2
* Service Discover Protocol server for QEMU L2CAP devices
4
* Copyright (C) 2008 Andrzej Zaborowski <balrog@zabor.org>
6
* This program is free software; you can redistribute it and/or
7
* modify it under the terms of the GNU General Public License as
8
* published by the Free Software Foundation; either version 2 of
9
* the License, or (at your option) any later version.
11
* This program is distributed in the hope that it will be useful,
12
* but WITHOUT ANY WARRANTY; without even the implied warranty of
13
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14
* GNU General Public License for more details.
16
* You should have received a copy of the GNU General Public License along
17
* with this program; if not, see <http://www.gnu.org/licenses/>.
20
#include "qemu-common.h"
23
struct bt_l2cap_sdp_state_s {
24
struct bt_l2cap_conn_params_s *channel;
26
struct sdp_service_record_s {
31
struct sdp_service_attribute_s {
43
static ssize_t sdp_datalen(const uint8_t **element, ssize_t *left)
45
size_t len = *(*element) ++ & SDP_DSIZE_MASK;
51
if (len < SDP_DSIZE_NEXT1)
53
else if (len == SDP_DSIZE_NEXT1) {
58
return *(*element) ++;
59
} else if (len == SDP_DSIZE_NEXT2) {
64
len = (*(*element) ++) << 8;
65
return len | (*(*element) ++);
71
len = (*(*element) ++) << 24;
72
len |= (*(*element) ++) << 16;
73
len |= (*(*element) ++) << 8;
74
return len | (*(*element) ++);
78
static const uint8_t bt_base_uuid[12] = {
79
0x00, 0x00, 0x10, 0x00, 0x80, 0x00, 0x00, 0x80, 0x5f, 0x9b, 0x34, 0xfb,
82
static int sdp_uuid_match(struct sdp_service_record_s *record,
83
const uint8_t *uuid, ssize_t datalen)
87
if (datalen == 16 || datalen == 4) {
88
if (datalen == 16 && memcmp(uuid + 4, bt_base_uuid, 12))
91
if (uuid[0] | uuid[1])
96
val = (uuid[0] << 8) | uuid[1];
106
#define CONTINUATION_PARAM_SIZE (1 + sizeof(int))
107
#define MAX_PDU_OUT_SIZE 96 /* Arbitrary */
108
#define PDU_HEADER_SIZE 5
109
#define MAX_RSP_PARAM_SIZE (MAX_PDU_OUT_SIZE - PDU_HEADER_SIZE - \
110
CONTINUATION_PARAM_SIZE)
112
static int sdp_svc_match(struct bt_l2cap_sdp_state_s *sdp,
113
const uint8_t **req, ssize_t *len)
118
if ((**req & ~SDP_DSIZE_MASK) != SDP_DTYPE_UUID)
121
datalen = sdp_datalen(req, len);
122
if (datalen != 2 && datalen != 4 && datalen != 16)
125
for (i = 0; i < sdp->services; i ++)
126
if (sdp_uuid_match(&sdp->service_list[i], *req, datalen))
127
sdp->service_list[i].match = 1;
135
static ssize_t sdp_svc_search(struct bt_l2cap_sdp_state_s *sdp,
136
uint8_t *rsp, const uint8_t *req, ssize_t len)
139
int i, count, start, end, max;
142
/* Perform the search */
143
for (i = 0; i < sdp->services; i ++)
144
sdp->service_list[i].match = 0;
147
return -SDP_INVALID_SYNTAX;
148
if ((*req & ~SDP_DSIZE_MASK) == SDP_DTYPE_SEQ) {
149
seqlen = sdp_datalen(&req, &len);
150
if (seqlen < 3 || len < seqlen)
151
return -SDP_INVALID_SYNTAX;
155
if (sdp_svc_match(sdp, &req, &seqlen))
156
return -SDP_INVALID_SYNTAX;
157
} else if (sdp_svc_match(sdp, &req, &seqlen))
158
return -SDP_INVALID_SYNTAX;
161
return -SDP_INVALID_SYNTAX;
162
max = (req[0] << 8) | req[1];
167
if (len <= sizeof(int))
168
return -SDP_INVALID_SYNTAX;
170
memcpy(&start, req + 1, sizeof(int));
175
return -SDP_INVALID_SYNTAX;
177
/* Output the results */
181
for (i = 0; i < sdp->services; i ++)
182
if (sdp->service_list[i].match) {
183
if (count >= start && count < max && len + 4 < MAX_RSP_PARAM_SIZE) {
185
memcpy(rsp + len, &handle, 4);
194
rsp[1] = count & 0xff;
195
rsp[2] = (end - start) >> 8;
196
rsp[3] = (end - start) & 0xff;
199
rsp[len ++] = sizeof(int);
200
memcpy(rsp + len, &end, sizeof(int));
208
static int sdp_attr_match(struct sdp_service_record_s *record,
209
const uint8_t **req, ssize_t *len)
213
if (**req == (SDP_DTYPE_UINT | SDP_DSIZE_2)) {
218
start = (*(*req) ++) << 8;
222
} else if (**req == (SDP_DTYPE_UINT | SDP_DSIZE_4)) {
227
start = (*(*req) ++) << 8;
229
end = (*(*req) ++) << 8;
235
for (i = 0; i < record->attributes; i ++)
236
if (record->attribute_list[i].attribute_id >= start &&
237
record->attribute_list[i].attribute_id <= end)
238
record->attribute_list[i].match = 1;
243
static ssize_t sdp_attr_get(struct bt_l2cap_sdp_state_s *sdp,
244
uint8_t *rsp, const uint8_t *req, ssize_t len)
247
int i, start, end, max;
249
struct sdp_service_record_s *record;
252
/* Perform the search */
254
return -SDP_INVALID_SYNTAX;
255
memcpy(&handle, req, 4);
259
if (handle < 0 || handle > sdp->services)
260
return -SDP_INVALID_RECORD_HANDLE;
261
record = &sdp->service_list[handle];
263
for (i = 0; i < record->attributes; i ++)
264
record->attribute_list[i].match = 0;
266
max = (req[0] << 8) | req[1];
270
return -SDP_INVALID_SYNTAX;
272
if ((*req & ~SDP_DSIZE_MASK) == SDP_DTYPE_SEQ) {
273
seqlen = sdp_datalen(&req, &len);
274
if (seqlen < 3 || len < seqlen)
275
return -SDP_INVALID_SYNTAX;
279
if (sdp_attr_match(record, &req, &seqlen))
280
return -SDP_INVALID_SYNTAX;
281
} else if (sdp_attr_match(record, &req, &seqlen))
282
return -SDP_INVALID_SYNTAX;
285
return -SDP_INVALID_SYNTAX;
288
if (len <= sizeof(int))
289
return -SDP_INVALID_SYNTAX;
291
memcpy(&start, req + 1, sizeof(int));
296
return -SDP_INVALID_SYNTAX;
298
/* Output the results */
300
max = MIN(max, MAX_RSP_PARAM_SIZE);
303
for (i = 0; i < record->attributes; i ++)
304
if (record->attribute_list[i].match) {
305
if (len >= 0 && len + record->attribute_list[i].len < max) {
306
memcpy(lst + len, record->attribute_list[i].pair,
307
record->attribute_list[i].len);
308
end = len + record->attribute_list[i].len;
310
len += record->attribute_list[i].len;
313
lst[0] = SDP_DTYPE_SEQ | SDP_DSIZE_NEXT2;
314
lst[1] = (len + start - 3) >> 8;
315
lst[2] = (len + start - 3) & 0xff;
323
lst[end ++] = sizeof(int);
324
memcpy(lst + end, &len, sizeof(int));
332
static int sdp_svc_attr_match(struct bt_l2cap_sdp_state_s *sdp,
333
const uint8_t **req, ssize_t *len)
335
int i, j, start, end;
336
struct sdp_service_record_s *record;
338
if (**req == (SDP_DTYPE_UINT | SDP_DSIZE_2)) {
343
start = (*(*req) ++) << 8;
347
} else if (**req == (SDP_DTYPE_UINT | SDP_DSIZE_4)) {
352
start = (*(*req) ++) << 8;
354
end = (*(*req) ++) << 8;
360
for (i = 0; i < sdp->services; i ++)
361
if ((record = &sdp->service_list[i])->match)
362
for (j = 0; j < record->attributes; j ++)
363
if (record->attribute_list[j].attribute_id >= start &&
364
record->attribute_list[j].attribute_id <= end)
365
record->attribute_list[j].match = 1;
370
static ssize_t sdp_svc_search_attr_get(struct bt_l2cap_sdp_state_s *sdp,
371
uint8_t *rsp, const uint8_t *req, ssize_t len)
374
int i, j, start, end, max;
375
struct sdp_service_record_s *record;
378
/* Perform the search */
379
for (i = 0; i < sdp->services; i ++) {
380
sdp->service_list[i].match = 0;
381
for (j = 0; j < sdp->service_list[i].attributes; j ++)
382
sdp->service_list[i].attribute_list[j].match = 0;
386
return -SDP_INVALID_SYNTAX;
387
if ((*req & ~SDP_DSIZE_MASK) == SDP_DTYPE_SEQ) {
388
seqlen = sdp_datalen(&req, &len);
389
if (seqlen < 3 || len < seqlen)
390
return -SDP_INVALID_SYNTAX;
394
if (sdp_svc_match(sdp, &req, &seqlen))
395
return -SDP_INVALID_SYNTAX;
396
} else if (sdp_svc_match(sdp, &req, &seqlen))
397
return -SDP_INVALID_SYNTAX;
400
return -SDP_INVALID_SYNTAX;
401
max = (req[0] << 8) | req[1];
405
return -SDP_INVALID_SYNTAX;
407
if ((*req & ~SDP_DSIZE_MASK) == SDP_DTYPE_SEQ) {
408
seqlen = sdp_datalen(&req, &len);
409
if (seqlen < 3 || len < seqlen)
410
return -SDP_INVALID_SYNTAX;
414
if (sdp_svc_attr_match(sdp, &req, &seqlen))
415
return -SDP_INVALID_SYNTAX;
416
} else if (sdp_svc_attr_match(sdp, &req, &seqlen))
417
return -SDP_INVALID_SYNTAX;
420
return -SDP_INVALID_SYNTAX;
423
if (len <= sizeof(int))
424
return -SDP_INVALID_SYNTAX;
426
memcpy(&start, req + 1, sizeof(int));
431
return -SDP_INVALID_SYNTAX;
433
/* Output the results */
434
/* This assumes empty attribute lists are never to be returned even
435
* for matching Service Records. In practice this shouldn't happen
436
* as the requestor will usually include the always present
437
* ServiceRecordHandle AttributeID in AttributeIDList. */
439
max = MIN(max, MAX_RSP_PARAM_SIZE);
442
for (i = 0; i < sdp->services; i ++)
443
if ((record = &sdp->service_list[i])->match) {
446
for (j = 0; j < record->attributes; j ++)
447
if (record->attribute_list[j].match) {
449
if (len + record->attribute_list[j].len < max) {
450
memcpy(lst + len, record->attribute_list[j].pair,
451
record->attribute_list[j].len);
452
end = len + record->attribute_list[j].len;
454
len += record->attribute_list[j].len;
458
else if (seqlen >= 3 && seqlen < max) {
459
lst[seqlen - 3] = SDP_DTYPE_SEQ | SDP_DSIZE_NEXT2;
460
lst[seqlen - 2] = (len - seqlen) >> 8;
461
lst[seqlen - 1] = (len - seqlen) & 0xff;
464
if (len == 3 - start)
466
else if (0 >= start) {
467
lst[0] = SDP_DTYPE_SEQ | SDP_DSIZE_NEXT2;
468
lst[1] = (len + start - 3) >> 8;
469
lst[2] = (len + start - 3) & 0xff;
477
lst[end ++] = sizeof(int);
478
memcpy(lst + end, &len, sizeof(int));
486
static void bt_l2cap_sdp_sdu_in(void *opaque, const uint8_t *data, int len)
488
struct bt_l2cap_sdp_state_s *sdp = opaque;
489
enum bt_sdp_cmd pdu_id;
490
uint8_t rsp[MAX_PDU_OUT_SIZE - PDU_HEADER_SIZE], *sdu_out;
491
int transaction_id, plen;
496
fprintf(stderr, "%s: short SDP PDU (%iB).\n", __FUNCTION__, len);
501
transaction_id = (data[0] << 8) | data[1];
502
plen = (data[2] << 8) | data[3];
507
fprintf(stderr, "%s: wrong SDP PDU length (%iB != %iB).\n",
508
__FUNCTION__, plen, len);
509
err = SDP_INVALID_PDU_SIZE;
514
case SDP_SVC_SEARCH_REQ:
515
rsp_len = sdp_svc_search(sdp, rsp, data, len);
516
pdu_id = SDP_SVC_SEARCH_RSP;
519
case SDP_SVC_ATTR_REQ:
520
rsp_len = sdp_attr_get(sdp, rsp, data, len);
521
pdu_id = SDP_SVC_ATTR_RSP;
524
case SDP_SVC_SEARCH_ATTR_REQ:
525
rsp_len = sdp_svc_search_attr_get(sdp, rsp, data, len);
526
pdu_id = SDP_SVC_SEARCH_ATTR_RSP;
530
case SDP_SVC_ATTR_RSP:
531
case SDP_SVC_SEARCH_RSP:
532
case SDP_SVC_SEARCH_ATTR_RSP:
534
fprintf(stderr, "%s: unexpected SDP PDU ID %02x.\n",
535
__FUNCTION__, pdu_id);
536
err = SDP_INVALID_SYNTAX;
547
pdu_id = SDP_ERROR_RSP;
548
rsp[rsp_len ++] = err >> 8;
549
rsp[rsp_len ++] = err & 0xff;
552
sdu_out = sdp->channel->sdu_out(sdp->channel, rsp_len + PDU_HEADER_SIZE);
555
sdu_out[1] = transaction_id >> 8;
556
sdu_out[2] = transaction_id & 0xff;
557
sdu_out[3] = rsp_len >> 8;
558
sdu_out[4] = rsp_len & 0xff;
559
memcpy(sdu_out + PDU_HEADER_SIZE, rsp, rsp_len);
561
sdp->channel->sdu_submit(sdp->channel);
564
static void bt_l2cap_sdp_close_ch(void *opaque)
566
struct bt_l2cap_sdp_state_s *sdp = opaque;
569
for (i = 0; i < sdp->services; i ++) {
570
qemu_free(sdp->service_list[i].attribute_list->pair);
571
qemu_free(sdp->service_list[i].attribute_list);
572
qemu_free(sdp->service_list[i].uuid);
574
qemu_free(sdp->service_list);
578
struct sdp_def_service_s {
580
struct sdp_def_attribute_s {
582
struct sdp_def_data_element_s {
587
struct sdp_def_data_element_s *list;
593
/* Calculate a safe byte count to allocate that will store the given
594
* element, at the same time count elements of a UUID type. */
595
static int sdp_attr_max_size(struct sdp_def_data_element_s *element,
598
int type = element->type & ~SDP_DSIZE_MASK;
601
if (type == SDP_DTYPE_UINT || type == SDP_DTYPE_UUID ||
602
type == SDP_DTYPE_BOOL) {
603
if (type == SDP_DTYPE_UUID)
605
return 1 + (1 << (element->type & SDP_DSIZE_MASK));
608
if (type == SDP_DTYPE_STRING || type == SDP_DTYPE_URL) {
609
if (element->type & SDP_DSIZE_MASK) {
610
for (len = 0; element->value.str[len] |
611
element->value.str[len + 1]; len ++);
614
return 2 + strlen(element->value.str);
617
if (type != SDP_DTYPE_SEQ)
620
element = element->value.list;
621
while (element->type)
622
len += sdp_attr_max_size(element ++, uuids);
629
static int sdp_attr_write(uint8_t *data,
630
struct sdp_def_data_element_s *element, int **uuid)
632
int type = element->type & ~SDP_DSIZE_MASK;
635
if (type == SDP_DTYPE_UINT || type == SDP_DTYPE_BOOL) {
636
data[len ++] = element->type;
637
if ((element->type & SDP_DSIZE_MASK) == SDP_DSIZE_1)
638
data[len ++] = (element->value.uint >> 0) & 0xff;
639
else if ((element->type & SDP_DSIZE_MASK) == SDP_DSIZE_2) {
640
data[len ++] = (element->value.uint >> 8) & 0xff;
641
data[len ++] = (element->value.uint >> 0) & 0xff;
642
} else if ((element->type & SDP_DSIZE_MASK) == SDP_DSIZE_4) {
643
data[len ++] = (element->value.uint >> 24) & 0xff;
644
data[len ++] = (element->value.uint >> 16) & 0xff;
645
data[len ++] = (element->value.uint >> 8) & 0xff;
646
data[len ++] = (element->value.uint >> 0) & 0xff;
652
if (type == SDP_DTYPE_UUID) {
653
*(*uuid) ++ = element->value.uint;
655
data[len ++] = element->type;
656
data[len ++] = (element->value.uint >> 24) & 0xff;
657
data[len ++] = (element->value.uint >> 16) & 0xff;
658
data[len ++] = (element->value.uint >> 8) & 0xff;
659
data[len ++] = (element->value.uint >> 0) & 0xff;
660
memcpy(data + len, bt_base_uuid, 12);
665
data[0] = type | SDP_DSIZE_NEXT1;
666
if (type == SDP_DTYPE_STRING || type == SDP_DTYPE_URL) {
667
if (element->type & SDP_DSIZE_MASK)
668
for (len = 0; element->value.str[len] |
669
element->value.str[len + 1]; len ++);
671
len = strlen(element->value.str);
672
memcpy(data + 2, element->value.str, data[1] = len);
678
element = element->value.list;
679
while (element->type)
680
len += sdp_attr_write(data + len, element ++, uuid);
686
static int sdp_attributeid_compare(const struct sdp_service_attribute_s *a,
687
const struct sdp_service_attribute_s *b)
689
return (int) b->attribute_id - a->attribute_id;
692
static int sdp_uuid_compare(const int *a, const int *b)
697
static void sdp_service_record_build(struct sdp_service_record_s *record,
698
struct sdp_def_service_s *def, int handle)
705
while (def->attributes[record->attributes].data.type) {
707
len += sdp_attr_max_size(&def->attributes[record->attributes ++].data,
710
record->uuids = 1 << ffs(record->uuids - 1);
711
record->attribute_list =
712
qemu_mallocz(record->attributes * sizeof(*record->attribute_list));
714
qemu_mallocz(record->uuids * sizeof(*record->uuid));
715
data = qemu_malloc(len);
717
record->attributes = 0;
719
while (def->attributes[record->attributes].data.type) {
720
record->attribute_list[record->attributes].pair = data;
723
data[len ++] = SDP_DTYPE_UINT | SDP_DSIZE_2;
724
data[len ++] = def->attributes[record->attributes].id >> 8;
725
data[len ++] = def->attributes[record->attributes].id & 0xff;
726
len += sdp_attr_write(data + len,
727
&def->attributes[record->attributes].data, &uuid);
729
/* Special case: assign a ServiceRecordHandle in sequence */
730
if (def->attributes[record->attributes].id == SDP_ATTR_RECORD_HANDLE)
731
def->attributes[record->attributes].data.value.uint = handle;
732
/* Note: we could also assign a ServiceDescription based on
733
* sdp->device.device->lmp_name. */
735
record->attribute_list[record->attributes ++].len = len;
739
/* Sort the attribute list by the AttributeID */
740
qsort(record->attribute_list, record->attributes,
741
sizeof(*record->attribute_list),
742
(void *) sdp_attributeid_compare);
743
/* Sort the searchable UUIDs list for bisection */
744
qsort(record->uuid, record->uuids,
745
sizeof(*record->uuid),
746
(void *) sdp_uuid_compare);
749
static void sdp_service_db_build(struct bt_l2cap_sdp_state_s *sdp,
750
struct sdp_def_service_s **service)
753
while (service[sdp->services])
756
qemu_mallocz(sdp->services * sizeof(*sdp->service_list));
760
sdp_service_record_build(&sdp->service_list[sdp->services],
761
*service, sdp->services);
767
#define LAST { .type = 0 }
768
#define SERVICE(name, attrs) \
769
static struct sdp_def_service_s glue(glue(sdp_service_, name), _s) = { \
770
.attributes = { attrs { .data = LAST } }, \
772
#define ATTRIBUTE(attrid, val) { .id = glue(SDP_ATTR_, attrid), .data = val },
773
#define UINT8(val) { \
774
.type = SDP_DTYPE_UINT | SDP_DSIZE_1, \
777
#define UINT16(val) { \
778
.type = SDP_DTYPE_UINT | SDP_DSIZE_2, \
781
#define UINT32(val) { \
782
.type = SDP_DTYPE_UINT | SDP_DSIZE_4, \
785
#define UUID128(val) { \
786
.type = SDP_DTYPE_UUID | SDP_DSIZE_16, \
790
.type = SDP_DTYPE_BOOL | SDP_DSIZE_1, \
793
#define SDP_FALSE { \
794
.type = SDP_DTYPE_BOOL | SDP_DSIZE_1, \
797
#define STRING(val) { \
798
.type = SDP_DTYPE_STRING, \
801
#define ARRAY(...) { \
802
.type = SDP_DTYPE_STRING | SDP_DSIZE_2, \
803
.value.str = (char []) { __VA_ARGS__, 0, 0 }, \
806
.type = SDP_DTYPE_URL, \
810
#define LIST(val) { \
811
.type = SDP_DTYPE_SEQ, \
812
.value.list = (struct sdp_def_data_element_s []) { val LAST }, \
816
/* Try to keep each single attribute below MAX_PDU_OUT_SIZE bytes
817
* in resulting SDP data representation size. */
820
ATTRIBUTE(RECORD_HANDLE, UINT32(0)) /* Filled in later */
821
ATTRIBUTE(SVCLASS_ID_LIST, LIST(UUID128(HID_SVCLASS_ID)))
822
ATTRIBUTE(RECORD_STATE, UINT32(1))
823
ATTRIBUTE(PROTO_DESC_LIST, LIST(
824
LIST(UUID128(L2CAP_UUID) UINT16(BT_PSM_HID_CTRL))
825
LIST(UUID128(HIDP_UUID))
827
ATTRIBUTE(BROWSE_GRP_LIST, LIST(UUID128(0x1002)))
828
ATTRIBUTE(LANG_BASE_ATTR_ID_LIST, LIST(
829
UINT16(0x656e) UINT16(0x006a) UINT16(0x0100)
831
ATTRIBUTE(PFILE_DESC_LIST, LIST(
832
LIST(UUID128(HID_PROFILE_ID) UINT16(0x0100))
834
ATTRIBUTE(DOC_URL, URL("http://bellard.org/qemu/user-doc.html"))
835
ATTRIBUTE(SVCNAME_PRIMARY, STRING("QEMU Bluetooth HID"))
836
ATTRIBUTE(SVCDESC_PRIMARY, STRING("QEMU Keyboard/Mouse"))
837
ATTRIBUTE(SVCPROV_PRIMARY, STRING("QEMU " QEMU_VERSION))
839
/* Profile specific */
840
ATTRIBUTE(DEVICE_RELEASE_NUMBER, UINT16(0x0091)) /* Deprecated, remove */
841
ATTRIBUTE(PARSER_VERSION, UINT16(0x0111))
842
/* TODO: extract from l2cap_device->device.class[0] */
843
ATTRIBUTE(DEVICE_SUBCLASS, UINT8(0x40))
844
ATTRIBUTE(COUNTRY_CODE, UINT8(0x15))
845
ATTRIBUTE(VIRTUAL_CABLE, SDP_TRUE)
846
ATTRIBUTE(RECONNECT_INITIATE, SDP_FALSE)
847
/* TODO: extract from hid->usbdev->report_desc */
848
ATTRIBUTE(DESCRIPTOR_LIST, LIST(
849
LIST(UINT8(0x22) ARRAY(
850
0x05, 0x01, /* Usage Page (Generic Desktop) */
851
0x09, 0x06, /* Usage (Keyboard) */
852
0xa1, 0x01, /* Collection (Application) */
853
0x75, 0x01, /* Report Size (1) */
854
0x95, 0x08, /* Report Count (8) */
855
0x05, 0x07, /* Usage Page (Key Codes) */
856
0x19, 0xe0, /* Usage Minimum (224) */
857
0x29, 0xe7, /* Usage Maximum (231) */
858
0x15, 0x00, /* Logical Minimum (0) */
859
0x25, 0x01, /* Logical Maximum (1) */
860
0x81, 0x02, /* Input (Data, Variable, Absolute) */
861
0x95, 0x01, /* Report Count (1) */
862
0x75, 0x08, /* Report Size (8) */
863
0x81, 0x01, /* Input (Constant) */
864
0x95, 0x05, /* Report Count (5) */
865
0x75, 0x01, /* Report Size (1) */
866
0x05, 0x08, /* Usage Page (LEDs) */
867
0x19, 0x01, /* Usage Minimum (1) */
868
0x29, 0x05, /* Usage Maximum (5) */
869
0x91, 0x02, /* Output (Data, Variable, Absolute) */
870
0x95, 0x01, /* Report Count (1) */
871
0x75, 0x03, /* Report Size (3) */
872
0x91, 0x01, /* Output (Constant) */
873
0x95, 0x06, /* Report Count (6) */
874
0x75, 0x08, /* Report Size (8) */
875
0x15, 0x00, /* Logical Minimum (0) */
876
0x25, 0xff, /* Logical Maximum (255) */
877
0x05, 0x07, /* Usage Page (Key Codes) */
878
0x19, 0x00, /* Usage Minimum (0) */
879
0x29, 0xff, /* Usage Maximum (255) */
880
0x81, 0x00, /* Input (Data, Array) */
881
0xc0 /* End Collection */
883
ATTRIBUTE(LANG_ID_BASE_LIST, LIST(
884
LIST(UINT16(0x0409) UINT16(0x0100))
886
ATTRIBUTE(SDP_DISABLE, SDP_FALSE)
887
ATTRIBUTE(BATTERY_POWER, SDP_TRUE)
888
ATTRIBUTE(REMOTE_WAKEUP, SDP_TRUE)
889
ATTRIBUTE(BOOT_DEVICE, SDP_TRUE) /* XXX: untested */
890
ATTRIBUTE(SUPERVISION_TIMEOUT, UINT16(0x0c80))
891
ATTRIBUTE(NORMALLY_CONNECTABLE, SDP_TRUE)
892
ATTRIBUTE(PROFILE_VERSION, UINT16(0x0100))
896
ATTRIBUTE(RECORD_HANDLE, UINT32(0)) /* Filled in later */
897
ATTRIBUTE(SVCLASS_ID_LIST, LIST(UUID128(SDP_SERVER_SVCLASS_ID)))
898
ATTRIBUTE(RECORD_STATE, UINT32(1))
899
ATTRIBUTE(PROTO_DESC_LIST, LIST(
900
LIST(UUID128(L2CAP_UUID) UINT16(BT_PSM_SDP))
901
LIST(UUID128(SDP_UUID))
903
ATTRIBUTE(BROWSE_GRP_LIST, LIST(UUID128(0x1002)))
904
ATTRIBUTE(LANG_BASE_ATTR_ID_LIST, LIST(
905
UINT16(0x656e) UINT16(0x006a) UINT16(0x0100)
907
ATTRIBUTE(PFILE_DESC_LIST, LIST(
908
LIST(UUID128(SDP_SERVER_PROFILE_ID) UINT16(0x0100))
910
ATTRIBUTE(DOC_URL, URL("http://bellard.org/qemu/user-doc.html"))
911
ATTRIBUTE(SVCPROV_PRIMARY, STRING("QEMU " QEMU_VERSION))
913
/* Profile specific */
914
ATTRIBUTE(VERSION_NUM_LIST, LIST(UINT16(0x0100)))
915
ATTRIBUTE(SVCDB_STATE , UINT32(1))
919
ATTRIBUTE(RECORD_HANDLE, UINT32(0)) /* Filled in later */
920
ATTRIBUTE(SVCLASS_ID_LIST, LIST(UUID128(PNP_INFO_SVCLASS_ID)))
921
ATTRIBUTE(RECORD_STATE, UINT32(1))
922
ATTRIBUTE(PROTO_DESC_LIST, LIST(
923
LIST(UUID128(L2CAP_UUID) UINT16(BT_PSM_SDP))
924
LIST(UUID128(SDP_UUID))
926
ATTRIBUTE(BROWSE_GRP_LIST, LIST(UUID128(0x1002)))
927
ATTRIBUTE(LANG_BASE_ATTR_ID_LIST, LIST(
928
UINT16(0x656e) UINT16(0x006a) UINT16(0x0100)
930
ATTRIBUTE(PFILE_DESC_LIST, LIST(
931
LIST(UUID128(PNP_INFO_PROFILE_ID) UINT16(0x0100))
933
ATTRIBUTE(DOC_URL, URL("http://bellard.org/qemu/user-doc.html"))
934
ATTRIBUTE(SVCPROV_PRIMARY, STRING("QEMU " QEMU_VERSION))
936
/* Profile specific */
937
ATTRIBUTE(SPECIFICATION_ID, UINT16(0x0100))
938
ATTRIBUTE(VERSION, UINT16(0x0100))
939
ATTRIBUTE(PRIMARY_RECORD, SDP_TRUE)
942
static int bt_l2cap_sdp_new_ch(struct bt_l2cap_device_s *dev,
943
struct bt_l2cap_conn_params_s *params)
945
struct bt_l2cap_sdp_state_s *sdp = qemu_mallocz(sizeof(*sdp));
946
struct sdp_def_service_s *services[] = {
953
sdp->channel = params;
954
sdp->channel->opaque = sdp;
955
sdp->channel->close = bt_l2cap_sdp_close_ch;
956
sdp->channel->sdu_in = bt_l2cap_sdp_sdu_in;
958
sdp_service_db_build(sdp, services);
963
void bt_l2cap_sdp_init(struct bt_l2cap_device_s *dev)
965
bt_l2cap_psm_register(dev, BT_PSM_SDP,
966
MAX_PDU_OUT_SIZE, bt_l2cap_sdp_new_ch);