2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI connection handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/sched.h>
33 #include <linux/slab.h>
34 #include <linux/poll.h>
35 #include <linux/fcntl.h>
36 #include <linux/init.h>
37 #include <linux/skbuff.h>
38 #include <linux/interrupt.h>
39 #include <linux/notifier.h>
42 #include <asm/system.h>
43 #include <asm/uaccess.h>
44 #include <asm/unaligned.h>
46 #include <net/bluetooth/bluetooth.h>
47 #include <net/bluetooth/hci_core.h>
49 #ifndef CONFIG_BT_HCI_CORE_DEBUG
54 void hci_acl_connect(struct hci_conn
*conn
)
56 struct hci_dev
*hdev
= conn
->hdev
;
57 struct inquiry_entry
*ie
;
58 struct hci_cp_create_conn cp
;
62 conn
->state
= BT_CONNECT
;
64 conn
->link_mode
= HCI_LM_MASTER
;
68 memset(&cp
, 0, sizeof(cp
));
69 bacpy(&cp
.bdaddr
, &conn
->dst
);
70 cp
.pscan_rep_mode
= 0x02;
72 if ((ie
= hci_inquiry_cache_lookup(hdev
, &conn
->dst
)) &&
73 inquiry_entry_age(ie
) <= INQUIRY_ENTRY_AGE_MAX
) {
74 cp
.pscan_rep_mode
= ie
->data
.pscan_rep_mode
;
75 cp
.pscan_mode
= ie
->data
.pscan_mode
;
76 cp
.clock_offset
= ie
->data
.clock_offset
| __cpu_to_le16(0x8000);
77 memcpy(conn
->dev_class
, ie
->data
.dev_class
, 3);
80 cp
.pkt_type
= __cpu_to_le16(hdev
->pkt_type
& ACL_PTYPE_MASK
);
81 if (lmp_rswitch_capable(hdev
) && !(hdev
->link_mode
& HCI_LM_MASTER
))
82 cp
.role_switch
= 0x01;
84 cp
.role_switch
= 0x00;
86 hci_send_cmd(hdev
, OGF_LINK_CTL
, OCF_CREATE_CONN
, sizeof(cp
), &cp
);
89 static void hci_acl_connect_cancel(struct hci_conn
*conn
)
91 struct hci_cp_create_conn_cancel cp
;
95 if (conn
->hdev
->hci_ver
< 2)
98 bacpy(&cp
.bdaddr
, &conn
->dst
);
99 hci_send_cmd(conn
->hdev
, OGF_LINK_CTL
,
100 OCF_CREATE_CONN_CANCEL
, sizeof(cp
), &cp
);
103 void hci_acl_disconn(struct hci_conn
*conn
, __u8 reason
)
105 struct hci_cp_disconnect cp
;
109 conn
->state
= BT_DISCONN
;
111 cp
.handle
= __cpu_to_le16(conn
->handle
);
113 hci_send_cmd(conn
->hdev
, OGF_LINK_CTL
,
114 OCF_DISCONNECT
, sizeof(cp
), &cp
);
117 void hci_add_sco(struct hci_conn
*conn
, __u16 handle
)
119 struct hci_dev
*hdev
= conn
->hdev
;
120 struct hci_cp_add_sco cp
;
124 conn
->state
= BT_CONNECT
;
127 cp
.pkt_type
= __cpu_to_le16(hdev
->pkt_type
& SCO_PTYPE_MASK
);
128 cp
.handle
= __cpu_to_le16(handle
);
130 hci_send_cmd(hdev
, OGF_LINK_CTL
, OCF_ADD_SCO
, sizeof(cp
), &cp
);
133 static void hci_conn_timeout(unsigned long arg
)
135 struct hci_conn
*conn
= (void *) arg
;
136 struct hci_dev
*hdev
= conn
->hdev
;
138 BT_DBG("conn %p state %d", conn
, conn
->state
);
140 if (atomic_read(&conn
->refcnt
))
145 switch (conn
->state
) {
147 hci_acl_connect_cancel(conn
);
150 hci_acl_disconn(conn
, 0x13);
153 conn
->state
= BT_CLOSED
;
157 hci_dev_unlock(hdev
);
160 static void hci_conn_idle(unsigned long arg
)
162 struct hci_conn
*conn
= (void *) arg
;
164 BT_DBG("conn %p mode %d", conn
, conn
->mode
);
166 hci_conn_enter_sniff_mode(conn
);
169 struct hci_conn
*hci_conn_add(struct hci_dev
*hdev
, int type
, bdaddr_t
*dst
)
171 struct hci_conn
*conn
;
173 BT_DBG("%s dst %s", hdev
->name
, batostr(dst
));
175 conn
= kzalloc(sizeof(struct hci_conn
), GFP_ATOMIC
);
179 bacpy(&conn
->dst
, dst
);
182 conn
->mode
= HCI_CM_ACTIVE
;
183 conn
->state
= BT_OPEN
;
185 conn
->power_save
= 1;
187 skb_queue_head_init(&conn
->data_q
);
189 init_timer(&conn
->disc_timer
);
190 conn
->disc_timer
.function
= hci_conn_timeout
;
191 conn
->disc_timer
.data
= (unsigned long) conn
;
193 init_timer(&conn
->idle_timer
);
194 conn
->idle_timer
.function
= hci_conn_idle
;
195 conn
->idle_timer
.data
= (unsigned long) conn
;
197 atomic_set(&conn
->refcnt
, 0);
201 tasklet_disable(&hdev
->tx_task
);
203 hci_conn_hash_add(hdev
, conn
);
205 hdev
->notify(hdev
, HCI_NOTIFY_CONN_ADD
);
207 hci_conn_add_sysfs(conn
);
209 tasklet_enable(&hdev
->tx_task
);
214 int hci_conn_del(struct hci_conn
*conn
)
216 struct hci_dev
*hdev
= conn
->hdev
;
218 BT_DBG("%s conn %p handle %d", hdev
->name
, conn
, conn
->handle
);
220 del_timer(&conn
->idle_timer
);
222 del_timer(&conn
->disc_timer
);
224 if (conn
->type
== SCO_LINK
) {
225 struct hci_conn
*acl
= conn
->link
;
231 struct hci_conn
*sco
= conn
->link
;
236 hdev
->acl_cnt
+= conn
->sent
;
239 tasklet_disable(&hdev
->tx_task
);
241 hci_conn_del_sysfs(conn
);
243 hci_conn_hash_del(hdev
, conn
);
245 hdev
->notify(hdev
, HCI_NOTIFY_CONN_DEL
);
247 tasklet_enable(&hdev
->tx_task
);
249 skb_queue_purge(&conn
->data_q
);
253 /* will free via device release */
254 put_device(&conn
->dev
);
259 struct hci_dev
*hci_get_route(bdaddr_t
*dst
, bdaddr_t
*src
)
261 int use_src
= bacmp(src
, BDADDR_ANY
);
262 struct hci_dev
*hdev
= NULL
;
265 BT_DBG("%s -> %s", batostr(src
), batostr(dst
));
267 read_lock_bh(&hci_dev_list_lock
);
269 list_for_each(p
, &hci_dev_list
) {
270 struct hci_dev
*d
= list_entry(p
, struct hci_dev
, list
);
272 if (!test_bit(HCI_UP
, &d
->flags
) || test_bit(HCI_RAW
, &d
->flags
))
276 * No source address - find interface with bdaddr != dst
277 * Source address - find interface with bdaddr == src
281 if (!bacmp(&d
->bdaddr
, src
)) {
285 if (bacmp(&d
->bdaddr
, dst
)) {
292 hdev
= hci_dev_hold(hdev
);
294 read_unlock_bh(&hci_dev_list_lock
);
297 EXPORT_SYMBOL(hci_get_route
);
299 /* Create SCO or ACL connection.
300 * Device _must_ be locked */
301 struct hci_conn
* hci_connect(struct hci_dev
*hdev
, int type
, bdaddr_t
*dst
)
303 struct hci_conn
*acl
;
305 BT_DBG("%s dst %s", hdev
->name
, batostr(dst
));
307 if (!(acl
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, dst
))) {
308 if (!(acl
= hci_conn_add(hdev
, ACL_LINK
, dst
)))
314 if (acl
->state
== BT_OPEN
|| acl
->state
== BT_CLOSED
)
315 hci_acl_connect(acl
);
317 if (type
== SCO_LINK
) {
318 struct hci_conn
*sco
;
320 if (!(sco
= hci_conn_hash_lookup_ba(hdev
, SCO_LINK
, dst
))) {
321 if (!(sco
= hci_conn_add(hdev
, SCO_LINK
, dst
))) {
331 if (acl
->state
== BT_CONNECTED
&&
332 (sco
->state
== BT_OPEN
|| sco
->state
== BT_CLOSED
))
333 hci_add_sco(sco
, acl
->handle
);
340 EXPORT_SYMBOL(hci_connect
);
342 /* Authenticate remote device */
343 int hci_conn_auth(struct hci_conn
*conn
)
345 BT_DBG("conn %p", conn
);
347 if (conn
->link_mode
& HCI_LM_AUTH
)
350 if (!test_and_set_bit(HCI_CONN_AUTH_PEND
, &conn
->pend
)) {
351 struct hci_cp_auth_requested cp
;
352 cp
.handle
= __cpu_to_le16(conn
->handle
);
353 hci_send_cmd(conn
->hdev
, OGF_LINK_CTL
, OCF_AUTH_REQUESTED
, sizeof(cp
), &cp
);
357 EXPORT_SYMBOL(hci_conn_auth
);
359 /* Enable encryption */
360 int hci_conn_encrypt(struct hci_conn
*conn
)
362 BT_DBG("conn %p", conn
);
364 if (conn
->link_mode
& HCI_LM_ENCRYPT
)
367 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND
, &conn
->pend
))
370 if (hci_conn_auth(conn
)) {
371 struct hci_cp_set_conn_encrypt cp
;
372 cp
.handle
= __cpu_to_le16(conn
->handle
);
374 hci_send_cmd(conn
->hdev
, OGF_LINK_CTL
, OCF_SET_CONN_ENCRYPT
, sizeof(cp
), &cp
);
378 EXPORT_SYMBOL(hci_conn_encrypt
);
380 /* Change link key */
381 int hci_conn_change_link_key(struct hci_conn
*conn
)
383 BT_DBG("conn %p", conn
);
385 if (!test_and_set_bit(HCI_CONN_AUTH_PEND
, &conn
->pend
)) {
386 struct hci_cp_change_conn_link_key cp
;
387 cp
.handle
= __cpu_to_le16(conn
->handle
);
388 hci_send_cmd(conn
->hdev
, OGF_LINK_CTL
, OCF_CHANGE_CONN_LINK_KEY
, sizeof(cp
), &cp
);
392 EXPORT_SYMBOL(hci_conn_change_link_key
);
395 int hci_conn_switch_role(struct hci_conn
*conn
, uint8_t role
)
397 BT_DBG("conn %p", conn
);
399 if (!role
&& conn
->link_mode
& HCI_LM_MASTER
)
402 if (!test_and_set_bit(HCI_CONN_RSWITCH_PEND
, &conn
->pend
)) {
403 struct hci_cp_switch_role cp
;
404 bacpy(&cp
.bdaddr
, &conn
->dst
);
406 hci_send_cmd(conn
->hdev
, OGF_LINK_POLICY
, OCF_SWITCH_ROLE
, sizeof(cp
), &cp
);
410 EXPORT_SYMBOL(hci_conn_switch_role
);
412 /* Enter active mode */
413 void hci_conn_enter_active_mode(struct hci_conn
*conn
)
415 struct hci_dev
*hdev
= conn
->hdev
;
417 BT_DBG("conn %p mode %d", conn
, conn
->mode
);
419 if (test_bit(HCI_RAW
, &hdev
->flags
))
422 if (conn
->mode
!= HCI_CM_SNIFF
|| !conn
->power_save
)
425 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND
, &conn
->pend
)) {
426 struct hci_cp_exit_sniff_mode cp
;
427 cp
.handle
= __cpu_to_le16(conn
->handle
);
428 hci_send_cmd(hdev
, OGF_LINK_POLICY
,
429 OCF_EXIT_SNIFF_MODE
, sizeof(cp
), &cp
);
433 if (hdev
->idle_timeout
> 0)
434 mod_timer(&conn
->idle_timer
,
435 jiffies
+ msecs_to_jiffies(hdev
->idle_timeout
));
438 /* Enter sniff mode */
439 void hci_conn_enter_sniff_mode(struct hci_conn
*conn
)
441 struct hci_dev
*hdev
= conn
->hdev
;
443 BT_DBG("conn %p mode %d", conn
, conn
->mode
);
445 if (test_bit(HCI_RAW
, &hdev
->flags
))
448 if (!lmp_sniff_capable(hdev
) || !lmp_sniff_capable(conn
))
451 if (conn
->mode
!= HCI_CM_ACTIVE
|| !(conn
->link_policy
& HCI_LP_SNIFF
))
454 if (lmp_sniffsubr_capable(hdev
) && lmp_sniffsubr_capable(conn
)) {
455 struct hci_cp_sniff_subrate cp
;
456 cp
.handle
= __cpu_to_le16(conn
->handle
);
457 cp
.max_latency
= __constant_cpu_to_le16(0);
458 cp
.min_remote_timeout
= __constant_cpu_to_le16(0);
459 cp
.min_local_timeout
= __constant_cpu_to_le16(0);
460 hci_send_cmd(hdev
, OGF_LINK_POLICY
,
461 OCF_SNIFF_SUBRATE
, sizeof(cp
), &cp
);
464 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND
, &conn
->pend
)) {
465 struct hci_cp_sniff_mode cp
;
466 cp
.handle
= __cpu_to_le16(conn
->handle
);
467 cp
.max_interval
= __cpu_to_le16(hdev
->sniff_max_interval
);
468 cp
.min_interval
= __cpu_to_le16(hdev
->sniff_min_interval
);
469 cp
.attempt
= __constant_cpu_to_le16(4);
470 cp
.timeout
= __constant_cpu_to_le16(1);
471 hci_send_cmd(hdev
, OGF_LINK_POLICY
,
472 OCF_SNIFF_MODE
, sizeof(cp
), &cp
);
476 /* Drop all connection on the device */
477 void hci_conn_hash_flush(struct hci_dev
*hdev
)
479 struct hci_conn_hash
*h
= &hdev
->conn_hash
;
482 BT_DBG("hdev %s", hdev
->name
);
485 while (p
!= &h
->list
) {
488 c
= list_entry(p
, struct hci_conn
, list
);
491 c
->state
= BT_CLOSED
;
493 hci_proto_disconn_ind(c
, 0x16);
498 int hci_get_conn_list(void __user
*arg
)
500 struct hci_conn_list_req req
, *cl
;
501 struct hci_conn_info
*ci
;
502 struct hci_dev
*hdev
;
504 int n
= 0, size
, err
;
506 if (copy_from_user(&req
, arg
, sizeof(req
)))
509 if (!req
.conn_num
|| req
.conn_num
> (PAGE_SIZE
* 2) / sizeof(*ci
))
512 size
= sizeof(req
) + req
.conn_num
* sizeof(*ci
);
514 if (!(cl
= kmalloc(size
, GFP_KERNEL
)))
517 if (!(hdev
= hci_dev_get(req
.dev_id
))) {
524 hci_dev_lock_bh(hdev
);
525 list_for_each(p
, &hdev
->conn_hash
.list
) {
526 register struct hci_conn
*c
;
527 c
= list_entry(p
, struct hci_conn
, list
);
529 bacpy(&(ci
+ n
)->bdaddr
, &c
->dst
);
530 (ci
+ n
)->handle
= c
->handle
;
531 (ci
+ n
)->type
= c
->type
;
532 (ci
+ n
)->out
= c
->out
;
533 (ci
+ n
)->state
= c
->state
;
534 (ci
+ n
)->link_mode
= c
->link_mode
;
535 if (++n
>= req
.conn_num
)
538 hci_dev_unlock_bh(hdev
);
540 cl
->dev_id
= hdev
->id
;
542 size
= sizeof(req
) + n
* sizeof(*ci
);
546 err
= copy_to_user(arg
, cl
, size
);
549 return err
? -EFAULT
: 0;
552 int hci_get_conn_info(struct hci_dev
*hdev
, void __user
*arg
)
554 struct hci_conn_info_req req
;
555 struct hci_conn_info ci
;
556 struct hci_conn
*conn
;
557 char __user
*ptr
= arg
+ sizeof(req
);
559 if (copy_from_user(&req
, arg
, sizeof(req
)))
562 hci_dev_lock_bh(hdev
);
563 conn
= hci_conn_hash_lookup_ba(hdev
, req
.type
, &req
.bdaddr
);
565 bacpy(&ci
.bdaddr
, &conn
->dst
);
566 ci
.handle
= conn
->handle
;
567 ci
.type
= conn
->type
;
569 ci
.state
= conn
->state
;
570 ci
.link_mode
= conn
->link_mode
;
572 hci_dev_unlock_bh(hdev
);
577 return copy_to_user(ptr
, &ci
, sizeof(ci
)) ? -EFAULT
: 0;