aboutsummaryrefslogtreecommitdiff
path: root/hw
diff options
context:
space:
mode:
authorbalrog <balrog@c046a42c-6fe2-441c-8c8c-71466251a162>2008-09-28 23:34:13 +0000
committerbalrog <balrog@c046a42c-6fe2-441c-8c8c-71466251a162>2008-09-28 23:34:13 +0000
commit58a26b477e9f864f67a205ee0a8436c4632a389f (patch)
tree84a144a801cdeea4ad9a8dc98aa114a6a608aa1b /hw
parent1ae26a18a33263330e1551abf5244d68f8aa825a (diff)
Emulate a serial bluetooth HCI with H4+ extensions and attach to n8x0's UART.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5343 c046a42c-6fe2-441c-8c8c-71466251a162
Diffstat (limited to 'hw')
-rw-r--r--hw/bt-hci-csr.c456
-rw-r--r--hw/bt.h1512
-rw-r--r--hw/nseries.c15
3 files changed, 1983 insertions, 0 deletions
diff --git a/hw/bt-hci-csr.c b/hw/bt-hci-csr.c
new file mode 100644
index 0000000000..62943ffdac
--- /dev/null
+++ b/hw/bt-hci-csr.c
@@ -0,0 +1,456 @@
+/*
+ * Bluetooth serial HCI transport.
+ * CSR41814 HCI with H4p vendor extensions.
+ *
+ * Copyright (C) 2008 Andrzej Zaborowski <balrog@zabor.org>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 or
+ * (at your option) version 3 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston,
+ * MA 02111-1307 USA
+ */
+
+#include "qemu-common.h"
+#include "qemu-char.h"
+#include "qemu-timer.h"
+#include "irq.h"
+#include "sysemu.h"
+#include "net.h"
+#include "bt.h"
+
+struct csrhci_s {
+ int enable;
+ qemu_irq *pins;
+ int pin_state;
+ int modem_state;
+ CharDriverState chr;
+#define FIFO_LEN 4096
+ int out_start;
+ int out_len;
+ int out_size;
+ uint8_t outfifo[FIFO_LEN * 2];
+ uint8_t inpkt[FIFO_LEN];
+ int in_len;
+ int in_hdr;
+ int in_data;
+ QEMUTimer *out_tm;
+ int64_t baud_delay;
+
+ bdaddr_t bd_addr;
+ struct HCIInfo *hci;
+};
+
+/* H4+ packet types */
+enum {
+ H4_CMD_PKT = 1,
+ H4_ACL_PKT = 2,
+ H4_SCO_PKT = 3,
+ H4_EVT_PKT = 4,
+ H4_NEG_PKT = 6,
+ H4_ALIVE_PKT = 7,
+};
+
+/* CSR41814 negotiation start magic packet */
+static const uint8_t csrhci_neg_packet[] = {
+ H4_NEG_PKT, 10,
+ 0x00, 0xa0, 0x01, 0x00, 0x00,
+ 0x4c, 0x00, 0x96, 0x00, 0x00,
+};
+
+/* CSR41814 vendor-specific command OCFs */
+enum {
+ OCF_CSR_SEND_FIRMWARE = 0x000,
+};
+
+static inline void csrhci_fifo_wake(struct csrhci_s *s)
+{
+ if (!s->enable || !s->out_len)
+ return;
+
+ /* XXX: Should wait for s->modem_state & CHR_TIOCM_RTS? */
+ if (s->chr.chr_can_read && s->chr.chr_can_read(s->chr.handler_opaque) &&
+ s->chr.chr_read) {
+ s->chr.chr_read(s->chr.handler_opaque,
+ s->outfifo + s->out_start ++, 1);
+ s->out_len --;
+ if (s->out_start >= s->out_size) {
+ s->out_start = 0;
+ s->out_size = FIFO_LEN;
+ }
+ }
+
+ if (s->out_len)
+ qemu_mod_timer(s->out_tm, qemu_get_clock(vm_clock) + s->baud_delay);
+}
+
+#define csrhci_out_packetz(s, len) memset(csrhci_out_packet(s, len), 0, len)
+static uint8_t *csrhci_out_packet(struct csrhci_s *s, int len)
+{
+ int off = s->out_start + s->out_len;
+
+ /* TODO: do the padding here, i.e. align len */
+ s->out_len += len;
+
+ if (off < FIFO_LEN) {
+ if (off + len > FIFO_LEN && (s->out_size = off + len) > FIFO_LEN * 2) {
+ fprintf(stderr, "%s: can't alloc %i bytes\n", __FUNCTION__, len);
+ exit(-1);
+ }
+ return s->outfifo + off;
+ }
+
+ if (s->out_len > s->out_size) {
+ fprintf(stderr, "%s: can't alloc %i bytes\n", __FUNCTION__, len);
+ exit(-1);
+ }
+
+ return s->outfifo + off - s->out_size;
+}
+
+static inline uint8_t *csrhci_out_packet_csr(struct csrhci_s *s,
+ int type, int len)
+{
+ uint8_t *ret = csrhci_out_packetz(s, len + 2);
+
+ *ret ++ = type;
+ *ret ++ = len;
+
+ return ret;
+}
+
+static inline uint8_t *csrhci_out_packet_event(struct csrhci_s *s,
+ int evt, int len)
+{
+ uint8_t *ret = csrhci_out_packetz(s,
+ len + 1 + sizeof(struct hci_event_hdr));
+
+ *ret ++ = H4_EVT_PKT;
+ ((struct hci_event_hdr *) ret)->evt = evt;
+ ((struct hci_event_hdr *) ret)->plen = len;
+
+ return ret + sizeof(struct hci_event_hdr);
+}
+
+static void csrhci_in_packet_vendor(struct csrhci_s *s, int ocf,
+ uint8_t *data, int len)
+{
+ int offset;
+ uint8_t *rpkt;
+
+ switch (ocf) {
+ case OCF_CSR_SEND_FIRMWARE:
+ /* Check if this is the bd_address packet */
+ if (len >= 18 + 8 && data[12] == 0x01 && data[13] == 0x00) {
+ offset = 18;
+ s->bd_addr.b[0] = data[offset + 7]; /* Beyond cmd packet end(!?) */
+ s->bd_addr.b[1] = data[offset + 6];
+ s->bd_addr.b[2] = data[offset + 4];
+ s->bd_addr.b[3] = data[offset + 0];
+ s->bd_addr.b[4] = data[offset + 3];
+ s->bd_addr.b[5] = data[offset + 2];
+
+ s->hci->bdaddr_set(s->hci, s->bd_addr.b);
+ fprintf(stderr, "%s: bd_address loaded from firmware: "
+ "%02x:%02x:%02x:%02x:%02x:%02x\n", __FUNCTION__,
+ s->bd_addr.b[0], s->bd_addr.b[1], s->bd_addr.b[2],
+ s->bd_addr.b[3], s->bd_addr.b[4], s->bd_addr.b[5]);
+ }
+
+ rpkt = csrhci_out_packet_event(s, EVT_VENDOR, 11);
+ /* Status bytes: no error */
+ rpkt[9] = 0x00;
+ rpkt[10] = 0x00;
+ break;
+
+ default:
+ fprintf(stderr, "%s: got a bad CMD packet\n", __FUNCTION__);
+ return;
+ }
+
+ csrhci_fifo_wake(s);
+}
+
+static void csrhci_in_packet(struct csrhci_s *s, uint8_t *pkt)
+{
+ uint8_t *rpkt;
+ int opc;
+
+ switch (*pkt ++) {
+ case H4_CMD_PKT:
+ opc = le16_to_cpu(((struct hci_command_hdr *) pkt)->opcode);
+ if (cmd_opcode_ogf(opc) == OGF_VENDOR_CMD) {
+ csrhci_in_packet_vendor(s, cmd_opcode_ocf(opc),
+ pkt + sizeof(struct hci_command_hdr),
+ s->in_len - sizeof(struct hci_command_hdr) - 1);
+ return;
+ }
+
+ /* TODO: if the command is OCF_READ_LOCAL_COMMANDS or the likes,
+ * we need to send it to the HCI layer and then add our supported
+ * commands to the returned mask (such as OGF_VENDOR_CMD). With
+ * bt-hci.c we could just have hooks for this kind of commands but
+ * we can't with bt-host.c. */
+
+ s->hci->cmd_send(s->hci, pkt, s->in_len - 1);
+ break;
+
+ case H4_EVT_PKT:
+ goto bad_pkt;
+
+ case H4_ACL_PKT:
+ s->hci->acl_send(s->hci, pkt, s->in_len - 1);
+ break;
+
+ case H4_SCO_PKT:
+ s->hci->sco_send(s->hci, pkt, s->in_len - 1);
+ break;
+
+ case H4_NEG_PKT:
+ if (s->in_hdr != sizeof(csrhci_neg_packet) ||
+ memcmp(pkt - 1, csrhci_neg_packet, s->in_hdr)) {
+ fprintf(stderr, "%s: got a bad NEG packet\n", __FUNCTION__);
+ return;
+ }
+ pkt += 2;
+
+ rpkt = csrhci_out_packet_csr(s, H4_NEG_PKT, 10);
+
+ *rpkt ++ = 0x20; /* Operational settings negotation Ok */
+ memcpy(rpkt, pkt, 7); rpkt += 7;
+ *rpkt ++ = 0xff;
+ *rpkt ++ = 0xff;
+ break;
+
+ case H4_ALIVE_PKT:
+ if (s->in_hdr != 4 || pkt[1] != 0x55 || pkt[2] != 0x00) {
+ fprintf(stderr, "%s: got a bad ALIVE packet\n", __FUNCTION__);
+ return;
+ }
+
+ rpkt = csrhci_out_packet_csr(s, H4_ALIVE_PKT, 2);
+
+ *rpkt ++ = 0xcc;
+ *rpkt ++ = 0x00;
+ break;
+
+ default:
+ bad_pkt:
+ /* TODO: error out */
+ fprintf(stderr, "%s: got a bad packet\n", __FUNCTION__);
+ break;
+ }
+
+ csrhci_fifo_wake(s);
+}
+
+static int csrhci_header_len(const uint8_t *pkt)
+{
+ switch (pkt[0]) {
+ case H4_CMD_PKT:
+ return HCI_COMMAND_HDR_SIZE;
+ case H4_EVT_PKT:
+ return HCI_EVENT_HDR_SIZE;
+ case H4_ACL_PKT:
+ return HCI_ACL_HDR_SIZE;
+ case H4_SCO_PKT:
+ return HCI_SCO_HDR_SIZE;
+ case H4_NEG_PKT:
+ return pkt[1] + 1;
+ case H4_ALIVE_PKT:
+ return 3;
+ }
+
+ exit(-1);
+}
+
+static int csrhci_data_len(const uint8_t *pkt)
+{
+ switch (*pkt ++) {
+ case H4_CMD_PKT:
+ /* It seems that vendor-specific command packets for H4+ are all
+ * one byte longer than indicated in the standard header. */
+ if (le16_to_cpu(((struct hci_command_hdr *) pkt)->opcode) == 0xfc00)
+ return (((struct hci_command_hdr *) pkt)->plen + 1) & ~1;
+
+ return ((struct hci_command_hdr *) pkt)->plen;
+ case H4_EVT_PKT:
+ return ((struct hci_event_hdr *) pkt)->plen;
+ case H4_ACL_PKT:
+ return le16_to_cpu(((struct hci_acl_hdr *) pkt)->dlen);
+ case H4_SCO_PKT:
+ return ((struct hci_sco_hdr *) pkt)->dlen;
+ case H4_NEG_PKT:
+ case H4_ALIVE_PKT:
+ return 0;
+ }
+
+ exit(-1);
+}
+
+static int csrhci_write(struct CharDriverState *chr,
+ const uint8_t *buf, int len)
+{
+ struct csrhci_s *s = (struct csrhci_s *) chr->opaque;
+ int plen = s->in_len;
+
+ if (!s->enable)
+ return 0;
+
+ s->in_len += len;
+ memcpy(s->inpkt + plen, buf, len);
+
+ while (1) {
+ if (s->in_len >= 2 && plen < 2)
+ s->in_hdr = csrhci_header_len(s->inpkt) + 1;
+
+ if (s->in_len >= s->in_hdr && plen < s->in_hdr)
+ s->in_data = csrhci_data_len(s->inpkt) + s->in_hdr;
+
+ if (s->in_len >= s->in_data) {
+ csrhci_in_packet(s, s->inpkt);
+
+ memmove(s->inpkt, s->inpkt + s->in_len, s->in_len - s->in_data);
+ s->in_len -= s->in_data;
+ s->in_hdr = INT_MAX;
+ s->in_data = INT_MAX;
+ plen = 0;
+ } else
+ break;
+ }
+
+ return len;
+}
+
+static void csrhci_out_hci_packet_event(void *opaque,
+ const uint8_t *data, int len)
+{
+ struct csrhci_s *s = (struct csrhci_s *) opaque;
+ uint8_t *pkt = csrhci_out_packet(s, (len + 2) & ~1); /* Align */
+
+ *pkt ++ = H4_EVT_PKT;
+ memcpy(pkt, data, len);
+
+ csrhci_fifo_wake(s);
+}
+
+static void csrhci_out_hci_packet_acl(void *opaque,
+ const uint8_t *data, int len)
+{
+ struct csrhci_s *s = (struct csrhci_s *) opaque;
+ uint8_t *pkt = csrhci_out_packet(s, (len + 2) & ~1); /* Align */
+
+ *pkt ++ = H4_ACL_PKT;
+ pkt[len & ~1] = 0;
+ memcpy(pkt, data, len);
+
+ csrhci_fifo_wake(s);
+}
+
+static int csrhci_ioctl(struct CharDriverState *chr, int cmd, void *arg)
+{
+ QEMUSerialSetParams *ssp;
+ struct csrhci_s *s = (struct csrhci_s *) chr->opaque;
+ int prev_state = s->modem_state;
+
+ switch (cmd) {
+ case CHR_IOCTL_SERIAL_SET_PARAMS:
+ ssp = (QEMUSerialSetParams *) arg;
+ s->baud_delay = ticks_per_sec / ssp->speed;
+ /* Moments later... (but shorter than 100ms) */
+ s->modem_state |= CHR_TIOCM_CTS;
+ break;
+
+ case CHR_IOCTL_SERIAL_GET_TIOCM:
+ *(int *) arg = s->modem_state;
+ break;
+
+ case CHR_IOCTL_SERIAL_SET_TIOCM:
+ s->modem_state = *(int *) arg;
+ if (~s->modem_state & prev_state & CHR_TIOCM_RTS)
+ s->modem_state &= ~CHR_TIOCM_CTS;
+ break;
+
+ default:
+ return -ENOTSUP;
+ }
+ return 0;
+}
+
+static void csrhci_reset(struct csrhci_s *s)
+{
+ s->out_len = 0;
+ s->out_size = FIFO_LEN;
+ s->in_len = 0;
+ s->baud_delay = ticks_per_sec;
+ s->enable = 0;
+ s->in_hdr = INT_MAX;
+ s->in_data = INT_MAX;
+
+ s->modem_state = 0;
+ /* After a while... (but sooner than 10ms) */
+ s->modem_state |= CHR_TIOCM_CTS;
+
+ memset(&s->bd_addr, 0, sizeof(bdaddr_t));
+}
+
+static void csrhci_out_tick(void *opaque)
+{
+ csrhci_fifo_wake((struct csrhci_s *) opaque);
+}
+
+static void csrhci_pins(void *opaque, int line, int level)
+{
+ struct csrhci_s *s = (struct csrhci_s *) opaque;
+ int state = s->pin_state;
+
+ s->pin_state &= ~(1 << line);
+ s->pin_state |= (!!level) << line;
+
+ if ((state & ~s->pin_state) & (1 << csrhci_pin_reset)) {
+ /* TODO: Disappear from lower layers */
+ csrhci_reset(s);
+ }
+
+ if (s->pin_state == 3 && state != 3) {
+ s->enable = 1;
+ /* TODO: Wake lower layers up */
+ }
+}
+
+qemu_irq *csrhci_pins_get(CharDriverState *chr)
+{
+ struct csrhci_s *s = (struct csrhci_s *) chr->opaque;
+
+ return s->pins;
+}
+
+CharDriverState *uart_hci_init(qemu_irq wakeup)
+{
+ struct csrhci_s *s = (struct csrhci_s *)
+ qemu_mallocz(sizeof(struct csrhci_s));
+
+ s->chr.opaque = s;
+ s->chr.chr_write = csrhci_write;
+ s->chr.chr_ioctl = csrhci_ioctl;
+
+ s->hci = qemu_next_hci();
+ s->hci->opaque = s;
+ s->hci->evt_recv = csrhci_out_hci_packet_event;
+ s->hci->acl_recv = csrhci_out_hci_packet_acl;
+
+ s->out_tm = qemu_new_timer(vm_clock, csrhci_out_tick, s);
+ s->pins = qemu_allocate_irqs(csrhci_pins, s, __csrhci_pins);
+ csrhci_reset(s);
+
+ return &s->chr;
+}
diff --git a/hw/bt.h b/hw/bt.h
index c70be1c892..7cb192b77e 100644
--- a/hw/bt.h
+++ b/hw/bt.h
@@ -103,3 +103,1515 @@ struct bt_device_s {
/* bt.c */
void bt_device_init(struct bt_device_s *dev, struct bt_scatternet_s *net);
void bt_device_done(struct bt_device_s *dev);
+
+/* bt-hci-csr.c */
+enum {
+ csrhci_pin_reset,
+ csrhci_pin_wakeup,
+ __csrhci_pins,
+};
+qemu_irq *csrhci_pins_get(CharDriverState *chr);
+CharDriverState *uart_hci_init(qemu_irq wakeup);
+
+/* Link Management Protocol layer defines */
+
+#define LLID_ACLU_CONT 0x1
+#define LLID_ACLU_START 0x2
+#define LLID_ACLC 0x3
+
+enum lmp_pdu_type {
+ LMP_NAME_REQ = 0x0001,
+ LMP_NAME_RES = 0x0002,
+ LMP_ACCEPTED = 0x0003,
+ LMP_NOT_ACCEPTED = 0x0004,
+ LMP_CLKOFFSET_REQ = 0x0005,
+ LMP_CLKOFFSET_RES = 0x0006,
+ LMP_DETACH = 0x0007,
+ LMP_IN_RAND = 0x0008,
+ LMP_COMB_KEY = 0x0009,
+ LMP_UNIT_KEY = 0x000a,
+ LMP_AU_RAND = 0x000b,
+ LMP_SRES = 0x000c,
+ LMP_TEMP_RAND = 0x000d,
+ LMP_TEMP_KEY = 0x000e,
+ LMP_CRYPT_MODE_REQ = 0x000f,
+ LMP_CRYPT_KEY_SIZE_REQ = 0x0010,
+ LMP_START_ENCRYPT_REQ = 0x0011,
+ LMP_STOP_ENCRYPT_REQ = 0x0012,
+ LMP_SWITCH_REQ = 0x0013,
+ LMP_HOLD = 0x0014,
+ LMP_HOLD_REQ = 0x0015,
+ LMP_SNIFF_REQ = 0x0017,
+ LMP_UNSNIFF_REQ = 0x0018,
+ LMP_LMP_PARK_REQ = 0x0019,
+ LMP_SET_BCAST_SCAN_WND = 0x001b,
+ LMP_MODIFY_BEACON = 0x001c,
+ LMP_UNPARK_BD_ADDR_REQ = 0x001d,
+ LMP_UNPARK_PM_ADDR_REQ = 0x001e,
+ LMP_INCR_POWER_REQ = 0x001f,
+ LMP_DECR_POWER_REQ = 0x0020,
+ LMP_MAX_POWER = 0x0021,
+ LMP_MIN_POWER = 0x0022,
+ LMP_AUTO_RATE = 0x0023,
+ LMP_PREFERRED_RATE = 0x0024,
+ LMP_VERSION_REQ = 0x0025,
+ LMP_VERSION_RES = 0x0026,
+ LMP_FEATURES_REQ = 0x0027,
+ LMP_FEATURES_RES = 0x0028,
+ LMP_QUALITY_OF_SERVICE = 0x0029,
+ LMP_QOS_REQ = 0x002a,
+ LMP_RM_SCO_LINK_REQ = 0x002b,
+ LMP_SCO_LINK_REQ = 0x002c,
+ LMP_MAX_SLOT = 0x002d,
+ LMP_MAX_SLOT_REQ = 0x002e,
+ LMP_TIMING_ACCURACY_REQ = 0x002f,
+ LMP_TIMING_ACCURACY_RES = 0x0030,
+ LMP_SETUP_COMPLETE = 0x0031,
+ LMP_USE_SEMIPERM_KEY = 0x0032,
+ LMP_HOST_CONNECTION_REQ = 0x0033,
+ LMP_SLOT_OFFSET = 0x0034,
+ LMP_PAGE_MODE_REQ = 0x0035,
+ LMP_PAGE_SCAN_MODE_REQ = 0x0036,
+ LMP_SUPERVISION_TIMEOUT = 0x0037,
+ LMP_TEST_ACTIVATE = 0x0038,
+ LMP_TEST_CONTROL = 0x0039,
+ LMP_CRYPT_KEY_MASK_REQ = 0x003a,
+ LMP_CRYPT_KEY_MASK_RES = 0x003b,
+ LMP_SET_AFH = 0x003c,
+ LMP_ACCEPTED_EXT = 0x7f01,
+ LMP_NOT_ACCEPTED_EXT = 0x7f02,
+ LMP_FEATURES_REQ_EXT = 0x7f03,
+ LMP_FEATURES_RES_EXT = 0x7f04,
+ LMP_PACKET_TYPE_TBL_REQ = 0x7f0b,
+ LMP_ESCO_LINK_REQ = 0x7f0c,
+ LMP_RM_ESCO_LINK_REQ = 0x7f0d,
+ LMP_CHANNEL_CLASS_REQ = 0x7f10,
+ LMP_CHANNEL_CLASS = 0x7f11,
+};
+
+/* Host Controller Interface layer defines */
+
+enum hci_packet_type {
+ HCI_COMMAND_PKT = 0x01,
+ HCI_ACLDATA_PKT = 0x02,
+ HCI_SCODATA_PKT = 0x03,
+ HCI_EVENT_PKT = 0x04,
+ HCI_VENDOR_PKT = 0xff,
+};
+
+enum bt_packet_type {
+ HCI_2DH1 = 1 << 1,
+ HCI_3DH1 = 1 << 2,
+ HCI_DM1 = 1 << 3,
+ HCI_DH1 = 1 << 4,
+ HCI_2DH3 = 1 << 8,
+ HCI_3DH3 = 1 << 9,
+ HCI_DM3 = 1 << 10,
+ HCI_DH3 = 1 << 11,
+ HCI_2DH5 = 1 << 12,
+ HCI_3DH5 = 1 << 13,
+ HCI_DM5 = 1 << 14,
+ HCI_DH5 = 1 << 15,
+};
+
+enum sco_packet_type {
+ HCI_HV1 = 1 << 5,
+ HCI_HV2 = 1 << 6,
+ HCI_HV3 = 1 << 7,
+};
+
+enum ev_packet_type {
+ HCI_EV3 = 1 << 3,
+ HCI_EV4 = 1 << 4,
+ HCI_EV5 = 1 << 5,
+ HCI_2EV3 = 1 << 6,
+ HCI_3EV3 = 1 << 7,
+ HCI_2EV5 = 1 << 8,
+ HCI_3EV5 = 1 << 9,
+};
+
+enum hci_error_code {
+ HCI_SUCCESS = 0x00,
+ HCI_UNKNOWN_COMMAND = 0x01,
+ HCI_NO_CONNECTION = 0x02,
+ HCI_HARDWARE_FAILURE = 0x03,
+ HCI_PAGE_TIMEOUT = 0x04,
+ HCI_AUTHENTICATION_FAILURE = 0x05,
+ HCI_PIN_OR_KEY_MISSING = 0x06,
+ HCI_MEMORY_FULL = 0x07,
+ HCI_CONNECTION_TIMEOUT = 0x08,
+ HCI_MAX_NUMBER_OF_CONNECTIONS = 0x09,
+ HCI_MAX_NUMBER_OF_SCO_CONNECTIONS = 0x0a,
+ HCI_ACL_CONNECTION_EXISTS = 0x0b,
+ HCI_COMMAND_DISALLOWED = 0x0c,
+ HCI_REJECTED_LIMITED_RESOURCES = 0x0d,
+ HCI_REJECTED_SECURITY = 0x0e,
+ HCI_REJECTED_PERSONAL = 0x0f,
+ HCI_HOST_TIMEOUT = 0x10,
+ HCI_UNSUPPORTED_FEATURE = 0x11,
+ HCI_INVALID_PARAMETERS = 0x12,
+ HCI_OE_USER_ENDED_CONNECTION = 0x13,
+ HCI_OE_LOW_RESOURCES = 0x14,
+ HCI_OE_POWER_OFF = 0x15,
+ HCI_CONNECTION_TERMINATED = 0x16,
+ HCI_REPEATED_ATTEMPTS = 0x17,
+ HCI_PAIRING_NOT_ALLOWED = 0x18,
+ HCI_UNKNOWN_LMP_PDU = 0x19,
+ HCI_UNSUPPORTED_REMOTE_FEATURE = 0x1a,
+ HCI_SCO_OFFSET_REJECTED = 0x1b,
+ HCI_SCO_INTERVAL_REJECTED = 0x1c,
+ HCI_AIR_MODE_REJECTED = 0x1d,
+ HCI_INVALID_LMP_PARAMETERS = 0x1e,
+ HCI_UNSPECIFIED_ERROR = 0x1f,
+ HCI_UNSUPPORTED_LMP_PARAMETER_VALUE = 0x20,
+ HCI_ROLE_CHANGE_NOT_ALLOWED = 0x21,
+ HCI_LMP_RESPONSE_TIMEOUT = 0x22,
+ HCI_LMP_ERROR_TRANSACTION_COLLISION = 0x23,
+ HCI_LMP_PDU_NOT_ALLOWED = 0x24,
+ HCI_ENCRYPTION_MODE_NOT_ACCEPTED = 0x25,
+ HCI_UNIT_LINK_KEY_USED = 0x26,
+ HCI_QOS_NOT_SUPPORTED = 0x27,
+ HCI_INSTANT_PASSED = 0x28,
+ HCI_PAIRING_NOT_SUPPORTED = 0x29,
+ HCI_TRANSACTION_COLLISION = 0x2a,
+ HCI_QOS_UNACCEPTABLE_PARAMETER = 0x2c,
+ HCI_QOS_REJECTED = 0x2d,
+ HCI_CLASSIFICATION_NOT_SUPPORTED = 0x2e,
+ HCI_INSUFFICIENT_SECURITY = 0x2f,
+ HCI_PARAMETER_OUT_OF_RANGE = 0x30,
+ HCI_ROLE_SWITCH_PENDING = 0x32,
+ HCI_SLOT_VIOLATION = 0x34,
+ HCI_ROLE_SWITCH_FAILED = 0x35,
+};
+
+enum acl_flag_bits {
+ ACL_CONT = 1 << 0,
+ ACL_START = 1 << 1,
+ ACL_ACTIVE_BCAST = 1 << 2,
+ ACL_PICO_BCAST = 1 << 3,
+};
+
+enum baseband_link_type {
+ SCO_LINK = 0x00,
+ ACL_LINK = 0x01,
+};
+
+enum lmp_feature_bits0 {
+ LMP_3SLOT = 1 << 0,
+ LMP_5SLOT = 1 << 1,
+ LMP_ENCRYPT = 1 << 2,
+ LMP_SOFFSET = 1 << 3,
+ LMP_TACCURACY = 1 << 4,
+ LMP_RSWITCH = 1 << 5,
+ LMP_HOLD_MODE = 1 << 6,
+ LMP_SNIFF_MODE = 1 << 7,
+};
+
+enum lmp_feature_bits1 {
+ LMP_PARK = 1 << 0,
+ LMP_RSSI = 1 << 1,
+ LMP_QUALITY = 1 << 2,
+ LMP_SCO = 1 << 3,
+ LMP_HV2 = 1 << 4,
+ LMP_HV3 = 1 << 5,
+ LMP_ULAW = 1 << 6,
+ LMP_ALAW = 1 << 7,
+};
+
+enum lmp_feature_bits2 {
+ LMP_CVSD = 1 << 0,
+ LMP_PSCHEME = 1 << 1,
+ LMP_PCONTROL = 1 << 2,
+ LMP_TRSP_SCO = 1 << 3,
+ LMP_BCAST_ENC = 1 << 7,
+};
+
+enum lmp_feature_bits3 {
+ LMP_EDR_ACL_2M = 1 << 1,
+ LMP_EDR_ACL_3M = 1 << 2,
+ LMP_ENH_ISCAN = 1 << 3,
+ LMP_ILACE_ISCAN = 1 << 4,
+ LMP_ILACE_PSCAN = 1 << 5,
+ LMP_RSSI_INQ = 1 << 6,
+ LMP_ESCO = 1 << 7,
+};
+
+enum lmp_feature_bits4 {
+ LMP_EV4 = 1 << 0,
+ LMP_EV5 = 1 << 1,
+ LMP_AFH_CAP_SLV = 1 << 3,
+ LMP_AFH_CLS_SLV = 1 << 4,
+ LMP_EDR_3SLOT = 1 << 7,
+};
+
+enum lmp_feature_bits5 {
+ LMP_EDR_5SLOT = 1 << 0,
+ LMP_SNIFF_SUBR = 1 << 1,
+ LMP_AFH_CAP_MST = 1 << 3,
+ LMP_AFH_CLS_MST = 1 << 4,
+ LMP_EDR_ESCO_2M = 1 << 5,
+ LMP_EDR_ESCO_3M = 1 << 6,
+ LMP_EDR_3S_ESCO = 1 << 7,
+};
+
+enum lmp_feature_bits6 {
+ LMP_EXT_INQ = 1 << 0,
+};
+
+enum lmp_feature_bits7 {
+ LMP_EXT_FEAT = 1 << 7,
+};
+
+enum hci_link_policy {
+ HCI_LP_RSWITCH = 1 << 0,
+ HCI_LP_HOLD = 1 << 1,
+ HCI_LP_SNIFF = 1 << 2,
+ HCI_LP_PARK = 1 << 3,
+};
+
+enum hci_link_mode {
+ HCI_LM_ACCEPT = 1 << 15,
+ HCI_LM_MASTER = 1 << 0,
+ HCI_LM_AUTH = 1 << 1,
+ HCI_LM_ENCRYPT = 1 << 2,
+ HCI_LM_TRUSTED = 1 << 3,
+ HCI_LM_RELIABLE = 1 << 4,
+ HCI_LM_SECURE = 1 << 5,
+};
+
+/* HCI Commands */
+
+/* Link Control */
+#define OGF_LINK_CTL 0x01
+
+#define OCF_INQUIRY 0x0001
+typedef struct {
+ uint8_t lap[3];
+ uint8_t length; /* 1.28s units */
+ uint8_t num_rsp;
+} __attribute__ ((packed)) inquiry_cp;
+#define INQUIRY_CP_SIZE 5
+
+typedef struct {
+ uint8_t status;
+ bdaddr_t bdaddr;
+} __attribute__ ((packed)) status_bdaddr_rp;
+#define STATUS_BDADDR_RP_SIZE 7
+
+#define OCF_INQUIRY_CANCEL 0x0002
+
+#define OCF_PERIODIC_INQUIRY 0x0003
+typedef struct {
+ uint16_t max_period; /* 1.28s units */
+ uint16_t min_period; /* 1.28s units */
+ uint8_t lap[3];
+ uint8_t length; /* 1.28s units */
+ uint8_t num_rsp;
+} __attribute__ ((packed)) periodic_inquiry_cp;
+#define PERIODIC_INQUIRY_CP_SIZE 9
+
+#define OCF_EXIT_PERIODIC_INQUIRY 0x0004
+
+#define OCF_CREATE_CONN 0x0005
+typedef struct {
+ bdaddr_t bdaddr;
+ uint16_t pkt_type;
+ uint8_t pscan_rep_mode;
+ uint8_t pscan_mode;
+ uint16_t clock_offset;
+ uint8_t role_switch;
+} __attribute__ ((packed)) create_conn_cp;
+#define CREATE_CONN_CP_SIZE 13
+
+#define OCF_DISCONNECT 0x0006
+typedef struct {
+ uint16_t handle;
+ uint8_t reason;
+} __attribute__ ((packed)) disconnect_cp;
+#define DISCONNECT_CP_SIZE 3
+
+#define OCF_ADD_SCO 0x0007
+typedef struct {
+ uint16_t handle;
+ uint16_t pkt_type;
+} __attribute__ ((packed)) add_sco_cp;
+#define ADD_SCO_CP_SIZE 4
+
+#define OCF_CREATE_CONN_CANCEL 0x0008
+typedef struct {
+ uint8_t status;
+ bdaddr_t bdaddr;
+} __attribute__ ((packed)) create_conn_cancel_cp;
+#define CREATE_CONN_CANCEL_CP_SIZE 6
+
+typedef struct {
+ uint8_t status;
+ bdaddr_t bdaddr;
+} __attribute__ ((packed)) create_conn_cancel_rp;
+#define CREATE_CONN_CANCEL_RP_SIZE 7
+
+#define OCF_ACCEPT_CONN_REQ 0x0009
+typedef struct {
+ bdaddr_t bdaddr;
+ uint8_t role;
+} __attribute__ ((packed)) accept_conn_req_cp;
+#define ACCEPT_CONN_REQ_CP_SIZE 7
+
+#define OCF_REJECT_CONN_REQ 0x000A
+typedef struct {
+ bdaddr_t bdaddr;
+ uint8_t reason;
+} __attribute__ ((packed)) reject_conn_req_cp;
+#define REJECT_CONN_REQ_CP_SIZE 7
+
+#define OCF_LINK_KEY_REPLY 0x000B
+typedef struct {
+ bdaddr_t bdaddr;
+ uint8_t link_key[16];
+} __attribute__ ((packed)) link_key_reply_cp;
+#define LINK_KEY_REPLY_CP_SIZE 22
+
+#define OCF_LINK_KEY_NEG_REPLY 0x000C
+
+#define OCF_PIN_CODE_REPLY 0x000D
+typedef struct {
+ bdaddr_t bdaddr;
+ uint8_t pin_len;
+ uint8_t pin_code[16];
+} __attribute__ ((packed)) pin_code_reply_cp;
+#define PIN_CODE_REPLY_CP_SIZE 23
+
+#define OCF_PIN_CODE_NEG_REPLY 0x000E
+
+#define OCF_SET_CONN_PTYPE 0x000F
+typedef struct {
+ uint16_t handle;
+ uint16_t pkt_type;
+} __attribute__ ((packed)) set_conn_ptype_cp;
+#define SET_CONN_PTYPE_CP_SIZE 4
+
+#define OCF_AUTH_REQUESTED 0x0011
+typedef struct {
+ uint16_t handle;
+} __attribute__ ((packed)) auth_requested_cp;
+#define AUTH_REQUESTED_CP_SIZE 2
+
+#define OCF_SET_CONN_ENCRYPT 0x0013
+typedef struct {
+ uint16_t handle;
+ uint8_t encrypt;
+} __attribute__ ((packed)) set_conn_encrypt_cp;
+#define SET_CONN_ENCRYPT_CP_SIZE 3
+
+#define OCF_CHANGE_CONN_LINK_KEY 0x0015
+typedef struct {
+ uint16_t handle;
+} __attribute__ ((packed)) change_conn_link_key_cp;
+#define CHANGE_CONN_LINK_KEY_CP_SIZE 2
+
+#define OCF_MASTER_LINK_KEY 0x0017
+typedef struct {
+ uint8_t key_flag;
+} __attribute__ ((packed)) master_link_key_cp;
+#define MASTER_LINK_KEY_CP_SIZE 1
+
+#define OCF_REMOTE_NAME_REQ 0x0019
+typedef struct {
+ bdaddr_t bdaddr;
+ uint8_t pscan_rep_mode;
+ uint8_t pscan_mode;
+ uint16_t clock_offset;
+} __attribute__ ((packed)) remote_name_req_cp;
+#define REMOTE_NAME_REQ_CP_SIZE 10
+
+#define OCF_REMOTE_NAME_REQ_CANCEL 0x001A
+typedef struct {
+ bdaddr_t bdaddr;
+} __attribute__ ((packed)) remote_name_req_cancel_cp;
+#define REMOTE_NAME_REQ_CANCEL_CP_SIZE 6
+
+typedef struct {
+ uint8_t status;
+ bdaddr_t bdaddr;
+} __attribute__ ((packed)) remote_name_req_cancel_rp;
+#define REMOTE_NAME_REQ_CANCEL_RP_SIZE 7
+
+#define OCF_READ_REMOTE_FEATURES 0x001B
+typedef struct {
+ uint16_t handle;
+} __attribute__ ((packed)) read_remote_features_cp;
+#define READ_REMOTE_FEATURES_CP_SIZE 2
+
+#define OCF_READ_REMOTE_EXT_FEATURES 0x001C
+typedef struct {
+ uint16_t handle;
+ uint8_t page_num;
+} __attribute__ ((packed)) read_remote_ext_features_cp;
+#define READ_REMOTE_EXT_FEATURES_CP_SIZE 3
+
+#define OCF_READ_REMOTE_VERSION 0x001D
+typedef struct {
+ uint16_t handle;
+} __attribute__ ((packed)) read_remote_version_cp;
+#define READ_REMOTE_VERSION_CP_SIZE 2
+
+#define OCF_READ_CLOCK_OFFSET 0x001F
+typedef struct {
+ uint16_t handle;
+} __attribute__ ((packed)) read_clock_offset_cp;
+#define READ_CLOCK_OFFSET_CP_SIZE 2
+
+#define OCF_READ_LMP_HANDLE 0x0020
+typedef struct {
+ uint16_t handle;
+} __attribute__ ((packed)) read_lmp_handle_cp;
+#define READ_LMP_HANDLE_CP_SIZE 2
+
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint8_t lmp_handle;
+ uint32_t reserved;
+} __attribute__ ((packed)) read_lmp_handle_rp;
+#define READ_LMP_HANDLE_RP_SIZE 8
+
+#define OCF_SETUP_SYNC_CONN 0x0028
+typedef struct {
+ uint16_t handle;
+ uint32_t tx_bandwith;
+ uint32_t rx_bandwith;
+ uint16_t max_latency;
+ uint16_t voice_setting;
+ uint8_t retrans_effort;
+ uint16_t pkt_type;
+} __attribute__ ((packed)) setup_sync_conn_cp;
+#define SETUP_SYNC_CONN_CP_SIZE 17
+
+#define OCF_ACCEPT_SYNC_CONN_REQ 0x0029
+typedef struct {
+ bdaddr_t bdaddr;
+ uint32_t tx_bandwith;
+ uint32_t rx_bandwith;
+ uint16_t max_latency;
+ uint16_t voice_setting;
+ uint8_t retrans_effort;
+ uint16_t pkt_type;
+} __attribute__ ((packed)) accept_sync_conn_req_cp;
+#define ACCEPT_SYNC_CONN_REQ_CP_SIZE 21
+
+#define OCF_REJECT_SYNC_CONN_REQ 0x002A
+typedef struct {
+ bdaddr_t bdaddr;
+ uint8_t reason;
+} __attribute__ ((packed)) reject_sync_conn_req_cp;
+#define REJECT_SYNC_CONN_REQ_CP_SIZE 7
+
+/* Link Policy */
+#define OGF_LINK_POLICY 0x02
+
+#define OCF_HOLD_MODE 0x0001
+typedef struct {
+ uint16_t handle;
+ uint16_t max_interval;
+ uint16_t min_interval;
+} __attribute__ ((packed)) hold_mode_cp;
+#define HOLD_MODE_CP_SIZE 6
+
+#define OCF_SNIFF_MODE 0x0003
+typedef struct {
+ uint16_t handle;
+ uint16_t max_interval;
+ uint16_t min_interval;
+ uint16_t attempt;
+ uint16_t timeout;
+} __attribute__ ((packed)) sniff_mode_cp;
+#define SNIFF_MODE_CP_SIZE 10
+
+#define OCF_EXIT_SNIFF_MODE 0x0004
+typedef struct {
+ uint16_t handle;
+} __attribute__ ((packed)) exit_sniff_mode_cp;
+#define EXIT_SNIFF_MODE_CP_SIZE 2
+
+#define OCF_PARK_MODE 0x0005
+typedef struct {
+ uint16_t handle;
+ uint16_t max_interval;
+ uint16_t min_interval;
+} __attribute__ ((packed)) park_mode_cp;
+#define PARK_MODE_CP_SIZE 6
+
+#define OCF_EXIT_PARK_MODE 0x0006
+typedef struct {
+ uint16_t handle;
+} __attribute__ ((packed)) exit_park_mode_cp;
+#define EXIT_PARK_MODE_CP_SIZE 2
+
+#define OCF_QOS_SETUP 0x0007
+typedef struct {
+ uint8_t service_type; /* 1 = best effort */
+ uint32_t token_rate; /* Byte per seconds */
+ uint32_t peak_bandwidth; /* Byte per seconds */
+ uint32_t latency; /* Microseconds */
+ uint32_t delay_variation; /* Microseconds */
+} __attribute__ ((packed)) hci_qos;
+#define HCI_QOS_CP_SIZE 17
+typedef struct {
+ uint16_t handle;
+ uint8_t flags; /* Reserved */
+ hci_qos qos;
+} __attribute__ ((packed)) qos_setup_cp;
+#define QOS_SETUP_CP_SIZE (3 + HCI_QOS_CP_SIZE)
+
+#define OCF_ROLE_DISCOVERY 0x0009
+typedef struct {
+ uint16_t handle;
+} __attribute__ ((packed)) role_discovery_cp;
+#define ROLE_DISCOVERY_CP_SIZE 2
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint8_t role;
+} __attribute__ ((packed)) role_discovery_rp;
+#define ROLE_DISCOVERY_RP_SIZE 4
+
+#define OCF_SWITCH_ROLE 0x000B
+typedef struct {
+ bdaddr_t bdaddr;
+ uint8_t role;
+} __attribute__ ((packed)) switch_role_cp;
+#define SWITCH_ROLE_CP_SIZE 7
+
+#define OCF_READ_LINK_POLICY 0x000C
+typedef struct {
+ uint16_t handle;
+} __attribute__ ((packed)) read_link_policy_cp;
+#define READ_LINK_POLICY_CP_SIZE 2
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint16_t policy;
+} __attribute__ ((packed)) read_link_policy_rp;
+#define READ_LINK_POLICY_RP_SIZE 5
+
+#define OCF_WRITE_LINK_POLICY 0x000D
+typedef struct {
+ uint16_t handle;
+ uint16_t policy;
+} __attribute__ ((packed)) write_link_policy_cp;
+#define WRITE_LINK_POLICY_CP_SIZE 4
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+} __attribute__ ((packed)) write_link_policy_rp;
+#define WRITE_LINK_POLICY_RP_SIZE 3
+
+#define OCF_READ_DEFAULT_LINK_POLICY 0x000E
+
+#define OCF_WRITE_DEFAULT_LINK_POLICY 0x000F
+
+#define OCF_FLOW_SPECIFICATION 0x0010
+
+#define OCF_SNIFF_SUBRATE 0x0011
+typedef struct {
+ uint16_t handle;
+ uint16_t max_remote_latency;
+ uint16_t max_local_latency;
+ uint16_t min_remote_timeout;
+ uint16_t min_local_timeout;
+} __attribute__ ((packed)) sniff_subrate_cp;
+#define SNIFF_SUBRATE_CP_SIZE 10
+
+/* Host Controller and Baseband */
+#define OGF_HOST_CTL 0x03
+
+#define OCF_SET_EVENT_MASK 0x0001
+typedef struct {
+ uint8_t mask[8];
+} __attribute__ ((packed)) set_event_mask_cp;
+#define SET_EVENT_MASK_CP_SIZE 8
+
+#define OCF_RESET 0x0003
+
+#define OCF_SET_EVENT_FLT 0x0005
+typedef struct {
+ uint8_t flt_type;
+ uint8_t cond_type;
+ uint8_t condition[0];
+} __attribute__ ((packed)) set_event_flt_cp;
+#define SET_EVENT_FLT_CP_SIZE 2
+
+enum bt_filter_type {
+ FLT_CLEAR_ALL = 0x00,
+ FLT_INQ_RESULT = 0x01,
+ FLT_CONN_SETUP = 0x02,
+};
+enum inq_result_cond_type {
+ INQ_RESULT_RETURN_ALL = 0x00,
+ INQ_RESULT_RETURN_CLASS = 0x01,
+ INQ_RESULT_RETURN_BDADDR = 0x02,
+};
+enum conn_setup_cond_type {
+ CONN_SETUP_ALLOW_ALL = 0x00,
+ CONN_SETUP_ALLOW_CLASS = 0x01,
+ CONN_SETUP_ALLOW_BDADDR = 0x02,
+};
+enum conn_setup_cond {
+ CONN_SETUP_AUTO_OFF = 0x01,
+ CONN_SETUP_AUTO_ON = 0x02,
+};
+
+#define OCF_FLUSH 0x0008
+typedef struct {
+ uint16_t handle;
+} __attribute__ ((packed)) flush_cp;
+#define FLUSH_CP_SIZE 2
+
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+} __attribute__ ((packed)) flush_rp;
+#define FLUSH_RP_SIZE 3
+
+#define OCF_READ_PIN_TYPE 0x0009
+typedef struct {
+ uint8_t status;
+ uint8_t pin_type;
+} __attribute__ ((packed)) read_pin_type_rp;
+#define READ_PIN_TYPE_RP_SIZE 2
+
+#define OCF_WRITE_PIN_TYPE 0x000A
+typedef struct {
+ uint8_t pin_type;
+} __attribute__ ((packed)) write_pin_type_cp;
+#define WRITE_PIN_TYPE_CP_SIZE 1
+
+#define OCF_CREATE_NEW_UNIT_KEY 0x000B
+
+#define OCF_READ_STORED_LINK_KEY 0x000D
+typedef struct {
+ bdaddr_t bdaddr;
+ uint8_t read_all;
+} __attribute__ ((packed)) read_stored_link_key_cp;
+#define READ_STORED_LINK_KEY_CP_SIZE 7
+typedef struct {
+ uint8_t status;
+ uint16_t max_keys;
+ uint16_t num_keys;
+} __attribute__ ((packed)) read_stored_link_key_rp;
+#define READ_STORED_LINK_KEY_RP_SIZE 5
+
+#define OCF_WRITE_STORED_LINK_KEY 0x0011
+typedef struct {
+ uint8_t num_keys;
+ /* variable length part */
+} __attribute__ ((packed)) write_stored_link_key_cp;
+#define WRITE_STORED_LINK_KEY_CP_SIZE 1
+typedef struct {
+ uint8_t status;
+ uint8_t num_keys;
+} __attribute__ ((packed)) write_stored_link_key_rp;
+#define READ_WRITE_LINK_KEY_RP_SIZE 2
+
+#define OCF_DELETE_STORED_LINK_KEY 0x0012
+typedef struct {
+ bdaddr_t bdaddr;
+ uint8_t delete_all;
+} __attribute__ ((packed)) delete_stored_link_key_cp;
+#define DELETE_STORED_LINK_KEY_CP_SIZE 7
+typedef struct {
+ uint8_t status;
+ uint16_t num_keys;
+} __attribute__ ((packed)) delete_stored_link_key_rp;
+#define DELETE_STORED_LINK_KEY_RP_SIZE 3
+
+#define OCF_CHANGE_LOCAL_NAME 0x0013
+typedef struct {
+ char name[248];
+} __attribute__ ((packed)) change_local_name_cp;
+#define CHANGE_LOCAL_NAME_CP_SIZE 248
+
+#define OCF_READ_LOCAL_NAME 0x0014
+typedef struct {
+ uint8_t status;
+ char name[248];
+} __attribute__ ((packed)) read_local_name_rp;
+#define READ_LOCAL_NAME_RP_SIZE 249
+
+#define OCF_READ_CONN_ACCEPT_TIMEOUT 0x0015
+typedef struct {
+ uint8_t status;
+ uint16_t timeout;
+} __attribute__ ((packed)) read_conn_accept_timeout_rp;
+#define READ_CONN_ACCEPT_TIMEOUT_RP_SIZE 3
+
+#define OCF_WRITE_CONN_ACCEPT_TIMEOUT 0x0016
+typedef struct {
+ uint16_t timeout;
+} __attribute__ ((packed)) write_conn_accept_timeout_cp;
+#define WRITE_CONN_ACCEPT_TIMEOUT_CP_SIZE 2
+
+#define OCF_READ_PAGE_TIMEOUT 0x0017
+typedef struct {
+ uint8_t status;
+ uint16_t timeout;
+} __attribute__ ((packed)) read_page_timeout_rp;
+#define READ_PAGE_TIMEOUT_RP_SIZE 3
+
+#define OCF_WRITE_PAGE_TIMEOUT 0x0018
+typedef struct {
+ uint16_t timeout;
+} __attribute__ ((packed)) write_page_timeout_cp;
+#define WRITE_PAGE_TIMEOUT_CP_SIZE 2
+
+#define OCF_READ_SCAN_ENABLE 0x0019
+typedef struct {
+ uint8_t status;
+ uint8_t enable;
+} __attribute__ ((packed)) read_scan_enable_rp;
+#define READ_SCAN_ENABLE_RP_SIZE 2
+
+#define OCF_WRITE_SCAN_ENABLE 0x001A
+typedef struct {
+ uint8_t scan_enable;
+} __attribute__ ((packed)) write_scan_enable_cp;
+#define WRITE_SCAN_ENABLE_CP_SIZE 1
+
+enum scan_enable_bits {
+ SCAN_DISABLED = 0,
+ SCAN_INQUIRY = 1 << 0,
+ SCAN_PAGE = 1 << 1,
+};
+
+#define OCF_READ_PAGE_ACTIVITY 0x001B
+typedef struct {
+ uint8_t status;
+ uint16_t interval;
+ uint16_t window;
+} __attribute__ ((packed)) read_page_activity_rp;
+#define READ_PAGE_ACTIVITY_RP_SIZE 5
+
+#define OCF_WRITE_PAGE_ACTIVITY 0x001C
+typedef struct {
+ uint16_t interval;
+ uint16_t window;
+} __attribute__ ((packed)) write_page_activity_cp;
+#define WRITE_PAGE_ACTIVITY_CP_SIZE 4
+
+#define OCF_READ_INQ_ACTIVITY 0x001D
+typedef struct {
+ uint8_t status;
+ uint16_t interval;
+ uint16_t window;
+} __attribute__ ((packed)) read_inq_activity_rp;
+#define READ_INQ_ACTIVITY_RP_SIZE 5
+
+#define OCF_WRITE_INQ_ACTIVITY 0x001E
+typedef struct {
+ uint16_t interval;
+ uint16_t window;
+} __attribute__ ((packed)) write_inq_activity_cp;
+#define WRITE_INQ_ACTIVITY_CP_SIZE 4
+
+#define OCF_READ_AUTH_ENABLE 0x001F
+
+#define OCF_WRITE_AUTH_ENABLE 0x0020
+
+#define AUTH_DISABLED 0x00
+#define AUTH_ENABLED 0x01
+
+#define OCF_READ_ENCRYPT_MODE 0x0021
+
+#define OCF_WRITE_ENCRYPT_MODE 0x0022
+
+#define ENCRYPT_DISABLED 0x00
+#define ENCRYPT_P2P 0x01
+#define ENCRYPT_BOTH 0x02
+
+#define OCF_READ_CLASS_OF_DEV 0x0023
+typedef struct {
+ uint8_t status;
+ uint8_t dev_class[3];
+} __attribute__ ((packed)) read_class_of_dev_rp;
+#define READ_CLASS_OF_DEV_RP_SIZE 4
+
+#define OCF_WRITE_CLASS_OF_DEV 0x0024
+typedef struct {
+ uint8_t dev_class[3];
+} __attribute__ ((packed)) write_class_of_dev_cp;
+#define WRITE_CLASS_OF_DEV_CP_SIZE 3
+
+#define OCF_READ_VOICE_SETTING 0x0025
+typedef struct {
+ uint8_t status;
+ uint16_t voice_setting;
+} __attribute__ ((packed)) read_voice_setting_rp;
+#define READ_VOICE_SETTING_RP_SIZE 3
+
+#define OCF_WRITE_VOICE_SETTING 0x0026
+typedef struct {
+ uint16_t voice_setting;
+} __attribute__ ((packed)) write_voice_setting_cp;
+#define WRITE_VOICE_SETTING_CP_SIZE 2
+
+#define OCF_READ_AUTOMATIC_FLUSH_TIMEOUT 0x0027
+
+#define OCF_WRITE_AUTOMATIC_FLUSH_TIMEOUT 0x0028
+
+#define OCF_READ_NUM_BROADCAST_RETRANS 0x0029
+
+#define OCF_WRITE_NUM_BROADCAST_RETRANS 0x002A
+
+#define OCF_READ_HOLD_MODE_ACTIVITY 0x002B
+
+#define OCF_WRITE_HOLD_MODE_ACTIVITY 0x002C
+
+#define OCF_READ_TRANSMIT_POWER_LEVEL 0x002D
+typedef struct {
+ uint16_t handle;
+ uint8_t type;
+} __attribute__ ((packed)) read_transmit_power_level_cp;
+#define READ_TRANSMIT_POWER_LEVEL_CP_SIZE 3
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ int8_t level;
+} __attribute__ ((packed)) read_transmit_power_level_rp;
+#define READ_TRANSMIT_POWER_LEVEL_RP_SIZE 4
+
+#define OCF_HOST_BUFFER_SIZE 0x0033
+typedef struct {
+ uint16_t acl_mtu;
+ uint8_t sco_mtu;
+ uint16_t acl_max_pkt;
+ uint16_t sco_max_pkt;
+} __attribute__ ((packed)) host_buffer_size_cp;
+#define HOST_BUFFER_SIZE_CP_SIZE 7
+
+#define OCF_HOST_NUMBER_OF_COMPLETED_PACKETS 0x0035
+
+#define OCF_READ_LINK_SUPERVISION_TIMEOUT 0x0036
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint16_t link_sup_to;
+} __attribute__ ((packed)) read_link_supervision_timeout_rp;
+#define READ_LINK_SUPERVISION_TIMEOUT_RP_SIZE 5
+
+#define OCF_WRITE_LINK_SUPERVISION_TIMEOUT 0x0037
+typedef struct {
+ uint16_t handle;
+ uint16_t link_sup_to;
+} __attribute__ ((packed)) write_link_supervision_timeout_cp;
+#define WRITE_LINK_SUPERVISION_TIMEOUT_CP_SIZE 4
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+} __attribute__ ((packed)) write_link_supervision_timeout_rp;
+#define WRITE_LINK_SUPERVISION_TIMEOUT_RP_SIZE 3
+
+#define OCF_READ_NUM_SUPPORTED_IAC 0x0038
+
+#define MAX_IAC_LAP 0x40
+#define OCF_READ_CURRENT_IAC_LAP 0x0039
+typedef struct {
+ uint8_t status;
+ uint8_t num_current_iac;
+ uint8_t lap[MAX_IAC_LAP][3];
+} __attribute__ ((packed)) read_current_iac_lap_rp;
+#define READ_CURRENT_IAC_LAP_RP_SIZE 2+3*MAX_IAC_LAP
+
+#define OCF_WRITE_CURRENT_IAC_LAP 0x003A
+typedef struct {
+ uint8_t num_current_iac;
+ uint8_t lap[MAX_IAC_LAP][3];
+} __attribute__ ((packed)) write_current_iac_lap_cp;
+#define WRITE_CURRENT_IAC_LAP_CP_SIZE 1+3*MAX_IAC_LAP
+
+#define OCF_READ_PAGE_SCAN_PERIOD_MODE 0x003B
+
+#define OCF_WRITE_PAGE_SCAN_PERIOD_MODE 0x003C
+
+#define OCF_READ_PAGE_SCAN_MODE 0x003D
+
+#define OCF_WRITE_PAGE_SCAN_MODE 0x003E
+
+#define OCF_SET_AFH_CLASSIFICATION 0x003F
+typedef struct {
+ uint8_t map[10];
+} __attribute__ ((packed)) set_afh_classification_cp;
+#define SET_AFH_CLASSIFICATION_CP_SIZE 10
+typedef struct {
+ uint8_t status;
+} __attribute__ ((packed)) set_afh_classification_rp;
+#define SET_AFH_CLASSIFICATION_RP_SIZE 1
+
+#define OCF_READ_INQUIRY_SCAN_TYPE 0x0042
+typedef struct {
+ uint8_t status;
+ uint8_t type;
+} __attribute__ ((packed)) read_inquiry_scan_type_rp;
+#define READ_INQUIRY_SCAN_TYPE_RP_SIZE 2
+
+#define OCF_WRITE_INQUIRY_SCAN_TYPE 0x0043
+typedef struct {
+ uint8_t type;
+} __attribute__ ((packed)) write_inquiry_scan_type_cp;
+#define WRITE_INQUIRY_SCAN_TYPE_CP_SIZE 1
+typedef struct {
+ uint8_t status;
+} __attribute__ ((packed)) write_inquiry_scan_type_rp;
+#define WRITE_INQUIRY_SCAN_TYPE_RP_SIZE 1
+
+#define OCF_READ_INQUIRY_MODE 0x0044
+typedef struct {
+ uint8_t status;
+ uint8_t mode;
+} __attribute__ ((packed)) read_inquiry_mode_rp;
+#define READ_INQUIRY_MODE_RP_SIZE 2
+
+#define OCF_WRITE_INQUIRY_MODE 0x0045
+typedef struct {
+ uint8_t mode;
+} __attribute__ ((packed)) write_inquiry_mode_cp;
+#define WRITE_INQUIRY_MODE_CP_SIZE 1
+typedef struct {
+ uint8_t status;
+} __attribute__ ((packed)) write_inquiry_mode_rp;
+#define WRITE_INQUIRY_MODE_RP_SIZE 1
+
+#define OCF_READ_PAGE_SCAN_TYPE 0x0046
+
+#define OCF_WRITE_PAGE_SCAN_TYPE 0x0047
+
+#define OCF_READ_AFH_MODE 0x0048
+typedef struct {
+ uint8_t status;
+ uint8_t mode;
+} __attribute__ ((packed)) read_afh_mode_rp;
+#define READ_AFH_MODE_RP_SIZE 2
+
+#define OCF_WRITE_AFH_MODE 0x0049
+typedef struct {
+ uint8_t mode;
+} __attribute__ ((packed)) write_afh_mode_cp;
+#define WRITE_AFH_MODE_CP_SIZE 1
+typedef struct {
+ uint8_t status;
+} __attribute__ ((packed)) write_afh_mode_rp;
+#define WRITE_AFH_MODE_RP_SIZE 1
+
+#define OCF_READ_EXT_INQUIRY_RESPONSE 0x0051
+typedef struct {
+ uint8_t status;
+ uint8_t fec;
+ uint8_t data[240];
+} __attribute__ ((packed)) read_ext_inquiry_response_rp;
+#define READ_EXT_INQUIRY_RESPONSE_RP_SIZE 242
+
+#define OCF_WRITE_EXT_INQUIRY_RESPONSE 0x0052
+typedef struct {
+ uint8_t fec;
+ uint8_t data[240];
+} __attribute__ ((packed)) write_ext_inquiry_response_cp;
+#define WRITE_EXT_INQUIRY_RESPONSE_CP_SIZE 241
+typedef struct {
+ uint8_t status;
+} __attribute__ ((packed)) write_ext_inquiry_response_rp;
+#define WRITE_EXT_INQUIRY_RESPONSE_RP_SIZE 1
+
+/* Informational Parameters */
+#define OGF_INFO_PARAM 0x04
+
+#define OCF_READ_LOCAL_VERSION 0x0001
+typedef struct {
+ uint8_t status;
+ uint8_t hci_ver;
+ uint16_t hci_rev;
+ uint8_t lmp_ver;
+ uint16_t manufacturer;
+ uint16_t lmp_subver;
+} __attribute__ ((packed)) read_local_version_rp;
+#define READ_LOCAL_VERSION_RP_SIZE 9
+
+#define OCF_READ_LOCAL_COMMANDS 0x0002
+typedef struct {
+ uint8_t status;
+ uint8_t commands[64];
+} __attribute__ ((packed)) read_local_commands_rp;
+#define READ_LOCAL_COMMANDS_RP_SIZE 65
+
+#define OCF_READ_LOCAL_FEATURES 0x0003
+typedef struct {
+ uint8_t status;
+ uint8_t features[8];
+} __attribute__ ((packed)) read_local_features_rp;
+#define READ_LOCAL_FEATURES_RP_SIZE 9
+
+#define OCF_READ_LOCAL_EXT_FEATURES 0x0004
+typedef struct {
+ uint8_t page_num;
+} __attribute__ ((packed)) read_local_ext_features_cp;
+#define READ_LOCAL_EXT_FEATURES_CP_SIZE 1
+typedef struct {
+ uint8_t status;
+ uint8_t page_num;
+ uint8_t max_page_num;
+ uint8_t features[8];
+} __attribute__ ((packed)) read_local_ext_features_rp;
+#define READ_LOCAL_EXT_FEATURES_RP_SIZE 11
+
+#define OCF_READ_BUFFER_SIZE 0x0005
+typedef struct {
+ uint8_t status;
+ uint16_t acl_mtu;
+ uint8_t sco_mtu;
+ uint16_t acl_max_pkt;
+ uint16_t sco_max_pkt;
+} __attribute__ ((packed)) read_buffer_size_rp;
+#define READ_BUFFER_SIZE_RP_SIZE 8
+
+#define OCF_READ_COUNTRY_CODE 0x0007
+typedef struct {
+ uint8_t status;
+ uint8_t country_code;
+} __attribute__ ((packed)) read_country_code_rp;
+#define READ_COUNTRY_CODE_RP_SIZE 2
+
+#define OCF_READ_BD_ADDR 0x0009
+typedef struct {
+ uint8_t status;
+ bdaddr_t bdaddr;
+} __attribute__ ((packed)) read_bd_addr_rp;
+#define READ_BD_ADDR_RP_SIZE 7
+
+/* Status params */
+#define OGF_STATUS_PARAM 0x05
+
+#define OCF_READ_FAILED_CONTACT_COUNTER 0x0001
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint8_t counter;
+} __attribute__ ((packed)) read_failed_contact_counter_rp;
+#define READ_FAILED_CONTACT_COUNTER_RP_SIZE 4
+
+#define OCF_RESET_FAILED_CONTACT_COUNTER 0x0002
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+} __attribute__ ((packed)) reset_failed_contact_counter_rp;
+#define RESET_FAILED_CONTACT_COUNTER_RP_SIZE 4
+
+#define OCF_READ_LINK_QUALITY 0x0003
+typedef struct {
+ uint16_t handle;
+} __attribute__ ((packed)) read_link_quality_cp;
+#define READ_LINK_QUALITY_CP_SIZE 4
+
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint8_t link_quality;
+} __attribute__ ((packed)) read_link_quality_rp;
+#define READ_LINK_QUALITY_RP_SIZE 4
+
+#define OCF_READ_RSSI 0x0005
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ int8_t rssi;
+} __attribute__ ((packed)) read_rssi_rp;
+#define READ_RSSI_RP_SIZE 4
+
+#define OCF_READ_AFH_MAP 0x0006
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint8_t mode;
+ uint8_t map[10];
+} __attribute__ ((packed)) read_afh_map_rp;
+#define READ_AFH_MAP_RP_SIZE 14
+
+#define OCF_READ_CLOCK 0x0007
+typedef struct {
+ uint16_t handle;
+ uint8_t which_clock;
+} __attribute__ ((packed)) read_clock_cp;
+#define READ_CLOCK_CP_SIZE 3
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint32_t clock;
+ uint16_t accuracy;
+} __attribute__ ((packed)) read_clock_rp;
+#define READ_CLOCK_RP_SIZE 9
+
+/* Testing commands */
+#define OGF_TESTING_CMD 0x3e
+
+/* Vendor specific commands */
+#define OGF_VENDOR_CMD 0x3f
+
+/* HCI Events */
+
+#define EVT_INQUIRY_COMPLETE 0x01
+
+#define EVT_INQUIRY_RESULT 0x02
+typedef struct {
+ uint8_t num_responses;
+ bdaddr_t bdaddr;
+ uint8_t pscan_rep_mode;
+ uint8_t pscan_period_mode;
+ uint8_t pscan_mode;
+ uint8_t dev_class[3];
+ uint16_t clock_offset;
+} __attribute__ ((packed)) inquiry_info;
+#define INQUIRY_INFO_SIZE 14
+
+#define EVT_CONN_COMPLETE 0x03
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ bdaddr_t bdaddr;
+ uint8_t link_type;
+ uint8_t encr_mode;
+} __attribute__ ((packed)) evt_conn_complete;
+#define EVT_CONN_COMPLETE_SIZE 11
+
+#define EVT_CONN_REQUEST 0x04
+typedef struct {
+ bdaddr_t bdaddr;
+ uint8_t dev_class[3];
+ uint8_t link_type;
+} __attribute__ ((packed)) evt_conn_request;
+#define EVT_CONN_REQUEST_SIZE 10
+
+#define EVT_DISCONN_COMPLETE 0x05
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint8_t reason;
+} __attribute__ ((packed)) evt_disconn_complete;
+#define EVT_DISCONN_COMPLETE_SIZE 4
+
+#define EVT_AUTH_COMPLETE 0x06
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+} __attribute__ ((packed)) evt_auth_complete;
+#define EVT_AUTH_COMPLETE_SIZE 3
+
+#define EVT_REMOTE_NAME_REQ_COMPLETE 0x07
+typedef struct {
+ uint8_t status;
+ bdaddr_t bdaddr;
+ char name[248];
+} __attribute__ ((packed)) evt_remote_name_req_complete;
+#define EVT_REMOTE_NAME_REQ_COMPLETE_SIZE 255
+
+#define EVT_ENCRYPT_CHANGE 0x08
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint8_t encrypt;
+} __attribute__ ((packed)) evt_encrypt_change;
+#define EVT_ENCRYPT_CHANGE_SIZE 5
+
+#define EVT_CHANGE_CONN_LINK_KEY_COMPLETE 0x09
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+} __attribute__ ((packed)) evt_change_conn_link_key_complete;
+#define EVT_CHANGE_CONN_LINK_KEY_COMPLETE_SIZE 3
+
+#define EVT_MASTER_LINK_KEY_COMPLETE 0x0A
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint8_t key_flag;
+} __attribute__ ((packed)) evt_master_link_key_complete;
+#define EVT_MASTER_LINK_KEY_COMPLETE_SIZE 4
+
+#define EVT_READ_REMOTE_FEATURES_COMPLETE 0x0B
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint8_t features[8];
+} __attribute__ ((packed)) evt_read_remote_features_complete;
+#define EVT_READ_REMOTE_FEATURES_COMPLETE_SIZE 11
+
+#define EVT_READ_REMOTE_VERSION_COMPLETE 0x0C
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint8_t lmp_ver;
+ uint16_t manufacturer;
+ uint16_t lmp_subver;
+} __attribute__ ((packed)) evt_read_remote_version_complete;
+#define EVT_READ_REMOTE_VERSION_COMPLETE_SIZE 8
+
+#define EVT_QOS_SETUP_COMPLETE 0x0D
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint8_t flags; /* Reserved */
+ hci_qos qos;
+} __attribute__ ((packed)) evt_qos_setup_complete;
+#define EVT_QOS_SETUP_COMPLETE_SIZE (4 + HCI_QOS_CP_SIZE)
+
+#define EVT_CMD_COMPLETE 0x0E
+typedef struct {
+ uint8_t ncmd;
+ uint16_t opcode;
+} __attribute__ ((packed)) evt_cmd_complete;
+#define EVT_CMD_COMPLETE_SIZE 3
+
+#define EVT_CMD_STATUS 0x0F
+typedef struct {
+ uint8_t status;
+ uint8_t ncmd;
+ uint16_t opcode;
+} __attribute__ ((packed)) evt_cmd_status;
+#define EVT_CMD_STATUS_SIZE 4
+
+#define EVT_HARDWARE_ERROR 0x10
+typedef struct {
+ uint8_t code;
+} __attribute__ ((packed)) evt_hardware_error;
+#define EVT_HARDWARE_ERROR_SIZE 1
+
+#define EVT_FLUSH_OCCURRED 0x11
+typedef struct {
+ uint16_t handle;
+} __attribute__ ((packed)) evt_flush_occured;
+#define EVT_FLUSH_OCCURRED_SIZE 2
+
+#define EVT_ROLE_CHANGE 0x12
+typedef struct {
+ uint8_t status;
+ bdaddr_t bdaddr;
+ uint8_t role;
+} __attribute__ ((packed)) evt_role_change;
+#define EVT_ROLE_CHANGE_SIZE 8
+
+#define EVT_NUM_COMP_PKTS 0x13
+typedef struct {
+ uint8_t num_hndl;
+ struct {
+ uint16_t handle;
+ uint16_t num_packets;
+ } connection[0];
+} __attribute__ ((packed)) evt_num_comp_pkts;
+#define EVT_NUM_COMP_PKTS_SIZE(num_hndl) (1 + 4 * (num_hndl))
+
+#define EVT_MODE_CHANGE 0x14
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint8_t mode;
+ uint16_t interval;
+} __attribute__ ((packed)) evt_mode_change;
+#define EVT_MODE_CHANGE_SIZE 6
+
+#define EVT_RETURN_LINK_KEYS 0x15
+typedef struct {
+ uint8_t num_keys;
+ /* variable length part */
+} __attribute__ ((packed)) evt_return_link_keys;
+#define EVT_RETURN_LINK_KEYS_SIZE 1
+
+#define EVT_PIN_CODE_REQ 0x16
+typedef struct {
+ bdaddr_t bdaddr;
+} __attribute__ ((packed)) evt_pin_code_req;
+#define EVT_PIN_CODE_REQ_SIZE 6
+
+#define EVT_LINK_KEY_REQ 0x17
+typedef struct {
+ bdaddr_t bdaddr;
+} __attribute__ ((packed)) evt_link_key_req;
+#define EVT_LINK_KEY_REQ_SIZE 6
+
+#define EVT_LINK_KEY_NOTIFY 0x18
+typedef struct {
+ bdaddr_t bdaddr;
+ uint8_t link_key[16];
+ uint8_t key_type;
+} __attribute__ ((packed)) evt_link_key_notify;
+#define EVT_LINK_KEY_NOTIFY_SIZE 23
+
+#define EVT_LOOPBACK_COMMAND 0x19
+
+#define EVT_DATA_BUFFER_OVERFLOW 0x1A
+typedef struct {
+ uint8_t link_type;
+} __attribute__ ((packed)) evt_data_buffer_overflow;
+#define EVT_DATA_BUFFER_OVERFLOW_SIZE 1
+
+#define EVT_MAX_SLOTS_CHANGE 0x1B
+typedef struct {
+ uint16_t handle;
+ uint8_t max_slots;
+} __attribute__ ((packed)) evt_max_slots_change;
+#define EVT_MAX_SLOTS_CHANGE_SIZE 3
+
+#define EVT_READ_CLOCK_OFFSET_COMPLETE 0x1C
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint16_t clock_offset;
+} __attribute__ ((packed)) evt_read_clock_offset_complete;
+#define EVT_READ_CLOCK_OFFSET_COMPLETE_SIZE 5
+
+#define EVT_CONN_PTYPE_CHANGED 0x1D
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint16_t ptype;
+} __attribute__ ((packed)) evt_conn_ptype_changed;
+#define EVT_CONN_PTYPE_CHANGED_SIZE 5
+
+#define EVT_QOS_VIOLATION 0x1E
+typedef struct {
+ uint16_t handle;
+} __attribute__ ((packed)) evt_qos_violation;
+#define EVT_QOS_VIOLATION_SIZE 2
+
+#define EVT_PSCAN_REP_MODE_CHANGE 0x20
+typedef struct {
+ bdaddr_t bdaddr;
+ uint8_t pscan_rep_mode;
+} __attribute__ ((packed)) evt_pscan_rep_mode_change;
+#define EVT_PSCAN_REP_MODE_CHANGE_SIZE 7
+
+#define EVT_FLOW_SPEC_COMPLETE 0x21
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint8_t flags;
+ uint8_t direction;
+ hci_qos qos;
+} __attribute__ ((packed)) evt_flow_spec_complete;
+#define EVT_FLOW_SPEC_COMPLETE_SIZE (5 + HCI_QOS_CP_SIZE)
+
+#define EVT_INQUIRY_RESULT_WITH_RSSI 0x22
+typedef struct {
+ uint8_t num_responses;
+ bdaddr_t bdaddr;
+ uint8_t pscan_rep_mode;
+ uint8_t pscan_period_mode;
+ uint8_t dev_class[3];
+ uint16_t clock_offset;
+ int8_t rssi;
+} __attribute__ ((packed)) inquiry_info_with_rssi;
+#define INQUIRY_INFO_WITH_RSSI_SIZE 15
+typedef struct {
+ uint8_t num_responses;
+ bdaddr_t bdaddr;
+ uint8_t pscan_rep_mode;
+ uint8_t pscan_period_mode;
+ uint8_t pscan_mode;
+ uint8_t dev_class[3];
+ uint16_t clock_offset;
+ int8_t rssi;
+} __attribute__ ((packed)) inquiry_info_with_rssi_and_pscan_mode;
+#define INQUIRY_INFO_WITH_RSSI_AND_PSCAN_MODE_SIZE 16
+
+#define EVT_READ_REMOTE_EXT_FEATURES_COMPLETE 0x23
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint8_t page_num;
+ uint8_t max_page_num;
+ uint8_t features[8];
+} __attribute__ ((packed)) evt_read_remote_ext_features_complete;
+#define EVT_READ_REMOTE_EXT_FEATURES_COMPLETE_SIZE 13
+
+#define EVT_SYNC_CONN_COMPLETE 0x2C
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ bdaddr_t bdaddr;
+ uint8_t link_type;
+ uint8_t trans_interval;
+ uint8_t retrans_window;
+ uint16_t rx_pkt_len;
+ uint16_t tx_pkt_len;
+ uint8_t air_mode;
+} __attribute__ ((packed)) evt_sync_conn_complete;
+#define EVT_SYNC_CONN_COMPLETE_SIZE 17
+
+#define EVT_SYNC_CONN_CHANGED 0x2D
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint8_t trans_interval;
+ uint8_t retrans_window;
+ uint16_t rx_pkt_len;
+ uint16_t tx_pkt_len;
+} __attribute__ ((packed)) evt_sync_conn_changed;
+#define EVT_SYNC_CONN_CHANGED_SIZE 9
+
+#define EVT_SNIFF_SUBRATE 0x2E
+typedef struct {
+ uint8_t status;
+ uint16_t handle;
+ uint16_t max_remote_latency;
+ uint16_t max_local_latency;
+ uint16_t min_remote_timeout;
+ uint16_t min_local_timeout;
+} __attribute__ ((packed)) evt_sniff_subrate;
+#define EVT_SNIFF_SUBRATE_SIZE 11
+
+#define EVT_EXTENDED_INQUIRY_RESULT 0x2F
+typedef struct {
+ bdaddr_t bdaddr;
+ uint8_t pscan_rep_mode;
+ uint8_t pscan_period_mode;
+ uint8_t dev_class[3];
+ uint16_t clock_offset;
+ int8_t rssi;
+ uint8_t data[240];
+} __attribute__ ((packed)) extended_inquiry_info;
+#define EXTENDED_INQUIRY_INFO_SIZE 254
+
+#define EVT_TESTING 0xFE
+
+#define EVT_VENDOR 0xFF
+
+/* Command opcode pack/unpack */
+#define cmd_opcode_pack(ogf, ocf) (uint16_t)((ocf & 0x03ff)|(ogf << 10))
+#define cmd_opcode_ogf(op) (op >> 10)
+#define cmd_opcode_ocf(op) (op & 0x03ff)
+
+/* ACL handle and flags pack/unpack */
+#define acl_handle_pack(h, f) (uint16_t)(((h) & 0x0fff)|((f) << 12))
+#define acl_handle(h) ((h) & 0x0fff)
+#define acl_flags(h) ((h) >> 12)
+
+/* HCI Packet structures */
+#define HCI_COMMAND_HDR_SIZE 3
+#define HCI_EVENT_HDR_SIZE 2
+#define HCI_ACL_HDR_SIZE 4
+#define HCI_SCO_HDR_SIZE 3
+
+struct hci_command_hdr {
+ uint16_t opcode; /* OCF & OGF */
+ uint8_t plen;
+} __attribute__ ((packed));
+
+struct hci_event_hdr {
+ uint8_t evt;
+ uint8_t plen;
+} __attribute__ ((packed));
+
+struct hci_acl_hdr {
+ uint16_t handle; /* Handle & Flags(PB, BC) */
+ uint16_t dlen;
+} __attribute__ ((packed));
+
+struct hci_sco_hdr {
+ uint16_t handle;
+ uint8_t dlen;
+} __attribute__ ((packed));
diff --git a/hw/nseries.c b/hw/nseries.c
index bb1b1b2ec5..11e817ba08 100644
--- a/hw/nseries.c
+++ b/hw/nseries.c
@@ -741,6 +741,20 @@ static void n8x0_cbus_setup(struct n800_s *s)
cbus_attach(cbus, s->tahvo = tahvo_init(tahvo_irq, 1));
}
+static void n8x0_uart_setup(struct n800_s *s)
+{
+ CharDriverState *radio = uart_hci_init(
+ omap2_gpio_in_get(s->cpu->gpif,
+ N8X0_BT_HOST_WKUP_GPIO)[0]);
+
+ omap2_gpio_out_set(s->cpu->gpif, N8X0_BT_RESET_GPIO,
+ csrhci_pins_get(radio)[csrhci_pin_reset]);
+ omap2_gpio_out_set(s->cpu->gpif, N8X0_BT_WKUP_GPIO,
+ csrhci_pins_get(radio)[csrhci_pin_wakeup]);
+
+ omap_uart_attach(s->cpu->uart[BT_UART], radio);
+}
+
static void n8x0_usb_power_cb(void *opaque, int line, int level)
{
struct n800_s *s = opaque;
@@ -1306,6 +1320,7 @@ static void n8x0_init(ram_addr_t ram_size, const char *boot_device,
n8x0_spi_setup(s);
n8x0_dss_setup(s, ds);
n8x0_cbus_setup(s);
+ n8x0_uart_setup(s);
if (usb_enabled)
n8x0_usb_setup(s);