hciops.c revision f674830abac4c9e7ee4d96a354e0f7850942d548
1/* 2 * 3 * BlueZ - Bluetooth protocol stack for Linux 4 * 5 * Copyright (C) 2004-2010 Marcel Holtmann <marcel@holtmann.org> 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 20 * 21 */ 22 23#ifdef HAVE_CONFIG_H 24#include <config.h> 25#endif 26 27#include <stdio.h> 28#include <errno.h> 29#include <unistd.h> 30#include <stdlib.h> 31#include <sys/types.h> 32#include <sys/ioctl.h> 33#include <sys/wait.h> 34 35#include <bluetooth/bluetooth.h> 36#include <bluetooth/hci.h> 37#include <bluetooth/hci_lib.h> 38 39#include <glib.h> 40 41#include "hcid.h" 42#include "sdpd.h" 43#include "adapter.h" 44#include "plugin.h" 45#include "log.h" 46#include "storage.h" 47#include "event.h" 48#include "device.h" 49#include "manager.h" 50 51static int child_pipe[2] = { -1, -1 }; 52 53static guint child_io_id = 0; 54static guint ctl_io_id = 0; 55 56/* Commands sent by kernel on starting an adapter */ 57enum { 58 PENDING_BDADDR, 59 PENDING_VERSION, 60 PENDING_FEATURES, 61 PENDING_NAME, 62}; 63 64static int max_dev = -1; 65static struct dev_info { 66 int sk; 67 bdaddr_t bdaddr; 68 char name[249]; 69 uint8_t eir[240]; 70 uint8_t features[8]; 71 uint8_t ssp_mode; 72 73 int8_t tx_power; 74 75 uint32_t current_cod; 76 uint32_t wanted_cod; 77 uint32_t pending_cod; 78 gboolean cache_enable; 79 gboolean already_up; 80 gboolean registered; 81 82 struct hci_version ver; 83 84 uint16_t did_vendor; 85 uint16_t did_product; 86 uint16_t did_version; 87 88 gboolean up; 89 unsigned long pending; 90 91 GIOChannel *io; 92 guint watch_id; 93 94 GSList *keys; 95 int pin_length; 96} *devs = NULL; 97 98static int ignore_device(struct hci_dev_info *di) 99{ 100 return hci_test_bit(HCI_RAW, &di->flags) || di->type >> 4 != HCI_BREDR; 101} 102 103static void init_dev_info(int index, int sk, gboolean registered) 104{ 105 struct dev_info *dev = &devs[index]; 106 107 memset(dev, 0, sizeof(*dev)); 108 109 dev->sk = sk; 110 dev->pin_length = -1; 111 dev->cache_enable = TRUE; 112 dev->registered = registered; 113} 114 115/* Async HCI command handling with callback support */ 116 117struct hci_cmd_data { 118 bt_hci_result_t cb; 119 uint16_t handle; 120 uint16_t ocf; 121 gpointer caller_data; 122}; 123 124static gboolean hci_event_watch(GIOChannel *io, 125 GIOCondition cond, gpointer user_data) 126{ 127 unsigned char buf[HCI_MAX_EVENT_SIZE], *body; 128 struct hci_cmd_data *cmd = user_data; 129 evt_cmd_status *evt_status; 130 evt_auth_complete *evt_auth; 131 evt_encrypt_change *evt_enc; 132 hci_event_hdr *hdr; 133 set_conn_encrypt_cp cp; 134 int dd; 135 uint16_t ocf; 136 uint8_t status = HCI_OE_POWER_OFF; 137 138 if (cond & G_IO_NVAL) { 139 cmd->cb(status, cmd->caller_data); 140 return FALSE; 141 } 142 143 if (cond & (G_IO_ERR | G_IO_HUP)) 144 goto failed; 145 146 dd = g_io_channel_unix_get_fd(io); 147 148 if (read(dd, buf, sizeof(buf)) < 0) 149 goto failed; 150 151 hdr = (hci_event_hdr *) (buf + 1); 152 body = buf + (1 + HCI_EVENT_HDR_SIZE); 153 154 switch (hdr->evt) { 155 case EVT_CMD_STATUS: 156 evt_status = (evt_cmd_status *) body; 157 ocf = cmd_opcode_ocf(evt_status->opcode); 158 if (ocf != cmd->ocf) 159 return TRUE; 160 switch (ocf) { 161 case OCF_AUTH_REQUESTED: 162 case OCF_SET_CONN_ENCRYPT: 163 if (evt_status->status != 0) { 164 /* Baseband rejected command */ 165 status = evt_status->status; 166 goto failed; 167 } 168 break; 169 default: 170 return TRUE; 171 } 172 /* Wait for the next event */ 173 return TRUE; 174 case EVT_AUTH_COMPLETE: 175 evt_auth = (evt_auth_complete *) body; 176 if (evt_auth->handle != cmd->handle) { 177 /* Skipping */ 178 return TRUE; 179 } 180 181 if (evt_auth->status != 0x00) { 182 status = evt_auth->status; 183 /* Abort encryption */ 184 goto failed; 185 } 186 187 memset(&cp, 0, sizeof(cp)); 188 cp.handle = cmd->handle; 189 cp.encrypt = 1; 190 191 cmd->ocf = OCF_SET_CONN_ENCRYPT; 192 193 if (hci_send_cmd(dd, OGF_LINK_CTL, OCF_SET_CONN_ENCRYPT, 194 SET_CONN_ENCRYPT_CP_SIZE, &cp) < 0) { 195 status = HCI_COMMAND_DISALLOWED; 196 goto failed; 197 } 198 /* Wait for encrypt change event */ 199 return TRUE; 200 case EVT_ENCRYPT_CHANGE: 201 evt_enc = (evt_encrypt_change *) body; 202 if (evt_enc->handle != cmd->handle) 203 return TRUE; 204 205 /* Procedure finished: reporting status */ 206 status = evt_enc->status; 207 break; 208 default: 209 /* Skipping */ 210 return TRUE; 211 } 212 213failed: 214 cmd->cb(status, cmd->caller_data); 215 g_io_channel_shutdown(io, TRUE, NULL); 216 217 return FALSE; 218} 219 220static int write_inq_mode(int index, uint8_t mode) 221{ 222 struct dev_info *dev = &devs[index]; 223 write_inquiry_mode_cp cp; 224 225 memset(&cp, 0, sizeof(cp)); 226 cp.mode = mode; 227 228 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_INQUIRY_MODE, 229 WRITE_INQUIRY_MODE_CP_SIZE, &cp) < 0) 230 return -errno; 231 232 return 0; 233} 234 235static uint8_t get_inquiry_mode(int index) 236{ 237 struct dev_info *dev = &devs[index]; 238 239 if (dev->features[6] & LMP_EXT_INQ) 240 return 2; 241 242 if (dev->features[3] & LMP_RSSI_INQ) 243 return 1; 244 245 if (dev->ver.manufacturer == 11 && dev->ver.hci_rev == 0x00 && 246 dev->ver.lmp_subver == 0x0757) 247 return 1; 248 249 if (dev->ver.manufacturer == 15) { 250 if (dev->ver.hci_rev == 0x03 && 251 dev->ver.lmp_subver == 0x6963) 252 return 1; 253 if (dev->ver.hci_rev == 0x09 && 254 dev->ver.lmp_subver == 0x6963) 255 return 1; 256 if (dev->ver.hci_rev == 0x00 && 257 dev->ver.lmp_subver == 0x6965) 258 return 1; 259 } 260 261 if (dev->ver.manufacturer == 31 && dev->ver.hci_rev == 0x2005 && 262 dev->ver.lmp_subver == 0x1805) 263 return 1; 264 265 return 0; 266} 267 268static int init_ssp_mode(int index) 269{ 270 struct dev_info *dev = &devs[index]; 271 write_simple_pairing_mode_cp cp; 272 273 if (ioctl(dev->sk, HCIGETAUTHINFO, NULL) < 0 && errno == EINVAL) 274 return 0; 275 276 memset(&cp, 0, sizeof(cp)); 277 cp.mode = 0x01; 278 279 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 280 OCF_WRITE_SIMPLE_PAIRING_MODE, 281 WRITE_SIMPLE_PAIRING_MODE_CP_SIZE, &cp) < 0) 282 return -errno; 283 284 return 0; 285} 286 287static int hciops_set_discoverable(int index, gboolean discoverable) 288{ 289 struct dev_info *dev = &devs[index]; 290 uint8_t mode; 291 292 if (discoverable) 293 mode = (SCAN_PAGE | SCAN_INQUIRY); 294 else 295 mode = SCAN_PAGE; 296 297 DBG("hci%d discoverable %d", index, discoverable); 298 299 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE, 300 1, &mode) < 0) 301 return -errno; 302 303 return 0; 304} 305 306static int hciops_set_pairable(int index, gboolean pairable) 307{ 308 DBG("hci%d pairable %d", index, pairable); 309 return -ENOSYS; 310} 311 312static int hciops_power_off(int index) 313{ 314 struct dev_info *dev = &devs[index]; 315 uint8_t mode = SCAN_DISABLED; 316 317 DBG("hci%d", index); 318 319 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 320 OCF_WRITE_SCAN_ENABLE, 1, &mode) < 0) 321 return -errno; 322 323 if (ioctl(dev->sk, HCIDEVDOWN, index) < 0 && errno != EALREADY) 324 return -errno; 325 326 return 0; 327} 328 329static void start_adapter(int index) 330{ 331 struct dev_info *dev = &devs[index]; 332 uint8_t events[8] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f, 0x00, 0x00 }; 333 uint8_t inqmode; 334 uint16_t link_policy; 335 336 if (dev->ver.lmp_ver > 1) { 337 if (dev->features[5] & LMP_SNIFF_SUBR) 338 events[5] |= 0x20; 339 340 if (dev->features[5] & LMP_PAUSE_ENC) 341 events[5] |= 0x80; 342 343 if (dev->features[6] & LMP_EXT_INQ) 344 events[5] |= 0x40; 345 346 if (dev->features[6] & LMP_NFLUSH_PKTS) 347 events[7] |= 0x01; 348 349 if (dev->features[7] & LMP_LSTO) 350 events[6] |= 0x80; 351 352 if (dev->features[6] & LMP_SIMPLE_PAIR) { 353 events[6] |= 0x01; /* IO Capability Request */ 354 events[6] |= 0x02; /* IO Capability Response */ 355 events[6] |= 0x04; /* User Confirmation Request */ 356 events[6] |= 0x08; /* User Passkey Request */ 357 events[6] |= 0x10; /* Remote OOB Data Request */ 358 events[6] |= 0x20; /* Simple Pairing Complete */ 359 events[7] |= 0x04; /* User Passkey Notification */ 360 events[7] |= 0x08; /* Keypress Notification */ 361 events[7] |= 0x10; /* Remote Host Supported 362 * Features Notification */ 363 } 364 365 if (dev->features[4] & LMP_LE) 366 events[7] |= 0x20; /* LE Meta-Event */ 367 368 hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_SET_EVENT_MASK, 369 sizeof(events), events); 370 } 371 372 if (dev->features[6] & LMP_SIMPLE_PAIR) 373 init_ssp_mode(index); 374 375 inqmode = get_inquiry_mode(index); 376 if (inqmode) 377 write_inq_mode(index, inqmode); 378 379 if (dev->features[7] & LMP_INQ_TX_PWR) 380 hci_send_cmd(dev->sk, OGF_HOST_CTL, 381 OCF_READ_INQ_RESPONSE_TX_POWER_LEVEL, 0, NULL); 382 383 /* Set default link policy */ 384 link_policy = main_opts.link_policy; 385 386 if (!(dev->features[0] & LMP_RSWITCH)) 387 link_policy &= ~HCI_LP_RSWITCH; 388 if (!(dev->features[0] & LMP_HOLD)) 389 link_policy &= ~HCI_LP_HOLD; 390 if (!(dev->features[0] & LMP_SNIFF)) 391 link_policy &= ~HCI_LP_SNIFF; 392 if (!(dev->features[1] & LMP_PARK)) 393 link_policy &= ~HCI_LP_PARK; 394 395 link_policy = htobs(link_policy); 396 hci_send_cmd(dev->sk, OGF_LINK_POLICY, OCF_WRITE_DEFAULT_LINK_POLICY, 397 sizeof(link_policy), &link_policy); 398 399 dev->current_cod = 0; 400 memset(dev->eir, 0, sizeof(dev->eir)); 401} 402 403static gboolean init_adapter(int index) 404{ 405 struct dev_info *dev = &devs[index]; 406 struct btd_adapter *adapter = NULL; 407 gboolean existing_adapter = dev->registered; 408 uint8_t mode, on_mode; 409 gboolean pairable, discoverable; 410 411 if (!dev->registered) { 412 adapter = btd_manager_register_adapter(index); 413 if (adapter) 414 dev->registered = TRUE; 415 } else { 416 adapter = manager_find_adapter(&dev->bdaddr); 417 /* FIXME: manager_find_adapter should return a new ref */ 418 btd_adapter_ref(adapter); 419 } 420 421 if (adapter == NULL) 422 return FALSE; 423 424 btd_adapter_get_state(adapter, &mode, &on_mode, &pairable); 425 426 if (existing_adapter) 427 mode = on_mode; 428 429 if (mode == MODE_OFF) { 430 hciops_power_off(index); 431 goto done; 432 } 433 434 start_adapter(index); 435 btd_adapter_start(adapter); 436 437 discoverable = (mode == MODE_DISCOVERABLE); 438 439 hciops_set_discoverable(index, discoverable); 440 hciops_set_pairable(index, pairable); 441 442done: 443 btd_adapter_unref(adapter); 444 return TRUE; 445} 446 447static int hciops_encrypt_link(int index, bdaddr_t *dst, bt_hci_result_t cb, 448 gpointer user_data) 449{ 450 GIOChannel *io; 451 struct hci_cmd_data *cmd; 452 struct hci_conn_info_req *cr; 453 auth_requested_cp cp; 454 struct hci_filter nf; 455 int dd, err; 456 uint32_t link_mode; 457 uint16_t handle; 458 459 dd = hci_open_dev(index); 460 if (dd < 0) 461 return -errno; 462 463 cr = g_malloc0(sizeof(*cr) + sizeof(struct hci_conn_info)); 464 cr->type = ACL_LINK; 465 bacpy(&cr->bdaddr, dst); 466 467 err = ioctl(dd, HCIGETCONNINFO, cr); 468 link_mode = cr->conn_info->link_mode; 469 handle = cr->conn_info->handle; 470 g_free(cr); 471 472 if (err < 0) { 473 err = -errno; 474 goto fail; 475 } 476 477 if (link_mode & HCI_LM_ENCRYPT) { 478 err = -EALREADY; 479 goto fail; 480 } 481 482 memset(&cp, 0, sizeof(cp)); 483 cp.handle = htobs(handle); 484 485 if (hci_send_cmd(dd, OGF_LINK_CTL, OCF_AUTH_REQUESTED, 486 AUTH_REQUESTED_CP_SIZE, &cp) < 0) { 487 err = -errno; 488 goto fail; 489 } 490 491 cmd = g_new0(struct hci_cmd_data, 1); 492 cmd->handle = handle; 493 cmd->ocf = OCF_AUTH_REQUESTED; 494 cmd->cb = cb; 495 cmd->caller_data = user_data; 496 497 hci_filter_clear(&nf); 498 hci_filter_set_ptype(HCI_EVENT_PKT, &nf); 499 hci_filter_set_event(EVT_CMD_STATUS, &nf); 500 hci_filter_set_event(EVT_AUTH_COMPLETE, &nf); 501 hci_filter_set_event(EVT_ENCRYPT_CHANGE, &nf); 502 503 if (setsockopt(dd, SOL_HCI, HCI_FILTER, &nf, sizeof(nf)) < 0) { 504 err = -errno; 505 g_free(cmd); 506 goto fail; 507 } 508 509 io = g_io_channel_unix_new(dd); 510 g_io_channel_set_close_on_unref(io, FALSE); 511 g_io_add_watch_full(io, G_PRIORITY_DEFAULT, 512 G_IO_HUP | G_IO_ERR | G_IO_NVAL | G_IO_IN, 513 hci_event_watch, cmd, g_free); 514 g_io_channel_unref(io); 515 516 return 0; 517 518fail: 519 close(dd); 520 return err; 521} 522 523static int hciops_set_did(int index, uint16_t vendor, uint16_t product, 524 uint16_t version) 525{ 526 struct dev_info *dev = &devs[index]; 527 528 dev->did_vendor = vendor; 529 dev->did_product = product; 530 dev->did_version = version; 531 532 return 0; 533} 534 535/* End async HCI command handling */ 536 537/* Start of HCI event callbacks */ 538 539static int get_handle(int index, const bdaddr_t *bdaddr, uint16_t *handle) 540{ 541 struct dev_info *dev = &devs[index]; 542 struct hci_conn_info_req *cr; 543 char addr[18]; 544 int err; 545 546 ba2str(bdaddr, addr); 547 DBG("hci%d dba %s", index, addr); 548 549 cr = g_malloc0(sizeof(*cr) + sizeof(struct hci_conn_info)); 550 bacpy(&cr->bdaddr, bdaddr); 551 cr->type = ACL_LINK; 552 553 if (ioctl(dev->sk, HCIGETCONNINFO, (unsigned long) cr) < 0) { 554 err = -errno; 555 goto fail; 556 } 557 558 err = 0; 559 *handle = cr->conn_info->handle; 560 561fail: 562 g_free(cr); 563 return err; 564} 565 566static int disconnect_addr(int index, bdaddr_t *dba, uint8_t reason) 567{ 568 disconnect_cp cp; 569 uint16_t handle; 570 int err; 571 572 err = get_handle(index, dba, &handle); 573 if (err < 0) 574 return err; 575 576 memset(&cp, 0, sizeof(cp)); 577 cp.handle = htobs(handle); 578 cp.reason = reason; 579 580 if (hci_send_cmd(devs[index].sk, OGF_LINK_CTL, OCF_DISCONNECT, 581 DISCONNECT_CP_SIZE, &cp) < 0) 582 return -errno; 583 584 return 0; 585} 586 587static inline int get_bdaddr(int index, uint16_t handle, bdaddr_t *dba) 588{ 589 struct dev_info *dev = &devs[index]; 590 struct hci_conn_list_req *cl; 591 struct hci_conn_info *ci; 592 int i; 593 594 cl = g_malloc0(10 * sizeof(*ci) + sizeof(*cl)); 595 596 cl->dev_id = index; 597 cl->conn_num = 10; 598 ci = cl->conn_info; 599 600 if (ioctl(dev->sk, HCIGETCONNLIST, (void *) cl) < 0) { 601 g_free(cl); 602 return -EIO; 603 } 604 605 for (i = 0; i < cl->conn_num; i++, ci++) 606 if (ci->handle == handle) { 607 bacpy(dba, &ci->bdaddr); 608 g_free(cl); 609 return 0; 610 } 611 612 g_free(cl); 613 614 return -ENOENT; 615} 616 617/* Link Key handling */ 618 619static void link_key_request(int index, bdaddr_t *dba) 620{ 621 struct dev_info *dev = &devs[index]; 622 struct btd_adapter *adapter; 623 struct btd_device *device; 624 struct hci_auth_info_req req; 625 GSList *match; 626 struct link_key_info *key_info; 627 unsigned char key[16]; 628 char da[18]; 629 uint8_t type; 630 int err; 631 632 ba2str(dba, da); 633 DBG("hci%d dba %s", index, da); 634 635 adapter = manager_find_adapter(&dev->bdaddr); 636 if (adapter) 637 device = adapter_find_device(adapter, da); 638 else 639 device = NULL; 640 641 memset(&req, 0, sizeof(req)); 642 bacpy(&req.bdaddr, dba); 643 644 err = ioctl(dev->sk, HCIGETAUTHINFO, (unsigned long) &req); 645 if (err < 0) { 646 if (errno != EINVAL) 647 DBG("HCIGETAUTHINFO failed %s (%d)", 648 strerror(errno), errno); 649 req.type = 0x00; 650 } 651 652 DBG("kernel auth requirements = 0x%02x", req.type); 653 654 match = g_slist_find_custom(dev->keys, dba, (GCompareFunc) bacmp); 655 if (match) 656 key_info = match->data; 657 else 658 key_info = NULL; 659 660 DBG("Matching key %s", key_info ? "found" : "not found"); 661 662 if (key_info) { 663 memcpy(key, key_info->key, sizeof(key)); 664 type = key_info->type; 665 } else 666 type = 0xff; 667 668 if (device && device_get_debug_key(device, key)) 669 type = 0x03; 670 else if (key_info == NULL || key_info->type == 0x03) { 671 /* Link key not found */ 672 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_LINK_KEY_NEG_REPLY, 673 6, dba); 674 return; 675 } 676 677 /* Link key found */ 678 679 DBG("link key type 0x%02x", type); 680 681 /* Don't use unauthenticated combination keys if MITM is 682 * required */ 683 if (type == 0x04 && req.type != 0xff && (req.type & 0x01)) 684 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_LINK_KEY_NEG_REPLY, 685 6, dba); 686 else { 687 link_key_reply_cp lr; 688 689 memcpy(lr.link_key, key, 16); 690 bacpy(&lr.bdaddr, dba); 691 692 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_LINK_KEY_REPLY, 693 LINK_KEY_REPLY_CP_SIZE, &lr); 694 } 695} 696 697static void link_key_notify(int index, void *ptr) 698{ 699 struct dev_info *dev = &devs[index]; 700 evt_link_key_notify *evt = ptr; 701 bdaddr_t *dba = &evt->bdaddr; 702 struct link_key_info *key_info; 703 GSList *match; 704 uint8_t old_key_type, reason; 705 char da[18]; 706 int err; 707 708 ba2str(dba, da); 709 DBG("hci%d dba %s type %d", index, da, evt->key_type); 710 711 match = g_slist_find_custom(dev->keys, dba, (GCompareFunc) bacmp); 712 if (match) 713 key_info = match->data; 714 else 715 key_info = NULL; 716 717 if (key_info == NULL) { 718 key_info = g_new0(struct link_key_info, 1); 719 bacpy(&key_info->bdaddr, &evt->bdaddr); 720 old_key_type = 0xff; 721 } else { 722 dev->keys = g_slist_remove(dev->keys, key_info); 723 old_key_type = key_info->type; 724 } 725 726 memcpy(key_info->key, evt->link_key, sizeof(evt->link_key)); 727 key_info->type = evt->key_type; 728 key_info->pin_len = dev->pin_length; 729 730 err = btd_event_link_key_notify(&dev->bdaddr, dba, evt->link_key, 731 evt->key_type, dev->pin_length, 732 old_key_type); 733 dev->pin_length = -1; 734 735 if (err == 0) { 736 dev->keys = g_slist_append(dev->keys, key_info); 737 return; 738 } 739 740 g_free(key_info); 741 742 if (err == -ENODEV) 743 reason = HCI_OE_LOW_RESOURCES; 744 else 745 reason = HCI_MEMORY_FULL; 746 747 btd_event_bonding_process_complete(&dev->bdaddr, dba, reason); 748 749 disconnect_addr(index, dba, reason); 750} 751 752static void return_link_keys(int index, void *ptr) 753{ 754 struct dev_info *dev = &devs[index]; 755 evt_return_link_keys *evt = ptr; 756 uint8_t num = evt->num_keys; 757 unsigned char key[16]; 758 char da[18]; 759 bdaddr_t dba; 760 int i; 761 762 DBG("hci%d num_keys %u", index, num); 763 764 ptr++; 765 766 for (i = 0; i < num; i++) { 767 bacpy(&dba, ptr); ba2str(&dba, da); 768 memcpy(key, ptr + 6, 16); 769 770 DBG("hci%d returned key for %s", index, da); 771 772 btd_event_returned_link_key(&dev->bdaddr, &dba); 773 774 ptr += 22; 775 } 776} 777 778/* Simple Pairing handling */ 779 780static void user_confirm_request(int index, void *ptr) 781{ 782 struct dev_info *dev = &devs[index]; 783 evt_user_confirm_request *req = ptr; 784 785 DBG("hci%d", index); 786 787 if (btd_event_user_confirm(&dev->bdaddr, &req->bdaddr, 788 btohl(req->passkey)) < 0) 789 hci_send_cmd(dev->sk, OGF_LINK_CTL, 790 OCF_USER_CONFIRM_NEG_REPLY, 6, ptr); 791} 792 793static void user_passkey_request(int index, void *ptr) 794{ 795 struct dev_info *dev = &devs[index]; 796 evt_user_passkey_request *req = ptr; 797 798 DBG("hci%d", index); 799 800 if (btd_event_user_passkey(&dev->bdaddr, &req->bdaddr) < 0) 801 hci_send_cmd(dev->sk, OGF_LINK_CTL, 802 OCF_USER_PASSKEY_NEG_REPLY, 6, ptr); 803} 804 805static void user_passkey_notify(int index, void *ptr) 806{ 807 struct dev_info *dev = &devs[index]; 808 evt_user_passkey_notify *req = ptr; 809 810 DBG("hci%d", index); 811 812 btd_event_user_notify(&dev->bdaddr, &req->bdaddr, 813 btohl(req->passkey)); 814} 815 816static void remote_oob_data_request(int index, void *ptr) 817{ 818 struct dev_info *dev = &devs[index]; 819 820 DBG("hci%d", index); 821 822 hci_send_cmd(dev->sk, OGF_LINK_CTL, 823 OCF_REMOTE_OOB_DATA_NEG_REPLY, 6, ptr); 824} 825 826static void io_capa_request(int index, void *ptr) 827{ 828 struct dev_info *dev = &devs[index]; 829 bdaddr_t *dba = ptr; 830 char da[18]; 831 uint8_t cap, auth; 832 833 ba2str(dba, da); 834 DBG("hci%d IO capability request for %s", index, da); 835 836 if (btd_event_get_io_cap(&dev->bdaddr, dba, &cap, &auth) < 0) { 837 io_capability_neg_reply_cp cp; 838 memset(&cp, 0, sizeof(cp)); 839 bacpy(&cp.bdaddr, dba); 840 cp.reason = HCI_PAIRING_NOT_ALLOWED; 841 hci_send_cmd(dev->sk, OGF_LINK_CTL, 842 OCF_IO_CAPABILITY_NEG_REPLY, 843 IO_CAPABILITY_NEG_REPLY_CP_SIZE, &cp); 844 } else { 845 io_capability_reply_cp cp; 846 memset(&cp, 0, sizeof(cp)); 847 bacpy(&cp.bdaddr, dba); 848 cp.capability = cap; 849 cp.oob_data = 0x00; 850 cp.authentication = auth; 851 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_IO_CAPABILITY_REPLY, 852 IO_CAPABILITY_REPLY_CP_SIZE, &cp); 853 } 854} 855 856static void io_capa_response(int index, void *ptr) 857{ 858 struct dev_info *dev = &devs[index]; 859 evt_io_capability_response *evt = ptr; 860 char da[18]; 861 862 ba2str(&evt->bdaddr, da); 863 DBG("hci%d IO capability response from %s", index, da); 864 865 btd_event_set_io_cap(&dev->bdaddr, &evt->bdaddr, 866 evt->capability, evt->authentication); 867} 868 869/* PIN code handling */ 870 871static void pin_code_request(int index, bdaddr_t *dba) 872{ 873 struct dev_info *dev = &devs[index]; 874 char addr[18]; 875 int err; 876 877 ba2str(dba, addr); 878 DBG("hci%d PIN request for %s", index, addr); 879 880 err = btd_event_request_pin(&dev->bdaddr, dba); 881 if (err < 0) { 882 error("PIN code negative reply: %s", strerror(-err)); 883 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_PIN_CODE_NEG_REPLY, 884 6, dba); 885 } 886} 887 888static void start_inquiry(bdaddr_t *local, uint8_t status, gboolean periodic) 889{ 890 struct btd_adapter *adapter; 891 int state; 892 893 /* Don't send the signal if the cmd failed */ 894 if (status) { 895 error("Inquiry Failed with status 0x%02x", status); 896 return; 897 } 898 899 adapter = manager_find_adapter(local); 900 if (!adapter) { 901 error("Unable to find matching adapter"); 902 return; 903 } 904 905 state = adapter_get_state(adapter); 906 907 if (periodic) 908 state |= STATE_PINQ; 909 else 910 state |= STATE_STDINQ; 911 912 adapter_set_state(adapter, state); 913} 914 915static void inquiry_complete(bdaddr_t *local, uint8_t status, 916 gboolean periodic) 917{ 918 struct btd_adapter *adapter; 919 int state; 920 921 /* Don't send the signal if the cmd failed */ 922 if (status) { 923 error("Inquiry Failed with status 0x%02x", status); 924 return; 925 } 926 927 adapter = manager_find_adapter(local); 928 if (!adapter) { 929 error("Unable to find matching adapter"); 930 return; 931 } 932 933 state = adapter_get_state(adapter); 934 state &= ~(STATE_STDINQ | STATE_PINQ); 935 adapter_set_state(adapter, state); 936} 937 938static inline void remote_features_notify(int index, void *ptr) 939{ 940 struct dev_info *dev = &devs[index]; 941 evt_remote_host_features_notify *evt = ptr; 942 943 if (evt->features[0] & 0x01) 944 btd_event_set_legacy_pairing(&dev->bdaddr, &evt->bdaddr, 945 FALSE); 946 else 947 btd_event_set_legacy_pairing(&dev->bdaddr, &evt->bdaddr, 948 TRUE); 949 950 write_features_info(&dev->bdaddr, &evt->bdaddr, NULL, evt->features); 951} 952 953static void write_le_host_complete(int index, uint8_t status) 954{ 955 struct dev_info *dev = &devs[index]; 956 uint8_t page_num = 0x01; 957 958 if (status) 959 return; 960 961 if (hci_send_cmd(dev->sk, OGF_INFO_PARAM, 962 OCF_READ_LOCAL_EXT_FEATURES, 1, &page_num) < 0) 963 error("Unable to read extended local features: %s (%d)", 964 strerror(errno), errno); 965} 966 967static void read_local_version_complete(int index, 968 const read_local_version_rp *rp) 969{ 970 struct dev_info *dev = &devs[index]; 971 972 if (rp->status) 973 return; 974 975 dev->ver.manufacturer = btohs(bt_get_unaligned(&rp->manufacturer)); 976 dev->ver.hci_ver = rp->hci_ver; 977 dev->ver.hci_rev = btohs(bt_get_unaligned(&rp->hci_rev)); 978 dev->ver.lmp_ver = rp->lmp_ver; 979 dev->ver.lmp_subver = btohs(bt_get_unaligned(&rp->lmp_subver)); 980 981 if (!dev->pending) 982 return; 983 984 hci_clear_bit(PENDING_VERSION, &dev->pending); 985 986 DBG("Got version for hci%d", index); 987 988 if (!dev->pending && dev->up) 989 init_adapter(index); 990} 991 992static void read_local_features_complete(int index, 993 const read_local_features_rp *rp) 994{ 995 struct dev_info *dev = &devs[index]; 996 997 if (rp->status) 998 return; 999 1000 memcpy(dev->features, rp->features, 8); 1001 1002 if (!dev->pending) 1003 return; 1004 1005 hci_clear_bit(PENDING_FEATURES, &dev->pending); 1006 1007 DBG("Got features for hci%d", index); 1008 1009 if (!dev->pending && dev->up) 1010 init_adapter(index); 1011} 1012 1013#define SIZEOF_UUID128 16 1014 1015static void eir_generate_uuid128(sdp_list_t *list, 1016 uint8_t *ptr, uint16_t *eir_len) 1017{ 1018 int i, k, uuid_count = 0; 1019 uint16_t len = *eir_len; 1020 uint8_t *uuid128; 1021 gboolean truncated = FALSE; 1022 1023 /* Store UUIDs in place, skip 2 bytes to write type and length later */ 1024 uuid128 = ptr + 2; 1025 1026 for (; list; list = list->next) { 1027 sdp_record_t *rec = list->data; 1028 uint8_t *uuid128_data = rec->svclass.value.uuid128.data; 1029 1030 if (rec->svclass.type != SDP_UUID128) 1031 continue; 1032 1033 /* Stop if not enough space to put next UUID128 */ 1034 if ((len + 2 + SIZEOF_UUID128) > EIR_DATA_LENGTH) { 1035 truncated = TRUE; 1036 break; 1037 } 1038 1039 /* Check for duplicates, EIR data is Little Endian */ 1040 for (i = 0; i < uuid_count; i++) { 1041 for (k = 0; k < SIZEOF_UUID128; k++) { 1042 if (uuid128[i * SIZEOF_UUID128 + k] != 1043 uuid128_data[SIZEOF_UUID128 - 1 - k]) 1044 break; 1045 } 1046 if (k == SIZEOF_UUID128) 1047 break; 1048 } 1049 1050 if (i < uuid_count) 1051 continue; 1052 1053 /* EIR data is Little Endian */ 1054 for (k = 0; k < SIZEOF_UUID128; k++) 1055 uuid128[uuid_count * SIZEOF_UUID128 + k] = 1056 uuid128_data[SIZEOF_UUID128 - 1 - k]; 1057 1058 len += SIZEOF_UUID128; 1059 uuid_count++; 1060 } 1061 1062 if (uuid_count > 0 || truncated) { 1063 /* EIR Data length */ 1064 ptr[0] = (uuid_count * SIZEOF_UUID128) + 1; 1065 /* EIR Data type */ 1066 ptr[1] = truncated ? EIR_UUID128_SOME : EIR_UUID128_ALL; 1067 len += 2; 1068 *eir_len = len; 1069 } 1070} 1071 1072static void create_ext_inquiry_response(int index, uint8_t *data) 1073{ 1074 struct dev_info *dev = &devs[index]; 1075 sdp_list_t *services; 1076 sdp_list_t *list; 1077 uint8_t *ptr = data; 1078 uint16_t eir_len = 0; 1079 uint16_t uuid16[EIR_DATA_LENGTH / 2]; 1080 int i, uuid_count = 0; 1081 gboolean truncated = FALSE; 1082 struct btd_adapter *adapter; 1083 size_t name_len; 1084 1085 name_len = strlen(dev->name); 1086 1087 if (name_len > 0) { 1088 /* EIR Data type */ 1089 if (name_len > 48) { 1090 name_len = 48; 1091 ptr[1] = EIR_NAME_SHORT; 1092 } else 1093 ptr[1] = EIR_NAME_COMPLETE; 1094 1095 /* EIR Data length */ 1096 ptr[0] = name_len + 1; 1097 1098 memcpy(ptr + 2, dev->name, name_len); 1099 1100 eir_len += (name_len + 2); 1101 ptr += (name_len + 2); 1102 } 1103 1104 if (dev->tx_power != 0) { 1105 *ptr++ = 2; 1106 *ptr++ = EIR_TX_POWER; 1107 *ptr++ = (uint8_t) dev->tx_power; 1108 eir_len += 3; 1109 } 1110 1111 if (dev->did_vendor != 0x0000) { 1112 uint16_t source = 0x0002; 1113 *ptr++ = 9; 1114 *ptr++ = EIR_DEVICE_ID; 1115 *ptr++ = (source & 0x00ff); 1116 *ptr++ = (source & 0xff00) >> 8; 1117 *ptr++ = (dev->did_vendor & 0x00ff); 1118 *ptr++ = (dev->did_vendor & 0xff00) >> 8; 1119 *ptr++ = (dev->did_product & 0x00ff); 1120 *ptr++ = (dev->did_product & 0xff00) >> 8; 1121 *ptr++ = (dev->did_version & 0x00ff); 1122 *ptr++ = (dev->did_version & 0xff00) >> 8; 1123 eir_len += 10; 1124 } 1125 1126 adapter = manager_find_adapter(&dev->bdaddr); 1127 if (adapter == NULL) 1128 return; 1129 1130 services = adapter_get_services(adapter); 1131 1132 /* Group all UUID16 types */ 1133 for (list = services; list; list = list->next) { 1134 sdp_record_t *rec = list->data; 1135 1136 if (rec->svclass.type != SDP_UUID16) 1137 continue; 1138 1139 if (rec->svclass.value.uuid16 < 0x1100) 1140 continue; 1141 1142 if (rec->svclass.value.uuid16 == PNP_INFO_SVCLASS_ID) 1143 continue; 1144 1145 /* Stop if not enough space to put next UUID16 */ 1146 if ((eir_len + 2 + sizeof(uint16_t)) > EIR_DATA_LENGTH) { 1147 truncated = TRUE; 1148 break; 1149 } 1150 1151 /* Check for duplicates */ 1152 for (i = 0; i < uuid_count; i++) 1153 if (uuid16[i] == rec->svclass.value.uuid16) 1154 break; 1155 1156 if (i < uuid_count) 1157 continue; 1158 1159 uuid16[uuid_count++] = rec->svclass.value.uuid16; 1160 eir_len += sizeof(uint16_t); 1161 } 1162 1163 if (uuid_count > 0) { 1164 /* EIR Data length */ 1165 ptr[0] = (uuid_count * sizeof(uint16_t)) + 1; 1166 /* EIR Data type */ 1167 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL; 1168 1169 ptr += 2; 1170 eir_len += 2; 1171 1172 for (i = 0; i < uuid_count; i++) { 1173 *ptr++ = (uuid16[i] & 0x00ff); 1174 *ptr++ = (uuid16[i] & 0xff00) >> 8; 1175 } 1176 } 1177 1178 /* Group all UUID128 types */ 1179 if (eir_len <= EIR_DATA_LENGTH - 2) 1180 eir_generate_uuid128(services, ptr, &eir_len); 1181} 1182 1183static void update_ext_inquiry_response(int index) 1184{ 1185 struct dev_info *dev = &devs[index]; 1186 write_ext_inquiry_response_cp cp; 1187 1188 DBG("hci%d", index); 1189 1190 if (!(dev->features[6] & LMP_EXT_INQ)) 1191 return; 1192 1193 if (dev->ssp_mode == 0) 1194 return; 1195 1196 if (dev->cache_enable) 1197 return; 1198 1199 memset(&cp, 0, sizeof(cp)); 1200 1201 create_ext_inquiry_response(index, cp.data); 1202 1203 if (memcmp(cp.data, dev->eir, sizeof(cp.data)) == 0) 1204 return; 1205 1206 memcpy(dev->eir, cp.data, sizeof(cp.data)); 1207 1208 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 1209 OCF_WRITE_EXT_INQUIRY_RESPONSE, 1210 WRITE_EXT_INQUIRY_RESPONSE_CP_SIZE, &cp) < 0) 1211 error("Unable to write EIR data: %s (%d)", 1212 strerror(errno), errno); 1213} 1214 1215static void update_name(int index, const char *name) 1216{ 1217 struct btd_adapter *adapter; 1218 1219 adapter = manager_find_adapter_by_id(index); 1220 if (adapter) 1221 adapter_update_local_name(adapter, name); 1222 1223 update_ext_inquiry_response(index); 1224} 1225 1226static void read_local_name_complete(int index, read_local_name_rp *rp) 1227{ 1228 struct dev_info *dev = &devs[index]; 1229 1230 DBG("hci%d status %u", index, rp->status); 1231 1232 if (rp->status) 1233 return; 1234 1235 memcpy(dev->name, rp->name, 248); 1236 1237 if (!dev->pending) { 1238 update_name(index, (char *) rp->name); 1239 return; 1240 } 1241 1242 hci_clear_bit(PENDING_NAME, &dev->pending); 1243 1244 DBG("Got name for hci%d", index); 1245 1246 if (!dev->up) 1247 return; 1248 1249 /* Even though it shouldn't happen (assuming the kernel behaves 1250 * properly) it seems like we might miss the very first 1251 * initialization commands that the kernel sends. So check for 1252 * it here (since read_local_name is one of the last init 1253 * commands) and resend the first ones if we haven't seen 1254 * their results yet */ 1255 1256 if (hci_test_bit(PENDING_FEATURES, &dev->pending)) 1257 hci_send_cmd(dev->sk, OGF_INFO_PARAM, 1258 OCF_READ_LOCAL_FEATURES, 0, NULL); 1259 1260 if (hci_test_bit(PENDING_VERSION, &dev->pending)) 1261 hci_send_cmd(dev->sk, OGF_INFO_PARAM, 1262 OCF_READ_LOCAL_VERSION, 0, NULL); 1263 1264 if (!dev->pending) 1265 init_adapter(index); 1266} 1267 1268static void read_tx_power_complete(int index, void *ptr) 1269{ 1270 struct dev_info *dev = &devs[index]; 1271 1272 read_inq_response_tx_power_level_rp *rp = ptr; 1273 1274 DBG("hci%d status %u", index, rp->status); 1275 1276 if (rp->status) 1277 return; 1278 1279 dev->tx_power = rp->level; 1280 update_ext_inquiry_response(index); 1281} 1282 1283static void read_simple_pairing_mode_complete(int index, void *ptr) 1284{ 1285 read_simple_pairing_mode_rp *rp = ptr; 1286 struct btd_adapter *adapter; 1287 1288 DBG("hci%d status %u", index, rp->status); 1289 1290 if (rp->status) 1291 return; 1292 1293 dev->ssp_mode = rp->mode; 1294 update_ext_inquiry_response(index); 1295 1296 adapter = manager_find_adapter_by_id(index); 1297 if (!adapter) { 1298 error("No matching adapter found"); 1299 return; 1300 } 1301 1302 adapter_update_ssp_mode(adapter, rp->mode); 1303} 1304 1305static void read_local_ext_features_complete(int index, 1306 const read_local_ext_features_rp *rp) 1307{ 1308 struct btd_adapter *adapter; 1309 1310 DBG("hci%d status %u", index, rp->status); 1311 1312 if (rp->status) 1313 return; 1314 1315 adapter = manager_find_adapter_by_id(index); 1316 if (!adapter) { 1317 error("No matching adapter found"); 1318 return; 1319 } 1320 1321 /* Local Extended feature page number is 1 */ 1322 if (rp->page_num != 1) 1323 return; 1324 1325 btd_adapter_update_local_ext_features(adapter, rp->features); 1326} 1327 1328static void read_bd_addr_complete(int index, read_bd_addr_rp *rp) 1329{ 1330 struct dev_info *dev = &devs[index]; 1331 1332 DBG("hci%d status %u", index, rp->status); 1333 1334 if (rp->status) 1335 return; 1336 1337 bacpy(&dev->bdaddr, &rp->bdaddr); 1338 1339 if (!dev->pending) 1340 return; 1341 1342 hci_clear_bit(PENDING_BDADDR, &dev->pending); 1343 1344 DBG("Got bdaddr for hci%d", index); 1345 1346 if (!dev->pending && dev->up) 1347 init_adapter(index); 1348} 1349 1350static inline void cmd_status(int index, void *ptr) 1351{ 1352 struct dev_info *dev = &devs[index]; 1353 evt_cmd_status *evt = ptr; 1354 uint16_t opcode = btohs(evt->opcode); 1355 1356 if (opcode == cmd_opcode_pack(OGF_LINK_CTL, OCF_INQUIRY)) 1357 start_inquiry(&dev->bdaddr, evt->status, FALSE); 1358} 1359 1360static void read_scan_complete(int index, uint8_t status, void *ptr) 1361{ 1362 struct btd_adapter *adapter; 1363 read_scan_enable_rp *rp = ptr; 1364 1365 DBG("hci%d status %u", index, status); 1366 1367 adapter = manager_find_adapter_by_id(index); 1368 if (!adapter) { 1369 error("Unable to find matching adapter"); 1370 return; 1371 } 1372 1373 adapter_mode_changed(adapter, rp->enable); 1374} 1375 1376static int write_class(int index, uint32_t class) 1377{ 1378 struct dev_info *dev = &devs[index]; 1379 write_class_of_dev_cp cp; 1380 1381 DBG("hci%d class 0x%06x", index, class); 1382 1383 memcpy(cp.dev_class, &class, 3); 1384 1385 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_CLASS_OF_DEV, 1386 WRITE_CLASS_OF_DEV_CP_SIZE, &cp) < 0) 1387 return -errno; 1388 1389 dev->pending_cod = class; 1390 1391 return 0; 1392} 1393 1394/* Limited Discoverable bit mask in CoD */ 1395#define LIMITED_BIT 0x002000 1396 1397static int hciops_set_limited_discoverable(int index, gboolean limited) 1398{ 1399 struct dev_info *dev = &devs[index]; 1400 int num = (limited ? 2 : 1); 1401 uint8_t lap[] = { 0x33, 0x8b, 0x9e, 0x00, 0x8b, 0x9e }; 1402 write_current_iac_lap_cp cp; 1403 1404 DBG("hci%d limited %d", index, limited); 1405 1406 /* Check if limited bit needs to be set/reset */ 1407 if (limited) 1408 dev->wanted_cod |= LIMITED_BIT; 1409 else 1410 dev->wanted_cod &= ~LIMITED_BIT; 1411 1412 /* If we dont need the toggling, save an unnecessary CoD write */ 1413 if (dev->pending_cod || dev->wanted_cod == dev->current_cod) 1414 return 0; 1415 1416 /* 1417 * 1: giac 1418 * 2: giac + liac 1419 */ 1420 memset(&cp, 0, sizeof(cp)); 1421 cp.num_current_iac = num; 1422 memcpy(&cp.lap, lap, num * 3); 1423 1424 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_CURRENT_IAC_LAP, 1425 (num * 3 + 1), &cp) < 0) 1426 return -errno; 1427 1428 return write_class(index, dev->wanted_cod); 1429} 1430 1431static void write_class_complete(int index, uint8_t status) 1432{ 1433 struct dev_info *dev = &devs[index]; 1434 struct btd_adapter *adapter; 1435 1436 if (status) 1437 return; 1438 1439 if (dev->pending_cod == 0) 1440 return; 1441 1442 dev->current_cod = dev->pending_cod; 1443 dev->pending_cod = 0; 1444 1445 adapter = manager_find_adapter(&dev->bdaddr); 1446 if (adapter) 1447 btd_adapter_class_changed(adapter, dev->current_cod); 1448 1449 update_ext_inquiry_response(index); 1450 1451 if (dev->wanted_cod == dev->current_cod) 1452 return; 1453 1454 if (dev->wanted_cod & LIMITED_BIT && 1455 !(dev->current_cod & LIMITED_BIT)) 1456 hciops_set_limited_discoverable(index, TRUE); 1457 else if (!(dev->wanted_cod & LIMITED_BIT) && 1458 (dev->current_cod & LIMITED_BIT)) 1459 hciops_set_limited_discoverable(index, FALSE); 1460 else 1461 write_class(index, dev->wanted_cod); 1462} 1463 1464static inline void cmd_complete(int index, void *ptr) 1465{ 1466 struct dev_info *dev = &devs[index]; 1467 evt_cmd_complete *evt = ptr; 1468 uint16_t opcode = btohs(evt->opcode); 1469 uint8_t status = *((uint8_t *) ptr + EVT_CMD_COMPLETE_SIZE); 1470 1471 switch (opcode) { 1472 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_VERSION): 1473 ptr += sizeof(evt_cmd_complete); 1474 read_local_version_complete(index, ptr); 1475 break; 1476 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_FEATURES): 1477 ptr += sizeof(evt_cmd_complete); 1478 read_local_features_complete(index, ptr); 1479 break; 1480 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_EXT_FEATURES): 1481 ptr += sizeof(evt_cmd_complete); 1482 read_local_ext_features_complete(index, ptr); 1483 break; 1484 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_BD_ADDR): 1485 ptr += sizeof(evt_cmd_complete); 1486 read_bd_addr_complete(index, ptr); 1487 break; 1488 case cmd_opcode_pack(OGF_LINK_CTL, OCF_PERIODIC_INQUIRY): 1489 start_inquiry(&dev->bdaddr, status, TRUE); 1490 break; 1491 case cmd_opcode_pack(OGF_LINK_CTL, OCF_EXIT_PERIODIC_INQUIRY): 1492 inquiry_complete(&dev->bdaddr, status, TRUE); 1493 break; 1494 case cmd_opcode_pack(OGF_LINK_CTL, OCF_INQUIRY_CANCEL): 1495 inquiry_complete(&dev->bdaddr, status, FALSE); 1496 break; 1497 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_LE_HOST_SUPPORTED): 1498 write_le_host_complete(index, status); 1499 break; 1500 case cmd_opcode_pack(OGF_LE_CTL, OCF_LE_SET_SCAN_ENABLE): 1501 btd_event_le_set_scan_enable_complete(&dev->bdaddr, status); 1502 break; 1503 case cmd_opcode_pack(OGF_HOST_CTL, OCF_CHANGE_LOCAL_NAME): 1504 if (!status) 1505 hci_send_cmd(dev->sk, OGF_HOST_CTL, 1506 OCF_READ_LOCAL_NAME, 0, 0); 1507 break; 1508 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE): 1509 btd_event_setscan_enable_complete(&dev->bdaddr); 1510 break; 1511 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_SCAN_ENABLE): 1512 ptr += sizeof(evt_cmd_complete); 1513 read_scan_complete(index, status, ptr); 1514 break; 1515 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_CLASS_OF_DEV): 1516 write_class_complete(index, status); 1517 break; 1518 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_SIMPLE_PAIRING_MODE): 1519 if (!status) 1520 hci_send_cmd(dev->sk, OGF_HOST_CTL, 1521 OCF_READ_SIMPLE_PAIRING_MODE, 0, NULL); 1522 break; 1523 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_SIMPLE_PAIRING_MODE): 1524 ptr += sizeof(evt_cmd_complete); 1525 read_simple_pairing_mode_complete(index, ptr); 1526 break; 1527 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_LOCAL_NAME): 1528 ptr += sizeof(evt_cmd_complete); 1529 read_local_name_complete(index, ptr); 1530 break; 1531 case cmd_opcode_pack(OGF_HOST_CTL, 1532 OCF_READ_INQ_RESPONSE_TX_POWER_LEVEL): 1533 ptr += sizeof(evt_cmd_complete); 1534 read_tx_power_complete(index, ptr); 1535 break; 1536 }; 1537} 1538 1539static inline void remote_name_information(int index, void *ptr) 1540{ 1541 struct dev_info *dev = &devs[index]; 1542 evt_remote_name_req_complete *evt = ptr; 1543 char name[MAX_NAME_LENGTH + 1]; 1544 1545 DBG("hci%d status %u", index, evt->status); 1546 1547 memset(name, 0, sizeof(name)); 1548 1549 if (!evt->status) 1550 memcpy(name, evt->name, MAX_NAME_LENGTH); 1551 1552 btd_event_remote_name(&dev->bdaddr, &evt->bdaddr, evt->status, name); 1553} 1554 1555static inline void remote_version_information(int index, void *ptr) 1556{ 1557 struct dev_info *dev = &devs[index]; 1558 evt_read_remote_version_complete *evt = ptr; 1559 bdaddr_t dba; 1560 1561 DBG("hci%d status %u", index, evt->status); 1562 1563 if (evt->status) 1564 return; 1565 1566 if (get_bdaddr(index, btohs(evt->handle), &dba) < 0) 1567 return; 1568 1569 write_version_info(&dev->bdaddr, &dba, btohs(evt->manufacturer), 1570 evt->lmp_ver, btohs(evt->lmp_subver)); 1571} 1572 1573static inline void inquiry_result(int index, int plen, void *ptr) 1574{ 1575 struct dev_info *dev = &devs[index]; 1576 uint8_t num = *(uint8_t *) ptr++; 1577 int i; 1578 1579 for (i = 0; i < num; i++) { 1580 inquiry_info *info = ptr; 1581 uint32_t class = info->dev_class[0] | 1582 (info->dev_class[1] << 8) | 1583 (info->dev_class[2] << 16); 1584 1585 btd_event_device_found(&dev->bdaddr, &info->bdaddr, class, 1586 0, NULL); 1587 ptr += INQUIRY_INFO_SIZE; 1588 } 1589} 1590 1591static inline void inquiry_result_with_rssi(int index, int plen, void *ptr) 1592{ 1593 struct dev_info *dev = &devs[index]; 1594 uint8_t num = *(uint8_t *) ptr++; 1595 int i; 1596 1597 if (!num) 1598 return; 1599 1600 if ((plen - 1) / num == INQUIRY_INFO_WITH_RSSI_AND_PSCAN_MODE_SIZE) { 1601 for (i = 0; i < num; i++) { 1602 inquiry_info_with_rssi_and_pscan_mode *info = ptr; 1603 uint32_t class = info->dev_class[0] 1604 | (info->dev_class[1] << 8) 1605 | (info->dev_class[2] << 16); 1606 1607 btd_event_device_found(&dev->bdaddr, &info->bdaddr, 1608 class, info->rssi, NULL); 1609 ptr += INQUIRY_INFO_WITH_RSSI_AND_PSCAN_MODE_SIZE; 1610 } 1611 } else { 1612 for (i = 0; i < num; i++) { 1613 inquiry_info_with_rssi *info = ptr; 1614 uint32_t class = info->dev_class[0] 1615 | (info->dev_class[1] << 8) 1616 | (info->dev_class[2] << 16); 1617 1618 btd_event_device_found(&dev->bdaddr, &info->bdaddr, 1619 class, info->rssi, NULL); 1620 ptr += INQUIRY_INFO_WITH_RSSI_SIZE; 1621 } 1622 } 1623} 1624 1625static inline void extended_inquiry_result(int index, int plen, void *ptr) 1626{ 1627 struct dev_info *dev = &devs[index]; 1628 uint8_t num = *(uint8_t *) ptr++; 1629 int i; 1630 1631 for (i = 0; i < num; i++) { 1632 extended_inquiry_info *info = ptr; 1633 uint32_t class = info->dev_class[0] 1634 | (info->dev_class[1] << 8) 1635 | (info->dev_class[2] << 16); 1636 1637 btd_event_device_found(&dev->bdaddr, &info->bdaddr, class, 1638 info->rssi, info->data); 1639 ptr += EXTENDED_INQUIRY_INFO_SIZE; 1640 } 1641} 1642 1643static inline void remote_features_information(int index, void *ptr) 1644{ 1645 struct dev_info *dev = &devs[index]; 1646 evt_read_remote_features_complete *evt = ptr; 1647 bdaddr_t dba; 1648 1649 DBG("hci%d status %u", index, evt->status); 1650 1651 if (evt->status) 1652 return; 1653 1654 if (get_bdaddr(index, btohs(evt->handle), &dba) < 0) 1655 return; 1656 1657 write_features_info(&dev->bdaddr, &dba, evt->features, NULL); 1658} 1659 1660struct remote_version_req { 1661 int index; 1662 uint16_t handle; 1663}; 1664 1665static gboolean __get_remote_version(gpointer user_data) 1666{ 1667 struct remote_version_req *req = user_data; 1668 struct dev_info *dev = &devs[req->index]; 1669 read_remote_version_cp cp; 1670 1671 DBG("hci%d handle %u", req->index, req->handle); 1672 1673 memset(&cp, 0, sizeof(cp)); 1674 cp.handle = htobs(req->handle); 1675 1676 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_READ_REMOTE_VERSION, 1677 READ_REMOTE_VERSION_CP_SIZE, &cp); 1678 1679 return FALSE; 1680} 1681 1682static void get_remote_version(int index, uint16_t handle) 1683{ 1684 struct remote_version_req *req; 1685 1686 req = g_new0(struct remote_version_req, 1); 1687 req->handle = handle; 1688 req->index = index; 1689 1690 g_timeout_add_seconds_full(G_PRIORITY_DEFAULT, 1, __get_remote_version, 1691 req, g_free); 1692} 1693 1694static inline void conn_complete(int index, void *ptr) 1695{ 1696 struct dev_info *dev = &devs[index]; 1697 evt_conn_complete *evt = ptr; 1698 char filename[PATH_MAX]; 1699 char local_addr[18], peer_addr[18], *str; 1700 1701 if (evt->link_type != ACL_LINK) 1702 return; 1703 1704 btd_event_conn_complete(&dev->bdaddr, evt->status, 1705 btohs(evt->handle), &evt->bdaddr); 1706 1707 if (evt->status) 1708 return; 1709 1710 /* check if the remote version needs be requested */ 1711 ba2str(&dev->bdaddr, local_addr); 1712 ba2str(&evt->bdaddr, peer_addr); 1713 1714 create_name(filename, sizeof(filename), STORAGEDIR, local_addr, 1715 "manufacturers"); 1716 1717 str = textfile_get(filename, peer_addr); 1718 if (!str) 1719 get_remote_version(index, btohs(evt->handle)); 1720 else 1721 free(str); 1722} 1723 1724static inline void le_conn_complete(int index, void *ptr) 1725{ 1726 struct dev_info *dev = &devs[index]; 1727 evt_le_connection_complete *evt = ptr; 1728 char filename[PATH_MAX]; 1729 char local_addr[18], peer_addr[18], *str; 1730 1731 btd_event_conn_complete(&dev->bdaddr, evt->status, 1732 btohs(evt->handle), &evt->peer_bdaddr); 1733 1734 if (evt->status) 1735 return; 1736 1737 /* check if the remote version needs be requested */ 1738 ba2str(&dev->bdaddr, local_addr); 1739 ba2str(&evt->peer_bdaddr, peer_addr); 1740 1741 create_name(filename, sizeof(filename), STORAGEDIR, local_addr, 1742 "manufacturers"); 1743 1744 str = textfile_get(filename, peer_addr); 1745 if (!str) 1746 get_remote_version(index, btohs(evt->handle)); 1747 else 1748 free(str); 1749} 1750 1751static inline void disconn_complete(int index, void *ptr) 1752{ 1753 struct dev_info *dev = &devs[index]; 1754 evt_disconn_complete *evt = ptr; 1755 1756 btd_event_disconn_complete(&dev->bdaddr, evt->status, 1757 btohs(evt->handle), evt->reason); 1758} 1759 1760static inline void auth_complete(int index, void *ptr) 1761{ 1762 struct dev_info *dev = &devs[index]; 1763 evt_auth_complete *evt = ptr; 1764 bdaddr_t dba; 1765 1766 DBG("hci%d status %u", index, evt->status); 1767 1768 if (get_bdaddr(index, btohs(evt->handle), &dba) < 0) 1769 return; 1770 1771 btd_event_bonding_process_complete(&dev->bdaddr, &dba, evt->status); 1772} 1773 1774static inline void simple_pairing_complete(int index, void *ptr) 1775{ 1776 struct dev_info *dev = &devs[index]; 1777 evt_simple_pairing_complete *evt = ptr; 1778 1779 DBG("hci%d status %u", index, evt->status); 1780 1781 btd_event_simple_pairing_complete(&dev->bdaddr, &evt->bdaddr, 1782 evt->status); 1783} 1784 1785static inline void conn_request(int index, void *ptr) 1786{ 1787 struct dev_info *dev = &devs[index]; 1788 evt_conn_request *evt = ptr; 1789 uint32_t class = evt->dev_class[0] | (evt->dev_class[1] << 8) 1790 | (evt->dev_class[2] << 16); 1791 1792 btd_event_remote_class(&dev->bdaddr, &evt->bdaddr, class); 1793} 1794 1795static inline void le_advertising_report(int index, evt_le_meta_event *meta) 1796{ 1797 struct dev_info *dev = &devs[index]; 1798 le_advertising_info *info; 1799 uint8_t num, i; 1800 1801 num = meta->data[0]; 1802 info = (le_advertising_info *) (meta->data + 1); 1803 1804 for (i = 0; i < num; i++) { 1805 btd_event_advertising_report(&dev->bdaddr, info); 1806 info = (le_advertising_info *) (info->data + info->length + 1); 1807 } 1808} 1809 1810static inline void le_metaevent(int index, void *ptr) 1811{ 1812 evt_le_meta_event *meta = ptr; 1813 1814 DBG("hci%d LE Meta Event %u", index, meta->subevent); 1815 1816 switch (meta->subevent) { 1817 case EVT_LE_ADVERTISING_REPORT: 1818 le_advertising_report(index, meta); 1819 break; 1820 1821 case EVT_LE_CONN_COMPLETE: 1822 le_conn_complete(index, meta->data); 1823 break; 1824 } 1825} 1826 1827static void stop_hci_dev(int index) 1828{ 1829 struct dev_info *dev = &devs[index]; 1830 1831 if (dev->sk < 0) 1832 return; 1833 1834 info("Stopping hci%d event socket", index); 1835 1836 if (dev->watch_id > 0) 1837 g_source_remove(dev->watch_id); 1838 1839 if (dev->io != NULL) 1840 g_io_channel_unref(dev->io); 1841 1842 hci_close_dev(dev->sk); 1843 1844 g_slist_foreach(dev->keys, (GFunc) g_free, NULL); 1845 g_slist_free(dev->keys); 1846 1847 init_dev_info(index, -1, dev->registered); 1848} 1849 1850static gboolean io_security_event(GIOChannel *chan, GIOCondition cond, 1851 gpointer data) 1852{ 1853 unsigned char buf[HCI_MAX_EVENT_SIZE], *ptr = buf; 1854 int type, index = GPOINTER_TO_INT(data); 1855 struct dev_info *dev = &devs[index]; 1856 struct hci_dev_info di; 1857 size_t len; 1858 hci_event_hdr *eh; 1859 GIOError err; 1860 evt_cmd_status *evt; 1861 1862 if (cond & (G_IO_NVAL | G_IO_HUP | G_IO_ERR)) { 1863 stop_hci_dev(index); 1864 return FALSE; 1865 } 1866 1867 if ((err = g_io_channel_read(chan, (gchar *) buf, sizeof(buf), &len))) { 1868 if (err == G_IO_ERROR_AGAIN) 1869 return TRUE; 1870 stop_hci_dev(index); 1871 return FALSE; 1872 } 1873 1874 type = *ptr++; 1875 1876 if (type != HCI_EVENT_PKT) 1877 return TRUE; 1878 1879 eh = (hci_event_hdr *) ptr; 1880 ptr += HCI_EVENT_HDR_SIZE; 1881 1882 memset(&di, 0, sizeof(di)); 1883 if (hci_devinfo(index, &di) == 0) { 1884 bacpy(&dev->bdaddr, &di.bdaddr); 1885 1886 if (ignore_device(&di)) 1887 return TRUE; 1888 } 1889 1890 switch (eh->evt) { 1891 case EVT_CMD_STATUS: 1892 cmd_status(index, ptr); 1893 break; 1894 1895 case EVT_CMD_COMPLETE: 1896 cmd_complete(index, ptr); 1897 break; 1898 1899 case EVT_REMOTE_NAME_REQ_COMPLETE: 1900 remote_name_information(index, ptr); 1901 break; 1902 1903 case EVT_READ_REMOTE_VERSION_COMPLETE: 1904 remote_version_information(index, ptr); 1905 break; 1906 1907 case EVT_READ_REMOTE_FEATURES_COMPLETE: 1908 remote_features_information(index, ptr); 1909 break; 1910 1911 case EVT_REMOTE_HOST_FEATURES_NOTIFY: 1912 remote_features_notify(index, ptr); 1913 break; 1914 1915 case EVT_INQUIRY_COMPLETE: 1916 evt = (evt_cmd_status *) ptr; 1917 inquiry_complete(&dev->bdaddr, evt->status, FALSE); 1918 break; 1919 1920 case EVT_INQUIRY_RESULT: 1921 inquiry_result(index, eh->plen, ptr); 1922 break; 1923 1924 case EVT_INQUIRY_RESULT_WITH_RSSI: 1925 inquiry_result_with_rssi(index, eh->plen, ptr); 1926 break; 1927 1928 case EVT_EXTENDED_INQUIRY_RESULT: 1929 extended_inquiry_result(index, eh->plen, ptr); 1930 break; 1931 1932 case EVT_CONN_COMPLETE: 1933 conn_complete(index, ptr); 1934 break; 1935 1936 case EVT_DISCONN_COMPLETE: 1937 disconn_complete(index, ptr); 1938 break; 1939 1940 case EVT_AUTH_COMPLETE: 1941 auth_complete(index, ptr); 1942 break; 1943 1944 case EVT_SIMPLE_PAIRING_COMPLETE: 1945 simple_pairing_complete(index, ptr); 1946 break; 1947 1948 case EVT_CONN_REQUEST: 1949 conn_request(index, ptr); 1950 break; 1951 case EVT_LE_META_EVENT: 1952 le_metaevent(index, ptr); 1953 break; 1954 case EVT_PIN_CODE_REQ: 1955 pin_code_request(index, (bdaddr_t *) ptr); 1956 break; 1957 1958 case EVT_LINK_KEY_REQ: 1959 link_key_request(index, (bdaddr_t *) ptr); 1960 break; 1961 1962 case EVT_LINK_KEY_NOTIFY: 1963 link_key_notify(index, ptr); 1964 break; 1965 1966 case EVT_RETURN_LINK_KEYS: 1967 return_link_keys(index, ptr); 1968 break; 1969 1970 case EVT_IO_CAPABILITY_REQUEST: 1971 io_capa_request(index, ptr); 1972 break; 1973 1974 case EVT_IO_CAPABILITY_RESPONSE: 1975 io_capa_response(index, ptr); 1976 break; 1977 1978 case EVT_USER_CONFIRM_REQUEST: 1979 user_confirm_request(index, ptr); 1980 break; 1981 1982 case EVT_USER_PASSKEY_REQUEST: 1983 user_passkey_request(index, ptr); 1984 break; 1985 1986 case EVT_USER_PASSKEY_NOTIFY: 1987 user_passkey_notify(index, ptr); 1988 break; 1989 1990 case EVT_REMOTE_OOB_DATA_REQUEST: 1991 remote_oob_data_request(index, ptr); 1992 break; 1993 } 1994 1995 return TRUE; 1996} 1997 1998static void start_hci_dev(int index) 1999{ 2000 struct dev_info *dev = &devs[index]; 2001 GIOChannel *chan = dev->io; 2002 GIOCondition cond; 2003 struct hci_filter flt; 2004 2005 if (chan) 2006 return; 2007 2008 info("Listening for HCI events on hci%d", index); 2009 2010 /* Set filter */ 2011 hci_filter_clear(&flt); 2012 hci_filter_set_ptype(HCI_EVENT_PKT, &flt); 2013 hci_filter_set_event(EVT_CMD_STATUS, &flt); 2014 hci_filter_set_event(EVT_CMD_COMPLETE, &flt); 2015 hci_filter_set_event(EVT_PIN_CODE_REQ, &flt); 2016 hci_filter_set_event(EVT_LINK_KEY_REQ, &flt); 2017 hci_filter_set_event(EVT_LINK_KEY_NOTIFY, &flt); 2018 hci_filter_set_event(EVT_RETURN_LINK_KEYS, &flt); 2019 hci_filter_set_event(EVT_IO_CAPABILITY_REQUEST, &flt); 2020 hci_filter_set_event(EVT_IO_CAPABILITY_RESPONSE, &flt); 2021 hci_filter_set_event(EVT_USER_CONFIRM_REQUEST, &flt); 2022 hci_filter_set_event(EVT_USER_PASSKEY_REQUEST, &flt); 2023 hci_filter_set_event(EVT_REMOTE_OOB_DATA_REQUEST, &flt); 2024 hci_filter_set_event(EVT_USER_PASSKEY_NOTIFY, &flt); 2025 hci_filter_set_event(EVT_KEYPRESS_NOTIFY, &flt); 2026 hci_filter_set_event(EVT_SIMPLE_PAIRING_COMPLETE, &flt); 2027 hci_filter_set_event(EVT_AUTH_COMPLETE, &flt); 2028 hci_filter_set_event(EVT_REMOTE_NAME_REQ_COMPLETE, &flt); 2029 hci_filter_set_event(EVT_READ_REMOTE_VERSION_COMPLETE, &flt); 2030 hci_filter_set_event(EVT_READ_REMOTE_FEATURES_COMPLETE, &flt); 2031 hci_filter_set_event(EVT_REMOTE_HOST_FEATURES_NOTIFY, &flt); 2032 hci_filter_set_event(EVT_INQUIRY_COMPLETE, &flt); 2033 hci_filter_set_event(EVT_INQUIRY_RESULT, &flt); 2034 hci_filter_set_event(EVT_INQUIRY_RESULT_WITH_RSSI, &flt); 2035 hci_filter_set_event(EVT_EXTENDED_INQUIRY_RESULT, &flt); 2036 hci_filter_set_event(EVT_CONN_REQUEST, &flt); 2037 hci_filter_set_event(EVT_CONN_COMPLETE, &flt); 2038 hci_filter_set_event(EVT_DISCONN_COMPLETE, &flt); 2039 hci_filter_set_event(EVT_LE_META_EVENT, &flt); 2040 if (setsockopt(dev->sk, SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) { 2041 error("Can't set filter on hci%d: %s (%d)", 2042 index, strerror(errno), errno); 2043 return; 2044 } 2045 2046 chan = g_io_channel_unix_new(dev->sk); 2047 cond = G_IO_IN | G_IO_NVAL | G_IO_HUP | G_IO_ERR; 2048 dev->watch_id = g_io_add_watch_full(chan, G_PRIORITY_LOW, cond, 2049 io_security_event, 2050 GINT_TO_POINTER(index), NULL); 2051 dev->io = chan; 2052 dev->pin_length = -1; 2053 2054} 2055 2056/* End of HCI event callbacks */ 2057 2058static gboolean child_exit(GIOChannel *io, GIOCondition cond, void *user_data) 2059{ 2060 int status, fd = g_io_channel_unix_get_fd(io); 2061 pid_t child_pid; 2062 2063 if (read(fd, &child_pid, sizeof(child_pid)) != sizeof(child_pid)) { 2064 error("child_exit: unable to read child pid from pipe"); 2065 return TRUE; 2066 } 2067 2068 if (waitpid(child_pid, &status, 0) != child_pid) 2069 error("waitpid(%d) failed", child_pid); 2070 else 2071 DBG("child %d exited", child_pid); 2072 2073 return TRUE; 2074} 2075 2076static void at_child_exit(void) 2077{ 2078 pid_t pid = getpid(); 2079 2080 if (write(child_pipe[1], &pid, sizeof(pid)) != sizeof(pid)) 2081 error("unable to write to child pipe"); 2082} 2083 2084static void device_devup_setup(int index) 2085{ 2086 struct dev_info *dev = &devs[index]; 2087 struct hci_dev_info di; 2088 read_stored_link_key_cp cp; 2089 2090 DBG("hci%d", index); 2091 2092 if (hci_devinfo(index, &di) < 0) 2093 return; 2094 2095 if (ignore_device(&di)) 2096 return; 2097 2098 bacpy(&dev->bdaddr, &di.bdaddr); 2099 memcpy(dev->features, di.features, 8); 2100 2101 /* Set page timeout */ 2102 if ((main_opts.flags & (1 << HCID_SET_PAGETO))) { 2103 write_page_timeout_cp cp; 2104 2105 cp.timeout = htobs(main_opts.pageto); 2106 hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_PAGE_TIMEOUT, 2107 WRITE_PAGE_TIMEOUT_CP_SIZE, &cp); 2108 } 2109 2110 bacpy(&cp.bdaddr, BDADDR_ANY); 2111 cp.read_all = 1; 2112 hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_READ_STORED_LINK_KEY, 2113 READ_STORED_LINK_KEY_CP_SIZE, (void *) &cp); 2114 2115 if (!dev->pending) 2116 init_adapter(index); 2117} 2118 2119static void init_pending(int index) 2120{ 2121 struct dev_info *dev = &devs[index]; 2122 2123 hci_set_bit(PENDING_BDADDR, &dev->pending); 2124 hci_set_bit(PENDING_VERSION, &dev->pending); 2125 hci_set_bit(PENDING_FEATURES, &dev->pending); 2126 hci_set_bit(PENDING_NAME, &dev->pending); 2127} 2128 2129static void init_device(int index) 2130{ 2131 struct hci_dev_req dr; 2132 int dd; 2133 pid_t pid; 2134 2135 DBG("hci%d", index); 2136 2137 dd = hci_open_dev(index); 2138 if (dd < 0) { 2139 error("Unable to open hci%d: %s (%d)", index, 2140 strerror(errno), errno); 2141 return; 2142 } 2143 2144 if (index > max_dev) { 2145 max_dev = index; 2146 devs = g_realloc(devs, sizeof(devs[0]) * (max_dev + 1)); 2147 } 2148 2149 init_dev_info(index, dd, FALSE); 2150 init_pending(index); 2151 start_hci_dev(index); 2152 2153 /* Do initialization in the separate process */ 2154 pid = fork(); 2155 switch (pid) { 2156 case 0: 2157 atexit(at_child_exit); 2158 break; 2159 case -1: 2160 error("Fork failed. Can't init device hci%d: %s (%d)", 2161 index, strerror(errno), errno); 2162 default: 2163 DBG("child %d forked", pid); 2164 return; 2165 } 2166 2167 memset(&dr, 0, sizeof(dr)); 2168 dr.dev_id = index; 2169 2170 /* Set link mode */ 2171 dr.dev_opt = main_opts.link_mode; 2172 if (ioctl(dd, HCISETLINKMODE, (unsigned long) &dr) < 0) 2173 error("Can't set link mode on hci%d: %s (%d)", 2174 index, strerror(errno), errno); 2175 2176 /* Start HCI device */ 2177 if (ioctl(dd, HCIDEVUP, index) < 0 && errno != EALREADY) { 2178 error("Can't init device hci%d: %s (%d)", 2179 index, strerror(errno), errno); 2180 goto fail; 2181 } 2182 2183 hci_close_dev(dd); 2184 exit(0); 2185 2186fail: 2187 hci_close_dev(dd); 2188 exit(1); 2189} 2190 2191static void device_devreg_setup(int index) 2192{ 2193 struct hci_dev_info di; 2194 2195 DBG("hci%d", index); 2196 2197 init_device(index); 2198 2199 memset(&di, 0, sizeof(di)); 2200 2201 if (hci_devinfo(index, &di) < 0) 2202 return; 2203 2204 if (ignore_device(&di)) 2205 return; 2206 2207 devs[index].already_up = hci_test_bit(HCI_UP, &di.flags); 2208} 2209 2210static void device_event(int event, int index) 2211{ 2212 switch (event) { 2213 case HCI_DEV_REG: 2214 info("HCI dev %d registered", index); 2215 device_devreg_setup(index); 2216 if (devs[index].already_up) 2217 device_event(HCI_DEV_UP, index); 2218 break; 2219 2220 case HCI_DEV_UNREG: 2221 info("HCI dev %d unregistered", index); 2222 stop_hci_dev(index); 2223 if (devs[index].registered) 2224 btd_manager_unregister_adapter(index); 2225 break; 2226 2227 case HCI_DEV_UP: 2228 info("HCI dev %d up", index); 2229 devs[index].up = TRUE; 2230 device_devup_setup(index); 2231 break; 2232 2233 case HCI_DEV_DOWN: 2234 info("HCI dev %d down", index); 2235 devs[index].up = FALSE; 2236 devs[index].pending_cod = 0; 2237 devs[index].cache_enable = TRUE; 2238 if (!devs[index].pending) { 2239 struct btd_adapter *adapter; 2240 2241 adapter = manager_find_adapter_by_id(index); 2242 if (adapter) 2243 btd_adapter_stop(adapter); 2244 2245 init_pending(index); 2246 } 2247 break; 2248 } 2249} 2250 2251static int hciops_stop_inquiry(int index) 2252{ 2253 struct dev_info *dev = &devs[index]; 2254 struct hci_dev_info di; 2255 int err; 2256 2257 DBG("hci%d", index); 2258 2259 if (hci_devinfo(index, &di) < 0) 2260 return -errno; 2261 2262 if (hci_test_bit(HCI_INQUIRY, &di.flags)) 2263 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2264 OCF_INQUIRY_CANCEL, 0, 0); 2265 else 2266 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2267 OCF_EXIT_PERIODIC_INQUIRY, 0, 0); 2268 if (err < 0) 2269 err = -errno; 2270 2271 return err; 2272} 2273 2274static gboolean init_known_adapters(gpointer user_data) 2275{ 2276 struct hci_dev_list_req *dl; 2277 struct hci_dev_req *dr; 2278 int i, err, ctl = GPOINTER_TO_INT(user_data); 2279 size_t req_size; 2280 2281 DBG(""); 2282 2283 req_size = HCI_MAX_DEV * sizeof(struct hci_dev_req) + sizeof(uint16_t); 2284 2285 dl = g_try_malloc0(req_size); 2286 if (!dl) { 2287 error("Can't allocate devlist buffer"); 2288 return FALSE; 2289 } 2290 2291 dl->dev_num = HCI_MAX_DEV; 2292 dr = dl->dev_req; 2293 2294 if (ioctl(ctl, HCIGETDEVLIST, dl) < 0) { 2295 err = -errno; 2296 error("Can't get device list: %s (%d)", strerror(-err), -err); 2297 g_free(dl); 2298 return FALSE; 2299 } 2300 2301 for (i = 0; i < dl->dev_num; i++, dr++) { 2302 struct dev_info *dev; 2303 2304 device_event(HCI_DEV_REG, dr->dev_id); 2305 2306 dev = &devs[dr->dev_id]; 2307 2308 dev->already_up = hci_test_bit(HCI_UP, &dr->dev_opt); 2309 2310 if (!dev->already_up) 2311 continue; 2312 2313 hciops_stop_inquiry(dr->dev_id); 2314 2315 dev->pending = 0; 2316 hci_set_bit(PENDING_VERSION, &dev->pending); 2317 hci_send_cmd(dev->sk, OGF_INFO_PARAM, 2318 OCF_READ_LOCAL_VERSION, 0, NULL); 2319 device_event(HCI_DEV_UP, dr->dev_id); 2320 } 2321 2322 g_free(dl); 2323 2324 return FALSE; 2325} 2326 2327static gboolean io_stack_event(GIOChannel *chan, GIOCondition cond, 2328 gpointer data) 2329{ 2330 unsigned char buf[HCI_MAX_FRAME_SIZE], *ptr; 2331 evt_stack_internal *si; 2332 evt_si_device *sd; 2333 hci_event_hdr *eh; 2334 int type; 2335 size_t len; 2336 GIOError err; 2337 2338 ptr = buf; 2339 2340 err = g_io_channel_read(chan, (gchar *) buf, sizeof(buf), &len); 2341 if (err) { 2342 if (err == G_IO_ERROR_AGAIN) 2343 return TRUE; 2344 2345 error("Read from control socket failed: %s (%d)", 2346 strerror(errno), errno); 2347 return FALSE; 2348 } 2349 2350 type = *ptr++; 2351 2352 if (type != HCI_EVENT_PKT) 2353 return TRUE; 2354 2355 eh = (hci_event_hdr *) ptr; 2356 if (eh->evt != EVT_STACK_INTERNAL) 2357 return TRUE; 2358 2359 ptr += HCI_EVENT_HDR_SIZE; 2360 2361 si = (evt_stack_internal *) ptr; 2362 switch (si->type) { 2363 case EVT_SI_DEVICE: 2364 sd = (void *) &si->data; 2365 device_event(sd->event, sd->dev_id); 2366 break; 2367 } 2368 2369 return TRUE; 2370} 2371 2372static int hciops_setup(void) 2373{ 2374 struct sockaddr_hci addr; 2375 struct hci_filter flt; 2376 GIOChannel *ctl_io, *child_io; 2377 int sock, err; 2378 2379 DBG(""); 2380 2381 if (child_pipe[0] != -1) 2382 return -EALREADY; 2383 2384 if (pipe(child_pipe) < 0) { 2385 err = -errno; 2386 error("pipe(): %s (%d)", strerror(-err), -err); 2387 return err; 2388 } 2389 2390 child_io = g_io_channel_unix_new(child_pipe[0]); 2391 g_io_channel_set_close_on_unref(child_io, TRUE); 2392 child_io_id = g_io_add_watch(child_io, 2393 G_IO_IN | G_IO_ERR | G_IO_HUP | G_IO_NVAL, 2394 child_exit, NULL); 2395 g_io_channel_unref(child_io); 2396 2397 /* Create and bind HCI socket */ 2398 sock = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI); 2399 if (sock < 0) { 2400 err = -errno; 2401 error("Can't open HCI socket: %s (%d)", strerror(-err), 2402 -err); 2403 return err; 2404 } 2405 2406 /* Set filter */ 2407 hci_filter_clear(&flt); 2408 hci_filter_set_ptype(HCI_EVENT_PKT, &flt); 2409 hci_filter_set_event(EVT_STACK_INTERNAL, &flt); 2410 if (setsockopt(sock, SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) { 2411 err = -errno; 2412 error("Can't set filter: %s (%d)", strerror(-err), -err); 2413 return err; 2414 } 2415 2416 memset(&addr, 0, sizeof(addr)); 2417 addr.hci_family = AF_BLUETOOTH; 2418 addr.hci_dev = HCI_DEV_NONE; 2419 if (bind(sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) { 2420 err = -errno; 2421 error("Can't bind HCI socket: %s (%d)", strerror(-err), -err); 2422 return err; 2423 } 2424 2425 ctl_io = g_io_channel_unix_new(sock); 2426 g_io_channel_set_close_on_unref(ctl_io, TRUE); 2427 2428 ctl_io_id = g_io_add_watch(ctl_io, G_IO_IN, io_stack_event, NULL); 2429 2430 g_io_channel_unref(ctl_io); 2431 2432 g_idle_add(init_known_adapters, GINT_TO_POINTER(sock)); 2433 2434 return 0; 2435} 2436 2437static void hciops_cleanup(void) 2438{ 2439 int i; 2440 2441 DBG(""); 2442 2443 for (i = 0; i <= max_dev; i++) 2444 stop_hci_dev(i); 2445 2446 g_free(devs); 2447 devs = NULL; 2448 max_dev = -1; 2449 2450 if (child_io_id) { 2451 g_source_remove(child_io_id); 2452 child_io_id = 0; 2453 } 2454 2455 if (ctl_io_id) { 2456 g_source_remove(ctl_io_id); 2457 ctl_io_id = 0; 2458 } 2459 2460 if (child_pipe[0] >= 0) { 2461 close(child_pipe[0]); 2462 child_pipe[0] = -1; 2463 } 2464 2465 if (child_pipe[1] >= 0) { 2466 close(child_pipe[1]); 2467 child_pipe[1] = -1; 2468 } 2469} 2470 2471static int hciops_power_on(int index, gboolean discoverable) 2472{ 2473 struct dev_info *dev = &devs[index]; 2474 int err; 2475 2476 DBG("hci%d", index); 2477 2478 if (ioctl(dev->sk, HCIDEVUP, index) == 0) 2479 return 0; 2480 2481 if (errno == EALREADY) 2482 return 0; 2483 2484 err = -errno; 2485 error("Can't init device hci%d: %s (%d)", 2486 index, strerror(-err), -err); 2487 2488 return err; 2489} 2490 2491static int hciops_set_connectable(int index, gboolean connectable) 2492{ 2493 struct dev_info *dev = &devs[index]; 2494 uint8_t mode; 2495 2496 if (connectable) 2497 mode = SCAN_PAGE; 2498 else 2499 mode = 0x00; 2500 2501 DBG("hci%d connectable %d", index, connectable); 2502 2503 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 2504 OCF_WRITE_SCAN_ENABLE, 1, &mode) < 0) 2505 return -errno; 2506 2507 return 0; 2508} 2509 2510static int hciops_set_dev_class(int index, uint8_t major, uint8_t minor) 2511{ 2512 struct dev_info *dev = &devs[index]; 2513 int err; 2514 2515 DBG("hci%d major %u minor %u", index, major, minor); 2516 2517 /* Update only the major and minor class bits keeping remaining bits 2518 * intact*/ 2519 dev->wanted_cod &= 0xffe000; 2520 dev->wanted_cod |= ((major & 0x1f) << 8) | minor; 2521 2522 if (dev->wanted_cod == dev->current_cod || 2523 dev->cache_enable || dev->pending_cod) 2524 return 0; 2525 2526 DBG("Changing Major/Minor class to 0x%06x", dev->wanted_cod); 2527 2528 err = write_class(index, dev->wanted_cod); 2529 if (err < 0) 2530 error("Adapter class update failed: %s (%d)", 2531 strerror(-err), -err); 2532 2533 return err; 2534} 2535 2536static int hciops_start_inquiry(int index, uint8_t length, gboolean periodic) 2537{ 2538 struct dev_info *dev = &devs[index]; 2539 uint8_t lap[3] = { 0x33, 0x8b, 0x9e }; 2540 int err; 2541 2542 DBG("hci%d length %u periodic %d", index, length, periodic); 2543 2544 if (periodic) { 2545 periodic_inquiry_cp cp; 2546 2547 memset(&cp, 0, sizeof(cp)); 2548 memcpy(&cp.lap, lap, 3); 2549 cp.max_period = htobs(24); 2550 cp.min_period = htobs(16); 2551 cp.length = length; 2552 cp.num_rsp = 0x00; 2553 2554 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2555 OCF_PERIODIC_INQUIRY, 2556 PERIODIC_INQUIRY_CP_SIZE, &cp); 2557 } else { 2558 inquiry_cp inq_cp; 2559 2560 memset(&inq_cp, 0, sizeof(inq_cp)); 2561 memcpy(&inq_cp.lap, lap, 3); 2562 inq_cp.length = length; 2563 inq_cp.num_rsp = 0x00; 2564 2565 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2566 OCF_INQUIRY, INQUIRY_CP_SIZE, &inq_cp); 2567 } 2568 2569 if (err < 0) 2570 err = -errno; 2571 2572 return err; 2573} 2574 2575static int le_set_scan_enable(int index, uint8_t enable) 2576{ 2577 struct dev_info *dev = &devs[index]; 2578 le_set_scan_enable_cp cp; 2579 2580 DBG("hci%d enable %u", index, enable); 2581 2582 memset(&cp, 0, sizeof(cp)); 2583 cp.enable = enable; 2584 cp.filter_dup = 0; 2585 2586 if (hci_send_cmd(dev->sk, OGF_LE_CTL, OCF_LE_SET_SCAN_ENABLE, 2587 LE_SET_SCAN_ENABLE_CP_SIZE, &cp) < 0) 2588 return -errno; 2589 2590 return 0; 2591} 2592 2593static int hciops_start_scanning(int index) 2594{ 2595 struct dev_info *dev = &devs[index]; 2596 le_set_scan_parameters_cp cp; 2597 2598 DBG("hci%d", index); 2599 2600 memset(&cp, 0, sizeof(cp)); 2601 cp.type = 0x01; /* Active scanning */ 2602 cp.interval = htobs(0x0010); 2603 cp.window = htobs(0x0010); 2604 cp.own_bdaddr_type = 0; /* Public address */ 2605 cp.filter = 0; /* Accept all adv packets */ 2606 2607 if (hci_send_cmd(dev->sk, OGF_LE_CTL, OCF_LE_SET_SCAN_PARAMETERS, 2608 LE_SET_SCAN_PARAMETERS_CP_SIZE, &cp) < 0) 2609 return -errno; 2610 2611 return le_set_scan_enable(index, 1); 2612} 2613 2614static int hciops_stop_scanning(int index) 2615{ 2616 DBG("hci%d", index); 2617 2618 return le_set_scan_enable(index, 0); 2619} 2620 2621static int hciops_resolve_name(int index, bdaddr_t *bdaddr) 2622{ 2623 struct dev_info *dev = &devs[index]; 2624 remote_name_req_cp cp; 2625 char addr[18]; 2626 2627 ba2str(bdaddr, addr); 2628 DBG("hci%d dba %s", index, addr); 2629 2630 memset(&cp, 0, sizeof(cp)); 2631 bacpy(&cp.bdaddr, bdaddr); 2632 cp.pscan_rep_mode = 0x02; 2633 2634 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_REMOTE_NAME_REQ, 2635 REMOTE_NAME_REQ_CP_SIZE, &cp) < 0) 2636 return -errno; 2637 2638 return 0; 2639} 2640 2641static int hciops_set_name(int index, const char *name) 2642{ 2643 struct dev_info *dev = &devs[index]; 2644 change_local_name_cp cp; 2645 2646 DBG("hci%d, name %s", index, name); 2647 2648 memset(&cp, 0, sizeof(cp)); 2649 strncpy((char *) cp.name, name, sizeof(cp.name)); 2650 2651 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_CHANGE_LOCAL_NAME, 2652 CHANGE_LOCAL_NAME_CP_SIZE, &cp) < 0) 2653 return -errno; 2654 2655 memcpy(dev->name, cp.name, 248); 2656 update_ext_inquiry_response(index); 2657 2658 return 0; 2659} 2660 2661static int hciops_cancel_resolve_name(int index, bdaddr_t *bdaddr) 2662{ 2663 struct dev_info *dev = &devs[index]; 2664 remote_name_req_cancel_cp cp; 2665 char addr[18]; 2666 2667 ba2str(bdaddr, addr); 2668 DBG("hci%d dba %s", index, addr); 2669 2670 memset(&cp, 0, sizeof(cp)); 2671 bacpy(&cp.bdaddr, bdaddr); 2672 2673 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_REMOTE_NAME_REQ_CANCEL, 2674 REMOTE_NAME_REQ_CANCEL_CP_SIZE, &cp) < 0) 2675 return -errno; 2676 2677 return 0; 2678} 2679 2680static int hciops_fast_connectable(int index, gboolean enable) 2681{ 2682 struct dev_info *dev = &devs[index]; 2683 write_page_activity_cp cp; 2684 uint8_t type; 2685 2686 DBG("hci%d enable %d", index, enable); 2687 2688 if (enable) { 2689 type = PAGE_SCAN_TYPE_INTERLACED; 2690 cp.interval = 0x0024; /* 22.5 msec page scan interval */ 2691 } else { 2692 type = PAGE_SCAN_TYPE_STANDARD; /* default */ 2693 cp.interval = 0x0800; /* default 1.28 sec page scan */ 2694 } 2695 2696 cp.window = 0x0012; /* default 11.25 msec page scan window */ 2697 2698 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_PAGE_ACTIVITY, 2699 WRITE_PAGE_ACTIVITY_CP_SIZE, &cp) < 0) 2700 return -errno; 2701 else if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 2702 OCF_WRITE_PAGE_SCAN_TYPE, 1, &type) < 0) 2703 return -errno; 2704 2705 return 0; 2706} 2707 2708static int hciops_read_clock(int index, bdaddr_t *bdaddr, int which, 2709 int timeout, uint32_t *clock, 2710 uint16_t *accuracy) 2711{ 2712 struct dev_info *dev = &devs[index]; 2713 uint16_t handle = 0; 2714 char addr[18]; 2715 int ret; 2716 2717 ba2str(bdaddr, addr); 2718 DBG("hci%d addr %s which %d timeout %d", index, addr, which, timeout); 2719 2720 ret = get_handle(index, bdaddr, &handle); 2721 if (ret < 0) 2722 return ret; 2723 2724 if (hci_read_clock(dev->sk, htobs(handle), which, clock, accuracy, 2725 timeout) < 0) 2726 return -errno; 2727 2728 return 0; 2729} 2730 2731static int hciops_read_bdaddr(int index, bdaddr_t *bdaddr) 2732{ 2733 struct dev_info *dev = &devs[index]; 2734 2735 DBG("hci%d", index); 2736 2737 bacpy(bdaddr, &dev->bdaddr); 2738 2739 return 0; 2740} 2741 2742static int hciops_block_device(int index, bdaddr_t *bdaddr) 2743{ 2744 struct dev_info *dev = &devs[index]; 2745 char addr[18]; 2746 2747 ba2str(bdaddr, addr); 2748 DBG("hci%d dba %s", index, addr); 2749 2750 if (ioctl(dev->sk, HCIBLOCKADDR, bdaddr) < 0) 2751 return -errno; 2752 2753 return 0; 2754} 2755 2756static int hciops_unblock_device(int index, bdaddr_t *bdaddr) 2757{ 2758 struct dev_info *dev = &devs[index]; 2759 char addr[18]; 2760 2761 ba2str(bdaddr, addr); 2762 DBG("hci%d dba %s", index, addr); 2763 2764 if (ioctl(dev->sk, HCIUNBLOCKADDR, bdaddr) < 0) 2765 return -errno; 2766 2767 return 0; 2768} 2769 2770static int hciops_get_conn_list(int index, GSList **conns) 2771{ 2772 struct dev_info *dev = &devs[index]; 2773 struct hci_conn_list_req *cl; 2774 struct hci_conn_info *ci; 2775 int err, i; 2776 2777 DBG("hci%d", index); 2778 2779 cl = g_malloc0(10 * sizeof(*ci) + sizeof(*cl)); 2780 2781 cl->dev_id = index; 2782 cl->conn_num = 10; 2783 ci = cl->conn_info; 2784 2785 if (ioctl(dev->sk, HCIGETCONNLIST, cl) < 0) { 2786 err = -errno; 2787 goto fail; 2788 } 2789 2790 err = 0; 2791 *conns = NULL; 2792 2793 for (i = 0; i < cl->conn_num; i++, ci++) 2794 *conns = g_slist_append(*conns, g_memdup(ci, sizeof(*ci))); 2795 2796fail: 2797 g_free(cl); 2798 return err; 2799} 2800 2801static int hciops_read_local_version(int index, struct hci_version *ver) 2802{ 2803 struct dev_info *dev = &devs[index]; 2804 2805 DBG("hci%d", index); 2806 2807 memcpy(ver, &dev->ver, sizeof(*ver)); 2808 2809 return 0; 2810} 2811 2812static int hciops_read_local_features(int index, uint8_t *features) 2813{ 2814 struct dev_info *dev = &devs[index]; 2815 2816 DBG("hci%d", index); 2817 2818 memcpy(features, dev->features, 8); 2819 2820 return 0; 2821} 2822 2823static int hciops_disconnect(int index, uint16_t handle) 2824{ 2825 struct dev_info *dev = &devs[index]; 2826 disconnect_cp cp; 2827 2828 DBG("hci%d handle %u", index, handle); 2829 2830 memset(&cp, 0, sizeof(cp)); 2831 cp.handle = htobs(handle); 2832 cp.reason = HCI_OE_USER_ENDED_CONNECTION; 2833 2834 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_DISCONNECT, 2835 DISCONNECT_CP_SIZE, &cp) < 0) 2836 return -errno; 2837 2838 return 0; 2839} 2840 2841static int hciops_remove_bonding(int index, bdaddr_t *bdaddr) 2842{ 2843 struct dev_info *dev = &devs[index]; 2844 delete_stored_link_key_cp cp; 2845 GSList *match; 2846 char addr[18]; 2847 2848 ba2str(bdaddr, addr); 2849 DBG("hci%d dba %s", index, addr); 2850 2851 match = g_slist_find_custom(dev->keys, bdaddr, (GCompareFunc) bacmp); 2852 if (match) { 2853 g_free(match->data); 2854 dev->keys = g_slist_delete_link(dev->keys, match); 2855 } 2856 2857 memset(&cp, 0, sizeof(cp)); 2858 bacpy(&cp.bdaddr, bdaddr); 2859 2860 /* Delete the link key from the Bluetooth chip */ 2861 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_DELETE_STORED_LINK_KEY, 2862 DELETE_STORED_LINK_KEY_CP_SIZE, &cp) < 0) 2863 return -errno; 2864 2865 return 0; 2866} 2867 2868static int hciops_request_authentication(int index, uint16_t handle) 2869{ 2870 struct dev_info *dev = &devs[index]; 2871 auth_requested_cp cp; 2872 2873 DBG("hci%d handle %u", index, handle); 2874 2875 memset(&cp, 0, sizeof(cp)); 2876 cp.handle = htobs(handle); 2877 2878 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_AUTH_REQUESTED, 2879 AUTH_REQUESTED_CP_SIZE, &cp) < 0) 2880 return -errno; 2881 2882 return 0; 2883} 2884 2885static int hciops_pincode_reply(int index, bdaddr_t *bdaddr, const char *pin) 2886{ 2887 struct dev_info *dev = &devs[index]; 2888 char addr[18]; 2889 int err; 2890 2891 ba2str(bdaddr, addr); 2892 DBG("hci%d dba %s", index, addr); 2893 2894 if (pin) { 2895 pin_code_reply_cp pr; 2896 size_t len = strlen(pin); 2897 2898 dev->pin_length = len; 2899 2900 memset(&pr, 0, sizeof(pr)); 2901 bacpy(&pr.bdaddr, bdaddr); 2902 memcpy(pr.pin_code, pin, len); 2903 pr.pin_len = len; 2904 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2905 OCF_PIN_CODE_REPLY, 2906 PIN_CODE_REPLY_CP_SIZE, &pr); 2907 } else 2908 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2909 OCF_PIN_CODE_NEG_REPLY, 6, bdaddr); 2910 2911 if (err < 0) 2912 err = -errno; 2913 2914 return err; 2915} 2916 2917static int hciops_confirm_reply(int index, bdaddr_t *bdaddr, gboolean success) 2918{ 2919 struct dev_info *dev = &devs[index]; 2920 user_confirm_reply_cp cp; 2921 char addr[18]; 2922 int err; 2923 2924 ba2str(bdaddr, addr); 2925 DBG("hci%d dba %s success %d", index, addr, success); 2926 2927 memset(&cp, 0, sizeof(cp)); 2928 bacpy(&cp.bdaddr, bdaddr); 2929 2930 if (success) 2931 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2932 OCF_USER_CONFIRM_REPLY, 2933 USER_CONFIRM_REPLY_CP_SIZE, &cp); 2934 else 2935 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2936 OCF_USER_CONFIRM_NEG_REPLY, 2937 USER_CONFIRM_REPLY_CP_SIZE, &cp); 2938 2939 if (err < 0) 2940 err = -errno; 2941 2942 return err; 2943} 2944 2945static int hciops_passkey_reply(int index, bdaddr_t *bdaddr, uint32_t passkey) 2946{ 2947 struct dev_info *dev = &devs[index]; 2948 char addr[18]; 2949 int err; 2950 2951 ba2str(bdaddr, addr); 2952 DBG("hci%d dba %s", index, addr); 2953 2954 if (passkey != INVALID_PASSKEY) { 2955 user_passkey_reply_cp cp; 2956 2957 memset(&cp, 0, sizeof(cp)); 2958 bacpy(&cp.bdaddr, bdaddr); 2959 cp.passkey = passkey; 2960 2961 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2962 OCF_USER_PASSKEY_REPLY, 2963 USER_PASSKEY_REPLY_CP_SIZE, &cp); 2964 } else 2965 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2966 OCF_USER_PASSKEY_NEG_REPLY, 6, bdaddr); 2967 2968 if (err < 0) 2969 err = -errno; 2970 2971 return err; 2972} 2973 2974static int hciops_get_auth_info(int index, bdaddr_t *bdaddr, uint8_t *auth) 2975{ 2976 struct dev_info *dev = &devs[index]; 2977 struct hci_auth_info_req req; 2978 char addr[18]; 2979 2980 ba2str(bdaddr, addr); 2981 DBG("hci%d dba %s", index, addr); 2982 2983 memset(&req, 0, sizeof(req)); 2984 bacpy(&req.bdaddr, bdaddr); 2985 2986 if (ioctl(dev->sk, HCIGETAUTHINFO, (unsigned long) &req) < 0) 2987 return -errno; 2988 2989 if (auth) 2990 *auth = req.type; 2991 2992 return 0; 2993} 2994 2995static int hciops_read_scan_enable(int index) 2996{ 2997 struct dev_info *dev = &devs[index]; 2998 2999 DBG("hci%d", index); 3000 3001 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_READ_SCAN_ENABLE, 3002 0, NULL) < 0) 3003 return -errno; 3004 3005 return 0; 3006} 3007 3008static int hciops_enable_le(int index) 3009{ 3010 struct dev_info *dev = &devs[index]; 3011 write_le_host_supported_cp cp; 3012 3013 DBG("hci%d", index); 3014 3015 if (!(dev->features[4] & LMP_LE)) 3016 return -ENOTSUP; 3017 3018 cp.le = 0x01; 3019 cp.simul = (dev->features[6] & LMP_LE_BREDR) ? 0x01 : 0x00; 3020 3021 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 3022 OCF_WRITE_LE_HOST_SUPPORTED, 3023 WRITE_LE_HOST_SUPPORTED_CP_SIZE, &cp) < 0) 3024 return -errno; 3025 3026 return 0; 3027} 3028 3029static int set_service_classes(int index, uint8_t value) 3030{ 3031 struct dev_info *dev = &devs[index]; 3032 int err; 3033 3034 DBG("hci%d value %u", index, value); 3035 3036 /* Update only the service class, keep the limited bit, 3037 * major/minor class bits intact */ 3038 dev->wanted_cod &= 0x00ffff; 3039 dev->wanted_cod |= (value << 16); 3040 3041 /* If the cache is enabled or an existing CoD write is in progress 3042 * just bail out */ 3043 if (dev->cache_enable || dev->pending_cod) 3044 return 0; 3045 3046 /* If we already have the CoD we want, update EIR and return */ 3047 if (dev->current_cod == dev->wanted_cod) { 3048 update_ext_inquiry_response(index); 3049 return 0; 3050 } 3051 3052 DBG("Changing service classes to 0x%06x", dev->wanted_cod); 3053 3054 err = write_class(index, dev->wanted_cod); 3055 if (err < 0) 3056 error("Adapter class update failed: %s (%d)", 3057 strerror(-err), -err); 3058 3059 return err; 3060} 3061 3062static int hciops_services_updated(int index) 3063{ 3064 struct btd_adapter *adapter; 3065 sdp_list_t *list; 3066 uint8_t val = 0; 3067 3068 DBG("hci%d", index); 3069 3070 adapter = manager_find_adapter_by_id(index); 3071 if (adapter == NULL) 3072 return -ENODEV; 3073 3074 for (list = adapter_get_services(adapter); list; list = list->next) { 3075 sdp_record_t *rec = list->data; 3076 3077 if (rec->svclass.type != SDP_UUID16) 3078 continue; 3079 3080 switch (rec->svclass.value.uuid16) { 3081 case DIALUP_NET_SVCLASS_ID: 3082 case CIP_SVCLASS_ID: 3083 val |= 0x42; /* Telephony & Networking */ 3084 break; 3085 case IRMC_SYNC_SVCLASS_ID: 3086 case OBEX_OBJPUSH_SVCLASS_ID: 3087 case OBEX_FILETRANS_SVCLASS_ID: 3088 case IRMC_SYNC_CMD_SVCLASS_ID: 3089 case PBAP_PSE_SVCLASS_ID: 3090 val |= 0x10; /* Object Transfer */ 3091 break; 3092 case HEADSET_SVCLASS_ID: 3093 case HANDSFREE_SVCLASS_ID: 3094 val |= 0x20; /* Audio */ 3095 break; 3096 case CORDLESS_TELEPHONY_SVCLASS_ID: 3097 case INTERCOM_SVCLASS_ID: 3098 case FAX_SVCLASS_ID: 3099 case SAP_SVCLASS_ID: 3100 /* 3101 * Setting the telephony bit for the handsfree audio gateway 3102 * role is not required by the HFP specification, but the 3103 * Nokia 616 carkit is just plain broken! It will refuse 3104 * pairing without this bit set. 3105 */ 3106 case HANDSFREE_AGW_SVCLASS_ID: 3107 val |= 0x40; /* Telephony */ 3108 break; 3109 case AUDIO_SOURCE_SVCLASS_ID: 3110 case VIDEO_SOURCE_SVCLASS_ID: 3111 val |= 0x08; /* Capturing */ 3112 break; 3113 case AUDIO_SINK_SVCLASS_ID: 3114 case VIDEO_SINK_SVCLASS_ID: 3115 val |= 0x04; /* Rendering */ 3116 break; 3117 case PANU_SVCLASS_ID: 3118 case NAP_SVCLASS_ID: 3119 case GN_SVCLASS_ID: 3120 val |= 0x02; /* Networking */ 3121 break; 3122 } 3123 } 3124 3125 return set_service_classes(index, val); 3126} 3127 3128static int hciops_disable_cod_cache(int index) 3129{ 3130 struct dev_info *dev = &devs[index]; 3131 3132 DBG("hci%d cache_enable %d", index, dev->cache_enable); 3133 3134 if (!dev->cache_enable) 3135 return 0; 3136 3137 DBG("hci%d current_cod 0x%06x wanted_cod 0x%06x", index, 3138 dev->current_cod, dev->wanted_cod); 3139 3140 /* Disable and flush svc cache. All successive service class 3141 * updates * will be written to the device */ 3142 dev->cache_enable = FALSE; 3143 3144 if (dev->current_cod == dev->wanted_cod) { 3145 update_ext_inquiry_response(index); 3146 return 0; 3147 } 3148 3149 return write_class(index, dev->wanted_cod); 3150} 3151 3152static int hciops_restore_powered(int index) 3153{ 3154 struct dev_info *dev = &devs[index]; 3155 3156 if (!dev->already_up && dev->up) 3157 return hciops_power_off(index); 3158 3159 return 0; 3160} 3161 3162static int hciops_load_keys(int index, GSList *keys) 3163{ 3164 struct dev_info *dev = &devs[index]; 3165 3166 DBG("hci%d keys %d", index, g_slist_length(keys)); 3167 3168 if (dev->keys != NULL) 3169 return -EEXIST; 3170 3171 dev->keys = keys; 3172 3173 return 0; 3174} 3175 3176static struct btd_adapter_ops hci_ops = { 3177 .setup = hciops_setup, 3178 .cleanup = hciops_cleanup, 3179 .power_on = hciops_power_on, 3180 .power_off = hciops_power_off, 3181 .set_connectable = hciops_set_connectable, 3182 .set_discoverable = hciops_set_discoverable, 3183 .set_pairable = hciops_set_pairable, 3184 .set_limited_discoverable = hciops_set_limited_discoverable, 3185 .start_inquiry = hciops_start_inquiry, 3186 .stop_inquiry = hciops_stop_inquiry, 3187 .start_scanning = hciops_start_scanning, 3188 .stop_scanning = hciops_stop_scanning, 3189 .resolve_name = hciops_resolve_name, 3190 .cancel_resolve_name = hciops_cancel_resolve_name, 3191 .set_name = hciops_set_name, 3192 .set_dev_class = hciops_set_dev_class, 3193 .set_fast_connectable = hciops_fast_connectable, 3194 .read_clock = hciops_read_clock, 3195 .read_bdaddr = hciops_read_bdaddr, 3196 .block_device = hciops_block_device, 3197 .unblock_device = hciops_unblock_device, 3198 .get_conn_list = hciops_get_conn_list, 3199 .read_local_version = hciops_read_local_version, 3200 .read_local_features = hciops_read_local_features, 3201 .disconnect = hciops_disconnect, 3202 .remove_bonding = hciops_remove_bonding, 3203 .request_authentication = hciops_request_authentication, 3204 .pincode_reply = hciops_pincode_reply, 3205 .confirm_reply = hciops_confirm_reply, 3206 .passkey_reply = hciops_passkey_reply, 3207 .get_auth_info = hciops_get_auth_info, 3208 .read_scan_enable = hciops_read_scan_enable, 3209 .enable_le = hciops_enable_le, 3210 .encrypt_link = hciops_encrypt_link, 3211 .set_did = hciops_set_did, 3212 .services_updated = hciops_services_updated, 3213 .disable_cod_cache = hciops_disable_cod_cache, 3214 .restore_powered = hciops_restore_powered, 3215 .load_keys = hciops_load_keys, 3216}; 3217 3218static int hciops_init(void) 3219{ 3220 DBG(""); 3221 return btd_register_adapter_ops(&hci_ops, FALSE); 3222} 3223 3224static void hciops_exit(void) 3225{ 3226 DBG(""); 3227 btd_adapter_cleanup_ops(&hci_ops); 3228} 3229 3230BLUETOOTH_PLUGIN_DEFINE(hciops, VERSION, 3231 BLUETOOTH_PLUGIN_PRIORITY_LOW, hciops_init, hciops_exit) 3232