在 Linux 上直接控制 HCI 设备(绕过蓝牙驱动程序) [英] Direct Control of HCI Device (Bypass Bluetooth Drivers) on Linux

问题描述

我需要直接控制 HCI 设备而不受 Linux 驱动程序/内核的干扰.例如，当创建到外围设备的 LE 连接时，驱动程序会独立发送LE 连接更新"命令，我想避免这种情况.

I need to control an HCI device directly without the Linux drivers/kernel interfering. For example, when creating an LE connection to a peripheral, the driver is independently sending an "LE Connection Update" command which I would like to avoid.

我想到了两种方法来解决这个问题:

I though of two approaches to resolve this:

1. 配置蓝牙驱动程序以某种方式禁用对 HCI 设备的干扰(类似于 hciattach 上的 -r 标志)，然后使用常规 AF_BLUEOOTH 套接字控制 HCI 设备.
2. 禁用这个特定的 HCI 设备，但保留父字符设备并直接连接到它.

到目前为止，我还没有成功找到如何实施这些方法中的任何一种.

So far I did not succeed in finding a way of how to implement any of these approaches.

我还应该提到，我仍然需要一个不同的 HCI 设备才能被系统正常"使用，因此完全禁用蓝牙驱动程序不是一种选择.

I should also mention that I still need a different HCI device to be "normally" used by the system so disabling the bluetooth drivers completely is not an option.

推荐答案

我能够实现选项 #1.

I was able to achieve option #1.

深入研究蓝牙驱动程序的 Linux 内核代码，我发现了一个将 HCI 套接字与 hci_channel=1 绑定的选项.1 是 HCI_USER_CHANNEL 的枚举，这会导致驱动程序不向 HCI 设备添加自己的命令.

Digging in the Linux kernel code for bluetooth drivers, I found an option for binding an HCI socket with hci_channel=1. 1 is the enum for HCI_USER_CHANNEL which causes the driver not to add its own commands to the HCI device.

在 C 中实现这一点:

struct sockaddr_hci {
    sa_family_t     hci_family;
    unsigned short  hci_dev;
    unsigned short  hci_channel;
};

struct sockaddr_hci a;

memset(&a, 0, sizeof(a));
a.hci_family = AF_BLUETOOTH;
a.hci_dev = 0; //0 for hci0
a.hci_channel = 1; //1 for HCI_CHANNEL_USER

bind(sock, (struct sockaddr *) &a, sizeof(a));

要在 Python 中实现这一点:

Python 的 socket 模块不支持这个选项.在 Scapy 中实现了 Python 中缺少支持的解决方法:https://github.com/secdev/scapy/d2f2b0c7b46b607fcdf79860f8f866446bb625fb/scapy/layers/bluetooth.py#L808

Python's socket module does not support this option. A workaround for the missing support in Python was implemented in Scapy: https://github.com/secdev/scapy/blob/d2f2b0c7b46b607fcdf79860f8f866446bb625fb/scapy/layers/bluetooth.py#L808

C++ 示例:

Example for C++: https://github.com/sandeepmistry/node-bluetooth-hci-socket/blob/560a956c3e1421e31366115444ca9027d45b0e71/src/BluetoothHciSocket.cpp#L184

如果你对Linux内核的相关部分感兴趣:https://github.com/torvalds/linux/blob/86292b33d4b79ee03e2f43ea0381ef85f077c760/net/bluetooth/hci_sock.c#L1693

If you are interested in the relevant part of the Linux kernel: https://github.com/torvalds/linux/blob/86292b33d4b79ee03e2f43ea0381ef85f077c760/net/bluetooth/hci_sock.c#L1693

这篇关于在 Linux 上直接控制 HCI 设备(绕过蓝牙驱动程序)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！