3 * BlueZ - Bluetooth protocol stack for Linux
5 * Copyright (C) 2000-2001 Qualcomm Incorporated
6 * Copyright (C) 2002-2003 Maxim Krasnyansky <maxk@qualcomm.com>
7 * Copyright (C) 2002-2009 Marcel Holtmann <marcel@holtmann.org>
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
36 #include <sys/param.h>
37 #include <sys/ioctl.h>
38 #include <sys/socket.h>
40 #include <bluetooth/bluetooth.h>
41 #include <bluetooth/hci.h>
42 #include <bluetooth/hci_lib.h>
43 #include <bluetooth/sdp.h>
47 #include <dbus/dbus.h>
80 static struct g_io_info io_data[HCI_MAX_DEV];
82 static GSList *hci_req_queue = NULL;
84 static struct hci_req_data *hci_req_data_new(int dev_id, const bdaddr_t *dba,
85 uint16_t ogf, uint16_t ocf, int event,
86 const void *cparam, int clen)
88 struct hci_req_data *data;
90 data = g_new0(struct hci_req_data, 1);
92 data->cparam = g_malloc(clen);
93 memcpy(data->cparam, cparam, clen);
95 bacpy(&data->dba, dba);
97 data->dev_id = dev_id;
98 data->status = REQ_PENDING;
107 static int hci_req_find_by_devid(const void *data, const void *user_data)
109 const struct hci_req_data *req = data;
110 const int *dev_id = user_data;
112 return (*dev_id - req->dev_id);
115 static void hci_req_queue_process(int dev_id)
119 /* send the next pending cmd */
120 dd = hci_open_dev(dev_id);
122 error("hci_open_dev(%d): %s (%d)", dev_id, strerror(errno),
128 struct hci_req_data *data;
129 GSList *l = g_slist_find_custom(hci_req_queue, &dev_id, hci_req_find_by_devid);
135 data->status = REQ_SENT;
137 ret_val = hci_send_cmd(dd, data->ogf, data->ocf, data->clen, data->cparam);
139 hci_req_queue = g_slist_remove(hci_req_queue, data);
140 g_free(data->cparam);
144 } while (ret_val < 0);
149 static void hci_req_queue_append(struct hci_req_data *data)
152 struct hci_req_data *match;
155 hci_req_queue = g_slist_append(hci_req_queue, data);
157 l = g_slist_find_custom(hci_req_queue, &data->dev_id, hci_req_find_by_devid);
160 if (match->status == REQ_SENT)
163 hci_req_queue_process(data->dev_id);
166 void hci_req_queue_remove(int dev_id, bdaddr_t *dba)
169 struct hci_req_data *req;
171 for (cur = hci_req_queue; cur != NULL; cur = next) {
174 if ((req->dev_id != dev_id) || (bacmp(&req->dba, dba)))
177 hci_req_queue = g_slist_remove(hci_req_queue, req);
183 static void check_pending_hci_req(int dev_id, int event)
185 struct hci_req_data *data;
191 /* find the first element(pending)*/
192 l = g_slist_find_custom(hci_req_queue, &dev_id, hci_req_find_by_devid);
199 /* skip if there is pending confirmation */
200 if (data->status == REQ_SENT) {
201 if (data->event != event)
204 /* remove the confirmed cmd */
205 hci_req_queue = g_slist_remove(hci_req_queue, data);
206 g_free(data->cparam);
210 hci_req_queue_process(dev_id);
213 static int get_handle(int dev, bdaddr_t *sba, bdaddr_t *dba, uint16_t *handle)
215 struct hci_conn_list_req *cl;
216 struct hci_conn_info *ci;
220 cl = g_malloc0(10 * sizeof(*ci) + sizeof(*cl));
223 cl->dev_id = hci_devid(addr);
227 if (ioctl(dev, HCIGETCONNLIST, (void *) cl) < 0) {
232 for (i = 0; i < cl->conn_num; i++, ci++) {
233 if (bacmp(&ci->bdaddr, dba) == 0) {
234 *handle = ci->handle;
245 static inline int get_bdaddr(int dev, bdaddr_t *sba, uint16_t handle, bdaddr_t *dba)
247 struct hci_conn_list_req *cl;
248 struct hci_conn_info *ci;
252 cl = g_malloc0(10 * sizeof(*ci) + sizeof(*cl));
255 cl->dev_id = hci_devid(addr);
259 if (ioctl(dev, HCIGETCONNLIST, (void *) cl) < 0) {
264 for (i = 0; i < cl->conn_num; i++, ci++)
265 if (ci->handle == handle) {
266 bacpy(dba, &ci->bdaddr);
276 static inline void update_lastseen(bdaddr_t *sba, bdaddr_t *dba)
284 write_lastseen_info(sba, dba, tm);
287 static inline void update_lastused(bdaddr_t *sba, bdaddr_t *dba)
295 write_lastused_info(sba, dba, tm);
298 /* Link Key handling */
300 static void link_key_request(int dev, bdaddr_t *sba, bdaddr_t *dba)
302 struct hci_auth_info_req req;
303 unsigned char key[16];
308 ba2str(sba, sa); ba2str(dba, da);
309 info("link_key_request (sba=%s, dba=%s)", sa, da);
311 memset(&req, 0, sizeof(req));
312 bacpy(&req.bdaddr, dba);
314 err = ioctl(dev, HCIGETAUTHINFO, (unsigned long) &req);
317 debug("HCIGETAUTHINFO failed %s (%d)",
318 strerror(errno), errno);
322 debug("kernel auth requirements = 0x%02x", req.type);
324 err = read_link_key(sba, dba, key, &type);
326 /* Link key not found */
327 hci_send_cmd(dev, OGF_LINK_CTL, OCF_LINK_KEY_NEG_REPLY, 6, dba);
330 link_key_reply_cp lr;
331 memcpy(lr.link_key, key, 16);
332 bacpy(&lr.bdaddr, dba);
334 debug("stored link key type = 0x%02x", type);
336 /* Don't use debug link keys (0x03) and also don't use
337 * unauthenticated combination keys if MITM is required */
338 if (type == 0x03 || (type == 0x04 && req.type != 0xff &&
340 hci_send_cmd(dev, OGF_LINK_CTL,
341 OCF_LINK_KEY_NEG_REPLY, 6, dba);
343 hci_send_cmd(dev, OGF_LINK_CTL, OCF_LINK_KEY_REPLY,
344 LINK_KEY_REPLY_CP_SIZE, &lr);
348 static void link_key_notify(int dev, bdaddr_t *sba, void *ptr)
350 evt_link_key_notify *evt = ptr;
351 bdaddr_t *dba = &evt->bdaddr;
354 unsigned char old_key[16];
355 uint8_t old_key_type;
357 ba2str(sba, sa); ba2str(dba, da);
358 info("link_key_notify (sba=%s, dba=%s, type=%d)", sa, da,
361 err = read_link_key(sba, dba, old_key, &old_key_type);
365 dev_id = hci_devid(sa);
369 err = hcid_dbus_link_key_notify(sba, dba, evt->link_key,
371 io_data[dev_id].pin_length,
377 hcid_dbus_bonding_process_complete(sba, dba,
378 HCI_OE_LOW_RESOURCES);
380 hcid_dbus_bonding_process_complete(sba, dba,
383 if (get_handle(dev, sba, dba, &handle) == 0) {
386 memset(&cp, 0, sizeof(cp));
387 cp.handle = htobs(handle);
388 cp.reason = HCI_OE_LOW_RESOURCES;
390 hci_send_cmd(dev, OGF_LINK_CTL, OCF_DISCONNECT,
391 DISCONNECT_CP_SIZE, &cp);
395 io_data[dev_id].pin_length = -1;
398 static void return_link_keys(int dev, bdaddr_t *sba, void *ptr)
400 evt_return_link_keys *evt = ptr;
401 uint8_t num = evt->num_keys;
402 unsigned char key[16];
410 for (i = 0; i < num; i++) {
411 bacpy(&dba, ptr); ba2str(&dba, da);
412 memcpy(key, ptr + 6, 16);
414 info("return_link_keys (sba=%s, dba=%s)", sa, da);
420 /* Simple Pairing handling */
422 static void user_confirm_request(int dev, bdaddr_t *sba, void *ptr)
424 evt_user_confirm_request *req = ptr;
426 if (hcid_dbus_user_confirm(sba, &req->bdaddr,
427 btohl(req->passkey)) < 0)
428 hci_send_cmd(dev, OGF_LINK_CTL,
429 OCF_USER_CONFIRM_NEG_REPLY, 6, ptr);
432 static void user_passkey_request(int dev, bdaddr_t *sba, void *ptr)
434 evt_user_passkey_request *req = ptr;
436 if (hcid_dbus_user_passkey(sba, &req->bdaddr) < 0)
437 hci_send_cmd(dev, OGF_LINK_CTL,
438 OCF_USER_PASSKEY_NEG_REPLY, 6, ptr);
441 static void user_passkey_notify(int dev, bdaddr_t *sba, void *ptr)
443 evt_user_passkey_notify *req = ptr;
445 hcid_dbus_user_notify(sba, &req->bdaddr, btohl(req->passkey));
448 static void remote_oob_data_request(int dev, bdaddr_t *sba, void *ptr)
450 hci_send_cmd(dev, OGF_LINK_CTL, OCF_REMOTE_OOB_DATA_NEG_REPLY, 6, ptr);
453 static void io_capa_request(int dev, bdaddr_t *sba, bdaddr_t *dba)
458 ba2str(sba, sa); ba2str(dba, da);
459 info("io_capa_request (sba=%s, dba=%s)", sa, da);
461 if (hcid_dbus_get_io_cap(sba, dba, &cap, &auth) < 0) {
462 io_capability_neg_reply_cp cp;
463 memset(&cp, 0, sizeof(cp));
464 bacpy(&cp.bdaddr, dba);
465 cp.reason = HCI_PAIRING_NOT_ALLOWED;
466 hci_send_cmd(dev, OGF_LINK_CTL, OCF_IO_CAPABILITY_NEG_REPLY,
467 IO_CAPABILITY_NEG_REPLY_CP_SIZE, &cp);
469 io_capability_reply_cp cp;
470 memset(&cp, 0, sizeof(cp));
471 bacpy(&cp.bdaddr, dba);
474 cp.authentication = auth;
475 hci_send_cmd(dev, OGF_LINK_CTL, OCF_IO_CAPABILITY_REPLY,
476 IO_CAPABILITY_REPLY_CP_SIZE, &cp);
480 static void io_capa_response(int dev, bdaddr_t *sba, void *ptr)
482 evt_io_capability_response *evt = ptr;
485 ba2str(sba, sa); ba2str(&evt->bdaddr, da);
486 info("io_capa_response (sba=%s, dba=%s)", sa, da);
488 hcid_dbus_set_io_cap(sba, &evt->bdaddr,
489 evt->capability, evt->authentication);
492 /* PIN code handling */
494 void set_pin_length(bdaddr_t *sba, int length)
500 dev_id = hci_devid(addr);
503 io_data[dev_id].pin_length = length;
506 static void pin_code_request(int dev, bdaddr_t *sba, bdaddr_t *dba)
508 pin_code_reply_cp pr;
509 struct hci_conn_info_req *cr;
510 struct hci_conn_info *ci;
511 char sa[18], da[18], pin[17];
514 memset(&pr, 0, sizeof(pr));
515 bacpy(&pr.bdaddr, dba);
517 ba2str(sba, sa); ba2str(dba, da);
518 info("pin_code_request (sba=%s, dba=%s)", sa, da);
520 cr = g_malloc0(sizeof(*cr) + sizeof(*ci));
522 bacpy(&cr->bdaddr, dba);
524 if (ioctl(dev, HCIGETCONNINFO, (unsigned long) cr) < 0) {
525 error("Can't get conn info: %s (%d)", strerror(errno), errno);
530 memset(pin, 0, sizeof(pin));
531 pinlen = read_pin_code(sba, dba, pin);
534 set_pin_length(sba, pinlen);
535 memcpy(pr.pin_code, pin, pinlen);
537 hci_send_cmd(dev, OGF_LINK_CTL, OCF_PIN_CODE_REPLY,
538 PIN_CODE_REPLY_CP_SIZE, &pr);
540 /* Request PIN from passkey agent */
541 if (hcid_dbus_request_pin(dev, sba, ci) < 0)
552 hci_send_cmd(dev, OGF_LINK_CTL, OCF_PIN_CODE_NEG_REPLY, 6, dba);
555 static void start_inquiry(bdaddr_t *local, uint8_t status, gboolean periodic)
557 struct btd_adapter *adapter;
560 /* Don't send the signal if the cmd failed */
562 error("Inquiry Failed with status 0x%02x", status);
566 adapter = manager_find_adapter(local);
568 error("Unable to find matching adapter");
572 state = adapter_get_state(adapter);
574 /* Disable name resolution for non D-Bus clients */
575 if (!adapter_has_discov_sessions(adapter))
576 state &= ~RESOLVE_NAME;
579 state |= PERIODIC_INQUIRY;
580 adapter_set_state(adapter, state);
584 state |= STD_INQUIRY;
585 adapter_set_state(adapter, state);
588 * Cancel pending remote name request and clean the device list
589 * when inquiry is supported in periodic inquiry idle state.
591 if (adapter_get_state(adapter) & PERIODIC_INQUIRY) {
592 pending_remote_name_cancel(adapter);
594 clear_found_devices_list(adapter);
598 static void inquiry_complete(bdaddr_t *local, uint8_t status, gboolean periodic)
600 struct btd_adapter *adapter;
603 /* Don't send the signal if the cmd failed */
605 error("Inquiry Failed with status 0x%02x", status);
609 adapter = manager_find_adapter(local);
611 error("Unable to find matching adapter");
616 * The following scenarios can happen:
617 * 1. standard inquiry: always send discovery completed signal
618 * 2. standard inquiry + name resolving: send discovery completed
619 * after name resolving
620 * 3. periodic inquiry: skip discovery completed signal
621 * 4. periodic inquiry + standard inquiry: always send discovery
624 * Keep in mind that non D-Bus requests can arrive.
627 state = adapter_get_state(adapter);
628 state &= ~PERIODIC_INQUIRY;
629 adapter_set_state(adapter, state);
633 if (adapter_resolve_names(adapter) == 0)
636 state = adapter_get_state(adapter);
638 * workaround to identify situation when there is no devices around
639 * but periodic inquiry is active.
641 if (!(state & STD_INQUIRY) && !(state & PERIODIC_INQUIRY)) {
642 state |= PERIODIC_INQUIRY;
643 adapter_set_state(adapter, state);
647 /* reset the discover type to be able to handle D-Bus and non D-Bus
649 state &= ~STD_INQUIRY;
650 state &= ~PERIODIC_INQUIRY;
651 adapter_set_state(adapter, state);
654 static inline void cmd_status(int dev, bdaddr_t *sba, void *ptr)
656 evt_cmd_status *evt = ptr;
657 uint16_t opcode = btohs(evt->opcode);
659 if (opcode == cmd_opcode_pack(OGF_LINK_CTL, OCF_INQUIRY))
660 start_inquiry(sba, evt->status, FALSE);
663 static inline void cmd_complete(int dev, bdaddr_t *sba, void *ptr)
665 evt_cmd_complete *evt = ptr;
666 uint16_t opcode = btohs(evt->opcode);
667 uint8_t status = *((uint8_t *) ptr + EVT_CMD_COMPLETE_SIZE);
670 case cmd_opcode_pack(OGF_LINK_CTL, OCF_PERIODIC_INQUIRY):
671 start_inquiry(sba, status, TRUE);
673 case cmd_opcode_pack(OGF_LINK_CTL, OCF_EXIT_PERIODIC_INQUIRY):
674 inquiry_complete(sba, status, TRUE);
676 case cmd_opcode_pack(OGF_LINK_CTL, OCF_INQUIRY_CANCEL):
677 inquiry_complete(sba, status, FALSE);
679 case cmd_opcode_pack(OGF_HOST_CTL, OCF_CHANGE_LOCAL_NAME):
680 adapter_setname_complete(sba, status);
682 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE):
683 hcid_dbus_setscan_enable_complete(sba);
685 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_CLASS_OF_DEV):
686 hcid_dbus_write_class_complete(sba);
688 case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_SIMPLE_PAIRING_MODE):
689 hcid_dbus_write_simple_pairing_mode_complete(sba);
691 case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_LOCAL_NAME):
692 ptr += sizeof(evt_cmd_complete);
693 adapter_update_local_name(sba, status, ptr);
698 static inline void remote_name_information(int dev, bdaddr_t *sba, void *ptr)
700 evt_remote_name_req_complete *evt = ptr;
702 char name[MAX_NAME_LENGTH + 1];
704 memset(name, 0, sizeof(name));
705 bacpy(&dba, &evt->bdaddr);
709 memcpy(name, evt->name, MAX_NAME_LENGTH);
710 /* It's ok to cast end between const and non-const since
711 * we know it points to inside of name which is non-const */
712 if (!g_utf8_validate(name, -1, (const char **) &end))
714 write_device_name(sba, &dba, name);
717 hcid_dbus_remote_name(sba, &dba, evt->status, name);
720 static inline void remote_version_information(int dev, bdaddr_t *sba, void *ptr)
722 evt_read_remote_version_complete *evt = ptr;
728 if (get_bdaddr(dev, sba, btohs(evt->handle), &dba) < 0)
731 write_version_info(sba, &dba, btohs(evt->manufacturer),
732 evt->lmp_ver, btohs(evt->lmp_subver));
735 static inline void inquiry_result(int dev, bdaddr_t *sba, int plen, void *ptr)
737 uint8_t num = *(uint8_t *) ptr++;
740 for (i = 0; i < num; i++) {
741 inquiry_info *info = ptr;
742 uint32_t class = info->dev_class[0]
743 | (info->dev_class[1] << 8)
744 | (info->dev_class[2] << 16);
746 hcid_dbus_inquiry_result(sba, &info->bdaddr, class, 0, NULL);
748 update_lastseen(sba, &info->bdaddr);
750 ptr += INQUIRY_INFO_SIZE;
754 static inline void inquiry_result_with_rssi(int dev, bdaddr_t *sba, int plen, void *ptr)
756 uint8_t num = *(uint8_t *) ptr++;
762 if ((plen - 1) / num == INQUIRY_INFO_WITH_RSSI_AND_PSCAN_MODE_SIZE) {
763 for (i = 0; i < num; i++) {
764 inquiry_info_with_rssi_and_pscan_mode *info = ptr;
765 uint32_t class = info->dev_class[0]
766 | (info->dev_class[1] << 8)
767 | (info->dev_class[2] << 16);
769 hcid_dbus_inquiry_result(sba, &info->bdaddr,
770 class, info->rssi, NULL);
772 update_lastseen(sba, &info->bdaddr);
774 ptr += INQUIRY_INFO_WITH_RSSI_AND_PSCAN_MODE_SIZE;
777 for (i = 0; i < num; i++) {
778 inquiry_info_with_rssi *info = ptr;
779 uint32_t class = info->dev_class[0]
780 | (info->dev_class[1] << 8)
781 | (info->dev_class[2] << 16);
783 hcid_dbus_inquiry_result(sba, &info->bdaddr,
784 class, info->rssi, NULL);
786 update_lastseen(sba, &info->bdaddr);
788 ptr += INQUIRY_INFO_WITH_RSSI_SIZE;
793 static inline void extended_inquiry_result(int dev, bdaddr_t *sba, int plen, void *ptr)
795 uint8_t num = *(uint8_t *) ptr++;
798 for (i = 0; i < num; i++) {
799 extended_inquiry_info *info = ptr;
800 uint32_t class = info->dev_class[0]
801 | (info->dev_class[1] << 8)
802 | (info->dev_class[2] << 16);
804 hcid_dbus_inquiry_result(sba, &info->bdaddr, class,
805 info->rssi, info->data);
807 update_lastseen(sba, &info->bdaddr);
809 ptr += EXTENDED_INQUIRY_INFO_SIZE;
813 static inline void remote_features_information(int dev, bdaddr_t *sba, void *ptr)
815 evt_read_remote_features_complete *evt = ptr;
821 if (get_bdaddr(dev, sba, btohs(evt->handle), &dba) < 0)
824 write_features_info(sba, &dba, evt->features);
827 static inline void conn_complete(int dev, int dev_id, bdaddr_t *sba, void *ptr)
829 evt_conn_complete *evt = ptr;
830 char filename[PATH_MAX];
831 remote_name_req_cp cp_name;
832 struct hci_req_data *data;
833 char local_addr[18], peer_addr[18], *str;
835 if (evt->link_type != ACL_LINK)
838 hcid_dbus_conn_complete(sba, evt->status, btohs(evt->handle),
844 update_lastused(sba, &evt->bdaddr);
846 /* Request remote name */
847 memset(&cp_name, 0, sizeof(cp_name));
848 bacpy(&cp_name.bdaddr, &evt->bdaddr);
849 cp_name.pscan_rep_mode = 0x02;
851 data = hci_req_data_new(dev_id, &evt->bdaddr, OGF_LINK_CTL,
852 OCF_REMOTE_NAME_REQ, EVT_REMOTE_NAME_REQ_COMPLETE,
853 &cp_name, REMOTE_NAME_REQ_CP_SIZE);
855 hci_req_queue_append(data);
857 /* check if the remote version needs be requested */
858 ba2str(sba, local_addr);
859 ba2str(&evt->bdaddr, peer_addr);
861 create_name(filename, sizeof(filename), STORAGEDIR, local_addr, "manufacturers");
863 str = textfile_get(filename, peer_addr);
865 read_remote_version_cp cp;
867 memset(&cp, 0, sizeof(cp));
868 cp.handle = evt->handle;
870 data = hci_req_data_new(dev_id, &evt->bdaddr, OGF_LINK_CTL,
871 OCF_READ_REMOTE_VERSION, EVT_READ_REMOTE_VERSION_COMPLETE,
872 &cp, READ_REMOTE_VERSION_CP_SIZE);
874 hci_req_queue_append(data);
879 static inline void disconn_complete(int dev, bdaddr_t *sba, void *ptr)
881 evt_disconn_complete *evt = ptr;
883 hcid_dbus_disconn_complete(sba, evt->status, btohs(evt->handle),
887 static inline void auth_complete(int dev, bdaddr_t *sba, void *ptr)
889 evt_auth_complete *evt = ptr;
892 if (get_bdaddr(dev, sba, btohs(evt->handle), &dba) < 0)
895 hcid_dbus_bonding_process_complete(sba, &dba, evt->status);
898 static inline void simple_pairing_complete(int dev, bdaddr_t *sba, void *ptr)
900 evt_simple_pairing_complete *evt = ptr;
902 hcid_dbus_simple_pairing_complete(sba, &evt->bdaddr, evt->status);
905 static inline void conn_request(int dev, bdaddr_t *sba, void *ptr)
907 evt_conn_request *evt = ptr;
908 uint32_t class = evt->dev_class[0] | (evt->dev_class[1] << 8)
909 | (evt->dev_class[2] << 16);
911 hcid_dbus_remote_class(sba, &evt->bdaddr, class);
913 write_remote_class(sba, &evt->bdaddr, class);
916 static void delete_channel(GIOChannel *chan)
920 /* Look for the GIOChannel in the table */
921 for (i = 0; i < HCI_MAX_DEV; i++)
922 if (io_data[i].channel == chan) {
923 stop_security_manager(i);
927 error("IO channel not found in the io_data table");
930 static gboolean io_security_event(GIOChannel *chan, GIOCondition cond, gpointer data)
932 unsigned char buf[HCI_MAX_EVENT_SIZE], *ptr = buf;
933 struct hci_dev_info *di = data;
940 if (cond & (G_IO_NVAL | G_IO_HUP | G_IO_ERR)) {
941 delete_channel(chan);
945 if ((err = g_io_channel_read(chan, (gchar *) buf, sizeof(buf), &len))) {
946 if (err == G_IO_ERROR_AGAIN)
948 delete_channel(chan);
954 if (type != HCI_EVENT_PKT)
957 eh = (hci_event_hdr *) ptr;
958 ptr += HCI_EVENT_HDR_SIZE;
960 dev = g_io_channel_unix_get_fd(chan);
962 ioctl(dev, HCIGETDEVINFO, (void *) di);
964 if (hci_test_bit(HCI_RAW, &di->flags))
969 cmd_status(dev, &di->bdaddr, ptr);
972 case EVT_CMD_COMPLETE:
973 cmd_complete(dev, &di->bdaddr, ptr);
976 case EVT_REMOTE_NAME_REQ_COMPLETE:
977 remote_name_information(dev, &di->bdaddr, ptr);
980 case EVT_READ_REMOTE_VERSION_COMPLETE:
981 remote_version_information(dev, &di->bdaddr, ptr);
984 case EVT_READ_REMOTE_FEATURES_COMPLETE:
985 remote_features_information(dev, &di->bdaddr, ptr);
988 case EVT_INQUIRY_COMPLETE:
989 evt = (evt_cmd_status *) ptr;
990 inquiry_complete(&di->bdaddr, evt->status, FALSE);
993 case EVT_INQUIRY_RESULT:
994 inquiry_result(dev, &di->bdaddr, eh->plen, ptr);
997 case EVT_INQUIRY_RESULT_WITH_RSSI:
998 inquiry_result_with_rssi(dev, &di->bdaddr, eh->plen, ptr);
1001 case EVT_EXTENDED_INQUIRY_RESULT:
1002 extended_inquiry_result(dev, &di->bdaddr, eh->plen, ptr);
1005 case EVT_CONN_COMPLETE:
1006 conn_complete(dev, di->dev_id, &di->bdaddr, ptr);
1009 case EVT_DISCONN_COMPLETE:
1010 disconn_complete(dev, &di->bdaddr, ptr);
1013 case EVT_AUTH_COMPLETE:
1014 auth_complete(dev, &di->bdaddr, ptr);
1017 case EVT_SIMPLE_PAIRING_COMPLETE:
1018 simple_pairing_complete(dev, &di->bdaddr, ptr);
1021 case EVT_CONN_REQUEST:
1022 conn_request(dev, &di->bdaddr, ptr);
1026 /* Check for pending command request */
1027 check_pending_hci_req(di->dev_id, eh->evt);
1030 case EVT_PIN_CODE_REQ:
1031 pin_code_request(dev, &di->bdaddr, (bdaddr_t *) ptr);
1034 case EVT_LINK_KEY_REQ:
1035 link_key_request(dev, &di->bdaddr, (bdaddr_t *) ptr);
1038 case EVT_LINK_KEY_NOTIFY:
1039 link_key_notify(dev, &di->bdaddr, ptr);
1042 case EVT_RETURN_LINK_KEYS:
1043 return_link_keys(dev, &di->bdaddr, ptr);
1046 case EVT_IO_CAPABILITY_REQUEST:
1047 io_capa_request(dev, &di->bdaddr, (bdaddr_t *) ptr);
1050 case EVT_IO_CAPABILITY_RESPONSE:
1051 io_capa_response(dev, &di->bdaddr, ptr);
1054 case EVT_USER_CONFIRM_REQUEST:
1055 user_confirm_request(dev, &di->bdaddr, ptr);
1058 case EVT_USER_PASSKEY_REQUEST:
1059 user_passkey_request(dev, &di->bdaddr, ptr);
1062 case EVT_USER_PASSKEY_NOTIFY:
1063 user_passkey_notify(dev, &di->bdaddr, ptr);
1066 case EVT_REMOTE_OOB_DATA_REQUEST:
1067 remote_oob_data_request(dev, &di->bdaddr, ptr);
1074 void start_security_manager(int hdev)
1076 GIOChannel *chan = io_data[hdev].channel;
1077 struct hci_dev_info *di;
1078 struct hci_filter flt;
1079 read_stored_link_key_cp cp;
1085 info("Starting security manager %d", hdev);
1087 if ((dev = hci_open_dev(hdev)) < 0) {
1088 error("Can't open device hci%d: %s (%d)",
1089 hdev, strerror(errno), errno);
1094 hci_filter_clear(&flt);
1095 hci_filter_set_ptype(HCI_EVENT_PKT, &flt);
1096 hci_filter_set_event(EVT_CMD_STATUS, &flt);
1097 hci_filter_set_event(EVT_CMD_COMPLETE, &flt);
1098 hci_filter_set_event(EVT_PIN_CODE_REQ, &flt);
1099 hci_filter_set_event(EVT_LINK_KEY_REQ, &flt);
1100 hci_filter_set_event(EVT_LINK_KEY_NOTIFY, &flt);
1101 hci_filter_set_event(EVT_RETURN_LINK_KEYS, &flt);
1102 hci_filter_set_event(EVT_IO_CAPABILITY_REQUEST, &flt);
1103 hci_filter_set_event(EVT_IO_CAPABILITY_RESPONSE, &flt);
1104 hci_filter_set_event(EVT_USER_CONFIRM_REQUEST, &flt);
1105 hci_filter_set_event(EVT_USER_PASSKEY_REQUEST, &flt);
1106 hci_filter_set_event(EVT_REMOTE_OOB_DATA_REQUEST, &flt);
1107 hci_filter_set_event(EVT_USER_PASSKEY_NOTIFY, &flt);
1108 hci_filter_set_event(EVT_KEYPRESS_NOTIFY, &flt);
1109 hci_filter_set_event(EVT_SIMPLE_PAIRING_COMPLETE, &flt);
1110 hci_filter_set_event(EVT_AUTH_COMPLETE, &flt);
1111 hci_filter_set_event(EVT_REMOTE_NAME_REQ_COMPLETE, &flt);
1112 hci_filter_set_event(EVT_READ_REMOTE_VERSION_COMPLETE, &flt);
1113 hci_filter_set_event(EVT_READ_REMOTE_FEATURES_COMPLETE, &flt);
1114 hci_filter_set_event(EVT_REMOTE_HOST_FEATURES_NOTIFY, &flt);
1115 hci_filter_set_event(EVT_INQUIRY_COMPLETE, &flt);
1116 hci_filter_set_event(EVT_INQUIRY_RESULT, &flt);
1117 hci_filter_set_event(EVT_INQUIRY_RESULT_WITH_RSSI, &flt);
1118 hci_filter_set_event(EVT_EXTENDED_INQUIRY_RESULT, &flt);
1119 hci_filter_set_event(EVT_CONN_REQUEST, &flt);
1120 hci_filter_set_event(EVT_CONN_COMPLETE, &flt);
1121 hci_filter_set_event(EVT_DISCONN_COMPLETE, &flt);
1122 if (setsockopt(dev, SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) {
1123 error("Can't set filter on hci%d: %s (%d)",
1124 hdev, strerror(errno), errno);
1129 di = g_new(struct hci_dev_info, 1);
1130 if (hci_devinfo(hdev, di) < 0) {
1131 error("Can't get device info: %s (%d)",
1132 strerror(errno), errno);
1138 chan = g_io_channel_unix_new(dev);
1139 g_io_channel_set_close_on_unref(chan, TRUE);
1140 io_data[hdev].watch_id = g_io_add_watch_full(chan, G_PRIORITY_HIGH,
1141 G_IO_IN | G_IO_NVAL | G_IO_HUP | G_IO_ERR,
1142 io_security_event, di, (GDestroyNotify) g_free);
1143 io_data[hdev].channel = chan;
1144 io_data[hdev].pin_length = -1;
1146 if (hci_test_bit(HCI_RAW, &di->flags))
1149 bacpy(&cp.bdaddr, BDADDR_ANY);
1152 hci_send_cmd(dev, OGF_HOST_CTL, OCF_READ_STORED_LINK_KEY,
1153 READ_STORED_LINK_KEY_CP_SIZE, (void *) &cp);
1156 void stop_security_manager(int hdev)
1158 GIOChannel *chan = io_data[hdev].channel;
1163 info("Stopping security manager %d", hdev);
1165 g_source_remove(io_data[hdev].watch_id);
1166 g_io_channel_unref(io_data[hdev].channel);
1167 io_data[hdev].watch_id = -1;
1168 io_data[hdev].channel = NULL;
1169 io_data[hdev].pin_length = -1;