hciops.c revision fdb266b6797638b89b9ba9fe0d89670bf71d47c5
1/* 2 * 3 * BlueZ - Bluetooth protocol stack for Linux 4 * 5 * Copyright (C) 2004-2010 Marcel Holtmann <marcel@holtmann.org> 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 20 * 21 */ 22 23#ifdef HAVE_CONFIG_H 24#include <config.h> 25#endif 26 27#include <stdio.h> 28#include <errno.h> 29#include <unistd.h> 30#include <stdlib.h> 31#include <sys/types.h> 32#include <sys/ioctl.h> 33#include <sys/wait.h> 34 35#include <bluetooth/bluetooth.h> 36#include <bluetooth/hci.h> 37#include <bluetooth/hci_lib.h> 38 39#include <glib.h> 40 41#include "hcid.h" 42#include "sdpd.h" 43#include "adapter.h" 44#include "plugin.h" 45#include "log.h" 46#include "storage.h" 47#include "event.h" 48#include "device.h" 49#include "manager.h" 50 51static int child_pipe[2] = { -1, -1 }; 52 53static guint child_io_id = 0; 54static guint ctl_io_id = 0; 55 56/* Commands sent by kernel on starting an adapter */ 57enum { 58 PENDING_BDADDR, 59 PENDING_VERSION, 60 PENDING_FEATURES, 61 PENDING_NAME, 62}; 63 64static int max_dev = -1; 65static struct dev_info { 66 int sk; 67 bdaddr_t bdaddr; 68 char name[249]; 69 uint8_t eir[240]; 70 uint8_t features[8]; 71 uint8_t ssp_mode; 72 73 int8_t tx_power; 74 75 uint32_t current_cod; 76 uint32_t wanted_cod; 77 uint32_t pending_cod; 78 gboolean cache_enable; 79 gboolean already_up; 80 gboolean registered; 81 82 struct hci_version ver; 83 84 uint16_t did_vendor; 85 uint16_t did_product; 86 uint16_t did_version; 87 88 gboolean up; 89 unsigned long pending; 90 91 GIOChannel *io; 92 guint watch_id; 93 int pin_length; 94} *devs = NULL; 95 96static int ignore_device(struct hci_dev_info *di) 97{ 98 return hci_test_bit(HCI_RAW, &di->flags) || di->type >> 4 != HCI_BREDR; 99} 100 101static void init_dev_info(int index, int sk, gboolean registered) 102{ 103 struct dev_info *dev = &devs[index]; 104 105 memset(dev, 0, sizeof(*dev)); 106 107 dev->sk = sk; 108 dev->pin_length = -1; 109 dev->cache_enable = TRUE; 110 dev->registered = registered; 111} 112 113/* Async HCI command handling with callback support */ 114 115struct hci_cmd_data { 116 bt_hci_result_t cb; 117 uint16_t handle; 118 uint16_t ocf; 119 gpointer caller_data; 120}; 121 122static gboolean hci_event_watch(GIOChannel *io, 123 GIOCondition cond, gpointer user_data) 124{ 125 unsigned char buf[HCI_MAX_EVENT_SIZE], *body; 126 struct hci_cmd_data *cmd = user_data; 127 evt_cmd_status *evt_status; 128 evt_auth_complete *evt_auth; 129 evt_encrypt_change *evt_enc; 130 hci_event_hdr *hdr; 131 set_conn_encrypt_cp cp; 132 int dd; 133 uint16_t ocf; 134 uint8_t status = HCI_OE_POWER_OFF; 135 136 if (cond & G_IO_NVAL) { 137 cmd->cb(status, cmd->caller_data); 138 return FALSE; 139 } 140 141 if (cond & (G_IO_ERR | G_IO_HUP)) 142 goto failed; 143 144 dd = g_io_channel_unix_get_fd(io); 145 146 if (read(dd, buf, sizeof(buf)) < 0) 147 goto failed; 148 149 hdr = (hci_event_hdr *) (buf + 1); 150 body = buf + (1 + HCI_EVENT_HDR_SIZE); 151 152 switch (hdr->evt) { 153 case EVT_CMD_STATUS: 154 evt_status = (evt_cmd_status *) body; 155 ocf = cmd_opcode_ocf(evt_status->opcode); 156 if (ocf != cmd->ocf) 157 return TRUE; 158 switch (ocf) { 159 case OCF_AUTH_REQUESTED: 160 case OCF_SET_CONN_ENCRYPT: 161 if (evt_status->status != 0) { 162 /* Baseband rejected command */ 163 status = evt_status->status; 164 goto failed; 165 } 166 break; 167 default: 168 return TRUE; 169 } 170 /* Wait for the next event */ 171 return TRUE; 172 case EVT_AUTH_COMPLETE: 173 evt_auth = (evt_auth_complete *) body; 174 if (evt_auth->handle != cmd->handle) { 175 /* Skipping */ 176 return TRUE; 177 } 178 179 if (evt_auth->status != 0x00) { 180 status = evt_auth->status; 181 /* Abort encryption */ 182 goto failed; 183 } 184 185 memset(&cp, 0, sizeof(cp)); 186 cp.handle = cmd->handle; 187 cp.encrypt = 1; 188 189 cmd->ocf = OCF_SET_CONN_ENCRYPT; 190 191 if (hci_send_cmd(dd, OGF_LINK_CTL, OCF_SET_CONN_ENCRYPT, 192 SET_CONN_ENCRYPT_CP_SIZE, &cp) < 0) { 193 status = HCI_COMMAND_DISALLOWED; 194 goto failed; 195 } 196 /* Wait for encrypt change event */ 197 return TRUE; 198 case EVT_ENCRYPT_CHANGE: 199 evt_enc = (evt_encrypt_change *) body; 200 if (evt_enc->handle != cmd->handle) 201 return TRUE; 202 203 /* Procedure finished: reporting status */ 204 status = evt_enc->status; 205 break; 206 default: 207 /* Skipping */ 208 return TRUE; 209 } 210 211failed: 212 cmd->cb(status, cmd->caller_data); 213 g_io_channel_shutdown(io, TRUE, NULL); 214 215 return FALSE; 216} 217 218static int write_inq_mode(int index, uint8_t mode) 219{ 220 struct dev_info *dev = &devs[index]; 221 write_inquiry_mode_cp cp; 222 223 memset(&cp, 0, sizeof(cp)); 224 cp.mode = mode; 225 226 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_INQUIRY_MODE, 227 WRITE_INQUIRY_MODE_CP_SIZE, &cp) < 0) 228 return -errno; 229 230 return 0; 231} 232 233static uint8_t get_inquiry_mode(int index) 234{ 235 struct dev_info *dev = &devs[index]; 236 237 if (dev->features[6] & LMP_EXT_INQ) 238 return 2; 239 240 if (dev->features[3] & LMP_RSSI_INQ) 241 return 1; 242 243 if (dev->ver.manufacturer == 11 && dev->ver.hci_rev == 0x00 && 244 dev->ver.lmp_subver == 0x0757) 245 return 1; 246 247 if (dev->ver.manufacturer == 15) { 248 if (dev->ver.hci_rev == 0x03 && 249 dev->ver.lmp_subver == 0x6963) 250 return 1; 251 if (dev->ver.hci_rev == 0x09 && 252 dev->ver.lmp_subver == 0x6963) 253 return 1; 254 if (dev->ver.hci_rev == 0x00 && 255 dev->ver.lmp_subver == 0x6965) 256 return 1; 257 } 258 259 if (dev->ver.manufacturer == 31 && dev->ver.hci_rev == 0x2005 && 260 dev->ver.lmp_subver == 0x1805) 261 return 1; 262 263 return 0; 264} 265 266static int init_ssp_mode(int index) 267{ 268 struct dev_info *dev = &devs[index]; 269 write_simple_pairing_mode_cp cp; 270 271 if (ioctl(dev->sk, HCIGETAUTHINFO, NULL) < 0 && errno == EINVAL) 272 return 0; 273 274 memset(&cp, 0, sizeof(cp)); 275 cp.mode = 0x01; 276 277 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 278 OCF_WRITE_SIMPLE_PAIRING_MODE, 279 WRITE_SIMPLE_PAIRING_MODE_CP_SIZE, &cp) < 0) 280 return -errno; 281 282 return 0; 283} 284 285static int hciops_set_discoverable(int index, gboolean discoverable) 286{ 287 struct dev_info *dev = &devs[index]; 288 uint8_t mode; 289 290 if (discoverable) 291 mode = (SCAN_PAGE | SCAN_INQUIRY); 292 else 293 mode = SCAN_PAGE; 294 295 DBG("hci%d discoverable %d", index, discoverable); 296 297 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE, 298 1, &mode) < 0) 299 return -errno; 300 301 return 0; 302} 303 304static int hciops_stop(int index) 305{ 306 struct dev_info *dev = &devs[index]; 307 int err = 0; 308 309 DBG("hci%d", index); 310 311 if (ioctl(dev->sk, HCIDEVDOWN, index) == 0) 312 goto done; /* on success */ 313 314 if (errno != EALREADY) { 315 err = -errno; 316 error("Can't stop device hci%d: %s (%d)", 317 index, strerror(-err), -err); 318 } 319 320done: 321 return err; 322} 323 324static int hciops_set_pairable(int index, gboolean pairable) 325{ 326 DBG("hci%d pairable %d", index, pairable); 327 return -ENOSYS; 328} 329 330static void start_adapter(int index) 331{ 332 struct dev_info *dev = &devs[index]; 333 uint8_t events[8] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f, 0x00, 0x00 }; 334 uint8_t inqmode; 335 uint16_t link_policy; 336 337 if (dev->ver.lmp_ver > 1) { 338 if (dev->features[5] & LMP_SNIFF_SUBR) 339 events[5] |= 0x20; 340 341 if (dev->features[5] & LMP_PAUSE_ENC) 342 events[5] |= 0x80; 343 344 if (dev->features[6] & LMP_EXT_INQ) 345 events[5] |= 0x40; 346 347 if (dev->features[6] & LMP_NFLUSH_PKTS) 348 events[7] |= 0x01; 349 350 if (dev->features[7] & LMP_LSTO) 351 events[6] |= 0x80; 352 353 if (dev->features[6] & LMP_SIMPLE_PAIR) { 354 events[6] |= 0x01; /* IO Capability Request */ 355 events[6] |= 0x02; /* IO Capability Response */ 356 events[6] |= 0x04; /* User Confirmation Request */ 357 events[6] |= 0x08; /* User Passkey Request */ 358 events[6] |= 0x10; /* Remote OOB Data Request */ 359 events[6] |= 0x20; /* Simple Pairing Complete */ 360 events[7] |= 0x04; /* User Passkey Notification */ 361 events[7] |= 0x08; /* Keypress Notification */ 362 events[7] |= 0x10; /* Remote Host Supported 363 * Features Notification */ 364 } 365 366 if (dev->features[4] & LMP_LE) 367 events[7] |= 0x20; /* LE Meta-Event */ 368 369 hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_SET_EVENT_MASK, 370 sizeof(events), events); 371 } 372 373 if (dev->features[6] & LMP_SIMPLE_PAIR) 374 init_ssp_mode(index); 375 376 inqmode = get_inquiry_mode(index); 377 if (inqmode) 378 write_inq_mode(index, inqmode); 379 380 if (dev->features[7] & LMP_INQ_TX_PWR) 381 hci_send_cmd(dev->sk, OGF_HOST_CTL, 382 OCF_READ_INQ_RESPONSE_TX_POWER_LEVEL, 0, NULL); 383 384 /* Set default link policy */ 385 link_policy = main_opts.link_policy; 386 387 if (!(dev->features[0] & LMP_RSWITCH)) 388 link_policy &= ~HCI_LP_RSWITCH; 389 if (!(dev->features[0] & LMP_HOLD)) 390 link_policy &= ~HCI_LP_HOLD; 391 if (!(dev->features[0] & LMP_SNIFF)) 392 link_policy &= ~HCI_LP_SNIFF; 393 if (!(dev->features[1] & LMP_PARK)) 394 link_policy &= ~HCI_LP_PARK; 395 396 link_policy = htobs(link_policy); 397 hci_send_cmd(dev->sk, OGF_LINK_POLICY, OCF_WRITE_DEFAULT_LINK_POLICY, 398 sizeof(link_policy), &link_policy); 399 400 dev->current_cod = 0; 401 memset(dev->eir, 0, sizeof(dev->eir)); 402} 403 404static gboolean init_adapter(int index) 405{ 406 struct dev_info *dev = &devs[index]; 407 struct btd_adapter *adapter = NULL; 408 gboolean existing_adapter = dev->registered; 409 uint8_t mode, on_mode; 410 gboolean pairable, discoverable; 411 412 if (!dev->registered) { 413 adapter = btd_manager_register_adapter(index); 414 if (adapter) 415 dev->registered = TRUE; 416 } else { 417 adapter = manager_find_adapter(&dev->bdaddr); 418 /* FIXME: manager_find_adapter should return a new ref */ 419 btd_adapter_ref(adapter); 420 } 421 422 if (adapter == NULL) 423 return FALSE; 424 425 btd_adapter_get_state(adapter, &mode, &on_mode, &pairable); 426 427 if (existing_adapter) 428 mode = on_mode; 429 430 if (mode == MODE_OFF) { 431 hciops_stop(index); 432 goto done; 433 } 434 435 start_adapter(index); 436 btd_adapter_start(adapter); 437 438 discoverable = (mode == MODE_DISCOVERABLE); 439 440 hciops_set_discoverable(index, discoverable); 441 hciops_set_pairable(index, pairable); 442 443done: 444 btd_adapter_unref(adapter); 445 return TRUE; 446} 447 448static int hciops_encrypt_link(int index, bdaddr_t *dst, bt_hci_result_t cb, 449 gpointer user_data) 450{ 451 GIOChannel *io; 452 struct hci_cmd_data *cmd; 453 struct hci_conn_info_req *cr; 454 auth_requested_cp cp; 455 struct hci_filter nf; 456 int dd, err; 457 uint32_t link_mode; 458 uint16_t handle; 459 460 dd = hci_open_dev(index); 461 if (dd < 0) 462 return -errno; 463 464 cr = g_malloc0(sizeof(*cr) + sizeof(struct hci_conn_info)); 465 cr->type = ACL_LINK; 466 bacpy(&cr->bdaddr, dst); 467 468 err = ioctl(dd, HCIGETCONNINFO, cr); 469 link_mode = cr->conn_info->link_mode; 470 handle = cr->conn_info->handle; 471 g_free(cr); 472 473 if (err < 0) { 474 err = -errno; 475 goto fail; 476 } 477 478 if (link_mode & HCI_LM_ENCRYPT) { 479 err = -EALREADY; 480 goto fail; 481 } 482 483 memset(&cp, 0, sizeof(cp)); 484 cp.handle = htobs(handle); 485 486 if (hci_send_cmd(dd, OGF_LINK_CTL, OCF_AUTH_REQUESTED, 487 AUTH_REQUESTED_CP_SIZE, &cp) < 0) { 488 err = -errno; 489 goto fail; 490 } 491 492 cmd = g_new0(struct hci_cmd_data, 1); 493 cmd->handle = handle; 494 cmd->ocf = OCF_AUTH_REQUESTED; 495 cmd->cb = cb; 496 cmd->caller_data = user_data; 497 498 hci_filter_clear(&nf); 499 hci_filter_set_ptype(HCI_EVENT_PKT, &nf); 500 hci_filter_set_event(EVT_CMD_STATUS, &nf); 501 hci_filter_set_event(EVT_AUTH_COMPLETE, &nf); 502 hci_filter_set_event(EVT_ENCRYPT_CHANGE, &nf); 503 504 if (setsockopt(dd, SOL_HCI, HCI_FILTER, &nf, sizeof(nf)) < 0) { 505 err = -errno; 506 g_free(cmd); 507 goto fail; 508 } 509 510 io = g_io_channel_unix_new(dd); 511 g_io_channel_set_close_on_unref(io, FALSE); 512 g_io_add_watch_full(io, G_PRIORITY_DEFAULT, 513 G_IO_HUP | G_IO_ERR | G_IO_NVAL | G_IO_IN, 514 hci_event_watch, cmd, g_free); 515 g_io_channel_unref(io); 516 517 return 0; 518 519fail: 520 close(dd); 521 return err; 522} 523 524static int hciops_set_did(int index, uint16_t vendor, uint16_t product, 525 uint16_t version) 526{ 527 struct dev_info *dev = &devs[index]; 528 529 dev->did_vendor = vendor; 530 dev->did_product = product; 531 dev->did_version = version; 532 533 return 0; 534} 535 536/* End async HCI command handling */ 537 538/* Start of HCI event callbacks */ 539 540static int get_handle(int index, bdaddr_t *dba, uint16_t *handle) 541{ 542 struct dev_info *dev = &devs[index]; 543 struct hci_conn_list_req *cl; 544 struct hci_conn_info *ci; 545 int i; 546 547 cl = g_malloc0(10 * sizeof(*ci) + sizeof(*cl)); 548 549 cl->dev_id = index; 550 cl->conn_num = 10; 551 ci = cl->conn_info; 552 553 if (ioctl(dev->sk, HCIGETCONNLIST, (void *) cl) < 0) { 554 g_free(cl); 555 return -EIO; 556 } 557 558 for (i = 0; i < cl->conn_num; i++, ci++) { 559 if (bacmp(&ci->bdaddr, dba) == 0) { 560 *handle = ci->handle; 561 g_free(cl); 562 return 0; 563 } 564 } 565 566 g_free(cl); 567 568 return -ENOENT; 569} 570 571static inline int get_bdaddr(int index, uint16_t handle, bdaddr_t *dba) 572{ 573 struct dev_info *dev = &devs[index]; 574 struct hci_conn_list_req *cl; 575 struct hci_conn_info *ci; 576 int i; 577 578 cl = g_malloc0(10 * sizeof(*ci) + sizeof(*cl)); 579 580 cl->dev_id = index; 581 cl->conn_num = 10; 582 ci = cl->conn_info; 583 584 if (ioctl(dev->sk, HCIGETCONNLIST, (void *) cl) < 0) { 585 g_free(cl); 586 return -EIO; 587 } 588 589 for (i = 0; i < cl->conn_num; i++, ci++) 590 if (ci->handle == handle) { 591 bacpy(dba, &ci->bdaddr); 592 g_free(cl); 593 return 0; 594 } 595 596 g_free(cl); 597 598 return -ENOENT; 599} 600 601static inline void update_lastseen(bdaddr_t *sba, bdaddr_t *dba) 602{ 603 time_t t; 604 struct tm *tm; 605 606 t = time(NULL); 607 tm = gmtime(&t); 608 609 write_lastseen_info(sba, dba, tm); 610} 611 612static inline void update_lastused(bdaddr_t *sba, bdaddr_t *dba) 613{ 614 time_t t; 615 struct tm *tm; 616 617 t = time(NULL); 618 tm = gmtime(&t); 619 620 write_lastused_info(sba, dba, tm); 621} 622 623/* Link Key handling */ 624 625static void link_key_request(int index, bdaddr_t *dba) 626{ 627 struct dev_info *dev = &devs[index]; 628 struct btd_adapter *adapter; 629 struct btd_device *device; 630 struct hci_auth_info_req req; 631 unsigned char key[16]; 632 char da[18]; 633 uint8_t type; 634 int err; 635 636 ba2str(dba, da); 637 DBG("hci%d dba %s", index, da); 638 639 adapter = manager_find_adapter(&dev->bdaddr); 640 if (adapter) 641 device = adapter_find_device(adapter, da); 642 else 643 device = NULL; 644 645 memset(&req, 0, sizeof(req)); 646 bacpy(&req.bdaddr, dba); 647 648 err = ioctl(dev->sk, HCIGETAUTHINFO, (unsigned long) &req); 649 if (err < 0) { 650 if (errno != EINVAL) 651 DBG("HCIGETAUTHINFO failed %s (%d)", 652 strerror(errno), errno); 653 req.type = 0x00; 654 } 655 656 DBG("kernel auth requirements = 0x%02x", req.type); 657 658 if (main_opts.debug_keys && device && 659 device_get_debug_key(device, key)) 660 type = 0x03; 661 else if (read_link_key(&dev->bdaddr, dba, key, &type) < 0 || 662 type == 0x03) { 663 /* Link key not found */ 664 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_LINK_KEY_NEG_REPLY, 665 6, dba); 666 return; 667 } 668 669 /* Link key found */ 670 671 DBG("link key type 0x%02x", type); 672 673 /* Don't use unauthenticated combination keys if MITM is 674 * required */ 675 if (type == 0x04 && req.type != 0xff && (req.type & 0x01)) 676 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_LINK_KEY_NEG_REPLY, 677 6, dba); 678 else { 679 link_key_reply_cp lr; 680 681 memcpy(lr.link_key, key, 16); 682 bacpy(&lr.bdaddr, dba); 683 684 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_LINK_KEY_REPLY, 685 LINK_KEY_REPLY_CP_SIZE, &lr); 686 } 687} 688 689static void link_key_notify(int index, void *ptr) 690{ 691 struct dev_info *dev = &devs[index]; 692 evt_link_key_notify *evt = ptr; 693 bdaddr_t *dba = &evt->bdaddr; 694 char da[18]; 695 int err; 696 unsigned char old_key[16]; 697 uint8_t old_key_type; 698 699 ba2str(dba, da); 700 DBG("hci%d dba %s type %d", index, da, evt->key_type); 701 702 err = read_link_key(&dev->bdaddr, dba, old_key, &old_key_type); 703 if (err < 0) 704 old_key_type = 0xff; 705 706 err = btd_event_link_key_notify(&dev->bdaddr, dba, evt->link_key, 707 evt->key_type, dev->pin_length, 708 old_key_type); 709 dev->pin_length = -1; 710 711 if (err < 0) { 712 uint16_t handle; 713 714 if (err == -ENODEV) 715 btd_event_bonding_process_complete(&dev->bdaddr, dba, 716 HCI_OE_LOW_RESOURCES); 717 else 718 btd_event_bonding_process_complete(&dev->bdaddr, dba, 719 HCI_MEMORY_FULL); 720 721 if (get_handle(index, dba, &handle) == 0) { 722 disconnect_cp cp; 723 724 memset(&cp, 0, sizeof(cp)); 725 cp.handle = htobs(handle); 726 cp.reason = HCI_OE_LOW_RESOURCES; 727 728 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_DISCONNECT, 729 DISCONNECT_CP_SIZE, &cp); 730 } 731 } 732} 733 734static void return_link_keys(int index, void *ptr) 735{ 736 struct dev_info *dev = &devs[index]; 737 evt_return_link_keys *evt = ptr; 738 uint8_t num = evt->num_keys; 739 unsigned char key[16]; 740 char da[18]; 741 bdaddr_t dba; 742 int i; 743 744 DBG("hci%d num_keys %u", index, num); 745 746 ptr++; 747 748 for (i = 0; i < num; i++) { 749 bacpy(&dba, ptr); ba2str(&dba, da); 750 memcpy(key, ptr + 6, 16); 751 752 DBG("hci%d returned key for %s", index, da); 753 754 btd_event_returned_link_key(&dev->bdaddr, &dba); 755 756 ptr += 22; 757 } 758} 759 760/* Simple Pairing handling */ 761 762static void user_confirm_request(int index, void *ptr) 763{ 764 struct dev_info *dev = &devs[index]; 765 evt_user_confirm_request *req = ptr; 766 767 DBG("hci%d", index); 768 769 if (btd_event_user_confirm(&dev->bdaddr, &req->bdaddr, 770 btohl(req->passkey)) < 0) 771 hci_send_cmd(dev->sk, OGF_LINK_CTL, 772 OCF_USER_CONFIRM_NEG_REPLY, 6, ptr); 773} 774 775static void user_passkey_request(int index, void *ptr) 776{ 777 struct dev_info *dev = &devs[index]; 778 evt_user_passkey_request *req = ptr; 779 780 DBG("hci%d", index); 781 782 if (btd_event_user_passkey(&dev->bdaddr, &req->bdaddr) < 0) 783 hci_send_cmd(dev->sk, OGF_LINK_CTL, 784 OCF_USER_PASSKEY_NEG_REPLY, 6, ptr); 785} 786 787static void user_passkey_notify(int index, void *ptr) 788{ 789 struct dev_info *dev = &devs[index]; 790 evt_user_passkey_notify *req = ptr; 791 792 DBG("hci%d", index); 793 794 btd_event_user_notify(&dev->bdaddr, &req->bdaddr, 795 btohl(req->passkey)); 796} 797 798static void remote_oob_data_request(int index, void *ptr) 799{ 800 struct dev_info *dev = &devs[index]; 801 802 DBG("hci%d", index); 803 804 hci_send_cmd(dev->sk, OGF_LINK_CTL, 805 OCF_REMOTE_OOB_DATA_NEG_REPLY, 6, ptr); 806} 807 808static void io_capa_request(int index, void *ptr) 809{ 810 struct dev_info *dev = &devs[index]; 811 bdaddr_t *dba = ptr; 812 char da[18]; 813 uint8_t cap, auth; 814 815 ba2str(dba, da); 816 DBG("hci%d IO capability request for %s", index, da); 817 818 if (btd_event_get_io_cap(&dev->bdaddr, dba, &cap, &auth) < 0) { 819 io_capability_neg_reply_cp cp; 820 memset(&cp, 0, sizeof(cp)); 821 bacpy(&cp.bdaddr, dba); 822 cp.reason = HCI_PAIRING_NOT_ALLOWED; 823 hci_send_cmd(dev->sk, OGF_LINK_CTL, 824 OCF_IO_CAPABILITY_NEG_REPLY, 825 IO_CAPABILITY_NEG_REPLY_CP_SIZE, &cp); 826 } else { 827 io_capability_reply_cp cp; 828 memset(&cp, 0, sizeof(cp)); 829 bacpy(&cp.bdaddr, dba); 830 cp.capability = cap; 831 cp.oob_data = 0x00; 832 cp.authentication = auth; 833 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_IO_CAPABILITY_REPLY, 834 IO_CAPABILITY_REPLY_CP_SIZE, &cp); 835 } 836} 837 838static void io_capa_response(int index, void *ptr) 839{ 840 struct dev_info *dev = &devs[index]; 841 evt_io_capability_response *evt = ptr; 842 char da[18]; 843 844 ba2str(&evt->bdaddr, da); 845 DBG("hci%d IO capability response from %s", index, da); 846 847 btd_event_set_io_cap(&dev->bdaddr, &evt->bdaddr, 848 evt->capability, evt->authentication); 849} 850 851/* PIN code handling */ 852 853static void pin_code_request(int index, bdaddr_t *dba) 854{ 855 struct dev_info *dev = &devs[index]; 856 pin_code_reply_cp pr; 857 struct hci_conn_info_req *cr; 858 struct hci_conn_info *ci; 859 char da[18], pin[17]; 860 int pinlen; 861 862 memset(&pr, 0, sizeof(pr)); 863 bacpy(&pr.bdaddr, dba); 864 865 ba2str(dba, da); 866 DBG("hci%d PIN request for %s", index, da); 867 868 cr = g_malloc0(sizeof(*cr) + sizeof(*ci)); 869 870 bacpy(&cr->bdaddr, dba); 871 cr->type = ACL_LINK; 872 if (ioctl(dev->sk, HCIGETCONNINFO, (unsigned long) cr) < 0) { 873 error("Can't get conn info: %s (%d)", strerror(errno), errno); 874 goto reject; 875 } 876 ci = cr->conn_info; 877 878 memset(pin, 0, sizeof(pin)); 879 pinlen = read_pin_code(&dev->bdaddr, dba, pin); 880 881 if (pinlen > 0) { 882 dev->pin_length = pinlen; 883 memcpy(pr.pin_code, pin, pinlen); 884 pr.pin_len = pinlen; 885 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_PIN_CODE_REPLY, 886 PIN_CODE_REPLY_CP_SIZE, &pr); 887 } else { 888 /* Request PIN from passkey agent */ 889 if (btd_event_request_pin(&dev->bdaddr, ci) < 0) 890 goto reject; 891 } 892 893 g_free(cr); 894 895 return; 896 897reject: 898 g_free(cr); 899 900 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_PIN_CODE_NEG_REPLY, 6, dba); 901} 902 903static void start_inquiry(bdaddr_t *local, uint8_t status, gboolean periodic) 904{ 905 struct btd_adapter *adapter; 906 int state; 907 908 /* Don't send the signal if the cmd failed */ 909 if (status) { 910 error("Inquiry Failed with status 0x%02x", status); 911 return; 912 } 913 914 adapter = manager_find_adapter(local); 915 if (!adapter) { 916 error("Unable to find matching adapter"); 917 return; 918 } 919 920 state = adapter_get_state(adapter); 921 922 if (periodic) 923 state |= STATE_PINQ; 924 else 925 state |= STATE_STDINQ; 926 927 adapter_set_state(adapter, state); 928} 929 930static void inquiry_complete(bdaddr_t *local, uint8_t status, 931 gboolean periodic) 932{ 933 struct btd_adapter *adapter; 934 int state; 935 936 /* Don't send the signal if the cmd failed */ 937 if (status) { 938 error("Inquiry Failed with status 0x%02x", status); 939 return; 940 } 941 942 adapter = manager_find_adapter(local); 943 if (!adapter) { 944 error("Unable to find matching adapter"); 945 return; 946 } 947 948 state = adapter_get_state(adapter); 949 state &= ~(STATE_STDINQ | STATE_PINQ); 950 adapter_set_state(adapter, state); 951} 952 953static inline void remote_features_notify(int index, void *ptr) 954{ 955 struct dev_info *dev = &devs[index]; 956 evt_remote_host_features_notify *evt = ptr; 957 958 if (evt->features[0] & 0x01) 959 btd_event_set_legacy_pairing(&dev->bdaddr, &evt->bdaddr, 960 FALSE); 961 else 962 btd_event_set_legacy_pairing(&dev->bdaddr, &evt->bdaddr, 963 TRUE); 964 965 write_features_info(&dev->bdaddr, &evt->bdaddr, NULL, evt->features); 966} 967 968static void write_le_host_complete(int index, uint8_t status) 969{ 970 struct dev_info *dev = &devs[index]; 971 uint8_t page_num = 0x01; 972 973 if (status) 974 return; 975 976 if (hci_send_cmd(dev->sk, OGF_INFO_PARAM, 977 OCF_READ_LOCAL_EXT_FEATURES, 1, &page_num) < 0) 978 error("Unable to read extended local features: %s (%d)", 979 strerror(errno), errno); 980} 981 982static void read_local_version_complete(int index, 983 const read_local_version_rp *rp) 984{ 985 struct dev_info *dev = &devs[index]; 986 987 if (rp->status) 988 return; 989 990 dev->ver.manufacturer = btohs(bt_get_unaligned(&rp->manufacturer)); 991 dev->ver.hci_ver = rp->hci_ver; 992 dev->ver.hci_rev = btohs(bt_get_unaligned(&rp->hci_rev)); 993 dev->ver.lmp_ver = rp->lmp_ver; 994 dev->ver.lmp_subver = btohs(bt_get_unaligned(&rp->lmp_subver)); 995 996 if (!dev->pending) 997 return; 998 999 hci_clear_bit(PENDING_VERSION, &dev->pending); 1000 1001 DBG("Got version for hci%d", index); 1002 1003 if (!dev->pending && dev->up) 1004 init_adapter(index); 1005} 1006 1007static void read_local_features_complete(int index, 1008 const read_local_features_rp *rp) 1009{ 1010 struct dev_info *dev = &devs[index]; 1011 1012 if (rp->status) 1013 return; 1014 1015 memcpy(dev->features, rp->features, 8); 1016 1017 if (!dev->pending) 1018 return; 1019 1020 hci_clear_bit(PENDING_FEATURES, &dev->pending); 1021 1022 DBG("Got features for hci%d", index); 1023 1024 if (!dev->pending && dev->up) 1025 init_adapter(index); 1026} 1027 1028#define SIZEOF_UUID128 16 1029 1030static void eir_generate_uuid128(sdp_list_t *list, 1031 uint8_t *ptr, uint16_t *eir_len) 1032{ 1033 int i, k, uuid_count = 0; 1034 uint16_t len = *eir_len; 1035 uint8_t *uuid128; 1036 gboolean truncated = FALSE; 1037 1038 /* Store UUIDs in place, skip 2 bytes to write type and length later */ 1039 uuid128 = ptr + 2; 1040 1041 for (; list; list = list->next) { 1042 sdp_record_t *rec = list->data; 1043 uint8_t *uuid128_data = rec->svclass.value.uuid128.data; 1044 1045 if (rec->svclass.type != SDP_UUID128) 1046 continue; 1047 1048 /* Stop if not enough space to put next UUID128 */ 1049 if ((len + 2 + SIZEOF_UUID128) > EIR_DATA_LENGTH) { 1050 truncated = TRUE; 1051 break; 1052 } 1053 1054 /* Check for duplicates, EIR data is Little Endian */ 1055 for (i = 0; i < uuid_count; i++) { 1056 for (k = 0; k < SIZEOF_UUID128; k++) { 1057 if (uuid128[i * SIZEOF_UUID128 + k] != 1058 uuid128_data[SIZEOF_UUID128 - 1 - k]) 1059 break; 1060 } 1061 if (k == SIZEOF_UUID128) 1062 break; 1063 } 1064 1065 if (i < uuid_count) 1066 continue; 1067 1068 /* EIR data is Little Endian */ 1069 for (k = 0; k < SIZEOF_UUID128; k++) 1070 uuid128[uuid_count * SIZEOF_UUID128 + k] = 1071 uuid128_data[SIZEOF_UUID128 - 1 - k]; 1072 1073 len += SIZEOF_UUID128; 1074 uuid_count++; 1075 } 1076 1077 if (uuid_count > 0 || truncated) { 1078 /* EIR Data length */ 1079 ptr[0] = (uuid_count * SIZEOF_UUID128) + 1; 1080 /* EIR Data type */ 1081 ptr[1] = truncated ? EIR_UUID128_SOME : EIR_UUID128_ALL; 1082 len += 2; 1083 *eir_len = len; 1084 } 1085} 1086 1087static void create_ext_inquiry_response(int index, uint8_t *data) 1088{ 1089 struct dev_info *dev = &devs[index]; 1090 sdp_list_t *services; 1091 sdp_list_t *list; 1092 uint8_t *ptr = data; 1093 uint16_t eir_len = 0; 1094 uint16_t uuid16[EIR_DATA_LENGTH / 2]; 1095 int i, uuid_count = 0; 1096 gboolean truncated = FALSE; 1097 struct btd_adapter *adapter; 1098 size_t name_len; 1099 1100 name_len = strlen(dev->name); 1101 1102 if (name_len > 0) { 1103 /* EIR Data type */ 1104 if (name_len > 48) { 1105 name_len = 48; 1106 ptr[1] = EIR_NAME_SHORT; 1107 } else 1108 ptr[1] = EIR_NAME_COMPLETE; 1109 1110 /* EIR Data length */ 1111 ptr[0] = name_len + 1; 1112 1113 memcpy(ptr + 2, dev->name, name_len); 1114 1115 eir_len += (name_len + 2); 1116 ptr += (name_len + 2); 1117 } 1118 1119 if (dev->tx_power != 0) { 1120 *ptr++ = 2; 1121 *ptr++ = EIR_TX_POWER; 1122 *ptr++ = (uint8_t) dev->tx_power; 1123 eir_len += 3; 1124 } 1125 1126 if (dev->did_vendor != 0x0000) { 1127 uint16_t source = 0x0002; 1128 *ptr++ = 9; 1129 *ptr++ = EIR_DEVICE_ID; 1130 *ptr++ = (source & 0x00ff); 1131 *ptr++ = (source & 0xff00) >> 8; 1132 *ptr++ = (dev->did_vendor & 0x00ff); 1133 *ptr++ = (dev->did_vendor & 0xff00) >> 8; 1134 *ptr++ = (dev->did_product & 0x00ff); 1135 *ptr++ = (dev->did_product & 0xff00) >> 8; 1136 *ptr++ = (dev->did_version & 0x00ff); 1137 *ptr++ = (dev->did_version & 0xff00) >> 8; 1138 eir_len += 10; 1139 } 1140 1141 adapter = manager_find_adapter(&dev->bdaddr); 1142 if (adapter == NULL) 1143 return; 1144 1145 services = adapter_get_services(adapter); 1146 1147 /* Group all UUID16 types */ 1148 for (list = services; list; list = list->next) { 1149 sdp_record_t *rec = list->data; 1150 1151 if (rec->svclass.type != SDP_UUID16) 1152 continue; 1153 1154 if (rec->svclass.value.uuid16 < 0x1100) 1155 continue; 1156 1157 if (rec->svclass.value.uuid16 == PNP_INFO_SVCLASS_ID) 1158 continue; 1159 1160 /* Stop if not enough space to put next UUID16 */ 1161 if ((eir_len + 2 + sizeof(uint16_t)) > EIR_DATA_LENGTH) { 1162 truncated = TRUE; 1163 break; 1164 } 1165 1166 /* Check for duplicates */ 1167 for (i = 0; i < uuid_count; i++) 1168 if (uuid16[i] == rec->svclass.value.uuid16) 1169 break; 1170 1171 if (i < uuid_count) 1172 continue; 1173 1174 uuid16[uuid_count++] = rec->svclass.value.uuid16; 1175 eir_len += sizeof(uint16_t); 1176 } 1177 1178 if (uuid_count > 0) { 1179 /* EIR Data length */ 1180 ptr[0] = (uuid_count * sizeof(uint16_t)) + 1; 1181 /* EIR Data type */ 1182 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL; 1183 1184 ptr += 2; 1185 eir_len += 2; 1186 1187 for (i = 0; i < uuid_count; i++) { 1188 *ptr++ = (uuid16[i] & 0x00ff); 1189 *ptr++ = (uuid16[i] & 0xff00) >> 8; 1190 } 1191 } 1192 1193 /* Group all UUID128 types */ 1194 if (eir_len <= EIR_DATA_LENGTH - 2) 1195 eir_generate_uuid128(services, ptr, &eir_len); 1196} 1197 1198static void update_ext_inquiry_response(int index) 1199{ 1200 struct dev_info *dev = &devs[index]; 1201 write_ext_inquiry_response_cp cp; 1202 1203 DBG("hci%d", index); 1204 1205 if (!(dev->features[6] & LMP_EXT_INQ)) 1206 return; 1207 1208 if (dev->ssp_mode == 0) 1209 return; 1210 1211 if (dev->cache_enable) 1212 return; 1213 1214 memset(&cp, 0, sizeof(cp)); 1215 1216 create_ext_inquiry_response(index, cp.data); 1217 1218 if (memcmp(cp.data, dev->eir, sizeof(cp.data)) == 0) 1219 return; 1220 1221 memcpy(dev->eir, cp.data, sizeof(cp.data)); 1222 1223 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 1224 OCF_WRITE_EXT_INQUIRY_RESPONSE, 1225 WRITE_EXT_INQUIRY_RESPONSE_CP_SIZE, &cp) < 0) 1226 error("Unable to write EIR data: %s (%d)", 1227 strerror(errno), errno); 1228} 1229 1230static void update_name(int index, const char *name) 1231{ 1232 struct dev_info *dev = &devs[index]; 1233 struct btd_adapter *adapter; 1234 1235 adapter = manager_find_adapter(&dev->bdaddr); 1236 if (adapter) 1237 adapter_update_local_name(adapter, name); 1238 1239 update_ext_inquiry_response(index); 1240} 1241 1242static void read_local_name_complete(int index, read_local_name_rp *rp) 1243{ 1244 struct dev_info *dev = &devs[index]; 1245 1246 DBG("hci%d status %u", index, rp->status); 1247 1248 if (rp->status) 1249 return; 1250 1251 memcpy(dev->name, rp->name, 248); 1252 1253 if (!dev->pending) { 1254 update_name(index, (char *) rp->name); 1255 return; 1256 } 1257 1258 hci_clear_bit(PENDING_NAME, &dev->pending); 1259 1260 DBG("Got name for hci%d", index); 1261 1262 if (!dev->up) 1263 return; 1264 1265 /* Even though it shouldn't happen (assuming the kernel behaves 1266 * properly) it seems like we might miss the very first 1267 * initialization commands that the kernel sends. So check for 1268 * it here (since read_local_name is one of the last init 1269 * commands) and resend the first ones if we haven't seen 1270 * their results yet */ 1271 1272 if (hci_test_bit(PENDING_FEATURES, &dev->pending)) 1273 hci_send_cmd(dev->sk, OGF_INFO_PARAM, 1274 OCF_READ_LOCAL_FEATURES, 0, NULL); 1275 1276 if (hci_test_bit(PENDING_VERSION, &dev->pending)) 1277 hci_send_cmd(dev->sk, OGF_INFO_PARAM, 1278 OCF_READ_LOCAL_VERSION, 0, NULL); 1279 1280 if (!dev->pending) 1281 init_adapter(index); 1282} 1283 1284static void read_tx_power_complete(int index, void *ptr) 1285{ 1286 struct dev_info *dev = &devs[index]; 1287 1288 read_inq_response_tx_power_level_rp *rp = ptr; 1289 1290 DBG("hci%d status %u", index, rp->status); 1291 1292 if (rp->status) 1293 return; 1294 1295 dev->tx_power = rp->level; 1296 update_ext_inquiry_response(index); 1297} 1298 1299static void read_simple_pairing_mode_complete(int index, void *ptr) 1300{ 1301 struct dev_info *dev = &devs[index]; 1302 read_simple_pairing_mode_rp *rp = ptr; 1303 struct btd_adapter *adapter; 1304 1305 DBG("hci%d status %u", index, rp->status); 1306 1307 if (rp->status) 1308 return; 1309 1310 dev->ssp_mode = rp->mode; 1311 update_ext_inquiry_response(index); 1312 1313 adapter = manager_find_adapter(&dev->bdaddr); 1314 if (!adapter) { 1315 error("No matching adapter found"); 1316 return; 1317 } 1318 1319 adapter_update_ssp_mode(adapter, rp->mode); 1320} 1321 1322static void read_local_ext_features_complete(int index, 1323 const read_local_ext_features_rp *rp) 1324{ 1325 struct dev_info *dev = &devs[index]; 1326 struct btd_adapter *adapter; 1327 1328 DBG("hci%d status %u", index, rp->status); 1329 1330 if (rp->status) 1331 return; 1332 1333 adapter = manager_find_adapter(&dev->bdaddr); 1334 if (!adapter) { 1335 error("No matching adapter found"); 1336 return; 1337 } 1338 1339 /* Local Extended feature page number is 1 */ 1340 if (rp->page_num != 1) 1341 return; 1342 1343 btd_adapter_update_local_ext_features(adapter, rp->features); 1344} 1345 1346static void read_bd_addr_complete(int index, read_bd_addr_rp *rp) 1347{ 1348 struct dev_info *dev = &devs[index]; 1349 1350 DBG("hci%d status %u", index, rp->status); 1351 1352 if (rp->status) 1353 return; 1354 1355 bacpy(&dev->bdaddr, &rp->bdaddr); 1356 1357 if (!dev->pending) 1358 return; 1359 1360 hci_clear_bit(PENDING_BDADDR, &dev->pending); 1361 1362 DBG("Got bdaddr for hci%d", index); 1363 1364 if (!dev->pending && dev->up) 1365 init_adapter(index); 1366} 1367 1368static inline void cmd_status(int index, void *ptr) 1369{ 1370 struct dev_info *dev = &devs[index]; 1371 evt_cmd_status *evt = ptr; 1372 uint16_t opcode = btohs(evt->opcode); 1373 1374 if (opcode == cmd_opcode_pack(OGF_LINK_CTL, OCF_INQUIRY)) 1375 start_inquiry(&dev->bdaddr, evt->status, FALSE); 1376} 1377 1378static void read_scan_complete(int index, uint8_t status, void *ptr) 1379{ 1380 struct dev_info *dev = &devs[index]; 1381 struct btd_adapter *adapter; 1382 read_scan_enable_rp *rp = ptr; 1383 1384 DBG("hci%d status %u", index, status); 1385 1386 adapter = manager_find_adapter(&dev->bdaddr); 1387 1388 if (!adapter) { 1389 error("Unable to find matching adapter"); 1390 return; 1391 } 1392 1393 adapter_mode_changed(adapter, rp->enable); 1394} 1395 1396static int write_class(int index, uint32_t class) 1397{ 1398 struct dev_info *dev = &devs[index]; 1399 write_class_of_dev_cp cp; 1400 1401 DBG("hci%d class 0x%06x", index, class); 1402 1403 memcpy(cp.dev_class, &class, 3); 1404 1405 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_CLASS_OF_DEV, 1406 WRITE_CLASS_OF_DEV_CP_SIZE, &cp) < 0) 1407 return -errno; 1408 1409 dev->pending_cod = class; 1410 1411 return 0; 1412} 1413 1414/* Limited Discoverable bit mask in CoD */ 1415#define LIMITED_BIT 0x002000 1416 1417static int hciops_set_limited_discoverable(int index, gboolean limited) 1418{ 1419 struct dev_info *dev = &devs[index]; 1420 int num = (limited ? 2 : 1); 1421 uint8_t lap[] = { 0x33, 0x8b, 0x9e, 0x00, 0x8b, 0x9e }; 1422 write_current_iac_lap_cp cp; 1423 1424 DBG("hci%d limited %d", index, limited); 1425 1426 /* Check if limited bit needs to be set/reset */ 1427 if (limited) 1428 dev->wanted_cod |= LIMITED_BIT; 1429 else 1430 dev->wanted_cod &= ~LIMITED_BIT; 1431 1432 /* If we dont need the toggling, save an unnecessary CoD write */ 1433 if (dev->pending_cod || dev->wanted_cod == dev->current_cod) 1434 return 0; 1435 1436 /* 1437 * 1: giac 1438 * 2: giac + liac 1439 */ 1440 memset(&cp, 0, sizeof(cp)); 1441 cp.num_current_iac = num; 1442 memcpy(&cp.lap, lap, num * 3); 1443 1444 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_CURRENT_IAC_LAP, 1445 (num * 3 + 1), &cp) < 0) 1446 return -errno; 1447 1448 return write_class(index, dev->wanted_cod); 1449} 1450 1451static void write_class_complete(int index, uint8_t status) 1452{ 1453 struct dev_info *dev = &devs[index]; 1454 struct btd_adapter *adapter; 1455 1456 if (status) 1457 return; 1458 1459 if (dev->pending_cod == 0) 1460 return; 1461 1462 dev->current_cod = dev->pending_cod; 1463 dev->pending_cod = 0; 1464 1465 adapter = manager_find_adapter(&dev->bdaddr); 1466 if (adapter) 1467 btd_adapter_class_changed(adapter, dev->current_cod); 1468 1469 update_ext_inquiry_response(index); 1470 1471 if (dev->wanted_cod == dev->current_cod) 1472 return; 1473 1474 if (dev->wanted_cod & LIMITED_BIT && 1475 !(dev->current_cod & LIMITED_BIT)) 1476 hciops_set_limited_discoverable(index, TRUE); 1477 else if (!(dev->wanted_cod & LIMITED_BIT) && 1478 (dev->current_cod & LIMITED_BIT)) 1479 hciops_set_limited_discoverable(index, FALSE); 1480 else 1481 write_class(index, dev->wanted_cod); 1482} 1483 1484static inline void cmd_complete(int index, void *ptr) 1485{ 1486 struct dev_info *dev = &devs[index]; 1487 evt_cmd_complete *evt = ptr; 1488 uint16_t opcode = btohs(evt->opcode); 1489 uint8_t status = *((uint8_t *) ptr + EVT_CMD_COMPLETE_SIZE); 1490 1491 switch (opcode) { 1492 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_VERSION): 1493 ptr += sizeof(evt_cmd_complete); 1494 read_local_version_complete(index, ptr); 1495 break; 1496 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_FEATURES): 1497 ptr += sizeof(evt_cmd_complete); 1498 read_local_features_complete(index, ptr); 1499 break; 1500 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_EXT_FEATURES): 1501 ptr += sizeof(evt_cmd_complete); 1502 read_local_ext_features_complete(index, ptr); 1503 break; 1504 case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_BD_ADDR): 1505 ptr += sizeof(evt_cmd_complete); 1506 read_bd_addr_complete(index, ptr); 1507 break; 1508 case cmd_opcode_pack(OGF_LINK_CTL, OCF_PERIODIC_INQUIRY): 1509 start_inquiry(&dev->bdaddr, status, TRUE); 1510 break; 1511 case cmd_opcode_pack(OGF_LINK_CTL, OCF_EXIT_PERIODIC_INQUIRY): 1512 inquiry_complete(&dev->bdaddr, status, TRUE); 1513 break; 1514 case cmd_opcode_pack(OGF_LINK_CTL, OCF_INQUIRY_CANCEL): 1515 inquiry_complete(&dev->bdaddr, status, FALSE); 1516 break; 1517 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_LE_HOST_SUPPORTED): 1518 write_le_host_complete(index, status); 1519 break; 1520 case cmd_opcode_pack(OGF_LE_CTL, OCF_LE_SET_SCAN_ENABLE): 1521 btd_event_le_set_scan_enable_complete(&dev->bdaddr, status); 1522 break; 1523 case cmd_opcode_pack(OGF_HOST_CTL, OCF_CHANGE_LOCAL_NAME): 1524 if (!status) 1525 hci_send_cmd(dev->sk, OGF_HOST_CTL, 1526 OCF_READ_LOCAL_NAME, 0, 0); 1527 break; 1528 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE): 1529 btd_event_setscan_enable_complete(&dev->bdaddr); 1530 break; 1531 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_SCAN_ENABLE): 1532 ptr += sizeof(evt_cmd_complete); 1533 read_scan_complete(index, status, ptr); 1534 break; 1535 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_CLASS_OF_DEV): 1536 write_class_complete(index, status); 1537 break; 1538 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_SIMPLE_PAIRING_MODE): 1539 if (!status) 1540 hci_send_cmd(dev->sk, OGF_HOST_CTL, 1541 OCF_READ_SIMPLE_PAIRING_MODE, 0, NULL); 1542 break; 1543 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_SIMPLE_PAIRING_MODE): 1544 ptr += sizeof(evt_cmd_complete); 1545 read_simple_pairing_mode_complete(index, ptr); 1546 break; 1547 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_LOCAL_NAME): 1548 ptr += sizeof(evt_cmd_complete); 1549 read_local_name_complete(index, ptr); 1550 break; 1551 case cmd_opcode_pack(OGF_HOST_CTL, 1552 OCF_READ_INQ_RESPONSE_TX_POWER_LEVEL): 1553 ptr += sizeof(evt_cmd_complete); 1554 read_tx_power_complete(index, ptr); 1555 break; 1556 }; 1557} 1558 1559static inline void remote_name_information(int index, void *ptr) 1560{ 1561 struct dev_info *dev = &devs[index]; 1562 evt_remote_name_req_complete *evt = ptr; 1563 char name[MAX_NAME_LENGTH + 1]; 1564 1565 DBG("hci%d status %u", index, evt->status); 1566 1567 memset(name, 0, sizeof(name)); 1568 1569 if (!evt->status) 1570 memcpy(name, evt->name, MAX_NAME_LENGTH); 1571 1572 btd_event_remote_name(&dev->bdaddr, &evt->bdaddr, evt->status, name); 1573} 1574 1575static inline void remote_version_information(int index, void *ptr) 1576{ 1577 struct dev_info *dev = &devs[index]; 1578 evt_read_remote_version_complete *evt = ptr; 1579 bdaddr_t dba; 1580 1581 DBG("hci%d status %u", index, evt->status); 1582 1583 if (evt->status) 1584 return; 1585 1586 if (get_bdaddr(index, btohs(evt->handle), &dba) < 0) 1587 return; 1588 1589 write_version_info(&dev->bdaddr, &dba, btohs(evt->manufacturer), 1590 evt->lmp_ver, btohs(evt->lmp_subver)); 1591} 1592 1593static inline void inquiry_result(int index, int plen, void *ptr) 1594{ 1595 struct dev_info *dev = &devs[index]; 1596 uint8_t num = *(uint8_t *) ptr++; 1597 int i; 1598 1599 for (i = 0; i < num; i++) { 1600 inquiry_info *info = ptr; 1601 uint32_t class = info->dev_class[0] | 1602 (info->dev_class[1] << 8) | 1603 (info->dev_class[2] << 16); 1604 1605 btd_event_inquiry_result(&dev->bdaddr, &info->bdaddr, class, 1606 0, NULL); 1607 1608 update_lastseen(&dev->bdaddr, &info->bdaddr); 1609 1610 ptr += INQUIRY_INFO_SIZE; 1611 } 1612} 1613 1614static inline void inquiry_result_with_rssi(int index, int plen, void *ptr) 1615{ 1616 struct dev_info *dev = &devs[index]; 1617 uint8_t num = *(uint8_t *) ptr++; 1618 int i; 1619 1620 if (!num) 1621 return; 1622 1623 if ((plen - 1) / num == INQUIRY_INFO_WITH_RSSI_AND_PSCAN_MODE_SIZE) { 1624 for (i = 0; i < num; i++) { 1625 inquiry_info_with_rssi_and_pscan_mode *info = ptr; 1626 uint32_t class = info->dev_class[0] 1627 | (info->dev_class[1] << 8) 1628 | (info->dev_class[2] << 16); 1629 1630 btd_event_inquiry_result(&dev->bdaddr, &info->bdaddr, 1631 class, info->rssi, NULL); 1632 1633 update_lastseen(&dev->bdaddr, &info->bdaddr); 1634 1635 ptr += INQUIRY_INFO_WITH_RSSI_AND_PSCAN_MODE_SIZE; 1636 } 1637 } else { 1638 for (i = 0; i < num; i++) { 1639 inquiry_info_with_rssi *info = ptr; 1640 uint32_t class = info->dev_class[0] 1641 | (info->dev_class[1] << 8) 1642 | (info->dev_class[2] << 16); 1643 1644 btd_event_inquiry_result(&dev->bdaddr, &info->bdaddr, 1645 class, info->rssi, NULL); 1646 1647 update_lastseen(&dev->bdaddr, &info->bdaddr); 1648 1649 ptr += INQUIRY_INFO_WITH_RSSI_SIZE; 1650 } 1651 } 1652} 1653 1654static inline void extended_inquiry_result(int index, int plen, void *ptr) 1655{ 1656 struct dev_info *dev = &devs[index]; 1657 uint8_t num = *(uint8_t *) ptr++; 1658 int i; 1659 1660 for (i = 0; i < num; i++) { 1661 extended_inquiry_info *info = ptr; 1662 uint32_t class = info->dev_class[0] 1663 | (info->dev_class[1] << 8) 1664 | (info->dev_class[2] << 16); 1665 1666 btd_event_inquiry_result(&dev->bdaddr, &info->bdaddr, class, 1667 info->rssi, info->data); 1668 1669 update_lastseen(&dev->bdaddr, &info->bdaddr); 1670 1671 ptr += EXTENDED_INQUIRY_INFO_SIZE; 1672 } 1673} 1674 1675static inline void remote_features_information(int index, void *ptr) 1676{ 1677 struct dev_info *dev = &devs[index]; 1678 evt_read_remote_features_complete *evt = ptr; 1679 bdaddr_t dba; 1680 1681 DBG("hci%d status %u", index, evt->status); 1682 1683 if (evt->status) 1684 return; 1685 1686 if (get_bdaddr(index, btohs(evt->handle), &dba) < 0) 1687 return; 1688 1689 write_features_info(&dev->bdaddr, &dba, evt->features, NULL); 1690} 1691 1692static inline void conn_complete(int index, void *ptr) 1693{ 1694 struct dev_info *dev = &devs[index]; 1695 evt_conn_complete *evt = ptr; 1696 char filename[PATH_MAX]; 1697 char local_addr[18], peer_addr[18], *str; 1698 struct btd_adapter *adapter; 1699 1700 adapter = manager_find_adapter(&dev->bdaddr); 1701 if (!adapter) { 1702 error("Unable to find matching adapter"); 1703 return; 1704 } 1705 1706 if (evt->link_type != ACL_LINK) 1707 return; 1708 1709 btd_event_conn_complete(&dev->bdaddr, evt->status, 1710 btohs(evt->handle), &evt->bdaddr); 1711 1712 if (evt->status) 1713 return; 1714 1715 update_lastused(&dev->bdaddr, &evt->bdaddr); 1716 1717 /* check if the remote version needs be requested */ 1718 ba2str(&dev->bdaddr, local_addr); 1719 ba2str(&evt->bdaddr, peer_addr); 1720 1721 create_name(filename, sizeof(filename), STORAGEDIR, local_addr, 1722 "manufacturers"); 1723 1724 str = textfile_get(filename, peer_addr); 1725 if (!str) 1726 btd_adapter_get_remote_version(adapter, btohs(evt->handle), 1727 TRUE); 1728 else 1729 free(str); 1730} 1731 1732static inline void le_conn_complete(int index, void *ptr) 1733{ 1734 struct dev_info *dev = &devs[index]; 1735 evt_le_connection_complete *evt = ptr; 1736 char filename[PATH_MAX]; 1737 char local_addr[18], peer_addr[18], *str; 1738 struct btd_adapter *adapter; 1739 1740 adapter = manager_find_adapter(&dev->bdaddr); 1741 if (!adapter) { 1742 error("Unable to find matching adapter"); 1743 return; 1744 } 1745 1746 btd_event_conn_complete(&dev->bdaddr, evt->status, 1747 btohs(evt->handle), &evt->peer_bdaddr); 1748 1749 if (evt->status) 1750 return; 1751 1752 update_lastused(&dev->bdaddr, &evt->peer_bdaddr); 1753 1754 /* check if the remote version needs be requested */ 1755 ba2str(&dev->bdaddr, local_addr); 1756 ba2str(&evt->peer_bdaddr, peer_addr); 1757 1758 create_name(filename, sizeof(filename), STORAGEDIR, local_addr, 1759 "manufacturers"); 1760 1761 str = textfile_get(filename, peer_addr); 1762 if (!str) 1763 btd_adapter_get_remote_version(adapter, btohs(evt->handle), 1764 TRUE); 1765 else 1766 free(str); 1767} 1768 1769static inline void disconn_complete(int index, void *ptr) 1770{ 1771 struct dev_info *dev = &devs[index]; 1772 evt_disconn_complete *evt = ptr; 1773 1774 btd_event_disconn_complete(&dev->bdaddr, evt->status, 1775 btohs(evt->handle), evt->reason); 1776} 1777 1778static inline void auth_complete(int index, void *ptr) 1779{ 1780 struct dev_info *dev = &devs[index]; 1781 evt_auth_complete *evt = ptr; 1782 bdaddr_t dba; 1783 1784 DBG("hci%d status %u", index, evt->status); 1785 1786 if (get_bdaddr(index, btohs(evt->handle), &dba) < 0) 1787 return; 1788 1789 btd_event_bonding_process_complete(&dev->bdaddr, &dba, evt->status); 1790} 1791 1792static inline void simple_pairing_complete(int index, void *ptr) 1793{ 1794 struct dev_info *dev = &devs[index]; 1795 evt_simple_pairing_complete *evt = ptr; 1796 1797 DBG("hci%d status %u", index, evt->status); 1798 1799 btd_event_simple_pairing_complete(&dev->bdaddr, &evt->bdaddr, 1800 evt->status); 1801} 1802 1803static inline void conn_request(int index, void *ptr) 1804{ 1805 struct dev_info *dev = &devs[index]; 1806 evt_conn_request *evt = ptr; 1807 uint32_t class = evt->dev_class[0] | (evt->dev_class[1] << 8) 1808 | (evt->dev_class[2] << 16); 1809 1810 btd_event_remote_class(&dev->bdaddr, &evt->bdaddr, class); 1811} 1812 1813static inline void le_advertising_report(int index, evt_le_meta_event *meta) 1814{ 1815 struct dev_info *dev = &devs[index]; 1816 le_advertising_info *info; 1817 uint8_t num, i; 1818 1819 num = meta->data[0]; 1820 info = (le_advertising_info *) (meta->data + 1); 1821 1822 for (i = 0; i < num; i++) { 1823 btd_event_advertising_report(&dev->bdaddr, info); 1824 info = (le_advertising_info *) (info->data + info->length + 1); 1825 } 1826} 1827 1828static inline void le_metaevent(int index, void *ptr) 1829{ 1830 evt_le_meta_event *meta = ptr; 1831 1832 DBG("hci%d LE Meta Event %u", index, meta->subevent); 1833 1834 switch (meta->subevent) { 1835 case EVT_LE_ADVERTISING_REPORT: 1836 le_advertising_report(index, meta); 1837 break; 1838 1839 case EVT_LE_CONN_COMPLETE: 1840 le_conn_complete(index, meta->data); 1841 break; 1842 } 1843} 1844 1845static void stop_hci_dev(int index) 1846{ 1847 struct dev_info *dev = &devs[index]; 1848 GIOChannel *chan = dev->io; 1849 1850 if (!chan) 1851 return; 1852 1853 info("Stopping hci%d event socket", index); 1854 1855 g_source_remove(dev->watch_id); 1856 g_io_channel_unref(dev->io); 1857 hci_close_dev(dev->sk); 1858 init_dev_info(index, -1, dev->registered); 1859} 1860 1861static gboolean io_security_event(GIOChannel *chan, GIOCondition cond, 1862 gpointer data) 1863{ 1864 unsigned char buf[HCI_MAX_EVENT_SIZE], *ptr = buf; 1865 int type, index = GPOINTER_TO_INT(data); 1866 struct dev_info *dev = &devs[index]; 1867 struct hci_dev_info di; 1868 size_t len; 1869 hci_event_hdr *eh; 1870 GIOError err; 1871 evt_cmd_status *evt; 1872 1873 if (cond & (G_IO_NVAL | G_IO_HUP | G_IO_ERR)) { 1874 stop_hci_dev(index); 1875 return FALSE; 1876 } 1877 1878 if ((err = g_io_channel_read(chan, (gchar *) buf, sizeof(buf), &len))) { 1879 if (err == G_IO_ERROR_AGAIN) 1880 return TRUE; 1881 stop_hci_dev(index); 1882 return FALSE; 1883 } 1884 1885 type = *ptr++; 1886 1887 if (type != HCI_EVENT_PKT) 1888 return TRUE; 1889 1890 eh = (hci_event_hdr *) ptr; 1891 ptr += HCI_EVENT_HDR_SIZE; 1892 1893 memset(&di, 0, sizeof(di)); 1894 if (hci_devinfo(index, &di) == 0) { 1895 bacpy(&dev->bdaddr, &di.bdaddr); 1896 1897 if (ignore_device(&di)) 1898 return TRUE; 1899 } 1900 1901 switch (eh->evt) { 1902 case EVT_CMD_STATUS: 1903 cmd_status(index, ptr); 1904 break; 1905 1906 case EVT_CMD_COMPLETE: 1907 cmd_complete(index, ptr); 1908 break; 1909 1910 case EVT_REMOTE_NAME_REQ_COMPLETE: 1911 remote_name_information(index, ptr); 1912 break; 1913 1914 case EVT_READ_REMOTE_VERSION_COMPLETE: 1915 remote_version_information(index, ptr); 1916 break; 1917 1918 case EVT_READ_REMOTE_FEATURES_COMPLETE: 1919 remote_features_information(index, ptr); 1920 break; 1921 1922 case EVT_REMOTE_HOST_FEATURES_NOTIFY: 1923 remote_features_notify(index, ptr); 1924 break; 1925 1926 case EVT_INQUIRY_COMPLETE: 1927 evt = (evt_cmd_status *) ptr; 1928 inquiry_complete(&dev->bdaddr, evt->status, FALSE); 1929 break; 1930 1931 case EVT_INQUIRY_RESULT: 1932 inquiry_result(index, eh->plen, ptr); 1933 break; 1934 1935 case EVT_INQUIRY_RESULT_WITH_RSSI: 1936 inquiry_result_with_rssi(index, eh->plen, ptr); 1937 break; 1938 1939 case EVT_EXTENDED_INQUIRY_RESULT: 1940 extended_inquiry_result(index, eh->plen, ptr); 1941 break; 1942 1943 case EVT_CONN_COMPLETE: 1944 conn_complete(index, ptr); 1945 break; 1946 1947 case EVT_DISCONN_COMPLETE: 1948 disconn_complete(index, ptr); 1949 break; 1950 1951 case EVT_AUTH_COMPLETE: 1952 auth_complete(index, ptr); 1953 break; 1954 1955 case EVT_SIMPLE_PAIRING_COMPLETE: 1956 simple_pairing_complete(index, ptr); 1957 break; 1958 1959 case EVT_CONN_REQUEST: 1960 conn_request(index, ptr); 1961 break; 1962 case EVT_LE_META_EVENT: 1963 le_metaevent(index, ptr); 1964 break; 1965 case EVT_PIN_CODE_REQ: 1966 pin_code_request(index, (bdaddr_t *) ptr); 1967 break; 1968 1969 case EVT_LINK_KEY_REQ: 1970 link_key_request(index, (bdaddr_t *) ptr); 1971 break; 1972 1973 case EVT_LINK_KEY_NOTIFY: 1974 link_key_notify(index, ptr); 1975 break; 1976 1977 case EVT_RETURN_LINK_KEYS: 1978 return_link_keys(index, ptr); 1979 break; 1980 1981 case EVT_IO_CAPABILITY_REQUEST: 1982 io_capa_request(index, ptr); 1983 break; 1984 1985 case EVT_IO_CAPABILITY_RESPONSE: 1986 io_capa_response(index, ptr); 1987 break; 1988 1989 case EVT_USER_CONFIRM_REQUEST: 1990 user_confirm_request(index, ptr); 1991 break; 1992 1993 case EVT_USER_PASSKEY_REQUEST: 1994 user_passkey_request(index, ptr); 1995 break; 1996 1997 case EVT_USER_PASSKEY_NOTIFY: 1998 user_passkey_notify(index, ptr); 1999 break; 2000 2001 case EVT_REMOTE_OOB_DATA_REQUEST: 2002 remote_oob_data_request(index, ptr); 2003 break; 2004 } 2005 2006 return TRUE; 2007} 2008 2009static void start_hci_dev(int index) 2010{ 2011 struct dev_info *dev = &devs[index]; 2012 GIOChannel *chan = dev->io; 2013 GIOCondition cond; 2014 struct hci_filter flt; 2015 2016 if (chan) 2017 return; 2018 2019 info("Listening for HCI events on hci%d", index); 2020 2021 /* Set filter */ 2022 hci_filter_clear(&flt); 2023 hci_filter_set_ptype(HCI_EVENT_PKT, &flt); 2024 hci_filter_set_event(EVT_CMD_STATUS, &flt); 2025 hci_filter_set_event(EVT_CMD_COMPLETE, &flt); 2026 hci_filter_set_event(EVT_PIN_CODE_REQ, &flt); 2027 hci_filter_set_event(EVT_LINK_KEY_REQ, &flt); 2028 hci_filter_set_event(EVT_LINK_KEY_NOTIFY, &flt); 2029 hci_filter_set_event(EVT_RETURN_LINK_KEYS, &flt); 2030 hci_filter_set_event(EVT_IO_CAPABILITY_REQUEST, &flt); 2031 hci_filter_set_event(EVT_IO_CAPABILITY_RESPONSE, &flt); 2032 hci_filter_set_event(EVT_USER_CONFIRM_REQUEST, &flt); 2033 hci_filter_set_event(EVT_USER_PASSKEY_REQUEST, &flt); 2034 hci_filter_set_event(EVT_REMOTE_OOB_DATA_REQUEST, &flt); 2035 hci_filter_set_event(EVT_USER_PASSKEY_NOTIFY, &flt); 2036 hci_filter_set_event(EVT_KEYPRESS_NOTIFY, &flt); 2037 hci_filter_set_event(EVT_SIMPLE_PAIRING_COMPLETE, &flt); 2038 hci_filter_set_event(EVT_AUTH_COMPLETE, &flt); 2039 hci_filter_set_event(EVT_REMOTE_NAME_REQ_COMPLETE, &flt); 2040 hci_filter_set_event(EVT_READ_REMOTE_VERSION_COMPLETE, &flt); 2041 hci_filter_set_event(EVT_READ_REMOTE_FEATURES_COMPLETE, &flt); 2042 hci_filter_set_event(EVT_REMOTE_HOST_FEATURES_NOTIFY, &flt); 2043 hci_filter_set_event(EVT_INQUIRY_COMPLETE, &flt); 2044 hci_filter_set_event(EVT_INQUIRY_RESULT, &flt); 2045 hci_filter_set_event(EVT_INQUIRY_RESULT_WITH_RSSI, &flt); 2046 hci_filter_set_event(EVT_EXTENDED_INQUIRY_RESULT, &flt); 2047 hci_filter_set_event(EVT_CONN_REQUEST, &flt); 2048 hci_filter_set_event(EVT_CONN_COMPLETE, &flt); 2049 hci_filter_set_event(EVT_DISCONN_COMPLETE, &flt); 2050 hci_filter_set_event(EVT_LE_META_EVENT, &flt); 2051 if (setsockopt(dev->sk, SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) { 2052 error("Can't set filter on hci%d: %s (%d)", 2053 index, strerror(errno), errno); 2054 return; 2055 } 2056 2057 chan = g_io_channel_unix_new(dev->sk); 2058 cond = G_IO_IN | G_IO_NVAL | G_IO_HUP | G_IO_ERR; 2059 dev->watch_id = g_io_add_watch_full(chan, G_PRIORITY_LOW, cond, 2060 io_security_event, 2061 GINT_TO_POINTER(index), NULL); 2062 dev->io = chan; 2063 dev->pin_length = -1; 2064 2065} 2066 2067/* End of HCI event callbacks */ 2068 2069static gboolean child_exit(GIOChannel *io, GIOCondition cond, void *user_data) 2070{ 2071 int status, fd = g_io_channel_unix_get_fd(io); 2072 pid_t child_pid; 2073 2074 if (read(fd, &child_pid, sizeof(child_pid)) != sizeof(child_pid)) { 2075 error("child_exit: unable to read child pid from pipe"); 2076 return TRUE; 2077 } 2078 2079 if (waitpid(child_pid, &status, 0) != child_pid) 2080 error("waitpid(%d) failed", child_pid); 2081 else 2082 DBG("child %d exited", child_pid); 2083 2084 return TRUE; 2085} 2086 2087static void at_child_exit(void) 2088{ 2089 pid_t pid = getpid(); 2090 2091 if (write(child_pipe[1], &pid, sizeof(pid)) != sizeof(pid)) 2092 error("unable to write to child pipe"); 2093} 2094 2095static void device_devup_setup(int index) 2096{ 2097 struct dev_info *dev = &devs[index]; 2098 struct hci_dev_info di; 2099 read_stored_link_key_cp cp; 2100 2101 DBG("hci%d", index); 2102 2103 if (hci_devinfo(index, &di) < 0) 2104 return; 2105 2106 if (ignore_device(&di)) 2107 return; 2108 2109 bacpy(&dev->bdaddr, &di.bdaddr); 2110 memcpy(dev->features, di.features, 8); 2111 2112 /* Set page timeout */ 2113 if ((main_opts.flags & (1 << HCID_SET_PAGETO))) { 2114 write_page_timeout_cp cp; 2115 2116 cp.timeout = htobs(main_opts.pageto); 2117 hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_PAGE_TIMEOUT, 2118 WRITE_PAGE_TIMEOUT_CP_SIZE, &cp); 2119 } 2120 2121 bacpy(&cp.bdaddr, BDADDR_ANY); 2122 cp.read_all = 1; 2123 hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_READ_STORED_LINK_KEY, 2124 READ_STORED_LINK_KEY_CP_SIZE, (void *) &cp); 2125 2126 if (!dev->pending) 2127 init_adapter(index); 2128} 2129 2130static void init_pending(int index) 2131{ 2132 struct dev_info *dev = &devs[index]; 2133 2134 hci_set_bit(PENDING_BDADDR, &dev->pending); 2135 hci_set_bit(PENDING_VERSION, &dev->pending); 2136 hci_set_bit(PENDING_FEATURES, &dev->pending); 2137 hci_set_bit(PENDING_NAME, &dev->pending); 2138} 2139 2140static void init_device(int index) 2141{ 2142 struct hci_dev_req dr; 2143 int dd; 2144 pid_t pid; 2145 2146 DBG("hci%d", index); 2147 2148 dd = hci_open_dev(index); 2149 if (dd < 0) { 2150 error("Unable to open hci%d: %s (%d)", index, 2151 strerror(errno), errno); 2152 return; 2153 } 2154 2155 if (index > max_dev) { 2156 max_dev = index; 2157 devs = g_realloc(devs, sizeof(devs[0]) * (max_dev + 1)); 2158 } 2159 2160 init_dev_info(index, dd, FALSE); 2161 init_pending(index); 2162 start_hci_dev(index); 2163 2164 /* Do initialization in the separate process */ 2165 pid = fork(); 2166 switch (pid) { 2167 case 0: 2168 atexit(at_child_exit); 2169 break; 2170 case -1: 2171 error("Fork failed. Can't init device hci%d: %s (%d)", 2172 index, strerror(errno), errno); 2173 default: 2174 DBG("child %d forked", pid); 2175 return; 2176 } 2177 2178 memset(&dr, 0, sizeof(dr)); 2179 dr.dev_id = index; 2180 2181 /* Set link mode */ 2182 dr.dev_opt = main_opts.link_mode; 2183 if (ioctl(dd, HCISETLINKMODE, (unsigned long) &dr) < 0) 2184 error("Can't set link mode on hci%d: %s (%d)", 2185 index, strerror(errno), errno); 2186 2187 /* Start HCI device */ 2188 if (ioctl(dd, HCIDEVUP, index) < 0 && errno != EALREADY) { 2189 error("Can't init device hci%d: %s (%d)", 2190 index, strerror(errno), errno); 2191 goto fail; 2192 } 2193 2194 hci_close_dev(dd); 2195 exit(0); 2196 2197fail: 2198 hci_close_dev(dd); 2199 exit(1); 2200} 2201 2202static void device_devreg_setup(int index) 2203{ 2204 struct hci_dev_info di; 2205 2206 DBG("hci%d", index); 2207 2208 init_device(index); 2209 2210 memset(&di, 0, sizeof(di)); 2211 2212 if (hci_devinfo(index, &di) < 0) 2213 return; 2214 2215 if (ignore_device(&di)) 2216 return; 2217 2218 devs[index].already_up = hci_test_bit(HCI_UP, &di.flags); 2219} 2220 2221static void device_event(int event, int index) 2222{ 2223 switch (event) { 2224 case HCI_DEV_REG: 2225 info("HCI dev %d registered", index); 2226 device_devreg_setup(index); 2227 if (devs[index].already_up) 2228 device_event(HCI_DEV_UP, index); 2229 break; 2230 2231 case HCI_DEV_UNREG: 2232 info("HCI dev %d unregistered", index); 2233 stop_hci_dev(index); 2234 if (devs[index].registered) 2235 btd_manager_unregister_adapter(index); 2236 break; 2237 2238 case HCI_DEV_UP: 2239 info("HCI dev %d up", index); 2240 devs[index].up = TRUE; 2241 device_devup_setup(index); 2242 break; 2243 2244 case HCI_DEV_DOWN: 2245 info("HCI dev %d down", index); 2246 devs[index].up = FALSE; 2247 devs[index].pending_cod = 0; 2248 devs[index].cache_enable = TRUE; 2249 if (!devs[index].pending) { 2250 manager_stop_adapter(index); 2251 init_pending(index); 2252 } 2253 break; 2254 } 2255} 2256 2257static int hciops_stop_inquiry(int index) 2258{ 2259 struct dev_info *dev = &devs[index]; 2260 struct hci_dev_info di; 2261 int err; 2262 2263 DBG("hci%d", index); 2264 2265 if (hci_devinfo(index, &di) < 0) 2266 return -errno; 2267 2268 if (hci_test_bit(HCI_INQUIRY, &di.flags)) 2269 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2270 OCF_INQUIRY_CANCEL, 0, 0); 2271 else 2272 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2273 OCF_EXIT_PERIODIC_INQUIRY, 0, 0); 2274 if (err < 0) 2275 err = -errno; 2276 2277 return err; 2278} 2279 2280static gboolean init_known_adapters(gpointer user_data) 2281{ 2282 struct hci_dev_list_req *dl; 2283 struct hci_dev_req *dr; 2284 int i, err, ctl = GPOINTER_TO_INT(user_data); 2285 size_t req_size; 2286 2287 DBG(""); 2288 2289 req_size = HCI_MAX_DEV * sizeof(struct hci_dev_req) + sizeof(uint16_t); 2290 2291 dl = g_try_malloc0(req_size); 2292 if (!dl) { 2293 error("Can't allocate devlist buffer"); 2294 return FALSE; 2295 } 2296 2297 dl->dev_num = HCI_MAX_DEV; 2298 dr = dl->dev_req; 2299 2300 if (ioctl(ctl, HCIGETDEVLIST, dl) < 0) { 2301 err = -errno; 2302 error("Can't get device list: %s (%d)", strerror(-err), -err); 2303 g_free(dl); 2304 return FALSE; 2305 } 2306 2307 for (i = 0; i < dl->dev_num; i++, dr++) { 2308 struct dev_info *dev; 2309 2310 device_event(HCI_DEV_REG, dr->dev_id); 2311 2312 dev = &devs[dr->dev_id]; 2313 2314 dev->already_up = hci_test_bit(HCI_UP, &dr->dev_opt); 2315 2316 if (!dev->already_up) 2317 continue; 2318 2319 hciops_stop_inquiry(dr->dev_id); 2320 2321 dev->pending = 0; 2322 hci_set_bit(PENDING_VERSION, &dev->pending); 2323 hci_send_cmd(dev->sk, OGF_INFO_PARAM, 2324 OCF_READ_LOCAL_VERSION, 0, NULL); 2325 device_event(HCI_DEV_UP, dr->dev_id); 2326 } 2327 2328 g_free(dl); 2329 2330 return FALSE; 2331} 2332 2333static gboolean io_stack_event(GIOChannel *chan, GIOCondition cond, 2334 gpointer data) 2335{ 2336 unsigned char buf[HCI_MAX_FRAME_SIZE], *ptr; 2337 evt_stack_internal *si; 2338 evt_si_device *sd; 2339 hci_event_hdr *eh; 2340 int type; 2341 size_t len; 2342 GIOError err; 2343 2344 ptr = buf; 2345 2346 err = g_io_channel_read(chan, (gchar *) buf, sizeof(buf), &len); 2347 if (err) { 2348 if (err == G_IO_ERROR_AGAIN) 2349 return TRUE; 2350 2351 error("Read from control socket failed: %s (%d)", 2352 strerror(errno), errno); 2353 return FALSE; 2354 } 2355 2356 type = *ptr++; 2357 2358 if (type != HCI_EVENT_PKT) 2359 return TRUE; 2360 2361 eh = (hci_event_hdr *) ptr; 2362 if (eh->evt != EVT_STACK_INTERNAL) 2363 return TRUE; 2364 2365 ptr += HCI_EVENT_HDR_SIZE; 2366 2367 si = (evt_stack_internal *) ptr; 2368 switch (si->type) { 2369 case EVT_SI_DEVICE: 2370 sd = (void *) &si->data; 2371 device_event(sd->event, sd->dev_id); 2372 break; 2373 } 2374 2375 return TRUE; 2376} 2377 2378static int hciops_setup(void) 2379{ 2380 struct sockaddr_hci addr; 2381 struct hci_filter flt; 2382 GIOChannel *ctl_io, *child_io; 2383 int sock, err; 2384 2385 DBG(""); 2386 2387 if (child_pipe[0] != -1) 2388 return -EALREADY; 2389 2390 if (pipe(child_pipe) < 0) { 2391 err = -errno; 2392 error("pipe(): %s (%d)", strerror(-err), -err); 2393 return err; 2394 } 2395 2396 child_io = g_io_channel_unix_new(child_pipe[0]); 2397 g_io_channel_set_close_on_unref(child_io, TRUE); 2398 child_io_id = g_io_add_watch(child_io, 2399 G_IO_IN | G_IO_ERR | G_IO_HUP | G_IO_NVAL, 2400 child_exit, NULL); 2401 g_io_channel_unref(child_io); 2402 2403 /* Create and bind HCI socket */ 2404 sock = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI); 2405 if (sock < 0) { 2406 err = -errno; 2407 error("Can't open HCI socket: %s (%d)", strerror(-err), 2408 -err); 2409 return err; 2410 } 2411 2412 /* Set filter */ 2413 hci_filter_clear(&flt); 2414 hci_filter_set_ptype(HCI_EVENT_PKT, &flt); 2415 hci_filter_set_event(EVT_STACK_INTERNAL, &flt); 2416 if (setsockopt(sock, SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) { 2417 err = -errno; 2418 error("Can't set filter: %s (%d)", strerror(-err), -err); 2419 return err; 2420 } 2421 2422 memset(&addr, 0, sizeof(addr)); 2423 addr.hci_family = AF_BLUETOOTH; 2424 addr.hci_dev = HCI_DEV_NONE; 2425 if (bind(sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) { 2426 err = -errno; 2427 error("Can't bind HCI socket: %s (%d)", strerror(-err), -err); 2428 return err; 2429 } 2430 2431 ctl_io = g_io_channel_unix_new(sock); 2432 g_io_channel_set_close_on_unref(ctl_io, TRUE); 2433 2434 ctl_io_id = g_io_add_watch(ctl_io, G_IO_IN, io_stack_event, NULL); 2435 2436 g_io_channel_unref(ctl_io); 2437 2438 g_idle_add(init_known_adapters, GINT_TO_POINTER(sock)); 2439 2440 return 0; 2441} 2442 2443static void hciops_cleanup(void) 2444{ 2445 int i; 2446 2447 DBG(""); 2448 2449 for (i = 0; i <= max_dev; i++) { 2450 struct dev_info *dev = &devs[i]; 2451 2452 if (dev->sk >= 0) 2453 hci_close_dev(dev->sk); 2454 } 2455 2456 g_free(devs); 2457 devs = NULL; 2458 max_dev = -1; 2459 2460 if (child_io_id) { 2461 g_source_remove(child_io_id); 2462 child_io_id = 0; 2463 } 2464 2465 if (ctl_io_id) { 2466 g_source_remove(ctl_io_id); 2467 ctl_io_id = 0; 2468 } 2469 2470 if (child_pipe[0] >= 0) { 2471 close(child_pipe[0]); 2472 child_pipe[0] = -1; 2473 } 2474 2475 if (child_pipe[1] >= 0) { 2476 close(child_pipe[1]); 2477 child_pipe[1] = -1; 2478 } 2479} 2480 2481static int hciops_start(int index) 2482{ 2483 struct dev_info *dev = &devs[index]; 2484 int err; 2485 2486 DBG("hci%d", index); 2487 2488 if (ioctl(dev->sk, HCIDEVUP, index) == 0) 2489 return 0; 2490 2491 if (errno == EALREADY) 2492 return 0; 2493 2494 err = -errno; 2495 error("Can't init device hci%d: %s (%d)", 2496 index, strerror(-err), -err); 2497 2498 return err; 2499} 2500 2501static int hciops_set_powered(int index, gboolean powered) 2502{ 2503 struct dev_info *dev = &devs[index]; 2504 uint8_t mode = SCAN_DISABLED; 2505 2506 DBG("hci%d powered %d", index, powered); 2507 2508 if (powered) 2509 return hciops_start(index); 2510 2511 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 2512 OCF_WRITE_SCAN_ENABLE, 1, &mode) < 0) 2513 return -errno; 2514 2515 return hciops_stop(index); 2516} 2517 2518static int hciops_set_connectable(int index, gboolean connectable) 2519{ 2520 struct dev_info *dev = &devs[index]; 2521 uint8_t mode; 2522 2523 if (connectable) 2524 mode = SCAN_PAGE; 2525 else 2526 mode = 0x00; 2527 2528 DBG("hci%d connectable %d", index, connectable); 2529 2530 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 2531 OCF_WRITE_SCAN_ENABLE, 1, &mode) < 0) 2532 return -errno; 2533 2534 return 0; 2535} 2536 2537static int hciops_set_dev_class(int index, uint8_t major, uint8_t minor) 2538{ 2539 struct dev_info *dev = &devs[index]; 2540 int err; 2541 2542 DBG("hci%d major %u minor %u", index, major, minor); 2543 2544 /* Update only the major and minor class bits keeping remaining bits 2545 * intact*/ 2546 dev->wanted_cod &= 0xffe000; 2547 dev->wanted_cod |= ((major & 0x1f) << 8) | minor; 2548 2549 if (dev->wanted_cod == dev->current_cod || 2550 dev->cache_enable || dev->pending_cod) 2551 return 0; 2552 2553 DBG("Changing Major/Minor class to 0x%06x", dev->wanted_cod); 2554 2555 err = write_class(index, dev->wanted_cod); 2556 if (err < 0) 2557 error("Adapter class update failed: %s (%d)", 2558 strerror(-err), -err); 2559 2560 return err; 2561} 2562 2563static int hciops_start_inquiry(int index, uint8_t length, gboolean periodic) 2564{ 2565 struct dev_info *dev = &devs[index]; 2566 uint8_t lap[3] = { 0x33, 0x8b, 0x9e }; 2567 int err; 2568 2569 DBG("hci%d length %u periodic %d", index, length, periodic); 2570 2571 if (periodic) { 2572 periodic_inquiry_cp cp; 2573 2574 memset(&cp, 0, sizeof(cp)); 2575 memcpy(&cp.lap, lap, 3); 2576 cp.max_period = htobs(24); 2577 cp.min_period = htobs(16); 2578 cp.length = length; 2579 cp.num_rsp = 0x00; 2580 2581 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2582 OCF_PERIODIC_INQUIRY, 2583 PERIODIC_INQUIRY_CP_SIZE, &cp); 2584 } else { 2585 inquiry_cp inq_cp; 2586 2587 memset(&inq_cp, 0, sizeof(inq_cp)); 2588 memcpy(&inq_cp.lap, lap, 3); 2589 inq_cp.length = length; 2590 inq_cp.num_rsp = 0x00; 2591 2592 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2593 OCF_INQUIRY, INQUIRY_CP_SIZE, &inq_cp); 2594 } 2595 2596 if (err < 0) 2597 err = -errno; 2598 2599 return err; 2600} 2601 2602static int le_set_scan_enable(int index, uint8_t enable) 2603{ 2604 struct dev_info *dev = &devs[index]; 2605 le_set_scan_enable_cp cp; 2606 2607 DBG("hci%d enable %u", index, enable); 2608 2609 memset(&cp, 0, sizeof(cp)); 2610 cp.enable = enable; 2611 cp.filter_dup = 0; 2612 2613 if (hci_send_cmd(dev->sk, OGF_LE_CTL, OCF_LE_SET_SCAN_ENABLE, 2614 LE_SET_SCAN_ENABLE_CP_SIZE, &cp) < 0) 2615 return -errno; 2616 2617 return 0; 2618} 2619 2620static int hciops_start_scanning(int index) 2621{ 2622 struct dev_info *dev = &devs[index]; 2623 le_set_scan_parameters_cp cp; 2624 2625 DBG("hci%d", index); 2626 2627 memset(&cp, 0, sizeof(cp)); 2628 cp.type = 0x01; /* Active scanning */ 2629 cp.interval = htobs(0x0010); 2630 cp.window = htobs(0x0010); 2631 cp.own_bdaddr_type = 0; /* Public address */ 2632 cp.filter = 0; /* Accept all adv packets */ 2633 2634 if (hci_send_cmd(dev->sk, OGF_LE_CTL, OCF_LE_SET_SCAN_PARAMETERS, 2635 LE_SET_SCAN_PARAMETERS_CP_SIZE, &cp) < 0) 2636 return -errno; 2637 2638 return le_set_scan_enable(index, 1); 2639} 2640 2641static int hciops_stop_scanning(int index) 2642{ 2643 DBG("hci%d", index); 2644 2645 return le_set_scan_enable(index, 0); 2646} 2647 2648static int hciops_resolve_name(int index, bdaddr_t *bdaddr) 2649{ 2650 struct dev_info *dev = &devs[index]; 2651 remote_name_req_cp cp; 2652 char addr[18]; 2653 2654 ba2str(bdaddr, addr); 2655 DBG("hci%d dba %s", index, addr); 2656 2657 memset(&cp, 0, sizeof(cp)); 2658 bacpy(&cp.bdaddr, bdaddr); 2659 cp.pscan_rep_mode = 0x02; 2660 2661 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_REMOTE_NAME_REQ, 2662 REMOTE_NAME_REQ_CP_SIZE, &cp) < 0) 2663 return -errno; 2664 2665 return 0; 2666} 2667 2668static int hciops_set_name(int index, const char *name) 2669{ 2670 struct dev_info *dev = &devs[index]; 2671 change_local_name_cp cp; 2672 2673 DBG("hci%d, name %s", index, name); 2674 2675 memset(&cp, 0, sizeof(cp)); 2676 strncpy((char *) cp.name, name, sizeof(cp.name)); 2677 2678 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_CHANGE_LOCAL_NAME, 2679 CHANGE_LOCAL_NAME_CP_SIZE, &cp) < 0) 2680 return -errno; 2681 2682 memcpy(dev->name, cp.name, 248); 2683 update_ext_inquiry_response(index); 2684 2685 return 0; 2686} 2687 2688static int hciops_cancel_resolve_name(int index, bdaddr_t *bdaddr) 2689{ 2690 struct dev_info *dev = &devs[index]; 2691 remote_name_req_cancel_cp cp; 2692 char addr[18]; 2693 2694 ba2str(bdaddr, addr); 2695 DBG("hci%d dba %s", index, addr); 2696 2697 memset(&cp, 0, sizeof(cp)); 2698 bacpy(&cp.bdaddr, bdaddr); 2699 2700 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_REMOTE_NAME_REQ_CANCEL, 2701 REMOTE_NAME_REQ_CANCEL_CP_SIZE, &cp) < 0) 2702 return -errno; 2703 2704 return 0; 2705} 2706 2707static int hciops_fast_connectable(int index, gboolean enable) 2708{ 2709 struct dev_info *dev = &devs[index]; 2710 write_page_activity_cp cp; 2711 uint8_t type; 2712 2713 DBG("hci%d enable %d", index, enable); 2714 2715 if (enable) { 2716 type = PAGE_SCAN_TYPE_INTERLACED; 2717 cp.interval = 0x0024; /* 22.5 msec page scan interval */ 2718 } else { 2719 type = PAGE_SCAN_TYPE_STANDARD; /* default */ 2720 cp.interval = 0x0800; /* default 1.28 sec page scan */ 2721 } 2722 2723 cp.window = 0x0012; /* default 11.25 msec page scan window */ 2724 2725 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_WRITE_PAGE_ACTIVITY, 2726 WRITE_PAGE_ACTIVITY_CP_SIZE, &cp) < 0) 2727 return -errno; 2728 else if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 2729 OCF_WRITE_PAGE_SCAN_TYPE, 1, &type) < 0) 2730 return -errno; 2731 2732 return 0; 2733} 2734 2735static int hciops_read_clock(int index, int handle, int which, int timeout, 2736 uint32_t *clock, uint16_t *accuracy) 2737{ 2738 struct dev_info *dev = &devs[index]; 2739 2740 DBG("hci%d handle %d which %d timeout %d", index, handle, which, 2741 timeout); 2742 2743 if (hci_read_clock(dev->sk, handle, which, clock, accuracy, 2744 timeout) < 0) 2745 return -errno; 2746 2747 return 0; 2748} 2749 2750static int hciops_conn_handle(int index, const bdaddr_t *bdaddr, int *handle) 2751{ 2752 struct dev_info *dev = &devs[index]; 2753 struct hci_conn_info_req *cr; 2754 char addr[18]; 2755 int err; 2756 2757 ba2str(bdaddr, addr); 2758 DBG("hci%d dba %s", index, addr); 2759 2760 cr = g_malloc0(sizeof(*cr) + sizeof(struct hci_conn_info)); 2761 bacpy(&cr->bdaddr, bdaddr); 2762 cr->type = ACL_LINK; 2763 2764 if (ioctl(dev->sk, HCIGETCONNINFO, (unsigned long) cr) < 0) { 2765 err = -errno; 2766 goto fail; 2767 } 2768 2769 err = 0; 2770 *handle = htobs(cr->conn_info->handle); 2771 2772fail: 2773 g_free(cr); 2774 return err; 2775} 2776 2777static int hciops_read_bdaddr(int index, bdaddr_t *bdaddr) 2778{ 2779 struct dev_info *dev = &devs[index]; 2780 2781 DBG("hci%d", index); 2782 2783 bacpy(bdaddr, &dev->bdaddr); 2784 2785 return 0; 2786} 2787 2788static int hciops_block_device(int index, bdaddr_t *bdaddr) 2789{ 2790 struct dev_info *dev = &devs[index]; 2791 char addr[18]; 2792 2793 ba2str(bdaddr, addr); 2794 DBG("hci%d dba %s", index, addr); 2795 2796 if (ioctl(dev->sk, HCIBLOCKADDR, bdaddr) < 0) 2797 return -errno; 2798 2799 return 0; 2800} 2801 2802static int hciops_unblock_device(int index, bdaddr_t *bdaddr) 2803{ 2804 struct dev_info *dev = &devs[index]; 2805 char addr[18]; 2806 2807 ba2str(bdaddr, addr); 2808 DBG("hci%d dba %s", index, addr); 2809 2810 if (ioctl(dev->sk, HCIUNBLOCKADDR, bdaddr) < 0) 2811 return -errno; 2812 2813 return 0; 2814} 2815 2816static int hciops_get_conn_list(int index, GSList **conns) 2817{ 2818 struct dev_info *dev = &devs[index]; 2819 struct hci_conn_list_req *cl; 2820 struct hci_conn_info *ci; 2821 int err, i; 2822 2823 DBG("hci%d", index); 2824 2825 cl = g_malloc0(10 * sizeof(*ci) + sizeof(*cl)); 2826 2827 cl->dev_id = index; 2828 cl->conn_num = 10; 2829 ci = cl->conn_info; 2830 2831 if (ioctl(dev->sk, HCIGETCONNLIST, cl) < 0) { 2832 err = -errno; 2833 goto fail; 2834 } 2835 2836 err = 0; 2837 *conns = NULL; 2838 2839 for (i = 0; i < cl->conn_num; i++, ci++) 2840 *conns = g_slist_append(*conns, g_memdup(ci, sizeof(*ci))); 2841 2842fail: 2843 g_free(cl); 2844 return err; 2845} 2846 2847static int hciops_read_local_version(int index, struct hci_version *ver) 2848{ 2849 struct dev_info *dev = &devs[index]; 2850 2851 DBG("hci%d", index); 2852 2853 memcpy(ver, &dev->ver, sizeof(*ver)); 2854 2855 return 0; 2856} 2857 2858static int hciops_read_local_features(int index, uint8_t *features) 2859{ 2860 struct dev_info *dev = &devs[index]; 2861 2862 DBG("hci%d", index); 2863 2864 memcpy(features, dev->features, 8); 2865 2866 return 0; 2867} 2868 2869static int hciops_disconnect(int index, uint16_t handle) 2870{ 2871 struct dev_info *dev = &devs[index]; 2872 disconnect_cp cp; 2873 2874 DBG("hci%d handle %u", index, handle); 2875 2876 memset(&cp, 0, sizeof(cp)); 2877 cp.handle = htobs(handle); 2878 cp.reason = HCI_OE_USER_ENDED_CONNECTION; 2879 2880 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_DISCONNECT, 2881 DISCONNECT_CP_SIZE, &cp) < 0) 2882 return -errno; 2883 2884 return 0; 2885} 2886 2887static int hciops_remove_bonding(int index, bdaddr_t *bdaddr) 2888{ 2889 struct dev_info *dev = &devs[index]; 2890 delete_stored_link_key_cp cp; 2891 char addr[18]; 2892 2893 ba2str(bdaddr, addr); 2894 DBG("hci%d dba %s", index, addr); 2895 2896 memset(&cp, 0, sizeof(cp)); 2897 bacpy(&cp.bdaddr, bdaddr); 2898 2899 /* Delete the link key from the Bluetooth chip */ 2900 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_DELETE_STORED_LINK_KEY, 2901 DELETE_STORED_LINK_KEY_CP_SIZE, &cp) < 0) 2902 return -errno; 2903 2904 return 0; 2905} 2906 2907static int hciops_request_authentication(int index, uint16_t handle) 2908{ 2909 struct dev_info *dev = &devs[index]; 2910 auth_requested_cp cp; 2911 2912 DBG("hci%d handle %u", index, handle); 2913 2914 memset(&cp, 0, sizeof(cp)); 2915 cp.handle = htobs(handle); 2916 2917 if (hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_AUTH_REQUESTED, 2918 AUTH_REQUESTED_CP_SIZE, &cp) < 0) 2919 return -errno; 2920 2921 return 0; 2922} 2923 2924static int hciops_pincode_reply(int index, bdaddr_t *bdaddr, const char *pin) 2925{ 2926 struct dev_info *dev = &devs[index]; 2927 char addr[18]; 2928 int err; 2929 2930 ba2str(bdaddr, addr); 2931 DBG("hci%d dba %s", index, addr); 2932 2933 if (pin) { 2934 pin_code_reply_cp pr; 2935 size_t len = strlen(pin); 2936 2937 dev->pin_length = len; 2938 2939 memset(&pr, 0, sizeof(pr)); 2940 bacpy(&pr.bdaddr, bdaddr); 2941 memcpy(pr.pin_code, pin, len); 2942 pr.pin_len = len; 2943 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2944 OCF_PIN_CODE_REPLY, 2945 PIN_CODE_REPLY_CP_SIZE, &pr); 2946 } else 2947 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2948 OCF_PIN_CODE_NEG_REPLY, 6, bdaddr); 2949 2950 if (err < 0) 2951 err = -errno; 2952 2953 return err; 2954} 2955 2956static int hciops_confirm_reply(int index, bdaddr_t *bdaddr, gboolean success) 2957{ 2958 struct dev_info *dev = &devs[index]; 2959 user_confirm_reply_cp cp; 2960 char addr[18]; 2961 int err; 2962 2963 ba2str(bdaddr, addr); 2964 DBG("hci%d dba %s success %d", index, addr, success); 2965 2966 memset(&cp, 0, sizeof(cp)); 2967 bacpy(&cp.bdaddr, bdaddr); 2968 2969 if (success) 2970 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2971 OCF_USER_CONFIRM_REPLY, 2972 USER_CONFIRM_REPLY_CP_SIZE, &cp); 2973 else 2974 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 2975 OCF_USER_CONFIRM_NEG_REPLY, 2976 USER_CONFIRM_REPLY_CP_SIZE, &cp); 2977 2978 if (err < 0) 2979 err = -errno; 2980 2981 return err; 2982} 2983 2984static int hciops_passkey_reply(int index, bdaddr_t *bdaddr, uint32_t passkey) 2985{ 2986 struct dev_info *dev = &devs[index]; 2987 char addr[18]; 2988 int err; 2989 2990 ba2str(bdaddr, addr); 2991 DBG("hci%d dba %s", index, addr); 2992 2993 if (passkey != INVALID_PASSKEY) { 2994 user_passkey_reply_cp cp; 2995 2996 memset(&cp, 0, sizeof(cp)); 2997 bacpy(&cp.bdaddr, bdaddr); 2998 cp.passkey = passkey; 2999 3000 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 3001 OCF_USER_PASSKEY_REPLY, 3002 USER_PASSKEY_REPLY_CP_SIZE, &cp); 3003 } else 3004 err = hci_send_cmd(dev->sk, OGF_LINK_CTL, 3005 OCF_USER_PASSKEY_NEG_REPLY, 6, bdaddr); 3006 3007 if (err < 0) 3008 err = -errno; 3009 3010 return err; 3011} 3012 3013static int hciops_get_auth_info(int index, bdaddr_t *bdaddr, uint8_t *auth) 3014{ 3015 struct dev_info *dev = &devs[index]; 3016 struct hci_auth_info_req req; 3017 char addr[18]; 3018 3019 ba2str(bdaddr, addr); 3020 DBG("hci%d dba %s", index, addr); 3021 3022 memset(&req, 0, sizeof(req)); 3023 bacpy(&req.bdaddr, bdaddr); 3024 3025 if (ioctl(dev->sk, HCIGETAUTHINFO, (unsigned long) &req) < 0) 3026 return -errno; 3027 3028 if (auth) 3029 *auth = req.type; 3030 3031 return 0; 3032} 3033 3034static int hciops_read_scan_enable(int index) 3035{ 3036 struct dev_info *dev = &devs[index]; 3037 3038 DBG("hci%d", index); 3039 3040 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, OCF_READ_SCAN_ENABLE, 3041 0, NULL) < 0) 3042 return -errno; 3043 3044 return 0; 3045} 3046 3047static int hciops_enable_le(int index) 3048{ 3049 struct dev_info *dev = &devs[index]; 3050 write_le_host_supported_cp cp; 3051 3052 DBG("hci%d", index); 3053 3054 if (!(dev->features[4] & LMP_LE)) 3055 return -ENOTSUP; 3056 3057 cp.le = 0x01; 3058 cp.simul = (dev->features[6] & LMP_LE_BREDR) ? 0x01 : 0x00; 3059 3060 if (hci_send_cmd(dev->sk, OGF_HOST_CTL, 3061 OCF_WRITE_LE_HOST_SUPPORTED, 3062 WRITE_LE_HOST_SUPPORTED_CP_SIZE, &cp) < 0) 3063 return -errno; 3064 3065 return 0; 3066} 3067 3068struct remote_version_req { 3069 int index; 3070 uint16_t handle; 3071}; 3072 3073static gboolean get_remote_version(gpointer user_data) 3074{ 3075 struct remote_version_req *req = user_data; 3076 struct dev_info *dev = &devs[req->index]; 3077 read_remote_version_cp cp; 3078 3079 DBG("hci%d handle %u", req->index, req->handle); 3080 3081 memset(&cp, 0, sizeof(cp)); 3082 cp.handle = htobs(req->handle); 3083 3084 hci_send_cmd(dev->sk, OGF_LINK_CTL, OCF_READ_REMOTE_VERSION, 3085 READ_REMOTE_VERSION_CP_SIZE, &cp); 3086 3087 return FALSE; 3088} 3089 3090static int hciops_get_remote_version(int index, uint16_t handle, 3091 gboolean delayed) 3092{ 3093 struct remote_version_req *req; 3094 3095 DBG("hci%d handle %u delayed %d", index, handle, delayed); 3096 3097 req = g_new0(struct remote_version_req, 1); 3098 req->handle = handle; 3099 req->index = index; 3100 3101 if (!delayed) { 3102 get_remote_version(req); 3103 g_free(req); 3104 return 0; 3105 } 3106 3107 g_timeout_add_seconds_full(G_PRIORITY_DEFAULT, 1, get_remote_version, 3108 req, g_free); 3109 3110 return 0; 3111} 3112 3113static int set_service_classes(int index, uint8_t value) 3114{ 3115 struct dev_info *dev = &devs[index]; 3116 int err; 3117 3118 DBG("hci%d value %u", index, value); 3119 3120 /* Update only the service class, keep the limited bit, 3121 * major/minor class bits intact */ 3122 dev->wanted_cod &= 0x00ffff; 3123 dev->wanted_cod |= (value << 16); 3124 3125 /* If the cache is enabled or an existing CoD write is in progress 3126 * just bail out */ 3127 if (dev->cache_enable || dev->pending_cod) 3128 return 0; 3129 3130 /* If we already have the CoD we want, update EIR and return */ 3131 if (dev->current_cod == dev->wanted_cod) { 3132 update_ext_inquiry_response(index); 3133 return 0; 3134 } 3135 3136 DBG("Changing service classes to 0x%06x", dev->wanted_cod); 3137 3138 err = write_class(index, dev->wanted_cod); 3139 if (err < 0) 3140 error("Adapter class update failed: %s (%d)", 3141 strerror(-err), -err); 3142 3143 return err; 3144} 3145 3146static int hciops_services_updated(int index) 3147{ 3148 struct dev_info *dev = &devs[index]; 3149 struct btd_adapter *adapter; 3150 sdp_list_t *list; 3151 uint8_t val = 0; 3152 3153 DBG("hci%d", index); 3154 3155 adapter = manager_find_adapter(&dev->bdaddr); 3156 if (adapter == NULL) 3157 return -ENODEV; 3158 3159 for (list = adapter_get_services(adapter); list; list = list->next) { 3160 sdp_record_t *rec = list->data; 3161 3162 if (rec->svclass.type != SDP_UUID16) 3163 continue; 3164 3165 switch (rec->svclass.value.uuid16) { 3166 case DIALUP_NET_SVCLASS_ID: 3167 case CIP_SVCLASS_ID: 3168 val |= 0x42; /* Telephony & Networking */ 3169 break; 3170 case IRMC_SYNC_SVCLASS_ID: 3171 case OBEX_OBJPUSH_SVCLASS_ID: 3172 case OBEX_FILETRANS_SVCLASS_ID: 3173 case IRMC_SYNC_CMD_SVCLASS_ID: 3174 case PBAP_PSE_SVCLASS_ID: 3175 val |= 0x10; /* Object Transfer */ 3176 break; 3177 case HEADSET_SVCLASS_ID: 3178 case HANDSFREE_SVCLASS_ID: 3179 val |= 0x20; /* Audio */ 3180 break; 3181 case CORDLESS_TELEPHONY_SVCLASS_ID: 3182 case INTERCOM_SVCLASS_ID: 3183 case FAX_SVCLASS_ID: 3184 case SAP_SVCLASS_ID: 3185 /* 3186 * Setting the telephony bit for the handsfree audio gateway 3187 * role is not required by the HFP specification, but the 3188 * Nokia 616 carkit is just plain broken! It will refuse 3189 * pairing without this bit set. 3190 */ 3191 case HANDSFREE_AGW_SVCLASS_ID: 3192 val |= 0x40; /* Telephony */ 3193 break; 3194 case AUDIO_SOURCE_SVCLASS_ID: 3195 case VIDEO_SOURCE_SVCLASS_ID: 3196 val |= 0x08; /* Capturing */ 3197 break; 3198 case AUDIO_SINK_SVCLASS_ID: 3199 case VIDEO_SINK_SVCLASS_ID: 3200 val |= 0x04; /* Rendering */ 3201 break; 3202 case PANU_SVCLASS_ID: 3203 case NAP_SVCLASS_ID: 3204 case GN_SVCLASS_ID: 3205 val |= 0x02; /* Networking */ 3206 break; 3207 } 3208 } 3209 3210 return set_service_classes(index, val); 3211} 3212 3213static int hciops_disable_cod_cache(int index) 3214{ 3215 struct dev_info *dev = &devs[index]; 3216 3217 DBG("hci%d cache_enable %d", index, dev->cache_enable); 3218 3219 if (!dev->cache_enable) 3220 return 0; 3221 3222 DBG("hci%d current_cod 0x%06x wanted_cod 0x%06x", index, 3223 dev->current_cod, dev->wanted_cod); 3224 3225 /* Disable and flush svc cache. All successive service class 3226 * updates * will be written to the device */ 3227 dev->cache_enable = FALSE; 3228 3229 if (dev->current_cod == dev->wanted_cod) { 3230 update_ext_inquiry_response(index); 3231 return 0; 3232 } 3233 3234 return write_class(index, dev->wanted_cod); 3235} 3236 3237static int hciops_restore_powered(int index) 3238{ 3239 struct dev_info *dev = &devs[index]; 3240 3241 if (!dev->already_up && dev->up) 3242 return hciops_stop(index); 3243 3244 return 0; 3245} 3246 3247static struct btd_adapter_ops hci_ops = { 3248 .setup = hciops_setup, 3249 .cleanup = hciops_cleanup, 3250 .start = hciops_start, 3251 .stop = hciops_stop, 3252 .set_powered = hciops_set_powered, 3253 .set_connectable = hciops_set_connectable, 3254 .set_discoverable = hciops_set_discoverable, 3255 .set_pairable = hciops_set_pairable, 3256 .set_limited_discoverable = hciops_set_limited_discoverable, 3257 .start_inquiry = hciops_start_inquiry, 3258 .stop_inquiry = hciops_stop_inquiry, 3259 .start_scanning = hciops_start_scanning, 3260 .stop_scanning = hciops_stop_scanning, 3261 .resolve_name = hciops_resolve_name, 3262 .cancel_resolve_name = hciops_cancel_resolve_name, 3263 .set_name = hciops_set_name, 3264 .set_dev_class = hciops_set_dev_class, 3265 .set_fast_connectable = hciops_fast_connectable, 3266 .read_clock = hciops_read_clock, 3267 .get_conn_handle = hciops_conn_handle, 3268 .read_bdaddr = hciops_read_bdaddr, 3269 .block_device = hciops_block_device, 3270 .unblock_device = hciops_unblock_device, 3271 .get_conn_list = hciops_get_conn_list, 3272 .read_local_version = hciops_read_local_version, 3273 .read_local_features = hciops_read_local_features, 3274 .disconnect = hciops_disconnect, 3275 .remove_bonding = hciops_remove_bonding, 3276 .request_authentication = hciops_request_authentication, 3277 .pincode_reply = hciops_pincode_reply, 3278 .confirm_reply = hciops_confirm_reply, 3279 .passkey_reply = hciops_passkey_reply, 3280 .get_auth_info = hciops_get_auth_info, 3281 .read_scan_enable = hciops_read_scan_enable, 3282 .enable_le = hciops_enable_le, 3283 .get_remote_version = hciops_get_remote_version, 3284 .encrypt_link = hciops_encrypt_link, 3285 .set_did = hciops_set_did, 3286 .services_updated = hciops_services_updated, 3287 .disable_cod_cache = hciops_disable_cod_cache, 3288 .restore_powered = hciops_restore_powered, 3289}; 3290 3291static int hciops_init(void) 3292{ 3293 DBG(""); 3294 return btd_register_adapter_ops(&hci_ops, FALSE); 3295} 3296 3297static void hciops_exit(void) 3298{ 3299 DBG(""); 3300 btd_adapter_cleanup_ops(&hci_ops); 3301} 3302 3303BLUETOOTH_PLUGIN_DEFINE(hciops, VERSION, 3304 BLUETOOTH_PLUGIN_PRIORITY_LOW, hciops_init, hciops_exit) 3305