2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
7 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License version 2 as
11 published by the Free Software Foundation;
13 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
14 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
16 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
17 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
18 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
19 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
20 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
22 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
23 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
24 SOFTWARE IS DISCLAIMED.
27 /* Bluetooth L2CAP sockets. */
29 #include <net/bluetooth/bluetooth.h>
30 #include <net/bluetooth/hci_core.h>
31 #include <net/bluetooth/l2cap.h>
33 static void l2cap_sock_timeout(unsigned long arg)
35 struct sock *sk = (struct sock *) arg;
38 BT_DBG("sock %p state %d", sk, sk->sk_state);
42 if (sock_owned_by_user(sk)) {
43 /* sk is owned by user. Try again later */
44 l2cap_sock_set_timer(sk, HZ / 5);
50 if (sk->sk_state == BT_CONNECTED || sk->sk_state == BT_CONFIG)
51 reason = ECONNREFUSED;
52 else if (sk->sk_state == BT_CONNECT &&
53 l2cap_pi(sk)->sec_level != BT_SECURITY_SDP)
54 reason = ECONNREFUSED;
58 __l2cap_sock_close(sk, reason);
66 static struct sock *__l2cap_get_sock_by_addr(__le16 psm, bdaddr_t *src)
69 struct hlist_node *node;
70 sk_for_each(sk, node, &l2cap_sk_list.head)
71 if (l2cap_pi(sk)->sport == psm && !bacmp(&bt_sk(sk)->src, src))
78 static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
80 struct sock *sk = sock->sk;
81 struct sockaddr_l2 la;
86 if (!addr || addr->sa_family != AF_BLUETOOTH)
89 memset(&la, 0, sizeof(la));
90 len = min_t(unsigned int, sizeof(la), alen);
91 memcpy(&la, addr, len);
98 if (sk->sk_state != BT_OPEN) {
104 __u16 psm = __le16_to_cpu(la.l2_psm);
106 /* PSM must be odd and lsb of upper byte must be 0 */
107 if ((psm & 0x0101) != 0x0001) {
112 /* Restrict usage of well-known PSMs */
113 if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) {
119 write_lock_bh(&l2cap_sk_list.lock);
121 if (la.l2_psm && __l2cap_get_sock_by_addr(la.l2_psm, &la.l2_bdaddr)) {
124 /* Save source address */
125 bacpy(&bt_sk(sk)->src, &la.l2_bdaddr);
126 l2cap_pi(sk)->psm = la.l2_psm;
127 l2cap_pi(sk)->sport = la.l2_psm;
128 sk->sk_state = BT_BOUND;
130 if (__le16_to_cpu(la.l2_psm) == 0x0001 ||
131 __le16_to_cpu(la.l2_psm) == 0x0003)
132 l2cap_pi(sk)->sec_level = BT_SECURITY_SDP;
135 write_unlock_bh(&l2cap_sk_list.lock);
142 static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
144 struct sock *sk = sock->sk;
145 struct sockaddr_l2 la;
150 if (!addr || alen < sizeof(addr->sa_family) ||
151 addr->sa_family != AF_BLUETOOTH)
154 memset(&la, 0, sizeof(la));
155 len = min_t(unsigned int, sizeof(la), alen);
156 memcpy(&la, addr, len);
163 if ((sk->sk_type == SOCK_SEQPACKET || sk->sk_type == SOCK_STREAM)
169 switch (l2cap_pi(sk)->mode) {
170 case L2CAP_MODE_BASIC:
172 case L2CAP_MODE_ERTM:
173 case L2CAP_MODE_STREAMING:
182 switch (sk->sk_state) {
186 /* Already connecting */
190 /* Already connected */
204 /* PSM must be odd and lsb of upper byte must be 0 */
205 if ((__le16_to_cpu(la.l2_psm) & 0x0101) != 0x0001 &&
206 sk->sk_type != SOCK_RAW) {
211 /* Set destination address and psm */
212 bacpy(&bt_sk(sk)->dst, &la.l2_bdaddr);
213 l2cap_pi(sk)->psm = la.l2_psm;
215 err = l2cap_do_connect(sk);
220 err = bt_sock_wait_state(sk, BT_CONNECTED,
221 sock_sndtimeo(sk, flags & O_NONBLOCK));
227 static int l2cap_sock_listen(struct socket *sock, int backlog)
229 struct sock *sk = sock->sk;
232 BT_DBG("sk %p backlog %d", sk, backlog);
236 if ((sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM)
237 || sk->sk_state != BT_BOUND) {
242 switch (l2cap_pi(sk)->mode) {
243 case L2CAP_MODE_BASIC:
245 case L2CAP_MODE_ERTM:
246 case L2CAP_MODE_STREAMING:
255 if (!l2cap_pi(sk)->psm) {
256 bdaddr_t *src = &bt_sk(sk)->src;
261 write_lock_bh(&l2cap_sk_list.lock);
263 for (psm = 0x1001; psm < 0x1100; psm += 2)
264 if (!__l2cap_get_sock_by_addr(cpu_to_le16(psm), src)) {
265 l2cap_pi(sk)->psm = cpu_to_le16(psm);
266 l2cap_pi(sk)->sport = cpu_to_le16(psm);
271 write_unlock_bh(&l2cap_sk_list.lock);
277 sk->sk_max_ack_backlog = backlog;
278 sk->sk_ack_backlog = 0;
279 sk->sk_state = BT_LISTEN;
286 static int l2cap_sock_accept(struct socket *sock, struct socket *newsock, int flags)
288 DECLARE_WAITQUEUE(wait, current);
289 struct sock *sk = sock->sk, *nsk;
293 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
295 if (sk->sk_state != BT_LISTEN) {
300 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
302 BT_DBG("sk %p timeo %ld", sk, timeo);
304 /* Wait for an incoming connection. (wake-one). */
305 add_wait_queue_exclusive(sk_sleep(sk), &wait);
306 while (!(nsk = bt_accept_dequeue(sk, newsock))) {
307 set_current_state(TASK_INTERRUPTIBLE);
314 timeo = schedule_timeout(timeo);
315 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
317 if (sk->sk_state != BT_LISTEN) {
322 if (signal_pending(current)) {
323 err = sock_intr_errno(timeo);
327 set_current_state(TASK_RUNNING);
328 remove_wait_queue(sk_sleep(sk), &wait);
333 newsock->state = SS_CONNECTED;
335 BT_DBG("new socket %p", nsk);
342 static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
344 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
345 struct sock *sk = sock->sk;
347 BT_DBG("sock %p, sk %p", sock, sk);
349 addr->sa_family = AF_BLUETOOTH;
350 *len = sizeof(struct sockaddr_l2);
353 la->l2_psm = l2cap_pi(sk)->psm;
354 bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst);
355 la->l2_cid = cpu_to_le16(l2cap_pi(sk)->dcid);
357 la->l2_psm = l2cap_pi(sk)->sport;
358 bacpy(&la->l2_bdaddr, &bt_sk(sk)->src);
359 la->l2_cid = cpu_to_le16(l2cap_pi(sk)->scid);
365 static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
367 struct sock *sk = sock->sk;
368 struct l2cap_options opts;
369 struct l2cap_conninfo cinfo;
375 if (get_user(len, optlen))
382 opts.imtu = l2cap_pi(sk)->imtu;
383 opts.omtu = l2cap_pi(sk)->omtu;
384 opts.flush_to = l2cap_pi(sk)->flush_to;
385 opts.mode = l2cap_pi(sk)->mode;
386 opts.fcs = l2cap_pi(sk)->fcs;
387 opts.max_tx = l2cap_pi(sk)->max_tx;
388 opts.txwin_size = (__u16)l2cap_pi(sk)->tx_win;
390 len = min_t(unsigned int, len, sizeof(opts));
391 if (copy_to_user(optval, (char *) &opts, len))
397 switch (l2cap_pi(sk)->sec_level) {
398 case BT_SECURITY_LOW:
401 case BT_SECURITY_MEDIUM:
402 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT;
404 case BT_SECURITY_HIGH:
405 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
413 if (l2cap_pi(sk)->role_switch)
414 opt |= L2CAP_LM_MASTER;
416 if (l2cap_pi(sk)->force_reliable)
417 opt |= L2CAP_LM_RELIABLE;
419 if (put_user(opt, (u32 __user *) optval))
424 if (sk->sk_state != BT_CONNECTED &&
425 !(sk->sk_state == BT_CONNECT2 &&
426 bt_sk(sk)->defer_setup)) {
431 cinfo.hci_handle = l2cap_pi(sk)->conn->hcon->handle;
432 memcpy(cinfo.dev_class, l2cap_pi(sk)->conn->hcon->dev_class, 3);
434 len = min_t(unsigned int, len, sizeof(cinfo));
435 if (copy_to_user(optval, (char *) &cinfo, len))
449 static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
451 struct sock *sk = sock->sk;
452 struct bt_security sec;
457 if (level == SOL_L2CAP)
458 return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
460 if (level != SOL_BLUETOOTH)
463 if (get_user(len, optlen))
470 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
471 && sk->sk_type != SOCK_RAW) {
476 sec.level = l2cap_pi(sk)->sec_level;
478 len = min_t(unsigned int, len, sizeof(sec));
479 if (copy_to_user(optval, (char *) &sec, len))
485 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
490 if (put_user(bt_sk(sk)->defer_setup, (u32 __user *) optval))
496 if (put_user(l2cap_pi(sk)->flushable, (u32 __user *) optval))
510 static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __user *optval, unsigned int optlen)
512 struct sock *sk = sock->sk;
513 struct l2cap_options opts;
523 if (sk->sk_state == BT_CONNECTED) {
528 opts.imtu = l2cap_pi(sk)->imtu;
529 opts.omtu = l2cap_pi(sk)->omtu;
530 opts.flush_to = l2cap_pi(sk)->flush_to;
531 opts.mode = l2cap_pi(sk)->mode;
532 opts.fcs = l2cap_pi(sk)->fcs;
533 opts.max_tx = l2cap_pi(sk)->max_tx;
534 opts.txwin_size = (__u16)l2cap_pi(sk)->tx_win;
536 len = min_t(unsigned int, sizeof(opts), optlen);
537 if (copy_from_user((char *) &opts, optval, len)) {
542 if (opts.txwin_size > L2CAP_DEFAULT_TX_WINDOW) {
547 l2cap_pi(sk)->mode = opts.mode;
548 switch (l2cap_pi(sk)->mode) {
549 case L2CAP_MODE_BASIC:
550 l2cap_pi(sk)->conf_state &= ~L2CAP_CONF_STATE2_DEVICE;
552 case L2CAP_MODE_ERTM:
553 case L2CAP_MODE_STREAMING:
562 l2cap_pi(sk)->imtu = opts.imtu;
563 l2cap_pi(sk)->omtu = opts.omtu;
564 l2cap_pi(sk)->fcs = opts.fcs;
565 l2cap_pi(sk)->max_tx = opts.max_tx;
566 l2cap_pi(sk)->tx_win = (__u8)opts.txwin_size;
570 if (get_user(opt, (u32 __user *) optval)) {
575 if (opt & L2CAP_LM_AUTH)
576 l2cap_pi(sk)->sec_level = BT_SECURITY_LOW;
577 if (opt & L2CAP_LM_ENCRYPT)
578 l2cap_pi(sk)->sec_level = BT_SECURITY_MEDIUM;
579 if (opt & L2CAP_LM_SECURE)
580 l2cap_pi(sk)->sec_level = BT_SECURITY_HIGH;
582 l2cap_pi(sk)->role_switch = (opt & L2CAP_LM_MASTER);
583 l2cap_pi(sk)->force_reliable = (opt & L2CAP_LM_RELIABLE);
595 static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
597 struct sock *sk = sock->sk;
598 struct bt_security sec;
604 if (level == SOL_L2CAP)
605 return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
607 if (level != SOL_BLUETOOTH)
614 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
615 && sk->sk_type != SOCK_RAW) {
620 sec.level = BT_SECURITY_LOW;
622 len = min_t(unsigned int, sizeof(sec), optlen);
623 if (copy_from_user((char *) &sec, optval, len)) {
628 if (sec.level < BT_SECURITY_LOW ||
629 sec.level > BT_SECURITY_HIGH) {
634 l2cap_pi(sk)->sec_level = sec.level;
638 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
643 if (get_user(opt, (u32 __user *) optval)) {
648 bt_sk(sk)->defer_setup = opt;
652 if (get_user(opt, (u32 __user *) optval)) {
657 if (opt > BT_FLUSHABLE_ON) {
662 if (opt == BT_FLUSHABLE_OFF) {
663 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
664 /* proceed futher only when we have l2cap_conn and
665 No Flush support in the LM */
666 if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) {
672 l2cap_pi(sk)->flushable = opt;
684 static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len, int flags)
686 struct sock *sk = sock->sk;
690 if (sk->sk_state == BT_CONNECT2 && bt_sk(sk)->defer_setup) {
691 struct l2cap_conn_rsp rsp;
692 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
695 sk->sk_state = BT_CONFIG;
697 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
698 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
699 rsp.result = cpu_to_le16(L2CAP_CR_SUCCESS);
700 rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
701 l2cap_send_cmd(l2cap_pi(sk)->conn, l2cap_pi(sk)->ident,
702 L2CAP_CONN_RSP, sizeof(rsp), &rsp);
704 if (l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT) {
709 l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT;
710 l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ,
711 l2cap_build_conf_req(sk, buf), buf);
712 l2cap_pi(sk)->num_conf_req++;
720 if (sock->type == SOCK_STREAM)
721 return bt_sock_stream_recvmsg(iocb, sock, msg, len, flags);
723 return bt_sock_recvmsg(iocb, sock, msg, len, flags);
726 static int l2cap_sock_release(struct socket *sock)
728 struct sock *sk = sock->sk;
731 BT_DBG("sock %p, sk %p", sock, sk);
736 err = l2cap_sock_shutdown(sock, 2);
743 static void l2cap_sock_destruct(struct sock *sk)
747 skb_queue_purge(&sk->sk_receive_queue);
748 skb_queue_purge(&sk->sk_write_queue);
751 void l2cap_sock_init(struct sock *sk, struct sock *parent)
753 struct l2cap_pinfo *pi = l2cap_pi(sk);
758 sk->sk_type = parent->sk_type;
759 bt_sk(sk)->defer_setup = bt_sk(parent)->defer_setup;
761 pi->imtu = l2cap_pi(parent)->imtu;
762 pi->omtu = l2cap_pi(parent)->omtu;
763 pi->conf_state = l2cap_pi(parent)->conf_state;
764 pi->mode = l2cap_pi(parent)->mode;
765 pi->fcs = l2cap_pi(parent)->fcs;
766 pi->max_tx = l2cap_pi(parent)->max_tx;
767 pi->tx_win = l2cap_pi(parent)->tx_win;
768 pi->sec_level = l2cap_pi(parent)->sec_level;
769 pi->role_switch = l2cap_pi(parent)->role_switch;
770 pi->force_reliable = l2cap_pi(parent)->force_reliable;
771 pi->flushable = l2cap_pi(parent)->flushable;
773 pi->imtu = L2CAP_DEFAULT_MTU;
775 if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
776 pi->mode = L2CAP_MODE_ERTM;
777 pi->conf_state |= L2CAP_CONF_STATE2_DEVICE;
779 pi->mode = L2CAP_MODE_BASIC;
781 pi->max_tx = L2CAP_DEFAULT_MAX_TX;
782 pi->fcs = L2CAP_FCS_CRC16;
783 pi->tx_win = L2CAP_DEFAULT_TX_WINDOW;
784 pi->sec_level = BT_SECURITY_LOW;
786 pi->force_reliable = 0;
787 pi->flushable = BT_FLUSHABLE_OFF;
790 /* Default config options */
792 pi->flush_to = L2CAP_DEFAULT_FLUSH_TO;
793 skb_queue_head_init(TX_QUEUE(sk));
794 skb_queue_head_init(SREJ_QUEUE(sk));
795 skb_queue_head_init(BUSY_QUEUE(sk));
796 INIT_LIST_HEAD(SREJ_LIST(sk));
799 static struct proto l2cap_proto = {
801 .owner = THIS_MODULE,
802 .obj_size = sizeof(struct l2cap_pinfo)
805 struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
809 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
813 sock_init_data(sock, sk);
814 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
816 sk->sk_destruct = l2cap_sock_destruct;
817 sk->sk_sndtimeo = msecs_to_jiffies(L2CAP_CONN_TIMEOUT);
819 sock_reset_flag(sk, SOCK_ZAPPED);
821 sk->sk_protocol = proto;
822 sk->sk_state = BT_OPEN;
824 setup_timer(&sk->sk_timer, l2cap_sock_timeout, (unsigned long) sk);
826 bt_sock_link(&l2cap_sk_list, sk);
830 static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
835 BT_DBG("sock %p", sock);
837 sock->state = SS_UNCONNECTED;
839 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
840 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
841 return -ESOCKTNOSUPPORT;
843 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
846 sock->ops = &l2cap_sock_ops;
848 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
852 l2cap_sock_init(sk, NULL);
856 const struct proto_ops l2cap_sock_ops = {
857 .family = PF_BLUETOOTH,
858 .owner = THIS_MODULE,
859 .release = l2cap_sock_release,
860 .bind = l2cap_sock_bind,
861 .connect = l2cap_sock_connect,
862 .listen = l2cap_sock_listen,
863 .accept = l2cap_sock_accept,
864 .getname = l2cap_sock_getname,
865 .sendmsg = l2cap_sock_sendmsg,
866 .recvmsg = l2cap_sock_recvmsg,
867 .poll = bt_sock_poll,
868 .ioctl = bt_sock_ioctl,
869 .mmap = sock_no_mmap,
870 .socketpair = sock_no_socketpair,
871 .shutdown = l2cap_sock_shutdown,
872 .setsockopt = l2cap_sock_setsockopt,
873 .getsockopt = l2cap_sock_getsockopt
876 static const struct net_proto_family l2cap_sock_family_ops = {
877 .family = PF_BLUETOOTH,
878 .owner = THIS_MODULE,
879 .create = l2cap_sock_create,
882 int __init l2cap_init_sockets(void)
886 err = proto_register(&l2cap_proto, 0);
890 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
894 BT_INFO("L2CAP socket layer initialized");
899 BT_ERR("L2CAP socket registration failed");
900 proto_unregister(&l2cap_proto);
904 void l2cap_cleanup_sockets(void)
906 if (bt_sock_unregister(BTPROTO_L2CAP) < 0)
907 BT_ERR("L2CAP socket unregistration failed");
909 proto_unregister(&l2cap_proto);
projects / linux-flexiantxendom0-3.2.10.git / blob