1 /* $DragonFly: src/sys/netbt/hci_event.c,v 1.2 2008/03/18 13:41:42 hasso Exp $ */
2 /* $OpenBSD: src/sys/netbt/hci_event.c,v 1.7 2008/02/24 21:34:48 uwe Exp $ */
3 /* $NetBSD: hci_event.c,v 1.14 2008/02/10 17:40:54 plunky Exp $ */
6 * Copyright (c) 2005 Iain Hibbert.
7 * Copyright (c) 2006 Itronix Inc.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. The name of Itronix Inc. may not be used to endorse
19 * or promote products derived from this software without specific
20 * prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY ITRONIX INC. ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
24 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
25 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ITRONIX INC. BE LIABLE FOR ANY
26 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
27 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
28 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
29 * ON ANY THEORY OF LIABILITY, WHETHER IN
30 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
31 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
32 * POSSIBILITY OF SUCH DAMAGE.
35 #include <sys/param.h>
36 #include <sys/kernel.h>
37 #include <sys/malloc.h>
40 #include <sys/systm.h>
41 #include <sys/endian.h>
44 #include <netbt/bluetooth.h>
45 #include <netbt/hci.h>
46 #include <netbt/sco.h>
48 static void hci_event_inquiry_result(struct hci_unit *, struct mbuf *);
49 static void hci_event_rssi_result(struct hci_unit *, struct mbuf *);
50 static void hci_event_command_status(struct hci_unit *, struct mbuf *);
51 static void hci_event_command_compl(struct hci_unit *, struct mbuf *);
52 static void hci_event_con_compl(struct hci_unit *, struct mbuf *);
53 static void hci_event_discon_compl(struct hci_unit *, struct mbuf *);
54 static void hci_event_con_req(struct hci_unit *, struct mbuf *);
55 static void hci_event_num_compl_pkts(struct hci_unit *, struct mbuf *);
56 static void hci_event_auth_compl(struct hci_unit *, struct mbuf *);
57 static void hci_event_encryption_change(struct hci_unit *, struct mbuf *);
58 static void hci_event_change_con_link_key_compl(struct hci_unit *, struct mbuf *);
59 static void hci_event_read_clock_offset_compl(struct hci_unit *, struct mbuf *);
60 static void hci_cmd_read_bdaddr(struct hci_unit *, struct mbuf *);
61 static void hci_cmd_read_buffer_size(struct hci_unit *, struct mbuf *);
62 static void hci_cmd_read_local_features(struct hci_unit *, struct mbuf *);
63 static void hci_cmd_read_local_ver(struct hci_unit *, struct mbuf *);
64 static void hci_cmd_read_local_commands(struct hci_unit *, struct mbuf *);
65 static void hci_cmd_reset(struct hci_unit *, struct mbuf *);
67 #ifdef BLUETOOTH_DEBUG
68 int bluetooth_debug = BLUETOOTH_DEBUG;
70 static const char *hci_eventnames[] = {
72 /* 0x01 */ "INQUIRY COMPLETE",
73 /* 0x02 */ "INQUIRY RESULT",
74 /* 0x03 */ "CONN COMPLETE",
75 /* 0x04 */ "CONN REQ",
76 /* 0x05 */ "DISCONN COMPLETE",
77 /* 0x06 */ "AUTH COMPLETE",
78 /* 0x07 */ "REMOTE NAME REQ COMPLETE",
79 /* 0x08 */ "ENCRYPTION CHANGE",
80 /* 0x09 */ "CHANGE CONN LINK KEY COMPLETE",
81 /* 0x0a */ "MASTER LINK KEY COMPLETE",
82 /* 0x0b */ "READ REMOTE FEATURES COMPLETE",
83 /* 0x0c */ "READ REMOTE VERSION INFO COMPLETE",
84 /* 0x0d */ "QoS SETUP COMPLETE",
85 /* 0x0e */ "COMMAND COMPLETE",
86 /* 0x0f */ "COMMAND STATUS",
87 /* 0x10 */ "HARDWARE ERROR",
88 /* 0x11 */ "FLUSH OCCUR",
89 /* 0x12 */ "ROLE CHANGE",
90 /* 0x13 */ "NUM COMPLETED PACKETS",
91 /* 0x14 */ "MODE CHANGE",
92 /* 0x15 */ "RETURN LINK KEYS",
93 /* 0x16 */ "PIN CODE REQ",
94 /* 0x17 */ "LINK KEY REQ",
95 /* 0x18 */ "LINK KEY NOTIFICATION",
96 /* 0x19 */ "LOOPBACK COMMAND",
97 /* 0x1a */ "DATA BUFFER OVERFLOW",
98 /* 0x1b */ "MAX SLOT CHANGE",
99 /* 0x1c */ "READ CLOCK OFFSET COMPLETE",
100 /* 0x1d */ "CONN PKT TYPE CHANGED",
101 /* 0x1e */ "QOS VIOLATION",
102 /* 0x1f */ "PAGE SCAN MODE CHANGE",
103 /* 0x20 */ "PAGE SCAN REP MODE CHANGE",
104 /* 0x21 */ "FLOW SPECIFICATION COMPLETE",
105 /* 0x22 */ "RSSI RESULT",
106 /* 0x23 */ "READ REMOTE EXT FEATURES",
107 /* 0x24 */ "UNKNOWN",
108 /* 0x25 */ "UNKNOWN",
109 /* 0x26 */ "UNKNOWN",
110 /* 0x27 */ "UNKNOWN",
111 /* 0x28 */ "UNKNOWN",
112 /* 0x29 */ "UNKNOWN",
113 /* 0x2a */ "UNKNOWN",
114 /* 0x2b */ "UNKNOWN",
115 /* 0x2c */ "SCO CON COMPLETE",
116 /* 0x2d */ "SCO CON CHANGED",
117 /* 0x2e */ "SNIFF SUBRATING",
118 /* 0x2f */ "EXTENDED INQUIRY RESULT",
119 /* 0x30 */ "ENCRYPTION KEY REFRESH",
120 /* 0x31 */ "IO CAPABILITY REQUEST",
121 /* 0x32 */ "IO CAPABILITY RESPONSE",
122 /* 0x33 */ "USER CONFIRM REQUEST",
123 /* 0x34 */ "USER PASSKEY REQUEST",
124 /* 0x35 */ "REMOTE OOB DATA REQUEST",
125 /* 0x36 */ "SIMPLE PAIRING COMPLETE",
126 /* 0x37 */ "UNKNOWN",
127 /* 0x38 */ "LINK SUPERVISION TIMEOUT CHANGED",
128 /* 0x39 */ "ENHANCED FLUSH COMPLETE",
129 /* 0x3a */ "UNKNOWN",
130 /* 0x3b */ "USER PASSKEY NOTIFICATION",
131 /* 0x3c */ "KEYPRESS NOTIFICATION",
132 /* 0x3d */ "REMOTE HOST FEATURES NOTIFICATION",
136 hci_eventstr(unsigned int event)
139 if (event < (sizeof(hci_eventnames) / sizeof(*hci_eventnames)))
140 return hci_eventnames[event];
143 case HCI_EVENT_BT_LOGO: /* 0xfe */
146 case HCI_EVENT_VENDOR: /* 0xff */
152 #endif /* BLUETOOTH_DEBUG */
157 * We will free the mbuf at the end, no need for any sub
158 * functions to handle that. We kind of assume that the
159 * device sends us valid events.
162 hci_event(struct mbuf *m, struct hci_unit *unit)
166 KKASSERT(m->m_flags & M_PKTHDR);
168 KKASSERT(m->m_pkthdr.len >= sizeof(hdr));
169 m_copydata(m, 0, sizeof(hdr), (caddr_t)&hdr);
170 m_adj(m, sizeof(hdr));
172 KKASSERT(hdr.type == HCI_EVENT_PKT);
174 DPRINTFN(1, "(%s) event %s\n",
175 device_get_nameunit(unit->hci_dev), hci_eventstr(hdr.event));
178 case HCI_EVENT_COMMAND_STATUS:
179 hci_event_command_status(unit, m);
182 case HCI_EVENT_COMMAND_COMPL:
183 hci_event_command_compl(unit, m);
186 case HCI_EVENT_NUM_COMPL_PKTS:
187 hci_event_num_compl_pkts(unit, m);
190 case HCI_EVENT_INQUIRY_RESULT:
191 hci_event_inquiry_result(unit, m);
194 case HCI_EVENT_RSSI_RESULT:
195 hci_event_rssi_result(unit, m);
198 case HCI_EVENT_CON_COMPL:
199 hci_event_con_compl(unit, m);
202 case HCI_EVENT_DISCON_COMPL:
203 hci_event_discon_compl(unit, m);
206 case HCI_EVENT_CON_REQ:
207 hci_event_con_req(unit, m);
210 case HCI_EVENT_AUTH_COMPL:
211 hci_event_auth_compl(unit, m);
214 case HCI_EVENT_ENCRYPTION_CHANGE:
215 hci_event_encryption_change(unit, m);
218 case HCI_EVENT_CHANGE_CON_LINK_KEY_COMPL:
219 hci_event_change_con_link_key_compl(unit, m);
222 case HCI_EVENT_READ_CLOCK_OFFSET_COMPL:
223 hci_event_read_clock_offset_compl(unit, m);
236 * Update our record of num_cmd_pkts then post-process any pending commands
237 * and optionally restart cmd output on the unit.
240 hci_event_command_status(struct hci_unit *unit, struct mbuf *m)
242 hci_command_status_ep ep;
243 struct hci_link *link;
245 KKASSERT(m->m_pkthdr.len >= sizeof(ep));
246 m_copydata(m, 0, sizeof(ep), (caddr_t)&ep);
247 m_adj(m, sizeof(ep));
249 DPRINTFN(1, "(%s) opcode (%03x|%04x) status = 0x%x num_cmd_pkts = %d\n",
250 device_get_nameunit(unit->hci_dev),
251 HCI_OGF(letoh16(ep.opcode)), HCI_OCF(letoh16(ep.opcode)),
256 kprintf("%s: CommandStatus opcode (%03x|%04x) failed "
257 "(status=0x%02x)\n", device_get_nameunit(unit->hci_dev),
258 HCI_OGF(letoh16(ep.opcode)),
259 HCI_OCF(letoh16(ep.opcode)), ep.status);
261 unit->hci_num_cmd_pkts = ep.num_cmd_pkts;
264 * post processing of pending commands
266 switch(letoh16(ep.opcode)) {
267 case HCI_CMD_CREATE_CON:
269 case 0x12: /* Invalid HCI command parameters */
270 DPRINTF("(%s) Invalid HCI command parameters\n",
271 device_get_nameunit(unit->hci_dev));
272 while ((link = hci_link_lookup_state(unit,
273 HCI_LINK_ACL, HCI_LINK_WAIT_CONNECT)) != NULL)
274 hci_link_free(link, ECONNABORTED);
282 while (unit->hci_num_cmd_pkts > 0 && !IF_QEMPTY(&unit->hci_cmdwait)) {
283 IF_DEQUEUE(&unit->hci_cmdwait, m);
284 hci_output_cmd(unit, m);
291 * Update our record of num_cmd_pkts then handle the completed command,
292 * and optionally restart cmd output on the unit.
295 hci_event_command_compl(struct hci_unit *unit, struct mbuf *m)
297 hci_command_compl_ep ep;
300 KKASSERT(m->m_pkthdr.len >= sizeof(ep));
301 m_copydata(m, 0, sizeof(ep), (caddr_t)&ep);
302 m_adj(m, sizeof(ep));
304 DPRINTFN(1, "(%s) opcode (%03x|%04x) num_cmd_pkts = %d\n",
305 device_get_nameunit(unit->hci_dev),
306 HCI_OGF(letoh16(ep.opcode)), HCI_OCF(letoh16(ep.opcode)),
310 * I am not sure if this is completely correct, it is not guaranteed
311 * that a command_complete packet will contain the status though most
314 m_copydata(m, 0, sizeof(rp), (caddr_t)&rp);
316 kprintf("%s: CommandComplete opcode (%03x|%04x) failed (status=0x%02x)\n",
317 device_get_nameunit(unit->hci_dev), HCI_OGF(letoh16(ep.opcode)),
318 HCI_OCF(letoh16(ep.opcode)), rp.status);
320 unit->hci_num_cmd_pkts = ep.num_cmd_pkts;
323 * post processing of completed commands
325 switch(letoh16(ep.opcode)) {
326 case HCI_CMD_READ_BDADDR:
327 hci_cmd_read_bdaddr(unit, m);
330 case HCI_CMD_READ_BUFFER_SIZE:
331 hci_cmd_read_buffer_size(unit, m);
334 case HCI_CMD_READ_LOCAL_FEATURES:
335 hci_cmd_read_local_features(unit, m);
338 case HCI_CMD_READ_LOCAL_VER:
339 hci_cmd_read_local_ver(unit, m);
342 case HCI_CMD_READ_LOCAL_COMMANDS:
343 hci_cmd_read_local_commands(unit, m);
347 hci_cmd_reset(unit, m);
354 while (unit->hci_num_cmd_pkts > 0 && !IF_QEMPTY(&unit->hci_cmdwait)) {
355 IF_DEQUEUE(&unit->hci_cmdwait, m);
356 hci_output_cmd(unit, m);
361 * Number of Completed Packets
363 * This is sent periodically by the Controller telling us how many
364 * buffers are now freed up and which handle was using them. From
365 * this we determine which type of buffer it was and add the qty
366 * back into the relevant packet counter, then restart output on
367 * links that have halted.
370 hci_event_num_compl_pkts(struct hci_unit *unit, struct mbuf *m)
372 hci_num_compl_pkts_ep ep;
373 struct hci_link *link, *next;
374 uint16_t handle, num;
375 int num_acl = 0, num_sco = 0;
377 KKASSERT(m->m_pkthdr.len >= sizeof(ep));
378 m_copydata(m, 0, sizeof(ep), (caddr_t)&ep);
379 m_adj(m, sizeof(ep));
381 while (ep.num_con_handles--) {
382 m_copydata(m, 0, sizeof(handle), (caddr_t)&handle);
383 m_adj(m, sizeof(handle));
384 handle = letoh16(handle);
386 m_copydata(m, 0, sizeof(num), (caddr_t)&num);
387 m_adj(m, sizeof(num));
390 link = hci_link_lookup_handle(unit, handle);
392 if (link->hl_type == HCI_LINK_ACL) {
394 hci_acl_complete(link, num);
397 hci_sco_complete(link, num);
400 /* XXX need to issue Read_Buffer_Size or Reset? */
401 kprintf("%s: unknown handle %d! "
402 "(losing track of %d packet buffer%s)\n",
403 device_get_nameunit(unit->hci_dev), handle,
404 num, (num == 1 ? "" : "s"));
409 * Move up any queued packets. When a link has sent data, it will move
410 * to the back of the queue - technically then if a link had something
411 * to send and there were still buffers available it could get started
412 * twice but it seemed more important to to handle higher loads fairly
413 * than worry about wasting cycles when we are not busy.
416 unit->hci_num_acl_pkts += num_acl;
417 unit->hci_num_sco_pkts += num_sco;
419 link = TAILQ_FIRST(&unit->hci_links);
420 while (link && (unit->hci_num_acl_pkts > 0 || unit->hci_num_sco_pkts > 0)) {
421 next = TAILQ_NEXT(link, hl_next);
423 if (link->hl_type == HCI_LINK_ACL) {
424 if (unit->hci_num_acl_pkts > 0 && link->hl_txqlen > 0)
427 if (unit->hci_num_sco_pkts > 0 && link->hl_txqlen > 0)
438 * keep a note of devices seen, so we know which unit to use
439 * on outgoing connections
442 hci_event_inquiry_result(struct hci_unit *unit, struct mbuf *m)
444 hci_inquiry_result_ep ep;
445 hci_inquiry_response ir;
446 struct hci_memo *memo;
448 KKASSERT(m->m_pkthdr.len >= sizeof(ep));
449 m_copydata(m, 0, sizeof(ep), (caddr_t)&ep);
450 m_adj(m, sizeof(ep));
452 DPRINTFN(1, "(%s) %d response%s\n", device_get_nameunit(unit->hci_dev),
453 ep.num_responses, (ep.num_responses == 1 ? "" : "s"));
455 while(ep.num_responses--) {
456 KKASSERT(m->m_pkthdr.len >= sizeof(ir));
457 m_copydata(m, 0, sizeof(ir), (caddr_t)&ir);
458 m_adj(m, sizeof(ir));
460 DPRINTFN(1, "bdaddr %02x:%02x:%02x:%02x:%02x:%02x\n",
461 ir.bdaddr.b[5], ir.bdaddr.b[4], ir.bdaddr.b[3],
462 ir.bdaddr.b[2], ir.bdaddr.b[1], ir.bdaddr.b[0]);
464 memo = hci_memo_new(unit, &ir.bdaddr);
466 memo->page_scan_rep_mode = ir.page_scan_rep_mode;
467 memo->page_scan_mode = ir.page_scan_mode;
468 memo->clock_offset = ir.clock_offset;
474 * Inquiry Result with RSSI
476 * as above but different packet when RSSI result is enabled
479 hci_event_rssi_result(struct hci_unit *unit, struct mbuf *m)
481 hci_rssi_result_ep ep;
482 hci_rssi_response rr;
483 struct hci_memo *memo;
485 KKASSERT(m->m_pkthdr.len >= sizeof(ep));
486 m_copydata(m, 0, sizeof(ep), (caddr_t)&ep);
487 m_adj(m, sizeof(ep));
489 DPRINTFN(1, "%d response%s\n", ep.num_responses,
490 (ep.num_responses == 1 ? "" : "s"));
492 while(ep.num_responses--) {
493 KKASSERT(m->m_pkthdr.len >= sizeof(rr));
494 m_copydata(m, 0, sizeof(rr), (caddr_t)&rr);
495 m_adj(m, sizeof(rr));
497 DPRINTFN(1, "bdaddr %02x:%02x:%02x:%02x:%02x:%02x\n",
498 rr.bdaddr.b[5], rr.bdaddr.b[4], rr.bdaddr.b[3],
499 rr.bdaddr.b[2], rr.bdaddr.b[1], rr.bdaddr.b[0]);
501 memo = hci_memo_new(unit, &rr.bdaddr);
503 memo->page_scan_rep_mode = rr.page_scan_rep_mode;
504 memo->page_scan_mode = 0;
505 memo->clock_offset = rr.clock_offset;
511 * Connection Complete
513 * Sent to us when a connection is made. If there is no link
514 * structure already allocated for this, we must have changed
515 * our mind, so just disconnect.
518 hci_event_con_compl(struct hci_unit *unit, struct mbuf *m)
521 hci_write_link_policy_settings_cp cp;
522 struct hci_link *link;
525 KKASSERT(m->m_pkthdr.len >= sizeof(ep));
526 m_copydata(m, 0, sizeof(ep), (caddr_t)&ep);
527 m_adj(m, sizeof(ep));
529 DPRINTFN(1, "(%s) %s connection complete for "
530 "%02x:%02x:%02x:%02x:%02x:%02x status %#x\n",
531 device_get_nameunit(unit->hci_dev),
532 (ep.link_type == HCI_LINK_ACL ? "ACL" : "SCO"),
533 ep.bdaddr.b[5], ep.bdaddr.b[4], ep.bdaddr.b[3],
534 ep.bdaddr.b[2], ep.bdaddr.b[1], ep.bdaddr.b[0],
537 link = hci_link_lookup_bdaddr(unit, &ep.bdaddr, ep.link_type);
542 case 0x04: /* "Page Timeout" */
546 case 0x08: /* "Connection Timed Out" */
547 case 0x10: /* "Connection Accept Timeout Exceeded" */
551 case 0x16: /* "Connection Terminated by Local Host" */
560 hci_link_free(link, err);
569 dp.con_handle = ep.con_handle;
570 dp.reason = 0x13; /* "Remote User Terminated Connection" */
572 hci_send_cmd(unit, HCI_CMD_DISCONNECT, &dp, sizeof(dp));
576 /* XXX could check auth_enable here */
578 if (ep.encryption_mode)
579 link->hl_flags |= (HCI_LINK_AUTH | HCI_LINK_ENCRYPT);
581 link->hl_state = HCI_LINK_OPEN;
582 link->hl_handle = HCI_CON_HANDLE(letoh16(ep.con_handle));
584 if (ep.link_type == HCI_LINK_ACL) {
585 cp.con_handle = ep.con_handle;
586 cp.settings = htole16(unit->hci_link_policy);
587 err = hci_send_cmd(unit, HCI_CMD_WRITE_LINK_POLICY_SETTINGS,
590 kprintf("%s: Warning, could not write link policy\n",
591 device_get_nameunit(unit->hci_dev));
593 err = hci_send_cmd(unit, HCI_CMD_READ_CLOCK_OFFSET,
594 &cp.con_handle, sizeof(cp.con_handle));
596 kprintf("%s: Warning, could not read clock offset\n",
597 device_get_nameunit(unit->hci_dev));
599 err = hci_acl_setmode(link);
600 if (err == EINPROGRESS)
603 hci_acl_linkmode(link);
605 (*link->hl_sco->sp_proto->connected)(link->hl_sco->sp_upper);
610 * Disconnection Complete
612 * This is sent in response to a disconnection request, but also if
613 * the remote device goes out of range.
616 hci_event_discon_compl(struct hci_unit *unit, struct mbuf *m)
618 hci_discon_compl_ep ep;
619 struct hci_link *link;
621 KKASSERT(m->m_pkthdr.len >= sizeof(ep));
622 m_copydata(m, 0, sizeof(ep), (caddr_t)&ep);
623 m_adj(m, sizeof(ep));
625 ep.con_handle = letoh16(ep.con_handle);
627 DPRINTFN(1, "(%s) handle #%d, status=0x%x\n",
628 device_get_nameunit(unit->hci_dev), ep.con_handle, ep.status);
630 link = hci_link_lookup_handle(unit, HCI_CON_HANDLE(ep.con_handle));
632 hci_link_free(link, ENOENT); /* XXX NetBSD used ENOLINK here */
638 * We check upstream for appropriate listeners and accept connections
642 hci_event_con_req(struct hci_unit *unit, struct mbuf *m)
645 hci_accept_con_cp ap;
646 hci_reject_con_cp rp;
647 struct hci_link *link;
649 KKASSERT(m->m_pkthdr.len >= sizeof(ep));
650 m_copydata(m, 0, sizeof(ep), (caddr_t)&ep);
651 m_adj(m, sizeof(ep));
653 DPRINTFN(1, "(%s) bdaddr %2.2x:%2.2x:%2.2x:%2.2x:%2.2x:%2.2x "
654 "class %2.2x%2.2x%2.2x type %s\n",
655 device_get_nameunit(unit->hci_dev),
656 ep.bdaddr.b[5], ep.bdaddr.b[4], ep.bdaddr.b[3],
657 ep.bdaddr.b[2], ep.bdaddr.b[1], ep.bdaddr.b[0],
658 ep.uclass[0], ep.uclass[1], ep.uclass[2],
659 ep.link_type == HCI_LINK_ACL ? "ACL" : "SCO");
661 if (ep.link_type == HCI_LINK_ACL)
662 link = hci_acl_newconn(unit, &ep.bdaddr);
664 link = hci_sco_newconn(unit, &ep.bdaddr);
667 memset(&rp, 0, sizeof(rp));
668 bdaddr_copy(&rp.bdaddr, &ep.bdaddr);
669 rp.reason = 0x0f; /* Unacceptable BD_ADDR */
671 hci_send_cmd(unit, HCI_CMD_REJECT_CON, &rp, sizeof(rp));
673 memset(&ap, 0, sizeof(ap));
674 bdaddr_copy(&ap.bdaddr, &ep.bdaddr);
675 if (unit->hci_link_policy & HCI_LINK_POLICY_ENABLE_ROLE_SWITCH)
676 ap.role = HCI_ROLE_MASTER;
678 ap.role = HCI_ROLE_SLAVE;
680 hci_send_cmd(unit, HCI_CMD_ACCEPT_CON, &ap, sizeof(ap));
687 * Authentication has been completed on an ACL link. We can notify the
688 * upper layer protocols unless further mode changes are pending.
691 hci_event_auth_compl(struct hci_unit *unit, struct mbuf *m)
693 hci_auth_compl_ep ep;
694 struct hci_link *link;
697 KKASSERT(m->m_pkthdr.len >= sizeof(ep));
698 m_copydata(m, 0, sizeof(ep), (caddr_t)&ep);
699 m_adj(m, sizeof(ep));
701 ep.con_handle = HCI_CON_HANDLE(letoh16(ep.con_handle));
703 DPRINTFN(1, "(%s) handle #%d, status=0x%x\n",
704 device_get_nameunit(unit->hci_dev), ep.con_handle, ep.status);
706 link = hci_link_lookup_handle(unit, ep.con_handle);
707 if (link == NULL || link->hl_type != HCI_LINK_ACL)
710 if (ep.status == 0) {
711 link->hl_flags |= HCI_LINK_AUTH;
713 if (link->hl_state == HCI_LINK_WAIT_AUTH)
714 link->hl_state = HCI_LINK_OPEN;
716 err = hci_acl_setmode(link);
717 if (err == EINPROGRESS)
721 hci_acl_linkmode(link);
727 * The encryption status has changed. Basically, we note the change
728 * then notify the upper layer protocol unless further mode changes
730 * Note that if encryption gets disabled when it has been requested,
731 * we will attempt to enable it again.. (its a feature not a bug :)
734 hci_event_encryption_change(struct hci_unit *unit, struct mbuf *m)
736 hci_encryption_change_ep ep;
737 struct hci_link *link;
740 KKASSERT(m->m_pkthdr.len >= sizeof(ep));
741 m_copydata(m, 0, sizeof(ep), (caddr_t)&ep);
742 m_adj(m, sizeof(ep));
744 ep.con_handle = HCI_CON_HANDLE(letoh16(ep.con_handle));
746 DPRINTFN(1, "(%s) handle #%d, status=0x%x, encryption_enable=0x%x\n",
747 device_get_nameunit(unit->hci_dev), ep.con_handle, ep.status,
748 ep.encryption_enable);
750 link = hci_link_lookup_handle(unit, ep.con_handle);
751 if (link == NULL || link->hl_type != HCI_LINK_ACL)
754 if (ep.status == 0) {
755 if (ep.encryption_enable == 0)
756 link->hl_flags &= ~HCI_LINK_ENCRYPT;
758 link->hl_flags |= (HCI_LINK_AUTH | HCI_LINK_ENCRYPT);
760 if (link->hl_state == HCI_LINK_WAIT_ENCRYPT)
761 link->hl_state = HCI_LINK_OPEN;
763 err = hci_acl_setmode(link);
764 if (err == EINPROGRESS)
768 hci_acl_linkmode(link);
772 * Change Connection Link Key Complete
774 * Link keys are handled in userland but if we are waiting to secure
775 * this link, we should notify the upper protocols. A SECURE request
776 * only needs a single key change, so we can cancel the request.
779 hci_event_change_con_link_key_compl(struct hci_unit *unit, struct mbuf *m)
781 hci_change_con_link_key_compl_ep ep;
782 struct hci_link *link;
785 KKASSERT(m->m_pkthdr.len >= sizeof(ep));
786 m_copydata(m, 0, sizeof(ep), (caddr_t)&ep);
787 m_adj(m, sizeof(ep));
789 ep.con_handle = HCI_CON_HANDLE(letoh16(ep.con_handle));
791 DPRINTFN(1, "(%s) handle #%d, status=0x%x\n",
792 device_get_nameunit(unit->hci_dev), ep.con_handle, ep.status);
794 link = hci_link_lookup_handle(unit, ep.con_handle);
795 if (link == NULL || link->hl_type != HCI_LINK_ACL)
798 link->hl_flags &= ~HCI_LINK_SECURE_REQ;
800 if (ep.status == 0) {
801 link->hl_flags |= (HCI_LINK_AUTH | HCI_LINK_SECURE);
803 if (link->hl_state == HCI_LINK_WAIT_SECURE)
804 link->hl_state = HCI_LINK_OPEN;
806 err = hci_acl_setmode(link);
807 if (err == EINPROGRESS)
811 hci_acl_linkmode(link);
815 * Read Clock Offset Complete
817 * We keep a note of the clock offset of remote devices when a
818 * link is made, in order to facilitate reconnections to the device
821 hci_event_read_clock_offset_compl(struct hci_unit *unit, struct mbuf *m)
823 hci_read_clock_offset_compl_ep ep;
824 struct hci_link *link;
826 KKASSERT(m->m_pkthdr.len >= sizeof(ep));
827 m_copydata(m, 0, sizeof(ep), (caddr_t)&ep);
828 m_adj(m, sizeof(ep));
830 DPRINTFN(1, "handle #%d, offset=%u, status=0x%x\n",
831 letoh16(ep.con_handle), letoh16(ep.clock_offset), ep.status);
833 ep.con_handle = HCI_CON_HANDLE(letoh16(ep.con_handle));
834 link = hci_link_lookup_handle(unit, ep.con_handle);
836 if (ep.status != 0 || link == NULL)
839 link->hl_clock = ep.clock_offset;
843 * process results of read_bdaddr command_complete event
846 hci_cmd_read_bdaddr(struct hci_unit *unit, struct mbuf *m)
848 hci_read_bdaddr_rp rp;
850 KKASSERT(m->m_pkthdr.len >= sizeof(rp));
851 m_copydata(m, 0, sizeof(rp), (caddr_t)&rp);
852 m_adj(m, sizeof(rp));
857 if ((unit->hci_flags & BTF_INIT_BDADDR) == 0)
860 bdaddr_copy(&unit->hci_bdaddr, &rp.bdaddr);
862 unit->hci_flags &= ~BTF_INIT_BDADDR;
868 * process results of read_buffer_size command_complete event
871 hci_cmd_read_buffer_size(struct hci_unit *unit, struct mbuf *m)
873 hci_read_buffer_size_rp rp;
875 KKASSERT(m->m_pkthdr.len >= sizeof(rp));
876 m_copydata(m, 0, sizeof(rp), (caddr_t)&rp);
877 m_adj(m, sizeof(rp));
882 if ((unit->hci_flags & BTF_INIT_BUFFER_SIZE) == 0)
885 unit->hci_max_acl_size = letoh16(rp.max_acl_size);
886 unit->hci_num_acl_pkts = letoh16(rp.num_acl_pkts);
887 unit->hci_max_sco_size = rp.max_sco_size;
888 unit->hci_num_sco_pkts = letoh16(rp.num_sco_pkts);
890 unit->hci_flags &= ~BTF_INIT_BUFFER_SIZE;
896 * process results of read_local_features command_complete event
899 hci_cmd_read_local_features(struct hci_unit *unit, struct mbuf *m)
901 hci_read_local_features_rp rp;
903 KKASSERT(m->m_pkthdr.len >= sizeof(rp));
904 m_copydata(m, 0, sizeof(rp), (caddr_t)&rp);
905 m_adj(m, sizeof(rp));
910 if ((unit->hci_flags & BTF_INIT_FEATURES) == 0)
913 unit->hci_lmp_mask = 0;
915 if (rp.features[0] & HCI_LMP_ROLE_SWITCH)
916 unit->hci_lmp_mask |= HCI_LINK_POLICY_ENABLE_ROLE_SWITCH;
918 if (rp.features[0] & HCI_LMP_HOLD_MODE)
919 unit->hci_lmp_mask |= HCI_LINK_POLICY_ENABLE_HOLD_MODE;
921 if (rp.features[0] & HCI_LMP_SNIFF_MODE)
922 unit->hci_lmp_mask |= HCI_LINK_POLICY_ENABLE_SNIFF_MODE;
924 if (rp.features[1] & HCI_LMP_PARK_MODE)
925 unit->hci_lmp_mask |= HCI_LINK_POLICY_ENABLE_PARK_MODE;
927 /* ACL packet mask */
928 unit->hci_acl_mask = HCI_PKT_DM1 | HCI_PKT_DH1;
930 if (rp.features[0] & HCI_LMP_3SLOT)
931 unit->hci_acl_mask |= HCI_PKT_DM3 | HCI_PKT_DH3;
933 if (rp.features[0] & HCI_LMP_5SLOT)
934 unit->hci_acl_mask |= HCI_PKT_DM5 | HCI_PKT_DH5;
936 if ((rp.features[3] & HCI_LMP_EDR_ACL_2MBPS) == 0)
937 unit->hci_acl_mask |= HCI_PKT_2MBPS_DH1
941 if ((rp.features[3] & HCI_LMP_EDR_ACL_3MBPS) == 0)
942 unit->hci_acl_mask |= HCI_PKT_3MBPS_DH1
946 if ((rp.features[4] & HCI_LMP_3SLOT_EDR_ACL) == 0)
947 unit->hci_acl_mask |= HCI_PKT_2MBPS_DH3
950 if ((rp.features[5] & HCI_LMP_5SLOT_EDR_ACL) == 0)
951 unit->hci_acl_mask |= HCI_PKT_2MBPS_DH5
954 unit->hci_packet_type = unit->hci_acl_mask;
956 /* SCO packet mask */
957 unit->hci_sco_mask = 0;
958 if (rp.features[1] & HCI_LMP_SCO_LINK)
959 unit->hci_sco_mask |= HCI_PKT_HV1;
961 if (rp.features[1] & HCI_LMP_HV2_PKT)
962 unit->hci_sco_mask |= HCI_PKT_HV2;
964 if (rp.features[1] & HCI_LMP_HV3_PKT)
965 unit->hci_sco_mask |= HCI_PKT_HV3;
967 if (rp.features[3] & HCI_LMP_EV3_PKT)
968 unit->hci_sco_mask |= HCI_PKT_EV3;
970 if (rp.features[4] & HCI_LMP_EV4_PKT)
971 unit->hci_sco_mask |= HCI_PKT_EV4;
973 if (rp.features[4] & HCI_LMP_EV5_PKT)
974 unit->hci_sco_mask |= HCI_PKT_EV5;
976 /* XXX what do 2MBPS/3MBPS/3SLOT eSCO mean? */
978 unit->hci_flags &= ~BTF_INIT_FEATURES;
982 DPRINTFN(1, "%s: lmp_mask %4.4x, acl_mask %4.4x, sco_mask %4.4x\n",
983 device_get_nameunit(unit->hci_dev), unit->hci_lmp_mask,
984 unit->hci_acl_mask, unit->hci_sco_mask);
988 * process results of read_local_ver command_complete event
990 * reading local supported commands is only supported from 1.2 spec
993 hci_cmd_read_local_ver(struct hci_unit *unit, struct mbuf *m)
995 hci_read_local_ver_rp rp;
997 KKASSERT(m->m_pkthdr.len >= sizeof(rp));
998 m_copydata(m, 0, sizeof(rp), (caddr_t)&rp);
999 m_adj(m, sizeof(rp));
1004 if ((unit->hci_flags & BTF_INIT_COMMANDS) == 0)
1007 if (rp.hci_version < HCI_SPEC_V12) {
1008 unit->hci_flags &= ~BTF_INIT_COMMANDS;
1013 hci_send_cmd(unit, HCI_CMD_READ_LOCAL_COMMANDS, NULL, 0);
1017 * process results of read_local_commands command_complete event
1020 hci_cmd_read_local_commands(struct hci_unit *unit, struct mbuf *m)
1022 hci_read_local_commands_rp rp;
1024 KKASSERT(m->m_pkthdr.len >= sizeof(rp));
1025 m_copydata(m, 0, sizeof(rp), (caddr_t)&rp);
1026 m_adj(m, sizeof(rp));
1031 if ((unit->hci_flags & BTF_INIT_COMMANDS) == 0)
1034 unit->hci_flags &= ~BTF_INIT_COMMANDS;
1035 memcpy(unit->hci_cmds, rp.commands, HCI_COMMANDS_SIZE);
1041 * process results of reset command_complete event
1043 * This has killed all the connections, so close down anything we have left,
1044 * and reinitialise the unit.
1047 hci_cmd_reset(struct hci_unit *unit, struct mbuf *m)
1050 struct hci_link *link, *next;
1053 KKASSERT(m->m_pkthdr.len >= sizeof(rp));
1054 m_copydata(m, 0, sizeof(rp), (caddr_t)&rp);
1055 m_adj(m, sizeof(rp));
1061 * release SCO links first, since they may be holding
1062 * an ACL link reference.
1064 for (acl = 0 ; acl < 2 ; acl++) {
1065 next = TAILQ_FIRST(&unit->hci_links);
1066 while ((link = next) != NULL) {
1067 next = TAILQ_NEXT(link, hl_next);
1068 if (acl || link->hl_type != HCI_LINK_ACL)
1069 hci_link_free(link, ECONNABORTED);
1073 unit->hci_num_acl_pkts = 0;
1074 unit->hci_num_sco_pkts = 0;
1076 if (hci_send_cmd(unit, HCI_CMD_READ_BDADDR, NULL, 0))
1079 if (hci_send_cmd(unit, HCI_CMD_READ_BUFFER_SIZE, NULL, 0))
1082 if (hci_send_cmd(unit, HCI_CMD_READ_LOCAL_FEATURES, NULL, 0))
1085 if (hci_send_cmd(unit, HCI_CMD_READ_LOCAL_VER, NULL, 0))
projects / dragonfly.git / blob