]>
Commit | Line | Data |
---|---|---|
bb58f747 GP |
1 | /* |
2 | BlueZ - Bluetooth protocol stack for Linux | |
3 | Copyright (C) 2000-2001 Qualcomm Incorporated | |
4 | Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org> | |
5 | Copyright (C) 2010 Google Inc. | |
6 | ||
7 | Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> | |
8 | ||
9 | This program is free software; you can redistribute it and/or modify | |
10 | it under the terms of the GNU General Public License version 2 as | |
11 | published by the Free Software Foundation; | |
12 | ||
13 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | |
14 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
15 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | |
16 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | |
17 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | |
18 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | |
19 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | |
20 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | |
21 | ||
22 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | |
23 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | |
24 | SOFTWARE IS DISCLAIMED. | |
25 | */ | |
26 | ||
27 | /* Bluetooth L2CAP sockets. */ | |
28 | ||
29 | #include <net/bluetooth/bluetooth.h> | |
30 | #include <net/bluetooth/l2cap.h> | |
31 | ||
32 | static void l2cap_sock_timeout(unsigned long arg) | |
33 | { | |
34 | struct sock *sk = (struct sock *) arg; | |
35 | int reason; | |
36 | ||
37 | BT_DBG("sock %p state %d", sk, sk->sk_state); | |
38 | ||
39 | bh_lock_sock(sk); | |
40 | ||
41 | if (sock_owned_by_user(sk)) { | |
42 | /* sk is owned by user. Try again later */ | |
43 | l2cap_sock_set_timer(sk, HZ / 5); | |
44 | bh_unlock_sock(sk); | |
45 | sock_put(sk); | |
46 | return; | |
47 | } | |
48 | ||
49 | if (sk->sk_state == BT_CONNECTED || sk->sk_state == BT_CONFIG) | |
50 | reason = ECONNREFUSED; | |
51 | else if (sk->sk_state == BT_CONNECT && | |
52 | l2cap_pi(sk)->sec_level != BT_SECURITY_SDP) | |
53 | reason = ECONNREFUSED; | |
54 | else | |
55 | reason = ETIMEDOUT; | |
56 | ||
57 | __l2cap_sock_close(sk, reason); | |
58 | ||
59 | bh_unlock_sock(sk); | |
60 | ||
61 | l2cap_sock_kill(sk); | |
62 | sock_put(sk); | |
63 | } | |
64 | ||
af6bcd82 GP |
65 | static struct sock *__l2cap_get_sock_by_addr(__le16 psm, bdaddr_t *src) |
66 | { | |
67 | struct sock *sk; | |
68 | struct hlist_node *node; | |
69 | sk_for_each(sk, node, &l2cap_sk_list.head) | |
70 | if (l2cap_pi(sk)->sport == psm && !bacmp(&bt_sk(sk)->src, src)) | |
71 | goto found; | |
72 | sk = NULL; | |
73 | found: | |
74 | return sk; | |
75 | } | |
76 | ||
77 | static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen) | |
78 | { | |
79 | struct sock *sk = sock->sk; | |
80 | struct sockaddr_l2 la; | |
81 | int len, err = 0; | |
82 | ||
83 | BT_DBG("sk %p", sk); | |
84 | ||
85 | if (!addr || addr->sa_family != AF_BLUETOOTH) | |
86 | return -EINVAL; | |
87 | ||
88 | memset(&la, 0, sizeof(la)); | |
89 | len = min_t(unsigned int, sizeof(la), alen); | |
90 | memcpy(&la, addr, len); | |
91 | ||
92 | if (la.l2_cid) | |
93 | return -EINVAL; | |
94 | ||
95 | lock_sock(sk); | |
96 | ||
97 | if (sk->sk_state != BT_OPEN) { | |
98 | err = -EBADFD; | |
99 | goto done; | |
100 | } | |
101 | ||
102 | if (la.l2_psm) { | |
103 | __u16 psm = __le16_to_cpu(la.l2_psm); | |
104 | ||
105 | /* PSM must be odd and lsb of upper byte must be 0 */ | |
106 | if ((psm & 0x0101) != 0x0001) { | |
107 | err = -EINVAL; | |
108 | goto done; | |
109 | } | |
110 | ||
111 | /* Restrict usage of well-known PSMs */ | |
112 | if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) { | |
113 | err = -EACCES; | |
114 | goto done; | |
115 | } | |
116 | } | |
117 | ||
118 | write_lock_bh(&l2cap_sk_list.lock); | |
119 | ||
120 | if (la.l2_psm && __l2cap_get_sock_by_addr(la.l2_psm, &la.l2_bdaddr)) { | |
121 | err = -EADDRINUSE; | |
122 | } else { | |
123 | /* Save source address */ | |
124 | bacpy(&bt_sk(sk)->src, &la.l2_bdaddr); | |
125 | l2cap_pi(sk)->psm = la.l2_psm; | |
126 | l2cap_pi(sk)->sport = la.l2_psm; | |
127 | sk->sk_state = BT_BOUND; | |
128 | ||
129 | if (__le16_to_cpu(la.l2_psm) == 0x0001 || | |
130 | __le16_to_cpu(la.l2_psm) == 0x0003) | |
131 | l2cap_pi(sk)->sec_level = BT_SECURITY_SDP; | |
132 | } | |
133 | ||
134 | write_unlock_bh(&l2cap_sk_list.lock); | |
135 | ||
136 | done: | |
137 | release_sock(sk); | |
138 | return err; | |
139 | } | |
140 | ||
141 | static int l2cap_sock_listen(struct socket *sock, int backlog) | |
142 | { | |
143 | struct sock *sk = sock->sk; | |
144 | int err = 0; | |
145 | ||
146 | BT_DBG("sk %p backlog %d", sk, backlog); | |
147 | ||
148 | lock_sock(sk); | |
149 | ||
150 | if ((sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM) | |
151 | || sk->sk_state != BT_BOUND) { | |
152 | err = -EBADFD; | |
153 | goto done; | |
154 | } | |
155 | ||
156 | switch (l2cap_pi(sk)->mode) { | |
157 | case L2CAP_MODE_BASIC: | |
158 | break; | |
159 | case L2CAP_MODE_ERTM: | |
160 | case L2CAP_MODE_STREAMING: | |
161 | if (!disable_ertm) | |
162 | break; | |
163 | /* fall through */ | |
164 | default: | |
165 | err = -ENOTSUPP; | |
166 | goto done; | |
167 | } | |
168 | ||
169 | if (!l2cap_pi(sk)->psm) { | |
170 | bdaddr_t *src = &bt_sk(sk)->src; | |
171 | u16 psm; | |
172 | ||
173 | err = -EINVAL; | |
174 | ||
175 | write_lock_bh(&l2cap_sk_list.lock); | |
176 | ||
177 | for (psm = 0x1001; psm < 0x1100; psm += 2) | |
178 | if (!__l2cap_get_sock_by_addr(cpu_to_le16(psm), src)) { | |
179 | l2cap_pi(sk)->psm = cpu_to_le16(psm); | |
180 | l2cap_pi(sk)->sport = cpu_to_le16(psm); | |
181 | err = 0; | |
182 | break; | |
183 | } | |
184 | ||
185 | write_unlock_bh(&l2cap_sk_list.lock); | |
186 | ||
187 | if (err < 0) | |
188 | goto done; | |
189 | } | |
190 | ||
191 | sk->sk_max_ack_backlog = backlog; | |
192 | sk->sk_ack_backlog = 0; | |
193 | sk->sk_state = BT_LISTEN; | |
194 | ||
195 | done: | |
196 | release_sock(sk); | |
197 | return err; | |
198 | } | |
199 | ||
c47b7c72 GP |
200 | static int l2cap_sock_accept(struct socket *sock, struct socket *newsock, int flags) |
201 | { | |
202 | DECLARE_WAITQUEUE(wait, current); | |
203 | struct sock *sk = sock->sk, *nsk; | |
204 | long timeo; | |
205 | int err = 0; | |
206 | ||
207 | lock_sock_nested(sk, SINGLE_DEPTH_NESTING); | |
208 | ||
209 | if (sk->sk_state != BT_LISTEN) { | |
210 | err = -EBADFD; | |
211 | goto done; | |
212 | } | |
213 | ||
214 | timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK); | |
215 | ||
216 | BT_DBG("sk %p timeo %ld", sk, timeo); | |
217 | ||
218 | /* Wait for an incoming connection. (wake-one). */ | |
219 | add_wait_queue_exclusive(sk_sleep(sk), &wait); | |
220 | while (!(nsk = bt_accept_dequeue(sk, newsock))) { | |
221 | set_current_state(TASK_INTERRUPTIBLE); | |
222 | if (!timeo) { | |
223 | err = -EAGAIN; | |
224 | break; | |
225 | } | |
226 | ||
227 | release_sock(sk); | |
228 | timeo = schedule_timeout(timeo); | |
229 | lock_sock_nested(sk, SINGLE_DEPTH_NESTING); | |
230 | ||
231 | if (sk->sk_state != BT_LISTEN) { | |
232 | err = -EBADFD; | |
233 | break; | |
234 | } | |
235 | ||
236 | if (signal_pending(current)) { | |
237 | err = sock_intr_errno(timeo); | |
238 | break; | |
239 | } | |
240 | } | |
241 | set_current_state(TASK_RUNNING); | |
242 | remove_wait_queue(sk_sleep(sk), &wait); | |
243 | ||
244 | if (err) | |
245 | goto done; | |
246 | ||
247 | newsock->state = SS_CONNECTED; | |
248 | ||
249 | BT_DBG("new socket %p", nsk); | |
250 | ||
251 | done: | |
252 | release_sock(sk); | |
253 | return err; | |
254 | } | |
255 | ||
d7175d55 GP |
256 | static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer) |
257 | { | |
258 | struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr; | |
259 | struct sock *sk = sock->sk; | |
260 | ||
261 | BT_DBG("sock %p, sk %p", sock, sk); | |
262 | ||
263 | addr->sa_family = AF_BLUETOOTH; | |
264 | *len = sizeof(struct sockaddr_l2); | |
265 | ||
266 | if (peer) { | |
267 | la->l2_psm = l2cap_pi(sk)->psm; | |
268 | bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst); | |
269 | la->l2_cid = cpu_to_le16(l2cap_pi(sk)->dcid); | |
270 | } else { | |
271 | la->l2_psm = l2cap_pi(sk)->sport; | |
272 | bacpy(&la->l2_bdaddr, &bt_sk(sk)->src); | |
273 | la->l2_cid = cpu_to_le16(l2cap_pi(sk)->scid); | |
274 | } | |
275 | ||
276 | return 0; | |
277 | } | |
278 | ||
554f05bb GP |
279 | static int l2cap_sock_release(struct socket *sock) |
280 | { | |
281 | struct sock *sk = sock->sk; | |
282 | int err; | |
283 | ||
284 | BT_DBG("sock %p, sk %p", sock, sk); | |
285 | ||
286 | if (!sk) | |
287 | return 0; | |
288 | ||
289 | err = l2cap_sock_shutdown(sock, 2); | |
290 | ||
291 | sock_orphan(sk); | |
292 | l2cap_sock_kill(sk); | |
293 | return err; | |
294 | } | |
295 | ||
bb58f747 GP |
296 | static void l2cap_sock_destruct(struct sock *sk) |
297 | { | |
298 | BT_DBG("sk %p", sk); | |
299 | ||
300 | skb_queue_purge(&sk->sk_receive_queue); | |
301 | skb_queue_purge(&sk->sk_write_queue); | |
302 | } | |
303 | ||
304 | void l2cap_sock_init(struct sock *sk, struct sock *parent) | |
305 | { | |
306 | struct l2cap_pinfo *pi = l2cap_pi(sk); | |
307 | ||
308 | BT_DBG("sk %p", sk); | |
309 | ||
310 | if (parent) { | |
311 | sk->sk_type = parent->sk_type; | |
312 | bt_sk(sk)->defer_setup = bt_sk(parent)->defer_setup; | |
313 | ||
314 | pi->imtu = l2cap_pi(parent)->imtu; | |
315 | pi->omtu = l2cap_pi(parent)->omtu; | |
316 | pi->conf_state = l2cap_pi(parent)->conf_state; | |
317 | pi->mode = l2cap_pi(parent)->mode; | |
318 | pi->fcs = l2cap_pi(parent)->fcs; | |
319 | pi->max_tx = l2cap_pi(parent)->max_tx; | |
320 | pi->tx_win = l2cap_pi(parent)->tx_win; | |
321 | pi->sec_level = l2cap_pi(parent)->sec_level; | |
322 | pi->role_switch = l2cap_pi(parent)->role_switch; | |
323 | pi->force_reliable = l2cap_pi(parent)->force_reliable; | |
324 | pi->flushable = l2cap_pi(parent)->flushable; | |
325 | } else { | |
326 | pi->imtu = L2CAP_DEFAULT_MTU; | |
327 | pi->omtu = 0; | |
328 | if (!disable_ertm && sk->sk_type == SOCK_STREAM) { | |
329 | pi->mode = L2CAP_MODE_ERTM; | |
330 | pi->conf_state |= L2CAP_CONF_STATE2_DEVICE; | |
331 | } else { | |
332 | pi->mode = L2CAP_MODE_BASIC; | |
333 | } | |
334 | pi->max_tx = L2CAP_DEFAULT_MAX_TX; | |
335 | pi->fcs = L2CAP_FCS_CRC16; | |
336 | pi->tx_win = L2CAP_DEFAULT_TX_WINDOW; | |
337 | pi->sec_level = BT_SECURITY_LOW; | |
338 | pi->role_switch = 0; | |
339 | pi->force_reliable = 0; | |
340 | pi->flushable = BT_FLUSHABLE_OFF; | |
341 | } | |
342 | ||
343 | /* Default config options */ | |
344 | pi->conf_len = 0; | |
345 | pi->flush_to = L2CAP_DEFAULT_FLUSH_TO; | |
346 | skb_queue_head_init(TX_QUEUE(sk)); | |
347 | skb_queue_head_init(SREJ_QUEUE(sk)); | |
348 | skb_queue_head_init(BUSY_QUEUE(sk)); | |
349 | INIT_LIST_HEAD(SREJ_LIST(sk)); | |
350 | } | |
351 | ||
352 | static struct proto l2cap_proto = { | |
353 | .name = "L2CAP", | |
354 | .owner = THIS_MODULE, | |
355 | .obj_size = sizeof(struct l2cap_pinfo) | |
356 | }; | |
357 | ||
358 | struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio) | |
359 | { | |
360 | struct sock *sk; | |
361 | ||
362 | sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto); | |
363 | if (!sk) | |
364 | return NULL; | |
365 | ||
366 | sock_init_data(sock, sk); | |
367 | INIT_LIST_HEAD(&bt_sk(sk)->accept_q); | |
368 | ||
369 | sk->sk_destruct = l2cap_sock_destruct; | |
370 | sk->sk_sndtimeo = msecs_to_jiffies(L2CAP_CONN_TIMEOUT); | |
371 | ||
372 | sock_reset_flag(sk, SOCK_ZAPPED); | |
373 | ||
374 | sk->sk_protocol = proto; | |
375 | sk->sk_state = BT_OPEN; | |
376 | ||
377 | setup_timer(&sk->sk_timer, l2cap_sock_timeout, (unsigned long) sk); | |
378 | ||
379 | bt_sock_link(&l2cap_sk_list, sk); | |
380 | return sk; | |
381 | } | |
382 | ||
383 | static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol, | |
384 | int kern) | |
385 | { | |
386 | struct sock *sk; | |
387 | ||
388 | BT_DBG("sock %p", sock); | |
389 | ||
390 | sock->state = SS_UNCONNECTED; | |
391 | ||
392 | if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM && | |
393 | sock->type != SOCK_DGRAM && sock->type != SOCK_RAW) | |
394 | return -ESOCKTNOSUPPORT; | |
395 | ||
396 | if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW)) | |
397 | return -EPERM; | |
398 | ||
399 | sock->ops = &l2cap_sock_ops; | |
400 | ||
401 | sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC); | |
402 | if (!sk) | |
403 | return -ENOMEM; | |
404 | ||
405 | l2cap_sock_init(sk, NULL); | |
406 | return 0; | |
407 | } | |
408 | ||
65390587 GP |
409 | const struct proto_ops l2cap_sock_ops = { |
410 | .family = PF_BLUETOOTH, | |
411 | .owner = THIS_MODULE, | |
412 | .release = l2cap_sock_release, | |
413 | .bind = l2cap_sock_bind, | |
414 | .connect = l2cap_sock_connect, | |
415 | .listen = l2cap_sock_listen, | |
416 | .accept = l2cap_sock_accept, | |
417 | .getname = l2cap_sock_getname, | |
418 | .sendmsg = l2cap_sock_sendmsg, | |
419 | .recvmsg = l2cap_sock_recvmsg, | |
420 | .poll = bt_sock_poll, | |
421 | .ioctl = bt_sock_ioctl, | |
422 | .mmap = sock_no_mmap, | |
423 | .socketpair = sock_no_socketpair, | |
424 | .shutdown = l2cap_sock_shutdown, | |
425 | .setsockopt = l2cap_sock_setsockopt, | |
426 | .getsockopt = l2cap_sock_getsockopt | |
427 | }; | |
428 | ||
bb58f747 GP |
429 | static const struct net_proto_family l2cap_sock_family_ops = { |
430 | .family = PF_BLUETOOTH, | |
431 | .owner = THIS_MODULE, | |
432 | .create = l2cap_sock_create, | |
433 | }; | |
434 | ||
435 | int __init l2cap_init_sockets(void) | |
436 | { | |
437 | int err; | |
438 | ||
439 | err = proto_register(&l2cap_proto, 0); | |
440 | if (err < 0) | |
441 | return err; | |
442 | ||
443 | err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops); | |
444 | if (err < 0) | |
445 | goto error; | |
446 | ||
447 | BT_INFO("L2CAP socket layer initialized"); | |
448 | ||
449 | return 0; | |
450 | ||
451 | error: | |
452 | BT_ERR("L2CAP socket registration failed"); | |
453 | proto_unregister(&l2cap_proto); | |
454 | return err; | |
455 | } | |
456 | ||
457 | void l2cap_cleanup_sockets(void) | |
458 | { | |
459 | if (bt_sock_unregister(BTPROTO_L2CAP) < 0) | |
460 | BT_ERR("L2CAP socket unregistration failed"); | |
461 | ||
462 | proto_unregister(&l2cap_proto); | |
463 | } |