Linux 2.6.17.7
[linux/fpc-iii.git] / net / bluetooth / hci_sock.c
blob97bdec73d17e9fcbc4ffdfcb75c5613c3b9e9c44
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI sockets. */
27 #include <linux/config.h>
28 #include <linux/module.h>
30 #include <linux/types.h>
31 #include <linux/capability.h>
32 #include <linux/errno.h>
33 #include <linux/kernel.h>
34 #include <linux/sched.h>
35 #include <linux/slab.h>
36 #include <linux/poll.h>
37 #include <linux/fcntl.h>
38 #include <linux/init.h>
39 #include <linux/skbuff.h>
40 #include <linux/workqueue.h>
41 #include <linux/interrupt.h>
42 #include <linux/socket.h>
43 #include <linux/ioctl.h>
44 #include <net/sock.h>
46 #include <asm/system.h>
47 #include <asm/uaccess.h>
48 #include <asm/unaligned.h>
50 #include <net/bluetooth/bluetooth.h>
51 #include <net/bluetooth/hci_core.h>
53 #ifndef CONFIG_BT_HCI_SOCK_DEBUG
54 #undef BT_DBG
55 #define BT_DBG(D...)
56 #endif
58 /* ----- HCI socket interface ----- */
60 static inline int hci_test_bit(int nr, void *addr)
62 return *((__u32 *) addr + (nr >> 5)) & ((__u32) 1 << (nr & 31));
65 /* Security filter */
66 static struct hci_sec_filter hci_sec_filter = {
67 /* Packet types */
68 0x10,
69 /* Events */
70 { 0x1000d9fe, 0x0000b00c },
71 /* Commands */
73 { 0x0 },
74 /* OGF_LINK_CTL */
75 { 0xbe000006, 0x00000001, 0x000000, 0x00 },
76 /* OGF_LINK_POLICY */
77 { 0x00005200, 0x00000000, 0x000000, 0x00 },
78 /* OGF_HOST_CTL */
79 { 0xaab00200, 0x2b402aaa, 0x020154, 0x00 },
80 /* OGF_INFO_PARAM */
81 { 0x000002be, 0x00000000, 0x000000, 0x00 },
82 /* OGF_STATUS_PARAM */
83 { 0x000000ea, 0x00000000, 0x000000, 0x00 }
87 static struct bt_sock_list hci_sk_list = {
88 .lock = RW_LOCK_UNLOCKED
91 /* Send frame to RAW socket */
92 void hci_send_to_sock(struct hci_dev *hdev, struct sk_buff *skb)
94 struct sock *sk;
95 struct hlist_node *node;
97 BT_DBG("hdev %p len %d", hdev, skb->len);
99 read_lock(&hci_sk_list.lock);
100 sk_for_each(sk, node, &hci_sk_list.head) {
101 struct hci_filter *flt;
102 struct sk_buff *nskb;
104 if (sk->sk_state != BT_BOUND || hci_pi(sk)->hdev != hdev)
105 continue;
107 /* Don't send frame to the socket it came from */
108 if (skb->sk == sk)
109 continue;
111 /* Apply filter */
112 flt = &hci_pi(sk)->filter;
114 if (!test_bit((bt_cb(skb)->pkt_type == HCI_VENDOR_PKT) ?
115 0 : (bt_cb(skb)->pkt_type & HCI_FLT_TYPE_BITS), &flt->type_mask))
116 continue;
118 if (bt_cb(skb)->pkt_type == HCI_EVENT_PKT) {
119 register int evt = (*(__u8 *)skb->data & HCI_FLT_EVENT_BITS);
121 if (!hci_test_bit(evt, &flt->event_mask))
122 continue;
124 if (flt->opcode && ((evt == HCI_EV_CMD_COMPLETE &&
125 flt->opcode != *(__u16 *)(skb->data + 3)) ||
126 (evt == HCI_EV_CMD_STATUS &&
127 flt->opcode != *(__u16 *)(skb->data + 4))))
128 continue;
131 if (!(nskb = skb_clone(skb, GFP_ATOMIC)))
132 continue;
134 /* Put type byte before the data */
135 memcpy(skb_push(nskb, 1), &bt_cb(nskb)->pkt_type, 1);
137 if (sock_queue_rcv_skb(sk, nskb))
138 kfree_skb(nskb);
140 read_unlock(&hci_sk_list.lock);
143 static int hci_sock_release(struct socket *sock)
145 struct sock *sk = sock->sk;
146 struct hci_dev *hdev;
148 BT_DBG("sock %p sk %p", sock, sk);
150 if (!sk)
151 return 0;
153 hdev = hci_pi(sk)->hdev;
155 bt_sock_unlink(&hci_sk_list, sk);
157 if (hdev) {
158 atomic_dec(&hdev->promisc);
159 hci_dev_put(hdev);
162 sock_orphan(sk);
164 skb_queue_purge(&sk->sk_receive_queue);
165 skb_queue_purge(&sk->sk_write_queue);
167 sock_put(sk);
168 return 0;
171 /* Ioctls that require bound socket */
172 static inline int hci_sock_bound_ioctl(struct sock *sk, unsigned int cmd, unsigned long arg)
174 struct hci_dev *hdev = hci_pi(sk)->hdev;
176 if (!hdev)
177 return -EBADFD;
179 switch (cmd) {
180 case HCISETRAW:
181 if (!capable(CAP_NET_ADMIN))
182 return -EACCES;
184 if (test_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks))
185 return -EPERM;
187 if (arg)
188 set_bit(HCI_RAW, &hdev->flags);
189 else
190 clear_bit(HCI_RAW, &hdev->flags);
192 return 0;
194 case HCISETSECMGR:
195 if (!capable(CAP_NET_ADMIN))
196 return -EACCES;
198 if (arg)
199 set_bit(HCI_SECMGR, &hdev->flags);
200 else
201 clear_bit(HCI_SECMGR, &hdev->flags);
203 return 0;
205 case HCIGETCONNINFO:
206 return hci_get_conn_info(hdev, (void __user *)arg);
208 default:
209 if (hdev->ioctl)
210 return hdev->ioctl(hdev, cmd, arg);
211 return -EINVAL;
215 static int hci_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
217 struct sock *sk = sock->sk;
218 void __user *argp = (void __user *)arg;
219 int err;
221 BT_DBG("cmd %x arg %lx", cmd, arg);
223 switch (cmd) {
224 case HCIGETDEVLIST:
225 return hci_get_dev_list(argp);
227 case HCIGETDEVINFO:
228 return hci_get_dev_info(argp);
230 case HCIGETCONNLIST:
231 return hci_get_conn_list(argp);
233 case HCIDEVUP:
234 if (!capable(CAP_NET_ADMIN))
235 return -EACCES;
236 return hci_dev_open(arg);
238 case HCIDEVDOWN:
239 if (!capable(CAP_NET_ADMIN))
240 return -EACCES;
241 return hci_dev_close(arg);
243 case HCIDEVRESET:
244 if (!capable(CAP_NET_ADMIN))
245 return -EACCES;
246 return hci_dev_reset(arg);
248 case HCIDEVRESTAT:
249 if (!capable(CAP_NET_ADMIN))
250 return -EACCES;
251 return hci_dev_reset_stat(arg);
253 case HCISETSCAN:
254 case HCISETAUTH:
255 case HCISETENCRYPT:
256 case HCISETPTYPE:
257 case HCISETLINKPOL:
258 case HCISETLINKMODE:
259 case HCISETACLMTU:
260 case HCISETSCOMTU:
261 if (!capable(CAP_NET_ADMIN))
262 return -EACCES;
263 return hci_dev_cmd(cmd, argp);
265 case HCIINQUIRY:
266 return hci_inquiry(argp);
268 default:
269 lock_sock(sk);
270 err = hci_sock_bound_ioctl(sk, cmd, arg);
271 release_sock(sk);
272 return err;
276 static int hci_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
278 struct sockaddr_hci *haddr = (struct sockaddr_hci *) addr;
279 struct sock *sk = sock->sk;
280 struct hci_dev *hdev = NULL;
281 int err = 0;
283 BT_DBG("sock %p sk %p", sock, sk);
285 if (!haddr || haddr->hci_family != AF_BLUETOOTH)
286 return -EINVAL;
288 lock_sock(sk);
290 if (hci_pi(sk)->hdev) {
291 err = -EALREADY;
292 goto done;
295 if (haddr->hci_dev != HCI_DEV_NONE) {
296 if (!(hdev = hci_dev_get(haddr->hci_dev))) {
297 err = -ENODEV;
298 goto done;
301 atomic_inc(&hdev->promisc);
304 hci_pi(sk)->hdev = hdev;
305 sk->sk_state = BT_BOUND;
307 done:
308 release_sock(sk);
309 return err;
312 static int hci_sock_getname(struct socket *sock, struct sockaddr *addr, int *addr_len, int peer)
314 struct sockaddr_hci *haddr = (struct sockaddr_hci *) addr;
315 struct sock *sk = sock->sk;
316 struct hci_dev *hdev = hci_pi(sk)->hdev;
318 BT_DBG("sock %p sk %p", sock, sk);
320 if (!hdev)
321 return -EBADFD;
323 lock_sock(sk);
325 *addr_len = sizeof(*haddr);
326 haddr->hci_family = AF_BLUETOOTH;
327 haddr->hci_dev = hdev->id;
329 release_sock(sk);
330 return 0;
333 static inline void hci_sock_cmsg(struct sock *sk, struct msghdr *msg, struct sk_buff *skb)
335 __u32 mask = hci_pi(sk)->cmsg_mask;
337 if (mask & HCI_CMSG_DIR) {
338 int incoming = bt_cb(skb)->incoming;
339 put_cmsg(msg, SOL_HCI, HCI_CMSG_DIR, sizeof(incoming), &incoming);
342 if (mask & HCI_CMSG_TSTAMP) {
343 struct timeval tv;
345 skb_get_timestamp(skb, &tv);
346 put_cmsg(msg, SOL_HCI, HCI_CMSG_TSTAMP, sizeof(tv), &tv);
350 static int hci_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
351 struct msghdr *msg, size_t len, int flags)
353 int noblock = flags & MSG_DONTWAIT;
354 struct sock *sk = sock->sk;
355 struct sk_buff *skb;
356 int copied, err;
358 BT_DBG("sock %p, sk %p", sock, sk);
360 if (flags & (MSG_OOB))
361 return -EOPNOTSUPP;
363 if (sk->sk_state == BT_CLOSED)
364 return 0;
366 if (!(skb = skb_recv_datagram(sk, flags, noblock, &err)))
367 return err;
369 msg->msg_namelen = 0;
371 copied = skb->len;
372 if (len < copied) {
373 msg->msg_flags |= MSG_TRUNC;
374 copied = len;
377 skb->h.raw = skb->data;
378 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
380 hci_sock_cmsg(sk, msg, skb);
382 skb_free_datagram(sk, skb);
384 return err ? : copied;
387 static int hci_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
388 struct msghdr *msg, size_t len)
390 struct sock *sk = sock->sk;
391 struct hci_dev *hdev;
392 struct sk_buff *skb;
393 int err;
395 BT_DBG("sock %p sk %p", sock, sk);
397 if (msg->msg_flags & MSG_OOB)
398 return -EOPNOTSUPP;
400 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_NOSIGNAL|MSG_ERRQUEUE))
401 return -EINVAL;
403 if (len < 4 || len > HCI_MAX_FRAME_SIZE)
404 return -EINVAL;
406 lock_sock(sk);
408 if (!(hdev = hci_pi(sk)->hdev)) {
409 err = -EBADFD;
410 goto done;
413 if (!(skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err)))
414 goto done;
416 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) {
417 err = -EFAULT;
418 goto drop;
421 bt_cb(skb)->pkt_type = *((unsigned char *) skb->data);
422 skb_pull(skb, 1);
423 skb->dev = (void *) hdev;
425 if (bt_cb(skb)->pkt_type == HCI_COMMAND_PKT) {
426 u16 opcode = __le16_to_cpu(get_unaligned((__le16 *) skb->data));
427 u16 ogf = hci_opcode_ogf(opcode);
428 u16 ocf = hci_opcode_ocf(opcode);
430 if (((ogf > HCI_SFLT_MAX_OGF) ||
431 !hci_test_bit(ocf & HCI_FLT_OCF_BITS, &hci_sec_filter.ocf_mask[ogf])) &&
432 !capable(CAP_NET_RAW)) {
433 err = -EPERM;
434 goto drop;
437 if (test_bit(HCI_RAW, &hdev->flags) || (ogf == OGF_VENDOR_CMD)) {
438 skb_queue_tail(&hdev->raw_q, skb);
439 hci_sched_tx(hdev);
440 } else {
441 skb_queue_tail(&hdev->cmd_q, skb);
442 hci_sched_cmd(hdev);
444 } else {
445 if (!capable(CAP_NET_RAW)) {
446 err = -EPERM;
447 goto drop;
450 skb_queue_tail(&hdev->raw_q, skb);
451 hci_sched_tx(hdev);
454 err = len;
456 done:
457 release_sock(sk);
458 return err;
460 drop:
461 kfree_skb(skb);
462 goto done;
465 static int hci_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int len)
467 struct hci_ufilter uf = { .opcode = 0 };
468 struct sock *sk = sock->sk;
469 int err = 0, opt = 0;
471 BT_DBG("sk %p, opt %d", sk, optname);
473 lock_sock(sk);
475 switch (optname) {
476 case HCI_DATA_DIR:
477 if (get_user(opt, (int __user *)optval)) {
478 err = -EFAULT;
479 break;
482 if (opt)
483 hci_pi(sk)->cmsg_mask |= HCI_CMSG_DIR;
484 else
485 hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_DIR;
486 break;
488 case HCI_TIME_STAMP:
489 if (get_user(opt, (int __user *)optval)) {
490 err = -EFAULT;
491 break;
494 if (opt)
495 hci_pi(sk)->cmsg_mask |= HCI_CMSG_TSTAMP;
496 else
497 hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_TSTAMP;
498 break;
500 case HCI_FILTER:
501 len = min_t(unsigned int, len, sizeof(uf));
502 if (copy_from_user(&uf, optval, len)) {
503 err = -EFAULT;
504 break;
507 if (!capable(CAP_NET_RAW)) {
508 uf.type_mask &= hci_sec_filter.type_mask;
509 uf.event_mask[0] &= *((u32 *) hci_sec_filter.event_mask + 0);
510 uf.event_mask[1] &= *((u32 *) hci_sec_filter.event_mask + 1);
514 struct hci_filter *f = &hci_pi(sk)->filter;
516 f->type_mask = uf.type_mask;
517 f->opcode = uf.opcode;
518 *((u32 *) f->event_mask + 0) = uf.event_mask[0];
519 *((u32 *) f->event_mask + 1) = uf.event_mask[1];
521 break;
523 default:
524 err = -ENOPROTOOPT;
525 break;
528 release_sock(sk);
529 return err;
532 static int hci_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
534 struct hci_ufilter uf;
535 struct sock *sk = sock->sk;
536 int len, opt;
538 if (get_user(len, optlen))
539 return -EFAULT;
541 switch (optname) {
542 case HCI_DATA_DIR:
543 if (hci_pi(sk)->cmsg_mask & HCI_CMSG_DIR)
544 opt = 1;
545 else
546 opt = 0;
548 if (put_user(opt, optval))
549 return -EFAULT;
550 break;
552 case HCI_TIME_STAMP:
553 if (hci_pi(sk)->cmsg_mask & HCI_CMSG_TSTAMP)
554 opt = 1;
555 else
556 opt = 0;
558 if (put_user(opt, optval))
559 return -EFAULT;
560 break;
562 case HCI_FILTER:
564 struct hci_filter *f = &hci_pi(sk)->filter;
566 uf.type_mask = f->type_mask;
567 uf.opcode = f->opcode;
568 uf.event_mask[0] = *((u32 *) f->event_mask + 0);
569 uf.event_mask[1] = *((u32 *) f->event_mask + 1);
572 len = min_t(unsigned int, len, sizeof(uf));
573 if (copy_to_user(optval, &uf, len))
574 return -EFAULT;
575 break;
577 default:
578 return -ENOPROTOOPT;
579 break;
582 return 0;
585 static const struct proto_ops hci_sock_ops = {
586 .family = PF_BLUETOOTH,
587 .owner = THIS_MODULE,
588 .release = hci_sock_release,
589 .bind = hci_sock_bind,
590 .getname = hci_sock_getname,
591 .sendmsg = hci_sock_sendmsg,
592 .recvmsg = hci_sock_recvmsg,
593 .ioctl = hci_sock_ioctl,
594 .poll = datagram_poll,
595 .listen = sock_no_listen,
596 .shutdown = sock_no_shutdown,
597 .setsockopt = hci_sock_setsockopt,
598 .getsockopt = hci_sock_getsockopt,
599 .connect = sock_no_connect,
600 .socketpair = sock_no_socketpair,
601 .accept = sock_no_accept,
602 .mmap = sock_no_mmap
605 static struct proto hci_sk_proto = {
606 .name = "HCI",
607 .owner = THIS_MODULE,
608 .obj_size = sizeof(struct hci_pinfo)
611 static int hci_sock_create(struct socket *sock, int protocol)
613 struct sock *sk;
615 BT_DBG("sock %p", sock);
617 if (sock->type != SOCK_RAW)
618 return -ESOCKTNOSUPPORT;
620 sock->ops = &hci_sock_ops;
622 sk = sk_alloc(PF_BLUETOOTH, GFP_KERNEL, &hci_sk_proto, 1);
623 if (!sk)
624 return -ENOMEM;
626 sock_init_data(sock, sk);
628 sock_reset_flag(sk, SOCK_ZAPPED);
630 sk->sk_protocol = protocol;
632 sock->state = SS_UNCONNECTED;
633 sk->sk_state = BT_OPEN;
635 bt_sock_link(&hci_sk_list, sk);
636 return 0;
639 static int hci_sock_dev_event(struct notifier_block *this, unsigned long event, void *ptr)
641 struct hci_dev *hdev = (struct hci_dev *) ptr;
642 struct hci_ev_si_device ev;
644 BT_DBG("hdev %s event %ld", hdev->name, event);
646 /* Send event to sockets */
647 ev.event = event;
648 ev.dev_id = hdev->id;
649 hci_si_event(NULL, HCI_EV_SI_DEVICE, sizeof(ev), &ev);
651 if (event == HCI_DEV_UNREG) {
652 struct sock *sk;
653 struct hlist_node *node;
655 /* Detach sockets from device */
656 read_lock(&hci_sk_list.lock);
657 sk_for_each(sk, node, &hci_sk_list.head) {
658 bh_lock_sock(sk);
659 if (hci_pi(sk)->hdev == hdev) {
660 hci_pi(sk)->hdev = NULL;
661 sk->sk_err = EPIPE;
662 sk->sk_state = BT_OPEN;
663 sk->sk_state_change(sk);
665 hci_dev_put(hdev);
667 bh_unlock_sock(sk);
669 read_unlock(&hci_sk_list.lock);
672 return NOTIFY_DONE;
675 static struct net_proto_family hci_sock_family_ops = {
676 .family = PF_BLUETOOTH,
677 .owner = THIS_MODULE,
678 .create = hci_sock_create,
681 static struct notifier_block hci_sock_nblock = {
682 .notifier_call = hci_sock_dev_event
685 int __init hci_sock_init(void)
687 int err;
689 err = proto_register(&hci_sk_proto, 0);
690 if (err < 0)
691 return err;
693 err = bt_sock_register(BTPROTO_HCI, &hci_sock_family_ops);
694 if (err < 0)
695 goto error;
697 hci_register_notifier(&hci_sock_nblock);
699 BT_INFO("HCI socket layer initialized");
701 return 0;
703 error:
704 BT_ERR("HCI socket registration failed");
705 proto_unregister(&hci_sk_proto);
706 return err;
709 int __exit hci_sock_cleanup(void)
711 if (bt_sock_unregister(BTPROTO_HCI) < 0)
712 BT_ERR("HCI socket unregistration failed");
714 hci_unregister_notifier(&hci_sock_nblock);
716 proto_unregister(&hci_sk_proto);
718 return 0;