1// SPDX-License-Identifier: GPL-2.0-only
2
3/*
4 * Copyright (C) 2020 Google Corporation
5 */
6
7#include <net/bluetooth/bluetooth.h>
8#include <net/bluetooth/hci_core.h>
9#include <net/bluetooth/mgmt.h>
10
11#include "mgmt_util.h"
12#include "mgmt_config.h"
13
14#define HDEV_PARAM_U16(_param_code_, _param_name_) \
15{ \
16	{ cpu_to_le16(_param_code_), sizeof(__u16) }, \
17	{ cpu_to_le16(hdev->_param_name_) } \
18}
19
20#define HDEV_PARAM_U16_JIFFIES_TO_MSECS(_param_code_, _param_name_) \
21{ \
22	{ cpu_to_le16(_param_code_), sizeof(__u16) }, \
23	{ cpu_to_le16(jiffies_to_msecs(hdev->_param_name_)) } \
24}
25
26int read_def_system_config(struct sock *sk, struct hci_dev *hdev, void *data,
27			   u16 data_len)
28{
29	struct {
30		struct mgmt_tlv entry;
31		union {
32			/* This is a simplification for now since all values
33			 * are 16 bits.  In the future, this code may need
34			 * refactoring to account for variable length values
35			 * and properly calculate the required buffer size.
36			 */
37			__le16 value;
38		};
39	} __packed params[] = {
40		/* Please see mgmt-api.txt for documentation of these values */
41		HDEV_PARAM_U16(0x0000, def_page_scan_type),
42		HDEV_PARAM_U16(0x0001, def_page_scan_int),
43		HDEV_PARAM_U16(0x0002, def_page_scan_window),
44		HDEV_PARAM_U16(0x0003, def_inq_scan_type),
45		HDEV_PARAM_U16(0x0004, def_inq_scan_int),
46		HDEV_PARAM_U16(0x0005, def_inq_scan_window),
47		HDEV_PARAM_U16(0x0006, def_br_lsto),
48		HDEV_PARAM_U16(0x0007, def_page_timeout),
49		HDEV_PARAM_U16(0x0008, sniff_min_interval),
50		HDEV_PARAM_U16(0x0009, sniff_max_interval),
51		HDEV_PARAM_U16(0x000a, le_adv_min_interval),
52		HDEV_PARAM_U16(0x000b, le_adv_max_interval),
53		HDEV_PARAM_U16(0x000c, def_multi_adv_rotation_duration),
54		HDEV_PARAM_U16(0x000d, le_scan_interval),
55		HDEV_PARAM_U16(0x000e, le_scan_window),
56		HDEV_PARAM_U16(0x000f, le_scan_int_suspend),
57		HDEV_PARAM_U16(0x0010, le_scan_window_suspend),
58		HDEV_PARAM_U16(0x0011, le_scan_int_discovery),
59		HDEV_PARAM_U16(0x0012, le_scan_window_discovery),
60		HDEV_PARAM_U16(0x0013, le_scan_int_adv_monitor),
61		HDEV_PARAM_U16(0x0014, le_scan_window_adv_monitor),
62		HDEV_PARAM_U16(0x0015, le_scan_int_connect),
63		HDEV_PARAM_U16(0x0016, le_scan_window_connect),
64		HDEV_PARAM_U16(0x0017, le_conn_min_interval),
65		HDEV_PARAM_U16(0x0018, le_conn_max_interval),
66		HDEV_PARAM_U16(0x0019, le_conn_latency),
67		HDEV_PARAM_U16(0x001a, le_supv_timeout),
68		HDEV_PARAM_U16_JIFFIES_TO_MSECS(0x001b,
69						def_le_autoconnect_timeout),
70		HDEV_PARAM_U16(0x001d, advmon_allowlist_duration),
71		HDEV_PARAM_U16(0x001e, advmon_no_filter_duration),
72	};
73	struct mgmt_rp_read_def_system_config *rp = (void *)params;
74
75	bt_dev_dbg(hdev, "sock %p", sk);
76
77	return mgmt_cmd_complete(sk, hdev->id,
78				 MGMT_OP_READ_DEF_SYSTEM_CONFIG,
79				 0, rp, sizeof(params));
80}
81
82#define TO_TLV(x)		((struct mgmt_tlv *)(x))
83#define TLV_GET_LE16(tlv)	le16_to_cpu(*((__le16 *)(TO_TLV(tlv)->value)))
84
85int set_def_system_config(struct sock *sk, struct hci_dev *hdev, void *data,
86			  u16 data_len)
87{
88	u16 buffer_left = data_len;
89	u8 *buffer = data;
90
91	if (buffer_left < sizeof(struct mgmt_tlv)) {
92		return mgmt_cmd_status(sk, hdev->id,
93				       MGMT_OP_SET_DEF_SYSTEM_CONFIG,
94				       MGMT_STATUS_INVALID_PARAMS);
95	}
96
97	/* First pass to validate the tlv */
98	while (buffer_left >= sizeof(struct mgmt_tlv)) {
99		const u8 len = TO_TLV(buffer)->length;
100		const u16 exp_len = sizeof(struct mgmt_tlv) +
101				    len;
102		const u16 type = le16_to_cpu(TO_TLV(buffer)->type);
103
104		if (buffer_left < exp_len) {
105			bt_dev_warn(hdev, "invalid len left %d, exp >= %d",
106				    buffer_left, exp_len);
107
108			return mgmt_cmd_status(sk, hdev->id,
109					MGMT_OP_SET_DEF_SYSTEM_CONFIG,
110					MGMT_STATUS_INVALID_PARAMS);
111		}
112
113		/* Please see mgmt-api.txt for documentation of these values */
114		switch (type) {
115		case 0x0000:
116		case 0x0001:
117		case 0x0002:
118		case 0x0003:
119		case 0x0004:
120		case 0x0005:
121		case 0x0006:
122		case 0x0007:
123		case 0x0008:
124		case 0x0009:
125		case 0x000a:
126		case 0x000b:
127		case 0x000c:
128		case 0x000d:
129		case 0x000e:
130		case 0x000f:
131		case 0x0010:
132		case 0x0011:
133		case 0x0012:
134		case 0x0013:
135		case 0x0014:
136		case 0x0015:
137		case 0x0016:
138		case 0x0017:
139		case 0x0018:
140		case 0x0019:
141		case 0x001a:
142		case 0x001b:
143		case 0x001d:
144		case 0x001e:
145			if (len != sizeof(u16)) {
146				bt_dev_warn(hdev, "invalid length %d, exp %zu for type %d",
147					    len, sizeof(u16), type);
148
149				return mgmt_cmd_status(sk, hdev->id,
150					MGMT_OP_SET_DEF_SYSTEM_CONFIG,
151					MGMT_STATUS_INVALID_PARAMS);
152			}
153			break;
154		default:
155			bt_dev_warn(hdev, "unsupported parameter %u", type);
156			break;
157		}
158
159		buffer_left -= exp_len;
160		buffer += exp_len;
161	}
162
163	buffer_left = data_len;
164	buffer = data;
165	while (buffer_left >= sizeof(struct mgmt_tlv)) {
166		const u8 len = TO_TLV(buffer)->length;
167		const u16 exp_len = sizeof(struct mgmt_tlv) +
168				    len;
169		const u16 type = le16_to_cpu(TO_TLV(buffer)->type);
170
171		switch (type) {
172		case 0x0000:
173			hdev->def_page_scan_type = TLV_GET_LE16(buffer);
174			break;
175		case 0x0001:
176			hdev->def_page_scan_int = TLV_GET_LE16(buffer);
177			break;
178		case 0x0002:
179			hdev->def_page_scan_window = TLV_GET_LE16(buffer);
180			break;
181		case 0x0003:
182			hdev->def_inq_scan_type = TLV_GET_LE16(buffer);
183			break;
184		case 0x0004:
185			hdev->def_inq_scan_int = TLV_GET_LE16(buffer);
186			break;
187		case 0x0005:
188			hdev->def_inq_scan_window = TLV_GET_LE16(buffer);
189			break;
190		case 0x0006:
191			hdev->def_br_lsto = TLV_GET_LE16(buffer);
192			break;
193		case 0x0007:
194			hdev->def_page_timeout = TLV_GET_LE16(buffer);
195			break;
196		case 0x0008:
197			hdev->sniff_min_interval = TLV_GET_LE16(buffer);
198			break;
199		case 0x0009:
200			hdev->sniff_max_interval = TLV_GET_LE16(buffer);
201			break;
202		case 0x000a:
203			hdev->le_adv_min_interval = TLV_GET_LE16(buffer);
204			break;
205		case 0x000b:
206			hdev->le_adv_max_interval = TLV_GET_LE16(buffer);
207			break;
208		case 0x000c:
209			hdev->def_multi_adv_rotation_duration =
210							   TLV_GET_LE16(buffer);
211			break;
212		case 0x000d:
213			hdev->le_scan_interval = TLV_GET_LE16(buffer);
214			break;
215		case 0x000e:
216			hdev->le_scan_window = TLV_GET_LE16(buffer);
217			break;
218		case 0x000f:
219			hdev->le_scan_int_suspend = TLV_GET_LE16(buffer);
220			break;
221		case 0x0010:
222			hdev->le_scan_window_suspend = TLV_GET_LE16(buffer);
223			break;
224		case 0x0011:
225			hdev->le_scan_int_discovery = TLV_GET_LE16(buffer);
226			break;
227		case 0x00012:
228			hdev->le_scan_window_discovery = TLV_GET_LE16(buffer);
229			break;
230		case 0x00013:
231			hdev->le_scan_int_adv_monitor = TLV_GET_LE16(buffer);
232			break;
233		case 0x00014:
234			hdev->le_scan_window_adv_monitor = TLV_GET_LE16(buffer);
235			break;
236		case 0x00015:
237			hdev->le_scan_int_connect = TLV_GET_LE16(buffer);
238			break;
239		case 0x00016:
240			hdev->le_scan_window_connect = TLV_GET_LE16(buffer);
241			break;
242		case 0x00017:
243			hdev->le_conn_min_interval = TLV_GET_LE16(buffer);
244			break;
245		case 0x00018:
246			hdev->le_conn_max_interval = TLV_GET_LE16(buffer);
247			break;
248		case 0x00019:
249			hdev->le_conn_latency = TLV_GET_LE16(buffer);
250			break;
251		case 0x0001a:
252			hdev->le_supv_timeout = TLV_GET_LE16(buffer);
253			break;
254		case 0x0001b:
255			hdev->def_le_autoconnect_timeout =
256					msecs_to_jiffies(TLV_GET_LE16(buffer));
257			break;
258		case 0x0001d:
259			hdev->advmon_allowlist_duration = TLV_GET_LE16(buffer);
260			break;
261		case 0x0001e:
262			hdev->advmon_no_filter_duration = TLV_GET_LE16(buffer);
263			break;
264		default:
265			bt_dev_warn(hdev, "unsupported parameter %u", type);
266			break;
267		}
268
269		buffer_left -= exp_len;
270		buffer += exp_len;
271	}
272
273	return mgmt_cmd_complete(sk, hdev->id,
274				 MGMT_OP_SET_DEF_SYSTEM_CONFIG, 0, NULL, 0);
275}
276
277int read_def_runtime_config(struct sock *sk, struct hci_dev *hdev, void *data,
278			    u16 data_len)
279{
280	bt_dev_dbg(hdev, "sock %p", sk);
281
282	return mgmt_cmd_complete(sk, hdev->id,
283				 MGMT_OP_READ_DEF_RUNTIME_CONFIG, 0, NULL, 0);
284}
285
286int set_def_runtime_config(struct sock *sk, struct hci_dev *hdev, void *data,
287			   u16 data_len)
288{
289	bt_dev_dbg(hdev, "sock %p", sk);
290
291	return mgmt_cmd_status(sk, hdev->id, MGMT_OP_SET_DEF_SYSTEM_CONFIG,
292			       MGMT_STATUS_INVALID_PARAMS);
293}
294