search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
x86/xen: resume timer irqs early
[linux/fpc-iii.git] / net / bluetooth / hci_conn.c
blob3d339414dc9e77d4b9c65020a0518cd9bec162b7
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23 */
24
25 /* Bluetooth HCI connection handling. */
26
27 #include <linux/export.h>
28
29 #include <net/bluetooth/bluetooth.h>
30 #include <net/bluetooth/hci_core.h>
31 #include <net/bluetooth/a2mp.h>
32 #include <net/bluetooth/smp.h>
33
34 struct sco_param {
35 u16 pkt_type;
36 u16 max_latency;
37 };
38
39 static const struct sco_param sco_param_cvsd[] = {
40 { EDR_ESCO_MASK & ~ESCO_2EV3, 0x000a }, /* S3 */
41 { EDR_ESCO_MASK & ~ESCO_2EV3, 0x0007 }, /* S2 */
42 { EDR_ESCO_MASK | ESCO_EV3, 0x0007 }, /* S1 */
43 { EDR_ESCO_MASK | ESCO_HV3, 0xffff }, /* D1 */
44 { EDR_ESCO_MASK | ESCO_HV1, 0xffff }, /* D0 */
45 };
46
47 static const struct sco_param sco_param_wideband[] = {
48 { EDR_ESCO_MASK & ~ESCO_2EV3, 0x000d }, /* T2 */
49 { EDR_ESCO_MASK | ESCO_EV3, 0x0008 }, /* T1 */
50 };
51
52 static void hci_le_create_connection(struct hci_conn *conn)
53 {
54 struct hci_dev *hdev = conn->hdev;
55 struct hci_cp_le_create_conn cp;
56
57 conn->state = BT_CONNECT;
58 conn->out = true;
59 conn->link_mode |= HCI_LM_MASTER;
60 conn->sec_level = BT_SECURITY_LOW;
61
62 memset(&cp, 0, sizeof(cp));
63 cp.scan_interval = __constant_cpu_to_le16(0x0060);
64 cp.scan_window = __constant_cpu_to_le16(0x0030);
65 bacpy(&cp.peer_addr, &conn->dst);
66 cp.peer_addr_type = conn->dst_type;
67 cp.conn_interval_min = __constant_cpu_to_le16(0x0028);
68 cp.conn_interval_max = __constant_cpu_to_le16(0x0038);
69 cp.supervision_timeout = __constant_cpu_to_le16(0x002a);
70 cp.min_ce_len = __constant_cpu_to_le16(0x0000);
71 cp.max_ce_len = __constant_cpu_to_le16(0x0000);
72
73 hci_send_cmd(hdev, HCI_OP_LE_CREATE_CONN, sizeof(cp), &cp);
74 }
75
76 static void hci_le_create_connection_cancel(struct hci_conn *conn)
77 {
78 hci_send_cmd(conn->hdev, HCI_OP_LE_CREATE_CONN_CANCEL, 0, NULL);
79 }
80
81 static void hci_acl_create_connection(struct hci_conn *conn)
82 {
83 struct hci_dev *hdev = conn->hdev;
84 struct inquiry_entry *ie;
85 struct hci_cp_create_conn cp;
86
87 BT_DBG("hcon %p", conn);
88
89 conn->state = BT_CONNECT;
90 conn->out = true;
91
92 conn->link_mode = HCI_LM_MASTER;
93
94 conn->attempt++;
95
96 conn->link_policy = hdev->link_policy;
97
98 memset(&cp, 0, sizeof(cp));
99 bacpy(&cp.bdaddr, &conn->dst);
100 cp.pscan_rep_mode = 0x02;
101
102 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
103 if (ie) {
104 if (inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) {
105 cp.pscan_rep_mode = ie->data.pscan_rep_mode;
106 cp.pscan_mode = ie->data.pscan_mode;
107 cp.clock_offset = ie->data.clock_offset |
108 __constant_cpu_to_le16(0x8000);
109 }
110
111 memcpy(conn->dev_class, ie->data.dev_class, 3);
112 if (ie->data.ssp_mode > 0)
113 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
114 }
115
116 cp.pkt_type = cpu_to_le16(conn->pkt_type);
117 if (lmp_rswitch_capable(hdev) && !(hdev->link_mode & HCI_LM_MASTER))
118 cp.role_switch = 0x01;
119 else
120 cp.role_switch = 0x00;
121
122 hci_send_cmd(hdev, HCI_OP_CREATE_CONN, sizeof(cp), &cp);
123 }
124
125 static void hci_acl_create_connection_cancel(struct hci_conn *conn)
126 {
127 struct hci_cp_create_conn_cancel cp;
128
129 BT_DBG("hcon %p", conn);
130
131 if (conn->hdev->hci_ver < BLUETOOTH_VER_1_2)
132 return;
133
134 bacpy(&cp.bdaddr, &conn->dst);
135 hci_send_cmd(conn->hdev, HCI_OP_CREATE_CONN_CANCEL, sizeof(cp), &cp);
136 }
137
138 static void hci_reject_sco(struct hci_conn *conn)
139 {
140 struct hci_cp_reject_sync_conn_req cp;
141
142 cp.reason = HCI_ERROR_REMOTE_USER_TERM;
143 bacpy(&cp.bdaddr, &conn->dst);
144
145 hci_send_cmd(conn->hdev, HCI_OP_REJECT_SYNC_CONN_REQ, sizeof(cp), &cp);
146 }
147
148 void hci_disconnect(struct hci_conn *conn, __u8 reason)
149 {
150 struct hci_cp_disconnect cp;
151
152 BT_DBG("hcon %p", conn);
153
154 conn->state = BT_DISCONN;
155
156 cp.handle = cpu_to_le16(conn->handle);
157 cp.reason = reason;
158 hci_send_cmd(conn->hdev, HCI_OP_DISCONNECT, sizeof(cp), &cp);
159 }
160
161 static void hci_amp_disconn(struct hci_conn *conn, __u8 reason)
162 {
163 struct hci_cp_disconn_phy_link cp;
164
165 BT_DBG("hcon %p", conn);
166
167 conn->state = BT_DISCONN;
168
169 cp.phy_handle = HCI_PHY_HANDLE(conn->handle);
170 cp.reason = reason;
171 hci_send_cmd(conn->hdev, HCI_OP_DISCONN_PHY_LINK,
172 sizeof(cp), &cp);
173 }
174
175 static void hci_add_sco(struct hci_conn *conn, __u16 handle)
176 {
177 struct hci_dev *hdev = conn->hdev;
178 struct hci_cp_add_sco cp;
179
180 BT_DBG("hcon %p", conn);
181
182 conn->state = BT_CONNECT;
183 conn->out = true;
184
185 conn->attempt++;
186
187 cp.handle = cpu_to_le16(handle);
188 cp.pkt_type = cpu_to_le16(conn->pkt_type);
189
190 hci_send_cmd(hdev, HCI_OP_ADD_SCO, sizeof(cp), &cp);
191 }
192
193 bool hci_setup_sync(struct hci_conn *conn, __u16 handle)
194 {
195 struct hci_dev *hdev = conn->hdev;
196 struct hci_cp_setup_sync_conn cp;
197 const struct sco_param *param;
198
199 BT_DBG("hcon %p", conn);
200
201 conn->state = BT_CONNECT;
202 conn->out = true;
203
204 conn->attempt++;
205
206 cp.handle = cpu_to_le16(handle);
207
208 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
209 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
210 cp.voice_setting = cpu_to_le16(conn->setting);
211
212 switch (conn->setting & SCO_AIRMODE_MASK) {
213 case SCO_AIRMODE_TRANSP:
214 if (conn->attempt > ARRAY_SIZE(sco_param_wideband))
215 return false;
216 cp.retrans_effort = 0x02;
217 param = &sco_param_wideband[conn->attempt - 1];
218 break;
219 case SCO_AIRMODE_CVSD:
220 if (conn->attempt > ARRAY_SIZE(sco_param_cvsd))
221 return false;
222 cp.retrans_effort = 0x01;
223 param = &sco_param_cvsd[conn->attempt - 1];
224 break;
225 default:
226 return false;
227 }
228
229 cp.pkt_type = __cpu_to_le16(param->pkt_type);
230 cp.max_latency = __cpu_to_le16(param->max_latency);
231
232 if (hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp) < 0)
233 return false;
234
235 return true;
236 }
237
238 void hci_le_conn_update(struct hci_conn *conn, u16 min, u16 max,
239 u16 latency, u16 to_multiplier)
240 {
241 struct hci_cp_le_conn_update cp;
242 struct hci_dev *hdev = conn->hdev;
243
244 memset(&cp, 0, sizeof(cp));
245
246 cp.handle = cpu_to_le16(conn->handle);
247 cp.conn_interval_min = cpu_to_le16(min);
248 cp.conn_interval_max = cpu_to_le16(max);
249 cp.conn_latency = cpu_to_le16(latency);
250 cp.supervision_timeout = cpu_to_le16(to_multiplier);
251 cp.min_ce_len = __constant_cpu_to_le16(0x0001);
252 cp.max_ce_len = __constant_cpu_to_le16(0x0001);
253
254 hci_send_cmd(hdev, HCI_OP_LE_CONN_UPDATE, sizeof(cp), &cp);
255 }
256
257 void hci_le_start_enc(struct hci_conn *conn, __le16 ediv, __u8 rand[8],
258 __u8 ltk[16])
259 {
260 struct hci_dev *hdev = conn->hdev;
261 struct hci_cp_le_start_enc cp;
262
263 BT_DBG("hcon %p", conn);
264
265 memset(&cp, 0, sizeof(cp));
266
267 cp.handle = cpu_to_le16(conn->handle);
268 memcpy(cp.ltk, ltk, sizeof(cp.ltk));
269 cp.ediv = ediv;
270 memcpy(cp.rand, rand, sizeof(cp.rand));
271
272 hci_send_cmd(hdev, HCI_OP_LE_START_ENC, sizeof(cp), &cp);
273 }
274
275 /* Device _must_ be locked */
276 void hci_sco_setup(struct hci_conn *conn, __u8 status)
277 {
278 struct hci_conn *sco = conn->link;
279
280 if (!sco)
281 return;
282
283 BT_DBG("hcon %p", conn);
284
285 if (!status) {
286 if (lmp_esco_capable(conn->hdev))
287 hci_setup_sync(sco, conn->handle);
288 else
289 hci_add_sco(sco, conn->handle);
290 } else {
291 hci_proto_connect_cfm(sco, status);
292 hci_conn_del(sco);
293 }
294 }
295
296 static void hci_conn_disconnect(struct hci_conn *conn)
297 {
298 __u8 reason = hci_proto_disconn_ind(conn);
299
300 switch (conn->type) {
301 case AMP_LINK:
302 hci_amp_disconn(conn, reason);
303 break;
304 default:
305 hci_disconnect(conn, reason);
306 break;
307 }
308 }
309
310 static void hci_conn_timeout(struct work_struct *work)
311 {
312 struct hci_conn *conn = container_of(work, struct hci_conn,
313 disc_work.work);
314
315 BT_DBG("hcon %p state %s", conn, state_to_string(conn->state));
316
317 if (atomic_read(&conn->refcnt))
318 return;
319
320 switch (conn->state) {
321 case BT_CONNECT:
322 case BT_CONNECT2:
323 if (conn->out) {
324 if (conn->type == ACL_LINK)
325 hci_acl_create_connection_cancel(conn);
326 else if (conn->type == LE_LINK)
327 hci_le_create_connection_cancel(conn);
328 } else if (conn->type == SCO_LINK || conn->type == ESCO_LINK) {
329 hci_reject_sco(conn);
330 }
331 break;
332 case BT_CONFIG:
333 case BT_CONNECTED:
334 hci_conn_disconnect(conn);
335 break;
336 default:
337 conn->state = BT_CLOSED;
338 break;
339 }
340 }
341
342 /* Enter sniff mode */
343 static void hci_conn_enter_sniff_mode(struct hci_conn *conn)
344 {
345 struct hci_dev *hdev = conn->hdev;
346
347 BT_DBG("hcon %p mode %d", conn, conn->mode);
348
349 if (test_bit(HCI_RAW, &hdev->flags))
350 return;
351
352 if (!lmp_sniff_capable(hdev) || !lmp_sniff_capable(conn))
353 return;
354
355 if (conn->mode != HCI_CM_ACTIVE || !(conn->link_policy & HCI_LP_SNIFF))
356 return;
357
358 if (lmp_sniffsubr_capable(hdev) && lmp_sniffsubr_capable(conn)) {
359 struct hci_cp_sniff_subrate cp;
360 cp.handle = cpu_to_le16(conn->handle);
361 cp.max_latency = __constant_cpu_to_le16(0);
362 cp.min_remote_timeout = __constant_cpu_to_le16(0);
363 cp.min_local_timeout = __constant_cpu_to_le16(0);
364 hci_send_cmd(hdev, HCI_OP_SNIFF_SUBRATE, sizeof(cp), &cp);
365 }
366
367 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
368 struct hci_cp_sniff_mode cp;
369 cp.handle = cpu_to_le16(conn->handle);
370 cp.max_interval = cpu_to_le16(hdev->sniff_max_interval);
371 cp.min_interval = cpu_to_le16(hdev->sniff_min_interval);
372 cp.attempt = __constant_cpu_to_le16(4);
373 cp.timeout = __constant_cpu_to_le16(1);
374 hci_send_cmd(hdev, HCI_OP_SNIFF_MODE, sizeof(cp), &cp);
375 }
376 }
377
378 static void hci_conn_idle(unsigned long arg)
379 {
380 struct hci_conn *conn = (void *) arg;
381
382 BT_DBG("hcon %p mode %d", conn, conn->mode);
383
384 hci_conn_enter_sniff_mode(conn);
385 }
386
387 static void hci_conn_auto_accept(unsigned long arg)
388 {
389 struct hci_conn *conn = (void *) arg;
390 struct hci_dev *hdev = conn->hdev;
391
392 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY, sizeof(conn->dst),
393 &conn->dst);
394 }
395
396 struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst)
397 {
398 struct hci_conn *conn;
399
400 BT_DBG("%s dst %pMR", hdev->name, dst);
401
402 conn = kzalloc(sizeof(struct hci_conn), GFP_KERNEL);
403 if (!conn)
404 return NULL;
405
406 bacpy(&conn->dst, dst);
407 conn->hdev = hdev;
408 conn->type = type;
409 conn->mode = HCI_CM_ACTIVE;
410 conn->state = BT_OPEN;
411 conn->auth_type = HCI_AT_GENERAL_BONDING;
412 conn->io_capability = hdev->io_capability;
413 conn->remote_auth = 0xff;
414 conn->key_type = 0xff;
415
416 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
417 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
418
419 switch (type) {
420 case ACL_LINK:
421 conn->pkt_type = hdev->pkt_type & ACL_PTYPE_MASK;
422 break;
423 case SCO_LINK:
424 if (lmp_esco_capable(hdev))
425 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
426 (hdev->esco_type & EDR_ESCO_MASK);
427 else
428 conn->pkt_type = hdev->pkt_type & SCO_PTYPE_MASK;
429 break;
430 case ESCO_LINK:
431 conn->pkt_type = hdev->esco_type & ~EDR_ESCO_MASK;
432 break;
433 }
434
435 skb_queue_head_init(&conn->data_q);
436
437 INIT_LIST_HEAD(&conn->chan_list);
438
439 INIT_DELAYED_WORK(&conn->disc_work, hci_conn_timeout);
440 setup_timer(&conn->idle_timer, hci_conn_idle, (unsigned long)conn);
441 setup_timer(&conn->auto_accept_timer, hci_conn_auto_accept,
442 (unsigned long) conn);
443
444 atomic_set(&conn->refcnt, 0);
445
446 hci_dev_hold(hdev);
447
448 hci_conn_hash_add(hdev, conn);
449 if (hdev->notify)
450 hdev->notify(hdev, HCI_NOTIFY_CONN_ADD);
451
452 hci_conn_init_sysfs(conn);
453
454 return conn;
455 }
456
457 int hci_conn_del(struct hci_conn *conn)
458 {
459 struct hci_dev *hdev = conn->hdev;
460
461 BT_DBG("%s hcon %p handle %d", hdev->name, conn, conn->handle);
462
463 del_timer(&conn->idle_timer);
464
465 cancel_delayed_work_sync(&conn->disc_work);
466
467 del_timer(&conn->auto_accept_timer);
468
469 if (conn->type == ACL_LINK) {
470 struct hci_conn *sco = conn->link;
471 if (sco)
472 sco->link = NULL;
473
474 /* Unacked frames */
475 hdev->acl_cnt += conn->sent;
476 } else if (conn->type == LE_LINK) {
477 if (hdev->le_pkts)
478 hdev->le_cnt += conn->sent;
479 else
480 hdev->acl_cnt += conn->sent;
481 } else {
482 struct hci_conn *acl = conn->link;
483 if (acl) {
484 acl->link = NULL;
485 hci_conn_drop(acl);
486 }
487 }
488
489 hci_chan_list_flush(conn);
490
491 if (conn->amp_mgr)
492 amp_mgr_put(conn->amp_mgr);
493
494 hci_conn_hash_del(hdev, conn);
495 if (hdev->notify)
496 hdev->notify(hdev, HCI_NOTIFY_CONN_DEL);
497
498 skb_queue_purge(&conn->data_q);
499
500 hci_conn_del_sysfs(conn);
501
502 hci_dev_put(hdev);
503
504 hci_conn_put(conn);
505
506 return 0;
507 }
508
509 struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
510 {
511 int use_src = bacmp(src, BDADDR_ANY);
512 struct hci_dev *hdev = NULL, *d;
513
514 BT_DBG("%pMR -> %pMR", src, dst);
515
516 read_lock(&hci_dev_list_lock);
517
518 list_for_each_entry(d, &hci_dev_list, list) {
519 if (!test_bit(HCI_UP, &d->flags) ||
520 test_bit(HCI_RAW, &d->flags) ||
521 d->dev_type != HCI_BREDR)
522 continue;
523
524 /* Simple routing:
525 * No source address - find interface with bdaddr != dst
526 * Source address - find interface with bdaddr == src
527 */
528
529 if (use_src) {
530 if (!bacmp(&d->bdaddr, src)) {
531 hdev = d; break;
532 }
533 } else {
534 if (bacmp(&d->bdaddr, dst)) {
535 hdev = d; break;
536 }
537 }
538 }
539
540 if (hdev)
541 hdev = hci_dev_hold(hdev);
542
543 read_unlock(&hci_dev_list_lock);
544 return hdev;
545 }
546 EXPORT_SYMBOL(hci_get_route);
547
548 static struct hci_conn *hci_connect_le(struct hci_dev *hdev, bdaddr_t *dst,
549 u8 dst_type, u8 sec_level, u8 auth_type)
550 {
551 struct hci_conn *le;
552
553 if (test_bit(HCI_LE_PERIPHERAL, &hdev->flags))
554 return ERR_PTR(-ENOTSUPP);
555
556 le = hci_conn_hash_lookup_ba(hdev, LE_LINK, dst);
557 if (!le) {
558 le = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
559 if (le)
560 return ERR_PTR(-EBUSY);
561
562 le = hci_conn_add(hdev, LE_LINK, dst);
563 if (!le)
564 return ERR_PTR(-ENOMEM);
565
566 le->dst_type = bdaddr_to_le(dst_type);
567 hci_le_create_connection(le);
568 }
569
570 le->pending_sec_level = sec_level;
571 le->auth_type = auth_type;
572
573 hci_conn_hold(le);
574
575 return le;
576 }
577
578 static struct hci_conn *hci_connect_acl(struct hci_dev *hdev, bdaddr_t *dst,
579 u8 sec_level, u8 auth_type)
580 {
581 struct hci_conn *acl;
582
583 acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst);
584 if (!acl) {
585 acl = hci_conn_add(hdev, ACL_LINK, dst);
586 if (!acl)
587 return ERR_PTR(-ENOMEM);
588 }
589
590 hci_conn_hold(acl);
591
592 if (acl->state == BT_OPEN || acl->state == BT_CLOSED) {
593 acl->sec_level = BT_SECURITY_LOW;
594 acl->pending_sec_level = sec_level;
595 acl->auth_type = auth_type;
596 hci_acl_create_connection(acl);
597 }
598
599 return acl;
600 }
601
602 struct hci_conn *hci_connect_sco(struct hci_dev *hdev, int type, bdaddr_t *dst,
603 __u16 setting)
604 {
605 struct hci_conn *acl;
606 struct hci_conn *sco;
607
608 acl = hci_connect_acl(hdev, dst, BT_SECURITY_LOW, HCI_AT_NO_BONDING);
609 if (IS_ERR(acl))
610 return acl;
611
612 sco = hci_conn_hash_lookup_ba(hdev, type, dst);
613 if (!sco) {
614 sco = hci_conn_add(hdev, type, dst);
615 if (!sco) {
616 hci_conn_drop(acl);
617 return ERR_PTR(-ENOMEM);
618 }
619 }
620
621 acl->link = sco;
622 sco->link = acl;
623
624 hci_conn_hold(sco);
625
626 sco->setting = setting;
627
628 if (acl->state == BT_CONNECTED &&
629 (sco->state == BT_OPEN || sco->state == BT_CLOSED)) {
630 set_bit(HCI_CONN_POWER_SAVE, &acl->flags);
631 hci_conn_enter_active_mode(acl, BT_POWER_FORCE_ACTIVE_ON);
632
633 if (test_bit(HCI_CONN_MODE_CHANGE_PEND, &acl->flags)) {
634 /* defer SCO setup until mode change completed */
635 set_bit(HCI_CONN_SCO_SETUP_PEND, &acl->flags);
636 return sco;
637 }
638
639 hci_sco_setup(acl, 0x00);
640 }
641
642 return sco;
643 }
644
645 /* Create SCO, ACL or LE connection. */
646 struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst,
647 __u8 dst_type, __u8 sec_level, __u8 auth_type)
648 {
649 BT_DBG("%s dst %pMR type 0x%x", hdev->name, dst, type);
650
651 switch (type) {
652 case LE_LINK:
653 return hci_connect_le(hdev, dst, dst_type, sec_level, auth_type);
654 case ACL_LINK:
655 return hci_connect_acl(hdev, dst, sec_level, auth_type);
656 }
657
658 return ERR_PTR(-EINVAL);
659 }
660
661 /* Check link security requirement */
662 int hci_conn_check_link_mode(struct hci_conn *conn)
663 {
664 BT_DBG("hcon %p", conn);
665
666 if (hci_conn_ssp_enabled(conn) && !(conn->link_mode & HCI_LM_ENCRYPT))
667 return 0;
668
669 return 1;
670 }
671
672 /* Authenticate remote device */
673 static int hci_conn_auth(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
674 {
675 BT_DBG("hcon %p", conn);
676
677 if (conn->pending_sec_level > sec_level)
678 sec_level = conn->pending_sec_level;
679
680 if (sec_level > conn->sec_level)
681 conn->pending_sec_level = sec_level;
682 else if (conn->link_mode & HCI_LM_AUTH)
683 return 1;
684
685 /* Make sure we preserve an existing MITM requirement*/
686 auth_type |= (conn->auth_type & 0x01);
687
688 conn->auth_type = auth_type;
689
690 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
691 struct hci_cp_auth_requested cp;
692
693 cp.handle = cpu_to_le16(conn->handle);
694 hci_send_cmd(conn->hdev, HCI_OP_AUTH_REQUESTED,
695 sizeof(cp), &cp);
696
697 /* If we're already encrypted set the REAUTH_PEND flag,
698 * otherwise set the ENCRYPT_PEND.
699 */
700 if (conn->link_mode & HCI_LM_ENCRYPT)
701 set_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
702 else
703 set_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
704 }
705
706 return 0;
707 }
708
709 /* Encrypt the the link */
710 static void hci_conn_encrypt(struct hci_conn *conn)
711 {
712 BT_DBG("hcon %p", conn);
713
714 if (!test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
715 struct hci_cp_set_conn_encrypt cp;
716 cp.handle = cpu_to_le16(conn->handle);
717 cp.encrypt = 0x01;
718 hci_send_cmd(conn->hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
719 &cp);
720 }
721 }
722
723 /* Enable security */
724 int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
725 {
726 BT_DBG("hcon %p", conn);
727
728 if (conn->type == LE_LINK)
729 return smp_conn_security(conn, sec_level);
730
731 /* For sdp we don't need the link key. */
732 if (sec_level == BT_SECURITY_SDP)
733 return 1;
734
735 /* For non 2.1 devices and low security level we don't need the link
736 key. */
737 if (sec_level == BT_SECURITY_LOW && !hci_conn_ssp_enabled(conn))
738 return 1;
739
740 /* For other security levels we need the link key. */
741 if (!(conn->link_mode & HCI_LM_AUTH))
742 goto auth;
743
744 /* An authenticated combination key has sufficient security for any
745 security level. */
746 if (conn->key_type == HCI_LK_AUTH_COMBINATION)
747 goto encrypt;
748
749 /* An unauthenticated combination key has sufficient security for
750 security level 1 and 2. */
751 if (conn->key_type == HCI_LK_UNAUTH_COMBINATION &&
752 (sec_level == BT_SECURITY_MEDIUM || sec_level == BT_SECURITY_LOW))
753 goto encrypt;
754
755 /* A combination key has always sufficient security for the security
756 levels 1 or 2. High security level requires the combination key
757 is generated using maximum PIN code length (16).
758 For pre 2.1 units. */
759 if (conn->key_type == HCI_LK_COMBINATION &&
760 (sec_level != BT_SECURITY_HIGH || conn->pin_length == 16))
761 goto encrypt;
762
763 auth:
764 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags))
765 return 0;
766
767 if (!hci_conn_auth(conn, sec_level, auth_type))
768 return 0;
769
770 encrypt:
771 if (conn->link_mode & HCI_LM_ENCRYPT)
772 return 1;
773
774 hci_conn_encrypt(conn);
775 return 0;
776 }
777 EXPORT_SYMBOL(hci_conn_security);
778
779 /* Check secure link requirement */
780 int hci_conn_check_secure(struct hci_conn *conn, __u8 sec_level)
781 {
782 BT_DBG("hcon %p", conn);
783
784 if (sec_level != BT_SECURITY_HIGH)
785 return 1; /* Accept if non-secure is required */
786
787 if (conn->sec_level == BT_SECURITY_HIGH)
788 return 1;
789
790 return 0; /* Reject not secure link */
791 }
792 EXPORT_SYMBOL(hci_conn_check_secure);
793
794 /* Change link key */
795 int hci_conn_change_link_key(struct hci_conn *conn)
796 {
797 BT_DBG("hcon %p", conn);
798
799 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
800 struct hci_cp_change_conn_link_key cp;
801 cp.handle = cpu_to_le16(conn->handle);
802 hci_send_cmd(conn->hdev, HCI_OP_CHANGE_CONN_LINK_KEY,
803 sizeof(cp), &cp);
804 }
805
806 return 0;
807 }
808
809 /* Switch role */
810 int hci_conn_switch_role(struct hci_conn *conn, __u8 role)
811 {
812 BT_DBG("hcon %p", conn);
813
814 if (!role && conn->link_mode & HCI_LM_MASTER)
815 return 1;
816
817 if (!test_and_set_bit(HCI_CONN_RSWITCH_PEND, &conn->flags)) {
818 struct hci_cp_switch_role cp;
819 bacpy(&cp.bdaddr, &conn->dst);
820 cp.role = role;
821 hci_send_cmd(conn->hdev, HCI_OP_SWITCH_ROLE, sizeof(cp), &cp);
822 }
823
824 return 0;
825 }
826 EXPORT_SYMBOL(hci_conn_switch_role);
827
828 /* Enter active mode */
829 void hci_conn_enter_active_mode(struct hci_conn *conn, __u8 force_active)
830 {
831 struct hci_dev *hdev = conn->hdev;
832
833 BT_DBG("hcon %p mode %d", conn, conn->mode);
834
835 if (test_bit(HCI_RAW, &hdev->flags))
836 return;
837
838 if (conn->mode != HCI_CM_SNIFF)
839 goto timer;
840
841 if (!test_bit(HCI_CONN_POWER_SAVE, &conn->flags) && !force_active)
842 goto timer;
843
844 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
845 struct hci_cp_exit_sniff_mode cp;
846 cp.handle = cpu_to_le16(conn->handle);
847 hci_send_cmd(hdev, HCI_OP_EXIT_SNIFF_MODE, sizeof(cp), &cp);
848 }
849
850 timer:
851 if (hdev->idle_timeout > 0)
852 mod_timer(&conn->idle_timer,
853 jiffies + msecs_to_jiffies(hdev->idle_timeout));
854 }
855
856 /* Drop all connection on the device */
857 void hci_conn_hash_flush(struct hci_dev *hdev)
858 {
859 struct hci_conn_hash *h = &hdev->conn_hash;
860 struct hci_conn *c, *n;
861
862 BT_DBG("hdev %s", hdev->name);
863
864 list_for_each_entry_safe(c, n, &h->list, list) {
865 c->state = BT_CLOSED;
866
867 hci_proto_disconn_cfm(c, HCI_ERROR_LOCAL_HOST_TERM);
868 hci_conn_del(c);
869 }
870 }
871
872 /* Check pending connect attempts */
873 void hci_conn_check_pending(struct hci_dev *hdev)
874 {
875 struct hci_conn *conn;
876
877 BT_DBG("hdev %s", hdev->name);
878
879 hci_dev_lock(hdev);
880
881 conn = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
882 if (conn)
883 hci_acl_create_connection(conn);
884
885 hci_dev_unlock(hdev);
886 }
887
888 int hci_get_conn_list(void __user *arg)
889 {
890 struct hci_conn *c;
891 struct hci_conn_list_req req, *cl;
892 struct hci_conn_info *ci;
893 struct hci_dev *hdev;
894 int n = 0, size, err;
895
896 if (copy_from_user(&req, arg, sizeof(req)))
897 return -EFAULT;
898
899 if (!req.conn_num || req.conn_num > (PAGE_SIZE * 2) / sizeof(*ci))
900 return -EINVAL;
901
902 size = sizeof(req) + req.conn_num * sizeof(*ci);
903
904 cl = kmalloc(size, GFP_KERNEL);
905 if (!cl)
906 return -ENOMEM;
907
908 hdev = hci_dev_get(req.dev_id);
909 if (!hdev) {
910 kfree(cl);
911 return -ENODEV;
912 }
913
914 ci = cl->conn_info;
915
916 hci_dev_lock(hdev);
917 list_for_each_entry(c, &hdev->conn_hash.list, list) {
918 bacpy(&(ci + n)->bdaddr, &c->dst);
919 (ci + n)->handle = c->handle;
920 (ci + n)->type = c->type;
921 (ci + n)->out = c->out;
922 (ci + n)->state = c->state;
923 (ci + n)->link_mode = c->link_mode;
924 if (++n >= req.conn_num)
925 break;
926 }
927 hci_dev_unlock(hdev);
928
929 cl->dev_id = hdev->id;
930 cl->conn_num = n;
931 size = sizeof(req) + n * sizeof(*ci);
932
933 hci_dev_put(hdev);
934
935 err = copy_to_user(arg, cl, size);
936 kfree(cl);
937
938 return err ? -EFAULT : 0;
939 }
940
941 int hci_get_conn_info(struct hci_dev *hdev, void __user *arg)
942 {
943 struct hci_conn_info_req req;
944 struct hci_conn_info ci;
945 struct hci_conn *conn;
946 char __user *ptr = arg + sizeof(req);
947
948 if (copy_from_user(&req, arg, sizeof(req)))
949 return -EFAULT;
950
951 hci_dev_lock(hdev);
952 conn = hci_conn_hash_lookup_ba(hdev, req.type, &req.bdaddr);
953 if (conn) {
954 bacpy(&ci.bdaddr, &conn->dst);
955 ci.handle = conn->handle;
956 ci.type = conn->type;
957 ci.out = conn->out;
958 ci.state = conn->state;
959 ci.link_mode = conn->link_mode;
960 }
961 hci_dev_unlock(hdev);
962
963 if (!conn)
964 return -ENOENT;
965
966 return copy_to_user(ptr, &ci, sizeof(ci)) ? -EFAULT : 0;
967 }
968
969 int hci_get_auth_info(struct hci_dev *hdev, void __user *arg)
970 {
971 struct hci_auth_info_req req;
972 struct hci_conn *conn;
973
974 if (copy_from_user(&req, arg, sizeof(req)))
975 return -EFAULT;
976
977 hci_dev_lock(hdev);
978 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &req.bdaddr);
979 if (conn)
980 req.type = conn->auth_type;
981 hci_dev_unlock(hdev);
982
983 if (!conn)
984 return -ENOENT;
985
986 return copy_to_user(arg, &req, sizeof(req)) ? -EFAULT : 0;
987 }
988
989 struct hci_chan *hci_chan_create(struct hci_conn *conn)
990 {
991 struct hci_dev *hdev = conn->hdev;
992 struct hci_chan *chan;
993
994 BT_DBG("%s hcon %p", hdev->name, conn);
995
996 chan = kzalloc(sizeof(struct hci_chan), GFP_KERNEL);
997 if (!chan)
998 return NULL;
999
1000 chan->conn = conn;
1001 skb_queue_head_init(&chan->data_q);
1002 chan->state = BT_CONNECTED;
1003
1004 list_add_rcu(&chan->list, &conn->chan_list);
1005
1006 return chan;
1007 }
1008
1009 void hci_chan_del(struct hci_chan *chan)
1010 {
1011 struct hci_conn *conn = chan->conn;
1012 struct hci_dev *hdev = conn->hdev;
1013
1014 BT_DBG("%s hcon %p chan %p", hdev->name, conn, chan);
1015
1016 list_del_rcu(&chan->list);
1017
1018 synchronize_rcu();
1019
1020 hci_conn_drop(conn);
1021
1022 skb_queue_purge(&chan->data_q);
1023 kfree(chan);
1024 }
1025
1026 void hci_chan_list_flush(struct hci_conn *conn)
1027 {
1028 struct hci_chan *chan, *n;
1029
1030 BT_DBG("hcon %p", conn);
1031
1032 list_for_each_entry_safe(chan, n, &conn->chan_list, list)
1033 hci_chan_del(chan);
1034 }
1035
1036 static struct hci_chan *__hci_chan_lookup_handle(struct hci_conn *hcon,
1037 __u16 handle)
1038 {
1039 struct hci_chan *hchan;
1040
1041 list_for_each_entry(hchan, &hcon->chan_list, list) {
1042 if (hchan->handle == handle)
1043 return hchan;
1044 }
1045
1046 return NULL;
1047 }
1048
1049 struct hci_chan *hci_chan_lookup_handle(struct hci_dev *hdev, __u16 handle)
1050 {
1051 struct hci_conn_hash *h = &hdev->conn_hash;
1052 struct hci_conn *hcon;
1053 struct hci_chan *hchan = NULL;
1054
1055 rcu_read_lock();
1056
1057 list_for_each_entry_rcu(hcon, &h->list, list) {
1058 hchan = __hci_chan_lookup_handle(hcon, handle);
1059 if (hchan)
1060 break;
1061 }
1062
1063 rcu_read_unlock();
1064
1065 return hchan;
1066 }
Linux with added FPC-III support