2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
6 Copyright (C) 2011 ProFUSION Embedded Systems
8 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License version 2 as
12 published by the Free Software Foundation;
14 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
17 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
18 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
19 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
23 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
24 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
25 SOFTWARE IS DISCLAIMED.
28 /* Bluetooth L2CAP sockets. */
30 #include <linux/export.h>
32 #include <net/bluetooth/bluetooth.h>
33 #include <net/bluetooth/hci_core.h>
34 #include <net/bluetooth/l2cap.h>
38 static struct bt_sock_list l2cap_sk_list = {
39 .lock = __RW_LOCK_UNLOCKED(l2cap_sk_list.lock)
42 static const struct proto_ops l2cap_sock_ops;
43 static void l2cap_sock_init(struct sock *sk, struct sock *parent);
44 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock,
45 int proto, gfp_t prio);
47 bool l2cap_is_socket(struct socket *sock)
49 return sock && sock->ops == &l2cap_sock_ops;
51 EXPORT_SYMBOL(l2cap_is_socket);
53 static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
55 struct sock *sk = sock->sk;
56 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
57 struct sockaddr_l2 la;
62 if (!addr || addr->sa_family != AF_BLUETOOTH)
65 memset(&la, 0, sizeof(la));
66 len = min_t(unsigned int, sizeof(la), alen);
67 memcpy(&la, addr, len);
69 if (la.l2_cid && la.l2_psm)
72 if (!bdaddr_type_is_valid(la.l2_bdaddr_type))
75 if (bdaddr_type_is_le(la.l2_bdaddr_type)) {
76 /* Connection oriented channels are not supported on LE */
79 /* We only allow ATT user space socket */
80 if (la.l2_cid != __constant_cpu_to_le16(L2CAP_CID_ATT))
86 if (sk->sk_state != BT_OPEN) {
92 __u16 psm = __le16_to_cpu(la.l2_psm);
94 /* PSM must be odd and lsb of upper byte must be 0 */
95 if ((psm & 0x0101) != 0x0001) {
100 /* Restrict usage of well-known PSMs */
101 if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) {
108 err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));
110 err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
115 switch (chan->chan_type) {
116 case L2CAP_CHAN_CONN_LESS:
117 if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_3DSP)
118 chan->sec_level = BT_SECURITY_SDP;
120 case L2CAP_CHAN_CONN_ORIENTED:
121 if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_SDP ||
122 __le16_to_cpu(la.l2_psm) == L2CAP_PSM_RFCOMM)
123 chan->sec_level = BT_SECURITY_SDP;
127 bacpy(&chan->src, &la.l2_bdaddr);
128 chan->src_type = la.l2_bdaddr_type;
130 chan->state = BT_BOUND;
131 sk->sk_state = BT_BOUND;
138 static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr,
141 struct sock *sk = sock->sk;
142 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
143 struct sockaddr_l2 la;
148 if (!addr || alen < sizeof(addr->sa_family) ||
149 addr->sa_family != AF_BLUETOOTH)
152 memset(&la, 0, sizeof(la));
153 len = min_t(unsigned int, sizeof(la), alen);
154 memcpy(&la, addr, len);
156 if (la.l2_cid && la.l2_psm)
159 if (!bdaddr_type_is_valid(la.l2_bdaddr_type))
162 /* Check that the socket wasn't bound to something that
163 * conflicts with the address given to connect(). If chan->src
164 * is BDADDR_ANY it means bind() was never used, in which case
165 * chan->src_type and la.l2_bdaddr_type do not need to match.
167 if (chan->src_type == BDADDR_BREDR && bacmp(&chan->src, BDADDR_ANY) &&
168 bdaddr_type_is_le(la.l2_bdaddr_type)) {
169 /* Old user space versions will try to incorrectly bind
170 * the ATT socket using BDADDR_BREDR. We need to accept
171 * this and fix up the source address type only when
172 * both the source CID and destination CID indicate
173 * ATT. Anything else is an invalid combination.
175 if (chan->scid != L2CAP_CID_ATT ||
176 la.l2_cid != __constant_cpu_to_le16(L2CAP_CID_ATT))
179 /* We don't have the hdev available here to make a
180 * better decision on random vs public, but since all
181 * user space versions that exhibit this issue anyway do
182 * not support random local addresses assuming public
183 * here is good enough.
185 chan->src_type = BDADDR_LE_PUBLIC;
188 if (chan->src_type != BDADDR_BREDR && la.l2_bdaddr_type == BDADDR_BREDR)
191 if (bdaddr_type_is_le(la.l2_bdaddr_type)) {
192 /* Connection oriented channels are not supported on LE */
195 /* We only allow ATT user space socket */
196 if (la.l2_cid != __constant_cpu_to_le16(L2CAP_CID_ATT))
200 err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid),
201 &la.l2_bdaddr, la.l2_bdaddr_type);
207 err = bt_sock_wait_state(sk, BT_CONNECTED,
208 sock_sndtimeo(sk, flags & O_NONBLOCK));
215 static int l2cap_sock_listen(struct socket *sock, int backlog)
217 struct sock *sk = sock->sk;
218 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
221 BT_DBG("sk %p backlog %d", sk, backlog);
225 if (sk->sk_state != BT_BOUND) {
230 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM) {
235 switch (chan->mode) {
236 case L2CAP_MODE_BASIC:
238 case L2CAP_MODE_ERTM:
239 case L2CAP_MODE_STREAMING:
248 sk->sk_max_ack_backlog = backlog;
249 sk->sk_ack_backlog = 0;
251 chan->state = BT_LISTEN;
252 sk->sk_state = BT_LISTEN;
259 static int l2cap_sock_accept(struct socket *sock, struct socket *newsock,
262 DECLARE_WAITQUEUE(wait, current);
263 struct sock *sk = sock->sk, *nsk;
267 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
269 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
271 BT_DBG("sk %p timeo %ld", sk, timeo);
273 /* Wait for an incoming connection. (wake-one). */
274 add_wait_queue_exclusive(sk_sleep(sk), &wait);
276 set_current_state(TASK_INTERRUPTIBLE);
278 if (sk->sk_state != BT_LISTEN) {
283 nsk = bt_accept_dequeue(sk, newsock);
292 if (signal_pending(current)) {
293 err = sock_intr_errno(timeo);
298 timeo = schedule_timeout(timeo);
299 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
301 __set_current_state(TASK_RUNNING);
302 remove_wait_queue(sk_sleep(sk), &wait);
307 newsock->state = SS_CONNECTED;
309 BT_DBG("new socket %p", nsk);
316 static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr,
319 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
320 struct sock *sk = sock->sk;
321 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
323 BT_DBG("sock %p, sk %p", sock, sk);
325 memset(la, 0, sizeof(struct sockaddr_l2));
326 addr->sa_family = AF_BLUETOOTH;
327 *len = sizeof(struct sockaddr_l2);
330 la->l2_psm = chan->psm;
331 bacpy(&la->l2_bdaddr, &chan->dst);
332 la->l2_cid = cpu_to_le16(chan->dcid);
333 la->l2_bdaddr_type = chan->dst_type;
335 la->l2_psm = chan->sport;
336 bacpy(&la->l2_bdaddr, &chan->src);
337 la->l2_cid = cpu_to_le16(chan->scid);
338 la->l2_bdaddr_type = chan->src_type;
344 static int l2cap_sock_getsockopt_old(struct socket *sock, int optname,
345 char __user *optval, int __user *optlen)
347 struct sock *sk = sock->sk;
348 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
349 struct l2cap_options opts;
350 struct l2cap_conninfo cinfo;
356 if (get_user(len, optlen))
363 memset(&opts, 0, sizeof(opts));
364 opts.imtu = chan->imtu;
365 opts.omtu = chan->omtu;
366 opts.flush_to = chan->flush_to;
367 opts.mode = chan->mode;
368 opts.fcs = chan->fcs;
369 opts.max_tx = chan->max_tx;
370 opts.txwin_size = chan->tx_win;
372 len = min_t(unsigned int, len, sizeof(opts));
373 if (copy_to_user(optval, (char *) &opts, len))
379 switch (chan->sec_level) {
380 case BT_SECURITY_LOW:
383 case BT_SECURITY_MEDIUM:
384 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT;
386 case BT_SECURITY_HIGH:
387 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
395 if (test_bit(FLAG_ROLE_SWITCH, &chan->flags))
396 opt |= L2CAP_LM_MASTER;
398 if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags))
399 opt |= L2CAP_LM_RELIABLE;
401 if (put_user(opt, (u32 __user *) optval))
406 if (sk->sk_state != BT_CONNECTED &&
407 !(sk->sk_state == BT_CONNECT2 &&
408 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
413 memset(&cinfo, 0, sizeof(cinfo));
414 cinfo.hci_handle = chan->conn->hcon->handle;
415 memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3);
417 len = min_t(unsigned int, len, sizeof(cinfo));
418 if (copy_to_user(optval, (char *) &cinfo, len))
432 static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname,
433 char __user *optval, int __user *optlen)
435 struct sock *sk = sock->sk;
436 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
437 struct bt_security sec;
443 if (level == SOL_L2CAP)
444 return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
446 if (level != SOL_BLUETOOTH)
449 if (get_user(len, optlen))
456 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
457 chan->chan_type != L2CAP_CHAN_RAW) {
462 memset(&sec, 0, sizeof(sec));
464 sec.level = chan->conn->hcon->sec_level;
466 if (sk->sk_state == BT_CONNECTED)
467 sec.key_size = chan->conn->hcon->enc_key_size;
469 sec.level = chan->sec_level;
472 len = min_t(unsigned int, len, sizeof(sec));
473 if (copy_to_user(optval, (char *) &sec, len))
479 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
484 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
485 (u32 __user *) optval))
491 if (put_user(test_bit(FLAG_FLUSHABLE, &chan->flags),
492 (u32 __user *) optval))
498 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
499 && sk->sk_type != SOCK_RAW) {
504 pwr.force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags);
506 len = min_t(unsigned int, len, sizeof(pwr));
507 if (copy_to_user(optval, (char *) &pwr, len))
512 case BT_CHANNEL_POLICY:
513 if (put_user(chan->chan_policy, (u32 __user *) optval))
526 static bool l2cap_valid_mtu(struct l2cap_chan *chan, u16 mtu)
528 switch (chan->scid) {
530 if (mtu < L2CAP_LE_MIN_MTU)
535 if (mtu < L2CAP_DEFAULT_MIN_MTU)
542 static int l2cap_sock_setsockopt_old(struct socket *sock, int optname,
543 char __user *optval, unsigned int optlen)
545 struct sock *sk = sock->sk;
546 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
547 struct l2cap_options opts;
557 if (sk->sk_state == BT_CONNECTED) {
562 opts.imtu = chan->imtu;
563 opts.omtu = chan->omtu;
564 opts.flush_to = chan->flush_to;
565 opts.mode = chan->mode;
566 opts.fcs = chan->fcs;
567 opts.max_tx = chan->max_tx;
568 opts.txwin_size = chan->tx_win;
570 len = min_t(unsigned int, sizeof(opts), optlen);
571 if (copy_from_user((char *) &opts, optval, len)) {
576 if (opts.txwin_size > L2CAP_DEFAULT_EXT_WINDOW) {
581 if (!l2cap_valid_mtu(chan, opts.imtu)) {
586 chan->mode = opts.mode;
587 switch (chan->mode) {
588 case L2CAP_MODE_BASIC:
589 clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);
591 case L2CAP_MODE_ERTM:
592 case L2CAP_MODE_STREAMING:
601 chan->imtu = opts.imtu;
602 chan->omtu = opts.omtu;
603 chan->fcs = opts.fcs;
604 chan->max_tx = opts.max_tx;
605 chan->tx_win = opts.txwin_size;
606 chan->flush_to = opts.flush_to;
610 if (get_user(opt, (u32 __user *) optval)) {
615 if (opt & L2CAP_LM_AUTH)
616 chan->sec_level = BT_SECURITY_LOW;
617 if (opt & L2CAP_LM_ENCRYPT)
618 chan->sec_level = BT_SECURITY_MEDIUM;
619 if (opt & L2CAP_LM_SECURE)
620 chan->sec_level = BT_SECURITY_HIGH;
622 if (opt & L2CAP_LM_MASTER)
623 set_bit(FLAG_ROLE_SWITCH, &chan->flags);
625 clear_bit(FLAG_ROLE_SWITCH, &chan->flags);
627 if (opt & L2CAP_LM_RELIABLE)
628 set_bit(FLAG_FORCE_RELIABLE, &chan->flags);
630 clear_bit(FLAG_FORCE_RELIABLE, &chan->flags);
642 static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname,
643 char __user *optval, unsigned int optlen)
645 struct sock *sk = sock->sk;
646 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
647 struct bt_security sec;
649 struct l2cap_conn *conn;
655 if (level == SOL_L2CAP)
656 return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
658 if (level != SOL_BLUETOOTH)
665 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
666 chan->chan_type != L2CAP_CHAN_RAW) {
671 sec.level = BT_SECURITY_LOW;
673 len = min_t(unsigned int, sizeof(sec), optlen);
674 if (copy_from_user((char *) &sec, optval, len)) {
679 if (sec.level < BT_SECURITY_LOW ||
680 sec.level > BT_SECURITY_HIGH) {
685 chan->sec_level = sec.level;
692 /*change security for LE channels */
693 if (chan->scid == L2CAP_CID_ATT) {
694 if (!conn->hcon->out) {
699 if (smp_conn_security(conn->hcon, sec.level))
701 sk->sk_state = BT_CONFIG;
702 chan->state = BT_CONFIG;
704 /* or for ACL link */
705 } else if ((sk->sk_state == BT_CONNECT2 &&
706 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) ||
707 sk->sk_state == BT_CONNECTED) {
708 if (!l2cap_chan_check_security(chan))
709 set_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
711 sk->sk_state_change(sk);
718 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
723 if (get_user(opt, (u32 __user *) optval)) {
729 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
730 set_bit(FLAG_DEFER_SETUP, &chan->flags);
732 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
733 clear_bit(FLAG_DEFER_SETUP, &chan->flags);
738 if (get_user(opt, (u32 __user *) optval)) {
743 if (opt > BT_FLUSHABLE_ON) {
748 if (opt == BT_FLUSHABLE_OFF) {
750 /* proceed further only when we have l2cap_conn and
751 No Flush support in the LM */
752 if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) {
759 set_bit(FLAG_FLUSHABLE, &chan->flags);
761 clear_bit(FLAG_FLUSHABLE, &chan->flags);
765 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
766 chan->chan_type != L2CAP_CHAN_RAW) {
771 pwr.force_active = BT_POWER_FORCE_ACTIVE_ON;
773 len = min_t(unsigned int, sizeof(pwr), optlen);
774 if (copy_from_user((char *) &pwr, optval, len)) {
779 if (pwr.force_active)
780 set_bit(FLAG_FORCE_ACTIVE, &chan->flags);
782 clear_bit(FLAG_FORCE_ACTIVE, &chan->flags);
785 case BT_CHANNEL_POLICY:
786 if (get_user(opt, (u32 __user *) optval)) {
791 if (opt > BT_CHANNEL_POLICY_AMP_PREFERRED) {
796 if (chan->mode != L2CAP_MODE_ERTM &&
797 chan->mode != L2CAP_MODE_STREAMING) {
802 chan->chan_policy = (u8) opt;
804 if (sk->sk_state == BT_CONNECTED &&
805 chan->move_role == L2CAP_MOVE_ROLE_NONE)
806 l2cap_move_start(chan);
819 static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
820 struct msghdr *msg, size_t len)
822 struct sock *sk = sock->sk;
823 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
826 BT_DBG("sock %p, sk %p", sock, sk);
828 err = sock_error(sk);
832 if (msg->msg_flags & MSG_OOB)
835 if (sk->sk_state != BT_CONNECTED)
839 err = bt_sock_wait_ready(sk, msg->msg_flags);
844 l2cap_chan_lock(chan);
845 err = l2cap_chan_send(chan, msg, len, sk->sk_priority);
846 l2cap_chan_unlock(chan);
851 static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
852 struct msghdr *msg, size_t len, int flags)
854 struct sock *sk = sock->sk;
855 struct l2cap_pinfo *pi = l2cap_pi(sk);
860 if (sk->sk_state == BT_CONNECT2 && test_bit(BT_SK_DEFER_SETUP,
861 &bt_sk(sk)->flags)) {
862 sk->sk_state = BT_CONFIG;
863 pi->chan->state = BT_CONFIG;
865 __l2cap_connect_rsp_defer(pi->chan);
872 if (sock->type == SOCK_STREAM)
873 err = bt_sock_stream_recvmsg(iocb, sock, msg, len, flags);
875 err = bt_sock_recvmsg(iocb, sock, msg, len, flags);
877 if (pi->chan->mode != L2CAP_MODE_ERTM)
880 /* Attempt to put pending rx data in the socket buffer */
884 if (!test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state))
887 if (pi->rx_busy_skb) {
888 if (!sock_queue_rcv_skb(sk, pi->rx_busy_skb))
889 pi->rx_busy_skb = NULL;
894 /* Restore data flow when half of the receive buffer is
895 * available. This avoids resending large numbers of
898 if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1)
899 l2cap_chan_busy(pi->chan, 0);
906 /* Kill socket (only if zapped and orphan)
907 * Must be called on unlocked socket.
909 static void l2cap_sock_kill(struct sock *sk)
911 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
914 BT_DBG("sk %p state %s", sk, state_to_string(sk->sk_state));
916 /* Kill poor orphan */
918 l2cap_chan_put(l2cap_pi(sk)->chan);
919 sock_set_flag(sk, SOCK_DEAD);
923 static int __l2cap_wait_ack(struct sock *sk)
925 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
926 DECLARE_WAITQUEUE(wait, current);
930 add_wait_queue(sk_sleep(sk), &wait);
931 set_current_state(TASK_INTERRUPTIBLE);
932 while (chan->unacked_frames > 0 && chan->conn) {
936 if (signal_pending(current)) {
937 err = sock_intr_errno(timeo);
942 timeo = schedule_timeout(timeo);
944 set_current_state(TASK_INTERRUPTIBLE);
946 err = sock_error(sk);
950 set_current_state(TASK_RUNNING);
951 remove_wait_queue(sk_sleep(sk), &wait);
955 static int l2cap_sock_shutdown(struct socket *sock, int how)
957 struct sock *sk = sock->sk;
958 struct l2cap_chan *chan;
959 struct l2cap_conn *conn;
962 BT_DBG("sock %p, sk %p", sock, sk);
967 chan = l2cap_pi(sk)->chan;
971 mutex_lock(&conn->chan_lock);
973 l2cap_chan_lock(chan);
976 if (!sk->sk_shutdown) {
977 if (chan->mode == L2CAP_MODE_ERTM)
978 err = __l2cap_wait_ack(sk);
980 sk->sk_shutdown = SHUTDOWN_MASK;
983 l2cap_chan_close(chan, 0);
986 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
987 err = bt_sock_wait_state(sk, BT_CLOSED,
991 if (!err && sk->sk_err)
995 l2cap_chan_unlock(chan);
998 mutex_unlock(&conn->chan_lock);
1003 static int l2cap_sock_release(struct socket *sock)
1005 struct sock *sk = sock->sk;
1008 BT_DBG("sock %p, sk %p", sock, sk);
1013 bt_sock_unlink(&l2cap_sk_list, sk);
1015 err = l2cap_sock_shutdown(sock, 2);
1018 l2cap_sock_kill(sk);
1022 static void l2cap_sock_cleanup_listen(struct sock *parent)
1026 BT_DBG("parent %p", parent);
1028 /* Close not yet accepted channels */
1029 while ((sk = bt_accept_dequeue(parent, NULL))) {
1030 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
1032 l2cap_chan_lock(chan);
1033 __clear_chan_timer(chan);
1034 l2cap_chan_close(chan, ECONNRESET);
1035 l2cap_chan_unlock(chan);
1037 l2cap_sock_kill(sk);
1041 static struct l2cap_chan *l2cap_sock_new_connection_cb(struct l2cap_chan *chan)
1043 struct sock *sk, *parent = chan->data;
1047 /* Check for backlog size */
1048 if (sk_acceptq_is_full(parent)) {
1049 BT_DBG("backlog full %d", parent->sk_ack_backlog);
1053 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP,
1058 bt_sock_reclassify_lock(sk, BTPROTO_L2CAP);
1060 l2cap_sock_init(sk, parent);
1062 bt_accept_enqueue(parent, sk);
1064 release_sock(parent);
1066 return l2cap_pi(sk)->chan;
1069 static int l2cap_sock_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
1071 struct sock *sk = chan->data;
1076 if (l2cap_pi(sk)->rx_busy_skb) {
1081 err = sock_queue_rcv_skb(sk, skb);
1083 /* For ERTM, handle one skb that doesn't fit into the recv
1084 * buffer. This is important to do because the data frames
1085 * have already been acked, so the skb cannot be discarded.
1087 * Notify the l2cap core that the buffer is full, so the
1088 * LOCAL_BUSY state is entered and no more frames are
1089 * acked and reassembled until there is buffer space
1092 if (err < 0 && chan->mode == L2CAP_MODE_ERTM) {
1093 l2cap_pi(sk)->rx_busy_skb = skb;
1094 l2cap_chan_busy(chan, 1);
1104 static void l2cap_sock_close_cb(struct l2cap_chan *chan)
1106 struct sock *sk = chan->data;
1108 l2cap_sock_kill(sk);
1111 static void l2cap_sock_teardown_cb(struct l2cap_chan *chan, int err)
1113 struct sock *sk = chan->data;
1114 struct sock *parent;
1118 parent = bt_sk(sk)->parent;
1120 sock_set_flag(sk, SOCK_ZAPPED);
1122 switch (chan->state) {
1128 l2cap_sock_cleanup_listen(sk);
1129 sk->sk_state = BT_CLOSED;
1130 chan->state = BT_CLOSED;
1134 sk->sk_state = BT_CLOSED;
1135 chan->state = BT_CLOSED;
1140 bt_accept_unlink(sk);
1141 parent->sk_data_ready(parent, 0);
1143 sk->sk_state_change(sk);
1152 static void l2cap_sock_state_change_cb(struct l2cap_chan *chan, int state,
1155 struct sock *sk = chan->data;
1157 sk->sk_state = state;
1163 static struct sk_buff *l2cap_sock_alloc_skb_cb(struct l2cap_chan *chan,
1164 unsigned long len, int nb)
1166 struct sock *sk = chan->data;
1167 struct sk_buff *skb;
1170 l2cap_chan_unlock(chan);
1171 skb = bt_skb_send_alloc(sk, len, nb, &err);
1172 l2cap_chan_lock(chan);
1175 return ERR_PTR(err);
1177 bt_cb(skb)->chan = chan;
1182 static void l2cap_sock_ready_cb(struct l2cap_chan *chan)
1184 struct sock *sk = chan->data;
1185 struct sock *parent;
1189 parent = bt_sk(sk)->parent;
1191 BT_DBG("sk %p, parent %p", sk, parent);
1193 sk->sk_state = BT_CONNECTED;
1194 sk->sk_state_change(sk);
1197 parent->sk_data_ready(parent, 0);
1202 static void l2cap_sock_defer_cb(struct l2cap_chan *chan)
1204 struct sock *parent, *sk = chan->data;
1208 parent = bt_sk(sk)->parent;
1210 parent->sk_data_ready(parent, 0);
1215 static void l2cap_sock_resume_cb(struct l2cap_chan *chan)
1217 struct sock *sk = chan->data;
1219 clear_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
1220 sk->sk_state_change(sk);
1223 static void l2cap_sock_set_shutdown_cb(struct l2cap_chan *chan)
1225 struct sock *sk = chan->data;
1228 sk->sk_shutdown = SHUTDOWN_MASK;
1232 static long l2cap_sock_get_sndtimeo_cb(struct l2cap_chan *chan)
1234 struct sock *sk = chan->data;
1236 return sk->sk_sndtimeo;
1239 static struct l2cap_ops l2cap_chan_ops = {
1240 .name = "L2CAP Socket Interface",
1241 .new_connection = l2cap_sock_new_connection_cb,
1242 .recv = l2cap_sock_recv_cb,
1243 .close = l2cap_sock_close_cb,
1244 .teardown = l2cap_sock_teardown_cb,
1245 .state_change = l2cap_sock_state_change_cb,
1246 .ready = l2cap_sock_ready_cb,
1247 .defer = l2cap_sock_defer_cb,
1248 .resume = l2cap_sock_resume_cb,
1249 .set_shutdown = l2cap_sock_set_shutdown_cb,
1250 .get_sndtimeo = l2cap_sock_get_sndtimeo_cb,
1251 .alloc_skb = l2cap_sock_alloc_skb_cb,
1254 static void l2cap_sock_destruct(struct sock *sk)
1256 BT_DBG("sk %p", sk);
1258 if (l2cap_pi(sk)->chan)
1259 l2cap_chan_put(l2cap_pi(sk)->chan);
1261 if (l2cap_pi(sk)->rx_busy_skb) {
1262 kfree_skb(l2cap_pi(sk)->rx_busy_skb);
1263 l2cap_pi(sk)->rx_busy_skb = NULL;
1266 skb_queue_purge(&sk->sk_receive_queue);
1267 skb_queue_purge(&sk->sk_write_queue);
1270 static void l2cap_skb_msg_name(struct sk_buff *skb, void *msg_name,
1273 struct sockaddr_l2 *la = (struct sockaddr_l2 *) msg_name;
1275 memset(la, 0, sizeof(struct sockaddr_l2));
1276 la->l2_family = AF_BLUETOOTH;
1277 la->l2_psm = bt_cb(skb)->psm;
1278 bacpy(&la->l2_bdaddr, &bt_cb(skb)->bdaddr);
1280 *msg_namelen = sizeof(struct sockaddr_l2);
1283 static void l2cap_sock_init(struct sock *sk, struct sock *parent)
1285 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
1287 BT_DBG("sk %p", sk);
1290 struct l2cap_chan *pchan = l2cap_pi(parent)->chan;
1292 sk->sk_type = parent->sk_type;
1293 bt_sk(sk)->flags = bt_sk(parent)->flags;
1295 chan->chan_type = pchan->chan_type;
1296 chan->imtu = pchan->imtu;
1297 chan->omtu = pchan->omtu;
1298 chan->conf_state = pchan->conf_state;
1299 chan->mode = pchan->mode;
1300 chan->fcs = pchan->fcs;
1301 chan->max_tx = pchan->max_tx;
1302 chan->tx_win = pchan->tx_win;
1303 chan->tx_win_max = pchan->tx_win_max;
1304 chan->sec_level = pchan->sec_level;
1305 chan->flags = pchan->flags;
1307 security_sk_clone(parent, sk);
1309 switch (sk->sk_type) {
1311 chan->chan_type = L2CAP_CHAN_RAW;
1314 chan->chan_type = L2CAP_CHAN_CONN_LESS;
1315 bt_sk(sk)->skb_msg_name = l2cap_skb_msg_name;
1317 case SOCK_SEQPACKET:
1319 chan->chan_type = L2CAP_CHAN_CONN_ORIENTED;
1323 chan->imtu = L2CAP_DEFAULT_MTU;
1325 if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
1326 chan->mode = L2CAP_MODE_ERTM;
1327 set_bit(CONF_STATE2_DEVICE, &chan->conf_state);
1329 chan->mode = L2CAP_MODE_BASIC;
1332 l2cap_chan_set_defaults(chan);
1335 /* Default config options */
1336 chan->flush_to = L2CAP_DEFAULT_FLUSH_TO;
1339 chan->ops = &l2cap_chan_ops;
1342 static struct proto l2cap_proto = {
1344 .owner = THIS_MODULE,
1345 .obj_size = sizeof(struct l2cap_pinfo)
1348 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock,
1349 int proto, gfp_t prio)
1352 struct l2cap_chan *chan;
1354 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
1358 sock_init_data(sock, sk);
1359 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
1361 sk->sk_destruct = l2cap_sock_destruct;
1362 sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;
1364 sock_reset_flag(sk, SOCK_ZAPPED);
1366 sk->sk_protocol = proto;
1367 sk->sk_state = BT_OPEN;
1369 chan = l2cap_chan_create();
1375 l2cap_chan_hold(chan);
1377 l2cap_pi(sk)->chan = chan;
1382 static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
1387 BT_DBG("sock %p", sock);
1389 sock->state = SS_UNCONNECTED;
1391 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
1392 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
1393 return -ESOCKTNOSUPPORT;
1395 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
1398 sock->ops = &l2cap_sock_ops;
1400 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
1404 l2cap_sock_init(sk, NULL);
1405 bt_sock_link(&l2cap_sk_list, sk);
1409 static const struct proto_ops l2cap_sock_ops = {
1410 .family = PF_BLUETOOTH,
1411 .owner = THIS_MODULE,
1412 .release = l2cap_sock_release,
1413 .bind = l2cap_sock_bind,
1414 .connect = l2cap_sock_connect,
1415 .listen = l2cap_sock_listen,
1416 .accept = l2cap_sock_accept,
1417 .getname = l2cap_sock_getname,
1418 .sendmsg = l2cap_sock_sendmsg,
1419 .recvmsg = l2cap_sock_recvmsg,
1420 .poll = bt_sock_poll,
1421 .ioctl = bt_sock_ioctl,
1422 .mmap = sock_no_mmap,
1423 .socketpair = sock_no_socketpair,
1424 .shutdown = l2cap_sock_shutdown,
1425 .setsockopt = l2cap_sock_setsockopt,
1426 .getsockopt = l2cap_sock_getsockopt
1429 static const struct net_proto_family l2cap_sock_family_ops = {
1430 .family = PF_BLUETOOTH,
1431 .owner = THIS_MODULE,
1432 .create = l2cap_sock_create,
1435 int __init l2cap_init_sockets(void)
1439 err = proto_register(&l2cap_proto, 0);
1443 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
1445 BT_ERR("L2CAP socket registration failed");
1449 err = bt_procfs_init(&init_net, "l2cap", &l2cap_sk_list,
1452 BT_ERR("Failed to create L2CAP proc file");
1453 bt_sock_unregister(BTPROTO_L2CAP);
1457 BT_INFO("L2CAP socket layer initialized");
1462 proto_unregister(&l2cap_proto);
1466 void l2cap_cleanup_sockets(void)
1468 bt_procfs_cleanup(&init_net, "l2cap");
1469 bt_sock_unregister(BTPROTO_L2CAP);
1470 proto_unregister(&l2cap_proto);
projects / cascardo / linux.git / blob