search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Linux 3.6-rc6
[linux/fpc-iii.git] / net / bluetooth / l2cap_sock.c
blob34bbe1c5e389500f080e15b30c194e95ea36f189
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
6 Copyright (C) 2011 ProFUSION Embedded Systems
7
8 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
9
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License version 2 as
12 published by the Free Software Foundation;
13
14 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
17 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
18 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
19 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
22
23 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
24 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
25 SOFTWARE IS DISCLAIMED.
26 */
27
28 /* Bluetooth L2CAP sockets. */
29
30 #include <linux/export.h>
31
32 #include <net/bluetooth/bluetooth.h>
33 #include <net/bluetooth/hci_core.h>
34 #include <net/bluetooth/l2cap.h>
35 #include <net/bluetooth/smp.h>
36
37 static const struct proto_ops l2cap_sock_ops;
38 static void l2cap_sock_init(struct sock *sk, struct sock *parent);
39 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio);
40
41 static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
42 {
43 struct sock *sk = sock->sk;
44 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
45 struct sockaddr_l2 la;
46 int len, err = 0;
47
48 BT_DBG("sk %p", sk);
49
50 if (!addr || addr->sa_family != AF_BLUETOOTH)
51 return -EINVAL;
52
53 memset(&la, 0, sizeof(la));
54 len = min_t(unsigned int, sizeof(la), alen);
55 memcpy(&la, addr, len);
56
57 if (la.l2_cid && la.l2_psm)
58 return -EINVAL;
59
60 lock_sock(sk);
61
62 if (sk->sk_state != BT_OPEN) {
63 err = -EBADFD;
64 goto done;
65 }
66
67 if (la.l2_psm) {
68 __u16 psm = __le16_to_cpu(la.l2_psm);
69
70 /* PSM must be odd and lsb of upper byte must be 0 */
71 if ((psm & 0x0101) != 0x0001) {
72 err = -EINVAL;
73 goto done;
74 }
75
76 /* Restrict usage of well-known PSMs */
77 if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) {
78 err = -EACCES;
79 goto done;
80 }
81 }
82
83 if (la.l2_cid)
84 err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));
85 else
86 err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
87
88 if (err < 0)
89 goto done;
90
91 if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_SDP ||
92 __le16_to_cpu(la.l2_psm) == L2CAP_PSM_RFCOMM)
93 chan->sec_level = BT_SECURITY_SDP;
94
95 bacpy(&bt_sk(sk)->src, &la.l2_bdaddr);
96
97 chan->state = BT_BOUND;
98 sk->sk_state = BT_BOUND;
99
100 done:
101 release_sock(sk);
102 return err;
103 }
104
105 static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
106 {
107 struct sock *sk = sock->sk;
108 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
109 struct sockaddr_l2 la;
110 int len, err = 0;
111
112 BT_DBG("sk %p", sk);
113
114 if (!addr || alen < sizeof(addr->sa_family) ||
115 addr->sa_family != AF_BLUETOOTH)
116 return -EINVAL;
117
118 memset(&la, 0, sizeof(la));
119 len = min_t(unsigned int, sizeof(la), alen);
120 memcpy(&la, addr, len);
121
122 if (la.l2_cid && la.l2_psm)
123 return -EINVAL;
124
125 err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid),
126 &la.l2_bdaddr, la.l2_bdaddr_type);
127 if (err)
128 return err;
129
130 lock_sock(sk);
131
132 err = bt_sock_wait_state(sk, BT_CONNECTED,
133 sock_sndtimeo(sk, flags & O_NONBLOCK));
134
135 release_sock(sk);
136
137 return err;
138 }
139
140 static int l2cap_sock_listen(struct socket *sock, int backlog)
141 {
142 struct sock *sk = sock->sk;
143 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
144 int err = 0;
145
146 BT_DBG("sk %p backlog %d", sk, backlog);
147
148 lock_sock(sk);
149
150 if (sk->sk_state != BT_BOUND) {
151 err = -EBADFD;
152 goto done;
153 }
154
155 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM) {
156 err = -EINVAL;
157 goto done;
158 }
159
160 switch (chan->mode) {
161 case L2CAP_MODE_BASIC:
162 break;
163 case L2CAP_MODE_ERTM:
164 case L2CAP_MODE_STREAMING:
165 if (!disable_ertm)
166 break;
167 /* fall through */
168 default:
169 err = -ENOTSUPP;
170 goto done;
171 }
172
173 sk->sk_max_ack_backlog = backlog;
174 sk->sk_ack_backlog = 0;
175
176 chan->state = BT_LISTEN;
177 sk->sk_state = BT_LISTEN;
178
179 done:
180 release_sock(sk);
181 return err;
182 }
183
184 static int l2cap_sock_accept(struct socket *sock, struct socket *newsock, int flags)
185 {
186 DECLARE_WAITQUEUE(wait, current);
187 struct sock *sk = sock->sk, *nsk;
188 long timeo;
189 int err = 0;
190
191 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
192
193 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
194
195 BT_DBG("sk %p timeo %ld", sk, timeo);
196
197 /* Wait for an incoming connection. (wake-one). */
198 add_wait_queue_exclusive(sk_sleep(sk), &wait);
199 while (1) {
200 set_current_state(TASK_INTERRUPTIBLE);
201
202 if (sk->sk_state != BT_LISTEN) {
203 err = -EBADFD;
204 break;
205 }
206
207 nsk = bt_accept_dequeue(sk, newsock);
208 if (nsk)
209 break;
210
211 if (!timeo) {
212 err = -EAGAIN;
213 break;
214 }
215
216 if (signal_pending(current)) {
217 err = sock_intr_errno(timeo);
218 break;
219 }
220
221 release_sock(sk);
222 timeo = schedule_timeout(timeo);
223 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
224 }
225 __set_current_state(TASK_RUNNING);
226 remove_wait_queue(sk_sleep(sk), &wait);
227
228 if (err)
229 goto done;
230
231 newsock->state = SS_CONNECTED;
232
233 BT_DBG("new socket %p", nsk);
234
235 done:
236 release_sock(sk);
237 return err;
238 }
239
240 static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
241 {
242 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
243 struct sock *sk = sock->sk;
244 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
245
246 BT_DBG("sock %p, sk %p", sock, sk);
247
248 memset(la, 0, sizeof(struct sockaddr_l2));
249 addr->sa_family = AF_BLUETOOTH;
250 *len = sizeof(struct sockaddr_l2);
251
252 if (peer) {
253 la->l2_psm = chan->psm;
254 bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst);
255 la->l2_cid = cpu_to_le16(chan->dcid);
256 } else {
257 la->l2_psm = chan->sport;
258 bacpy(&la->l2_bdaddr, &bt_sk(sk)->src);
259 la->l2_cid = cpu_to_le16(chan->scid);
260 }
261
262 return 0;
263 }
264
265 static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
266 {
267 struct sock *sk = sock->sk;
268 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
269 struct l2cap_options opts;
270 struct l2cap_conninfo cinfo;
271 int len, err = 0;
272 u32 opt;
273
274 BT_DBG("sk %p", sk);
275
276 if (get_user(len, optlen))
277 return -EFAULT;
278
279 lock_sock(sk);
280
281 switch (optname) {
282 case L2CAP_OPTIONS:
283 memset(&opts, 0, sizeof(opts));
284 opts.imtu = chan->imtu;
285 opts.omtu = chan->omtu;
286 opts.flush_to = chan->flush_to;
287 opts.mode = chan->mode;
288 opts.fcs = chan->fcs;
289 opts.max_tx = chan->max_tx;
290 opts.txwin_size = chan->tx_win;
291
292 len = min_t(unsigned int, len, sizeof(opts));
293 if (copy_to_user(optval, (char *) &opts, len))
294 err = -EFAULT;
295
296 break;
297
298 case L2CAP_LM:
299 switch (chan->sec_level) {
300 case BT_SECURITY_LOW:
301 opt = L2CAP_LM_AUTH;
302 break;
303 case BT_SECURITY_MEDIUM:
304 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT;
305 break;
306 case BT_SECURITY_HIGH:
307 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
308 L2CAP_LM_SECURE;
309 break;
310 default:
311 opt = 0;
312 break;
313 }
314
315 if (test_bit(FLAG_ROLE_SWITCH, &chan->flags))
316 opt |= L2CAP_LM_MASTER;
317
318 if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags))
319 opt |= L2CAP_LM_RELIABLE;
320
321 if (put_user(opt, (u32 __user *) optval))
322 err = -EFAULT;
323 break;
324
325 case L2CAP_CONNINFO:
326 if (sk->sk_state != BT_CONNECTED &&
327 !(sk->sk_state == BT_CONNECT2 &&
328 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
329 err = -ENOTCONN;
330 break;
331 }
332
333 memset(&cinfo, 0, sizeof(cinfo));
334 cinfo.hci_handle = chan->conn->hcon->handle;
335 memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3);
336
337 len = min_t(unsigned int, len, sizeof(cinfo));
338 if (copy_to_user(optval, (char *) &cinfo, len))
339 err = -EFAULT;
340
341 break;
342
343 default:
344 err = -ENOPROTOOPT;
345 break;
346 }
347
348 release_sock(sk);
349 return err;
350 }
351
352 static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
353 {
354 struct sock *sk = sock->sk;
355 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
356 struct bt_security sec;
357 struct bt_power pwr;
358 int len, err = 0;
359
360 BT_DBG("sk %p", sk);
361
362 if (level == SOL_L2CAP)
363 return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
364
365 if (level != SOL_BLUETOOTH)
366 return -ENOPROTOOPT;
367
368 if (get_user(len, optlen))
369 return -EFAULT;
370
371 lock_sock(sk);
372
373 switch (optname) {
374 case BT_SECURITY:
375 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
376 chan->chan_type != L2CAP_CHAN_RAW) {
377 err = -EINVAL;
378 break;
379 }
380
381 memset(&sec, 0, sizeof(sec));
382 if (chan->conn)
383 sec.level = chan->conn->hcon->sec_level;
384 else
385 sec.level = chan->sec_level;
386
387 if (sk->sk_state == BT_CONNECTED)
388 sec.key_size = chan->conn->hcon->enc_key_size;
389
390 len = min_t(unsigned int, len, sizeof(sec));
391 if (copy_to_user(optval, (char *) &sec, len))
392 err = -EFAULT;
393
394 break;
395
396 case BT_DEFER_SETUP:
397 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
398 err = -EINVAL;
399 break;
400 }
401
402 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
403 (u32 __user *) optval))
404 err = -EFAULT;
405
406 break;
407
408 case BT_FLUSHABLE:
409 if (put_user(test_bit(FLAG_FLUSHABLE, &chan->flags),
410 (u32 __user *) optval))
411 err = -EFAULT;
412
413 break;
414
415 case BT_POWER:
416 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
417 && sk->sk_type != SOCK_RAW) {
418 err = -EINVAL;
419 break;
420 }
421
422 pwr.force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags);
423
424 len = min_t(unsigned int, len, sizeof(pwr));
425 if (copy_to_user(optval, (char *) &pwr, len))
426 err = -EFAULT;
427
428 break;
429
430 case BT_CHANNEL_POLICY:
431 if (!enable_hs) {
432 err = -ENOPROTOOPT;
433 break;
434 }
435
436 if (put_user(chan->chan_policy, (u32 __user *) optval))
437 err = -EFAULT;
438 break;
439
440 default:
441 err = -ENOPROTOOPT;
442 break;
443 }
444
445 release_sock(sk);
446 return err;
447 }
448
449 static bool l2cap_valid_mtu(struct l2cap_chan *chan, u16 mtu)
450 {
451 switch (chan->scid) {
452 case L2CAP_CID_LE_DATA:
453 if (mtu < L2CAP_LE_MIN_MTU)
454 return false;
455 break;
456
457 default:
458 if (mtu < L2CAP_DEFAULT_MIN_MTU)
459 return false;
460 }
461
462 return true;
463 }
464
465 static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __user *optval, unsigned int optlen)
466 {
467 struct sock *sk = sock->sk;
468 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
469 struct l2cap_options opts;
470 int len, err = 0;
471 u32 opt;
472
473 BT_DBG("sk %p", sk);
474
475 lock_sock(sk);
476
477 switch (optname) {
478 case L2CAP_OPTIONS:
479 if (sk->sk_state == BT_CONNECTED) {
480 err = -EINVAL;
481 break;
482 }
483
484 opts.imtu = chan->imtu;
485 opts.omtu = chan->omtu;
486 opts.flush_to = chan->flush_to;
487 opts.mode = chan->mode;
488 opts.fcs = chan->fcs;
489 opts.max_tx = chan->max_tx;
490 opts.txwin_size = chan->tx_win;
491
492 len = min_t(unsigned int, sizeof(opts), optlen);
493 if (copy_from_user((char *) &opts, optval, len)) {
494 err = -EFAULT;
495 break;
496 }
497
498 if (opts.txwin_size > L2CAP_DEFAULT_EXT_WINDOW) {
499 err = -EINVAL;
500 break;
501 }
502
503 if (!l2cap_valid_mtu(chan, opts.imtu)) {
504 err = -EINVAL;
505 break;
506 }
507
508 chan->mode = opts.mode;
509 switch (chan->mode) {
510 case L2CAP_MODE_BASIC:
511 clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);
512 break;
513 case L2CAP_MODE_ERTM:
514 case L2CAP_MODE_STREAMING:
515 if (!disable_ertm)
516 break;
517 /* fall through */
518 default:
519 err = -EINVAL;
520 break;
521 }
522
523 chan->imtu = opts.imtu;
524 chan->omtu = opts.omtu;
525 chan->fcs = opts.fcs;
526 chan->max_tx = opts.max_tx;
527 chan->tx_win = opts.txwin_size;
528 break;
529
530 case L2CAP_LM:
531 if (get_user(opt, (u32 __user *) optval)) {
532 err = -EFAULT;
533 break;
534 }
535
536 if (opt & L2CAP_LM_AUTH)
537 chan->sec_level = BT_SECURITY_LOW;
538 if (opt & L2CAP_LM_ENCRYPT)
539 chan->sec_level = BT_SECURITY_MEDIUM;
540 if (opt & L2CAP_LM_SECURE)
541 chan->sec_level = BT_SECURITY_HIGH;
542
543 if (opt & L2CAP_LM_MASTER)
544 set_bit(FLAG_ROLE_SWITCH, &chan->flags);
545 else
546 clear_bit(FLAG_ROLE_SWITCH, &chan->flags);
547
548 if (opt & L2CAP_LM_RELIABLE)
549 set_bit(FLAG_FORCE_RELIABLE, &chan->flags);
550 else
551 clear_bit(FLAG_FORCE_RELIABLE, &chan->flags);
552 break;
553
554 default:
555 err = -ENOPROTOOPT;
556 break;
557 }
558
559 release_sock(sk);
560 return err;
561 }
562
563 static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
564 {
565 struct sock *sk = sock->sk;
566 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
567 struct bt_security sec;
568 struct bt_power pwr;
569 struct l2cap_conn *conn;
570 int len, err = 0;
571 u32 opt;
572
573 BT_DBG("sk %p", sk);
574
575 if (level == SOL_L2CAP)
576 return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
577
578 if (level != SOL_BLUETOOTH)
579 return -ENOPROTOOPT;
580
581 lock_sock(sk);
582
583 switch (optname) {
584 case BT_SECURITY:
585 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
586 chan->chan_type != L2CAP_CHAN_RAW) {
587 err = -EINVAL;
588 break;
589 }
590
591 sec.level = BT_SECURITY_LOW;
592
593 len = min_t(unsigned int, sizeof(sec), optlen);
594 if (copy_from_user((char *) &sec, optval, len)) {
595 err = -EFAULT;
596 break;
597 }
598
599 if (sec.level < BT_SECURITY_LOW ||
600 sec.level > BT_SECURITY_HIGH) {
601 err = -EINVAL;
602 break;
603 }
604
605 chan->sec_level = sec.level;
606
607 if (!chan->conn)
608 break;
609
610 conn = chan->conn;
611
612 /*change security for LE channels */
613 if (chan->scid == L2CAP_CID_LE_DATA) {
614 if (!conn->hcon->out) {
615 err = -EINVAL;
616 break;
617 }
618
619 if (smp_conn_security(conn->hcon, sec.level))
620 break;
621 sk->sk_state = BT_CONFIG;
622 chan->state = BT_CONFIG;
623
624 /* or for ACL link */
625 } else if ((sk->sk_state == BT_CONNECT2 &&
626 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) ||
627 sk->sk_state == BT_CONNECTED) {
628 if (!l2cap_chan_check_security(chan))
629 set_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
630 else
631 sk->sk_state_change(sk);
632 } else {
633 err = -EINVAL;
634 }
635 break;
636
637 case BT_DEFER_SETUP:
638 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
639 err = -EINVAL;
640 break;
641 }
642
643 if (get_user(opt, (u32 __user *) optval)) {
644 err = -EFAULT;
645 break;
646 }
647
648 if (opt)
649 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
650 else
651 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
652 break;
653
654 case BT_FLUSHABLE:
655 if (get_user(opt, (u32 __user *) optval)) {
656 err = -EFAULT;
657 break;
658 }
659
660 if (opt > BT_FLUSHABLE_ON) {
661 err = -EINVAL;
662 break;
663 }
664
665 if (opt == BT_FLUSHABLE_OFF) {
666 struct l2cap_conn *conn = chan->conn;
667 /* proceed further only when we have l2cap_conn and
668 No Flush support in the LM */
669 if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) {
670 err = -EINVAL;
671 break;
672 }
673 }
674
675 if (opt)
676 set_bit(FLAG_FLUSHABLE, &chan->flags);
677 else
678 clear_bit(FLAG_FLUSHABLE, &chan->flags);
679 break;
680
681 case BT_POWER:
682 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
683 chan->chan_type != L2CAP_CHAN_RAW) {
684 err = -EINVAL;
685 break;
686 }
687
688 pwr.force_active = BT_POWER_FORCE_ACTIVE_ON;
689
690 len = min_t(unsigned int, sizeof(pwr), optlen);
691 if (copy_from_user((char *) &pwr, optval, len)) {
692 err = -EFAULT;
693 break;
694 }
695
696 if (pwr.force_active)
697 set_bit(FLAG_FORCE_ACTIVE, &chan->flags);
698 else
699 clear_bit(FLAG_FORCE_ACTIVE, &chan->flags);
700 break;
701
702 case BT_CHANNEL_POLICY:
703 if (!enable_hs) {
704 err = -ENOPROTOOPT;
705 break;
706 }
707
708 if (get_user(opt, (u32 __user *) optval)) {
709 err = -EFAULT;
710 break;
711 }
712
713 if (opt > BT_CHANNEL_POLICY_AMP_PREFERRED) {
714 err = -EINVAL;
715 break;
716 }
717
718 if (chan->mode != L2CAP_MODE_ERTM &&
719 chan->mode != L2CAP_MODE_STREAMING) {
720 err = -EOPNOTSUPP;
721 break;
722 }
723
724 chan->chan_policy = (u8) opt;
725 break;
726
727 default:
728 err = -ENOPROTOOPT;
729 break;
730 }
731
732 release_sock(sk);
733 return err;
734 }
735
736 static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len)
737 {
738 struct sock *sk = sock->sk;
739 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
740 int err;
741
742 BT_DBG("sock %p, sk %p", sock, sk);
743
744 err = sock_error(sk);
745 if (err)
746 return err;
747
748 if (msg->msg_flags & MSG_OOB)
749 return -EOPNOTSUPP;
750
751 if (sk->sk_state != BT_CONNECTED)
752 return -ENOTCONN;
753
754 l2cap_chan_lock(chan);
755 err = l2cap_chan_send(chan, msg, len, sk->sk_priority);
756 l2cap_chan_unlock(chan);
757
758 return err;
759 }
760
761 static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len, int flags)
762 {
763 struct sock *sk = sock->sk;
764 struct l2cap_pinfo *pi = l2cap_pi(sk);
765 int err;
766
767 lock_sock(sk);
768
769 if (sk->sk_state == BT_CONNECT2 && test_bit(BT_SK_DEFER_SETUP,
770 &bt_sk(sk)->flags)) {
771 sk->sk_state = BT_CONFIG;
772 pi->chan->state = BT_CONFIG;
773
774 __l2cap_connect_rsp_defer(pi->chan);
775 release_sock(sk);
776 return 0;
777 }
778
779 release_sock(sk);
780
781 if (sock->type == SOCK_STREAM)
782 err = bt_sock_stream_recvmsg(iocb, sock, msg, len, flags);
783 else
784 err = bt_sock_recvmsg(iocb, sock, msg, len, flags);
785
786 if (pi->chan->mode != L2CAP_MODE_ERTM)
787 return err;
788
789 /* Attempt to put pending rx data in the socket buffer */
790
791 lock_sock(sk);
792
793 if (!test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state))
794 goto done;
795
796 if (pi->rx_busy_skb) {
797 if (!sock_queue_rcv_skb(sk, pi->rx_busy_skb))
798 pi->rx_busy_skb = NULL;
799 else
800 goto done;
801 }
802
803 /* Restore data flow when half of the receive buffer is
804 * available. This avoids resending large numbers of
805 * frames.
806 */
807 if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1)
808 l2cap_chan_busy(pi->chan, 0);
809
810 done:
811 release_sock(sk);
812 return err;
813 }
814
815 /* Kill socket (only if zapped and orphan)
816 * Must be called on unlocked socket.
817 */
818 static void l2cap_sock_kill(struct sock *sk)
819 {
820 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
821 return;
822
823 BT_DBG("sk %p state %s", sk, state_to_string(sk->sk_state));
824
825 /* Kill poor orphan */
826
827 l2cap_chan_destroy(l2cap_pi(sk)->chan);
828 sock_set_flag(sk, SOCK_DEAD);
829 sock_put(sk);
830 }
831
832 static int l2cap_sock_shutdown(struct socket *sock, int how)
833 {
834 struct sock *sk = sock->sk;
835 struct l2cap_chan *chan;
836 struct l2cap_conn *conn;
837 int err = 0;
838
839 BT_DBG("sock %p, sk %p", sock, sk);
840
841 if (!sk)
842 return 0;
843
844 chan = l2cap_pi(sk)->chan;
845 conn = chan->conn;
846
847 if (conn)
848 mutex_lock(&conn->chan_lock);
849
850 l2cap_chan_lock(chan);
851 lock_sock(sk);
852
853 if (!sk->sk_shutdown) {
854 if (chan->mode == L2CAP_MODE_ERTM)
855 err = __l2cap_wait_ack(sk);
856
857 sk->sk_shutdown = SHUTDOWN_MASK;
858
859 release_sock(sk);
860 l2cap_chan_close(chan, 0);
861 lock_sock(sk);
862
863 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
864 err = bt_sock_wait_state(sk, BT_CLOSED,
865 sk->sk_lingertime);
866 }
867
868 if (!err && sk->sk_err)
869 err = -sk->sk_err;
870
871 release_sock(sk);
872 l2cap_chan_unlock(chan);
873
874 if (conn)
875 mutex_unlock(&conn->chan_lock);
876
877 return err;
878 }
879
880 static int l2cap_sock_release(struct socket *sock)
881 {
882 struct sock *sk = sock->sk;
883 int err;
884
885 BT_DBG("sock %p, sk %p", sock, sk);
886
887 if (!sk)
888 return 0;
889
890 err = l2cap_sock_shutdown(sock, 2);
891
892 sock_orphan(sk);
893 l2cap_sock_kill(sk);
894 return err;
895 }
896
897 static void l2cap_sock_cleanup_listen(struct sock *parent)
898 {
899 struct sock *sk;
900
901 BT_DBG("parent %p", parent);
902
903 /* Close not yet accepted channels */
904 while ((sk = bt_accept_dequeue(parent, NULL))) {
905 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
906
907 l2cap_chan_lock(chan);
908 __clear_chan_timer(chan);
909 l2cap_chan_close(chan, ECONNRESET);
910 l2cap_chan_unlock(chan);
911
912 l2cap_sock_kill(sk);
913 }
914 }
915
916 static struct l2cap_chan *l2cap_sock_new_connection_cb(struct l2cap_chan *chan)
917 {
918 struct sock *sk, *parent = chan->data;
919
920 /* Check for backlog size */
921 if (sk_acceptq_is_full(parent)) {
922 BT_DBG("backlog full %d", parent->sk_ack_backlog);
923 return NULL;
924 }
925
926 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP,
927 GFP_ATOMIC);
928 if (!sk)
929 return NULL;
930
931 bt_sock_reclassify_lock(sk, BTPROTO_L2CAP);
932
933 l2cap_sock_init(sk, parent);
934
935 return l2cap_pi(sk)->chan;
936 }
937
938 static int l2cap_sock_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
939 {
940 int err;
941 struct sock *sk = chan->data;
942 struct l2cap_pinfo *pi = l2cap_pi(sk);
943
944 lock_sock(sk);
945
946 if (pi->rx_busy_skb) {
947 err = -ENOMEM;
948 goto done;
949 }
950
951 err = sock_queue_rcv_skb(sk, skb);
952
953 /* For ERTM, handle one skb that doesn't fit into the recv
954 * buffer. This is important to do because the data frames
955 * have already been acked, so the skb cannot be discarded.
956 *
957 * Notify the l2cap core that the buffer is full, so the
958 * LOCAL_BUSY state is entered and no more frames are
959 * acked and reassembled until there is buffer space
960 * available.
961 */
962 if (err < 0 && pi->chan->mode == L2CAP_MODE_ERTM) {
963 pi->rx_busy_skb = skb;
964 l2cap_chan_busy(pi->chan, 1);
965 err = 0;
966 }
967
968 done:
969 release_sock(sk);
970
971 return err;
972 }
973
974 static void l2cap_sock_close_cb(struct l2cap_chan *chan)
975 {
976 struct sock *sk = chan->data;
977
978 l2cap_sock_kill(sk);
979 }
980
981 static void l2cap_sock_teardown_cb(struct l2cap_chan *chan, int err)
982 {
983 struct sock *sk = chan->data;
984 struct sock *parent;
985
986 lock_sock(sk);
987
988 parent = bt_sk(sk)->parent;
989
990 sock_set_flag(sk, SOCK_ZAPPED);
991
992 switch (chan->state) {
993 case BT_OPEN:
994 case BT_BOUND:
995 case BT_CLOSED:
996 break;
997 case BT_LISTEN:
998 l2cap_sock_cleanup_listen(sk);
999 sk->sk_state = BT_CLOSED;
1000 chan->state = BT_CLOSED;
1001
1002 break;
1003 default:
1004 sk->sk_state = BT_CLOSED;
1005 chan->state = BT_CLOSED;
1006
1007 sk->sk_err = err;
1008
1009 if (parent) {
1010 bt_accept_unlink(sk);
1011 parent->sk_data_ready(parent, 0);
1012 } else {
1013 sk->sk_state_change(sk);
1014 }
1015
1016 break;
1017 }
1018
1019 release_sock(sk);
1020 }
1021
1022 static void l2cap_sock_state_change_cb(struct l2cap_chan *chan, int state)
1023 {
1024 struct sock *sk = chan->data;
1025
1026 sk->sk_state = state;
1027 }
1028
1029 static struct sk_buff *l2cap_sock_alloc_skb_cb(struct l2cap_chan *chan,
1030 unsigned long len, int nb)
1031 {
1032 struct sk_buff *skb;
1033 int err;
1034
1035 l2cap_chan_unlock(chan);
1036 skb = bt_skb_send_alloc(chan->sk, len, nb, &err);
1037 l2cap_chan_lock(chan);
1038
1039 if (!skb)
1040 return ERR_PTR(err);
1041
1042 return skb;
1043 }
1044
1045 static void l2cap_sock_ready_cb(struct l2cap_chan *chan)
1046 {
1047 struct sock *sk = chan->data;
1048 struct sock *parent;
1049
1050 lock_sock(sk);
1051
1052 parent = bt_sk(sk)->parent;
1053
1054 BT_DBG("sk %p, parent %p", sk, parent);
1055
1056 sk->sk_state = BT_CONNECTED;
1057 sk->sk_state_change(sk);
1058
1059 if (parent)
1060 parent->sk_data_ready(parent, 0);
1061
1062 release_sock(sk);
1063 }
1064
1065 static struct l2cap_ops l2cap_chan_ops = {
1066 .name = "L2CAP Socket Interface",
1067 .new_connection = l2cap_sock_new_connection_cb,
1068 .recv = l2cap_sock_recv_cb,
1069 .close = l2cap_sock_close_cb,
1070 .teardown = l2cap_sock_teardown_cb,
1071 .state_change = l2cap_sock_state_change_cb,
1072 .ready = l2cap_sock_ready_cb,
1073 .alloc_skb = l2cap_sock_alloc_skb_cb,
1074 };
1075
1076 static void l2cap_sock_destruct(struct sock *sk)
1077 {
1078 BT_DBG("sk %p", sk);
1079
1080 l2cap_chan_put(l2cap_pi(sk)->chan);
1081 if (l2cap_pi(sk)->rx_busy_skb) {
1082 kfree_skb(l2cap_pi(sk)->rx_busy_skb);
1083 l2cap_pi(sk)->rx_busy_skb = NULL;
1084 }
1085
1086 skb_queue_purge(&sk->sk_receive_queue);
1087 skb_queue_purge(&sk->sk_write_queue);
1088 }
1089
1090 static void l2cap_sock_init(struct sock *sk, struct sock *parent)
1091 {
1092 struct l2cap_pinfo *pi = l2cap_pi(sk);
1093 struct l2cap_chan *chan = pi->chan;
1094
1095 BT_DBG("sk %p", sk);
1096
1097 if (parent) {
1098 struct l2cap_chan *pchan = l2cap_pi(parent)->chan;
1099
1100 sk->sk_type = parent->sk_type;
1101 bt_sk(sk)->flags = bt_sk(parent)->flags;
1102
1103 chan->chan_type = pchan->chan_type;
1104 chan->imtu = pchan->imtu;
1105 chan->omtu = pchan->omtu;
1106 chan->conf_state = pchan->conf_state;
1107 chan->mode = pchan->mode;
1108 chan->fcs = pchan->fcs;
1109 chan->max_tx = pchan->max_tx;
1110 chan->tx_win = pchan->tx_win;
1111 chan->tx_win_max = pchan->tx_win_max;
1112 chan->sec_level = pchan->sec_level;
1113 chan->flags = pchan->flags;
1114
1115 security_sk_clone(parent, sk);
1116 } else {
1117
1118 switch (sk->sk_type) {
1119 case SOCK_RAW:
1120 chan->chan_type = L2CAP_CHAN_RAW;
1121 break;
1122 case SOCK_DGRAM:
1123 chan->chan_type = L2CAP_CHAN_CONN_LESS;
1124 break;
1125 case SOCK_SEQPACKET:
1126 case SOCK_STREAM:
1127 chan->chan_type = L2CAP_CHAN_CONN_ORIENTED;
1128 break;
1129 }
1130
1131 chan->imtu = L2CAP_DEFAULT_MTU;
1132 chan->omtu = 0;
1133 if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
1134 chan->mode = L2CAP_MODE_ERTM;
1135 set_bit(CONF_STATE2_DEVICE, &chan->conf_state);
1136 } else {
1137 chan->mode = L2CAP_MODE_BASIC;
1138 }
1139
1140 l2cap_chan_set_defaults(chan);
1141 }
1142
1143 /* Default config options */
1144 chan->flush_to = L2CAP_DEFAULT_FLUSH_TO;
1145
1146 chan->data = sk;
1147 chan->ops = &l2cap_chan_ops;
1148 }
1149
1150 static struct proto l2cap_proto = {
1151 .name = "L2CAP",
1152 .owner = THIS_MODULE,
1153 .obj_size = sizeof(struct l2cap_pinfo)
1154 };
1155
1156 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
1157 {
1158 struct sock *sk;
1159 struct l2cap_chan *chan;
1160
1161 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
1162 if (!sk)
1163 return NULL;
1164
1165 sock_init_data(sock, sk);
1166 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
1167
1168 sk->sk_destruct = l2cap_sock_destruct;
1169 sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;
1170
1171 sock_reset_flag(sk, SOCK_ZAPPED);
1172
1173 sk->sk_protocol = proto;
1174 sk->sk_state = BT_OPEN;
1175
1176 chan = l2cap_chan_create();
1177 if (!chan) {
1178 sk_free(sk);
1179 return NULL;
1180 }
1181
1182 l2cap_chan_hold(chan);
1183
1184 chan->sk = sk;
1185
1186 l2cap_pi(sk)->chan = chan;
1187
1188 return sk;
1189 }
1190
1191 static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
1192 int kern)
1193 {
1194 struct sock *sk;
1195
1196 BT_DBG("sock %p", sock);
1197
1198 sock->state = SS_UNCONNECTED;
1199
1200 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
1201 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
1202 return -ESOCKTNOSUPPORT;
1203
1204 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
1205 return -EPERM;
1206
1207 sock->ops = &l2cap_sock_ops;
1208
1209 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
1210 if (!sk)
1211 return -ENOMEM;
1212
1213 l2cap_sock_init(sk, NULL);
1214 return 0;
1215 }
1216
1217 static const struct proto_ops l2cap_sock_ops = {
1218 .family = PF_BLUETOOTH,
1219 .owner = THIS_MODULE,
1220 .release = l2cap_sock_release,
1221 .bind = l2cap_sock_bind,
1222 .connect = l2cap_sock_connect,
1223 .listen = l2cap_sock_listen,
1224 .accept = l2cap_sock_accept,
1225 .getname = l2cap_sock_getname,
1226 .sendmsg = l2cap_sock_sendmsg,
1227 .recvmsg = l2cap_sock_recvmsg,
1228 .poll = bt_sock_poll,
1229 .ioctl = bt_sock_ioctl,
1230 .mmap = sock_no_mmap,
1231 .socketpair = sock_no_socketpair,
1232 .shutdown = l2cap_sock_shutdown,
1233 .setsockopt = l2cap_sock_setsockopt,
1234 .getsockopt = l2cap_sock_getsockopt
1235 };
1236
1237 static const struct net_proto_family l2cap_sock_family_ops = {
1238 .family = PF_BLUETOOTH,
1239 .owner = THIS_MODULE,
1240 .create = l2cap_sock_create,
1241 };
1242
1243 int __init l2cap_init_sockets(void)
1244 {
1245 int err;
1246
1247 err = proto_register(&l2cap_proto, 0);
1248 if (err < 0)
1249 return err;
1250
1251 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
1252 if (err < 0)
1253 goto error;
1254
1255 BT_INFO("L2CAP socket layer initialized");
1256
1257 return 0;
1258
1259 error:
1260 BT_ERR("L2CAP socket registration failed");
1261 proto_unregister(&l2cap_proto);
1262 return err;
1263 }
1264
1265 void l2cap_cleanup_sockets(void)
1266 {
1267 if (bt_sock_unregister(BTPROTO_L2CAP) < 0)
1268 BT_ERR("L2CAP socket unregistration failed");
1269
1270 proto_unregister(&l2cap_proto);
1271 }
Linux with added FPC-III support