2 HIDP implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2003-2004 Marcel Holtmann <marcel@holtmann.org>
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 #include <linux/module.h>
24 #include <linux/file.h>
25 #include <linux/kthread.h>
26 #include <linux/hidraw.h>
28 #include <net/bluetooth/bluetooth.h>
29 #include <net/bluetooth/hci_core.h>
30 #include <net/bluetooth/l2cap.h>
36 static DECLARE_RWSEM(hidp_session_sem
);
37 static LIST_HEAD(hidp_session_list
);
39 static unsigned char hidp_keycode
[256] = {
40 0, 0, 0, 0, 30, 48, 46, 32, 18, 33, 34, 35, 23, 36,
41 37, 38, 50, 49, 24, 25, 16, 19, 31, 20, 22, 47, 17, 45,
42 21, 44, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 28, 1,
43 14, 15, 57, 12, 13, 26, 27, 43, 43, 39, 40, 41, 51, 52,
44 53, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 87, 88,
45 99, 70, 119, 110, 102, 104, 111, 107, 109, 106, 105, 108, 103, 69,
46 98, 55, 74, 78, 96, 79, 80, 81, 75, 76, 77, 71, 72, 73,
47 82, 83, 86, 127, 116, 117, 183, 184, 185, 186, 187, 188, 189, 190,
48 191, 192, 193, 194, 134, 138, 130, 132, 128, 129, 131, 137, 133, 135,
49 136, 113, 115, 114, 0, 0, 0, 121, 0, 89, 93, 124, 92, 94,
50 95, 0, 0, 0, 122, 123, 90, 91, 85, 0, 0, 0, 0, 0,
51 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
52 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
53 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
54 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
55 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
56 29, 42, 56, 125, 97, 54, 100, 126, 164, 166, 165, 163, 161, 115,
57 114, 113, 150, 158, 159, 128, 136, 177, 178, 176, 142, 152, 173, 140
60 static unsigned char hidp_mkeyspat
[] = { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 };
62 static struct hidp_session
*__hidp_get_session(bdaddr_t
*bdaddr
)
64 struct hidp_session
*session
;
68 list_for_each_entry(session
, &hidp_session_list
, list
) {
69 if (!bacmp(bdaddr
, &session
->bdaddr
))
76 static void __hidp_copy_session(struct hidp_session
*session
, struct hidp_conninfo
*ci
)
78 memset(ci
, 0, sizeof(*ci
));
79 bacpy(&ci
->bdaddr
, &session
->bdaddr
);
81 ci
->flags
= session
->flags
;
82 ci
->state
= session
->state
;
89 ci
->vendor
= session
->input
->id
.vendor
;
90 ci
->product
= session
->input
->id
.product
;
91 ci
->version
= session
->input
->id
.version
;
92 if (session
->input
->name
)
93 strncpy(ci
->name
, session
->input
->name
, 128);
95 strncpy(ci
->name
, "HID Boot Device", 128);
99 ci
->vendor
= session
->hid
->vendor
;
100 ci
->product
= session
->hid
->product
;
101 ci
->version
= session
->hid
->version
;
102 strncpy(ci
->name
, session
->hid
->name
, 128);
106 static int hidp_queue_event(struct hidp_session
*session
, struct input_dev
*dev
,
107 unsigned int type
, unsigned int code
, int value
)
109 unsigned char newleds
;
112 BT_DBG("session %p type %d code %d value %d", session
, type
, code
, value
);
117 newleds
= (!!test_bit(LED_KANA
, dev
->led
) << 3) |
118 (!!test_bit(LED_COMPOSE
, dev
->led
) << 3) |
119 (!!test_bit(LED_SCROLLL
, dev
->led
) << 2) |
120 (!!test_bit(LED_CAPSL
, dev
->led
) << 1) |
121 (!!test_bit(LED_NUML
, dev
->led
));
123 if (session
->leds
== newleds
)
126 session
->leds
= newleds
;
128 skb
= alloc_skb(3, GFP_ATOMIC
);
130 BT_ERR("Can't allocate memory for new frame");
134 *skb_put(skb
, 1) = HIDP_TRANS_DATA
| HIDP_DATA_RTYPE_OUPUT
;
135 *skb_put(skb
, 1) = 0x01;
136 *skb_put(skb
, 1) = newleds
;
138 skb_queue_tail(&session
->intr_transmit
, skb
);
140 hidp_schedule(session
);
145 static int hidp_hidinput_event(struct input_dev
*dev
, unsigned int type
, unsigned int code
, int value
)
147 struct hid_device
*hid
= input_get_drvdata(dev
);
148 struct hidp_session
*session
= hid
->driver_data
;
150 return hidp_queue_event(session
, dev
, type
, code
, value
);
153 static int hidp_input_event(struct input_dev
*dev
, unsigned int type
, unsigned int code
, int value
)
155 struct hidp_session
*session
= input_get_drvdata(dev
);
157 return hidp_queue_event(session
, dev
, type
, code
, value
);
160 static void hidp_input_report(struct hidp_session
*session
, struct sk_buff
*skb
)
162 struct input_dev
*dev
= session
->input
;
163 unsigned char *keys
= session
->keys
;
164 unsigned char *udata
= skb
->data
+ 1;
165 signed char *sdata
= skb
->data
+ 1;
166 int i
, size
= skb
->len
- 1;
168 switch (skb
->data
[0]) {
169 case 0x01: /* Keyboard report */
170 for (i
= 0; i
< 8; i
++)
171 input_report_key(dev
, hidp_keycode
[i
+ 224], (udata
[0] >> i
) & 1);
173 /* If all the key codes have been set to 0x01, it means
174 * too many keys were pressed at the same time. */
175 if (!memcmp(udata
+ 2, hidp_mkeyspat
, 6))
178 for (i
= 2; i
< 8; i
++) {
179 if (keys
[i
] > 3 && memscan(udata
+ 2, keys
[i
], 6) == udata
+ 8) {
180 if (hidp_keycode
[keys
[i
]])
181 input_report_key(dev
, hidp_keycode
[keys
[i
]], 0);
183 BT_ERR("Unknown key (scancode %#x) released.", keys
[i
]);
186 if (udata
[i
] > 3 && memscan(keys
+ 2, udata
[i
], 6) == keys
+ 8) {
187 if (hidp_keycode
[udata
[i
]])
188 input_report_key(dev
, hidp_keycode
[udata
[i
]], 1);
190 BT_ERR("Unknown key (scancode %#x) pressed.", udata
[i
]);
194 memcpy(keys
, udata
, 8);
197 case 0x02: /* Mouse report */
198 input_report_key(dev
, BTN_LEFT
, sdata
[0] & 0x01);
199 input_report_key(dev
, BTN_RIGHT
, sdata
[0] & 0x02);
200 input_report_key(dev
, BTN_MIDDLE
, sdata
[0] & 0x04);
201 input_report_key(dev
, BTN_SIDE
, sdata
[0] & 0x08);
202 input_report_key(dev
, BTN_EXTRA
, sdata
[0] & 0x10);
204 input_report_rel(dev
, REL_X
, sdata
[1]);
205 input_report_rel(dev
, REL_Y
, sdata
[2]);
208 input_report_rel(dev
, REL_WHEEL
, sdata
[3]);
215 static int __hidp_send_ctrl_message(struct hidp_session
*session
,
216 unsigned char hdr
, unsigned char *data
,
221 BT_DBG("session %p data %p size %d", session
, data
, size
);
223 if (atomic_read(&session
->terminate
))
226 skb
= alloc_skb(size
+ 1, GFP_ATOMIC
);
228 BT_ERR("Can't allocate memory for new frame");
232 *skb_put(skb
, 1) = hdr
;
233 if (data
&& size
> 0)
234 memcpy(skb_put(skb
, size
), data
, size
);
236 skb_queue_tail(&session
->ctrl_transmit
, skb
);
241 static int hidp_send_ctrl_message(struct hidp_session
*session
,
242 unsigned char hdr
, unsigned char *data
, int size
)
246 err
= __hidp_send_ctrl_message(session
, hdr
, data
, size
);
248 hidp_schedule(session
);
253 static int hidp_queue_report(struct hidp_session
*session
,
254 unsigned char *data
, int size
)
258 BT_DBG("session %p hid %p data %p size %d", session
, session
->hid
, data
, size
);
260 skb
= alloc_skb(size
+ 1, GFP_ATOMIC
);
262 BT_ERR("Can't allocate memory for new frame");
266 *skb_put(skb
, 1) = 0xa2;
268 memcpy(skb_put(skb
, size
), data
, size
);
270 skb_queue_tail(&session
->intr_transmit
, skb
);
272 hidp_schedule(session
);
277 static int hidp_send_report(struct hidp_session
*session
, struct hid_report
*report
)
279 unsigned char buf
[32];
282 rsize
= ((report
->size
- 1) >> 3) + 1 + (report
->id
> 0);
283 if (rsize
> sizeof(buf
))
286 hid_output_report(report
, buf
);
288 return hidp_queue_report(session
, buf
, rsize
);
291 static int hidp_get_raw_report(struct hid_device
*hid
,
292 unsigned char report_number
,
293 unsigned char *data
, size_t count
,
294 unsigned char report_type
)
296 struct hidp_session
*session
= hid
->driver_data
;
299 int numbered_reports
= hid
->report_enum
[report_type
].numbered
;
302 if (atomic_read(&session
->terminate
))
305 switch (report_type
) {
306 case HID_FEATURE_REPORT
:
307 report_type
= HIDP_TRANS_GET_REPORT
| HIDP_DATA_RTYPE_FEATURE
;
309 case HID_INPUT_REPORT
:
310 report_type
= HIDP_TRANS_GET_REPORT
| HIDP_DATA_RTYPE_INPUT
;
312 case HID_OUTPUT_REPORT
:
313 report_type
= HIDP_TRANS_GET_REPORT
| HIDP_DATA_RTYPE_OUPUT
;
319 if (mutex_lock_interruptible(&session
->report_mutex
))
322 /* Set up our wait, and send the report request to the device. */
323 session
->waiting_report_type
= report_type
& HIDP_DATA_RTYPE_MASK
;
324 session
->waiting_report_number
= numbered_reports
? report_number
: -1;
325 set_bit(HIDP_WAITING_FOR_RETURN
, &session
->flags
);
326 data
[0] = report_number
;
327 ret
= hidp_send_ctrl_message(hid
->driver_data
, report_type
, data
, 1);
331 /* Wait for the return of the report. The returned report
332 gets put in session->report_return. */
333 while (test_bit(HIDP_WAITING_FOR_RETURN
, &session
->flags
)) {
336 res
= wait_event_interruptible_timeout(session
->report_queue
,
337 !test_bit(HIDP_WAITING_FOR_RETURN
, &session
->flags
),
351 skb
= session
->report_return
;
353 len
= skb
->len
< count
? skb
->len
: count
;
354 memcpy(data
, skb
->data
, len
);
357 session
->report_return
= NULL
;
359 /* Device returned a HANDSHAKE, indicating protocol error. */
363 clear_bit(HIDP_WAITING_FOR_RETURN
, &session
->flags
);
364 mutex_unlock(&session
->report_mutex
);
369 clear_bit(HIDP_WAITING_FOR_RETURN
, &session
->flags
);
370 mutex_unlock(&session
->report_mutex
);
374 static int hidp_output_raw_report(struct hid_device
*hid
, unsigned char *data
, size_t count
,
375 unsigned char report_type
)
377 struct hidp_session
*session
= hid
->driver_data
;
380 switch (report_type
) {
381 case HID_FEATURE_REPORT
:
382 report_type
= HIDP_TRANS_SET_REPORT
| HIDP_DATA_RTYPE_FEATURE
;
384 case HID_OUTPUT_REPORT
:
385 report_type
= HIDP_TRANS_SET_REPORT
| HIDP_DATA_RTYPE_OUPUT
;
391 if (mutex_lock_interruptible(&session
->report_mutex
))
394 /* Set up our wait, and send the report request to the device. */
395 set_bit(HIDP_WAITING_FOR_SEND_ACK
, &session
->flags
);
396 ret
= hidp_send_ctrl_message(hid
->driver_data
, report_type
, data
,
401 /* Wait for the ACK from the device. */
402 while (test_bit(HIDP_WAITING_FOR_SEND_ACK
, &session
->flags
)) {
405 res
= wait_event_interruptible_timeout(session
->report_queue
,
406 !test_bit(HIDP_WAITING_FOR_SEND_ACK
, &session
->flags
),
420 if (!session
->output_report_success
) {
428 clear_bit(HIDP_WAITING_FOR_SEND_ACK
, &session
->flags
);
429 mutex_unlock(&session
->report_mutex
);
433 static void hidp_idle_timeout(unsigned long arg
)
435 struct hidp_session
*session
= (struct hidp_session
*) arg
;
437 atomic_inc(&session
->terminate
);
438 wake_up_process(session
->task
);
441 static void hidp_set_timer(struct hidp_session
*session
)
443 if (session
->idle_to
> 0)
444 mod_timer(&session
->timer
, jiffies
+ HZ
* session
->idle_to
);
447 static void hidp_del_timer(struct hidp_session
*session
)
449 if (session
->idle_to
> 0)
450 del_timer(&session
->timer
);
453 static void hidp_process_handshake(struct hidp_session
*session
,
456 BT_DBG("session %p param 0x%02x", session
, param
);
457 session
->output_report_success
= 0; /* default condition */
460 case HIDP_HSHK_SUCCESSFUL
:
461 /* FIXME: Call into SET_ GET_ handlers here */
462 session
->output_report_success
= 1;
465 case HIDP_HSHK_NOT_READY
:
466 case HIDP_HSHK_ERR_INVALID_REPORT_ID
:
467 case HIDP_HSHK_ERR_UNSUPPORTED_REQUEST
:
468 case HIDP_HSHK_ERR_INVALID_PARAMETER
:
469 if (test_and_clear_bit(HIDP_WAITING_FOR_RETURN
, &session
->flags
))
470 wake_up_interruptible(&session
->report_queue
);
472 /* FIXME: Call into SET_ GET_ handlers here */
475 case HIDP_HSHK_ERR_UNKNOWN
:
478 case HIDP_HSHK_ERR_FATAL
:
479 /* Device requests a reboot, as this is the only way this error
480 * can be recovered. */
481 __hidp_send_ctrl_message(session
,
482 HIDP_TRANS_HID_CONTROL
| HIDP_CTRL_SOFT_RESET
, NULL
, 0);
486 __hidp_send_ctrl_message(session
,
487 HIDP_TRANS_HANDSHAKE
| HIDP_HSHK_ERR_INVALID_PARAMETER
, NULL
, 0);
491 /* Wake up the waiting thread. */
492 if (test_and_clear_bit(HIDP_WAITING_FOR_SEND_ACK
, &session
->flags
))
493 wake_up_interruptible(&session
->report_queue
);
496 static void hidp_process_hid_control(struct hidp_session
*session
,
499 BT_DBG("session %p param 0x%02x", session
, param
);
501 if (param
== HIDP_CTRL_VIRTUAL_CABLE_UNPLUG
) {
502 /* Flush the transmit queues */
503 skb_queue_purge(&session
->ctrl_transmit
);
504 skb_queue_purge(&session
->intr_transmit
);
506 atomic_inc(&session
->terminate
);
507 wake_up_process(current
);
511 /* Returns true if the passed-in skb should be freed by the caller. */
512 static int hidp_process_data(struct hidp_session
*session
, struct sk_buff
*skb
,
515 int done_with_skb
= 1;
516 BT_DBG("session %p skb %p len %d param 0x%02x", session
, skb
, skb
->len
, param
);
519 case HIDP_DATA_RTYPE_INPUT
:
520 hidp_set_timer(session
);
523 hidp_input_report(session
, skb
);
526 hid_input_report(session
->hid
, HID_INPUT_REPORT
, skb
->data
, skb
->len
, 0);
529 case HIDP_DATA_RTYPE_OTHER
:
530 case HIDP_DATA_RTYPE_OUPUT
:
531 case HIDP_DATA_RTYPE_FEATURE
:
535 __hidp_send_ctrl_message(session
,
536 HIDP_TRANS_HANDSHAKE
| HIDP_HSHK_ERR_INVALID_PARAMETER
, NULL
, 0);
539 if (test_bit(HIDP_WAITING_FOR_RETURN
, &session
->flags
) &&
540 param
== session
->waiting_report_type
) {
541 if (session
->waiting_report_number
< 0 ||
542 session
->waiting_report_number
== skb
->data
[0]) {
543 /* hidp_get_raw_report() is waiting on this report. */
544 session
->report_return
= skb
;
546 clear_bit(HIDP_WAITING_FOR_RETURN
, &session
->flags
);
547 wake_up_interruptible(&session
->report_queue
);
551 return done_with_skb
;
554 static void hidp_recv_ctrl_frame(struct hidp_session
*session
,
557 unsigned char hdr
, type
, param
;
560 BT_DBG("session %p skb %p len %d", session
, skb
, skb
->len
);
565 type
= hdr
& HIDP_HEADER_TRANS_MASK
;
566 param
= hdr
& HIDP_HEADER_PARAM_MASK
;
569 case HIDP_TRANS_HANDSHAKE
:
570 hidp_process_handshake(session
, param
);
573 case HIDP_TRANS_HID_CONTROL
:
574 hidp_process_hid_control(session
, param
);
577 case HIDP_TRANS_DATA
:
578 free_skb
= hidp_process_data(session
, skb
, param
);
582 __hidp_send_ctrl_message(session
,
583 HIDP_TRANS_HANDSHAKE
| HIDP_HSHK_ERR_UNSUPPORTED_REQUEST
, NULL
, 0);
591 static void hidp_recv_intr_frame(struct hidp_session
*session
,
596 BT_DBG("session %p skb %p len %d", session
, skb
, skb
->len
);
601 if (hdr
== (HIDP_TRANS_DATA
| HIDP_DATA_RTYPE_INPUT
)) {
602 hidp_set_timer(session
);
605 hidp_input_report(session
, skb
);
608 hid_input_report(session
->hid
, HID_INPUT_REPORT
, skb
->data
, skb
->len
, 1);
609 BT_DBG("report len %d", skb
->len
);
612 BT_DBG("Unsupported protocol header 0x%02x", hdr
);
618 static int hidp_send_frame(struct socket
*sock
, unsigned char *data
, int len
)
620 struct kvec iv
= { data
, len
};
623 BT_DBG("sock %p data %p len %d", sock
, data
, len
);
628 memset(&msg
, 0, sizeof(msg
));
630 return kernel_sendmsg(sock
, &msg
, &iv
, 1, len
);
633 static void hidp_process_intr_transmit(struct hidp_session
*session
)
637 BT_DBG("session %p", session
);
639 while ((skb
= skb_dequeue(&session
->intr_transmit
))) {
640 if (hidp_send_frame(session
->intr_sock
, skb
->data
, skb
->len
) < 0) {
641 skb_queue_head(&session
->intr_transmit
, skb
);
645 hidp_set_timer(session
);
650 static void hidp_process_ctrl_transmit(struct hidp_session
*session
)
654 BT_DBG("session %p", session
);
656 while ((skb
= skb_dequeue(&session
->ctrl_transmit
))) {
657 if (hidp_send_frame(session
->ctrl_sock
, skb
->data
, skb
->len
) < 0) {
658 skb_queue_head(&session
->ctrl_transmit
, skb
);
662 hidp_set_timer(session
);
667 static int hidp_session(void *arg
)
669 struct hidp_session
*session
= arg
;
670 struct sock
*ctrl_sk
= session
->ctrl_sock
->sk
;
671 struct sock
*intr_sk
= session
->intr_sock
->sk
;
673 wait_queue_t ctrl_wait
, intr_wait
;
675 BT_DBG("session %p", session
);
677 __module_get(THIS_MODULE
);
678 set_user_nice(current
, -15);
680 init_waitqueue_entry(&ctrl_wait
, current
);
681 init_waitqueue_entry(&intr_wait
, current
);
682 add_wait_queue(sk_sleep(ctrl_sk
), &ctrl_wait
);
683 add_wait_queue(sk_sleep(intr_sk
), &intr_wait
);
684 session
->waiting_for_startup
= 0;
685 wake_up_interruptible(&session
->startup_queue
);
686 set_current_state(TASK_INTERRUPTIBLE
);
687 while (!atomic_read(&session
->terminate
)) {
688 if (ctrl_sk
->sk_state
!= BT_CONNECTED
||
689 intr_sk
->sk_state
!= BT_CONNECTED
)
692 while ((skb
= skb_dequeue(&intr_sk
->sk_receive_queue
))) {
694 if (!skb_linearize(skb
))
695 hidp_recv_intr_frame(session
, skb
);
700 hidp_process_intr_transmit(session
);
702 while ((skb
= skb_dequeue(&ctrl_sk
->sk_receive_queue
))) {
704 if (!skb_linearize(skb
))
705 hidp_recv_ctrl_frame(session
, skb
);
710 hidp_process_ctrl_transmit(session
);
713 set_current_state(TASK_INTERRUPTIBLE
);
715 set_current_state(TASK_RUNNING
);
716 atomic_inc(&session
->terminate
);
717 remove_wait_queue(sk_sleep(intr_sk
), &intr_wait
);
718 remove_wait_queue(sk_sleep(ctrl_sk
), &ctrl_wait
);
720 clear_bit(HIDP_WAITING_FOR_SEND_ACK
, &session
->flags
);
721 clear_bit(HIDP_WAITING_FOR_RETURN
, &session
->flags
);
722 wake_up_interruptible(&session
->report_queue
);
724 down_write(&hidp_session_sem
);
726 hidp_del_timer(session
);
728 if (session
->input
) {
729 input_unregister_device(session
->input
);
730 session
->input
= NULL
;
734 hid_destroy_device(session
->hid
);
738 /* Wakeup user-space polling for socket errors */
739 session
->intr_sock
->sk
->sk_err
= EUNATCH
;
740 session
->ctrl_sock
->sk
->sk_err
= EUNATCH
;
742 hidp_schedule(session
);
744 fput(session
->intr_sock
->file
);
746 wait_event_timeout(*(sk_sleep(ctrl_sk
)),
747 (ctrl_sk
->sk_state
== BT_CLOSED
), msecs_to_jiffies(500));
749 fput(session
->ctrl_sock
->file
);
751 list_del(&session
->list
);
753 up_write(&hidp_session_sem
);
755 kfree(session
->rd_data
);
757 module_put_and_exit(0);
761 static struct hci_conn
*hidp_get_connection(struct hidp_session
*session
)
763 bdaddr_t
*src
= &bt_sk(session
->ctrl_sock
->sk
)->src
;
764 bdaddr_t
*dst
= &bt_sk(session
->ctrl_sock
->sk
)->dst
;
765 struct hci_conn
*conn
;
766 struct hci_dev
*hdev
;
768 hdev
= hci_get_route(dst
, src
);
773 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, dst
);
774 hci_dev_unlock(hdev
);
781 static int hidp_setup_input(struct hidp_session
*session
,
782 struct hidp_connadd_req
*req
)
784 struct input_dev
*input
;
787 input
= input_allocate_device();
791 session
->input
= input
;
793 input_set_drvdata(input
, session
);
795 input
->name
= "Bluetooth HID Boot Protocol Device";
797 input
->id
.bustype
= BUS_BLUETOOTH
;
798 input
->id
.vendor
= req
->vendor
;
799 input
->id
.product
= req
->product
;
800 input
->id
.version
= req
->version
;
802 if (req
->subclass
& 0x40) {
803 set_bit(EV_KEY
, input
->evbit
);
804 set_bit(EV_LED
, input
->evbit
);
805 set_bit(EV_REP
, input
->evbit
);
807 set_bit(LED_NUML
, input
->ledbit
);
808 set_bit(LED_CAPSL
, input
->ledbit
);
809 set_bit(LED_SCROLLL
, input
->ledbit
);
810 set_bit(LED_COMPOSE
, input
->ledbit
);
811 set_bit(LED_KANA
, input
->ledbit
);
813 for (i
= 0; i
< sizeof(hidp_keycode
); i
++)
814 set_bit(hidp_keycode
[i
], input
->keybit
);
815 clear_bit(0, input
->keybit
);
818 if (req
->subclass
& 0x80) {
819 input
->evbit
[0] = BIT_MASK(EV_KEY
) | BIT_MASK(EV_REL
);
820 input
->keybit
[BIT_WORD(BTN_MOUSE
)] = BIT_MASK(BTN_LEFT
) |
821 BIT_MASK(BTN_RIGHT
) | BIT_MASK(BTN_MIDDLE
);
822 input
->relbit
[0] = BIT_MASK(REL_X
) | BIT_MASK(REL_Y
);
823 input
->keybit
[BIT_WORD(BTN_MOUSE
)] |= BIT_MASK(BTN_SIDE
) |
825 input
->relbit
[0] |= BIT_MASK(REL_WHEEL
);
828 input
->dev
.parent
= &session
->conn
->dev
;
830 input
->event
= hidp_input_event
;
835 static int hidp_open(struct hid_device
*hid
)
840 static void hidp_close(struct hid_device
*hid
)
844 static int hidp_parse(struct hid_device
*hid
)
846 struct hidp_session
*session
= hid
->driver_data
;
848 return hid_parse_report(session
->hid
, session
->rd_data
,
852 static int hidp_start(struct hid_device
*hid
)
854 struct hidp_session
*session
= hid
->driver_data
;
855 struct hid_report
*report
;
857 if (hid
->quirks
& HID_QUIRK_NO_INIT_REPORTS
)
860 list_for_each_entry(report
, &hid
->report_enum
[HID_INPUT_REPORT
].
862 hidp_send_report(session
, report
);
864 list_for_each_entry(report
, &hid
->report_enum
[HID_FEATURE_REPORT
].
866 hidp_send_report(session
, report
);
871 static void hidp_stop(struct hid_device
*hid
)
873 struct hidp_session
*session
= hid
->driver_data
;
875 skb_queue_purge(&session
->ctrl_transmit
);
876 skb_queue_purge(&session
->intr_transmit
);
881 static struct hid_ll_driver hidp_hid_driver
= {
887 .hidinput_input_event
= hidp_hidinput_event
,
890 /* This function sets up the hid device. It does not add it
891 to the HID system. That is done in hidp_add_connection(). */
892 static int hidp_setup_hid(struct hidp_session
*session
,
893 struct hidp_connadd_req
*req
)
895 struct hid_device
*hid
;
898 session
->rd_data
= kzalloc(req
->rd_size
, GFP_KERNEL
);
899 if (!session
->rd_data
)
902 if (copy_from_user(session
->rd_data
, req
->rd_data
, req
->rd_size
)) {
906 session
->rd_size
= req
->rd_size
;
908 hid
= hid_allocate_device();
916 hid
->driver_data
= session
;
918 hid
->bus
= BUS_BLUETOOTH
;
919 hid
->vendor
= req
->vendor
;
920 hid
->product
= req
->product
;
921 hid
->version
= req
->version
;
922 hid
->country
= req
->country
;
924 strncpy(hid
->name
, req
->name
, sizeof(req
->name
) - 1);
926 snprintf(hid
->phys
, sizeof(hid
->phys
), "%pMR",
927 &bt_sk(session
->ctrl_sock
->sk
)->src
);
929 snprintf(hid
->uniq
, sizeof(hid
->uniq
), "%pMR",
930 &bt_sk(session
->ctrl_sock
->sk
)->dst
);
932 hid
->dev
.parent
= &session
->conn
->dev
;
933 hid
->ll_driver
= &hidp_hid_driver
;
935 hid
->hid_get_raw_report
= hidp_get_raw_report
;
936 hid
->hid_output_raw_report
= hidp_output_raw_report
;
938 /* True if device is blacklisted in drivers/hid/hid-core.c */
939 if (hid_ignore(hid
)) {
940 hid_destroy_device(session
->hid
);
948 kfree(session
->rd_data
);
949 session
->rd_data
= NULL
;
954 int hidp_add_connection(struct hidp_connadd_req
*req
, struct socket
*ctrl_sock
, struct socket
*intr_sock
)
956 struct hidp_session
*session
, *s
;
962 if (!l2cap_is_socket(ctrl_sock
) || !l2cap_is_socket(intr_sock
))
964 if (bacmp(&bt_sk(ctrl_sock
->sk
)->src
, &bt_sk(intr_sock
->sk
)->src
) ||
965 bacmp(&bt_sk(ctrl_sock
->sk
)->dst
, &bt_sk(intr_sock
->sk
)->dst
))
968 BT_DBG("rd_data %p rd_size %d", req
->rd_data
, req
->rd_size
);
970 down_write(&hidp_session_sem
);
972 s
= __hidp_get_session(&bt_sk(ctrl_sock
->sk
)->dst
);
973 if (s
&& s
->state
== BT_CONNECTED
) {
974 up_write(&hidp_session_sem
);
978 session
= kzalloc(sizeof(struct hidp_session
), GFP_KERNEL
);
980 up_write(&hidp_session_sem
);
984 bacpy(&session
->bdaddr
, &bt_sk(ctrl_sock
->sk
)->dst
);
986 session
->ctrl_mtu
= min_t(uint
, l2cap_pi(ctrl_sock
->sk
)->chan
->omtu
,
987 l2cap_pi(ctrl_sock
->sk
)->chan
->imtu
);
988 session
->intr_mtu
= min_t(uint
, l2cap_pi(intr_sock
->sk
)->chan
->omtu
,
989 l2cap_pi(intr_sock
->sk
)->chan
->imtu
);
991 BT_DBG("ctrl mtu %d intr mtu %d", session
->ctrl_mtu
, session
->intr_mtu
);
993 session
->ctrl_sock
= ctrl_sock
;
994 session
->intr_sock
= intr_sock
;
995 session
->state
= BT_CONNECTED
;
997 session
->conn
= hidp_get_connection(session
);
998 if (!session
->conn
) {
1003 setup_timer(&session
->timer
, hidp_idle_timeout
, (unsigned long)session
);
1005 skb_queue_head_init(&session
->ctrl_transmit
);
1006 skb_queue_head_init(&session
->intr_transmit
);
1008 mutex_init(&session
->report_mutex
);
1009 init_waitqueue_head(&session
->report_queue
);
1010 init_waitqueue_head(&session
->startup_queue
);
1011 session
->waiting_for_startup
= 1;
1012 session
->flags
= req
->flags
& (1 << HIDP_BLUETOOTH_VENDOR_ID
);
1013 session
->idle_to
= req
->idle_to
;
1015 list_add(&session
->list
, &hidp_session_list
);
1017 if (req
->rd_size
> 0) {
1018 err
= hidp_setup_hid(session
, req
);
1019 if (err
&& err
!= -ENODEV
)
1023 if (!session
->hid
) {
1024 err
= hidp_setup_input(session
, req
);
1029 hidp_set_timer(session
);
1032 vendor
= session
->hid
->vendor
;
1033 product
= session
->hid
->product
;
1034 } else if (session
->input
) {
1035 vendor
= session
->input
->id
.vendor
;
1036 product
= session
->input
->id
.product
;
1042 session
->task
= kthread_run(hidp_session
, session
, "khidpd_%04x%04x",
1044 if (IS_ERR(session
->task
)) {
1045 err
= PTR_ERR(session
->task
);
1049 while (session
->waiting_for_startup
) {
1050 wait_event_interruptible(session
->startup_queue
,
1051 !session
->waiting_for_startup
);
1055 err
= hid_add_device(session
->hid
);
1057 err
= input_register_device(session
->input
);
1060 atomic_inc(&session
->terminate
);
1061 wake_up_process(session
->task
);
1062 up_write(&hidp_session_sem
);
1066 if (session
->input
) {
1067 hidp_send_ctrl_message(session
,
1068 HIDP_TRANS_SET_PROTOCOL
| HIDP_PROTO_BOOT
, NULL
, 0);
1069 session
->flags
|= (1 << HIDP_BOOT_PROTOCOL_MODE
);
1071 session
->leds
= 0xff;
1072 hidp_input_event(session
->input
, EV_LED
, 0, 0);
1075 up_write(&hidp_session_sem
);
1079 hidp_del_timer(session
);
1081 if (session
->input
) {
1082 input_unregister_device(session
->input
);
1083 session
->input
= NULL
;
1087 hid_destroy_device(session
->hid
);
1088 session
->hid
= NULL
;
1091 kfree(session
->rd_data
);
1092 session
->rd_data
= NULL
;
1095 list_del(&session
->list
);
1097 skb_queue_purge(&session
->ctrl_transmit
);
1098 skb_queue_purge(&session
->intr_transmit
);
1101 up_write(&hidp_session_sem
);
1107 int hidp_del_connection(struct hidp_conndel_req
*req
)
1109 struct hidp_session
*session
;
1114 down_read(&hidp_session_sem
);
1116 session
= __hidp_get_session(&req
->bdaddr
);
1118 if (req
->flags
& (1 << HIDP_VIRTUAL_CABLE_UNPLUG
)) {
1119 hidp_send_ctrl_message(session
,
1120 HIDP_TRANS_HID_CONTROL
| HIDP_CTRL_VIRTUAL_CABLE_UNPLUG
, NULL
, 0);
1122 /* Flush the transmit queues */
1123 skb_queue_purge(&session
->ctrl_transmit
);
1124 skb_queue_purge(&session
->intr_transmit
);
1126 atomic_inc(&session
->terminate
);
1127 wake_up_process(session
->task
);
1132 up_read(&hidp_session_sem
);
1136 int hidp_get_connlist(struct hidp_connlist_req
*req
)
1138 struct hidp_session
*session
;
1143 down_read(&hidp_session_sem
);
1145 list_for_each_entry(session
, &hidp_session_list
, list
) {
1146 struct hidp_conninfo ci
;
1148 __hidp_copy_session(session
, &ci
);
1150 if (copy_to_user(req
->ci
, &ci
, sizeof(ci
))) {
1155 if (++n
>= req
->cnum
)
1162 up_read(&hidp_session_sem
);
1166 int hidp_get_conninfo(struct hidp_conninfo
*ci
)
1168 struct hidp_session
*session
;
1171 down_read(&hidp_session_sem
);
1173 session
= __hidp_get_session(&ci
->bdaddr
);
1175 __hidp_copy_session(session
, ci
);
1179 up_read(&hidp_session_sem
);
1183 static int __init
hidp_init(void)
1185 BT_INFO("HIDP (Human Interface Emulation) ver %s", VERSION
);
1187 return hidp_init_sockets();
1190 static void __exit
hidp_exit(void)
1192 hidp_cleanup_sockets();
1195 module_init(hidp_init
);
1196 module_exit(hidp_exit
);
1198 MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
1199 MODULE_DESCRIPTION("Bluetooth HIDP ver " VERSION
);
1200 MODULE_VERSION(VERSION
);
1201 MODULE_LICENSE("GPL");
1202 MODULE_ALIAS("bt-proto-6");