projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
[deliverable/linux.git] / net / bluetooth / rfcomm / sock.c
CommitLineData
8e87d142 1/*
1da177e4
LT		 2 RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
9
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18
8e87d142
YH		 19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 21 SOFTWARE IS DISCLAIMED.
22*/
23
24/*
25 * RFCOMM sockets.
1da177e4
LT		 26 */
27
8c520a59 28#include <linux/export.h>
aef7d97c 29#include <linux/debugfs.h>
1da177e4
LT		 30
31#include <net/bluetooth/bluetooth.h>
32#include <net/bluetooth/hci_core.h>
33#include <net/bluetooth/l2cap.h>
34#include <net/bluetooth/rfcomm.h>
35
90ddc4f0 36static const struct proto_ops rfcomm_sock_ops;
1da177e4
LT		 37
38static struct bt_sock_list rfcomm_sk_list = {
d5fb2962 39 .lock = __RW_LOCK_UNLOCKED(rfcomm_sk_list.lock)
1da177e4
LT		 40};
41
42static void rfcomm_sock_close(struct sock *sk);
43static void rfcomm_sock_kill(struct sock *sk);
44
45/* ---- DLC callbacks ----
46 *
47 * called under rfcomm_dlc_lock()
48 */
49static void rfcomm_sk_data_ready(struct rfcomm_dlc *d, struct sk_buff *skb)
50{
51 struct sock *sk = d->owner;
52 if (!sk)
53 return;
54
55 atomic_add(skb->len, &sk->sk_rmem_alloc);
56 skb_queue_tail(&sk->sk_receive_queue, skb);
57 sk->sk_data_ready(sk, skb->len);
58
59 if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf)
60 rfcomm_dlc_throttle(d);
61}
62
63static void rfcomm_sk_state_change(struct rfcomm_dlc *d, int err)
64{
65 struct sock *sk = d->owner, *parent;
fad003b6
GP		 66 unsigned long flags;
67
1da177e4
LT		 68 if (!sk)
69 return;
70
71 BT_DBG("dlc %p state %ld err %d", d, d->state, err);
72
fad003b6 73 local_irq_save(flags);
1da177e4
LT		 74 bh_lock_sock(sk);
75
76 if (err)
77 sk->sk_err = err;
78
79 sk->sk_state = d->state;
80
81 parent = bt_sk(sk)->parent;
82 if (parent) {
83 if (d->state == BT_CLOSED) {
84 sock_set_flag(sk, SOCK_ZAPPED);
85 bt_accept_unlink(sk);
86 }
87 parent->sk_data_ready(parent, 0);
88 } else {
89 if (d->state == BT_CONNECTED)
90 rfcomm_session_getaddr(d->session, &bt_sk(sk)->src, NULL);
91 sk->sk_state_change(sk);
92 }
93
94 bh_unlock_sock(sk);
fad003b6 95 local_irq_restore(flags);
1da177e4
LT		 96
97 if (parent && sock_flag(sk, SOCK_ZAPPED)) {
98 /* We have to drop DLC lock here, otherwise
99 * rfcomm_sock_destruct() will dead lock. */
100 rfcomm_dlc_unlock(d);
101 rfcomm_sock_kill(sk);
102 rfcomm_dlc_lock(d);
103 }
104}
105
106/* ---- Socket functions ---- */
107static struct sock *__rfcomm_get_sock_by_addr(u8 channel, bdaddr_t *src)
108{
109 struct sock *sk = NULL;
110 struct hlist_node *node;
111
112 sk_for_each(sk, node, &rfcomm_sk_list.head) {
8e87d142 113 if (rfcomm_pi(sk)->channel == channel &&
1da177e4
LT		 114 !bacmp(&bt_sk(sk)->src, src))
115 break;
116 }
117
118 return node ? sk : NULL;
119}
120
121/* Find socket with channel and source bdaddr.
122 * Returns closest match.
123 */
eeb36656 124static struct sock *rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src)
1da177e4
LT		 125{
126 struct sock *sk = NULL, *sk1 = NULL;
127 struct hlist_node *node;
128
eeb36656
GP		 129 read_lock(&rfcomm_sk_list.lock);
130
1da177e4
LT		 131 sk_for_each(sk, node, &rfcomm_sk_list.head) {
132 if (state && sk->sk_state != state)
133 continue;
134
135 if (rfcomm_pi(sk)->channel == channel) {
136 /* Exact match. */
137 if (!bacmp(&bt_sk(sk)->src, src))
138 break;
139
140 /* Closest match */
141 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
142 sk1 = sk;
143 }
144 }
1da177e4 145
1da177e4 146 read_unlock(&rfcomm_sk_list.lock);
eeb36656
GP		 147
148 return node ? sk : sk1;
1da177e4
LT		 149}
150
151static void rfcomm_sock_destruct(struct sock *sk)
152{
153 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
154
155 BT_DBG("sk %p dlc %p", sk, d);
156
157 skb_queue_purge(&sk->sk_receive_queue);
158 skb_queue_purge(&sk->sk_write_queue);
159
160 rfcomm_dlc_lock(d);
161 rfcomm_pi(sk)->dlc = NULL;
162
163 /* Detach DLC if it's owned by this socket */
164 if (d->owner == sk)
165 d->owner = NULL;
166 rfcomm_dlc_unlock(d);
167
168 rfcomm_dlc_put(d);
169}
170
171static void rfcomm_sock_cleanup_listen(struct sock *parent)
172{
173 struct sock *sk;
174
175 BT_DBG("parent %p", parent);
176
177 /* Close not yet accepted dlcs */
178 while ((sk = bt_accept_dequeue(parent, NULL))) {
179 rfcomm_sock_close(sk);
180 rfcomm_sock_kill(sk);
181 }
182
183 parent->sk_state = BT_CLOSED;
184 sock_set_flag(parent, SOCK_ZAPPED);
185}
186
187/* Kill socket (only if zapped and orphan)
188 * Must be called on unlocked socket.
189 */
190static void rfcomm_sock_kill(struct sock *sk)
191{
192 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
193 return;
194
195 BT_DBG("sk %p state %d refcnt %d", sk, sk->sk_state, atomic_read(&sk->sk_refcnt));
196
197 /* Kill poor orphan */
198 bt_sock_unlink(&rfcomm_sk_list, sk);
199 sock_set_flag(sk, SOCK_DEAD);
200 sock_put(sk);
201}
202
203static void __rfcomm_sock_close(struct sock *sk)
204{
205 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
206
207 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
208
209 switch (sk->sk_state) {
210 case BT_LISTEN:
211 rfcomm_sock_cleanup_listen(sk);
212 break;
213
214 case BT_CONNECT:
215 case BT_CONNECT2:
216 case BT_CONFIG:
217 case BT_CONNECTED:
218 rfcomm_dlc_close(d, 0);
219
220 default:
221 sock_set_flag(sk, SOCK_ZAPPED);
222 break;
223 }
224}
225
226/* Close socket.
227 * Must be called on unlocked socket.
228 */
229static void rfcomm_sock_close(struct sock *sk)
230{
231 lock_sock(sk);
232 __rfcomm_sock_close(sk);
233 release_sock(sk);
234}
235
236static void rfcomm_sock_init(struct sock *sk, struct sock *parent)
237{
238 struct rfcomm_pinfo *pi = rfcomm_pi(sk);
239
240 BT_DBG("sk %p", sk);
241
242 if (parent) {
243 sk->sk_type = parent->sk_type;
c5daa683
GP		 244 pi->dlc->defer_setup = test_bit(BT_SK_DEFER_SETUP,
245 &bt_sk(parent)->flags);
9f2c8a03
MH		 246
247 pi->sec_level = rfcomm_pi(parent)->sec_level;
248 pi->role_switch = rfcomm_pi(parent)->role_switch;
6230c9b4
PM		 249
250 security_sk_clone(parent, sk);
1da177e4 251 } else {
bb23c0ab 252 pi->dlc->defer_setup = 0;
9f2c8a03
MH		 253
254 pi->sec_level = BT_SECURITY_LOW;
255 pi->role_switch = 0;
1da177e4
LT		 256 }
257
9f2c8a03
MH		 258 pi->dlc->sec_level = pi->sec_level;
259 pi->dlc->role_switch = pi->role_switch;
1da177e4
LT		 260}
261
262static struct proto rfcomm_proto = {
263 .name = "RFCOMM",
264 .owner = THIS_MODULE,
265 .obj_size = sizeof(struct rfcomm_pinfo)
266};
267
1b8d7ae4 268static struct sock *rfcomm_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
1da177e4
LT		 269{
270 struct rfcomm_dlc *d;
271 struct sock *sk;
272
6257ff21 273 sk = sk_alloc(net, PF_BLUETOOTH, prio, &rfcomm_proto);
1da177e4
LT		 274 if (!sk)
275 return NULL;
276
277 sock_init_data(sock, sk);
278 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
279
280 d = rfcomm_dlc_alloc(prio);
281 if (!d) {
282 sk_free(sk);
283 return NULL;
284 }
285
286 d->data_ready = rfcomm_sk_data_ready;
287 d->state_change = rfcomm_sk_state_change;
288
289 rfcomm_pi(sk)->dlc = d;
290 d->owner = sk;
291
292 sk->sk_destruct = rfcomm_sock_destruct;
293 sk->sk_sndtimeo = RFCOMM_CONN_TIMEOUT;
294
77db1980
MH		 295 sk->sk_sndbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10;
296 sk->sk_rcvbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10;
1da177e4
LT		 297
298 sock_reset_flag(sk, SOCK_ZAPPED);
299
300 sk->sk_protocol = proto;
77db1980 301 sk->sk_state = BT_OPEN;
1da177e4
LT		 302
303 bt_sock_link(&rfcomm_sk_list, sk);
304
305 BT_DBG("sk %p", sk);
306 return sk;
307}
308
3f378b68
EP		 309static int rfcomm_sock_create(struct net *net, struct socket *sock,
310 int protocol, int kern)
1da177e4
LT		 311{
312 struct sock *sk;
313
314 BT_DBG("sock %p", sock);
315
316 sock->state = SS_UNCONNECTED;
317
318 if (sock->type != SOCK_STREAM && sock->type != SOCK_RAW)
319 return -ESOCKTNOSUPPORT;
320
321 sock->ops = &rfcomm_sock_ops;
322
1b8d7ae4 323 sk = rfcomm_sock_alloc(net, sock, protocol, GFP_ATOMIC);
74da626a 324 if (!sk)
1da177e4
LT		 325 return -ENOMEM;
326
327 rfcomm_sock_init(sk, NULL);
328 return 0;
329}
330
331static int rfcomm_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
332{
333 struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
334 struct sock *sk = sock->sk;
335 int err = 0;
336
337 BT_DBG("sk %p %s", sk, batostr(&sa->rc_bdaddr));
338
339 if (!addr || addr->sa_family != AF_BLUETOOTH)
340 return -EINVAL;
341
342 lock_sock(sk);
343
344 if (sk->sk_state != BT_OPEN) {
345 err = -EBADFD;
346 goto done;
347 }
348
354d28d5
MH		 349 if (sk->sk_type != SOCK_STREAM) {
350 err = -EINVAL;
351 goto done;
352 }
353
95ca83f4 354 write_lock(&rfcomm_sk_list.lock);
1da177e4
LT		 355
356 if (sa->rc_channel && __rfcomm_get_sock_by_addr(sa->rc_channel, &sa->rc_bdaddr)) {
357 err = -EADDRINUSE;
358 } else {
359 /* Save source address */
360 bacpy(&bt_sk(sk)->src, &sa->rc_bdaddr);
361 rfcomm_pi(sk)->channel = sa->rc_channel;
362 sk->sk_state = BT_BOUND;
363 }
364
95ca83f4 365 write_unlock(&rfcomm_sk_list.lock);
1da177e4
LT		 366
367done:
368 release_sock(sk);
369 return err;
370}
371
372static int rfcomm_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
373{
374 struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
375 struct sock *sk = sock->sk;
376 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
377 int err = 0;
378
379 BT_DBG("sk %p", sk);
380
6503d961
CG		 381 if (alen < sizeof(struct sockaddr_rc) ||
382 addr->sa_family != AF_BLUETOOTH)
1da177e4
LT		 383 return -EINVAL;
384
354d28d5 385 lock_sock(sk);
1da177e4 386
354d28d5
MH		 387 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) {
388 err = -EBADFD;
389 goto done;
390 }
1da177e4 391
354d28d5
MH		 392 if (sk->sk_type != SOCK_STREAM) {
393 err = -EINVAL;
394 goto done;
395 }
1da177e4
LT		 396
397 sk->sk_state = BT_CONNECT;
398 bacpy(&bt_sk(sk)->dst, &sa->rc_bdaddr);
399 rfcomm_pi(sk)->channel = sa->rc_channel;
400
9f2c8a03
MH		 401 d->sec_level = rfcomm_pi(sk)->sec_level;
402 d->role_switch = rfcomm_pi(sk)->role_switch;
77db1980 403
1da177e4
LT		 404 err = rfcomm_dlc_open(d, &bt_sk(sk)->src, &sa->rc_bdaddr, sa->rc_channel);
405 if (!err)
406 err = bt_sock_wait_state(sk, BT_CONNECTED,
407 sock_sndtimeo(sk, flags & O_NONBLOCK));
408
354d28d5 409done:
1da177e4
LT		 410 release_sock(sk);
411 return err;
412}
413
414static int rfcomm_sock_listen(struct socket *sock, int backlog)
415{
416 struct sock *sk = sock->sk;
417 int err = 0;
418
419 BT_DBG("sk %p backlog %d", sk, backlog);
420
421 lock_sock(sk);
422
423 if (sk->sk_state != BT_BOUND) {
424 err = -EBADFD;
425 goto done;
426 }
427
354d28d5
MH		 428 if (sk->sk_type != SOCK_STREAM) {
429 err = -EINVAL;
430 goto done;
431 }
432
1da177e4
LT		 433 if (!rfcomm_pi(sk)->channel) {
434 bdaddr_t *src = &bt_sk(sk)->src;
435 u8 channel;
436
437 err = -EINVAL;
438
95ca83f4 439 write_lock(&rfcomm_sk_list.lock);
1da177e4
LT		 440
441 for (channel = 1; channel < 31; channel++)
442 if (!__rfcomm_get_sock_by_addr(channel, src)) {
443 rfcomm_pi(sk)->channel = channel;
444 err = 0;
445 break;
446 }
447
95ca83f4 448 write_unlock(&rfcomm_sk_list.lock);
1da177e4
LT		 449
450 if (err < 0)
451 goto done;
452 }
453
454 sk->sk_max_ack_backlog = backlog;
455 sk->sk_ack_backlog = 0;
456 sk->sk_state = BT_LISTEN;
457
458done:
459 release_sock(sk);
460 return err;
461}
462
463static int rfcomm_sock_accept(struct socket *sock, struct socket *newsock, int flags)
464{
465 DECLARE_WAITQUEUE(wait, current);
466 struct sock *sk = sock->sk, *nsk;
467 long timeo;
468 int err = 0;
469
470 lock_sock(sk);
471
354d28d5
MH		 472 if (sk->sk_type != SOCK_STREAM) {
473 err = -EINVAL;
474 goto done;
475 }
476
1da177e4
LT		 477 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
478
479 BT_DBG("sk %p timeo %ld", sk, timeo);
480
481 /* Wait for an incoming connection. (wake-one). */
aa395145 482 add_wait_queue_exclusive(sk_sleep(sk), &wait);
950e2d51 483 while (1) {
1da177e4 484 set_current_state(TASK_INTERRUPTIBLE);
950e2d51
PH		 485
486 if (sk->sk_state != BT_LISTEN) {
487 err = -EBADFD;
1da177e4
LT		 488 break;
489 }
490
950e2d51
PH		 491 nsk = bt_accept_dequeue(sk, newsock);
492 if (nsk)
493 break;
1da177e4 494
950e2d51
PH		 495 if (!timeo) {
496 err = -EAGAIN;
1da177e4
LT		 497 break;
498 }
499
500 if (signal_pending(current)) {
501 err = sock_intr_errno(timeo);
502 break;
503 }
950e2d51
PH		 504
505 release_sock(sk);
506 timeo = schedule_timeout(timeo);
507 lock_sock(sk);
1da177e4 508 }
950e2d51 509 __set_current_state(TASK_RUNNING);
aa395145 510 remove_wait_queue(sk_sleep(sk), &wait);
1da177e4
LT		 511
512 if (err)
513 goto done;
514
515 newsock->state = SS_CONNECTED;
516
517 BT_DBG("new socket %p", nsk);
518
519done:
520 release_sock(sk);
521 return err;
522}
523
524static int rfcomm_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
525{
526 struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
527 struct sock *sk = sock->sk;
528
529 BT_DBG("sock %p, sk %p", sock, sk);
530
9344a972 531 memset(sa, 0, sizeof(*sa));
1da177e4
LT		 532 sa->rc_family = AF_BLUETOOTH;
533 sa->rc_channel = rfcomm_pi(sk)->channel;
534 if (peer)
535 bacpy(&sa->rc_bdaddr, &bt_sk(sk)->dst);
536 else
537 bacpy(&sa->rc_bdaddr, &bt_sk(sk)->src);
538
539 *len = sizeof(struct sockaddr_rc);
540 return 0;
541}
542
543static int rfcomm_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
544 struct msghdr *msg, size_t len)
545{
546 struct sock *sk = sock->sk;
547 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
548 struct sk_buff *skb;
1da177e4
LT		 549 int sent = 0;
550
bb23c0ab
MH		 551 if (test_bit(RFCOMM_DEFER_SETUP, &d->flags))
552 return -ENOTCONN;
553
1da177e4
LT		 554 if (msg->msg_flags & MSG_OOB)
555 return -EOPNOTSUPP;
556
557 if (sk->sk_shutdown & SEND_SHUTDOWN)
558 return -EPIPE;
559
560 BT_DBG("sock %p, sk %p", sock, sk);
561
562 lock_sock(sk);
563
564 while (len) {
565 size_t size = min_t(size_t, len, d->mtu);
4d6a2188 566 int err;
8e87d142 567
1da177e4
LT		 568 skb = sock_alloc_send_skb(sk, size + RFCOMM_SKB_RESERVE,
569 msg->msg_flags & MSG_DONTWAIT, &err);
91aa35a5
VS		 570 if (!skb) {
571 if (sent == 0)
572 sent = err;
1da177e4 573 break;
91aa35a5 574 }
1da177e4
LT		 575 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
576
577 err = memcpy_fromiovec(skb_put(skb, size), msg->msg_iov, size);
578 if (err) {
579 kfree_skb(skb);
4d6a2188
MH		 580 if (sent == 0)
581 sent = err;
1da177e4
LT		 582 break;
583 }
584
262038fc
LAD		 585 skb->priority = sk->sk_priority;
586
1da177e4
LT		 587 err = rfcomm_dlc_send(d, skb);
588 if (err < 0) {
589 kfree_skb(skb);
4d6a2188
MH		 590 if (sent == 0)
591 sent = err;
1da177e4
LT		 592 break;
593 }
594
595 sent += size;
596 len -= size;
597 }
598
599 release_sock(sk);
600
4d6a2188 601 return sent;
1da177e4
LT		 602}
603
1da177e4
LT		 604static int rfcomm_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
605 struct msghdr *msg, size_t size, int flags)
606{
607 struct sock *sk = sock->sk;
bb23c0ab 608 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
3d7d01df 609 int len;
1da177e4 610
bb23c0ab
MH		 611 if (test_and_clear_bit(RFCOMM_DEFER_SETUP, &d->flags)) {
612 rfcomm_dlc_accept(d);
613 return 0;
614 }
615
3d7d01df 616 len = bt_sock_stream_recvmsg(iocb, sock, msg, size, flags);
1da177e4
LT		 617
618 lock_sock(sk);
3d7d01df
MM		 619 if (!(flags & MSG_PEEK) && len > 0)
620 atomic_sub(len, &sk->sk_rmem_alloc);
1da177e4 621
1da177e4
LT		 622 if (atomic_read(&sk->sk_rmem_alloc) <= (sk->sk_rcvbuf >> 2))
623 rfcomm_dlc_unthrottle(rfcomm_pi(sk)->dlc);
1da177e4 624 release_sock(sk);
3d7d01df
MM		 625
626 return len;
1da177e4
LT		 627}
628
b7058842 629static int rfcomm_sock_setsockopt_old(struct socket *sock, int optname, char __user *optval, unsigned int optlen)
1da177e4
LT		 630{
631 struct sock *sk = sock->sk;
632 int err = 0;
633 u32 opt;
634
635 BT_DBG("sk %p", sk);
636
637 lock_sock(sk);
638
639 switch (optname) {
640 case RFCOMM_LM:
641 if (get_user(opt, (u32 __user *) optval)) {
642 err = -EFAULT;
643 break;
644 }
645
9f2c8a03
MH		 646 if (opt & RFCOMM_LM_AUTH)
647 rfcomm_pi(sk)->sec_level = BT_SECURITY_LOW;
648 if (opt & RFCOMM_LM_ENCRYPT)
649 rfcomm_pi(sk)->sec_level = BT_SECURITY_MEDIUM;
650 if (opt & RFCOMM_LM_SECURE)
651 rfcomm_pi(sk)->sec_level = BT_SECURITY_HIGH;
652
653 rfcomm_pi(sk)->role_switch = (opt & RFCOMM_LM_MASTER);
1da177e4
LT		 654 break;
655
656 default:
657 err = -ENOPROTOOPT;
658 break;
659 }
660
661 release_sock(sk);
662 return err;
663}
664
b7058842 665static int rfcomm_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
d58daf42
MH		 666{
667 struct sock *sk = sock->sk;
9f2c8a03 668 struct bt_security sec;
d0fad89d
SB		 669 int err = 0;
670 size_t len;
bb23c0ab 671 u32 opt;
d58daf42
MH		 672
673 BT_DBG("sk %p", sk);
674
675 if (level == SOL_RFCOMM)
676 return rfcomm_sock_setsockopt_old(sock, optname, optval, optlen);
677
0588d94f
MH		 678 if (level != SOL_BLUETOOTH)
679 return -ENOPROTOOPT;
680
d58daf42
MH		 681 lock_sock(sk);
682
683 switch (optname) {
9f2c8a03 684 case BT_SECURITY:
0588d94f
MH		 685 if (sk->sk_type != SOCK_STREAM) {
686 err = -EINVAL;
687 break;
688 }
689
9f2c8a03
MH		 690 sec.level = BT_SECURITY_LOW;
691
692 len = min_t(unsigned int, sizeof(sec), optlen);
693 if (copy_from_user((char *) &sec, optval, len)) {
694 err = -EFAULT;
695 break;
696 }
697
698 if (sec.level > BT_SECURITY_HIGH) {
699 err = -EINVAL;
700 break;
701 }
702
703 rfcomm_pi(sk)->sec_level = sec.level;
704 break;
705
bb23c0ab
MH		 706 case BT_DEFER_SETUP:
707 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
708 err = -EINVAL;
709 break;
710 }
711
712 if (get_user(opt, (u32 __user *) optval)) {
713 err = -EFAULT;
714 break;
715 }
716
c5daa683
GP		 717 if (opt)
718 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
719 else
720 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
721
bb23c0ab
MH		 722 break;
723
d58daf42
MH		 724 default:
725 err = -ENOPROTOOPT;
726 break;
727 }
728
729 release_sock(sk);
730 return err;
731}
732
733static int rfcomm_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
1da177e4
LT		 734{
735 struct sock *sk = sock->sk;
1da177e4 736 struct rfcomm_conninfo cinfo;
8c1d787b 737 struct l2cap_conn *conn = l2cap_pi(sk)->chan->conn;
1da177e4 738 int len, err = 0;
9f2c8a03 739 u32 opt;
1da177e4
LT		 740
741 BT_DBG("sk %p", sk);
742
743 if (get_user(len, optlen))
744 return -EFAULT;
745
746 lock_sock(sk);
747
748 switch (optname) {
749 case RFCOMM_LM:
9f2c8a03
MH		 750 switch (rfcomm_pi(sk)->sec_level) {
751 case BT_SECURITY_LOW:
752 opt = RFCOMM_LM_AUTH;
753 break;
754 case BT_SECURITY_MEDIUM:
755 opt = RFCOMM_LM_AUTH | RFCOMM_LM_ENCRYPT;
756 break;
757 case BT_SECURITY_HIGH:
758 opt = RFCOMM_LM_AUTH | RFCOMM_LM_ENCRYPT |
759 RFCOMM_LM_SECURE;
760 break;
761 default:
762 opt = 0;
763 break;
764 }
765
766 if (rfcomm_pi(sk)->role_switch)
767 opt |= RFCOMM_LM_MASTER;
768
769 if (put_user(opt, (u32 __user *) optval))
1da177e4
LT		 770 err = -EFAULT;
771 break;
772
773 case RFCOMM_CONNINFO:
bb23c0ab
MH		 774 if (sk->sk_state != BT_CONNECTED &&
775 !rfcomm_pi(sk)->dlc->defer_setup) {
1da177e4
LT		 776 err = -ENOTCONN;
777 break;
778 }
779
8d03e971 780 memset(&cinfo, 0, sizeof(cinfo));
8c1d787b
GP		 781 cinfo.hci_handle = conn->hcon->handle;
782 memcpy(cinfo.dev_class, conn->hcon->dev_class, 3);
1da177e4
LT		 783
784 len = min_t(unsigned int, len, sizeof(cinfo));
785 if (copy_to_user(optval, (char *) &cinfo, len))
786 err = -EFAULT;
787
788 break;
789
790 default:
791 err = -ENOPROTOOPT;
792 break;
793 }
794
795 release_sock(sk);
d58daf42
MH		 796 return err;
797}
798
799static int rfcomm_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
800{
801 struct sock *sk = sock->sk;
9f2c8a03 802 struct bt_security sec;
d58daf42
MH		 803 int len, err = 0;
804
805 BT_DBG("sk %p", sk);
806
807 if (level == SOL_RFCOMM)
808 return rfcomm_sock_getsockopt_old(sock, optname, optval, optlen);
809
0588d94f
MH		 810 if (level != SOL_BLUETOOTH)
811 return -ENOPROTOOPT;
812
d58daf42
MH		 813 if (get_user(len, optlen))
814 return -EFAULT;
815
816 lock_sock(sk);
817
818 switch (optname) {
9f2c8a03 819 case BT_SECURITY:
0588d94f
MH		 820 if (sk->sk_type != SOCK_STREAM) {
821 err = -EINVAL;
822 break;
823 }
824
9f2c8a03 825 sec.level = rfcomm_pi(sk)->sec_level;
9ad2de43 826 sec.key_size = 0;
9f2c8a03
MH		 827
828 len = min_t(unsigned int, len, sizeof(sec));
829 if (copy_to_user(optval, (char *) &sec, len))
830 err = -EFAULT;
831
832 break;
833
bb23c0ab
MH		 834 case BT_DEFER_SETUP:
835 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
836 err = -EINVAL;
837 break;
838 }
839
c5daa683
GP		 840 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
841 (u32 __user *) optval))
bb23c0ab
MH		 842 err = -EFAULT;
843
844 break;
845
d58daf42
MH		 846 default:
847 err = -ENOPROTOOPT;
848 break;
849 }
850
851 release_sock(sk);
1da177e4
LT		 852 return err;
853}
854
855static int rfcomm_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
856{
e19caae7 857 struct sock *sk __maybe_unused = sock->sk;
1da177e4
LT		 858 int err;
859
e19caae7 860 BT_DBG("sk %p cmd %x arg %lx", sk, cmd, arg);
1da177e4 861
3241ad82 862 err = bt_sock_ioctl(sock, cmd, arg);
1da177e4 863
3241ad82 864 if (err == -ENOIOCTLCMD) {
1da177e4 865#ifdef CONFIG_BT_RFCOMM_TTY
3241ad82
MH		 866 lock_sock(sk);
867 err = rfcomm_dev_ioctl(sk, cmd, (void __user *) arg);
868 release_sock(sk);
1da177e4 869#else
3241ad82 870 err = -EOPNOTSUPP;
1da177e4 871#endif
3241ad82 872 }
1da177e4 873
1da177e4
LT		 874 return err;
875}
876
877static int rfcomm_sock_shutdown(struct socket *sock, int how)
878{
879 struct sock *sk = sock->sk;
880 int err = 0;
881
882 BT_DBG("sock %p, sk %p", sock, sk);
883
285b4e90
AE		 884 if (!sk)
885 return 0;
1da177e4
LT		 886
887 lock_sock(sk);
888 if (!sk->sk_shutdown) {
889 sk->sk_shutdown = SHUTDOWN_MASK;
890 __rfcomm_sock_close(sk);
891
892 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
893 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
894 }
895 release_sock(sk);
896 return err;
897}
898
899static int rfcomm_sock_release(struct socket *sock)
900{
901 struct sock *sk = sock->sk;
902 int err;
903
904 BT_DBG("sock %p, sk %p", sock, sk);
905
906 if (!sk)
907 return 0;
908
909 err = rfcomm_sock_shutdown(sock, 2);
910
911 sock_orphan(sk);
912 rfcomm_sock_kill(sk);
913 return err;
914}
915
8e87d142 916/* ---- RFCOMM core layer callbacks ----
1da177e4
LT		 917 *
918 * called under rfcomm_lock()
919 */
920int rfcomm_connect_ind(struct rfcomm_session *s, u8 channel, struct rfcomm_dlc **d)
921{
922 struct sock *sk, *parent;
923 bdaddr_t src, dst;
924 int result = 0;
925
926 BT_DBG("session %p channel %d", s, channel);
927
928 rfcomm_session_getaddr(s, &src, &dst);
929
930 /* Check if we have socket listening on channel */
931 parent = rfcomm_get_sock_by_channel(BT_LISTEN, channel, &src);
932 if (!parent)
933 return 0;
934
eeb36656
GP		 935 bh_lock_sock(parent);
936
1da177e4
LT		 937 /* Check for backlog size */
938 if (sk_acceptq_is_full(parent)) {
8e87d142 939 BT_DBG("backlog full %d", parent->sk_ack_backlog);
1da177e4
LT		 940 goto done;
941 }
942
3b1e0a65 943 sk = rfcomm_sock_alloc(sock_net(parent), NULL, BTPROTO_RFCOMM, GFP_ATOMIC);
1da177e4
LT		 944 if (!sk)
945 goto done;
946
b5a30dda
OP		 947 bt_sock_reclassify_lock(sk, BTPROTO_RFCOMM);
948
1da177e4
LT		 949 rfcomm_sock_init(sk, parent);
950 bacpy(&bt_sk(sk)->src, &src);
951 bacpy(&bt_sk(sk)->dst, &dst);
952 rfcomm_pi(sk)->channel = channel;
953
954 sk->sk_state = BT_CONFIG;
955 bt_accept_enqueue(parent, sk);
956
957 /* Accept connection and return socket DLC */
958 *d = rfcomm_pi(sk)->dlc;
959 result = 1;
960
961done:
962 bh_unlock_sock(parent);
bb23c0ab 963
c5daa683 964 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags))
bb23c0ab
MH		 965 parent->sk_state_change(parent);
966
1da177e4
LT		 967 return result;
968}
969
aef7d97c 970static int rfcomm_sock_debugfs_show(struct seq_file *f, void *p)
1da177e4
LT		 971{
972 struct sock *sk;
973 struct hlist_node *node;
1da177e4 974
95ca83f4 975 read_lock(&rfcomm_sk_list.lock);
1da177e4 976
be9d1227 977 sk_for_each(sk, node, &rfcomm_sk_list.head) {
aef7d97c
MH		 978 seq_printf(f, "%s %s %d %d\n",
979 batostr(&bt_sk(sk)->src),
980 batostr(&bt_sk(sk)->dst),
be9d1227
MH		 981 sk->sk_state, rfcomm_pi(sk)->channel);
982 }
1da177e4 983
95ca83f4 984 read_unlock(&rfcomm_sk_list.lock);
1da177e4 985
aef7d97c 986 return 0;
1da177e4
LT		 987}
988
aef7d97c
MH		 989static int rfcomm_sock_debugfs_open(struct inode *inode, struct file *file)
990{
991 return single_open(file, rfcomm_sock_debugfs_show, inode->i_private);
992}
993
994static const struct file_operations rfcomm_sock_debugfs_fops = {
995 .open = rfcomm_sock_debugfs_open,
996 .read = seq_read,
997 .llseek = seq_lseek,
998 .release = single_release,
999};
1000
1001static struct dentry *rfcomm_sock_debugfs;
1da177e4 1002
90ddc4f0 1003static const struct proto_ops rfcomm_sock_ops = {
1da177e4
LT		 1004 .family = PF_BLUETOOTH,
1005 .owner = THIS_MODULE,
1006 .release = rfcomm_sock_release,
1007 .bind = rfcomm_sock_bind,
1008 .connect = rfcomm_sock_connect,
1009 .listen = rfcomm_sock_listen,
1010 .accept = rfcomm_sock_accept,
1011 .getname = rfcomm_sock_getname,
1012 .sendmsg = rfcomm_sock_sendmsg,
1013 .recvmsg = rfcomm_sock_recvmsg,
1014 .shutdown = rfcomm_sock_shutdown,
1015 .setsockopt = rfcomm_sock_setsockopt,
1016 .getsockopt = rfcomm_sock_getsockopt,
1017 .ioctl = rfcomm_sock_ioctl,
1018 .poll = bt_sock_poll,
1019 .socketpair = sock_no_socketpair,
1020 .mmap = sock_no_mmap
1021};
1022
ec1b4cf7 1023static const struct net_proto_family rfcomm_sock_family_ops = {
1da177e4
LT		 1024 .family = PF_BLUETOOTH,
1025 .owner = THIS_MODULE,
1026 .create = rfcomm_sock_create
1027};
1028
be9d1227 1029int __init rfcomm_init_sockets(void)
1da177e4
LT		 1030{
1031 int err;
1032
1033 err = proto_register(&rfcomm_proto, 0);
1034 if (err < 0)
1035 return err;
1036
1037 err = bt_sock_register(BTPROTO_RFCOMM, &rfcomm_sock_family_ops);
c6f5df16
MY		 1038 if (err < 0) {
1039 BT_ERR("RFCOMM socket layer registration failed");
1040 goto error;
1041 }
1042
1043 err = bt_procfs_init(THIS_MODULE, &init_net, "rfcomm", &rfcomm_sk_list, NULL);
1044 if (err < 0) {
1045 BT_ERR("Failed to create RFCOMM proc file");
1046 bt_sock_unregister(BTPROTO_RFCOMM);
1da177e4 1047 goto error;
c6f5df16 1048 }
1da177e4 1049
aef7d97c
MH		 1050 if (bt_debugfs) {
1051 rfcomm_sock_debugfs = debugfs_create_file("rfcomm", 0444,
1052 bt_debugfs, NULL, &rfcomm_sock_debugfs_fops);
1053 if (!rfcomm_sock_debugfs)
1054 BT_ERR("Failed to create RFCOMM debug file");
1055 }
1da177e4
LT		 1056
1057 BT_INFO("RFCOMM socket layer initialized");
1058
1059 return 0;
1060
1061error:
1da177e4
LT		 1062 proto_unregister(&rfcomm_proto);
1063 return err;
1064}
1065
2f8362af 1066void __exit rfcomm_cleanup_sockets(void)
1da177e4 1067{
c6f5df16
MY		 1068 bt_procfs_cleanup(&init_net, "rfcomm");
1069
aef7d97c 1070 debugfs_remove(rfcomm_sock_debugfs);
1da177e4
LT		 1071
1072 if (bt_sock_unregister(BTPROTO_RFCOMM) < 0)
1073 BT_ERR("RFCOMM socket layer unregistration failed");
1074
1075 proto_unregister(&rfcomm_proto);
1076}
Linux kernel - Deliverables
This page took 0.637584 seconds and 5 git commands to generate.