2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI sockets. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/capability.h>
31 #include <linux/errno.h>
32 #include <linux/kernel.h>
33 #include <linux/slab.h>
34 #include <linux/poll.h>
35 #include <linux/fcntl.h>
36 #include <linux/init.h>
37 #include <linux/skbuff.h>
38 #include <linux/workqueue.h>
39 #include <linux/interrupt.h>
40 #include <linux/socket.h>
41 #include <linux/ioctl.h>
44 #include <asm/system.h>
45 #include <asm/uaccess.h>
46 #include <asm/unaligned.h>
48 #include <net/bluetooth/bluetooth.h>
49 #include <net/bluetooth/hci_core.h>
51 #ifndef CONFIG_BT_HCI_SOCK_DEBUG
56 /* ----- HCI socket interface ----- */
58 static inline int hci_test_bit(int nr
, void *addr
)
60 return *((__u32
*) addr
+ (nr
>> 5)) & ((__u32
) 1 << (nr
& 31));
64 static struct hci_sec_filter hci_sec_filter
= {
68 { 0x1000d9fe, 0x0000b00c },
73 { 0xbe000006, 0x00000001, 0x000000, 0x00 },
75 { 0x00005200, 0x00000000, 0x000000, 0x00 },
77 { 0xaab00200, 0x2b402aaa, 0x020154, 0x00 },
79 { 0x000002be, 0x00000000, 0x000000, 0x00 },
80 /* OGF_STATUS_PARAM */
81 { 0x000000ea, 0x00000000, 0x000000, 0x00 }
85 static struct bt_sock_list hci_sk_list
= {
86 .lock
= RW_LOCK_UNLOCKED
89 /* Send frame to RAW socket */
90 void hci_send_to_sock(struct hci_dev
*hdev
, struct sk_buff
*skb
)
93 struct hlist_node
*node
;
95 BT_DBG("hdev %p len %d", hdev
, skb
->len
);
97 read_lock(&hci_sk_list
.lock
);
98 sk_for_each(sk
, node
, &hci_sk_list
.head
) {
99 struct hci_filter
*flt
;
100 struct sk_buff
*nskb
;
102 if (sk
->sk_state
!= BT_BOUND
|| hci_pi(sk
)->hdev
!= hdev
)
105 /* Don't send frame to the socket it came from */
110 flt
= &hci_pi(sk
)->filter
;
112 if (!test_bit((bt_cb(skb
)->pkt_type
== HCI_VENDOR_PKT
) ?
113 0 : (bt_cb(skb
)->pkt_type
& HCI_FLT_TYPE_BITS
), &flt
->type_mask
))
116 if (bt_cb(skb
)->pkt_type
== HCI_EVENT_PKT
) {
117 register int evt
= (*(__u8
*)skb
->data
& HCI_FLT_EVENT_BITS
);
119 if (!hci_test_bit(evt
, &flt
->event_mask
))
123 ((evt
== HCI_EV_CMD_COMPLETE
&&
125 get_unaligned((__le16
*)(skb
->data
+ 3))) ||
126 (evt
== HCI_EV_CMD_STATUS
&&
128 get_unaligned((__le16
*)(skb
->data
+ 4)))))
132 if (!(nskb
= skb_clone(skb
, GFP_ATOMIC
)))
135 /* Put type byte before the data */
136 memcpy(skb_push(nskb
, 1), &bt_cb(nskb
)->pkt_type
, 1);
138 if (sock_queue_rcv_skb(sk
, nskb
))
141 read_unlock(&hci_sk_list
.lock
);
144 static int hci_sock_release(struct socket
*sock
)
146 struct sock
*sk
= sock
->sk
;
147 struct hci_dev
*hdev
;
149 BT_DBG("sock %p sk %p", sock
, sk
);
154 hdev
= hci_pi(sk
)->hdev
;
156 bt_sock_unlink(&hci_sk_list
, sk
);
159 atomic_dec(&hdev
->promisc
);
165 skb_queue_purge(&sk
->sk_receive_queue
);
166 skb_queue_purge(&sk
->sk_write_queue
);
172 /* Ioctls that require bound socket */
173 static inline int hci_sock_bound_ioctl(struct sock
*sk
, unsigned int cmd
, unsigned long arg
)
175 struct hci_dev
*hdev
= hci_pi(sk
)->hdev
;
182 if (!capable(CAP_NET_ADMIN
))
185 if (test_bit(HCI_QUIRK_RAW_DEVICE
, &hdev
->quirks
))
189 set_bit(HCI_RAW
, &hdev
->flags
);
191 clear_bit(HCI_RAW
, &hdev
->flags
);
196 if (!capable(CAP_NET_ADMIN
))
200 set_bit(HCI_SECMGR
, &hdev
->flags
);
202 clear_bit(HCI_SECMGR
, &hdev
->flags
);
207 return hci_get_conn_info(hdev
, (void __user
*)arg
);
211 return hdev
->ioctl(hdev
, cmd
, arg
);
216 static int hci_sock_ioctl(struct socket
*sock
, unsigned int cmd
, unsigned long arg
)
218 struct sock
*sk
= sock
->sk
;
219 void __user
*argp
= (void __user
*)arg
;
222 BT_DBG("cmd %x arg %lx", cmd
, arg
);
226 return hci_get_dev_list(argp
);
229 return hci_get_dev_info(argp
);
232 return hci_get_conn_list(argp
);
235 if (!capable(CAP_NET_ADMIN
))
237 return hci_dev_open(arg
);
240 if (!capable(CAP_NET_ADMIN
))
242 return hci_dev_close(arg
);
245 if (!capable(CAP_NET_ADMIN
))
247 return hci_dev_reset(arg
);
250 if (!capable(CAP_NET_ADMIN
))
252 return hci_dev_reset_stat(arg
);
262 if (!capable(CAP_NET_ADMIN
))
264 return hci_dev_cmd(cmd
, argp
);
267 return hci_inquiry(argp
);
271 err
= hci_sock_bound_ioctl(sk
, cmd
, arg
);
277 static int hci_sock_bind(struct socket
*sock
, struct sockaddr
*addr
, int addr_len
)
279 struct sockaddr_hci
*haddr
= (struct sockaddr_hci
*) addr
;
280 struct sock
*sk
= sock
->sk
;
281 struct hci_dev
*hdev
= NULL
;
284 BT_DBG("sock %p sk %p", sock
, sk
);
286 if (!haddr
|| haddr
->hci_family
!= AF_BLUETOOTH
)
291 if (hci_pi(sk
)->hdev
) {
296 if (haddr
->hci_dev
!= HCI_DEV_NONE
) {
297 if (!(hdev
= hci_dev_get(haddr
->hci_dev
))) {
302 atomic_inc(&hdev
->promisc
);
305 hci_pi(sk
)->hdev
= hdev
;
306 sk
->sk_state
= BT_BOUND
;
313 static int hci_sock_getname(struct socket
*sock
, struct sockaddr
*addr
, int *addr_len
, int peer
)
315 struct sockaddr_hci
*haddr
= (struct sockaddr_hci
*) addr
;
316 struct sock
*sk
= sock
->sk
;
317 struct hci_dev
*hdev
= hci_pi(sk
)->hdev
;
319 BT_DBG("sock %p sk %p", sock
, sk
);
326 *addr_len
= sizeof(*haddr
);
327 haddr
->hci_family
= AF_BLUETOOTH
;
328 haddr
->hci_dev
= hdev
->id
;
334 static inline void hci_sock_cmsg(struct sock
*sk
, struct msghdr
*msg
, struct sk_buff
*skb
)
336 __u32 mask
= hci_pi(sk
)->cmsg_mask
;
338 if (mask
& HCI_CMSG_DIR
) {
339 int incoming
= bt_cb(skb
)->incoming
;
340 put_cmsg(msg
, SOL_HCI
, HCI_CMSG_DIR
, sizeof(incoming
), &incoming
);
343 if (mask
& HCI_CMSG_TSTAMP
) {
346 skb_get_timestamp(skb
, &tv
);
347 put_cmsg(msg
, SOL_HCI
, HCI_CMSG_TSTAMP
, sizeof(tv
), &tv
);
351 static int hci_sock_recvmsg(struct kiocb
*iocb
, struct socket
*sock
,
352 struct msghdr
*msg
, size_t len
, int flags
)
354 int noblock
= flags
& MSG_DONTWAIT
;
355 struct sock
*sk
= sock
->sk
;
359 BT_DBG("sock %p, sk %p", sock
, sk
);
361 if (flags
& (MSG_OOB
))
364 if (sk
->sk_state
== BT_CLOSED
)
367 if (!(skb
= skb_recv_datagram(sk
, flags
, noblock
, &err
)))
370 msg
->msg_namelen
= 0;
374 msg
->msg_flags
|= MSG_TRUNC
;
378 skb
->h
.raw
= skb
->data
;
379 err
= skb_copy_datagram_iovec(skb
, 0, msg
->msg_iov
, copied
);
381 hci_sock_cmsg(sk
, msg
, skb
);
383 skb_free_datagram(sk
, skb
);
385 return err
? : copied
;
388 static int hci_sock_sendmsg(struct kiocb
*iocb
, struct socket
*sock
,
389 struct msghdr
*msg
, size_t len
)
391 struct sock
*sk
= sock
->sk
;
392 struct hci_dev
*hdev
;
396 BT_DBG("sock %p sk %p", sock
, sk
);
398 if (msg
->msg_flags
& MSG_OOB
)
401 if (msg
->msg_flags
& ~(MSG_DONTWAIT
|MSG_NOSIGNAL
|MSG_ERRQUEUE
))
404 if (len
< 4 || len
> HCI_MAX_FRAME_SIZE
)
409 if (!(hdev
= hci_pi(sk
)->hdev
)) {
414 if (!(skb
= bt_skb_send_alloc(sk
, len
, msg
->msg_flags
& MSG_DONTWAIT
, &err
)))
417 if (memcpy_fromiovec(skb_put(skb
, len
), msg
->msg_iov
, len
)) {
422 bt_cb(skb
)->pkt_type
= *((unsigned char *) skb
->data
);
424 skb
->dev
= (void *) hdev
;
426 if (bt_cb(skb
)->pkt_type
== HCI_COMMAND_PKT
) {
427 u16 opcode
= __le16_to_cpu(get_unaligned((__le16
*) skb
->data
));
428 u16 ogf
= hci_opcode_ogf(opcode
);
429 u16 ocf
= hci_opcode_ocf(opcode
);
431 if (((ogf
> HCI_SFLT_MAX_OGF
) ||
432 !hci_test_bit(ocf
& HCI_FLT_OCF_BITS
, &hci_sec_filter
.ocf_mask
[ogf
])) &&
433 !capable(CAP_NET_RAW
)) {
438 if (test_bit(HCI_RAW
, &hdev
->flags
) || (ogf
== OGF_VENDOR_CMD
)) {
439 skb_queue_tail(&hdev
->raw_q
, skb
);
442 skb_queue_tail(&hdev
->cmd_q
, skb
);
446 if (!capable(CAP_NET_RAW
)) {
451 skb_queue_tail(&hdev
->raw_q
, skb
);
466 static int hci_sock_setsockopt(struct socket
*sock
, int level
, int optname
, char __user
*optval
, int len
)
468 struct hci_ufilter uf
= { .opcode
= 0 };
469 struct sock
*sk
= sock
->sk
;
470 int err
= 0, opt
= 0;
472 BT_DBG("sk %p, opt %d", sk
, optname
);
478 if (get_user(opt
, (int __user
*)optval
)) {
484 hci_pi(sk
)->cmsg_mask
|= HCI_CMSG_DIR
;
486 hci_pi(sk
)->cmsg_mask
&= ~HCI_CMSG_DIR
;
490 if (get_user(opt
, (int __user
*)optval
)) {
496 hci_pi(sk
)->cmsg_mask
|= HCI_CMSG_TSTAMP
;
498 hci_pi(sk
)->cmsg_mask
&= ~HCI_CMSG_TSTAMP
;
502 len
= min_t(unsigned int, len
, sizeof(uf
));
503 if (copy_from_user(&uf
, optval
, len
)) {
508 if (!capable(CAP_NET_RAW
)) {
509 uf
.type_mask
&= hci_sec_filter
.type_mask
;
510 uf
.event_mask
[0] &= *((u32
*) hci_sec_filter
.event_mask
+ 0);
511 uf
.event_mask
[1] &= *((u32
*) hci_sec_filter
.event_mask
+ 1);
515 struct hci_filter
*f
= &hci_pi(sk
)->filter
;
517 f
->type_mask
= uf
.type_mask
;
518 f
->opcode
= uf
.opcode
;
519 *((u32
*) f
->event_mask
+ 0) = uf
.event_mask
[0];
520 *((u32
*) f
->event_mask
+ 1) = uf
.event_mask
[1];
533 static int hci_sock_getsockopt(struct socket
*sock
, int level
, int optname
, char __user
*optval
, int __user
*optlen
)
535 struct hci_ufilter uf
;
536 struct sock
*sk
= sock
->sk
;
539 if (get_user(len
, optlen
))
544 if (hci_pi(sk
)->cmsg_mask
& HCI_CMSG_DIR
)
549 if (put_user(opt
, optval
))
554 if (hci_pi(sk
)->cmsg_mask
& HCI_CMSG_TSTAMP
)
559 if (put_user(opt
, optval
))
565 struct hci_filter
*f
= &hci_pi(sk
)->filter
;
567 uf
.type_mask
= f
->type_mask
;
568 uf
.opcode
= f
->opcode
;
569 uf
.event_mask
[0] = *((u32
*) f
->event_mask
+ 0);
570 uf
.event_mask
[1] = *((u32
*) f
->event_mask
+ 1);
573 len
= min_t(unsigned int, len
, sizeof(uf
));
574 if (copy_to_user(optval
, &uf
, len
))
586 static const struct proto_ops hci_sock_ops
= {
587 .family
= PF_BLUETOOTH
,
588 .owner
= THIS_MODULE
,
589 .release
= hci_sock_release
,
590 .bind
= hci_sock_bind
,
591 .getname
= hci_sock_getname
,
592 .sendmsg
= hci_sock_sendmsg
,
593 .recvmsg
= hci_sock_recvmsg
,
594 .ioctl
= hci_sock_ioctl
,
595 .poll
= datagram_poll
,
596 .listen
= sock_no_listen
,
597 .shutdown
= sock_no_shutdown
,
598 .setsockopt
= hci_sock_setsockopt
,
599 .getsockopt
= hci_sock_getsockopt
,
600 .connect
= sock_no_connect
,
601 .socketpair
= sock_no_socketpair
,
602 .accept
= sock_no_accept
,
606 static struct proto hci_sk_proto
= {
608 .owner
= THIS_MODULE
,
609 .obj_size
= sizeof(struct hci_pinfo
)
612 static int hci_sock_create(struct socket
*sock
, int protocol
)
616 BT_DBG("sock %p", sock
);
618 if (sock
->type
!= SOCK_RAW
)
619 return -ESOCKTNOSUPPORT
;
621 sock
->ops
= &hci_sock_ops
;
623 sk
= sk_alloc(PF_BLUETOOTH
, GFP_ATOMIC
, &hci_sk_proto
, 1);
627 sock_init_data(sock
, sk
);
629 sock_reset_flag(sk
, SOCK_ZAPPED
);
631 sk
->sk_protocol
= protocol
;
633 sock
->state
= SS_UNCONNECTED
;
634 sk
->sk_state
= BT_OPEN
;
636 bt_sock_link(&hci_sk_list
, sk
);
640 static int hci_sock_dev_event(struct notifier_block
*this, unsigned long event
, void *ptr
)
642 struct hci_dev
*hdev
= (struct hci_dev
*) ptr
;
643 struct hci_ev_si_device ev
;
645 BT_DBG("hdev %s event %ld", hdev
->name
, event
);
647 /* Send event to sockets */
649 ev
.dev_id
= hdev
->id
;
650 hci_si_event(NULL
, HCI_EV_SI_DEVICE
, sizeof(ev
), &ev
);
652 if (event
== HCI_DEV_UNREG
) {
654 struct hlist_node
*node
;
656 /* Detach sockets from device */
657 read_lock(&hci_sk_list
.lock
);
658 sk_for_each(sk
, node
, &hci_sk_list
.head
) {
660 if (hci_pi(sk
)->hdev
== hdev
) {
661 hci_pi(sk
)->hdev
= NULL
;
663 sk
->sk_state
= BT_OPEN
;
664 sk
->sk_state_change(sk
);
670 read_unlock(&hci_sk_list
.lock
);
676 static struct net_proto_family hci_sock_family_ops
= {
677 .family
= PF_BLUETOOTH
,
678 .owner
= THIS_MODULE
,
679 .create
= hci_sock_create
,
682 static struct notifier_block hci_sock_nblock
= {
683 .notifier_call
= hci_sock_dev_event
686 int __init
hci_sock_init(void)
690 err
= proto_register(&hci_sk_proto
, 0);
694 err
= bt_sock_register(BTPROTO_HCI
, &hci_sock_family_ops
);
698 hci_register_notifier(&hci_sock_nblock
);
700 BT_INFO("HCI socket layer initialized");
705 BT_ERR("HCI socket registration failed");
706 proto_unregister(&hci_sk_proto
);
710 int __exit
hci_sock_cleanup(void)
712 if (bt_sock_unregister(BTPROTO_HCI
) < 0)
713 BT_ERR("HCI socket unregistration failed");
715 hci_unregister_notifier(&hci_sock_nblock
);
717 proto_unregister(&hci_sk_proto
);