1 /* 2 * hci.c 3 * 4 * Created by Matthias Ringwald on 4/29/09. 5 * 6 */ 7 8 #include <unistd.h> 9 #include <stdarg.h> 10 #include <string.h> 11 #include <stdio.h> 12 #include "hci.h" 13 14 /** 15 * Link Control Commands 16 */ 17 hci_cmd_t hci_inquiry = { 18 OPCODE(OGF_LINK_CONTROL, 0x01), "311" 19 // LAP, Inquiry length, Num_responses 20 }; 21 hci_cmd_t hci_inquiry_cancel = { 22 OPCODE(OGF_LINK_CONTROL, 0x02), "" 23 // no params 24 }; 25 hci_cmd_t hci_create_connection = { 26 OPCODE(OGF_LINK_CONTROL, 0x05), "B21121" 27 // BD_ADDR, Packet_Type, Page_Scan_Repetition_Mode, Reserved, Clock_Offset, Allow_Role_Switch 28 }; 29 30 hci_cmd_t hci_accept_connection_request = { 31 OPCODE(OGF_LINK_CONTROL, 0x09), "B1" 32 // BD_ADDR, Role: become master, stay slave 33 }; 34 hci_cmd_t hci_link_key_request_negative_reply = { 35 OPCODE(OGF_LINK_CONTROL, 0x0c), "B" 36 }; 37 hci_cmd_t hci_pin_code_request_reply = { 38 OPCODE(OGF_LINK_CONTROL, 0x0d), "B1P" 39 // BD_ADDR, pin length, PIN: c-string 40 }; 41 hci_cmd_t hci_remote_name_request = { 42 OPCODE(OGF_LINK_CONTROL, 0x19), "B112" 43 // BD_ADDR, Page_Scan_Repetition_Mode, Reserved, Clock_Offset 44 }; 45 hci_cmd_t hci_remote_name_request_cancel = { 46 OPCODE(OGF_LINK_CONTROL, 0x1A), "B" 47 // BD_ADDR 48 }; 49 50 /** 51 * Controller & Baseband Commands 52 */ 53 hci_cmd_t hci_set_event_mask = { 54 OPCODE(OGF_CONTROLLER_BASEBAND, 0x01), "44" 55 // event_mask lower 4 octets, higher 4 bytes 56 }; 57 hci_cmd_t hci_reset = { 58 OPCODE(OGF_CONTROLLER_BASEBAND, 0x03), "" 59 // no params 60 }; 61 hci_cmd_t hci_delete_stored_link_key = { 62 OPCODE(OGF_CONTROLLER_BASEBAND, 0x12), "B1" 63 // BD_ADDR, Delete_All_Flag 64 }; 65 hci_cmd_t hci_write_local_name = { 66 OPCODE(OGF_CONTROLLER_BASEBAND, 0x13), "N" 67 // Local name (UTF-8, Null Terminated, max 248 octets) 68 }; 69 hci_cmd_t hci_write_page_timeout = { 70 OPCODE(OGF_CONTROLLER_BASEBAND, 0x18), "2" 71 // Page_Timeout * 0.625 ms 72 }; 73 hci_cmd_t hci_write_scan_enable = { 74 OPCODE(OGF_CONTROLLER_BASEBAND, 0x1A), "1" 75 // Scan_enable: no, inq, page, inq+page 76 }; 77 hci_cmd_t hci_write_authentication_enable = { 78 OPCODE(OGF_CONTROLLER_BASEBAND, 0x20), "1" 79 // Authentication_Enable 80 }; 81 hci_cmd_t hci_write_class_of_device = { 82 OPCODE(OGF_CONTROLLER_BASEBAND, 0x24), "3" 83 // Class of Device 84 }; 85 hci_cmd_t hci_host_buffer_size = { 86 OPCODE(OGF_CONTROLLER_BASEBAND, 0x33), "2122" 87 // Host_ACL_Data_Packet_Length:, Host_Synchronous_Data_Packet_Length:, Host_Total_Num_ACL_Data_Packets:, Host_Total_Num_Synchronous_Data_Packets: 88 }; 89 90 hci_cmd_t hci_write_inquiry_mode = { 91 OPCODE(OGF_CONTROLLER_BASEBAND, 0x45), "1" 92 // Inquiry mode: 0x00 = standard, 0x01 = with RSSI, 0x02 = extended 93 }; 94 95 hci_cmd_t hci_write_extended_inquiry_response = { 96 OPCODE(OGF_CONTROLLER_BASEBAND, 0x52), "1E" 97 // FEC_Required, Exstended Inquiry Response 98 }; 99 100 hci_cmd_t hci_write_simple_pairing_mode = { 101 OPCODE(OGF_CONTROLLER_BASEBAND, 0x56), "1" 102 // mode: 0 = off, 1 = on 103 }; 104 105 hci_cmd_t hci_read_bd_addr = { 106 OPCODE(OGF_INFORMATIONAL_PARAMETERS, 0x09), "" 107 // no params 108 }; 109 110 hci_cmd_t hci_get_btstack_state = { 111 OPCODE(OGF_BTSTACK, HCI_BTSTACK_GET_STATE), "" 112 // no params -> 113 }; 114 115 116 // the stack is here 117 static hci_stack_t hci_stack; 118 119 120 void bt_store_16(uint8_t *buffer, uint16_t pos, uint16_t value){ 121 buffer[pos++] = value; 122 buffer[pos++] = value >> 8; 123 } 124 125 void bt_store_32(uint8_t *buffer, uint16_t pos, uint32_t value){ 126 buffer[pos++] = value; 127 buffer[pos++] = value >> 8; 128 buffer[pos++] = value >> 16; 129 buffer[pos++] = value >> 24; 130 } 131 132 void bt_flip_addr(bd_addr_t dest, bd_addr_t src){ 133 dest[0] = src[5]; 134 dest[1] = src[4]; 135 dest[2] = src[3]; 136 dest[3] = src[2]; 137 dest[4] = src[1]; 138 dest[5] = src[0]; 139 } 140 141 void hexdump(void *data, int size){ 142 int i; 143 for (i=0; i<size;i++){ 144 printf("%02X ", ((uint8_t *)data)[i]); 145 } 146 printf("\n"); 147 } 148 149 /** 150 * Linked link list 151 */ 152 153 /** 154 * get link for given address 155 * 156 * @return connection OR NULL, if not found 157 */ 158 #if 0 159 static hci_connection_t *link_for_addr(bd_addr_t addr){ 160 return NULL; 161 } 162 #endif 163 164 /** 165 * Handler called by HCI transport 166 */ 167 static void dummy_handler(uint8_t *packet, uint16_t size){ 168 } 169 170 static void acl_handler(uint8_t *packet, int size){ 171 hci_stack.acl_packet_handler(packet, size); 172 173 // execute main loop 174 hci_run(); 175 } 176 177 static void event_handler(uint8_t *packet, int size){ 178 bd_addr_t addr; 179 180 // Get Num_HCI_Command_Packets 181 if (packet[0] == HCI_EVENT_COMMAND_COMPLETE || 182 packet[0] == HCI_EVENT_COMMAND_STATUS){ 183 hci_stack.num_cmd_packets = packet[2]; 184 } 185 186 // handle BT initialization 187 if (hci_stack.state == HCI_STATE_INITIALIZING){ 188 // handle H4 synchronization loss on restart 189 // if (hci_stack.substate == 1 && packet[0] == HCI_EVENT_HARDWARE_ERROR){ 190 // hci_stack.substate = 0; 191 // } 192 // handle normal init sequence 193 if (hci_stack.substate % 2){ 194 // odd: waiting for event 195 if (packet[0] == HCI_EVENT_COMMAND_COMPLETE){ 196 hci_stack.substate++; 197 } 198 } 199 } 200 201 // link key request 202 if (packet[0] == HCI_EVENT_LINK_KEY_REQUEST){ 203 bt_flip_addr(addr, &packet[2]); 204 hci_send_cmd(&hci_link_key_request_negative_reply, &addr); 205 return; 206 } 207 208 // pin code request 209 if (packet[0] == HCI_EVENT_PIN_CODE_REQUEST){ 210 bt_flip_addr(addr, &packet[2]); 211 hci_send_cmd(&hci_pin_code_request_reply, &addr, 4, "1234"); 212 } 213 214 hci_stack.event_packet_handler(packet, size); 215 216 // execute main loop 217 hci_run(); 218 } 219 220 /** Register L2CAP handlers */ 221 void hci_register_event_packet_handler(void (*handler)(uint8_t *packet, uint16_t size)){ 222 hci_stack.event_packet_handler = handler; 223 } 224 void hci_register_acl_packet_handler (void (*handler)(uint8_t *packet, uint16_t size)){ 225 hci_stack.acl_packet_handler = handler; 226 } 227 228 static int null_control_function(void *config){ 229 return 0; 230 } 231 static const char * null_control_name(void *config){ 232 return "Hardware unknown"; 233 } 234 235 static bt_control_t null_control = { 236 null_control_function, 237 null_control_function, 238 null_control_function, 239 null_control_name 240 }; 241 242 void hci_init(hci_transport_t *transport, void *config, bt_control_t *control){ 243 244 // reference to use transport layer implementation 245 hci_stack.hci_transport = transport; 246 247 // references to used control implementation 248 if (control) { 249 hci_stack.control = control; 250 } else { 251 hci_stack.control = &null_control; 252 } 253 254 // reference to used config 255 hci_stack.config = config; 256 257 // empty cmd buffer 258 hci_stack.hci_cmd_buffer = malloc(3+255); 259 260 // higher level handler 261 hci_stack.event_packet_handler = dummy_handler; 262 hci_stack.acl_packet_handler = dummy_handler; 263 264 // register packet handlers with transport 265 transport->register_event_packet_handler( event_handler); 266 transport->register_acl_packet_handler( acl_handler); 267 } 268 269 int hci_power_control(HCI_POWER_MODE power_mode){ 270 if (power_mode == HCI_POWER_ON) { 271 272 // set up state machine 273 hci_stack.num_cmd_packets = 1; // assume that one cmd can be sent 274 hci_stack.state = HCI_STATE_INITIALIZING; 275 hci_stack.substate = 0; 276 277 // power on 278 hci_stack.control->on(hci_stack.config); 279 280 // open low-level device 281 hci_stack.hci_transport->open(hci_stack.config); 282 283 } else if (power_mode == HCI_POWER_OFF){ 284 285 // close low-level device 286 hci_stack.hci_transport->close(hci_stack.config); 287 288 // power off 289 hci_stack.control->off(hci_stack.config); 290 } 291 292 // trigger next/first action 293 hci_run(); 294 295 return 0; 296 } 297 298 uint32_t hci_run(){ 299 uint8_t micro_packet; 300 switch (hci_stack.state){ 301 case HCI_STATE_INITIALIZING: 302 if (hci_stack.substate % 2) { 303 // odd: waiting for command completion 304 return 0; 305 } 306 if (hci_stack.num_cmd_packets == 0) { 307 // cannot send command yet 308 return 0; 309 } 310 switch (hci_stack.substate/2){ 311 case 0: 312 hci_send_cmd(&hci_reset); 313 break; 314 case 1: 315 hci_send_cmd(&hci_read_bd_addr); 316 break; 317 case 2: 318 // ca. 15 sec 319 hci_send_cmd(&hci_write_page_timeout, 0x6000); 320 break; 321 case 3: 322 hci_send_cmd(&hci_write_scan_enable, 3); // 3 inq scan + page scan 323 break; 324 case 4: 325 // done. 326 hci_stack.state = HCI_STATE_WORKING; 327 micro_packet = HCI_EVENT_BTSTACK_WORKING; 328 hci_stack.event_packet_handler(µ_packet, 1); 329 break; 330 default: 331 break; 332 } 333 hci_stack.substate++; 334 break; 335 default: 336 break; 337 } 338 339 // don't check for timetous yet 340 return 0; 341 } 342 343 344 int hci_send_acl_packet(uint8_t *packet, int size){ 345 if (READ_CMD_OGF(packet) != OGF_BTSTACK) { 346 return hci_stack.hci_transport->send_acl_packet(packet, size); 347 } 348 349 // BTstack internal commands 350 uint8_t event[3]; 351 switch (READ_CMD_OCF(packet)){ 352 case HCI_BTSTACK_GET_STATE: 353 event[0] = HCI_EVENT_BTSTACK_STATE; 354 event[1] = 1; 355 event[2] = hci_stack.state; 356 hci_stack.event_packet_handler(event, 3); 357 break; 358 default: 359 // TODO log into hci dump as vendor specific"event" 360 printf("Error: command %u not implemented\n:", READ_CMD_OCF(packet)); 361 break; 362 } 363 return 0; 364 } 365 366 int hci_send_cmd_packet(uint8_t *packet, int size){ 367 hci_stack.num_cmd_packets--; 368 return hci_stack.hci_transport->send_cmd_packet(packet, size); 369 } 370 371 uint16_t hci_create_cmd_internal(uint8_t *hci_cmd_buffer, hci_cmd_t *cmd, va_list argptr){ 372 373 hci_cmd_buffer[0] = cmd->opcode & 0xff; 374 hci_cmd_buffer[1] = cmd->opcode >> 8; 375 int pos = 3; 376 377 const char *format = cmd->format; 378 uint16_t word; 379 uint32_t longword; 380 uint8_t * ptr; 381 while (*format) { 382 switch(*format) { 383 case '1': // 8 bit value 384 case '2': // 16 bit value 385 case 'H': // hci_handle 386 word = va_arg(argptr, int); // minimal va_arg is int: 2 bytes on 8+16 bit CPUs 387 hci_cmd_buffer[pos++] = word & 0xff; 388 if (*format == '2') { 389 hci_cmd_buffer[pos++] = word >> 8; 390 } else if (*format == 'H') { 391 // TODO 392 } 393 break; 394 case '3': 395 case '4': 396 longword = va_arg(argptr, uint32_t); 397 // longword = va_arg(argptr, int); 398 hci_cmd_buffer[pos++] = longword; 399 hci_cmd_buffer[pos++] = longword >> 8; 400 hci_cmd_buffer[pos++] = longword >> 16; 401 if (*format == '4'){ 402 hci_cmd_buffer[pos++] = longword >> 24; 403 } 404 break; 405 case 'B': // bt-addr 406 ptr = va_arg(argptr, uint8_t *); 407 hci_cmd_buffer[pos++] = ptr[5]; 408 hci_cmd_buffer[pos++] = ptr[4]; 409 hci_cmd_buffer[pos++] = ptr[3]; 410 hci_cmd_buffer[pos++] = ptr[2]; 411 hci_cmd_buffer[pos++] = ptr[1]; 412 hci_cmd_buffer[pos++] = ptr[0]; 413 break; 414 case 'P': // c string passed as pascal string with leading 1-byte len 415 ptr = va_arg(argptr, uint8_t *); 416 memcpy(&hci_cmd_buffer[pos], ptr, 16); 417 pos += 16; 418 break; 419 case 'N': // UTF-8 string, null terminated 420 ptr = va_arg(argptr, uint8_t *); 421 memcpy(&hci_cmd_buffer[pos], ptr, 248); 422 pos += 248; 423 break; 424 case 'E': // Extended Inquiry Information 240 octets 425 ptr = va_arg(argptr, uint8_t *); 426 memcpy(&hci_cmd_buffer[pos], ptr, 240); 427 pos += 240; 428 break; 429 default: 430 break; 431 } 432 format++; 433 }; 434 hci_cmd_buffer[2] = pos - 3; 435 return pos; 436 } 437 438 uint16_t hci_create_cmd(uint8_t *hci_cmd_buffer, hci_cmd_t *cmd, ...){ 439 va_list argptr; 440 va_start(argptr, cmd); 441 uint16_t len = hci_create_cmd_internal(hci_cmd_buffer, cmd, argptr); 442 va_end(argptr); 443 return len; 444 } 445 446 /** 447 * pre: numcmds >= 0 - it's allowed to send a command to the controller 448 */ 449 int hci_send_cmd(hci_cmd_t *cmd, ...){ 450 va_list argptr; 451 va_start(argptr, cmd); 452 uint8_t * hci_cmd_buffer = hci_stack.hci_cmd_buffer; 453 uint16_t size = hci_create_cmd_internal(hci_stack.hci_cmd_buffer, cmd, argptr); 454 va_end(argptr); 455 return hci_send_cmd_packet(hci_cmd_buffer, size); 456 }