1/*
2 *
3 *  BlueZ - Bluetooth protocol stack for Linux
4 *
5 *  Copyright (C) 2000-2001  Qualcomm Incorporated
6 *  Copyright (C) 2002-2003  Maxim Krasnyansky <maxk@qualcomm.com>
7 *  Copyright (C) 2002-2010  Marcel Holtmann <marcel@holtmann.org>
8 *
9 *
10 *  This program is free software; you can redistribute it and/or modify
11 *  it under the terms of the GNU General Public License as published by
12 *  the Free Software Foundation; either version 2 of the License, or
13 *  (at your option) any later version.
14 *
15 *  This program is distributed in the hope that it will be useful,
16 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
17 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18 *  GNU General Public License for more details.
19 *
20 *  You should have received a copy of the GNU General Public License
21 *  along with this program; if not, write to the Free Software
22 *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
23 *
24 */
25
26#ifdef HAVE_CONFIG_H
27#include <config.h>
28#endif
29
30#include <stdio.h>
31#include <errno.h>
32#include <ctype.h>
33#include <fcntl.h>
34#include <unistd.h>
35#include <stdlib.h>
36#include <string.h>
37#include <getopt.h>
38#include <sys/param.h>
39#include <sys/ioctl.h>
40#include <sys/socket.h>
41
42#include <bluetooth/bluetooth.h>
43#include <bluetooth/hci.h>
44#include <bluetooth/hci_lib.h>
45
46#include "textfile.h"
47#include "oui.h"
48
49/* Unofficial value, might still change */
50#define LE_LINK		0x03
51
52#define FLAGS_AD_TYPE 0x01
53#define FLAGS_LIMITED_MODE_BIT 0x01
54#define FLAGS_GENERAL_MODE_BIT 0x02
55
56#define for_each_opt(opt, long, short) while ((opt=getopt_long(argc, argv, short ? short:"+", long, NULL)) != -1)
57
58static void usage(void);
59
60static int dev_info(int s, int dev_id, long arg)
61{
62	struct hci_dev_info di = { dev_id: dev_id };
63	char addr[18];
64
65	if (ioctl(s, HCIGETDEVINFO, (void *) &di))
66		return 0;
67
68	ba2str(&di.bdaddr, addr);
69	printf("\t%s\t%s\n", di.name, addr);
70	return 0;
71}
72
73static void helper_arg(int min_num_arg, int max_num_arg, int *argc,
74			char ***argv, const char *usage)
75{
76	*argc -= optind;
77	/* too many arguments, but when "max_num_arg < min_num_arg" then no
78		 limiting (prefer "max_num_arg=-1" to gen infinity)
79	*/
80	if ( (*argc > max_num_arg) && (max_num_arg >= min_num_arg ) ) {
81		fprintf(stderr, "%s: too many arguments (maximal: %i)\n",
82				*argv[0], max_num_arg);
83		printf("%s", usage);
84		exit(1);
85	}
86
87	/* print usage */
88	if (*argc < min_num_arg) {
89		fprintf(stderr, "%s: too few arguments (minimal: %i)\n",
90				*argv[0], min_num_arg);
91		printf("%s", usage);
92		exit(0);
93	}
94
95	*argv += optind;
96}
97
98static char *type2str(uint8_t type)
99{
100	switch (type) {
101	case SCO_LINK:
102		return "SCO";
103	case ACL_LINK:
104		return "ACL";
105	case ESCO_LINK:
106		return "eSCO";
107	case LE_LINK:
108		return "LE";
109	default:
110		return "Unknown";
111	}
112}
113
114static int conn_list(int s, int dev_id, long arg)
115{
116	struct hci_conn_list_req *cl;
117	struct hci_conn_info *ci;
118	int id = arg;
119	int i;
120
121	if (id != -1 && dev_id != id)
122		return 0;
123
124	if (!(cl = malloc(10 * sizeof(*ci) + sizeof(*cl)))) {
125		perror("Can't allocate memory");
126		exit(1);
127	}
128	cl->dev_id = dev_id;
129	cl->conn_num = 10;
130	ci = cl->conn_info;
131
132	if (ioctl(s, HCIGETCONNLIST, (void *) cl)) {
133		perror("Can't get connection list");
134		exit(1);
135	}
136
137	for (i = 0; i < cl->conn_num; i++, ci++) {
138		char addr[18];
139		char *str;
140		ba2str(&ci->bdaddr, addr);
141		str = hci_lmtostr(ci->link_mode);
142		printf("\t%s %s %s handle %d state %d lm %s mtu %d credits %d/%d\n",
143			ci->out ? "<" : ">", type2str(ci->type),
144			addr, ci->handle, ci->state, str, ci->mtu, ci->cnt, ci->pkts);
145		bt_free(str);
146	}
147
148	free(cl);
149	return 0;
150}
151
152static int find_conn(int s, int dev_id, long arg)
153{
154	struct hci_conn_list_req *cl;
155	struct hci_conn_info *ci;
156	int i;
157
158	if (!(cl = malloc(10 * sizeof(*ci) + sizeof(*cl)))) {
159		perror("Can't allocate memory");
160		exit(1);
161	}
162	cl->dev_id = dev_id;
163	cl->conn_num = 10;
164	ci = cl->conn_info;
165
166	if (ioctl(s, HCIGETCONNLIST, (void *) cl)) {
167		perror("Can't get connection list");
168		exit(1);
169	}
170
171	for (i = 0; i < cl->conn_num; i++, ci++)
172		if (!bacmp((bdaddr_t *) arg, &ci->bdaddr)) {
173			free(cl);
174			return 1;
175		}
176
177	free(cl);
178	return 0;
179}
180
181static void hex_dump(char *pref, int width, unsigned char *buf, int len)
182{
183	register int i,n;
184
185	for (i = 0, n = 1; i < len; i++, n++) {
186		if (n == 1)
187			printf("%s", pref);
188		printf("%2.2X ", buf[i]);
189		if (n == width) {
190			printf("\n");
191			n = 0;
192		}
193	}
194	if (i && n!=1)
195		printf("\n");
196}
197
198static char *get_minor_device_name(int major, int minor)
199{
200	switch (major) {
201	case 0:	/* misc */
202		return "";
203	case 1:	/* computer */
204		switch (minor) {
205		case 0:
206			return "Uncategorized";
207		case 1:
208			return "Desktop workstation";
209		case 2:
210			return "Server";
211		case 3:
212			return "Laptop";
213		case 4:
214			return "Handheld";
215		case 5:
216			return "Palm";
217		case 6:
218			return "Wearable";
219		}
220		break;
221	case 2:	/* phone */
222		switch (minor) {
223		case 0:
224			return "Uncategorized";
225		case 1:
226			return "Cellular";
227		case 2:
228			return "Cordless";
229		case 3:
230			return "Smart phone";
231		case 4:
232			return "Wired modem or voice gateway";
233		case 5:
234			return "Common ISDN Access";
235		case 6:
236			return "Sim Card Reader";
237		}
238		break;
239	case 3:	/* lan access */
240		if (minor == 0)
241			return "Uncategorized";
242		switch (minor / 8) {
243		case 0:
244			return "Fully available";
245		case 1:
246			return "1-17% utilized";
247		case 2:
248			return "17-33% utilized";
249		case 3:
250			return "33-50% utilized";
251		case 4:
252			return "50-67% utilized";
253		case 5:
254			return "67-83% utilized";
255		case 6:
256			return "83-99% utilized";
257		case 7:
258			return "No service available";
259		}
260		break;
261	case 4:	/* audio/video */
262		switch (minor) {
263		case 0:
264			return "Uncategorized";
265		case 1:
266			return "Device conforms to the Headset profile";
267		case 2:
268			return "Hands-free";
269			/* 3 is reserved */
270		case 4:
271			return "Microphone";
272		case 5:
273			return "Loudspeaker";
274		case 6:
275			return "Headphones";
276		case 7:
277			return "Portable Audio";
278		case 8:
279			return "Car Audio";
280		case 9:
281			return "Set-top box";
282		case 10:
283			return "HiFi Audio Device";
284		case 11:
285			return "VCR";
286		case 12:
287			return "Video Camera";
288		case 13:
289			return "Camcorder";
290		case 14:
291			return "Video Monitor";
292		case 15:
293			return "Video Display and Loudspeaker";
294		case 16:
295			return "Video Conferencing";
296			/* 17 is reserved */
297		case 18:
298			return "Gaming/Toy";
299		}
300		break;
301	case 5:	/* peripheral */ {
302		static char cls_str[48]; cls_str[0] = 0;
303
304		switch (minor & 48) {
305		case 16:
306			strncpy(cls_str, "Keyboard", sizeof(cls_str));
307			break;
308		case 32:
309			strncpy(cls_str, "Pointing device", sizeof(cls_str));
310			break;
311		case 48:
312			strncpy(cls_str, "Combo keyboard/pointing device", sizeof(cls_str));
313			break;
314		}
315		if ((minor & 15) && (strlen(cls_str) > 0))
316			strcat(cls_str, "/");
317
318		switch (minor & 15) {
319		case 0:
320			break;
321		case 1:
322			strncat(cls_str, "Joystick", sizeof(cls_str) - strlen(cls_str));
323			break;
324		case 2:
325			strncat(cls_str, "Gamepad", sizeof(cls_str) - strlen(cls_str));
326			break;
327		case 3:
328			strncat(cls_str, "Remote control", sizeof(cls_str) - strlen(cls_str));
329			break;
330		case 4:
331			strncat(cls_str, "Sensing device", sizeof(cls_str) - strlen(cls_str));
332			break;
333		case 5:
334			strncat(cls_str, "Digitizer tablet", sizeof(cls_str) - strlen(cls_str));
335		break;
336		case 6:
337			strncat(cls_str, "Card reader", sizeof(cls_str) - strlen(cls_str));
338			break;
339		default:
340			strncat(cls_str, "(reserved)", sizeof(cls_str) - strlen(cls_str));
341			break;
342		}
343		if (strlen(cls_str) > 0)
344			return cls_str;
345	}
346	case 6:	/* imaging */
347		if (minor & 4)
348			return "Display";
349		if (minor & 8)
350			return "Camera";
351		if (minor & 16)
352			return "Scanner";
353		if (minor & 32)
354			return "Printer";
355		break;
356	case 7: /* wearable */
357		switch (minor) {
358		case 1:
359			return "Wrist Watch";
360		case 2:
361			return "Pager";
362		case 3:
363			return "Jacket";
364		case 4:
365			return "Helmet";
366		case 5:
367			return "Glasses";
368		}
369		break;
370	case 8: /* toy */
371		switch (minor) {
372		case 1:
373			return "Robot";
374		case 2:
375			return "Vehicle";
376		case 3:
377			return "Doll / Action Figure";
378		case 4:
379			return "Controller";
380		case 5:
381			return "Game";
382		}
383		break;
384	case 63:	/* uncategorised */
385		return "";
386	}
387	return "Unknown (reserved) minor device class";
388}
389
390static char *major_classes[] = {
391	"Miscellaneous", "Computer", "Phone", "LAN Access",
392	"Audio/Video", "Peripheral", "Imaging", "Uncategorized"
393};
394
395static char *get_device_name(const bdaddr_t *local, const bdaddr_t *peer)
396{
397	char filename[PATH_MAX + 1], addr[18];
398
399	ba2str(local, addr);
400	create_name(filename, PATH_MAX, STORAGEDIR, addr, "names");
401
402	ba2str(peer, addr);
403	return textfile_get(filename, addr);
404}
405
406/* Display local devices */
407
408static struct option dev_options[] = {
409	{ "help",	0, 0, 'h' },
410	{0, 0, 0, 0 }
411};
412
413static const char *dev_help =
414	"Usage:\n"
415	"\tdev\n";
416
417static void cmd_dev(int dev_id, int argc, char **argv)
418{
419	int opt;
420
421	for_each_opt(opt, dev_options, NULL) {
422		switch (opt) {
423		default:
424			printf("%s", dev_help);
425			return;
426		}
427	}
428	helper_arg(0, 0, &argc, &argv, dev_help);
429
430	printf("Devices:\n");
431
432	hci_for_each_dev(HCI_UP, dev_info, 0);
433}
434
435/* Inquiry */
436
437static struct option inq_options[] = {
438	{ "help",	0, 0, 'h' },
439	{ "length",	1, 0, 'l' },
440	{ "numrsp",	1, 0, 'n' },
441	{ "iac",	1, 0, 'i' },
442	{ "flush",	0, 0, 'f' },
443	{ 0, 0, 0, 0 }
444};
445
446static const char *inq_help =
447	"Usage:\n"
448	"\tinq [--length=N] maximum inquiry duration in 1.28 s units\n"
449	"\t    [--numrsp=N] specify maximum number of inquiry responses\n"
450	"\t    [--iac=lap]  specify the inquiry access code\n"
451	"\t    [--flush]    flush the inquiry cache\n";
452
453static void cmd_inq(int dev_id, int argc, char **argv)
454{
455	inquiry_info *info = NULL;
456	uint8_t lap[3] = { 0x33, 0x8b, 0x9e };
457	int num_rsp, length, flags;
458	char addr[18];
459	int i, l, opt;
460
461	length  = 8;	/* ~10 seconds */
462	num_rsp = 0;
463	flags   = 0;
464
465	for_each_opt(opt, inq_options, NULL) {
466		switch (opt) {
467		case 'l':
468			length = atoi(optarg);
469			break;
470
471		case 'n':
472			num_rsp = atoi(optarg);
473			break;
474
475		case 'i':
476			l = strtoul(optarg, 0, 16);
477			if (!strcasecmp(optarg, "giac")) {
478				l = 0x9e8b33;
479			} else if (!strcasecmp(optarg, "liac")) {
480				l = 0x9e8b00;
481			} if (l < 0x9e8b00 || l > 0x9e8b3f) {
482				printf("Invalid access code 0x%x\n", l);
483				exit(1);
484			}
485			lap[0] = (l & 0xff);
486			lap[1] = (l >> 8) & 0xff;
487			lap[2] = (l >> 16) & 0xff;
488			break;
489
490		case 'f':
491			flags |= IREQ_CACHE_FLUSH;
492			break;
493
494		default:
495			printf("%s", inq_help);
496			return;
497		}
498	}
499	helper_arg(0, 0, &argc, &argv, inq_help);
500
501	printf("Inquiring ...\n");
502
503	num_rsp = hci_inquiry(dev_id, length, num_rsp, lap, &info, flags);
504	if (num_rsp < 0) {
505		perror("Inquiry failed.");
506		exit(1);
507	}
508
509	for (i = 0; i < num_rsp; i++) {
510		ba2str(&(info+i)->bdaddr, addr);
511		printf("\t%s\tclock offset: 0x%4.4x\tclass: 0x%2.2x%2.2x%2.2x\n",
512			addr, btohs((info+i)->clock_offset),
513			(info+i)->dev_class[2],
514			(info+i)->dev_class[1],
515			(info+i)->dev_class[0]);
516	}
517
518	bt_free(info);
519}
520
521/* Device scanning */
522
523static struct option scan_options[] = {
524	{ "help",	0, 0, 'h' },
525	{ "length",	1, 0, 'l' },
526	{ "numrsp",	1, 0, 'n' },
527	{ "iac",	1, 0, 'i' },
528	{ "flush",	0, 0, 'f' },
529	{ "refresh",	0, 0, 'r' },
530	{ "class",	0, 0, 'C' },
531	{ "info",	0, 0, 'I' },
532	{ "oui",	0, 0, 'O' },
533	{ "all",	0, 0, 'A' },
534	{ "ext",	0, 0, 'A' },
535	{ 0, 0, 0, 0 }
536};
537
538static const char *scan_help =
539	"Usage:\n"
540	"\tscan [--length=N] [--numrsp=N] [--iac=lap] [--flush] [--class] [--info] [--oui] [--refresh]\n";
541
542static void cmd_scan(int dev_id, int argc, char **argv)
543{
544	inquiry_info *info = NULL;
545	uint8_t lap[3] = { 0x33, 0x8b, 0x9e };
546	int num_rsp, length, flags;
547	uint8_t cls[3], features[8];
548	char addr[18], name[249], oui[9], *comp, *tmp;
549	struct hci_version version;
550	struct hci_dev_info di;
551	struct hci_conn_info_req *cr;
552	int refresh = 0, extcls = 0, extinf = 0, extoui = 0;
553	int i, n, l, opt, dd, cc, nc;
554
555	length  = 8;	/* ~10 seconds */
556	num_rsp = 0;
557	flags   = 0;
558
559	for_each_opt(opt, scan_options, NULL) {
560		switch (opt) {
561		case 'l':
562			length = atoi(optarg);
563			break;
564
565		case 'n':
566			num_rsp = atoi(optarg);
567			break;
568
569		case 'i':
570			l = strtoul(optarg, 0, 16);
571			if (!strcasecmp(optarg, "giac")) {
572				l = 0x9e8b33;
573			} else if (!strcasecmp(optarg, "liac")) {
574				l = 0x9e8b00;
575			} else if (l < 0x9e8b00 || l > 0x9e8b3f) {
576				printf("Invalid access code 0x%x\n", l);
577				exit(1);
578			}
579			lap[0] = (l & 0xff);
580			lap[1] = (l >> 8) & 0xff;
581			lap[2] = (l >> 16) & 0xff;
582			break;
583
584		case 'f':
585			flags |= IREQ_CACHE_FLUSH;
586			break;
587
588		case 'r':
589			refresh = 1;
590			break;
591
592		case 'C':
593			extcls = 1;
594			break;
595
596		case 'I':
597			extinf = 1;
598			break;
599
600		case 'O':
601			extoui = 1;
602			break;
603
604		case 'A':
605			extcls = 1;
606			extinf = 1;
607			extoui = 1;
608			break;
609
610		default:
611			printf("%s", scan_help);
612			return;
613		}
614	}
615	helper_arg(0, 0, &argc, &argv, scan_help);
616
617	if (dev_id < 0) {
618		dev_id = hci_get_route(NULL);
619		if (dev_id < 0) {
620			perror("Device is not available");
621			exit(1);
622		}
623	}
624
625	if (hci_devinfo(dev_id, &di) < 0) {
626		perror("Can't get device info");
627		exit(1);
628	}
629
630	printf("Scanning ...\n");
631	num_rsp = hci_inquiry(dev_id, length, num_rsp, lap, &info, flags);
632	if (num_rsp < 0) {
633		perror("Inquiry failed");
634		exit(1);
635	}
636
637	dd = hci_open_dev(dev_id);
638	if (dd < 0) {
639		perror("HCI device open failed");
640		free(info);
641		exit(1);
642	}
643
644	if (extcls || extinf || extoui)
645		printf("\n");
646
647	for (i = 0; i < num_rsp; i++) {
648		uint16_t handle = 0;
649
650		if (!refresh) {
651			memset(name, 0, sizeof(name));
652			tmp = get_device_name(&di.bdaddr, &(info+i)->bdaddr);
653			if (tmp) {
654				strncpy(name, tmp, 249);
655				free(tmp);
656				nc = 1;
657			} else
658				nc = 0;
659		} else
660			nc = 0;
661
662		if (!extcls && !extinf && !extoui) {
663			ba2str(&(info+i)->bdaddr, addr);
664
665			if (nc) {
666				printf("\t%s\t%s\n", addr, name);
667				continue;
668			}
669
670			if (hci_read_remote_name_with_clock_offset(dd,
671					&(info+i)->bdaddr,
672					(info+i)->pscan_rep_mode,
673					(info+i)->clock_offset | 0x8000,
674					sizeof(name), name, 100000) < 0)
675				strcpy(name, "n/a");
676
677			for (n = 0; n < 248 && name[n]; n++) {
678				if ((unsigned char) name[i] < 32 || name[i] == 127)
679					name[i] = '.';
680			}
681
682			name[248] = '\0';
683
684			printf("\t%s\t%s\n", addr, name);
685			continue;
686		}
687
688		ba2str(&(info+i)->bdaddr, addr);
689		printf("BD Address:\t%s [mode %d, clkoffset 0x%4.4x]\n", addr,
690			(info+i)->pscan_rep_mode, btohs((info+i)->clock_offset));
691
692		if (extoui) {
693			ba2oui(&(info+i)->bdaddr, oui);
694			comp = ouitocomp(oui);
695			if (comp) {
696				printf("OUI company:\t%s (%s)\n", comp, oui);
697				free(comp);
698			}
699		}
700
701		cc = 0;
702
703		if (extinf) {
704			cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
705			if (cr) {
706				bacpy(&cr->bdaddr, &(info+i)->bdaddr);
707				cr->type = ACL_LINK;
708				if (ioctl(dd, HCIGETCONNINFO, (unsigned long) cr) < 0) {
709					handle = 0;
710					cc = 1;
711				} else {
712					handle = htobs(cr->conn_info->handle);
713					cc = 0;
714				}
715				free(cr);
716			}
717
718			if (cc) {
719				if (hci_create_connection(dd, &(info+i)->bdaddr,
720						htobs(di.pkt_type & ACL_PTYPE_MASK),
721						(info+i)->clock_offset | 0x8000,
722						0x01, &handle, 25000) < 0) {
723					handle = 0;
724					cc = 0;
725				}
726			}
727		}
728
729		if (handle > 0 || !nc) {
730			if (hci_read_remote_name_with_clock_offset(dd,
731					&(info+i)->bdaddr,
732					(info+i)->pscan_rep_mode,
733					(info+i)->clock_offset | 0x8000,
734					sizeof(name), name, 100000) < 0) {
735				if (!nc)
736					strcpy(name, "n/a");
737			} else {
738				for (n = 0; n < 248 && name[n]; n++) {
739					if ((unsigned char) name[i] < 32 || name[i] == 127)
740						name[i] = '.';
741				}
742
743				name[248] = '\0';
744				nc = 0;
745			}
746		}
747
748		if (strlen(name) > 0)
749			printf("Device name:\t%s%s\n", name, nc ? " [cached]" : "");
750
751		if (extcls) {
752			memcpy(cls, (info+i)->dev_class, 3);
753			printf("Device class:\t");
754			if ((cls[1] & 0x1f) > sizeof(major_classes) / sizeof(char *))
755				printf("Invalid");
756			else
757				printf("%s, %s", major_classes[cls[1] & 0x1f],
758					get_minor_device_name(cls[1] & 0x1f, cls[0] >> 2));
759			printf(" (0x%2.2x%2.2x%2.2x)\n", cls[2], cls[1], cls[0]);
760		}
761
762		if (extinf && handle > 0) {
763			if (hci_read_remote_version(dd, handle, &version, 20000) == 0) {
764				char *ver = lmp_vertostr(version.lmp_ver);
765				printf("Manufacturer:\t%s (%d)\n",
766					bt_compidtostr(version.manufacturer),
767					version.manufacturer);
768				printf("LMP version:\t%s (0x%x) [subver 0x%x]\n",
769					ver ? ver : "n/a",
770					version.lmp_ver, version.lmp_subver);
771				if (ver)
772					bt_free(ver);
773			}
774
775			if (hci_read_remote_features(dd, handle, features, 20000) == 0) {
776				char *tmp = lmp_featurestostr(features, "\t\t", 63);
777				printf("LMP features:\t0x%2.2x 0x%2.2x 0x%2.2x 0x%2.2x"
778					" 0x%2.2x 0x%2.2x 0x%2.2x 0x%2.2x\n",
779					features[0], features[1],
780					features[2], features[3],
781					features[4], features[5],
782					features[6], features[7]);
783				printf("%s\n", tmp);
784				bt_free(tmp);
785			}
786
787			if (cc) {
788				usleep(10000);
789				hci_disconnect(dd, handle, HCI_OE_USER_ENDED_CONNECTION, 10000);
790			}
791		}
792
793		printf("\n");
794	}
795
796	bt_free(info);
797
798	hci_close_dev(dd);
799}
800
801/* Remote name */
802
803static struct option name_options[] = {
804	{ "help",	0, 0, 'h' },
805	{ 0, 0, 0, 0 }
806};
807
808static const char *name_help =
809	"Usage:\n"
810	"\tname <bdaddr>\n";
811
812static void cmd_name(int dev_id, int argc, char **argv)
813{
814	bdaddr_t bdaddr;
815	char name[248];
816	int opt, dd;
817
818	for_each_opt(opt, name_options, NULL) {
819		switch (opt) {
820		default:
821			printf("%s", name_help);
822			return;
823		}
824	}
825	helper_arg(1, 1, &argc, &argv, name_help);
826
827	str2ba(argv[0], &bdaddr);
828
829	if (dev_id < 0) {
830		dev_id = hci_get_route(&bdaddr);
831		if (dev_id < 0) {
832			fprintf(stderr, "Device is not available.\n");
833			exit(1);
834		}
835	}
836
837	dd = hci_open_dev(dev_id);
838	if (dd < 0) {
839		perror("HCI device open failed");
840		exit(1);
841	}
842
843	if (hci_read_remote_name(dd, &bdaddr, sizeof(name), name, 25000) == 0)
844		printf("%s\n", name);
845
846	hci_close_dev(dd);
847}
848
849/* Info about remote device */
850
851static struct option info_options[] = {
852	{ "help",	0, 0, 'h' },
853	{ 0, 0, 0, 0 }
854};
855
856static const char *info_help =
857	"Usage:\n"
858	"\tinfo <bdaddr>\n";
859
860static void cmd_info(int dev_id, int argc, char **argv)
861{
862	bdaddr_t bdaddr;
863	uint16_t handle;
864	uint8_t features[8], max_page = 0;
865	char name[249], oui[9], *comp, *tmp;
866	struct hci_version version;
867	struct hci_dev_info di;
868	struct hci_conn_info_req *cr;
869	int i, opt, dd, cc = 0;
870
871	for_each_opt(opt, info_options, NULL) {
872		switch (opt) {
873		default:
874			printf("%s", info_help);
875			return;
876		}
877	}
878	helper_arg(1, 1, &argc, &argv, info_help);
879
880	str2ba(argv[0], &bdaddr);
881
882	if (dev_id < 0)
883		dev_id = hci_for_each_dev(HCI_UP, find_conn, (long) &bdaddr);
884
885	if (dev_id < 0)
886		dev_id = hci_get_route(&bdaddr);
887
888	if (dev_id < 0) {
889		fprintf(stderr, "Device is not available or not connected.\n");
890		exit(1);
891	}
892
893	if (hci_devinfo(dev_id, &di) < 0) {
894		perror("Can't get device info");
895		exit(1);
896	}
897
898	printf("Requesting information ...\n");
899
900	dd = hci_open_dev(dev_id);
901	if (dd < 0) {
902		perror("HCI device open failed");
903		exit(1);
904	}
905
906	cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
907	if (!cr) {
908		perror("Can't get connection info");
909		close(dd);
910		exit(1);
911	}
912
913	bacpy(&cr->bdaddr, &bdaddr);
914	cr->type = ACL_LINK;
915	if (ioctl(dd, HCIGETCONNINFO, (unsigned long) cr) < 0) {
916		if (hci_create_connection(dd, &bdaddr,
917					htobs(di.pkt_type & ACL_PTYPE_MASK),
918					0, 0x01, &handle, 25000) < 0) {
919			perror("Can't create connection");
920			close(dd);
921			exit(1);
922		}
923		sleep(1);
924		cc = 1;
925	} else
926		handle = htobs(cr->conn_info->handle);
927
928	printf("\tBD Address:  %s\n", argv[0]);
929
930	ba2oui(&bdaddr, oui);
931	comp = ouitocomp(oui);
932	if (comp) {
933		printf("\tOUI Company: %s (%s)\n", comp, oui);
934		free(comp);
935	}
936
937	if (hci_read_remote_name(dd, &bdaddr, sizeof(name), name, 25000) == 0)
938		printf("\tDevice Name: %s\n", name);
939
940	if (hci_read_remote_version(dd, handle, &version, 20000) == 0) {
941		char *ver = lmp_vertostr(version.lmp_ver);
942		printf("\tLMP Version: %s (0x%x) LMP Subversion: 0x%x\n"
943			"\tManufacturer: %s (%d)\n",
944			ver ? ver : "n/a",
945			version.lmp_ver,
946			version.lmp_subver,
947			bt_compidtostr(version.manufacturer),
948			version.manufacturer);
949		if (ver)
950			bt_free(ver);
951	}
952
953	memset(features, 0, sizeof(features));
954	hci_read_remote_features(dd, handle, features, 20000);
955
956	if ((di.features[7] & LMP_EXT_FEAT) && (features[7] & LMP_EXT_FEAT))
957		hci_read_remote_ext_features(dd, handle, 0, &max_page,
958							features, 20000);
959
960	printf("\tFeatures%s: 0x%2.2x 0x%2.2x 0x%2.2x 0x%2.2x "
961				"0x%2.2x 0x%2.2x 0x%2.2x 0x%2.2x\n",
962		(max_page > 0) ? " page 0" : "",
963		features[0], features[1], features[2], features[3],
964		features[4], features[5], features[6], features[7]);
965
966	tmp = lmp_featurestostr(features, "\t\t", 63);
967	printf("%s\n", tmp);
968	bt_free(tmp);
969
970	for (i = 1; i <= max_page; i++) {
971		if (hci_read_remote_ext_features(dd, handle, i, NULL,
972							features, 20000) < 0)
973			continue;
974
975		printf("\tFeatures page %d: 0x%2.2x 0x%2.2x 0x%2.2x 0x%2.2x "
976					"0x%2.2x 0x%2.2x 0x%2.2x 0x%2.2x\n", i,
977			features[0], features[1], features[2], features[3],
978			features[4], features[5], features[6], features[7]);
979	}
980
981	if (cc) {
982		usleep(10000);
983		hci_disconnect(dd, handle, HCI_OE_USER_ENDED_CONNECTION, 10000);
984	}
985
986	hci_close_dev(dd);
987}
988
989/* Start periodic inquiry */
990
991static struct option spinq_options[] = {
992	{ "help",	0, 0, 'h' },
993	{ 0, 0, 0, 0 }
994};
995
996static const char *spinq_help =
997	"Usage:\n"
998	"\tspinq\n";
999
1000static void cmd_spinq(int dev_id, int argc, char **argv)
1001{
1002	uint8_t lap[3] = { 0x33, 0x8b, 0x9e };
1003	struct hci_request rq;
1004	periodic_inquiry_cp cp;
1005	int opt, dd;
1006
1007	for_each_opt(opt, spinq_options, NULL) {
1008		switch (opt) {
1009		default:
1010			printf("%s", spinq_help);
1011			return;
1012		}
1013	}
1014	helper_arg(0, 0, &argc, &argv, spinq_help);
1015
1016	if (dev_id < 0)
1017		dev_id = hci_get_route(NULL);
1018
1019	dd = hci_open_dev(dev_id);
1020	if (dd < 0) {
1021		perror("Device open failed");
1022		exit(EXIT_FAILURE);
1023	}
1024
1025	memset(&cp, 0, sizeof(cp));
1026	memcpy(cp.lap, lap, 3);
1027	cp.max_period = htobs(16);
1028	cp.min_period = htobs(10);
1029	cp.length     = 8;
1030	cp.num_rsp    = 0;
1031
1032	memset(&rq, 0, sizeof(rq));
1033	rq.ogf    = OGF_LINK_CTL;
1034	rq.ocf    = OCF_PERIODIC_INQUIRY;
1035	rq.cparam = &cp;
1036	rq.clen   = PERIODIC_INQUIRY_CP_SIZE;
1037
1038	if (hci_send_req(dd, &rq, 100) < 0) {
1039		perror("Periodic inquiry failed");
1040		exit(EXIT_FAILURE);
1041	}
1042
1043	hci_close_dev(dd);
1044}
1045
1046/* Exit periodic inquiry */
1047
1048static struct option epinq_options[] = {
1049	{ "help",	0, 0, 'h' },
1050	{ 0, 0, 0, 0 }
1051};
1052
1053static const char *epinq_help =
1054	"Usage:\n"
1055	"\tepinq\n";
1056
1057static void cmd_epinq(int dev_id, int argc, char **argv)
1058{
1059	int opt, dd;
1060
1061	for_each_opt(opt, epinq_options, NULL) {
1062		switch (opt) {
1063		default:
1064			printf("%s", epinq_help);
1065			return;
1066		}
1067	}
1068	helper_arg(0, 0, &argc, &argv, epinq_help);
1069
1070	if (dev_id < 0)
1071		dev_id = hci_get_route(NULL);
1072
1073	dd = hci_open_dev(dev_id);
1074	if (dd < 0) {
1075		perror("Device open failed");
1076		exit(EXIT_FAILURE);
1077	}
1078
1079	if (hci_send_cmd(dd, OGF_LINK_CTL,
1080				OCF_EXIT_PERIODIC_INQUIRY, 0, NULL) < 0) {
1081		perror("Exit periodic inquiry failed");
1082		exit(EXIT_FAILURE);
1083	}
1084
1085	hci_close_dev(dd);
1086}
1087
1088/* Send arbitrary HCI commands */
1089
1090static struct option cmd_options[] = {
1091	{ "help",	0, 0, 'h' },
1092	{ 0, 0, 0, 0 }
1093};
1094
1095static const char *cmd_help =
1096	"Usage:\n"
1097	"\tcmd <ogf> <ocf> [parameters]\n"
1098	"Example:\n"
1099	"\tcmd 0x03 0x0013 0x41 0x42 0x43 0x44\n";
1100
1101static void cmd_cmd(int dev_id, int argc, char **argv)
1102{
1103	unsigned char buf[HCI_MAX_EVENT_SIZE], *ptr = buf;
1104	struct hci_filter flt;
1105	hci_event_hdr *hdr;
1106	int i, opt, len, dd;
1107	uint16_t ocf;
1108	uint8_t ogf;
1109
1110	for_each_opt(opt, cmd_options, NULL) {
1111		switch (opt) {
1112		default:
1113			printf("%s", cmd_help);
1114			return;
1115		}
1116	}
1117	helper_arg(2, -1, &argc, &argv, cmd_help);
1118
1119	if (dev_id < 0)
1120		dev_id = hci_get_route(NULL);
1121
1122	errno = 0;
1123	ogf = strtol(argv[0], NULL, 16);
1124	ocf = strtol(argv[1], NULL, 16);
1125	if (errno == ERANGE || (ogf > 0x3f) || (ocf > 0x3ff)) {
1126		printf("%s", cmd_help);
1127		return;
1128	}
1129
1130	for (i = 2, len = 0; i < argc && len < (int) sizeof(buf); i++, len++)
1131		*ptr++ = (uint8_t) strtol(argv[i], NULL, 16);
1132
1133	dd = hci_open_dev(dev_id);
1134	if (dd < 0) {
1135		perror("Device open failed");
1136		exit(EXIT_FAILURE);
1137	}
1138
1139	/* Setup filter */
1140	hci_filter_clear(&flt);
1141	hci_filter_set_ptype(HCI_EVENT_PKT, &flt);
1142	hci_filter_all_events(&flt);
1143	if (setsockopt(dd, SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) {
1144		perror("HCI filter setup failed");
1145		exit(EXIT_FAILURE);
1146	}
1147
1148	printf("< HCI Command: ogf 0x%02x, ocf 0x%04x, plen %d\n", ogf, ocf, len);
1149	hex_dump("  ", 20, buf, len); fflush(stdout);
1150
1151	if (hci_send_cmd(dd, ogf, ocf, len, buf) < 0) {
1152		perror("Send failed");
1153		exit(EXIT_FAILURE);
1154	}
1155
1156	len = read(dd, buf, sizeof(buf));
1157	if (len < 0) {
1158		perror("Read failed");
1159		exit(EXIT_FAILURE);
1160	}
1161
1162	hdr = (void *)(buf + 1);
1163	ptr = buf + (1 + HCI_EVENT_HDR_SIZE);
1164	len -= (1 + HCI_EVENT_HDR_SIZE);
1165
1166	printf("> HCI Event: 0x%02x plen %d\n", hdr->evt, hdr->plen);
1167	hex_dump("  ", 20, ptr, len); fflush(stdout);
1168
1169	hci_close_dev(dd);
1170}
1171
1172/* Display active connections */
1173
1174static struct option con_options[] = {
1175	{ "help",	0, 0, 'h' },
1176	{ 0, 0, 0, 0 }
1177};
1178
1179static const char *con_help =
1180	"Usage:\n"
1181	"\tcon\n";
1182
1183static void cmd_con(int dev_id, int argc, char **argv)
1184{
1185	int opt;
1186
1187	for_each_opt(opt, con_options, NULL) {
1188		switch (opt) {
1189		default:
1190			printf("%s", con_help);
1191			return;
1192		}
1193	}
1194	helper_arg(0, 0, &argc, &argv, con_help);
1195
1196	printf("Connections:\n");
1197
1198	hci_for_each_dev(HCI_UP, conn_list, dev_id);
1199}
1200
1201/* Create connection */
1202
1203static struct option cc_options[] = {
1204	{ "help",	0, 0, 'h' },
1205	{ "role",	1, 0, 'r' },
1206	{ "ptype",	1, 0, 'p' },
1207	{ 0, 0, 0, 0 }
1208};
1209
1210static const char *cc_help =
1211	"Usage:\n"
1212	"\tcc [--role=m|s] [--ptype=pkt_types] <bdaddr>\n"
1213	"Example:\n"
1214	"\tcc --ptype=dm1,dh3,dh5 01:02:03:04:05:06\n"
1215	"\tcc --role=m 01:02:03:04:05:06\n";
1216
1217static void cmd_cc(int dev_id, int argc, char **argv)
1218{
1219	bdaddr_t bdaddr;
1220	uint16_t handle;
1221	uint8_t role;
1222	unsigned int ptype;
1223	int dd, opt;
1224
1225	role = 0x01;
1226	ptype = HCI_DM1 | HCI_DM3 | HCI_DM5 | HCI_DH1 | HCI_DH3 | HCI_DH5;
1227
1228	for_each_opt(opt, cc_options, NULL) {
1229		switch (opt) {
1230		case 'p':
1231			hci_strtoptype(optarg, &ptype);
1232			break;
1233
1234		case 'r':
1235			role = optarg[0] == 'm' ? 0 : 1;
1236			break;
1237
1238		default:
1239			printf("%s", cc_help);
1240			return;
1241		}
1242	}
1243	helper_arg(1, 1, &argc, &argv, cc_help);
1244
1245	str2ba(argv[0], &bdaddr);
1246
1247	if (dev_id < 0) {
1248		dev_id = hci_get_route(&bdaddr);
1249		if (dev_id < 0) {
1250			fprintf(stderr, "Device is not available.\n");
1251			exit(1);
1252		}
1253	}
1254
1255	dd = hci_open_dev(dev_id);
1256	if (dd < 0) {
1257		perror("HCI device open failed");
1258		exit(1);
1259	}
1260
1261	if (hci_create_connection(dd, &bdaddr, htobs(ptype),
1262				htobs(0x0000), role, &handle, 25000) < 0)
1263		perror("Can't create connection");
1264
1265	hci_close_dev(dd);
1266}
1267
1268/* Close connection */
1269
1270static struct option dc_options[] = {
1271	{ "help",	0, 0, 'h' },
1272	{ 0, 0, 0, 0 }
1273};
1274
1275static const char *dc_help =
1276	"Usage:\n"
1277	"\tdc <bdaddr> [reason]\n";
1278
1279static void cmd_dc(int dev_id, int argc, char **argv)
1280{
1281	struct hci_conn_info_req *cr;
1282	bdaddr_t bdaddr;
1283	uint8_t reason;
1284	int opt, dd;
1285
1286	for_each_opt(opt, dc_options, NULL) {
1287		switch (opt) {
1288		default:
1289			printf("%s", dc_help);
1290			return;
1291		}
1292	}
1293	helper_arg(1, 2, &argc, &argv, dc_help);
1294
1295	str2ba(argv[0], &bdaddr);
1296	reason = (argc > 1) ? atoi(argv[1]) : HCI_OE_USER_ENDED_CONNECTION;
1297
1298	if (dev_id < 0) {
1299		dev_id = hci_for_each_dev(HCI_UP, find_conn, (long) &bdaddr);
1300		if (dev_id < 0) {
1301			fprintf(stderr, "Not connected.\n");
1302			exit(1);
1303		}
1304	}
1305
1306	dd = hci_open_dev(dev_id);
1307	if (dd < 0) {
1308		perror("HCI device open failed");
1309		exit(1);
1310	}
1311
1312	cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
1313	if (!cr) {
1314		perror("Can't allocate memory");
1315		exit(1);
1316	}
1317
1318	bacpy(&cr->bdaddr, &bdaddr);
1319	cr->type = ACL_LINK;
1320	if (ioctl(dd, HCIGETCONNINFO, (unsigned long) cr) < 0) {
1321		perror("Get connection info failed");
1322		exit(1);
1323	}
1324
1325	if (hci_disconnect(dd, htobs(cr->conn_info->handle),
1326						reason, 10000) < 0)
1327		perror("Disconnect failed");
1328
1329	free(cr);
1330
1331	hci_close_dev(dd);
1332}
1333
1334/* Role switch */
1335
1336static struct option sr_options[] = {
1337	{ "help",	0, 0, 'h' },
1338	{ 0, 0, 0, 0 }
1339};
1340
1341static const char *sr_help =
1342	"Usage:\n"
1343	"\tsr <bdaddr> <role>\n";
1344
1345static void cmd_sr(int dev_id, int argc, char **argv)
1346{
1347	bdaddr_t bdaddr;
1348	uint8_t role;
1349	int opt, dd;
1350
1351	for_each_opt(opt, sr_options, NULL) {
1352		switch (opt) {
1353		default:
1354			printf("%s", sr_help);
1355			return;
1356		}
1357	}
1358	helper_arg(2, 2, &argc, &argv, sr_help);
1359
1360	str2ba(argv[0], &bdaddr);
1361	switch (argv[1][0]) {
1362	case 'm':
1363		role = 0;
1364		break;
1365	case 's':
1366		role = 1;
1367		break;
1368	default:
1369		role = atoi(argv[1]);
1370		break;
1371	}
1372
1373	if (dev_id < 0) {
1374		dev_id = hci_for_each_dev(HCI_UP, find_conn, (long) &bdaddr);
1375		if (dev_id < 0) {
1376			fprintf(stderr, "Not connected.\n");
1377			exit(1);
1378		}
1379	}
1380
1381	dd = hci_open_dev(dev_id);
1382	if (dd < 0) {
1383		perror("HCI device open failed");
1384		exit(1);
1385	}
1386
1387	if (hci_switch_role(dd, &bdaddr, role, 10000) < 0) {
1388		perror("Switch role request failed");
1389		exit(1);
1390	}
1391
1392	hci_close_dev(dd);
1393}
1394
1395/* Read RSSI */
1396
1397static struct option rssi_options[] = {
1398	{ "help",	0, 0, 'h' },
1399	{ 0, 0, 0, 0 }
1400};
1401
1402static const char *rssi_help =
1403	"Usage:\n"
1404	"\trssi <bdaddr>\n";
1405
1406static void cmd_rssi(int dev_id, int argc, char **argv)
1407{
1408	struct hci_conn_info_req *cr;
1409	bdaddr_t bdaddr;
1410	int8_t rssi;
1411	int opt, dd;
1412
1413	for_each_opt(opt, rssi_options, NULL) {
1414		switch (opt) {
1415		default:
1416			printf("%s", rssi_help);
1417			return;
1418		}
1419	}
1420	helper_arg(1, 1, &argc, &argv, rssi_help);
1421
1422	str2ba(argv[0], &bdaddr);
1423
1424	if (dev_id < 0) {
1425		dev_id = hci_for_each_dev(HCI_UP, find_conn, (long) &bdaddr);
1426		if (dev_id < 0) {
1427			fprintf(stderr, "Not connected.\n");
1428			exit(1);
1429		}
1430	}
1431
1432	dd = hci_open_dev(dev_id);
1433	if (dd < 0) {
1434		perror("HCI device open failed");
1435		exit(1);
1436	}
1437
1438	cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
1439	if (!cr) {
1440		perror("Can't allocate memory");
1441		exit(1);
1442	}
1443
1444	bacpy(&cr->bdaddr, &bdaddr);
1445	cr->type = ACL_LINK;
1446	if (ioctl(dd, HCIGETCONNINFO, (unsigned long) cr) < 0) {
1447		perror("Get connection info failed");
1448		exit(1);
1449	}
1450
1451	if (hci_read_rssi(dd, htobs(cr->conn_info->handle), &rssi, 1000) < 0) {
1452		perror("Read RSSI failed");
1453		exit(1);
1454	}
1455
1456	printf("RSSI return value: %d\n", rssi);
1457
1458	free(cr);
1459
1460	hci_close_dev(dd);
1461}
1462
1463/* Get link quality */
1464
1465static struct option lq_options[] = {
1466	{ "help",	0, 0, 'h' },
1467	{ 0, 0, 0, 0 }
1468};
1469
1470static const char *lq_help =
1471	"Usage:\n"
1472	"\tlq <bdaddr>\n";
1473
1474static void cmd_lq(int dev_id, int argc, char **argv)
1475{
1476	struct hci_conn_info_req *cr;
1477	bdaddr_t bdaddr;
1478	uint8_t lq;
1479	int opt, dd;
1480
1481	for_each_opt(opt, lq_options, NULL) {
1482		switch (opt) {
1483		default:
1484			printf("%s", lq_help);
1485			return;
1486		}
1487	}
1488	helper_arg(1, 1, &argc, &argv, lq_help);
1489
1490	str2ba(argv[0], &bdaddr);
1491
1492	if (dev_id < 0) {
1493		dev_id = hci_for_each_dev(HCI_UP, find_conn, (long) &bdaddr);
1494		if (dev_id < 0) {
1495			fprintf(stderr, "Not connected.\n");
1496			exit(1);
1497		}
1498	}
1499
1500	dd = hci_open_dev(dev_id);
1501	if (dd < 0) {
1502		perror("HCI device open failed");
1503		exit(1);
1504	}
1505
1506	cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
1507	if (!cr) {
1508		perror("Can't allocate memory");
1509		exit(1);
1510	}
1511
1512	bacpy(&cr->bdaddr, &bdaddr);
1513	cr->type = ACL_LINK;
1514	if (ioctl(dd, HCIGETCONNINFO, (unsigned long) cr) < 0) {
1515		perror("Get connection info failed");
1516		exit(1);
1517	}
1518
1519	if (hci_read_link_quality(dd, htobs(cr->conn_info->handle), &lq, 1000) < 0) {
1520		perror("HCI read_link_quality request failed");
1521		exit(1);
1522	}
1523
1524	printf("Link quality: %d\n", lq);
1525
1526	free(cr);
1527
1528	hci_close_dev(dd);
1529}
1530
1531/* Get transmit power level */
1532
1533static struct option tpl_options[] = {
1534	{ "help",	0, 0, 'h' },
1535	{ 0, 0, 0, 0 }
1536};
1537
1538static const char *tpl_help =
1539	"Usage:\n"
1540	"\ttpl <bdaddr> [type]\n";
1541
1542static void cmd_tpl(int dev_id, int argc, char **argv)
1543{
1544	struct hci_conn_info_req *cr;
1545	bdaddr_t bdaddr;
1546	uint8_t type;
1547	int8_t level;
1548	int opt, dd;
1549
1550	for_each_opt(opt, tpl_options, NULL) {
1551		switch (opt) {
1552		default:
1553			printf("%s", tpl_help);
1554			return;
1555		}
1556	}
1557	helper_arg(1, 2, &argc, &argv, tpl_help);
1558
1559	str2ba(argv[0], &bdaddr);
1560	type = (argc > 1) ? atoi(argv[1]) : 0;
1561
1562	if (dev_id < 0) {
1563		dev_id = hci_for_each_dev(HCI_UP, find_conn, (long) &bdaddr);
1564		if (dev_id < 0) {
1565			fprintf(stderr, "Not connected.\n");
1566			exit(1);
1567		}
1568	}
1569
1570	dd = hci_open_dev(dev_id);
1571	if (dd < 0) {
1572		perror("HCI device open failed");
1573		exit(1);
1574	}
1575
1576	cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
1577	if (!cr) {
1578		perror("Can't allocate memory");
1579		exit(1);
1580	}
1581
1582	bacpy(&cr->bdaddr, &bdaddr);
1583	cr->type = ACL_LINK;
1584	if (ioctl(dd, HCIGETCONNINFO, (unsigned long) cr) < 0) {
1585		perror("Get connection info failed");
1586		exit(1);
1587	}
1588
1589	if (hci_read_transmit_power_level(dd, htobs(cr->conn_info->handle), type, &level, 1000) < 0) {
1590		perror("HCI read transmit power level request failed");
1591		exit(1);
1592	}
1593
1594	printf("%s transmit power level: %d\n",
1595		(type == 0) ? "Current" : "Maximum", level);
1596
1597	free(cr);
1598
1599	hci_close_dev(dd);
1600}
1601
1602/* Get AFH channel map */
1603
1604static struct option afh_options[] = {
1605	{ "help",	0, 0, 'h' },
1606	{ 0, 0, 0, 0 }
1607};
1608
1609static const char *afh_help =
1610	"Usage:\n"
1611	"\tafh <bdaddr>\n";
1612
1613static void cmd_afh(int dev_id, int argc, char **argv)
1614{
1615	struct hci_conn_info_req *cr;
1616	bdaddr_t bdaddr;
1617	uint16_t handle;
1618	uint8_t mode, map[10];
1619	int opt, dd;
1620
1621	for_each_opt(opt, afh_options, NULL) {
1622		switch (opt) {
1623		default:
1624			printf("%s", afh_help);
1625			return;
1626		}
1627	}
1628	helper_arg(1, 1, &argc, &argv, afh_help);
1629
1630	str2ba(argv[0], &bdaddr);
1631
1632	if (dev_id < 0) {
1633		dev_id = hci_for_each_dev(HCI_UP, find_conn, (long) &bdaddr);
1634		if (dev_id < 0) {
1635			fprintf(stderr, "Not connected.\n");
1636			exit(1);
1637		}
1638	}
1639
1640	dd = hci_open_dev(dev_id);
1641	if (dd < 0) {
1642		perror("HCI device open failed");
1643		exit(1);
1644	}
1645
1646	cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
1647	if (!cr) {
1648		perror("Can't allocate memory");
1649		exit(1);
1650	}
1651
1652	bacpy(&cr->bdaddr, &bdaddr);
1653	cr->type = ACL_LINK;
1654	if (ioctl(dd, HCIGETCONNINFO, (unsigned long) cr) < 0) {
1655		perror("Get connection info failed");
1656		exit(1);
1657	}
1658
1659	handle = htobs(cr->conn_info->handle);
1660
1661	if (hci_read_afh_map(dd, handle, &mode, map, 1000) < 0) {
1662		perror("HCI read AFH map request failed");
1663		exit(1);
1664	}
1665
1666	if (mode == 0x01) {
1667		int i;
1668		printf("AFH map: 0x");
1669		for (i = 0; i < 10; i++)
1670			printf("%02x", map[i]);
1671		printf("\n");
1672	} else
1673		printf("AFH disabled\n");
1674
1675	free(cr);
1676
1677	hci_close_dev(dd);
1678}
1679
1680/* Set connection packet type */
1681
1682static struct option cpt_options[] = {
1683	{ "help",	0, 0, 'h' },
1684	{ 0, 0, 0, 0 }
1685};
1686
1687static const char *cpt_help =
1688	"Usage:\n"
1689	"\tcpt <bdaddr> <packet_types>\n";
1690
1691static void cmd_cpt(int dev_id, int argc, char **argv)
1692{
1693	struct hci_conn_info_req *cr;
1694	struct hci_request rq;
1695	set_conn_ptype_cp cp;
1696	evt_conn_ptype_changed rp;
1697	bdaddr_t bdaddr;
1698	unsigned int ptype;
1699	int dd, opt;
1700
1701	for_each_opt(opt, cpt_options, NULL) {
1702		switch (opt) {
1703		default:
1704			printf("%s", cpt_help);
1705			return;
1706		}
1707	}
1708	helper_arg(2, 2, &argc, &argv, cpt_help);
1709
1710	str2ba(argv[0], &bdaddr);
1711	hci_strtoptype(argv[1], &ptype);
1712
1713	if (dev_id < 0) {
1714		dev_id = hci_for_each_dev(HCI_UP, find_conn, (long) &bdaddr);
1715		if (dev_id < 0) {
1716			fprintf(stderr, "Not connected.\n");
1717			exit(1);
1718		}
1719	}
1720
1721	dd = hci_open_dev(dev_id);
1722	if (dd < 0) {
1723		perror("HCI device open failed");
1724		exit(1);
1725	}
1726
1727	cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
1728	if (!cr) {
1729		perror("Can't allocate memory");
1730		exit(1);
1731	}
1732
1733	bacpy(&cr->bdaddr, &bdaddr);
1734	cr->type = ACL_LINK;
1735	if (ioctl(dd, HCIGETCONNINFO, (unsigned long) cr) < 0) {
1736		perror("Get connection info failed");
1737		exit(1);
1738	}
1739
1740	cp.handle   = htobs(cr->conn_info->handle);
1741	cp.pkt_type = ptype;
1742
1743	memset(&rq, 0, sizeof(rq));
1744	rq.ogf    = OGF_LINK_CTL;
1745	rq.ocf    = OCF_SET_CONN_PTYPE;
1746	rq.cparam = &cp;
1747	rq.clen   = SET_CONN_PTYPE_CP_SIZE;
1748	rq.rparam = &rp;
1749	rq.rlen   = EVT_CONN_PTYPE_CHANGED_SIZE;
1750	rq.event  = EVT_CONN_PTYPE_CHANGED;
1751
1752	if (hci_send_req(dd, &rq, 100) < 0) {
1753		perror("Packet type change failed");
1754		exit(1);
1755	}
1756
1757	free(cr);
1758
1759	hci_close_dev(dd);
1760}
1761
1762/* Get/Set link policy settings */
1763
1764static struct option lp_options[] = {
1765	{ "help",	0, 0, 'h' },
1766	{ 0, 0, 0, 0 }
1767};
1768
1769static const char *lp_help =
1770	"Usage:\n"
1771	"\tlp <bdaddr> [link policy]\n";
1772
1773static void cmd_lp(int dev_id, int argc, char **argv)
1774{
1775	struct hci_conn_info_req *cr;
1776	bdaddr_t bdaddr;
1777	uint16_t policy;
1778	int opt, dd;
1779
1780	for_each_opt(opt, lp_options, NULL) {
1781		switch (opt) {
1782		default:
1783			printf("%s", lp_help);
1784			return;
1785		}
1786	}
1787	helper_arg(1, 2, &argc, &argv, lp_help);
1788
1789	str2ba(argv[0], &bdaddr);
1790
1791	if (dev_id < 0) {
1792		dev_id = hci_for_each_dev(HCI_UP, find_conn, (long) &bdaddr);
1793		if (dev_id < 0) {
1794			fprintf(stderr, "Not connected.\n");
1795			exit(1);
1796		}
1797	}
1798
1799	dd = hci_open_dev(dev_id);
1800	if (dd < 0) {
1801		perror("HCI device open failed");
1802		exit(1);
1803	}
1804
1805	cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
1806	if (!cr) {
1807		perror("Can't allocate memory");
1808		exit(1);
1809	}
1810
1811	bacpy(&cr->bdaddr, &bdaddr);
1812	cr->type = ACL_LINK;
1813	if (ioctl(dd, HCIGETCONNINFO, (unsigned long) cr) < 0) {
1814		perror("Get connection info failed");
1815		exit(1);
1816	}
1817
1818	if (argc == 1) {
1819		char *str;
1820		if (hci_read_link_policy(dd, htobs(cr->conn_info->handle),
1821							&policy, 1000) < 0) {
1822			perror("HCI read_link_policy_settings request failed");
1823			exit(1);
1824		}
1825
1826		policy = btohs(policy);
1827		str = hci_lptostr(policy);
1828		if (str) {
1829			printf("Link policy settings: %s\n", str);
1830			bt_free(str);
1831		} else {
1832			fprintf(stderr, "Invalig settings\n");
1833			exit(1);
1834		}
1835	} else {
1836		unsigned int val;
1837		if (hci_strtolp(argv[1], &val) < 0) {
1838			fprintf(stderr, "Invalig arguments\n");
1839			exit(1);
1840		}
1841		policy = val;
1842
1843		if (hci_write_link_policy(dd, htobs(cr->conn_info->handle),
1844						htobs(policy), 1000) < 0) {
1845			perror("HCI write_link_policy_settings request failed");
1846			exit(1);
1847		}
1848	}
1849
1850	free(cr);
1851
1852	hci_close_dev(dd);
1853}
1854
1855/* Get/Set link supervision timeout */
1856
1857static struct option lst_options[] = {
1858	{ "help",	0, 0, 'h' },
1859	{ 0, 0, 0, 0 }
1860};
1861
1862static const char *lst_help =
1863	"Usage:\n"
1864	"\tlst <bdaddr> [new value in slots]\n";
1865
1866static void cmd_lst(int dev_id, int argc, char **argv)
1867{
1868	struct hci_conn_info_req *cr;
1869	bdaddr_t bdaddr;
1870	uint16_t timeout;
1871	int opt, dd;
1872
1873	for_each_opt(opt, lst_options, NULL) {
1874		switch (opt) {
1875		default:
1876			printf("%s", lst_help);
1877			return;
1878		}
1879	}
1880	helper_arg(1, 2, &argc, &argv, lst_help);
1881
1882	str2ba(argv[0], &bdaddr);
1883
1884	if (dev_id < 0) {
1885		dev_id = hci_for_each_dev(HCI_UP, find_conn, (long) &bdaddr);
1886		if (dev_id < 0) {
1887			fprintf(stderr, "Not connected.\n");
1888			exit(1);
1889		}
1890	}
1891
1892	dd = hci_open_dev(dev_id);
1893	if (dd < 0) {
1894		perror("HCI device open failed");
1895		exit(1);
1896	}
1897
1898	cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
1899	if (!cr) {
1900		perror("Can't allocate memory");
1901		exit(1);
1902	}
1903
1904	bacpy(&cr->bdaddr, &bdaddr);
1905	cr->type = ACL_LINK;
1906	if (ioctl(dd, HCIGETCONNINFO, (unsigned long) cr) < 0) {
1907		perror("Get connection info failed");
1908		exit(1);
1909	}
1910
1911	if (argc == 1) {
1912		if (hci_read_link_supervision_timeout(dd, htobs(cr->conn_info->handle),
1913							&timeout, 1000) < 0) {
1914			perror("HCI read_link_supervision_timeout request failed");
1915			exit(1);
1916		}
1917
1918		timeout = btohs(timeout);
1919
1920		if (timeout)
1921			printf("Link supervision timeout: %u slots (%.2f msec)\n",
1922				timeout, (float) timeout * 0.625);
1923		else
1924			printf("Link supervision timeout never expires\n");
1925	} else {
1926		timeout = strtol(argv[1], NULL, 10);
1927
1928		if (hci_write_link_supervision_timeout(dd, htobs(cr->conn_info->handle),
1929							htobs(timeout), 1000) < 0) {
1930			perror("HCI write_link_supervision_timeout request failed");
1931			exit(1);
1932		}
1933	}
1934
1935	free(cr);
1936
1937	hci_close_dev(dd);
1938}
1939
1940/* Request authentication */
1941
1942static struct option auth_options[] = {
1943	{ "help",	0, 0, 'h' },
1944	{ 0, 0, 0, 0 }
1945};
1946
1947static const char *auth_help =
1948	"Usage:\n"
1949	"\tauth <bdaddr>\n";
1950
1951static void cmd_auth(int dev_id, int argc, char **argv)
1952{
1953	struct hci_conn_info_req *cr;
1954	bdaddr_t bdaddr;
1955	int opt, dd;
1956
1957	for_each_opt(opt, auth_options, NULL) {
1958		switch (opt) {
1959		default:
1960			printf("%s", auth_help);
1961			return;
1962		}
1963	}
1964	helper_arg(1, 1, &argc, &argv, auth_help);
1965
1966	str2ba(argv[0], &bdaddr);
1967
1968	if (dev_id < 0) {
1969		dev_id = hci_for_each_dev(HCI_UP, find_conn, (long) &bdaddr);
1970		if (dev_id < 0) {
1971			fprintf(stderr, "Not connected.\n");
1972			exit(1);
1973		}
1974	}
1975
1976	dd = hci_open_dev(dev_id);
1977	if (dd < 0) {
1978		perror("HCI device open failed");
1979		exit(1);
1980	}
1981
1982	cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
1983	if (!cr) {
1984		perror("Can't allocate memory");
1985		exit(1);
1986	}
1987
1988	bacpy(&cr->bdaddr, &bdaddr);
1989	cr->type = ACL_LINK;
1990	if (ioctl(dd, HCIGETCONNINFO, (unsigned long) cr) < 0) {
1991		perror("Get connection info failed");
1992		exit(1);
1993	}
1994
1995	if (hci_authenticate_link(dd, htobs(cr->conn_info->handle), 25000) < 0) {
1996		perror("HCI authentication request failed");
1997		exit(1);
1998	}
1999
2000	free(cr);
2001
2002	hci_close_dev(dd);
2003}
2004
2005/* Activate encryption */
2006
2007static struct option enc_options[] = {
2008	{ "help",	0, 0, 'h' },
2009	{ 0, 0, 0, 0 }
2010};
2011
2012static const char *enc_help =
2013	"Usage:\n"
2014	"\tenc <bdaddr> [encrypt enable]\n";
2015
2016static void cmd_enc(int dev_id, int argc, char **argv)
2017{
2018	struct hci_conn_info_req *cr;
2019	bdaddr_t bdaddr;
2020	uint8_t encrypt;
2021	int opt, dd;
2022
2023	for_each_opt(opt, enc_options, NULL) {
2024		switch (opt) {
2025		default:
2026			printf("%s", enc_help);
2027			return;
2028		}
2029	}
2030	helper_arg(1, 2, &argc, &argv, enc_help);
2031
2032	str2ba(argv[0], &bdaddr);
2033
2034	if (dev_id < 0) {
2035		dev_id = hci_for_each_dev(HCI_UP, find_conn, (long) &bdaddr);
2036		if (dev_id < 0) {
2037			fprintf(stderr, "Not connected.\n");
2038			exit(1);
2039		}
2040	}
2041
2042	dd = hci_open_dev(dev_id);
2043	if (dd < 0) {
2044		perror("HCI device open failed");
2045		exit(1);
2046	}
2047
2048	cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
2049	if (!cr) {
2050		perror("Can't allocate memory");
2051		exit(1);
2052	}
2053
2054	bacpy(&cr->bdaddr, &bdaddr);
2055	cr->type = ACL_LINK;
2056	if (ioctl(dd, HCIGETCONNINFO, (unsigned long) cr) < 0) {
2057		perror("Get connection info failed");
2058		exit(1);
2059	}
2060
2061	encrypt = (argc > 1) ? atoi(argv[1]) : 1;
2062
2063	if (hci_encrypt_link(dd, htobs(cr->conn_info->handle), encrypt, 25000) < 0) {
2064		perror("HCI set encryption request failed");
2065		exit(1);
2066	}
2067
2068	free(cr);
2069
2070	hci_close_dev(dd);
2071}
2072
2073/* Change connection link key */
2074
2075static struct option key_options[] = {
2076	{ "help",	0, 0, 'h' },
2077	{ 0, 0, 0, 0 }
2078};
2079
2080static const char *key_help =
2081	"Usage:\n"
2082	"\tkey <bdaddr>\n";
2083
2084static void cmd_key(int dev_id, int argc, char **argv)
2085{
2086	struct hci_conn_info_req *cr;
2087	bdaddr_t bdaddr;
2088	int opt, dd;
2089
2090	for_each_opt(opt, key_options, NULL) {
2091		switch (opt) {
2092		default:
2093			printf("%s", key_help);
2094			return;
2095		}
2096	}
2097	helper_arg(1, 1, &argc, &argv, key_help);
2098
2099	str2ba(argv[0], &bdaddr);
2100
2101	if (dev_id < 0) {
2102		dev_id = hci_for_each_dev(HCI_UP, find_conn, (long) &bdaddr);
2103		if (dev_id < 0) {
2104			fprintf(stderr, "Not connected.\n");
2105			exit(1);
2106		}
2107	}
2108
2109	dd = hci_open_dev(dev_id);
2110	if (dd < 0) {
2111		perror("HCI device open failed");
2112		exit(1);
2113	}
2114
2115	cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
2116	if (!cr) {
2117		perror("Can't allocate memory");
2118		exit(1);
2119	}
2120
2121	bacpy(&cr->bdaddr, &bdaddr);
2122	cr->type = ACL_LINK;
2123	if (ioctl(dd, HCIGETCONNINFO, (unsigned long) cr) < 0) {
2124		perror("Get connection info failed");
2125		exit(1);
2126	}
2127
2128	if (hci_change_link_key(dd, htobs(cr->conn_info->handle), 25000) < 0) {
2129		perror("Changing link key failed");
2130		exit(1);
2131	}
2132
2133	free(cr);
2134
2135	hci_close_dev(dd);
2136}
2137
2138/* Read clock offset */
2139
2140static struct option clkoff_options[] = {
2141	{ "help",	0, 0, 'h' },
2142	{ 0, 0, 0, 0 }
2143};
2144
2145static const char *clkoff_help =
2146	"Usage:\n"
2147	"\tclkoff <bdaddr>\n";
2148
2149static void cmd_clkoff(int dev_id, int argc, char **argv)
2150{
2151	struct hci_conn_info_req *cr;
2152	bdaddr_t bdaddr;
2153	uint16_t offset;
2154	int opt, dd;
2155
2156	for_each_opt(opt, clkoff_options, NULL) {
2157		switch (opt) {
2158		default:
2159			printf("%s", clkoff_help);
2160			return;
2161		}
2162	}
2163	helper_arg(1, 1, &argc, &argv, clkoff_help);
2164
2165	str2ba(argv[0], &bdaddr);
2166
2167	if (dev_id < 0) {
2168		dev_id = hci_for_each_dev(HCI_UP, find_conn, (long) &bdaddr);
2169		if (dev_id < 0) {
2170			fprintf(stderr, "Not connected.\n");
2171			exit(1);
2172		}
2173	}
2174
2175	dd = hci_open_dev(dev_id);
2176	if (dd < 0) {
2177		perror("HCI device open failed");
2178		exit(1);
2179	}
2180
2181	cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
2182	if (!cr) {
2183		perror("Can't allocate memory");
2184		exit(1);
2185	}
2186
2187	bacpy(&cr->bdaddr, &bdaddr);
2188	cr->type = ACL_LINK;
2189	if (ioctl(dd, HCIGETCONNINFO, (unsigned long) cr) < 0) {
2190		perror("Get connection info failed");
2191		exit(1);
2192	}
2193
2194	if (hci_read_clock_offset(dd, htobs(cr->conn_info->handle), &offset, 1000) < 0) {
2195		perror("Reading clock offset failed");
2196		exit(1);
2197	}
2198
2199	printf("Clock offset: 0x%4.4x\n", btohs(offset));
2200
2201	free(cr);
2202
2203	hci_close_dev(dd);
2204}
2205
2206/* Read clock */
2207
2208static struct option clock_options[] = {
2209	{ "help",	0, 0, 'h' },
2210	{ 0, 0, 0, 0 }
2211};
2212
2213static const char *clock_help =
2214	"Usage:\n"
2215	"\tclock [bdaddr] [which clock]\n";
2216
2217static void cmd_clock(int dev_id, int argc, char **argv)
2218{
2219	struct hci_conn_info_req *cr;
2220	bdaddr_t bdaddr;
2221	uint8_t which;
2222	uint32_t handle, clock;
2223	uint16_t accuracy;
2224	int opt, dd;
2225
2226	for_each_opt(opt, clock_options, NULL) {
2227		switch (opt) {
2228		default:
2229			printf("%s", clock_help);
2230			return;
2231		}
2232	}
2233	helper_arg(0, 2, &argc, &argv, clock_help);
2234
2235	if (argc > 0)
2236		str2ba(argv[0], &bdaddr);
2237	else
2238		bacpy(&bdaddr, BDADDR_ANY);
2239
2240	if (dev_id < 0 && !bacmp(&bdaddr, BDADDR_ANY))
2241		dev_id = hci_get_route(NULL);
2242
2243	if (dev_id < 0) {
2244		dev_id = hci_for_each_dev(HCI_UP, find_conn, (long) &bdaddr);
2245		if (dev_id < 0) {
2246			fprintf(stderr, "Not connected.\n");
2247			exit(1);
2248		}
2249	}
2250
2251	dd = hci_open_dev(dev_id);
2252	if (dd < 0) {
2253		perror("HCI device open failed");
2254		exit(1);
2255	}
2256
2257	if (bacmp(&bdaddr, BDADDR_ANY)) {
2258		cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
2259		if (!cr) {
2260			perror("Can't allocate memory");
2261			exit(1);
2262		}
2263
2264		bacpy(&cr->bdaddr, &bdaddr);
2265		cr->type = ACL_LINK;
2266		if (ioctl(dd, HCIGETCONNINFO, (unsigned long) cr) < 0) {
2267			perror("Get connection info failed");
2268			free(cr);
2269			exit(1);
2270		}
2271
2272		handle = htobs(cr->conn_info->handle);
2273		which = (argc > 1) ? atoi(argv[1]) : 0x01;
2274
2275		free(cr);
2276	} else {
2277		handle = 0x00;
2278		which = 0x00;
2279	}
2280
2281	if (hci_read_clock(dd, handle, which, &clock, &accuracy, 1000) < 0) {
2282		perror("Reading clock failed");
2283		exit(1);
2284	}
2285
2286	accuracy = btohs(accuracy);
2287
2288	printf("Clock:    0x%4.4x\n", btohl(clock));
2289	printf("Accuracy: %.2f msec\n", (float) accuracy * 0.3125);
2290
2291	hci_close_dev(dd);
2292}
2293
2294static int read_flags(uint8_t *flags, const uint8_t *data, size_t size)
2295{
2296	unsigned int offset;
2297
2298	if (!flags || !data)
2299		return -EINVAL;
2300
2301	offset = 0;
2302	while (offset < size) {
2303		uint8_t len = data[offset];
2304		uint8_t type = data[offset + 1];
2305
2306		/* Check if it is the end of the significant part */
2307		if (len == 0)
2308			break;
2309
2310		if (type == FLAGS_AD_TYPE) {
2311			*flags = data[offset + 2];
2312			return 0;
2313		}
2314
2315		offset += 1 + len;
2316	}
2317
2318	return -ENOENT;
2319}
2320
2321static int check_report_filter(uint8_t procedure, le_advertising_info *info)
2322{
2323	uint8_t flags;
2324
2325	/* If no discovery procedure is set, all reports are treat as valid */
2326	if (procedure == 0)
2327		return 1;
2328
2329	/* Read flags AD type value from the advertising report if it exists */
2330	if (read_flags(&flags, info->data, info->length))
2331		return 0;
2332
2333	switch (procedure) {
2334	case 'l': /* Limited Discovery Procedure */
2335		if (flags & FLAGS_LIMITED_MODE_BIT)
2336			return 1;
2337		break;
2338	case 'g': /* General Discovery Procedure */
2339		if (flags & (FLAGS_LIMITED_MODE_BIT | FLAGS_GENERAL_MODE_BIT))
2340			return 1;
2341		break;
2342	default:
2343		fprintf(stderr, "Unknown discovery procedure\n");
2344	}
2345
2346	return 0;
2347}
2348
2349static int print_advertising_devices(int dd, uint8_t filter_type)
2350{
2351	unsigned char buf[HCI_MAX_EVENT_SIZE], *ptr;
2352	struct hci_filter nf, of;
2353	socklen_t olen;
2354	int num, len;
2355
2356	olen = sizeof(of);
2357	if (getsockopt(dd, SOL_HCI, HCI_FILTER, &of, &olen) < 0) {
2358		printf("Could not get socket options\n");
2359		return -1;
2360	}
2361
2362	hci_filter_clear(&nf);
2363	hci_filter_set_ptype(HCI_EVENT_PKT, &nf);
2364	hci_filter_set_event(EVT_LE_META_EVENT, &nf);
2365
2366	if (setsockopt(dd, SOL_HCI, HCI_FILTER, &nf, sizeof(nf)) < 0) {
2367		printf("Could not set socket options\n");
2368		return -1;
2369	}
2370
2371	/* Wait for 10 report events */
2372	num = 10;
2373	while (num--) {
2374		evt_le_meta_event *meta;
2375		le_advertising_info *info;
2376		char addr[18];
2377
2378		while ((len = read(dd, buf, sizeof(buf))) < 0) {
2379			if (errno == EAGAIN || errno == EINTR)
2380				continue;
2381			goto done;
2382		}
2383
2384		ptr = buf + (1 + HCI_EVENT_HDR_SIZE);
2385		len -= (1 + HCI_EVENT_HDR_SIZE);
2386
2387		meta = (void *) ptr;
2388
2389		if (meta->subevent != 0x02)
2390			goto done;
2391
2392		/* Ignoring multiple reports */
2393		info = (le_advertising_info *) (meta->data + 1);
2394		if (check_report_filter(filter_type, info)) {
2395			ba2str(&info->bdaddr, addr);
2396			printf("%s\n", addr);
2397		}
2398	}
2399
2400done:
2401	setsockopt(dd, SOL_HCI, HCI_FILTER, &of, sizeof(of));
2402
2403	if (len < 0)
2404		return -1;
2405
2406	return 0;
2407}
2408
2409static struct option lescan_options[] = {
2410	{ "help",	0, 0, 'h' },
2411	{ "privacy",	0, 0, 'p' },
2412	{ "passive",	0, 0, 'P' },
2413	{ "discovery",	1, 0, 'd' },
2414	{ 0, 0, 0, 0 }
2415};
2416
2417static const char *lescan_help =
2418	"Usage:\n"
2419	"\tlescan [--privacy] enable privacy\n"
2420	"\tlescan [--passive] set scan type passive (default active)\n"
2421	"\tlescan [--discovery=g|l] enable general or limited discovery"
2422		"procedure\n";
2423
2424static void cmd_lescan(int dev_id, int argc, char **argv)
2425{
2426	int err, opt, dd;
2427	uint8_t own_type = 0x00;
2428	uint8_t scan_type = 0x01;
2429	uint8_t filter_type = 0;
2430	uint16_t interval = htobs(0x0010);
2431	uint16_t window = htobs(0x0010);
2432
2433	for_each_opt(opt, lescan_options, NULL) {
2434		switch (opt) {
2435		case 'p':
2436			own_type = 0x01; /* Random */
2437			break;
2438		case 'P':
2439			scan_type = 0x00; /* Passive */
2440			break;
2441		case 'd':
2442			filter_type = optarg[0];
2443			if (filter_type != 'g' && filter_type != 'l') {
2444				fprintf(stderr, "Unknown discovery procedure\n");
2445				exit(1);
2446			}
2447
2448			interval = htobs(0x0012);
2449			window = htobs(0x0012);
2450			break;
2451		default:
2452			printf("%s", lescan_help);
2453			return;
2454		}
2455	}
2456	helper_arg(0, 1, &argc, &argv, lescan_help);
2457
2458	if (dev_id < 0)
2459		dev_id = hci_get_route(NULL);
2460
2461	dd = hci_open_dev(dev_id);
2462	if (dd < 0) {
2463		perror("Could not open device");
2464		exit(1);
2465	}
2466
2467	err = hci_le_set_scan_parameters(dd, scan_type, interval, window,
2468							own_type, 0x00, 1000);
2469	if (err < 0) {
2470		perror("Set scan parameters failed");
2471		exit(1);
2472	}
2473
2474	err = hci_le_set_scan_enable(dd, 0x01, 0x00, 1000);
2475	if (err < 0) {
2476		perror("Enable scan failed");
2477		exit(1);
2478	}
2479
2480	printf("LE Scan ...\n");
2481
2482	err = print_advertising_devices(dd, filter_type);
2483	if (err < 0) {
2484		perror("Could not receive advertising events");
2485		exit(1);
2486	}
2487
2488	err = hci_le_set_scan_enable(dd, 0x00, 0x00, 1000);
2489	if (err < 0) {
2490		perror("Disable scan failed");
2491		exit(1);
2492	}
2493
2494	hci_close_dev(dd);
2495}
2496
2497static struct option lecc_options[] = {
2498	{ "help",	0, 0, 'h' },
2499	{ "random",	0, 0, 'r' },
2500	{ "whitelist",	0, 0, 'w' },
2501	{ 0, 0, 0, 0 }
2502};
2503
2504static const char *lecc_help =
2505	"Usage:\n"
2506	"\tlecc [--random] <bdaddr>\n"
2507	"\tlecc --whitelist\n";
2508
2509static void cmd_lecc(int dev_id, int argc, char **argv)
2510{
2511	int err, opt, dd;
2512	bdaddr_t bdaddr;
2513	uint16_t interval, latency, max_ce_length, max_interval, min_ce_length;
2514	uint16_t min_interval, supervision_timeout, window, handle;
2515	uint8_t initiator_filter, own_bdaddr_type, peer_bdaddr_type;
2516
2517	peer_bdaddr_type = LE_PUBLIC_ADDRESS;
2518	initiator_filter = 0; /* Use peer address */
2519
2520	for_each_opt(opt, lecc_options, NULL) {
2521		switch (opt) {
2522		case 'r':
2523			peer_bdaddr_type = LE_RANDOM_ADDRESS;
2524			break;
2525		case 'w':
2526			initiator_filter = 0x01; /* Use white list */
2527			break;
2528		default:
2529			printf("%s", lecc_help);
2530			return;
2531		}
2532	}
2533	helper_arg(0, 1, &argc, &argv, lecc_help);
2534
2535	if (dev_id < 0)
2536		dev_id = hci_get_route(NULL);
2537
2538	dd = hci_open_dev(dev_id);
2539	if (dd < 0) {
2540		perror("Could not open device");
2541		exit(1);
2542	}
2543
2544	memset(&bdaddr, 0, sizeof(bdaddr_t));
2545	if (argv[0])
2546		str2ba(argv[0], &bdaddr);
2547
2548	interval = htobs(0x0004);
2549	window = htobs(0x0004);
2550	own_bdaddr_type = 0x00;
2551	min_interval = htobs(0x000F);
2552	max_interval = htobs(0x000F);
2553	latency = htobs(0x0000);
2554	supervision_timeout = htobs(0x0C80);
2555	min_ce_length = htobs(0x0001);
2556	max_ce_length = htobs(0x0001);
2557
2558	err = hci_le_create_conn(dd, interval, window, initiator_filter,
2559			peer_bdaddr_type, bdaddr, own_bdaddr_type, min_interval,
2560			max_interval, latency, supervision_timeout,
2561			min_ce_length, max_ce_length, &handle, 25000);
2562	if (err < 0) {
2563		perror("Could not create connection");
2564		exit(1);
2565	}
2566
2567	printf("Connection handle %d\n", handle);
2568
2569	hci_close_dev(dd);
2570}
2571
2572static struct option lewladd_options[] = {
2573	{ "help",	0, 0, 'h' },
2574	{ "random",	0, 0, 'r' },
2575	{ 0, 0, 0, 0 }
2576};
2577
2578static const char *lewladd_help =
2579	"Usage:\n"
2580	"\tlewladd [--random] <bdaddr>\n";
2581
2582static void cmd_lewladd(int dev_id, int argc, char **argv)
2583{
2584	int err, opt, dd;
2585	bdaddr_t bdaddr;
2586	uint8_t bdaddr_type = LE_PUBLIC_ADDRESS;
2587
2588	for_each_opt(opt, lewladd_options, NULL) {
2589		switch (opt) {
2590		case 'r':
2591			bdaddr_type = LE_RANDOM_ADDRESS;
2592			break;
2593		default:
2594			printf("%s", lewladd_help);
2595			return;
2596		}
2597	}
2598
2599	helper_arg(1, 1, &argc, &argv, lewladd_help);
2600
2601	if (dev_id < 0)
2602		dev_id = hci_get_route(NULL);
2603
2604	dd = hci_open_dev(dev_id);
2605	if (dd < 0) {
2606		perror("Could not open device");
2607		exit(1);
2608	}
2609
2610	str2ba(argv[0], &bdaddr);
2611
2612	err = hci_le_add_white_list(dd, &bdaddr, bdaddr_type, 1000);
2613	hci_close_dev(dd);
2614
2615	if (err < 0) {
2616		err = errno;
2617		fprintf(stderr, "Can't add to white list: %s(%d)\n",
2618							strerror(err), err);
2619		exit(1);
2620	}
2621}
2622
2623static struct option lewlrm_options[] = {
2624	{ "help",	0, 0, 'h' },
2625	{ 0, 0, 0, 0 }
2626};
2627
2628static const char *lewlrm_help =
2629	"Usage:\n"
2630	"\tlewlrm <bdaddr>\n";
2631
2632static void cmd_lewlrm(int dev_id, int argc, char **argv)
2633{
2634	int err, opt, dd;
2635	bdaddr_t bdaddr;
2636
2637	for_each_opt(opt, lewlrm_options, NULL) {
2638		switch (opt) {
2639		default:
2640			printf("%s", lewlrm_help);
2641			return;
2642		}
2643	}
2644
2645	helper_arg(1, 1, &argc, &argv, lewlrm_help);
2646
2647	if (dev_id < 0)
2648		dev_id = hci_get_route(NULL);
2649
2650	dd = hci_open_dev(dev_id);
2651	if (dd < 0) {
2652		perror("Could not open device");
2653		exit(1);
2654	}
2655
2656	str2ba(argv[0], &bdaddr);
2657
2658	err = hci_le_rm_white_list(dd, &bdaddr, LE_PUBLIC_ADDRESS, 1000);
2659	hci_close_dev(dd);
2660
2661	if (err < 0) {
2662		err = errno;
2663		fprintf(stderr, "Can't remove from white list: %s(%d)\n",
2664							strerror(err), err);
2665		exit(1);
2666	}
2667}
2668
2669static struct option lewlsz_options[] = {
2670	{ "help",	0, 0, 'h' },
2671	{ 0, 0, 0, 0 }
2672};
2673
2674static const char *lewlsz_help =
2675	"Usage:\n"
2676	"\tlewlsz\n";
2677
2678static void cmd_lewlsz(int dev_id, int argc, char **argv)
2679{
2680	int err, dd, opt;
2681	uint8_t size;
2682
2683	for_each_opt(opt, lewlsz_options, NULL) {
2684		switch (opt) {
2685		default:
2686			printf("%s", lewlsz_help);
2687			return;
2688		}
2689	}
2690
2691	helper_arg(0, 0, &argc, &argv, lewlsz_help);
2692
2693	if (dev_id < 0)
2694		dev_id = hci_get_route(NULL);
2695
2696	dd = hci_open_dev(dev_id);
2697	if (dd < 0) {
2698		perror("Could not open device");
2699		exit(1);
2700	}
2701
2702	err = hci_le_read_white_list_size(dd, &size, 1000);
2703	hci_close_dev(dd);
2704
2705	if (err < 0) {
2706		err = errno;
2707		fprintf(stderr, "Can't read white list size: %s(%d)\n",
2708							strerror(err), err);
2709		exit(1);
2710	}
2711
2712	printf("White list size: %d\n", size);
2713}
2714
2715static struct option lewlclr_options[] = {
2716	{ "help",	0, 0, 'h' },
2717	{ 0, 0, 0, 0 }
2718};
2719
2720static const char *lewlclr_help =
2721	"Usage:\n"
2722	"\tlewlclr\n";
2723
2724static void cmd_lewlclr(int dev_id, int argc, char **argv)
2725{
2726	int err, dd, opt;
2727
2728	for_each_opt(opt, lewlclr_options, NULL) {
2729		switch (opt) {
2730		default:
2731			printf("%s", lewlclr_help);
2732			return;
2733		}
2734	}
2735
2736	helper_arg(0, 0, &argc, &argv, lewlclr_help);
2737
2738	if (dev_id < 0)
2739		dev_id = hci_get_route(NULL);
2740
2741	dd = hci_open_dev(dev_id);
2742	if (dd < 0) {
2743		perror("Could not open device");
2744		exit(1);
2745	}
2746
2747	err = hci_le_clear_white_list(dd, 1000);
2748	hci_close_dev(dd);
2749
2750	if (err < 0) {
2751		err = errno;
2752		fprintf(stderr, "Can't clear white list: %s(%d)\n",
2753							strerror(err), err);
2754		exit(1);
2755	}
2756}
2757
2758static struct option ledc_options[] = {
2759	{ "help",	0, 0, 'h' },
2760	{ 0, 0, 0, 0 }
2761};
2762
2763static const char *ledc_help =
2764	"Usage:\n"
2765	"\tledc <handle> [reason]\n";
2766
2767static void cmd_ledc(int dev_id, int argc, char **argv)
2768{
2769	int err, opt, dd;
2770	uint16_t handle;
2771	uint8_t reason;
2772
2773	for_each_opt(opt, ledc_options, NULL) {
2774		switch (opt) {
2775		default:
2776			printf("%s", ledc_help);
2777			return;
2778		}
2779	}
2780	helper_arg(1, 2, &argc, &argv, ledc_help);
2781
2782	if (dev_id < 0)
2783		dev_id = hci_get_route(NULL);
2784
2785	dd = hci_open_dev(dev_id);
2786	if (dd < 0) {
2787		perror("Could not open device");
2788		exit(1);
2789	}
2790
2791	handle = atoi(argv[0]);
2792
2793	reason = (argc > 1) ? atoi(argv[1]) : HCI_OE_USER_ENDED_CONNECTION;
2794
2795	err = hci_disconnect(dd, handle, reason, 10000);
2796	if (err < 0) {
2797		perror("Could not disconnect");
2798		exit(1);
2799	}
2800
2801	hci_close_dev(dd);
2802}
2803
2804static struct option lecup_options[] = {
2805	{ "help",	0, 0, 'h' },
2806	{ "handle",	1, 0, 'H' },
2807	{ "min",	1, 0, 'm' },
2808	{ "max",	1, 0, 'M' },
2809	{ "latency",	1, 0, 'l' },
2810	{ "timeout",	1, 0, 't' },
2811	{ 0, 0, 0, 0 }
2812};
2813
2814static const char *lecup_help =
2815	"Usage:\n"
2816	"\tlecup <handle> <min> <max> <latency> <timeout>\n"
2817	"\tOptions:\n"
2818	"\t    -H, --handle <0xXXXX>  LE connection handle\n"
2819	"\t    -m, --min <interval>   Range: 0x0006 to 0x0C80\n"
2820	"\t    -M, --max <interval>   Range: 0x0006 to 0x0C80\n"
2821	"\t    -l, --latency <range>  Slave latency. Range: 0x0000 to 0x03E8\n"
2822	"\t    -t, --timeout  <time>  N * 10ms. Range: 0x000A to 0x0C80\n"
2823	"\n\t min/max range: 7.5ms to 4s. Multiply factor: 1.25ms"
2824	"\n\t timeout range: 100ms to 32.0s. Larger than max interval\n";
2825
2826static void cmd_lecup(int dev_id, int argc, char **argv)
2827{
2828	uint16_t handle = 0, min, max, latency, timeout;
2829	int opt, dd, base;
2830
2831	/* Aleatory valid values */
2832	min = 0x0C8;
2833	max = 0x0960;
2834	latency = 0x0007;
2835	timeout = 0x0C80;
2836
2837	for_each_opt(opt, lecup_options, NULL) {
2838		if (optarg && strncasecmp("0x", optarg, 2) == 0)
2839			base = 16;
2840		else
2841			base = 10;
2842
2843		switch (opt) {
2844		case 'H':
2845			handle = strtoul(optarg, NULL, base);
2846			break;
2847		case 'm':
2848			min = strtoul(optarg, NULL, base);
2849			break;
2850		case 'M':
2851			max = strtoul(optarg, NULL, base);
2852			break;
2853		case 'l':
2854			latency = strtoul(optarg, NULL, base);
2855			break;
2856		case 't':
2857			timeout = strtoul(optarg, NULL, base);
2858			break;
2859		default:
2860			printf("%s", lecup_help);
2861			return;
2862		}
2863	}
2864
2865	if (handle == 0) {
2866		printf("%s", lecup_help);
2867		return;
2868	}
2869
2870	if (dev_id < 0)
2871		dev_id = hci_get_route(NULL);
2872
2873	dd = hci_open_dev(dev_id);
2874	if (dd < 0) {
2875		fprintf(stderr, "HCI device open failed\n");
2876		exit(1);
2877	}
2878
2879	if (hci_le_conn_update(dd, htobs(handle), htobs(min), htobs(max),
2880				htobs(latency), htobs(timeout), 5000) < 0) {
2881		int err = errno;
2882		fprintf(stderr, "Could not change connection params: %s(%d)\n",
2883							strerror(err), err);
2884	}
2885
2886	hci_close_dev(dd);
2887}
2888
2889static struct {
2890	char *cmd;
2891	void (*func)(int dev_id, int argc, char **argv);
2892	char *doc;
2893} command[] = {
2894	{ "dev",      cmd_dev,     "Display local devices"                },
2895	{ "inq",      cmd_inq,     "Inquire remote devices"               },
2896	{ "scan",     cmd_scan,    "Scan for remote devices"              },
2897	{ "name",     cmd_name,    "Get name from remote device"          },
2898	{ "info",     cmd_info,    "Get information from remote device"   },
2899	{ "spinq",    cmd_spinq,   "Start periodic inquiry"               },
2900	{ "epinq",    cmd_epinq,   "Exit periodic inquiry"                },
2901	{ "cmd",      cmd_cmd,     "Submit arbitrary HCI commands"        },
2902	{ "con",      cmd_con,     "Display active connections"           },
2903	{ "cc",       cmd_cc,      "Create connection to remote device"   },
2904	{ "dc",       cmd_dc,      "Disconnect from remote device"        },
2905	{ "sr",       cmd_sr,      "Switch master/slave role"             },
2906	{ "cpt",      cmd_cpt,     "Change connection packet type"        },
2907	{ "rssi",     cmd_rssi,    "Display connection RSSI"              },
2908	{ "lq",       cmd_lq,      "Display link quality"                 },
2909	{ "tpl",      cmd_tpl,     "Display transmit power level"         },
2910	{ "afh",      cmd_afh,     "Display AFH channel map"              },
2911	{ "lp",       cmd_lp,      "Set/display link policy settings"     },
2912	{ "lst",      cmd_lst,     "Set/display link supervision timeout" },
2913	{ "auth",     cmd_auth,    "Request authentication"               },
2914	{ "enc",      cmd_enc,     "Set connection encryption"            },
2915	{ "key",      cmd_key,     "Change connection link key"           },
2916	{ "clkoff",   cmd_clkoff,  "Read clock offset"                    },
2917	{ "clock",    cmd_clock,   "Read local or remote clock"           },
2918	{ "lescan",   cmd_lescan,  "Start LE scan"                        },
2919	{ "lewladd",  cmd_lewladd, "Add device to LE White List"          },
2920	{ "lewlrm",   cmd_lewlrm,  "Remove device from LE White List"     },
2921	{ "lewlsz",   cmd_lewlsz,  "Read size of LE White List"           },
2922	{ "lewlclr",  cmd_lewlclr, "Clear LE White list"                  },
2923	{ "lecc",     cmd_lecc,    "Create a LE Connection"               },
2924	{ "ledc",     cmd_ledc,    "Disconnect a LE Connection"           },
2925	{ "lecup",    cmd_lecup,   "LE Connection Update"                 },
2926	{ NULL, NULL, 0 }
2927};
2928
2929static void usage(void)
2930{
2931	int i;
2932
2933	printf("hcitool - HCI Tool ver %s\n", VERSION);
2934	printf("Usage:\n"
2935		"\thcitool [options] <command> [command parameters]\n");
2936	printf("Options:\n"
2937		"\t--help\tDisplay help\n"
2938		"\t-i dev\tHCI device\n");
2939	printf("Commands:\n");
2940	for (i = 0; command[i].cmd; i++)
2941		printf("\t%-4s\t%s\n", command[i].cmd,
2942		command[i].doc);
2943	printf("\n"
2944		"For more information on the usage of each command use:\n"
2945		"\thcitool <command> --help\n" );
2946}
2947
2948static struct option main_options[] = {
2949	{ "help",	0, 0, 'h' },
2950	{ "device",	1, 0, 'i' },
2951	{ 0, 0, 0, 0 }
2952};
2953
2954int main(int argc, char *argv[])
2955{
2956	int opt, i, dev_id = -1;
2957	bdaddr_t ba;
2958
2959	while ((opt=getopt_long(argc, argv, "+i:h", main_options, NULL)) != -1) {
2960		switch (opt) {
2961		case 'i':
2962			dev_id = hci_devid(optarg);
2963			if (dev_id < 0) {
2964				perror("Invalid device");
2965				exit(1);
2966			}
2967			break;
2968
2969		case 'h':
2970		default:
2971			usage();
2972			exit(0);
2973		}
2974	}
2975
2976	argc -= optind;
2977	argv += optind;
2978	optind = 0;
2979
2980	if (argc < 1) {
2981		usage();
2982		exit(0);
2983	}
2984
2985	if (dev_id != -1 && hci_devba(dev_id, &ba) < 0) {
2986		perror("Device is not available");
2987		exit(1);
2988	}
2989
2990	for (i = 0; command[i].cmd; i++) {
2991		if (strncmp(command[i].cmd,
2992				argv[0], strlen(command[i].cmd)))
2993			continue;
2994
2995		command[i].func(dev_id, argc, argv);
2996		break;
2997	}
2998
2999	if (command[i].cmd == 0) {
3000		fprintf(stderr, "Unknown command - \"%s\"\n", *argv);
3001		exit(1);
3002	}
3003
3004	return 0;
3005}
3006