projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
iwlwifi: don't perform "echo test" when cmd queue stuck
[deliverable/linux.git] / net / bluetooth / hci_conn.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI connection handling. */
26
1da177e4
LT		 27#include <linux/module.h>
28
29#include <linux/types.h>
30#include <linux/errno.h>
31#include <linux/kernel.h>
1da177e4
LT		 32#include <linux/slab.h>
33#include <linux/poll.h>
34#include <linux/fcntl.h>
35#include <linux/init.h>
36#include <linux/skbuff.h>
37#include <linux/interrupt.h>
38#include <linux/notifier.h>
39#include <net/sock.h>
40
41#include <asm/system.h>
70f23020 42#include <linux/uaccess.h>
1da177e4
LT		 43#include <asm/unaligned.h>
44
45#include <net/bluetooth/bluetooth.h>
46#include <net/bluetooth/hci_core.h>
47
fcd89c09
VT		 48static void hci_le_connect(struct hci_conn *conn)
49{
50 struct hci_dev *hdev = conn->hdev;
51 struct hci_cp_le_create_conn cp;
52
53 conn->state = BT_CONNECT;
54 conn->out = 1;
b92a6223 55 conn->link_mode |= HCI_LM_MASTER;
7b5c0d52 56 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 57
58 memset(&cp, 0, sizeof(cp));
0e833915
AL		 59 cp.scan_interval = cpu_to_le16(0x0060);
60 cp.scan_window = cpu_to_le16(0x0030);
fcd89c09 61 bacpy(&cp.peer_addr, &conn->dst);
6d3ce0e7 62 cp.peer_addr_type = conn->dst_type;
0e833915
AL		 63 cp.conn_interval_min = cpu_to_le16(0x0028);
64 cp.conn_interval_max = cpu_to_le16(0x0038);
65 cp.supervision_timeout = cpu_to_le16(0x002a);
66 cp.min_ce_len = cpu_to_le16(0x0000);
67 cp.max_ce_len = cpu_to_le16(0x0000);
fcd89c09
VT		 68
69 hci_send_cmd(hdev, HCI_OP_LE_CREATE_CONN, sizeof(cp), &cp);
70}
71
72static void hci_le_connect_cancel(struct hci_conn *conn)
73{
74 hci_send_cmd(conn->hdev, HCI_OP_LE_CREATE_CONN_CANCEL, 0, NULL);
75}
76
4c67bc74 77void hci_acl_connect(struct hci_conn *conn)
1da177e4
LT		 78{
79 struct hci_dev *hdev = conn->hdev;
80 struct inquiry_entry *ie;
81 struct hci_cp_create_conn cp;
82
83 BT_DBG("%p", conn);
84
85 conn->state = BT_CONNECT;
a8746417
MH		 86 conn->out = 1;
87
1da177e4
LT		 88 conn->link_mode = HCI_LM_MASTER;
89
4c67bc74
MH		 90 conn->attempt++;
91
e4e8e37c
MH		 92 conn->link_policy = hdev->link_policy;
93
1da177e4
LT		 94 memset(&cp, 0, sizeof(cp));
95 bacpy(&cp.bdaddr, &conn->dst);
96 cp.pscan_rep_mode = 0x02;
97
70f23020
AE		 98 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
99 if (ie) {
41a96212
MH		 100 if (inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) {
101 cp.pscan_rep_mode = ie->data.pscan_rep_mode;
102 cp.pscan_mode = ie->data.pscan_mode;
103 cp.clock_offset = ie->data.clock_offset |
104 cpu_to_le16(0x8000);
105 }
106
1da177e4 107 memcpy(conn->dev_class, ie->data.dev_class, 3);
41a96212 108 conn->ssp_mode = ie->data.ssp_mode;
1da177e4
LT		 109 }
110
a8746417 111 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1da177e4 112 if (lmp_rswitch_capable(hdev) && !(hdev->link_mode & HCI_LM_MASTER))
b6a0dc82 113 cp.role_switch = 0x01;
1da177e4 114 else
b6a0dc82 115 cp.role_switch = 0x00;
4c67bc74 116
a9de9248 117 hci_send_cmd(hdev, HCI_OP_CREATE_CONN, sizeof(cp), &cp);
1da177e4
LT		 118}
119
6ac59344
MH		 120static void hci_acl_connect_cancel(struct hci_conn *conn)
121{
122 struct hci_cp_create_conn_cancel cp;
123
124 BT_DBG("%p", conn);
125
126 if (conn->hdev->hci_ver < 2)
127 return;
128
129 bacpy(&cp.bdaddr, &conn->dst);
a9de9248 130 hci_send_cmd(conn->hdev, HCI_OP_CREATE_CONN_CANCEL, sizeof(cp), &cp);
6ac59344
MH		 131}
132
1da177e4
LT		 133void hci_acl_disconn(struct hci_conn *conn, __u8 reason)
134{
135 struct hci_cp_disconnect cp;
136
137 BT_DBG("%p", conn);
138
139 conn->state = BT_DISCONN;
140
aca3192c 141 cp.handle = cpu_to_le16(conn->handle);
1da177e4 142 cp.reason = reason;
a9de9248 143 hci_send_cmd(conn->hdev, HCI_OP_DISCONNECT, sizeof(cp), &cp);
1da177e4
LT		 144}
145
146void hci_add_sco(struct hci_conn *conn, __u16 handle)
147{
148 struct hci_dev *hdev = conn->hdev;
149 struct hci_cp_add_sco cp;
150
151 BT_DBG("%p", conn);
152
153 conn->state = BT_CONNECT;
154 conn->out = 1;
155
efc7688b
MH		 156 conn->attempt++;
157
aca3192c 158 cp.handle = cpu_to_le16(handle);
a8746417 159 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1da177e4 160
a9de9248 161 hci_send_cmd(hdev, HCI_OP_ADD_SCO, sizeof(cp), &cp);
1da177e4
LT		 162}
163
b6a0dc82
MH		 164void hci_setup_sync(struct hci_conn *conn, __u16 handle)
165{
166 struct hci_dev *hdev = conn->hdev;
167 struct hci_cp_setup_sync_conn cp;
168
169 BT_DBG("%p", conn);
170
171 conn->state = BT_CONNECT;
172 conn->out = 1;
173
efc7688b
MH		 174 conn->attempt++;
175
b6a0dc82 176 cp.handle = cpu_to_le16(handle);
a8746417 177 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82
MH		 178
179 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
180 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
181 cp.max_latency = cpu_to_le16(0xffff);
182 cp.voice_setting = cpu_to_le16(hdev->voice_setting);
183 cp.retrans_effort = 0xff;
184
185 hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp);
186}
187
2ce603eb
CT		 188void hci_le_conn_update(struct hci_conn *conn, u16 min, u16 max,
189 u16 latency, u16 to_multiplier)
190{
191 struct hci_cp_le_conn_update cp;
192 struct hci_dev *hdev = conn->hdev;
193
194 memset(&cp, 0, sizeof(cp));
195
196 cp.handle = cpu_to_le16(conn->handle);
197 cp.conn_interval_min = cpu_to_le16(min);
198 cp.conn_interval_max = cpu_to_le16(max);
199 cp.conn_latency = cpu_to_le16(latency);
200 cp.supervision_timeout = cpu_to_le16(to_multiplier);
201 cp.min_ce_len = cpu_to_le16(0x0001);
202 cp.max_ce_len = cpu_to_le16(0x0001);
203
204 hci_send_cmd(hdev, HCI_OP_LE_CONN_UPDATE, sizeof(cp), &cp);
205}
206EXPORT_SYMBOL(hci_le_conn_update);
207
a7a595f6
VCG		 208void hci_le_start_enc(struct hci_conn *conn, __le16 ediv, __u8 rand[8],
209 __u8 ltk[16])
210{
211 struct hci_dev *hdev = conn->hdev;
212 struct hci_cp_le_start_enc cp;
213
214 BT_DBG("%p", conn);
215
216 memset(&cp, 0, sizeof(cp));
217
218 cp.handle = cpu_to_le16(conn->handle);
219 memcpy(cp.ltk, ltk, sizeof(cp.ltk));
220 cp.ediv = ediv;
51beabdf 221 memcpy(cp.rand, rand, sizeof(cp.rand));
a7a595f6
VCG		 222
223 hci_send_cmd(hdev, HCI_OP_LE_START_ENC, sizeof(cp), &cp);
224}
225EXPORT_SYMBOL(hci_le_start_enc);
226
227void hci_le_ltk_reply(struct hci_conn *conn, u8 ltk[16])
228{
229 struct hci_dev *hdev = conn->hdev;
230 struct hci_cp_le_ltk_reply cp;
231
232 BT_DBG("%p", conn);
233
234 memset(&cp, 0, sizeof(cp));
235
236 cp.handle = cpu_to_le16(conn->handle);
237 memcpy(cp.ltk, ltk, sizeof(ltk));
238
239 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
240}
241EXPORT_SYMBOL(hci_le_ltk_reply);
242
243void hci_le_ltk_neg_reply(struct hci_conn *conn)
244{
245 struct hci_dev *hdev = conn->hdev;
246 struct hci_cp_le_ltk_neg_reply cp;
247
248 BT_DBG("%p", conn);
249
250 memset(&cp, 0, sizeof(cp));
251
252 cp.handle = cpu_to_le16(conn->handle);
253
254 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(cp), &cp);
255}
256
e73439d8
MH		 257/* Device _must_ be locked */
258void hci_sco_setup(struct hci_conn *conn, __u8 status)
259{
260 struct hci_conn *sco = conn->link;
261
262 BT_DBG("%p", conn);
263
264 if (!sco)
265 return;
266
267 if (!status) {
268 if (lmp_esco_capable(conn->hdev))
269 hci_setup_sync(sco, conn->handle);
270 else
271 hci_add_sco(sco, conn->handle);
272 } else {
273 hci_proto_connect_cfm(sco, status);
274 hci_conn_del(sco);
275 }
276}
277
1da177e4
LT		 278static void hci_conn_timeout(unsigned long arg)
279{
04837f64
MH		 280 struct hci_conn *conn = (void *) arg;
281 struct hci_dev *hdev = conn->hdev;
2950f21a 282 __u8 reason;
1da177e4
LT		 283
284 BT_DBG("conn %p state %d", conn, conn->state);
285
286 if (atomic_read(&conn->refcnt))
287 return;
288
289 hci_dev_lock(hdev);
6ac59344
MH		 290
291 switch (conn->state) {
292 case BT_CONNECT:
769be974 293 case BT_CONNECT2:
fcd89c09
VT		 294 if (conn->out) {
295 if (conn->type == ACL_LINK)
296 hci_acl_connect_cancel(conn);
297 else if (conn->type == LE_LINK)
298 hci_le_connect_cancel(conn);
299 }
6ac59344 300 break;
769be974 301 case BT_CONFIG:
8e87d142 302 case BT_CONNECTED:
2950f21a
MH		 303 reason = hci_proto_disconn_ind(conn);
304 hci_acl_disconn(conn, reason);
6ac59344
MH		 305 break;
306 default:
1da177e4 307 conn->state = BT_CLOSED;
6ac59344
MH		 308 break;
309 }
310
1da177e4 311 hci_dev_unlock(hdev);
1da177e4
LT		 312}
313
04837f64 314static void hci_conn_idle(unsigned long arg)
1da177e4 315{
04837f64
MH		 316 struct hci_conn *conn = (void *) arg;
317
318 BT_DBG("conn %p mode %d", conn, conn->mode);
319
320 hci_conn_enter_sniff_mode(conn);
1da177e4
LT		 321}
322
9f61656a
JH		 323static void hci_conn_auto_accept(unsigned long arg)
324{
325 struct hci_conn *conn = (void *) arg;
326 struct hci_dev *hdev = conn->hdev;
327
328 hci_dev_lock(hdev);
329
330 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY, sizeof(conn->dst),
331 &conn->dst);
332
333 hci_dev_unlock(hdev);
334}
335
1da177e4
LT		 336struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst)
337{
338 struct hci_conn *conn;
339
340 BT_DBG("%s dst %s", hdev->name, batostr(dst));
341
04837f64
MH		 342 conn = kzalloc(sizeof(struct hci_conn), GFP_ATOMIC);
343 if (!conn)
1da177e4 344 return NULL;
1da177e4
LT		 345
346 bacpy(&conn->dst, dst);
a8746417
MH		 347 conn->hdev = hdev;
348 conn->type = type;
349 conn->mode = HCI_CM_ACTIVE;
350 conn->state = BT_OPEN;
93f19c9f 351 conn->auth_type = HCI_AT_GENERAL_BONDING;
17fa4b9d 352 conn->io_capability = hdev->io_capability;
a9583556 353 conn->remote_auth = 0xff;
13d39315 354 conn->key_type = 0xff;
1da177e4 355
04837f64 356 conn->power_save = 1;
052b30b0 357 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
04837f64 358
a8746417
MH		 359 switch (type) {
360 case ACL_LINK:
361 conn->pkt_type = hdev->pkt_type & ACL_PTYPE_MASK;
362 break;
363 case SCO_LINK:
364 if (lmp_esco_capable(hdev))
efc7688b
MH		 365 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
366 (hdev->esco_type & EDR_ESCO_MASK);
a8746417
MH		 367 else
368 conn->pkt_type = hdev->pkt_type & SCO_PTYPE_MASK;
369 break;
370 case ESCO_LINK:
efc7688b 371 conn->pkt_type = hdev->esco_type & ~EDR_ESCO_MASK;
a8746417
MH		 372 break;
373 }
374
1da177e4 375 skb_queue_head_init(&conn->data_q);
04837f64 376
b24b8a24
PE		 377 setup_timer(&conn->disc_timer, hci_conn_timeout, (unsigned long)conn);
378 setup_timer(&conn->idle_timer, hci_conn_idle, (unsigned long)conn);
9f61656a
JH		 379 setup_timer(&conn->auto_accept_timer, hci_conn_auto_accept,
380 (unsigned long) conn);
1da177e4
LT		 381
382 atomic_set(&conn->refcnt, 0);
383
384 hci_dev_hold(hdev);
385
386 tasklet_disable(&hdev->tx_task);
387
388 hci_conn_hash_add(hdev, conn);
389 if (hdev->notify)
390 hdev->notify(hdev, HCI_NOTIFY_CONN_ADD);
391
9eba32b8
MH		 392 atomic_set(&conn->devref, 0);
393
a67e899c
MH		 394 hci_conn_init_sysfs(conn);
395
1da177e4
LT		 396 tasklet_enable(&hdev->tx_task);
397
398 return conn;
399}
400
401int hci_conn_del(struct hci_conn *conn)
402{
403 struct hci_dev *hdev = conn->hdev;
404
405 BT_DBG("%s conn %p handle %d", hdev->name, conn, conn->handle);
406
04837f64
MH		 407 del_timer(&conn->idle_timer);
408
409 del_timer(&conn->disc_timer);
1da177e4 410
9f61656a
JH		 411 del_timer(&conn->auto_accept_timer);
412
5b7f9909 413 if (conn->type == ACL_LINK) {
1da177e4
LT		 414 struct hci_conn *sco = conn->link;
415 if (sco)
416 sco->link = NULL;
417
418 /* Unacked frames */
419 hdev->acl_cnt += conn->sent;
6ed58ec5
VT		 420 } else if (conn->type == LE_LINK) {
421 if (hdev->le_pkts)
422 hdev->le_cnt += conn->sent;
423 else
424 hdev->acl_cnt += conn->sent;
5b7f9909
MH		 425 } else {
426 struct hci_conn *acl = conn->link;
427 if (acl) {
428 acl->link = NULL;
429 hci_conn_put(acl);
430 }
1da177e4
LT		 431 }
432
433 tasklet_disable(&hdev->tx_task);
7d0db0a3 434
1da177e4
LT		 435 hci_conn_hash_del(hdev, conn);
436 if (hdev->notify)
437 hdev->notify(hdev, HCI_NOTIFY_CONN_DEL);
7d0db0a3 438
1da177e4 439 tasklet_enable(&hdev->tx_task);
7d0db0a3 440
1da177e4 441 skb_queue_purge(&conn->data_q);
1da177e4 442
9eba32b8 443 hci_conn_put_device(conn);
2ae9a6be 444
384943ec
MH		 445 hci_dev_put(hdev);
446
163f4dab
TT		 447 if (conn->handle == 0)
448 kfree(conn);
449
1da177e4
LT		 450 return 0;
451}
452
453struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
454{
455 int use_src = bacmp(src, BDADDR_ANY);
456 struct hci_dev *hdev = NULL;
457 struct list_head *p;
458
459 BT_DBG("%s -> %s", batostr(src), batostr(dst));
460
461 read_lock_bh(&hci_dev_list_lock);
462
463 list_for_each(p, &hci_dev_list) {
464 struct hci_dev *d = list_entry(p, struct hci_dev, list);
465
466 if (!test_bit(HCI_UP, &d->flags) || test_bit(HCI_RAW, &d->flags))
467 continue;
468
8e87d142 469 /* Simple routing:
1da177e4
LT		 470 * No source address - find interface with bdaddr != dst
471 * Source address - find interface with bdaddr == src
472 */
473
474 if (use_src) {
475 if (!bacmp(&d->bdaddr, src)) {
476 hdev = d; break;
477 }
478 } else {
479 if (bacmp(&d->bdaddr, dst)) {
480 hdev = d; break;
481 }
482 }
483 }
484
485 if (hdev)
486 hdev = hci_dev_hold(hdev);
487
488 read_unlock_bh(&hci_dev_list_lock);
489 return hdev;
490}
491EXPORT_SYMBOL(hci_get_route);
492
fcd89c09 493/* Create SCO, ACL or LE connection.
1da177e4 494 * Device _must_ be locked */
8c1b2355 495struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst, __u8 sec_level, __u8 auth_type)
1da177e4
LT		 496{
497 struct hci_conn *acl;
5b7f9909 498 struct hci_conn *sco;
fcd89c09 499 struct hci_conn *le;
1da177e4
LT		 500
501 BT_DBG("%s dst %s", hdev->name, batostr(dst));
502
fcd89c09 503 if (type == LE_LINK) {
eda42b50
AG		 504 struct adv_entry *entry;
505
fcd89c09 506 le = hci_conn_hash_lookup_ba(hdev, LE_LINK, dst);
15c4794f 507 if (le)
30e76272 508 return ERR_PTR(-EBUSY);
eda42b50
AG		 509
510 entry = hci_find_adv_entry(hdev, dst);
511 if (!entry)
512 return ERR_PTR(-EHOSTUNREACH);
513
15c4794f 514 le = hci_conn_add(hdev, LE_LINK, dst);
fcd89c09 515 if (!le)
30e76272 516 return ERR_PTR(-ENOMEM);
893d6751 517
eda42b50
AG		 518 le->dst_type = entry->bdaddr_type;
519
893d6751 520 hci_le_connect(le);
fcd89c09
VT		 521
522 hci_conn_hold(le);
523
524 return le;
525 }
526
70f23020
AE		 527 acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst);
528 if (!acl) {
529 acl = hci_conn_add(hdev, ACL_LINK, dst);
530 if (!acl)
1da177e4
LT		 531 return NULL;
532 }
533
534 hci_conn_hold(acl);
535
09ab6f4c 536 if (acl->state == BT_OPEN || acl->state == BT_CLOSED) {
765c2a96
JH		 537 acl->sec_level = BT_SECURITY_LOW;
538 acl->pending_sec_level = sec_level;
09ab6f4c 539 acl->auth_type = auth_type;
1da177e4 540 hci_acl_connect(acl);
09ab6f4c 541 }
1da177e4 542
5b7f9909
MH		 543 if (type == ACL_LINK)
544 return acl;
1da177e4 545
70f23020
AE		 546 sco = hci_conn_hash_lookup_ba(hdev, type, dst);
547 if (!sco) {
548 sco = hci_conn_add(hdev, type, dst);
549 if (!sco) {
5b7f9909
MH		 550 hci_conn_put(acl);
551 return NULL;
1da177e4 552 }
5b7f9909 553 }
1da177e4 554
5b7f9909
MH		 555 acl->link = sco;
556 sco->link = acl;
1da177e4 557
5b7f9909 558 hci_conn_hold(sco);
1da177e4 559
5b7f9909 560 if (acl->state == BT_CONNECTED &&
b6a0dc82 561 (sco->state == BT_OPEN || sco->state == BT_CLOSED)) {
c390216b 562 acl->power_save = 1;
14b12d0b 563 hci_conn_enter_active_mode(acl, BT_POWER_FORCE_ACTIVE_ON);
c390216b 564
e73439d8
MH		 565 if (test_bit(HCI_CONN_MODE_CHANGE_PEND, &acl->pend)) {
566 /* defer SCO setup until mode change completed */
567 set_bit(HCI_CONN_SCO_SETUP_PEND, &acl->pend);
568 return sco;
569 }
570
571 hci_sco_setup(acl, 0x00);
b6a0dc82 572 }
5b7f9909
MH		 573
574 return sco;
1da177e4
LT		 575}
576EXPORT_SYMBOL(hci_connect);
577
e7c29cb1
MH		 578/* Check link security requirement */
579int hci_conn_check_link_mode(struct hci_conn *conn)
580{
581 BT_DBG("conn %p", conn);
582
583 if (conn->ssp_mode > 0 && conn->hdev->ssp_mode > 0 &&
584 !(conn->link_mode & HCI_LM_ENCRYPT))
585 return 0;
586
587 return 1;
588}
589EXPORT_SYMBOL(hci_conn_check_link_mode);
590
1da177e4 591/* Authenticate remote device */
0684e5f9 592static int hci_conn_auth(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
1da177e4
LT		 593{
594 BT_DBG("conn %p", conn);
595
765c2a96
JH		 596 if (conn->pending_sec_level > sec_level)
597 sec_level = conn->pending_sec_level;
598
96a31833 599 if (sec_level > conn->sec_level)
765c2a96 600 conn->pending_sec_level = sec_level;
96a31833 601 else if (conn->link_mode & HCI_LM_AUTH)
1da177e4
LT		 602 return 1;
603
65cf686e
JH		 604 /* Make sure we preserve an existing MITM requirement*/
605 auth_type |= (conn->auth_type & 0x01);
606
96a31833
MH		 607 conn->auth_type = auth_type;
608
1da177e4
LT		 609 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
610 struct hci_cp_auth_requested cp;
aca3192c 611 cp.handle = cpu_to_le16(conn->handle);
40be492f
MH		 612 hci_send_cmd(conn->hdev, HCI_OP_AUTH_REQUESTED,
613 sizeof(cp), &cp);
19f8def0
WR		 614 if (conn->key_type != 0xff)
615 set_bit(HCI_CONN_REAUTH_PEND, &conn->pend);
1da177e4 616 }
8c1b2355 617
1da177e4
LT		 618 return 0;
619}
1da177e4 620
13d39315
WR		 621/* Encrypt the the link */
622static void hci_conn_encrypt(struct hci_conn *conn)
623{
624 BT_DBG("conn %p", conn);
625
626 if (!test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
627 struct hci_cp_set_conn_encrypt cp;
628 cp.handle = cpu_to_le16(conn->handle);
629 cp.encrypt = 0x01;
630 hci_send_cmd(conn->hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
631 &cp);
632 }
633}
634
8c1b2355 635/* Enable security */
0684e5f9 636int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
1da177e4
LT		 637{
638 BT_DBG("conn %p", conn);
639
13d39315 640 /* For sdp we don't need the link key. */
8c1b2355
MH		 641 if (sec_level == BT_SECURITY_SDP)
642 return 1;
643
13d39315
WR		 644 /* For non 2.1 devices and low security level we don't need the link
645 key. */
3fdca1e1
MH		 646 if (sec_level == BT_SECURITY_LOW &&
647 (!conn->ssp_mode || !conn->hdev->ssp_mode))
648 return 1;
8c1b2355 649
13d39315
WR		 650 /* For other security levels we need the link key. */
651 if (!(conn->link_mode & HCI_LM_AUTH))
652 goto auth;
653
654 /* An authenticated combination key has sufficient security for any
655 security level. */
656 if (conn->key_type == HCI_LK_AUTH_COMBINATION)
657 goto encrypt;
658
659 /* An unauthenticated combination key has sufficient security for
660 security level 1 and 2. */
661 if (conn->key_type == HCI_LK_UNAUTH_COMBINATION &&
662 (sec_level == BT_SECURITY_MEDIUM ||
663 sec_level == BT_SECURITY_LOW))
664 goto encrypt;
665
666 /* A combination key has always sufficient security for the security
667 levels 1 or 2. High security level requires the combination key
668 is generated using maximum PIN code length (16).
669 For pre 2.1 units. */
670 if (conn->key_type == HCI_LK_COMBINATION &&
671 (sec_level != BT_SECURITY_HIGH ||
672 conn->pin_length == 16))
673 goto encrypt;
674
675auth:
33060542 676 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend))
1da177e4
LT		 677 return 0;
678
6fdf658c
LAD		 679 if (!hci_conn_auth(conn, sec_level, auth_type))
680 return 0;
13d39315
WR		 681
682encrypt:
683 if (conn->link_mode & HCI_LM_ENCRYPT)
684 return 1;
8c1b2355 685
13d39315 686 hci_conn_encrypt(conn);
1da177e4
LT		 687 return 0;
688}
8c1b2355 689EXPORT_SYMBOL(hci_conn_security);
1da177e4 690
b3b1b061
WR		 691/* Check secure link requirement */
692int hci_conn_check_secure(struct hci_conn *conn, __u8 sec_level)
693{
694 BT_DBG("conn %p", conn);
695
696 if (sec_level != BT_SECURITY_HIGH)
697 return 1; /* Accept if non-secure is required */
698
ef4177e2 699 if (conn->sec_level == BT_SECURITY_HIGH)
b3b1b061
WR		 700 return 1;
701
702 return 0; /* Reject not secure link */
703}
704EXPORT_SYMBOL(hci_conn_check_secure);
705
1da177e4
LT		 706/* Change link key */
707int hci_conn_change_link_key(struct hci_conn *conn)
708{
709 BT_DBG("conn %p", conn);
710
711 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
712 struct hci_cp_change_conn_link_key cp;
aca3192c 713 cp.handle = cpu_to_le16(conn->handle);
40be492f
MH		 714 hci_send_cmd(conn->hdev, HCI_OP_CHANGE_CONN_LINK_KEY,
715 sizeof(cp), &cp);
1da177e4 716 }
8c1b2355 717
1da177e4
LT		 718 return 0;
719}
720EXPORT_SYMBOL(hci_conn_change_link_key);
721
722/* Switch role */
8c1b2355 723int hci_conn_switch_role(struct hci_conn *conn, __u8 role)
1da177e4
LT		 724{
725 BT_DBG("conn %p", conn);
726
727 if (!role && conn->link_mode & HCI_LM_MASTER)
728 return 1;
729
730 if (!test_and_set_bit(HCI_CONN_RSWITCH_PEND, &conn->pend)) {
731 struct hci_cp_switch_role cp;
732 bacpy(&cp.bdaddr, &conn->dst);
733 cp.role = role;
a9de9248 734 hci_send_cmd(conn->hdev, HCI_OP_SWITCH_ROLE, sizeof(cp), &cp);
1da177e4 735 }
8c1b2355 736
1da177e4
LT		 737 return 0;
738}
739EXPORT_SYMBOL(hci_conn_switch_role);
740
04837f64 741/* Enter active mode */
14b12d0b 742void hci_conn_enter_active_mode(struct hci_conn *conn, __u8 force_active)
04837f64
MH		 743{
744 struct hci_dev *hdev = conn->hdev;
745
746 BT_DBG("conn %p mode %d", conn, conn->mode);
747
748 if (test_bit(HCI_RAW, &hdev->flags))
749 return;
750
14b12d0b
JG		 751 if (conn->mode != HCI_CM_SNIFF)
752 goto timer;
753
754 if (!conn->power_save && !force_active)
04837f64
MH		 755 goto timer;
756
757 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
758 struct hci_cp_exit_sniff_mode cp;
aca3192c 759 cp.handle = cpu_to_le16(conn->handle);
a9de9248 760 hci_send_cmd(hdev, HCI_OP_EXIT_SNIFF_MODE, sizeof(cp), &cp);
04837f64
MH		 761 }
762
763timer:
764 if (hdev->idle_timeout > 0)
765 mod_timer(&conn->idle_timer,
766 jiffies + msecs_to_jiffies(hdev->idle_timeout));
767}
768
769/* Enter sniff mode */
770void hci_conn_enter_sniff_mode(struct hci_conn *conn)
771{
772 struct hci_dev *hdev = conn->hdev;
773
774 BT_DBG("conn %p mode %d", conn, conn->mode);
775
776 if (test_bit(HCI_RAW, &hdev->flags))
777 return;
778
779 if (!lmp_sniff_capable(hdev) || !lmp_sniff_capable(conn))
780 return;
781
782 if (conn->mode != HCI_CM_ACTIVE || !(conn->link_policy & HCI_LP_SNIFF))
783 return;
784
785 if (lmp_sniffsubr_capable(hdev) && lmp_sniffsubr_capable(conn)) {
786 struct hci_cp_sniff_subrate cp;
aca3192c
YH		 787 cp.handle = cpu_to_le16(conn->handle);
788 cp.max_latency = cpu_to_le16(0);
789 cp.min_remote_timeout = cpu_to_le16(0);
790 cp.min_local_timeout = cpu_to_le16(0);
a9de9248 791 hci_send_cmd(hdev, HCI_OP_SNIFF_SUBRATE, sizeof(cp), &cp);
04837f64
MH		 792 }
793
794 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
795 struct hci_cp_sniff_mode cp;
aca3192c
YH		 796 cp.handle = cpu_to_le16(conn->handle);
797 cp.max_interval = cpu_to_le16(hdev->sniff_max_interval);
798 cp.min_interval = cpu_to_le16(hdev->sniff_min_interval);
799 cp.attempt = cpu_to_le16(4);
800 cp.timeout = cpu_to_le16(1);
a9de9248 801 hci_send_cmd(hdev, HCI_OP_SNIFF_MODE, sizeof(cp), &cp);
04837f64
MH		 802 }
803}
804
1da177e4
LT		 805/* Drop all connection on the device */
806void hci_conn_hash_flush(struct hci_dev *hdev)
807{
808 struct hci_conn_hash *h = &hdev->conn_hash;
809 struct list_head *p;
810
811 BT_DBG("hdev %s", hdev->name);
812
813 p = h->list.next;
814 while (p != &h->list) {
815 struct hci_conn *c;
816
817 c = list_entry(p, struct hci_conn, list);
818 p = p->next;
819
820 c->state = BT_CLOSED;
821
2950f21a 822 hci_proto_disconn_cfm(c, 0x16);
1da177e4
LT		 823 hci_conn_del(c);
824 }
825}
826
a9de9248
MH		 827/* Check pending connect attempts */
828void hci_conn_check_pending(struct hci_dev *hdev)
829{
830 struct hci_conn *conn;
831
832 BT_DBG("hdev %s", hdev->name);
833
834 hci_dev_lock(hdev);
835
836 conn = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
837 if (conn)
838 hci_acl_connect(conn);
839
840 hci_dev_unlock(hdev);
841}
842
9eba32b8
MH		 843void hci_conn_hold_device(struct hci_conn *conn)
844{
845 atomic_inc(&conn->devref);
846}
847EXPORT_SYMBOL(hci_conn_hold_device);
848
849void hci_conn_put_device(struct hci_conn *conn)
850{
851 if (atomic_dec_and_test(&conn->devref))
852 hci_conn_del_sysfs(conn);
853}
854EXPORT_SYMBOL(hci_conn_put_device);
855
1da177e4
LT		 856int hci_get_conn_list(void __user *arg)
857{
858 struct hci_conn_list_req req, *cl;
859 struct hci_conn_info *ci;
860 struct hci_dev *hdev;
861 struct list_head *p;
862 int n = 0, size, err;
863
864 if (copy_from_user(&req, arg, sizeof(req)))
865 return -EFAULT;
866
867 if (!req.conn_num || req.conn_num > (PAGE_SIZE * 2) / sizeof(*ci))
868 return -EINVAL;
869
870 size = sizeof(req) + req.conn_num * sizeof(*ci);
871
70f23020
AE		 872 cl = kmalloc(size, GFP_KERNEL);
873 if (!cl)
1da177e4
LT		 874 return -ENOMEM;
875
70f23020
AE		 876 hdev = hci_dev_get(req.dev_id);
877 if (!hdev) {
1da177e4
LT		 878 kfree(cl);
879 return -ENODEV;
880 }
881
882 ci = cl->conn_info;
883
884 hci_dev_lock_bh(hdev);
885 list_for_each(p, &hdev->conn_hash.list) {
886 register struct hci_conn *c;
887 c = list_entry(p, struct hci_conn, list);
888
889 bacpy(&(ci + n)->bdaddr, &c->dst);
890 (ci + n)->handle = c->handle;
891 (ci + n)->type = c->type;
892 (ci + n)->out = c->out;
893 (ci + n)->state = c->state;
894 (ci + n)->link_mode = c->link_mode;
895 if (++n >= req.conn_num)
896 break;
897 }
898 hci_dev_unlock_bh(hdev);
899
900 cl->dev_id = hdev->id;
901 cl->conn_num = n;
902 size = sizeof(req) + n * sizeof(*ci);
903
904 hci_dev_put(hdev);
905
906 err = copy_to_user(arg, cl, size);
907 kfree(cl);
908
909 return err ? -EFAULT : 0;
910}
911
912int hci_get_conn_info(struct hci_dev *hdev, void __user *arg)
913{
914 struct hci_conn_info_req req;
915 struct hci_conn_info ci;
916 struct hci_conn *conn;
917 char __user *ptr = arg + sizeof(req);
918
919 if (copy_from_user(&req, arg, sizeof(req)))
920 return -EFAULT;
921
922 hci_dev_lock_bh(hdev);
923 conn = hci_conn_hash_lookup_ba(hdev, req.type, &req.bdaddr);
924 if (conn) {
925 bacpy(&ci.bdaddr, &conn->dst);
926 ci.handle = conn->handle;
927 ci.type = conn->type;
928 ci.out = conn->out;
929 ci.state = conn->state;
930 ci.link_mode = conn->link_mode;
931 }
932 hci_dev_unlock_bh(hdev);
933
934 if (!conn)
935 return -ENOENT;
936
937 return copy_to_user(ptr, &ci, sizeof(ci)) ? -EFAULT : 0;
938}
40be492f
MH		 939
940int hci_get_auth_info(struct hci_dev *hdev, void __user *arg)
941{
942 struct hci_auth_info_req req;
943 struct hci_conn *conn;
944
945 if (copy_from_user(&req, arg, sizeof(req)))
946 return -EFAULT;
947
948 hci_dev_lock_bh(hdev);
949 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &req.bdaddr);
950 if (conn)
951 req.type = conn->auth_type;
952 hci_dev_unlock_bh(hdev);
953
954 if (!conn)
955 return -ENOENT;
956
957 return copy_to_user(arg, &req, sizeof(req)) ? -EFAULT : 0;
958}
Linux kernel - Deliverables
This page took 0.564125 seconds and 5 git commands to generate.