]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blob - net/bluetooth/sco.c
projects / mirror_ubuntu-bionic-kernel.git / blob
? search:


75cffc14ab6e8e0ff4ef83ba5dd72a567effe3c4
[mirror_ubuntu-bionic-kernel.git] / net / bluetooth / sco.c
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23 */
24
25 /* Bluetooth SCO sockets. */
26
27 #include <linux/module.h>
28 #include <linux/debugfs.h>
29 #include <linux/seq_file.h>
30
31 #include <net/bluetooth/bluetooth.h>
32 #include <net/bluetooth/hci_core.h>
33 #include <net/bluetooth/sco.h>
34
35 static bool disable_esco;
36
37 static const struct proto_ops sco_sock_ops;
38
39 static struct bt_sock_list sco_sk_list = {
40 .lock = __RW_LOCK_UNLOCKED(sco_sk_list.lock)
41 };
42
43 /* ---- SCO connections ---- */
44 struct sco_conn {
45 struct hci_conn *hcon;
46
47 spinlock_t lock;
48 struct sock *sk;
49
50 unsigned int mtu;
51 };
52
53 #define sco_conn_lock(c) spin_lock(&c->lock);
54 #define sco_conn_unlock(c) spin_unlock(&c->lock);
55
56 static void sco_chan_del(struct sock *sk, int err);
57
58 static void sco_sock_close(struct sock *sk);
59 static void sco_sock_kill(struct sock *sk);
60
61 /* ----- SCO socket info ----- */
62 #define sco_pi(sk) ((struct sco_pinfo *) sk)
63
64 struct sco_pinfo {
65 struct bt_sock bt;
66 bdaddr_t src;
67 bdaddr_t dst;
68 __u32 flags;
69 __u16 setting;
70 struct sco_conn *conn;
71 };
72
73 /* ---- SCO timers ---- */
74 #define SCO_CONN_TIMEOUT (HZ * 40)
75 #define SCO_DISCONN_TIMEOUT (HZ * 2)
76
77 static void sco_sock_timeout(unsigned long arg)
78 {
79 struct sock *sk = (struct sock *) arg;
80
81 BT_DBG("sock %p state %d", sk, sk->sk_state);
82
83 bh_lock_sock(sk);
84 sk->sk_err = ETIMEDOUT;
85 sk->sk_state_change(sk);
86 bh_unlock_sock(sk);
87
88 sco_sock_kill(sk);
89 sock_put(sk);
90 }
91
92 static void sco_sock_set_timer(struct sock *sk, long timeout)
93 {
94 BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout);
95 sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout);
96 }
97
98 static void sco_sock_clear_timer(struct sock *sk)
99 {
100 BT_DBG("sock %p state %d", sk, sk->sk_state);
101 sk_stop_timer(sk, &sk->sk_timer);
102 }
103
104 /* ---- SCO connections ---- */
105 static struct sco_conn *sco_conn_add(struct hci_conn *hcon)
106 {
107 struct hci_dev *hdev = hcon->hdev;
108 struct sco_conn *conn = hcon->sco_data;
109
110 if (conn)
111 return conn;
112
113 conn = kzalloc(sizeof(struct sco_conn), GFP_KERNEL);
114 if (!conn)
115 return NULL;
116
117 spin_lock_init(&conn->lock);
118
119 hcon->sco_data = conn;
120 conn->hcon = hcon;
121
122 if (hdev->sco_mtu > 0)
123 conn->mtu = hdev->sco_mtu;
124 else
125 conn->mtu = 60;
126
127 BT_DBG("hcon %p conn %p", hcon, conn);
128
129 return conn;
130 }
131
132 static struct sock *sco_chan_get(struct sco_conn *conn)
133 {
134 struct sock *sk = NULL;
135 sco_conn_lock(conn);
136 sk = conn->sk;
137 sco_conn_unlock(conn);
138 return sk;
139 }
140
141 static int sco_conn_del(struct hci_conn *hcon, int err)
142 {
143 struct sco_conn *conn = hcon->sco_data;
144 struct sock *sk;
145
146 if (!conn)
147 return 0;
148
149 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err);
150
151 /* Kill socket */
152 sk = sco_chan_get(conn);
153 if (sk) {
154 bh_lock_sock(sk);
155 sco_sock_clear_timer(sk);
156 sco_chan_del(sk, err);
157 bh_unlock_sock(sk);
158 sco_sock_kill(sk);
159 }
160
161 hcon->sco_data = NULL;
162 kfree(conn);
163 return 0;
164 }
165
166 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent)
167 {
168 BT_DBG("conn %p", conn);
169
170 sco_pi(sk)->conn = conn;
171 conn->sk = sk;
172
173 if (parent)
174 bt_accept_enqueue(parent, sk);
175 }
176
177 static int sco_chan_add(struct sco_conn *conn, struct sock *sk,
178 struct sock *parent)
179 {
180 int err = 0;
181
182 sco_conn_lock(conn);
183 if (conn->sk)
184 err = -EBUSY;
185 else
186 __sco_chan_add(conn, sk, parent);
187
188 sco_conn_unlock(conn);
189 return err;
190 }
191
192 static int sco_connect(struct sock *sk)
193 {
194 struct sco_conn *conn;
195 struct hci_conn *hcon;
196 struct hci_dev *hdev;
197 int err, type;
198
199 BT_DBG("%pMR -> %pMR", &sco_pi(sk)->src, &sco_pi(sk)->dst);
200
201 hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src);
202 if (!hdev)
203 return -EHOSTUNREACH;
204
205 hci_dev_lock(hdev);
206
207 if (lmp_esco_capable(hdev) && !disable_esco)
208 type = ESCO_LINK;
209 else
210 type = SCO_LINK;
211
212 if (sco_pi(sk)->setting == BT_VOICE_TRANSPARENT &&
213 (!lmp_transp_capable(hdev) || !lmp_esco_capable(hdev))) {
214 err = -EOPNOTSUPP;
215 goto done;
216 }
217
218 hcon = hci_connect_sco(hdev, type, &sco_pi(sk)->dst,
219 sco_pi(sk)->setting);
220 if (IS_ERR(hcon)) {
221 err = PTR_ERR(hcon);
222 goto done;
223 }
224
225 conn = sco_conn_add(hcon);
226 if (!conn) {
227 hci_conn_drop(hcon);
228 err = -ENOMEM;
229 goto done;
230 }
231
232 /* Update source addr of the socket */
233 bacpy(&sco_pi(sk)->src, &hcon->src);
234
235 err = sco_chan_add(conn, sk, NULL);
236 if (err)
237 goto done;
238
239 if (hcon->state == BT_CONNECTED) {
240 sco_sock_clear_timer(sk);
241 sk->sk_state = BT_CONNECTED;
242 } else {
243 sk->sk_state = BT_CONNECT;
244 sco_sock_set_timer(sk, sk->sk_sndtimeo);
245 }
246
247 done:
248 hci_dev_unlock(hdev);
249 hci_dev_put(hdev);
250 return err;
251 }
252
253 static int sco_send_frame(struct sock *sk, struct msghdr *msg, int len)
254 {
255 struct sco_conn *conn = sco_pi(sk)->conn;
256 struct sk_buff *skb;
257 int err;
258
259 /* Check outgoing MTU */
260 if (len > conn->mtu)
261 return -EINVAL;
262
263 BT_DBG("sk %p len %d", sk, len);
264
265 skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err);
266 if (!skb)
267 return err;
268
269 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) {
270 kfree_skb(skb);
271 return -EFAULT;
272 }
273
274 hci_send_sco(conn->hcon, skb);
275
276 return len;
277 }
278
279 static void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb)
280 {
281 struct sock *sk = sco_chan_get(conn);
282
283 if (!sk)
284 goto drop;
285
286 BT_DBG("sk %p len %d", sk, skb->len);
287
288 if (sk->sk_state != BT_CONNECTED)
289 goto drop;
290
291 if (!sock_queue_rcv_skb(sk, skb))
292 return;
293
294 drop:
295 kfree_skb(skb);
296 }
297
298 /* -------- Socket interface ---------- */
299 static struct sock *__sco_get_sock_listen_by_addr(bdaddr_t *ba)
300 {
301 struct sock *sk;
302
303 sk_for_each(sk, &sco_sk_list.head) {
304 if (sk->sk_state != BT_LISTEN)
305 continue;
306
307 if (!bacmp(&sco_pi(sk)->src, ba))
308 return sk;
309 }
310
311 return NULL;
312 }
313
314 /* Find socket listening on source bdaddr.
315 * Returns closest match.
316 */
317 static struct sock *sco_get_sock_listen(bdaddr_t *src)
318 {
319 struct sock *sk = NULL, *sk1 = NULL;
320
321 read_lock(&sco_sk_list.lock);
322
323 sk_for_each(sk, &sco_sk_list.head) {
324 if (sk->sk_state != BT_LISTEN)
325 continue;
326
327 /* Exact match. */
328 if (!bacmp(&sco_pi(sk)->src, src))
329 break;
330
331 /* Closest match */
332 if (!bacmp(&sco_pi(sk)->src, BDADDR_ANY))
333 sk1 = sk;
334 }
335
336 read_unlock(&sco_sk_list.lock);
337
338 return sk ? sk : sk1;
339 }
340
341 static void sco_sock_destruct(struct sock *sk)
342 {
343 BT_DBG("sk %p", sk);
344
345 skb_queue_purge(&sk->sk_receive_queue);
346 skb_queue_purge(&sk->sk_write_queue);
347 }
348
349 static void sco_sock_cleanup_listen(struct sock *parent)
350 {
351 struct sock *sk;
352
353 BT_DBG("parent %p", parent);
354
355 /* Close not yet accepted channels */
356 while ((sk = bt_accept_dequeue(parent, NULL))) {
357 sco_sock_close(sk);
358 sco_sock_kill(sk);
359 }
360
361 parent->sk_state = BT_CLOSED;
362 sock_set_flag(parent, SOCK_ZAPPED);
363 }
364
365 /* Kill socket (only if zapped and orphan)
366 * Must be called on unlocked socket.
367 */
368 static void sco_sock_kill(struct sock *sk)
369 {
370 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
371 return;
372
373 BT_DBG("sk %p state %d", sk, sk->sk_state);
374
375 /* Kill poor orphan */
376 bt_sock_unlink(&sco_sk_list, sk);
377 sock_set_flag(sk, SOCK_DEAD);
378 sock_put(sk);
379 }
380
381 static void __sco_sock_close(struct sock *sk)
382 {
383 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
384
385 switch (sk->sk_state) {
386 case BT_LISTEN:
387 sco_sock_cleanup_listen(sk);
388 break;
389
390 case BT_CONNECTED:
391 case BT_CONFIG:
392 if (sco_pi(sk)->conn->hcon) {
393 sk->sk_state = BT_DISCONN;
394 sco_sock_set_timer(sk, SCO_DISCONN_TIMEOUT);
395 hci_conn_drop(sco_pi(sk)->conn->hcon);
396 sco_pi(sk)->conn->hcon = NULL;
397 } else
398 sco_chan_del(sk, ECONNRESET);
399 break;
400
401 case BT_CONNECT2:
402 case BT_CONNECT:
403 case BT_DISCONN:
404 sco_chan_del(sk, ECONNRESET);
405 break;
406
407 default:
408 sock_set_flag(sk, SOCK_ZAPPED);
409 break;
410 }
411 }
412
413 /* Must be called on unlocked socket. */
414 static void sco_sock_close(struct sock *sk)
415 {
416 sco_sock_clear_timer(sk);
417 lock_sock(sk);
418 __sco_sock_close(sk);
419 release_sock(sk);
420 sco_sock_kill(sk);
421 }
422
423 static void sco_sock_init(struct sock *sk, struct sock *parent)
424 {
425 BT_DBG("sk %p", sk);
426
427 if (parent) {
428 sk->sk_type = parent->sk_type;
429 bt_sk(sk)->flags = bt_sk(parent)->flags;
430 security_sk_clone(parent, sk);
431 }
432 }
433
434 static struct proto sco_proto = {
435 .name = "SCO",
436 .owner = THIS_MODULE,
437 .obj_size = sizeof(struct sco_pinfo)
438 };
439
440 static struct sock *sco_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
441 {
442 struct sock *sk;
443
444 sk = sk_alloc(net, PF_BLUETOOTH, prio, &sco_proto);
445 if (!sk)
446 return NULL;
447
448 sock_init_data(sock, sk);
449 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
450
451 sk->sk_destruct = sco_sock_destruct;
452 sk->sk_sndtimeo = SCO_CONN_TIMEOUT;
453
454 sock_reset_flag(sk, SOCK_ZAPPED);
455
456 sk->sk_protocol = proto;
457 sk->sk_state = BT_OPEN;
458
459 sco_pi(sk)->setting = BT_VOICE_CVSD_16BIT;
460
461 setup_timer(&sk->sk_timer, sco_sock_timeout, (unsigned long)sk);
462
463 bt_sock_link(&sco_sk_list, sk);
464 return sk;
465 }
466
467 static int sco_sock_create(struct net *net, struct socket *sock, int protocol,
468 int kern)
469 {
470 struct sock *sk;
471
472 BT_DBG("sock %p", sock);
473
474 sock->state = SS_UNCONNECTED;
475
476 if (sock->type != SOCK_SEQPACKET)
477 return -ESOCKTNOSUPPORT;
478
479 sock->ops = &sco_sock_ops;
480
481 sk = sco_sock_alloc(net, sock, protocol, GFP_ATOMIC);
482 if (!sk)
483 return -ENOMEM;
484
485 sco_sock_init(sk, NULL);
486 return 0;
487 }
488
489 static int sco_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
490 {
491 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
492 struct sock *sk = sock->sk;
493 int err = 0;
494
495 BT_DBG("sk %p %pMR", sk, &sa->sco_bdaddr);
496
497 if (!addr || addr->sa_family != AF_BLUETOOTH)
498 return -EINVAL;
499
500 lock_sock(sk);
501
502 if (sk->sk_state != BT_OPEN) {
503 err = -EBADFD;
504 goto done;
505 }
506
507 if (sk->sk_type != SOCK_SEQPACKET) {
508 err = -EINVAL;
509 goto done;
510 }
511
512 bacpy(&sco_pi(sk)->src, &sa->sco_bdaddr);
513
514 sk->sk_state = BT_BOUND;
515
516 done:
517 release_sock(sk);
518 return err;
519 }
520
521 static int sco_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
522 {
523 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
524 struct sock *sk = sock->sk;
525 int err;
526
527 BT_DBG("sk %p", sk);
528
529 if (alen < sizeof(struct sockaddr_sco) ||
530 addr->sa_family != AF_BLUETOOTH)
531 return -EINVAL;
532
533 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND)
534 return -EBADFD;
535
536 if (sk->sk_type != SOCK_SEQPACKET)
537 return -EINVAL;
538
539 lock_sock(sk);
540
541 /* Set destination address and psm */
542 bacpy(&sco_pi(sk)->dst, &sa->sco_bdaddr);
543
544 err = sco_connect(sk);
545 if (err)
546 goto done;
547
548 err = bt_sock_wait_state(sk, BT_CONNECTED,
549 sock_sndtimeo(sk, flags & O_NONBLOCK));
550
551 done:
552 release_sock(sk);
553 return err;
554 }
555
556 static int sco_sock_listen(struct socket *sock, int backlog)
557 {
558 struct sock *sk = sock->sk;
559 bdaddr_t *src = &sco_pi(sk)->src;
560 int err = 0;
561
562 BT_DBG("sk %p backlog %d", sk, backlog);
563
564 lock_sock(sk);
565
566 if (sk->sk_state != BT_BOUND) {
567 err = -EBADFD;
568 goto done;
569 }
570
571 if (sk->sk_type != SOCK_SEQPACKET) {
572 err = -EINVAL;
573 goto done;
574 }
575
576 write_lock(&sco_sk_list.lock);
577
578 if (__sco_get_sock_listen_by_addr(src)) {
579 err = -EADDRINUSE;
580 goto unlock;
581 }
582
583 sk->sk_max_ack_backlog = backlog;
584 sk->sk_ack_backlog = 0;
585
586 sk->sk_state = BT_LISTEN;
587
588 unlock:
589 write_unlock(&sco_sk_list.lock);
590
591 done:
592 release_sock(sk);
593 return err;
594 }
595
596 static int sco_sock_accept(struct socket *sock, struct socket *newsock, int flags)
597 {
598 DECLARE_WAITQUEUE(wait, current);
599 struct sock *sk = sock->sk, *ch;
600 long timeo;
601 int err = 0;
602
603 lock_sock(sk);
604
605 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
606
607 BT_DBG("sk %p timeo %ld", sk, timeo);
608
609 /* Wait for an incoming connection. (wake-one). */
610 add_wait_queue_exclusive(sk_sleep(sk), &wait);
611 while (1) {
612 set_current_state(TASK_INTERRUPTIBLE);
613
614 if (sk->sk_state != BT_LISTEN) {
615 err = -EBADFD;
616 break;
617 }
618
619 ch = bt_accept_dequeue(sk, newsock);
620 if (ch)
621 break;
622
623 if (!timeo) {
624 err = -EAGAIN;
625 break;
626 }
627
628 if (signal_pending(current)) {
629 err = sock_intr_errno(timeo);
630 break;
631 }
632
633 release_sock(sk);
634 timeo = schedule_timeout(timeo);
635 lock_sock(sk);
636 }
637 __set_current_state(TASK_RUNNING);
638 remove_wait_queue(sk_sleep(sk), &wait);
639
640 if (err)
641 goto done;
642
643 newsock->state = SS_CONNECTED;
644
645 BT_DBG("new socket %p", ch);
646
647 done:
648 release_sock(sk);
649 return err;
650 }
651
652 static int sco_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
653 {
654 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
655 struct sock *sk = sock->sk;
656
657 BT_DBG("sock %p, sk %p", sock, sk);
658
659 addr->sa_family = AF_BLUETOOTH;
660 *len = sizeof(struct sockaddr_sco);
661
662 if (peer)
663 bacpy(&sa->sco_bdaddr, &sco_pi(sk)->dst);
664 else
665 bacpy(&sa->sco_bdaddr, &sco_pi(sk)->src);
666
667 return 0;
668 }
669
670 static int sco_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
671 struct msghdr *msg, size_t len)
672 {
673 struct sock *sk = sock->sk;
674 int err;
675
676 BT_DBG("sock %p, sk %p", sock, sk);
677
678 err = sock_error(sk);
679 if (err)
680 return err;
681
682 if (msg->msg_flags & MSG_OOB)
683 return -EOPNOTSUPP;
684
685 lock_sock(sk);
686
687 if (sk->sk_state == BT_CONNECTED)
688 err = sco_send_frame(sk, msg, len);
689 else
690 err = -ENOTCONN;
691
692 release_sock(sk);
693 return err;
694 }
695
696 static void sco_conn_defer_accept(struct hci_conn *conn, u16 setting)
697 {
698 struct hci_dev *hdev = conn->hdev;
699
700 BT_DBG("conn %p", conn);
701
702 conn->state = BT_CONFIG;
703
704 if (!lmp_esco_capable(hdev)) {
705 struct hci_cp_accept_conn_req cp;
706
707 bacpy(&cp.bdaddr, &conn->dst);
708 cp.role = 0x00; /* Ignored */
709
710 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp), &cp);
711 } else {
712 struct hci_cp_accept_sync_conn_req cp;
713
714 bacpy(&cp.bdaddr, &conn->dst);
715 cp.pkt_type = cpu_to_le16(conn->pkt_type);
716
717 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
718 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
719 cp.content_format = cpu_to_le16(setting);
720
721 switch (setting & SCO_AIRMODE_MASK) {
722 case SCO_AIRMODE_TRANSP:
723 if (conn->pkt_type & ESCO_2EV3)
724 cp.max_latency = cpu_to_le16(0x0008);
725 else
726 cp.max_latency = cpu_to_le16(0x000D);
727 cp.retrans_effort = 0x02;
728 break;
729 case SCO_AIRMODE_CVSD:
730 cp.max_latency = cpu_to_le16(0xffff);
731 cp.retrans_effort = 0xff;
732 break;
733 }
734
735 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
736 sizeof(cp), &cp);
737 }
738 }
739
740 static int sco_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
741 struct msghdr *msg, size_t len, int flags)
742 {
743 struct sock *sk = sock->sk;
744 struct sco_pinfo *pi = sco_pi(sk);
745
746 lock_sock(sk);
747
748 if (sk->sk_state == BT_CONNECT2 &&
749 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
750 sco_conn_defer_accept(pi->conn->hcon, pi->setting);
751 sk->sk_state = BT_CONFIG;
752
753 release_sock(sk);
754 return 0;
755 }
756
757 release_sock(sk);
758
759 return bt_sock_recvmsg(iocb, sock, msg, len, flags);
760 }
761
762 static int sco_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
763 {
764 struct sock *sk = sock->sk;
765 int len, err = 0;
766 struct bt_voice voice;
767 u32 opt;
768
769 BT_DBG("sk %p", sk);
770
771 lock_sock(sk);
772
773 switch (optname) {
774
775 case BT_DEFER_SETUP:
776 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
777 err = -EINVAL;
778 break;
779 }
780
781 if (get_user(opt, (u32 __user *) optval)) {
782 err = -EFAULT;
783 break;
784 }
785
786 if (opt)
787 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
788 else
789 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
790 break;
791
792 case BT_VOICE:
793 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND &&
794 sk->sk_state != BT_CONNECT2) {
795 err = -EINVAL;
796 break;
797 }
798
799 voice.setting = sco_pi(sk)->setting;
800
801 len = min_t(unsigned int, sizeof(voice), optlen);
802 if (copy_from_user((char *) &voice, optval, len)) {
803 err = -EFAULT;
804 break;
805 }
806
807 /* Explicitly check for these values */
808 if (voice.setting != BT_VOICE_TRANSPARENT &&
809 voice.setting != BT_VOICE_CVSD_16BIT) {
810 err = -EINVAL;
811 break;
812 }
813
814 sco_pi(sk)->setting = voice.setting;
815 break;
816
817 default:
818 err = -ENOPROTOOPT;
819 break;
820 }
821
822 release_sock(sk);
823 return err;
824 }
825
826 static int sco_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
827 {
828 struct sock *sk = sock->sk;
829 struct sco_options opts;
830 struct sco_conninfo cinfo;
831 int len, err = 0;
832
833 BT_DBG("sk %p", sk);
834
835 if (get_user(len, optlen))
836 return -EFAULT;
837
838 lock_sock(sk);
839
840 switch (optname) {
841 case SCO_OPTIONS:
842 if (sk->sk_state != BT_CONNECTED &&
843 !(sk->sk_state == BT_CONNECT2 &&
844 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
845 err = -ENOTCONN;
846 break;
847 }
848
849 opts.mtu = sco_pi(sk)->conn->mtu;
850
851 BT_DBG("mtu %d", opts.mtu);
852
853 len = min_t(unsigned int, len, sizeof(opts));
854 if (copy_to_user(optval, (char *)&opts, len))
855 err = -EFAULT;
856
857 break;
858
859 case SCO_CONNINFO:
860 if (sk->sk_state != BT_CONNECTED &&
861 !(sk->sk_state == BT_CONNECT2 &&
862 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
863 err = -ENOTCONN;
864 break;
865 }
866
867 memset(&cinfo, 0, sizeof(cinfo));
868 cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle;
869 memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3);
870
871 len = min_t(unsigned int, len, sizeof(cinfo));
872 if (copy_to_user(optval, (char *)&cinfo, len))
873 err = -EFAULT;
874
875 break;
876
877 default:
878 err = -ENOPROTOOPT;
879 break;
880 }
881
882 release_sock(sk);
883 return err;
884 }
885
886 static int sco_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
887 {
888 struct sock *sk = sock->sk;
889 int len, err = 0;
890 struct bt_voice voice;
891
892 BT_DBG("sk %p", sk);
893
894 if (level == SOL_SCO)
895 return sco_sock_getsockopt_old(sock, optname, optval, optlen);
896
897 if (get_user(len, optlen))
898 return -EFAULT;
899
900 lock_sock(sk);
901
902 switch (optname) {
903
904 case BT_DEFER_SETUP:
905 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
906 err = -EINVAL;
907 break;
908 }
909
910 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
911 (u32 __user *) optval))
912 err = -EFAULT;
913
914 break;
915
916 case BT_VOICE:
917 voice.setting = sco_pi(sk)->setting;
918
919 len = min_t(unsigned int, len, sizeof(voice));
920 if (copy_to_user(optval, (char *)&voice, len))
921 err = -EFAULT;
922
923 break;
924
925 default:
926 err = -ENOPROTOOPT;
927 break;
928 }
929
930 release_sock(sk);
931 return err;
932 }
933
934 static int sco_sock_shutdown(struct socket *sock, int how)
935 {
936 struct sock *sk = sock->sk;
937 int err = 0;
938
939 BT_DBG("sock %p, sk %p", sock, sk);
940
941 if (!sk)
942 return 0;
943
944 lock_sock(sk);
945 if (!sk->sk_shutdown) {
946 sk->sk_shutdown = SHUTDOWN_MASK;
947 sco_sock_clear_timer(sk);
948 __sco_sock_close(sk);
949
950 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
951 err = bt_sock_wait_state(sk, BT_CLOSED,
952 sk->sk_lingertime);
953 }
954 release_sock(sk);
955 return err;
956 }
957
958 static int sco_sock_release(struct socket *sock)
959 {
960 struct sock *sk = sock->sk;
961 int err = 0;
962
963 BT_DBG("sock %p, sk %p", sock, sk);
964
965 if (!sk)
966 return 0;
967
968 sco_sock_close(sk);
969
970 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) {
971 lock_sock(sk);
972 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
973 release_sock(sk);
974 }
975
976 sock_orphan(sk);
977 sco_sock_kill(sk);
978 return err;
979 }
980
981 /* Delete channel.
982 * Must be called on the locked socket. */
983 static void sco_chan_del(struct sock *sk, int err)
984 {
985 struct sco_conn *conn;
986
987 conn = sco_pi(sk)->conn;
988
989 BT_DBG("sk %p, conn %p, err %d", sk, conn, err);
990
991 if (conn) {
992 sco_conn_lock(conn);
993 conn->sk = NULL;
994 sco_pi(sk)->conn = NULL;
995 sco_conn_unlock(conn);
996
997 if (conn->hcon)
998 hci_conn_drop(conn->hcon);
999 }
1000
1001 sk->sk_state = BT_CLOSED;
1002 sk->sk_err = err;
1003 sk->sk_state_change(sk);
1004
1005 sock_set_flag(sk, SOCK_ZAPPED);
1006 }
1007
1008 static void sco_conn_ready(struct sco_conn *conn)
1009 {
1010 struct sock *parent;
1011 struct sock *sk = conn->sk;
1012
1013 BT_DBG("conn %p", conn);
1014
1015 if (sk) {
1016 sco_sock_clear_timer(sk);
1017 bh_lock_sock(sk);
1018 sk->sk_state = BT_CONNECTED;
1019 sk->sk_state_change(sk);
1020 bh_unlock_sock(sk);
1021 } else {
1022 sco_conn_lock(conn);
1023
1024 parent = sco_get_sock_listen(&conn->hcon->src);
1025 if (!parent) {
1026 sco_conn_unlock(conn);
1027 return;
1028 }
1029
1030 bh_lock_sock(parent);
1031
1032 sk = sco_sock_alloc(sock_net(parent), NULL,
1033 BTPROTO_SCO, GFP_ATOMIC);
1034 if (!sk) {
1035 bh_unlock_sock(parent);
1036 sco_conn_unlock(conn);
1037 return;
1038 }
1039
1040 sco_sock_init(sk, parent);
1041
1042 bacpy(&sco_pi(sk)->src, &conn->hcon->src);
1043 bacpy(&sco_pi(sk)->dst, &conn->hcon->dst);
1044
1045 hci_conn_hold(conn->hcon);
1046 __sco_chan_add(conn, sk, parent);
1047
1048 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags))
1049 sk->sk_state = BT_CONNECT2;
1050 else
1051 sk->sk_state = BT_CONNECTED;
1052
1053 /* Wake up parent */
1054 parent->sk_data_ready(parent);
1055
1056 bh_unlock_sock(parent);
1057
1058 sco_conn_unlock(conn);
1059 }
1060 }
1061
1062 /* ----- SCO interface with lower layer (HCI) ----- */
1063 int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 *flags)
1064 {
1065 struct sock *sk;
1066 int lm = 0;
1067
1068 BT_DBG("hdev %s, bdaddr %pMR", hdev->name, bdaddr);
1069
1070 /* Find listening sockets */
1071 read_lock(&sco_sk_list.lock);
1072 sk_for_each(sk, &sco_sk_list.head) {
1073 if (sk->sk_state != BT_LISTEN)
1074 continue;
1075
1076 if (!bacmp(&sco_pi(sk)->src, &hdev->bdaddr) ||
1077 !bacmp(&sco_pi(sk)->src, BDADDR_ANY)) {
1078 lm |= HCI_LM_ACCEPT;
1079
1080 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))
1081 *flags |= HCI_PROTO_DEFER;
1082 break;
1083 }
1084 }
1085 read_unlock(&sco_sk_list.lock);
1086
1087 return lm;
1088 }
1089
1090 void sco_connect_cfm(struct hci_conn *hcon, __u8 status)
1091 {
1092 BT_DBG("hcon %p bdaddr %pMR status %d", hcon, &hcon->dst, status);
1093 if (!status) {
1094 struct sco_conn *conn;
1095
1096 conn = sco_conn_add(hcon);
1097 if (conn)
1098 sco_conn_ready(conn);
1099 } else
1100 sco_conn_del(hcon, bt_to_errno(status));
1101 }
1102
1103 void sco_disconn_cfm(struct hci_conn *hcon, __u8 reason)
1104 {
1105 BT_DBG("hcon %p reason %d", hcon, reason);
1106
1107 sco_conn_del(hcon, bt_to_errno(reason));
1108 }
1109
1110 int sco_recv_scodata(struct hci_conn *hcon, struct sk_buff *skb)
1111 {
1112 struct sco_conn *conn = hcon->sco_data;
1113
1114 if (!conn)
1115 goto drop;
1116
1117 BT_DBG("conn %p len %d", conn, skb->len);
1118
1119 if (skb->len) {
1120 sco_recv_frame(conn, skb);
1121 return 0;
1122 }
1123
1124 drop:
1125 kfree_skb(skb);
1126 return 0;
1127 }
1128
1129 static int sco_debugfs_show(struct seq_file *f, void *p)
1130 {
1131 struct sock *sk;
1132
1133 read_lock(&sco_sk_list.lock);
1134
1135 sk_for_each(sk, &sco_sk_list.head) {
1136 seq_printf(f, "%pMR %pMR %d\n", &sco_pi(sk)->src,
1137 &sco_pi(sk)->dst, sk->sk_state);
1138 }
1139
1140 read_unlock(&sco_sk_list.lock);
1141
1142 return 0;
1143 }
1144
1145 static int sco_debugfs_open(struct inode *inode, struct file *file)
1146 {
1147 return single_open(file, sco_debugfs_show, inode->i_private);
1148 }
1149
1150 static const struct file_operations sco_debugfs_fops = {
1151 .open = sco_debugfs_open,
1152 .read = seq_read,
1153 .llseek = seq_lseek,
1154 .release = single_release,
1155 };
1156
1157 static struct dentry *sco_debugfs;
1158
1159 static const struct proto_ops sco_sock_ops = {
1160 .family = PF_BLUETOOTH,
1161 .owner = THIS_MODULE,
1162 .release = sco_sock_release,
1163 .bind = sco_sock_bind,
1164 .connect = sco_sock_connect,
1165 .listen = sco_sock_listen,
1166 .accept = sco_sock_accept,
1167 .getname = sco_sock_getname,
1168 .sendmsg = sco_sock_sendmsg,
1169 .recvmsg = sco_sock_recvmsg,
1170 .poll = bt_sock_poll,
1171 .ioctl = bt_sock_ioctl,
1172 .mmap = sock_no_mmap,
1173 .socketpair = sock_no_socketpair,
1174 .shutdown = sco_sock_shutdown,
1175 .setsockopt = sco_sock_setsockopt,
1176 .getsockopt = sco_sock_getsockopt
1177 };
1178
1179 static const struct net_proto_family sco_sock_family_ops = {
1180 .family = PF_BLUETOOTH,
1181 .owner = THIS_MODULE,
1182 .create = sco_sock_create,
1183 };
1184
1185 int __init sco_init(void)
1186 {
1187 int err;
1188
1189 err = proto_register(&sco_proto, 0);
1190 if (err < 0)
1191 return err;
1192
1193 err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops);
1194 if (err < 0) {
1195 BT_ERR("SCO socket registration failed");
1196 goto error;
1197 }
1198
1199 err = bt_procfs_init(&init_net, "sco", &sco_sk_list, NULL);
1200 if (err < 0) {
1201 BT_ERR("Failed to create SCO proc file");
1202 bt_sock_unregister(BTPROTO_SCO);
1203 goto error;
1204 }
1205
1206 BT_INFO("SCO socket layer initialized");
1207
1208 if (IS_ERR_OR_NULL(bt_debugfs))
1209 return 0;
1210
1211 sco_debugfs = debugfs_create_file("sco", 0444, bt_debugfs,
1212 NULL, &sco_debugfs_fops);
1213
1214 return 0;
1215
1216 error:
1217 proto_unregister(&sco_proto);
1218 return err;
1219 }
1220
1221 void __exit sco_exit(void)
1222 {
1223 bt_procfs_cleanup(&init_net, "sco");
1224
1225 debugfs_remove(sco_debugfs);
1226
1227 bt_sock_unregister(BTPROTO_SCO);
1228
1229 proto_unregister(&sco_proto);
1230 }
1231
1232 module_param(disable_esco, bool, 0644);
1233 MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation");
ubuntu-bionic-kernel mirror