Commit | Line | Data |
---|---|---|
8e87d142 | 1 | /* |
1da177e4 LT |
2 | RFCOMM implementation for Linux Bluetooth stack (BlueZ). |
3 | Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> | |
4 | Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org> | |
5 | ||
6 | This program is free software; you can redistribute it and/or modify | |
7 | it under the terms of the GNU General Public License version 2 as | |
8 | published by the Free Software Foundation; | |
9 | ||
10 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | |
11 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
12 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | |
13 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | |
8e87d142 YH |
14 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES |
15 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | |
16 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | |
1da177e4 LT |
17 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
18 | ||
8e87d142 YH |
19 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, |
20 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | |
1da177e4 LT |
21 | SOFTWARE IS DISCLAIMED. |
22 | */ | |
23 | ||
24 | /* | |
25 | * RFCOMM sockets. | |
1da177e4 LT |
26 | */ |
27 | ||
1da177e4 LT |
28 | #include <linux/module.h> |
29 | ||
30 | #include <linux/types.h> | |
31 | #include <linux/errno.h> | |
32 | #include <linux/kernel.h> | |
1da177e4 LT |
33 | #include <linux/sched.h> |
34 | #include <linux/slab.h> | |
35 | #include <linux/poll.h> | |
36 | #include <linux/fcntl.h> | |
37 | #include <linux/init.h> | |
38 | #include <linux/interrupt.h> | |
39 | #include <linux/socket.h> | |
40 | #include <linux/skbuff.h> | |
41 | #include <linux/list.h> | |
be9d1227 | 42 | #include <linux/device.h> |
1da177e4 LT |
43 | #include <net/sock.h> |
44 | ||
45 | #include <asm/system.h> | |
46 | #include <asm/uaccess.h> | |
47 | ||
48 | #include <net/bluetooth/bluetooth.h> | |
49 | #include <net/bluetooth/hci_core.h> | |
50 | #include <net/bluetooth/l2cap.h> | |
51 | #include <net/bluetooth/rfcomm.h> | |
52 | ||
53 | #ifndef CONFIG_BT_RFCOMM_DEBUG | |
54 | #undef BT_DBG | |
55 | #define BT_DBG(D...) | |
56 | #endif | |
57 | ||
90ddc4f0 | 58 | static const struct proto_ops rfcomm_sock_ops; |
1da177e4 LT |
59 | |
60 | static struct bt_sock_list rfcomm_sk_list = { | |
d5fb2962 | 61 | .lock = __RW_LOCK_UNLOCKED(rfcomm_sk_list.lock) |
1da177e4 LT |
62 | }; |
63 | ||
64 | static void rfcomm_sock_close(struct sock *sk); | |
65 | static void rfcomm_sock_kill(struct sock *sk); | |
66 | ||
67 | /* ---- DLC callbacks ---- | |
68 | * | |
69 | * called under rfcomm_dlc_lock() | |
70 | */ | |
71 | static void rfcomm_sk_data_ready(struct rfcomm_dlc *d, struct sk_buff *skb) | |
72 | { | |
73 | struct sock *sk = d->owner; | |
74 | if (!sk) | |
75 | return; | |
76 | ||
77 | atomic_add(skb->len, &sk->sk_rmem_alloc); | |
78 | skb_queue_tail(&sk->sk_receive_queue, skb); | |
79 | sk->sk_data_ready(sk, skb->len); | |
80 | ||
81 | if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf) | |
82 | rfcomm_dlc_throttle(d); | |
83 | } | |
84 | ||
85 | static void rfcomm_sk_state_change(struct rfcomm_dlc *d, int err) | |
86 | { | |
87 | struct sock *sk = d->owner, *parent; | |
88 | if (!sk) | |
89 | return; | |
90 | ||
91 | BT_DBG("dlc %p state %ld err %d", d, d->state, err); | |
92 | ||
93 | bh_lock_sock(sk); | |
94 | ||
95 | if (err) | |
96 | sk->sk_err = err; | |
97 | ||
98 | sk->sk_state = d->state; | |
99 | ||
100 | parent = bt_sk(sk)->parent; | |
101 | if (parent) { | |
102 | if (d->state == BT_CLOSED) { | |
103 | sock_set_flag(sk, SOCK_ZAPPED); | |
104 | bt_accept_unlink(sk); | |
105 | } | |
106 | parent->sk_data_ready(parent, 0); | |
107 | } else { | |
108 | if (d->state == BT_CONNECTED) | |
109 | rfcomm_session_getaddr(d->session, &bt_sk(sk)->src, NULL); | |
110 | sk->sk_state_change(sk); | |
111 | } | |
112 | ||
113 | bh_unlock_sock(sk); | |
114 | ||
115 | if (parent && sock_flag(sk, SOCK_ZAPPED)) { | |
116 | /* We have to drop DLC lock here, otherwise | |
117 | * rfcomm_sock_destruct() will dead lock. */ | |
118 | rfcomm_dlc_unlock(d); | |
119 | rfcomm_sock_kill(sk); | |
120 | rfcomm_dlc_lock(d); | |
121 | } | |
122 | } | |
123 | ||
124 | /* ---- Socket functions ---- */ | |
125 | static struct sock *__rfcomm_get_sock_by_addr(u8 channel, bdaddr_t *src) | |
126 | { | |
127 | struct sock *sk = NULL; | |
128 | struct hlist_node *node; | |
129 | ||
130 | sk_for_each(sk, node, &rfcomm_sk_list.head) { | |
8e87d142 | 131 | if (rfcomm_pi(sk)->channel == channel && |
1da177e4 LT |
132 | !bacmp(&bt_sk(sk)->src, src)) |
133 | break; | |
134 | } | |
135 | ||
136 | return node ? sk : NULL; | |
137 | } | |
138 | ||
139 | /* Find socket with channel and source bdaddr. | |
140 | * Returns closest match. | |
141 | */ | |
142 | static struct sock *__rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src) | |
143 | { | |
144 | struct sock *sk = NULL, *sk1 = NULL; | |
145 | struct hlist_node *node; | |
146 | ||
147 | sk_for_each(sk, node, &rfcomm_sk_list.head) { | |
148 | if (state && sk->sk_state != state) | |
149 | continue; | |
150 | ||
151 | if (rfcomm_pi(sk)->channel == channel) { | |
152 | /* Exact match. */ | |
153 | if (!bacmp(&bt_sk(sk)->src, src)) | |
154 | break; | |
155 | ||
156 | /* Closest match */ | |
157 | if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY)) | |
158 | sk1 = sk; | |
159 | } | |
160 | } | |
161 | return node ? sk : sk1; | |
162 | } | |
163 | ||
164 | /* Find socket with given address (channel, src). | |
165 | * Returns locked socket */ | |
166 | static inline struct sock *rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src) | |
167 | { | |
168 | struct sock *s; | |
169 | read_lock(&rfcomm_sk_list.lock); | |
170 | s = __rfcomm_get_sock_by_channel(state, channel, src); | |
171 | if (s) bh_lock_sock(s); | |
172 | read_unlock(&rfcomm_sk_list.lock); | |
173 | return s; | |
174 | } | |
175 | ||
176 | static void rfcomm_sock_destruct(struct sock *sk) | |
177 | { | |
178 | struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc; | |
179 | ||
180 | BT_DBG("sk %p dlc %p", sk, d); | |
181 | ||
182 | skb_queue_purge(&sk->sk_receive_queue); | |
183 | skb_queue_purge(&sk->sk_write_queue); | |
184 | ||
185 | rfcomm_dlc_lock(d); | |
186 | rfcomm_pi(sk)->dlc = NULL; | |
187 | ||
188 | /* Detach DLC if it's owned by this socket */ | |
189 | if (d->owner == sk) | |
190 | d->owner = NULL; | |
191 | rfcomm_dlc_unlock(d); | |
192 | ||
193 | rfcomm_dlc_put(d); | |
194 | } | |
195 | ||
196 | static void rfcomm_sock_cleanup_listen(struct sock *parent) | |
197 | { | |
198 | struct sock *sk; | |
199 | ||
200 | BT_DBG("parent %p", parent); | |
201 | ||
202 | /* Close not yet accepted dlcs */ | |
203 | while ((sk = bt_accept_dequeue(parent, NULL))) { | |
204 | rfcomm_sock_close(sk); | |
205 | rfcomm_sock_kill(sk); | |
206 | } | |
207 | ||
208 | parent->sk_state = BT_CLOSED; | |
209 | sock_set_flag(parent, SOCK_ZAPPED); | |
210 | } | |
211 | ||
212 | /* Kill socket (only if zapped and orphan) | |
213 | * Must be called on unlocked socket. | |
214 | */ | |
215 | static void rfcomm_sock_kill(struct sock *sk) | |
216 | { | |
217 | if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket) | |
218 | return; | |
219 | ||
220 | BT_DBG("sk %p state %d refcnt %d", sk, sk->sk_state, atomic_read(&sk->sk_refcnt)); | |
221 | ||
222 | /* Kill poor orphan */ | |
223 | bt_sock_unlink(&rfcomm_sk_list, sk); | |
224 | sock_set_flag(sk, SOCK_DEAD); | |
225 | sock_put(sk); | |
226 | } | |
227 | ||
228 | static void __rfcomm_sock_close(struct sock *sk) | |
229 | { | |
230 | struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc; | |
231 | ||
232 | BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket); | |
233 | ||
234 | switch (sk->sk_state) { | |
235 | case BT_LISTEN: | |
236 | rfcomm_sock_cleanup_listen(sk); | |
237 | break; | |
238 | ||
239 | case BT_CONNECT: | |
240 | case BT_CONNECT2: | |
241 | case BT_CONFIG: | |
242 | case BT_CONNECTED: | |
243 | rfcomm_dlc_close(d, 0); | |
244 | ||
245 | default: | |
246 | sock_set_flag(sk, SOCK_ZAPPED); | |
247 | break; | |
248 | } | |
249 | } | |
250 | ||
251 | /* Close socket. | |
252 | * Must be called on unlocked socket. | |
253 | */ | |
254 | static void rfcomm_sock_close(struct sock *sk) | |
255 | { | |
256 | lock_sock(sk); | |
257 | __rfcomm_sock_close(sk); | |
258 | release_sock(sk); | |
259 | } | |
260 | ||
261 | static void rfcomm_sock_init(struct sock *sk, struct sock *parent) | |
262 | { | |
263 | struct rfcomm_pinfo *pi = rfcomm_pi(sk); | |
264 | ||
265 | BT_DBG("sk %p", sk); | |
266 | ||
267 | if (parent) { | |
268 | sk->sk_type = parent->sk_type; | |
269 | pi->link_mode = rfcomm_pi(parent)->link_mode; | |
270 | } else { | |
271 | pi->link_mode = 0; | |
272 | } | |
273 | ||
274 | pi->dlc->link_mode = pi->link_mode; | |
275 | } | |
276 | ||
277 | static struct proto rfcomm_proto = { | |
278 | .name = "RFCOMM", | |
279 | .owner = THIS_MODULE, | |
280 | .obj_size = sizeof(struct rfcomm_pinfo) | |
281 | }; | |
282 | ||
1b8d7ae4 | 283 | static struct sock *rfcomm_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio) |
1da177e4 LT |
284 | { |
285 | struct rfcomm_dlc *d; | |
286 | struct sock *sk; | |
287 | ||
6257ff21 | 288 | sk = sk_alloc(net, PF_BLUETOOTH, prio, &rfcomm_proto); |
1da177e4 LT |
289 | if (!sk) |
290 | return NULL; | |
291 | ||
292 | sock_init_data(sock, sk); | |
293 | INIT_LIST_HEAD(&bt_sk(sk)->accept_q); | |
294 | ||
295 | d = rfcomm_dlc_alloc(prio); | |
296 | if (!d) { | |
297 | sk_free(sk); | |
298 | return NULL; | |
299 | } | |
300 | ||
301 | d->data_ready = rfcomm_sk_data_ready; | |
302 | d->state_change = rfcomm_sk_state_change; | |
303 | ||
304 | rfcomm_pi(sk)->dlc = d; | |
305 | d->owner = sk; | |
306 | ||
307 | sk->sk_destruct = rfcomm_sock_destruct; | |
308 | sk->sk_sndtimeo = RFCOMM_CONN_TIMEOUT; | |
309 | ||
310 | sk->sk_sndbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10; | |
311 | sk->sk_rcvbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10; | |
312 | ||
313 | sock_reset_flag(sk, SOCK_ZAPPED); | |
314 | ||
315 | sk->sk_protocol = proto; | |
316 | sk->sk_state = BT_OPEN; | |
317 | ||
318 | bt_sock_link(&rfcomm_sk_list, sk); | |
319 | ||
320 | BT_DBG("sk %p", sk); | |
321 | return sk; | |
322 | } | |
323 | ||
1b8d7ae4 | 324 | static int rfcomm_sock_create(struct net *net, struct socket *sock, int protocol) |
1da177e4 LT |
325 | { |
326 | struct sock *sk; | |
327 | ||
328 | BT_DBG("sock %p", sock); | |
329 | ||
330 | sock->state = SS_UNCONNECTED; | |
331 | ||
332 | if (sock->type != SOCK_STREAM && sock->type != SOCK_RAW) | |
333 | return -ESOCKTNOSUPPORT; | |
334 | ||
335 | sock->ops = &rfcomm_sock_ops; | |
336 | ||
1b8d7ae4 | 337 | sk = rfcomm_sock_alloc(net, sock, protocol, GFP_ATOMIC); |
74da626a | 338 | if (!sk) |
1da177e4 LT |
339 | return -ENOMEM; |
340 | ||
341 | rfcomm_sock_init(sk, NULL); | |
342 | return 0; | |
343 | } | |
344 | ||
345 | static int rfcomm_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len) | |
346 | { | |
347 | struct sockaddr_rc *sa = (struct sockaddr_rc *) addr; | |
348 | struct sock *sk = sock->sk; | |
349 | int err = 0; | |
350 | ||
351 | BT_DBG("sk %p %s", sk, batostr(&sa->rc_bdaddr)); | |
352 | ||
353 | if (!addr || addr->sa_family != AF_BLUETOOTH) | |
354 | return -EINVAL; | |
355 | ||
356 | lock_sock(sk); | |
357 | ||
358 | if (sk->sk_state != BT_OPEN) { | |
359 | err = -EBADFD; | |
360 | goto done; | |
361 | } | |
362 | ||
354d28d5 MH |
363 | if (sk->sk_type != SOCK_STREAM) { |
364 | err = -EINVAL; | |
365 | goto done; | |
366 | } | |
367 | ||
1da177e4 LT |
368 | write_lock_bh(&rfcomm_sk_list.lock); |
369 | ||
370 | if (sa->rc_channel && __rfcomm_get_sock_by_addr(sa->rc_channel, &sa->rc_bdaddr)) { | |
371 | err = -EADDRINUSE; | |
372 | } else { | |
373 | /* Save source address */ | |
374 | bacpy(&bt_sk(sk)->src, &sa->rc_bdaddr); | |
375 | rfcomm_pi(sk)->channel = sa->rc_channel; | |
376 | sk->sk_state = BT_BOUND; | |
377 | } | |
378 | ||
379 | write_unlock_bh(&rfcomm_sk_list.lock); | |
380 | ||
381 | done: | |
382 | release_sock(sk); | |
383 | return err; | |
384 | } | |
385 | ||
386 | static int rfcomm_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags) | |
387 | { | |
388 | struct sockaddr_rc *sa = (struct sockaddr_rc *) addr; | |
389 | struct sock *sk = sock->sk; | |
390 | struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc; | |
391 | int err = 0; | |
392 | ||
393 | BT_DBG("sk %p", sk); | |
394 | ||
395 | if (addr->sa_family != AF_BLUETOOTH || alen < sizeof(struct sockaddr_rc)) | |
396 | return -EINVAL; | |
397 | ||
354d28d5 | 398 | lock_sock(sk); |
1da177e4 | 399 | |
354d28d5 MH |
400 | if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) { |
401 | err = -EBADFD; | |
402 | goto done; | |
403 | } | |
1da177e4 | 404 | |
354d28d5 MH |
405 | if (sk->sk_type != SOCK_STREAM) { |
406 | err = -EINVAL; | |
407 | goto done; | |
408 | } | |
1da177e4 LT |
409 | |
410 | sk->sk_state = BT_CONNECT; | |
411 | bacpy(&bt_sk(sk)->dst, &sa->rc_bdaddr); | |
412 | rfcomm_pi(sk)->channel = sa->rc_channel; | |
413 | ||
414 | err = rfcomm_dlc_open(d, &bt_sk(sk)->src, &sa->rc_bdaddr, sa->rc_channel); | |
415 | if (!err) | |
416 | err = bt_sock_wait_state(sk, BT_CONNECTED, | |
417 | sock_sndtimeo(sk, flags & O_NONBLOCK)); | |
418 | ||
354d28d5 | 419 | done: |
1da177e4 LT |
420 | release_sock(sk); |
421 | return err; | |
422 | } | |
423 | ||
424 | static int rfcomm_sock_listen(struct socket *sock, int backlog) | |
425 | { | |
426 | struct sock *sk = sock->sk; | |
427 | int err = 0; | |
428 | ||
429 | BT_DBG("sk %p backlog %d", sk, backlog); | |
430 | ||
431 | lock_sock(sk); | |
432 | ||
433 | if (sk->sk_state != BT_BOUND) { | |
434 | err = -EBADFD; | |
435 | goto done; | |
436 | } | |
437 | ||
354d28d5 MH |
438 | if (sk->sk_type != SOCK_STREAM) { |
439 | err = -EINVAL; | |
440 | goto done; | |
441 | } | |
442 | ||
1da177e4 LT |
443 | if (!rfcomm_pi(sk)->channel) { |
444 | bdaddr_t *src = &bt_sk(sk)->src; | |
445 | u8 channel; | |
446 | ||
447 | err = -EINVAL; | |
448 | ||
449 | write_lock_bh(&rfcomm_sk_list.lock); | |
450 | ||
451 | for (channel = 1; channel < 31; channel++) | |
452 | if (!__rfcomm_get_sock_by_addr(channel, src)) { | |
453 | rfcomm_pi(sk)->channel = channel; | |
454 | err = 0; | |
455 | break; | |
456 | } | |
457 | ||
458 | write_unlock_bh(&rfcomm_sk_list.lock); | |
459 | ||
460 | if (err < 0) | |
461 | goto done; | |
462 | } | |
463 | ||
464 | sk->sk_max_ack_backlog = backlog; | |
465 | sk->sk_ack_backlog = 0; | |
466 | sk->sk_state = BT_LISTEN; | |
467 | ||
468 | done: | |
469 | release_sock(sk); | |
470 | return err; | |
471 | } | |
472 | ||
473 | static int rfcomm_sock_accept(struct socket *sock, struct socket *newsock, int flags) | |
474 | { | |
475 | DECLARE_WAITQUEUE(wait, current); | |
476 | struct sock *sk = sock->sk, *nsk; | |
477 | long timeo; | |
478 | int err = 0; | |
479 | ||
480 | lock_sock(sk); | |
481 | ||
482 | if (sk->sk_state != BT_LISTEN) { | |
483 | err = -EBADFD; | |
484 | goto done; | |
485 | } | |
486 | ||
354d28d5 MH |
487 | if (sk->sk_type != SOCK_STREAM) { |
488 | err = -EINVAL; | |
489 | goto done; | |
490 | } | |
491 | ||
1da177e4 LT |
492 | timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK); |
493 | ||
494 | BT_DBG("sk %p timeo %ld", sk, timeo); | |
495 | ||
496 | /* Wait for an incoming connection. (wake-one). */ | |
497 | add_wait_queue_exclusive(sk->sk_sleep, &wait); | |
498 | while (!(nsk = bt_accept_dequeue(sk, newsock))) { | |
499 | set_current_state(TASK_INTERRUPTIBLE); | |
500 | if (!timeo) { | |
501 | err = -EAGAIN; | |
502 | break; | |
503 | } | |
504 | ||
505 | release_sock(sk); | |
506 | timeo = schedule_timeout(timeo); | |
507 | lock_sock(sk); | |
508 | ||
509 | if (sk->sk_state != BT_LISTEN) { | |
510 | err = -EBADFD; | |
511 | break; | |
512 | } | |
513 | ||
514 | if (signal_pending(current)) { | |
515 | err = sock_intr_errno(timeo); | |
516 | break; | |
517 | } | |
518 | } | |
519 | set_current_state(TASK_RUNNING); | |
520 | remove_wait_queue(sk->sk_sleep, &wait); | |
521 | ||
522 | if (err) | |
523 | goto done; | |
524 | ||
525 | newsock->state = SS_CONNECTED; | |
526 | ||
527 | BT_DBG("new socket %p", nsk); | |
528 | ||
529 | done: | |
530 | release_sock(sk); | |
531 | return err; | |
532 | } | |
533 | ||
534 | static int rfcomm_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer) | |
535 | { | |
536 | struct sockaddr_rc *sa = (struct sockaddr_rc *) addr; | |
537 | struct sock *sk = sock->sk; | |
538 | ||
539 | BT_DBG("sock %p, sk %p", sock, sk); | |
540 | ||
541 | sa->rc_family = AF_BLUETOOTH; | |
542 | sa->rc_channel = rfcomm_pi(sk)->channel; | |
543 | if (peer) | |
544 | bacpy(&sa->rc_bdaddr, &bt_sk(sk)->dst); | |
545 | else | |
546 | bacpy(&sa->rc_bdaddr, &bt_sk(sk)->src); | |
547 | ||
548 | *len = sizeof(struct sockaddr_rc); | |
549 | return 0; | |
550 | } | |
551 | ||
552 | static int rfcomm_sock_sendmsg(struct kiocb *iocb, struct socket *sock, | |
553 | struct msghdr *msg, size_t len) | |
554 | { | |
555 | struct sock *sk = sock->sk; | |
556 | struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc; | |
557 | struct sk_buff *skb; | |
1da177e4 LT |
558 | int sent = 0; |
559 | ||
560 | if (msg->msg_flags & MSG_OOB) | |
561 | return -EOPNOTSUPP; | |
562 | ||
563 | if (sk->sk_shutdown & SEND_SHUTDOWN) | |
564 | return -EPIPE; | |
565 | ||
566 | BT_DBG("sock %p, sk %p", sock, sk); | |
567 | ||
568 | lock_sock(sk); | |
569 | ||
570 | while (len) { | |
571 | size_t size = min_t(size_t, len, d->mtu); | |
4d6a2188 | 572 | int err; |
8e87d142 | 573 | |
1da177e4 LT |
574 | skb = sock_alloc_send_skb(sk, size + RFCOMM_SKB_RESERVE, |
575 | msg->msg_flags & MSG_DONTWAIT, &err); | |
576 | if (!skb) | |
577 | break; | |
578 | skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE); | |
579 | ||
580 | err = memcpy_fromiovec(skb_put(skb, size), msg->msg_iov, size); | |
581 | if (err) { | |
582 | kfree_skb(skb); | |
4d6a2188 MH |
583 | if (sent == 0) |
584 | sent = err; | |
1da177e4 LT |
585 | break; |
586 | } | |
587 | ||
588 | err = rfcomm_dlc_send(d, skb); | |
589 | if (err < 0) { | |
590 | kfree_skb(skb); | |
4d6a2188 MH |
591 | if (sent == 0) |
592 | sent = err; | |
1da177e4 LT |
593 | break; |
594 | } | |
595 | ||
596 | sent += size; | |
597 | len -= size; | |
598 | } | |
599 | ||
600 | release_sock(sk); | |
601 | ||
4d6a2188 | 602 | return sent; |
1da177e4 LT |
603 | } |
604 | ||
605 | static long rfcomm_sock_data_wait(struct sock *sk, long timeo) | |
606 | { | |
607 | DECLARE_WAITQUEUE(wait, current); | |
608 | ||
609 | add_wait_queue(sk->sk_sleep, &wait); | |
610 | for (;;) { | |
611 | set_current_state(TASK_INTERRUPTIBLE); | |
612 | ||
b03efcfb DM |
613 | if (!skb_queue_empty(&sk->sk_receive_queue) || |
614 | sk->sk_err || | |
615 | (sk->sk_shutdown & RCV_SHUTDOWN) || | |
616 | signal_pending(current) || | |
617 | !timeo) | |
1da177e4 LT |
618 | break; |
619 | ||
620 | set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags); | |
621 | release_sock(sk); | |
622 | timeo = schedule_timeout(timeo); | |
623 | lock_sock(sk); | |
624 | clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags); | |
625 | } | |
626 | ||
627 | __set_current_state(TASK_RUNNING); | |
628 | remove_wait_queue(sk->sk_sleep, &wait); | |
629 | return timeo; | |
630 | } | |
631 | ||
632 | static int rfcomm_sock_recvmsg(struct kiocb *iocb, struct socket *sock, | |
633 | struct msghdr *msg, size_t size, int flags) | |
634 | { | |
635 | struct sock *sk = sock->sk; | |
636 | int err = 0; | |
637 | size_t target, copied = 0; | |
638 | long timeo; | |
639 | ||
640 | if (flags & MSG_OOB) | |
641 | return -EOPNOTSUPP; | |
642 | ||
643 | msg->msg_namelen = 0; | |
644 | ||
645 | BT_DBG("sk %p size %d", sk, size); | |
646 | ||
647 | lock_sock(sk); | |
648 | ||
649 | target = sock_rcvlowat(sk, flags & MSG_WAITALL, size); | |
650 | timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT); | |
651 | ||
652 | do { | |
653 | struct sk_buff *skb; | |
654 | int chunk; | |
655 | ||
656 | skb = skb_dequeue(&sk->sk_receive_queue); | |
657 | if (!skb) { | |
658 | if (copied >= target) | |
659 | break; | |
660 | ||
661 | if ((err = sock_error(sk)) != 0) | |
662 | break; | |
663 | if (sk->sk_shutdown & RCV_SHUTDOWN) | |
664 | break; | |
665 | ||
666 | err = -EAGAIN; | |
667 | if (!timeo) | |
668 | break; | |
669 | ||
670 | timeo = rfcomm_sock_data_wait(sk, timeo); | |
671 | ||
672 | if (signal_pending(current)) { | |
673 | err = sock_intr_errno(timeo); | |
674 | goto out; | |
675 | } | |
676 | continue; | |
677 | } | |
678 | ||
679 | chunk = min_t(unsigned int, skb->len, size); | |
680 | if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) { | |
681 | skb_queue_head(&sk->sk_receive_queue, skb); | |
682 | if (!copied) | |
683 | copied = -EFAULT; | |
684 | break; | |
685 | } | |
686 | copied += chunk; | |
687 | size -= chunk; | |
688 | ||
689 | if (!(flags & MSG_PEEK)) { | |
690 | atomic_sub(chunk, &sk->sk_rmem_alloc); | |
691 | ||
692 | skb_pull(skb, chunk); | |
693 | if (skb->len) { | |
694 | skb_queue_head(&sk->sk_receive_queue, skb); | |
695 | break; | |
696 | } | |
697 | kfree_skb(skb); | |
698 | ||
699 | } else { | |
700 | /* put message back and return */ | |
701 | skb_queue_head(&sk->sk_receive_queue, skb); | |
702 | break; | |
703 | } | |
704 | } while (size); | |
705 | ||
706 | out: | |
707 | if (atomic_read(&sk->sk_rmem_alloc) <= (sk->sk_rcvbuf >> 2)) | |
708 | rfcomm_dlc_unthrottle(rfcomm_pi(sk)->dlc); | |
709 | ||
710 | release_sock(sk); | |
711 | return copied ? : err; | |
712 | } | |
713 | ||
714 | static int rfcomm_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int optlen) | |
715 | { | |
716 | struct sock *sk = sock->sk; | |
717 | int err = 0; | |
718 | u32 opt; | |
719 | ||
720 | BT_DBG("sk %p", sk); | |
721 | ||
722 | lock_sock(sk); | |
723 | ||
724 | switch (optname) { | |
725 | case RFCOMM_LM: | |
726 | if (get_user(opt, (u32 __user *) optval)) { | |
727 | err = -EFAULT; | |
728 | break; | |
729 | } | |
730 | ||
731 | rfcomm_pi(sk)->link_mode = opt; | |
732 | break; | |
733 | ||
734 | default: | |
735 | err = -ENOPROTOOPT; | |
736 | break; | |
737 | } | |
738 | ||
739 | release_sock(sk); | |
740 | return err; | |
741 | } | |
742 | ||
743 | static int rfcomm_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen) | |
744 | { | |
745 | struct sock *sk = sock->sk; | |
746 | struct sock *l2cap_sk; | |
747 | struct rfcomm_conninfo cinfo; | |
748 | int len, err = 0; | |
749 | ||
750 | BT_DBG("sk %p", sk); | |
751 | ||
752 | if (get_user(len, optlen)) | |
753 | return -EFAULT; | |
754 | ||
755 | lock_sock(sk); | |
756 | ||
757 | switch (optname) { | |
758 | case RFCOMM_LM: | |
759 | if (put_user(rfcomm_pi(sk)->link_mode, (u32 __user *) optval)) | |
760 | err = -EFAULT; | |
761 | break; | |
762 | ||
763 | case RFCOMM_CONNINFO: | |
764 | if (sk->sk_state != BT_CONNECTED) { | |
765 | err = -ENOTCONN; | |
766 | break; | |
767 | } | |
768 | ||
769 | l2cap_sk = rfcomm_pi(sk)->dlc->session->sock->sk; | |
770 | ||
771 | cinfo.hci_handle = l2cap_pi(l2cap_sk)->conn->hcon->handle; | |
772 | memcpy(cinfo.dev_class, l2cap_pi(l2cap_sk)->conn->hcon->dev_class, 3); | |
773 | ||
774 | len = min_t(unsigned int, len, sizeof(cinfo)); | |
775 | if (copy_to_user(optval, (char *) &cinfo, len)) | |
776 | err = -EFAULT; | |
777 | ||
778 | break; | |
779 | ||
780 | default: | |
781 | err = -ENOPROTOOPT; | |
782 | break; | |
783 | } | |
784 | ||
785 | release_sock(sk); | |
786 | return err; | |
787 | } | |
788 | ||
789 | static int rfcomm_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) | |
790 | { | |
791 | struct sock *sk = sock->sk; | |
792 | int err; | |
793 | ||
794 | lock_sock(sk); | |
795 | ||
796 | #ifdef CONFIG_BT_RFCOMM_TTY | |
797 | err = rfcomm_dev_ioctl(sk, cmd, (void __user *)arg); | |
798 | #else | |
799 | err = -EOPNOTSUPP; | |
800 | #endif | |
801 | ||
802 | release_sock(sk); | |
803 | return err; | |
804 | } | |
805 | ||
806 | static int rfcomm_sock_shutdown(struct socket *sock, int how) | |
807 | { | |
808 | struct sock *sk = sock->sk; | |
809 | int err = 0; | |
810 | ||
811 | BT_DBG("sock %p, sk %p", sock, sk); | |
812 | ||
813 | if (!sk) return 0; | |
814 | ||
815 | lock_sock(sk); | |
816 | if (!sk->sk_shutdown) { | |
817 | sk->sk_shutdown = SHUTDOWN_MASK; | |
818 | __rfcomm_sock_close(sk); | |
819 | ||
820 | if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) | |
821 | err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime); | |
822 | } | |
823 | release_sock(sk); | |
824 | return err; | |
825 | } | |
826 | ||
827 | static int rfcomm_sock_release(struct socket *sock) | |
828 | { | |
829 | struct sock *sk = sock->sk; | |
830 | int err; | |
831 | ||
832 | BT_DBG("sock %p, sk %p", sock, sk); | |
833 | ||
834 | if (!sk) | |
835 | return 0; | |
836 | ||
837 | err = rfcomm_sock_shutdown(sock, 2); | |
838 | ||
839 | sock_orphan(sk); | |
840 | rfcomm_sock_kill(sk); | |
841 | return err; | |
842 | } | |
843 | ||
8e87d142 | 844 | /* ---- RFCOMM core layer callbacks ---- |
1da177e4 LT |
845 | * |
846 | * called under rfcomm_lock() | |
847 | */ | |
848 | int rfcomm_connect_ind(struct rfcomm_session *s, u8 channel, struct rfcomm_dlc **d) | |
849 | { | |
850 | struct sock *sk, *parent; | |
851 | bdaddr_t src, dst; | |
852 | int result = 0; | |
853 | ||
854 | BT_DBG("session %p channel %d", s, channel); | |
855 | ||
856 | rfcomm_session_getaddr(s, &src, &dst); | |
857 | ||
858 | /* Check if we have socket listening on channel */ | |
859 | parent = rfcomm_get_sock_by_channel(BT_LISTEN, channel, &src); | |
860 | if (!parent) | |
861 | return 0; | |
862 | ||
863 | /* Check for backlog size */ | |
864 | if (sk_acceptq_is_full(parent)) { | |
8e87d142 | 865 | BT_DBG("backlog full %d", parent->sk_ack_backlog); |
1da177e4 LT |
866 | goto done; |
867 | } | |
868 | ||
3b1e0a65 | 869 | sk = rfcomm_sock_alloc(sock_net(parent), NULL, BTPROTO_RFCOMM, GFP_ATOMIC); |
1da177e4 LT |
870 | if (!sk) |
871 | goto done; | |
872 | ||
873 | rfcomm_sock_init(sk, parent); | |
874 | bacpy(&bt_sk(sk)->src, &src); | |
875 | bacpy(&bt_sk(sk)->dst, &dst); | |
876 | rfcomm_pi(sk)->channel = channel; | |
877 | ||
878 | sk->sk_state = BT_CONFIG; | |
879 | bt_accept_enqueue(parent, sk); | |
880 | ||
881 | /* Accept connection and return socket DLC */ | |
882 | *d = rfcomm_pi(sk)->dlc; | |
883 | result = 1; | |
884 | ||
885 | done: | |
886 | bh_unlock_sock(parent); | |
887 | return result; | |
888 | } | |
889 | ||
be9d1227 | 890 | static ssize_t rfcomm_sock_sysfs_show(struct class *dev, char *buf) |
1da177e4 LT |
891 | { |
892 | struct sock *sk; | |
893 | struct hlist_node *node; | |
be9d1227 | 894 | char *str = buf; |
1da177e4 LT |
895 | |
896 | read_lock_bh(&rfcomm_sk_list.lock); | |
897 | ||
be9d1227 MH |
898 | sk_for_each(sk, node, &rfcomm_sk_list.head) { |
899 | str += sprintf(str, "%s %s %d %d\n", | |
900 | batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst), | |
901 | sk->sk_state, rfcomm_pi(sk)->channel); | |
902 | } | |
1da177e4 | 903 | |
1da177e4 | 904 | read_unlock_bh(&rfcomm_sk_list.lock); |
1da177e4 | 905 | |
be9d1227 | 906 | return (str - buf); |
1da177e4 LT |
907 | } |
908 | ||
be9d1227 | 909 | static CLASS_ATTR(rfcomm, S_IRUGO, rfcomm_sock_sysfs_show, NULL); |
1da177e4 | 910 | |
90ddc4f0 | 911 | static const struct proto_ops rfcomm_sock_ops = { |
1da177e4 LT |
912 | .family = PF_BLUETOOTH, |
913 | .owner = THIS_MODULE, | |
914 | .release = rfcomm_sock_release, | |
915 | .bind = rfcomm_sock_bind, | |
916 | .connect = rfcomm_sock_connect, | |
917 | .listen = rfcomm_sock_listen, | |
918 | .accept = rfcomm_sock_accept, | |
919 | .getname = rfcomm_sock_getname, | |
920 | .sendmsg = rfcomm_sock_sendmsg, | |
921 | .recvmsg = rfcomm_sock_recvmsg, | |
922 | .shutdown = rfcomm_sock_shutdown, | |
923 | .setsockopt = rfcomm_sock_setsockopt, | |
924 | .getsockopt = rfcomm_sock_getsockopt, | |
925 | .ioctl = rfcomm_sock_ioctl, | |
926 | .poll = bt_sock_poll, | |
927 | .socketpair = sock_no_socketpair, | |
928 | .mmap = sock_no_mmap | |
929 | }; | |
930 | ||
931 | static struct net_proto_family rfcomm_sock_family_ops = { | |
932 | .family = PF_BLUETOOTH, | |
933 | .owner = THIS_MODULE, | |
934 | .create = rfcomm_sock_create | |
935 | }; | |
936 | ||
be9d1227 | 937 | int __init rfcomm_init_sockets(void) |
1da177e4 LT |
938 | { |
939 | int err; | |
940 | ||
941 | err = proto_register(&rfcomm_proto, 0); | |
942 | if (err < 0) | |
943 | return err; | |
944 | ||
945 | err = bt_sock_register(BTPROTO_RFCOMM, &rfcomm_sock_family_ops); | |
946 | if (err < 0) | |
947 | goto error; | |
948 | ||
df5c37ea MH |
949 | if (class_create_file(bt_class, &class_attr_rfcomm) < 0) |
950 | BT_ERR("Failed to create RFCOMM info file"); | |
1da177e4 LT |
951 | |
952 | BT_INFO("RFCOMM socket layer initialized"); | |
953 | ||
954 | return 0; | |
955 | ||
956 | error: | |
957 | BT_ERR("RFCOMM socket layer registration failed"); | |
958 | proto_unregister(&rfcomm_proto); | |
959 | return err; | |
960 | } | |
961 | ||
962 | void __exit rfcomm_cleanup_sockets(void) | |
963 | { | |
a91f2e39 | 964 | class_remove_file(bt_class, &class_attr_rfcomm); |
1da177e4 LT |
965 | |
966 | if (bt_sock_unregister(BTPROTO_RFCOMM) < 0) | |
967 | BT_ERR("RFCOMM socket layer unregistration failed"); | |
968 | ||
969 | proto_unregister(&rfcomm_proto); | |
970 | } |