Gitiles
Code Review Sign In
review.evervolv.com / android_kernel_oneplus_msm8996 / af6bcd8205ac06fa1de98b2b28303157fb9c3dfc / . / net / bluetooth / l2cap_sock.c
blob: ef9a60fda495463af7c1310e46cc94667616b7e6 [file] [log] [blame]
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]1/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
6
7 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License version 2 as
11 published by the Free Software Foundation;
12
13 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
14 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
16 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
17 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
18 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
19 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
20 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
21
22 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
23 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
24 SOFTWARE IS DISCLAIMED.
25*/
26
27/* Bluetooth L2CAP sockets. */
28
29#include <net/bluetooth/bluetooth.h>
30#include <net/bluetooth/l2cap.h>
31
32static void l2cap_sock_timeout(unsigned long arg)
33{
34 struct sock *sk = (struct sock *) arg;
35 int reason;
36
37 BT_DBG("sock %p state %d", sk, sk->sk_state);
38
39 bh_lock_sock(sk);
40
41 if (sock_owned_by_user(sk)) {
42 /* sk is owned by user. Try again later */
43 l2cap_sock_set_timer(sk, HZ / 5);
44 bh_unlock_sock(sk);
45 sock_put(sk);
46 return;
47 }
48
49 if (sk->sk_state == BT_CONNECTED || sk->sk_state == BT_CONFIG)
50 reason = ECONNREFUSED;
51 else if (sk->sk_state == BT_CONNECT &&
52 l2cap_pi(sk)->sec_level != BT_SECURITY_SDP)
53 reason = ECONNREFUSED;
54 else
55 reason = ETIMEDOUT;
56
57 __l2cap_sock_close(sk, reason);
58
59 bh_unlock_sock(sk);
60
61 l2cap_sock_kill(sk);
62 sock_put(sk);
63}
64
Gustavo F. Padovanaf6bcd82011-02-04 02:40:28 -0200[diff] [blame^]65static struct sock *__l2cap_get_sock_by_addr(__le16 psm, bdaddr_t *src)
66{
67 struct sock *sk;
68 struct hlist_node *node;
69 sk_for_each(sk, node, &l2cap_sk_list.head)
70 if (l2cap_pi(sk)->sport == psm && !bacmp(&bt_sk(sk)->src, src))
71 goto found;
72 sk = NULL;
73found:
74 return sk;
75}
76
77static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
78{
79 struct sock *sk = sock->sk;
80 struct sockaddr_l2 la;
81 int len, err = 0;
82
83 BT_DBG("sk %p", sk);
84
85 if (!addr || addr->sa_family != AF_BLUETOOTH)
86 return -EINVAL;
87
88 memset(&la, 0, sizeof(la));
89 len = min_t(unsigned int, sizeof(la), alen);
90 memcpy(&la, addr, len);
91
92 if (la.l2_cid)
93 return -EINVAL;
94
95 lock_sock(sk);
96
97 if (sk->sk_state != BT_OPEN) {
98 err = -EBADFD;
99 goto done;
100 }
101
102 if (la.l2_psm) {
103 __u16 psm = __le16_to_cpu(la.l2_psm);
104
105 /* PSM must be odd and lsb of upper byte must be 0 */
106 if ((psm & 0x0101) != 0x0001) {
107 err = -EINVAL;
108 goto done;
109 }
110
111 /* Restrict usage of well-known PSMs */
112 if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) {
113 err = -EACCES;
114 goto done;
115 }
116 }
117
118 write_lock_bh(&l2cap_sk_list.lock);
119
120 if (la.l2_psm && __l2cap_get_sock_by_addr(la.l2_psm, &la.l2_bdaddr)) {
121 err = -EADDRINUSE;
122 } else {
123 /* Save source address */
124 bacpy(&bt_sk(sk)->src, &la.l2_bdaddr);
125 l2cap_pi(sk)->psm = la.l2_psm;
126 l2cap_pi(sk)->sport = la.l2_psm;
127 sk->sk_state = BT_BOUND;
128
129 if (__le16_to_cpu(la.l2_psm) == 0x0001 ||
130 __le16_to_cpu(la.l2_psm) == 0x0003)
131 l2cap_pi(sk)->sec_level = BT_SECURITY_SDP;
132 }
133
134 write_unlock_bh(&l2cap_sk_list.lock);
135
136done:
137 release_sock(sk);
138 return err;
139}
140
141static int l2cap_sock_listen(struct socket *sock, int backlog)
142{
143 struct sock *sk = sock->sk;
144 int err = 0;
145
146 BT_DBG("sk %p backlog %d", sk, backlog);
147
148 lock_sock(sk);
149
150 if ((sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM)
151 || sk->sk_state != BT_BOUND) {
152 err = -EBADFD;
153 goto done;
154 }
155
156 switch (l2cap_pi(sk)->mode) {
157 case L2CAP_MODE_BASIC:
158 break;
159 case L2CAP_MODE_ERTM:
160 case L2CAP_MODE_STREAMING:
161 if (!disable_ertm)
162 break;
163 /* fall through */
164 default:
165 err = -ENOTSUPP;
166 goto done;
167 }
168
169 if (!l2cap_pi(sk)->psm) {
170 bdaddr_t *src = &bt_sk(sk)->src;
171 u16 psm;
172
173 err = -EINVAL;
174
175 write_lock_bh(&l2cap_sk_list.lock);
176
177 for (psm = 0x1001; psm < 0x1100; psm += 2)
178 if (!__l2cap_get_sock_by_addr(cpu_to_le16(psm), src)) {
179 l2cap_pi(sk)->psm = cpu_to_le16(psm);
180 l2cap_pi(sk)->sport = cpu_to_le16(psm);
181 err = 0;
182 break;
183 }
184
185 write_unlock_bh(&l2cap_sk_list.lock);
186
187 if (err < 0)
188 goto done;
189 }
190
191 sk->sk_max_ack_backlog = backlog;
192 sk->sk_ack_backlog = 0;
193 sk->sk_state = BT_LISTEN;
194
195done:
196 release_sock(sk);
197 return err;
198}
199
Gustavo F. Padovan554f05b2011-02-04 02:36:42 -0200[diff] [blame]200static int l2cap_sock_release(struct socket *sock)
201{
202 struct sock *sk = sock->sk;
203 int err;
204
205 BT_DBG("sock %p, sk %p", sock, sk);
206
207 if (!sk)
208 return 0;
209
210 err = l2cap_sock_shutdown(sock, 2);
211
212 sock_orphan(sk);
213 l2cap_sock_kill(sk);
214 return err;
215}
216
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]217static void l2cap_sock_destruct(struct sock *sk)
218{
219 BT_DBG("sk %p", sk);
220
221 skb_queue_purge(&sk->sk_receive_queue);
222 skb_queue_purge(&sk->sk_write_queue);
223}
224
225void l2cap_sock_init(struct sock *sk, struct sock *parent)
226{
227 struct l2cap_pinfo *pi = l2cap_pi(sk);
228
229 BT_DBG("sk %p", sk);
230
231 if (parent) {
232 sk->sk_type = parent->sk_type;
233 bt_sk(sk)->defer_setup = bt_sk(parent)->defer_setup;
234
235 pi->imtu = l2cap_pi(parent)->imtu;
236 pi->omtu = l2cap_pi(parent)->omtu;
237 pi->conf_state = l2cap_pi(parent)->conf_state;
238 pi->mode = l2cap_pi(parent)->mode;
239 pi->fcs = l2cap_pi(parent)->fcs;
240 pi->max_tx = l2cap_pi(parent)->max_tx;
241 pi->tx_win = l2cap_pi(parent)->tx_win;
242 pi->sec_level = l2cap_pi(parent)->sec_level;
243 pi->role_switch = l2cap_pi(parent)->role_switch;
244 pi->force_reliable = l2cap_pi(parent)->force_reliable;
245 pi->flushable = l2cap_pi(parent)->flushable;
246 } else {
247 pi->imtu = L2CAP_DEFAULT_MTU;
248 pi->omtu = 0;
249 if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
250 pi->mode = L2CAP_MODE_ERTM;
251 pi->conf_state |= L2CAP_CONF_STATE2_DEVICE;
252 } else {
253 pi->mode = L2CAP_MODE_BASIC;
254 }
255 pi->max_tx = L2CAP_DEFAULT_MAX_TX;
256 pi->fcs = L2CAP_FCS_CRC16;
257 pi->tx_win = L2CAP_DEFAULT_TX_WINDOW;
258 pi->sec_level = BT_SECURITY_LOW;
259 pi->role_switch = 0;
260 pi->force_reliable = 0;
261 pi->flushable = BT_FLUSHABLE_OFF;
262 }
263
264 /* Default config options */
265 pi->conf_len = 0;
266 pi->flush_to = L2CAP_DEFAULT_FLUSH_TO;
267 skb_queue_head_init(TX_QUEUE(sk));
268 skb_queue_head_init(SREJ_QUEUE(sk));
269 skb_queue_head_init(BUSY_QUEUE(sk));
270 INIT_LIST_HEAD(SREJ_LIST(sk));
271}
272
273static struct proto l2cap_proto = {
274 .name = "L2CAP",
275 .owner = THIS_MODULE,
276 .obj_size = sizeof(struct l2cap_pinfo)
277};
278
279struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
280{
281 struct sock *sk;
282
283 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
284 if (!sk)
285 return NULL;
286
287 sock_init_data(sock, sk);
288 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
289
290 sk->sk_destruct = l2cap_sock_destruct;
291 sk->sk_sndtimeo = msecs_to_jiffies(L2CAP_CONN_TIMEOUT);
292
293 sock_reset_flag(sk, SOCK_ZAPPED);
294
295 sk->sk_protocol = proto;
296 sk->sk_state = BT_OPEN;
297
298 setup_timer(&sk->sk_timer, l2cap_sock_timeout, (unsigned long) sk);
299
300 bt_sock_link(&l2cap_sk_list, sk);
301 return sk;
302}
303
304static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
305 int kern)
306{
307 struct sock *sk;
308
309 BT_DBG("sock %p", sock);
310
311 sock->state = SS_UNCONNECTED;
312
313 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
314 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
315 return -ESOCKTNOSUPPORT;
316
317 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
318 return -EPERM;
319
320 sock->ops = &l2cap_sock_ops;
321
322 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
323 if (!sk)
324 return -ENOMEM;
325
326 l2cap_sock_init(sk, NULL);
327 return 0;
328}
329
Gustavo F. Padovan65390582011-02-04 02:33:56 -0200[diff] [blame]330const struct proto_ops l2cap_sock_ops = {
331 .family = PF_BLUETOOTH,
332 .owner = THIS_MODULE,
333 .release = l2cap_sock_release,
334 .bind = l2cap_sock_bind,
335 .connect = l2cap_sock_connect,
336 .listen = l2cap_sock_listen,
337 .accept = l2cap_sock_accept,
338 .getname = l2cap_sock_getname,
339 .sendmsg = l2cap_sock_sendmsg,
340 .recvmsg = l2cap_sock_recvmsg,
341 .poll = bt_sock_poll,
342 .ioctl = bt_sock_ioctl,
343 .mmap = sock_no_mmap,
344 .socketpair = sock_no_socketpair,
345 .shutdown = l2cap_sock_shutdown,
346 .setsockopt = l2cap_sock_setsockopt,
347 .getsockopt = l2cap_sock_getsockopt
348};
349
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]350static const struct net_proto_family l2cap_sock_family_ops = {
351 .family = PF_BLUETOOTH,
352 .owner = THIS_MODULE,
353 .create = l2cap_sock_create,
354};
355
356int __init l2cap_init_sockets(void)
357{
358 int err;
359
360 err = proto_register(&l2cap_proto, 0);
361 if (err < 0)
362 return err;
363
364 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
365 if (err < 0)
366 goto error;
367
368 BT_INFO("L2CAP socket layer initialized");
369
370 return 0;
371
372error:
373 BT_ERR("L2CAP socket registration failed");
374 proto_unregister(&l2cap_proto);
375 return err;
376}
377
378void l2cap_cleanup_sockets(void)
379{
380 if (bt_sock_unregister(BTPROTO_L2CAP) < 0)
381 BT_ERR("L2CAP socket unregistration failed");
382
383 proto_unregister(&l2cap_proto);
384}