projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: hidp: test "terminate" before sleeping
[deliverable/linux.git] / net / bluetooth / hidp / core.c
CommitLineData
8e87d142 1/*
1da177e4
LT		 2 HIDP implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2003-2004 Marcel Holtmann <marcel@holtmann.org>
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
8e87d142
YH		 18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 20 SOFTWARE IS DISCLAIMED.
21*/
22
1da177e4 23#include <linux/module.h>
1da177e4 24#include <linux/file.h>
aabf6f89 25#include <linux/kthread.h>
364f6351 26#include <linux/hidraw.h>
1da177e4
LT		 27
28#include <net/bluetooth/bluetooth.h>
0a85b964 29#include <net/bluetooth/hci_core.h>
1da177e4
LT		 30#include <net/bluetooth/l2cap.h>
31
32#include "hidp.h"
33
e1aaadd4 34#define VERSION "1.2"
1da177e4
LT		 35
36static DECLARE_RWSEM(hidp_session_sem);
37static LIST_HEAD(hidp_session_list);
38
39static unsigned char hidp_keycode[256] = {
17f09a7e
SJ		 40 0, 0, 0, 0, 30, 48, 46, 32, 18, 33, 34, 35, 23, 36,
41 37, 38, 50, 49, 24, 25, 16, 19, 31, 20, 22, 47, 17, 45,
42 21, 44, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 28, 1,
43 14, 15, 57, 12, 13, 26, 27, 43, 43, 39, 40, 41, 51, 52,
44 53, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 87, 88,
45 99, 70, 119, 110, 102, 104, 111, 107, 109, 106, 105, 108, 103, 69,
46 98, 55, 74, 78, 96, 79, 80, 81, 75, 76, 77, 71, 72, 73,
47 82, 83, 86, 127, 116, 117, 183, 184, 185, 186, 187, 188, 189, 190,
48 191, 192, 193, 194, 134, 138, 130, 132, 128, 129, 131, 137, 133, 135,
49 136, 113, 115, 114, 0, 0, 0, 121, 0, 89, 93, 124, 92, 94,
50 95, 0, 0, 0, 122, 123, 90, 91, 85, 0, 0, 0, 0, 0,
51 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
52 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
53 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
54 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
55 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
56 29, 42, 56, 125, 97, 54, 100, 126, 164, 166, 165, 163, 161, 115,
57 114, 113, 150, 158, 159, 128, 136, 177, 178, 176, 142, 152, 173, 140
1da177e4
LT		 58};
59
60static unsigned char hidp_mkeyspat[] = { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 };
61
62static struct hidp_session *__hidp_get_session(bdaddr_t *bdaddr)
63{
64 struct hidp_session *session;
1da177e4
LT		 65
66 BT_DBG("");
67
cd11cdd2 68 list_for_each_entry(session, &hidp_session_list, list) {
1da177e4
LT		 69 if (!bacmp(bdaddr, &session->bdaddr))
70 return session;
71 }
8035ded4 72
1da177e4
LT		 73 return NULL;
74}
75
1da177e4
LT		 76static void __hidp_copy_session(struct hidp_session *session, struct hidp_conninfo *ci)
77{
d31dbf6e 78 memset(ci, 0, sizeof(*ci));
1da177e4
LT		 79 bacpy(&ci->bdaddr, &session->bdaddr);
80
81 ci->flags = session->flags;
dcc07647 82 ci->state = BT_CONNECTED;
1da177e4
LT		 83
84 ci->vendor = 0x0000;
85 ci->product = 0x0000;
86 ci->version = 0x0000;
1da177e4
LT		 87
88 if (session->input) {
89 ci->vendor = session->input->id.vendor;
90 ci->product = session->input->id.product;
91 ci->version = session->input->id.version;
92 if (session->input->name)
93 strncpy(ci->name, session->input->name, 128);
94 else
95 strncpy(ci->name, "HID Boot Device", 128);
96 }
e1aaadd4
MH		 97
98 if (session->hid) {
99 ci->vendor = session->hid->vendor;
100 ci->product = session->hid->product;
101 ci->version = session->hid->version;
102 strncpy(ci->name, session->hid->name, 128);
103 }
1da177e4
LT		 104}
105
91f5cca3
AM		 106static int hidp_queue_event(struct hidp_session *session, struct input_dev *dev,
107 unsigned int type, unsigned int code, int value)
1da177e4 108{
1da177e4 109 unsigned char newleds;
e1aaadd4 110 struct sk_buff *skb;
1da177e4 111
e1aaadd4 112 BT_DBG("session %p type %d code %d value %d", session, type, code, value);
1da177e4
LT		 113
114 if (type != EV_LED)
115 return -1;
116
117 newleds = (!!test_bit(LED_KANA, dev->led) << 3) |
118 (!!test_bit(LED_COMPOSE, dev->led) << 3) |
119 (!!test_bit(LED_SCROLLL, dev->led) << 2) |
120 (!!test_bit(LED_CAPSL, dev->led) << 1) |
121 (!!test_bit(LED_NUML, dev->led));
122
123 if (session->leds == newleds)
124 return 0;
125
126 session->leds = newleds;
127
5a08ecce
AE		 128 skb = alloc_skb(3, GFP_ATOMIC);
129 if (!skb) {
1da177e4
LT		 130 BT_ERR("Can't allocate memory for new frame");
131 return -ENOMEM;
132 }
133
134 *skb_put(skb, 1) = HIDP_TRANS_DATA | HIDP_DATA_RTYPE_OUPUT;
135 *skb_put(skb, 1) = 0x01;
136 *skb_put(skb, 1) = newleds;
137
138 skb_queue_tail(&session->intr_transmit, skb);
139
140 hidp_schedule(session);
141
142 return 0;
143}
144
e1aaadd4
MH		 145static int hidp_hidinput_event(struct input_dev *dev, unsigned int type, unsigned int code, int value)
146{
5be39466 147 struct hid_device *hid = input_get_drvdata(dev);
e1aaadd4
MH		 148 struct hidp_session *session = hid->driver_data;
149
150 return hidp_queue_event(session, dev, type, code, value);
151}
152
153static int hidp_input_event(struct input_dev *dev, unsigned int type, unsigned int code, int value)
154{
5be39466 155 struct hidp_session *session = input_get_drvdata(dev);
e1aaadd4
MH		 156
157 return hidp_queue_event(session, dev, type, code, value);
158}
159
1da177e4
LT		 160static void hidp_input_report(struct hidp_session *session, struct sk_buff *skb)
161{
162 struct input_dev *dev = session->input;
163 unsigned char *keys = session->keys;
164 unsigned char *udata = skb->data + 1;
165 signed char *sdata = skb->data + 1;
166 int i, size = skb->len - 1;
167
168 switch (skb->data[0]) {
169 case 0x01: /* Keyboard report */
170 for (i = 0; i < 8; i++)
171 input_report_key(dev, hidp_keycode[i + 224], (udata[0] >> i) & 1);
172
173 /* If all the key codes have been set to 0x01, it means
174 * too many keys were pressed at the same time. */
175 if (!memcmp(udata + 2, hidp_mkeyspat, 6))
176 break;
177
178 for (i = 2; i < 8; i++) {
179 if (keys[i] > 3 && memscan(udata + 2, keys[i], 6) == udata + 8) {
180 if (hidp_keycode[keys[i]])
181 input_report_key(dev, hidp_keycode[keys[i]], 0);
182 else
183 BT_ERR("Unknown key (scancode %#x) released.", keys[i]);
184 }
185
186 if (udata[i] > 3 && memscan(keys + 2, udata[i], 6) == keys + 8) {
187 if (hidp_keycode[udata[i]])
188 input_report_key(dev, hidp_keycode[udata[i]], 1);
189 else
190 BT_ERR("Unknown key (scancode %#x) pressed.", udata[i]);
191 }
192 }
193
194 memcpy(keys, udata, 8);
195 break;
196
197 case 0x02: /* Mouse report */
198 input_report_key(dev, BTN_LEFT, sdata[0] & 0x01);
199 input_report_key(dev, BTN_RIGHT, sdata[0] & 0x02);
200 input_report_key(dev, BTN_MIDDLE, sdata[0] & 0x04);
201 input_report_key(dev, BTN_SIDE, sdata[0] & 0x08);
202 input_report_key(dev, BTN_EXTRA, sdata[0] & 0x10);
203
204 input_report_rel(dev, REL_X, sdata[1]);
205 input_report_rel(dev, REL_Y, sdata[2]);
206
207 if (size > 3)
208 input_report_rel(dev, REL_WHEEL, sdata[3]);
209 break;
210 }
211
212 input_sync(dev);
213}
214
6bf8268f 215static int __hidp_send_ctrl_message(struct hidp_session *session,
1d0c4da8
GP		 216 unsigned char hdr, unsigned char *data,
217 int size)
6bf8268f
BN		 218{
219 struct sk_buff *skb;
220
221 BT_DBG("session %p data %p size %d", session, data, size);
222
794d1756
DH		 223 if (atomic_read(&session->terminate))
224 return -EIO;
225
5a08ecce
AE		 226 skb = alloc_skb(size + 1, GFP_ATOMIC);
227 if (!skb) {
6bf8268f
BN		 228 BT_ERR("Can't allocate memory for new frame");
229 return -ENOMEM;
230 }
231
232 *skb_put(skb, 1) = hdr;
233 if (data && size > 0)
234 memcpy(skb_put(skb, size), data, size);
235
236 skb_queue_tail(&session->ctrl_transmit, skb);
237
238 return 0;
239}
240
6039aa73 241static int hidp_send_ctrl_message(struct hidp_session *session,
6bf8268f
BN		 242 unsigned char hdr, unsigned char *data, int size)
243{
244 int err;
245
246 err = __hidp_send_ctrl_message(session, hdr, data, size);
247
248 hidp_schedule(session);
249
250 return err;
251}
252
91f5cca3
AM		 253static int hidp_queue_report(struct hidp_session *session,
254 unsigned char *data, int size)
e1aaadd4
MH		 255{
256 struct sk_buff *skb;
257
6792b5ec 258 BT_DBG("session %p hid %p data %p size %d", session, session->hid, data, size);
e1aaadd4 259
5a08ecce
AE		 260 skb = alloc_skb(size + 1, GFP_ATOMIC);
261 if (!skb) {
e1aaadd4
MH		 262 BT_ERR("Can't allocate memory for new frame");
263 return -ENOMEM;
264 }
265
266 *skb_put(skb, 1) = 0xa2;
267 if (size > 0)
268 memcpy(skb_put(skb, size), data, size);
269
270 skb_queue_tail(&session->intr_transmit, skb);
271
272 hidp_schedule(session);
273
274 return 0;
275}
276
277static int hidp_send_report(struct hidp_session *session, struct hid_report *report)
278{
279 unsigned char buf[32];
280 int rsize;
281
282 rsize = ((report->size - 1) >> 3) + 1 + (report->id > 0);
283 if (rsize > sizeof(buf))
284 return -EIO;
285
286 hid_output_report(report, buf);
287
288 return hidp_queue_report(session, buf, rsize);
289}
290
0ff1731a
AO		 291static int hidp_get_raw_report(struct hid_device *hid,
292 unsigned char report_number,
293 unsigned char *data, size_t count,
294 unsigned char report_type)
295{
296 struct hidp_session *session = hid->driver_data;
297 struct sk_buff *skb;
298 size_t len;
299 int numbered_reports = hid->report_enum[report_type].numbered;
794d1756 300 int ret;
0ff1731a 301
fd86c9be
KR		 302 if (atomic_read(&session->terminate))
303 return -EIO;
304
0ff1731a
AO		 305 switch (report_type) {
306 case HID_FEATURE_REPORT:
307 report_type = HIDP_TRANS_GET_REPORT | HIDP_DATA_RTYPE_FEATURE;
308 break;
309 case HID_INPUT_REPORT:
310 report_type = HIDP_TRANS_GET_REPORT | HIDP_DATA_RTYPE_INPUT;
311 break;
312 case HID_OUTPUT_REPORT:
313 report_type = HIDP_TRANS_GET_REPORT | HIDP_DATA_RTYPE_OUPUT;
314 break;
315 default:
316 return -EINVAL;
317 }
318
319 if (mutex_lock_interruptible(&session->report_mutex))
320 return -ERESTARTSYS;
321
322 /* Set up our wait, and send the report request to the device. */
323 session->waiting_report_type = report_type & HIDP_DATA_RTYPE_MASK;
324 session->waiting_report_number = numbered_reports ? report_number : -1;
325 set_bit(HIDP_WAITING_FOR_RETURN, &session->flags);
326 data[0] = report_number;
794d1756
DH		 327 ret = hidp_send_ctrl_message(hid->driver_data, report_type, data, 1);
328 if (ret)
329 goto err;
0ff1731a
AO		 330
331 /* Wait for the return of the report. The returned report
332 gets put in session->report_return. */
e3492dc3
DH		 333 while (test_bit(HIDP_WAITING_FOR_RETURN, &session->flags) &&
334 !atomic_read(&session->terminate)) {
0ff1731a
AO		 335 int res;
336
337 res = wait_event_interruptible_timeout(session->report_queue,
e3492dc3
DH		 338 !test_bit(HIDP_WAITING_FOR_RETURN, &session->flags)
339 || atomic_read(&session->terminate),
0ff1731a
AO		 340 5*HZ);
341 if (res == 0) {
342 /* timeout */
794d1756
DH		 343 ret = -EIO;
344 goto err;
0ff1731a
AO		 345 }
346 if (res < 0) {
347 /* signal */
794d1756
DH		 348 ret = -ERESTARTSYS;
349 goto err;
0ff1731a
AO		 350 }
351 }
352
353 skb = session->report_return;
354 if (skb) {
355 len = skb->len < count ? skb->len : count;
356 memcpy(data, skb->data, len);
357
358 kfree_skb(skb);
359 session->report_return = NULL;
360 } else {
361 /* Device returned a HANDSHAKE, indicating protocol error. */
362 len = -EIO;
363 }
364
365 clear_bit(HIDP_WAITING_FOR_RETURN, &session->flags);
366 mutex_unlock(&session->report_mutex);
367
368 return len;
369
794d1756 370err:
0ff1731a
AO		 371 clear_bit(HIDP_WAITING_FOR_RETURN, &session->flags);
372 mutex_unlock(&session->report_mutex);
794d1756 373 return ret;
0ff1731a
AO		 374}
375
d4bfa033
JK		 376static int hidp_output_raw_report(struct hid_device *hid, unsigned char *data, size_t count,
377 unsigned char report_type)
2da31939 378{
0825411a
AO		 379 struct hidp_session *session = hid->driver_data;
380 int ret;
381
d4bfa033
JK		 382 switch (report_type) {
383 case HID_FEATURE_REPORT:
384 report_type = HIDP_TRANS_SET_REPORT | HIDP_DATA_RTYPE_FEATURE;
385 break;
386 case HID_OUTPUT_REPORT:
97e1efbb 387 report_type = HIDP_TRANS_SET_REPORT | HIDP_DATA_RTYPE_OUPUT;
d4bfa033
JK		 388 break;
389 default:
390 return -EINVAL;
391 }
392
0825411a
AO		 393 if (mutex_lock_interruptible(&session->report_mutex))
394 return -ERESTARTSYS;
395
396 /* Set up our wait, and send the report request to the device. */
397 set_bit(HIDP_WAITING_FOR_SEND_ACK, &session->flags);
794d1756
DH		 398 ret = hidp_send_ctrl_message(hid->driver_data, report_type, data,
399 count);
400 if (ret)
0825411a 401 goto err;
0825411a
AO		 402
403 /* Wait for the ACK from the device. */
e3492dc3
DH		 404 while (test_bit(HIDP_WAITING_FOR_SEND_ACK, &session->flags) &&
405 !atomic_read(&session->terminate)) {
0825411a
AO		 406 int res;
407
408 res = wait_event_interruptible_timeout(session->report_queue,
e3492dc3
DH		 409 !test_bit(HIDP_WAITING_FOR_SEND_ACK, &session->flags)
410 || atomic_read(&session->terminate),
0825411a
AO		 411 10*HZ);
412 if (res == 0) {
413 /* timeout */
414 ret = -EIO;
415 goto err;
416 }
417 if (res < 0) {
418 /* signal */
419 ret = -ERESTARTSYS;
420 goto err;
421 }
422 }
423
424 if (!session->output_report_success) {
425 ret = -EIO;
426 goto err;
427 }
428
429 ret = count;
430
431err:
432 clear_bit(HIDP_WAITING_FOR_SEND_ACK, &session->flags);
433 mutex_unlock(&session->report_mutex);
434 return ret;
2da31939
JK		 435}
436
1da177e4
LT		 437static void hidp_idle_timeout(unsigned long arg)
438{
439 struct hidp_session *session = (struct hidp_session *) arg;
440
7bb59df8
PH		 441 atomic_inc(&session->terminate);
442 wake_up_process(session->task);
1da177e4
LT		 443}
444
91f5cca3 445static void hidp_set_timer(struct hidp_session *session)
1da177e4
LT		 446{
447 if (session->idle_to > 0)
448 mod_timer(&session->timer, jiffies + HZ * session->idle_to);
449}
450
6039aa73 451static void hidp_del_timer(struct hidp_session *session)
1da177e4
LT		 452{
453 if (session->idle_to > 0)
454 del_timer(&session->timer);
455}
456
91f5cca3
AM		 457static void hidp_process_handshake(struct hidp_session *session,
458 unsigned char param)
1da177e4
LT		 459{
460 BT_DBG("session %p param 0x%02x", session, param);
0825411a 461 session->output_report_success = 0; /* default condition */
1da177e4
LT		 462
463 switch (param) {
464 case HIDP_HSHK_SUCCESSFUL:
465 /* FIXME: Call into SET_ GET_ handlers here */
0825411a 466 session->output_report_success = 1;
1da177e4
LT		 467 break;
468
469 case HIDP_HSHK_NOT_READY:
470 case HIDP_HSHK_ERR_INVALID_REPORT_ID:
471 case HIDP_HSHK_ERR_UNSUPPORTED_REQUEST:
472 case HIDP_HSHK_ERR_INVALID_PARAMETER:
ab88f714 473 if (test_and_clear_bit(HIDP_WAITING_FOR_RETURN, &session->flags))
0ff1731a 474 wake_up_interruptible(&session->report_queue);
ab88f714 475
1da177e4
LT		 476 /* FIXME: Call into SET_ GET_ handlers here */
477 break;
478
479 case HIDP_HSHK_ERR_UNKNOWN:
480 break;
481
482 case HIDP_HSHK_ERR_FATAL:
483 /* Device requests a reboot, as this is the only way this error
8e87d142 484 * can be recovered. */
1da177e4
LT		 485 __hidp_send_ctrl_message(session,
486 HIDP_TRANS_HID_CONTROL | HIDP_CTRL_SOFT_RESET, NULL, 0);
487 break;
488
489 default:
490 __hidp_send_ctrl_message(session,
491 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0);
492 break;
493 }
0825411a
AO		 494
495 /* Wake up the waiting thread. */
ab88f714 496 if (test_and_clear_bit(HIDP_WAITING_FOR_SEND_ACK, &session->flags))
0825411a 497 wake_up_interruptible(&session->report_queue);
1da177e4
LT		 498}
499
91f5cca3
AM		 500static void hidp_process_hid_control(struct hidp_session *session,
501 unsigned char param)
1da177e4
LT		 502{
503 BT_DBG("session %p param 0x%02x", session, param);
504
eff001e3 505 if (param == HIDP_CTRL_VIRTUAL_CABLE_UNPLUG) {
1da177e4
LT		 506 /* Flush the transmit queues */
507 skb_queue_purge(&session->ctrl_transmit);
508 skb_queue_purge(&session->intr_transmit);
509
7bb59df8
PH		 510 atomic_inc(&session->terminate);
511 wake_up_process(current);
1da177e4
LT		 512 }
513}
514
0ff1731a
AO		 515/* Returns true if the passed-in skb should be freed by the caller. */
516static int hidp_process_data(struct hidp_session *session, struct sk_buff *skb,
91f5cca3 517 unsigned char param)
1da177e4 518{
0ff1731a 519 int done_with_skb = 1;
1da177e4
LT		 520 BT_DBG("session %p skb %p len %d param 0x%02x", session, skb, skb->len, param);
521
522 switch (param) {
523 case HIDP_DATA_RTYPE_INPUT:
524 hidp_set_timer(session);
525
526 if (session->input)
527 hidp_input_report(session, skb);
e1aaadd4
MH		 528
529 if (session->hid)
530 hid_input_report(session->hid, HID_INPUT_REPORT, skb->data, skb->len, 0);
1da177e4
LT		 531 break;
532
533 case HIDP_DATA_RTYPE_OTHER:
534 case HIDP_DATA_RTYPE_OUPUT:
535 case HIDP_DATA_RTYPE_FEATURE:
536 break;
537
538 default:
539 __hidp_send_ctrl_message(session,
540 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0);
541 }
0ff1731a
AO		 542
543 if (test_bit(HIDP_WAITING_FOR_RETURN, &session->flags) &&
544 param == session->waiting_report_type) {
545 if (session->waiting_report_number < 0 ||
546 session->waiting_report_number == skb->data[0]) {
547 /* hidp_get_raw_report() is waiting on this report. */
548 session->report_return = skb;
549 done_with_skb = 0;
550 clear_bit(HIDP_WAITING_FOR_RETURN, &session->flags);
551 wake_up_interruptible(&session->report_queue);
552 }
553 }
554
555 return done_with_skb;
1da177e4
LT		 556}
557
91f5cca3
AM		 558static void hidp_recv_ctrl_frame(struct hidp_session *session,
559 struct sk_buff *skb)
1da177e4
LT		 560{
561 unsigned char hdr, type, param;
0ff1731a 562 int free_skb = 1;
1da177e4
LT		 563
564 BT_DBG("session %p skb %p len %d", session, skb, skb->len);
565
566 hdr = skb->data[0];
567 skb_pull(skb, 1);
568
569 type = hdr & HIDP_HEADER_TRANS_MASK;
570 param = hdr & HIDP_HEADER_PARAM_MASK;
571
572 switch (type) {
573 case HIDP_TRANS_HANDSHAKE:
574 hidp_process_handshake(session, param);
575 break;
576
577 case HIDP_TRANS_HID_CONTROL:
578 hidp_process_hid_control(session, param);
579 break;
580
581 case HIDP_TRANS_DATA:
0ff1731a 582 free_skb = hidp_process_data(session, skb, param);
1da177e4
LT		 583 break;
584
585 default:
586 __hidp_send_ctrl_message(session,
587 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_UNSUPPORTED_REQUEST, NULL, 0);
588 break;
589 }
590
0ff1731a
AO		 591 if (free_skb)
592 kfree_skb(skb);
1da177e4
LT		 593}
594
91f5cca3
AM		 595static void hidp_recv_intr_frame(struct hidp_session *session,
596 struct sk_buff *skb)
1da177e4
LT		 597{
598 unsigned char hdr;
599
600 BT_DBG("session %p skb %p len %d", session, skb, skb->len);
601
602 hdr = skb->data[0];
603 skb_pull(skb, 1);
604
605 if (hdr == (HIDP_TRANS_DATA | HIDP_DATA_RTYPE_INPUT)) {
606 hidp_set_timer(session);
e1aaadd4 607
1da177e4
LT		 608 if (session->input)
609 hidp_input_report(session, skb);
e1aaadd4
MH		 610
611 if (session->hid) {
612 hid_input_report(session->hid, HID_INPUT_REPORT, skb->data, skb->len, 1);
613 BT_DBG("report len %d", skb->len);
614 }
1da177e4
LT		 615 } else {
616 BT_DBG("Unsupported protocol header 0x%02x", hdr);
617 }
618
619 kfree_skb(skb);
620}
621
622static int hidp_send_frame(struct socket *sock, unsigned char *data, int len)
623{
624 struct kvec iv = { data, len };
625 struct msghdr msg;
626
627 BT_DBG("sock %p data %p len %d", sock, data, len);
628
629 if (!len)
630 return 0;
631
632 memset(&msg, 0, sizeof(msg));
633
634 return kernel_sendmsg(sock, &msg, &iv, 1, len);
635}
636
679344e4 637static void hidp_process_intr_transmit(struct hidp_session *session)
1da177e4
LT		 638{
639 struct sk_buff *skb;
640
641 BT_DBG("session %p", session);
642
679344e4
GP		 643 while ((skb = skb_dequeue(&session->intr_transmit))) {
644 if (hidp_send_frame(session->intr_sock, skb->data, skb->len) < 0) {
645 skb_queue_head(&session->intr_transmit, skb);
1da177e4
LT		 646 break;
647 }
648
649 hidp_set_timer(session);
650 kfree_skb(skb);
651 }
679344e4 652}
1da177e4 653
679344e4
GP		 654static void hidp_process_ctrl_transmit(struct hidp_session *session)
655{
656 struct sk_buff *skb;
657
658 BT_DBG("session %p", session);
659
660 while ((skb = skb_dequeue(&session->ctrl_transmit))) {
661 if (hidp_send_frame(session->ctrl_sock, skb->data, skb->len) < 0) {
662 skb_queue_head(&session->ctrl_transmit, skb);
1da177e4
LT		 663 break;
664 }
665
666 hidp_set_timer(session);
667 kfree_skb(skb);
668 }
1da177e4
LT		 669}
670
671static int hidp_session(void *arg)
672{
673 struct hidp_session *session = arg;
674 struct sock *ctrl_sk = session->ctrl_sock->sk;
675 struct sock *intr_sk = session->intr_sock->sk;
676 struct sk_buff *skb;
1da177e4
LT		 677 wait_queue_t ctrl_wait, intr_wait;
678
679 BT_DBG("session %p", session);
680
25df0845 681 __module_get(THIS_MODULE);
1da177e4 682 set_user_nice(current, -15);
1da177e4
LT		 683
684 init_waitqueue_entry(&ctrl_wait, current);
685 init_waitqueue_entry(&intr_wait, current);
aa395145
ED		 686 add_wait_queue(sk_sleep(ctrl_sk), &ctrl_wait);
687 add_wait_queue(sk_sleep(intr_sk), &intr_wait);
0f69dca2
AO		 688 session->waiting_for_startup = 0;
689 wake_up_interruptible(&session->startup_queue);
7bb59df8
PH		 690 set_current_state(TASK_INTERRUPTIBLE);
691 while (!atomic_read(&session->terminate)) {
17f09a7e
SJ		 692 if (ctrl_sk->sk_state != BT_CONNECTED ||
693 intr_sk->sk_state != BT_CONNECTED)
1da177e4
LT		 694 break;
695
dc0da5cd 696 while ((skb = skb_dequeue(&intr_sk->sk_receive_queue))) {
1da177e4 697 skb_orphan(skb);
44935720 698 if (!skb_linearize(skb))
dc0da5cd 699 hidp_recv_intr_frame(session, skb);
44935720
MM		 700 else
701 kfree_skb(skb);
1da177e4
LT		 702 }
703
679344e4
GP		 704 hidp_process_intr_transmit(session);
705
dc0da5cd 706 while ((skb = skb_dequeue(&ctrl_sk->sk_receive_queue))) {
1da177e4 707 skb_orphan(skb);
44935720 708 if (!skb_linearize(skb))
dc0da5cd 709 hidp_recv_ctrl_frame(session, skb);
44935720
MM		 710 else
711 kfree_skb(skb);
1da177e4
LT		 712 }
713
679344e4 714 hidp_process_ctrl_transmit(session);
1da177e4
LT		 715
716 schedule();
7bb59df8 717 set_current_state(TASK_INTERRUPTIBLE);
1da177e4
LT		 718 }
719 set_current_state(TASK_RUNNING);
fd86c9be 720 atomic_inc(&session->terminate);
aa395145
ED		 721 remove_wait_queue(sk_sleep(intr_sk), &intr_wait);
722 remove_wait_queue(sk_sleep(ctrl_sk), &ctrl_wait);
1da177e4 723
794d1756
DH		 724 clear_bit(HIDP_WAITING_FOR_SEND_ACK, &session->flags);
725 clear_bit(HIDP_WAITING_FOR_RETURN, &session->flags);
726 wake_up_interruptible(&session->report_queue);
727
1da177e4
LT		 728 down_write(&hidp_session_sem);
729
730 hidp_del_timer(session);
731
1da177e4
LT		 732 if (session->input) {
733 input_unregister_device(session->input);
34abf91f 734 session->input = NULL;
1da177e4
LT		 735 }
736
e1aaadd4 737 if (session->hid) {
85cdaf52 738 hid_destroy_device(session->hid);
edad6388 739 session->hid = NULL;
e1aaadd4
MH		 740 }
741
ec8dab36
MH		 742 /* Wakeup user-space polling for socket errors */
743 session->intr_sock->sk->sk_err = EUNATCH;
744 session->ctrl_sock->sk->sk_err = EUNATCH;
745
746 hidp_schedule(session);
747
1c39858b
DW		 748 fput(session->intr_sock->file);
749
aa395145 750 wait_event_timeout(*(sk_sleep(ctrl_sk)),
1c39858b
DW		 751 (ctrl_sk->sk_state == BT_CLOSED), msecs_to_jiffies(500));
752
753 fput(session->ctrl_sock->file);
754
fc225c3f 755 list_del(&session->list);
1c39858b 756
1da177e4
LT		 757 up_write(&hidp_session_sem);
758
1c97e94c 759 kfree(session->rd_data);
1da177e4 760 kfree(session);
25df0845 761 module_put_and_exit(0);
1da177e4
LT		 762 return 0;
763}
764
3e90dc86 765static struct hci_conn *hidp_get_connection(struct hidp_session *session)
0a85b964
MH		 766{
767 bdaddr_t *src = &bt_sk(session->ctrl_sock->sk)->src;
768 bdaddr_t *dst = &bt_sk(session->ctrl_sock->sk)->dst;
1785dbf9 769 struct hci_conn *conn;
0a85b964 770 struct hci_dev *hdev;
0a85b964
MH		 771
772 hdev = hci_get_route(dst, src);
773 if (!hdev)
774 return NULL;
775
09fd0de5 776 hci_dev_lock(hdev);
1785dbf9 777 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst);
09fd0de5 778 hci_dev_unlock(hdev);
0a85b964
MH		 779
780 hci_dev_put(hdev);
781
1785dbf9 782 return conn;
0a85b964
MH		 783}
784
91f5cca3
AM		 785static int hidp_setup_input(struct hidp_session *session,
786 struct hidp_connadd_req *req)
1da177e4 787{
c500c971 788 struct input_dev *input;
3415a5fd 789 int i;
1da177e4 790
c500c971
JS		 791 input = input_allocate_device();
792 if (!input)
793 return -ENOMEM;
794
795 session->input = input;
796
5be39466 797 input_set_drvdata(input, session);
1da177e4 798
34abf91f
DT		 799 input->name = "Bluetooth HID Boot Protocol Device";
800
1da177e4
LT		 801 input->id.bustype = BUS_BLUETOOTH;
802 input->id.vendor = req->vendor;
803 input->id.product = req->product;
804 input->id.version = req->version;
805
806 if (req->subclass & 0x40) {
807 set_bit(EV_KEY, input->evbit);
808 set_bit(EV_LED, input->evbit);
809 set_bit(EV_REP, input->evbit);
810
811 set_bit(LED_NUML, input->ledbit);
812 set_bit(LED_CAPSL, input->ledbit);
813 set_bit(LED_SCROLLL, input->ledbit);
814 set_bit(LED_COMPOSE, input->ledbit);
815 set_bit(LED_KANA, input->ledbit);
816
817 for (i = 0; i < sizeof(hidp_keycode); i++)
818 set_bit(hidp_keycode[i], input->keybit);
819 clear_bit(0, input->keybit);
820 }
821
822 if (req->subclass & 0x80) {
7b19ada2
JS		 823 input->evbit[0] = BIT_MASK(EV_KEY) | BIT_MASK(EV_REL);
824 input->keybit[BIT_WORD(BTN_MOUSE)] = BIT_MASK(BTN_LEFT) |
825 BIT_MASK(BTN_RIGHT) | BIT_MASK(BTN_MIDDLE);
826 input->relbit[0] = BIT_MASK(REL_X) | BIT_MASK(REL_Y);
827 input->keybit[BIT_WORD(BTN_MOUSE)] |= BIT_MASK(BTN_SIDE) |
828 BIT_MASK(BTN_EXTRA);
829 input->relbit[0] |= BIT_MASK(REL_WHEEL);
1da177e4
LT		 830 }
831
1785dbf9 832 input->dev.parent = &session->conn->dev;
0a85b964 833
1da177e4
LT		 834 input->event = hidp_input_event;
835
edad6388 836 return 0;
1da177e4
LT		 837}
838
f5ffd462
MH		 839static int hidp_open(struct hid_device *hid)
840{
841 return 0;
842}
843
844static void hidp_close(struct hid_device *hid)
845{
846}
847
c500c971
JS		 848static int hidp_parse(struct hid_device *hid)
849{
850 struct hidp_session *session = hid->driver_data;
c500c971 851
15c697ce
MP		 852 return hid_parse_report(session->hid, session->rd_data,
853 session->rd_size);
c500c971
JS		 854}
855
856static int hidp_start(struct hid_device *hid)
857{
858 struct hidp_session *session = hid->driver_data;
859 struct hid_report *report;
860
142c69c6
DH		 861 if (hid->quirks & HID_QUIRK_NO_INIT_REPORTS)
862 return 0;
863
c500c971
JS		 864 list_for_each_entry(report, &hid->report_enum[HID_INPUT_REPORT].
865 report_list, list)
866 hidp_send_report(session, report);
867
868 list_for_each_entry(report, &hid->report_enum[HID_FEATURE_REPORT].
869 report_list, list)
870 hidp_send_report(session, report);
871
c500c971
JS		 872 return 0;
873}
874
875static void hidp_stop(struct hid_device *hid)
876{
877 struct hidp_session *session = hid->driver_data;
878
879 skb_queue_purge(&session->ctrl_transmit);
880 skb_queue_purge(&session->intr_transmit);
881
c500c971
JS		 882 hid->claimed = 0;
883}
884
885static struct hid_ll_driver hidp_hid_driver = {
886 .parse = hidp_parse,
887 .start = hidp_start,
888 .stop = hidp_stop,
889 .open = hidp_open,
890 .close = hidp_close,
891 .hidinput_input_event = hidp_hidinput_event,
892};
893
0f69dca2
AO		 894/* This function sets up the hid device. It does not add it
895 to the HID system. That is done in hidp_add_connection(). */
85cdaf52 896static int hidp_setup_hid(struct hidp_session *session,
91f5cca3 897 struct hidp_connadd_req *req)
e1aaadd4 898{
c500c971 899 struct hid_device *hid;
edad6388 900 int err;
e1aaadd4 901
15c697ce
MP		 902 session->rd_data = kzalloc(req->rd_size, GFP_KERNEL);
903 if (!session->rd_data)
904 return -ENOMEM;
905
906 if (copy_from_user(session->rd_data, req->rd_data, req->rd_size)) {
907 err = -EFAULT;
908 goto fault;
909 }
910 session->rd_size = req->rd_size;
911
c500c971 912 hid = hid_allocate_device();
15c697ce
MP		 913 if (IS_ERR(hid)) {
914 err = PTR_ERR(hid);
915 goto fault;
916 }
e1aaadd4 917
c500c971 918 session->hid = hid;
15c697ce 919
e1aaadd4
MH		 920 hid->driver_data = session;
921
e1aaadd4
MH		 922 hid->bus = BUS_BLUETOOTH;
923 hid->vendor = req->vendor;
924 hid->product = req->product;
925 hid->version = req->version;
c500c971 926 hid->country = req->country;
e1aaadd4 927
0a9ab9bd 928 strncpy(hid->name, req->name, sizeof(req->name) - 1);
fcb73338
AE		 929
930 snprintf(hid->phys, sizeof(hid->phys), "%pMR",
931 &bt_sk(session->ctrl_sock->sk)->src);
932
933 snprintf(hid->uniq, sizeof(hid->uniq), "%pMR",
934 &bt_sk(session->ctrl_sock->sk)->dst);
e1aaadd4 935
1785dbf9 936 hid->dev.parent = &session->conn->dev;
c500c971 937 hid->ll_driver = &hidp_hid_driver;
85cdaf52 938
0ff1731a 939 hid->hid_get_raw_report = hidp_get_raw_report;
2da31939
JK		 940 hid->hid_output_raw_report = hidp_output_raw_report;
941
4529eefa
LS		 942 /* True if device is blacklisted in drivers/hid/hid-core.c */
943 if (hid_ignore(hid)) {
944 hid_destroy_device(session->hid);
945 session->hid = NULL;
946 return -ENODEV;
947 }
948
c500c971 949 return 0;
edad6388 950
15c697ce
MP		 951fault:
952 kfree(session->rd_data);
953 session->rd_data = NULL;
954
edad6388 955 return err;
e1aaadd4
MH		 956}
957
1da177e4
LT		 958int hidp_add_connection(struct hidp_connadd_req *req, struct socket *ctrl_sock, struct socket *intr_sock)
959{
960 struct hidp_session *session, *s;
aabf6f89 961 int vendor, product;
1da177e4
LT		 962 int err;
963
964 BT_DBG("");
965
b3916db3
DH		 966 if (!l2cap_is_socket(ctrl_sock) || !l2cap_is_socket(intr_sock))
967 return -EINVAL;
1da177e4
LT		 968 if (bacmp(&bt_sk(ctrl_sock->sk)->src, &bt_sk(intr_sock->sk)->src) ||
969 bacmp(&bt_sk(ctrl_sock->sk)->dst, &bt_sk(intr_sock->sk)->dst))
970 return -ENOTUNIQ;
971
e1aaadd4
MH		 972 BT_DBG("rd_data %p rd_size %d", req->rd_data, req->rd_size);
973
1da177e4
LT		 974 down_write(&hidp_session_sem);
975
976 s = __hidp_get_session(&bt_sk(ctrl_sock->sk)->dst);
dcc07647 977 if (s) {
81b25cd0
GP		 978 up_write(&hidp_session_sem);
979 return -EEXIST;
980 }
981
982 session = kzalloc(sizeof(struct hidp_session), GFP_KERNEL);
983 if (!session) {
984 up_write(&hidp_session_sem);
985 return -ENOMEM;
1da177e4
LT		 986 }
987
988 bacpy(&session->bdaddr, &bt_sk(ctrl_sock->sk)->dst);
989
0c1bc5c6
GP		 990 session->ctrl_mtu = min_t(uint, l2cap_pi(ctrl_sock->sk)->chan->omtu,
991 l2cap_pi(ctrl_sock->sk)->chan->imtu);
992 session->intr_mtu = min_t(uint, l2cap_pi(intr_sock->sk)->chan->omtu,
993 l2cap_pi(intr_sock->sk)->chan->imtu);
1da177e4
LT		 994
995 BT_DBG("ctrl mtu %d intr mtu %d", session->ctrl_mtu, session->intr_mtu);
996
997 session->ctrl_sock = ctrl_sock;
998 session->intr_sock = intr_sock;
1da177e4 999
3c32fa93
GP		 1000 session->conn = hidp_get_connection(session);
1001 if (!session->conn) {
1002 err = -ENOTCONN;
1003 goto failed;
1004 }
1005
b24b8a24 1006 setup_timer(&session->timer, hidp_idle_timeout, (unsigned long)session);
1da177e4
LT		 1007
1008 skb_queue_head_init(&session->ctrl_transmit);
1009 skb_queue_head_init(&session->intr_transmit);
1010
0ff1731a
AO		 1011 mutex_init(&session->report_mutex);
1012 init_waitqueue_head(&session->report_queue);
0f69dca2
AO		 1013 init_waitqueue_head(&session->startup_queue);
1014 session->waiting_for_startup = 1;
1da177e4
LT		 1015 session->flags = req->flags & (1 << HIDP_BLUETOOTH_VENDOR_ID);
1016 session->idle_to = req->idle_to;
1017
fc225c3f 1018 list_add(&session->list, &hidp_session_list);
1785dbf9 1019
c500c971 1020 if (req->rd_size > 0) {
85cdaf52 1021 err = hidp_setup_hid(session, req);
4529eefa 1022 if (err && err != -ENODEV)
edad6388 1023 goto purge;
c500c971
JS		 1024 }
1025
1026 if (!session->hid) {
1027 err = hidp_setup_input(session, req);
1028 if (err < 0)
edad6388 1029 goto purge;
85cdaf52 1030 }
e1aaadd4 1031
1da177e4
LT		 1032 hidp_set_timer(session);
1033
aabf6f89
SJ		 1034 if (session->hid) {
1035 vendor = session->hid->vendor;
1036 product = session->hid->product;
1037 } else if (session->input) {
1038 vendor = session->input->id.vendor;
1039 product = session->input->id.product;
1040 } else {
1041 vendor = 0x0000;
1042 product = 0x0000;
1043 }
1044
1045 session->task = kthread_run(hidp_session, session, "khidpd_%04x%04x",
1046 vendor, product);
1047 if (IS_ERR(session->task)) {
1048 err = PTR_ERR(session->task);
1da177e4 1049 goto unlink;
aabf6f89
SJ		 1050 }
1051
0f69dca2
AO		 1052 while (session->waiting_for_startup) {
1053 wait_event_interruptible(session->startup_queue,
1054 !session->waiting_for_startup);
1055 }
1056
3415a5fd
GP		 1057 if (session->hid)
1058 err = hid_add_device(session->hid);
1059 else
1060 err = input_register_device(session->input);
1061
e9d5cb54
PH		 1062 if (err < 0) {
1063 atomic_inc(&session->terminate);
1064 wake_up_process(session->task);
1065 up_write(&hidp_session_sem);
1066 return err;
1067 }
1da177e4
LT		 1068
1069 if (session->input) {
1070 hidp_send_ctrl_message(session,
1071 HIDP_TRANS_SET_PROTOCOL | HIDP_PROTO_BOOT, NULL, 0);
1072 session->flags |= (1 << HIDP_BOOT_PROTOCOL_MODE);
1073
1074 session->leds = 0xff;
1075 hidp_input_event(session->input, EV_LED, 0, 0);
1076 }
1077
1078 up_write(&hidp_session_sem);
1079 return 0;
1080
1081unlink:
1082 hidp_del_timer(session);
1083
edad6388 1084 if (session->input) {
1da177e4 1085 input_unregister_device(session->input);
edad6388
MH		 1086 session->input = NULL;
1087 }
1088
1089 if (session->hid) {
85cdaf52 1090 hid_destroy_device(session->hid);
edad6388
MH		 1091 session->hid = NULL;
1092 }
1093
15c697ce
MP		 1094 kfree(session->rd_data);
1095 session->rd_data = NULL;
1096
edad6388 1097purge:
fc225c3f 1098 list_del(&session->list);
1785dbf9 1099
c500c971
JS		 1100 skb_queue_purge(&session->ctrl_transmit);
1101 skb_queue_purge(&session->intr_transmit);
edad6388 1102
c500c971
JS		 1103failed:
1104 up_write(&hidp_session_sem);
e1aaadd4 1105
1da177e4
LT		 1106 kfree(session);
1107 return err;
1108}
1109
1110int hidp_del_connection(struct hidp_conndel_req *req)
1111{
1112 struct hidp_session *session;
1113 int err = 0;
1114
1115 BT_DBG("");
1116
1117 down_read(&hidp_session_sem);
1118
1119 session = __hidp_get_session(&req->bdaddr);
1120 if (session) {
1121 if (req->flags & (1 << HIDP_VIRTUAL_CABLE_UNPLUG)) {
1122 hidp_send_ctrl_message(session,
1123 HIDP_TRANS_HID_CONTROL | HIDP_CTRL_VIRTUAL_CABLE_UNPLUG, NULL, 0);
1124 } else {
1125 /* Flush the transmit queues */
1126 skb_queue_purge(&session->ctrl_transmit);
1127 skb_queue_purge(&session->intr_transmit);
1128
7bb59df8
PH		 1129 atomic_inc(&session->terminate);
1130 wake_up_process(session->task);
1da177e4
LT		 1131 }
1132 } else
1133 err = -ENOENT;
1134
1135 up_read(&hidp_session_sem);
1136 return err;
1137}
1138
1139int hidp_get_connlist(struct hidp_connlist_req *req)
1140{
cd11cdd2 1141 struct hidp_session *session;
1da177e4
LT		 1142 int err = 0, n = 0;
1143
1144 BT_DBG("");
1145
1146 down_read(&hidp_session_sem);
1147
cd11cdd2 1148 list_for_each_entry(session, &hidp_session_list, list) {
1da177e4
LT		 1149 struct hidp_conninfo ci;
1150
1da177e4
LT		 1151 __hidp_copy_session(session, &ci);
1152
1153 if (copy_to_user(req->ci, &ci, sizeof(ci))) {
1154 err = -EFAULT;
1155 break;
1156 }
1157
1158 if (++n >= req->cnum)
1159 break;
1160
1161 req->ci++;
1162 }
1163 req->cnum = n;
1164
1165 up_read(&hidp_session_sem);
1166 return err;
1167}
1168
1169int hidp_get_conninfo(struct hidp_conninfo *ci)
1170{
1171 struct hidp_session *session;
1172 int err = 0;
1173
1174 down_read(&hidp_session_sem);
1175
1176 session = __hidp_get_session(&ci->bdaddr);
1177 if (session)
1178 __hidp_copy_session(session, ci);
1179 else
1180 err = -ENOENT;
1181
1182 up_read(&hidp_session_sem);
1183 return err;
1184}
1185
1186static int __init hidp_init(void)
1187{
1da177e4
LT		 1188 BT_INFO("HIDP (Human Interface Emulation) ver %s", VERSION);
1189
8215d557 1190 return hidp_init_sockets();
1da177e4
LT		 1191}
1192
1193static void __exit hidp_exit(void)
1194{
1195 hidp_cleanup_sockets();
1196}
1197
1198module_init(hidp_init);
1199module_exit(hidp_exit);
1200
1201MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
1202MODULE_DESCRIPTION("Bluetooth HIDP ver " VERSION);
1203MODULE_VERSION(VERSION);
1204MODULE_LICENSE("GPL");
1205MODULE_ALIAS("bt-proto-6");
Linux kernel - Deliverables
This page took 0.708364 seconds and 5 git commands to generate.