# Copyright 2024 syzkaller project authors. All rights reserved. # Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file. include include include include include include include include resource sock_bt[sock] resource sock_bt_hci[sock_bt] resource sock_bt_sco[sock_bt] resource sock_bt_rfcomm[sock_bt] resource sock_bt_l2cap[sock_bt] socket$bt_hci(domain const[PF_BLUETOOTH], type const[SOCK_RAW], protocol const[BLUETOOTH_PROTO_HCI]) sock_bt_hci bind$bt_hci(s sock_bt_hci, addr ptr[in, sockaddr_hci], addrlen len[addr]) ioctl$sock_bt_hci(fd sock_bt_hci, cmd flags[bt_hci_ioctl], arg buffer[inout]) setsockopt$bt_hci_HCI_FILTER(s sock_bt_hci, level const[SOL_HCI_RAW], optname const[SO_HCI_RAW_FILTER], optval ptr[in, ng_btsocket_hci_raw_filter], optlen len[optval]) setsockopt$bt_hci_HCI_DIRECTION(s sock_bt_hci, level const[SOL_HCI_RAW], optname const[SO_HCI_RAW_DIRECTION], optval ptr[in, int32], optlen len[optval]) getsockopt$bt_hci(s sock_bt_hci, level const[SOL_HCI_RAW], optname flags[bt_hci_sockopt], optval buffer[out], optlen ptr[inout, len[optval, int32]]) write$bt_hci(fd sock_bt_hci, buf buffer[in], nbytes bytesize[buf]) socket$bt_sco(domain const[PF_BLUETOOTH], type const[SOCK_SEQPACKET], protocol const[BLUETOOTH_PROTO_SCO]) sock_bt_sco bind$bt_sco_sockaddr_sco(s sock_bt_sco, addr ptr[in, sockaddr_sco], addrlen len[addr]) connect$bt_sco_sockaddr_sco(s sock_bt_sco, name ptr[in, sockaddr_sco], namelen len[name]) getsockopt$bt_sco_SOL_SCO(s sock_bt_sco, level const[SOL_SCO], optname flags[bt_sol_sockopt], optval buffer[out], optlen ptr[inout, len[optval, int32]]) socket$bt_l2cap(domain const[PF_BLUETOOTH], type flags[bt_l2cap_type], protocol const[BLUETOOTH_PROTO_L2CAP]) sock_bt_l2cap bind$bt_l2cap(fd sock_bt_l2cap, addr ptr[in, sockaddr_l2], addrlen len[addr]) connect$bt_l2cap(fd sock_bt_l2cap, addr ptr[in, sockaddr_l2], addrlen len[addr]) setsockopt$bt_l2cap(fd sock_bt_l2cap, level const[SOL_L2CAP], optname flags[bt_l2cap_sockopt], optval ptr[in, int32], optlen len[optval]) getsockopt$bt_l2cap(s sock_bt_l2cap, level const[SOL_L2CAP], optname flags[bt_l2cap_sockopt], optval buffer[out], optlen ptr[inout, len[optval, int32]]) socket$bt_rfcomm(domain const[PF_BLUETOOTH], type const[SOCK_STREAM], protocol const[BLUETOOTH_PROTO_RFCOMM]) sock_bt_rfcomm bind$bt_rfcomm(fd sock_bt_rfcomm, addr ptr[in, sockaddr_rfcomm], addrlen len[addr]) connect$bt_rfcomm(fd sock_bt_rfcomm, addr ptr[in, sockaddr_rfcomm], addrlen len[addr]) setsockopt$bt_rfcomm(fd sock_bt_rfcomm, level const[SOL_RFCOMM], optname flags[bt_rfcomm_sockopt], optval ptr[in, int32], optlen len[optval]) getsockopt$bt_rfcomm(s sock_bt_rfcomm, level const[SOL_RFCOMM], optname flags[bt_rfcomm_sockopt], optval buffer[out], optlen ptr[inout, len[optval, int32]]) ng_btsocket_hci_raw_filter { packet_mask int64[32] event_mask int64[64] } sockaddr_hci { hci_len int8 hci_family int8 hci_node int8[32] } sockaddr_sco { sco_len int8 sco_family int8 sco_bdaddr int8[6] } sockaddr_l2 { l2cap_len int8 l2cap_familty int8 l2cap_psm int16 l2cap_bdaddr int8[6] l2cap_cid int16 l2cap_bdaddr_type int8 } sockaddr_rfcomm { rfcomm_len int8 rfcomm_family int8 rfcomm_bdaddr int8[6] rfcomm_channel int8 } bt_hci_ioctl = SIOC_HCI_RAW_NODE_GET_STATE, SIOC_HCI_RAW_NODE_INIT, SIOC_HCI_RAW_NODE_GET_DEBUG, SIOC_HCI_RAW_NODE_SET_DEBUG, SIOC_HCI_RAW_NODE_GET_BUFFER, SIOC_HCI_RAW_NODE_GET_BDADDR, SIOC_HCI_RAW_NODE_GET_FEATURES, SIOC_HCI_RAW_NODE_GET_STAT, SIOC_HCI_RAW_NODE_RESET_STAT, SIOC_HCI_RAW_NODE_FLUSH_NEIGHBOR_CACHE, SIOC_HCI_RAW_NODE_GET_NEIGHBOR_CACHE, SIOC_HCI_RAW_NODE_GET_CON_LIST, SIOC_HCI_RAW_NODE_GET_LINK_POLICY_MASK, SIOC_HCI_RAW_NODE_SET_LINK_POLICY_MASK, SIOC_HCI_RAW_NODE_GET_PACKET_MASK, SIOC_HCI_RAW_NODE_SET_PACKET_MASK, SIOC_HCI_RAW_NODE_GET_ROLE_SWITCH, SIOC_HCI_RAW_NODE_SET_ROLE_SWITCH bt_hci_sockopt = SO_HCI_RAW_FILTER, SO_HCI_RAW_DIRECTION bt_sol_sockopt = SO_SCO_MTU, SO_SCO_CONNINFO bt_l2cap_sockopt = SO_L2CAP_IMTU, SO_L2CAP_OMTU, SO_L2CAP_IFLOW, SO_L2CAP_OFLOW, SO_L2CAP_FLUSH, SO_L2CAP_ENCRYPTED bt_l2cap_type = SOCK_SEQPACKET, SOCK_RAW bt_rfcomm_sockopt = SO_RFCOMM_MTU, SO_RFCOMM_FC_INFO