search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
x86/xen: resume timer irqs early
[linux/fpc-iii.git] / net / bluetooth / hci_sock.c
blobfa4bf663142551ef373e946bbbbd25071dc58d50
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23 */
24
25 /* Bluetooth HCI sockets. */
26
27 #include <linux/export.h>
28 #include <asm/unaligned.h>
29
30 #include <net/bluetooth/bluetooth.h>
31 #include <net/bluetooth/hci_core.h>
32 #include <net/bluetooth/hci_mon.h>
33
34 static atomic_t monitor_promisc = ATOMIC_INIT(0);
35
36 /* ----- HCI socket interface ----- */
37
38 static inline int hci_test_bit(int nr, void *addr)
39 {
40 return *((__u32 *) addr + (nr >> 5)) & ((__u32) 1 << (nr & 31));
41 }
42
43 /* Security filter */
44 static struct hci_sec_filter hci_sec_filter = {
45 /* Packet types */
46 0x10,
47 /* Events */
48 { 0x1000d9fe, 0x0000b00c },
49 /* Commands */
50 {
51 { 0x0 },
52 /* OGF_LINK_CTL */
53 { 0xbe000006, 0x00000001, 0x00000000, 0x00 },
54 /* OGF_LINK_POLICY */
55 { 0x00005200, 0x00000000, 0x00000000, 0x00 },
56 /* OGF_HOST_CTL */
57 { 0xaab00200, 0x2b402aaa, 0x05220154, 0x00 },
58 /* OGF_INFO_PARAM */
59 { 0x000002be, 0x00000000, 0x00000000, 0x00 },
60 /* OGF_STATUS_PARAM */
61 { 0x000000ea, 0x00000000, 0x00000000, 0x00 }
62 }
63 };
64
65 static struct bt_sock_list hci_sk_list = {
66 .lock = __RW_LOCK_UNLOCKED(hci_sk_list.lock)
67 };
68
69 /* Send frame to RAW socket */
70 void hci_send_to_sock(struct hci_dev *hdev, struct sk_buff *skb)
71 {
72 struct sock *sk;
73 struct sk_buff *skb_copy = NULL;
74
75 BT_DBG("hdev %p len %d", hdev, skb->len);
76
77 read_lock(&hci_sk_list.lock);
78
79 sk_for_each(sk, &hci_sk_list.head) {
80 struct hci_filter *flt;
81 struct sk_buff *nskb;
82
83 if (sk->sk_state != BT_BOUND || hci_pi(sk)->hdev != hdev)
84 continue;
85
86 /* Don't send frame to the socket it came from */
87 if (skb->sk == sk)
88 continue;
89
90 if (hci_pi(sk)->channel != HCI_CHANNEL_RAW)
91 continue;
92
93 /* Apply filter */
94 flt = &hci_pi(sk)->filter;
95
96 if (!test_bit((bt_cb(skb)->pkt_type == HCI_VENDOR_PKT) ?
97 0 : (bt_cb(skb)->pkt_type & HCI_FLT_TYPE_BITS),
98 &flt->type_mask))
99 continue;
100
101 if (bt_cb(skb)->pkt_type == HCI_EVENT_PKT) {
102 int evt = (*(__u8 *)skb->data & HCI_FLT_EVENT_BITS);
103
104 if (!hci_test_bit(evt, &flt->event_mask))
105 continue;
106
107 if (flt->opcode &&
108 ((evt == HCI_EV_CMD_COMPLETE &&
109 flt->opcode !=
110 get_unaligned((__le16 *)(skb->data + 3))) ||
111 (evt == HCI_EV_CMD_STATUS &&
112 flt->opcode !=
113 get_unaligned((__le16 *)(skb->data + 4)))))
114 continue;
115 }
116
117 if (!skb_copy) {
118 /* Create a private copy with headroom */
119 skb_copy = __pskb_copy(skb, 1, GFP_ATOMIC);
120 if (!skb_copy)
121 continue;
122
123 /* Put type byte before the data */
124 memcpy(skb_push(skb_copy, 1), &bt_cb(skb)->pkt_type, 1);
125 }
126
127 nskb = skb_clone(skb_copy, GFP_ATOMIC);
128 if (!nskb)
129 continue;
130
131 if (sock_queue_rcv_skb(sk, nskb))
132 kfree_skb(nskb);
133 }
134
135 read_unlock(&hci_sk_list.lock);
136
137 kfree_skb(skb_copy);
138 }
139
140 /* Send frame to control socket */
141 void hci_send_to_control(struct sk_buff *skb, struct sock *skip_sk)
142 {
143 struct sock *sk;
144
145 BT_DBG("len %d", skb->len);
146
147 read_lock(&hci_sk_list.lock);
148
149 sk_for_each(sk, &hci_sk_list.head) {
150 struct sk_buff *nskb;
151
152 /* Skip the original socket */
153 if (sk == skip_sk)
154 continue;
155
156 if (sk->sk_state != BT_BOUND)
157 continue;
158
159 if (hci_pi(sk)->channel != HCI_CHANNEL_CONTROL)
160 continue;
161
162 nskb = skb_clone(skb, GFP_ATOMIC);
163 if (!nskb)
164 continue;
165
166 if (sock_queue_rcv_skb(sk, nskb))
167 kfree_skb(nskb);
168 }
169
170 read_unlock(&hci_sk_list.lock);
171 }
172
173 /* Send frame to monitor socket */
174 void hci_send_to_monitor(struct hci_dev *hdev, struct sk_buff *skb)
175 {
176 struct sock *sk;
177 struct sk_buff *skb_copy = NULL;
178 __le16 opcode;
179
180 if (!atomic_read(&monitor_promisc))
181 return;
182
183 BT_DBG("hdev %p len %d", hdev, skb->len);
184
185 switch (bt_cb(skb)->pkt_type) {
186 case HCI_COMMAND_PKT:
187 opcode = __constant_cpu_to_le16(HCI_MON_COMMAND_PKT);
188 break;
189 case HCI_EVENT_PKT:
190 opcode = __constant_cpu_to_le16(HCI_MON_EVENT_PKT);
191 break;
192 case HCI_ACLDATA_PKT:
193 if (bt_cb(skb)->incoming)
194 opcode = __constant_cpu_to_le16(HCI_MON_ACL_RX_PKT);
195 else
196 opcode = __constant_cpu_to_le16(HCI_MON_ACL_TX_PKT);
197 break;
198 case HCI_SCODATA_PKT:
199 if (bt_cb(skb)->incoming)
200 opcode = __constant_cpu_to_le16(HCI_MON_SCO_RX_PKT);
201 else
202 opcode = __constant_cpu_to_le16(HCI_MON_SCO_TX_PKT);
203 break;
204 default:
205 return;
206 }
207
208 read_lock(&hci_sk_list.lock);
209
210 sk_for_each(sk, &hci_sk_list.head) {
211 struct sk_buff *nskb;
212
213 if (sk->sk_state != BT_BOUND)
214 continue;
215
216 if (hci_pi(sk)->channel != HCI_CHANNEL_MONITOR)
217 continue;
218
219 if (!skb_copy) {
220 struct hci_mon_hdr *hdr;
221
222 /* Create a private copy with headroom */
223 skb_copy = __pskb_copy(skb, HCI_MON_HDR_SIZE,
224 GFP_ATOMIC);
225 if (!skb_copy)
226 continue;
227
228 /* Put header before the data */
229 hdr = (void *) skb_push(skb_copy, HCI_MON_HDR_SIZE);
230 hdr->opcode = opcode;
231 hdr->index = cpu_to_le16(hdev->id);
232 hdr->len = cpu_to_le16(skb->len);
233 }
234
235 nskb = skb_clone(skb_copy, GFP_ATOMIC);
236 if (!nskb)
237 continue;
238
239 if (sock_queue_rcv_skb(sk, nskb))
240 kfree_skb(nskb);
241 }
242
243 read_unlock(&hci_sk_list.lock);
244
245 kfree_skb(skb_copy);
246 }
247
248 static void send_monitor_event(struct sk_buff *skb)
249 {
250 struct sock *sk;
251
252 BT_DBG("len %d", skb->len);
253
254 read_lock(&hci_sk_list.lock);
255
256 sk_for_each(sk, &hci_sk_list.head) {
257 struct sk_buff *nskb;
258
259 if (sk->sk_state != BT_BOUND)
260 continue;
261
262 if (hci_pi(sk)->channel != HCI_CHANNEL_MONITOR)
263 continue;
264
265 nskb = skb_clone(skb, GFP_ATOMIC);
266 if (!nskb)
267 continue;
268
269 if (sock_queue_rcv_skb(sk, nskb))
270 kfree_skb(nskb);
271 }
272
273 read_unlock(&hci_sk_list.lock);
274 }
275
276 static struct sk_buff *create_monitor_event(struct hci_dev *hdev, int event)
277 {
278 struct hci_mon_hdr *hdr;
279 struct hci_mon_new_index *ni;
280 struct sk_buff *skb;
281 __le16 opcode;
282
283 switch (event) {
284 case HCI_DEV_REG:
285 skb = bt_skb_alloc(HCI_MON_NEW_INDEX_SIZE, GFP_ATOMIC);
286 if (!skb)
287 return NULL;
288
289 ni = (void *) skb_put(skb, HCI_MON_NEW_INDEX_SIZE);
290 ni->type = hdev->dev_type;
291 ni->bus = hdev->bus;
292 bacpy(&ni->bdaddr, &hdev->bdaddr);
293 memcpy(ni->name, hdev->name, 8);
294
295 opcode = __constant_cpu_to_le16(HCI_MON_NEW_INDEX);
296 break;
297
298 case HCI_DEV_UNREG:
299 skb = bt_skb_alloc(0, GFP_ATOMIC);
300 if (!skb)
301 return NULL;
302
303 opcode = __constant_cpu_to_le16(HCI_MON_DEL_INDEX);
304 break;
305
306 default:
307 return NULL;
308 }
309
310 __net_timestamp(skb);
311
312 hdr = (void *) skb_push(skb, HCI_MON_HDR_SIZE);
313 hdr->opcode = opcode;
314 hdr->index = cpu_to_le16(hdev->id);
315 hdr->len = cpu_to_le16(skb->len - HCI_MON_HDR_SIZE);
316
317 return skb;
318 }
319
320 static void send_monitor_replay(struct sock *sk)
321 {
322 struct hci_dev *hdev;
323
324 read_lock(&hci_dev_list_lock);
325
326 list_for_each_entry(hdev, &hci_dev_list, list) {
327 struct sk_buff *skb;
328
329 skb = create_monitor_event(hdev, HCI_DEV_REG);
330 if (!skb)
331 continue;
332
333 if (sock_queue_rcv_skb(sk, skb))
334 kfree_skb(skb);
335 }
336
337 read_unlock(&hci_dev_list_lock);
338 }
339
340 /* Generate internal stack event */
341 static void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
342 {
343 struct hci_event_hdr *hdr;
344 struct hci_ev_stack_internal *ev;
345 struct sk_buff *skb;
346
347 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
348 if (!skb)
349 return;
350
351 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
352 hdr->evt = HCI_EV_STACK_INTERNAL;
353 hdr->plen = sizeof(*ev) + dlen;
354
355 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
356 ev->type = type;
357 memcpy(ev->data, data, dlen);
358
359 bt_cb(skb)->incoming = 1;
360 __net_timestamp(skb);
361
362 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
363 skb->dev = (void *) hdev;
364 hci_send_to_sock(hdev, skb);
365 kfree_skb(skb);
366 }
367
368 void hci_sock_dev_event(struct hci_dev *hdev, int event)
369 {
370 struct hci_ev_si_device ev;
371
372 BT_DBG("hdev %s event %d", hdev->name, event);
373
374 /* Send event to monitor */
375 if (atomic_read(&monitor_promisc)) {
376 struct sk_buff *skb;
377
378 skb = create_monitor_event(hdev, event);
379 if (skb) {
380 send_monitor_event(skb);
381 kfree_skb(skb);
382 }
383 }
384
385 /* Send event to sockets */
386 ev.event = event;
387 ev.dev_id = hdev->id;
388 hci_si_event(NULL, HCI_EV_SI_DEVICE, sizeof(ev), &ev);
389
390 if (event == HCI_DEV_UNREG) {
391 struct sock *sk;
392
393 /* Detach sockets from device */
394 read_lock(&hci_sk_list.lock);
395 sk_for_each(sk, &hci_sk_list.head) {
396 bh_lock_sock_nested(sk);
397 if (hci_pi(sk)->hdev == hdev) {
398 hci_pi(sk)->hdev = NULL;
399 sk->sk_err = EPIPE;
400 sk->sk_state = BT_OPEN;
401 sk->sk_state_change(sk);
402
403 hci_dev_put(hdev);
404 }
405 bh_unlock_sock(sk);
406 }
407 read_unlock(&hci_sk_list.lock);
408 }
409 }
410
411 static int hci_sock_release(struct socket *sock)
412 {
413 struct sock *sk = sock->sk;
414 struct hci_dev *hdev;
415
416 BT_DBG("sock %p sk %p", sock, sk);
417
418 if (!sk)
419 return 0;
420
421 hdev = hci_pi(sk)->hdev;
422
423 if (hci_pi(sk)->channel == HCI_CHANNEL_MONITOR)
424 atomic_dec(&monitor_promisc);
425
426 bt_sock_unlink(&hci_sk_list, sk);
427
428 if (hdev) {
429 atomic_dec(&hdev->promisc);
430 hci_dev_put(hdev);
431 }
432
433 sock_orphan(sk);
434
435 skb_queue_purge(&sk->sk_receive_queue);
436 skb_queue_purge(&sk->sk_write_queue);
437
438 sock_put(sk);
439 return 0;
440 }
441
442 static int hci_sock_blacklist_add(struct hci_dev *hdev, void __user *arg)
443 {
444 bdaddr_t bdaddr;
445 int err;
446
447 if (copy_from_user(&bdaddr, arg, sizeof(bdaddr)))
448 return -EFAULT;
449
450 hci_dev_lock(hdev);
451
452 err = hci_blacklist_add(hdev, &bdaddr, 0);
453
454 hci_dev_unlock(hdev);
455
456 return err;
457 }
458
459 static int hci_sock_blacklist_del(struct hci_dev *hdev, void __user *arg)
460 {
461 bdaddr_t bdaddr;
462 int err;
463
464 if (copy_from_user(&bdaddr, arg, sizeof(bdaddr)))
465 return -EFAULT;
466
467 hci_dev_lock(hdev);
468
469 err = hci_blacklist_del(hdev, &bdaddr, 0);
470
471 hci_dev_unlock(hdev);
472
473 return err;
474 }
475
476 /* Ioctls that require bound socket */
477 static int hci_sock_bound_ioctl(struct sock *sk, unsigned int cmd,
478 unsigned long arg)
479 {
480 struct hci_dev *hdev = hci_pi(sk)->hdev;
481
482 if (!hdev)
483 return -EBADFD;
484
485 switch (cmd) {
486 case HCISETRAW:
487 if (!capable(CAP_NET_ADMIN))
488 return -EPERM;
489
490 if (test_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks))
491 return -EPERM;
492
493 if (arg)
494 set_bit(HCI_RAW, &hdev->flags);
495 else
496 clear_bit(HCI_RAW, &hdev->flags);
497
498 return 0;
499
500 case HCIGETCONNINFO:
501 return hci_get_conn_info(hdev, (void __user *) arg);
502
503 case HCIGETAUTHINFO:
504 return hci_get_auth_info(hdev, (void __user *) arg);
505
506 case HCIBLOCKADDR:
507 if (!capable(CAP_NET_ADMIN))
508 return -EPERM;
509 return hci_sock_blacklist_add(hdev, (void __user *) arg);
510
511 case HCIUNBLOCKADDR:
512 if (!capable(CAP_NET_ADMIN))
513 return -EPERM;
514 return hci_sock_blacklist_del(hdev, (void __user *) arg);
515
516 default:
517 if (hdev->ioctl)
518 return hdev->ioctl(hdev, cmd, arg);
519 return -EINVAL;
520 }
521 }
522
523 static int hci_sock_ioctl(struct socket *sock, unsigned int cmd,
524 unsigned long arg)
525 {
526 struct sock *sk = sock->sk;
527 void __user *argp = (void __user *) arg;
528 int err;
529
530 BT_DBG("cmd %x arg %lx", cmd, arg);
531
532 switch (cmd) {
533 case HCIGETDEVLIST:
534 return hci_get_dev_list(argp);
535
536 case HCIGETDEVINFO:
537 return hci_get_dev_info(argp);
538
539 case HCIGETCONNLIST:
540 return hci_get_conn_list(argp);
541
542 case HCIDEVUP:
543 if (!capable(CAP_NET_ADMIN))
544 return -EPERM;
545 return hci_dev_open(arg);
546
547 case HCIDEVDOWN:
548 if (!capable(CAP_NET_ADMIN))
549 return -EPERM;
550 return hci_dev_close(arg);
551
552 case HCIDEVRESET:
553 if (!capable(CAP_NET_ADMIN))
554 return -EPERM;
555 return hci_dev_reset(arg);
556
557 case HCIDEVRESTAT:
558 if (!capable(CAP_NET_ADMIN))
559 return -EPERM;
560 return hci_dev_reset_stat(arg);
561
562 case HCISETSCAN:
563 case HCISETAUTH:
564 case HCISETENCRYPT:
565 case HCISETPTYPE:
566 case HCISETLINKPOL:
567 case HCISETLINKMODE:
568 case HCISETACLMTU:
569 case HCISETSCOMTU:
570 if (!capable(CAP_NET_ADMIN))
571 return -EPERM;
572 return hci_dev_cmd(cmd, argp);
573
574 case HCIINQUIRY:
575 return hci_inquiry(argp);
576
577 default:
578 lock_sock(sk);
579 err = hci_sock_bound_ioctl(sk, cmd, arg);
580 release_sock(sk);
581 return err;
582 }
583 }
584
585 static int hci_sock_bind(struct socket *sock, struct sockaddr *addr,
586 int addr_len)
587 {
588 struct sockaddr_hci haddr;
589 struct sock *sk = sock->sk;
590 struct hci_dev *hdev = NULL;
591 int len, err = 0;
592
593 BT_DBG("sock %p sk %p", sock, sk);
594
595 if (!addr)
596 return -EINVAL;
597
598 memset(&haddr, 0, sizeof(haddr));
599 len = min_t(unsigned int, sizeof(haddr), addr_len);
600 memcpy(&haddr, addr, len);
601
602 if (haddr.hci_family != AF_BLUETOOTH)
603 return -EINVAL;
604
605 lock_sock(sk);
606
607 if (sk->sk_state == BT_BOUND) {
608 err = -EALREADY;
609 goto done;
610 }
611
612 switch (haddr.hci_channel) {
613 case HCI_CHANNEL_RAW:
614 if (hci_pi(sk)->hdev) {
615 err = -EALREADY;
616 goto done;
617 }
618
619 if (haddr.hci_dev != HCI_DEV_NONE) {
620 hdev = hci_dev_get(haddr.hci_dev);
621 if (!hdev) {
622 err = -ENODEV;
623 goto done;
624 }
625
626 atomic_inc(&hdev->promisc);
627 }
628
629 hci_pi(sk)->hdev = hdev;
630 break;
631
632 case HCI_CHANNEL_CONTROL:
633 if (haddr.hci_dev != HCI_DEV_NONE) {
634 err = -EINVAL;
635 goto done;
636 }
637
638 if (!capable(CAP_NET_ADMIN)) {
639 err = -EPERM;
640 goto done;
641 }
642
643 break;
644
645 case HCI_CHANNEL_MONITOR:
646 if (haddr.hci_dev != HCI_DEV_NONE) {
647 err = -EINVAL;
648 goto done;
649 }
650
651 if (!capable(CAP_NET_RAW)) {
652 err = -EPERM;
653 goto done;
654 }
655
656 send_monitor_replay(sk);
657
658 atomic_inc(&monitor_promisc);
659 break;
660
661 default:
662 err = -EINVAL;
663 goto done;
664 }
665
666
667 hci_pi(sk)->channel = haddr.hci_channel;
668 sk->sk_state = BT_BOUND;
669
670 done:
671 release_sock(sk);
672 return err;
673 }
674
675 static int hci_sock_getname(struct socket *sock, struct sockaddr *addr,
676 int *addr_len, int peer)
677 {
678 struct sockaddr_hci *haddr = (struct sockaddr_hci *) addr;
679 struct sock *sk = sock->sk;
680 struct hci_dev *hdev = hci_pi(sk)->hdev;
681
682 BT_DBG("sock %p sk %p", sock, sk);
683
684 if (!hdev)
685 return -EBADFD;
686
687 lock_sock(sk);
688
689 *addr_len = sizeof(*haddr);
690 haddr->hci_family = AF_BLUETOOTH;
691 haddr->hci_dev = hdev->id;
692 haddr->hci_channel= 0;
693
694 release_sock(sk);
695 return 0;
696 }
697
698 static void hci_sock_cmsg(struct sock *sk, struct msghdr *msg,
699 struct sk_buff *skb)
700 {
701 __u32 mask = hci_pi(sk)->cmsg_mask;
702
703 if (mask & HCI_CMSG_DIR) {
704 int incoming = bt_cb(skb)->incoming;
705 put_cmsg(msg, SOL_HCI, HCI_CMSG_DIR, sizeof(incoming),
706 &incoming);
707 }
708
709 if (mask & HCI_CMSG_TSTAMP) {
710 #ifdef CONFIG_COMPAT
711 struct compat_timeval ctv;
712 #endif
713 struct timeval tv;
714 void *data;
715 int len;
716
717 skb_get_timestamp(skb, &tv);
718
719 data = &tv;
720 len = sizeof(tv);
721 #ifdef CONFIG_COMPAT
722 if (!COMPAT_USE_64BIT_TIME &&
723 (msg->msg_flags & MSG_CMSG_COMPAT)) {
724 ctv.tv_sec = tv.tv_sec;
725 ctv.tv_usec = tv.tv_usec;
726 data = &ctv;
727 len = sizeof(ctv);
728 }
729 #endif
730
731 put_cmsg(msg, SOL_HCI, HCI_CMSG_TSTAMP, len, data);
732 }
733 }
734
735 static int hci_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
736 struct msghdr *msg, size_t len, int flags)
737 {
738 int noblock = flags & MSG_DONTWAIT;
739 struct sock *sk = sock->sk;
740 struct sk_buff *skb;
741 int copied, err;
742
743 BT_DBG("sock %p, sk %p", sock, sk);
744
745 if (flags & (MSG_OOB))
746 return -EOPNOTSUPP;
747
748 if (sk->sk_state == BT_CLOSED)
749 return 0;
750
751 skb = skb_recv_datagram(sk, flags, noblock, &err);
752 if (!skb)
753 return err;
754
755 copied = skb->len;
756 if (len < copied) {
757 msg->msg_flags |= MSG_TRUNC;
758 copied = len;
759 }
760
761 skb_reset_transport_header(skb);
762 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
763
764 switch (hci_pi(sk)->channel) {
765 case HCI_CHANNEL_RAW:
766 hci_sock_cmsg(sk, msg, skb);
767 break;
768 case HCI_CHANNEL_CONTROL:
769 case HCI_CHANNEL_MONITOR:
770 sock_recv_timestamp(msg, sk, skb);
771 break;
772 }
773
774 skb_free_datagram(sk, skb);
775
776 return err ? : copied;
777 }
778
779 static int hci_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
780 struct msghdr *msg, size_t len)
781 {
782 struct sock *sk = sock->sk;
783 struct hci_dev *hdev;
784 struct sk_buff *skb;
785 int err;
786
787 BT_DBG("sock %p sk %p", sock, sk);
788
789 if (msg->msg_flags & MSG_OOB)
790 return -EOPNOTSUPP;
791
792 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_NOSIGNAL|MSG_ERRQUEUE))
793 return -EINVAL;
794
795 if (len < 4 || len > HCI_MAX_FRAME_SIZE)
796 return -EINVAL;
797
798 lock_sock(sk);
799
800 switch (hci_pi(sk)->channel) {
801 case HCI_CHANNEL_RAW:
802 break;
803 case HCI_CHANNEL_CONTROL:
804 err = mgmt_control(sk, msg, len);
805 goto done;
806 case HCI_CHANNEL_MONITOR:
807 err = -EOPNOTSUPP;
808 goto done;
809 default:
810 err = -EINVAL;
811 goto done;
812 }
813
814 hdev = hci_pi(sk)->hdev;
815 if (!hdev) {
816 err = -EBADFD;
817 goto done;
818 }
819
820 if (!test_bit(HCI_UP, &hdev->flags)) {
821 err = -ENETDOWN;
822 goto done;
823 }
824
825 skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err);
826 if (!skb)
827 goto done;
828
829 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) {
830 err = -EFAULT;
831 goto drop;
832 }
833
834 bt_cb(skb)->pkt_type = *((unsigned char *) skb->data);
835 skb_pull(skb, 1);
836 skb->dev = (void *) hdev;
837
838 if (bt_cb(skb)->pkt_type == HCI_COMMAND_PKT) {
839 u16 opcode = get_unaligned_le16(skb->data);
840 u16 ogf = hci_opcode_ogf(opcode);
841 u16 ocf = hci_opcode_ocf(opcode);
842
843 if (((ogf > HCI_SFLT_MAX_OGF) ||
844 !hci_test_bit(ocf & HCI_FLT_OCF_BITS,
845 &hci_sec_filter.ocf_mask[ogf])) &&
846 !capable(CAP_NET_RAW)) {
847 err = -EPERM;
848 goto drop;
849 }
850
851 if (test_bit(HCI_RAW, &hdev->flags) || (ogf == 0x3f)) {
852 skb_queue_tail(&hdev->raw_q, skb);
853 queue_work(hdev->workqueue, &hdev->tx_work);
854 } else {
855 /* Stand-alone HCI commands must be flaged as
856 * single-command requests.
857 */
858 bt_cb(skb)->req.start = true;
859
860 skb_queue_tail(&hdev->cmd_q, skb);
861 queue_work(hdev->workqueue, &hdev->cmd_work);
862 }
863 } else {
864 if (!capable(CAP_NET_RAW)) {
865 err = -EPERM;
866 goto drop;
867 }
868
869 skb_queue_tail(&hdev->raw_q, skb);
870 queue_work(hdev->workqueue, &hdev->tx_work);
871 }
872
873 err = len;
874
875 done:
876 release_sock(sk);
877 return err;
878
879 drop:
880 kfree_skb(skb);
881 goto done;
882 }
883
884 static int hci_sock_setsockopt(struct socket *sock, int level, int optname,
885 char __user *optval, unsigned int len)
886 {
887 struct hci_ufilter uf = { .opcode = 0 };
888 struct sock *sk = sock->sk;
889 int err = 0, opt = 0;
890
891 BT_DBG("sk %p, opt %d", sk, optname);
892
893 lock_sock(sk);
894
895 if (hci_pi(sk)->channel != HCI_CHANNEL_RAW) {
896 err = -EINVAL;
897 goto done;
898 }
899
900 switch (optname) {
901 case HCI_DATA_DIR:
902 if (get_user(opt, (int __user *)optval)) {
903 err = -EFAULT;
904 break;
905 }
906
907 if (opt)
908 hci_pi(sk)->cmsg_mask |= HCI_CMSG_DIR;
909 else
910 hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_DIR;
911 break;
912
913 case HCI_TIME_STAMP:
914 if (get_user(opt, (int __user *)optval)) {
915 err = -EFAULT;
916 break;
917 }
918
919 if (opt)
920 hci_pi(sk)->cmsg_mask |= HCI_CMSG_TSTAMP;
921 else
922 hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_TSTAMP;
923 break;
924
925 case HCI_FILTER:
926 {
927 struct hci_filter *f = &hci_pi(sk)->filter;
928
929 uf.type_mask = f->type_mask;
930 uf.opcode = f->opcode;
931 uf.event_mask[0] = *((u32 *) f->event_mask + 0);
932 uf.event_mask[1] = *((u32 *) f->event_mask + 1);
933 }
934
935 len = min_t(unsigned int, len, sizeof(uf));
936 if (copy_from_user(&uf, optval, len)) {
937 err = -EFAULT;
938 break;
939 }
940
941 if (!capable(CAP_NET_RAW)) {
942 uf.type_mask &= hci_sec_filter.type_mask;
943 uf.event_mask[0] &= *((u32 *) hci_sec_filter.event_mask + 0);
944 uf.event_mask[1] &= *((u32 *) hci_sec_filter.event_mask + 1);
945 }
946
947 {
948 struct hci_filter *f = &hci_pi(sk)->filter;
949
950 f->type_mask = uf.type_mask;
951 f->opcode = uf.opcode;
952 *((u32 *) f->event_mask + 0) = uf.event_mask[0];
953 *((u32 *) f->event_mask + 1) = uf.event_mask[1];
954 }
955 break;
956
957 default:
958 err = -ENOPROTOOPT;
959 break;
960 }
961
962 done:
963 release_sock(sk);
964 return err;
965 }
966
967 static int hci_sock_getsockopt(struct socket *sock, int level, int optname,
968 char __user *optval, int __user *optlen)
969 {
970 struct hci_ufilter uf;
971 struct sock *sk = sock->sk;
972 int len, opt, err = 0;
973
974 BT_DBG("sk %p, opt %d", sk, optname);
975
976 if (get_user(len, optlen))
977 return -EFAULT;
978
979 lock_sock(sk);
980
981 if (hci_pi(sk)->channel != HCI_CHANNEL_RAW) {
982 err = -EINVAL;
983 goto done;
984 }
985
986 switch (optname) {
987 case HCI_DATA_DIR:
988 if (hci_pi(sk)->cmsg_mask & HCI_CMSG_DIR)
989 opt = 1;
990 else
991 opt = 0;
992
993 if (put_user(opt, optval))
994 err = -EFAULT;
995 break;
996
997 case HCI_TIME_STAMP:
998 if (hci_pi(sk)->cmsg_mask & HCI_CMSG_TSTAMP)
999 opt = 1;
1000 else
1001 opt = 0;
1002
1003 if (put_user(opt, optval))
1004 err = -EFAULT;
1005 break;
1006
1007 case HCI_FILTER:
1008 {
1009 struct hci_filter *f = &hci_pi(sk)->filter;
1010
1011 memset(&uf, 0, sizeof(uf));
1012 uf.type_mask = f->type_mask;
1013 uf.opcode = f->opcode;
1014 uf.event_mask[0] = *((u32 *) f->event_mask + 0);
1015 uf.event_mask[1] = *((u32 *) f->event_mask + 1);
1016 }
1017
1018 len = min_t(unsigned int, len, sizeof(uf));
1019 if (copy_to_user(optval, &uf, len))
1020 err = -EFAULT;
1021 break;
1022
1023 default:
1024 err = -ENOPROTOOPT;
1025 break;
1026 }
1027
1028 done:
1029 release_sock(sk);
1030 return err;
1031 }
1032
1033 static const struct proto_ops hci_sock_ops = {
1034 .family = PF_BLUETOOTH,
1035 .owner = THIS_MODULE,
1036 .release = hci_sock_release,
1037 .bind = hci_sock_bind,
1038 .getname = hci_sock_getname,
1039 .sendmsg = hci_sock_sendmsg,
1040 .recvmsg = hci_sock_recvmsg,
1041 .ioctl = hci_sock_ioctl,
1042 .poll = datagram_poll,
1043 .listen = sock_no_listen,
1044 .shutdown = sock_no_shutdown,
1045 .setsockopt = hci_sock_setsockopt,
1046 .getsockopt = hci_sock_getsockopt,
1047 .connect = sock_no_connect,
1048 .socketpair = sock_no_socketpair,
1049 .accept = sock_no_accept,
1050 .mmap = sock_no_mmap
1051 };
1052
1053 static struct proto hci_sk_proto = {
1054 .name = "HCI",
1055 .owner = THIS_MODULE,
1056 .obj_size = sizeof(struct hci_pinfo)
1057 };
1058
1059 static int hci_sock_create(struct net *net, struct socket *sock, int protocol,
1060 int kern)
1061 {
1062 struct sock *sk;
1063
1064 BT_DBG("sock %p", sock);
1065
1066 if (sock->type != SOCK_RAW)
1067 return -ESOCKTNOSUPPORT;
1068
1069 sock->ops = &hci_sock_ops;
1070
1071 sk = sk_alloc(net, PF_BLUETOOTH, GFP_ATOMIC, &hci_sk_proto);
1072 if (!sk)
1073 return -ENOMEM;
1074
1075 sock_init_data(sock, sk);
1076
1077 sock_reset_flag(sk, SOCK_ZAPPED);
1078
1079 sk->sk_protocol = protocol;
1080
1081 sock->state = SS_UNCONNECTED;
1082 sk->sk_state = BT_OPEN;
1083
1084 bt_sock_link(&hci_sk_list, sk);
1085 return 0;
1086 }
1087
1088 static const struct net_proto_family hci_sock_family_ops = {
1089 .family = PF_BLUETOOTH,
1090 .owner = THIS_MODULE,
1091 .create = hci_sock_create,
1092 };
1093
1094 int __init hci_sock_init(void)
1095 {
1096 int err;
1097
1098 err = proto_register(&hci_sk_proto, 0);
1099 if (err < 0)
1100 return err;
1101
1102 err = bt_sock_register(BTPROTO_HCI, &hci_sock_family_ops);
1103 if (err < 0) {
1104 BT_ERR("HCI socket registration failed");
1105 goto error;
1106 }
1107
1108 err = bt_procfs_init(&init_net, "hci", &hci_sk_list, NULL);
1109 if (err < 0) {
1110 BT_ERR("Failed to create HCI proc file");
1111 bt_sock_unregister(BTPROTO_HCI);
1112 goto error;
1113 }
1114
1115 BT_INFO("HCI socket layer initialized");
1116
1117 return 0;
1118
1119 error:
1120 proto_unregister(&hci_sk_proto);
1121 return err;
1122 }
1123
1124 void hci_sock_cleanup(void)
1125 {
1126 bt_procfs_cleanup(&init_net, "hci");
1127 bt_sock_unregister(BTPROTO_HCI);
1128 proto_unregister(&hci_sk_proto);
1129 }
Linux with added FPC-III support