Commit | Line | Data |
---|---|---|
8e87d142 | 1 | /* |
1da177e4 LT |
2 | HIDP implementation for Linux Bluetooth stack (BlueZ). |
3 | Copyright (C) 2003-2004 Marcel Holtmann <marcel@holtmann.org> | |
4 | ||
5 | This program is free software; you can redistribute it and/or modify | |
6 | it under the terms of the GNU General Public License version 2 as | |
7 | published by the Free Software Foundation; | |
8 | ||
9 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | |
10 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
11 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | |
12 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | |
8e87d142 YH |
13 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES |
14 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | |
15 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | |
1da177e4 LT |
16 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
17 | ||
8e87d142 YH |
18 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, |
19 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | |
1da177e4 LT |
20 | SOFTWARE IS DISCLAIMED. |
21 | */ | |
22 | ||
1da177e4 LT |
23 | #include <linux/module.h> |
24 | ||
25 | #include <linux/types.h> | |
26 | #include <linux/errno.h> | |
27 | #include <linux/kernel.h> | |
1da177e4 LT |
28 | #include <linux/sched.h> |
29 | #include <linux/slab.h> | |
30 | #include <linux/poll.h> | |
83144186 | 31 | #include <linux/freezer.h> |
1da177e4 LT |
32 | #include <linux/fcntl.h> |
33 | #include <linux/skbuff.h> | |
34 | #include <linux/socket.h> | |
35 | #include <linux/ioctl.h> | |
36 | #include <linux/file.h> | |
37 | #include <linux/init.h> | |
38 | #include <linux/wait.h> | |
39 | #include <net/sock.h> | |
40 | ||
41 | #include <linux/input.h> | |
e1aaadd4 | 42 | #include <linux/hid.h> |
364f6351 | 43 | #include <linux/hidraw.h> |
1da177e4 LT |
44 | |
45 | #include <net/bluetooth/bluetooth.h> | |
0a85b964 | 46 | #include <net/bluetooth/hci_core.h> |
1da177e4 LT |
47 | #include <net/bluetooth/l2cap.h> |
48 | ||
49 | #include "hidp.h" | |
50 | ||
e1aaadd4 | 51 | #define VERSION "1.2" |
1da177e4 LT |
52 | |
53 | static DECLARE_RWSEM(hidp_session_sem); | |
54 | static LIST_HEAD(hidp_session_list); | |
55 | ||
56 | static unsigned char hidp_keycode[256] = { | |
57 | 0, 0, 0, 0, 30, 48, 46, 32, 18, 33, 34, 35, 23, 36, 37, 38, | |
58 | 50, 49, 24, 25, 16, 19, 31, 20, 22, 47, 17, 45, 21, 44, 2, 3, | |
59 | 4, 5, 6, 7, 8, 9, 10, 11, 28, 1, 14, 15, 57, 12, 13, 26, | |
60 | 27, 43, 43, 39, 40, 41, 51, 52, 53, 58, 59, 60, 61, 62, 63, 64, | |
61 | 65, 66, 67, 68, 87, 88, 99, 70,119,110,102,104,111,107,109,106, | |
62 | 105,108,103, 69, 98, 55, 74, 78, 96, 79, 80, 81, 75, 76, 77, 71, | |
63 | 72, 73, 82, 83, 86,127,116,117,183,184,185,186,187,188,189,190, | |
64 | 191,192,193,194,134,138,130,132,128,129,131,137,133,135,136,113, | |
65 | 115,114, 0, 0, 0,121, 0, 89, 93,124, 92, 94, 95, 0, 0, 0, | |
66 | 122,123, 90, 91, 85, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
67 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
68 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
69 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
70 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
71 | 29, 42, 56,125, 97, 54,100,126,164,166,165,163,161,115,114,113, | |
72 | 150,158,159,128,136,177,178,176,142,152,173,140 | |
73 | }; | |
74 | ||
75 | static unsigned char hidp_mkeyspat[] = { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }; | |
76 | ||
77 | static struct hidp_session *__hidp_get_session(bdaddr_t *bdaddr) | |
78 | { | |
79 | struct hidp_session *session; | |
80 | struct list_head *p; | |
81 | ||
82 | BT_DBG(""); | |
83 | ||
84 | list_for_each(p, &hidp_session_list) { | |
85 | session = list_entry(p, struct hidp_session, list); | |
86 | if (!bacmp(bdaddr, &session->bdaddr)) | |
87 | return session; | |
88 | } | |
89 | return NULL; | |
90 | } | |
91 | ||
92 | static void __hidp_link_session(struct hidp_session *session) | |
93 | { | |
94 | __module_get(THIS_MODULE); | |
95 | list_add(&session->list, &hidp_session_list); | |
edad6388 MH |
96 | |
97 | hci_conn_hold_device(session->conn); | |
1da177e4 LT |
98 | } |
99 | ||
100 | static void __hidp_unlink_session(struct hidp_session *session) | |
101 | { | |
edad6388 MH |
102 | hci_conn_put_device(session->conn); |
103 | ||
1da177e4 LT |
104 | list_del(&session->list); |
105 | module_put(THIS_MODULE); | |
106 | } | |
107 | ||
108 | static void __hidp_copy_session(struct hidp_session *session, struct hidp_conninfo *ci) | |
109 | { | |
110 | bacpy(&ci->bdaddr, &session->bdaddr); | |
111 | ||
112 | ci->flags = session->flags; | |
113 | ci->state = session->state; | |
114 | ||
115 | ci->vendor = 0x0000; | |
116 | ci->product = 0x0000; | |
117 | ci->version = 0x0000; | |
118 | memset(ci->name, 0, 128); | |
119 | ||
120 | if (session->input) { | |
121 | ci->vendor = session->input->id.vendor; | |
122 | ci->product = session->input->id.product; | |
123 | ci->version = session->input->id.version; | |
124 | if (session->input->name) | |
125 | strncpy(ci->name, session->input->name, 128); | |
126 | else | |
127 | strncpy(ci->name, "HID Boot Device", 128); | |
128 | } | |
e1aaadd4 MH |
129 | |
130 | if (session->hid) { | |
131 | ci->vendor = session->hid->vendor; | |
132 | ci->product = session->hid->product; | |
133 | ci->version = session->hid->version; | |
134 | strncpy(ci->name, session->hid->name, 128); | |
135 | } | |
1da177e4 LT |
136 | } |
137 | ||
91f5cca3 AM |
138 | static int hidp_queue_event(struct hidp_session *session, struct input_dev *dev, |
139 | unsigned int type, unsigned int code, int value) | |
1da177e4 | 140 | { |
1da177e4 | 141 | unsigned char newleds; |
e1aaadd4 | 142 | struct sk_buff *skb; |
1da177e4 | 143 | |
e1aaadd4 | 144 | BT_DBG("session %p type %d code %d value %d", session, type, code, value); |
1da177e4 LT |
145 | |
146 | if (type != EV_LED) | |
147 | return -1; | |
148 | ||
149 | newleds = (!!test_bit(LED_KANA, dev->led) << 3) | | |
150 | (!!test_bit(LED_COMPOSE, dev->led) << 3) | | |
151 | (!!test_bit(LED_SCROLLL, dev->led) << 2) | | |
152 | (!!test_bit(LED_CAPSL, dev->led) << 1) | | |
153 | (!!test_bit(LED_NUML, dev->led)); | |
154 | ||
155 | if (session->leds == newleds) | |
156 | return 0; | |
157 | ||
158 | session->leds = newleds; | |
159 | ||
160 | if (!(skb = alloc_skb(3, GFP_ATOMIC))) { | |
161 | BT_ERR("Can't allocate memory for new frame"); | |
162 | return -ENOMEM; | |
163 | } | |
164 | ||
165 | *skb_put(skb, 1) = HIDP_TRANS_DATA | HIDP_DATA_RTYPE_OUPUT; | |
166 | *skb_put(skb, 1) = 0x01; | |
167 | *skb_put(skb, 1) = newleds; | |
168 | ||
169 | skb_queue_tail(&session->intr_transmit, skb); | |
170 | ||
171 | hidp_schedule(session); | |
172 | ||
173 | return 0; | |
174 | } | |
175 | ||
e1aaadd4 MH |
176 | static int hidp_hidinput_event(struct input_dev *dev, unsigned int type, unsigned int code, int value) |
177 | { | |
5be39466 | 178 | struct hid_device *hid = input_get_drvdata(dev); |
e1aaadd4 MH |
179 | struct hidp_session *session = hid->driver_data; |
180 | ||
181 | return hidp_queue_event(session, dev, type, code, value); | |
182 | } | |
183 | ||
184 | static int hidp_input_event(struct input_dev *dev, unsigned int type, unsigned int code, int value) | |
185 | { | |
5be39466 | 186 | struct hidp_session *session = input_get_drvdata(dev); |
e1aaadd4 MH |
187 | |
188 | return hidp_queue_event(session, dev, type, code, value); | |
189 | } | |
190 | ||
1da177e4 LT |
191 | static void hidp_input_report(struct hidp_session *session, struct sk_buff *skb) |
192 | { | |
193 | struct input_dev *dev = session->input; | |
194 | unsigned char *keys = session->keys; | |
195 | unsigned char *udata = skb->data + 1; | |
196 | signed char *sdata = skb->data + 1; | |
197 | int i, size = skb->len - 1; | |
198 | ||
199 | switch (skb->data[0]) { | |
200 | case 0x01: /* Keyboard report */ | |
201 | for (i = 0; i < 8; i++) | |
202 | input_report_key(dev, hidp_keycode[i + 224], (udata[0] >> i) & 1); | |
203 | ||
204 | /* If all the key codes have been set to 0x01, it means | |
205 | * too many keys were pressed at the same time. */ | |
206 | if (!memcmp(udata + 2, hidp_mkeyspat, 6)) | |
207 | break; | |
208 | ||
209 | for (i = 2; i < 8; i++) { | |
210 | if (keys[i] > 3 && memscan(udata + 2, keys[i], 6) == udata + 8) { | |
211 | if (hidp_keycode[keys[i]]) | |
212 | input_report_key(dev, hidp_keycode[keys[i]], 0); | |
213 | else | |
214 | BT_ERR("Unknown key (scancode %#x) released.", keys[i]); | |
215 | } | |
216 | ||
217 | if (udata[i] > 3 && memscan(keys + 2, udata[i], 6) == keys + 8) { | |
218 | if (hidp_keycode[udata[i]]) | |
219 | input_report_key(dev, hidp_keycode[udata[i]], 1); | |
220 | else | |
221 | BT_ERR("Unknown key (scancode %#x) pressed.", udata[i]); | |
222 | } | |
223 | } | |
224 | ||
225 | memcpy(keys, udata, 8); | |
226 | break; | |
227 | ||
228 | case 0x02: /* Mouse report */ | |
229 | input_report_key(dev, BTN_LEFT, sdata[0] & 0x01); | |
230 | input_report_key(dev, BTN_RIGHT, sdata[0] & 0x02); | |
231 | input_report_key(dev, BTN_MIDDLE, sdata[0] & 0x04); | |
232 | input_report_key(dev, BTN_SIDE, sdata[0] & 0x08); | |
233 | input_report_key(dev, BTN_EXTRA, sdata[0] & 0x10); | |
234 | ||
235 | input_report_rel(dev, REL_X, sdata[1]); | |
236 | input_report_rel(dev, REL_Y, sdata[2]); | |
237 | ||
238 | if (size > 3) | |
239 | input_report_rel(dev, REL_WHEEL, sdata[3]); | |
240 | break; | |
241 | } | |
242 | ||
243 | input_sync(dev); | |
244 | } | |
245 | ||
91f5cca3 AM |
246 | static int hidp_queue_report(struct hidp_session *session, |
247 | unsigned char *data, int size) | |
e1aaadd4 MH |
248 | { |
249 | struct sk_buff *skb; | |
250 | ||
6792b5ec | 251 | BT_DBG("session %p hid %p data %p size %d", session, session->hid, data, size); |
e1aaadd4 MH |
252 | |
253 | if (!(skb = alloc_skb(size + 1, GFP_ATOMIC))) { | |
254 | BT_ERR("Can't allocate memory for new frame"); | |
255 | return -ENOMEM; | |
256 | } | |
257 | ||
258 | *skb_put(skb, 1) = 0xa2; | |
259 | if (size > 0) | |
260 | memcpy(skb_put(skb, size), data, size); | |
261 | ||
262 | skb_queue_tail(&session->intr_transmit, skb); | |
263 | ||
264 | hidp_schedule(session); | |
265 | ||
266 | return 0; | |
267 | } | |
268 | ||
269 | static int hidp_send_report(struct hidp_session *session, struct hid_report *report) | |
270 | { | |
271 | unsigned char buf[32]; | |
272 | int rsize; | |
273 | ||
274 | rsize = ((report->size - 1) >> 3) + 1 + (report->id > 0); | |
275 | if (rsize > sizeof(buf)) | |
276 | return -EIO; | |
277 | ||
278 | hid_output_report(report, buf); | |
279 | ||
280 | return hidp_queue_report(session, buf, rsize); | |
281 | } | |
282 | ||
1da177e4 LT |
283 | static void hidp_idle_timeout(unsigned long arg) |
284 | { | |
285 | struct hidp_session *session = (struct hidp_session *) arg; | |
286 | ||
287 | atomic_inc(&session->terminate); | |
288 | hidp_schedule(session); | |
289 | } | |
290 | ||
91f5cca3 | 291 | static void hidp_set_timer(struct hidp_session *session) |
1da177e4 LT |
292 | { |
293 | if (session->idle_to > 0) | |
294 | mod_timer(&session->timer, jiffies + HZ * session->idle_to); | |
295 | } | |
296 | ||
297 | static inline void hidp_del_timer(struct hidp_session *session) | |
298 | { | |
299 | if (session->idle_to > 0) | |
300 | del_timer(&session->timer); | |
301 | } | |
302 | ||
303 | static int __hidp_send_ctrl_message(struct hidp_session *session, | |
304 | unsigned char hdr, unsigned char *data, int size) | |
305 | { | |
306 | struct sk_buff *skb; | |
307 | ||
308 | BT_DBG("session %p data %p size %d", session, data, size); | |
309 | ||
310 | if (!(skb = alloc_skb(size + 1, GFP_ATOMIC))) { | |
311 | BT_ERR("Can't allocate memory for new frame"); | |
312 | return -ENOMEM; | |
313 | } | |
314 | ||
315 | *skb_put(skb, 1) = hdr; | |
316 | if (data && size > 0) | |
317 | memcpy(skb_put(skb, size), data, size); | |
318 | ||
319 | skb_queue_tail(&session->ctrl_transmit, skb); | |
320 | ||
321 | return 0; | |
322 | } | |
323 | ||
b6f99a21 | 324 | static inline int hidp_send_ctrl_message(struct hidp_session *session, |
1da177e4 LT |
325 | unsigned char hdr, unsigned char *data, int size) |
326 | { | |
327 | int err; | |
328 | ||
329 | err = __hidp_send_ctrl_message(session, hdr, data, size); | |
330 | ||
331 | hidp_schedule(session); | |
332 | ||
333 | return err; | |
334 | } | |
335 | ||
91f5cca3 AM |
336 | static void hidp_process_handshake(struct hidp_session *session, |
337 | unsigned char param) | |
1da177e4 LT |
338 | { |
339 | BT_DBG("session %p param 0x%02x", session, param); | |
340 | ||
341 | switch (param) { | |
342 | case HIDP_HSHK_SUCCESSFUL: | |
343 | /* FIXME: Call into SET_ GET_ handlers here */ | |
344 | break; | |
345 | ||
346 | case HIDP_HSHK_NOT_READY: | |
347 | case HIDP_HSHK_ERR_INVALID_REPORT_ID: | |
348 | case HIDP_HSHK_ERR_UNSUPPORTED_REQUEST: | |
349 | case HIDP_HSHK_ERR_INVALID_PARAMETER: | |
350 | /* FIXME: Call into SET_ GET_ handlers here */ | |
351 | break; | |
352 | ||
353 | case HIDP_HSHK_ERR_UNKNOWN: | |
354 | break; | |
355 | ||
356 | case HIDP_HSHK_ERR_FATAL: | |
357 | /* Device requests a reboot, as this is the only way this error | |
8e87d142 | 358 | * can be recovered. */ |
1da177e4 LT |
359 | __hidp_send_ctrl_message(session, |
360 | HIDP_TRANS_HID_CONTROL | HIDP_CTRL_SOFT_RESET, NULL, 0); | |
361 | break; | |
362 | ||
363 | default: | |
364 | __hidp_send_ctrl_message(session, | |
365 | HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0); | |
366 | break; | |
367 | } | |
368 | } | |
369 | ||
91f5cca3 AM |
370 | static void hidp_process_hid_control(struct hidp_session *session, |
371 | unsigned char param) | |
1da177e4 LT |
372 | { |
373 | BT_DBG("session %p param 0x%02x", session, param); | |
374 | ||
eff001e3 | 375 | if (param == HIDP_CTRL_VIRTUAL_CABLE_UNPLUG) { |
1da177e4 LT |
376 | /* Flush the transmit queues */ |
377 | skb_queue_purge(&session->ctrl_transmit); | |
378 | skb_queue_purge(&session->intr_transmit); | |
379 | ||
380 | /* Kill session thread */ | |
381 | atomic_inc(&session->terminate); | |
981b1414 | 382 | hidp_schedule(session); |
1da177e4 LT |
383 | } |
384 | } | |
385 | ||
91f5cca3 AM |
386 | static void hidp_process_data(struct hidp_session *session, struct sk_buff *skb, |
387 | unsigned char param) | |
1da177e4 LT |
388 | { |
389 | BT_DBG("session %p skb %p len %d param 0x%02x", session, skb, skb->len, param); | |
390 | ||
391 | switch (param) { | |
392 | case HIDP_DATA_RTYPE_INPUT: | |
393 | hidp_set_timer(session); | |
394 | ||
395 | if (session->input) | |
396 | hidp_input_report(session, skb); | |
e1aaadd4 MH |
397 | |
398 | if (session->hid) | |
399 | hid_input_report(session->hid, HID_INPUT_REPORT, skb->data, skb->len, 0); | |
400 | ||
1da177e4 LT |
401 | break; |
402 | ||
403 | case HIDP_DATA_RTYPE_OTHER: | |
404 | case HIDP_DATA_RTYPE_OUPUT: | |
405 | case HIDP_DATA_RTYPE_FEATURE: | |
406 | break; | |
407 | ||
408 | default: | |
409 | __hidp_send_ctrl_message(session, | |
410 | HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0); | |
411 | } | |
412 | } | |
413 | ||
91f5cca3 AM |
414 | static void hidp_recv_ctrl_frame(struct hidp_session *session, |
415 | struct sk_buff *skb) | |
1da177e4 LT |
416 | { |
417 | unsigned char hdr, type, param; | |
418 | ||
419 | BT_DBG("session %p skb %p len %d", session, skb, skb->len); | |
420 | ||
421 | hdr = skb->data[0]; | |
422 | skb_pull(skb, 1); | |
423 | ||
424 | type = hdr & HIDP_HEADER_TRANS_MASK; | |
425 | param = hdr & HIDP_HEADER_PARAM_MASK; | |
426 | ||
427 | switch (type) { | |
428 | case HIDP_TRANS_HANDSHAKE: | |
429 | hidp_process_handshake(session, param); | |
430 | break; | |
431 | ||
432 | case HIDP_TRANS_HID_CONTROL: | |
433 | hidp_process_hid_control(session, param); | |
434 | break; | |
435 | ||
436 | case HIDP_TRANS_DATA: | |
437 | hidp_process_data(session, skb, param); | |
438 | break; | |
439 | ||
440 | default: | |
441 | __hidp_send_ctrl_message(session, | |
442 | HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_UNSUPPORTED_REQUEST, NULL, 0); | |
443 | break; | |
444 | } | |
445 | ||
446 | kfree_skb(skb); | |
447 | } | |
448 | ||
91f5cca3 AM |
449 | static void hidp_recv_intr_frame(struct hidp_session *session, |
450 | struct sk_buff *skb) | |
1da177e4 LT |
451 | { |
452 | unsigned char hdr; | |
453 | ||
454 | BT_DBG("session %p skb %p len %d", session, skb, skb->len); | |
455 | ||
456 | hdr = skb->data[0]; | |
457 | skb_pull(skb, 1); | |
458 | ||
459 | if (hdr == (HIDP_TRANS_DATA | HIDP_DATA_RTYPE_INPUT)) { | |
460 | hidp_set_timer(session); | |
e1aaadd4 | 461 | |
1da177e4 LT |
462 | if (session->input) |
463 | hidp_input_report(session, skb); | |
e1aaadd4 MH |
464 | |
465 | if (session->hid) { | |
466 | hid_input_report(session->hid, HID_INPUT_REPORT, skb->data, skb->len, 1); | |
467 | BT_DBG("report len %d", skb->len); | |
468 | } | |
1da177e4 LT |
469 | } else { |
470 | BT_DBG("Unsupported protocol header 0x%02x", hdr); | |
471 | } | |
472 | ||
473 | kfree_skb(skb); | |
474 | } | |
475 | ||
476 | static int hidp_send_frame(struct socket *sock, unsigned char *data, int len) | |
477 | { | |
478 | struct kvec iv = { data, len }; | |
479 | struct msghdr msg; | |
480 | ||
481 | BT_DBG("sock %p data %p len %d", sock, data, len); | |
482 | ||
483 | if (!len) | |
484 | return 0; | |
485 | ||
486 | memset(&msg, 0, sizeof(msg)); | |
487 | ||
488 | return kernel_sendmsg(sock, &msg, &iv, 1, len); | |
489 | } | |
490 | ||
b03efcfb | 491 | static void hidp_process_transmit(struct hidp_session *session) |
1da177e4 LT |
492 | { |
493 | struct sk_buff *skb; | |
494 | ||
495 | BT_DBG("session %p", session); | |
496 | ||
497 | while ((skb = skb_dequeue(&session->ctrl_transmit))) { | |
498 | if (hidp_send_frame(session->ctrl_sock, skb->data, skb->len) < 0) { | |
499 | skb_queue_head(&session->ctrl_transmit, skb); | |
500 | break; | |
501 | } | |
502 | ||
503 | hidp_set_timer(session); | |
504 | kfree_skb(skb); | |
505 | } | |
506 | ||
507 | while ((skb = skb_dequeue(&session->intr_transmit))) { | |
508 | if (hidp_send_frame(session->intr_sock, skb->data, skb->len) < 0) { | |
509 | skb_queue_head(&session->intr_transmit, skb); | |
510 | break; | |
511 | } | |
512 | ||
513 | hidp_set_timer(session); | |
514 | kfree_skb(skb); | |
515 | } | |
1da177e4 LT |
516 | } |
517 | ||
518 | static int hidp_session(void *arg) | |
519 | { | |
520 | struct hidp_session *session = arg; | |
521 | struct sock *ctrl_sk = session->ctrl_sock->sk; | |
522 | struct sock *intr_sk = session->intr_sock->sk; | |
523 | struct sk_buff *skb; | |
524 | int vendor = 0x0000, product = 0x0000; | |
525 | wait_queue_t ctrl_wait, intr_wait; | |
526 | ||
527 | BT_DBG("session %p", session); | |
528 | ||
529 | if (session->input) { | |
530 | vendor = session->input->id.vendor; | |
531 | product = session->input->id.product; | |
532 | } | |
533 | ||
e1aaadd4 MH |
534 | if (session->hid) { |
535 | vendor = session->hid->vendor; | |
536 | product = session->hid->product; | |
537 | } | |
538 | ||
1da177e4 LT |
539 | daemonize("khidpd_%04x%04x", vendor, product); |
540 | set_user_nice(current, -15); | |
1da177e4 LT |
541 | |
542 | init_waitqueue_entry(&ctrl_wait, current); | |
543 | init_waitqueue_entry(&intr_wait, current); | |
544 | add_wait_queue(ctrl_sk->sk_sleep, &ctrl_wait); | |
545 | add_wait_queue(intr_sk->sk_sleep, &intr_wait); | |
546 | while (!atomic_read(&session->terminate)) { | |
547 | set_current_state(TASK_INTERRUPTIBLE); | |
548 | ||
549 | if (ctrl_sk->sk_state != BT_CONNECTED || intr_sk->sk_state != BT_CONNECTED) | |
550 | break; | |
551 | ||
552 | while ((skb = skb_dequeue(&ctrl_sk->sk_receive_queue))) { | |
553 | skb_orphan(skb); | |
554 | hidp_recv_ctrl_frame(session, skb); | |
555 | } | |
556 | ||
557 | while ((skb = skb_dequeue(&intr_sk->sk_receive_queue))) { | |
558 | skb_orphan(skb); | |
559 | hidp_recv_intr_frame(session, skb); | |
560 | } | |
561 | ||
562 | hidp_process_transmit(session); | |
563 | ||
564 | schedule(); | |
565 | } | |
566 | set_current_state(TASK_RUNNING); | |
567 | remove_wait_queue(intr_sk->sk_sleep, &intr_wait); | |
568 | remove_wait_queue(ctrl_sk->sk_sleep, &ctrl_wait); | |
569 | ||
570 | down_write(&hidp_session_sem); | |
571 | ||
572 | hidp_del_timer(session); | |
573 | ||
1da177e4 LT |
574 | if (session->input) { |
575 | input_unregister_device(session->input); | |
34abf91f | 576 | session->input = NULL; |
1da177e4 LT |
577 | } |
578 | ||
e1aaadd4 | 579 | if (session->hid) { |
85cdaf52 | 580 | hid_destroy_device(session->hid); |
edad6388 | 581 | session->hid = NULL; |
e1aaadd4 MH |
582 | } |
583 | ||
ec8dab36 MH |
584 | /* Wakeup user-space polling for socket errors */ |
585 | session->intr_sock->sk->sk_err = EUNATCH; | |
586 | session->ctrl_sock->sk->sk_err = EUNATCH; | |
587 | ||
588 | hidp_schedule(session); | |
589 | ||
1c39858b DW |
590 | fput(session->intr_sock->file); |
591 | ||
592 | wait_event_timeout(*(ctrl_sk->sk_sleep), | |
593 | (ctrl_sk->sk_state == BT_CLOSED), msecs_to_jiffies(500)); | |
594 | ||
595 | fput(session->ctrl_sock->file); | |
596 | ||
597 | __hidp_unlink_session(session); | |
598 | ||
1da177e4 LT |
599 | up_write(&hidp_session_sem); |
600 | ||
601 | kfree(session); | |
602 | return 0; | |
603 | } | |
604 | ||
0a85b964 MH |
605 | static struct device *hidp_get_device(struct hidp_session *session) |
606 | { | |
607 | bdaddr_t *src = &bt_sk(session->ctrl_sock->sk)->src; | |
608 | bdaddr_t *dst = &bt_sk(session->ctrl_sock->sk)->dst; | |
edad6388 | 609 | struct device *device = NULL; |
0a85b964 | 610 | struct hci_dev *hdev; |
0a85b964 MH |
611 | |
612 | hdev = hci_get_route(dst, src); | |
613 | if (!hdev) | |
614 | return NULL; | |
615 | ||
edad6388 MH |
616 | session->conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst); |
617 | if (session->conn) | |
618 | device = &session->conn->dev; | |
0a85b964 MH |
619 | |
620 | hci_dev_put(hdev); | |
621 | ||
edad6388 | 622 | return device; |
0a85b964 MH |
623 | } |
624 | ||
91f5cca3 AM |
625 | static int hidp_setup_input(struct hidp_session *session, |
626 | struct hidp_connadd_req *req) | |
1da177e4 | 627 | { |
c500c971 | 628 | struct input_dev *input; |
edad6388 | 629 | int err, i; |
1da177e4 | 630 | |
c500c971 JS |
631 | input = input_allocate_device(); |
632 | if (!input) | |
633 | return -ENOMEM; | |
634 | ||
635 | session->input = input; | |
636 | ||
5be39466 | 637 | input_set_drvdata(input, session); |
1da177e4 | 638 | |
34abf91f DT |
639 | input->name = "Bluetooth HID Boot Protocol Device"; |
640 | ||
1da177e4 LT |
641 | input->id.bustype = BUS_BLUETOOTH; |
642 | input->id.vendor = req->vendor; | |
643 | input->id.product = req->product; | |
644 | input->id.version = req->version; | |
645 | ||
646 | if (req->subclass & 0x40) { | |
647 | set_bit(EV_KEY, input->evbit); | |
648 | set_bit(EV_LED, input->evbit); | |
649 | set_bit(EV_REP, input->evbit); | |
650 | ||
651 | set_bit(LED_NUML, input->ledbit); | |
652 | set_bit(LED_CAPSL, input->ledbit); | |
653 | set_bit(LED_SCROLLL, input->ledbit); | |
654 | set_bit(LED_COMPOSE, input->ledbit); | |
655 | set_bit(LED_KANA, input->ledbit); | |
656 | ||
657 | for (i = 0; i < sizeof(hidp_keycode); i++) | |
658 | set_bit(hidp_keycode[i], input->keybit); | |
659 | clear_bit(0, input->keybit); | |
660 | } | |
661 | ||
662 | if (req->subclass & 0x80) { | |
7b19ada2 JS |
663 | input->evbit[0] = BIT_MASK(EV_KEY) | BIT_MASK(EV_REL); |
664 | input->keybit[BIT_WORD(BTN_MOUSE)] = BIT_MASK(BTN_LEFT) | | |
665 | BIT_MASK(BTN_RIGHT) | BIT_MASK(BTN_MIDDLE); | |
666 | input->relbit[0] = BIT_MASK(REL_X) | BIT_MASK(REL_Y); | |
667 | input->keybit[BIT_WORD(BTN_MOUSE)] |= BIT_MASK(BTN_SIDE) | | |
668 | BIT_MASK(BTN_EXTRA); | |
669 | input->relbit[0] |= BIT_MASK(REL_WHEEL); | |
1da177e4 LT |
670 | } |
671 | ||
5be39466 | 672 | input->dev.parent = hidp_get_device(session); |
0a85b964 | 673 | |
1da177e4 LT |
674 | input->event = hidp_input_event; |
675 | ||
edad6388 MH |
676 | err = input_register_device(input); |
677 | if (err < 0) { | |
678 | hci_conn_put_device(session->conn); | |
679 | return err; | |
680 | } | |
681 | ||
682 | return 0; | |
1da177e4 LT |
683 | } |
684 | ||
f5ffd462 MH |
685 | static int hidp_open(struct hid_device *hid) |
686 | { | |
687 | return 0; | |
688 | } | |
689 | ||
690 | static void hidp_close(struct hid_device *hid) | |
691 | { | |
692 | } | |
693 | ||
c500c971 JS |
694 | static int hidp_parse(struct hid_device *hid) |
695 | { | |
696 | struct hidp_session *session = hid->driver_data; | |
697 | struct hidp_connadd_req *req = session->req; | |
698 | unsigned char *buf; | |
699 | int ret; | |
700 | ||
701 | buf = kmalloc(req->rd_size, GFP_KERNEL); | |
702 | if (!buf) | |
703 | return -ENOMEM; | |
704 | ||
705 | if (copy_from_user(buf, req->rd_data, req->rd_size)) { | |
706 | kfree(buf); | |
707 | return -EFAULT; | |
708 | } | |
709 | ||
710 | ret = hid_parse_report(session->hid, buf, req->rd_size); | |
711 | ||
712 | kfree(buf); | |
713 | ||
714 | if (ret) | |
715 | return ret; | |
716 | ||
717 | session->req = NULL; | |
718 | ||
c500c971 JS |
719 | return 0; |
720 | } | |
721 | ||
722 | static int hidp_start(struct hid_device *hid) | |
723 | { | |
724 | struct hidp_session *session = hid->driver_data; | |
725 | struct hid_report *report; | |
726 | ||
727 | list_for_each_entry(report, &hid->report_enum[HID_INPUT_REPORT]. | |
728 | report_list, list) | |
729 | hidp_send_report(session, report); | |
730 | ||
731 | list_for_each_entry(report, &hid->report_enum[HID_FEATURE_REPORT]. | |
732 | report_list, list) | |
733 | hidp_send_report(session, report); | |
734 | ||
c500c971 JS |
735 | return 0; |
736 | } | |
737 | ||
738 | static void hidp_stop(struct hid_device *hid) | |
739 | { | |
740 | struct hidp_session *session = hid->driver_data; | |
741 | ||
742 | skb_queue_purge(&session->ctrl_transmit); | |
743 | skb_queue_purge(&session->intr_transmit); | |
744 | ||
c500c971 JS |
745 | hid->claimed = 0; |
746 | } | |
747 | ||
748 | static struct hid_ll_driver hidp_hid_driver = { | |
749 | .parse = hidp_parse, | |
750 | .start = hidp_start, | |
751 | .stop = hidp_stop, | |
752 | .open = hidp_open, | |
753 | .close = hidp_close, | |
754 | .hidinput_input_event = hidp_hidinput_event, | |
755 | }; | |
756 | ||
85cdaf52 | 757 | static int hidp_setup_hid(struct hidp_session *session, |
91f5cca3 | 758 | struct hidp_connadd_req *req) |
e1aaadd4 | 759 | { |
c500c971 | 760 | struct hid_device *hid; |
e1aaadd4 | 761 | bdaddr_t src, dst; |
edad6388 | 762 | int err; |
e1aaadd4 | 763 | |
c500c971 | 764 | hid = hid_allocate_device(); |
edad6388 MH |
765 | if (IS_ERR(hid)) |
766 | return PTR_ERR(session->hid); | |
e1aaadd4 | 767 | |
c500c971 JS |
768 | session->hid = hid; |
769 | session->req = req; | |
e1aaadd4 MH |
770 | hid->driver_data = session; |
771 | ||
c500c971 JS |
772 | baswap(&src, &bt_sk(session->ctrl_sock->sk)->src); |
773 | baswap(&dst, &bt_sk(session->ctrl_sock->sk)->dst); | |
e1aaadd4 MH |
774 | |
775 | hid->bus = BUS_BLUETOOTH; | |
776 | hid->vendor = req->vendor; | |
777 | hid->product = req->product; | |
778 | hid->version = req->version; | |
c500c971 | 779 | hid->country = req->country; |
e1aaadd4 MH |
780 | |
781 | strncpy(hid->name, req->name, 128); | |
782 | strncpy(hid->phys, batostr(&src), 64); | |
783 | strncpy(hid->uniq, batostr(&dst), 64); | |
784 | ||
85cdaf52 | 785 | hid->dev.parent = hidp_get_device(session); |
c500c971 | 786 | hid->ll_driver = &hidp_hid_driver; |
85cdaf52 | 787 | |
edad6388 MH |
788 | err = hid_add_device(hid); |
789 | if (err < 0) | |
790 | goto failed; | |
85cdaf52 | 791 | |
c500c971 | 792 | return 0; |
edad6388 MH |
793 | |
794 | failed: | |
c500c971 JS |
795 | hid_destroy_device(hid); |
796 | session->hid = NULL; | |
edad6388 MH |
797 | |
798 | return err; | |
e1aaadd4 MH |
799 | } |
800 | ||
1da177e4 LT |
801 | int hidp_add_connection(struct hidp_connadd_req *req, struct socket *ctrl_sock, struct socket *intr_sock) |
802 | { | |
803 | struct hidp_session *session, *s; | |
804 | int err; | |
805 | ||
806 | BT_DBG(""); | |
807 | ||
808 | if (bacmp(&bt_sk(ctrl_sock->sk)->src, &bt_sk(intr_sock->sk)->src) || | |
809 | bacmp(&bt_sk(ctrl_sock->sk)->dst, &bt_sk(intr_sock->sk)->dst)) | |
810 | return -ENOTUNIQ; | |
811 | ||
25ea6db0 | 812 | session = kzalloc(sizeof(struct hidp_session), GFP_KERNEL); |
34abf91f | 813 | if (!session) |
1da177e4 | 814 | return -ENOMEM; |
1da177e4 | 815 | |
e1aaadd4 MH |
816 | BT_DBG("rd_data %p rd_size %d", req->rd_data, req->rd_size); |
817 | ||
1da177e4 LT |
818 | down_write(&hidp_session_sem); |
819 | ||
820 | s = __hidp_get_session(&bt_sk(ctrl_sock->sk)->dst); | |
821 | if (s && s->state == BT_CONNECTED) { | |
822 | err = -EEXIST; | |
823 | goto failed; | |
824 | } | |
825 | ||
826 | bacpy(&session->bdaddr, &bt_sk(ctrl_sock->sk)->dst); | |
827 | ||
828 | session->ctrl_mtu = min_t(uint, l2cap_pi(ctrl_sock->sk)->omtu, l2cap_pi(ctrl_sock->sk)->imtu); | |
829 | session->intr_mtu = min_t(uint, l2cap_pi(intr_sock->sk)->omtu, l2cap_pi(intr_sock->sk)->imtu); | |
830 | ||
831 | BT_DBG("ctrl mtu %d intr mtu %d", session->ctrl_mtu, session->intr_mtu); | |
832 | ||
833 | session->ctrl_sock = ctrl_sock; | |
834 | session->intr_sock = intr_sock; | |
835 | session->state = BT_CONNECTED; | |
836 | ||
b24b8a24 | 837 | setup_timer(&session->timer, hidp_idle_timeout, (unsigned long)session); |
1da177e4 LT |
838 | |
839 | skb_queue_head_init(&session->ctrl_transmit); | |
840 | skb_queue_head_init(&session->intr_transmit); | |
841 | ||
842 | session->flags = req->flags & (1 << HIDP_BLUETOOTH_VENDOR_ID); | |
843 | session->idle_to = req->idle_to; | |
844 | ||
c500c971 | 845 | if (req->rd_size > 0) { |
85cdaf52 | 846 | err = hidp_setup_hid(session, req); |
d458a9df | 847 | if (err && err != -ENODEV) |
edad6388 | 848 | goto purge; |
c500c971 JS |
849 | } |
850 | ||
851 | if (!session->hid) { | |
852 | err = hidp_setup_input(session, req); | |
853 | if (err < 0) | |
edad6388 | 854 | goto purge; |
85cdaf52 | 855 | } |
e1aaadd4 | 856 | |
1da177e4 LT |
857 | __hidp_link_session(session); |
858 | ||
859 | hidp_set_timer(session); | |
860 | ||
861 | err = kernel_thread(hidp_session, session, CLONE_KERNEL); | |
862 | if (err < 0) | |
863 | goto unlink; | |
864 | ||
865 | if (session->input) { | |
866 | hidp_send_ctrl_message(session, | |
867 | HIDP_TRANS_SET_PROTOCOL | HIDP_PROTO_BOOT, NULL, 0); | |
868 | session->flags |= (1 << HIDP_BOOT_PROTOCOL_MODE); | |
869 | ||
870 | session->leds = 0xff; | |
871 | hidp_input_event(session->input, EV_LED, 0, 0); | |
872 | } | |
873 | ||
874 | up_write(&hidp_session_sem); | |
875 | return 0; | |
876 | ||
877 | unlink: | |
878 | hidp_del_timer(session); | |
879 | ||
880 | __hidp_unlink_session(session); | |
881 | ||
edad6388 | 882 | if (session->input) { |
1da177e4 | 883 | input_unregister_device(session->input); |
edad6388 MH |
884 | session->input = NULL; |
885 | } | |
886 | ||
887 | if (session->hid) { | |
85cdaf52 | 888 | hid_destroy_device(session->hid); |
edad6388 MH |
889 | session->hid = NULL; |
890 | } | |
891 | ||
892 | purge: | |
c500c971 JS |
893 | skb_queue_purge(&session->ctrl_transmit); |
894 | skb_queue_purge(&session->intr_transmit); | |
edad6388 | 895 | |
c500c971 JS |
896 | failed: |
897 | up_write(&hidp_session_sem); | |
e1aaadd4 | 898 | |
5be39466 | 899 | input_free_device(session->input); |
1da177e4 LT |
900 | kfree(session); |
901 | return err; | |
902 | } | |
903 | ||
904 | int hidp_del_connection(struct hidp_conndel_req *req) | |
905 | { | |
906 | struct hidp_session *session; | |
907 | int err = 0; | |
908 | ||
909 | BT_DBG(""); | |
910 | ||
911 | down_read(&hidp_session_sem); | |
912 | ||
913 | session = __hidp_get_session(&req->bdaddr); | |
914 | if (session) { | |
915 | if (req->flags & (1 << HIDP_VIRTUAL_CABLE_UNPLUG)) { | |
916 | hidp_send_ctrl_message(session, | |
917 | HIDP_TRANS_HID_CONTROL | HIDP_CTRL_VIRTUAL_CABLE_UNPLUG, NULL, 0); | |
918 | } else { | |
919 | /* Flush the transmit queues */ | |
920 | skb_queue_purge(&session->ctrl_transmit); | |
921 | skb_queue_purge(&session->intr_transmit); | |
922 | ||
ec8dab36 MH |
923 | /* Wakeup user-space polling for socket errors */ |
924 | session->intr_sock->sk->sk_err = EUNATCH; | |
925 | session->ctrl_sock->sk->sk_err = EUNATCH; | |
926 | ||
1da177e4 LT |
927 | /* Kill session thread */ |
928 | atomic_inc(&session->terminate); | |
929 | hidp_schedule(session); | |
930 | } | |
931 | } else | |
932 | err = -ENOENT; | |
933 | ||
934 | up_read(&hidp_session_sem); | |
935 | return err; | |
936 | } | |
937 | ||
938 | int hidp_get_connlist(struct hidp_connlist_req *req) | |
939 | { | |
940 | struct list_head *p; | |
941 | int err = 0, n = 0; | |
942 | ||
943 | BT_DBG(""); | |
944 | ||
945 | down_read(&hidp_session_sem); | |
946 | ||
947 | list_for_each(p, &hidp_session_list) { | |
948 | struct hidp_session *session; | |
949 | struct hidp_conninfo ci; | |
950 | ||
951 | session = list_entry(p, struct hidp_session, list); | |
952 | ||
953 | __hidp_copy_session(session, &ci); | |
954 | ||
955 | if (copy_to_user(req->ci, &ci, sizeof(ci))) { | |
956 | err = -EFAULT; | |
957 | break; | |
958 | } | |
959 | ||
960 | if (++n >= req->cnum) | |
961 | break; | |
962 | ||
963 | req->ci++; | |
964 | } | |
965 | req->cnum = n; | |
966 | ||
967 | up_read(&hidp_session_sem); | |
968 | return err; | |
969 | } | |
970 | ||
971 | int hidp_get_conninfo(struct hidp_conninfo *ci) | |
972 | { | |
973 | struct hidp_session *session; | |
974 | int err = 0; | |
975 | ||
976 | down_read(&hidp_session_sem); | |
977 | ||
978 | session = __hidp_get_session(&ci->bdaddr); | |
979 | if (session) | |
980 | __hidp_copy_session(session, ci); | |
981 | else | |
982 | err = -ENOENT; | |
983 | ||
984 | up_read(&hidp_session_sem); | |
985 | return err; | |
986 | } | |
987 | ||
85cdaf52 JS |
988 | static const struct hid_device_id hidp_table[] = { |
989 | { HID_BLUETOOTH_DEVICE(HID_ANY_ID, HID_ANY_ID) }, | |
990 | { } | |
991 | }; | |
992 | ||
993 | static struct hid_driver hidp_driver = { | |
994 | .name = "generic-bluetooth", | |
995 | .id_table = hidp_table, | |
996 | }; | |
997 | ||
1da177e4 LT |
998 | static int __init hidp_init(void) |
999 | { | |
85cdaf52 JS |
1000 | int ret; |
1001 | ||
1da177e4 LT |
1002 | l2cap_load(); |
1003 | ||
1004 | BT_INFO("HIDP (Human Interface Emulation) ver %s", VERSION); | |
1005 | ||
85cdaf52 JS |
1006 | ret = hid_register_driver(&hidp_driver); |
1007 | if (ret) | |
1008 | goto err; | |
1009 | ||
1010 | ret = hidp_init_sockets(); | |
1011 | if (ret) | |
1012 | goto err_drv; | |
1013 | ||
1014 | return 0; | |
1015 | err_drv: | |
1016 | hid_unregister_driver(&hidp_driver); | |
1017 | err: | |
1018 | return ret; | |
1da177e4 LT |
1019 | } |
1020 | ||
1021 | static void __exit hidp_exit(void) | |
1022 | { | |
1023 | hidp_cleanup_sockets(); | |
85cdaf52 | 1024 | hid_unregister_driver(&hidp_driver); |
1da177e4 LT |
1025 | } |
1026 | ||
1027 | module_init(hidp_init); | |
1028 | module_exit(hidp_exit); | |
1029 | ||
1030 | MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>"); | |
1031 | MODULE_DESCRIPTION("Bluetooth HIDP ver " VERSION); | |
1032 | MODULE_VERSION(VERSION); | |
1033 | MODULE_LICENSE("GPL"); | |
1034 | MODULE_ALIAS("bt-proto-6"); |