search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[CAN]: Add raw protocol
[linux-2.6/kvm.git] / net / bluetooth / hidp / core.c
blob782a22602b86cb9bca1838ee7758adbfcd0984f6
1 /*
2 HIDP implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2003-2004 Marcel Holtmann <marcel@holtmann.org>
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21 */
22
23 #include <linux/module.h>
24
25 #include <linux/types.h>
26 #include <linux/errno.h>
27 #include <linux/kernel.h>
28 #include <linux/sched.h>
29 #include <linux/slab.h>
30 #include <linux/poll.h>
31 #include <linux/freezer.h>
32 #include <linux/fcntl.h>
33 #include <linux/skbuff.h>
34 #include <linux/socket.h>
35 #include <linux/ioctl.h>
36 #include <linux/file.h>
37 #include <linux/init.h>
38 #include <linux/wait.h>
39 #include <net/sock.h>
40
41 #include <linux/input.h>
42 #include <linux/hid.h>
43
44 #include <net/bluetooth/bluetooth.h>
45 #include <net/bluetooth/hci_core.h>
46 #include <net/bluetooth/l2cap.h>
47
48 #include "hidp.h"
49
50 #ifndef CONFIG_BT_HIDP_DEBUG
51 #undef BT_DBG
52 #define BT_DBG(D...)
53 #endif
54
55 #define VERSION "1.2"
56
57 static DECLARE_RWSEM(hidp_session_sem);
58 static LIST_HEAD(hidp_session_list);
59
60 static unsigned char hidp_keycode[256] = {
61 0, 0, 0, 0, 30, 48, 46, 32, 18, 33, 34, 35, 23, 36, 37, 38,
62 50, 49, 24, 25, 16, 19, 31, 20, 22, 47, 17, 45, 21, 44, 2, 3,
63 4, 5, 6, 7, 8, 9, 10, 11, 28, 1, 14, 15, 57, 12, 13, 26,
64 27, 43, 43, 39, 40, 41, 51, 52, 53, 58, 59, 60, 61, 62, 63, 64,
65 65, 66, 67, 68, 87, 88, 99, 70,119,110,102,104,111,107,109,106,
66 105,108,103, 69, 98, 55, 74, 78, 96, 79, 80, 81, 75, 76, 77, 71,
67 72, 73, 82, 83, 86,127,116,117,183,184,185,186,187,188,189,190,
68 191,192,193,194,134,138,130,132,128,129,131,137,133,135,136,113,
69 115,114, 0, 0, 0,121, 0, 89, 93,124, 92, 94, 95, 0, 0, 0,
70 122,123, 90, 91, 85, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
71 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
72 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
73 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
74 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
75 29, 42, 56,125, 97, 54,100,126,164,166,165,163,161,115,114,113,
76 150,158,159,128,136,177,178,176,142,152,173,140
77 };
78
79 static unsigned char hidp_mkeyspat[] = { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 };
80
81 static struct hidp_session *__hidp_get_session(bdaddr_t *bdaddr)
82 {
83 struct hidp_session *session;
84 struct list_head *p;
85
86 BT_DBG("");
87
88 list_for_each(p, &hidp_session_list) {
89 session = list_entry(p, struct hidp_session, list);
90 if (!bacmp(bdaddr, &session->bdaddr))
91 return session;
92 }
93 return NULL;
94 }
95
96 static void __hidp_link_session(struct hidp_session *session)
97 {
98 __module_get(THIS_MODULE);
99 list_add(&session->list, &hidp_session_list);
100 }
101
102 static void __hidp_unlink_session(struct hidp_session *session)
103 {
104 list_del(&session->list);
105 module_put(THIS_MODULE);
106 }
107
108 static void __hidp_copy_session(struct hidp_session *session, struct hidp_conninfo *ci)
109 {
110 bacpy(&ci->bdaddr, &session->bdaddr);
111
112 ci->flags = session->flags;
113 ci->state = session->state;
114
115 ci->vendor = 0x0000;
116 ci->product = 0x0000;
117 ci->version = 0x0000;
118 memset(ci->name, 0, 128);
119
120 if (session->input) {
121 ci->vendor = session->input->id.vendor;
122 ci->product = session->input->id.product;
123 ci->version = session->input->id.version;
124 if (session->input->name)
125 strncpy(ci->name, session->input->name, 128);
126 else
127 strncpy(ci->name, "HID Boot Device", 128);
128 }
129
130 if (session->hid) {
131 ci->vendor = session->hid->vendor;
132 ci->product = session->hid->product;
133 ci->version = session->hid->version;
134 strncpy(ci->name, session->hid->name, 128);
135 }
136 }
137
138 static inline int hidp_queue_event(struct hidp_session *session, struct input_dev *dev,
139 unsigned int type, unsigned int code, int value)
140 {
141 unsigned char newleds;
142 struct sk_buff *skb;
143
144 BT_DBG("session %p type %d code %d value %d", session, type, code, value);
145
146 if (type != EV_LED)
147 return -1;
148
149 newleds = (!!test_bit(LED_KANA, dev->led) << 3) |
150 (!!test_bit(LED_COMPOSE, dev->led) << 3) |
151 (!!test_bit(LED_SCROLLL, dev->led) << 2) |
152 (!!test_bit(LED_CAPSL, dev->led) << 1) |
153 (!!test_bit(LED_NUML, dev->led));
154
155 if (session->leds == newleds)
156 return 0;
157
158 session->leds = newleds;
159
160 if (!(skb = alloc_skb(3, GFP_ATOMIC))) {
161 BT_ERR("Can't allocate memory for new frame");
162 return -ENOMEM;
163 }
164
165 *skb_put(skb, 1) = HIDP_TRANS_DATA | HIDP_DATA_RTYPE_OUPUT;
166 *skb_put(skb, 1) = 0x01;
167 *skb_put(skb, 1) = newleds;
168
169 skb_queue_tail(&session->intr_transmit, skb);
170
171 hidp_schedule(session);
172
173 return 0;
174 }
175
176 static int hidp_hidinput_event(struct input_dev *dev, unsigned int type, unsigned int code, int value)
177 {
178 struct hid_device *hid = input_get_drvdata(dev);
179 struct hidp_session *session = hid->driver_data;
180
181 return hidp_queue_event(session, dev, type, code, value);
182 }
183
184 static int hidp_input_event(struct input_dev *dev, unsigned int type, unsigned int code, int value)
185 {
186 struct hidp_session *session = input_get_drvdata(dev);
187
188 return hidp_queue_event(session, dev, type, code, value);
189 }
190
191 static void hidp_input_report(struct hidp_session *session, struct sk_buff *skb)
192 {
193 struct input_dev *dev = session->input;
194 unsigned char *keys = session->keys;
195 unsigned char *udata = skb->data + 1;
196 signed char *sdata = skb->data + 1;
197 int i, size = skb->len - 1;
198
199 switch (skb->data[0]) {
200 case 0x01: /* Keyboard report */
201 for (i = 0; i < 8; i++)
202 input_report_key(dev, hidp_keycode[i + 224], (udata[0] >> i) & 1);
203
204 /* If all the key codes have been set to 0x01, it means
205 * too many keys were pressed at the same time. */
206 if (!memcmp(udata + 2, hidp_mkeyspat, 6))
207 break;
208
209 for (i = 2; i < 8; i++) {
210 if (keys[i] > 3 && memscan(udata + 2, keys[i], 6) == udata + 8) {
211 if (hidp_keycode[keys[i]])
212 input_report_key(dev, hidp_keycode[keys[i]], 0);
213 else
214 BT_ERR("Unknown key (scancode %#x) released.", keys[i]);
215 }
216
217 if (udata[i] > 3 && memscan(keys + 2, udata[i], 6) == keys + 8) {
218 if (hidp_keycode[udata[i]])
219 input_report_key(dev, hidp_keycode[udata[i]], 1);
220 else
221 BT_ERR("Unknown key (scancode %#x) pressed.", udata[i]);
222 }
223 }
224
225 memcpy(keys, udata, 8);
226 break;
227
228 case 0x02: /* Mouse report */
229 input_report_key(dev, BTN_LEFT, sdata[0] & 0x01);
230 input_report_key(dev, BTN_RIGHT, sdata[0] & 0x02);
231 input_report_key(dev, BTN_MIDDLE, sdata[0] & 0x04);
232 input_report_key(dev, BTN_SIDE, sdata[0] & 0x08);
233 input_report_key(dev, BTN_EXTRA, sdata[0] & 0x10);
234
235 input_report_rel(dev, REL_X, sdata[1]);
236 input_report_rel(dev, REL_Y, sdata[2]);
237
238 if (size > 3)
239 input_report_rel(dev, REL_WHEEL, sdata[3]);
240 break;
241 }
242
243 input_sync(dev);
244 }
245
246 static inline int hidp_queue_report(struct hidp_session *session, unsigned char *data, int size)
247 {
248 struct sk_buff *skb;
249
250 BT_DBG("session %p hid %p data %p size %d", session, session->hid, data, size);
251
252 if (!(skb = alloc_skb(size + 1, GFP_ATOMIC))) {
253 BT_ERR("Can't allocate memory for new frame");
254 return -ENOMEM;
255 }
256
257 *skb_put(skb, 1) = 0xa2;
258 if (size > 0)
259 memcpy(skb_put(skb, size), data, size);
260
261 skb_queue_tail(&session->intr_transmit, skb);
262
263 hidp_schedule(session);
264
265 return 0;
266 }
267
268 static int hidp_send_report(struct hidp_session *session, struct hid_report *report)
269 {
270 unsigned char buf[32];
271 int rsize;
272
273 rsize = ((report->size - 1) >> 3) + 1 + (report->id > 0);
274 if (rsize > sizeof(buf))
275 return -EIO;
276
277 hid_output_report(report, buf);
278
279 return hidp_queue_report(session, buf, rsize);
280 }
281
282 static void hidp_idle_timeout(unsigned long arg)
283 {
284 struct hidp_session *session = (struct hidp_session *) arg;
285
286 atomic_inc(&session->terminate);
287 hidp_schedule(session);
288 }
289
290 static inline void hidp_set_timer(struct hidp_session *session)
291 {
292 if (session->idle_to > 0)
293 mod_timer(&session->timer, jiffies + HZ * session->idle_to);
294 }
295
296 static inline void hidp_del_timer(struct hidp_session *session)
297 {
298 if (session->idle_to > 0)
299 del_timer(&session->timer);
300 }
301
302 static int __hidp_send_ctrl_message(struct hidp_session *session,
303 unsigned char hdr, unsigned char *data, int size)
304 {
305 struct sk_buff *skb;
306
307 BT_DBG("session %p data %p size %d", session, data, size);
308
309 if (!(skb = alloc_skb(size + 1, GFP_ATOMIC))) {
310 BT_ERR("Can't allocate memory for new frame");
311 return -ENOMEM;
312 }
313
314 *skb_put(skb, 1) = hdr;
315 if (data && size > 0)
316 memcpy(skb_put(skb, size), data, size);
317
318 skb_queue_tail(&session->ctrl_transmit, skb);
319
320 return 0;
321 }
322
323 static inline int hidp_send_ctrl_message(struct hidp_session *session,
324 unsigned char hdr, unsigned char *data, int size)
325 {
326 int err;
327
328 err = __hidp_send_ctrl_message(session, hdr, data, size);
329
330 hidp_schedule(session);
331
332 return err;
333 }
334
335 static inline void hidp_process_handshake(struct hidp_session *session, unsigned char param)
336 {
337 BT_DBG("session %p param 0x%02x", session, param);
338
339 switch (param) {
340 case HIDP_HSHK_SUCCESSFUL:
341 /* FIXME: Call into SET_ GET_ handlers here */
342 break;
343
344 case HIDP_HSHK_NOT_READY:
345 case HIDP_HSHK_ERR_INVALID_REPORT_ID:
346 case HIDP_HSHK_ERR_UNSUPPORTED_REQUEST:
347 case HIDP_HSHK_ERR_INVALID_PARAMETER:
348 /* FIXME: Call into SET_ GET_ handlers here */
349 break;
350
351 case HIDP_HSHK_ERR_UNKNOWN:
352 break;
353
354 case HIDP_HSHK_ERR_FATAL:
355 /* Device requests a reboot, as this is the only way this error
356 * can be recovered. */
357 __hidp_send_ctrl_message(session,
358 HIDP_TRANS_HID_CONTROL | HIDP_CTRL_SOFT_RESET, NULL, 0);
359 break;
360
361 default:
362 __hidp_send_ctrl_message(session,
363 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0);
364 break;
365 }
366 }
367
368 static inline void hidp_process_hid_control(struct hidp_session *session, unsigned char param)
369 {
370 BT_DBG("session %p param 0x%02x", session, param);
371
372 switch (param) {
373 case HIDP_CTRL_NOP:
374 break;
375
376 case HIDP_CTRL_VIRTUAL_CABLE_UNPLUG:
377 /* Flush the transmit queues */
378 skb_queue_purge(&session->ctrl_transmit);
379 skb_queue_purge(&session->intr_transmit);
380
381 /* Kill session thread */
382 atomic_inc(&session->terminate);
383 break;
384
385 case HIDP_CTRL_HARD_RESET:
386 case HIDP_CTRL_SOFT_RESET:
387 case HIDP_CTRL_SUSPEND:
388 case HIDP_CTRL_EXIT_SUSPEND:
389 /* FIXME: We have to parse these and return no error */
390 break;
391
392 default:
393 __hidp_send_ctrl_message(session,
394 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0);
395 break;
396 }
397 }
398
399 static inline void hidp_process_data(struct hidp_session *session, struct sk_buff *skb, unsigned char param)
400 {
401 BT_DBG("session %p skb %p len %d param 0x%02x", session, skb, skb->len, param);
402
403 switch (param) {
404 case HIDP_DATA_RTYPE_INPUT:
405 hidp_set_timer(session);
406
407 if (session->input)
408 hidp_input_report(session, skb);
409
410 if (session->hid)
411 hid_input_report(session->hid, HID_INPUT_REPORT, skb->data, skb->len, 0);
412
413 break;
414
415 case HIDP_DATA_RTYPE_OTHER:
416 case HIDP_DATA_RTYPE_OUPUT:
417 case HIDP_DATA_RTYPE_FEATURE:
418 break;
419
420 default:
421 __hidp_send_ctrl_message(session,
422 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0);
423 }
424 }
425
426 static inline void hidp_recv_ctrl_frame(struct hidp_session *session, struct sk_buff *skb)
427 {
428 unsigned char hdr, type, param;
429
430 BT_DBG("session %p skb %p len %d", session, skb, skb->len);
431
432 hdr = skb->data[0];
433 skb_pull(skb, 1);
434
435 type = hdr & HIDP_HEADER_TRANS_MASK;
436 param = hdr & HIDP_HEADER_PARAM_MASK;
437
438 switch (type) {
439 case HIDP_TRANS_HANDSHAKE:
440 hidp_process_handshake(session, param);
441 break;
442
443 case HIDP_TRANS_HID_CONTROL:
444 hidp_process_hid_control(session, param);
445 break;
446
447 case HIDP_TRANS_DATA:
448 hidp_process_data(session, skb, param);
449 break;
450
451 default:
452 __hidp_send_ctrl_message(session,
453 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_UNSUPPORTED_REQUEST, NULL, 0);
454 break;
455 }
456
457 kfree_skb(skb);
458 }
459
460 static inline void hidp_recv_intr_frame(struct hidp_session *session, struct sk_buff *skb)
461 {
462 unsigned char hdr;
463
464 BT_DBG("session %p skb %p len %d", session, skb, skb->len);
465
466 hdr = skb->data[0];
467 skb_pull(skb, 1);
468
469 if (hdr == (HIDP_TRANS_DATA | HIDP_DATA_RTYPE_INPUT)) {
470 hidp_set_timer(session);
471
472 if (session->input)
473 hidp_input_report(session, skb);
474
475 if (session->hid) {
476 hid_input_report(session->hid, HID_INPUT_REPORT, skb->data, skb->len, 1);
477 BT_DBG("report len %d", skb->len);
478 }
479 } else {
480 BT_DBG("Unsupported protocol header 0x%02x", hdr);
481 }
482
483 kfree_skb(skb);
484 }
485
486 static int hidp_send_frame(struct socket *sock, unsigned char *data, int len)
487 {
488 struct kvec iv = { data, len };
489 struct msghdr msg;
490
491 BT_DBG("sock %p data %p len %d", sock, data, len);
492
493 if (!len)
494 return 0;
495
496 memset(&msg, 0, sizeof(msg));
497
498 return kernel_sendmsg(sock, &msg, &iv, 1, len);
499 }
500
501 static void hidp_process_transmit(struct hidp_session *session)
502 {
503 struct sk_buff *skb;
504
505 BT_DBG("session %p", session);
506
507 while ((skb = skb_dequeue(&session->ctrl_transmit))) {
508 if (hidp_send_frame(session->ctrl_sock, skb->data, skb->len) < 0) {
509 skb_queue_head(&session->ctrl_transmit, skb);
510 break;
511 }
512
513 hidp_set_timer(session);
514 kfree_skb(skb);
515 }
516
517 while ((skb = skb_dequeue(&session->intr_transmit))) {
518 if (hidp_send_frame(session->intr_sock, skb->data, skb->len) < 0) {
519 skb_queue_head(&session->intr_transmit, skb);
520 break;
521 }
522
523 hidp_set_timer(session);
524 kfree_skb(skb);
525 }
526 }
527
528 static int hidp_session(void *arg)
529 {
530 struct hidp_session *session = arg;
531 struct sock *ctrl_sk = session->ctrl_sock->sk;
532 struct sock *intr_sk = session->intr_sock->sk;
533 struct sk_buff *skb;
534 int vendor = 0x0000, product = 0x0000;
535 wait_queue_t ctrl_wait, intr_wait;
536
537 BT_DBG("session %p", session);
538
539 if (session->input) {
540 vendor = session->input->id.vendor;
541 product = session->input->id.product;
542 }
543
544 if (session->hid) {
545 vendor = session->hid->vendor;
546 product = session->hid->product;
547 }
548
549 daemonize("khidpd_%04x%04x", vendor, product);
550 set_user_nice(current, -15);
551
552 init_waitqueue_entry(&ctrl_wait, current);
553 init_waitqueue_entry(&intr_wait, current);
554 add_wait_queue(ctrl_sk->sk_sleep, &ctrl_wait);
555 add_wait_queue(intr_sk->sk_sleep, &intr_wait);
556 while (!atomic_read(&session->terminate)) {
557 set_current_state(TASK_INTERRUPTIBLE);
558
559 if (ctrl_sk->sk_state != BT_CONNECTED || intr_sk->sk_state != BT_CONNECTED)
560 break;
561
562 while ((skb = skb_dequeue(&ctrl_sk->sk_receive_queue))) {
563 skb_orphan(skb);
564 hidp_recv_ctrl_frame(session, skb);
565 }
566
567 while ((skb = skb_dequeue(&intr_sk->sk_receive_queue))) {
568 skb_orphan(skb);
569 hidp_recv_intr_frame(session, skb);
570 }
571
572 hidp_process_transmit(session);
573
574 schedule();
575 }
576 set_current_state(TASK_RUNNING);
577 remove_wait_queue(intr_sk->sk_sleep, &intr_wait);
578 remove_wait_queue(ctrl_sk->sk_sleep, &ctrl_wait);
579
580 down_write(&hidp_session_sem);
581
582 hidp_del_timer(session);
583
584 if (session->input) {
585 input_unregister_device(session->input);
586 session->input = NULL;
587 }
588
589 if (session->hid) {
590 if (session->hid->claimed & HID_CLAIMED_INPUT)
591 hidinput_disconnect(session->hid);
592 hid_free_device(session->hid);
593 }
594
595 fput(session->intr_sock->file);
596
597 wait_event_timeout(*(ctrl_sk->sk_sleep),
598 (ctrl_sk->sk_state == BT_CLOSED), msecs_to_jiffies(500));
599
600 fput(session->ctrl_sock->file);
601
602 __hidp_unlink_session(session);
603
604 up_write(&hidp_session_sem);
605
606 kfree(session);
607 return 0;
608 }
609
610 static struct device *hidp_get_device(struct hidp_session *session)
611 {
612 bdaddr_t *src = &bt_sk(session->ctrl_sock->sk)->src;
613 bdaddr_t *dst = &bt_sk(session->ctrl_sock->sk)->dst;
614 struct hci_dev *hdev;
615 struct hci_conn *conn;
616
617 hdev = hci_get_route(dst, src);
618 if (!hdev)
619 return NULL;
620
621 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst);
622
623 hci_dev_put(hdev);
624
625 return conn ? &conn->dev : NULL;
626 }
627
628 static inline int hidp_setup_input(struct hidp_session *session, struct hidp_connadd_req *req)
629 {
630 struct input_dev *input = session->input;
631 int i;
632
633 input_set_drvdata(input, session);
634
635 input->name = "Bluetooth HID Boot Protocol Device";
636
637 input->id.bustype = BUS_BLUETOOTH;
638 input->id.vendor = req->vendor;
639 input->id.product = req->product;
640 input->id.version = req->version;
641
642 if (req->subclass & 0x40) {
643 set_bit(EV_KEY, input->evbit);
644 set_bit(EV_LED, input->evbit);
645 set_bit(EV_REP, input->evbit);
646
647 set_bit(LED_NUML, input->ledbit);
648 set_bit(LED_CAPSL, input->ledbit);
649 set_bit(LED_SCROLLL, input->ledbit);
650 set_bit(LED_COMPOSE, input->ledbit);
651 set_bit(LED_KANA, input->ledbit);
652
653 for (i = 0; i < sizeof(hidp_keycode); i++)
654 set_bit(hidp_keycode[i], input->keybit);
655 clear_bit(0, input->keybit);
656 }
657
658 if (req->subclass & 0x80) {
659 input->evbit[0] = BIT_MASK(EV_KEY) | BIT_MASK(EV_REL);
660 input->keybit[BIT_WORD(BTN_MOUSE)] = BIT_MASK(BTN_LEFT) |
661 BIT_MASK(BTN_RIGHT) | BIT_MASK(BTN_MIDDLE);
662 input->relbit[0] = BIT_MASK(REL_X) | BIT_MASK(REL_Y);
663 input->keybit[BIT_WORD(BTN_MOUSE)] |= BIT_MASK(BTN_SIDE) |
664 BIT_MASK(BTN_EXTRA);
665 input->relbit[0] |= BIT_MASK(REL_WHEEL);
666 }
667
668 input->dev.parent = hidp_get_device(session);
669
670 input->event = hidp_input_event;
671
672 return input_register_device(input);
673 }
674
675 static int hidp_open(struct hid_device *hid)
676 {
677 return 0;
678 }
679
680 static void hidp_close(struct hid_device *hid)
681 {
682 }
683
684 static const struct {
685 __u16 idVendor;
686 __u16 idProduct;
687 unsigned quirks;
688 } hidp_blacklist[] = {
689 /* Apple wireless Mighty Mouse */
690 { 0x05ac, 0x030c, HID_QUIRK_MIGHTYMOUSE | HID_QUIRK_INVERT_HWHEEL },
691
692 { } /* Terminating entry */
693 };
694
695 static void hidp_setup_quirks(struct hid_device *hid)
696 {
697 unsigned int n;
698
699 for (n = 0; hidp_blacklist[n].idVendor; n++)
700 if (hidp_blacklist[n].idVendor == le16_to_cpu(hid->vendor) &&
701 hidp_blacklist[n].idProduct == le16_to_cpu(hid->product))
702 hid->quirks = hidp_blacklist[n].quirks;
703 }
704
705 static inline void hidp_setup_hid(struct hidp_session *session, struct hidp_connadd_req *req)
706 {
707 struct hid_device *hid = session->hid;
708 struct hid_report *report;
709 bdaddr_t src, dst;
710
711 baswap(&src, &bt_sk(session->ctrl_sock->sk)->src);
712 baswap(&dst, &bt_sk(session->ctrl_sock->sk)->dst);
713
714 hid->driver_data = session;
715
716 hid->country = req->country;
717
718 hid->bus = BUS_BLUETOOTH;
719 hid->vendor = req->vendor;
720 hid->product = req->product;
721 hid->version = req->version;
722
723 strncpy(hid->name, req->name, 128);
724 strncpy(hid->phys, batostr(&src), 64);
725 strncpy(hid->uniq, batostr(&dst), 64);
726
727 hid->dev = hidp_get_device(session);
728
729 hid->hid_open = hidp_open;
730 hid->hid_close = hidp_close;
731
732 hid->hidinput_input_event = hidp_hidinput_event;
733
734 hidp_setup_quirks(hid);
735
736 list_for_each_entry(report, &hid->report_enum[HID_INPUT_REPORT].report_list, list)
737 hidp_send_report(session, report);
738
739 list_for_each_entry(report, &hid->report_enum[HID_FEATURE_REPORT].report_list, list)
740 hidp_send_report(session, report);
741
742 if (hidinput_connect(hid) == 0)
743 hid->claimed |= HID_CLAIMED_INPUT;
744 }
745
746 int hidp_add_connection(struct hidp_connadd_req *req, struct socket *ctrl_sock, struct socket *intr_sock)
747 {
748 struct hidp_session *session, *s;
749 int err;
750
751 BT_DBG("");
752
753 if (bacmp(&bt_sk(ctrl_sock->sk)->src, &bt_sk(intr_sock->sk)->src) ||
754 bacmp(&bt_sk(ctrl_sock->sk)->dst, &bt_sk(intr_sock->sk)->dst))
755 return -ENOTUNIQ;
756
757 session = kzalloc(sizeof(struct hidp_session), GFP_KERNEL);
758 if (!session)
759 return -ENOMEM;
760
761 BT_DBG("rd_data %p rd_size %d", req->rd_data, req->rd_size);
762
763 if (req->rd_size > 0) {
764 unsigned char *buf = kmalloc(req->rd_size, GFP_KERNEL);
765
766 if (!buf) {
767 kfree(session);
768 return -ENOMEM;
769 }
770
771 if (copy_from_user(buf, req->rd_data, req->rd_size)) {
772 kfree(buf);
773 kfree(session);
774 return -EFAULT;
775 }
776
777 session->hid = hid_parse_report(buf, req->rd_size);
778
779 kfree(buf);
780
781 if (!session->hid) {
782 kfree(session);
783 return -EINVAL;
784 }
785 }
786
787 if (!session->hid) {
788 session->input = input_allocate_device();
789 if (!session->input) {
790 kfree(session);
791 return -ENOMEM;
792 }
793 }
794
795 down_write(&hidp_session_sem);
796
797 s = __hidp_get_session(&bt_sk(ctrl_sock->sk)->dst);
798 if (s && s->state == BT_CONNECTED) {
799 err = -EEXIST;
800 goto failed;
801 }
802
803 bacpy(&session->bdaddr, &bt_sk(ctrl_sock->sk)->dst);
804
805 session->ctrl_mtu = min_t(uint, l2cap_pi(ctrl_sock->sk)->omtu, l2cap_pi(ctrl_sock->sk)->imtu);
806 session->intr_mtu = min_t(uint, l2cap_pi(intr_sock->sk)->omtu, l2cap_pi(intr_sock->sk)->imtu);
807
808 BT_DBG("ctrl mtu %d intr mtu %d", session->ctrl_mtu, session->intr_mtu);
809
810 session->ctrl_sock = ctrl_sock;
811 session->intr_sock = intr_sock;
812 session->state = BT_CONNECTED;
813
814 setup_timer(&session->timer, hidp_idle_timeout, (unsigned long)session);
815
816 skb_queue_head_init(&session->ctrl_transmit);
817 skb_queue_head_init(&session->intr_transmit);
818
819 session->flags = req->flags & (1 << HIDP_BLUETOOTH_VENDOR_ID);
820 session->idle_to = req->idle_to;
821
822 if (session->input) {
823 err = hidp_setup_input(session, req);
824 if (err < 0)
825 goto failed;
826 }
827
828 if (session->hid)
829 hidp_setup_hid(session, req);
830
831 __hidp_link_session(session);
832
833 hidp_set_timer(session);
834
835 err = kernel_thread(hidp_session, session, CLONE_KERNEL);
836 if (err < 0)
837 goto unlink;
838
839 if (session->input) {
840 hidp_send_ctrl_message(session,
841 HIDP_TRANS_SET_PROTOCOL | HIDP_PROTO_BOOT, NULL, 0);
842 session->flags |= (1 << HIDP_BOOT_PROTOCOL_MODE);
843
844 session->leds = 0xff;
845 hidp_input_event(session->input, EV_LED, 0, 0);
846 }
847
848 up_write(&hidp_session_sem);
849 return 0;
850
851 unlink:
852 hidp_del_timer(session);
853
854 __hidp_unlink_session(session);
855
856 if (session->input) {
857 input_unregister_device(session->input);
858 session->input = NULL; /* don't try to free it here */
859 }
860
861 failed:
862 up_write(&hidp_session_sem);
863
864 if (session->hid)
865 hid_free_device(session->hid);
866
867 input_free_device(session->input);
868 kfree(session);
869 return err;
870 }
871
872 int hidp_del_connection(struct hidp_conndel_req *req)
873 {
874 struct hidp_session *session;
875 int err = 0;
876
877 BT_DBG("");
878
879 down_read(&hidp_session_sem);
880
881 session = __hidp_get_session(&req->bdaddr);
882 if (session) {
883 if (req->flags & (1 << HIDP_VIRTUAL_CABLE_UNPLUG)) {
884 hidp_send_ctrl_message(session,
885 HIDP_TRANS_HID_CONTROL | HIDP_CTRL_VIRTUAL_CABLE_UNPLUG, NULL, 0);
886 } else {
887 /* Flush the transmit queues */
888 skb_queue_purge(&session->ctrl_transmit);
889 skb_queue_purge(&session->intr_transmit);
890
891 /* Kill session thread */
892 atomic_inc(&session->terminate);
893 hidp_schedule(session);
894 }
895 } else
896 err = -ENOENT;
897
898 up_read(&hidp_session_sem);
899 return err;
900 }
901
902 int hidp_get_connlist(struct hidp_connlist_req *req)
903 {
904 struct list_head *p;
905 int err = 0, n = 0;
906
907 BT_DBG("");
908
909 down_read(&hidp_session_sem);
910
911 list_for_each(p, &hidp_session_list) {
912 struct hidp_session *session;
913 struct hidp_conninfo ci;
914
915 session = list_entry(p, struct hidp_session, list);
916
917 __hidp_copy_session(session, &ci);
918
919 if (copy_to_user(req->ci, &ci, sizeof(ci))) {
920 err = -EFAULT;
921 break;
922 }
923
924 if (++n >= req->cnum)
925 break;
926
927 req->ci++;
928 }
929 req->cnum = n;
930
931 up_read(&hidp_session_sem);
932 return err;
933 }
934
935 int hidp_get_conninfo(struct hidp_conninfo *ci)
936 {
937 struct hidp_session *session;
938 int err = 0;
939
940 down_read(&hidp_session_sem);
941
942 session = __hidp_get_session(&ci->bdaddr);
943 if (session)
944 __hidp_copy_session(session, ci);
945 else
946 err = -ENOENT;
947
948 up_read(&hidp_session_sem);
949 return err;
950 }
951
952 static int __init hidp_init(void)
953 {
954 l2cap_load();
955
956 BT_INFO("HIDP (Human Interface Emulation) ver %s", VERSION);
957
958 return hidp_init_sockets();
959 }
960
961 static void __exit hidp_exit(void)
962 {
963 hidp_cleanup_sockets();
964 }
965
966 module_init(hidp_init);
967 module_exit(hidp_exit);
968
969 MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
970 MODULE_DESCRIPTION("Bluetooth HIDP ver " VERSION);
971 MODULE_VERSION(VERSION);
972 MODULE_LICENSE("GPL");
973 MODULE_ALIAS("bt-proto-6");
kernel-based virtual machine