projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Adds set_default function in L2CAP setup
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / l2cap_sock.c
CommitLineData
bb58f747
GP		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
590051de 6 Copyright (C) 2011 ProFUSION Embedded Systems
bb58f747
GP		 7
8 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
9
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License version 2 as
12 published by the Free Software Foundation;
13
14 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
17 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
18 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
19 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
22
23 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
24 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
25 SOFTWARE IS DISCLAIMED.
26*/
27
28/* Bluetooth L2CAP sockets. */
29
6230c9b4 30#include <linux/security.h>
bc3b2d7f 31#include <linux/export.h>
6230c9b4 32
bb58f747 33#include <net/bluetooth/bluetooth.h>
33575df7 34#include <net/bluetooth/hci_core.h>
bb58f747 35#include <net/bluetooth/l2cap.h>
f1cb9af5 36#include <net/bluetooth/smp.h>
bb58f747 37
cf2f90f5 38static const struct proto_ops l2cap_sock_ops;
80808e43
GP		 39static void l2cap_sock_init(struct sock *sk, struct sock *parent);
40static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio);
cf2f90f5 41
af6bcd82
GP		 42static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
43{
44 struct sock *sk = sock->sk;
4343478f 45 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
af6bcd82
GP		 46 struct sockaddr_l2 la;
47 int len, err = 0;
48
49 BT_DBG("sk %p", sk);
50
51 if (!addr || addr->sa_family != AF_BLUETOOTH)
52 return -EINVAL;
53
54 memset(&la, 0, sizeof(la));
55 len = min_t(unsigned int, sizeof(la), alen);
56 memcpy(&la, addr, len);
57
b62f328b 58 if (la.l2_cid && la.l2_psm)
af6bcd82
GP		 59 return -EINVAL;
60
61 lock_sock(sk);
62
63 if (sk->sk_state != BT_OPEN) {
64 err = -EBADFD;
65 goto done;
66 }
67
68 if (la.l2_psm) {
69 __u16 psm = __le16_to_cpu(la.l2_psm);
70
71 /* PSM must be odd and lsb of upper byte must be 0 */
72 if ((psm & 0x0101) != 0x0001) {
73 err = -EINVAL;
74 goto done;
75 }
76
77 /* Restrict usage of well-known PSMs */
78 if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) {
79 err = -EACCES;
80 goto done;
81 }
82 }
83
9e4425ff 84 if (la.l2_cid)
6e4aff10 85 err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));
9e4425ff
GP		 86 else
87 err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
af6bcd82 88
9e4425ff
GP		 89 if (err < 0)
90 goto done;
af6bcd82 91
9e4425ff
GP		 92 if (__le16_to_cpu(la.l2_psm) == 0x0001 ||
93 __le16_to_cpu(la.l2_psm) == 0x0003)
94 chan->sec_level = BT_SECURITY_SDP;
b62f328b 95
9e4425ff 96 bacpy(&bt_sk(sk)->src, &la.l2_bdaddr);
89bc500e
GP		 97
98 chan->state = BT_BOUND;
9e4425ff 99 sk->sk_state = BT_BOUND;
af6bcd82
GP		 100
101done:
102 release_sock(sk);
103 return err;
104}
105
4e34c50b
GP		 106static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
107{
108 struct sock *sk = sock->sk;
0c1bc5c6 109 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
4e34c50b
GP		 110 struct sockaddr_l2 la;
111 int len, err = 0;
112
113 BT_DBG("sk %p", sk);
114
115 if (!addr || alen < sizeof(addr->sa_family) ||
116 addr->sa_family != AF_BLUETOOTH)
117 return -EINVAL;
118
119 memset(&la, 0, sizeof(la));
120 len = min_t(unsigned int, sizeof(la), alen);
121 memcpy(&la, addr, len);
122
acd7d370 123 if (la.l2_cid && la.l2_psm)
4e34c50b
GP		 124 return -EINVAL;
125
6e4aff10
SN		 126 err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid),
127 &la.l2_bdaddr);
4e34c50b 128 if (err)
b3fb611e 129 return err;
4e34c50b 130
6be36555
AE		 131 lock_sock(sk);
132
4e34c50b
GP		 133 err = bt_sock_wait_state(sk, BT_CONNECTED,
134 sock_sndtimeo(sk, flags & O_NONBLOCK));
b3fb611e
AE		 135
136 release_sock(sk);
137
4e34c50b
GP		 138 return err;
139}
140
af6bcd82
GP		 141static int l2cap_sock_listen(struct socket *sock, int backlog)
142{
143 struct sock *sk = sock->sk;
0c1bc5c6 144 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
af6bcd82
GP		 145 int err = 0;
146
147 BT_DBG("sk %p backlog %d", sk, backlog);
148
149 lock_sock(sk);
150
151 if ((sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM)
152 || sk->sk_state != BT_BOUND) {
153 err = -EBADFD;
154 goto done;
155 }
156
0c1bc5c6 157 switch (chan->mode) {
af6bcd82
GP		 158 case L2CAP_MODE_BASIC:
159 break;
160 case L2CAP_MODE_ERTM:
161 case L2CAP_MODE_STREAMING:
162 if (!disable_ertm)
163 break;
164 /* fall through */
165 default:
166 err = -ENOTSUPP;
167 goto done;
168 }
169
af6bcd82
GP		 170 sk->sk_max_ack_backlog = backlog;
171 sk->sk_ack_backlog = 0;
89bc500e
GP		 172
173 chan->state = BT_LISTEN;
af6bcd82
GP		 174 sk->sk_state = BT_LISTEN;
175
176done:
177 release_sock(sk);
178 return err;
179}
180
c47b7c72
GP		 181static int l2cap_sock_accept(struct socket *sock, struct socket *newsock, int flags)
182{
183 DECLARE_WAITQUEUE(wait, current);
184 struct sock *sk = sock->sk, *nsk;
185 long timeo;
186 int err = 0;
187
188 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
189
c47b7c72
GP		 190 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
191
192 BT_DBG("sk %p timeo %ld", sk, timeo);
193
194 /* Wait for an incoming connection. (wake-one). */
195 add_wait_queue_exclusive(sk_sleep(sk), &wait);
f9a3c20a 196 while (1) {
c47b7c72 197 set_current_state(TASK_INTERRUPTIBLE);
f9a3c20a
PH		 198
199 if (sk->sk_state != BT_LISTEN) {
200 err = -EBADFD;
c47b7c72
GP		 201 break;
202 }
203
f9a3c20a
PH		 204 nsk = bt_accept_dequeue(sk, newsock);
205 if (nsk)
206 break;
c47b7c72 207
f9a3c20a
PH		 208 if (!timeo) {
209 err = -EAGAIN;
c47b7c72
GP		 210 break;
211 }
212
213 if (signal_pending(current)) {
214 err = sock_intr_errno(timeo);
215 break;
216 }
f9a3c20a
PH		 217
218 release_sock(sk);
219 timeo = schedule_timeout(timeo);
220 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
c47b7c72 221 }
f9a3c20a 222 __set_current_state(TASK_RUNNING);
c47b7c72
GP		 223 remove_wait_queue(sk_sleep(sk), &wait);
224
225 if (err)
226 goto done;
227
228 newsock->state = SS_CONNECTED;
229
230 BT_DBG("new socket %p", nsk);
231
232done:
233 release_sock(sk);
234 return err;
235}
236
d7175d55
GP		 237static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
238{
239 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
240 struct sock *sk = sock->sk;
0c1bc5c6 241 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
d7175d55
GP		 242
243 BT_DBG("sock %p, sk %p", sock, sk);
244
245 addr->sa_family = AF_BLUETOOTH;
246 *len = sizeof(struct sockaddr_l2);
247
248 if (peer) {
fe4128e0 249 la->l2_psm = chan->psm;
d7175d55 250 bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst);
fe4128e0 251 la->l2_cid = cpu_to_le16(chan->dcid);
d7175d55 252 } else {
0c1bc5c6 253 la->l2_psm = chan->sport;
d7175d55 254 bacpy(&la->l2_bdaddr, &bt_sk(sk)->src);
fe4128e0 255 la->l2_cid = cpu_to_le16(chan->scid);
d7175d55
GP		 256 }
257
258 return 0;
259}
260
99f4808d
GP		 261static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
262{
263 struct sock *sk = sock->sk;
4343478f 264 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
99f4808d
GP		 265 struct l2cap_options opts;
266 struct l2cap_conninfo cinfo;
267 int len, err = 0;
268 u32 opt;
269
270 BT_DBG("sk %p", sk);
271
272 if (get_user(len, optlen))
273 return -EFAULT;
274
275 lock_sock(sk);
276
277 switch (optname) {
278 case L2CAP_OPTIONS:
e3fb592b 279 memset(&opts, 0, sizeof(opts));
0c1bc5c6
GP		 280 opts.imtu = chan->imtu;
281 opts.omtu = chan->omtu;
282 opts.flush_to = chan->flush_to;
283 opts.mode = chan->mode;
47d1ec61
GP		 284 opts.fcs = chan->fcs;
285 opts.max_tx = chan->max_tx;
6327eb98 286 opts.txwin_size = chan->tx_win;
99f4808d
GP		 287
288 len = min_t(unsigned int, len, sizeof(opts));
289 if (copy_to_user(optval, (char *) &opts, len))
290 err = -EFAULT;
291
292 break;
293
294 case L2CAP_LM:
4343478f 295 switch (chan->sec_level) {
99f4808d
GP		 296 case BT_SECURITY_LOW:
297 opt = L2CAP_LM_AUTH;
298 break;
299 case BT_SECURITY_MEDIUM:
300 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT;
301 break;
302 case BT_SECURITY_HIGH:
303 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
304 L2CAP_LM_SECURE;
305 break;
306 default:
307 opt = 0;
308 break;
309 }
310
43bd0f32 311 if (test_bit(FLAG_ROLE_SWITCH, &chan->flags))
99f4808d
GP		 312 opt |= L2CAP_LM_MASTER;
313
ecf61bdb 314 if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags))
99f4808d
GP		 315 opt |= L2CAP_LM_RELIABLE;
316
317 if (put_user(opt, (u32 __user *) optval))
318 err = -EFAULT;
319 break;
320
321 case L2CAP_CONNINFO:
322 if (sk->sk_state != BT_CONNECTED &&
323 !(sk->sk_state == BT_CONNECT2 &&
324 bt_sk(sk)->defer_setup)) {
325 err = -ENOTCONN;
326 break;
327 }
328
8d03e971 329 memset(&cinfo, 0, sizeof(cinfo));
8c1d787b
GP		 330 cinfo.hci_handle = chan->conn->hcon->handle;
331 memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3);
99f4808d
GP		 332
333 len = min_t(unsigned int, len, sizeof(cinfo));
334 if (copy_to_user(optval, (char *) &cinfo, len))
335 err = -EFAULT;
336
337 break;
338
339 default:
340 err = -ENOPROTOOPT;
341 break;
342 }
343
344 release_sock(sk);
345 return err;
346}
347
348static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
349{
350 struct sock *sk = sock->sk;
4343478f 351 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
99f4808d 352 struct bt_security sec;
14b12d0b 353 struct bt_power pwr;
99f4808d
GP		 354 int len, err = 0;
355
356 BT_DBG("sk %p", sk);
357
358 if (level == SOL_L2CAP)
359 return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
360
361 if (level != SOL_BLUETOOTH)
362 return -ENOPROTOOPT;
363
364 if (get_user(len, optlen))
365 return -EFAULT;
366
367 lock_sock(sk);
368
369 switch (optname) {
370 case BT_SECURITY:
715ec005
GP		 371 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
372 chan->chan_type != L2CAP_CHAN_RAW) {
99f4808d
GP		 373 err = -EINVAL;
374 break;
375 }
376
8f360119 377 memset(&sec, 0, sizeof(sec));
4343478f 378 sec.level = chan->sec_level;
99f4808d 379
8f360119
VCG		 380 if (sk->sk_state == BT_CONNECTED)
381 sec.key_size = chan->conn->hcon->enc_key_size;
382
99f4808d
GP		 383 len = min_t(unsigned int, len, sizeof(sec));
384 if (copy_to_user(optval, (char *) &sec, len))
385 err = -EFAULT;
386
387 break;
388
389 case BT_DEFER_SETUP:
390 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
391 err = -EINVAL;
392 break;
393 }
394
395 if (put_user(bt_sk(sk)->defer_setup, (u32 __user *) optval))
396 err = -EFAULT;
397
398 break;
399
400 case BT_FLUSHABLE:
d57b0e8b
AE		 401 if (put_user(test_bit(FLAG_FLUSHABLE, &chan->flags),
402 (u32 __user *) optval))
99f4808d
GP		 403 err = -EFAULT;
404
405 break;
406
14b12d0b
JG		 407 case BT_POWER:
408 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
409 && sk->sk_type != SOCK_RAW) {
410 err = -EINVAL;
411 break;
412 }
413
15770b1a 414 pwr.force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags);
14b12d0b
JG		 415
416 len = min_t(unsigned int, len, sizeof(pwr));
417 if (copy_to_user(optval, (char *) &pwr, len))
418 err = -EFAULT;
419
420 break;
421
2ea66482
MM		 422 case BT_CHANNEL_POLICY:
423 if (!enable_hs) {
424 err = -ENOPROTOOPT;
425 break;
426 }
427
428 if (put_user(chan->chan_policy, (u32 __user *) optval))
429 err = -EFAULT;
430 break;
431
99f4808d
GP		 432 default:
433 err = -ENOPROTOOPT;
434 break;
435 }
436
437 release_sock(sk);
438 return err;
439}
440
33575df7
GP		 441static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __user *optval, unsigned int optlen)
442{
443 struct sock *sk = sock->sk;
b4450035 444 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
33575df7
GP		 445 struct l2cap_options opts;
446 int len, err = 0;
447 u32 opt;
448
449 BT_DBG("sk %p", sk);
450
451 lock_sock(sk);
452
453 switch (optname) {
454 case L2CAP_OPTIONS:
455 if (sk->sk_state == BT_CONNECTED) {
456 err = -EINVAL;
457 break;
458 }
459
0c1bc5c6
GP		 460 opts.imtu = chan->imtu;
461 opts.omtu = chan->omtu;
462 opts.flush_to = chan->flush_to;
463 opts.mode = chan->mode;
47d1ec61
GP		 464 opts.fcs = chan->fcs;
465 opts.max_tx = chan->max_tx;
6327eb98 466 opts.txwin_size = chan->tx_win;
33575df7
GP		 467
468 len = min_t(unsigned int, sizeof(opts), optlen);
469 if (copy_from_user((char *) &opts, optval, len)) {
470 err = -EFAULT;
471 break;
472 }
473
6327eb98 474 if (opts.txwin_size > L2CAP_DEFAULT_EXT_WINDOW) {
33575df7
GP		 475 err = -EINVAL;
476 break;
477 }
478
0c1bc5c6
GP		 479 chan->mode = opts.mode;
480 switch (chan->mode) {
33575df7 481 case L2CAP_MODE_BASIC:
c1360a1c 482 clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);
33575df7
GP		 483 break;
484 case L2CAP_MODE_ERTM:
485 case L2CAP_MODE_STREAMING:
486 if (!disable_ertm)
487 break;
488 /* fall through */
489 default:
490 err = -EINVAL;
491 break;
492 }
493
0c1bc5c6
GP		 494 chan->imtu = opts.imtu;
495 chan->omtu = opts.omtu;
47d1ec61
GP		 496 chan->fcs = opts.fcs;
497 chan->max_tx = opts.max_tx;
6327eb98 498 chan->tx_win = opts.txwin_size;
33575df7
GP		 499 break;
500
501 case L2CAP_LM:
502 if (get_user(opt, (u32 __user *) optval)) {
503 err = -EFAULT;
504 break;
505 }
506
507 if (opt & L2CAP_LM_AUTH)
4343478f 508 chan->sec_level = BT_SECURITY_LOW;
33575df7 509 if (opt & L2CAP_LM_ENCRYPT)
4343478f 510 chan->sec_level = BT_SECURITY_MEDIUM;
33575df7 511 if (opt & L2CAP_LM_SECURE)
4343478f 512 chan->sec_level = BT_SECURITY_HIGH;
33575df7 513
43bd0f32
AE		 514 if (opt & L2CAP_LM_MASTER)
515 set_bit(FLAG_ROLE_SWITCH, &chan->flags);
516 else
517 clear_bit(FLAG_ROLE_SWITCH, &chan->flags);
ecf61bdb
AE		 518
519 if (opt & L2CAP_LM_RELIABLE)
520 set_bit(FLAG_FORCE_RELIABLE, &chan->flags);
521 else
522 clear_bit(FLAG_FORCE_RELIABLE, &chan->flags);
33575df7
GP		 523 break;
524
525 default:
526 err = -ENOPROTOOPT;
527 break;
528 }
529
530 release_sock(sk);
531 return err;
532}
533
534static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
535{
536 struct sock *sk = sock->sk;
4343478f 537 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
33575df7 538 struct bt_security sec;
14b12d0b 539 struct bt_power pwr;
f1cb9af5 540 struct l2cap_conn *conn;
33575df7
GP		 541 int len, err = 0;
542 u32 opt;
543
544 BT_DBG("sk %p", sk);
545
546 if (level == SOL_L2CAP)
547 return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
548
549 if (level != SOL_BLUETOOTH)
550 return -ENOPROTOOPT;
551
552 lock_sock(sk);
553
554 switch (optname) {
555 case BT_SECURITY:
715ec005
GP		 556 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
557 chan->chan_type != L2CAP_CHAN_RAW) {
33575df7
GP		 558 err = -EINVAL;
559 break;
560 }
561
562 sec.level = BT_SECURITY_LOW;
563
564 len = min_t(unsigned int, sizeof(sec), optlen);
565 if (copy_from_user((char *) &sec, optval, len)) {
566 err = -EFAULT;
567 break;
568 }
569
570 if (sec.level < BT_SECURITY_LOW ||
571 sec.level > BT_SECURITY_HIGH) {
572 err = -EINVAL;
573 break;
574 }
575
4343478f 576 chan->sec_level = sec.level;
f1cb9af5 577
0bee1d60
GP		 578 if (!chan->conn)
579 break;
580
f1cb9af5 581 conn = chan->conn;
0bee1d60
GP		 582
583 /*change security for LE channels */
584 if (chan->scid == L2CAP_CID_LE_DATA) {
f1cb9af5
VCG		 585 if (!conn->hcon->out) {
586 err = -EINVAL;
587 break;
588 }
589
590 if (smp_conn_security(conn, sec.level))
591 break;
f1cb9af5 592 sk->sk_state = BT_CONFIG;
3542b854 593 chan->state = BT_CONFIG;
0bee1d60
GP		 594
595 /* or for ACL link, under defer_setup time */
596 } else if (sk->sk_state == BT_CONNECT2 &&
597 bt_sk(sk)->defer_setup) {
598 err = l2cap_chan_check_security(chan);
599 } else {
600 err = -EINVAL;
f1cb9af5 601 }
33575df7
GP		 602 break;
603
604 case BT_DEFER_SETUP:
605 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
606 err = -EINVAL;
607 break;
608 }
609
610 if (get_user(opt, (u32 __user *) optval)) {
611 err = -EFAULT;
612 break;
613 }
614
615 bt_sk(sk)->defer_setup = opt;
616 break;
617
618 case BT_FLUSHABLE:
619 if (get_user(opt, (u32 __user *) optval)) {
620 err = -EFAULT;
621 break;
622 }
623
624 if (opt > BT_FLUSHABLE_ON) {
625 err = -EINVAL;
626 break;
627 }
628
629 if (opt == BT_FLUSHABLE_OFF) {
8c1d787b 630 struct l2cap_conn *conn = chan->conn;
25985edc 631 /* proceed further only when we have l2cap_conn and
33575df7
GP		 632 No Flush support in the LM */
633 if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) {
634 err = -EINVAL;
635 break;
636 }
637 }
638
d57b0e8b
AE		 639 if (opt)
640 set_bit(FLAG_FLUSHABLE, &chan->flags);
641 else
642 clear_bit(FLAG_FLUSHABLE, &chan->flags);
33575df7
GP		 643 break;
644
14b12d0b
JG		 645 case BT_POWER:
646 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
647 chan->chan_type != L2CAP_CHAN_RAW) {
648 err = -EINVAL;
649 break;
650 }
651
652 pwr.force_active = BT_POWER_FORCE_ACTIVE_ON;
653
654 len = min_t(unsigned int, sizeof(pwr), optlen);
655 if (copy_from_user((char *) &pwr, optval, len)) {
656 err = -EFAULT;
657 break;
658 }
15770b1a
AE		 659
660 if (pwr.force_active)
661 set_bit(FLAG_FORCE_ACTIVE, &chan->flags);
662 else
663 clear_bit(FLAG_FORCE_ACTIVE, &chan->flags);
14b12d0b
JG		 664 break;
665
2ea66482
MM		 666 case BT_CHANNEL_POLICY:
667 if (!enable_hs) {
668 err = -ENOPROTOOPT;
669 break;
670 }
671
672 if (get_user(opt, (u32 __user *) optval)) {
673 err = -EFAULT;
674 break;
675 }
676
677 if (opt > BT_CHANNEL_POLICY_AMP_PREFERRED) {
678 err = -EINVAL;
679 break;
680 }
681
682 if (chan->mode != L2CAP_MODE_ERTM &&
683 chan->mode != L2CAP_MODE_STREAMING) {
684 err = -EOPNOTSUPP;
685 break;
686 }
687
688 chan->chan_policy = (u8) opt;
14b12d0b
JG		 689 break;
690
33575df7
GP		 691 default:
692 err = -ENOPROTOOPT;
693 break;
694 }
695
696 release_sock(sk);
697 return err;
698}
fd83ccdb
GP		 699
700static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len)
701{
702 struct sock *sk = sock->sk;
0c1bc5c6 703 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
fd83ccdb
GP		 704 int err;
705
706 BT_DBG("sock %p, sk %p", sock, sk);
707
708 err = sock_error(sk);
709 if (err)
710 return err;
711
712 if (msg->msg_flags & MSG_OOB)
713 return -EOPNOTSUPP;
714
715 lock_sock(sk);
716
717 if (sk->sk_state != BT_CONNECTED) {
9a91a04a
GP		 718 release_sock(sk);
719 return -ENOTCONN;
fd83ccdb
GP		 720 }
721
5e59b791 722 err = l2cap_chan_send(chan, msg, len, sk->sk_priority);
fd83ccdb 723
fd83ccdb
GP		 724 release_sock(sk);
725 return err;
726}
33575df7 727
68983259
GP		 728static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len, int flags)
729{
730 struct sock *sk = sock->sk;
e328140f
MM		 731 struct l2cap_pinfo *pi = l2cap_pi(sk);
732 int err;
68983259
GP		 733
734 lock_sock(sk);
735
736 if (sk->sk_state == BT_CONNECT2 && bt_sk(sk)->defer_setup) {
8c1d787b 737 sk->sk_state = BT_CONFIG;
3542b854 738 pi->chan->state = BT_CONFIG;
8c1d787b 739
e328140f 740 __l2cap_connect_rsp_defer(pi->chan);
68983259
GP		 741 release_sock(sk);
742 return 0;
743 }
744
745 release_sock(sk);
746
747 if (sock->type == SOCK_STREAM)
e328140f
MM		 748 err = bt_sock_stream_recvmsg(iocb, sock, msg, len, flags);
749 else
750 err = bt_sock_recvmsg(iocb, sock, msg, len, flags);
751
752 if (pi->chan->mode != L2CAP_MODE_ERTM)
753 return err;
754
755 /* Attempt to put pending rx data in the socket buffer */
756
757 lock_sock(sk);
758
759 if (!test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state))
760 goto done;
761
762 if (pi->rx_busy_skb) {
763 if (!sock_queue_rcv_skb(sk, pi->rx_busy_skb))
764 pi->rx_busy_skb = NULL;
765 else
766 goto done;
767 }
768
769 /* Restore data flow when half of the receive buffer is
770 * available. This avoids resending large numbers of
771 * frames.
772 */
773 if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1)
774 l2cap_chan_busy(pi->chan, 0);
68983259 775
e328140f
MM		 776done:
777 release_sock(sk);
778 return err;
68983259
GP		 779}
780
05fc1576
GP		 781/* Kill socket (only if zapped and orphan)
782 * Must be called on unlocked socket.
783 */
ba3bd0ee 784static void l2cap_sock_kill(struct sock *sk)
05fc1576
GP		 785{
786 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
787 return;
788
e05dcc32 789 BT_DBG("sk %p state %s", sk, state_to_string(sk->sk_state));
05fc1576
GP		 790
791 /* Kill poor orphan */
6ff5abbf 792
23691d75 793 l2cap_chan_destroy(l2cap_pi(sk)->chan);
05fc1576
GP		 794 sock_set_flag(sk, SOCK_DEAD);
795 sock_put(sk);
796}
797
dcba0dba
GP		 798static int l2cap_sock_shutdown(struct socket *sock, int how)
799{
800 struct sock *sk = sock->sk;
7ddb6e0f 801 struct l2cap_chan *chan;
3df91ea2 802 struct l2cap_conn *conn;
dcba0dba
GP		 803 int err = 0;
804
805 BT_DBG("sock %p, sk %p", sock, sk);
806
807 if (!sk)
808 return 0;
809
7ddb6e0f 810 chan = l2cap_pi(sk)->chan;
3df91ea2
AE		 811 conn = chan->conn;
812
813 if (conn)
814 mutex_lock(&conn->chan_lock);
7ddb6e0f 815
6be36555 816 l2cap_chan_lock(chan);
dcba0dba 817 lock_sock(sk);
6be36555 818
dcba0dba 819 if (!sk->sk_shutdown) {
0c1bc5c6 820 if (chan->mode == L2CAP_MODE_ERTM)
dcba0dba
GP		 821 err = __l2cap_wait_ack(sk);
822
823 sk->sk_shutdown = SHUTDOWN_MASK;
3df91ea2 824
6be36555 825 release_sock(sk);
0f852724 826 l2cap_chan_close(chan, 0);
6be36555 827 lock_sock(sk);
dcba0dba
GP		 828
829 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
830 err = bt_sock_wait_state(sk, BT_CLOSED,
831 sk->sk_lingertime);
832 }
833
834 if (!err && sk->sk_err)
835 err = -sk->sk_err;
836
837 release_sock(sk);
6be36555 838 l2cap_chan_unlock(chan);
3df91ea2
AE		 839
840 if (conn)
841 mutex_unlock(&conn->chan_lock);
842
dcba0dba
GP		 843 return err;
844}
845
554f05bb
GP		 846static int l2cap_sock_release(struct socket *sock)
847{
848 struct sock *sk = sock->sk;
849 int err;
850
851 BT_DBG("sock %p, sk %p", sock, sk);
852
853 if (!sk)
854 return 0;
855
856 err = l2cap_sock_shutdown(sock, 2);
857
858 sock_orphan(sk);
859 l2cap_sock_kill(sk);
860 return err;
861}
862
80808e43
GP		 863static struct l2cap_chan *l2cap_sock_new_connection_cb(void *data)
864{
865 struct sock *sk, *parent = data;
866
867 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP,
868 GFP_ATOMIC);
869 if (!sk)
870 return NULL;
871
d22015aa
OP		 872 bt_sock_reclassify_lock(sk, BTPROTO_L2CAP);
873
80808e43
GP		 874 l2cap_sock_init(sk, parent);
875
876 return l2cap_pi(sk)->chan;
877}
878
23070494
GP		 879static int l2cap_sock_recv_cb(void *data, struct sk_buff *skb)
880{
e328140f 881 int err;
23070494 882 struct sock *sk = data;
e328140f
MM		 883 struct l2cap_pinfo *pi = l2cap_pi(sk);
884
6be36555
AE		 885 lock_sock(sk);
886
887 if (pi->rx_busy_skb) {
888 err = -ENOMEM;
889 goto done;
890 }
e328140f
MM		 891
892 err = sock_queue_rcv_skb(sk, skb);
893
894 /* For ERTM, handle one skb that doesn't fit into the recv
895 * buffer. This is important to do because the data frames
896 * have already been acked, so the skb cannot be discarded.
897 *
898 * Notify the l2cap core that the buffer is full, so the
899 * LOCAL_BUSY state is entered and no more frames are
900 * acked and reassembled until there is buffer space
901 * available.
902 */
903 if (err < 0 && pi->chan->mode == L2CAP_MODE_ERTM) {
904 pi->rx_busy_skb = skb;
905 l2cap_chan_busy(pi->chan, 1);
906 err = 0;
907 }
23070494 908
6be36555
AE		 909done:
910 release_sock(sk);
911
e328140f 912 return err;
23070494
GP		 913}
914
ba3bd0ee
GP		 915static void l2cap_sock_close_cb(void *data)
916{
917 struct sock *sk = data;
918
919 l2cap_sock_kill(sk);
920}
921
89bc500e
GP		 922static void l2cap_sock_state_change_cb(void *data, int state)
923{
924 struct sock *sk = data;
925
926 sk->sk_state = state;
927}
928
2f7719ce 929static struct sk_buff *l2cap_sock_alloc_skb_cb(struct l2cap_chan *chan,
04124681
GP		 930 unsigned long len, int nb,
931 int *err)
2f7719ce
AE		 932{
933 struct sock *sk = chan->sk;
934
935 return bt_skb_send_alloc(sk, len, nb, err);
936}
937
80808e43
GP		 938static struct l2cap_ops l2cap_chan_ops = {
939 .name = "L2CAP Socket Interface",
940 .new_connection = l2cap_sock_new_connection_cb,
23070494 941 .recv = l2cap_sock_recv_cb,
ba3bd0ee 942 .close = l2cap_sock_close_cb,
89bc500e 943 .state_change = l2cap_sock_state_change_cb,
2f7719ce 944 .alloc_skb = l2cap_sock_alloc_skb_cb,
80808e43
GP		 945};
946
bb58f747
GP		 947static void l2cap_sock_destruct(struct sock *sk)
948{
949 BT_DBG("sk %p", sk);
950
e328140f
MM		 951 if (l2cap_pi(sk)->rx_busy_skb) {
952 kfree_skb(l2cap_pi(sk)->rx_busy_skb);
953 l2cap_pi(sk)->rx_busy_skb = NULL;
954 }
955
bb58f747
GP		 956 skb_queue_purge(&sk->sk_receive_queue);
957 skb_queue_purge(&sk->sk_write_queue);
958}
959
80808e43 960static void l2cap_sock_init(struct sock *sk, struct sock *parent)
bb58f747
GP		 961{
962 struct l2cap_pinfo *pi = l2cap_pi(sk);
b4450035 963 struct l2cap_chan *chan = pi->chan;
bb58f747
GP		 964
965 BT_DBG("sk %p", sk);
966
967 if (parent) {
b4450035
GP		 968 struct l2cap_chan *pchan = l2cap_pi(parent)->chan;
969
bb58f747
GP		 970 sk->sk_type = parent->sk_type;
971 bt_sk(sk)->defer_setup = bt_sk(parent)->defer_setup;
972
715ec005 973 chan->chan_type = pchan->chan_type;
0c1bc5c6
GP		 974 chan->imtu = pchan->imtu;
975 chan->omtu = pchan->omtu;
b4450035 976 chan->conf_state = pchan->conf_state;
0c1bc5c6 977 chan->mode = pchan->mode;
47d1ec61
GP		 978 chan->fcs = pchan->fcs;
979 chan->max_tx = pchan->max_tx;
980 chan->tx_win = pchan->tx_win;
6b3c7104 981 chan->tx_win_max = pchan->tx_win_max;
4343478f 982 chan->sec_level = pchan->sec_level;
d57b0e8b 983 chan->flags = pchan->flags;
6230c9b4
PM		 984
985 security_sk_clone(parent, sk);
bb58f747 986 } else {
715ec005
GP		 987
988 switch (sk->sk_type) {
989 case SOCK_RAW:
990 chan->chan_type = L2CAP_CHAN_RAW;
991 break;
992 case SOCK_DGRAM:
993 chan->chan_type = L2CAP_CHAN_CONN_LESS;
994 break;
995 case SOCK_SEQPACKET:
996 case SOCK_STREAM:
997 chan->chan_type = L2CAP_CHAN_CONN_ORIENTED;
998 break;
999 }
1000
0c1bc5c6
GP		 1001 chan->imtu = L2CAP_DEFAULT_MTU;
1002 chan->omtu = 0;
bb58f747 1003 if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
0c1bc5c6 1004 chan->mode = L2CAP_MODE_ERTM;
c1360a1c 1005 set_bit(CONF_STATE2_DEVICE, &chan->conf_state);
bb58f747 1006 } else {
0c1bc5c6 1007 chan->mode = L2CAP_MODE_BASIC;
bb58f747 1008 }
bd4b1653
AE		 1009
1010 l2cap_chan_set_defaults(chan);
bb58f747
GP		 1011 }
1012
1013 /* Default config options */
0c1bc5c6 1014 chan->flush_to = L2CAP_DEFAULT_FLUSH_TO;
80808e43
GP		 1015
1016 chan->data = sk;
1017 chan->ops = &l2cap_chan_ops;
bb58f747
GP		 1018}
1019
1020static struct proto l2cap_proto = {
1021 .name = "L2CAP",
1022 .owner = THIS_MODULE,
1023 .obj_size = sizeof(struct l2cap_pinfo)
1024};
1025
80808e43 1026static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
bb58f747
GP		 1027{
1028 struct sock *sk;
dc50a06d 1029 struct l2cap_chan *chan;
bb58f747
GP		 1030
1031 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
1032 if (!sk)
1033 return NULL;
1034
1035 sock_init_data(sock, sk);
1036 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
1037
1038 sk->sk_destruct = l2cap_sock_destruct;
ba13ccd9 1039 sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;
bb58f747
GP		 1040
1041 sock_reset_flag(sk, SOCK_ZAPPED);
1042
1043 sk->sk_protocol = proto;
1044 sk->sk_state = BT_OPEN;
1045
eef1d9b6 1046 chan = l2cap_chan_create();
dc50a06d
GP		 1047 if (!chan) {
1048 l2cap_sock_kill(sk);
1049 return NULL;
1050 }
1051
eef1d9b6
GP		 1052 chan->sk = sk;
1053
dc50a06d
GP		 1054 l2cap_pi(sk)->chan = chan;
1055
bb58f747
GP		 1056 return sk;
1057}
1058
1059static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
1060 int kern)
1061{
1062 struct sock *sk;
1063
1064 BT_DBG("sock %p", sock);
1065
1066 sock->state = SS_UNCONNECTED;
1067
1068 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
1069 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
1070 return -ESOCKTNOSUPPORT;
1071
1072 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
1073 return -EPERM;
1074
1075 sock->ops = &l2cap_sock_ops;
1076
1077 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
1078 if (!sk)
1079 return -ENOMEM;
1080
1081 l2cap_sock_init(sk, NULL);
1082 return 0;
1083}
1084
cf2f90f5 1085static const struct proto_ops l2cap_sock_ops = {
65390587
GP		 1086 .family = PF_BLUETOOTH,
1087 .owner = THIS_MODULE,
1088 .release = l2cap_sock_release,
1089 .bind = l2cap_sock_bind,
1090 .connect = l2cap_sock_connect,
1091 .listen = l2cap_sock_listen,
1092 .accept = l2cap_sock_accept,
1093 .getname = l2cap_sock_getname,
1094 .sendmsg = l2cap_sock_sendmsg,
1095 .recvmsg = l2cap_sock_recvmsg,
1096 .poll = bt_sock_poll,
1097 .ioctl = bt_sock_ioctl,
1098 .mmap = sock_no_mmap,
1099 .socketpair = sock_no_socketpair,
1100 .shutdown = l2cap_sock_shutdown,
1101 .setsockopt = l2cap_sock_setsockopt,
1102 .getsockopt = l2cap_sock_getsockopt
1103};
1104
bb58f747
GP		 1105static const struct net_proto_family l2cap_sock_family_ops = {
1106 .family = PF_BLUETOOTH,
1107 .owner = THIS_MODULE,
1108 .create = l2cap_sock_create,
1109};
1110
1111int __init l2cap_init_sockets(void)
1112{
e2174ca4 1113 int err;
bb58f747 1114
e2174ca4
GP		 1115 err = proto_register(&l2cap_proto, 0);
1116 if (err < 0)
1117 return err;
bb58f747 1118
e2174ca4
GP		 1119 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
1120 if (err < 0)
1121 goto error;
bb58f747 1122
e2174ca4 1123 BT_INFO("L2CAP socket layer initialized");
bb58f747 1124
e2174ca4 1125 return 0;
bb58f747
GP		 1126
1127error:
e2174ca4
GP		 1128 BT_ERR("L2CAP socket registration failed");
1129 proto_unregister(&l2cap_proto);
1130 return err;
bb58f747
GP		 1131}
1132
1133void l2cap_cleanup_sockets(void)
1134{
e2174ca4
GP		 1135 if (bt_sock_unregister(BTPROTO_L2CAP) < 0)
1136 BT_ERR("L2CAP socket unregistration failed");
bb58f747 1137
e2174ca4 1138 proto_unregister(&l2cap_proto);
bb58f747 1139}
kernel source for telekom puls (alcatel/mediatek)