projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Bluetooth: Move l2cap_chan_hold/put to l2cap_core.c
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / l2cap_sock.c
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
6 Copyright (C) 2011 ProFUSION Embedded Systems
7
8 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
9
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License version 2 as
12 published by the Free Software Foundation;
13
14 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
17 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
18 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
19 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
22
23 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
24 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
25 SOFTWARE IS DISCLAIMED.
26 */
27
28 /* Bluetooth L2CAP sockets. */
29
30 #include <linux/export.h>
31
32 #include <net/bluetooth/bluetooth.h>
33 #include <net/bluetooth/hci_core.h>
34 #include <net/bluetooth/l2cap.h>
35 #include <net/bluetooth/smp.h>
36
37 static const struct proto_ops l2cap_sock_ops;
38 static void l2cap_sock_init(struct sock *sk, struct sock *parent);
39 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio);
40
41 static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
42 {
43 struct sock *sk = sock->sk;
44 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
45 struct sockaddr_l2 la;
46 int len, err = 0;
47
48 BT_DBG("sk %p", sk);
49
50 if (!addr || addr->sa_family != AF_BLUETOOTH)
51 return -EINVAL;
52
53 memset(&la, 0, sizeof(la));
54 len = min_t(unsigned int, sizeof(la), alen);
55 memcpy(&la, addr, len);
56
57 if (la.l2_cid && la.l2_psm)
58 return -EINVAL;
59
60 lock_sock(sk);
61
62 if (sk->sk_state != BT_OPEN) {
63 err = -EBADFD;
64 goto done;
65 }
66
67 if (la.l2_psm) {
68 __u16 psm = __le16_to_cpu(la.l2_psm);
69
70 /* PSM must be odd and lsb of upper byte must be 0 */
71 if ((psm & 0x0101) != 0x0001) {
72 err = -EINVAL;
73 goto done;
74 }
75
76 /* Restrict usage of well-known PSMs */
77 if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) {
78 err = -EACCES;
79 goto done;
80 }
81 }
82
83 if (la.l2_cid)
84 err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));
85 else
86 err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
87
88 if (err < 0)
89 goto done;
90
91 if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_SDP ||
92 __le16_to_cpu(la.l2_psm) == L2CAP_PSM_RFCOMM)
93 chan->sec_level = BT_SECURITY_SDP;
94
95 bacpy(&bt_sk(sk)->src, &la.l2_bdaddr);
96
97 chan->state = BT_BOUND;
98 sk->sk_state = BT_BOUND;
99
100 done:
101 release_sock(sk);
102 return err;
103 }
104
105 static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
106 {
107 struct sock *sk = sock->sk;
108 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
109 struct sockaddr_l2 la;
110 int len, err = 0;
111
112 BT_DBG("sk %p", sk);
113
114 if (!addr || alen < sizeof(addr->sa_family) ||
115 addr->sa_family != AF_BLUETOOTH)
116 return -EINVAL;
117
118 memset(&la, 0, sizeof(la));
119 len = min_t(unsigned int, sizeof(la), alen);
120 memcpy(&la, addr, len);
121
122 if (la.l2_cid && la.l2_psm)
123 return -EINVAL;
124
125 err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid),
126 &la.l2_bdaddr, la.l2_bdaddr_type);
127 if (err)
128 return err;
129
130 lock_sock(sk);
131
132 err = bt_sock_wait_state(sk, BT_CONNECTED,
133 sock_sndtimeo(sk, flags & O_NONBLOCK));
134
135 release_sock(sk);
136
137 return err;
138 }
139
140 static int l2cap_sock_listen(struct socket *sock, int backlog)
141 {
142 struct sock *sk = sock->sk;
143 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
144 int err = 0;
145
146 BT_DBG("sk %p backlog %d", sk, backlog);
147
148 lock_sock(sk);
149
150 if (sk->sk_state != BT_BOUND) {
151 err = -EBADFD;
152 goto done;
153 }
154
155 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM) {
156 err = -EINVAL;
157 goto done;
158 }
159
160 switch (chan->mode) {
161 case L2CAP_MODE_BASIC:
162 break;
163 case L2CAP_MODE_ERTM:
164 case L2CAP_MODE_STREAMING:
165 if (!disable_ertm)
166 break;
167 /* fall through */
168 default:
169 err = -ENOTSUPP;
170 goto done;
171 }
172
173 sk->sk_max_ack_backlog = backlog;
174 sk->sk_ack_backlog = 0;
175
176 chan->state = BT_LISTEN;
177 sk->sk_state = BT_LISTEN;
178
179 done:
180 release_sock(sk);
181 return err;
182 }
183
184 static int l2cap_sock_accept(struct socket *sock, struct socket *newsock, int flags)
185 {
186 DECLARE_WAITQUEUE(wait, current);
187 struct sock *sk = sock->sk, *nsk;
188 long timeo;
189 int err = 0;
190
191 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
192
193 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
194
195 BT_DBG("sk %p timeo %ld", sk, timeo);
196
197 /* Wait for an incoming connection. (wake-one). */
198 add_wait_queue_exclusive(sk_sleep(sk), &wait);
199 while (1) {
200 set_current_state(TASK_INTERRUPTIBLE);
201
202 if (sk->sk_state != BT_LISTEN) {
203 err = -EBADFD;
204 break;
205 }
206
207 nsk = bt_accept_dequeue(sk, newsock);
208 if (nsk)
209 break;
210
211 if (!timeo) {
212 err = -EAGAIN;
213 break;
214 }
215
216 if (signal_pending(current)) {
217 err = sock_intr_errno(timeo);
218 break;
219 }
220
221 release_sock(sk);
222 timeo = schedule_timeout(timeo);
223 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
224 }
225 __set_current_state(TASK_RUNNING);
226 remove_wait_queue(sk_sleep(sk), &wait);
227
228 if (err)
229 goto done;
230
231 newsock->state = SS_CONNECTED;
232
233 BT_DBG("new socket %p", nsk);
234
235 done:
236 release_sock(sk);
237 return err;
238 }
239
240 static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
241 {
242 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
243 struct sock *sk = sock->sk;
244 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
245
246 BT_DBG("sock %p, sk %p", sock, sk);
247
248 addr->sa_family = AF_BLUETOOTH;
249 *len = sizeof(struct sockaddr_l2);
250
251 if (peer) {
252 la->l2_psm = chan->psm;
253 bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst);
254 la->l2_cid = cpu_to_le16(chan->dcid);
255 } else {
256 la->l2_psm = chan->sport;
257 bacpy(&la->l2_bdaddr, &bt_sk(sk)->src);
258 la->l2_cid = cpu_to_le16(chan->scid);
259 }
260
261 return 0;
262 }
263
264 static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
265 {
266 struct sock *sk = sock->sk;
267 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
268 struct l2cap_options opts;
269 struct l2cap_conninfo cinfo;
270 int len, err = 0;
271 u32 opt;
272
273 BT_DBG("sk %p", sk);
274
275 if (get_user(len, optlen))
276 return -EFAULT;
277
278 lock_sock(sk);
279
280 switch (optname) {
281 case L2CAP_OPTIONS:
282 memset(&opts, 0, sizeof(opts));
283 opts.imtu = chan->imtu;
284 opts.omtu = chan->omtu;
285 opts.flush_to = chan->flush_to;
286 opts.mode = chan->mode;
287 opts.fcs = chan->fcs;
288 opts.max_tx = chan->max_tx;
289 opts.txwin_size = chan->tx_win;
290
291 len = min_t(unsigned int, len, sizeof(opts));
292 if (copy_to_user(optval, (char *) &opts, len))
293 err = -EFAULT;
294
295 break;
296
297 case L2CAP_LM:
298 switch (chan->sec_level) {
299 case BT_SECURITY_LOW:
300 opt = L2CAP_LM_AUTH;
301 break;
302 case BT_SECURITY_MEDIUM:
303 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT;
304 break;
305 case BT_SECURITY_HIGH:
306 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
307 L2CAP_LM_SECURE;
308 break;
309 default:
310 opt = 0;
311 break;
312 }
313
314 if (test_bit(FLAG_ROLE_SWITCH, &chan->flags))
315 opt |= L2CAP_LM_MASTER;
316
317 if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags))
318 opt |= L2CAP_LM_RELIABLE;
319
320 if (put_user(opt, (u32 __user *) optval))
321 err = -EFAULT;
322 break;
323
324 case L2CAP_CONNINFO:
325 if (sk->sk_state != BT_CONNECTED &&
326 !(sk->sk_state == BT_CONNECT2 &&
327 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
328 err = -ENOTCONN;
329 break;
330 }
331
332 memset(&cinfo, 0, sizeof(cinfo));
333 cinfo.hci_handle = chan->conn->hcon->handle;
334 memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3);
335
336 len = min_t(unsigned int, len, sizeof(cinfo));
337 if (copy_to_user(optval, (char *) &cinfo, len))
338 err = -EFAULT;
339
340 break;
341
342 default:
343 err = -ENOPROTOOPT;
344 break;
345 }
346
347 release_sock(sk);
348 return err;
349 }
350
351 static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
352 {
353 struct sock *sk = sock->sk;
354 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
355 struct bt_security sec;
356 struct bt_power pwr;
357 int len, err = 0;
358
359 BT_DBG("sk %p", sk);
360
361 if (level == SOL_L2CAP)
362 return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
363
364 if (level != SOL_BLUETOOTH)
365 return -ENOPROTOOPT;
366
367 if (get_user(len, optlen))
368 return -EFAULT;
369
370 lock_sock(sk);
371
372 switch (optname) {
373 case BT_SECURITY:
374 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
375 chan->chan_type != L2CAP_CHAN_RAW) {
376 err = -EINVAL;
377 break;
378 }
379
380 memset(&sec, 0, sizeof(sec));
381 if (chan->conn)
382 sec.level = chan->conn->hcon->sec_level;
383 else
384 sec.level = chan->sec_level;
385
386 if (sk->sk_state == BT_CONNECTED)
387 sec.key_size = chan->conn->hcon->enc_key_size;
388
389 len = min_t(unsigned int, len, sizeof(sec));
390 if (copy_to_user(optval, (char *) &sec, len))
391 err = -EFAULT;
392
393 break;
394
395 case BT_DEFER_SETUP:
396 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
397 err = -EINVAL;
398 break;
399 }
400
401 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
402 (u32 __user *) optval))
403 err = -EFAULT;
404
405 break;
406
407 case BT_FLUSHABLE:
408 if (put_user(test_bit(FLAG_FLUSHABLE, &chan->flags),
409 (u32 __user *) optval))
410 err = -EFAULT;
411
412 break;
413
414 case BT_POWER:
415 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
416 && sk->sk_type != SOCK_RAW) {
417 err = -EINVAL;
418 break;
419 }
420
421 pwr.force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags);
422
423 len = min_t(unsigned int, len, sizeof(pwr));
424 if (copy_to_user(optval, (char *) &pwr, len))
425 err = -EFAULT;
426
427 break;
428
429 case BT_CHANNEL_POLICY:
430 if (!enable_hs) {
431 err = -ENOPROTOOPT;
432 break;
433 }
434
435 if (put_user(chan->chan_policy, (u32 __user *) optval))
436 err = -EFAULT;
437 break;
438
439 default:
440 err = -ENOPROTOOPT;
441 break;
442 }
443
444 release_sock(sk);
445 return err;
446 }
447
448 static bool l2cap_valid_mtu(struct l2cap_chan *chan, u16 mtu)
449 {
450 switch (chan->scid) {
451 case L2CAP_CID_LE_DATA:
452 if (mtu < L2CAP_LE_MIN_MTU)
453 return false;
454 break;
455
456 default:
457 if (mtu < L2CAP_DEFAULT_MIN_MTU)
458 return false;
459 }
460
461 return true;
462 }
463
464 static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __user *optval, unsigned int optlen)
465 {
466 struct sock *sk = sock->sk;
467 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
468 struct l2cap_options opts;
469 int len, err = 0;
470 u32 opt;
471
472 BT_DBG("sk %p", sk);
473
474 lock_sock(sk);
475
476 switch (optname) {
477 case L2CAP_OPTIONS:
478 if (sk->sk_state == BT_CONNECTED) {
479 err = -EINVAL;
480 break;
481 }
482
483 opts.imtu = chan->imtu;
484 opts.omtu = chan->omtu;
485 opts.flush_to = chan->flush_to;
486 opts.mode = chan->mode;
487 opts.fcs = chan->fcs;
488 opts.max_tx = chan->max_tx;
489 opts.txwin_size = chan->tx_win;
490
491 len = min_t(unsigned int, sizeof(opts), optlen);
492 if (copy_from_user((char *) &opts, optval, len)) {
493 err = -EFAULT;
494 break;
495 }
496
497 if (opts.txwin_size > L2CAP_DEFAULT_EXT_WINDOW) {
498 err = -EINVAL;
499 break;
500 }
501
502 if (!l2cap_valid_mtu(chan, opts.imtu)) {
503 err = -EINVAL;
504 break;
505 }
506
507 chan->mode = opts.mode;
508 switch (chan->mode) {
509 case L2CAP_MODE_BASIC:
510 clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);
511 break;
512 case L2CAP_MODE_ERTM:
513 case L2CAP_MODE_STREAMING:
514 if (!disable_ertm)
515 break;
516 /* fall through */
517 default:
518 err = -EINVAL;
519 break;
520 }
521
522 chan->imtu = opts.imtu;
523 chan->omtu = opts.omtu;
524 chan->fcs = opts.fcs;
525 chan->max_tx = opts.max_tx;
526 chan->tx_win = opts.txwin_size;
527 break;
528
529 case L2CAP_LM:
530 if (get_user(opt, (u32 __user *) optval)) {
531 err = -EFAULT;
532 break;
533 }
534
535 if (opt & L2CAP_LM_AUTH)
536 chan->sec_level = BT_SECURITY_LOW;
537 if (opt & L2CAP_LM_ENCRYPT)
538 chan->sec_level = BT_SECURITY_MEDIUM;
539 if (opt & L2CAP_LM_SECURE)
540 chan->sec_level = BT_SECURITY_HIGH;
541
542 if (opt & L2CAP_LM_MASTER)
543 set_bit(FLAG_ROLE_SWITCH, &chan->flags);
544 else
545 clear_bit(FLAG_ROLE_SWITCH, &chan->flags);
546
547 if (opt & L2CAP_LM_RELIABLE)
548 set_bit(FLAG_FORCE_RELIABLE, &chan->flags);
549 else
550 clear_bit(FLAG_FORCE_RELIABLE, &chan->flags);
551 break;
552
553 default:
554 err = -ENOPROTOOPT;
555 break;
556 }
557
558 release_sock(sk);
559 return err;
560 }
561
562 static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
563 {
564 struct sock *sk = sock->sk;
565 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
566 struct bt_security sec;
567 struct bt_power pwr;
568 struct l2cap_conn *conn;
569 int len, err = 0;
570 u32 opt;
571
572 BT_DBG("sk %p", sk);
573
574 if (level == SOL_L2CAP)
575 return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
576
577 if (level != SOL_BLUETOOTH)
578 return -ENOPROTOOPT;
579
580 lock_sock(sk);
581
582 switch (optname) {
583 case BT_SECURITY:
584 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
585 chan->chan_type != L2CAP_CHAN_RAW) {
586 err = -EINVAL;
587 break;
588 }
589
590 sec.level = BT_SECURITY_LOW;
591
592 len = min_t(unsigned int, sizeof(sec), optlen);
593 if (copy_from_user((char *) &sec, optval, len)) {
594 err = -EFAULT;
595 break;
596 }
597
598 if (sec.level < BT_SECURITY_LOW ||
599 sec.level > BT_SECURITY_HIGH) {
600 err = -EINVAL;
601 break;
602 }
603
604 chan->sec_level = sec.level;
605
606 if (!chan->conn)
607 break;
608
609 conn = chan->conn;
610
611 /*change security for LE channels */
612 if (chan->scid == L2CAP_CID_LE_DATA) {
613 if (!conn->hcon->out) {
614 err = -EINVAL;
615 break;
616 }
617
618 if (smp_conn_security(conn, sec.level))
619 break;
620 sk->sk_state = BT_CONFIG;
621 chan->state = BT_CONFIG;
622
623 /* or for ACL link */
624 } else if ((sk->sk_state == BT_CONNECT2 &&
625 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) ||
626 sk->sk_state == BT_CONNECTED) {
627 if (!l2cap_chan_check_security(chan))
628 set_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
629 else
630 sk->sk_state_change(sk);
631 } else {
632 err = -EINVAL;
633 }
634 break;
635
636 case BT_DEFER_SETUP:
637 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
638 err = -EINVAL;
639 break;
640 }
641
642 if (get_user(opt, (u32 __user *) optval)) {
643 err = -EFAULT;
644 break;
645 }
646
647 if (opt)
648 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
649 else
650 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
651 break;
652
653 case BT_FLUSHABLE:
654 if (get_user(opt, (u32 __user *) optval)) {
655 err = -EFAULT;
656 break;
657 }
658
659 if (opt > BT_FLUSHABLE_ON) {
660 err = -EINVAL;
661 break;
662 }
663
664 if (opt == BT_FLUSHABLE_OFF) {
665 struct l2cap_conn *conn = chan->conn;
666 /* proceed further only when we have l2cap_conn and
667 No Flush support in the LM */
668 if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) {
669 err = -EINVAL;
670 break;
671 }
672 }
673
674 if (opt)
675 set_bit(FLAG_FLUSHABLE, &chan->flags);
676 else
677 clear_bit(FLAG_FLUSHABLE, &chan->flags);
678 break;
679
680 case BT_POWER:
681 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
682 chan->chan_type != L2CAP_CHAN_RAW) {
683 err = -EINVAL;
684 break;
685 }
686
687 pwr.force_active = BT_POWER_FORCE_ACTIVE_ON;
688
689 len = min_t(unsigned int, sizeof(pwr), optlen);
690 if (copy_from_user((char *) &pwr, optval, len)) {
691 err = -EFAULT;
692 break;
693 }
694
695 if (pwr.force_active)
696 set_bit(FLAG_FORCE_ACTIVE, &chan->flags);
697 else
698 clear_bit(FLAG_FORCE_ACTIVE, &chan->flags);
699 break;
700
701 case BT_CHANNEL_POLICY:
702 if (!enable_hs) {
703 err = -ENOPROTOOPT;
704 break;
705 }
706
707 if (get_user(opt, (u32 __user *) optval)) {
708 err = -EFAULT;
709 break;
710 }
711
712 if (opt > BT_CHANNEL_POLICY_AMP_PREFERRED) {
713 err = -EINVAL;
714 break;
715 }
716
717 if (chan->mode != L2CAP_MODE_ERTM &&
718 chan->mode != L2CAP_MODE_STREAMING) {
719 err = -EOPNOTSUPP;
720 break;
721 }
722
723 chan->chan_policy = (u8) opt;
724 break;
725
726 default:
727 err = -ENOPROTOOPT;
728 break;
729 }
730
731 release_sock(sk);
732 return err;
733 }
734
735 static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len)
736 {
737 struct sock *sk = sock->sk;
738 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
739 int err;
740
741 BT_DBG("sock %p, sk %p", sock, sk);
742
743 err = sock_error(sk);
744 if (err)
745 return err;
746
747 if (msg->msg_flags & MSG_OOB)
748 return -EOPNOTSUPP;
749
750 if (sk->sk_state != BT_CONNECTED)
751 return -ENOTCONN;
752
753 l2cap_chan_lock(chan);
754 err = l2cap_chan_send(chan, msg, len, sk->sk_priority);
755 l2cap_chan_unlock(chan);
756
757 return err;
758 }
759
760 static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len, int flags)
761 {
762 struct sock *sk = sock->sk;
763 struct l2cap_pinfo *pi = l2cap_pi(sk);
764 int err;
765
766 lock_sock(sk);
767
768 if (sk->sk_state == BT_CONNECT2 && test_bit(BT_SK_DEFER_SETUP,
769 &bt_sk(sk)->flags)) {
770 sk->sk_state = BT_CONFIG;
771 pi->chan->state = BT_CONFIG;
772
773 __l2cap_connect_rsp_defer(pi->chan);
774 release_sock(sk);
775 return 0;
776 }
777
778 release_sock(sk);
779
780 if (sock->type == SOCK_STREAM)
781 err = bt_sock_stream_recvmsg(iocb, sock, msg, len, flags);
782 else
783 err = bt_sock_recvmsg(iocb, sock, msg, len, flags);
784
785 if (pi->chan->mode != L2CAP_MODE_ERTM)
786 return err;
787
788 /* Attempt to put pending rx data in the socket buffer */
789
790 lock_sock(sk);
791
792 if (!test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state))
793 goto done;
794
795 if (pi->rx_busy_skb) {
796 if (!sock_queue_rcv_skb(sk, pi->rx_busy_skb))
797 pi->rx_busy_skb = NULL;
798 else
799 goto done;
800 }
801
802 /* Restore data flow when half of the receive buffer is
803 * available. This avoids resending large numbers of
804 * frames.
805 */
806 if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1)
807 l2cap_chan_busy(pi->chan, 0);
808
809 done:
810 release_sock(sk);
811 return err;
812 }
813
814 /* Kill socket (only if zapped and orphan)
815 * Must be called on unlocked socket.
816 */
817 static void l2cap_sock_kill(struct sock *sk)
818 {
819 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
820 return;
821
822 BT_DBG("sk %p state %s", sk, state_to_string(sk->sk_state));
823
824 /* Kill poor orphan */
825
826 l2cap_chan_destroy(l2cap_pi(sk)->chan);
827 sock_set_flag(sk, SOCK_DEAD);
828 sock_put(sk);
829 }
830
831 static int l2cap_sock_shutdown(struct socket *sock, int how)
832 {
833 struct sock *sk = sock->sk;
834 struct l2cap_chan *chan;
835 struct l2cap_conn *conn;
836 int err = 0;
837
838 BT_DBG("sock %p, sk %p", sock, sk);
839
840 if (!sk)
841 return 0;
842
843 chan = l2cap_pi(sk)->chan;
844 conn = chan->conn;
845
846 if (conn)
847 mutex_lock(&conn->chan_lock);
848
849 l2cap_chan_lock(chan);
850 lock_sock(sk);
851
852 if (!sk->sk_shutdown) {
853 if (chan->mode == L2CAP_MODE_ERTM)
854 err = __l2cap_wait_ack(sk);
855
856 sk->sk_shutdown = SHUTDOWN_MASK;
857
858 release_sock(sk);
859 l2cap_chan_close(chan, 0);
860 lock_sock(sk);
861
862 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
863 err = bt_sock_wait_state(sk, BT_CLOSED,
864 sk->sk_lingertime);
865 }
866
867 if (!err && sk->sk_err)
868 err = -sk->sk_err;
869
870 release_sock(sk);
871 l2cap_chan_unlock(chan);
872
873 if (conn)
874 mutex_unlock(&conn->chan_lock);
875
876 return err;
877 }
878
879 static int l2cap_sock_release(struct socket *sock)
880 {
881 struct sock *sk = sock->sk;
882 int err;
883
884 BT_DBG("sock %p, sk %p", sock, sk);
885
886 if (!sk)
887 return 0;
888
889 err = l2cap_sock_shutdown(sock, 2);
890
891 sock_orphan(sk);
892 l2cap_sock_kill(sk);
893 return err;
894 }
895
896 static void l2cap_sock_cleanup_listen(struct sock *parent)
897 {
898 struct sock *sk;
899
900 BT_DBG("parent %p", parent);
901
902 /* Close not yet accepted channels */
903 while ((sk = bt_accept_dequeue(parent, NULL))) {
904 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
905
906 l2cap_chan_lock(chan);
907 __clear_chan_timer(chan);
908 l2cap_chan_close(chan, ECONNRESET);
909 l2cap_chan_unlock(chan);
910
911 l2cap_sock_kill(sk);
912 }
913 }
914
915 static struct l2cap_chan *l2cap_sock_new_connection_cb(struct l2cap_chan *chan)
916 {
917 struct sock *sk, *parent = chan->data;
918
919 /* Check for backlog size */
920 if (sk_acceptq_is_full(parent)) {
921 BT_DBG("backlog full %d", parent->sk_ack_backlog);
922 return NULL;
923 }
924
925 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP,
926 GFP_ATOMIC);
927 if (!sk)
928 return NULL;
929
930 bt_sock_reclassify_lock(sk, BTPROTO_L2CAP);
931
932 l2cap_sock_init(sk, parent);
933
934 return l2cap_pi(sk)->chan;
935 }
936
937 static int l2cap_sock_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
938 {
939 int err;
940 struct sock *sk = chan->data;
941 struct l2cap_pinfo *pi = l2cap_pi(sk);
942
943 lock_sock(sk);
944
945 if (pi->rx_busy_skb) {
946 err = -ENOMEM;
947 goto done;
948 }
949
950 err = sock_queue_rcv_skb(sk, skb);
951
952 /* For ERTM, handle one skb that doesn't fit into the recv
953 * buffer. This is important to do because the data frames
954 * have already been acked, so the skb cannot be discarded.
955 *
956 * Notify the l2cap core that the buffer is full, so the
957 * LOCAL_BUSY state is entered and no more frames are
958 * acked and reassembled until there is buffer space
959 * available.
960 */
961 if (err < 0 && pi->chan->mode == L2CAP_MODE_ERTM) {
962 pi->rx_busy_skb = skb;
963 l2cap_chan_busy(pi->chan, 1);
964 err = 0;
965 }
966
967 done:
968 release_sock(sk);
969
970 return err;
971 }
972
973 static void l2cap_sock_close_cb(struct l2cap_chan *chan)
974 {
975 struct sock *sk = chan->data;
976
977 l2cap_sock_kill(sk);
978 }
979
980 static void l2cap_sock_teardown_cb(struct l2cap_chan *chan, int err)
981 {
982 struct sock *sk = chan->data;
983 struct sock *parent;
984
985 lock_sock(sk);
986
987 parent = bt_sk(sk)->parent;
988
989 sock_set_flag(sk, SOCK_ZAPPED);
990
991 switch (chan->state) {
992 case BT_OPEN:
993 case BT_BOUND:
994 case BT_CLOSED:
995 break;
996 case BT_LISTEN:
997 l2cap_sock_cleanup_listen(sk);
998 sk->sk_state = BT_CLOSED;
999 chan->state = BT_CLOSED;
1000
1001 break;
1002 default:
1003 sk->sk_state = BT_CLOSED;
1004 chan->state = BT_CLOSED;
1005
1006 sk->sk_err = err;
1007
1008 if (parent) {
1009 bt_accept_unlink(sk);
1010 parent->sk_data_ready(parent, 0);
1011 } else {
1012 sk->sk_state_change(sk);
1013 }
1014
1015 break;
1016 }
1017
1018 release_sock(sk);
1019 }
1020
1021 static void l2cap_sock_state_change_cb(struct l2cap_chan *chan, int state)
1022 {
1023 struct sock *sk = chan->data;
1024
1025 sk->sk_state = state;
1026 }
1027
1028 static struct sk_buff *l2cap_sock_alloc_skb_cb(struct l2cap_chan *chan,
1029 unsigned long len, int nb)
1030 {
1031 struct sk_buff *skb;
1032 int err;
1033
1034 l2cap_chan_unlock(chan);
1035 skb = bt_skb_send_alloc(chan->sk, len, nb, &err);
1036 l2cap_chan_lock(chan);
1037
1038 if (!skb)
1039 return ERR_PTR(err);
1040
1041 return skb;
1042 }
1043
1044 static void l2cap_sock_ready_cb(struct l2cap_chan *chan)
1045 {
1046 struct sock *sk = chan->data;
1047 struct sock *parent;
1048
1049 lock_sock(sk);
1050
1051 parent = bt_sk(sk)->parent;
1052
1053 BT_DBG("sk %p, parent %p", sk, parent);
1054
1055 sk->sk_state = BT_CONNECTED;
1056 sk->sk_state_change(sk);
1057
1058 if (parent)
1059 parent->sk_data_ready(parent, 0);
1060
1061 release_sock(sk);
1062 }
1063
1064 static struct l2cap_ops l2cap_chan_ops = {
1065 .name = "L2CAP Socket Interface",
1066 .new_connection = l2cap_sock_new_connection_cb,
1067 .recv = l2cap_sock_recv_cb,
1068 .close = l2cap_sock_close_cb,
1069 .teardown = l2cap_sock_teardown_cb,
1070 .state_change = l2cap_sock_state_change_cb,
1071 .ready = l2cap_sock_ready_cb,
1072 .alloc_skb = l2cap_sock_alloc_skb_cb,
1073 };
1074
1075 static void l2cap_sock_destruct(struct sock *sk)
1076 {
1077 BT_DBG("sk %p", sk);
1078
1079 l2cap_chan_put(l2cap_pi(sk)->chan);
1080 if (l2cap_pi(sk)->rx_busy_skb) {
1081 kfree_skb(l2cap_pi(sk)->rx_busy_skb);
1082 l2cap_pi(sk)->rx_busy_skb = NULL;
1083 }
1084
1085 skb_queue_purge(&sk->sk_receive_queue);
1086 skb_queue_purge(&sk->sk_write_queue);
1087 }
1088
1089 static void l2cap_sock_init(struct sock *sk, struct sock *parent)
1090 {
1091 struct l2cap_pinfo *pi = l2cap_pi(sk);
1092 struct l2cap_chan *chan = pi->chan;
1093
1094 BT_DBG("sk %p", sk);
1095
1096 if (parent) {
1097 struct l2cap_chan *pchan = l2cap_pi(parent)->chan;
1098
1099 sk->sk_type = parent->sk_type;
1100 bt_sk(sk)->flags = bt_sk(parent)->flags;
1101
1102 chan->chan_type = pchan->chan_type;
1103 chan->imtu = pchan->imtu;
1104 chan->omtu = pchan->omtu;
1105 chan->conf_state = pchan->conf_state;
1106 chan->mode = pchan->mode;
1107 chan->fcs = pchan->fcs;
1108 chan->max_tx = pchan->max_tx;
1109 chan->tx_win = pchan->tx_win;
1110 chan->tx_win_max = pchan->tx_win_max;
1111 chan->sec_level = pchan->sec_level;
1112 chan->flags = pchan->flags;
1113
1114 security_sk_clone(parent, sk);
1115 } else {
1116
1117 switch (sk->sk_type) {
1118 case SOCK_RAW:
1119 chan->chan_type = L2CAP_CHAN_RAW;
1120 break;
1121 case SOCK_DGRAM:
1122 chan->chan_type = L2CAP_CHAN_CONN_LESS;
1123 break;
1124 case SOCK_SEQPACKET:
1125 case SOCK_STREAM:
1126 chan->chan_type = L2CAP_CHAN_CONN_ORIENTED;
1127 break;
1128 }
1129
1130 chan->imtu = L2CAP_DEFAULT_MTU;
1131 chan->omtu = 0;
1132 if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
1133 chan->mode = L2CAP_MODE_ERTM;
1134 set_bit(CONF_STATE2_DEVICE, &chan->conf_state);
1135 } else {
1136 chan->mode = L2CAP_MODE_BASIC;
1137 }
1138
1139 l2cap_chan_set_defaults(chan);
1140 }
1141
1142 /* Default config options */
1143 chan->flush_to = L2CAP_DEFAULT_FLUSH_TO;
1144
1145 chan->data = sk;
1146 chan->ops = &l2cap_chan_ops;
1147 }
1148
1149 static struct proto l2cap_proto = {
1150 .name = "L2CAP",
1151 .owner = THIS_MODULE,
1152 .obj_size = sizeof(struct l2cap_pinfo)
1153 };
1154
1155 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
1156 {
1157 struct sock *sk;
1158 struct l2cap_chan *chan;
1159
1160 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
1161 if (!sk)
1162 return NULL;
1163
1164 sock_init_data(sock, sk);
1165 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
1166
1167 sk->sk_destruct = l2cap_sock_destruct;
1168 sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;
1169
1170 sock_reset_flag(sk, SOCK_ZAPPED);
1171
1172 sk->sk_protocol = proto;
1173 sk->sk_state = BT_OPEN;
1174
1175 chan = l2cap_chan_create();
1176 if (!chan) {
1177 l2cap_sock_kill(sk);
1178 return NULL;
1179 }
1180
1181 l2cap_chan_hold(chan);
1182
1183 chan->sk = sk;
1184
1185 l2cap_pi(sk)->chan = chan;
1186
1187 return sk;
1188 }
1189
1190 static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
1191 int kern)
1192 {
1193 struct sock *sk;
1194
1195 BT_DBG("sock %p", sock);
1196
1197 sock->state = SS_UNCONNECTED;
1198
1199 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
1200 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
1201 return -ESOCKTNOSUPPORT;
1202
1203 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
1204 return -EPERM;
1205
1206 sock->ops = &l2cap_sock_ops;
1207
1208 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
1209 if (!sk)
1210 return -ENOMEM;
1211
1212 l2cap_sock_init(sk, NULL);
1213 return 0;
1214 }
1215
1216 static const struct proto_ops l2cap_sock_ops = {
1217 .family = PF_BLUETOOTH,
1218 .owner = THIS_MODULE,
1219 .release = l2cap_sock_release,
1220 .bind = l2cap_sock_bind,
1221 .connect = l2cap_sock_connect,
1222 .listen = l2cap_sock_listen,
1223 .accept = l2cap_sock_accept,
1224 .getname = l2cap_sock_getname,
1225 .sendmsg = l2cap_sock_sendmsg,
1226 .recvmsg = l2cap_sock_recvmsg,
1227 .poll = bt_sock_poll,
1228 .ioctl = bt_sock_ioctl,
1229 .mmap = sock_no_mmap,
1230 .socketpair = sock_no_socketpair,
1231 .shutdown = l2cap_sock_shutdown,
1232 .setsockopt = l2cap_sock_setsockopt,
1233 .getsockopt = l2cap_sock_getsockopt
1234 };
1235
1236 static const struct net_proto_family l2cap_sock_family_ops = {
1237 .family = PF_BLUETOOTH,
1238 .owner = THIS_MODULE,
1239 .create = l2cap_sock_create,
1240 };
1241
1242 int __init l2cap_init_sockets(void)
1243 {
1244 int err;
1245
1246 err = proto_register(&l2cap_proto, 0);
1247 if (err < 0)
1248 return err;
1249
1250 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
1251 if (err < 0)
1252 goto error;
1253
1254 BT_INFO("L2CAP socket layer initialized");
1255
1256 return 0;
1257
1258 error:
1259 BT_ERR("L2CAP socket registration failed");
1260 proto_unregister(&l2cap_proto);
1261 return err;
1262 }
1263
1264 void l2cap_cleanup_sockets(void)
1265 {
1266 if (bt_sock_unregister(BTPROTO_L2CAP) < 0)
1267 BT_ERR("L2CAP socket unregistration failed");
1268
1269 proto_unregister(&l2cap_proto);
1270 }
kernel source for telekom puls (alcatel/mediatek)