2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
6 Copyright (C) 2011 ProFUSION Embedded Systems
8 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License version 2 as
12 published by the Free Software Foundation;
14 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
17 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
18 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
19 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
23 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
24 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
25 SOFTWARE IS DISCLAIMED.
28 /* Bluetooth L2CAP sockets. */
30 #include <linux/export.h>
32 #include <net/bluetooth/bluetooth.h>
33 #include <net/bluetooth/hci_core.h>
34 #include <net/bluetooth/l2cap.h>
38 static struct bt_sock_list l2cap_sk_list = {
39 .lock = __RW_LOCK_UNLOCKED(l2cap_sk_list.lock)
42 static const struct proto_ops l2cap_sock_ops;
43 static void l2cap_sock_init(struct sock *sk, struct sock *parent);
44 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock,
45 int proto, gfp_t prio);
47 bool l2cap_is_socket(struct socket *sock)
49 return sock && sock->ops == &l2cap_sock_ops;
51 EXPORT_SYMBOL(l2cap_is_socket);
53 static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
55 struct sock *sk = sock->sk;
56 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
57 struct sockaddr_l2 la;
62 if (!addr || addr->sa_family != AF_BLUETOOTH)
65 memset(&la, 0, sizeof(la));
66 len = min_t(unsigned int, sizeof(la), alen);
67 memcpy(&la, addr, len);
69 if (la.l2_cid && la.l2_psm)
72 if (!bdaddr_type_is_valid(la.l2_bdaddr_type))
75 if (bdaddr_type_is_le(la.l2_bdaddr_type)) {
76 /* Connection oriented channels are not supported on LE */
79 /* We only allow ATT user space socket */
80 if (la.l2_cid != __constant_cpu_to_le16(L2CAP_CID_ATT))
86 if (sk->sk_state != BT_OPEN) {
92 __u16 psm = __le16_to_cpu(la.l2_psm);
94 /* PSM must be odd and lsb of upper byte must be 0 */
95 if ((psm & 0x0101) != 0x0001) {
100 /* Restrict usage of well-known PSMs */
101 if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) {
108 err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));
110 err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
115 switch (chan->chan_type) {
116 case L2CAP_CHAN_CONN_LESS:
117 if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_3DSP)
118 chan->sec_level = BT_SECURITY_SDP;
120 case L2CAP_CHAN_CONN_ORIENTED:
121 if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_SDP ||
122 __le16_to_cpu(la.l2_psm) == L2CAP_PSM_RFCOMM)
123 chan->sec_level = BT_SECURITY_SDP;
127 bacpy(&chan->src, &la.l2_bdaddr);
128 chan->src_type = la.l2_bdaddr_type;
130 chan->state = BT_BOUND;
131 sk->sk_state = BT_BOUND;
138 static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr,
141 struct sock *sk = sock->sk;
142 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
143 struct sockaddr_l2 la;
148 if (!addr || alen < sizeof(addr->sa_family) ||
149 addr->sa_family != AF_BLUETOOTH)
152 memset(&la, 0, sizeof(la));
153 len = min_t(unsigned int, sizeof(la), alen);
154 memcpy(&la, addr, len);
156 if (la.l2_cid && la.l2_psm)
159 if (!bdaddr_type_is_valid(la.l2_bdaddr_type))
162 if (chan->src_type == BDADDR_BREDR && la.l2_bdaddr_type != BDADDR_BREDR)
165 if (chan->src_type != BDADDR_BREDR && la.l2_bdaddr_type == BDADDR_BREDR)
168 if (bdaddr_type_is_le(la.l2_bdaddr_type)) {
169 /* Connection oriented channels are not supported on LE */
172 /* We only allow ATT user space socket */
173 if (la.l2_cid != __constant_cpu_to_le16(L2CAP_CID_ATT))
177 err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid),
178 &la.l2_bdaddr, la.l2_bdaddr_type);
184 err = bt_sock_wait_state(sk, BT_CONNECTED,
185 sock_sndtimeo(sk, flags & O_NONBLOCK));
192 static int l2cap_sock_listen(struct socket *sock, int backlog)
194 struct sock *sk = sock->sk;
195 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
198 BT_DBG("sk %p backlog %d", sk, backlog);
202 if (sk->sk_state != BT_BOUND) {
207 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM) {
212 switch (chan->mode) {
213 case L2CAP_MODE_BASIC:
215 case L2CAP_MODE_ERTM:
216 case L2CAP_MODE_STREAMING:
225 sk->sk_max_ack_backlog = backlog;
226 sk->sk_ack_backlog = 0;
228 chan->state = BT_LISTEN;
229 sk->sk_state = BT_LISTEN;
236 static int l2cap_sock_accept(struct socket *sock, struct socket *newsock,
239 DECLARE_WAITQUEUE(wait, current);
240 struct sock *sk = sock->sk, *nsk;
244 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
246 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
248 BT_DBG("sk %p timeo %ld", sk, timeo);
250 /* Wait for an incoming connection. (wake-one). */
251 add_wait_queue_exclusive(sk_sleep(sk), &wait);
253 set_current_state(TASK_INTERRUPTIBLE);
255 if (sk->sk_state != BT_LISTEN) {
260 nsk = bt_accept_dequeue(sk, newsock);
269 if (signal_pending(current)) {
270 err = sock_intr_errno(timeo);
275 timeo = schedule_timeout(timeo);
276 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
278 __set_current_state(TASK_RUNNING);
279 remove_wait_queue(sk_sleep(sk), &wait);
284 newsock->state = SS_CONNECTED;
286 BT_DBG("new socket %p", nsk);
293 static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr,
296 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
297 struct sock *sk = sock->sk;
298 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
300 BT_DBG("sock %p, sk %p", sock, sk);
302 memset(la, 0, sizeof(struct sockaddr_l2));
303 addr->sa_family = AF_BLUETOOTH;
304 *len = sizeof(struct sockaddr_l2);
307 la->l2_psm = chan->psm;
308 bacpy(&la->l2_bdaddr, &chan->dst);
309 la->l2_cid = cpu_to_le16(chan->dcid);
310 la->l2_bdaddr_type = chan->dst_type;
312 la->l2_psm = chan->sport;
313 bacpy(&la->l2_bdaddr, &chan->src);
314 la->l2_cid = cpu_to_le16(chan->scid);
315 la->l2_bdaddr_type = chan->src_type;
321 static int l2cap_sock_getsockopt_old(struct socket *sock, int optname,
322 char __user *optval, int __user *optlen)
324 struct sock *sk = sock->sk;
325 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
326 struct l2cap_options opts;
327 struct l2cap_conninfo cinfo;
333 if (get_user(len, optlen))
340 memset(&opts, 0, sizeof(opts));
341 opts.imtu = chan->imtu;
342 opts.omtu = chan->omtu;
343 opts.flush_to = chan->flush_to;
344 opts.mode = chan->mode;
345 opts.fcs = chan->fcs;
346 opts.max_tx = chan->max_tx;
347 opts.txwin_size = chan->tx_win;
349 len = min_t(unsigned int, len, sizeof(opts));
350 if (copy_to_user(optval, (char *) &opts, len))
356 switch (chan->sec_level) {
357 case BT_SECURITY_LOW:
360 case BT_SECURITY_MEDIUM:
361 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT;
363 case BT_SECURITY_HIGH:
364 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
372 if (test_bit(FLAG_ROLE_SWITCH, &chan->flags))
373 opt |= L2CAP_LM_MASTER;
375 if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags))
376 opt |= L2CAP_LM_RELIABLE;
378 if (put_user(opt, (u32 __user *) optval))
383 if (sk->sk_state != BT_CONNECTED &&
384 !(sk->sk_state == BT_CONNECT2 &&
385 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
390 memset(&cinfo, 0, sizeof(cinfo));
391 cinfo.hci_handle = chan->conn->hcon->handle;
392 memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3);
394 len = min_t(unsigned int, len, sizeof(cinfo));
395 if (copy_to_user(optval, (char *) &cinfo, len))
409 static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname,
410 char __user *optval, int __user *optlen)
412 struct sock *sk = sock->sk;
413 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
414 struct bt_security sec;
420 if (level == SOL_L2CAP)
421 return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
423 if (level != SOL_BLUETOOTH)
426 if (get_user(len, optlen))
433 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
434 chan->chan_type != L2CAP_CHAN_RAW) {
439 memset(&sec, 0, sizeof(sec));
441 sec.level = chan->conn->hcon->sec_level;
443 if (sk->sk_state == BT_CONNECTED)
444 sec.key_size = chan->conn->hcon->enc_key_size;
446 sec.level = chan->sec_level;
449 len = min_t(unsigned int, len, sizeof(sec));
450 if (copy_to_user(optval, (char *) &sec, len))
456 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
461 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
462 (u32 __user *) optval))
468 if (put_user(test_bit(FLAG_FLUSHABLE, &chan->flags),
469 (u32 __user *) optval))
475 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
476 && sk->sk_type != SOCK_RAW) {
481 pwr.force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags);
483 len = min_t(unsigned int, len, sizeof(pwr));
484 if (copy_to_user(optval, (char *) &pwr, len))
489 case BT_CHANNEL_POLICY:
490 if (put_user(chan->chan_policy, (u32 __user *) optval))
503 static bool l2cap_valid_mtu(struct l2cap_chan *chan, u16 mtu)
505 switch (chan->scid) {
507 if (mtu < L2CAP_LE_MIN_MTU)
512 if (mtu < L2CAP_DEFAULT_MIN_MTU)
519 static int l2cap_sock_setsockopt_old(struct socket *sock, int optname,
520 char __user *optval, unsigned int optlen)
522 struct sock *sk = sock->sk;
523 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
524 struct l2cap_options opts;
534 if (sk->sk_state == BT_CONNECTED) {
539 opts.imtu = chan->imtu;
540 opts.omtu = chan->omtu;
541 opts.flush_to = chan->flush_to;
542 opts.mode = chan->mode;
543 opts.fcs = chan->fcs;
544 opts.max_tx = chan->max_tx;
545 opts.txwin_size = chan->tx_win;
547 len = min_t(unsigned int, sizeof(opts), optlen);
548 if (copy_from_user((char *) &opts, optval, len)) {
553 if (opts.txwin_size > L2CAP_DEFAULT_EXT_WINDOW) {
558 if (!l2cap_valid_mtu(chan, opts.imtu)) {
563 chan->mode = opts.mode;
564 switch (chan->mode) {
565 case L2CAP_MODE_BASIC:
566 clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);
568 case L2CAP_MODE_ERTM:
569 case L2CAP_MODE_STREAMING:
578 chan->imtu = opts.imtu;
579 chan->omtu = opts.omtu;
580 chan->fcs = opts.fcs;
581 chan->max_tx = opts.max_tx;
582 chan->tx_win = opts.txwin_size;
583 chan->flush_to = opts.flush_to;
587 if (get_user(opt, (u32 __user *) optval)) {
592 if (opt & L2CAP_LM_AUTH)
593 chan->sec_level = BT_SECURITY_LOW;
594 if (opt & L2CAP_LM_ENCRYPT)
595 chan->sec_level = BT_SECURITY_MEDIUM;
596 if (opt & L2CAP_LM_SECURE)
597 chan->sec_level = BT_SECURITY_HIGH;
599 if (opt & L2CAP_LM_MASTER)
600 set_bit(FLAG_ROLE_SWITCH, &chan->flags);
602 clear_bit(FLAG_ROLE_SWITCH, &chan->flags);
604 if (opt & L2CAP_LM_RELIABLE)
605 set_bit(FLAG_FORCE_RELIABLE, &chan->flags);
607 clear_bit(FLAG_FORCE_RELIABLE, &chan->flags);
619 static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname,
620 char __user *optval, unsigned int optlen)
622 struct sock *sk = sock->sk;
623 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
624 struct bt_security sec;
626 struct l2cap_conn *conn;
632 if (level == SOL_L2CAP)
633 return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
635 if (level != SOL_BLUETOOTH)
642 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
643 chan->chan_type != L2CAP_CHAN_RAW) {
648 sec.level = BT_SECURITY_LOW;
650 len = min_t(unsigned int, sizeof(sec), optlen);
651 if (copy_from_user((char *) &sec, optval, len)) {
656 if (sec.level < BT_SECURITY_LOW ||
657 sec.level > BT_SECURITY_HIGH) {
662 chan->sec_level = sec.level;
669 /*change security for LE channels */
670 if (chan->scid == L2CAP_CID_ATT) {
671 if (!conn->hcon->out) {
676 if (smp_conn_security(conn->hcon, sec.level))
678 sk->sk_state = BT_CONFIG;
679 chan->state = BT_CONFIG;
681 /* or for ACL link */
682 } else if ((sk->sk_state == BT_CONNECT2 &&
683 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) ||
684 sk->sk_state == BT_CONNECTED) {
685 if (!l2cap_chan_check_security(chan))
686 set_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
688 sk->sk_state_change(sk);
695 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
700 if (get_user(opt, (u32 __user *) optval)) {
706 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
707 set_bit(FLAG_DEFER_SETUP, &chan->flags);
709 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
710 clear_bit(FLAG_DEFER_SETUP, &chan->flags);
715 if (get_user(opt, (u32 __user *) optval)) {
720 if (opt > BT_FLUSHABLE_ON) {
725 if (opt == BT_FLUSHABLE_OFF) {
727 /* proceed further only when we have l2cap_conn and
728 No Flush support in the LM */
729 if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) {
736 set_bit(FLAG_FLUSHABLE, &chan->flags);
738 clear_bit(FLAG_FLUSHABLE, &chan->flags);
742 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
743 chan->chan_type != L2CAP_CHAN_RAW) {
748 pwr.force_active = BT_POWER_FORCE_ACTIVE_ON;
750 len = min_t(unsigned int, sizeof(pwr), optlen);
751 if (copy_from_user((char *) &pwr, optval, len)) {
756 if (pwr.force_active)
757 set_bit(FLAG_FORCE_ACTIVE, &chan->flags);
759 clear_bit(FLAG_FORCE_ACTIVE, &chan->flags);
762 case BT_CHANNEL_POLICY:
763 if (get_user(opt, (u32 __user *) optval)) {
768 if (opt > BT_CHANNEL_POLICY_AMP_PREFERRED) {
773 if (chan->mode != L2CAP_MODE_ERTM &&
774 chan->mode != L2CAP_MODE_STREAMING) {
779 chan->chan_policy = (u8) opt;
781 if (sk->sk_state == BT_CONNECTED &&
782 chan->move_role == L2CAP_MOVE_ROLE_NONE)
783 l2cap_move_start(chan);
796 static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
797 struct msghdr *msg, size_t len)
799 struct sock *sk = sock->sk;
800 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
803 BT_DBG("sock %p, sk %p", sock, sk);
805 err = sock_error(sk);
809 if (msg->msg_flags & MSG_OOB)
812 if (sk->sk_state != BT_CONNECTED)
816 err = bt_sock_wait_ready(sk, msg->msg_flags);
821 l2cap_chan_lock(chan);
822 err = l2cap_chan_send(chan, msg, len, sk->sk_priority);
823 l2cap_chan_unlock(chan);
828 static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
829 struct msghdr *msg, size_t len, int flags)
831 struct sock *sk = sock->sk;
832 struct l2cap_pinfo *pi = l2cap_pi(sk);
837 if (sk->sk_state == BT_CONNECT2 && test_bit(BT_SK_DEFER_SETUP,
838 &bt_sk(sk)->flags)) {
839 sk->sk_state = BT_CONFIG;
840 pi->chan->state = BT_CONFIG;
842 __l2cap_connect_rsp_defer(pi->chan);
849 if (sock->type == SOCK_STREAM)
850 err = bt_sock_stream_recvmsg(iocb, sock, msg, len, flags);
852 err = bt_sock_recvmsg(iocb, sock, msg, len, flags);
854 if (pi->chan->mode != L2CAP_MODE_ERTM)
857 /* Attempt to put pending rx data in the socket buffer */
861 if (!test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state))
864 if (pi->rx_busy_skb) {
865 if (!sock_queue_rcv_skb(sk, pi->rx_busy_skb))
866 pi->rx_busy_skb = NULL;
871 /* Restore data flow when half of the receive buffer is
872 * available. This avoids resending large numbers of
875 if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1)
876 l2cap_chan_busy(pi->chan, 0);
883 /* Kill socket (only if zapped and orphan)
884 * Must be called on unlocked socket.
886 static void l2cap_sock_kill(struct sock *sk)
888 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
891 BT_DBG("sk %p state %s", sk, state_to_string(sk->sk_state));
893 /* Kill poor orphan */
895 l2cap_chan_put(l2cap_pi(sk)->chan);
896 sock_set_flag(sk, SOCK_DEAD);
900 static int __l2cap_wait_ack(struct sock *sk)
902 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
903 DECLARE_WAITQUEUE(wait, current);
907 add_wait_queue(sk_sleep(sk), &wait);
908 set_current_state(TASK_INTERRUPTIBLE);
909 while (chan->unacked_frames > 0 && chan->conn) {
913 if (signal_pending(current)) {
914 err = sock_intr_errno(timeo);
919 timeo = schedule_timeout(timeo);
921 set_current_state(TASK_INTERRUPTIBLE);
923 err = sock_error(sk);
927 set_current_state(TASK_RUNNING);
928 remove_wait_queue(sk_sleep(sk), &wait);
932 static int l2cap_sock_shutdown(struct socket *sock, int how)
934 struct sock *sk = sock->sk;
935 struct l2cap_chan *chan;
936 struct l2cap_conn *conn;
939 BT_DBG("sock %p, sk %p", sock, sk);
944 chan = l2cap_pi(sk)->chan;
948 mutex_lock(&conn->chan_lock);
950 l2cap_chan_lock(chan);
953 if (!sk->sk_shutdown) {
954 if (chan->mode == L2CAP_MODE_ERTM)
955 err = __l2cap_wait_ack(sk);
957 sk->sk_shutdown = SHUTDOWN_MASK;
960 l2cap_chan_close(chan, 0);
963 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
964 err = bt_sock_wait_state(sk, BT_CLOSED,
968 if (!err && sk->sk_err)
972 l2cap_chan_unlock(chan);
975 mutex_unlock(&conn->chan_lock);
980 static int l2cap_sock_release(struct socket *sock)
982 struct sock *sk = sock->sk;
985 BT_DBG("sock %p, sk %p", sock, sk);
990 bt_sock_unlink(&l2cap_sk_list, sk);
992 err = l2cap_sock_shutdown(sock, 2);
999 static void l2cap_sock_cleanup_listen(struct sock *parent)
1003 BT_DBG("parent %p", parent);
1005 /* Close not yet accepted channels */
1006 while ((sk = bt_accept_dequeue(parent, NULL))) {
1007 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
1009 l2cap_chan_lock(chan);
1010 __clear_chan_timer(chan);
1011 l2cap_chan_close(chan, ECONNRESET);
1012 l2cap_chan_unlock(chan);
1014 l2cap_sock_kill(sk);
1018 static struct l2cap_chan *l2cap_sock_new_connection_cb(struct l2cap_chan *chan)
1020 struct sock *sk, *parent = chan->data;
1022 /* Check for backlog size */
1023 if (sk_acceptq_is_full(parent)) {
1024 BT_DBG("backlog full %d", parent->sk_ack_backlog);
1028 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP,
1033 bt_sock_reclassify_lock(sk, BTPROTO_L2CAP);
1035 l2cap_sock_init(sk, parent);
1037 bt_accept_enqueue(parent, sk);
1039 return l2cap_pi(sk)->chan;
1042 static int l2cap_sock_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
1044 struct sock *sk = chan->data;
1049 if (l2cap_pi(sk)->rx_busy_skb) {
1054 err = sock_queue_rcv_skb(sk, skb);
1056 /* For ERTM, handle one skb that doesn't fit into the recv
1057 * buffer. This is important to do because the data frames
1058 * have already been acked, so the skb cannot be discarded.
1060 * Notify the l2cap core that the buffer is full, so the
1061 * LOCAL_BUSY state is entered and no more frames are
1062 * acked and reassembled until there is buffer space
1065 if (err < 0 && chan->mode == L2CAP_MODE_ERTM) {
1066 l2cap_pi(sk)->rx_busy_skb = skb;
1067 l2cap_chan_busy(chan, 1);
1077 static void l2cap_sock_close_cb(struct l2cap_chan *chan)
1079 struct sock *sk = chan->data;
1081 l2cap_sock_kill(sk);
1084 static void l2cap_sock_teardown_cb(struct l2cap_chan *chan, int err)
1086 struct sock *sk = chan->data;
1087 struct sock *parent;
1091 parent = bt_sk(sk)->parent;
1093 sock_set_flag(sk, SOCK_ZAPPED);
1095 switch (chan->state) {
1101 l2cap_sock_cleanup_listen(sk);
1102 sk->sk_state = BT_CLOSED;
1103 chan->state = BT_CLOSED;
1107 sk->sk_state = BT_CLOSED;
1108 chan->state = BT_CLOSED;
1113 bt_accept_unlink(sk);
1114 parent->sk_data_ready(parent, 0);
1116 sk->sk_state_change(sk);
1125 static void l2cap_sock_state_change_cb(struct l2cap_chan *chan, int state,
1128 struct sock *sk = chan->data;
1130 sk->sk_state = state;
1136 static struct sk_buff *l2cap_sock_alloc_skb_cb(struct l2cap_chan *chan,
1137 unsigned long len, int nb)
1139 struct sk_buff *skb;
1142 l2cap_chan_unlock(chan);
1143 skb = bt_skb_send_alloc(chan->sk, len, nb, &err);
1144 l2cap_chan_lock(chan);
1147 return ERR_PTR(err);
1152 static void l2cap_sock_ready_cb(struct l2cap_chan *chan)
1154 struct sock *sk = chan->data;
1155 struct sock *parent;
1159 parent = bt_sk(sk)->parent;
1161 BT_DBG("sk %p, parent %p", sk, parent);
1163 sk->sk_state = BT_CONNECTED;
1164 sk->sk_state_change(sk);
1167 parent->sk_data_ready(parent, 0);
1172 static void l2cap_sock_defer_cb(struct l2cap_chan *chan)
1174 struct sock *sk = chan->data;
1175 struct sock *parent = bt_sk(sk)->parent;
1178 parent->sk_data_ready(parent, 0);
1181 static void l2cap_sock_resume_cb(struct l2cap_chan *chan)
1183 struct sock *sk = chan->data;
1185 clear_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
1186 sk->sk_state_change(sk);
1189 static void l2cap_sock_set_shutdown_cb(struct l2cap_chan *chan)
1191 struct sock *sk = chan->data;
1194 sk->sk_shutdown = SHUTDOWN_MASK;
1198 static long l2cap_sock_get_sndtimeo_cb(struct l2cap_chan *chan)
1200 struct sock *sk = chan->data;
1202 return sk->sk_sndtimeo;
1205 static struct l2cap_ops l2cap_chan_ops = {
1206 .name = "L2CAP Socket Interface",
1207 .new_connection = l2cap_sock_new_connection_cb,
1208 .recv = l2cap_sock_recv_cb,
1209 .close = l2cap_sock_close_cb,
1210 .teardown = l2cap_sock_teardown_cb,
1211 .state_change = l2cap_sock_state_change_cb,
1212 .ready = l2cap_sock_ready_cb,
1213 .defer = l2cap_sock_defer_cb,
1214 .resume = l2cap_sock_resume_cb,
1215 .set_shutdown = l2cap_sock_set_shutdown_cb,
1216 .get_sndtimeo = l2cap_sock_get_sndtimeo_cb,
1217 .alloc_skb = l2cap_sock_alloc_skb_cb,
1220 static void l2cap_sock_destruct(struct sock *sk)
1222 BT_DBG("sk %p", sk);
1224 if (l2cap_pi(sk)->chan)
1225 l2cap_chan_put(l2cap_pi(sk)->chan);
1227 if (l2cap_pi(sk)->rx_busy_skb) {
1228 kfree_skb(l2cap_pi(sk)->rx_busy_skb);
1229 l2cap_pi(sk)->rx_busy_skb = NULL;
1232 skb_queue_purge(&sk->sk_receive_queue);
1233 skb_queue_purge(&sk->sk_write_queue);
1236 static void l2cap_skb_msg_name(struct sk_buff *skb, void *msg_name,
1239 struct sockaddr_l2 *la = (struct sockaddr_l2 *) msg_name;
1241 memset(la, 0, sizeof(struct sockaddr_l2));
1242 la->l2_family = AF_BLUETOOTH;
1243 la->l2_psm = bt_cb(skb)->psm;
1244 bacpy(&la->l2_bdaddr, &bt_cb(skb)->bdaddr);
1246 *msg_namelen = sizeof(struct sockaddr_l2);
1249 static void l2cap_sock_init(struct sock *sk, struct sock *parent)
1251 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
1253 BT_DBG("sk %p", sk);
1256 struct l2cap_chan *pchan = l2cap_pi(parent)->chan;
1258 sk->sk_type = parent->sk_type;
1259 bt_sk(sk)->flags = bt_sk(parent)->flags;
1261 chan->chan_type = pchan->chan_type;
1262 chan->imtu = pchan->imtu;
1263 chan->omtu = pchan->omtu;
1264 chan->conf_state = pchan->conf_state;
1265 chan->mode = pchan->mode;
1266 chan->fcs = pchan->fcs;
1267 chan->max_tx = pchan->max_tx;
1268 chan->tx_win = pchan->tx_win;
1269 chan->tx_win_max = pchan->tx_win_max;
1270 chan->sec_level = pchan->sec_level;
1271 chan->flags = pchan->flags;
1273 security_sk_clone(parent, sk);
1275 switch (sk->sk_type) {
1277 chan->chan_type = L2CAP_CHAN_RAW;
1280 chan->chan_type = L2CAP_CHAN_CONN_LESS;
1281 bt_sk(sk)->skb_msg_name = l2cap_skb_msg_name;
1283 case SOCK_SEQPACKET:
1285 chan->chan_type = L2CAP_CHAN_CONN_ORIENTED;
1289 chan->imtu = L2CAP_DEFAULT_MTU;
1291 if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
1292 chan->mode = L2CAP_MODE_ERTM;
1293 set_bit(CONF_STATE2_DEVICE, &chan->conf_state);
1295 chan->mode = L2CAP_MODE_BASIC;
1298 l2cap_chan_set_defaults(chan);
1301 /* Default config options */
1302 chan->flush_to = L2CAP_DEFAULT_FLUSH_TO;
1305 chan->ops = &l2cap_chan_ops;
1308 static struct proto l2cap_proto = {
1310 .owner = THIS_MODULE,
1311 .obj_size = sizeof(struct l2cap_pinfo)
1314 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock,
1315 int proto, gfp_t prio)
1318 struct l2cap_chan *chan;
1320 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
1324 sock_init_data(sock, sk);
1325 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
1327 sk->sk_destruct = l2cap_sock_destruct;
1328 sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;
1330 sock_reset_flag(sk, SOCK_ZAPPED);
1332 sk->sk_protocol = proto;
1333 sk->sk_state = BT_OPEN;
1335 chan = l2cap_chan_create();
1341 l2cap_chan_hold(chan);
1345 l2cap_pi(sk)->chan = chan;
1350 static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
1355 BT_DBG("sock %p", sock);
1357 sock->state = SS_UNCONNECTED;
1359 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
1360 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
1361 return -ESOCKTNOSUPPORT;
1363 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
1366 sock->ops = &l2cap_sock_ops;
1368 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
1372 l2cap_sock_init(sk, NULL);
1373 bt_sock_link(&l2cap_sk_list, sk);
1377 static const struct proto_ops l2cap_sock_ops = {
1378 .family = PF_BLUETOOTH,
1379 .owner = THIS_MODULE,
1380 .release = l2cap_sock_release,
1381 .bind = l2cap_sock_bind,
1382 .connect = l2cap_sock_connect,
1383 .listen = l2cap_sock_listen,
1384 .accept = l2cap_sock_accept,
1385 .getname = l2cap_sock_getname,
1386 .sendmsg = l2cap_sock_sendmsg,
1387 .recvmsg = l2cap_sock_recvmsg,
1388 .poll = bt_sock_poll,
1389 .ioctl = bt_sock_ioctl,
1390 .mmap = sock_no_mmap,
1391 .socketpair = sock_no_socketpair,
1392 .shutdown = l2cap_sock_shutdown,
1393 .setsockopt = l2cap_sock_setsockopt,
1394 .getsockopt = l2cap_sock_getsockopt
1397 static const struct net_proto_family l2cap_sock_family_ops = {
1398 .family = PF_BLUETOOTH,
1399 .owner = THIS_MODULE,
1400 .create = l2cap_sock_create,
1403 int __init l2cap_init_sockets(void)
1407 err = proto_register(&l2cap_proto, 0);
1411 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
1413 BT_ERR("L2CAP socket registration failed");
1417 err = bt_procfs_init(&init_net, "l2cap", &l2cap_sk_list,
1420 BT_ERR("Failed to create L2CAP proc file");
1421 bt_sock_unregister(BTPROTO_L2CAP);
1425 BT_INFO("L2CAP socket layer initialized");
1430 proto_unregister(&l2cap_proto);
1434 void l2cap_cleanup_sockets(void)
1436 bt_procfs_cleanup(&init_net, "l2cap");
1437 bt_sock_unregister(BTPROTO_L2CAP);
1438 proto_unregister(&l2cap_proto);
projects / ~andy / linux / blob