CoCalc -- hci

GitHub Repository: awilliam/linux-vfio
Path: blob/master/net/bluetooth/hci_conn.c
¹⁵¹⁰⁹ views
1
/*
2
   BlueZ - Bluetooth protocol stack for Linux
3
   Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
4

5
   Written 2000,2001 by Maxim Krasnyansky <[email protected]>
6

7
   This program is free software; you can redistribute it and/or modify
8
   it under the terms of the GNU General Public License version 2 as
9
   published by the Free Software Foundation;
10

11
   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12
   OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13
   FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14
   IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15
   CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16
   WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17
   ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18
   OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19

20
   ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21
   COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22
   SOFTWARE IS DISCLAIMED.
23
*/
24

25
/* Bluetooth HCI connection handling. */
26

27
#include <linux/module.h>
28

29
#include <linux/types.h>
30
#include <linux/errno.h>
31
#include <linux/kernel.h>
32
#include <linux/slab.h>
33
#include <linux/poll.h>
34
#include <linux/fcntl.h>
35
#include <linux/init.h>
36
#include <linux/skbuff.h>
37
#include <linux/interrupt.h>
38
#include <linux/notifier.h>
39
#include <net/sock.h>
40

41
#include <asm/system.h>
42
#include <linux/uaccess.h>
43
#include <asm/unaligned.h>
44

45
#include <net/bluetooth/bluetooth.h>
46
#include <net/bluetooth/hci_core.h>
47

48
static void hci_le_connect(struct hci_conn *conn)
49
{
50
	struct hci_dev *hdev = conn->hdev;
51
	struct hci_cp_le_create_conn cp;
52

53
	conn->state = BT_CONNECT;
54
	conn->out = 1;
55
	conn->link_mode |= HCI_LM_MASTER;
56

57
	memset(&cp, 0, sizeof(cp));
58
	cp.scan_interval = cpu_to_le16(0x0004);
59
	cp.scan_window = cpu_to_le16(0x0004);
60
	bacpy(&cp.peer_addr, &conn->dst);
61
	cp.conn_interval_min = cpu_to_le16(0x0008);
62
	cp.conn_interval_max = cpu_to_le16(0x0100);
63
	cp.supervision_timeout = cpu_to_le16(0x0064);
64
	cp.min_ce_len = cpu_to_le16(0x0001);
65
	cp.max_ce_len = cpu_to_le16(0x0001);
66

67
	hci_send_cmd(hdev, HCI_OP_LE_CREATE_CONN, sizeof(cp), &cp);
68
}
69

70
static void hci_le_connect_cancel(struct hci_conn *conn)
71
{
72
	hci_send_cmd(conn->hdev, HCI_OP_LE_CREATE_CONN_CANCEL, 0, NULL);
73
}
74

75
void hci_acl_connect(struct hci_conn *conn)
76
{
77
	struct hci_dev *hdev = conn->hdev;
78
	struct inquiry_entry *ie;
79
	struct hci_cp_create_conn cp;
80

81
	BT_DBG("%p", conn);
82

83
	conn->state = BT_CONNECT;
84
	conn->out = 1;
85

86
	conn->link_mode = HCI_LM_MASTER;
87

88
	conn->attempt++;
89

90
	conn->link_policy = hdev->link_policy;
91

92
	memset(&cp, 0, sizeof(cp));
93
	bacpy(&cp.bdaddr, &conn->dst);
94
	cp.pscan_rep_mode = 0x02;
95

96
	ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
97
	if (ie) {
98
		if (inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) {
99
			cp.pscan_rep_mode = ie->data.pscan_rep_mode;
100
			cp.pscan_mode     = ie->data.pscan_mode;
101
			cp.clock_offset   = ie->data.clock_offset |
102
							cpu_to_le16(0x8000);
103
		}
104

105
		memcpy(conn->dev_class, ie->data.dev_class, 3);
106
		conn->ssp_mode = ie->data.ssp_mode;
107
	}
108

109
	cp.pkt_type = cpu_to_le16(conn->pkt_type);
110
	if (lmp_rswitch_capable(hdev) && !(hdev->link_mode & HCI_LM_MASTER))
111
		cp.role_switch = 0x01;
112
	else
113
		cp.role_switch = 0x00;
114

115
	hci_send_cmd(hdev, HCI_OP_CREATE_CONN, sizeof(cp), &cp);
116
}
117

118
static void hci_acl_connect_cancel(struct hci_conn *conn)
119
{
120
	struct hci_cp_create_conn_cancel cp;
121

122
	BT_DBG("%p", conn);
123

124
	if (conn->hdev->hci_ver < 2)
125
		return;
126

127
	bacpy(&cp.bdaddr, &conn->dst);
128
	hci_send_cmd(conn->hdev, HCI_OP_CREATE_CONN_CANCEL, sizeof(cp), &cp);
129
}
130

131
void hci_acl_disconn(struct hci_conn *conn, __u8 reason)
132
{
133
	struct hci_cp_disconnect cp;
134

135
	BT_DBG("%p", conn);
136

137
	conn->state = BT_DISCONN;
138

139
	cp.handle = cpu_to_le16(conn->handle);
140
	cp.reason = reason;
141
	hci_send_cmd(conn->hdev, HCI_OP_DISCONNECT, sizeof(cp), &cp);
142
}
143

144
void hci_add_sco(struct hci_conn *conn, __u16 handle)
145
{
146
	struct hci_dev *hdev = conn->hdev;
147
	struct hci_cp_add_sco cp;
148

149
	BT_DBG("%p", conn);
150

151
	conn->state = BT_CONNECT;
152
	conn->out = 1;
153

154
	conn->attempt++;
155

156
	cp.handle   = cpu_to_le16(handle);
157
	cp.pkt_type = cpu_to_le16(conn->pkt_type);
158

159
	hci_send_cmd(hdev, HCI_OP_ADD_SCO, sizeof(cp), &cp);
160
}
161

162
void hci_setup_sync(struct hci_conn *conn, __u16 handle)
163
{
164
	struct hci_dev *hdev = conn->hdev;
165
	struct hci_cp_setup_sync_conn cp;
166

167
	BT_DBG("%p", conn);
168

169
	conn->state = BT_CONNECT;
170
	conn->out = 1;
171

172
	conn->attempt++;
173

174
	cp.handle   = cpu_to_le16(handle);
175
	cp.pkt_type = cpu_to_le16(conn->pkt_type);
176

177
	cp.tx_bandwidth   = cpu_to_le32(0x00001f40);
178
	cp.rx_bandwidth   = cpu_to_le32(0x00001f40);
179
	cp.max_latency    = cpu_to_le16(0xffff);
180
	cp.voice_setting  = cpu_to_le16(hdev->voice_setting);
181
	cp.retrans_effort = 0xff;
182

183
	hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp);
184
}
185

186
void hci_le_conn_update(struct hci_conn *conn, u16 min, u16 max,
187
					u16 latency, u16 to_multiplier)
188
{
189
	struct hci_cp_le_conn_update cp;
190
	struct hci_dev *hdev = conn->hdev;
191

192
	memset(&cp, 0, sizeof(cp));
193

194
	cp.handle		= cpu_to_le16(conn->handle);
195
	cp.conn_interval_min	= cpu_to_le16(min);
196
	cp.conn_interval_max	= cpu_to_le16(max);
197
	cp.conn_latency		= cpu_to_le16(latency);
198
	cp.supervision_timeout	= cpu_to_le16(to_multiplier);
199
	cp.min_ce_len		= cpu_to_le16(0x0001);
200
	cp.max_ce_len		= cpu_to_le16(0x0001);
201

202
	hci_send_cmd(hdev, HCI_OP_LE_CONN_UPDATE, sizeof(cp), &cp);
203
}
204
EXPORT_SYMBOL(hci_le_conn_update);
205

206
/* Device _must_ be locked */
207
void hci_sco_setup(struct hci_conn *conn, __u8 status)
208
{
209
	struct hci_conn *sco = conn->link;
210

211
	BT_DBG("%p", conn);
212

213
	if (!sco)
214
		return;
215

216
	if (!status) {
217
		if (lmp_esco_capable(conn->hdev))
218
			hci_setup_sync(sco, conn->handle);
219
		else
220
			hci_add_sco(sco, conn->handle);
221
	} else {
222
		hci_proto_connect_cfm(sco, status);
223
		hci_conn_del(sco);
224
	}
225
}
226

227
static void hci_conn_timeout(unsigned long arg)
228
{
229
	struct hci_conn *conn = (void *) arg;
230
	struct hci_dev *hdev = conn->hdev;
231
	__u8 reason;
232

233
	BT_DBG("conn %p state %d", conn, conn->state);
234

235
	if (atomic_read(&conn->refcnt))
236
		return;
237

238
	hci_dev_lock(hdev);
239

240
	switch (conn->state) {
241
	case BT_CONNECT:
242
	case BT_CONNECT2:
243
		if (conn->out) {
244
			if (conn->type == ACL_LINK)
245
				hci_acl_connect_cancel(conn);
246
			else if (conn->type == LE_LINK)
247
				hci_le_connect_cancel(conn);
248
		}
249
		break;
250
	case BT_CONFIG:
251
	case BT_CONNECTED:
252
		reason = hci_proto_disconn_ind(conn);
253
		hci_acl_disconn(conn, reason);
254
		break;
255
	default:
256
		conn->state = BT_CLOSED;
257
		break;
258
	}
259

260
	hci_dev_unlock(hdev);
261
}
262

263
static void hci_conn_idle(unsigned long arg)
264
{
265
	struct hci_conn *conn = (void *) arg;
266

267
	BT_DBG("conn %p mode %d", conn, conn->mode);
268

269
	hci_conn_enter_sniff_mode(conn);
270
}
271

272
static void hci_conn_auto_accept(unsigned long arg)
273
{
274
	struct hci_conn *conn = (void *) arg;
275
	struct hci_dev *hdev = conn->hdev;
276

277
	hci_dev_lock(hdev);
278

279
	hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY, sizeof(conn->dst),
280
								&conn->dst);
281

282
	hci_dev_unlock(hdev);
283
}
284

285
struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst)
286
{
287
	struct hci_conn *conn;
288

289
	BT_DBG("%s dst %s", hdev->name, batostr(dst));
290

291
	conn = kzalloc(sizeof(struct hci_conn), GFP_ATOMIC);
292
	if (!conn)
293
		return NULL;
294

295
	bacpy(&conn->dst, dst);
296
	conn->hdev  = hdev;
297
	conn->type  = type;
298
	conn->mode  = HCI_CM_ACTIVE;
299
	conn->state = BT_OPEN;
300
	conn->auth_type = HCI_AT_GENERAL_BONDING;
301
	conn->io_capability = hdev->io_capability;
302
	conn->remote_auth = 0xff;
303
	conn->key_type = 0xff;
304

305
	conn->power_save = 1;
306
	conn->disc_timeout = HCI_DISCONN_TIMEOUT;
307

308
	switch (type) {
309
	case ACL_LINK:
310
		conn->pkt_type = hdev->pkt_type & ACL_PTYPE_MASK;
311
		break;
312
	case SCO_LINK:
313
		if (lmp_esco_capable(hdev))
314
			conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
315
					(hdev->esco_type & EDR_ESCO_MASK);
316
		else
317
			conn->pkt_type = hdev->pkt_type & SCO_PTYPE_MASK;
318
		break;
319
	case ESCO_LINK:
320
		conn->pkt_type = hdev->esco_type & ~EDR_ESCO_MASK;
321
		break;
322
	}
323

324
	skb_queue_head_init(&conn->data_q);
325

326
	setup_timer(&conn->disc_timer, hci_conn_timeout, (unsigned long)conn);
327
	setup_timer(&conn->idle_timer, hci_conn_idle, (unsigned long)conn);
328
	setup_timer(&conn->auto_accept_timer, hci_conn_auto_accept,
329
							(unsigned long) conn);
330

331
	atomic_set(&conn->refcnt, 0);
332

333
	hci_dev_hold(hdev);
334

335
	tasklet_disable(&hdev->tx_task);
336

337
	hci_conn_hash_add(hdev, conn);
338
	if (hdev->notify)
339
		hdev->notify(hdev, HCI_NOTIFY_CONN_ADD);
340

341
	atomic_set(&conn->devref, 0);
342

343
	hci_conn_init_sysfs(conn);
344

345
	tasklet_enable(&hdev->tx_task);
346

347
	return conn;
348
}
349

350
int hci_conn_del(struct hci_conn *conn)
351
{
352
	struct hci_dev *hdev = conn->hdev;
353

354
	BT_DBG("%s conn %p handle %d", hdev->name, conn, conn->handle);
355

356
	del_timer(&conn->idle_timer);
357

358
	del_timer(&conn->disc_timer);
359

360
	del_timer(&conn->auto_accept_timer);
361

362
	if (conn->type == ACL_LINK) {
363
		struct hci_conn *sco = conn->link;
364
		if (sco)
365
			sco->link = NULL;
366

367
		/* Unacked frames */
368
		hdev->acl_cnt += conn->sent;
369
	} else if (conn->type == LE_LINK) {
370
		if (hdev->le_pkts)
371
			hdev->le_cnt += conn->sent;
372
		else
373
			hdev->acl_cnt += conn->sent;
374
	} else {
375
		struct hci_conn *acl = conn->link;
376
		if (acl) {
377
			acl->link = NULL;
378
			hci_conn_put(acl);
379
		}
380
	}
381

382
	tasklet_disable(&hdev->tx_task);
383

384
	hci_conn_hash_del(hdev, conn);
385
	if (hdev->notify)
386
		hdev->notify(hdev, HCI_NOTIFY_CONN_DEL);
387

388
	tasklet_enable(&hdev->tx_task);
389

390
	skb_queue_purge(&conn->data_q);
391

392
	hci_conn_put_device(conn);
393

394
	hci_dev_put(hdev);
395

396
	if (conn->handle == 0)
397
		kfree(conn);
398

399
	return 0;
400
}
401

402
struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
403
{
404
	int use_src = bacmp(src, BDADDR_ANY);
405
	struct hci_dev *hdev = NULL;
406
	struct list_head *p;
407

408
	BT_DBG("%s -> %s", batostr(src), batostr(dst));
409

410
	read_lock_bh(&hci_dev_list_lock);
411

412
	list_for_each(p, &hci_dev_list) {
413
		struct hci_dev *d = list_entry(p, struct hci_dev, list);
414

415
		if (!test_bit(HCI_UP, &d->flags) || test_bit(HCI_RAW, &d->flags))
416
			continue;
417

418
		/* Simple routing:
419
		 *   No source address - find interface with bdaddr != dst
420
		 *   Source address    - find interface with bdaddr == src
421
		 */
422

423
		if (use_src) {
424
			if (!bacmp(&d->bdaddr, src)) {
425
				hdev = d; break;
426
			}
427
		} else {
428
			if (bacmp(&d->bdaddr, dst)) {
429
				hdev = d; break;
430
			}
431
		}
432
	}
433

434
	if (hdev)
435
		hdev = hci_dev_hold(hdev);
436

437
	read_unlock_bh(&hci_dev_list_lock);
438
	return hdev;
439
}
440
EXPORT_SYMBOL(hci_get_route);
441

442
/* Create SCO, ACL or LE connection.
443
 * Device _must_ be locked */
444
struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst, __u8 sec_level, __u8 auth_type)
445
{
446
	struct hci_conn *acl;
447
	struct hci_conn *sco;
448
	struct hci_conn *le;
449

450
	BT_DBG("%s dst %s", hdev->name, batostr(dst));
451

452
	if (type == LE_LINK) {
453
		le = hci_conn_hash_lookup_ba(hdev, LE_LINK, dst);
454
		if (le)
455
			return ERR_PTR(-EBUSY);
456
		le = hci_conn_add(hdev, LE_LINK, dst);
457
		if (!le)
458
			return ERR_PTR(-ENOMEM);
459
		if (le->state == BT_OPEN)
460
			hci_le_connect(le);
461

462
		hci_conn_hold(le);
463

464
		return le;
465
	}
466

467
	acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst);
468
	if (!acl) {
469
		acl = hci_conn_add(hdev, ACL_LINK, dst);
470
		if (!acl)
471
			return NULL;
472
	}
473

474
	hci_conn_hold(acl);
475

476
	if (acl->state == BT_OPEN || acl->state == BT_CLOSED) {
477
		acl->sec_level = BT_SECURITY_LOW;
478
		acl->pending_sec_level = sec_level;
479
		acl->auth_type = auth_type;
480
		hci_acl_connect(acl);
481
	}
482

483
	if (type == ACL_LINK)
484
		return acl;
485

486
	sco = hci_conn_hash_lookup_ba(hdev, type, dst);
487
	if (!sco) {
488
		sco = hci_conn_add(hdev, type, dst);
489
		if (!sco) {
490
			hci_conn_put(acl);
491
			return NULL;
492
		}
493
	}
494

495
	acl->link = sco;
496
	sco->link = acl;
497

498
	hci_conn_hold(sco);
499

500
	if (acl->state == BT_CONNECTED &&
501
			(sco->state == BT_OPEN || sco->state == BT_CLOSED)) {
502
		acl->power_save = 1;
503
		hci_conn_enter_active_mode(acl);
504

505
		if (test_bit(HCI_CONN_MODE_CHANGE_PEND, &acl->pend)) {
506
			/* defer SCO setup until mode change completed */
507
			set_bit(HCI_CONN_SCO_SETUP_PEND, &acl->pend);
508
			return sco;
509
		}
510

511
		hci_sco_setup(acl, 0x00);
512
	}
513

514
	return sco;
515
}
516
EXPORT_SYMBOL(hci_connect);
517

518
/* Check link security requirement */
519
int hci_conn_check_link_mode(struct hci_conn *conn)
520
{
521
	BT_DBG("conn %p", conn);
522

523
	if (conn->ssp_mode > 0 && conn->hdev->ssp_mode > 0 &&
524
					!(conn->link_mode & HCI_LM_ENCRYPT))
525
		return 0;
526

527
	return 1;
528
}
529
EXPORT_SYMBOL(hci_conn_check_link_mode);
530

531
/* Authenticate remote device */
532
static int hci_conn_auth(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
533
{
534
	BT_DBG("conn %p", conn);
535

536
	if (conn->pending_sec_level > sec_level)
537
		sec_level = conn->pending_sec_level;
538

539
	if (sec_level > conn->sec_level)
540
		conn->pending_sec_level = sec_level;
541
	else if (conn->link_mode & HCI_LM_AUTH)
542
		return 1;
543

544
	/* Make sure we preserve an existing MITM requirement*/
545
	auth_type |= (conn->auth_type & 0x01);
546

547
	conn->auth_type = auth_type;
548

549
	if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
550
		struct hci_cp_auth_requested cp;
551
		cp.handle = cpu_to_le16(conn->handle);
552
		hci_send_cmd(conn->hdev, HCI_OP_AUTH_REQUESTED,
553
							sizeof(cp), &cp);
554
	}
555

556
	return 0;
557
}
558

559
/* Encrypt the the link */
560
static void hci_conn_encrypt(struct hci_conn *conn)
561
{
562
	BT_DBG("conn %p", conn);
563

564
	if (!test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
565
		struct hci_cp_set_conn_encrypt cp;
566
		cp.handle  = cpu_to_le16(conn->handle);
567
		cp.encrypt = 0x01;
568
		hci_send_cmd(conn->hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
569
									&cp);
570
	}
571
}
572

573
/* Enable security */
574
int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
575
{
576
	BT_DBG("conn %p", conn);
577

578
	/* For sdp we don't need the link key. */
579
	if (sec_level == BT_SECURITY_SDP)
580
		return 1;
581

582
	/* For non 2.1 devices and low security level we don't need the link
583
	   key. */
584
	if (sec_level == BT_SECURITY_LOW &&
585
				(!conn->ssp_mode || !conn->hdev->ssp_mode))
586
		return 1;
587

588
	/* For other security levels we need the link key. */
589
	if (!(conn->link_mode & HCI_LM_AUTH))
590
		goto auth;
591

592
	/* An authenticated combination key has sufficient security for any
593
	   security level. */
594
	if (conn->key_type == HCI_LK_AUTH_COMBINATION)
595
		goto encrypt;
596

597
	/* An unauthenticated combination key has sufficient security for
598
	   security level 1 and 2. */
599
	if (conn->key_type == HCI_LK_UNAUTH_COMBINATION &&
600
			(sec_level == BT_SECURITY_MEDIUM ||
601
			sec_level == BT_SECURITY_LOW))
602
		goto encrypt;
603

604
	/* A combination key has always sufficient security for the security
605
	   levels 1 or 2. High security level requires the combination key
606
	   is generated using maximum PIN code length (16).
607
	   For pre 2.1 units. */
608
	if (conn->key_type == HCI_LK_COMBINATION &&
609
			(sec_level != BT_SECURITY_HIGH ||
610
			conn->pin_length == 16))
611
		goto encrypt;
612

613
auth:
614
	if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend))
615
		return 0;
616

617
	if (!hci_conn_auth(conn, sec_level, auth_type))
618
		return 0;
619

620
encrypt:
621
	if (conn->link_mode & HCI_LM_ENCRYPT)
622
		return 1;
623

624
	hci_conn_encrypt(conn);
625
	return 0;
626
}
627
EXPORT_SYMBOL(hci_conn_security);
628

629
/* Check secure link requirement */
630
int hci_conn_check_secure(struct hci_conn *conn, __u8 sec_level)
631
{
632
	BT_DBG("conn %p", conn);
633

634
	if (sec_level != BT_SECURITY_HIGH)
635
		return 1; /* Accept if non-secure is required */
636

637
	if (conn->key_type == HCI_LK_AUTH_COMBINATION ||
638
			(conn->key_type == HCI_LK_COMBINATION &&
639
			conn->pin_length == 16))
640
		return 1;
641

642
	return 0; /* Reject not secure link */
643
}
644
EXPORT_SYMBOL(hci_conn_check_secure);
645

646
/* Change link key */
647
int hci_conn_change_link_key(struct hci_conn *conn)
648
{
649
	BT_DBG("conn %p", conn);
650

651
	if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
652
		struct hci_cp_change_conn_link_key cp;
653
		cp.handle = cpu_to_le16(conn->handle);
654
		hci_send_cmd(conn->hdev, HCI_OP_CHANGE_CONN_LINK_KEY,
655
							sizeof(cp), &cp);
656
	}
657

658
	return 0;
659
}
660
EXPORT_SYMBOL(hci_conn_change_link_key);
661

662
/* Switch role */
663
int hci_conn_switch_role(struct hci_conn *conn, __u8 role)
664
{
665
	BT_DBG("conn %p", conn);
666

667
	if (!role && conn->link_mode & HCI_LM_MASTER)
668
		return 1;
669

670
	if (!test_and_set_bit(HCI_CONN_RSWITCH_PEND, &conn->pend)) {
671
		struct hci_cp_switch_role cp;
672
		bacpy(&cp.bdaddr, &conn->dst);
673
		cp.role = role;
674
		hci_send_cmd(conn->hdev, HCI_OP_SWITCH_ROLE, sizeof(cp), &cp);
675
	}
676

677
	return 0;
678
}
679
EXPORT_SYMBOL(hci_conn_switch_role);
680

681
/* Enter active mode */
682
void hci_conn_enter_active_mode(struct hci_conn *conn)
683
{
684
	struct hci_dev *hdev = conn->hdev;
685

686
	BT_DBG("conn %p mode %d", conn, conn->mode);
687

688
	if (test_bit(HCI_RAW, &hdev->flags))
689
		return;
690

691
	if (conn->mode != HCI_CM_SNIFF || !conn->power_save)
692
		goto timer;
693

694
	if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
695
		struct hci_cp_exit_sniff_mode cp;
696
		cp.handle = cpu_to_le16(conn->handle);
697
		hci_send_cmd(hdev, HCI_OP_EXIT_SNIFF_MODE, sizeof(cp), &cp);
698
	}
699

700
timer:
701
	if (hdev->idle_timeout > 0)
702
		mod_timer(&conn->idle_timer,
703
			jiffies + msecs_to_jiffies(hdev->idle_timeout));
704
}
705

706
/* Enter sniff mode */
707
void hci_conn_enter_sniff_mode(struct hci_conn *conn)
708
{
709
	struct hci_dev *hdev = conn->hdev;
710

711
	BT_DBG("conn %p mode %d", conn, conn->mode);
712

713
	if (test_bit(HCI_RAW, &hdev->flags))
714
		return;
715

716
	if (!lmp_sniff_capable(hdev) || !lmp_sniff_capable(conn))
717
		return;
718

719
	if (conn->mode != HCI_CM_ACTIVE || !(conn->link_policy & HCI_LP_SNIFF))
720
		return;
721

722
	if (lmp_sniffsubr_capable(hdev) && lmp_sniffsubr_capable(conn)) {
723
		struct hci_cp_sniff_subrate cp;
724
		cp.handle             = cpu_to_le16(conn->handle);
725
		cp.max_latency        = cpu_to_le16(0);
726
		cp.min_remote_timeout = cpu_to_le16(0);
727
		cp.min_local_timeout  = cpu_to_le16(0);
728
		hci_send_cmd(hdev, HCI_OP_SNIFF_SUBRATE, sizeof(cp), &cp);
729
	}
730

731
	if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
732
		struct hci_cp_sniff_mode cp;
733
		cp.handle       = cpu_to_le16(conn->handle);
734
		cp.max_interval = cpu_to_le16(hdev->sniff_max_interval);
735
		cp.min_interval = cpu_to_le16(hdev->sniff_min_interval);
736
		cp.attempt      = cpu_to_le16(4);
737
		cp.timeout      = cpu_to_le16(1);
738
		hci_send_cmd(hdev, HCI_OP_SNIFF_MODE, sizeof(cp), &cp);
739
	}
740
}
741

742
/* Drop all connection on the device */
743
void hci_conn_hash_flush(struct hci_dev *hdev)
744
{
745
	struct hci_conn_hash *h = &hdev->conn_hash;
746
	struct list_head *p;
747

748
	BT_DBG("hdev %s", hdev->name);
749

750
	p = h->list.next;
751
	while (p != &h->list) {
752
		struct hci_conn *c;
753

754
		c = list_entry(p, struct hci_conn, list);
755
		p = p->next;
756

757
		c->state = BT_CLOSED;
758

759
		hci_proto_disconn_cfm(c, 0x16);
760
		hci_conn_del(c);
761
	}
762
}
763

764
/* Check pending connect attempts */
765
void hci_conn_check_pending(struct hci_dev *hdev)
766
{
767
	struct hci_conn *conn;
768

769
	BT_DBG("hdev %s", hdev->name);
770

771
	hci_dev_lock(hdev);
772

773
	conn = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
774
	if (conn)
775
		hci_acl_connect(conn);
776

777
	hci_dev_unlock(hdev);
778
}
779

780
void hci_conn_hold_device(struct hci_conn *conn)
781
{
782
	atomic_inc(&conn->devref);
783
}
784
EXPORT_SYMBOL(hci_conn_hold_device);
785

786
void hci_conn_put_device(struct hci_conn *conn)
787
{
788
	if (atomic_dec_and_test(&conn->devref))
789
		hci_conn_del_sysfs(conn);
790
}
791
EXPORT_SYMBOL(hci_conn_put_device);
792

793
int hci_get_conn_list(void __user *arg)
794
{
795
	struct hci_conn_list_req req, *cl;
796
	struct hci_conn_info *ci;
797
	struct hci_dev *hdev;
798
	struct list_head *p;
799
	int n = 0, size, err;
800

801
	if (copy_from_user(&req, arg, sizeof(req)))
802
		return -EFAULT;
803

804
	if (!req.conn_num || req.conn_num > (PAGE_SIZE * 2) / sizeof(*ci))
805
		return -EINVAL;
806

807
	size = sizeof(req) + req.conn_num * sizeof(*ci);
808

809
	cl = kmalloc(size, GFP_KERNEL);
810
	if (!cl)
811
		return -ENOMEM;
812

813
	hdev = hci_dev_get(req.dev_id);
814
	if (!hdev) {
815
		kfree(cl);
816
		return -ENODEV;
817
	}
818

819
	ci = cl->conn_info;
820

821
	hci_dev_lock_bh(hdev);
822
	list_for_each(p, &hdev->conn_hash.list) {
823
		register struct hci_conn *c;
824
		c = list_entry(p, struct hci_conn, list);
825

826
		bacpy(&(ci + n)->bdaddr, &c->dst);
827
		(ci + n)->handle = c->handle;
828
		(ci + n)->type  = c->type;
829
		(ci + n)->out   = c->out;
830
		(ci + n)->state = c->state;
831
		(ci + n)->link_mode = c->link_mode;
832
		if (++n >= req.conn_num)
833
			break;
834
	}
835
	hci_dev_unlock_bh(hdev);
836

837
	cl->dev_id = hdev->id;
838
	cl->conn_num = n;
839
	size = sizeof(req) + n * sizeof(*ci);
840

841
	hci_dev_put(hdev);
842

843
	err = copy_to_user(arg, cl, size);
844
	kfree(cl);
845

846
	return err ? -EFAULT : 0;
847
}
848

849
int hci_get_conn_info(struct hci_dev *hdev, void __user *arg)
850
{
851
	struct hci_conn_info_req req;
852
	struct hci_conn_info ci;
853
	struct hci_conn *conn;
854
	char __user *ptr = arg + sizeof(req);
855

856
	if (copy_from_user(&req, arg, sizeof(req)))
857
		return -EFAULT;
858

859
	hci_dev_lock_bh(hdev);
860
	conn = hci_conn_hash_lookup_ba(hdev, req.type, &req.bdaddr);
861
	if (conn) {
862
		bacpy(&ci.bdaddr, &conn->dst);
863
		ci.handle = conn->handle;
864
		ci.type  = conn->type;
865
		ci.out   = conn->out;
866
		ci.state = conn->state;
867
		ci.link_mode = conn->link_mode;
868
	}
869
	hci_dev_unlock_bh(hdev);
870

871
	if (!conn)
872
		return -ENOENT;
873

874
	return copy_to_user(ptr, &ci, sizeof(ci)) ? -EFAULT : 0;
875
}
876

877
int hci_get_auth_info(struct hci_dev *hdev, void __user *arg)
878
{
879
	struct hci_auth_info_req req;
880
	struct hci_conn *conn;
881

882
	if (copy_from_user(&req, arg, sizeof(req)))
883
		return -EFAULT;
884

885
	hci_dev_lock_bh(hdev);
886
	conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &req.bdaddr);
887
	if (conn)
888
		req.type = conn->auth_type;
889
	hci_dev_unlock_bh(hdev);
890

891
	if (!conn)
892
		return -ENOENT;
893

894
	return copy_to_user(arg, &req, sizeof(req)) ? -EFAULT : 0;
895
}
896

897
Product

Resources

Company
