Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.19 / b6f99a211957910a07437f46ce54dcfb1755cf84 / . / net / bluetooth / hidp / core.c
blob: ecfe8da1ce6bdf18a76a3671bb85509784619c6b [file] [log] [blame]
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +0900[diff] [blame]1/*
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2 HIDP implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2003-2004 Marcel Holtmann <marcel@holtmann.org>
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +0900[diff] [blame]13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +0900[diff] [blame]18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]20 SOFTWARE IS DISCLAIMED.
21*/
22
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]23#include <linux/module.h>
24
25#include <linux/types.h>
26#include <linux/errno.h>
27#include <linux/kernel.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]28#include <linux/sched.h>
29#include <linux/slab.h>
30#include <linux/poll.h>
31#include <linux/fcntl.h>
32#include <linux/skbuff.h>
33#include <linux/socket.h>
34#include <linux/ioctl.h>
35#include <linux/file.h>
36#include <linux/init.h>
37#include <linux/wait.h>
38#include <net/sock.h>
39
40#include <linux/input.h>
Marcel Holtmanne1aaadd2007-02-17 23:58:49 +0100[diff] [blame]41#include <linux/hid.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]42
43#include <net/bluetooth/bluetooth.h>
Marcel Holtmann0a85b962006-07-06 13:09:02 +0200[diff] [blame]44#include <net/bluetooth/hci_core.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]45#include <net/bluetooth/l2cap.h>
46
47#include "hidp.h"
48
49#ifndef CONFIG_BT_HIDP_DEBUG
50#undef BT_DBG
51#define BT_DBG(D...)
52#endif
53
Marcel Holtmanne1aaadd2007-02-17 23:58:49 +0100[diff] [blame]54#define VERSION "1.2"
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]55
56static DECLARE_RWSEM(hidp_session_sem);
57static LIST_HEAD(hidp_session_list);
58
59static unsigned char hidp_keycode[256] = {
60 0, 0, 0, 0, 30, 48, 46, 32, 18, 33, 34, 35, 23, 36, 37, 38,
61 50, 49, 24, 25, 16, 19, 31, 20, 22, 47, 17, 45, 21, 44, 2, 3,
62 4, 5, 6, 7, 8, 9, 10, 11, 28, 1, 14, 15, 57, 12, 13, 26,
63 27, 43, 43, 39, 40, 41, 51, 52, 53, 58, 59, 60, 61, 62, 63, 64,
64 65, 66, 67, 68, 87, 88, 99, 70,119,110,102,104,111,107,109,106,
65 105,108,103, 69, 98, 55, 74, 78, 96, 79, 80, 81, 75, 76, 77, 71,
66 72, 73, 82, 83, 86,127,116,117,183,184,185,186,187,188,189,190,
67 191,192,193,194,134,138,130,132,128,129,131,137,133,135,136,113,
68 115,114, 0, 0, 0,121, 0, 89, 93,124, 92, 94, 95, 0, 0, 0,
69 122,123, 90, 91, 85, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
70 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
71 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
72 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
73 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
74 29, 42, 56,125, 97, 54,100,126,164,166,165,163,161,115,114,113,
75 150,158,159,128,136,177,178,176,142,152,173,140
76};
77
78static unsigned char hidp_mkeyspat[] = { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 };
79
80static struct hidp_session *__hidp_get_session(bdaddr_t *bdaddr)
81{
82 struct hidp_session *session;
83 struct list_head *p;
84
85 BT_DBG("");
86
87 list_for_each(p, &hidp_session_list) {
88 session = list_entry(p, struct hidp_session, list);
89 if (!bacmp(bdaddr, &session->bdaddr))
90 return session;
91 }
92 return NULL;
93}
94
95static void __hidp_link_session(struct hidp_session *session)
96{
97 __module_get(THIS_MODULE);
98 list_add(&session->list, &hidp_session_list);
99}
100
101static void __hidp_unlink_session(struct hidp_session *session)
102{
103 list_del(&session->list);
104 module_put(THIS_MODULE);
105}
106
107static void __hidp_copy_session(struct hidp_session *session, struct hidp_conninfo *ci)
108{
109 bacpy(&ci->bdaddr, &session->bdaddr);
110
111 ci->flags = session->flags;
112 ci->state = session->state;
113
114 ci->vendor = 0x0000;
115 ci->product = 0x0000;
116 ci->version = 0x0000;
117 memset(ci->name, 0, 128);
118
119 if (session->input) {
120 ci->vendor = session->input->id.vendor;
121 ci->product = session->input->id.product;
122 ci->version = session->input->id.version;
123 if (session->input->name)
124 strncpy(ci->name, session->input->name, 128);
125 else
126 strncpy(ci->name, "HID Boot Device", 128);
127 }
Marcel Holtmanne1aaadd2007-02-17 23:58:49 +0100[diff] [blame]128
129 if (session->hid) {
130 ci->vendor = session->hid->vendor;
131 ci->product = session->hid->product;
132 ci->version = session->hid->version;
133 strncpy(ci->name, session->hid->name, 128);
134 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]135}
136
Marcel Holtmanne1aaadd2007-02-17 23:58:49 +0100[diff] [blame]137static inline int hidp_queue_event(struct hidp_session *session, struct input_dev *dev,
138 unsigned int type, unsigned int code, int value)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]139{
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]140 unsigned char newleds;
Marcel Holtmanne1aaadd2007-02-17 23:58:49 +0100[diff] [blame]141 struct sk_buff *skb;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]142
Marcel Holtmanne1aaadd2007-02-17 23:58:49 +0100[diff] [blame]143 BT_DBG("session %p type %d code %d value %d", session, type, code, value);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]144
145 if (type != EV_LED)
146 return -1;
147
148 newleds = (!!test_bit(LED_KANA, dev->led) << 3) |
149 (!!test_bit(LED_COMPOSE, dev->led) << 3) |
150 (!!test_bit(LED_SCROLLL, dev->led) << 2) |
151 (!!test_bit(LED_CAPSL, dev->led) << 1) |
152 (!!test_bit(LED_NUML, dev->led));
153
154 if (session->leds == newleds)
155 return 0;
156
157 session->leds = newleds;
158
159 if (!(skb = alloc_skb(3, GFP_ATOMIC))) {
160 BT_ERR("Can't allocate memory for new frame");
161 return -ENOMEM;
162 }
163
164 *skb_put(skb, 1) = HIDP_TRANS_DATA | HIDP_DATA_RTYPE_OUPUT;
165 *skb_put(skb, 1) = 0x01;
166 *skb_put(skb, 1) = newleds;
167
168 skb_queue_tail(&session->intr_transmit, skb);
169
170 hidp_schedule(session);
171
172 return 0;
173}
174
Marcel Holtmanne1aaadd2007-02-17 23:58:49 +0100[diff] [blame]175static int hidp_hidinput_event(struct input_dev *dev, unsigned int type, unsigned int code, int value)
176{
177 struct hid_device *hid = dev->private;
178 struct hidp_session *session = hid->driver_data;
179
180 return hidp_queue_event(session, dev, type, code, value);
181}
182
183static int hidp_input_event(struct input_dev *dev, unsigned int type, unsigned int code, int value)
184{
185 struct hidp_session *session = dev->private;
186
187 return hidp_queue_event(session, dev, type, code, value);
188}
189
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]190static void hidp_input_report(struct hidp_session *session, struct sk_buff *skb)
191{
192 struct input_dev *dev = session->input;
193 unsigned char *keys = session->keys;
194 unsigned char *udata = skb->data + 1;
195 signed char *sdata = skb->data + 1;
196 int i, size = skb->len - 1;
197
198 switch (skb->data[0]) {
199 case 0x01: /* Keyboard report */
200 for (i = 0; i < 8; i++)
201 input_report_key(dev, hidp_keycode[i + 224], (udata[0] >> i) & 1);
202
203 /* If all the key codes have been set to 0x01, it means
204 * too many keys were pressed at the same time. */
205 if (!memcmp(udata + 2, hidp_mkeyspat, 6))
206 break;
207
208 for (i = 2; i < 8; i++) {
209 if (keys[i] > 3 && memscan(udata + 2, keys[i], 6) == udata + 8) {
210 if (hidp_keycode[keys[i]])
211 input_report_key(dev, hidp_keycode[keys[i]], 0);
212 else
213 BT_ERR("Unknown key (scancode %#x) released.", keys[i]);
214 }
215
216 if (udata[i] > 3 && memscan(keys + 2, udata[i], 6) == keys + 8) {
217 if (hidp_keycode[udata[i]])
218 input_report_key(dev, hidp_keycode[udata[i]], 1);
219 else
220 BT_ERR("Unknown key (scancode %#x) pressed.", udata[i]);
221 }
222 }
223
224 memcpy(keys, udata, 8);
225 break;
226
227 case 0x02: /* Mouse report */
228 input_report_key(dev, BTN_LEFT, sdata[0] & 0x01);
229 input_report_key(dev, BTN_RIGHT, sdata[0] & 0x02);
230 input_report_key(dev, BTN_MIDDLE, sdata[0] & 0x04);
231 input_report_key(dev, BTN_SIDE, sdata[0] & 0x08);
232 input_report_key(dev, BTN_EXTRA, sdata[0] & 0x10);
233
234 input_report_rel(dev, REL_X, sdata[1]);
235 input_report_rel(dev, REL_Y, sdata[2]);
236
237 if (size > 3)
238 input_report_rel(dev, REL_WHEEL, sdata[3]);
239 break;
240 }
241
242 input_sync(dev);
243}
244
Marcel Holtmanne1aaadd2007-02-17 23:58:49 +0100[diff] [blame]245static inline int hidp_queue_report(struct hidp_session *session, unsigned char *data, int size)
246{
247 struct sk_buff *skb;
248
249 BT_DBG("session %p hid %p data %p size %d", session, device, data, size);
250
251 if (!(skb = alloc_skb(size + 1, GFP_ATOMIC))) {
252 BT_ERR("Can't allocate memory for new frame");
253 return -ENOMEM;
254 }
255
256 *skb_put(skb, 1) = 0xa2;
257 if (size > 0)
258 memcpy(skb_put(skb, size), data, size);
259
260 skb_queue_tail(&session->intr_transmit, skb);
261
262 hidp_schedule(session);
263
264 return 0;
265}
266
267static int hidp_send_report(struct hidp_session *session, struct hid_report *report)
268{
269 unsigned char buf[32];
270 int rsize;
271
272 rsize = ((report->size - 1) >> 3) + 1 + (report->id > 0);
273 if (rsize > sizeof(buf))
274 return -EIO;
275
276 hid_output_report(report, buf);
277
278 return hidp_queue_report(session, buf, rsize);
279}
280
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]281static void hidp_idle_timeout(unsigned long arg)
282{
283 struct hidp_session *session = (struct hidp_session *) arg;
284
285 atomic_inc(&session->terminate);
286 hidp_schedule(session);
287}
288
289static inline void hidp_set_timer(struct hidp_session *session)
290{
291 if (session->idle_to > 0)
292 mod_timer(&session->timer, jiffies + HZ * session->idle_to);
293}
294
295static inline void hidp_del_timer(struct hidp_session *session)
296{
297 if (session->idle_to > 0)
298 del_timer(&session->timer);
299}
300
301static int __hidp_send_ctrl_message(struct hidp_session *session,
302 unsigned char hdr, unsigned char *data, int size)
303{
304 struct sk_buff *skb;
305
306 BT_DBG("session %p data %p size %d", session, data, size);
307
308 if (!(skb = alloc_skb(size + 1, GFP_ATOMIC))) {
309 BT_ERR("Can't allocate memory for new frame");
310 return -ENOMEM;
311 }
312
313 *skb_put(skb, 1) = hdr;
314 if (data && size > 0)
315 memcpy(skb_put(skb, size), data, size);
316
317 skb_queue_tail(&session->ctrl_transmit, skb);
318
319 return 0;
320}
321
Dave Jonesb6f99a22007-03-22 12:27:49 -0700[diff] [blame^]322static inline int hidp_send_ctrl_message(struct hidp_session *session,
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]323 unsigned char hdr, unsigned char *data, int size)
324{
325 int err;
326
327 err = __hidp_send_ctrl_message(session, hdr, data, size);
328
329 hidp_schedule(session);
330
331 return err;
332}
333
334static inline void hidp_process_handshake(struct hidp_session *session, unsigned char param)
335{
336 BT_DBG("session %p param 0x%02x", session, param);
337
338 switch (param) {
339 case HIDP_HSHK_SUCCESSFUL:
340 /* FIXME: Call into SET_ GET_ handlers here */
341 break;
342
343 case HIDP_HSHK_NOT_READY:
344 case HIDP_HSHK_ERR_INVALID_REPORT_ID:
345 case HIDP_HSHK_ERR_UNSUPPORTED_REQUEST:
346 case HIDP_HSHK_ERR_INVALID_PARAMETER:
347 /* FIXME: Call into SET_ GET_ handlers here */
348 break;
349
350 case HIDP_HSHK_ERR_UNKNOWN:
351 break;
352
353 case HIDP_HSHK_ERR_FATAL:
354 /* Device requests a reboot, as this is the only way this error
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +0900[diff] [blame]355 * can be recovered. */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]356 __hidp_send_ctrl_message(session,
357 HIDP_TRANS_HID_CONTROL | HIDP_CTRL_SOFT_RESET, NULL, 0);
358 break;
359
360 default:
361 __hidp_send_ctrl_message(session,
362 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0);
363 break;
364 }
365}
366
367static inline void hidp_process_hid_control(struct hidp_session *session, unsigned char param)
368{
369 BT_DBG("session %p param 0x%02x", session, param);
370
371 switch (param) {
372 case HIDP_CTRL_NOP:
373 break;
374
375 case HIDP_CTRL_VIRTUAL_CABLE_UNPLUG:
376 /* Flush the transmit queues */
377 skb_queue_purge(&session->ctrl_transmit);
378 skb_queue_purge(&session->intr_transmit);
379
380 /* Kill session thread */
381 atomic_inc(&session->terminate);
382 break;
383
384 case HIDP_CTRL_HARD_RESET:
385 case HIDP_CTRL_SOFT_RESET:
386 case HIDP_CTRL_SUSPEND:
387 case HIDP_CTRL_EXIT_SUSPEND:
388 /* FIXME: We have to parse these and return no error */
389 break;
390
391 default:
392 __hidp_send_ctrl_message(session,
393 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0);
394 break;
395 }
396}
397
398static inline void hidp_process_data(struct hidp_session *session, struct sk_buff *skb, unsigned char param)
399{
400 BT_DBG("session %p skb %p len %d param 0x%02x", session, skb, skb->len, param);
401
402 switch (param) {
403 case HIDP_DATA_RTYPE_INPUT:
404 hidp_set_timer(session);
405
406 if (session->input)
407 hidp_input_report(session, skb);
Marcel Holtmanne1aaadd2007-02-17 23:58:49 +0100[diff] [blame]408
409 if (session->hid)
410 hid_input_report(session->hid, HID_INPUT_REPORT, skb->data, skb->len, 0);
411
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]412 break;
413
414 case HIDP_DATA_RTYPE_OTHER:
415 case HIDP_DATA_RTYPE_OUPUT:
416 case HIDP_DATA_RTYPE_FEATURE:
417 break;
418
419 default:
420 __hidp_send_ctrl_message(session,
421 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0);
422 }
423}
424
425static inline void hidp_recv_ctrl_frame(struct hidp_session *session, struct sk_buff *skb)
426{
427 unsigned char hdr, type, param;
428
429 BT_DBG("session %p skb %p len %d", session, skb, skb->len);
430
431 hdr = skb->data[0];
432 skb_pull(skb, 1);
433
434 type = hdr & HIDP_HEADER_TRANS_MASK;
435 param = hdr & HIDP_HEADER_PARAM_MASK;
436
437 switch (type) {
438 case HIDP_TRANS_HANDSHAKE:
439 hidp_process_handshake(session, param);
440 break;
441
442 case HIDP_TRANS_HID_CONTROL:
443 hidp_process_hid_control(session, param);
444 break;
445
446 case HIDP_TRANS_DATA:
447 hidp_process_data(session, skb, param);
448 break;
449
450 default:
451 __hidp_send_ctrl_message(session,
452 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_UNSUPPORTED_REQUEST, NULL, 0);
453 break;
454 }
455
456 kfree_skb(skb);
457}
458
459static inline void hidp_recv_intr_frame(struct hidp_session *session, struct sk_buff *skb)
460{
461 unsigned char hdr;
462
463 BT_DBG("session %p skb %p len %d", session, skb, skb->len);
464
465 hdr = skb->data[0];
466 skb_pull(skb, 1);
467
468 if (hdr == (HIDP_TRANS_DATA | HIDP_DATA_RTYPE_INPUT)) {
469 hidp_set_timer(session);
Marcel Holtmanne1aaadd2007-02-17 23:58:49 +0100[diff] [blame]470
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]471 if (session->input)
472 hidp_input_report(session, skb);
Marcel Holtmanne1aaadd2007-02-17 23:58:49 +0100[diff] [blame]473
474 if (session->hid) {
475 hid_input_report(session->hid, HID_INPUT_REPORT, skb->data, skb->len, 1);
476 BT_DBG("report len %d", skb->len);
477 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]478 } else {
479 BT_DBG("Unsupported protocol header 0x%02x", hdr);
480 }
481
482 kfree_skb(skb);
483}
484
485static int hidp_send_frame(struct socket *sock, unsigned char *data, int len)
486{
487 struct kvec iv = { data, len };
488 struct msghdr msg;
489
490 BT_DBG("sock %p data %p len %d", sock, data, len);
491
492 if (!len)
493 return 0;
494
495 memset(&msg, 0, sizeof(msg));
496
497 return kernel_sendmsg(sock, &msg, &iv, 1, len);
498}
499
David S. Millerb03efcf2005-07-08 14:57:23 -0700[diff] [blame]500static void hidp_process_transmit(struct hidp_session *session)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]501{
502 struct sk_buff *skb;
503
504 BT_DBG("session %p", session);
505
506 while ((skb = skb_dequeue(&session->ctrl_transmit))) {
507 if (hidp_send_frame(session->ctrl_sock, skb->data, skb->len) < 0) {
508 skb_queue_head(&session->ctrl_transmit, skb);
509 break;
510 }
511
512 hidp_set_timer(session);
513 kfree_skb(skb);
514 }
515
516 while ((skb = skb_dequeue(&session->intr_transmit))) {
517 if (hidp_send_frame(session->intr_sock, skb->data, skb->len) < 0) {
518 skb_queue_head(&session->intr_transmit, skb);
519 break;
520 }
521
522 hidp_set_timer(session);
523 kfree_skb(skb);
524 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]525}
526
527static int hidp_session(void *arg)
528{
529 struct hidp_session *session = arg;
530 struct sock *ctrl_sk = session->ctrl_sock->sk;
531 struct sock *intr_sk = session->intr_sock->sk;
532 struct sk_buff *skb;
533 int vendor = 0x0000, product = 0x0000;
534 wait_queue_t ctrl_wait, intr_wait;
535
536 BT_DBG("session %p", session);
537
538 if (session->input) {
539 vendor = session->input->id.vendor;
540 product = session->input->id.product;
541 }
542
Marcel Holtmanne1aaadd2007-02-17 23:58:49 +0100[diff] [blame]543 if (session->hid) {
544 vendor = session->hid->vendor;
545 product = session->hid->product;
546 }
547
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]548 daemonize("khidpd_%04x%04x", vendor, product);
549 set_user_nice(current, -15);
550 current->flags |= PF_NOFREEZE;
551
552 init_waitqueue_entry(&ctrl_wait, current);
553 init_waitqueue_entry(&intr_wait, current);
554 add_wait_queue(ctrl_sk->sk_sleep, &ctrl_wait);
555 add_wait_queue(intr_sk->sk_sleep, &intr_wait);
556 while (!atomic_read(&session->terminate)) {
557 set_current_state(TASK_INTERRUPTIBLE);
558
559 if (ctrl_sk->sk_state != BT_CONNECTED || intr_sk->sk_state != BT_CONNECTED)
560 break;
561
562 while ((skb = skb_dequeue(&ctrl_sk->sk_receive_queue))) {
563 skb_orphan(skb);
564 hidp_recv_ctrl_frame(session, skb);
565 }
566
567 while ((skb = skb_dequeue(&intr_sk->sk_receive_queue))) {
568 skb_orphan(skb);
569 hidp_recv_intr_frame(session, skb);
570 }
571
572 hidp_process_transmit(session);
573
574 schedule();
575 }
576 set_current_state(TASK_RUNNING);
577 remove_wait_queue(intr_sk->sk_sleep, &intr_wait);
578 remove_wait_queue(ctrl_sk->sk_sleep, &ctrl_wait);
579
580 down_write(&hidp_session_sem);
581
582 hidp_del_timer(session);
583
Marcel Holtmanne86070c2006-10-15 17:31:00 +0200[diff] [blame]584 fput(session->intr_sock->file);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]585
Marcel Holtmann7b19ffc2006-10-20 08:55:48 +0200[diff] [blame]586 wait_event_timeout(*(ctrl_sk->sk_sleep),
587 (ctrl_sk->sk_state == BT_CLOSED), msecs_to_jiffies(500));
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]588
Marcel Holtmanne86070c2006-10-15 17:31:00 +0200[diff] [blame]589 fput(session->ctrl_sock->file);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]590
591 __hidp_unlink_session(session);
592
593 if (session->input) {
594 input_unregister_device(session->input);
Dmitry Torokhov34abf912005-09-15 02:01:40 -0500[diff] [blame]595 session->input = NULL;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]596 }
597
Marcel Holtmanne1aaadd2007-02-17 23:58:49 +0100[diff] [blame]598 if (session->hid) {
599 if (session->hid->claimed & HID_CLAIMED_INPUT)
600 hidinput_disconnect(session->hid);
601 hid_free_device(session->hid);
602 }
603
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]604 up_write(&hidp_session_sem);
605
606 kfree(session);
607 return 0;
608}
609
Marcel Holtmann0a85b962006-07-06 13:09:02 +0200[diff] [blame]610static struct device *hidp_get_device(struct hidp_session *session)
611{
612 bdaddr_t *src = &bt_sk(session->ctrl_sock->sk)->src;
613 bdaddr_t *dst = &bt_sk(session->ctrl_sock->sk)->dst;
614 struct hci_dev *hdev;
615 struct hci_conn *conn;
616
617 hdev = hci_get_route(dst, src);
618 if (!hdev)
619 return NULL;
620
621 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst);
Marcel Holtmann0a85b962006-07-06 13:09:02 +0200[diff] [blame]622
623 hci_dev_put(hdev);
624
Marcel Holtmannb2cfcd72006-10-15 17:31:05 +0200[diff] [blame]625 return conn ? &conn->dev : NULL;
Marcel Holtmann0a85b962006-07-06 13:09:02 +0200[diff] [blame]626}
627
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]628static inline void hidp_setup_input(struct hidp_session *session, struct hidp_connadd_req *req)
629{
630 struct input_dev *input = session->input;
631 int i;
632
633 input->private = session;
634
Dmitry Torokhov34abf912005-09-15 02:01:40 -0500[diff] [blame]635 input->name = "Bluetooth HID Boot Protocol Device";
636
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]637 input->id.bustype = BUS_BLUETOOTH;
638 input->id.vendor = req->vendor;
639 input->id.product = req->product;
640 input->id.version = req->version;
641
642 if (req->subclass & 0x40) {
643 set_bit(EV_KEY, input->evbit);
644 set_bit(EV_LED, input->evbit);
645 set_bit(EV_REP, input->evbit);
646
647 set_bit(LED_NUML, input->ledbit);
648 set_bit(LED_CAPSL, input->ledbit);
649 set_bit(LED_SCROLLL, input->ledbit);
650 set_bit(LED_COMPOSE, input->ledbit);
651 set_bit(LED_KANA, input->ledbit);
652
653 for (i = 0; i < sizeof(hidp_keycode); i++)
654 set_bit(hidp_keycode[i], input->keybit);
655 clear_bit(0, input->keybit);
656 }
657
658 if (req->subclass & 0x80) {
659 input->evbit[0] = BIT(EV_KEY) | BIT(EV_REL);
660 input->keybit[LONG(BTN_MOUSE)] = BIT(BTN_LEFT) | BIT(BTN_RIGHT) | BIT(BTN_MIDDLE);
661 input->relbit[0] = BIT(REL_X) | BIT(REL_Y);
662 input->keybit[LONG(BTN_MOUSE)] |= BIT(BTN_SIDE) | BIT(BTN_EXTRA);
663 input->relbit[0] |= BIT(REL_WHEEL);
664 }
665
Marcel Holtmann0a85b962006-07-06 13:09:02 +0200[diff] [blame]666 input->cdev.dev = hidp_get_device(session);
667
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]668 input->event = hidp_input_event;
669
670 input_register_device(input);
671}
672
Marcel Holtmannf5ffd462007-02-17 23:58:53 +0100[diff] [blame]673static int hidp_open(struct hid_device *hid)
674{
675 return 0;
676}
677
678static void hidp_close(struct hid_device *hid)
679{
680}
681
Marcel Holtmanne1aaadd2007-02-17 23:58:49 +0100[diff] [blame]682static inline void hidp_setup_hid(struct hidp_session *session, struct hidp_connadd_req *req)
683{
684 struct hid_device *hid = session->hid;
685 struct hid_report *report;
686 bdaddr_t src, dst;
687
688 baswap(&src, &bt_sk(session->ctrl_sock->sk)->src);
689 baswap(&dst, &bt_sk(session->ctrl_sock->sk)->dst);
690
691 hid->driver_data = session;
692
693 hid->country = req->country;
694
695 hid->bus = BUS_BLUETOOTH;
696 hid->vendor = req->vendor;
697 hid->product = req->product;
698 hid->version = req->version;
699
700 strncpy(hid->name, req->name, 128);
701 strncpy(hid->phys, batostr(&src), 64);
702 strncpy(hid->uniq, batostr(&dst), 64);
703
704 hid->dev = hidp_get_device(session);
705
Marcel Holtmannf5ffd462007-02-17 23:58:53 +0100[diff] [blame]706 hid->hid_open = hidp_open;
707 hid->hid_close = hidp_close;
708
Marcel Holtmanne1aaadd2007-02-17 23:58:49 +0100[diff] [blame]709 hid->hidinput_input_event = hidp_hidinput_event;
710
711 list_for_each_entry(report, &hid->report_enum[HID_INPUT_REPORT].report_list, list)
712 hidp_send_report(session, report);
713
714 list_for_each_entry(report, &hid->report_enum[HID_FEATURE_REPORT].report_list, list)
715 hidp_send_report(session, report);
716
717 if (hidinput_connect(hid) == 0) {
718 hid->claimed |= HID_CLAIMED_INPUT;
719 hid_ff_init(hid);
720 }
721}
722
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]723int hidp_add_connection(struct hidp_connadd_req *req, struct socket *ctrl_sock, struct socket *intr_sock)
724{
725 struct hidp_session *session, *s;
726 int err;
727
728 BT_DBG("");
729
730 if (bacmp(&bt_sk(ctrl_sock->sk)->src, &bt_sk(intr_sock->sk)->src) ||
731 bacmp(&bt_sk(ctrl_sock->sk)->dst, &bt_sk(intr_sock->sk)->dst))
732 return -ENOTUNIQ;
733
Marcel Holtmann25ea6db2006-07-06 15:40:09 +0200[diff] [blame]734 session = kzalloc(sizeof(struct hidp_session), GFP_KERNEL);
Dmitry Torokhov34abf912005-09-15 02:01:40 -0500[diff] [blame]735 if (!session)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]736 return -ENOMEM;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]737
Marcel Holtmanne1aaadd2007-02-17 23:58:49 +0100[diff] [blame]738 BT_DBG("rd_data %p rd_size %d", req->rd_data, req->rd_size);
739
740 if (req->rd_size > 0) {
741 unsigned char *buf = kmalloc(req->rd_size, GFP_KERNEL);
742
743 if (!buf) {
744 kfree(session);
745 return -ENOMEM;
746 }
747
748 if (copy_from_user(buf, req->rd_data, req->rd_size)) {
749 kfree(buf);
750 kfree(session);
751 return -EFAULT;
752 }
753
754 session->hid = hid_parse_report(buf, req->rd_size);
755
756 kfree(buf);
757
758 if (!session->hid) {
759 kfree(session);
760 return -EINVAL;
761 }
762 }
763
764 if (!session->hid) {
765 session->input = input_allocate_device();
766 if (!session->input) {
767 kfree(session);
768 return -ENOMEM;
769 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]770 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]771
772 down_write(&hidp_session_sem);
773
774 s = __hidp_get_session(&bt_sk(ctrl_sock->sk)->dst);
775 if (s && s->state == BT_CONNECTED) {
776 err = -EEXIST;
777 goto failed;
778 }
779
780 bacpy(&session->bdaddr, &bt_sk(ctrl_sock->sk)->dst);
781
782 session->ctrl_mtu = min_t(uint, l2cap_pi(ctrl_sock->sk)->omtu, l2cap_pi(ctrl_sock->sk)->imtu);
783 session->intr_mtu = min_t(uint, l2cap_pi(intr_sock->sk)->omtu, l2cap_pi(intr_sock->sk)->imtu);
784
785 BT_DBG("ctrl mtu %d intr mtu %d", session->ctrl_mtu, session->intr_mtu);
786
787 session->ctrl_sock = ctrl_sock;
788 session->intr_sock = intr_sock;
789 session->state = BT_CONNECTED;
790
791 init_timer(&session->timer);
792
793 session->timer.function = hidp_idle_timeout;
794 session->timer.data = (unsigned long) session;
795
796 skb_queue_head_init(&session->ctrl_transmit);
797 skb_queue_head_init(&session->intr_transmit);
798
799 session->flags = req->flags & (1 << HIDP_BLUETOOTH_VENDOR_ID);
800 session->idle_to = req->idle_to;
801
802 if (session->input)
803 hidp_setup_input(session, req);
804
Marcel Holtmanne1aaadd2007-02-17 23:58:49 +0100[diff] [blame]805 if (session->hid)
806 hidp_setup_hid(session, req);
807
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]808 __hidp_link_session(session);
809
810 hidp_set_timer(session);
811
812 err = kernel_thread(hidp_session, session, CLONE_KERNEL);
813 if (err < 0)
814 goto unlink;
815
816 if (session->input) {
817 hidp_send_ctrl_message(session,
818 HIDP_TRANS_SET_PROTOCOL | HIDP_PROTO_BOOT, NULL, 0);
819 session->flags |= (1 << HIDP_BOOT_PROTOCOL_MODE);
820
821 session->leds = 0xff;
822 hidp_input_event(session->input, EV_LED, 0, 0);
823 }
824
825 up_write(&hidp_session_sem);
826 return 0;
827
828unlink:
829 hidp_del_timer(session);
830
831 __hidp_unlink_session(session);
832
Dmitry Torokhov34abf912005-09-15 02:01:40 -0500[diff] [blame]833 if (session->input) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]834 input_unregister_device(session->input);
Dmitry Torokhov34abf912005-09-15 02:01:40 -0500[diff] [blame]835 session->input = NULL; /* don't try to free it here */
836 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]837
838failed:
839 up_write(&hidp_session_sem);
840
Marcel Holtmanne1aaadd2007-02-17 23:58:49 +0100[diff] [blame]841 if (session->hid)
842 hid_free_device(session->hid);
843
Jesper Juhla51482b2005-11-08 09:41:34 -0800[diff] [blame]844 kfree(session->input);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]845 kfree(session);
846 return err;
847}
848
849int hidp_del_connection(struct hidp_conndel_req *req)
850{
851 struct hidp_session *session;
852 int err = 0;
853
854 BT_DBG("");
855
856 down_read(&hidp_session_sem);
857
858 session = __hidp_get_session(&req->bdaddr);
859 if (session) {
860 if (req->flags & (1 << HIDP_VIRTUAL_CABLE_UNPLUG)) {
861 hidp_send_ctrl_message(session,
862 HIDP_TRANS_HID_CONTROL | HIDP_CTRL_VIRTUAL_CABLE_UNPLUG, NULL, 0);
863 } else {
864 /* Flush the transmit queues */
865 skb_queue_purge(&session->ctrl_transmit);
866 skb_queue_purge(&session->intr_transmit);
867
868 /* Kill session thread */
869 atomic_inc(&session->terminate);
870 hidp_schedule(session);
871 }
872 } else
873 err = -ENOENT;
874
875 up_read(&hidp_session_sem);
876 return err;
877}
878
879int hidp_get_connlist(struct hidp_connlist_req *req)
880{
881 struct list_head *p;
882 int err = 0, n = 0;
883
884 BT_DBG("");
885
886 down_read(&hidp_session_sem);
887
888 list_for_each(p, &hidp_session_list) {
889 struct hidp_session *session;
890 struct hidp_conninfo ci;
891
892 session = list_entry(p, struct hidp_session, list);
893
894 __hidp_copy_session(session, &ci);
895
896 if (copy_to_user(req->ci, &ci, sizeof(ci))) {
897 err = -EFAULT;
898 break;
899 }
900
901 if (++n >= req->cnum)
902 break;
903
904 req->ci++;
905 }
906 req->cnum = n;
907
908 up_read(&hidp_session_sem);
909 return err;
910}
911
912int hidp_get_conninfo(struct hidp_conninfo *ci)
913{
914 struct hidp_session *session;
915 int err = 0;
916
917 down_read(&hidp_session_sem);
918
919 session = __hidp_get_session(&ci->bdaddr);
920 if (session)
921 __hidp_copy_session(session, ci);
922 else
923 err = -ENOENT;
924
925 up_read(&hidp_session_sem);
926 return err;
927}
928
929static int __init hidp_init(void)
930{
931 l2cap_load();
932
933 BT_INFO("HIDP (Human Interface Emulation) ver %s", VERSION);
934
935 return hidp_init_sockets();
936}
937
938static void __exit hidp_exit(void)
939{
940 hidp_cleanup_sockets();
941}
942
943module_init(hidp_init);
944module_exit(hidp_exit);
945
946MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
947MODULE_DESCRIPTION("Bluetooth HIDP ver " VERSION);
948MODULE_VERSION(VERSION);
949MODULE_LICENSE("GPL");
950MODULE_ALIAS("bt-proto-6");