]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blame - net/bluetooth/l2cap_sock.c
projects / mirror_ubuntu-artful-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules
[mirror_ubuntu-artful-kernel.git] / net / bluetooth / l2cap_sock.c
CommitLineData
bb58f747
GP		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
6
7 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License version 2 as
11 published by the Free Software Foundation;
12
13 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
14 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
16 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
17 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
18 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
19 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
20 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
21
22 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
23 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
24 SOFTWARE IS DISCLAIMED.
25*/
26
27/* Bluetooth L2CAP sockets. */
28
6230c9b4 29#include <linux/security.h>
bc3b2d7f 30#include <linux/export.h>
6230c9b4 31
bb58f747 32#include <net/bluetooth/bluetooth.h>
33575df7 33#include <net/bluetooth/hci_core.h>
bb58f747 34#include <net/bluetooth/l2cap.h>
f1cb9af5 35#include <net/bluetooth/smp.h>
bb58f747 36
cf2f90f5 37static const struct proto_ops l2cap_sock_ops;
80808e43
GP		 38static void l2cap_sock_init(struct sock *sk, struct sock *parent);
39static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio);
cf2f90f5 40
af6bcd82
GP		 41static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
42{
43 struct sock *sk = sock->sk;
4343478f 44 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
af6bcd82
GP		 45 struct sockaddr_l2 la;
46 int len, err = 0;
47
48 BT_DBG("sk %p", sk);
49
50 if (!addr || addr->sa_family != AF_BLUETOOTH)
51 return -EINVAL;
52
53 memset(&la, 0, sizeof(la));
54 len = min_t(unsigned int, sizeof(la), alen);
55 memcpy(&la, addr, len);
56
b62f328b 57 if (la.l2_cid && la.l2_psm)
af6bcd82
GP		 58 return -EINVAL;
59
60 lock_sock(sk);
61
62 if (sk->sk_state != BT_OPEN) {
63 err = -EBADFD;
64 goto done;
65 }
66
67 if (la.l2_psm) {
68 __u16 psm = __le16_to_cpu(la.l2_psm);
69
70 /* PSM must be odd and lsb of upper byte must be 0 */
71 if ((psm & 0x0101) != 0x0001) {
72 err = -EINVAL;
73 goto done;
74 }
75
76 /* Restrict usage of well-known PSMs */
77 if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) {
78 err = -EACCES;
79 goto done;
80 }
81 }
82
9e4425ff
GP		 83 if (la.l2_cid)
84 err = l2cap_add_scid(chan, la.l2_cid);
85 else
86 err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
af6bcd82 87
9e4425ff
GP		 88 if (err < 0)
89 goto done;
af6bcd82 90
9e4425ff
GP		 91 if (__le16_to_cpu(la.l2_psm) == 0x0001 ||
92 __le16_to_cpu(la.l2_psm) == 0x0003)
93 chan->sec_level = BT_SECURITY_SDP;
b62f328b 94
9e4425ff 95 bacpy(&bt_sk(sk)->src, &la.l2_bdaddr);
89bc500e
GP		 96
97 chan->state = BT_BOUND;
9e4425ff 98 sk->sk_state = BT_BOUND;
af6bcd82
GP		 99
100done:
101 release_sock(sk);
102 return err;
103}
104
4e34c50b
GP		 105static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
106{
107 struct sock *sk = sock->sk;
0c1bc5c6 108 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
4e34c50b
GP		 109 struct sockaddr_l2 la;
110 int len, err = 0;
111
112 BT_DBG("sk %p", sk);
113
114 if (!addr || alen < sizeof(addr->sa_family) ||
115 addr->sa_family != AF_BLUETOOTH)
116 return -EINVAL;
117
118 memset(&la, 0, sizeof(la));
119 len = min_t(unsigned int, sizeof(la), alen);
120 memcpy(&la, addr, len);
121
acd7d370 122 if (la.l2_cid && la.l2_psm)
4e34c50b
GP		 123 return -EINVAL;
124
125 lock_sock(sk);
126
715ec005 127 if (chan->chan_type == L2CAP_CHAN_CONN_ORIENTED
acd7d370 128 && !(la.l2_psm || la.l2_cid)) {
4e34c50b
GP		 129 err = -EINVAL;
130 goto done;
131 }
132
0c1bc5c6 133 switch (chan->mode) {
4e34c50b
GP		 134 case L2CAP_MODE_BASIC:
135 break;
136 case L2CAP_MODE_ERTM:
137 case L2CAP_MODE_STREAMING:
138 if (!disable_ertm)
139 break;
140 /* fall through */
141 default:
142 err = -ENOTSUPP;
143 goto done;
144 }
145
146 switch (sk->sk_state) {
147 case BT_CONNECT:
148 case BT_CONNECT2:
149 case BT_CONFIG:
150 /* Already connecting */
151 goto wait;
152
153 case BT_CONNECTED:
154 /* Already connected */
155 err = -EISCONN;
156 goto done;
157
158 case BT_OPEN:
159 case BT_BOUND:
160 /* Can connect */
161 break;
162
163 default:
164 err = -EBADFD;
165 goto done;
166 }
167
168 /* PSM must be odd and lsb of upper byte must be 0 */
715ec005
GP		 169 if ((__le16_to_cpu(la.l2_psm) & 0x0101) != 0x0001 && !la.l2_cid &&
170 chan->chan_type != L2CAP_CHAN_RAW) {
4e34c50b
GP		 171 err = -EINVAL;
172 goto done;
173 }
174
175 /* Set destination address and psm */
176 bacpy(&bt_sk(sk)->dst, &la.l2_bdaddr);
fe4128e0
GP		 177 chan->psm = la.l2_psm;
178 chan->dcid = la.l2_cid;
4e34c50b 179
77a74c7e 180 err = l2cap_chan_connect(l2cap_pi(sk)->chan);
4e34c50b
GP		 181 if (err)
182 goto done;
183
184wait:
185 err = bt_sock_wait_state(sk, BT_CONNECTED,
186 sock_sndtimeo(sk, flags & O_NONBLOCK));
187done:
188 release_sock(sk);
189 return err;
190}
191
af6bcd82
GP		 192static int l2cap_sock_listen(struct socket *sock, int backlog)
193{
194 struct sock *sk = sock->sk;
0c1bc5c6 195 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
af6bcd82
GP		 196 int err = 0;
197
198 BT_DBG("sk %p backlog %d", sk, backlog);
199
200 lock_sock(sk);
201
202 if ((sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM)
203 || sk->sk_state != BT_BOUND) {
204 err = -EBADFD;
205 goto done;
206 }
207
0c1bc5c6 208 switch (chan->mode) {
af6bcd82
GP		 209 case L2CAP_MODE_BASIC:
210 break;
211 case L2CAP_MODE_ERTM:
212 case L2CAP_MODE_STREAMING:
213 if (!disable_ertm)
214 break;
215 /* fall through */
216 default:
217 err = -ENOTSUPP;
218 goto done;
219 }
220
af6bcd82
GP		 221 sk->sk_max_ack_backlog = backlog;
222 sk->sk_ack_backlog = 0;
89bc500e
GP		 223
224 chan->state = BT_LISTEN;
af6bcd82
GP		 225 sk->sk_state = BT_LISTEN;
226
227done:
228 release_sock(sk);
229 return err;
230}
231
c47b7c72
GP		 232static int l2cap_sock_accept(struct socket *sock, struct socket *newsock, int flags)
233{
234 DECLARE_WAITQUEUE(wait, current);
235 struct sock *sk = sock->sk, *nsk;
236 long timeo;
237 int err = 0;
238
239 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
240
c47b7c72
GP		 241 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
242
243 BT_DBG("sk %p timeo %ld", sk, timeo);
244
245 /* Wait for an incoming connection. (wake-one). */
246 add_wait_queue_exclusive(sk_sleep(sk), &wait);
f9a3c20a 247 while (1) {
c47b7c72 248 set_current_state(TASK_INTERRUPTIBLE);
f9a3c20a
PH		 249
250 if (sk->sk_state != BT_LISTEN) {
251 err = -EBADFD;
c47b7c72
GP		 252 break;
253 }
254
f9a3c20a
PH		 255 nsk = bt_accept_dequeue(sk, newsock);
256 if (nsk)
257 break;
c47b7c72 258
f9a3c20a
PH		 259 if (!timeo) {
260 err = -EAGAIN;
c47b7c72
GP		 261 break;
262 }
263
264 if (signal_pending(current)) {
265 err = sock_intr_errno(timeo);
266 break;
267 }
f9a3c20a
PH		 268
269 release_sock(sk);
270 timeo = schedule_timeout(timeo);
271 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
c47b7c72 272 }
f9a3c20a 273 __set_current_state(TASK_RUNNING);
c47b7c72
GP		 274 remove_wait_queue(sk_sleep(sk), &wait);
275
276 if (err)
277 goto done;
278
279 newsock->state = SS_CONNECTED;
280
281 BT_DBG("new socket %p", nsk);
282
283done:
284 release_sock(sk);
285 return err;
286}
287
d7175d55
GP		 288static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
289{
290 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
291 struct sock *sk = sock->sk;
0c1bc5c6 292 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
d7175d55
GP		 293
294 BT_DBG("sock %p, sk %p", sock, sk);
295
296 addr->sa_family = AF_BLUETOOTH;
297 *len = sizeof(struct sockaddr_l2);
298
299 if (peer) {
fe4128e0 300 la->l2_psm = chan->psm;
d7175d55 301 bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst);
fe4128e0 302 la->l2_cid = cpu_to_le16(chan->dcid);
d7175d55 303 } else {
0c1bc5c6 304 la->l2_psm = chan->sport;
d7175d55 305 bacpy(&la->l2_bdaddr, &bt_sk(sk)->src);
fe4128e0 306 la->l2_cid = cpu_to_le16(chan->scid);
d7175d55
GP		 307 }
308
309 return 0;
310}
311
99f4808d
GP		 312static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
313{
314 struct sock *sk = sock->sk;
4343478f 315 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
99f4808d
GP		 316 struct l2cap_options opts;
317 struct l2cap_conninfo cinfo;
318 int len, err = 0;
319 u32 opt;
320
321 BT_DBG("sk %p", sk);
322
323 if (get_user(len, optlen))
324 return -EFAULT;
325
326 lock_sock(sk);
327
328 switch (optname) {
329 case L2CAP_OPTIONS:
e3fb592b 330 memset(&opts, 0, sizeof(opts));
0c1bc5c6
GP		 331 opts.imtu = chan->imtu;
332 opts.omtu = chan->omtu;
333 opts.flush_to = chan->flush_to;
334 opts.mode = chan->mode;
47d1ec61
GP		 335 opts.fcs = chan->fcs;
336 opts.max_tx = chan->max_tx;
337 opts.txwin_size = (__u16)chan->tx_win;
99f4808d
GP		 338
339 len = min_t(unsigned int, len, sizeof(opts));
340 if (copy_to_user(optval, (char *) &opts, len))
341 err = -EFAULT;
342
343 break;
344
345 case L2CAP_LM:
4343478f 346 switch (chan->sec_level) {
99f4808d
GP		 347 case BT_SECURITY_LOW:
348 opt = L2CAP_LM_AUTH;
349 break;
350 case BT_SECURITY_MEDIUM:
351 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT;
352 break;
353 case BT_SECURITY_HIGH:
354 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
355 L2CAP_LM_SECURE;
356 break;
357 default:
358 opt = 0;
359 break;
360 }
361
4343478f 362 if (chan->role_switch)
99f4808d
GP		 363 opt |= L2CAP_LM_MASTER;
364
4343478f 365 if (chan->force_reliable)
99f4808d
GP		 366 opt |= L2CAP_LM_RELIABLE;
367
368 if (put_user(opt, (u32 __user *) optval))
369 err = -EFAULT;
370 break;
371
372 case L2CAP_CONNINFO:
373 if (sk->sk_state != BT_CONNECTED &&
374 !(sk->sk_state == BT_CONNECT2 &&
375 bt_sk(sk)->defer_setup)) {
376 err = -ENOTCONN;
377 break;
378 }
379
8d03e971 380 memset(&cinfo, 0, sizeof(cinfo));
8c1d787b
GP		 381 cinfo.hci_handle = chan->conn->hcon->handle;
382 memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3);
99f4808d
GP		 383
384 len = min_t(unsigned int, len, sizeof(cinfo));
385 if (copy_to_user(optval, (char *) &cinfo, len))
386 err = -EFAULT;
387
388 break;
389
390 default:
391 err = -ENOPROTOOPT;
392 break;
393 }
394
395 release_sock(sk);
396 return err;
397}
398
399static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
400{
401 struct sock *sk = sock->sk;
4343478f 402 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
99f4808d 403 struct bt_security sec;
14b12d0b 404 struct bt_power pwr;
99f4808d
GP		 405 int len, err = 0;
406
407 BT_DBG("sk %p", sk);
408
409 if (level == SOL_L2CAP)
410 return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
411
412 if (level != SOL_BLUETOOTH)
413 return -ENOPROTOOPT;
414
415 if (get_user(len, optlen))
416 return -EFAULT;
417
418 lock_sock(sk);
419
420 switch (optname) {
421 case BT_SECURITY:
715ec005
GP		 422 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
423 chan->chan_type != L2CAP_CHAN_RAW) {
99f4808d
GP		 424 err = -EINVAL;
425 break;
426 }
427
8f360119 428 memset(&sec, 0, sizeof(sec));
4343478f 429 sec.level = chan->sec_level;
99f4808d 430
8f360119
VCG		 431 if (sk->sk_state == BT_CONNECTED)
432 sec.key_size = chan->conn->hcon->enc_key_size;
433
99f4808d
GP		 434 len = min_t(unsigned int, len, sizeof(sec));
435 if (copy_to_user(optval, (char *) &sec, len))
436 err = -EFAULT;
437
438 break;
439
440 case BT_DEFER_SETUP:
441 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
442 err = -EINVAL;
443 break;
444 }
445
446 if (put_user(bt_sk(sk)->defer_setup, (u32 __user *) optval))
447 err = -EFAULT;
448
449 break;
450
451 case BT_FLUSHABLE:
4343478f 452 if (put_user(chan->flushable, (u32 __user *) optval))
99f4808d
GP		 453 err = -EFAULT;
454
455 break;
456
14b12d0b
JG		 457 case BT_POWER:
458 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
459 && sk->sk_type != SOCK_RAW) {
460 err = -EINVAL;
461 break;
462 }
463
464 pwr.force_active = chan->force_active;
465
466 len = min_t(unsigned int, len, sizeof(pwr));
467 if (copy_to_user(optval, (char *) &pwr, len))
468 err = -EFAULT;
469
470 break;
471
99f4808d
GP		 472 default:
473 err = -ENOPROTOOPT;
474 break;
475 }
476
477 release_sock(sk);
478 return err;
479}
480
33575df7
GP		 481static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __user *optval, unsigned int optlen)
482{
483 struct sock *sk = sock->sk;
b4450035 484 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
33575df7
GP		 485 struct l2cap_options opts;
486 int len, err = 0;
487 u32 opt;
488
489 BT_DBG("sk %p", sk);
490
491 lock_sock(sk);
492
493 switch (optname) {
494 case L2CAP_OPTIONS:
495 if (sk->sk_state == BT_CONNECTED) {
496 err = -EINVAL;
497 break;
498 }
499
0c1bc5c6
GP		 500 opts.imtu = chan->imtu;
501 opts.omtu = chan->omtu;
502 opts.flush_to = chan->flush_to;
503 opts.mode = chan->mode;
47d1ec61
GP		 504 opts.fcs = chan->fcs;
505 opts.max_tx = chan->max_tx;
506 opts.txwin_size = (__u16)chan->tx_win;
33575df7
GP		 507
508 len = min_t(unsigned int, sizeof(opts), optlen);
509 if (copy_from_user((char *) &opts, optval, len)) {
510 err = -EFAULT;
511 break;
512 }
513
514 if (opts.txwin_size > L2CAP_DEFAULT_TX_WINDOW) {
515 err = -EINVAL;
516 break;
517 }
518
0c1bc5c6
GP		 519 chan->mode = opts.mode;
520 switch (chan->mode) {
33575df7 521 case L2CAP_MODE_BASIC:
c1360a1c 522 clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);
33575df7
GP		 523 break;
524 case L2CAP_MODE_ERTM:
525 case L2CAP_MODE_STREAMING:
526 if (!disable_ertm)
527 break;
528 /* fall through */
529 default:
530 err = -EINVAL;
531 break;
532 }
533
0c1bc5c6
GP		 534 chan->imtu = opts.imtu;
535 chan->omtu = opts.omtu;
47d1ec61
GP		 536 chan->fcs = opts.fcs;
537 chan->max_tx = opts.max_tx;
538 chan->tx_win = (__u8)opts.txwin_size;
33575df7
GP		 539 break;
540
541 case L2CAP_LM:
542 if (get_user(opt, (u32 __user *) optval)) {
543 err = -EFAULT;
544 break;
545 }
546
547 if (opt & L2CAP_LM_AUTH)
4343478f 548 chan->sec_level = BT_SECURITY_LOW;
33575df7 549 if (opt & L2CAP_LM_ENCRYPT)
4343478f 550 chan->sec_level = BT_SECURITY_MEDIUM;
33575df7 551 if (opt & L2CAP_LM_SECURE)
4343478f 552 chan->sec_level = BT_SECURITY_HIGH;
33575df7 553
4343478f
GP		 554 chan->role_switch = (opt & L2CAP_LM_MASTER);
555 chan->force_reliable = (opt & L2CAP_LM_RELIABLE);
33575df7
GP		 556 break;
557
558 default:
559 err = -ENOPROTOOPT;
560 break;
561 }
562
563 release_sock(sk);
564 return err;
565}
566
567static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
568{
569 struct sock *sk = sock->sk;
4343478f 570 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
33575df7 571 struct bt_security sec;
14b12d0b 572 struct bt_power pwr;
f1cb9af5 573 struct l2cap_conn *conn;
33575df7
GP		 574 int len, err = 0;
575 u32 opt;
576
577 BT_DBG("sk %p", sk);
578
579 if (level == SOL_L2CAP)
580 return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
581
582 if (level != SOL_BLUETOOTH)
583 return -ENOPROTOOPT;
584
585 lock_sock(sk);
586
587 switch (optname) {
588 case BT_SECURITY:
715ec005
GP		 589 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
590 chan->chan_type != L2CAP_CHAN_RAW) {
33575df7
GP		 591 err = -EINVAL;
592 break;
593 }
594
595 sec.level = BT_SECURITY_LOW;
596
597 len = min_t(unsigned int, sizeof(sec), optlen);
598 if (copy_from_user((char *) &sec, optval, len)) {
599 err = -EFAULT;
600 break;
601 }
602
603 if (sec.level < BT_SECURITY_LOW ||
604 sec.level > BT_SECURITY_HIGH) {
605 err = -EINVAL;
606 break;
607 }
608
4343478f 609 chan->sec_level = sec.level;
f1cb9af5
VCG		 610
611 conn = chan->conn;
612 if (conn && chan->scid == L2CAP_CID_LE_DATA) {
613 if (!conn->hcon->out) {
614 err = -EINVAL;
615 break;
616 }
617
618 if (smp_conn_security(conn, sec.level))
619 break;
620
621 err = 0;
622 sk->sk_state = BT_CONFIG;
623 }
33575df7
GP		 624 break;
625
626 case BT_DEFER_SETUP:
627 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
628 err = -EINVAL;
629 break;
630 }
631
632 if (get_user(opt, (u32 __user *) optval)) {
633 err = -EFAULT;
634 break;
635 }
636
637 bt_sk(sk)->defer_setup = opt;
638 break;
639
640 case BT_FLUSHABLE:
641 if (get_user(opt, (u32 __user *) optval)) {
642 err = -EFAULT;
643 break;
644 }
645
646 if (opt > BT_FLUSHABLE_ON) {
647 err = -EINVAL;
648 break;
649 }
650
651 if (opt == BT_FLUSHABLE_OFF) {
8c1d787b 652 struct l2cap_conn *conn = chan->conn;
25985edc 653 /* proceed further only when we have l2cap_conn and
33575df7
GP		 654 No Flush support in the LM */
655 if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) {
656 err = -EINVAL;
657 break;
658 }
659 }
660
4343478f 661 chan->flushable = opt;
33575df7
GP		 662 break;
663
14b12d0b
JG		 664 case BT_POWER:
665 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
666 chan->chan_type != L2CAP_CHAN_RAW) {
667 err = -EINVAL;
668 break;
669 }
670
671 pwr.force_active = BT_POWER_FORCE_ACTIVE_ON;
672
673 len = min_t(unsigned int, sizeof(pwr), optlen);
674 if (copy_from_user((char *) &pwr, optval, len)) {
675 err = -EFAULT;
676 break;
677 }
678 chan->force_active = pwr.force_active;
679 break;
680
33575df7
GP		 681 default:
682 err = -ENOPROTOOPT;
683 break;
684 }
685
686 release_sock(sk);
687 return err;
688}
fd83ccdb
GP		 689
690static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len)
691{
692 struct sock *sk = sock->sk;
0c1bc5c6 693 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
fd83ccdb
GP		 694 int err;
695
696 BT_DBG("sock %p, sk %p", sock, sk);
697
698 err = sock_error(sk);
699 if (err)
700 return err;
701
702 if (msg->msg_flags & MSG_OOB)
703 return -EOPNOTSUPP;
704
705 lock_sock(sk);
706
707 if (sk->sk_state != BT_CONNECTED) {
9a91a04a
GP		 708 release_sock(sk);
709 return -ENOTCONN;
fd83ccdb
GP		 710 }
711
9a91a04a 712 err = l2cap_chan_send(chan, msg, len);
fd83ccdb 713
fd83ccdb
GP		 714 release_sock(sk);
715 return err;
716}
33575df7 717
68983259
GP		 718static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len, int flags)
719{
720 struct sock *sk = sock->sk;
e328140f
MM		 721 struct l2cap_pinfo *pi = l2cap_pi(sk);
722 int err;
68983259
GP		 723
724 lock_sock(sk);
725
726 if (sk->sk_state == BT_CONNECT2 && bt_sk(sk)->defer_setup) {
8c1d787b
GP		 727 sk->sk_state = BT_CONFIG;
728
e328140f 729 __l2cap_connect_rsp_defer(pi->chan);
68983259
GP		 730 release_sock(sk);
731 return 0;
732 }
733
734 release_sock(sk);
735
736 if (sock->type == SOCK_STREAM)
e328140f
MM		 737 err = bt_sock_stream_recvmsg(iocb, sock, msg, len, flags);
738 else
739 err = bt_sock_recvmsg(iocb, sock, msg, len, flags);
740
741 if (pi->chan->mode != L2CAP_MODE_ERTM)
742 return err;
743
744 /* Attempt to put pending rx data in the socket buffer */
745
746 lock_sock(sk);
747
748 if (!test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state))
749 goto done;
750
751 if (pi->rx_busy_skb) {
752 if (!sock_queue_rcv_skb(sk, pi->rx_busy_skb))
753 pi->rx_busy_skb = NULL;
754 else
755 goto done;
756 }
757
758 /* Restore data flow when half of the receive buffer is
759 * available. This avoids resending large numbers of
760 * frames.
761 */
762 if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1)
763 l2cap_chan_busy(pi->chan, 0);
68983259 764
e328140f
MM		 765done:
766 release_sock(sk);
767 return err;
68983259
GP		 768}
769
05fc1576
GP		 770/* Kill socket (only if zapped and orphan)
771 * Must be called on unlocked socket.
772 */
ba3bd0ee 773static void l2cap_sock_kill(struct sock *sk)
05fc1576
GP		 774{
775 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
776 return;
777
778 BT_DBG("sk %p state %d", sk, sk->sk_state);
779
780 /* Kill poor orphan */
6ff5abbf 781
23691d75 782 l2cap_chan_destroy(l2cap_pi(sk)->chan);
05fc1576
GP		 783 sock_set_flag(sk, SOCK_DEAD);
784 sock_put(sk);
785}
786
dcba0dba
GP		 787static int l2cap_sock_shutdown(struct socket *sock, int how)
788{
789 struct sock *sk = sock->sk;
0c1bc5c6 790 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
dcba0dba
GP		 791 int err = 0;
792
793 BT_DBG("sock %p, sk %p", sock, sk);
794
795 if (!sk)
796 return 0;
797
798 lock_sock(sk);
799 if (!sk->sk_shutdown) {
0c1bc5c6 800 if (chan->mode == L2CAP_MODE_ERTM)
dcba0dba
GP		 801 err = __l2cap_wait_ack(sk);
802
803 sk->sk_shutdown = SHUTDOWN_MASK;
0f852724 804 l2cap_chan_close(chan, 0);
dcba0dba
GP		 805
806 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
807 err = bt_sock_wait_state(sk, BT_CLOSED,
808 sk->sk_lingertime);
809 }
810
811 if (!err && sk->sk_err)
812 err = -sk->sk_err;
813
814 release_sock(sk);
815 return err;
816}
817
554f05bb
GP		 818static int l2cap_sock_release(struct socket *sock)
819{
820 struct sock *sk = sock->sk;
821 int err;
822
823 BT_DBG("sock %p, sk %p", sock, sk);
824
825 if (!sk)
826 return 0;
827
828 err = l2cap_sock_shutdown(sock, 2);
829
830 sock_orphan(sk);
831 l2cap_sock_kill(sk);
832 return err;
833}
834
80808e43
GP		 835static struct l2cap_chan *l2cap_sock_new_connection_cb(void *data)
836{
837 struct sock *sk, *parent = data;
838
839 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP,
840 GFP_ATOMIC);
841 if (!sk)
842 return NULL;
843
844 l2cap_sock_init(sk, parent);
845
846 return l2cap_pi(sk)->chan;
847}
848
23070494
GP		 849static int l2cap_sock_recv_cb(void *data, struct sk_buff *skb)
850{
e328140f 851 int err;
23070494 852 struct sock *sk = data;
e328140f
MM		 853 struct l2cap_pinfo *pi = l2cap_pi(sk);
854
855 if (pi->rx_busy_skb)
856 return -ENOMEM;
857
858 err = sock_queue_rcv_skb(sk, skb);
859
860 /* For ERTM, handle one skb that doesn't fit into the recv
861 * buffer. This is important to do because the data frames
862 * have already been acked, so the skb cannot be discarded.
863 *
864 * Notify the l2cap core that the buffer is full, so the
865 * LOCAL_BUSY state is entered and no more frames are
866 * acked and reassembled until there is buffer space
867 * available.
868 */
869 if (err < 0 && pi->chan->mode == L2CAP_MODE_ERTM) {
870 pi->rx_busy_skb = skb;
871 l2cap_chan_busy(pi->chan, 1);
872 err = 0;
873 }
23070494 874
e328140f 875 return err;
23070494
GP		 876}
877
ba3bd0ee
GP		 878static void l2cap_sock_close_cb(void *data)
879{
880 struct sock *sk = data;
881
882 l2cap_sock_kill(sk);
883}
884
89bc500e
GP		 885static void l2cap_sock_state_change_cb(void *data, int state)
886{
887 struct sock *sk = data;
888
889 sk->sk_state = state;
890}
891
80808e43
GP		 892static struct l2cap_ops l2cap_chan_ops = {
893 .name = "L2CAP Socket Interface",
894 .new_connection = l2cap_sock_new_connection_cb,
23070494 895 .recv = l2cap_sock_recv_cb,
ba3bd0ee 896 .close = l2cap_sock_close_cb,
89bc500e 897 .state_change = l2cap_sock_state_change_cb,
80808e43
GP		 898};
899
bb58f747
GP		 900static void l2cap_sock_destruct(struct sock *sk)
901{
902 BT_DBG("sk %p", sk);
903
e328140f
MM		 904 if (l2cap_pi(sk)->rx_busy_skb) {
905 kfree_skb(l2cap_pi(sk)->rx_busy_skb);
906 l2cap_pi(sk)->rx_busy_skb = NULL;
907 }
908
bb58f747
GP		 909 skb_queue_purge(&sk->sk_receive_queue);
910 skb_queue_purge(&sk->sk_write_queue);
911}
912
80808e43 913static void l2cap_sock_init(struct sock *sk, struct sock *parent)
bb58f747
GP		 914{
915 struct l2cap_pinfo *pi = l2cap_pi(sk);
b4450035 916 struct l2cap_chan *chan = pi->chan;
bb58f747
GP		 917
918 BT_DBG("sk %p", sk);
919
920 if (parent) {
b4450035
GP		 921 struct l2cap_chan *pchan = l2cap_pi(parent)->chan;
922
bb58f747
GP		 923 sk->sk_type = parent->sk_type;
924 bt_sk(sk)->defer_setup = bt_sk(parent)->defer_setup;
925
715ec005 926 chan->chan_type = pchan->chan_type;
0c1bc5c6
GP		 927 chan->imtu = pchan->imtu;
928 chan->omtu = pchan->omtu;
b4450035 929 chan->conf_state = pchan->conf_state;
0c1bc5c6 930 chan->mode = pchan->mode;
47d1ec61
GP		 931 chan->fcs = pchan->fcs;
932 chan->max_tx = pchan->max_tx;
933 chan->tx_win = pchan->tx_win;
4343478f
GP		 934 chan->sec_level = pchan->sec_level;
935 chan->role_switch = pchan->role_switch;
936 chan->force_reliable = pchan->force_reliable;
937 chan->flushable = pchan->flushable;
14b12d0b 938 chan->force_active = pchan->force_active;
6230c9b4
PM		 939
940 security_sk_clone(parent, sk);
bb58f747 941 } else {
715ec005
GP		 942
943 switch (sk->sk_type) {
944 case SOCK_RAW:
945 chan->chan_type = L2CAP_CHAN_RAW;
946 break;
947 case SOCK_DGRAM:
948 chan->chan_type = L2CAP_CHAN_CONN_LESS;
949 break;
950 case SOCK_SEQPACKET:
951 case SOCK_STREAM:
952 chan->chan_type = L2CAP_CHAN_CONN_ORIENTED;
953 break;
954 }
955
0c1bc5c6
GP		 956 chan->imtu = L2CAP_DEFAULT_MTU;
957 chan->omtu = 0;
bb58f747 958 if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
0c1bc5c6 959 chan->mode = L2CAP_MODE_ERTM;
c1360a1c 960 set_bit(CONF_STATE2_DEVICE, &chan->conf_state);
bb58f747 961 } else {
0c1bc5c6 962 chan->mode = L2CAP_MODE_BASIC;
bb58f747 963 }
47d1ec61
GP		 964 chan->max_tx = L2CAP_DEFAULT_MAX_TX;
965 chan->fcs = L2CAP_FCS_CRC16;
966 chan->tx_win = L2CAP_DEFAULT_TX_WINDOW;
4343478f
GP		 967 chan->sec_level = BT_SECURITY_LOW;
968 chan->role_switch = 0;
969 chan->force_reliable = 0;
970 chan->flushable = BT_FLUSHABLE_OFF;
14b12d0b 971 chan->force_active = BT_POWER_FORCE_ACTIVE_ON;
80808e43 972
bb58f747
GP		 973 }
974
975 /* Default config options */
0c1bc5c6 976 chan->flush_to = L2CAP_DEFAULT_FLUSH_TO;
80808e43
GP		 977
978 chan->data = sk;
979 chan->ops = &l2cap_chan_ops;
bb58f747
GP		 980}
981
982static struct proto l2cap_proto = {
983 .name = "L2CAP",
984 .owner = THIS_MODULE,
985 .obj_size = sizeof(struct l2cap_pinfo)
986};
987
80808e43 988static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
bb58f747
GP		 989{
990 struct sock *sk;
dc50a06d 991 struct l2cap_chan *chan;
bb58f747
GP		 992
993 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
994 if (!sk)
995 return NULL;
996
997 sock_init_data(sock, sk);
998 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
999
1000 sk->sk_destruct = l2cap_sock_destruct;
6be6b11f 1001 sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;
bb58f747
GP		 1002
1003 sock_reset_flag(sk, SOCK_ZAPPED);
1004
1005 sk->sk_protocol = proto;
1006 sk->sk_state = BT_OPEN;
1007
dc50a06d
GP		 1008 chan = l2cap_chan_create(sk);
1009 if (!chan) {
1010 l2cap_sock_kill(sk);
1011 return NULL;
1012 }
1013
1014 l2cap_pi(sk)->chan = chan;
1015
bb58f747
GP		 1016 return sk;
1017}
1018
1019static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
1020 int kern)
1021{
1022 struct sock *sk;
1023
1024 BT_DBG("sock %p", sock);
1025
1026 sock->state = SS_UNCONNECTED;
1027
1028 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
1029 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
1030 return -ESOCKTNOSUPPORT;
1031
1032 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
1033 return -EPERM;
1034
1035 sock->ops = &l2cap_sock_ops;
1036
1037 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
1038 if (!sk)
1039 return -ENOMEM;
1040
1041 l2cap_sock_init(sk, NULL);
1042 return 0;
1043}
1044
cf2f90f5 1045static const struct proto_ops l2cap_sock_ops = {
65390587
GP		 1046 .family = PF_BLUETOOTH,
1047 .owner = THIS_MODULE,
1048 .release = l2cap_sock_release,
1049 .bind = l2cap_sock_bind,
1050 .connect = l2cap_sock_connect,
1051 .listen = l2cap_sock_listen,
1052 .accept = l2cap_sock_accept,
1053 .getname = l2cap_sock_getname,
1054 .sendmsg = l2cap_sock_sendmsg,
1055 .recvmsg = l2cap_sock_recvmsg,
1056 .poll = bt_sock_poll,
1057 .ioctl = bt_sock_ioctl,
1058 .mmap = sock_no_mmap,
1059 .socketpair = sock_no_socketpair,
1060 .shutdown = l2cap_sock_shutdown,
1061 .setsockopt = l2cap_sock_setsockopt,
1062 .getsockopt = l2cap_sock_getsockopt
1063};
1064
bb58f747
GP		 1065static const struct net_proto_family l2cap_sock_family_ops = {
1066 .family = PF_BLUETOOTH,
1067 .owner = THIS_MODULE,
1068 .create = l2cap_sock_create,
1069};
1070
1071int __init l2cap_init_sockets(void)
1072{
e2174ca4 1073 int err;
bb58f747 1074
e2174ca4
GP		 1075 err = proto_register(&l2cap_proto, 0);
1076 if (err < 0)
1077 return err;
bb58f747 1078
e2174ca4
GP		 1079 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
1080 if (err < 0)
1081 goto error;
bb58f747 1082
e2174ca4 1083 BT_INFO("L2CAP socket layer initialized");
bb58f747 1084
e2174ca4 1085 return 0;
bb58f747
GP		 1086
1087error:
e2174ca4
GP		 1088 BT_ERR("L2CAP socket registration failed");
1089 proto_unregister(&l2cap_proto);
1090 return err;
bb58f747
GP		 1091}
1092
1093void l2cap_cleanup_sockets(void)
1094{
e2174ca4
GP		 1095 if (bt_sock_unregister(BTPROTO_L2CAP) < 0)
1096 BT_ERR("L2CAP socket unregistration failed");
bb58f747 1097
e2174ca4 1098 proto_unregister(&l2cap_proto);
bb58f747 1099}
Ubuntu Artful kernel mirror