Commit | Line | Data |
---|---|---|
8e87d142 | 1 | /* |
1da177e4 LT |
2 | RFCOMM implementation for Linux Bluetooth stack (BlueZ). |
3 | Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> | |
4 | Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org> | |
5 | ||
6 | This program is free software; you can redistribute it and/or modify | |
7 | it under the terms of the GNU General Public License version 2 as | |
8 | published by the Free Software Foundation; | |
9 | ||
10 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | |
11 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
12 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | |
13 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | |
8e87d142 YH |
14 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES |
15 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | |
16 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | |
1da177e4 LT |
17 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
18 | ||
8e87d142 YH |
19 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, |
20 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | |
1da177e4 LT |
21 | SOFTWARE IS DISCLAIMED. |
22 | */ | |
23 | ||
24 | /* | |
25 | * RFCOMM sockets. | |
1da177e4 LT |
26 | */ |
27 | ||
8c520a59 | 28 | #include <linux/export.h> |
aef7d97c | 29 | #include <linux/debugfs.h> |
1da177e4 LT |
30 | |
31 | #include <net/bluetooth/bluetooth.h> | |
32 | #include <net/bluetooth/hci_core.h> | |
33 | #include <net/bluetooth/l2cap.h> | |
34 | #include <net/bluetooth/rfcomm.h> | |
35 | ||
90ddc4f0 | 36 | static const struct proto_ops rfcomm_sock_ops; |
1da177e4 LT |
37 | |
38 | static struct bt_sock_list rfcomm_sk_list = { | |
d5fb2962 | 39 | .lock = __RW_LOCK_UNLOCKED(rfcomm_sk_list.lock) |
1da177e4 LT |
40 | }; |
41 | ||
42 | static void rfcomm_sock_close(struct sock *sk); | |
43 | static void rfcomm_sock_kill(struct sock *sk); | |
44 | ||
45 | /* ---- DLC callbacks ---- | |
46 | * | |
47 | * called under rfcomm_dlc_lock() | |
48 | */ | |
49 | static void rfcomm_sk_data_ready(struct rfcomm_dlc *d, struct sk_buff *skb) | |
50 | { | |
51 | struct sock *sk = d->owner; | |
52 | if (!sk) | |
53 | return; | |
54 | ||
55 | atomic_add(skb->len, &sk->sk_rmem_alloc); | |
56 | skb_queue_tail(&sk->sk_receive_queue, skb); | |
57 | sk->sk_data_ready(sk, skb->len); | |
58 | ||
59 | if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf) | |
60 | rfcomm_dlc_throttle(d); | |
61 | } | |
62 | ||
63 | static void rfcomm_sk_state_change(struct rfcomm_dlc *d, int err) | |
64 | { | |
65 | struct sock *sk = d->owner, *parent; | |
fad003b6 GP |
66 | unsigned long flags; |
67 | ||
1da177e4 LT |
68 | if (!sk) |
69 | return; | |
70 | ||
71 | BT_DBG("dlc %p state %ld err %d", d, d->state, err); | |
72 | ||
fad003b6 | 73 | local_irq_save(flags); |
1da177e4 LT |
74 | bh_lock_sock(sk); |
75 | ||
76 | if (err) | |
77 | sk->sk_err = err; | |
78 | ||
79 | sk->sk_state = d->state; | |
80 | ||
81 | parent = bt_sk(sk)->parent; | |
82 | if (parent) { | |
83 | if (d->state == BT_CLOSED) { | |
84 | sock_set_flag(sk, SOCK_ZAPPED); | |
85 | bt_accept_unlink(sk); | |
86 | } | |
87 | parent->sk_data_ready(parent, 0); | |
88 | } else { | |
89 | if (d->state == BT_CONNECTED) | |
90 | rfcomm_session_getaddr(d->session, &bt_sk(sk)->src, NULL); | |
91 | sk->sk_state_change(sk); | |
92 | } | |
93 | ||
94 | bh_unlock_sock(sk); | |
fad003b6 | 95 | local_irq_restore(flags); |
1da177e4 LT |
96 | |
97 | if (parent && sock_flag(sk, SOCK_ZAPPED)) { | |
98 | /* We have to drop DLC lock here, otherwise | |
99 | * rfcomm_sock_destruct() will dead lock. */ | |
100 | rfcomm_dlc_unlock(d); | |
101 | rfcomm_sock_kill(sk); | |
102 | rfcomm_dlc_lock(d); | |
103 | } | |
104 | } | |
105 | ||
106 | /* ---- Socket functions ---- */ | |
107 | static struct sock *__rfcomm_get_sock_by_addr(u8 channel, bdaddr_t *src) | |
108 | { | |
109 | struct sock *sk = NULL; | |
110 | struct hlist_node *node; | |
111 | ||
112 | sk_for_each(sk, node, &rfcomm_sk_list.head) { | |
8e87d142 | 113 | if (rfcomm_pi(sk)->channel == channel && |
1da177e4 LT |
114 | !bacmp(&bt_sk(sk)->src, src)) |
115 | break; | |
116 | } | |
117 | ||
118 | return node ? sk : NULL; | |
119 | } | |
120 | ||
121 | /* Find socket with channel and source bdaddr. | |
122 | * Returns closest match. | |
123 | */ | |
eeb36656 | 124 | static struct sock *rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src) |
1da177e4 LT |
125 | { |
126 | struct sock *sk = NULL, *sk1 = NULL; | |
127 | struct hlist_node *node; | |
128 | ||
eeb36656 GP |
129 | read_lock(&rfcomm_sk_list.lock); |
130 | ||
1da177e4 LT |
131 | sk_for_each(sk, node, &rfcomm_sk_list.head) { |
132 | if (state && sk->sk_state != state) | |
133 | continue; | |
134 | ||
135 | if (rfcomm_pi(sk)->channel == channel) { | |
136 | /* Exact match. */ | |
137 | if (!bacmp(&bt_sk(sk)->src, src)) | |
138 | break; | |
139 | ||
140 | /* Closest match */ | |
141 | if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY)) | |
142 | sk1 = sk; | |
143 | } | |
144 | } | |
1da177e4 | 145 | |
1da177e4 | 146 | read_unlock(&rfcomm_sk_list.lock); |
eeb36656 GP |
147 | |
148 | return node ? sk : sk1; | |
1da177e4 LT |
149 | } |
150 | ||
151 | static void rfcomm_sock_destruct(struct sock *sk) | |
152 | { | |
153 | struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc; | |
154 | ||
155 | BT_DBG("sk %p dlc %p", sk, d); | |
156 | ||
157 | skb_queue_purge(&sk->sk_receive_queue); | |
158 | skb_queue_purge(&sk->sk_write_queue); | |
159 | ||
160 | rfcomm_dlc_lock(d); | |
161 | rfcomm_pi(sk)->dlc = NULL; | |
162 | ||
163 | /* Detach DLC if it's owned by this socket */ | |
164 | if (d->owner == sk) | |
165 | d->owner = NULL; | |
166 | rfcomm_dlc_unlock(d); | |
167 | ||
168 | rfcomm_dlc_put(d); | |
169 | } | |
170 | ||
171 | static void rfcomm_sock_cleanup_listen(struct sock *parent) | |
172 | { | |
173 | struct sock *sk; | |
174 | ||
175 | BT_DBG("parent %p", parent); | |
176 | ||
177 | /* Close not yet accepted dlcs */ | |
178 | while ((sk = bt_accept_dequeue(parent, NULL))) { | |
179 | rfcomm_sock_close(sk); | |
180 | rfcomm_sock_kill(sk); | |
181 | } | |
182 | ||
183 | parent->sk_state = BT_CLOSED; | |
184 | sock_set_flag(parent, SOCK_ZAPPED); | |
185 | } | |
186 | ||
187 | /* Kill socket (only if zapped and orphan) | |
188 | * Must be called on unlocked socket. | |
189 | */ | |
190 | static void rfcomm_sock_kill(struct sock *sk) | |
191 | { | |
192 | if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket) | |
193 | return; | |
194 | ||
195 | BT_DBG("sk %p state %d refcnt %d", sk, sk->sk_state, atomic_read(&sk->sk_refcnt)); | |
196 | ||
197 | /* Kill poor orphan */ | |
198 | bt_sock_unlink(&rfcomm_sk_list, sk); | |
199 | sock_set_flag(sk, SOCK_DEAD); | |
200 | sock_put(sk); | |
201 | } | |
202 | ||
203 | static void __rfcomm_sock_close(struct sock *sk) | |
204 | { | |
205 | struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc; | |
206 | ||
207 | BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket); | |
208 | ||
209 | switch (sk->sk_state) { | |
210 | case BT_LISTEN: | |
211 | rfcomm_sock_cleanup_listen(sk); | |
212 | break; | |
213 | ||
214 | case BT_CONNECT: | |
215 | case BT_CONNECT2: | |
216 | case BT_CONFIG: | |
217 | case BT_CONNECTED: | |
218 | rfcomm_dlc_close(d, 0); | |
219 | ||
220 | default: | |
221 | sock_set_flag(sk, SOCK_ZAPPED); | |
222 | break; | |
223 | } | |
224 | } | |
225 | ||
226 | /* Close socket. | |
227 | * Must be called on unlocked socket. | |
228 | */ | |
229 | static void rfcomm_sock_close(struct sock *sk) | |
230 | { | |
231 | lock_sock(sk); | |
232 | __rfcomm_sock_close(sk); | |
233 | release_sock(sk); | |
234 | } | |
235 | ||
236 | static void rfcomm_sock_init(struct sock *sk, struct sock *parent) | |
237 | { | |
238 | struct rfcomm_pinfo *pi = rfcomm_pi(sk); | |
239 | ||
240 | BT_DBG("sk %p", sk); | |
241 | ||
242 | if (parent) { | |
243 | sk->sk_type = parent->sk_type; | |
c5daa683 GP |
244 | pi->dlc->defer_setup = test_bit(BT_SK_DEFER_SETUP, |
245 | &bt_sk(parent)->flags); | |
9f2c8a03 MH |
246 | |
247 | pi->sec_level = rfcomm_pi(parent)->sec_level; | |
248 | pi->role_switch = rfcomm_pi(parent)->role_switch; | |
6230c9b4 PM |
249 | |
250 | security_sk_clone(parent, sk); | |
1da177e4 | 251 | } else { |
bb23c0ab | 252 | pi->dlc->defer_setup = 0; |
9f2c8a03 MH |
253 | |
254 | pi->sec_level = BT_SECURITY_LOW; | |
255 | pi->role_switch = 0; | |
1da177e4 LT |
256 | } |
257 | ||
9f2c8a03 MH |
258 | pi->dlc->sec_level = pi->sec_level; |
259 | pi->dlc->role_switch = pi->role_switch; | |
1da177e4 LT |
260 | } |
261 | ||
262 | static struct proto rfcomm_proto = { | |
263 | .name = "RFCOMM", | |
264 | .owner = THIS_MODULE, | |
265 | .obj_size = sizeof(struct rfcomm_pinfo) | |
266 | }; | |
267 | ||
1b8d7ae4 | 268 | static struct sock *rfcomm_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio) |
1da177e4 LT |
269 | { |
270 | struct rfcomm_dlc *d; | |
271 | struct sock *sk; | |
272 | ||
6257ff21 | 273 | sk = sk_alloc(net, PF_BLUETOOTH, prio, &rfcomm_proto); |
1da177e4 LT |
274 | if (!sk) |
275 | return NULL; | |
276 | ||
277 | sock_init_data(sock, sk); | |
278 | INIT_LIST_HEAD(&bt_sk(sk)->accept_q); | |
279 | ||
280 | d = rfcomm_dlc_alloc(prio); | |
281 | if (!d) { | |
282 | sk_free(sk); | |
283 | return NULL; | |
284 | } | |
285 | ||
286 | d->data_ready = rfcomm_sk_data_ready; | |
287 | d->state_change = rfcomm_sk_state_change; | |
288 | ||
289 | rfcomm_pi(sk)->dlc = d; | |
290 | d->owner = sk; | |
291 | ||
292 | sk->sk_destruct = rfcomm_sock_destruct; | |
293 | sk->sk_sndtimeo = RFCOMM_CONN_TIMEOUT; | |
294 | ||
77db1980 MH |
295 | sk->sk_sndbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10; |
296 | sk->sk_rcvbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10; | |
1da177e4 LT |
297 | |
298 | sock_reset_flag(sk, SOCK_ZAPPED); | |
299 | ||
300 | sk->sk_protocol = proto; | |
77db1980 | 301 | sk->sk_state = BT_OPEN; |
1da177e4 LT |
302 | |
303 | bt_sock_link(&rfcomm_sk_list, sk); | |
304 | ||
305 | BT_DBG("sk %p", sk); | |
306 | return sk; | |
307 | } | |
308 | ||
3f378b68 EP |
309 | static int rfcomm_sock_create(struct net *net, struct socket *sock, |
310 | int protocol, int kern) | |
1da177e4 LT |
311 | { |
312 | struct sock *sk; | |
313 | ||
314 | BT_DBG("sock %p", sock); | |
315 | ||
316 | sock->state = SS_UNCONNECTED; | |
317 | ||
318 | if (sock->type != SOCK_STREAM && sock->type != SOCK_RAW) | |
319 | return -ESOCKTNOSUPPORT; | |
320 | ||
321 | sock->ops = &rfcomm_sock_ops; | |
322 | ||
1b8d7ae4 | 323 | sk = rfcomm_sock_alloc(net, sock, protocol, GFP_ATOMIC); |
74da626a | 324 | if (!sk) |
1da177e4 LT |
325 | return -ENOMEM; |
326 | ||
327 | rfcomm_sock_init(sk, NULL); | |
328 | return 0; | |
329 | } | |
330 | ||
331 | static int rfcomm_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len) | |
332 | { | |
333 | struct sockaddr_rc *sa = (struct sockaddr_rc *) addr; | |
334 | struct sock *sk = sock->sk; | |
335 | int err = 0; | |
336 | ||
337 | BT_DBG("sk %p %s", sk, batostr(&sa->rc_bdaddr)); | |
338 | ||
339 | if (!addr || addr->sa_family != AF_BLUETOOTH) | |
340 | return -EINVAL; | |
341 | ||
342 | lock_sock(sk); | |
343 | ||
344 | if (sk->sk_state != BT_OPEN) { | |
345 | err = -EBADFD; | |
346 | goto done; | |
347 | } | |
348 | ||
354d28d5 MH |
349 | if (sk->sk_type != SOCK_STREAM) { |
350 | err = -EINVAL; | |
351 | goto done; | |
352 | } | |
353 | ||
95ca83f4 | 354 | write_lock(&rfcomm_sk_list.lock); |
1da177e4 LT |
355 | |
356 | if (sa->rc_channel && __rfcomm_get_sock_by_addr(sa->rc_channel, &sa->rc_bdaddr)) { | |
357 | err = -EADDRINUSE; | |
358 | } else { | |
359 | /* Save source address */ | |
360 | bacpy(&bt_sk(sk)->src, &sa->rc_bdaddr); | |
361 | rfcomm_pi(sk)->channel = sa->rc_channel; | |
362 | sk->sk_state = BT_BOUND; | |
363 | } | |
364 | ||
95ca83f4 | 365 | write_unlock(&rfcomm_sk_list.lock); |
1da177e4 LT |
366 | |
367 | done: | |
368 | release_sock(sk); | |
369 | return err; | |
370 | } | |
371 | ||
372 | static int rfcomm_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags) | |
373 | { | |
374 | struct sockaddr_rc *sa = (struct sockaddr_rc *) addr; | |
375 | struct sock *sk = sock->sk; | |
376 | struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc; | |
377 | int err = 0; | |
378 | ||
379 | BT_DBG("sk %p", sk); | |
380 | ||
6503d961 CG |
381 | if (alen < sizeof(struct sockaddr_rc) || |
382 | addr->sa_family != AF_BLUETOOTH) | |
1da177e4 LT |
383 | return -EINVAL; |
384 | ||
354d28d5 | 385 | lock_sock(sk); |
1da177e4 | 386 | |
354d28d5 MH |
387 | if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) { |
388 | err = -EBADFD; | |
389 | goto done; | |
390 | } | |
1da177e4 | 391 | |
354d28d5 MH |
392 | if (sk->sk_type != SOCK_STREAM) { |
393 | err = -EINVAL; | |
394 | goto done; | |
395 | } | |
1da177e4 LT |
396 | |
397 | sk->sk_state = BT_CONNECT; | |
398 | bacpy(&bt_sk(sk)->dst, &sa->rc_bdaddr); | |
399 | rfcomm_pi(sk)->channel = sa->rc_channel; | |
400 | ||
9f2c8a03 MH |
401 | d->sec_level = rfcomm_pi(sk)->sec_level; |
402 | d->role_switch = rfcomm_pi(sk)->role_switch; | |
77db1980 | 403 | |
1da177e4 LT |
404 | err = rfcomm_dlc_open(d, &bt_sk(sk)->src, &sa->rc_bdaddr, sa->rc_channel); |
405 | if (!err) | |
406 | err = bt_sock_wait_state(sk, BT_CONNECTED, | |
407 | sock_sndtimeo(sk, flags & O_NONBLOCK)); | |
408 | ||
354d28d5 | 409 | done: |
1da177e4 LT |
410 | release_sock(sk); |
411 | return err; | |
412 | } | |
413 | ||
414 | static int rfcomm_sock_listen(struct socket *sock, int backlog) | |
415 | { | |
416 | struct sock *sk = sock->sk; | |
417 | int err = 0; | |
418 | ||
419 | BT_DBG("sk %p backlog %d", sk, backlog); | |
420 | ||
421 | lock_sock(sk); | |
422 | ||
423 | if (sk->sk_state != BT_BOUND) { | |
424 | err = -EBADFD; | |
425 | goto done; | |
426 | } | |
427 | ||
354d28d5 MH |
428 | if (sk->sk_type != SOCK_STREAM) { |
429 | err = -EINVAL; | |
430 | goto done; | |
431 | } | |
432 | ||
1da177e4 LT |
433 | if (!rfcomm_pi(sk)->channel) { |
434 | bdaddr_t *src = &bt_sk(sk)->src; | |
435 | u8 channel; | |
436 | ||
437 | err = -EINVAL; | |
438 | ||
95ca83f4 | 439 | write_lock(&rfcomm_sk_list.lock); |
1da177e4 LT |
440 | |
441 | for (channel = 1; channel < 31; channel++) | |
442 | if (!__rfcomm_get_sock_by_addr(channel, src)) { | |
443 | rfcomm_pi(sk)->channel = channel; | |
444 | err = 0; | |
445 | break; | |
446 | } | |
447 | ||
95ca83f4 | 448 | write_unlock(&rfcomm_sk_list.lock); |
1da177e4 LT |
449 | |
450 | if (err < 0) | |
451 | goto done; | |
452 | } | |
453 | ||
454 | sk->sk_max_ack_backlog = backlog; | |
455 | sk->sk_ack_backlog = 0; | |
456 | sk->sk_state = BT_LISTEN; | |
457 | ||
458 | done: | |
459 | release_sock(sk); | |
460 | return err; | |
461 | } | |
462 | ||
463 | static int rfcomm_sock_accept(struct socket *sock, struct socket *newsock, int flags) | |
464 | { | |
465 | DECLARE_WAITQUEUE(wait, current); | |
466 | struct sock *sk = sock->sk, *nsk; | |
467 | long timeo; | |
468 | int err = 0; | |
469 | ||
470 | lock_sock(sk); | |
471 | ||
354d28d5 MH |
472 | if (sk->sk_type != SOCK_STREAM) { |
473 | err = -EINVAL; | |
474 | goto done; | |
475 | } | |
476 | ||
1da177e4 LT |
477 | timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK); |
478 | ||
479 | BT_DBG("sk %p timeo %ld", sk, timeo); | |
480 | ||
481 | /* Wait for an incoming connection. (wake-one). */ | |
aa395145 | 482 | add_wait_queue_exclusive(sk_sleep(sk), &wait); |
950e2d51 | 483 | while (1) { |
1da177e4 | 484 | set_current_state(TASK_INTERRUPTIBLE); |
950e2d51 PH |
485 | |
486 | if (sk->sk_state != BT_LISTEN) { | |
487 | err = -EBADFD; | |
1da177e4 LT |
488 | break; |
489 | } | |
490 | ||
950e2d51 PH |
491 | nsk = bt_accept_dequeue(sk, newsock); |
492 | if (nsk) | |
493 | break; | |
1da177e4 | 494 | |
950e2d51 PH |
495 | if (!timeo) { |
496 | err = -EAGAIN; | |
1da177e4 LT |
497 | break; |
498 | } | |
499 | ||
500 | if (signal_pending(current)) { | |
501 | err = sock_intr_errno(timeo); | |
502 | break; | |
503 | } | |
950e2d51 PH |
504 | |
505 | release_sock(sk); | |
506 | timeo = schedule_timeout(timeo); | |
507 | lock_sock(sk); | |
1da177e4 | 508 | } |
950e2d51 | 509 | __set_current_state(TASK_RUNNING); |
aa395145 | 510 | remove_wait_queue(sk_sleep(sk), &wait); |
1da177e4 LT |
511 | |
512 | if (err) | |
513 | goto done; | |
514 | ||
515 | newsock->state = SS_CONNECTED; | |
516 | ||
517 | BT_DBG("new socket %p", nsk); | |
518 | ||
519 | done: | |
520 | release_sock(sk); | |
521 | return err; | |
522 | } | |
523 | ||
524 | static int rfcomm_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer) | |
525 | { | |
526 | struct sockaddr_rc *sa = (struct sockaddr_rc *) addr; | |
527 | struct sock *sk = sock->sk; | |
528 | ||
529 | BT_DBG("sock %p, sk %p", sock, sk); | |
530 | ||
9344a972 | 531 | memset(sa, 0, sizeof(*sa)); |
1da177e4 LT |
532 | sa->rc_family = AF_BLUETOOTH; |
533 | sa->rc_channel = rfcomm_pi(sk)->channel; | |
534 | if (peer) | |
535 | bacpy(&sa->rc_bdaddr, &bt_sk(sk)->dst); | |
536 | else | |
537 | bacpy(&sa->rc_bdaddr, &bt_sk(sk)->src); | |
538 | ||
539 | *len = sizeof(struct sockaddr_rc); | |
540 | return 0; | |
541 | } | |
542 | ||
543 | static int rfcomm_sock_sendmsg(struct kiocb *iocb, struct socket *sock, | |
544 | struct msghdr *msg, size_t len) | |
545 | { | |
546 | struct sock *sk = sock->sk; | |
547 | struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc; | |
548 | struct sk_buff *skb; | |
1da177e4 LT |
549 | int sent = 0; |
550 | ||
bb23c0ab MH |
551 | if (test_bit(RFCOMM_DEFER_SETUP, &d->flags)) |
552 | return -ENOTCONN; | |
553 | ||
1da177e4 LT |
554 | if (msg->msg_flags & MSG_OOB) |
555 | return -EOPNOTSUPP; | |
556 | ||
557 | if (sk->sk_shutdown & SEND_SHUTDOWN) | |
558 | return -EPIPE; | |
559 | ||
560 | BT_DBG("sock %p, sk %p", sock, sk); | |
561 | ||
562 | lock_sock(sk); | |
563 | ||
564 | while (len) { | |
565 | size_t size = min_t(size_t, len, d->mtu); | |
4d6a2188 | 566 | int err; |
8e87d142 | 567 | |
1da177e4 LT |
568 | skb = sock_alloc_send_skb(sk, size + RFCOMM_SKB_RESERVE, |
569 | msg->msg_flags & MSG_DONTWAIT, &err); | |
91aa35a5 VS |
570 | if (!skb) { |
571 | if (sent == 0) | |
572 | sent = err; | |
1da177e4 | 573 | break; |
91aa35a5 | 574 | } |
1da177e4 LT |
575 | skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE); |
576 | ||
577 | err = memcpy_fromiovec(skb_put(skb, size), msg->msg_iov, size); | |
578 | if (err) { | |
579 | kfree_skb(skb); | |
4d6a2188 MH |
580 | if (sent == 0) |
581 | sent = err; | |
1da177e4 LT |
582 | break; |
583 | } | |
584 | ||
262038fc LAD |
585 | skb->priority = sk->sk_priority; |
586 | ||
1da177e4 LT |
587 | err = rfcomm_dlc_send(d, skb); |
588 | if (err < 0) { | |
589 | kfree_skb(skb); | |
4d6a2188 MH |
590 | if (sent == 0) |
591 | sent = err; | |
1da177e4 LT |
592 | break; |
593 | } | |
594 | ||
595 | sent += size; | |
596 | len -= size; | |
597 | } | |
598 | ||
599 | release_sock(sk); | |
600 | ||
4d6a2188 | 601 | return sent; |
1da177e4 LT |
602 | } |
603 | ||
1da177e4 LT |
604 | static int rfcomm_sock_recvmsg(struct kiocb *iocb, struct socket *sock, |
605 | struct msghdr *msg, size_t size, int flags) | |
606 | { | |
607 | struct sock *sk = sock->sk; | |
bb23c0ab | 608 | struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc; |
3d7d01df | 609 | int len; |
1da177e4 | 610 | |
bb23c0ab MH |
611 | if (test_and_clear_bit(RFCOMM_DEFER_SETUP, &d->flags)) { |
612 | rfcomm_dlc_accept(d); | |
613 | return 0; | |
614 | } | |
615 | ||
3d7d01df | 616 | len = bt_sock_stream_recvmsg(iocb, sock, msg, size, flags); |
1da177e4 LT |
617 | |
618 | lock_sock(sk); | |
3d7d01df MM |
619 | if (!(flags & MSG_PEEK) && len > 0) |
620 | atomic_sub(len, &sk->sk_rmem_alloc); | |
1da177e4 | 621 | |
1da177e4 LT |
622 | if (atomic_read(&sk->sk_rmem_alloc) <= (sk->sk_rcvbuf >> 2)) |
623 | rfcomm_dlc_unthrottle(rfcomm_pi(sk)->dlc); | |
1da177e4 | 624 | release_sock(sk); |
3d7d01df MM |
625 | |
626 | return len; | |
1da177e4 LT |
627 | } |
628 | ||
b7058842 | 629 | static int rfcomm_sock_setsockopt_old(struct socket *sock, int optname, char __user *optval, unsigned int optlen) |
1da177e4 LT |
630 | { |
631 | struct sock *sk = sock->sk; | |
632 | int err = 0; | |
633 | u32 opt; | |
634 | ||
635 | BT_DBG("sk %p", sk); | |
636 | ||
637 | lock_sock(sk); | |
638 | ||
639 | switch (optname) { | |
640 | case RFCOMM_LM: | |
641 | if (get_user(opt, (u32 __user *) optval)) { | |
642 | err = -EFAULT; | |
643 | break; | |
644 | } | |
645 | ||
9f2c8a03 MH |
646 | if (opt & RFCOMM_LM_AUTH) |
647 | rfcomm_pi(sk)->sec_level = BT_SECURITY_LOW; | |
648 | if (opt & RFCOMM_LM_ENCRYPT) | |
649 | rfcomm_pi(sk)->sec_level = BT_SECURITY_MEDIUM; | |
650 | if (opt & RFCOMM_LM_SECURE) | |
651 | rfcomm_pi(sk)->sec_level = BT_SECURITY_HIGH; | |
652 | ||
653 | rfcomm_pi(sk)->role_switch = (opt & RFCOMM_LM_MASTER); | |
1da177e4 LT |
654 | break; |
655 | ||
656 | default: | |
657 | err = -ENOPROTOOPT; | |
658 | break; | |
659 | } | |
660 | ||
661 | release_sock(sk); | |
662 | return err; | |
663 | } | |
664 | ||
b7058842 | 665 | static int rfcomm_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen) |
d58daf42 MH |
666 | { |
667 | struct sock *sk = sock->sk; | |
9f2c8a03 | 668 | struct bt_security sec; |
d0fad89d SB |
669 | int err = 0; |
670 | size_t len; | |
bb23c0ab | 671 | u32 opt; |
d58daf42 MH |
672 | |
673 | BT_DBG("sk %p", sk); | |
674 | ||
675 | if (level == SOL_RFCOMM) | |
676 | return rfcomm_sock_setsockopt_old(sock, optname, optval, optlen); | |
677 | ||
0588d94f MH |
678 | if (level != SOL_BLUETOOTH) |
679 | return -ENOPROTOOPT; | |
680 | ||
d58daf42 MH |
681 | lock_sock(sk); |
682 | ||
683 | switch (optname) { | |
9f2c8a03 | 684 | case BT_SECURITY: |
0588d94f MH |
685 | if (sk->sk_type != SOCK_STREAM) { |
686 | err = -EINVAL; | |
687 | break; | |
688 | } | |
689 | ||
9f2c8a03 MH |
690 | sec.level = BT_SECURITY_LOW; |
691 | ||
692 | len = min_t(unsigned int, sizeof(sec), optlen); | |
693 | if (copy_from_user((char *) &sec, optval, len)) { | |
694 | err = -EFAULT; | |
695 | break; | |
696 | } | |
697 | ||
698 | if (sec.level > BT_SECURITY_HIGH) { | |
699 | err = -EINVAL; | |
700 | break; | |
701 | } | |
702 | ||
703 | rfcomm_pi(sk)->sec_level = sec.level; | |
704 | break; | |
705 | ||
bb23c0ab MH |
706 | case BT_DEFER_SETUP: |
707 | if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) { | |
708 | err = -EINVAL; | |
709 | break; | |
710 | } | |
711 | ||
712 | if (get_user(opt, (u32 __user *) optval)) { | |
713 | err = -EFAULT; | |
714 | break; | |
715 | } | |
716 | ||
c5daa683 GP |
717 | if (opt) |
718 | set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags); | |
719 | else | |
720 | clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags); | |
721 | ||
bb23c0ab MH |
722 | break; |
723 | ||
d58daf42 MH |
724 | default: |
725 | err = -ENOPROTOOPT; | |
726 | break; | |
727 | } | |
728 | ||
729 | release_sock(sk); | |
730 | return err; | |
731 | } | |
732 | ||
733 | static int rfcomm_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen) | |
1da177e4 LT |
734 | { |
735 | struct sock *sk = sock->sk; | |
1da177e4 | 736 | struct rfcomm_conninfo cinfo; |
8c1d787b | 737 | struct l2cap_conn *conn = l2cap_pi(sk)->chan->conn; |
1da177e4 | 738 | int len, err = 0; |
9f2c8a03 | 739 | u32 opt; |
1da177e4 LT |
740 | |
741 | BT_DBG("sk %p", sk); | |
742 | ||
743 | if (get_user(len, optlen)) | |
744 | return -EFAULT; | |
745 | ||
746 | lock_sock(sk); | |
747 | ||
748 | switch (optname) { | |
749 | case RFCOMM_LM: | |
9f2c8a03 MH |
750 | switch (rfcomm_pi(sk)->sec_level) { |
751 | case BT_SECURITY_LOW: | |
752 | opt = RFCOMM_LM_AUTH; | |
753 | break; | |
754 | case BT_SECURITY_MEDIUM: | |
755 | opt = RFCOMM_LM_AUTH | RFCOMM_LM_ENCRYPT; | |
756 | break; | |
757 | case BT_SECURITY_HIGH: | |
758 | opt = RFCOMM_LM_AUTH | RFCOMM_LM_ENCRYPT | | |
759 | RFCOMM_LM_SECURE; | |
760 | break; | |
761 | default: | |
762 | opt = 0; | |
763 | break; | |
764 | } | |
765 | ||
766 | if (rfcomm_pi(sk)->role_switch) | |
767 | opt |= RFCOMM_LM_MASTER; | |
768 | ||
769 | if (put_user(opt, (u32 __user *) optval)) | |
1da177e4 LT |
770 | err = -EFAULT; |
771 | break; | |
772 | ||
773 | case RFCOMM_CONNINFO: | |
bb23c0ab MH |
774 | if (sk->sk_state != BT_CONNECTED && |
775 | !rfcomm_pi(sk)->dlc->defer_setup) { | |
1da177e4 LT |
776 | err = -ENOTCONN; |
777 | break; | |
778 | } | |
779 | ||
8d03e971 | 780 | memset(&cinfo, 0, sizeof(cinfo)); |
8c1d787b GP |
781 | cinfo.hci_handle = conn->hcon->handle; |
782 | memcpy(cinfo.dev_class, conn->hcon->dev_class, 3); | |
1da177e4 LT |
783 | |
784 | len = min_t(unsigned int, len, sizeof(cinfo)); | |
785 | if (copy_to_user(optval, (char *) &cinfo, len)) | |
786 | err = -EFAULT; | |
787 | ||
788 | break; | |
789 | ||
790 | default: | |
791 | err = -ENOPROTOOPT; | |
792 | break; | |
793 | } | |
794 | ||
795 | release_sock(sk); | |
d58daf42 MH |
796 | return err; |
797 | } | |
798 | ||
799 | static int rfcomm_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen) | |
800 | { | |
801 | struct sock *sk = sock->sk; | |
9f2c8a03 | 802 | struct bt_security sec; |
d58daf42 MH |
803 | int len, err = 0; |
804 | ||
805 | BT_DBG("sk %p", sk); | |
806 | ||
807 | if (level == SOL_RFCOMM) | |
808 | return rfcomm_sock_getsockopt_old(sock, optname, optval, optlen); | |
809 | ||
0588d94f MH |
810 | if (level != SOL_BLUETOOTH) |
811 | return -ENOPROTOOPT; | |
812 | ||
d58daf42 MH |
813 | if (get_user(len, optlen)) |
814 | return -EFAULT; | |
815 | ||
816 | lock_sock(sk); | |
817 | ||
818 | switch (optname) { | |
9f2c8a03 | 819 | case BT_SECURITY: |
0588d94f MH |
820 | if (sk->sk_type != SOCK_STREAM) { |
821 | err = -EINVAL; | |
822 | break; | |
823 | } | |
824 | ||
9f2c8a03 | 825 | sec.level = rfcomm_pi(sk)->sec_level; |
9ad2de43 | 826 | sec.key_size = 0; |
9f2c8a03 MH |
827 | |
828 | len = min_t(unsigned int, len, sizeof(sec)); | |
829 | if (copy_to_user(optval, (char *) &sec, len)) | |
830 | err = -EFAULT; | |
831 | ||
832 | break; | |
833 | ||
bb23c0ab MH |
834 | case BT_DEFER_SETUP: |
835 | if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) { | |
836 | err = -EINVAL; | |
837 | break; | |
838 | } | |
839 | ||
c5daa683 GP |
840 | if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags), |
841 | (u32 __user *) optval)) | |
bb23c0ab MH |
842 | err = -EFAULT; |
843 | ||
844 | break; | |
845 | ||
d58daf42 MH |
846 | default: |
847 | err = -ENOPROTOOPT; | |
848 | break; | |
849 | } | |
850 | ||
851 | release_sock(sk); | |
1da177e4 LT |
852 | return err; |
853 | } | |
854 | ||
855 | static int rfcomm_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) | |
856 | { | |
e19caae7 | 857 | struct sock *sk __maybe_unused = sock->sk; |
1da177e4 LT |
858 | int err; |
859 | ||
e19caae7 | 860 | BT_DBG("sk %p cmd %x arg %lx", sk, cmd, arg); |
1da177e4 | 861 | |
3241ad82 | 862 | err = bt_sock_ioctl(sock, cmd, arg); |
1da177e4 | 863 | |
3241ad82 | 864 | if (err == -ENOIOCTLCMD) { |
1da177e4 | 865 | #ifdef CONFIG_BT_RFCOMM_TTY |
3241ad82 MH |
866 | lock_sock(sk); |
867 | err = rfcomm_dev_ioctl(sk, cmd, (void __user *) arg); | |
868 | release_sock(sk); | |
1da177e4 | 869 | #else |
3241ad82 | 870 | err = -EOPNOTSUPP; |
1da177e4 | 871 | #endif |
3241ad82 | 872 | } |
1da177e4 | 873 | |
1da177e4 LT |
874 | return err; |
875 | } | |
876 | ||
877 | static int rfcomm_sock_shutdown(struct socket *sock, int how) | |
878 | { | |
879 | struct sock *sk = sock->sk; | |
880 | int err = 0; | |
881 | ||
882 | BT_DBG("sock %p, sk %p", sock, sk); | |
883 | ||
285b4e90 AE |
884 | if (!sk) |
885 | return 0; | |
1da177e4 LT |
886 | |
887 | lock_sock(sk); | |
888 | if (!sk->sk_shutdown) { | |
889 | sk->sk_shutdown = SHUTDOWN_MASK; | |
890 | __rfcomm_sock_close(sk); | |
891 | ||
892 | if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) | |
893 | err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime); | |
894 | } | |
895 | release_sock(sk); | |
896 | return err; | |
897 | } | |
898 | ||
899 | static int rfcomm_sock_release(struct socket *sock) | |
900 | { | |
901 | struct sock *sk = sock->sk; | |
902 | int err; | |
903 | ||
904 | BT_DBG("sock %p, sk %p", sock, sk); | |
905 | ||
906 | if (!sk) | |
907 | return 0; | |
908 | ||
909 | err = rfcomm_sock_shutdown(sock, 2); | |
910 | ||
911 | sock_orphan(sk); | |
912 | rfcomm_sock_kill(sk); | |
913 | return err; | |
914 | } | |
915 | ||
8e87d142 | 916 | /* ---- RFCOMM core layer callbacks ---- |
1da177e4 LT |
917 | * |
918 | * called under rfcomm_lock() | |
919 | */ | |
920 | int rfcomm_connect_ind(struct rfcomm_session *s, u8 channel, struct rfcomm_dlc **d) | |
921 | { | |
922 | struct sock *sk, *parent; | |
923 | bdaddr_t src, dst; | |
924 | int result = 0; | |
925 | ||
926 | BT_DBG("session %p channel %d", s, channel); | |
927 | ||
928 | rfcomm_session_getaddr(s, &src, &dst); | |
929 | ||
930 | /* Check if we have socket listening on channel */ | |
931 | parent = rfcomm_get_sock_by_channel(BT_LISTEN, channel, &src); | |
932 | if (!parent) | |
933 | return 0; | |
934 | ||
eeb36656 GP |
935 | bh_lock_sock(parent); |
936 | ||
1da177e4 LT |
937 | /* Check for backlog size */ |
938 | if (sk_acceptq_is_full(parent)) { | |
8e87d142 | 939 | BT_DBG("backlog full %d", parent->sk_ack_backlog); |
1da177e4 LT |
940 | goto done; |
941 | } | |
942 | ||
3b1e0a65 | 943 | sk = rfcomm_sock_alloc(sock_net(parent), NULL, BTPROTO_RFCOMM, GFP_ATOMIC); |
1da177e4 LT |
944 | if (!sk) |
945 | goto done; | |
946 | ||
b5a30dda OP |
947 | bt_sock_reclassify_lock(sk, BTPROTO_RFCOMM); |
948 | ||
1da177e4 LT |
949 | rfcomm_sock_init(sk, parent); |
950 | bacpy(&bt_sk(sk)->src, &src); | |
951 | bacpy(&bt_sk(sk)->dst, &dst); | |
952 | rfcomm_pi(sk)->channel = channel; | |
953 | ||
954 | sk->sk_state = BT_CONFIG; | |
955 | bt_accept_enqueue(parent, sk); | |
956 | ||
957 | /* Accept connection and return socket DLC */ | |
958 | *d = rfcomm_pi(sk)->dlc; | |
959 | result = 1; | |
960 | ||
961 | done: | |
962 | bh_unlock_sock(parent); | |
bb23c0ab | 963 | |
c5daa683 | 964 | if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags)) |
bb23c0ab MH |
965 | parent->sk_state_change(parent); |
966 | ||
1da177e4 LT |
967 | return result; |
968 | } | |
969 | ||
aef7d97c | 970 | static int rfcomm_sock_debugfs_show(struct seq_file *f, void *p) |
1da177e4 LT |
971 | { |
972 | struct sock *sk; | |
973 | struct hlist_node *node; | |
1da177e4 | 974 | |
95ca83f4 | 975 | read_lock(&rfcomm_sk_list.lock); |
1da177e4 | 976 | |
be9d1227 | 977 | sk_for_each(sk, node, &rfcomm_sk_list.head) { |
aef7d97c MH |
978 | seq_printf(f, "%s %s %d %d\n", |
979 | batostr(&bt_sk(sk)->src), | |
980 | batostr(&bt_sk(sk)->dst), | |
be9d1227 MH |
981 | sk->sk_state, rfcomm_pi(sk)->channel); |
982 | } | |
1da177e4 | 983 | |
95ca83f4 | 984 | read_unlock(&rfcomm_sk_list.lock); |
1da177e4 | 985 | |
aef7d97c | 986 | return 0; |
1da177e4 LT |
987 | } |
988 | ||
aef7d97c MH |
989 | static int rfcomm_sock_debugfs_open(struct inode *inode, struct file *file) |
990 | { | |
991 | return single_open(file, rfcomm_sock_debugfs_show, inode->i_private); | |
992 | } | |
993 | ||
994 | static const struct file_operations rfcomm_sock_debugfs_fops = { | |
995 | .open = rfcomm_sock_debugfs_open, | |
996 | .read = seq_read, | |
997 | .llseek = seq_lseek, | |
998 | .release = single_release, | |
999 | }; | |
1000 | ||
1001 | static struct dentry *rfcomm_sock_debugfs; | |
1da177e4 | 1002 | |
90ddc4f0 | 1003 | static const struct proto_ops rfcomm_sock_ops = { |
1da177e4 LT |
1004 | .family = PF_BLUETOOTH, |
1005 | .owner = THIS_MODULE, | |
1006 | .release = rfcomm_sock_release, | |
1007 | .bind = rfcomm_sock_bind, | |
1008 | .connect = rfcomm_sock_connect, | |
1009 | .listen = rfcomm_sock_listen, | |
1010 | .accept = rfcomm_sock_accept, | |
1011 | .getname = rfcomm_sock_getname, | |
1012 | .sendmsg = rfcomm_sock_sendmsg, | |
1013 | .recvmsg = rfcomm_sock_recvmsg, | |
1014 | .shutdown = rfcomm_sock_shutdown, | |
1015 | .setsockopt = rfcomm_sock_setsockopt, | |
1016 | .getsockopt = rfcomm_sock_getsockopt, | |
1017 | .ioctl = rfcomm_sock_ioctl, | |
1018 | .poll = bt_sock_poll, | |
1019 | .socketpair = sock_no_socketpair, | |
1020 | .mmap = sock_no_mmap | |
1021 | }; | |
1022 | ||
ec1b4cf7 | 1023 | static const struct net_proto_family rfcomm_sock_family_ops = { |
1da177e4 LT |
1024 | .family = PF_BLUETOOTH, |
1025 | .owner = THIS_MODULE, | |
1026 | .create = rfcomm_sock_create | |
1027 | }; | |
1028 | ||
be9d1227 | 1029 | int __init rfcomm_init_sockets(void) |
1da177e4 LT |
1030 | { |
1031 | int err; | |
1032 | ||
1033 | err = proto_register(&rfcomm_proto, 0); | |
1034 | if (err < 0) | |
1035 | return err; | |
1036 | ||
1037 | err = bt_sock_register(BTPROTO_RFCOMM, &rfcomm_sock_family_ops); | |
c6f5df16 MY |
1038 | if (err < 0) { |
1039 | BT_ERR("RFCOMM socket layer registration failed"); | |
1040 | goto error; | |
1041 | } | |
1042 | ||
1043 | err = bt_procfs_init(THIS_MODULE, &init_net, "rfcomm", &rfcomm_sk_list, NULL); | |
1044 | if (err < 0) { | |
1045 | BT_ERR("Failed to create RFCOMM proc file"); | |
1046 | bt_sock_unregister(BTPROTO_RFCOMM); | |
1da177e4 | 1047 | goto error; |
c6f5df16 | 1048 | } |
1da177e4 | 1049 | |
aef7d97c MH |
1050 | if (bt_debugfs) { |
1051 | rfcomm_sock_debugfs = debugfs_create_file("rfcomm", 0444, | |
1052 | bt_debugfs, NULL, &rfcomm_sock_debugfs_fops); | |
1053 | if (!rfcomm_sock_debugfs) | |
1054 | BT_ERR("Failed to create RFCOMM debug file"); | |
1055 | } | |
1da177e4 LT |
1056 | |
1057 | BT_INFO("RFCOMM socket layer initialized"); | |
1058 | ||
1059 | return 0; | |
1060 | ||
1061 | error: | |
1da177e4 LT |
1062 | proto_unregister(&rfcomm_proto); |
1063 | return err; | |
1064 | } | |
1065 | ||
2f8362af | 1066 | void __exit rfcomm_cleanup_sockets(void) |
1da177e4 | 1067 | { |
c6f5df16 MY |
1068 | bt_procfs_cleanup(&init_net, "rfcomm"); |
1069 | ||
aef7d97c | 1070 | debugfs_remove(rfcomm_sock_debugfs); |
1da177e4 LT |
1071 | |
1072 | if (bt_sock_unregister(BTPROTO_RFCOMM) < 0) | |
1073 | BT_ERR("RFCOMM socket layer unregistration failed"); | |
1074 | ||
1075 | proto_unregister(&rfcomm_proto); | |
1076 | } |