projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Fix coding style in the subsystem
[linux-2.6-block.git] / net / bluetooth / hci_conn.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI connection handling. */
26
1da177e4
LT		 27#include <linux/module.h>
28
29#include <linux/types.h>
30#include <linux/errno.h>
31#include <linux/kernel.h>
1da177e4
LT		 32#include <linux/slab.h>
33#include <linux/poll.h>
34#include <linux/fcntl.h>
35#include <linux/init.h>
36#include <linux/skbuff.h>
37#include <linux/interrupt.h>
1da177e4
LT		 38#include <net/sock.h>
39
70f23020 40#include <linux/uaccess.h>
1da177e4
LT		 41#include <asm/unaligned.h>
42
43#include <net/bluetooth/bluetooth.h>
44#include <net/bluetooth/hci_core.h>
45
fcd89c09
VT		 46static void hci_le_connect(struct hci_conn *conn)
47{
48 struct hci_dev *hdev = conn->hdev;
49 struct hci_cp_le_create_conn cp;
50
51 conn->state = BT_CONNECT;
a0c808b3 52 conn->out = true;
b92a6223 53 conn->link_mode |= HCI_LM_MASTER;
7b5c0d52 54 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 55
56 memset(&cp, 0, sizeof(cp));
0e833915
AL		 57 cp.scan_interval = cpu_to_le16(0x0060);
58 cp.scan_window = cpu_to_le16(0x0030);
fcd89c09 59 bacpy(&cp.peer_addr, &conn->dst);
6d3ce0e7 60 cp.peer_addr_type = conn->dst_type;
0e833915
AL		 61 cp.conn_interval_min = cpu_to_le16(0x0028);
62 cp.conn_interval_max = cpu_to_le16(0x0038);
63 cp.supervision_timeout = cpu_to_le16(0x002a);
64 cp.min_ce_len = cpu_to_le16(0x0000);
65 cp.max_ce_len = cpu_to_le16(0x0000);
fcd89c09
VT		 66
67 hci_send_cmd(hdev, HCI_OP_LE_CREATE_CONN, sizeof(cp), &cp);
68}
69
70static void hci_le_connect_cancel(struct hci_conn *conn)
71{
72 hci_send_cmd(conn->hdev, HCI_OP_LE_CREATE_CONN_CANCEL, 0, NULL);
73}
74
4c67bc74 75void hci_acl_connect(struct hci_conn *conn)
1da177e4
LT		 76{
77 struct hci_dev *hdev = conn->hdev;
78 struct inquiry_entry *ie;
79 struct hci_cp_create_conn cp;
80
42d2d87c 81 BT_DBG("hcon %p", conn);
1da177e4
LT		 82
83 conn->state = BT_CONNECT;
a0c808b3 84 conn->out = true;
a8746417 85
1da177e4
LT		 86 conn->link_mode = HCI_LM_MASTER;
87
4c67bc74
MH		 88 conn->attempt++;
89
e4e8e37c
MH		 90 conn->link_policy = hdev->link_policy;
91
1da177e4
LT		 92 memset(&cp, 0, sizeof(cp));
93 bacpy(&cp.bdaddr, &conn->dst);
94 cp.pscan_rep_mode = 0x02;
95
70f23020
AE		 96 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
97 if (ie) {
41a96212
MH		 98 if (inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) {
99 cp.pscan_rep_mode = ie->data.pscan_rep_mode;
100 cp.pscan_mode = ie->data.pscan_mode;
101 cp.clock_offset = ie->data.clock_offset |
102 cpu_to_le16(0x8000);
103 }
104
1da177e4 105 memcpy(conn->dev_class, ie->data.dev_class, 3);
58a681ef
JH		 106 if (ie->data.ssp_mode > 0)
107 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
1da177e4
LT		 108 }
109
a8746417 110 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1da177e4 111 if (lmp_rswitch_capable(hdev) && !(hdev->link_mode & HCI_LM_MASTER))
b6a0dc82 112 cp.role_switch = 0x01;
1da177e4 113 else
b6a0dc82 114 cp.role_switch = 0x00;
4c67bc74 115
a9de9248 116 hci_send_cmd(hdev, HCI_OP_CREATE_CONN, sizeof(cp), &cp);
1da177e4
LT		 117}
118
6ac59344
MH		 119static void hci_acl_connect_cancel(struct hci_conn *conn)
120{
121 struct hci_cp_create_conn_cancel cp;
122
123 BT_DBG("%p", conn);
124
d095c1eb 125 if (conn->hdev->hci_ver < BLUETOOTH_VER_1_2)
6ac59344
MH		 126 return;
127
128 bacpy(&cp.bdaddr, &conn->dst);
a9de9248 129 hci_send_cmd(conn->hdev, HCI_OP_CREATE_CONN_CANCEL, sizeof(cp), &cp);
6ac59344
MH		 130}
131
1da177e4
LT		 132void hci_acl_disconn(struct hci_conn *conn, __u8 reason)
133{
134 struct hci_cp_disconnect cp;
135
136 BT_DBG("%p", conn);
137
138 conn->state = BT_DISCONN;
139
aca3192c 140 cp.handle = cpu_to_le16(conn->handle);
1da177e4 141 cp.reason = reason;
a9de9248 142 hci_send_cmd(conn->hdev, HCI_OP_DISCONNECT, sizeof(cp), &cp);
1da177e4
LT		 143}
144
145void hci_add_sco(struct hci_conn *conn, __u16 handle)
146{
147 struct hci_dev *hdev = conn->hdev;
148 struct hci_cp_add_sco cp;
149
150 BT_DBG("%p", conn);
151
152 conn->state = BT_CONNECT;
a0c808b3 153 conn->out = true;
1da177e4 154
efc7688b
MH		 155 conn->attempt++;
156
aca3192c 157 cp.handle = cpu_to_le16(handle);
a8746417 158 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1da177e4 159
a9de9248 160 hci_send_cmd(hdev, HCI_OP_ADD_SCO, sizeof(cp), &cp);
1da177e4
LT		 161}
162
b6a0dc82
MH		 163void hci_setup_sync(struct hci_conn *conn, __u16 handle)
164{
165 struct hci_dev *hdev = conn->hdev;
166 struct hci_cp_setup_sync_conn cp;
167
168 BT_DBG("%p", conn);
169
170 conn->state = BT_CONNECT;
a0c808b3 171 conn->out = true;
b6a0dc82 172
efc7688b
MH		 173 conn->attempt++;
174
b6a0dc82 175 cp.handle = cpu_to_le16(handle);
a8746417 176 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82
MH		 177
178 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
179 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
180 cp.max_latency = cpu_to_le16(0xffff);
181 cp.voice_setting = cpu_to_le16(hdev->voice_setting);
182 cp.retrans_effort = 0xff;
183
184 hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp);
185}
186
2ce603eb 187void hci_le_conn_update(struct hci_conn *conn, u16 min, u16 max,
5974e4c4 188 u16 latency, u16 to_multiplier)
2ce603eb
CT		 189{
190 struct hci_cp_le_conn_update cp;
191 struct hci_dev *hdev = conn->hdev;
192
193 memset(&cp, 0, sizeof(cp));
194
195 cp.handle = cpu_to_le16(conn->handle);
196 cp.conn_interval_min = cpu_to_le16(min);
197 cp.conn_interval_max = cpu_to_le16(max);
198 cp.conn_latency = cpu_to_le16(latency);
199 cp.supervision_timeout = cpu_to_le16(to_multiplier);
200 cp.min_ce_len = cpu_to_le16(0x0001);
201 cp.max_ce_len = cpu_to_le16(0x0001);
202
203 hci_send_cmd(hdev, HCI_OP_LE_CONN_UPDATE, sizeof(cp), &cp);
204}
205EXPORT_SYMBOL(hci_le_conn_update);
206
a7a595f6 207void hci_le_start_enc(struct hci_conn *conn, __le16 ediv, __u8 rand[8],
5974e4c4 208 __u8 ltk[16])
a7a595f6
VCG		 209{
210 struct hci_dev *hdev = conn->hdev;
211 struct hci_cp_le_start_enc cp;
212
213 BT_DBG("%p", conn);
214
215 memset(&cp, 0, sizeof(cp));
216
217 cp.handle = cpu_to_le16(conn->handle);
218 memcpy(cp.ltk, ltk, sizeof(cp.ltk));
219 cp.ediv = ediv;
51beabdf 220 memcpy(cp.rand, rand, sizeof(cp.rand));
a7a595f6
VCG		 221
222 hci_send_cmd(hdev, HCI_OP_LE_START_ENC, sizeof(cp), &cp);
223}
224EXPORT_SYMBOL(hci_le_start_enc);
225
e73439d8
MH		 226/* Device _must_ be locked */
227void hci_sco_setup(struct hci_conn *conn, __u8 status)
228{
229 struct hci_conn *sco = conn->link;
230
231 BT_DBG("%p", conn);
232
233 if (!sco)
234 return;
235
236 if (!status) {
237 if (lmp_esco_capable(conn->hdev))
238 hci_setup_sync(sco, conn->handle);
239 else
240 hci_add_sco(sco, conn->handle);
241 } else {
242 hci_proto_connect_cfm(sco, status);
243 hci_conn_del(sco);
244 }
245}
246
19c40e3b 247static void hci_conn_timeout(struct work_struct *work)
1da177e4 248{
19c40e3b 249 struct hci_conn *conn = container_of(work, struct hci_conn,
5974e4c4 250 disc_work.work);
2950f21a 251 __u8 reason;
1da177e4 252
e05dcc32 253 BT_DBG("conn %p state %s", conn, state_to_string(conn->state));
1da177e4
LT		 254
255 if (atomic_read(&conn->refcnt))
256 return;
257
6ac59344
MH		 258 switch (conn->state) {
259 case BT_CONNECT:
769be974 260 case BT_CONNECT2:
fcd89c09
VT		 261 if (conn->out) {
262 if (conn->type == ACL_LINK)
263 hci_acl_connect_cancel(conn);
264 else if (conn->type == LE_LINK)
265 hci_le_connect_cancel(conn);
266 }
6ac59344 267 break;
769be974 268 case BT_CONFIG:
8e87d142 269 case BT_CONNECTED:
2950f21a
MH		 270 reason = hci_proto_disconn_ind(conn);
271 hci_acl_disconn(conn, reason);
6ac59344
MH		 272 break;
273 default:
1da177e4 274 conn->state = BT_CLOSED;
6ac59344
MH		 275 break;
276 }
1da177e4
LT		 277}
278
416dc94b
GP		 279/* Enter sniff mode */
280static void hci_conn_enter_sniff_mode(struct hci_conn *conn)
281{
282 struct hci_dev *hdev = conn->hdev;
283
284 BT_DBG("conn %p mode %d", conn, conn->mode);
285
286 if (test_bit(HCI_RAW, &hdev->flags))
287 return;
288
289 if (!lmp_sniff_capable(hdev) || !lmp_sniff_capable(conn))
290 return;
291
292 if (conn->mode != HCI_CM_ACTIVE || !(conn->link_policy & HCI_LP_SNIFF))
293 return;
294
295 if (lmp_sniffsubr_capable(hdev) && lmp_sniffsubr_capable(conn)) {
296 struct hci_cp_sniff_subrate cp;
297 cp.handle = cpu_to_le16(conn->handle);
298 cp.max_latency = cpu_to_le16(0);
299 cp.min_remote_timeout = cpu_to_le16(0);
300 cp.min_local_timeout = cpu_to_le16(0);
301 hci_send_cmd(hdev, HCI_OP_SNIFF_SUBRATE, sizeof(cp), &cp);
302 }
303
51a8efd7 304 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
416dc94b
GP		 305 struct hci_cp_sniff_mode cp;
306 cp.handle = cpu_to_le16(conn->handle);
307 cp.max_interval = cpu_to_le16(hdev->sniff_max_interval);
308 cp.min_interval = cpu_to_le16(hdev->sniff_min_interval);
309 cp.attempt = cpu_to_le16(4);
310 cp.timeout = cpu_to_le16(1);
311 hci_send_cmd(hdev, HCI_OP_SNIFF_MODE, sizeof(cp), &cp);
312 }
313}
314
04837f64 315static void hci_conn_idle(unsigned long arg)
1da177e4 316{
04837f64
MH		 317 struct hci_conn *conn = (void *) arg;
318
319 BT_DBG("conn %p mode %d", conn, conn->mode);
320
321 hci_conn_enter_sniff_mode(conn);
1da177e4
LT		 322}
323
9f61656a
JH		 324static void hci_conn_auto_accept(unsigned long arg)
325{
326 struct hci_conn *conn = (void *) arg;
327 struct hci_dev *hdev = conn->hdev;
328
9f61656a 329 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY, sizeof(conn->dst),
5974e4c4 330 &conn->dst);
9f61656a
JH		 331}
332
1da177e4
LT		 333struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst)
334{
335 struct hci_conn *conn;
336
337 BT_DBG("%s dst %s", hdev->name, batostr(dst));
338
cb601d7e 339 conn = kzalloc(sizeof(struct hci_conn), GFP_KERNEL);
04837f64 340 if (!conn)
1da177e4 341 return NULL;
1da177e4
LT		 342
343 bacpy(&conn->dst, dst);
a8746417
MH		 344 conn->hdev = hdev;
345 conn->type = type;
346 conn->mode = HCI_CM_ACTIVE;
347 conn->state = BT_OPEN;
93f19c9f 348 conn->auth_type = HCI_AT_GENERAL_BONDING;
17fa4b9d 349 conn->io_capability = hdev->io_capability;
a9583556 350 conn->remote_auth = 0xff;
13d39315 351 conn->key_type = 0xff;
1da177e4 352
58a681ef 353 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
052b30b0 354 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
04837f64 355
a8746417
MH		 356 switch (type) {
357 case ACL_LINK:
358 conn->pkt_type = hdev->pkt_type & ACL_PTYPE_MASK;
359 break;
360 case SCO_LINK:
361 if (lmp_esco_capable(hdev))
efc7688b
MH		 362 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
363 (hdev->esco_type & EDR_ESCO_MASK);
a8746417
MH		 364 else
365 conn->pkt_type = hdev->pkt_type & SCO_PTYPE_MASK;
366 break;
367 case ESCO_LINK:
efc7688b 368 conn->pkt_type = hdev->esco_type & ~EDR_ESCO_MASK;
a8746417
MH		 369 break;
370 }
371
1da177e4 372 skb_queue_head_init(&conn->data_q);
04837f64 373
70c1f20b 374 INIT_LIST_HEAD(&conn->chan_list);
73d80deb 375
19c40e3b 376 INIT_DELAYED_WORK(&conn->disc_work, hci_conn_timeout);
b24b8a24 377 setup_timer(&conn->idle_timer, hci_conn_idle, (unsigned long)conn);
9f61656a 378 setup_timer(&conn->auto_accept_timer, hci_conn_auto_accept,
5974e4c4 379 (unsigned long) conn);
1da177e4
LT		 380
381 atomic_set(&conn->refcnt, 0);
382
383 hci_dev_hold(hdev);
384
1da177e4 385 hci_conn_hash_add(hdev, conn);
3c54711c 386 if (hdev->notify)
1da177e4
LT		 387 hdev->notify(hdev, HCI_NOTIFY_CONN_ADD);
388
9eba32b8
MH		 389 atomic_set(&conn->devref, 0);
390
a67e899c
MH		 391 hci_conn_init_sysfs(conn);
392
1da177e4
LT		 393 return conn;
394}
395
396int hci_conn_del(struct hci_conn *conn)
397{
398 struct hci_dev *hdev = conn->hdev;
399
400 BT_DBG("%s conn %p handle %d", hdev->name, conn, conn->handle);
401
04837f64
MH		 402 del_timer(&conn->idle_timer);
403
19c40e3b 404 cancel_delayed_work_sync(&conn->disc_work);
1da177e4 405
9f61656a
JH		 406 del_timer(&conn->auto_accept_timer);
407
5b7f9909 408 if (conn->type == ACL_LINK) {
1da177e4
LT		 409 struct hci_conn *sco = conn->link;
410 if (sco)
411 sco->link = NULL;
412
413 /* Unacked frames */
414 hdev->acl_cnt += conn->sent;
6ed58ec5
VT		 415 } else if (conn->type == LE_LINK) {
416 if (hdev->le_pkts)
417 hdev->le_cnt += conn->sent;
418 else
419 hdev->acl_cnt += conn->sent;
5b7f9909
MH		 420 } else {
421 struct hci_conn *acl = conn->link;
422 if (acl) {
423 acl->link = NULL;
424 hci_conn_put(acl);
425 }
1da177e4
LT		 426 }
427
2c33c06a 428 hci_chan_list_flush(conn);
73d80deb 429
1da177e4 430 hci_conn_hash_del(hdev, conn);
3c54711c 431 if (hdev->notify)
1da177e4 432 hdev->notify(hdev, HCI_NOTIFY_CONN_DEL);
7d0db0a3 433
1da177e4 434 skb_queue_purge(&conn->data_q);
1da177e4 435
9eba32b8 436 hci_conn_put_device(conn);
2ae9a6be 437
384943ec
MH		 438 hci_dev_put(hdev);
439
163f4dab
TT		 440 if (conn->handle == 0)
441 kfree(conn);
442
1da177e4
LT		 443 return 0;
444}
445
446struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
447{
448 int use_src = bacmp(src, BDADDR_ANY);
8035ded4 449 struct hci_dev *hdev = NULL, *d;
1da177e4
LT		 450
451 BT_DBG("%s -> %s", batostr(src), batostr(dst));
452
f20d09d5 453 read_lock(&hci_dev_list_lock);
1da177e4 454
8035ded4 455 list_for_each_entry(d, &hci_dev_list, list) {
8fc9ced3
GP		 456 if (!test_bit(HCI_UP, &d->flags) ||
457 test_bit(HCI_RAW, &d->flags))
1da177e4
LT		 458 continue;
459
8e87d142 460 /* Simple routing:
1da177e4
LT		 461 * No source address - find interface with bdaddr != dst
462 * Source address - find interface with bdaddr == src
463 */
464
465 if (use_src) {
466 if (!bacmp(&d->bdaddr, src)) {
467 hdev = d; break;
468 }
469 } else {
470 if (bacmp(&d->bdaddr, dst)) {
471 hdev = d; break;
472 }
473 }
474 }
475
476 if (hdev)
477 hdev = hci_dev_hold(hdev);
478
f20d09d5 479 read_unlock(&hci_dev_list_lock);
1da177e4
LT		 480 return hdev;
481}
482EXPORT_SYMBOL(hci_get_route);
483
fcd89c09 484/* Create SCO, ACL or LE connection.
1da177e4 485 * Device _must_ be locked */
b12f62cf
AG		 486struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst,
487 __u8 dst_type, __u8 sec_level, __u8 auth_type)
1da177e4
LT		 488{
489 struct hci_conn *acl;
5b7f9909 490 struct hci_conn *sco;
fcd89c09 491 struct hci_conn *le;
1da177e4
LT		 492
493 BT_DBG("%s dst %s", hdev->name, batostr(dst));
494
fcd89c09
VT		 495 if (type == LE_LINK) {
496 le = hci_conn_hash_lookup_ba(hdev, LE_LINK, dst);
9f0caeb1 497 if (!le) {
9f0caeb1
VCG		 498 le = hci_conn_add(hdev, LE_LINK, dst);
499 if (!le)
500 return ERR_PTR(-ENOMEM);
501
b12f62cf 502 le->dst_type = bdaddr_to_le(dst_type);
9f0caeb1
VCG		 503 hci_le_connect(le);
504 }
eda42b50 505
9f0caeb1
VCG		 506 le->pending_sec_level = sec_level;
507 le->auth_type = auth_type;
fcd89c09
VT		 508
509 hci_conn_hold(le);
510
511 return le;
512 }
513
70f23020
AE		 514 acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst);
515 if (!acl) {
516 acl = hci_conn_add(hdev, ACL_LINK, dst);
517 if (!acl)
48c7aba9 518 return ERR_PTR(-ENOMEM);
1da177e4
LT		 519 }
520
521 hci_conn_hold(acl);
522
09ab6f4c 523 if (acl->state == BT_OPEN || acl->state == BT_CLOSED) {
765c2a96
JH		 524 acl->sec_level = BT_SECURITY_LOW;
525 acl->pending_sec_level = sec_level;
09ab6f4c 526 acl->auth_type = auth_type;
1da177e4 527 hci_acl_connect(acl);
09ab6f4c 528 }
1da177e4 529
5b7f9909
MH		 530 if (type == ACL_LINK)
531 return acl;
1da177e4 532
70f23020
AE		 533 sco = hci_conn_hash_lookup_ba(hdev, type, dst);
534 if (!sco) {
535 sco = hci_conn_add(hdev, type, dst);
536 if (!sco) {
5b7f9909 537 hci_conn_put(acl);
48c7aba9 538 return ERR_PTR(-ENOMEM);
1da177e4 539 }
5b7f9909 540 }
1da177e4 541
5b7f9909
MH		 542 acl->link = sco;
543 sco->link = acl;
1da177e4 544
5b7f9909 545 hci_conn_hold(sco);
1da177e4 546
5b7f9909 547 if (acl->state == BT_CONNECTED &&
5974e4c4 548 (sco->state == BT_OPEN || sco->state == BT_CLOSED)) {
58a681ef 549 set_bit(HCI_CONN_POWER_SAVE, &acl->flags);
14b12d0b 550 hci_conn_enter_active_mode(acl, BT_POWER_FORCE_ACTIVE_ON);
c390216b 551
51a8efd7 552 if (test_bit(HCI_CONN_MODE_CHANGE_PEND, &acl->flags)) {
e73439d8 553 /* defer SCO setup until mode change completed */
51a8efd7 554 set_bit(HCI_CONN_SCO_SETUP_PEND, &acl->flags);
e73439d8
MH		 555 return sco;
556 }
557
558 hci_sco_setup(acl, 0x00);
b6a0dc82 559 }
5b7f9909
MH		 560
561 return sco;
1da177e4
LT		 562}
563EXPORT_SYMBOL(hci_connect);
564
e7c29cb1
MH		 565/* Check link security requirement */
566int hci_conn_check_link_mode(struct hci_conn *conn)
567{
568 BT_DBG("conn %p", conn);
569
aa64a8b5 570 if (hci_conn_ssp_enabled(conn) && !(conn->link_mode & HCI_LM_ENCRYPT))
e7c29cb1
MH		 571 return 0;
572
573 return 1;
574}
575EXPORT_SYMBOL(hci_conn_check_link_mode);
576
1da177e4 577/* Authenticate remote device */
0684e5f9 578static int hci_conn_auth(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
1da177e4
LT		 579{
580 BT_DBG("conn %p", conn);
581
765c2a96
JH		 582 if (conn->pending_sec_level > sec_level)
583 sec_level = conn->pending_sec_level;
584
96a31833 585 if (sec_level > conn->sec_level)
765c2a96 586 conn->pending_sec_level = sec_level;
96a31833 587 else if (conn->link_mode & HCI_LM_AUTH)
1da177e4
LT		 588 return 1;
589
65cf686e
JH		 590 /* Make sure we preserve an existing MITM requirement*/
591 auth_type |= (conn->auth_type & 0x01);
592
96a31833
MH		 593 conn->auth_type = auth_type;
594
51a8efd7 595 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
1da177e4 596 struct hci_cp_auth_requested cp;
b7d05bad
PH		 597
598 /* encrypt must be pending if auth is also pending */
599 set_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
600
aca3192c 601 cp.handle = cpu_to_le16(conn->handle);
40be492f 602 hci_send_cmd(conn->hdev, HCI_OP_AUTH_REQUESTED,
5974e4c4 603 sizeof(cp), &cp);
19f8def0 604 if (conn->key_type != 0xff)
51a8efd7 605 set_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 606 }
8c1b2355 607
1da177e4
LT		 608 return 0;
609}
1da177e4 610
13d39315
WR		 611/* Encrypt the the link */
612static void hci_conn_encrypt(struct hci_conn *conn)
613{
614 BT_DBG("conn %p", conn);
615
51a8efd7 616 if (!test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
13d39315
WR		 617 struct hci_cp_set_conn_encrypt cp;
618 cp.handle = cpu_to_le16(conn->handle);
619 cp.encrypt = 0x01;
620 hci_send_cmd(conn->hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
5974e4c4 621 &cp);
13d39315
WR		 622 }
623}
624
8c1b2355 625/* Enable security */
0684e5f9 626int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
1da177e4
LT		 627{
628 BT_DBG("conn %p", conn);
629
13d39315 630 /* For sdp we don't need the link key. */
8c1b2355
MH		 631 if (sec_level == BT_SECURITY_SDP)
632 return 1;
633
13d39315
WR		 634 /* For non 2.1 devices and low security level we don't need the link
635 key. */
aa64a8b5 636 if (sec_level == BT_SECURITY_LOW && !hci_conn_ssp_enabled(conn))
3fdca1e1 637 return 1;
8c1b2355 638
13d39315
WR		 639 /* For other security levels we need the link key. */
640 if (!(conn->link_mode & HCI_LM_AUTH))
641 goto auth;
642
643 /* An authenticated combination key has sufficient security for any
644 security level. */
645 if (conn->key_type == HCI_LK_AUTH_COMBINATION)
646 goto encrypt;
647
648 /* An unauthenticated combination key has sufficient security for
649 security level 1 and 2. */
650 if (conn->key_type == HCI_LK_UNAUTH_COMBINATION &&
5974e4c4 651 (sec_level == BT_SECURITY_MEDIUM || sec_level == BT_SECURITY_LOW))
13d39315
WR		 652 goto encrypt;
653
654 /* A combination key has always sufficient security for the security
655 levels 1 or 2. High security level requires the combination key
656 is generated using maximum PIN code length (16).
657 For pre 2.1 units. */
658 if (conn->key_type == HCI_LK_COMBINATION &&
5974e4c4 659 (sec_level != BT_SECURITY_HIGH || conn->pin_length == 16))
13d39315
WR		 660 goto encrypt;
661
662auth:
51a8efd7 663 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags))
1da177e4
LT		 664 return 0;
665
6fdf658c
LAD		 666 if (!hci_conn_auth(conn, sec_level, auth_type))
667 return 0;
13d39315
WR		 668
669encrypt:
670 if (conn->link_mode & HCI_LM_ENCRYPT)
671 return 1;
8c1b2355 672
13d39315 673 hci_conn_encrypt(conn);
1da177e4
LT		 674 return 0;
675}
8c1b2355 676EXPORT_SYMBOL(hci_conn_security);
1da177e4 677
b3b1b061
WR		 678/* Check secure link requirement */
679int hci_conn_check_secure(struct hci_conn *conn, __u8 sec_level)
680{
681 BT_DBG("conn %p", conn);
682
683 if (sec_level != BT_SECURITY_HIGH)
684 return 1; /* Accept if non-secure is required */
685
ef4177e2 686 if (conn->sec_level == BT_SECURITY_HIGH)
b3b1b061
WR		 687 return 1;
688
689 return 0; /* Reject not secure link */
690}
691EXPORT_SYMBOL(hci_conn_check_secure);
692
1da177e4
LT		 693/* Change link key */
694int hci_conn_change_link_key(struct hci_conn *conn)
695{
696 BT_DBG("conn %p", conn);
697
51a8efd7 698 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
1da177e4 699 struct hci_cp_change_conn_link_key cp;
aca3192c 700 cp.handle = cpu_to_le16(conn->handle);
40be492f 701 hci_send_cmd(conn->hdev, HCI_OP_CHANGE_CONN_LINK_KEY,
5974e4c4 702 sizeof(cp), &cp);
1da177e4 703 }
8c1b2355 704
1da177e4
LT		 705 return 0;
706}
707EXPORT_SYMBOL(hci_conn_change_link_key);
708
709/* Switch role */
8c1b2355 710int hci_conn_switch_role(struct hci_conn *conn, __u8 role)
1da177e4
LT		 711{
712 BT_DBG("conn %p", conn);
713
714 if (!role && conn->link_mode & HCI_LM_MASTER)
715 return 1;
716
51a8efd7 717 if (!test_and_set_bit(HCI_CONN_RSWITCH_PEND, &conn->flags)) {
1da177e4
LT		 718 struct hci_cp_switch_role cp;
719 bacpy(&cp.bdaddr, &conn->dst);
720 cp.role = role;
a9de9248 721 hci_send_cmd(conn->hdev, HCI_OP_SWITCH_ROLE, sizeof(cp), &cp);
1da177e4 722 }
8c1b2355 723
1da177e4
LT		 724 return 0;
725}
726EXPORT_SYMBOL(hci_conn_switch_role);
727
04837f64 728/* Enter active mode */
14b12d0b 729void hci_conn_enter_active_mode(struct hci_conn *conn, __u8 force_active)
04837f64
MH		 730{
731 struct hci_dev *hdev = conn->hdev;
732
733 BT_DBG("conn %p mode %d", conn, conn->mode);
734
735 if (test_bit(HCI_RAW, &hdev->flags))
736 return;
737
14b12d0b
JG		 738 if (conn->mode != HCI_CM_SNIFF)
739 goto timer;
740
58a681ef 741 if (!test_bit(HCI_CONN_POWER_SAVE, &conn->flags) && !force_active)
04837f64
MH		 742 goto timer;
743
51a8efd7 744 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
04837f64 745 struct hci_cp_exit_sniff_mode cp;
aca3192c 746 cp.handle = cpu_to_le16(conn->handle);
a9de9248 747 hci_send_cmd(hdev, HCI_OP_EXIT_SNIFF_MODE, sizeof(cp), &cp);
04837f64
MH		 748 }
749
750timer:
751 if (hdev->idle_timeout > 0)
752 mod_timer(&conn->idle_timer,
5974e4c4 753 jiffies + msecs_to_jiffies(hdev->idle_timeout));
04837f64
MH		 754}
755
1da177e4
LT		 756/* Drop all connection on the device */
757void hci_conn_hash_flush(struct hci_dev *hdev)
758{
759 struct hci_conn_hash *h = &hdev->conn_hash;
3c4e0df0 760 struct hci_conn *c, *n;
1da177e4
LT		 761
762 BT_DBG("hdev %s", hdev->name);
763
3c4e0df0 764 list_for_each_entry_safe(c, n, &h->list, list) {
1da177e4
LT		 765 c->state = BT_CLOSED;
766
9f5a0d7b 767 hci_proto_disconn_cfm(c, HCI_ERROR_LOCAL_HOST_TERM);
1da177e4
LT		 768 hci_conn_del(c);
769 }
770}
771
a9de9248
MH		 772/* Check pending connect attempts */
773void hci_conn_check_pending(struct hci_dev *hdev)
774{
775 struct hci_conn *conn;
776
777 BT_DBG("hdev %s", hdev->name);
778
779 hci_dev_lock(hdev);
780
781 conn = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
782 if (conn)
783 hci_acl_connect(conn);
784
785 hci_dev_unlock(hdev);
786}
787
9eba32b8
MH		 788void hci_conn_hold_device(struct hci_conn *conn)
789{
790 atomic_inc(&conn->devref);
791}
792EXPORT_SYMBOL(hci_conn_hold_device);
793
794void hci_conn_put_device(struct hci_conn *conn)
795{
796 if (atomic_dec_and_test(&conn->devref))
797 hci_conn_del_sysfs(conn);
798}
799EXPORT_SYMBOL(hci_conn_put_device);
800
1da177e4
LT		 801int hci_get_conn_list(void __user *arg)
802{
fc5fef61 803 struct hci_conn *c;
1da177e4
LT		 804 struct hci_conn_list_req req, *cl;
805 struct hci_conn_info *ci;
806 struct hci_dev *hdev;
1da177e4
LT		 807 int n = 0, size, err;
808
809 if (copy_from_user(&req, arg, sizeof(req)))
810 return -EFAULT;
811
812 if (!req.conn_num || req.conn_num > (PAGE_SIZE * 2) / sizeof(*ci))
813 return -EINVAL;
814
815 size = sizeof(req) + req.conn_num * sizeof(*ci);
816
70f23020
AE		 817 cl = kmalloc(size, GFP_KERNEL);
818 if (!cl)
1da177e4
LT		 819 return -ENOMEM;
820
70f23020
AE		 821 hdev = hci_dev_get(req.dev_id);
822 if (!hdev) {
1da177e4
LT		 823 kfree(cl);
824 return -ENODEV;
825 }
826
827 ci = cl->conn_info;
828
09fd0de5 829 hci_dev_lock(hdev);
8035ded4 830 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1da177e4
LT		 831 bacpy(&(ci + n)->bdaddr, &c->dst);
832 (ci + n)->handle = c->handle;
833 (ci + n)->type = c->type;
834 (ci + n)->out = c->out;
835 (ci + n)->state = c->state;
836 (ci + n)->link_mode = c->link_mode;
837 if (++n >= req.conn_num)
838 break;
839 }
09fd0de5 840 hci_dev_unlock(hdev);
1da177e4
LT		 841
842 cl->dev_id = hdev->id;
843 cl->conn_num = n;
844 size = sizeof(req) + n * sizeof(*ci);
845
846 hci_dev_put(hdev);
847
848 err = copy_to_user(arg, cl, size);
849 kfree(cl);
850
851 return err ? -EFAULT : 0;
852}
853
854int hci_get_conn_info(struct hci_dev *hdev, void __user *arg)
855{
856 struct hci_conn_info_req req;
857 struct hci_conn_info ci;
858 struct hci_conn *conn;
859 char __user *ptr = arg + sizeof(req);
860
861 if (copy_from_user(&req, arg, sizeof(req)))
862 return -EFAULT;
863
09fd0de5 864 hci_dev_lock(hdev);
1da177e4
LT		 865 conn = hci_conn_hash_lookup_ba(hdev, req.type, &req.bdaddr);
866 if (conn) {
867 bacpy(&ci.bdaddr, &conn->dst);
868 ci.handle = conn->handle;
869 ci.type = conn->type;
870 ci.out = conn->out;
871 ci.state = conn->state;
872 ci.link_mode = conn->link_mode;
873 }
09fd0de5 874 hci_dev_unlock(hdev);
1da177e4
LT		 875
876 if (!conn)
877 return -ENOENT;
878
879 return copy_to_user(ptr, &ci, sizeof(ci)) ? -EFAULT : 0;
880}
40be492f
MH		 881
882int hci_get_auth_info(struct hci_dev *hdev, void __user *arg)
883{
884 struct hci_auth_info_req req;
885 struct hci_conn *conn;
886
887 if (copy_from_user(&req, arg, sizeof(req)))
888 return -EFAULT;
889
09fd0de5 890 hci_dev_lock(hdev);
40be492f
MH		 891 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &req.bdaddr);
892 if (conn)
893 req.type = conn->auth_type;
09fd0de5 894 hci_dev_unlock(hdev);
40be492f
MH		 895
896 if (!conn)
897 return -ENOENT;
898
899 return copy_to_user(arg, &req, sizeof(req)) ? -EFAULT : 0;
900}
73d80deb
LAD		 901
902struct hci_chan *hci_chan_create(struct hci_conn *conn)
903{
904 struct hci_dev *hdev = conn->hdev;
905 struct hci_chan *chan;
906
907 BT_DBG("%s conn %p", hdev->name, conn);
908
75d7735c 909 chan = kzalloc(sizeof(struct hci_chan), GFP_KERNEL);
73d80deb
LAD		 910 if (!chan)
911 return NULL;
912
913 chan->conn = conn;
914 skb_queue_head_init(&chan->data_q);
915
8192edef 916 list_add_rcu(&chan->list, &conn->chan_list);
73d80deb
LAD		 917
918 return chan;
919}
920
921int hci_chan_del(struct hci_chan *chan)
922{
923 struct hci_conn *conn = chan->conn;
924 struct hci_dev *hdev = conn->hdev;
925
926 BT_DBG("%s conn %p chan %p", hdev->name, conn, chan);
927
8192edef
GP		 928 list_del_rcu(&chan->list);
929
930 synchronize_rcu();
73d80deb
LAD		 931
932 skb_queue_purge(&chan->data_q);
933 kfree(chan);
934
935 return 0;
936}
937
2c33c06a 938void hci_chan_list_flush(struct hci_conn *conn)
73d80deb 939{
2a5a5ec6 940 struct hci_chan *chan, *n;
73d80deb
LAD		 941
942 BT_DBG("conn %p", conn);
943
2a5a5ec6 944 list_for_each_entry_safe(chan, n, &conn->chan_list, list)
73d80deb
LAD		 945 hci_chan_del(chan);
946}
Linux 6.x block layer and io_uring tree(s)