hciops.c revision cc0e50e3ab1a612ffb72b9021229f660d54f9388
1/* 2 * 3 * BlueZ - Bluetooth protocol stack for Linux 4 * 5 * Copyright (C) 2004-2010 Marcel Holtmann <marcel@holtmann.org> 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 20 * 21 */ 22 23#ifdef HAVE_CONFIG_H 24#include <config.h> 25#endif 26 27#include <stdio.h> 28#include <errno.h> 29#include <unistd.h> 30#include <stdlib.h> 31#include <sys/types.h> 32#include <sys/ioctl.h> 33#include <sys/wait.h> 34 35#include <bluetooth/bluetooth.h> 36#include <bluetooth/hci.h> 37#include <bluetooth/hci_lib.h> 38#include <bluetooth/sdp.h> 39#include <bluetooth/sdp_lib.h> 40 41#include <glib.h> 42 43#include "hcid.h" 44#include "sdpd.h" 45#include "adapter.h" 46#include "device.h" 47#include "plugin.h" 48#include "log.h" 49#include "storage.h" 50#include "event.h" 51#include "manager.h" 52 53static int child_pipe[2] = { -1, -1 }; 54 55static guint child_io_id = 0; 56static guint ctl_io_id = 0; 57 58/* Commands sent by kernel on starting an adapter */ 59enum { 60 PENDING_BDADDR, 61 PENDING_VERSION, 62 PENDING_FEATURES, 63 PENDING_NAME, 64}; 65 66struct uuid_info { 67 uuid_t uuid; 68 uint8_t svc_hint; 69}; 70 71struct acl_connection { 72 bdaddr_t bdaddr; 73 uint16_t handle; 74}; 75 76static int max_dev = -1; 77static struct dev_info { 78 int sk; 79 bdaddr_t bdaddr; 80 char name[249]; 81 uint8_t eir[240]; 82 uint8_t features[8]; 83 uint8_t ssp_mode; 84 85 int8_t tx_power; 86 87 uint32_t current_cod; 88 uint32_t wanted_cod; 89 uint32_t pending_cod; 90 gboolean cache_enable; 91 gboolean already_up; 92 gboolean registered; 93 94 struct hci_version ver; 95 96 uint16_t did_vendor; 97 uint16_t did_product; 98 uint16_t did_version; 99 100 gboolean up; 101 unsigned long pending; 102 103 GIOChannel *io; 104 guint watch_id; 105 106 gboolean debug_keys; 107 GSList *keys; 108 uint8_t pin_length; 109 110 GSList *uuids; 111 112 GSList *connections; 113} *devs = NULL; 114 115static int ignore_device(struct hci_dev_info *di) 116{ 117 return hci_test_bit(HCI_RAW, &di->flags) || di->type >> 4 != HCI_BREDR; 118} 119 120static void init_dev_info(int index, int sk, gboolean registered) 121{ 122 struct dev_info *dev = &devs[index]; 123 124 memset(dev, 0, sizeof(*dev)); 125 126 dev->sk = sk; 127 dev->cache_enable = TRUE; 128 dev->registered = registered; 129} 130 131/* Async HCI command handling with callback support */ 132 133struct hci_cmd_data { 134 bt_hci_result_t cb; 135 uint16_t handle; 136 uint16_t ocf; 137 gpointer caller_data; 138}; 139 140static gboolean hci_event_watch(GIOChannel *io, 141 GIOCondition cond, gpointer user_data) 142{ 143 unsigned char buf[HCI_MAX_EVENT_SIZE], *body; 144 struct hci_cmd_data *cmd = user_data; 145 evt_cmd_status *evt_status; 146 evt_auth_complete *evt_auth; 147 evt_encrypt_change *evt_enc; 148 hci_event_hdr *hdr; 149 set_conn_encrypt_cp cp; 150 int dd; 151 uint16_t ocf; 152 uint8_t status = HCI_OE_POWER_OFF; 153 154 if (cond & G_IO_NVAL) { 155 cmd->cb(status, cmd->caller_data); 156 return FALSE; 157 } 158 159 if (cond & (G_IO_ERR | G_IO_HUP)) 160 goto failed; 161 162 dd = g_io_channel_unix_get_fd(io); 163 164 if (read(dd, buf, sizeof(buf)) < 0) 165 goto failed; 166 167 hdr = (hci_event_hdr *) (buf + 1); 168 body = buf + (1 + HCI_EVENT_HDR_SIZE); 169 170 switch (hdr->evt) { 171 case EVT_CMD_STATUS: 172 evt_status = (evt_cmd_status *) body; 173 ocf = cmd_opcode_ocf(evt_status->opcode); 174 if (ocf != cmd->ocf) 175 return TRUE; 176 switch (ocf) { 177 case OCF_AUTH_REQUESTED: 178 case OCF_SET_CONN_ENCRYPT: 179 if (evt_status->status != 0) { 180 /* Baseband rejected command */ 181 status = evt_status->status; 182 goto failed; 183 } 184 break; 185 default: 186 return TRUE; 187 } 188 /* Wait for the next event */ 189 return TRUE; 190 case EVT_AUTH_COMPLETE: 191 evt_auth = (evt_auth_complete *) body; 192 if (evt_auth->handle != cmd->handle) { 193 /* Skipping */ 194 return TRUE; 195 } 196 197 if (evt_auth->status != 0x00) { 198 status = evt_auth->status; 199 /* Abort encryption */ 200 goto failed; 201 } 202 203 memset(&cp, 0, sizeof(cp)); 204 cp.handle = cmd->handle; 205 cp.encrypt = 1; 206 207 cmd->ocf = OCF_SET_CONN_ENCRYPT; 208 209 if (hci_send_cmd(dd, OGF_LINK_CTL, OCF_SET_CONN_ENCRYPT, 210 SET_CONN_ENCRYPT_CP_SIZE, &cp) < 0) { 211 status = HCI_COMMAND_DISALLOWED; 212 goto failed; 213 } 214 /* Wait for encrypt change event */ 215 return TRUE; 216 case EVT_ENCRYPT_CHANGE: 217 evt_enc = (evt_encrypt_change *) body; 218 if (evt_enc->handle != cmd->handle) 219 return TRUE; 220 221 /* Procedure finished: reporting status */ 222 status = evt_enc->status; 223 break; 224 default: 225 /* Skipping */ 226 return TRUE; 227 } 228 229failed: 230 cmd->cb(status, cmd->caller_data); 231 g_io_channel_shutdown(io, TRUE, NULL); 232 233 return FALSE; 234} 235 236static int write_inq_mode(int index, uint8_t mode) 237{ 238 struct dev_info *dev = &devs[index]; 239 write_inquiry_mode_cp cp; 240 241 memset(&cp, 0, sizeof(cp)); 242 cp.mode = mode; 243 244 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_INQUIRY_MODE, 245 WRITE_INQUIRY_MODE_CP_SIZE, &cp) < 0) 246 return -errno; 247 248 return 0; 249} 250 251static uint8_t get_inquiry_mode(int index) 252{ 253 struct dev_info *dev = &devs[index]; 254 255 if (dev->features[6] & LMP_EXT_INQ) 256 return 2; 257 258 if (dev->features[3] & LMP_RSSI_INQ) 259 return 1; 260 261 if (dev->ver.manufacturer == 11 && dev->ver.hci_rev == 0x00 && 262 dev->ver.lmp_subver == 0x0757) 263 return 1; 264 265 if (dev->ver.manufacturer == 15) { 266 if (dev->ver.hci_rev == 0x03 && 267 dev->ver.lmp_subver == 0x6963) 268 return 1; 269 if (dev->ver.hci_rev == 0x09 && 270 dev->ver.lmp_subver == 0x6963) 271 return 1; 272 if (dev->ver.hci_rev == 0x00 && 273 dev->ver.lmp_subver == 0x6965) 274 return 1; 275 } 276 277 if (dev->ver.manufacturer == 31 && dev->ver.hci_rev == 0x2005 && 278 dev->ver.lmp_subver == 0x1805) 279 return 1; 280 281 return 0; 282} 283 284static int init_ssp_mode(int index) 285{ 286 struct dev_info *dev = &devs[index]; 287 write_simple_pairing_mode_cp cp; 288 289 if (ioctl(dev->sk, HCIGETAUTHINFO, NULL) < 0 && errno == EINVAL) 290 return 0; 291 292 memset(&cp, 0, sizeof(cp)); 293 cp.mode = 0x01; 294 295 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 296 OCF_WRITE_SIMPLE_PAIRING_MODE, 297 WRITE_SIMPLE_PAIRING_MODE_CP_SIZE, &cp) < 0) 298 return -errno; 299 300 return 0; 301} 302 303static int hciops_set_discoverable(int index, gboolean discoverable) 304{ 305 struct dev_info *dev = &devs[index]; 306 uint8_t mode; 307 308 if (discoverable) 309 mode = (SCAN_PAGE | SCAN_INQUIRY); 310 else 311 mode = SCAN_PAGE; 312 313 DBG("hci%d discoverable %d", index, discoverable); 314 315 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE, 316 1, &mode) < 0) 317 return -errno; 318 319 return 0; 320} 321 322static int hciops_set_pairable(int index, gboolean pairable) 323{ 324 struct btd_adapter *adapter; 325 326 DBG("hci%d pairable %d", index, pairable); 327 328 adapter = manager_find_adapter(&devs[index].bdaddr); 329 if (adapter) 330 btd_adapter_pairable_changed(adapter, pairable); 331 332 return 0; 333} 334 335static int hciops_power_off(int index) 336{ 337 struct dev_info *dev = &devs[index]; 338 uint8_t mode = SCAN_DISABLED; 339 340 DBG("hci%d", index); 341 342 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 343 OCF_WRITE_SCAN_ENABLE, 1, &mode) < 0) 344 return -errno; 345 346 if (ioctl(dev->sk, HCIDEVDOWN, index) < 0 && errno != EALREADY) 347 return -errno; 348 349 return 0; 350} 351 352static void set_event_mask(int index) 353{ 354 struct dev_info *dev = &devs[index]; 355 /* The second byte is 0xff instead of 0x9f (two reserved bits 356 * disabled) since a Broadcom 1.2 dongle doesn't respond to the 357 * command otherwise */ 358 uint8_t events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 }; 359 360 /* Events for 1.2 and newer controllers */ 361 if (dev->ver.lmp_ver > 1) { 362 events[4] |= 0x01; /* Flow Specification Complete */ 363 events[4] |= 0x02; /* Inquiry Result with RSSI */ 364 events[4] |= 0x04; /* Read Remote Extended Features Complete */ 365 events[5] |= 0x08; /* Synchronous Connection Complete */ 366 events[5] |= 0x10; /* Synchronous Connection Changed */ 367 } 368 369 if (dev->features[3] & LMP_RSSI_INQ) 370 events[4] |= 0x04; /* Inquiry Result with RSSI */ 371 372 if (dev->features[5] & LMP_SNIFF_SUBR) 373 events[5] |= 0x20; /* Sniff Subrating */ 374 375 if (dev->features[5] & LMP_PAUSE_ENC) 376 events[5] |= 0x80; /* Encryption Key Refresh Complete */ 377 378 if (dev->features[6] & LMP_EXT_INQ) 379 events[5] |= 0x40; /* Extended Inquiry Result */ 380 381 if (dev->features[6] & LMP_NFLUSH_PKTS) 382 events[7] |= 0x01; /* Enhanced Flush Complete */ 383 384 if (dev->features[7] & LMP_LSTO) 385 events[6] |= 0x80; /* Link Supervision Timeout Changed */ 386 387 if (dev->features[6] & LMP_SIMPLE_PAIR) { 388 events[6] |= 0x01; /* IO Capability Request */ 389 events[6] |= 0x02; /* IO Capability Response */ 390 events[6] |= 0x04; /* User Confirmation Request */ 391 events[6] |= 0x08; /* User Passkey Request */ 392 events[6] |= 0x10; /* Remote OOB Data Request */ 393 events[6] |= 0x20; /* Simple Pairing Complete */ 394 events[7] |= 0x04; /* User Passkey Notification */ 395 events[7] |= 0x08; /* Keypress Notification */ 396 events[7] |= 0x10; /* Remote Host Supported 397 * Features Notification */ 398 } 399 400 if (dev->features[4] & LMP_LE) 401 events[7] |= 0x20; /* LE Meta-Event */ 402 403 hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_SET_EVENT_MASK, 404 sizeof(events), events); 405} 406 407static void start_adapter(int index) 408{ 409 struct dev_info *dev = &devs[index]; 410 uint8_t inqmode; 411 uint16_t link_policy; 412 413 set_event_mask(index); 414 415 if (dev->features[6] & LMP_SIMPLE_PAIR) 416 init_ssp_mode(index); 417 418 inqmode = get_inquiry_mode(index); 419 if (inqmode) 420 write_inq_mode(index, inqmode); 421 422 if (dev->features[7] & LMP_INQ_TX_PWR) 423 hci_send_cmd(dev->sk, OGF_HOST_CTL, 424 OCF_READ_INQ_RESPONSE_TX_POWER_LEVEL, 0, NULL); 425 426 /* Set default link policy */ 427 link_policy = main_opts.link_policy; 428 429 if (!(dev->features[0] & LMP_RSWITCH)) 430 link_policy &= ~HCI_LP_RSWITCH; 431 if (!(dev->features[0] & LMP_HOLD)) 432 link_policy &= ~HCI_LP_HOLD; 433 if (!(dev->features[0] & LMP_SNIFF)) 434 link_policy &= ~HCI_LP_SNIFF; 435 if (!(dev->features[1] & LMP_PARK)) 436 link_policy &= ~HCI_LP_PARK; 437 438 link_policy = htobs(link_policy); 439 hci_send_cmd(dev->sk, OGF_LINK_POLICY, OCF_WRITE_DEFAULT_LINK_POLICY, 440 sizeof(link_policy), &link_policy); 441 442 dev->current_cod = 0; 443 memset(dev->eir, 0, sizeof(dev->eir)); 444} 445 446static gboolean init_adapter(int index) 447{ 448 struct dev_info *dev = &devs[index]; 449 struct btd_adapter *adapter = NULL; 450 gboolean existing_adapter = dev->registered; 451 uint8_t mode, on_mode; 452 gboolean pairable, discoverable; 453 454 if (!dev->registered) { 455 adapter = btd_manager_register_adapter(index); 456 if (adapter) 457 dev->registered = TRUE; 458 } else { 459 adapter = manager_find_adapter(&dev->bdaddr); 460 /* FIXME: manager_find_adapter should return a new ref */ 461 btd_adapter_ref(adapter); 462 } 463 464 if (adapter == NULL) 465 return FALSE; 466 467 btd_adapter_get_mode(adapter, &mode, &on_mode, &pairable); 468 469 if (existing_adapter) 470 mode = on_mode; 471 472 if (mode == MODE_OFF) { 473 hciops_power_off(index); 474 goto done; 475 } 476 477 start_adapter(index); 478 btd_adapter_start(adapter); 479 480 discoverable = (mode == MODE_DISCOVERABLE); 481 482 hciops_set_discoverable(index, discoverable); 483 hciops_set_pairable(index, pairable); 484 485done: 486 btd_adapter_unref(adapter); 487 return TRUE; 488} 489 490static int hciops_encrypt_link(int index, bdaddr_t *dst, bt_hci_result_t cb, 491 gpointer user_data) 492{ 493 GIOChannel *io; 494 struct hci_cmd_data *cmd; 495 struct hci_conn_info_req *cr; 496 auth_requested_cp cp; 497 struct hci_filter nf; 498 int dd, err; 499 uint32_t link_mode; 500 uint16_t handle; 501 502 dd = hci_open_dev(index); 503 if (dd < 0) 504 return -errno; 505 506 cr = g_malloc0(sizeof(*cr) + sizeof(struct hci_conn_info)); 507 cr->type = ACL_LINK; 508 bacpy(&cr->bdaddr, dst); 509 510 err = ioctl(dd, HCIGETCONNINFO, cr); 511 link_mode = cr->conn_info->link_mode; 512 handle = cr->conn_info->handle; 513 g_free(cr); 514 515 if (err < 0) { 516 err = -errno; 517 goto fail; 518 } 519 520 if (link_mode & HCI_LM_ENCRYPT) { 521 err = -EALREADY; 522 goto fail; 523 } 524 525 memset(&cp, 0, sizeof(cp)); 526 cp.handle = htobs(handle); 527 528 if (hci_send_cmd(dd, OGF_LINK_CTL, OCF_AUTH_REQUESTED, 529 AUTH_REQUESTED_CP_SIZE, &cp) < 0) { 530 err = -errno; 531 goto fail; 532 } 533 534 cmd = g_new0(struct hci_cmd_data, 1); 535 cmd->handle = handle; 536 cmd->ocf = OCF_AUTH_REQUESTED; 537 cmd->cb = cb; 538 cmd->caller_data = user_data; 539 540 hci_filter_clear(&nf); 541 hci_filter_set_ptype(HCI_EVENT_PKT, &nf); 542 hci_filter_set_event(EVT_CMD_STATUS, &nf); 543 hci_filter_set_event(EVT_AUTH_COMPLETE, &nf); 544 hci_filter_set_event(EVT_ENCRYPT_CHANGE, &nf); 545 546 if (setsockopt(dd, SOL_HCI, HCI_FILTER, &nf, sizeof(nf)) < 0) { 547 err = -errno; 548 g_free(cmd); 549 goto fail; 550 } 551 552 io = g_io_channel_unix_new(dd); 553 g_io_channel_set_close_on_unref(io, FALSE); 554 g_io_add_watch_full(io, G_PRIORITY_DEFAULT, 555 G_IO_HUP | G_IO_ERR | G_IO_NVAL | G_IO_IN, 556 hci_event_watch, cmd, g_free); 557 g_io_channel_unref(io); 558 559 return 0; 560 561fail: 562 close(dd); 563 return err; 564} 565 566static int hciops_set_did(int index, uint16_t vendor, uint16_t product, 567 uint16_t version) 568{ 569 struct dev_info *dev = &devs[index]; 570 571 dev->did_vendor = vendor; 572 dev->did_product = product; 573 dev->did_version = version; 574 575 return 0; 576} 577 578/* End async HCI command handling */ 579 580/* Start of HCI event callbacks */ 581 582static int get_handle(int index, const bdaddr_t *bdaddr, uint16_t *handle) 583{ 584 struct dev_info *dev = &devs[index]; 585 struct acl_connection *conn; 586 GSList *match; 587 char addr[18]; 588 589 ba2str(bdaddr, addr); 590 DBG("hci%d dba %s", index, addr); 591 592 match = g_slist_find_custom(dev->connections, bdaddr, 593 (GCompareFunc) bacmp); 594 if (match == NULL) 595 return -ENOENT; 596 597 conn = match->data; 598 *handle = conn->handle; 599 600 return 0; 601} 602 603static int disconnect_addr(int index, bdaddr_t *dba, uint8_t reason) 604{ 605 disconnect_cp cp; 606 uint16_t handle; 607 int err; 608 609 err = get_handle(index, dba, &handle); 610 if (err < 0) 611 return err; 612 613 memset(&cp, 0, sizeof(cp)); 614 cp.handle = htobs(handle); 615 cp.reason = reason; 616 617 if (hci_send_cmd(devs[index].sk, OGF_LINK_CTL, OCF_DISCONNECT, 618 DISCONNECT_CP_SIZE, &cp) < 0) 619 return -errno; 620 621 return 0; 622} 623 624static inline int get_bdaddr(int index, uint16_t handle, bdaddr_t *dba) 625{ 626 struct dev_info *dev = &devs[index]; 627 struct hci_conn_list_req *cl; 628 struct hci_conn_info *ci; 629 int i; 630 631 cl = g_malloc0(10 * sizeof(*ci) + sizeof(*cl)); 632 633 cl->dev_id = index; 634 cl->conn_num = 10; 635 ci = cl->conn_info; 636 637 if (ioctl(dev->sk, HCIGETCONNLIST, (void *) cl) < 0) { 638 g_free(cl); 639 return -EIO; 640 } 641 642 for (i = 0; i < cl->conn_num; i++, ci++) 643 if (ci->handle == handle) { 644 bacpy(dba, &ci->bdaddr); 645 g_free(cl); 646 return 0; 647 } 648 649 g_free(cl); 650 651 return -ENOENT; 652} 653 654/* Link Key handling */ 655 656static void link_key_request(int index, bdaddr_t *dba) 657{ 658 struct dev_info *dev = &devs[index]; 659 struct hci_auth_info_req req; 660 GSList *match; 661 struct link_key_info *key_info; 662 char da[18]; 663 int err; 664 665 ba2str(dba, da); 666 DBG("hci%d dba %s", index, da); 667 668 memset(&req, 0, sizeof(req)); 669 bacpy(&req.bdaddr, dba); 670 671 err = ioctl(dev->sk, HCIGETAUTHINFO, (unsigned long) &req); 672 if (err < 0) { 673 if (errno != EINVAL) 674 DBG("HCIGETAUTHINFO failed %s (%d)", 675 strerror(errno), errno); 676 req.type = 0x00; 677 } 678 679 DBG("kernel auth requirements = 0x%02x", req.type); 680 681 match = g_slist_find_custom(dev->keys, dba, (GCompareFunc) bacmp); 682 if (match) 683 key_info = match->data; 684 else 685 key_info = NULL; 686 687 DBG("Matching key %s", key_info ? "found" : "not found"); 688 689 if (key_info == NULL || (!dev->debug_keys && key_info->type == 0x03)) { 690 /* Link key not found */ 691 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_LINK_KEY_NEG_REPLY, 692 6, dba); 693 return; 694 } 695 696 /* Link key found */ 697 698 DBG("link key type 0x%02x", key_info->type); 699 700 /* Don't use unauthenticated combination keys if MITM is 701 * required */ 702 if (key_info->type == 0x04 && req.type != 0xff && (req.type & 0x01)) 703 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_LINK_KEY_NEG_REPLY, 704 6, dba); 705 else { 706 link_key_reply_cp lr; 707 708 memcpy(lr.link_key, key_info->key, 16); 709 bacpy(&lr.bdaddr, dba); 710 711 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_LINK_KEY_REPLY, 712 LINK_KEY_REPLY_CP_SIZE, &lr); 713 } 714} 715 716static void link_key_notify(int index, void *ptr) 717{ 718 struct dev_info *dev = &devs[index]; 719 evt_link_key_notify *evt = ptr; 720 bdaddr_t *dba = &evt->bdaddr; 721 struct link_key_info *key_info; 722 GSList *match; 723 uint8_t old_key_type, reason; 724 char da[18]; 725 int err; 726 727 ba2str(dba, da); 728 DBG("hci%d dba %s type %d", index, da, evt->key_type); 729 730 match = g_slist_find_custom(dev->keys, dba, (GCompareFunc) bacmp); 731 if (match) 732 key_info = match->data; 733 else 734 key_info = NULL; 735 736 if (key_info == NULL) { 737 key_info = g_new0(struct link_key_info, 1); 738 bacpy(&key_info->bdaddr, &evt->bdaddr); 739 old_key_type = 0xff; 740 } else { 741 dev->keys = g_slist_remove(dev->keys, key_info); 742 old_key_type = key_info->type; 743 } 744 745 memcpy(key_info->key, evt->link_key, sizeof(evt->link_key)); 746 key_info->type = evt->key_type; 747 key_info->pin_len = dev->pin_length; 748 749 err = btd_event_link_key_notify(&dev->bdaddr, dba, evt->link_key, 750 evt->key_type, dev->pin_length, 751 old_key_type); 752 dev->pin_length = 0; 753 754 if (err == 0) { 755 dev->keys = g_slist_append(dev->keys, key_info); 756 return; 757 } 758 759 g_free(key_info); 760 761 if (err == -ENODEV) 762 reason = HCI_OE_LOW_RESOURCES; 763 else 764 reason = HCI_MEMORY_FULL; 765 766 btd_event_bonding_process_complete(&dev->bdaddr, dba, reason); 767 768 disconnect_addr(index, dba, reason); 769} 770 771static void return_link_keys(int index, void *ptr) 772{ 773 struct dev_info *dev = &devs[index]; 774 evt_return_link_keys *evt = ptr; 775 uint8_t num = evt->num_keys; 776 unsigned char key[16]; 777 char da[18]; 778 bdaddr_t dba; 779 int i; 780 781 DBG("hci%d num_keys %u", index, num); 782 783 ptr++; 784 785 for (i = 0; i < num; i++) { 786 bacpy(&dba, ptr); ba2str(&dba, da); 787 memcpy(key, ptr + 6, 16); 788 789 DBG("hci%d returned key for %s", index, da); 790 791 btd_event_returned_link_key(&dev->bdaddr, &dba); 792 793 ptr += 22; 794 } 795} 796 797/* Simple Pairing handling */ 798 799static void user_confirm_request(int index, void *ptr) 800{ 801 struct dev_info *dev = &devs[index]; 802 evt_user_confirm_request *req = ptr; 803 804 DBG("hci%d", index); 805 806 if (btd_event_user_confirm(&dev->bdaddr, &req->bdaddr, 807 btohl(req->passkey)) < 0) 808 hci_send_cmd(dev->sk, OGF_LINK_CTL, 809 OCF_USER_CONFIRM_NEG_REPLY, 6, ptr); 810} 811 812static void user_passkey_request(int index, void *ptr) 813{ 814 struct dev_info *dev = &devs[index]; 815 evt_user_passkey_request *req = ptr; 816 817 DBG("hci%d", index); 818 819 if (btd_event_user_passkey(&dev->bdaddr, &req->bdaddr) < 0) 820 hci_send_cmd(dev->sk, OGF_LINK_CTL, 821 OCF_USER_PASSKEY_NEG_REPLY, 6, ptr); 822} 823 824static void user_passkey_notify(int index, void *ptr) 825{ 826 struct dev_info *dev = &devs[index]; 827 evt_user_passkey_notify *req = ptr; 828 829 DBG("hci%d", index); 830 831 btd_event_user_notify(&dev->bdaddr, &req->bdaddr, 832 btohl(req->passkey)); 833} 834 835static void remote_oob_data_request(int index, void *ptr) 836{ 837 struct dev_info *dev = &devs[index]; 838 839 DBG("hci%d", index); 840 841 hci_send_cmd(dev->sk, OGF_LINK_CTL, 842 OCF_REMOTE_OOB_DATA_NEG_REPLY, 6, ptr); 843} 844 845static void io_capa_request(int index, void *ptr) 846{ 847 struct dev_info *dev = &devs[index]; 848 bdaddr_t *dba = ptr; 849 char da[18]; 850 uint8_t cap, auth; 851 852 ba2str(dba, da); 853 DBG("hci%d IO capability request for %s", index, da); 854 855 if (btd_event_get_io_cap(&dev->bdaddr, dba, &cap, &auth) < 0) { 856 io_capability_neg_reply_cp cp; 857 memset(&cp, 0, sizeof(cp)); 858 bacpy(&cp.bdaddr, dba); 859 cp.reason = HCI_PAIRING_NOT_ALLOWED; 860 hci_send_cmd(dev->sk, OGF_LINK_CTL, 861 OCF_IO_CAPABILITY_NEG_REPLY, 862 IO_CAPABILITY_NEG_REPLY_CP_SIZE, &cp); 863 } else { 864 io_capability_reply_cp cp; 865 memset(&cp, 0, sizeof(cp)); 866 bacpy(&cp.bdaddr, dba); 867 cp.capability = cap; 868 cp.oob_data = 0x00; 869 cp.authentication = auth; 870 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_IO_CAPABILITY_REPLY, 871 IO_CAPABILITY_REPLY_CP_SIZE, &cp); 872 } 873} 874 875static void io_capa_response(int index, void *ptr) 876{ 877 struct dev_info *dev = &devs[index]; 878 evt_io_capability_response *evt = ptr; 879 char da[18]; 880 881 ba2str(&evt->bdaddr, da); 882 DBG("hci%d IO capability response from %s", index, da); 883 884 btd_event_set_io_cap(&dev->bdaddr, &evt->bdaddr, 885 evt->capability, evt->authentication); 886} 887 888/* PIN code handling */ 889 890static void pin_code_request(int index, bdaddr_t *dba) 891{ 892 struct dev_info *dev = &devs[index]; 893 char addr[18]; 894 int err; 895 896 ba2str(dba, addr); 897 DBG("hci%d PIN request for %s", index, addr); 898 899 err = btd_event_request_pin(&dev->bdaddr, dba); 900 if (err < 0) { 901 error("PIN code negative reply: %s", strerror(-err)); 902 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_PIN_CODE_NEG_REPLY, 903 6, dba); 904 } 905} 906 907static void start_inquiry(bdaddr_t *local, uint8_t status, gboolean periodic) 908{ 909 struct btd_adapter *adapter; 910 int state; 911 912 /* Don't send the signal if the cmd failed */ 913 if (status) { 914 error("Inquiry Failed with status 0x%02x", status); 915 return; 916 } 917 918 adapter = manager_find_adapter(local); 919 if (!adapter) { 920 error("Unable to find matching adapter"); 921 return; 922 } 923 924 state = adapter_get_state(adapter); 925 926 if (periodic) 927 state |= STATE_PINQ; 928 else 929 state |= STATE_STDINQ; 930 931 adapter_set_state(adapter, state); 932} 933 934static void inquiry_complete(bdaddr_t *local, uint8_t status, 935 gboolean periodic) 936{ 937 struct btd_adapter *adapter; 938 int state; 939 940 /* Don't send the signal if the cmd failed */ 941 if (status) { 942 error("Inquiry Failed with status 0x%02x", status); 943 return; 944 } 945 946 adapter = manager_find_adapter(local); 947 if (!adapter) { 948 error("Unable to find matching adapter"); 949 return; 950 } 951 952 state = adapter_get_state(adapter); 953 state &= ~(STATE_STDINQ | STATE_PINQ); 954 adapter_set_state(adapter, state); 955} 956 957static inline void remote_features_notify(int index, void *ptr) 958{ 959 struct dev_info *dev = &devs[index]; 960 evt_remote_host_features_notify *evt = ptr; 961 962 if (evt->features[0] & 0x01) 963 btd_event_set_legacy_pairing(&dev->bdaddr, &evt->bdaddr, 964 FALSE); 965 else 966 btd_event_set_legacy_pairing(&dev->bdaddr, &evt->bdaddr, 967 TRUE); 968 969 write_features_info(&dev->bdaddr, &evt->bdaddr, NULL, evt->features); 970} 971 972static void write_le_host_complete(int index, uint8_t status) 973{ 974 struct dev_info *dev = &devs[index]; 975 uint8_t page_num = 0x01; 976 977 if (status) 978 return; 979 980 if (hci_send_cmd(dev->sk, OGF_INFO_PARAM, 981 OCF_READ_LOCAL_EXT_FEATURES, 1, &page_num) < 0) 982 error("Unable to read extended local features: %s (%d)", 983 strerror(errno), errno); 984} 985 986static void read_local_version_complete(int index, 987 const read_local_version_rp *rp) 988{ 989 struct dev_info *dev = &devs[index]; 990 991 if (rp->status) 992 return; 993 994 dev->ver.manufacturer = btohs(bt_get_unaligned(&rp->manufacturer)); 995 dev->ver.hci_ver = rp->hci_ver; 996 dev->ver.hci_rev = btohs(bt_get_unaligned(&rp->hci_rev)); 997 dev->ver.lmp_ver = rp->lmp_ver; 998 dev->ver.lmp_subver = btohs(bt_get_unaligned(&rp->lmp_subver)); 999 1000 if (!dev->pending) 1001 return; 1002 1003 hci_clear_bit(PENDING_VERSION, &dev->pending); 1004 1005 DBG("Got version for hci%d", index); 1006 1007 if (!dev->pending && dev->up) 1008 init_adapter(index); 1009} 1010 1011static void read_local_features_complete(int index, 1012 const read_local_features_rp *rp) 1013{ 1014 struct dev_info *dev = &devs[index]; 1015 1016 if (rp->status) 1017 return; 1018 1019 memcpy(dev->features, rp->features, 8); 1020 1021 if (!dev->pending) 1022 return; 1023 1024 hci_clear_bit(PENDING_FEATURES, &dev->pending); 1025 1026 DBG("Got features for hci%d", index); 1027 1028 if (!dev->pending && dev->up) 1029 init_adapter(index); 1030} 1031 1032#define SIZEOF_UUID128 16 1033 1034static void eir_generate_uuid128(GSList *list, uint8_t *ptr, uint16_t *eir_len) 1035{ 1036 int i, k, uuid_count = 0; 1037 uint16_t len = *eir_len; 1038 uint8_t *uuid128; 1039 gboolean truncated = FALSE; 1040 1041 /* Store UUIDs in place, skip 2 bytes to write type and length later */ 1042 uuid128 = ptr + 2; 1043 1044 for (; list; list = list->next) { 1045 struct uuid_info *uuid = list->data; 1046 uint8_t *uuid128_data = uuid->uuid.value.uuid128.data; 1047 1048 if (uuid->uuid.type != SDP_UUID128) 1049 continue; 1050 1051 /* Stop if not enough space to put next UUID128 */ 1052 if ((len + 2 + SIZEOF_UUID128) > EIR_DATA_LENGTH) { 1053 truncated = TRUE; 1054 break; 1055 } 1056 1057 /* Check for duplicates, EIR data is Little Endian */ 1058 for (i = 0; i < uuid_count; i++) { 1059 for (k = 0; k < SIZEOF_UUID128; k++) { 1060 if (uuid128[i * SIZEOF_UUID128 + k] != 1061 uuid128_data[SIZEOF_UUID128 - 1 - k]) 1062 break; 1063 } 1064 if (k == SIZEOF_UUID128) 1065 break; 1066 } 1067 1068 if (i < uuid_count) 1069 continue; 1070 1071 /* EIR data is Little Endian */ 1072 for (k = 0; k < SIZEOF_UUID128; k++) 1073 uuid128[uuid_count * SIZEOF_UUID128 + k] = 1074 uuid128_data[SIZEOF_UUID128 - 1 - k]; 1075 1076 len += SIZEOF_UUID128; 1077 uuid_count++; 1078 } 1079 1080 if (uuid_count > 0 || truncated) { 1081 /* EIR Data length */ 1082 ptr[0] = (uuid_count * SIZEOF_UUID128) + 1; 1083 /* EIR Data type */ 1084 ptr[1] = truncated ? EIR_UUID128_SOME : EIR_UUID128_ALL; 1085 len += 2; 1086 *eir_len = len; 1087 } 1088} 1089 1090static void create_ext_inquiry_response(int index, uint8_t *data) 1091{ 1092 struct dev_info *dev = &devs[index]; 1093 GSList *l; 1094 uint8_t *ptr = data; 1095 uint16_t eir_len = 0; 1096 uint16_t uuid16[EIR_DATA_LENGTH / 2]; 1097 int i, uuid_count = 0; 1098 gboolean truncated = FALSE; 1099 size_t name_len; 1100 1101 name_len = strlen(dev->name); 1102 1103 if (name_len > 0) { 1104 /* EIR Data type */ 1105 if (name_len > 48) { 1106 name_len = 48; 1107 ptr[1] = EIR_NAME_SHORT; 1108 } else 1109 ptr[1] = EIR_NAME_COMPLETE; 1110 1111 /* EIR Data length */ 1112 ptr[0] = name_len + 1; 1113 1114 memcpy(ptr + 2, dev->name, name_len); 1115 1116 eir_len += (name_len + 2); 1117 ptr += (name_len + 2); 1118 } 1119 1120 if (dev->tx_power != 0) { 1121 *ptr++ = 2; 1122 *ptr++ = EIR_TX_POWER; 1123 *ptr++ = (uint8_t) dev->tx_power; 1124 eir_len += 3; 1125 } 1126 1127 if (dev->did_vendor != 0x0000) { 1128 uint16_t source = 0x0002; 1129 *ptr++ = 9; 1130 *ptr++ = EIR_DEVICE_ID; 1131 *ptr++ = (source & 0x00ff); 1132 *ptr++ = (source & 0xff00) >> 8; 1133 *ptr++ = (dev->did_vendor & 0x00ff); 1134 *ptr++ = (dev->did_vendor & 0xff00) >> 8; 1135 *ptr++ = (dev->did_product & 0x00ff); 1136 *ptr++ = (dev->did_product & 0xff00) >> 8; 1137 *ptr++ = (dev->did_version & 0x00ff); 1138 *ptr++ = (dev->did_version & 0xff00) >> 8; 1139 eir_len += 10; 1140 } 1141 1142 /* Group all UUID16 types */ 1143 for (l = dev->uuids; l != NULL; l = g_slist_next(l)) { 1144 struct uuid_info *uuid = l->data; 1145 1146 if (uuid->uuid.type != SDP_UUID16) 1147 continue; 1148 1149 if (uuid->uuid.value.uuid16 < 0x1100) 1150 continue; 1151 1152 if (uuid->uuid.value.uuid16 == PNP_INFO_SVCLASS_ID) 1153 continue; 1154 1155 /* Stop if not enough space to put next UUID16 */ 1156 if ((eir_len + 2 + sizeof(uint16_t)) > EIR_DATA_LENGTH) { 1157 truncated = TRUE; 1158 break; 1159 } 1160 1161 /* Check for duplicates */ 1162 for (i = 0; i < uuid_count; i++) 1163 if (uuid16[i] == uuid->uuid.value.uuid16) 1164 break; 1165 1166 if (i < uuid_count) 1167 continue; 1168 1169 uuid16[uuid_count++] = uuid->uuid.value.uuid16; 1170 eir_len += sizeof(uint16_t); 1171 } 1172 1173 if (uuid_count > 0) { 1174 /* EIR Data length */ 1175 ptr[0] = (uuid_count * sizeof(uint16_t)) + 1; 1176 /* EIR Data type */ 1177 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL; 1178 1179 ptr += 2; 1180 eir_len += 2; 1181 1182 for (i = 0; i < uuid_count; i++) { 1183 *ptr++ = (uuid16[i] & 0x00ff); 1184 *ptr++ = (uuid16[i] & 0xff00) >> 8; 1185 } 1186 } 1187 1188 /* Group all UUID128 types */ 1189 if (eir_len <= EIR_DATA_LENGTH - 2) 1190 eir_generate_uuid128(dev->uuids, ptr, &eir_len); 1191} 1192 1193static void update_ext_inquiry_response(int index) 1194{ 1195 struct dev_info *dev = &devs[index]; 1196 write_ext_inquiry_response_cp cp; 1197 1198 DBG("hci%d", index); 1199 1200 if (!(dev->features[6] & LMP_EXT_INQ)) 1201 return; 1202 1203 if (dev->ssp_mode == 0) 1204 return; 1205 1206 if (dev->cache_enable) 1207 return; 1208 1209 memset(&cp, 0, sizeof(cp)); 1210 1211 create_ext_inquiry_response(index, cp.data); 1212 1213 if (memcmp(cp.data, dev->eir, sizeof(cp.data)) == 0) 1214 return; 1215 1216 memcpy(dev->eir, cp.data, sizeof(cp.data)); 1217 1218 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 1219 OCF_WRITE_EXT_INQUIRY_RESPONSE, 1220 WRITE_EXT_INQUIRY_RESPONSE_CP_SIZE, &cp) < 0) 1221 error("Unable to write EIR data: %s (%d)", 1222 strerror(errno), errno); 1223} 1224 1225static void update_name(int index, const char *name) 1226{ 1227 struct btd_adapter *adapter; 1228 1229 adapter = manager_find_adapter_by_id(index); 1230 if (adapter) 1231 adapter_update_local_name(adapter, name); 1232 1233 update_ext_inquiry_response(index); 1234} 1235 1236static void read_local_name_complete(int index, read_local_name_rp *rp) 1237{ 1238 struct dev_info *dev = &devs[index]; 1239 1240 DBG("hci%d status %u", index, rp->status); 1241 1242 if (rp->status) 1243 return; 1244 1245 memcpy(dev->name, rp->name, 248); 1246 1247 if (!dev->pending) { 1248 update_name(index, (char *) rp->name); 1249 return; 1250 } 1251 1252 hci_clear_bit(PENDING_NAME, &dev->pending); 1253 1254 DBG("Got name for hci%d", index); 1255 1256 if (!dev->up) 1257 return; 1258 1259 /* Even though it shouldn't happen (assuming the kernel behaves 1260 * properly) it seems like we might miss the very first 1261 * initialization commands that the kernel sends. So check for 1262 * it here (since read_local_name is one of the last init 1263 * commands) and resend the first ones if we haven't seen 1264 * their results yet */ 1265 1266 if (hci_test_bit(PENDING_FEATURES, &dev->pending)) 1267 hci_send_cmd(dev->sk, OGF_INFO_PARAM, 1268 OCF_READ_LOCAL_FEATURES, 0, NULL); 1269 1270 if (hci_test_bit(PENDING_VERSION, &dev->pending)) 1271 hci_send_cmd(dev->sk, OGF_INFO_PARAM, 1272 OCF_READ_LOCAL_VERSION, 0, NULL); 1273 1274 if (!dev->pending) 1275 init_adapter(index); 1276} 1277 1278static void read_tx_power_complete(int index, void *ptr) 1279{ 1280 struct dev_info *dev = &devs[index]; 1281 1282 read_inq_response_tx_power_level_rp *rp = ptr; 1283 1284 DBG("hci%d status %u", index, rp->status); 1285 1286 if (rp->status) 1287 return; 1288 1289 dev->tx_power = rp->level; 1290 update_ext_inquiry_response(index); 1291} 1292 1293static void read_simple_pairing_mode_complete(int index, void *ptr) 1294{ 1295 struct dev_info *dev = &devs[index]; 1296 read_simple_pairing_mode_rp *rp = ptr; 1297 struct btd_adapter *adapter; 1298 1299 DBG("hci%d status %u", index, rp->status); 1300 1301 if (rp->status) 1302 return; 1303 1304 dev->ssp_mode = rp->mode; 1305 update_ext_inquiry_response(index); 1306 1307 adapter = manager_find_adapter(&dev->bdaddr); 1308 if (!adapter) { 1309 error("No matching adapter found"); 1310 return; 1311 } 1312 1313 adapter_update_ssp_mode(adapter, rp->mode); 1314} 1315 1316static void read_local_ext_features_complete(int index, 1317 const read_local_ext_features_rp *rp) 1318{ 1319 struct btd_adapter *adapter; 1320 1321 DBG("hci%d status %u", index, rp->status); 1322 1323 if (rp->status) 1324 return; 1325 1326 adapter = manager_find_adapter_by_id(index); 1327 if (!adapter) { 1328 error("No matching adapter found"); 1329 return; 1330 } 1331 1332 /* Local Extended feature page number is 1 */ 1333 if (rp->page_num != 1) 1334 return; 1335 1336 btd_adapter_update_local_ext_features(adapter, rp->features); 1337} 1338 1339static void read_bd_addr_complete(int index, read_bd_addr_rp *rp) 1340{ 1341 struct dev_info *dev = &devs[index]; 1342 1343 DBG("hci%d status %u", index, rp->status); 1344 1345 if (rp->status) 1346 return; 1347 1348 bacpy(&dev->bdaddr, &rp->bdaddr); 1349 1350 if (!dev->pending) 1351 return; 1352 1353 hci_clear_bit(PENDING_BDADDR, &dev->pending); 1354 1355 DBG("Got bdaddr for hci%d", index); 1356 1357 if (!dev->pending && dev->up) 1358 init_adapter(index); 1359} 1360 1361static inline void cmd_status(int index, void *ptr) 1362{ 1363 struct dev_info *dev = &devs[index]; 1364 evt_cmd_status *evt = ptr; 1365 uint16_t opcode = btohs(evt->opcode); 1366 1367 if (opcode == cmd_opcode_pack(OGF_LINK_CTL, OCF_INQUIRY)) 1368 start_inquiry(&dev->bdaddr, evt->status, FALSE); 1369} 1370 1371static void read_scan_complete(int index, uint8_t status, void *ptr) 1372{ 1373 struct btd_adapter *adapter; 1374 read_scan_enable_rp *rp = ptr; 1375 1376 DBG("hci%d status %u", index, status); 1377 1378 adapter = manager_find_adapter_by_id(index); 1379 if (!adapter) { 1380 error("Unable to find matching adapter"); 1381 return; 1382 } 1383 1384 adapter_mode_changed(adapter, rp->enable); 1385} 1386 1387static int write_class(int index, uint32_t class) 1388{ 1389 struct dev_info *dev = &devs[index]; 1390 write_class_of_dev_cp cp; 1391 1392 DBG("hci%d class 0x%06x", index, class); 1393 1394 memcpy(cp.dev_class, &class, 3); 1395 1396 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_CLASS_OF_DEV, 1397 WRITE_CLASS_OF_DEV_CP_SIZE, &cp) < 0) 1398 return -errno; 1399 1400 dev->pending_cod = class; 1401 1402 return 0; 1403} 1404 1405/* Limited Discoverable bit mask in CoD */ 1406#define LIMITED_BIT 0x002000 1407 1408static int hciops_set_limited_discoverable(int index, gboolean limited) 1409{ 1410 struct dev_info *dev = &devs[index]; 1411 int num = (limited ? 2 : 1); 1412 uint8_t lap[] = { 0x33, 0x8b, 0x9e, 0x00, 0x8b, 0x9e }; 1413 write_current_iac_lap_cp cp; 1414 1415 DBG("hci%d limited %d", index, limited); 1416 1417 /* Check if limited bit needs to be set/reset */ 1418 if (limited) 1419 dev->wanted_cod |= LIMITED_BIT; 1420 else 1421 dev->wanted_cod &= ~LIMITED_BIT; 1422 1423 /* If we dont need the toggling, save an unnecessary CoD write */ 1424 if (dev->pending_cod || dev->wanted_cod == dev->current_cod) 1425 return 0; 1426 1427 /* 1428 * 1: giac 1429 * 2: giac + liac 1430 */ 1431 memset(&cp, 0, sizeof(cp)); 1432 cp.num_current_iac = num; 1433 memcpy(&cp.lap, lap, num * 3); 1434 1435 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_CURRENT_IAC_LAP, 1436 (num * 3 + 1), &cp) < 0) 1437 return -errno; 1438 1439 return write_class(index, dev->wanted_cod); 1440} 1441 1442static void write_class_complete(int index, uint8_t status) 1443{ 1444 struct dev_info *dev = &devs[index]; 1445 struct btd_adapter *adapter; 1446 1447 if (status) 1448 return; 1449 1450 if (dev->pending_cod == 0) 1451 return; 1452 1453 dev->current_cod = dev->pending_cod; 1454 dev->pending_cod = 0; 1455 1456 adapter = manager_find_adapter(&dev->bdaddr); 1457 if (adapter) 1458 btd_adapter_class_changed(adapter, dev->current_cod); 1459 1460 update_ext_inquiry_response(index); 1461 1462 if (dev->wanted_cod == dev->current_cod) 1463 return; 1464 1465 if (dev->wanted_cod & LIMITED_BIT && 1466 !(dev->current_cod & LIMITED_BIT)) 1467 hciops_set_limited_discoverable(index, TRUE); 1468 else if (!(dev->wanted_cod & LIMITED_BIT) && 1469 (dev->current_cod & LIMITED_BIT)) 1470 hciops_set_limited_discoverable(index, FALSE); 1471 else 1472 write_class(index, dev->wanted_cod); 1473} 1474 1475static inline void cmd_complete(int index, void *ptr) 1476{ 1477 struct dev_info *dev = &devs[index]; 1478 evt_cmd_complete *evt = ptr; 1479 uint16_t opcode = btohs(evt->opcode); 1480 uint8_t status = *((uint8_t *) ptr + EVT_CMD_COMPLETE_SIZE); 1481 1482 switch (opcode) { 1483 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_VERSION): 1484 ptr += sizeof(evt_cmd_complete); 1485 read_local_version_complete(index, ptr); 1486 break; 1487 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_FEATURES): 1488 ptr += sizeof(evt_cmd_complete); 1489 read_local_features_complete(index, ptr); 1490 break; 1491 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_EXT_FEATURES): 1492 ptr += sizeof(evt_cmd_complete); 1493 read_local_ext_features_complete(index, ptr); 1494 break; 1495 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_BD_ADDR): 1496 ptr += sizeof(evt_cmd_complete); 1497 read_bd_addr_complete(index, ptr); 1498 break; 1499 case cmd_opcode_pack(OGF_LINK_CTL, OCF_PERIODIC_INQUIRY): 1500 start_inquiry(&dev->bdaddr, status, TRUE); 1501 break; 1502 case cmd_opcode_pack(OGF_LINK_CTL, OCF_EXIT_PERIODIC_INQUIRY): 1503 inquiry_complete(&dev->bdaddr, status, TRUE); 1504 break; 1505 case cmd_opcode_pack(OGF_LINK_CTL, OCF_INQUIRY_CANCEL): 1506 inquiry_complete(&dev->bdaddr, status, FALSE); 1507 break; 1508 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_LE_HOST_SUPPORTED): 1509 write_le_host_complete(index, status); 1510 break; 1511 case cmd_opcode_pack(OGF_LE_CTL, OCF_LE_SET_SCAN_ENABLE): 1512 btd_event_le_set_scan_enable_complete(&dev->bdaddr, status); 1513 break; 1514 case cmd_opcode_pack(OGF_HOST_CTL, OCF_CHANGE_LOCAL_NAME): 1515 if (!status) 1516 hci_send_cmd(dev->sk, OGF_HOST_CTL, 1517 OCF_READ_LOCAL_NAME, 0, 0); 1518 break; 1519 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE): 1520 btd_event_setscan_enable_complete(&dev->bdaddr); 1521 break; 1522 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_SCAN_ENABLE): 1523 ptr += sizeof(evt_cmd_complete); 1524 read_scan_complete(index, status, ptr); 1525 break; 1526 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_CLASS_OF_DEV): 1527 write_class_complete(index, status); 1528 break; 1529 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_SIMPLE_PAIRING_MODE): 1530 if (!status) 1531 hci_send_cmd(dev->sk, OGF_HOST_CTL, 1532 OCF_READ_SIMPLE_PAIRING_MODE, 0, NULL); 1533 break; 1534 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_SIMPLE_PAIRING_MODE): 1535 ptr += sizeof(evt_cmd_complete); 1536 read_simple_pairing_mode_complete(index, ptr); 1537 break; 1538 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_LOCAL_NAME): 1539 ptr += sizeof(evt_cmd_complete); 1540 read_local_name_complete(index, ptr); 1541 break; 1542 case cmd_opcode_pack(OGF_HOST_CTL, 1543 OCF_READ_INQ_RESPONSE_TX_POWER_LEVEL): 1544 ptr += sizeof(evt_cmd_complete); 1545 read_tx_power_complete(index, ptr); 1546 break; 1547 }; 1548} 1549 1550static inline void remote_name_information(int index, void *ptr) 1551{ 1552 struct dev_info *dev = &devs[index]; 1553 evt_remote_name_req_complete *evt = ptr; 1554 char name[MAX_NAME_LENGTH + 1]; 1555 1556 DBG("hci%d status %u", index, evt->status); 1557 1558 memset(name, 0, sizeof(name)); 1559 1560 if (!evt->status) 1561 memcpy(name, evt->name, MAX_NAME_LENGTH); 1562 1563 btd_event_remote_name(&dev->bdaddr, &evt->bdaddr, evt->status, name); 1564} 1565 1566static inline void remote_version_information(int index, void *ptr) 1567{ 1568 struct dev_info *dev = &devs[index]; 1569 evt_read_remote_version_complete *evt = ptr; 1570 bdaddr_t dba; 1571 1572 DBG("hci%d status %u", index, evt->status); 1573 1574 if (evt->status) 1575 return; 1576 1577 if (get_bdaddr(index, btohs(evt->handle), &dba) < 0) 1578 return; 1579 1580 write_version_info(&dev->bdaddr, &dba, btohs(evt->manufacturer), 1581 evt->lmp_ver, btohs(evt->lmp_subver)); 1582} 1583 1584static inline void inquiry_result(int index, int plen, void *ptr) 1585{ 1586 struct dev_info *dev = &devs[index]; 1587 uint8_t num = *(uint8_t *) ptr++; 1588 int i; 1589 1590 for (i = 0; i < num; i++) { 1591 inquiry_info *info = ptr; 1592 uint32_t class = info->dev_class[0] | 1593 (info->dev_class[1] << 8) | 1594 (info->dev_class[2] << 16); 1595 1596 btd_event_device_found(&dev->bdaddr, &info->bdaddr, class, 1597 0, NULL); 1598 ptr += INQUIRY_INFO_SIZE; 1599 } 1600} 1601 1602static inline void inquiry_result_with_rssi(int index, int plen, void *ptr) 1603{ 1604 struct dev_info *dev = &devs[index]; 1605 uint8_t num = *(uint8_t *) ptr++; 1606 int i; 1607 1608 if (!num) 1609 return; 1610 1611 if ((plen - 1) / num == INQUIRY_INFO_WITH_RSSI_AND_PSCAN_MODE_SIZE) { 1612 for (i = 0; i < num; i++) { 1613 inquiry_info_with_rssi_and_pscan_mode *info = ptr; 1614 uint32_t class = info->dev_class[0] 1615 | (info->dev_class[1] << 8) 1616 | (info->dev_class[2] << 16); 1617 1618 btd_event_device_found(&dev->bdaddr, &info->bdaddr, 1619 class, info->rssi, NULL); 1620 ptr += INQUIRY_INFO_WITH_RSSI_AND_PSCAN_MODE_SIZE; 1621 } 1622 } else { 1623 for (i = 0; i < num; i++) { 1624 inquiry_info_with_rssi *info = ptr; 1625 uint32_t class = info->dev_class[0] 1626 | (info->dev_class[1] << 8) 1627 | (info->dev_class[2] << 16); 1628 1629 btd_event_device_found(&dev->bdaddr, &info->bdaddr, 1630 class, info->rssi, NULL); 1631 ptr += INQUIRY_INFO_WITH_RSSI_SIZE; 1632 } 1633 } 1634} 1635 1636static inline void extended_inquiry_result(int index, int plen, void *ptr) 1637{ 1638 struct dev_info *dev = &devs[index]; 1639 uint8_t num = *(uint8_t *) ptr++; 1640 int i; 1641 1642 for (i = 0; i < num; i++) { 1643 extended_inquiry_info *info = ptr; 1644 uint32_t class = info->dev_class[0] 1645 | (info->dev_class[1] << 8) 1646 | (info->dev_class[2] << 16); 1647 1648 btd_event_device_found(&dev->bdaddr, &info->bdaddr, class, 1649 info->rssi, info->data); 1650 ptr += EXTENDED_INQUIRY_INFO_SIZE; 1651 } 1652} 1653 1654static inline void remote_features_information(int index, void *ptr) 1655{ 1656 struct dev_info *dev = &devs[index]; 1657 evt_read_remote_features_complete *evt = ptr; 1658 bdaddr_t dba; 1659 1660 DBG("hci%d status %u", index, evt->status); 1661 1662 if (evt->status) 1663 return; 1664 1665 if (get_bdaddr(index, btohs(evt->handle), &dba) < 0) 1666 return; 1667 1668 write_features_info(&dev->bdaddr, &dba, evt->features, NULL); 1669} 1670 1671struct remote_version_req { 1672 int index; 1673 uint16_t handle; 1674}; 1675 1676static gboolean __get_remote_version(gpointer user_data) 1677{ 1678 struct remote_version_req *req = user_data; 1679 struct dev_info *dev = &devs[req->index]; 1680 read_remote_version_cp cp; 1681 1682 DBG("hci%d handle %u", req->index, req->handle); 1683 1684 memset(&cp, 0, sizeof(cp)); 1685 cp.handle = htobs(req->handle); 1686 1687 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_READ_REMOTE_VERSION, 1688 READ_REMOTE_VERSION_CP_SIZE, &cp); 1689 1690 return FALSE; 1691} 1692 1693static void get_remote_version(int index, uint16_t handle) 1694{ 1695 struct remote_version_req *req; 1696 1697 req = g_new0(struct remote_version_req, 1); 1698 req->handle = handle; 1699 req->index = index; 1700 1701 g_timeout_add_seconds_full(G_PRIORITY_DEFAULT, 1, __get_remote_version, 1702 req, g_free); 1703} 1704 1705static inline void conn_complete(int index, void *ptr) 1706{ 1707 struct dev_info *dev = &devs[index]; 1708 evt_conn_complete *evt = ptr; 1709 char filename[PATH_MAX]; 1710 char local_addr[18], peer_addr[18], *str; 1711 1712 if (evt->link_type != ACL_LINK) 1713 return; 1714 1715 if (evt->status == 0) { 1716 struct acl_connection *conn; 1717 1718 conn = g_new0(struct acl_connection, 1); 1719 1720 bacpy(&conn->bdaddr, &evt->bdaddr); 1721 conn->handle = evt->handle; 1722 1723 dev->connections = g_slist_append(dev->connections, conn); 1724 } 1725 1726 btd_event_conn_complete(&dev->bdaddr, evt->status, &evt->bdaddr); 1727 1728 if (evt->status) 1729 return; 1730 1731 /* check if the remote version needs be requested */ 1732 ba2str(&dev->bdaddr, local_addr); 1733 ba2str(&evt->bdaddr, peer_addr); 1734 1735 create_name(filename, sizeof(filename), STORAGEDIR, local_addr, 1736 "manufacturers"); 1737 1738 str = textfile_get(filename, peer_addr); 1739 if (!str) 1740 get_remote_version(index, btohs(evt->handle)); 1741 else 1742 free(str); 1743} 1744 1745static inline void le_conn_complete(int index, void *ptr) 1746{ 1747 struct dev_info *dev = &devs[index]; 1748 evt_le_connection_complete *evt = ptr; 1749 char filename[PATH_MAX]; 1750 char local_addr[18], peer_addr[18], *str; 1751 1752 if (evt->status == 0) { 1753 struct acl_connection *conn; 1754 1755 conn = g_new0(struct acl_connection, 1); 1756 1757 bacpy(&conn->bdaddr, &evt->peer_bdaddr); 1758 conn->handle = evt->handle; 1759 1760 dev->connections = g_slist_append(dev->connections, conn); 1761 } 1762 1763 btd_event_conn_complete(&dev->bdaddr, evt->status, &evt->peer_bdaddr); 1764 1765 if (evt->status) 1766 return; 1767 1768 /* check if the remote version needs be requested */ 1769 ba2str(&dev->bdaddr, local_addr); 1770 ba2str(&evt->peer_bdaddr, peer_addr); 1771 1772 create_name(filename, sizeof(filename), STORAGEDIR, local_addr, 1773 "manufacturers"); 1774 1775 str = textfile_get(filename, peer_addr); 1776 if (!str) 1777 get_remote_version(index, btohs(evt->handle)); 1778 else 1779 free(str); 1780} 1781 1782static int conn_handle_cmp(gconstpointer a, gconstpointer b) 1783{ 1784 const struct acl_connection *conn = a; 1785 uint16_t handle = *((uint16_t *) b); 1786 1787 return (int) conn->handle - (int) handle; 1788} 1789 1790static inline void disconn_complete(int index, void *ptr) 1791{ 1792 struct dev_info *dev = &devs[index]; 1793 evt_disconn_complete *evt = ptr; 1794 struct acl_connection *conn; 1795 uint16_t handle; 1796 GSList *match; 1797 1798 if (evt->status != 0) 1799 return; 1800 1801 handle = btohs(evt->handle); 1802 match = g_slist_find_custom(dev->connections, &handle, 1803 conn_handle_cmp); 1804 if (match == NULL) 1805 return; 1806 1807 conn = match->data; 1808 1809 dev->connections = g_slist_delete_link(dev->connections, match); 1810 1811 btd_event_disconn_complete(&dev->bdaddr, &conn->bdaddr); 1812 1813 g_free(conn); 1814} 1815 1816static inline void auth_complete(int index, void *ptr) 1817{ 1818 struct dev_info *dev = &devs[index]; 1819 evt_auth_complete *evt = ptr; 1820 bdaddr_t dba; 1821 1822 DBG("hci%d status %u", index, evt->status); 1823 1824 if (get_bdaddr(index, btohs(evt->handle), &dba) < 0) 1825 return; 1826 1827 btd_event_bonding_process_complete(&dev->bdaddr, &dba, evt->status); 1828} 1829 1830static inline void simple_pairing_complete(int index, void *ptr) 1831{ 1832 struct dev_info *dev = &devs[index]; 1833 evt_simple_pairing_complete *evt = ptr; 1834 1835 DBG("hci%d status %u", index, evt->status); 1836 1837 btd_event_simple_pairing_complete(&dev->bdaddr, &evt->bdaddr, 1838 evt->status); 1839} 1840 1841static inline void conn_request(int index, void *ptr) 1842{ 1843 struct dev_info *dev = &devs[index]; 1844 evt_conn_request *evt = ptr; 1845 uint32_t class = evt->dev_class[0] | (evt->dev_class[1] << 8) 1846 | (evt->dev_class[2] << 16); 1847 1848 btd_event_remote_class(&dev->bdaddr, &evt->bdaddr, class); 1849} 1850 1851static inline void le_advertising_report(int index, evt_le_meta_event *meta) 1852{ 1853 struct dev_info *dev = &devs[index]; 1854 le_advertising_info *info; 1855 uint8_t num, i; 1856 1857 num = meta->data[0]; 1858 info = (le_advertising_info *) (meta->data + 1); 1859 1860 for (i = 0; i < num; i++) { 1861 btd_event_advertising_report(&dev->bdaddr, info); 1862 info = (le_advertising_info *) (info->data + info->length + 1); 1863 } 1864} 1865 1866static inline void le_metaevent(int index, void *ptr) 1867{ 1868 evt_le_meta_event *meta = ptr; 1869 1870 DBG("hci%d LE Meta Event %u", index, meta->subevent); 1871 1872 switch (meta->subevent) { 1873 case EVT_LE_ADVERTISING_REPORT: 1874 le_advertising_report(index, meta); 1875 break; 1876 1877 case EVT_LE_CONN_COMPLETE: 1878 le_conn_complete(index, meta->data); 1879 break; 1880 } 1881} 1882 1883static void stop_hci_dev(int index) 1884{ 1885 struct dev_info *dev = &devs[index]; 1886 1887 if (dev->sk < 0) 1888 return; 1889 1890 info("Stopping hci%d event socket", index); 1891 1892 if (dev->watch_id > 0) 1893 g_source_remove(dev->watch_id); 1894 1895 if (dev->io != NULL) 1896 g_io_channel_unref(dev->io); 1897 1898 hci_close_dev(dev->sk); 1899 1900 g_slist_foreach(dev->keys, (GFunc) g_free, NULL); 1901 g_slist_free(dev->keys); 1902 1903 g_slist_foreach(dev->uuids, (GFunc) g_free, NULL); 1904 g_slist_free(dev->uuids); 1905 1906 g_slist_foreach(dev->connections, (GFunc) g_free, NULL); 1907 g_slist_free(dev->connections); 1908 1909 init_dev_info(index, -1, dev->registered); 1910} 1911 1912static gboolean io_security_event(GIOChannel *chan, GIOCondition cond, 1913 gpointer data) 1914{ 1915 unsigned char buf[HCI_MAX_EVENT_SIZE], *ptr = buf; 1916 int type, index = GPOINTER_TO_INT(data); 1917 struct dev_info *dev = &devs[index]; 1918 struct hci_dev_info di; 1919 ssize_t len; 1920 hci_event_hdr *eh; 1921 evt_cmd_status *evt; 1922 int fd; 1923 1924 if (cond & (G_IO_NVAL | G_IO_HUP | G_IO_ERR)) { 1925 stop_hci_dev(index); 1926 return FALSE; 1927 } 1928 1929 fd = g_io_channel_unix_get_fd(chan); 1930 1931 len = read(fd, buf, sizeof(buf)); 1932 if (len < 0) { 1933 if (errno == EAGAIN) 1934 return TRUE; 1935 stop_hci_dev(index); 1936 return FALSE; 1937 } 1938 1939 type = *ptr++; 1940 1941 if (type != HCI_EVENT_PKT) 1942 return TRUE; 1943 1944 eh = (hci_event_hdr *) ptr; 1945 ptr += HCI_EVENT_HDR_SIZE; 1946 1947 memset(&di, 0, sizeof(di)); 1948 if (hci_devinfo(index, &di) == 0) { 1949 bacpy(&dev->bdaddr, &di.bdaddr); 1950 1951 if (ignore_device(&di)) 1952 return TRUE; 1953 } 1954 1955 switch (eh->evt) { 1956 case EVT_CMD_STATUS: 1957 cmd_status(index, ptr); 1958 break; 1959 1960 case EVT_CMD_COMPLETE: 1961 cmd_complete(index, ptr); 1962 break; 1963 1964 case EVT_REMOTE_NAME_REQ_COMPLETE: 1965 remote_name_information(index, ptr); 1966 break; 1967 1968 case EVT_READ_REMOTE_VERSION_COMPLETE: 1969 remote_version_information(index, ptr); 1970 break; 1971 1972 case EVT_READ_REMOTE_FEATURES_COMPLETE: 1973 remote_features_information(index, ptr); 1974 break; 1975 1976 case EVT_REMOTE_HOST_FEATURES_NOTIFY: 1977 remote_features_notify(index, ptr); 1978 break; 1979 1980 case EVT_INQUIRY_COMPLETE: 1981 evt = (evt_cmd_status *) ptr; 1982 inquiry_complete(&dev->bdaddr, evt->status, FALSE); 1983 break; 1984 1985 case EVT_INQUIRY_RESULT: 1986 inquiry_result(index, eh->plen, ptr); 1987 break; 1988 1989 case EVT_INQUIRY_RESULT_WITH_RSSI: 1990 inquiry_result_with_rssi(index, eh->plen, ptr); 1991 break; 1992 1993 case EVT_EXTENDED_INQUIRY_RESULT: 1994 extended_inquiry_result(index, eh->plen, ptr); 1995 break; 1996 1997 case EVT_CONN_COMPLETE: 1998 conn_complete(index, ptr); 1999 break; 2000 2001 case EVT_DISCONN_COMPLETE: 2002 disconn_complete(index, ptr); 2003 break; 2004 2005 case EVT_AUTH_COMPLETE: 2006 auth_complete(index, ptr); 2007 break; 2008 2009 case EVT_SIMPLE_PAIRING_COMPLETE: 2010 simple_pairing_complete(index, ptr); 2011 break; 2012 2013 case EVT_CONN_REQUEST: 2014 conn_request(index, ptr); 2015 break; 2016 case EVT_LE_META_EVENT: 2017 le_metaevent(index, ptr); 2018 break; 2019 case EVT_PIN_CODE_REQ: 2020 pin_code_request(index, (bdaddr_t *) ptr); 2021 break; 2022 2023 case EVT_LINK_KEY_REQ: 2024 link_key_request(index, (bdaddr_t *) ptr); 2025 break; 2026 2027 case EVT_LINK_KEY_NOTIFY: 2028 link_key_notify(index, ptr); 2029 break; 2030 2031 case EVT_RETURN_LINK_KEYS: 2032 return_link_keys(index, ptr); 2033 break; 2034 2035 case EVT_IO_CAPABILITY_REQUEST: 2036 io_capa_request(index, ptr); 2037 break; 2038 2039 case EVT_IO_CAPABILITY_RESPONSE: 2040 io_capa_response(index, ptr); 2041 break; 2042 2043 case EVT_USER_CONFIRM_REQUEST: 2044 user_confirm_request(index, ptr); 2045 break; 2046 2047 case EVT_USER_PASSKEY_REQUEST: 2048 user_passkey_request(index, ptr); 2049 break; 2050 2051 case EVT_USER_PASSKEY_NOTIFY: 2052 user_passkey_notify(index, ptr); 2053 break; 2054 2055 case EVT_REMOTE_OOB_DATA_REQUEST: 2056 remote_oob_data_request(index, ptr); 2057 break; 2058 } 2059 2060 return TRUE; 2061} 2062 2063static void start_hci_dev(int index) 2064{ 2065 struct dev_info *dev = &devs[index]; 2066 GIOChannel *chan = dev->io; 2067 GIOCondition cond; 2068 struct hci_filter flt; 2069 2070 if (chan) 2071 return; 2072 2073 info("Listening for HCI events on hci%d", index); 2074 2075 /* Set filter */ 2076 hci_filter_clear(&flt); 2077 hci_filter_set_ptype(HCI_EVENT_PKT, &flt); 2078 hci_filter_set_event(EVT_CMD_STATUS, &flt); 2079 hci_filter_set_event(EVT_CMD_COMPLETE, &flt); 2080 hci_filter_set_event(EVT_PIN_CODE_REQ, &flt); 2081 hci_filter_set_event(EVT_LINK_KEY_REQ, &flt); 2082 hci_filter_set_event(EVT_LINK_KEY_NOTIFY, &flt); 2083 hci_filter_set_event(EVT_RETURN_LINK_KEYS, &flt); 2084 hci_filter_set_event(EVT_IO_CAPABILITY_REQUEST, &flt); 2085 hci_filter_set_event(EVT_IO_CAPABILITY_RESPONSE, &flt); 2086 hci_filter_set_event(EVT_USER_CONFIRM_REQUEST, &flt); 2087 hci_filter_set_event(EVT_USER_PASSKEY_REQUEST, &flt); 2088 hci_filter_set_event(EVT_REMOTE_OOB_DATA_REQUEST, &flt); 2089 hci_filter_set_event(EVT_USER_PASSKEY_NOTIFY, &flt); 2090 hci_filter_set_event(EVT_KEYPRESS_NOTIFY, &flt); 2091 hci_filter_set_event(EVT_SIMPLE_PAIRING_COMPLETE, &flt); 2092 hci_filter_set_event(EVT_AUTH_COMPLETE, &flt); 2093 hci_filter_set_event(EVT_REMOTE_NAME_REQ_COMPLETE, &flt); 2094 hci_filter_set_event(EVT_READ_REMOTE_VERSION_COMPLETE, &flt); 2095 hci_filter_set_event(EVT_READ_REMOTE_FEATURES_COMPLETE, &flt); 2096 hci_filter_set_event(EVT_REMOTE_HOST_FEATURES_NOTIFY, &flt); 2097 hci_filter_set_event(EVT_INQUIRY_COMPLETE, &flt); 2098 hci_filter_set_event(EVT_INQUIRY_RESULT, &flt); 2099 hci_filter_set_event(EVT_INQUIRY_RESULT_WITH_RSSI, &flt); 2100 hci_filter_set_event(EVT_EXTENDED_INQUIRY_RESULT, &flt); 2101 hci_filter_set_event(EVT_CONN_REQUEST, &flt); 2102 hci_filter_set_event(EVT_CONN_COMPLETE, &flt); 2103 hci_filter_set_event(EVT_DISCONN_COMPLETE, &flt); 2104 hci_filter_set_event(EVT_LE_META_EVENT, &flt); 2105 if (setsockopt(dev->sk, SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) { 2106 error("Can't set filter on hci%d: %s (%d)", 2107 index, strerror(errno), errno); 2108 return; 2109 } 2110 2111 chan = g_io_channel_unix_new(dev->sk); 2112 cond = G_IO_IN | G_IO_NVAL | G_IO_HUP | G_IO_ERR; 2113 dev->watch_id = g_io_add_watch_full(chan, G_PRIORITY_LOW, cond, 2114 io_security_event, 2115 GINT_TO_POINTER(index), NULL); 2116 dev->io = chan; 2117 dev->pin_length = 0; 2118 2119} 2120 2121/* End of HCI event callbacks */ 2122 2123static gboolean child_exit(GIOChannel *io, GIOCondition cond, void *user_data) 2124{ 2125 int status, fd = g_io_channel_unix_get_fd(io); 2126 pid_t child_pid; 2127 2128 if (read(fd, &child_pid, sizeof(child_pid)) != sizeof(child_pid)) { 2129 error("child_exit: unable to read child pid from pipe"); 2130 return TRUE; 2131 } 2132 2133 if (waitpid(child_pid, &status, 0) != child_pid) 2134 error("waitpid(%d) failed", child_pid); 2135 else 2136 DBG("child %d exited", child_pid); 2137 2138 return TRUE; 2139} 2140 2141static void at_child_exit(void) 2142{ 2143 pid_t pid = getpid(); 2144 2145 if (write(child_pipe[1], &pid, sizeof(pid)) != sizeof(pid)) 2146 error("unable to write to child pipe"); 2147} 2148 2149static void device_devup_setup(int index) 2150{ 2151 struct dev_info *dev = &devs[index]; 2152 struct hci_dev_info di; 2153 read_stored_link_key_cp cp; 2154 2155 DBG("hci%d", index); 2156 2157 if (hci_devinfo(index, &di) < 0) 2158 return; 2159 2160 if (ignore_device(&di)) 2161 return; 2162 2163 bacpy(&dev->bdaddr, &di.bdaddr); 2164 memcpy(dev->features, di.features, 8); 2165 2166 /* Set page timeout */ 2167 if ((main_opts.flags & (1 << HCID_SET_PAGETO))) { 2168 write_page_timeout_cp cp; 2169 2170 cp.timeout = htobs(main_opts.pageto); 2171 hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_PAGE_TIMEOUT, 2172 WRITE_PAGE_TIMEOUT_CP_SIZE, &cp); 2173 } 2174 2175 bacpy(&cp.bdaddr, BDADDR_ANY); 2176 cp.read_all = 1; 2177 hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_READ_STORED_LINK_KEY, 2178 READ_STORED_LINK_KEY_CP_SIZE, &cp); 2179 2180 if (!dev->pending) 2181 init_adapter(index); 2182} 2183 2184static void init_pending(int index) 2185{ 2186 struct dev_info *dev = &devs[index]; 2187 2188 hci_set_bit(PENDING_BDADDR, &dev->pending); 2189 hci_set_bit(PENDING_VERSION, &dev->pending); 2190 hci_set_bit(PENDING_FEATURES, &dev->pending); 2191 hci_set_bit(PENDING_NAME, &dev->pending); 2192} 2193 2194static void init_device(int index) 2195{ 2196 struct hci_dev_req dr; 2197 int dd; 2198 pid_t pid; 2199 2200 DBG("hci%d", index); 2201 2202 dd = hci_open_dev(index); 2203 if (dd < 0) { 2204 error("Unable to open hci%d: %s (%d)", index, 2205 strerror(errno), errno); 2206 return; 2207 } 2208 2209 if (index > max_dev) { 2210 max_dev = index; 2211 devs = g_realloc(devs, sizeof(devs[0]) * (max_dev + 1)); 2212 } 2213 2214 init_dev_info(index, dd, FALSE); 2215 init_pending(index); 2216 start_hci_dev(index); 2217 2218 /* Do initialization in the separate process */ 2219 pid = fork(); 2220 switch (pid) { 2221 case 0: 2222 atexit(at_child_exit); 2223 break; 2224 case -1: 2225 error("Fork failed. Can't init device hci%d: %s (%d)", 2226 index, strerror(errno), errno); 2227 default: 2228 DBG("child %d forked", pid); 2229 return; 2230 } 2231 2232 memset(&dr, 0, sizeof(dr)); 2233 dr.dev_id = index; 2234 2235 /* Set link mode */ 2236 dr.dev_opt = main_opts.link_mode; 2237 if (ioctl(dd, HCISETLINKMODE, (unsigned long) &dr) < 0) 2238 error("Can't set link mode on hci%d: %s (%d)", 2239 index, strerror(errno), errno); 2240 2241 /* Start HCI device */ 2242 if (ioctl(dd, HCIDEVUP, index) < 0 && errno != EALREADY) { 2243 error("Can't init device hci%d: %s (%d)", 2244 index, strerror(errno), errno); 2245 goto fail; 2246 } 2247 2248 hci_close_dev(dd); 2249 exit(0); 2250 2251fail: 2252 hci_close_dev(dd); 2253 exit(1); 2254} 2255 2256static void device_devreg_setup(int index) 2257{ 2258 struct hci_dev_info di; 2259 2260 DBG("hci%d", index); 2261 2262 init_device(index); 2263 2264 memset(&di, 0, sizeof(di)); 2265 2266 if (hci_devinfo(index, &di) < 0) 2267 return; 2268 2269 if (ignore_device(&di)) 2270 return; 2271 2272 devs[index].already_up = hci_test_bit(HCI_UP, &di.flags); 2273} 2274 2275static void init_conn_list(int index) 2276{ 2277 struct dev_info *dev = &devs[index]; 2278 struct hci_conn_list_req *cl; 2279 struct hci_conn_info *ci; 2280 int err, i; 2281 2282 DBG("hci%d", index); 2283 2284 cl = g_malloc0(10 * sizeof(*ci) + sizeof(*cl)); 2285 2286 cl->dev_id = index; 2287 cl->conn_num = 10; 2288 ci = cl->conn_info; 2289 2290 if (ioctl(dev->sk, HCIGETCONNLIST, cl) < 0) { 2291 error("Unable to get connection list: %s (%d)", 2292 strerror(errno), errno); 2293 goto failed; 2294 } 2295 2296 for (i = 0; i < cl->conn_num; i++, ci++) { 2297 struct acl_connection *conn; 2298 2299 if (ci->type != ACL_LINK) 2300 continue; 2301 2302 conn = g_new0(struct acl_connection, 1); 2303 2304 bacpy(&conn->bdaddr, &ci->bdaddr); 2305 conn->handle = ci->handle; 2306 2307 dev->connections = g_slist_append(dev->connections, conn); 2308 } 2309 2310 err = 0; 2311 2312failed: 2313 g_free(cl); 2314} 2315 2316static void device_event(int event, int index) 2317{ 2318 switch (event) { 2319 case HCI_DEV_REG: 2320 info("HCI dev %d registered", index); 2321 device_devreg_setup(index); 2322 if (devs[index].already_up) { 2323 init_conn_list(index); 2324 device_event(HCI_DEV_UP, index); 2325 } 2326 break; 2327 2328 case HCI_DEV_UNREG: 2329 info("HCI dev %d unregistered", index); 2330 stop_hci_dev(index); 2331 if (devs[index].registered) 2332 btd_manager_unregister_adapter(index); 2333 break; 2334 2335 case HCI_DEV_UP: 2336 info("HCI dev %d up", index); 2337 devs[index].up = TRUE; 2338 device_devup_setup(index); 2339 break; 2340 2341 case HCI_DEV_DOWN: 2342 info("HCI dev %d down", index); 2343 devs[index].up = FALSE; 2344 devs[index].pending_cod = 0; 2345 devs[index].cache_enable = TRUE; 2346 if (!devs[index].pending) { 2347 struct btd_adapter *adapter; 2348 2349 adapter = manager_find_adapter_by_id(index); 2350 if (adapter) 2351 btd_adapter_stop(adapter); 2352 2353 init_pending(index); 2354 } 2355 break; 2356 } 2357} 2358 2359static int hciops_stop_inquiry(int index) 2360{ 2361 struct dev_info *dev = &devs[index]; 2362 struct hci_dev_info di; 2363 int err; 2364 2365 DBG("hci%d", index); 2366 2367 if (hci_devinfo(index, &di) < 0) 2368 return -errno; 2369 2370 if (hci_test_bit(HCI_INQUIRY, &di.flags)) 2371 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2372 OCF_INQUIRY_CANCEL, 0, 0); 2373 else 2374 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2375 OCF_EXIT_PERIODIC_INQUIRY, 0, 0); 2376 if (err < 0) 2377 err = -errno; 2378 2379 return err; 2380} 2381 2382static gboolean init_known_adapters(gpointer user_data) 2383{ 2384 struct hci_dev_list_req *dl; 2385 struct hci_dev_req *dr; 2386 int i, err, ctl = GPOINTER_TO_INT(user_data); 2387 size_t req_size; 2388 2389 DBG(""); 2390 2391 req_size = HCI_MAX_DEV * sizeof(struct hci_dev_req) + sizeof(uint16_t); 2392 2393 dl = g_try_malloc0(req_size); 2394 if (!dl) { 2395 error("Can't allocate devlist buffer"); 2396 return FALSE; 2397 } 2398 2399 dl->dev_num = HCI_MAX_DEV; 2400 dr = dl->dev_req; 2401 2402 if (ioctl(ctl, HCIGETDEVLIST, dl) < 0) { 2403 err = -errno; 2404 error("Can't get device list: %s (%d)", strerror(-err), -err); 2405 g_free(dl); 2406 return FALSE; 2407 } 2408 2409 for (i = 0; i < dl->dev_num; i++, dr++) { 2410 struct dev_info *dev; 2411 2412 device_event(HCI_DEV_REG, dr->dev_id); 2413 2414 dev = &devs[dr->dev_id]; 2415 2416 dev->already_up = hci_test_bit(HCI_UP, &dr->dev_opt); 2417 2418 if (!dev->already_up) 2419 continue; 2420 2421 hciops_stop_inquiry(dr->dev_id); 2422 2423 dev->pending = 0; 2424 hci_set_bit(PENDING_VERSION, &dev->pending); 2425 hci_send_cmd(dev->sk, OGF_INFO_PARAM, 2426 OCF_READ_LOCAL_VERSION, 0, NULL); 2427 device_event(HCI_DEV_UP, dr->dev_id); 2428 } 2429 2430 g_free(dl); 2431 2432 return FALSE; 2433} 2434 2435static gboolean io_stack_event(GIOChannel *chan, GIOCondition cond, 2436 gpointer data) 2437{ 2438 unsigned char buf[HCI_MAX_FRAME_SIZE], *ptr; 2439 evt_stack_internal *si; 2440 evt_si_device *sd; 2441 hci_event_hdr *eh; 2442 int type, fd; 2443 ssize_t len; 2444 2445 ptr = buf; 2446 2447 fd = g_io_channel_unix_get_fd(chan); 2448 2449 len = read(fd, buf, sizeof(buf)); 2450 if (len < 0) { 2451 if (errno == EAGAIN) 2452 return TRUE; 2453 2454 error("Read from control socket failed: %s (%d)", 2455 strerror(errno), errno); 2456 return FALSE; 2457 } 2458 2459 type = *ptr++; 2460 2461 if (type != HCI_EVENT_PKT) 2462 return TRUE; 2463 2464 eh = (hci_event_hdr *) ptr; 2465 if (eh->evt != EVT_STACK_INTERNAL) 2466 return TRUE; 2467 2468 ptr += HCI_EVENT_HDR_SIZE; 2469 2470 si = (evt_stack_internal *) ptr; 2471 switch (si->type) { 2472 case EVT_SI_DEVICE: 2473 sd = (void *) &si->data; 2474 device_event(sd->event, sd->dev_id); 2475 break; 2476 } 2477 2478 return TRUE; 2479} 2480 2481static int hciops_setup(void) 2482{ 2483 struct sockaddr_hci addr; 2484 struct hci_filter flt; 2485 GIOChannel *ctl_io, *child_io; 2486 int sock, err; 2487 2488 DBG(""); 2489 2490 if (child_pipe[0] != -1) 2491 return -EALREADY; 2492 2493 if (pipe(child_pipe) < 0) { 2494 err = -errno; 2495 error("pipe(): %s (%d)", strerror(-err), -err); 2496 return err; 2497 } 2498 2499 child_io = g_io_channel_unix_new(child_pipe[0]); 2500 g_io_channel_set_close_on_unref(child_io, TRUE); 2501 child_io_id = g_io_add_watch(child_io, 2502 G_IO_IN | G_IO_ERR | G_IO_HUP | G_IO_NVAL, 2503 child_exit, NULL); 2504 g_io_channel_unref(child_io); 2505 2506 /* Create and bind HCI socket */ 2507 sock = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI); 2508 if (sock < 0) { 2509 err = -errno; 2510 error("Can't open HCI socket: %s (%d)", strerror(-err), 2511 -err); 2512 return err; 2513 } 2514 2515 /* Set filter */ 2516 hci_filter_clear(&flt); 2517 hci_filter_set_ptype(HCI_EVENT_PKT, &flt); 2518 hci_filter_set_event(EVT_STACK_INTERNAL, &flt); 2519 if (setsockopt(sock, SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) { 2520 err = -errno; 2521 error("Can't set filter: %s (%d)", strerror(-err), -err); 2522 return err; 2523 } 2524 2525 memset(&addr, 0, sizeof(addr)); 2526 addr.hci_family = AF_BLUETOOTH; 2527 addr.hci_dev = HCI_DEV_NONE; 2528 if (bind(sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) { 2529 err = -errno; 2530 error("Can't bind HCI socket: %s (%d)", strerror(-err), -err); 2531 return err; 2532 } 2533 2534 ctl_io = g_io_channel_unix_new(sock); 2535 g_io_channel_set_close_on_unref(ctl_io, TRUE); 2536 2537 ctl_io_id = g_io_add_watch(ctl_io, G_IO_IN, io_stack_event, NULL); 2538 2539 g_io_channel_unref(ctl_io); 2540 2541 g_idle_add(init_known_adapters, GINT_TO_POINTER(sock)); 2542 2543 return 0; 2544} 2545 2546static void hciops_cleanup(void) 2547{ 2548 int i; 2549 2550 DBG(""); 2551 2552 for (i = 0; i <= max_dev; i++) 2553 stop_hci_dev(i); 2554 2555 g_free(devs); 2556 devs = NULL; 2557 max_dev = -1; 2558 2559 if (child_io_id) { 2560 g_source_remove(child_io_id); 2561 child_io_id = 0; 2562 } 2563 2564 if (ctl_io_id) { 2565 g_source_remove(ctl_io_id); 2566 ctl_io_id = 0; 2567 } 2568 2569 if (child_pipe[0] >= 0) { 2570 close(child_pipe[0]); 2571 child_pipe[0] = -1; 2572 } 2573 2574 if (child_pipe[1] >= 0) { 2575 close(child_pipe[1]); 2576 child_pipe[1] = -1; 2577 } 2578} 2579 2580static int hciops_set_powered(int index, gboolean powered) 2581{ 2582 struct dev_info *dev = &devs[index]; 2583 int err; 2584 2585 DBG("hci%d powered %d", index, powered); 2586 2587 if (powered == FALSE) 2588 return hciops_power_off(index); 2589 2590 if (ioctl(dev->sk, HCIDEVUP, index) == 0) 2591 return 0; 2592 2593 if (errno == EALREADY) 2594 return 0; 2595 2596 err = -errno; 2597 error("Can't init device hci%d: %s (%d)", 2598 index, strerror(-err), -err); 2599 2600 return err; 2601} 2602 2603static int hciops_set_dev_class(int index, uint8_t major, uint8_t minor) 2604{ 2605 struct dev_info *dev = &devs[index]; 2606 int err; 2607 2608 DBG("hci%d major %u minor %u", index, major, minor); 2609 2610 /* Update only the major and minor class bits keeping remaining bits 2611 * intact*/ 2612 dev->wanted_cod &= 0xffe000; 2613 dev->wanted_cod |= ((major & 0x1f) << 8) | minor; 2614 2615 if (dev->wanted_cod == dev->current_cod || 2616 dev->cache_enable || dev->pending_cod) 2617 return 0; 2618 2619 DBG("Changing Major/Minor class to 0x%06x", dev->wanted_cod); 2620 2621 err = write_class(index, dev->wanted_cod); 2622 if (err < 0) 2623 error("Adapter class update failed: %s (%d)", 2624 strerror(-err), -err); 2625 2626 return err; 2627} 2628 2629static int hciops_start_inquiry(int index, uint8_t length, gboolean periodic) 2630{ 2631 struct dev_info *dev = &devs[index]; 2632 uint8_t lap[3] = { 0x33, 0x8b, 0x9e }; 2633 int err; 2634 2635 DBG("hci%d length %u periodic %d", index, length, periodic); 2636 2637 if (periodic) { 2638 periodic_inquiry_cp cp; 2639 2640 memset(&cp, 0, sizeof(cp)); 2641 memcpy(&cp.lap, lap, 3); 2642 cp.max_period = htobs(24); 2643 cp.min_period = htobs(16); 2644 cp.length = length; 2645 cp.num_rsp = 0x00; 2646 2647 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2648 OCF_PERIODIC_INQUIRY, 2649 PERIODIC_INQUIRY_CP_SIZE, &cp); 2650 } else { 2651 inquiry_cp inq_cp; 2652 2653 memset(&inq_cp, 0, sizeof(inq_cp)); 2654 memcpy(&inq_cp.lap, lap, 3); 2655 inq_cp.length = length; 2656 inq_cp.num_rsp = 0x00; 2657 2658 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2659 OCF_INQUIRY, INQUIRY_CP_SIZE, &inq_cp); 2660 } 2661 2662 if (err < 0) 2663 err = -errno; 2664 2665 return err; 2666} 2667 2668static int le_set_scan_enable(int index, uint8_t enable) 2669{ 2670 struct dev_info *dev = &devs[index]; 2671 le_set_scan_enable_cp cp; 2672 2673 DBG("hci%d enable %u", index, enable); 2674 2675 memset(&cp, 0, sizeof(cp)); 2676 cp.enable = enable; 2677 cp.filter_dup = 0; 2678 2679 if (hci_send_cmd(dev->sk, OGF_LE_CTL, OCF_LE_SET_SCAN_ENABLE, 2680 LE_SET_SCAN_ENABLE_CP_SIZE, &cp) < 0) 2681 return -errno; 2682 2683 return 0; 2684} 2685 2686static int hciops_start_scanning(int index) 2687{ 2688 struct dev_info *dev = &devs[index]; 2689 le_set_scan_parameters_cp cp; 2690 2691 DBG("hci%d", index); 2692 2693 memset(&cp, 0, sizeof(cp)); 2694 cp.type = 0x01; /* Active scanning */ 2695 /* The recommended value for scan interval and window is 11.25 msec. 2696 * It is calculated by: time = n * 0.625 msec */ 2697 cp.interval = htobs(0x0012); 2698 cp.window = htobs(0x0012); 2699 cp.own_bdaddr_type = 0; /* Public address */ 2700 cp.filter = 0; /* Accept all adv packets */ 2701 2702 if (hci_send_cmd(dev->sk, OGF_LE_CTL, OCF_LE_SET_SCAN_PARAMETERS, 2703 LE_SET_SCAN_PARAMETERS_CP_SIZE, &cp) < 0) 2704 return -errno; 2705 2706 return le_set_scan_enable(index, 1); 2707} 2708 2709static int hciops_stop_scanning(int index) 2710{ 2711 DBG("hci%d", index); 2712 2713 return le_set_scan_enable(index, 0); 2714} 2715 2716static int hciops_resolve_name(int index, bdaddr_t *bdaddr) 2717{ 2718 struct dev_info *dev = &devs[index]; 2719 remote_name_req_cp cp; 2720 char addr[18]; 2721 2722 ba2str(bdaddr, addr); 2723 DBG("hci%d dba %s", index, addr); 2724 2725 memset(&cp, 0, sizeof(cp)); 2726 bacpy(&cp.bdaddr, bdaddr); 2727 cp.pscan_rep_mode = 0x02; 2728 2729 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_REMOTE_NAME_REQ, 2730 REMOTE_NAME_REQ_CP_SIZE, &cp) < 0) 2731 return -errno; 2732 2733 return 0; 2734} 2735 2736static int hciops_set_name(int index, const char *name) 2737{ 2738 struct dev_info *dev = &devs[index]; 2739 change_local_name_cp cp; 2740 2741 DBG("hci%d, name %s", index, name); 2742 2743 memset(&cp, 0, sizeof(cp)); 2744 strncpy((char *) cp.name, name, sizeof(cp.name)); 2745 2746 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_CHANGE_LOCAL_NAME, 2747 CHANGE_LOCAL_NAME_CP_SIZE, &cp) < 0) 2748 return -errno; 2749 2750 memcpy(dev->name, cp.name, 248); 2751 update_ext_inquiry_response(index); 2752 2753 return 0; 2754} 2755 2756static int hciops_cancel_resolve_name(int index, bdaddr_t *bdaddr) 2757{ 2758 struct dev_info *dev = &devs[index]; 2759 remote_name_req_cancel_cp cp; 2760 char addr[18]; 2761 2762 ba2str(bdaddr, addr); 2763 DBG("hci%d dba %s", index, addr); 2764 2765 memset(&cp, 0, sizeof(cp)); 2766 bacpy(&cp.bdaddr, bdaddr); 2767 2768 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_REMOTE_NAME_REQ_CANCEL, 2769 REMOTE_NAME_REQ_CANCEL_CP_SIZE, &cp) < 0) 2770 return -errno; 2771 2772 return 0; 2773} 2774 2775static int hciops_fast_connectable(int index, gboolean enable) 2776{ 2777 struct dev_info *dev = &devs[index]; 2778 write_page_activity_cp cp; 2779 uint8_t type; 2780 2781 DBG("hci%d enable %d", index, enable); 2782 2783 if (enable) { 2784 type = PAGE_SCAN_TYPE_INTERLACED; 2785 cp.interval = 0x0024; /* 22.5 msec page scan interval */ 2786 } else { 2787 type = PAGE_SCAN_TYPE_STANDARD; /* default */ 2788 cp.interval = 0x0800; /* default 1.28 sec page scan */ 2789 } 2790 2791 cp.window = 0x0012; /* default 11.25 msec page scan window */ 2792 2793 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_PAGE_ACTIVITY, 2794 WRITE_PAGE_ACTIVITY_CP_SIZE, &cp) < 0) 2795 return -errno; 2796 else if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 2797 OCF_WRITE_PAGE_SCAN_TYPE, 1, &type) < 0) 2798 return -errno; 2799 2800 return 0; 2801} 2802 2803static int hciops_read_clock(int index, bdaddr_t *bdaddr, int which, 2804 int timeout, uint32_t *clock, 2805 uint16_t *accuracy) 2806{ 2807 struct dev_info *dev = &devs[index]; 2808 uint16_t handle = 0; 2809 char addr[18]; 2810 int ret; 2811 2812 ba2str(bdaddr, addr); 2813 DBG("hci%d addr %s which %d timeout %d", index, addr, which, timeout); 2814 2815 ret = get_handle(index, bdaddr, &handle); 2816 if (ret < 0) 2817 return ret; 2818 2819 if (hci_read_clock(dev->sk, htobs(handle), which, clock, accuracy, 2820 timeout) < 0) 2821 return -errno; 2822 2823 return 0; 2824} 2825 2826static int hciops_read_bdaddr(int index, bdaddr_t *bdaddr) 2827{ 2828 struct dev_info *dev = &devs[index]; 2829 2830 DBG("hci%d", index); 2831 2832 bacpy(bdaddr, &dev->bdaddr); 2833 2834 return 0; 2835} 2836 2837static int hciops_block_device(int index, bdaddr_t *bdaddr) 2838{ 2839 struct dev_info *dev = &devs[index]; 2840 char addr[18]; 2841 2842 ba2str(bdaddr, addr); 2843 DBG("hci%d dba %s", index, addr); 2844 2845 if (ioctl(dev->sk, HCIBLOCKADDR, bdaddr) < 0) 2846 return -errno; 2847 2848 return 0; 2849} 2850 2851static int hciops_unblock_device(int index, bdaddr_t *bdaddr) 2852{ 2853 struct dev_info *dev = &devs[index]; 2854 char addr[18]; 2855 2856 ba2str(bdaddr, addr); 2857 DBG("hci%d dba %s", index, addr); 2858 2859 if (ioctl(dev->sk, HCIUNBLOCKADDR, bdaddr) < 0) 2860 return -errno; 2861 2862 return 0; 2863} 2864 2865static int hciops_get_conn_list(int index, GSList **conns) 2866{ 2867 struct dev_info *dev = &devs[index]; 2868 GSList *l; 2869 2870 DBG("hci%d", index); 2871 2872 *conns = NULL; 2873 2874 for (l = dev->connections; l != NULL; l = g_slist_next(l)) { 2875 struct acl_connection *conn = l->data; 2876 2877 *conns = g_slist_append(*conns, 2878 g_memdup(&conn->bdaddr, sizeof(bdaddr_t))); 2879 } 2880 2881 return 0; 2882} 2883 2884static int hciops_read_local_version(int index, struct hci_version *ver) 2885{ 2886 struct dev_info *dev = &devs[index]; 2887 2888 DBG("hci%d", index); 2889 2890 memcpy(ver, &dev->ver, sizeof(*ver)); 2891 2892 return 0; 2893} 2894 2895static int hciops_read_local_features(int index, uint8_t *features) 2896{ 2897 struct dev_info *dev = &devs[index]; 2898 2899 DBG("hci%d", index); 2900 2901 memcpy(features, dev->features, 8); 2902 2903 return 0; 2904} 2905 2906static int hciops_disconnect(int index, bdaddr_t *bdaddr) 2907{ 2908 DBG("hci%d", index); 2909 2910 return disconnect_addr(index, bdaddr, HCI_OE_USER_ENDED_CONNECTION); 2911} 2912 2913static int hciops_remove_bonding(int index, bdaddr_t *bdaddr) 2914{ 2915 struct dev_info *dev = &devs[index]; 2916 delete_stored_link_key_cp cp; 2917 GSList *match; 2918 char addr[18]; 2919 2920 ba2str(bdaddr, addr); 2921 DBG("hci%d dba %s", index, addr); 2922 2923 match = g_slist_find_custom(dev->keys, bdaddr, (GCompareFunc) bacmp); 2924 if (match) { 2925 g_free(match->data); 2926 dev->keys = g_slist_delete_link(dev->keys, match); 2927 } 2928 2929 memset(&cp, 0, sizeof(cp)); 2930 bacpy(&cp.bdaddr, bdaddr); 2931 2932 /* Delete the link key from the Bluetooth chip */ 2933 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_DELETE_STORED_LINK_KEY, 2934 DELETE_STORED_LINK_KEY_CP_SIZE, &cp) < 0) 2935 return -errno; 2936 2937 return 0; 2938} 2939 2940static int hciops_request_authentication(int index, bdaddr_t *bdaddr) 2941{ 2942 struct dev_info *dev = &devs[index]; 2943 auth_requested_cp cp; 2944 uint16_t handle; 2945 int err; 2946 2947 DBG("hci%d", index); 2948 2949 err = get_handle(index, bdaddr, &handle); 2950 if (err < 0) 2951 return err; 2952 2953 memset(&cp, 0, sizeof(cp)); 2954 cp.handle = htobs(handle); 2955 2956 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_AUTH_REQUESTED, 2957 AUTH_REQUESTED_CP_SIZE, &cp) < 0) 2958 return -errno; 2959 2960 return 0; 2961} 2962 2963static int hciops_pincode_reply(int index, bdaddr_t *bdaddr, const char *pin) 2964{ 2965 struct dev_info *dev = &devs[index]; 2966 char addr[18]; 2967 int err; 2968 2969 ba2str(bdaddr, addr); 2970 DBG("hci%d dba %s", index, addr); 2971 2972 if (pin) { 2973 pin_code_reply_cp pr; 2974 size_t len = strlen(pin); 2975 2976 dev->pin_length = len; 2977 2978 memset(&pr, 0, sizeof(pr)); 2979 bacpy(&pr.bdaddr, bdaddr); 2980 memcpy(pr.pin_code, pin, len); 2981 pr.pin_len = len; 2982 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2983 OCF_PIN_CODE_REPLY, 2984 PIN_CODE_REPLY_CP_SIZE, &pr); 2985 } else 2986 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2987 OCF_PIN_CODE_NEG_REPLY, 6, bdaddr); 2988 2989 if (err < 0) 2990 err = -errno; 2991 2992 return err; 2993} 2994 2995static int hciops_confirm_reply(int index, bdaddr_t *bdaddr, gboolean success) 2996{ 2997 struct dev_info *dev = &devs[index]; 2998 user_confirm_reply_cp cp; 2999 char addr[18]; 3000 int err; 3001 3002 ba2str(bdaddr, addr); 3003 DBG("hci%d dba %s success %d", index, addr, success); 3004 3005 memset(&cp, 0, sizeof(cp)); 3006 bacpy(&cp.bdaddr, bdaddr); 3007 3008 if (success) 3009 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 3010 OCF_USER_CONFIRM_REPLY, 3011 USER_CONFIRM_REPLY_CP_SIZE, &cp); 3012 else 3013 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 3014 OCF_USER_CONFIRM_NEG_REPLY, 3015 USER_CONFIRM_REPLY_CP_SIZE, &cp); 3016 3017 if (err < 0) 3018 err = -errno; 3019 3020 return err; 3021} 3022 3023static int hciops_passkey_reply(int index, bdaddr_t *bdaddr, uint32_t passkey) 3024{ 3025 struct dev_info *dev = &devs[index]; 3026 char addr[18]; 3027 int err; 3028 3029 ba2str(bdaddr, addr); 3030 DBG("hci%d dba %s", index, addr); 3031 3032 if (passkey != INVALID_PASSKEY) { 3033 user_passkey_reply_cp cp; 3034 3035 memset(&cp, 0, sizeof(cp)); 3036 bacpy(&cp.bdaddr, bdaddr); 3037 cp.passkey = passkey; 3038 3039 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 3040 OCF_USER_PASSKEY_REPLY, 3041 USER_PASSKEY_REPLY_CP_SIZE, &cp); 3042 } else 3043 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 3044 OCF_USER_PASSKEY_NEG_REPLY, 6, bdaddr); 3045 3046 if (err < 0) 3047 err = -errno; 3048 3049 return err; 3050} 3051 3052static int hciops_get_auth_info(int index, bdaddr_t *bdaddr, uint8_t *auth) 3053{ 3054 struct dev_info *dev = &devs[index]; 3055 struct hci_auth_info_req req; 3056 char addr[18]; 3057 3058 ba2str(bdaddr, addr); 3059 DBG("hci%d dba %s", index, addr); 3060 3061 memset(&req, 0, sizeof(req)); 3062 bacpy(&req.bdaddr, bdaddr); 3063 3064 if (ioctl(dev->sk, HCIGETAUTHINFO, (unsigned long) &req) < 0) 3065 return -errno; 3066 3067 if (auth) 3068 *auth = req.type; 3069 3070 return 0; 3071} 3072 3073static int hciops_read_scan_enable(int index) 3074{ 3075 struct dev_info *dev = &devs[index]; 3076 3077 DBG("hci%d", index); 3078 3079 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_READ_SCAN_ENABLE, 3080 0, NULL) < 0) 3081 return -errno; 3082 3083 return 0; 3084} 3085 3086static int hciops_enable_le(int index) 3087{ 3088 struct dev_info *dev = &devs[index]; 3089 write_le_host_supported_cp cp; 3090 3091 DBG("hci%d", index); 3092 3093 if (!(dev->features[4] & LMP_LE)) 3094 return -ENOTSUP; 3095 3096 cp.le = 0x01; 3097 cp.simul = (dev->features[6] & LMP_LE_BREDR) ? 0x01 : 0x00; 3098 3099 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 3100 OCF_WRITE_LE_HOST_SUPPORTED, 3101 WRITE_LE_HOST_SUPPORTED_CP_SIZE, &cp) < 0) 3102 return -errno; 3103 3104 return 0; 3105} 3106 3107static uint8_t generate_service_class(int index) 3108{ 3109 struct dev_info *dev = &devs[index]; 3110 GSList *l; 3111 uint8_t val = 0; 3112 3113 for (l = dev->uuids; l != NULL; l = g_slist_next(l)) { 3114 struct uuid_info *uuid = l->data; 3115 3116 val |= uuid->svc_hint; 3117 } 3118 3119 return val; 3120} 3121 3122static int update_service_classes(int index) 3123{ 3124 struct dev_info *dev = &devs[index]; 3125 uint8_t value; 3126 int err; 3127 3128 value = generate_service_class(index); 3129 3130 DBG("hci%d value %u", index, value); 3131 3132 /* Update only the service class, keep the limited bit, 3133 * major/minor class bits intact */ 3134 dev->wanted_cod &= 0x00ffff; 3135 dev->wanted_cod |= (value << 16); 3136 3137 /* If the cache is enabled or an existing CoD write is in progress 3138 * just bail out */ 3139 if (dev->cache_enable || dev->pending_cod) 3140 return 0; 3141 3142 /* If we already have the CoD we want, update EIR and return */ 3143 if (dev->current_cod == dev->wanted_cod) { 3144 update_ext_inquiry_response(index); 3145 return 0; 3146 } 3147 3148 DBG("Changing service classes to 0x%06x", dev->wanted_cod); 3149 3150 err = write_class(index, dev->wanted_cod); 3151 if (err < 0) 3152 error("Adapter class update failed: %s (%d)", 3153 strerror(-err), -err); 3154 3155 return err; 3156} 3157 3158static int hciops_add_uuid(int index, uuid_t *uuid, uint8_t svc_hint) 3159{ 3160 struct dev_info *dev = &devs[index]; 3161 struct uuid_info *info; 3162 3163 DBG("hci%d", index); 3164 3165 info = g_new0(struct uuid_info, 1); 3166 memcpy(&info->uuid, uuid, sizeof(*uuid)); 3167 info->svc_hint = svc_hint; 3168 3169 dev->uuids = g_slist_append(dev->uuids, info); 3170 3171 return update_service_classes(index); 3172} 3173 3174static int hciops_remove_uuid(int index, uuid_t *uuid) 3175{ 3176 struct dev_info *dev = &devs[index]; 3177 GSList *match; 3178 3179 match = g_slist_find_custom(dev->uuids, uuid, sdp_uuid_cmp); 3180 if (match) { 3181 g_free(match->data); 3182 dev->uuids = g_slist_delete_link(dev->uuids, match); 3183 } 3184 3185 DBG("hci%d", index); 3186 3187 return update_service_classes(index); 3188} 3189 3190static int hciops_disable_cod_cache(int index) 3191{ 3192 struct dev_info *dev = &devs[index]; 3193 3194 DBG("hci%d cache_enable %d", index, dev->cache_enable); 3195 3196 if (!dev->cache_enable) 3197 return 0; 3198 3199 DBG("hci%d current_cod 0x%06x wanted_cod 0x%06x", index, 3200 dev->current_cod, dev->wanted_cod); 3201 3202 /* Disable and flush svc cache. All successive service class 3203 * updates * will be written to the device */ 3204 dev->cache_enable = FALSE; 3205 3206 if (dev->current_cod == dev->wanted_cod) { 3207 update_ext_inquiry_response(index); 3208 return 0; 3209 } 3210 3211 return write_class(index, dev->wanted_cod); 3212} 3213 3214static int hciops_restore_powered(int index) 3215{ 3216 struct dev_info *dev = &devs[index]; 3217 3218 if (!dev->already_up && dev->up) 3219 return hciops_power_off(index); 3220 3221 return 0; 3222} 3223 3224static int hciops_load_keys(int index, GSList *keys, gboolean debug_keys) 3225{ 3226 struct dev_info *dev = &devs[index]; 3227 3228 DBG("hci%d keys %d debug_keys %d", index, g_slist_length(keys), 3229 debug_keys); 3230 3231 if (dev->keys != NULL) 3232 return -EEXIST; 3233 3234 dev->keys = keys; 3235 dev->debug_keys = debug_keys; 3236 3237 return 0; 3238} 3239 3240static struct btd_adapter_ops hci_ops = { 3241 .setup = hciops_setup, 3242 .cleanup = hciops_cleanup, 3243 .set_powered = hciops_set_powered, 3244 .set_discoverable = hciops_set_discoverable, 3245 .set_pairable = hciops_set_pairable, 3246 .set_limited_discoverable = hciops_set_limited_discoverable, 3247 .start_inquiry = hciops_start_inquiry, 3248 .stop_inquiry = hciops_stop_inquiry, 3249 .start_scanning = hciops_start_scanning, 3250 .stop_scanning = hciops_stop_scanning, 3251 .resolve_name = hciops_resolve_name, 3252 .cancel_resolve_name = hciops_cancel_resolve_name, 3253 .set_name = hciops_set_name, 3254 .set_dev_class = hciops_set_dev_class, 3255 .set_fast_connectable = hciops_fast_connectable, 3256 .read_clock = hciops_read_clock, 3257 .read_bdaddr = hciops_read_bdaddr, 3258 .block_device = hciops_block_device, 3259 .unblock_device = hciops_unblock_device, 3260 .get_conn_list = hciops_get_conn_list, 3261 .read_local_version = hciops_read_local_version, 3262 .read_local_features = hciops_read_local_features, 3263 .disconnect = hciops_disconnect, 3264 .remove_bonding = hciops_remove_bonding, 3265 .request_authentication = hciops_request_authentication, 3266 .pincode_reply = hciops_pincode_reply, 3267 .confirm_reply = hciops_confirm_reply, 3268 .passkey_reply = hciops_passkey_reply, 3269 .get_auth_info = hciops_get_auth_info, 3270 .read_scan_enable = hciops_read_scan_enable, 3271 .enable_le = hciops_enable_le, 3272 .encrypt_link = hciops_encrypt_link, 3273 .set_did = hciops_set_did, 3274 .add_uuid = hciops_add_uuid, 3275 .remove_uuid = hciops_remove_uuid, 3276 .disable_cod_cache = hciops_disable_cod_cache, 3277 .restore_powered = hciops_restore_powered, 3278 .load_keys = hciops_load_keys, 3279}; 3280 3281static int hciops_init(void) 3282{ 3283 DBG(""); 3284 return btd_register_adapter_ops(&hci_ops, FALSE); 3285} 3286 3287static void hciops_exit(void) 3288{ 3289 DBG(""); 3290 btd_adapter_cleanup_ops(&hci_ops); 3291} 3292 3293BLUETOOTH_PLUGIN_DEFINE(hciops, VERSION, 3294 BLUETOOTH_PLUGIN_PRIORITY_LOW, hciops_init, hciops_exit) 3295