1 /********************************************************************** 2 * 3 * Copyright 2017 The Android Open Source Project 4 * Copyright 2015 Intel Corporation 5 * 6 * Licensed under the Apache License, Version 2.0 (the "License"); 7 * you may not use this file except in compliance with the License. 8 * You may obtain a copy of the License at: 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, software 13 * distributed under the License is distributed on an "AS IS" BASIS, 14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 15 * implied. 16 * See the License for the specific language governing permissions and 17 * limitations under the License. 18 * 19 **********************************************************************/ 20 #include <base/bind.h> 21 #include <base/location.h> 22 #include <base/logging.h> 23 #include <base/threading/thread.h> 24 #include <errno.h> 25 #include <fcntl.h> 26 #include <poll.h> 27 #include <stdbool.h> 28 #include <stdint.h> 29 #include <stdlib.h> 30 #include <string.h> 31 #include <algorithm> 32 33 #include <sys/ioctl.h> 34 #include <sys/socket.h> 35 36 #include "buffer_allocator.h" 37 #include "hci_internals.h" 38 #include "hci_layer.h" 39 #include "osi/include/compat.h" 40 #include "osi/include/log.h" 41 #include "osi/include/osi.h" 42 #include "osi/include/properties.h" 43 44 using base::Thread; 45 46 #define BTPROTO_HCI 1 47 #define HCI_CHANNEL_USER 1 48 #define HCI_CHANNEL_CONTROL 3 49 #define HCI_DEV_NONE 0xffff 50 51 #define RFKILL_TYPE_BLUETOOTH 2 52 #define RFKILL_OP_CHANGE_ALL 3 53 54 #define MGMT_OP_INDEX_LIST 0x0003 55 #define MGMT_EV_INDEX_ADDED 0x0004 56 #define MGMT_EV_COMMAND_COMP 0x0001 57 #define MGMT_EV_SIZE_MAX 1024 58 #define MGMT_EV_POLL_TIMEOUT 3000 /* 3000ms */ 59 60 struct sockaddr_hci { 61 sa_family_t hci_family; 62 unsigned short hci_dev; 63 unsigned short hci_channel; 64 }; 65 66 struct rfkill_event { 67 uint32_t idx; 68 uint8_t type; 69 uint8_t op; 70 uint8_t soft, hard; 71 } __attribute__((packed)); 72 73 struct mgmt_pkt { 74 uint16_t opcode; 75 uint16_t index; 76 uint16_t len; 77 uint8_t data[MGMT_EV_SIZE_MAX]; 78 } __attribute__((packed)); 79 80 struct mgmt_event_read_index { 81 uint16_t cc_opcode; 82 uint8_t status; 83 uint16_t num_intf; 84 uint16_t index[0]; 85 } __attribute__((packed)); 86 87 enum HciPacketType { 88 HCI_PACKET_TYPE_UNKNOWN = 0, 89 HCI_PACKET_TYPE_COMMAND = 1, 90 HCI_PACKET_TYPE_ACL_DATA = 2, 91 HCI_PACKET_TYPE_SCO_DATA = 3, 92 HCI_PACKET_TYPE_EVENT = 4 93 }; 94 95 extern void initialization_complete(); 96 extern void hci_event_received(const tracked_objects::Location& from_here, 97 BT_HDR* packet); 98 extern void acl_event_received(BT_HDR* packet); 99 extern void sco_data_received(BT_HDR* packet); 100 101 static int bt_vendor_fd = -1; 102 static int hci_interface; 103 static int rfkill_en; 104 static int wait_hcidev(void); 105 static int rfkill(int block); 106 107 int reader_thread_ctrl_fd = -1; 108 Thread* reader_thread = NULL; 109 110 void monitor_socket(int ctrl_fd, int fd) { 111 const allocator_t* buffer_allocator = buffer_allocator_get_interface(); 112 const size_t buf_size = 2000; 113 uint8_t buf[buf_size]; 114 ssize_t len = read(fd, buf, buf_size); 115 116 while (len > 0) { 117 if (len == buf_size) 118 LOG(FATAL) << "This packet filled buffer, if it have continuation we " 119 "don't know how to merge it, increase buffer size!"; 120 121 uint8_t type = buf[0]; 122 123 size_t packet_size = buf_size + BT_HDR_SIZE; 124 BT_HDR* packet = 125 reinterpret_cast<BT_HDR*>(buffer_allocator->alloc(packet_size)); 126 packet->offset = 0; 127 packet->layer_specific = 0; 128 packet->len = len - 1; 129 memcpy(packet->data, buf + 1, len - 1); 130 131 switch (type) { 132 case HCI_PACKET_TYPE_COMMAND: 133 packet->event = MSG_HC_TO_STACK_HCI_EVT; 134 hci_event_received(FROM_HERE, packet); 135 break; 136 case HCI_PACKET_TYPE_ACL_DATA: 137 packet->event = MSG_HC_TO_STACK_HCI_ACL; 138 acl_event_received(packet); 139 break; 140 case HCI_PACKET_TYPE_SCO_DATA: 141 packet->event = MSG_HC_TO_STACK_HCI_SCO; 142 sco_data_received(packet); 143 break; 144 case HCI_PACKET_TYPE_EVENT: 145 packet->event = MSG_HC_TO_STACK_HCI_EVT; 146 hci_event_received(FROM_HERE, packet); 147 break; 148 default: 149 LOG(FATAL) << "Unexpected event type: " << +type; 150 break; 151 } 152 153 fd_set fds; 154 FD_ZERO(&fds); 155 FD_SET(ctrl_fd, &fds); 156 FD_SET(fd, &fds); 157 int res = select(std::max(fd, ctrl_fd) + 1, &fds, NULL, NULL, NULL); 158 if (res <= 0) LOG(INFO) << "Nothing more to read"; 159 160 if (FD_ISSET(ctrl_fd, &fds)) { 161 LOG(INFO) << "exitting"; 162 return; 163 } 164 165 len = read(fd, buf, buf_size); 166 } 167 } 168 169 /* TODO: should thread the device waiting and return immedialty */ 170 void hci_initialize() { 171 LOG(INFO) << __func__; 172 173 char prop_value[PROPERTY_VALUE_MAX]; 174 osi_property_get("bluetooth.interface", prop_value, "0"); 175 176 errno = 0; 177 if (memcmp(prop_value, "hci", 3)) 178 hci_interface = strtol(prop_value, NULL, 10); 179 else 180 hci_interface = strtol(prop_value + 3, NULL, 10); 181 if (errno) hci_interface = 0; 182 183 LOG(INFO) << "Using interface hci" << +hci_interface; 184 185 osi_property_get("bluetooth.rfkill", prop_value, "1"); 186 187 rfkill_en = atoi(prop_value); 188 if (rfkill_en) { 189 rfkill(0); 190 } 191 192 int fd = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI); 193 CHECK(fd >= 0) << "socket create error" << strerror(errno); 194 195 bt_vendor_fd = fd; 196 197 if (wait_hcidev()) { 198 LOG(FATAL) << "HCI interface hci" << +hci_interface << " not found"; 199 } 200 201 struct sockaddr_hci addr; 202 memset(&addr, 0, sizeof(addr)); 203 addr.hci_family = AF_BLUETOOTH; 204 addr.hci_dev = hci_interface; 205 addr.hci_channel = HCI_CHANNEL_USER; 206 if (bind(fd, (struct sockaddr*)&addr, sizeof(addr)) < 0) { 207 LOG(FATAL) << "socket bind error " << strerror(errno); 208 } 209 210 int sv[2]; 211 if (socketpair(AF_UNIX, SOCK_STREAM, 0, sv) < 0) { 212 LOG(FATAL) << "socketpair failed: " << strerror(errno); 213 } 214 215 reader_thread_ctrl_fd = sv[0]; 216 reader_thread = new Thread("hci_sock_reader"); 217 reader_thread->Start(); 218 reader_thread->task_runner()->PostTask( 219 FROM_HERE, base::Bind(&monitor_socket, sv[1], bt_vendor_fd)); 220 221 LOG(INFO) << "HCI device ready"; 222 initialization_complete(); 223 } 224 225 void hci_close() { 226 LOG(INFO) << __func__; 227 228 if (bt_vendor_fd != -1) { 229 close(bt_vendor_fd); 230 bt_vendor_fd = -1; 231 } 232 233 if (reader_thread_ctrl_fd != -1) { 234 uint8_t msg[] = {1}; 235 send(reader_thread_ctrl_fd, msg, sizeof(msg), 0); 236 reader_thread_ctrl_fd = -1; 237 } 238 239 if (reader_thread != NULL) { 240 reader_thread->Stop(); 241 delete reader_thread; 242 reader_thread = NULL; 243 } 244 245 rfkill(1); 246 } 247 248 void hci_transmit(BT_HDR* packet) { 249 uint8_t type; 250 251 CHECK(bt_vendor_fd != -1); 252 253 uint16_t event = packet->event & MSG_EVT_MASK; 254 switch (event & MSG_EVT_MASK) { 255 case MSG_STACK_TO_HC_HCI_CMD: 256 type = 1; 257 break; 258 case MSG_STACK_TO_HC_HCI_ACL: 259 type = 2; 260 break; 261 case MSG_STACK_TO_HC_HCI_SCO: 262 type = 3; 263 break; 264 default: 265 LOG(FATAL) << "Unknown packet type " << event; 266 break; 267 } 268 269 uint8_t* addr = packet->data + packet->offset - 1; 270 uint8_t store = *addr; 271 *addr = type; 272 size_t ret = write(bt_vendor_fd, addr, packet->len + 1); 273 274 *(addr) = store; 275 276 if (ret != packet->len + 1) LOG(ERROR) << "Should have send whole packet"; 277 278 if (ret == -1) LOG(FATAL) << strerror(errno); 279 } 280 281 static int wait_hcidev(void) { 282 struct sockaddr_hci addr; 283 struct pollfd fds[1]; 284 struct mgmt_pkt ev; 285 int fd; 286 int ret = 0; 287 288 LOG(INFO) << __func__; 289 290 fd = socket(PF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI); 291 if (fd < 0) { 292 LOG(ERROR) << "Bluetooth socket error: %s" << strerror(errno); 293 return -1; 294 } 295 296 memset(&addr, 0, sizeof(addr)); 297 addr.hci_family = AF_BLUETOOTH; 298 addr.hci_dev = HCI_DEV_NONE; 299 addr.hci_channel = HCI_CHANNEL_CONTROL; 300 301 if (bind(fd, (struct sockaddr*)&addr, sizeof(addr)) < 0) { 302 LOG(ERROR) << "HCI Channel Control: " << strerror(errno); 303 close(fd); 304 return -1; 305 } 306 307 fds[0].fd = fd; 308 fds[0].events = POLLIN; 309 310 /* Read Controller Index List Command */ 311 ev.opcode = MGMT_OP_INDEX_LIST; 312 ev.index = HCI_DEV_NONE; 313 ev.len = 0; 314 315 ssize_t wrote; 316 OSI_NO_INTR(wrote = write(fd, &ev, 6)); 317 if (wrote != 6) { 318 LOG(ERROR) << "Unable to write mgmt command: " << strerror(errno); 319 ret = -1; 320 goto end; 321 } 322 323 while (1) { 324 int n; 325 OSI_NO_INTR(n = poll(fds, 1, MGMT_EV_POLL_TIMEOUT)); 326 if (n == -1) { 327 LOG(ERROR) << "Poll error: " << strerror(errno); 328 ret = -1; 329 break; 330 } else if (n == 0) { 331 LOG(ERROR) << "Timeout, no HCI device detected"; 332 ret = -1; 333 break; 334 } 335 336 if (fds[0].revents & POLLIN) { 337 OSI_NO_INTR(n = read(fd, &ev, sizeof(struct mgmt_pkt))); 338 if (n < 0) { 339 LOG(ERROR) << "Error reading control channel: " << strerror(errno); 340 ret = -1; 341 break; 342 } 343 344 if (ev.opcode == MGMT_EV_INDEX_ADDED && ev.index == hci_interface) { 345 goto end; 346 } else if (ev.opcode == MGMT_EV_COMMAND_COMP) { 347 struct mgmt_event_read_index* cc; 348 int i; 349 350 cc = (struct mgmt_event_read_index*)ev.data; 351 352 if (cc->cc_opcode != MGMT_OP_INDEX_LIST || cc->status != 0) continue; 353 354 for (i = 0; i < cc->num_intf; i++) { 355 if (cc->index[i] == hci_interface) goto end; 356 } 357 } 358 } 359 } 360 361 end: 362 close(fd); 363 return ret; 364 } 365 366 static int rfkill(int block) { 367 struct rfkill_event event; 368 int fd; 369 370 LOG(INFO) << __func__; 371 372 fd = open("/dev/rfkill", O_WRONLY); 373 if (fd < 0) { 374 LOG(ERROR) << "Unable to open /dev/rfkill"; 375 return -1; 376 } 377 378 memset(&event, 0, sizeof(struct rfkill_event)); 379 event.op = RFKILL_OP_CHANGE_ALL; 380 event.type = RFKILL_TYPE_BLUETOOTH; 381 event.hard = block; 382 event.soft = block; 383 384 ssize_t len; 385 OSI_NO_INTR(len = write(fd, &event, sizeof(event))); 386 if (len < 0) { 387 LOG(ERROR) << "Failed to change rfkill state"; 388 close(fd); 389 return 1; 390 } 391 392 close(fd); 393 return 0; 394 } 395 396 int hci_open_firmware_log_file() { return INVALID_FD; } 397 398 void hci_close_firmware_log_file(int fd) {} 399 400 void hci_log_firmware_debug_packet(int fd, BT_HDR* packet) {} 401
