Gitiles
Code Review Sign In
review.evervolv.com / android_kernel_oneplus_msm8996 / acd7d3708555b3da7522e23c183cc21efc785f72 / . / net / bluetooth / l2cap_sock.c
blob: f45d361e84d157b27e93618f78c83d3daadd692e [file] [log] [blame]
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]1/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
6
7 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License version 2 as
11 published by the Free Software Foundation;
12
13 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
14 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
16 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
17 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
18 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
19 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
20 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
21
22 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
23 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
24 SOFTWARE IS DISCLAIMED.
25*/
26
27/* Bluetooth L2CAP sockets. */
28
29#include <net/bluetooth/bluetooth.h>
Gustavo F. Padovan33575df2011-02-04 02:48:48 -0200[diff] [blame]30#include <net/bluetooth/hci_core.h>
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]31#include <net/bluetooth/l2cap.h>
32
Gustavo F. Padovan6ddc0482011-02-04 03:23:31 -0200[diff] [blame]33/* ---- L2CAP timers ---- */
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]34static void l2cap_sock_timeout(unsigned long arg)
35{
36 struct sock *sk = (struct sock *) arg;
37 int reason;
38
39 BT_DBG("sock %p state %d", sk, sk->sk_state);
40
41 bh_lock_sock(sk);
42
43 if (sock_owned_by_user(sk)) {
44 /* sk is owned by user. Try again later */
45 l2cap_sock_set_timer(sk, HZ / 5);
46 bh_unlock_sock(sk);
47 sock_put(sk);
48 return;
49 }
50
51 if (sk->sk_state == BT_CONNECTED || sk->sk_state == BT_CONFIG)
52 reason = ECONNREFUSED;
53 else if (sk->sk_state == BT_CONNECT &&
54 l2cap_pi(sk)->sec_level != BT_SECURITY_SDP)
55 reason = ECONNREFUSED;
56 else
57 reason = ETIMEDOUT;
58
59 __l2cap_sock_close(sk, reason);
60
61 bh_unlock_sock(sk);
62
63 l2cap_sock_kill(sk);
64 sock_put(sk);
65}
66
Gustavo F. Padovan6ddc0482011-02-04 03:23:31 -0200[diff] [blame]67void l2cap_sock_set_timer(struct sock *sk, long timeout)
68{
69 BT_DBG("sk %p state %d timeout %ld", sk, sk->sk_state, timeout);
70 sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout);
71}
72
73void l2cap_sock_clear_timer(struct sock *sk)
74{
75 BT_DBG("sock %p state %d", sk, sk->sk_state);
76 sk_stop_timer(sk, &sk->sk_timer);
77}
78
Gustavo F. Padovanaf6bcd82011-02-04 02:40:28 -0200[diff] [blame]79static struct sock *__l2cap_get_sock_by_addr(__le16 psm, bdaddr_t *src)
80{
81 struct sock *sk;
82 struct hlist_node *node;
83 sk_for_each(sk, node, &l2cap_sk_list.head)
84 if (l2cap_pi(sk)->sport == psm && !bacmp(&bt_sk(sk)->src, src))
85 goto found;
86 sk = NULL;
87found:
88 return sk;
89}
90
91static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
92{
93 struct sock *sk = sock->sk;
94 struct sockaddr_l2 la;
95 int len, err = 0;
96
97 BT_DBG("sk %p", sk);
98
99 if (!addr || addr->sa_family != AF_BLUETOOTH)
100 return -EINVAL;
101
102 memset(&la, 0, sizeof(la));
103 len = min_t(unsigned int, sizeof(la), alen);
104 memcpy(&la, addr, len);
105
106 if (la.l2_cid)
107 return -EINVAL;
108
109 lock_sock(sk);
110
111 if (sk->sk_state != BT_OPEN) {
112 err = -EBADFD;
113 goto done;
114 }
115
116 if (la.l2_psm) {
117 __u16 psm = __le16_to_cpu(la.l2_psm);
118
119 /* PSM must be odd and lsb of upper byte must be 0 */
120 if ((psm & 0x0101) != 0x0001) {
121 err = -EINVAL;
122 goto done;
123 }
124
125 /* Restrict usage of well-known PSMs */
126 if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) {
127 err = -EACCES;
128 goto done;
129 }
130 }
131
132 write_lock_bh(&l2cap_sk_list.lock);
133
134 if (la.l2_psm && __l2cap_get_sock_by_addr(la.l2_psm, &la.l2_bdaddr)) {
135 err = -EADDRINUSE;
136 } else {
137 /* Save source address */
138 bacpy(&bt_sk(sk)->src, &la.l2_bdaddr);
139 l2cap_pi(sk)->psm = la.l2_psm;
140 l2cap_pi(sk)->sport = la.l2_psm;
141 sk->sk_state = BT_BOUND;
142
143 if (__le16_to_cpu(la.l2_psm) == 0x0001 ||
144 __le16_to_cpu(la.l2_psm) == 0x0003)
145 l2cap_pi(sk)->sec_level = BT_SECURITY_SDP;
146 }
147
148 write_unlock_bh(&l2cap_sk_list.lock);
149
150done:
151 release_sock(sk);
152 return err;
153}
154
Gustavo F. Padovan4e34c502011-02-04 02:56:13 -0200[diff] [blame]155static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
156{
157 struct sock *sk = sock->sk;
158 struct sockaddr_l2 la;
159 int len, err = 0;
160
161 BT_DBG("sk %p", sk);
162
163 if (!addr || alen < sizeof(addr->sa_family) ||
164 addr->sa_family != AF_BLUETOOTH)
165 return -EINVAL;
166
167 memset(&la, 0, sizeof(la));
168 len = min_t(unsigned int, sizeof(la), alen);
169 memcpy(&la, addr, len);
170
Ville Tervoacd7d372011-02-10 22:38:49 -0300[diff] [blame^]171 if (la.l2_cid && la.l2_psm)
Gustavo F. Padovan4e34c502011-02-04 02:56:13 -0200[diff] [blame]172 return -EINVAL;
173
174 lock_sock(sk);
175
176 if ((sk->sk_type == SOCK_SEQPACKET || sk->sk_type == SOCK_STREAM)
Ville Tervoacd7d372011-02-10 22:38:49 -0300[diff] [blame^]177 && !(la.l2_psm || la.l2_cid)) {
Gustavo F. Padovan4e34c502011-02-04 02:56:13 -0200[diff] [blame]178 err = -EINVAL;
179 goto done;
180 }
181
182 switch (l2cap_pi(sk)->mode) {
183 case L2CAP_MODE_BASIC:
184 break;
185 case L2CAP_MODE_ERTM:
186 case L2CAP_MODE_STREAMING:
187 if (!disable_ertm)
188 break;
189 /* fall through */
190 default:
191 err = -ENOTSUPP;
192 goto done;
193 }
194
195 switch (sk->sk_state) {
196 case BT_CONNECT:
197 case BT_CONNECT2:
198 case BT_CONFIG:
199 /* Already connecting */
200 goto wait;
201
202 case BT_CONNECTED:
203 /* Already connected */
204 err = -EISCONN;
205 goto done;
206
207 case BT_OPEN:
208 case BT_BOUND:
209 /* Can connect */
210 break;
211
212 default:
213 err = -EBADFD;
214 goto done;
215 }
216
217 /* PSM must be odd and lsb of upper byte must be 0 */
218 if ((__le16_to_cpu(la.l2_psm) & 0x0101) != 0x0001 &&
Ville Tervoacd7d372011-02-10 22:38:49 -0300[diff] [blame^]219 sk->sk_type != SOCK_RAW && !la.l2_cid) {
Gustavo F. Padovan4e34c502011-02-04 02:56:13 -0200[diff] [blame]220 err = -EINVAL;
221 goto done;
222 }
223
224 /* Set destination address and psm */
225 bacpy(&bt_sk(sk)->dst, &la.l2_bdaddr);
226 l2cap_pi(sk)->psm = la.l2_psm;
Ville Tervoacd7d372011-02-10 22:38:49 -0300[diff] [blame^]227 l2cap_pi(sk)->dcid = la.l2_cid;
Gustavo F. Padovan4e34c502011-02-04 02:56:13 -0200[diff] [blame]228
229 err = l2cap_do_connect(sk);
230 if (err)
231 goto done;
232
233wait:
234 err = bt_sock_wait_state(sk, BT_CONNECTED,
235 sock_sndtimeo(sk, flags & O_NONBLOCK));
236done:
237 release_sock(sk);
238 return err;
239}
240
Gustavo F. Padovanaf6bcd82011-02-04 02:40:28 -0200[diff] [blame]241static int l2cap_sock_listen(struct socket *sock, int backlog)
242{
243 struct sock *sk = sock->sk;
244 int err = 0;
245
246 BT_DBG("sk %p backlog %d", sk, backlog);
247
248 lock_sock(sk);
249
250 if ((sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM)
251 || sk->sk_state != BT_BOUND) {
252 err = -EBADFD;
253 goto done;
254 }
255
256 switch (l2cap_pi(sk)->mode) {
257 case L2CAP_MODE_BASIC:
258 break;
259 case L2CAP_MODE_ERTM:
260 case L2CAP_MODE_STREAMING:
261 if (!disable_ertm)
262 break;
263 /* fall through */
264 default:
265 err = -ENOTSUPP;
266 goto done;
267 }
268
269 if (!l2cap_pi(sk)->psm) {
270 bdaddr_t *src = &bt_sk(sk)->src;
271 u16 psm;
272
273 err = -EINVAL;
274
275 write_lock_bh(&l2cap_sk_list.lock);
276
277 for (psm = 0x1001; psm < 0x1100; psm += 2)
278 if (!__l2cap_get_sock_by_addr(cpu_to_le16(psm), src)) {
279 l2cap_pi(sk)->psm = cpu_to_le16(psm);
280 l2cap_pi(sk)->sport = cpu_to_le16(psm);
281 err = 0;
282 break;
283 }
284
285 write_unlock_bh(&l2cap_sk_list.lock);
286
287 if (err < 0)
288 goto done;
289 }
290
291 sk->sk_max_ack_backlog = backlog;
292 sk->sk_ack_backlog = 0;
293 sk->sk_state = BT_LISTEN;
294
295done:
296 release_sock(sk);
297 return err;
298}
299
Gustavo F. Padovanc47b7c72011-02-04 02:42:23 -0200[diff] [blame]300static int l2cap_sock_accept(struct socket *sock, struct socket *newsock, int flags)
301{
302 DECLARE_WAITQUEUE(wait, current);
303 struct sock *sk = sock->sk, *nsk;
304 long timeo;
305 int err = 0;
306
307 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
308
309 if (sk->sk_state != BT_LISTEN) {
310 err = -EBADFD;
311 goto done;
312 }
313
314 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
315
316 BT_DBG("sk %p timeo %ld", sk, timeo);
317
318 /* Wait for an incoming connection. (wake-one). */
319 add_wait_queue_exclusive(sk_sleep(sk), &wait);
320 while (!(nsk = bt_accept_dequeue(sk, newsock))) {
321 set_current_state(TASK_INTERRUPTIBLE);
322 if (!timeo) {
323 err = -EAGAIN;
324 break;
325 }
326
327 release_sock(sk);
328 timeo = schedule_timeout(timeo);
329 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
330
331 if (sk->sk_state != BT_LISTEN) {
332 err = -EBADFD;
333 break;
334 }
335
336 if (signal_pending(current)) {
337 err = sock_intr_errno(timeo);
338 break;
339 }
340 }
341 set_current_state(TASK_RUNNING);
342 remove_wait_queue(sk_sleep(sk), &wait);
343
344 if (err)
345 goto done;
346
347 newsock->state = SS_CONNECTED;
348
349 BT_DBG("new socket %p", nsk);
350
351done:
352 release_sock(sk);
353 return err;
354}
355
Gustavo F. Padovand7175d52011-02-04 02:43:46 -0200[diff] [blame]356static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
357{
358 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
359 struct sock *sk = sock->sk;
360
361 BT_DBG("sock %p, sk %p", sock, sk);
362
363 addr->sa_family = AF_BLUETOOTH;
364 *len = sizeof(struct sockaddr_l2);
365
366 if (peer) {
367 la->l2_psm = l2cap_pi(sk)->psm;
368 bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst);
369 la->l2_cid = cpu_to_le16(l2cap_pi(sk)->dcid);
370 } else {
371 la->l2_psm = l2cap_pi(sk)->sport;
372 bacpy(&la->l2_bdaddr, &bt_sk(sk)->src);
373 la->l2_cid = cpu_to_le16(l2cap_pi(sk)->scid);
374 }
375
376 return 0;
377}
378
Gustavo F. Padovan99f48082011-02-04 02:52:55 -0200[diff] [blame]379static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
380{
381 struct sock *sk = sock->sk;
382 struct l2cap_options opts;
383 struct l2cap_conninfo cinfo;
384 int len, err = 0;
385 u32 opt;
386
387 BT_DBG("sk %p", sk);
388
389 if (get_user(len, optlen))
390 return -EFAULT;
391
392 lock_sock(sk);
393
394 switch (optname) {
395 case L2CAP_OPTIONS:
Vasiliy Kulikove3fb5922011-02-10 20:59:42 +0300[diff] [blame]396 memset(&opts, 0, sizeof(opts));
Gustavo F. Padovan99f48082011-02-04 02:52:55 -0200[diff] [blame]397 opts.imtu = l2cap_pi(sk)->imtu;
398 opts.omtu = l2cap_pi(sk)->omtu;
399 opts.flush_to = l2cap_pi(sk)->flush_to;
400 opts.mode = l2cap_pi(sk)->mode;
401 opts.fcs = l2cap_pi(sk)->fcs;
402 opts.max_tx = l2cap_pi(sk)->max_tx;
403 opts.txwin_size = (__u16)l2cap_pi(sk)->tx_win;
404
405 len = min_t(unsigned int, len, sizeof(opts));
406 if (copy_to_user(optval, (char *) &opts, len))
407 err = -EFAULT;
408
409 break;
410
411 case L2CAP_LM:
412 switch (l2cap_pi(sk)->sec_level) {
413 case BT_SECURITY_LOW:
414 opt = L2CAP_LM_AUTH;
415 break;
416 case BT_SECURITY_MEDIUM:
417 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT;
418 break;
419 case BT_SECURITY_HIGH:
420 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
421 L2CAP_LM_SECURE;
422 break;
423 default:
424 opt = 0;
425 break;
426 }
427
428 if (l2cap_pi(sk)->role_switch)
429 opt |= L2CAP_LM_MASTER;
430
431 if (l2cap_pi(sk)->force_reliable)
432 opt |= L2CAP_LM_RELIABLE;
433
434 if (put_user(opt, (u32 __user *) optval))
435 err = -EFAULT;
436 break;
437
438 case L2CAP_CONNINFO:
439 if (sk->sk_state != BT_CONNECTED &&
440 !(sk->sk_state == BT_CONNECT2 &&
441 bt_sk(sk)->defer_setup)) {
442 err = -ENOTCONN;
443 break;
444 }
445
446 cinfo.hci_handle = l2cap_pi(sk)->conn->hcon->handle;
447 memcpy(cinfo.dev_class, l2cap_pi(sk)->conn->hcon->dev_class, 3);
448
449 len = min_t(unsigned int, len, sizeof(cinfo));
450 if (copy_to_user(optval, (char *) &cinfo, len))
451 err = -EFAULT;
452
453 break;
454
455 default:
456 err = -ENOPROTOOPT;
457 break;
458 }
459
460 release_sock(sk);
461 return err;
462}
463
464static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
465{
466 struct sock *sk = sock->sk;
467 struct bt_security sec;
468 int len, err = 0;
469
470 BT_DBG("sk %p", sk);
471
472 if (level == SOL_L2CAP)
473 return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
474
475 if (level != SOL_BLUETOOTH)
476 return -ENOPROTOOPT;
477
478 if (get_user(len, optlen))
479 return -EFAULT;
480
481 lock_sock(sk);
482
483 switch (optname) {
484 case BT_SECURITY:
485 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
486 && sk->sk_type != SOCK_RAW) {
487 err = -EINVAL;
488 break;
489 }
490
491 sec.level = l2cap_pi(sk)->sec_level;
492
493 len = min_t(unsigned int, len, sizeof(sec));
494 if (copy_to_user(optval, (char *) &sec, len))
495 err = -EFAULT;
496
497 break;
498
499 case BT_DEFER_SETUP:
500 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
501 err = -EINVAL;
502 break;
503 }
504
505 if (put_user(bt_sk(sk)->defer_setup, (u32 __user *) optval))
506 err = -EFAULT;
507
508 break;
509
510 case BT_FLUSHABLE:
511 if (put_user(l2cap_pi(sk)->flushable, (u32 __user *) optval))
512 err = -EFAULT;
513
514 break;
515
516 default:
517 err = -ENOPROTOOPT;
518 break;
519 }
520
521 release_sock(sk);
522 return err;
523}
524
Gustavo F. Padovan33575df2011-02-04 02:48:48 -0200[diff] [blame]525static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __user *optval, unsigned int optlen)
526{
527 struct sock *sk = sock->sk;
528 struct l2cap_options opts;
529 int len, err = 0;
530 u32 opt;
531
532 BT_DBG("sk %p", sk);
533
534 lock_sock(sk);
535
536 switch (optname) {
537 case L2CAP_OPTIONS:
538 if (sk->sk_state == BT_CONNECTED) {
539 err = -EINVAL;
540 break;
541 }
542
543 opts.imtu = l2cap_pi(sk)->imtu;
544 opts.omtu = l2cap_pi(sk)->omtu;
545 opts.flush_to = l2cap_pi(sk)->flush_to;
546 opts.mode = l2cap_pi(sk)->mode;
547 opts.fcs = l2cap_pi(sk)->fcs;
548 opts.max_tx = l2cap_pi(sk)->max_tx;
549 opts.txwin_size = (__u16)l2cap_pi(sk)->tx_win;
550
551 len = min_t(unsigned int, sizeof(opts), optlen);
552 if (copy_from_user((char *) &opts, optval, len)) {
553 err = -EFAULT;
554 break;
555 }
556
557 if (opts.txwin_size > L2CAP_DEFAULT_TX_WINDOW) {
558 err = -EINVAL;
559 break;
560 }
561
562 l2cap_pi(sk)->mode = opts.mode;
563 switch (l2cap_pi(sk)->mode) {
564 case L2CAP_MODE_BASIC:
565 l2cap_pi(sk)->conf_state &= ~L2CAP_CONF_STATE2_DEVICE;
566 break;
567 case L2CAP_MODE_ERTM:
568 case L2CAP_MODE_STREAMING:
569 if (!disable_ertm)
570 break;
571 /* fall through */
572 default:
573 err = -EINVAL;
574 break;
575 }
576
577 l2cap_pi(sk)->imtu = opts.imtu;
578 l2cap_pi(sk)->omtu = opts.omtu;
579 l2cap_pi(sk)->fcs = opts.fcs;
580 l2cap_pi(sk)->max_tx = opts.max_tx;
581 l2cap_pi(sk)->tx_win = (__u8)opts.txwin_size;
582 break;
583
584 case L2CAP_LM:
585 if (get_user(opt, (u32 __user *) optval)) {
586 err = -EFAULT;
587 break;
588 }
589
590 if (opt & L2CAP_LM_AUTH)
591 l2cap_pi(sk)->sec_level = BT_SECURITY_LOW;
592 if (opt & L2CAP_LM_ENCRYPT)
593 l2cap_pi(sk)->sec_level = BT_SECURITY_MEDIUM;
594 if (opt & L2CAP_LM_SECURE)
595 l2cap_pi(sk)->sec_level = BT_SECURITY_HIGH;
596
597 l2cap_pi(sk)->role_switch = (opt & L2CAP_LM_MASTER);
598 l2cap_pi(sk)->force_reliable = (opt & L2CAP_LM_RELIABLE);
599 break;
600
601 default:
602 err = -ENOPROTOOPT;
603 break;
604 }
605
606 release_sock(sk);
607 return err;
608}
609
610static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
611{
612 struct sock *sk = sock->sk;
613 struct bt_security sec;
614 int len, err = 0;
615 u32 opt;
616
617 BT_DBG("sk %p", sk);
618
619 if (level == SOL_L2CAP)
620 return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
621
622 if (level != SOL_BLUETOOTH)
623 return -ENOPROTOOPT;
624
625 lock_sock(sk);
626
627 switch (optname) {
628 case BT_SECURITY:
629 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
630 && sk->sk_type != SOCK_RAW) {
631 err = -EINVAL;
632 break;
633 }
634
635 sec.level = BT_SECURITY_LOW;
636
637 len = min_t(unsigned int, sizeof(sec), optlen);
638 if (copy_from_user((char *) &sec, optval, len)) {
639 err = -EFAULT;
640 break;
641 }
642
643 if (sec.level < BT_SECURITY_LOW ||
644 sec.level > BT_SECURITY_HIGH) {
645 err = -EINVAL;
646 break;
647 }
648
649 l2cap_pi(sk)->sec_level = sec.level;
650 break;
651
652 case BT_DEFER_SETUP:
653 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
654 err = -EINVAL;
655 break;
656 }
657
658 if (get_user(opt, (u32 __user *) optval)) {
659 err = -EFAULT;
660 break;
661 }
662
663 bt_sk(sk)->defer_setup = opt;
664 break;
665
666 case BT_FLUSHABLE:
667 if (get_user(opt, (u32 __user *) optval)) {
668 err = -EFAULT;
669 break;
670 }
671
672 if (opt > BT_FLUSHABLE_ON) {
673 err = -EINVAL;
674 break;
675 }
676
677 if (opt == BT_FLUSHABLE_OFF) {
678 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
679 /* proceed futher only when we have l2cap_conn and
680 No Flush support in the LM */
681 if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) {
682 err = -EINVAL;
683 break;
684 }
685 }
686
687 l2cap_pi(sk)->flushable = opt;
688 break;
689
690 default:
691 err = -ENOPROTOOPT;
692 break;
693 }
694
695 release_sock(sk);
696 return err;
697}
698
Gustavo F. Padovanfd83ccd2011-02-04 03:20:52 -0200[diff] [blame]699static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len)
700{
701 struct sock *sk = sock->sk;
702 struct l2cap_pinfo *pi = l2cap_pi(sk);
703 struct sk_buff *skb;
704 u16 control;
705 int err;
706
707 BT_DBG("sock %p, sk %p", sock, sk);
708
709 err = sock_error(sk);
710 if (err)
711 return err;
712
713 if (msg->msg_flags & MSG_OOB)
714 return -EOPNOTSUPP;
715
716 lock_sock(sk);
717
718 if (sk->sk_state != BT_CONNECTED) {
719 err = -ENOTCONN;
720 goto done;
721 }
722
723 /* Connectionless channel */
724 if (sk->sk_type == SOCK_DGRAM) {
725 skb = l2cap_create_connless_pdu(sk, msg, len);
726 if (IS_ERR(skb)) {
727 err = PTR_ERR(skb);
728 } else {
729 l2cap_do_send(sk, skb);
730 err = len;
731 }
732 goto done;
733 }
734
735 switch (pi->mode) {
736 case L2CAP_MODE_BASIC:
737 /* Check outgoing MTU */
738 if (len > pi->omtu) {
739 err = -EMSGSIZE;
740 goto done;
741 }
742
743 /* Create a basic PDU */
744 skb = l2cap_create_basic_pdu(sk, msg, len);
745 if (IS_ERR(skb)) {
746 err = PTR_ERR(skb);
747 goto done;
748 }
749
750 l2cap_do_send(sk, skb);
751 err = len;
752 break;
753
754 case L2CAP_MODE_ERTM:
755 case L2CAP_MODE_STREAMING:
756 /* Entire SDU fits into one PDU */
757 if (len <= pi->remote_mps) {
758 control = L2CAP_SDU_UNSEGMENTED;
759 skb = l2cap_create_iframe_pdu(sk, msg, len, control, 0);
760 if (IS_ERR(skb)) {
761 err = PTR_ERR(skb);
762 goto done;
763 }
764 __skb_queue_tail(TX_QUEUE(sk), skb);
765
766 if (sk->sk_send_head == NULL)
767 sk->sk_send_head = skb;
768
769 } else {
770 /* Segment SDU into multiples PDUs */
771 err = l2cap_sar_segment_sdu(sk, msg, len);
772 if (err < 0)
773 goto done;
774 }
775
776 if (pi->mode == L2CAP_MODE_STREAMING) {
777 l2cap_streaming_send(sk);
778 } else {
779 if ((pi->conn_state & L2CAP_CONN_REMOTE_BUSY) &&
780 (pi->conn_state & L2CAP_CONN_WAIT_F)) {
781 err = len;
782 break;
783 }
784 err = l2cap_ertm_send(sk);
785 }
786
787 if (err >= 0)
788 err = len;
789 break;
790
791 default:
792 BT_DBG("bad state %1.1x", pi->mode);
793 err = -EBADFD;
794 }
795
796done:
797 release_sock(sk);
798 return err;
799}
800
Gustavo F. Padovan68983252011-02-04 03:02:31 -0200[diff] [blame]801static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len, int flags)
802{
803 struct sock *sk = sock->sk;
804
805 lock_sock(sk);
806
807 if (sk->sk_state == BT_CONNECT2 && bt_sk(sk)->defer_setup) {
808 struct l2cap_conn_rsp rsp;
809 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
810 u8 buf[128];
811
812 sk->sk_state = BT_CONFIG;
813
814 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
815 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
816 rsp.result = cpu_to_le16(L2CAP_CR_SUCCESS);
817 rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
818 l2cap_send_cmd(l2cap_pi(sk)->conn, l2cap_pi(sk)->ident,
819 L2CAP_CONN_RSP, sizeof(rsp), &rsp);
820
821 if (l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT) {
822 release_sock(sk);
823 return 0;
824 }
825
826 l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT;
827 l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ,
828 l2cap_build_conf_req(sk, buf), buf);
829 l2cap_pi(sk)->num_conf_req++;
830
831 release_sock(sk);
832 return 0;
833 }
834
835 release_sock(sk);
836
837 if (sock->type == SOCK_STREAM)
838 return bt_sock_stream_recvmsg(iocb, sock, msg, len, flags);
839
840 return bt_sock_recvmsg(iocb, sock, msg, len, flags);
841}
842
Gustavo F. Padovan05fc1572011-02-04 03:26:01 -0200[diff] [blame]843/* Kill socket (only if zapped and orphan)
844 * Must be called on unlocked socket.
845 */
846void l2cap_sock_kill(struct sock *sk)
847{
848 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
849 return;
850
851 BT_DBG("sk %p state %d", sk, sk->sk_state);
852
853 /* Kill poor orphan */
854 bt_sock_unlink(&l2cap_sk_list, sk);
855 sock_set_flag(sk, SOCK_DEAD);
856 sock_put(sk);
857}
858
Gustavo F. Padovan6de07022011-02-04 03:35:20 -0200[diff] [blame]859/* Must be called on unlocked socket. */
860static void l2cap_sock_close(struct sock *sk)
861{
862 l2cap_sock_clear_timer(sk);
863 lock_sock(sk);
864 __l2cap_sock_close(sk, ECONNRESET);
865 release_sock(sk);
866 l2cap_sock_kill(sk);
867}
868
869static void l2cap_sock_cleanup_listen(struct sock *parent)
870{
871 struct sock *sk;
872
873 BT_DBG("parent %p", parent);
874
875 /* Close not yet accepted channels */
876 while ((sk = bt_accept_dequeue(parent, NULL)))
877 l2cap_sock_close(sk);
878
879 parent->sk_state = BT_CLOSED;
880 sock_set_flag(parent, SOCK_ZAPPED);
881}
882
883void __l2cap_sock_close(struct sock *sk, int reason)
884{
885 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
886
887 switch (sk->sk_state) {
888 case BT_LISTEN:
889 l2cap_sock_cleanup_listen(sk);
890 break;
891
892 case BT_CONNECTED:
893 case BT_CONFIG:
894 if (sk->sk_type == SOCK_SEQPACKET ||
895 sk->sk_type == SOCK_STREAM) {
896 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
897
898 l2cap_sock_set_timer(sk, sk->sk_sndtimeo);
899 l2cap_send_disconn_req(conn, sk, reason);
900 } else
901 l2cap_chan_del(sk, reason);
902 break;
903
904 case BT_CONNECT2:
905 if (sk->sk_type == SOCK_SEQPACKET ||
906 sk->sk_type == SOCK_STREAM) {
907 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
908 struct l2cap_conn_rsp rsp;
909 __u16 result;
910
911 if (bt_sk(sk)->defer_setup)
912 result = L2CAP_CR_SEC_BLOCK;
913 else
914 result = L2CAP_CR_BAD_PSM;
915
916 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
917 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
918 rsp.result = cpu_to_le16(result);
919 rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
920 l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
921 L2CAP_CONN_RSP, sizeof(rsp), &rsp);
922 } else
923 l2cap_chan_del(sk, reason);
924 break;
925
926 case BT_CONNECT:
927 case BT_DISCONN:
928 l2cap_chan_del(sk, reason);
929 break;
930
931 default:
932 sock_set_flag(sk, SOCK_ZAPPED);
933 break;
934 }
935}
936
Gustavo F. Padovandcba0db2011-02-04 03:08:36 -0200[diff] [blame]937static int l2cap_sock_shutdown(struct socket *sock, int how)
938{
939 struct sock *sk = sock->sk;
940 int err = 0;
941
942 BT_DBG("sock %p, sk %p", sock, sk);
943
944 if (!sk)
945 return 0;
946
947 lock_sock(sk);
948 if (!sk->sk_shutdown) {
949 if (l2cap_pi(sk)->mode == L2CAP_MODE_ERTM)
950 err = __l2cap_wait_ack(sk);
951
952 sk->sk_shutdown = SHUTDOWN_MASK;
953 l2cap_sock_clear_timer(sk);
954 __l2cap_sock_close(sk, 0);
955
956 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
957 err = bt_sock_wait_state(sk, BT_CLOSED,
958 sk->sk_lingertime);
959 }
960
961 if (!err && sk->sk_err)
962 err = -sk->sk_err;
963
964 release_sock(sk);
965 return err;
966}
967
Gustavo F. Padovan554f05b2011-02-04 02:36:42 -0200[diff] [blame]968static int l2cap_sock_release(struct socket *sock)
969{
970 struct sock *sk = sock->sk;
971 int err;
972
973 BT_DBG("sock %p, sk %p", sock, sk);
974
975 if (!sk)
976 return 0;
977
978 err = l2cap_sock_shutdown(sock, 2);
979
980 sock_orphan(sk);
981 l2cap_sock_kill(sk);
982 return err;
983}
984
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]985static void l2cap_sock_destruct(struct sock *sk)
986{
987 BT_DBG("sk %p", sk);
988
989 skb_queue_purge(&sk->sk_receive_queue);
990 skb_queue_purge(&sk->sk_write_queue);
991}
992
993void l2cap_sock_init(struct sock *sk, struct sock *parent)
994{
995 struct l2cap_pinfo *pi = l2cap_pi(sk);
996
997 BT_DBG("sk %p", sk);
998
999 if (parent) {
1000 sk->sk_type = parent->sk_type;
1001 bt_sk(sk)->defer_setup = bt_sk(parent)->defer_setup;
1002
1003 pi->imtu = l2cap_pi(parent)->imtu;
1004 pi->omtu = l2cap_pi(parent)->omtu;
1005 pi->conf_state = l2cap_pi(parent)->conf_state;
1006 pi->mode = l2cap_pi(parent)->mode;
1007 pi->fcs = l2cap_pi(parent)->fcs;
1008 pi->max_tx = l2cap_pi(parent)->max_tx;
1009 pi->tx_win = l2cap_pi(parent)->tx_win;
1010 pi->sec_level = l2cap_pi(parent)->sec_level;
1011 pi->role_switch = l2cap_pi(parent)->role_switch;
1012 pi->force_reliable = l2cap_pi(parent)->force_reliable;
1013 pi->flushable = l2cap_pi(parent)->flushable;
1014 } else {
1015 pi->imtu = L2CAP_DEFAULT_MTU;
1016 pi->omtu = 0;
1017 if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
1018 pi->mode = L2CAP_MODE_ERTM;
1019 pi->conf_state |= L2CAP_CONF_STATE2_DEVICE;
1020 } else {
1021 pi->mode = L2CAP_MODE_BASIC;
1022 }
1023 pi->max_tx = L2CAP_DEFAULT_MAX_TX;
1024 pi->fcs = L2CAP_FCS_CRC16;
1025 pi->tx_win = L2CAP_DEFAULT_TX_WINDOW;
1026 pi->sec_level = BT_SECURITY_LOW;
1027 pi->role_switch = 0;
1028 pi->force_reliable = 0;
1029 pi->flushable = BT_FLUSHABLE_OFF;
1030 }
1031
1032 /* Default config options */
1033 pi->conf_len = 0;
1034 pi->flush_to = L2CAP_DEFAULT_FLUSH_TO;
1035 skb_queue_head_init(TX_QUEUE(sk));
1036 skb_queue_head_init(SREJ_QUEUE(sk));
1037 skb_queue_head_init(BUSY_QUEUE(sk));
1038 INIT_LIST_HEAD(SREJ_LIST(sk));
1039}
1040
1041static struct proto l2cap_proto = {
1042 .name = "L2CAP",
1043 .owner = THIS_MODULE,
1044 .obj_size = sizeof(struct l2cap_pinfo)
1045};
1046
1047struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
1048{
1049 struct sock *sk;
1050
1051 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
1052 if (!sk)
1053 return NULL;
1054
1055 sock_init_data(sock, sk);
1056 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
1057
1058 sk->sk_destruct = l2cap_sock_destruct;
1059 sk->sk_sndtimeo = msecs_to_jiffies(L2CAP_CONN_TIMEOUT);
1060
1061 sock_reset_flag(sk, SOCK_ZAPPED);
1062
1063 sk->sk_protocol = proto;
1064 sk->sk_state = BT_OPEN;
1065
1066 setup_timer(&sk->sk_timer, l2cap_sock_timeout, (unsigned long) sk);
1067
1068 bt_sock_link(&l2cap_sk_list, sk);
1069 return sk;
1070}
1071
1072static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
1073 int kern)
1074{
1075 struct sock *sk;
1076
1077 BT_DBG("sock %p", sock);
1078
1079 sock->state = SS_UNCONNECTED;
1080
1081 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
1082 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
1083 return -ESOCKTNOSUPPORT;
1084
1085 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
1086 return -EPERM;
1087
1088 sock->ops = &l2cap_sock_ops;
1089
1090 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
1091 if (!sk)
1092 return -ENOMEM;
1093
1094 l2cap_sock_init(sk, NULL);
1095 return 0;
1096}
1097
Gustavo F. Padovan65390582011-02-04 02:33:56 -0200[diff] [blame]1098const struct proto_ops l2cap_sock_ops = {
1099 .family = PF_BLUETOOTH,
1100 .owner = THIS_MODULE,
1101 .release = l2cap_sock_release,
1102 .bind = l2cap_sock_bind,
1103 .connect = l2cap_sock_connect,
1104 .listen = l2cap_sock_listen,
1105 .accept = l2cap_sock_accept,
1106 .getname = l2cap_sock_getname,
1107 .sendmsg = l2cap_sock_sendmsg,
1108 .recvmsg = l2cap_sock_recvmsg,
1109 .poll = bt_sock_poll,
1110 .ioctl = bt_sock_ioctl,
1111 .mmap = sock_no_mmap,
1112 .socketpair = sock_no_socketpair,
1113 .shutdown = l2cap_sock_shutdown,
1114 .setsockopt = l2cap_sock_setsockopt,
1115 .getsockopt = l2cap_sock_getsockopt
1116};
1117
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]1118static const struct net_proto_family l2cap_sock_family_ops = {
1119 .family = PF_BLUETOOTH,
1120 .owner = THIS_MODULE,
1121 .create = l2cap_sock_create,
1122};
1123
1124int __init l2cap_init_sockets(void)
1125{
1126 int err;
1127
1128 err = proto_register(&l2cap_proto, 0);
1129 if (err < 0)
1130 return err;
1131
1132 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
1133 if (err < 0)
1134 goto error;
1135
1136 BT_INFO("L2CAP socket layer initialized");
1137
1138 return 0;
1139
1140error:
1141 BT_ERR("L2CAP socket registration failed");
1142 proto_unregister(&l2cap_proto);
1143 return err;
1144}
1145
1146void l2cap_cleanup_sockets(void)
1147{
1148 if (bt_sock_unregister(BTPROTO_L2CAP) < 0)
1149 BT_ERR("L2CAP socket unregistration failed");
1150
1151 proto_unregister(&l2cap_proto);
1152}