hciops.c revision b95ef500f79d9c2fb81be4866037bc1c7780e6f6
1/* 2 * 3 * BlueZ - Bluetooth protocol stack for Linux 4 * 5 * Copyright (C) 2004-2010 Marcel Holtmann <marcel@holtmann.org> 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 20 * 21 */ 22 23#ifdef HAVE_CONFIG_H 24#include <config.h> 25#endif 26 27#include <stdio.h> 28#include <errno.h> 29#include <unistd.h> 30#include <stdlib.h> 31#include <sys/types.h> 32#include <sys/ioctl.h> 33#include <sys/wait.h> 34 35#include <bluetooth/bluetooth.h> 36#include <bluetooth/hci.h> 37#include <bluetooth/hci_lib.h> 38 39#include <glib.h> 40 41#include "hcid.h" 42#include "sdpd.h" 43#include "adapter.h" 44#include "plugin.h" 45#include "log.h" 46#include "storage.h" 47#include "event.h" 48#include "device.h" 49#include "manager.h" 50 51static int child_pipe[2] = { -1, -1 }; 52 53static guint child_io_id = 0; 54static guint ctl_io_id = 0; 55 56/* Commands sent by kernel on starting an adapter */ 57enum { 58 PENDING_BDADDR, 59 PENDING_VERSION, 60 PENDING_FEATURES, 61 PENDING_NAME, 62}; 63 64static int max_dev = -1; 65static struct dev_info { 66 int sk; 67 bdaddr_t bdaddr; 68 char name[249]; 69 uint8_t eir[240]; 70 uint8_t features[8]; 71 uint8_t ssp_mode; 72 73 int8_t tx_power; 74 75 uint32_t current_cod; 76 uint32_t wanted_cod; 77 uint32_t pending_cod; 78 gboolean cache_enable; 79 gboolean already_up; 80 gboolean registered; 81 82 struct hci_version ver; 83 84 uint16_t did_vendor; 85 uint16_t did_product; 86 uint16_t did_version; 87 88 gboolean up; 89 unsigned long pending; 90 91 GIOChannel *io; 92 guint watch_id; 93 94 GSList *keys; 95 int pin_length; 96} *devs = NULL; 97 98static int ignore_device(struct hci_dev_info *di) 99{ 100 return hci_test_bit(HCI_RAW, &di->flags) || di->type >> 4 != HCI_BREDR; 101} 102 103static void init_dev_info(int index, int sk, gboolean registered) 104{ 105 struct dev_info *dev = &devs[index]; 106 107 memset(dev, 0, sizeof(*dev)); 108 109 dev->sk = sk; 110 dev->pin_length = -1; 111 dev->cache_enable = TRUE; 112 dev->registered = registered; 113} 114 115/* Async HCI command handling with callback support */ 116 117struct hci_cmd_data { 118 bt_hci_result_t cb; 119 uint16_t handle; 120 uint16_t ocf; 121 gpointer caller_data; 122}; 123 124static gboolean hci_event_watch(GIOChannel *io, 125 GIOCondition cond, gpointer user_data) 126{ 127 unsigned char buf[HCI_MAX_EVENT_SIZE], *body; 128 struct hci_cmd_data *cmd = user_data; 129 evt_cmd_status *evt_status; 130 evt_auth_complete *evt_auth; 131 evt_encrypt_change *evt_enc; 132 hci_event_hdr *hdr; 133 set_conn_encrypt_cp cp; 134 int dd; 135 uint16_t ocf; 136 uint8_t status = HCI_OE_POWER_OFF; 137 138 if (cond & G_IO_NVAL) { 139 cmd->cb(status, cmd->caller_data); 140 return FALSE; 141 } 142 143 if (cond & (G_IO_ERR | G_IO_HUP)) 144 goto failed; 145 146 dd = g_io_channel_unix_get_fd(io); 147 148 if (read(dd, buf, sizeof(buf)) < 0) 149 goto failed; 150 151 hdr = (hci_event_hdr *) (buf + 1); 152 body = buf + (1 + HCI_EVENT_HDR_SIZE); 153 154 switch (hdr->evt) { 155 case EVT_CMD_STATUS: 156 evt_status = (evt_cmd_status *) body; 157 ocf = cmd_opcode_ocf(evt_status->opcode); 158 if (ocf != cmd->ocf) 159 return TRUE; 160 switch (ocf) { 161 case OCF_AUTH_REQUESTED: 162 case OCF_SET_CONN_ENCRYPT: 163 if (evt_status->status != 0) { 164 /* Baseband rejected command */ 165 status = evt_status->status; 166 goto failed; 167 } 168 break; 169 default: 170 return TRUE; 171 } 172 /* Wait for the next event */ 173 return TRUE; 174 case EVT_AUTH_COMPLETE: 175 evt_auth = (evt_auth_complete *) body; 176 if (evt_auth->handle != cmd->handle) { 177 /* Skipping */ 178 return TRUE; 179 } 180 181 if (evt_auth->status != 0x00) { 182 status = evt_auth->status; 183 /* Abort encryption */ 184 goto failed; 185 } 186 187 memset(&cp, 0, sizeof(cp)); 188 cp.handle = cmd->handle; 189 cp.encrypt = 1; 190 191 cmd->ocf = OCF_SET_CONN_ENCRYPT; 192 193 if (hci_send_cmd(dd, OGF_LINK_CTL, OCF_SET_CONN_ENCRYPT, 194 SET_CONN_ENCRYPT_CP_SIZE, &cp) < 0) { 195 status = HCI_COMMAND_DISALLOWED; 196 goto failed; 197 } 198 /* Wait for encrypt change event */ 199 return TRUE; 200 case EVT_ENCRYPT_CHANGE: 201 evt_enc = (evt_encrypt_change *) body; 202 if (evt_enc->handle != cmd->handle) 203 return TRUE; 204 205 /* Procedure finished: reporting status */ 206 status = evt_enc->status; 207 break; 208 default: 209 /* Skipping */ 210 return TRUE; 211 } 212 213failed: 214 cmd->cb(status, cmd->caller_data); 215 g_io_channel_shutdown(io, TRUE, NULL); 216 217 return FALSE; 218} 219 220static int write_inq_mode(int index, uint8_t mode) 221{ 222 struct dev_info *dev = &devs[index]; 223 write_inquiry_mode_cp cp; 224 225 memset(&cp, 0, sizeof(cp)); 226 cp.mode = mode; 227 228 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_INQUIRY_MODE, 229 WRITE_INQUIRY_MODE_CP_SIZE, &cp) < 0) 230 return -errno; 231 232 return 0; 233} 234 235static uint8_t get_inquiry_mode(int index) 236{ 237 struct dev_info *dev = &devs[index]; 238 239 if (dev->features[6] & LMP_EXT_INQ) 240 return 2; 241 242 if (dev->features[3] & LMP_RSSI_INQ) 243 return 1; 244 245 if (dev->ver.manufacturer == 11 && dev->ver.hci_rev == 0x00 && 246 dev->ver.lmp_subver == 0x0757) 247 return 1; 248 249 if (dev->ver.manufacturer == 15) { 250 if (dev->ver.hci_rev == 0x03 && 251 dev->ver.lmp_subver == 0x6963) 252 return 1; 253 if (dev->ver.hci_rev == 0x09 && 254 dev->ver.lmp_subver == 0x6963) 255 return 1; 256 if (dev->ver.hci_rev == 0x00 && 257 dev->ver.lmp_subver == 0x6965) 258 return 1; 259 } 260 261 if (dev->ver.manufacturer == 31 && dev->ver.hci_rev == 0x2005 && 262 dev->ver.lmp_subver == 0x1805) 263 return 1; 264 265 return 0; 266} 267 268static int init_ssp_mode(int index) 269{ 270 struct dev_info *dev = &devs[index]; 271 write_simple_pairing_mode_cp cp; 272 273 if (ioctl(dev->sk, HCIGETAUTHINFO, NULL) < 0 && errno == EINVAL) 274 return 0; 275 276 memset(&cp, 0, sizeof(cp)); 277 cp.mode = 0x01; 278 279 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 280 OCF_WRITE_SIMPLE_PAIRING_MODE, 281 WRITE_SIMPLE_PAIRING_MODE_CP_SIZE, &cp) < 0) 282 return -errno; 283 284 return 0; 285} 286 287static int hciops_set_discoverable(int index, gboolean discoverable) 288{ 289 struct dev_info *dev = &devs[index]; 290 uint8_t mode; 291 292 if (discoverable) 293 mode = (SCAN_PAGE | SCAN_INQUIRY); 294 else 295 mode = SCAN_PAGE; 296 297 DBG("hci%d discoverable %d", index, discoverable); 298 299 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE, 300 1, &mode) < 0) 301 return -errno; 302 303 return 0; 304} 305 306static int hciops_set_pairable(int index, gboolean pairable) 307{ 308 DBG("hci%d pairable %d", index, pairable); 309 return -ENOSYS; 310} 311 312static int hciops_power_off(int index) 313{ 314 struct dev_info *dev = &devs[index]; 315 uint8_t mode = SCAN_DISABLED; 316 317 DBG("hci%d", index); 318 319 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 320 OCF_WRITE_SCAN_ENABLE, 1, &mode) < 0) 321 return -errno; 322 323 if (ioctl(dev->sk, HCIDEVDOWN, index) < 0 && errno != EALREADY) 324 return -errno; 325 326 return 0; 327} 328 329static void start_adapter(int index) 330{ 331 struct dev_info *dev = &devs[index]; 332 uint8_t events[8] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f, 0x00, 0x00 }; 333 uint8_t inqmode; 334 uint16_t link_policy; 335 336 if (dev->ver.lmp_ver > 1) { 337 if (dev->features[5] & LMP_SNIFF_SUBR) 338 events[5] |= 0x20; 339 340 if (dev->features[5] & LMP_PAUSE_ENC) 341 events[5] |= 0x80; 342 343 if (dev->features[6] & LMP_EXT_INQ) 344 events[5] |= 0x40; 345 346 if (dev->features[6] & LMP_NFLUSH_PKTS) 347 events[7] |= 0x01; 348 349 if (dev->features[7] & LMP_LSTO) 350 events[6] |= 0x80; 351 352 if (dev->features[6] & LMP_SIMPLE_PAIR) { 353 events[6] |= 0x01; /* IO Capability Request */ 354 events[6] |= 0x02; /* IO Capability Response */ 355 events[6] |= 0x04; /* User Confirmation Request */ 356 events[6] |= 0x08; /* User Passkey Request */ 357 events[6] |= 0x10; /* Remote OOB Data Request */ 358 events[6] |= 0x20; /* Simple Pairing Complete */ 359 events[7] |= 0x04; /* User Passkey Notification */ 360 events[7] |= 0x08; /* Keypress Notification */ 361 events[7] |= 0x10; /* Remote Host Supported 362 * Features Notification */ 363 } 364 365 if (dev->features[4] & LMP_LE) 366 events[7] |= 0x20; /* LE Meta-Event */ 367 368 hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_SET_EVENT_MASK, 369 sizeof(events), events); 370 } 371 372 if (dev->features[6] & LMP_SIMPLE_PAIR) 373 init_ssp_mode(index); 374 375 inqmode = get_inquiry_mode(index); 376 if (inqmode) 377 write_inq_mode(index, inqmode); 378 379 if (dev->features[7] & LMP_INQ_TX_PWR) 380 hci_send_cmd(dev->sk, OGF_HOST_CTL, 381 OCF_READ_INQ_RESPONSE_TX_POWER_LEVEL, 0, NULL); 382 383 /* Set default link policy */ 384 link_policy = main_opts.link_policy; 385 386 if (!(dev->features[0] & LMP_RSWITCH)) 387 link_policy &= ~HCI_LP_RSWITCH; 388 if (!(dev->features[0] & LMP_HOLD)) 389 link_policy &= ~HCI_LP_HOLD; 390 if (!(dev->features[0] & LMP_SNIFF)) 391 link_policy &= ~HCI_LP_SNIFF; 392 if (!(dev->features[1] & LMP_PARK)) 393 link_policy &= ~HCI_LP_PARK; 394 395 link_policy = htobs(link_policy); 396 hci_send_cmd(dev->sk, OGF_LINK_POLICY, OCF_WRITE_DEFAULT_LINK_POLICY, 397 sizeof(link_policy), &link_policy); 398 399 dev->current_cod = 0; 400 memset(dev->eir, 0, sizeof(dev->eir)); 401} 402 403static gboolean init_adapter(int index) 404{ 405 struct dev_info *dev = &devs[index]; 406 struct btd_adapter *adapter = NULL; 407 gboolean existing_adapter = dev->registered; 408 uint8_t mode, on_mode; 409 gboolean pairable, discoverable; 410 411 if (!dev->registered) { 412 adapter = btd_manager_register_adapter(index); 413 if (adapter) 414 dev->registered = TRUE; 415 } else { 416 adapter = manager_find_adapter(&dev->bdaddr); 417 /* FIXME: manager_find_adapter should return a new ref */ 418 btd_adapter_ref(adapter); 419 } 420 421 if (adapter == NULL) 422 return FALSE; 423 424 btd_adapter_get_state(adapter, &mode, &on_mode, &pairable); 425 426 if (existing_adapter) 427 mode = on_mode; 428 429 if (mode == MODE_OFF) { 430 hciops_power_off(index); 431 goto done; 432 } 433 434 start_adapter(index); 435 btd_adapter_start(adapter); 436 437 discoverable = (mode == MODE_DISCOVERABLE); 438 439 hciops_set_discoverable(index, discoverable); 440 hciops_set_pairable(index, pairable); 441 442done: 443 btd_adapter_unref(adapter); 444 return TRUE; 445} 446 447static int hciops_encrypt_link(int index, bdaddr_t *dst, bt_hci_result_t cb, 448 gpointer user_data) 449{ 450 GIOChannel *io; 451 struct hci_cmd_data *cmd; 452 struct hci_conn_info_req *cr; 453 auth_requested_cp cp; 454 struct hci_filter nf; 455 int dd, err; 456 uint32_t link_mode; 457 uint16_t handle; 458 459 dd = hci_open_dev(index); 460 if (dd < 0) 461 return -errno; 462 463 cr = g_malloc0(sizeof(*cr) + sizeof(struct hci_conn_info)); 464 cr->type = ACL_LINK; 465 bacpy(&cr->bdaddr, dst); 466 467 err = ioctl(dd, HCIGETCONNINFO, cr); 468 link_mode = cr->conn_info->link_mode; 469 handle = cr->conn_info->handle; 470 g_free(cr); 471 472 if (err < 0) { 473 err = -errno; 474 goto fail; 475 } 476 477 if (link_mode & HCI_LM_ENCRYPT) { 478 err = -EALREADY; 479 goto fail; 480 } 481 482 memset(&cp, 0, sizeof(cp)); 483 cp.handle = htobs(handle); 484 485 if (hci_send_cmd(dd, OGF_LINK_CTL, OCF_AUTH_REQUESTED, 486 AUTH_REQUESTED_CP_SIZE, &cp) < 0) { 487 err = -errno; 488 goto fail; 489 } 490 491 cmd = g_new0(struct hci_cmd_data, 1); 492 cmd->handle = handle; 493 cmd->ocf = OCF_AUTH_REQUESTED; 494 cmd->cb = cb; 495 cmd->caller_data = user_data; 496 497 hci_filter_clear(&nf); 498 hci_filter_set_ptype(HCI_EVENT_PKT, &nf); 499 hci_filter_set_event(EVT_CMD_STATUS, &nf); 500 hci_filter_set_event(EVT_AUTH_COMPLETE, &nf); 501 hci_filter_set_event(EVT_ENCRYPT_CHANGE, &nf); 502 503 if (setsockopt(dd, SOL_HCI, HCI_FILTER, &nf, sizeof(nf)) < 0) { 504 err = -errno; 505 g_free(cmd); 506 goto fail; 507 } 508 509 io = g_io_channel_unix_new(dd); 510 g_io_channel_set_close_on_unref(io, FALSE); 511 g_io_add_watch_full(io, G_PRIORITY_DEFAULT, 512 G_IO_HUP | G_IO_ERR | G_IO_NVAL | G_IO_IN, 513 hci_event_watch, cmd, g_free); 514 g_io_channel_unref(io); 515 516 return 0; 517 518fail: 519 close(dd); 520 return err; 521} 522 523static int hciops_set_did(int index, uint16_t vendor, uint16_t product, 524 uint16_t version) 525{ 526 struct dev_info *dev = &devs[index]; 527 528 dev->did_vendor = vendor; 529 dev->did_product = product; 530 dev->did_version = version; 531 532 return 0; 533} 534 535/* End async HCI command handling */ 536 537/* Start of HCI event callbacks */ 538 539static int disconnect_handle(int index, uint16_t handle, uint8_t reason) 540{ 541 struct dev_info *dev = &devs[index]; 542 disconnect_cp cp; 543 544 memset(&cp, 0, sizeof(cp)); cp.handle = htobs(handle); 545 cp.reason = reason; 546 547 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_DISCONNECT, 548 DISCONNECT_CP_SIZE, &cp) < 0) 549 return -errno; 550 551 return 0; 552} 553 554static int disconnect_addr(int index, bdaddr_t *dba, uint8_t reason) 555{ 556 struct dev_info *dev = &devs[index]; 557 struct hci_conn_list_req *cl; 558 struct hci_conn_info *ci; 559 int i, err; 560 561 cl = g_malloc0(10 * sizeof(*ci) + sizeof(*cl)); 562 563 cl->dev_id = index; 564 cl->conn_num = 10; 565 ci = cl->conn_info; 566 567 if (ioctl(dev->sk, HCIGETCONNLIST, (void *) cl) < 0) { 568 err = -errno; 569 goto failed; 570 } 571 572 err = -ENOENT; 573 574 for (i = 0; i < cl->conn_num; i++, ci++) { 575 if (bacmp(&ci->bdaddr, dba) == 0) { 576 err = disconnect_handle(index, ci->handle, reason); 577 break; 578 } 579 } 580 581failed: 582 g_free(cl); 583 return err; 584} 585 586static inline int get_bdaddr(int index, uint16_t handle, bdaddr_t *dba) 587{ 588 struct dev_info *dev = &devs[index]; 589 struct hci_conn_list_req *cl; 590 struct hci_conn_info *ci; 591 int i; 592 593 cl = g_malloc0(10 * sizeof(*ci) + sizeof(*cl)); 594 595 cl->dev_id = index; 596 cl->conn_num = 10; 597 ci = cl->conn_info; 598 599 if (ioctl(dev->sk, HCIGETCONNLIST, (void *) cl) < 0) { 600 g_free(cl); 601 return -EIO; 602 } 603 604 for (i = 0; i < cl->conn_num; i++, ci++) 605 if (ci->handle == handle) { 606 bacpy(dba, &ci->bdaddr); 607 g_free(cl); 608 return 0; 609 } 610 611 g_free(cl); 612 613 return -ENOENT; 614} 615 616static inline void update_lastseen(bdaddr_t *sba, bdaddr_t *dba) 617{ 618 time_t t; 619 struct tm *tm; 620 621 t = time(NULL); 622 tm = gmtime(&t); 623 624 write_lastseen_info(sba, dba, tm); 625} 626 627static inline void update_lastused(bdaddr_t *sba, bdaddr_t *dba) 628{ 629 time_t t; 630 struct tm *tm; 631 632 t = time(NULL); 633 tm = gmtime(&t); 634 635 write_lastused_info(sba, dba, tm); 636} 637 638/* Link Key handling */ 639 640static void link_key_request(int index, bdaddr_t *dba) 641{ 642 struct dev_info *dev = &devs[index]; 643 struct btd_adapter *adapter; 644 struct btd_device *device; 645 struct hci_auth_info_req req; 646 GSList *match; 647 struct link_key_info *key_info; 648 unsigned char key[16]; 649 char da[18]; 650 uint8_t type; 651 int err; 652 653 ba2str(dba, da); 654 DBG("hci%d dba %s", index, da); 655 656 adapter = manager_find_adapter(&dev->bdaddr); 657 if (adapter) 658 device = adapter_find_device(adapter, da); 659 else 660 device = NULL; 661 662 memset(&req, 0, sizeof(req)); 663 bacpy(&req.bdaddr, dba); 664 665 err = ioctl(dev->sk, HCIGETAUTHINFO, (unsigned long) &req); 666 if (err < 0) { 667 if (errno != EINVAL) 668 DBG("HCIGETAUTHINFO failed %s (%d)", 669 strerror(errno), errno); 670 req.type = 0x00; 671 } 672 673 DBG("kernel auth requirements = 0x%02x", req.type); 674 675 match = g_slist_find_custom(dev->keys, dba, (GCompareFunc) bacmp); 676 if (match) 677 key_info = match->data; 678 else 679 key_info = NULL; 680 681 DBG("Matching key %s", key_info ? "found" : "not found"); 682 683 if (key_info) { 684 memcpy(key, key_info->key, sizeof(key)); 685 type = key_info->type; 686 } else 687 type = 0xff; 688 689 if (device && device_get_debug_key(device, key)) 690 type = 0x03; 691 else if (key_info == NULL || key_info->type == 0x03) { 692 /* Link key not found */ 693 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_LINK_KEY_NEG_REPLY, 694 6, dba); 695 return; 696 } 697 698 /* Link key found */ 699 700 DBG("link key type 0x%02x", type); 701 702 /* Don't use unauthenticated combination keys if MITM is 703 * required */ 704 if (type == 0x04 && req.type != 0xff && (req.type & 0x01)) 705 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_LINK_KEY_NEG_REPLY, 706 6, dba); 707 else { 708 link_key_reply_cp lr; 709 710 memcpy(lr.link_key, key, 16); 711 bacpy(&lr.bdaddr, dba); 712 713 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_LINK_KEY_REPLY, 714 LINK_KEY_REPLY_CP_SIZE, &lr); 715 } 716} 717 718static void link_key_notify(int index, void *ptr) 719{ 720 struct dev_info *dev = &devs[index]; 721 evt_link_key_notify *evt = ptr; 722 bdaddr_t *dba = &evt->bdaddr; 723 struct link_key_info *key_info; 724 GSList *match; 725 uint8_t old_key_type, reason; 726 char da[18]; 727 int err; 728 729 ba2str(dba, da); 730 DBG("hci%d dba %s type %d", index, da, evt->key_type); 731 732 match = g_slist_find_custom(dev->keys, dba, (GCompareFunc) bacmp); 733 if (match) 734 key_info = match->data; 735 else 736 key_info = NULL; 737 738 if (key_info == NULL) { 739 key_info = g_new0(struct link_key_info, 1); 740 bacpy(&key_info->bdaddr, &evt->bdaddr); 741 old_key_type = 0xff; 742 } else { 743 dev->keys = g_slist_remove(dev->keys, key_info); 744 old_key_type = key_info->type; 745 } 746 747 memcpy(key_info->key, evt->link_key, sizeof(evt->link_key)); 748 key_info->type = evt->key_type; 749 key_info->pin_len = dev->pin_length; 750 751 err = btd_event_link_key_notify(&dev->bdaddr, dba, evt->link_key, 752 evt->key_type, dev->pin_length, 753 old_key_type); 754 dev->pin_length = -1; 755 756 if (err == 0) { 757 dev->keys = g_slist_append(dev->keys, key_info); 758 return; 759 } 760 761 g_free(key_info); 762 763 if (err == -ENODEV) 764 reason = HCI_OE_LOW_RESOURCES; 765 else 766 reason = HCI_MEMORY_FULL; 767 768 btd_event_bonding_process_complete(&dev->bdaddr, dba, reason); 769 770 disconnect_addr(index, dba, reason); 771} 772 773static void return_link_keys(int index, void *ptr) 774{ 775 struct dev_info *dev = &devs[index]; 776 evt_return_link_keys *evt = ptr; 777 uint8_t num = evt->num_keys; 778 unsigned char key[16]; 779 char da[18]; 780 bdaddr_t dba; 781 int i; 782 783 DBG("hci%d num_keys %u", index, num); 784 785 ptr++; 786 787 for (i = 0; i < num; i++) { 788 bacpy(&dba, ptr); ba2str(&dba, da); 789 memcpy(key, ptr + 6, 16); 790 791 DBG("hci%d returned key for %s", index, da); 792 793 btd_event_returned_link_key(&dev->bdaddr, &dba); 794 795 ptr += 22; 796 } 797} 798 799/* Simple Pairing handling */ 800 801static void user_confirm_request(int index, void *ptr) 802{ 803 struct dev_info *dev = &devs[index]; 804 evt_user_confirm_request *req = ptr; 805 806 DBG("hci%d", index); 807 808 if (btd_event_user_confirm(&dev->bdaddr, &req->bdaddr, 809 btohl(req->passkey)) < 0) 810 hci_send_cmd(dev->sk, OGF_LINK_CTL, 811 OCF_USER_CONFIRM_NEG_REPLY, 6, ptr); 812} 813 814static void user_passkey_request(int index, void *ptr) 815{ 816 struct dev_info *dev = &devs[index]; 817 evt_user_passkey_request *req = ptr; 818 819 DBG("hci%d", index); 820 821 if (btd_event_user_passkey(&dev->bdaddr, &req->bdaddr) < 0) 822 hci_send_cmd(dev->sk, OGF_LINK_CTL, 823 OCF_USER_PASSKEY_NEG_REPLY, 6, ptr); 824} 825 826static void user_passkey_notify(int index, void *ptr) 827{ 828 struct dev_info *dev = &devs[index]; 829 evt_user_passkey_notify *req = ptr; 830 831 DBG("hci%d", index); 832 833 btd_event_user_notify(&dev->bdaddr, &req->bdaddr, 834 btohl(req->passkey)); 835} 836 837static void remote_oob_data_request(int index, void *ptr) 838{ 839 struct dev_info *dev = &devs[index]; 840 841 DBG("hci%d", index); 842 843 hci_send_cmd(dev->sk, OGF_LINK_CTL, 844 OCF_REMOTE_OOB_DATA_NEG_REPLY, 6, ptr); 845} 846 847static void io_capa_request(int index, void *ptr) 848{ 849 struct dev_info *dev = &devs[index]; 850 bdaddr_t *dba = ptr; 851 char da[18]; 852 uint8_t cap, auth; 853 854 ba2str(dba, da); 855 DBG("hci%d IO capability request for %s", index, da); 856 857 if (btd_event_get_io_cap(&dev->bdaddr, dba, &cap, &auth) < 0) { 858 io_capability_neg_reply_cp cp; 859 memset(&cp, 0, sizeof(cp)); 860 bacpy(&cp.bdaddr, dba); 861 cp.reason = HCI_PAIRING_NOT_ALLOWED; 862 hci_send_cmd(dev->sk, OGF_LINK_CTL, 863 OCF_IO_CAPABILITY_NEG_REPLY, 864 IO_CAPABILITY_NEG_REPLY_CP_SIZE, &cp); 865 } else { 866 io_capability_reply_cp cp; 867 memset(&cp, 0, sizeof(cp)); 868 bacpy(&cp.bdaddr, dba); 869 cp.capability = cap; 870 cp.oob_data = 0x00; 871 cp.authentication = auth; 872 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_IO_CAPABILITY_REPLY, 873 IO_CAPABILITY_REPLY_CP_SIZE, &cp); 874 } 875} 876 877static void io_capa_response(int index, void *ptr) 878{ 879 struct dev_info *dev = &devs[index]; 880 evt_io_capability_response *evt = ptr; 881 char da[18]; 882 883 ba2str(&evt->bdaddr, da); 884 DBG("hci%d IO capability response from %s", index, da); 885 886 btd_event_set_io_cap(&dev->bdaddr, &evt->bdaddr, 887 evt->capability, evt->authentication); 888} 889 890/* PIN code handling */ 891 892static void pin_code_request(int index, bdaddr_t *dba) 893{ 894 struct dev_info *dev = &devs[index]; 895 pin_code_reply_cp pr; 896 struct hci_conn_info_req *cr; 897 struct hci_conn_info *ci; 898 char da[18], pin[17]; 899 int pinlen; 900 901 memset(&pr, 0, sizeof(pr)); 902 bacpy(&pr.bdaddr, dba); 903 904 ba2str(dba, da); 905 DBG("hci%d PIN request for %s", index, da); 906 907 cr = g_malloc0(sizeof(*cr) + sizeof(*ci)); 908 909 bacpy(&cr->bdaddr, dba); 910 cr->type = ACL_LINK; 911 if (ioctl(dev->sk, HCIGETCONNINFO, (unsigned long) cr) < 0) { 912 error("Can't get conn info: %s (%d)", strerror(errno), errno); 913 goto reject; 914 } 915 ci = cr->conn_info; 916 917 memset(pin, 0, sizeof(pin)); 918 pinlen = read_pin_code(&dev->bdaddr, dba, pin); 919 920 if (pinlen > 0) { 921 dev->pin_length = pinlen; 922 memcpy(pr.pin_code, pin, pinlen); 923 pr.pin_len = pinlen; 924 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_PIN_CODE_REPLY, 925 PIN_CODE_REPLY_CP_SIZE, &pr); 926 } else { 927 /* Request PIN from passkey agent */ 928 if (btd_event_request_pin(&dev->bdaddr, ci) < 0) 929 goto reject; 930 } 931 932 g_free(cr); 933 934 return; 935 936reject: 937 g_free(cr); 938 939 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_PIN_CODE_NEG_REPLY, 6, dba); 940} 941 942static void start_inquiry(bdaddr_t *local, uint8_t status, gboolean periodic) 943{ 944 struct btd_adapter *adapter; 945 int state; 946 947 /* Don't send the signal if the cmd failed */ 948 if (status) { 949 error("Inquiry Failed with status 0x%02x", status); 950 return; 951 } 952 953 adapter = manager_find_adapter(local); 954 if (!adapter) { 955 error("Unable to find matching adapter"); 956 return; 957 } 958 959 state = adapter_get_state(adapter); 960 961 if (periodic) 962 state |= STATE_PINQ; 963 else 964 state |= STATE_STDINQ; 965 966 adapter_set_state(adapter, state); 967} 968 969static void inquiry_complete(bdaddr_t *local, uint8_t status, 970 gboolean periodic) 971{ 972 struct btd_adapter *adapter; 973 int state; 974 975 /* Don't send the signal if the cmd failed */ 976 if (status) { 977 error("Inquiry Failed with status 0x%02x", status); 978 return; 979 } 980 981 adapter = manager_find_adapter(local); 982 if (!adapter) { 983 error("Unable to find matching adapter"); 984 return; 985 } 986 987 state = adapter_get_state(adapter); 988 state &= ~(STATE_STDINQ | STATE_PINQ); 989 adapter_set_state(adapter, state); 990} 991 992static inline void remote_features_notify(int index, void *ptr) 993{ 994 struct dev_info *dev = &devs[index]; 995 evt_remote_host_features_notify *evt = ptr; 996 997 if (evt->features[0] & 0x01) 998 btd_event_set_legacy_pairing(&dev->bdaddr, &evt->bdaddr, 999 FALSE); 1000 else 1001 btd_event_set_legacy_pairing(&dev->bdaddr, &evt->bdaddr, 1002 TRUE); 1003 1004 write_features_info(&dev->bdaddr, &evt->bdaddr, NULL, evt->features); 1005} 1006 1007static void write_le_host_complete(int index, uint8_t status) 1008{ 1009 struct dev_info *dev = &devs[index]; 1010 uint8_t page_num = 0x01; 1011 1012 if (status) 1013 return; 1014 1015 if (hci_send_cmd(dev->sk, OGF_INFO_PARAM, 1016 OCF_READ_LOCAL_EXT_FEATURES, 1, &page_num) < 0) 1017 error("Unable to read extended local features: %s (%d)", 1018 strerror(errno), errno); 1019} 1020 1021static void read_local_version_complete(int index, 1022 const read_local_version_rp *rp) 1023{ 1024 struct dev_info *dev = &devs[index]; 1025 1026 if (rp->status) 1027 return; 1028 1029 dev->ver.manufacturer = btohs(bt_get_unaligned(&rp->manufacturer)); 1030 dev->ver.hci_ver = rp->hci_ver; 1031 dev->ver.hci_rev = btohs(bt_get_unaligned(&rp->hci_rev)); 1032 dev->ver.lmp_ver = rp->lmp_ver; 1033 dev->ver.lmp_subver = btohs(bt_get_unaligned(&rp->lmp_subver)); 1034 1035 if (!dev->pending) 1036 return; 1037 1038 hci_clear_bit(PENDING_VERSION, &dev->pending); 1039 1040 DBG("Got version for hci%d", index); 1041 1042 if (!dev->pending && dev->up) 1043 init_adapter(index); 1044} 1045 1046static void read_local_features_complete(int index, 1047 const read_local_features_rp *rp) 1048{ 1049 struct dev_info *dev = &devs[index]; 1050 1051 if (rp->status) 1052 return; 1053 1054 memcpy(dev->features, rp->features, 8); 1055 1056 if (!dev->pending) 1057 return; 1058 1059 hci_clear_bit(PENDING_FEATURES, &dev->pending); 1060 1061 DBG("Got features for hci%d", index); 1062 1063 if (!dev->pending && dev->up) 1064 init_adapter(index); 1065} 1066 1067#define SIZEOF_UUID128 16 1068 1069static void eir_generate_uuid128(sdp_list_t *list, 1070 uint8_t *ptr, uint16_t *eir_len) 1071{ 1072 int i, k, uuid_count = 0; 1073 uint16_t len = *eir_len; 1074 uint8_t *uuid128; 1075 gboolean truncated = FALSE; 1076 1077 /* Store UUIDs in place, skip 2 bytes to write type and length later */ 1078 uuid128 = ptr + 2; 1079 1080 for (; list; list = list->next) { 1081 sdp_record_t *rec = list->data; 1082 uint8_t *uuid128_data = rec->svclass.value.uuid128.data; 1083 1084 if (rec->svclass.type != SDP_UUID128) 1085 continue; 1086 1087 /* Stop if not enough space to put next UUID128 */ 1088 if ((len + 2 + SIZEOF_UUID128) > EIR_DATA_LENGTH) { 1089 truncated = TRUE; 1090 break; 1091 } 1092 1093 /* Check for duplicates, EIR data is Little Endian */ 1094 for (i = 0; i < uuid_count; i++) { 1095 for (k = 0; k < SIZEOF_UUID128; k++) { 1096 if (uuid128[i * SIZEOF_UUID128 + k] != 1097 uuid128_data[SIZEOF_UUID128 - 1 - k]) 1098 break; 1099 } 1100 if (k == SIZEOF_UUID128) 1101 break; 1102 } 1103 1104 if (i < uuid_count) 1105 continue; 1106 1107 /* EIR data is Little Endian */ 1108 for (k = 0; k < SIZEOF_UUID128; k++) 1109 uuid128[uuid_count * SIZEOF_UUID128 + k] = 1110 uuid128_data[SIZEOF_UUID128 - 1 - k]; 1111 1112 len += SIZEOF_UUID128; 1113 uuid_count++; 1114 } 1115 1116 if (uuid_count > 0 || truncated) { 1117 /* EIR Data length */ 1118 ptr[0] = (uuid_count * SIZEOF_UUID128) + 1; 1119 /* EIR Data type */ 1120 ptr[1] = truncated ? EIR_UUID128_SOME : EIR_UUID128_ALL; 1121 len += 2; 1122 *eir_len = len; 1123 } 1124} 1125 1126static void create_ext_inquiry_response(int index, uint8_t *data) 1127{ 1128 struct dev_info *dev = &devs[index]; 1129 sdp_list_t *services; 1130 sdp_list_t *list; 1131 uint8_t *ptr = data; 1132 uint16_t eir_len = 0; 1133 uint16_t uuid16[EIR_DATA_LENGTH / 2]; 1134 int i, uuid_count = 0; 1135 gboolean truncated = FALSE; 1136 struct btd_adapter *adapter; 1137 size_t name_len; 1138 1139 name_len = strlen(dev->name); 1140 1141 if (name_len > 0) { 1142 /* EIR Data type */ 1143 if (name_len > 48) { 1144 name_len = 48; 1145 ptr[1] = EIR_NAME_SHORT; 1146 } else 1147 ptr[1] = EIR_NAME_COMPLETE; 1148 1149 /* EIR Data length */ 1150 ptr[0] = name_len + 1; 1151 1152 memcpy(ptr + 2, dev->name, name_len); 1153 1154 eir_len += (name_len + 2); 1155 ptr += (name_len + 2); 1156 } 1157 1158 if (dev->tx_power != 0) { 1159 *ptr++ = 2; 1160 *ptr++ = EIR_TX_POWER; 1161 *ptr++ = (uint8_t) dev->tx_power; 1162 eir_len += 3; 1163 } 1164 1165 if (dev->did_vendor != 0x0000) { 1166 uint16_t source = 0x0002; 1167 *ptr++ = 9; 1168 *ptr++ = EIR_DEVICE_ID; 1169 *ptr++ = (source & 0x00ff); 1170 *ptr++ = (source & 0xff00) >> 8; 1171 *ptr++ = (dev->did_vendor & 0x00ff); 1172 *ptr++ = (dev->did_vendor & 0xff00) >> 8; 1173 *ptr++ = (dev->did_product & 0x00ff); 1174 *ptr++ = (dev->did_product & 0xff00) >> 8; 1175 *ptr++ = (dev->did_version & 0x00ff); 1176 *ptr++ = (dev->did_version & 0xff00) >> 8; 1177 eir_len += 10; 1178 } 1179 1180 adapter = manager_find_adapter(&dev->bdaddr); 1181 if (adapter == NULL) 1182 return; 1183 1184 services = adapter_get_services(adapter); 1185 1186 /* Group all UUID16 types */ 1187 for (list = services; list; list = list->next) { 1188 sdp_record_t *rec = list->data; 1189 1190 if (rec->svclass.type != SDP_UUID16) 1191 continue; 1192 1193 if (rec->svclass.value.uuid16 < 0x1100) 1194 continue; 1195 1196 if (rec->svclass.value.uuid16 == PNP_INFO_SVCLASS_ID) 1197 continue; 1198 1199 /* Stop if not enough space to put next UUID16 */ 1200 if ((eir_len + 2 + sizeof(uint16_t)) > EIR_DATA_LENGTH) { 1201 truncated = TRUE; 1202 break; 1203 } 1204 1205 /* Check for duplicates */ 1206 for (i = 0; i < uuid_count; i++) 1207 if (uuid16[i] == rec->svclass.value.uuid16) 1208 break; 1209 1210 if (i < uuid_count) 1211 continue; 1212 1213 uuid16[uuid_count++] = rec->svclass.value.uuid16; 1214 eir_len += sizeof(uint16_t); 1215 } 1216 1217 if (uuid_count > 0) { 1218 /* EIR Data length */ 1219 ptr[0] = (uuid_count * sizeof(uint16_t)) + 1; 1220 /* EIR Data type */ 1221 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL; 1222 1223 ptr += 2; 1224 eir_len += 2; 1225 1226 for (i = 0; i < uuid_count; i++) { 1227 *ptr++ = (uuid16[i] & 0x00ff); 1228 *ptr++ = (uuid16[i] & 0xff00) >> 8; 1229 } 1230 } 1231 1232 /* Group all UUID128 types */ 1233 if (eir_len <= EIR_DATA_LENGTH - 2) 1234 eir_generate_uuid128(services, ptr, &eir_len); 1235} 1236 1237static void update_ext_inquiry_response(int index) 1238{ 1239 struct dev_info *dev = &devs[index]; 1240 write_ext_inquiry_response_cp cp; 1241 1242 DBG("hci%d", index); 1243 1244 if (!(dev->features[6] & LMP_EXT_INQ)) 1245 return; 1246 1247 if (dev->ssp_mode == 0) 1248 return; 1249 1250 if (dev->cache_enable) 1251 return; 1252 1253 memset(&cp, 0, sizeof(cp)); 1254 1255 create_ext_inquiry_response(index, cp.data); 1256 1257 if (memcmp(cp.data, dev->eir, sizeof(cp.data)) == 0) 1258 return; 1259 1260 memcpy(dev->eir, cp.data, sizeof(cp.data)); 1261 1262 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 1263 OCF_WRITE_EXT_INQUIRY_RESPONSE, 1264 WRITE_EXT_INQUIRY_RESPONSE_CP_SIZE, &cp) < 0) 1265 error("Unable to write EIR data: %s (%d)", 1266 strerror(errno), errno); 1267} 1268 1269static void update_name(int index, const char *name) 1270{ 1271 struct dev_info *dev = &devs[index]; 1272 struct btd_adapter *adapter; 1273 1274 adapter = manager_find_adapter(&dev->bdaddr); 1275 if (adapter) 1276 adapter_update_local_name(adapter, name); 1277 1278 update_ext_inquiry_response(index); 1279} 1280 1281static void read_local_name_complete(int index, read_local_name_rp *rp) 1282{ 1283 struct dev_info *dev = &devs[index]; 1284 1285 DBG("hci%d status %u", index, rp->status); 1286 1287 if (rp->status) 1288 return; 1289 1290 memcpy(dev->name, rp->name, 248); 1291 1292 if (!dev->pending) { 1293 update_name(index, (char *) rp->name); 1294 return; 1295 } 1296 1297 hci_clear_bit(PENDING_NAME, &dev->pending); 1298 1299 DBG("Got name for hci%d", index); 1300 1301 if (!dev->up) 1302 return; 1303 1304 /* Even though it shouldn't happen (assuming the kernel behaves 1305 * properly) it seems like we might miss the very first 1306 * initialization commands that the kernel sends. So check for 1307 * it here (since read_local_name is one of the last init 1308 * commands) and resend the first ones if we haven't seen 1309 * their results yet */ 1310 1311 if (hci_test_bit(PENDING_FEATURES, &dev->pending)) 1312 hci_send_cmd(dev->sk, OGF_INFO_PARAM, 1313 OCF_READ_LOCAL_FEATURES, 0, NULL); 1314 1315 if (hci_test_bit(PENDING_VERSION, &dev->pending)) 1316 hci_send_cmd(dev->sk, OGF_INFO_PARAM, 1317 OCF_READ_LOCAL_VERSION, 0, NULL); 1318 1319 if (!dev->pending) 1320 init_adapter(index); 1321} 1322 1323static void read_tx_power_complete(int index, void *ptr) 1324{ 1325 struct dev_info *dev = &devs[index]; 1326 1327 read_inq_response_tx_power_level_rp *rp = ptr; 1328 1329 DBG("hci%d status %u", index, rp->status); 1330 1331 if (rp->status) 1332 return; 1333 1334 dev->tx_power = rp->level; 1335 update_ext_inquiry_response(index); 1336} 1337 1338static void read_simple_pairing_mode_complete(int index, void *ptr) 1339{ 1340 struct dev_info *dev = &devs[index]; 1341 read_simple_pairing_mode_rp *rp = ptr; 1342 struct btd_adapter *adapter; 1343 1344 DBG("hci%d status %u", index, rp->status); 1345 1346 if (rp->status) 1347 return; 1348 1349 dev->ssp_mode = rp->mode; 1350 update_ext_inquiry_response(index); 1351 1352 adapter = manager_find_adapter(&dev->bdaddr); 1353 if (!adapter) { 1354 error("No matching adapter found"); 1355 return; 1356 } 1357 1358 adapter_update_ssp_mode(adapter, rp->mode); 1359} 1360 1361static void read_local_ext_features_complete(int index, 1362 const read_local_ext_features_rp *rp) 1363{ 1364 struct dev_info *dev = &devs[index]; 1365 struct btd_adapter *adapter; 1366 1367 DBG("hci%d status %u", index, rp->status); 1368 1369 if (rp->status) 1370 return; 1371 1372 adapter = manager_find_adapter(&dev->bdaddr); 1373 if (!adapter) { 1374 error("No matching adapter found"); 1375 return; 1376 } 1377 1378 /* Local Extended feature page number is 1 */ 1379 if (rp->page_num != 1) 1380 return; 1381 1382 btd_adapter_update_local_ext_features(adapter, rp->features); 1383} 1384 1385static void read_bd_addr_complete(int index, read_bd_addr_rp *rp) 1386{ 1387 struct dev_info *dev = &devs[index]; 1388 1389 DBG("hci%d status %u", index, rp->status); 1390 1391 if (rp->status) 1392 return; 1393 1394 bacpy(&dev->bdaddr, &rp->bdaddr); 1395 1396 if (!dev->pending) 1397 return; 1398 1399 hci_clear_bit(PENDING_BDADDR, &dev->pending); 1400 1401 DBG("Got bdaddr for hci%d", index); 1402 1403 if (!dev->pending && dev->up) 1404 init_adapter(index); 1405} 1406 1407static inline void cmd_status(int index, void *ptr) 1408{ 1409 struct dev_info *dev = &devs[index]; 1410 evt_cmd_status *evt = ptr; 1411 uint16_t opcode = btohs(evt->opcode); 1412 1413 if (opcode == cmd_opcode_pack(OGF_LINK_CTL, OCF_INQUIRY)) 1414 start_inquiry(&dev->bdaddr, evt->status, FALSE); 1415} 1416 1417static void read_scan_complete(int index, uint8_t status, void *ptr) 1418{ 1419 struct dev_info *dev = &devs[index]; 1420 struct btd_adapter *adapter; 1421 read_scan_enable_rp *rp = ptr; 1422 1423 DBG("hci%d status %u", index, status); 1424 1425 adapter = manager_find_adapter(&dev->bdaddr); 1426 1427 if (!adapter) { 1428 error("Unable to find matching adapter"); 1429 return; 1430 } 1431 1432 adapter_mode_changed(adapter, rp->enable); 1433} 1434 1435static int write_class(int index, uint32_t class) 1436{ 1437 struct dev_info *dev = &devs[index]; 1438 write_class_of_dev_cp cp; 1439 1440 DBG("hci%d class 0x%06x", index, class); 1441 1442 memcpy(cp.dev_class, &class, 3); 1443 1444 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_CLASS_OF_DEV, 1445 WRITE_CLASS_OF_DEV_CP_SIZE, &cp) < 0) 1446 return -errno; 1447 1448 dev->pending_cod = class; 1449 1450 return 0; 1451} 1452 1453/* Limited Discoverable bit mask in CoD */ 1454#define LIMITED_BIT 0x002000 1455 1456static int hciops_set_limited_discoverable(int index, gboolean limited) 1457{ 1458 struct dev_info *dev = &devs[index]; 1459 int num = (limited ? 2 : 1); 1460 uint8_t lap[] = { 0x33, 0x8b, 0x9e, 0x00, 0x8b, 0x9e }; 1461 write_current_iac_lap_cp cp; 1462 1463 DBG("hci%d limited %d", index, limited); 1464 1465 /* Check if limited bit needs to be set/reset */ 1466 if (limited) 1467 dev->wanted_cod |= LIMITED_BIT; 1468 else 1469 dev->wanted_cod &= ~LIMITED_BIT; 1470 1471 /* If we dont need the toggling, save an unnecessary CoD write */ 1472 if (dev->pending_cod || dev->wanted_cod == dev->current_cod) 1473 return 0; 1474 1475 /* 1476 * 1: giac 1477 * 2: giac + liac 1478 */ 1479 memset(&cp, 0, sizeof(cp)); 1480 cp.num_current_iac = num; 1481 memcpy(&cp.lap, lap, num * 3); 1482 1483 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_CURRENT_IAC_LAP, 1484 (num * 3 + 1), &cp) < 0) 1485 return -errno; 1486 1487 return write_class(index, dev->wanted_cod); 1488} 1489 1490static void write_class_complete(int index, uint8_t status) 1491{ 1492 struct dev_info *dev = &devs[index]; 1493 struct btd_adapter *adapter; 1494 1495 if (status) 1496 return; 1497 1498 if (dev->pending_cod == 0) 1499 return; 1500 1501 dev->current_cod = dev->pending_cod; 1502 dev->pending_cod = 0; 1503 1504 adapter = manager_find_adapter(&dev->bdaddr); 1505 if (adapter) 1506 btd_adapter_class_changed(adapter, dev->current_cod); 1507 1508 update_ext_inquiry_response(index); 1509 1510 if (dev->wanted_cod == dev->current_cod) 1511 return; 1512 1513 if (dev->wanted_cod & LIMITED_BIT && 1514 !(dev->current_cod & LIMITED_BIT)) 1515 hciops_set_limited_discoverable(index, TRUE); 1516 else if (!(dev->wanted_cod & LIMITED_BIT) && 1517 (dev->current_cod & LIMITED_BIT)) 1518 hciops_set_limited_discoverable(index, FALSE); 1519 else 1520 write_class(index, dev->wanted_cod); 1521} 1522 1523static inline void cmd_complete(int index, void *ptr) 1524{ 1525 struct dev_info *dev = &devs[index]; 1526 evt_cmd_complete *evt = ptr; 1527 uint16_t opcode = btohs(evt->opcode); 1528 uint8_t status = *((uint8_t *) ptr + EVT_CMD_COMPLETE_SIZE); 1529 1530 switch (opcode) { 1531 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_VERSION): 1532 ptr += sizeof(evt_cmd_complete); 1533 read_local_version_complete(index, ptr); 1534 break; 1535 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_FEATURES): 1536 ptr += sizeof(evt_cmd_complete); 1537 read_local_features_complete(index, ptr); 1538 break; 1539 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_EXT_FEATURES): 1540 ptr += sizeof(evt_cmd_complete); 1541 read_local_ext_features_complete(index, ptr); 1542 break; 1543 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_BD_ADDR): 1544 ptr += sizeof(evt_cmd_complete); 1545 read_bd_addr_complete(index, ptr); 1546 break; 1547 case cmd_opcode_pack(OGF_LINK_CTL, OCF_PERIODIC_INQUIRY): 1548 start_inquiry(&dev->bdaddr, status, TRUE); 1549 break; 1550 case cmd_opcode_pack(OGF_LINK_CTL, OCF_EXIT_PERIODIC_INQUIRY): 1551 inquiry_complete(&dev->bdaddr, status, TRUE); 1552 break; 1553 case cmd_opcode_pack(OGF_LINK_CTL, OCF_INQUIRY_CANCEL): 1554 inquiry_complete(&dev->bdaddr, status, FALSE); 1555 break; 1556 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_LE_HOST_SUPPORTED): 1557 write_le_host_complete(index, status); 1558 break; 1559 case cmd_opcode_pack(OGF_LE_CTL, OCF_LE_SET_SCAN_ENABLE): 1560 btd_event_le_set_scan_enable_complete(&dev->bdaddr, status); 1561 break; 1562 case cmd_opcode_pack(OGF_HOST_CTL, OCF_CHANGE_LOCAL_NAME): 1563 if (!status) 1564 hci_send_cmd(dev->sk, OGF_HOST_CTL, 1565 OCF_READ_LOCAL_NAME, 0, 0); 1566 break; 1567 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE): 1568 btd_event_setscan_enable_complete(&dev->bdaddr); 1569 break; 1570 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_SCAN_ENABLE): 1571 ptr += sizeof(evt_cmd_complete); 1572 read_scan_complete(index, status, ptr); 1573 break; 1574 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_CLASS_OF_DEV): 1575 write_class_complete(index, status); 1576 break; 1577 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_SIMPLE_PAIRING_MODE): 1578 if (!status) 1579 hci_send_cmd(dev->sk, OGF_HOST_CTL, 1580 OCF_READ_SIMPLE_PAIRING_MODE, 0, NULL); 1581 break; 1582 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_SIMPLE_PAIRING_MODE): 1583 ptr += sizeof(evt_cmd_complete); 1584 read_simple_pairing_mode_complete(index, ptr); 1585 break; 1586 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_LOCAL_NAME): 1587 ptr += sizeof(evt_cmd_complete); 1588 read_local_name_complete(index, ptr); 1589 break; 1590 case cmd_opcode_pack(OGF_HOST_CTL, 1591 OCF_READ_INQ_RESPONSE_TX_POWER_LEVEL): 1592 ptr += sizeof(evt_cmd_complete); 1593 read_tx_power_complete(index, ptr); 1594 break; 1595 }; 1596} 1597 1598static inline void remote_name_information(int index, void *ptr) 1599{ 1600 struct dev_info *dev = &devs[index]; 1601 evt_remote_name_req_complete *evt = ptr; 1602 char name[MAX_NAME_LENGTH + 1]; 1603 1604 DBG("hci%d status %u", index, evt->status); 1605 1606 memset(name, 0, sizeof(name)); 1607 1608 if (!evt->status) 1609 memcpy(name, evt->name, MAX_NAME_LENGTH); 1610 1611 btd_event_remote_name(&dev->bdaddr, &evt->bdaddr, evt->status, name); 1612} 1613 1614static inline void remote_version_information(int index, void *ptr) 1615{ 1616 struct dev_info *dev = &devs[index]; 1617 evt_read_remote_version_complete *evt = ptr; 1618 bdaddr_t dba; 1619 1620 DBG("hci%d status %u", index, evt->status); 1621 1622 if (evt->status) 1623 return; 1624 1625 if (get_bdaddr(index, btohs(evt->handle), &dba) < 0) 1626 return; 1627 1628 write_version_info(&dev->bdaddr, &dba, btohs(evt->manufacturer), 1629 evt->lmp_ver, btohs(evt->lmp_subver)); 1630} 1631 1632static inline void inquiry_result(int index, int plen, void *ptr) 1633{ 1634 struct dev_info *dev = &devs[index]; 1635 uint8_t num = *(uint8_t *) ptr++; 1636 int i; 1637 1638 for (i = 0; i < num; i++) { 1639 inquiry_info *info = ptr; 1640 uint32_t class = info->dev_class[0] | 1641 (info->dev_class[1] << 8) | 1642 (info->dev_class[2] << 16); 1643 1644 btd_event_inquiry_result(&dev->bdaddr, &info->bdaddr, class, 1645 0, NULL); 1646 1647 update_lastseen(&dev->bdaddr, &info->bdaddr); 1648 1649 ptr += INQUIRY_INFO_SIZE; 1650 } 1651} 1652 1653static inline void inquiry_result_with_rssi(int index, int plen, void *ptr) 1654{ 1655 struct dev_info *dev = &devs[index]; 1656 uint8_t num = *(uint8_t *) ptr++; 1657 int i; 1658 1659 if (!num) 1660 return; 1661 1662 if ((plen - 1) / num == INQUIRY_INFO_WITH_RSSI_AND_PSCAN_MODE_SIZE) { 1663 for (i = 0; i < num; i++) { 1664 inquiry_info_with_rssi_and_pscan_mode *info = ptr; 1665 uint32_t class = info->dev_class[0] 1666 | (info->dev_class[1] << 8) 1667 | (info->dev_class[2] << 16); 1668 1669 btd_event_inquiry_result(&dev->bdaddr, &info->bdaddr, 1670 class, info->rssi, NULL); 1671 1672 update_lastseen(&dev->bdaddr, &info->bdaddr); 1673 1674 ptr += INQUIRY_INFO_WITH_RSSI_AND_PSCAN_MODE_SIZE; 1675 } 1676 } else { 1677 for (i = 0; i < num; i++) { 1678 inquiry_info_with_rssi *info = ptr; 1679 uint32_t class = info->dev_class[0] 1680 | (info->dev_class[1] << 8) 1681 | (info->dev_class[2] << 16); 1682 1683 btd_event_inquiry_result(&dev->bdaddr, &info->bdaddr, 1684 class, info->rssi, NULL); 1685 1686 update_lastseen(&dev->bdaddr, &info->bdaddr); 1687 1688 ptr += INQUIRY_INFO_WITH_RSSI_SIZE; 1689 } 1690 } 1691} 1692 1693static inline void extended_inquiry_result(int index, int plen, void *ptr) 1694{ 1695 struct dev_info *dev = &devs[index]; 1696 uint8_t num = *(uint8_t *) ptr++; 1697 int i; 1698 1699 for (i = 0; i < num; i++) { 1700 extended_inquiry_info *info = ptr; 1701 uint32_t class = info->dev_class[0] 1702 | (info->dev_class[1] << 8) 1703 | (info->dev_class[2] << 16); 1704 1705 btd_event_inquiry_result(&dev->bdaddr, &info->bdaddr, class, 1706 info->rssi, info->data); 1707 1708 update_lastseen(&dev->bdaddr, &info->bdaddr); 1709 1710 ptr += EXTENDED_INQUIRY_INFO_SIZE; 1711 } 1712} 1713 1714static inline void remote_features_information(int index, void *ptr) 1715{ 1716 struct dev_info *dev = &devs[index]; 1717 evt_read_remote_features_complete *evt = ptr; 1718 bdaddr_t dba; 1719 1720 DBG("hci%d status %u", index, evt->status); 1721 1722 if (evt->status) 1723 return; 1724 1725 if (get_bdaddr(index, btohs(evt->handle), &dba) < 0) 1726 return; 1727 1728 write_features_info(&dev->bdaddr, &dba, evt->features, NULL); 1729} 1730 1731static inline void conn_complete(int index, void *ptr) 1732{ 1733 struct dev_info *dev = &devs[index]; 1734 evt_conn_complete *evt = ptr; 1735 char filename[PATH_MAX]; 1736 char local_addr[18], peer_addr[18], *str; 1737 struct btd_adapter *adapter; 1738 1739 adapter = manager_find_adapter(&dev->bdaddr); 1740 if (!adapter) { 1741 error("Unable to find matching adapter"); 1742 return; 1743 } 1744 1745 if (evt->link_type != ACL_LINK) 1746 return; 1747 1748 btd_event_conn_complete(&dev->bdaddr, evt->status, 1749 btohs(evt->handle), &evt->bdaddr); 1750 1751 if (evt->status) 1752 return; 1753 1754 update_lastused(&dev->bdaddr, &evt->bdaddr); 1755 1756 /* check if the remote version needs be requested */ 1757 ba2str(&dev->bdaddr, local_addr); 1758 ba2str(&evt->bdaddr, peer_addr); 1759 1760 create_name(filename, sizeof(filename), STORAGEDIR, local_addr, 1761 "manufacturers"); 1762 1763 str = textfile_get(filename, peer_addr); 1764 if (!str) 1765 btd_adapter_get_remote_version(adapter, btohs(evt->handle), 1766 TRUE); 1767 else 1768 free(str); 1769} 1770 1771static inline void le_conn_complete(int index, void *ptr) 1772{ 1773 struct dev_info *dev = &devs[index]; 1774 evt_le_connection_complete *evt = ptr; 1775 char filename[PATH_MAX]; 1776 char local_addr[18], peer_addr[18], *str; 1777 struct btd_adapter *adapter; 1778 1779 adapter = manager_find_adapter(&dev->bdaddr); 1780 if (!adapter) { 1781 error("Unable to find matching adapter"); 1782 return; 1783 } 1784 1785 btd_event_conn_complete(&dev->bdaddr, evt->status, 1786 btohs(evt->handle), &evt->peer_bdaddr); 1787 1788 if (evt->status) 1789 return; 1790 1791 update_lastused(&dev->bdaddr, &evt->peer_bdaddr); 1792 1793 /* check if the remote version needs be requested */ 1794 ba2str(&dev->bdaddr, local_addr); 1795 ba2str(&evt->peer_bdaddr, peer_addr); 1796 1797 create_name(filename, sizeof(filename), STORAGEDIR, local_addr, 1798 "manufacturers"); 1799 1800 str = textfile_get(filename, peer_addr); 1801 if (!str) 1802 btd_adapter_get_remote_version(adapter, btohs(evt->handle), 1803 TRUE); 1804 else 1805 free(str); 1806} 1807 1808static inline void disconn_complete(int index, void *ptr) 1809{ 1810 struct dev_info *dev = &devs[index]; 1811 evt_disconn_complete *evt = ptr; 1812 1813 btd_event_disconn_complete(&dev->bdaddr, evt->status, 1814 btohs(evt->handle), evt->reason); 1815} 1816 1817static inline void auth_complete(int index, void *ptr) 1818{ 1819 struct dev_info *dev = &devs[index]; 1820 evt_auth_complete *evt = ptr; 1821 bdaddr_t dba; 1822 1823 DBG("hci%d status %u", index, evt->status); 1824 1825 if (get_bdaddr(index, btohs(evt->handle), &dba) < 0) 1826 return; 1827 1828 btd_event_bonding_process_complete(&dev->bdaddr, &dba, evt->status); 1829} 1830 1831static inline void simple_pairing_complete(int index, void *ptr) 1832{ 1833 struct dev_info *dev = &devs[index]; 1834 evt_simple_pairing_complete *evt = ptr; 1835 1836 DBG("hci%d status %u", index, evt->status); 1837 1838 btd_event_simple_pairing_complete(&dev->bdaddr, &evt->bdaddr, 1839 evt->status); 1840} 1841 1842static inline void conn_request(int index, void *ptr) 1843{ 1844 struct dev_info *dev = &devs[index]; 1845 evt_conn_request *evt = ptr; 1846 uint32_t class = evt->dev_class[0] | (evt->dev_class[1] << 8) 1847 | (evt->dev_class[2] << 16); 1848 1849 btd_event_remote_class(&dev->bdaddr, &evt->bdaddr, class); 1850} 1851 1852static inline void le_advertising_report(int index, evt_le_meta_event *meta) 1853{ 1854 struct dev_info *dev = &devs[index]; 1855 le_advertising_info *info; 1856 uint8_t num, i; 1857 1858 num = meta->data[0]; 1859 info = (le_advertising_info *) (meta->data + 1); 1860 1861 for (i = 0; i < num; i++) { 1862 btd_event_advertising_report(&dev->bdaddr, info); 1863 info = (le_advertising_info *) (info->data + info->length + 1); 1864 } 1865} 1866 1867static inline void le_metaevent(int index, void *ptr) 1868{ 1869 evt_le_meta_event *meta = ptr; 1870 1871 DBG("hci%d LE Meta Event %u", index, meta->subevent); 1872 1873 switch (meta->subevent) { 1874 case EVT_LE_ADVERTISING_REPORT: 1875 le_advertising_report(index, meta); 1876 break; 1877 1878 case EVT_LE_CONN_COMPLETE: 1879 le_conn_complete(index, meta->data); 1880 break; 1881 } 1882} 1883 1884static void stop_hci_dev(int index) 1885{ 1886 struct dev_info *dev = &devs[index]; 1887 1888 if (dev->sk < 0) 1889 return; 1890 1891 info("Stopping hci%d event socket", index); 1892 1893 if (dev->watch_id > 0) 1894 g_source_remove(dev->watch_id); 1895 1896 if (dev->io != NULL) 1897 g_io_channel_unref(dev->io); 1898 1899 hci_close_dev(dev->sk); 1900 1901 g_slist_foreach(dev->keys, (GFunc) g_free, NULL); 1902 g_slist_free(dev->keys); 1903 1904 init_dev_info(index, -1, dev->registered); 1905} 1906 1907static gboolean io_security_event(GIOChannel *chan, GIOCondition cond, 1908 gpointer data) 1909{ 1910 unsigned char buf[HCI_MAX_EVENT_SIZE], *ptr = buf; 1911 int type, index = GPOINTER_TO_INT(data); 1912 struct dev_info *dev = &devs[index]; 1913 struct hci_dev_info di; 1914 size_t len; 1915 hci_event_hdr *eh; 1916 GIOError err; 1917 evt_cmd_status *evt; 1918 1919 if (cond & (G_IO_NVAL | G_IO_HUP | G_IO_ERR)) { 1920 stop_hci_dev(index); 1921 return FALSE; 1922 } 1923 1924 if ((err = g_io_channel_read(chan, (gchar *) buf, sizeof(buf), &len))) { 1925 if (err == G_IO_ERROR_AGAIN) 1926 return TRUE; 1927 stop_hci_dev(index); 1928 return FALSE; 1929 } 1930 1931 type = *ptr++; 1932 1933 if (type != HCI_EVENT_PKT) 1934 return TRUE; 1935 1936 eh = (hci_event_hdr *) ptr; 1937 ptr += HCI_EVENT_HDR_SIZE; 1938 1939 memset(&di, 0, sizeof(di)); 1940 if (hci_devinfo(index, &di) == 0) { 1941 bacpy(&dev->bdaddr, &di.bdaddr); 1942 1943 if (ignore_device(&di)) 1944 return TRUE; 1945 } 1946 1947 switch (eh->evt) { 1948 case EVT_CMD_STATUS: 1949 cmd_status(index, ptr); 1950 break; 1951 1952 case EVT_CMD_COMPLETE: 1953 cmd_complete(index, ptr); 1954 break; 1955 1956 case EVT_REMOTE_NAME_REQ_COMPLETE: 1957 remote_name_information(index, ptr); 1958 break; 1959 1960 case EVT_READ_REMOTE_VERSION_COMPLETE: 1961 remote_version_information(index, ptr); 1962 break; 1963 1964 case EVT_READ_REMOTE_FEATURES_COMPLETE: 1965 remote_features_information(index, ptr); 1966 break; 1967 1968 case EVT_REMOTE_HOST_FEATURES_NOTIFY: 1969 remote_features_notify(index, ptr); 1970 break; 1971 1972 case EVT_INQUIRY_COMPLETE: 1973 evt = (evt_cmd_status *) ptr; 1974 inquiry_complete(&dev->bdaddr, evt->status, FALSE); 1975 break; 1976 1977 case EVT_INQUIRY_RESULT: 1978 inquiry_result(index, eh->plen, ptr); 1979 break; 1980 1981 case EVT_INQUIRY_RESULT_WITH_RSSI: 1982 inquiry_result_with_rssi(index, eh->plen, ptr); 1983 break; 1984 1985 case EVT_EXTENDED_INQUIRY_RESULT: 1986 extended_inquiry_result(index, eh->plen, ptr); 1987 break; 1988 1989 case EVT_CONN_COMPLETE: 1990 conn_complete(index, ptr); 1991 break; 1992 1993 case EVT_DISCONN_COMPLETE: 1994 disconn_complete(index, ptr); 1995 break; 1996 1997 case EVT_AUTH_COMPLETE: 1998 auth_complete(index, ptr); 1999 break; 2000 2001 case EVT_SIMPLE_PAIRING_COMPLETE: 2002 simple_pairing_complete(index, ptr); 2003 break; 2004 2005 case EVT_CONN_REQUEST: 2006 conn_request(index, ptr); 2007 break; 2008 case EVT_LE_META_EVENT: 2009 le_metaevent(index, ptr); 2010 break; 2011 case EVT_PIN_CODE_REQ: 2012 pin_code_request(index, (bdaddr_t *) ptr); 2013 break; 2014 2015 case EVT_LINK_KEY_REQ: 2016 link_key_request(index, (bdaddr_t *) ptr); 2017 break; 2018 2019 case EVT_LINK_KEY_NOTIFY: 2020 link_key_notify(index, ptr); 2021 break; 2022 2023 case EVT_RETURN_LINK_KEYS: 2024 return_link_keys(index, ptr); 2025 break; 2026 2027 case EVT_IO_CAPABILITY_REQUEST: 2028 io_capa_request(index, ptr); 2029 break; 2030 2031 case EVT_IO_CAPABILITY_RESPONSE: 2032 io_capa_response(index, ptr); 2033 break; 2034 2035 case EVT_USER_CONFIRM_REQUEST: 2036 user_confirm_request(index, ptr); 2037 break; 2038 2039 case EVT_USER_PASSKEY_REQUEST: 2040 user_passkey_request(index, ptr); 2041 break; 2042 2043 case EVT_USER_PASSKEY_NOTIFY: 2044 user_passkey_notify(index, ptr); 2045 break; 2046 2047 case EVT_REMOTE_OOB_DATA_REQUEST: 2048 remote_oob_data_request(index, ptr); 2049 break; 2050 } 2051 2052 return TRUE; 2053} 2054 2055static void start_hci_dev(int index) 2056{ 2057 struct dev_info *dev = &devs[index]; 2058 GIOChannel *chan = dev->io; 2059 GIOCondition cond; 2060 struct hci_filter flt; 2061 2062 if (chan) 2063 return; 2064 2065 info("Listening for HCI events on hci%d", index); 2066 2067 /* Set filter */ 2068 hci_filter_clear(&flt); 2069 hci_filter_set_ptype(HCI_EVENT_PKT, &flt); 2070 hci_filter_set_event(EVT_CMD_STATUS, &flt); 2071 hci_filter_set_event(EVT_CMD_COMPLETE, &flt); 2072 hci_filter_set_event(EVT_PIN_CODE_REQ, &flt); 2073 hci_filter_set_event(EVT_LINK_KEY_REQ, &flt); 2074 hci_filter_set_event(EVT_LINK_KEY_NOTIFY, &flt); 2075 hci_filter_set_event(EVT_RETURN_LINK_KEYS, &flt); 2076 hci_filter_set_event(EVT_IO_CAPABILITY_REQUEST, &flt); 2077 hci_filter_set_event(EVT_IO_CAPABILITY_RESPONSE, &flt); 2078 hci_filter_set_event(EVT_USER_CONFIRM_REQUEST, &flt); 2079 hci_filter_set_event(EVT_USER_PASSKEY_REQUEST, &flt); 2080 hci_filter_set_event(EVT_REMOTE_OOB_DATA_REQUEST, &flt); 2081 hci_filter_set_event(EVT_USER_PASSKEY_NOTIFY, &flt); 2082 hci_filter_set_event(EVT_KEYPRESS_NOTIFY, &flt); 2083 hci_filter_set_event(EVT_SIMPLE_PAIRING_COMPLETE, &flt); 2084 hci_filter_set_event(EVT_AUTH_COMPLETE, &flt); 2085 hci_filter_set_event(EVT_REMOTE_NAME_REQ_COMPLETE, &flt); 2086 hci_filter_set_event(EVT_READ_REMOTE_VERSION_COMPLETE, &flt); 2087 hci_filter_set_event(EVT_READ_REMOTE_FEATURES_COMPLETE, &flt); 2088 hci_filter_set_event(EVT_REMOTE_HOST_FEATURES_NOTIFY, &flt); 2089 hci_filter_set_event(EVT_INQUIRY_COMPLETE, &flt); 2090 hci_filter_set_event(EVT_INQUIRY_RESULT, &flt); 2091 hci_filter_set_event(EVT_INQUIRY_RESULT_WITH_RSSI, &flt); 2092 hci_filter_set_event(EVT_EXTENDED_INQUIRY_RESULT, &flt); 2093 hci_filter_set_event(EVT_CONN_REQUEST, &flt); 2094 hci_filter_set_event(EVT_CONN_COMPLETE, &flt); 2095 hci_filter_set_event(EVT_DISCONN_COMPLETE, &flt); 2096 hci_filter_set_event(EVT_LE_META_EVENT, &flt); 2097 if (setsockopt(dev->sk, SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) { 2098 error("Can't set filter on hci%d: %s (%d)", 2099 index, strerror(errno), errno); 2100 return; 2101 } 2102 2103 chan = g_io_channel_unix_new(dev->sk); 2104 cond = G_IO_IN | G_IO_NVAL | G_IO_HUP | G_IO_ERR; 2105 dev->watch_id = g_io_add_watch_full(chan, G_PRIORITY_LOW, cond, 2106 io_security_event, 2107 GINT_TO_POINTER(index), NULL); 2108 dev->io = chan; 2109 dev->pin_length = -1; 2110 2111} 2112 2113/* End of HCI event callbacks */ 2114 2115static gboolean child_exit(GIOChannel *io, GIOCondition cond, void *user_data) 2116{ 2117 int status, fd = g_io_channel_unix_get_fd(io); 2118 pid_t child_pid; 2119 2120 if (read(fd, &child_pid, sizeof(child_pid)) != sizeof(child_pid)) { 2121 error("child_exit: unable to read child pid from pipe"); 2122 return TRUE; 2123 } 2124 2125 if (waitpid(child_pid, &status, 0) != child_pid) 2126 error("waitpid(%d) failed", child_pid); 2127 else 2128 DBG("child %d exited", child_pid); 2129 2130 return TRUE; 2131} 2132 2133static void at_child_exit(void) 2134{ 2135 pid_t pid = getpid(); 2136 2137 if (write(child_pipe[1], &pid, sizeof(pid)) != sizeof(pid)) 2138 error("unable to write to child pipe"); 2139} 2140 2141static void device_devup_setup(int index) 2142{ 2143 struct dev_info *dev = &devs[index]; 2144 struct hci_dev_info di; 2145 read_stored_link_key_cp cp; 2146 2147 DBG("hci%d", index); 2148 2149 if (hci_devinfo(index, &di) < 0) 2150 return; 2151 2152 if (ignore_device(&di)) 2153 return; 2154 2155 bacpy(&dev->bdaddr, &di.bdaddr); 2156 memcpy(dev->features, di.features, 8); 2157 2158 /* Set page timeout */ 2159 if ((main_opts.flags & (1 << HCID_SET_PAGETO))) { 2160 write_page_timeout_cp cp; 2161 2162 cp.timeout = htobs(main_opts.pageto); 2163 hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_PAGE_TIMEOUT, 2164 WRITE_PAGE_TIMEOUT_CP_SIZE, &cp); 2165 } 2166 2167 bacpy(&cp.bdaddr, BDADDR_ANY); 2168 cp.read_all = 1; 2169 hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_READ_STORED_LINK_KEY, 2170 READ_STORED_LINK_KEY_CP_SIZE, (void *) &cp); 2171 2172 if (!dev->pending) 2173 init_adapter(index); 2174} 2175 2176static void init_pending(int index) 2177{ 2178 struct dev_info *dev = &devs[index]; 2179 2180 hci_set_bit(PENDING_BDADDR, &dev->pending); 2181 hci_set_bit(PENDING_VERSION, &dev->pending); 2182 hci_set_bit(PENDING_FEATURES, &dev->pending); 2183 hci_set_bit(PENDING_NAME, &dev->pending); 2184} 2185 2186static void init_device(int index) 2187{ 2188 struct hci_dev_req dr; 2189 int dd; 2190 pid_t pid; 2191 2192 DBG("hci%d", index); 2193 2194 dd = hci_open_dev(index); 2195 if (dd < 0) { 2196 error("Unable to open hci%d: %s (%d)", index, 2197 strerror(errno), errno); 2198 return; 2199 } 2200 2201 if (index > max_dev) { 2202 max_dev = index; 2203 devs = g_realloc(devs, sizeof(devs[0]) * (max_dev + 1)); 2204 } 2205 2206 init_dev_info(index, dd, FALSE); 2207 init_pending(index); 2208 start_hci_dev(index); 2209 2210 /* Do initialization in the separate process */ 2211 pid = fork(); 2212 switch (pid) { 2213 case 0: 2214 atexit(at_child_exit); 2215 break; 2216 case -1: 2217 error("Fork failed. Can't init device hci%d: %s (%d)", 2218 index, strerror(errno), errno); 2219 default: 2220 DBG("child %d forked", pid); 2221 return; 2222 } 2223 2224 memset(&dr, 0, sizeof(dr)); 2225 dr.dev_id = index; 2226 2227 /* Set link mode */ 2228 dr.dev_opt = main_opts.link_mode; 2229 if (ioctl(dd, HCISETLINKMODE, (unsigned long) &dr) < 0) 2230 error("Can't set link mode on hci%d: %s (%d)", 2231 index, strerror(errno), errno); 2232 2233 /* Start HCI device */ 2234 if (ioctl(dd, HCIDEVUP, index) < 0 && errno != EALREADY) { 2235 error("Can't init device hci%d: %s (%d)", 2236 index, strerror(errno), errno); 2237 goto fail; 2238 } 2239 2240 hci_close_dev(dd); 2241 exit(0); 2242 2243fail: 2244 hci_close_dev(dd); 2245 exit(1); 2246} 2247 2248static void device_devreg_setup(int index) 2249{ 2250 struct hci_dev_info di; 2251 2252 DBG("hci%d", index); 2253 2254 init_device(index); 2255 2256 memset(&di, 0, sizeof(di)); 2257 2258 if (hci_devinfo(index, &di) < 0) 2259 return; 2260 2261 if (ignore_device(&di)) 2262 return; 2263 2264 devs[index].already_up = hci_test_bit(HCI_UP, &di.flags); 2265} 2266 2267static void device_event(int event, int index) 2268{ 2269 switch (event) { 2270 case HCI_DEV_REG: 2271 info("HCI dev %d registered", index); 2272 device_devreg_setup(index); 2273 if (devs[index].already_up) 2274 device_event(HCI_DEV_UP, index); 2275 break; 2276 2277 case HCI_DEV_UNREG: 2278 info("HCI dev %d unregistered", index); 2279 stop_hci_dev(index); 2280 if (devs[index].registered) 2281 btd_manager_unregister_adapter(index); 2282 break; 2283 2284 case HCI_DEV_UP: 2285 info("HCI dev %d up", index); 2286 devs[index].up = TRUE; 2287 device_devup_setup(index); 2288 break; 2289 2290 case HCI_DEV_DOWN: 2291 info("HCI dev %d down", index); 2292 devs[index].up = FALSE; 2293 devs[index].pending_cod = 0; 2294 devs[index].cache_enable = TRUE; 2295 if (!devs[index].pending) { 2296 manager_stop_adapter(index); 2297 init_pending(index); 2298 } 2299 break; 2300 } 2301} 2302 2303static int hciops_stop_inquiry(int index) 2304{ 2305 struct dev_info *dev = &devs[index]; 2306 struct hci_dev_info di; 2307 int err; 2308 2309 DBG("hci%d", index); 2310 2311 if (hci_devinfo(index, &di) < 0) 2312 return -errno; 2313 2314 if (hci_test_bit(HCI_INQUIRY, &di.flags)) 2315 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2316 OCF_INQUIRY_CANCEL, 0, 0); 2317 else 2318 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2319 OCF_EXIT_PERIODIC_INQUIRY, 0, 0); 2320 if (err < 0) 2321 err = -errno; 2322 2323 return err; 2324} 2325 2326static gboolean init_known_adapters(gpointer user_data) 2327{ 2328 struct hci_dev_list_req *dl; 2329 struct hci_dev_req *dr; 2330 int i, err, ctl = GPOINTER_TO_INT(user_data); 2331 size_t req_size; 2332 2333 DBG(""); 2334 2335 req_size = HCI_MAX_DEV * sizeof(struct hci_dev_req) + sizeof(uint16_t); 2336 2337 dl = g_try_malloc0(req_size); 2338 if (!dl) { 2339 error("Can't allocate devlist buffer"); 2340 return FALSE; 2341 } 2342 2343 dl->dev_num = HCI_MAX_DEV; 2344 dr = dl->dev_req; 2345 2346 if (ioctl(ctl, HCIGETDEVLIST, dl) < 0) { 2347 err = -errno; 2348 error("Can't get device list: %s (%d)", strerror(-err), -err); 2349 g_free(dl); 2350 return FALSE; 2351 } 2352 2353 for (i = 0; i < dl->dev_num; i++, dr++) { 2354 struct dev_info *dev; 2355 2356 device_event(HCI_DEV_REG, dr->dev_id); 2357 2358 dev = &devs[dr->dev_id]; 2359 2360 dev->already_up = hci_test_bit(HCI_UP, &dr->dev_opt); 2361 2362 if (!dev->already_up) 2363 continue; 2364 2365 hciops_stop_inquiry(dr->dev_id); 2366 2367 dev->pending = 0; 2368 hci_set_bit(PENDING_VERSION, &dev->pending); 2369 hci_send_cmd(dev->sk, OGF_INFO_PARAM, 2370 OCF_READ_LOCAL_VERSION, 0, NULL); 2371 device_event(HCI_DEV_UP, dr->dev_id); 2372 } 2373 2374 g_free(dl); 2375 2376 return FALSE; 2377} 2378 2379static gboolean io_stack_event(GIOChannel *chan, GIOCondition cond, 2380 gpointer data) 2381{ 2382 unsigned char buf[HCI_MAX_FRAME_SIZE], *ptr; 2383 evt_stack_internal *si; 2384 evt_si_device *sd; 2385 hci_event_hdr *eh; 2386 int type; 2387 size_t len; 2388 GIOError err; 2389 2390 ptr = buf; 2391 2392 err = g_io_channel_read(chan, (gchar *) buf, sizeof(buf), &len); 2393 if (err) { 2394 if (err == G_IO_ERROR_AGAIN) 2395 return TRUE; 2396 2397 error("Read from control socket failed: %s (%d)", 2398 strerror(errno), errno); 2399 return FALSE; 2400 } 2401 2402 type = *ptr++; 2403 2404 if (type != HCI_EVENT_PKT) 2405 return TRUE; 2406 2407 eh = (hci_event_hdr *) ptr; 2408 if (eh->evt != EVT_STACK_INTERNAL) 2409 return TRUE; 2410 2411 ptr += HCI_EVENT_HDR_SIZE; 2412 2413 si = (evt_stack_internal *) ptr; 2414 switch (si->type) { 2415 case EVT_SI_DEVICE: 2416 sd = (void *) &si->data; 2417 device_event(sd->event, sd->dev_id); 2418 break; 2419 } 2420 2421 return TRUE; 2422} 2423 2424static int hciops_setup(void) 2425{ 2426 struct sockaddr_hci addr; 2427 struct hci_filter flt; 2428 GIOChannel *ctl_io, *child_io; 2429 int sock, err; 2430 2431 DBG(""); 2432 2433 if (child_pipe[0] != -1) 2434 return -EALREADY; 2435 2436 if (pipe(child_pipe) < 0) { 2437 err = -errno; 2438 error("pipe(): %s (%d)", strerror(-err), -err); 2439 return err; 2440 } 2441 2442 child_io = g_io_channel_unix_new(child_pipe[0]); 2443 g_io_channel_set_close_on_unref(child_io, TRUE); 2444 child_io_id = g_io_add_watch(child_io, 2445 G_IO_IN | G_IO_ERR | G_IO_HUP | G_IO_NVAL, 2446 child_exit, NULL); 2447 g_io_channel_unref(child_io); 2448 2449 /* Create and bind HCI socket */ 2450 sock = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI); 2451 if (sock < 0) { 2452 err = -errno; 2453 error("Can't open HCI socket: %s (%d)", strerror(-err), 2454 -err); 2455 return err; 2456 } 2457 2458 /* Set filter */ 2459 hci_filter_clear(&flt); 2460 hci_filter_set_ptype(HCI_EVENT_PKT, &flt); 2461 hci_filter_set_event(EVT_STACK_INTERNAL, &flt); 2462 if (setsockopt(sock, SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) { 2463 err = -errno; 2464 error("Can't set filter: %s (%d)", strerror(-err), -err); 2465 return err; 2466 } 2467 2468 memset(&addr, 0, sizeof(addr)); 2469 addr.hci_family = AF_BLUETOOTH; 2470 addr.hci_dev = HCI_DEV_NONE; 2471 if (bind(sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) { 2472 err = -errno; 2473 error("Can't bind HCI socket: %s (%d)", strerror(-err), -err); 2474 return err; 2475 } 2476 2477 ctl_io = g_io_channel_unix_new(sock); 2478 g_io_channel_set_close_on_unref(ctl_io, TRUE); 2479 2480 ctl_io_id = g_io_add_watch(ctl_io, G_IO_IN, io_stack_event, NULL); 2481 2482 g_io_channel_unref(ctl_io); 2483 2484 g_idle_add(init_known_adapters, GINT_TO_POINTER(sock)); 2485 2486 return 0; 2487} 2488 2489static void hciops_cleanup(void) 2490{ 2491 int i; 2492 2493 DBG(""); 2494 2495 for (i = 0; i <= max_dev; i++) 2496 stop_hci_dev(i); 2497 2498 g_free(devs); 2499 devs = NULL; 2500 max_dev = -1; 2501 2502 if (child_io_id) { 2503 g_source_remove(child_io_id); 2504 child_io_id = 0; 2505 } 2506 2507 if (ctl_io_id) { 2508 g_source_remove(ctl_io_id); 2509 ctl_io_id = 0; 2510 } 2511 2512 if (child_pipe[0] >= 0) { 2513 close(child_pipe[0]); 2514 child_pipe[0] = -1; 2515 } 2516 2517 if (child_pipe[1] >= 0) { 2518 close(child_pipe[1]); 2519 child_pipe[1] = -1; 2520 } 2521} 2522 2523static int hciops_power_on(int index, gboolean discoverable) 2524{ 2525 struct dev_info *dev = &devs[index]; 2526 int err; 2527 2528 DBG("hci%d", index); 2529 2530 if (ioctl(dev->sk, HCIDEVUP, index) == 0) 2531 return 0; 2532 2533 if (errno == EALREADY) 2534 return 0; 2535 2536 err = -errno; 2537 error("Can't init device hci%d: %s (%d)", 2538 index, strerror(-err), -err); 2539 2540 return err; 2541} 2542 2543static int hciops_set_connectable(int index, gboolean connectable) 2544{ 2545 struct dev_info *dev = &devs[index]; 2546 uint8_t mode; 2547 2548 if (connectable) 2549 mode = SCAN_PAGE; 2550 else 2551 mode = 0x00; 2552 2553 DBG("hci%d connectable %d", index, connectable); 2554 2555 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 2556 OCF_WRITE_SCAN_ENABLE, 1, &mode) < 0) 2557 return -errno; 2558 2559 return 0; 2560} 2561 2562static int hciops_set_dev_class(int index, uint8_t major, uint8_t minor) 2563{ 2564 struct dev_info *dev = &devs[index]; 2565 int err; 2566 2567 DBG("hci%d major %u minor %u", index, major, minor); 2568 2569 /* Update only the major and minor class bits keeping remaining bits 2570 * intact*/ 2571 dev->wanted_cod &= 0xffe000; 2572 dev->wanted_cod |= ((major & 0x1f) << 8) | minor; 2573 2574 if (dev->wanted_cod == dev->current_cod || 2575 dev->cache_enable || dev->pending_cod) 2576 return 0; 2577 2578 DBG("Changing Major/Minor class to 0x%06x", dev->wanted_cod); 2579 2580 err = write_class(index, dev->wanted_cod); 2581 if (err < 0) 2582 error("Adapter class update failed: %s (%d)", 2583 strerror(-err), -err); 2584 2585 return err; 2586} 2587 2588static int hciops_start_inquiry(int index, uint8_t length, gboolean periodic) 2589{ 2590 struct dev_info *dev = &devs[index]; 2591 uint8_t lap[3] = { 0x33, 0x8b, 0x9e }; 2592 int err; 2593 2594 DBG("hci%d length %u periodic %d", index, length, periodic); 2595 2596 if (periodic) { 2597 periodic_inquiry_cp cp; 2598 2599 memset(&cp, 0, sizeof(cp)); 2600 memcpy(&cp.lap, lap, 3); 2601 cp.max_period = htobs(24); 2602 cp.min_period = htobs(16); 2603 cp.length = length; 2604 cp.num_rsp = 0x00; 2605 2606 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2607 OCF_PERIODIC_INQUIRY, 2608 PERIODIC_INQUIRY_CP_SIZE, &cp); 2609 } else { 2610 inquiry_cp inq_cp; 2611 2612 memset(&inq_cp, 0, sizeof(inq_cp)); 2613 memcpy(&inq_cp.lap, lap, 3); 2614 inq_cp.length = length; 2615 inq_cp.num_rsp = 0x00; 2616 2617 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2618 OCF_INQUIRY, INQUIRY_CP_SIZE, &inq_cp); 2619 } 2620 2621 if (err < 0) 2622 err = -errno; 2623 2624 return err; 2625} 2626 2627static int le_set_scan_enable(int index, uint8_t enable) 2628{ 2629 struct dev_info *dev = &devs[index]; 2630 le_set_scan_enable_cp cp; 2631 2632 DBG("hci%d enable %u", index, enable); 2633 2634 memset(&cp, 0, sizeof(cp)); 2635 cp.enable = enable; 2636 cp.filter_dup = 0; 2637 2638 if (hci_send_cmd(dev->sk, OGF_LE_CTL, OCF_LE_SET_SCAN_ENABLE, 2639 LE_SET_SCAN_ENABLE_CP_SIZE, &cp) < 0) 2640 return -errno; 2641 2642 return 0; 2643} 2644 2645static int hciops_start_scanning(int index) 2646{ 2647 struct dev_info *dev = &devs[index]; 2648 le_set_scan_parameters_cp cp; 2649 2650 DBG("hci%d", index); 2651 2652 memset(&cp, 0, sizeof(cp)); 2653 cp.type = 0x01; /* Active scanning */ 2654 cp.interval = htobs(0x0010); 2655 cp.window = htobs(0x0010); 2656 cp.own_bdaddr_type = 0; /* Public address */ 2657 cp.filter = 0; /* Accept all adv packets */ 2658 2659 if (hci_send_cmd(dev->sk, OGF_LE_CTL, OCF_LE_SET_SCAN_PARAMETERS, 2660 LE_SET_SCAN_PARAMETERS_CP_SIZE, &cp) < 0) 2661 return -errno; 2662 2663 return le_set_scan_enable(index, 1); 2664} 2665 2666static int hciops_stop_scanning(int index) 2667{ 2668 DBG("hci%d", index); 2669 2670 return le_set_scan_enable(index, 0); 2671} 2672 2673static int hciops_resolve_name(int index, bdaddr_t *bdaddr) 2674{ 2675 struct dev_info *dev = &devs[index]; 2676 remote_name_req_cp cp; 2677 char addr[18]; 2678 2679 ba2str(bdaddr, addr); 2680 DBG("hci%d dba %s", index, addr); 2681 2682 memset(&cp, 0, sizeof(cp)); 2683 bacpy(&cp.bdaddr, bdaddr); 2684 cp.pscan_rep_mode = 0x02; 2685 2686 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_REMOTE_NAME_REQ, 2687 REMOTE_NAME_REQ_CP_SIZE, &cp) < 0) 2688 return -errno; 2689 2690 return 0; 2691} 2692 2693static int hciops_set_name(int index, const char *name) 2694{ 2695 struct dev_info *dev = &devs[index]; 2696 change_local_name_cp cp; 2697 2698 DBG("hci%d, name %s", index, name); 2699 2700 memset(&cp, 0, sizeof(cp)); 2701 strncpy((char *) cp.name, name, sizeof(cp.name)); 2702 2703 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_CHANGE_LOCAL_NAME, 2704 CHANGE_LOCAL_NAME_CP_SIZE, &cp) < 0) 2705 return -errno; 2706 2707 memcpy(dev->name, cp.name, 248); 2708 update_ext_inquiry_response(index); 2709 2710 return 0; 2711} 2712 2713static int hciops_cancel_resolve_name(int index, bdaddr_t *bdaddr) 2714{ 2715 struct dev_info *dev = &devs[index]; 2716 remote_name_req_cancel_cp cp; 2717 char addr[18]; 2718 2719 ba2str(bdaddr, addr); 2720 DBG("hci%d dba %s", index, addr); 2721 2722 memset(&cp, 0, sizeof(cp)); 2723 bacpy(&cp.bdaddr, bdaddr); 2724 2725 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_REMOTE_NAME_REQ_CANCEL, 2726 REMOTE_NAME_REQ_CANCEL_CP_SIZE, &cp) < 0) 2727 return -errno; 2728 2729 return 0; 2730} 2731 2732static int hciops_fast_connectable(int index, gboolean enable) 2733{ 2734 struct dev_info *dev = &devs[index]; 2735 write_page_activity_cp cp; 2736 uint8_t type; 2737 2738 DBG("hci%d enable %d", index, enable); 2739 2740 if (enable) { 2741 type = PAGE_SCAN_TYPE_INTERLACED; 2742 cp.interval = 0x0024; /* 22.5 msec page scan interval */ 2743 } else { 2744 type = PAGE_SCAN_TYPE_STANDARD; /* default */ 2745 cp.interval = 0x0800; /* default 1.28 sec page scan */ 2746 } 2747 2748 cp.window = 0x0012; /* default 11.25 msec page scan window */ 2749 2750 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_PAGE_ACTIVITY, 2751 WRITE_PAGE_ACTIVITY_CP_SIZE, &cp) < 0) 2752 return -errno; 2753 else if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 2754 OCF_WRITE_PAGE_SCAN_TYPE, 1, &type) < 0) 2755 return -errno; 2756 2757 return 0; 2758} 2759 2760static int hciops_read_clock(int index, int handle, int which, int timeout, 2761 uint32_t *clock, uint16_t *accuracy) 2762{ 2763 struct dev_info *dev = &devs[index]; 2764 2765 DBG("hci%d handle %d which %d timeout %d", index, handle, which, 2766 timeout); 2767 2768 if (hci_read_clock(dev->sk, handle, which, clock, accuracy, 2769 timeout) < 0) 2770 return -errno; 2771 2772 return 0; 2773} 2774 2775static int hciops_conn_handle(int index, const bdaddr_t *bdaddr, int *handle) 2776{ 2777 struct dev_info *dev = &devs[index]; 2778 struct hci_conn_info_req *cr; 2779 char addr[18]; 2780 int err; 2781 2782 ba2str(bdaddr, addr); 2783 DBG("hci%d dba %s", index, addr); 2784 2785 cr = g_malloc0(sizeof(*cr) + sizeof(struct hci_conn_info)); 2786 bacpy(&cr->bdaddr, bdaddr); 2787 cr->type = ACL_LINK; 2788 2789 if (ioctl(dev->sk, HCIGETCONNINFO, (unsigned long) cr) < 0) { 2790 err = -errno; 2791 goto fail; 2792 } 2793 2794 err = 0; 2795 *handle = htobs(cr->conn_info->handle); 2796 2797fail: 2798 g_free(cr); 2799 return err; 2800} 2801 2802static int hciops_read_bdaddr(int index, bdaddr_t *bdaddr) 2803{ 2804 struct dev_info *dev = &devs[index]; 2805 2806 DBG("hci%d", index); 2807 2808 bacpy(bdaddr, &dev->bdaddr); 2809 2810 return 0; 2811} 2812 2813static int hciops_block_device(int index, bdaddr_t *bdaddr) 2814{ 2815 struct dev_info *dev = &devs[index]; 2816 char addr[18]; 2817 2818 ba2str(bdaddr, addr); 2819 DBG("hci%d dba %s", index, addr); 2820 2821 if (ioctl(dev->sk, HCIBLOCKADDR, bdaddr) < 0) 2822 return -errno; 2823 2824 return 0; 2825} 2826 2827static int hciops_unblock_device(int index, bdaddr_t *bdaddr) 2828{ 2829 struct dev_info *dev = &devs[index]; 2830 char addr[18]; 2831 2832 ba2str(bdaddr, addr); 2833 DBG("hci%d dba %s", index, addr); 2834 2835 if (ioctl(dev->sk, HCIUNBLOCKADDR, bdaddr) < 0) 2836 return -errno; 2837 2838 return 0; 2839} 2840 2841static int hciops_get_conn_list(int index, GSList **conns) 2842{ 2843 struct dev_info *dev = &devs[index]; 2844 struct hci_conn_list_req *cl; 2845 struct hci_conn_info *ci; 2846 int err, i; 2847 2848 DBG("hci%d", index); 2849 2850 cl = g_malloc0(10 * sizeof(*ci) + sizeof(*cl)); 2851 2852 cl->dev_id = index; 2853 cl->conn_num = 10; 2854 ci = cl->conn_info; 2855 2856 if (ioctl(dev->sk, HCIGETCONNLIST, cl) < 0) { 2857 err = -errno; 2858 goto fail; 2859 } 2860 2861 err = 0; 2862 *conns = NULL; 2863 2864 for (i = 0; i < cl->conn_num; i++, ci++) 2865 *conns = g_slist_append(*conns, g_memdup(ci, sizeof(*ci))); 2866 2867fail: 2868 g_free(cl); 2869 return err; 2870} 2871 2872static int hciops_read_local_version(int index, struct hci_version *ver) 2873{ 2874 struct dev_info *dev = &devs[index]; 2875 2876 DBG("hci%d", index); 2877 2878 memcpy(ver, &dev->ver, sizeof(*ver)); 2879 2880 return 0; 2881} 2882 2883static int hciops_read_local_features(int index, uint8_t *features) 2884{ 2885 struct dev_info *dev = &devs[index]; 2886 2887 DBG("hci%d", index); 2888 2889 memcpy(features, dev->features, 8); 2890 2891 return 0; 2892} 2893 2894static int hciops_disconnect(int index, uint16_t handle) 2895{ 2896 struct dev_info *dev = &devs[index]; 2897 disconnect_cp cp; 2898 2899 DBG("hci%d handle %u", index, handle); 2900 2901 memset(&cp, 0, sizeof(cp)); 2902 cp.handle = htobs(handle); 2903 cp.reason = HCI_OE_USER_ENDED_CONNECTION; 2904 2905 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_DISCONNECT, 2906 DISCONNECT_CP_SIZE, &cp) < 0) 2907 return -errno; 2908 2909 return 0; 2910} 2911 2912static int hciops_remove_bonding(int index, bdaddr_t *bdaddr) 2913{ 2914 struct dev_info *dev = &devs[index]; 2915 delete_stored_link_key_cp cp; 2916 GSList *match; 2917 char addr[18]; 2918 2919 ba2str(bdaddr, addr); 2920 DBG("hci%d dba %s", index, addr); 2921 2922 match = g_slist_find_custom(dev->keys, bdaddr, (GCompareFunc) bacmp); 2923 if (match) { 2924 g_free(match->data); 2925 dev->keys = g_slist_delete_link(dev->keys, match); 2926 } 2927 2928 memset(&cp, 0, sizeof(cp)); 2929 bacpy(&cp.bdaddr, bdaddr); 2930 2931 /* Delete the link key from the Bluetooth chip */ 2932 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_DELETE_STORED_LINK_KEY, 2933 DELETE_STORED_LINK_KEY_CP_SIZE, &cp) < 0) 2934 return -errno; 2935 2936 return 0; 2937} 2938 2939static int hciops_request_authentication(int index, uint16_t handle) 2940{ 2941 struct dev_info *dev = &devs[index]; 2942 auth_requested_cp cp; 2943 2944 DBG("hci%d handle %u", index, handle); 2945 2946 memset(&cp, 0, sizeof(cp)); 2947 cp.handle = htobs(handle); 2948 2949 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_AUTH_REQUESTED, 2950 AUTH_REQUESTED_CP_SIZE, &cp) < 0) 2951 return -errno; 2952 2953 return 0; 2954} 2955 2956static int hciops_pincode_reply(int index, bdaddr_t *bdaddr, const char *pin) 2957{ 2958 struct dev_info *dev = &devs[index]; 2959 char addr[18]; 2960 int err; 2961 2962 ba2str(bdaddr, addr); 2963 DBG("hci%d dba %s", index, addr); 2964 2965 if (pin) { 2966 pin_code_reply_cp pr; 2967 size_t len = strlen(pin); 2968 2969 dev->pin_length = len; 2970 2971 memset(&pr, 0, sizeof(pr)); 2972 bacpy(&pr.bdaddr, bdaddr); 2973 memcpy(pr.pin_code, pin, len); 2974 pr.pin_len = len; 2975 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2976 OCF_PIN_CODE_REPLY, 2977 PIN_CODE_REPLY_CP_SIZE, &pr); 2978 } else 2979 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2980 OCF_PIN_CODE_NEG_REPLY, 6, bdaddr); 2981 2982 if (err < 0) 2983 err = -errno; 2984 2985 return err; 2986} 2987 2988static int hciops_confirm_reply(int index, bdaddr_t *bdaddr, gboolean success) 2989{ 2990 struct dev_info *dev = &devs[index]; 2991 user_confirm_reply_cp cp; 2992 char addr[18]; 2993 int err; 2994 2995 ba2str(bdaddr, addr); 2996 DBG("hci%d dba %s success %d", index, addr, success); 2997 2998 memset(&cp, 0, sizeof(cp)); 2999 bacpy(&cp.bdaddr, bdaddr); 3000 3001 if (success) 3002 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 3003 OCF_USER_CONFIRM_REPLY, 3004 USER_CONFIRM_REPLY_CP_SIZE, &cp); 3005 else 3006 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 3007 OCF_USER_CONFIRM_NEG_REPLY, 3008 USER_CONFIRM_REPLY_CP_SIZE, &cp); 3009 3010 if (err < 0) 3011 err = -errno; 3012 3013 return err; 3014} 3015 3016static int hciops_passkey_reply(int index, bdaddr_t *bdaddr, uint32_t passkey) 3017{ 3018 struct dev_info *dev = &devs[index]; 3019 char addr[18]; 3020 int err; 3021 3022 ba2str(bdaddr, addr); 3023 DBG("hci%d dba %s", index, addr); 3024 3025 if (passkey != INVALID_PASSKEY) { 3026 user_passkey_reply_cp cp; 3027 3028 memset(&cp, 0, sizeof(cp)); 3029 bacpy(&cp.bdaddr, bdaddr); 3030 cp.passkey = passkey; 3031 3032 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 3033 OCF_USER_PASSKEY_REPLY, 3034 USER_PASSKEY_REPLY_CP_SIZE, &cp); 3035 } else 3036 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 3037 OCF_USER_PASSKEY_NEG_REPLY, 6, bdaddr); 3038 3039 if (err < 0) 3040 err = -errno; 3041 3042 return err; 3043} 3044 3045static int hciops_get_auth_info(int index, bdaddr_t *bdaddr, uint8_t *auth) 3046{ 3047 struct dev_info *dev = &devs[index]; 3048 struct hci_auth_info_req req; 3049 char addr[18]; 3050 3051 ba2str(bdaddr, addr); 3052 DBG("hci%d dba %s", index, addr); 3053 3054 memset(&req, 0, sizeof(req)); 3055 bacpy(&req.bdaddr, bdaddr); 3056 3057 if (ioctl(dev->sk, HCIGETAUTHINFO, (unsigned long) &req) < 0) 3058 return -errno; 3059 3060 if (auth) 3061 *auth = req.type; 3062 3063 return 0; 3064} 3065 3066static int hciops_read_scan_enable(int index) 3067{ 3068 struct dev_info *dev = &devs[index]; 3069 3070 DBG("hci%d", index); 3071 3072 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_READ_SCAN_ENABLE, 3073 0, NULL) < 0) 3074 return -errno; 3075 3076 return 0; 3077} 3078 3079static int hciops_enable_le(int index) 3080{ 3081 struct dev_info *dev = &devs[index]; 3082 write_le_host_supported_cp cp; 3083 3084 DBG("hci%d", index); 3085 3086 if (!(dev->features[4] & LMP_LE)) 3087 return -ENOTSUP; 3088 3089 cp.le = 0x01; 3090 cp.simul = (dev->features[6] & LMP_LE_BREDR) ? 0x01 : 0x00; 3091 3092 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 3093 OCF_WRITE_LE_HOST_SUPPORTED, 3094 WRITE_LE_HOST_SUPPORTED_CP_SIZE, &cp) < 0) 3095 return -errno; 3096 3097 return 0; 3098} 3099 3100struct remote_version_req { 3101 int index; 3102 uint16_t handle; 3103}; 3104 3105static gboolean get_remote_version(gpointer user_data) 3106{ 3107 struct remote_version_req *req = user_data; 3108 struct dev_info *dev = &devs[req->index]; 3109 read_remote_version_cp cp; 3110 3111 DBG("hci%d handle %u", req->index, req->handle); 3112 3113 memset(&cp, 0, sizeof(cp)); 3114 cp.handle = htobs(req->handle); 3115 3116 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_READ_REMOTE_VERSION, 3117 READ_REMOTE_VERSION_CP_SIZE, &cp); 3118 3119 return FALSE; 3120} 3121 3122static int hciops_get_remote_version(int index, uint16_t handle, 3123 gboolean delayed) 3124{ 3125 struct remote_version_req *req; 3126 3127 DBG("hci%d handle %u delayed %d", index, handle, delayed); 3128 3129 req = g_new0(struct remote_version_req, 1); 3130 req->handle = handle; 3131 req->index = index; 3132 3133 if (!delayed) { 3134 get_remote_version(req); 3135 g_free(req); 3136 return 0; 3137 } 3138 3139 g_timeout_add_seconds_full(G_PRIORITY_DEFAULT, 1, get_remote_version, 3140 req, g_free); 3141 3142 return 0; 3143} 3144 3145static int set_service_classes(int index, uint8_t value) 3146{ 3147 struct dev_info *dev = &devs[index]; 3148 int err; 3149 3150 DBG("hci%d value %u", index, value); 3151 3152 /* Update only the service class, keep the limited bit, 3153 * major/minor class bits intact */ 3154 dev->wanted_cod &= 0x00ffff; 3155 dev->wanted_cod |= (value << 16); 3156 3157 /* If the cache is enabled or an existing CoD write is in progress 3158 * just bail out */ 3159 if (dev->cache_enable || dev->pending_cod) 3160 return 0; 3161 3162 /* If we already have the CoD we want, update EIR and return */ 3163 if (dev->current_cod == dev->wanted_cod) { 3164 update_ext_inquiry_response(index); 3165 return 0; 3166 } 3167 3168 DBG("Changing service classes to 0x%06x", dev->wanted_cod); 3169 3170 err = write_class(index, dev->wanted_cod); 3171 if (err < 0) 3172 error("Adapter class update failed: %s (%d)", 3173 strerror(-err), -err); 3174 3175 return err; 3176} 3177 3178static int hciops_services_updated(int index) 3179{ 3180 struct dev_info *dev = &devs[index]; 3181 struct btd_adapter *adapter; 3182 sdp_list_t *list; 3183 uint8_t val = 0; 3184 3185 DBG("hci%d", index); 3186 3187 adapter = manager_find_adapter(&dev->bdaddr); 3188 if (adapter == NULL) 3189 return -ENODEV; 3190 3191 for (list = adapter_get_services(adapter); list; list = list->next) { 3192 sdp_record_t *rec = list->data; 3193 3194 if (rec->svclass.type != SDP_UUID16) 3195 continue; 3196 3197 switch (rec->svclass.value.uuid16) { 3198 case DIALUP_NET_SVCLASS_ID: 3199 case CIP_SVCLASS_ID: 3200 val |= 0x42; /* Telephony & Networking */ 3201 break; 3202 case IRMC_SYNC_SVCLASS_ID: 3203 case OBEX_OBJPUSH_SVCLASS_ID: 3204 case OBEX_FILETRANS_SVCLASS_ID: 3205 case IRMC_SYNC_CMD_SVCLASS_ID: 3206 case PBAP_PSE_SVCLASS_ID: 3207 val |= 0x10; /* Object Transfer */ 3208 break; 3209 case HEADSET_SVCLASS_ID: 3210 case HANDSFREE_SVCLASS_ID: 3211 val |= 0x20; /* Audio */ 3212 break; 3213 case CORDLESS_TELEPHONY_SVCLASS_ID: 3214 case INTERCOM_SVCLASS_ID: 3215 case FAX_SVCLASS_ID: 3216 case SAP_SVCLASS_ID: 3217 /* 3218 * Setting the telephony bit for the handsfree audio gateway 3219 * role is not required by the HFP specification, but the 3220 * Nokia 616 carkit is just plain broken! It will refuse 3221 * pairing without this bit set. 3222 */ 3223 case HANDSFREE_AGW_SVCLASS_ID: 3224 val |= 0x40; /* Telephony */ 3225 break; 3226 case AUDIO_SOURCE_SVCLASS_ID: 3227 case VIDEO_SOURCE_SVCLASS_ID: 3228 val |= 0x08; /* Capturing */ 3229 break; 3230 case AUDIO_SINK_SVCLASS_ID: 3231 case VIDEO_SINK_SVCLASS_ID: 3232 val |= 0x04; /* Rendering */ 3233 break; 3234 case PANU_SVCLASS_ID: 3235 case NAP_SVCLASS_ID: 3236 case GN_SVCLASS_ID: 3237 val |= 0x02; /* Networking */ 3238 break; 3239 } 3240 } 3241 3242 return set_service_classes(index, val); 3243} 3244 3245static int hciops_disable_cod_cache(int index) 3246{ 3247 struct dev_info *dev = &devs[index]; 3248 3249 DBG("hci%d cache_enable %d", index, dev->cache_enable); 3250 3251 if (!dev->cache_enable) 3252 return 0; 3253 3254 DBG("hci%d current_cod 0x%06x wanted_cod 0x%06x", index, 3255 dev->current_cod, dev->wanted_cod); 3256 3257 /* Disable and flush svc cache. All successive service class 3258 * updates * will be written to the device */ 3259 dev->cache_enable = FALSE; 3260 3261 if (dev->current_cod == dev->wanted_cod) { 3262 update_ext_inquiry_response(index); 3263 return 0; 3264 } 3265 3266 return write_class(index, dev->wanted_cod); 3267} 3268 3269static int hciops_restore_powered(int index) 3270{ 3271 struct dev_info *dev = &devs[index]; 3272 3273 if (!dev->already_up && dev->up) 3274 return hciops_power_off(index); 3275 3276 return 0; 3277} 3278 3279static int hciops_load_keys(int index, GSList *keys) 3280{ 3281 struct dev_info *dev = &devs[index]; 3282 3283 DBG("hci%d keys %d", index, g_slist_length(keys)); 3284 3285 if (dev->keys != NULL) 3286 return -EEXIST; 3287 3288 dev->keys = keys; 3289 3290 return 0; 3291} 3292 3293static struct btd_adapter_ops hci_ops = { 3294 .setup = hciops_setup, 3295 .cleanup = hciops_cleanup, 3296 .power_on = hciops_power_on, 3297 .power_off = hciops_power_off, 3298 .set_connectable = hciops_set_connectable, 3299 .set_discoverable = hciops_set_discoverable, 3300 .set_pairable = hciops_set_pairable, 3301 .set_limited_discoverable = hciops_set_limited_discoverable, 3302 .start_inquiry = hciops_start_inquiry, 3303 .stop_inquiry = hciops_stop_inquiry, 3304 .start_scanning = hciops_start_scanning, 3305 .stop_scanning = hciops_stop_scanning, 3306 .resolve_name = hciops_resolve_name, 3307 .cancel_resolve_name = hciops_cancel_resolve_name, 3308 .set_name = hciops_set_name, 3309 .set_dev_class = hciops_set_dev_class, 3310 .set_fast_connectable = hciops_fast_connectable, 3311 .read_clock = hciops_read_clock, 3312 .get_conn_handle = hciops_conn_handle, 3313 .read_bdaddr = hciops_read_bdaddr, 3314 .block_device = hciops_block_device, 3315 .unblock_device = hciops_unblock_device, 3316 .get_conn_list = hciops_get_conn_list, 3317 .read_local_version = hciops_read_local_version, 3318 .read_local_features = hciops_read_local_features, 3319 .disconnect = hciops_disconnect, 3320 .remove_bonding = hciops_remove_bonding, 3321 .request_authentication = hciops_request_authentication, 3322 .pincode_reply = hciops_pincode_reply, 3323 .confirm_reply = hciops_confirm_reply, 3324 .passkey_reply = hciops_passkey_reply, 3325 .get_auth_info = hciops_get_auth_info, 3326 .read_scan_enable = hciops_read_scan_enable, 3327 .enable_le = hciops_enable_le, 3328 .get_remote_version = hciops_get_remote_version, 3329 .encrypt_link = hciops_encrypt_link, 3330 .set_did = hciops_set_did, 3331 .services_updated = hciops_services_updated, 3332 .disable_cod_cache = hciops_disable_cod_cache, 3333 .restore_powered = hciops_restore_powered, 3334 .load_keys = hciops_load_keys, 3335}; 3336 3337static int hciops_init(void) 3338{ 3339 DBG(""); 3340 return btd_register_adapter_ops(&hci_ops, FALSE); 3341} 3342 3343static void hciops_exit(void) 3344{ 3345 DBG(""); 3346 btd_adapter_cleanup_ops(&hci_ops); 3347} 3348 3349BLUETOOTH_PLUGIN_DEFINE(hciops, VERSION, 3350 BLUETOOTH_PLUGIN_PRIORITY_LOW, hciops_init, hciops_exit) 3351