]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blame - net/bluetooth/hidp/core.c
projects / mirror_ubuntu-bionic-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
bluetooth: hidp_process_hid_control remove unnecessary parameter dealing
[mirror_ubuntu-bionic-kernel.git] / net / bluetooth / hidp / core.c
CommitLineData
8e87d142 1/*
1da177e4
LT		 2 HIDP implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2003-2004 Marcel Holtmann <marcel@holtmann.org>
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
8e87d142
YH		 18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 20 SOFTWARE IS DISCLAIMED.
21*/
22
1da177e4
LT		 23#include <linux/module.h>
24
25#include <linux/types.h>
26#include <linux/errno.h>
27#include <linux/kernel.h>
1da177e4
LT		 28#include <linux/sched.h>
29#include <linux/slab.h>
30#include <linux/poll.h>
83144186 31#include <linux/freezer.h>
1da177e4
LT		 32#include <linux/fcntl.h>
33#include <linux/skbuff.h>
34#include <linux/socket.h>
35#include <linux/ioctl.h>
36#include <linux/file.h>
37#include <linux/init.h>
38#include <linux/wait.h>
39#include <net/sock.h>
40
41#include <linux/input.h>
e1aaadd4 42#include <linux/hid.h>
1da177e4
LT		 43
44#include <net/bluetooth/bluetooth.h>
0a85b964 45#include <net/bluetooth/hci_core.h>
1da177e4
LT		 46#include <net/bluetooth/l2cap.h>
47
48#include "hidp.h"
49
50#ifndef CONFIG_BT_HIDP_DEBUG
51#undef BT_DBG
52#define BT_DBG(D...)
53#endif
54
e1aaadd4 55#define VERSION "1.2"
1da177e4
LT		 56
57static DECLARE_RWSEM(hidp_session_sem);
58static LIST_HEAD(hidp_session_list);
59
60static unsigned char hidp_keycode[256] = {
61 0, 0, 0, 0, 30, 48, 46, 32, 18, 33, 34, 35, 23, 36, 37, 38,
62 50, 49, 24, 25, 16, 19, 31, 20, 22, 47, 17, 45, 21, 44, 2, 3,
63 4, 5, 6, 7, 8, 9, 10, 11, 28, 1, 14, 15, 57, 12, 13, 26,
64 27, 43, 43, 39, 40, 41, 51, 52, 53, 58, 59, 60, 61, 62, 63, 64,
65 65, 66, 67, 68, 87, 88, 99, 70,119,110,102,104,111,107,109,106,
66 105,108,103, 69, 98, 55, 74, 78, 96, 79, 80, 81, 75, 76, 77, 71,
67 72, 73, 82, 83, 86,127,116,117,183,184,185,186,187,188,189,190,
68 191,192,193,194,134,138,130,132,128,129,131,137,133,135,136,113,
69 115,114, 0, 0, 0,121, 0, 89, 93,124, 92, 94, 95, 0, 0, 0,
70 122,123, 90, 91, 85, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
71 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
72 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
73 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
74 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
75 29, 42, 56,125, 97, 54,100,126,164,166,165,163,161,115,114,113,
76 150,158,159,128,136,177,178,176,142,152,173,140
77};
78
79static unsigned char hidp_mkeyspat[] = { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 };
80
81static struct hidp_session *__hidp_get_session(bdaddr_t *bdaddr)
82{
83 struct hidp_session *session;
84 struct list_head *p;
85
86 BT_DBG("");
87
88 list_for_each(p, &hidp_session_list) {
89 session = list_entry(p, struct hidp_session, list);
90 if (!bacmp(bdaddr, &session->bdaddr))
91 return session;
92 }
93 return NULL;
94}
95
96static void __hidp_link_session(struct hidp_session *session)
97{
98 __module_get(THIS_MODULE);
99 list_add(&session->list, &hidp_session_list);
100}
101
102static void __hidp_unlink_session(struct hidp_session *session)
103{
104 list_del(&session->list);
105 module_put(THIS_MODULE);
106}
107
108static void __hidp_copy_session(struct hidp_session *session, struct hidp_conninfo *ci)
109{
110 bacpy(&ci->bdaddr, &session->bdaddr);
111
112 ci->flags = session->flags;
113 ci->state = session->state;
114
115 ci->vendor = 0x0000;
116 ci->product = 0x0000;
117 ci->version = 0x0000;
118 memset(ci->name, 0, 128);
119
120 if (session->input) {
121 ci->vendor = session->input->id.vendor;
122 ci->product = session->input->id.product;
123 ci->version = session->input->id.version;
124 if (session->input->name)
125 strncpy(ci->name, session->input->name, 128);
126 else
127 strncpy(ci->name, "HID Boot Device", 128);
128 }
e1aaadd4
MH		 129
130 if (session->hid) {
131 ci->vendor = session->hid->vendor;
132 ci->product = session->hid->product;
133 ci->version = session->hid->version;
134 strncpy(ci->name, session->hid->name, 128);
135 }
1da177e4
LT		 136}
137
e1aaadd4
MH		 138static inline int hidp_queue_event(struct hidp_session *session, struct input_dev *dev,
139 unsigned int type, unsigned int code, int value)
1da177e4 140{
1da177e4 141 unsigned char newleds;
e1aaadd4 142 struct sk_buff *skb;
1da177e4 143
e1aaadd4 144 BT_DBG("session %p type %d code %d value %d", session, type, code, value);
1da177e4
LT		 145
146 if (type != EV_LED)
147 return -1;
148
149 newleds = (!!test_bit(LED_KANA, dev->led) << 3) |
150 (!!test_bit(LED_COMPOSE, dev->led) << 3) |
151 (!!test_bit(LED_SCROLLL, dev->led) << 2) |
152 (!!test_bit(LED_CAPSL, dev->led) << 1) |
153 (!!test_bit(LED_NUML, dev->led));
154
155 if (session->leds == newleds)
156 return 0;
157
158 session->leds = newleds;
159
160 if (!(skb = alloc_skb(3, GFP_ATOMIC))) {
161 BT_ERR("Can't allocate memory for new frame");
162 return -ENOMEM;
163 }
164
165 *skb_put(skb, 1) = HIDP_TRANS_DATA | HIDP_DATA_RTYPE_OUPUT;
166 *skb_put(skb, 1) = 0x01;
167 *skb_put(skb, 1) = newleds;
168
169 skb_queue_tail(&session->intr_transmit, skb);
170
171 hidp_schedule(session);
172
173 return 0;
174}
175
e1aaadd4
MH		 176static int hidp_hidinput_event(struct input_dev *dev, unsigned int type, unsigned int code, int value)
177{
5be39466 178 struct hid_device *hid = input_get_drvdata(dev);
e1aaadd4
MH		 179 struct hidp_session *session = hid->driver_data;
180
181 return hidp_queue_event(session, dev, type, code, value);
182}
183
184static int hidp_input_event(struct input_dev *dev, unsigned int type, unsigned int code, int value)
185{
5be39466 186 struct hidp_session *session = input_get_drvdata(dev);
e1aaadd4
MH		 187
188 return hidp_queue_event(session, dev, type, code, value);
189}
190
1da177e4
LT		 191static void hidp_input_report(struct hidp_session *session, struct sk_buff *skb)
192{
193 struct input_dev *dev = session->input;
194 unsigned char *keys = session->keys;
195 unsigned char *udata = skb->data + 1;
196 signed char *sdata = skb->data + 1;
197 int i, size = skb->len - 1;
198
199 switch (skb->data[0]) {
200 case 0x01: /* Keyboard report */
201 for (i = 0; i < 8; i++)
202 input_report_key(dev, hidp_keycode[i + 224], (udata[0] >> i) & 1);
203
204 /* If all the key codes have been set to 0x01, it means
205 * too many keys were pressed at the same time. */
206 if (!memcmp(udata + 2, hidp_mkeyspat, 6))
207 break;
208
209 for (i = 2; i < 8; i++) {
210 if (keys[i] > 3 && memscan(udata + 2, keys[i], 6) == udata + 8) {
211 if (hidp_keycode[keys[i]])
212 input_report_key(dev, hidp_keycode[keys[i]], 0);
213 else
214 BT_ERR("Unknown key (scancode %#x) released.", keys[i]);
215 }
216
217 if (udata[i] > 3 && memscan(keys + 2, udata[i], 6) == keys + 8) {
218 if (hidp_keycode[udata[i]])
219 input_report_key(dev, hidp_keycode[udata[i]], 1);
220 else
221 BT_ERR("Unknown key (scancode %#x) pressed.", udata[i]);
222 }
223 }
224
225 memcpy(keys, udata, 8);
226 break;
227
228 case 0x02: /* Mouse report */
229 input_report_key(dev, BTN_LEFT, sdata[0] & 0x01);
230 input_report_key(dev, BTN_RIGHT, sdata[0] & 0x02);
231 input_report_key(dev, BTN_MIDDLE, sdata[0] & 0x04);
232 input_report_key(dev, BTN_SIDE, sdata[0] & 0x08);
233 input_report_key(dev, BTN_EXTRA, sdata[0] & 0x10);
234
235 input_report_rel(dev, REL_X, sdata[1]);
236 input_report_rel(dev, REL_Y, sdata[2]);
237
238 if (size > 3)
239 input_report_rel(dev, REL_WHEEL, sdata[3]);
240 break;
241 }
242
243 input_sync(dev);
244}
245
e1aaadd4
MH		 246static inline int hidp_queue_report(struct hidp_session *session, unsigned char *data, int size)
247{
248 struct sk_buff *skb;
249
6792b5ec 250 BT_DBG("session %p hid %p data %p size %d", session, session->hid, data, size);
e1aaadd4
MH		 251
252 if (!(skb = alloc_skb(size + 1, GFP_ATOMIC))) {
253 BT_ERR("Can't allocate memory for new frame");
254 return -ENOMEM;
255 }
256
257 *skb_put(skb, 1) = 0xa2;
258 if (size > 0)
259 memcpy(skb_put(skb, size), data, size);
260
261 skb_queue_tail(&session->intr_transmit, skb);
262
263 hidp_schedule(session);
264
265 return 0;
266}
267
268static int hidp_send_report(struct hidp_session *session, struct hid_report *report)
269{
270 unsigned char buf[32];
271 int rsize;
272
273 rsize = ((report->size - 1) >> 3) + 1 + (report->id > 0);
274 if (rsize > sizeof(buf))
275 return -EIO;
276
277 hid_output_report(report, buf);
278
279 return hidp_queue_report(session, buf, rsize);
280}
281
1da177e4
LT		 282static void hidp_idle_timeout(unsigned long arg)
283{
284 struct hidp_session *session = (struct hidp_session *) arg;
285
286 atomic_inc(&session->terminate);
287 hidp_schedule(session);
288}
289
290static inline void hidp_set_timer(struct hidp_session *session)
291{
292 if (session->idle_to > 0)
293 mod_timer(&session->timer, jiffies + HZ * session->idle_to);
294}
295
296static inline void hidp_del_timer(struct hidp_session *session)
297{
298 if (session->idle_to > 0)
299 del_timer(&session->timer);
300}
301
302static int __hidp_send_ctrl_message(struct hidp_session *session,
303 unsigned char hdr, unsigned char *data, int size)
304{
305 struct sk_buff *skb;
306
307 BT_DBG("session %p data %p size %d", session, data, size);
308
309 if (!(skb = alloc_skb(size + 1, GFP_ATOMIC))) {
310 BT_ERR("Can't allocate memory for new frame");
311 return -ENOMEM;
312 }
313
314 *skb_put(skb, 1) = hdr;
315 if (data && size > 0)
316 memcpy(skb_put(skb, size), data, size);
317
318 skb_queue_tail(&session->ctrl_transmit, skb);
319
320 return 0;
321}
322
b6f99a21 323static inline int hidp_send_ctrl_message(struct hidp_session *session,
1da177e4
LT		 324 unsigned char hdr, unsigned char *data, int size)
325{
326 int err;
327
328 err = __hidp_send_ctrl_message(session, hdr, data, size);
329
330 hidp_schedule(session);
331
332 return err;
333}
334
335static inline void hidp_process_handshake(struct hidp_session *session, unsigned char param)
336{
337 BT_DBG("session %p param 0x%02x", session, param);
338
339 switch (param) {
340 case HIDP_HSHK_SUCCESSFUL:
341 /* FIXME: Call into SET_ GET_ handlers here */
342 break;
343
344 case HIDP_HSHK_NOT_READY:
345 case HIDP_HSHK_ERR_INVALID_REPORT_ID:
346 case HIDP_HSHK_ERR_UNSUPPORTED_REQUEST:
347 case HIDP_HSHK_ERR_INVALID_PARAMETER:
348 /* FIXME: Call into SET_ GET_ handlers here */
349 break;
350
351 case HIDP_HSHK_ERR_UNKNOWN:
352 break;
353
354 case HIDP_HSHK_ERR_FATAL:
355 /* Device requests a reboot, as this is the only way this error
8e87d142 356 * can be recovered. */
1da177e4
LT		 357 __hidp_send_ctrl_message(session,
358 HIDP_TRANS_HID_CONTROL | HIDP_CTRL_SOFT_RESET, NULL, 0);
359 break;
360
361 default:
362 __hidp_send_ctrl_message(session,
363 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0);
364 break;
365 }
366}
367
368static inline void hidp_process_hid_control(struct hidp_session *session, unsigned char param)
369{
370 BT_DBG("session %p param 0x%02x", session, param);
371
eff001e3 372 if (param == HIDP_CTRL_VIRTUAL_CABLE_UNPLUG) {
1da177e4
LT		 373 /* Flush the transmit queues */
374 skb_queue_purge(&session->ctrl_transmit);
375 skb_queue_purge(&session->intr_transmit);
376
377 /* Kill session thread */
378 atomic_inc(&session->terminate);
1da177e4
LT		 379 }
380}
381
382static inline void hidp_process_data(struct hidp_session *session, struct sk_buff *skb, unsigned char param)
383{
384 BT_DBG("session %p skb %p len %d param 0x%02x", session, skb, skb->len, param);
385
386 switch (param) {
387 case HIDP_DATA_RTYPE_INPUT:
388 hidp_set_timer(session);
389
390 if (session->input)
391 hidp_input_report(session, skb);
e1aaadd4
MH		 392
393 if (session->hid)
394 hid_input_report(session->hid, HID_INPUT_REPORT, skb->data, skb->len, 0);
395
1da177e4
LT		 396 break;
397
398 case HIDP_DATA_RTYPE_OTHER:
399 case HIDP_DATA_RTYPE_OUPUT:
400 case HIDP_DATA_RTYPE_FEATURE:
401 break;
402
403 default:
404 __hidp_send_ctrl_message(session,
405 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0);
406 }
407}
408
409static inline void hidp_recv_ctrl_frame(struct hidp_session *session, struct sk_buff *skb)
410{
411 unsigned char hdr, type, param;
412
413 BT_DBG("session %p skb %p len %d", session, skb, skb->len);
414
415 hdr = skb->data[0];
416 skb_pull(skb, 1);
417
418 type = hdr & HIDP_HEADER_TRANS_MASK;
419 param = hdr & HIDP_HEADER_PARAM_MASK;
420
421 switch (type) {
422 case HIDP_TRANS_HANDSHAKE:
423 hidp_process_handshake(session, param);
424 break;
425
426 case HIDP_TRANS_HID_CONTROL:
427 hidp_process_hid_control(session, param);
428 break;
429
430 case HIDP_TRANS_DATA:
431 hidp_process_data(session, skb, param);
432 break;
433
434 default:
435 __hidp_send_ctrl_message(session,
436 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_UNSUPPORTED_REQUEST, NULL, 0);
437 break;
438 }
439
440 kfree_skb(skb);
441}
442
443static inline void hidp_recv_intr_frame(struct hidp_session *session, struct sk_buff *skb)
444{
445 unsigned char hdr;
446
447 BT_DBG("session %p skb %p len %d", session, skb, skb->len);
448
449 hdr = skb->data[0];
450 skb_pull(skb, 1);
451
452 if (hdr == (HIDP_TRANS_DATA | HIDP_DATA_RTYPE_INPUT)) {
453 hidp_set_timer(session);
e1aaadd4 454
1da177e4
LT		 455 if (session->input)
456 hidp_input_report(session, skb);
e1aaadd4
MH		 457
458 if (session->hid) {
459 hid_input_report(session->hid, HID_INPUT_REPORT, skb->data, skb->len, 1);
460 BT_DBG("report len %d", skb->len);
461 }
1da177e4
LT		 462 } else {
463 BT_DBG("Unsupported protocol header 0x%02x", hdr);
464 }
465
466 kfree_skb(skb);
467}
468
469static int hidp_send_frame(struct socket *sock, unsigned char *data, int len)
470{
471 struct kvec iv = { data, len };
472 struct msghdr msg;
473
474 BT_DBG("sock %p data %p len %d", sock, data, len);
475
476 if (!len)
477 return 0;
478
479 memset(&msg, 0, sizeof(msg));
480
481 return kernel_sendmsg(sock, &msg, &iv, 1, len);
482}
483
b03efcfb 484static void hidp_process_transmit(struct hidp_session *session)
1da177e4
LT		 485{
486 struct sk_buff *skb;
487
488 BT_DBG("session %p", session);
489
490 while ((skb = skb_dequeue(&session->ctrl_transmit))) {
491 if (hidp_send_frame(session->ctrl_sock, skb->data, skb->len) < 0) {
492 skb_queue_head(&session->ctrl_transmit, skb);
493 break;
494 }
495
496 hidp_set_timer(session);
497 kfree_skb(skb);
498 }
499
500 while ((skb = skb_dequeue(&session->intr_transmit))) {
501 if (hidp_send_frame(session->intr_sock, skb->data, skb->len) < 0) {
502 skb_queue_head(&session->intr_transmit, skb);
503 break;
504 }
505
506 hidp_set_timer(session);
507 kfree_skb(skb);
508 }
1da177e4
LT		 509}
510
511static int hidp_session(void *arg)
512{
513 struct hidp_session *session = arg;
514 struct sock *ctrl_sk = session->ctrl_sock->sk;
515 struct sock *intr_sk = session->intr_sock->sk;
516 struct sk_buff *skb;
517 int vendor = 0x0000, product = 0x0000;
518 wait_queue_t ctrl_wait, intr_wait;
519
520 BT_DBG("session %p", session);
521
522 if (session->input) {
523 vendor = session->input->id.vendor;
524 product = session->input->id.product;
525 }
526
e1aaadd4
MH		 527 if (session->hid) {
528 vendor = session->hid->vendor;
529 product = session->hid->product;
530 }
531
1da177e4
LT		 532 daemonize("khidpd_%04x%04x", vendor, product);
533 set_user_nice(current, -15);
1da177e4
LT		 534
535 init_waitqueue_entry(&ctrl_wait, current);
536 init_waitqueue_entry(&intr_wait, current);
537 add_wait_queue(ctrl_sk->sk_sleep, &ctrl_wait);
538 add_wait_queue(intr_sk->sk_sleep, &intr_wait);
539 while (!atomic_read(&session->terminate)) {
540 set_current_state(TASK_INTERRUPTIBLE);
541
542 if (ctrl_sk->sk_state != BT_CONNECTED || intr_sk->sk_state != BT_CONNECTED)
543 break;
544
545 while ((skb = skb_dequeue(&ctrl_sk->sk_receive_queue))) {
546 skb_orphan(skb);
547 hidp_recv_ctrl_frame(session, skb);
548 }
549
550 while ((skb = skb_dequeue(&intr_sk->sk_receive_queue))) {
551 skb_orphan(skb);
552 hidp_recv_intr_frame(session, skb);
553 }
554
555 hidp_process_transmit(session);
556
557 schedule();
558 }
559 set_current_state(TASK_RUNNING);
560 remove_wait_queue(intr_sk->sk_sleep, &intr_wait);
561 remove_wait_queue(ctrl_sk->sk_sleep, &ctrl_wait);
562
563 down_write(&hidp_session_sem);
564
565 hidp_del_timer(session);
566
1da177e4
LT		 567 if (session->input) {
568 input_unregister_device(session->input);
34abf91f 569 session->input = NULL;
1da177e4
LT		 570 }
571
e1aaadd4
MH		 572 if (session->hid) {
573 if (session->hid->claimed & HID_CLAIMED_INPUT)
574 hidinput_disconnect(session->hid);
575 hid_free_device(session->hid);
576 }
577
1c39858b
DW		 578 fput(session->intr_sock->file);
579
580 wait_event_timeout(*(ctrl_sk->sk_sleep),
581 (ctrl_sk->sk_state == BT_CLOSED), msecs_to_jiffies(500));
582
583 fput(session->ctrl_sock->file);
584
585 __hidp_unlink_session(session);
586
1da177e4
LT		 587 up_write(&hidp_session_sem);
588
589 kfree(session);
590 return 0;
591}
592
0a85b964
MH		 593static struct device *hidp_get_device(struct hidp_session *session)
594{
595 bdaddr_t *src = &bt_sk(session->ctrl_sock->sk)->src;
596 bdaddr_t *dst = &bt_sk(session->ctrl_sock->sk)->dst;
597 struct hci_dev *hdev;
598 struct hci_conn *conn;
599
600 hdev = hci_get_route(dst, src);
601 if (!hdev)
602 return NULL;
603
604 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst);
0a85b964
MH		 605
606 hci_dev_put(hdev);
607
b2cfcd75 608 return conn ? &conn->dev : NULL;
0a85b964
MH		 609}
610
53465eb4 611static inline int hidp_setup_input(struct hidp_session *session, struct hidp_connadd_req *req)
1da177e4
LT		 612{
613 struct input_dev *input = session->input;
614 int i;
615
5be39466 616 input_set_drvdata(input, session);
1da177e4 617
34abf91f
DT		 618 input->name = "Bluetooth HID Boot Protocol Device";
619
1da177e4
LT		 620 input->id.bustype = BUS_BLUETOOTH;
621 input->id.vendor = req->vendor;
622 input->id.product = req->product;
623 input->id.version = req->version;
624
625 if (req->subclass & 0x40) {
626 set_bit(EV_KEY, input->evbit);
627 set_bit(EV_LED, input->evbit);
628 set_bit(EV_REP, input->evbit);
629
630 set_bit(LED_NUML, input->ledbit);
631 set_bit(LED_CAPSL, input->ledbit);
632 set_bit(LED_SCROLLL, input->ledbit);
633 set_bit(LED_COMPOSE, input->ledbit);
634 set_bit(LED_KANA, input->ledbit);
635
636 for (i = 0; i < sizeof(hidp_keycode); i++)
637 set_bit(hidp_keycode[i], input->keybit);
638 clear_bit(0, input->keybit);
639 }
640
641 if (req->subclass & 0x80) {
7b19ada2
JS		 642 input->evbit[0] = BIT_MASK(EV_KEY) | BIT_MASK(EV_REL);
643 input->keybit[BIT_WORD(BTN_MOUSE)] = BIT_MASK(BTN_LEFT) |
644 BIT_MASK(BTN_RIGHT) | BIT_MASK(BTN_MIDDLE);
645 input->relbit[0] = BIT_MASK(REL_X) | BIT_MASK(REL_Y);
646 input->keybit[BIT_WORD(BTN_MOUSE)] |= BIT_MASK(BTN_SIDE) |
647 BIT_MASK(BTN_EXTRA);
648 input->relbit[0] |= BIT_MASK(REL_WHEEL);
1da177e4
LT		 649 }
650
5be39466 651 input->dev.parent = hidp_get_device(session);
0a85b964 652
1da177e4
LT		 653 input->event = hidp_input_event;
654
53465eb4 655 return input_register_device(input);
1da177e4
LT		 656}
657
f5ffd462
MH		 658static int hidp_open(struct hid_device *hid)
659{
660 return 0;
661}
662
663static void hidp_close(struct hid_device *hid)
664{
665}
666
cb3fecc2
JK		 667static const struct {
668 __u16 idVendor;
669 __u16 idProduct;
670 unsigned quirks;
671} hidp_blacklist[] = {
672 /* Apple wireless Mighty Mouse */
673 { 0x05ac, 0x030c, HID_QUIRK_MIGHTYMOUSE | HID_QUIRK_INVERT_HWHEEL },
674
675 { } /* Terminating entry */
676};
677
678static void hidp_setup_quirks(struct hid_device *hid)
679{
680 unsigned int n;
681
682 for (n = 0; hidp_blacklist[n].idVendor; n++)
683 if (hidp_blacklist[n].idVendor == le16_to_cpu(hid->vendor) &&
684 hidp_blacklist[n].idProduct == le16_to_cpu(hid->product))
685 hid->quirks = hidp_blacklist[n].quirks;
686}
687
e1aaadd4
MH		 688static inline void hidp_setup_hid(struct hidp_session *session, struct hidp_connadd_req *req)
689{
690 struct hid_device *hid = session->hid;
691 struct hid_report *report;
692 bdaddr_t src, dst;
693
694 baswap(&src, &bt_sk(session->ctrl_sock->sk)->src);
695 baswap(&dst, &bt_sk(session->ctrl_sock->sk)->dst);
696
697 hid->driver_data = session;
698
699 hid->country = req->country;
700
701 hid->bus = BUS_BLUETOOTH;
702 hid->vendor = req->vendor;
703 hid->product = req->product;
704 hid->version = req->version;
705
706 strncpy(hid->name, req->name, 128);
707 strncpy(hid->phys, batostr(&src), 64);
708 strncpy(hid->uniq, batostr(&dst), 64);
709
710 hid->dev = hidp_get_device(session);
711
f5ffd462
MH		 712 hid->hid_open = hidp_open;
713 hid->hid_close = hidp_close;
714
e1aaadd4
MH		 715 hid->hidinput_input_event = hidp_hidinput_event;
716
cb3fecc2
JK		 717 hidp_setup_quirks(hid);
718
e1aaadd4
MH		 719 list_for_each_entry(report, &hid->report_enum[HID_INPUT_REPORT].report_list, list)
720 hidp_send_report(session, report);
721
722 list_for_each_entry(report, &hid->report_enum[HID_FEATURE_REPORT].report_list, list)
723 hidp_send_report(session, report);
724
3b180bff 725 if (hidinput_connect(hid) == 0)
e1aaadd4 726 hid->claimed |= HID_CLAIMED_INPUT;
e1aaadd4
MH		 727}
728
1da177e4
LT		 729int hidp_add_connection(struct hidp_connadd_req *req, struct socket *ctrl_sock, struct socket *intr_sock)
730{
731 struct hidp_session *session, *s;
732 int err;
733
734 BT_DBG("");
735
736 if (bacmp(&bt_sk(ctrl_sock->sk)->src, &bt_sk(intr_sock->sk)->src) ||
737 bacmp(&bt_sk(ctrl_sock->sk)->dst, &bt_sk(intr_sock->sk)->dst))
738 return -ENOTUNIQ;
739
25ea6db0 740 session = kzalloc(sizeof(struct hidp_session), GFP_KERNEL);
34abf91f 741 if (!session)
1da177e4 742 return -ENOMEM;
1da177e4 743
e1aaadd4
MH		 744 BT_DBG("rd_data %p rd_size %d", req->rd_data, req->rd_size);
745
746 if (req->rd_size > 0) {
747 unsigned char *buf = kmalloc(req->rd_size, GFP_KERNEL);
748
749 if (!buf) {
750 kfree(session);
751 return -ENOMEM;
752 }
753
754 if (copy_from_user(buf, req->rd_data, req->rd_size)) {
755 kfree(buf);
756 kfree(session);
757 return -EFAULT;
758 }
759
760 session->hid = hid_parse_report(buf, req->rd_size);
761
762 kfree(buf);
763
764 if (!session->hid) {
765 kfree(session);
766 return -EINVAL;
767 }
768 }
769
770 if (!session->hid) {
771 session->input = input_allocate_device();
772 if (!session->input) {
773 kfree(session);
774 return -ENOMEM;
775 }
1da177e4 776 }
1da177e4
LT		 777
778 down_write(&hidp_session_sem);
779
780 s = __hidp_get_session(&bt_sk(ctrl_sock->sk)->dst);
781 if (s && s->state == BT_CONNECTED) {
782 err = -EEXIST;
783 goto failed;
784 }
785
786 bacpy(&session->bdaddr, &bt_sk(ctrl_sock->sk)->dst);
787
788 session->ctrl_mtu = min_t(uint, l2cap_pi(ctrl_sock->sk)->omtu, l2cap_pi(ctrl_sock->sk)->imtu);
789 session->intr_mtu = min_t(uint, l2cap_pi(intr_sock->sk)->omtu, l2cap_pi(intr_sock->sk)->imtu);
790
791 BT_DBG("ctrl mtu %d intr mtu %d", session->ctrl_mtu, session->intr_mtu);
792
793 session->ctrl_sock = ctrl_sock;
794 session->intr_sock = intr_sock;
795 session->state = BT_CONNECTED;
796
b24b8a24 797 setup_timer(&session->timer, hidp_idle_timeout, (unsigned long)session);
1da177e4
LT		 798
799 skb_queue_head_init(&session->ctrl_transmit);
800 skb_queue_head_init(&session->intr_transmit);
801
802 session->flags = req->flags & (1 << HIDP_BLUETOOTH_VENDOR_ID);
803 session->idle_to = req->idle_to;
804
53465eb4
WC		 805 if (session->input) {
806 err = hidp_setup_input(session, req);
807 if (err < 0)
808 goto failed;
809 }
1da177e4 810
e1aaadd4
MH		 811 if (session->hid)
812 hidp_setup_hid(session, req);
813
1da177e4
LT		 814 __hidp_link_session(session);
815
816 hidp_set_timer(session);
817
818 err = kernel_thread(hidp_session, session, CLONE_KERNEL);
819 if (err < 0)
820 goto unlink;
821
822 if (session->input) {
823 hidp_send_ctrl_message(session,
824 HIDP_TRANS_SET_PROTOCOL | HIDP_PROTO_BOOT, NULL, 0);
825 session->flags |= (1 << HIDP_BOOT_PROTOCOL_MODE);
826
827 session->leds = 0xff;
828 hidp_input_event(session->input, EV_LED, 0, 0);
829 }
830
831 up_write(&hidp_session_sem);
832 return 0;
833
834unlink:
835 hidp_del_timer(session);
836
837 __hidp_unlink_session(session);
838
34abf91f 839 if (session->input) {
1da177e4 840 input_unregister_device(session->input);
34abf91f
DT		 841 session->input = NULL; /* don't try to free it here */
842 }
1da177e4
LT		 843
844failed:
845 up_write(&hidp_session_sem);
846
e1aaadd4
MH		 847 if (session->hid)
848 hid_free_device(session->hid);
849
5be39466 850 input_free_device(session->input);
1da177e4
LT		 851 kfree(session);
852 return err;
853}
854
855int hidp_del_connection(struct hidp_conndel_req *req)
856{
857 struct hidp_session *session;
858 int err = 0;
859
860 BT_DBG("");
861
862 down_read(&hidp_session_sem);
863
864 session = __hidp_get_session(&req->bdaddr);
865 if (session) {
866 if (req->flags & (1 << HIDP_VIRTUAL_CABLE_UNPLUG)) {
867 hidp_send_ctrl_message(session,
868 HIDP_TRANS_HID_CONTROL | HIDP_CTRL_VIRTUAL_CABLE_UNPLUG, NULL, 0);
869 } else {
870 /* Flush the transmit queues */
871 skb_queue_purge(&session->ctrl_transmit);
872 skb_queue_purge(&session->intr_transmit);
873
874 /* Kill session thread */
875 atomic_inc(&session->terminate);
876 hidp_schedule(session);
877 }
878 } else
879 err = -ENOENT;
880
881 up_read(&hidp_session_sem);
882 return err;
883}
884
885int hidp_get_connlist(struct hidp_connlist_req *req)
886{
887 struct list_head *p;
888 int err = 0, n = 0;
889
890 BT_DBG("");
891
892 down_read(&hidp_session_sem);
893
894 list_for_each(p, &hidp_session_list) {
895 struct hidp_session *session;
896 struct hidp_conninfo ci;
897
898 session = list_entry(p, struct hidp_session, list);
899
900 __hidp_copy_session(session, &ci);
901
902 if (copy_to_user(req->ci, &ci, sizeof(ci))) {
903 err = -EFAULT;
904 break;
905 }
906
907 if (++n >= req->cnum)
908 break;
909
910 req->ci++;
911 }
912 req->cnum = n;
913
914 up_read(&hidp_session_sem);
915 return err;
916}
917
918int hidp_get_conninfo(struct hidp_conninfo *ci)
919{
920 struct hidp_session *session;
921 int err = 0;
922
923 down_read(&hidp_session_sem);
924
925 session = __hidp_get_session(&ci->bdaddr);
926 if (session)
927 __hidp_copy_session(session, ci);
928 else
929 err = -ENOENT;
930
931 up_read(&hidp_session_sem);
932 return err;
933}
934
935static int __init hidp_init(void)
936{
937 l2cap_load();
938
939 BT_INFO("HIDP (Human Interface Emulation) ver %s", VERSION);
940
941 return hidp_init_sockets();
942}
943
944static void __exit hidp_exit(void)
945{
946 hidp_cleanup_sockets();
947}
948
949module_init(hidp_init);
950module_exit(hidp_exit);
951
952MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
953MODULE_DESCRIPTION("Bluetooth HIDP ver " VERSION);
954MODULE_VERSION(VERSION);
955MODULE_LICENSE("GPL");
956MODULE_ALIAS("bt-proto-6");
ubuntu-bionic-kernel mirror