1 /* 2 HIDP implementation for Linux Bluetooth stack (BlueZ). 3 Copyright (C) 2003-2004 Marcel Holtmann <marcel@holtmann.org> 4 5 This program is free software; you can redistribute it and/or modify 6 it under the terms of the GNU General Public License version 2 as 7 published by the Free Software Foundation; 8 9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 20 SOFTWARE IS DISCLAIMED. 21 */ 22 23 #include <linux/module.h> 24 25 #include <linux/types.h> 26 #include <linux/errno.h> 27 #include <linux/kernel.h> 28 #include <linux/sched.h> 29 #include <linux/slab.h> 30 #include <linux/poll.h> 31 #include <linux/fcntl.h> 32 #include <linux/skbuff.h> 33 #include <linux/socket.h> 34 #include <linux/ioctl.h> 35 #include <linux/file.h> 36 #include <linux/init.h> 37 #include <linux/wait.h> 38 #include <net/sock.h> 39 40 #include <linux/input.h> 41 42 #include <net/bluetooth/bluetooth.h> 43 #include <net/bluetooth/l2cap.h> 44 45 #include "hidp.h" 46 47 #ifndef CONFIG_BT_HIDP_DEBUG 48 #undef BT_DBG 49 #define BT_DBG(D...) 50 #endif 51 52 #define VERSION "1.1" 53 54 static DECLARE_RWSEM(hidp_session_sem); 55 static LIST_HEAD(hidp_session_list); 56 57 static unsigned char hidp_keycode[256] = { 58 0, 0, 0, 0, 30, 48, 46, 32, 18, 33, 34, 35, 23, 36, 37, 38, 59 50, 49, 24, 25, 16, 19, 31, 20, 22, 47, 17, 45, 21, 44, 2, 3, 60 4, 5, 6, 7, 8, 9, 10, 11, 28, 1, 14, 15, 57, 12, 13, 26, 61 27, 43, 43, 39, 40, 41, 51, 52, 53, 58, 59, 60, 61, 62, 63, 64, 62 65, 66, 67, 68, 87, 88, 99, 70,119,110,102,104,111,107,109,106, 63 105,108,103, 69, 98, 55, 74, 78, 96, 79, 80, 81, 75, 76, 77, 71, 64 72, 73, 82, 83, 86,127,116,117,183,184,185,186,187,188,189,190, 65 191,192,193,194,134,138,130,132,128,129,131,137,133,135,136,113, 66 115,114, 0, 0, 0,121, 0, 89, 93,124, 92, 94, 95, 0, 0, 0, 67 122,123, 90, 91, 85, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 68 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 69 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 70 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 71 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 72 29, 42, 56,125, 97, 54,100,126,164,166,165,163,161,115,114,113, 73 150,158,159,128,136,177,178,176,142,152,173,140 74 }; 75 76 static unsigned char hidp_mkeyspat[] = { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }; 77 78 static struct hidp_session *__hidp_get_session(bdaddr_t *bdaddr) 79 { 80 struct hidp_session *session; 81 struct list_head *p; 82 83 BT_DBG(""); 84 85 list_for_each(p, &hidp_session_list) { 86 session = list_entry(p, struct hidp_session, list); 87 if (!bacmp(bdaddr, &session->bdaddr)) 88 return session; 89 } 90 return NULL; 91 } 92 93 static void __hidp_link_session(struct hidp_session *session) 94 { 95 __module_get(THIS_MODULE); 96 list_add(&session->list, &hidp_session_list); 97 } 98 99 static void __hidp_unlink_session(struct hidp_session *session) 100 { 101 list_del(&session->list); 102 module_put(THIS_MODULE); 103 } 104 105 static void __hidp_copy_session(struct hidp_session *session, struct hidp_conninfo *ci) 106 { 107 bacpy(&ci->bdaddr, &session->bdaddr); 108 109 ci->flags = session->flags; 110 ci->state = session->state; 111 112 ci->vendor = 0x0000; 113 ci->product = 0x0000; 114 ci->version = 0x0000; 115 memset(ci->name, 0, 128); 116 117 if (session->input) { 118 ci->vendor = session->input->id.vendor; 119 ci->product = session->input->id.product; 120 ci->version = session->input->id.version; 121 if (session->input->name) 122 strncpy(ci->name, session->input->name, 128); 123 else 124 strncpy(ci->name, "HID Boot Device", 128); 125 } 126 } 127 128 static int hidp_input_event(struct input_dev *dev, unsigned int type, unsigned int code, int value) 129 { 130 struct hidp_session *session = dev->private; 131 struct sk_buff *skb; 132 unsigned char newleds; 133 134 BT_DBG("input %p type %d code %d value %d", dev, type, code, value); 135 136 if (type != EV_LED) 137 return -1; 138 139 newleds = (!!test_bit(LED_KANA, dev->led) << 3) | 140 (!!test_bit(LED_COMPOSE, dev->led) << 3) | 141 (!!test_bit(LED_SCROLLL, dev->led) << 2) | 142 (!!test_bit(LED_CAPSL, dev->led) << 1) | 143 (!!test_bit(LED_NUML, dev->led)); 144 145 if (session->leds == newleds) 146 return 0; 147 148 session->leds = newleds; 149 150 if (!(skb = alloc_skb(3, GFP_ATOMIC))) { 151 BT_ERR("Can't allocate memory for new frame"); 152 return -ENOMEM; 153 } 154 155 *skb_put(skb, 1) = HIDP_TRANS_DATA | HIDP_DATA_RTYPE_OUPUT; 156 *skb_put(skb, 1) = 0x01; 157 *skb_put(skb, 1) = newleds; 158 159 skb_queue_tail(&session->intr_transmit, skb); 160 161 hidp_schedule(session); 162 163 return 0; 164 } 165 166 static void hidp_input_report(struct hidp_session *session, struct sk_buff *skb) 167 { 168 struct input_dev *dev = session->input; 169 unsigned char *keys = session->keys; 170 unsigned char *udata = skb->data + 1; 171 signed char *sdata = skb->data + 1; 172 int i, size = skb->len - 1; 173 174 switch (skb->data[0]) { 175 case 0x01: /* Keyboard report */ 176 for (i = 0; i < 8; i++) 177 input_report_key(dev, hidp_keycode[i + 224], (udata[0] >> i) & 1); 178 179 /* If all the key codes have been set to 0x01, it means 180 * too many keys were pressed at the same time. */ 181 if (!memcmp(udata + 2, hidp_mkeyspat, 6)) 182 break; 183 184 for (i = 2; i < 8; i++) { 185 if (keys[i] > 3 && memscan(udata + 2, keys[i], 6) == udata + 8) { 186 if (hidp_keycode[keys[i]]) 187 input_report_key(dev, hidp_keycode[keys[i]], 0); 188 else 189 BT_ERR("Unknown key (scancode %#x) released.", keys[i]); 190 } 191 192 if (udata[i] > 3 && memscan(keys + 2, udata[i], 6) == keys + 8) { 193 if (hidp_keycode[udata[i]]) 194 input_report_key(dev, hidp_keycode[udata[i]], 1); 195 else 196 BT_ERR("Unknown key (scancode %#x) pressed.", udata[i]); 197 } 198 } 199 200 memcpy(keys, udata, 8); 201 break; 202 203 case 0x02: /* Mouse report */ 204 input_report_key(dev, BTN_LEFT, sdata[0] & 0x01); 205 input_report_key(dev, BTN_RIGHT, sdata[0] & 0x02); 206 input_report_key(dev, BTN_MIDDLE, sdata[0] & 0x04); 207 input_report_key(dev, BTN_SIDE, sdata[0] & 0x08); 208 input_report_key(dev, BTN_EXTRA, sdata[0] & 0x10); 209 210 input_report_rel(dev, REL_X, sdata[1]); 211 input_report_rel(dev, REL_Y, sdata[2]); 212 213 if (size > 3) 214 input_report_rel(dev, REL_WHEEL, sdata[3]); 215 break; 216 } 217 218 input_sync(dev); 219 } 220 221 static void hidp_idle_timeout(unsigned long arg) 222 { 223 struct hidp_session *session = (struct hidp_session *) arg; 224 225 atomic_inc(&session->terminate); 226 hidp_schedule(session); 227 } 228 229 static inline void hidp_set_timer(struct hidp_session *session) 230 { 231 if (session->idle_to > 0) 232 mod_timer(&session->timer, jiffies + HZ * session->idle_to); 233 } 234 235 static inline void hidp_del_timer(struct hidp_session *session) 236 { 237 if (session->idle_to > 0) 238 del_timer(&session->timer); 239 } 240 241 static int __hidp_send_ctrl_message(struct hidp_session *session, 242 unsigned char hdr, unsigned char *data, int size) 243 { 244 struct sk_buff *skb; 245 246 BT_DBG("session %p data %p size %d", session, data, size); 247 248 if (!(skb = alloc_skb(size + 1, GFP_ATOMIC))) { 249 BT_ERR("Can't allocate memory for new frame"); 250 return -ENOMEM; 251 } 252 253 *skb_put(skb, 1) = hdr; 254 if (data && size > 0) 255 memcpy(skb_put(skb, size), data, size); 256 257 skb_queue_tail(&session->ctrl_transmit, skb); 258 259 return 0; 260 } 261 262 static int inline hidp_send_ctrl_message(struct hidp_session *session, 263 unsigned char hdr, unsigned char *data, int size) 264 { 265 int err; 266 267 err = __hidp_send_ctrl_message(session, hdr, data, size); 268 269 hidp_schedule(session); 270 271 return err; 272 } 273 274 static inline void hidp_process_handshake(struct hidp_session *session, unsigned char param) 275 { 276 BT_DBG("session %p param 0x%02x", session, param); 277 278 switch (param) { 279 case HIDP_HSHK_SUCCESSFUL: 280 /* FIXME: Call into SET_ GET_ handlers here */ 281 break; 282 283 case HIDP_HSHK_NOT_READY: 284 case HIDP_HSHK_ERR_INVALID_REPORT_ID: 285 case HIDP_HSHK_ERR_UNSUPPORTED_REQUEST: 286 case HIDP_HSHK_ERR_INVALID_PARAMETER: 287 /* FIXME: Call into SET_ GET_ handlers here */ 288 break; 289 290 case HIDP_HSHK_ERR_UNKNOWN: 291 break; 292 293 case HIDP_HSHK_ERR_FATAL: 294 /* Device requests a reboot, as this is the only way this error 295 * can be recovered. */ 296 __hidp_send_ctrl_message(session, 297 HIDP_TRANS_HID_CONTROL | HIDP_CTRL_SOFT_RESET, NULL, 0); 298 break; 299 300 default: 301 __hidp_send_ctrl_message(session, 302 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0); 303 break; 304 } 305 } 306 307 static inline void hidp_process_hid_control(struct hidp_session *session, unsigned char param) 308 { 309 BT_DBG("session %p param 0x%02x", session, param); 310 311 switch (param) { 312 case HIDP_CTRL_NOP: 313 break; 314 315 case HIDP_CTRL_VIRTUAL_CABLE_UNPLUG: 316 /* Flush the transmit queues */ 317 skb_queue_purge(&session->ctrl_transmit); 318 skb_queue_purge(&session->intr_transmit); 319 320 /* Kill session thread */ 321 atomic_inc(&session->terminate); 322 break; 323 324 case HIDP_CTRL_HARD_RESET: 325 case HIDP_CTRL_SOFT_RESET: 326 case HIDP_CTRL_SUSPEND: 327 case HIDP_CTRL_EXIT_SUSPEND: 328 /* FIXME: We have to parse these and return no error */ 329 break; 330 331 default: 332 __hidp_send_ctrl_message(session, 333 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0); 334 break; 335 } 336 } 337 338 static inline void hidp_process_data(struct hidp_session *session, struct sk_buff *skb, unsigned char param) 339 { 340 BT_DBG("session %p skb %p len %d param 0x%02x", session, skb, skb->len, param); 341 342 switch (param) { 343 case HIDP_DATA_RTYPE_INPUT: 344 hidp_set_timer(session); 345 346 if (session->input) 347 hidp_input_report(session, skb); 348 break; 349 350 case HIDP_DATA_RTYPE_OTHER: 351 case HIDP_DATA_RTYPE_OUPUT: 352 case HIDP_DATA_RTYPE_FEATURE: 353 break; 354 355 default: 356 __hidp_send_ctrl_message(session, 357 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0); 358 } 359 } 360 361 static inline void hidp_recv_ctrl_frame(struct hidp_session *session, struct sk_buff *skb) 362 { 363 unsigned char hdr, type, param; 364 365 BT_DBG("session %p skb %p len %d", session, skb, skb->len); 366 367 hdr = skb->data[0]; 368 skb_pull(skb, 1); 369 370 type = hdr & HIDP_HEADER_TRANS_MASK; 371 param = hdr & HIDP_HEADER_PARAM_MASK; 372 373 switch (type) { 374 case HIDP_TRANS_HANDSHAKE: 375 hidp_process_handshake(session, param); 376 break; 377 378 case HIDP_TRANS_HID_CONTROL: 379 hidp_process_hid_control(session, param); 380 break; 381 382 case HIDP_TRANS_DATA: 383 hidp_process_data(session, skb, param); 384 break; 385 386 default: 387 __hidp_send_ctrl_message(session, 388 HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_UNSUPPORTED_REQUEST, NULL, 0); 389 break; 390 } 391 392 kfree_skb(skb); 393 } 394 395 static inline void hidp_recv_intr_frame(struct hidp_session *session, struct sk_buff *skb) 396 { 397 unsigned char hdr; 398 399 BT_DBG("session %p skb %p len %d", session, skb, skb->len); 400 401 hdr = skb->data[0]; 402 skb_pull(skb, 1); 403 404 if (hdr == (HIDP_TRANS_DATA | HIDP_DATA_RTYPE_INPUT)) { 405 hidp_set_timer(session); 406 if (session->input) 407 hidp_input_report(session, skb); 408 } else { 409 BT_DBG("Unsupported protocol header 0x%02x", hdr); 410 } 411 412 kfree_skb(skb); 413 } 414 415 static int hidp_send_frame(struct socket *sock, unsigned char *data, int len) 416 { 417 struct kvec iv = { data, len }; 418 struct msghdr msg; 419 420 BT_DBG("sock %p data %p len %d", sock, data, len); 421 422 if (!len) 423 return 0; 424 425 memset(&msg, 0, sizeof(msg)); 426 427 return kernel_sendmsg(sock, &msg, &iv, 1, len); 428 } 429 430 static void hidp_process_transmit(struct hidp_session *session) 431 { 432 struct sk_buff *skb; 433 434 BT_DBG("session %p", session); 435 436 while ((skb = skb_dequeue(&session->ctrl_transmit))) { 437 if (hidp_send_frame(session->ctrl_sock, skb->data, skb->len) < 0) { 438 skb_queue_head(&session->ctrl_transmit, skb); 439 break; 440 } 441 442 hidp_set_timer(session); 443 kfree_skb(skb); 444 } 445 446 while ((skb = skb_dequeue(&session->intr_transmit))) { 447 if (hidp_send_frame(session->intr_sock, skb->data, skb->len) < 0) { 448 skb_queue_head(&session->intr_transmit, skb); 449 break; 450 } 451 452 hidp_set_timer(session); 453 kfree_skb(skb); 454 } 455 } 456 457 static int hidp_session(void *arg) 458 { 459 struct hidp_session *session = arg; 460 struct sock *ctrl_sk = session->ctrl_sock->sk; 461 struct sock *intr_sk = session->intr_sock->sk; 462 struct sk_buff *skb; 463 int vendor = 0x0000, product = 0x0000; 464 wait_queue_t ctrl_wait, intr_wait; 465 466 BT_DBG("session %p", session); 467 468 if (session->input) { 469 vendor = session->input->id.vendor; 470 product = session->input->id.product; 471 } 472 473 daemonize("khidpd_%04x%04x", vendor, product); 474 set_user_nice(current, -15); 475 current->flags |= PF_NOFREEZE; 476 477 init_waitqueue_entry(&ctrl_wait, current); 478 init_waitqueue_entry(&intr_wait, current); 479 add_wait_queue(ctrl_sk->sk_sleep, &ctrl_wait); 480 add_wait_queue(intr_sk->sk_sleep, &intr_wait); 481 while (!atomic_read(&session->terminate)) { 482 set_current_state(TASK_INTERRUPTIBLE); 483 484 if (ctrl_sk->sk_state != BT_CONNECTED || intr_sk->sk_state != BT_CONNECTED) 485 break; 486 487 while ((skb = skb_dequeue(&ctrl_sk->sk_receive_queue))) { 488 skb_orphan(skb); 489 hidp_recv_ctrl_frame(session, skb); 490 } 491 492 while ((skb = skb_dequeue(&intr_sk->sk_receive_queue))) { 493 skb_orphan(skb); 494 hidp_recv_intr_frame(session, skb); 495 } 496 497 hidp_process_transmit(session); 498 499 schedule(); 500 } 501 set_current_state(TASK_RUNNING); 502 remove_wait_queue(intr_sk->sk_sleep, &intr_wait); 503 remove_wait_queue(ctrl_sk->sk_sleep, &ctrl_wait); 504 505 down_write(&hidp_session_sem); 506 507 hidp_del_timer(session); 508 509 if (intr_sk->sk_state != BT_CONNECTED) 510 wait_event_timeout(*(ctrl_sk->sk_sleep), (ctrl_sk->sk_state == BT_CLOSED), HZ); 511 512 fput(session->ctrl_sock->file); 513 514 wait_event_timeout(*(intr_sk->sk_sleep), (intr_sk->sk_state == BT_CLOSED), HZ); 515 516 fput(session->intr_sock->file); 517 518 __hidp_unlink_session(session); 519 520 if (session->input) { 521 input_unregister_device(session->input); 522 session->input = NULL; 523 } 524 525 up_write(&hidp_session_sem); 526 527 kfree(session); 528 return 0; 529 } 530 531 static inline void hidp_setup_input(struct hidp_session *session, struct hidp_connadd_req *req) 532 { 533 struct input_dev *input = session->input; 534 int i; 535 536 input->private = session; 537 538 input->name = "Bluetooth HID Boot Protocol Device"; 539 540 input->id.bustype = BUS_BLUETOOTH; 541 input->id.vendor = req->vendor; 542 input->id.product = req->product; 543 input->id.version = req->version; 544 545 if (req->subclass & 0x40) { 546 set_bit(EV_KEY, input->evbit); 547 set_bit(EV_LED, input->evbit); 548 set_bit(EV_REP, input->evbit); 549 550 set_bit(LED_NUML, input->ledbit); 551 set_bit(LED_CAPSL, input->ledbit); 552 set_bit(LED_SCROLLL, input->ledbit); 553 set_bit(LED_COMPOSE, input->ledbit); 554 set_bit(LED_KANA, input->ledbit); 555 556 for (i = 0; i < sizeof(hidp_keycode); i++) 557 set_bit(hidp_keycode[i], input->keybit); 558 clear_bit(0, input->keybit); 559 } 560 561 if (req->subclass & 0x80) { 562 input->evbit[0] = BIT(EV_KEY) | BIT(EV_REL); 563 input->keybit[LONG(BTN_MOUSE)] = BIT(BTN_LEFT) | BIT(BTN_RIGHT) | BIT(BTN_MIDDLE); 564 input->relbit[0] = BIT(REL_X) | BIT(REL_Y); 565 input->keybit[LONG(BTN_MOUSE)] |= BIT(BTN_SIDE) | BIT(BTN_EXTRA); 566 input->relbit[0] |= BIT(REL_WHEEL); 567 } 568 569 input->event = hidp_input_event; 570 571 input_register_device(input); 572 } 573 574 int hidp_add_connection(struct hidp_connadd_req *req, struct socket *ctrl_sock, struct socket *intr_sock) 575 { 576 struct hidp_session *session, *s; 577 int err; 578 579 BT_DBG(""); 580 581 if (bacmp(&bt_sk(ctrl_sock->sk)->src, &bt_sk(intr_sock->sk)->src) || 582 bacmp(&bt_sk(ctrl_sock->sk)->dst, &bt_sk(intr_sock->sk)->dst)) 583 return -ENOTUNIQ; 584 585 session = kzalloc(sizeof(struct hidp_session), GFP_KERNEL); 586 if (!session) 587 return -ENOMEM; 588 589 session->input = input_allocate_device(); 590 if (!session->input) { 591 kfree(session); 592 return -ENOMEM; 593 } 594 595 down_write(&hidp_session_sem); 596 597 s = __hidp_get_session(&bt_sk(ctrl_sock->sk)->dst); 598 if (s && s->state == BT_CONNECTED) { 599 err = -EEXIST; 600 goto failed; 601 } 602 603 bacpy(&session->bdaddr, &bt_sk(ctrl_sock->sk)->dst); 604 605 session->ctrl_mtu = min_t(uint, l2cap_pi(ctrl_sock->sk)->omtu, l2cap_pi(ctrl_sock->sk)->imtu); 606 session->intr_mtu = min_t(uint, l2cap_pi(intr_sock->sk)->omtu, l2cap_pi(intr_sock->sk)->imtu); 607 608 BT_DBG("ctrl mtu %d intr mtu %d", session->ctrl_mtu, session->intr_mtu); 609 610 session->ctrl_sock = ctrl_sock; 611 session->intr_sock = intr_sock; 612 session->state = BT_CONNECTED; 613 614 init_timer(&session->timer); 615 616 session->timer.function = hidp_idle_timeout; 617 session->timer.data = (unsigned long) session; 618 619 skb_queue_head_init(&session->ctrl_transmit); 620 skb_queue_head_init(&session->intr_transmit); 621 622 session->flags = req->flags & (1 << HIDP_BLUETOOTH_VENDOR_ID); 623 session->idle_to = req->idle_to; 624 625 if (session->input) 626 hidp_setup_input(session, req); 627 628 __hidp_link_session(session); 629 630 hidp_set_timer(session); 631 632 err = kernel_thread(hidp_session, session, CLONE_KERNEL); 633 if (err < 0) 634 goto unlink; 635 636 if (session->input) { 637 hidp_send_ctrl_message(session, 638 HIDP_TRANS_SET_PROTOCOL | HIDP_PROTO_BOOT, NULL, 0); 639 session->flags |= (1 << HIDP_BOOT_PROTOCOL_MODE); 640 641 session->leds = 0xff; 642 hidp_input_event(session->input, EV_LED, 0, 0); 643 } 644 645 up_write(&hidp_session_sem); 646 return 0; 647 648 unlink: 649 hidp_del_timer(session); 650 651 __hidp_unlink_session(session); 652 653 if (session->input) { 654 input_unregister_device(session->input); 655 session->input = NULL; /* don't try to free it here */ 656 } 657 658 failed: 659 up_write(&hidp_session_sem); 660 661 kfree(session->input); 662 kfree(session); 663 return err; 664 } 665 666 int hidp_del_connection(struct hidp_conndel_req *req) 667 { 668 struct hidp_session *session; 669 int err = 0; 670 671 BT_DBG(""); 672 673 down_read(&hidp_session_sem); 674 675 session = __hidp_get_session(&req->bdaddr); 676 if (session) { 677 if (req->flags & (1 << HIDP_VIRTUAL_CABLE_UNPLUG)) { 678 hidp_send_ctrl_message(session, 679 HIDP_TRANS_HID_CONTROL | HIDP_CTRL_VIRTUAL_CABLE_UNPLUG, NULL, 0); 680 } else { 681 /* Flush the transmit queues */ 682 skb_queue_purge(&session->ctrl_transmit); 683 skb_queue_purge(&session->intr_transmit); 684 685 /* Kill session thread */ 686 atomic_inc(&session->terminate); 687 hidp_schedule(session); 688 } 689 } else 690 err = -ENOENT; 691 692 up_read(&hidp_session_sem); 693 return err; 694 } 695 696 int hidp_get_connlist(struct hidp_connlist_req *req) 697 { 698 struct list_head *p; 699 int err = 0, n = 0; 700 701 BT_DBG(""); 702 703 down_read(&hidp_session_sem); 704 705 list_for_each(p, &hidp_session_list) { 706 struct hidp_session *session; 707 struct hidp_conninfo ci; 708 709 session = list_entry(p, struct hidp_session, list); 710 711 __hidp_copy_session(session, &ci); 712 713 if (copy_to_user(req->ci, &ci, sizeof(ci))) { 714 err = -EFAULT; 715 break; 716 } 717 718 if (++n >= req->cnum) 719 break; 720 721 req->ci++; 722 } 723 req->cnum = n; 724 725 up_read(&hidp_session_sem); 726 return err; 727 } 728 729 int hidp_get_conninfo(struct hidp_conninfo *ci) 730 { 731 struct hidp_session *session; 732 int err = 0; 733 734 down_read(&hidp_session_sem); 735 736 session = __hidp_get_session(&ci->bdaddr); 737 if (session) 738 __hidp_copy_session(session, ci); 739 else 740 err = -ENOENT; 741 742 up_read(&hidp_session_sem); 743 return err; 744 } 745 746 static int __init hidp_init(void) 747 { 748 l2cap_load(); 749 750 BT_INFO("HIDP (Human Interface Emulation) ver %s", VERSION); 751 752 return hidp_init_sockets(); 753 } 754 755 static void __exit hidp_exit(void) 756 { 757 hidp_cleanup_sockets(); 758 } 759 760 module_init(hidp_init); 761 module_exit(hidp_exit); 762 763 MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>"); 764 MODULE_DESCRIPTION("Bluetooth HIDP ver " VERSION); 765 MODULE_VERSION(VERSION); 766 MODULE_LICENSE("GPL"); 767 MODULE_ALIAS("bt-proto-6"); 768