eCryptfs: Prevent lower dentry from going negative during unlink
[linux/fpc-iii.git] / net / bluetooth / hidp / core.c
blob49d8495d69be04bf2948e5467d6115eb0f7aa192
1 /*
2 HIDP implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2003-2004 Marcel Holtmann <marcel@holtmann.org>
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 #include <linux/module.h>
25 #include <linux/types.h>
26 #include <linux/errno.h>
27 #include <linux/kernel.h>
28 #include <linux/sched.h>
29 #include <linux/slab.h>
30 #include <linux/poll.h>
31 #include <linux/freezer.h>
32 #include <linux/fcntl.h>
33 #include <linux/skbuff.h>
34 #include <linux/socket.h>
35 #include <linux/ioctl.h>
36 #include <linux/file.h>
37 #include <linux/init.h>
38 #include <linux/wait.h>
39 #include <net/sock.h>
41 #include <linux/input.h>
42 #include <linux/hid.h>
43 #include <linux/hidraw.h>
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
47 #include <net/bluetooth/l2cap.h>
49 #include "hidp.h"
51 #define VERSION "1.2"
53 static DECLARE_RWSEM(hidp_session_sem);
54 static LIST_HEAD(hidp_session_list);
56 static unsigned char hidp_keycode[256] = {
57 0, 0, 0, 0, 30, 48, 46, 32, 18, 33, 34, 35, 23, 36, 37, 38,
58 50, 49, 24, 25, 16, 19, 31, 20, 22, 47, 17, 45, 21, 44, 2, 3,
59 4, 5, 6, 7, 8, 9, 10, 11, 28, 1, 14, 15, 57, 12, 13, 26,
60 27, 43, 43, 39, 40, 41, 51, 52, 53, 58, 59, 60, 61, 62, 63, 64,
61 65, 66, 67, 68, 87, 88, 99, 70,119,110,102,104,111,107,109,106,
62 105,108,103, 69, 98, 55, 74, 78, 96, 79, 80, 81, 75, 76, 77, 71,
63 72, 73, 82, 83, 86,127,116,117,183,184,185,186,187,188,189,190,
64 191,192,193,194,134,138,130,132,128,129,131,137,133,135,136,113,
65 115,114, 0, 0, 0,121, 0, 89, 93,124, 92, 94, 95, 0, 0, 0,
66 122,123, 90, 91, 85, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
67 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
68 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
69 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
70 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
71 29, 42, 56,125, 97, 54,100,126,164,166,165,163,161,115,114,113,
72 150,158,159,128,136,177,178,176,142,152,173,140
75 static unsigned char hidp_mkeyspat[] = { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 };
77 static struct hidp_session *__hidp_get_session(bdaddr_t *bdaddr)
79 struct hidp_session *session;
80 struct list_head *p;
82 BT_DBG("");
84 list_for_each(p, &hidp_session_list) {
85 session = list_entry(p, struct hidp_session, list);
86 if (!bacmp(bdaddr, &session->bdaddr))
87 return session;
89 return NULL;
92 static void __hidp_link_session(struct hidp_session *session)
94 __module_get(THIS_MODULE);
95 list_add(&session->list, &hidp_session_list);
97 hci_conn_hold_device(session->conn);
100 static void __hidp_unlink_session(struct hidp_session *session)
102 hci_conn_put_device(session->conn);
104 list_del(&session->list);
105 module_put(THIS_MODULE);
108 static void __hidp_copy_session(struct hidp_session *session, struct hidp_conninfo *ci)
110 bacpy(&ci->bdaddr, &session->bdaddr);
112 ci->flags = session->flags;
113 ci->state = session->state;
115 ci->vendor = 0x0000;
116 ci->product = 0x0000;
117 ci->version = 0x0000;
118 memset(ci->name, 0, 128);
120 if (session->input) {
121 ci->vendor = session->input->id.vendor;
122 ci->product = session->input->id.product;
123 ci->version = session->input->id.version;
124 if (session->input->name)
125 strncpy(ci->name, session->input->name, 128);
126 else
127 strncpy(ci->name, "HID Boot Device", 128);
130 if (session->hid) {
131 ci->vendor = session->hid->vendor;
132 ci->product = session->hid->product;
133 ci->version = session->hid->version;
134 strncpy(ci->name, session->hid->name, 128);
138 static int hidp_queue_event(struct hidp_session *session, struct input_dev *dev,
139 unsigned int type, unsigned int code, int value)
141 unsigned char newleds;
142 struct sk_buff *skb;
144 BT_DBG("session %p type %d code %d value %d", session, type, code, value);
146 if (type != EV_LED)
147 return -1;
149 newleds = (!!test_bit(LED_KANA, dev->led) << 3) |
150 (!!test_bit(LED_COMPOSE, dev->led) << 3) |
151 (!!test_bit(LED_SCROLLL, dev->led) << 2) |
152 (!!test_bit(LED_CAPSL, dev->led) << 1) |
153 (!!test_bit(LED_NUML, dev->led));
155 if (session->leds == newleds)
156 return 0;
158 session->leds = newleds;
160 if (!(skb = alloc_skb(3, GFP_ATOMIC))) {
161 BT_ERR("Can't allocate memory for new frame");
162 return -ENOMEM;
165 *skb_put(skb, 1) = HIDP_TRANS_DATA | HIDP_DATA_RTYPE_OUPUT;
166 *skb_put(skb, 1) = 0x01;
167 *skb_put(skb, 1) = newleds;
169 skb_queue_tail(&session->intr_transmit, skb);
171 hidp_schedule(session);
173 return 0;
176 static int hidp_hidinput_event(struct input_dev *dev, unsigned int type, unsigned int code, int value)
178 struct hid_device *hid = input_get_drvdata(dev);
179 struct hidp_session *session = hid->driver_data;
181 return hidp_queue_event(session, dev, type, code, value);
184 static int hidp_input_event(struct input_dev *dev, unsigned int type, unsigned int code, int value)
186 struct hidp_session *session = input_get_drvdata(dev);
188 return hidp_queue_event(session, dev, type, code, value);
191 static void hidp_input_report(struct hidp_session *session, struct sk_buff *skb)
193 struct input_dev *dev = session->input;
194 unsigned char *keys = session->keys;
195 unsigned char *udata = skb->data + 1;
196 signed char *sdata = skb->data + 1;
197 int i, size = skb->len - 1;
199 switch (skb->data[0]) {
200 case 0x01: /* Keyboard report */
201 for (i = 0; i < 8; i++)
202 input_report_key(dev, hidp_keycode[i + 224], (udata[0] >> i) & 1);
204 /* If all the key codes have been set to 0x01, it means
205 * too many keys were pressed at the same time. */
206 if (!memcmp(udata + 2, hidp_mkeyspat, 6))
207 break;
209 for (i = 2; i < 8; i++) {
210 if (keys[i] > 3 && memscan(udata + 2, keys[i], 6) == udata + 8) {
211 if (hidp_keycode[keys[i]])
212 input_report_key(dev, hidp_keycode[keys[i]], 0);
213 else
214 BT_ERR("Unknown key (scancode %#x) released.", keys[i]);
217 if (udata[i] > 3 && memscan(keys + 2, udata[i], 6) == keys + 8) {
218 if (hidp_keycode[udata[i]])
219 input_report_key(dev, hidp_keycode[udata[i]], 1);
220 else
221 BT_ERR("Unknown key (scancode %#x) pressed.", udata[i]);
225 memcpy(keys, udata, 8);
226 break;
228 case 0x02: /* Mouse report */
229 input_report_key(dev, BTN_LEFT, sdata[0] & 0x01);
230 input_report_key(dev, BTN_RIGHT, sdata[0] & 0x02);
231 input_report_key(dev, BTN_MIDDLE, sdata[0] & 0x04);
232 input_report_key(dev, BTN_SIDE, sdata[0] & 0x08);
233 input_report_key(dev, BTN_EXTRA, sdata[0] & 0x10);
235 input_report_rel(dev, REL_X, sdata[1]);
236 input_report_rel(dev, REL_Y, sdata[2]);
238 if (size > 3)
239 input_report_rel(dev, REL_WHEEL, sdata[3]);
240 break;
243 input_sync(dev);
246 static int hidp_queue_report(struct hidp_session *session,
247 unsigned char *data, int size)
249 struct sk_buff *skb;
251 BT_DBG("session %p hid %p data %p size %d", session, session->hid, data, size);
253 if (!(skb = alloc_skb(size + 1, GFP_ATOMIC))) {
254 BT_ERR("Can't allocate memory for new frame");
255 return -ENOMEM;
258 *skb_put(skb, 1) = 0xa2;
259 if (size > 0)
260 memcpy(skb_put(skb, size), data, size);
262 skb_queue_tail(&session->intr_transmit, skb);
264 hidp_schedule(session);
266 return 0;
269 static int hidp_send_report(struct hidp_session *session, struct hid_report *report)
271 unsigned char buf[32];
272 int rsize;
274 rsize = ((report->size - 1) >> 3) + 1 + (report->id > 0);
275 if (rsize > sizeof(buf))
276 return -EIO;
278 hid_output_report(report, buf);
280 return hidp_queue_report(session, buf, rsize);
283 static void hidp_idle_timeout(unsigned long arg)
285 struct hidp_session *session = (struct hidp_session *) arg;
287 atomic_inc(&session->terminate);
288 hidp_schedule(session);
291 static void hidp_set_timer(struct hidp_session *session)
293 if (session->idle_to > 0)
294 mod_timer(&session->timer, jiffies + HZ * session->idle_to);
297 static inline void hidp_del_timer(struct hidp_session *session)
299 if (session->idle_to > 0)
300 del_timer(&session->timer);
303 static int __hidp_send_ctrl_message(struct hidp_session *session,
304 unsigned char hdr, unsigned char *data, int size)
306 struct sk_buff *skb;
308 BT_DBG("session %p data %p size %d", session, data, size);
310 if (!(skb = alloc_skb(size + 1, GFP_ATOMIC))) {
311 BT_ERR("Can't allocate memory for new frame");
312 return -ENOMEM;
315 *skb_put(skb, 1) = hdr;
316 if (data && size > 0)
317 memcpy(skb_put(skb, size), data, size);
319 skb_queue_tail(&session->ctrl_transmit, skb);
321 return 0;
324 static inline int hidp_send_ctrl_message(struct hidp_session *session,
325 unsigned char hdr, unsigned char *data, int size)
327 int err;
329 err = __hidp_send_ctrl_message(session, hdr, data, size);
331 hidp_schedule(session);
333 return err;
336 static void hidp_process_handshake(struct hidp_session *session,
337 unsigned char param)
339 BT_DBG("session %p param 0x%02x", session, param);
341 switch (param) {
342 case HIDP_HSHK_SUCCESSFUL:
343 /* FIXME: Call into SET_ GET_ handlers here */
344 break;
346 case HIDP_HSHK_NOT_READY:
347 case HIDP_HSHK_ERR_INVALID_REPORT_ID:
348 case HIDP_HSHK_ERR_UNSUPPORTED_REQUEST:
349 case HIDP_HSHK_ERR_INVALID_PARAMETER:
350 /* FIXME: Call into SET_ GET_ handlers here */
351 break;
353 case HIDP_HSHK_ERR_UNKNOWN:
354 break;
356 case HIDP_HSHK_ERR_FATAL:
357 /* Device requests a reboot, as this is the only way this error
358 * can be recovered. */
359 __hidp_send_ctrl_message(session,
360 HIDP_TRANS_HID_CONTROL | HIDP_CTRL_SOFT_RESET, NULL, 0);
361 break;
363 default:
364 __hidp_send_ctrl_message(session,
365 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0);
366 break;
370 static void hidp_process_hid_control(struct hidp_session *session,
371 unsigned char param)
373 BT_DBG("session %p param 0x%02x", session, param);
375 if (param == HIDP_CTRL_VIRTUAL_CABLE_UNPLUG) {
376 /* Flush the transmit queues */
377 skb_queue_purge(&session->ctrl_transmit);
378 skb_queue_purge(&session->intr_transmit);
380 /* Kill session thread */
381 atomic_inc(&session->terminate);
382 hidp_schedule(session);
386 static void hidp_process_data(struct hidp_session *session, struct sk_buff *skb,
387 unsigned char param)
389 BT_DBG("session %p skb %p len %d param 0x%02x", session, skb, skb->len, param);
391 switch (param) {
392 case HIDP_DATA_RTYPE_INPUT:
393 hidp_set_timer(session);
395 if (session->input)
396 hidp_input_report(session, skb);
398 if (session->hid)
399 hid_input_report(session->hid, HID_INPUT_REPORT, skb->data, skb->len, 0);
401 break;
403 case HIDP_DATA_RTYPE_OTHER:
404 case HIDP_DATA_RTYPE_OUPUT:
405 case HIDP_DATA_RTYPE_FEATURE:
406 break;
408 default:
409 __hidp_send_ctrl_message(session,
410 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0);
414 static void hidp_recv_ctrl_frame(struct hidp_session *session,
415 struct sk_buff *skb)
417 unsigned char hdr, type, param;
419 BT_DBG("session %p skb %p len %d", session, skb, skb->len);
421 hdr = skb->data[0];
422 skb_pull(skb, 1);
424 type = hdr & HIDP_HEADER_TRANS_MASK;
425 param = hdr & HIDP_HEADER_PARAM_MASK;
427 switch (type) {
428 case HIDP_TRANS_HANDSHAKE:
429 hidp_process_handshake(session, param);
430 break;
432 case HIDP_TRANS_HID_CONTROL:
433 hidp_process_hid_control(session, param);
434 break;
436 case HIDP_TRANS_DATA:
437 hidp_process_data(session, skb, param);
438 break;
440 default:
441 __hidp_send_ctrl_message(session,
442 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_UNSUPPORTED_REQUEST, NULL, 0);
443 break;
446 kfree_skb(skb);
449 static void hidp_recv_intr_frame(struct hidp_session *session,
450 struct sk_buff *skb)
452 unsigned char hdr;
454 BT_DBG("session %p skb %p len %d", session, skb, skb->len);
456 hdr = skb->data[0];
457 skb_pull(skb, 1);
459 if (hdr == (HIDP_TRANS_DATA | HIDP_DATA_RTYPE_INPUT)) {
460 hidp_set_timer(session);
462 if (session->input)
463 hidp_input_report(session, skb);
465 if (session->hid) {
466 hid_input_report(session->hid, HID_INPUT_REPORT, skb->data, skb->len, 1);
467 BT_DBG("report len %d", skb->len);
469 } else {
470 BT_DBG("Unsupported protocol header 0x%02x", hdr);
473 kfree_skb(skb);
476 static int hidp_send_frame(struct socket *sock, unsigned char *data, int len)
478 struct kvec iv = { data, len };
479 struct msghdr msg;
481 BT_DBG("sock %p data %p len %d", sock, data, len);
483 if (!len)
484 return 0;
486 memset(&msg, 0, sizeof(msg));
488 return kernel_sendmsg(sock, &msg, &iv, 1, len);
491 static void hidp_process_transmit(struct hidp_session *session)
493 struct sk_buff *skb;
495 BT_DBG("session %p", session);
497 while ((skb = skb_dequeue(&session->ctrl_transmit))) {
498 if (hidp_send_frame(session->ctrl_sock, skb->data, skb->len) < 0) {
499 skb_queue_head(&session->ctrl_transmit, skb);
500 break;
503 hidp_set_timer(session);
504 kfree_skb(skb);
507 while ((skb = skb_dequeue(&session->intr_transmit))) {
508 if (hidp_send_frame(session->intr_sock, skb->data, skb->len) < 0) {
509 skb_queue_head(&session->intr_transmit, skb);
510 break;
513 hidp_set_timer(session);
514 kfree_skb(skb);
518 static int hidp_session(void *arg)
520 struct hidp_session *session = arg;
521 struct sock *ctrl_sk = session->ctrl_sock->sk;
522 struct sock *intr_sk = session->intr_sock->sk;
523 struct sk_buff *skb;
524 int vendor = 0x0000, product = 0x0000;
525 wait_queue_t ctrl_wait, intr_wait;
527 BT_DBG("session %p", session);
529 if (session->input) {
530 vendor = session->input->id.vendor;
531 product = session->input->id.product;
534 if (session->hid) {
535 vendor = session->hid->vendor;
536 product = session->hid->product;
539 daemonize("khidpd_%04x%04x", vendor, product);
540 set_user_nice(current, -15);
542 init_waitqueue_entry(&ctrl_wait, current);
543 init_waitqueue_entry(&intr_wait, current);
544 add_wait_queue(ctrl_sk->sk_sleep, &ctrl_wait);
545 add_wait_queue(intr_sk->sk_sleep, &intr_wait);
546 while (!atomic_read(&session->terminate)) {
547 set_current_state(TASK_INTERRUPTIBLE);
549 if (ctrl_sk->sk_state != BT_CONNECTED || intr_sk->sk_state != BT_CONNECTED)
550 break;
552 while ((skb = skb_dequeue(&ctrl_sk->sk_receive_queue))) {
553 skb_orphan(skb);
554 hidp_recv_ctrl_frame(session, skb);
557 while ((skb = skb_dequeue(&intr_sk->sk_receive_queue))) {
558 skb_orphan(skb);
559 hidp_recv_intr_frame(session, skb);
562 hidp_process_transmit(session);
564 schedule();
566 set_current_state(TASK_RUNNING);
567 remove_wait_queue(intr_sk->sk_sleep, &intr_wait);
568 remove_wait_queue(ctrl_sk->sk_sleep, &ctrl_wait);
570 down_write(&hidp_session_sem);
572 hidp_del_timer(session);
574 if (session->input) {
575 input_unregister_device(session->input);
576 session->input = NULL;
579 if (session->hid) {
580 hid_destroy_device(session->hid);
581 session->hid = NULL;
584 /* Wakeup user-space polling for socket errors */
585 session->intr_sock->sk->sk_err = EUNATCH;
586 session->ctrl_sock->sk->sk_err = EUNATCH;
588 hidp_schedule(session);
590 fput(session->intr_sock->file);
592 wait_event_timeout(*(ctrl_sk->sk_sleep),
593 (ctrl_sk->sk_state == BT_CLOSED), msecs_to_jiffies(500));
595 fput(session->ctrl_sock->file);
597 __hidp_unlink_session(session);
599 up_write(&hidp_session_sem);
601 kfree(session);
602 return 0;
605 static struct device *hidp_get_device(struct hidp_session *session)
607 bdaddr_t *src = &bt_sk(session->ctrl_sock->sk)->src;
608 bdaddr_t *dst = &bt_sk(session->ctrl_sock->sk)->dst;
609 struct device *device = NULL;
610 struct hci_dev *hdev;
612 hdev = hci_get_route(dst, src);
613 if (!hdev)
614 return NULL;
616 session->conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst);
617 if (session->conn)
618 device = &session->conn->dev;
620 hci_dev_put(hdev);
622 return device;
625 static int hidp_setup_input(struct hidp_session *session,
626 struct hidp_connadd_req *req)
628 struct input_dev *input;
629 int err, i;
631 input = input_allocate_device();
632 if (!input)
633 return -ENOMEM;
635 session->input = input;
637 input_set_drvdata(input, session);
639 input->name = "Bluetooth HID Boot Protocol Device";
641 input->id.bustype = BUS_BLUETOOTH;
642 input->id.vendor = req->vendor;
643 input->id.product = req->product;
644 input->id.version = req->version;
646 if (req->subclass & 0x40) {
647 set_bit(EV_KEY, input->evbit);
648 set_bit(EV_LED, input->evbit);
649 set_bit(EV_REP, input->evbit);
651 set_bit(LED_NUML, input->ledbit);
652 set_bit(LED_CAPSL, input->ledbit);
653 set_bit(LED_SCROLLL, input->ledbit);
654 set_bit(LED_COMPOSE, input->ledbit);
655 set_bit(LED_KANA, input->ledbit);
657 for (i = 0; i < sizeof(hidp_keycode); i++)
658 set_bit(hidp_keycode[i], input->keybit);
659 clear_bit(0, input->keybit);
662 if (req->subclass & 0x80) {
663 input->evbit[0] = BIT_MASK(EV_KEY) | BIT_MASK(EV_REL);
664 input->keybit[BIT_WORD(BTN_MOUSE)] = BIT_MASK(BTN_LEFT) |
665 BIT_MASK(BTN_RIGHT) | BIT_MASK(BTN_MIDDLE);
666 input->relbit[0] = BIT_MASK(REL_X) | BIT_MASK(REL_Y);
667 input->keybit[BIT_WORD(BTN_MOUSE)] |= BIT_MASK(BTN_SIDE) |
668 BIT_MASK(BTN_EXTRA);
669 input->relbit[0] |= BIT_MASK(REL_WHEEL);
672 input->dev.parent = hidp_get_device(session);
674 input->event = hidp_input_event;
676 err = input_register_device(input);
677 if (err < 0) {
678 hci_conn_put_device(session->conn);
679 return err;
682 return 0;
685 static int hidp_open(struct hid_device *hid)
687 return 0;
690 static void hidp_close(struct hid_device *hid)
694 static int hidp_parse(struct hid_device *hid)
696 struct hidp_session *session = hid->driver_data;
697 struct hidp_connadd_req *req = session->req;
698 unsigned char *buf;
699 int ret;
701 buf = kmalloc(req->rd_size, GFP_KERNEL);
702 if (!buf)
703 return -ENOMEM;
705 if (copy_from_user(buf, req->rd_data, req->rd_size)) {
706 kfree(buf);
707 return -EFAULT;
710 ret = hid_parse_report(session->hid, buf, req->rd_size);
712 kfree(buf);
714 if (ret)
715 return ret;
717 session->req = NULL;
719 return 0;
722 static int hidp_start(struct hid_device *hid)
724 struct hidp_session *session = hid->driver_data;
725 struct hid_report *report;
727 list_for_each_entry(report, &hid->report_enum[HID_INPUT_REPORT].
728 report_list, list)
729 hidp_send_report(session, report);
731 list_for_each_entry(report, &hid->report_enum[HID_FEATURE_REPORT].
732 report_list, list)
733 hidp_send_report(session, report);
735 return 0;
738 static void hidp_stop(struct hid_device *hid)
740 struct hidp_session *session = hid->driver_data;
742 skb_queue_purge(&session->ctrl_transmit);
743 skb_queue_purge(&session->intr_transmit);
745 hid->claimed = 0;
748 static struct hid_ll_driver hidp_hid_driver = {
749 .parse = hidp_parse,
750 .start = hidp_start,
751 .stop = hidp_stop,
752 .open = hidp_open,
753 .close = hidp_close,
754 .hidinput_input_event = hidp_hidinput_event,
757 static int hidp_setup_hid(struct hidp_session *session,
758 struct hidp_connadd_req *req)
760 struct hid_device *hid;
761 bdaddr_t src, dst;
762 int err;
764 hid = hid_allocate_device();
765 if (IS_ERR(hid))
766 return PTR_ERR(session->hid);
768 session->hid = hid;
769 session->req = req;
770 hid->driver_data = session;
772 baswap(&src, &bt_sk(session->ctrl_sock->sk)->src);
773 baswap(&dst, &bt_sk(session->ctrl_sock->sk)->dst);
775 hid->bus = BUS_BLUETOOTH;
776 hid->vendor = req->vendor;
777 hid->product = req->product;
778 hid->version = req->version;
779 hid->country = req->country;
781 strncpy(hid->name, req->name, 128);
782 strncpy(hid->phys, batostr(&src), 64);
783 strncpy(hid->uniq, batostr(&dst), 64);
785 hid->dev.parent = hidp_get_device(session);
786 hid->ll_driver = &hidp_hid_driver;
788 err = hid_add_device(hid);
789 if (err < 0)
790 goto failed;
792 return 0;
794 failed:
795 hid_destroy_device(hid);
796 session->hid = NULL;
798 return err;
801 int hidp_add_connection(struct hidp_connadd_req *req, struct socket *ctrl_sock, struct socket *intr_sock)
803 struct hidp_session *session, *s;
804 int err;
806 BT_DBG("");
808 if (bacmp(&bt_sk(ctrl_sock->sk)->src, &bt_sk(intr_sock->sk)->src) ||
809 bacmp(&bt_sk(ctrl_sock->sk)->dst, &bt_sk(intr_sock->sk)->dst))
810 return -ENOTUNIQ;
812 session = kzalloc(sizeof(struct hidp_session), GFP_KERNEL);
813 if (!session)
814 return -ENOMEM;
816 BT_DBG("rd_data %p rd_size %d", req->rd_data, req->rd_size);
818 down_write(&hidp_session_sem);
820 s = __hidp_get_session(&bt_sk(ctrl_sock->sk)->dst);
821 if (s && s->state == BT_CONNECTED) {
822 err = -EEXIST;
823 goto failed;
826 bacpy(&session->bdaddr, &bt_sk(ctrl_sock->sk)->dst);
828 session->ctrl_mtu = min_t(uint, l2cap_pi(ctrl_sock->sk)->omtu, l2cap_pi(ctrl_sock->sk)->imtu);
829 session->intr_mtu = min_t(uint, l2cap_pi(intr_sock->sk)->omtu, l2cap_pi(intr_sock->sk)->imtu);
831 BT_DBG("ctrl mtu %d intr mtu %d", session->ctrl_mtu, session->intr_mtu);
833 session->ctrl_sock = ctrl_sock;
834 session->intr_sock = intr_sock;
835 session->state = BT_CONNECTED;
837 setup_timer(&session->timer, hidp_idle_timeout, (unsigned long)session);
839 skb_queue_head_init(&session->ctrl_transmit);
840 skb_queue_head_init(&session->intr_transmit);
842 session->flags = req->flags & (1 << HIDP_BLUETOOTH_VENDOR_ID);
843 session->idle_to = req->idle_to;
845 if (req->rd_size > 0) {
846 err = hidp_setup_hid(session, req);
847 if (err && err != -ENODEV)
848 goto purge;
851 if (!session->hid) {
852 err = hidp_setup_input(session, req);
853 if (err < 0)
854 goto purge;
857 __hidp_link_session(session);
859 hidp_set_timer(session);
861 err = kernel_thread(hidp_session, session, CLONE_KERNEL);
862 if (err < 0)
863 goto unlink;
865 if (session->input) {
866 hidp_send_ctrl_message(session,
867 HIDP_TRANS_SET_PROTOCOL | HIDP_PROTO_BOOT, NULL, 0);
868 session->flags |= (1 << HIDP_BOOT_PROTOCOL_MODE);
870 session->leds = 0xff;
871 hidp_input_event(session->input, EV_LED, 0, 0);
874 up_write(&hidp_session_sem);
875 return 0;
877 unlink:
878 hidp_del_timer(session);
880 __hidp_unlink_session(session);
882 if (session->input) {
883 input_unregister_device(session->input);
884 session->input = NULL;
887 if (session->hid) {
888 hid_destroy_device(session->hid);
889 session->hid = NULL;
892 purge:
893 skb_queue_purge(&session->ctrl_transmit);
894 skb_queue_purge(&session->intr_transmit);
896 failed:
897 up_write(&hidp_session_sem);
899 input_free_device(session->input);
900 kfree(session);
901 return err;
904 int hidp_del_connection(struct hidp_conndel_req *req)
906 struct hidp_session *session;
907 int err = 0;
909 BT_DBG("");
911 down_read(&hidp_session_sem);
913 session = __hidp_get_session(&req->bdaddr);
914 if (session) {
915 if (req->flags & (1 << HIDP_VIRTUAL_CABLE_UNPLUG)) {
916 hidp_send_ctrl_message(session,
917 HIDP_TRANS_HID_CONTROL | HIDP_CTRL_VIRTUAL_CABLE_UNPLUG, NULL, 0);
918 } else {
919 /* Flush the transmit queues */
920 skb_queue_purge(&session->ctrl_transmit);
921 skb_queue_purge(&session->intr_transmit);
923 /* Wakeup user-space polling for socket errors */
924 session->intr_sock->sk->sk_err = EUNATCH;
925 session->ctrl_sock->sk->sk_err = EUNATCH;
927 /* Kill session thread */
928 atomic_inc(&session->terminate);
929 hidp_schedule(session);
931 } else
932 err = -ENOENT;
934 up_read(&hidp_session_sem);
935 return err;
938 int hidp_get_connlist(struct hidp_connlist_req *req)
940 struct list_head *p;
941 int err = 0, n = 0;
943 BT_DBG("");
945 down_read(&hidp_session_sem);
947 list_for_each(p, &hidp_session_list) {
948 struct hidp_session *session;
949 struct hidp_conninfo ci;
951 session = list_entry(p, struct hidp_session, list);
953 __hidp_copy_session(session, &ci);
955 if (copy_to_user(req->ci, &ci, sizeof(ci))) {
956 err = -EFAULT;
957 break;
960 if (++n >= req->cnum)
961 break;
963 req->ci++;
965 req->cnum = n;
967 up_read(&hidp_session_sem);
968 return err;
971 int hidp_get_conninfo(struct hidp_conninfo *ci)
973 struct hidp_session *session;
974 int err = 0;
976 down_read(&hidp_session_sem);
978 session = __hidp_get_session(&ci->bdaddr);
979 if (session)
980 __hidp_copy_session(session, ci);
981 else
982 err = -ENOENT;
984 up_read(&hidp_session_sem);
985 return err;
988 static const struct hid_device_id hidp_table[] = {
989 { HID_BLUETOOTH_DEVICE(HID_ANY_ID, HID_ANY_ID) },
993 static struct hid_driver hidp_driver = {
994 .name = "generic-bluetooth",
995 .id_table = hidp_table,
998 static int __init hidp_init(void)
1000 int ret;
1002 l2cap_load();
1004 BT_INFO("HIDP (Human Interface Emulation) ver %s", VERSION);
1006 ret = hid_register_driver(&hidp_driver);
1007 if (ret)
1008 goto err;
1010 ret = hidp_init_sockets();
1011 if (ret)
1012 goto err_drv;
1014 return 0;
1015 err_drv:
1016 hid_unregister_driver(&hidp_driver);
1017 err:
1018 return ret;
1021 static void __exit hidp_exit(void)
1023 hidp_cleanup_sockets();
1024 hid_unregister_driver(&hidp_driver);
1027 module_init(hidp_init);
1028 module_exit(hidp_exit);
1030 MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
1031 MODULE_DESCRIPTION("Bluetooth HIDP ver " VERSION);
1032 MODULE_VERSION(VERSION);
1033 MODULE_LICENSE("GPL");
1034 MODULE_ALIAS("bt-proto-6");