hciops.c revision cef88385008d999c515366ebe6c01e3f6967fb61
1/* 2 * 3 * BlueZ - Bluetooth protocol stack for Linux 4 * 5 * Copyright (C) 2004-2010 Marcel Holtmann <marcel@holtmann.org> 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 20 * 21 */ 22 23#ifdef HAVE_CONFIG_H 24#include <config.h> 25#endif 26 27#include <stdio.h> 28#include <errno.h> 29#include <unistd.h> 30#include <stdlib.h> 31#include <sys/types.h> 32#include <sys/ioctl.h> 33#include <sys/wait.h> 34 35#include <bluetooth/bluetooth.h> 36#include <bluetooth/hci.h> 37#include <bluetooth/hci_lib.h> 38#include <bluetooth/sdp.h> 39#include <bluetooth/sdp_lib.h> 40 41#include <glib.h> 42 43#include "hcid.h" 44#include "sdpd.h" 45#include "btio.h" 46#include "adapter.h" 47#include "device.h" 48#include "plugin.h" 49#include "log.h" 50#include "storage.h" 51#include "event.h" 52#include "manager.h" 53#include "oob.h" 54 55static int child_pipe[2] = { -1, -1 }; 56 57static guint child_io_id = 0; 58static guint ctl_io_id = 0; 59 60/* Commands sent by kernel on starting an adapter */ 61enum { 62 PENDING_BDADDR, 63 PENDING_VERSION, 64 PENDING_FEATURES, 65 PENDING_NAME, 66}; 67 68struct uuid_info { 69 uuid_t uuid; 70 uint8_t svc_hint; 71}; 72 73struct bt_conn { 74 struct dev_info *dev; 75 bdaddr_t bdaddr; 76 uint16_t handle; 77 uint8_t loc_cap; 78 uint8_t loc_auth; 79 uint8_t rem_cap; 80 uint8_t rem_auth; 81 uint8_t rem_oob_data; 82 gboolean bonding_initiator; 83 gboolean secmode3; 84 GIOChannel *io; /* For raw L2CAP socket (bonding) */ 85}; 86 87struct oob_data { 88 bdaddr_t bdaddr; 89 uint8_t hash[16]; 90 uint8_t randomizer[16]; 91}; 92 93static int max_dev = -1; 94static struct dev_info { 95 int id; 96 int sk; 97 bdaddr_t bdaddr; 98 char name[249]; 99 uint8_t eir[HCI_MAX_EIR_LENGTH]; 100 uint8_t features[8]; 101 uint8_t ssp_mode; 102 103 int8_t tx_power; 104 105 uint32_t current_cod; 106 uint32_t wanted_cod; 107 uint32_t pending_cod; 108 gboolean cache_enable; 109 gboolean already_up; 110 gboolean registered; 111 gboolean pairable; 112 113 uint8_t io_capability; 114 115 struct hci_version ver; 116 117 uint16_t did_vendor; 118 uint16_t did_product; 119 uint16_t did_version; 120 121 gboolean up; 122 uint32_t pending; 123 124 GIOChannel *io; 125 guint watch_id; 126 127 gboolean debug_keys; 128 GSList *keys; 129 uint8_t pin_length; 130 131 GSList *oob_data; 132 133 GSList *uuids; 134 135 GSList *connections; 136} *devs = NULL; 137 138static int ignore_device(struct hci_dev_info *di) 139{ 140 return hci_test_bit(HCI_RAW, &di->flags) || di->type >> 4 != HCI_BREDR; 141} 142 143static struct dev_info *init_dev_info(int index, int sk, gboolean registered, 144 gboolean already_up) 145{ 146 struct dev_info *dev = &devs[index]; 147 148 memset(dev, 0, sizeof(*dev)); 149 150 dev->id = index; 151 dev->sk = sk; 152 dev->cache_enable = TRUE; 153 dev->registered = registered; 154 dev->already_up = already_up; 155 dev->io_capability = 0x03; /* No Input No Output */ 156 157 return dev; 158} 159 160/* Async HCI command handling with callback support */ 161 162struct hci_cmd_data { 163 bt_hci_result_t cb; 164 uint16_t handle; 165 uint16_t ocf; 166 gpointer caller_data; 167}; 168 169static gboolean hci_event_watch(GIOChannel *io, 170 GIOCondition cond, gpointer user_data) 171{ 172 unsigned char buf[HCI_MAX_EVENT_SIZE], *body; 173 struct hci_cmd_data *cmd = user_data; 174 evt_cmd_status *evt_status; 175 evt_auth_complete *evt_auth; 176 evt_encrypt_change *evt_enc; 177 hci_event_hdr *hdr; 178 set_conn_encrypt_cp cp; 179 int dd; 180 uint16_t ocf; 181 uint8_t status = HCI_OE_POWER_OFF; 182 183 if (cond & G_IO_NVAL) { 184 cmd->cb(status, cmd->caller_data); 185 return FALSE; 186 } 187 188 if (cond & (G_IO_ERR | G_IO_HUP)) 189 goto failed; 190 191 dd = g_io_channel_unix_get_fd(io); 192 193 if (read(dd, buf, sizeof(buf)) < 0) 194 goto failed; 195 196 hdr = (hci_event_hdr *) (buf + 1); 197 body = buf + (1 + HCI_EVENT_HDR_SIZE); 198 199 switch (hdr->evt) { 200 case EVT_CMD_STATUS: 201 evt_status = (evt_cmd_status *) body; 202 ocf = cmd_opcode_ocf(evt_status->opcode); 203 if (ocf != cmd->ocf) 204 return TRUE; 205 switch (ocf) { 206 case OCF_AUTH_REQUESTED: 207 case OCF_SET_CONN_ENCRYPT: 208 if (evt_status->status != 0) { 209 /* Baseband rejected command */ 210 status = evt_status->status; 211 goto failed; 212 } 213 break; 214 default: 215 return TRUE; 216 } 217 /* Wait for the next event */ 218 return TRUE; 219 case EVT_AUTH_COMPLETE: 220 evt_auth = (evt_auth_complete *) body; 221 if (evt_auth->handle != cmd->handle) { 222 /* Skipping */ 223 return TRUE; 224 } 225 226 if (evt_auth->status != 0x00) { 227 status = evt_auth->status; 228 /* Abort encryption */ 229 goto failed; 230 } 231 232 memset(&cp, 0, sizeof(cp)); 233 cp.handle = cmd->handle; 234 cp.encrypt = 1; 235 236 cmd->ocf = OCF_SET_CONN_ENCRYPT; 237 238 if (hci_send_cmd(dd, OGF_LINK_CTL, OCF_SET_CONN_ENCRYPT, 239 SET_CONN_ENCRYPT_CP_SIZE, &cp) < 0) { 240 status = HCI_COMMAND_DISALLOWED; 241 goto failed; 242 } 243 /* Wait for encrypt change event */ 244 return TRUE; 245 case EVT_ENCRYPT_CHANGE: 246 evt_enc = (evt_encrypt_change *) body; 247 if (evt_enc->handle != cmd->handle) 248 return TRUE; 249 250 /* Procedure finished: reporting status */ 251 status = evt_enc->status; 252 break; 253 default: 254 /* Skipping */ 255 return TRUE; 256 } 257 258failed: 259 cmd->cb(status, cmd->caller_data); 260 g_io_channel_shutdown(io, TRUE, NULL); 261 262 return FALSE; 263} 264 265static int write_inq_mode(int index, uint8_t mode) 266{ 267 struct dev_info *dev = &devs[index]; 268 write_inquiry_mode_cp cp; 269 270 memset(&cp, 0, sizeof(cp)); 271 cp.mode = mode; 272 273 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_INQUIRY_MODE, 274 WRITE_INQUIRY_MODE_CP_SIZE, &cp) < 0) 275 return -errno; 276 277 return 0; 278} 279 280static uint8_t get_inquiry_mode(int index) 281{ 282 struct dev_info *dev = &devs[index]; 283 284 if (dev->features[6] & LMP_EXT_INQ) 285 return 2; 286 287 if (dev->features[3] & LMP_RSSI_INQ) 288 return 1; 289 290 if (dev->ver.manufacturer == 11 && dev->ver.hci_rev == 0x00 && 291 dev->ver.lmp_subver == 0x0757) 292 return 1; 293 294 if (dev->ver.manufacturer == 15) { 295 if (dev->ver.hci_rev == 0x03 && 296 dev->ver.lmp_subver == 0x6963) 297 return 1; 298 if (dev->ver.hci_rev == 0x09 && 299 dev->ver.lmp_subver == 0x6963) 300 return 1; 301 if (dev->ver.hci_rev == 0x00 && 302 dev->ver.lmp_subver == 0x6965) 303 return 1; 304 } 305 306 if (dev->ver.manufacturer == 31 && dev->ver.hci_rev == 0x2005 && 307 dev->ver.lmp_subver == 0x1805) 308 return 1; 309 310 return 0; 311} 312 313static int init_ssp_mode(int index) 314{ 315 struct dev_info *dev = &devs[index]; 316 write_simple_pairing_mode_cp cp; 317 318 if (ioctl(dev->sk, HCIGETAUTHINFO, NULL) < 0 && errno == EINVAL) 319 return 0; 320 321 memset(&cp, 0, sizeof(cp)); 322 cp.mode = 0x01; 323 324 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 325 OCF_WRITE_SIMPLE_PAIRING_MODE, 326 WRITE_SIMPLE_PAIRING_MODE_CP_SIZE, &cp) < 0) 327 return -errno; 328 329 return 0; 330} 331 332static int hciops_set_discoverable(int index, gboolean discoverable) 333{ 334 struct dev_info *dev = &devs[index]; 335 uint8_t mode; 336 337 if (discoverable) 338 mode = (SCAN_PAGE | SCAN_INQUIRY); 339 else 340 mode = SCAN_PAGE; 341 342 DBG("hci%d discoverable %d", index, discoverable); 343 344 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE, 345 1, &mode) < 0) 346 return -errno; 347 348 return 0; 349} 350 351static int hciops_set_pairable(int index, gboolean pairable) 352{ 353 struct btd_adapter *adapter; 354 355 DBG("hci%d pairable %d", index, pairable); 356 357 adapter = manager_find_adapter(&devs[index].bdaddr); 358 if (adapter) 359 btd_adapter_pairable_changed(adapter, pairable); 360 361 devs[index].pairable = pairable; 362 363 return 0; 364} 365 366static int hciops_power_off(int index) 367{ 368 struct dev_info *dev = &devs[index]; 369 370 DBG("hci%d", index); 371 372 if (ioctl(dev->sk, HCIDEVDOWN, index) < 0 && errno != EALREADY) 373 return -errno; 374 375 return 0; 376} 377 378static void set_event_mask(int index) 379{ 380 struct dev_info *dev = &devs[index]; 381 /* The second byte is 0xff instead of 0x9f (two reserved bits 382 * disabled) since a Broadcom 1.2 dongle doesn't respond to the 383 * command otherwise */ 384 uint8_t events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 }; 385 386 /* Events for 1.2 and newer controllers */ 387 if (dev->ver.lmp_ver > 1) { 388 events[4] |= 0x01; /* Flow Specification Complete */ 389 events[4] |= 0x02; /* Inquiry Result with RSSI */ 390 events[4] |= 0x04; /* Read Remote Extended Features Complete */ 391 events[5] |= 0x08; /* Synchronous Connection Complete */ 392 events[5] |= 0x10; /* Synchronous Connection Changed */ 393 } 394 395 if (dev->features[3] & LMP_RSSI_INQ) 396 events[4] |= 0x04; /* Inquiry Result with RSSI */ 397 398 if (dev->features[5] & LMP_SNIFF_SUBR) 399 events[5] |= 0x20; /* Sniff Subrating */ 400 401 if (dev->features[5] & LMP_PAUSE_ENC) 402 events[5] |= 0x80; /* Encryption Key Refresh Complete */ 403 404 if (dev->features[6] & LMP_EXT_INQ) 405 events[5] |= 0x40; /* Extended Inquiry Result */ 406 407 if (dev->features[6] & LMP_NFLUSH_PKTS) 408 events[7] |= 0x01; /* Enhanced Flush Complete */ 409 410 if (dev->features[7] & LMP_LSTO) 411 events[6] |= 0x80; /* Link Supervision Timeout Changed */ 412 413 if (dev->features[6] & LMP_SIMPLE_PAIR) { 414 events[6] |= 0x01; /* IO Capability Request */ 415 events[6] |= 0x02; /* IO Capability Response */ 416 events[6] |= 0x04; /* User Confirmation Request */ 417 events[6] |= 0x08; /* User Passkey Request */ 418 events[6] |= 0x10; /* Remote OOB Data Request */ 419 events[6] |= 0x20; /* Simple Pairing Complete */ 420 events[7] |= 0x04; /* User Passkey Notification */ 421 events[7] |= 0x08; /* Keypress Notification */ 422 events[7] |= 0x10; /* Remote Host Supported 423 * Features Notification */ 424 } 425 426 if (dev->features[4] & LMP_LE) 427 events[7] |= 0x20; /* LE Meta-Event */ 428 429 hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_SET_EVENT_MASK, 430 sizeof(events), events); 431} 432 433static void start_adapter(int index) 434{ 435 struct dev_info *dev = &devs[index]; 436 uint8_t inqmode; 437 uint16_t link_policy; 438 439 set_event_mask(index); 440 441 if (dev->features[6] & LMP_SIMPLE_PAIR) 442 init_ssp_mode(index); 443 444 inqmode = get_inquiry_mode(index); 445 if (inqmode) 446 write_inq_mode(index, inqmode); 447 448 if (dev->features[7] & LMP_INQ_TX_PWR) 449 hci_send_cmd(dev->sk, OGF_HOST_CTL, 450 OCF_READ_INQ_RESPONSE_TX_POWER_LEVEL, 0, NULL); 451 452 /* Set default link policy */ 453 link_policy = main_opts.link_policy; 454 455 if (!(dev->features[0] & LMP_RSWITCH)) 456 link_policy &= ~HCI_LP_RSWITCH; 457 if (!(dev->features[0] & LMP_HOLD)) 458 link_policy &= ~HCI_LP_HOLD; 459 if (!(dev->features[0] & LMP_SNIFF)) 460 link_policy &= ~HCI_LP_SNIFF; 461 if (!(dev->features[1] & LMP_PARK)) 462 link_policy &= ~HCI_LP_PARK; 463 464 link_policy = htobs(link_policy); 465 hci_send_cmd(dev->sk, OGF_LINK_POLICY, OCF_WRITE_DEFAULT_LINK_POLICY, 466 sizeof(link_policy), &link_policy); 467 468 dev->current_cod = 0; 469 memset(dev->eir, 0, sizeof(dev->eir)); 470} 471 472static int hciops_stop_inquiry(int index) 473{ 474 struct dev_info *dev = &devs[index]; 475 struct hci_dev_info di; 476 int err; 477 478 DBG("hci%d", index); 479 480 if (hci_devinfo(index, &di) < 0) 481 return -errno; 482 483 if (hci_test_bit(HCI_INQUIRY, &di.flags)) 484 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 485 OCF_INQUIRY_CANCEL, 0, 0); 486 else 487 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 488 OCF_EXIT_PERIODIC_INQUIRY, 0, 0); 489 if (err < 0) 490 err = -errno; 491 492 return err; 493} 494 495static gboolean init_adapter(int index) 496{ 497 struct dev_info *dev = &devs[index]; 498 struct btd_adapter *adapter = NULL; 499 gboolean existing_adapter = dev->registered; 500 uint8_t mode, on_mode; 501 gboolean pairable, discoverable; 502 503 if (!dev->registered) { 504 adapter = btd_manager_register_adapter(index); 505 if (adapter) 506 dev->registered = TRUE; 507 } else { 508 adapter = manager_find_adapter(&dev->bdaddr); 509 /* FIXME: manager_find_adapter should return a new ref */ 510 btd_adapter_ref(adapter); 511 } 512 513 if (adapter == NULL) 514 return FALSE; 515 516 btd_adapter_get_mode(adapter, &mode, &on_mode, &pairable); 517 518 if (existing_adapter) 519 mode = on_mode; 520 521 if (mode == MODE_OFF) { 522 hciops_power_off(index); 523 goto done; 524 } 525 526 start_adapter(index); 527 btd_adapter_start(adapter); 528 529 discoverable = (mode == MODE_DISCOVERABLE); 530 531 hciops_set_discoverable(index, discoverable); 532 hciops_set_pairable(index, pairable); 533 534 if (dev->already_up) 535 hciops_stop_inquiry(index); 536 537done: 538 btd_adapter_unref(adapter); 539 return TRUE; 540} 541 542static int hciops_encrypt_link(int index, bdaddr_t *dst, bt_hci_result_t cb, 543 gpointer user_data) 544{ 545 GIOChannel *io; 546 struct hci_cmd_data *cmd; 547 struct hci_conn_info_req *cr; 548 auth_requested_cp cp; 549 struct hci_filter nf; 550 int dd, err; 551 uint32_t link_mode; 552 uint16_t handle; 553 554 dd = hci_open_dev(index); 555 if (dd < 0) 556 return -errno; 557 558 cr = g_malloc0(sizeof(*cr) + sizeof(struct hci_conn_info)); 559 cr->type = ACL_LINK; 560 bacpy(&cr->bdaddr, dst); 561 562 err = ioctl(dd, HCIGETCONNINFO, cr); 563 link_mode = cr->conn_info->link_mode; 564 handle = cr->conn_info->handle; 565 g_free(cr); 566 567 if (err < 0) { 568 err = -errno; 569 goto fail; 570 } 571 572 if (link_mode & HCI_LM_ENCRYPT) { 573 err = -EALREADY; 574 goto fail; 575 } 576 577 memset(&cp, 0, sizeof(cp)); 578 cp.handle = htobs(handle); 579 580 if (hci_send_cmd(dd, OGF_LINK_CTL, OCF_AUTH_REQUESTED, 581 AUTH_REQUESTED_CP_SIZE, &cp) < 0) { 582 err = -errno; 583 goto fail; 584 } 585 586 cmd = g_new0(struct hci_cmd_data, 1); 587 cmd->handle = handle; 588 cmd->ocf = OCF_AUTH_REQUESTED; 589 cmd->cb = cb; 590 cmd->caller_data = user_data; 591 592 hci_filter_clear(&nf); 593 hci_filter_set_ptype(HCI_EVENT_PKT, &nf); 594 hci_filter_set_event(EVT_CMD_STATUS, &nf); 595 hci_filter_set_event(EVT_AUTH_COMPLETE, &nf); 596 hci_filter_set_event(EVT_ENCRYPT_CHANGE, &nf); 597 598 if (setsockopt(dd, SOL_HCI, HCI_FILTER, &nf, sizeof(nf)) < 0) { 599 err = -errno; 600 g_free(cmd); 601 goto fail; 602 } 603 604 io = g_io_channel_unix_new(dd); 605 g_io_channel_set_close_on_unref(io, FALSE); 606 g_io_add_watch_full(io, G_PRIORITY_DEFAULT, 607 G_IO_HUP | G_IO_ERR | G_IO_NVAL | G_IO_IN, 608 hci_event_watch, cmd, g_free); 609 g_io_channel_unref(io); 610 611 return 0; 612 613fail: 614 close(dd); 615 return err; 616} 617 618static int hciops_set_did(int index, uint16_t vendor, uint16_t product, 619 uint16_t version) 620{ 621 struct dev_info *dev = &devs[index]; 622 623 dev->did_vendor = vendor; 624 dev->did_product = product; 625 dev->did_version = version; 626 627 return 0; 628} 629 630/* End async HCI command handling */ 631 632/* Start of HCI event callbacks */ 633 634static gint conn_handle_cmp(gconstpointer a, gconstpointer b) 635{ 636 const struct bt_conn *conn = a; 637 uint16_t handle = *((const uint16_t *) b); 638 639 return (int) conn->handle - (int) handle; 640} 641 642static struct bt_conn *find_conn_by_handle(struct dev_info *dev, 643 uint16_t handle) 644{ 645 GSList *match; 646 647 match = g_slist_find_custom(dev->connections, &handle, 648 conn_handle_cmp); 649 if (match) 650 return match->data; 651 652 return NULL; 653} 654 655static gint conn_bdaddr_cmp(gconstpointer a, gconstpointer b) 656{ 657 const struct bt_conn *conn = a; 658 const bdaddr_t *bdaddr = b; 659 660 return bacmp(&conn->bdaddr, bdaddr); 661} 662 663static struct bt_conn *find_connection(struct dev_info *dev, bdaddr_t *bdaddr) 664{ 665 GSList *match; 666 667 match = g_slist_find_custom(dev->connections, bdaddr, conn_bdaddr_cmp); 668 if (match) 669 return match->data; 670 671 return NULL; 672} 673 674static struct bt_conn *get_connection(struct dev_info *dev, bdaddr_t *bdaddr) 675{ 676 struct bt_conn *conn; 677 678 conn = find_connection(dev, bdaddr); 679 if (conn) 680 return conn; 681 682 conn = g_new0(struct bt_conn, 1); 683 684 conn->dev = dev; 685 conn->loc_cap = dev->io_capability; 686 conn->loc_auth = 0xff; 687 conn->rem_auth = 0xff; 688 bacpy(&conn->bdaddr, bdaddr); 689 690 dev->connections = g_slist_append(dev->connections, conn); 691 692 return conn; 693} 694 695static int get_handle(int index, bdaddr_t *bdaddr, uint16_t *handle) 696{ 697 struct dev_info *dev = &devs[index]; 698 struct bt_conn *conn; 699 char addr[18]; 700 701 ba2str(bdaddr, addr); 702 DBG("hci%d dba %s", index, addr); 703 704 conn = find_connection(dev, bdaddr); 705 if (conn == NULL) 706 return -ENOENT; 707 708 *handle = conn->handle; 709 710 return 0; 711} 712 713static int disconnect_addr(int index, bdaddr_t *dba, uint8_t reason) 714{ 715 disconnect_cp cp; 716 uint16_t handle; 717 int err; 718 719 err = get_handle(index, dba, &handle); 720 if (err < 0) 721 return err; 722 723 memset(&cp, 0, sizeof(cp)); 724 cp.handle = htobs(handle); 725 cp.reason = reason; 726 727 if (hci_send_cmd(devs[index].sk, OGF_LINK_CTL, OCF_DISCONNECT, 728 DISCONNECT_CP_SIZE, &cp) < 0) 729 return -errno; 730 731 return 0; 732} 733 734static void bonding_complete(struct dev_info *dev, struct bt_conn *conn, 735 uint8_t status) 736{ 737 DBG("status 0x%02x", status); 738 739 if (conn->io != NULL) { 740 /* bonding_connect_cb takes care of the successul case */ 741 if (status != 0) 742 g_io_channel_shutdown(conn->io, TRUE, NULL); 743 g_io_channel_unref(conn->io); 744 conn->io = NULL; 745 } 746 747 conn->bonding_initiator = FALSE; 748 749 btd_event_bonding_complete(&dev->bdaddr, &conn->bdaddr, status); 750} 751 752static int get_auth_info(int index, bdaddr_t *bdaddr, uint8_t *auth) 753{ 754 struct dev_info *dev = &devs[index]; 755 struct hci_auth_info_req req; 756 char addr[18]; 757 758 ba2str(bdaddr, addr); 759 DBG("hci%d dba %s", index, addr); 760 761 memset(&req, 0, sizeof(req)); 762 bacpy(&req.bdaddr, bdaddr); 763 764 if (ioctl(dev->sk, HCIGETAUTHINFO, (unsigned long) &req) < 0) 765 return -errno; 766 767 if (auth) 768 *auth = req.type; 769 770 return 0; 771} 772 773/* Link Key handling */ 774 775static void link_key_request(int index, bdaddr_t *dba) 776{ 777 struct dev_info *dev = &devs[index]; 778 struct link_key_info *key_info; 779 struct bt_conn *conn; 780 GSList *match; 781 char da[18]; 782 783 ba2str(dba, da); 784 DBG("hci%d dba %s", index, da); 785 786 conn = get_connection(dev, dba); 787 if (conn->handle == 0) 788 conn->secmode3 = TRUE; 789 790 get_auth_info(index, dba, &conn->loc_auth); 791 792 DBG("kernel auth requirements = 0x%02x", conn->loc_auth); 793 794 match = g_slist_find_custom(dev->keys, dba, (GCompareFunc) bacmp); 795 if (match) 796 key_info = match->data; 797 else 798 key_info = NULL; 799 800 DBG("Matching key %s", key_info ? "found" : "not found"); 801 802 if (key_info == NULL || (!dev->debug_keys && key_info->type == 0x03)) { 803 /* Link key not found */ 804 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_LINK_KEY_NEG_REPLY, 805 6, dba); 806 return; 807 } 808 809 /* Link key found */ 810 811 DBG("link key type 0x%02x", key_info->type); 812 813 /* Don't use unauthenticated combination keys if MITM is 814 * required */ 815 if (key_info->type == 0x04 && conn->loc_auth != 0xff && 816 (conn->loc_auth & 0x01)) 817 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_LINK_KEY_NEG_REPLY, 818 6, dba); 819 else { 820 link_key_reply_cp lr; 821 822 memcpy(lr.link_key, key_info->key, 16); 823 bacpy(&lr.bdaddr, dba); 824 825 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_LINK_KEY_REPLY, 826 LINK_KEY_REPLY_CP_SIZE, &lr); 827 } 828} 829 830static void link_key_notify(int index, void *ptr) 831{ 832 struct dev_info *dev = &devs[index]; 833 evt_link_key_notify *evt = ptr; 834 bdaddr_t *dba = &evt->bdaddr; 835 struct link_key_info *key_info; 836 uint8_t old_key_type, key_type; 837 struct bt_conn *conn; 838 GSList *match; 839 char da[18]; 840 uint8_t status = 0; 841 842 ba2str(dba, da); 843 DBG("hci%d dba %s type %d", index, da, evt->key_type); 844 845 conn = get_connection(dev, &evt->bdaddr); 846 847 match = g_slist_find_custom(dev->keys, dba, (GCompareFunc) bacmp); 848 if (match) 849 key_info = match->data; 850 else 851 key_info = NULL; 852 853 if (key_info == NULL) { 854 key_info = g_new0(struct link_key_info, 1); 855 bacpy(&key_info->bdaddr, &evt->bdaddr); 856 old_key_type = 0xff; 857 } else { 858 dev->keys = g_slist_remove(dev->keys, key_info); 859 old_key_type = key_info->type; 860 } 861 862 memcpy(key_info->key, evt->link_key, sizeof(evt->link_key)); 863 key_info->type = evt->key_type; 864 key_info->pin_len = dev->pin_length; 865 866 key_type = evt->key_type; 867 868 DBG("key type 0x%02x old key type 0x%02x", key_type, old_key_type); 869 DBG("local auth 0x%02x and remote auth 0x%02x", 870 conn->loc_auth, conn->rem_auth); 871 872 if (key_type == 0x06) { 873 /* Some buggy controller combinations generate a changed 874 * combination key for legacy pairing even when there's no 875 * previous key */ 876 if ((!conn || conn->rem_auth == 0xff) && old_key_type == 0xff) 877 key_type = 0x00; 878 else if (old_key_type != 0xff) 879 key_type = old_key_type; 880 else 881 /* This is Changed Combination Link Key for 882 * a temporary link key.*/ 883 goto done; 884 } 885 886 key_info->type = key_type; 887 888 /* Skip the storage check if this is a debug key */ 889 if (key_type == 0x03) 890 goto done; 891 892 /* Store the link key persistently if one of the following is true: 893 * 1. this is a legacy link key 894 * 2. this is a changed combination key and there was a previously 895 * stored one 896 * 3. neither local nor remote side had no-bonding as a requirement 897 * 4. the local side had dedicated bonding as a requirement 898 * 5. the remote side is using dedicated bonding since in that case 899 * also the local requirements are set to dedicated bonding 900 * If none of the above match only keep the link key around for 901 * this connection and set the temporary flag for the device. 902 */ 903 if (key_type < 0x03 || (key_type == 0x06 && old_key_type != 0xff) || 904 (conn->loc_auth > 0x01 && conn->rem_auth > 0x01) || 905 (conn->loc_auth == 0x02 || conn->loc_auth == 0x03) || 906 (conn->rem_auth == 0x02 || conn->rem_auth == 0x03)) { 907 int err; 908 909 err = btd_event_link_key_notify(&dev->bdaddr, dba, 910 evt->link_key, key_type, 911 dev->pin_length); 912 913 if (err == -ENODEV) 914 status = HCI_OE_LOW_RESOURCES; 915 else if (err < 0) 916 status = HCI_MEMORY_FULL; 917 918 goto done; 919 } 920 921done: 922 dev->pin_length = 0; 923 924 if (status != 0) { 925 g_free(key_info); 926 bonding_complete(dev, conn, status); 927 disconnect_addr(index, dba, status); 928 return; 929 } 930 931 dev->keys = g_slist_prepend(dev->keys, key_info); 932 933 /* If we're connected and not dedicated bonding initiators we're 934 * done with the bonding process */ 935 if (!conn->bonding_initiator && conn->handle != 0) 936 bonding_complete(dev, conn, 0); 937} 938 939static void return_link_keys(int index, void *ptr) 940{ 941 struct dev_info *dev = &devs[index]; 942 evt_return_link_keys *evt = ptr; 943 uint8_t num = evt->num_keys; 944 unsigned char key[16]; 945 char da[18]; 946 bdaddr_t dba; 947 int i; 948 949 DBG("hci%d num_keys %u", index, num); 950 951 ptr++; 952 953 for (i = 0; i < num; i++) { 954 bacpy(&dba, ptr); ba2str(&dba, da); 955 memcpy(key, ptr + 6, 16); 956 957 DBG("hci%d returned key for %s", index, da); 958 959 btd_event_returned_link_key(&dev->bdaddr, &dba); 960 961 ptr += 22; 962 } 963} 964 965/* Simple Pairing handling */ 966 967static int hciops_confirm_reply(int index, bdaddr_t *bdaddr, gboolean success) 968{ 969 struct dev_info *dev = &devs[index]; 970 user_confirm_reply_cp cp; 971 char addr[18]; 972 int err; 973 974 ba2str(bdaddr, addr); 975 DBG("hci%d dba %s success %d", index, addr, success); 976 977 memset(&cp, 0, sizeof(cp)); 978 bacpy(&cp.bdaddr, bdaddr); 979 980 if (success) 981 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 982 OCF_USER_CONFIRM_REPLY, 983 USER_CONFIRM_REPLY_CP_SIZE, &cp); 984 else 985 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 986 OCF_USER_CONFIRM_NEG_REPLY, 987 USER_CONFIRM_REPLY_CP_SIZE, &cp); 988 989 if (err < 0) 990 err = -errno; 991 992 return err; 993} 994 995static void user_confirm_request(int index, void *ptr) 996{ 997 struct dev_info *dev = &devs[index]; 998 evt_user_confirm_request *req = ptr; 999 gboolean loc_mitm, rem_mitm; 1000 struct bt_conn *conn; 1001 1002 DBG("hci%d", index); 1003 1004 conn = find_connection(dev, &req->bdaddr); 1005 if (conn == NULL) 1006 return; 1007 1008 loc_mitm = (conn->loc_auth & 0x01) ? TRUE : FALSE; 1009 rem_mitm = (conn->rem_auth & 0x01) ? TRUE : FALSE; 1010 1011 /* If we require MITM but the remote device can't provide that 1012 * (it has NoInputNoOutput) then reject the confirmation 1013 * request. The only exception is when we're dedicated bonding 1014 * initiators since then we always have the MITM bit set. */ 1015 if (!conn->bonding_initiator && loc_mitm && conn->rem_cap == 0x03) { 1016 error("Rejecting request: remote device can't provide MITM"); 1017 goto fail; 1018 } 1019 1020 /* If no side requires MITM protection; auto-accept */ 1021 if ((conn->loc_auth == 0xff || !loc_mitm || conn->rem_cap == 0x03) && 1022 (!rem_mitm || conn->loc_cap == 0x03)) { 1023 DBG("auto accept of confirmation"); 1024 1025 /* Wait 5 milliseconds before doing auto-accept */ 1026 usleep(5000); 1027 1028 if (hciops_confirm_reply(index, &req->bdaddr, TRUE) < 0) 1029 goto fail; 1030 1031 return; 1032 } 1033 1034 if (btd_event_user_confirm(&dev->bdaddr, &req->bdaddr, 1035 btohl(req->passkey)) == 0) 1036 return; 1037 1038fail: 1039 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_USER_CONFIRM_NEG_REPLY, 1040 6, ptr); 1041} 1042 1043static void user_passkey_request(int index, void *ptr) 1044{ 1045 struct dev_info *dev = &devs[index]; 1046 evt_user_passkey_request *req = ptr; 1047 1048 DBG("hci%d", index); 1049 1050 if (btd_event_user_passkey(&dev->bdaddr, &req->bdaddr) < 0) 1051 hci_send_cmd(dev->sk, OGF_LINK_CTL, 1052 OCF_USER_PASSKEY_NEG_REPLY, 6, ptr); 1053} 1054 1055static void user_passkey_notify(int index, void *ptr) 1056{ 1057 struct dev_info *dev = &devs[index]; 1058 evt_user_passkey_notify *req = ptr; 1059 1060 DBG("hci%d", index); 1061 1062 btd_event_user_notify(&dev->bdaddr, &req->bdaddr, 1063 btohl(req->passkey)); 1064} 1065 1066static gint oob_bdaddr_cmp(gconstpointer a, gconstpointer b) 1067{ 1068 const struct oob_data *data = a; 1069 const bdaddr_t *bdaddr = b; 1070 1071 return bacmp(&data->bdaddr, bdaddr); 1072} 1073 1074static void remote_oob_data_request(int index, bdaddr_t *bdaddr) 1075{ 1076 struct dev_info *dev = &devs[index]; 1077 GSList *match; 1078 1079 DBG("hci%d", index); 1080 1081 match = g_slist_find_custom(dev->oob_data, bdaddr, oob_bdaddr_cmp); 1082 1083 if (match) { 1084 struct oob_data *data; 1085 remote_oob_data_reply_cp cp; 1086 1087 data = match->data; 1088 1089 bacpy(&cp.bdaddr, &data->bdaddr); 1090 memcpy(cp.hash, data->hash, sizeof(cp.hash)); 1091 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer)); 1092 1093 dev->oob_data = g_slist_delete_link(dev->oob_data, match); 1094 1095 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_REMOTE_OOB_DATA_REPLY, 1096 REMOTE_OOB_DATA_REPLY_CP_SIZE, &cp); 1097 1098 } else { 1099 hci_send_cmd(dev->sk, OGF_LINK_CTL, 1100 OCF_REMOTE_OOB_DATA_NEG_REPLY, 6, bdaddr); 1101 } 1102} 1103 1104static int get_io_cap(int index, bdaddr_t *bdaddr, uint8_t *cap, uint8_t *auth) 1105{ 1106 struct dev_info *dev = &devs[index]; 1107 struct bt_conn *conn; 1108 int err; 1109 1110 conn = find_connection(dev, bdaddr); 1111 if (conn == NULL) 1112 return -ENOENT; 1113 1114 err = get_auth_info(index, bdaddr, &conn->loc_auth); 1115 if (err < 0) 1116 return err; 1117 1118 DBG("initial authentication requirement is 0x%02x", conn->loc_auth); 1119 1120 if (!dev->pairable && !conn->bonding_initiator) { 1121 if (conn->rem_auth < 0x02) { 1122 DBG("Allowing no bonding in non-bondable mode"); 1123 /* Kernel defaults to general bonding and so 1124 * overwrite for this special case. Otherwise 1125 * non-pairable test cases will fail. */ 1126 conn->loc_auth = conn->rem_auth; 1127 goto done; 1128 } 1129 1130 return -EPERM; 1131 } 1132 1133 /* If the kernel doesn't know the local requirement just mirror 1134 * the remote one */ 1135 if (conn->loc_auth == 0xff) 1136 conn->loc_auth = conn->rem_auth; 1137 1138 if (conn->loc_auth == 0x00 || conn->loc_auth == 0x04) { 1139 /* If remote requests dedicated bonding follow that lead */ 1140 if (conn->rem_auth == 0x02 || conn->rem_auth == 0x03) { 1141 1142 /* If both remote and local IO capabilities allow MITM 1143 * then require it, otherwise don't */ 1144 if (conn->rem_cap == 0x03 || conn->loc_cap == 0x03) 1145 conn->loc_auth = 0x02; 1146 else 1147 conn->loc_auth = 0x03; 1148 } 1149 1150 /* If remote indicates no bonding then follow that. This 1151 * is important since the kernel might give general bonding 1152 * as default. */ 1153 if (conn->rem_auth == 0x00 || conn->rem_auth == 0x01) 1154 conn->loc_auth = 0x00; 1155 1156 /* If remote requires MITM then also require it, unless 1157 * our IO capability is NoInputNoOutput (so some 1158 * just-works security cases can be tested) */ 1159 if (conn->rem_auth != 0xff && (conn->rem_auth & 0x01) && 1160 conn->loc_cap != 0x03) 1161 conn->loc_auth |= 0x01; 1162 } 1163 1164done: 1165 *cap = conn->loc_cap; 1166 *auth = conn->loc_auth; 1167 1168 DBG("final authentication requirement is 0x%02x", *auth); 1169 1170 return 0; 1171} 1172 1173static void io_capa_request(int index, void *ptr) 1174{ 1175 struct dev_info *dev = &devs[index]; 1176 bdaddr_t *dba = ptr; 1177 uint8_t cap, auth = 0xff; 1178 char da[18]; 1179 int err; 1180 1181 ba2str(dba, da); 1182 DBG("hci%d IO capability request for %s", index, da); 1183 1184 err = get_io_cap(index, dba, &cap, &auth); 1185 if (err < 0) { 1186 io_capability_neg_reply_cp cp; 1187 1188 error("Getting IO capability failed: %s (%d)", 1189 strerror(-err), -err); 1190 1191 memset(&cp, 0, sizeof(cp)); 1192 bacpy(&cp.bdaddr, dba); 1193 cp.reason = HCI_PAIRING_NOT_ALLOWED; 1194 hci_send_cmd(dev->sk, OGF_LINK_CTL, 1195 OCF_IO_CAPABILITY_NEG_REPLY, 1196 IO_CAPABILITY_NEG_REPLY_CP_SIZE, &cp); 1197 } else { 1198 io_capability_reply_cp cp; 1199 struct bt_conn *conn; 1200 GSList *match; 1201 1202 memset(&cp, 0, sizeof(cp)); 1203 bacpy(&cp.bdaddr, dba); 1204 cp.capability = cap; 1205 cp.authentication = auth; 1206 1207 conn = find_connection(dev, dba); 1208 match = g_slist_find_custom(dev->oob_data, dba, oob_bdaddr_cmp); 1209 1210 if ((conn->bonding_initiator || conn->rem_oob_data == 0x01) && 1211 match) 1212 cp.oob_data = 0x01; 1213 else 1214 cp.oob_data = 0x00; 1215 1216 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_IO_CAPABILITY_REPLY, 1217 IO_CAPABILITY_REPLY_CP_SIZE, &cp); 1218 } 1219} 1220 1221static void io_capa_response(int index, void *ptr) 1222{ 1223 struct dev_info *dev = &devs[index]; 1224 evt_io_capability_response *evt = ptr; 1225 struct bt_conn *conn; 1226 char da[18]; 1227 1228 ba2str(&evt->bdaddr, da); 1229 DBG("hci%d IO capability response from %s", index, da); 1230 1231 conn = find_connection(dev, &evt->bdaddr); 1232 if (conn) { 1233 conn->rem_cap = evt->capability; 1234 conn->rem_auth = evt->authentication; 1235 conn->rem_oob_data = evt->oob_data; 1236 } 1237} 1238 1239/* PIN code handling */ 1240 1241static void pin_code_request(int index, bdaddr_t *dba) 1242{ 1243 struct dev_info *dev = &devs[index]; 1244 struct bt_conn *conn; 1245 char addr[18]; 1246 int err; 1247 1248 ba2str(dba, addr); 1249 DBG("hci%d PIN request for %s", index, addr); 1250 1251 conn = get_connection(dev, dba); 1252 if (conn->handle == 0) 1253 conn->secmode3 = TRUE; 1254 1255 /* Check if the adapter is not pairable and if there isn't a bonding in 1256 * progress */ 1257 if (!dev->pairable && !conn->bonding_initiator) { 1258 DBG("Rejecting PIN request in non-pairable mode"); 1259 goto reject; 1260 } 1261 1262 err = btd_event_request_pin(&dev->bdaddr, dba); 1263 if (err < 0) { 1264 error("PIN code negative reply: %s", strerror(-err)); 1265 goto reject; 1266 } 1267 1268 return; 1269 1270reject: 1271 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_PIN_CODE_NEG_REPLY, 6, dba); 1272} 1273 1274static void start_inquiry(bdaddr_t *local, uint8_t status, gboolean periodic) 1275{ 1276 struct btd_adapter *adapter; 1277 int state; 1278 1279 /* Don't send the signal if the cmd failed */ 1280 if (status) { 1281 error("Inquiry Failed with status 0x%02x", status); 1282 return; 1283 } 1284 1285 adapter = manager_find_adapter(local); 1286 if (!adapter) { 1287 error("Unable to find matching adapter"); 1288 return; 1289 } 1290 1291 state = adapter_get_state(adapter); 1292 1293 if (periodic) 1294 state |= STATE_PINQ; 1295 else 1296 state |= STATE_STDINQ; 1297 1298 adapter_set_state(adapter, state); 1299} 1300 1301static void inquiry_complete(bdaddr_t *local, uint8_t status, 1302 gboolean periodic) 1303{ 1304 struct btd_adapter *adapter; 1305 int state; 1306 1307 /* Don't send the signal if the cmd failed */ 1308 if (status) { 1309 error("Inquiry Failed with status 0x%02x", status); 1310 return; 1311 } 1312 1313 adapter = manager_find_adapter(local); 1314 if (!adapter) { 1315 error("Unable to find matching adapter"); 1316 return; 1317 } 1318 1319 state = adapter_get_state(adapter); 1320 state &= ~(STATE_STDINQ | STATE_PINQ); 1321 adapter_set_state(adapter, state); 1322} 1323 1324static inline void remote_features_notify(int index, void *ptr) 1325{ 1326 struct dev_info *dev = &devs[index]; 1327 evt_remote_host_features_notify *evt = ptr; 1328 1329 if (evt->features[0] & 0x01) 1330 btd_event_set_legacy_pairing(&dev->bdaddr, &evt->bdaddr, 1331 FALSE); 1332 else 1333 btd_event_set_legacy_pairing(&dev->bdaddr, &evt->bdaddr, 1334 TRUE); 1335 1336 write_features_info(&dev->bdaddr, &evt->bdaddr, NULL, evt->features); 1337} 1338 1339static void write_le_host_complete(int index, uint8_t status) 1340{ 1341 struct dev_info *dev = &devs[index]; 1342 uint8_t page_num = 0x01; 1343 1344 if (status) 1345 return; 1346 1347 if (hci_send_cmd(dev->sk, OGF_INFO_PARAM, 1348 OCF_READ_LOCAL_EXT_FEATURES, 1, &page_num) < 0) 1349 error("Unable to read extended local features: %s (%d)", 1350 strerror(errno), errno); 1351} 1352 1353static void read_local_version_complete(int index, 1354 const read_local_version_rp *rp) 1355{ 1356 struct dev_info *dev = &devs[index]; 1357 1358 if (rp->status) 1359 return; 1360 1361 dev->ver.manufacturer = btohs(bt_get_unaligned(&rp->manufacturer)); 1362 dev->ver.hci_ver = rp->hci_ver; 1363 dev->ver.hci_rev = btohs(bt_get_unaligned(&rp->hci_rev)); 1364 dev->ver.lmp_ver = rp->lmp_ver; 1365 dev->ver.lmp_subver = btohs(bt_get_unaligned(&rp->lmp_subver)); 1366 1367 if (!dev->pending) 1368 return; 1369 1370 hci_clear_bit(PENDING_VERSION, &dev->pending); 1371 1372 DBG("Got version for hci%d", index); 1373 1374 if (!dev->pending && dev->up) 1375 init_adapter(index); 1376} 1377 1378static void read_local_features_complete(int index, 1379 const read_local_features_rp *rp) 1380{ 1381 struct dev_info *dev = &devs[index]; 1382 1383 if (rp->status) 1384 return; 1385 1386 memcpy(dev->features, rp->features, 8); 1387 1388 if (!dev->pending) 1389 return; 1390 1391 hci_clear_bit(PENDING_FEATURES, &dev->pending); 1392 1393 DBG("Got features for hci%d", index); 1394 1395 if (!dev->pending && dev->up) 1396 init_adapter(index); 1397} 1398 1399#define SIZEOF_UUID128 16 1400 1401static void eir_generate_uuid128(GSList *list, uint8_t *ptr, uint16_t *eir_len) 1402{ 1403 int i, k, uuid_count = 0; 1404 uint16_t len = *eir_len; 1405 uint8_t *uuid128; 1406 gboolean truncated = FALSE; 1407 1408 /* Store UUIDs in place, skip 2 bytes to write type and length later */ 1409 uuid128 = ptr + 2; 1410 1411 for (; list; list = list->next) { 1412 struct uuid_info *uuid = list->data; 1413 uint8_t *uuid128_data = uuid->uuid.value.uuid128.data; 1414 1415 if (uuid->uuid.type != SDP_UUID128) 1416 continue; 1417 1418 /* Stop if not enough space to put next UUID128 */ 1419 if ((len + 2 + SIZEOF_UUID128) > EIR_DATA_LENGTH) { 1420 truncated = TRUE; 1421 break; 1422 } 1423 1424 /* Check for duplicates, EIR data is Little Endian */ 1425 for (i = 0; i < uuid_count; i++) { 1426 for (k = 0; k < SIZEOF_UUID128; k++) { 1427 if (uuid128[i * SIZEOF_UUID128 + k] != 1428 uuid128_data[SIZEOF_UUID128 - 1 - k]) 1429 break; 1430 } 1431 if (k == SIZEOF_UUID128) 1432 break; 1433 } 1434 1435 if (i < uuid_count) 1436 continue; 1437 1438 /* EIR data is Little Endian */ 1439 for (k = 0; k < SIZEOF_UUID128; k++) 1440 uuid128[uuid_count * SIZEOF_UUID128 + k] = 1441 uuid128_data[SIZEOF_UUID128 - 1 - k]; 1442 1443 len += SIZEOF_UUID128; 1444 uuid_count++; 1445 } 1446 1447 if (uuid_count > 0 || truncated) { 1448 /* EIR Data length */ 1449 ptr[0] = (uuid_count * SIZEOF_UUID128) + 1; 1450 /* EIR Data type */ 1451 ptr[1] = truncated ? EIR_UUID128_SOME : EIR_UUID128_ALL; 1452 len += 2; 1453 *eir_len = len; 1454 } 1455} 1456 1457static void create_ext_inquiry_response(int index, uint8_t *data) 1458{ 1459 struct dev_info *dev = &devs[index]; 1460 GSList *l; 1461 uint8_t *ptr = data; 1462 uint16_t eir_len = 0; 1463 uint16_t uuid16[EIR_DATA_LENGTH / 2]; 1464 int i, uuid_count = 0; 1465 gboolean truncated = FALSE; 1466 size_t name_len; 1467 1468 name_len = strlen(dev->name); 1469 1470 if (name_len > 0) { 1471 /* EIR Data type */ 1472 if (name_len > 48) { 1473 name_len = 48; 1474 ptr[1] = EIR_NAME_SHORT; 1475 } else 1476 ptr[1] = EIR_NAME_COMPLETE; 1477 1478 /* EIR Data length */ 1479 ptr[0] = name_len + 1; 1480 1481 memcpy(ptr + 2, dev->name, name_len); 1482 1483 eir_len += (name_len + 2); 1484 ptr += (name_len + 2); 1485 } 1486 1487 if (dev->tx_power != 0) { 1488 *ptr++ = 2; 1489 *ptr++ = EIR_TX_POWER; 1490 *ptr++ = (uint8_t) dev->tx_power; 1491 eir_len += 3; 1492 } 1493 1494 if (dev->did_vendor != 0x0000) { 1495 uint16_t source = 0x0002; 1496 *ptr++ = 9; 1497 *ptr++ = EIR_DEVICE_ID; 1498 *ptr++ = (source & 0x00ff); 1499 *ptr++ = (source & 0xff00) >> 8; 1500 *ptr++ = (dev->did_vendor & 0x00ff); 1501 *ptr++ = (dev->did_vendor & 0xff00) >> 8; 1502 *ptr++ = (dev->did_product & 0x00ff); 1503 *ptr++ = (dev->did_product & 0xff00) >> 8; 1504 *ptr++ = (dev->did_version & 0x00ff); 1505 *ptr++ = (dev->did_version & 0xff00) >> 8; 1506 eir_len += 10; 1507 } 1508 1509 /* Group all UUID16 types */ 1510 for (l = dev->uuids; l != NULL; l = g_slist_next(l)) { 1511 struct uuid_info *uuid = l->data; 1512 1513 if (uuid->uuid.type != SDP_UUID16) 1514 continue; 1515 1516 if (uuid->uuid.value.uuid16 < 0x1100) 1517 continue; 1518 1519 if (uuid->uuid.value.uuid16 == PNP_INFO_SVCLASS_ID) 1520 continue; 1521 1522 /* Stop if not enough space to put next UUID16 */ 1523 if ((eir_len + 2 + sizeof(uint16_t)) > EIR_DATA_LENGTH) { 1524 truncated = TRUE; 1525 break; 1526 } 1527 1528 /* Check for duplicates */ 1529 for (i = 0; i < uuid_count; i++) 1530 if (uuid16[i] == uuid->uuid.value.uuid16) 1531 break; 1532 1533 if (i < uuid_count) 1534 continue; 1535 1536 uuid16[uuid_count++] = uuid->uuid.value.uuid16; 1537 eir_len += sizeof(uint16_t); 1538 } 1539 1540 if (uuid_count > 0) { 1541 /* EIR Data length */ 1542 ptr[0] = (uuid_count * sizeof(uint16_t)) + 1; 1543 /* EIR Data type */ 1544 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL; 1545 1546 ptr += 2; 1547 eir_len += 2; 1548 1549 for (i = 0; i < uuid_count; i++) { 1550 *ptr++ = (uuid16[i] & 0x00ff); 1551 *ptr++ = (uuid16[i] & 0xff00) >> 8; 1552 } 1553 } 1554 1555 /* Group all UUID128 types */ 1556 if (eir_len <= EIR_DATA_LENGTH - 2) 1557 eir_generate_uuid128(dev->uuids, ptr, &eir_len); 1558} 1559 1560static void update_ext_inquiry_response(int index) 1561{ 1562 struct dev_info *dev = &devs[index]; 1563 write_ext_inquiry_response_cp cp; 1564 1565 DBG("hci%d", index); 1566 1567 if (!(dev->features[6] & LMP_EXT_INQ)) 1568 return; 1569 1570 if (dev->ssp_mode == 0) 1571 return; 1572 1573 if (dev->cache_enable) 1574 return; 1575 1576 memset(&cp, 0, sizeof(cp)); 1577 1578 create_ext_inquiry_response(index, cp.data); 1579 1580 if (memcmp(cp.data, dev->eir, sizeof(cp.data)) == 0) 1581 return; 1582 1583 memcpy(dev->eir, cp.data, sizeof(cp.data)); 1584 1585 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 1586 OCF_WRITE_EXT_INQUIRY_RESPONSE, 1587 WRITE_EXT_INQUIRY_RESPONSE_CP_SIZE, &cp) < 0) 1588 error("Unable to write EIR data: %s (%d)", 1589 strerror(errno), errno); 1590} 1591 1592static void update_name(int index, const char *name) 1593{ 1594 struct btd_adapter *adapter; 1595 1596 adapter = manager_find_adapter_by_id(index); 1597 if (adapter) 1598 adapter_update_local_name(adapter, name); 1599 1600 update_ext_inquiry_response(index); 1601} 1602 1603static void read_local_name_complete(int index, read_local_name_rp *rp) 1604{ 1605 struct dev_info *dev = &devs[index]; 1606 1607 DBG("hci%d status %u", index, rp->status); 1608 1609 if (rp->status) 1610 return; 1611 1612 memcpy(dev->name, rp->name, 248); 1613 1614 if (!dev->pending) { 1615 update_name(index, (char *) rp->name); 1616 return; 1617 } 1618 1619 hci_clear_bit(PENDING_NAME, &dev->pending); 1620 1621 DBG("Got name for hci%d", index); 1622 1623 /* Even though it shouldn't happen (assuming the kernel behaves 1624 * properly) it seems like we might miss the very first 1625 * initialization commands that the kernel sends. So check for 1626 * it here (since read_local_name is one of the last init 1627 * commands) and resend the first ones if we haven't seen 1628 * their results yet */ 1629 1630 if (hci_test_bit(PENDING_FEATURES, &dev->pending)) 1631 hci_send_cmd(dev->sk, OGF_INFO_PARAM, 1632 OCF_READ_LOCAL_FEATURES, 0, NULL); 1633 1634 if (hci_test_bit(PENDING_VERSION, &dev->pending)) 1635 hci_send_cmd(dev->sk, OGF_INFO_PARAM, 1636 OCF_READ_LOCAL_VERSION, 0, NULL); 1637 1638 if (!dev->pending && dev->up) 1639 init_adapter(index); 1640} 1641 1642static void read_tx_power_complete(int index, void *ptr) 1643{ 1644 struct dev_info *dev = &devs[index]; 1645 1646 read_inq_response_tx_power_level_rp *rp = ptr; 1647 1648 DBG("hci%d status %u", index, rp->status); 1649 1650 if (rp->status) 1651 return; 1652 1653 dev->tx_power = rp->level; 1654 update_ext_inquiry_response(index); 1655} 1656 1657static void read_simple_pairing_mode_complete(int index, void *ptr) 1658{ 1659 struct dev_info *dev = &devs[index]; 1660 read_simple_pairing_mode_rp *rp = ptr; 1661 1662 DBG("hci%d status %u", index, rp->status); 1663 1664 if (rp->status) 1665 return; 1666 1667 dev->ssp_mode = rp->mode; 1668 update_ext_inquiry_response(index); 1669} 1670 1671static void read_local_ext_features_complete(int index, 1672 const read_local_ext_features_rp *rp) 1673{ 1674 struct btd_adapter *adapter; 1675 1676 DBG("hci%d status %u", index, rp->status); 1677 1678 if (rp->status) 1679 return; 1680 1681 adapter = manager_find_adapter_by_id(index); 1682 if (!adapter) { 1683 error("No matching adapter found"); 1684 return; 1685 } 1686 1687 /* Local Extended feature page number is 1 */ 1688 if (rp->page_num != 1) 1689 return; 1690 1691 btd_adapter_update_local_ext_features(adapter, rp->features); 1692} 1693 1694static void read_bd_addr_complete(int index, read_bd_addr_rp *rp) 1695{ 1696 struct dev_info *dev = &devs[index]; 1697 1698 DBG("hci%d status %u", index, rp->status); 1699 1700 if (rp->status) 1701 return; 1702 1703 bacpy(&dev->bdaddr, &rp->bdaddr); 1704 1705 if (!dev->pending) 1706 return; 1707 1708 hci_clear_bit(PENDING_BDADDR, &dev->pending); 1709 1710 DBG("Got bdaddr for hci%d", index); 1711 1712 if (!dev->pending && dev->up) 1713 init_adapter(index); 1714} 1715 1716static inline void cmd_status(int index, void *ptr) 1717{ 1718 struct dev_info *dev = &devs[index]; 1719 evt_cmd_status *evt = ptr; 1720 uint16_t opcode = btohs(evt->opcode); 1721 1722 if (opcode == cmd_opcode_pack(OGF_LINK_CTL, OCF_INQUIRY)) 1723 start_inquiry(&dev->bdaddr, evt->status, FALSE); 1724} 1725 1726static void read_scan_complete(int index, uint8_t status, void *ptr) 1727{ 1728 struct btd_adapter *adapter; 1729 read_scan_enable_rp *rp = ptr; 1730 1731 DBG("hci%d status %u", index, status); 1732 1733 adapter = manager_find_adapter_by_id(index); 1734 if (!adapter) { 1735 error("Unable to find matching adapter"); 1736 return; 1737 } 1738 1739 adapter_mode_changed(adapter, rp->enable); 1740} 1741 1742static int write_class(int index, uint32_t class) 1743{ 1744 struct dev_info *dev = &devs[index]; 1745 write_class_of_dev_cp cp; 1746 1747 DBG("hci%d class 0x%06x", index, class); 1748 1749 memcpy(cp.dev_class, &class, 3); 1750 1751 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_CLASS_OF_DEV, 1752 WRITE_CLASS_OF_DEV_CP_SIZE, &cp) < 0) 1753 return -errno; 1754 1755 dev->pending_cod = class; 1756 1757 return 0; 1758} 1759 1760/* Limited Discoverable bit mask in CoD */ 1761#define LIMITED_BIT 0x002000 1762 1763static int hciops_set_limited_discoverable(int index, gboolean limited) 1764{ 1765 struct dev_info *dev = &devs[index]; 1766 int num = (limited ? 2 : 1); 1767 uint8_t lap[] = { 0x33, 0x8b, 0x9e, 0x00, 0x8b, 0x9e }; 1768 write_current_iac_lap_cp cp; 1769 1770 DBG("hci%d limited %d", index, limited); 1771 1772 /* Check if limited bit needs to be set/reset */ 1773 if (limited) 1774 dev->wanted_cod |= LIMITED_BIT; 1775 else 1776 dev->wanted_cod &= ~LIMITED_BIT; 1777 1778 /* If we dont need the toggling, save an unnecessary CoD write */ 1779 if (dev->pending_cod || dev->wanted_cod == dev->current_cod) 1780 return 0; 1781 1782 /* 1783 * 1: giac 1784 * 2: giac + liac 1785 */ 1786 memset(&cp, 0, sizeof(cp)); 1787 cp.num_current_iac = num; 1788 memcpy(&cp.lap, lap, num * 3); 1789 1790 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_CURRENT_IAC_LAP, 1791 (num * 3 + 1), &cp) < 0) 1792 return -errno; 1793 1794 return write_class(index, dev->wanted_cod); 1795} 1796 1797static void write_class_complete(int index, uint8_t status) 1798{ 1799 struct dev_info *dev = &devs[index]; 1800 struct btd_adapter *adapter; 1801 1802 if (status) 1803 return; 1804 1805 if (dev->pending_cod == 0) 1806 return; 1807 1808 dev->current_cod = dev->pending_cod; 1809 dev->pending_cod = 0; 1810 1811 adapter = manager_find_adapter(&dev->bdaddr); 1812 if (adapter) 1813 btd_adapter_class_changed(adapter, dev->current_cod); 1814 1815 update_ext_inquiry_response(index); 1816 1817 if (dev->wanted_cod == dev->current_cod) 1818 return; 1819 1820 if (dev->wanted_cod & LIMITED_BIT && 1821 !(dev->current_cod & LIMITED_BIT)) 1822 hciops_set_limited_discoverable(index, TRUE); 1823 else if (!(dev->wanted_cod & LIMITED_BIT) && 1824 (dev->current_cod & LIMITED_BIT)) 1825 hciops_set_limited_discoverable(index, FALSE); 1826 else 1827 write_class(index, dev->wanted_cod); 1828} 1829 1830static void read_local_oob_data_complete(int index, uint8_t status, 1831 read_local_oob_data_rp *rp) 1832{ 1833 struct btd_adapter *adapter = manager_find_adapter_by_id(index); 1834 1835 if (!adapter) 1836 return; 1837 1838 if (status) 1839 oob_read_local_data_complete(adapter, NULL, NULL); 1840 else 1841 oob_read_local_data_complete(adapter, rp->hash, rp->randomizer); 1842} 1843 1844static inline void cmd_complete(int index, void *ptr) 1845{ 1846 struct dev_info *dev = &devs[index]; 1847 evt_cmd_complete *evt = ptr; 1848 uint16_t opcode = btohs(evt->opcode); 1849 uint8_t status = *((uint8_t *) ptr + EVT_CMD_COMPLETE_SIZE); 1850 1851 switch (opcode) { 1852 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_VERSION): 1853 ptr += sizeof(evt_cmd_complete); 1854 read_local_version_complete(index, ptr); 1855 break; 1856 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_FEATURES): 1857 ptr += sizeof(evt_cmd_complete); 1858 read_local_features_complete(index, ptr); 1859 break; 1860 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_EXT_FEATURES): 1861 ptr += sizeof(evt_cmd_complete); 1862 read_local_ext_features_complete(index, ptr); 1863 break; 1864 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_BD_ADDR): 1865 ptr += sizeof(evt_cmd_complete); 1866 read_bd_addr_complete(index, ptr); 1867 break; 1868 case cmd_opcode_pack(OGF_LINK_CTL, OCF_PERIODIC_INQUIRY): 1869 start_inquiry(&dev->bdaddr, status, TRUE); 1870 break; 1871 case cmd_opcode_pack(OGF_LINK_CTL, OCF_EXIT_PERIODIC_INQUIRY): 1872 inquiry_complete(&dev->bdaddr, status, TRUE); 1873 break; 1874 case cmd_opcode_pack(OGF_LINK_CTL, OCF_INQUIRY_CANCEL): 1875 inquiry_complete(&dev->bdaddr, status, FALSE); 1876 break; 1877 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_LE_HOST_SUPPORTED): 1878 write_le_host_complete(index, status); 1879 break; 1880 case cmd_opcode_pack(OGF_LE_CTL, OCF_LE_SET_SCAN_ENABLE): 1881 btd_event_le_set_scan_enable_complete(&dev->bdaddr, status); 1882 break; 1883 case cmd_opcode_pack(OGF_HOST_CTL, OCF_CHANGE_LOCAL_NAME): 1884 if (!status) 1885 hci_send_cmd(dev->sk, OGF_HOST_CTL, 1886 OCF_READ_LOCAL_NAME, 0, 0); 1887 break; 1888 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE): 1889 hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_READ_SCAN_ENABLE, 1890 0, NULL); 1891 break; 1892 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_SCAN_ENABLE): 1893 ptr += sizeof(evt_cmd_complete); 1894 read_scan_complete(index, status, ptr); 1895 break; 1896 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_CLASS_OF_DEV): 1897 write_class_complete(index, status); 1898 break; 1899 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_SIMPLE_PAIRING_MODE): 1900 if (!status) 1901 hci_send_cmd(dev->sk, OGF_HOST_CTL, 1902 OCF_READ_SIMPLE_PAIRING_MODE, 0, NULL); 1903 break; 1904 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_SIMPLE_PAIRING_MODE): 1905 ptr += sizeof(evt_cmd_complete); 1906 read_simple_pairing_mode_complete(index, ptr); 1907 break; 1908 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_LOCAL_NAME): 1909 ptr += sizeof(evt_cmd_complete); 1910 read_local_name_complete(index, ptr); 1911 break; 1912 case cmd_opcode_pack(OGF_HOST_CTL, 1913 OCF_READ_INQ_RESPONSE_TX_POWER_LEVEL): 1914 ptr += sizeof(evt_cmd_complete); 1915 read_tx_power_complete(index, ptr); 1916 break; 1917 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_LOCAL_OOB_DATA): 1918 ptr += sizeof(evt_cmd_complete); 1919 read_local_oob_data_complete(index, status, ptr); 1920 break; 1921 }; 1922} 1923 1924static inline void remote_name_information(int index, void *ptr) 1925{ 1926 struct dev_info *dev = &devs[index]; 1927 evt_remote_name_req_complete *evt = ptr; 1928 char name[MAX_NAME_LENGTH + 1]; 1929 1930 DBG("hci%d status %u", index, evt->status); 1931 1932 memset(name, 0, sizeof(name)); 1933 1934 if (!evt->status) 1935 memcpy(name, evt->name, MAX_NAME_LENGTH); 1936 1937 btd_event_remote_name(&dev->bdaddr, &evt->bdaddr, evt->status, name); 1938} 1939 1940static inline void remote_version_information(int index, void *ptr) 1941{ 1942 struct dev_info *dev = &devs[index]; 1943 evt_read_remote_version_complete *evt = ptr; 1944 struct bt_conn *conn; 1945 1946 DBG("hci%d status %u", index, evt->status); 1947 1948 if (evt->status) 1949 return; 1950 1951 conn = find_conn_by_handle(dev, btohs(evt->handle)); 1952 if (conn == NULL) 1953 return; 1954 1955 write_version_info(&dev->bdaddr, &conn->bdaddr, 1956 btohs(evt->manufacturer), evt->lmp_ver, 1957 btohs(evt->lmp_subver)); 1958} 1959 1960static inline void inquiry_result(int index, int plen, void *ptr) 1961{ 1962 struct dev_info *dev = &devs[index]; 1963 uint8_t num = *(uint8_t *) ptr++; 1964 int i; 1965 1966 for (i = 0; i < num; i++) { 1967 inquiry_info *info = ptr; 1968 uint32_t class = info->dev_class[0] | 1969 (info->dev_class[1] << 8) | 1970 (info->dev_class[2] << 16); 1971 1972 btd_event_device_found(&dev->bdaddr, &info->bdaddr, class, 1973 0, NULL); 1974 ptr += INQUIRY_INFO_SIZE; 1975 } 1976} 1977 1978static inline void inquiry_result_with_rssi(int index, int plen, void *ptr) 1979{ 1980 struct dev_info *dev = &devs[index]; 1981 uint8_t num = *(uint8_t *) ptr++; 1982 int i; 1983 1984 if (!num) 1985 return; 1986 1987 if ((plen - 1) / num == INQUIRY_INFO_WITH_RSSI_AND_PSCAN_MODE_SIZE) { 1988 for (i = 0; i < num; i++) { 1989 inquiry_info_with_rssi_and_pscan_mode *info = ptr; 1990 uint32_t class = info->dev_class[0] 1991 | (info->dev_class[1] << 8) 1992 | (info->dev_class[2] << 16); 1993 1994 btd_event_device_found(&dev->bdaddr, &info->bdaddr, 1995 class, info->rssi, NULL); 1996 ptr += INQUIRY_INFO_WITH_RSSI_AND_PSCAN_MODE_SIZE; 1997 } 1998 } else { 1999 for (i = 0; i < num; i++) { 2000 inquiry_info_with_rssi *info = ptr; 2001 uint32_t class = info->dev_class[0] 2002 | (info->dev_class[1] << 8) 2003 | (info->dev_class[2] << 16); 2004 2005 btd_event_device_found(&dev->bdaddr, &info->bdaddr, 2006 class, info->rssi, NULL); 2007 ptr += INQUIRY_INFO_WITH_RSSI_SIZE; 2008 } 2009 } 2010} 2011 2012static inline void extended_inquiry_result(int index, int plen, void *ptr) 2013{ 2014 struct dev_info *dev = &devs[index]; 2015 uint8_t num = *(uint8_t *) ptr++; 2016 int i; 2017 2018 for (i = 0; i < num; i++) { 2019 extended_inquiry_info *info = ptr; 2020 uint32_t class = info->dev_class[0] 2021 | (info->dev_class[1] << 8) 2022 | (info->dev_class[2] << 16); 2023 2024 btd_event_device_found(&dev->bdaddr, &info->bdaddr, class, 2025 info->rssi, info->data); 2026 ptr += EXTENDED_INQUIRY_INFO_SIZE; 2027 } 2028} 2029 2030static inline void remote_features_information(int index, void *ptr) 2031{ 2032 struct dev_info *dev = &devs[index]; 2033 evt_read_remote_features_complete *evt = ptr; 2034 struct bt_conn *conn; 2035 2036 DBG("hci%d status %u", index, evt->status); 2037 2038 if (evt->status) 2039 return; 2040 2041 conn = find_conn_by_handle(dev, btohs(evt->handle)); 2042 if (conn == NULL) 2043 return; 2044 2045 write_features_info(&dev->bdaddr, &conn->bdaddr, evt->features, NULL); 2046} 2047 2048struct remote_version_req { 2049 int index; 2050 uint16_t handle; 2051}; 2052 2053static gboolean __get_remote_version(gpointer user_data) 2054{ 2055 struct remote_version_req *req = user_data; 2056 struct dev_info *dev = &devs[req->index]; 2057 read_remote_version_cp cp; 2058 2059 DBG("hci%d handle %u", req->index, req->handle); 2060 2061 memset(&cp, 0, sizeof(cp)); 2062 cp.handle = htobs(req->handle); 2063 2064 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_READ_REMOTE_VERSION, 2065 READ_REMOTE_VERSION_CP_SIZE, &cp); 2066 2067 return FALSE; 2068} 2069 2070static void get_remote_version(int index, uint16_t handle) 2071{ 2072 struct remote_version_req *req; 2073 2074 req = g_new0(struct remote_version_req, 1); 2075 req->handle = handle; 2076 req->index = index; 2077 2078 g_timeout_add_seconds_full(G_PRIORITY_DEFAULT, 1, __get_remote_version, 2079 req, g_free); 2080} 2081 2082static void conn_free(struct bt_conn *conn) 2083{ 2084 if (conn->io != NULL) { 2085 g_io_channel_shutdown(conn->io, TRUE, NULL); 2086 g_io_channel_unref(conn->io); 2087 } 2088 2089 g_free(conn); 2090} 2091 2092static inline void conn_failed(int index, bdaddr_t *bdaddr, uint8_t status) 2093{ 2094 struct dev_info *dev = &devs[index]; 2095 struct bt_conn *conn; 2096 2097 btd_event_conn_failed(&dev->bdaddr, bdaddr, status); 2098 2099 conn = find_connection(dev, bdaddr); 2100 if (conn == NULL) 2101 return; 2102 2103 bonding_complete(dev, conn, status); 2104 2105 dev->connections = g_slist_remove(dev->connections, conn); 2106 conn_free(conn); 2107} 2108 2109static inline void conn_complete(int index, void *ptr) 2110{ 2111 struct dev_info *dev = &devs[index]; 2112 evt_conn_complete *evt = ptr; 2113 char filename[PATH_MAX]; 2114 char local_addr[18], peer_addr[18], *str; 2115 struct bt_conn *conn; 2116 2117 if (evt->link_type != ACL_LINK) 2118 return; 2119 2120 DBG("status 0x%02x", evt->status); 2121 2122 if (evt->status != 0) { 2123 conn_failed(index, &evt->bdaddr, evt->status); 2124 return; 2125 } 2126 2127 conn = get_connection(dev, &evt->bdaddr); 2128 conn->handle = btohs(evt->handle); 2129 2130 btd_event_conn_complete(&dev->bdaddr, &evt->bdaddr); 2131 2132 if (conn->secmode3) 2133 bonding_complete(dev, conn, 0); 2134 2135 /* check if the remote version needs be requested */ 2136 ba2str(&dev->bdaddr, local_addr); 2137 ba2str(&evt->bdaddr, peer_addr); 2138 2139 create_name(filename, sizeof(filename), STORAGEDIR, local_addr, 2140 "manufacturers"); 2141 2142 str = textfile_get(filename, peer_addr); 2143 if (!str) 2144 get_remote_version(index, btohs(evt->handle)); 2145 else 2146 free(str); 2147} 2148 2149static inline void le_conn_complete(int index, void *ptr) 2150{ 2151 struct dev_info *dev = &devs[index]; 2152 evt_le_connection_complete *evt = ptr; 2153 char filename[PATH_MAX]; 2154 char local_addr[18], peer_addr[18], *str; 2155 struct bt_conn *conn; 2156 2157 if (evt->status) { 2158 btd_event_conn_failed(&dev->bdaddr, &evt->peer_bdaddr, 2159 evt->status); 2160 return; 2161 } 2162 2163 conn = get_connection(dev, &evt->peer_bdaddr); 2164 conn->handle = btohs(evt->handle); 2165 2166 btd_event_conn_complete(&dev->bdaddr, &evt->peer_bdaddr); 2167 2168 /* check if the remote version needs be requested */ 2169 ba2str(&dev->bdaddr, local_addr); 2170 ba2str(&evt->peer_bdaddr, peer_addr); 2171 2172 create_name(filename, sizeof(filename), STORAGEDIR, local_addr, 2173 "manufacturers"); 2174 2175 str = textfile_get(filename, peer_addr); 2176 if (!str) 2177 get_remote_version(index, btohs(evt->handle)); 2178 else 2179 free(str); 2180} 2181 2182static inline void disconn_complete(int index, void *ptr) 2183{ 2184 struct dev_info *dev = &devs[index]; 2185 evt_disconn_complete *evt = ptr; 2186 struct bt_conn *conn; 2187 2188 DBG("handle %u status 0x%02x", btohs(evt->handle), evt->status); 2189 2190 if (evt->status != 0) 2191 return; 2192 2193 conn = find_conn_by_handle(dev, btohs(evt->handle)); 2194 if (conn == NULL) 2195 return; 2196 2197 dev->connections = g_slist_remove(dev->connections, conn); 2198 2199 btd_event_disconn_complete(&dev->bdaddr, &conn->bdaddr); 2200 2201 conn_free(conn); 2202} 2203 2204static inline void auth_complete(int index, void *ptr) 2205{ 2206 struct dev_info *dev = &devs[index]; 2207 evt_auth_complete *evt = ptr; 2208 struct bt_conn *conn; 2209 2210 DBG("hci%d status %u", index, evt->status); 2211 2212 conn = find_conn_by_handle(dev, btohs(evt->handle)); 2213 if (conn == NULL) 2214 return; 2215 2216 bonding_complete(dev, conn, evt->status); 2217} 2218 2219static inline void simple_pairing_complete(int index, void *ptr) 2220{ 2221 struct dev_info *dev = &devs[index]; 2222 evt_simple_pairing_complete *evt = ptr; 2223 2224 DBG("hci%d status %u", index, evt->status); 2225 2226 btd_event_simple_pairing_complete(&dev->bdaddr, &evt->bdaddr, 2227 evt->status); 2228} 2229 2230static inline void conn_request(int index, void *ptr) 2231{ 2232 struct dev_info *dev = &devs[index]; 2233 evt_conn_request *evt = ptr; 2234 uint32_t class = evt->dev_class[0] | (evt->dev_class[1] << 8) 2235 | (evt->dev_class[2] << 16); 2236 2237 btd_event_remote_class(&dev->bdaddr, &evt->bdaddr, class); 2238} 2239 2240static inline void le_advertising_report(int index, evt_le_meta_event *meta) 2241{ 2242 struct dev_info *dev = &devs[index]; 2243 le_advertising_info *info; 2244 uint8_t num_reports; 2245 const uint8_t RSSI_SIZE = 1; 2246 2247 num_reports = meta->data[0]; 2248 2249 info = (le_advertising_info *) &meta->data[1]; 2250 btd_event_advertising_report(&dev->bdaddr, info); 2251 num_reports--; 2252 2253 while (num_reports--) { 2254 info = (le_advertising_info *) (info->data + info->length + 2255 RSSI_SIZE); 2256 btd_event_advertising_report(&dev->bdaddr, info); 2257 } 2258} 2259 2260static inline void le_metaevent(int index, void *ptr) 2261{ 2262 evt_le_meta_event *meta = ptr; 2263 2264 DBG("hci%d LE Meta Event %u", index, meta->subevent); 2265 2266 switch (meta->subevent) { 2267 case EVT_LE_ADVERTISING_REPORT: 2268 le_advertising_report(index, meta); 2269 break; 2270 2271 case EVT_LE_CONN_COMPLETE: 2272 le_conn_complete(index, meta->data); 2273 break; 2274 } 2275} 2276 2277static void stop_hci_dev(int index) 2278{ 2279 struct dev_info *dev = &devs[index]; 2280 2281 if (dev->sk < 0) 2282 return; 2283 2284 info("Stopping hci%d event socket", index); 2285 2286 if (dev->watch_id > 0) 2287 g_source_remove(dev->watch_id); 2288 2289 if (dev->io != NULL) 2290 g_io_channel_unref(dev->io); 2291 2292 hci_close_dev(dev->sk); 2293 2294 g_slist_foreach(dev->keys, (GFunc) g_free, NULL); 2295 g_slist_free(dev->keys); 2296 2297 g_slist_foreach(dev->uuids, (GFunc) g_free, NULL); 2298 g_slist_free(dev->uuids); 2299 2300 g_slist_foreach(dev->connections, (GFunc) conn_free, NULL); 2301 g_slist_free(dev->connections); 2302 2303 init_dev_info(index, -1, dev->registered, dev->already_up); 2304} 2305 2306static gboolean io_security_event(GIOChannel *chan, GIOCondition cond, 2307 gpointer data) 2308{ 2309 unsigned char buf[HCI_MAX_EVENT_SIZE], *ptr = buf; 2310 int type, index = GPOINTER_TO_INT(data); 2311 struct dev_info *dev = &devs[index]; 2312 struct hci_dev_info di; 2313 ssize_t len; 2314 hci_event_hdr *eh; 2315 evt_cmd_status *evt; 2316 int fd; 2317 2318 if (cond & (G_IO_NVAL | G_IO_HUP | G_IO_ERR)) { 2319 stop_hci_dev(index); 2320 return FALSE; 2321 } 2322 2323 fd = g_io_channel_unix_get_fd(chan); 2324 2325 len = read(fd, buf, sizeof(buf)); 2326 if (len < 0) { 2327 if (errno == EAGAIN) 2328 return TRUE; 2329 stop_hci_dev(index); 2330 return FALSE; 2331 } 2332 2333 type = *ptr++; 2334 2335 if (type != HCI_EVENT_PKT) 2336 return TRUE; 2337 2338 eh = (hci_event_hdr *) ptr; 2339 ptr += HCI_EVENT_HDR_SIZE; 2340 2341 memset(&di, 0, sizeof(di)); 2342 if (hci_devinfo(index, &di) == 0) { 2343 bacpy(&dev->bdaddr, &di.bdaddr); 2344 2345 if (ignore_device(&di)) 2346 return TRUE; 2347 } 2348 2349 switch (eh->evt) { 2350 case EVT_CMD_STATUS: 2351 cmd_status(index, ptr); 2352 break; 2353 2354 case EVT_CMD_COMPLETE: 2355 cmd_complete(index, ptr); 2356 break; 2357 2358 case EVT_REMOTE_NAME_REQ_COMPLETE: 2359 remote_name_information(index, ptr); 2360 break; 2361 2362 case EVT_READ_REMOTE_VERSION_COMPLETE: 2363 remote_version_information(index, ptr); 2364 break; 2365 2366 case EVT_READ_REMOTE_FEATURES_COMPLETE: 2367 remote_features_information(index, ptr); 2368 break; 2369 2370 case EVT_REMOTE_HOST_FEATURES_NOTIFY: 2371 remote_features_notify(index, ptr); 2372 break; 2373 2374 case EVT_INQUIRY_COMPLETE: 2375 evt = (evt_cmd_status *) ptr; 2376 inquiry_complete(&dev->bdaddr, evt->status, FALSE); 2377 break; 2378 2379 case EVT_INQUIRY_RESULT: 2380 inquiry_result(index, eh->plen, ptr); 2381 break; 2382 2383 case EVT_INQUIRY_RESULT_WITH_RSSI: 2384 inquiry_result_with_rssi(index, eh->plen, ptr); 2385 break; 2386 2387 case EVT_EXTENDED_INQUIRY_RESULT: 2388 extended_inquiry_result(index, eh->plen, ptr); 2389 break; 2390 2391 case EVT_CONN_COMPLETE: 2392 conn_complete(index, ptr); 2393 break; 2394 2395 case EVT_DISCONN_COMPLETE: 2396 disconn_complete(index, ptr); 2397 break; 2398 2399 case EVT_AUTH_COMPLETE: 2400 auth_complete(index, ptr); 2401 break; 2402 2403 case EVT_SIMPLE_PAIRING_COMPLETE: 2404 simple_pairing_complete(index, ptr); 2405 break; 2406 2407 case EVT_CONN_REQUEST: 2408 conn_request(index, ptr); 2409 break; 2410 case EVT_LE_META_EVENT: 2411 le_metaevent(index, ptr); 2412 break; 2413 case EVT_PIN_CODE_REQ: 2414 pin_code_request(index, (bdaddr_t *) ptr); 2415 break; 2416 2417 case EVT_LINK_KEY_REQ: 2418 link_key_request(index, (bdaddr_t *) ptr); 2419 break; 2420 2421 case EVT_LINK_KEY_NOTIFY: 2422 link_key_notify(index, ptr); 2423 break; 2424 2425 case EVT_RETURN_LINK_KEYS: 2426 return_link_keys(index, ptr); 2427 break; 2428 2429 case EVT_IO_CAPABILITY_REQUEST: 2430 io_capa_request(index, ptr); 2431 break; 2432 2433 case EVT_IO_CAPABILITY_RESPONSE: 2434 io_capa_response(index, ptr); 2435 break; 2436 2437 case EVT_USER_CONFIRM_REQUEST: 2438 user_confirm_request(index, ptr); 2439 break; 2440 2441 case EVT_USER_PASSKEY_REQUEST: 2442 user_passkey_request(index, ptr); 2443 break; 2444 2445 case EVT_USER_PASSKEY_NOTIFY: 2446 user_passkey_notify(index, ptr); 2447 break; 2448 2449 case EVT_REMOTE_OOB_DATA_REQUEST: 2450 remote_oob_data_request(index, (bdaddr_t *) ptr); 2451 break; 2452 } 2453 2454 return TRUE; 2455} 2456 2457static void start_hci_dev(int index) 2458{ 2459 struct dev_info *dev = &devs[index]; 2460 GIOChannel *chan = dev->io; 2461 GIOCondition cond; 2462 struct hci_filter flt; 2463 2464 if (chan) 2465 return; 2466 2467 info("Listening for HCI events on hci%d", index); 2468 2469 /* Set filter */ 2470 hci_filter_clear(&flt); 2471 hci_filter_set_ptype(HCI_EVENT_PKT, &flt); 2472 hci_filter_set_event(EVT_CMD_STATUS, &flt); 2473 hci_filter_set_event(EVT_CMD_COMPLETE, &flt); 2474 hci_filter_set_event(EVT_PIN_CODE_REQ, &flt); 2475 hci_filter_set_event(EVT_LINK_KEY_REQ, &flt); 2476 hci_filter_set_event(EVT_LINK_KEY_NOTIFY, &flt); 2477 hci_filter_set_event(EVT_RETURN_LINK_KEYS, &flt); 2478 hci_filter_set_event(EVT_IO_CAPABILITY_REQUEST, &flt); 2479 hci_filter_set_event(EVT_IO_CAPABILITY_RESPONSE, &flt); 2480 hci_filter_set_event(EVT_USER_CONFIRM_REQUEST, &flt); 2481 hci_filter_set_event(EVT_USER_PASSKEY_REQUEST, &flt); 2482 hci_filter_set_event(EVT_REMOTE_OOB_DATA_REQUEST, &flt); 2483 hci_filter_set_event(EVT_USER_PASSKEY_NOTIFY, &flt); 2484 hci_filter_set_event(EVT_KEYPRESS_NOTIFY, &flt); 2485 hci_filter_set_event(EVT_SIMPLE_PAIRING_COMPLETE, &flt); 2486 hci_filter_set_event(EVT_AUTH_COMPLETE, &flt); 2487 hci_filter_set_event(EVT_REMOTE_NAME_REQ_COMPLETE, &flt); 2488 hci_filter_set_event(EVT_READ_REMOTE_VERSION_COMPLETE, &flt); 2489 hci_filter_set_event(EVT_READ_REMOTE_FEATURES_COMPLETE, &flt); 2490 hci_filter_set_event(EVT_REMOTE_HOST_FEATURES_NOTIFY, &flt); 2491 hci_filter_set_event(EVT_INQUIRY_COMPLETE, &flt); 2492 hci_filter_set_event(EVT_INQUIRY_RESULT, &flt); 2493 hci_filter_set_event(EVT_INQUIRY_RESULT_WITH_RSSI, &flt); 2494 hci_filter_set_event(EVT_EXTENDED_INQUIRY_RESULT, &flt); 2495 hci_filter_set_event(EVT_CONN_REQUEST, &flt); 2496 hci_filter_set_event(EVT_CONN_COMPLETE, &flt); 2497 hci_filter_set_event(EVT_DISCONN_COMPLETE, &flt); 2498 hci_filter_set_event(EVT_LE_META_EVENT, &flt); 2499 if (setsockopt(dev->sk, SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) { 2500 error("Can't set filter on hci%d: %s (%d)", 2501 index, strerror(errno), errno); 2502 return; 2503 } 2504 2505 chan = g_io_channel_unix_new(dev->sk); 2506 cond = G_IO_IN | G_IO_NVAL | G_IO_HUP | G_IO_ERR; 2507 dev->watch_id = g_io_add_watch_full(chan, G_PRIORITY_LOW, cond, 2508 io_security_event, 2509 GINT_TO_POINTER(index), NULL); 2510 dev->io = chan; 2511 dev->pin_length = 0; 2512 2513} 2514 2515/* End of HCI event callbacks */ 2516 2517static gboolean child_exit(GIOChannel *io, GIOCondition cond, void *user_data) 2518{ 2519 int status, fd = g_io_channel_unix_get_fd(io); 2520 pid_t child_pid; 2521 2522 if (read(fd, &child_pid, sizeof(child_pid)) != sizeof(child_pid)) { 2523 error("child_exit: unable to read child pid from pipe"); 2524 return TRUE; 2525 } 2526 2527 if (waitpid(child_pid, &status, 0) != child_pid) 2528 error("waitpid(%d) failed", child_pid); 2529 else 2530 DBG("child %d exited", child_pid); 2531 2532 return TRUE; 2533} 2534 2535static void at_child_exit(void) 2536{ 2537 pid_t pid = getpid(); 2538 2539 if (write(child_pipe[1], &pid, sizeof(pid)) != sizeof(pid)) 2540 error("unable to write to child pipe"); 2541} 2542 2543static void device_devup_setup(int index) 2544{ 2545 struct dev_info *dev = &devs[index]; 2546 struct hci_dev_info di; 2547 read_stored_link_key_cp cp; 2548 2549 DBG("hci%d", index); 2550 2551 if (hci_devinfo(index, &di) < 0) 2552 return; 2553 2554 if (ignore_device(&di)) 2555 return; 2556 2557 bacpy(&dev->bdaddr, &di.bdaddr); 2558 memcpy(dev->features, di.features, 8); 2559 2560 /* Set page timeout */ 2561 if ((main_opts.flags & (1 << HCID_SET_PAGETO))) { 2562 write_page_timeout_cp cp; 2563 2564 cp.timeout = htobs(main_opts.pageto); 2565 hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_PAGE_TIMEOUT, 2566 WRITE_PAGE_TIMEOUT_CP_SIZE, &cp); 2567 } 2568 2569 bacpy(&cp.bdaddr, BDADDR_ANY); 2570 cp.read_all = 1; 2571 hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_READ_STORED_LINK_KEY, 2572 READ_STORED_LINK_KEY_CP_SIZE, &cp); 2573 2574 if (!dev->pending) 2575 init_adapter(index); 2576} 2577 2578static void init_pending(int index) 2579{ 2580 struct dev_info *dev = &devs[index]; 2581 2582 hci_set_bit(PENDING_BDADDR, &dev->pending); 2583 hci_set_bit(PENDING_VERSION, &dev->pending); 2584 hci_set_bit(PENDING_FEATURES, &dev->pending); 2585 hci_set_bit(PENDING_NAME, &dev->pending); 2586} 2587 2588static struct dev_info *init_device(int index, gboolean already_up) 2589{ 2590 struct dev_info *dev; 2591 struct hci_dev_req dr; 2592 int dd; 2593 pid_t pid; 2594 2595 DBG("hci%d", index); 2596 2597 dd = hci_open_dev(index); 2598 if (dd < 0) { 2599 error("Unable to open hci%d: %s (%d)", index, 2600 strerror(errno), errno); 2601 return NULL; 2602 } 2603 2604 if (index > max_dev) { 2605 max_dev = index; 2606 devs = g_realloc(devs, sizeof(devs[0]) * (max_dev + 1)); 2607 } 2608 2609 dev = init_dev_info(index, dd, FALSE, already_up); 2610 init_pending(index); 2611 start_hci_dev(index); 2612 2613 /* Avoid forking if nothing else has to be done */ 2614 if (already_up) 2615 return dev; 2616 2617 /* Do initialization in the separate process */ 2618 pid = fork(); 2619 switch (pid) { 2620 case 0: 2621 atexit(at_child_exit); 2622 break; 2623 case -1: 2624 error("Fork failed. Can't init device hci%d: %s (%d)", 2625 index, strerror(errno), errno); 2626 default: 2627 DBG("child %d forked", pid); 2628 return dev; 2629 } 2630 2631 memset(&dr, 0, sizeof(dr)); 2632 dr.dev_id = index; 2633 2634 /* Set link mode */ 2635 dr.dev_opt = main_opts.link_mode; 2636 if (ioctl(dd, HCISETLINKMODE, (unsigned long) &dr) < 0) 2637 error("Can't set link mode on hci%d: %s (%d)", 2638 index, strerror(errno), errno); 2639 2640 /* Start HCI device */ 2641 if (ioctl(dd, HCIDEVUP, index) < 0 && errno != EALREADY) { 2642 error("Can't init device hci%d: %s (%d)", 2643 index, strerror(errno), errno); 2644 goto fail; 2645 } 2646 2647 hci_close_dev(dd); 2648 exit(0); 2649 2650fail: 2651 hci_close_dev(dd); 2652 exit(1); 2653} 2654 2655static void init_conn_list(int index) 2656{ 2657 struct dev_info *dev = &devs[index]; 2658 struct hci_conn_list_req *cl; 2659 struct hci_conn_info *ci; 2660 int err, i; 2661 2662 DBG("hci%d", index); 2663 2664 cl = g_malloc0(10 * sizeof(*ci) + sizeof(*cl)); 2665 2666 cl->dev_id = index; 2667 cl->conn_num = 10; 2668 ci = cl->conn_info; 2669 2670 if (ioctl(dev->sk, HCIGETCONNLIST, cl) < 0) { 2671 error("Unable to get connection list: %s (%d)", 2672 strerror(errno), errno); 2673 goto failed; 2674 } 2675 2676 for (i = 0; i < cl->conn_num; i++, ci++) { 2677 struct bt_conn *conn; 2678 2679 if (ci->type != ACL_LINK) 2680 continue; 2681 2682 conn = get_connection(dev, &ci->bdaddr); 2683 conn->handle = ci->handle; 2684 } 2685 2686 err = 0; 2687 2688failed: 2689 g_free(cl); 2690} 2691 2692static void device_event(int event, int index) 2693{ 2694 switch (event) { 2695 case HCI_DEV_REG: 2696 info("HCI dev %d registered", index); 2697 init_device(index, FALSE); 2698 break; 2699 2700 case HCI_DEV_UNREG: 2701 info("HCI dev %d unregistered", index); 2702 stop_hci_dev(index); 2703 if (devs[index].registered) 2704 btd_manager_unregister_adapter(index); 2705 break; 2706 2707 case HCI_DEV_UP: 2708 info("HCI dev %d up", index); 2709 devs[index].up = TRUE; 2710 device_devup_setup(index); 2711 break; 2712 2713 case HCI_DEV_DOWN: 2714 info("HCI dev %d down", index); 2715 devs[index].up = FALSE; 2716 devs[index].pending_cod = 0; 2717 devs[index].cache_enable = TRUE; 2718 if (!devs[index].pending) { 2719 struct btd_adapter *adapter; 2720 2721 adapter = manager_find_adapter_by_id(index); 2722 if (adapter) 2723 btd_adapter_stop(adapter); 2724 2725 init_pending(index); 2726 } 2727 break; 2728 } 2729} 2730 2731static gboolean init_known_adapters(gpointer user_data) 2732{ 2733 struct hci_dev_list_req *dl; 2734 struct hci_dev_req *dr; 2735 int i, err, ctl = GPOINTER_TO_INT(user_data); 2736 size_t req_size; 2737 2738 DBG(""); 2739 2740 req_size = HCI_MAX_DEV * sizeof(struct hci_dev_req) + sizeof(uint16_t); 2741 2742 dl = g_try_malloc0(req_size); 2743 if (!dl) { 2744 error("Can't allocate devlist buffer"); 2745 return FALSE; 2746 } 2747 2748 dl->dev_num = HCI_MAX_DEV; 2749 dr = dl->dev_req; 2750 2751 if (ioctl(ctl, HCIGETDEVLIST, dl) < 0) { 2752 err = -errno; 2753 error("Can't get device list: %s (%d)", strerror(-err), -err); 2754 g_free(dl); 2755 return FALSE; 2756 } 2757 2758 for (i = 0; i < dl->dev_num; i++, dr++) { 2759 struct dev_info *dev; 2760 gboolean already_up; 2761 2762 already_up = hci_test_bit(HCI_UP, &dr->dev_opt); 2763 2764 dev = init_device(dr->dev_id, already_up); 2765 if (dev == NULL) 2766 continue; 2767 2768 if (!dev->already_up) 2769 continue; 2770 2771 init_conn_list(dr->dev_id); 2772 2773 dev->pending = 0; 2774 hci_set_bit(PENDING_VERSION, &dev->pending); 2775 hci_send_cmd(dev->sk, OGF_INFO_PARAM, 2776 OCF_READ_LOCAL_VERSION, 0, NULL); 2777 device_event(HCI_DEV_UP, dr->dev_id); 2778 } 2779 2780 g_free(dl); 2781 2782 return FALSE; 2783} 2784 2785static gboolean io_stack_event(GIOChannel *chan, GIOCondition cond, 2786 gpointer data) 2787{ 2788 unsigned char buf[HCI_MAX_FRAME_SIZE], *ptr; 2789 evt_stack_internal *si; 2790 evt_si_device *sd; 2791 hci_event_hdr *eh; 2792 int type, fd; 2793 ssize_t len; 2794 2795 ptr = buf; 2796 2797 fd = g_io_channel_unix_get_fd(chan); 2798 2799 len = read(fd, buf, sizeof(buf)); 2800 if (len < 0) { 2801 if (errno == EAGAIN) 2802 return TRUE; 2803 2804 error("Read from control socket failed: %s (%d)", 2805 strerror(errno), errno); 2806 return FALSE; 2807 } 2808 2809 type = *ptr++; 2810 2811 if (type != HCI_EVENT_PKT) 2812 return TRUE; 2813 2814 eh = (hci_event_hdr *) ptr; 2815 if (eh->evt != EVT_STACK_INTERNAL) 2816 return TRUE; 2817 2818 ptr += HCI_EVENT_HDR_SIZE; 2819 2820 si = (evt_stack_internal *) ptr; 2821 switch (si->type) { 2822 case EVT_SI_DEVICE: 2823 sd = (void *) &si->data; 2824 device_event(sd->event, sd->dev_id); 2825 break; 2826 } 2827 2828 return TRUE; 2829} 2830 2831static int hciops_setup(void) 2832{ 2833 struct sockaddr_hci addr; 2834 struct hci_filter flt; 2835 GIOChannel *ctl_io, *child_io; 2836 int sock, err; 2837 2838 DBG(""); 2839 2840 if (child_pipe[0] != -1) 2841 return -EALREADY; 2842 2843 if (pipe(child_pipe) < 0) { 2844 err = -errno; 2845 error("pipe(): %s (%d)", strerror(-err), -err); 2846 return err; 2847 } 2848 2849 child_io = g_io_channel_unix_new(child_pipe[0]); 2850 g_io_channel_set_close_on_unref(child_io, TRUE); 2851 child_io_id = g_io_add_watch(child_io, 2852 G_IO_IN | G_IO_ERR | G_IO_HUP | G_IO_NVAL, 2853 child_exit, NULL); 2854 g_io_channel_unref(child_io); 2855 2856 /* Create and bind HCI socket */ 2857 sock = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI); 2858 if (sock < 0) { 2859 err = -errno; 2860 error("Can't open HCI socket: %s (%d)", strerror(-err), 2861 -err); 2862 return err; 2863 } 2864 2865 /* Set filter */ 2866 hci_filter_clear(&flt); 2867 hci_filter_set_ptype(HCI_EVENT_PKT, &flt); 2868 hci_filter_set_event(EVT_STACK_INTERNAL, &flt); 2869 if (setsockopt(sock, SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) { 2870 err = -errno; 2871 error("Can't set filter: %s (%d)", strerror(-err), -err); 2872 return err; 2873 } 2874 2875 memset(&addr, 0, sizeof(addr)); 2876 addr.hci_family = AF_BLUETOOTH; 2877 addr.hci_dev = HCI_DEV_NONE; 2878 if (bind(sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) { 2879 err = -errno; 2880 error("Can't bind HCI socket: %s (%d)", strerror(-err), -err); 2881 return err; 2882 } 2883 2884 ctl_io = g_io_channel_unix_new(sock); 2885 g_io_channel_set_close_on_unref(ctl_io, TRUE); 2886 2887 ctl_io_id = g_io_add_watch(ctl_io, G_IO_IN, io_stack_event, NULL); 2888 2889 g_io_channel_unref(ctl_io); 2890 2891 g_idle_add(init_known_adapters, GINT_TO_POINTER(sock)); 2892 2893 return 0; 2894} 2895 2896static void hciops_cleanup(void) 2897{ 2898 int i; 2899 2900 DBG(""); 2901 2902 for (i = 0; i <= max_dev; i++) 2903 stop_hci_dev(i); 2904 2905 g_free(devs); 2906 devs = NULL; 2907 max_dev = -1; 2908 2909 if (child_io_id) { 2910 g_source_remove(child_io_id); 2911 child_io_id = 0; 2912 } 2913 2914 if (ctl_io_id) { 2915 g_source_remove(ctl_io_id); 2916 ctl_io_id = 0; 2917 } 2918 2919 if (child_pipe[0] >= 0) { 2920 close(child_pipe[0]); 2921 child_pipe[0] = -1; 2922 } 2923 2924 if (child_pipe[1] >= 0) { 2925 close(child_pipe[1]); 2926 child_pipe[1] = -1; 2927 } 2928} 2929 2930static int hciops_set_powered(int index, gboolean powered) 2931{ 2932 struct dev_info *dev = &devs[index]; 2933 int err; 2934 2935 DBG("hci%d powered %d", index, powered); 2936 2937 if (powered == FALSE) 2938 return hciops_power_off(index); 2939 2940 if (ioctl(dev->sk, HCIDEVUP, index) == 0) 2941 return 0; 2942 2943 if (errno == EALREADY) 2944 return 0; 2945 2946 err = -errno; 2947 error("Can't init device hci%d: %s (%d)", 2948 index, strerror(-err), -err); 2949 2950 return err; 2951} 2952 2953static int hciops_set_dev_class(int index, uint8_t major, uint8_t minor) 2954{ 2955 struct dev_info *dev = &devs[index]; 2956 int err; 2957 2958 DBG("hci%d major %u minor %u", index, major, minor); 2959 2960 /* Update only the major and minor class bits keeping remaining bits 2961 * intact*/ 2962 dev->wanted_cod &= 0xffe000; 2963 dev->wanted_cod |= ((major & 0x1f) << 8) | minor; 2964 2965 if (dev->wanted_cod == dev->current_cod || 2966 dev->cache_enable || dev->pending_cod) 2967 return 0; 2968 2969 DBG("Changing Major/Minor class to 0x%06x", dev->wanted_cod); 2970 2971 err = write_class(index, dev->wanted_cod); 2972 if (err < 0) 2973 error("Adapter class update failed: %s (%d)", 2974 strerror(-err), -err); 2975 2976 return err; 2977} 2978 2979static int hciops_start_inquiry(int index, uint8_t length, gboolean periodic) 2980{ 2981 struct dev_info *dev = &devs[index]; 2982 uint8_t lap[3] = { 0x33, 0x8b, 0x9e }; 2983 int err; 2984 2985 DBG("hci%d length %u periodic %d", index, length, periodic); 2986 2987 if (periodic) { 2988 periodic_inquiry_cp cp; 2989 2990 memset(&cp, 0, sizeof(cp)); 2991 memcpy(&cp.lap, lap, 3); 2992 cp.max_period = htobs(24); 2993 cp.min_period = htobs(16); 2994 cp.length = length; 2995 cp.num_rsp = 0x00; 2996 2997 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2998 OCF_PERIODIC_INQUIRY, 2999 PERIODIC_INQUIRY_CP_SIZE, &cp); 3000 } else { 3001 inquiry_cp inq_cp; 3002 3003 memset(&inq_cp, 0, sizeof(inq_cp)); 3004 memcpy(&inq_cp.lap, lap, 3); 3005 inq_cp.length = length; 3006 inq_cp.num_rsp = 0x00; 3007 3008 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 3009 OCF_INQUIRY, INQUIRY_CP_SIZE, &inq_cp); 3010 } 3011 3012 if (err < 0) 3013 err = -errno; 3014 3015 return err; 3016} 3017 3018static int le_set_scan_enable(int index, uint8_t enable) 3019{ 3020 struct dev_info *dev = &devs[index]; 3021 le_set_scan_enable_cp cp; 3022 3023 DBG("hci%d enable %u", index, enable); 3024 3025 memset(&cp, 0, sizeof(cp)); 3026 cp.enable = enable; 3027 cp.filter_dup = 0; 3028 3029 if (hci_send_cmd(dev->sk, OGF_LE_CTL, OCF_LE_SET_SCAN_ENABLE, 3030 LE_SET_SCAN_ENABLE_CP_SIZE, &cp) < 0) 3031 return -errno; 3032 3033 return 0; 3034} 3035 3036static int hciops_start_scanning(int index) 3037{ 3038 struct dev_info *dev = &devs[index]; 3039 le_set_scan_parameters_cp cp; 3040 3041 DBG("hci%d", index); 3042 3043 memset(&cp, 0, sizeof(cp)); 3044 cp.type = 0x01; /* Active scanning */ 3045 /* The recommended value for scan interval and window is 11.25 msec. 3046 * It is calculated by: time = n * 0.625 msec */ 3047 cp.interval = htobs(0x0012); 3048 cp.window = htobs(0x0012); 3049 cp.own_bdaddr_type = 0; /* Public address */ 3050 cp.filter = 0; /* Accept all adv packets */ 3051 3052 if (hci_send_cmd(dev->sk, OGF_LE_CTL, OCF_LE_SET_SCAN_PARAMETERS, 3053 LE_SET_SCAN_PARAMETERS_CP_SIZE, &cp) < 0) 3054 return -errno; 3055 3056 return le_set_scan_enable(index, 1); 3057} 3058 3059static int hciops_stop_scanning(int index) 3060{ 3061 DBG("hci%d", index); 3062 3063 return le_set_scan_enable(index, 0); 3064} 3065 3066static int hciops_resolve_name(int index, bdaddr_t *bdaddr) 3067{ 3068 struct dev_info *dev = &devs[index]; 3069 remote_name_req_cp cp; 3070 char addr[18]; 3071 3072 ba2str(bdaddr, addr); 3073 DBG("hci%d dba %s", index, addr); 3074 3075 memset(&cp, 0, sizeof(cp)); 3076 bacpy(&cp.bdaddr, bdaddr); 3077 cp.pscan_rep_mode = 0x02; 3078 3079 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_REMOTE_NAME_REQ, 3080 REMOTE_NAME_REQ_CP_SIZE, &cp) < 0) 3081 return -errno; 3082 3083 return 0; 3084} 3085 3086static int hciops_set_name(int index, const char *name) 3087{ 3088 struct dev_info *dev = &devs[index]; 3089 change_local_name_cp cp; 3090 3091 DBG("hci%d, name %s", index, name); 3092 3093 memset(&cp, 0, sizeof(cp)); 3094 strncpy((char *) cp.name, name, sizeof(cp.name)); 3095 3096 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_CHANGE_LOCAL_NAME, 3097 CHANGE_LOCAL_NAME_CP_SIZE, &cp) < 0) 3098 return -errno; 3099 3100 memcpy(dev->name, cp.name, 248); 3101 update_ext_inquiry_response(index); 3102 3103 return 0; 3104} 3105 3106static int hciops_cancel_resolve_name(int index, bdaddr_t *bdaddr) 3107{ 3108 struct dev_info *dev = &devs[index]; 3109 remote_name_req_cancel_cp cp; 3110 char addr[18]; 3111 3112 ba2str(bdaddr, addr); 3113 DBG("hci%d dba %s", index, addr); 3114 3115 memset(&cp, 0, sizeof(cp)); 3116 bacpy(&cp.bdaddr, bdaddr); 3117 3118 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_REMOTE_NAME_REQ_CANCEL, 3119 REMOTE_NAME_REQ_CANCEL_CP_SIZE, &cp) < 0) 3120 return -errno; 3121 3122 return 0; 3123} 3124 3125static int hciops_fast_connectable(int index, gboolean enable) 3126{ 3127 struct dev_info *dev = &devs[index]; 3128 write_page_activity_cp cp; 3129 uint8_t type; 3130 3131 DBG("hci%d enable %d", index, enable); 3132 3133 if (enable) { 3134 type = PAGE_SCAN_TYPE_INTERLACED; 3135 cp.interval = 0x0024; /* 22.5 msec page scan interval */ 3136 } else { 3137 type = PAGE_SCAN_TYPE_STANDARD; /* default */ 3138 cp.interval = 0x0800; /* default 1.28 sec page scan */ 3139 } 3140 3141 cp.window = 0x0012; /* default 11.25 msec page scan window */ 3142 3143 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_PAGE_ACTIVITY, 3144 WRITE_PAGE_ACTIVITY_CP_SIZE, &cp) < 0) 3145 return -errno; 3146 else if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 3147 OCF_WRITE_PAGE_SCAN_TYPE, 1, &type) < 0) 3148 return -errno; 3149 3150 return 0; 3151} 3152 3153static int hciops_read_clock(int index, bdaddr_t *bdaddr, int which, 3154 int timeout, uint32_t *clock, 3155 uint16_t *accuracy) 3156{ 3157 struct dev_info *dev = &devs[index]; 3158 uint16_t handle = 0; 3159 char addr[18]; 3160 int ret; 3161 3162 ba2str(bdaddr, addr); 3163 DBG("hci%d addr %s which %d timeout %d", index, addr, which, timeout); 3164 3165 ret = get_handle(index, bdaddr, &handle); 3166 if (ret < 0) 3167 return ret; 3168 3169 if (hci_read_clock(dev->sk, htobs(handle), which, clock, accuracy, 3170 timeout) < 0) 3171 return -errno; 3172 3173 return 0; 3174} 3175 3176static int hciops_read_bdaddr(int index, bdaddr_t *bdaddr) 3177{ 3178 struct dev_info *dev = &devs[index]; 3179 3180 DBG("hci%d", index); 3181 3182 bacpy(bdaddr, &dev->bdaddr); 3183 3184 return 0; 3185} 3186 3187static int hciops_block_device(int index, bdaddr_t *bdaddr) 3188{ 3189 struct dev_info *dev = &devs[index]; 3190 char addr[18]; 3191 3192 ba2str(bdaddr, addr); 3193 DBG("hci%d dba %s", index, addr); 3194 3195 if (ioctl(dev->sk, HCIBLOCKADDR, bdaddr) < 0) 3196 return -errno; 3197 3198 return 0; 3199} 3200 3201static int hciops_unblock_device(int index, bdaddr_t *bdaddr) 3202{ 3203 struct dev_info *dev = &devs[index]; 3204 char addr[18]; 3205 3206 ba2str(bdaddr, addr); 3207 DBG("hci%d dba %s", index, addr); 3208 3209 if (ioctl(dev->sk, HCIUNBLOCKADDR, bdaddr) < 0) 3210 return -errno; 3211 3212 return 0; 3213} 3214 3215static int hciops_get_conn_list(int index, GSList **conns) 3216{ 3217 struct dev_info *dev = &devs[index]; 3218 GSList *l; 3219 3220 DBG("hci%d", index); 3221 3222 *conns = NULL; 3223 3224 for (l = dev->connections; l != NULL; l = g_slist_next(l)) { 3225 struct bt_conn *conn = l->data; 3226 3227 *conns = g_slist_append(*conns, 3228 g_memdup(&conn->bdaddr, sizeof(bdaddr_t))); 3229 } 3230 3231 return 0; 3232} 3233 3234static int hciops_read_local_features(int index, uint8_t *features) 3235{ 3236 struct dev_info *dev = &devs[index]; 3237 3238 DBG("hci%d", index); 3239 3240 memcpy(features, dev->features, 8); 3241 3242 return 0; 3243} 3244 3245static int hciops_disconnect(int index, bdaddr_t *bdaddr) 3246{ 3247 DBG("hci%d", index); 3248 3249 return disconnect_addr(index, bdaddr, HCI_OE_USER_ENDED_CONNECTION); 3250} 3251 3252static int hciops_remove_bonding(int index, bdaddr_t *bdaddr) 3253{ 3254 struct dev_info *dev = &devs[index]; 3255 delete_stored_link_key_cp cp; 3256 GSList *match; 3257 char addr[18]; 3258 3259 ba2str(bdaddr, addr); 3260 DBG("hci%d dba %s", index, addr); 3261 3262 match = g_slist_find_custom(dev->keys, bdaddr, (GCompareFunc) bacmp); 3263 if (match) { 3264 g_free(match->data); 3265 dev->keys = g_slist_delete_link(dev->keys, match); 3266 } 3267 3268 memset(&cp, 0, sizeof(cp)); 3269 bacpy(&cp.bdaddr, bdaddr); 3270 3271 /* Delete the link key from the Bluetooth chip */ 3272 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_DELETE_STORED_LINK_KEY, 3273 DELETE_STORED_LINK_KEY_CP_SIZE, &cp) < 0) 3274 return -errno; 3275 3276 return 0; 3277} 3278 3279static int hciops_pincode_reply(int index, bdaddr_t *bdaddr, const char *pin) 3280{ 3281 struct dev_info *dev = &devs[index]; 3282 char addr[18]; 3283 int err; 3284 3285 ba2str(bdaddr, addr); 3286 DBG("hci%d dba %s", index, addr); 3287 3288 if (pin) { 3289 pin_code_reply_cp pr; 3290 size_t len = strlen(pin); 3291 3292 dev->pin_length = len; 3293 3294 memset(&pr, 0, sizeof(pr)); 3295 bacpy(&pr.bdaddr, bdaddr); 3296 memcpy(pr.pin_code, pin, len); 3297 pr.pin_len = len; 3298 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 3299 OCF_PIN_CODE_REPLY, 3300 PIN_CODE_REPLY_CP_SIZE, &pr); 3301 } else 3302 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 3303 OCF_PIN_CODE_NEG_REPLY, 6, bdaddr); 3304 3305 if (err < 0) 3306 err = -errno; 3307 3308 return err; 3309} 3310 3311static int hciops_passkey_reply(int index, bdaddr_t *bdaddr, uint32_t passkey) 3312{ 3313 struct dev_info *dev = &devs[index]; 3314 char addr[18]; 3315 int err; 3316 3317 ba2str(bdaddr, addr); 3318 DBG("hci%d dba %s", index, addr); 3319 3320 if (passkey != INVALID_PASSKEY) { 3321 user_passkey_reply_cp cp; 3322 3323 memset(&cp, 0, sizeof(cp)); 3324 bacpy(&cp.bdaddr, bdaddr); 3325 cp.passkey = passkey; 3326 3327 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 3328 OCF_USER_PASSKEY_REPLY, 3329 USER_PASSKEY_REPLY_CP_SIZE, &cp); 3330 } else 3331 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 3332 OCF_USER_PASSKEY_NEG_REPLY, 6, bdaddr); 3333 3334 if (err < 0) 3335 err = -errno; 3336 3337 return err; 3338} 3339 3340static int hciops_enable_le(int index) 3341{ 3342 struct dev_info *dev = &devs[index]; 3343 write_le_host_supported_cp cp; 3344 3345 DBG("hci%d", index); 3346 3347 if (!(dev->features[4] & LMP_LE)) 3348 return -ENOTSUP; 3349 3350 cp.le = 0x01; 3351 cp.simul = (dev->features[6] & LMP_LE_BREDR) ? 0x01 : 0x00; 3352 3353 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 3354 OCF_WRITE_LE_HOST_SUPPORTED, 3355 WRITE_LE_HOST_SUPPORTED_CP_SIZE, &cp) < 0) 3356 return -errno; 3357 3358 return 0; 3359} 3360 3361static uint8_t generate_service_class(int index) 3362{ 3363 struct dev_info *dev = &devs[index]; 3364 GSList *l; 3365 uint8_t val = 0; 3366 3367 for (l = dev->uuids; l != NULL; l = g_slist_next(l)) { 3368 struct uuid_info *uuid = l->data; 3369 3370 val |= uuid->svc_hint; 3371 } 3372 3373 return val; 3374} 3375 3376static int update_service_classes(int index) 3377{ 3378 struct dev_info *dev = &devs[index]; 3379 uint8_t value; 3380 int err; 3381 3382 value = generate_service_class(index); 3383 3384 DBG("hci%d value %u", index, value); 3385 3386 /* Update only the service class, keep the limited bit, 3387 * major/minor class bits intact */ 3388 dev->wanted_cod &= 0x00ffff; 3389 dev->wanted_cod |= (value << 16); 3390 3391 /* If the cache is enabled or an existing CoD write is in progress 3392 * just bail out */ 3393 if (dev->cache_enable || dev->pending_cod) 3394 return 0; 3395 3396 /* If we already have the CoD we want, update EIR and return */ 3397 if (dev->current_cod == dev->wanted_cod) { 3398 update_ext_inquiry_response(index); 3399 return 0; 3400 } 3401 3402 DBG("Changing service classes to 0x%06x", dev->wanted_cod); 3403 3404 err = write_class(index, dev->wanted_cod); 3405 if (err < 0) 3406 error("Adapter class update failed: %s (%d)", 3407 strerror(-err), -err); 3408 3409 return err; 3410} 3411 3412static int hciops_add_uuid(int index, uuid_t *uuid, uint8_t svc_hint) 3413{ 3414 struct dev_info *dev = &devs[index]; 3415 struct uuid_info *info; 3416 3417 DBG("hci%d", index); 3418 3419 info = g_new0(struct uuid_info, 1); 3420 memcpy(&info->uuid, uuid, sizeof(*uuid)); 3421 info->svc_hint = svc_hint; 3422 3423 dev->uuids = g_slist_append(dev->uuids, info); 3424 3425 return update_service_classes(index); 3426} 3427 3428static int hciops_remove_uuid(int index, uuid_t *uuid) 3429{ 3430 struct dev_info *dev = &devs[index]; 3431 GSList *match; 3432 3433 match = g_slist_find_custom(dev->uuids, uuid, sdp_uuid_cmp); 3434 if (match) { 3435 g_free(match->data); 3436 dev->uuids = g_slist_delete_link(dev->uuids, match); 3437 } 3438 3439 DBG("hci%d", index); 3440 3441 return update_service_classes(index); 3442} 3443 3444static int hciops_disable_cod_cache(int index) 3445{ 3446 struct dev_info *dev = &devs[index]; 3447 3448 DBG("hci%d cache_enable %d", index, dev->cache_enable); 3449 3450 if (!dev->cache_enable) 3451 return 0; 3452 3453 DBG("hci%d current_cod 0x%06x wanted_cod 0x%06x", index, 3454 dev->current_cod, dev->wanted_cod); 3455 3456 /* Disable and flush svc cache. All successive service class 3457 * updates * will be written to the device */ 3458 dev->cache_enable = FALSE; 3459 3460 if (dev->current_cod == dev->wanted_cod) { 3461 update_ext_inquiry_response(index); 3462 return 0; 3463 } 3464 3465 return write_class(index, dev->wanted_cod); 3466} 3467 3468static int hciops_restore_powered(int index) 3469{ 3470 struct dev_info *dev = &devs[index]; 3471 3472 if (!dev->already_up && dev->up) 3473 return hciops_power_off(index); 3474 3475 return 0; 3476} 3477 3478static int hciops_load_keys(int index, GSList *keys, gboolean debug_keys) 3479{ 3480 struct dev_info *dev = &devs[index]; 3481 3482 DBG("hci%d keys %d debug_keys %d", index, g_slist_length(keys), 3483 debug_keys); 3484 3485 if (dev->keys != NULL) 3486 return -EEXIST; 3487 3488 dev->keys = keys; 3489 dev->debug_keys = debug_keys; 3490 3491 return 0; 3492} 3493 3494static int hciops_set_io_capability(int index, uint8_t io_capability) 3495{ 3496 struct dev_info *dev = &devs[index]; 3497 3498 dev->io_capability = io_capability; 3499 3500 return 0; 3501} 3502 3503static int request_authentication(int index, bdaddr_t *bdaddr) 3504{ 3505 struct dev_info *dev = &devs[index]; 3506 auth_requested_cp cp; 3507 uint16_t handle; 3508 int err; 3509 3510 DBG("hci%d", index); 3511 3512 err = get_handle(index, bdaddr, &handle); 3513 if (err < 0) 3514 return err; 3515 3516 memset(&cp, 0, sizeof(cp)); 3517 cp.handle = htobs(handle); 3518 3519 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_AUTH_REQUESTED, 3520 AUTH_REQUESTED_CP_SIZE, &cp) < 0) 3521 return -errno; 3522 3523 return 0; 3524} 3525 3526static void bonding_connect_cb(GIOChannel *io, GError *err, gpointer user_data) 3527{ 3528 struct bt_conn *conn = user_data; 3529 struct dev_info *dev = conn->dev; 3530 3531 if (!conn->io) { 3532 if (!err) 3533 g_io_channel_shutdown(io, TRUE, NULL); 3534 return; 3535 } 3536 3537 if (err) 3538 /* Wait proper error to be propagated by bonding complete */ 3539 return; 3540 3541 if (request_authentication(dev->id, &conn->bdaddr) < 0) 3542 goto failed; 3543 3544 return; 3545 3546failed: 3547 bonding_complete(dev, conn, HCI_UNSPECIFIED_ERROR); 3548} 3549 3550static int hciops_create_bonding(int index, bdaddr_t *bdaddr, uint8_t io_cap) 3551{ 3552 struct dev_info *dev = &devs[index]; 3553 BtIOSecLevel sec_level; 3554 struct bt_conn *conn; 3555 GError *err = NULL; 3556 3557 conn = get_connection(dev, bdaddr); 3558 3559 if (conn->io != NULL) 3560 return -EBUSY; 3561 3562 conn->loc_cap = io_cap; 3563 3564 /* If our IO capability is NoInputNoOutput use medium security 3565 * level (i.e. don't require MITM protection) else use high 3566 * security level */ 3567 if (io_cap == 0x03) 3568 sec_level = BT_IO_SEC_MEDIUM; 3569 else 3570 sec_level = BT_IO_SEC_HIGH; 3571 3572 conn->io = bt_io_connect(BT_IO_L2RAW, bonding_connect_cb, conn, 3573 NULL, &err, 3574 BT_IO_OPT_SOURCE_BDADDR, &dev->bdaddr, 3575 BT_IO_OPT_DEST_BDADDR, bdaddr, 3576 BT_IO_OPT_SEC_LEVEL, sec_level, 3577 BT_IO_OPT_INVALID); 3578 if (conn->io == NULL) { 3579 error("bt_io_connect: %s", err->message); 3580 g_error_free(err); 3581 return -EIO; 3582 } 3583 3584 conn->bonding_initiator = TRUE; 3585 3586 return 0; 3587} 3588 3589static int hciops_cancel_bonding(int index, bdaddr_t *bdaddr) 3590{ 3591 struct dev_info *dev = &devs[index]; 3592 struct bt_conn *conn; 3593 3594 DBG("hci%d", index); 3595 3596 conn = find_connection(dev, bdaddr); 3597 if (conn == NULL || conn->io == NULL) 3598 return -ENOTCONN; 3599 3600 g_io_channel_shutdown(conn->io, TRUE, NULL); 3601 g_io_channel_unref(conn->io); 3602 conn->io = NULL; 3603 3604 return 0; 3605} 3606 3607static int hciops_read_local_oob_data(int index) 3608{ 3609 struct dev_info *dev = &devs[index]; 3610 3611 DBG("hci%d", index); 3612 3613 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_READ_LOCAL_OOB_DATA, 0, 0) 3614 < 0) 3615 return -errno; 3616 3617 return 0; 3618} 3619 3620static int hciops_add_remote_oob_data(int index, bdaddr_t *bdaddr, 3621 uint8_t *hash, uint8_t *randomizer) 3622{ 3623 char addr[18]; 3624 struct dev_info *dev = &devs[index]; 3625 GSList *match; 3626 struct oob_data *data; 3627 3628 ba2str(bdaddr, addr); 3629 DBG("hci%d bdaddr %s", index, addr); 3630 3631 match = g_slist_find_custom(dev->oob_data, &bdaddr, oob_bdaddr_cmp); 3632 3633 if (match) { 3634 data = match->data; 3635 } else { 3636 data = g_new(struct oob_data, 1); 3637 bacpy(&data->bdaddr, bdaddr); 3638 dev->oob_data = g_slist_prepend(dev->oob_data, data); 3639 } 3640 3641 memcpy(data->hash, hash, sizeof(data->hash)); 3642 memcpy(data->randomizer, randomizer, sizeof(data->randomizer)); 3643 3644 return 0; 3645} 3646 3647static int hciops_remove_remote_oob_data(int index, bdaddr_t *bdaddr) 3648{ 3649 char addr[18]; 3650 struct dev_info *dev = &devs[index]; 3651 GSList *match; 3652 3653 ba2str(bdaddr, addr); 3654 DBG("hci%d bdaddr %s", index, addr); 3655 3656 match = g_slist_find_custom(dev->oob_data, &bdaddr, oob_bdaddr_cmp); 3657 3658 if (!match) 3659 return -ENOENT; 3660 3661 g_free(match->data); 3662 dev->oob_data = g_slist_delete_link(dev->oob_data, match); 3663 3664 return 0; 3665} 3666 3667static struct btd_adapter_ops hci_ops = { 3668 .setup = hciops_setup, 3669 .cleanup = hciops_cleanup, 3670 .set_powered = hciops_set_powered, 3671 .set_discoverable = hciops_set_discoverable, 3672 .set_pairable = hciops_set_pairable, 3673 .set_limited_discoverable = hciops_set_limited_discoverable, 3674 .start_inquiry = hciops_start_inquiry, 3675 .stop_inquiry = hciops_stop_inquiry, 3676 .start_scanning = hciops_start_scanning, 3677 .stop_scanning = hciops_stop_scanning, 3678 .resolve_name = hciops_resolve_name, 3679 .cancel_resolve_name = hciops_cancel_resolve_name, 3680 .set_name = hciops_set_name, 3681 .set_dev_class = hciops_set_dev_class, 3682 .set_fast_connectable = hciops_fast_connectable, 3683 .read_clock = hciops_read_clock, 3684 .read_bdaddr = hciops_read_bdaddr, 3685 .block_device = hciops_block_device, 3686 .unblock_device = hciops_unblock_device, 3687 .get_conn_list = hciops_get_conn_list, 3688 .read_local_features = hciops_read_local_features, 3689 .disconnect = hciops_disconnect, 3690 .remove_bonding = hciops_remove_bonding, 3691 .pincode_reply = hciops_pincode_reply, 3692 .confirm_reply = hciops_confirm_reply, 3693 .passkey_reply = hciops_passkey_reply, 3694 .enable_le = hciops_enable_le, 3695 .encrypt_link = hciops_encrypt_link, 3696 .set_did = hciops_set_did, 3697 .add_uuid = hciops_add_uuid, 3698 .remove_uuid = hciops_remove_uuid, 3699 .disable_cod_cache = hciops_disable_cod_cache, 3700 .restore_powered = hciops_restore_powered, 3701 .load_keys = hciops_load_keys, 3702 .set_io_capability = hciops_set_io_capability, 3703 .create_bonding = hciops_create_bonding, 3704 .cancel_bonding = hciops_cancel_bonding, 3705 .read_local_oob_data = hciops_read_local_oob_data, 3706 .add_remote_oob_data = hciops_add_remote_oob_data, 3707 .remove_remote_oob_data = hciops_remove_remote_oob_data, 3708}; 3709 3710static int hciops_init(void) 3711{ 3712 DBG(""); 3713 return btd_register_adapter_ops(&hci_ops, FALSE); 3714} 3715 3716static void hciops_exit(void) 3717{ 3718 DBG(""); 3719 btd_adapter_cleanup_ops(&hci_ops); 3720} 3721 3722BLUETOOTH_PLUGIN_DEFINE(hciops, VERSION, 3723 BLUETOOTH_PLUGIN_PRIORITY_LOW, hciops_init, hciops_exit) 3724