search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Linux 3.12.28
[linux/fpc-iii.git] / net / bluetooth / l2cap_sock.c
bloba3a81d96314b33f53f02a8a9e6c8e4627c37e128
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
6 Copyright (C) 2011 ProFUSION Embedded Systems
7
8 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
9
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License version 2 as
12 published by the Free Software Foundation;
13
14 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
17 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
18 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
19 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
22
23 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
24 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
25 SOFTWARE IS DISCLAIMED.
26 */
27
28 /* Bluetooth L2CAP sockets. */
29
30 #include <linux/export.h>
31
32 #include <net/bluetooth/bluetooth.h>
33 #include <net/bluetooth/hci_core.h>
34 #include <net/bluetooth/l2cap.h>
35 #include <net/bluetooth/smp.h>
36
37 static struct bt_sock_list l2cap_sk_list = {
38 .lock = __RW_LOCK_UNLOCKED(l2cap_sk_list.lock)
39 };
40
41 static const struct proto_ops l2cap_sock_ops;
42 static void l2cap_sock_init(struct sock *sk, struct sock *parent);
43 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock,
44 int proto, gfp_t prio);
45
46 bool l2cap_is_socket(struct socket *sock)
47 {
48 return sock && sock->ops == &l2cap_sock_ops;
49 }
50 EXPORT_SYMBOL(l2cap_is_socket);
51
52 static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
53 {
54 struct sock *sk = sock->sk;
55 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
56 struct sockaddr_l2 la;
57 int len, err = 0;
58
59 BT_DBG("sk %p", sk);
60
61 if (!addr || addr->sa_family != AF_BLUETOOTH)
62 return -EINVAL;
63
64 memset(&la, 0, sizeof(la));
65 len = min_t(unsigned int, sizeof(la), alen);
66 memcpy(&la, addr, len);
67
68 if (la.l2_cid && la.l2_psm)
69 return -EINVAL;
70
71 lock_sock(sk);
72
73 if (sk->sk_state != BT_OPEN) {
74 err = -EBADFD;
75 goto done;
76 }
77
78 if (la.l2_psm) {
79 __u16 psm = __le16_to_cpu(la.l2_psm);
80
81 /* PSM must be odd and lsb of upper byte must be 0 */
82 if ((psm & 0x0101) != 0x0001) {
83 err = -EINVAL;
84 goto done;
85 }
86
87 /* Restrict usage of well-known PSMs */
88 if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) {
89 err = -EACCES;
90 goto done;
91 }
92 }
93
94 if (la.l2_cid)
95 err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));
96 else
97 err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
98
99 if (err < 0)
100 goto done;
101
102 if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_SDP ||
103 __le16_to_cpu(la.l2_psm) == L2CAP_PSM_RFCOMM)
104 chan->sec_level = BT_SECURITY_SDP;
105
106 bacpy(&bt_sk(sk)->src, &la.l2_bdaddr);
107
108 chan->state = BT_BOUND;
109 sk->sk_state = BT_BOUND;
110
111 done:
112 release_sock(sk);
113 return err;
114 }
115
116 static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr,
117 int alen, int flags)
118 {
119 struct sock *sk = sock->sk;
120 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
121 struct sockaddr_l2 la;
122 int len, err = 0;
123
124 BT_DBG("sk %p", sk);
125
126 if (!addr || alen < sizeof(addr->sa_family) ||
127 addr->sa_family != AF_BLUETOOTH)
128 return -EINVAL;
129
130 memset(&la, 0, sizeof(la));
131 len = min_t(unsigned int, sizeof(la), alen);
132 memcpy(&la, addr, len);
133
134 if (la.l2_cid && la.l2_psm)
135 return -EINVAL;
136
137 err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid),
138 &la.l2_bdaddr, la.l2_bdaddr_type);
139 if (err)
140 return err;
141
142 lock_sock(sk);
143
144 err = bt_sock_wait_state(sk, BT_CONNECTED,
145 sock_sndtimeo(sk, flags & O_NONBLOCK));
146
147 release_sock(sk);
148
149 return err;
150 }
151
152 static int l2cap_sock_listen(struct socket *sock, int backlog)
153 {
154 struct sock *sk = sock->sk;
155 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
156 int err = 0;
157
158 BT_DBG("sk %p backlog %d", sk, backlog);
159
160 lock_sock(sk);
161
162 if (sk->sk_state != BT_BOUND) {
163 err = -EBADFD;
164 goto done;
165 }
166
167 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM) {
168 err = -EINVAL;
169 goto done;
170 }
171
172 switch (chan->mode) {
173 case L2CAP_MODE_BASIC:
174 break;
175 case L2CAP_MODE_ERTM:
176 case L2CAP_MODE_STREAMING:
177 if (!disable_ertm)
178 break;
179 /* fall through */
180 default:
181 err = -ENOTSUPP;
182 goto done;
183 }
184
185 sk->sk_max_ack_backlog = backlog;
186 sk->sk_ack_backlog = 0;
187
188 chan->state = BT_LISTEN;
189 sk->sk_state = BT_LISTEN;
190
191 done:
192 release_sock(sk);
193 return err;
194 }
195
196 static int l2cap_sock_accept(struct socket *sock, struct socket *newsock,
197 int flags)
198 {
199 DECLARE_WAITQUEUE(wait, current);
200 struct sock *sk = sock->sk, *nsk;
201 long timeo;
202 int err = 0;
203
204 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
205
206 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
207
208 BT_DBG("sk %p timeo %ld", sk, timeo);
209
210 /* Wait for an incoming connection. (wake-one). */
211 add_wait_queue_exclusive(sk_sleep(sk), &wait);
212 while (1) {
213 set_current_state(TASK_INTERRUPTIBLE);
214
215 if (sk->sk_state != BT_LISTEN) {
216 err = -EBADFD;
217 break;
218 }
219
220 nsk = bt_accept_dequeue(sk, newsock);
221 if (nsk)
222 break;
223
224 if (!timeo) {
225 err = -EAGAIN;
226 break;
227 }
228
229 if (signal_pending(current)) {
230 err = sock_intr_errno(timeo);
231 break;
232 }
233
234 release_sock(sk);
235 timeo = schedule_timeout(timeo);
236 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
237 }
238 __set_current_state(TASK_RUNNING);
239 remove_wait_queue(sk_sleep(sk), &wait);
240
241 if (err)
242 goto done;
243
244 newsock->state = SS_CONNECTED;
245
246 BT_DBG("new socket %p", nsk);
247
248 done:
249 release_sock(sk);
250 return err;
251 }
252
253 static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr,
254 int *len, int peer)
255 {
256 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
257 struct sock *sk = sock->sk;
258 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
259
260 BT_DBG("sock %p, sk %p", sock, sk);
261
262 memset(la, 0, sizeof(struct sockaddr_l2));
263 addr->sa_family = AF_BLUETOOTH;
264 *len = sizeof(struct sockaddr_l2);
265
266 if (peer) {
267 la->l2_psm = chan->psm;
268 bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst);
269 la->l2_cid = cpu_to_le16(chan->dcid);
270 } else {
271 la->l2_psm = chan->sport;
272 bacpy(&la->l2_bdaddr, &bt_sk(sk)->src);
273 la->l2_cid = cpu_to_le16(chan->scid);
274 }
275
276 return 0;
277 }
278
279 static int l2cap_sock_getsockopt_old(struct socket *sock, int optname,
280 char __user *optval, int __user *optlen)
281 {
282 struct sock *sk = sock->sk;
283 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
284 struct l2cap_options opts;
285 struct l2cap_conninfo cinfo;
286 int len, err = 0;
287 u32 opt;
288
289 BT_DBG("sk %p", sk);
290
291 if (get_user(len, optlen))
292 return -EFAULT;
293
294 lock_sock(sk);
295
296 switch (optname) {
297 case L2CAP_OPTIONS:
298 memset(&opts, 0, sizeof(opts));
299 opts.imtu = chan->imtu;
300 opts.omtu = chan->omtu;
301 opts.flush_to = chan->flush_to;
302 opts.mode = chan->mode;
303 opts.fcs = chan->fcs;
304 opts.max_tx = chan->max_tx;
305 opts.txwin_size = chan->tx_win;
306
307 len = min_t(unsigned int, len, sizeof(opts));
308 if (copy_to_user(optval, (char *) &opts, len))
309 err = -EFAULT;
310
311 break;
312
313 case L2CAP_LM:
314 switch (chan->sec_level) {
315 case BT_SECURITY_LOW:
316 opt = L2CAP_LM_AUTH;
317 break;
318 case BT_SECURITY_MEDIUM:
319 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT;
320 break;
321 case BT_SECURITY_HIGH:
322 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
323 L2CAP_LM_SECURE;
324 break;
325 default:
326 opt = 0;
327 break;
328 }
329
330 if (test_bit(FLAG_ROLE_SWITCH, &chan->flags))
331 opt |= L2CAP_LM_MASTER;
332
333 if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags))
334 opt |= L2CAP_LM_RELIABLE;
335
336 if (put_user(opt, (u32 __user *) optval))
337 err = -EFAULT;
338 break;
339
340 case L2CAP_CONNINFO:
341 if (sk->sk_state != BT_CONNECTED &&
342 !(sk->sk_state == BT_CONNECT2 &&
343 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
344 err = -ENOTCONN;
345 break;
346 }
347
348 memset(&cinfo, 0, sizeof(cinfo));
349 cinfo.hci_handle = chan->conn->hcon->handle;
350 memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3);
351
352 len = min_t(unsigned int, len, sizeof(cinfo));
353 if (copy_to_user(optval, (char *) &cinfo, len))
354 err = -EFAULT;
355
356 break;
357
358 default:
359 err = -ENOPROTOOPT;
360 break;
361 }
362
363 release_sock(sk);
364 return err;
365 }
366
367 static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname,
368 char __user *optval, int __user *optlen)
369 {
370 struct sock *sk = sock->sk;
371 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
372 struct bt_security sec;
373 struct bt_power pwr;
374 int len, err = 0;
375
376 BT_DBG("sk %p", sk);
377
378 if (level == SOL_L2CAP)
379 return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
380
381 if (level != SOL_BLUETOOTH)
382 return -ENOPROTOOPT;
383
384 if (get_user(len, optlen))
385 return -EFAULT;
386
387 lock_sock(sk);
388
389 switch (optname) {
390 case BT_SECURITY:
391 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
392 chan->chan_type != L2CAP_CHAN_RAW) {
393 err = -EINVAL;
394 break;
395 }
396
397 memset(&sec, 0, sizeof(sec));
398 if (chan->conn) {
399 sec.level = chan->conn->hcon->sec_level;
400
401 if (sk->sk_state == BT_CONNECTED)
402 sec.key_size = chan->conn->hcon->enc_key_size;
403 } else {
404 sec.level = chan->sec_level;
405 }
406
407 len = min_t(unsigned int, len, sizeof(sec));
408 if (copy_to_user(optval, (char *) &sec, len))
409 err = -EFAULT;
410
411 break;
412
413 case BT_DEFER_SETUP:
414 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
415 err = -EINVAL;
416 break;
417 }
418
419 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
420 (u32 __user *) optval))
421 err = -EFAULT;
422
423 break;
424
425 case BT_FLUSHABLE:
426 if (put_user(test_bit(FLAG_FLUSHABLE, &chan->flags),
427 (u32 __user *) optval))
428 err = -EFAULT;
429
430 break;
431
432 case BT_POWER:
433 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
434 && sk->sk_type != SOCK_RAW) {
435 err = -EINVAL;
436 break;
437 }
438
439 pwr.force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags);
440
441 len = min_t(unsigned int, len, sizeof(pwr));
442 if (copy_to_user(optval, (char *) &pwr, len))
443 err = -EFAULT;
444
445 break;
446
447 case BT_CHANNEL_POLICY:
448 if (!enable_hs) {
449 err = -ENOPROTOOPT;
450 break;
451 }
452
453 if (put_user(chan->chan_policy, (u32 __user *) optval))
454 err = -EFAULT;
455 break;
456
457 default:
458 err = -ENOPROTOOPT;
459 break;
460 }
461
462 release_sock(sk);
463 return err;
464 }
465
466 static bool l2cap_valid_mtu(struct l2cap_chan *chan, u16 mtu)
467 {
468 switch (chan->scid) {
469 case L2CAP_CID_ATT:
470 if (mtu < L2CAP_LE_MIN_MTU)
471 return false;
472 break;
473
474 default:
475 if (mtu < L2CAP_DEFAULT_MIN_MTU)
476 return false;
477 }
478
479 return true;
480 }
481
482 static int l2cap_sock_setsockopt_old(struct socket *sock, int optname,
483 char __user *optval, unsigned int optlen)
484 {
485 struct sock *sk = sock->sk;
486 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
487 struct l2cap_options opts;
488 int len, err = 0;
489 u32 opt;
490
491 BT_DBG("sk %p", sk);
492
493 lock_sock(sk);
494
495 switch (optname) {
496 case L2CAP_OPTIONS:
497 if (sk->sk_state == BT_CONNECTED) {
498 err = -EINVAL;
499 break;
500 }
501
502 opts.imtu = chan->imtu;
503 opts.omtu = chan->omtu;
504 opts.flush_to = chan->flush_to;
505 opts.mode = chan->mode;
506 opts.fcs = chan->fcs;
507 opts.max_tx = chan->max_tx;
508 opts.txwin_size = chan->tx_win;
509
510 len = min_t(unsigned int, sizeof(opts), optlen);
511 if (copy_from_user((char *) &opts, optval, len)) {
512 err = -EFAULT;
513 break;
514 }
515
516 if (opts.txwin_size > L2CAP_DEFAULT_EXT_WINDOW) {
517 err = -EINVAL;
518 break;
519 }
520
521 if (!l2cap_valid_mtu(chan, opts.imtu)) {
522 err = -EINVAL;
523 break;
524 }
525
526 chan->mode = opts.mode;
527 switch (chan->mode) {
528 case L2CAP_MODE_BASIC:
529 clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);
530 break;
531 case L2CAP_MODE_ERTM:
532 case L2CAP_MODE_STREAMING:
533 if (!disable_ertm)
534 break;
535 /* fall through */
536 default:
537 err = -EINVAL;
538 break;
539 }
540
541 chan->imtu = opts.imtu;
542 chan->omtu = opts.omtu;
543 chan->fcs = opts.fcs;
544 chan->max_tx = opts.max_tx;
545 chan->tx_win = opts.txwin_size;
546 chan->flush_to = opts.flush_to;
547 break;
548
549 case L2CAP_LM:
550 if (get_user(opt, (u32 __user *) optval)) {
551 err = -EFAULT;
552 break;
553 }
554
555 if (opt & L2CAP_LM_AUTH)
556 chan->sec_level = BT_SECURITY_LOW;
557 if (opt & L2CAP_LM_ENCRYPT)
558 chan->sec_level = BT_SECURITY_MEDIUM;
559 if (opt & L2CAP_LM_SECURE)
560 chan->sec_level = BT_SECURITY_HIGH;
561
562 if (opt & L2CAP_LM_MASTER)
563 set_bit(FLAG_ROLE_SWITCH, &chan->flags);
564 else
565 clear_bit(FLAG_ROLE_SWITCH, &chan->flags);
566
567 if (opt & L2CAP_LM_RELIABLE)
568 set_bit(FLAG_FORCE_RELIABLE, &chan->flags);
569 else
570 clear_bit(FLAG_FORCE_RELIABLE, &chan->flags);
571 break;
572
573 default:
574 err = -ENOPROTOOPT;
575 break;
576 }
577
578 release_sock(sk);
579 return err;
580 }
581
582 static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname,
583 char __user *optval, unsigned int optlen)
584 {
585 struct sock *sk = sock->sk;
586 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
587 struct bt_security sec;
588 struct bt_power pwr;
589 struct l2cap_conn *conn;
590 int len, err = 0;
591 u32 opt;
592
593 BT_DBG("sk %p", sk);
594
595 if (level == SOL_L2CAP)
596 return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
597
598 if (level != SOL_BLUETOOTH)
599 return -ENOPROTOOPT;
600
601 lock_sock(sk);
602
603 switch (optname) {
604 case BT_SECURITY:
605 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
606 chan->chan_type != L2CAP_CHAN_RAW) {
607 err = -EINVAL;
608 break;
609 }
610
611 sec.level = BT_SECURITY_LOW;
612
613 len = min_t(unsigned int, sizeof(sec), optlen);
614 if (copy_from_user((char *) &sec, optval, len)) {
615 err = -EFAULT;
616 break;
617 }
618
619 if (sec.level < BT_SECURITY_LOW ||
620 sec.level > BT_SECURITY_HIGH) {
621 err = -EINVAL;
622 break;
623 }
624
625 chan->sec_level = sec.level;
626
627 if (!chan->conn)
628 break;
629
630 conn = chan->conn;
631
632 /*change security for LE channels */
633 if (chan->scid == L2CAP_CID_ATT) {
634 if (smp_conn_security(conn->hcon, sec.level))
635 break;
636 sk->sk_state = BT_CONFIG;
637 chan->state = BT_CONFIG;
638
639 /* or for ACL link */
640 } else if ((sk->sk_state == BT_CONNECT2 &&
641 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) ||
642 sk->sk_state == BT_CONNECTED) {
643 if (!l2cap_chan_check_security(chan))
644 set_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
645 else
646 sk->sk_state_change(sk);
647 } else {
648 err = -EINVAL;
649 }
650 break;
651
652 case BT_DEFER_SETUP:
653 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
654 err = -EINVAL;
655 break;
656 }
657
658 if (get_user(opt, (u32 __user *) optval)) {
659 err = -EFAULT;
660 break;
661 }
662
663 if (opt)
664 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
665 else
666 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
667 break;
668
669 case BT_FLUSHABLE:
670 if (get_user(opt, (u32 __user *) optval)) {
671 err = -EFAULT;
672 break;
673 }
674
675 if (opt > BT_FLUSHABLE_ON) {
676 err = -EINVAL;
677 break;
678 }
679
680 if (opt == BT_FLUSHABLE_OFF) {
681 struct l2cap_conn *conn = chan->conn;
682 /* proceed further only when we have l2cap_conn and
683 No Flush support in the LM */
684 if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) {
685 err = -EINVAL;
686 break;
687 }
688 }
689
690 if (opt)
691 set_bit(FLAG_FLUSHABLE, &chan->flags);
692 else
693 clear_bit(FLAG_FLUSHABLE, &chan->flags);
694 break;
695
696 case BT_POWER:
697 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
698 chan->chan_type != L2CAP_CHAN_RAW) {
699 err = -EINVAL;
700 break;
701 }
702
703 pwr.force_active = BT_POWER_FORCE_ACTIVE_ON;
704
705 len = min_t(unsigned int, sizeof(pwr), optlen);
706 if (copy_from_user((char *) &pwr, optval, len)) {
707 err = -EFAULT;
708 break;
709 }
710
711 if (pwr.force_active)
712 set_bit(FLAG_FORCE_ACTIVE, &chan->flags);
713 else
714 clear_bit(FLAG_FORCE_ACTIVE, &chan->flags);
715 break;
716
717 case BT_CHANNEL_POLICY:
718 if (!enable_hs) {
719 err = -ENOPROTOOPT;
720 break;
721 }
722
723 if (get_user(opt, (u32 __user *) optval)) {
724 err = -EFAULT;
725 break;
726 }
727
728 if (opt > BT_CHANNEL_POLICY_AMP_PREFERRED) {
729 err = -EINVAL;
730 break;
731 }
732
733 if (chan->mode != L2CAP_MODE_ERTM &&
734 chan->mode != L2CAP_MODE_STREAMING) {
735 err = -EOPNOTSUPP;
736 break;
737 }
738
739 chan->chan_policy = (u8) opt;
740
741 if (sk->sk_state == BT_CONNECTED &&
742 chan->move_role == L2CAP_MOVE_ROLE_NONE)
743 l2cap_move_start(chan);
744
745 break;
746
747 default:
748 err = -ENOPROTOOPT;
749 break;
750 }
751
752 release_sock(sk);
753 return err;
754 }
755
756 static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
757 struct msghdr *msg, size_t len)
758 {
759 struct sock *sk = sock->sk;
760 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
761 int err;
762
763 BT_DBG("sock %p, sk %p", sock, sk);
764
765 err = sock_error(sk);
766 if (err)
767 return err;
768
769 if (msg->msg_flags & MSG_OOB)
770 return -EOPNOTSUPP;
771
772 if (sk->sk_state != BT_CONNECTED)
773 return -ENOTCONN;
774
775 l2cap_chan_lock(chan);
776 err = l2cap_chan_send(chan, msg, len, sk->sk_priority);
777 l2cap_chan_unlock(chan);
778
779 return err;
780 }
781
782 static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
783 struct msghdr *msg, size_t len, int flags)
784 {
785 struct sock *sk = sock->sk;
786 struct l2cap_pinfo *pi = l2cap_pi(sk);
787 int err;
788
789 lock_sock(sk);
790
791 if (sk->sk_state == BT_CONNECT2 && test_bit(BT_SK_DEFER_SETUP,
792 &bt_sk(sk)->flags)) {
793 sk->sk_state = BT_CONFIG;
794 pi->chan->state = BT_CONFIG;
795
796 __l2cap_connect_rsp_defer(pi->chan);
797 release_sock(sk);
798 return 0;
799 }
800
801 release_sock(sk);
802
803 if (sock->type == SOCK_STREAM)
804 err = bt_sock_stream_recvmsg(iocb, sock, msg, len, flags);
805 else
806 err = bt_sock_recvmsg(iocb, sock, msg, len, flags);
807
808 if (pi->chan->mode != L2CAP_MODE_ERTM)
809 return err;
810
811 /* Attempt to put pending rx data in the socket buffer */
812
813 lock_sock(sk);
814
815 if (!test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state))
816 goto done;
817
818 if (pi->rx_busy_skb) {
819 if (!sock_queue_rcv_skb(sk, pi->rx_busy_skb))
820 pi->rx_busy_skb = NULL;
821 else
822 goto done;
823 }
824
825 /* Restore data flow when half of the receive buffer is
826 * available. This avoids resending large numbers of
827 * frames.
828 */
829 if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1)
830 l2cap_chan_busy(pi->chan, 0);
831
832 done:
833 release_sock(sk);
834 return err;
835 }
836
837 /* Kill socket (only if zapped and orphan)
838 * Must be called on unlocked socket.
839 */
840 static void l2cap_sock_kill(struct sock *sk)
841 {
842 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
843 return;
844
845 BT_DBG("sk %p state %s", sk, state_to_string(sk->sk_state));
846
847 /* Kill poor orphan */
848
849 l2cap_chan_put(l2cap_pi(sk)->chan);
850 sock_set_flag(sk, SOCK_DEAD);
851 sock_put(sk);
852 }
853
854 static int l2cap_sock_shutdown(struct socket *sock, int how)
855 {
856 struct sock *sk = sock->sk;
857 struct l2cap_chan *chan;
858 struct l2cap_conn *conn;
859 int err = 0;
860
861 BT_DBG("sock %p, sk %p", sock, sk);
862
863 if (!sk)
864 return 0;
865
866 chan = l2cap_pi(sk)->chan;
867 conn = chan->conn;
868
869 if (conn)
870 mutex_lock(&conn->chan_lock);
871
872 l2cap_chan_lock(chan);
873 lock_sock(sk);
874
875 if (!sk->sk_shutdown) {
876 if (chan->mode == L2CAP_MODE_ERTM)
877 err = __l2cap_wait_ack(sk);
878
879 sk->sk_shutdown = SHUTDOWN_MASK;
880
881 release_sock(sk);
882 l2cap_chan_close(chan, 0);
883 lock_sock(sk);
884
885 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
886 err = bt_sock_wait_state(sk, BT_CLOSED,
887 sk->sk_lingertime);
888 }
889
890 if (!err && sk->sk_err)
891 err = -sk->sk_err;
892
893 release_sock(sk);
894 l2cap_chan_unlock(chan);
895
896 if (conn)
897 mutex_unlock(&conn->chan_lock);
898
899 return err;
900 }
901
902 static int l2cap_sock_release(struct socket *sock)
903 {
904 struct sock *sk = sock->sk;
905 int err;
906
907 BT_DBG("sock %p, sk %p", sock, sk);
908
909 if (!sk)
910 return 0;
911
912 bt_sock_unlink(&l2cap_sk_list, sk);
913
914 err = l2cap_sock_shutdown(sock, 2);
915
916 sock_orphan(sk);
917 l2cap_sock_kill(sk);
918 return err;
919 }
920
921 static void l2cap_sock_cleanup_listen(struct sock *parent)
922 {
923 struct sock *sk;
924
925 BT_DBG("parent %p", parent);
926
927 /* Close not yet accepted channels */
928 while ((sk = bt_accept_dequeue(parent, NULL))) {
929 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
930
931 l2cap_chan_lock(chan);
932 __clear_chan_timer(chan);
933 l2cap_chan_close(chan, ECONNRESET);
934 l2cap_chan_unlock(chan);
935
936 l2cap_sock_kill(sk);
937 }
938 }
939
940 static struct l2cap_chan *l2cap_sock_new_connection_cb(struct l2cap_chan *chan)
941 {
942 struct sock *sk, *parent = chan->data;
943
944 /* Check for backlog size */
945 if (sk_acceptq_is_full(parent)) {
946 BT_DBG("backlog full %d", parent->sk_ack_backlog);
947 release_sock(parent);
948 return NULL;
949 }
950
951 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP,
952 GFP_ATOMIC);
953 if (!sk) {
954 release_sock(parent);
955 return NULL;
956 }
957
958 bt_sock_reclassify_lock(sk, BTPROTO_L2CAP);
959
960 l2cap_sock_init(sk, parent);
961
962 bt_accept_enqueue(parent, sk);
963
964 return l2cap_pi(sk)->chan;
965 }
966
967 static int l2cap_sock_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
968 {
969 int err;
970 struct sock *sk = chan->data;
971 struct l2cap_pinfo *pi = l2cap_pi(sk);
972
973 lock_sock(sk);
974
975 if (pi->rx_busy_skb) {
976 err = -ENOMEM;
977 goto done;
978 }
979
980 err = sock_queue_rcv_skb(sk, skb);
981
982 /* For ERTM, handle one skb that doesn't fit into the recv
983 * buffer. This is important to do because the data frames
984 * have already been acked, so the skb cannot be discarded.
985 *
986 * Notify the l2cap core that the buffer is full, so the
987 * LOCAL_BUSY state is entered and no more frames are
988 * acked and reassembled until there is buffer space
989 * available.
990 */
991 if (err < 0 && pi->chan->mode == L2CAP_MODE_ERTM) {
992 pi->rx_busy_skb = skb;
993 l2cap_chan_busy(pi->chan, 1);
994 err = 0;
995 }
996
997 done:
998 release_sock(sk);
999
1000 return err;
1001 }
1002
1003 static void l2cap_sock_close_cb(struct l2cap_chan *chan)
1004 {
1005 struct sock *sk = chan->data;
1006
1007 l2cap_sock_kill(sk);
1008 }
1009
1010 static void l2cap_sock_teardown_cb(struct l2cap_chan *chan, int err)
1011 {
1012 struct sock *sk = chan->data;
1013 struct sock *parent;
1014
1015 lock_sock(sk);
1016
1017 parent = bt_sk(sk)->parent;
1018
1019 sock_set_flag(sk, SOCK_ZAPPED);
1020
1021 switch (chan->state) {
1022 case BT_OPEN:
1023 case BT_BOUND:
1024 case BT_CLOSED:
1025 break;
1026 case BT_LISTEN:
1027 l2cap_sock_cleanup_listen(sk);
1028 sk->sk_state = BT_CLOSED;
1029 chan->state = BT_CLOSED;
1030
1031 break;
1032 default:
1033 sk->sk_state = BT_CLOSED;
1034 chan->state = BT_CLOSED;
1035
1036 sk->sk_err = err;
1037
1038 if (parent) {
1039 bt_accept_unlink(sk);
1040 parent->sk_data_ready(parent, 0);
1041 } else {
1042 sk->sk_state_change(sk);
1043 }
1044
1045 break;
1046 }
1047
1048 release_sock(sk);
1049 }
1050
1051 static void l2cap_sock_state_change_cb(struct l2cap_chan *chan, int state)
1052 {
1053 struct sock *sk = chan->data;
1054
1055 sk->sk_state = state;
1056 }
1057
1058 static struct sk_buff *l2cap_sock_alloc_skb_cb(struct l2cap_chan *chan,
1059 unsigned long len, int nb)
1060 {
1061 struct sk_buff *skb;
1062 int err;
1063
1064 l2cap_chan_unlock(chan);
1065 skb = bt_skb_send_alloc(chan->sk, len, nb, &err);
1066 l2cap_chan_lock(chan);
1067
1068 if (!skb)
1069 return ERR_PTR(err);
1070
1071 return skb;
1072 }
1073
1074 static void l2cap_sock_ready_cb(struct l2cap_chan *chan)
1075 {
1076 struct sock *sk = chan->data;
1077 struct sock *parent;
1078
1079 lock_sock(sk);
1080
1081 parent = bt_sk(sk)->parent;
1082
1083 BT_DBG("sk %p, parent %p", sk, parent);
1084
1085 sk->sk_state = BT_CONNECTED;
1086 sk->sk_state_change(sk);
1087
1088 if (parent)
1089 parent->sk_data_ready(parent, 0);
1090
1091 release_sock(sk);
1092 }
1093
1094 static void l2cap_sock_defer_cb(struct l2cap_chan *chan)
1095 {
1096 struct sock *sk = chan->data;
1097 struct sock *parent = bt_sk(sk)->parent;
1098
1099 if (parent)
1100 parent->sk_data_ready(parent, 0);
1101 }
1102
1103 static struct l2cap_ops l2cap_chan_ops = {
1104 .name = "L2CAP Socket Interface",
1105 .new_connection = l2cap_sock_new_connection_cb,
1106 .recv = l2cap_sock_recv_cb,
1107 .close = l2cap_sock_close_cb,
1108 .teardown = l2cap_sock_teardown_cb,
1109 .state_change = l2cap_sock_state_change_cb,
1110 .ready = l2cap_sock_ready_cb,
1111 .defer = l2cap_sock_defer_cb,
1112 .alloc_skb = l2cap_sock_alloc_skb_cb,
1113 };
1114
1115 static void l2cap_sock_destruct(struct sock *sk)
1116 {
1117 BT_DBG("sk %p", sk);
1118
1119 if (l2cap_pi(sk)->chan)
1120 l2cap_chan_put(l2cap_pi(sk)->chan);
1121 if (l2cap_pi(sk)->rx_busy_skb) {
1122 kfree_skb(l2cap_pi(sk)->rx_busy_skb);
1123 l2cap_pi(sk)->rx_busy_skb = NULL;
1124 }
1125
1126 skb_queue_purge(&sk->sk_receive_queue);
1127 skb_queue_purge(&sk->sk_write_queue);
1128 }
1129
1130 static void l2cap_sock_init(struct sock *sk, struct sock *parent)
1131 {
1132 struct l2cap_pinfo *pi = l2cap_pi(sk);
1133 struct l2cap_chan *chan = pi->chan;
1134
1135 BT_DBG("sk %p", sk);
1136
1137 if (parent) {
1138 struct l2cap_chan *pchan = l2cap_pi(parent)->chan;
1139
1140 sk->sk_type = parent->sk_type;
1141 bt_sk(sk)->flags = bt_sk(parent)->flags;
1142
1143 chan->chan_type = pchan->chan_type;
1144 chan->imtu = pchan->imtu;
1145 chan->omtu = pchan->omtu;
1146 chan->conf_state = pchan->conf_state;
1147 chan->mode = pchan->mode;
1148 chan->fcs = pchan->fcs;
1149 chan->max_tx = pchan->max_tx;
1150 chan->tx_win = pchan->tx_win;
1151 chan->tx_win_max = pchan->tx_win_max;
1152 chan->sec_level = pchan->sec_level;
1153 chan->flags = pchan->flags;
1154
1155 security_sk_clone(parent, sk);
1156 } else {
1157
1158 switch (sk->sk_type) {
1159 case SOCK_RAW:
1160 chan->chan_type = L2CAP_CHAN_RAW;
1161 break;
1162 case SOCK_DGRAM:
1163 chan->chan_type = L2CAP_CHAN_CONN_LESS;
1164 break;
1165 case SOCK_SEQPACKET:
1166 case SOCK_STREAM:
1167 chan->chan_type = L2CAP_CHAN_CONN_ORIENTED;
1168 break;
1169 }
1170
1171 chan->imtu = L2CAP_DEFAULT_MTU;
1172 chan->omtu = 0;
1173 if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
1174 chan->mode = L2CAP_MODE_ERTM;
1175 set_bit(CONF_STATE2_DEVICE, &chan->conf_state);
1176 } else {
1177 chan->mode = L2CAP_MODE_BASIC;
1178 }
1179
1180 l2cap_chan_set_defaults(chan);
1181 }
1182
1183 /* Default config options */
1184 chan->flush_to = L2CAP_DEFAULT_FLUSH_TO;
1185
1186 chan->data = sk;
1187 chan->ops = &l2cap_chan_ops;
1188 }
1189
1190 static struct proto l2cap_proto = {
1191 .name = "L2CAP",
1192 .owner = THIS_MODULE,
1193 .obj_size = sizeof(struct l2cap_pinfo)
1194 };
1195
1196 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock,
1197 int proto, gfp_t prio)
1198 {
1199 struct sock *sk;
1200 struct l2cap_chan *chan;
1201
1202 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
1203 if (!sk)
1204 return NULL;
1205
1206 sock_init_data(sock, sk);
1207 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
1208
1209 sk->sk_destruct = l2cap_sock_destruct;
1210 sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;
1211
1212 sock_reset_flag(sk, SOCK_ZAPPED);
1213
1214 sk->sk_protocol = proto;
1215 sk->sk_state = BT_OPEN;
1216
1217 chan = l2cap_chan_create();
1218 if (!chan) {
1219 sk_free(sk);
1220 return NULL;
1221 }
1222
1223 l2cap_chan_hold(chan);
1224
1225 chan->sk = sk;
1226
1227 l2cap_pi(sk)->chan = chan;
1228
1229 return sk;
1230 }
1231
1232 static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
1233 int kern)
1234 {
1235 struct sock *sk;
1236
1237 BT_DBG("sock %p", sock);
1238
1239 sock->state = SS_UNCONNECTED;
1240
1241 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
1242 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
1243 return -ESOCKTNOSUPPORT;
1244
1245 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
1246 return -EPERM;
1247
1248 sock->ops = &l2cap_sock_ops;
1249
1250 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
1251 if (!sk)
1252 return -ENOMEM;
1253
1254 l2cap_sock_init(sk, NULL);
1255 bt_sock_link(&l2cap_sk_list, sk);
1256 return 0;
1257 }
1258
1259 static const struct proto_ops l2cap_sock_ops = {
1260 .family = PF_BLUETOOTH,
1261 .owner = THIS_MODULE,
1262 .release = l2cap_sock_release,
1263 .bind = l2cap_sock_bind,
1264 .connect = l2cap_sock_connect,
1265 .listen = l2cap_sock_listen,
1266 .accept = l2cap_sock_accept,
1267 .getname = l2cap_sock_getname,
1268 .sendmsg = l2cap_sock_sendmsg,
1269 .recvmsg = l2cap_sock_recvmsg,
1270 .poll = bt_sock_poll,
1271 .ioctl = bt_sock_ioctl,
1272 .mmap = sock_no_mmap,
1273 .socketpair = sock_no_socketpair,
1274 .shutdown = l2cap_sock_shutdown,
1275 .setsockopt = l2cap_sock_setsockopt,
1276 .getsockopt = l2cap_sock_getsockopt
1277 };
1278
1279 static const struct net_proto_family l2cap_sock_family_ops = {
1280 .family = PF_BLUETOOTH,
1281 .owner = THIS_MODULE,
1282 .create = l2cap_sock_create,
1283 };
1284
1285 int __init l2cap_init_sockets(void)
1286 {
1287 int err;
1288
1289 err = proto_register(&l2cap_proto, 0);
1290 if (err < 0)
1291 return err;
1292
1293 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
1294 if (err < 0) {
1295 BT_ERR("L2CAP socket registration failed");
1296 goto error;
1297 }
1298
1299 err = bt_procfs_init(&init_net, "l2cap", &l2cap_sk_list,
1300 NULL);
1301 if (err < 0) {
1302 BT_ERR("Failed to create L2CAP proc file");
1303 bt_sock_unregister(BTPROTO_L2CAP);
1304 goto error;
1305 }
1306
1307 BT_INFO("L2CAP socket layer initialized");
1308
1309 return 0;
1310
1311 error:
1312 proto_unregister(&l2cap_proto);
1313 return err;
1314 }
1315
1316 void l2cap_cleanup_sockets(void)
1317 {
1318 bt_procfs_cleanup(&init_net, "l2cap");
1319 bt_sock_unregister(BTPROTO_L2CAP);
1320 proto_unregister(&l2cap_proto);
1321 }
Linux with added FPC-III support