3 * BlueZ - Bluetooth protocol stack for Linux
5 * Copyright (C) 2013-2014 Intel Corporation. All rights reserved.
8 * This library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public
10 * License as published by the Free Software Foundation; either
11 * version 2.1 of the License, or (at your option) any later version.
13 * This library is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this library; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
33 #include "lib/bluetooth.h"
34 #include "btio/btio.h"
36 #include "lib/sdp_lib.h"
37 #include "src/sdp-client.h"
42 #include "ipc-common.h"
45 #include "bluetooth.h"
48 #define RFCOMM_CHANNEL_MAX 30
50 #define OPP_DEFAULT_CHANNEL 9
51 #define HSP_AG_DEFAULT_CHANNEL 12
52 #define HFP_AG_DEFAULT_CHANNEL 13
53 #define PBAP_DEFAULT_CHANNEL 15
54 #define MAP_MAS_DEFAULT_CHANNEL 16
56 #define SVC_HINT_OBEX 0x10
58 /* Hardcoded MAP stuff needed for MAS SMS Instance.*/
59 #define DEFAULT_MAS_INSTANCE 0x00
61 #define MAP_MSG_TYPE_SMS_GSM 0x02
62 #define MAP_MSG_TYPE_SMS_CDMA 0x04
63 #define DEFAULT_MAS_MSG_TYPE (MAP_MSG_TYPE_SMS_GSM | MAP_MSG_TYPE_SMS_CDMA)
65 static struct ipc *hal_ipc = NULL;
67 int channel; /* RFCOMM channel */
68 BtIOSecLevel sec_level;
70 /* for socket to BT */
74 /* for socket to HAL */
79 uint32_t service_handle;
85 struct rfcomm_channel {
87 struct rfcomm_sock *rfsock;
90 static bdaddr_t adapter_addr;
92 static uint8_t hal_mode = HAL_MODE_SOCKET_DEFAULT;
94 static const uint8_t zero_uuid[16] = { 0 };
96 /* Simple list of RFCOMM connected sockets */
97 static GList *connections = NULL;
99 static struct rfcomm_channel servers[RFCOMM_CHANNEL_MAX + 1];
101 static uint32_t test_sdp_record_uuid16 = 0;
102 static uint32_t test_sdp_record_uuid32 = 0;
103 static uint32_t test_sdp_record_uuid128 = 0;
105 static int rfsock_set_buffer(struct rfcomm_sock *rfsock)
107 socklen_t len = sizeof(int);
108 int rcv, snd, size, err;
110 err = getsockopt(rfsock->bt_sock, SOL_SOCKET, SO_RCVBUF, &rcv, &len);
113 error("getsockopt(SO_RCVBUF): %s", strerror(-err));
117 err = getsockopt(rfsock->bt_sock, SOL_SOCKET, SO_SNDBUF, &snd, &len);
120 error("getsockopt(SO_SNDBUF): %s", strerror(-err));
124 size = MAX(rcv, snd);
126 DBG("Set buffer size %d", size);
128 rfsock->buf = g_malloc(size);
129 rfsock->buf_size = size;
134 static void cleanup_rfsock(gpointer data)
136 struct rfcomm_sock *rfsock = data;
138 DBG("rfsock %p bt_sock %d jv_sock %d", rfsock, rfsock->bt_sock,
141 if (rfsock->jv_sock >= 0)
142 if (close(rfsock->jv_sock) < 0)
143 error("close() fd %d failed: %s", rfsock->jv_sock,
146 if (rfsock->bt_sock >= 0)
147 if (close(rfsock->bt_sock) < 0)
148 error("close() fd %d: failed: %s", rfsock->bt_sock,
151 if (rfsock->bt_watch > 0)
152 if (!g_source_remove(rfsock->bt_watch))
153 error("bt_watch source was not found");
155 if (rfsock->jv_watch > 0)
156 if (!g_source_remove(rfsock->jv_watch))
157 error("stack_watch source was not found");
159 if (rfsock->service_handle)
160 bt_adapter_remove_record(rfsock->service_handle);
168 static struct rfcomm_sock *create_rfsock(int bt_sock, int *hal_sock)
170 int fds[2] = {-1, -1};
171 struct rfcomm_sock *rfsock;
173 if (socketpair(AF_LOCAL, SOCK_STREAM, 0, fds) < 0) {
174 error("socketpair(): %s", strerror(errno));
179 rfsock = g_new0(struct rfcomm_sock, 1);
180 rfsock->jv_sock = fds[0];
182 rfsock->bt_sock = bt_sock;
184 DBG("rfsock %p", rfsock);
189 if (rfsock_set_buffer(rfsock) < 0) {
190 cleanup_rfsock(rfsock);
197 static sdp_record_t *create_rfcomm_record(uint8_t chan, uuid_t *uuid,
198 const char *svc_name,
201 sdp_list_t *svclass_id;
202 sdp_list_t *seq, *proto_seq, *pbg_seq;
203 sdp_list_t *proto[3];
204 uuid_t l2cap_uuid, rfcomm_uuid, obex_uuid, pbg_uuid;
206 sdp_record_t *record;
208 record = sdp_record_alloc();
212 record->handle = sdp_next_handle();
214 svclass_id = sdp_list_append(NULL, uuid);
215 sdp_set_service_classes(record, svclass_id);
217 sdp_uuid16_create(&l2cap_uuid, L2CAP_UUID);
218 proto[0] = sdp_list_append(NULL, &l2cap_uuid);
219 seq = sdp_list_append(NULL, proto[0]);
221 sdp_uuid16_create(&rfcomm_uuid, RFCOMM_UUID);
222 proto[1] = sdp_list_append(NULL, &rfcomm_uuid);
223 channel = sdp_data_alloc(SDP_UINT8, &chan);
224 proto[1] = sdp_list_append(proto[1], channel);
225 seq = sdp_list_append(seq, proto[1]);
228 sdp_uuid16_create(&obex_uuid, OBEX_UUID);
229 proto[2] = sdp_list_append(NULL, &obex_uuid);
230 seq = sdp_list_append(seq, proto[2]);
233 proto_seq = sdp_list_append(NULL, seq);
234 sdp_set_access_protos(record, proto_seq);
236 sdp_uuid16_create(&pbg_uuid, PUBLIC_BROWSE_GROUP);
237 pbg_seq = sdp_list_append(NULL, &pbg_uuid);
238 sdp_set_browse_groups(record, pbg_seq);
241 sdp_set_info_attr(record, svc_name, NULL, NULL);
243 sdp_data_free(channel);
244 sdp_list_free(proto[0], NULL);
245 sdp_list_free(proto[1], NULL);
247 sdp_list_free(proto[2], NULL);
248 sdp_list_free(seq, NULL);
249 sdp_list_free(proto_seq, NULL);
250 sdp_list_free(pbg_seq, NULL);
251 sdp_list_free(svclass_id, NULL);
256 static sdp_record_t *create_opp_record(uint8_t chan, const char *svc_name)
258 uint8_t formats[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0xff };
259 uint8_t dtd = SDP_UINT8;
262 sdp_profile_desc_t profile[1];
263 void *dtds[sizeof(formats)], *values[sizeof(formats)];
264 sdp_data_t *formats_list;
265 sdp_record_t *record;
268 sdp_uuid16_create(&uuid, OBEX_OBJPUSH_SVCLASS_ID);
270 record = create_rfcomm_record(chan, &uuid, svc_name, true);
274 sdp_uuid16_create(&profile[0].uuid, OBEX_OBJPUSH_PROFILE_ID);
275 profile[0].version = 0x0100;
276 seq = sdp_list_append(NULL, profile);
277 sdp_set_profile_descs(record, seq);
279 for (i = 0; i < sizeof(formats); i++) {
281 values[i] = &formats[i];
283 formats_list = sdp_seq_alloc(dtds, values, sizeof(formats));
284 sdp_attr_add(record, SDP_ATTR_SUPPORTED_FORMATS_LIST, formats_list);
286 sdp_list_free(seq, NULL);
291 static sdp_record_t *create_pbap_record(uint8_t chan, const char *svc_name)
294 sdp_profile_desc_t profile[1];
295 uint8_t formats = 0x01;
296 sdp_record_t *record;
299 sdp_uuid16_create(&uuid, PBAP_PSE_SVCLASS_ID);
301 record = create_rfcomm_record(chan, &uuid, svc_name, true);
305 sdp_uuid16_create(&profile[0].uuid, PBAP_PROFILE_ID);
306 profile[0].version = 0x0101;
307 seq = sdp_list_append(NULL, profile);
308 sdp_set_profile_descs(record, seq);
310 sdp_attr_add_new(record, SDP_ATTR_SUPPORTED_REPOSITORIES, SDP_UINT8,
313 sdp_list_free(seq, NULL);
318 static sdp_record_t *create_mas_record(uint8_t chan, const char *svc_name)
321 sdp_profile_desc_t profile[1];
322 uint8_t minst, mtype;
323 sdp_record_t *record;
328 case HAL_MODE_SOCKET_DYNAMIC_MAP:
330 * Service name for MAP is passed as XXYYname
334 ret = sscanf(svc_name, "%02hhx%02hhx%n", &minst, &mtype, &cnt);
335 if (ret != 2 || cnt != 4)
340 case HAL_MODE_SOCKET_DEFAULT:
341 minst = DEFAULT_MAS_INSTANCE;
342 mtype = DEFAULT_MAS_MSG_TYPE;
348 sdp_uuid16_create(&uuid, MAP_MSE_SVCLASS_ID);
350 record = create_rfcomm_record(chan, &uuid, svc_name, true);
354 sdp_uuid16_create(&profile[0].uuid, MAP_PROFILE_ID);
355 profile[0].version = 0x0101;
356 seq = sdp_list_append(NULL, profile);
357 sdp_set_profile_descs(record, seq);
359 sdp_attr_add_new(record, SDP_ATTR_MAS_INSTANCE_ID, SDP_UINT8, &minst);
360 sdp_attr_add_new(record, SDP_ATTR_SUPPORTED_MESSAGE_TYPES, SDP_UINT8,
363 sdp_list_free(seq, NULL);
368 static sdp_record_t *create_spp_record(uint8_t chan, const char *svc_name)
370 sdp_record_t *record;
373 sdp_uuid16_create(&uuid, SERIAL_PORT_SVCLASS_ID);
375 record = create_rfcomm_record(chan, &uuid, svc_name, false);
382 static sdp_record_t *create_app_record(uint8_t chan,
383 const uint8_t *app_uuid,
384 const char *svc_name)
386 sdp_record_t *record;
389 sdp_uuid128_create(&uuid, app_uuid);
390 sdp_uuid128_to_uuid(&uuid);
392 record = create_rfcomm_record(chan, &uuid, svc_name, false);
399 static const struct profile_info {
403 BtIOSecLevel sec_level;
404 sdp_record_t * (*create_record)(uint8_t chan, const char *svc_name);
408 0x00, 0x00, 0x11, 0x08, 0x00, 0x00, 0x10, 0x00,
409 0x80, 0x00, 0x00, 0x80, 0x5F, 0x9B, 0x34, 0xFB
411 .channel = HSP_AG_DEFAULT_CHANNEL,
413 .sec_level = BT_IO_SEC_MEDIUM,
414 .create_record = NULL
417 0x00, 0x00, 0x11, 0x1F, 0x00, 0x00, 0x10, 0x00,
418 0x80, 0x00, 0x00, 0x80, 0x5F, 0x9B, 0x34, 0xFB
420 .channel = HFP_AG_DEFAULT_CHANNEL,
422 .sec_level = BT_IO_SEC_MEDIUM,
423 .create_record = NULL
426 0x00, 0x00, 0x11, 0x2F, 0x00, 0x00, 0x10, 0x00,
427 0x80, 0x00, 0x00, 0x80, 0x5F, 0x9B, 0x34, 0xFB
429 .channel = PBAP_DEFAULT_CHANNEL,
430 .svc_hint = SVC_HINT_OBEX,
431 .sec_level = BT_IO_SEC_MEDIUM,
432 .create_record = create_pbap_record
435 0x00, 0x00, 0x11, 0x05, 0x00, 0x00, 0x10, 0x00,
436 0x80, 0x00, 0x00, 0x80, 0x5F, 0x9B, 0x34, 0xFB
438 .channel = OPP_DEFAULT_CHANNEL,
439 .svc_hint = SVC_HINT_OBEX,
440 .sec_level = BT_IO_SEC_LOW,
441 .create_record = create_opp_record
444 0x00, 0x00, 0x11, 0x32, 0x00, 0x00, 0x10, 0x00,
445 0x80, 0x00, 0x00, 0x80, 0x5F, 0x9B, 0x34, 0xFB
447 .channel = MAP_MAS_DEFAULT_CHANNEL,
448 .svc_hint = SVC_HINT_OBEX,
449 .sec_level = BT_IO_SEC_MEDIUM,
450 .create_record = create_mas_record
453 0x00, 0x00, 0x11, 0x01, 0x00, 0x00, 0x10, 0x00,
454 0x80, 0x00, 0x00, 0x80, 0x5F, 0x9B, 0x34, 0xFB
458 .sec_level = BT_IO_SEC_MEDIUM,
459 .create_record = create_spp_record
463 static uint32_t sdp_service_register(uint8_t channel, const uint8_t *uuid,
464 const struct profile_info *profile,
465 const void *svc_name)
467 sdp_record_t *record = NULL;
468 uint8_t svc_hint = 0;
470 if (profile && profile->create_record) {
471 record = profile->create_record(channel, svc_name);
472 svc_hint = profile->svc_hint;
474 record = create_app_record(channel, uuid, svc_name);
480 if (bt_adapter_add_record(record, svc_hint) < 0) {
481 error("Failed to register on SDP record");
482 sdp_record_free(record);
486 return record->handle;
489 static int bt_sock_send_fd(int sock_fd, const void *buf, int len, int send_fd)
493 struct cmsghdr *cmsg;
495 char cmsgbuf[CMSG_SPACE(sizeof(int))];
497 DBG("len %d sock_fd %d send_fd %d", len, sock_fd, send_fd);
499 if (sock_fd == -1 || send_fd == -1)
502 memset(&msg, 0, sizeof(msg));
503 memset(cmsgbuf, 0, sizeof(cmsgbuf));
505 msg.msg_control = cmsgbuf;
506 msg.msg_controllen = sizeof(cmsgbuf);
508 cmsg = CMSG_FIRSTHDR(&msg);
509 cmsg->cmsg_level = SOL_SOCKET;
510 cmsg->cmsg_type = SCM_RIGHTS;
511 cmsg->cmsg_len = CMSG_LEN(sizeof(send_fd));
513 memcpy(CMSG_DATA(cmsg), &send_fd, sizeof(send_fd));
515 iv.iov_base = (unsigned char *) buf;
521 ret = sendmsg(sock_fd, &msg, MSG_NOSIGNAL);
523 error("sendmsg(): sock_fd %d send_fd %d: %s",
524 sock_fd, send_fd, strerror(errno));
531 static const struct profile_info *get_profile_by_uuid(const uint8_t *uuid)
535 for (i = 0; i < G_N_ELEMENTS(profiles); i++) {
536 if (!memcmp(profiles[i].uuid, uuid, 16))
543 static int try_write_all(int fd, unsigned char *buf, int len)
550 written = write(fd, buf, len);
552 if (errno == EINTR || errno == EAGAIN)
560 len -= written; buf += written; sent += written;
566 static gboolean jv_sock_client_event_cb(GIOChannel *io, GIOCondition cond,
569 struct rfcomm_sock *rfsock = data;
572 if (cond & G_IO_HUP) {
573 DBG("Socket %d hang up", g_io_channel_unix_get_fd(io));
577 if (cond & (G_IO_ERR | G_IO_NVAL)) {
578 error("Socket %d error", g_io_channel_unix_get_fd(io));
582 len = read(rfsock->jv_sock, rfsock->buf, rfsock->buf_size);
584 error("read(): %s", strerror(errno));
589 sent = try_write_all(rfsock->bt_sock, rfsock->buf, len);
591 error("write(): %s", strerror(errno));
597 DBG("rfsock %p jv_sock %d cond %d", rfsock, rfsock->jv_sock, cond);
599 connections = g_list_remove(connections, rfsock);
600 cleanup_rfsock(rfsock);
605 static gboolean bt_sock_event_cb(GIOChannel *io, GIOCondition cond,
608 struct rfcomm_sock *rfsock = data;
611 if (cond & G_IO_HUP) {
612 DBG("Socket %d hang up", g_io_channel_unix_get_fd(io));
616 if (cond & (G_IO_ERR | G_IO_NVAL)) {
617 error("Socket %d error", g_io_channel_unix_get_fd(io));
621 len = read(rfsock->bt_sock, rfsock->buf, rfsock->buf_size);
623 error("read(): %s", strerror(errno));
628 sent = try_write_all(rfsock->jv_sock, rfsock->buf, len);
630 error("write(): %s", strerror(errno));
636 DBG("rfsock %p bt_sock %d cond %d", rfsock, rfsock->bt_sock, cond);
638 connections = g_list_remove(connections, rfsock);
639 cleanup_rfsock(rfsock);
644 static bool sock_send_accept(struct rfcomm_sock *rfsock, bdaddr_t *bdaddr,
647 struct hal_sock_connect_signal cmd;
652 cmd.size = sizeof(cmd);
653 bdaddr2android(bdaddr, cmd.bdaddr);
654 cmd.channel = rfsock->channel;
657 len = bt_sock_send_fd(rfsock->jv_sock, &cmd, sizeof(cmd), fd_accepted);
658 if (len != sizeof(cmd)) {
659 error("Error sending accept signal");
666 static gboolean jv_sock_server_event_cb(GIOChannel *io, GIOCondition cond,
669 struct rfcomm_sock *rfsock = data;
671 DBG("rfsock %p jv_sock %d cond %d", rfsock, rfsock->jv_sock, cond);
673 if (cond & G_IO_NVAL)
676 if (cond & (G_IO_ERR | G_IO_HUP)) {
677 servers[rfsock->channel].rfsock = NULL;
678 cleanup_rfsock(rfsock);
684 static void accept_cb(GIOChannel *io, GError *err, gpointer user_data)
686 struct rfcomm_sock *rfsock = user_data;
687 struct rfcomm_sock *new_rfsock;
698 error("%s", err->message);
703 BT_IO_OPT_DEST_BDADDR, &dst,
706 error("%s", gerr->message);
708 g_io_channel_shutdown(io, TRUE, NULL);
712 ba2str(&dst, address);
713 DBG("Incoming connection from %s on channel %d (rfsock %p)", address,
714 rfsock->channel, rfsock);
716 new_sock = g_io_channel_unix_get_fd(io);
717 new_rfsock = create_rfsock(new_sock, &hal_sock);
719 g_io_channel_shutdown(io, TRUE, NULL);
723 DBG("new rfsock %p bt_sock %d jv_sock %d hal_sock %d", new_rfsock,
724 new_rfsock->bt_sock, new_rfsock->jv_sock, hal_sock);
726 if (!sock_send_accept(rfsock, &dst, hal_sock)) {
727 cleanup_rfsock(new_rfsock);
731 connections = g_list_append(connections, new_rfsock);
733 /* Handle events from Android */
734 cond = G_IO_IN | G_IO_HUP | G_IO_ERR | G_IO_NVAL;
735 jv_io = g_io_channel_unix_new(new_rfsock->jv_sock);
736 id = g_io_add_watch(jv_io, cond, jv_sock_client_event_cb, new_rfsock);
737 g_io_channel_unref(jv_io);
739 new_rfsock->jv_watch = id;
741 /* Handle rfcomm events */
742 cond = G_IO_IN | G_IO_HUP | G_IO_ERR | G_IO_NVAL;
743 id = g_io_add_watch(io, cond, bt_sock_event_cb, new_rfsock);
744 g_io_channel_set_close_on_unref(io, FALSE);
746 new_rfsock->bt_watch = id;
749 static int find_free_channel(void)
753 /* channel 0 is reserver so we don't use it */
754 for (ch = 1; ch <= RFCOMM_CHANNEL_MAX; ch++) {
755 struct rfcomm_channel *srv = &servers[ch];
757 if (!srv->reserved && srv->rfsock == NULL)
764 static BtIOSecLevel get_sec_level(uint8_t flags)
767 * HAL_SOCK_FLAG_AUTH should require MITM but in our case setting
768 * security to BT_IO_SEC_HIGH would also require 16-digits PIN code
769 * for pre-2.1 devices which is not what Android expects. For this
770 * reason we ignore this flag to not break apps which use "secure"
771 * sockets (have both auth and encrypt flags set, there is no public
772 * API in Android which should provide proper high security socket).
774 return flags & HAL_SOCK_FLAG_ENCRYPT ? BT_IO_SEC_MEDIUM :
778 static uint8_t rfcomm_listen(int chan, const uint8_t *name, const uint8_t *uuid,
779 uint8_t flags, int *hal_sock)
781 const struct profile_info *profile;
782 struct rfcomm_sock *rfsock = NULL;
783 BtIOSecLevel sec_level;
784 GIOChannel *io, *jv_io;
791 sdp_uuid128_create(&uu, uuid);
792 sdp_uuid2strn(&uu, uuid_str, sizeof(uuid_str));
794 DBG("chan %d flags 0x%02x uuid %s name %s", chan, flags, uuid_str,
797 if ((!memcmp(uuid, zero_uuid, sizeof(zero_uuid)) && chan <= 0) ||
798 (chan > RFCOMM_CHANNEL_MAX)) {
799 error("Invalid rfcomm listen params");
800 return HAL_STATUS_INVALID;
803 profile = get_profile_by_uuid(uuid);
805 sec_level = get_sec_level(flags);
807 if (!profile->create_record)
808 return HAL_STATUS_INVALID;
810 chan = profile->channel;
811 sec_level = profile->sec_level;
815 chan = find_free_channel();
818 error("No free channels");
819 return HAL_STATUS_BUSY;
822 if (servers[chan].rfsock != NULL) {
823 error("Channel already registered (%d)", chan);
824 return HAL_STATUS_BUSY;
827 DBG("chan %d sec_level %d", chan, sec_level);
829 rfsock = create_rfsock(-1, hal_sock);
831 return HAL_STATUS_FAILED;
833 rfsock->channel = chan;
835 io = bt_io_listen(accept_cb, NULL, rfsock, NULL, &err,
836 BT_IO_OPT_SOURCE_BDADDR, &adapter_addr,
837 BT_IO_OPT_CHANNEL, chan,
838 BT_IO_OPT_SEC_LEVEL, sec_level,
841 error("Failed listen: %s", err->message);
846 rfsock->bt_sock = g_io_channel_unix_get_fd(io);
848 g_io_channel_set_close_on_unref(io, FALSE);
849 g_io_channel_unref(io);
851 /* Handle events from Android */
852 cond = G_IO_HUP | G_IO_ERR | G_IO_NVAL;
853 jv_io = g_io_channel_unix_new(rfsock->jv_sock);
854 id = g_io_add_watch_full(jv_io, G_PRIORITY_HIGH, cond,
855 jv_sock_server_event_cb, rfsock,
857 g_io_channel_unref(jv_io);
859 rfsock->jv_watch = id;
861 DBG("rfsock %p bt_sock %d jv_sock %d hal_sock %d", rfsock,
866 if (write(rfsock->jv_sock, &chan, sizeof(chan)) != sizeof(chan)) {
867 error("Error sending RFCOMM channel");
871 rfsock->service_handle = sdp_service_register(chan, uuid, profile,
874 servers[chan].rfsock = rfsock;
876 return HAL_STATUS_SUCCESS;
880 cleanup_rfsock(rfsock);
882 return HAL_STATUS_FAILED;
885 static uint32_t add_test_record(uuid_t *uuid)
887 sdp_record_t *record;
888 sdp_list_t *svclass_id;
889 sdp_list_t *seq, *pbg_seq, *proto_seq, *ap_seq;
890 sdp_list_t *proto, *proto1, *aproto;
891 uuid_t l2cap_uuid, pbg_uuid, ap_uuid;
893 record = sdp_record_alloc();
897 record->handle = sdp_next_handle();
899 svclass_id = sdp_list_append(NULL, uuid);
900 sdp_set_service_classes(record, svclass_id);
902 sdp_uuid16_create(&l2cap_uuid, L2CAP_UUID);
903 proto = sdp_list_append(NULL, &l2cap_uuid);
904 seq = sdp_list_append(NULL, proto);
906 proto_seq = sdp_list_append(NULL, seq);
907 sdp_set_access_protos(record, proto_seq);
909 sdp_uuid16_create(&pbg_uuid, PUBLIC_BROWSE_GROUP);
910 pbg_seq = sdp_list_append(NULL, &pbg_uuid);
911 sdp_set_browse_groups(record, pbg_seq);
913 /* Additional Protocol Descriptor List */
914 sdp_uuid16_create(&ap_uuid, L2CAP_UUID);
915 proto1 = sdp_list_append(NULL, &ap_uuid);
916 ap_seq = sdp_list_append(NULL, proto1);
917 aproto = sdp_list_append(NULL, ap_seq);
918 sdp_set_add_access_protos(record, aproto);
920 sdp_set_service_id(record, *uuid);
921 sdp_set_record_state(record, 0);
922 sdp_set_service_ttl(record, 0);
923 sdp_set_service_avail(record, 0);
924 sdp_set_url_attr(record, "http://www.bluez.org",
925 "http://www.bluez.org", "http://www.bluez.org");
927 sdp_list_free(proto, NULL);
928 sdp_list_free(seq, NULL);
929 sdp_list_free(proto_seq, NULL);
930 sdp_list_free(pbg_seq, NULL);
931 sdp_list_free(svclass_id, NULL);
933 if (bt_adapter_add_record(record, 0) < 0) {
934 sdp_record_free(record);
938 return record->handle;
941 static void test_sdp_cleanup(void)
943 if (test_sdp_record_uuid16) {
944 bt_adapter_remove_record(test_sdp_record_uuid16);
945 test_sdp_record_uuid16 = 0;
948 if (test_sdp_record_uuid32) {
949 bt_adapter_remove_record(test_sdp_record_uuid32);
950 test_sdp_record_uuid32 = 0;
953 if (test_sdp_record_uuid128) {
954 bt_adapter_remove_record(test_sdp_record_uuid128);
955 test_sdp_record_uuid128 = 0;
959 static void test_sdp_init(void)
961 char uuid128[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
962 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
965 sdp_uuid16_create(&u, 0xffff);
966 test_sdp_record_uuid16 = add_test_record(&u);
968 sdp_uuid32_create(&u, 0xffffffff);
969 test_sdp_record_uuid32 = add_test_record(&u);
971 sdp_uuid128_create(&u, uuid128);
972 test_sdp_record_uuid128 = add_test_record(&u);
975 static uint8_t l2cap_listen(int chan, const uint8_t *name, const uint8_t *uuid,
976 uint8_t flags, int *hal_sock)
978 /* TODO be more strict here? */
979 if (strcmp("BlueZ", (const char *) name)) {
980 error("socket: Only SDP test supported on L2CAP");
981 return HAL_STATUS_UNSUPPORTED;
989 return HAL_STATUS_SUCCESS;
992 static void handle_listen(const void *buf, uint16_t len)
994 const struct hal_cmd_socket_listen *cmd = buf;
999 case HAL_SOCK_RFCOMM:
1000 status = rfcomm_listen(cmd->channel, cmd->name, cmd->uuid,
1001 cmd->flags, &hal_sock);
1003 case HAL_SOCK_L2CAP:
1004 status = l2cap_listen(cmd->channel, cmd->name, cmd->uuid,
1005 cmd->flags, &hal_sock);
1008 status = HAL_STATUS_UNSUPPORTED;
1011 status = HAL_STATUS_INVALID;
1015 if (status != HAL_STATUS_SUCCESS)
1018 ipc_send_rsp_full(hal_ipc, HAL_SERVICE_ID_SOCKET, HAL_OP_SOCKET_LISTEN,
1024 ipc_send_rsp(hal_ipc, HAL_SERVICE_ID_SOCKET, HAL_OP_SOCKET_LISTEN,
1028 static bool sock_send_connect(struct rfcomm_sock *rfsock, bdaddr_t *bdaddr)
1030 struct hal_sock_connect_signal cmd;
1035 memset(&cmd, 0, sizeof(cmd));
1036 cmd.size = sizeof(cmd);
1037 bdaddr2android(bdaddr, cmd.bdaddr);
1038 cmd.channel = rfsock->channel;
1041 len = write(rfsock->jv_sock, &cmd, sizeof(cmd));
1043 error("%s", strerror(errno));
1047 if (len != sizeof(cmd)) {
1048 error("Error sending connect signal");
1055 static void connect_cb(GIOChannel *io, GError *err, gpointer user_data)
1057 struct rfcomm_sock *rfsock = user_data;
1058 bdaddr_t *dst = &rfsock->dst;
1065 error("%s", err->message);
1069 ba2str(dst, address);
1070 DBG("Connected to %s on channel %d (rfsock %p)", address,
1071 rfsock->channel, rfsock);
1073 if (!sock_send_connect(rfsock, dst))
1076 /* Handle events from Android */
1077 cond = G_IO_IN | G_IO_HUP | G_IO_ERR | G_IO_NVAL;
1078 jv_io = g_io_channel_unix_new(rfsock->jv_sock);
1079 id = g_io_add_watch(jv_io, cond, jv_sock_client_event_cb, rfsock);
1080 g_io_channel_unref(jv_io);
1082 rfsock->jv_watch = id;
1084 /* Handle rfcomm events */
1085 cond = G_IO_IN | G_IO_ERR | G_IO_HUP | G_IO_NVAL;
1086 id = g_io_add_watch(io, cond, bt_sock_event_cb, rfsock);
1087 g_io_channel_set_close_on_unref(io, FALSE);
1089 rfsock->bt_watch = id;
1093 connections = g_list_remove(connections, rfsock);
1094 cleanup_rfsock(rfsock);
1097 static bool do_rfcomm_connect(struct rfcomm_sock *rfsock, int chan)
1100 GError *gerr = NULL;
1102 DBG("rfsock %p sec_level %d chan %d", rfsock, rfsock->sec_level, chan);
1104 io = bt_io_connect(connect_cb, rfsock, NULL, &gerr,
1105 BT_IO_OPT_SOURCE_BDADDR, &adapter_addr,
1106 BT_IO_OPT_DEST_BDADDR, &rfsock->dst,
1107 BT_IO_OPT_CHANNEL, chan,
1108 BT_IO_OPT_SEC_LEVEL, rfsock->sec_level,
1111 error("Failed connect: %s", gerr->message);
1116 g_io_channel_set_close_on_unref(io, FALSE);
1117 g_io_channel_unref(io);
1119 if (write(rfsock->jv_sock, &chan, sizeof(chan)) != sizeof(chan)) {
1120 error("Error sending RFCOMM channel");
1124 rfsock->bt_sock = g_io_channel_unix_get_fd(io);
1125 rfsock_set_buffer(rfsock);
1126 rfsock->channel = chan;
1127 connections = g_list_append(connections, rfsock);
1132 static void sdp_search_cb(sdp_list_t *recs, int err, gpointer data)
1134 struct rfcomm_sock *rfsock = data;
1141 error("Unable to get SDP record: %s", strerror(-err));
1145 if (!recs || !recs->data) {
1146 error("No SDP records found");
1150 for (list = recs; list != NULL; list = list->next) {
1151 sdp_record_t *rec = list->data;
1154 if (sdp_get_access_protos(rec, &protos) < 0) {
1155 error("Unable to get proto list");
1159 chan = sdp_get_proto_port(protos, RFCOMM_UUID);
1161 sdp_list_foreach(protos, (sdp_list_func_t) sdp_list_free,
1163 sdp_list_free(protos, NULL);
1170 error("Could not get RFCOMM channel %d", chan);
1174 DBG("Got RFCOMM channel %d", chan);
1176 if (do_rfcomm_connect(rfsock, chan))
1179 cleanup_rfsock(rfsock);
1182 static uint8_t connect_rfcomm(const bdaddr_t *addr, int chan,
1183 const uint8_t *uuid, uint8_t flags,
1186 struct rfcomm_sock *rfsock;
1191 sdp_uuid128_create(&uu, uuid);
1192 sdp_uuid2strn(&uu, uuid_str, sizeof(uuid_str));
1193 ba2str(addr, address);
1195 DBG("addr %s chan %d flags 0x%02x uuid %s", address, chan, flags,
1198 if ((!memcmp(uuid, zero_uuid, sizeof(zero_uuid)) && chan <= 0) ||
1199 !bacmp(addr, BDADDR_ANY)) {
1200 error("Invalid rfcomm connect params");
1201 return HAL_STATUS_INVALID;
1204 rfsock = create_rfsock(-1, hal_sock);
1206 return HAL_STATUS_FAILED;
1208 DBG("rfsock %p jv_sock %d hal_sock %d", rfsock, rfsock->jv_sock,
1211 rfsock->sec_level = get_sec_level(flags);
1213 bacpy(&rfsock->dst, addr);
1215 if (!memcmp(uuid, zero_uuid, sizeof(zero_uuid))) {
1216 if (!do_rfcomm_connect(rfsock, chan))
1220 if (bt_search_service(&adapter_addr, &rfsock->dst, &uu,
1221 sdp_search_cb, rfsock, NULL, 0) < 0) {
1222 error("Failed to search SDP records");
1227 return HAL_STATUS_SUCCESS;
1230 cleanup_rfsock(rfsock);
1232 return HAL_STATUS_FAILED;
1235 static void handle_connect(const void *buf, uint16_t len)
1237 const struct hal_cmd_socket_connect *cmd = buf;
1244 android2bdaddr(cmd->bdaddr, &bdaddr);
1246 switch (cmd->type) {
1247 case HAL_SOCK_RFCOMM:
1248 status = connect_rfcomm(&bdaddr, cmd->channel, cmd->uuid,
1249 cmd->flags, &hal_sock);
1252 case HAL_SOCK_L2CAP:
1253 status = HAL_STATUS_UNSUPPORTED;
1256 status = HAL_STATUS_INVALID;
1260 if (status != HAL_STATUS_SUCCESS)
1263 ipc_send_rsp_full(hal_ipc, HAL_SERVICE_ID_SOCKET, HAL_OP_SOCKET_CONNECT,
1269 ipc_send_rsp(hal_ipc, HAL_SERVICE_ID_SOCKET, HAL_OP_SOCKET_CONNECT,
1274 static const struct ipc_handler cmd_handlers[] = {
1275 /* HAL_OP_SOCKET_LISTEN */
1276 { handle_listen, false, sizeof(struct hal_cmd_socket_listen) },
1277 /* HAL_OP_SOCKET_CONNECT */
1278 { handle_connect, false, sizeof(struct hal_cmd_socket_connect) },
1281 void bt_socket_register(struct ipc *ipc, const bdaddr_t *addr, uint8_t mode)
1290 * make sure channels assigned for profiles are reserved and not used
1293 for (i = 0; i < G_N_ELEMENTS(profiles); i++)
1294 if (profiles[i].channel)
1295 servers[profiles[i].channel].reserved = true;
1297 bacpy(&adapter_addr, addr);
1300 ipc_register(hal_ipc, HAL_SERVICE_ID_SOCKET, cmd_handlers,
1301 G_N_ELEMENTS(cmd_handlers));
1304 void bt_socket_unregister(void)
1312 g_list_free_full(connections, cleanup_rfsock);
1314 for (ch = 0; ch <= RFCOMM_CHANNEL_MAX; ch++)
1315 if (servers[ch].rfsock)
1316 cleanup_rfsock(servers[ch].rfsock);
1318 memset(servers, 0, sizeof(servers));
1320 ipc_unregister(hal_ipc, HAL_SERVICE_ID_SOCKET);