1 // SPDX-License-Identifier: GPL-2.0-only
3 * Copyright (C) 2020 Google Corporation
6 #include <net/bluetooth/bluetooth.h>
7 #include <net/bluetooth/hci_core.h>
8 #include <net/bluetooth/mgmt.h>
10 #include "hci_request.h"
11 #include "mgmt_util.h"
14 #define MSFT_RSSI_THRESHOLD_VALUE_MIN -127
15 #define MSFT_RSSI_THRESHOLD_VALUE_MAX 20
16 #define MSFT_RSSI_LOW_TIMEOUT_MAX 0x3C
18 #define MSFT_OP_READ_SUPPORTED_FEATURES 0x00
19 struct msft_cp_read_supported_features {
23 struct msft_rp_read_supported_features {
31 #define MSFT_OP_LE_MONITOR_ADVERTISEMENT 0x03
32 #define MSFT_MONITOR_ADVERTISEMENT_TYPE_PATTERN 0x01
33 struct msft_le_monitor_advertisement_pattern {
40 struct msft_le_monitor_advertisement_pattern_data {
45 struct msft_cp_le_monitor_advertisement {
49 __u8 rssi_low_interval;
50 __u8 rssi_sampling_period;
55 struct msft_rp_le_monitor_advertisement {
61 #define MSFT_OP_LE_CANCEL_MONITOR_ADVERTISEMENT 0x04
62 struct msft_cp_le_cancel_monitor_advertisement {
67 struct msft_rp_le_cancel_monitor_advertisement {
72 #define MSFT_OP_LE_SET_ADVERTISEMENT_FILTER_ENABLE 0x05
73 struct msft_cp_le_set_advertisement_filter_enable {
78 struct msft_rp_le_set_advertisement_filter_enable {
83 #define MSFT_EV_LE_MONITOR_DEVICE 0x02
84 struct msft_ev_le_monitor_device {
91 struct msft_monitor_advertisement_handle_data {
94 struct list_head list;
101 struct list_head handle_map;
107 bool msft_monitor_supported(struct hci_dev *hdev)
109 return !!(msft_get_features(hdev) & MSFT_FEATURE_MASK_LE_ADV_MONITOR);
112 static bool read_supported_features(struct hci_dev *hdev,
113 struct msft_data *msft)
115 struct msft_cp_read_supported_features cp;
116 struct msft_rp_read_supported_features *rp;
119 cp.sub_opcode = MSFT_OP_READ_SUPPORTED_FEATURES;
121 skb = __hci_cmd_sync(hdev, hdev->msft_opcode, sizeof(cp), &cp,
123 if (IS_ERR_OR_NULL(skb)) {
127 bt_dev_err(hdev, "Failed to read MSFT supported features (%ld)",
132 if (skb->len < sizeof(*rp)) {
133 bt_dev_err(hdev, "MSFT supported features length mismatch");
137 rp = (struct msft_rp_read_supported_features *)skb->data;
139 if (rp->sub_opcode != MSFT_OP_READ_SUPPORTED_FEATURES)
142 if (rp->evt_prefix_len > 0) {
143 msft->evt_prefix = kmemdup(rp->evt_prefix, rp->evt_prefix_len,
145 if (!msft->evt_prefix)
149 msft->evt_prefix_len = rp->evt_prefix_len;
150 msft->features = __le64_to_cpu(rp->features);
152 if (msft->features & MSFT_FEATURE_MASK_CURVE_VALIDITY)
153 hdev->msft_curve_validity = true;
163 /* is_mgmt = true matches the handle exposed to userspace via mgmt.
164 * is_mgmt = false matches the handle used by the msft controller.
165 * This function requires the caller holds hdev->lock
167 static struct msft_monitor_advertisement_handle_data *msft_find_handle_data
168 (struct hci_dev *hdev, u16 handle, bool is_mgmt)
170 struct msft_monitor_advertisement_handle_data *entry;
171 struct msft_data *msft = hdev->msft_data;
173 list_for_each_entry(entry, &msft->handle_map, list) {
174 if (is_mgmt && entry->mgmt_handle == handle)
176 if (!is_mgmt && entry->msft_handle == handle)
183 /* This function requires the caller holds hdev->lock */
184 static int msft_monitor_device_del(struct hci_dev *hdev, __u16 mgmt_handle,
185 bdaddr_t *bdaddr, __u8 addr_type,
188 struct monitored_device *dev, *tmp;
191 list_for_each_entry_safe(dev, tmp, &hdev->monitored_devices, list) {
192 /* mgmt_handle == 0 indicates remove all devices, whereas,
193 * bdaddr == NULL indicates remove all devices matching the
196 if ((!mgmt_handle || dev->handle == mgmt_handle) &&
197 (!bdaddr || (!bacmp(bdaddr, &dev->bdaddr) &&
198 addr_type == dev->addr_type))) {
199 if (notify && dev->notified) {
200 mgmt_adv_monitor_device_lost(hdev, dev->handle,
205 list_del(&dev->list);
214 static int msft_le_monitor_advertisement_cb(struct hci_dev *hdev, u16 opcode,
215 struct adv_monitor *monitor,
218 struct msft_rp_le_monitor_advertisement *rp;
219 struct msft_monitor_advertisement_handle_data *handle_data;
220 struct msft_data *msft = hdev->msft_data;
225 rp = (struct msft_rp_le_monitor_advertisement *)skb->data;
226 if (skb->len < sizeof(*rp)) {
227 status = HCI_ERROR_UNSPECIFIED;
235 handle_data = kmalloc(sizeof(*handle_data), GFP_KERNEL);
237 status = HCI_ERROR_UNSPECIFIED;
241 handle_data->mgmt_handle = monitor->handle;
242 handle_data->msft_handle = rp->handle;
243 INIT_LIST_HEAD(&handle_data->list);
244 list_add(&handle_data->list, &msft->handle_map);
246 monitor->state = ADV_MONITOR_STATE_OFFLOADED;
250 hci_free_adv_monitor(hdev, monitor);
252 hci_dev_unlock(hdev);
257 static int msft_le_cancel_monitor_advertisement_cb(struct hci_dev *hdev,
259 struct adv_monitor *monitor,
262 struct msft_rp_le_cancel_monitor_advertisement *rp;
263 struct msft_monitor_advertisement_handle_data *handle_data;
264 struct msft_data *msft = hdev->msft_data;
267 rp = (struct msft_rp_le_cancel_monitor_advertisement *)skb->data;
268 if (skb->len < sizeof(*rp)) {
269 status = HCI_ERROR_UNSPECIFIED;
279 handle_data = msft_find_handle_data(hdev, monitor->handle, true);
282 if (monitor->state == ADV_MONITOR_STATE_OFFLOADED)
283 monitor->state = ADV_MONITOR_STATE_REGISTERED;
285 /* Do not free the monitor if it is being removed due to
286 * suspend. It will be re-monitored on resume.
288 if (!msft->suspending) {
289 hci_free_adv_monitor(hdev, monitor);
291 /* Clear any monitored devices by this Adv Monitor */
292 msft_monitor_device_del(hdev, handle_data->mgmt_handle,
296 list_del(&handle_data->list);
300 hci_dev_unlock(hdev);
306 /* This function requires the caller holds hci_req_sync_lock */
307 static int msft_remove_monitor_sync(struct hci_dev *hdev,
308 struct adv_monitor *monitor)
310 struct msft_cp_le_cancel_monitor_advertisement cp;
311 struct msft_monitor_advertisement_handle_data *handle_data;
314 handle_data = msft_find_handle_data(hdev, monitor->handle, true);
316 /* If no matched handle, just remove without telling controller */
320 cp.sub_opcode = MSFT_OP_LE_CANCEL_MONITOR_ADVERTISEMENT;
321 cp.handle = handle_data->msft_handle;
323 skb = __hci_cmd_sync(hdev, hdev->msft_opcode, sizeof(cp), &cp,
325 if (IS_ERR_OR_NULL(skb)) {
331 return msft_le_cancel_monitor_advertisement_cb(hdev, hdev->msft_opcode,
335 /* This function requires the caller holds hci_req_sync_lock */
336 int msft_suspend_sync(struct hci_dev *hdev)
338 struct msft_data *msft = hdev->msft_data;
339 struct adv_monitor *monitor;
342 if (!msft || !msft_monitor_supported(hdev))
345 msft->suspending = true;
348 monitor = idr_get_next(&hdev->adv_monitors_idr, &handle);
352 msft_remove_monitor_sync(hdev, monitor);
357 /* All monitors have been removed */
358 msft->suspending = false;
363 static bool msft_monitor_rssi_valid(struct adv_monitor *monitor)
365 struct adv_rssi_thresholds *r = &monitor->rssi;
367 if (r->high_threshold < MSFT_RSSI_THRESHOLD_VALUE_MIN ||
368 r->high_threshold > MSFT_RSSI_THRESHOLD_VALUE_MAX ||
369 r->low_threshold < MSFT_RSSI_THRESHOLD_VALUE_MIN ||
370 r->low_threshold > MSFT_RSSI_THRESHOLD_VALUE_MAX)
373 /* High_threshold_timeout is not supported,
374 * once high_threshold is reached, events are immediately reported.
376 if (r->high_threshold_timeout != 0)
379 if (r->low_threshold_timeout > MSFT_RSSI_LOW_TIMEOUT_MAX)
382 /* Sampling period from 0x00 to 0xFF are all allowed */
386 static bool msft_monitor_pattern_valid(struct adv_monitor *monitor)
388 return msft_monitor_rssi_valid(monitor);
389 /* No additional check needed for pattern-based monitor */
392 static int msft_add_monitor_sync(struct hci_dev *hdev,
393 struct adv_monitor *monitor)
395 struct msft_cp_le_monitor_advertisement *cp;
396 struct msft_le_monitor_advertisement_pattern_data *pattern_data;
397 struct msft_le_monitor_advertisement_pattern *pattern;
398 struct adv_pattern *entry;
399 size_t total_size = sizeof(*cp) + sizeof(*pattern_data);
400 ptrdiff_t offset = 0;
401 u8 pattern_count = 0;
404 if (!msft_monitor_pattern_valid(monitor))
407 list_for_each_entry(entry, &monitor->patterns, list) {
409 total_size += sizeof(*pattern) + entry->length;
412 cp = kmalloc(total_size, GFP_KERNEL);
416 cp->sub_opcode = MSFT_OP_LE_MONITOR_ADVERTISEMENT;
417 cp->rssi_high = monitor->rssi.high_threshold;
418 cp->rssi_low = monitor->rssi.low_threshold;
419 cp->rssi_low_interval = (u8)monitor->rssi.low_threshold_timeout;
420 cp->rssi_sampling_period = monitor->rssi.sampling_period;
422 cp->cond_type = MSFT_MONITOR_ADVERTISEMENT_TYPE_PATTERN;
424 pattern_data = (void *)cp->data;
425 pattern_data->count = pattern_count;
427 list_for_each_entry(entry, &monitor->patterns, list) {
428 pattern = (void *)(pattern_data->data + offset);
429 /* the length also includes data_type and offset */
430 pattern->length = entry->length + 2;
431 pattern->data_type = entry->ad_type;
432 pattern->start_byte = entry->offset;
433 memcpy(pattern->pattern, entry->value, entry->length);
434 offset += sizeof(*pattern) + entry->length;
437 skb = __hci_cmd_sync(hdev, hdev->msft_opcode, total_size, cp,
441 if (IS_ERR_OR_NULL(skb)) {
447 return msft_le_monitor_advertisement_cb(hdev, hdev->msft_opcode,
451 /* This function requires the caller holds hci_req_sync_lock */
452 static void reregister_monitor(struct hci_dev *hdev)
454 struct adv_monitor *monitor;
455 struct msft_data *msft = hdev->msft_data;
461 msft->resuming = true;
464 monitor = idr_get_next(&hdev->adv_monitors_idr, &handle);
468 msft_add_monitor_sync(hdev, monitor);
473 /* All monitors have been reregistered */
474 msft->resuming = false;
477 /* This function requires the caller holds hci_req_sync_lock */
478 int msft_resume_sync(struct hci_dev *hdev)
480 struct msft_data *msft = hdev->msft_data;
482 if (!msft || !msft_monitor_supported(hdev))
487 /* Clear already tracked devices on resume. Once the monitors are
488 * reregistered, devices in range will be found again after resume.
490 hdev->advmon_pend_notify = false;
491 msft_monitor_device_del(hdev, 0, NULL, 0, true);
493 hci_dev_unlock(hdev);
495 reregister_monitor(hdev);
500 /* This function requires the caller holds hci_req_sync_lock */
501 void msft_do_open(struct hci_dev *hdev)
503 struct msft_data *msft = hdev->msft_data;
505 if (hdev->msft_opcode == HCI_OP_NOP)
509 bt_dev_err(hdev, "MSFT extension not registered");
513 bt_dev_dbg(hdev, "Initialize MSFT extension");
515 /* Reset existing MSFT data before re-reading */
516 kfree(msft->evt_prefix);
517 msft->evt_prefix = NULL;
518 msft->evt_prefix_len = 0;
521 if (!read_supported_features(hdev, msft)) {
522 hdev->msft_data = NULL;
527 if (msft_monitor_supported(hdev)) {
528 msft->resuming = true;
529 msft_set_filter_enable(hdev, true);
530 /* Monitors get removed on power off, so we need to explicitly
531 * tell the controller to re-monitor.
533 reregister_monitor(hdev);
537 void msft_do_close(struct hci_dev *hdev)
539 struct msft_data *msft = hdev->msft_data;
540 struct msft_monitor_advertisement_handle_data *handle_data, *tmp;
541 struct adv_monitor *monitor;
546 bt_dev_dbg(hdev, "Cleanup of MSFT extension");
548 /* The controller will silently remove all monitors on power off.
549 * Therefore, remove handle_data mapping and reset monitor state.
551 list_for_each_entry_safe(handle_data, tmp, &msft->handle_map, list) {
552 monitor = idr_find(&hdev->adv_monitors_idr,
553 handle_data->mgmt_handle);
555 if (monitor && monitor->state == ADV_MONITOR_STATE_OFFLOADED)
556 monitor->state = ADV_MONITOR_STATE_REGISTERED;
558 list_del(&handle_data->list);
564 /* Clear any devices that are being monitored and notify device lost */
565 hdev->advmon_pend_notify = false;
566 msft_monitor_device_del(hdev, 0, NULL, 0, true);
568 hci_dev_unlock(hdev);
571 void msft_register(struct hci_dev *hdev)
573 struct msft_data *msft = NULL;
575 bt_dev_dbg(hdev, "Register MSFT extension");
577 msft = kzalloc(sizeof(*msft), GFP_KERNEL);
579 bt_dev_err(hdev, "Failed to register MSFT extension");
583 INIT_LIST_HEAD(&msft->handle_map);
584 hdev->msft_data = msft;
587 void msft_unregister(struct hci_dev *hdev)
589 struct msft_data *msft = hdev->msft_data;
594 bt_dev_dbg(hdev, "Unregister MSFT extension");
596 hdev->msft_data = NULL;
598 kfree(msft->evt_prefix);
602 /* This function requires the caller holds hdev->lock */
603 static void msft_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr,
604 __u8 addr_type, __u16 mgmt_handle)
606 struct monitored_device *dev;
608 dev = kmalloc(sizeof(*dev), GFP_KERNEL);
610 bt_dev_err(hdev, "MSFT vendor event %u: no memory",
611 MSFT_EV_LE_MONITOR_DEVICE);
615 bacpy(&dev->bdaddr, bdaddr);
616 dev->addr_type = addr_type;
617 dev->handle = mgmt_handle;
618 dev->notified = false;
620 INIT_LIST_HEAD(&dev->list);
621 list_add(&dev->list, &hdev->monitored_devices);
622 hdev->advmon_pend_notify = true;
625 /* This function requires the caller holds hdev->lock */
626 static void msft_device_lost(struct hci_dev *hdev, bdaddr_t *bdaddr,
627 __u8 addr_type, __u16 mgmt_handle)
629 if (!msft_monitor_device_del(hdev, mgmt_handle, bdaddr, addr_type,
631 bt_dev_err(hdev, "MSFT vendor event %u: dev %pMR not in list",
632 MSFT_EV_LE_MONITOR_DEVICE, bdaddr);
636 static void *msft_skb_pull(struct hci_dev *hdev, struct sk_buff *skb,
641 data = skb_pull_data(skb, len);
643 bt_dev_err(hdev, "Malformed MSFT vendor event: 0x%02x", ev);
648 /* This function requires the caller holds hdev->lock */
649 static void msft_monitor_device_evt(struct hci_dev *hdev, struct sk_buff *skb)
651 struct msft_ev_le_monitor_device *ev;
652 struct msft_monitor_advertisement_handle_data *handle_data;
655 ev = msft_skb_pull(hdev, skb, MSFT_EV_LE_MONITOR_DEVICE, sizeof(*ev));
660 "MSFT vendor event 0x%02x: handle 0x%04x state %d addr %pMR",
661 MSFT_EV_LE_MONITOR_DEVICE, ev->monitor_handle,
662 ev->monitor_state, &ev->bdaddr);
664 handle_data = msft_find_handle_data(hdev, ev->monitor_handle, false);
668 switch (ev->addr_type) {
669 case ADDR_LE_DEV_PUBLIC:
670 addr_type = BDADDR_LE_PUBLIC;
673 case ADDR_LE_DEV_RANDOM:
674 addr_type = BDADDR_LE_RANDOM;
679 "MSFT vendor event 0x%02x: unknown addr type 0x%02x",
680 MSFT_EV_LE_MONITOR_DEVICE, ev->addr_type);
684 if (ev->monitor_state)
685 msft_device_found(hdev, &ev->bdaddr, addr_type,
686 handle_data->mgmt_handle);
688 msft_device_lost(hdev, &ev->bdaddr, addr_type,
689 handle_data->mgmt_handle);
692 void msft_vendor_evt(struct hci_dev *hdev, void *data, struct sk_buff *skb)
694 struct msft_data *msft = hdev->msft_data;
701 /* When the extension has defined an event prefix, check that it
702 * matches, and otherwise just return.
704 if (msft->evt_prefix_len > 0) {
705 evt_prefix = msft_skb_pull(hdev, skb, 0, msft->evt_prefix_len);
709 if (memcmp(evt_prefix, msft->evt_prefix, msft->evt_prefix_len))
713 /* Every event starts at least with an event code and the rest of
714 * the data is variable and depends on the event code.
719 evt = msft_skb_pull(hdev, skb, 0, sizeof(*evt));
726 case MSFT_EV_LE_MONITOR_DEVICE:
727 msft_monitor_device_evt(hdev, skb);
731 bt_dev_dbg(hdev, "MSFT vendor event 0x%02x", *evt);
735 hci_dev_unlock(hdev);
738 __u64 msft_get_features(struct hci_dev *hdev)
740 struct msft_data *msft = hdev->msft_data;
742 return msft ? msft->features : 0;
745 static void msft_le_set_advertisement_filter_enable_cb(struct hci_dev *hdev,
746 u8 status, u16 opcode,
749 struct msft_cp_le_set_advertisement_filter_enable *cp;
750 struct msft_rp_le_set_advertisement_filter_enable *rp;
751 struct msft_data *msft = hdev->msft_data;
753 rp = (struct msft_rp_le_set_advertisement_filter_enable *)skb->data;
754 if (skb->len < sizeof(*rp))
757 /* Error 0x0C would be returned if the filter enabled status is
758 * already set to whatever we were trying to set.
759 * Although the default state should be disabled, some controller set
760 * the initial value to enabled. Because there is no way to know the
761 * actual initial value before sending this command, here we also treat
762 * error 0x0C as success.
764 if (status != 0x00 && status != 0x0C)
769 cp = hci_sent_cmd_data(hdev, hdev->msft_opcode);
770 msft->filter_enabled = cp->enable;
773 bt_dev_warn(hdev, "MSFT filter_enable is already %s",
774 cp->enable ? "on" : "off");
776 hci_dev_unlock(hdev);
779 /* This function requires the caller holds hci_req_sync_lock */
780 int msft_add_monitor_pattern(struct hci_dev *hdev, struct adv_monitor *monitor)
782 struct msft_data *msft = hdev->msft_data;
787 if (msft->resuming || msft->suspending)
790 return msft_add_monitor_sync(hdev, monitor);
793 /* This function requires the caller holds hci_req_sync_lock */
794 int msft_remove_monitor(struct hci_dev *hdev, struct adv_monitor *monitor)
796 struct msft_data *msft = hdev->msft_data;
801 if (msft->resuming || msft->suspending)
804 return msft_remove_monitor_sync(hdev, monitor);
807 void msft_req_add_set_filter_enable(struct hci_request *req, bool enable)
809 struct hci_dev *hdev = req->hdev;
810 struct msft_cp_le_set_advertisement_filter_enable cp;
812 cp.sub_opcode = MSFT_OP_LE_SET_ADVERTISEMENT_FILTER_ENABLE;
815 hci_req_add(req, hdev->msft_opcode, sizeof(cp), &cp);
818 int msft_set_filter_enable(struct hci_dev *hdev, bool enable)
820 struct hci_request req;
821 struct msft_data *msft = hdev->msft_data;
827 hci_req_init(&req, hdev);
828 msft_req_add_set_filter_enable(&req, enable);
829 err = hci_req_run_skb(&req, msft_le_set_advertisement_filter_enable_cb);
834 bool msft_curve_validity(struct hci_dev *hdev)
836 return hdev->msft_curve_validity;
projects / platform / kernel / linux-rpi.git / blob