]>
Commit | Line | Data |
---|---|---|
8e87d142 | 1 | /* |
1da177e4 LT |
2 | HIDP implementation for Linux Bluetooth stack (BlueZ). |
3 | Copyright (C) 2003-2004 Marcel Holtmann <marcel@holtmann.org> | |
4 | ||
5 | This program is free software; you can redistribute it and/or modify | |
6 | it under the terms of the GNU General Public License version 2 as | |
7 | published by the Free Software Foundation; | |
8 | ||
9 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | |
10 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
11 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | |
12 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | |
8e87d142 YH |
13 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES |
14 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | |
15 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | |
1da177e4 LT |
16 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
17 | ||
8e87d142 YH |
18 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, |
19 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | |
1da177e4 LT |
20 | SOFTWARE IS DISCLAIMED. |
21 | */ | |
22 | ||
1da177e4 LT |
23 | #include <linux/module.h> |
24 | ||
25 | #include <linux/types.h> | |
26 | #include <linux/errno.h> | |
27 | #include <linux/kernel.h> | |
1da177e4 LT |
28 | #include <linux/sched.h> |
29 | #include <linux/slab.h> | |
30 | #include <linux/poll.h> | |
83144186 | 31 | #include <linux/freezer.h> |
1da177e4 LT |
32 | #include <linux/fcntl.h> |
33 | #include <linux/skbuff.h> | |
34 | #include <linux/socket.h> | |
35 | #include <linux/ioctl.h> | |
36 | #include <linux/file.h> | |
37 | #include <linux/init.h> | |
38 | #include <linux/wait.h> | |
0ff1731a | 39 | #include <linux/mutex.h> |
1da177e4 LT |
40 | #include <net/sock.h> |
41 | ||
42 | #include <linux/input.h> | |
e1aaadd4 | 43 | #include <linux/hid.h> |
364f6351 | 44 | #include <linux/hidraw.h> |
1da177e4 LT |
45 | |
46 | #include <net/bluetooth/bluetooth.h> | |
0a85b964 | 47 | #include <net/bluetooth/hci_core.h> |
1da177e4 LT |
48 | #include <net/bluetooth/l2cap.h> |
49 | ||
50 | #include "hidp.h" | |
51 | ||
e1aaadd4 | 52 | #define VERSION "1.2" |
1da177e4 LT |
53 | |
54 | static DECLARE_RWSEM(hidp_session_sem); | |
55 | static LIST_HEAD(hidp_session_list); | |
56 | ||
57 | static unsigned char hidp_keycode[256] = { | |
58 | 0, 0, 0, 0, 30, 48, 46, 32, 18, 33, 34, 35, 23, 36, 37, 38, | |
59 | 50, 49, 24, 25, 16, 19, 31, 20, 22, 47, 17, 45, 21, 44, 2, 3, | |
60 | 4, 5, 6, 7, 8, 9, 10, 11, 28, 1, 14, 15, 57, 12, 13, 26, | |
61 | 27, 43, 43, 39, 40, 41, 51, 52, 53, 58, 59, 60, 61, 62, 63, 64, | |
62 | 65, 66, 67, 68, 87, 88, 99, 70,119,110,102,104,111,107,109,106, | |
63 | 105,108,103, 69, 98, 55, 74, 78, 96, 79, 80, 81, 75, 76, 77, 71, | |
64 | 72, 73, 82, 83, 86,127,116,117,183,184,185,186,187,188,189,190, | |
65 | 191,192,193,194,134,138,130,132,128,129,131,137,133,135,136,113, | |
66 | 115,114, 0, 0, 0,121, 0, 89, 93,124, 92, 94, 95, 0, 0, 0, | |
67 | 122,123, 90, 91, 85, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
68 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
69 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
70 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
71 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
72 | 29, 42, 56,125, 97, 54,100,126,164,166,165,163,161,115,114,113, | |
73 | 150,158,159,128,136,177,178,176,142,152,173,140 | |
74 | }; | |
75 | ||
76 | static unsigned char hidp_mkeyspat[] = { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }; | |
77 | ||
78 | static struct hidp_session *__hidp_get_session(bdaddr_t *bdaddr) | |
79 | { | |
80 | struct hidp_session *session; | |
81 | struct list_head *p; | |
82 | ||
83 | BT_DBG(""); | |
84 | ||
85 | list_for_each(p, &hidp_session_list) { | |
86 | session = list_entry(p, struct hidp_session, list); | |
87 | if (!bacmp(bdaddr, &session->bdaddr)) | |
88 | return session; | |
89 | } | |
90 | return NULL; | |
91 | } | |
92 | ||
93 | static void __hidp_link_session(struct hidp_session *session) | |
94 | { | |
95 | __module_get(THIS_MODULE); | |
96 | list_add(&session->list, &hidp_session_list); | |
edad6388 MH |
97 | |
98 | hci_conn_hold_device(session->conn); | |
1da177e4 LT |
99 | } |
100 | ||
101 | static void __hidp_unlink_session(struct hidp_session *session) | |
102 | { | |
edad6388 MH |
103 | hci_conn_put_device(session->conn); |
104 | ||
1da177e4 LT |
105 | list_del(&session->list); |
106 | module_put(THIS_MODULE); | |
107 | } | |
108 | ||
109 | static void __hidp_copy_session(struct hidp_session *session, struct hidp_conninfo *ci) | |
110 | { | |
d31dbf6e | 111 | memset(ci, 0, sizeof(*ci)); |
1da177e4 LT |
112 | bacpy(&ci->bdaddr, &session->bdaddr); |
113 | ||
114 | ci->flags = session->flags; | |
115 | ci->state = session->state; | |
116 | ||
117 | ci->vendor = 0x0000; | |
118 | ci->product = 0x0000; | |
119 | ci->version = 0x0000; | |
1da177e4 LT |
120 | |
121 | if (session->input) { | |
122 | ci->vendor = session->input->id.vendor; | |
123 | ci->product = session->input->id.product; | |
124 | ci->version = session->input->id.version; | |
125 | if (session->input->name) | |
126 | strncpy(ci->name, session->input->name, 128); | |
127 | else | |
128 | strncpy(ci->name, "HID Boot Device", 128); | |
129 | } | |
e1aaadd4 MH |
130 | |
131 | if (session->hid) { | |
132 | ci->vendor = session->hid->vendor; | |
133 | ci->product = session->hid->product; | |
134 | ci->version = session->hid->version; | |
135 | strncpy(ci->name, session->hid->name, 128); | |
136 | } | |
1da177e4 LT |
137 | } |
138 | ||
91f5cca3 AM |
139 | static int hidp_queue_event(struct hidp_session *session, struct input_dev *dev, |
140 | unsigned int type, unsigned int code, int value) | |
1da177e4 | 141 | { |
1da177e4 | 142 | unsigned char newleds; |
e1aaadd4 | 143 | struct sk_buff *skb; |
1da177e4 | 144 | |
e1aaadd4 | 145 | BT_DBG("session %p type %d code %d value %d", session, type, code, value); |
1da177e4 LT |
146 | |
147 | if (type != EV_LED) | |
148 | return -1; | |
149 | ||
150 | newleds = (!!test_bit(LED_KANA, dev->led) << 3) | | |
151 | (!!test_bit(LED_COMPOSE, dev->led) << 3) | | |
152 | (!!test_bit(LED_SCROLLL, dev->led) << 2) | | |
153 | (!!test_bit(LED_CAPSL, dev->led) << 1) | | |
154 | (!!test_bit(LED_NUML, dev->led)); | |
155 | ||
156 | if (session->leds == newleds) | |
157 | return 0; | |
158 | ||
159 | session->leds = newleds; | |
160 | ||
5a08ecce AE |
161 | skb = alloc_skb(3, GFP_ATOMIC); |
162 | if (!skb) { | |
1da177e4 LT |
163 | BT_ERR("Can't allocate memory for new frame"); |
164 | return -ENOMEM; | |
165 | } | |
166 | ||
167 | *skb_put(skb, 1) = HIDP_TRANS_DATA | HIDP_DATA_RTYPE_OUPUT; | |
168 | *skb_put(skb, 1) = 0x01; | |
169 | *skb_put(skb, 1) = newleds; | |
170 | ||
171 | skb_queue_tail(&session->intr_transmit, skb); | |
172 | ||
173 | hidp_schedule(session); | |
174 | ||
175 | return 0; | |
176 | } | |
177 | ||
e1aaadd4 MH |
178 | static int hidp_hidinput_event(struct input_dev *dev, unsigned int type, unsigned int code, int value) |
179 | { | |
5be39466 | 180 | struct hid_device *hid = input_get_drvdata(dev); |
e1aaadd4 MH |
181 | struct hidp_session *session = hid->driver_data; |
182 | ||
183 | return hidp_queue_event(session, dev, type, code, value); | |
184 | } | |
185 | ||
186 | static int hidp_input_event(struct input_dev *dev, unsigned int type, unsigned int code, int value) | |
187 | { | |
5be39466 | 188 | struct hidp_session *session = input_get_drvdata(dev); |
e1aaadd4 MH |
189 | |
190 | return hidp_queue_event(session, dev, type, code, value); | |
191 | } | |
192 | ||
1da177e4 LT |
193 | static void hidp_input_report(struct hidp_session *session, struct sk_buff *skb) |
194 | { | |
195 | struct input_dev *dev = session->input; | |
196 | unsigned char *keys = session->keys; | |
197 | unsigned char *udata = skb->data + 1; | |
198 | signed char *sdata = skb->data + 1; | |
199 | int i, size = skb->len - 1; | |
200 | ||
201 | switch (skb->data[0]) { | |
202 | case 0x01: /* Keyboard report */ | |
203 | for (i = 0; i < 8; i++) | |
204 | input_report_key(dev, hidp_keycode[i + 224], (udata[0] >> i) & 1); | |
205 | ||
206 | /* If all the key codes have been set to 0x01, it means | |
207 | * too many keys were pressed at the same time. */ | |
208 | if (!memcmp(udata + 2, hidp_mkeyspat, 6)) | |
209 | break; | |
210 | ||
211 | for (i = 2; i < 8; i++) { | |
212 | if (keys[i] > 3 && memscan(udata + 2, keys[i], 6) == udata + 8) { | |
213 | if (hidp_keycode[keys[i]]) | |
214 | input_report_key(dev, hidp_keycode[keys[i]], 0); | |
215 | else | |
216 | BT_ERR("Unknown key (scancode %#x) released.", keys[i]); | |
217 | } | |
218 | ||
219 | if (udata[i] > 3 && memscan(keys + 2, udata[i], 6) == keys + 8) { | |
220 | if (hidp_keycode[udata[i]]) | |
221 | input_report_key(dev, hidp_keycode[udata[i]], 1); | |
222 | else | |
223 | BT_ERR("Unknown key (scancode %#x) pressed.", udata[i]); | |
224 | } | |
225 | } | |
226 | ||
227 | memcpy(keys, udata, 8); | |
228 | break; | |
229 | ||
230 | case 0x02: /* Mouse report */ | |
231 | input_report_key(dev, BTN_LEFT, sdata[0] & 0x01); | |
232 | input_report_key(dev, BTN_RIGHT, sdata[0] & 0x02); | |
233 | input_report_key(dev, BTN_MIDDLE, sdata[0] & 0x04); | |
234 | input_report_key(dev, BTN_SIDE, sdata[0] & 0x08); | |
235 | input_report_key(dev, BTN_EXTRA, sdata[0] & 0x10); | |
236 | ||
237 | input_report_rel(dev, REL_X, sdata[1]); | |
238 | input_report_rel(dev, REL_Y, sdata[2]); | |
239 | ||
240 | if (size > 3) | |
241 | input_report_rel(dev, REL_WHEEL, sdata[3]); | |
242 | break; | |
243 | } | |
244 | ||
245 | input_sync(dev); | |
246 | } | |
247 | ||
6bf8268f BN |
248 | static int __hidp_send_ctrl_message(struct hidp_session *session, |
249 | unsigned char hdr, unsigned char *data, int size) | |
250 | { | |
251 | struct sk_buff *skb; | |
252 | ||
253 | BT_DBG("session %p data %p size %d", session, data, size); | |
254 | ||
5a08ecce AE |
255 | skb = alloc_skb(size + 1, GFP_ATOMIC); |
256 | if (!skb) { | |
6bf8268f BN |
257 | BT_ERR("Can't allocate memory for new frame"); |
258 | return -ENOMEM; | |
259 | } | |
260 | ||
261 | *skb_put(skb, 1) = hdr; | |
262 | if (data && size > 0) | |
263 | memcpy(skb_put(skb, size), data, size); | |
264 | ||
265 | skb_queue_tail(&session->ctrl_transmit, skb); | |
266 | ||
267 | return 0; | |
268 | } | |
269 | ||
270 | static inline int hidp_send_ctrl_message(struct hidp_session *session, | |
271 | unsigned char hdr, unsigned char *data, int size) | |
272 | { | |
273 | int err; | |
274 | ||
275 | err = __hidp_send_ctrl_message(session, hdr, data, size); | |
276 | ||
277 | hidp_schedule(session); | |
278 | ||
279 | return err; | |
280 | } | |
281 | ||
91f5cca3 AM |
282 | static int hidp_queue_report(struct hidp_session *session, |
283 | unsigned char *data, int size) | |
e1aaadd4 MH |
284 | { |
285 | struct sk_buff *skb; | |
286 | ||
6792b5ec | 287 | BT_DBG("session %p hid %p data %p size %d", session, session->hid, data, size); |
e1aaadd4 | 288 | |
5a08ecce AE |
289 | skb = alloc_skb(size + 1, GFP_ATOMIC); |
290 | if (!skb) { | |
e1aaadd4 MH |
291 | BT_ERR("Can't allocate memory for new frame"); |
292 | return -ENOMEM; | |
293 | } | |
294 | ||
295 | *skb_put(skb, 1) = 0xa2; | |
296 | if (size > 0) | |
297 | memcpy(skb_put(skb, size), data, size); | |
298 | ||
299 | skb_queue_tail(&session->intr_transmit, skb); | |
300 | ||
301 | hidp_schedule(session); | |
302 | ||
303 | return 0; | |
304 | } | |
305 | ||
306 | static int hidp_send_report(struct hidp_session *session, struct hid_report *report) | |
307 | { | |
308 | unsigned char buf[32]; | |
309 | int rsize; | |
310 | ||
311 | rsize = ((report->size - 1) >> 3) + 1 + (report->id > 0); | |
312 | if (rsize > sizeof(buf)) | |
313 | return -EIO; | |
314 | ||
315 | hid_output_report(report, buf); | |
316 | ||
317 | return hidp_queue_report(session, buf, rsize); | |
318 | } | |
319 | ||
0ff1731a AO |
320 | static int hidp_get_raw_report(struct hid_device *hid, |
321 | unsigned char report_number, | |
322 | unsigned char *data, size_t count, | |
323 | unsigned char report_type) | |
324 | { | |
325 | struct hidp_session *session = hid->driver_data; | |
326 | struct sk_buff *skb; | |
327 | size_t len; | |
328 | int numbered_reports = hid->report_enum[report_type].numbered; | |
329 | ||
330 | switch (report_type) { | |
331 | case HID_FEATURE_REPORT: | |
332 | report_type = HIDP_TRANS_GET_REPORT | HIDP_DATA_RTYPE_FEATURE; | |
333 | break; | |
334 | case HID_INPUT_REPORT: | |
335 | report_type = HIDP_TRANS_GET_REPORT | HIDP_DATA_RTYPE_INPUT; | |
336 | break; | |
337 | case HID_OUTPUT_REPORT: | |
338 | report_type = HIDP_TRANS_GET_REPORT | HIDP_DATA_RTYPE_OUPUT; | |
339 | break; | |
340 | default: | |
341 | return -EINVAL; | |
342 | } | |
343 | ||
344 | if (mutex_lock_interruptible(&session->report_mutex)) | |
345 | return -ERESTARTSYS; | |
346 | ||
347 | /* Set up our wait, and send the report request to the device. */ | |
348 | session->waiting_report_type = report_type & HIDP_DATA_RTYPE_MASK; | |
349 | session->waiting_report_number = numbered_reports ? report_number : -1; | |
350 | set_bit(HIDP_WAITING_FOR_RETURN, &session->flags); | |
351 | data[0] = report_number; | |
352 | if (hidp_send_ctrl_message(hid->driver_data, report_type, data, 1)) | |
353 | goto err_eio; | |
354 | ||
355 | /* Wait for the return of the report. The returned report | |
356 | gets put in session->report_return. */ | |
357 | while (test_bit(HIDP_WAITING_FOR_RETURN, &session->flags)) { | |
358 | int res; | |
359 | ||
360 | res = wait_event_interruptible_timeout(session->report_queue, | |
361 | !test_bit(HIDP_WAITING_FOR_RETURN, &session->flags), | |
362 | 5*HZ); | |
363 | if (res == 0) { | |
364 | /* timeout */ | |
365 | goto err_eio; | |
366 | } | |
367 | if (res < 0) { | |
368 | /* signal */ | |
369 | goto err_restartsys; | |
370 | } | |
371 | } | |
372 | ||
373 | skb = session->report_return; | |
374 | if (skb) { | |
375 | len = skb->len < count ? skb->len : count; | |
376 | memcpy(data, skb->data, len); | |
377 | ||
378 | kfree_skb(skb); | |
379 | session->report_return = NULL; | |
380 | } else { | |
381 | /* Device returned a HANDSHAKE, indicating protocol error. */ | |
382 | len = -EIO; | |
383 | } | |
384 | ||
385 | clear_bit(HIDP_WAITING_FOR_RETURN, &session->flags); | |
386 | mutex_unlock(&session->report_mutex); | |
387 | ||
388 | return len; | |
389 | ||
390 | err_restartsys: | |
391 | clear_bit(HIDP_WAITING_FOR_RETURN, &session->flags); | |
392 | mutex_unlock(&session->report_mutex); | |
393 | return -ERESTARTSYS; | |
394 | err_eio: | |
395 | clear_bit(HIDP_WAITING_FOR_RETURN, &session->flags); | |
396 | mutex_unlock(&session->report_mutex); | |
397 | return -EIO; | |
398 | } | |
399 | ||
d4bfa033 JK |
400 | static int hidp_output_raw_report(struct hid_device *hid, unsigned char *data, size_t count, |
401 | unsigned char report_type) | |
2da31939 | 402 | { |
0825411a AO |
403 | struct hidp_session *session = hid->driver_data; |
404 | int ret; | |
405 | ||
d4bfa033 JK |
406 | switch (report_type) { |
407 | case HID_FEATURE_REPORT: | |
408 | report_type = HIDP_TRANS_SET_REPORT | HIDP_DATA_RTYPE_FEATURE; | |
409 | break; | |
410 | case HID_OUTPUT_REPORT: | |
97e1efbb | 411 | report_type = HIDP_TRANS_SET_REPORT | HIDP_DATA_RTYPE_OUPUT; |
d4bfa033 JK |
412 | break; |
413 | default: | |
414 | return -EINVAL; | |
415 | } | |
416 | ||
0825411a AO |
417 | if (mutex_lock_interruptible(&session->report_mutex)) |
418 | return -ERESTARTSYS; | |
419 | ||
420 | /* Set up our wait, and send the report request to the device. */ | |
421 | set_bit(HIDP_WAITING_FOR_SEND_ACK, &session->flags); | |
d4bfa033 | 422 | if (hidp_send_ctrl_message(hid->driver_data, report_type, |
0825411a AO |
423 | data, count)) { |
424 | ret = -ENOMEM; | |
425 | goto err; | |
426 | } | |
427 | ||
428 | /* Wait for the ACK from the device. */ | |
429 | while (test_bit(HIDP_WAITING_FOR_SEND_ACK, &session->flags)) { | |
430 | int res; | |
431 | ||
432 | res = wait_event_interruptible_timeout(session->report_queue, | |
433 | !test_bit(HIDP_WAITING_FOR_SEND_ACK, &session->flags), | |
434 | 10*HZ); | |
435 | if (res == 0) { | |
436 | /* timeout */ | |
437 | ret = -EIO; | |
438 | goto err; | |
439 | } | |
440 | if (res < 0) { | |
441 | /* signal */ | |
442 | ret = -ERESTARTSYS; | |
443 | goto err; | |
444 | } | |
445 | } | |
446 | ||
447 | if (!session->output_report_success) { | |
448 | ret = -EIO; | |
449 | goto err; | |
450 | } | |
451 | ||
452 | ret = count; | |
453 | ||
454 | err: | |
455 | clear_bit(HIDP_WAITING_FOR_SEND_ACK, &session->flags); | |
456 | mutex_unlock(&session->report_mutex); | |
457 | return ret; | |
2da31939 JK |
458 | } |
459 | ||
1da177e4 LT |
460 | static void hidp_idle_timeout(unsigned long arg) |
461 | { | |
462 | struct hidp_session *session = (struct hidp_session *) arg; | |
463 | ||
464 | atomic_inc(&session->terminate); | |
465 | hidp_schedule(session); | |
466 | } | |
467 | ||
91f5cca3 | 468 | static void hidp_set_timer(struct hidp_session *session) |
1da177e4 LT |
469 | { |
470 | if (session->idle_to > 0) | |
471 | mod_timer(&session->timer, jiffies + HZ * session->idle_to); | |
472 | } | |
473 | ||
474 | static inline void hidp_del_timer(struct hidp_session *session) | |
475 | { | |
476 | if (session->idle_to > 0) | |
477 | del_timer(&session->timer); | |
478 | } | |
479 | ||
91f5cca3 AM |
480 | static void hidp_process_handshake(struct hidp_session *session, |
481 | unsigned char param) | |
1da177e4 LT |
482 | { |
483 | BT_DBG("session %p param 0x%02x", session, param); | |
0825411a | 484 | session->output_report_success = 0; /* default condition */ |
1da177e4 LT |
485 | |
486 | switch (param) { | |
487 | case HIDP_HSHK_SUCCESSFUL: | |
488 | /* FIXME: Call into SET_ GET_ handlers here */ | |
0825411a | 489 | session->output_report_success = 1; |
1da177e4 LT |
490 | break; |
491 | ||
492 | case HIDP_HSHK_NOT_READY: | |
493 | case HIDP_HSHK_ERR_INVALID_REPORT_ID: | |
494 | case HIDP_HSHK_ERR_UNSUPPORTED_REQUEST: | |
495 | case HIDP_HSHK_ERR_INVALID_PARAMETER: | |
0ff1731a AO |
496 | if (test_bit(HIDP_WAITING_FOR_RETURN, &session->flags)) { |
497 | clear_bit(HIDP_WAITING_FOR_RETURN, &session->flags); | |
498 | wake_up_interruptible(&session->report_queue); | |
499 | } | |
1da177e4 LT |
500 | /* FIXME: Call into SET_ GET_ handlers here */ |
501 | break; | |
502 | ||
503 | case HIDP_HSHK_ERR_UNKNOWN: | |
504 | break; | |
505 | ||
506 | case HIDP_HSHK_ERR_FATAL: | |
507 | /* Device requests a reboot, as this is the only way this error | |
8e87d142 | 508 | * can be recovered. */ |
1da177e4 LT |
509 | __hidp_send_ctrl_message(session, |
510 | HIDP_TRANS_HID_CONTROL | HIDP_CTRL_SOFT_RESET, NULL, 0); | |
511 | break; | |
512 | ||
513 | default: | |
514 | __hidp_send_ctrl_message(session, | |
515 | HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0); | |
516 | break; | |
517 | } | |
0825411a AO |
518 | |
519 | /* Wake up the waiting thread. */ | |
520 | if (test_bit(HIDP_WAITING_FOR_SEND_ACK, &session->flags)) { | |
521 | clear_bit(HIDP_WAITING_FOR_SEND_ACK, &session->flags); | |
522 | wake_up_interruptible(&session->report_queue); | |
523 | } | |
1da177e4 LT |
524 | } |
525 | ||
91f5cca3 AM |
526 | static void hidp_process_hid_control(struct hidp_session *session, |
527 | unsigned char param) | |
1da177e4 LT |
528 | { |
529 | BT_DBG("session %p param 0x%02x", session, param); | |
530 | ||
eff001e3 | 531 | if (param == HIDP_CTRL_VIRTUAL_CABLE_UNPLUG) { |
1da177e4 LT |
532 | /* Flush the transmit queues */ |
533 | skb_queue_purge(&session->ctrl_transmit); | |
534 | skb_queue_purge(&session->intr_transmit); | |
535 | ||
536 | /* Kill session thread */ | |
537 | atomic_inc(&session->terminate); | |
981b1414 | 538 | hidp_schedule(session); |
1da177e4 LT |
539 | } |
540 | } | |
541 | ||
0ff1731a AO |
542 | /* Returns true if the passed-in skb should be freed by the caller. */ |
543 | static int hidp_process_data(struct hidp_session *session, struct sk_buff *skb, | |
91f5cca3 | 544 | unsigned char param) |
1da177e4 | 545 | { |
0ff1731a | 546 | int done_with_skb = 1; |
1da177e4 LT |
547 | BT_DBG("session %p skb %p len %d param 0x%02x", session, skb, skb->len, param); |
548 | ||
549 | switch (param) { | |
550 | case HIDP_DATA_RTYPE_INPUT: | |
551 | hidp_set_timer(session); | |
552 | ||
553 | if (session->input) | |
554 | hidp_input_report(session, skb); | |
e1aaadd4 MH |
555 | |
556 | if (session->hid) | |
557 | hid_input_report(session->hid, HID_INPUT_REPORT, skb->data, skb->len, 0); | |
1da177e4 LT |
558 | break; |
559 | ||
560 | case HIDP_DATA_RTYPE_OTHER: | |
561 | case HIDP_DATA_RTYPE_OUPUT: | |
562 | case HIDP_DATA_RTYPE_FEATURE: | |
563 | break; | |
564 | ||
565 | default: | |
566 | __hidp_send_ctrl_message(session, | |
567 | HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0); | |
568 | } | |
0ff1731a AO |
569 | |
570 | if (test_bit(HIDP_WAITING_FOR_RETURN, &session->flags) && | |
571 | param == session->waiting_report_type) { | |
572 | if (session->waiting_report_number < 0 || | |
573 | session->waiting_report_number == skb->data[0]) { | |
574 | /* hidp_get_raw_report() is waiting on this report. */ | |
575 | session->report_return = skb; | |
576 | done_with_skb = 0; | |
577 | clear_bit(HIDP_WAITING_FOR_RETURN, &session->flags); | |
578 | wake_up_interruptible(&session->report_queue); | |
579 | } | |
580 | } | |
581 | ||
582 | return done_with_skb; | |
1da177e4 LT |
583 | } |
584 | ||
91f5cca3 AM |
585 | static void hidp_recv_ctrl_frame(struct hidp_session *session, |
586 | struct sk_buff *skb) | |
1da177e4 LT |
587 | { |
588 | unsigned char hdr, type, param; | |
0ff1731a | 589 | int free_skb = 1; |
1da177e4 LT |
590 | |
591 | BT_DBG("session %p skb %p len %d", session, skb, skb->len); | |
592 | ||
593 | hdr = skb->data[0]; | |
594 | skb_pull(skb, 1); | |
595 | ||
596 | type = hdr & HIDP_HEADER_TRANS_MASK; | |
597 | param = hdr & HIDP_HEADER_PARAM_MASK; | |
598 | ||
599 | switch (type) { | |
600 | case HIDP_TRANS_HANDSHAKE: | |
601 | hidp_process_handshake(session, param); | |
602 | break; | |
603 | ||
604 | case HIDP_TRANS_HID_CONTROL: | |
605 | hidp_process_hid_control(session, param); | |
606 | break; | |
607 | ||
608 | case HIDP_TRANS_DATA: | |
0ff1731a | 609 | free_skb = hidp_process_data(session, skb, param); |
1da177e4 LT |
610 | break; |
611 | ||
612 | default: | |
613 | __hidp_send_ctrl_message(session, | |
614 | HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_UNSUPPORTED_REQUEST, NULL, 0); | |
615 | break; | |
616 | } | |
617 | ||
0ff1731a AO |
618 | if (free_skb) |
619 | kfree_skb(skb); | |
1da177e4 LT |
620 | } |
621 | ||
91f5cca3 AM |
622 | static void hidp_recv_intr_frame(struct hidp_session *session, |
623 | struct sk_buff *skb) | |
1da177e4 LT |
624 | { |
625 | unsigned char hdr; | |
626 | ||
627 | BT_DBG("session %p skb %p len %d", session, skb, skb->len); | |
628 | ||
629 | hdr = skb->data[0]; | |
630 | skb_pull(skb, 1); | |
631 | ||
632 | if (hdr == (HIDP_TRANS_DATA | HIDP_DATA_RTYPE_INPUT)) { | |
633 | hidp_set_timer(session); | |
e1aaadd4 | 634 | |
1da177e4 LT |
635 | if (session->input) |
636 | hidp_input_report(session, skb); | |
e1aaadd4 MH |
637 | |
638 | if (session->hid) { | |
639 | hid_input_report(session->hid, HID_INPUT_REPORT, skb->data, skb->len, 1); | |
640 | BT_DBG("report len %d", skb->len); | |
641 | } | |
1da177e4 LT |
642 | } else { |
643 | BT_DBG("Unsupported protocol header 0x%02x", hdr); | |
644 | } | |
645 | ||
646 | kfree_skb(skb); | |
647 | } | |
648 | ||
649 | static int hidp_send_frame(struct socket *sock, unsigned char *data, int len) | |
650 | { | |
651 | struct kvec iv = { data, len }; | |
652 | struct msghdr msg; | |
653 | ||
654 | BT_DBG("sock %p data %p len %d", sock, data, len); | |
655 | ||
656 | if (!len) | |
657 | return 0; | |
658 | ||
659 | memset(&msg, 0, sizeof(msg)); | |
660 | ||
661 | return kernel_sendmsg(sock, &msg, &iv, 1, len); | |
662 | } | |
663 | ||
b03efcfb | 664 | static void hidp_process_transmit(struct hidp_session *session) |
1da177e4 LT |
665 | { |
666 | struct sk_buff *skb; | |
667 | ||
668 | BT_DBG("session %p", session); | |
669 | ||
670 | while ((skb = skb_dequeue(&session->ctrl_transmit))) { | |
671 | if (hidp_send_frame(session->ctrl_sock, skb->data, skb->len) < 0) { | |
672 | skb_queue_head(&session->ctrl_transmit, skb); | |
673 | break; | |
674 | } | |
675 | ||
676 | hidp_set_timer(session); | |
677 | kfree_skb(skb); | |
678 | } | |
679 | ||
680 | while ((skb = skb_dequeue(&session->intr_transmit))) { | |
681 | if (hidp_send_frame(session->intr_sock, skb->data, skb->len) < 0) { | |
682 | skb_queue_head(&session->intr_transmit, skb); | |
683 | break; | |
684 | } | |
685 | ||
686 | hidp_set_timer(session); | |
687 | kfree_skb(skb); | |
688 | } | |
1da177e4 LT |
689 | } |
690 | ||
691 | static int hidp_session(void *arg) | |
692 | { | |
693 | struct hidp_session *session = arg; | |
694 | struct sock *ctrl_sk = session->ctrl_sock->sk; | |
695 | struct sock *intr_sk = session->intr_sock->sk; | |
696 | struct sk_buff *skb; | |
697 | int vendor = 0x0000, product = 0x0000; | |
698 | wait_queue_t ctrl_wait, intr_wait; | |
699 | ||
700 | BT_DBG("session %p", session); | |
701 | ||
702 | if (session->input) { | |
703 | vendor = session->input->id.vendor; | |
704 | product = session->input->id.product; | |
705 | } | |
706 | ||
e1aaadd4 MH |
707 | if (session->hid) { |
708 | vendor = session->hid->vendor; | |
709 | product = session->hid->product; | |
710 | } | |
711 | ||
1da177e4 LT |
712 | daemonize("khidpd_%04x%04x", vendor, product); |
713 | set_user_nice(current, -15); | |
1da177e4 LT |
714 | |
715 | init_waitqueue_entry(&ctrl_wait, current); | |
716 | init_waitqueue_entry(&intr_wait, current); | |
aa395145 ED |
717 | add_wait_queue(sk_sleep(ctrl_sk), &ctrl_wait); |
718 | add_wait_queue(sk_sleep(intr_sk), &intr_wait); | |
0f69dca2 AO |
719 | session->waiting_for_startup = 0; |
720 | wake_up_interruptible(&session->startup_queue); | |
1da177e4 LT |
721 | while (!atomic_read(&session->terminate)) { |
722 | set_current_state(TASK_INTERRUPTIBLE); | |
723 | ||
724 | if (ctrl_sk->sk_state != BT_CONNECTED || intr_sk->sk_state != BT_CONNECTED) | |
725 | break; | |
726 | ||
727 | while ((skb = skb_dequeue(&ctrl_sk->sk_receive_queue))) { | |
728 | skb_orphan(skb); | |
729 | hidp_recv_ctrl_frame(session, skb); | |
730 | } | |
731 | ||
732 | while ((skb = skb_dequeue(&intr_sk->sk_receive_queue))) { | |
733 | skb_orphan(skb); | |
734 | hidp_recv_intr_frame(session, skb); | |
735 | } | |
736 | ||
737 | hidp_process_transmit(session); | |
738 | ||
739 | schedule(); | |
740 | } | |
741 | set_current_state(TASK_RUNNING); | |
aa395145 ED |
742 | remove_wait_queue(sk_sleep(intr_sk), &intr_wait); |
743 | remove_wait_queue(sk_sleep(ctrl_sk), &ctrl_wait); | |
1da177e4 LT |
744 | |
745 | down_write(&hidp_session_sem); | |
746 | ||
747 | hidp_del_timer(session); | |
748 | ||
1da177e4 LT |
749 | if (session->input) { |
750 | input_unregister_device(session->input); | |
34abf91f | 751 | session->input = NULL; |
1da177e4 LT |
752 | } |
753 | ||
e1aaadd4 | 754 | if (session->hid) { |
85cdaf52 | 755 | hid_destroy_device(session->hid); |
edad6388 | 756 | session->hid = NULL; |
e1aaadd4 MH |
757 | } |
758 | ||
ec8dab36 MH |
759 | /* Wakeup user-space polling for socket errors */ |
760 | session->intr_sock->sk->sk_err = EUNATCH; | |
761 | session->ctrl_sock->sk->sk_err = EUNATCH; | |
762 | ||
763 | hidp_schedule(session); | |
764 | ||
1c39858b DW |
765 | fput(session->intr_sock->file); |
766 | ||
aa395145 | 767 | wait_event_timeout(*(sk_sleep(ctrl_sk)), |
1c39858b DW |
768 | (ctrl_sk->sk_state == BT_CLOSED), msecs_to_jiffies(500)); |
769 | ||
770 | fput(session->ctrl_sock->file); | |
771 | ||
772 | __hidp_unlink_session(session); | |
773 | ||
1da177e4 LT |
774 | up_write(&hidp_session_sem); |
775 | ||
776 | kfree(session); | |
777 | return 0; | |
778 | } | |
779 | ||
0a85b964 MH |
780 | static struct device *hidp_get_device(struct hidp_session *session) |
781 | { | |
782 | bdaddr_t *src = &bt_sk(session->ctrl_sock->sk)->src; | |
783 | bdaddr_t *dst = &bt_sk(session->ctrl_sock->sk)->dst; | |
edad6388 | 784 | struct device *device = NULL; |
0a85b964 | 785 | struct hci_dev *hdev; |
0a85b964 MH |
786 | |
787 | hdev = hci_get_route(dst, src); | |
788 | if (!hdev) | |
789 | return NULL; | |
790 | ||
edad6388 MH |
791 | session->conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst); |
792 | if (session->conn) | |
793 | device = &session->conn->dev; | |
0a85b964 MH |
794 | |
795 | hci_dev_put(hdev); | |
796 | ||
edad6388 | 797 | return device; |
0a85b964 MH |
798 | } |
799 | ||
91f5cca3 AM |
800 | static int hidp_setup_input(struct hidp_session *session, |
801 | struct hidp_connadd_req *req) | |
1da177e4 | 802 | { |
c500c971 | 803 | struct input_dev *input; |
edad6388 | 804 | int err, i; |
1da177e4 | 805 | |
c500c971 JS |
806 | input = input_allocate_device(); |
807 | if (!input) | |
808 | return -ENOMEM; | |
809 | ||
810 | session->input = input; | |
811 | ||
5be39466 | 812 | input_set_drvdata(input, session); |
1da177e4 | 813 | |
34abf91f DT |
814 | input->name = "Bluetooth HID Boot Protocol Device"; |
815 | ||
1da177e4 LT |
816 | input->id.bustype = BUS_BLUETOOTH; |
817 | input->id.vendor = req->vendor; | |
818 | input->id.product = req->product; | |
819 | input->id.version = req->version; | |
820 | ||
821 | if (req->subclass & 0x40) { | |
822 | set_bit(EV_KEY, input->evbit); | |
823 | set_bit(EV_LED, input->evbit); | |
824 | set_bit(EV_REP, input->evbit); | |
825 | ||
826 | set_bit(LED_NUML, input->ledbit); | |
827 | set_bit(LED_CAPSL, input->ledbit); | |
828 | set_bit(LED_SCROLLL, input->ledbit); | |
829 | set_bit(LED_COMPOSE, input->ledbit); | |
830 | set_bit(LED_KANA, input->ledbit); | |
831 | ||
832 | for (i = 0; i < sizeof(hidp_keycode); i++) | |
833 | set_bit(hidp_keycode[i], input->keybit); | |
834 | clear_bit(0, input->keybit); | |
835 | } | |
836 | ||
837 | if (req->subclass & 0x80) { | |
7b19ada2 JS |
838 | input->evbit[0] = BIT_MASK(EV_KEY) | BIT_MASK(EV_REL); |
839 | input->keybit[BIT_WORD(BTN_MOUSE)] = BIT_MASK(BTN_LEFT) | | |
840 | BIT_MASK(BTN_RIGHT) | BIT_MASK(BTN_MIDDLE); | |
841 | input->relbit[0] = BIT_MASK(REL_X) | BIT_MASK(REL_Y); | |
842 | input->keybit[BIT_WORD(BTN_MOUSE)] |= BIT_MASK(BTN_SIDE) | | |
843 | BIT_MASK(BTN_EXTRA); | |
844 | input->relbit[0] |= BIT_MASK(REL_WHEEL); | |
1da177e4 LT |
845 | } |
846 | ||
5be39466 | 847 | input->dev.parent = hidp_get_device(session); |
0a85b964 | 848 | |
1da177e4 LT |
849 | input->event = hidp_input_event; |
850 | ||
edad6388 MH |
851 | err = input_register_device(input); |
852 | if (err < 0) { | |
853 | hci_conn_put_device(session->conn); | |
854 | return err; | |
855 | } | |
856 | ||
857 | return 0; | |
1da177e4 LT |
858 | } |
859 | ||
f5ffd462 MH |
860 | static int hidp_open(struct hid_device *hid) |
861 | { | |
862 | return 0; | |
863 | } | |
864 | ||
865 | static void hidp_close(struct hid_device *hid) | |
866 | { | |
867 | } | |
868 | ||
c500c971 JS |
869 | static int hidp_parse(struct hid_device *hid) |
870 | { | |
871 | struct hidp_session *session = hid->driver_data; | |
c500c971 | 872 | |
15c697ce MP |
873 | return hid_parse_report(session->hid, session->rd_data, |
874 | session->rd_size); | |
c500c971 JS |
875 | } |
876 | ||
877 | static int hidp_start(struct hid_device *hid) | |
878 | { | |
879 | struct hidp_session *session = hid->driver_data; | |
880 | struct hid_report *report; | |
881 | ||
882 | list_for_each_entry(report, &hid->report_enum[HID_INPUT_REPORT]. | |
883 | report_list, list) | |
884 | hidp_send_report(session, report); | |
885 | ||
886 | list_for_each_entry(report, &hid->report_enum[HID_FEATURE_REPORT]. | |
887 | report_list, list) | |
888 | hidp_send_report(session, report); | |
889 | ||
c500c971 JS |
890 | return 0; |
891 | } | |
892 | ||
893 | static void hidp_stop(struct hid_device *hid) | |
894 | { | |
895 | struct hidp_session *session = hid->driver_data; | |
896 | ||
897 | skb_queue_purge(&session->ctrl_transmit); | |
898 | skb_queue_purge(&session->intr_transmit); | |
899 | ||
c500c971 JS |
900 | hid->claimed = 0; |
901 | } | |
902 | ||
903 | static struct hid_ll_driver hidp_hid_driver = { | |
904 | .parse = hidp_parse, | |
905 | .start = hidp_start, | |
906 | .stop = hidp_stop, | |
907 | .open = hidp_open, | |
908 | .close = hidp_close, | |
909 | .hidinput_input_event = hidp_hidinput_event, | |
910 | }; | |
911 | ||
0f69dca2 AO |
912 | /* This function sets up the hid device. It does not add it |
913 | to the HID system. That is done in hidp_add_connection(). */ | |
85cdaf52 | 914 | static int hidp_setup_hid(struct hidp_session *session, |
91f5cca3 | 915 | struct hidp_connadd_req *req) |
e1aaadd4 | 916 | { |
c500c971 | 917 | struct hid_device *hid; |
edad6388 | 918 | int err; |
e1aaadd4 | 919 | |
15c697ce MP |
920 | session->rd_data = kzalloc(req->rd_size, GFP_KERNEL); |
921 | if (!session->rd_data) | |
922 | return -ENOMEM; | |
923 | ||
924 | if (copy_from_user(session->rd_data, req->rd_data, req->rd_size)) { | |
925 | err = -EFAULT; | |
926 | goto fault; | |
927 | } | |
928 | session->rd_size = req->rd_size; | |
929 | ||
c500c971 | 930 | hid = hid_allocate_device(); |
15c697ce MP |
931 | if (IS_ERR(hid)) { |
932 | err = PTR_ERR(hid); | |
933 | goto fault; | |
934 | } | |
e1aaadd4 | 935 | |
c500c971 | 936 | session->hid = hid; |
15c697ce | 937 | |
e1aaadd4 MH |
938 | hid->driver_data = session; |
939 | ||
e1aaadd4 MH |
940 | hid->bus = BUS_BLUETOOTH; |
941 | hid->vendor = req->vendor; | |
942 | hid->product = req->product; | |
943 | hid->version = req->version; | |
c500c971 | 944 | hid->country = req->country; |
e1aaadd4 MH |
945 | |
946 | strncpy(hid->name, req->name, 128); | |
d6b2eb2f GP |
947 | strncpy(hid->phys, batostr(&bt_sk(session->ctrl_sock->sk)->src), 64); |
948 | strncpy(hid->uniq, batostr(&bt_sk(session->ctrl_sock->sk)->dst), 64); | |
e1aaadd4 | 949 | |
85cdaf52 | 950 | hid->dev.parent = hidp_get_device(session); |
c500c971 | 951 | hid->ll_driver = &hidp_hid_driver; |
85cdaf52 | 952 | |
0ff1731a | 953 | hid->hid_get_raw_report = hidp_get_raw_report; |
2da31939 JK |
954 | hid->hid_output_raw_report = hidp_output_raw_report; |
955 | ||
c500c971 | 956 | return 0; |
edad6388 | 957 | |
15c697ce MP |
958 | fault: |
959 | kfree(session->rd_data); | |
960 | session->rd_data = NULL; | |
961 | ||
edad6388 | 962 | return err; |
e1aaadd4 MH |
963 | } |
964 | ||
1da177e4 LT |
965 | int hidp_add_connection(struct hidp_connadd_req *req, struct socket *ctrl_sock, struct socket *intr_sock) |
966 | { | |
967 | struct hidp_session *session, *s; | |
968 | int err; | |
969 | ||
970 | BT_DBG(""); | |
971 | ||
972 | if (bacmp(&bt_sk(ctrl_sock->sk)->src, &bt_sk(intr_sock->sk)->src) || | |
973 | bacmp(&bt_sk(ctrl_sock->sk)->dst, &bt_sk(intr_sock->sk)->dst)) | |
974 | return -ENOTUNIQ; | |
975 | ||
25ea6db0 | 976 | session = kzalloc(sizeof(struct hidp_session), GFP_KERNEL); |
34abf91f | 977 | if (!session) |
1da177e4 | 978 | return -ENOMEM; |
1da177e4 | 979 | |
e1aaadd4 MH |
980 | BT_DBG("rd_data %p rd_size %d", req->rd_data, req->rd_size); |
981 | ||
1da177e4 LT |
982 | down_write(&hidp_session_sem); |
983 | ||
984 | s = __hidp_get_session(&bt_sk(ctrl_sock->sk)->dst); | |
985 | if (s && s->state == BT_CONNECTED) { | |
986 | err = -EEXIST; | |
987 | goto failed; | |
988 | } | |
989 | ||
990 | bacpy(&session->bdaddr, &bt_sk(ctrl_sock->sk)->dst); | |
991 | ||
992 | session->ctrl_mtu = min_t(uint, l2cap_pi(ctrl_sock->sk)->omtu, l2cap_pi(ctrl_sock->sk)->imtu); | |
993 | session->intr_mtu = min_t(uint, l2cap_pi(intr_sock->sk)->omtu, l2cap_pi(intr_sock->sk)->imtu); | |
994 | ||
995 | BT_DBG("ctrl mtu %d intr mtu %d", session->ctrl_mtu, session->intr_mtu); | |
996 | ||
997 | session->ctrl_sock = ctrl_sock; | |
998 | session->intr_sock = intr_sock; | |
999 | session->state = BT_CONNECTED; | |
1000 | ||
b24b8a24 | 1001 | setup_timer(&session->timer, hidp_idle_timeout, (unsigned long)session); |
1da177e4 LT |
1002 | |
1003 | skb_queue_head_init(&session->ctrl_transmit); | |
1004 | skb_queue_head_init(&session->intr_transmit); | |
1005 | ||
0ff1731a AO |
1006 | mutex_init(&session->report_mutex); |
1007 | init_waitqueue_head(&session->report_queue); | |
0f69dca2 AO |
1008 | init_waitqueue_head(&session->startup_queue); |
1009 | session->waiting_for_startup = 1; | |
1da177e4 LT |
1010 | session->flags = req->flags & (1 << HIDP_BLUETOOTH_VENDOR_ID); |
1011 | session->idle_to = req->idle_to; | |
1012 | ||
c500c971 | 1013 | if (req->rd_size > 0) { |
85cdaf52 | 1014 | err = hidp_setup_hid(session, req); |
d458a9df | 1015 | if (err && err != -ENODEV) |
edad6388 | 1016 | goto purge; |
c500c971 JS |
1017 | } |
1018 | ||
1019 | if (!session->hid) { | |
1020 | err = hidp_setup_input(session, req); | |
1021 | if (err < 0) | |
edad6388 | 1022 | goto purge; |
85cdaf52 | 1023 | } |
e1aaadd4 | 1024 | |
1da177e4 LT |
1025 | __hidp_link_session(session); |
1026 | ||
1027 | hidp_set_timer(session); | |
1028 | ||
1029 | err = kernel_thread(hidp_session, session, CLONE_KERNEL); | |
1030 | if (err < 0) | |
1031 | goto unlink; | |
0f69dca2 AO |
1032 | while (session->waiting_for_startup) { |
1033 | wait_event_interruptible(session->startup_queue, | |
1034 | !session->waiting_for_startup); | |
1035 | } | |
1036 | ||
1037 | err = hid_add_device(session->hid); | |
1038 | if (err < 0) | |
1039 | goto err_add_device; | |
1da177e4 LT |
1040 | |
1041 | if (session->input) { | |
1042 | hidp_send_ctrl_message(session, | |
1043 | HIDP_TRANS_SET_PROTOCOL | HIDP_PROTO_BOOT, NULL, 0); | |
1044 | session->flags |= (1 << HIDP_BOOT_PROTOCOL_MODE); | |
1045 | ||
1046 | session->leds = 0xff; | |
1047 | hidp_input_event(session->input, EV_LED, 0, 0); | |
1048 | } | |
1049 | ||
1050 | up_write(&hidp_session_sem); | |
1051 | return 0; | |
1052 | ||
0f69dca2 AO |
1053 | err_add_device: |
1054 | hid_destroy_device(session->hid); | |
1055 | session->hid = NULL; | |
1056 | atomic_inc(&session->terminate); | |
1057 | hidp_schedule(session); | |
1058 | ||
1da177e4 LT |
1059 | unlink: |
1060 | hidp_del_timer(session); | |
1061 | ||
1062 | __hidp_unlink_session(session); | |
1063 | ||
edad6388 | 1064 | if (session->input) { |
1da177e4 | 1065 | input_unregister_device(session->input); |
edad6388 MH |
1066 | session->input = NULL; |
1067 | } | |
1068 | ||
1069 | if (session->hid) { | |
85cdaf52 | 1070 | hid_destroy_device(session->hid); |
edad6388 MH |
1071 | session->hid = NULL; |
1072 | } | |
1073 | ||
15c697ce MP |
1074 | kfree(session->rd_data); |
1075 | session->rd_data = NULL; | |
1076 | ||
edad6388 | 1077 | purge: |
c500c971 JS |
1078 | skb_queue_purge(&session->ctrl_transmit); |
1079 | skb_queue_purge(&session->intr_transmit); | |
edad6388 | 1080 | |
c500c971 JS |
1081 | failed: |
1082 | up_write(&hidp_session_sem); | |
e1aaadd4 | 1083 | |
5be39466 | 1084 | input_free_device(session->input); |
1da177e4 LT |
1085 | kfree(session); |
1086 | return err; | |
1087 | } | |
1088 | ||
1089 | int hidp_del_connection(struct hidp_conndel_req *req) | |
1090 | { | |
1091 | struct hidp_session *session; | |
1092 | int err = 0; | |
1093 | ||
1094 | BT_DBG(""); | |
1095 | ||
1096 | down_read(&hidp_session_sem); | |
1097 | ||
1098 | session = __hidp_get_session(&req->bdaddr); | |
1099 | if (session) { | |
1100 | if (req->flags & (1 << HIDP_VIRTUAL_CABLE_UNPLUG)) { | |
1101 | hidp_send_ctrl_message(session, | |
1102 | HIDP_TRANS_HID_CONTROL | HIDP_CTRL_VIRTUAL_CABLE_UNPLUG, NULL, 0); | |
1103 | } else { | |
1104 | /* Flush the transmit queues */ | |
1105 | skb_queue_purge(&session->ctrl_transmit); | |
1106 | skb_queue_purge(&session->intr_transmit); | |
1107 | ||
ec8dab36 MH |
1108 | /* Wakeup user-space polling for socket errors */ |
1109 | session->intr_sock->sk->sk_err = EUNATCH; | |
1110 | session->ctrl_sock->sk->sk_err = EUNATCH; | |
1111 | ||
1da177e4 LT |
1112 | /* Kill session thread */ |
1113 | atomic_inc(&session->terminate); | |
1114 | hidp_schedule(session); | |
1115 | } | |
1116 | } else | |
1117 | err = -ENOENT; | |
1118 | ||
1119 | up_read(&hidp_session_sem); | |
1120 | return err; | |
1121 | } | |
1122 | ||
1123 | int hidp_get_connlist(struct hidp_connlist_req *req) | |
1124 | { | |
1125 | struct list_head *p; | |
1126 | int err = 0, n = 0; | |
1127 | ||
1128 | BT_DBG(""); | |
1129 | ||
1130 | down_read(&hidp_session_sem); | |
1131 | ||
1132 | list_for_each(p, &hidp_session_list) { | |
1133 | struct hidp_session *session; | |
1134 | struct hidp_conninfo ci; | |
1135 | ||
1136 | session = list_entry(p, struct hidp_session, list); | |
1137 | ||
1138 | __hidp_copy_session(session, &ci); | |
1139 | ||
1140 | if (copy_to_user(req->ci, &ci, sizeof(ci))) { | |
1141 | err = -EFAULT; | |
1142 | break; | |
1143 | } | |
1144 | ||
1145 | if (++n >= req->cnum) | |
1146 | break; | |
1147 | ||
1148 | req->ci++; | |
1149 | } | |
1150 | req->cnum = n; | |
1151 | ||
1152 | up_read(&hidp_session_sem); | |
1153 | return err; | |
1154 | } | |
1155 | ||
1156 | int hidp_get_conninfo(struct hidp_conninfo *ci) | |
1157 | { | |
1158 | struct hidp_session *session; | |
1159 | int err = 0; | |
1160 | ||
1161 | down_read(&hidp_session_sem); | |
1162 | ||
1163 | session = __hidp_get_session(&ci->bdaddr); | |
1164 | if (session) | |
1165 | __hidp_copy_session(session, ci); | |
1166 | else | |
1167 | err = -ENOENT; | |
1168 | ||
1169 | up_read(&hidp_session_sem); | |
1170 | return err; | |
1171 | } | |
1172 | ||
85cdaf52 JS |
1173 | static const struct hid_device_id hidp_table[] = { |
1174 | { HID_BLUETOOTH_DEVICE(HID_ANY_ID, HID_ANY_ID) }, | |
1175 | { } | |
1176 | }; | |
1177 | ||
1178 | static struct hid_driver hidp_driver = { | |
1179 | .name = "generic-bluetooth", | |
1180 | .id_table = hidp_table, | |
1181 | }; | |
1182 | ||
1da177e4 LT |
1183 | static int __init hidp_init(void) |
1184 | { | |
85cdaf52 JS |
1185 | int ret; |
1186 | ||
1da177e4 LT |
1187 | BT_INFO("HIDP (Human Interface Emulation) ver %s", VERSION); |
1188 | ||
85cdaf52 JS |
1189 | ret = hid_register_driver(&hidp_driver); |
1190 | if (ret) | |
1191 | goto err; | |
1192 | ||
1193 | ret = hidp_init_sockets(); | |
1194 | if (ret) | |
1195 | goto err_drv; | |
1196 | ||
1197 | return 0; | |
1198 | err_drv: | |
1199 | hid_unregister_driver(&hidp_driver); | |
1200 | err: | |
1201 | return ret; | |
1da177e4 LT |
1202 | } |
1203 | ||
1204 | static void __exit hidp_exit(void) | |
1205 | { | |
1206 | hidp_cleanup_sockets(); | |
85cdaf52 | 1207 | hid_unregister_driver(&hidp_driver); |
1da177e4 LT |
1208 | } |
1209 | ||
1210 | module_init(hidp_init); | |
1211 | module_exit(hidp_exit); | |
1212 | ||
1213 | MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>"); | |
1214 | MODULE_DESCRIPTION("Bluetooth HIDP ver " VERSION); | |
1215 | MODULE_VERSION(VERSION); | |
1216 | MODULE_LICENSE("GPL"); | |
1217 | MODULE_ALIAS("bt-proto-6"); |