/hw/bt-hci.c - Annotate - qemu - Greek Research and Technology Network's projects

balrog

/*

2

4e38eb54

balrog

 * QEMU Bluetooth HCI logic.

3

4e38eb54

balrog

4

4e38eb54

balrog

 * Copyright (C) 2007 OpenMoko, Inc.

5

4e38eb54

balrog

 * Copyright (C) 2008 Andrzej Zaborowski  <balrog@zabor.org>

6

4e38eb54

balrog

7

4e38eb54

balrog

 * This program is free software; you can redistribute it and/or

8

4e38eb54

balrog

 * modify it under the terms of the GNU General Public License as

9

4e38eb54

balrog

 * published by the Free Software Foundation; either version 2 of

10

4e38eb54

balrog

 * the License, or (at your option) any later version.

11

4e38eb54

balrog

12

4e38eb54

balrog

 * This program is distributed in the hope that it will be useful,

13

4e38eb54

balrog

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

14

4e38eb54

balrog

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

15

4e38eb54

balrog

 * GNU General Public License for more details.

16

4e38eb54

balrog

17

4e38eb54

balrog

 * You should have received a copy of the GNU General Public License

19

4e38eb54

balrog

*/

20

4e38eb54

balrog

21

4e38eb54

balrog

#include "qemu-common.h"

22

4e38eb54

balrog

#include "qemu-timer.h"

23

4e38eb54

balrog

#include "usb.h"

24

4e38eb54

balrog

#include "net.h"

25

4e38eb54

balrog

#include "bt.h"

26

4e38eb54

balrog

27

4e38eb54

balrog

struct bt_hci_s {

28

4e38eb54

balrog

    uint8_t *(*evt_packet)(void *opaque);

29

4e38eb54

balrog

    void (*evt_submit)(void *opaque, int len);

30

4e38eb54

balrog

    void *opaque;

31

4e38eb54

balrog

    uint8_t evt_buf[256];

32

4e38eb54

balrog

33

4e38eb54

balrog

    uint8_t acl_buf[4096];

34

4e38eb54

balrog

    int acl_len;

35

4e38eb54

balrog

36

4e38eb54

balrog

    uint16_t asb_handle;

37

4e38eb54

balrog

    uint16_t psb_handle;

38

4e38eb54

balrog

39

4e38eb54

balrog

    int last_cmd;        /* Note: Always little-endian */

40

4e38eb54

balrog

41

4e38eb54

balrog

    struct bt_device_s *conn_req_host;

42

4e38eb54

balrog

43

4e38eb54

balrog

    struct {

44

4e38eb54

balrog

        int inquire;

45

4e38eb54

balrog

        int periodic;

46

4e38eb54

balrog

        int responses_left;

47

4e38eb54

balrog

        int responses;

48

4e38eb54

balrog

        QEMUTimer *inquiry_done;

49

4e38eb54

balrog

        QEMUTimer *inquiry_next;

50

4e38eb54

balrog

        int inquiry_length;

51

4e38eb54

balrog

        int inquiry_period;

52

4e38eb54

balrog

        int inquiry_mode;

53

4e38eb54

balrog

54

4e38eb54

balrog

#define HCI_HANDLE_OFFSET        0x20

55

4e38eb54

balrog

#define HCI_HANDLES_MAX                0x10

56

4e38eb54

balrog

        struct bt_hci_master_link_s {

57

4e38eb54

balrog

            struct bt_link_s *link;

58

4e38eb54

balrog

            void (*lmp_acl_data)(struct bt_link_s *link,

59

4e38eb54

balrog

                            const uint8_t *data, int start, int len);

60

4e38eb54

balrog

            QEMUTimer *acl_mode_timer;

61

4e38eb54

balrog

        } handle[HCI_HANDLES_MAX];

62

4e38eb54

balrog

        uint32_t role_bmp;

63

4e38eb54

balrog

        int last_handle;

64

4e38eb54

balrog

        int connecting;

66

4e38eb54

balrog

    } lm;

67

4e38eb54

balrog

68

4e38eb54

balrog

    uint8_t event_mask[8];

69

4e38eb54

balrog

    uint16_t voice_setting;        /* Notw: Always little-endian */

70

4e38eb54

balrog

    uint16_t conn_accept_tout;

71

4e38eb54

balrog

    QEMUTimer *conn_accept_timer;

72

4e38eb54

balrog

73

4e38eb54

balrog

    struct HCIInfo info;

74

4e38eb54

balrog

    struct bt_device_s device;

75

4e38eb54

balrog

};

76

4e38eb54

balrog

77

4e38eb54

balrog

#define DEFAULT_RSSI_DBM        20

78

4e38eb54

balrog

79

4e38eb54

balrog

#define hci_from_info(ptr)        container_of((ptr), struct bt_hci_s, info)

80

4e38eb54

balrog

#define hci_from_device(ptr)        container_of((ptr), struct bt_hci_s, device)

81

4e38eb54

balrog

82

4e38eb54

balrog

struct bt_hci_link_s {

83

4e38eb54

balrog

    struct bt_link_s btlink;

84

4e38eb54

balrog

    uint16_t handle;        /* Local */

85

4e38eb54

balrog

};

86

4e38eb54

balrog

87

4e38eb54

balrog

/* LMP layer emulation */

90

4e38eb54

balrog

91

4e38eb54

balrog

    int resp, resplen, error, op, tr;

92

4e38eb54

balrog

    uint8_t respdata[17];

93

4e38eb54

balrog

94

4e38eb54

balrog

    if (length < 1)

95

4e38eb54

balrog

        return;

96

4e38eb54

balrog

97

4e38eb54

balrog

    tr = *data & 1;

98

4e38eb54

balrog

    op = *(data ++) >> 1;

99

4e38eb54

balrog

    resp = LMP_ACCEPTED;

100

4e38eb54

balrog

    resplen = 2;

101

4e38eb54

balrog

    respdata[1] = op;

102

4e38eb54

balrog

    error = 0;

103

4e38eb54

balrog

    length --;

104

4e38eb54

balrog

105

4e38eb54

balrog

    if (op >= 0x7c) {        /* Extended opcode */

106

4e38eb54

balrog

        op |= *(data ++) << 8;

107

4e38eb54

balrog

        resp = LMP_ACCEPTED_EXT;

108

4e38eb54

balrog

        resplen = 4;

109

4e38eb54

balrog

        respdata[0] = op >> 8;

110

4e38eb54

balrog

        respdata[1] = op & 0xff;

111

4e38eb54

balrog

        length --;

112

4e38eb54

balrog

113

4e38eb54

balrog

114

4e38eb54

balrog

    switch (op) {

115

4e38eb54

balrog

    case LMP_ACCEPTED:

116

4e38eb54

balrog

        /* data[0]        Op code

117

4e38eb54

balrog

*/

118

4e38eb54

balrog

        if (length < 1) {

119

4e38eb54

balrog

            error = HCI_UNSUPPORTED_LMP_PARAMETER_VALUE;

120

4e38eb54

balrog

            goto not_accepted;

121

4e38eb54

balrog

122

4e38eb54

balrog

        resp = 0;

123

4e38eb54

balrog

        break;

124

4e38eb54

balrog

125

4e38eb54

balrog

    case LMP_ACCEPTED_EXT:

126

4e38eb54

balrog

        /* data[0]        Escape op code

127

4e38eb54

balrog

         * data[1]        Extended op code

128

4e38eb54

balrog

*/

129

4e38eb54

balrog

        if (length < 2) {

130

4e38eb54

balrog

            error = HCI_UNSUPPORTED_LMP_PARAMETER_VALUE;

131

4e38eb54

balrog

            goto not_accepted;

132

4e38eb54

balrog

133

4e38eb54

balrog

        resp = 0;

134

4e38eb54

balrog

        break;

135

4e38eb54

balrog

136

4e38eb54

balrog

    case LMP_NOT_ACCEPTED:

137

4e38eb54

balrog

        /* data[0]        Op code

138

4e38eb54

balrog

         * data[1]        Error code

139

4e38eb54

balrog

*/

140

4e38eb54

balrog

        if (length < 2) {

141

4e38eb54

balrog

            error = HCI_UNSUPPORTED_LMP_PARAMETER_VALUE;

142

4e38eb54

balrog

            goto not_accepted;

143

4e38eb54

balrog

144

4e38eb54

balrog

        resp = 0;

145

4e38eb54

balrog

        break;

146

4e38eb54

balrog

147

4e38eb54

balrog

    case LMP_NOT_ACCEPTED_EXT:

148

4e38eb54

balrog

        /* data[0]        Op code

149

4e38eb54

balrog

         * data[1]        Extended op code

150

4e38eb54

balrog

         * data[2]        Error code

151

4e38eb54

balrog

*/

152

4e38eb54

balrog

        if (length < 3) {

153

4e38eb54

balrog

            error = HCI_UNSUPPORTED_LMP_PARAMETER_VALUE;

154

4e38eb54

balrog

            goto not_accepted;

155

4e38eb54

balrog

156

4e38eb54

balrog

        resp = 0;

157

4e38eb54

balrog

        break;

158

4e38eb54

balrog

159

4e38eb54

balrog

    case LMP_HOST_CONNECTION_REQ:

160

4e38eb54

balrog

        break;

161

4e38eb54

balrog

162

4e38eb54

balrog

    case LMP_SETUP_COMPLETE:

163

4e38eb54

balrog

        resp = LMP_SETUP_COMPLETE;

164

4e38eb54

balrog

        resplen = 1;

165

4e38eb54

balrog

        bt->setup = 1;

166

4e38eb54

balrog

        break;

167

4e38eb54

balrog

168

4e38eb54

balrog

    case LMP_DETACH:

169

4e38eb54

balrog

        /* data[0]        Error code

170

4e38eb54

balrog

*/

171

4e38eb54

balrog

        if (length < 1) {

172

4e38eb54

balrog

            error = HCI_UNSUPPORTED_LMP_PARAMETER_VALUE;

173

4e38eb54

balrog

            goto not_accepted;

174

4e38eb54

balrog

175

4e38eb54

balrog

        bt->setup = 0;

176

4e38eb54

balrog

        resp = 0;

177

4e38eb54

balrog

        break;

178

4e38eb54

balrog

179

4e38eb54

balrog

    case LMP_SUPERVISION_TIMEOUT:

180

4e38eb54

balrog

        /* data[0,1]        Supervision timeout

181

4e38eb54

balrog

*/

182

4e38eb54

balrog

        if (length < 2) {

183

4e38eb54

balrog

            error = HCI_UNSUPPORTED_LMP_PARAMETER_VALUE;

184

4e38eb54

balrog

            goto not_accepted;

185

4e38eb54

balrog

186

4e38eb54

balrog

        resp = 0;

187

4e38eb54

balrog

        break;

188

4e38eb54

balrog

189

4e38eb54

balrog

    case LMP_QUALITY_OF_SERVICE:

190

4e38eb54

balrog

        resp = 0;

191

4e38eb54

balrog

        /* Fall through */

192

4e38eb54

balrog

    case LMP_QOS_REQ:

193

4e38eb54

balrog

        /* data[0,1]        Poll interval

194

4e38eb54

balrog

         * data[2]        N(BC)

195

4e38eb54

balrog

*/

196

4e38eb54

balrog

        if (length < 3) {

197

4e38eb54

balrog

            error = HCI_UNSUPPORTED_LMP_PARAMETER_VALUE;

198

4e38eb54

balrog

            goto not_accepted;

199

4e38eb54

balrog

200

4e38eb54

balrog

        break;

201

4e38eb54

balrog

202

4e38eb54

balrog

    case LMP_MAX_SLOT:

203

4e38eb54

balrog

        resp = 0;

204

4e38eb54

balrog

        /* Fall through */

205

4e38eb54

balrog

    case LMP_MAX_SLOT_REQ:

206

4e38eb54

balrog

        /* data[0]        Max slots

207

4e38eb54

balrog

*/

208

4e38eb54

balrog

        if (length < 1) {

209

4e38eb54

balrog

            error = HCI_UNSUPPORTED_LMP_PARAMETER_VALUE;

210

4e38eb54

balrog

            goto not_accepted;

211

4e38eb54

balrog

212

4e38eb54

balrog

        break;

213

4e38eb54

balrog

214

4e38eb54

balrog

    case LMP_AU_RAND:

215

4e38eb54

balrog

    case LMP_IN_RAND:

216

4e38eb54

balrog

    case LMP_COMB_KEY:

217

4e38eb54

balrog

        /* data[0-15]        Random number

218

4e38eb54

balrog

*/

219

4e38eb54

balrog

        if (length < 16) {

220

4e38eb54

balrog

            error = HCI_UNSUPPORTED_LMP_PARAMETER_VALUE;

221

4e38eb54

balrog

            goto not_accepted;

222

4e38eb54

balrog

223

4e38eb54

balrog

        if (op == LMP_AU_RAND) {

224

4e38eb54

balrog

            if (bt->key_present) {

225

4e38eb54

balrog

                resp = LMP_SRES;

226

4e38eb54

balrog

                resplen = 5;

227

4e38eb54

balrog

                /* XXX: [Part H] Section 6.1 on page 801 */

228

4e38eb54

balrog

            } else {

229

4e38eb54

balrog

                error = HCI_PIN_OR_KEY_MISSING;

230

4e38eb54

balrog

                goto not_accepted;

231

4e38eb54

balrog

232

4e38eb54

balrog

        } else if (op == LMP_IN_RAND) {

233

4e38eb54

balrog

            error = HCI_PAIRING_NOT_ALLOWED;

234

4e38eb54

balrog

            goto not_accepted;

235

4e38eb54

balrog

        } else {

236

4e38eb54

balrog

            /* XXX: [Part H] Section 3.2 on page 779 */

237

4e38eb54

balrog

            resp = LMP_UNIT_KEY;

238

4e38eb54

balrog

            resplen = 17;

239

4e38eb54

balrog

            memcpy(respdata + 1, bt->key, 16);

240

4e38eb54

balrog

241

4e38eb54

balrog

            error = HCI_UNIT_LINK_KEY_USED;

242

4e38eb54

balrog

            goto not_accepted;

243

4e38eb54

balrog

244

4e38eb54

balrog

        break;

245

4e38eb54

balrog

246

4e38eb54

balrog

    case LMP_UNIT_KEY:

247

4e38eb54

balrog

        /* data[0-15]        Key

248

4e38eb54

balrog

*/

249

4e38eb54

balrog

        if (length < 16) {

250

4e38eb54

balrog

            error = HCI_UNSUPPORTED_LMP_PARAMETER_VALUE;

251

4e38eb54

balrog

            goto not_accepted;

252

4e38eb54

balrog

253

4e38eb54

balrog

        memcpy(bt->key, data, 16);

254

4e38eb54

balrog

        bt->key_present = 1;

255

4e38eb54

balrog

        break;

256

4e38eb54

balrog

257

4e38eb54

balrog

    case LMP_SRES:

258

4e38eb54

balrog

        /* data[0-3]        Authentication response

259

4e38eb54

balrog

*/

260

4e38eb54

balrog

        if (length < 4) {

261

4e38eb54

balrog

            error = HCI_UNSUPPORTED_LMP_PARAMETER_VALUE;

262

4e38eb54

balrog

            goto not_accepted;

263

4e38eb54

balrog

264

4e38eb54

balrog

        break;

265

4e38eb54

balrog

266

4e38eb54

balrog

    case LMP_CLKOFFSET_REQ:

267

4e38eb54

balrog

        resp = LMP_CLKOFFSET_RES;

268

4e38eb54

balrog

        resplen = 3;

269

4e38eb54

balrog

        respdata[1] = 0x33;

270

4e38eb54

balrog

        respdata[2] = 0x33;

271

4e38eb54

balrog

        break;

272

4e38eb54

balrog

273

4e38eb54

balrog

    case LMP_CLKOFFSET_RES:

274

4e38eb54

balrog

        /* data[0,1]        Clock offset

275

4e38eb54

balrog

         * (Slave to master only)

276

4e38eb54

balrog

*/

277

4e38eb54

balrog

        if (length < 2) {

278

4e38eb54

balrog

            error = HCI_UNSUPPORTED_LMP_PARAMETER_VALUE;

279

4e38eb54

balrog

            goto not_accepted;

280

4e38eb54

balrog

281

4e38eb54

balrog

        break;

282

4e38eb54

balrog

283

4e38eb54

balrog

    case LMP_VERSION_REQ:

284

4e38eb54

balrog

    case LMP_VERSION_RES:

285

4e38eb54

balrog

        /* data[0]        VersNr

286

4e38eb54

balrog

         * data[1,2]        CompId

287

4e38eb54

balrog

         * data[3,4]        SubVersNr

288

4e38eb54

balrog

*/

289

4e38eb54

balrog

        if (length < 5) {

290

4e38eb54

balrog

            error = HCI_UNSUPPORTED_LMP_PARAMETER_VALUE;

291

4e38eb54

balrog

            goto not_accepted;

292

4e38eb54

balrog

293

4e38eb54

balrog

        if (op == LMP_VERSION_REQ) {

294

4e38eb54

balrog

            resp = LMP_VERSION_RES;

295

4e38eb54

balrog

            resplen = 6;

296

4e38eb54

balrog

            respdata[1] = 0x20;

297

4e38eb54

balrog

            respdata[2] = 0xff;

298

4e38eb54

balrog

            respdata[3] = 0xff;

299

4e38eb54

balrog

            respdata[4] = 0xff;

300

4e38eb54

balrog

            respdata[5] = 0xff;

301

4e38eb54

balrog

        } else

302

4e38eb54

balrog

            resp = 0;

303

4e38eb54

balrog

        break;

304

4e38eb54

balrog

305

4e38eb54

balrog

    case LMP_FEATURES_REQ:

306

4e38eb54

balrog

    case LMP_FEATURES_RES:

307

4e38eb54

balrog

        /* data[0-7]        Features

308

4e38eb54

balrog

*/

309

4e38eb54

balrog

        if (length < 8) {

310

4e38eb54

balrog

            error = HCI_UNSUPPORTED_LMP_PARAMETER_VALUE;

311

4e38eb54

balrog

            goto not_accepted;

312

4e38eb54

balrog

313

4e38eb54

balrog

        if (op == LMP_FEATURES_REQ) {

314

4e38eb54

balrog

            resp = LMP_FEATURES_RES;

315

4e38eb54

balrog

            resplen = 9;

316

4e38eb54

balrog

            respdata[1] = (bt->lmp_caps >> 0) & 0xff;

317

4e38eb54

balrog

            respdata[2] = (bt->lmp_caps >> 8) & 0xff;

318

4e38eb54

balrog

            respdata[3] = (bt->lmp_caps >> 16) & 0xff;

319

4e38eb54

balrog

            respdata[4] = (bt->lmp_caps >> 24) & 0xff;

320

4e38eb54

balrog

            respdata[5] = (bt->lmp_caps >> 32) & 0xff;

321

4e38eb54

balrog

            respdata[6] = (bt->lmp_caps >> 40) & 0xff;

322

4e38eb54

balrog

            respdata[7] = (bt->lmp_caps >> 48) & 0xff;

323

4e38eb54

balrog

            respdata[8] = (bt->lmp_caps >> 56) & 0xff;

324

4e38eb54

balrog

        } else

325

4e38eb54

balrog

            resp = 0;

326

4e38eb54

balrog

        break;

327

4e38eb54

balrog

328

4e38eb54

balrog

    case LMP_NAME_REQ:

329

4e38eb54

balrog

        /* data[0]        Name offset

330

4e38eb54

balrog

*/

331

4e38eb54

balrog

        if (length < 1) {

332

4e38eb54

balrog

            error = HCI_UNSUPPORTED_LMP_PARAMETER_VALUE;

333

4e38eb54

balrog

            goto not_accepted;

334

4e38eb54

balrog

335

4e38eb54

balrog

        resp = LMP_NAME_RES;

336

4e38eb54

balrog

        resplen = 17;

337

4e38eb54

balrog

        respdata[1] = data[0];

338

4e38eb54

balrog

        respdata[2] = strlen(bt->lmp_name);

339

4e38eb54

balrog

        memset(respdata + 3, 0x00, 14);

340

4e38eb54

balrog

        if (respdata[2] > respdata[1])

341

4e38eb54

balrog

            memcpy(respdata + 3, bt->lmp_name + respdata[1],

342

4e38eb54

balrog

                            respdata[2] - respdata[1]);

343

4e38eb54

balrog

        break;

344

4e38eb54

balrog

345

4e38eb54

balrog

    case LMP_NAME_RES:

346

4e38eb54

balrog

        /* data[0]        Name offset

347

4e38eb54

balrog

         * data[1]        Name length

348

4e38eb54

balrog

         * data[2-15]        Name fragment

349

4e38eb54

balrog

*/

350

4e38eb54

balrog

        if (length < 16) {

351

4e38eb54

balrog

            error = HCI_UNSUPPORTED_LMP_PARAMETER_VALUE;

352

4e38eb54

balrog

            goto not_accepted;

353

4e38eb54

balrog

354

4e38eb54

balrog

        resp = 0;

355

4e38eb54

balrog

        break;

356

4e38eb54

balrog

357

4e38eb54

balrog

    default:

358

4e38eb54

balrog

        error = HCI_UNKNOWN_LMP_PDU;

359

4e38eb54

balrog

        /* Fall through */

360

4e38eb54

balrog

    not_accepted:

361

4e38eb54

balrog

        if (op >> 8) {

362

4e38eb54

balrog

            resp = LMP_NOT_ACCEPTED_EXT;

363

4e38eb54

balrog

            resplen = 5;

364

4e38eb54

balrog

            respdata[0] = op >> 8;

365

4e38eb54

balrog

            respdata[1] = op & 0xff;

366

4e38eb54

balrog

            respdata[2] = error;

367

4e38eb54

balrog

        } else {

368

4e38eb54

balrog

            resp = LMP_NOT_ACCEPTED;

369

4e38eb54

balrog

            resplen = 3;

370

4e38eb54

balrog

            respdata[0] = op & 0xff;

371

4e38eb54

balrog

            respdata[1] = error;

372

4e38eb54

balrog

373

4e38eb54

balrog

374

4e38eb54

balrog

375

4e38eb54

balrog

    if (resp == 0)

376

4e38eb54

balrog

        return;

377

4e38eb54

balrog

378

4e38eb54

balrog

    if (resp >> 8) {

379

4e38eb54

balrog

        respdata[0] = resp >> 8;

380

4e38eb54

balrog

        respdata[1] = resp & 0xff;

381

4e38eb54

balrog

    } else

382

4e38eb54

balrog

        respdata[0] = resp & 0xff;

383

4e38eb54

balrog

384

4e38eb54

balrog

    respdata[0] <<= 1;

385

4e38eb54

balrog

    respdata[0] |= tr;

386

4e38eb54

balrog

387

4e38eb54

balrog

389

4e38eb54

balrog

390

4e38eb54

balrog

    struct bt_device_s *slave;

391

4e38eb54

balrog

    if (length < 1)

392

4e38eb54

balrog

        return;

393

4e38eb54

balrog

394

4e38eb54

balrog

    slave = 0;

395

4e38eb54

balrog

#if 0

396

4e38eb54

balrog

    slave = net->slave;

397

4e38eb54

balrog

#endif

398

4e38eb54

balrog

399

4e38eb54

balrog

    switch (data[0] & 3) {

400

4e38eb54

balrog

    case LLID_ACLC:

401

4e38eb54

balrog

        bt_submit_lmp(slave, length - 1, data + 1);

402

4e38eb54

balrog

        break;

403

4e38eb54

balrog

    case LLID_ACLU_START:

404

4e38eb54

balrog

#if 0

405

4e38eb54

balrog

        bt_sumbit_l2cap(slave, length - 1, data + 1, (data[0] >> 2) & 1);

406

4e38eb54

balrog

        breka;

407

4e38eb54

balrog

#endif

408

4e38eb54

balrog

    default:

409

4e38eb54

balrog

    case LLID_ACLU_CONT:

410

4e38eb54

balrog

        break;

411

4e38eb54

balrog

412

4e38eb54

balrog

414

4e38eb54

balrog

415

4e38eb54

balrog

/* HCI layer emulation */

416

4e38eb54

balrog

417

4e38eb54

balrog

/* Note: we could ignore endiannes because unswapped handles will still

418

4e38eb54

balrog

 * be valid as connection identifiers for the guest - they don't have to

419

4e38eb54

balrog

 * be continuously allocated.  We do it though, to preserve similar

420

4e38eb54

balrog

 * behaviour between hosts.  Some things, like the BD_ADDR cannot be

421

4e38eb54

balrog

 * preserved though (for example if a real hci is used).  */

423

4e38eb54

balrog

# define HNDL(raw)        bswap16(raw)

424

4e38eb54

balrog

#else

425

4e38eb54

balrog

# define HNDL(raw)        (raw)

426

4e38eb54

balrog

#endif

427

4e38eb54

balrog

428

4e38eb54

balrog

static const uint8_t bt_event_reserved_mask[8] = {

429

4e38eb54

balrog

    0xff, 0x9f, 0xfb, 0xff, 0x07, 0x18, 0x00, 0x00,

430

4e38eb54

balrog

};

431

4e38eb54

balrog

432

4e38eb54

balrog

static inline uint8_t *bt_hci_event_start(struct bt_hci_s *hci,

433

4e38eb54

balrog

                int evt, int len)

434

4e38eb54

balrog

435

4e38eb54

balrog

    uint8_t *packet, mask;

436

4e38eb54

balrog

    int mask_byte;

437

4e38eb54

balrog

438

4e38eb54

balrog

    if (len > 255) {

439

4e38eb54

balrog

        fprintf(stderr, "%s: HCI event params too long (%ib)\n",

440

4e38eb54

balrog

                        __FUNCTION__, len);

441

4e38eb54

balrog

        exit(-1);

442

4e38eb54

balrog

443

4e38eb54

balrog

444

4e38eb54

balrog

    mask_byte = (evt - 1) >> 3;

445

4e38eb54

balrog

    mask = 1 << ((evt - 1) & 3);

446

4e38eb54

balrog

    if (mask & bt_event_reserved_mask[mask_byte] & ~hci->event_mask[mask_byte])

448

4e38eb54

balrog

449

4e38eb54

balrog

    packet = hci->evt_packet(hci->opaque);

450

4e38eb54

balrog

    packet[0] = evt;

451

4e38eb54

balrog

    packet[1] = len;

452

4e38eb54

balrog

453

4e38eb54

balrog

    return &packet[2];

454

4e38eb54

balrog

455

4e38eb54

balrog

456

4e38eb54

balrog

static inline void bt_hci_event(struct bt_hci_s *hci, int evt,

457

4e38eb54

balrog

                void *params, int len)

458

4e38eb54

balrog

459

4e38eb54

balrog

    uint8_t *packet = bt_hci_event_start(hci, evt, len);

460

4e38eb54

balrog

461

4e38eb54

balrog

    if (!packet)

462

4e38eb54

balrog

        return;

463

4e38eb54

balrog

464

4e38eb54

balrog

    if (len)

465

4e38eb54

balrog

        memcpy(packet, params, len);

466

4e38eb54

balrog

467

4e38eb54

balrog

    hci->evt_submit(hci->opaque, len + 2);

468

4e38eb54

balrog

469

4e38eb54

balrog

470

4e38eb54

balrog

static inline void bt_hci_event_status(struct bt_hci_s *hci, int status)

471

4e38eb54

balrog

472

4e38eb54

balrog

    evt_cmd_status params = {

473

4e38eb54

balrog

        .status        = status,

474

4e38eb54

balrog

        .ncmd        = 1,

475

4e38eb54

balrog

        .opcode        = hci->last_cmd,

476

4e38eb54

balrog

};

477

4e38eb54

balrog

478

4e38eb54

balrog

    bt_hci_event(hci, EVT_CMD_STATUS, &params, EVT_CMD_STATUS_SIZE);

479

4e38eb54

balrog

480

4e38eb54

balrog

481

4e38eb54

balrog

static inline void bt_hci_event_complete(struct bt_hci_s *hci,

482

4e38eb54

balrog

                void *ret, int len)

483

4e38eb54

balrog

484

4e38eb54

balrog

    uint8_t *packet = bt_hci_event_start(hci, EVT_CMD_COMPLETE,

485

4e38eb54

balrog

                    len + EVT_CMD_COMPLETE_SIZE);

486

4e38eb54

balrog

    evt_cmd_complete *params = (evt_cmd_complete *) packet;

487

4e38eb54

balrog

488

4e38eb54

balrog

    if (!packet)

489

4e38eb54

balrog

        return;

490

4e38eb54

balrog

491

4e38eb54

balrog

    params->ncmd        = 1;

492

4e38eb54

balrog

    params->opcode        = hci->last_cmd;

493

4e38eb54

balrog

    if (len)

494

4e38eb54

balrog

        memcpy(&packet[EVT_CMD_COMPLETE_SIZE], ret, len);

495

4e38eb54

balrog

496

4e38eb54

balrog

    hci->evt_submit(hci->opaque, len + EVT_CMD_COMPLETE_SIZE + 2);

497

4e38eb54

balrog

498

4e38eb54

balrog

499

4e38eb54

balrog

static void bt_hci_inquiry_done(void *opaque)

500

4e38eb54

balrog

501

4e38eb54

balrog

    struct bt_hci_s *hci = (struct bt_hci_s *) opaque;

502

4e38eb54

balrog

    uint8_t status = HCI_SUCCESS;

503

4e38eb54

balrog

504

4e38eb54

balrog

    if (!hci->lm.periodic)

505

4e38eb54

balrog

        hci->lm.inquire = 0;

506

4e38eb54

balrog

507

4e38eb54

balrog

    /* The specification is inconsistent about this one.  Page 565 reads

508

4e38eb54

balrog

     * "The event parameters of Inquiry Complete event will have a summary

509

4e38eb54

balrog

     * of the result from the Inquiry process, which reports the number of

510

4e38eb54

balrog

     * nearby Bluetooth devices that responded [so hci->responses].", but

511

4e38eb54

balrog

     * Event Parameters (see page 729) has only Status.  */

512

4e38eb54

balrog

    bt_hci_event(hci, EVT_INQUIRY_COMPLETE, &status, 1);

513

4e38eb54

balrog

514

4e38eb54

balrog

515

4e38eb54

balrog

static void bt_hci_inquiry_result_standard(struct bt_hci_s *hci,

516

4e38eb54

balrog

                struct bt_device_s *slave)

517

4e38eb54

balrog

518

4e38eb54

balrog

    inquiry_info params = {

519

4e38eb54

balrog

        .num_responses                = 1,

520

4e38eb54

balrog

        .bdaddr                        = BAINIT(&slave->bd_addr),

521

4e38eb54

balrog

        .pscan_rep_mode                = 0x00,        /* R0 */

522

4e38eb54

balrog

        .pscan_period_mode        = 0x00,        /* P0 - deprecated */

523

4e38eb54

balrog

        .pscan_mode                = 0x00,        /* Standard scan - deprecated */

524

4e38eb54

balrog

        .dev_class[0]                = slave->class[0],

525

4e38eb54

balrog

        .dev_class[1]                = slave->class[1],

526

4e38eb54

balrog

        .dev_class[2]                = slave->class[2],

527

4e38eb54

balrog

        /* TODO: return the clkoff *differenece* */

528

4e38eb54

balrog

        .clock_offset                = slave->clkoff,        /* Note: no swapping */

529

4e38eb54

balrog

};

530

4e38eb54

balrog

531

4e38eb54

balrog

    bt_hci_event(hci, EVT_INQUIRY_RESULT, &params, INQUIRY_INFO_SIZE);

532

4e38eb54

balrog

533

4e38eb54

balrog

534

4e38eb54

balrog

static void bt_hci_inquiry_result_with_rssi(struct bt_hci_s *hci,

535

4e38eb54

balrog

                struct bt_device_s *slave)

536

4e38eb54

balrog

537

4e38eb54

balrog

    inquiry_info_with_rssi params = {

538

4e38eb54

balrog

        .num_responses                = 1,

539

4e38eb54

balrog

        .bdaddr                        = BAINIT(&slave->bd_addr),

540

4e38eb54

balrog

        .pscan_rep_mode                = 0x00,        /* R0 */

541

4e38eb54

balrog

        .pscan_period_mode        = 0x00,        /* P0 - deprecated */

542

4e38eb54

balrog

        .dev_class[0]                = slave->class[0],

543

4e38eb54

balrog

        .dev_class[1]                = slave->class[1],

544

4e38eb54

balrog

        .dev_class[2]                = slave->class[2],

545

4e38eb54

balrog

        /* TODO: return the clkoff *differenece* */

546

4e38eb54

balrog

        .clock_offset                = slave->clkoff,        /* Note: no swapping */

547

4e38eb54

balrog

        .rssi                        = DEFAULT_RSSI_DBM,

548

4e38eb54

balrog

};

549

4e38eb54

balrog

550

4e38eb54

balrog

    bt_hci_event(hci, EVT_INQUIRY_RESULT_WITH_RSSI,

551

4e38eb54

balrog

                    &params, INQUIRY_INFO_WITH_RSSI_SIZE);

552

4e38eb54

balrog

553

4e38eb54

balrog

554

4e38eb54

balrog

static void bt_hci_inquiry_result(struct bt_hci_s *hci,

555

4e38eb54

balrog

                struct bt_device_s *slave)

556

4e38eb54

balrog

557

4e38eb54

balrog

    if (!slave->inquiry_scan || !hci->lm.responses_left)

558

4e38eb54

balrog

        return;

559

4e38eb54

balrog

560

4e38eb54

balrog

    hci->lm.responses_left --;

561

4e38eb54

balrog

    hci->lm.responses ++;

562

4e38eb54

balrog

563

4e38eb54

balrog

    switch (hci->lm.inquiry_mode) {

564

4e38eb54

balrog

    case 0x00:

567

4e38eb54

balrog

    case 0x01:

570

4e38eb54

balrog

    default:

571

4e38eb54

balrog

        fprintf(stderr, "%s: bad inquiry mode %02x\n", __FUNCTION__,

572

4e38eb54

balrog

                        hci->lm.inquiry_mode);

573

4e38eb54

balrog

        exit(-1);

574

4e38eb54

balrog

575

4e38eb54

balrog

576

4e38eb54

balrog

577

4e38eb54

balrog

static void bt_hci_mod_timer_1280ms(QEMUTimer *timer, int period)

578

4e38eb54

balrog

579

4e38eb54

balrog

    qemu_mod_timer(timer, qemu_get_clock(vm_clock) +

581

4e38eb54

balrog

582

4e38eb54

balrog

583

4e38eb54

balrog

static void bt_hci_inquiry_start(struct bt_hci_s *hci, int length)

584

4e38eb54

balrog

585

4e38eb54

balrog

    struct bt_device_s *slave;

586

4e38eb54

balrog

587

4e38eb54

balrog

    hci->lm.inquiry_length = length;

588

4e38eb54

balrog

    for (slave = hci->device.net->slave; slave; slave = slave->next)

589

4e38eb54

balrog

        /* Don't uncover ourselves.  */

590

4e38eb54

balrog

        if (slave != &hci->device)

591

4e38eb54

balrog

            bt_hci_inquiry_result(hci, slave);

592

4e38eb54

balrog

593

4e38eb54

balrog

    /* TODO: register for a callback on a new device's addition to the

594

4e38eb54

balrog

     * scatternet so that if it's added before inquiry_length expires,

595

4e38eb54

balrog

     * an Inquiry Result is generated immediately.  Alternatively re-loop

596

4e38eb54

balrog

     * through the devices on the inquiry_length expiration and report

597

4e38eb54

balrog

     * devices not seen before.  */

598

4e38eb54

balrog

    if (hci->lm.responses_left)

599

4e38eb54

balrog

        bt_hci_mod_timer_1280ms(hci->lm.inquiry_done, hci->lm.inquiry_length);

600

4e38eb54

balrog

    else

601

4e38eb54

balrog

        bt_hci_inquiry_done(hci);

602

4e38eb54

balrog

603

4e38eb54

balrog

    if (hci->lm.periodic)

604

4e38eb54

balrog

        bt_hci_mod_timer_1280ms(hci->lm.inquiry_next, hci->lm.inquiry_period);

605

4e38eb54

balrog

606

4e38eb54

balrog

607

4e38eb54

balrog

static void bt_hci_inquiry_next(void *opaque)

608

4e38eb54

balrog

609

4e38eb54

balrog

    struct bt_hci_s *hci = (struct bt_hci_s *) opaque;

610

4e38eb54

balrog

611

4e38eb54

balrog

    hci->lm.responses_left += hci->lm.responses;

612

4e38eb54

balrog

    hci->lm.responses = 0;

613

4e38eb54

balrog

    bt_hci_inquiry_start(hci,  hci->lm.inquiry_length);

614

4e38eb54

balrog

615

4e38eb54

balrog

616

4e38eb54

balrog

static inline int bt_hci_handle_bad(struct bt_hci_s *hci, uint16_t handle)

617

4e38eb54

balrog

618

4e38eb54

balrog

    return !(handle & HCI_HANDLE_OFFSET) ||

619

4e38eb54

balrog

            handle >= (HCI_HANDLE_OFFSET | HCI_HANDLES_MAX) ||

620

4e38eb54

balrog

            !hci->lm.handle[handle & ~HCI_HANDLE_OFFSET].link;

621

4e38eb54

balrog

622

4e38eb54

balrog

623

4e38eb54

balrog

static inline int bt_hci_role_master(struct bt_hci_s *hci, uint16_t handle)

624

4e38eb54

balrog

625

4e38eb54

balrog

    return !!(hci->lm.role_bmp & (1 << (handle & ~HCI_HANDLE_OFFSET)));

626

4e38eb54

balrog

627

4e38eb54

balrog

628

4e38eb54

balrog

static inline struct bt_device_s *bt_hci_remote_dev(struct bt_hci_s *hci,

629

4e38eb54

balrog

                uint16_t handle)

630

4e38eb54

balrog

631

4e38eb54

balrog

    struct bt_link_s *link = hci->lm.handle[handle & ~HCI_HANDLE_OFFSET].link;

632

4e38eb54

balrog

633

4e38eb54

balrog

    return bt_hci_role_master(hci, handle) ? link->slave : link->host;

634

4e38eb54

balrog

635

4e38eb54

balrog

636

4e38eb54

balrog

static void bt_hci_mode_tick(void *opaque);

637

4e38eb54

balrog

static void bt_hci_lmp_link_establish(struct bt_hci_s *hci,

638

4e38eb54

balrog

                struct bt_link_s *link, int master)

639

4e38eb54

balrog

640

4e38eb54

balrog

    hci->lm.handle[hci->lm.last_handle].link = link;

641

4e38eb54

balrog

642

4e38eb54

balrog

    if (master) {

643

4e38eb54

balrog

        /* We are the master side of an ACL link */

644

4e38eb54

balrog

        hci->lm.role_bmp |= 1 << hci->lm.last_handle;

645

4e38eb54

balrog

646

4e38eb54

balrog

        hci->lm.handle[hci->lm.last_handle].lmp_acl_data =

647

4e38eb54

balrog

                link->slave->lmp_acl_data;

648

4e38eb54

balrog

    } else {

649

4e38eb54

balrog

        /* We are the slave side of an ACL link */

650

4e38eb54

balrog

        hci->lm.role_bmp &= ~(1 << hci->lm.last_handle);

651

4e38eb54

balrog

652

4e38eb54

balrog

        hci->lm.handle[hci->lm.last_handle].lmp_acl_data =

653

4e38eb54

balrog

                link->host->lmp_acl_resp;

654

4e38eb54

balrog

655

4e38eb54

balrog

656

4e38eb54

balrog

    /* Mode */

657

4e38eb54

balrog

    if (master) {

658

4e38eb54

balrog

        link->acl_mode = acl_active;

659

4e38eb54

balrog

        hci->lm.handle[hci->lm.last_handle].acl_mode_timer =

660

4e38eb54

balrog

                qemu_new_timer(vm_clock, bt_hci_mode_tick, link);

661

4e38eb54

balrog

662

4e38eb54

balrog

663

4e38eb54

balrog

664

4e38eb54

balrog

static void bt_hci_lmp_link_teardown(struct bt_hci_s *hci, uint16_t handle)

665

4e38eb54

balrog

666

4e38eb54

balrog

    handle &= ~HCI_HANDLE_OFFSET;

668

4e38eb54

balrog

669

4e38eb54

balrog

    if (bt_hci_role_master(hci, handle)) {

670

4e38eb54

balrog

        qemu_del_timer(hci->lm.handle[handle].acl_mode_timer);

671

4e38eb54

balrog

        qemu_free_timer(hci->lm.handle[handle].acl_mode_timer);

672

4e38eb54

balrog

673

4e38eb54

balrog

674

4e38eb54

balrog

676

4e38eb54

balrog

677

4e38eb54

balrog

    struct bt_device_s *slave;

678

4e38eb54

balrog

    struct bt_link_s link;

679

4e38eb54

balrog

680

4e38eb54

balrog

    for (slave = hci->device.net->slave; slave; slave = slave->next)

681

4e38eb54

balrog

        if (slave->page_scan && !bacmp(&slave->bd_addr, bdaddr))

682

4e38eb54

balrog

            break;

683

4e38eb54

balrog

    if (!slave || slave == &hci->device)

684

4e38eb54

balrog

        return -ENODEV;

685

4e38eb54

balrog

686

4e38eb54

balrog

    bacpy(&hci->lm.awaiting_bdaddr[hci->lm.connecting ++], &slave->bd_addr);

687

4e38eb54

balrog

688

4e38eb54

balrog

    link.slave = slave;

689

4e38eb54

balrog

    link.host = &hci->device;

690

4e38eb54

balrog

    link.slave->lmp_connection_request(&link);        /* Always last */

691

4e38eb54

balrog

692

4e38eb54

balrog

    return 0;

693

4e38eb54

balrog

694

4e38eb54

balrog

695

4e38eb54

balrog

static void bt_hci_connection_reject(struct bt_hci_s *hci,

696

4e38eb54

balrog

                struct bt_device_s *host, uint8_t because)

697

4e38eb54

balrog

698

4e38eb54

balrog

    struct bt_link_s link = {

699

4e38eb54

balrog

        .slave        = &hci->device,

700

4e38eb54

balrog

        .host        = host,

701

4e38eb54

balrog

        /* Rest uninitialised */

702

4e38eb54

balrog

};

703

4e38eb54

balrog

704

4e38eb54

balrog

    host->reject_reason = because;

705

4e38eb54

balrog

    host->lmp_connection_complete(&link);

706

4e38eb54

balrog

707

4e38eb54

balrog

708

4e38eb54

balrog

static void bt_hci_connection_reject_event(struct bt_hci_s *hci,

710

4e38eb54

balrog

711

4e38eb54

balrog

    evt_conn_complete params;

712

4e38eb54

balrog

713

4e38eb54

balrog

    params.status        = HCI_NO_CONNECTION;

714

4e38eb54

balrog

    params.handle        = 0;

715

4e38eb54

balrog

    bacpy(&params.bdaddr, bdaddr);

716

4e38eb54

balrog

    params.link_type        = ACL_LINK;

717

4e38eb54

balrog

    params.encr_mode        = 0x00;                /* Encryption not required */

718

4e38eb54

balrog

    bt_hci_event(hci, EVT_CONN_COMPLETE, &params, EVT_CONN_COMPLETE_SIZE);

719

4e38eb54

balrog

720

4e38eb54

balrog

721

4e38eb54

balrog

static void bt_hci_connection_accept(struct bt_hci_s *hci,

722

4e38eb54

balrog

                struct bt_device_s *host)

723

4e38eb54

balrog

724

4e38eb54

balrog

    struct bt_hci_link_s *link = qemu_mallocz(sizeof(struct bt_hci_link_s));

725

4e38eb54

balrog

    evt_conn_complete params;

726

4e38eb54

balrog

    uint16_t handle;

727

4e38eb54

balrog

    uint8_t status = HCI_SUCCESS;

728

4e38eb54

balrog

    int tries = HCI_HANDLES_MAX;

729

4e38eb54

balrog

730

4e38eb54

balrog

    /* Make a connection handle */

731

4e38eb54

balrog

    do {

732

4e38eb54

balrog

        while (hci->lm.handle[++ hci->lm.last_handle].link && -- tries)

733

4e38eb54

balrog

            hci->lm.last_handle &= HCI_HANDLES_MAX - 1;

734

4e38eb54

balrog

        handle = hci->lm.last_handle | HCI_HANDLE_OFFSET;

735

4e38eb54

balrog

    } while ((handle == hci->asb_handle || handle == hci->psb_handle) &&

736

4e38eb54

balrog

            tries);

737

4e38eb54

balrog

738

4e38eb54

balrog

    if (!tries) {

739

4e38eb54

balrog

        qemu_free(link);

740

4e38eb54

balrog

        bt_hci_connection_reject(hci, host, HCI_REJECTED_LIMITED_RESOURCES);

741

4e38eb54

balrog

        status = HCI_NO_CONNECTION;

742

4e38eb54

balrog

        goto complete;

743

4e38eb54

balrog

744

4e38eb54

balrog

745

4e38eb54

balrog

    link->btlink.slave        = &hci->device;

746

4e38eb54

balrog

    link->btlink.host        = host;

747

4e38eb54

balrog

    link->handle = handle;

748

4e38eb54

balrog

749

4e38eb54

balrog

    /* Link established */

750

4e38eb54

balrog

    bt_hci_lmp_link_establish(hci, &link->btlink, 0);

751

4e38eb54

balrog

752

4e38eb54

balrog

complete:

753

4e38eb54

balrog

    params.status        = status;

754

4e38eb54

balrog

    params.handle        = HNDL(handle);

755

4e38eb54

balrog

    bacpy(&params.bdaddr, &host->bd_addr);

756

4e38eb54

balrog

    params.link_type        = ACL_LINK;

757

4e38eb54

balrog

    params.encr_mode        = 0x00;                /* Encryption not required */

758

4e38eb54

balrog

    bt_hci_event(hci, EVT_CONN_COMPLETE, &params, EVT_CONN_COMPLETE_SIZE);

759

4e38eb54

balrog

760

4e38eb54

balrog

    /* Neets to be done at the very end because it can trigger a (nested)

761

4e38eb54

balrog

     * disconnected, in case the other and had cancelled the request

762

4e38eb54

balrog

     * locally.  */

763

4e38eb54

balrog

    if (status == HCI_SUCCESS) {

764

4e38eb54

balrog

        host->reject_reason = 0;

765

4e38eb54

balrog

        host->lmp_connection_complete(&link->btlink);

766

4e38eb54

balrog

767

4e38eb54

balrog

768

4e38eb54

balrog

769

4e38eb54

balrog

static void bt_hci_lmp_connection_request(struct bt_link_s *link)

770

4e38eb54

balrog

771

4e38eb54

balrog

    struct bt_hci_s *hci = hci_from_device(link->slave);

772

4e38eb54

balrog

    evt_conn_request params;

773

4e38eb54

balrog

779

4e38eb54

balrog

    hci->conn_req_host = link->host;

780

4e38eb54

balrog

    /* TODO: if masked and auto-accept, then auto-accept,

781

4e38eb54

balrog

     * if masked and not auto-accept, then auto-reject */

782

4e38eb54

balrog

    /* TODO: kick the hci->conn_accept_timer, timeout after

783

4e38eb54

balrog

     * hci->conn_accept_tout * 0.625 msec */

784

4e38eb54

balrog

785

4e38eb54

balrog

    bacpy(&params.bdaddr, &link->host->bd_addr);

786

4e38eb54

balrog

    memcpy(&params.dev_class, &link->host->class, sizeof(params.dev_class));

787

4e38eb54

balrog

    params.link_type        = ACL_LINK;

788

4e38eb54

balrog

    bt_hci_event(hci, EVT_CONN_REQUEST, &params, EVT_CONN_REQUEST_SIZE);

789

4e38eb54

balrog

    return;

790

4e38eb54

balrog

791

4e38eb54

balrog

792

4e38eb54

balrog

static void bt_hci_conn_accept_timeout(void *opaque)

793

4e38eb54

balrog

794

4e38eb54

balrog

    struct bt_hci_s *hci = (struct bt_hci_s *) opaque;

795

4e38eb54

balrog

796

4e38eb54

balrog

    if (!hci->conn_req_host)

797

4e38eb54

balrog

        /* Already accepted or rejected.  If the other end cancelled the

798

4e38eb54

balrog

         * connection request then we still have to reject or accept it

799

4e38eb54

balrog

         * and then we'll get a disconnect.  */

800

4e38eb54

balrog

        return;

801

4e38eb54

balrog

802

4e38eb54

balrog

    /* TODO */

803

4e38eb54

balrog

804

4e38eb54

balrog

805

4e38eb54

balrog

/* Remove from the list of devices which we wanted to connect to and

806

4e38eb54

balrog

 * are awaiting a response from.  If the callback sees a response from

807

4e38eb54

balrog

 * a device which is not on the list it will assume it's a connection

808

4e38eb54

balrog

 * that's been cancelled by the host in the meantime and immediately

809

4e38eb54

balrog

 * try to detach the link and send a Connection Complete.  */

810

4e38eb54

balrog

static int bt_hci_lmp_connection_ready(struct bt_hci_s *hci,

812

4e38eb54

balrog

813

4e38eb54

balrog

    int i;

814

4e38eb54

balrog

815

4e38eb54

balrog

    for (i = 0; i < hci->lm.connecting; i ++)

816

4e38eb54

balrog

        if (!bacmp(&hci->lm.awaiting_bdaddr[i], bdaddr)) {

817

4e38eb54

balrog

            if (i < -- hci->lm.connecting)

818

4e38eb54

balrog

                bacpy(&hci->lm.awaiting_bdaddr[i],

819

4e38eb54

balrog

                                &hci->lm.awaiting_bdaddr[hci->lm.connecting]);

820

4e38eb54

balrog

            return 0;

821

4e38eb54

balrog

822

4e38eb54

balrog

823

4e38eb54

balrog

    return 1;

824

4e38eb54

balrog

825

4e38eb54

balrog

826

4e38eb54

balrog

static void bt_hci_lmp_connection_complete(struct bt_link_s *link)

827

4e38eb54

balrog

828

4e38eb54

balrog

    struct bt_hci_s *hci = hci_from_device(link->host);

829

4e38eb54

balrog

    evt_conn_complete params;

830

4e38eb54

balrog

    uint16_t handle;

831

4e38eb54

balrog

    uint8_t status = HCI_SUCCESS;

832

4e38eb54

balrog

    int tries = HCI_HANDLES_MAX;

833

4e38eb54

balrog

834

4e38eb54

balrog

    if (bt_hci_lmp_connection_ready(hci, &link->slave->bd_addr)) {

835

4e38eb54

balrog

        if (!hci->device.reject_reason)

836

4e38eb54

balrog

            link->slave->lmp_disconnect_slave(link);

837

4e38eb54

balrog

        handle = 0;

838

4e38eb54

balrog

        status = HCI_NO_CONNECTION;

839

4e38eb54

balrog

        goto complete;

840

4e38eb54

balrog

841

4e38eb54

balrog

842

4e38eb54

balrog

    if (hci->device.reject_reason) {

843

4e38eb54

balrog

        handle = 0;

844

4e38eb54

balrog

        status = hci->device.reject_reason;

845

4e38eb54

balrog

        goto complete;

846

4e38eb54

balrog

847

4e38eb54

balrog

848

4e38eb54

balrog

    /* Make a connection handle */

849

4e38eb54

balrog

    do {

850

4e38eb54

balrog

        while (hci->lm.handle[++ hci->lm.last_handle].link && -- tries)

851

4e38eb54

balrog

            hci->lm.last_handle &= HCI_HANDLES_MAX - 1;

852

4e38eb54

balrog

        handle = hci->lm.last_handle | HCI_HANDLE_OFFSET;

853

4e38eb54

balrog

    } while ((handle == hci->asb_handle || handle == hci->psb_handle) &&

854

4e38eb54

balrog

            tries);

855

4e38eb54

balrog

856

4e38eb54

balrog

    if (!tries) {

857

4e38eb54

balrog

        link->slave->lmp_disconnect_slave(link);

858

4e38eb54

balrog

        status = HCI_NO_CONNECTION;

859

4e38eb54

balrog

        goto complete;

860

4e38eb54

balrog

861

4e38eb54

balrog

862

4e38eb54

balrog

    /* Link established */

863

4e38eb54

balrog

    link->handle = handle;

864

4e38eb54

balrog

    bt_hci_lmp_link_establish(hci, link, 1);

865

4e38eb54

balrog

866

4e38eb54

balrog

complete:

867

4e38eb54

balrog

    params.status        = status;

868

4e38eb54

balrog

    params.handle        = HNDL(handle);

869

4e38eb54

balrog

    params.link_type        = ACL_LINK;

870

4e38eb54

balrog

    bacpy(&params.bdaddr, &link->slave->bd_addr);

871

4e38eb54

balrog

    params.encr_mode        = 0x00;                /* Encryption not required */

872

4e38eb54

balrog

    bt_hci_event(hci, EVT_CONN_COMPLETE, &params, EVT_CONN_COMPLETE_SIZE);

873

4e38eb54

balrog

874

4e38eb54

balrog

875

4e38eb54

balrog

static void bt_hci_disconnect(struct bt_hci_s *hci,

876

4e38eb54

balrog

                uint16_t handle, int reason)

877

4e38eb54

balrog

878

4e38eb54

balrog

    struct bt_link_s *btlink =

879

4e38eb54

balrog

            hci->lm.handle[handle & ~HCI_HANDLE_OFFSET].link;

880

4e38eb54

balrog

    struct bt_hci_link_s *link;

881

4e38eb54

balrog

    evt_disconn_complete params;

882

4e38eb54

balrog

883

4e38eb54

balrog

    if (bt_hci_role_master(hci, handle)) {

884

4e38eb54

balrog

        btlink->slave->reject_reason = reason;

885

4e38eb54

balrog

        btlink->slave->lmp_disconnect_slave(btlink);

886

4e38eb54

balrog

        /* The link pointer is invalid from now on */

887

4e38eb54

balrog

888

4e38eb54

balrog

        goto complete;

889

4e38eb54

balrog

890

4e38eb54

balrog

891

4e38eb54

balrog

    btlink->host->reject_reason = reason;

892

4e38eb54

balrog

    btlink->host->lmp_disconnect_master(btlink);

893

4e38eb54

balrog

894

4e38eb54

balrog

    /* We are the slave, we get to clean this burden */

895

4e38eb54

balrog

    link = (struct bt_hci_link_s *) btlink;

896

4e38eb54

balrog

    qemu_free(link);

897

4e38eb54

balrog

898

4e38eb54

balrog

complete:

899

4e38eb54

balrog

    bt_hci_lmp_link_teardown(hci, handle);

900

4e38eb54

balrog

901

4e38eb54

balrog

    params.status        = HCI_SUCCESS;

902

4e38eb54

balrog

    params.handle        = HNDL(handle);

903

4e38eb54

balrog

    params.reason        = HCI_CONNECTION_TERMINATED;

904

4e38eb54

balrog

    bt_hci_event(hci, EVT_DISCONN_COMPLETE,

905

4e38eb54

balrog

                    &params, EVT_DISCONN_COMPLETE_SIZE);

906

4e38eb54

balrog

907

4e38eb54

balrog

908

4e38eb54

balrog

/* TODO: use only one function */

909

4e38eb54

balrog

static void bt_hci_lmp_disconnect_host(struct bt_link_s *link)

910

4e38eb54

balrog

911

4e38eb54

balrog

    struct bt_hci_s *hci = hci_from_device(link->host);

912

4e38eb54

balrog

    uint16_t handle = link->handle;

913

4e38eb54

balrog

    evt_disconn_complete params;

914

4e38eb54

balrog

915

4e38eb54

balrog

    bt_hci_lmp_link_teardown(hci, handle);

916

4e38eb54

balrog

917

4e38eb54

balrog

    params.status        = HCI_SUCCESS;

918

4e38eb54

balrog

    params.handle        = HNDL(handle);

919

4e38eb54

balrog

    params.reason        = hci->device.reject_reason;

920

4e38eb54

balrog

    bt_hci_event(hci, EVT_DISCONN_COMPLETE,

921

4e38eb54

balrog

                    &params, EVT_DISCONN_COMPLETE_SIZE);

922

4e38eb54

balrog

923

4e38eb54

balrog

924

4e38eb54

balrog

static void bt_hci_lmp_disconnect_slave(struct bt_link_s *btlink)

925

4e38eb54

balrog

926

4e38eb54

balrog

    struct bt_hci_link_s *link = (struct bt_hci_link_s *) btlink;

927

4e38eb54

balrog

    struct bt_hci_s *hci = hci_from_device(btlink->slave);

928

4e38eb54

balrog

    uint16_t handle = link->handle;

929

4e38eb54

balrog

    evt_disconn_complete params;

930

4e38eb54

balrog

931

4e38eb54

balrog

    qemu_free(link);

932

4e38eb54

balrog

933

4e38eb54

balrog

    bt_hci_lmp_link_teardown(hci, handle);

934

4e38eb54

balrog

935

4e38eb54

balrog

    params.status        = HCI_SUCCESS;

936

4e38eb54

balrog

    params.handle        = HNDL(handle);

937

4e38eb54

balrog

    params.reason        = hci->device.reject_reason;

938

4e38eb54

balrog

    bt_hci_event(hci, EVT_DISCONN_COMPLETE,

939

4e38eb54

balrog

                    &params, EVT_DISCONN_COMPLETE_SIZE);

940

4e38eb54

balrog

941

4e38eb54

balrog

943

4e38eb54

balrog

944

4e38eb54

balrog

    struct bt_device_s *slave;

945

4e38eb54

balrog

    evt_remote_name_req_complete params;

946

4e38eb54

balrog

    int len;

947

4e38eb54

balrog

948

4e38eb54

balrog

    for (slave = hci->device.net->slave; slave; slave = slave->next)

949

4e38eb54

balrog

        if (slave->page_scan && !bacmp(&slave->bd_addr, bdaddr))

950

4e38eb54

balrog

            break;

951

4e38eb54

balrog

    if (!slave)

952

4e38eb54

balrog

        return -ENODEV;

953

4e38eb54

balrog

954

4e38eb54

balrog

    bt_hci_event_status(hci, HCI_SUCCESS);

955

4e38eb54

balrog

956

4e38eb54

balrog

    params.status       = HCI_SUCCESS;

957

4e38eb54

balrog

    bacpy(&params.bdaddr, &slave->bd_addr);

958

4e38eb54

balrog

    len = snprintf(params.name, sizeof(params.name),

959

4e38eb54

balrog

                    "%s", slave->lmp_name ?: "");

960

4e38eb54

balrog

    memset(params.name + len, 0, sizeof(params.name) - len);

961

4e38eb54

balrog

    bt_hci_event(hci, EVT_REMOTE_NAME_REQ_COMPLETE,

962

4e38eb54

balrog

                    &params, EVT_REMOTE_NAME_REQ_COMPLETE_SIZE);

963

4e38eb54

balrog

964

4e38eb54

balrog

    return 0;

965

4e38eb54

balrog

966

4e38eb54

balrog

967

4e38eb54

balrog

static int bt_hci_features_req(struct bt_hci_s *hci, uint16_t handle)

968

4e38eb54

balrog

969

4e38eb54

balrog

    struct bt_device_s *slave;

970

4e38eb54

balrog

    evt_read_remote_features_complete params;

971

4e38eb54

balrog

972

4e38eb54

balrog

    if (bt_hci_handle_bad(hci, handle))

973

4e38eb54

balrog

        return -ENODEV;

974

4e38eb54

balrog

975

4e38eb54

balrog

    slave = bt_hci_remote_dev(hci, handle);

976

4e38eb54

balrog

977

4e38eb54

balrog

    bt_hci_event_status(hci, HCI_SUCCESS);

978

4e38eb54

balrog

979

4e38eb54

balrog

    params.status        = HCI_SUCCESS;

980

4e38eb54

balrog

    params.handle        = HNDL(handle);

981

4e38eb54

balrog

    params.features[0]        = (slave->lmp_caps >>  0) & 0xff;

982

4e38eb54

balrog

    params.features[1]        = (slave->lmp_caps >>  8) & 0xff;

983

4e38eb54

balrog

    params.features[2]        = (slave->lmp_caps >> 16) & 0xff;

984

4e38eb54

balrog

    params.features[3]        = (slave->lmp_caps >> 24) & 0xff;

985

4e38eb54

balrog

    params.features[4]        = (slave->lmp_caps >> 32) & 0xff;

986

4e38eb54

balrog

    params.features[5]        = (slave->lmp_caps >> 40) & 0xff;

987

4e38eb54

balrog

    params.features[6]        = (slave->lmp_caps >> 48) & 0xff;

988

4e38eb54

balrog

    params.features[7]        = (slave->lmp_caps >> 56) & 0xff;

989

4e38eb54

balrog

    bt_hci_event(hci, EVT_READ_REMOTE_FEATURES_COMPLETE,

990

4e38eb54

balrog

                    &params, EVT_READ_REMOTE_FEATURES_COMPLETE_SIZE);

991

4e38eb54

balrog

992

4e38eb54

balrog

    return 0;

993

4e38eb54

balrog

994

4e38eb54

balrog

995

4e38eb54

balrog

static int bt_hci_version_req(struct bt_hci_s *hci, uint16_t handle)

996

4e38eb54

balrog

997

4e38eb54

balrog

    struct bt_device_s *slave;

998

4e38eb54

balrog

    evt_read_remote_version_complete params;

999

4e38eb54

balrog

1000

4e38eb54

balrog

    if (bt_hci_handle_bad(hci, handle))

1001

4e38eb54

balrog

        return -ENODEV;

1002

4e38eb54

balrog

1003

4e38eb54

balrog

    slave = bt_hci_remote_dev(hci, handle);

1004

4e38eb54

balrog

1005

4e38eb54

balrog

    bt_hci_event_status(hci, HCI_SUCCESS);

1006

4e38eb54

balrog

1007

4e38eb54

balrog

    params.status        = HCI_SUCCESS;

1008

4e38eb54

balrog

    params.handle        = HNDL(handle);

1009

4e38eb54

balrog

    params.lmp_ver        = 0x03;

1010

4e38eb54

balrog

    params.manufacturer        = cpu_to_le16(0xa000);

1011

4e38eb54

balrog

    params.lmp_subver        = cpu_to_le16(0xa607);

1012

4e38eb54

balrog

    bt_hci_event(hci, EVT_READ_REMOTE_VERSION_COMPLETE,

1013

4e38eb54

balrog

                    &params, EVT_READ_REMOTE_VERSION_COMPLETE_SIZE);

1014

4e38eb54

balrog

1015

4e38eb54

balrog

    return 0;

1016

4e38eb54

balrog

1017

4e38eb54

balrog

1018

4e38eb54

balrog

static int bt_hci_clkoffset_req(struct bt_hci_s *hci, uint16_t handle)

1019

4e38eb54

balrog

1020

4e38eb54

balrog

    struct bt_device_s *slave;

1021

4e38eb54

balrog

    evt_read_clock_offset_complete params;

1022

4e38eb54

balrog

1023

4e38eb54

balrog

    if (bt_hci_handle_bad(hci, handle))

1024

4e38eb54

balrog

        return -ENODEV;

1025

4e38eb54

balrog

1026

4e38eb54

balrog

    slave = bt_hci_remote_dev(hci, handle);

1027

4e38eb54

balrog

1028

4e38eb54

balrog

    bt_hci_event_status(hci, HCI_SUCCESS);

1029

4e38eb54

balrog

1030

4e38eb54

balrog

    params.status        = HCI_SUCCESS;

1031

4e38eb54

balrog

    params.handle        = HNDL(handle);

1032

4e38eb54

balrog

    /* TODO: return the clkoff *differenece* */

1033

4e38eb54

balrog

    params.clock_offset        = slave->clkoff;        /* Note: no swapping */

1034

4e38eb54

balrog

    bt_hci_event(hci, EVT_READ_CLOCK_OFFSET_COMPLETE,

1035

4e38eb54

balrog

                    &params, EVT_READ_CLOCK_OFFSET_COMPLETE_SIZE);

1036

4e38eb54

balrog

1037

4e38eb54

balrog

    return 0;

1038

4e38eb54

balrog

1039

4e38eb54

balrog

1040

4e38eb54

balrog

static void bt_hci_event_mode(struct bt_hci_s *hci, struct bt_link_s *link,

1041

4e38eb54

balrog

                uint16_t handle)

1042

4e38eb54

balrog

1043

4e38eb54

balrog

    evt_mode_change params = {

1044

4e38eb54

balrog

        .status                = HCI_SUCCESS,

1045

4e38eb54

balrog

        .handle                = HNDL(handle),

1046

4e38eb54

balrog

        .mode                = link->acl_mode,

1047

4e38eb54

balrog

        .interval        = cpu_to_le16(link->acl_interval),

1048

4e38eb54

balrog

};

1049

4e38eb54

balrog

1050

4e38eb54

balrog

    bt_hci_event(hci, EVT_MODE_CHANGE, &params, EVT_MODE_CHANGE_SIZE);

1051

4e38eb54

balrog

1052

4e38eb54

balrog

1053

4e38eb54

balrog

static void bt_hci_lmp_mode_change_master(struct bt_hci_s *hci,

1054

4e38eb54

balrog

                struct bt_link_s *link, int mode, uint16_t interval)

1055

4e38eb54

balrog

1056

4e38eb54

balrog

    link->acl_mode = mode;

1057

4e38eb54

balrog

    link->acl_interval = interval;

1058

4e38eb54

balrog

1059

4e38eb54

balrog

    bt_hci_event_mode(hci, link, link->handle);

1060

4e38eb54

balrog

1061

4e38eb54

balrog

    link->slave->lmp_mode_change(link);

1062

4e38eb54

balrog

1063

4e38eb54

balrog

1064

4e38eb54

balrog

static void bt_hci_lmp_mode_change_slave(struct bt_link_s *btlink)

1065

4e38eb54

balrog

1066

4e38eb54

balrog

    struct bt_hci_link_s *link = (struct bt_hci_link_s *) btlink;

1067

4e38eb54

balrog

    struct bt_hci_s *hci = hci_from_device(btlink->slave);

1068

4e38eb54

balrog

1069

4e38eb54

balrog

    bt_hci_event_mode(hci, btlink, link->handle);

1070

4e38eb54

balrog

1071

4e38eb54

balrog

1072

4e38eb54

balrog

static int bt_hci_mode_change(struct bt_hci_s *hci, uint16_t handle,

1073

4e38eb54

balrog

                int interval, int mode)

1074

4e38eb54

balrog

1075

4e38eb54

balrog

    struct bt_hci_master_link_s *link;

1076

4e38eb54

balrog

1077

4e38eb54

balrog

    if (bt_hci_handle_bad(hci, handle) || !bt_hci_role_master(hci, handle))

1078

4e38eb54

balrog

        return -ENODEV;

1079

4e38eb54

balrog

1080

4e38eb54

balrog

    link = &hci->lm.handle[handle & ~HCI_HANDLE_OFFSET];

1081

4e38eb54

balrog

    if (link->link->acl_mode != acl_active) {

1082

4e38eb54

balrog

        bt_hci_event_status(hci, HCI_COMMAND_DISALLOWED);

1083

4e38eb54

balrog

        return 0;

1084

4e38eb54

balrog

1085

4e38eb54

balrog

1086

4e38eb54

balrog

    bt_hci_event_status(hci, HCI_SUCCESS);

1087

4e38eb54

balrog

1088

4e38eb54

balrog

    qemu_mod_timer(link->acl_mode_timer, qemu_get_clock(vm_clock) +

1090

4e38eb54

balrog

    bt_hci_lmp_mode_change_master(hci, link->link, mode, interval);

1091

4e38eb54

balrog

1092

4e38eb54

balrog

    return 0;

1093

4e38eb54

balrog

1094

4e38eb54

balrog

1095

4e38eb54

balrog

static int bt_hci_mode_cancel(struct bt_hci_s *hci, uint16_t handle, int mode)

1096

4e38eb54

balrog

1097

4e38eb54

balrog

    struct bt_hci_master_link_s *link;

1098

4e38eb54

balrog

1099

4e38eb54

balrog

    if (bt_hci_handle_bad(hci, handle) || !bt_hci_role_master(hci, handle))

1100

4e38eb54

balrog

        return -ENODEV;

1101

4e38eb54

balrog

1102

4e38eb54

balrog

    link = &hci->lm.handle[handle & ~HCI_HANDLE_OFFSET];

1103

4e38eb54

balrog

    if (link->link->acl_mode != mode) {

1104

4e38eb54

balrog

        bt_hci_event_status(hci, HCI_COMMAND_DISALLOWED);

1105

4e38eb54

balrog

1106

4e38eb54

balrog

        return 0;

1107

4e38eb54

balrog

1108

4e38eb54

balrog

1109

4e38eb54

balrog

    bt_hci_event_status(hci, HCI_SUCCESS);

1110

4e38eb54

balrog

1111

4e38eb54

balrog

    qemu_del_timer(link->acl_mode_timer);

1112

4e38eb54

balrog

    bt_hci_lmp_mode_change_master(hci, link->link, acl_active, 0);

1113

4e38eb54

balrog

1114

4e38eb54

balrog

    return 0;

1115

4e38eb54

balrog

1116

4e38eb54

balrog

1117

4e38eb54

balrog

static void bt_hci_mode_tick(void *opaque)

1118

4e38eb54

balrog

1119

4e38eb54

balrog

    struct bt_link_s *link = opaque;

1120

4e38eb54

balrog

    struct bt_hci_s *hci = hci_from_device(link->host);

1121

4e38eb54

balrog

1122

4e38eb54

balrog

    bt_hci_lmp_mode_change_master(hci, link, acl_active, 0);

1123

4e38eb54

balrog

1124

4e38eb54

balrog

1126

4e38eb54

balrog

1127

4e38eb54

balrog

    hci->acl_len = 0;

1128

4e38eb54

balrog

    hci->last_cmd = 0;

1129

4e38eb54

balrog

    hci->lm.connecting = 0;

1130

4e38eb54

balrog

1131

4e38eb54

balrog

    hci->event_mask[0] = 0xff;

1132

4e38eb54

balrog

    hci->event_mask[1] = 0xff;

1133

4e38eb54

balrog

    hci->event_mask[2] = 0xff;

1134

4e38eb54

balrog

    hci->event_mask[3] = 0xff;

1135

4e38eb54

balrog

    hci->event_mask[4] = 0xff;

1136

4e38eb54

balrog

    hci->event_mask[5] = 0x1f;

1137

4e38eb54

balrog

    hci->event_mask[6] = 0x00;

1138

4e38eb54

balrog

    hci->event_mask[7] = 0x00;

1139

4e38eb54

balrog

    hci->device.inquiry_scan = 0;

1140

4e38eb54

balrog

    hci->device.page_scan = 0;

1141

4e38eb54

balrog

    if (hci->device.lmp_name)

1144

4e38eb54

balrog

    hci->device.class[0] = 0x00;

1145

4e38eb54

balrog

    hci->device.class[1] = 0x00;

1146

4e38eb54

balrog

    hci->device.class[2] = 0x00;

1147

4e38eb54

balrog

    hci->voice_setting = 0x0000;

1148

4e38eb54

balrog

    hci->conn_accept_tout = 0x1f40;

1149

4e38eb54

balrog

    hci->lm.inquiry_mode = 0x00;

1150

4e38eb54

balrog

1151

4e38eb54

balrog

    hci->psb_handle = 0x000;

1152

4e38eb54

balrog

    hci->asb_handle = 0x000;

1153

4e38eb54

balrog

1154

4e38eb54

balrog

    /* XXX: qemu_del_timer(sl->acl_mode_timer); for all links */

1155

4e38eb54

balrog

    qemu_del_timer(hci->lm.inquiry_done);

1156

4e38eb54

balrog

    qemu_del_timer(hci->lm.inquiry_next);

1157

4e38eb54

balrog

    qemu_del_timer(hci->conn_accept_timer);

1158

4e38eb54

balrog

1159

4e38eb54

balrog

1160

4e38eb54

balrog

static void bt_hci_read_local_version_rp(struct bt_hci_s *hci)

1161

4e38eb54

balrog

1162

4e38eb54

balrog

    read_local_version_rp lv = {

1163

4e38eb54

balrog

        .status                = HCI_SUCCESS,

1164

4e38eb54

balrog

        .hci_ver        = 0x03,

1165

4e38eb54

balrog

        .hci_rev        = cpu_to_le16(0xa607),

1166

4e38eb54

balrog

        .lmp_ver        = 0x03,

1167

4e38eb54

balrog

        .manufacturer        = cpu_to_le16(0xa000),

1168

4e38eb54

balrog

        .lmp_subver        = cpu_to_le16(0xa607),

1169

4e38eb54

balrog

};

1170

4e38eb54

balrog

1171

4e38eb54

balrog

    bt_hci_event_complete(hci, &lv, READ_LOCAL_VERSION_RP_SIZE);

1172

4e38eb54

balrog

1173

4e38eb54

balrog

1174

4e38eb54

balrog

static void bt_hci_read_local_commands_rp(struct bt_hci_s *hci)

1175

4e38eb54

balrog

1176

4e38eb54

balrog

    read_local_commands_rp lc = {

1177

4e38eb54

balrog

        .status                = HCI_SUCCESS,

1178

4e38eb54

balrog

        .commands        = {

1179

4e38eb54

balrog

            /* Keep updated! */

1180

4e38eb54

balrog

            /* Also, keep in sync with hci->device.lmp_caps in bt_new_hci */

1181

4e38eb54

balrog

            0xbf, 0x80, 0xf9, 0x03, 0xb2, 0xc0, 0x03, 0xc3,

1182

4e38eb54

balrog

            0x00, 0x0f, 0x80, 0x00, 0xc0, 0x00, 0xe8, 0x13,

1183

4e38eb54

balrog

            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,

1184

4e38eb54

balrog

            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,

1185

4e38eb54

balrog

            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,

1186

4e38eb54

balrog

            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,

1187

4e38eb54

balrog

            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,

1188

4e38eb54

balrog

            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,

1189

4e38eb54

balrog

},

1190

4e38eb54

balrog

};

1191

4e38eb54

balrog

1192

4e38eb54

balrog

    bt_hci_event_complete(hci, &lc, READ_LOCAL_COMMANDS_RP_SIZE);

1193

4e38eb54

balrog

1194

4e38eb54

balrog

1195

4e38eb54

balrog

static void bt_hci_read_local_features_rp(struct bt_hci_s *hci)

1196

4e38eb54

balrog

1197

4e38eb54

balrog

    read_local_features_rp lf = {

1198

4e38eb54

balrog

        .status                = HCI_SUCCESS,

1199

4e38eb54

balrog

        .features        = {

1200

4e38eb54

balrog

            (hci->device.lmp_caps >>  0) & 0xff,

1201

4e38eb54

balrog

            (hci->device.lmp_caps >>  8) & 0xff,

1202

4e38eb54

balrog

            (hci->device.lmp_caps >> 16) & 0xff,

1203

4e38eb54

balrog

            (hci->device.lmp_caps >> 24) & 0xff,

1204

4e38eb54

balrog

            (hci->device.lmp_caps >> 32) & 0xff,

1205

4e38eb54

balrog

            (hci->device.lmp_caps >> 40) & 0xff,

1206

4e38eb54

balrog

            (hci->device.lmp_caps >> 48) & 0xff,

1207

4e38eb54

balrog

            (hci->device.lmp_caps >> 56) & 0xff,

1208

4e38eb54

balrog

},

1209

4e38eb54

balrog

};

1210

4e38eb54

balrog

1211

4e38eb54

balrog

    bt_hci_event_complete(hci, &lf, READ_LOCAL_FEATURES_RP_SIZE);

1212

4e38eb54

balrog

1213

4e38eb54

balrog

1214

4e38eb54

balrog

static void bt_hci_read_local_ext_features_rp(struct bt_hci_s *hci, int page)

1215

4e38eb54

balrog

1216

4e38eb54

balrog

    read_local_ext_features_rp lef = {

1217

4e38eb54

balrog

        .status                = HCI_SUCCESS,

1218

4e38eb54

balrog

        .page_num        = page,

1219

4e38eb54

balrog

        .max_page_num        = 0x00,

1220

4e38eb54

balrog

        .features        = {

1221

4e38eb54

balrog

            /* Keep updated! */

1222

4e38eb54

balrog

            0x5f, 0x35, 0x85, 0x7e, 0x9b, 0x19, 0x00, 0x80,

1223

4e38eb54

balrog

},

1224

4e38eb54

balrog

};

1225

4e38eb54

balrog

    if (page)

1226

4e38eb54

balrog

        memset(lef.features, 0, sizeof(lef.features));

1227

4e38eb54

balrog

1228

4e38eb54

balrog

    bt_hci_event_complete(hci, &lef, READ_LOCAL_EXT_FEATURES_RP_SIZE);

1229

4e38eb54

balrog

1230

4e38eb54

balrog

1231

4e38eb54

balrog

static void bt_hci_read_buffer_size_rp(struct bt_hci_s *hci)

1232

4e38eb54

balrog

1233

4e38eb54

balrog

    read_buffer_size_rp bs = {

1234

4e38eb54

balrog

        /* This can be made configurable, for one standard USB dongle HCI

1235

4e38eb54

balrog

         * the four values are cpu_to_le16(0x0180), 0x40,

1236

4e38eb54

balrog

         * cpu_to_le16(0x0008), cpu_to_le16(0x0008).  */

1237

4e38eb54

balrog

        .status                = HCI_SUCCESS,

1238

4e38eb54

balrog

        .acl_mtu        = cpu_to_le16(0x0200),

1239

4e38eb54

balrog

        .sco_mtu        = 0,

1240

4e38eb54

balrog

        .acl_max_pkt        = cpu_to_le16(0x0001),

1241

4e38eb54

balrog

        .sco_max_pkt        = cpu_to_le16(0x0000),

1242

4e38eb54

balrog

};

1243

4e38eb54

balrog

1244

4e38eb54

balrog

    bt_hci_event_complete(hci, &bs, READ_BUFFER_SIZE_RP_SIZE);

1245

4e38eb54

balrog

1246

4e38eb54

balrog

1247

4e38eb54

balrog

/* Deprecated in V2.0 (page 661) */

1248

4e38eb54

balrog

static void bt_hci_read_country_code_rp(struct bt_hci_s *hci)

1249

4e38eb54

balrog

1250

4e38eb54

balrog

    read_country_code_rp cc ={

1251

4e38eb54

balrog

        .status                = HCI_SUCCESS,

1252

4e38eb54

balrog

        .country_code        = 0x00,        /* North America & Europe^1 and Japan */

1253

4e38eb54

balrog

};

1254

4e38eb54

balrog

1255

4e38eb54

balrog

    bt_hci_event_complete(hci, &cc, READ_COUNTRY_CODE_RP_SIZE);

1256

4e38eb54

balrog

1257

4e38eb54

balrog

    /* ^1. Except France, sorry */

1258

4e38eb54

balrog

1259

4e38eb54

balrog

1260

4e38eb54

balrog

static void bt_hci_read_bd_addr_rp(struct bt_hci_s *hci)

1261

4e38eb54

balrog

1262

4e38eb54

balrog

    read_bd_addr_rp ba = {

1263

4e38eb54

balrog

        .status = HCI_SUCCESS,

1264

4e38eb54

balrog

        .bdaddr = BAINIT(&hci->device.bd_addr),

1265

4e38eb54

balrog

};

1266

4e38eb54

balrog

1267

4e38eb54

balrog

    bt_hci_event_complete(hci, &ba, READ_BD_ADDR_RP_SIZE);

1268

4e38eb54

balrog

1269

4e38eb54

balrog

1270

4e38eb54

balrog

static int bt_hci_link_quality_rp(struct bt_hci_s *hci, uint16_t handle)

1271

4e38eb54

balrog

1272

4e38eb54

balrog

    read_link_quality_rp lq = {

1273

4e38eb54

balrog

        .status                = HCI_SUCCESS,

1274

4e38eb54

balrog

        .handle                = HNDL(handle),

1275

4e38eb54

balrog

        .link_quality        = 0xff,

1276

4e38eb54

balrog

};

1277

4e38eb54

balrog

1278

4e38eb54

balrog

    if (bt_hci_handle_bad(hci, handle))

1279

4e38eb54

balrog

        lq.status = HCI_NO_CONNECTION;

1280

4e38eb54

balrog

1281

4e38eb54

balrog

    bt_hci_event_complete(hci, &lq, READ_LINK_QUALITY_RP_SIZE);

1282

4e38eb54

balrog

    return 0;

1283

4e38eb54

balrog

1284

4e38eb54

balrog

1285

4e38eb54

balrog

/* Generate a Command Complete event with only the Status parameter */

1286

4e38eb54

balrog

static inline void bt_hci_event_complete_status(struct bt_hci_s *hci,

1287

4e38eb54

balrog

                uint8_t status)

1288

4e38eb54

balrog

1289

4e38eb54

balrog

    bt_hci_event_complete(hci, &status, 1);

1290

4e38eb54

balrog

1291

4e38eb54

balrog

1292

4e38eb54

balrog

static inline void bt_hci_event_complete_conn_cancel(struct bt_hci_s *hci,

1294

4e38eb54

balrog

1295

4e38eb54

balrog

    create_conn_cancel_rp params = {

1296

4e38eb54

balrog

        .status = status,

1297

4e38eb54

balrog

        .bdaddr = BAINIT(bd_addr),

1298

4e38eb54

balrog

};

1299

4e38eb54

balrog

1300

4e38eb54

balrog

    bt_hci_event_complete(hci, &params, CREATE_CONN_CANCEL_RP_SIZE);

1301

4e38eb54

balrog

1302

4e38eb54

balrog

1303

4e38eb54

balrog

static inline void bt_hci_event_auth_complete(struct bt_hci_s *hci,

1304

4e38eb54

balrog

                uint16_t handle)

1305

4e38eb54

balrog

1306

4e38eb54

balrog

    evt_auth_complete params = {

1307

4e38eb54

balrog

        .status = HCI_SUCCESS,

1308

4e38eb54

balrog

        .handle = HNDL(handle),

1309

4e38eb54

balrog

};

1310

4e38eb54

balrog

1311

4e38eb54

balrog

    bt_hci_event(hci, EVT_AUTH_COMPLETE, &params, EVT_AUTH_COMPLETE_SIZE);

1312

4e38eb54

balrog

1313

4e38eb54

balrog

1314

4e38eb54

balrog

static inline void bt_hci_event_encrypt_change(struct bt_hci_s *hci,

1315

4e38eb54

balrog

                uint16_t handle, uint8_t mode)

1316

4e38eb54

balrog

1317

4e38eb54

balrog

    evt_encrypt_change params = {

1318

4e38eb54

balrog

        .status                = HCI_SUCCESS,

1319

4e38eb54

balrog

        .handle                = HNDL(handle),

1320

4e38eb54

balrog

        .encrypt        = mode,

1321

4e38eb54

balrog

};

1322

4e38eb54

balrog

1323

4e38eb54

balrog

    bt_hci_event(hci, EVT_ENCRYPT_CHANGE, &params, EVT_ENCRYPT_CHANGE_SIZE);

1324

4e38eb54

balrog

1325

4e38eb54

balrog

1326

4e38eb54

balrog

static inline void bt_hci_event_complete_name_cancel(struct bt_hci_s *hci,

1328

4e38eb54

balrog

1329

4e38eb54

balrog

    remote_name_req_cancel_rp params = {

1330

4e38eb54

balrog

        .status = HCI_INVALID_PARAMETERS,

1331

4e38eb54

balrog

        .bdaddr = BAINIT(bd_addr),

1332

4e38eb54

balrog

};

1333

4e38eb54

balrog

1334

4e38eb54

balrog

    bt_hci_event_complete(hci, &params, REMOTE_NAME_REQ_CANCEL_RP_SIZE);

1335

4e38eb54

balrog

1336

4e38eb54

balrog

1337

4e38eb54

balrog

static inline void bt_hci_event_read_remote_ext_features(struct bt_hci_s *hci,

1338

4e38eb54

balrog

                uint16_t handle)

1339

4e38eb54

balrog

1340

4e38eb54

balrog

    evt_read_remote_ext_features_complete params = {

1341

4e38eb54

balrog

        .status = HCI_UNSUPPORTED_FEATURE,

1342

4e38eb54

balrog

        .handle = HNDL(handle),

1343

4e38eb54

balrog

        /* Rest uninitialised */

1344

4e38eb54

balrog

};

1345

4e38eb54

balrog

1346

4e38eb54

balrog

    bt_hci_event(hci, EVT_READ_REMOTE_EXT_FEATURES_COMPLETE,

1347

4e38eb54

balrog

                    &params, EVT_READ_REMOTE_EXT_FEATURES_COMPLETE_SIZE);

1348

4e38eb54

balrog

1349

4e38eb54

balrog

1350

4e38eb54

balrog

static inline void bt_hci_event_complete_lmp_handle(struct bt_hci_s *hci,

1351

4e38eb54

balrog

                uint16_t handle)

1352

4e38eb54

balrog

1353

4e38eb54

balrog

    read_lmp_handle_rp params = {

1354

4e38eb54

balrog

        .status                = HCI_NO_CONNECTION,

1355

4e38eb54

balrog

        .handle                = HNDL(handle),

1356

4e38eb54

balrog

        .reserved        = 0,

1357

4e38eb54

balrog

        /* Rest uninitialised */

1358

4e38eb54

balrog

};

1359

4e38eb54

balrog

1360

4e38eb54

balrog

    bt_hci_event_complete(hci, &params, READ_LMP_HANDLE_RP_SIZE);

1361

4e38eb54

balrog

1362

4e38eb54

balrog

1363

4e38eb54

balrog

static inline void bt_hci_event_complete_role_discovery(struct bt_hci_s *hci,

1364

4e38eb54

balrog

                int status, uint16_t handle, int master)

1365

4e38eb54

balrog

1366

4e38eb54

balrog

    role_discovery_rp params = {

1367

4e38eb54

balrog

        .status                = status,

1368

4e38eb54

balrog

        .handle                = HNDL(handle),

1369

4e38eb54

balrog

        .role                = master ? 0x00 : 0x01,

1370

4e38eb54

balrog

};

1371

4e38eb54

balrog

1372

4e38eb54

balrog

    bt_hci_event_complete(hci, &params, ROLE_DISCOVERY_RP_SIZE);

1373

4e38eb54

balrog

1374

4e38eb54

balrog

1375

4e38eb54

balrog

static inline void bt_hci_event_complete_flush(struct bt_hci_s *hci,

1376

4e38eb54

balrog

                int status, uint16_t handle)

1377

4e38eb54

balrog

1378

4e38eb54

balrog

    flush_rp params = {

1379

4e38eb54

balrog

        .status                = status,

1380

4e38eb54

balrog

        .handle                = HNDL(handle),

1381

4e38eb54

balrog

};

1382

4e38eb54

balrog

1383

4e38eb54

balrog

    bt_hci_event_complete(hci, &params, FLUSH_RP_SIZE);

1384

4e38eb54

balrog

1385

4e38eb54

balrog

1386

4e38eb54

balrog

static inline void bt_hci_event_complete_read_local_name(struct bt_hci_s *hci)

1387

4e38eb54

balrog

1388

4e38eb54

balrog

    read_local_name_rp params;

1389

4e38eb54

balrog

    params.status = HCI_SUCCESS;

1390

4e38eb54

balrog

    memset(params.name, 0, sizeof(params.name));

1391

4e38eb54

balrog

    if (hci->device.lmp_name)

1393

4e38eb54

balrog

1394

4e38eb54

balrog

    bt_hci_event_complete(hci, &params, READ_LOCAL_NAME_RP_SIZE);

1395

4e38eb54

balrog

1396

4e38eb54

balrog

1397

4e38eb54

balrog

static inline void bt_hci_event_complete_read_conn_accept_timeout(

1398

4e38eb54

balrog

                struct bt_hci_s *hci)

1399

4e38eb54

balrog

1400

4e38eb54

balrog

    read_conn_accept_timeout_rp params = {

1401

4e38eb54

balrog

        .status                = HCI_SUCCESS,

1402

4e38eb54

balrog

        .timeout        = cpu_to_le16(hci->conn_accept_tout),

1403

4e38eb54

balrog

};

1404

4e38eb54

balrog

1405

4e38eb54

balrog

    bt_hci_event_complete(hci, &params, READ_CONN_ACCEPT_TIMEOUT_RP_SIZE);

1406

4e38eb54

balrog

1407

4e38eb54

balrog

1408

4e38eb54

balrog

static inline void bt_hci_event_complete_read_scan_enable(struct bt_hci_s *hci)

1409

4e38eb54

balrog

1410

4e38eb54

balrog

    read_scan_enable_rp params = {

1411

4e38eb54

balrog

        .status = HCI_SUCCESS,

1412

4e38eb54

balrog

        .enable =

1413

4e38eb54

balrog

                (hci->device.inquiry_scan ? SCAN_INQUIRY : 0) |

1414

4e38eb54

balrog

                (hci->device.page_scan ? SCAN_PAGE : 0),

1415

4e38eb54

balrog

};

1416

4e38eb54

balrog

1417

4e38eb54

balrog

    bt_hci_event_complete(hci, &params, READ_SCAN_ENABLE_RP_SIZE);

1418

4e38eb54

balrog

1419

4e38eb54

balrog

1420

4e38eb54

balrog

static inline void bt_hci_event_complete_read_local_class(struct bt_hci_s *hci)

1421

4e38eb54

balrog

1422

4e38eb54

balrog

    read_class_of_dev_rp params;

1423

4e38eb54

balrog

1424

4e38eb54

balrog

    params.status = HCI_SUCCESS;

1425

4e38eb54

balrog

    memcpy(params.dev_class, hci->device.class, sizeof(params.dev_class));

1426

4e38eb54

balrog

1427

4e38eb54

balrog

    bt_hci_event_complete(hci, &params, READ_CLASS_OF_DEV_RP_SIZE);

1428

4e38eb54

balrog

1429

4e38eb54

balrog

1430

4e38eb54

balrog

static inline void bt_hci_event_complete_voice_setting(struct bt_hci_s *hci)

1431

4e38eb54

balrog

1432

4e38eb54

balrog

    read_voice_setting_rp params = {

1433

4e38eb54

balrog

        .status                = HCI_SUCCESS,

1434

4e38eb54

balrog

        .voice_setting        = hci->voice_setting,        /* Note: no swapping */

1435

4e38eb54

balrog

};

1436

4e38eb54

balrog

1437

4e38eb54

balrog

    bt_hci_event_complete(hci, &params, READ_VOICE_SETTING_RP_SIZE);

1438

4e38eb54

balrog

1439

4e38eb54

balrog

1440

4e38eb54

balrog

static inline void bt_hci_event_complete_read_inquiry_mode(

1441

4e38eb54

balrog

                struct bt_hci_s *hci)

1442

4e38eb54

balrog

1443

4e38eb54

balrog

    read_inquiry_mode_rp params = {

1444

4e38eb54

balrog

        .status                = HCI_SUCCESS,

1445

4e38eb54

balrog

        .mode                = hci->lm.inquiry_mode,

1446

4e38eb54

balrog

};

1447

4e38eb54

balrog

1448

4e38eb54

balrog

    bt_hci_event_complete(hci, &params, READ_INQUIRY_MODE_RP_SIZE);

1449

4e38eb54

balrog

1450

4e38eb54

balrog

1451

4e38eb54

balrog

static inline void bt_hci_event_num_comp_pkts(struct bt_hci_s *hci,

1452

4e38eb54

balrog

                uint16_t handle, int packets)

1453

4e38eb54

balrog

1454

4e38eb54

balrog

    uint16_t buf[EVT_NUM_COMP_PKTS_SIZE(1) / 2 + 1];

1455

4e38eb54

balrog

    evt_num_comp_pkts *params = (void *) ((uint8_t *) buf + 1);

1456

4e38eb54

balrog

1457

4e38eb54

balrog

    params->num_hndl                        = 1;

1458

4e38eb54

balrog

    params->connection->handle                = HNDL(handle);

1459

4e38eb54

balrog

    params->connection->num_packets        = cpu_to_le16(packets);

1460

4e38eb54

balrog

1461

4e38eb54

balrog

    bt_hci_event(hci, EVT_NUM_COMP_PKTS, params, EVT_NUM_COMP_PKTS_SIZE(1));

1462

4e38eb54

balrog

1463

4e38eb54

balrog

1464

4e38eb54

balrog

static void bt_submit_hci(struct HCIInfo *info,

1465

4e38eb54

balrog

                const uint8_t *data, int length)

1466

4e38eb54

balrog

1467

4e38eb54

balrog

    struct bt_hci_s *hci = hci_from_info(info);

1468

4e38eb54

balrog

    uint16_t cmd;

1469

4e38eb54

balrog

    int paramlen, i;

1470

4e38eb54

balrog

1471

4e38eb54

balrog

    if (length < HCI_COMMAND_HDR_SIZE)

1472

4e38eb54

balrog

        goto short_hci;

1473

4e38eb54

balrog

1474

4e38eb54

balrog

    memcpy(&hci->last_cmd, data, 2);

1475

4e38eb54

balrog

1476

4e38eb54

balrog

    cmd = (data[1] << 8) | data[0];

1477

4e38eb54

balrog

    paramlen = data[2];

1478

4e38eb54

balrog

    if (cmd_opcode_ogf(cmd) == 0 || cmd_opcode_ocf(cmd) == 0)        /* NOP */

1479

4e38eb54

balrog

        return;

1480

4e38eb54

balrog

1481

4e38eb54

balrog

    data += HCI_COMMAND_HDR_SIZE;

1482

4e38eb54

balrog

    length -= HCI_COMMAND_HDR_SIZE;

1483

4e38eb54

balrog

1484

4e38eb54

balrog

    if (paramlen > length)

1485

4e38eb54

balrog

        return;

1486

4e38eb54

balrog

1487

4e38eb54

balrog

#define PARAM(cmd, param)        (((cmd##_cp *) data)->param)

1488

4e38eb54

balrog

#define PARAM16(cmd, param)        le16_to_cpup(&PARAM(cmd, param))

1489

4e38eb54

balrog

#define PARAMHANDLE(cmd)        HNDL(PARAM(cmd, handle))

1490

4e38eb54

balrog

#define LENGTH_CHECK(cmd)        if (length < sizeof(cmd##_cp)) goto short_hci

1491

4e38eb54

balrog

    /* Note: the supported commands bitmask in bt_hci_read_local_commands_rp

1492

4e38eb54

balrog

     * needs to be updated every time a command is implemented here!  */

1493

4e38eb54

balrog

    switch (cmd) {

1494

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_CTL, OCF_INQUIRY):

1495

4e38eb54

balrog

        LENGTH_CHECK(inquiry);

1496

4e38eb54

balrog

1497

4e38eb54

balrog

        if (PARAM(inquiry, length) < 1) {

1498

4e38eb54

balrog

            bt_hci_event_complete_status(hci, HCI_INVALID_PARAMETERS);

1499

4e38eb54

balrog

            break;

1500

4e38eb54

balrog

1501

4e38eb54

balrog

1502

4e38eb54

balrog

        hci->lm.inquire = 1;

1503

4e38eb54

balrog

        hci->lm.periodic = 0;

1504

4e38eb54

balrog

        hci->lm.responses_left = PARAM(inquiry, num_rsp) ?: INT_MAX;

1505

4e38eb54

balrog

        hci->lm.responses = 0;

1506

4e38eb54

balrog

        bt_hci_event_status(hci, HCI_SUCCESS);

1507

4e38eb54

balrog

        bt_hci_inquiry_start(hci, PARAM(inquiry, length));

1508

4e38eb54

balrog

        break;

1509

4e38eb54

balrog

1510

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_CTL, OCF_INQUIRY_CANCEL):

1511

4e38eb54

balrog

        if (!hci->lm.inquire || hci->lm.periodic) {

1512

4e38eb54

balrog

            fprintf(stderr, "%s: Inquiry Cancel should only be issued after "

1513

4e38eb54

balrog

                            "the Inquiry command has been issued, a Command "

1514

4e38eb54

balrog

                            "Status event has been received for the Inquiry "

1515

4e38eb54

balrog

                            "command, and before the Inquiry Complete event "

1516

4e38eb54

balrog

                            "occurs", __FUNCTION__);

1517

4e38eb54

balrog

            bt_hci_event_complete_status(hci, HCI_COMMAND_DISALLOWED);

1518

4e38eb54

balrog

            break;

1519

4e38eb54

balrog

1520

4e38eb54

balrog

1521

4e38eb54

balrog

        hci->lm.inquire = 0;

1522

4e38eb54

balrog

        qemu_del_timer(hci->lm.inquiry_done);

1523

4e38eb54

balrog

        bt_hci_event_complete_status(hci, HCI_SUCCESS);

1524

4e38eb54

balrog

        break;

1525

4e38eb54

balrog

1526

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_CTL, OCF_PERIODIC_INQUIRY):

1527

4e38eb54

balrog

        LENGTH_CHECK(periodic_inquiry);

1528

4e38eb54

balrog

1529

4e38eb54

balrog

        if (!(PARAM(periodic_inquiry, length) <

1530

4e38eb54

balrog

                                PARAM16(periodic_inquiry, min_period) &&

1531

4e38eb54

balrog

                                PARAM16(periodic_inquiry, min_period) <

1532

4e38eb54

balrog

                                PARAM16(periodic_inquiry, max_period)) ||

1533

4e38eb54

balrog

                        PARAM(periodic_inquiry, length) < 1 ||

1534

4e38eb54

balrog

                        PARAM16(periodic_inquiry, min_period) < 2 ||

1535

4e38eb54

balrog

                        PARAM16(periodic_inquiry, max_period) < 3) {

1536

4e38eb54

balrog

            bt_hci_event_complete_status(hci, HCI_INVALID_PARAMETERS);

1537

4e38eb54

balrog

            break;

1538

4e38eb54

balrog

1539

4e38eb54

balrog

1540

4e38eb54

balrog

        hci->lm.inquire = 1;

1541

4e38eb54

balrog

        hci->lm.periodic = 1;

1542

4e38eb54

balrog

        hci->lm.responses_left = PARAM(periodic_inquiry, num_rsp);

1543

4e38eb54

balrog

        hci->lm.responses = 0;

1544

4e38eb54

balrog

        hci->lm.inquiry_period = PARAM16(periodic_inquiry, max_period);

1545

4e38eb54

balrog

        bt_hci_event_complete_status(hci, HCI_SUCCESS);

1546

4e38eb54

balrog

        bt_hci_inquiry_start(hci, PARAM(periodic_inquiry, length));

1547

4e38eb54

balrog

        break;

1548

4e38eb54

balrog

1549

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_CTL, OCF_EXIT_PERIODIC_INQUIRY):

1550

4e38eb54

balrog

        if (!hci->lm.inquire || !hci->lm.periodic) {

1551

4e38eb54

balrog

            fprintf(stderr, "%s: Inquiry Cancel should only be issued after "

1552

4e38eb54

balrog

                            "the Inquiry command has been issued, a Command "

1553

4e38eb54

balrog

                            "Status event has been received for the Inquiry "

1554

4e38eb54

balrog

                            "command, and before the Inquiry Complete event "

1555

4e38eb54

balrog

                            "occurs", __FUNCTION__);

1556

4e38eb54

balrog

            bt_hci_event_complete_status(hci, HCI_COMMAND_DISALLOWED);

1557

4e38eb54

balrog

            break;

1558

4e38eb54

balrog

1559

4e38eb54

balrog

        hci->lm.inquire = 0;

1560

4e38eb54

balrog

        qemu_del_timer(hci->lm.inquiry_done);

1561

4e38eb54

balrog

        qemu_del_timer(hci->lm.inquiry_next);

1562

4e38eb54

balrog

        bt_hci_event_complete_status(hci, HCI_SUCCESS);

1563

4e38eb54

balrog

        break;

1564

4e38eb54

balrog

1565

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_CTL, OCF_CREATE_CONN):

1566

4e38eb54

balrog

        LENGTH_CHECK(create_conn);

1567

4e38eb54

balrog

1568

4e38eb54

balrog

        if (hci->lm.connecting >= HCI_HANDLES_MAX) {

1569

4e38eb54

balrog

            bt_hci_event_status(hci, HCI_REJECTED_LIMITED_RESOURCES);

1570

4e38eb54

balrog

            break;

1571

4e38eb54

balrog

1572

4e38eb54

balrog

        bt_hci_event_status(hci, HCI_SUCCESS);

1573

4e38eb54

balrog

1574

4e38eb54

balrog

        if (bt_hci_connect(hci, &PARAM(create_conn, bdaddr)))

1575

4e38eb54

balrog

            bt_hci_connection_reject_event(hci, &PARAM(create_conn, bdaddr));

1576

4e38eb54

balrog

        break;

1577

4e38eb54

balrog

1578

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_CTL, OCF_DISCONNECT):

1579

4e38eb54

balrog

        LENGTH_CHECK(disconnect);

1580

4e38eb54

balrog

1581

4e38eb54

balrog

        if (bt_hci_handle_bad(hci, PARAMHANDLE(disconnect))) {

1582

4e38eb54

balrog

            bt_hci_event_status(hci, HCI_NO_CONNECTION);

1583

4e38eb54

balrog

            break;

1584

4e38eb54

balrog

1585

4e38eb54

balrog

1586

4e38eb54

balrog

        bt_hci_event_status(hci, HCI_SUCCESS);

1587

4e38eb54

balrog

        bt_hci_disconnect(hci, PARAMHANDLE(disconnect),

1588

4e38eb54

balrog

                        PARAM(disconnect, reason));

1589

4e38eb54

balrog

        break;

1590

4e38eb54

balrog

1591

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_CTL, OCF_CREATE_CONN_CANCEL):

1592

4e38eb54

balrog

        LENGTH_CHECK(create_conn_cancel);

1593

4e38eb54

balrog

1594

4e38eb54

balrog

        if (bt_hci_lmp_connection_ready(hci,

1595

4e38eb54

balrog

                                &PARAM(create_conn_cancel, bdaddr))) {

1596

4e38eb54

balrog

            for (i = 0; i < HCI_HANDLES_MAX; i ++)

1597

4e38eb54

balrog

                if (bt_hci_role_master(hci, i) && hci->lm.handle[i].link &&

1598

4e38eb54

balrog

                                !bacmp(&hci->lm.handle[i].link->slave->bd_addr,

1599

4e38eb54

balrog

                                        &PARAM(create_conn_cancel, bdaddr)))

1600

4e38eb54

balrog

                   break;

1601

4e38eb54

balrog

1602

4e38eb54

balrog

            bt_hci_event_complete_conn_cancel(hci, i < HCI_HANDLES_MAX ?

1603

4e38eb54

balrog

                            HCI_ACL_CONNECTION_EXISTS : HCI_NO_CONNECTION,

1604

4e38eb54

balrog

                            &PARAM(create_conn_cancel, bdaddr));

1605

4e38eb54

balrog

        } else

1606

4e38eb54

balrog

            bt_hci_event_complete_conn_cancel(hci, HCI_SUCCESS,

1607

4e38eb54

balrog

                            &PARAM(create_conn_cancel, bdaddr));

1608

4e38eb54

balrog

        break;

1609

4e38eb54

balrog

1610

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_CTL, OCF_ACCEPT_CONN_REQ):

1611

4e38eb54

balrog

        LENGTH_CHECK(accept_conn_req);

1612

4e38eb54

balrog

1613

4e38eb54

balrog

        if (!hci->conn_req_host ||

1614

4e38eb54

balrog

                        bacmp(&PARAM(accept_conn_req, bdaddr),

1615

4e38eb54

balrog

                                &hci->conn_req_host->bd_addr)) {

1616

4e38eb54

balrog

            bt_hci_event_status(hci, HCI_INVALID_PARAMETERS);

1617

4e38eb54

balrog

            break;

1618

4e38eb54

balrog

1619

4e38eb54

balrog

1620

4e38eb54

balrog

        bt_hci_event_status(hci, HCI_SUCCESS);

1621

4e38eb54

balrog

        bt_hci_connection_accept(hci, hci->conn_req_host);

1623

4e38eb54

balrog

        break;

1624

4e38eb54

balrog

1625

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_CTL, OCF_REJECT_CONN_REQ):

1626

4e38eb54

balrog

        LENGTH_CHECK(reject_conn_req);

1627

4e38eb54

balrog

1628

4e38eb54

balrog

        if (!hci->conn_req_host ||

1629

4e38eb54

balrog

                        bacmp(&PARAM(reject_conn_req, bdaddr),

1630

4e38eb54

balrog

                                &hci->conn_req_host->bd_addr)) {

1631

4e38eb54

balrog

            bt_hci_event_status(hci, HCI_INVALID_PARAMETERS);

1632

4e38eb54

balrog

            break;

1633

4e38eb54

balrog

1634

4e38eb54

balrog

1635

4e38eb54

balrog

        bt_hci_event_status(hci, HCI_SUCCESS);

1636

4e38eb54

balrog

        bt_hci_connection_reject(hci, hci->conn_req_host,

1637

4e38eb54

balrog

                        PARAM(reject_conn_req, reason));

1638

4e38eb54

balrog

        bt_hci_connection_reject_event(hci, &hci->conn_req_host->bd_addr);

1640

4e38eb54

balrog

        break;

1641

4e38eb54

balrog

1642

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_CTL, OCF_AUTH_REQUESTED):

1643

4e38eb54

balrog

        LENGTH_CHECK(auth_requested);

1644

4e38eb54

balrog

1645

4e38eb54

balrog

        if (bt_hci_handle_bad(hci, PARAMHANDLE(auth_requested)))

1646

4e38eb54

balrog

            bt_hci_event_status(hci, HCI_NO_CONNECTION);

1647

4e38eb54

balrog

        else {

1648

4e38eb54

balrog

            bt_hci_event_status(hci, HCI_SUCCESS);

1649

4e38eb54

balrog

            bt_hci_event_auth_complete(hci, PARAMHANDLE(auth_requested));

1650

4e38eb54

balrog

1651

4e38eb54

balrog

        break;

1652

4e38eb54

balrog

1653

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_CTL, OCF_SET_CONN_ENCRYPT):

1654

4e38eb54

balrog

        LENGTH_CHECK(set_conn_encrypt);

1655

4e38eb54

balrog

1656

4e38eb54

balrog

        if (bt_hci_handle_bad(hci, PARAMHANDLE(set_conn_encrypt)))

1657

4e38eb54

balrog

            bt_hci_event_status(hci, HCI_NO_CONNECTION);

1658

4e38eb54

balrog

        else {

1659

4e38eb54

balrog

            bt_hci_event_status(hci, HCI_SUCCESS);

1660

4e38eb54

balrog

            bt_hci_event_encrypt_change(hci,

1661

4e38eb54

balrog

                            PARAMHANDLE(set_conn_encrypt),

1662

4e38eb54

balrog

                            PARAM(set_conn_encrypt, encrypt));

1663

4e38eb54

balrog

1664

4e38eb54

balrog

        break;

1665

4e38eb54

balrog

1666

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_CTL, OCF_REMOTE_NAME_REQ):

1667

4e38eb54

balrog

        LENGTH_CHECK(remote_name_req);

1668

4e38eb54

balrog

1669

4e38eb54

balrog

        if (bt_hci_name_req(hci, &PARAM(remote_name_req, bdaddr)))

1670

4e38eb54

balrog

            bt_hci_event_status(hci, HCI_NO_CONNECTION);

1671

4e38eb54

balrog

        break;

1672

4e38eb54

balrog

1673

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_CTL, OCF_REMOTE_NAME_REQ_CANCEL):

1674

4e38eb54

balrog

        LENGTH_CHECK(remote_name_req_cancel);

1675

4e38eb54

balrog

1676

4e38eb54

balrog

        bt_hci_event_complete_name_cancel(hci,

1677

4e38eb54

balrog

                        &PARAM(remote_name_req_cancel, bdaddr));

1678

4e38eb54

balrog

        break;

1679

4e38eb54

balrog

1680

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_CTL, OCF_READ_REMOTE_FEATURES):

1681

4e38eb54

balrog

        LENGTH_CHECK(read_remote_features);

1682

4e38eb54

balrog

1683

4e38eb54

balrog

        if (bt_hci_features_req(hci, PARAMHANDLE(read_remote_features)))

1684

4e38eb54

balrog

            bt_hci_event_status(hci, HCI_NO_CONNECTION);

1685

4e38eb54

balrog

        break;

1686

4e38eb54

balrog

1687

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_CTL, OCF_READ_REMOTE_EXT_FEATURES):

1688

4e38eb54

balrog

        LENGTH_CHECK(read_remote_ext_features);

1689

4e38eb54

balrog

1690

4e38eb54

balrog

        if (bt_hci_handle_bad(hci, PARAMHANDLE(read_remote_ext_features)))

1691

4e38eb54

balrog

            bt_hci_event_status(hci, HCI_NO_CONNECTION);

1692

4e38eb54

balrog

        else {

1693

4e38eb54

balrog

            bt_hci_event_status(hci, HCI_SUCCESS);

1694

4e38eb54

balrog

            bt_hci_event_read_remote_ext_features(hci,

1695

4e38eb54

balrog

                            PARAMHANDLE(read_remote_ext_features));

1696

4e38eb54

balrog

1697

4e38eb54

balrog

        break;

1698

4e38eb54

balrog

1699

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_CTL, OCF_READ_REMOTE_VERSION):

1700

4e38eb54

balrog

        LENGTH_CHECK(read_remote_version);

1701

4e38eb54

balrog

1702

4e38eb54

balrog

        if (bt_hci_version_req(hci, PARAMHANDLE(read_remote_version)))

1703

4e38eb54

balrog

            bt_hci_event_status(hci, HCI_NO_CONNECTION);

1704

4e38eb54

balrog

        break;

1705

4e38eb54

balrog

1706

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_CTL, OCF_READ_CLOCK_OFFSET):

1707

4e38eb54

balrog

        LENGTH_CHECK(read_clock_offset);

1708

4e38eb54

balrog

1709

4e38eb54

balrog

        if (bt_hci_clkoffset_req(hci, PARAMHANDLE(read_clock_offset)))

1710

4e38eb54

balrog

            bt_hci_event_status(hci, HCI_NO_CONNECTION);

1711

4e38eb54

balrog

        break;

1712

4e38eb54

balrog

1713

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_CTL, OCF_READ_LMP_HANDLE):

1714

4e38eb54

balrog

        LENGTH_CHECK(read_lmp_handle);

1715

4e38eb54

balrog

1716

4e38eb54

balrog

        /* TODO: */

1717

4e38eb54

balrog

        bt_hci_event_complete_lmp_handle(hci, PARAMHANDLE(read_lmp_handle));

1718

4e38eb54

balrog

        break;

1719

4e38eb54

balrog

1720

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_POLICY, OCF_HOLD_MODE):

1721

4e38eb54

balrog

        LENGTH_CHECK(hold_mode);

1722

4e38eb54

balrog

1723

4e38eb54

balrog

        if (PARAM16(hold_mode, min_interval) >

1724

4e38eb54

balrog

                        PARAM16(hold_mode, max_interval) ||

1725

4e38eb54

balrog

                        PARAM16(hold_mode, min_interval) < 0x0002 ||

1726

4e38eb54

balrog

                        PARAM16(hold_mode, max_interval) > 0xff00 ||

1727

4e38eb54

balrog

                        (PARAM16(hold_mode, min_interval) & 1) ||

1728

4e38eb54

balrog

                        (PARAM16(hold_mode, max_interval) & 1)) {

1729

4e38eb54

balrog

            bt_hci_event_status(hci, HCI_INVALID_PARAMETERS);

1730

4e38eb54

balrog

            break;

1731

4e38eb54

balrog

1732

4e38eb54

balrog

1733

4e38eb54

balrog

        if (bt_hci_mode_change(hci, PARAMHANDLE(hold_mode),

1734

4e38eb54

balrog

                                PARAM16(hold_mode, max_interval),

1735

4e38eb54

balrog

                                acl_hold))

1736

4e38eb54

balrog

            bt_hci_event_status(hci, HCI_NO_CONNECTION);

1737

4e38eb54

balrog

        break;

1738

4e38eb54

balrog

1739

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_POLICY, OCF_PARK_MODE):

1740

4e38eb54

balrog

        LENGTH_CHECK(park_mode);

1741

4e38eb54

balrog

1742

4e38eb54

balrog

        if (PARAM16(park_mode, min_interval) >

1743

4e38eb54

balrog

                        PARAM16(park_mode, max_interval) ||

1744

4e38eb54

balrog

                        PARAM16(park_mode, min_interval) < 0x000e ||

1745

4e38eb54

balrog

                        (PARAM16(park_mode, min_interval) & 1) ||

1746

4e38eb54

balrog

                        (PARAM16(park_mode, max_interval) & 1)) {

1747

4e38eb54

balrog

            bt_hci_event_status(hci, HCI_INVALID_PARAMETERS);

1748

4e38eb54

balrog

            break;

1749

4e38eb54

balrog

1750

4e38eb54

balrog

1751

4e38eb54

balrog

        if (bt_hci_mode_change(hci, PARAMHANDLE(park_mode),

1752

4e38eb54

balrog

                                PARAM16(park_mode, max_interval),

1753

4e38eb54

balrog

                                acl_parked))

1754

4e38eb54

balrog

            bt_hci_event_status(hci, HCI_NO_CONNECTION);

1755

4e38eb54

balrog

        break;

1756

4e38eb54

balrog

1757

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_POLICY, OCF_EXIT_PARK_MODE):

1758

4e38eb54

balrog

        LENGTH_CHECK(exit_park_mode);

1759

4e38eb54

balrog

1760

4e38eb54

balrog

        if (bt_hci_mode_cancel(hci, PARAMHANDLE(exit_park_mode),

1761

4e38eb54

balrog

                                acl_parked))

1762

4e38eb54

balrog

            bt_hci_event_status(hci, HCI_NO_CONNECTION);

1763

4e38eb54

balrog

        break;

1764

4e38eb54

balrog

1765

4e38eb54

balrog

    case cmd_opcode_pack(OGF_LINK_POLICY, OCF_ROLE_DISCOVERY):

1766

4e38eb54

balrog

        LENGTH_CHECK(role_discovery);

1767

4e38eb54

balrog

1768

4e38eb54

balrog

        if (bt_hci_handle_bad(hci, PARAMHANDLE(role_discovery)))

1769

4e38eb54

balrog

            bt_hci_event_complete_role_discovery(hci,

1770

4e38eb54

balrog

                            HCI_NO_CONNECTION, PARAMHANDLE(role_discovery), 0);

1771

4e38eb54

balrog

        else

1772

4e38eb54

balrog

            bt_hci_event_complete_role_discovery(hci,

1773

4e38eb54

balrog

                            HCI_SUCCESS, PARAMHANDLE(role_discovery),

1774

4e38eb54

balrog

                            bt_hci_role_master(hci,

1775

4e38eb54

balrog

                                    PARAMHANDLE(role_discovery)));

1776

4e38eb54

balrog

        break;

1777

4e38eb54

balrog

1778

4e38eb54

balrog

    case cmd_opcode_pack(OGF_HOST_CTL, OCF_SET_EVENT_MASK):

1779

4e38eb54

balrog

        LENGTH_CHECK(set_event_mask);

1780

4e38eb54

balrog

1781

4e38eb54

balrog

        memcpy(hci->event_mask, PARAM(set_event_mask, mask), 8);

1782

4e38eb54

balrog

        bt_hci_event_complete_status(hci, HCI_SUCCESS);

1783

4e38eb54

balrog

        break;

1784

4e38eb54

balrog

1785

4e38eb54

balrog

    case cmd_opcode_pack(OGF_HOST_CTL, OCF_RESET):

1786

4e38eb54

balrog

        bt_hci_reset(hci);

1787

4e38eb54

balrog

        bt_hci_event_status(hci, HCI_SUCCESS);

1788

4e38eb54

balrog

        break;

1789

4e38eb54

balrog

1790

4e38eb54

balrog

    case cmd_opcode_pack(OGF_HOST_CTL, OCF_SET_EVENT_FLT):

1791

4e38eb54

balrog

        if (length >= 1 && PARAM(set_event_flt, flt_type) == FLT_CLEAR_ALL)

1792

4e38eb54

balrog

            /* No length check */;

1793

4e38eb54

balrog

        else

1794

4e38eb54

balrog

            LENGTH_CHECK(set_event_flt);

1795

4e38eb54

balrog

1796

4e38eb54

balrog

        /* Filters are not implemented */

1797

4e38eb54

balrog

        bt_hci_event_complete_status(hci, HCI_SUCCESS);

1798

4e38eb54

balrog

        break;

1799

4e38eb54

balrog

1800

4e38eb54

balrog

    case cmd_opcode_pack(OGF_HOST_CTL, OCF_FLUSH):

1801

4e38eb54

balrog

        LENGTH_CHECK(flush);

1802

4e38eb54

balrog

1803

4e38eb54

balrog

        if (bt_hci_handle_bad(hci, PARAMHANDLE(flush)))

1804

4e38eb54

balrog

            bt_hci_event_complete_flush(hci,

1805

4e38eb54

balrog

                            HCI_NO_CONNECTION, PARAMHANDLE(flush));

1806

4e38eb54

balrog

        else {

1807

4e38eb54

balrog

            /* TODO: ordering? */

1808

4e38eb54

balrog

            bt_hci_event(hci, EVT_FLUSH_OCCURRED,

1809

4e38eb54

balrog

                            &PARAM(flush, handle),

1810

4e38eb54

balrog

                            EVT_FLUSH_OCCURRED_SIZE);

1811

4e38eb54

balrog

            bt_hci_event_complete_flush(hci,

1812

4e38eb54

balrog

                            HCI_SUCCESS, PARAMHANDLE(flush));

1813

4e38eb54

balrog

1814

4e38eb54

balrog

        break;

1815

4e38eb54

balrog

1816

4e38eb54

balrog

    case cmd_opcode_pack(OGF_HOST_CTL, OCF_CHANGE_LOCAL_NAME):

1817

4e38eb54

balrog

        LENGTH_CHECK(change_local_name);

1818

4e38eb54

balrog

1819

4e38eb54

balrog

        if (hci->device.lmp_name)

1822

4e38eb54

balrog

                        sizeof(PARAM(change_local_name, name)));

1823

4e38eb54

balrog

        bt_hci_event_complete_status(hci, HCI_SUCCESS);

1824

4e38eb54

balrog

        break;

1825

4e38eb54

balrog

1826

4e38eb54

balrog

    case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_LOCAL_NAME):

1827

4e38eb54

balrog

        bt_hci_event_complete_read_local_name(hci);

1828

4e38eb54

balrog

        break;

1829

4e38eb54

balrog

1830

4e38eb54

balrog

    case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_CONN_ACCEPT_TIMEOUT):

1831

4e38eb54

balrog

        bt_hci_event_complete_read_conn_accept_timeout(hci);

1832

4e38eb54

balrog

        break;

1833

4e38eb54

balrog

1834

4e38eb54

balrog

    case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_CONN_ACCEPT_TIMEOUT):

1835

4e38eb54

balrog

        /* TODO */

1836

4e38eb54

balrog

        LENGTH_CHECK(write_conn_accept_timeout);

1837

4e38eb54

balrog

1838

4e38eb54

balrog

        if (PARAM16(write_conn_accept_timeout, timeout) < 0x0001 ||

1839

4e38eb54

balrog

                        PARAM16(write_conn_accept_timeout, timeout) > 0xb540) {

1840

4e38eb54

balrog

            bt_hci_event_complete_status(hci, HCI_INVALID_PARAMETERS);

1841

4e38eb54

balrog

            break;

1842

4e38eb54

balrog

1843

4e38eb54

balrog

1844

4e38eb54

balrog

        hci->conn_accept_tout = PARAM16(write_conn_accept_timeout, timeout);

1845

4e38eb54

balrog

        bt_hci_event_complete_status(hci, HCI_SUCCESS);

1846

4e38eb54

balrog

        break;

1847

4e38eb54

balrog

1848

4e38eb54

balrog

    case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_SCAN_ENABLE):

1849

4e38eb54

balrog

        bt_hci_event_complete_read_scan_enable(hci);

1850

4e38eb54

balrog

        break;

1851

4e38eb54

balrog

1852

4e38eb54

balrog

    case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE):

1853

4e38eb54

balrog

        LENGTH_CHECK(write_scan_enable);

1854

4e38eb54

balrog

1855

4e38eb54

balrog

        /* TODO: check that the remaining bits are all 0 */

1856

4e38eb54

balrog

        hci->device.inquiry_scan =

1857

4e38eb54

balrog

                !!(PARAM(write_scan_enable, scan_enable) & SCAN_INQUIRY);

1858

4e38eb54

balrog

        hci->device.page_scan =

1859

4e38eb54

balrog

                !!(PARAM(write_scan_enable, scan_enable) & SCAN_PAGE);

1860

4e38eb54

balrog

        bt_hci_event_complete_status(hci, HCI_SUCCESS);

1861

4e38eb54

balrog

        break;

1862

4e38eb54

balrog

1863

4e38eb54

balrog

    case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_CLASS_OF_DEV):

1864

4e38eb54

balrog

        bt_hci_event_complete_read_local_class(hci);

1865

4e38eb54

balrog

        break;

1866

4e38eb54

balrog

1867

4e38eb54

balrog

    case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_CLASS_OF_DEV):

1868

4e38eb54

balrog

        LENGTH_CHECK(write_class_of_dev);

1869

4e38eb54

balrog

1870

4e38eb54

balrog

        memcpy(hci->device.class, PARAM(write_class_of_dev, dev_class),

1871

4e38eb54

balrog

                        sizeof(PARAM(write_class_of_dev, dev_class)));

1872

4e38eb54

balrog

        bt_hci_event_complete_status(hci, HCI_SUCCESS);

1873

4e38eb54

balrog

        break;

1874

4e38eb54

balrog

1875

4e38eb54

balrog

    case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_VOICE_SETTING):

1876

4e38eb54

balrog

        bt_hci_event_complete_voice_setting(hci);

1877

4e38eb54

balrog

        break;

1878

4e38eb54

balrog

1879

4e38eb54

balrog

    case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_VOICE_SETTING):

1880

4e38eb54

balrog

        LENGTH_CHECK(write_voice_setting);

1881

4e38eb54

balrog

1882

4e38eb54

balrog

        hci->voice_setting = PARAM(write_voice_setting, voice_setting);

1883

4e38eb54

balrog

        bt_hci_event_complete_status(hci, HCI_SUCCESS);

1884

4e38eb54

balrog

        break;

1885

4e38eb54

balrog

1886

4e38eb54

balrog

    case cmd_opcode_pack(OGF_HOST_CTL, OCF_HOST_NUMBER_OF_COMPLETED_PACKETS):

1887

4e38eb54

balrog

        if (length < data[0] * 2 + 1)

1888

4e38eb54

balrog

            goto short_hci;

1889

4e38eb54

balrog

1890

4e38eb54

balrog

        for (i = 0; i < data[0]; i ++)

1891

4e38eb54

balrog

            if (bt_hci_handle_bad(hci,

1892

4e38eb54

balrog

                                    data[i * 2 + 1] | (data[i * 2 + 2] << 8)))

1893

4e38eb54

balrog

                bt_hci_event_complete_status(hci, HCI_INVALID_PARAMETERS);

1894

4e38eb54

balrog

        break;

1895

4e38eb54

balrog

1896

4e38eb54

balrog

    case cmd_opcode_pack(OGF_HOST_CTL, OCF_READ_INQUIRY_MODE):

1897

4e38eb54

balrog

        /* Only if (local_features[3] & 0x40) && (local_commands[12] & 0x40)

1898

4e38eb54

balrog

         * else

1899

4e38eb54

balrog

         *     goto unknown_command */

1900

4e38eb54

balrog

        bt_hci_event_complete_read_inquiry_mode(hci);

1901

4e38eb54

balrog

        break;

1902

4e38eb54

balrog

1903

4e38eb54

balrog

    case cmd_opcode_pack(OGF_HOST_CTL, OCF_WRITE_INQUIRY_MODE):

1904

4e38eb54

balrog

        /* Only if (local_features[3] & 0x40) && (local_commands[12] & 0x80)

1905

4e38eb54

balrog

         * else

1906

4e38eb54

balrog

         *     goto unknown_command */

1907

4e38eb54

balrog

        LENGTH_CHECK(write_inquiry_mode);

1908

4e38eb54

balrog

1909

4e38eb54

balrog

        if (PARAM(write_inquiry_mode, mode) > 0x01) {

1910

4e38eb54

balrog

            bt_hci_event_complete_status(hci, HCI_INVALID_PARAMETERS);

1911

4e38eb54

balrog

            break;

1912

4e38eb54

balrog

1913

4e38eb54

balrog

1914

4e38eb54

balrog

        hci->lm.inquiry_mode = PARAM(write_inquiry_mode, mode);

1915

4e38eb54

balrog

        bt_hci_event_complete_status(hci, HCI_SUCCESS);

1916

4e38eb54

balrog

        break;

1917

4e38eb54

balrog

1918

4e38eb54

balrog

    case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_VERSION):

1919

4e38eb54

balrog

        bt_hci_read_local_version_rp(hci);

1920

4e38eb54

balrog

        break;

1921

4e38eb54

balrog

1922

4e38eb54

balrog

    case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_COMMANDS):

1923

4e38eb54

balrog

        bt_hci_read_local_commands_rp(hci);

1924

4e38eb54

balrog

        break;

1925

4e38eb54

balrog

1926

4e38eb54

balrog

    case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_FEATURES):

1927

4e38eb54

balrog

        bt_hci_read_local_features_rp(hci);

1928

4e38eb54

balrog

        break;

1929

4e38eb54

balrog

1930

4e38eb54

balrog

    case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_LOCAL_EXT_FEATURES):

1931

4e38eb54

balrog

        LENGTH_CHECK(read_local_ext_features);

1932

4e38eb54

balrog

1933

4e38eb54

balrog

        bt_hci_read_local_ext_features_rp(hci,

1934

4e38eb54

balrog

                        PARAM(read_local_ext_features, page_num));

1935

4e38eb54

balrog

        break;

1936

4e38eb54

balrog

1937

4e38eb54

balrog

    case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_BUFFER_SIZE):

1938

4e38eb54

balrog

        bt_hci_read_buffer_size_rp(hci);

1939

4e38eb54

balrog

        break;

1940

4e38eb54

balrog

1941

4e38eb54

balrog

    case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_COUNTRY_CODE):

1942

4e38eb54

balrog

        bt_hci_read_country_code_rp(hci);

1943

4e38eb54

balrog

        break;

1944

4e38eb54

balrog

1945

4e38eb54

balrog

    case cmd_opcode_pack(OGF_INFO_PARAM, OCF_READ_BD_ADDR):

1946

4e38eb54

balrog

        bt_hci_read_bd_addr_rp(hci);

1947

4e38eb54

balrog

        break;

1948

4e38eb54

balrog

1949

4e38eb54

balrog

    case cmd_opcode_pack(OGF_STATUS_PARAM, OCF_READ_LINK_QUALITY):

1950

4e38eb54

balrog

        LENGTH_CHECK(read_link_quality);

1951

4e38eb54

balrog

1952

4e38eb54

balrog

        bt_hci_link_quality_rp(hci, PARAMHANDLE(read_link_quality));

1953

4e38eb54

balrog

        break;

1954

4e38eb54

balrog

1955

4e38eb54

balrog

    default:

1956

4e38eb54

balrog

        bt_hci_event_status(hci, HCI_UNKNOWN_COMMAND);

1957

4e38eb54

balrog

        break;

1958

4e38eb54

balrog

1959

4e38eb54

balrog

    short_hci:

1960

4e38eb54

balrog

        fprintf(stderr, "%s: HCI packet too short (%iB)\n",

1961

4e38eb54

balrog

                        __FUNCTION__, length);

1962

4e38eb54

balrog

        bt_hci_event_status(hci, HCI_INVALID_PARAMETERS);

1963

4e38eb54

balrog

        break;

1964

4e38eb54

balrog

1965

4e38eb54

balrog

1966

4e38eb54

balrog

1967

4e38eb54

balrog

/* We could perform fragmentation here, we can't do "recombination" because

1968

4e38eb54

balrog

 * at this layer the length of the payload is not know ahead, so we only

1969

4e38eb54

balrog

 * know that a packet contained the last fragment of the SDU when the next

1970

4e38eb54

balrog

 * SDU starts.  */

1971

4e38eb54

balrog

static inline void bt_hci_lmp_acl_data(struct bt_hci_s *hci, uint16_t handle,

1972

4e38eb54

balrog

                const uint8_t *data, int start, int len)

1973

4e38eb54

balrog

1974

4e38eb54

balrog

    struct hci_acl_hdr *pkt = (void *) hci->acl_buf;

1975

4e38eb54

balrog

1976

4e38eb54

balrog

    /* TODO: packet flags */

1977

4e38eb54

balrog

    /* TODO: avoid memcpy'ing */

1978

4e38eb54

balrog

1979

4e38eb54

balrog

    if (len + HCI_ACL_HDR_SIZE > sizeof(hci->acl_buf)) {

1980

4e38eb54

balrog

        fprintf(stderr, "%s: can't take ACL packets %i bytes long\n",

1981

4e38eb54

balrog

                        __FUNCTION__, len);

1982

4e38eb54

balrog

        return;

1983

4e38eb54

balrog

1984

4e38eb54

balrog

    memcpy(hci->acl_buf + HCI_ACL_HDR_SIZE, data, len);

1985

4e38eb54

balrog

1986

4e38eb54

balrog

    pkt->handle = cpu_to_le16(

1987

4e38eb54

balrog

                    acl_handle_pack(handle, start ? ACL_START : ACL_CONT));

1988

4e38eb54

balrog

    pkt->dlen = cpu_to_le16(len);

1989

4e38eb54

balrog

    hci->info.acl_recv(hci->info.opaque,

1990

4e38eb54

balrog

                    hci->acl_buf, len + HCI_ACL_HDR_SIZE);

1991

4e38eb54

balrog

1992

4e38eb54

balrog

1993

4e38eb54

balrog

static void bt_hci_lmp_acl_data_slave(struct bt_link_s *btlink,

1994

4e38eb54

balrog

                const uint8_t *data, int start, int len)

1995

4e38eb54

balrog

1996

4e38eb54

balrog

    struct bt_hci_link_s *link = (struct bt_hci_link_s *) btlink;

1997

4e38eb54

balrog

1998

4e38eb54

balrog

    bt_hci_lmp_acl_data(hci_from_device(btlink->slave),

1999

4e38eb54

balrog

                    link->handle, data, start, len);

2000

4e38eb54

balrog

2001

4e38eb54

balrog

2002

4e38eb54

balrog

static void bt_hci_lmp_acl_data_host(struct bt_link_s *link,

2003

4e38eb54

balrog

                const uint8_t *data, int start, int len)

2004

4e38eb54

balrog

2005

4e38eb54

balrog

    bt_hci_lmp_acl_data(hci_from_device(link->host),

2006

4e38eb54

balrog

                    link->handle, data, start, len);

2007

4e38eb54

balrog

2008

4e38eb54

balrog

2009

4e38eb54

balrog

static void bt_submit_acl(struct HCIInfo *info,

2010

4e38eb54

balrog

                const uint8_t *data, int length)

2011

4e38eb54

balrog

2012

4e38eb54

balrog

    struct bt_hci_s *hci = hci_from_info(info);

2013

4e38eb54

balrog

    uint16_t handle;

2014

4e38eb54

balrog

    int datalen, flags;

2015

4e38eb54

balrog

    struct bt_link_s *link;

2016

4e38eb54

balrog

2017

4e38eb54

balrog

    if (length < HCI_ACL_HDR_SIZE) {

2018

4e38eb54

balrog

        fprintf(stderr, "%s: ACL packet too short (%iB)\n",

2019

4e38eb54

balrog

                        __FUNCTION__, length);

2020

4e38eb54

balrog

        return;

2021

4e38eb54

balrog

2022

4e38eb54

balrog

2023

4e38eb54

balrog

    handle = acl_handle((data[1] << 8) | data[0]);

2024

4e38eb54

balrog

    flags = acl_flags((data[1] << 8) | data[0]);

2025

4e38eb54

balrog

    datalen = (data[3] << 8) | data[2];

2026

4e38eb54

balrog

    data += HCI_ACL_HDR_SIZE;

2027

4e38eb54

balrog

    length -= HCI_ACL_HDR_SIZE;

2028

4e38eb54

balrog

2029

4e38eb54

balrog

    if (bt_hci_handle_bad(hci, handle)) {

2030

4e38eb54

balrog

        fprintf(stderr, "%s: invalid ACL handle %03x\n",

2031

4e38eb54

balrog

                        __FUNCTION__, handle);

2032

4e38eb54

balrog

        /* TODO: signal an error */

2033

4e38eb54

balrog

        return;

2034

4e38eb54

balrog

2035

4e38eb54

balrog

    handle &= ~HCI_HANDLE_OFFSET;

2036

4e38eb54

balrog

2037

4e38eb54

balrog

    if (datalen > length) {

2038

4e38eb54

balrog

        fprintf(stderr, "%s: ACL packet too short (%iB < %iB)\n",

2039

4e38eb54

balrog

                        __FUNCTION__, length, datalen);

2040

4e38eb54

balrog

        return;

2041

4e38eb54

balrog

2042

4e38eb54

balrog

2043

4e38eb54

balrog

    link = hci->lm.handle[handle].link;

2044

4e38eb54

balrog

2045

4e38eb54

balrog

    if ((flags & ~3) == ACL_ACTIVE_BCAST) {

2046

4e38eb54

balrog

        if (!hci->asb_handle)

2047

4e38eb54

balrog

            hci->asb_handle = handle;

2048

4e38eb54

balrog

        else if (handle != hci->asb_handle) {

2049

4e38eb54

balrog

            fprintf(stderr, "%s: Bad handle %03x in Active Slave Broadcast\n",

2050

4e38eb54

balrog

                            __FUNCTION__, handle);

2051

4e38eb54

balrog

            /* TODO: signal an error */

2052

4e38eb54

balrog

            return;

2053

4e38eb54

balrog

2054

4e38eb54

balrog

2055

4e38eb54

balrog

        /* TODO */

2056

4e38eb54

balrog

2057

4e38eb54

balrog

2058

4e38eb54

balrog

    if ((flags & ~3) == ACL_PICO_BCAST) {

2059

4e38eb54

balrog

        if (!hci->psb_handle)

2060

4e38eb54

balrog

            hci->psb_handle = handle;

2061

4e38eb54

balrog

        else if (handle != hci->psb_handle) {

2062

4e38eb54

balrog

            fprintf(stderr, "%s: Bad handle %03x in Parked Slave Broadcast\n",

2063

4e38eb54

balrog

                            __FUNCTION__, handle);

2064

4e38eb54

balrog

            /* TODO: signal an error */

2065

4e38eb54

balrog

            return;

2066

4e38eb54

balrog

2067

4e38eb54

balrog

2068

4e38eb54

balrog

        /* TODO */

2069

4e38eb54

balrog

2070

4e38eb54

balrog

2071

4e38eb54

balrog

    /* TODO: increase counter and send EVT_NUM_COMP_PKTS */

2072

4e38eb54

balrog

    bt_hci_event_num_comp_pkts(hci, handle | HCI_HANDLE_OFFSET, 1);

2073

4e38eb54

balrog

2074

4e38eb54

balrog

    /* Do this last as it can trigger further events even in this HCI */

2075

4e38eb54

balrog

    hci->lm.handle[handle].lmp_acl_data(link, data,

2076

4e38eb54

balrog

                    (flags & 3) == ACL_START, length);

2077

4e38eb54

balrog

2078

4e38eb54

balrog

2079

4e38eb54

balrog

static void bt_submit_sco(struct HCIInfo *info,

2080

4e38eb54

balrog

                const uint8_t *data, int length)

2081

4e38eb54

balrog

2082

4e38eb54

balrog

    struct bt_hci_s *hci = hci_from_info(info);

2083

4e38eb54

balrog

    struct bt_link_s *link;

2084

4e38eb54

balrog

    uint16_t handle;

2085

4e38eb54

balrog

    int datalen;

2086

4e38eb54

balrog

2087

4e38eb54

balrog

    if (length < 3)

2088

4e38eb54

balrog

        return;

2089

4e38eb54

balrog

2090

4e38eb54

balrog

    handle = acl_handle((data[1] << 8) | data[0]);

2091

4e38eb54

balrog

    datalen = data[2];

2092

4e38eb54

balrog

    data += 3;

2093

4e38eb54

balrog

    length -= 3;

2094

4e38eb54

balrog

2095

4e38eb54

balrog

    if (bt_hci_handle_bad(hci, handle)) {

2096

4e38eb54

balrog

        fprintf(stderr, "%s: invalid SCO handle %03x\n",

2097

4e38eb54

balrog

                        __FUNCTION__, handle);

2098

4e38eb54

balrog

        return;

2099

4e38eb54

balrog

2100

4e38eb54

balrog

    handle &= ~HCI_HANDLE_OFFSET;

2101

4e38eb54

balrog

2102

4e38eb54

balrog

    if (datalen > length) {

2103

4e38eb54

balrog

        fprintf(stderr, "%s: SCO packet too short (%iB < %iB)\n",

2104

4e38eb54

balrog

                        __FUNCTION__, length, datalen);

2105

4e38eb54

balrog

        return;

2106

4e38eb54

balrog

2107

4e38eb54

balrog

2108

4e38eb54

balrog

    link = hci->lm.handle[handle].link;

2109

4e38eb54

balrog

    /* TODO */

2110

4e38eb54

balrog

2111

4e38eb54

balrog

    /* TODO: increase counter and send EVT_NUM_COMP_PKTS if synchronous

2112

4e38eb54

balrog

     * Flow Control is enabled.

2113

4e38eb54

balrog

     * (See Read/Write_Synchronous_Flow_Control_Enable on page 513 and

2114

4e38eb54

balrog

     * page 514.)  */

2115

4e38eb54

balrog

2116

4e38eb54

balrog

2117

4e38eb54

balrog

static uint8_t *bt_hci_evt_packet(void *opaque)

2118

4e38eb54

balrog

2119

4e38eb54

balrog

    /* TODO: allocate a packet from upper layer */

2120

4e38eb54

balrog

    struct bt_hci_s *s = opaque;

2121

4e38eb54

balrog

2122

4e38eb54

balrog

    return s->evt_buf;

2123

4e38eb54

balrog

2124

4e38eb54

balrog

2125

4e38eb54

balrog

static void bt_hci_evt_submit(void *opaque, int len)

2126

4e38eb54

balrog

2127

4e38eb54

balrog

    /* TODO: notify upper layer */

2128

4e38eb54

balrog

    struct bt_hci_s *s = opaque;

2129

4e38eb54

balrog

2131

4e38eb54

balrog

2132

4e38eb54

balrog

2133

4e38eb54

balrog

static int bt_hci_bdaddr_set(struct HCIInfo *info, const uint8_t *bd_addr)

2134

4e38eb54

balrog

2135

4e38eb54

balrog

    struct bt_hci_s *hci = hci_from_info(info);

2136

4e38eb54

balrog

2138

4e38eb54

balrog

    return 0;

2139

4e38eb54

balrog

2140

4e38eb54

balrog

2142

4e38eb54

balrog

static void bt_hci_destroy(struct bt_device_s *dev)

2143

4e38eb54

balrog

2144

4e38eb54

balrog

    struct bt_hci_s *hci = hci_from_device(dev);

2145

4e38eb54

balrog

2147

4e38eb54

balrog

2148

4e38eb54

balrog

2149

4e38eb54

balrog

struct HCIInfo *bt_new_hci(struct bt_scatternet_s *net)

2150

4e38eb54

balrog

2151

4e38eb54

balrog

    struct bt_hci_s *s = qemu_mallocz(sizeof(struct bt_hci_s));

2152

4e38eb54

balrog

2153

4e38eb54

balrog

    s->lm.inquiry_done = qemu_new_timer(vm_clock, bt_hci_inquiry_done, s);

2154

4e38eb54

balrog

    s->lm.inquiry_next = qemu_new_timer(vm_clock, bt_hci_inquiry_next, s);

2155

4e38eb54

balrog

    s->conn_accept_timer =

2156

4e38eb54

balrog

            qemu_new_timer(vm_clock, bt_hci_conn_accept_timeout, s);

2157

4e38eb54

balrog

2158

4e38eb54

balrog

    s->evt_packet = bt_hci_evt_packet;

2159

4e38eb54

balrog

    s->evt_submit = bt_hci_evt_submit;

2160

4e38eb54

balrog

    s->opaque = s;

2161

4e38eb54

balrog

2162

4e38eb54

balrog

    bt_device_init(&s->device, net);

2163

4e38eb54

balrog

    s->device.lmp_connection_request = bt_hci_lmp_connection_request;

2164

4e38eb54

balrog

    s->device.lmp_connection_complete = bt_hci_lmp_connection_complete;

2165

4e38eb54

balrog

    s->device.lmp_disconnect_master = bt_hci_lmp_disconnect_host;

2166

4e38eb54

balrog

    s->device.lmp_disconnect_slave = bt_hci_lmp_disconnect_slave;

2167

4e38eb54

balrog

    s->device.lmp_acl_data = bt_hci_lmp_acl_data_slave;

2168

4e38eb54

balrog

    s->device.lmp_acl_resp = bt_hci_lmp_acl_data_host;

2169

4e38eb54

balrog

    s->device.lmp_mode_change = bt_hci_lmp_mode_change_slave;

2170

4e38eb54

balrog

2171

4e38eb54

balrog

    /* Keep updated! */

2172

4e38eb54

balrog

    /* Also keep in sync with supported commands bitmask in

2173

4e38eb54

balrog

     * bt_hci_read_local_commands_rp */

2174

4e38eb54

balrog

    s->device.lmp_caps = 0x8000199b7e85355fll;

2175

4e38eb54

balrog

2176

4e38eb54

balrog

    bt_hci_reset(s);

2177

4e38eb54

balrog

2178

4e38eb54

balrog

    s->info.cmd_send = bt_submit_hci;

2179

4e38eb54

balrog

    s->info.sco_send = bt_submit_sco;

2180

4e38eb54

balrog

    s->info.acl_send = bt_submit_acl;

2181

4e38eb54

balrog

    s->info.bdaddr_set = bt_hci_bdaddr_set;

2182

4e38eb54

balrog

2183

4e38eb54

balrog

    s->device.handle_destroy = bt_hci_destroy;

2184

4e38eb54

balrog

2185

4e38eb54

balrog

    return &s->info;

2186

4e38eb54

balrog

2187

4e38eb54

balrog

2189

4e38eb54

balrog

2190

4e38eb54

balrog

    struct bt_hci_s *hci = hci_from_info(info);

2191

4e38eb54

balrog

    int handle;

2192

4e38eb54

balrog

2193

4e38eb54

balrog

    bt_device_done(&hci->device);

2194

4e38eb54

balrog

2195

4e38eb54

balrog

    if (hci->device.lmp_name)

2197

4e38eb54

balrog

2198

4e38eb54

balrog

    /* Be gentle and send DISCONNECT to all connected peers and those

2199

4e38eb54

balrog

     * currently waiting for us to accept or reject a connection request.

2200

4e38eb54

balrog

     * This frees the links.  */

2206

4e38eb54

balrog

2207

4e38eb54

balrog

    for (handle = HCI_HANDLE_OFFSET;

2208

4e38eb54

balrog

                    handle < (HCI_HANDLE_OFFSET | HCI_HANDLES_MAX); handle ++)

2209

4e38eb54

balrog

        if (!bt_hci_handle_bad(hci, handle))

2210

4e38eb54

balrog

            bt_hci_disconnect(hci, handle, HCI_OE_POWER_OFF);

2211

4e38eb54

balrog

2212

4e38eb54

balrog

    /* TODO: this is not enough actually, there may be slaves from whom

2213

4e38eb54

balrog

     * we have requested a connection who will soon (or not) respond with

2214

4e38eb54

balrog

     * an accept or a reject, so we should also check if hci->lm.connecting

2215

4e38eb54

balrog

     * is non-zero and if so, avoid freeing the hci but otherwise disappear

2216

4e38eb54

balrog

     * from all qemu social life (e.g. stop scanning and request to be

2217

4e38eb54

balrog

     * removed from s->device.net) and arrange for

2218

4e38eb54

balrog

     * s->device.lmp_connection_complete to free the remaining bits once

2219

4e38eb54

balrog

     * hci->lm.awaiting_bdaddr[] is empty.  */

2220

4e38eb54

balrog

2221

4e38eb54

balrog

    qemu_free_timer(hci->lm.inquiry_done);

2222

4e38eb54

balrog

    qemu_free_timer(hci->lm.inquiry_next);

2223

4e38eb54

balrog

    qemu_free_timer(hci->conn_accept_timer);

2224

4e38eb54

balrog

2225

4e38eb54

balrog

    qemu_free(hci);

2226

4e38eb54

balrog

Archipelago » qemu

root / hw / bt-hci.c @ 66c80e75