projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
stmmac: add documentation for the driver.
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / rfcomm / sock.c
CommitLineData
8e87d142 1/*
1da177e4
LT		 2 RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
9
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18
8e87d142
YH		 19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 21 SOFTWARE IS DISCLAIMED.
22*/
23
24/*
25 * RFCOMM sockets.
1da177e4
LT		 26 */
27
1da177e4
LT		 28#include <linux/module.h>
29
30#include <linux/types.h>
31#include <linux/errno.h>
32#include <linux/kernel.h>
1da177e4
LT		 33#include <linux/sched.h>
34#include <linux/slab.h>
35#include <linux/poll.h>
36#include <linux/fcntl.h>
37#include <linux/init.h>
38#include <linux/interrupt.h>
39#include <linux/socket.h>
40#include <linux/skbuff.h>
41#include <linux/list.h>
be9d1227 42#include <linux/device.h>
aef7d97c
MH		 43#include <linux/debugfs.h>
44#include <linux/seq_file.h>
1da177e4
LT		 45#include <net/sock.h>
46
47#include <asm/system.h>
48#include <asm/uaccess.h>
49
50#include <net/bluetooth/bluetooth.h>
51#include <net/bluetooth/hci_core.h>
52#include <net/bluetooth/l2cap.h>
53#include <net/bluetooth/rfcomm.h>
54
90ddc4f0 55static const struct proto_ops rfcomm_sock_ops;
1da177e4
LT		 56
57static struct bt_sock_list rfcomm_sk_list = {
d5fb2962 58 .lock = __RW_LOCK_UNLOCKED(rfcomm_sk_list.lock)
1da177e4
LT		 59};
60
61static void rfcomm_sock_close(struct sock *sk);
62static void rfcomm_sock_kill(struct sock *sk);
63
64/* ---- DLC callbacks ----
65 *
66 * called under rfcomm_dlc_lock()
67 */
68static void rfcomm_sk_data_ready(struct rfcomm_dlc *d, struct sk_buff *skb)
69{
70 struct sock *sk = d->owner;
71 if (!sk)
72 return;
73
74 atomic_add(skb->len, &sk->sk_rmem_alloc);
75 skb_queue_tail(&sk->sk_receive_queue, skb);
76 sk->sk_data_ready(sk, skb->len);
77
78 if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf)
79 rfcomm_dlc_throttle(d);
80}
81
82static void rfcomm_sk_state_change(struct rfcomm_dlc *d, int err)
83{
84 struct sock *sk = d->owner, *parent;
85 if (!sk)
86 return;
87
88 BT_DBG("dlc %p state %ld err %d", d, d->state, err);
89
90 bh_lock_sock(sk);
91
92 if (err)
93 sk->sk_err = err;
94
95 sk->sk_state = d->state;
96
97 parent = bt_sk(sk)->parent;
98 if (parent) {
99 if (d->state == BT_CLOSED) {
100 sock_set_flag(sk, SOCK_ZAPPED);
101 bt_accept_unlink(sk);
102 }
103 parent->sk_data_ready(parent, 0);
104 } else {
105 if (d->state == BT_CONNECTED)
106 rfcomm_session_getaddr(d->session, &bt_sk(sk)->src, NULL);
107 sk->sk_state_change(sk);
108 }
109
110 bh_unlock_sock(sk);
111
112 if (parent && sock_flag(sk, SOCK_ZAPPED)) {
113 /* We have to drop DLC lock here, otherwise
114 * rfcomm_sock_destruct() will dead lock. */
115 rfcomm_dlc_unlock(d);
116 rfcomm_sock_kill(sk);
117 rfcomm_dlc_lock(d);
118 }
119}
120
121/* ---- Socket functions ---- */
122static struct sock *__rfcomm_get_sock_by_addr(u8 channel, bdaddr_t *src)
123{
124 struct sock *sk = NULL;
125 struct hlist_node *node;
126
127 sk_for_each(sk, node, &rfcomm_sk_list.head) {
8e87d142 128 if (rfcomm_pi(sk)->channel == channel &&
1da177e4
LT		 129 !bacmp(&bt_sk(sk)->src, src))
130 break;
131 }
132
133 return node ? sk : NULL;
134}
135
136/* Find socket with channel and source bdaddr.
137 * Returns closest match.
138 */
139static struct sock *__rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src)
140{
141 struct sock *sk = NULL, *sk1 = NULL;
142 struct hlist_node *node;
143
144 sk_for_each(sk, node, &rfcomm_sk_list.head) {
145 if (state && sk->sk_state != state)
146 continue;
147
148 if (rfcomm_pi(sk)->channel == channel) {
149 /* Exact match. */
150 if (!bacmp(&bt_sk(sk)->src, src))
151 break;
152
153 /* Closest match */
154 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
155 sk1 = sk;
156 }
157 }
158 return node ? sk : sk1;
159}
160
161/* Find socket with given address (channel, src).
162 * Returns locked socket */
163static inline struct sock *rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src)
164{
165 struct sock *s;
166 read_lock(&rfcomm_sk_list.lock);
167 s = __rfcomm_get_sock_by_channel(state, channel, src);
168 if (s) bh_lock_sock(s);
169 read_unlock(&rfcomm_sk_list.lock);
170 return s;
171}
172
173static void rfcomm_sock_destruct(struct sock *sk)
174{
175 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
176
177 BT_DBG("sk %p dlc %p", sk, d);
178
179 skb_queue_purge(&sk->sk_receive_queue);
180 skb_queue_purge(&sk->sk_write_queue);
181
182 rfcomm_dlc_lock(d);
183 rfcomm_pi(sk)->dlc = NULL;
184
185 /* Detach DLC if it's owned by this socket */
186 if (d->owner == sk)
187 d->owner = NULL;
188 rfcomm_dlc_unlock(d);
189
190 rfcomm_dlc_put(d);
191}
192
193static void rfcomm_sock_cleanup_listen(struct sock *parent)
194{
195 struct sock *sk;
196
197 BT_DBG("parent %p", parent);
198
199 /* Close not yet accepted dlcs */
200 while ((sk = bt_accept_dequeue(parent, NULL))) {
201 rfcomm_sock_close(sk);
202 rfcomm_sock_kill(sk);
203 }
204
205 parent->sk_state = BT_CLOSED;
206 sock_set_flag(parent, SOCK_ZAPPED);
207}
208
209/* Kill socket (only if zapped and orphan)
210 * Must be called on unlocked socket.
211 */
212static void rfcomm_sock_kill(struct sock *sk)
213{
214 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
215 return;
216
217 BT_DBG("sk %p state %d refcnt %d", sk, sk->sk_state, atomic_read(&sk->sk_refcnt));
218
219 /* Kill poor orphan */
220 bt_sock_unlink(&rfcomm_sk_list, sk);
221 sock_set_flag(sk, SOCK_DEAD);
222 sock_put(sk);
223}
224
225static void __rfcomm_sock_close(struct sock *sk)
226{
227 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
228
229 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
230
231 switch (sk->sk_state) {
232 case BT_LISTEN:
233 rfcomm_sock_cleanup_listen(sk);
234 break;
235
236 case BT_CONNECT:
237 case BT_CONNECT2:
238 case BT_CONFIG:
239 case BT_CONNECTED:
240 rfcomm_dlc_close(d, 0);
241
242 default:
243 sock_set_flag(sk, SOCK_ZAPPED);
244 break;
245 }
246}
247
248/* Close socket.
249 * Must be called on unlocked socket.
250 */
251static void rfcomm_sock_close(struct sock *sk)
252{
253 lock_sock(sk);
254 __rfcomm_sock_close(sk);
255 release_sock(sk);
256}
257
258static void rfcomm_sock_init(struct sock *sk, struct sock *parent)
259{
260 struct rfcomm_pinfo *pi = rfcomm_pi(sk);
261
262 BT_DBG("sk %p", sk);
263
264 if (parent) {
265 sk->sk_type = parent->sk_type;
bb23c0ab 266 pi->dlc->defer_setup = bt_sk(parent)->defer_setup;
9f2c8a03
MH		 267
268 pi->sec_level = rfcomm_pi(parent)->sec_level;
269 pi->role_switch = rfcomm_pi(parent)->role_switch;
1da177e4 270 } else {
bb23c0ab 271 pi->dlc->defer_setup = 0;
9f2c8a03
MH		 272
273 pi->sec_level = BT_SECURITY_LOW;
274 pi->role_switch = 0;
1da177e4
LT		 275 }
276
9f2c8a03
MH		 277 pi->dlc->sec_level = pi->sec_level;
278 pi->dlc->role_switch = pi->role_switch;
1da177e4
LT		 279}
280
281static struct proto rfcomm_proto = {
282 .name = "RFCOMM",
283 .owner = THIS_MODULE,
284 .obj_size = sizeof(struct rfcomm_pinfo)
285};
286
1b8d7ae4 287static struct sock *rfcomm_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
1da177e4
LT		 288{
289 struct rfcomm_dlc *d;
290 struct sock *sk;
291
6257ff21 292 sk = sk_alloc(net, PF_BLUETOOTH, prio, &rfcomm_proto);
1da177e4
LT		 293 if (!sk)
294 return NULL;
295
296 sock_init_data(sock, sk);
297 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
298
299 d = rfcomm_dlc_alloc(prio);
300 if (!d) {
301 sk_free(sk);
302 return NULL;
303 }
304
305 d->data_ready = rfcomm_sk_data_ready;
306 d->state_change = rfcomm_sk_state_change;
307
308 rfcomm_pi(sk)->dlc = d;
309 d->owner = sk;
310
311 sk->sk_destruct = rfcomm_sock_destruct;
312 sk->sk_sndtimeo = RFCOMM_CONN_TIMEOUT;
313
77db1980
MH		 314 sk->sk_sndbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10;
315 sk->sk_rcvbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10;
1da177e4
LT		 316
317 sock_reset_flag(sk, SOCK_ZAPPED);
318
319 sk->sk_protocol = proto;
77db1980 320 sk->sk_state = BT_OPEN;
1da177e4
LT		 321
322 bt_sock_link(&rfcomm_sk_list, sk);
323
324 BT_DBG("sk %p", sk);
325 return sk;
326}
327
3f378b68
EP		 328static int rfcomm_sock_create(struct net *net, struct socket *sock,
329 int protocol, int kern)
1da177e4
LT		 330{
331 struct sock *sk;
332
333 BT_DBG("sock %p", sock);
334
335 sock->state = SS_UNCONNECTED;
336
337 if (sock->type != SOCK_STREAM && sock->type != SOCK_RAW)
338 return -ESOCKTNOSUPPORT;
339
340 sock->ops = &rfcomm_sock_ops;
341
1b8d7ae4 342 sk = rfcomm_sock_alloc(net, sock, protocol, GFP_ATOMIC);
74da626a 343 if (!sk)
1da177e4
LT		 344 return -ENOMEM;
345
346 rfcomm_sock_init(sk, NULL);
347 return 0;
348}
349
350static int rfcomm_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
351{
352 struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
353 struct sock *sk = sock->sk;
354 int err = 0;
355
356 BT_DBG("sk %p %s", sk, batostr(&sa->rc_bdaddr));
357
358 if (!addr || addr->sa_family != AF_BLUETOOTH)
359 return -EINVAL;
360
361 lock_sock(sk);
362
363 if (sk->sk_state != BT_OPEN) {
364 err = -EBADFD;
365 goto done;
366 }
367
354d28d5
MH		 368 if (sk->sk_type != SOCK_STREAM) {
369 err = -EINVAL;
370 goto done;
371 }
372
1da177e4
LT		 373 write_lock_bh(&rfcomm_sk_list.lock);
374
375 if (sa->rc_channel && __rfcomm_get_sock_by_addr(sa->rc_channel, &sa->rc_bdaddr)) {
376 err = -EADDRINUSE;
377 } else {
378 /* Save source address */
379 bacpy(&bt_sk(sk)->src, &sa->rc_bdaddr);
380 rfcomm_pi(sk)->channel = sa->rc_channel;
381 sk->sk_state = BT_BOUND;
382 }
383
384 write_unlock_bh(&rfcomm_sk_list.lock);
385
386done:
387 release_sock(sk);
388 return err;
389}
390
391static int rfcomm_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
392{
393 struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
394 struct sock *sk = sock->sk;
395 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
396 int err = 0;
397
398 BT_DBG("sk %p", sk);
399
400 if (addr->sa_family != AF_BLUETOOTH || alen < sizeof(struct sockaddr_rc))
401 return -EINVAL;
402
354d28d5 403 lock_sock(sk);
1da177e4 404
354d28d5
MH		 405 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) {
406 err = -EBADFD;
407 goto done;
408 }
1da177e4 409
354d28d5
MH		 410 if (sk->sk_type != SOCK_STREAM) {
411 err = -EINVAL;
412 goto done;
413 }
1da177e4
LT		 414
415 sk->sk_state = BT_CONNECT;
416 bacpy(&bt_sk(sk)->dst, &sa->rc_bdaddr);
417 rfcomm_pi(sk)->channel = sa->rc_channel;
418
9f2c8a03
MH		 419 d->sec_level = rfcomm_pi(sk)->sec_level;
420 d->role_switch = rfcomm_pi(sk)->role_switch;
77db1980 421
1da177e4
LT		 422 err = rfcomm_dlc_open(d, &bt_sk(sk)->src, &sa->rc_bdaddr, sa->rc_channel);
423 if (!err)
424 err = bt_sock_wait_state(sk, BT_CONNECTED,
425 sock_sndtimeo(sk, flags & O_NONBLOCK));
426
354d28d5 427done:
1da177e4
LT		 428 release_sock(sk);
429 return err;
430}
431
432static int rfcomm_sock_listen(struct socket *sock, int backlog)
433{
434 struct sock *sk = sock->sk;
435 int err = 0;
436
437 BT_DBG("sk %p backlog %d", sk, backlog);
438
439 lock_sock(sk);
440
441 if (sk->sk_state != BT_BOUND) {
442 err = -EBADFD;
443 goto done;
444 }
445
354d28d5
MH		 446 if (sk->sk_type != SOCK_STREAM) {
447 err = -EINVAL;
448 goto done;
449 }
450
1da177e4
LT		 451 if (!rfcomm_pi(sk)->channel) {
452 bdaddr_t *src = &bt_sk(sk)->src;
453 u8 channel;
454
455 err = -EINVAL;
456
457 write_lock_bh(&rfcomm_sk_list.lock);
458
459 for (channel = 1; channel < 31; channel++)
460 if (!__rfcomm_get_sock_by_addr(channel, src)) {
461 rfcomm_pi(sk)->channel = channel;
462 err = 0;
463 break;
464 }
465
466 write_unlock_bh(&rfcomm_sk_list.lock);
467
468 if (err < 0)
469 goto done;
470 }
471
472 sk->sk_max_ack_backlog = backlog;
473 sk->sk_ack_backlog = 0;
474 sk->sk_state = BT_LISTEN;
475
476done:
477 release_sock(sk);
478 return err;
479}
480
481static int rfcomm_sock_accept(struct socket *sock, struct socket *newsock, int flags)
482{
483 DECLARE_WAITQUEUE(wait, current);
484 struct sock *sk = sock->sk, *nsk;
485 long timeo;
486 int err = 0;
487
488 lock_sock(sk);
489
490 if (sk->sk_state != BT_LISTEN) {
491 err = -EBADFD;
492 goto done;
493 }
494
354d28d5
MH		 495 if (sk->sk_type != SOCK_STREAM) {
496 err = -EINVAL;
497 goto done;
498 }
499
1da177e4
LT		 500 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
501
502 BT_DBG("sk %p timeo %ld", sk, timeo);
503
504 /* Wait for an incoming connection. (wake-one). */
505 add_wait_queue_exclusive(sk->sk_sleep, &wait);
506 while (!(nsk = bt_accept_dequeue(sk, newsock))) {
507 set_current_state(TASK_INTERRUPTIBLE);
508 if (!timeo) {
509 err = -EAGAIN;
510 break;
511 }
512
513 release_sock(sk);
514 timeo = schedule_timeout(timeo);
515 lock_sock(sk);
516
517 if (sk->sk_state != BT_LISTEN) {
518 err = -EBADFD;
519 break;
520 }
521
522 if (signal_pending(current)) {
523 err = sock_intr_errno(timeo);
524 break;
525 }
526 }
527 set_current_state(TASK_RUNNING);
528 remove_wait_queue(sk->sk_sleep, &wait);
529
530 if (err)
531 goto done;
532
533 newsock->state = SS_CONNECTED;
534
535 BT_DBG("new socket %p", nsk);
536
537done:
538 release_sock(sk);
539 return err;
540}
541
542static int rfcomm_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
543{
544 struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
545 struct sock *sk = sock->sk;
546
547 BT_DBG("sock %p, sk %p", sock, sk);
548
549 sa->rc_family = AF_BLUETOOTH;
550 sa->rc_channel = rfcomm_pi(sk)->channel;
551 if (peer)
552 bacpy(&sa->rc_bdaddr, &bt_sk(sk)->dst);
553 else
554 bacpy(&sa->rc_bdaddr, &bt_sk(sk)->src);
555
556 *len = sizeof(struct sockaddr_rc);
557 return 0;
558}
559
560static int rfcomm_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
561 struct msghdr *msg, size_t len)
562{
563 struct sock *sk = sock->sk;
564 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
565 struct sk_buff *skb;
1da177e4
LT		 566 int sent = 0;
567
bb23c0ab
MH		 568 if (test_bit(RFCOMM_DEFER_SETUP, &d->flags))
569 return -ENOTCONN;
570
1da177e4
LT		 571 if (msg->msg_flags & MSG_OOB)
572 return -EOPNOTSUPP;
573
574 if (sk->sk_shutdown & SEND_SHUTDOWN)
575 return -EPIPE;
576
577 BT_DBG("sock %p, sk %p", sock, sk);
578
579 lock_sock(sk);
580
581 while (len) {
582 size_t size = min_t(size_t, len, d->mtu);
4d6a2188 583 int err;
8e87d142 584
1da177e4
LT		 585 skb = sock_alloc_send_skb(sk, size + RFCOMM_SKB_RESERVE,
586 msg->msg_flags & MSG_DONTWAIT, &err);
91aa35a5
VS		 587 if (!skb) {
588 if (sent == 0)
589 sent = err;
1da177e4 590 break;
91aa35a5 591 }
1da177e4
LT		 592 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
593
594 err = memcpy_fromiovec(skb_put(skb, size), msg->msg_iov, size);
595 if (err) {
596 kfree_skb(skb);
4d6a2188
MH		 597 if (sent == 0)
598 sent = err;
1da177e4
LT		 599 break;
600 }
601
602 err = rfcomm_dlc_send(d, skb);
603 if (err < 0) {
604 kfree_skb(skb);
4d6a2188
MH		 605 if (sent == 0)
606 sent = err;
1da177e4
LT		 607 break;
608 }
609
610 sent += size;
611 len -= size;
612 }
613
614 release_sock(sk);
615
4d6a2188 616 return sent;
1da177e4
LT		 617}
618
619static long rfcomm_sock_data_wait(struct sock *sk, long timeo)
620{
621 DECLARE_WAITQUEUE(wait, current);
622
623 add_wait_queue(sk->sk_sleep, &wait);
624 for (;;) {
625 set_current_state(TASK_INTERRUPTIBLE);
626
b03efcfb
DM		 627 if (!skb_queue_empty(&sk->sk_receive_queue) ||
628 sk->sk_err ||
629 (sk->sk_shutdown & RCV_SHUTDOWN) ||
630 signal_pending(current) ||
631 !timeo)
1da177e4
LT		 632 break;
633
634 set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
635 release_sock(sk);
636 timeo = schedule_timeout(timeo);
637 lock_sock(sk);
638 clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
639 }
640
641 __set_current_state(TASK_RUNNING);
642 remove_wait_queue(sk->sk_sleep, &wait);
643 return timeo;
644}
645
646static int rfcomm_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
647 struct msghdr *msg, size_t size, int flags)
648{
649 struct sock *sk = sock->sk;
bb23c0ab 650 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
1da177e4
LT		 651 int err = 0;
652 size_t target, copied = 0;
653 long timeo;
654
bb23c0ab
MH		 655 if (test_and_clear_bit(RFCOMM_DEFER_SETUP, &d->flags)) {
656 rfcomm_dlc_accept(d);
657 return 0;
658 }
659
1da177e4
LT		 660 if (flags & MSG_OOB)
661 return -EOPNOTSUPP;
662
663 msg->msg_namelen = 0;
664
a418b893 665 BT_DBG("sk %p size %zu", sk, size);
1da177e4
LT		 666
667 lock_sock(sk);
668
669 target = sock_rcvlowat(sk, flags & MSG_WAITALL, size);
670 timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
671
672 do {
673 struct sk_buff *skb;
674 int chunk;
675
676 skb = skb_dequeue(&sk->sk_receive_queue);
677 if (!skb) {
678 if (copied >= target)
679 break;
680
681 if ((err = sock_error(sk)) != 0)
682 break;
683 if (sk->sk_shutdown & RCV_SHUTDOWN)
684 break;
685
686 err = -EAGAIN;
687 if (!timeo)
688 break;
689
690 timeo = rfcomm_sock_data_wait(sk, timeo);
691
692 if (signal_pending(current)) {
693 err = sock_intr_errno(timeo);
694 goto out;
695 }
696 continue;
697 }
698
699 chunk = min_t(unsigned int, skb->len, size);
700 if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) {
701 skb_queue_head(&sk->sk_receive_queue, skb);
702 if (!copied)
703 copied = -EFAULT;
704 break;
705 }
706 copied += chunk;
707 size -= chunk;
708
3b885787 709 sock_recv_ts_and_drops(msg, sk, skb);
3241ad82 710
1da177e4
LT		 711 if (!(flags & MSG_PEEK)) {
712 atomic_sub(chunk, &sk->sk_rmem_alloc);
713
714 skb_pull(skb, chunk);
715 if (skb->len) {
716 skb_queue_head(&sk->sk_receive_queue, skb);
717 break;
718 }
719 kfree_skb(skb);
720
721 } else {
722 /* put message back and return */
723 skb_queue_head(&sk->sk_receive_queue, skb);
724 break;
725 }
726 } while (size);
727
728out:
729 if (atomic_read(&sk->sk_rmem_alloc) <= (sk->sk_rcvbuf >> 2))
730 rfcomm_dlc_unthrottle(rfcomm_pi(sk)->dlc);
731
732 release_sock(sk);
733 return copied ? : err;
734}
735
b7058842 736static int rfcomm_sock_setsockopt_old(struct socket *sock, int optname, char __user *optval, unsigned int optlen)
1da177e4
LT		 737{
738 struct sock *sk = sock->sk;
739 int err = 0;
740 u32 opt;
741
742 BT_DBG("sk %p", sk);
743
744 lock_sock(sk);
745
746 switch (optname) {
747 case RFCOMM_LM:
748 if (get_user(opt, (u32 __user *) optval)) {
749 err = -EFAULT;
750 break;
751 }
752
9f2c8a03
MH		 753 if (opt & RFCOMM_LM_AUTH)
754 rfcomm_pi(sk)->sec_level = BT_SECURITY_LOW;
755 if (opt & RFCOMM_LM_ENCRYPT)
756 rfcomm_pi(sk)->sec_level = BT_SECURITY_MEDIUM;
757 if (opt & RFCOMM_LM_SECURE)
758 rfcomm_pi(sk)->sec_level = BT_SECURITY_HIGH;
759
760 rfcomm_pi(sk)->role_switch = (opt & RFCOMM_LM_MASTER);
1da177e4
LT		 761 break;
762
763 default:
764 err = -ENOPROTOOPT;
765 break;
766 }
767
768 release_sock(sk);
769 return err;
770}
771
b7058842 772static int rfcomm_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
d58daf42
MH		 773{
774 struct sock *sk = sock->sk;
9f2c8a03
MH		 775 struct bt_security sec;
776 int len, err = 0;
bb23c0ab 777 u32 opt;
d58daf42
MH		 778
779 BT_DBG("sk %p", sk);
780
781 if (level == SOL_RFCOMM)
782 return rfcomm_sock_setsockopt_old(sock, optname, optval, optlen);
783
0588d94f
MH		 784 if (level != SOL_BLUETOOTH)
785 return -ENOPROTOOPT;
786
d58daf42
MH		 787 lock_sock(sk);
788
789 switch (optname) {
9f2c8a03 790 case BT_SECURITY:
0588d94f
MH		 791 if (sk->sk_type != SOCK_STREAM) {
792 err = -EINVAL;
793 break;
794 }
795
9f2c8a03
MH		 796 sec.level = BT_SECURITY_LOW;
797
798 len = min_t(unsigned int, sizeof(sec), optlen);
799 if (copy_from_user((char *) &sec, optval, len)) {
800 err = -EFAULT;
801 break;
802 }
803
804 if (sec.level > BT_SECURITY_HIGH) {
805 err = -EINVAL;
806 break;
807 }
808
809 rfcomm_pi(sk)->sec_level = sec.level;
810 break;
811
bb23c0ab
MH		 812 case BT_DEFER_SETUP:
813 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
814 err = -EINVAL;
815 break;
816 }
817
818 if (get_user(opt, (u32 __user *) optval)) {
819 err = -EFAULT;
820 break;
821 }
822
823 bt_sk(sk)->defer_setup = opt;
824 break;
825
d58daf42
MH		 826 default:
827 err = -ENOPROTOOPT;
828 break;
829 }
830
831 release_sock(sk);
832 return err;
833}
834
835static int rfcomm_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
1da177e4
LT		 836{
837 struct sock *sk = sock->sk;
838 struct sock *l2cap_sk;
839 struct rfcomm_conninfo cinfo;
840 int len, err = 0;
9f2c8a03 841 u32 opt;
1da177e4
LT		 842
843 BT_DBG("sk %p", sk);
844
845 if (get_user(len, optlen))
846 return -EFAULT;
847
848 lock_sock(sk);
849
850 switch (optname) {
851 case RFCOMM_LM:
9f2c8a03
MH		 852 switch (rfcomm_pi(sk)->sec_level) {
853 case BT_SECURITY_LOW:
854 opt = RFCOMM_LM_AUTH;
855 break;
856 case BT_SECURITY_MEDIUM:
857 opt = RFCOMM_LM_AUTH | RFCOMM_LM_ENCRYPT;
858 break;
859 case BT_SECURITY_HIGH:
860 opt = RFCOMM_LM_AUTH | RFCOMM_LM_ENCRYPT |
861 RFCOMM_LM_SECURE;
862 break;
863 default:
864 opt = 0;
865 break;
866 }
867
868 if (rfcomm_pi(sk)->role_switch)
869 opt |= RFCOMM_LM_MASTER;
870
871 if (put_user(opt, (u32 __user *) optval))
1da177e4
LT		 872 err = -EFAULT;
873 break;
874
875 case RFCOMM_CONNINFO:
bb23c0ab
MH		 876 if (sk->sk_state != BT_CONNECTED &&
877 !rfcomm_pi(sk)->dlc->defer_setup) {
1da177e4
LT		 878 err = -ENOTCONN;
879 break;
880 }
881
882 l2cap_sk = rfcomm_pi(sk)->dlc->session->sock->sk;
883
884 cinfo.hci_handle = l2cap_pi(l2cap_sk)->conn->hcon->handle;
885 memcpy(cinfo.dev_class, l2cap_pi(l2cap_sk)->conn->hcon->dev_class, 3);
886
887 len = min_t(unsigned int, len, sizeof(cinfo));
888 if (copy_to_user(optval, (char *) &cinfo, len))
889 err = -EFAULT;
890
891 break;
892
893 default:
894 err = -ENOPROTOOPT;
895 break;
896 }
897
898 release_sock(sk);
d58daf42
MH		 899 return err;
900}
901
902static int rfcomm_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
903{
904 struct sock *sk = sock->sk;
9f2c8a03 905 struct bt_security sec;
d58daf42
MH		 906 int len, err = 0;
907
908 BT_DBG("sk %p", sk);
909
910 if (level == SOL_RFCOMM)
911 return rfcomm_sock_getsockopt_old(sock, optname, optval, optlen);
912
0588d94f
MH		 913 if (level != SOL_BLUETOOTH)
914 return -ENOPROTOOPT;
915
d58daf42
MH		 916 if (get_user(len, optlen))
917 return -EFAULT;
918
919 lock_sock(sk);
920
921 switch (optname) {
9f2c8a03 922 case BT_SECURITY:
0588d94f
MH		 923 if (sk->sk_type != SOCK_STREAM) {
924 err = -EINVAL;
925 break;
926 }
927
9f2c8a03
MH		 928 sec.level = rfcomm_pi(sk)->sec_level;
929
930 len = min_t(unsigned int, len, sizeof(sec));
931 if (copy_to_user(optval, (char *) &sec, len))
932 err = -EFAULT;
933
934 break;
935
bb23c0ab
MH		 936 case BT_DEFER_SETUP:
937 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
938 err = -EINVAL;
939 break;
940 }
941
942 if (put_user(bt_sk(sk)->defer_setup, (u32 __user *) optval))
943 err = -EFAULT;
944
945 break;
946
d58daf42
MH		 947 default:
948 err = -ENOPROTOOPT;
949 break;
950 }
951
952 release_sock(sk);
1da177e4
LT		 953 return err;
954}
955
956static int rfcomm_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
957{
e19caae7 958 struct sock *sk __maybe_unused = sock->sk;
1da177e4
LT		 959 int err;
960
e19caae7 961 BT_DBG("sk %p cmd %x arg %lx", sk, cmd, arg);
1da177e4 962
3241ad82 963 err = bt_sock_ioctl(sock, cmd, arg);
1da177e4 964
3241ad82 965 if (err == -ENOIOCTLCMD) {
1da177e4 966#ifdef CONFIG_BT_RFCOMM_TTY
3241ad82
MH		 967 lock_sock(sk);
968 err = rfcomm_dev_ioctl(sk, cmd, (void __user *) arg);
969 release_sock(sk);
1da177e4 970#else
3241ad82 971 err = -EOPNOTSUPP;
1da177e4 972#endif
3241ad82 973 }
1da177e4 974
1da177e4
LT		 975 return err;
976}
977
978static int rfcomm_sock_shutdown(struct socket *sock, int how)
979{
980 struct sock *sk = sock->sk;
981 int err = 0;
982
983 BT_DBG("sock %p, sk %p", sock, sk);
984
985 if (!sk) return 0;
986
987 lock_sock(sk);
988 if (!sk->sk_shutdown) {
989 sk->sk_shutdown = SHUTDOWN_MASK;
990 __rfcomm_sock_close(sk);
991
992 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
993 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
994 }
995 release_sock(sk);
996 return err;
997}
998
999static int rfcomm_sock_release(struct socket *sock)
1000{
1001 struct sock *sk = sock->sk;
1002 int err;
1003
1004 BT_DBG("sock %p, sk %p", sock, sk);
1005
1006 if (!sk)
1007 return 0;
1008
1009 err = rfcomm_sock_shutdown(sock, 2);
1010
1011 sock_orphan(sk);
1012 rfcomm_sock_kill(sk);
1013 return err;
1014}
1015
8e87d142 1016/* ---- RFCOMM core layer callbacks ----
1da177e4
LT		 1017 *
1018 * called under rfcomm_lock()
1019 */
1020int rfcomm_connect_ind(struct rfcomm_session *s, u8 channel, struct rfcomm_dlc **d)
1021{
1022 struct sock *sk, *parent;
1023 bdaddr_t src, dst;
1024 int result = 0;
1025
1026 BT_DBG("session %p channel %d", s, channel);
1027
1028 rfcomm_session_getaddr(s, &src, &dst);
1029
1030 /* Check if we have socket listening on channel */
1031 parent = rfcomm_get_sock_by_channel(BT_LISTEN, channel, &src);
1032 if (!parent)
1033 return 0;
1034
1035 /* Check for backlog size */
1036 if (sk_acceptq_is_full(parent)) {
8e87d142 1037 BT_DBG("backlog full %d", parent->sk_ack_backlog);
1da177e4
LT		 1038 goto done;
1039 }
1040
3b1e0a65 1041 sk = rfcomm_sock_alloc(sock_net(parent), NULL, BTPROTO_RFCOMM, GFP_ATOMIC);
1da177e4
LT		 1042 if (!sk)
1043 goto done;
1044
1045 rfcomm_sock_init(sk, parent);
1046 bacpy(&bt_sk(sk)->src, &src);
1047 bacpy(&bt_sk(sk)->dst, &dst);
1048 rfcomm_pi(sk)->channel = channel;
1049
1050 sk->sk_state = BT_CONFIG;
1051 bt_accept_enqueue(parent, sk);
1052
1053 /* Accept connection and return socket DLC */
1054 *d = rfcomm_pi(sk)->dlc;
1055 result = 1;
1056
1057done:
1058 bh_unlock_sock(parent);
bb23c0ab
MH		 1059
1060 if (bt_sk(parent)->defer_setup)
1061 parent->sk_state_change(parent);
1062
1da177e4
LT		 1063 return result;
1064}
1065
aef7d97c 1066static int rfcomm_sock_debugfs_show(struct seq_file *f, void *p)
1da177e4
LT		 1067{
1068 struct sock *sk;
1069 struct hlist_node *node;
1da177e4
LT		 1070
1071 read_lock_bh(&rfcomm_sk_list.lock);
1072
be9d1227 1073 sk_for_each(sk, node, &rfcomm_sk_list.head) {
aef7d97c
MH		 1074 seq_printf(f, "%s %s %d %d\n",
1075 batostr(&bt_sk(sk)->src),
1076 batostr(&bt_sk(sk)->dst),
be9d1227
MH		 1077 sk->sk_state, rfcomm_pi(sk)->channel);
1078 }
1da177e4 1079
1da177e4 1080 read_unlock_bh(&rfcomm_sk_list.lock);
1da177e4 1081
aef7d97c 1082 return 0;
1da177e4
LT		 1083}
1084
aef7d97c
MH		 1085static int rfcomm_sock_debugfs_open(struct inode *inode, struct file *file)
1086{
1087 return single_open(file, rfcomm_sock_debugfs_show, inode->i_private);
1088}
1089
1090static const struct file_operations rfcomm_sock_debugfs_fops = {
1091 .open = rfcomm_sock_debugfs_open,
1092 .read = seq_read,
1093 .llseek = seq_lseek,
1094 .release = single_release,
1095};
1096
1097static struct dentry *rfcomm_sock_debugfs;
1da177e4 1098
90ddc4f0 1099static const struct proto_ops rfcomm_sock_ops = {
1da177e4
LT		 1100 .family = PF_BLUETOOTH,
1101 .owner = THIS_MODULE,
1102 .release = rfcomm_sock_release,
1103 .bind = rfcomm_sock_bind,
1104 .connect = rfcomm_sock_connect,
1105 .listen = rfcomm_sock_listen,
1106 .accept = rfcomm_sock_accept,
1107 .getname = rfcomm_sock_getname,
1108 .sendmsg = rfcomm_sock_sendmsg,
1109 .recvmsg = rfcomm_sock_recvmsg,
1110 .shutdown = rfcomm_sock_shutdown,
1111 .setsockopt = rfcomm_sock_setsockopt,
1112 .getsockopt = rfcomm_sock_getsockopt,
1113 .ioctl = rfcomm_sock_ioctl,
1114 .poll = bt_sock_poll,
1115 .socketpair = sock_no_socketpair,
1116 .mmap = sock_no_mmap
1117};
1118
ec1b4cf7 1119static const struct net_proto_family rfcomm_sock_family_ops = {
1da177e4
LT		 1120 .family = PF_BLUETOOTH,
1121 .owner = THIS_MODULE,
1122 .create = rfcomm_sock_create
1123};
1124
be9d1227 1125int __init rfcomm_init_sockets(void)
1da177e4
LT		 1126{
1127 int err;
1128
1129 err = proto_register(&rfcomm_proto, 0);
1130 if (err < 0)
1131 return err;
1132
1133 err = bt_sock_register(BTPROTO_RFCOMM, &rfcomm_sock_family_ops);
1134 if (err < 0)
1135 goto error;
1136
aef7d97c
MH		 1137 if (bt_debugfs) {
1138 rfcomm_sock_debugfs = debugfs_create_file("rfcomm", 0444,
1139 bt_debugfs, NULL, &rfcomm_sock_debugfs_fops);
1140 if (!rfcomm_sock_debugfs)
1141 BT_ERR("Failed to create RFCOMM debug file");
1142 }
1da177e4
LT		 1143
1144 BT_INFO("RFCOMM socket layer initialized");
1145
1146 return 0;
1147
1148error:
1149 BT_ERR("RFCOMM socket layer registration failed");
1150 proto_unregister(&rfcomm_proto);
1151 return err;
1152}
1153
af0d3b10 1154void rfcomm_cleanup_sockets(void)
1da177e4 1155{
aef7d97c 1156 debugfs_remove(rfcomm_sock_debugfs);
1da177e4
LT		 1157
1158 if (bt_sock_unregister(BTPROTO_RFCOMM) < 0)
1159 BT_ERR("RFCOMM socket layer unregistration failed");
1160
1161 proto_unregister(&rfcomm_proto);
1162}
kernel source for telekom puls (alcatel/mediatek)