2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
6 Copyright (C) 2011 ProFUSION Embedded Systems
8 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License version 2 as
12 published by the Free Software Foundation;
14 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
17 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
18 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
19 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
23 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
24 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
25 SOFTWARE IS DISCLAIMED.
28 /* Bluetooth L2CAP sockets. */
30 #include <linux/export.h>
32 #include <net/bluetooth/bluetooth.h>
33 #include <net/bluetooth/hci_core.h>
34 #include <net/bluetooth/l2cap.h>
35 #include <net/bluetooth/smp.h>
37 static struct bt_sock_list l2cap_sk_list
= {
38 .lock
= __RW_LOCK_UNLOCKED(l2cap_sk_list
.lock
)
41 static const struct proto_ops l2cap_sock_ops
;
42 static void l2cap_sock_init(struct sock
*sk
, struct sock
*parent
);
43 static struct sock
*l2cap_sock_alloc(struct net
*net
, struct socket
*sock
,
44 int proto
, gfp_t prio
);
46 static int l2cap_sock_bind(struct socket
*sock
, struct sockaddr
*addr
, int alen
)
48 struct sock
*sk
= sock
->sk
;
49 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
50 struct sockaddr_l2 la
;
55 if (!addr
|| addr
->sa_family
!= AF_BLUETOOTH
)
58 memset(&la
, 0, sizeof(la
));
59 len
= min_t(unsigned int, sizeof(la
), alen
);
60 memcpy(&la
, addr
, len
);
62 if (la
.l2_cid
&& la
.l2_psm
)
67 if (sk
->sk_state
!= BT_OPEN
) {
73 __u16 psm
= __le16_to_cpu(la
.l2_psm
);
75 /* PSM must be odd and lsb of upper byte must be 0 */
76 if ((psm
& 0x0101) != 0x0001) {
81 /* Restrict usage of well-known PSMs */
82 if (psm
< 0x1001 && !capable(CAP_NET_BIND_SERVICE
)) {
89 err
= l2cap_add_scid(chan
, __le16_to_cpu(la
.l2_cid
));
91 err
= l2cap_add_psm(chan
, &la
.l2_bdaddr
, la
.l2_psm
);
96 if (__le16_to_cpu(la
.l2_psm
) == L2CAP_PSM_SDP
||
97 __le16_to_cpu(la
.l2_psm
) == L2CAP_PSM_RFCOMM
)
98 chan
->sec_level
= BT_SECURITY_SDP
;
100 bacpy(&bt_sk(sk
)->src
, &la
.l2_bdaddr
);
102 chan
->state
= BT_BOUND
;
103 sk
->sk_state
= BT_BOUND
;
110 static int l2cap_sock_connect(struct socket
*sock
, struct sockaddr
*addr
,
113 struct sock
*sk
= sock
->sk
;
114 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
115 struct sockaddr_l2 la
;
120 if (!addr
|| alen
< sizeof(addr
->sa_family
) ||
121 addr
->sa_family
!= AF_BLUETOOTH
)
124 memset(&la
, 0, sizeof(la
));
125 len
= min_t(unsigned int, sizeof(la
), alen
);
126 memcpy(&la
, addr
, len
);
128 if (la
.l2_cid
&& la
.l2_psm
)
131 err
= l2cap_chan_connect(chan
, la
.l2_psm
, __le16_to_cpu(la
.l2_cid
),
132 &la
.l2_bdaddr
, la
.l2_bdaddr_type
);
138 err
= bt_sock_wait_state(sk
, BT_CONNECTED
,
139 sock_sndtimeo(sk
, flags
& O_NONBLOCK
));
146 static int l2cap_sock_listen(struct socket
*sock
, int backlog
)
148 struct sock
*sk
= sock
->sk
;
149 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
152 BT_DBG("sk %p backlog %d", sk
, backlog
);
156 if (sk
->sk_state
!= BT_BOUND
) {
161 if (sk
->sk_type
!= SOCK_SEQPACKET
&& sk
->sk_type
!= SOCK_STREAM
) {
166 switch (chan
->mode
) {
167 case L2CAP_MODE_BASIC
:
169 case L2CAP_MODE_ERTM
:
170 case L2CAP_MODE_STREAMING
:
179 sk
->sk_max_ack_backlog
= backlog
;
180 sk
->sk_ack_backlog
= 0;
182 chan
->state
= BT_LISTEN
;
183 sk
->sk_state
= BT_LISTEN
;
190 static int l2cap_sock_accept(struct socket
*sock
, struct socket
*newsock
,
193 DECLARE_WAITQUEUE(wait
, current
);
194 struct sock
*sk
= sock
->sk
, *nsk
;
198 lock_sock_nested(sk
, SINGLE_DEPTH_NESTING
);
200 timeo
= sock_rcvtimeo(sk
, flags
& O_NONBLOCK
);
202 BT_DBG("sk %p timeo %ld", sk
, timeo
);
204 /* Wait for an incoming connection. (wake-one). */
205 add_wait_queue_exclusive(sk_sleep(sk
), &wait
);
207 set_current_state(TASK_INTERRUPTIBLE
);
209 if (sk
->sk_state
!= BT_LISTEN
) {
214 nsk
= bt_accept_dequeue(sk
, newsock
);
223 if (signal_pending(current
)) {
224 err
= sock_intr_errno(timeo
);
229 timeo
= schedule_timeout(timeo
);
230 lock_sock_nested(sk
, SINGLE_DEPTH_NESTING
);
232 __set_current_state(TASK_RUNNING
);
233 remove_wait_queue(sk_sleep(sk
), &wait
);
238 newsock
->state
= SS_CONNECTED
;
240 BT_DBG("new socket %p", nsk
);
247 static int l2cap_sock_getname(struct socket
*sock
, struct sockaddr
*addr
,
250 struct sockaddr_l2
*la
= (struct sockaddr_l2
*) addr
;
251 struct sock
*sk
= sock
->sk
;
252 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
254 BT_DBG("sock %p, sk %p", sock
, sk
);
256 addr
->sa_family
= AF_BLUETOOTH
;
257 *len
= sizeof(struct sockaddr_l2
);
260 la
->l2_psm
= chan
->psm
;
261 bacpy(&la
->l2_bdaddr
, &bt_sk(sk
)->dst
);
262 la
->l2_cid
= cpu_to_le16(chan
->dcid
);
264 la
->l2_psm
= chan
->sport
;
265 bacpy(&la
->l2_bdaddr
, &bt_sk(sk
)->src
);
266 la
->l2_cid
= cpu_to_le16(chan
->scid
);
272 static int l2cap_sock_getsockopt_old(struct socket
*sock
, int optname
,
273 char __user
*optval
, int __user
*optlen
)
275 struct sock
*sk
= sock
->sk
;
276 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
277 struct l2cap_options opts
;
278 struct l2cap_conninfo cinfo
;
284 if (get_user(len
, optlen
))
291 memset(&opts
, 0, sizeof(opts
));
292 opts
.imtu
= chan
->imtu
;
293 opts
.omtu
= chan
->omtu
;
294 opts
.flush_to
= chan
->flush_to
;
295 opts
.mode
= chan
->mode
;
296 opts
.fcs
= chan
->fcs
;
297 opts
.max_tx
= chan
->max_tx
;
298 opts
.txwin_size
= chan
->tx_win
;
300 len
= min_t(unsigned int, len
, sizeof(opts
));
301 if (copy_to_user(optval
, (char *) &opts
, len
))
307 switch (chan
->sec_level
) {
308 case BT_SECURITY_LOW
:
311 case BT_SECURITY_MEDIUM
:
312 opt
= L2CAP_LM_AUTH
| L2CAP_LM_ENCRYPT
;
314 case BT_SECURITY_HIGH
:
315 opt
= L2CAP_LM_AUTH
| L2CAP_LM_ENCRYPT
|
323 if (test_bit(FLAG_ROLE_SWITCH
, &chan
->flags
))
324 opt
|= L2CAP_LM_MASTER
;
326 if (test_bit(FLAG_FORCE_RELIABLE
, &chan
->flags
))
327 opt
|= L2CAP_LM_RELIABLE
;
329 if (put_user(opt
, (u32 __user
*) optval
))
334 if (sk
->sk_state
!= BT_CONNECTED
&&
335 !(sk
->sk_state
== BT_CONNECT2
&&
336 test_bit(BT_SK_DEFER_SETUP
, &bt_sk(sk
)->flags
))) {
341 memset(&cinfo
, 0, sizeof(cinfo
));
342 cinfo
.hci_handle
= chan
->conn
->hcon
->handle
;
343 memcpy(cinfo
.dev_class
, chan
->conn
->hcon
->dev_class
, 3);
345 len
= min_t(unsigned int, len
, sizeof(cinfo
));
346 if (copy_to_user(optval
, (char *) &cinfo
, len
))
360 static int l2cap_sock_getsockopt(struct socket
*sock
, int level
, int optname
,
361 char __user
*optval
, int __user
*optlen
)
363 struct sock
*sk
= sock
->sk
;
364 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
365 struct bt_security sec
;
371 if (level
== SOL_L2CAP
)
372 return l2cap_sock_getsockopt_old(sock
, optname
, optval
, optlen
);
374 if (level
!= SOL_BLUETOOTH
)
377 if (get_user(len
, optlen
))
384 if (chan
->chan_type
!= L2CAP_CHAN_CONN_ORIENTED
&&
385 chan
->chan_type
!= L2CAP_CHAN_RAW
) {
390 memset(&sec
, 0, sizeof(sec
));
392 sec
.level
= chan
->conn
->hcon
->sec_level
;
394 if (sk
->sk_state
== BT_CONNECTED
)
395 sec
.key_size
= chan
->conn
->hcon
->enc_key_size
;
397 sec
.level
= chan
->sec_level
;
400 len
= min_t(unsigned int, len
, sizeof(sec
));
401 if (copy_to_user(optval
, (char *) &sec
, len
))
407 if (sk
->sk_state
!= BT_BOUND
&& sk
->sk_state
!= BT_LISTEN
) {
412 if (put_user(test_bit(BT_SK_DEFER_SETUP
, &bt_sk(sk
)->flags
),
413 (u32 __user
*) optval
))
419 if (put_user(test_bit(FLAG_FLUSHABLE
, &chan
->flags
),
420 (u32 __user
*) optval
))
426 if (sk
->sk_type
!= SOCK_SEQPACKET
&& sk
->sk_type
!= SOCK_STREAM
427 && sk
->sk_type
!= SOCK_RAW
) {
432 pwr
.force_active
= test_bit(FLAG_FORCE_ACTIVE
, &chan
->flags
);
434 len
= min_t(unsigned int, len
, sizeof(pwr
));
435 if (copy_to_user(optval
, (char *) &pwr
, len
))
440 case BT_CHANNEL_POLICY
:
446 if (put_user(chan
->chan_policy
, (u32 __user
*) optval
))
459 static bool l2cap_valid_mtu(struct l2cap_chan
*chan
, u16 mtu
)
461 switch (chan
->scid
) {
462 case L2CAP_CID_LE_DATA
:
463 if (mtu
< L2CAP_LE_MIN_MTU
)
468 if (mtu
< L2CAP_DEFAULT_MIN_MTU
)
475 static int l2cap_sock_setsockopt_old(struct socket
*sock
, int optname
,
476 char __user
*optval
, unsigned int optlen
)
478 struct sock
*sk
= sock
->sk
;
479 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
480 struct l2cap_options opts
;
490 if (sk
->sk_state
== BT_CONNECTED
) {
495 opts
.imtu
= chan
->imtu
;
496 opts
.omtu
= chan
->omtu
;
497 opts
.flush_to
= chan
->flush_to
;
498 opts
.mode
= chan
->mode
;
499 opts
.fcs
= chan
->fcs
;
500 opts
.max_tx
= chan
->max_tx
;
501 opts
.txwin_size
= chan
->tx_win
;
503 len
= min_t(unsigned int, sizeof(opts
), optlen
);
504 if (copy_from_user((char *) &opts
, optval
, len
)) {
509 if (opts
.txwin_size
> L2CAP_DEFAULT_EXT_WINDOW
) {
514 if (!l2cap_valid_mtu(chan
, opts
.imtu
)) {
519 chan
->mode
= opts
.mode
;
520 switch (chan
->mode
) {
521 case L2CAP_MODE_BASIC
:
522 clear_bit(CONF_STATE2_DEVICE
, &chan
->conf_state
);
524 case L2CAP_MODE_ERTM
:
525 case L2CAP_MODE_STREAMING
:
534 chan
->imtu
= opts
.imtu
;
535 chan
->omtu
= opts
.omtu
;
536 chan
->fcs
= opts
.fcs
;
537 chan
->max_tx
= opts
.max_tx
;
538 chan
->tx_win
= opts
.txwin_size
;
539 chan
->flush_to
= opts
.flush_to
;
543 if (get_user(opt
, (u32 __user
*) optval
)) {
548 if (opt
& L2CAP_LM_AUTH
)
549 chan
->sec_level
= BT_SECURITY_LOW
;
550 if (opt
& L2CAP_LM_ENCRYPT
)
551 chan
->sec_level
= BT_SECURITY_MEDIUM
;
552 if (opt
& L2CAP_LM_SECURE
)
553 chan
->sec_level
= BT_SECURITY_HIGH
;
555 if (opt
& L2CAP_LM_MASTER
)
556 set_bit(FLAG_ROLE_SWITCH
, &chan
->flags
);
558 clear_bit(FLAG_ROLE_SWITCH
, &chan
->flags
);
560 if (opt
& L2CAP_LM_RELIABLE
)
561 set_bit(FLAG_FORCE_RELIABLE
, &chan
->flags
);
563 clear_bit(FLAG_FORCE_RELIABLE
, &chan
->flags
);
575 static int l2cap_sock_setsockopt(struct socket
*sock
, int level
, int optname
,
576 char __user
*optval
, unsigned int optlen
)
578 struct sock
*sk
= sock
->sk
;
579 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
580 struct bt_security sec
;
582 struct l2cap_conn
*conn
;
588 if (level
== SOL_L2CAP
)
589 return l2cap_sock_setsockopt_old(sock
, optname
, optval
, optlen
);
591 if (level
!= SOL_BLUETOOTH
)
598 if (chan
->chan_type
!= L2CAP_CHAN_CONN_ORIENTED
&&
599 chan
->chan_type
!= L2CAP_CHAN_RAW
) {
604 sec
.level
= BT_SECURITY_LOW
;
606 len
= min_t(unsigned int, sizeof(sec
), optlen
);
607 if (copy_from_user((char *) &sec
, optval
, len
)) {
612 if (sec
.level
< BT_SECURITY_LOW
||
613 sec
.level
> BT_SECURITY_HIGH
) {
618 chan
->sec_level
= sec
.level
;
625 /*change security for LE channels */
626 if (chan
->scid
== L2CAP_CID_LE_DATA
) {
627 if (!conn
->hcon
->out
) {
632 if (smp_conn_security(conn
->hcon
, sec
.level
))
634 sk
->sk_state
= BT_CONFIG
;
635 chan
->state
= BT_CONFIG
;
637 /* or for ACL link */
638 } else if ((sk
->sk_state
== BT_CONNECT2
&&
639 test_bit(BT_SK_DEFER_SETUP
, &bt_sk(sk
)->flags
)) ||
640 sk
->sk_state
== BT_CONNECTED
) {
641 if (!l2cap_chan_check_security(chan
))
642 set_bit(BT_SK_SUSPEND
, &bt_sk(sk
)->flags
);
644 sk
->sk_state_change(sk
);
651 if (sk
->sk_state
!= BT_BOUND
&& sk
->sk_state
!= BT_LISTEN
) {
656 if (get_user(opt
, (u32 __user
*) optval
)) {
662 set_bit(BT_SK_DEFER_SETUP
, &bt_sk(sk
)->flags
);
664 clear_bit(BT_SK_DEFER_SETUP
, &bt_sk(sk
)->flags
);
668 if (get_user(opt
, (u32 __user
*) optval
)) {
673 if (opt
> BT_FLUSHABLE_ON
) {
678 if (opt
== BT_FLUSHABLE_OFF
) {
679 struct l2cap_conn
*conn
= chan
->conn
;
680 /* proceed further only when we have l2cap_conn and
681 No Flush support in the LM */
682 if (!conn
|| !lmp_no_flush_capable(conn
->hcon
->hdev
)) {
689 set_bit(FLAG_FLUSHABLE
, &chan
->flags
);
691 clear_bit(FLAG_FLUSHABLE
, &chan
->flags
);
695 if (chan
->chan_type
!= L2CAP_CHAN_CONN_ORIENTED
&&
696 chan
->chan_type
!= L2CAP_CHAN_RAW
) {
701 pwr
.force_active
= BT_POWER_FORCE_ACTIVE_ON
;
703 len
= min_t(unsigned int, sizeof(pwr
), optlen
);
704 if (copy_from_user((char *) &pwr
, optval
, len
)) {
709 if (pwr
.force_active
)
710 set_bit(FLAG_FORCE_ACTIVE
, &chan
->flags
);
712 clear_bit(FLAG_FORCE_ACTIVE
, &chan
->flags
);
715 case BT_CHANNEL_POLICY
:
721 if (get_user(opt
, (u32 __user
*) optval
)) {
726 if (opt
> BT_CHANNEL_POLICY_AMP_PREFERRED
) {
731 if (chan
->mode
!= L2CAP_MODE_ERTM
&&
732 chan
->mode
!= L2CAP_MODE_STREAMING
) {
737 chan
->chan_policy
= (u8
) opt
;
749 static int l2cap_sock_sendmsg(struct kiocb
*iocb
, struct socket
*sock
,
750 struct msghdr
*msg
, size_t len
)
752 struct sock
*sk
= sock
->sk
;
753 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
756 BT_DBG("sock %p, sk %p", sock
, sk
);
758 err
= sock_error(sk
);
762 if (msg
->msg_flags
& MSG_OOB
)
765 if (sk
->sk_state
!= BT_CONNECTED
)
768 l2cap_chan_lock(chan
);
769 err
= l2cap_chan_send(chan
, msg
, len
, sk
->sk_priority
);
770 l2cap_chan_unlock(chan
);
775 static int l2cap_sock_recvmsg(struct kiocb
*iocb
, struct socket
*sock
,
776 struct msghdr
*msg
, size_t len
, int flags
)
778 struct sock
*sk
= sock
->sk
;
779 struct l2cap_pinfo
*pi
= l2cap_pi(sk
);
784 if (sk
->sk_state
== BT_CONNECT2
&& test_bit(BT_SK_DEFER_SETUP
,
785 &bt_sk(sk
)->flags
)) {
786 sk
->sk_state
= BT_CONFIG
;
787 pi
->chan
->state
= BT_CONFIG
;
789 __l2cap_connect_rsp_defer(pi
->chan
);
796 if (sock
->type
== SOCK_STREAM
)
797 err
= bt_sock_stream_recvmsg(iocb
, sock
, msg
, len
, flags
);
799 err
= bt_sock_recvmsg(iocb
, sock
, msg
, len
, flags
);
801 if (pi
->chan
->mode
!= L2CAP_MODE_ERTM
)
804 /* Attempt to put pending rx data in the socket buffer */
808 if (!test_bit(CONN_LOCAL_BUSY
, &pi
->chan
->conn_state
))
811 if (pi
->rx_busy_skb
) {
812 if (!sock_queue_rcv_skb(sk
, pi
->rx_busy_skb
))
813 pi
->rx_busy_skb
= NULL
;
818 /* Restore data flow when half of the receive buffer is
819 * available. This avoids resending large numbers of
822 if (atomic_read(&sk
->sk_rmem_alloc
) <= sk
->sk_rcvbuf
>> 1)
823 l2cap_chan_busy(pi
->chan
, 0);
830 /* Kill socket (only if zapped and orphan)
831 * Must be called on unlocked socket.
833 static void l2cap_sock_kill(struct sock
*sk
)
835 if (!sock_flag(sk
, SOCK_ZAPPED
) || sk
->sk_socket
)
838 BT_DBG("sk %p state %s", sk
, state_to_string(sk
->sk_state
));
840 /* Kill poor orphan */
842 l2cap_chan_put(l2cap_pi(sk
)->chan
);
843 sock_set_flag(sk
, SOCK_DEAD
);
847 static int l2cap_sock_shutdown(struct socket
*sock
, int how
)
849 struct sock
*sk
= sock
->sk
;
850 struct l2cap_chan
*chan
;
851 struct l2cap_conn
*conn
;
854 BT_DBG("sock %p, sk %p", sock
, sk
);
859 chan
= l2cap_pi(sk
)->chan
;
863 mutex_lock(&conn
->chan_lock
);
865 l2cap_chan_lock(chan
);
868 if (!sk
->sk_shutdown
) {
869 if (chan
->mode
== L2CAP_MODE_ERTM
)
870 err
= __l2cap_wait_ack(sk
);
872 sk
->sk_shutdown
= SHUTDOWN_MASK
;
875 l2cap_chan_close(chan
, 0);
878 if (sock_flag(sk
, SOCK_LINGER
) && sk
->sk_lingertime
)
879 err
= bt_sock_wait_state(sk
, BT_CLOSED
,
883 if (!err
&& sk
->sk_err
)
887 l2cap_chan_unlock(chan
);
890 mutex_unlock(&conn
->chan_lock
);
895 static int l2cap_sock_release(struct socket
*sock
)
897 struct sock
*sk
= sock
->sk
;
900 BT_DBG("sock %p, sk %p", sock
, sk
);
905 bt_sock_unlink(&l2cap_sk_list
, sk
);
907 err
= l2cap_sock_shutdown(sock
, 2);
914 static void l2cap_sock_cleanup_listen(struct sock
*parent
)
918 BT_DBG("parent %p", parent
);
920 /* Close not yet accepted channels */
921 while ((sk
= bt_accept_dequeue(parent
, NULL
))) {
922 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
924 l2cap_chan_lock(chan
);
925 __clear_chan_timer(chan
);
926 l2cap_chan_close(chan
, ECONNRESET
);
927 l2cap_chan_unlock(chan
);
933 static struct l2cap_chan
*l2cap_sock_new_connection_cb(struct l2cap_chan
*chan
)
935 struct sock
*sk
, *parent
= chan
->data
;
937 /* Check for backlog size */
938 if (sk_acceptq_is_full(parent
)) {
939 BT_DBG("backlog full %d", parent
->sk_ack_backlog
);
943 sk
= l2cap_sock_alloc(sock_net(parent
), NULL
, BTPROTO_L2CAP
,
948 bt_sock_reclassify_lock(sk
, BTPROTO_L2CAP
);
950 l2cap_sock_init(sk
, parent
);
952 bt_accept_enqueue(parent
, sk
);
954 return l2cap_pi(sk
)->chan
;
957 static int l2cap_sock_recv_cb(struct l2cap_chan
*chan
, struct sk_buff
*skb
)
960 struct sock
*sk
= chan
->data
;
961 struct l2cap_pinfo
*pi
= l2cap_pi(sk
);
965 if (pi
->rx_busy_skb
) {
970 err
= sock_queue_rcv_skb(sk
, skb
);
972 /* For ERTM, handle one skb that doesn't fit into the recv
973 * buffer. This is important to do because the data frames
974 * have already been acked, so the skb cannot be discarded.
976 * Notify the l2cap core that the buffer is full, so the
977 * LOCAL_BUSY state is entered and no more frames are
978 * acked and reassembled until there is buffer space
981 if (err
< 0 && pi
->chan
->mode
== L2CAP_MODE_ERTM
) {
982 pi
->rx_busy_skb
= skb
;
983 l2cap_chan_busy(pi
->chan
, 1);
993 static void l2cap_sock_close_cb(struct l2cap_chan
*chan
)
995 struct sock
*sk
= chan
->data
;
1000 static void l2cap_sock_teardown_cb(struct l2cap_chan
*chan
, int err
)
1002 struct sock
*sk
= chan
->data
;
1003 struct sock
*parent
;
1007 parent
= bt_sk(sk
)->parent
;
1009 sock_set_flag(sk
, SOCK_ZAPPED
);
1011 switch (chan
->state
) {
1017 l2cap_sock_cleanup_listen(sk
);
1018 sk
->sk_state
= BT_CLOSED
;
1019 chan
->state
= BT_CLOSED
;
1023 sk
->sk_state
= BT_CLOSED
;
1024 chan
->state
= BT_CLOSED
;
1029 bt_accept_unlink(sk
);
1030 parent
->sk_data_ready(parent
, 0);
1032 sk
->sk_state_change(sk
);
1041 static void l2cap_sock_state_change_cb(struct l2cap_chan
*chan
, int state
)
1043 struct sock
*sk
= chan
->data
;
1045 sk
->sk_state
= state
;
1048 static struct sk_buff
*l2cap_sock_alloc_skb_cb(struct l2cap_chan
*chan
,
1049 unsigned long len
, int nb
)
1051 struct sk_buff
*skb
;
1054 l2cap_chan_unlock(chan
);
1055 skb
= bt_skb_send_alloc(chan
->sk
, len
, nb
, &err
);
1056 l2cap_chan_lock(chan
);
1059 return ERR_PTR(err
);
1064 static void l2cap_sock_ready_cb(struct l2cap_chan
*chan
)
1066 struct sock
*sk
= chan
->data
;
1067 struct sock
*parent
;
1071 parent
= bt_sk(sk
)->parent
;
1073 BT_DBG("sk %p, parent %p", sk
, parent
);
1075 sk
->sk_state
= BT_CONNECTED
;
1076 sk
->sk_state_change(sk
);
1079 parent
->sk_data_ready(parent
, 0);
1084 static struct l2cap_ops l2cap_chan_ops
= {
1085 .name
= "L2CAP Socket Interface",
1086 .new_connection
= l2cap_sock_new_connection_cb
,
1087 .recv
= l2cap_sock_recv_cb
,
1088 .close
= l2cap_sock_close_cb
,
1089 .teardown
= l2cap_sock_teardown_cb
,
1090 .state_change
= l2cap_sock_state_change_cb
,
1091 .ready
= l2cap_sock_ready_cb
,
1092 .alloc_skb
= l2cap_sock_alloc_skb_cb
,
1095 static void l2cap_sock_destruct(struct sock
*sk
)
1097 BT_DBG("sk %p", sk
);
1099 if (l2cap_pi(sk
)->chan
)
1100 l2cap_chan_put(l2cap_pi(sk
)->chan
);
1101 if (l2cap_pi(sk
)->rx_busy_skb
) {
1102 kfree_skb(l2cap_pi(sk
)->rx_busy_skb
);
1103 l2cap_pi(sk
)->rx_busy_skb
= NULL
;
1106 skb_queue_purge(&sk
->sk_receive_queue
);
1107 skb_queue_purge(&sk
->sk_write_queue
);
1110 static void l2cap_sock_init(struct sock
*sk
, struct sock
*parent
)
1112 struct l2cap_pinfo
*pi
= l2cap_pi(sk
);
1113 struct l2cap_chan
*chan
= pi
->chan
;
1115 BT_DBG("sk %p", sk
);
1118 struct l2cap_chan
*pchan
= l2cap_pi(parent
)->chan
;
1120 sk
->sk_type
= parent
->sk_type
;
1121 bt_sk(sk
)->flags
= bt_sk(parent
)->flags
;
1123 chan
->chan_type
= pchan
->chan_type
;
1124 chan
->imtu
= pchan
->imtu
;
1125 chan
->omtu
= pchan
->omtu
;
1126 chan
->conf_state
= pchan
->conf_state
;
1127 chan
->mode
= pchan
->mode
;
1128 chan
->fcs
= pchan
->fcs
;
1129 chan
->max_tx
= pchan
->max_tx
;
1130 chan
->tx_win
= pchan
->tx_win
;
1131 chan
->tx_win_max
= pchan
->tx_win_max
;
1132 chan
->sec_level
= pchan
->sec_level
;
1133 chan
->flags
= pchan
->flags
;
1135 security_sk_clone(parent
, sk
);
1138 switch (sk
->sk_type
) {
1140 chan
->chan_type
= L2CAP_CHAN_RAW
;
1143 chan
->chan_type
= L2CAP_CHAN_CONN_LESS
;
1145 case SOCK_SEQPACKET
:
1147 chan
->chan_type
= L2CAP_CHAN_CONN_ORIENTED
;
1151 chan
->imtu
= L2CAP_DEFAULT_MTU
;
1153 if (!disable_ertm
&& sk
->sk_type
== SOCK_STREAM
) {
1154 chan
->mode
= L2CAP_MODE_ERTM
;
1155 set_bit(CONF_STATE2_DEVICE
, &chan
->conf_state
);
1157 chan
->mode
= L2CAP_MODE_BASIC
;
1160 l2cap_chan_set_defaults(chan
);
1163 /* Default config options */
1164 chan
->flush_to
= L2CAP_DEFAULT_FLUSH_TO
;
1167 chan
->ops
= &l2cap_chan_ops
;
1170 static struct proto l2cap_proto
= {
1172 .owner
= THIS_MODULE
,
1173 .obj_size
= sizeof(struct l2cap_pinfo
)
1176 static struct sock
*l2cap_sock_alloc(struct net
*net
, struct socket
*sock
,
1177 int proto
, gfp_t prio
)
1180 struct l2cap_chan
*chan
;
1182 sk
= sk_alloc(net
, PF_BLUETOOTH
, prio
, &l2cap_proto
);
1186 sock_init_data(sock
, sk
);
1187 INIT_LIST_HEAD(&bt_sk(sk
)->accept_q
);
1189 sk
->sk_destruct
= l2cap_sock_destruct
;
1190 sk
->sk_sndtimeo
= L2CAP_CONN_TIMEOUT
;
1192 sock_reset_flag(sk
, SOCK_ZAPPED
);
1194 sk
->sk_protocol
= proto
;
1195 sk
->sk_state
= BT_OPEN
;
1197 chan
= l2cap_chan_create();
1203 l2cap_chan_hold(chan
);
1207 l2cap_pi(sk
)->chan
= chan
;
1212 static int l2cap_sock_create(struct net
*net
, struct socket
*sock
, int protocol
,
1217 BT_DBG("sock %p", sock
);
1219 sock
->state
= SS_UNCONNECTED
;
1221 if (sock
->type
!= SOCK_SEQPACKET
&& sock
->type
!= SOCK_STREAM
&&
1222 sock
->type
!= SOCK_DGRAM
&& sock
->type
!= SOCK_RAW
)
1223 return -ESOCKTNOSUPPORT
;
1225 if (sock
->type
== SOCK_RAW
&& !kern
&& !capable(CAP_NET_RAW
))
1228 sock
->ops
= &l2cap_sock_ops
;
1230 sk
= l2cap_sock_alloc(net
, sock
, protocol
, GFP_ATOMIC
);
1234 l2cap_sock_init(sk
, NULL
);
1235 bt_sock_link(&l2cap_sk_list
, sk
);
1239 static const struct proto_ops l2cap_sock_ops
= {
1240 .family
= PF_BLUETOOTH
,
1241 .owner
= THIS_MODULE
,
1242 .release
= l2cap_sock_release
,
1243 .bind
= l2cap_sock_bind
,
1244 .connect
= l2cap_sock_connect
,
1245 .listen
= l2cap_sock_listen
,
1246 .accept
= l2cap_sock_accept
,
1247 .getname
= l2cap_sock_getname
,
1248 .sendmsg
= l2cap_sock_sendmsg
,
1249 .recvmsg
= l2cap_sock_recvmsg
,
1250 .poll
= bt_sock_poll
,
1251 .ioctl
= bt_sock_ioctl
,
1252 .mmap
= sock_no_mmap
,
1253 .socketpair
= sock_no_socketpair
,
1254 .shutdown
= l2cap_sock_shutdown
,
1255 .setsockopt
= l2cap_sock_setsockopt
,
1256 .getsockopt
= l2cap_sock_getsockopt
1259 static const struct net_proto_family l2cap_sock_family_ops
= {
1260 .family
= PF_BLUETOOTH
,
1261 .owner
= THIS_MODULE
,
1262 .create
= l2cap_sock_create
,
1265 int __init
l2cap_init_sockets(void)
1269 err
= proto_register(&l2cap_proto
, 0);
1273 err
= bt_sock_register(BTPROTO_L2CAP
, &l2cap_sock_family_ops
);
1275 BT_ERR("L2CAP socket registration failed");
1279 err
= bt_procfs_init(THIS_MODULE
, &init_net
, "l2cap", &l2cap_sk_list
,
1282 BT_ERR("Failed to create L2CAP proc file");
1283 bt_sock_unregister(BTPROTO_L2CAP
);
1287 BT_INFO("L2CAP socket layer initialized");
1292 proto_unregister(&l2cap_proto
);
1296 void l2cap_cleanup_sockets(void)
1298 bt_procfs_cleanup(&init_net
, "l2cap");
1299 if (bt_sock_unregister(BTPROTO_L2CAP
) < 0)
1300 BT_ERR("L2CAP socket unregistration failed");
1302 proto_unregister(&l2cap_proto
);