 } 834} 835 836static void io_capa_response(int index, void *ptr) 837{ 838 evt_io_capability_response *evt = ptr; 839 char da[18]; 840 841 ba2str(&evt->bdaddr, da); 842 DBG("hci%d IO capability response from %s", index, da); 843 844 btd_event_set_io_cap(&BDADDR(index), &evt->bdaddr, 845 evt->capability, evt->authentication); 846} 847 848/* PIN code handling */ 849 850static void pin_code_request(int index, bdaddr_t *dba) 851{ 852 pin_code_reply_cp pr; 853 struct hci_conn_info_req *cr; 854 struct hci_conn_info *ci; 855 char da[18], pin[17]; 856 int pinlen; 857 858 memset(&pr, 0, sizeof(pr)); 859 bacpy(&pr.bdaddr, dba); 860 861 ba2str(dba, da); 862 DBG("hci%d PIN request for %s", index, da); 863 864 cr = g_malloc0(sizeof(*cr) + sizeof(*ci)); 865 866 bacpy(&cr->bdaddr, dba); 867 cr->type = ACL_LINK; 868 if (ioctl(SK(index), HCIGETCONNINFO, (unsigned long) cr) < 0) { 869 error("Can't get conn info: %s (%d)", strerror(errno), errno); 870 goto reject; 871 } 872 ci = cr->conn_info; 873 874 memset(pin, 0, sizeof(pin)); 875 pinlen = read_pin_code(&BDADDR(index), dba, pin); 876 877 if (pinlen > 0) { 878 PIN_LENGTH(index) = pinlen; 879 memcpy(pr.pin_code, pin, pinlen); 880 pr.pin_len = pinlen; 881 hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_PIN_CODE_REPLY, 882 PIN_CODE_REPLY_CP_SIZE, &pr); 883 } else { 884 /* Request PIN from passkey agent */ 885 if (btd_event_request_pin(&BDADDR(index), ci) < 0) 886 goto reject; 887 } 888 889 g_free(cr); 890 891 return; 892 893reject: 894 g_free(cr); 895 896 hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_PIN_CODE_NEG_REPLY, 6, dba); 897} 898 899static void start_inquiry(bdaddr_t *local, uint8_t status, gboolean periodic) 900{ 901 struct btd_adapter *adapter; 902 int state; 903 904 /* Don't send the signal if the cmd failed */ 905 if (status) { 906 error("Inquiry Failed with status 0x%02x", status); 907 return; 908 } 909 910 adapter = manager_find_adapter(local); 911 if (!adapter) { 912 error("Unable to find matching adapter"); 913 return; 914 } 915 916 state = adapter_get_state(adapter); 917 918 if (periodic) 919 state |= STATE_PINQ; 920 else 921 state |= STATE_STDINQ; 922 923 adapter_set_state(adapter, state); 924} 925 926static void inquiry_complete(bdaddr_t *local, uint8_t status, 927 gboolean periodic) 928{ 929 struct btd_adapter *adapter; 930 int state; 931 932 /* Don't send the signal if the cmd failed */ 933 if (status) { 934 error("Inquiry Failed with status 0x%02x", status); 935 return; 936 } 937 938 adapter = manager_find_adapter(local); 939 if (!adapter) { 940 error("Unable to find matching adapter"); 941 return; 942 } 943 944 state = adapter_get_state(adapter); 945 state &= ~(STATE_STDINQ | STATE_PINQ); 946 adapter_set_state(adapter, state); 947} 948 949static inline void remote_features_notify(int index, void *ptr) 950{ 951 evt_remote_host_features_notify *evt = ptr; 952 953 if (evt->features[0] & 0x01) 954 btd_event_set_legacy_pairing(&BDADDR(index), &evt->bdaddr, 955 FALSE); 956 else 957 btd_event_set_legacy_pairing(&BDADDR(index), &evt->bdaddr, 958 TRUE); 959 960 write_features_info(&BDADDR(index), &evt->bdaddr, NULL, evt->features); 961} 962 963static void write_le_host_complete(bdaddr_t *sba, uint8_t status) 964{ 965 struct btd_adapter *adapter; 966 967 if (status) 968 return; 969 970 adapter = manager_find_adapter(sba); 971 if (!adapter) { 972 error("No matching adapter found"); 973 return; 974 } 975 976 btd_adapter_read_local_ext_features(adapter); 977} 978 979static void read_local_version_complete(int index, 980 const read_local_version_rp *rp) 981{ 982 if (rp->status) 983 return; 984 985 VER(index).manufacturer = btohs(bt_get_unaligned(&rp->manufacturer)); 986 VER(index).hci_ver = rp->hci_ver; 987 VER(index).hci_rev = btohs(bt_get_unaligned(&rp->hci_rev)); 988 VER(index).lmp_ver = rp->lmp_ver; 989 VER(index).lmp_subver = btohs(bt_get_unaligned(&rp->lmp_subver)); 990 991 if (!PENDING(index)) 992 return; 993 994 hci_clear_bit(PENDING_VERSION, &PENDING(index)); 995 996 DBG("Got version for hci%d", index); 997 998 if (!PENDING(index) && UP(index)) 999 init_adapter(index); 1000} 1001 1002static void read_local_features_complete(int index, 1003 const read_local_features_rp *rp) 1004{ 1005 if (rp->status) 1006 return; 1007 1008 memcpy(FEATURES(index), rp->features, 8); 1009 1010 if (!PENDING(index)) 1011 return; 1012 1013 hci_clear_bit(PENDING_FEATURES, &PENDING(index)); 1014 1015 DBG("Got features for hci%d", index); 1016 1017 if (!PENDING(index) && UP(index)) 1018 init_adapter(index); 1019} 1020 1021#define SIZEOF_UUID128 16 1022 1023static void eir_generate_uuid128(sdp_list_t *list, 1024 uint8_t *ptr, uint16_t *eir_len) 1025{ 1026 int i, k, uuid_count = 0; 1027 uint16_t len = *eir_len; 1028 uint8_t *uuid128; 1029 gboolean truncated = FALSE; 1030 1031 /* Store UUIDs in place, skip 2 bytes to write type and length later */ 1032 uuid128 = ptr + 2; 1033 1034 for (; list; list = list->next) { 1035 sdp_record_t *rec = list->data; 1036 uint8_t *uuid128_data = rec->svclass.value.uuid128.data; 1037 1038 if (rec->svclass.type != SDP_UUID128) 1039 continue; 1040 1041 /* Stop if not enough space to put next UUID128 */ 1042 if ((len + 2 + SIZEOF_UUID128) > EIR_DATA_LENGTH) { 1043 truncated = TRUE; 1044 break; 1045 } 1046 1047 /* Check for duplicates, EIR data is Little Endian */ 1048 for (i = 0; i < uuid_count; i++) { 1049 for (k = 0; k < SIZEOF_UUID128; k++) { 1050 if (uuid128[i * SIZEOF_UUID128 + k] != 1051 uuid128_data[SIZEOF_UUID128 - 1 - k]) 1052 break; 1053 } 1054 if (k == SIZEOF_UUID128) 1055 break; 1056 } 1057 1058 if (i < uuid_count) 1059 continue; 1060 1061 /* EIR data is Little Endian */ 1062 for (k = 0; k < SIZEOF_UUID128; k++) 1063 uuid128[uuid_count * SIZEOF_UUID128 + k] = 1064 uuid128_data[SIZEOF_UUID128 - 1 - k]; 1065 1066 len += SIZEOF_UUID128; 1067 uuid_count++; 1068 } 1069 1070 if (uuid_count > 0 || truncated) { 1071 /* EIR Data length */ 1072 ptr[0] = (uuid_count * SIZEOF_UUID128) + 1; 1073 /* EIR Data type */ 1074 ptr[1] = truncated ? EIR_UUID128_SOME : EIR_UUID128_ALL; 1075 len += 2; 1076 *eir_len = len; 1077 } 1078} 1079 1080static void create_ext_inquiry_response(int index, uint8_t *data) 1081{ 1082 sdp_list_t *services; 1083 sdp_list_t *list; 1084 uint8_t *ptr = data; 1085 uint16_t eir_len = 0; 1086 uint16_t uuid16[EIR_DATA_LENGTH / 2]; 1087 int i, uuid_count = 0; 1088 gboolean truncated = FALSE; 1089 struct btd_adapter *adapter; 1090 size_t name_len; 1091 1092 name_len = strlen(NAME(index)); 1093 1094 if (name_len > 0) { 1095 /* EIR Data type */ 1096 if (name_len > 48) { 1097 name_len = 48; 1098 ptr[1] = EIR_NAME_SHORT; 1099 } else 1100 ptr[1] = EIR_NAME_COMPLETE; 1101 1102 /* EIR Data length */ 1103 ptr[0] = name_len + 1; 1104 1105 memcpy(ptr + 2, NAME(index), name_len); 1106 1107 eir_len += (name_len + 2); 1108 ptr += (name_len + 2); 1109 } 1110 1111 if (TX_POWER(index) != 0) { 1112 *ptr++ = 2; 1113 *ptr++ = EIR_TX_POWER; 1114 *ptr++ = (uint8_t) TX_POWER(index); 1115 eir_len += 3; 1116 } 1117 1118 if (DID_VENDOR(index) != 0x0000) { 1119 uint16_t source = 0x0002; 1120 *ptr++ = 9; 1121 *ptr++ = EIR_DEVICE_ID; 1122 *ptr++ = (source & 0x00ff); 1123 *ptr++ = (source & 0xff00) >> 8; 1124 *ptr++ = (DID_VENDOR(index) & 0x00ff); 1125 *ptr++ = (DID_VENDOR(index) & 0xff00) >> 8; 1126 *ptr++ = (DID_PRODUCT(index) & 0x00ff); 1127 *ptr++ = (DID_PRODUCT(index) & 0xff00) >> 8; 1128 *ptr++ = (DID_VERSION(index) & 0x00ff); 1129 *ptr++ = (DID_VERSION(index) & 0xff00) >> 8; 1130 eir_len += 10; 1131 } 1132 1133 adapter = manager_find_adapter(&BDADDR(index)); 1134 if (adapter == NULL) 1135 return; 1136 1137 services = adapter_get_services(adapter); 1138 1139 /* Group all UUID16 types */ 1140 for (list = services; list; list = list->next) { 1141 sdp_record_t *rec = list->data; 1142 1143 if (rec->svclass.type != SDP_UUID16) 1144 continue; 1145 1146 if (rec->svclass.value.uuid16 < 0x1100) 1147 continue; 1148 1149 if (rec->svclass.value.uuid16 == PNP_INFO_SVCLASS_ID) 1150 continue; 1151 1152 /* Stop if not enough space to put next UUID16 */ 1153 if ((eir_len + 2 + sizeof(uint16_t)) > EIR_DATA_LENGTH) { 1154 truncated = TRUE; 1155 break; 1156 } 1157 1158 /* Check for duplicates */ 1159 for (i = 0; i < uuid_count; i++) 1160 if (uuid16[i] == rec->svclass.value.uuid16) 1161 break; 1162 1163 if (i < uuid_count) 1164 continue; 1165 1166 uuid16[uuid_count++] = rec->svclass.value.uuid16; 1167 eir_len += sizeof(uint16_t); 1168 } 1169 1170 if (uuid_count > 0) { 1171 /* EIR Data length */ 1172 ptr[0] = (uuid_count * sizeof(uint16_t)) + 1; 1173 /* EIR Data type */ 1174 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL; 1175 1176 ptr += 2; 1177 eir_len += 2; 1178 1179 for (i = 0; i < uuid_count; i++) { 1180 *ptr++ = (uuid16[i] & 0x00ff); 1181 *ptr++ = (uuid16[i] & 0xff00) >> 8; 1182 } 1183 } 1184 1185 /* Group all UUID128 types */ 1186 if (eir_len <= EIR_DATA_LENGTH - 2) 1187 eir_generate_uuid128(services, ptr, &eir_len); 1188} 1189 1190static void update_ext_inquiry_response(int index) 1191{ 1192 write_ext_inquiry_response_cp cp; 1193 1194 DBG("hci%d", index); 1195 1196 if (!(FEATURES(index)[6] & LMP_EXT_INQ)) 1197 return; 1198 1199 if (SSP_MODE(index) == 0) 1200 return; 1201 1202 if (CACHE_ENABLE(index)) 1203 return; 1204 1205 memset(&cp, 0, sizeof(cp)); 1206 1207 create_ext_inquiry_response(index, cp.data); 1208 1209 if (memcmp(cp.data, EIR(index), sizeof(cp.data)) == 0) 1210 return; 1211 1212 memcpy(EIR(index), cp.data, sizeof(cp.data)); 1213 1214 if (hci_send_cmd(SK(index), OGF_HOST_CTL, 1215 OCF_WRITE_EXT_INQUIRY_RESPONSE, 1216 WRITE_EXT_INQUIRY_RESPONSE_CP_SIZE, &cp) < 0) 1217 error("Unable to write EIR data: %s (%d)", 1218 strerror(errno), errno); 1219} 1220 1221static void update_name(int index, const char *name) 1222{ 1223 struct btd_adapter *adapter; 1224 1225 adapter = manager_find_adapter(&BDADDR(index)); 1226 if (adapter) 1227 adapter_update_local_name(adapter, name); 1228 1229 update_ext_inquiry_response(index); 1230} 1231 1232static void read_local_name_complete(int index, read_local_name_rp *rp) 1233{ 1234 DBG("hci%d status %u", index, rp->status); 1235 1236 if (rp->status) 1237 return; 1238 1239 memcpy(NAME(index), rp->name, 248); 1240 1241 if (!PENDING(index)) { 1242 update_name(index, (char *) rp->name); 1243 return; 1244 } 1245 1246 hci_clear_bit(PENDING_NAME, &PENDING(index)); 1247 1248 DBG("Got name for hci%d", index); 1249 1250 if (!UP(index)) 1251 return; 1252 1253 /* Even though it shouldn't happen (assuming the kernel behaves 1254 * properly) it seems like we might miss the very first 1255 * initialization commands that the kernel sends. So check for 1256 * it here (since read_local_name is one of the last init 1257 * commands) and resend the first ones if we haven't seen 1258 * their results yet */ 1259 1260 if (hci_test_bit(PENDING_FEATURES, &PENDING(index))) 1261 hci_send_cmd(SK(index), OGF_INFO_PARAM, 1262 OCF_READ_LOCAL_FEATURES, 0, NULL); 1263 1264 if (hci_test_bit(PENDING_VERSION, &PENDING(index))) 1265 hci_send_cmd(SK(index), OGF_INFO_PARAM, 1266 OCF_READ_LOCAL_VERSION, 0, NULL); 1267 1268 if (!PENDING(index)) 1269 init_adapter(index); 1270} 1271 1272static void read_tx_power_complete(int index, void *ptr) 1273{ 1274 read_inq_response_tx_power_level_rp *rp = ptr; 1275 1276 DBG("hci%d status %u", index, rp->status); 1277 1278 if (rp->status) 1279 return; 1280 1281 TX_POWER(index) = rp->level; 1282 update_ext_inquiry_response(index); 1283} 1284 1285static void read_simple_pairing_mode_complete(int index, void *ptr) 1286{ 1287 read_simple_pairing_mode_rp *rp = ptr; 1288 struct btd_adapter *adapter; 1289 1290 DBG("hci%d status %u", index, rp->status); 1291 1292 if (rp->status) 1293 return; 1294 1295 SSP_MODE(index) = rp->mode; 1296 update_ext_inquiry_response(index); 1297 1298 adapter = manager_find_adapter(&BDADDR(index)); 1299 if (!adapter) { 1300 error("No matching adapter found"); 1301 return; 1302 } 1303 1304 adapter_update_ssp_mode(adapter, rp->mode); 1305} 1306 1307static void read_local_ext_features_complete(int index, 1308 const read_local_ext_features_rp *rp) 1309{ 1310 struct btd_adapter *adapter; 1311 1312 DBG("hci%d status %u", index, rp->status); 1313 1314 if (rp->status) 1315 return; 1316 1317 adapter = manager_find_adapter(&BDADDR(index)); 1318 if (!adapter) { 1319 error("No matching adapter found"); 1320 return; 1321 } 1322 1323 /* Local Extended feature page number is 1 */ 1324 if (rp->page_num != 1) 1325 return; 1326 1327 btd_adapter_update_local_ext_features(adapter, rp->features); 1328} 1329 1330static void read_bd_addr_complete(int index, read_bd_addr_rp *rp) 1331{ 1332 DBG("hci%d status %u", index, rp->status); 1333 1334 if (rp->status) 1335 return; 1336 1337 bacpy(&BDADDR(index), &rp->bdaddr); 1338 1339 if (!PENDING(index)) 1340 return; 1341 1342 hci_clear_bit(PENDING_BDADDR, &PENDING(index)); 1343 1344 DBG("Got bdaddr for hci%d", index); 1345 1346 if (!PENDING(index) && UP(index)) 1347 init_adapter(index); 1348} 1349 1350static inline void cmd_status(int index, void *ptr) 1351{ 1352 evt_cmd_status *evt = ptr; 1353 uint16_t opcode = btohs(evt->opcode); 1354 1355 if (opcode == cmd_opcode_pack(OGF_LINK_CTL, OCF_INQUIRY)) 1356 start_inquiry(&BDADDR(index), evt->status, FALSE); 1357} 1358 1359static void read_scan_complete(int index, uint8_t status, void *ptr) 1360{ 1361 struct btd_adapter *adapter; 1362 read_scan_enable_rp *rp = ptr; 1363 1364 DBG("hci%d status %u", index, status); 1365 1366 adapter = manager_find_adapter(&BDADDR(index)); 1367 1368 if (!adapter) { 1369 error("Unable to find matching adapter"); 1370 return; 1371 } 1372 1373 adapter_mode_changed(adapter, rp->enable); 1374} 1375 1376static int write_class(int index, uint32_t class) 1377{ 1378 write_class_of_dev_cp cp; 1379 1380 DBG("hci%d class 0x%06x", index, class); 1381 1382 memcpy(cp.dev_class, &class, 3); 1383 1384 if (hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_WRITE_CLASS_OF_DEV, 1385 WRITE_CLASS_OF_DEV_CP_SIZE, &cp) < 0) 1386 return -errno; 1387 1388 PENDING_COD(index) = class; 1389 1390 return 0; 1391} 1392 1393/* Limited Discoverable bit mask in CoD */ 1394#define LIMITED_BIT 0x002000 1395 1396static int hciops_set_limited_discoverable(int index, gboolean limited) 1397{ 1398 int num = (limited ? 2 : 1); 1399 uint8_t lap[] = { 0x33, 0x8b, 0x9e, 0x00, 0x8b, 0x9e }; 1400 write_current_iac_lap_cp cp; 1401 1402 DBG("hci%d limited %d", index, limited); 1403 1404 /* Check if limited bit needs to be set/reset */ 1405 if (limited) 1406 WANTED_COD(index) |= LIMITED_BIT; 1407 else 1408 WANTED_COD(index) &= ~LIMITED_BIT; 1409 1410 /* If we dont need the toggling, save an unnecessary CoD write */ 1411 if (PENDING_COD(index) || WANTED_COD(index) == CURRENT_COD(index)) 1412 return 0; 1413 1414 /* 1415 * 1: giac 1416 * 2: giac + liac 1417 */ 1418 memset(&cp, 0, sizeof(cp)); 1419 cp.num_current_iac = num; 1420 memcpy(&cp.lap, lap, num * 3); 1421 1422 if (hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_WRITE_CURRENT_IAC_LAP, 1423 (num * 3 + 1), &cp) < 0) 1424 return -errno; 1425 1426 return write_class(index, WANTED_COD(index)); 1427} 1428 1429static void write_class_complete(int index, uint8_t status) 1430{ 1431 struct btd_adapter *adapter; 1432 1433 if (status) 1434 return; 1435 1436 if (PENDING_COD(index) == 0) 1437 return; 1438 1439 CURRENT_COD(index) = PENDING_COD(index); 1440 PENDING_COD(index) = 0; 1441 1442 adapter = manager_find_adapter(&BDADDR(index)); 1443 if (adapter) 1444 btd_adapter_class_changed(adapter, CURRENT_COD(index)); 1445 1446 update_ext_inquiry_response(index); 1447 1448 if (WANTED_COD(index) == CURRENT_COD(index)) 1449 return; 1450 1451 if (WANTED_COD(index) & LIMITED_BIT && 1452 !(CURRENT_COD(index) & LIMITED_BIT)) 1453 hciops_set_limited_discoverable(index, TRUE); 1454 else if (!(WANTED_COD(index) & LIMITED_BIT) && 1455 (CURRENT_COD(index) & LIMITED_BIT)) 1456 hciops_set_limited_discoverable(index, FALSE); 1457 else 1458 write_class(index, WANTED_COD(index)); 1459} 1460 1461static inline void cmd_complete(int index, void *ptr) 1462{ 1463 evt_cmd_complete *evt = ptr; 1464 uint16_t opcode = btohs(evt->opcode); 1465 uint8_t status = *((uint8_t *) ptr + EVT_CMD_COMPLETE_SIZE); 1466 1467 switch (opcode) { 1468 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_VERSION): 1469 ptr += sizeof(evt_cmd_complete); 1470 read_local_version_complete(index, ptr); 1471 break; 1472 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_FEATURES): 1473 ptr += sizeof(evt_cmd_complete); 1474 read_local_features_complete(index, ptr); 1475 break; 1476 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_EXT_FEATURES): 1477 ptr += sizeof(evt_cmd_complete); 1478 read_local_ext_features_complete(index, ptr); 1479 break; 1480 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_BD_ADDR): 1481 ptr += sizeof(evt_cmd_complete); 1482 read_bd_addr_complete(index, ptr); 1483 break; 1484 case cmd_opcode_pack(OGF_LINK_CTL, OCF_PERIODIC_INQUIRY): 1485 start_inquiry(&BDADDR(index), status, TRUE); 1486 break; 1487 case cmd_opcode_pack(OGF_LINK_CTL, OCF_EXIT_PERIODIC_INQUIRY): 1488 inquiry_complete(&BDADDR(index), status, TRUE); 1489 break; 1490 case cmd_opcode_pack(OGF_LINK_CTL, OCF_INQUIRY_CANCEL): 1491 inquiry_complete(&BDADDR(index), status, FALSE); 1492 break; 1493 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_LE_HOST_SUPPORTED): 1494 write_le_host_complete(&BDADDR(index), status); 1495 break; 1496 case cmd_opcode_pack(OGF_LE_CTL, OCF_LE_SET_SCAN_ENABLE): 1497 btd_event_le_set_scan_enable_complete(&BDADDR(index), status); 1498 break; 1499 case cmd_opcode_pack(OGF_HOST_CTL, OCF_CHANGE_LOCAL_NAME): 1500 if (!status) 1501 hci_send_cmd(SK(index), OGF_HOST_CTL, 1502 OCF_READ_LOCAL_NAME, 0, 0); 1503 break; 1504 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE): 1505 btd_event_setscan_enable_complete(&BDADDR(index)); 1506 break; 1507 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_SCAN_ENABLE): 1508 ptr += sizeof(evt_cmd_complete); 1509 read_scan_complete(index, status, ptr); 1510 break; 1511 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_CLASS_OF_DEV): 1512 write_class_complete(index, status); 1513 break; 1514 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_SIMPLE_PAIRING_MODE): 1515 if (!status) 1516 hci_send_cmd(SK(index), OGF_HOST_CTL, 1517 OCF_READ_SIMPLE_PAIRING_MODE, 0, NULL); 1518 break; 1519 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_SIMPLE_PAIRING_MODE): 1520 ptr += sizeof(evt_cmd_complete); 1521 read_simple_pairing_mode_complete(index, ptr); 1522 break; 1523 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_LOCAL_NAME): 1524 ptr += sizeof(evt_cmd_complete); 1525 read_local_name_complete(index, ptr); 1526 break; 1527 case cmd_opcode_pack(OGF_HOST_CTL, 1528 OCF_READ_INQ_RESPONSE_TX_POWER_LEVEL): 1529 ptr += sizeof(evt_cmd_complete); 1530 read_tx_power_complete(index, ptr); 1531 break; 1532 }; 1533} 1534 1535static inline void remote_name_information(int index, void *ptr) 1536{ 1537 evt_remote_name_req_complete *evt = ptr; 1538 char name[MAX_NAME_LENGTH + 1]; 1539 1540 DBG("hci%d status %u", index, evt->status); 1541 1542 memset(name, 0, sizeof(name)); 1543 1544 if (!evt->status) 1545 memcpy(name, evt->name, MAX_NAME_LENGTH); 1546 1547 btd_event_remote_name(&BDADDR(index), &evt->bdaddr, evt->status, name); 1548} 1549 1550static inline void remote_version_information(int index, void *ptr) 1551{ 1552 evt_read_remote_version_complete *evt = ptr; 1553 bdaddr_t dba; 1554 1555 DBG("hci%d status %u", index, evt->status); 1556 1557 if (evt->status) 1558 return; 1559 1560 if (get_bdaddr(index, btohs(evt->handle), &dba) < 0) 1561 return; 1562 1563 write_version_info(&BDADDR(index), &dba, btohs(evt->manufacturer), 1564 evt->lmp_ver, btohs(evt->lmp_subver)); 1565} 1566 1567static inline void inquiry_result(int index, int plen, void *ptr) 1568{ 1569 uint8_t num = *(uint8_t *) ptr++; 1570 int i; 1571 1572 for (i = 0; i < num; i++) { 1573 inquiry_info *info = ptr; 1574 uint32_t class = info->dev_class[0] | 1575 (info->dev_class[1] << 8) | 1576 (info->dev_class[2] << 16); 1577 1578 btd_event_inquiry_result(&BDADDR(index), &info->bdaddr, class, 1579 0, NULL); 1580 1581 update_lastseen(&BDADDR(index), &info->bdaddr); 1582 1583 ptr += INQUIRY_INFO_SIZE; 1584 } 1585} 1586 1587static inline void inquiry_result_with_rssi(int index, int plen, void *ptr) 1588{ 1589 uint8_t num = *(uint8_t *) ptr++; 1590 int i; 1591 1592 if (!num) 1593 return; 1594 1595 if ((plen - 1) / num == INQUIRY_INFO_WITH_RSSI_AND_PSCAN_MODE_SIZE) { 1596 for (i = 0; i < num; i++) { 1597 inquiry_info_with_rssi_and_pscan_mode *info = ptr; 1598 uint32_t class = info->dev_class[0] 1599 | (info->dev_class[1] << 8) 1600 | (info->dev_class[2] << 16); 1601 1602 btd_event_inquiry_result(&BDADDR(index), &info->bdaddr, 1603 class, info->rssi, NULL); 1604 1605 update_lastseen(&BDADDR(index), &info->bdaddr); 1606 1607 ptr += INQUIRY_INFO_WITH_RSSI_AND_PSCAN_MODE_SIZE; 1608 } 1609 } else { 1610 for (i = 0; i < num; i++) { 1611 inquiry_info_with_rssi *info = ptr; 1612 uint32_t class = info->dev_class[0] 1613 | (info->dev_class[1] << 8) 1614 | (info->dev_class[2] << 16); 1615 1616 btd_event_inquiry_result(&BDADDR(index), &info->bdaddr, 1617 class, info->rssi, NULL); 1618 1619 update_lastseen(&BDADDR(index), &info->bdaddr); 1620 1621 ptr += INQUIRY_INFO_WITH_RSSI_SIZE; 1622 } 1623 } 1624} 1625 1626static inline void extended_inquiry_result(int index, int plen, void *ptr) 1627{ 1628 uint8_t num = *(uint8_t *) ptr++; 1629 int i; 1630 1631 for (i = 0; i < num; i++) { 1632 extended_inquiry_info *info = ptr; 1633 uint32_t class = info->dev_class[0] 1634 | (info->dev_class[1] << 8) 1635 | (info->dev_class[2] << 16); 1636 1637 btd_event_inquiry_result(&BDADDR(index), &info->bdaddr, class, 1638 info->rssi, info->data); 1639 1640 update_lastseen(&BDADDR(index), &info->bdaddr); 1641 1642 ptr += EXTENDED_INQUIRY_INFO_SIZE; 1643 } 1644} 1645 1646static inline void remote_features_information(int index, void *ptr) 1647{ 1648 evt_read_remote_features_complete *evt = ptr; 1649 bdaddr_t dba; 1650 1651 DBG("hci%d status %u", index, evt->status); 1652 1653 if (evt->status) 1654 return; 1655 1656 if (get_bdaddr(index, btohs(evt->handle), &dba) < 0) 1657 return; 1658 1659 write_features_info(&BDADDR(index), &dba, evt->features, NULL); 1660} 1661 1662static inline void conn_complete(int index, void *ptr) 1663{ 1664 evt_conn_complete *evt = ptr; 1665 char filename[PATH_MAX]; 1666 char local_addr[18], peer_addr[18], *str; 1667 struct btd_adapter *adapter; 1668 1669 adapter = manager_find_adapter(&BDADDR(index)); 1670 if (!adapter) { 1671 error("Unable to find matching adapter"); 1672 return; 1673 } 1674 1675 if (evt->link_type != ACL_LINK) 1676 return; 1677 1678 btd_event_conn_complete(&BDADDR(index), evt->status, 1679 btohs(evt->handle), &evt->bdaddr); 1680 1681 if (evt->status) 1682 return; 1683 1684 update_lastused(&BDADDR(index), &evt->bdaddr); 1685 1686 /* check if the remote version needs be requested */ 1687 ba2str(&BDADDR(index), local_addr); 1688 ba2str(&evt->bdaddr, peer_addr); 1689 1690 create_name(filename, sizeof(filename), STORAGEDIR, local_addr, 1691 "manufacturers"); 1692 1693 str = textfile_get(filename, peer_addr); 1694 if (!str) 1695 btd_adapter_get_remote_version(adapter, btohs(evt->handle), 1696 TRUE); 1697 else 1698 free(str); 1699} 1700 1701static inline void le_conn_complete(int index, void *ptr) 1702{ 1703 evt_le_connection_complete *evt = ptr; 1704 char filename[PATH_MAX]; 1705 char local_addr[18], peer_addr[18], *str; 1706 struct btd_adapter *adapter; 1707 1708 adapter = manager_find_adapter(&BDADDR(index)); 1709 if (!adapter) { 1710 error("Unable to find matching adapter"); 1711 return; 1712 } 1713 1714 btd_event_conn_complete(&BDADDR(index), evt->status, 1715 btohs(evt->handle), &evt->peer_bdaddr); 1716 1717 if (evt->status) 1718 return; 1719 1720 update_lastused(&BDADDR(index), &evt->peer_bdaddr); 1721 1722 /* check if the remote version needs be requested */ 1723 ba2str(&BDADDR(index), local_addr); 1724 ba2str(&evt->peer_bdaddr, peer_addr); 1725 1726 create_name(filename, sizeof(filename), STORAGEDIR, local_addr, 1727 "manufacturers"); 1728 1729 str = textfile_get(filename, peer_addr); 1730 if (!str) 1731 btd_adapter_get_remote_version(adapter, btohs(evt->handle), 1732 TRUE); 1733 else 1734 free(str); 1735} 1736 1737static inline void disconn_complete(int index, void *ptr) 1738{ 1739 evt_disconn_complete *evt = ptr; 1740 1741 btd_event_disconn_complete(&BDADDR(index), evt->status, 1742 btohs(evt->handle), evt->reason); 1743} 1744 1745static inline void auth_complete(int index, void *ptr) 1746{ 1747 evt_auth_complete *evt = ptr; 1748 bdaddr_t dba; 1749 1750 DBG("hci%d status %u", index, evt->status); 1751 1752 if (get_bdaddr(index, btohs(evt->handle), &dba) < 0) 1753 return; 1754 1755 btd_event_bonding_process_complete(&BDADDR(index), &dba, evt->status); 1756} 1757 1758static inline void simple_pairing_complete(int index, void *ptr) 1759{ 1760 evt_simple_pairing_complete *evt = ptr; 1761 1762 DBG("hci%d status %u", index, evt->status); 1763 1764 btd_event_simple_pairing_complete(&BDADDR(index), &evt->bdaddr, 1765 evt->status); 1766} 1767 1768static inline void conn_request(int index, void *ptr) 1769{ 1770 evt_conn_request *evt = ptr; 1771 uint32_t class = evt->dev_class[0] | (evt->dev_class[1] << 8) 1772 | (evt->dev_class[2] << 16); 1773 1774 btd_event_remote_class(&BDADDR(index), &evt->bdaddr, class); 1775} 1776 1777static inline void le_advertising_report(int index, evt_le_meta_event *meta) 1778{ 1779 le_advertising_info *info; 1780 uint8_t num, i; 1781 1782 num = meta->data[0]; 1783 info = (le_advertising_info *) (meta->data + 1); 1784 1785 for (i = 0; i < num; i++) { 1786 btd_event_advertising_report(&BDADDR(index), info); 1787 info = (le_advertising_info *) (info->data + info->length + 1); 1788 } 1789} 1790 1791static inline void le_metaevent(int index, void *ptr) 1792{ 1793 evt_le_meta_event *meta = ptr; 1794 1795 DBG("hci%d LE Meta Event %u", index, meta->subevent); 1796 1797 switch (meta->subevent) { 1798 case EVT_LE_ADVERTISING_REPORT: 1799 le_advertising_report(index, meta); 1800 break; 1801 1802 case EVT_LE_CONN_COMPLETE: 1803 le_conn_complete(index, meta->data); 1804 break; 1805 } 1806} 1807 1808static void stop_hci_dev(int index) 1809{ 1810 GIOChannel *chan = CHANNEL(index); 1811 1812 if (!chan) 1813 return; 1814 1815 info("Stopping hci%d event socket", index); 1816 1817 g_source_remove(WATCH_ID(index)); 1818 g_io_channel_unref(CHANNEL(index)); 1819 hci_close_dev(SK(index)); 1820 init_dev_info(index, -1, REGISTERED(index)); 1821} 1822 1823static gboolean io_security_event(GIOChannel *chan, GIOCondition cond, 1824 gpointer data) 1825{ 1826 unsigned char buf[HCI_MAX_EVENT_SIZE], *ptr = buf; 1827 int type, index = GPOINTER_TO_INT(data); 1828 struct hci_dev_info di; 1829 size_t len; 1830 hci_event_hdr *eh; 1831 GIOError err; 1832 evt_cmd_status *evt; 1833 1834 if (cond & (G_IO_NVAL | G_IO_HUP | G_IO_ERR)) { 1835 stop_hci_dev(index); 1836 return FALSE; 1837 } 1838 1839 if ((err = g_io_channel_read(chan, (gchar *) buf, sizeof(buf), &len))) { 1840 if (err == G_IO_ERROR_AGAIN) 1841 return TRUE; 1842 stop_hci_dev(index); 1843 return FALSE; 1844 } 1845 1846 type = *ptr++; 1847 1848 if (type != HCI_EVENT_PKT) 1849 return TRUE; 1850 1851 eh = (hci_event_hdr *) ptr; 1852 ptr += HCI_EVENT_HDR_SIZE; 1853 1854 memset(&di, 0, sizeof(di)); 1855 if (hci_devinfo(index, &di) == 0) { 1856 bacpy(&BDADDR(index), &di.bdaddr); 1857 1858 if (ignore_device(&di)) 1859 return TRUE; 1860 } 1861 1862 switch (eh->evt) { 1863 case EVT_CMD_STATUS: 1864 cmd_status(index, ptr); 1865 break; 1866 1867 case EVT_CMD_COMPLETE: 1868 cmd_complete(index, ptr); 1869 break; 1870 1871 case EVT_REMOTE_NAME_REQ_COMPLETE: 1872 remote_name_information(index, ptr); 1873 break; 1874 1875 case EVT_READ_REMOTE_VERSION_COMPLETE: 1876 remote_version_information(index, ptr); 1877 break; 1878 1879 case EVT_READ_REMOTE_FEATURES_COMPLETE: 1880 remote_features_information(index, ptr); 1881 break; 1882 1883 case EVT_REMOTE_HOST_FEATURES_NOTIFY: 1884 remote_features_notify(index, ptr); 1885 break; 1886 1887 case EVT_INQUIRY_COMPLETE: 1888 evt = (evt_cmd_status *) ptr; 1889 inquiry_complete(&BDADDR(index), evt->status, FALSE); 1890 break; 1891 1892 case EVT_INQUIRY_RESULT: 1893 inquiry_result(index, eh->plen, ptr); 1894 break; 1895 1896 case EVT_INQUIRY_RESULT_WITH_RSSI: 1897 inquiry_result_with_rssi(index, eh->plen, ptr); 1898 break; 1899 1900 case EVT_EXTENDED_INQUIRY_RESULT: 1901 extended_inquiry_result(index, eh->plen, ptr); 1902 break; 1903 1904 case EVT_CONN_COMPLETE: 1905 conn_complete(index, ptr); 1906 break; 1907 1908 case EVT_DISCONN_COMPLETE: 1909 disconn_complete(index, ptr); 1910 break; 1911 1912 case EVT_AUTH_COMPLETE: 1913 auth_complete(index, ptr); 1914 break; 1915 1916 case EVT_SIMPLE_PAIRING_COMPLETE: 1917 simple_pairing_complete(index, ptr); 1918 break; 1919 1920 case EVT_CONN_REQUEST: 1921 conn_request(index, ptr); 1922 break; 1923 case EVT_LE_META_EVENT: 1924 le_metaevent(index, ptr); 1925 break; 1926 case EVT_PIN_CODE_REQ: 1927 pin_code_request(index, (bdaddr_t *) ptr); 1928 break; 1929 1930 case EVT_LINK_KEY_REQ: 1931 link_key_request(index, (bdaddr_t *) ptr); 1932 break; 1933 1934 case EVT_LINK_KEY_NOTIFY: 1935 link_key_notify(index, ptr); 1936 break; 1937 1938 case EVT_RETURN_LINK_KEYS: 1939 return_link_keys(index, ptr); 1940 break; 1941 1942 case EVT_IO_CAPABILITY_REQUEST: 1943 io_capa_request(index, ptr); 1944 break; 1945 1946 case EVT_IO_CAPABILITY_RESPONSE: 1947 io_capa_response(index, ptr); 1948 break; 1949 1950 case EVT_USER_CONFIRM_REQUEST: 1951 user_confirm_request(index, ptr); 1952 break; 1953 1954 case EVT_USER_PASSKEY_REQUEST: 1955 user_passkey_request(index, ptr); 1956 break; 1957 1958 case EVT_USER_PASSKEY_NOTIFY: 1959 user_passkey_notify(index, ptr); 1960 break; 1961 1962 case EVT_REMOTE_OOB_DATA_REQUEST: 1963 remote_oob_data_request(index, ptr); 1964 break; 1965 } 1966 1967 return TRUE; 1968} 1969 1970static void start_hci_dev(int index) 1971{ 1972 GIOChannel *chan = CHANNEL(index); 1973 GIOCondition cond; 1974 struct hci_filter flt; 1975 1976 if (chan) 1977 return; 1978 1979 info("Listening for HCI events on hci%d", index); 1980 1981 /* Set filter */ 1982 hci_filter_clear(&flt); 1983 hci_filter_set_ptype(HCI_EVENT_PKT, &flt); 1984 hci_filter_set_event(EVT_CMD_STATUS, &flt); 1985 hci_filter_set_event(EVT_CMD_COMPLETE, &flt); 1986 hci_filter_set_event(EVT_PIN_CODE_REQ, &flt); 1987 hci_filter_set_event(EVT_LINK_KEY_REQ, &flt); 1988 hci_filter_set_event(EVT_LINK_KEY_NOTIFY, &flt); 1989 hci_filter_set_event(EVT_RETURN_LINK_KEYS, &flt); 1990 hci_filter_set_event(EVT_IO_CAPABILITY_REQUEST, &flt); 1991 hci_filter_set_event(EVT_IO_CAPABILITY_RESPONSE, &flt); 1992 hci_filter_set_event(EVT_USER_CONFIRM_REQUEST, &flt); 1993 hci_filter_set_event(EVT_USER_PASSKEY_REQUEST, &flt); 1994 hci_filter_set_event(EVT_REMOTE_OOB_DATA_REQUEST, &flt); 1995 hci_filter_set_event(EVT_USER_PASSKEY_NOTIFY, &flt); 1996 hci_filter_set_event(EVT_KEYPRESS_NOTIFY, &flt); 1997 hci_filter_set_event(EVT_SIMPLE_PAIRING_COMPLETE, &flt); 1998 hci_filter_set_event(EVT_AUTH_COMPLETE, &flt); 1999 hci_filter_set_event(EVT_REMOTE_NAME_REQ_COMPLETE, &flt); 2000 hci_filter_set_event(EVT_READ_REMOTE_VERSION_COMPLETE, &flt); 2001 hci_filter_set_event(EVT_READ_REMOTE_FEATURES_COMPLETE, &flt); 2002 hci_filter_set_event(EVT_REMOTE_HOST_FEATURES_NOTIFY, &flt); 2003 hci_filter_set_event(EVT_INQUIRY_COMPLETE, &flt); 2004 hci_filter_set_event(EVT_INQUIRY_RESULT, &flt); 2005 hci_filter_set_event(EVT_INQUIRY_RESULT_WITH_RSSI, &flt); 2006 hci_filter_set_event(EVT_EXTENDED_INQUIRY_RESULT, &flt); 2007 hci_filter_set_event(EVT_CONN_REQUEST, &flt); 2008 hci_filter_set_event(EVT_CONN_COMPLETE, &flt); 2009 hci_filter_set_event(EVT_DISCONN_COMPLETE, &flt); 2010 hci_filter_set_event(EVT_LE_META_EVENT, &flt); 2011 if (setsockopt(SK(index), SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) { 2012 error("Can't set filter on hci%d: %s (%d)", 2013 index, strerror(errno), errno); 2014 return; 2015 } 2016 2017 chan = g_io_channel_unix_new(SK(index)); 2018 cond = G_IO_IN | G_IO_NVAL | G_IO_HUP | G_IO_ERR; 2019 WATCH_ID(index) = g_io_add_watch_full(chan, G_PRIORITY_LOW, cond, 2020 io_security_event, 2021 GINT_TO_POINTER(index), NULL); 2022 CHANNEL(index) = chan; 2023 PIN_LENGTH(index) = -1; 2024 2025} 2026 2027/* End of HCI event callbacks */ 2028 2029static gboolean child_exit(GIOChannel *io, GIOCondition cond, void *user_data) 2030{ 2031 int status, fd = g_io_channel_unix_get_fd(io); 2032 pid_t child_pid; 2033 2034 if (read(fd, &child_pid, sizeof(child_pid)) != sizeof(child_pid)) { 2035 error("child_exit: unable to read child pid from pipe"); 2036 return TRUE; 2037 } 2038 2039 if (waitpid(child_pid, &status, 0) != child_pid) 2040 error("waitpid(%d) failed", child_pid); 2041 else 2042 DBG("child %d exited", child_pid); 2043 2044 return TRUE; 2045} 2046 2047static void at_child_exit(void) 2048{ 2049 pid_t pid = getpid(); 2050 2051 if (write(child_pipe[1], &pid, sizeof(pid)) != sizeof(pid)) 2052 error("unable to write to child pipe"); 2053} 2054 2055static void device_devup_setup(int index) 2056{ 2057 struct hci_dev_info di; 2058 read_stored_link_key_cp cp; 2059 2060 DBG("hci%d", index); 2061 2062 if (hci_devinfo(index, &di) < 0) 2063 return; 2064 2065 if (ignore_device(&di)) 2066 return; 2067 2068 bacpy(&BDADDR(index), &di.bdaddr); 2069 memcpy(FEATURES(index), di.features, 8); 2070 2071 /* Set page timeout */ 2072 if ((main_opts.flags & (1 << HCID_SET_PAGETO))) { 2073 write_page_timeout_cp cp; 2074 2075 cp.timeout = htobs(main_opts.pageto); 2076 hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_WRITE_PAGE_TIMEOUT, 2077 WRITE_PAGE_TIMEOUT_CP_SIZE, &cp); 2078 } 2079 2080 bacpy(&cp.bdaddr, BDADDR_ANY); 2081 cp.read_all = 1; 2082 hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_READ_STORED_LINK_KEY, 2083 READ_STORED_LINK_KEY_CP_SIZE, (void *) &cp); 2084 2085 if (!PENDING(index)) 2086 init_adapter(index); 2087} 2088 2089static void init_pending(int index) 2090{ 2091 hci_set_bit(PENDING_BDADDR, &PENDING(index)); 2092 hci_set_bit(PENDING_VERSION, &PENDING(index)); 2093 hci_set_bit(PENDING_FEATURES, &PENDING(index)); 2094 hci_set_bit(PENDING_NAME, &PENDING(index)); 2095} 2096 2097static void init_device(int index) 2098{ 2099 struct hci_dev_req dr; 2100 int dd; 2101 pid_t pid; 2102 2103 DBG("hci%d", index); 2104 2105 dd = hci_open_dev(index); 2106 if (dd < 0) { 2107 error("Unable to open hci%d: %s (%d)", index, 2108 strerror(errno), errno); 2109 return; 2110 } 2111 2112 if (index > max_dev) { 2113 max_dev = index; 2114 devs = g_realloc(devs, sizeof(devs[0]) * (max_dev + 1)); 2115 } 2116 2117 init_dev_info(index, dd, FALSE); 2118 init_pending(index); 2119 start_hci_dev(index); 2120 2121 /* Do initialization in the separate process */ 2122 pid = fork(); 2123 switch (pid) { 2124 case 0: 2125 atexit(at_child_exit); 2126 break; 2127 case -1: 2128 error("Fork failed. Can't init device hci%d: %s (%d)", 2129 index, strerror(errno), errno); 2130 default: 2131 DBG("child %d forked", pid); 2132 return; 2133 } 2134 2135 memset(&dr, 0, sizeof(dr)); 2136 dr.dev_id = index; 2137 2138 /* Set link mode */ 2139 dr.dev_opt = main_opts.link_mode; 2140 if (ioctl(dd, HCISETLINKMODE, (unsigned long) &dr) < 0) 2141 error("Can't set link mode on hci%d: %s (%d)", 2142 index, strerror(errno), errno); 2143 2144 /* Start HCI device */ 2145 if (ioctl(dd, HCIDEVUP, index) < 0 && errno != EALREADY) { 2146 error("Can't init device hci%d: %s (%d)", 2147 index, strerror(errno), errno); 2148 goto fail; 2149 } 2150 2151 hci_close_dev(dd); 2152 exit(0); 2153 2154fail: 2155 hci_close_dev(dd); 2156 exit(1); 2157} 2158 2159static void device_devreg_setup(int index) 2160{ 2161 struct hci_dev_info di; 2162 2163 DBG("hci%d", index); 2164 2165 init_device(index); 2166 2167 memset(&di, 0, sizeof(di)); 2168 2169 if (hci_devinfo(index, &di) < 0) 2170 return; 2171 2172 if (ignore_device(&di)) 2173 return; 2174 2175 ALREADY_UP(index) = hci_test_bit(HCI_UP, &di.flags); 2176} 2177 2178static void device_event(int event, int index) 2179{ 2180 switch (event) { 2181 case HCI_DEV_REG: 2182 info("HCI dev %d registered", index); 2183 device_devreg_setup(index); 2184 if (ALREADY_UP(index)) 2185 device_event(HCI_DEV_UP, index); 2186 break; 2187 2188 case HCI_DEV_UNREG: 2189 info("HCI dev %d unregistered", index); 2190 stop_hci_dev(index); 2191 if (REGISTERED(index)) 2192 btd_manager_unregister_adapter(index); 2193 break; 2194 2195 case HCI_DEV_UP: 2196 info("HCI dev %d up", index); 2197 UP(index) = TRUE; 2198 device_devup_setup(index); 2199 break; 2200 2201 case HCI_DEV_DOWN: 2202 info("HCI dev %d down", index); 2203 UP(index) = FALSE; 2204 PENDING_COD(index) = 0; 2205 CACHE_ENABLE(index) = TRUE; 2206 if (!PENDING(index)) { 2207 manager_stop_adapter(index); 2208 init_pending(index); 2209 } 2210 break; 2211 } 2212} 2213 2214static int hciops_stop_inquiry(int index) 2215{ 2216 struct hci_dev_info di; 2217 int err; 2218 2219 DBG("hci%d", index); 2220 2221 if (hci_devinfo(index, &di) < 0) 2222 return -errno; 2223 2224 if (hci_test_bit(HCI_INQUIRY, &di.flags)) 2225 err = hci_send_cmd(SK(index), OGF_LINK_CTL, 2226 OCF_INQUIRY_CANCEL, 0, 0); 2227 else 2228 err = hci_send_cmd(SK(index), OGF_LINK_CTL, 2229 OCF_EXIT_PERIODIC_INQUIRY, 0, 0); 2230 if (err < 0) 2231 err = -errno; 2232 2233 return err; 2234} 2235 2236static gboolean init_known_adapters(gpointer user_data) 2237{ 2238 struct hci_dev_list_req *dl; 2239 struct hci_dev_req *dr; 2240 int i, err, ctl = GPOINTER_TO_INT(user_data); 2241 size_t req_size; 2242 2243 DBG(""); 2244 2245 req_size = HCI_MAX_DEV * sizeof(struct hci_dev_req) + sizeof(uint16_t); 2246 2247 dl = g_try_malloc0(req_size); 2248 if (!dl) { 2249 error("Can't allocate devlist buffer"); 2250 return FALSE; 2251 } 2252 2253 dl->dev_num = HCI_MAX_DEV; 2254 dr = dl->dev_req; 2255 2256 if (ioctl(ctl, HCIGETDEVLIST, dl) < 0) { 2257 err = -errno; 2258 error("Can't get device list: %s (%d)", strerror(-err), -err); 2259 g_free(dl); 2260 return FALSE; 2261 } 2262 2263 for (i = 0; i < dl->dev_num; i++, dr++) { 2264 device_event(HCI_DEV_REG, dr->dev_id); 2265 2266 ALREADY_UP(dr->dev_id) = hci_test_bit(HCI_UP, &dr->dev_opt); 2267 2268 if (!ALREADY_UP(dr->dev_id)) 2269 continue; 2270 2271 hciops_stop_inquiry(dr->dev_id); 2272 2273 PENDING(dr->dev_id) = 0; 2274 hci_set_bit(PENDING_VERSION, &PENDING(dr->dev_id)); 2275 hci_send_cmd(SK(dr->dev_id), OGF_INFO_PARAM, 2276 OCF_READ_LOCAL_VERSION, 0, NULL); 2277 device_event(HCI_DEV_UP, dr->dev_id); 2278 } 2279 2280 g_free(dl); 2281 2282 return FALSE; 2283} 2284 2285static gboolean io_stack_event(GIOChannel *chan, GIOCondition cond, 2286 gpointer data) 2287{ 2288 unsigned char buf[HCI_MAX_FRAME_SIZE], *ptr; 2289 evt_stack_internal *si; 2290 evt_si_device *sd; 2291 hci_event_hdr *eh; 2292 int type; 2293 size_t len; 2294 GIOError err; 2295 2296 ptr = buf; 2297 2298 err = g_io_channel_read(chan, (gchar *) buf, sizeof(buf), &len); 2299 if (err) { 2300 if (err == G_IO_ERROR_AGAIN) 2301 return TRUE; 2302 2303 error("Read from control socket failed: %s (%d)", 2304 strerror(errno), errno); 2305 return FALSE; 2306 } 2307 2308 type = *ptr++; 2309 2310 if (type != HCI_EVENT_PKT) 2311 return TRUE; 2312 2313 eh = (hci_event_hdr *) ptr; 2314 if (eh->evt != EVT_STACK_INTERNAL) 2315 return TRUE; 2316 2317 ptr += HCI_EVENT_HDR_SIZE; 2318 2319 si = (evt_stack_internal *) ptr; 2320 switch (si->type) { 2321 case EVT_SI_DEVICE: 2322 sd = (void *) &si->data; 2323 device_event(sd->event, sd->dev_id); 2324 break; 2325 } 2326 2327 return TRUE; 2328} 2329 2330static int hciops_setup(void) 2331{ 2332 struct sockaddr_hci addr; 2333 struct hci_filter flt; 2334 GIOChannel *ctl_io, *child_io; 2335 int sock, err; 2336 2337 DBG(""); 2338 2339 if (child_pipe[0] != -1) 2340 return -EALREADY; 2341 2342 if (pipe(child_pipe) < 0) { 2343 err = -errno; 2344 error("pipe(): %s (%d)", strerror(-err), -err); 2345 return err; 2346 } 2347 2348 child_io = g_io_channel_unix_new(child_pipe[0]); 2349 g_io_channel_set_close_on_unref(child_io, TRUE); 2350 child_io_id = g_io_add_watch(child_io, 2351 G_IO_IN | G_IO_ERR | G_IO_HUP | G_IO_NVAL, 2352 child_exit, NULL); 2353 g_io_channel_unref(child_io); 2354 2355 /* Create and bind HCI socket */ 2356 sock = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI); 2357 if (sock < 0) { 2358 err = -errno; 2359 error("Can't open HCI socket: %s (%d)", strerror(-err), 2360 -err); 2361 return err; 2362 } 2363 2364 /* Set filter */ 2365 hci_filter_clear(&flt); 2366 hci_filter_set_ptype(HCI_EVENT_PKT, &flt); 2367 hci_filter_set_event(EVT_STACK_INTERNAL, &flt); 2368 if (setsockopt(sock, SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) { 2369 err = -errno; 2370 error("Can't set filter: %s (%d)", strerror(-err), -err); 2371 return err; 2372 } 2373 2374 memset(&addr, 0, sizeof(addr)); 2375 addr.hci_family = AF_BLUETOOTH; 2376 addr.hci_dev = HCI_DEV_NONE; 2377 if (bind(sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) { 2378 err = -errno; 2379 error("Can't bind HCI socket: %s (%d)", strerror(-err), -err); 2380 return err; 2381 } 2382 2383 ctl_io = g_io_channel_unix_new(sock); 2384 g_io_channel_set_close_on_unref(ctl_io, TRUE); 2385 2386 ctl_io_id = g_io_add_watch(ctl_io, G_IO_IN, io_stack_event, NULL); 2387 2388 g_io_channel_unref(ctl_io); 2389 2390 g_idle_add(init_known_adapters, GINT_TO_POINTER(sock)); 2391 2392 return 0; 2393} 2394 2395static void hciops_cleanup(void) 2396{ 2397 int i; 2398 2399 DBG(""); 2400 2401 for (i = 0; i <= max_dev; i++) { 2402 if (SK(i) >= 0) 2403 hci_close_dev(SK(i)); 2404 } 2405 2406 g_free(devs); 2407 devs = NULL; 2408 max_dev = -1; 2409 2410 if (child_io_id) { 2411 g_source_remove(child_io_id); 2412 child_io_id = 0; 2413 } 2414 2415 if (ctl_io_id) { 2416 g_source_remove(ctl_io_id); 2417 ctl_io_id = 0; 2418 } 2419 2420 if (child_pipe[0] >= 0) { 2421 close(child_pipe[0]); 2422 child_pipe[0] = -1; 2423 } 2424 2425 if (child_pipe[1] >= 0) { 2426 close(child_pipe[1]); 2427 child_pipe[1] = -1; 2428 } 2429} 2430 2431static int hciops_start(int index) 2432{ 2433 int err; 2434 2435 DBG("hci%d", index); 2436 2437 if (ioctl(SK(index), HCIDEVUP, index) == 0) 2438 return 0; 2439 2440 if (errno == EALREADY) 2441 return 0; 2442 2443 err = -errno; 2444 error("Can't init device hci%d: %s (%d)", 2445 index, strerror(-err), -err); 2446 2447 return err; 2448} 2449 2450static int hciops_set_powered(int index, gboolean powered) 2451{ 2452 uint8_t mode = SCAN_DISABLED; 2453 2454 DBG("hci%d powered %d", index, powered); 2455 2456 if (powered) 2457 return hciops_start(index); 2458 2459 if (hci_send_cmd(SK(index), OGF_HOST_CTL, 2460 OCF_WRITE_SCAN_ENABLE, 1, &mode) < 0) 2461 return -errno; 2462 2463 return hciops_stop(index); 2464} 2465 2466static int hciops_set_connectable(int index, gboolean connectable) 2467{ 2468 uint8_t mode; 2469 2470 if (connectable) 2471 mode = SCAN_PAGE; 2472 else 2473 mode = 0x00; 2474 2475 DBG("hci%d connectable %d", index, connectable); 2476 2477 if (hci_send_cmd(SK(index), OGF_HOST_CTL, 2478 OCF_WRITE_SCAN_ENABLE, 1, &mode) < 0) 2479 return -errno; 2480 2481 return 0; 2482} 2483 2484static int hciops_set_dev_class(int index, uint8_t major, uint8_t minor) 2485{ 2486 int err; 2487 2488 DBG("hci%d major %u minor %u", index, major, minor); 2489 2490 /* Update only the major and minor class bits keeping remaining bits 2491 * intact*/ 2492 WANTED_COD(index) &= 0xffe000; 2493 WANTED_COD(index) |= ((major & 0x1f) << 8) | minor; 2494 2495 if (WANTED_COD(index) == CURRENT_COD(index) || 2496 CACHE_ENABLE(index) || PENDING_COD(index)) 2497 return 0; 2498 2499 DBG("Changing Major/Minor class to 0x%06x", WANTED_COD(index)); 2500 2501 err = write_class(index, WANTED_COD(index)); 2502 if (err < 0) 2503 error("Adapter class update failed: %s (%d)", 2504 strerror(-err), -err); 2505 2506 return err; 2507} 2508 2509static int hciops_start_inquiry(int index, uint8_t length, gboolean periodic) 2510{ 2511 uint8_t lap[3] = { 0x33, 0x8b, 0x9e }; 2512 int err; 2513 2514 DBG("hci%d length %u periodic %d", index, length, periodic); 2515 2516 if (periodic) { 2517 periodic_inquiry_cp cp; 2518 2519 memset(&cp, 0, sizeof(cp)); 2520 memcpy(&cp.lap, lap, 3); 2521 cp.max_period = htobs(24); 2522 cp.min_period = htobs(16); 2523 cp.length = length; 2524 cp.num_rsp = 0x00; 2525 2526 err = hci_send_cmd(SK(index), OGF_LINK_CTL, 2527 OCF_PERIODIC_INQUIRY, 2528 PERIODIC_INQUIRY_CP_SIZE, &cp); 2529 } else { 2530 inquiry_cp inq_cp; 2531 2532 memset(&inq_cp, 0, sizeof(inq_cp)); 2533 memcpy(&inq_cp.lap, lap, 3); 2534 inq_cp.length = length; 2535 inq_cp.num_rsp = 0x00; 2536 2537 err = hci_send_cmd(SK(index), OGF_LINK_CTL, 2538 OCF_INQUIRY, INQUIRY_CP_SIZE, &inq_cp); 2539 } 2540 2541 if (err < 0) 2542 err = -errno; 2543 2544 return err; 2545} 2546 2547static int le_set_scan_enable(int index, uint8_t enable) 2548{ 2549 le_set_scan_enable_cp cp; 2550 2551 DBG("hci%d enable %u", index, enable); 2552 2553 memset(&cp, 0, sizeof(cp)); 2554 cp.enable = enable; 2555 cp.filter_dup = 0; 2556 2557 if (hci_send_cmd(SK(index), OGF_LE_CTL, OCF_LE_SET_SCAN_ENABLE, 2558 LE_SET_SCAN_ENABLE_CP_SIZE, &cp) < 0) 2559 return -errno; 2560 2561 return 0; 2562} 2563 2564static int hciops_start_scanning(int index) 2565{ 2566 le_set_scan_parameters_cp cp; 2567 2568 DBG("hci%d", index); 2569 2570 memset(&cp, 0, sizeof(cp)); 2571 cp.type = 0x01; /* Active scanning */ 2572 cp.interval = htobs(0x0010); 2573 cp.window = htobs(0x0010); 2574 cp.own_bdaddr_type = 0; /* Public address */ 2575 cp.filter = 0; /* Accept all adv packets */ 2576 2577 if (hci_send_cmd(SK(index), OGF_LE_CTL, OCF_LE_SET_SCAN_PARAMETERS, 2578 LE_SET_SCAN_PARAMETERS_CP_SIZE, &cp) < 0) 2579 return -errno; 2580 2581 return le_set_scan_enable(index, 1); 2582} 2583 2584static int hciops_stop_scanning(int index) 2585{ 2586 DBG("hci%d", index); 2587 2588 return le_set_scan_enable(index, 0); 2589} 2590 2591static int hciops_resolve_name(int index, bdaddr_t *bdaddr) 2592{ 2593 remote_name_req_cp cp; 2594 char addr[18]; 2595 2596 ba2str(bdaddr, addr); 2597 DBG("hci%d dba %s", index, addr); 2598 2599 memset(&cp, 0, sizeof(cp)); 2600 bacpy(&cp.bdaddr, bdaddr); 2601 cp.pscan_rep_mode = 0x02; 2602 2603 if (hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_REMOTE_NAME_REQ, 2604 REMOTE_NAME_REQ_CP_SIZE, &cp) < 0) 2605 return -errno; 2606 2607 return 0; 2608} 2609 2610static int hciops_set_name(int index, const char *name) 2611{ 2612 change_local_name_cp cp; 2613 2614 DBG("hci%d, name %s", index, name); 2615 2616 memset(&cp, 0, sizeof(cp)); 2617 strncpy((char *) cp.name, name, sizeof(cp.name)); 2618 2619 if (hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_CHANGE_LOCAL_NAME, 2620 CHANGE_LOCAL_NAME_CP_SIZE, &cp) < 0) 2621 return -errno; 2622 2623 memcpy(NAME(index), cp.name, 248); 2624 update_ext_inquiry_response(index); 2625 2626 return 0; 2627} 2628 2629static int hciops_cancel_resolve_name(int index, bdaddr_t *bdaddr) 2630{ 2631 remote_name_req_cancel_cp cp; 2632 char addr[18]; 2633 2634 ba2str(bdaddr, addr); 2635 DBG("hci%d dba %s", index, addr); 2636 2637 memset(&cp, 0, sizeof(cp)); 2638 bacpy(&cp.bdaddr, bdaddr); 2639 2640 if (hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_REMOTE_NAME_REQ_CANCEL, 2641 REMOTE_NAME_REQ_CANCEL_CP_SIZE, &cp) < 0) 2642 return -errno; 2643 2644 return 0; 2645} 2646 2647static int hciops_fast_connectable(int index, gboolean enable) 2648{ 2649 write_page_activity_cp cp; 2650 uint8_t type; 2651 2652 DBG("hci%d enable %d", index, enable); 2653 2654 if (enable) { 2655 type = PAGE_SCAN_TYPE_INTERLACED; 2656 cp.interval = 0x0024; /* 22.5 msec page scan interval */ 2657 } else { 2658 type = PAGE_SCAN_TYPE_STANDARD; /* default */ 2659 cp.interval = 0x0800; /* default 1.28 sec page scan */ 2660 } 2661 2662 cp.window = 0x0012; /* default 11.25 msec page scan window */ 2663 2664 if (hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_WRITE_PAGE_ACTIVITY, 2665 WRITE_PAGE_ACTIVITY_CP_SIZE, &cp) < 0) 2666 return -errno; 2667 else if (hci_send_cmd(SK(index), OGF_HOST_CTL, 2668 OCF_WRITE_PAGE_SCAN_TYPE, 1, &type) < 0) 2669 return -errno; 2670 2671 return 0; 2672} 2673 2674static int hciops_read_clock(int index, int handle, int which, int timeout, 2675 uint32_t *clock, uint16_t *accuracy) 2676{ 2677 DBG("hci%d handle %d which %d timeout %d", index, handle, which, 2678 timeout); 2679 2680 if (hci_read_clock(SK(index), handle, which, clock, accuracy, 2681 timeout) < 0) 2682 return -errno; 2683 2684 return 0; 2685} 2686 2687static int hciops_conn_handle(int index, const bdaddr_t *bdaddr, int *handle) 2688{ 2689 int err; 2690 struct hci_conn_info_req *cr; 2691 char addr[18]; 2692 2693 ba2str(bdaddr, addr); 2694 DBG("hci%d dba %s", index, addr); 2695 2696 cr = g_malloc0(sizeof(*cr) + sizeof(struct hci_conn_info)); 2697 bacpy(&cr->bdaddr, bdaddr); 2698 cr->type = ACL_LINK; 2699 2700 if (ioctl(SK(index), HCIGETCONNINFO, (unsigned long) cr) < 0) { 2701 err = -errno; 2702 goto fail; 2703 } 2704 2705 err = 0; 2706 *handle = htobs(cr->conn_info->handle); 2707 2708fail: 2709 g_free(cr); 2710 return err; 2711} 2712 2713static int hciops_read_bdaddr(int index, bdaddr_t *bdaddr) 2714{ 2715 DBG("hci%d", index); 2716 bacpy(bdaddr, &BDADDR(index)); 2717 return 0; 2718} 2719 2720static int hciops_block_device(int index, bdaddr_t *bdaddr) 2721{ 2722 char addr[18]; 2723 2724 ba2str(bdaddr, addr); 2725 DBG("hci%d dba %s", index, addr); 2726 2727 if (ioctl(SK(index), HCIBLOCKADDR, bdaddr) < 0) 2728 return -errno; 2729 2730 return 0; 2731} 2732 2733static int hciops_unblock_device(int index, bdaddr_t *bdaddr) 2734{ 2735 char addr[18]; 2736 2737 ba2str(bdaddr, addr); 2738 DBG("hci%d dba %s", index, addr); 2739 2740 if (ioctl(SK(index), HCIUNBLOCKADDR, bdaddr) < 0) 2741 return -errno; 2742 2743 return 0; 2744} 2745 2746static int hciops_get_conn_list(int index, GSList **conns) 2747{ 2748 struct hci_conn_list_req *cl; 2749 struct hci_conn_info *ci; 2750 int err, i; 2751 2752 DBG("hci%d", index); 2753 2754 cl = g_malloc0(10 * sizeof(*ci) + sizeof(*cl)); 2755 2756 cl->dev_id = index; 2757 cl->conn_num = 10; 2758 ci = cl->conn_info; 2759 2760 if (ioctl(SK(index), HCIGETCONNLIST, cl) < 0) { 2761 err = -errno; 2762 goto fail; 2763 } 2764 2765 err = 0; 2766 *conns = NULL; 2767 2768 for (i = 0; i < cl->conn_num; i++, ci++) 2769 *conns = g_slist_append(*conns, g_memdup(ci, sizeof(*ci))); 2770 2771fail: 2772 g_free(cl); 2773 return err; 2774} 2775 2776static int hciops_read_local_version(int index, struct hci_version *ver) 2777{ 2778 DBG("hci%d", index); 2779 memcpy(ver, &VER(index), sizeof(*ver)); 2780 return 0; 2781} 2782 2783static int hciops_read_local_features(int index, uint8_t *features) 2784{ 2785 DBG("hci%d", index); 2786 memcpy(features, FEATURES(index), 8); 2787 return 0; 2788} 2789 2790static int hciops_read_local_ext_features(int index) 2791{ 2792 uint8_t page_num = 1; 2793 2794 DBG("hci%d", index); 2795 2796 if (hci_send_cmd(SK(index), OGF_INFO_PARAM, 2797 OCF_READ_LOCAL_EXT_FEATURES, 1, &page_num) < 0) 2798 return -errno; 2799 2800 return 0; 2801} 2802 2803static int hciops_disconnect(int index, uint16_t handle) 2804{ 2805 disconnect_cp cp; 2806 2807 DBG("hci%d handle %u", index, handle); 2808 2809 memset(&cp, 0, sizeof(cp)); 2810 cp.handle = htobs(handle); 2811 cp.reason = HCI_OE_USER_ENDED_CONNECTION; 2812 2813 if (hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_DISCONNECT, 2814 DISCONNECT_CP_SIZE, &cp) < 0) 2815 return -errno; 2816 2817 return 0; 2818} 2819 2820static int hciops_remove_bonding(int index, bdaddr_t *bdaddr) 2821{ 2822 delete_stored_link_key_cp cp; 2823 char addr[18]; 2824 2825 ba2str(bdaddr, addr); 2826 DBG("hci%d dba %s", index, addr); 2827 2828 memset(&cp, 0, sizeof(cp)); 2829 bacpy(&cp.bdaddr, bdaddr); 2830 2831 /* Delete the link key from the Bluetooth chip */ 2832 if (hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_DELETE_STORED_LINK_KEY, 2833 DELETE_STORED_LINK_KEY_CP_SIZE, &cp) < 0) 2834 return -errno; 2835 2836 return 0; 2837} 2838 2839static int hciops_request_authentication(int index, uint16_t handle) 2840{ 2841 auth_requested_cp cp; 2842 2843 DBG("hci%d handle %u", index, handle); 2844 2845 memset(&cp, 0, sizeof(cp)); 2846 cp.handle = htobs(handle); 2847 2848 if (hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_AUTH_REQUESTED, 2849 AUTH_REQUESTED_CP_SIZE, &cp) < 0) 2850 return -errno; 2851 2852 return 0; 2853} 2854 2855static int hciops_pincode_reply(int index, bdaddr_t *bdaddr, const char *pin) 2856{ 2857 char addr[18]; 2858 int err; 2859 2860 ba2str(bdaddr, addr); 2861 DBG("hci%d dba %s", index, addr); 2862 2863 if (pin) { 2864 pin_code_reply_cp pr; 2865 size_t len = strlen(pin); 2866 2867 PIN_LENGTH(index) = len; 2868 2869 memset(&pr, 0, sizeof(pr)); 2870 bacpy(&pr.bdaddr, bdaddr); 2871 memcpy(pr.pin_code, pin, len); 2872 pr.pin_len = len; 2873 err = hci_send_cmd(SK(index), OGF_LINK_CTL, 2874 OCF_PIN_CODE_REPLY, 2875 PIN_CODE_REPLY_CP_SIZE, &pr); 2876 } else 2877 err = hci_send_cmd(SK(index), OGF_LINK_CTL, 2878 OCF_PIN_CODE_NEG_REPLY, 6, bdaddr); 2879 2880 if (err < 0) 2881 err = -errno; 2882 2883 return err; 2884} 2885 2886static int hciops_confirm_reply(int index, bdaddr_t *bdaddr, gboolean success) 2887{ 2888 user_confirm_reply_cp cp; 2889 char addr[18]; 2890 int err; 2891 2892 ba2str(bdaddr, addr); 2893 DBG("hci%d dba %s success %d", index, addr, success); 2894 2895 memset(&cp, 0, sizeof(cp)); 2896 bacpy(&cp.bdaddr, bdaddr); 2897 2898 if (success) 2899 err = hci_send_cmd(SK(index), OGF_LINK_CTL, 2900 OCF_USER_CONFIRM_REPLY, 2901 USER_CONFIRM_REPLY_CP_SIZE, &cp); 2902 else 2903 err = hci_send_cmd(SK(index), OGF_LINK_CTL, 2904 OCF_USER_CONFIRM_NEG_REPLY, 2905 USER_CONFIRM_REPLY_CP_SIZE, &cp); 2906 2907 if (err < 0) 2908 err = -errno; 2909 2910 return err; 2911} 2912 2913static int hciops_passkey_reply(int index, bdaddr_t *bdaddr, uint32_t passkey) 2914{ 2915 char addr[18]; 2916 int err; 2917 2918 ba2str(bdaddr, addr); 2919 DBG("hci%d dba %s", index, addr); 2920 2921 if (passkey != INVALID_PASSKEY) { 2922 user_passkey_reply_cp cp; 2923 2924 memset(&cp, 0, sizeof(cp)); 2925 bacpy(&cp.bdaddr, bdaddr); 2926 cp.passkey = passkey; 2927 2928 err = hci_send_cmd(SK(index), OGF_LINK_CTL, 2929 OCF_USER_PASSKEY_REPLY, 2930 USER_PASSKEY_REPLY_CP_SIZE, &cp); 2931 } else 2932 err = hci_send_cmd(SK(index), OGF_LINK_CTL, 2933 OCF_USER_PASSKEY_NEG_REPLY, 6, bdaddr); 2934 2935 if (err < 0) 2936 err = -errno; 2937 2938 return err; 2939} 2940 2941static int hciops_get_auth_info(int index, bdaddr_t *bdaddr, uint8_t *auth) 2942{ 2943 struct hci_auth_info_req req; 2944 char addr[18]; 2945 2946 ba2str(bdaddr, addr); 2947 DBG("hci%d dba %s", index, addr); 2948 2949 memset(&req, 0, sizeof(req)); 2950 bacpy(&req.bdaddr, bdaddr); 2951 2952 if (ioctl(SK(index), HCIGETAUTHINFO, (unsigned long) &req) < 0) 2953 return -errno; 2954 2955 if (auth) 2956 *auth = req.type; 2957 2958 return 0; 2959} 2960 2961static int hciops_read_scan_enable(int index) 2962{ 2963 DBG("hci%d", index); 2964 2965 if (hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_READ_SCAN_ENABLE, 2966 0, NULL) < 0) 2967 return -errno; 2968 2969 return 0; 2970} 2971 2972static int hciops_enable_le(int index) 2973{ 2974 write_le_host_supported_cp cp; 2975 2976 DBG("hci%d", index); 2977 2978 if (!(FEATURES(index)[4] & LMP_LE)) 2979 return -ENOTSUP; 2980 2981 cp.le = 0x01; 2982 cp.simul = (FEATURES(index)[6] & LMP_LE_BREDR) ? 0x01 : 0x00; 2983 2984 if (hci_send_cmd(SK(index), OGF_HOST_CTL, 2985 OCF_WRITE_LE_HOST_SUPPORTED, 2986 WRITE_LE_HOST_SUPPORTED_CP_SIZE, &cp) < 0) 2987 return -errno; 2988 2989 return 0; 2990} 2991 2992struct remote_version_req { 2993 int index; 2994 uint16_t handle; 2995}; 2996 2997static gboolean get_remote_version(gpointer user_data) 2998{ 2999 struct remote_version_req *req = user_data; 3000 read_remote_version_cp cp; 3001 3002 DBG("hci%d handle %u", req->index, req->handle); 3003 3004 memset(&cp, 0, sizeof(cp)); 3005 cp.handle = htobs(req->handle); 3006 3007 hci_send_cmd(SK(req->index), OGF_LINK_CTL, OCF_READ_REMOTE_VERSION, 3008 READ_REMOTE_VERSION_CP_SIZE, &cp); 3009 3010 return FALSE; 3011} 3012 3013static int hciops_get_remote_version(int index, uint16_t handle, 3014 gboolean delayed) 3015{ 3016 struct remote_version_req *req; 3017 3018 DBG("hci%d handle %u delayed %d", index, handle, delayed); 3019 3020 req = g_new0(struct remote_version_req, 1); 3021 req->handle = handle; 3022 req->index = index; 3023 3024 if (!delayed) { 3025 get_remote_version(req); 3026 g_free(req); 3027 return 0; 3028 } 3029 3030 g_timeout_add_seconds_full(G_PRIORITY_DEFAULT, 1, get_remote_version, 3031 req, g_free); 3032 3033 return 0; 3034} 3035 3036static int set_service_classes(int index, uint8_t value) 3037{ 3038 int err; 3039 3040 DBG("hci%d value %u", index, value); 3041 3042 /* Update only the service class, keep the limited bit, 3043 * major/minor class bits intact */ 3044 WANTED_COD(index) &= 0x00ffff; 3045 WANTED_COD(index) |= (value << 16); 3046 3047 /* If the cache is enabled or an existing CoD write is in progress 3048 * just bail out */ 3049 if (CACHE_ENABLE(index) || PENDING_COD(index)) 3050 return 0; 3051 3052 /* If we already have the CoD we want, update EIR and return */ 3053 if (CURRENT_COD(index) == WANTED_COD(index)) { 3054 update_ext_inquiry_response(index); 3055 return 0; 3056 } 3057 3058 DBG("Changing service classes to 0x%06x", WANTED_COD(index)); 3059 3060 err = write_class(index, WANTED_COD(index)); 3061 if (err < 0) 3062 error("Adapter class update failed: %s (%d)", 3063 strerror(-err), -err); 3064 3065 return err; 3066} 3067 3068static int hciops_services_updated(int index) 3069{ 3070 struct btd_adapter *adapter; 3071 sdp_list_t *list; 3072 uint8_t val = 0; 3073 3074 DBG("hci%d", index); 3075 3076 adapter = manager_find_adapter(&BDADDR(index)); 3077 if (adapter == NULL) 3078 return -ENODEV; 3079 3080 for (list = adapter_get_services(adapter); list; list = list->next) { 3081 sdp_record_t *rec = list->data; 3082 3083 if (rec->svclass.type != SDP_UUID16) 3084 continue; 3085 3086 switch (rec->svclass.value.uuid16) { 3087 case DIALUP_NET_SVCLASS_ID: 3088 case CIP_SVCLASS_ID: 3089 val |= 0x42; /* Telephony & Networking */ 3090 break; 3091 case IRMC_SYNC_SVCLASS_ID: 3092 case OBEX_OBJPUSH_SVCLASS_ID: 3093 case OBEX_FILETRANS_SVCLASS_ID: 3094 case IRMC_SYNC_CMD_SVCLASS_ID: 3095 case PBAP_PSE_SVCLASS_ID: 3096 val |= 0x10; /* Object Transfer */ 3097 break; 3098 case HEADSET_SVCLASS_ID: 3099 case HANDSFREE_SVCLASS_ID: 3100 val |= 0x20; /* Audio */ 3101 break; 3102 case CORDLESS_TELEPHONY_SVCLASS_ID: 3103 case INTERCOM_SVCLASS_ID: 3104 case FAX_SVCLASS_ID: 3105 case SAP_SVCLASS_ID: 3106 /* 3107 * Setting the telephony bit for the handsfree audio gateway 3108 * role is not required by the HFP specification, but the 3109 * Nokia 616 carkit is just plain broken! It will refuse 3110 * pairing without this bit set. 3111 */ 3112 case HANDSFREE_AGW_SVCLASS_ID: 3113 val |= 0x40; /* Telephony */ 3114 break; 3115 case AUDIO_SOURCE_SVCLASS_ID: 3116 case VIDEO_SOURCE_SVCLASS_ID: 3117 val |= 0x08; /* Capturing */ 3118 break; 3119 case AUDIO_SINK_SVCLASS_ID: 3120 case VIDEO_SINK_SVCLASS_ID: 3121 val |= 0x04; /* Rendering */ 3122 break; 3123 case PANU_SVCLASS_ID: 3124 case NAP_SVCLASS_ID: 3125 case GN_SVCLASS_ID: 3126 val |= 0x02; /* Networking */ 3127 break; 3128 } 3129 } 3130 3131 return set_service_classes(index, val); 3132} 3133 3134static int hciops_disable_cod_cache(int index) 3135{ 3136 DBG("hci%d cache_enable %d", index, CACHE_ENABLE(index)); 3137 3138 if (!CACHE_ENABLE(index)) 3139 return 0; 3140 3141 DBG("hci%d current_cod 0x%06x wanted_cod 0x%06x", index, 3142 CURRENT_COD(index), WANTED_COD(index)); 3143 3144 /* Disable and flush svc cache. All successive service class 3145 * updates * will be written to the device */ 3146 CACHE_ENABLE(index) = FALSE; 3147 3148 if (CURRENT_COD(index) == WANTED_COD(index)) { 3149 update_ext_inquiry_response(index); 3150 return 0; 3151 } 3152 3153 return write_class(index, WANTED_COD(index)); 3154} 3155 3156static int hciops_restore_powered(int index) 3157{ 3158 if (!ALREADY_UP(index) && UP(index)) 3159 return hciops_stop(index); 3160 3161 return 0; 3162} 3163 3164static struct btd_adapter_ops hci_ops = { 3165 .setup = hciops_setup, 3166 .cleanup = hciops_cleanup, 3167 .start = hciops_start, 3168 .stop = hciops_stop, 3169 .set_powered = hciops_set_powered, 3170 .set_connectable = hciops_set_connectable, 3171 .set_discoverable = hciops_set_discoverable, 3172 .set_pairable = hciops_set_pairable, 3173 .set_limited_discoverable = hciops_set_limited_discoverable, 3174 .start_inquiry = hciops_start_inquiry, 3175 .stop_inquiry = hciops_stop_inquiry, 3176 .start_scanning = hciops_start_scanning, 3177 .stop_scanning = hciops_stop_scanning, 3178 .resolve_name = hciops_resolve_name, 3179 .cancel_resolve_name = hciops_cancel_resolve_name, 3180 .set_name = hciops_set_name, 3181 .set_dev_class = hciops_set_dev_class, 3182 .set_fast_connectable = hciops_fast_connectable, 3183 .read_clock = hciops_read_clock, 3184 .get_conn_handle = hciops_conn_handle, 3185 .read_bdaddr = hciops_read_bdaddr, 3186 .block_device = hciops_block_device, 3187 .unblock_device = hciops_unblock_device, 3188 .get_conn_list = hciops_get_conn_list, 3189 .read_local_version = hciops_read_local_version, 3190 .read_local_features = hciops_read_local_features, 3191 .read_local_ext_features = hciops_read_local_ext_features, 3192 .disconnect = hciops_disconnect, 3193 .remove_bonding = hciops_remove_bonding, 3194 .request_authentication = hciops_request_authentication, 3195 .pincode_reply = hciops_pincode_reply, 3196 .confirm_reply = hciops_confirm_reply, 3197 .passkey_reply = hciops_passkey_reply, 3198 .get_auth_info = hciops_get_auth_info, 3199 .read_scan_enable = hciops_read_scan_enable, 3200 .enable_le = hciops_enable_le, 3201 .get_remote_version = hciops_get_remote_version, 3202 .encrypt_link = hciops_encrypt_link, 3203 .set_did = hciops_set_did, 3204 .services_updated = hciops_services_updated, 3205 .disable_cod_cache = hciops_disable_cod_cache, 3206 .restore_powered = hciops_restore_powered, 3207}; 3208 3209static int hciops_init(void) 3210{ 3211 DBG(""); 3212 return btd_register_adapter_ops(&hci_ops, FALSE); 3213} 3214 3215static void hciops_exit(void) 3216{ 3217 DBG(""); 3218 btd_adapter_cleanup_ops(&hci_ops); 3219} 3220 3221BLUETOOTH_PLUGIN_DEFINE(hciops, VERSION, 3222 BLUETOOTH_PLUGIN_PRIORITY_LOW, hciops_init, hciops_exit) 3223