Originally Published: Tuesday, 16 October 2001 Author: Devang Shah and Anurag Phadke
Published to: enhance_articles_hardware/Hardware News Page: 1/1 - [Std View]

The Commands Remain the Same: BlueTooth Technology and Linux

Linux.com is pleased to publish this well researched look at the emerging field of wireless networking, focusing on Bluetooth technology and Linux. Learn all about Bluetooth and even modifying the kernel (when needed) to support it.

Homing Pigeons: The world's oldest and once most reliable messengers transfer information via air, the same medium, so to speak, being used by today's new generation of wireless technologies like BlueTooth and 802.11b . Though Bluetooth currently does not guarantee the same long distance pigeon-travel-delivery success, for short 10m communications it's the best techie-pet currently waiting to be tamed. Named after Harald Blaatand, King of Denmark (940-981 AD) who was the son of Gorm the Old (also King of Denmark) and Thyra Danebod (daughter of Ethelred of England), Bluetooth culture certainly reminds us of the start of a new age

Take a quick glance at the back of your PC, you will see only piles of wires in a messy maze. Bluetooth allows you to get rid of this mess, and then it also takes care of the fun job of solving the "Find the right port and right cable" puzzle.

Bluetooth was first developed in the late 90's. Currently, bigwig's such as Ericsson, Nokia, IBM, Toshiba, Intel, 3Com, Motorola, Lucent Technologies and Microsoft all led by the core Promoter Group of Bluetooth: SIG (Special Interest Group) which boasts of more than 1400 officially registered members. There is a good deal of interest in keeping the Bluetooth protocols open and non propriety and Bluetooth can also mix with Linux, as we shall see in this article.

Bluetooth Architecture

The Bluetooth forum has maintained compatibility between the existing protocols and the ones defined today by the SIG. This allows the developers to concentrate efforts only on developing new technologies for Bluetooth and not sit and reinvent the wheel.

CORE: The system design is made from independent layers for easy understanding and description. The core Bluetooth specification are described in detail in, appropriately, the Core Bluetooth Specifications.

PROFILES: The design specifications also describe certain properties for certain common classes of applications that will allow Bluetooth to achieve uniformity across diverse manufacturers. These are described in profiles section of the Bluetooth Specification.

Both the core and profiles are available for download at the official Bluetooth website http://www.bluetooth.com.

How Bluetooth Works: Information Exchange

The wireless network of Bluetooth works by passing information via radio waves using the 2.4GHz Industrial Specific Medicine (ISM) band. As Bluetooth is designed to be used in many countries, where standard rules and regulations are set by the local governing bodies, the actual frequency range does deviate between 2.4 GHz and 2.4835 Ghz.

Bluetooth waves use a technique named GFSK (Gaussian Frequency Shift Keying) for modulation, having a modulation index between 0.28 and 0.35. Positive frequency deviation corresponds to binary 1, whereas negative frequency deviation corresponds to binary 0. Instead of a continuous data stream of packets for transferring information, Bluetooth prefers the frequency hopping technique (described later in this article). When more than one information signal is to be passed at a time, a channel spacing of 1Mhz, along with a guard band, is added at each band end to avoid interference between adjacent data channels.

Overview of the Protocol Stack

A Bluetooth stack comprises standard as well as non-standard Bluetooth protocols and application layers such as UDP (User Datagram Protocol) and OBEX (OBject EXchange protocol).

Bluetooth Core Protocols -> Baseband, LMP,HCI, L2CAP, SDP.
Cable Replacement Protocol -> RFCOMM.
Telephony Control Protocol -> TCS-Binary, AT Commands.
Adopted Protocols -> PPP,UDP, TCP/IP, OBEX, vCard, vCal, IrMC, WAE.
The basic protocol stack consists is shown in this figure:

Radio Layer, Baseband and Link Manager Protocol (LMP) for the basic three bottom layers integrated In the firmware/hardware of the bluetooth stack. Host Controller interface (HCI), present between LMP and L2CAP communicates with the Bluetooth hardware by the upper protocol named Logical Link Control and Adaptation Protocol (L2CAP). HCI also forms the basis of operations providing command interface to Baseband controller, Link Manager, access to Hardware status and Control registers. Above L2CAP other layers such as RFCOMM, PPP, TCP/IP, UDP, WAP, OBEX etc. reside.

Radio Layer:

This layer forms the crux of operations, operating in the unlicensed 2.4GHz range using a spread spectrum communication system. Use of the fast Frequency Hopping technique, along with short data packets, presence of un co-ordinated interfering networks does not deter the voice/data transfer rate. Usage of highly redundant error correcting schemes such as CRC and use of CVSD coding technique for Voice transmission, ensure that the packets reach their destination safely.

A physical Radio Frequency Link between Bluetooth units (forming a piconet) is established using Baseband and the Link control layer.

Two types of links as described below are handled by Baseband.

SCO (Synchronous Connection Oriented) -> is a symmetric point-to-point link between a master and a slave in a single piconet behaving as a circuit switched connection containing audio or audio and data. Since it primarily contains audio data, the received packets are never checked for loss of data during transmission and thereby never re-transmitted.

ACL (Asynchronous Connectionless) -> It is a point-to-multipoint link between master and slaves residing in a piconet containing data information. As loss of data is not tolerated in most operations, packets are re-transmitted to assure that they reach the final destination.

All packets can be encrypted. Error correction techniques such as FEC or CRC can be used to ensure reliability of data transmission.

Audio -> Audio can be sent between two Bluetooth devices by simply opening an audio link.

Data Transfer Between Two or More Bluetooth Enabled Devices

When two or more Bluetooth units communicate with one another it forms a point to point connection. In addition, if there are more than 2 units, then a piconet is formed which shares the hopping channel amongst themselves. Within every piconet there exists a master unit which controls access to the channel and the remaining are slave units. A maximum of 7 active slave units and 255 standby slave devices can reside in a piconet. Multiple piconets overlapping one another form a scatternet. The corresponding units from different piconets can interact with one another on TDM (Time Division Multiplexing Basis). However a unit can be a master to only one piconet and slave in remaining piconets.

The Master/Slave is just a designation given to an unit whose scope is limited only within a particular piconet. This implies a master in one piconet can be a slave in another and vice versa.

Every device can scan its vicinity area for the presence of another similar device. When a slave performs an inquiry scan sequence scanning out unknown devices or a master reaches out in search for private devices and networks, appropriate signals are sent and depending on the software controlling the hardware, relevant responses sent back. The response provides the requisite amount of information required to connect the devices.

Each channel is divided into 625 micro-seconds of time slot, meaning the time difference between two successive frequency hops is of 625 micro-seconds, that is, the time length between two consecutive data packets is 625 micro-seconds Each time slot bearing a specific cyclic number varying from 0 to ([2exp27] - 1).

The TDD (Time Division Duplex) scheme is used when a unit has different designations in different piconets -> the master using even and slave using odd numbered time slots for data transfer.

Link Manager Protocol (LMP) :

Basic functions performed by a LMP:

  1. Piconet management
  2. Link configuration
  3. Security functions

The device which get's initialized first becomes the master while the remaining seven become its slaves. Using SCO/ACL links the devices communicate with one another, the master sharing the channel with LinMangers present on each device, assisting it in it's job. Services such as authentication and encryption, control of power mode and duty cycles of the Bluetooth radio device, plus connection status of the unit in a piconet are offered by LMP.

Logical Link Control and Adaptation Protocol (L2CAP) :

An interface similar to the TCP/IP, this protocol resides in the data link layer which encaps the upper layer protocols over the baseband providing connection oriented and connectionless data services to the upper layer when no data is being sent via LMP. If L2CAP resides on the Bluetooth module, then the presence of a Host Controller is redundant and it's absence is not felt.

The basic functions of L2CAP can be categorized into:

More than one application can use the existing link to transfer data between two devices at the same time..
Segmentation and Reassembly
The job of reducing the packet sizes sent by applications to the appropriate size of baseband is performed here. Packets up to 64kb in length can be delivered though the baseband packets, though they can only accept a load of 2745 bits. Once the segmented packets have been received, they need to be reshuffled back into the proper order, which is handled by the re-assembly unit.
Quality of Service
L2CAP can be considered as acting like the HR department of the Bluetooth stack. To maintain cordial relations between various layers/units, demand for peak bandwidth, latency and delay variation are met as and when the resources are available.

L2CAP uses channels identified by CID's (Connection Identifiers) which are 16 bit numbers representing a logical end point of a connection for each application on a device. In addition, Protocol Multiplexing and Segmentation and Reassembly operations to provide Maximum Transfer Unit (MTU) throughput is present in L2CAP.

The Host Controller Interfaces
Almost all Bluetooth devices available in the market are in the form of addon cards such as PCI cards or USB devices. The data first makes use of hardware modules to use the lower layers- radio, baseband and LMP and then make their way to the US adapter or PCI card.

The presence of a driver on the PC to format the data accordingly becomes mandatory along, with a host controller interface (HCI) on the device to receive and accept data.

Application layer :
The L2CAP may be accessed directly by the applications or through certain support protocols like RFCOMM, TCS and SDP mentioned earlier. This is the layer where programmers often tinker around trying to figure out the heads and tails of what they are doing (no offense meant though ;) ). To provide compliance between the existing protocols and those defined in the Bluetooth stack, Bluetooth adopts protocols such as PPP, TCP/IP, JINI and WAP so intercompatibility between existing devices and newer technology can exist.

SDP (Service Discovery Protocols ) -> Using SDP device information, services online, connection between two or more units can be established.

RFCOMM -> Physical connection between two communicating devices is established using RS-232 control. The RFCOMM emulates this RS-232 process by sending equivalent signals over upper layer services such as OBEX. Up to 60 simultaneous connections between two Bluetooth devices can be established.

Understanding Frequency Hopping

Imagine data hopping around you in bits and pieces. That's precisely the way frequency hopping works. It takes the data signal and modulates it with a carrier signal that hops from frequency to frequency as a function of time over a wide band of frequencies.

It is the repeated switching of frequencies during radio transmission to minimize the effectiveness of "electronic warfare" - that is, the unauthorized interception or jamming of telecommunication technologies that helps make Bluetooth effective. Frequency hopping also is known as frequency- hopping code division multiple access (FH-CDMA).

How it Takes Place

Whenever a connection is first established between 2 (or more) units (in a piconet), the Master-unit establishes a frequency-hopping scheme, which is communicated to the other units. This frequency selection scheme consists of two parts:

The mapping from the input to a particular hop frequency is performed in the selection box.

Basically, the input is the native clock and the current address. In the CONNECTION state, the native clock is modified by an offset equal to the master clock. Only the 27 MSBs of the clock are used. In the page and inquiry substates, all 28 bits of the clock are used. However, in the PAGE substate the native clock will be modified to the master?s estimate of the paged unit.

In a general FH-CDMA system, a transmitter "hops" between available frequencies according to a specified algorithm, which can be either random or pre-planned. The transmitter operates in synchronization with a receiver, which remains tuned to the same center frequency as the transmitter. A short burst of data is transmitted on a narrowband. Then, the transmitter tunes to another frequency and transmits again. The receiver thus is capable of hopping its frequency over a given bandwidth several times a second, transmitting on one frequency for a certain period of time, then hopping to another frequency and transmitting again. Frequency hopping requires a much wider bandwidth than is needed to transmit the same information using only one carrier frequency.

The Reduction of Interference

The frequency hopping technique reduces interference because an interfering signal from a narrowband system will only affect the spread spectrum signal if both are transmitting at the same frequency at the same time. Thus, the total sum of frequencies will have a very low interference presence, resulting in little or no bit errors. A frequency hopping radio, for example, will hop the carrier frequency over the 2.4 GHz frequency band between 2.4 GHzs and 2.483 GHz.This is important because Bluetooth has been designed to operate in noisy radio frequency environments.

Common BlueTooth Usage Models

When Bluetooth developers decide to put the technology into every day life, they followed a simple procedure: find an idea and develop models and protocols to illustrate them. This way the researchers hope that when manufacturers start developing products they won't have to start from scratch but will have an existing model to work on and add functionality too.

File Transfer: This model allows file transfer between two Bluetooth enabled devices. Based on the GOEP (Generic Object Exchange Profile) protocols and procedures used by applications in handling object exchanges.

Internet Bridge: This model describes the use of AT commands and how to connect a mobile phone or a cordless modem to the internet via PC without the need of a DUN (Dial Up Networking) connection.

Lan Access: Based on the above model, the LAN Access usage model simply removes the AT commands and uses a LAN access point for a wireless connection to a LAN.

Synchronization: It allows various Bluetooth devices such as PDA's, Laptop's, Desktop PC's, Mobile Phone's to synchronize with one another using a common protocol and format.

Three in One Phone: The model explains how a simple phone can work as a cordless telephone being charged at a fixed pulse rate, how it can function as a walkie-talkie communicating with other similar phones and also act as a cell phone connected to the cellular network when moving around.

Ultimate Headset: This final fantasy device, though currently in the making, certainly adopts some of the existing features of Captain John Lu Picard's USS Enterprise Star Ship. This Bluetooth equipped device, probably a mobile phone, can act as a remote unit's audio input and output interface. It shall use AT commands to control the mobile phone and another stack to transfer speech for audio I/O.

BlueTooth and Linux

Bluetooth devices that use the correct chip as the host controller can operate with Windows and the friendly Penguin Operating Systems. Most of the window based devices use the USB or PCI slots and can be controlled by drivers that are shipped with them.

Configuring the units for Linux can be a painstaking task. Though the kernel version that ships with RedHat 7.1 has support for Bluetooth, we recommend you download the latest kernel and build it in accordance with your Bluetooth device.

Short History of Bluetooth and Linux

When wireless technologies first ushered in, their support was mainly limited to the products manufactured at Redmond's HeadQuarters. As developers realise the potential the penguin has inherited, they start looking out for other areas of interest. By the time Bluetooth came into existence, the SIG had made its point clear: do not restrict the development of Bluetooth technology to a proprietary operating system. Today, more than a dozen companies have ventured into the arena of "Bluetooth and Linux" with industry giants such as IBM leading the pack.


The first and foremost step each company concentrates on when developing Bluetooth based applications is, make a Bluetooth protocol stack for Linux. BlueZ has been developed by Quallcom and is now an Open Source project.

What is so different in BlueZ?

Bluetooth uses a set of well defined protocols. These protocols are standard for using any Bluetooth based device. Though some of the layers can be modified, the basic functions and commands remain the same.

Current version of BlueZ supports core Bluetooth protocols and layers. Offering flexibility by allowing RFCOMM to be integrated in the kernel (optional), mandatory presence of SDP in user-space, standard Unix socket interface and provision to use more than one Bluetooth device on a single machine. For those of us who cannot afford Bluetooth devices, we can realize our fantasies by using the HCI emulation daemon that comes with the package.

Web Site : http://bluez.sourceforge.net
Platforms: glibc based Linux distro with kernel 2.4.x

Axis Bluetooth Driver

Going on the same lines, another company named Axis is developing drivers for Bluetooth devices. Released under the Axis OpenBT Stack license and developed mainly for 2.0.33 kernel, the code can easily be used with higher versions of the kernel. Currently under development, the code allows interoperability only between the basic LAN profile, (PPP over RFCOMM) and simple Service Discovery Profile. Axis is concentrating on developing Bluetooth Access Point product which shall act as a hot spot for communicating between various devices and providing a link between wireless data networks and Bluetooth enabled devices.

Web Site: http://developer.axis.com/


IBM - Big Blue enters into competition
Continuing with the legacy of giving Bluetooth technology ancient names, Drekar or dragon-headed longships were stealthy troop-carriers used by Vikings during the medieval European affair era. The BlueDrekar package includes loadable modules - HCI to RFCOMM/SDP layers, man pages, open API and executable bdd daemon to provide SDP interface.

In addition, since BlueDrekar middleware can use any transport layer you can write your own Transport Drivers for Bluetooth and just insert the BlueDrekar on top of it to get going. This allows you to use UART (Universal Asynchronous Receiver Transmitter) as a reference transport driver to build drivers for USB based Bluetooth devices.

Web Site: http://www.alphaworks.ibm.com/aw.nsf/techmain/bluedrekar
Kernel Support : kernel 2.2.14 and 2.4.2

A Note on Understanding Bluetooth Security

Security is a prime area of concern for any field. No company wants their valuable data caught from the thin air by an eavesdropper. Security has been given extreme importance right from the start in designing the core of Bluetooth. Techniques such as frequency hopping add some natural built-in security. Take a few more steps, and you will have a well secured network, protected from wandering eye balls.

The Safer Transmission of Data

Bluetooth has built in encryption and authentication and is thus secure in any environment. In addition to this, a frequency-hopping scheme with 1600 hops/sec. is employed. This is far quicker than any other competing system. This, together with an automatic output power adaption, both by the transmitter and the receiver, to reduce the range exactly to requirement, makes the system extremely difficult to eavesdrop.

Information Integrity in Bluetooth

The communicated data may have to be encrypted or the access to the device may have to be restricted by providing an authentication point. Both these functions are provided by the Bluetooth baseband. The application may itself encrypt its data for added security.

These procedures use four values:

As the keys have to be secret, they cannot be obtained by inquiry. The security procedure require a secret PIN to be known to the user(or stored by her application) for accessing a particular device.

The main steps in the procedure are:

  1. The initialization key is generated by combining various quantities such as the PIN, its length, a random number and the device address (in HEX format). Integration of device address increases the number of key-combinations, and thereby reduces the probability for a fraudulent device to access the network.
  2. The authentication procedure is similar to the one carried out in SSL transactions and is known as a challenge response scheme. A random number is sent by a verifier unit. Another number is generated by the claimant device using the initialization key or a link key from a previous communication and the required device address. The number is again passed on to the receiver wherein it is counter checked. Only by passing this three-tier process does the data gets transferred securely.
  3. The claimant may also carry out a verification on the verifier using a similar procedure.
  4. Each Bluetooth unit has a unit key, installed in its non-volatile memory. The device now uses the initialization key to encrypt this unit key and send it to the other device which decrypts it using the initialization key exchanged earlier.
  5. The second device may add its own unit key to the unit key of the first device and generate a combination link key if both the devices are capable of handling this. Otherwise, the unit key of one of the devices is treated as the link key. The link key is communicated to the first device. The initialization key is discarded.
  6. An encryption key is now generated from the link key, a random number and another number obtained from a fixed procedure. Both the devices can generate this encryption key as all the required information is known to both devices. This key, with some modification as described later, is used to encrypt data payloads.
  7. The link key is remembered. If another link is to be established between the two devices at a later time, this link key can be used directly. This eliminates the need to send keys over the channel again. Thus, data can be transmitted securely with minimum user interaction.

Upgrading your Kernel for Bluetooth

Okay, so you have a Bluetooth device and the urge to use it on Linux but don't know how? Listed here are a few basic steps that will make the Linux kernel recognize your new device. Most Bluetooth devices require Kernel 2.0.2 and up, though the latest version is recommended. So in case you are stuck up with an older version of the kernel, download the latest from http://www.kernel.org . For those who love to keep their systems updated, you still need to configure your kernel to recognize the device. You can certainly skip the initial steps and jump directly to Step No: 2 where your will shall be taught to recognize the device. Commands listed here will install the kernel from scratch. Meaning, your old kernel settings will not be retained. If you wish to retain those settings, copy your old kernel config file and type "make oldconfig". In addition to retaining the old existing options, you will be given the option to use the new kernel features.

  1. Download the latest version from kernel.org and untar it to your default home/temp directory. It's not necessary to be root to untar files, but to update/install the kernel, it's mandatory to be root.

    tar zxvf linux-2.4.xx (xx is the version) /path/to/your/home/directory

  2. cd /path/to/your/home/directory
  3. make xconfig

  4. This command will allow you to configure your kernel graphically. Most of us are familiar with the "make menuconfig" command. Configuring via "X" tells us whether a particular module needs to be installed or not in an easy manner. To enable Bluetooth support from your kernel it's essential that you download and install the corresponding stack. Unless you do that, in text mode (menuconfig) there will be no Bluetooth option, whereas in graphical mode (xconfig) the option will persist but will be grayed out. This helps us understand exactly how a device needs to be configured. Again, kernel hackers may argue with this statement, stating they can make the Bluetooth support option ungrayed by tweaking around. Agreed, but this is not the right way to do it.

    If you need to know more about the HCI drivers and other software details required for your Bluetooth device, goto the following directory. /path/where/new/linux/exists/drivers/bluetooth

  5. make dep make bzImage make modules make install make modules_install
  6. cp /path/where/new/linux/exists/arch/i386/boot/bzImage /boot/vmlinuz-2.4.10

  7. pico /etc/lilo.conf Edit the vmlinuz section and replace last part of it with vmlinuz-2.4.10

  8. lilo -r This will write the new lilo to your disk

  9. reboot You need to reboot your system to get the newly installed kernel to rock your system...

  10. Just in case, you need to know the version of newly installed linux, or if everything has gone proper, type "uname -r" and you shall get your linux version.

Note: The commands listed here are general commands and have been tried out on RedHat 7.1. This is not a how-to for upgrading/installing the kernel. Steps are given so that the reader can get an overview of how to get Bluetooth and the Kernel work in tandem. For details, please read the corresponding how-to's and man pages.

Bluetooth Enabled Products Available In The Generic Market

Listed here are a few futuristic models that use Bluetooth technology. Their availability is currently limited to a few countries and their prices are bit steep. However, as the devices gain popularity and time advances, these units will become more available and affordable.

Anoto: A piece of paper, the Anoto pen and a web server, combine these and whatever you write on the patterned paper will be scanned by a digital eye. The system will make enough calculations to estimate the precise position of what you are scribbling out and transfer the information to your PDA or PC via the Bluetooth radio transreceiver.

Visit http://www.anoto.com for more information.

Ericsson R520
Model Name : Ericsson R520m

R520m is by far the most revolutionary mobile by Ericson. This 113 gm wonder has the unique distinction of being the last mobile both designed and manufactured by Erricson. It not only supports Bluetooth but also WAP and GPRS. It offers a decent data transfer rate of approx 100k through Bluetooth technology at a distance of 10 mtrs .

This hi-tech device offers more features than you will ever need and for just 249.99 pounds ;-) GO GET IT ! Medical Field

Though each technology changes our life in some way or the other, when the same device is used in the medical field to save/enhance human life, its significance has no bounds.

QRS Diagnostic, LLC and Advanced Medical Electronics Corporation are already developing Bluetooth enabled devices. Prototypes of the like of a Electrocardiograph, glucometer and weight scale are already under development.

Related Links

Though the authors of this article have taken utmost care to ensure that every thing related to Bluetooth is covered in a well structured manner, there may be instances where we may have skipped out some part or places where ambiguity prevails. For more information or in-depth knowledge about Bluetooth we recommend the following sites:


About the Authors
Devang Shah (CEO - Devolve Inc. a zero million dollar company) is an electronics engineering student, and takes keen interest in emerging technologies. His other areas of interest include Robot Building, Flash Designing, Mountaineering, Astronomy and watching movies. Currently in search of Miss. "Right" ....... He can be contacted at devang@computer.org

Anurag Phadke a.k.a. brainless is currently enjoying his 24/7 DSL connection on his new IBM Thinkpad i 1300 series. His other obsessions include playing Online Yahoo Games and whilst not online he loves to watch cartoons, Tom & Jerry being his favorite. He can be contacted at cbca@mantraonline.com