projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Rename l2cap_check_security()
[deliverable/linux.git] / net / bluetooth / l2cap_sock.c
CommitLineData
bb58f747
GP		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
6
7 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License version 2 as
11 published by the Free Software Foundation;
12
13 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
14 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
16 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
17 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
18 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
19 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
20 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
21
22 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
23 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
24 SOFTWARE IS DISCLAIMED.
25*/
26
27/* Bluetooth L2CAP sockets. */
28
6230c9b4
PM		 29#include <linux/security.h>
30
bb58f747 31#include <net/bluetooth/bluetooth.h>
33575df7 32#include <net/bluetooth/hci_core.h>
bb58f747 33#include <net/bluetooth/l2cap.h>
f1cb9af5 34#include <net/bluetooth/smp.h>
bb58f747 35
cf2f90f5 36static const struct proto_ops l2cap_sock_ops;
80808e43
GP		 37static void l2cap_sock_init(struct sock *sk, struct sock *parent);
38static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio);
cf2f90f5 39
af6bcd82
GP		 40static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
41{
42 struct sock *sk = sock->sk;
4343478f 43 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
af6bcd82
GP		 44 struct sockaddr_l2 la;
45 int len, err = 0;
46
47 BT_DBG("sk %p", sk);
48
49 if (!addr || addr->sa_family != AF_BLUETOOTH)
50 return -EINVAL;
51
52 memset(&la, 0, sizeof(la));
53 len = min_t(unsigned int, sizeof(la), alen);
54 memcpy(&la, addr, len);
55
b62f328b 56 if (la.l2_cid && la.l2_psm)
af6bcd82
GP		 57 return -EINVAL;
58
59 lock_sock(sk);
60
61 if (sk->sk_state != BT_OPEN) {
62 err = -EBADFD;
63 goto done;
64 }
65
66 if (la.l2_psm) {
67 __u16 psm = __le16_to_cpu(la.l2_psm);
68
69 /* PSM must be odd and lsb of upper byte must be 0 */
70 if ((psm & 0x0101) != 0x0001) {
71 err = -EINVAL;
72 goto done;
73 }
74
75 /* Restrict usage of well-known PSMs */
76 if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) {
77 err = -EACCES;
78 goto done;
79 }
80 }
81
9e4425ff
GP		 82 if (la.l2_cid)
83 err = l2cap_add_scid(chan, la.l2_cid);
84 else
85 err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
af6bcd82 86
9e4425ff
GP		 87 if (err < 0)
88 goto done;
af6bcd82 89
9e4425ff
GP		 90 if (__le16_to_cpu(la.l2_psm) == 0x0001 ||
91 __le16_to_cpu(la.l2_psm) == 0x0003)
92 chan->sec_level = BT_SECURITY_SDP;
b62f328b 93
9e4425ff 94 bacpy(&bt_sk(sk)->src, &la.l2_bdaddr);
89bc500e
GP		 95
96 chan->state = BT_BOUND;
9e4425ff 97 sk->sk_state = BT_BOUND;
af6bcd82
GP		 98
99done:
100 release_sock(sk);
101 return err;
102}
103
4e34c50b
GP		 104static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
105{
106 struct sock *sk = sock->sk;
0c1bc5c6 107 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
4e34c50b
GP		 108 struct sockaddr_l2 la;
109 int len, err = 0;
110
111 BT_DBG("sk %p", sk);
112
113 if (!addr || alen < sizeof(addr->sa_family) ||
114 addr->sa_family != AF_BLUETOOTH)
115 return -EINVAL;
116
117 memset(&la, 0, sizeof(la));
118 len = min_t(unsigned int, sizeof(la), alen);
119 memcpy(&la, addr, len);
120
acd7d370 121 if (la.l2_cid && la.l2_psm)
4e34c50b
GP		 122 return -EINVAL;
123
124 lock_sock(sk);
125
715ec005 126 if (chan->chan_type == L2CAP_CHAN_CONN_ORIENTED
acd7d370 127 && !(la.l2_psm || la.l2_cid)) {
4e34c50b
GP		 128 err = -EINVAL;
129 goto done;
130 }
131
0c1bc5c6 132 switch (chan->mode) {
4e34c50b
GP		 133 case L2CAP_MODE_BASIC:
134 break;
135 case L2CAP_MODE_ERTM:
136 case L2CAP_MODE_STREAMING:
137 if (!disable_ertm)
138 break;
139 /* fall through */
140 default:
141 err = -ENOTSUPP;
142 goto done;
143 }
144
145 switch (sk->sk_state) {
146 case BT_CONNECT:
147 case BT_CONNECT2:
148 case BT_CONFIG:
149 /* Already connecting */
150 goto wait;
151
152 case BT_CONNECTED:
153 /* Already connected */
154 err = -EISCONN;
155 goto done;
156
157 case BT_OPEN:
158 case BT_BOUND:
159 /* Can connect */
160 break;
161
162 default:
163 err = -EBADFD;
164 goto done;
165 }
166
167 /* PSM must be odd and lsb of upper byte must be 0 */
715ec005
GP		 168 if ((__le16_to_cpu(la.l2_psm) & 0x0101) != 0x0001 && !la.l2_cid &&
169 chan->chan_type != L2CAP_CHAN_RAW) {
4e34c50b
GP		 170 err = -EINVAL;
171 goto done;
172 }
173
174 /* Set destination address and psm */
175 bacpy(&bt_sk(sk)->dst, &la.l2_bdaddr);
fe4128e0
GP		 176 chan->psm = la.l2_psm;
177 chan->dcid = la.l2_cid;
4e34c50b 178
77a74c7e 179 err = l2cap_chan_connect(l2cap_pi(sk)->chan);
4e34c50b
GP		 180 if (err)
181 goto done;
182
183wait:
184 err = bt_sock_wait_state(sk, BT_CONNECTED,
185 sock_sndtimeo(sk, flags & O_NONBLOCK));
186done:
187 release_sock(sk);
188 return err;
189}
190
af6bcd82
GP		 191static int l2cap_sock_listen(struct socket *sock, int backlog)
192{
193 struct sock *sk = sock->sk;
0c1bc5c6 194 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
af6bcd82
GP		 195 int err = 0;
196
197 BT_DBG("sk %p backlog %d", sk, backlog);
198
199 lock_sock(sk);
200
201 if ((sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM)
202 || sk->sk_state != BT_BOUND) {
203 err = -EBADFD;
204 goto done;
205 }
206
0c1bc5c6 207 switch (chan->mode) {
af6bcd82
GP		 208 case L2CAP_MODE_BASIC:
209 break;
210 case L2CAP_MODE_ERTM:
211 case L2CAP_MODE_STREAMING:
212 if (!disable_ertm)
213 break;
214 /* fall through */
215 default:
216 err = -ENOTSUPP;
217 goto done;
218 }
219
af6bcd82
GP		 220 sk->sk_max_ack_backlog = backlog;
221 sk->sk_ack_backlog = 0;
89bc500e
GP		 222
223 chan->state = BT_LISTEN;
af6bcd82
GP		 224 sk->sk_state = BT_LISTEN;
225
226done:
227 release_sock(sk);
228 return err;
229}
230
c47b7c72
GP		 231static int l2cap_sock_accept(struct socket *sock, struct socket *newsock, int flags)
232{
233 DECLARE_WAITQUEUE(wait, current);
234 struct sock *sk = sock->sk, *nsk;
235 long timeo;
236 int err = 0;
237
238 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
239
c47b7c72
GP		 240 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
241
242 BT_DBG("sk %p timeo %ld", sk, timeo);
243
244 /* Wait for an incoming connection. (wake-one). */
245 add_wait_queue_exclusive(sk_sleep(sk), &wait);
f9a3c20a 246 while (1) {
c47b7c72 247 set_current_state(TASK_INTERRUPTIBLE);
f9a3c20a
PH		 248
249 if (sk->sk_state != BT_LISTEN) {
250 err = -EBADFD;
c47b7c72
GP		 251 break;
252 }
253
f9a3c20a
PH		 254 nsk = bt_accept_dequeue(sk, newsock);
255 if (nsk)
256 break;
c47b7c72 257
f9a3c20a
PH		 258 if (!timeo) {
259 err = -EAGAIN;
c47b7c72
GP		 260 break;
261 }
262
263 if (signal_pending(current)) {
264 err = sock_intr_errno(timeo);
265 break;
266 }
f9a3c20a
PH		 267
268 release_sock(sk);
269 timeo = schedule_timeout(timeo);
270 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
c47b7c72 271 }
f9a3c20a 272 __set_current_state(TASK_RUNNING);
c47b7c72
GP		 273 remove_wait_queue(sk_sleep(sk), &wait);
274
275 if (err)
276 goto done;
277
278 newsock->state = SS_CONNECTED;
279
280 BT_DBG("new socket %p", nsk);
281
282done:
283 release_sock(sk);
284 return err;
285}
286
d7175d55
GP		 287static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
288{
289 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
290 struct sock *sk = sock->sk;
0c1bc5c6 291 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
d7175d55
GP		 292
293 BT_DBG("sock %p, sk %p", sock, sk);
294
295 addr->sa_family = AF_BLUETOOTH;
296 *len = sizeof(struct sockaddr_l2);
297
298 if (peer) {
fe4128e0 299 la->l2_psm = chan->psm;
d7175d55 300 bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst);
fe4128e0 301 la->l2_cid = cpu_to_le16(chan->dcid);
d7175d55 302 } else {
0c1bc5c6 303 la->l2_psm = chan->sport;
d7175d55 304 bacpy(&la->l2_bdaddr, &bt_sk(sk)->src);
fe4128e0 305 la->l2_cid = cpu_to_le16(chan->scid);
d7175d55
GP		 306 }
307
308 return 0;
309}
310
99f4808d
GP		 311static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
312{
313 struct sock *sk = sock->sk;
4343478f 314 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
99f4808d
GP		 315 struct l2cap_options opts;
316 struct l2cap_conninfo cinfo;
317 int len, err = 0;
318 u32 opt;
319
320 BT_DBG("sk %p", sk);
321
322 if (get_user(len, optlen))
323 return -EFAULT;
324
325 lock_sock(sk);
326
327 switch (optname) {
328 case L2CAP_OPTIONS:
e3fb592b 329 memset(&opts, 0, sizeof(opts));
0c1bc5c6
GP		 330 opts.imtu = chan->imtu;
331 opts.omtu = chan->omtu;
332 opts.flush_to = chan->flush_to;
333 opts.mode = chan->mode;
47d1ec61
GP		 334 opts.fcs = chan->fcs;
335 opts.max_tx = chan->max_tx;
6327eb98 336 opts.txwin_size = chan->tx_win;
99f4808d
GP		 337
338 len = min_t(unsigned int, len, sizeof(opts));
339 if (copy_to_user(optval, (char *) &opts, len))
340 err = -EFAULT;
341
342 break;
343
344 case L2CAP_LM:
4343478f 345 switch (chan->sec_level) {
99f4808d
GP		 346 case BT_SECURITY_LOW:
347 opt = L2CAP_LM_AUTH;
348 break;
349 case BT_SECURITY_MEDIUM:
350 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT;
351 break;
352 case BT_SECURITY_HIGH:
353 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
354 L2CAP_LM_SECURE;
355 break;
356 default:
357 opt = 0;
358 break;
359 }
360
43bd0f32 361 if (test_bit(FLAG_ROLE_SWITCH, &chan->flags))
99f4808d
GP		 362 opt |= L2CAP_LM_MASTER;
363
ecf61bdb 364 if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags))
99f4808d
GP		 365 opt |= L2CAP_LM_RELIABLE;
366
367 if (put_user(opt, (u32 __user *) optval))
368 err = -EFAULT;
369 break;
370
371 case L2CAP_CONNINFO:
372 if (sk->sk_state != BT_CONNECTED &&
373 !(sk->sk_state == BT_CONNECT2 &&
374 bt_sk(sk)->defer_setup)) {
375 err = -ENOTCONN;
376 break;
377 }
378
8d03e971 379 memset(&cinfo, 0, sizeof(cinfo));
8c1d787b
GP		 380 cinfo.hci_handle = chan->conn->hcon->handle;
381 memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3);
99f4808d
GP		 382
383 len = min_t(unsigned int, len, sizeof(cinfo));
384 if (copy_to_user(optval, (char *) &cinfo, len))
385 err = -EFAULT;
386
387 break;
388
389 default:
390 err = -ENOPROTOOPT;
391 break;
392 }
393
394 release_sock(sk);
395 return err;
396}
397
398static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
399{
400 struct sock *sk = sock->sk;
4343478f 401 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
99f4808d 402 struct bt_security sec;
14b12d0b 403 struct bt_power pwr;
99f4808d
GP		 404 int len, err = 0;
405
406 BT_DBG("sk %p", sk);
407
408 if (level == SOL_L2CAP)
409 return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
410
411 if (level != SOL_BLUETOOTH)
412 return -ENOPROTOOPT;
413
414 if (get_user(len, optlen))
415 return -EFAULT;
416
417 lock_sock(sk);
418
419 switch (optname) {
420 case BT_SECURITY:
715ec005
GP		 421 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
422 chan->chan_type != L2CAP_CHAN_RAW) {
99f4808d
GP		 423 err = -EINVAL;
424 break;
425 }
426
8f360119 427 memset(&sec, 0, sizeof(sec));
4343478f 428 sec.level = chan->sec_level;
99f4808d 429
8f360119
VCG		 430 if (sk->sk_state == BT_CONNECTED)
431 sec.key_size = chan->conn->hcon->enc_key_size;
432
99f4808d
GP		 433 len = min_t(unsigned int, len, sizeof(sec));
434 if (copy_to_user(optval, (char *) &sec, len))
435 err = -EFAULT;
436
437 break;
438
439 case BT_DEFER_SETUP:
440 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
441 err = -EINVAL;
442 break;
443 }
444
445 if (put_user(bt_sk(sk)->defer_setup, (u32 __user *) optval))
446 err = -EFAULT;
447
448 break;
449
450 case BT_FLUSHABLE:
d57b0e8b
AE		 451 if (put_user(test_bit(FLAG_FLUSHABLE, &chan->flags),
452 (u32 __user *) optval))
99f4808d
GP		 453 err = -EFAULT;
454
455 break;
456
14b12d0b
JG		 457 case BT_POWER:
458 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
459 && sk->sk_type != SOCK_RAW) {
460 err = -EINVAL;
461 break;
462 }
463
15770b1a 464 pwr.force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags);
14b12d0b
JG		 465
466 len = min_t(unsigned int, len, sizeof(pwr));
467 if (copy_to_user(optval, (char *) &pwr, len))
468 err = -EFAULT;
469
470 break;
471
2ea66482
MM		 472 case BT_CHANNEL_POLICY:
473 if (!enable_hs) {
474 err = -ENOPROTOOPT;
475 break;
476 }
477
478 if (put_user(chan->chan_policy, (u32 __user *) optval))
479 err = -EFAULT;
480 break;
481
99f4808d
GP		 482 default:
483 err = -ENOPROTOOPT;
484 break;
485 }
486
487 release_sock(sk);
488 return err;
489}
490
33575df7
GP		 491static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __user *optval, unsigned int optlen)
492{
493 struct sock *sk = sock->sk;
b4450035 494 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
33575df7
GP		 495 struct l2cap_options opts;
496 int len, err = 0;
497 u32 opt;
498
499 BT_DBG("sk %p", sk);
500
501 lock_sock(sk);
502
503 switch (optname) {
504 case L2CAP_OPTIONS:
505 if (sk->sk_state == BT_CONNECTED) {
506 err = -EINVAL;
507 break;
508 }
509
0c1bc5c6
GP		 510 opts.imtu = chan->imtu;
511 opts.omtu = chan->omtu;
512 opts.flush_to = chan->flush_to;
513 opts.mode = chan->mode;
47d1ec61
GP		 514 opts.fcs = chan->fcs;
515 opts.max_tx = chan->max_tx;
6327eb98 516 opts.txwin_size = chan->tx_win;
33575df7
GP		 517
518 len = min_t(unsigned int, sizeof(opts), optlen);
519 if (copy_from_user((char *) &opts, optval, len)) {
520 err = -EFAULT;
521 break;
522 }
523
6327eb98 524 if (opts.txwin_size > L2CAP_DEFAULT_EXT_WINDOW) {
33575df7
GP		 525 err = -EINVAL;
526 break;
527 }
528
0c1bc5c6
GP		 529 chan->mode = opts.mode;
530 switch (chan->mode) {
33575df7 531 case L2CAP_MODE_BASIC:
c1360a1c 532 clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);
33575df7
GP		 533 break;
534 case L2CAP_MODE_ERTM:
535 case L2CAP_MODE_STREAMING:
536 if (!disable_ertm)
537 break;
538 /* fall through */
539 default:
540 err = -EINVAL;
541 break;
542 }
543
0c1bc5c6
GP		 544 chan->imtu = opts.imtu;
545 chan->omtu = opts.omtu;
47d1ec61
GP		 546 chan->fcs = opts.fcs;
547 chan->max_tx = opts.max_tx;
6327eb98 548 chan->tx_win = opts.txwin_size;
33575df7
GP		 549 break;
550
551 case L2CAP_LM:
552 if (get_user(opt, (u32 __user *) optval)) {
553 err = -EFAULT;
554 break;
555 }
556
557 if (opt & L2CAP_LM_AUTH)
4343478f 558 chan->sec_level = BT_SECURITY_LOW;
33575df7 559 if (opt & L2CAP_LM_ENCRYPT)
4343478f 560 chan->sec_level = BT_SECURITY_MEDIUM;
33575df7 561 if (opt & L2CAP_LM_SECURE)
4343478f 562 chan->sec_level = BT_SECURITY_HIGH;
33575df7 563
43bd0f32
AE		 564 if (opt & L2CAP_LM_MASTER)
565 set_bit(FLAG_ROLE_SWITCH, &chan->flags);
566 else
567 clear_bit(FLAG_ROLE_SWITCH, &chan->flags);
ecf61bdb
AE		 568
569 if (opt & L2CAP_LM_RELIABLE)
570 set_bit(FLAG_FORCE_RELIABLE, &chan->flags);
571 else
572 clear_bit(FLAG_FORCE_RELIABLE, &chan->flags);
33575df7
GP		 573 break;
574
575 default:
576 err = -ENOPROTOOPT;
577 break;
578 }
579
580 release_sock(sk);
581 return err;
582}
583
584static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
585{
586 struct sock *sk = sock->sk;
4343478f 587 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
33575df7 588 struct bt_security sec;
14b12d0b 589 struct bt_power pwr;
f1cb9af5 590 struct l2cap_conn *conn;
33575df7
GP		 591 int len, err = 0;
592 u32 opt;
593
594 BT_DBG("sk %p", sk);
595
596 if (level == SOL_L2CAP)
597 return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
598
599 if (level != SOL_BLUETOOTH)
600 return -ENOPROTOOPT;
601
602 lock_sock(sk);
603
604 switch (optname) {
605 case BT_SECURITY:
715ec005
GP		 606 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
607 chan->chan_type != L2CAP_CHAN_RAW) {
33575df7
GP		 608 err = -EINVAL;
609 break;
610 }
611
612 sec.level = BT_SECURITY_LOW;
613
614 len = min_t(unsigned int, sizeof(sec), optlen);
615 if (copy_from_user((char *) &sec, optval, len)) {
616 err = -EFAULT;
617 break;
618 }
619
620 if (sec.level < BT_SECURITY_LOW ||
621 sec.level > BT_SECURITY_HIGH) {
622 err = -EINVAL;
623 break;
624 }
625
4343478f 626 chan->sec_level = sec.level;
f1cb9af5
VCG		 627
628 conn = chan->conn;
629 if (conn && chan->scid == L2CAP_CID_LE_DATA) {
630 if (!conn->hcon->out) {
631 err = -EINVAL;
632 break;
633 }
634
635 if (smp_conn_security(conn, sec.level))
636 break;
637
638 err = 0;
639 sk->sk_state = BT_CONFIG;
640 }
33575df7
GP		 641 break;
642
643 case BT_DEFER_SETUP:
644 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
645 err = -EINVAL;
646 break;
647 }
648
649 if (get_user(opt, (u32 __user *) optval)) {
650 err = -EFAULT;
651 break;
652 }
653
654 bt_sk(sk)->defer_setup = opt;
655 break;
656
657 case BT_FLUSHABLE:
658 if (get_user(opt, (u32 __user *) optval)) {
659 err = -EFAULT;
660 break;
661 }
662
663 if (opt > BT_FLUSHABLE_ON) {
664 err = -EINVAL;
665 break;
666 }
667
668 if (opt == BT_FLUSHABLE_OFF) {
8c1d787b 669 struct l2cap_conn *conn = chan->conn;
25985edc 670 /* proceed further only when we have l2cap_conn and
33575df7
GP		 671 No Flush support in the LM */
672 if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) {
673 err = -EINVAL;
674 break;
675 }
676 }
677
d57b0e8b
AE		 678 if (opt)
679 set_bit(FLAG_FLUSHABLE, &chan->flags);
680 else
681 clear_bit(FLAG_FLUSHABLE, &chan->flags);
33575df7
GP		 682 break;
683
14b12d0b
JG		 684 case BT_POWER:
685 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
686 chan->chan_type != L2CAP_CHAN_RAW) {
687 err = -EINVAL;
688 break;
689 }
690
691 pwr.force_active = BT_POWER_FORCE_ACTIVE_ON;
692
693 len = min_t(unsigned int, sizeof(pwr), optlen);
694 if (copy_from_user((char *) &pwr, optval, len)) {
695 err = -EFAULT;
696 break;
697 }
15770b1a
AE		 698
699 if (pwr.force_active)
700 set_bit(FLAG_FORCE_ACTIVE, &chan->flags);
701 else
702 clear_bit(FLAG_FORCE_ACTIVE, &chan->flags);
14b12d0b
JG		 703 break;
704
2ea66482
MM		 705 case BT_CHANNEL_POLICY:
706 if (!enable_hs) {
707 err = -ENOPROTOOPT;
708 break;
709 }
710
711 if (get_user(opt, (u32 __user *) optval)) {
712 err = -EFAULT;
713 break;
714 }
715
716 if (opt > BT_CHANNEL_POLICY_AMP_PREFERRED) {
717 err = -EINVAL;
718 break;
719 }
720
721 if (chan->mode != L2CAP_MODE_ERTM &&
722 chan->mode != L2CAP_MODE_STREAMING) {
723 err = -EOPNOTSUPP;
724 break;
725 }
726
727 chan->chan_policy = (u8) opt;
14b12d0b
JG		 728 break;
729
33575df7
GP		 730 default:
731 err = -ENOPROTOOPT;
732 break;
733 }
734
735 release_sock(sk);
736 return err;
737}
fd83ccdb
GP		 738
739static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len)
740{
741 struct sock *sk = sock->sk;
0c1bc5c6 742 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
fd83ccdb
GP		 743 int err;
744
745 BT_DBG("sock %p, sk %p", sock, sk);
746
747 err = sock_error(sk);
748 if (err)
749 return err;
750
751 if (msg->msg_flags & MSG_OOB)
752 return -EOPNOTSUPP;
753
754 lock_sock(sk);
755
756 if (sk->sk_state != BT_CONNECTED) {
9a91a04a
GP		 757 release_sock(sk);
758 return -ENOTCONN;
fd83ccdb
GP		 759 }
760
5e59b791 761 err = l2cap_chan_send(chan, msg, len, sk->sk_priority);
fd83ccdb 762
fd83ccdb
GP		 763 release_sock(sk);
764 return err;
765}
33575df7 766
68983259
GP		 767static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len, int flags)
768{
769 struct sock *sk = sock->sk;
e328140f
MM		 770 struct l2cap_pinfo *pi = l2cap_pi(sk);
771 int err;
68983259
GP		 772
773 lock_sock(sk);
774
775 if (sk->sk_state == BT_CONNECT2 && bt_sk(sk)->defer_setup) {
8c1d787b
GP		 776 sk->sk_state = BT_CONFIG;
777
e328140f 778 __l2cap_connect_rsp_defer(pi->chan);
68983259
GP		 779 release_sock(sk);
780 return 0;
781 }
782
783 release_sock(sk);
784
785 if (sock->type == SOCK_STREAM)
e328140f
MM		 786 err = bt_sock_stream_recvmsg(iocb, sock, msg, len, flags);
787 else
788 err = bt_sock_recvmsg(iocb, sock, msg, len, flags);
789
790 if (pi->chan->mode != L2CAP_MODE_ERTM)
791 return err;
792
793 /* Attempt to put pending rx data in the socket buffer */
794
795 lock_sock(sk);
796
797 if (!test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state))
798 goto done;
799
800 if (pi->rx_busy_skb) {
801 if (!sock_queue_rcv_skb(sk, pi->rx_busy_skb))
802 pi->rx_busy_skb = NULL;
803 else
804 goto done;
805 }
806
807 /* Restore data flow when half of the receive buffer is
808 * available. This avoids resending large numbers of
809 * frames.
810 */
811 if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1)
812 l2cap_chan_busy(pi->chan, 0);
68983259 813
e328140f
MM		 814done:
815 release_sock(sk);
816 return err;
68983259
GP		 817}
818
05fc1576
GP		 819/* Kill socket (only if zapped and orphan)
820 * Must be called on unlocked socket.
821 */
ba3bd0ee 822static void l2cap_sock_kill(struct sock *sk)
05fc1576
GP		 823{
824 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
825 return;
826
827 BT_DBG("sk %p state %d", sk, sk->sk_state);
828
829 /* Kill poor orphan */
6ff5abbf 830
23691d75 831 l2cap_chan_destroy(l2cap_pi(sk)->chan);
05fc1576
GP		 832 sock_set_flag(sk, SOCK_DEAD);
833 sock_put(sk);
834}
835
dcba0dba
GP		 836static int l2cap_sock_shutdown(struct socket *sock, int how)
837{
838 struct sock *sk = sock->sk;
0c1bc5c6 839 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
dcba0dba
GP		 840 int err = 0;
841
842 BT_DBG("sock %p, sk %p", sock, sk);
843
844 if (!sk)
845 return 0;
846
847 lock_sock(sk);
848 if (!sk->sk_shutdown) {
0c1bc5c6 849 if (chan->mode == L2CAP_MODE_ERTM)
dcba0dba
GP		 850 err = __l2cap_wait_ack(sk);
851
852 sk->sk_shutdown = SHUTDOWN_MASK;
0f852724 853 l2cap_chan_close(chan, 0);
dcba0dba
GP		 854
855 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
856 err = bt_sock_wait_state(sk, BT_CLOSED,
857 sk->sk_lingertime);
858 }
859
860 if (!err && sk->sk_err)
861 err = -sk->sk_err;
862
863 release_sock(sk);
864 return err;
865}
866
554f05bb
GP		 867static int l2cap_sock_release(struct socket *sock)
868{
869 struct sock *sk = sock->sk;
870 int err;
871
872 BT_DBG("sock %p, sk %p", sock, sk);
873
874 if (!sk)
875 return 0;
876
877 err = l2cap_sock_shutdown(sock, 2);
878
879 sock_orphan(sk);
880 l2cap_sock_kill(sk);
881 return err;
882}
883
80808e43
GP		 884static struct l2cap_chan *l2cap_sock_new_connection_cb(void *data)
885{
886 struct sock *sk, *parent = data;
887
888 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP,
889 GFP_ATOMIC);
890 if (!sk)
891 return NULL;
892
893 l2cap_sock_init(sk, parent);
894
895 return l2cap_pi(sk)->chan;
896}
897
23070494
GP		 898static int l2cap_sock_recv_cb(void *data, struct sk_buff *skb)
899{
e328140f 900 int err;
23070494 901 struct sock *sk = data;
e328140f
MM		 902 struct l2cap_pinfo *pi = l2cap_pi(sk);
903
904 if (pi->rx_busy_skb)
905 return -ENOMEM;
906
907 err = sock_queue_rcv_skb(sk, skb);
908
909 /* For ERTM, handle one skb that doesn't fit into the recv
910 * buffer. This is important to do because the data frames
911 * have already been acked, so the skb cannot be discarded.
912 *
913 * Notify the l2cap core that the buffer is full, so the
914 * LOCAL_BUSY state is entered and no more frames are
915 * acked and reassembled until there is buffer space
916 * available.
917 */
918 if (err < 0 && pi->chan->mode == L2CAP_MODE_ERTM) {
919 pi->rx_busy_skb = skb;
920 l2cap_chan_busy(pi->chan, 1);
921 err = 0;
922 }
23070494 923
e328140f 924 return err;
23070494
GP		 925}
926
ba3bd0ee
GP		 927static void l2cap_sock_close_cb(void *data)
928{
929 struct sock *sk = data;
930
931 l2cap_sock_kill(sk);
932}
933
89bc500e
GP		 934static void l2cap_sock_state_change_cb(void *data, int state)
935{
936 struct sock *sk = data;
937
938 sk->sk_state = state;
939}
940
80808e43
GP		 941static struct l2cap_ops l2cap_chan_ops = {
942 .name = "L2CAP Socket Interface",
943 .new_connection = l2cap_sock_new_connection_cb,
23070494 944 .recv = l2cap_sock_recv_cb,
ba3bd0ee 945 .close = l2cap_sock_close_cb,
89bc500e 946 .state_change = l2cap_sock_state_change_cb,
80808e43
GP		 947};
948
bb58f747
GP		 949static void l2cap_sock_destruct(struct sock *sk)
950{
951 BT_DBG("sk %p", sk);
952
e328140f
MM		 953 if (l2cap_pi(sk)->rx_busy_skb) {
954 kfree_skb(l2cap_pi(sk)->rx_busy_skb);
955 l2cap_pi(sk)->rx_busy_skb = NULL;
956 }
957
bb58f747
GP		 958 skb_queue_purge(&sk->sk_receive_queue);
959 skb_queue_purge(&sk->sk_write_queue);
960}
961
80808e43 962static void l2cap_sock_init(struct sock *sk, struct sock *parent)
bb58f747
GP		 963{
964 struct l2cap_pinfo *pi = l2cap_pi(sk);
b4450035 965 struct l2cap_chan *chan = pi->chan;
bb58f747
GP		 966
967 BT_DBG("sk %p", sk);
968
969 if (parent) {
b4450035
GP		 970 struct l2cap_chan *pchan = l2cap_pi(parent)->chan;
971
bb58f747
GP		 972 sk->sk_type = parent->sk_type;
973 bt_sk(sk)->defer_setup = bt_sk(parent)->defer_setup;
974
715ec005 975 chan->chan_type = pchan->chan_type;
0c1bc5c6
GP		 976 chan->imtu = pchan->imtu;
977 chan->omtu = pchan->omtu;
b4450035 978 chan->conf_state = pchan->conf_state;
0c1bc5c6 979 chan->mode = pchan->mode;
47d1ec61
GP		 980 chan->fcs = pchan->fcs;
981 chan->max_tx = pchan->max_tx;
982 chan->tx_win = pchan->tx_win;
6b3c7104 983 chan->tx_win_max = pchan->tx_win_max;
4343478f 984 chan->sec_level = pchan->sec_level;
d57b0e8b 985 chan->flags = pchan->flags;
6230c9b4
PM		 986
987 security_sk_clone(parent, sk);
bb58f747 988 } else {
715ec005
GP		 989
990 switch (sk->sk_type) {
991 case SOCK_RAW:
992 chan->chan_type = L2CAP_CHAN_RAW;
993 break;
994 case SOCK_DGRAM:
995 chan->chan_type = L2CAP_CHAN_CONN_LESS;
996 break;
997 case SOCK_SEQPACKET:
998 case SOCK_STREAM:
999 chan->chan_type = L2CAP_CHAN_CONN_ORIENTED;
1000 break;
1001 }
1002
0c1bc5c6
GP		 1003 chan->imtu = L2CAP_DEFAULT_MTU;
1004 chan->omtu = 0;
bb58f747 1005 if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
0c1bc5c6 1006 chan->mode = L2CAP_MODE_ERTM;
c1360a1c 1007 set_bit(CONF_STATE2_DEVICE, &chan->conf_state);
bb58f747 1008 } else {
0c1bc5c6 1009 chan->mode = L2CAP_MODE_BASIC;
bb58f747 1010 }
47d1ec61
GP		 1011 chan->max_tx = L2CAP_DEFAULT_MAX_TX;
1012 chan->fcs = L2CAP_FCS_CRC16;
1013 chan->tx_win = L2CAP_DEFAULT_TX_WINDOW;
6b3c7104 1014 chan->tx_win_max = L2CAP_DEFAULT_TX_WINDOW;
4343478f 1015 chan->sec_level = BT_SECURITY_LOW;
d57b0e8b 1016 chan->flags = 0;
15770b1a 1017 set_bit(FLAG_FORCE_ACTIVE, &chan->flags);
bb58f747
GP		 1018 }
1019
1020 /* Default config options */
0c1bc5c6 1021 chan->flush_to = L2CAP_DEFAULT_FLUSH_TO;
80808e43
GP		 1022
1023 chan->data = sk;
1024 chan->ops = &l2cap_chan_ops;
bb58f747
GP		 1025}
1026
1027static struct proto l2cap_proto = {
1028 .name = "L2CAP",
1029 .owner = THIS_MODULE,
1030 .obj_size = sizeof(struct l2cap_pinfo)
1031};
1032
80808e43 1033static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
bb58f747
GP		 1034{
1035 struct sock *sk;
dc50a06d 1036 struct l2cap_chan *chan;
bb58f747
GP		 1037
1038 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
1039 if (!sk)
1040 return NULL;
1041
1042 sock_init_data(sock, sk);
1043 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
1044
1045 sk->sk_destruct = l2cap_sock_destruct;
6be6b11f 1046 sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;
bb58f747
GP		 1047
1048 sock_reset_flag(sk, SOCK_ZAPPED);
1049
1050 sk->sk_protocol = proto;
1051 sk->sk_state = BT_OPEN;
1052
dc50a06d
GP		 1053 chan = l2cap_chan_create(sk);
1054 if (!chan) {
1055 l2cap_sock_kill(sk);
1056 return NULL;
1057 }
1058
1059 l2cap_pi(sk)->chan = chan;
1060
bb58f747
GP		 1061 return sk;
1062}
1063
1064static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
1065 int kern)
1066{
1067 struct sock *sk;
1068
1069 BT_DBG("sock %p", sock);
1070
1071 sock->state = SS_UNCONNECTED;
1072
1073 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
1074 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
1075 return -ESOCKTNOSUPPORT;
1076
1077 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
1078 return -EPERM;
1079
1080 sock->ops = &l2cap_sock_ops;
1081
1082 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
1083 if (!sk)
1084 return -ENOMEM;
1085
1086 l2cap_sock_init(sk, NULL);
1087 return 0;
1088}
1089
cf2f90f5 1090static const struct proto_ops l2cap_sock_ops = {
65390587
GP		 1091 .family = PF_BLUETOOTH,
1092 .owner = THIS_MODULE,
1093 .release = l2cap_sock_release,
1094 .bind = l2cap_sock_bind,
1095 .connect = l2cap_sock_connect,
1096 .listen = l2cap_sock_listen,
1097 .accept = l2cap_sock_accept,
1098 .getname = l2cap_sock_getname,
1099 .sendmsg = l2cap_sock_sendmsg,
1100 .recvmsg = l2cap_sock_recvmsg,
1101 .poll = bt_sock_poll,
1102 .ioctl = bt_sock_ioctl,
1103 .mmap = sock_no_mmap,
1104 .socketpair = sock_no_socketpair,
1105 .shutdown = l2cap_sock_shutdown,
1106 .setsockopt = l2cap_sock_setsockopt,
1107 .getsockopt = l2cap_sock_getsockopt
1108};
1109
bb58f747
GP		 1110static const struct net_proto_family l2cap_sock_family_ops = {
1111 .family = PF_BLUETOOTH,
1112 .owner = THIS_MODULE,
1113 .create = l2cap_sock_create,
1114};
1115
1116int __init l2cap_init_sockets(void)
1117{
e2174ca4 1118 int err;
bb58f747 1119
e2174ca4
GP		 1120 err = proto_register(&l2cap_proto, 0);
1121 if (err < 0)
1122 return err;
bb58f747 1123
e2174ca4
GP		 1124 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
1125 if (err < 0)
1126 goto error;
bb58f747 1127
e2174ca4 1128 BT_INFO("L2CAP socket layer initialized");
bb58f747 1129
e2174ca4 1130 return 0;
bb58f747
GP		 1131
1132error:
e2174ca4
GP		 1133 BT_ERR("L2CAP socket registration failed");
1134 proto_unregister(&l2cap_proto);
1135 return err;
bb58f747
GP		 1136}
1137
1138void l2cap_cleanup_sockets(void)
1139{
e2174ca4
GP		 1140 if (bt_sock_unregister(BTPROTO_L2CAP) < 0)
1141 BT_ERR("L2CAP socket unregistration failed");
bb58f747 1142
e2174ca4 1143 proto_unregister(&l2cap_proto);
bb58f747 1144}
Linux kernel - Deliverables
This page took 0.121201 seconds and 5 git commands to generate.