1/* $NetBSD: sdp.c,v 1.12 2021/12/12 22:20:52 andvar Exp $ */ 2 3/*- 4 * Copyright (c) 2006 Itronix Inc. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. The name of Itronix Inc. may not be used to endorse 16 * or promote products derived from this software without specific 17 * prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY ITRONIX INC. ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ITRONIX INC. BE LIABLE FOR ANY 23 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 24 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 25 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 26 * ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31/* 32 * Copyright (c) 2009 The NetBSD Foundation, Inc. 33 * Copyright (c) 2004 Maksim Yevmenkin <m_evmenkin@yahoo.com> 34 * All rights reserved. 35 * 36 * Redistribution and use in source and binary forms, with or without 37 * modification, are permitted provided that the following conditions 38 * are met: 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 45 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 46 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 47 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 48 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 49 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 50 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 51 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 52 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 53 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 54 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 55 * SUCH DAMAGE. 56 */ 57 58#include <sys/cdefs.h> 59__RCSID("$NetBSD: sdp.c,v 1.12 2021/12/12 22:20:52 andvar Exp $"); 60 61#include <sys/types.h> 62 63#include <dev/bluetooth/btdev.h> 64#include <dev/bluetooth/bthidev.h> 65#include <dev/bluetooth/btsco.h> 66#include <dev/usb/usb.h> 67#include <dev/usb/usbhid.h> 68#include <dev/hid/hid.h> 69 70#include <prop/proplib.h> 71 72#include <bluetooth.h> 73#include <err.h> 74#include <errno.h> 75#include <sdp.h> 76#include <stdlib.h> 77#include <strings.h> 78#include <usbhid.h> 79 80#include "btdevctl.h" 81 82static bool parse_hid_descriptor(sdp_data_t *); 83static int32_t parse_boolean(sdp_data_t *); 84static int32_t parse_pdl_param(sdp_data_t *, uint16_t); 85static int32_t parse_pdl(sdp_data_t *, uint16_t); 86static int32_t parse_apdl(sdp_data_t *, uint16_t); 87 88static int config_pnp(prop_dictionary_t, sdp_data_t *); 89static int config_hid(prop_dictionary_t, sdp_data_t *); 90static int config_hset(prop_dictionary_t, sdp_data_t *); 91static int config_hf(prop_dictionary_t, sdp_data_t *); 92 93uint16_t pnp_services[] = { 94 SDP_SERVICE_CLASS_PNP_INFORMATION, 95}; 96 97uint16_t hid_services[] = { 98 SDP_SERVICE_CLASS_HUMAN_INTERFACE_DEVICE, 99}; 100 101uint16_t hset_services[] = { 102 SDP_SERVICE_CLASS_HEADSET, 103}; 104 105uint16_t hf_services[] = { 106 SDP_SERVICE_CLASS_HANDSFREE_AUDIO_GATEWAY, 107}; 108 109static struct { 110 const char *name; 111 int (*handler)(prop_dictionary_t, sdp_data_t *); 112 const char *description; 113 uint16_t *services; 114 size_t nservices; 115} cfgtype[] = { 116 { 117 "HID", config_hid, "Human Interface Device", 118 hid_services, __arraycount(hid_services), 119 }, 120 { 121 "HSET", config_hset, "Headset", 122 hset_services, __arraycount(hset_services), 123 }, 124 { 125 "HF", config_hf, "Handsfree", 126 hf_services, __arraycount(hf_services), 127 }, 128}; 129 130#define MAX_SSP (2 + 1 * 3) /* largest nservices is 1 */ 131 132static bool 133cfg_ssa(sdp_session_t ss, uint16_t *services, size_t nservices, sdp_data_t *rsp) 134{ 135 uint8_t buf[MAX_SSP]; 136 sdp_data_t ssp; 137 size_t i; 138 139 ssp.next = buf; 140 ssp.end = buf + sizeof(buf); 141 142 for (i = 0; i < nservices; i++) 143 sdp_put_uuid16(&ssp, services[i]); 144 145 ssp.end = ssp.next; 146 ssp.next = buf; 147 148 return sdp_service_search_attribute(ss, &ssp, NULL, rsp); 149} 150 151static bool 152cfg_search(sdp_session_t ss, int i, prop_dictionary_t dict) 153{ 154 sdp_data_t rsp, rec; 155 156 /* check PnP Information first */ 157 if (!cfg_ssa(ss, pnp_services, __arraycount(pnp_services), &rsp)) 158 return false; 159 160 while (sdp_get_seq(&rsp, &rec)) { 161 if (config_pnp(dict, &rec) == 0) 162 break; 163 } 164 165 /* then requested service */ 166 if (!cfg_ssa(ss, cfgtype[i].services, cfgtype[i].nservices, &rsp)) 167 return false; 168 169 while (sdp_get_seq(&rsp, &rec)) { 170 errno = (*cfgtype[i].handler)(dict, &rec); 171 if (errno == 0) 172 return true; 173 } 174 175 return false; 176} 177 178prop_dictionary_t 179cfg_query(bdaddr_t *laddr, bdaddr_t *raddr, const char *service) 180{ 181 prop_dictionary_t dict; 182 sdp_session_t ss; 183 size_t i; 184 185 dict = prop_dictionary_create(); 186 if (dict == NULL) 187 err(EXIT_FAILURE, "prop_dictionary_create()"); 188 189 for (i = 0; i < __arraycount(cfgtype); i++) { 190 if (strcasecmp(service, cfgtype[i].name) == 0) { 191 ss = sdp_open(laddr, raddr); 192 if (ss == NULL) 193 err(EXIT_FAILURE, "SDP connection failed"); 194 195 if (!cfg_search(ss, i, dict)) 196 errx(EXIT_FAILURE, "service %s not found", service); 197 198 sdp_close(ss); 199 return dict; 200 } 201 } 202 203 printf("Known config types:\n"); 204 for (i = 0; i < __arraycount(cfgtype); i++) 205 printf("\t%s\t%s\n", cfgtype[i].name, cfgtype[i].description); 206 207 exit(EXIT_FAILURE); 208} 209 210/* 211 * Configure PnP Information results 212 */ 213static int 214config_pnp(prop_dictionary_t dict, sdp_data_t *rec) 215{ 216 sdp_data_t value; 217 uintmax_t v; 218 uint16_t attr; 219 int vendor, product, source; 220 221 vendor = -1; 222 product = -1; 223 source = -1; 224 225 while (sdp_get_attr(rec, &attr, &value)) { 226 switch (attr) { 227 case 0x0201: /* Vendor ID */ 228 if (sdp_get_uint(&value, &v) 229 && v <= UINT16_MAX) 230 vendor = (int)v; 231 232 break; 233 234 case 0x0202: /* Product ID */ 235 if (sdp_get_uint(&value, &v) 236 && v <= UINT16_MAX) 237 product = (int)v; 238 239 break; 240 241 case 0x0205: /* Vendor ID Source */ 242 if (sdp_get_uint(&value, &v) 243 && v <= UINT16_MAX) 244 source = (int)v; 245 246 break; 247 248 default: 249 break; 250 } 251 } 252 253 if (vendor == -1 || product == -1) 254 return ENOATTR; 255 256 if (source != 0x0002) /* "USB Implementers Forum" */ 257 return ENOATTR; 258 259 if (!prop_dictionary_set_uint16(dict, BTDEVvendor, (uint16_t)vendor)) 260 return errno; 261 262 if (!prop_dictionary_set_uint16(dict, BTDEVproduct, (uint16_t)product)) 263 return errno; 264 265 return 0; 266} 267 268/* 269 * Configure HID results 270 */ 271static int 272config_hid(prop_dictionary_t dict, sdp_data_t *rec) 273{ 274 prop_object_t obj; 275 int32_t control_psm, interrupt_psm, 276 reconnect_initiate, hid_length; 277 uint8_t *hid_descriptor; 278 sdp_data_t value; 279 const char *mode; 280 uint16_t attr; 281 282 control_psm = -1; 283 interrupt_psm = -1; 284 reconnect_initiate = -1; 285 hid_descriptor = NULL; 286 hid_length = -1; 287 288 while (sdp_get_attr(rec, &attr, &value)) { 289 switch (attr) { 290 case SDP_ATTR_PROTOCOL_DESCRIPTOR_LIST: 291 control_psm = parse_pdl(&value, SDP_UUID_PROTOCOL_L2CAP); 292 break; 293 294 case SDP_ATTR_ADDITIONAL_PROTOCOL_DESCRIPTOR_LISTS: 295 interrupt_psm = parse_apdl(&value, SDP_UUID_PROTOCOL_L2CAP); 296 break; 297 298 case 0x0205: /* HIDReconnectInitiate */ 299 reconnect_initiate = parse_boolean(&value); 300 break; 301 302 case 0x0206: /* HIDDescriptorList */ 303 if (parse_hid_descriptor(&value)) { 304 hid_descriptor = value.next; 305 hid_length = value.end - value.next; 306 } 307 break; 308 309 default: 310 break; 311 } 312 } 313 314 if (control_psm == -1 315 || interrupt_psm == -1 316 || reconnect_initiate == -1 317 || hid_descriptor == NULL 318 || hid_length == -1) 319 return ENOATTR; 320 321 if (!prop_dictionary_set_string_nocopy(dict, BTDEVtype, "bthidev")) 322 return errno; 323 324 if (!prop_dictionary_set_int32(dict, BTHIDEVcontrolpsm, control_psm) || 325 !prop_dictionary_set_int32(dict, BTHIDEVinterruptpsm, 326 interrupt_psm)) 327 return errno; 328 329 obj = prop_data_create_copy(hid_descriptor, hid_length); 330 if (obj == NULL || !prop_dictionary_set(dict, BTHIDEVdescriptor, obj)) 331 return errno; 332 333 mode = hid_mode(obj); 334 prop_object_release(obj); 335 336 if (!prop_dictionary_set_string_nocopy(dict, BTDEVmode, mode)) 337 return errno; 338 339 if (!reconnect_initiate) { 340 if (!prop_dictionary_set_bool(dict, BTHIDEVreconnect, true)) 341 return errno; 342 } 343 344 return 0; 345} 346 347/* 348 * Configure HSET results 349 */ 350static int 351config_hset(prop_dictionary_t dict, sdp_data_t *rec) 352{ 353 sdp_data_t value; 354 int32_t channel; 355 uint16_t attr; 356 357 channel = -1; 358 359 while (sdp_get_attr(rec, &attr, &value)) { 360 switch (attr) { 361 case SDP_ATTR_PROTOCOL_DESCRIPTOR_LIST: 362 channel = parse_pdl(&value, SDP_UUID_PROTOCOL_RFCOMM); 363 break; 364 365 default: 366 break; 367 } 368 } 369 370 if (channel == -1) 371 return ENOATTR; 372 373 if (!prop_dictionary_set_string_nocopy(dict, BTDEVtype, "btsco")) 374 return errno; 375 376 if (!prop_dictionary_set_int32(dict, BTSCOchannel, channel)) 377 return errno; 378 379 return 0; 380} 381 382/* 383 * Configure HF results 384 */ 385static int 386config_hf(prop_dictionary_t dict, sdp_data_t *rec) 387{ 388 sdp_data_t value; 389 int32_t channel; 390 uint16_t attr; 391 392 channel = -1; 393 394 while (sdp_get_attr(rec, &attr, &value)) { 395 switch (attr) { 396 case SDP_ATTR_PROTOCOL_DESCRIPTOR_LIST: 397 channel = parse_pdl(&value, SDP_UUID_PROTOCOL_RFCOMM); 398 break; 399 400 default: 401 break; 402 } 403 } 404 405 if (channel == -1) 406 return ENOATTR; 407 408 if (!prop_dictionary_set_string_nocopy(dict, BTDEVtype, "btsco")) 409 return errno; 410 411 if (!prop_dictionary_set_bool(dict, BTSCOlisten, true)) 412 return errno; 413 414 if (!prop_dictionary_set_int32(dict, BTSCOchannel, channel)) 415 return errno; 416 417 return 0; 418} 419 420/* 421 * Parse HIDDescriptorList . This is a sequence of HIDDescriptors, of which 422 * each is a data element sequence containing, minimally, a ClassDescriptorType 423 * and ClassDescriptorData containing a byte array of data. Any extra elements 424 * should be ignored. 425 * 426 * If a ClassDescriptorType "Report" is found, set SDP data value to the 427 * ClassDescriptorData content and return true. Note that we don't need to 428 * extract the actual length as the SDP data is guaranteed valid. 429 */ 430 431static bool 432parse_hid_descriptor(sdp_data_t *value) 433{ 434 sdp_data_t list, desc; 435 uintmax_t type; 436 char *str; 437 size_t len; 438 439 if (!sdp_get_seq(value, &list)) 440 return false; 441 442 while (sdp_get_seq(&list, &desc)) { 443 if (sdp_get_uint(&desc, &type) 444 && type == UDESC_REPORT 445 && sdp_get_str(&desc, &str, &len)) { 446 value->next = (uint8_t *)str; 447 value->end = (uint8_t *)(str + len); 448 return true; 449 } 450 } 451 452 return false; 453} 454 455static int32_t 456parse_boolean(sdp_data_t *value) 457{ 458 bool bv; 459 460 if (!sdp_get_bool(value, &bv)) 461 return -1; 462 463 return bv; 464} 465 466/* 467 * The ProtocolDescriptorList attribute describes one or 468 * more protocol stacks that may be used to gain access to 469 * the service described by the service record. 470 * 471 * If the ProtocolDescriptorList describes a single stack, 472 * the attribute value takes the form of a data element 473 * sequence in which each element of the sequence is a 474 * protocol descriptor. 475 * 476 * seq 477 * <list> 478 * 479 * If it is possible for more than one kind of protocol 480 * stack to be used to gain access to the service, the 481 * ProtocolDescriptorList takes the form of a data element 482 * alternative where each member is a data element sequence 483 * consisting of a list of sequences describing each protocol 484 * 485 * alt 486 * seq 487 * <list> 488 * seq 489 * <list> 490 * 491 * Each ProtocolDescriptorList is a list containing a sequence for 492 * each protocol, where each sequence contains the protocol UUUID 493 * and any protocol specific parameters. 494 * 495 * seq 496 * uuid L2CAP 497 * uint16 psm 498 * seq 499 * uuid RFCOMM 500 * uint8 channel 501 * 502 * We want to extract the ProtocolSpecificParameter#1 for the 503 * given protocol, which will be an unsigned int. 504 */ 505static int32_t 506parse_pdl_param(sdp_data_t *pdl, uint16_t proto) 507{ 508 sdp_data_t seq; 509 uintmax_t param; 510 511 while (sdp_get_seq(pdl, &seq)) { 512 if (!sdp_match_uuid16(&seq, proto)) 513 continue; 514 515 if (sdp_get_uint(&seq, ¶m)) 516 return param; 517 518 break; 519 } 520 521 return -1; 522} 523 524static int32_t 525parse_pdl(sdp_data_t *value, uint16_t proto) 526{ 527 sdp_data_t seq; 528 int32_t param = -1; 529 530 sdp_get_alt(value, value); /* strip any alt header */ 531 532 while (param == -1 && sdp_get_seq(value, &seq)) 533 param = parse_pdl_param(&seq, proto); 534 535 return param; 536} 537 538/* 539 * Parse AdditionalProtocolDescriptorList 540 */ 541static int32_t 542parse_apdl(sdp_data_t *value, uint16_t proto) 543{ 544 sdp_data_t seq; 545 int32_t param = -1; 546 547 sdp_get_seq(value, value); /* strip seq header */ 548 549 while (param == -1 && sdp_get_seq(value, &seq)) 550 param = parse_pdl_param(&seq, proto); 551 552 return param; 553} 554 555/* 556 * return appropriate mode for HID descriptor 557 */ 558const char * 559hid_mode(prop_data_t desc) 560{ 561 report_desc_t r; 562 hid_data_t d; 563 struct hid_item h; 564 const char *mode; 565 566 hid_init(NULL); 567 568 mode = BTDEVauth; /* default */ 569 570 r = hid_use_report_desc(prop_data_value(desc), 571 prop_data_size(desc)); 572 if (r == NULL) 573 err(EXIT_FAILURE, "hid_use_report_desc"); 574 575 d = hid_start_parse(r, ~0, -1); 576 while (hid_get_item(d, &h) > 0) { 577 if (h.kind == hid_collection 578 && HID_PAGE(h.usage) == HUP_GENERIC_DESKTOP 579 && HID_USAGE(h.usage) == HUG_KEYBOARD) 580 mode = BTDEVencrypt; 581 } 582 583 hid_end_parse(d); 584 hid_dispose_report_desc(r); 585 586 return mode; 587} 588