projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branch 'perf/urgent' of git://git.kernel.org/pub/scm/linux/kernel/git/acme...
[deliverable/linux.git] / net / bluetooth / l2cap_sock.c
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
6 Copyright (C) 2011 ProFUSION Embedded Systems
7
8 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
9
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License version 2 as
12 published by the Free Software Foundation;
13
14 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
17 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
18 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
19 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
22
23 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
24 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
25 SOFTWARE IS DISCLAIMED.
26 */
27
28 /* Bluetooth L2CAP sockets. */
29
30 #include <linux/security.h>
31 #include <linux/export.h>
32
33 #include <net/bluetooth/bluetooth.h>
34 #include <net/bluetooth/hci_core.h>
35 #include <net/bluetooth/l2cap.h>
36 #include <net/bluetooth/smp.h>
37
38 static const struct proto_ops l2cap_sock_ops;
39 static void l2cap_sock_init(struct sock *sk, struct sock *parent);
40 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio);
41
42 static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
43 {
44 struct sock *sk = sock->sk;
45 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
46 struct sockaddr_l2 la;
47 int len, err = 0;
48
49 BT_DBG("sk %p", sk);
50
51 if (!addr || addr->sa_family != AF_BLUETOOTH)
52 return -EINVAL;
53
54 memset(&la, 0, sizeof(la));
55 len = min_t(unsigned int, sizeof(la), alen);
56 memcpy(&la, addr, len);
57
58 if (la.l2_cid && la.l2_psm)
59 return -EINVAL;
60
61 lock_sock(sk);
62
63 if (sk->sk_state != BT_OPEN) {
64 err = -EBADFD;
65 goto done;
66 }
67
68 if (la.l2_psm) {
69 __u16 psm = __le16_to_cpu(la.l2_psm);
70
71 /* PSM must be odd and lsb of upper byte must be 0 */
72 if ((psm & 0x0101) != 0x0001) {
73 err = -EINVAL;
74 goto done;
75 }
76
77 /* Restrict usage of well-known PSMs */
78 if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) {
79 err = -EACCES;
80 goto done;
81 }
82 }
83
84 if (la.l2_cid)
85 err = l2cap_add_scid(chan, la.l2_cid);
86 else
87 err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
88
89 if (err < 0)
90 goto done;
91
92 if (__le16_to_cpu(la.l2_psm) == 0x0001 ||
93 __le16_to_cpu(la.l2_psm) == 0x0003)
94 chan->sec_level = BT_SECURITY_SDP;
95
96 bacpy(&bt_sk(sk)->src, &la.l2_bdaddr);
97
98 chan->state = BT_BOUND;
99 sk->sk_state = BT_BOUND;
100
101 done:
102 release_sock(sk);
103 return err;
104 }
105
106 static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
107 {
108 struct sock *sk = sock->sk;
109 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
110 struct sockaddr_l2 la;
111 int len, err = 0;
112
113 BT_DBG("sk %p", sk);
114
115 if (!addr || alen < sizeof(addr->sa_family) ||
116 addr->sa_family != AF_BLUETOOTH)
117 return -EINVAL;
118
119 memset(&la, 0, sizeof(la));
120 len = min_t(unsigned int, sizeof(la), alen);
121 memcpy(&la, addr, len);
122
123 if (la.l2_cid && la.l2_psm)
124 return -EINVAL;
125
126 err = l2cap_chan_connect(chan, la.l2_psm, la.l2_cid, &la.l2_bdaddr);
127 if (err)
128 return err;
129
130 lock_sock(sk);
131
132 err = bt_sock_wait_state(sk, BT_CONNECTED,
133 sock_sndtimeo(sk, flags & O_NONBLOCK));
134
135 release_sock(sk);
136
137 return err;
138 }
139
140 static int l2cap_sock_listen(struct socket *sock, int backlog)
141 {
142 struct sock *sk = sock->sk;
143 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
144 int err = 0;
145
146 BT_DBG("sk %p backlog %d", sk, backlog);
147
148 lock_sock(sk);
149
150 if ((sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM)
151 || sk->sk_state != BT_BOUND) {
152 err = -EBADFD;
153 goto done;
154 }
155
156 switch (chan->mode) {
157 case L2CAP_MODE_BASIC:
158 break;
159 case L2CAP_MODE_ERTM:
160 case L2CAP_MODE_STREAMING:
161 if (!disable_ertm)
162 break;
163 /* fall through */
164 default:
165 err = -ENOTSUPP;
166 goto done;
167 }
168
169 sk->sk_max_ack_backlog = backlog;
170 sk->sk_ack_backlog = 0;
171
172 chan->state = BT_LISTEN;
173 sk->sk_state = BT_LISTEN;
174
175 done:
176 release_sock(sk);
177 return err;
178 }
179
180 static int l2cap_sock_accept(struct socket *sock, struct socket *newsock, int flags)
181 {
182 DECLARE_WAITQUEUE(wait, current);
183 struct sock *sk = sock->sk, *nsk;
184 long timeo;
185 int err = 0;
186
187 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
188
189 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
190
191 BT_DBG("sk %p timeo %ld", sk, timeo);
192
193 /* Wait for an incoming connection. (wake-one). */
194 add_wait_queue_exclusive(sk_sleep(sk), &wait);
195 while (1) {
196 set_current_state(TASK_INTERRUPTIBLE);
197
198 if (sk->sk_state != BT_LISTEN) {
199 err = -EBADFD;
200 break;
201 }
202
203 nsk = bt_accept_dequeue(sk, newsock);
204 if (nsk)
205 break;
206
207 if (!timeo) {
208 err = -EAGAIN;
209 break;
210 }
211
212 if (signal_pending(current)) {
213 err = sock_intr_errno(timeo);
214 break;
215 }
216
217 release_sock(sk);
218 timeo = schedule_timeout(timeo);
219 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
220 }
221 __set_current_state(TASK_RUNNING);
222 remove_wait_queue(sk_sleep(sk), &wait);
223
224 if (err)
225 goto done;
226
227 newsock->state = SS_CONNECTED;
228
229 BT_DBG("new socket %p", nsk);
230
231 done:
232 release_sock(sk);
233 return err;
234 }
235
236 static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
237 {
238 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
239 struct sock *sk = sock->sk;
240 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
241
242 BT_DBG("sock %p, sk %p", sock, sk);
243
244 addr->sa_family = AF_BLUETOOTH;
245 *len = sizeof(struct sockaddr_l2);
246
247 if (peer) {
248 la->l2_psm = chan->psm;
249 bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst);
250 la->l2_cid = cpu_to_le16(chan->dcid);
251 } else {
252 la->l2_psm = chan->sport;
253 bacpy(&la->l2_bdaddr, &bt_sk(sk)->src);
254 la->l2_cid = cpu_to_le16(chan->scid);
255 }
256
257 return 0;
258 }
259
260 static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
261 {
262 struct sock *sk = sock->sk;
263 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
264 struct l2cap_options opts;
265 struct l2cap_conninfo cinfo;
266 int len, err = 0;
267 u32 opt;
268
269 BT_DBG("sk %p", sk);
270
271 if (get_user(len, optlen))
272 return -EFAULT;
273
274 lock_sock(sk);
275
276 switch (optname) {
277 case L2CAP_OPTIONS:
278 memset(&opts, 0, sizeof(opts));
279 opts.imtu = chan->imtu;
280 opts.omtu = chan->omtu;
281 opts.flush_to = chan->flush_to;
282 opts.mode = chan->mode;
283 opts.fcs = chan->fcs;
284 opts.max_tx = chan->max_tx;
285 opts.txwin_size = chan->tx_win;
286
287 len = min_t(unsigned int, len, sizeof(opts));
288 if (copy_to_user(optval, (char *) &opts, len))
289 err = -EFAULT;
290
291 break;
292
293 case L2CAP_LM:
294 switch (chan->sec_level) {
295 case BT_SECURITY_LOW:
296 opt = L2CAP_LM_AUTH;
297 break;
298 case BT_SECURITY_MEDIUM:
299 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT;
300 break;
301 case BT_SECURITY_HIGH:
302 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
303 L2CAP_LM_SECURE;
304 break;
305 default:
306 opt = 0;
307 break;
308 }
309
310 if (test_bit(FLAG_ROLE_SWITCH, &chan->flags))
311 opt |= L2CAP_LM_MASTER;
312
313 if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags))
314 opt |= L2CAP_LM_RELIABLE;
315
316 if (put_user(opt, (u32 __user *) optval))
317 err = -EFAULT;
318 break;
319
320 case L2CAP_CONNINFO:
321 if (sk->sk_state != BT_CONNECTED &&
322 !(sk->sk_state == BT_CONNECT2 &&
323 bt_sk(sk)->defer_setup)) {
324 err = -ENOTCONN;
325 break;
326 }
327
328 memset(&cinfo, 0, sizeof(cinfo));
329 cinfo.hci_handle = chan->conn->hcon->handle;
330 memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3);
331
332 len = min_t(unsigned int, len, sizeof(cinfo));
333 if (copy_to_user(optval, (char *) &cinfo, len))
334 err = -EFAULT;
335
336 break;
337
338 default:
339 err = -ENOPROTOOPT;
340 break;
341 }
342
343 release_sock(sk);
344 return err;
345 }
346
347 static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
348 {
349 struct sock *sk = sock->sk;
350 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
351 struct bt_security sec;
352 struct bt_power pwr;
353 int len, err = 0;
354
355 BT_DBG("sk %p", sk);
356
357 if (level == SOL_L2CAP)
358 return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
359
360 if (level != SOL_BLUETOOTH)
361 return -ENOPROTOOPT;
362
363 if (get_user(len, optlen))
364 return -EFAULT;
365
366 lock_sock(sk);
367
368 switch (optname) {
369 case BT_SECURITY:
370 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
371 chan->chan_type != L2CAP_CHAN_RAW) {
372 err = -EINVAL;
373 break;
374 }
375
376 memset(&sec, 0, sizeof(sec));
377 sec.level = chan->sec_level;
378
379 if (sk->sk_state == BT_CONNECTED)
380 sec.key_size = chan->conn->hcon->enc_key_size;
381
382 len = min_t(unsigned int, len, sizeof(sec));
383 if (copy_to_user(optval, (char *) &sec, len))
384 err = -EFAULT;
385
386 break;
387
388 case BT_DEFER_SETUP:
389 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
390 err = -EINVAL;
391 break;
392 }
393
394 if (put_user(bt_sk(sk)->defer_setup, (u32 __user *) optval))
395 err = -EFAULT;
396
397 break;
398
399 case BT_FLUSHABLE:
400 if (put_user(test_bit(FLAG_FLUSHABLE, &chan->flags),
401 (u32 __user *) optval))
402 err = -EFAULT;
403
404 break;
405
406 case BT_POWER:
407 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
408 && sk->sk_type != SOCK_RAW) {
409 err = -EINVAL;
410 break;
411 }
412
413 pwr.force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags);
414
415 len = min_t(unsigned int, len, sizeof(pwr));
416 if (copy_to_user(optval, (char *) &pwr, len))
417 err = -EFAULT;
418
419 break;
420
421 case BT_CHANNEL_POLICY:
422 if (!enable_hs) {
423 err = -ENOPROTOOPT;
424 break;
425 }
426
427 if (put_user(chan->chan_policy, (u32 __user *) optval))
428 err = -EFAULT;
429 break;
430
431 default:
432 err = -ENOPROTOOPT;
433 break;
434 }
435
436 release_sock(sk);
437 return err;
438 }
439
440 static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __user *optval, unsigned int optlen)
441 {
442 struct sock *sk = sock->sk;
443 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
444 struct l2cap_options opts;
445 int len, err = 0;
446 u32 opt;
447
448 BT_DBG("sk %p", sk);
449
450 lock_sock(sk);
451
452 switch (optname) {
453 case L2CAP_OPTIONS:
454 if (sk->sk_state == BT_CONNECTED) {
455 err = -EINVAL;
456 break;
457 }
458
459 opts.imtu = chan->imtu;
460 opts.omtu = chan->omtu;
461 opts.flush_to = chan->flush_to;
462 opts.mode = chan->mode;
463 opts.fcs = chan->fcs;
464 opts.max_tx = chan->max_tx;
465 opts.txwin_size = chan->tx_win;
466
467 len = min_t(unsigned int, sizeof(opts), optlen);
468 if (copy_from_user((char *) &opts, optval, len)) {
469 err = -EFAULT;
470 break;
471 }
472
473 if (opts.txwin_size > L2CAP_DEFAULT_EXT_WINDOW) {
474 err = -EINVAL;
475 break;
476 }
477
478 chan->mode = opts.mode;
479 switch (chan->mode) {
480 case L2CAP_MODE_BASIC:
481 clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);
482 break;
483 case L2CAP_MODE_ERTM:
484 case L2CAP_MODE_STREAMING:
485 if (!disable_ertm)
486 break;
487 /* fall through */
488 default:
489 err = -EINVAL;
490 break;
491 }
492
493 chan->imtu = opts.imtu;
494 chan->omtu = opts.omtu;
495 chan->fcs = opts.fcs;
496 chan->max_tx = opts.max_tx;
497 chan->tx_win = opts.txwin_size;
498 break;
499
500 case L2CAP_LM:
501 if (get_user(opt, (u32 __user *) optval)) {
502 err = -EFAULT;
503 break;
504 }
505
506 if (opt & L2CAP_LM_AUTH)
507 chan->sec_level = BT_SECURITY_LOW;
508 if (opt & L2CAP_LM_ENCRYPT)
509 chan->sec_level = BT_SECURITY_MEDIUM;
510 if (opt & L2CAP_LM_SECURE)
511 chan->sec_level = BT_SECURITY_HIGH;
512
513 if (opt & L2CAP_LM_MASTER)
514 set_bit(FLAG_ROLE_SWITCH, &chan->flags);
515 else
516 clear_bit(FLAG_ROLE_SWITCH, &chan->flags);
517
518 if (opt & L2CAP_LM_RELIABLE)
519 set_bit(FLAG_FORCE_RELIABLE, &chan->flags);
520 else
521 clear_bit(FLAG_FORCE_RELIABLE, &chan->flags);
522 break;
523
524 default:
525 err = -ENOPROTOOPT;
526 break;
527 }
528
529 release_sock(sk);
530 return err;
531 }
532
533 static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
534 {
535 struct sock *sk = sock->sk;
536 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
537 struct bt_security sec;
538 struct bt_power pwr;
539 struct l2cap_conn *conn;
540 int len, err = 0;
541 u32 opt;
542
543 BT_DBG("sk %p", sk);
544
545 if (level == SOL_L2CAP)
546 return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
547
548 if (level != SOL_BLUETOOTH)
549 return -ENOPROTOOPT;
550
551 lock_sock(sk);
552
553 switch (optname) {
554 case BT_SECURITY:
555 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
556 chan->chan_type != L2CAP_CHAN_RAW) {
557 err = -EINVAL;
558 break;
559 }
560
561 sec.level = BT_SECURITY_LOW;
562
563 len = min_t(unsigned int, sizeof(sec), optlen);
564 if (copy_from_user((char *) &sec, optval, len)) {
565 err = -EFAULT;
566 break;
567 }
568
569 if (sec.level < BT_SECURITY_LOW ||
570 sec.level > BT_SECURITY_HIGH) {
571 err = -EINVAL;
572 break;
573 }
574
575 chan->sec_level = sec.level;
576
577 if (!chan->conn)
578 break;
579
580 conn = chan->conn;
581
582 /*change security for LE channels */
583 if (chan->scid == L2CAP_CID_LE_DATA) {
584 if (!conn->hcon->out) {
585 err = -EINVAL;
586 break;
587 }
588
589 if (smp_conn_security(conn, sec.level))
590 break;
591 sk->sk_state = BT_CONFIG;
592 chan->state = BT_CONFIG;
593
594 /* or for ACL link, under defer_setup time */
595 } else if (sk->sk_state == BT_CONNECT2 &&
596 bt_sk(sk)->defer_setup) {
597 err = l2cap_chan_check_security(chan);
598 } else {
599 err = -EINVAL;
600 }
601 break;
602
603 case BT_DEFER_SETUP:
604 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
605 err = -EINVAL;
606 break;
607 }
608
609 if (get_user(opt, (u32 __user *) optval)) {
610 err = -EFAULT;
611 break;
612 }
613
614 bt_sk(sk)->defer_setup = opt;
615 break;
616
617 case BT_FLUSHABLE:
618 if (get_user(opt, (u32 __user *) optval)) {
619 err = -EFAULT;
620 break;
621 }
622
623 if (opt > BT_FLUSHABLE_ON) {
624 err = -EINVAL;
625 break;
626 }
627
628 if (opt == BT_FLUSHABLE_OFF) {
629 struct l2cap_conn *conn = chan->conn;
630 /* proceed further only when we have l2cap_conn and
631 No Flush support in the LM */
632 if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) {
633 err = -EINVAL;
634 break;
635 }
636 }
637
638 if (opt)
639 set_bit(FLAG_FLUSHABLE, &chan->flags);
640 else
641 clear_bit(FLAG_FLUSHABLE, &chan->flags);
642 break;
643
644 case BT_POWER:
645 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
646 chan->chan_type != L2CAP_CHAN_RAW) {
647 err = -EINVAL;
648 break;
649 }
650
651 pwr.force_active = BT_POWER_FORCE_ACTIVE_ON;
652
653 len = min_t(unsigned int, sizeof(pwr), optlen);
654 if (copy_from_user((char *) &pwr, optval, len)) {
655 err = -EFAULT;
656 break;
657 }
658
659 if (pwr.force_active)
660 set_bit(FLAG_FORCE_ACTIVE, &chan->flags);
661 else
662 clear_bit(FLAG_FORCE_ACTIVE, &chan->flags);
663 break;
664
665 case BT_CHANNEL_POLICY:
666 if (!enable_hs) {
667 err = -ENOPROTOOPT;
668 break;
669 }
670
671 if (get_user(opt, (u32 __user *) optval)) {
672 err = -EFAULT;
673 break;
674 }
675
676 if (opt > BT_CHANNEL_POLICY_AMP_PREFERRED) {
677 err = -EINVAL;
678 break;
679 }
680
681 if (chan->mode != L2CAP_MODE_ERTM &&
682 chan->mode != L2CAP_MODE_STREAMING) {
683 err = -EOPNOTSUPP;
684 break;
685 }
686
687 chan->chan_policy = (u8) opt;
688 break;
689
690 default:
691 err = -ENOPROTOOPT;
692 break;
693 }
694
695 release_sock(sk);
696 return err;
697 }
698
699 static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len)
700 {
701 struct sock *sk = sock->sk;
702 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
703 int err;
704
705 BT_DBG("sock %p, sk %p", sock, sk);
706
707 err = sock_error(sk);
708 if (err)
709 return err;
710
711 if (msg->msg_flags & MSG_OOB)
712 return -EOPNOTSUPP;
713
714 lock_sock(sk);
715
716 if (sk->sk_state != BT_CONNECTED) {
717 release_sock(sk);
718 return -ENOTCONN;
719 }
720
721 err = l2cap_chan_send(chan, msg, len, sk->sk_priority);
722
723 release_sock(sk);
724 return err;
725 }
726
727 static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len, int flags)
728 {
729 struct sock *sk = sock->sk;
730 struct l2cap_pinfo *pi = l2cap_pi(sk);
731 int err;
732
733 lock_sock(sk);
734
735 if (sk->sk_state == BT_CONNECT2 && bt_sk(sk)->defer_setup) {
736 sk->sk_state = BT_CONFIG;
737 pi->chan->state = BT_CONFIG;
738
739 __l2cap_connect_rsp_defer(pi->chan);
740 release_sock(sk);
741 return 0;
742 }
743
744 release_sock(sk);
745
746 if (sock->type == SOCK_STREAM)
747 err = bt_sock_stream_recvmsg(iocb, sock, msg, len, flags);
748 else
749 err = bt_sock_recvmsg(iocb, sock, msg, len, flags);
750
751 if (pi->chan->mode != L2CAP_MODE_ERTM)
752 return err;
753
754 /* Attempt to put pending rx data in the socket buffer */
755
756 lock_sock(sk);
757
758 if (!test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state))
759 goto done;
760
761 if (pi->rx_busy_skb) {
762 if (!sock_queue_rcv_skb(sk, pi->rx_busy_skb))
763 pi->rx_busy_skb = NULL;
764 else
765 goto done;
766 }
767
768 /* Restore data flow when half of the receive buffer is
769 * available. This avoids resending large numbers of
770 * frames.
771 */
772 if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1)
773 l2cap_chan_busy(pi->chan, 0);
774
775 done:
776 release_sock(sk);
777 return err;
778 }
779
780 /* Kill socket (only if zapped and orphan)
781 * Must be called on unlocked socket.
782 */
783 static void l2cap_sock_kill(struct sock *sk)
784 {
785 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
786 return;
787
788 BT_DBG("sk %p state %s", sk, state_to_string(sk->sk_state));
789
790 /* Kill poor orphan */
791
792 l2cap_chan_destroy(l2cap_pi(sk)->chan);
793 sock_set_flag(sk, SOCK_DEAD);
794 sock_put(sk);
795 }
796
797 static int l2cap_sock_shutdown(struct socket *sock, int how)
798 {
799 struct sock *sk = sock->sk;
800 struct l2cap_chan *chan;
801 struct l2cap_conn *conn;
802 int err = 0;
803
804 BT_DBG("sock %p, sk %p", sock, sk);
805
806 if (!sk)
807 return 0;
808
809 chan = l2cap_pi(sk)->chan;
810 conn = chan->conn;
811
812 if (conn)
813 mutex_lock(&conn->chan_lock);
814
815 l2cap_chan_lock(chan);
816 lock_sock(sk);
817
818 if (!sk->sk_shutdown) {
819 if (chan->mode == L2CAP_MODE_ERTM)
820 err = __l2cap_wait_ack(sk);
821
822 sk->sk_shutdown = SHUTDOWN_MASK;
823
824 release_sock(sk);
825 l2cap_chan_close(chan, 0);
826 lock_sock(sk);
827
828 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
829 err = bt_sock_wait_state(sk, BT_CLOSED,
830 sk->sk_lingertime);
831 }
832
833 if (!err && sk->sk_err)
834 err = -sk->sk_err;
835
836 release_sock(sk);
837 l2cap_chan_unlock(chan);
838
839 if (conn)
840 mutex_unlock(&conn->chan_lock);
841
842 return err;
843 }
844
845 static int l2cap_sock_release(struct socket *sock)
846 {
847 struct sock *sk = sock->sk;
848 int err;
849
850 BT_DBG("sock %p, sk %p", sock, sk);
851
852 if (!sk)
853 return 0;
854
855 err = l2cap_sock_shutdown(sock, 2);
856
857 sock_orphan(sk);
858 l2cap_sock_kill(sk);
859 return err;
860 }
861
862 static struct l2cap_chan *l2cap_sock_new_connection_cb(void *data)
863 {
864 struct sock *sk, *parent = data;
865
866 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP,
867 GFP_ATOMIC);
868 if (!sk)
869 return NULL;
870
871 bt_sock_reclassify_lock(sk, BTPROTO_L2CAP);
872
873 l2cap_sock_init(sk, parent);
874
875 return l2cap_pi(sk)->chan;
876 }
877
878 static int l2cap_sock_recv_cb(void *data, struct sk_buff *skb)
879 {
880 int err;
881 struct sock *sk = data;
882 struct l2cap_pinfo *pi = l2cap_pi(sk);
883
884 lock_sock(sk);
885
886 if (pi->rx_busy_skb) {
887 err = -ENOMEM;
888 goto done;
889 }
890
891 err = sock_queue_rcv_skb(sk, skb);
892
893 /* For ERTM, handle one skb that doesn't fit into the recv
894 * buffer. This is important to do because the data frames
895 * have already been acked, so the skb cannot be discarded.
896 *
897 * Notify the l2cap core that the buffer is full, so the
898 * LOCAL_BUSY state is entered and no more frames are
899 * acked and reassembled until there is buffer space
900 * available.
901 */
902 if (err < 0 && pi->chan->mode == L2CAP_MODE_ERTM) {
903 pi->rx_busy_skb = skb;
904 l2cap_chan_busy(pi->chan, 1);
905 err = 0;
906 }
907
908 done:
909 release_sock(sk);
910
911 return err;
912 }
913
914 static void l2cap_sock_close_cb(void *data)
915 {
916 struct sock *sk = data;
917
918 l2cap_sock_kill(sk);
919 }
920
921 static void l2cap_sock_state_change_cb(void *data, int state)
922 {
923 struct sock *sk = data;
924
925 sk->sk_state = state;
926 }
927
928 static struct sk_buff *l2cap_sock_alloc_skb_cb(struct l2cap_chan *chan,
929 unsigned long len, int nb,
930 int *err)
931 {
932 struct sock *sk = chan->sk;
933
934 return bt_skb_send_alloc(sk, len, nb, err);
935 }
936
937 static struct l2cap_ops l2cap_chan_ops = {
938 .name = "L2CAP Socket Interface",
939 .new_connection = l2cap_sock_new_connection_cb,
940 .recv = l2cap_sock_recv_cb,
941 .close = l2cap_sock_close_cb,
942 .state_change = l2cap_sock_state_change_cb,
943 .alloc_skb = l2cap_sock_alloc_skb_cb,
944 };
945
946 static void l2cap_sock_destruct(struct sock *sk)
947 {
948 BT_DBG("sk %p", sk);
949
950 if (l2cap_pi(sk)->rx_busy_skb) {
951 kfree_skb(l2cap_pi(sk)->rx_busy_skb);
952 l2cap_pi(sk)->rx_busy_skb = NULL;
953 }
954
955 skb_queue_purge(&sk->sk_receive_queue);
956 skb_queue_purge(&sk->sk_write_queue);
957 }
958
959 static void l2cap_sock_init(struct sock *sk, struct sock *parent)
960 {
961 struct l2cap_pinfo *pi = l2cap_pi(sk);
962 struct l2cap_chan *chan = pi->chan;
963
964 BT_DBG("sk %p", sk);
965
966 if (parent) {
967 struct l2cap_chan *pchan = l2cap_pi(parent)->chan;
968
969 sk->sk_type = parent->sk_type;
970 bt_sk(sk)->defer_setup = bt_sk(parent)->defer_setup;
971
972 chan->chan_type = pchan->chan_type;
973 chan->imtu = pchan->imtu;
974 chan->omtu = pchan->omtu;
975 chan->conf_state = pchan->conf_state;
976 chan->mode = pchan->mode;
977 chan->fcs = pchan->fcs;
978 chan->max_tx = pchan->max_tx;
979 chan->tx_win = pchan->tx_win;
980 chan->tx_win_max = pchan->tx_win_max;
981 chan->sec_level = pchan->sec_level;
982 chan->flags = pchan->flags;
983
984 security_sk_clone(parent, sk);
985 } else {
986
987 switch (sk->sk_type) {
988 case SOCK_RAW:
989 chan->chan_type = L2CAP_CHAN_RAW;
990 break;
991 case SOCK_DGRAM:
992 chan->chan_type = L2CAP_CHAN_CONN_LESS;
993 break;
994 case SOCK_SEQPACKET:
995 case SOCK_STREAM:
996 chan->chan_type = L2CAP_CHAN_CONN_ORIENTED;
997 break;
998 }
999
1000 chan->imtu = L2CAP_DEFAULT_MTU;
1001 chan->omtu = 0;
1002 if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
1003 chan->mode = L2CAP_MODE_ERTM;
1004 set_bit(CONF_STATE2_DEVICE, &chan->conf_state);
1005 } else {
1006 chan->mode = L2CAP_MODE_BASIC;
1007 }
1008 chan->max_tx = L2CAP_DEFAULT_MAX_TX;
1009 chan->fcs = L2CAP_FCS_CRC16;
1010 chan->tx_win = L2CAP_DEFAULT_TX_WINDOW;
1011 chan->tx_win_max = L2CAP_DEFAULT_TX_WINDOW;
1012 chan->sec_level = BT_SECURITY_LOW;
1013 chan->flags = 0;
1014 set_bit(FLAG_FORCE_ACTIVE, &chan->flags);
1015 }
1016
1017 /* Default config options */
1018 chan->flush_to = L2CAP_DEFAULT_FLUSH_TO;
1019
1020 chan->data = sk;
1021 chan->ops = &l2cap_chan_ops;
1022 }
1023
1024 static struct proto l2cap_proto = {
1025 .name = "L2CAP",
1026 .owner = THIS_MODULE,
1027 .obj_size = sizeof(struct l2cap_pinfo)
1028 };
1029
1030 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
1031 {
1032 struct sock *sk;
1033 struct l2cap_chan *chan;
1034
1035 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
1036 if (!sk)
1037 return NULL;
1038
1039 sock_init_data(sock, sk);
1040 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
1041
1042 sk->sk_destruct = l2cap_sock_destruct;
1043 sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;
1044
1045 sock_reset_flag(sk, SOCK_ZAPPED);
1046
1047 sk->sk_protocol = proto;
1048 sk->sk_state = BT_OPEN;
1049
1050 chan = l2cap_chan_create(sk);
1051 if (!chan) {
1052 l2cap_sock_kill(sk);
1053 return NULL;
1054 }
1055
1056 l2cap_pi(sk)->chan = chan;
1057
1058 return sk;
1059 }
1060
1061 static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
1062 int kern)
1063 {
1064 struct sock *sk;
1065
1066 BT_DBG("sock %p", sock);
1067
1068 sock->state = SS_UNCONNECTED;
1069
1070 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
1071 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
1072 return -ESOCKTNOSUPPORT;
1073
1074 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
1075 return -EPERM;
1076
1077 sock->ops = &l2cap_sock_ops;
1078
1079 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
1080 if (!sk)
1081 return -ENOMEM;
1082
1083 l2cap_sock_init(sk, NULL);
1084 return 0;
1085 }
1086
1087 static const struct proto_ops l2cap_sock_ops = {
1088 .family = PF_BLUETOOTH,
1089 .owner = THIS_MODULE,
1090 .release = l2cap_sock_release,
1091 .bind = l2cap_sock_bind,
1092 .connect = l2cap_sock_connect,
1093 .listen = l2cap_sock_listen,
1094 .accept = l2cap_sock_accept,
1095 .getname = l2cap_sock_getname,
1096 .sendmsg = l2cap_sock_sendmsg,
1097 .recvmsg = l2cap_sock_recvmsg,
1098 .poll = bt_sock_poll,
1099 .ioctl = bt_sock_ioctl,
1100 .mmap = sock_no_mmap,
1101 .socketpair = sock_no_socketpair,
1102 .shutdown = l2cap_sock_shutdown,
1103 .setsockopt = l2cap_sock_setsockopt,
1104 .getsockopt = l2cap_sock_getsockopt
1105 };
1106
1107 static const struct net_proto_family l2cap_sock_family_ops = {
1108 .family = PF_BLUETOOTH,
1109 .owner = THIS_MODULE,
1110 .create = l2cap_sock_create,
1111 };
1112
1113 int __init l2cap_init_sockets(void)
1114 {
1115 int err;
1116
1117 err = proto_register(&l2cap_proto, 0);
1118 if (err < 0)
1119 return err;
1120
1121 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
1122 if (err < 0)
1123 goto error;
1124
1125 BT_INFO("L2CAP socket layer initialized");
1126
1127 return 0;
1128
1129 error:
1130 BT_ERR("L2CAP socket registration failed");
1131 proto_unregister(&l2cap_proto);
1132 return err;
1133 }
1134
1135 void l2cap_cleanup_sockets(void)
1136 {
1137 if (bt_sock_unregister(BTPROTO_L2CAP) < 0)
1138 BT_ERR("L2CAP socket unregistration failed");
1139
1140 proto_unregister(&l2cap_proto);
1141 }
Linux kernel - Deliverables
This page took 0.06821 seconds and 6 git commands to generate.