2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
6 Copyright (C) 2011 ProFUSION Embedded Systems
8 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License version 2 as
12 published by the Free Software Foundation;
14 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
17 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
18 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
19 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
23 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
24 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
25 SOFTWARE IS DISCLAIMED.
28 /* Bluetooth L2CAP sockets. */
30 #include <linux/export.h>
32 #include <net/bluetooth/bluetooth.h>
33 #include <net/bluetooth/hci_core.h>
34 #include <net/bluetooth/l2cap.h>
35 #include <net/bluetooth/smp.h>
37 static struct bt_sock_list l2cap_sk_list
= {
38 .lock
= __RW_LOCK_UNLOCKED(l2cap_sk_list
.lock
)
41 static const struct proto_ops l2cap_sock_ops
;
42 static void l2cap_sock_init(struct sock
*sk
, struct sock
*parent
);
43 static struct sock
*l2cap_sock_alloc(struct net
*net
, struct socket
*sock
,
44 int proto
, gfp_t prio
);
46 bool l2cap_is_socket(struct socket
*sock
)
48 return sock
&& sock
->ops
== &l2cap_sock_ops
;
50 EXPORT_SYMBOL(l2cap_is_socket
);
52 static int l2cap_sock_bind(struct socket
*sock
, struct sockaddr
*addr
, int alen
)
54 struct sock
*sk
= sock
->sk
;
55 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
56 struct sockaddr_l2 la
;
61 if (!addr
|| addr
->sa_family
!= AF_BLUETOOTH
)
64 memset(&la
, 0, sizeof(la
));
65 len
= min_t(unsigned int, sizeof(la
), alen
);
66 memcpy(&la
, addr
, len
);
68 if (la
.l2_cid
&& la
.l2_psm
)
73 if (sk
->sk_state
!= BT_OPEN
) {
79 __u16 psm
= __le16_to_cpu(la
.l2_psm
);
81 /* PSM must be odd and lsb of upper byte must be 0 */
82 if ((psm
& 0x0101) != 0x0001) {
87 /* Restrict usage of well-known PSMs */
88 if (psm
< 0x1001 && !capable(CAP_NET_BIND_SERVICE
)) {
95 err
= l2cap_add_scid(chan
, __le16_to_cpu(la
.l2_cid
));
97 err
= l2cap_add_psm(chan
, &la
.l2_bdaddr
, la
.l2_psm
);
102 if (__le16_to_cpu(la
.l2_psm
) == L2CAP_PSM_SDP
||
103 __le16_to_cpu(la
.l2_psm
) == L2CAP_PSM_RFCOMM
)
104 chan
->sec_level
= BT_SECURITY_SDP
;
106 bacpy(&bt_sk(sk
)->src
, &la
.l2_bdaddr
);
108 chan
->state
= BT_BOUND
;
109 sk
->sk_state
= BT_BOUND
;
116 static int l2cap_sock_connect(struct socket
*sock
, struct sockaddr
*addr
,
119 struct sock
*sk
= sock
->sk
;
120 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
121 struct sockaddr_l2 la
;
126 if (!addr
|| alen
< sizeof(addr
->sa_family
) ||
127 addr
->sa_family
!= AF_BLUETOOTH
)
130 memset(&la
, 0, sizeof(la
));
131 len
= min_t(unsigned int, sizeof(la
), alen
);
132 memcpy(&la
, addr
, len
);
134 if (la
.l2_cid
&& la
.l2_psm
)
137 err
= l2cap_chan_connect(chan
, la
.l2_psm
, __le16_to_cpu(la
.l2_cid
),
138 &la
.l2_bdaddr
, la
.l2_bdaddr_type
);
144 err
= bt_sock_wait_state(sk
, BT_CONNECTED
,
145 sock_sndtimeo(sk
, flags
& O_NONBLOCK
));
152 static int l2cap_sock_listen(struct socket
*sock
, int backlog
)
154 struct sock
*sk
= sock
->sk
;
155 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
158 BT_DBG("sk %p backlog %d", sk
, backlog
);
162 if (sk
->sk_state
!= BT_BOUND
) {
167 if (sk
->sk_type
!= SOCK_SEQPACKET
&& sk
->sk_type
!= SOCK_STREAM
) {
172 switch (chan
->mode
) {
173 case L2CAP_MODE_BASIC
:
175 case L2CAP_MODE_ERTM
:
176 case L2CAP_MODE_STREAMING
:
185 sk
->sk_max_ack_backlog
= backlog
;
186 sk
->sk_ack_backlog
= 0;
188 chan
->state
= BT_LISTEN
;
189 sk
->sk_state
= BT_LISTEN
;
196 static int l2cap_sock_accept(struct socket
*sock
, struct socket
*newsock
,
199 DECLARE_WAITQUEUE(wait
, current
);
200 struct sock
*sk
= sock
->sk
, *nsk
;
204 lock_sock_nested(sk
, SINGLE_DEPTH_NESTING
);
206 timeo
= sock_rcvtimeo(sk
, flags
& O_NONBLOCK
);
208 BT_DBG("sk %p timeo %ld", sk
, timeo
);
210 /* Wait for an incoming connection. (wake-one). */
211 add_wait_queue_exclusive(sk_sleep(sk
), &wait
);
213 set_current_state(TASK_INTERRUPTIBLE
);
215 if (sk
->sk_state
!= BT_LISTEN
) {
220 nsk
= bt_accept_dequeue(sk
, newsock
);
229 if (signal_pending(current
)) {
230 err
= sock_intr_errno(timeo
);
235 timeo
= schedule_timeout(timeo
);
236 lock_sock_nested(sk
, SINGLE_DEPTH_NESTING
);
238 __set_current_state(TASK_RUNNING
);
239 remove_wait_queue(sk_sleep(sk
), &wait
);
244 newsock
->state
= SS_CONNECTED
;
246 BT_DBG("new socket %p", nsk
);
253 static int l2cap_sock_getname(struct socket
*sock
, struct sockaddr
*addr
,
256 struct sockaddr_l2
*la
= (struct sockaddr_l2
*) addr
;
257 struct sock
*sk
= sock
->sk
;
258 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
260 BT_DBG("sock %p, sk %p", sock
, sk
);
262 memset(la
, 0, sizeof(struct sockaddr_l2
));
263 addr
->sa_family
= AF_BLUETOOTH
;
264 *len
= sizeof(struct sockaddr_l2
);
267 la
->l2_psm
= chan
->psm
;
268 bacpy(&la
->l2_bdaddr
, &bt_sk(sk
)->dst
);
269 la
->l2_cid
= cpu_to_le16(chan
->dcid
);
271 la
->l2_psm
= chan
->sport
;
272 bacpy(&la
->l2_bdaddr
, &bt_sk(sk
)->src
);
273 la
->l2_cid
= cpu_to_le16(chan
->scid
);
279 static int l2cap_sock_getsockopt_old(struct socket
*sock
, int optname
,
280 char __user
*optval
, int __user
*optlen
)
282 struct sock
*sk
= sock
->sk
;
283 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
284 struct l2cap_options opts
;
285 struct l2cap_conninfo cinfo
;
291 if (get_user(len
, optlen
))
298 memset(&opts
, 0, sizeof(opts
));
299 opts
.imtu
= chan
->imtu
;
300 opts
.omtu
= chan
->omtu
;
301 opts
.flush_to
= chan
->flush_to
;
302 opts
.mode
= chan
->mode
;
303 opts
.fcs
= chan
->fcs
;
304 opts
.max_tx
= chan
->max_tx
;
305 opts
.txwin_size
= chan
->tx_win
;
307 len
= min_t(unsigned int, len
, sizeof(opts
));
308 if (copy_to_user(optval
, (char *) &opts
, len
))
314 switch (chan
->sec_level
) {
315 case BT_SECURITY_LOW
:
318 case BT_SECURITY_MEDIUM
:
319 opt
= L2CAP_LM_AUTH
| L2CAP_LM_ENCRYPT
;
321 case BT_SECURITY_HIGH
:
322 opt
= L2CAP_LM_AUTH
| L2CAP_LM_ENCRYPT
|
330 if (test_bit(FLAG_ROLE_SWITCH
, &chan
->flags
))
331 opt
|= L2CAP_LM_MASTER
;
333 if (test_bit(FLAG_FORCE_RELIABLE
, &chan
->flags
))
334 opt
|= L2CAP_LM_RELIABLE
;
336 if (put_user(opt
, (u32 __user
*) optval
))
341 if (sk
->sk_state
!= BT_CONNECTED
&&
342 !(sk
->sk_state
== BT_CONNECT2
&&
343 test_bit(BT_SK_DEFER_SETUP
, &bt_sk(sk
)->flags
))) {
348 memset(&cinfo
, 0, sizeof(cinfo
));
349 cinfo
.hci_handle
= chan
->conn
->hcon
->handle
;
350 memcpy(cinfo
.dev_class
, chan
->conn
->hcon
->dev_class
, 3);
352 len
= min_t(unsigned int, len
, sizeof(cinfo
));
353 if (copy_to_user(optval
, (char *) &cinfo
, len
))
367 static int l2cap_sock_getsockopt(struct socket
*sock
, int level
, int optname
,
368 char __user
*optval
, int __user
*optlen
)
370 struct sock
*sk
= sock
->sk
;
371 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
372 struct bt_security sec
;
378 if (level
== SOL_L2CAP
)
379 return l2cap_sock_getsockopt_old(sock
, optname
, optval
, optlen
);
381 if (level
!= SOL_BLUETOOTH
)
384 if (get_user(len
, optlen
))
391 if (chan
->chan_type
!= L2CAP_CHAN_CONN_ORIENTED
&&
392 chan
->chan_type
!= L2CAP_CHAN_RAW
) {
397 memset(&sec
, 0, sizeof(sec
));
399 sec
.level
= chan
->conn
->hcon
->sec_level
;
401 if (sk
->sk_state
== BT_CONNECTED
)
402 sec
.key_size
= chan
->conn
->hcon
->enc_key_size
;
404 sec
.level
= chan
->sec_level
;
407 len
= min_t(unsigned int, len
, sizeof(sec
));
408 if (copy_to_user(optval
, (char *) &sec
, len
))
414 if (sk
->sk_state
!= BT_BOUND
&& sk
->sk_state
!= BT_LISTEN
) {
419 if (put_user(test_bit(BT_SK_DEFER_SETUP
, &bt_sk(sk
)->flags
),
420 (u32 __user
*) optval
))
426 if (put_user(test_bit(FLAG_FLUSHABLE
, &chan
->flags
),
427 (u32 __user
*) optval
))
433 if (sk
->sk_type
!= SOCK_SEQPACKET
&& sk
->sk_type
!= SOCK_STREAM
434 && sk
->sk_type
!= SOCK_RAW
) {
439 pwr
.force_active
= test_bit(FLAG_FORCE_ACTIVE
, &chan
->flags
);
441 len
= min_t(unsigned int, len
, sizeof(pwr
));
442 if (copy_to_user(optval
, (char *) &pwr
, len
))
447 case BT_CHANNEL_POLICY
:
453 if (put_user(chan
->chan_policy
, (u32 __user
*) optval
))
466 static bool l2cap_valid_mtu(struct l2cap_chan
*chan
, u16 mtu
)
468 switch (chan
->scid
) {
470 if (mtu
< L2CAP_LE_MIN_MTU
)
475 if (mtu
< L2CAP_DEFAULT_MIN_MTU
)
482 static int l2cap_sock_setsockopt_old(struct socket
*sock
, int optname
,
483 char __user
*optval
, unsigned int optlen
)
485 struct sock
*sk
= sock
->sk
;
486 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
487 struct l2cap_options opts
;
497 if (sk
->sk_state
== BT_CONNECTED
) {
502 opts
.imtu
= chan
->imtu
;
503 opts
.omtu
= chan
->omtu
;
504 opts
.flush_to
= chan
->flush_to
;
505 opts
.mode
= chan
->mode
;
506 opts
.fcs
= chan
->fcs
;
507 opts
.max_tx
= chan
->max_tx
;
508 opts
.txwin_size
= chan
->tx_win
;
510 len
= min_t(unsigned int, sizeof(opts
), optlen
);
511 if (copy_from_user((char *) &opts
, optval
, len
)) {
516 if (opts
.txwin_size
> L2CAP_DEFAULT_EXT_WINDOW
) {
521 if (!l2cap_valid_mtu(chan
, opts
.imtu
)) {
526 chan
->mode
= opts
.mode
;
527 switch (chan
->mode
) {
528 case L2CAP_MODE_BASIC
:
529 clear_bit(CONF_STATE2_DEVICE
, &chan
->conf_state
);
531 case L2CAP_MODE_ERTM
:
532 case L2CAP_MODE_STREAMING
:
541 chan
->imtu
= opts
.imtu
;
542 chan
->omtu
= opts
.omtu
;
543 chan
->fcs
= opts
.fcs
;
544 chan
->max_tx
= opts
.max_tx
;
545 chan
->tx_win
= opts
.txwin_size
;
546 chan
->flush_to
= opts
.flush_to
;
550 if (get_user(opt
, (u32 __user
*) optval
)) {
555 if (opt
& L2CAP_LM_AUTH
)
556 chan
->sec_level
= BT_SECURITY_LOW
;
557 if (opt
& L2CAP_LM_ENCRYPT
)
558 chan
->sec_level
= BT_SECURITY_MEDIUM
;
559 if (opt
& L2CAP_LM_SECURE
)
560 chan
->sec_level
= BT_SECURITY_HIGH
;
562 if (opt
& L2CAP_LM_MASTER
)
563 set_bit(FLAG_ROLE_SWITCH
, &chan
->flags
);
565 clear_bit(FLAG_ROLE_SWITCH
, &chan
->flags
);
567 if (opt
& L2CAP_LM_RELIABLE
)
568 set_bit(FLAG_FORCE_RELIABLE
, &chan
->flags
);
570 clear_bit(FLAG_FORCE_RELIABLE
, &chan
->flags
);
582 static int l2cap_sock_setsockopt(struct socket
*sock
, int level
, int optname
,
583 char __user
*optval
, unsigned int optlen
)
585 struct sock
*sk
= sock
->sk
;
586 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
587 struct bt_security sec
;
589 struct l2cap_conn
*conn
;
595 if (level
== SOL_L2CAP
)
596 return l2cap_sock_setsockopt_old(sock
, optname
, optval
, optlen
);
598 if (level
!= SOL_BLUETOOTH
)
605 if (chan
->chan_type
!= L2CAP_CHAN_CONN_ORIENTED
&&
606 chan
->chan_type
!= L2CAP_CHAN_RAW
) {
611 sec
.level
= BT_SECURITY_LOW
;
613 len
= min_t(unsigned int, sizeof(sec
), optlen
);
614 if (copy_from_user((char *) &sec
, optval
, len
)) {
619 if (sec
.level
< BT_SECURITY_LOW
||
620 sec
.level
> BT_SECURITY_HIGH
) {
625 chan
->sec_level
= sec
.level
;
632 /*change security for LE channels */
633 if (chan
->scid
== L2CAP_CID_ATT
) {
634 if (!conn
->hcon
->out
) {
639 if (smp_conn_security(conn
->hcon
, sec
.level
))
641 sk
->sk_state
= BT_CONFIG
;
642 chan
->state
= BT_CONFIG
;
644 /* or for ACL link */
645 } else if ((sk
->sk_state
== BT_CONNECT2
&&
646 test_bit(BT_SK_DEFER_SETUP
, &bt_sk(sk
)->flags
)) ||
647 sk
->sk_state
== BT_CONNECTED
) {
648 if (!l2cap_chan_check_security(chan
))
649 set_bit(BT_SK_SUSPEND
, &bt_sk(sk
)->flags
);
651 sk
->sk_state_change(sk
);
658 if (sk
->sk_state
!= BT_BOUND
&& sk
->sk_state
!= BT_LISTEN
) {
663 if (get_user(opt
, (u32 __user
*) optval
)) {
669 set_bit(BT_SK_DEFER_SETUP
, &bt_sk(sk
)->flags
);
671 clear_bit(BT_SK_DEFER_SETUP
, &bt_sk(sk
)->flags
);
675 if (get_user(opt
, (u32 __user
*) optval
)) {
680 if (opt
> BT_FLUSHABLE_ON
) {
685 if (opt
== BT_FLUSHABLE_OFF
) {
686 struct l2cap_conn
*conn
= chan
->conn
;
687 /* proceed further only when we have l2cap_conn and
688 No Flush support in the LM */
689 if (!conn
|| !lmp_no_flush_capable(conn
->hcon
->hdev
)) {
696 set_bit(FLAG_FLUSHABLE
, &chan
->flags
);
698 clear_bit(FLAG_FLUSHABLE
, &chan
->flags
);
702 if (chan
->chan_type
!= L2CAP_CHAN_CONN_ORIENTED
&&
703 chan
->chan_type
!= L2CAP_CHAN_RAW
) {
708 pwr
.force_active
= BT_POWER_FORCE_ACTIVE_ON
;
710 len
= min_t(unsigned int, sizeof(pwr
), optlen
);
711 if (copy_from_user((char *) &pwr
, optval
, len
)) {
716 if (pwr
.force_active
)
717 set_bit(FLAG_FORCE_ACTIVE
, &chan
->flags
);
719 clear_bit(FLAG_FORCE_ACTIVE
, &chan
->flags
);
722 case BT_CHANNEL_POLICY
:
728 if (get_user(opt
, (u32 __user
*) optval
)) {
733 if (opt
> BT_CHANNEL_POLICY_AMP_PREFERRED
) {
738 if (chan
->mode
!= L2CAP_MODE_ERTM
&&
739 chan
->mode
!= L2CAP_MODE_STREAMING
) {
744 chan
->chan_policy
= (u8
) opt
;
746 if (sk
->sk_state
== BT_CONNECTED
&&
747 chan
->move_role
== L2CAP_MOVE_ROLE_NONE
)
748 l2cap_move_start(chan
);
761 static int l2cap_sock_sendmsg(struct kiocb
*iocb
, struct socket
*sock
,
762 struct msghdr
*msg
, size_t len
)
764 struct sock
*sk
= sock
->sk
;
765 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
768 BT_DBG("sock %p, sk %p", sock
, sk
);
770 err
= sock_error(sk
);
774 if (msg
->msg_flags
& MSG_OOB
)
777 if (sk
->sk_state
!= BT_CONNECTED
)
781 err
= bt_sock_wait_ready(sk
, msg
->msg_flags
);
786 l2cap_chan_lock(chan
);
787 err
= l2cap_chan_send(chan
, msg
, len
, sk
->sk_priority
);
788 l2cap_chan_unlock(chan
);
793 static int l2cap_sock_recvmsg(struct kiocb
*iocb
, struct socket
*sock
,
794 struct msghdr
*msg
, size_t len
, int flags
)
796 struct sock
*sk
= sock
->sk
;
797 struct l2cap_pinfo
*pi
= l2cap_pi(sk
);
802 if (sk
->sk_state
== BT_CONNECT2
&& test_bit(BT_SK_DEFER_SETUP
,
803 &bt_sk(sk
)->flags
)) {
804 sk
->sk_state
= BT_CONFIG
;
805 pi
->chan
->state
= BT_CONFIG
;
807 __l2cap_connect_rsp_defer(pi
->chan
);
814 if (sock
->type
== SOCK_STREAM
)
815 err
= bt_sock_stream_recvmsg(iocb
, sock
, msg
, len
, flags
);
817 err
= bt_sock_recvmsg(iocb
, sock
, msg
, len
, flags
);
819 if (pi
->chan
->mode
!= L2CAP_MODE_ERTM
)
822 /* Attempt to put pending rx data in the socket buffer */
826 if (!test_bit(CONN_LOCAL_BUSY
, &pi
->chan
->conn_state
))
829 if (pi
->rx_busy_skb
) {
830 if (!sock_queue_rcv_skb(sk
, pi
->rx_busy_skb
))
831 pi
->rx_busy_skb
= NULL
;
836 /* Restore data flow when half of the receive buffer is
837 * available. This avoids resending large numbers of
840 if (atomic_read(&sk
->sk_rmem_alloc
) <= sk
->sk_rcvbuf
>> 1)
841 l2cap_chan_busy(pi
->chan
, 0);
848 /* Kill socket (only if zapped and orphan)
849 * Must be called on unlocked socket.
851 static void l2cap_sock_kill(struct sock
*sk
)
853 if (!sock_flag(sk
, SOCK_ZAPPED
) || sk
->sk_socket
)
856 BT_DBG("sk %p state %s", sk
, state_to_string(sk
->sk_state
));
858 /* Kill poor orphan */
860 l2cap_chan_put(l2cap_pi(sk
)->chan
);
861 sock_set_flag(sk
, SOCK_DEAD
);
865 static int l2cap_sock_shutdown(struct socket
*sock
, int how
)
867 struct sock
*sk
= sock
->sk
;
868 struct l2cap_chan
*chan
;
869 struct l2cap_conn
*conn
;
872 BT_DBG("sock %p, sk %p", sock
, sk
);
877 chan
= l2cap_pi(sk
)->chan
;
881 mutex_lock(&conn
->chan_lock
);
883 l2cap_chan_lock(chan
);
886 if (!sk
->sk_shutdown
) {
887 if (chan
->mode
== L2CAP_MODE_ERTM
)
888 err
= __l2cap_wait_ack(sk
);
890 sk
->sk_shutdown
= SHUTDOWN_MASK
;
893 l2cap_chan_close(chan
, 0);
896 if (sock_flag(sk
, SOCK_LINGER
) && sk
->sk_lingertime
)
897 err
= bt_sock_wait_state(sk
, BT_CLOSED
,
901 if (!err
&& sk
->sk_err
)
905 l2cap_chan_unlock(chan
);
908 mutex_unlock(&conn
->chan_lock
);
913 static int l2cap_sock_release(struct socket
*sock
)
915 struct sock
*sk
= sock
->sk
;
918 BT_DBG("sock %p, sk %p", sock
, sk
);
923 bt_sock_unlink(&l2cap_sk_list
, sk
);
925 err
= l2cap_sock_shutdown(sock
, 2);
932 static void l2cap_sock_cleanup_listen(struct sock
*parent
)
936 BT_DBG("parent %p", parent
);
938 /* Close not yet accepted channels */
939 while ((sk
= bt_accept_dequeue(parent
, NULL
))) {
940 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
942 l2cap_chan_lock(chan
);
943 __clear_chan_timer(chan
);
944 l2cap_chan_close(chan
, ECONNRESET
);
945 l2cap_chan_unlock(chan
);
951 static struct l2cap_chan
*l2cap_sock_new_connection_cb(struct l2cap_chan
*chan
)
953 struct sock
*sk
, *parent
= chan
->data
;
955 /* Check for backlog size */
956 if (sk_acceptq_is_full(parent
)) {
957 BT_DBG("backlog full %d", parent
->sk_ack_backlog
);
961 sk
= l2cap_sock_alloc(sock_net(parent
), NULL
, BTPROTO_L2CAP
,
966 bt_sock_reclassify_lock(sk
, BTPROTO_L2CAP
);
968 l2cap_sock_init(sk
, parent
);
970 bt_accept_enqueue(parent
, sk
);
972 return l2cap_pi(sk
)->chan
;
975 static int l2cap_sock_recv_cb(struct l2cap_chan
*chan
, struct sk_buff
*skb
)
978 struct sock
*sk
= chan
->data
;
979 struct l2cap_pinfo
*pi
= l2cap_pi(sk
);
983 if (pi
->rx_busy_skb
) {
988 err
= sock_queue_rcv_skb(sk
, skb
);
990 /* For ERTM, handle one skb that doesn't fit into the recv
991 * buffer. This is important to do because the data frames
992 * have already been acked, so the skb cannot be discarded.
994 * Notify the l2cap core that the buffer is full, so the
995 * LOCAL_BUSY state is entered and no more frames are
996 * acked and reassembled until there is buffer space
999 if (err
< 0 && pi
->chan
->mode
== L2CAP_MODE_ERTM
) {
1000 pi
->rx_busy_skb
= skb
;
1001 l2cap_chan_busy(pi
->chan
, 1);
1011 static void l2cap_sock_close_cb(struct l2cap_chan
*chan
)
1013 struct sock
*sk
= chan
->data
;
1015 l2cap_sock_kill(sk
);
1018 static void l2cap_sock_teardown_cb(struct l2cap_chan
*chan
, int err
)
1020 struct sock
*sk
= chan
->data
;
1021 struct sock
*parent
;
1025 parent
= bt_sk(sk
)->parent
;
1027 sock_set_flag(sk
, SOCK_ZAPPED
);
1029 switch (chan
->state
) {
1035 l2cap_sock_cleanup_listen(sk
);
1036 sk
->sk_state
= BT_CLOSED
;
1037 chan
->state
= BT_CLOSED
;
1041 sk
->sk_state
= BT_CLOSED
;
1042 chan
->state
= BT_CLOSED
;
1047 bt_accept_unlink(sk
);
1048 parent
->sk_data_ready(parent
, 0);
1050 sk
->sk_state_change(sk
);
1059 static void l2cap_sock_state_change_cb(struct l2cap_chan
*chan
, int state
)
1061 struct sock
*sk
= chan
->data
;
1063 sk
->sk_state
= state
;
1066 static struct sk_buff
*l2cap_sock_alloc_skb_cb(struct l2cap_chan
*chan
,
1067 unsigned long len
, int nb
)
1069 struct sk_buff
*skb
;
1072 l2cap_chan_unlock(chan
);
1073 skb
= bt_skb_send_alloc(chan
->sk
, len
, nb
, &err
);
1074 l2cap_chan_lock(chan
);
1077 return ERR_PTR(err
);
1082 static void l2cap_sock_ready_cb(struct l2cap_chan
*chan
)
1084 struct sock
*sk
= chan
->data
;
1085 struct sock
*parent
;
1089 parent
= bt_sk(sk
)->parent
;
1091 BT_DBG("sk %p, parent %p", sk
, parent
);
1093 sk
->sk_state
= BT_CONNECTED
;
1094 sk
->sk_state_change(sk
);
1097 parent
->sk_data_ready(parent
, 0);
1102 static void l2cap_sock_defer_cb(struct l2cap_chan
*chan
)
1104 struct sock
*sk
= chan
->data
;
1105 struct sock
*parent
= bt_sk(sk
)->parent
;
1108 parent
->sk_data_ready(parent
, 0);
1111 static struct l2cap_ops l2cap_chan_ops
= {
1112 .name
= "L2CAP Socket Interface",
1113 .new_connection
= l2cap_sock_new_connection_cb
,
1114 .recv
= l2cap_sock_recv_cb
,
1115 .close
= l2cap_sock_close_cb
,
1116 .teardown
= l2cap_sock_teardown_cb
,
1117 .state_change
= l2cap_sock_state_change_cb
,
1118 .ready
= l2cap_sock_ready_cb
,
1119 .defer
= l2cap_sock_defer_cb
,
1120 .alloc_skb
= l2cap_sock_alloc_skb_cb
,
1123 static void l2cap_sock_destruct(struct sock
*sk
)
1125 BT_DBG("sk %p", sk
);
1127 if (l2cap_pi(sk
)->chan
)
1128 l2cap_chan_put(l2cap_pi(sk
)->chan
);
1129 if (l2cap_pi(sk
)->rx_busy_skb
) {
1130 kfree_skb(l2cap_pi(sk
)->rx_busy_skb
);
1131 l2cap_pi(sk
)->rx_busy_skb
= NULL
;
1134 skb_queue_purge(&sk
->sk_receive_queue
);
1135 skb_queue_purge(&sk
->sk_write_queue
);
1138 static void l2cap_sock_init(struct sock
*sk
, struct sock
*parent
)
1140 struct l2cap_pinfo
*pi
= l2cap_pi(sk
);
1141 struct l2cap_chan
*chan
= pi
->chan
;
1143 BT_DBG("sk %p", sk
);
1146 struct l2cap_chan
*pchan
= l2cap_pi(parent
)->chan
;
1148 sk
->sk_type
= parent
->sk_type
;
1149 bt_sk(sk
)->flags
= bt_sk(parent
)->flags
;
1151 chan
->chan_type
= pchan
->chan_type
;
1152 chan
->imtu
= pchan
->imtu
;
1153 chan
->omtu
= pchan
->omtu
;
1154 chan
->conf_state
= pchan
->conf_state
;
1155 chan
->mode
= pchan
->mode
;
1156 chan
->fcs
= pchan
->fcs
;
1157 chan
->max_tx
= pchan
->max_tx
;
1158 chan
->tx_win
= pchan
->tx_win
;
1159 chan
->tx_win_max
= pchan
->tx_win_max
;
1160 chan
->sec_level
= pchan
->sec_level
;
1161 chan
->flags
= pchan
->flags
;
1163 security_sk_clone(parent
, sk
);
1166 switch (sk
->sk_type
) {
1168 chan
->chan_type
= L2CAP_CHAN_RAW
;
1171 chan
->chan_type
= L2CAP_CHAN_CONN_LESS
;
1173 case SOCK_SEQPACKET
:
1175 chan
->chan_type
= L2CAP_CHAN_CONN_ORIENTED
;
1179 chan
->imtu
= L2CAP_DEFAULT_MTU
;
1181 if (!disable_ertm
&& sk
->sk_type
== SOCK_STREAM
) {
1182 chan
->mode
= L2CAP_MODE_ERTM
;
1183 set_bit(CONF_STATE2_DEVICE
, &chan
->conf_state
);
1185 chan
->mode
= L2CAP_MODE_BASIC
;
1188 l2cap_chan_set_defaults(chan
);
1191 /* Default config options */
1192 chan
->flush_to
= L2CAP_DEFAULT_FLUSH_TO
;
1195 chan
->ops
= &l2cap_chan_ops
;
1198 static struct proto l2cap_proto
= {
1200 .owner
= THIS_MODULE
,
1201 .obj_size
= sizeof(struct l2cap_pinfo
)
1204 static struct sock
*l2cap_sock_alloc(struct net
*net
, struct socket
*sock
,
1205 int proto
, gfp_t prio
)
1208 struct l2cap_chan
*chan
;
1210 sk
= sk_alloc(net
, PF_BLUETOOTH
, prio
, &l2cap_proto
);
1214 sock_init_data(sock
, sk
);
1215 INIT_LIST_HEAD(&bt_sk(sk
)->accept_q
);
1217 sk
->sk_destruct
= l2cap_sock_destruct
;
1218 sk
->sk_sndtimeo
= L2CAP_CONN_TIMEOUT
;
1220 sock_reset_flag(sk
, SOCK_ZAPPED
);
1222 sk
->sk_protocol
= proto
;
1223 sk
->sk_state
= BT_OPEN
;
1225 chan
= l2cap_chan_create();
1231 l2cap_chan_hold(chan
);
1235 l2cap_pi(sk
)->chan
= chan
;
1240 static int l2cap_sock_create(struct net
*net
, struct socket
*sock
, int protocol
,
1245 BT_DBG("sock %p", sock
);
1247 sock
->state
= SS_UNCONNECTED
;
1249 if (sock
->type
!= SOCK_SEQPACKET
&& sock
->type
!= SOCK_STREAM
&&
1250 sock
->type
!= SOCK_DGRAM
&& sock
->type
!= SOCK_RAW
)
1251 return -ESOCKTNOSUPPORT
;
1253 if (sock
->type
== SOCK_RAW
&& !kern
&& !capable(CAP_NET_RAW
))
1256 sock
->ops
= &l2cap_sock_ops
;
1258 sk
= l2cap_sock_alloc(net
, sock
, protocol
, GFP_ATOMIC
);
1262 l2cap_sock_init(sk
, NULL
);
1263 bt_sock_link(&l2cap_sk_list
, sk
);
1267 static const struct proto_ops l2cap_sock_ops
= {
1268 .family
= PF_BLUETOOTH
,
1269 .owner
= THIS_MODULE
,
1270 .release
= l2cap_sock_release
,
1271 .bind
= l2cap_sock_bind
,
1272 .connect
= l2cap_sock_connect
,
1273 .listen
= l2cap_sock_listen
,
1274 .accept
= l2cap_sock_accept
,
1275 .getname
= l2cap_sock_getname
,
1276 .sendmsg
= l2cap_sock_sendmsg
,
1277 .recvmsg
= l2cap_sock_recvmsg
,
1278 .poll
= bt_sock_poll
,
1279 .ioctl
= bt_sock_ioctl
,
1280 .mmap
= sock_no_mmap
,
1281 .socketpair
= sock_no_socketpair
,
1282 .shutdown
= l2cap_sock_shutdown
,
1283 .setsockopt
= l2cap_sock_setsockopt
,
1284 .getsockopt
= l2cap_sock_getsockopt
1287 static const struct net_proto_family l2cap_sock_family_ops
= {
1288 .family
= PF_BLUETOOTH
,
1289 .owner
= THIS_MODULE
,
1290 .create
= l2cap_sock_create
,
1293 int __init
l2cap_init_sockets(void)
1297 err
= proto_register(&l2cap_proto
, 0);
1301 err
= bt_sock_register(BTPROTO_L2CAP
, &l2cap_sock_family_ops
);
1303 BT_ERR("L2CAP socket registration failed");
1307 err
= bt_procfs_init(&init_net
, "l2cap", &l2cap_sk_list
,
1310 BT_ERR("Failed to create L2CAP proc file");
1311 bt_sock_unregister(BTPROTO_L2CAP
);
1315 BT_INFO("L2CAP socket layer initialized");
1320 proto_unregister(&l2cap_proto
);
1324 void l2cap_cleanup_sockets(void)
1326 bt_procfs_cleanup(&init_net
, "l2cap");
1327 bt_sock_unregister(BTPROTO_L2CAP
);
1328 proto_unregister(&l2cap_proto
);