hciops.c revision bd7f8939b50a12418476245f9b5117801f858b02
1/* 2 * 3 * BlueZ - Bluetooth protocol stack for Linux 4 * 5 * Copyright (C) 2004-2010 Marcel Holtmann <marcel@holtmann.org> 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 20 * 21 */ 22 23#ifdef HAVE_CONFIG_H 24#include <config.h> 25#endif 26 27#include <stdio.h> 28#include <errno.h> 29#include <unistd.h> 30#include <stdlib.h> 31#include <sys/types.h> 32#include <sys/ioctl.h> 33#include <sys/wait.h> 34 35#include <bluetooth/bluetooth.h> 36#include <bluetooth/hci.h> 37#include <bluetooth/hci_lib.h> 38 39#include <glib.h> 40 41#include "hcid.h" 42#include "sdpd.h" 43#include "adapter.h" 44#include "plugin.h" 45#include "log.h" 46#include "storage.h" 47#include "event.h" 48#include "device.h" 49#include "manager.h" 50 51#define HCI_REQ_TIMEOUT 5000 52 53static int child_pipe[2] = { -1, -1 }; 54 55static guint child_io_id = 0; 56static guint ctl_io_id = 0; 57 58/* Commands sent by kernel on starting an adapter */ 59enum { 60 PENDING_BDADDR, 61 PENDING_VERSION, 62 PENDING_FEATURES, 63 PENDING_NAME, 64}; 65 66#define set_bit(nr, addr) (*(addr) |= (1 << (nr))) 67#define clear_bit(nr, addr) (*(addr) &= ~(1 << (nr))) 68 69#define SK(index) devs[(index)].sk 70#define BDADDR(index) devs[(index)].bdaddr 71#define FEATURES(index) devs[(index)].features 72#define VER(index) devs[(index)].ver 73#define UP(index) devs[(index)].up 74#define PENDING(index) devs[(index)].pending 75#define CHANNEL(index) devs[(index)].channel 76#define WATCH_ID(index) devs[(index)].watch_id 77#define PIN_LENGTH(index) devs[(index)].pin_length 78 79static int max_dev = -1; 80static struct dev_info { 81 int sk; 82 bdaddr_t bdaddr; 83 uint8_t features[8]; 84 struct hci_version ver; 85 86 gboolean up; 87 unsigned long pending; 88 89 GIOChannel *channel; 90 guint watch_id; 91 int pin_length; 92} *devs = NULL; 93 94static int ignore_device(struct hci_dev_info *di) 95{ 96 return hci_test_bit(HCI_RAW, &di->flags) || di->type >> 4 != HCI_BREDR; 97} 98 99static void init_dev_info(int index, int sk) 100{ 101 memset(&devs[index], 0, sizeof(struct dev_info)); 102 SK(index) = sk; 103 PIN_LENGTH(index) = -1; 104} 105 106/* Async HCI command handling with callback support */ 107 108struct hci_cmd_data { 109 bt_hci_result_t cb; 110 uint16_t handle; 111 uint16_t ocf; 112 gpointer caller_data; 113}; 114 115static gboolean hci_event_watch(GIOChannel *io, 116 GIOCondition cond, gpointer user_data) 117{ 118 unsigned char buf[HCI_MAX_EVENT_SIZE], *body; 119 struct hci_cmd_data *cmd = user_data; 120 evt_cmd_status *evt_status; 121 evt_auth_complete *evt_auth; 122 evt_encrypt_change *evt_enc; 123 hci_event_hdr *hdr; 124 set_conn_encrypt_cp cp; 125 int dd; 126 uint16_t ocf; 127 uint8_t status = HCI_OE_POWER_OFF; 128 129 if (cond & G_IO_NVAL) { 130 cmd->cb(status, cmd->caller_data); 131 return FALSE; 132 } 133 134 if (cond & (G_IO_ERR | G_IO_HUP)) 135 goto failed; 136 137 dd = g_io_channel_unix_get_fd(io); 138 139 if (read(dd, buf, sizeof(buf)) < 0) 140 goto failed; 141 142 hdr = (hci_event_hdr *) (buf + 1); 143 body = buf + (1 + HCI_EVENT_HDR_SIZE); 144 145 switch (hdr->evt) { 146 case EVT_CMD_STATUS: 147 evt_status = (evt_cmd_status *) body; 148 ocf = cmd_opcode_ocf(evt_status->opcode); 149 if (ocf != cmd->ocf) 150 return TRUE; 151 switch (ocf) { 152 case OCF_AUTH_REQUESTED: 153 case OCF_SET_CONN_ENCRYPT: 154 if (evt_status->status != 0) { 155 /* Baseband rejected command */ 156 status = evt_status->status; 157 goto failed; 158 } 159 break; 160 default: 161 return TRUE; 162 } 163 /* Wait for the next event */ 164 return TRUE; 165 case EVT_AUTH_COMPLETE: 166 evt_auth = (evt_auth_complete *) body; 167 if (evt_auth->handle != cmd->handle) { 168 /* Skipping */ 169 return TRUE; 170 } 171 172 if (evt_auth->status != 0x00) { 173 status = evt_auth->status; 174 /* Abort encryption */ 175 goto failed; 176 } 177 178 memset(&cp, 0, sizeof(cp)); 179 cp.handle = cmd->handle; 180 cp.encrypt = 1; 181 182 cmd->ocf = OCF_SET_CONN_ENCRYPT; 183 184 if (hci_send_cmd(dd, OGF_LINK_CTL, OCF_SET_CONN_ENCRYPT, 185 SET_CONN_ENCRYPT_CP_SIZE, &cp) < 0) { 186 status = HCI_COMMAND_DISALLOWED; 187 goto failed; 188 } 189 /* Wait for encrypt change event */ 190 return TRUE; 191 case EVT_ENCRYPT_CHANGE: 192 evt_enc = (evt_encrypt_change *) body; 193 if (evt_enc->handle != cmd->handle) 194 return TRUE; 195 196 /* Procedure finished: reporting status */ 197 status = evt_enc->status; 198 break; 199 default: 200 /* Skipping */ 201 return TRUE; 202 } 203 204failed: 205 cmd->cb(status, cmd->caller_data); 206 g_io_channel_shutdown(io, TRUE, NULL); 207 208 return FALSE; 209} 210 211static int write_inq_mode(int index, uint8_t mode) 212{ 213 write_inquiry_mode_cp cp; 214 215 memset(&cp, 0, sizeof(cp)); 216 cp.mode = mode; 217 218 if (hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_WRITE_INQUIRY_MODE, 219 WRITE_INQUIRY_MODE_CP_SIZE, &cp) < 0) 220 return -errno; 221 222 return 0; 223} 224 225static uint8_t get_inquiry_mode(int index) 226{ 227 if (FEATURES(index)[6] & LMP_EXT_INQ) 228 return 2; 229 230 if (FEATURES(index)[3] & LMP_RSSI_INQ) 231 return 1; 232 233 if (VER(index).manufacturer == 11 && VER(index).hci_rev == 0x00 && 234 VER(index).lmp_subver == 0x0757) 235 return 1; 236 237 if (VER(index).manufacturer == 15) { 238 if (VER(index).hci_rev == 0x03 && 239 VER(index).lmp_subver == 0x6963) 240 return 1; 241 if (VER(index).hci_rev == 0x09 && 242 VER(index).lmp_subver == 0x6963) 243 return 1; 244 if (VER(index).hci_rev == 0x00 && 245 VER(index).lmp_subver == 0x6965) 246 return 1; 247 } 248 249 if (VER(index).manufacturer == 31 && VER(index).hci_rev == 0x2005 && 250 VER(index).lmp_subver == 0x1805) 251 return 1; 252 253 return 0; 254} 255 256static int init_ssp_mode(int index) 257{ 258 write_simple_pairing_mode_cp cp; 259 260 if (ioctl(SK(index), HCIGETAUTHINFO, NULL) < 0 && errno == EINVAL) 261 return 0; 262 263 memset(&cp, 0, sizeof(cp)); 264 cp.mode = 0x01; 265 266 if (hci_send_cmd(SK(index), OGF_HOST_CTL, 267 OCF_WRITE_SIMPLE_PAIRING_MODE, 268 WRITE_SIMPLE_PAIRING_MODE_CP_SIZE, &cp) < 0) 269 return -errno; 270 271 return 0; 272} 273 274static void start_adapter(int index) 275{ 276 uint8_t events[8] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f, 0x00, 0x00 }; 277 uint8_t inqmode; 278 279 if (VER(index).lmp_ver > 1) { 280 if (FEATURES(index)[5] & LMP_SNIFF_SUBR) 281 events[5] |= 0x20; 282 283 if (FEATURES(index)[5] & LMP_PAUSE_ENC) 284 events[5] |= 0x80; 285 286 if (FEATURES(index)[6] & LMP_EXT_INQ) 287 events[5] |= 0x40; 288 289 if (FEATURES(index)[6] & LMP_NFLUSH_PKTS) 290 events[7] |= 0x01; 291 292 if (FEATURES(index)[7] & LMP_LSTO) 293 events[6] |= 0x80; 294 295 if (FEATURES(index)[6] & LMP_SIMPLE_PAIR) { 296 events[6] |= 0x01; /* IO Capability Request */ 297 events[6] |= 0x02; /* IO Capability Response */ 298 events[6] |= 0x04; /* User Confirmation Request */ 299 events[6] |= 0x08; /* User Passkey Request */ 300 events[6] |= 0x10; /* Remote OOB Data Request */ 301 events[6] |= 0x20; /* Simple Pairing Complete */ 302 events[7] |= 0x04; /* User Passkey Notification */ 303 events[7] |= 0x08; /* Keypress Notification */ 304 events[7] |= 0x10; /* Remote Host Supported 305 * Features Notification */ 306 } 307 308 if (FEATURES(index)[4] & LMP_LE) 309 events[7] |= 0x20; /* LE Meta-Event */ 310 311 hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_SET_EVENT_MASK, 312 sizeof(events), events); 313 } 314 315 if (FEATURES(index)[6] & LMP_SIMPLE_PAIR) 316 init_ssp_mode(index); 317 318 inqmode = get_inquiry_mode(index); 319 if (inqmode) 320 write_inq_mode(index, inqmode); 321 322 if (FEATURES(index)[7] & LMP_INQ_TX_PWR) 323 hci_send_cmd(SK(index), OGF_HOST_CTL, 324 OCF_READ_INQ_RESPONSE_TX_POWER_LEVEL, 0, NULL); 325 326 manager_start_adapter(index); 327} 328 329static int hciops_encrypt_link(int index, bdaddr_t *dst, bt_hci_result_t cb, 330 gpointer user_data) 331{ 332 GIOChannel *io; 333 struct hci_cmd_data *cmd; 334 struct hci_conn_info_req *cr; 335 auth_requested_cp cp; 336 struct hci_filter nf; 337 int dd, err; 338 uint32_t link_mode; 339 uint16_t handle; 340 341 cr = g_malloc0(sizeof(*cr) + sizeof(struct hci_conn_info)); 342 cr->type = ACL_LINK; 343 bacpy(&cr->bdaddr, dst); 344 345 err = ioctl(SK(index), HCIGETCONNINFO, cr); 346 link_mode = cr->conn_info->link_mode; 347 handle = cr->conn_info->handle; 348 g_free(cr); 349 350 if (err < 0) 351 return -errno; 352 353 if (link_mode & HCI_LM_ENCRYPT) 354 return -EALREADY; 355 356 memset(&cp, 0, sizeof(cp)); 357 cp.handle = htobs(handle); 358 359 if (hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_AUTH_REQUESTED, 360 AUTH_REQUESTED_CP_SIZE, &cp) < 0) 361 return -errno; 362 363 dd = dup(SK(index)); 364 if (dd < 0) 365 return -errno; 366 367 cmd = g_new0(struct hci_cmd_data, 1); 368 cmd->handle = handle; 369 cmd->ocf = OCF_AUTH_REQUESTED; 370 cmd->cb = cb; 371 cmd->caller_data = user_data; 372 373 hci_filter_clear(&nf); 374 hci_filter_set_ptype(HCI_EVENT_PKT, &nf); 375 hci_filter_set_event(EVT_CMD_STATUS, &nf); 376 hci_filter_set_event(EVT_AUTH_COMPLETE, &nf); 377 hci_filter_set_event(EVT_ENCRYPT_CHANGE, &nf); 378 379 if (setsockopt(dd, SOL_HCI, HCI_FILTER, &nf, sizeof(nf)) < 0) { 380 err = -errno; 381 g_free(cmd); 382 close(dd); 383 return -err; 384 } 385 386 io = g_io_channel_unix_new(dup(SK(index))); 387 g_io_channel_set_close_on_unref(io, FALSE); 388 g_io_add_watch_full(io, G_PRIORITY_DEFAULT, 389 G_IO_HUP | G_IO_ERR | G_IO_NVAL | G_IO_IN, 390 hci_event_watch, cmd, g_free); 391 g_io_channel_unref(io); 392 393 return 0; 394} 395 396/* End async HCI command handling */ 397 398/* Start of HCI event callbacks */ 399 400static int get_handle(int index, bdaddr_t *dba, uint16_t *handle) 401{ 402 struct hci_conn_list_req *cl; 403 struct hci_conn_info *ci; 404 int i; 405 406 cl = g_malloc0(10 * sizeof(*ci) + sizeof(*cl)); 407 408 cl->dev_id = index; 409 cl->conn_num = 10; 410 ci = cl->conn_info; 411 412 if (ioctl(SK(index), HCIGETCONNLIST, (void *) cl) < 0) { 413 g_free(cl); 414 return -EIO; 415 } 416 417 for (i = 0; i < cl->conn_num; i++, ci++) { 418 if (bacmp(&ci->bdaddr, dba) == 0) { 419 *handle = ci->handle; 420 g_free(cl); 421 return 0; 422 } 423 } 424 425 g_free(cl); 426 427 return -ENOENT; 428} 429 430static inline int get_bdaddr(int index, uint16_t handle, bdaddr_t *dba) 431{ 432 struct hci_conn_list_req *cl; 433 struct hci_conn_info *ci; 434 int i; 435 436 cl = g_malloc0(10 * sizeof(*ci) + sizeof(*cl)); 437 438 cl->dev_id = index; 439 cl->conn_num = 10; 440 ci = cl->conn_info; 441 442 if (ioctl(SK(index), HCIGETCONNLIST, (void *) cl) < 0) { 443 g_free(cl); 444 return -EIO; 445 } 446 447 for (i = 0; i < cl->conn_num; i++, ci++) 448 if (ci->handle == handle) { 449 bacpy(dba, &ci->bdaddr); 450 g_free(cl); 451 return 0; 452 } 453 454 g_free(cl); 455 456 return -ENOENT; 457} 458 459static inline void update_lastseen(bdaddr_t *sba, bdaddr_t *dba) 460{ 461 time_t t; 462 struct tm *tm; 463 464 t = time(NULL); 465 tm = gmtime(&t); 466 467 write_lastseen_info(sba, dba, tm); 468} 469 470static inline void update_lastused(bdaddr_t *sba, bdaddr_t *dba) 471{ 472 time_t t; 473 struct tm *tm; 474 475 t = time(NULL); 476 tm = gmtime(&t); 477 478 write_lastused_info(sba, dba, tm); 479} 480 481/* Link Key handling */ 482 483static void link_key_request(int index, bdaddr_t *dba) 484{ 485 struct btd_adapter *adapter; 486 struct btd_device *device; 487 struct hci_auth_info_req req; 488 unsigned char key[16]; 489 char sa[18], da[18]; 490 uint8_t type; 491 int err; 492 493 ba2str(&BDADDR(index), sa); ba2str(dba, da); 494 info("link_key_request (sba=%s, dba=%s)", sa, da); 495 496 adapter = manager_find_adapter(&BDADDR(index)); 497 if (adapter) 498 device = adapter_find_device(adapter, da); 499 else 500 device = NULL; 501 502 memset(&req, 0, sizeof(req)); 503 bacpy(&req.bdaddr, dba); 504 505 err = ioctl(SK(index), HCIGETAUTHINFO, (unsigned long) &req); 506 if (err < 0) { 507 if (errno != EINVAL) 508 DBG("HCIGETAUTHINFO failed %s (%d)", 509 strerror(errno), errno); 510 req.type = 0x00; 511 } 512 513 DBG("kernel auth requirements = 0x%02x", req.type); 514 515 if (main_opts.debug_keys && device && 516 device_get_debug_key(device, key)) 517 type = 0x03; 518 else if (read_link_key(&BDADDR(index), dba, key, &type) < 0 || 519 type == 0x03) { 520 /* Link key not found */ 521 hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_LINK_KEY_NEG_REPLY, 522 6, dba); 523 return; 524 } 525 526 /* Link key found */ 527 528 DBG("link key type = 0x%02x", type); 529 530 /* Don't use unauthenticated combination keys if MITM is 531 * required */ 532 if (type == 0x04 && req.type != 0xff && (req.type & 0x01)) 533 hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_LINK_KEY_NEG_REPLY, 534 6, dba); 535 else { 536 link_key_reply_cp lr; 537 538 memcpy(lr.link_key, key, 16); 539 bacpy(&lr.bdaddr, dba); 540 541 hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_LINK_KEY_REPLY, 542 LINK_KEY_REPLY_CP_SIZE, &lr); 543 } 544} 545 546static void link_key_notify(int index, void *ptr) 547{ 548 evt_link_key_notify *evt = ptr; 549 bdaddr_t *dba = &evt->bdaddr; 550 char sa[18], da[18]; 551 int err; 552 unsigned char old_key[16]; 553 uint8_t old_key_type; 554 555 ba2str(&BDADDR(index), sa); ba2str(dba, da); 556 info("link_key_notify (sba=%s, dba=%s, type=%d)", sa, da, 557 evt->key_type); 558 559 err = read_link_key(&BDADDR(index), dba, old_key, &old_key_type); 560 if (err < 0) 561 old_key_type = 0xff; 562 563 err = btd_event_link_key_notify(&BDADDR(index), dba, evt->link_key, 564 evt->key_type, PIN_LENGTH(index), 565 old_key_type); 566 PIN_LENGTH(index) = -1; 567 568 if (err < 0) { 569 uint16_t handle; 570 571 if (err == -ENODEV) 572 btd_event_bonding_process_complete(&BDADDR(index), dba, 573 HCI_OE_LOW_RESOURCES); 574 else 575 btd_event_bonding_process_complete(&BDADDR(index), dba, 576 HCI_MEMORY_FULL); 577 578 if (get_handle(index, dba, &handle) == 0) { 579 disconnect_cp cp; 580 581 memset(&cp, 0, sizeof(cp)); 582 cp.handle = htobs(handle); 583 cp.reason = HCI_OE_LOW_RESOURCES; 584 585 hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_DISCONNECT, 586 DISCONNECT_CP_SIZE, &cp); 587 } 588 } 589} 590 591static void return_link_keys(int index, void *ptr) 592{ 593 evt_return_link_keys *evt = ptr; 594 uint8_t num = evt->num_keys; 595 unsigned char key[16]; 596 char sa[18], da[18]; 597 bdaddr_t dba; 598 int i; 599 600 ba2str(&BDADDR(index), sa); 601 ptr++; 602 603 for (i = 0; i < num; i++) { 604 bacpy(&dba, ptr); ba2str(&dba, da); 605 memcpy(key, ptr + 6, 16); 606 607 info("return_link_keys (sba=%s, dba=%s)", sa, da); 608 609 btd_event_returned_link_key(&BDADDR(index), &dba); 610 611 ptr += 22; 612 } 613} 614 615/* Simple Pairing handling */ 616 617static void user_confirm_request(int index, void *ptr) 618{ 619 evt_user_confirm_request *req = ptr; 620 621 if (btd_event_user_confirm(&BDADDR(index), &req->bdaddr, 622 btohl(req->passkey)) < 0) 623 hci_send_cmd(SK(index), OGF_LINK_CTL, 624 OCF_USER_CONFIRM_NEG_REPLY, 6, ptr); 625} 626 627static void user_passkey_request(int index, void *ptr) 628{ 629 evt_user_passkey_request *req = ptr; 630 631 if (btd_event_user_passkey(&BDADDR(index), &req->bdaddr) < 0) 632 hci_send_cmd(SK(index), OGF_LINK_CTL, 633 OCF_USER_PASSKEY_NEG_REPLY, 6, ptr); 634} 635 636static void user_passkey_notify(int index, void *ptr) 637{ 638 evt_user_passkey_notify *req = ptr; 639 640 btd_event_user_notify(&BDADDR(index), &req->bdaddr, 641 btohl(req->passkey)); 642} 643 644static void remote_oob_data_request(int index, void *ptr) 645{ 646 hci_send_cmd(SK(index), OGF_LINK_CTL, 647 OCF_REMOTE_OOB_DATA_NEG_REPLY, 6, ptr); 648} 649 650static void io_capa_request(int index, void *ptr) 651{ 652 bdaddr_t *dba = ptr; 653 char sa[18], da[18]; 654 uint8_t cap, auth; 655 656 ba2str(&BDADDR(index), sa); ba2str(dba, da); 657 info("io_capa_request (sba=%s, dba=%s)", sa, da); 658 659 if (btd_event_get_io_cap(&BDADDR(index), dba, &cap, &auth) < 0) { 660 io_capability_neg_reply_cp cp; 661 memset(&cp, 0, sizeof(cp)); 662 bacpy(&cp.bdaddr, dba); 663 cp.reason = HCI_PAIRING_NOT_ALLOWED; 664 hci_send_cmd(SK(index), OGF_LINK_CTL, 665 OCF_IO_CAPABILITY_NEG_REPLY, 666 IO_CAPABILITY_NEG_REPLY_CP_SIZE, &cp); 667 } else { 668 io_capability_reply_cp cp; 669 memset(&cp, 0, sizeof(cp)); 670 bacpy(&cp.bdaddr, dba); 671 cp.capability = cap; 672 cp.oob_data = 0x00; 673 cp.authentication = auth; 674 hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_IO_CAPABILITY_REPLY, 675 IO_CAPABILITY_REPLY_CP_SIZE, &cp); 676 } 677} 678 679static void io_capa_response(int index, void *ptr) 680{ 681 evt_io_capability_response *evt = ptr; 682 char sa[18], da[18]; 683 684 ba2str(&BDADDR(index), sa); ba2str(&evt->bdaddr, da); 685 info("io_capa_response (sba=%s, dba=%s)", sa, da); 686 687 btd_event_set_io_cap(&BDADDR(index), &evt->bdaddr, 688 evt->capability, evt->authentication); 689} 690 691/* PIN code handling */ 692 693static void pin_code_request(int index, bdaddr_t *dba) 694{ 695 pin_code_reply_cp pr; 696 struct hci_conn_info_req *cr; 697 struct hci_conn_info *ci; 698 char sa[18], da[18], pin[17]; 699 int pinlen; 700 701 memset(&pr, 0, sizeof(pr)); 702 bacpy(&pr.bdaddr, dba); 703 704 ba2str(&BDADDR(index), sa); ba2str(dba, da); 705 info("pin_code_request (sba=%s, dba=%s)", sa, da); 706 707 cr = g_malloc0(sizeof(*cr) + sizeof(*ci)); 708 709 bacpy(&cr->bdaddr, dba); 710 cr->type = ACL_LINK; 711 if (ioctl(SK(index), HCIGETCONNINFO, (unsigned long) cr) < 0) { 712 error("Can't get conn info: %s (%d)", strerror(errno), errno); 713 goto reject; 714 } 715 ci = cr->conn_info; 716 717 memset(pin, 0, sizeof(pin)); 718 pinlen = read_pin_code(&BDADDR(index), dba, pin); 719 720 if (pinlen > 0) { 721 PIN_LENGTH(index) = pinlen; 722 memcpy(pr.pin_code, pin, pinlen); 723 pr.pin_len = pinlen; 724 hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_PIN_CODE_REPLY, 725 PIN_CODE_REPLY_CP_SIZE, &pr); 726 } else { 727 /* Request PIN from passkey agent */ 728 if (btd_event_request_pin(&BDADDR(index), ci) < 0) 729 goto reject; 730 } 731 732 g_free(cr); 733 734 return; 735 736reject: 737 g_free(cr); 738 739 hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_PIN_CODE_NEG_REPLY, 6, dba); 740} 741 742static void start_inquiry(bdaddr_t *local, uint8_t status, gboolean periodic) 743{ 744 struct btd_adapter *adapter; 745 int state; 746 747 /* Don't send the signal if the cmd failed */ 748 if (status) { 749 error("Inquiry Failed with status 0x%02x", status); 750 return; 751 } 752 753 adapter = manager_find_adapter(local); 754 if (!adapter) { 755 error("Unable to find matching adapter"); 756 return; 757 } 758 759 state = adapter_get_state(adapter); 760 761 if (periodic) 762 state |= STATE_PINQ; 763 else 764 state |= STATE_STDINQ; 765 766 adapter_set_state(adapter, state); 767} 768 769static void inquiry_complete(bdaddr_t *local, uint8_t status, 770 gboolean periodic) 771{ 772 struct btd_adapter *adapter; 773 int state; 774 775 /* Don't send the signal if the cmd failed */ 776 if (status) { 777 error("Inquiry Failed with status 0x%02x", status); 778 return; 779 } 780 781 adapter = manager_find_adapter(local); 782 if (!adapter) { 783 error("Unable to find matching adapter"); 784 return; 785 } 786 787 state = adapter_get_state(adapter); 788 state &= ~(STATE_STDINQ | STATE_PINQ); 789 adapter_set_state(adapter, state); 790} 791 792static inline void remote_features_notify(int index, void *ptr) 793{ 794 evt_remote_host_features_notify *evt = ptr; 795 796 if (evt->features[0] & 0x01) 797 btd_event_set_legacy_pairing(&BDADDR(index), &evt->bdaddr, 798 FALSE); 799 else 800 btd_event_set_legacy_pairing(&BDADDR(index), &evt->bdaddr, 801 TRUE); 802 803 write_features_info(&BDADDR(index), &evt->bdaddr, NULL, evt->features); 804} 805 806static void write_le_host_complete(bdaddr_t *sba, uint8_t status) 807{ 808 struct btd_adapter *adapter; 809 810 if (status) 811 return; 812 813 adapter = manager_find_adapter(sba); 814 if (!adapter) { 815 error("No matching adapter found"); 816 return; 817 } 818 819 btd_adapter_read_local_ext_features(adapter); 820} 821 822static void read_local_version_complete(int index, 823 const read_local_version_rp *rp) 824{ 825 if (rp->status) 826 return; 827 828 VER(index).manufacturer = btohs(bt_get_unaligned(&rp->manufacturer)); 829 VER(index).hci_ver = rp->hci_ver; 830 VER(index).hci_rev = btohs(bt_get_unaligned(&rp->hci_rev)); 831 VER(index).lmp_ver = rp->lmp_ver; 832 VER(index).lmp_subver = btohs(bt_get_unaligned(&rp->lmp_subver)); 833 834 if (!PENDING(index)) 835 return; 836 837 clear_bit(PENDING_VERSION, &PENDING(index)); 838 839 DBG("Got version for hci%d", index); 840 841 if (!PENDING(index) && UP(index)) 842 start_adapter(index); 843} 844 845static void read_local_features_complete(int index, 846 const read_local_features_rp *rp) 847{ 848 if (rp->status) 849 return; 850 851 memcpy(FEATURES(index), rp->features, 8); 852 853 if (!PENDING(index)) 854 return; 855 856 clear_bit(PENDING_FEATURES, &PENDING(index)); 857 858 DBG("Got features for hci%d", index); 859 860 if (!PENDING(index) && UP(index)) 861 start_adapter(index); 862} 863 864static void read_local_name_complete(int index, read_local_name_rp *rp) 865{ 866 if (rp->status) 867 return; 868 869 if (!PENDING(index)) { 870 adapter_update_local_name(&BDADDR(index), rp); 871 return; 872 } 873 874 clear_bit(PENDING_NAME, &PENDING(index)); 875 876 DBG("Got name for hci%d", index); 877 878 if (!PENDING(index) && UP(index)) 879 start_adapter(index); 880} 881 882static void read_local_ext_features_complete(bdaddr_t *sba, 883 const read_local_ext_features_rp *rp) 884{ 885 struct btd_adapter *adapter; 886 887 if (rp->status) 888 return; 889 890 adapter = manager_find_adapter(sba); 891 if (!adapter) { 892 error("No matching adapter found"); 893 return; 894 } 895 896 /* Local Extended feature page number is 1 */ 897 if (rp->page_num != 1) 898 return; 899 900 btd_adapter_update_local_ext_features(adapter, rp->features); 901} 902 903static void read_bd_addr_complete(int index, read_bd_addr_rp *rp) 904{ 905 if (rp->status) 906 return; 907 908 bacpy(&BDADDR(index), &rp->bdaddr); 909 910 if (!PENDING(index)) 911 return; 912 913 clear_bit(PENDING_BDADDR, &PENDING(index)); 914 915 DBG("Got bdaddr for hci%d", index); 916 917 if (!PENDING(index) && UP(index)) 918 start_adapter(index); 919} 920 921static inline void cmd_status(int index, void *ptr) 922{ 923 evt_cmd_status *evt = ptr; 924 uint16_t opcode = btohs(evt->opcode); 925 926 if (opcode == cmd_opcode_pack(OGF_LINK_CTL, OCF_INQUIRY)) 927 start_inquiry(&BDADDR(index), evt->status, FALSE); 928} 929 930static void read_scan_complete(int index, uint8_t status, void *ptr) 931{ 932 struct btd_adapter *adapter; 933 read_scan_enable_rp *rp = ptr; 934 935 adapter = manager_find_adapter(&BDADDR(index)); 936 937 if (!adapter) { 938 error("Unable to find matching adapter"); 939 return; 940 } 941 942 adapter_mode_changed(adapter, rp->enable); 943} 944 945static inline void cmd_complete(int index, void *ptr) 946{ 947 evt_cmd_complete *evt = ptr; 948 uint16_t opcode = btohs(evt->opcode); 949 uint8_t status = *((uint8_t *) ptr + EVT_CMD_COMPLETE_SIZE); 950 951 switch (opcode) { 952 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_VERSION): 953 ptr += sizeof(evt_cmd_complete); 954 read_local_version_complete(index, ptr); 955 break; 956 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_FEATURES): 957 ptr += sizeof(evt_cmd_complete); 958 read_local_features_complete(index, ptr); 959 break; 960 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_EXT_FEATURES): 961 ptr += sizeof(evt_cmd_complete); 962 read_local_ext_features_complete(&BDADDR(index), ptr); 963 break; 964 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_BD_ADDR): 965 ptr += sizeof(evt_cmd_complete); 966 read_bd_addr_complete(index, ptr); 967 break; 968 case cmd_opcode_pack(OGF_LINK_CTL, OCF_PERIODIC_INQUIRY): 969 start_inquiry(&BDADDR(index), status, TRUE); 970 break; 971 case cmd_opcode_pack(OGF_LINK_CTL, OCF_EXIT_PERIODIC_INQUIRY): 972 inquiry_complete(&BDADDR(index), status, TRUE); 973 break; 974 case cmd_opcode_pack(OGF_LINK_CTL, OCF_INQUIRY_CANCEL): 975 inquiry_complete(&BDADDR(index), status, FALSE); 976 break; 977 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_LE_HOST_SUPPORTED): 978 write_le_host_complete(&BDADDR(index), status); 979 break; 980 case cmd_opcode_pack(OGF_LE_CTL, OCF_LE_SET_SCAN_ENABLE): 981 btd_event_le_set_scan_enable_complete(&BDADDR(index), status); 982 break; 983 case cmd_opcode_pack(OGF_HOST_CTL, OCF_CHANGE_LOCAL_NAME): 984 if (!status) 985 hci_send_cmd(SK(index), OGF_HOST_CTL, 986 OCF_READ_LOCAL_NAME, 0, 0); 987 break; 988 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE): 989 btd_event_setscan_enable_complete(&BDADDR(index)); 990 break; 991 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_SCAN_ENABLE): 992 ptr += sizeof(evt_cmd_complete); 993 read_scan_complete(index, status, ptr); 994 break; 995 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_CLASS_OF_DEV): 996 adapter_set_class_complete(&BDADDR(index), status); 997 break; 998 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_SIMPLE_PAIRING_MODE): 999 if (!status) 1000 hci_send_cmd(SK(index), OGF_HOST_CTL, 1001 OCF_READ_SIMPLE_PAIRING_MODE, 0, NULL); 1002 break; 1003 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_SIMPLE_PAIRING_MODE): 1004 ptr += sizeof(evt_cmd_complete); 1005 btd_event_read_simple_pairing_mode_complete(&BDADDR(index), 1006 ptr); 1007 break; 1008 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_LOCAL_NAME): 1009 ptr += sizeof(evt_cmd_complete); 1010 read_local_name_complete(index, ptr); 1011 break; 1012 case cmd_opcode_pack(OGF_HOST_CTL, 1013 OCF_READ_INQ_RESPONSE_TX_POWER_LEVEL): 1014 ptr += sizeof(evt_cmd_complete); 1015 adapter_update_tx_power(&BDADDR(index), status, ptr); 1016 break; 1017 }; 1018} 1019 1020static inline void remote_name_information(int index, void *ptr) 1021{ 1022 evt_remote_name_req_complete *evt = ptr; 1023 char name[MAX_NAME_LENGTH + 1]; 1024 1025 memset(name, 0, sizeof(name)); 1026 1027 if (!evt->status) 1028 memcpy(name, evt->name, MAX_NAME_LENGTH); 1029 1030 btd_event_remote_name(&BDADDR(index), &evt->bdaddr, evt->status, name); 1031} 1032 1033static inline void remote_version_information(int index, void *ptr) 1034{ 1035 evt_read_remote_version_complete *evt = ptr; 1036 bdaddr_t dba; 1037 1038 if (evt->status) 1039 return; 1040 1041 if (get_bdaddr(index, btohs(evt->handle), &dba) < 0) 1042 return; 1043 1044 write_version_info(&BDADDR(index), &dba, btohs(evt->manufacturer), 1045 evt->lmp_ver, btohs(evt->lmp_subver)); 1046} 1047 1048static inline void inquiry_result(int index, int plen, void *ptr) 1049{ 1050 uint8_t num = *(uint8_t *) ptr++; 1051 int i; 1052 1053 for (i = 0; i < num; i++) { 1054 inquiry_info *info = ptr; 1055 uint32_t class = info->dev_class[0] | 1056 (info->dev_class[1] << 8) | 1057 (info->dev_class[2] << 16); 1058 1059 btd_event_inquiry_result(&BDADDR(index), &info->bdaddr, class, 1060 0, NULL); 1061 1062 update_lastseen(&BDADDR(index), &info->bdaddr); 1063 1064 ptr += INQUIRY_INFO_SIZE; 1065 } 1066} 1067 1068static inline void inquiry_result_with_rssi(int index, int plen, void *ptr) 1069{ 1070 uint8_t num = *(uint8_t *) ptr++; 1071 int i; 1072 1073 if (!num) 1074 return; 1075 1076 if ((plen - 1) / num == INQUIRY_INFO_WITH_RSSI_AND_PSCAN_MODE_SIZE) { 1077 for (i = 0; i < num; i++) { 1078 inquiry_info_with_rssi_and_pscan_mode *info = ptr; 1079 uint32_t class = info->dev_class[0] 1080 | (info->dev_class[1] << 8) 1081 | (info->dev_class[2] << 16); 1082 1083 btd_event_inquiry_result(&BDADDR(index), &info->bdaddr, 1084 class, info->rssi, NULL); 1085 1086 update_lastseen(&BDADDR(index), &info->bdaddr); 1087 1088 ptr += INQUIRY_INFO_WITH_RSSI_AND_PSCAN_MODE_SIZE; 1089 } 1090 } else { 1091 for (i = 0; i < num; i++) { 1092 inquiry_info_with_rssi *info = ptr; 1093 uint32_t class = info->dev_class[0] 1094 | (info->dev_class[1] << 8) 1095 | (info->dev_class[2] << 16); 1096 1097 btd_event_inquiry_result(&BDADDR(index), &info->bdaddr, 1098 class, info->rssi, NULL); 1099 1100 update_lastseen(&BDADDR(index), &info->bdaddr); 1101 1102 ptr += INQUIRY_INFO_WITH_RSSI_SIZE; 1103 } 1104 } 1105} 1106 1107static inline void extended_inquiry_result(int index, int plen, void *ptr) 1108{ 1109 uint8_t num = *(uint8_t *) ptr++; 1110 int i; 1111 1112 for (i = 0; i < num; i++) { 1113 extended_inquiry_info *info = ptr; 1114 uint32_t class = info->dev_class[0] 1115 | (info->dev_class[1] << 8) 1116 | (info->dev_class[2] << 16); 1117 1118 btd_event_inquiry_result(&BDADDR(index), &info->bdaddr, class, 1119 info->rssi, info->data); 1120 1121 update_lastseen(&BDADDR(index), &info->bdaddr); 1122 1123 ptr += EXTENDED_INQUIRY_INFO_SIZE; 1124 } 1125} 1126 1127static inline void remote_features_information(int index, void *ptr) 1128{ 1129 evt_read_remote_features_complete *evt = ptr; 1130 bdaddr_t dba; 1131 1132 if (evt->status) 1133 return; 1134 1135 if (get_bdaddr(index, btohs(evt->handle), &dba) < 0) 1136 return; 1137 1138 write_features_info(&BDADDR(index), &dba, evt->features, NULL); 1139} 1140 1141static inline void conn_complete(int index, void *ptr) 1142{ 1143 evt_conn_complete *evt = ptr; 1144 char filename[PATH_MAX]; 1145 char local_addr[18], peer_addr[18], *str; 1146 struct btd_adapter *adapter; 1147 1148 adapter = manager_find_adapter(&BDADDR(index)); 1149 if (!adapter) { 1150 error("Unable to find matching adapter"); 1151 return; 1152 } 1153 1154 if (evt->link_type != ACL_LINK) 1155 return; 1156 1157 btd_event_conn_complete(&BDADDR(index), evt->status, 1158 btohs(evt->handle), &evt->bdaddr); 1159 1160 if (evt->status) 1161 return; 1162 1163 update_lastused(&BDADDR(index), &evt->bdaddr); 1164 1165 /* check if the remote version needs be requested */ 1166 ba2str(&BDADDR(index), local_addr); 1167 ba2str(&evt->bdaddr, peer_addr); 1168 1169 create_name(filename, sizeof(filename), STORAGEDIR, local_addr, 1170 "manufacturers"); 1171 1172 str = textfile_get(filename, peer_addr); 1173 if (!str) 1174 btd_adapter_get_remote_version(adapter, btohs(evt->handle), 1175 TRUE); 1176 else 1177 free(str); 1178} 1179 1180static inline void disconn_complete(int index, void *ptr) 1181{ 1182 evt_disconn_complete *evt = ptr; 1183 1184 btd_event_disconn_complete(&BDADDR(index), evt->status, 1185 btohs(evt->handle), evt->reason); 1186} 1187 1188static inline void auth_complete(int index, void *ptr) 1189{ 1190 evt_auth_complete *evt = ptr; 1191 bdaddr_t dba; 1192 1193 if (get_bdaddr(index, btohs(evt->handle), &dba) < 0) 1194 return; 1195 1196 btd_event_bonding_process_complete(&BDADDR(index), &dba, evt->status); 1197} 1198 1199static inline void simple_pairing_complete(int index, void *ptr) 1200{ 1201 evt_simple_pairing_complete *evt = ptr; 1202 1203 btd_event_simple_pairing_complete(&BDADDR(index), &evt->bdaddr, 1204 evt->status); 1205} 1206 1207static inline void conn_request(int index, void *ptr) 1208{ 1209 evt_conn_request *evt = ptr; 1210 uint32_t class = evt->dev_class[0] | (evt->dev_class[1] << 8) 1211 | (evt->dev_class[2] << 16); 1212 1213 btd_event_remote_class(&BDADDR(index), &evt->bdaddr, class); 1214} 1215 1216static inline void le_metaevent(int index, void *ptr) 1217{ 1218 evt_le_meta_event *meta = ptr; 1219 le_advertising_info *info; 1220 uint8_t *rssi, num, i; 1221 1222 DBG("LE Meta Event"); 1223 1224 if (meta->subevent != EVT_LE_ADVERTISING_REPORT) 1225 return; 1226 1227 num = meta->data[0]; 1228 info = (le_advertising_info *) (meta->data + 1); 1229 1230 for (i = 0; i < num; i++) { 1231 /* RSSI is last byte of the advertising report event */ 1232 rssi = info->data + info->length; 1233 btd_event_inquiry_result(&BDADDR(index), &info->bdaddr, 0, 1234 *rssi, NULL); 1235 info = (le_advertising_info *) (rssi + 1); 1236 } 1237} 1238 1239static void stop_hci_dev(int index) 1240{ 1241 GIOChannel *chan = CHANNEL(index); 1242 1243 if (!chan) 1244 return; 1245 1246 info("Stopping hci%d event socket", index); 1247 1248 g_source_remove(WATCH_ID(index)); 1249 g_io_channel_unref(CHANNEL(index)); 1250 hci_close_dev(SK(index)); 1251 init_dev_info(index, -1); 1252} 1253 1254static gboolean io_security_event(GIOChannel *chan, GIOCondition cond, 1255 gpointer data) 1256{ 1257 unsigned char buf[HCI_MAX_EVENT_SIZE], *ptr = buf; 1258 int type, index = GPOINTER_TO_INT(data); 1259 struct hci_dev_info di; 1260 size_t len; 1261 hci_event_hdr *eh; 1262 GIOError err; 1263 evt_cmd_status *evt; 1264 1265 if (cond & (G_IO_NVAL | G_IO_HUP | G_IO_ERR)) { 1266 stop_hci_dev(index); 1267 return FALSE; 1268 } 1269 1270 if ((err = g_io_channel_read(chan, (gchar *) buf, sizeof(buf), &len))) { 1271 if (err == G_IO_ERROR_AGAIN) 1272 return TRUE; 1273 stop_hci_dev(index); 1274 return FALSE; 1275 } 1276 1277 type = *ptr++; 1278 1279 if (type != HCI_EVENT_PKT) 1280 return TRUE; 1281 1282 eh = (hci_event_hdr *) ptr; 1283 ptr += HCI_EVENT_HDR_SIZE; 1284 1285 memset(&di, 0, sizeof(di)); 1286 if (hci_devinfo(index, &di) == 0) { 1287 bacpy(&BDADDR(index), &di.bdaddr); 1288 1289 if (ignore_device(&di)) 1290 return TRUE; 1291 } 1292 1293 switch (eh->evt) { 1294 case EVT_CMD_STATUS: 1295 cmd_status(index, ptr); 1296 break; 1297 1298 case EVT_CMD_COMPLETE: 1299 cmd_complete(index, ptr); 1300 break; 1301 1302 case EVT_REMOTE_NAME_REQ_COMPLETE: 1303 remote_name_information(index, ptr); 1304 break; 1305 1306 case EVT_READ_REMOTE_VERSION_COMPLETE: 1307 remote_version_information(index, ptr); 1308 break; 1309 1310 case EVT_READ_REMOTE_FEATURES_COMPLETE: 1311 remote_features_information(index, ptr); 1312 break; 1313 1314 case EVT_REMOTE_HOST_FEATURES_NOTIFY: 1315 remote_features_notify(index, ptr); 1316 break; 1317 1318 case EVT_INQUIRY_COMPLETE: 1319 evt = (evt_cmd_status *) ptr; 1320 inquiry_complete(&BDADDR(index), evt->status, FALSE); 1321 break; 1322 1323 case EVT_INQUIRY_RESULT: 1324 inquiry_result(index, eh->plen, ptr); 1325 break; 1326 1327 case EVT_INQUIRY_RESULT_WITH_RSSI: 1328 inquiry_result_with_rssi(index, eh->plen, ptr); 1329 break; 1330 1331 case EVT_EXTENDED_INQUIRY_RESULT: 1332 extended_inquiry_result(index, eh->plen, ptr); 1333 break; 1334 1335 case EVT_CONN_COMPLETE: 1336 conn_complete(index, ptr); 1337 break; 1338 1339 case EVT_DISCONN_COMPLETE: 1340 disconn_complete(index, ptr); 1341 break; 1342 1343 case EVT_AUTH_COMPLETE: 1344 auth_complete(index, ptr); 1345 break; 1346 1347 case EVT_SIMPLE_PAIRING_COMPLETE: 1348 simple_pairing_complete(index, ptr); 1349 break; 1350 1351 case EVT_CONN_REQUEST: 1352 conn_request(index, ptr); 1353 break; 1354 case EVT_LE_META_EVENT: 1355 le_metaevent(index, ptr); 1356 break; 1357 case EVT_PIN_CODE_REQ: 1358 pin_code_request(index, (bdaddr_t *) ptr); 1359 break; 1360 1361 case EVT_LINK_KEY_REQ: 1362 link_key_request(index, (bdaddr_t *) ptr); 1363 break; 1364 1365 case EVT_LINK_KEY_NOTIFY: 1366 link_key_notify(index, ptr); 1367 break; 1368 1369 case EVT_RETURN_LINK_KEYS: 1370 return_link_keys(index, ptr); 1371 break; 1372 1373 case EVT_IO_CAPABILITY_REQUEST: 1374 io_capa_request(index, ptr); 1375 break; 1376 1377 case EVT_IO_CAPABILITY_RESPONSE: 1378 io_capa_response(index, ptr); 1379 break; 1380 1381 case EVT_USER_CONFIRM_REQUEST: 1382 user_confirm_request(index, ptr); 1383 break; 1384 1385 case EVT_USER_PASSKEY_REQUEST: 1386 user_passkey_request(index, ptr); 1387 break; 1388 1389 case EVT_USER_PASSKEY_NOTIFY: 1390 user_passkey_notify(index, ptr); 1391 break; 1392 1393 case EVT_REMOTE_OOB_DATA_REQUEST: 1394 remote_oob_data_request(index, ptr); 1395 break; 1396 } 1397 1398 return TRUE; 1399} 1400 1401static void start_hci_dev(int index) 1402{ 1403 GIOChannel *chan = CHANNEL(index); 1404 GIOCondition cond; 1405 struct hci_filter flt; 1406 1407 if (chan) 1408 return; 1409 1410 info("Listening for HCI events on hci%d", index); 1411 1412 /* Set filter */ 1413 hci_filter_clear(&flt); 1414 hci_filter_set_ptype(HCI_EVENT_PKT, &flt); 1415 hci_filter_set_event(EVT_CMD_STATUS, &flt); 1416 hci_filter_set_event(EVT_CMD_COMPLETE, &flt); 1417 hci_filter_set_event(EVT_PIN_CODE_REQ, &flt); 1418 hci_filter_set_event(EVT_LINK_KEY_REQ, &flt); 1419 hci_filter_set_event(EVT_LINK_KEY_NOTIFY, &flt); 1420 hci_filter_set_event(EVT_RETURN_LINK_KEYS, &flt); 1421 hci_filter_set_event(EVT_IO_CAPABILITY_REQUEST, &flt); 1422 hci_filter_set_event(EVT_IO_CAPABILITY_RESPONSE, &flt); 1423 hci_filter_set_event(EVT_USER_CONFIRM_REQUEST, &flt); 1424 hci_filter_set_event(EVT_USER_PASSKEY_REQUEST, &flt); 1425 hci_filter_set_event(EVT_REMOTE_OOB_DATA_REQUEST, &flt); 1426 hci_filter_set_event(EVT_USER_PASSKEY_NOTIFY, &flt); 1427 hci_filter_set_event(EVT_KEYPRESS_NOTIFY, &flt); 1428 hci_filter_set_event(EVT_SIMPLE_PAIRING_COMPLETE, &flt); 1429 hci_filter_set_event(EVT_AUTH_COMPLETE, &flt); 1430 hci_filter_set_event(EVT_REMOTE_NAME_REQ_COMPLETE, &flt); 1431 hci_filter_set_event(EVT_READ_REMOTE_VERSION_COMPLETE, &flt); 1432 hci_filter_set_event(EVT_READ_REMOTE_FEATURES_COMPLETE, &flt); 1433 hci_filter_set_event(EVT_REMOTE_HOST_FEATURES_NOTIFY, &flt); 1434 hci_filter_set_event(EVT_INQUIRY_COMPLETE, &flt); 1435 hci_filter_set_event(EVT_INQUIRY_RESULT, &flt); 1436 hci_filter_set_event(EVT_INQUIRY_RESULT_WITH_RSSI, &flt); 1437 hci_filter_set_event(EVT_EXTENDED_INQUIRY_RESULT, &flt); 1438 hci_filter_set_event(EVT_CONN_REQUEST, &flt); 1439 hci_filter_set_event(EVT_CONN_COMPLETE, &flt); 1440 hci_filter_set_event(EVT_DISCONN_COMPLETE, &flt); 1441 hci_filter_set_event(EVT_LE_META_EVENT, &flt); 1442 if (setsockopt(SK(index), SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) { 1443 error("Can't set filter on hci%d: %s (%d)", 1444 index, strerror(errno), errno); 1445 return; 1446 } 1447 1448 chan = g_io_channel_unix_new(SK(index)); 1449 cond = G_IO_IN | G_IO_NVAL | G_IO_HUP | G_IO_ERR; 1450 WATCH_ID(index) = g_io_add_watch_full(chan, G_PRIORITY_LOW, cond, 1451 io_security_event, 1452 GINT_TO_POINTER(index), NULL); 1453 CHANNEL(index) = chan; 1454 PIN_LENGTH(index) = -1; 1455 1456} 1457 1458/* End of HCI event callbacks */ 1459 1460static gboolean child_exit(GIOChannel *io, GIOCondition cond, void *user_data) 1461{ 1462 int status, fd = g_io_channel_unix_get_fd(io); 1463 pid_t child_pid; 1464 1465 if (read(fd, &child_pid, sizeof(child_pid)) != sizeof(child_pid)) { 1466 error("child_exit: unable to read child pid from pipe"); 1467 return TRUE; 1468 } 1469 1470 if (waitpid(child_pid, &status, 0) != child_pid) 1471 error("waitpid(%d) failed", child_pid); 1472 else 1473 DBG("child %d exited", child_pid); 1474 1475 return TRUE; 1476} 1477 1478static void at_child_exit(void) 1479{ 1480 pid_t pid = getpid(); 1481 1482 if (write(child_pipe[1], &pid, sizeof(pid)) != sizeof(pid)) 1483 error("unable to write to child pipe"); 1484} 1485 1486static void device_devup_setup(int index) 1487{ 1488 struct hci_dev_info di; 1489 uint16_t policy; 1490 read_stored_link_key_cp cp; 1491 1492 if (hci_devinfo(index, &di) < 0) 1493 return; 1494 1495 if (ignore_device(&di)) 1496 return; 1497 1498 bacpy(&BDADDR(index), &di.bdaddr); 1499 memcpy(FEATURES(index), di.features, 8); 1500 1501 /* Set page timeout */ 1502 if ((main_opts.flags & (1 << HCID_SET_PAGETO))) { 1503 write_page_timeout_cp cp; 1504 1505 cp.timeout = htobs(main_opts.pageto); 1506 hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_WRITE_PAGE_TIMEOUT, 1507 WRITE_PAGE_TIMEOUT_CP_SIZE, &cp); 1508 } 1509 1510 /* Set default link policy */ 1511 policy = htobs(main_opts.link_policy); 1512 hci_send_cmd(SK(index), OGF_LINK_POLICY, 1513 OCF_WRITE_DEFAULT_LINK_POLICY, 2, &policy); 1514 1515 bacpy(&cp.bdaddr, BDADDR_ANY); 1516 cp.read_all = 1; 1517 hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_READ_STORED_LINK_KEY, 1518 READ_STORED_LINK_KEY_CP_SIZE, (void *) &cp); 1519 1520 if (!PENDING(index)) 1521 start_adapter(index); 1522} 1523 1524static void init_pending(int index) 1525{ 1526 set_bit(PENDING_BDADDR, &PENDING(index)); 1527 set_bit(PENDING_VERSION, &PENDING(index)); 1528 set_bit(PENDING_FEATURES, &PENDING(index)); 1529 set_bit(PENDING_NAME, &PENDING(index)); 1530} 1531 1532static void init_device(int index) 1533{ 1534 struct hci_dev_req dr; 1535 struct hci_dev_info di; 1536 int dd; 1537 pid_t pid; 1538 1539 dd = hci_open_dev(index); 1540 if (dd < 0) { 1541 error("Unable to open hci%d: %s (%d)", index, 1542 strerror(errno), errno); 1543 return; 1544 } 1545 1546 if (index > max_dev) { 1547 max_dev = index; 1548 devs = g_realloc(devs, sizeof(devs[0]) * (max_dev + 1)); 1549 } 1550 1551 init_dev_info(index, dd); 1552 init_pending(index); 1553 start_hci_dev(index); 1554 1555 /* Do initialization in the separate process */ 1556 pid = fork(); 1557 switch (pid) { 1558 case 0: 1559 atexit(at_child_exit); 1560 break; 1561 case -1: 1562 error("Fork failed. Can't init device hci%d: %s (%d)", 1563 index, strerror(errno), errno); 1564 default: 1565 DBG("child %d forked", pid); 1566 return; 1567 } 1568 1569 memset(&dr, 0, sizeof(dr)); 1570 dr.dev_id = index; 1571 1572 /* Set link mode */ 1573 dr.dev_opt = main_opts.link_mode; 1574 if (ioctl(dd, HCISETLINKMODE, (unsigned long) &dr) < 0) 1575 error("Can't set link mode on hci%d: %s (%d)", 1576 index, strerror(errno), errno); 1577 1578 /* Set link policy for BR/EDR HCI devices */ 1579 if (hci_devinfo(index, &di) < 0) 1580 goto fail; 1581 1582 if (!ignore_device(&di)) { 1583 dr.dev_opt = main_opts.link_policy; 1584 if (ioctl(dd, HCISETLINKPOL, (unsigned long) &dr) < 0 && 1585 errno != ENETDOWN) { 1586 error("Can't set link policy on hci%d: %s (%d)", 1587 index, strerror(errno), errno); 1588 } 1589 } 1590 1591 /* Start HCI device */ 1592 if (ioctl(dd, HCIDEVUP, index) < 0 && errno != EALREADY) { 1593 error("Can't init device hci%d: %s (%d)", 1594 index, strerror(errno), errno); 1595 goto fail; 1596 } 1597 1598 hci_close_dev(dd); 1599 exit(0); 1600 1601fail: 1602 hci_close_dev(dd); 1603 exit(1); 1604} 1605 1606static void device_devreg_setup(int index) 1607{ 1608 struct hci_dev_info di; 1609 gboolean devup; 1610 1611 init_device(index); 1612 1613 memset(&di, 0, sizeof(di)); 1614 1615 if (hci_devinfo(index, &di) < 0) 1616 return; 1617 1618 devup = hci_test_bit(HCI_UP, &di.flags); 1619 1620 if (!ignore_device(&di)) 1621 manager_register_adapter(index, devup); 1622} 1623 1624static void device_event(int event, int index) 1625{ 1626 switch (event) { 1627 case HCI_DEV_REG: 1628 info("HCI dev %d registered", index); 1629 device_devreg_setup(index); 1630 break; 1631 1632 case HCI_DEV_UNREG: 1633 info("HCI dev %d unregistered", index); 1634 stop_hci_dev(index); 1635 manager_unregister_adapter(index); 1636 break; 1637 1638 case HCI_DEV_UP: 1639 info("HCI dev %d up", index); 1640 UP(index) = TRUE; 1641 device_devup_setup(index); 1642 break; 1643 1644 case HCI_DEV_DOWN: 1645 info("HCI dev %d down", index); 1646 UP(index) = FALSE; 1647 if (!PENDING(index)) { 1648 manager_stop_adapter(index); 1649 init_pending(index); 1650 } 1651 break; 1652 } 1653} 1654 1655static gboolean init_known_adapters(gpointer user_data) 1656{ 1657 struct hci_dev_list_req *dl; 1658 struct hci_dev_req *dr; 1659 int i, err, ctl = GPOINTER_TO_INT(user_data); 1660 size_t req_size; 1661 1662 req_size = HCI_MAX_DEV * sizeof(struct hci_dev_req) + sizeof(uint16_t); 1663 1664 dl = g_try_malloc0(req_size); 1665 if (!dl) { 1666 error("Can't allocate devlist buffer"); 1667 return FALSE; 1668 } 1669 1670 dl->dev_num = HCI_MAX_DEV; 1671 dr = dl->dev_req; 1672 1673 if (ioctl(ctl, HCIGETDEVLIST, dl) < 0) { 1674 err = -errno; 1675 error("Can't get device list: %s (%d)", strerror(-err), -err); 1676 g_free(dl); 1677 return FALSE; 1678 } 1679 1680 for (i = 0; i < dl->dev_num; i++, dr++) { 1681 device_event(HCI_DEV_REG, dr->dev_id); 1682 1683 if (!hci_test_bit(HCI_UP, &dr->dev_opt)) 1684 continue; 1685 1686 PENDING(dr->dev_id) = 0; 1687 set_bit(PENDING_VERSION, &PENDING(dr->dev_id)); 1688 hci_send_cmd(SK(dr->dev_id), OGF_INFO_PARAM, 1689 OCF_READ_LOCAL_VERSION, 0, NULL); 1690 device_event(HCI_DEV_UP, dr->dev_id); 1691 } 1692 1693 g_free(dl); 1694 1695 return FALSE; 1696} 1697 1698static gboolean io_stack_event(GIOChannel *chan, GIOCondition cond, 1699 gpointer data) 1700{ 1701 unsigned char buf[HCI_MAX_FRAME_SIZE], *ptr; 1702 evt_stack_internal *si; 1703 evt_si_device *sd; 1704 hci_event_hdr *eh; 1705 int type; 1706 size_t len; 1707 GIOError err; 1708 1709 ptr = buf; 1710 1711 err = g_io_channel_read(chan, (gchar *) buf, sizeof(buf), &len); 1712 if (err) { 1713 if (err == G_IO_ERROR_AGAIN) 1714 return TRUE; 1715 1716 error("Read from control socket failed: %s (%d)", 1717 strerror(errno), errno); 1718 return FALSE; 1719 } 1720 1721 type = *ptr++; 1722 1723 if (type != HCI_EVENT_PKT) 1724 return TRUE; 1725 1726 eh = (hci_event_hdr *) ptr; 1727 if (eh->evt != EVT_STACK_INTERNAL) 1728 return TRUE; 1729 1730 ptr += HCI_EVENT_HDR_SIZE; 1731 1732 si = (evt_stack_internal *) ptr; 1733 switch (si->type) { 1734 case EVT_SI_DEVICE: 1735 sd = (void *) &si->data; 1736 device_event(sd->event, sd->dev_id); 1737 break; 1738 } 1739 1740 return TRUE; 1741} 1742 1743static int hciops_setup(void) 1744{ 1745 struct sockaddr_hci addr; 1746 struct hci_filter flt; 1747 GIOChannel *ctl_io, *child_io; 1748 int sock, err; 1749 1750 if (child_pipe[0] != -1) 1751 return -EALREADY; 1752 1753 if (pipe(child_pipe) < 0) { 1754 err = -errno; 1755 error("pipe(): %s (%d)", strerror(-err), -err); 1756 return err; 1757 } 1758 1759 child_io = g_io_channel_unix_new(child_pipe[0]); 1760 g_io_channel_set_close_on_unref(child_io, TRUE); 1761 child_io_id = g_io_add_watch(child_io, 1762 G_IO_IN | G_IO_ERR | G_IO_HUP | G_IO_NVAL, 1763 child_exit, NULL); 1764 g_io_channel_unref(child_io); 1765 1766 /* Create and bind HCI socket */ 1767 sock = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI); 1768 if (sock < 0) { 1769 err = -errno; 1770 error("Can't open HCI socket: %s (%d)", strerror(-err), 1771 -err); 1772 return err; 1773 } 1774 1775 /* Set filter */ 1776 hci_filter_clear(&flt); 1777 hci_filter_set_ptype(HCI_EVENT_PKT, &flt); 1778 hci_filter_set_event(EVT_STACK_INTERNAL, &flt); 1779 if (setsockopt(sock, SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) { 1780 err = -errno; 1781 error("Can't set filter: %s (%d)", strerror(-err), -err); 1782 return err; 1783 } 1784 1785 memset(&addr, 0, sizeof(addr)); 1786 addr.hci_family = AF_BLUETOOTH; 1787 addr.hci_dev = HCI_DEV_NONE; 1788 if (bind(sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) { 1789 err = -errno; 1790 error("Can't bind HCI socket: %s (%d)", strerror(-err), -err); 1791 return err; 1792 } 1793 1794 ctl_io = g_io_channel_unix_new(sock); 1795 g_io_channel_set_close_on_unref(ctl_io, TRUE); 1796 1797 ctl_io_id = g_io_add_watch(ctl_io, G_IO_IN, io_stack_event, NULL); 1798 1799 g_io_channel_unref(ctl_io); 1800 1801 g_idle_add(init_known_adapters, GINT_TO_POINTER(sock)); 1802 1803 return 0; 1804} 1805 1806static void hciops_cleanup(void) 1807{ 1808 int i; 1809 1810 for (i = 0; i <= max_dev; i++) { 1811 if (SK(i) >= 0) 1812 hci_close_dev(SK(i)); 1813 } 1814 1815 g_free(devs); 1816 devs = NULL; 1817 max_dev = -1; 1818 1819 if (child_io_id) { 1820 g_source_remove(child_io_id); 1821 child_io_id = 0; 1822 } 1823 1824 if (ctl_io_id) { 1825 g_source_remove(ctl_io_id); 1826 ctl_io_id = 0; 1827 } 1828 1829 if (child_pipe[0] >= 0) { 1830 close(child_pipe[0]); 1831 child_pipe[0] = -1; 1832 } 1833 1834 if (child_pipe[1] >= 0) { 1835 close(child_pipe[1]); 1836 child_pipe[1] = -1; 1837 } 1838} 1839 1840static int hciops_start(int index) 1841{ 1842 int err; 1843 1844 if (ioctl(SK(index), HCIDEVUP, index) == 0) 1845 return 0; 1846 1847 if (errno == EALREADY) 1848 return 0; 1849 1850 err = -errno; 1851 error("Can't init device hci%d: %s (%d)", 1852 index, strerror(-err), -err); 1853 1854 return err; 1855} 1856 1857static int hciops_stop(int index) 1858{ 1859 int err = 0; 1860 1861 if (ioctl(SK(index), HCIDEVDOWN, index) == 0) 1862 goto done; /* on success */ 1863 1864 if (errno != EALREADY) { 1865 err = -errno; 1866 error("Can't stop device hci%d: %s (%d)", 1867 index, strerror(-err), -err); 1868 } 1869 1870done: 1871 return err; 1872} 1873 1874static int hciops_powered(int index, gboolean powered) 1875{ 1876 uint8_t mode = SCAN_DISABLED; 1877 1878 if (powered) 1879 return hciops_start(index); 1880 1881 if (hci_send_cmd(SK(index), OGF_HOST_CTL, 1882 OCF_WRITE_SCAN_ENABLE, 1, &mode) < 0) 1883 return -errno; 1884 1885 return hciops_stop(index); 1886} 1887 1888static int hciops_connectable(int index) 1889{ 1890 uint8_t mode = SCAN_PAGE; 1891 1892 if (hci_send_cmd(SK(index), OGF_HOST_CTL, 1893 OCF_WRITE_SCAN_ENABLE, 1, &mode) < 0) 1894 return -errno; 1895 1896 return 0; 1897} 1898 1899static int hciops_discoverable(int index) 1900{ 1901 uint8_t mode = (SCAN_PAGE | SCAN_INQUIRY); 1902 1903 if (hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE, 1904 1, &mode) < 0) 1905 return -errno; 1906 1907 return 0; 1908} 1909 1910static int hciops_set_class(int index, uint32_t class) 1911{ 1912 write_class_of_dev_cp cp; 1913 1914 memcpy(cp.dev_class, &class, 3); 1915 1916 if (hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_WRITE_CLASS_OF_DEV, 1917 WRITE_CLASS_OF_DEV_CP_SIZE, &cp) < 0) 1918 return -errno; 1919 1920 return 0; 1921} 1922 1923static int hciops_set_limited_discoverable(int index, uint32_t class, 1924 gboolean limited) 1925{ 1926 int num = (limited ? 2 : 1); 1927 uint8_t lap[] = { 0x33, 0x8b, 0x9e, 0x00, 0x8b, 0x9e }; 1928 write_current_iac_lap_cp cp; 1929 1930 /* 1931 * 1: giac 1932 * 2: giac + liac 1933 */ 1934 memset(&cp, 0, sizeof(cp)); 1935 cp.num_current_iac = num; 1936 memcpy(&cp.lap, lap, num * 3); 1937 1938 if (hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_WRITE_CURRENT_IAC_LAP, 1939 (num * 3 + 1), &cp) < 0) 1940 return -errno; 1941 1942 return hciops_set_class(index, class); 1943} 1944 1945static int hciops_start_inquiry(int index, uint8_t length, gboolean periodic) 1946{ 1947 uint8_t lap[3] = { 0x33, 0x8b, 0x9e }; 1948 int err; 1949 1950 if (periodic) { 1951 periodic_inquiry_cp cp; 1952 1953 memset(&cp, 0, sizeof(cp)); 1954 memcpy(&cp.lap, lap, 3); 1955 cp.max_period = htobs(24); 1956 cp.min_period = htobs(16); 1957 cp.length = length; 1958 cp.num_rsp = 0x00; 1959 1960 err = hci_send_cmd(SK(index), OGF_LINK_CTL, 1961 OCF_PERIODIC_INQUIRY, 1962 PERIODIC_INQUIRY_CP_SIZE, &cp); 1963 } else { 1964 inquiry_cp inq_cp; 1965 1966 memset(&inq_cp, 0, sizeof(inq_cp)); 1967 memcpy(&inq_cp.lap, lap, 3); 1968 inq_cp.length = length; 1969 inq_cp.num_rsp = 0x00; 1970 1971 err = hci_send_cmd(SK(index), OGF_LINK_CTL, 1972 OCF_INQUIRY, INQUIRY_CP_SIZE, &inq_cp); 1973 } 1974 1975 if (err < 0) 1976 err = -errno; 1977 1978 return err; 1979} 1980 1981static int hciops_stop_inquiry(int index) 1982{ 1983 struct hci_dev_info di; 1984 int err; 1985 1986 if (hci_devinfo(index, &di) < 0) 1987 return -errno; 1988 1989 if (hci_test_bit(HCI_INQUIRY, &di.flags)) 1990 err = hci_send_cmd(SK(index), OGF_LINK_CTL, 1991 OCF_INQUIRY_CANCEL, 0, 0); 1992 else 1993 err = hci_send_cmd(SK(index), OGF_LINK_CTL, 1994 OCF_EXIT_PERIODIC_INQUIRY, 0, 0); 1995 if (err < 0) 1996 err = -errno; 1997 1998 return err; 1999} 2000 2001static int le_set_scan_enable(int index, uint8_t enable) 2002{ 2003 le_set_scan_enable_cp cp; 2004 2005 memset(&cp, 0, sizeof(cp)); 2006 cp.enable = enable; 2007 cp.filter_dup = 0; 2008 2009 if (hci_send_cmd(SK(index), OGF_LE_CTL, OCF_LE_SET_SCAN_ENABLE, 2010 LE_SET_SCAN_ENABLE_CP_SIZE, &cp) < 0) 2011 return -errno; 2012 2013 return 0; 2014} 2015 2016static int hciops_start_scanning(int index) 2017{ 2018 le_set_scan_parameters_cp cp; 2019 2020 memset(&cp, 0, sizeof(cp)); 2021 cp.type = 0x01; /* Active scanning */ 2022 cp.interval = htobs(0x0010); 2023 cp.window = htobs(0x0010); 2024 cp.own_bdaddr_type = 0; /* Public address */ 2025 cp.filter = 0; /* Accept all adv packets */ 2026 2027 if (hci_send_cmd(SK(index), OGF_LE_CTL, OCF_LE_SET_SCAN_PARAMETERS, 2028 LE_SET_SCAN_PARAMETERS_CP_SIZE, &cp) < 0) 2029 return -errno; 2030 2031 return le_set_scan_enable(index, 1); 2032} 2033 2034static int hciops_stop_scanning(int index) 2035{ 2036 return le_set_scan_enable(index, 0); 2037} 2038 2039static int hciops_resolve_name(int index, bdaddr_t *bdaddr) 2040{ 2041 remote_name_req_cp cp; 2042 2043 memset(&cp, 0, sizeof(cp)); 2044 bacpy(&cp.bdaddr, bdaddr); 2045 cp.pscan_rep_mode = 0x02; 2046 2047 if (hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_REMOTE_NAME_REQ, 2048 REMOTE_NAME_REQ_CP_SIZE, &cp) < 0) 2049 return -errno; 2050 2051 return 0; 2052} 2053 2054static int hciops_set_name(int index, const char *name) 2055{ 2056 change_local_name_cp cp; 2057 2058 memset(&cp, 0, sizeof(cp)); 2059 strncpy((char *) cp.name, name, sizeof(cp.name)); 2060 2061 if (hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_CHANGE_LOCAL_NAME, 2062 CHANGE_LOCAL_NAME_CP_SIZE, &cp) < 0) 2063 return -errno; 2064 2065 return 0; 2066} 2067 2068static int hciops_cancel_resolve_name(int index, bdaddr_t *bdaddr) 2069{ 2070 remote_name_req_cancel_cp cp; 2071 2072 memset(&cp, 0, sizeof(cp)); 2073 bacpy(&cp.bdaddr, bdaddr); 2074 2075 if (hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_REMOTE_NAME_REQ_CANCEL, 2076 REMOTE_NAME_REQ_CANCEL_CP_SIZE, &cp) < 0) 2077 return -errno; 2078 2079 return 0; 2080} 2081 2082static int hciops_fast_connectable(int index, gboolean enable) 2083{ 2084 write_page_activity_cp cp; 2085 uint8_t type; 2086 2087 if (enable) { 2088 type = PAGE_SCAN_TYPE_INTERLACED; 2089 cp.interval = 0x0024; /* 22.5 msec page scan interval */ 2090 } else { 2091 type = PAGE_SCAN_TYPE_STANDARD; /* default */ 2092 cp.interval = 0x0800; /* default 1.28 sec page scan */ 2093 } 2094 2095 cp.window = 0x0012; /* default 11.25 msec page scan window */ 2096 2097 if (hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_WRITE_PAGE_ACTIVITY, 2098 WRITE_PAGE_ACTIVITY_CP_SIZE, &cp) < 0) 2099 return -errno; 2100 else if (hci_send_cmd(SK(index), OGF_HOST_CTL, 2101 OCF_WRITE_PAGE_SCAN_TYPE, 1, &type) < 0) 2102 return -errno; 2103 2104 return 0; 2105} 2106 2107static int hciops_read_clock(int index, int handle, int which, int timeout, 2108 uint32_t *clock, uint16_t *accuracy) 2109{ 2110 if (hci_read_clock(SK(index), handle, which, clock, accuracy, 2111 timeout) < 0) 2112 return -errno; 2113 2114 return 0; 2115} 2116 2117static int hciops_conn_handle(int index, const bdaddr_t *bdaddr, int *handle) 2118{ 2119 int err; 2120 struct hci_conn_info_req *cr; 2121 2122 cr = g_malloc0(sizeof(*cr) + sizeof(struct hci_conn_info)); 2123 bacpy(&cr->bdaddr, bdaddr); 2124 cr->type = ACL_LINK; 2125 2126 if (ioctl(SK(index), HCIGETCONNINFO, (unsigned long) cr) < 0) { 2127 err = -errno; 2128 goto fail; 2129 } 2130 2131 err = 0; 2132 *handle = htobs(cr->conn_info->handle); 2133 2134fail: 2135 g_free(cr); 2136 return err; 2137} 2138 2139static int hciops_write_eir_data(int index, uint8_t *data) 2140{ 2141 write_ext_inquiry_response_cp cp; 2142 2143 memset(&cp, 0, sizeof(cp)); 2144 memcpy(cp.data, data, 240); 2145 2146 if (hci_send_cmd(SK(index), OGF_HOST_CTL, 2147 OCF_WRITE_EXT_INQUIRY_RESPONSE, 2148 WRITE_EXT_INQUIRY_RESPONSE_CP_SIZE, &cp) < 0) 2149 return -errno; 2150 2151 return 0; 2152} 2153 2154static int hciops_read_bdaddr(int index, bdaddr_t *bdaddr) 2155{ 2156 bacpy(bdaddr, &BDADDR(index)); 2157 return 0; 2158} 2159 2160static int hciops_block_device(int index, bdaddr_t *bdaddr) 2161{ 2162 if (ioctl(SK(index), HCIBLOCKADDR, bdaddr) < 0) 2163 return -errno; 2164 2165 return 0; 2166} 2167 2168static int hciops_unblock_device(int index, bdaddr_t *bdaddr) 2169{ 2170 if (ioctl(SK(index), HCIUNBLOCKADDR, bdaddr) < 0) 2171 return -errno; 2172 2173 return 0; 2174} 2175 2176static int hciops_get_conn_list(int index, GSList **conns) 2177{ 2178 struct hci_conn_list_req *cl; 2179 struct hci_conn_info *ci; 2180 int err, i; 2181 2182 cl = g_malloc0(10 * sizeof(*ci) + sizeof(*cl)); 2183 2184 cl->dev_id = index; 2185 cl->conn_num = 10; 2186 ci = cl->conn_info; 2187 2188 if (ioctl(SK(index), HCIGETCONNLIST, cl) < 0) { 2189 err = -errno; 2190 goto fail; 2191 } 2192 2193 err = 0; 2194 *conns = NULL; 2195 2196 for (i = 0; i < cl->conn_num; i++, ci++) 2197 *conns = g_slist_append(*conns, g_memdup(ci, sizeof(*ci))); 2198 2199fail: 2200 g_free(cl); 2201 return err; 2202} 2203 2204static int hciops_read_local_version(int index, struct hci_version *ver) 2205{ 2206 memcpy(ver, &VER(index), sizeof(*ver)); 2207 return 0; 2208} 2209 2210static int hciops_read_local_features(int index, uint8_t *features) 2211{ 2212 memcpy(features, FEATURES(index), 8); 2213 return 0; 2214} 2215 2216static int hciops_read_local_ext_features(int index) 2217{ 2218 uint8_t page_num = 1; 2219 2220 if (hci_send_cmd(SK(index), OGF_INFO_PARAM, 2221 OCF_READ_LOCAL_EXT_FEATURES, 1, &page_num) < 0) 2222 return -errno; 2223 2224 return 0; 2225} 2226 2227static int hciops_read_link_policy(int index) 2228{ 2229 if (hci_send_cmd(SK(index), OGF_LINK_POLICY, 2230 OCF_READ_DEFAULT_LINK_POLICY, 0, NULL) < 0) 2231 return -errno; 2232 2233 return 0; 2234} 2235 2236static int hciops_disconnect(int index, uint16_t handle) 2237{ 2238 disconnect_cp cp; 2239 2240 memset(&cp, 0, sizeof(cp)); 2241 cp.handle = htobs(handle); 2242 cp.reason = HCI_OE_USER_ENDED_CONNECTION; 2243 2244 if (hci_send_cmd(SK(index), OGF_LINK_CTL, OCF_DISCONNECT, 2245 DISCONNECT_CP_SIZE, &cp) < 0) 2246 return -errno; 2247 2248 return 0; 2249} 2250 2251static int hciops_remove_bonding(int index, bdaddr_t *bdaddr) 2252{ 2253 delete_stored_link_key_cp cp; 2254 2255 memset(&cp, 0, sizeof(cp)); 2256 bacpy(&cp.bdaddr, bdaddr); 2257 2258 /* Delete the link key from the Bluetooth chip */ 2259 if (hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_DELETE_STORED_LINK_KEY, 2260 DELETE_STORED_LINK_KEY_CP_SIZE, &cp) < 0) 2261 return -errno; 2262 2263 return 0; 2264} 2265 2266static int hciops_request_authentication(int index, uint16_t handle, 2267 uint8_t *status) 2268{ 2269 struct hci_request rq; 2270 auth_requested_cp cp; 2271 evt_cmd_status rp; 2272 2273 memset(&rp, 0, sizeof(rp)); 2274 2275 memset(&cp, 0, sizeof(cp)); 2276 cp.handle = htobs(handle); 2277 2278 memset(&rq, 0, sizeof(rq)); 2279 rq.ogf = OGF_LINK_CTL; 2280 rq.ocf = OCF_AUTH_REQUESTED; 2281 rq.cparam = &cp; 2282 rq.clen = AUTH_REQUESTED_CP_SIZE; 2283 rq.rparam = &rp; 2284 rq.rlen = EVT_CMD_STATUS_SIZE; 2285 rq.event = EVT_CMD_STATUS; 2286 2287 if (hci_send_req(SK(index), &rq, HCI_REQ_TIMEOUT) < 0) 2288 return -errno; 2289 2290 if (status) 2291 *status = rp.status; 2292 2293 return 0; 2294} 2295 2296static int hciops_pincode_reply(int index, bdaddr_t *bdaddr, const char *pin) 2297{ 2298 int err; 2299 2300 if (pin) { 2301 pin_code_reply_cp pr; 2302 size_t len = strlen(pin); 2303 2304 PIN_LENGTH(index) = len; 2305 2306 memset(&pr, 0, sizeof(pr)); 2307 bacpy(&pr.bdaddr, bdaddr); 2308 memcpy(pr.pin_code, pin, len); 2309 pr.pin_len = len; 2310 err = hci_send_cmd(SK(index), OGF_LINK_CTL, 2311 OCF_PIN_CODE_REPLY, 2312 PIN_CODE_REPLY_CP_SIZE, &pr); 2313 } else 2314 err = hci_send_cmd(SK(index), OGF_LINK_CTL, 2315 OCF_PIN_CODE_NEG_REPLY, 6, bdaddr); 2316 2317 if (err < 0) 2318 err = -errno; 2319 2320 return err; 2321} 2322 2323static int hciops_confirm_reply(int index, bdaddr_t *bdaddr, gboolean success) 2324{ 2325 int err; 2326 user_confirm_reply_cp cp; 2327 2328 memset(&cp, 0, sizeof(cp)); 2329 bacpy(&cp.bdaddr, bdaddr); 2330 2331 if (success) 2332 err = hci_send_cmd(SK(index), OGF_LINK_CTL, 2333 OCF_USER_CONFIRM_REPLY, 2334 USER_CONFIRM_REPLY_CP_SIZE, &cp); 2335 else 2336 err = hci_send_cmd(SK(index), OGF_LINK_CTL, 2337 OCF_USER_CONFIRM_NEG_REPLY, 2338 USER_CONFIRM_REPLY_CP_SIZE, &cp); 2339 2340 if (err < 0) 2341 err = -errno; 2342 2343 return err; 2344} 2345 2346static int hciops_passkey_reply(int index, bdaddr_t *bdaddr, uint32_t passkey) 2347{ 2348 int err; 2349 2350 if (passkey != INVALID_PASSKEY) { 2351 user_passkey_reply_cp cp; 2352 2353 memset(&cp, 0, sizeof(cp)); 2354 bacpy(&cp.bdaddr, bdaddr); 2355 cp.passkey = passkey; 2356 2357 err = hci_send_cmd(SK(index), OGF_LINK_CTL, 2358 OCF_USER_PASSKEY_REPLY, 2359 USER_PASSKEY_REPLY_CP_SIZE, &cp); 2360 } else 2361 err = hci_send_cmd(SK(index), OGF_LINK_CTL, 2362 OCF_USER_PASSKEY_NEG_REPLY, 6, bdaddr); 2363 2364 if (err < 0) 2365 err = -errno; 2366 2367 return err; 2368} 2369 2370static int hciops_get_auth_info(int index, bdaddr_t *bdaddr, uint8_t *auth) 2371{ 2372 struct hci_auth_info_req req; 2373 2374 memset(&req, 0, sizeof(req)); 2375 bacpy(&req.bdaddr, bdaddr); 2376 2377 if (ioctl(SK(index), HCIGETAUTHINFO, (unsigned long) &req) < 0) 2378 return -errno; 2379 2380 if (auth) 2381 *auth = req.type; 2382 2383 return 0; 2384} 2385 2386static int hciops_read_scan_enable(int index) 2387{ 2388 if (hci_send_cmd(SK(index), OGF_HOST_CTL, OCF_READ_SCAN_ENABLE, 2389 0, NULL) < 0) 2390 return -errno; 2391 2392 return 0; 2393} 2394 2395static int hciops_write_le_host(int index, uint8_t le, uint8_t simul) 2396{ 2397 write_le_host_supported_cp cp; 2398 2399 memset(&cp, 0, sizeof(cp)); 2400 cp.le = le; 2401 cp.simul = simul; 2402 2403 if (hci_send_cmd(SK(index), OGF_HOST_CTL, 2404 OCF_WRITE_LE_HOST_SUPPORTED, 2405 WRITE_LE_HOST_SUPPORTED_CP_SIZE, &cp) < 0) 2406 return -errno; 2407 2408 return 0; 2409} 2410 2411struct remote_version_req { 2412 int index; 2413 uint16_t handle; 2414}; 2415 2416static gboolean get_remote_version(gpointer user_data) 2417{ 2418 struct remote_version_req *req = user_data; 2419 read_remote_version_cp cp; 2420 2421 memset(&cp, 0, sizeof(cp)); 2422 cp.handle = htobs(req->handle); 2423 2424 hci_send_cmd(SK(req->index), OGF_LINK_CTL, OCF_READ_REMOTE_VERSION, 2425 READ_REMOTE_VERSION_CP_SIZE, &cp); 2426 2427 return FALSE; 2428} 2429 2430static int hciops_get_remote_version(int index, uint16_t handle, 2431 gboolean delayed) 2432{ 2433 struct remote_version_req *req; 2434 2435 req = g_new0(struct remote_version_req, 1); 2436 req->handle = handle; 2437 req->index = index; 2438 2439 if (!delayed) { 2440 get_remote_version(req); 2441 g_free(req); 2442 return 0; 2443 } 2444 2445 g_timeout_add_seconds_full(G_PRIORITY_DEFAULT, 1, get_remote_version, 2446 req, g_free); 2447 2448 return 0; 2449} 2450 2451static struct btd_adapter_ops hci_ops = { 2452 .setup = hciops_setup, 2453 .cleanup = hciops_cleanup, 2454 .start = hciops_start, 2455 .stop = hciops_stop, 2456 .set_powered = hciops_powered, 2457 .set_connectable = hciops_connectable, 2458 .set_discoverable = hciops_discoverable, 2459 .set_limited_discoverable = hciops_set_limited_discoverable, 2460 .start_inquiry = hciops_start_inquiry, 2461 .stop_inquiry = hciops_stop_inquiry, 2462 .start_scanning = hciops_start_scanning, 2463 .stop_scanning = hciops_stop_scanning, 2464 .resolve_name = hciops_resolve_name, 2465 .cancel_resolve_name = hciops_cancel_resolve_name, 2466 .set_name = hciops_set_name, 2467 .set_class = hciops_set_class, 2468 .set_fast_connectable = hciops_fast_connectable, 2469 .read_clock = hciops_read_clock, 2470 .get_conn_handle = hciops_conn_handle, 2471 .write_eir_data = hciops_write_eir_data, 2472 .read_bdaddr = hciops_read_bdaddr, 2473 .block_device = hciops_block_device, 2474 .unblock_device = hciops_unblock_device, 2475 .get_conn_list = hciops_get_conn_list, 2476 .read_local_version = hciops_read_local_version, 2477 .read_local_features = hciops_read_local_features, 2478 .read_local_ext_features = hciops_read_local_ext_features, 2479 .read_link_policy = hciops_read_link_policy, 2480 .disconnect = hciops_disconnect, 2481 .remove_bonding = hciops_remove_bonding, 2482 .request_authentication = hciops_request_authentication, 2483 .pincode_reply = hciops_pincode_reply, 2484 .confirm_reply = hciops_confirm_reply, 2485 .passkey_reply = hciops_passkey_reply, 2486 .get_auth_info = hciops_get_auth_info, 2487 .read_scan_enable = hciops_read_scan_enable, 2488 .write_le_host = hciops_write_le_host, 2489 .get_remote_version = hciops_get_remote_version, 2490 .encrypt_link = hciops_encrypt_link, 2491}; 2492 2493static int hciops_init(void) 2494{ 2495 return btd_register_adapter_ops(&hci_ops, FALSE); 2496} 2497 2498static void hciops_exit(void) 2499{ 2500 btd_adapter_cleanup_ops(&hci_ops); 2501} 2502 2503BLUETOOTH_PLUGIN_DEFINE(hciops, VERSION, 2504 BLUETOOTH_PLUGIN_PRIORITY_LOW, hciops_init, hciops_exit) 2505