projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Use GFP_KERNEL in hci_conn_add()
[deliverable/linux.git] / net / bluetooth / hci_conn.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI connection handling. */
26
1da177e4
LT		 27#include <linux/module.h>
28
29#include <linux/types.h>
30#include <linux/errno.h>
31#include <linux/kernel.h>
1da177e4
LT		 32#include <linux/slab.h>
33#include <linux/poll.h>
34#include <linux/fcntl.h>
35#include <linux/init.h>
36#include <linux/skbuff.h>
37#include <linux/interrupt.h>
38#include <linux/notifier.h>
39#include <net/sock.h>
40
41#include <asm/system.h>
70f23020 42#include <linux/uaccess.h>
1da177e4
LT		 43#include <asm/unaligned.h>
44
45#include <net/bluetooth/bluetooth.h>
46#include <net/bluetooth/hci_core.h>
47
fcd89c09
VT		 48static void hci_le_connect(struct hci_conn *conn)
49{
50 struct hci_dev *hdev = conn->hdev;
51 struct hci_cp_le_create_conn cp;
52
53 conn->state = BT_CONNECT;
a0c808b3 54 conn->out = true;
b92a6223 55 conn->link_mode |= HCI_LM_MASTER;
7b5c0d52 56 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 57
58 memset(&cp, 0, sizeof(cp));
0e833915
AL		 59 cp.scan_interval = cpu_to_le16(0x0060);
60 cp.scan_window = cpu_to_le16(0x0030);
fcd89c09 61 bacpy(&cp.peer_addr, &conn->dst);
6d3ce0e7 62 cp.peer_addr_type = conn->dst_type;
0e833915
AL		 63 cp.conn_interval_min = cpu_to_le16(0x0028);
64 cp.conn_interval_max = cpu_to_le16(0x0038);
65 cp.supervision_timeout = cpu_to_le16(0x002a);
66 cp.min_ce_len = cpu_to_le16(0x0000);
67 cp.max_ce_len = cpu_to_le16(0x0000);
fcd89c09
VT		 68
69 hci_send_cmd(hdev, HCI_OP_LE_CREATE_CONN, sizeof(cp), &cp);
70}
71
72static void hci_le_connect_cancel(struct hci_conn *conn)
73{
74 hci_send_cmd(conn->hdev, HCI_OP_LE_CREATE_CONN_CANCEL, 0, NULL);
75}
76
4c67bc74 77void hci_acl_connect(struct hci_conn *conn)
1da177e4
LT		 78{
79 struct hci_dev *hdev = conn->hdev;
80 struct inquiry_entry *ie;
81 struct hci_cp_create_conn cp;
82
83 BT_DBG("%p", conn);
84
85 conn->state = BT_CONNECT;
a0c808b3 86 conn->out = true;
a8746417 87
1da177e4
LT		 88 conn->link_mode = HCI_LM_MASTER;
89
4c67bc74
MH		 90 conn->attempt++;
91
e4e8e37c
MH		 92 conn->link_policy = hdev->link_policy;
93
1da177e4
LT		 94 memset(&cp, 0, sizeof(cp));
95 bacpy(&cp.bdaddr, &conn->dst);
96 cp.pscan_rep_mode = 0x02;
97
70f23020
AE		 98 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
99 if (ie) {
41a96212
MH		 100 if (inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) {
101 cp.pscan_rep_mode = ie->data.pscan_rep_mode;
102 cp.pscan_mode = ie->data.pscan_mode;
103 cp.clock_offset = ie->data.clock_offset |
104 cpu_to_le16(0x8000);
105 }
106
1da177e4 107 memcpy(conn->dev_class, ie->data.dev_class, 3);
58a681ef
JH		 108 if (ie->data.ssp_mode > 0)
109 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
1da177e4
LT		 110 }
111
a8746417 112 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1da177e4 113 if (lmp_rswitch_capable(hdev) && !(hdev->link_mode & HCI_LM_MASTER))
b6a0dc82 114 cp.role_switch = 0x01;
1da177e4 115 else
b6a0dc82 116 cp.role_switch = 0x00;
4c67bc74 117
a9de9248 118 hci_send_cmd(hdev, HCI_OP_CREATE_CONN, sizeof(cp), &cp);
1da177e4
LT		 119}
120
6ac59344
MH		 121static void hci_acl_connect_cancel(struct hci_conn *conn)
122{
123 struct hci_cp_create_conn_cancel cp;
124
125 BT_DBG("%p", conn);
126
d095c1eb 127 if (conn->hdev->hci_ver < BLUETOOTH_VER_1_2)
6ac59344
MH		 128 return;
129
130 bacpy(&cp.bdaddr, &conn->dst);
a9de9248 131 hci_send_cmd(conn->hdev, HCI_OP_CREATE_CONN_CANCEL, sizeof(cp), &cp);
6ac59344
MH		 132}
133
1da177e4
LT		 134void hci_acl_disconn(struct hci_conn *conn, __u8 reason)
135{
136 struct hci_cp_disconnect cp;
137
138 BT_DBG("%p", conn);
139
140 conn->state = BT_DISCONN;
141
aca3192c 142 cp.handle = cpu_to_le16(conn->handle);
1da177e4 143 cp.reason = reason;
a9de9248 144 hci_send_cmd(conn->hdev, HCI_OP_DISCONNECT, sizeof(cp), &cp);
1da177e4
LT		 145}
146
147void hci_add_sco(struct hci_conn *conn, __u16 handle)
148{
149 struct hci_dev *hdev = conn->hdev;
150 struct hci_cp_add_sco cp;
151
152 BT_DBG("%p", conn);
153
154 conn->state = BT_CONNECT;
a0c808b3 155 conn->out = true;
1da177e4 156
efc7688b
MH		 157 conn->attempt++;
158
aca3192c 159 cp.handle = cpu_to_le16(handle);
a8746417 160 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1da177e4 161
a9de9248 162 hci_send_cmd(hdev, HCI_OP_ADD_SCO, sizeof(cp), &cp);
1da177e4
LT		 163}
164
b6a0dc82
MH		 165void hci_setup_sync(struct hci_conn *conn, __u16 handle)
166{
167 struct hci_dev *hdev = conn->hdev;
168 struct hci_cp_setup_sync_conn cp;
169
170 BT_DBG("%p", conn);
171
172 conn->state = BT_CONNECT;
a0c808b3 173 conn->out = true;
b6a0dc82 174
efc7688b
MH		 175 conn->attempt++;
176
b6a0dc82 177 cp.handle = cpu_to_le16(handle);
a8746417 178 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82
MH		 179
180 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
181 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
182 cp.max_latency = cpu_to_le16(0xffff);
183 cp.voice_setting = cpu_to_le16(hdev->voice_setting);
184 cp.retrans_effort = 0xff;
185
186 hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp);
187}
188
2ce603eb
CT		 189void hci_le_conn_update(struct hci_conn *conn, u16 min, u16 max,
190 u16 latency, u16 to_multiplier)
191{
192 struct hci_cp_le_conn_update cp;
193 struct hci_dev *hdev = conn->hdev;
194
195 memset(&cp, 0, sizeof(cp));
196
197 cp.handle = cpu_to_le16(conn->handle);
198 cp.conn_interval_min = cpu_to_le16(min);
199 cp.conn_interval_max = cpu_to_le16(max);
200 cp.conn_latency = cpu_to_le16(latency);
201 cp.supervision_timeout = cpu_to_le16(to_multiplier);
202 cp.min_ce_len = cpu_to_le16(0x0001);
203 cp.max_ce_len = cpu_to_le16(0x0001);
204
205 hci_send_cmd(hdev, HCI_OP_LE_CONN_UPDATE, sizeof(cp), &cp);
206}
207EXPORT_SYMBOL(hci_le_conn_update);
208
a7a595f6
VCG		 209void hci_le_start_enc(struct hci_conn *conn, __le16 ediv, __u8 rand[8],
210 __u8 ltk[16])
211{
212 struct hci_dev *hdev = conn->hdev;
213 struct hci_cp_le_start_enc cp;
214
215 BT_DBG("%p", conn);
216
217 memset(&cp, 0, sizeof(cp));
218
219 cp.handle = cpu_to_le16(conn->handle);
220 memcpy(cp.ltk, ltk, sizeof(cp.ltk));
221 cp.ediv = ediv;
51beabdf 222 memcpy(cp.rand, rand, sizeof(cp.rand));
a7a595f6
VCG		 223
224 hci_send_cmd(hdev, HCI_OP_LE_START_ENC, sizeof(cp), &cp);
225}
226EXPORT_SYMBOL(hci_le_start_enc);
227
228void hci_le_ltk_reply(struct hci_conn *conn, u8 ltk[16])
229{
230 struct hci_dev *hdev = conn->hdev;
231 struct hci_cp_le_ltk_reply cp;
232
233 BT_DBG("%p", conn);
234
235 memset(&cp, 0, sizeof(cp));
236
237 cp.handle = cpu_to_le16(conn->handle);
238 memcpy(cp.ltk, ltk, sizeof(ltk));
239
240 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
241}
242EXPORT_SYMBOL(hci_le_ltk_reply);
243
244void hci_le_ltk_neg_reply(struct hci_conn *conn)
245{
246 struct hci_dev *hdev = conn->hdev;
247 struct hci_cp_le_ltk_neg_reply cp;
248
249 BT_DBG("%p", conn);
250
251 memset(&cp, 0, sizeof(cp));
252
253 cp.handle = cpu_to_le16(conn->handle);
254
255 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(cp), &cp);
256}
257
e73439d8
MH		 258/* Device _must_ be locked */
259void hci_sco_setup(struct hci_conn *conn, __u8 status)
260{
261 struct hci_conn *sco = conn->link;
262
263 BT_DBG("%p", conn);
264
265 if (!sco)
266 return;
267
268 if (!status) {
269 if (lmp_esco_capable(conn->hdev))
270 hci_setup_sync(sco, conn->handle);
271 else
272 hci_add_sco(sco, conn->handle);
273 } else {
274 hci_proto_connect_cfm(sco, status);
275 hci_conn_del(sco);
276 }
277}
278
19c40e3b 279static void hci_conn_timeout(struct work_struct *work)
1da177e4 280{
19c40e3b
GP		 281 struct hci_conn *conn = container_of(work, struct hci_conn,
282 disc_work.work);
04837f64 283 struct hci_dev *hdev = conn->hdev;
2950f21a 284 __u8 reason;
1da177e4
LT		 285
286 BT_DBG("conn %p state %d", conn, conn->state);
287
288 if (atomic_read(&conn->refcnt))
289 return;
290
291 hci_dev_lock(hdev);
6ac59344
MH		 292
293 switch (conn->state) {
294 case BT_CONNECT:
769be974 295 case BT_CONNECT2:
fcd89c09
VT		 296 if (conn->out) {
297 if (conn->type == ACL_LINK)
298 hci_acl_connect_cancel(conn);
299 else if (conn->type == LE_LINK)
300 hci_le_connect_cancel(conn);
301 }
6ac59344 302 break;
769be974 303 case BT_CONFIG:
8e87d142 304 case BT_CONNECTED:
2950f21a
MH		 305 reason = hci_proto_disconn_ind(conn);
306 hci_acl_disconn(conn, reason);
6ac59344
MH		 307 break;
308 default:
1da177e4 309 conn->state = BT_CLOSED;
6ac59344
MH		 310 break;
311 }
312
1da177e4 313 hci_dev_unlock(hdev);
1da177e4
LT		 314}
315
416dc94b
GP		 316/* Enter sniff mode */
317static void hci_conn_enter_sniff_mode(struct hci_conn *conn)
318{
319 struct hci_dev *hdev = conn->hdev;
320
321 BT_DBG("conn %p mode %d", conn, conn->mode);
322
323 if (test_bit(HCI_RAW, &hdev->flags))
324 return;
325
326 if (!lmp_sniff_capable(hdev) || !lmp_sniff_capable(conn))
327 return;
328
329 if (conn->mode != HCI_CM_ACTIVE || !(conn->link_policy & HCI_LP_SNIFF))
330 return;
331
332 if (lmp_sniffsubr_capable(hdev) && lmp_sniffsubr_capable(conn)) {
333 struct hci_cp_sniff_subrate cp;
334 cp.handle = cpu_to_le16(conn->handle);
335 cp.max_latency = cpu_to_le16(0);
336 cp.min_remote_timeout = cpu_to_le16(0);
337 cp.min_local_timeout = cpu_to_le16(0);
338 hci_send_cmd(hdev, HCI_OP_SNIFF_SUBRATE, sizeof(cp), &cp);
339 }
340
51a8efd7 341 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
416dc94b
GP		 342 struct hci_cp_sniff_mode cp;
343 cp.handle = cpu_to_le16(conn->handle);
344 cp.max_interval = cpu_to_le16(hdev->sniff_max_interval);
345 cp.min_interval = cpu_to_le16(hdev->sniff_min_interval);
346 cp.attempt = cpu_to_le16(4);
347 cp.timeout = cpu_to_le16(1);
348 hci_send_cmd(hdev, HCI_OP_SNIFF_MODE, sizeof(cp), &cp);
349 }
350}
351
04837f64 352static void hci_conn_idle(unsigned long arg)
1da177e4 353{
04837f64
MH		 354 struct hci_conn *conn = (void *) arg;
355
356 BT_DBG("conn %p mode %d", conn, conn->mode);
357
358 hci_conn_enter_sniff_mode(conn);
1da177e4
LT		 359}
360
9f61656a
JH		 361static void hci_conn_auto_accept(unsigned long arg)
362{
363 struct hci_conn *conn = (void *) arg;
364 struct hci_dev *hdev = conn->hdev;
365
9f61656a
JH		 366 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY, sizeof(conn->dst),
367 &conn->dst);
9f61656a
JH		 368}
369
1da177e4
LT		 370struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst)
371{
372 struct hci_conn *conn;
373
374 BT_DBG("%s dst %s", hdev->name, batostr(dst));
375
cb601d7e 376 conn = kzalloc(sizeof(struct hci_conn), GFP_KERNEL);
04837f64 377 if (!conn)
1da177e4 378 return NULL;
1da177e4
LT		 379
380 bacpy(&conn->dst, dst);
a8746417
MH		 381 conn->hdev = hdev;
382 conn->type = type;
383 conn->mode = HCI_CM_ACTIVE;
384 conn->state = BT_OPEN;
93f19c9f 385 conn->auth_type = HCI_AT_GENERAL_BONDING;
17fa4b9d 386 conn->io_capability = hdev->io_capability;
a9583556 387 conn->remote_auth = 0xff;
13d39315 388 conn->key_type = 0xff;
1da177e4 389
58a681ef 390 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
052b30b0 391 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
04837f64 392
a8746417
MH		 393 switch (type) {
394 case ACL_LINK:
395 conn->pkt_type = hdev->pkt_type & ACL_PTYPE_MASK;
396 break;
397 case SCO_LINK:
398 if (lmp_esco_capable(hdev))
efc7688b
MH		 399 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
400 (hdev->esco_type & EDR_ESCO_MASK);
a8746417
MH		 401 else
402 conn->pkt_type = hdev->pkt_type & SCO_PTYPE_MASK;
403 break;
404 case ESCO_LINK:
efc7688b 405 conn->pkt_type = hdev->esco_type & ~EDR_ESCO_MASK;
a8746417
MH		 406 break;
407 }
408
1da177e4 409 skb_queue_head_init(&conn->data_q);
04837f64 410
2c33c06a 411 INIT_LIST_HEAD(&conn->chan_list);;
73d80deb 412
19c40e3b 413 INIT_DELAYED_WORK(&conn->disc_work, hci_conn_timeout);
b24b8a24 414 setup_timer(&conn->idle_timer, hci_conn_idle, (unsigned long)conn);
9f61656a
JH		 415 setup_timer(&conn->auto_accept_timer, hci_conn_auto_accept,
416 (unsigned long) conn);
1da177e4
LT		 417
418 atomic_set(&conn->refcnt, 0);
419
420 hci_dev_hold(hdev);
421
1da177e4 422 hci_conn_hash_add(hdev, conn);
3c54711c 423 if (hdev->notify)
1da177e4
LT		 424 hdev->notify(hdev, HCI_NOTIFY_CONN_ADD);
425
9eba32b8
MH		 426 atomic_set(&conn->devref, 0);
427
a67e899c
MH		 428 hci_conn_init_sysfs(conn);
429
1da177e4
LT		 430 return conn;
431}
432
433int hci_conn_del(struct hci_conn *conn)
434{
435 struct hci_dev *hdev = conn->hdev;
436
437 BT_DBG("%s conn %p handle %d", hdev->name, conn, conn->handle);
438
04837f64
MH		 439 del_timer(&conn->idle_timer);
440
19c40e3b 441 cancel_delayed_work_sync(&conn->disc_work);
1da177e4 442
9f61656a
JH		 443 del_timer(&conn->auto_accept_timer);
444
5b7f9909 445 if (conn->type == ACL_LINK) {
1da177e4
LT		 446 struct hci_conn *sco = conn->link;
447 if (sco)
448 sco->link = NULL;
449
450 /* Unacked frames */
451 hdev->acl_cnt += conn->sent;
6ed58ec5
VT		 452 } else if (conn->type == LE_LINK) {
453 if (hdev->le_pkts)
454 hdev->le_cnt += conn->sent;
455 else
456 hdev->acl_cnt += conn->sent;
5b7f9909
MH		 457 } else {
458 struct hci_conn *acl = conn->link;
459 if (acl) {
460 acl->link = NULL;
461 hci_conn_put(acl);
462 }
1da177e4
LT		 463 }
464
7d0db0a3 465
2c33c06a 466 hci_chan_list_flush(conn);
73d80deb 467
1da177e4 468 hci_conn_hash_del(hdev, conn);
3c54711c 469 if (hdev->notify)
1da177e4 470 hdev->notify(hdev, HCI_NOTIFY_CONN_DEL);
7d0db0a3 471
1da177e4 472 skb_queue_purge(&conn->data_q);
1da177e4 473
9eba32b8 474 hci_conn_put_device(conn);
2ae9a6be 475
384943ec
MH		 476 hci_dev_put(hdev);
477
163f4dab
TT		 478 if (conn->handle == 0)
479 kfree(conn);
480
1da177e4
LT		 481 return 0;
482}
483
484struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
485{
486 int use_src = bacmp(src, BDADDR_ANY);
8035ded4 487 struct hci_dev *hdev = NULL, *d;
1da177e4
LT		 488
489 BT_DBG("%s -> %s", batostr(src), batostr(dst));
490
f20d09d5 491 read_lock(&hci_dev_list_lock);
1da177e4 492
8035ded4 493 list_for_each_entry(d, &hci_dev_list, list) {
1da177e4
LT		 494 if (!test_bit(HCI_UP, &d->flags) || test_bit(HCI_RAW, &d->flags))
495 continue;
496
8e87d142 497 /* Simple routing:
1da177e4
LT		 498 * No source address - find interface with bdaddr != dst
499 * Source address - find interface with bdaddr == src
500 */
501
502 if (use_src) {
503 if (!bacmp(&d->bdaddr, src)) {
504 hdev = d; break;
505 }
506 } else {
507 if (bacmp(&d->bdaddr, dst)) {
508 hdev = d; break;
509 }
510 }
511 }
512
513 if (hdev)
514 hdev = hci_dev_hold(hdev);
515
f20d09d5 516 read_unlock(&hci_dev_list_lock);
1da177e4
LT		 517 return hdev;
518}
519EXPORT_SYMBOL(hci_get_route);
520
fcd89c09 521/* Create SCO, ACL or LE connection.
1da177e4 522 * Device _must_ be locked */
8c1b2355 523struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst, __u8 sec_level, __u8 auth_type)
1da177e4
LT		 524{
525 struct hci_conn *acl;
5b7f9909 526 struct hci_conn *sco;
fcd89c09 527 struct hci_conn *le;
1da177e4
LT		 528
529 BT_DBG("%s dst %s", hdev->name, batostr(dst));
530
fcd89c09 531 if (type == LE_LINK) {
eda42b50
AG		 532 struct adv_entry *entry;
533
fcd89c09 534 le = hci_conn_hash_lookup_ba(hdev, LE_LINK, dst);
15c4794f 535 if (le)
30e76272 536 return ERR_PTR(-EBUSY);
eda42b50
AG		 537
538 entry = hci_find_adv_entry(hdev, dst);
539 if (!entry)
540 return ERR_PTR(-EHOSTUNREACH);
541
15c4794f 542 le = hci_conn_add(hdev, LE_LINK, dst);
fcd89c09 543 if (!le)
30e76272 544 return ERR_PTR(-ENOMEM);
893d6751 545
eda42b50
AG		 546 le->dst_type = entry->bdaddr_type;
547
893d6751 548 hci_le_connect(le);
fcd89c09
VT		 549
550 hci_conn_hold(le);
551
552 return le;
553 }
554
70f23020
AE		 555 acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst);
556 if (!acl) {
557 acl = hci_conn_add(hdev, ACL_LINK, dst);
558 if (!acl)
1da177e4
LT		 559 return NULL;
560 }
561
562 hci_conn_hold(acl);
563
09ab6f4c 564 if (acl->state == BT_OPEN || acl->state == BT_CLOSED) {
765c2a96
JH		 565 acl->sec_level = BT_SECURITY_LOW;
566 acl->pending_sec_level = sec_level;
09ab6f4c 567 acl->auth_type = auth_type;
1da177e4 568 hci_acl_connect(acl);
09ab6f4c 569 }
1da177e4 570
5b7f9909
MH		 571 if (type == ACL_LINK)
572 return acl;
1da177e4 573
70f23020
AE		 574 sco = hci_conn_hash_lookup_ba(hdev, type, dst);
575 if (!sco) {
576 sco = hci_conn_add(hdev, type, dst);
577 if (!sco) {
5b7f9909
MH		 578 hci_conn_put(acl);
579 return NULL;
1da177e4 580 }
5b7f9909 581 }
1da177e4 582
5b7f9909
MH		 583 acl->link = sco;
584 sco->link = acl;
1da177e4 585
5b7f9909 586 hci_conn_hold(sco);
1da177e4 587
5b7f9909 588 if (acl->state == BT_CONNECTED &&
b6a0dc82 589 (sco->state == BT_OPEN || sco->state == BT_CLOSED)) {
58a681ef 590 set_bit(HCI_CONN_POWER_SAVE, &acl->flags);
14b12d0b 591 hci_conn_enter_active_mode(acl, BT_POWER_FORCE_ACTIVE_ON);
c390216b 592
51a8efd7 593 if (test_bit(HCI_CONN_MODE_CHANGE_PEND, &acl->flags)) {
e73439d8 594 /* defer SCO setup until mode change completed */
51a8efd7 595 set_bit(HCI_CONN_SCO_SETUP_PEND, &acl->flags);
e73439d8
MH		 596 return sco;
597 }
598
599 hci_sco_setup(acl, 0x00);
b6a0dc82 600 }
5b7f9909
MH		 601
602 return sco;
1da177e4
LT		 603}
604EXPORT_SYMBOL(hci_connect);
605
e7c29cb1
MH		 606/* Check link security requirement */
607int hci_conn_check_link_mode(struct hci_conn *conn)
608{
609 BT_DBG("conn %p", conn);
610
aa64a8b5 611 if (hci_conn_ssp_enabled(conn) && !(conn->link_mode & HCI_LM_ENCRYPT))
e7c29cb1
MH		 612 return 0;
613
614 return 1;
615}
616EXPORT_SYMBOL(hci_conn_check_link_mode);
617
1da177e4 618/* Authenticate remote device */
0684e5f9 619static int hci_conn_auth(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
1da177e4
LT		 620{
621 BT_DBG("conn %p", conn);
622
765c2a96
JH		 623 if (conn->pending_sec_level > sec_level)
624 sec_level = conn->pending_sec_level;
625
96a31833 626 if (sec_level > conn->sec_level)
765c2a96 627 conn->pending_sec_level = sec_level;
96a31833 628 else if (conn->link_mode & HCI_LM_AUTH)
1da177e4
LT		 629 return 1;
630
65cf686e
JH		 631 /* Make sure we preserve an existing MITM requirement*/
632 auth_type |= (conn->auth_type & 0x01);
633
96a31833
MH		 634 conn->auth_type = auth_type;
635
51a8efd7 636 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
1da177e4 637 struct hci_cp_auth_requested cp;
aca3192c 638 cp.handle = cpu_to_le16(conn->handle);
40be492f
MH		 639 hci_send_cmd(conn->hdev, HCI_OP_AUTH_REQUESTED,
640 sizeof(cp), &cp);
19f8def0 641 if (conn->key_type != 0xff)
51a8efd7 642 set_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 643 }
8c1b2355 644
1da177e4
LT		 645 return 0;
646}
1da177e4 647
13d39315
WR		 648/* Encrypt the the link */
649static void hci_conn_encrypt(struct hci_conn *conn)
650{
651 BT_DBG("conn %p", conn);
652
51a8efd7 653 if (!test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
13d39315
WR		 654 struct hci_cp_set_conn_encrypt cp;
655 cp.handle = cpu_to_le16(conn->handle);
656 cp.encrypt = 0x01;
657 hci_send_cmd(conn->hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
658 &cp);
659 }
660}
661
8c1b2355 662/* Enable security */
0684e5f9 663int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
1da177e4
LT		 664{
665 BT_DBG("conn %p", conn);
666
13d39315 667 /* For sdp we don't need the link key. */
8c1b2355
MH		 668 if (sec_level == BT_SECURITY_SDP)
669 return 1;
670
13d39315
WR		 671 /* For non 2.1 devices and low security level we don't need the link
672 key. */
aa64a8b5 673 if (sec_level == BT_SECURITY_LOW && !hci_conn_ssp_enabled(conn))
3fdca1e1 674 return 1;
8c1b2355 675
13d39315
WR		 676 /* For other security levels we need the link key. */
677 if (!(conn->link_mode & HCI_LM_AUTH))
678 goto auth;
679
680 /* An authenticated combination key has sufficient security for any
681 security level. */
682 if (conn->key_type == HCI_LK_AUTH_COMBINATION)
683 goto encrypt;
684
685 /* An unauthenticated combination key has sufficient security for
686 security level 1 and 2. */
687 if (conn->key_type == HCI_LK_UNAUTH_COMBINATION &&
688 (sec_level == BT_SECURITY_MEDIUM ||
689 sec_level == BT_SECURITY_LOW))
690 goto encrypt;
691
692 /* A combination key has always sufficient security for the security
693 levels 1 or 2. High security level requires the combination key
694 is generated using maximum PIN code length (16).
695 For pre 2.1 units. */
696 if (conn->key_type == HCI_LK_COMBINATION &&
697 (sec_level != BT_SECURITY_HIGH ||
698 conn->pin_length == 16))
699 goto encrypt;
700
701auth:
51a8efd7 702 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags))
1da177e4
LT		 703 return 0;
704
6fdf658c
LAD		 705 if (!hci_conn_auth(conn, sec_level, auth_type))
706 return 0;
13d39315
WR		 707
708encrypt:
709 if (conn->link_mode & HCI_LM_ENCRYPT)
710 return 1;
8c1b2355 711
13d39315 712 hci_conn_encrypt(conn);
1da177e4
LT		 713 return 0;
714}
8c1b2355 715EXPORT_SYMBOL(hci_conn_security);
1da177e4 716
b3b1b061
WR		 717/* Check secure link requirement */
718int hci_conn_check_secure(struct hci_conn *conn, __u8 sec_level)
719{
720 BT_DBG("conn %p", conn);
721
722 if (sec_level != BT_SECURITY_HIGH)
723 return 1; /* Accept if non-secure is required */
724
ef4177e2 725 if (conn->sec_level == BT_SECURITY_HIGH)
b3b1b061
WR		 726 return 1;
727
728 return 0; /* Reject not secure link */
729}
730EXPORT_SYMBOL(hci_conn_check_secure);
731
1da177e4
LT		 732/* Change link key */
733int hci_conn_change_link_key(struct hci_conn *conn)
734{
735 BT_DBG("conn %p", conn);
736
51a8efd7 737 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
1da177e4 738 struct hci_cp_change_conn_link_key cp;
aca3192c 739 cp.handle = cpu_to_le16(conn->handle);
40be492f
MH		 740 hci_send_cmd(conn->hdev, HCI_OP_CHANGE_CONN_LINK_KEY,
741 sizeof(cp), &cp);
1da177e4 742 }
8c1b2355 743
1da177e4
LT		 744 return 0;
745}
746EXPORT_SYMBOL(hci_conn_change_link_key);
747
748/* Switch role */
8c1b2355 749int hci_conn_switch_role(struct hci_conn *conn, __u8 role)
1da177e4
LT		 750{
751 BT_DBG("conn %p", conn);
752
753 if (!role && conn->link_mode & HCI_LM_MASTER)
754 return 1;
755
51a8efd7 756 if (!test_and_set_bit(HCI_CONN_RSWITCH_PEND, &conn->flags)) {
1da177e4
LT		 757 struct hci_cp_switch_role cp;
758 bacpy(&cp.bdaddr, &conn->dst);
759 cp.role = role;
a9de9248 760 hci_send_cmd(conn->hdev, HCI_OP_SWITCH_ROLE, sizeof(cp), &cp);
1da177e4 761 }
8c1b2355 762
1da177e4
LT		 763 return 0;
764}
765EXPORT_SYMBOL(hci_conn_switch_role);
766
04837f64 767/* Enter active mode */
14b12d0b 768void hci_conn_enter_active_mode(struct hci_conn *conn, __u8 force_active)
04837f64
MH		 769{
770 struct hci_dev *hdev = conn->hdev;
771
772 BT_DBG("conn %p mode %d", conn, conn->mode);
773
774 if (test_bit(HCI_RAW, &hdev->flags))
775 return;
776
14b12d0b
JG		 777 if (conn->mode != HCI_CM_SNIFF)
778 goto timer;
779
58a681ef 780 if (!test_bit(HCI_CONN_POWER_SAVE, &conn->flags) && !force_active)
04837f64
MH		 781 goto timer;
782
51a8efd7 783 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
04837f64 784 struct hci_cp_exit_sniff_mode cp;
aca3192c 785 cp.handle = cpu_to_le16(conn->handle);
a9de9248 786 hci_send_cmd(hdev, HCI_OP_EXIT_SNIFF_MODE, sizeof(cp), &cp);
04837f64
MH		 787 }
788
789timer:
790 if (hdev->idle_timeout > 0)
791 mod_timer(&conn->idle_timer,
792 jiffies + msecs_to_jiffies(hdev->idle_timeout));
793}
794
1da177e4
LT		 795/* Drop all connection on the device */
796void hci_conn_hash_flush(struct hci_dev *hdev)
797{
798 struct hci_conn_hash *h = &hdev->conn_hash;
3e9c40a6 799 struct hci_conn *c;
1da177e4
LT		 800
801 BT_DBG("hdev %s", hdev->name);
802
bf4c6325 803 list_for_each_entry_rcu(c, &h->list, list) {
1da177e4
LT		 804 c->state = BT_CLOSED;
805
9f5a0d7b 806 hci_proto_disconn_cfm(c, HCI_ERROR_LOCAL_HOST_TERM);
1da177e4
LT		 807 hci_conn_del(c);
808 }
809}
810
a9de9248
MH		 811/* Check pending connect attempts */
812void hci_conn_check_pending(struct hci_dev *hdev)
813{
814 struct hci_conn *conn;
815
816 BT_DBG("hdev %s", hdev->name);
817
818 hci_dev_lock(hdev);
819
820 conn = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
821 if (conn)
822 hci_acl_connect(conn);
823
824 hci_dev_unlock(hdev);
825}
826
9eba32b8
MH		 827void hci_conn_hold_device(struct hci_conn *conn)
828{
829 atomic_inc(&conn->devref);
830}
831EXPORT_SYMBOL(hci_conn_hold_device);
832
833void hci_conn_put_device(struct hci_conn *conn)
834{
835 if (atomic_dec_and_test(&conn->devref))
836 hci_conn_del_sysfs(conn);
837}
838EXPORT_SYMBOL(hci_conn_put_device);
839
1da177e4
LT		 840int hci_get_conn_list(void __user *arg)
841{
8035ded4 842 register struct hci_conn *c;
1da177e4
LT		 843 struct hci_conn_list_req req, *cl;
844 struct hci_conn_info *ci;
845 struct hci_dev *hdev;
1da177e4
LT		 846 int n = 0, size, err;
847
848 if (copy_from_user(&req, arg, sizeof(req)))
849 return -EFAULT;
850
851 if (!req.conn_num || req.conn_num > (PAGE_SIZE * 2) / sizeof(*ci))
852 return -EINVAL;
853
854 size = sizeof(req) + req.conn_num * sizeof(*ci);
855
70f23020
AE		 856 cl = kmalloc(size, GFP_KERNEL);
857 if (!cl)
1da177e4
LT		 858 return -ENOMEM;
859
70f23020
AE		 860 hdev = hci_dev_get(req.dev_id);
861 if (!hdev) {
1da177e4
LT		 862 kfree(cl);
863 return -ENODEV;
864 }
865
866 ci = cl->conn_info;
867
09fd0de5 868 hci_dev_lock(hdev);
8035ded4 869 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1da177e4
LT		 870 bacpy(&(ci + n)->bdaddr, &c->dst);
871 (ci + n)->handle = c->handle;
872 (ci + n)->type = c->type;
873 (ci + n)->out = c->out;
874 (ci + n)->state = c->state;
875 (ci + n)->link_mode = c->link_mode;
876 if (++n >= req.conn_num)
877 break;
878 }
09fd0de5 879 hci_dev_unlock(hdev);
1da177e4
LT		 880
881 cl->dev_id = hdev->id;
882 cl->conn_num = n;
883 size = sizeof(req) + n * sizeof(*ci);
884
885 hci_dev_put(hdev);
886
887 err = copy_to_user(arg, cl, size);
888 kfree(cl);
889
890 return err ? -EFAULT : 0;
891}
892
893int hci_get_conn_info(struct hci_dev *hdev, void __user *arg)
894{
895 struct hci_conn_info_req req;
896 struct hci_conn_info ci;
897 struct hci_conn *conn;
898 char __user *ptr = arg + sizeof(req);
899
900 if (copy_from_user(&req, arg, sizeof(req)))
901 return -EFAULT;
902
09fd0de5 903 hci_dev_lock(hdev);
1da177e4
LT		 904 conn = hci_conn_hash_lookup_ba(hdev, req.type, &req.bdaddr);
905 if (conn) {
906 bacpy(&ci.bdaddr, &conn->dst);
907 ci.handle = conn->handle;
908 ci.type = conn->type;
909 ci.out = conn->out;
910 ci.state = conn->state;
911 ci.link_mode = conn->link_mode;
912 }
09fd0de5 913 hci_dev_unlock(hdev);
1da177e4
LT		 914
915 if (!conn)
916 return -ENOENT;
917
918 return copy_to_user(ptr, &ci, sizeof(ci)) ? -EFAULT : 0;
919}
40be492f
MH		 920
921int hci_get_auth_info(struct hci_dev *hdev, void __user *arg)
922{
923 struct hci_auth_info_req req;
924 struct hci_conn *conn;
925
926 if (copy_from_user(&req, arg, sizeof(req)))
927 return -EFAULT;
928
09fd0de5 929 hci_dev_lock(hdev);
40be492f
MH		 930 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &req.bdaddr);
931 if (conn)
932 req.type = conn->auth_type;
09fd0de5 933 hci_dev_unlock(hdev);
40be492f
MH		 934
935 if (!conn)
936 return -ENOENT;
937
938 return copy_to_user(arg, &req, sizeof(req)) ? -EFAULT : 0;
939}
73d80deb
LAD		 940
941struct hci_chan *hci_chan_create(struct hci_conn *conn)
942{
943 struct hci_dev *hdev = conn->hdev;
944 struct hci_chan *chan;
945
946 BT_DBG("%s conn %p", hdev->name, conn);
947
948 chan = kzalloc(sizeof(struct hci_chan), GFP_ATOMIC);
949 if (!chan)
950 return NULL;
951
952 chan->conn = conn;
953 skb_queue_head_init(&chan->data_q);
954
8192edef 955 list_add_rcu(&chan->list, &conn->chan_list);
73d80deb
LAD		 956
957 return chan;
958}
959
960int hci_chan_del(struct hci_chan *chan)
961{
962 struct hci_conn *conn = chan->conn;
963 struct hci_dev *hdev = conn->hdev;
964
965 BT_DBG("%s conn %p chan %p", hdev->name, conn, chan);
966
8192edef
GP		 967 list_del_rcu(&chan->list);
968
969 synchronize_rcu();
73d80deb
LAD		 970
971 skb_queue_purge(&chan->data_q);
972 kfree(chan);
973
974 return 0;
975}
976
2c33c06a 977void hci_chan_list_flush(struct hci_conn *conn)
73d80deb 978{
8192edef 979 struct hci_chan *chan;
73d80deb
LAD		 980
981 BT_DBG("conn %p", conn);
982
8192edef 983 list_for_each_entry_rcu(chan, &conn->chan_list, list)
73d80deb
LAD		 984 hci_chan_del(chan);
985}
Linux kernel - Deliverables
This page took 0.756582 seconds and 5 git commands to generate.