]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blame - net/bluetooth/rfcomm/sock.c
projects / mirror_ubuntu-artful-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
sched/headers: Prepare to move signal wakeup & sigpending methods from <linux/sched...
[mirror_ubuntu-artful-kernel.git] / net / bluetooth / rfcomm / sock.c
CommitLineData
8e87d142 1/*
1da177e4
LT		 2 RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
9
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18
8e87d142
YH		 19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 21 SOFTWARE IS DISCLAIMED.
22*/
23
24/*
25 * RFCOMM sockets.
1da177e4
LT		 26 */
27
8c520a59 28#include <linux/export.h>
aef7d97c 29#include <linux/debugfs.h>
174cd4b1 30#include <linux/sched/signal.h>
1da177e4
LT		 31
32#include <net/bluetooth/bluetooth.h>
33#include <net/bluetooth/hci_core.h>
34#include <net/bluetooth/l2cap.h>
35#include <net/bluetooth/rfcomm.h>
36
90ddc4f0 37static const struct proto_ops rfcomm_sock_ops;
1da177e4
LT		 38
39static struct bt_sock_list rfcomm_sk_list = {
d5fb2962 40 .lock = __RW_LOCK_UNLOCKED(rfcomm_sk_list.lock)
1da177e4
LT		 41};
42
43static void rfcomm_sock_close(struct sock *sk);
44static void rfcomm_sock_kill(struct sock *sk);
45
46/* ---- DLC callbacks ----
47 *
48 * called under rfcomm_dlc_lock()
49 */
50static void rfcomm_sk_data_ready(struct rfcomm_dlc *d, struct sk_buff *skb)
51{
52 struct sock *sk = d->owner;
53 if (!sk)
54 return;
55
56 atomic_add(skb->len, &sk->sk_rmem_alloc);
57 skb_queue_tail(&sk->sk_receive_queue, skb);
676d2369 58 sk->sk_data_ready(sk);
1da177e4
LT		 59
60 if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf)
61 rfcomm_dlc_throttle(d);
62}
63
64static void rfcomm_sk_state_change(struct rfcomm_dlc *d, int err)
65{
66 struct sock *sk = d->owner, *parent;
fad003b6
GP		 67 unsigned long flags;
68
1da177e4
LT		 69 if (!sk)
70 return;
71
72 BT_DBG("dlc %p state %ld err %d", d, d->state, err);
73
fad003b6 74 local_irq_save(flags);
1da177e4
LT		 75 bh_lock_sock(sk);
76
77 if (err)
78 sk->sk_err = err;
79
80 sk->sk_state = d->state;
81
82 parent = bt_sk(sk)->parent;
83 if (parent) {
84 if (d->state == BT_CLOSED) {
85 sock_set_flag(sk, SOCK_ZAPPED);
86 bt_accept_unlink(sk);
87 }
676d2369 88 parent->sk_data_ready(parent);
1da177e4
LT		 89 } else {
90 if (d->state == BT_CONNECTED)
94a86df0
MH		 91 rfcomm_session_getaddr(d->session,
92 &rfcomm_pi(sk)->src, NULL);
1da177e4
LT		 93 sk->sk_state_change(sk);
94 }
95
96 bh_unlock_sock(sk);
fad003b6 97 local_irq_restore(flags);
1da177e4
LT		 98
99 if (parent && sock_flag(sk, SOCK_ZAPPED)) {
100 /* We have to drop DLC lock here, otherwise
101 * rfcomm_sock_destruct() will dead lock. */
102 rfcomm_dlc_unlock(d);
103 rfcomm_sock_kill(sk);
104 rfcomm_dlc_lock(d);
105 }
106}
107
108/* ---- Socket functions ---- */
b1765e7a 109static struct sock *__rfcomm_get_listen_sock_by_addr(u8 channel, bdaddr_t *src)
1da177e4
LT		 110{
111 struct sock *sk = NULL;
1da177e4 112
b67bfe0d 113 sk_for_each(sk, &rfcomm_sk_list.head) {
b1765e7a
AK		 114 if (rfcomm_pi(sk)->channel != channel)
115 continue;
116
117 if (bacmp(&rfcomm_pi(sk)->src, src))
118 continue;
119
120 if (sk->sk_state == BT_BOUND || sk->sk_state == BT_LISTEN)
1da177e4
LT		 121 break;
122 }
123
b67bfe0d 124 return sk ? sk : NULL;
1da177e4
LT		 125}
126
127/* Find socket with channel and source bdaddr.
128 * Returns closest match.
129 */
eeb36656 130static struct sock *rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src)
1da177e4
LT		 131{
132 struct sock *sk = NULL, *sk1 = NULL;
1da177e4 133
eeb36656
GP		 134 read_lock(&rfcomm_sk_list.lock);
135
b67bfe0d 136 sk_for_each(sk, &rfcomm_sk_list.head) {
1da177e4
LT		 137 if (state && sk->sk_state != state)
138 continue;
139
140 if (rfcomm_pi(sk)->channel == channel) {
141 /* Exact match. */
94a86df0 142 if (!bacmp(&rfcomm_pi(sk)->src, src))
1da177e4
LT		 143 break;
144
145 /* Closest match */
94a86df0 146 if (!bacmp(&rfcomm_pi(sk)->src, BDADDR_ANY))
1da177e4
LT		 147 sk1 = sk;
148 }
149 }
1da177e4 150
1da177e4 151 read_unlock(&rfcomm_sk_list.lock);
eeb36656 152
b67bfe0d 153 return sk ? sk : sk1;
1da177e4
LT		 154}
155
156static void rfcomm_sock_destruct(struct sock *sk)
157{
158 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
159
160 BT_DBG("sk %p dlc %p", sk, d);
161
162 skb_queue_purge(&sk->sk_receive_queue);
163 skb_queue_purge(&sk->sk_write_queue);
164
165 rfcomm_dlc_lock(d);
166 rfcomm_pi(sk)->dlc = NULL;
167
168 /* Detach DLC if it's owned by this socket */
169 if (d->owner == sk)
170 d->owner = NULL;
171 rfcomm_dlc_unlock(d);
172
173 rfcomm_dlc_put(d);
174}
175
176static void rfcomm_sock_cleanup_listen(struct sock *parent)
177{
178 struct sock *sk;
179
180 BT_DBG("parent %p", parent);
181
182 /* Close not yet accepted dlcs */
183 while ((sk = bt_accept_dequeue(parent, NULL))) {
184 rfcomm_sock_close(sk);
185 rfcomm_sock_kill(sk);
186 }
187
188 parent->sk_state = BT_CLOSED;
189 sock_set_flag(parent, SOCK_ZAPPED);
190}
191
192/* Kill socket (only if zapped and orphan)
193 * Must be called on unlocked socket.
194 */
195static void rfcomm_sock_kill(struct sock *sk)
196{
197 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
198 return;
199
200 BT_DBG("sk %p state %d refcnt %d", sk, sk->sk_state, atomic_read(&sk->sk_refcnt));
201
202 /* Kill poor orphan */
203 bt_sock_unlink(&rfcomm_sk_list, sk);
204 sock_set_flag(sk, SOCK_DEAD);
205 sock_put(sk);
206}
207
208static void __rfcomm_sock_close(struct sock *sk)
209{
210 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
211
212 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
213
214 switch (sk->sk_state) {
215 case BT_LISTEN:
216 rfcomm_sock_cleanup_listen(sk);
217 break;
218
219 case BT_CONNECT:
220 case BT_CONNECT2:
221 case BT_CONFIG:
222 case BT_CONNECTED:
223 rfcomm_dlc_close(d, 0);
224
225 default:
226 sock_set_flag(sk, SOCK_ZAPPED);
227 break;
228 }
229}
230
231/* Close socket.
232 * Must be called on unlocked socket.
233 */
234static void rfcomm_sock_close(struct sock *sk)
235{
236 lock_sock(sk);
237 __rfcomm_sock_close(sk);
238 release_sock(sk);
239}
240
241static void rfcomm_sock_init(struct sock *sk, struct sock *parent)
242{
243 struct rfcomm_pinfo *pi = rfcomm_pi(sk);
244
245 BT_DBG("sk %p", sk);
246
247 if (parent) {
248 sk->sk_type = parent->sk_type;
c5daa683
GP		 249 pi->dlc->defer_setup = test_bit(BT_SK_DEFER_SETUP,
250 &bt_sk(parent)->flags);
9f2c8a03
MH		 251
252 pi->sec_level = rfcomm_pi(parent)->sec_level;
253 pi->role_switch = rfcomm_pi(parent)->role_switch;
6230c9b4
PM		 254
255 security_sk_clone(parent, sk);
1da177e4 256 } else {
bb23c0ab 257 pi->dlc->defer_setup = 0;
9f2c8a03
MH		 258
259 pi->sec_level = BT_SECURITY_LOW;
260 pi->role_switch = 0;
1da177e4
LT		 261 }
262
9f2c8a03
MH		 263 pi->dlc->sec_level = pi->sec_level;
264 pi->dlc->role_switch = pi->role_switch;
1da177e4
LT		 265}
266
267static struct proto rfcomm_proto = {
268 .name = "RFCOMM",
269 .owner = THIS_MODULE,
270 .obj_size = sizeof(struct rfcomm_pinfo)
271};
272
11aa9c28 273static struct sock *rfcomm_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio, int kern)
1da177e4
LT		 274{
275 struct rfcomm_dlc *d;
276 struct sock *sk;
277
11aa9c28 278 sk = sk_alloc(net, PF_BLUETOOTH, prio, &rfcomm_proto, kern);
1da177e4
LT		 279 if (!sk)
280 return NULL;
281
282 sock_init_data(sock, sk);
283 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
284
285 d = rfcomm_dlc_alloc(prio);
286 if (!d) {
287 sk_free(sk);
288 return NULL;
289 }
290
291 d->data_ready = rfcomm_sk_data_ready;
292 d->state_change = rfcomm_sk_state_change;
293
294 rfcomm_pi(sk)->dlc = d;
295 d->owner = sk;
296
297 sk->sk_destruct = rfcomm_sock_destruct;
298 sk->sk_sndtimeo = RFCOMM_CONN_TIMEOUT;
299
77db1980
MH		 300 sk->sk_sndbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10;
301 sk->sk_rcvbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10;
1da177e4
LT		 302
303 sock_reset_flag(sk, SOCK_ZAPPED);
304
305 sk->sk_protocol = proto;
77db1980 306 sk->sk_state = BT_OPEN;
1da177e4
LT		 307
308 bt_sock_link(&rfcomm_sk_list, sk);
309
310 BT_DBG("sk %p", sk);
311 return sk;
312}
313
3f378b68
EP		 314static int rfcomm_sock_create(struct net *net, struct socket *sock,
315 int protocol, int kern)
1da177e4
LT		 316{
317 struct sock *sk;
318
319 BT_DBG("sock %p", sock);
320
321 sock->state = SS_UNCONNECTED;
322
323 if (sock->type != SOCK_STREAM && sock->type != SOCK_RAW)
324 return -ESOCKTNOSUPPORT;
325
326 sock->ops = &rfcomm_sock_ops;
327
11aa9c28 328 sk = rfcomm_sock_alloc(net, sock, protocol, GFP_ATOMIC, kern);
74da626a 329 if (!sk)
1da177e4
LT		 330 return -ENOMEM;
331
332 rfcomm_sock_init(sk, NULL);
333 return 0;
334}
335
336static int rfcomm_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
337{
951b6a07 338 struct sockaddr_rc sa;
1da177e4 339 struct sock *sk = sock->sk;
951b6a07 340 int len, err = 0;
1da177e4
LT		 341
342 if (!addr || addr->sa_family != AF_BLUETOOTH)
343 return -EINVAL;
344
951b6a07
JK		 345 memset(&sa, 0, sizeof(sa));
346 len = min_t(unsigned int, sizeof(sa), addr_len);
347 memcpy(&sa, addr, len);
348
349 BT_DBG("sk %p %pMR", sk, &sa.rc_bdaddr);
350
1da177e4
LT		 351 lock_sock(sk);
352
353 if (sk->sk_state != BT_OPEN) {
354 err = -EBADFD;
355 goto done;
356 }
357
354d28d5
MH		 358 if (sk->sk_type != SOCK_STREAM) {
359 err = -EINVAL;
360 goto done;
361 }
362
95ca83f4 363 write_lock(&rfcomm_sk_list.lock);
1da177e4 364
951b6a07
JK		 365 if (sa.rc_channel &&
366 __rfcomm_get_listen_sock_by_addr(sa.rc_channel, &sa.rc_bdaddr)) {
1da177e4
LT		 367 err = -EADDRINUSE;
368 } else {
369 /* Save source address */
951b6a07
JK		 370 bacpy(&rfcomm_pi(sk)->src, &sa.rc_bdaddr);
371 rfcomm_pi(sk)->channel = sa.rc_channel;
1da177e4
LT		 372 sk->sk_state = BT_BOUND;
373 }
374
95ca83f4 375 write_unlock(&rfcomm_sk_list.lock);
1da177e4
LT		 376
377done:
378 release_sock(sk);
379 return err;
380}
381
382static int rfcomm_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
383{
384 struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
385 struct sock *sk = sock->sk;
386 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
387 int err = 0;
388
389 BT_DBG("sk %p", sk);
390
6503d961
CG		 391 if (alen < sizeof(struct sockaddr_rc) ||
392 addr->sa_family != AF_BLUETOOTH)
1da177e4
LT		 393 return -EINVAL;
394
354d28d5 395 lock_sock(sk);
1da177e4 396
354d28d5
MH		 397 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) {
398 err = -EBADFD;
399 goto done;
400 }
1da177e4 401
354d28d5
MH		 402 if (sk->sk_type != SOCK_STREAM) {
403 err = -EINVAL;
404 goto done;
405 }
1da177e4
LT		 406
407 sk->sk_state = BT_CONNECT;
94a86df0 408 bacpy(&rfcomm_pi(sk)->dst, &sa->rc_bdaddr);
1da177e4
LT		 409 rfcomm_pi(sk)->channel = sa->rc_channel;
410
9f2c8a03
MH		 411 d->sec_level = rfcomm_pi(sk)->sec_level;
412 d->role_switch = rfcomm_pi(sk)->role_switch;
77db1980 413
94a86df0
MH		 414 err = rfcomm_dlc_open(d, &rfcomm_pi(sk)->src, &sa->rc_bdaddr,
415 sa->rc_channel);
1da177e4
LT		 416 if (!err)
417 err = bt_sock_wait_state(sk, BT_CONNECTED,
418 sock_sndtimeo(sk, flags & O_NONBLOCK));
419
354d28d5 420done:
1da177e4
LT		 421 release_sock(sk);
422 return err;
423}
424
425static int rfcomm_sock_listen(struct socket *sock, int backlog)
426{
427 struct sock *sk = sock->sk;
428 int err = 0;
429
430 BT_DBG("sk %p backlog %d", sk, backlog);
431
432 lock_sock(sk);
433
434 if (sk->sk_state != BT_BOUND) {
435 err = -EBADFD;
436 goto done;
437 }
438
354d28d5
MH		 439 if (sk->sk_type != SOCK_STREAM) {
440 err = -EINVAL;
441 goto done;
442 }
443
1da177e4 444 if (!rfcomm_pi(sk)->channel) {
94a86df0 445 bdaddr_t *src = &rfcomm_pi(sk)->src;
1da177e4
LT		 446 u8 channel;
447
448 err = -EINVAL;
449
95ca83f4 450 write_lock(&rfcomm_sk_list.lock);
1da177e4
LT		 451
452 for (channel = 1; channel < 31; channel++)
b1765e7a 453 if (!__rfcomm_get_listen_sock_by_addr(channel, src)) {
1da177e4
LT		 454 rfcomm_pi(sk)->channel = channel;
455 err = 0;
456 break;
457 }
458
95ca83f4 459 write_unlock(&rfcomm_sk_list.lock);
1da177e4
LT		 460
461 if (err < 0)
462 goto done;
463 }
464
465 sk->sk_max_ack_backlog = backlog;
466 sk->sk_ack_backlog = 0;
467 sk->sk_state = BT_LISTEN;
468
469done:
470 release_sock(sk);
471 return err;
472}
473
474static int rfcomm_sock_accept(struct socket *sock, struct socket *newsock, int flags)
475{
dfb2fae7 476 DEFINE_WAIT_FUNC(wait, woken_wake_function);
1da177e4
LT		 477 struct sock *sk = sock->sk, *nsk;
478 long timeo;
479 int err = 0;
480
dc2a0e20 481 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
1da177e4 482
354d28d5
MH		 483 if (sk->sk_type != SOCK_STREAM) {
484 err = -EINVAL;
485 goto done;
486 }
487
1da177e4
LT		 488 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
489
490 BT_DBG("sk %p timeo %ld", sk, timeo);
491
492 /* Wait for an incoming connection. (wake-one). */
aa395145 493 add_wait_queue_exclusive(sk_sleep(sk), &wait);
950e2d51 494 while (1) {
950e2d51
PH		 495 if (sk->sk_state != BT_LISTEN) {
496 err = -EBADFD;
1da177e4
LT		 497 break;
498 }
499
950e2d51
PH		 500 nsk = bt_accept_dequeue(sk, newsock);
501 if (nsk)
502 break;
1da177e4 503
950e2d51
PH		 504 if (!timeo) {
505 err = -EAGAIN;
1da177e4
LT		 506 break;
507 }
508
509 if (signal_pending(current)) {
510 err = sock_intr_errno(timeo);
511 break;
512 }
950e2d51
PH		 513
514 release_sock(sk);
dfb2fae7
PH		 515
516 timeo = wait_woken(&wait, TASK_INTERRUPTIBLE, timeo);
517
dc2a0e20 518 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
1da177e4 519 }
aa395145 520 remove_wait_queue(sk_sleep(sk), &wait);
1da177e4
LT		 521
522 if (err)
523 goto done;
524
525 newsock->state = SS_CONNECTED;
526
527 BT_DBG("new socket %p", nsk);
528
529done:
530 release_sock(sk);
531 return err;
532}
533
534static int rfcomm_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
535{
536 struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
537 struct sock *sk = sock->sk;
538
539 BT_DBG("sock %p, sk %p", sock, sk);
540
e8b1ab9e
JH		 541 if (peer && sk->sk_state != BT_CONNECTED &&
542 sk->sk_state != BT_CONNECT && sk->sk_state != BT_CONNECT2)
35364c99
JH		 543 return -ENOTCONN;
544
9344a972 545 memset(sa, 0, sizeof(*sa));
1da177e4
LT		 546 sa->rc_family = AF_BLUETOOTH;
547 sa->rc_channel = rfcomm_pi(sk)->channel;
548 if (peer)
94a86df0 549 bacpy(&sa->rc_bdaddr, &rfcomm_pi(sk)->dst);
1da177e4 550 else
94a86df0 551 bacpy(&sa->rc_bdaddr, &rfcomm_pi(sk)->src);
1da177e4
LT		 552
553 *len = sizeof(struct sockaddr_rc);
554 return 0;
555}
556
1b784140
YX		 557static int rfcomm_sock_sendmsg(struct socket *sock, struct msghdr *msg,
558 size_t len)
1da177e4
LT		 559{
560 struct sock *sk = sock->sk;
561 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
562 struct sk_buff *skb;
e793dcf0 563 int sent;
1da177e4 564
bb23c0ab
MH		 565 if (test_bit(RFCOMM_DEFER_SETUP, &d->flags))
566 return -ENOTCONN;
567
1da177e4
LT		 568 if (msg->msg_flags & MSG_OOB)
569 return -EOPNOTSUPP;
570
571 if (sk->sk_shutdown & SEND_SHUTDOWN)
572 return -EPIPE;
573
574 BT_DBG("sock %p, sk %p", sock, sk);
575
576 lock_sock(sk);
577
e793dcf0
JH		 578 sent = bt_sock_wait_ready(sk, msg->msg_flags);
579 if (sent)
580 goto done;
581
1da177e4
LT		 582 while (len) {
583 size_t size = min_t(size_t, len, d->mtu);
4d6a2188 584 int err;
8e87d142 585
1da177e4
LT		 586 skb = sock_alloc_send_skb(sk, size + RFCOMM_SKB_RESERVE,
587 msg->msg_flags & MSG_DONTWAIT, &err);
91aa35a5
VS		 588 if (!skb) {
589 if (sent == 0)
590 sent = err;
1da177e4 591 break;
91aa35a5 592 }
1da177e4
LT		 593 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
594
6ce8e9ce 595 err = memcpy_from_msg(skb_put(skb, size), msg, size);
1da177e4
LT		 596 if (err) {
597 kfree_skb(skb);
4d6a2188
MH		 598 if (sent == 0)
599 sent = err;
1da177e4
LT		 600 break;
601 }
602
262038fc
LAD		 603 skb->priority = sk->sk_priority;
604
1da177e4
LT		 605 err = rfcomm_dlc_send(d, skb);
606 if (err < 0) {
607 kfree_skb(skb);
4d6a2188
MH		 608 if (sent == 0)
609 sent = err;
1da177e4
LT		 610 break;
611 }
612
613 sent += size;
614 len -= size;
615 }
616
e793dcf0 617done:
1da177e4
LT		 618 release_sock(sk);
619
4d6a2188 620 return sent;
1da177e4
LT		 621}
622
1b784140
YX		 623static int rfcomm_sock_recvmsg(struct socket *sock, struct msghdr *msg,
624 size_t size, int flags)
1da177e4
LT		 625{
626 struct sock *sk = sock->sk;
bb23c0ab 627 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
3d7d01df 628 int len;
1da177e4 629
bb23c0ab
MH		 630 if (test_and_clear_bit(RFCOMM_DEFER_SETUP, &d->flags)) {
631 rfcomm_dlc_accept(d);
632 return 0;
633 }
634
1b784140 635 len = bt_sock_stream_recvmsg(sock, msg, size, flags);
1da177e4
LT		 636
637 lock_sock(sk);
3d7d01df
MM		 638 if (!(flags & MSG_PEEK) && len > 0)
639 atomic_sub(len, &sk->sk_rmem_alloc);
1da177e4 640
1da177e4
LT		 641 if (atomic_read(&sk->sk_rmem_alloc) <= (sk->sk_rcvbuf >> 2))
642 rfcomm_dlc_unthrottle(rfcomm_pi(sk)->dlc);
1da177e4 643 release_sock(sk);
3d7d01df
MM		 644
645 return len;
1da177e4
LT		 646}
647
b7058842 648static int rfcomm_sock_setsockopt_old(struct socket *sock, int optname, char __user *optval, unsigned int optlen)
1da177e4
LT		 649{
650 struct sock *sk = sock->sk;
651 int err = 0;
652 u32 opt;
653
654 BT_DBG("sk %p", sk);
655
656 lock_sock(sk);
657
658 switch (optname) {
659 case RFCOMM_LM:
660 if (get_user(opt, (u32 __user *) optval)) {
661 err = -EFAULT;
662 break;
663 }
664
2c068e0b
MH		 665 if (opt & RFCOMM_LM_FIPS) {
666 err = -EINVAL;
667 break;
668 }
669
9f2c8a03
MH		 670 if (opt & RFCOMM_LM_AUTH)
671 rfcomm_pi(sk)->sec_level = BT_SECURITY_LOW;
672 if (opt & RFCOMM_LM_ENCRYPT)
673 rfcomm_pi(sk)->sec_level = BT_SECURITY_MEDIUM;
674 if (opt & RFCOMM_LM_SECURE)
675 rfcomm_pi(sk)->sec_level = BT_SECURITY_HIGH;
676
677 rfcomm_pi(sk)->role_switch = (opt & RFCOMM_LM_MASTER);
1da177e4
LT		 678 break;
679
680 default:
681 err = -ENOPROTOOPT;
682 break;
683 }
684
685 release_sock(sk);
686 return err;
687}
688
b7058842 689static int rfcomm_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
d58daf42
MH		 690{
691 struct sock *sk = sock->sk;
9f2c8a03 692 struct bt_security sec;
d0fad89d
SB		 693 int err = 0;
694 size_t len;
bb23c0ab 695 u32 opt;
d58daf42
MH		 696
697 BT_DBG("sk %p", sk);
698
699 if (level == SOL_RFCOMM)
700 return rfcomm_sock_setsockopt_old(sock, optname, optval, optlen);
701
0588d94f
MH		 702 if (level != SOL_BLUETOOTH)
703 return -ENOPROTOOPT;
704
d58daf42
MH		 705 lock_sock(sk);
706
707 switch (optname) {
9f2c8a03 708 case BT_SECURITY:
0588d94f
MH		 709 if (sk->sk_type != SOCK_STREAM) {
710 err = -EINVAL;
711 break;
712 }
713
9f2c8a03
MH		 714 sec.level = BT_SECURITY_LOW;
715
716 len = min_t(unsigned int, sizeof(sec), optlen);
717 if (copy_from_user((char *) &sec, optval, len)) {
718 err = -EFAULT;
719 break;
720 }
721
722 if (sec.level > BT_SECURITY_HIGH) {
723 err = -EINVAL;
724 break;
725 }
726
727 rfcomm_pi(sk)->sec_level = sec.level;
728 break;
729
bb23c0ab
MH		 730 case BT_DEFER_SETUP:
731 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
732 err = -EINVAL;
733 break;
734 }
735
736 if (get_user(opt, (u32 __user *) optval)) {
737 err = -EFAULT;
738 break;
739 }
740
c5daa683
GP		 741 if (opt)
742 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
743 else
744 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
745
bb23c0ab
MH		 746 break;
747
d58daf42
MH		 748 default:
749 err = -ENOPROTOOPT;
750 break;
751 }
752
753 release_sock(sk);
754 return err;
755}
756
757static int rfcomm_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
1da177e4
LT		 758{
759 struct sock *sk = sock->sk;
60c7a3c9
MH		 760 struct sock *l2cap_sk;
761 struct l2cap_conn *conn;
1da177e4
LT		 762 struct rfcomm_conninfo cinfo;
763 int len, err = 0;
9f2c8a03 764 u32 opt;
1da177e4
LT		 765
766 BT_DBG("sk %p", sk);
767
768 if (get_user(len, optlen))
769 return -EFAULT;
770
771 lock_sock(sk);
772
773 switch (optname) {
774 case RFCOMM_LM:
9f2c8a03
MH		 775 switch (rfcomm_pi(sk)->sec_level) {
776 case BT_SECURITY_LOW:
777 opt = RFCOMM_LM_AUTH;
778 break;
779 case BT_SECURITY_MEDIUM:
780 opt = RFCOMM_LM_AUTH | RFCOMM_LM_ENCRYPT;
781 break;
782 case BT_SECURITY_HIGH:
783 opt = RFCOMM_LM_AUTH | RFCOMM_LM_ENCRYPT |
2c068e0b
MH		 784 RFCOMM_LM_SECURE;
785 break;
786 case BT_SECURITY_FIPS:
787 opt = RFCOMM_LM_AUTH | RFCOMM_LM_ENCRYPT |
788 RFCOMM_LM_SECURE | RFCOMM_LM_FIPS;
9f2c8a03
MH		 789 break;
790 default:
791 opt = 0;
792 break;
793 }
794
795 if (rfcomm_pi(sk)->role_switch)
796 opt |= RFCOMM_LM_MASTER;
797
798 if (put_user(opt, (u32 __user *) optval))
1da177e4 799 err = -EFAULT;
2c068e0b 800
1da177e4
LT		 801 break;
802
803 case RFCOMM_CONNINFO:
bb23c0ab
MH		 804 if (sk->sk_state != BT_CONNECTED &&
805 !rfcomm_pi(sk)->dlc->defer_setup) {
1da177e4
LT		 806 err = -ENOTCONN;
807 break;
808 }
809
60c7a3c9
MH		 810 l2cap_sk = rfcomm_pi(sk)->dlc->session->sock->sk;
811 conn = l2cap_pi(l2cap_sk)->chan->conn;
812
8d03e971 813 memset(&cinfo, 0, sizeof(cinfo));
8c1d787b
GP		 814 cinfo.hci_handle = conn->hcon->handle;
815 memcpy(cinfo.dev_class, conn->hcon->dev_class, 3);
1da177e4
LT		 816
817 len = min_t(unsigned int, len, sizeof(cinfo));
818 if (copy_to_user(optval, (char *) &cinfo, len))
819 err = -EFAULT;
820
821 break;
822
823 default:
824 err = -ENOPROTOOPT;
825 break;
826 }
827
828 release_sock(sk);
d58daf42
MH		 829 return err;
830}
831
832static int rfcomm_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
833{
834 struct sock *sk = sock->sk;
9f2c8a03 835 struct bt_security sec;
d58daf42
MH		 836 int len, err = 0;
837
838 BT_DBG("sk %p", sk);
839
840 if (level == SOL_RFCOMM)
841 return rfcomm_sock_getsockopt_old(sock, optname, optval, optlen);
842
0588d94f
MH		 843 if (level != SOL_BLUETOOTH)
844 return -ENOPROTOOPT;
845
d58daf42
MH		 846 if (get_user(len, optlen))
847 return -EFAULT;
848
849 lock_sock(sk);
850
851 switch (optname) {
9f2c8a03 852 case BT_SECURITY:
0588d94f
MH		 853 if (sk->sk_type != SOCK_STREAM) {
854 err = -EINVAL;
855 break;
856 }
857
9f2c8a03 858 sec.level = rfcomm_pi(sk)->sec_level;
9ad2de43 859 sec.key_size = 0;
9f2c8a03
MH		 860
861 len = min_t(unsigned int, len, sizeof(sec));
862 if (copy_to_user(optval, (char *) &sec, len))
863 err = -EFAULT;
864
865 break;
866
bb23c0ab
MH		 867 case BT_DEFER_SETUP:
868 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
869 err = -EINVAL;
870 break;
871 }
872
c5daa683
GP		 873 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
874 (u32 __user *) optval))
bb23c0ab
MH		 875 err = -EFAULT;
876
877 break;
878
d58daf42
MH		 879 default:
880 err = -ENOPROTOOPT;
881 break;
882 }
883
884 release_sock(sk);
1da177e4
LT		 885 return err;
886}
887
888static int rfcomm_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
889{
e19caae7 890 struct sock *sk __maybe_unused = sock->sk;
1da177e4
LT		 891 int err;
892
e19caae7 893 BT_DBG("sk %p cmd %x arg %lx", sk, cmd, arg);
1da177e4 894
3241ad82 895 err = bt_sock_ioctl(sock, cmd, arg);
1da177e4 896
3241ad82 897 if (err == -ENOIOCTLCMD) {
1da177e4 898#ifdef CONFIG_BT_RFCOMM_TTY
3241ad82
MH		 899 lock_sock(sk);
900 err = rfcomm_dev_ioctl(sk, cmd, (void __user *) arg);
901 release_sock(sk);
1da177e4 902#else
3241ad82 903 err = -EOPNOTSUPP;
1da177e4 904#endif
3241ad82 905 }
1da177e4 906
1da177e4
LT		 907 return err;
908}
909
910static int rfcomm_sock_shutdown(struct socket *sock, int how)
911{
912 struct sock *sk = sock->sk;
913 int err = 0;
914
915 BT_DBG("sock %p, sk %p", sock, sk);
916
285b4e90
AE		 917 if (!sk)
918 return 0;
1da177e4
LT		 919
920 lock_sock(sk);
921 if (!sk->sk_shutdown) {
922 sk->sk_shutdown = SHUTDOWN_MASK;
923 __rfcomm_sock_close(sk);
924
093facf3
VD		 925 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime &&
926 !(current->flags & PF_EXITING))
1da177e4
LT		 927 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
928 }
929 release_sock(sk);
930 return err;
931}
932
933static int rfcomm_sock_release(struct socket *sock)
934{
935 struct sock *sk = sock->sk;
936 int err;
937
938 BT_DBG("sock %p, sk %p", sock, sk);
939
940 if (!sk)
941 return 0;
942
943 err = rfcomm_sock_shutdown(sock, 2);
944
945 sock_orphan(sk);
946 rfcomm_sock_kill(sk);
947 return err;
948}
949
8e87d142 950/* ---- RFCOMM core layer callbacks ----
1da177e4
LT		 951 *
952 * called under rfcomm_lock()
953 */
954int rfcomm_connect_ind(struct rfcomm_session *s, u8 channel, struct rfcomm_dlc **d)
955{
956 struct sock *sk, *parent;
957 bdaddr_t src, dst;
958 int result = 0;
959
960 BT_DBG("session %p channel %d", s, channel);
961
962 rfcomm_session_getaddr(s, &src, &dst);
963
964 /* Check if we have socket listening on channel */
965 parent = rfcomm_get_sock_by_channel(BT_LISTEN, channel, &src);
966 if (!parent)
967 return 0;
968
eeb36656
GP		 969 bh_lock_sock(parent);
970
1da177e4
LT		 971 /* Check for backlog size */
972 if (sk_acceptq_is_full(parent)) {
8e87d142 973 BT_DBG("backlog full %d", parent->sk_ack_backlog);
1da177e4
LT		 974 goto done;
975 }
976
11aa9c28 977 sk = rfcomm_sock_alloc(sock_net(parent), NULL, BTPROTO_RFCOMM, GFP_ATOMIC, 0);
1da177e4
LT		 978 if (!sk)
979 goto done;
980
b5a30dda
OP		 981 bt_sock_reclassify_lock(sk, BTPROTO_RFCOMM);
982
1da177e4 983 rfcomm_sock_init(sk, parent);
94a86df0
MH		 984 bacpy(&rfcomm_pi(sk)->src, &src);
985 bacpy(&rfcomm_pi(sk)->dst, &dst);
1da177e4
LT		 986 rfcomm_pi(sk)->channel = channel;
987
988 sk->sk_state = BT_CONFIG;
989 bt_accept_enqueue(parent, sk);
990
991 /* Accept connection and return socket DLC */
992 *d = rfcomm_pi(sk)->dlc;
993 result = 1;
994
995done:
996 bh_unlock_sock(parent);
bb23c0ab 997
c5daa683 998 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags))
bb23c0ab
MH		 999 parent->sk_state_change(parent);
1000
1da177e4
LT		 1001 return result;
1002}
1003
aef7d97c 1004static int rfcomm_sock_debugfs_show(struct seq_file *f, void *p)
1da177e4
LT		 1005{
1006 struct sock *sk;
1da177e4 1007
95ca83f4 1008 read_lock(&rfcomm_sk_list.lock);
1da177e4 1009
b67bfe0d 1010 sk_for_each(sk, &rfcomm_sk_list.head) {
fcb73338 1011 seq_printf(f, "%pMR %pMR %d %d\n",
94a86df0 1012 &rfcomm_pi(sk)->src, &rfcomm_pi(sk)->dst,
fcb73338 1013 sk->sk_state, rfcomm_pi(sk)->channel);
be9d1227 1014 }
1da177e4 1015
95ca83f4 1016 read_unlock(&rfcomm_sk_list.lock);
1da177e4 1017
aef7d97c 1018 return 0;
1da177e4
LT		 1019}
1020
aef7d97c
MH		 1021static int rfcomm_sock_debugfs_open(struct inode *inode, struct file *file)
1022{
1023 return single_open(file, rfcomm_sock_debugfs_show, inode->i_private);
1024}
1025
1026static const struct file_operations rfcomm_sock_debugfs_fops = {
1027 .open = rfcomm_sock_debugfs_open,
1028 .read = seq_read,
1029 .llseek = seq_lseek,
1030 .release = single_release,
1031};
1032
1033static struct dentry *rfcomm_sock_debugfs;
1da177e4 1034
90ddc4f0 1035static const struct proto_ops rfcomm_sock_ops = {
1da177e4
LT		 1036 .family = PF_BLUETOOTH,
1037 .owner = THIS_MODULE,
1038 .release = rfcomm_sock_release,
1039 .bind = rfcomm_sock_bind,
1040 .connect = rfcomm_sock_connect,
1041 .listen = rfcomm_sock_listen,
1042 .accept = rfcomm_sock_accept,
1043 .getname = rfcomm_sock_getname,
1044 .sendmsg = rfcomm_sock_sendmsg,
1045 .recvmsg = rfcomm_sock_recvmsg,
1046 .shutdown = rfcomm_sock_shutdown,
1047 .setsockopt = rfcomm_sock_setsockopt,
1048 .getsockopt = rfcomm_sock_getsockopt,
1049 .ioctl = rfcomm_sock_ioctl,
1050 .poll = bt_sock_poll,
1051 .socketpair = sock_no_socketpair,
1052 .mmap = sock_no_mmap
1053};
1054
ec1b4cf7 1055static const struct net_proto_family rfcomm_sock_family_ops = {
1da177e4
LT		 1056 .family = PF_BLUETOOTH,
1057 .owner = THIS_MODULE,
1058 .create = rfcomm_sock_create
1059};
1060
be9d1227 1061int __init rfcomm_init_sockets(void)
1da177e4
LT		 1062{
1063 int err;
1064
74b3fb8d
MH		 1065 BUILD_BUG_ON(sizeof(struct sockaddr_rc) > sizeof(struct sockaddr));
1066
1da177e4
LT		 1067 err = proto_register(&rfcomm_proto, 0);
1068 if (err < 0)
1069 return err;
1070
1071 err = bt_sock_register(BTPROTO_RFCOMM, &rfcomm_sock_family_ops);
c6f5df16
MY		 1072 if (err < 0) {
1073 BT_ERR("RFCOMM socket layer registration failed");
1074 goto error;
1075 }
1076
b0316615 1077 err = bt_procfs_init(&init_net, "rfcomm", &rfcomm_sk_list, NULL);
c6f5df16
MY		 1078 if (err < 0) {
1079 BT_ERR("Failed to create RFCOMM proc file");
1080 bt_sock_unregister(BTPROTO_RFCOMM);
1da177e4 1081 goto error;
c6f5df16 1082 }
1da177e4 1083
1da177e4
LT		 1084 BT_INFO("RFCOMM socket layer initialized");
1085
1120e4bf
MH		 1086 if (IS_ERR_OR_NULL(bt_debugfs))
1087 return 0;
1088
1089 rfcomm_sock_debugfs = debugfs_create_file("rfcomm", 0444,
1090 bt_debugfs, NULL,
1091 &rfcomm_sock_debugfs_fops);
1092
1da177e4
LT		 1093 return 0;
1094
1095error:
1da177e4
LT		 1096 proto_unregister(&rfcomm_proto);
1097 return err;
1098}
1099
2f8362af 1100void __exit rfcomm_cleanup_sockets(void)
1da177e4 1101{
c6f5df16
MY		 1102 bt_procfs_cleanup(&init_net, "rfcomm");
1103
aef7d97c 1104 debugfs_remove(rfcomm_sock_debugfs);
1da177e4 1105
5e9d7f86 1106 bt_sock_unregister(BTPROTO_RFCOMM);
1da177e4
LT		 1107
1108 proto_unregister(&rfcomm_proto);
1109}
Ubuntu Artful kernel mirror