projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Make l2cap_le_sig_cmd logic consistent
[deliverable/linux.git] / net / bluetooth / l2cap_sock.c
CommitLineData
bb58f747
GP		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
590051de 6 Copyright (C) 2011 ProFUSION Embedded Systems
bb58f747
GP		 7
8 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
9
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License version 2 as
12 published by the Free Software Foundation;
13
14 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
17 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
18 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
19 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
22
23 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
24 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
25 SOFTWARE IS DISCLAIMED.
26*/
27
28/* Bluetooth L2CAP sockets. */
29
9149761a 30#include <linux/module.h>
bc3b2d7f 31#include <linux/export.h>
6230c9b4 32
bb58f747 33#include <net/bluetooth/bluetooth.h>
33575df7 34#include <net/bluetooth/hci_core.h>
bb58f747 35#include <net/bluetooth/l2cap.h>
ac4b7236
MH		 36
37#include "smp.h"
bb58f747 38
9149761a
JH		 39bool enable_lecoc;
40
5b28d95c
MY		 41static struct bt_sock_list l2cap_sk_list = {
42 .lock = __RW_LOCK_UNLOCKED(l2cap_sk_list.lock)
43};
44
cf2f90f5 45static const struct proto_ops l2cap_sock_ops;
80808e43 46static void l2cap_sock_init(struct sock *sk, struct sock *parent);
2d792818
GP		 47static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock,
48 int proto, gfp_t prio);
cf2f90f5 49
b3916db3
DH		 50bool l2cap_is_socket(struct socket *sock)
51{
52 return sock && sock->ops == &l2cap_sock_ops;
53}
54EXPORT_SYMBOL(l2cap_is_socket);
55
af6bcd82
GP		 56static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
57{
58 struct sock *sk = sock->sk;
4343478f 59 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
af6bcd82
GP		 60 struct sockaddr_l2 la;
61 int len, err = 0;
62
63 BT_DBG("sk %p", sk);
64
65 if (!addr || addr->sa_family != AF_BLUETOOTH)
66 return -EINVAL;
67
68 memset(&la, 0, sizeof(la));
69 len = min_t(unsigned int, sizeof(la), alen);
70 memcpy(&la, addr, len);
71
b62f328b 72 if (la.l2_cid && la.l2_psm)
af6bcd82
GP		 73 return -EINVAL;
74
80c1a2e7
JH		 75 if (!bdaddr_type_is_valid(la.l2_bdaddr_type))
76 return -EINVAL;
77
bfe4655f 78 if (bdaddr_type_is_le(la.l2_bdaddr_type)) {
9149761a 79 if (!enable_lecoc && la.l2_psm)
bfe4655f
JH		 80 return -EINVAL;
81 /* We only allow ATT user space socket */
9149761a
JH		 82 if (la.l2_cid &&
83 la.l2_cid != __constant_cpu_to_le16(L2CAP_CID_ATT))
bfe4655f
JH		 84 return -EINVAL;
85 }
86
af6bcd82
GP		 87 lock_sock(sk);
88
89 if (sk->sk_state != BT_OPEN) {
90 err = -EBADFD;
91 goto done;
92 }
93
94 if (la.l2_psm) {
95 __u16 psm = __le16_to_cpu(la.l2_psm);
96
97 /* PSM must be odd and lsb of upper byte must be 0 */
98 if ((psm & 0x0101) != 0x0001) {
99 err = -EINVAL;
100 goto done;
101 }
102
103 /* Restrict usage of well-known PSMs */
104 if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) {
105 err = -EACCES;
106 goto done;
107 }
108 }
109
9e4425ff 110 if (la.l2_cid)
6e4aff10 111 err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));
9e4425ff
GP		 112 else
113 err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
af6bcd82 114
9e4425ff
GP		 115 if (err < 0)
116 goto done;
af6bcd82 117
6a974b50 118 switch (chan->chan_type) {
3124b843
MH		 119 case L2CAP_CHAN_CONN_LESS:
120 if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_3DSP)
121 chan->sec_level = BT_SECURITY_SDP;
122 break;
6a974b50
MH		 123 case L2CAP_CHAN_CONN_ORIENTED:
124 if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_SDP ||
125 __le16_to_cpu(la.l2_psm) == L2CAP_PSM_RFCOMM)
126 chan->sec_level = BT_SECURITY_SDP;
127 break;
128 }
b62f328b 129
7eafc59e 130 bacpy(&chan->src, &la.l2_bdaddr);
4f1654e0 131 chan->src_type = la.l2_bdaddr_type;
89bc500e
GP		 132
133 chan->state = BT_BOUND;
9e4425ff 134 sk->sk_state = BT_BOUND;
af6bcd82
GP		 135
136done:
137 release_sock(sk);
138 return err;
139}
140
2d792818
GP		 141static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr,
142 int alen, int flags)
4e34c50b
GP		 143{
144 struct sock *sk = sock->sk;
0c1bc5c6 145 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
4e34c50b
GP		 146 struct sockaddr_l2 la;
147 int len, err = 0;
148
149 BT_DBG("sk %p", sk);
150
151 if (!addr || alen < sizeof(addr->sa_family) ||
152 addr->sa_family != AF_BLUETOOTH)
153 return -EINVAL;
154
155 memset(&la, 0, sizeof(la));
156 len = min_t(unsigned int, sizeof(la), alen);
157 memcpy(&la, addr, len);
158
acd7d370 159 if (la.l2_cid && la.l2_psm)
4e34c50b
GP		 160 return -EINVAL;
161
80c1a2e7
JH		 162 if (!bdaddr_type_is_valid(la.l2_bdaddr_type))
163 return -EINVAL;
164
eb622495
JH		 165 /* Check that the socket wasn't bound to something that
166 * conflicts with the address given to connect(). If chan->src
167 * is BDADDR_ANY it means bind() was never used, in which case
168 * chan->src_type and la.l2_bdaddr_type do not need to match.
169 */
170 if (chan->src_type == BDADDR_BREDR && bacmp(&chan->src, BDADDR_ANY) &&
171 bdaddr_type_is_le(la.l2_bdaddr_type)) {
172 /* Old user space versions will try to incorrectly bind
173 * the ATT socket using BDADDR_BREDR. We need to accept
174 * this and fix up the source address type only when
175 * both the source CID and destination CID indicate
176 * ATT. Anything else is an invalid combination.
177 */
178 if (chan->scid != L2CAP_CID_ATT ||
179 la.l2_cid != __constant_cpu_to_le16(L2CAP_CID_ATT))
180 return -EINVAL;
181
182 /* We don't have the hdev available here to make a
183 * better decision on random vs public, but since all
184 * user space versions that exhibit this issue anyway do
185 * not support random local addresses assuming public
186 * here is good enough.
187 */
188 chan->src_type = BDADDR_LE_PUBLIC;
189 }
1f209383
JH		 190
191 if (chan->src_type != BDADDR_BREDR && la.l2_bdaddr_type == BDADDR_BREDR)
192 return -EINVAL;
193
bfe4655f 194 if (bdaddr_type_is_le(la.l2_bdaddr_type)) {
9149761a 195 if (!enable_lecoc && la.l2_psm)
bfe4655f
JH		 196 return -EINVAL;
197 /* We only allow ATT user space socket */
9149761a
JH		 198 if (la.l2_cid &&
199 la.l2_cid != __constant_cpu_to_le16(L2CAP_CID_ATT))
bfe4655f
JH		 200 return -EINVAL;
201 }
202
6e4aff10 203 err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid),
8e9f9892 204 &la.l2_bdaddr, la.l2_bdaddr_type);
4e34c50b 205 if (err)
b3fb611e 206 return err;
4e34c50b 207
6be36555
AE		 208 lock_sock(sk);
209
4e34c50b 210 err = bt_sock_wait_state(sk, BT_CONNECTED,
2d792818 211 sock_sndtimeo(sk, flags & O_NONBLOCK));
b3fb611e
AE		 212
213 release_sock(sk);
214
4e34c50b
GP		 215 return err;
216}
217
af6bcd82
GP		 218static int l2cap_sock_listen(struct socket *sock, int backlog)
219{
220 struct sock *sk = sock->sk;
0c1bc5c6 221 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
af6bcd82
GP		 222 int err = 0;
223
224 BT_DBG("sk %p backlog %d", sk, backlog);
225
226 lock_sock(sk);
227
6b3af733 228 if (sk->sk_state != BT_BOUND) {
af6bcd82
GP		 229 err = -EBADFD;
230 goto done;
231 }
232
6b3af733
MH		 233 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM) {
234 err = -EINVAL;
235 goto done;
236 }
237
0c1bc5c6 238 switch (chan->mode) {
af6bcd82
GP		 239 case L2CAP_MODE_BASIC:
240 break;
241 case L2CAP_MODE_ERTM:
242 case L2CAP_MODE_STREAMING:
243 if (!disable_ertm)
244 break;
245 /* fall through */
246 default:
247 err = -ENOTSUPP;
248 goto done;
249 }
250
af6bcd82
GP		 251 sk->sk_max_ack_backlog = backlog;
252 sk->sk_ack_backlog = 0;
89bc500e
GP		 253
254 chan->state = BT_LISTEN;
af6bcd82
GP		 255 sk->sk_state = BT_LISTEN;
256
257done:
258 release_sock(sk);
259 return err;
260}
261
2d792818
GP		 262static int l2cap_sock_accept(struct socket *sock, struct socket *newsock,
263 int flags)
c47b7c72
GP		 264{
265 DECLARE_WAITQUEUE(wait, current);
266 struct sock *sk = sock->sk, *nsk;
267 long timeo;
268 int err = 0;
269
270 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
271
c47b7c72
GP		 272 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
273
274 BT_DBG("sk %p timeo %ld", sk, timeo);
275
276 /* Wait for an incoming connection. (wake-one). */
277 add_wait_queue_exclusive(sk_sleep(sk), &wait);
f9a3c20a 278 while (1) {
c47b7c72 279 set_current_state(TASK_INTERRUPTIBLE);
f9a3c20a
PH		 280
281 if (sk->sk_state != BT_LISTEN) {
282 err = -EBADFD;
c47b7c72
GP		 283 break;
284 }
285
f9a3c20a
PH		 286 nsk = bt_accept_dequeue(sk, newsock);
287 if (nsk)
288 break;
c47b7c72 289
f9a3c20a
PH		 290 if (!timeo) {
291 err = -EAGAIN;
c47b7c72
GP		 292 break;
293 }
294
295 if (signal_pending(current)) {
296 err = sock_intr_errno(timeo);
297 break;
298 }
f9a3c20a
PH		 299
300 release_sock(sk);
301 timeo = schedule_timeout(timeo);
302 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
c47b7c72 303 }
f9a3c20a 304 __set_current_state(TASK_RUNNING);
c47b7c72
GP		 305 remove_wait_queue(sk_sleep(sk), &wait);
306
307 if (err)
308 goto done;
309
310 newsock->state = SS_CONNECTED;
311
312 BT_DBG("new socket %p", nsk);
313
314done:
315 release_sock(sk);
316 return err;
317}
318
2d792818
GP		 319static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr,
320 int *len, int peer)
d7175d55
GP		 321{
322 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
323 struct sock *sk = sock->sk;
0c1bc5c6 324 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
d7175d55
GP		 325
326 BT_DBG("sock %p, sk %p", sock, sk);
327
792039c7 328 memset(la, 0, sizeof(struct sockaddr_l2));
d7175d55
GP		 329 addr->sa_family = AF_BLUETOOTH;
330 *len = sizeof(struct sockaddr_l2);
331
332 if (peer) {
fe4128e0 333 la->l2_psm = chan->psm;
7eafc59e 334 bacpy(&la->l2_bdaddr, &chan->dst);
fe4128e0 335 la->l2_cid = cpu_to_le16(chan->dcid);
4f1654e0 336 la->l2_bdaddr_type = chan->dst_type;
d7175d55 337 } else {
0c1bc5c6 338 la->l2_psm = chan->sport;
7eafc59e 339 bacpy(&la->l2_bdaddr, &chan->src);
fe4128e0 340 la->l2_cid = cpu_to_le16(chan->scid);
4f1654e0 341 la->l2_bdaddr_type = chan->src_type;
d7175d55
GP		 342 }
343
344 return 0;
345}
346
2d792818
GP		 347static int l2cap_sock_getsockopt_old(struct socket *sock, int optname,
348 char __user *optval, int __user *optlen)
99f4808d
GP		 349{
350 struct sock *sk = sock->sk;
4343478f 351 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
99f4808d
GP		 352 struct l2cap_options opts;
353 struct l2cap_conninfo cinfo;
354 int len, err = 0;
355 u32 opt;
356
357 BT_DBG("sk %p", sk);
358
359 if (get_user(len, optlen))
360 return -EFAULT;
361
362 lock_sock(sk);
363
364 switch (optname) {
365 case L2CAP_OPTIONS:
e3fb592b 366 memset(&opts, 0, sizeof(opts));
0c1bc5c6
GP		 367 opts.imtu = chan->imtu;
368 opts.omtu = chan->omtu;
369 opts.flush_to = chan->flush_to;
370 opts.mode = chan->mode;
47d1ec61
GP		 371 opts.fcs = chan->fcs;
372 opts.max_tx = chan->max_tx;
6327eb98 373 opts.txwin_size = chan->tx_win;
99f4808d
GP		 374
375 len = min_t(unsigned int, len, sizeof(opts));
376 if (copy_to_user(optval, (char *) &opts, len))
377 err = -EFAULT;
378
379 break;
380
381 case L2CAP_LM:
4343478f 382 switch (chan->sec_level) {
99f4808d
GP		 383 case BT_SECURITY_LOW:
384 opt = L2CAP_LM_AUTH;
385 break;
386 case BT_SECURITY_MEDIUM:
387 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT;
388 break;
389 case BT_SECURITY_HIGH:
390 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
2d792818 391 L2CAP_LM_SECURE;
99f4808d
GP		 392 break;
393 default:
394 opt = 0;
395 break;
396 }
397
43bd0f32 398 if (test_bit(FLAG_ROLE_SWITCH, &chan->flags))
99f4808d
GP		 399 opt |= L2CAP_LM_MASTER;
400
ecf61bdb 401 if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags))
99f4808d
GP		 402 opt |= L2CAP_LM_RELIABLE;
403
404 if (put_user(opt, (u32 __user *) optval))
405 err = -EFAULT;
406 break;
407
408 case L2CAP_CONNINFO:
409 if (sk->sk_state != BT_CONNECTED &&
c5daa683
GP		 410 !(sk->sk_state == BT_CONNECT2 &&
411 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
99f4808d
GP		 412 err = -ENOTCONN;
413 break;
414 }
415
8d03e971 416 memset(&cinfo, 0, sizeof(cinfo));
8c1d787b
GP		 417 cinfo.hci_handle = chan->conn->hcon->handle;
418 memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3);
99f4808d
GP		 419
420 len = min_t(unsigned int, len, sizeof(cinfo));
421 if (copy_to_user(optval, (char *) &cinfo, len))
422 err = -EFAULT;
423
424 break;
425
426 default:
427 err = -ENOPROTOOPT;
428 break;
429 }
430
431 release_sock(sk);
432 return err;
433}
434
2d792818
GP		 435static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname,
436 char __user *optval, int __user *optlen)
99f4808d
GP		 437{
438 struct sock *sk = sock->sk;
4343478f 439 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
99f4808d 440 struct bt_security sec;
14b12d0b 441 struct bt_power pwr;
99f4808d
GP		 442 int len, err = 0;
443
444 BT_DBG("sk %p", sk);
445
446 if (level == SOL_L2CAP)
447 return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
448
449 if (level != SOL_BLUETOOTH)
450 return -ENOPROTOOPT;
451
452 if (get_user(len, optlen))
453 return -EFAULT;
454
455 lock_sock(sk);
456
457 switch (optname) {
458 case BT_SECURITY:
715ec005 459 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
2d792818 460 chan->chan_type != L2CAP_CHAN_RAW) {
99f4808d
GP		 461 err = -EINVAL;
462 break;
463 }
464
8f360119 465 memset(&sec, 0, sizeof(sec));
85e34368 466 if (chan->conn) {
c6585a4d 467 sec.level = chan->conn->hcon->sec_level;
99f4808d 468
85e34368
AE		 469 if (sk->sk_state == BT_CONNECTED)
470 sec.key_size = chan->conn->hcon->enc_key_size;
471 } else {
472 sec.level = chan->sec_level;
473 }
8f360119 474
99f4808d
GP		 475 len = min_t(unsigned int, len, sizeof(sec));
476 if (copy_to_user(optval, (char *) &sec, len))
477 err = -EFAULT;
478
479 break;
480
481 case BT_DEFER_SETUP:
482 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
483 err = -EINVAL;
484 break;
485 }
486
c5daa683
GP		 487 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
488 (u32 __user *) optval))
99f4808d
GP		 489 err = -EFAULT;
490
491 break;
492
493 case BT_FLUSHABLE:
d57b0e8b 494 if (put_user(test_bit(FLAG_FLUSHABLE, &chan->flags),
2d792818 495 (u32 __user *) optval))
99f4808d
GP		 496 err = -EFAULT;
497
498 break;
499
14b12d0b
JG		 500 case BT_POWER:
501 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
2d792818 502 && sk->sk_type != SOCK_RAW) {
14b12d0b
JG		 503 err = -EINVAL;
504 break;
505 }
506
15770b1a 507 pwr.force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags);
14b12d0b
JG		 508
509 len = min_t(unsigned int, len, sizeof(pwr));
510 if (copy_to_user(optval, (char *) &pwr, len))
511 err = -EFAULT;
512
513 break;
514
2ea66482 515 case BT_CHANNEL_POLICY:
2ea66482
MM		 516 if (put_user(chan->chan_policy, (u32 __user *) optval))
517 err = -EFAULT;
518 break;
519
99f4808d
GP		 520 default:
521 err = -ENOPROTOOPT;
522 break;
523 }
524
525 release_sock(sk);
526 return err;
527}
528
682877c3
AG		 529static bool l2cap_valid_mtu(struct l2cap_chan *chan, u16 mtu)
530{
531 switch (chan->scid) {
073d1cf3 532 case L2CAP_CID_ATT:
8c3a4f00 533 if (mtu < L2CAP_LE_MIN_MTU)
682877c3
AG		 534 return false;
535 break;
536
537 default:
538 if (mtu < L2CAP_DEFAULT_MIN_MTU)
539 return false;
540 }
541
542 return true;
543}
544
2d792818
GP		 545static int l2cap_sock_setsockopt_old(struct socket *sock, int optname,
546 char __user *optval, unsigned int optlen)
33575df7
GP		 547{
548 struct sock *sk = sock->sk;
b4450035 549 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
33575df7
GP		 550 struct l2cap_options opts;
551 int len, err = 0;
552 u32 opt;
553
554 BT_DBG("sk %p", sk);
555
556 lock_sock(sk);
557
558 switch (optname) {
559 case L2CAP_OPTIONS:
560 if (sk->sk_state == BT_CONNECTED) {
561 err = -EINVAL;
562 break;
563 }
564
0c1bc5c6
GP		 565 opts.imtu = chan->imtu;
566 opts.omtu = chan->omtu;
567 opts.flush_to = chan->flush_to;
568 opts.mode = chan->mode;
47d1ec61
GP		 569 opts.fcs = chan->fcs;
570 opts.max_tx = chan->max_tx;
6327eb98 571 opts.txwin_size = chan->tx_win;
33575df7
GP		 572
573 len = min_t(unsigned int, sizeof(opts), optlen);
574 if (copy_from_user((char *) &opts, optval, len)) {
575 err = -EFAULT;
576 break;
577 }
578
6327eb98 579 if (opts.txwin_size > L2CAP_DEFAULT_EXT_WINDOW) {
33575df7
GP		 580 err = -EINVAL;
581 break;
582 }
583
682877c3
AG		 584 if (!l2cap_valid_mtu(chan, opts.imtu)) {
585 err = -EINVAL;
586 break;
587 }
588
0c1bc5c6
GP		 589 chan->mode = opts.mode;
590 switch (chan->mode) {
33575df7 591 case L2CAP_MODE_BASIC:
c1360a1c 592 clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);
33575df7
GP		 593 break;
594 case L2CAP_MODE_ERTM:
595 case L2CAP_MODE_STREAMING:
596 if (!disable_ertm)
597 break;
598 /* fall through */
599 default:
600 err = -EINVAL;
601 break;
602 }
603
0c1bc5c6
GP		 604 chan->imtu = opts.imtu;
605 chan->omtu = opts.omtu;
47d1ec61
GP		 606 chan->fcs = opts.fcs;
607 chan->max_tx = opts.max_tx;
6327eb98 608 chan->tx_win = opts.txwin_size;
12d59781 609 chan->flush_to = opts.flush_to;
33575df7
GP		 610 break;
611
612 case L2CAP_LM:
613 if (get_user(opt, (u32 __user *) optval)) {
614 err = -EFAULT;
615 break;
616 }
617
618 if (opt & L2CAP_LM_AUTH)
4343478f 619 chan->sec_level = BT_SECURITY_LOW;
33575df7 620 if (opt & L2CAP_LM_ENCRYPT)
4343478f 621 chan->sec_level = BT_SECURITY_MEDIUM;
33575df7 622 if (opt & L2CAP_LM_SECURE)
4343478f 623 chan->sec_level = BT_SECURITY_HIGH;
33575df7 624
43bd0f32
AE		 625 if (opt & L2CAP_LM_MASTER)
626 set_bit(FLAG_ROLE_SWITCH, &chan->flags);
627 else
628 clear_bit(FLAG_ROLE_SWITCH, &chan->flags);
ecf61bdb
AE		 629
630 if (opt & L2CAP_LM_RELIABLE)
631 set_bit(FLAG_FORCE_RELIABLE, &chan->flags);
632 else
633 clear_bit(FLAG_FORCE_RELIABLE, &chan->flags);
33575df7
GP		 634 break;
635
636 default:
637 err = -ENOPROTOOPT;
638 break;
639 }
640
641 release_sock(sk);
642 return err;
643}
644
2d792818
GP		 645static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname,
646 char __user *optval, unsigned int optlen)
33575df7
GP		 647{
648 struct sock *sk = sock->sk;
4343478f 649 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
33575df7 650 struct bt_security sec;
14b12d0b 651 struct bt_power pwr;
f1cb9af5 652 struct l2cap_conn *conn;
33575df7
GP		 653 int len, err = 0;
654 u32 opt;
655
656 BT_DBG("sk %p", sk);
657
658 if (level == SOL_L2CAP)
659 return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
660
661 if (level != SOL_BLUETOOTH)
662 return -ENOPROTOOPT;
663
664 lock_sock(sk);
665
666 switch (optname) {
667 case BT_SECURITY:
715ec005 668 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
2d792818 669 chan->chan_type != L2CAP_CHAN_RAW) {
33575df7
GP		 670 err = -EINVAL;
671 break;
672 }
673
674 sec.level = BT_SECURITY_LOW;
675
676 len = min_t(unsigned int, sizeof(sec), optlen);
677 if (copy_from_user((char *) &sec, optval, len)) {
678 err = -EFAULT;
679 break;
680 }
681
682 if (sec.level < BT_SECURITY_LOW ||
2d792818 683 sec.level > BT_SECURITY_HIGH) {
33575df7
GP		 684 err = -EINVAL;
685 break;
686 }
687
4343478f 688 chan->sec_level = sec.level;
f1cb9af5 689
0bee1d60
GP		 690 if (!chan->conn)
691 break;
692
f1cb9af5 693 conn = chan->conn;
0bee1d60
GP		 694
695 /*change security for LE channels */
073d1cf3 696 if (chan->scid == L2CAP_CID_ATT) {
f1cb9af5
VCG		 697 if (!conn->hcon->out) {
698 err = -EINVAL;
699 break;
700 }
701
cc110922 702 if (smp_conn_security(conn->hcon, sec.level))
f1cb9af5 703 break;
f1cb9af5 704 sk->sk_state = BT_CONFIG;
3542b854 705 chan->state = BT_CONFIG;
0bee1d60 706
a7d7723a
GP		 707 /* or for ACL link */
708 } else if ((sk->sk_state == BT_CONNECT2 &&
2d792818 709 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) ||
a7d7723a
GP		 710 sk->sk_state == BT_CONNECTED) {
711 if (!l2cap_chan_check_security(chan))
c5daa683 712 set_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
a7d7723a
GP		 713 else
714 sk->sk_state_change(sk);
0bee1d60
GP		 715 } else {
716 err = -EINVAL;
f1cb9af5 717 }
33575df7
GP		 718 break;
719
720 case BT_DEFER_SETUP:
721 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
722 err = -EINVAL;
723 break;
724 }
725
726 if (get_user(opt, (u32 __user *) optval)) {
727 err = -EFAULT;
728 break;
729 }
730
bdc25783 731 if (opt) {
c5daa683 732 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
bdc25783
MH		 733 set_bit(FLAG_DEFER_SETUP, &chan->flags);
734 } else {
c5daa683 735 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
bdc25783
MH		 736 clear_bit(FLAG_DEFER_SETUP, &chan->flags);
737 }
33575df7
GP		 738 break;
739
740 case BT_FLUSHABLE:
741 if (get_user(opt, (u32 __user *) optval)) {
742 err = -EFAULT;
743 break;
744 }
745
746 if (opt > BT_FLUSHABLE_ON) {
747 err = -EINVAL;
748 break;
749 }
750
751 if (opt == BT_FLUSHABLE_OFF) {
c1f23a2b 752 conn = chan->conn;
25985edc 753 /* proceed further only when we have l2cap_conn and
33575df7
GP		 754 No Flush support in the LM */
755 if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) {
756 err = -EINVAL;
757 break;
758 }
759 }
760
d57b0e8b
AE		 761 if (opt)
762 set_bit(FLAG_FLUSHABLE, &chan->flags);
763 else
764 clear_bit(FLAG_FLUSHABLE, &chan->flags);
33575df7
GP		 765 break;
766
14b12d0b
JG		 767 case BT_POWER:
768 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
2d792818 769 chan->chan_type != L2CAP_CHAN_RAW) {
14b12d0b
JG		 770 err = -EINVAL;
771 break;
772 }
773
774 pwr.force_active = BT_POWER_FORCE_ACTIVE_ON;
775
776 len = min_t(unsigned int, sizeof(pwr), optlen);
777 if (copy_from_user((char *) &pwr, optval, len)) {
778 err = -EFAULT;
779 break;
780 }
15770b1a
AE		 781
782 if (pwr.force_active)
783 set_bit(FLAG_FORCE_ACTIVE, &chan->flags);
784 else
785 clear_bit(FLAG_FORCE_ACTIVE, &chan->flags);
14b12d0b
JG		 786 break;
787
2ea66482 788 case BT_CHANNEL_POLICY:
2ea66482
MM		 789 if (get_user(opt, (u32 __user *) optval)) {
790 err = -EFAULT;
791 break;
792 }
793
794 if (opt > BT_CHANNEL_POLICY_AMP_PREFERRED) {
795 err = -EINVAL;
796 break;
797 }
798
799 if (chan->mode != L2CAP_MODE_ERTM &&
2d792818 800 chan->mode != L2CAP_MODE_STREAMING) {
2ea66482
MM		 801 err = -EOPNOTSUPP;
802 break;
803 }
804
805 chan->chan_policy = (u8) opt;
3f7a56c4
MM		 806
807 if (sk->sk_state == BT_CONNECTED &&
808 chan->move_role == L2CAP_MOVE_ROLE_NONE)
809 l2cap_move_start(chan);
810
14b12d0b
JG		 811 break;
812
33575df7
GP		 813 default:
814 err = -ENOPROTOOPT;
815 break;
816 }
817
818 release_sock(sk);
819 return err;
820}
fd83ccdb 821
2d792818
GP		 822static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
823 struct msghdr *msg, size_t len)
fd83ccdb
GP		 824{
825 struct sock *sk = sock->sk;
0c1bc5c6 826 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
fd83ccdb
GP		 827 int err;
828
829 BT_DBG("sock %p, sk %p", sock, sk);
830
831 err = sock_error(sk);
832 if (err)
833 return err;
834
835 if (msg->msg_flags & MSG_OOB)
836 return -EOPNOTSUPP;
837
a6a5568c 838 if (sk->sk_state != BT_CONNECTED)
9a91a04a 839 return -ENOTCONN;
fd83ccdb 840
e793dcf0
JH		 841 lock_sock(sk);
842 err = bt_sock_wait_ready(sk, msg->msg_flags);
843 release_sock(sk);
844 if (err)
845 return err;
846
a6a5568c 847 l2cap_chan_lock(chan);
5e59b791 848 err = l2cap_chan_send(chan, msg, len, sk->sk_priority);
a6a5568c 849 l2cap_chan_unlock(chan);
fd83ccdb 850
fd83ccdb
GP		 851 return err;
852}
33575df7 853
2d792818
GP		 854static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
855 struct msghdr *msg, size_t len, int flags)
68983259
GP		 856{
857 struct sock *sk = sock->sk;
e328140f
MM		 858 struct l2cap_pinfo *pi = l2cap_pi(sk);
859 int err;
68983259
GP		 860
861 lock_sock(sk);
862
c5daa683
GP		 863 if (sk->sk_state == BT_CONNECT2 && test_bit(BT_SK_DEFER_SETUP,
864 &bt_sk(sk)->flags)) {
8c1d787b 865 sk->sk_state = BT_CONFIG;
3542b854 866 pi->chan->state = BT_CONFIG;
8c1d787b 867
e328140f 868 __l2cap_connect_rsp_defer(pi->chan);
970871bc
JH		 869 err = 0;
870 goto done;
68983259
GP		 871 }
872
873 release_sock(sk);
874
875 if (sock->type == SOCK_STREAM)
e328140f
MM		 876 err = bt_sock_stream_recvmsg(iocb, sock, msg, len, flags);
877 else
878 err = bt_sock_recvmsg(iocb, sock, msg, len, flags);
879
880 if (pi->chan->mode != L2CAP_MODE_ERTM)
881 return err;
882
883 /* Attempt to put pending rx data in the socket buffer */
884
885 lock_sock(sk);
886
887 if (!test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state))
888 goto done;
889
890 if (pi->rx_busy_skb) {
891 if (!sock_queue_rcv_skb(sk, pi->rx_busy_skb))
892 pi->rx_busy_skb = NULL;
893 else
894 goto done;
895 }
896
897 /* Restore data flow when half of the receive buffer is
898 * available. This avoids resending large numbers of
899 * frames.
900 */
901 if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1)
902 l2cap_chan_busy(pi->chan, 0);
68983259 903
e328140f
MM		 904done:
905 release_sock(sk);
906 return err;
68983259
GP		 907}
908
05fc1576
GP		 909/* Kill socket (only if zapped and orphan)
910 * Must be called on unlocked socket.
911 */
ba3bd0ee 912static void l2cap_sock_kill(struct sock *sk)
05fc1576
GP		 913{
914 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
915 return;
916
e05dcc32 917 BT_DBG("sk %p state %s", sk, state_to_string(sk->sk_state));
05fc1576
GP		 918
919 /* Kill poor orphan */
6ff5abbf 920
4af66c69 921 l2cap_chan_put(l2cap_pi(sk)->chan);
05fc1576
GP		 922 sock_set_flag(sk, SOCK_DEAD);
923 sock_put(sk);
924}
925
dc25306b
GP		 926static int __l2cap_wait_ack(struct sock *sk)
927{
928 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
929 DECLARE_WAITQUEUE(wait, current);
930 int err = 0;
931 int timeo = HZ/5;
932
933 add_wait_queue(sk_sleep(sk), &wait);
934 set_current_state(TASK_INTERRUPTIBLE);
935 while (chan->unacked_frames > 0 && chan->conn) {
936 if (!timeo)
937 timeo = HZ/5;
938
939 if (signal_pending(current)) {
940 err = sock_intr_errno(timeo);
941 break;
942 }
943
944 release_sock(sk);
945 timeo = schedule_timeout(timeo);
946 lock_sock(sk);
947 set_current_state(TASK_INTERRUPTIBLE);
948
949 err = sock_error(sk);
950 if (err)
951 break;
952 }
953 set_current_state(TASK_RUNNING);
954 remove_wait_queue(sk_sleep(sk), &wait);
955 return err;
956}
957
dcba0dba
GP		 958static int l2cap_sock_shutdown(struct socket *sock, int how)
959{
960 struct sock *sk = sock->sk;
7ddb6e0f 961 struct l2cap_chan *chan;
3df91ea2 962 struct l2cap_conn *conn;
dcba0dba
GP		 963 int err = 0;
964
965 BT_DBG("sock %p, sk %p", sock, sk);
966
967 if (!sk)
968 return 0;
969
7ddb6e0f 970 chan = l2cap_pi(sk)->chan;
3df91ea2
AE		 971 conn = chan->conn;
972
973 if (conn)
974 mutex_lock(&conn->chan_lock);
7ddb6e0f 975
6be36555 976 l2cap_chan_lock(chan);
dcba0dba 977 lock_sock(sk);
6be36555 978
dcba0dba 979 if (!sk->sk_shutdown) {
0c1bc5c6 980 if (chan->mode == L2CAP_MODE_ERTM)
dcba0dba
GP		 981 err = __l2cap_wait_ack(sk);
982
983 sk->sk_shutdown = SHUTDOWN_MASK;
3df91ea2 984
6be36555 985 release_sock(sk);
0f852724 986 l2cap_chan_close(chan, 0);
6be36555 987 lock_sock(sk);
dcba0dba
GP		 988
989 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
990 err = bt_sock_wait_state(sk, BT_CLOSED,
2d792818 991 sk->sk_lingertime);
dcba0dba
GP		 992 }
993
994 if (!err && sk->sk_err)
995 err = -sk->sk_err;
996
997 release_sock(sk);
6be36555 998 l2cap_chan_unlock(chan);
3df91ea2
AE		 999
1000 if (conn)
1001 mutex_unlock(&conn->chan_lock);
1002
dcba0dba
GP		 1003 return err;
1004}
1005
554f05bb
GP		 1006static int l2cap_sock_release(struct socket *sock)
1007{
1008 struct sock *sk = sock->sk;
1009 int err;
1010
1011 BT_DBG("sock %p, sk %p", sock, sk);
1012
1013 if (!sk)
1014 return 0;
1015
5b28d95c
MY		 1016 bt_sock_unlink(&l2cap_sk_list, sk);
1017
554f05bb
GP		 1018 err = l2cap_sock_shutdown(sock, 2);
1019
1020 sock_orphan(sk);
1021 l2cap_sock_kill(sk);
1022 return err;
1023}
1024
c0df7f6e
AE		 1025static void l2cap_sock_cleanup_listen(struct sock *parent)
1026{
1027 struct sock *sk;
1028
1029 BT_DBG("parent %p", parent);
1030
1031 /* Close not yet accepted channels */
1032 while ((sk = bt_accept_dequeue(parent, NULL))) {
1033 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
1034
1035 l2cap_chan_lock(chan);
1036 __clear_chan_timer(chan);
1037 l2cap_chan_close(chan, ECONNRESET);
1038 l2cap_chan_unlock(chan);
1039
1040 l2cap_sock_kill(sk);
1041 }
1042}
1043
80b98027 1044static struct l2cap_chan *l2cap_sock_new_connection_cb(struct l2cap_chan *chan)
80808e43 1045{
80b98027 1046 struct sock *sk, *parent = chan->data;
80808e43 1047
8ffb9290
GP		 1048 lock_sock(parent);
1049
53826692
GP		 1050 /* Check for backlog size */
1051 if (sk_acceptq_is_full(parent)) {
1052 BT_DBG("backlog full %d", parent->sk_ack_backlog);
1053 return NULL;
1054 }
1055
80808e43 1056 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP,
2d792818 1057 GFP_ATOMIC);
80808e43
GP		 1058 if (!sk)
1059 return NULL;
1060
d22015aa
OP		 1061 bt_sock_reclassify_lock(sk, BTPROTO_L2CAP);
1062
80808e43
GP		 1063 l2cap_sock_init(sk, parent);
1064
644912e1
GP		 1065 bt_accept_enqueue(parent, sk);
1066
8ffb9290
GP		 1067 release_sock(parent);
1068
80808e43
GP		 1069 return l2cap_pi(sk)->chan;
1070}
1071
80b98027 1072static int l2cap_sock_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
23070494 1073{
80b98027 1074 struct sock *sk = chan->data;
84b34d98 1075 int err;
e328140f 1076
6be36555
AE		 1077 lock_sock(sk);
1078
84b34d98 1079 if (l2cap_pi(sk)->rx_busy_skb) {
6be36555
AE		 1080 err = -ENOMEM;
1081 goto done;
1082 }
e328140f
MM		 1083
1084 err = sock_queue_rcv_skb(sk, skb);
1085
1086 /* For ERTM, handle one skb that doesn't fit into the recv
1087 * buffer. This is important to do because the data frames
1088 * have already been acked, so the skb cannot be discarded.
1089 *
1090 * Notify the l2cap core that the buffer is full, so the
1091 * LOCAL_BUSY state is entered and no more frames are
1092 * acked and reassembled until there is buffer space
1093 * available.
1094 */
84b34d98
MH		 1095 if (err < 0 && chan->mode == L2CAP_MODE_ERTM) {
1096 l2cap_pi(sk)->rx_busy_skb = skb;
1097 l2cap_chan_busy(chan, 1);
e328140f
MM		 1098 err = 0;
1099 }
23070494 1100
6be36555
AE		 1101done:
1102 release_sock(sk);
1103
e328140f 1104 return err;
23070494
GP		 1105}
1106
80b98027 1107static void l2cap_sock_close_cb(struct l2cap_chan *chan)
ba3bd0ee 1108{
80b98027 1109 struct sock *sk = chan->data;
ba3bd0ee
GP		 1110
1111 l2cap_sock_kill(sk);
1112}
1113
c0df7f6e
AE		 1114static void l2cap_sock_teardown_cb(struct l2cap_chan *chan, int err)
1115{
1116 struct sock *sk = chan->data;
1117 struct sock *parent;
1118
1119 lock_sock(sk);
1120
1121 parent = bt_sk(sk)->parent;
1122
1123 sock_set_flag(sk, SOCK_ZAPPED);
1124
1125 switch (chan->state) {
1126 case BT_OPEN:
1127 case BT_BOUND:
1128 case BT_CLOSED:
1129 break;
1130 case BT_LISTEN:
1131 l2cap_sock_cleanup_listen(sk);
1132 sk->sk_state = BT_CLOSED;
1133 chan->state = BT_CLOSED;
1134
1135 break;
1136 default:
1137 sk->sk_state = BT_CLOSED;
1138 chan->state = BT_CLOSED;
1139
1140 sk->sk_err = err;
1141
1142 if (parent) {
1143 bt_accept_unlink(sk);
1144 parent->sk_data_ready(parent, 0);
1145 } else {
1146 sk->sk_state_change(sk);
1147 }
1148
1149 break;
1150 }
1151
1152 release_sock(sk);
1153}
1154
53f52121
GP		 1155static void l2cap_sock_state_change_cb(struct l2cap_chan *chan, int state,
1156 int err)
89bc500e 1157{
80b98027 1158 struct sock *sk = chan->data;
89bc500e
GP		 1159
1160 sk->sk_state = state;
53f52121
GP		 1161
1162 if (err)
1163 sk->sk_err = err;
89bc500e
GP		 1164}
1165
2f7719ce 1166static struct sk_buff *l2cap_sock_alloc_skb_cb(struct l2cap_chan *chan,
90338947 1167 unsigned long len, int nb)
2f7719ce 1168{
0f2c6153 1169 struct sock *sk = chan->data;
90338947
GP		 1170 struct sk_buff *skb;
1171 int err;
1172
a6a5568c 1173 l2cap_chan_unlock(chan);
0f2c6153 1174 skb = bt_skb_send_alloc(sk, len, nb, &err);
a6a5568c
MM		 1175 l2cap_chan_lock(chan);
1176
90338947
GP		 1177 if (!skb)
1178 return ERR_PTR(err);
2f7719ce 1179
0e790c64
GP		 1180 bt_cb(skb)->chan = chan;
1181
90338947 1182 return skb;
2f7719ce
AE		 1183}
1184
54a59aa2
AE		 1185static void l2cap_sock_ready_cb(struct l2cap_chan *chan)
1186{
1187 struct sock *sk = chan->data;
1188 struct sock *parent;
1189
1190 lock_sock(sk);
1191
1192 parent = bt_sk(sk)->parent;
1193
1194 BT_DBG("sk %p, parent %p", sk, parent);
1195
1196 sk->sk_state = BT_CONNECTED;
1197 sk->sk_state_change(sk);
1198
1199 if (parent)
1200 parent->sk_data_ready(parent, 0);
1201
1202 release_sock(sk);
1203}
1204
2dc4e510
GP		 1205static void l2cap_sock_defer_cb(struct l2cap_chan *chan)
1206{
acdcabf5
GP		 1207 struct sock *parent, *sk = chan->data;
1208
1209 lock_sock(sk);
2dc4e510 1210
acdcabf5 1211 parent = bt_sk(sk)->parent;
2dc4e510
GP		 1212 if (parent)
1213 parent->sk_data_ready(parent, 0);
acdcabf5
GP		 1214
1215 release_sock(sk);
2dc4e510
GP		 1216}
1217
d97c899b
MH		 1218static void l2cap_sock_resume_cb(struct l2cap_chan *chan)
1219{
1220 struct sock *sk = chan->data;
1221
1222 clear_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
1223 sk->sk_state_change(sk);
1224}
1225
5ec1bbe5
GP		 1226static void l2cap_sock_set_shutdown_cb(struct l2cap_chan *chan)
1227{
1228 struct sock *sk = chan->data;
1229
1230 lock_sock(sk);
1231 sk->sk_shutdown = SHUTDOWN_MASK;
1232 release_sock(sk);
1233}
1234
8d836d71
GP		 1235static long l2cap_sock_get_sndtimeo_cb(struct l2cap_chan *chan)
1236{
1237 struct sock *sk = chan->data;
1238
1239 return sk->sk_sndtimeo;
1240}
1241
80808e43
GP		 1242static struct l2cap_ops l2cap_chan_ops = {
1243 .name = "L2CAP Socket Interface",
1244 .new_connection = l2cap_sock_new_connection_cb,
23070494 1245 .recv = l2cap_sock_recv_cb,
ba3bd0ee 1246 .close = l2cap_sock_close_cb,
c0df7f6e 1247 .teardown = l2cap_sock_teardown_cb,
89bc500e 1248 .state_change = l2cap_sock_state_change_cb,
54a59aa2 1249 .ready = l2cap_sock_ready_cb,
2dc4e510 1250 .defer = l2cap_sock_defer_cb,
d97c899b 1251 .resume = l2cap_sock_resume_cb,
5ec1bbe5 1252 .set_shutdown = l2cap_sock_set_shutdown_cb,
8d836d71 1253 .get_sndtimeo = l2cap_sock_get_sndtimeo_cb,
2f7719ce 1254 .alloc_skb = l2cap_sock_alloc_skb_cb,
80808e43
GP		 1255};
1256
bb58f747
GP		 1257static void l2cap_sock_destruct(struct sock *sk)
1258{
1259 BT_DBG("sk %p", sk);
1260
23d3a869
SL		 1261 if (l2cap_pi(sk)->chan)
1262 l2cap_chan_put(l2cap_pi(sk)->chan);
84b34d98 1263
e328140f
MM		 1264 if (l2cap_pi(sk)->rx_busy_skb) {
1265 kfree_skb(l2cap_pi(sk)->rx_busy_skb);
1266 l2cap_pi(sk)->rx_busy_skb = NULL;
1267 }
1268
bb58f747
GP		 1269 skb_queue_purge(&sk->sk_receive_queue);
1270 skb_queue_purge(&sk->sk_write_queue);
1271}
1272
2edf870d
MH		 1273static void l2cap_skb_msg_name(struct sk_buff *skb, void *msg_name,
1274 int *msg_namelen)
1275{
1276 struct sockaddr_l2 *la = (struct sockaddr_l2 *) msg_name;
1277
1278 memset(la, 0, sizeof(struct sockaddr_l2));
1279 la->l2_family = AF_BLUETOOTH;
1280 la->l2_psm = bt_cb(skb)->psm;
1281 bacpy(&la->l2_bdaddr, &bt_cb(skb)->bdaddr);
1282
1283 *msg_namelen = sizeof(struct sockaddr_l2);
1284}
1285
80808e43 1286static void l2cap_sock_init(struct sock *sk, struct sock *parent)
bb58f747 1287{
84b34d98 1288 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
bb58f747
GP		 1289
1290 BT_DBG("sk %p", sk);
1291
1292 if (parent) {
b4450035
GP		 1293 struct l2cap_chan *pchan = l2cap_pi(parent)->chan;
1294
bb58f747 1295 sk->sk_type = parent->sk_type;
c5daa683 1296 bt_sk(sk)->flags = bt_sk(parent)->flags;
bb58f747 1297
715ec005 1298 chan->chan_type = pchan->chan_type;
0c1bc5c6
GP		 1299 chan->imtu = pchan->imtu;
1300 chan->omtu = pchan->omtu;
b4450035 1301 chan->conf_state = pchan->conf_state;
0c1bc5c6 1302 chan->mode = pchan->mode;
47d1ec61
GP		 1303 chan->fcs = pchan->fcs;
1304 chan->max_tx = pchan->max_tx;
1305 chan->tx_win = pchan->tx_win;
6b3c7104 1306 chan->tx_win_max = pchan->tx_win_max;
4343478f 1307 chan->sec_level = pchan->sec_level;
d57b0e8b 1308 chan->flags = pchan->flags;
6230c9b4
PM		 1309
1310 security_sk_clone(parent, sk);
bb58f747 1311 } else {
715ec005
GP		 1312 switch (sk->sk_type) {
1313 case SOCK_RAW:
1314 chan->chan_type = L2CAP_CHAN_RAW;
1315 break;
1316 case SOCK_DGRAM:
1317 chan->chan_type = L2CAP_CHAN_CONN_LESS;
2edf870d 1318 bt_sk(sk)->skb_msg_name = l2cap_skb_msg_name;
715ec005
GP		 1319 break;
1320 case SOCK_SEQPACKET:
1321 case SOCK_STREAM:
1322 chan->chan_type = L2CAP_CHAN_CONN_ORIENTED;
1323 break;
1324 }
1325
0c1bc5c6
GP		 1326 chan->imtu = L2CAP_DEFAULT_MTU;
1327 chan->omtu = 0;
bb58f747 1328 if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
0c1bc5c6 1329 chan->mode = L2CAP_MODE_ERTM;
c1360a1c 1330 set_bit(CONF_STATE2_DEVICE, &chan->conf_state);
bb58f747 1331 } else {
0c1bc5c6 1332 chan->mode = L2CAP_MODE_BASIC;
bb58f747 1333 }
bd4b1653
AE		 1334
1335 l2cap_chan_set_defaults(chan);
bb58f747
GP		 1336 }
1337
1338 /* Default config options */
0c1bc5c6 1339 chan->flush_to = L2CAP_DEFAULT_FLUSH_TO;
80808e43
GP		 1340
1341 chan->data = sk;
1342 chan->ops = &l2cap_chan_ops;
bb58f747
GP		 1343}
1344
1345static struct proto l2cap_proto = {
1346 .name = "L2CAP",
1347 .owner = THIS_MODULE,
1348 .obj_size = sizeof(struct l2cap_pinfo)
1349};
1350
2d792818
GP		 1351static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock,
1352 int proto, gfp_t prio)
bb58f747
GP		 1353{
1354 struct sock *sk;
dc50a06d 1355 struct l2cap_chan *chan;
bb58f747
GP		 1356
1357 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
1358 if (!sk)
1359 return NULL;
1360
1361 sock_init_data(sock, sk);
1362 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
1363
1364 sk->sk_destruct = l2cap_sock_destruct;
ba13ccd9 1365 sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;
bb58f747
GP		 1366
1367 sock_reset_flag(sk, SOCK_ZAPPED);
1368
1369 sk->sk_protocol = proto;
1370 sk->sk_state = BT_OPEN;
1371
eef1d9b6 1372 chan = l2cap_chan_create();
dc50a06d 1373 if (!chan) {
49dfbb91 1374 sk_free(sk);
dc50a06d
GP		 1375 return NULL;
1376 }
1377
61d6ef3e
MM		 1378 l2cap_chan_hold(chan);
1379
dc50a06d
GP		 1380 l2cap_pi(sk)->chan = chan;
1381
bb58f747
GP		 1382 return sk;
1383}
1384
1385static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
1386 int kern)
1387{
1388 struct sock *sk;
1389
1390 BT_DBG("sock %p", sock);
1391
1392 sock->state = SS_UNCONNECTED;
1393
1394 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
2d792818 1395 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
bb58f747
GP		 1396 return -ESOCKTNOSUPPORT;
1397
1398 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
1399 return -EPERM;
1400
1401 sock->ops = &l2cap_sock_ops;
1402
1403 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
1404 if (!sk)
1405 return -ENOMEM;
1406
1407 l2cap_sock_init(sk, NULL);
5b28d95c 1408 bt_sock_link(&l2cap_sk_list, sk);
bb58f747
GP		 1409 return 0;
1410}
1411
cf2f90f5 1412static const struct proto_ops l2cap_sock_ops = {
65390587
GP		 1413 .family = PF_BLUETOOTH,
1414 .owner = THIS_MODULE,
1415 .release = l2cap_sock_release,
1416 .bind = l2cap_sock_bind,
1417 .connect = l2cap_sock_connect,
1418 .listen = l2cap_sock_listen,
1419 .accept = l2cap_sock_accept,
1420 .getname = l2cap_sock_getname,
1421 .sendmsg = l2cap_sock_sendmsg,
1422 .recvmsg = l2cap_sock_recvmsg,
1423 .poll = bt_sock_poll,
1424 .ioctl = bt_sock_ioctl,
1425 .mmap = sock_no_mmap,
1426 .socketpair = sock_no_socketpair,
1427 .shutdown = l2cap_sock_shutdown,
1428 .setsockopt = l2cap_sock_setsockopt,
1429 .getsockopt = l2cap_sock_getsockopt
1430};
1431
bb58f747
GP		 1432static const struct net_proto_family l2cap_sock_family_ops = {
1433 .family = PF_BLUETOOTH,
1434 .owner = THIS_MODULE,
1435 .create = l2cap_sock_create,
1436};
1437
1438int __init l2cap_init_sockets(void)
1439{
e2174ca4 1440 int err;
bb58f747 1441
e2174ca4
GP		 1442 err = proto_register(&l2cap_proto, 0);
1443 if (err < 0)
1444 return err;
bb58f747 1445
e2174ca4 1446 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
5b28d95c
MY		 1447 if (err < 0) {
1448 BT_ERR("L2CAP socket registration failed");
e2174ca4 1449 goto error;
5b28d95c
MY		 1450 }
1451
b0316615 1452 err = bt_procfs_init(&init_net, "l2cap", &l2cap_sk_list,
2d792818 1453 NULL);
5b28d95c
MY		 1454 if (err < 0) {
1455 BT_ERR("Failed to create L2CAP proc file");
1456 bt_sock_unregister(BTPROTO_L2CAP);
1457 goto error;
1458 }
bb58f747 1459
e2174ca4 1460 BT_INFO("L2CAP socket layer initialized");
bb58f747 1461
e2174ca4 1462 return 0;
bb58f747
GP		 1463
1464error:
e2174ca4
GP		 1465 proto_unregister(&l2cap_proto);
1466 return err;
bb58f747
GP		 1467}
1468
1469void l2cap_cleanup_sockets(void)
1470{
5b28d95c 1471 bt_procfs_cleanup(&init_net, "l2cap");
5e9d7f86 1472 bt_sock_unregister(BTPROTO_L2CAP);
e2174ca4 1473 proto_unregister(&l2cap_proto);
bb58f747 1474}
9149761a
JH		 1475
1476module_param(enable_lecoc, bool, 0644);
1477MODULE_PARM_DESC(enable_lecoc, "Enable support for LE CoC");
Linux kernel - Deliverables
This page took 0.315597 seconds and 5 git commands to generate.