projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
net: Remove iocb argument from sendmsg and recvmsg
[deliverable/linux.git] / net / bluetooth / hci_sock.c
CommitLineData
8e87d142 1/*
1da177e4
LT		 2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI sockets. */
26
8c520a59 27#include <linux/export.h>
1da177e4
LT		 28#include <asm/unaligned.h>
29
30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h>
cd82e61c 32#include <net/bluetooth/hci_mon.h>
1da177e4 33
cd82e61c
MH		 34static atomic_t monitor_promisc = ATOMIC_INIT(0);
35
1da177e4
LT		 36/* ----- HCI socket interface ----- */
37
863def58
MH		 38/* Socket info */
39#define hci_pi(sk) ((struct hci_pinfo *) sk)
40
41struct hci_pinfo {
42 struct bt_sock bt;
43 struct hci_dev *hdev;
44 struct hci_filter filter;
45 __u32 cmsg_mask;
46 unsigned short channel;
47};
48
1da177e4
LT		 49static inline int hci_test_bit(int nr, void *addr)
50{
51 return *((__u32 *) addr + (nr >> 5)) & ((__u32) 1 << (nr & 31));
52}
53
54/* Security filter */
3ad254f7
MH		 55#define HCI_SFLT_MAX_OGF 5
56
57struct hci_sec_filter {
58 __u32 type_mask;
59 __u32 event_mask[2];
60 __u32 ocf_mask[HCI_SFLT_MAX_OGF + 1][4];
61};
62
7e67c112 63static const struct hci_sec_filter hci_sec_filter = {
1da177e4
LT		 64 /* Packet types */
65 0x10,
66 /* Events */
dd7f5527 67 { 0x1000d9fe, 0x0000b00c },
1da177e4
LT		 68 /* Commands */
69 {
70 { 0x0 },
71 /* OGF_LINK_CTL */
7c631a67 72 { 0xbe000006, 0x00000001, 0x00000000, 0x00 },
1da177e4 73 /* OGF_LINK_POLICY */
7c631a67 74 { 0x00005200, 0x00000000, 0x00000000, 0x00 },
1da177e4 75 /* OGF_HOST_CTL */
7c631a67 76 { 0xaab00200, 0x2b402aaa, 0x05220154, 0x00 },
1da177e4 77 /* OGF_INFO_PARAM */
7c631a67 78 { 0x000002be, 0x00000000, 0x00000000, 0x00 },
1da177e4 79 /* OGF_STATUS_PARAM */
7c631a67 80 { 0x000000ea, 0x00000000, 0x00000000, 0x00 }
1da177e4
LT		 81 }
82};
83
84static struct bt_sock_list hci_sk_list = {
d5fb2962 85 .lock = __RW_LOCK_UNLOCKED(hci_sk_list.lock)
1da177e4
LT		 86};
87
f81fe64f
MH		 88static bool is_filtered_packet(struct sock *sk, struct sk_buff *skb)
89{
90 struct hci_filter *flt;
91 int flt_type, flt_event;
92
93 /* Apply filter */
94 flt = &hci_pi(sk)->filter;
95
96 if (bt_cb(skb)->pkt_type == HCI_VENDOR_PKT)
97 flt_type = 0;
98 else
99 flt_type = bt_cb(skb)->pkt_type & HCI_FLT_TYPE_BITS;
100
101 if (!test_bit(flt_type, &flt->type_mask))
102 return true;
103
104 /* Extra filter for event packets only */
105 if (bt_cb(skb)->pkt_type != HCI_EVENT_PKT)
106 return false;
107
108 flt_event = (*(__u8 *)skb->data & HCI_FLT_EVENT_BITS);
109
110 if (!hci_test_bit(flt_event, &flt->event_mask))
111 return true;
112
113 /* Check filter only when opcode is set */
114 if (!flt->opcode)
115 return false;
116
117 if (flt_event == HCI_EV_CMD_COMPLETE &&
118 flt->opcode != get_unaligned((__le16 *)(skb->data + 3)))
119 return true;
120
121 if (flt_event == HCI_EV_CMD_STATUS &&
122 flt->opcode != get_unaligned((__le16 *)(skb->data + 4)))
123 return true;
124
125 return false;
126}
127
1da177e4 128/* Send frame to RAW socket */
470fe1b5 129void hci_send_to_sock(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4
LT		 130{
131 struct sock *sk;
e0edf373 132 struct sk_buff *skb_copy = NULL;
1da177e4
LT		 133
134 BT_DBG("hdev %p len %d", hdev, skb->len);
135
136 read_lock(&hci_sk_list.lock);
470fe1b5 137
b67bfe0d 138 sk_for_each(sk, &hci_sk_list.head) {
1da177e4
LT		 139 struct sk_buff *nskb;
140
141 if (sk->sk_state != BT_BOUND || hci_pi(sk)->hdev != hdev)
142 continue;
143
144 /* Don't send frame to the socket it came from */
145 if (skb->sk == sk)
146 continue;
147
23500189
MH		 148 if (hci_pi(sk)->channel == HCI_CHANNEL_RAW) {
149 if (is_filtered_packet(sk, skb))
150 continue;
151 } else if (hci_pi(sk)->channel == HCI_CHANNEL_USER) {
152 if (!bt_cb(skb)->incoming)
153 continue;
154 if (bt_cb(skb)->pkt_type != HCI_EVENT_PKT &&
155 bt_cb(skb)->pkt_type != HCI_ACLDATA_PKT &&
156 bt_cb(skb)->pkt_type != HCI_SCODATA_PKT)
157 continue;
158 } else {
159 /* Don't send frame to other channel types */
1da177e4 160 continue;
23500189 161 }
1da177e4 162
e0edf373
MH		 163 if (!skb_copy) {
164 /* Create a private copy with headroom */
bad93e9d 165 skb_copy = __pskb_copy_fclone(skb, 1, GFP_ATOMIC, true);
e0edf373
MH		 166 if (!skb_copy)
167 continue;
168
169 /* Put type byte before the data */
170 memcpy(skb_push(skb_copy, 1), &bt_cb(skb)->pkt_type, 1);
171 }
172
173 nskb = skb_clone(skb_copy, GFP_ATOMIC);
70f23020 174 if (!nskb)
1da177e4
LT		 175 continue;
176
470fe1b5
MH		 177 if (sock_queue_rcv_skb(sk, nskb))
178 kfree_skb(nskb);
179 }
180
181 read_unlock(&hci_sk_list.lock);
e0edf373
MH		 182
183 kfree_skb(skb_copy);
470fe1b5
MH		 184}
185
186/* Send frame to control socket */
187void hci_send_to_control(struct sk_buff *skb, struct sock *skip_sk)
188{
189 struct sock *sk;
470fe1b5
MH		 190
191 BT_DBG("len %d", skb->len);
192
193 read_lock(&hci_sk_list.lock);
194
b67bfe0d 195 sk_for_each(sk, &hci_sk_list.head) {
470fe1b5
MH		 196 struct sk_buff *nskb;
197
198 /* Skip the original socket */
199 if (sk == skip_sk)
200 continue;
201
202 if (sk->sk_state != BT_BOUND)
203 continue;
204
205 if (hci_pi(sk)->channel != HCI_CHANNEL_CONTROL)
206 continue;
207
208 nskb = skb_clone(skb, GFP_ATOMIC);
209 if (!nskb)
210 continue;
1da177e4
LT		 211
212 if (sock_queue_rcv_skb(sk, nskb))
213 kfree_skb(nskb);
214 }
470fe1b5 215
1da177e4
LT		 216 read_unlock(&hci_sk_list.lock);
217}
218
d7f72f61
MH		 219static void queue_monitor_skb(struct sk_buff *skb)
220{
221 struct sock *sk;
222
223 BT_DBG("len %d", skb->len);
224
225 read_lock(&hci_sk_list.lock);
226
227 sk_for_each(sk, &hci_sk_list.head) {
228 struct sk_buff *nskb;
229
230 if (sk->sk_state != BT_BOUND)
231 continue;
232
233 if (hci_pi(sk)->channel != HCI_CHANNEL_MONITOR)
234 continue;
235
236 nskb = skb_clone(skb, GFP_ATOMIC);
237 if (!nskb)
238 continue;
239
240 if (sock_queue_rcv_skb(sk, nskb))
241 kfree_skb(nskb);
242 }
243
244 read_unlock(&hci_sk_list.lock);
245}
246
cd82e61c
MH		 247/* Send frame to monitor socket */
248void hci_send_to_monitor(struct hci_dev *hdev, struct sk_buff *skb)
249{
cd82e61c 250 struct sk_buff *skb_copy = NULL;
2b531294 251 struct hci_mon_hdr *hdr;
cd82e61c
MH		 252 __le16 opcode;
253
254 if (!atomic_read(&monitor_promisc))
255 return;
256
257 BT_DBG("hdev %p len %d", hdev, skb->len);
258
259 switch (bt_cb(skb)->pkt_type) {
260 case HCI_COMMAND_PKT:
dcf4adbf 261 opcode = cpu_to_le16(HCI_MON_COMMAND_PKT);
cd82e61c
MH		 262 break;
263 case HCI_EVENT_PKT:
dcf4adbf 264 opcode = cpu_to_le16(HCI_MON_EVENT_PKT);
cd82e61c
MH		 265 break;
266 case HCI_ACLDATA_PKT:
267 if (bt_cb(skb)->incoming)
dcf4adbf 268 opcode = cpu_to_le16(HCI_MON_ACL_RX_PKT);
cd82e61c 269 else
dcf4adbf 270 opcode = cpu_to_le16(HCI_MON_ACL_TX_PKT);
cd82e61c
MH		 271 break;
272 case HCI_SCODATA_PKT:
273 if (bt_cb(skb)->incoming)
dcf4adbf 274 opcode = cpu_to_le16(HCI_MON_SCO_RX_PKT);
cd82e61c 275 else
dcf4adbf 276 opcode = cpu_to_le16(HCI_MON_SCO_TX_PKT);
cd82e61c
MH		 277 break;
278 default:
279 return;
280 }
281
2b531294
MH		 282 /* Create a private copy with headroom */
283 skb_copy = __pskb_copy_fclone(skb, HCI_MON_HDR_SIZE, GFP_ATOMIC, true);
284 if (!skb_copy)
285 return;
286
287 /* Put header before the data */
288 hdr = (void *) skb_push(skb_copy, HCI_MON_HDR_SIZE);
289 hdr->opcode = opcode;
290 hdr->index = cpu_to_le16(hdev->id);
291 hdr->len = cpu_to_le16(skb->len);
292
d7f72f61 293 queue_monitor_skb(skb_copy);
cd82e61c
MH		 294 kfree_skb(skb_copy);
295}
296
cd82e61c
MH		 297static struct sk_buff *create_monitor_event(struct hci_dev *hdev, int event)
298{
299 struct hci_mon_hdr *hdr;
300 struct hci_mon_new_index *ni;
301 struct sk_buff *skb;
302 __le16 opcode;
303
304 switch (event) {
305 case HCI_DEV_REG:
306 skb = bt_skb_alloc(HCI_MON_NEW_INDEX_SIZE, GFP_ATOMIC);
307 if (!skb)
308 return NULL;
309
310 ni = (void *) skb_put(skb, HCI_MON_NEW_INDEX_SIZE);
311 ni->type = hdev->dev_type;
312 ni->bus = hdev->bus;
313 bacpy(&ni->bdaddr, &hdev->bdaddr);
314 memcpy(ni->name, hdev->name, 8);
315
dcf4adbf 316 opcode = cpu_to_le16(HCI_MON_NEW_INDEX);
cd82e61c
MH		 317 break;
318
319 case HCI_DEV_UNREG:
320 skb = bt_skb_alloc(0, GFP_ATOMIC);
321 if (!skb)
322 return NULL;
323
dcf4adbf 324 opcode = cpu_to_le16(HCI_MON_DEL_INDEX);
cd82e61c
MH		 325 break;
326
327 default:
328 return NULL;
329 }
330
331 __net_timestamp(skb);
332
333 hdr = (void *) skb_push(skb, HCI_MON_HDR_SIZE);
334 hdr->opcode = opcode;
335 hdr->index = cpu_to_le16(hdev->id);
336 hdr->len = cpu_to_le16(skb->len - HCI_MON_HDR_SIZE);
337
338 return skb;
339}
340
341static void send_monitor_replay(struct sock *sk)
342{
343 struct hci_dev *hdev;
344
345 read_lock(&hci_dev_list_lock);
346
347 list_for_each_entry(hdev, &hci_dev_list, list) {
348 struct sk_buff *skb;
349
350 skb = create_monitor_event(hdev, HCI_DEV_REG);
351 if (!skb)
352 continue;
353
354 if (sock_queue_rcv_skb(sk, skb))
355 kfree_skb(skb);
356 }
357
358 read_unlock(&hci_dev_list_lock);
359}
360
040030ef
MH		 361/* Generate internal stack event */
362static void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
363{
364 struct hci_event_hdr *hdr;
365 struct hci_ev_stack_internal *ev;
366 struct sk_buff *skb;
367
368 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
369 if (!skb)
370 return;
371
372 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
373 hdr->evt = HCI_EV_STACK_INTERNAL;
374 hdr->plen = sizeof(*ev) + dlen;
375
376 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
377 ev->type = type;
378 memcpy(ev->data, data, dlen);
379
380 bt_cb(skb)->incoming = 1;
381 __net_timestamp(skb);
382
383 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
040030ef
MH		 384 hci_send_to_sock(hdev, skb);
385 kfree_skb(skb);
386}
387
388void hci_sock_dev_event(struct hci_dev *hdev, int event)
389{
390 struct hci_ev_si_device ev;
391
392 BT_DBG("hdev %s event %d", hdev->name, event);
393
cd82e61c
MH		 394 /* Send event to monitor */
395 if (atomic_read(&monitor_promisc)) {
396 struct sk_buff *skb;
397
398 skb = create_monitor_event(hdev, event);
399 if (skb) {
41e91e71 400 queue_monitor_skb(skb);
cd82e61c
MH		 401 kfree_skb(skb);
402 }
403 }
404
040030ef
MH		 405 /* Send event to sockets */
406 ev.event = event;
407 ev.dev_id = hdev->id;
408 hci_si_event(NULL, HCI_EV_SI_DEVICE, sizeof(ev), &ev);
409
410 if (event == HCI_DEV_UNREG) {
411 struct sock *sk;
040030ef
MH		 412
413 /* Detach sockets from device */
414 read_lock(&hci_sk_list.lock);
b67bfe0d 415 sk_for_each(sk, &hci_sk_list.head) {
040030ef
MH		 416 bh_lock_sock_nested(sk);
417 if (hci_pi(sk)->hdev == hdev) {
418 hci_pi(sk)->hdev = NULL;
419 sk->sk_err = EPIPE;
420 sk->sk_state = BT_OPEN;
421 sk->sk_state_change(sk);
422
423 hci_dev_put(hdev);
424 }
425 bh_unlock_sock(sk);
426 }
427 read_unlock(&hci_sk_list.lock);
428 }
429}
430
1da177e4
LT		 431static int hci_sock_release(struct socket *sock)
432{
433 struct sock *sk = sock->sk;
7b005bd3 434 struct hci_dev *hdev;
1da177e4
LT		 435
436 BT_DBG("sock %p sk %p", sock, sk);
437
438 if (!sk)
439 return 0;
440
7b005bd3
MH		 441 hdev = hci_pi(sk)->hdev;
442
cd82e61c
MH		 443 if (hci_pi(sk)->channel == HCI_CHANNEL_MONITOR)
444 atomic_dec(&monitor_promisc);
445
1da177e4
LT		 446 bt_sock_unlink(&hci_sk_list, sk);
447
448 if (hdev) {
23500189 449 if (hci_pi(sk)->channel == HCI_CHANNEL_USER) {
0602a8ad 450 mgmt_index_added(hdev);
23500189
MH		 451 clear_bit(HCI_USER_CHANNEL, &hdev->dev_flags);
452 hci_dev_close(hdev->id);
453 }
454
1da177e4
LT		 455 atomic_dec(&hdev->promisc);
456 hci_dev_put(hdev);
457 }
458
459 sock_orphan(sk);
460
461 skb_queue_purge(&sk->sk_receive_queue);
462 skb_queue_purge(&sk->sk_write_queue);
463
464 sock_put(sk);
465 return 0;
466}
467
b2a66aad 468static int hci_sock_blacklist_add(struct hci_dev *hdev, void __user *arg)
f0358568
JH		 469{
470 bdaddr_t bdaddr;
5e762444 471 int err;
f0358568
JH		 472
473 if (copy_from_user(&bdaddr, arg, sizeof(bdaddr)))
474 return -EFAULT;
475
09fd0de5 476 hci_dev_lock(hdev);
5e762444 477
dcc36c16 478 err = hci_bdaddr_list_add(&hdev->blacklist, &bdaddr, BDADDR_BREDR);
5e762444 479
09fd0de5 480 hci_dev_unlock(hdev);
5e762444
AJ		 481
482 return err;
f0358568
JH		 483}
484
b2a66aad 485static int hci_sock_blacklist_del(struct hci_dev *hdev, void __user *arg)
f0358568
JH		 486{
487 bdaddr_t bdaddr;
5e762444 488 int err;
f0358568
JH		 489
490 if (copy_from_user(&bdaddr, arg, sizeof(bdaddr)))
491 return -EFAULT;
492
09fd0de5 493 hci_dev_lock(hdev);
5e762444 494
dcc36c16 495 err = hci_bdaddr_list_del(&hdev->blacklist, &bdaddr, BDADDR_BREDR);
5e762444 496
09fd0de5 497 hci_dev_unlock(hdev);
5e762444
AJ		 498
499 return err;
f0358568
JH		 500}
501
8e87d142 502/* Ioctls that require bound socket */
6039aa73
GP		 503static int hci_sock_bound_ioctl(struct sock *sk, unsigned int cmd,
504 unsigned long arg)
1da177e4
LT		 505{
506 struct hci_dev *hdev = hci_pi(sk)->hdev;
507
508 if (!hdev)
509 return -EBADFD;
510
0736cfa8
MH		 511 if (test_bit(HCI_USER_CHANNEL, &hdev->dev_flags))
512 return -EBUSY;
513
4a964404 514 if (test_bit(HCI_UNCONFIGURED, &hdev->dev_flags))
fee746b0
MH		 515 return -EOPNOTSUPP;
516
5b69bef5
MH		 517 if (hdev->dev_type != HCI_BREDR)
518 return -EOPNOTSUPP;
519
1da177e4
LT		 520 switch (cmd) {
521 case HCISETRAW:
522 if (!capable(CAP_NET_ADMIN))
bf5b30b8 523 return -EPERM;
db596681 524 return -EOPNOTSUPP;
1da177e4 525
1da177e4 526 case HCIGETCONNINFO:
40be492f
MH		 527 return hci_get_conn_info(hdev, (void __user *) arg);
528
529 case HCIGETAUTHINFO:
530 return hci_get_auth_info(hdev, (void __user *) arg);
1da177e4 531
f0358568
JH		 532 case HCIBLOCKADDR:
533 if (!capable(CAP_NET_ADMIN))
bf5b30b8 534 return -EPERM;
b2a66aad 535 return hci_sock_blacklist_add(hdev, (void __user *) arg);
f0358568
JH		 536
537 case HCIUNBLOCKADDR:
538 if (!capable(CAP_NET_ADMIN))
bf5b30b8 539 return -EPERM;
b2a66aad 540 return hci_sock_blacklist_del(hdev, (void __user *) arg);
1da177e4 541 }
0736cfa8 542
324d36ed 543 return -ENOIOCTLCMD;
1da177e4
LT		 544}
545
8fc9ced3
GP		 546static int hci_sock_ioctl(struct socket *sock, unsigned int cmd,
547 unsigned long arg)
1da177e4 548{
40be492f 549 void __user *argp = (void __user *) arg;
0736cfa8 550 struct sock *sk = sock->sk;
1da177e4
LT		 551 int err;
552
553 BT_DBG("cmd %x arg %lx", cmd, arg);
554
c1c4f956
MH		 555 lock_sock(sk);
556
557 if (hci_pi(sk)->channel != HCI_CHANNEL_RAW) {
558 err = -EBADFD;
559 goto done;
560 }
561
562 release_sock(sk);
563
1da177e4
LT		 564 switch (cmd) {
565 case HCIGETDEVLIST:
566 return hci_get_dev_list(argp);
567
568 case HCIGETDEVINFO:
569 return hci_get_dev_info(argp);
570
571 case HCIGETCONNLIST:
572 return hci_get_conn_list(argp);
573
574 case HCIDEVUP:
575 if (!capable(CAP_NET_ADMIN))
bf5b30b8 576 return -EPERM;
1da177e4
LT		 577 return hci_dev_open(arg);
578
579 case HCIDEVDOWN:
580 if (!capable(CAP_NET_ADMIN))
bf5b30b8 581 return -EPERM;
1da177e4
LT		 582 return hci_dev_close(arg);
583
584 case HCIDEVRESET:
585 if (!capable(CAP_NET_ADMIN))
bf5b30b8 586 return -EPERM;
1da177e4
LT		 587 return hci_dev_reset(arg);
588
589 case HCIDEVRESTAT:
590 if (!capable(CAP_NET_ADMIN))
bf5b30b8 591 return -EPERM;
1da177e4
LT		 592 return hci_dev_reset_stat(arg);
593
594 case HCISETSCAN:
595 case HCISETAUTH:
596 case HCISETENCRYPT:
597 case HCISETPTYPE:
598 case HCISETLINKPOL:
599 case HCISETLINKMODE:
600 case HCISETACLMTU:
601 case HCISETSCOMTU:
602 if (!capable(CAP_NET_ADMIN))
bf5b30b8 603 return -EPERM;
1da177e4
LT		 604 return hci_dev_cmd(cmd, argp);
605
606 case HCIINQUIRY:
607 return hci_inquiry(argp);
1da177e4 608 }
c1c4f956
MH		 609
610 lock_sock(sk);
611
612 err = hci_sock_bound_ioctl(sk, cmd, arg);
613
614done:
615 release_sock(sk);
616 return err;
1da177e4
LT		 617}
618
8fc9ced3
GP		 619static int hci_sock_bind(struct socket *sock, struct sockaddr *addr,
620 int addr_len)
1da177e4 621{
0381101f 622 struct sockaddr_hci haddr;
1da177e4
LT		 623 struct sock *sk = sock->sk;
624 struct hci_dev *hdev = NULL;
0381101f 625 int len, err = 0;
1da177e4
LT		 626
627 BT_DBG("sock %p sk %p", sock, sk);
628
0381101f
JH		 629 if (!addr)
630 return -EINVAL;
631
632 memset(&haddr, 0, sizeof(haddr));
633 len = min_t(unsigned int, sizeof(haddr), addr_len);
634 memcpy(&haddr, addr, len);
635
636 if (haddr.hci_family != AF_BLUETOOTH)
637 return -EINVAL;
638
1da177e4
LT		 639 lock_sock(sk);
640
7cc2ade2 641 if (sk->sk_state == BT_BOUND) {
1da177e4
LT		 642 err = -EALREADY;
643 goto done;
644 }
645
7cc2ade2
MH		 646 switch (haddr.hci_channel) {
647 case HCI_CHANNEL_RAW:
648 if (hci_pi(sk)->hdev) {
649 err = -EALREADY;
1da177e4
LT		 650 goto done;
651 }
652
7cc2ade2
MH		 653 if (haddr.hci_dev != HCI_DEV_NONE) {
654 hdev = hci_dev_get(haddr.hci_dev);
655 if (!hdev) {
656 err = -ENODEV;
657 goto done;
658 }
659
660 atomic_inc(&hdev->promisc);
661 }
662
663 hci_pi(sk)->hdev = hdev;
664 break;
665
23500189
MH		 666 case HCI_CHANNEL_USER:
667 if (hci_pi(sk)->hdev) {
668 err = -EALREADY;
669 goto done;
670 }
671
672 if (haddr.hci_dev == HCI_DEV_NONE) {
673 err = -EINVAL;
674 goto done;
675 }
676
10a8b86f 677 if (!capable(CAP_NET_ADMIN)) {
23500189
MH		 678 err = -EPERM;
679 goto done;
680 }
681
682 hdev = hci_dev_get(haddr.hci_dev);
683 if (!hdev) {
684 err = -ENODEV;
685 goto done;
686 }
687
688 if (test_bit(HCI_UP, &hdev->flags) ||
689 test_bit(HCI_INIT, &hdev->flags) ||
d603b76b
MH		 690 test_bit(HCI_SETUP, &hdev->dev_flags) ||
691 test_bit(HCI_CONFIG, &hdev->dev_flags)) {
23500189
MH		 692 err = -EBUSY;
693 hci_dev_put(hdev);
694 goto done;
695 }
696
697 if (test_and_set_bit(HCI_USER_CHANNEL, &hdev->dev_flags)) {
698 err = -EUSERS;
699 hci_dev_put(hdev);
700 goto done;
701 }
702
0602a8ad 703 mgmt_index_removed(hdev);
23500189
MH		 704
705 err = hci_dev_open(hdev->id);
706 if (err) {
707 clear_bit(HCI_USER_CHANNEL, &hdev->dev_flags);
0602a8ad 708 mgmt_index_added(hdev);
23500189
MH		 709 hci_dev_put(hdev);
710 goto done;
711 }
712
713 atomic_inc(&hdev->promisc);
714
715 hci_pi(sk)->hdev = hdev;
716 break;
717
7cc2ade2 718 case HCI_CHANNEL_CONTROL:
4b95a24c 719 if (haddr.hci_dev != HCI_DEV_NONE) {
7cc2ade2
MH		 720 err = -EINVAL;
721 goto done;
722 }
723
801f13bd
MH		 724 if (!capable(CAP_NET_ADMIN)) {
725 err = -EPERM;
726 goto done;
727 }
728
7cc2ade2
MH		 729 break;
730
cd82e61c
MH		 731 case HCI_CHANNEL_MONITOR:
732 if (haddr.hci_dev != HCI_DEV_NONE) {
733 err = -EINVAL;
734 goto done;
735 }
736
737 if (!capable(CAP_NET_RAW)) {
738 err = -EPERM;
739 goto done;
740 }
741
742 send_monitor_replay(sk);
743
744 atomic_inc(&monitor_promisc);
745 break;
746
7cc2ade2
MH		 747 default:
748 err = -EINVAL;
749 goto done;
1da177e4
LT		 750 }
751
7cc2ade2 752
0381101f 753 hci_pi(sk)->channel = haddr.hci_channel;
1da177e4
LT		 754 sk->sk_state = BT_BOUND;
755
756done:
757 release_sock(sk);
758 return err;
759}
760
8fc9ced3
GP		 761static int hci_sock_getname(struct socket *sock, struct sockaddr *addr,
762 int *addr_len, int peer)
1da177e4
LT		 763{
764 struct sockaddr_hci *haddr = (struct sockaddr_hci *) addr;
765 struct sock *sk = sock->sk;
9d4b68b2
MH		 766 struct hci_dev *hdev;
767 int err = 0;
1da177e4
LT		 768
769 BT_DBG("sock %p sk %p", sock, sk);
770
06f43cbc
MH		 771 if (peer)
772 return -EOPNOTSUPP;
773
1da177e4
LT		 774 lock_sock(sk);
775
9d4b68b2
MH		 776 hdev = hci_pi(sk)->hdev;
777 if (!hdev) {
778 err = -EBADFD;
779 goto done;
780 }
781
1da177e4
LT		 782 *addr_len = sizeof(*haddr);
783 haddr->hci_family = AF_BLUETOOTH;
7b005bd3 784 haddr->hci_dev = hdev->id;
9d4b68b2 785 haddr->hci_channel= hci_pi(sk)->channel;
1da177e4 786
9d4b68b2 787done:
1da177e4 788 release_sock(sk);
9d4b68b2 789 return err;
1da177e4
LT		 790}
791
6039aa73
GP		 792static void hci_sock_cmsg(struct sock *sk, struct msghdr *msg,
793 struct sk_buff *skb)
1da177e4
LT		 794{
795 __u32 mask = hci_pi(sk)->cmsg_mask;
796
0d48d939
MH		 797 if (mask & HCI_CMSG_DIR) {
798 int incoming = bt_cb(skb)->incoming;
8fc9ced3
GP		 799 put_cmsg(msg, SOL_HCI, HCI_CMSG_DIR, sizeof(incoming),
800 &incoming);
0d48d939 801 }
1da177e4 802
a61bbcf2 803 if (mask & HCI_CMSG_TSTAMP) {
f6e623a6
JFS		 804#ifdef CONFIG_COMPAT
805 struct compat_timeval ctv;
806#endif
a61bbcf2 807 struct timeval tv;
767c5eb5
MH		 808 void *data;
809 int len;
a61bbcf2
PM		 810
811 skb_get_timestamp(skb, &tv);
767c5eb5 812
1da97f83
DM		 813 data = &tv;
814 len = sizeof(tv);
815#ifdef CONFIG_COMPAT
da88cea1
L		 816 if (!COMPAT_USE_64BIT_TIME &&
817 (msg->msg_flags & MSG_CMSG_COMPAT)) {
767c5eb5
MH		 818 ctv.tv_sec = tv.tv_sec;
819 ctv.tv_usec = tv.tv_usec;
820 data = &ctv;
821 len = sizeof(ctv);
767c5eb5 822 }
1da97f83 823#endif
767c5eb5
MH		 824
825 put_cmsg(msg, SOL_HCI, HCI_CMSG_TSTAMP, len, data);
a61bbcf2 826 }
1da177e4 827}
8e87d142 828
1b784140
YX		 829static int hci_sock_recvmsg(struct socket *sock, struct msghdr *msg, size_t len,
830 int flags)
1da177e4
LT		 831{
832 int noblock = flags & MSG_DONTWAIT;
833 struct sock *sk = sock->sk;
834 struct sk_buff *skb;
835 int copied, err;
836
837 BT_DBG("sock %p, sk %p", sock, sk);
838
839 if (flags & (MSG_OOB))
840 return -EOPNOTSUPP;
841
842 if (sk->sk_state == BT_CLOSED)
843 return 0;
844
70f23020
AE		 845 skb = skb_recv_datagram(sk, flags, noblock, &err);
846 if (!skb)
1da177e4
LT		 847 return err;
848
1da177e4
LT		 849 copied = skb->len;
850 if (len < copied) {
851 msg->msg_flags |= MSG_TRUNC;
852 copied = len;
853 }
854
badff6d0 855 skb_reset_transport_header(skb);
51f3d02b 856 err = skb_copy_datagram_msg(skb, 0, msg, copied);
1da177e4 857
3a208627
MH		 858 switch (hci_pi(sk)->channel) {
859 case HCI_CHANNEL_RAW:
860 hci_sock_cmsg(sk, msg, skb);
861 break;
23500189 862 case HCI_CHANNEL_USER:
97e0bdeb 863 case HCI_CHANNEL_CONTROL:
cd82e61c
MH		 864 case HCI_CHANNEL_MONITOR:
865 sock_recv_timestamp(msg, sk, skb);
866 break;
3a208627 867 }
1da177e4
LT		 868
869 skb_free_datagram(sk, skb);
870
871 return err ? : copied;
872}
873
1b784140
YX		 874static int hci_sock_sendmsg(struct socket *sock, struct msghdr *msg,
875 size_t len)
1da177e4
LT		 876{
877 struct sock *sk = sock->sk;
878 struct hci_dev *hdev;
879 struct sk_buff *skb;
880 int err;
881
882 BT_DBG("sock %p sk %p", sock, sk);
883
884 if (msg->msg_flags & MSG_OOB)
885 return -EOPNOTSUPP;
886
887 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_NOSIGNAL|MSG_ERRQUEUE))
888 return -EINVAL;
889
890 if (len < 4 || len > HCI_MAX_FRAME_SIZE)
891 return -EINVAL;
892
893 lock_sock(sk);
894
0381101f
JH		 895 switch (hci_pi(sk)->channel) {
896 case HCI_CHANNEL_RAW:
23500189 897 case HCI_CHANNEL_USER:
0381101f
JH		 898 break;
899 case HCI_CHANNEL_CONTROL:
900 err = mgmt_control(sk, msg, len);
901 goto done;
cd82e61c
MH		 902 case HCI_CHANNEL_MONITOR:
903 err = -EOPNOTSUPP;
904 goto done;
0381101f
JH		 905 default:
906 err = -EINVAL;
907 goto done;
908 }
909
70f23020
AE		 910 hdev = hci_pi(sk)->hdev;
911 if (!hdev) {
1da177e4
LT		 912 err = -EBADFD;
913 goto done;
914 }
915
7e21addc
MH		 916 if (!test_bit(HCI_UP, &hdev->flags)) {
917 err = -ENETDOWN;
918 goto done;
919 }
920
70f23020
AE		 921 skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err);
922 if (!skb)
1da177e4
LT		 923 goto done;
924
6ce8e9ce 925 if (memcpy_from_msg(skb_put(skb, len), msg, len)) {
1da177e4
LT		 926 err = -EFAULT;
927 goto drop;
928 }
929
0d48d939 930 bt_cb(skb)->pkt_type = *((unsigned char *) skb->data);
1da177e4 931 skb_pull(skb, 1);
1da177e4 932
1bc5ad16
MH		 933 if (hci_pi(sk)->channel == HCI_CHANNEL_USER) {
934 /* No permission check is needed for user channel
935 * since that gets enforced when binding the socket.
936 *
937 * However check that the packet type is valid.
938 */
939 if (bt_cb(skb)->pkt_type != HCI_COMMAND_PKT &&
940 bt_cb(skb)->pkt_type != HCI_ACLDATA_PKT &&
941 bt_cb(skb)->pkt_type != HCI_SCODATA_PKT) {
942 err = -EINVAL;
943 goto drop;
944 }
945
946 skb_queue_tail(&hdev->raw_q, skb);
947 queue_work(hdev->workqueue, &hdev->tx_work);
948 } else if (bt_cb(skb)->pkt_type == HCI_COMMAND_PKT) {
83985319 949 u16 opcode = get_unaligned_le16(skb->data);
1da177e4
LT		 950 u16 ogf = hci_opcode_ogf(opcode);
951 u16 ocf = hci_opcode_ocf(opcode);
952
953 if (((ogf > HCI_SFLT_MAX_OGF) ||
3bb3c755
GP		 954 !hci_test_bit(ocf & HCI_FLT_OCF_BITS,
955 &hci_sec_filter.ocf_mask[ogf])) &&
956 !capable(CAP_NET_RAW)) {
1da177e4
LT		 957 err = -EPERM;
958 goto drop;
959 }
960
fee746b0 961 if (ogf == 0x3f) {
1da177e4 962 skb_queue_tail(&hdev->raw_q, skb);
3eff45ea 963 queue_work(hdev->workqueue, &hdev->tx_work);
1da177e4 964 } else {
49c922bb 965 /* Stand-alone HCI commands must be flagged as
11714b3d
JH		 966 * single-command requests.
967 */
6368c235 968 bt_cb(skb)->req_start = 1;
11714b3d 969
1da177e4 970 skb_queue_tail(&hdev->cmd_q, skb);
c347b765 971 queue_work(hdev->workqueue, &hdev->cmd_work);
1da177e4
LT		 972 }
973 } else {
974 if (!capable(CAP_NET_RAW)) {
975 err = -EPERM;
976 goto drop;
977 }
978
979 skb_queue_tail(&hdev->raw_q, skb);
3eff45ea 980 queue_work(hdev->workqueue, &hdev->tx_work);
1da177e4
LT		 981 }
982
983 err = len;
984
985done:
986 release_sock(sk);
987 return err;
988
989drop:
990 kfree_skb(skb);
991 goto done;
992}
993
8fc9ced3
GP		 994static int hci_sock_setsockopt(struct socket *sock, int level, int optname,
995 char __user *optval, unsigned int len)
1da177e4
LT		 996{
997 struct hci_ufilter uf = { .opcode = 0 };
998 struct sock *sk = sock->sk;
999 int err = 0, opt = 0;
1000
1001 BT_DBG("sk %p, opt %d", sk, optname);
1002
1003 lock_sock(sk);
1004
2f39cdb7 1005 if (hci_pi(sk)->channel != HCI_CHANNEL_RAW) {
c2371e80 1006 err = -EBADFD;
2f39cdb7
MH		 1007 goto done;
1008 }
1009
1da177e4
LT		 1010 switch (optname) {
1011 case HCI_DATA_DIR:
1012 if (get_user(opt, (int __user *)optval)) {
1013 err = -EFAULT;
1014 break;
1015 }
1016
1017 if (opt)
1018 hci_pi(sk)->cmsg_mask |= HCI_CMSG_DIR;
1019 else
1020 hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_DIR;
1021 break;
1022
1023 case HCI_TIME_STAMP:
1024 if (get_user(opt, (int __user *)optval)) {
1025 err = -EFAULT;
1026 break;
1027 }
1028
1029 if (opt)
1030 hci_pi(sk)->cmsg_mask |= HCI_CMSG_TSTAMP;
1031 else
1032 hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_TSTAMP;
1033 break;
1034
1035 case HCI_FILTER:
0878b666
MH		 1036 {
1037 struct hci_filter *f = &hci_pi(sk)->filter;
1038
1039 uf.type_mask = f->type_mask;
1040 uf.opcode = f->opcode;
1041 uf.event_mask[0] = *((u32 *) f->event_mask + 0);
1042 uf.event_mask[1] = *((u32 *) f->event_mask + 1);
1043 }
1044
1da177e4
LT		 1045 len = min_t(unsigned int, len, sizeof(uf));
1046 if (copy_from_user(&uf, optval, len)) {
1047 err = -EFAULT;
1048 break;
1049 }
1050
1051 if (!capable(CAP_NET_RAW)) {
1052 uf.type_mask &= hci_sec_filter.type_mask;
1053 uf.event_mask[0] &= *((u32 *) hci_sec_filter.event_mask + 0);
1054 uf.event_mask[1] &= *((u32 *) hci_sec_filter.event_mask + 1);
1055 }
1056
1057 {
1058 struct hci_filter *f = &hci_pi(sk)->filter;
1059
1060 f->type_mask = uf.type_mask;
1061 f->opcode = uf.opcode;
1062 *((u32 *) f->event_mask + 0) = uf.event_mask[0];
1063 *((u32 *) f->event_mask + 1) = uf.event_mask[1];
1064 }
8e87d142 1065 break;
1da177e4
LT		 1066
1067 default:
1068 err = -ENOPROTOOPT;
1069 break;
1070 }
1071
2f39cdb7 1072done:
1da177e4
LT		 1073 release_sock(sk);
1074 return err;
1075}
1076
8fc9ced3
GP		 1077static int hci_sock_getsockopt(struct socket *sock, int level, int optname,
1078 char __user *optval, int __user *optlen)
1da177e4
LT		 1079{
1080 struct hci_ufilter uf;
1081 struct sock *sk = sock->sk;
cedc5469
MH		 1082 int len, opt, err = 0;
1083
1084 BT_DBG("sk %p, opt %d", sk, optname);
1da177e4
LT		 1085
1086 if (get_user(len, optlen))
1087 return -EFAULT;
1088
cedc5469
MH		 1089 lock_sock(sk);
1090
1091 if (hci_pi(sk)->channel != HCI_CHANNEL_RAW) {
c2371e80 1092 err = -EBADFD;
cedc5469
MH		 1093 goto done;
1094 }
1095
1da177e4
LT		 1096 switch (optname) {
1097 case HCI_DATA_DIR:
1098 if (hci_pi(sk)->cmsg_mask & HCI_CMSG_DIR)
1099 opt = 1;
8e87d142 1100 else
1da177e4
LT		 1101 opt = 0;
1102
1103 if (put_user(opt, optval))
cedc5469 1104 err = -EFAULT;
1da177e4
LT		 1105 break;
1106
1107 case HCI_TIME_STAMP:
1108 if (hci_pi(sk)->cmsg_mask & HCI_CMSG_TSTAMP)
1109 opt = 1;
8e87d142 1110 else
1da177e4
LT		 1111 opt = 0;
1112
1113 if (put_user(opt, optval))
cedc5469 1114 err = -EFAULT;
1da177e4
LT		 1115 break;
1116
1117 case HCI_FILTER:
1118 {
1119 struct hci_filter *f = &hci_pi(sk)->filter;
1120
e15ca9a0 1121 memset(&uf, 0, sizeof(uf));
1da177e4
LT		 1122 uf.type_mask = f->type_mask;
1123 uf.opcode = f->opcode;
1124 uf.event_mask[0] = *((u32 *) f->event_mask + 0);
1125 uf.event_mask[1] = *((u32 *) f->event_mask + 1);
1126 }
1127
1128 len = min_t(unsigned int, len, sizeof(uf));
1129 if (copy_to_user(optval, &uf, len))
cedc5469 1130 err = -EFAULT;
1da177e4
LT		 1131 break;
1132
1133 default:
cedc5469 1134 err = -ENOPROTOOPT;
1da177e4
LT		 1135 break;
1136 }
1137
cedc5469
MH		 1138done:
1139 release_sock(sk);
1140 return err;
1da177e4
LT		 1141}
1142
90ddc4f0 1143static const struct proto_ops hci_sock_ops = {
1da177e4
LT		 1144 .family = PF_BLUETOOTH,
1145 .owner = THIS_MODULE,
1146 .release = hci_sock_release,
1147 .bind = hci_sock_bind,
1148 .getname = hci_sock_getname,
1149 .sendmsg = hci_sock_sendmsg,
1150 .recvmsg = hci_sock_recvmsg,
1151 .ioctl = hci_sock_ioctl,
1152 .poll = datagram_poll,
1153 .listen = sock_no_listen,
1154 .shutdown = sock_no_shutdown,
1155 .setsockopt = hci_sock_setsockopt,
1156 .getsockopt = hci_sock_getsockopt,
1157 .connect = sock_no_connect,
1158 .socketpair = sock_no_socketpair,
1159 .accept = sock_no_accept,
1160 .mmap = sock_no_mmap
1161};
1162
1163static struct proto hci_sk_proto = {
1164 .name = "HCI",
1165 .owner = THIS_MODULE,
1166 .obj_size = sizeof(struct hci_pinfo)
1167};
1168
3f378b68
EP		 1169static int hci_sock_create(struct net *net, struct socket *sock, int protocol,
1170 int kern)
1da177e4
LT		 1171{
1172 struct sock *sk;
1173
1174 BT_DBG("sock %p", sock);
1175
1176 if (sock->type != SOCK_RAW)
1177 return -ESOCKTNOSUPPORT;
1178
1179 sock->ops = &hci_sock_ops;
1180
6257ff21 1181 sk = sk_alloc(net, PF_BLUETOOTH, GFP_ATOMIC, &hci_sk_proto);
1da177e4
LT		 1182 if (!sk)
1183 return -ENOMEM;
1184
1185 sock_init_data(sock, sk);
1186
1187 sock_reset_flag(sk, SOCK_ZAPPED);
1188
1189 sk->sk_protocol = protocol;
1190
1191 sock->state = SS_UNCONNECTED;
1192 sk->sk_state = BT_OPEN;
1193
1194 bt_sock_link(&hci_sk_list, sk);
1195 return 0;
1196}
1197
ec1b4cf7 1198static const struct net_proto_family hci_sock_family_ops = {
1da177e4
LT		 1199 .family = PF_BLUETOOTH,
1200 .owner = THIS_MODULE,
1201 .create = hci_sock_create,
1202};
1203
1da177e4
LT		 1204int __init hci_sock_init(void)
1205{
1206 int err;
1207
b0a8e282
MH		 1208 BUILD_BUG_ON(sizeof(struct sockaddr_hci) > sizeof(struct sockaddr));
1209
1da177e4
LT		 1210 err = proto_register(&hci_sk_proto, 0);
1211 if (err < 0)
1212 return err;
1213
1214 err = bt_sock_register(BTPROTO_HCI, &hci_sock_family_ops);
f7c86637
MY		 1215 if (err < 0) {
1216 BT_ERR("HCI socket registration failed");
1da177e4 1217 goto error;
f7c86637
MY		 1218 }
1219
b0316615 1220 err = bt_procfs_init(&init_net, "hci", &hci_sk_list, NULL);
f7c86637
MY		 1221 if (err < 0) {
1222 BT_ERR("Failed to create HCI proc file");
1223 bt_sock_unregister(BTPROTO_HCI);
1224 goto error;
1225 }
1da177e4 1226
1da177e4
LT		 1227 BT_INFO("HCI socket layer initialized");
1228
1229 return 0;
1230
1231error:
1da177e4
LT		 1232 proto_unregister(&hci_sk_proto);
1233 return err;
1234}
1235
b7440a14 1236void hci_sock_cleanup(void)
1da177e4 1237{
f7c86637 1238 bt_procfs_cleanup(&init_net, "hci");
5e9d7f86 1239 bt_sock_unregister(BTPROTO_HCI);
1da177e4 1240 proto_unregister(&hci_sk_proto);
1da177e4 1241}
Linux kernel - Deliverables
This page took 0.899928 seconds and 5 git commands to generate.