projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Fix two minor style issues in HCI code
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / hci_conn.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI connection handling. */
26
1da177e4
LT		 27#include <linux/module.h>
28
29#include <linux/types.h>
30#include <linux/errno.h>
31#include <linux/kernel.h>
1da177e4
LT		 32#include <linux/slab.h>
33#include <linux/poll.h>
34#include <linux/fcntl.h>
35#include <linux/init.h>
36#include <linux/skbuff.h>
37#include <linux/interrupt.h>
1da177e4
LT		 38#include <net/sock.h>
39
40#include <asm/system.h>
70f23020 41#include <linux/uaccess.h>
1da177e4
LT		 42#include <asm/unaligned.h>
43
44#include <net/bluetooth/bluetooth.h>
45#include <net/bluetooth/hci_core.h>
46
fcd89c09
VT		 47static void hci_le_connect(struct hci_conn *conn)
48{
49 struct hci_dev *hdev = conn->hdev;
50 struct hci_cp_le_create_conn cp;
51
52 conn->state = BT_CONNECT;
a0c808b3 53 conn->out = true;
b92a6223 54 conn->link_mode |= HCI_LM_MASTER;
7b5c0d52 55 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 56
57 memset(&cp, 0, sizeof(cp));
0e833915
AL		 58 cp.scan_interval = cpu_to_le16(0x0060);
59 cp.scan_window = cpu_to_le16(0x0030);
fcd89c09 60 bacpy(&cp.peer_addr, &conn->dst);
6d3ce0e7 61 cp.peer_addr_type = conn->dst_type;
0e833915
AL		 62 cp.conn_interval_min = cpu_to_le16(0x0028);
63 cp.conn_interval_max = cpu_to_le16(0x0038);
64 cp.supervision_timeout = cpu_to_le16(0x002a);
65 cp.min_ce_len = cpu_to_le16(0x0000);
66 cp.max_ce_len = cpu_to_le16(0x0000);
fcd89c09
VT		 67
68 hci_send_cmd(hdev, HCI_OP_LE_CREATE_CONN, sizeof(cp), &cp);
69}
70
71static void hci_le_connect_cancel(struct hci_conn *conn)
72{
73 hci_send_cmd(conn->hdev, HCI_OP_LE_CREATE_CONN_CANCEL, 0, NULL);
74}
75
4c67bc74 76void hci_acl_connect(struct hci_conn *conn)
1da177e4
LT		 77{
78 struct hci_dev *hdev = conn->hdev;
79 struct inquiry_entry *ie;
80 struct hci_cp_create_conn cp;
81
42d2d87c 82 BT_DBG("hcon %p", conn);
1da177e4
LT		 83
84 conn->state = BT_CONNECT;
a0c808b3 85 conn->out = true;
a8746417 86
1da177e4
LT		 87 conn->link_mode = HCI_LM_MASTER;
88
4c67bc74
MH		 89 conn->attempt++;
90
e4e8e37c
MH		 91 conn->link_policy = hdev->link_policy;
92
1da177e4
LT		 93 memset(&cp, 0, sizeof(cp));
94 bacpy(&cp.bdaddr, &conn->dst);
95 cp.pscan_rep_mode = 0x02;
96
70f23020
AE		 97 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
98 if (ie) {
41a96212
MH		 99 if (inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) {
100 cp.pscan_rep_mode = ie->data.pscan_rep_mode;
101 cp.pscan_mode = ie->data.pscan_mode;
102 cp.clock_offset = ie->data.clock_offset |
103 cpu_to_le16(0x8000);
104 }
105
1da177e4 106 memcpy(conn->dev_class, ie->data.dev_class, 3);
58a681ef
JH		 107 if (ie->data.ssp_mode > 0)
108 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
1da177e4
LT		 109 }
110
a8746417 111 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1da177e4 112 if (lmp_rswitch_capable(hdev) && !(hdev->link_mode & HCI_LM_MASTER))
b6a0dc82 113 cp.role_switch = 0x01;
1da177e4 114 else
b6a0dc82 115 cp.role_switch = 0x00;
4c67bc74 116
a9de9248 117 hci_send_cmd(hdev, HCI_OP_CREATE_CONN, sizeof(cp), &cp);
1da177e4
LT		 118}
119
6ac59344
MH		 120static void hci_acl_connect_cancel(struct hci_conn *conn)
121{
122 struct hci_cp_create_conn_cancel cp;
123
124 BT_DBG("%p", conn);
125
d095c1eb 126 if (conn->hdev->hci_ver < BLUETOOTH_VER_1_2)
6ac59344
MH		 127 return;
128
129 bacpy(&cp.bdaddr, &conn->dst);
a9de9248 130 hci_send_cmd(conn->hdev, HCI_OP_CREATE_CONN_CANCEL, sizeof(cp), &cp);
6ac59344
MH		 131}
132
1da177e4
LT		 133void hci_acl_disconn(struct hci_conn *conn, __u8 reason)
134{
135 struct hci_cp_disconnect cp;
136
137 BT_DBG("%p", conn);
138
139 conn->state = BT_DISCONN;
140
aca3192c 141 cp.handle = cpu_to_le16(conn->handle);
1da177e4 142 cp.reason = reason;
a9de9248 143 hci_send_cmd(conn->hdev, HCI_OP_DISCONNECT, sizeof(cp), &cp);
1da177e4
LT		 144}
145
146void hci_add_sco(struct hci_conn *conn, __u16 handle)
147{
148 struct hci_dev *hdev = conn->hdev;
149 struct hci_cp_add_sco cp;
150
151 BT_DBG("%p", conn);
152
153 conn->state = BT_CONNECT;
a0c808b3 154 conn->out = true;
1da177e4 155
efc7688b
MH		 156 conn->attempt++;
157
aca3192c 158 cp.handle = cpu_to_le16(handle);
a8746417 159 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1da177e4 160
a9de9248 161 hci_send_cmd(hdev, HCI_OP_ADD_SCO, sizeof(cp), &cp);
1da177e4
LT		 162}
163
b6a0dc82
MH		 164void hci_setup_sync(struct hci_conn *conn, __u16 handle)
165{
166 struct hci_dev *hdev = conn->hdev;
167 struct hci_cp_setup_sync_conn cp;
168
169 BT_DBG("%p", conn);
170
171 conn->state = BT_CONNECT;
a0c808b3 172 conn->out = true;
b6a0dc82 173
efc7688b
MH		 174 conn->attempt++;
175
b6a0dc82 176 cp.handle = cpu_to_le16(handle);
a8746417 177 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82
MH		 178
179 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
180 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
181 cp.max_latency = cpu_to_le16(0xffff);
182 cp.voice_setting = cpu_to_le16(hdev->voice_setting);
183 cp.retrans_effort = 0xff;
184
185 hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp);
186}
187
2ce603eb
CT		 188void hci_le_conn_update(struct hci_conn *conn, u16 min, u16 max,
189 u16 latency, u16 to_multiplier)
190{
191 struct hci_cp_le_conn_update cp;
192 struct hci_dev *hdev = conn->hdev;
193
194 memset(&cp, 0, sizeof(cp));
195
196 cp.handle = cpu_to_le16(conn->handle);
197 cp.conn_interval_min = cpu_to_le16(min);
198 cp.conn_interval_max = cpu_to_le16(max);
199 cp.conn_latency = cpu_to_le16(latency);
200 cp.supervision_timeout = cpu_to_le16(to_multiplier);
201 cp.min_ce_len = cpu_to_le16(0x0001);
202 cp.max_ce_len = cpu_to_le16(0x0001);
203
204 hci_send_cmd(hdev, HCI_OP_LE_CONN_UPDATE, sizeof(cp), &cp);
205}
206EXPORT_SYMBOL(hci_le_conn_update);
207
a7a595f6
VCG		 208void hci_le_start_enc(struct hci_conn *conn, __le16 ediv, __u8 rand[8],
209 __u8 ltk[16])
210{
211 struct hci_dev *hdev = conn->hdev;
212 struct hci_cp_le_start_enc cp;
213
214 BT_DBG("%p", conn);
215
216 memset(&cp, 0, sizeof(cp));
217
218 cp.handle = cpu_to_le16(conn->handle);
219 memcpy(cp.ltk, ltk, sizeof(cp.ltk));
220 cp.ediv = ediv;
51beabdf 221 memcpy(cp.rand, rand, sizeof(cp.rand));
a7a595f6
VCG		 222
223 hci_send_cmd(hdev, HCI_OP_LE_START_ENC, sizeof(cp), &cp);
224}
225EXPORT_SYMBOL(hci_le_start_enc);
226
227void hci_le_ltk_reply(struct hci_conn *conn, u8 ltk[16])
228{
229 struct hci_dev *hdev = conn->hdev;
230 struct hci_cp_le_ltk_reply cp;
231
232 BT_DBG("%p", conn);
233
234 memset(&cp, 0, sizeof(cp));
235
236 cp.handle = cpu_to_le16(conn->handle);
237 memcpy(cp.ltk, ltk, sizeof(ltk));
238
239 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
240}
241EXPORT_SYMBOL(hci_le_ltk_reply);
242
243void hci_le_ltk_neg_reply(struct hci_conn *conn)
244{
245 struct hci_dev *hdev = conn->hdev;
246 struct hci_cp_le_ltk_neg_reply cp;
247
248 BT_DBG("%p", conn);
249
250 memset(&cp, 0, sizeof(cp));
251
252 cp.handle = cpu_to_le16(conn->handle);
253
254 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(cp), &cp);
255}
256
e73439d8
MH		 257/* Device _must_ be locked */
258void hci_sco_setup(struct hci_conn *conn, __u8 status)
259{
260 struct hci_conn *sco = conn->link;
261
262 BT_DBG("%p", conn);
263
264 if (!sco)
265 return;
266
267 if (!status) {
268 if (lmp_esco_capable(conn->hdev))
269 hci_setup_sync(sco, conn->handle);
270 else
271 hci_add_sco(sco, conn->handle);
272 } else {
273 hci_proto_connect_cfm(sco, status);
274 hci_conn_del(sco);
275 }
276}
277
19c40e3b 278static void hci_conn_timeout(struct work_struct *work)
1da177e4 279{
19c40e3b
GP		 280 struct hci_conn *conn = container_of(work, struct hci_conn,
281 disc_work.work);
2950f21a 282 __u8 reason;
1da177e4 283
e05dcc32 284 BT_DBG("conn %p state %s", conn, state_to_string(conn->state));
1da177e4
LT		 285
286 if (atomic_read(&conn->refcnt))
287 return;
288
6ac59344
MH		 289 switch (conn->state) {
290 case BT_CONNECT:
769be974 291 case BT_CONNECT2:
fcd89c09
VT		 292 if (conn->out) {
293 if (conn->type == ACL_LINK)
294 hci_acl_connect_cancel(conn);
295 else if (conn->type == LE_LINK)
296 hci_le_connect_cancel(conn);
297 }
6ac59344 298 break;
769be974 299 case BT_CONFIG:
8e87d142 300 case BT_CONNECTED:
2950f21a
MH		 301 reason = hci_proto_disconn_ind(conn);
302 hci_acl_disconn(conn, reason);
6ac59344
MH		 303 break;
304 default:
1da177e4 305 conn->state = BT_CLOSED;
6ac59344
MH		 306 break;
307 }
1da177e4
LT		 308}
309
416dc94b
GP		 310/* Enter sniff mode */
311static void hci_conn_enter_sniff_mode(struct hci_conn *conn)
312{
313 struct hci_dev *hdev = conn->hdev;
314
315 BT_DBG("conn %p mode %d", conn, conn->mode);
316
317 if (test_bit(HCI_RAW, &hdev->flags))
318 return;
319
320 if (!lmp_sniff_capable(hdev) || !lmp_sniff_capable(conn))
321 return;
322
323 if (conn->mode != HCI_CM_ACTIVE || !(conn->link_policy & HCI_LP_SNIFF))
324 return;
325
326 if (lmp_sniffsubr_capable(hdev) && lmp_sniffsubr_capable(conn)) {
327 struct hci_cp_sniff_subrate cp;
328 cp.handle = cpu_to_le16(conn->handle);
329 cp.max_latency = cpu_to_le16(0);
330 cp.min_remote_timeout = cpu_to_le16(0);
331 cp.min_local_timeout = cpu_to_le16(0);
332 hci_send_cmd(hdev, HCI_OP_SNIFF_SUBRATE, sizeof(cp), &cp);
333 }
334
51a8efd7 335 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
416dc94b
GP		 336 struct hci_cp_sniff_mode cp;
337 cp.handle = cpu_to_le16(conn->handle);
338 cp.max_interval = cpu_to_le16(hdev->sniff_max_interval);
339 cp.min_interval = cpu_to_le16(hdev->sniff_min_interval);
340 cp.attempt = cpu_to_le16(4);
341 cp.timeout = cpu_to_le16(1);
342 hci_send_cmd(hdev, HCI_OP_SNIFF_MODE, sizeof(cp), &cp);
343 }
344}
345
04837f64 346static void hci_conn_idle(unsigned long arg)
1da177e4 347{
04837f64
MH		 348 struct hci_conn *conn = (void *) arg;
349
350 BT_DBG("conn %p mode %d", conn, conn->mode);
351
352 hci_conn_enter_sniff_mode(conn);
1da177e4
LT		 353}
354
9f61656a
JH		 355static void hci_conn_auto_accept(unsigned long arg)
356{
357 struct hci_conn *conn = (void *) arg;
358 struct hci_dev *hdev = conn->hdev;
359
9f61656a
JH		 360 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY, sizeof(conn->dst),
361 &conn->dst);
9f61656a
JH		 362}
363
1da177e4
LT		 364struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst)
365{
366 struct hci_conn *conn;
367
368 BT_DBG("%s dst %s", hdev->name, batostr(dst));
369
cb601d7e 370 conn = kzalloc(sizeof(struct hci_conn), GFP_KERNEL);
04837f64 371 if (!conn)
1da177e4 372 return NULL;
1da177e4
LT		 373
374 bacpy(&conn->dst, dst);
a8746417
MH		 375 conn->hdev = hdev;
376 conn->type = type;
377 conn->mode = HCI_CM_ACTIVE;
378 conn->state = BT_OPEN;
93f19c9f 379 conn->auth_type = HCI_AT_GENERAL_BONDING;
17fa4b9d 380 conn->io_capability = hdev->io_capability;
a9583556 381 conn->remote_auth = 0xff;
13d39315 382 conn->key_type = 0xff;
1da177e4 383
58a681ef 384 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
052b30b0 385 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
04837f64 386
a8746417
MH		 387 switch (type) {
388 case ACL_LINK:
389 conn->pkt_type = hdev->pkt_type & ACL_PTYPE_MASK;
390 break;
391 case SCO_LINK:
392 if (lmp_esco_capable(hdev))
efc7688b
MH		 393 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
394 (hdev->esco_type & EDR_ESCO_MASK);
a8746417
MH		 395 else
396 conn->pkt_type = hdev->pkt_type & SCO_PTYPE_MASK;
397 break;
398 case ESCO_LINK:
efc7688b 399 conn->pkt_type = hdev->esco_type & ~EDR_ESCO_MASK;
a8746417
MH		 400 break;
401 }
402
1da177e4 403 skb_queue_head_init(&conn->data_q);
04837f64 404
70c1f20b 405 INIT_LIST_HEAD(&conn->chan_list);
73d80deb 406
19c40e3b 407 INIT_DELAYED_WORK(&conn->disc_work, hci_conn_timeout);
b24b8a24 408 setup_timer(&conn->idle_timer, hci_conn_idle, (unsigned long)conn);
9f61656a
JH		 409 setup_timer(&conn->auto_accept_timer, hci_conn_auto_accept,
410 (unsigned long) conn);
1da177e4
LT		 411
412 atomic_set(&conn->refcnt, 0);
413
414 hci_dev_hold(hdev);
415
1da177e4 416 hci_conn_hash_add(hdev, conn);
3c54711c 417 if (hdev->notify)
1da177e4
LT		 418 hdev->notify(hdev, HCI_NOTIFY_CONN_ADD);
419
9eba32b8
MH		 420 atomic_set(&conn->devref, 0);
421
a67e899c
MH		 422 hci_conn_init_sysfs(conn);
423
1da177e4
LT		 424 return conn;
425}
426
427int hci_conn_del(struct hci_conn *conn)
428{
429 struct hci_dev *hdev = conn->hdev;
430
431 BT_DBG("%s conn %p handle %d", hdev->name, conn, conn->handle);
432
04837f64
MH		 433 del_timer(&conn->idle_timer);
434
19c40e3b 435 cancel_delayed_work_sync(&conn->disc_work);
1da177e4 436
9f61656a
JH		 437 del_timer(&conn->auto_accept_timer);
438
5b7f9909 439 if (conn->type == ACL_LINK) {
1da177e4
LT		 440 struct hci_conn *sco = conn->link;
441 if (sco)
442 sco->link = NULL;
443
444 /* Unacked frames */
445 hdev->acl_cnt += conn->sent;
6ed58ec5
VT		 446 } else if (conn->type == LE_LINK) {
447 if (hdev->le_pkts)
448 hdev->le_cnt += conn->sent;
449 else
450 hdev->acl_cnt += conn->sent;
5b7f9909
MH		 451 } else {
452 struct hci_conn *acl = conn->link;
453 if (acl) {
454 acl->link = NULL;
455 hci_conn_put(acl);
456 }
1da177e4
LT		 457 }
458
7d0db0a3 459
2c33c06a 460 hci_chan_list_flush(conn);
73d80deb 461
1da177e4 462 hci_conn_hash_del(hdev, conn);
3c54711c 463 if (hdev->notify)
1da177e4 464 hdev->notify(hdev, HCI_NOTIFY_CONN_DEL);
7d0db0a3 465
1da177e4 466 skb_queue_purge(&conn->data_q);
1da177e4 467
9eba32b8 468 hci_conn_put_device(conn);
2ae9a6be 469
384943ec
MH		 470 hci_dev_put(hdev);
471
163f4dab
TT		 472 if (conn->handle == 0)
473 kfree(conn);
474
1da177e4
LT		 475 return 0;
476}
477
478struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
479{
480 int use_src = bacmp(src, BDADDR_ANY);
8035ded4 481 struct hci_dev *hdev = NULL, *d;
1da177e4
LT		 482
483 BT_DBG("%s -> %s", batostr(src), batostr(dst));
484
f20d09d5 485 read_lock(&hci_dev_list_lock);
1da177e4 486
8035ded4 487 list_for_each_entry(d, &hci_dev_list, list) {
1da177e4
LT		 488 if (!test_bit(HCI_UP, &d->flags) || test_bit(HCI_RAW, &d->flags))
489 continue;
490
8e87d142 491 /* Simple routing:
1da177e4
LT		 492 * No source address - find interface with bdaddr != dst
493 * Source address - find interface with bdaddr == src
494 */
495
496 if (use_src) {
497 if (!bacmp(&d->bdaddr, src)) {
498 hdev = d; break;
499 }
500 } else {
501 if (bacmp(&d->bdaddr, dst)) {
502 hdev = d; break;
503 }
504 }
505 }
506
507 if (hdev)
508 hdev = hci_dev_hold(hdev);
509
f20d09d5 510 read_unlock(&hci_dev_list_lock);
1da177e4
LT		 511 return hdev;
512}
513EXPORT_SYMBOL(hci_get_route);
514
fcd89c09 515/* Create SCO, ACL or LE connection.
1da177e4 516 * Device _must_ be locked */
8c1b2355 517struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst, __u8 sec_level, __u8 auth_type)
1da177e4
LT		 518{
519 struct hci_conn *acl;
5b7f9909 520 struct hci_conn *sco;
fcd89c09 521 struct hci_conn *le;
1da177e4
LT		 522
523 BT_DBG("%s dst %s", hdev->name, batostr(dst));
524
fcd89c09 525 if (type == LE_LINK) {
eda42b50
AG		 526 struct adv_entry *entry;
527
fcd89c09 528 le = hci_conn_hash_lookup_ba(hdev, LE_LINK, dst);
15c4794f 529 if (le)
30e76272 530 return ERR_PTR(-EBUSY);
eda42b50
AG		 531
532 entry = hci_find_adv_entry(hdev, dst);
533 if (!entry)
534 return ERR_PTR(-EHOSTUNREACH);
535
15c4794f 536 le = hci_conn_add(hdev, LE_LINK, dst);
fcd89c09 537 if (!le)
30e76272 538 return ERR_PTR(-ENOMEM);
893d6751 539
eda42b50
AG		 540 le->dst_type = entry->bdaddr_type;
541
893d6751 542 hci_le_connect(le);
fcd89c09
VT		 543
544 hci_conn_hold(le);
545
546 return le;
547 }
548
70f23020
AE		 549 acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst);
550 if (!acl) {
551 acl = hci_conn_add(hdev, ACL_LINK, dst);
552 if (!acl)
48c7aba9 553 return ERR_PTR(-ENOMEM);
1da177e4
LT		 554 }
555
556 hci_conn_hold(acl);
557
09ab6f4c 558 if (acl->state == BT_OPEN || acl->state == BT_CLOSED) {
765c2a96
JH		 559 acl->sec_level = BT_SECURITY_LOW;
560 acl->pending_sec_level = sec_level;
09ab6f4c 561 acl->auth_type = auth_type;
1da177e4 562 hci_acl_connect(acl);
09ab6f4c 563 }
1da177e4 564
5b7f9909
MH		 565 if (type == ACL_LINK)
566 return acl;
1da177e4 567
70f23020
AE		 568 sco = hci_conn_hash_lookup_ba(hdev, type, dst);
569 if (!sco) {
570 sco = hci_conn_add(hdev, type, dst);
571 if (!sco) {
5b7f9909 572 hci_conn_put(acl);
48c7aba9 573 return ERR_PTR(-ENOMEM);
1da177e4 574 }
5b7f9909 575 }
1da177e4 576
5b7f9909
MH		 577 acl->link = sco;
578 sco->link = acl;
1da177e4 579
5b7f9909 580 hci_conn_hold(sco);
1da177e4 581
5b7f9909 582 if (acl->state == BT_CONNECTED &&
b6a0dc82 583 (sco->state == BT_OPEN || sco->state == BT_CLOSED)) {
58a681ef 584 set_bit(HCI_CONN_POWER_SAVE, &acl->flags);
14b12d0b 585 hci_conn_enter_active_mode(acl, BT_POWER_FORCE_ACTIVE_ON);
c390216b 586
51a8efd7 587 if (test_bit(HCI_CONN_MODE_CHANGE_PEND, &acl->flags)) {
e73439d8 588 /* defer SCO setup until mode change completed */
51a8efd7 589 set_bit(HCI_CONN_SCO_SETUP_PEND, &acl->flags);
e73439d8
MH		 590 return sco;
591 }
592
593 hci_sco_setup(acl, 0x00);
b6a0dc82 594 }
5b7f9909
MH		 595
596 return sco;
1da177e4
LT		 597}
598EXPORT_SYMBOL(hci_connect);
599
e7c29cb1
MH		 600/* Check link security requirement */
601int hci_conn_check_link_mode(struct hci_conn *conn)
602{
603 BT_DBG("conn %p", conn);
604
aa64a8b5 605 if (hci_conn_ssp_enabled(conn) && !(conn->link_mode & HCI_LM_ENCRYPT))
e7c29cb1
MH		 606 return 0;
607
608 return 1;
609}
610EXPORT_SYMBOL(hci_conn_check_link_mode);
611
1da177e4 612/* Authenticate remote device */
0684e5f9 613static int hci_conn_auth(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
1da177e4
LT		 614{
615 BT_DBG("conn %p", conn);
616
765c2a96
JH		 617 if (conn->pending_sec_level > sec_level)
618 sec_level = conn->pending_sec_level;
619
96a31833 620 if (sec_level > conn->sec_level)
765c2a96 621 conn->pending_sec_level = sec_level;
96a31833 622 else if (conn->link_mode & HCI_LM_AUTH)
1da177e4
LT		 623 return 1;
624
65cf686e
JH		 625 /* Make sure we preserve an existing MITM requirement*/
626 auth_type |= (conn->auth_type & 0x01);
627
96a31833
MH		 628 conn->auth_type = auth_type;
629
51a8efd7 630 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
1da177e4 631 struct hci_cp_auth_requested cp;
b7d05bad
PH		 632
633 /* encrypt must be pending if auth is also pending */
634 set_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
635
aca3192c 636 cp.handle = cpu_to_le16(conn->handle);
40be492f
MH		 637 hci_send_cmd(conn->hdev, HCI_OP_AUTH_REQUESTED,
638 sizeof(cp), &cp);
19f8def0 639 if (conn->key_type != 0xff)
51a8efd7 640 set_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 641 }
8c1b2355 642
1da177e4
LT		 643 return 0;
644}
1da177e4 645
13d39315
WR		 646/* Encrypt the the link */
647static void hci_conn_encrypt(struct hci_conn *conn)
648{
649 BT_DBG("conn %p", conn);
650
51a8efd7 651 if (!test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
13d39315
WR		 652 struct hci_cp_set_conn_encrypt cp;
653 cp.handle = cpu_to_le16(conn->handle);
654 cp.encrypt = 0x01;
655 hci_send_cmd(conn->hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
656 &cp);
657 }
658}
659
8c1b2355 660/* Enable security */
0684e5f9 661int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
1da177e4
LT		 662{
663 BT_DBG("conn %p", conn);
664
13d39315 665 /* For sdp we don't need the link key. */
8c1b2355
MH		 666 if (sec_level == BT_SECURITY_SDP)
667 return 1;
668
13d39315
WR		 669 /* For non 2.1 devices and low security level we don't need the link
670 key. */
aa64a8b5 671 if (sec_level == BT_SECURITY_LOW && !hci_conn_ssp_enabled(conn))
3fdca1e1 672 return 1;
8c1b2355 673
13d39315
WR		 674 /* For other security levels we need the link key. */
675 if (!(conn->link_mode & HCI_LM_AUTH))
676 goto auth;
677
678 /* An authenticated combination key has sufficient security for any
679 security level. */
680 if (conn->key_type == HCI_LK_AUTH_COMBINATION)
681 goto encrypt;
682
683 /* An unauthenticated combination key has sufficient security for
684 security level 1 and 2. */
685 if (conn->key_type == HCI_LK_UNAUTH_COMBINATION &&
686 (sec_level == BT_SECURITY_MEDIUM ||
687 sec_level == BT_SECURITY_LOW))
688 goto encrypt;
689
690 /* A combination key has always sufficient security for the security
691 levels 1 or 2. High security level requires the combination key
692 is generated using maximum PIN code length (16).
693 For pre 2.1 units. */
694 if (conn->key_type == HCI_LK_COMBINATION &&
695 (sec_level != BT_SECURITY_HIGH ||
696 conn->pin_length == 16))
697 goto encrypt;
698
699auth:
51a8efd7 700 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags))
1da177e4
LT		 701 return 0;
702
6fdf658c
LAD		 703 if (!hci_conn_auth(conn, sec_level, auth_type))
704 return 0;
13d39315
WR		 705
706encrypt:
707 if (conn->link_mode & HCI_LM_ENCRYPT)
708 return 1;
8c1b2355 709
13d39315 710 hci_conn_encrypt(conn);
1da177e4
LT		 711 return 0;
712}
8c1b2355 713EXPORT_SYMBOL(hci_conn_security);
1da177e4 714
b3b1b061
WR		 715/* Check secure link requirement */
716int hci_conn_check_secure(struct hci_conn *conn, __u8 sec_level)
717{
718 BT_DBG("conn %p", conn);
719
720 if (sec_level != BT_SECURITY_HIGH)
721 return 1; /* Accept if non-secure is required */
722
ef4177e2 723 if (conn->sec_level == BT_SECURITY_HIGH)
b3b1b061
WR		 724 return 1;
725
726 return 0; /* Reject not secure link */
727}
728EXPORT_SYMBOL(hci_conn_check_secure);
729
1da177e4
LT		 730/* Change link key */
731int hci_conn_change_link_key(struct hci_conn *conn)
732{
733 BT_DBG("conn %p", conn);
734
51a8efd7 735 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
1da177e4 736 struct hci_cp_change_conn_link_key cp;
aca3192c 737 cp.handle = cpu_to_le16(conn->handle);
40be492f
MH		 738 hci_send_cmd(conn->hdev, HCI_OP_CHANGE_CONN_LINK_KEY,
739 sizeof(cp), &cp);
1da177e4 740 }
8c1b2355 741
1da177e4
LT		 742 return 0;
743}
744EXPORT_SYMBOL(hci_conn_change_link_key);
745
746/* Switch role */
8c1b2355 747int hci_conn_switch_role(struct hci_conn *conn, __u8 role)
1da177e4
LT		 748{
749 BT_DBG("conn %p", conn);
750
751 if (!role && conn->link_mode & HCI_LM_MASTER)
752 return 1;
753
51a8efd7 754 if (!test_and_set_bit(HCI_CONN_RSWITCH_PEND, &conn->flags)) {
1da177e4
LT		 755 struct hci_cp_switch_role cp;
756 bacpy(&cp.bdaddr, &conn->dst);
757 cp.role = role;
a9de9248 758 hci_send_cmd(conn->hdev, HCI_OP_SWITCH_ROLE, sizeof(cp), &cp);
1da177e4 759 }
8c1b2355 760
1da177e4
LT		 761 return 0;
762}
763EXPORT_SYMBOL(hci_conn_switch_role);
764
04837f64 765/* Enter active mode */
14b12d0b 766void hci_conn_enter_active_mode(struct hci_conn *conn, __u8 force_active)
04837f64
MH		 767{
768 struct hci_dev *hdev = conn->hdev;
769
770 BT_DBG("conn %p mode %d", conn, conn->mode);
771
772 if (test_bit(HCI_RAW, &hdev->flags))
773 return;
774
14b12d0b
JG		 775 if (conn->mode != HCI_CM_SNIFF)
776 goto timer;
777
58a681ef 778 if (!test_bit(HCI_CONN_POWER_SAVE, &conn->flags) && !force_active)
04837f64
MH		 779 goto timer;
780
51a8efd7 781 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
04837f64 782 struct hci_cp_exit_sniff_mode cp;
aca3192c 783 cp.handle = cpu_to_le16(conn->handle);
a9de9248 784 hci_send_cmd(hdev, HCI_OP_EXIT_SNIFF_MODE, sizeof(cp), &cp);
04837f64
MH		 785 }
786
787timer:
788 if (hdev->idle_timeout > 0)
789 mod_timer(&conn->idle_timer,
790 jiffies + msecs_to_jiffies(hdev->idle_timeout));
791}
792
1da177e4
LT		 793/* Drop all connection on the device */
794void hci_conn_hash_flush(struct hci_dev *hdev)
795{
796 struct hci_conn_hash *h = &hdev->conn_hash;
3c4e0df0 797 struct hci_conn *c, *n;
1da177e4
LT		 798
799 BT_DBG("hdev %s", hdev->name);
800
3c4e0df0 801 list_for_each_entry_safe(c, n, &h->list, list) {
1da177e4
LT		 802 c->state = BT_CLOSED;
803
9f5a0d7b 804 hci_proto_disconn_cfm(c, HCI_ERROR_LOCAL_HOST_TERM);
1da177e4
LT		 805 hci_conn_del(c);
806 }
807}
808
a9de9248
MH		 809/* Check pending connect attempts */
810void hci_conn_check_pending(struct hci_dev *hdev)
811{
812 struct hci_conn *conn;
813
814 BT_DBG("hdev %s", hdev->name);
815
816 hci_dev_lock(hdev);
817
818 conn = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
819 if (conn)
820 hci_acl_connect(conn);
821
822 hci_dev_unlock(hdev);
823}
824
9eba32b8
MH		 825void hci_conn_hold_device(struct hci_conn *conn)
826{
827 atomic_inc(&conn->devref);
828}
829EXPORT_SYMBOL(hci_conn_hold_device);
830
831void hci_conn_put_device(struct hci_conn *conn)
832{
833 if (atomic_dec_and_test(&conn->devref))
834 hci_conn_del_sysfs(conn);
835}
836EXPORT_SYMBOL(hci_conn_put_device);
837
1da177e4
LT		 838int hci_get_conn_list(void __user *arg)
839{
8035ded4 840 register struct hci_conn *c;
1da177e4
LT		 841 struct hci_conn_list_req req, *cl;
842 struct hci_conn_info *ci;
843 struct hci_dev *hdev;
1da177e4
LT		 844 int n = 0, size, err;
845
846 if (copy_from_user(&req, arg, sizeof(req)))
847 return -EFAULT;
848
849 if (!req.conn_num || req.conn_num > (PAGE_SIZE * 2) / sizeof(*ci))
850 return -EINVAL;
851
852 size = sizeof(req) + req.conn_num * sizeof(*ci);
853
70f23020
AE		 854 cl = kmalloc(size, GFP_KERNEL);
855 if (!cl)
1da177e4
LT		 856 return -ENOMEM;
857
70f23020
AE		 858 hdev = hci_dev_get(req.dev_id);
859 if (!hdev) {
1da177e4
LT		 860 kfree(cl);
861 return -ENODEV;
862 }
863
864 ci = cl->conn_info;
865
09fd0de5 866 hci_dev_lock(hdev);
8035ded4 867 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1da177e4
LT		 868 bacpy(&(ci + n)->bdaddr, &c->dst);
869 (ci + n)->handle = c->handle;
870 (ci + n)->type = c->type;
871 (ci + n)->out = c->out;
872 (ci + n)->state = c->state;
873 (ci + n)->link_mode = c->link_mode;
874 if (++n >= req.conn_num)
875 break;
876 }
09fd0de5 877 hci_dev_unlock(hdev);
1da177e4
LT		 878
879 cl->dev_id = hdev->id;
880 cl->conn_num = n;
881 size = sizeof(req) + n * sizeof(*ci);
882
883 hci_dev_put(hdev);
884
885 err = copy_to_user(arg, cl, size);
886 kfree(cl);
887
888 return err ? -EFAULT : 0;
889}
890
891int hci_get_conn_info(struct hci_dev *hdev, void __user *arg)
892{
893 struct hci_conn_info_req req;
894 struct hci_conn_info ci;
895 struct hci_conn *conn;
896 char __user *ptr = arg + sizeof(req);
897
898 if (copy_from_user(&req, arg, sizeof(req)))
899 return -EFAULT;
900
09fd0de5 901 hci_dev_lock(hdev);
1da177e4
LT		 902 conn = hci_conn_hash_lookup_ba(hdev, req.type, &req.bdaddr);
903 if (conn) {
904 bacpy(&ci.bdaddr, &conn->dst);
905 ci.handle = conn->handle;
906 ci.type = conn->type;
907 ci.out = conn->out;
908 ci.state = conn->state;
909 ci.link_mode = conn->link_mode;
910 }
09fd0de5 911 hci_dev_unlock(hdev);
1da177e4
LT		 912
913 if (!conn)
914 return -ENOENT;
915
916 return copy_to_user(ptr, &ci, sizeof(ci)) ? -EFAULT : 0;
917}
40be492f
MH		 918
919int hci_get_auth_info(struct hci_dev *hdev, void __user *arg)
920{
921 struct hci_auth_info_req req;
922 struct hci_conn *conn;
923
924 if (copy_from_user(&req, arg, sizeof(req)))
925 return -EFAULT;
926
09fd0de5 927 hci_dev_lock(hdev);
40be492f
MH		 928 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &req.bdaddr);
929 if (conn)
930 req.type = conn->auth_type;
09fd0de5 931 hci_dev_unlock(hdev);
40be492f
MH		 932
933 if (!conn)
934 return -ENOENT;
935
936 return copy_to_user(arg, &req, sizeof(req)) ? -EFAULT : 0;
937}
73d80deb
LAD		 938
939struct hci_chan *hci_chan_create(struct hci_conn *conn)
940{
941 struct hci_dev *hdev = conn->hdev;
942 struct hci_chan *chan;
943
944 BT_DBG("%s conn %p", hdev->name, conn);
945
75d7735c 946 chan = kzalloc(sizeof(struct hci_chan), GFP_KERNEL);
73d80deb
LAD		 947 if (!chan)
948 return NULL;
949
950 chan->conn = conn;
951 skb_queue_head_init(&chan->data_q);
952
8192edef 953 list_add_rcu(&chan->list, &conn->chan_list);
73d80deb
LAD		 954
955 return chan;
956}
957
958int hci_chan_del(struct hci_chan *chan)
959{
960 struct hci_conn *conn = chan->conn;
961 struct hci_dev *hdev = conn->hdev;
962
963 BT_DBG("%s conn %p chan %p", hdev->name, conn, chan);
964
8192edef
GP		 965 list_del_rcu(&chan->list);
966
967 synchronize_rcu();
73d80deb
LAD		 968
969 skb_queue_purge(&chan->data_q);
970 kfree(chan);
971
972 return 0;
973}
974
2c33c06a 975void hci_chan_list_flush(struct hci_conn *conn)
73d80deb 976{
2a5a5ec6 977 struct hci_chan *chan, *n;
73d80deb
LAD		 978
979 BT_DBG("conn %p", conn);
980
2a5a5ec6 981 list_for_each_entry_safe(chan, n, &conn->chan_list, list)
73d80deb
LAD		 982 hci_chan_del(chan);
983}
kernel source for telekom puls (alcatel/mediatek)