]>
Commit | Line | Data |
---|---|---|
8e87d142 | 1 | /* |
1da177e4 LT |
2 | HIDP implementation for Linux Bluetooth stack (BlueZ). |
3 | Copyright (C) 2003-2004 Marcel Holtmann <marcel@holtmann.org> | |
4 | ||
5 | This program is free software; you can redistribute it and/or modify | |
6 | it under the terms of the GNU General Public License version 2 as | |
7 | published by the Free Software Foundation; | |
8 | ||
9 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | |
10 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
11 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | |
12 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | |
8e87d142 YH |
13 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES |
14 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | |
15 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | |
1da177e4 LT |
16 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
17 | ||
8e87d142 YH |
18 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, |
19 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | |
1da177e4 LT |
20 | SOFTWARE IS DISCLAIMED. |
21 | */ | |
22 | ||
1da177e4 | 23 | #include <linux/module.h> |
1da177e4 | 24 | #include <linux/file.h> |
aabf6f89 | 25 | #include <linux/kthread.h> |
364f6351 | 26 | #include <linux/hidraw.h> |
1da177e4 LT |
27 | |
28 | #include <net/bluetooth/bluetooth.h> | |
0a85b964 | 29 | #include <net/bluetooth/hci_core.h> |
1da177e4 LT |
30 | #include <net/bluetooth/l2cap.h> |
31 | ||
32 | #include "hidp.h" | |
33 | ||
e1aaadd4 | 34 | #define VERSION "1.2" |
1da177e4 LT |
35 | |
36 | static DECLARE_RWSEM(hidp_session_sem); | |
37 | static LIST_HEAD(hidp_session_list); | |
38 | ||
39 | static unsigned char hidp_keycode[256] = { | |
17f09a7e SJ |
40 | 0, 0, 0, 0, 30, 48, 46, 32, 18, 33, 34, 35, 23, 36, |
41 | 37, 38, 50, 49, 24, 25, 16, 19, 31, 20, 22, 47, 17, 45, | |
42 | 21, 44, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 28, 1, | |
43 | 14, 15, 57, 12, 13, 26, 27, 43, 43, 39, 40, 41, 51, 52, | |
44 | 53, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 87, 88, | |
45 | 99, 70, 119, 110, 102, 104, 111, 107, 109, 106, 105, 108, 103, 69, | |
46 | 98, 55, 74, 78, 96, 79, 80, 81, 75, 76, 77, 71, 72, 73, | |
47 | 82, 83, 86, 127, 116, 117, 183, 184, 185, 186, 187, 188, 189, 190, | |
48 | 191, 192, 193, 194, 134, 138, 130, 132, 128, 129, 131, 137, 133, 135, | |
49 | 136, 113, 115, 114, 0, 0, 0, 121, 0, 89, 93, 124, 92, 94, | |
50 | 95, 0, 0, 0, 122, 123, 90, 91, 85, 0, 0, 0, 0, 0, | |
51 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
52 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
53 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
54 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
55 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
56 | 29, 42, 56, 125, 97, 54, 100, 126, 164, 166, 165, 163, 161, 115, | |
57 | 114, 113, 150, 158, 159, 128, 136, 177, 178, 176, 142, 152, 173, 140 | |
1da177e4 LT |
58 | }; |
59 | ||
60 | static unsigned char hidp_mkeyspat[] = { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }; | |
61 | ||
3764eaa9 DH |
62 | static inline void hidp_schedule(struct hidp_session *session) |
63 | { | |
64 | struct sock *ctrl_sk = session->ctrl_sock->sk; | |
65 | struct sock *intr_sk = session->intr_sock->sk; | |
66 | ||
67 | wake_up_interruptible(sk_sleep(ctrl_sk)); | |
68 | wake_up_interruptible(sk_sleep(intr_sk)); | |
69 | } | |
70 | ||
1da177e4 LT |
71 | static struct hidp_session *__hidp_get_session(bdaddr_t *bdaddr) |
72 | { | |
73 | struct hidp_session *session; | |
1da177e4 LT |
74 | |
75 | BT_DBG(""); | |
76 | ||
cd11cdd2 | 77 | list_for_each_entry(session, &hidp_session_list, list) { |
1da177e4 LT |
78 | if (!bacmp(bdaddr, &session->bdaddr)) |
79 | return session; | |
80 | } | |
8035ded4 | 81 | |
1da177e4 LT |
82 | return NULL; |
83 | } | |
84 | ||
1da177e4 LT |
85 | static void __hidp_copy_session(struct hidp_session *session, struct hidp_conninfo *ci) |
86 | { | |
d31dbf6e | 87 | memset(ci, 0, sizeof(*ci)); |
1da177e4 LT |
88 | bacpy(&ci->bdaddr, &session->bdaddr); |
89 | ||
90 | ci->flags = session->flags; | |
dcc07647 | 91 | ci->state = BT_CONNECTED; |
1da177e4 LT |
92 | |
93 | ci->vendor = 0x0000; | |
94 | ci->product = 0x0000; | |
95 | ci->version = 0x0000; | |
1da177e4 LT |
96 | |
97 | if (session->input) { | |
98 | ci->vendor = session->input->id.vendor; | |
99 | ci->product = session->input->id.product; | |
100 | ci->version = session->input->id.version; | |
101 | if (session->input->name) | |
102 | strncpy(ci->name, session->input->name, 128); | |
103 | else | |
104 | strncpy(ci->name, "HID Boot Device", 128); | |
105 | } | |
e1aaadd4 MH |
106 | |
107 | if (session->hid) { | |
108 | ci->vendor = session->hid->vendor; | |
109 | ci->product = session->hid->product; | |
110 | ci->version = session->hid->version; | |
111 | strncpy(ci->name, session->hid->name, 128); | |
112 | } | |
1da177e4 LT |
113 | } |
114 | ||
91f5cca3 AM |
115 | static int hidp_queue_event(struct hidp_session *session, struct input_dev *dev, |
116 | unsigned int type, unsigned int code, int value) | |
1da177e4 | 117 | { |
1da177e4 | 118 | unsigned char newleds; |
e1aaadd4 | 119 | struct sk_buff *skb; |
1da177e4 | 120 | |
e1aaadd4 | 121 | BT_DBG("session %p type %d code %d value %d", session, type, code, value); |
1da177e4 LT |
122 | |
123 | if (type != EV_LED) | |
124 | return -1; | |
125 | ||
126 | newleds = (!!test_bit(LED_KANA, dev->led) << 3) | | |
127 | (!!test_bit(LED_COMPOSE, dev->led) << 3) | | |
128 | (!!test_bit(LED_SCROLLL, dev->led) << 2) | | |
129 | (!!test_bit(LED_CAPSL, dev->led) << 1) | | |
130 | (!!test_bit(LED_NUML, dev->led)); | |
131 | ||
132 | if (session->leds == newleds) | |
133 | return 0; | |
134 | ||
135 | session->leds = newleds; | |
136 | ||
5a08ecce AE |
137 | skb = alloc_skb(3, GFP_ATOMIC); |
138 | if (!skb) { | |
1da177e4 LT |
139 | BT_ERR("Can't allocate memory for new frame"); |
140 | return -ENOMEM; | |
141 | } | |
142 | ||
143 | *skb_put(skb, 1) = HIDP_TRANS_DATA | HIDP_DATA_RTYPE_OUPUT; | |
144 | *skb_put(skb, 1) = 0x01; | |
145 | *skb_put(skb, 1) = newleds; | |
146 | ||
147 | skb_queue_tail(&session->intr_transmit, skb); | |
148 | ||
149 | hidp_schedule(session); | |
150 | ||
151 | return 0; | |
152 | } | |
153 | ||
e1aaadd4 MH |
154 | static int hidp_hidinput_event(struct input_dev *dev, unsigned int type, unsigned int code, int value) |
155 | { | |
5be39466 | 156 | struct hid_device *hid = input_get_drvdata(dev); |
e1aaadd4 MH |
157 | struct hidp_session *session = hid->driver_data; |
158 | ||
159 | return hidp_queue_event(session, dev, type, code, value); | |
160 | } | |
161 | ||
162 | static int hidp_input_event(struct input_dev *dev, unsigned int type, unsigned int code, int value) | |
163 | { | |
5be39466 | 164 | struct hidp_session *session = input_get_drvdata(dev); |
e1aaadd4 MH |
165 | |
166 | return hidp_queue_event(session, dev, type, code, value); | |
167 | } | |
168 | ||
1da177e4 LT |
169 | static void hidp_input_report(struct hidp_session *session, struct sk_buff *skb) |
170 | { | |
171 | struct input_dev *dev = session->input; | |
172 | unsigned char *keys = session->keys; | |
173 | unsigned char *udata = skb->data + 1; | |
174 | signed char *sdata = skb->data + 1; | |
175 | int i, size = skb->len - 1; | |
176 | ||
177 | switch (skb->data[0]) { | |
178 | case 0x01: /* Keyboard report */ | |
179 | for (i = 0; i < 8; i++) | |
180 | input_report_key(dev, hidp_keycode[i + 224], (udata[0] >> i) & 1); | |
181 | ||
182 | /* If all the key codes have been set to 0x01, it means | |
183 | * too many keys were pressed at the same time. */ | |
184 | if (!memcmp(udata + 2, hidp_mkeyspat, 6)) | |
185 | break; | |
186 | ||
187 | for (i = 2; i < 8; i++) { | |
188 | if (keys[i] > 3 && memscan(udata + 2, keys[i], 6) == udata + 8) { | |
189 | if (hidp_keycode[keys[i]]) | |
190 | input_report_key(dev, hidp_keycode[keys[i]], 0); | |
191 | else | |
192 | BT_ERR("Unknown key (scancode %#x) released.", keys[i]); | |
193 | } | |
194 | ||
195 | if (udata[i] > 3 && memscan(keys + 2, udata[i], 6) == keys + 8) { | |
196 | if (hidp_keycode[udata[i]]) | |
197 | input_report_key(dev, hidp_keycode[udata[i]], 1); | |
198 | else | |
199 | BT_ERR("Unknown key (scancode %#x) pressed.", udata[i]); | |
200 | } | |
201 | } | |
202 | ||
203 | memcpy(keys, udata, 8); | |
204 | break; | |
205 | ||
206 | case 0x02: /* Mouse report */ | |
207 | input_report_key(dev, BTN_LEFT, sdata[0] & 0x01); | |
208 | input_report_key(dev, BTN_RIGHT, sdata[0] & 0x02); | |
209 | input_report_key(dev, BTN_MIDDLE, sdata[0] & 0x04); | |
210 | input_report_key(dev, BTN_SIDE, sdata[0] & 0x08); | |
211 | input_report_key(dev, BTN_EXTRA, sdata[0] & 0x10); | |
212 | ||
213 | input_report_rel(dev, REL_X, sdata[1]); | |
214 | input_report_rel(dev, REL_Y, sdata[2]); | |
215 | ||
216 | if (size > 3) | |
217 | input_report_rel(dev, REL_WHEEL, sdata[3]); | |
218 | break; | |
219 | } | |
220 | ||
221 | input_sync(dev); | |
222 | } | |
223 | ||
6bf8268f | 224 | static int __hidp_send_ctrl_message(struct hidp_session *session, |
1d0c4da8 GP |
225 | unsigned char hdr, unsigned char *data, |
226 | int size) | |
6bf8268f BN |
227 | { |
228 | struct sk_buff *skb; | |
229 | ||
230 | BT_DBG("session %p data %p size %d", session, data, size); | |
231 | ||
794d1756 DH |
232 | if (atomic_read(&session->terminate)) |
233 | return -EIO; | |
234 | ||
5a08ecce AE |
235 | skb = alloc_skb(size + 1, GFP_ATOMIC); |
236 | if (!skb) { | |
6bf8268f BN |
237 | BT_ERR("Can't allocate memory for new frame"); |
238 | return -ENOMEM; | |
239 | } | |
240 | ||
241 | *skb_put(skb, 1) = hdr; | |
242 | if (data && size > 0) | |
243 | memcpy(skb_put(skb, size), data, size); | |
244 | ||
245 | skb_queue_tail(&session->ctrl_transmit, skb); | |
246 | ||
247 | return 0; | |
248 | } | |
249 | ||
6039aa73 | 250 | static int hidp_send_ctrl_message(struct hidp_session *session, |
6bf8268f BN |
251 | unsigned char hdr, unsigned char *data, int size) |
252 | { | |
253 | int err; | |
254 | ||
255 | err = __hidp_send_ctrl_message(session, hdr, data, size); | |
256 | ||
257 | hidp_schedule(session); | |
258 | ||
259 | return err; | |
260 | } | |
261 | ||
91f5cca3 AM |
262 | static int hidp_queue_report(struct hidp_session *session, |
263 | unsigned char *data, int size) | |
e1aaadd4 MH |
264 | { |
265 | struct sk_buff *skb; | |
266 | ||
6792b5ec | 267 | BT_DBG("session %p hid %p data %p size %d", session, session->hid, data, size); |
e1aaadd4 | 268 | |
5a08ecce AE |
269 | skb = alloc_skb(size + 1, GFP_ATOMIC); |
270 | if (!skb) { | |
e1aaadd4 MH |
271 | BT_ERR("Can't allocate memory for new frame"); |
272 | return -ENOMEM; | |
273 | } | |
274 | ||
275 | *skb_put(skb, 1) = 0xa2; | |
276 | if (size > 0) | |
277 | memcpy(skb_put(skb, size), data, size); | |
278 | ||
279 | skb_queue_tail(&session->intr_transmit, skb); | |
280 | ||
281 | hidp_schedule(session); | |
282 | ||
283 | return 0; | |
284 | } | |
285 | ||
286 | static int hidp_send_report(struct hidp_session *session, struct hid_report *report) | |
287 | { | |
288 | unsigned char buf[32]; | |
289 | int rsize; | |
290 | ||
291 | rsize = ((report->size - 1) >> 3) + 1 + (report->id > 0); | |
292 | if (rsize > sizeof(buf)) | |
293 | return -EIO; | |
294 | ||
295 | hid_output_report(report, buf); | |
296 | ||
297 | return hidp_queue_report(session, buf, rsize); | |
298 | } | |
299 | ||
0ff1731a AO |
300 | static int hidp_get_raw_report(struct hid_device *hid, |
301 | unsigned char report_number, | |
302 | unsigned char *data, size_t count, | |
303 | unsigned char report_type) | |
304 | { | |
305 | struct hidp_session *session = hid->driver_data; | |
306 | struct sk_buff *skb; | |
307 | size_t len; | |
308 | int numbered_reports = hid->report_enum[report_type].numbered; | |
794d1756 | 309 | int ret; |
0ff1731a | 310 | |
fd86c9be KR |
311 | if (atomic_read(&session->terminate)) |
312 | return -EIO; | |
313 | ||
0ff1731a AO |
314 | switch (report_type) { |
315 | case HID_FEATURE_REPORT: | |
316 | report_type = HIDP_TRANS_GET_REPORT | HIDP_DATA_RTYPE_FEATURE; | |
317 | break; | |
318 | case HID_INPUT_REPORT: | |
319 | report_type = HIDP_TRANS_GET_REPORT | HIDP_DATA_RTYPE_INPUT; | |
320 | break; | |
321 | case HID_OUTPUT_REPORT: | |
322 | report_type = HIDP_TRANS_GET_REPORT | HIDP_DATA_RTYPE_OUPUT; | |
323 | break; | |
324 | default: | |
325 | return -EINVAL; | |
326 | } | |
327 | ||
328 | if (mutex_lock_interruptible(&session->report_mutex)) | |
329 | return -ERESTARTSYS; | |
330 | ||
331 | /* Set up our wait, and send the report request to the device. */ | |
332 | session->waiting_report_type = report_type & HIDP_DATA_RTYPE_MASK; | |
333 | session->waiting_report_number = numbered_reports ? report_number : -1; | |
334 | set_bit(HIDP_WAITING_FOR_RETURN, &session->flags); | |
335 | data[0] = report_number; | |
794d1756 DH |
336 | ret = hidp_send_ctrl_message(hid->driver_data, report_type, data, 1); |
337 | if (ret) | |
338 | goto err; | |
0ff1731a AO |
339 | |
340 | /* Wait for the return of the report. The returned report | |
341 | gets put in session->report_return. */ | |
e3492dc3 DH |
342 | while (test_bit(HIDP_WAITING_FOR_RETURN, &session->flags) && |
343 | !atomic_read(&session->terminate)) { | |
0ff1731a AO |
344 | int res; |
345 | ||
346 | res = wait_event_interruptible_timeout(session->report_queue, | |
e3492dc3 DH |
347 | !test_bit(HIDP_WAITING_FOR_RETURN, &session->flags) |
348 | || atomic_read(&session->terminate), | |
0ff1731a AO |
349 | 5*HZ); |
350 | if (res == 0) { | |
351 | /* timeout */ | |
794d1756 DH |
352 | ret = -EIO; |
353 | goto err; | |
0ff1731a AO |
354 | } |
355 | if (res < 0) { | |
356 | /* signal */ | |
794d1756 DH |
357 | ret = -ERESTARTSYS; |
358 | goto err; | |
0ff1731a AO |
359 | } |
360 | } | |
361 | ||
362 | skb = session->report_return; | |
363 | if (skb) { | |
364 | len = skb->len < count ? skb->len : count; | |
365 | memcpy(data, skb->data, len); | |
366 | ||
367 | kfree_skb(skb); | |
368 | session->report_return = NULL; | |
369 | } else { | |
370 | /* Device returned a HANDSHAKE, indicating protocol error. */ | |
371 | len = -EIO; | |
372 | } | |
373 | ||
374 | clear_bit(HIDP_WAITING_FOR_RETURN, &session->flags); | |
375 | mutex_unlock(&session->report_mutex); | |
376 | ||
377 | return len; | |
378 | ||
794d1756 | 379 | err: |
0ff1731a AO |
380 | clear_bit(HIDP_WAITING_FOR_RETURN, &session->flags); |
381 | mutex_unlock(&session->report_mutex); | |
794d1756 | 382 | return ret; |
0ff1731a AO |
383 | } |
384 | ||
d4bfa033 JK |
385 | static int hidp_output_raw_report(struct hid_device *hid, unsigned char *data, size_t count, |
386 | unsigned char report_type) | |
2da31939 | 387 | { |
0825411a AO |
388 | struct hidp_session *session = hid->driver_data; |
389 | int ret; | |
390 | ||
d4bfa033 JK |
391 | switch (report_type) { |
392 | case HID_FEATURE_REPORT: | |
393 | report_type = HIDP_TRANS_SET_REPORT | HIDP_DATA_RTYPE_FEATURE; | |
394 | break; | |
395 | case HID_OUTPUT_REPORT: | |
97e1efbb | 396 | report_type = HIDP_TRANS_SET_REPORT | HIDP_DATA_RTYPE_OUPUT; |
d4bfa033 JK |
397 | break; |
398 | default: | |
399 | return -EINVAL; | |
400 | } | |
401 | ||
0825411a AO |
402 | if (mutex_lock_interruptible(&session->report_mutex)) |
403 | return -ERESTARTSYS; | |
404 | ||
405 | /* Set up our wait, and send the report request to the device. */ | |
406 | set_bit(HIDP_WAITING_FOR_SEND_ACK, &session->flags); | |
794d1756 DH |
407 | ret = hidp_send_ctrl_message(hid->driver_data, report_type, data, |
408 | count); | |
409 | if (ret) | |
0825411a | 410 | goto err; |
0825411a AO |
411 | |
412 | /* Wait for the ACK from the device. */ | |
e3492dc3 DH |
413 | while (test_bit(HIDP_WAITING_FOR_SEND_ACK, &session->flags) && |
414 | !atomic_read(&session->terminate)) { | |
0825411a AO |
415 | int res; |
416 | ||
417 | res = wait_event_interruptible_timeout(session->report_queue, | |
e3492dc3 DH |
418 | !test_bit(HIDP_WAITING_FOR_SEND_ACK, &session->flags) |
419 | || atomic_read(&session->terminate), | |
0825411a AO |
420 | 10*HZ); |
421 | if (res == 0) { | |
422 | /* timeout */ | |
423 | ret = -EIO; | |
424 | goto err; | |
425 | } | |
426 | if (res < 0) { | |
427 | /* signal */ | |
428 | ret = -ERESTARTSYS; | |
429 | goto err; | |
430 | } | |
431 | } | |
432 | ||
433 | if (!session->output_report_success) { | |
434 | ret = -EIO; | |
435 | goto err; | |
436 | } | |
437 | ||
438 | ret = count; | |
439 | ||
440 | err: | |
441 | clear_bit(HIDP_WAITING_FOR_SEND_ACK, &session->flags); | |
442 | mutex_unlock(&session->report_mutex); | |
443 | return ret; | |
2da31939 JK |
444 | } |
445 | ||
1da177e4 LT |
446 | static void hidp_idle_timeout(unsigned long arg) |
447 | { | |
448 | struct hidp_session *session = (struct hidp_session *) arg; | |
449 | ||
7bb59df8 PH |
450 | atomic_inc(&session->terminate); |
451 | wake_up_process(session->task); | |
1da177e4 LT |
452 | } |
453 | ||
91f5cca3 | 454 | static void hidp_set_timer(struct hidp_session *session) |
1da177e4 LT |
455 | { |
456 | if (session->idle_to > 0) | |
457 | mod_timer(&session->timer, jiffies + HZ * session->idle_to); | |
458 | } | |
459 | ||
6039aa73 | 460 | static void hidp_del_timer(struct hidp_session *session) |
1da177e4 LT |
461 | { |
462 | if (session->idle_to > 0) | |
463 | del_timer(&session->timer); | |
464 | } | |
465 | ||
91f5cca3 AM |
466 | static void hidp_process_handshake(struct hidp_session *session, |
467 | unsigned char param) | |
1da177e4 LT |
468 | { |
469 | BT_DBG("session %p param 0x%02x", session, param); | |
0825411a | 470 | session->output_report_success = 0; /* default condition */ |
1da177e4 LT |
471 | |
472 | switch (param) { | |
473 | case HIDP_HSHK_SUCCESSFUL: | |
474 | /* FIXME: Call into SET_ GET_ handlers here */ | |
0825411a | 475 | session->output_report_success = 1; |
1da177e4 LT |
476 | break; |
477 | ||
478 | case HIDP_HSHK_NOT_READY: | |
479 | case HIDP_HSHK_ERR_INVALID_REPORT_ID: | |
480 | case HIDP_HSHK_ERR_UNSUPPORTED_REQUEST: | |
481 | case HIDP_HSHK_ERR_INVALID_PARAMETER: | |
ab88f714 | 482 | if (test_and_clear_bit(HIDP_WAITING_FOR_RETURN, &session->flags)) |
0ff1731a | 483 | wake_up_interruptible(&session->report_queue); |
ab88f714 | 484 | |
1da177e4 LT |
485 | /* FIXME: Call into SET_ GET_ handlers here */ |
486 | break; | |
487 | ||
488 | case HIDP_HSHK_ERR_UNKNOWN: | |
489 | break; | |
490 | ||
491 | case HIDP_HSHK_ERR_FATAL: | |
492 | /* Device requests a reboot, as this is the only way this error | |
8e87d142 | 493 | * can be recovered. */ |
1da177e4 LT |
494 | __hidp_send_ctrl_message(session, |
495 | HIDP_TRANS_HID_CONTROL | HIDP_CTRL_SOFT_RESET, NULL, 0); | |
496 | break; | |
497 | ||
498 | default: | |
499 | __hidp_send_ctrl_message(session, | |
500 | HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0); | |
501 | break; | |
502 | } | |
0825411a AO |
503 | |
504 | /* Wake up the waiting thread. */ | |
ab88f714 | 505 | if (test_and_clear_bit(HIDP_WAITING_FOR_SEND_ACK, &session->flags)) |
0825411a | 506 | wake_up_interruptible(&session->report_queue); |
1da177e4 LT |
507 | } |
508 | ||
91f5cca3 AM |
509 | static void hidp_process_hid_control(struct hidp_session *session, |
510 | unsigned char param) | |
1da177e4 LT |
511 | { |
512 | BT_DBG("session %p param 0x%02x", session, param); | |
513 | ||
eff001e3 | 514 | if (param == HIDP_CTRL_VIRTUAL_CABLE_UNPLUG) { |
1da177e4 LT |
515 | /* Flush the transmit queues */ |
516 | skb_queue_purge(&session->ctrl_transmit); | |
517 | skb_queue_purge(&session->intr_transmit); | |
518 | ||
7bb59df8 PH |
519 | atomic_inc(&session->terminate); |
520 | wake_up_process(current); | |
1da177e4 LT |
521 | } |
522 | } | |
523 | ||
0ff1731a AO |
524 | /* Returns true if the passed-in skb should be freed by the caller. */ |
525 | static int hidp_process_data(struct hidp_session *session, struct sk_buff *skb, | |
91f5cca3 | 526 | unsigned char param) |
1da177e4 | 527 | { |
0ff1731a | 528 | int done_with_skb = 1; |
1da177e4 LT |
529 | BT_DBG("session %p skb %p len %d param 0x%02x", session, skb, skb->len, param); |
530 | ||
531 | switch (param) { | |
532 | case HIDP_DATA_RTYPE_INPUT: | |
533 | hidp_set_timer(session); | |
534 | ||
535 | if (session->input) | |
536 | hidp_input_report(session, skb); | |
e1aaadd4 MH |
537 | |
538 | if (session->hid) | |
539 | hid_input_report(session->hid, HID_INPUT_REPORT, skb->data, skb->len, 0); | |
1da177e4 LT |
540 | break; |
541 | ||
542 | case HIDP_DATA_RTYPE_OTHER: | |
543 | case HIDP_DATA_RTYPE_OUPUT: | |
544 | case HIDP_DATA_RTYPE_FEATURE: | |
545 | break; | |
546 | ||
547 | default: | |
548 | __hidp_send_ctrl_message(session, | |
549 | HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0); | |
550 | } | |
0ff1731a AO |
551 | |
552 | if (test_bit(HIDP_WAITING_FOR_RETURN, &session->flags) && | |
553 | param == session->waiting_report_type) { | |
554 | if (session->waiting_report_number < 0 || | |
555 | session->waiting_report_number == skb->data[0]) { | |
556 | /* hidp_get_raw_report() is waiting on this report. */ | |
557 | session->report_return = skb; | |
558 | done_with_skb = 0; | |
559 | clear_bit(HIDP_WAITING_FOR_RETURN, &session->flags); | |
560 | wake_up_interruptible(&session->report_queue); | |
561 | } | |
562 | } | |
563 | ||
564 | return done_with_skb; | |
1da177e4 LT |
565 | } |
566 | ||
91f5cca3 AM |
567 | static void hidp_recv_ctrl_frame(struct hidp_session *session, |
568 | struct sk_buff *skb) | |
1da177e4 LT |
569 | { |
570 | unsigned char hdr, type, param; | |
0ff1731a | 571 | int free_skb = 1; |
1da177e4 LT |
572 | |
573 | BT_DBG("session %p skb %p len %d", session, skb, skb->len); | |
574 | ||
575 | hdr = skb->data[0]; | |
576 | skb_pull(skb, 1); | |
577 | ||
578 | type = hdr & HIDP_HEADER_TRANS_MASK; | |
579 | param = hdr & HIDP_HEADER_PARAM_MASK; | |
580 | ||
581 | switch (type) { | |
582 | case HIDP_TRANS_HANDSHAKE: | |
583 | hidp_process_handshake(session, param); | |
584 | break; | |
585 | ||
586 | case HIDP_TRANS_HID_CONTROL: | |
587 | hidp_process_hid_control(session, param); | |
588 | break; | |
589 | ||
590 | case HIDP_TRANS_DATA: | |
0ff1731a | 591 | free_skb = hidp_process_data(session, skb, param); |
1da177e4 LT |
592 | break; |
593 | ||
594 | default: | |
595 | __hidp_send_ctrl_message(session, | |
596 | HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_UNSUPPORTED_REQUEST, NULL, 0); | |
597 | break; | |
598 | } | |
599 | ||
0ff1731a AO |
600 | if (free_skb) |
601 | kfree_skb(skb); | |
1da177e4 LT |
602 | } |
603 | ||
91f5cca3 AM |
604 | static void hidp_recv_intr_frame(struct hidp_session *session, |
605 | struct sk_buff *skb) | |
1da177e4 LT |
606 | { |
607 | unsigned char hdr; | |
608 | ||
609 | BT_DBG("session %p skb %p len %d", session, skb, skb->len); | |
610 | ||
611 | hdr = skb->data[0]; | |
612 | skb_pull(skb, 1); | |
613 | ||
614 | if (hdr == (HIDP_TRANS_DATA | HIDP_DATA_RTYPE_INPUT)) { | |
615 | hidp_set_timer(session); | |
e1aaadd4 | 616 | |
1da177e4 LT |
617 | if (session->input) |
618 | hidp_input_report(session, skb); | |
e1aaadd4 MH |
619 | |
620 | if (session->hid) { | |
621 | hid_input_report(session->hid, HID_INPUT_REPORT, skb->data, skb->len, 1); | |
622 | BT_DBG("report len %d", skb->len); | |
623 | } | |
1da177e4 LT |
624 | } else { |
625 | BT_DBG("Unsupported protocol header 0x%02x", hdr); | |
626 | } | |
627 | ||
628 | kfree_skb(skb); | |
629 | } | |
630 | ||
631 | static int hidp_send_frame(struct socket *sock, unsigned char *data, int len) | |
632 | { | |
633 | struct kvec iv = { data, len }; | |
634 | struct msghdr msg; | |
635 | ||
636 | BT_DBG("sock %p data %p len %d", sock, data, len); | |
637 | ||
638 | if (!len) | |
639 | return 0; | |
640 | ||
641 | memset(&msg, 0, sizeof(msg)); | |
642 | ||
643 | return kernel_sendmsg(sock, &msg, &iv, 1, len); | |
644 | } | |
645 | ||
679344e4 | 646 | static void hidp_process_intr_transmit(struct hidp_session *session) |
1da177e4 LT |
647 | { |
648 | struct sk_buff *skb; | |
649 | ||
650 | BT_DBG("session %p", session); | |
651 | ||
679344e4 GP |
652 | while ((skb = skb_dequeue(&session->intr_transmit))) { |
653 | if (hidp_send_frame(session->intr_sock, skb->data, skb->len) < 0) { | |
654 | skb_queue_head(&session->intr_transmit, skb); | |
1da177e4 LT |
655 | break; |
656 | } | |
657 | ||
658 | hidp_set_timer(session); | |
659 | kfree_skb(skb); | |
660 | } | |
679344e4 | 661 | } |
1da177e4 | 662 | |
679344e4 GP |
663 | static void hidp_process_ctrl_transmit(struct hidp_session *session) |
664 | { | |
665 | struct sk_buff *skb; | |
666 | ||
667 | BT_DBG("session %p", session); | |
668 | ||
669 | while ((skb = skb_dequeue(&session->ctrl_transmit))) { | |
670 | if (hidp_send_frame(session->ctrl_sock, skb->data, skb->len) < 0) { | |
671 | skb_queue_head(&session->ctrl_transmit, skb); | |
1da177e4 LT |
672 | break; |
673 | } | |
674 | ||
675 | hidp_set_timer(session); | |
676 | kfree_skb(skb); | |
677 | } | |
1da177e4 LT |
678 | } |
679 | ||
680 | static int hidp_session(void *arg) | |
681 | { | |
682 | struct hidp_session *session = arg; | |
683 | struct sock *ctrl_sk = session->ctrl_sock->sk; | |
684 | struct sock *intr_sk = session->intr_sock->sk; | |
685 | struct sk_buff *skb; | |
1da177e4 LT |
686 | wait_queue_t ctrl_wait, intr_wait; |
687 | ||
688 | BT_DBG("session %p", session); | |
689 | ||
25df0845 | 690 | __module_get(THIS_MODULE); |
1da177e4 | 691 | set_user_nice(current, -15); |
1da177e4 LT |
692 | |
693 | init_waitqueue_entry(&ctrl_wait, current); | |
694 | init_waitqueue_entry(&intr_wait, current); | |
aa395145 ED |
695 | add_wait_queue(sk_sleep(ctrl_sk), &ctrl_wait); |
696 | add_wait_queue(sk_sleep(intr_sk), &intr_wait); | |
0f69dca2 AO |
697 | session->waiting_for_startup = 0; |
698 | wake_up_interruptible(&session->startup_queue); | |
7bb59df8 PH |
699 | set_current_state(TASK_INTERRUPTIBLE); |
700 | while (!atomic_read(&session->terminate)) { | |
17f09a7e SJ |
701 | if (ctrl_sk->sk_state != BT_CONNECTED || |
702 | intr_sk->sk_state != BT_CONNECTED) | |
1da177e4 LT |
703 | break; |
704 | ||
dc0da5cd | 705 | while ((skb = skb_dequeue(&intr_sk->sk_receive_queue))) { |
1da177e4 | 706 | skb_orphan(skb); |
44935720 | 707 | if (!skb_linearize(skb)) |
dc0da5cd | 708 | hidp_recv_intr_frame(session, skb); |
44935720 MM |
709 | else |
710 | kfree_skb(skb); | |
1da177e4 LT |
711 | } |
712 | ||
679344e4 GP |
713 | hidp_process_intr_transmit(session); |
714 | ||
dc0da5cd | 715 | while ((skb = skb_dequeue(&ctrl_sk->sk_receive_queue))) { |
1da177e4 | 716 | skb_orphan(skb); |
44935720 | 717 | if (!skb_linearize(skb)) |
dc0da5cd | 718 | hidp_recv_ctrl_frame(session, skb); |
44935720 MM |
719 | else |
720 | kfree_skb(skb); | |
1da177e4 LT |
721 | } |
722 | ||
679344e4 | 723 | hidp_process_ctrl_transmit(session); |
1da177e4 LT |
724 | |
725 | schedule(); | |
7bb59df8 | 726 | set_current_state(TASK_INTERRUPTIBLE); |
1da177e4 LT |
727 | } |
728 | set_current_state(TASK_RUNNING); | |
fd86c9be | 729 | atomic_inc(&session->terminate); |
aa395145 ED |
730 | remove_wait_queue(sk_sleep(intr_sk), &intr_wait); |
731 | remove_wait_queue(sk_sleep(ctrl_sk), &ctrl_wait); | |
1da177e4 | 732 | |
794d1756 DH |
733 | clear_bit(HIDP_WAITING_FOR_SEND_ACK, &session->flags); |
734 | clear_bit(HIDP_WAITING_FOR_RETURN, &session->flags); | |
735 | wake_up_interruptible(&session->report_queue); | |
736 | ||
1da177e4 LT |
737 | down_write(&hidp_session_sem); |
738 | ||
739 | hidp_del_timer(session); | |
740 | ||
1da177e4 LT |
741 | if (session->input) { |
742 | input_unregister_device(session->input); | |
34abf91f | 743 | session->input = NULL; |
1da177e4 LT |
744 | } |
745 | ||
e1aaadd4 | 746 | if (session->hid) { |
85cdaf52 | 747 | hid_destroy_device(session->hid); |
edad6388 | 748 | session->hid = NULL; |
e1aaadd4 MH |
749 | } |
750 | ||
ec8dab36 MH |
751 | /* Wakeup user-space polling for socket errors */ |
752 | session->intr_sock->sk->sk_err = EUNATCH; | |
753 | session->ctrl_sock->sk->sk_err = EUNATCH; | |
754 | ||
755 | hidp_schedule(session); | |
756 | ||
1c39858b DW |
757 | fput(session->intr_sock->file); |
758 | ||
aa395145 | 759 | wait_event_timeout(*(sk_sleep(ctrl_sk)), |
1c39858b DW |
760 | (ctrl_sk->sk_state == BT_CLOSED), msecs_to_jiffies(500)); |
761 | ||
762 | fput(session->ctrl_sock->file); | |
763 | ||
fc225c3f | 764 | list_del(&session->list); |
1c39858b | 765 | |
1da177e4 LT |
766 | up_write(&hidp_session_sem); |
767 | ||
1c97e94c | 768 | kfree(session->rd_data); |
1da177e4 | 769 | kfree(session); |
25df0845 | 770 | module_put_and_exit(0); |
1da177e4 LT |
771 | return 0; |
772 | } | |
773 | ||
3e90dc86 | 774 | static struct hci_conn *hidp_get_connection(struct hidp_session *session) |
0a85b964 MH |
775 | { |
776 | bdaddr_t *src = &bt_sk(session->ctrl_sock->sk)->src; | |
777 | bdaddr_t *dst = &bt_sk(session->ctrl_sock->sk)->dst; | |
1785dbf9 | 778 | struct hci_conn *conn; |
0a85b964 | 779 | struct hci_dev *hdev; |
0a85b964 MH |
780 | |
781 | hdev = hci_get_route(dst, src); | |
782 | if (!hdev) | |
783 | return NULL; | |
784 | ||
09fd0de5 | 785 | hci_dev_lock(hdev); |
1785dbf9 | 786 | conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst); |
09fd0de5 | 787 | hci_dev_unlock(hdev); |
0a85b964 MH |
788 | |
789 | hci_dev_put(hdev); | |
790 | ||
1785dbf9 | 791 | return conn; |
0a85b964 MH |
792 | } |
793 | ||
91f5cca3 AM |
794 | static int hidp_setup_input(struct hidp_session *session, |
795 | struct hidp_connadd_req *req) | |
1da177e4 | 796 | { |
c500c971 | 797 | struct input_dev *input; |
3415a5fd | 798 | int i; |
1da177e4 | 799 | |
c500c971 JS |
800 | input = input_allocate_device(); |
801 | if (!input) | |
802 | return -ENOMEM; | |
803 | ||
804 | session->input = input; | |
805 | ||
5be39466 | 806 | input_set_drvdata(input, session); |
1da177e4 | 807 | |
34abf91f DT |
808 | input->name = "Bluetooth HID Boot Protocol Device"; |
809 | ||
1da177e4 LT |
810 | input->id.bustype = BUS_BLUETOOTH; |
811 | input->id.vendor = req->vendor; | |
812 | input->id.product = req->product; | |
813 | input->id.version = req->version; | |
814 | ||
815 | if (req->subclass & 0x40) { | |
816 | set_bit(EV_KEY, input->evbit); | |
817 | set_bit(EV_LED, input->evbit); | |
818 | set_bit(EV_REP, input->evbit); | |
819 | ||
820 | set_bit(LED_NUML, input->ledbit); | |
821 | set_bit(LED_CAPSL, input->ledbit); | |
822 | set_bit(LED_SCROLLL, input->ledbit); | |
823 | set_bit(LED_COMPOSE, input->ledbit); | |
824 | set_bit(LED_KANA, input->ledbit); | |
825 | ||
826 | for (i = 0; i < sizeof(hidp_keycode); i++) | |
827 | set_bit(hidp_keycode[i], input->keybit); | |
828 | clear_bit(0, input->keybit); | |
829 | } | |
830 | ||
831 | if (req->subclass & 0x80) { | |
7b19ada2 JS |
832 | input->evbit[0] = BIT_MASK(EV_KEY) | BIT_MASK(EV_REL); |
833 | input->keybit[BIT_WORD(BTN_MOUSE)] = BIT_MASK(BTN_LEFT) | | |
834 | BIT_MASK(BTN_RIGHT) | BIT_MASK(BTN_MIDDLE); | |
835 | input->relbit[0] = BIT_MASK(REL_X) | BIT_MASK(REL_Y); | |
836 | input->keybit[BIT_WORD(BTN_MOUSE)] |= BIT_MASK(BTN_SIDE) | | |
837 | BIT_MASK(BTN_EXTRA); | |
838 | input->relbit[0] |= BIT_MASK(REL_WHEEL); | |
1da177e4 LT |
839 | } |
840 | ||
1785dbf9 | 841 | input->dev.parent = &session->conn->dev; |
0a85b964 | 842 | |
1da177e4 LT |
843 | input->event = hidp_input_event; |
844 | ||
edad6388 | 845 | return 0; |
1da177e4 LT |
846 | } |
847 | ||
f5ffd462 MH |
848 | static int hidp_open(struct hid_device *hid) |
849 | { | |
850 | return 0; | |
851 | } | |
852 | ||
853 | static void hidp_close(struct hid_device *hid) | |
854 | { | |
855 | } | |
856 | ||
c500c971 JS |
857 | static int hidp_parse(struct hid_device *hid) |
858 | { | |
859 | struct hidp_session *session = hid->driver_data; | |
c500c971 | 860 | |
15c697ce MP |
861 | return hid_parse_report(session->hid, session->rd_data, |
862 | session->rd_size); | |
c500c971 JS |
863 | } |
864 | ||
865 | static int hidp_start(struct hid_device *hid) | |
866 | { | |
867 | struct hidp_session *session = hid->driver_data; | |
868 | struct hid_report *report; | |
869 | ||
142c69c6 DH |
870 | if (hid->quirks & HID_QUIRK_NO_INIT_REPORTS) |
871 | return 0; | |
872 | ||
c500c971 JS |
873 | list_for_each_entry(report, &hid->report_enum[HID_INPUT_REPORT]. |
874 | report_list, list) | |
875 | hidp_send_report(session, report); | |
876 | ||
877 | list_for_each_entry(report, &hid->report_enum[HID_FEATURE_REPORT]. | |
878 | report_list, list) | |
879 | hidp_send_report(session, report); | |
880 | ||
c500c971 JS |
881 | return 0; |
882 | } | |
883 | ||
884 | static void hidp_stop(struct hid_device *hid) | |
885 | { | |
886 | struct hidp_session *session = hid->driver_data; | |
887 | ||
888 | skb_queue_purge(&session->ctrl_transmit); | |
889 | skb_queue_purge(&session->intr_transmit); | |
890 | ||
c500c971 JS |
891 | hid->claimed = 0; |
892 | } | |
893 | ||
894 | static struct hid_ll_driver hidp_hid_driver = { | |
895 | .parse = hidp_parse, | |
896 | .start = hidp_start, | |
897 | .stop = hidp_stop, | |
898 | .open = hidp_open, | |
899 | .close = hidp_close, | |
900 | .hidinput_input_event = hidp_hidinput_event, | |
901 | }; | |
902 | ||
0f69dca2 AO |
903 | /* This function sets up the hid device. It does not add it |
904 | to the HID system. That is done in hidp_add_connection(). */ | |
85cdaf52 | 905 | static int hidp_setup_hid(struct hidp_session *session, |
91f5cca3 | 906 | struct hidp_connadd_req *req) |
e1aaadd4 | 907 | { |
c500c971 | 908 | struct hid_device *hid; |
edad6388 | 909 | int err; |
e1aaadd4 | 910 | |
15c697ce MP |
911 | session->rd_data = kzalloc(req->rd_size, GFP_KERNEL); |
912 | if (!session->rd_data) | |
913 | return -ENOMEM; | |
914 | ||
915 | if (copy_from_user(session->rd_data, req->rd_data, req->rd_size)) { | |
916 | err = -EFAULT; | |
917 | goto fault; | |
918 | } | |
919 | session->rd_size = req->rd_size; | |
920 | ||
c500c971 | 921 | hid = hid_allocate_device(); |
15c697ce MP |
922 | if (IS_ERR(hid)) { |
923 | err = PTR_ERR(hid); | |
924 | goto fault; | |
925 | } | |
e1aaadd4 | 926 | |
c500c971 | 927 | session->hid = hid; |
15c697ce | 928 | |
e1aaadd4 MH |
929 | hid->driver_data = session; |
930 | ||
e1aaadd4 MH |
931 | hid->bus = BUS_BLUETOOTH; |
932 | hid->vendor = req->vendor; | |
933 | hid->product = req->product; | |
934 | hid->version = req->version; | |
c500c971 | 935 | hid->country = req->country; |
e1aaadd4 | 936 | |
0a9ab9bd | 937 | strncpy(hid->name, req->name, sizeof(req->name) - 1); |
fcb73338 AE |
938 | |
939 | snprintf(hid->phys, sizeof(hid->phys), "%pMR", | |
940 | &bt_sk(session->ctrl_sock->sk)->src); | |
941 | ||
942 | snprintf(hid->uniq, sizeof(hid->uniq), "%pMR", | |
943 | &bt_sk(session->ctrl_sock->sk)->dst); | |
e1aaadd4 | 944 | |
1785dbf9 | 945 | hid->dev.parent = &session->conn->dev; |
c500c971 | 946 | hid->ll_driver = &hidp_hid_driver; |
85cdaf52 | 947 | |
0ff1731a | 948 | hid->hid_get_raw_report = hidp_get_raw_report; |
2da31939 JK |
949 | hid->hid_output_raw_report = hidp_output_raw_report; |
950 | ||
4529eefa LS |
951 | /* True if device is blacklisted in drivers/hid/hid-core.c */ |
952 | if (hid_ignore(hid)) { | |
953 | hid_destroy_device(session->hid); | |
954 | session->hid = NULL; | |
955 | return -ENODEV; | |
956 | } | |
957 | ||
c500c971 | 958 | return 0; |
edad6388 | 959 | |
15c697ce MP |
960 | fault: |
961 | kfree(session->rd_data); | |
962 | session->rd_data = NULL; | |
963 | ||
edad6388 | 964 | return err; |
e1aaadd4 MH |
965 | } |
966 | ||
1da177e4 LT |
967 | int hidp_add_connection(struct hidp_connadd_req *req, struct socket *ctrl_sock, struct socket *intr_sock) |
968 | { | |
969 | struct hidp_session *session, *s; | |
aabf6f89 | 970 | int vendor, product; |
1da177e4 LT |
971 | int err; |
972 | ||
973 | BT_DBG(""); | |
974 | ||
b3916db3 DH |
975 | if (!l2cap_is_socket(ctrl_sock) || !l2cap_is_socket(intr_sock)) |
976 | return -EINVAL; | |
1da177e4 LT |
977 | if (bacmp(&bt_sk(ctrl_sock->sk)->src, &bt_sk(intr_sock->sk)->src) || |
978 | bacmp(&bt_sk(ctrl_sock->sk)->dst, &bt_sk(intr_sock->sk)->dst)) | |
979 | return -ENOTUNIQ; | |
980 | ||
e1aaadd4 MH |
981 | BT_DBG("rd_data %p rd_size %d", req->rd_data, req->rd_size); |
982 | ||
1da177e4 LT |
983 | down_write(&hidp_session_sem); |
984 | ||
985 | s = __hidp_get_session(&bt_sk(ctrl_sock->sk)->dst); | |
dcc07647 | 986 | if (s) { |
81b25cd0 GP |
987 | up_write(&hidp_session_sem); |
988 | return -EEXIST; | |
989 | } | |
990 | ||
991 | session = kzalloc(sizeof(struct hidp_session), GFP_KERNEL); | |
992 | if (!session) { | |
993 | up_write(&hidp_session_sem); | |
994 | return -ENOMEM; | |
1da177e4 LT |
995 | } |
996 | ||
997 | bacpy(&session->bdaddr, &bt_sk(ctrl_sock->sk)->dst); | |
998 | ||
0c1bc5c6 GP |
999 | session->ctrl_mtu = min_t(uint, l2cap_pi(ctrl_sock->sk)->chan->omtu, |
1000 | l2cap_pi(ctrl_sock->sk)->chan->imtu); | |
1001 | session->intr_mtu = min_t(uint, l2cap_pi(intr_sock->sk)->chan->omtu, | |
1002 | l2cap_pi(intr_sock->sk)->chan->imtu); | |
1da177e4 LT |
1003 | |
1004 | BT_DBG("ctrl mtu %d intr mtu %d", session->ctrl_mtu, session->intr_mtu); | |
1005 | ||
1006 | session->ctrl_sock = ctrl_sock; | |
1007 | session->intr_sock = intr_sock; | |
1da177e4 | 1008 | |
3c32fa93 GP |
1009 | session->conn = hidp_get_connection(session); |
1010 | if (!session->conn) { | |
1011 | err = -ENOTCONN; | |
1012 | goto failed; | |
1013 | } | |
1014 | ||
b24b8a24 | 1015 | setup_timer(&session->timer, hidp_idle_timeout, (unsigned long)session); |
1da177e4 LT |
1016 | |
1017 | skb_queue_head_init(&session->ctrl_transmit); | |
1018 | skb_queue_head_init(&session->intr_transmit); | |
1019 | ||
0ff1731a AO |
1020 | mutex_init(&session->report_mutex); |
1021 | init_waitqueue_head(&session->report_queue); | |
0f69dca2 AO |
1022 | init_waitqueue_head(&session->startup_queue); |
1023 | session->waiting_for_startup = 1; | |
1da177e4 LT |
1024 | session->flags = req->flags & (1 << HIDP_BLUETOOTH_VENDOR_ID); |
1025 | session->idle_to = req->idle_to; | |
1026 | ||
fc225c3f | 1027 | list_add(&session->list, &hidp_session_list); |
1785dbf9 | 1028 | |
c500c971 | 1029 | if (req->rd_size > 0) { |
85cdaf52 | 1030 | err = hidp_setup_hid(session, req); |
4529eefa | 1031 | if (err && err != -ENODEV) |
edad6388 | 1032 | goto purge; |
c500c971 JS |
1033 | } |
1034 | ||
1035 | if (!session->hid) { | |
1036 | err = hidp_setup_input(session, req); | |
1037 | if (err < 0) | |
edad6388 | 1038 | goto purge; |
85cdaf52 | 1039 | } |
e1aaadd4 | 1040 | |
1da177e4 LT |
1041 | hidp_set_timer(session); |
1042 | ||
aabf6f89 SJ |
1043 | if (session->hid) { |
1044 | vendor = session->hid->vendor; | |
1045 | product = session->hid->product; | |
1046 | } else if (session->input) { | |
1047 | vendor = session->input->id.vendor; | |
1048 | product = session->input->id.product; | |
1049 | } else { | |
1050 | vendor = 0x0000; | |
1051 | product = 0x0000; | |
1052 | } | |
1053 | ||
1054 | session->task = kthread_run(hidp_session, session, "khidpd_%04x%04x", | |
1055 | vendor, product); | |
1056 | if (IS_ERR(session->task)) { | |
1057 | err = PTR_ERR(session->task); | |
1da177e4 | 1058 | goto unlink; |
aabf6f89 SJ |
1059 | } |
1060 | ||
0f69dca2 AO |
1061 | while (session->waiting_for_startup) { |
1062 | wait_event_interruptible(session->startup_queue, | |
1063 | !session->waiting_for_startup); | |
1064 | } | |
1065 | ||
3415a5fd GP |
1066 | if (session->hid) |
1067 | err = hid_add_device(session->hid); | |
1068 | else | |
1069 | err = input_register_device(session->input); | |
1070 | ||
e9d5cb54 PH |
1071 | if (err < 0) { |
1072 | atomic_inc(&session->terminate); | |
1073 | wake_up_process(session->task); | |
1074 | up_write(&hidp_session_sem); | |
1075 | return err; | |
1076 | } | |
1da177e4 LT |
1077 | |
1078 | if (session->input) { | |
1079 | hidp_send_ctrl_message(session, | |
1080 | HIDP_TRANS_SET_PROTOCOL | HIDP_PROTO_BOOT, NULL, 0); | |
1081 | session->flags |= (1 << HIDP_BOOT_PROTOCOL_MODE); | |
1082 | ||
1083 | session->leds = 0xff; | |
1084 | hidp_input_event(session->input, EV_LED, 0, 0); | |
1085 | } | |
1086 | ||
1087 | up_write(&hidp_session_sem); | |
1088 | return 0; | |
1089 | ||
1090 | unlink: | |
1091 | hidp_del_timer(session); | |
1092 | ||
edad6388 | 1093 | if (session->input) { |
1da177e4 | 1094 | input_unregister_device(session->input); |
edad6388 MH |
1095 | session->input = NULL; |
1096 | } | |
1097 | ||
1098 | if (session->hid) { | |
85cdaf52 | 1099 | hid_destroy_device(session->hid); |
edad6388 MH |
1100 | session->hid = NULL; |
1101 | } | |
1102 | ||
15c697ce MP |
1103 | kfree(session->rd_data); |
1104 | session->rd_data = NULL; | |
1105 | ||
edad6388 | 1106 | purge: |
fc225c3f | 1107 | list_del(&session->list); |
1785dbf9 | 1108 | |
c500c971 JS |
1109 | skb_queue_purge(&session->ctrl_transmit); |
1110 | skb_queue_purge(&session->intr_transmit); | |
edad6388 | 1111 | |
c500c971 JS |
1112 | failed: |
1113 | up_write(&hidp_session_sem); | |
e1aaadd4 | 1114 | |
1da177e4 LT |
1115 | kfree(session); |
1116 | return err; | |
1117 | } | |
1118 | ||
1119 | int hidp_del_connection(struct hidp_conndel_req *req) | |
1120 | { | |
1121 | struct hidp_session *session; | |
1122 | int err = 0; | |
1123 | ||
1124 | BT_DBG(""); | |
1125 | ||
1126 | down_read(&hidp_session_sem); | |
1127 | ||
1128 | session = __hidp_get_session(&req->bdaddr); | |
1129 | if (session) { | |
1130 | if (req->flags & (1 << HIDP_VIRTUAL_CABLE_UNPLUG)) { | |
1131 | hidp_send_ctrl_message(session, | |
1132 | HIDP_TRANS_HID_CONTROL | HIDP_CTRL_VIRTUAL_CABLE_UNPLUG, NULL, 0); | |
1133 | } else { | |
1134 | /* Flush the transmit queues */ | |
1135 | skb_queue_purge(&session->ctrl_transmit); | |
1136 | skb_queue_purge(&session->intr_transmit); | |
1137 | ||
7bb59df8 PH |
1138 | atomic_inc(&session->terminate); |
1139 | wake_up_process(session->task); | |
1da177e4 LT |
1140 | } |
1141 | } else | |
1142 | err = -ENOENT; | |
1143 | ||
1144 | up_read(&hidp_session_sem); | |
1145 | return err; | |
1146 | } | |
1147 | ||
1148 | int hidp_get_connlist(struct hidp_connlist_req *req) | |
1149 | { | |
cd11cdd2 | 1150 | struct hidp_session *session; |
1da177e4 LT |
1151 | int err = 0, n = 0; |
1152 | ||
1153 | BT_DBG(""); | |
1154 | ||
1155 | down_read(&hidp_session_sem); | |
1156 | ||
cd11cdd2 | 1157 | list_for_each_entry(session, &hidp_session_list, list) { |
1da177e4 LT |
1158 | struct hidp_conninfo ci; |
1159 | ||
1da177e4 LT |
1160 | __hidp_copy_session(session, &ci); |
1161 | ||
1162 | if (copy_to_user(req->ci, &ci, sizeof(ci))) { | |
1163 | err = -EFAULT; | |
1164 | break; | |
1165 | } | |
1166 | ||
1167 | if (++n >= req->cnum) | |
1168 | break; | |
1169 | ||
1170 | req->ci++; | |
1171 | } | |
1172 | req->cnum = n; | |
1173 | ||
1174 | up_read(&hidp_session_sem); | |
1175 | return err; | |
1176 | } | |
1177 | ||
1178 | int hidp_get_conninfo(struct hidp_conninfo *ci) | |
1179 | { | |
1180 | struct hidp_session *session; | |
1181 | int err = 0; | |
1182 | ||
1183 | down_read(&hidp_session_sem); | |
1184 | ||
1185 | session = __hidp_get_session(&ci->bdaddr); | |
1186 | if (session) | |
1187 | __hidp_copy_session(session, ci); | |
1188 | else | |
1189 | err = -ENOENT; | |
1190 | ||
1191 | up_read(&hidp_session_sem); | |
1192 | return err; | |
1193 | } | |
1194 | ||
1195 | static int __init hidp_init(void) | |
1196 | { | |
1da177e4 LT |
1197 | BT_INFO("HIDP (Human Interface Emulation) ver %s", VERSION); |
1198 | ||
8215d557 | 1199 | return hidp_init_sockets(); |
1da177e4 LT |
1200 | } |
1201 | ||
1202 | static void __exit hidp_exit(void) | |
1203 | { | |
1204 | hidp_cleanup_sockets(); | |
1205 | } | |
1206 | ||
1207 | module_init(hidp_init); | |
1208 | module_exit(hidp_exit); | |
1209 | ||
1210 | MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>"); | |
1211 | MODULE_DESCRIPTION("Bluetooth HIDP ver " VERSION); | |
1212 | MODULE_VERSION(VERSION); | |
1213 | MODULE_LICENSE("GPL"); | |
1214 | MODULE_ALIAS("bt-proto-6"); |