1 /**********************************************************************
2 *
3 * Copyright 2017 The Android Open Source Project
4 * Copyright 2015 Intel Corporation
5 *
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at:
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
15 * implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 *
19 **********************************************************************/
20 #include <base/bind.h>
21 #include <base/location.h>
22 #include <base/logging.h>
23 #include <base/threading/thread.h>
24 #include <errno.h>
25 #include <fcntl.h>
26 #include <poll.h>
27 #include <stdbool.h>
28 #include <stdint.h>
29 #include <stdlib.h>
30 #include <string.h>
31 #include <algorithm>
32
33 #include <sys/ioctl.h>
34 #include <sys/socket.h>
35
36 #include "buffer_allocator.h"
37 #include "hci_internals.h"
38 #include "hci_layer.h"
39 #include "osi/include/compat.h"
40 #include "osi/include/log.h"
41 #include "osi/include/osi.h"
42 #include "osi/include/properties.h"
43
44 using base::Thread;
45
46 #define BTPROTO_HCI 1
47 #define HCI_CHANNEL_USER 1
48 #define HCI_CHANNEL_CONTROL 3
49 #define HCI_DEV_NONE 0xffff
50
51 #define RFKILL_TYPE_BLUETOOTH 2
52 #define RFKILL_OP_CHANGE_ALL 3
53
54 #define MGMT_OP_INDEX_LIST 0x0003
55 #define MGMT_EV_INDEX_ADDED 0x0004
56 #define MGMT_EV_COMMAND_COMP 0x0001
57 #define MGMT_EV_SIZE_MAX 1024
58 #define MGMT_EV_POLL_TIMEOUT 3000 /* 3000ms */
59
60 struct sockaddr_hci {
61 sa_family_t hci_family;
62 unsigned short hci_dev;
63 unsigned short hci_channel;
64 };
65
66 struct rfkill_event {
67 uint32_t idx;
68 uint8_t type;
69 uint8_t op;
70 uint8_t soft, hard;
71 } __attribute__((packed));
72
73 struct mgmt_pkt {
74 uint16_t opcode;
75 uint16_t index;
76 uint16_t len;
77 uint8_t data[MGMT_EV_SIZE_MAX];
78 } __attribute__((packed));
79
80 struct mgmt_event_read_index {
81 uint16_t cc_opcode;
82 uint8_t status;
83 uint16_t num_intf;
84 uint16_t index[0];
85 } __attribute__((packed));
86
87 enum HciPacketType {
88 HCI_PACKET_TYPE_UNKNOWN = 0,
89 HCI_PACKET_TYPE_COMMAND = 1,
90 HCI_PACKET_TYPE_ACL_DATA = 2,
91 HCI_PACKET_TYPE_SCO_DATA = 3,
92 HCI_PACKET_TYPE_EVENT = 4
93 };
94
95 extern void initialization_complete();
96 extern void hci_event_received(const tracked_objects::Location& from_here,
97 BT_HDR* packet);
98 extern void acl_event_received(BT_HDR* packet);
99 extern void sco_data_received(BT_HDR* packet);
100
101 static int bt_vendor_fd = -1;
102 static int hci_interface;
103 static int rfkill_en;
104 static int wait_hcidev(void);
105 static int rfkill(int block);
106
107 int reader_thread_ctrl_fd = -1;
108 Thread* reader_thread = NULL;
109
monitor_socket(int ctrl_fd,int fd)110 void monitor_socket(int ctrl_fd, int fd) {
111 const allocator_t* buffer_allocator = buffer_allocator_get_interface();
112 const size_t buf_size = 2000;
113 uint8_t buf[buf_size];
114 ssize_t len = read(fd, buf, buf_size);
115
116 while (len > 0) {
117 if (len == buf_size)
118 LOG(FATAL) << "This packet filled buffer, if it have continuation we "
119 "don't know how to merge it, increase buffer size!";
120
121 uint8_t type = buf[0];
122
123 size_t packet_size = buf_size + BT_HDR_SIZE;
124 BT_HDR* packet =
125 reinterpret_cast<BT_HDR*>(buffer_allocator->alloc(packet_size));
126 packet->offset = 0;
127 packet->layer_specific = 0;
128 packet->len = len - 1;
129 memcpy(packet->data, buf + 1, len - 1);
130
131 switch (type) {
132 case HCI_PACKET_TYPE_COMMAND:
133 packet->event = MSG_HC_TO_STACK_HCI_EVT;
134 hci_event_received(FROM_HERE, packet);
135 break;
136 case HCI_PACKET_TYPE_ACL_DATA:
137 packet->event = MSG_HC_TO_STACK_HCI_ACL;
138 acl_event_received(packet);
139 break;
140 case HCI_PACKET_TYPE_SCO_DATA:
141 packet->event = MSG_HC_TO_STACK_HCI_SCO;
142 sco_data_received(packet);
143 break;
144 case HCI_PACKET_TYPE_EVENT:
145 packet->event = MSG_HC_TO_STACK_HCI_EVT;
146 hci_event_received(FROM_HERE, packet);
147 break;
148 default:
149 LOG(FATAL) << "Unexpected event type: " << +type;
150 break;
151 }
152
153 fd_set fds;
154 FD_ZERO(&fds);
155 FD_SET(ctrl_fd, &fds);
156 FD_SET(fd, &fds);
157 int res = select(std::max(fd, ctrl_fd) + 1, &fds, NULL, NULL, NULL);
158 if (res <= 0) LOG(INFO) << "Nothing more to read";
159
160 if (FD_ISSET(ctrl_fd, &fds)) {
161 LOG(INFO) << "exitting";
162 return;
163 }
164
165 len = read(fd, buf, buf_size);
166 }
167 }
168
169 /* TODO: should thread the device waiting and return immedialty */
hci_initialize()170 void hci_initialize() {
171 LOG(INFO) << __func__;
172
173 char prop_value[PROPERTY_VALUE_MAX];
174 osi_property_get("bluetooth.interface", prop_value, "0");
175
176 errno = 0;
177 if (memcmp(prop_value, "hci", 3))
178 hci_interface = strtol(prop_value, NULL, 10);
179 else
180 hci_interface = strtol(prop_value + 3, NULL, 10);
181 if (errno) hci_interface = 0;
182
183 LOG(INFO) << "Using interface hci" << +hci_interface;
184
185 osi_property_get("bluetooth.rfkill", prop_value, "1");
186
187 rfkill_en = atoi(prop_value);
188 if (rfkill_en) {
189 rfkill(0);
190 }
191
192 int fd = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI);
193 CHECK(fd >= 0) << "socket create error" << strerror(errno);
194
195 bt_vendor_fd = fd;
196
197 if (wait_hcidev()) {
198 LOG(FATAL) << "HCI interface hci" << +hci_interface << " not found";
199 }
200
201 struct sockaddr_hci addr;
202 memset(&addr, 0, sizeof(addr));
203 addr.hci_family = AF_BLUETOOTH;
204 addr.hci_dev = hci_interface;
205 addr.hci_channel = HCI_CHANNEL_USER;
206 if (bind(fd, (struct sockaddr*)&addr, sizeof(addr)) < 0) {
207 LOG(FATAL) << "socket bind error " << strerror(errno);
208 }
209
210 int sv[2];
211 if (socketpair(AF_UNIX, SOCK_STREAM, 0, sv) < 0) {
212 LOG(FATAL) << "socketpair failed: " << strerror(errno);
213 }
214
215 reader_thread_ctrl_fd = sv[0];
216 reader_thread = new Thread("hci_sock_reader");
217 reader_thread->Start();
218 reader_thread->task_runner()->PostTask(
219 FROM_HERE, base::Bind(&monitor_socket, sv[1], bt_vendor_fd));
220
221 LOG(INFO) << "HCI device ready";
222 initialization_complete();
223 }
224
hci_close()225 void hci_close() {
226 LOG(INFO) << __func__;
227
228 if (bt_vendor_fd != -1) {
229 close(bt_vendor_fd);
230 bt_vendor_fd = -1;
231 }
232
233 if (reader_thread_ctrl_fd != -1) {
234 uint8_t msg[] = {1};
235 send(reader_thread_ctrl_fd, msg, sizeof(msg), 0);
236 reader_thread_ctrl_fd = -1;
237 }
238
239 if (reader_thread != NULL) {
240 reader_thread->Stop();
241 delete reader_thread;
242 reader_thread = NULL;
243 }
244
245 rfkill(1);
246 }
247
hci_transmit(BT_HDR * packet)248 void hci_transmit(BT_HDR* packet) {
249 uint8_t type;
250
251 CHECK(bt_vendor_fd != -1);
252
253 uint16_t event = packet->event & MSG_EVT_MASK;
254 switch (event & MSG_EVT_MASK) {
255 case MSG_STACK_TO_HC_HCI_CMD:
256 type = 1;
257 break;
258 case MSG_STACK_TO_HC_HCI_ACL:
259 type = 2;
260 break;
261 case MSG_STACK_TO_HC_HCI_SCO:
262 type = 3;
263 break;
264 default:
265 LOG(FATAL) << "Unknown packet type " << event;
266 break;
267 }
268
269 uint8_t* addr = packet->data + packet->offset - 1;
270 uint8_t store = *addr;
271 *addr = type;
272 size_t ret = write(bt_vendor_fd, addr, packet->len + 1);
273
274 *(addr) = store;
275
276 if (ret != packet->len + 1) LOG(ERROR) << "Should have send whole packet";
277
278 if (ret == -1) LOG(FATAL) << strerror(errno);
279 }
280
wait_hcidev(void)281 static int wait_hcidev(void) {
282 struct sockaddr_hci addr;
283 struct pollfd fds[1];
284 struct mgmt_pkt ev;
285 int fd;
286 int ret = 0;
287
288 LOG(INFO) << __func__;
289
290 fd = socket(PF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI);
291 if (fd < 0) {
292 LOG(ERROR) << "Bluetooth socket error: %s" << strerror(errno);
293 return -1;
294 }
295
296 memset(&addr, 0, sizeof(addr));
297 addr.hci_family = AF_BLUETOOTH;
298 addr.hci_dev = HCI_DEV_NONE;
299 addr.hci_channel = HCI_CHANNEL_CONTROL;
300
301 if (bind(fd, (struct sockaddr*)&addr, sizeof(addr)) < 0) {
302 LOG(ERROR) << "HCI Channel Control: " << strerror(errno);
303 close(fd);
304 return -1;
305 }
306
307 fds[0].fd = fd;
308 fds[0].events = POLLIN;
309
310 /* Read Controller Index List Command */
311 ev.opcode = MGMT_OP_INDEX_LIST;
312 ev.index = HCI_DEV_NONE;
313 ev.len = 0;
314
315 ssize_t wrote;
316 OSI_NO_INTR(wrote = write(fd, &ev, 6));
317 if (wrote != 6) {
318 LOG(ERROR) << "Unable to write mgmt command: " << strerror(errno);
319 ret = -1;
320 goto end;
321 }
322
323 while (1) {
324 int n;
325 OSI_NO_INTR(n = poll(fds, 1, MGMT_EV_POLL_TIMEOUT));
326 if (n == -1) {
327 LOG(ERROR) << "Poll error: " << strerror(errno);
328 ret = -1;
329 break;
330 } else if (n == 0) {
331 LOG(ERROR) << "Timeout, no HCI device detected";
332 ret = -1;
333 break;
334 }
335
336 if (fds[0].revents & POLLIN) {
337 OSI_NO_INTR(n = read(fd, &ev, sizeof(struct mgmt_pkt)));
338 if (n < 0) {
339 LOG(ERROR) << "Error reading control channel: " << strerror(errno);
340 ret = -1;
341 break;
342 }
343
344 if (ev.opcode == MGMT_EV_INDEX_ADDED && ev.index == hci_interface) {
345 goto end;
346 } else if (ev.opcode == MGMT_EV_COMMAND_COMP) {
347 struct mgmt_event_read_index* cc;
348 int i;
349
350 cc = (struct mgmt_event_read_index*)ev.data;
351
352 if (cc->cc_opcode != MGMT_OP_INDEX_LIST || cc->status != 0) continue;
353
354 for (i = 0; i < cc->num_intf; i++) {
355 if (cc->index[i] == hci_interface) goto end;
356 }
357 }
358 }
359 }
360
361 end:
362 close(fd);
363 return ret;
364 }
365
rfkill(int block)366 static int rfkill(int block) {
367 struct rfkill_event event;
368 int fd;
369
370 LOG(INFO) << __func__;
371
372 fd = open("/dev/rfkill", O_WRONLY);
373 if (fd < 0) {
374 LOG(ERROR) << "Unable to open /dev/rfkill";
375 return -1;
376 }
377
378 memset(&event, 0, sizeof(struct rfkill_event));
379 event.op = RFKILL_OP_CHANGE_ALL;
380 event.type = RFKILL_TYPE_BLUETOOTH;
381 event.hard = block;
382 event.soft = block;
383
384 ssize_t len;
385 OSI_NO_INTR(len = write(fd, &event, sizeof(event)));
386 if (len < 0) {
387 LOG(ERROR) << "Failed to change rfkill state";
388 close(fd);
389 return 1;
390 }
391
392 close(fd);
393 return 0;
394 }
395
hci_open_firmware_log_file()396 int hci_open_firmware_log_file() { return INVALID_FD; }
397
hci_close_firmware_log_file(int fd)398 void hci_close_firmware_log_file(int fd) {}
399
hci_log_firmware_debug_packet(int fd,BT_HDR * packet)400 void hci_log_firmware_debug_packet(int fd, BT_HDR* packet) {}
401