2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
6 Copyright (C) 2011 ProFUSION Embedded Systems
8 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License version 2 as
12 published by the Free Software Foundation;
14 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
17 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
18 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
19 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
23 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
24 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
25 SOFTWARE IS DISCLAIMED.
28 /* Bluetooth L2CAP sockets. */
30 #include <linux/export.h>
32 #include <net/bluetooth/bluetooth.h>
33 #include <net/bluetooth/hci_core.h>
34 #include <net/bluetooth/l2cap.h>
38 static struct bt_sock_list l2cap_sk_list = {
39 .lock = __RW_LOCK_UNLOCKED(l2cap_sk_list.lock)
42 static const struct proto_ops l2cap_sock_ops;
43 static void l2cap_sock_init(struct sock *sk, struct sock *parent);
44 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock,
45 int proto, gfp_t prio);
47 bool l2cap_is_socket(struct socket *sock)
49 return sock && sock->ops == &l2cap_sock_ops;
51 EXPORT_SYMBOL(l2cap_is_socket);
53 static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
55 struct sock *sk = sock->sk;
56 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
57 struct sockaddr_l2 la;
62 if (!addr || addr->sa_family != AF_BLUETOOTH)
65 memset(&la, 0, sizeof(la));
66 len = min_t(unsigned int, sizeof(la), alen);
67 memcpy(&la, addr, len);
69 if (la.l2_cid && la.l2_psm)
72 if (!bdaddr_type_is_valid(la.l2_bdaddr_type))
77 if (sk->sk_state != BT_OPEN) {
83 __u16 psm = __le16_to_cpu(la.l2_psm);
85 /* PSM must be odd and lsb of upper byte must be 0 */
86 if ((psm & 0x0101) != 0x0001) {
91 /* Restrict usage of well-known PSMs */
92 if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) {
99 err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));
101 err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
106 switch (chan->chan_type) {
107 case L2CAP_CHAN_CONN_LESS:
108 if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_3DSP)
109 chan->sec_level = BT_SECURITY_SDP;
111 case L2CAP_CHAN_CONN_ORIENTED:
112 if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_SDP ||
113 __le16_to_cpu(la.l2_psm) == L2CAP_PSM_RFCOMM)
114 chan->sec_level = BT_SECURITY_SDP;
118 bacpy(&chan->src, &la.l2_bdaddr);
119 chan->src_type = la.l2_bdaddr_type;
121 chan->state = BT_BOUND;
122 sk->sk_state = BT_BOUND;
129 static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr,
132 struct sock *sk = sock->sk;
133 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
134 struct sockaddr_l2 la;
139 if (!addr || alen < sizeof(addr->sa_family) ||
140 addr->sa_family != AF_BLUETOOTH)
143 memset(&la, 0, sizeof(la));
144 len = min_t(unsigned int, sizeof(la), alen);
145 memcpy(&la, addr, len);
147 if (la.l2_cid && la.l2_psm)
150 if (!bdaddr_type_is_valid(la.l2_bdaddr_type))
153 if (chan->src_type == BDADDR_BREDR && la.l2_bdaddr_type != BDADDR_BREDR)
156 if (chan->src_type != BDADDR_BREDR && la.l2_bdaddr_type == BDADDR_BREDR)
159 err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid),
160 &la.l2_bdaddr, la.l2_bdaddr_type);
166 err = bt_sock_wait_state(sk, BT_CONNECTED,
167 sock_sndtimeo(sk, flags & O_NONBLOCK));
174 static int l2cap_sock_listen(struct socket *sock, int backlog)
176 struct sock *sk = sock->sk;
177 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
180 BT_DBG("sk %p backlog %d", sk, backlog);
184 if (sk->sk_state != BT_BOUND) {
189 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM) {
194 switch (chan->mode) {
195 case L2CAP_MODE_BASIC:
197 case L2CAP_MODE_ERTM:
198 case L2CAP_MODE_STREAMING:
207 sk->sk_max_ack_backlog = backlog;
208 sk->sk_ack_backlog = 0;
210 chan->state = BT_LISTEN;
211 sk->sk_state = BT_LISTEN;
218 static int l2cap_sock_accept(struct socket *sock, struct socket *newsock,
221 DECLARE_WAITQUEUE(wait, current);
222 struct sock *sk = sock->sk, *nsk;
226 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
228 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
230 BT_DBG("sk %p timeo %ld", sk, timeo);
232 /* Wait for an incoming connection. (wake-one). */
233 add_wait_queue_exclusive(sk_sleep(sk), &wait);
235 set_current_state(TASK_INTERRUPTIBLE);
237 if (sk->sk_state != BT_LISTEN) {
242 nsk = bt_accept_dequeue(sk, newsock);
251 if (signal_pending(current)) {
252 err = sock_intr_errno(timeo);
257 timeo = schedule_timeout(timeo);
258 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
260 __set_current_state(TASK_RUNNING);
261 remove_wait_queue(sk_sleep(sk), &wait);
266 newsock->state = SS_CONNECTED;
268 BT_DBG("new socket %p", nsk);
275 static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr,
278 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
279 struct sock *sk = sock->sk;
280 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
282 BT_DBG("sock %p, sk %p", sock, sk);
284 memset(la, 0, sizeof(struct sockaddr_l2));
285 addr->sa_family = AF_BLUETOOTH;
286 *len = sizeof(struct sockaddr_l2);
289 la->l2_psm = chan->psm;
290 bacpy(&la->l2_bdaddr, &chan->dst);
291 la->l2_cid = cpu_to_le16(chan->dcid);
292 la->l2_bdaddr_type = chan->dst_type;
294 la->l2_psm = chan->sport;
295 bacpy(&la->l2_bdaddr, &chan->src);
296 la->l2_cid = cpu_to_le16(chan->scid);
297 la->l2_bdaddr_type = chan->src_type;
303 static int l2cap_sock_getsockopt_old(struct socket *sock, int optname,
304 char __user *optval, int __user *optlen)
306 struct sock *sk = sock->sk;
307 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
308 struct l2cap_options opts;
309 struct l2cap_conninfo cinfo;
315 if (get_user(len, optlen))
322 memset(&opts, 0, sizeof(opts));
323 opts.imtu = chan->imtu;
324 opts.omtu = chan->omtu;
325 opts.flush_to = chan->flush_to;
326 opts.mode = chan->mode;
327 opts.fcs = chan->fcs;
328 opts.max_tx = chan->max_tx;
329 opts.txwin_size = chan->tx_win;
331 len = min_t(unsigned int, len, sizeof(opts));
332 if (copy_to_user(optval, (char *) &opts, len))
338 switch (chan->sec_level) {
339 case BT_SECURITY_LOW:
342 case BT_SECURITY_MEDIUM:
343 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT;
345 case BT_SECURITY_HIGH:
346 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
354 if (test_bit(FLAG_ROLE_SWITCH, &chan->flags))
355 opt |= L2CAP_LM_MASTER;
357 if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags))
358 opt |= L2CAP_LM_RELIABLE;
360 if (put_user(opt, (u32 __user *) optval))
365 if (sk->sk_state != BT_CONNECTED &&
366 !(sk->sk_state == BT_CONNECT2 &&
367 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
372 memset(&cinfo, 0, sizeof(cinfo));
373 cinfo.hci_handle = chan->conn->hcon->handle;
374 memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3);
376 len = min_t(unsigned int, len, sizeof(cinfo));
377 if (copy_to_user(optval, (char *) &cinfo, len))
391 static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname,
392 char __user *optval, int __user *optlen)
394 struct sock *sk = sock->sk;
395 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
396 struct bt_security sec;
402 if (level == SOL_L2CAP)
403 return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
405 if (level != SOL_BLUETOOTH)
408 if (get_user(len, optlen))
415 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
416 chan->chan_type != L2CAP_CHAN_RAW) {
421 memset(&sec, 0, sizeof(sec));
423 sec.level = chan->conn->hcon->sec_level;
425 if (sk->sk_state == BT_CONNECTED)
426 sec.key_size = chan->conn->hcon->enc_key_size;
428 sec.level = chan->sec_level;
431 len = min_t(unsigned int, len, sizeof(sec));
432 if (copy_to_user(optval, (char *) &sec, len))
438 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
443 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
444 (u32 __user *) optval))
450 if (put_user(test_bit(FLAG_FLUSHABLE, &chan->flags),
451 (u32 __user *) optval))
457 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
458 && sk->sk_type != SOCK_RAW) {
463 pwr.force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags);
465 len = min_t(unsigned int, len, sizeof(pwr));
466 if (copy_to_user(optval, (char *) &pwr, len))
471 case BT_CHANNEL_POLICY:
472 if (put_user(chan->chan_policy, (u32 __user *) optval))
485 static bool l2cap_valid_mtu(struct l2cap_chan *chan, u16 mtu)
487 switch (chan->scid) {
489 if (mtu < L2CAP_LE_MIN_MTU)
494 if (mtu < L2CAP_DEFAULT_MIN_MTU)
501 static int l2cap_sock_setsockopt_old(struct socket *sock, int optname,
502 char __user *optval, unsigned int optlen)
504 struct sock *sk = sock->sk;
505 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
506 struct l2cap_options opts;
516 if (sk->sk_state == BT_CONNECTED) {
521 opts.imtu = chan->imtu;
522 opts.omtu = chan->omtu;
523 opts.flush_to = chan->flush_to;
524 opts.mode = chan->mode;
525 opts.fcs = chan->fcs;
526 opts.max_tx = chan->max_tx;
527 opts.txwin_size = chan->tx_win;
529 len = min_t(unsigned int, sizeof(opts), optlen);
530 if (copy_from_user((char *) &opts, optval, len)) {
535 if (opts.txwin_size > L2CAP_DEFAULT_EXT_WINDOW) {
540 if (!l2cap_valid_mtu(chan, opts.imtu)) {
545 chan->mode = opts.mode;
546 switch (chan->mode) {
547 case L2CAP_MODE_BASIC:
548 clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);
550 case L2CAP_MODE_ERTM:
551 case L2CAP_MODE_STREAMING:
560 chan->imtu = opts.imtu;
561 chan->omtu = opts.omtu;
562 chan->fcs = opts.fcs;
563 chan->max_tx = opts.max_tx;
564 chan->tx_win = opts.txwin_size;
565 chan->flush_to = opts.flush_to;
569 if (get_user(opt, (u32 __user *) optval)) {
574 if (opt & L2CAP_LM_AUTH)
575 chan->sec_level = BT_SECURITY_LOW;
576 if (opt & L2CAP_LM_ENCRYPT)
577 chan->sec_level = BT_SECURITY_MEDIUM;
578 if (opt & L2CAP_LM_SECURE)
579 chan->sec_level = BT_SECURITY_HIGH;
581 if (opt & L2CAP_LM_MASTER)
582 set_bit(FLAG_ROLE_SWITCH, &chan->flags);
584 clear_bit(FLAG_ROLE_SWITCH, &chan->flags);
586 if (opt & L2CAP_LM_RELIABLE)
587 set_bit(FLAG_FORCE_RELIABLE, &chan->flags);
589 clear_bit(FLAG_FORCE_RELIABLE, &chan->flags);
601 static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname,
602 char __user *optval, unsigned int optlen)
604 struct sock *sk = sock->sk;
605 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
606 struct bt_security sec;
608 struct l2cap_conn *conn;
614 if (level == SOL_L2CAP)
615 return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
617 if (level != SOL_BLUETOOTH)
624 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
625 chan->chan_type != L2CAP_CHAN_RAW) {
630 sec.level = BT_SECURITY_LOW;
632 len = min_t(unsigned int, sizeof(sec), optlen);
633 if (copy_from_user((char *) &sec, optval, len)) {
638 if (sec.level < BT_SECURITY_LOW ||
639 sec.level > BT_SECURITY_HIGH) {
644 chan->sec_level = sec.level;
651 /*change security for LE channels */
652 if (chan->scid == L2CAP_CID_ATT) {
653 if (!conn->hcon->out) {
658 if (smp_conn_security(conn->hcon, sec.level))
660 sk->sk_state = BT_CONFIG;
661 chan->state = BT_CONFIG;
663 /* or for ACL link */
664 } else if ((sk->sk_state == BT_CONNECT2 &&
665 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) ||
666 sk->sk_state == BT_CONNECTED) {
667 if (!l2cap_chan_check_security(chan))
668 set_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
670 sk->sk_state_change(sk);
677 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
682 if (get_user(opt, (u32 __user *) optval)) {
688 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
689 set_bit(FLAG_DEFER_SETUP, &chan->flags);
691 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
692 clear_bit(FLAG_DEFER_SETUP, &chan->flags);
697 if (get_user(opt, (u32 __user *) optval)) {
702 if (opt > BT_FLUSHABLE_ON) {
707 if (opt == BT_FLUSHABLE_OFF) {
709 /* proceed further only when we have l2cap_conn and
710 No Flush support in the LM */
711 if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) {
718 set_bit(FLAG_FLUSHABLE, &chan->flags);
720 clear_bit(FLAG_FLUSHABLE, &chan->flags);
724 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
725 chan->chan_type != L2CAP_CHAN_RAW) {
730 pwr.force_active = BT_POWER_FORCE_ACTIVE_ON;
732 len = min_t(unsigned int, sizeof(pwr), optlen);
733 if (copy_from_user((char *) &pwr, optval, len)) {
738 if (pwr.force_active)
739 set_bit(FLAG_FORCE_ACTIVE, &chan->flags);
741 clear_bit(FLAG_FORCE_ACTIVE, &chan->flags);
744 case BT_CHANNEL_POLICY:
745 if (get_user(opt, (u32 __user *) optval)) {
750 if (opt > BT_CHANNEL_POLICY_AMP_PREFERRED) {
755 if (chan->mode != L2CAP_MODE_ERTM &&
756 chan->mode != L2CAP_MODE_STREAMING) {
761 chan->chan_policy = (u8) opt;
763 if (sk->sk_state == BT_CONNECTED &&
764 chan->move_role == L2CAP_MOVE_ROLE_NONE)
765 l2cap_move_start(chan);
778 static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
779 struct msghdr *msg, size_t len)
781 struct sock *sk = sock->sk;
782 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
785 BT_DBG("sock %p, sk %p", sock, sk);
787 err = sock_error(sk);
791 if (msg->msg_flags & MSG_OOB)
794 if (sk->sk_state != BT_CONNECTED)
798 err = bt_sock_wait_ready(sk, msg->msg_flags);
803 l2cap_chan_lock(chan);
804 err = l2cap_chan_send(chan, msg, len, sk->sk_priority);
805 l2cap_chan_unlock(chan);
810 static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
811 struct msghdr *msg, size_t len, int flags)
813 struct sock *sk = sock->sk;
814 struct l2cap_pinfo *pi = l2cap_pi(sk);
819 if (sk->sk_state == BT_CONNECT2 && test_bit(BT_SK_DEFER_SETUP,
820 &bt_sk(sk)->flags)) {
821 sk->sk_state = BT_CONFIG;
822 pi->chan->state = BT_CONFIG;
824 __l2cap_connect_rsp_defer(pi->chan);
831 if (sock->type == SOCK_STREAM)
832 err = bt_sock_stream_recvmsg(iocb, sock, msg, len, flags);
834 err = bt_sock_recvmsg(iocb, sock, msg, len, flags);
836 if (pi->chan->mode != L2CAP_MODE_ERTM)
839 /* Attempt to put pending rx data in the socket buffer */
843 if (!test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state))
846 if (pi->rx_busy_skb) {
847 if (!sock_queue_rcv_skb(sk, pi->rx_busy_skb))
848 pi->rx_busy_skb = NULL;
853 /* Restore data flow when half of the receive buffer is
854 * available. This avoids resending large numbers of
857 if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1)
858 l2cap_chan_busy(pi->chan, 0);
865 /* Kill socket (only if zapped and orphan)
866 * Must be called on unlocked socket.
868 static void l2cap_sock_kill(struct sock *sk)
870 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
873 BT_DBG("sk %p state %s", sk, state_to_string(sk->sk_state));
875 /* Kill poor orphan */
877 l2cap_chan_put(l2cap_pi(sk)->chan);
878 sock_set_flag(sk, SOCK_DEAD);
882 static int __l2cap_wait_ack(struct sock *sk)
884 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
885 DECLARE_WAITQUEUE(wait, current);
889 add_wait_queue(sk_sleep(sk), &wait);
890 set_current_state(TASK_INTERRUPTIBLE);
891 while (chan->unacked_frames > 0 && chan->conn) {
895 if (signal_pending(current)) {
896 err = sock_intr_errno(timeo);
901 timeo = schedule_timeout(timeo);
903 set_current_state(TASK_INTERRUPTIBLE);
905 err = sock_error(sk);
909 set_current_state(TASK_RUNNING);
910 remove_wait_queue(sk_sleep(sk), &wait);
914 static int l2cap_sock_shutdown(struct socket *sock, int how)
916 struct sock *sk = sock->sk;
917 struct l2cap_chan *chan;
918 struct l2cap_conn *conn;
921 BT_DBG("sock %p, sk %p", sock, sk);
926 chan = l2cap_pi(sk)->chan;
930 mutex_lock(&conn->chan_lock);
932 l2cap_chan_lock(chan);
935 if (!sk->sk_shutdown) {
936 if (chan->mode == L2CAP_MODE_ERTM)
937 err = __l2cap_wait_ack(sk);
939 sk->sk_shutdown = SHUTDOWN_MASK;
942 l2cap_chan_close(chan, 0);
945 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
946 err = bt_sock_wait_state(sk, BT_CLOSED,
950 if (!err && sk->sk_err)
954 l2cap_chan_unlock(chan);
957 mutex_unlock(&conn->chan_lock);
962 static int l2cap_sock_release(struct socket *sock)
964 struct sock *sk = sock->sk;
967 BT_DBG("sock %p, sk %p", sock, sk);
972 bt_sock_unlink(&l2cap_sk_list, sk);
974 err = l2cap_sock_shutdown(sock, 2);
981 static void l2cap_sock_cleanup_listen(struct sock *parent)
985 BT_DBG("parent %p", parent);
987 /* Close not yet accepted channels */
988 while ((sk = bt_accept_dequeue(parent, NULL))) {
989 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
991 l2cap_chan_lock(chan);
992 __clear_chan_timer(chan);
993 l2cap_chan_close(chan, ECONNRESET);
994 l2cap_chan_unlock(chan);
1000 static struct l2cap_chan *l2cap_sock_new_connection_cb(struct l2cap_chan *chan)
1002 struct sock *sk, *parent = chan->data;
1004 /* Check for backlog size */
1005 if (sk_acceptq_is_full(parent)) {
1006 BT_DBG("backlog full %d", parent->sk_ack_backlog);
1010 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP,
1015 bt_sock_reclassify_lock(sk, BTPROTO_L2CAP);
1017 l2cap_sock_init(sk, parent);
1019 bt_accept_enqueue(parent, sk);
1021 return l2cap_pi(sk)->chan;
1024 static int l2cap_sock_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
1026 struct sock *sk = chan->data;
1031 if (l2cap_pi(sk)->rx_busy_skb) {
1036 err = sock_queue_rcv_skb(sk, skb);
1038 /* For ERTM, handle one skb that doesn't fit into the recv
1039 * buffer. This is important to do because the data frames
1040 * have already been acked, so the skb cannot be discarded.
1042 * Notify the l2cap core that the buffer is full, so the
1043 * LOCAL_BUSY state is entered and no more frames are
1044 * acked and reassembled until there is buffer space
1047 if (err < 0 && chan->mode == L2CAP_MODE_ERTM) {
1048 l2cap_pi(sk)->rx_busy_skb = skb;
1049 l2cap_chan_busy(chan, 1);
1059 static void l2cap_sock_close_cb(struct l2cap_chan *chan)
1061 struct sock *sk = chan->data;
1063 l2cap_sock_kill(sk);
1066 static void l2cap_sock_teardown_cb(struct l2cap_chan *chan, int err)
1068 struct sock *sk = chan->data;
1069 struct sock *parent;
1073 parent = bt_sk(sk)->parent;
1075 sock_set_flag(sk, SOCK_ZAPPED);
1077 switch (chan->state) {
1083 l2cap_sock_cleanup_listen(sk);
1084 sk->sk_state = BT_CLOSED;
1085 chan->state = BT_CLOSED;
1089 sk->sk_state = BT_CLOSED;
1090 chan->state = BT_CLOSED;
1095 bt_accept_unlink(sk);
1096 parent->sk_data_ready(parent, 0);
1098 sk->sk_state_change(sk);
1107 static void l2cap_sock_state_change_cb(struct l2cap_chan *chan, int state,
1110 struct sock *sk = chan->data;
1112 sk->sk_state = state;
1118 static struct sk_buff *l2cap_sock_alloc_skb_cb(struct l2cap_chan *chan,
1119 unsigned long len, int nb)
1121 struct sk_buff *skb;
1124 l2cap_chan_unlock(chan);
1125 skb = bt_skb_send_alloc(chan->sk, len, nb, &err);
1126 l2cap_chan_lock(chan);
1129 return ERR_PTR(err);
1134 static void l2cap_sock_ready_cb(struct l2cap_chan *chan)
1136 struct sock *sk = chan->data;
1137 struct sock *parent;
1141 parent = bt_sk(sk)->parent;
1143 BT_DBG("sk %p, parent %p", sk, parent);
1145 sk->sk_state = BT_CONNECTED;
1146 sk->sk_state_change(sk);
1149 parent->sk_data_ready(parent, 0);
1154 static void l2cap_sock_defer_cb(struct l2cap_chan *chan)
1156 struct sock *sk = chan->data;
1157 struct sock *parent = bt_sk(sk)->parent;
1160 parent->sk_data_ready(parent, 0);
1163 static void l2cap_sock_resume_cb(struct l2cap_chan *chan)
1165 struct sock *sk = chan->data;
1167 clear_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
1168 sk->sk_state_change(sk);
1171 static void l2cap_sock_set_shutdown_cb(struct l2cap_chan *chan)
1173 struct sock *sk = chan->data;
1176 sk->sk_shutdown = SHUTDOWN_MASK;
1180 static long l2cap_sock_get_sndtimeo_cb(struct l2cap_chan *chan)
1182 struct sock *sk = chan->data;
1184 return sk->sk_sndtimeo;
1187 static struct l2cap_ops l2cap_chan_ops = {
1188 .name = "L2CAP Socket Interface",
1189 .new_connection = l2cap_sock_new_connection_cb,
1190 .recv = l2cap_sock_recv_cb,
1191 .close = l2cap_sock_close_cb,
1192 .teardown = l2cap_sock_teardown_cb,
1193 .state_change = l2cap_sock_state_change_cb,
1194 .ready = l2cap_sock_ready_cb,
1195 .defer = l2cap_sock_defer_cb,
1196 .resume = l2cap_sock_resume_cb,
1197 .set_shutdown = l2cap_sock_set_shutdown_cb,
1198 .get_sndtimeo = l2cap_sock_get_sndtimeo_cb,
1199 .alloc_skb = l2cap_sock_alloc_skb_cb,
1202 static void l2cap_sock_destruct(struct sock *sk)
1204 BT_DBG("sk %p", sk);
1206 if (l2cap_pi(sk)->chan)
1207 l2cap_chan_put(l2cap_pi(sk)->chan);
1209 if (l2cap_pi(sk)->rx_busy_skb) {
1210 kfree_skb(l2cap_pi(sk)->rx_busy_skb);
1211 l2cap_pi(sk)->rx_busy_skb = NULL;
1214 skb_queue_purge(&sk->sk_receive_queue);
1215 skb_queue_purge(&sk->sk_write_queue);
1218 static void l2cap_skb_msg_name(struct sk_buff *skb, void *msg_name,
1221 struct sockaddr_l2 *la = (struct sockaddr_l2 *) msg_name;
1223 memset(la, 0, sizeof(struct sockaddr_l2));
1224 la->l2_family = AF_BLUETOOTH;
1225 la->l2_psm = bt_cb(skb)->psm;
1226 bacpy(&la->l2_bdaddr, &bt_cb(skb)->bdaddr);
1228 *msg_namelen = sizeof(struct sockaddr_l2);
1231 static void l2cap_sock_init(struct sock *sk, struct sock *parent)
1233 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
1235 BT_DBG("sk %p", sk);
1238 struct l2cap_chan *pchan = l2cap_pi(parent)->chan;
1240 sk->sk_type = parent->sk_type;
1241 bt_sk(sk)->flags = bt_sk(parent)->flags;
1243 chan->chan_type = pchan->chan_type;
1244 chan->imtu = pchan->imtu;
1245 chan->omtu = pchan->omtu;
1246 chan->conf_state = pchan->conf_state;
1247 chan->mode = pchan->mode;
1248 chan->fcs = pchan->fcs;
1249 chan->max_tx = pchan->max_tx;
1250 chan->tx_win = pchan->tx_win;
1251 chan->tx_win_max = pchan->tx_win_max;
1252 chan->sec_level = pchan->sec_level;
1253 chan->flags = pchan->flags;
1255 security_sk_clone(parent, sk);
1257 switch (sk->sk_type) {
1259 chan->chan_type = L2CAP_CHAN_RAW;
1262 chan->chan_type = L2CAP_CHAN_CONN_LESS;
1263 bt_sk(sk)->skb_msg_name = l2cap_skb_msg_name;
1265 case SOCK_SEQPACKET:
1267 chan->chan_type = L2CAP_CHAN_CONN_ORIENTED;
1271 chan->imtu = L2CAP_DEFAULT_MTU;
1273 if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
1274 chan->mode = L2CAP_MODE_ERTM;
1275 set_bit(CONF_STATE2_DEVICE, &chan->conf_state);
1277 chan->mode = L2CAP_MODE_BASIC;
1280 l2cap_chan_set_defaults(chan);
1283 /* Default config options */
1284 chan->flush_to = L2CAP_DEFAULT_FLUSH_TO;
1287 chan->ops = &l2cap_chan_ops;
1290 static struct proto l2cap_proto = {
1292 .owner = THIS_MODULE,
1293 .obj_size = sizeof(struct l2cap_pinfo)
1296 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock,
1297 int proto, gfp_t prio)
1300 struct l2cap_chan *chan;
1302 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
1306 sock_init_data(sock, sk);
1307 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
1309 sk->sk_destruct = l2cap_sock_destruct;
1310 sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;
1312 sock_reset_flag(sk, SOCK_ZAPPED);
1314 sk->sk_protocol = proto;
1315 sk->sk_state = BT_OPEN;
1317 chan = l2cap_chan_create();
1323 l2cap_chan_hold(chan);
1327 l2cap_pi(sk)->chan = chan;
1332 static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
1337 BT_DBG("sock %p", sock);
1339 sock->state = SS_UNCONNECTED;
1341 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
1342 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
1343 return -ESOCKTNOSUPPORT;
1345 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
1348 sock->ops = &l2cap_sock_ops;
1350 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
1354 l2cap_sock_init(sk, NULL);
1355 bt_sock_link(&l2cap_sk_list, sk);
1359 static const struct proto_ops l2cap_sock_ops = {
1360 .family = PF_BLUETOOTH,
1361 .owner = THIS_MODULE,
1362 .release = l2cap_sock_release,
1363 .bind = l2cap_sock_bind,
1364 .connect = l2cap_sock_connect,
1365 .listen = l2cap_sock_listen,
1366 .accept = l2cap_sock_accept,
1367 .getname = l2cap_sock_getname,
1368 .sendmsg = l2cap_sock_sendmsg,
1369 .recvmsg = l2cap_sock_recvmsg,
1370 .poll = bt_sock_poll,
1371 .ioctl = bt_sock_ioctl,
1372 .mmap = sock_no_mmap,
1373 .socketpair = sock_no_socketpair,
1374 .shutdown = l2cap_sock_shutdown,
1375 .setsockopt = l2cap_sock_setsockopt,
1376 .getsockopt = l2cap_sock_getsockopt
1379 static const struct net_proto_family l2cap_sock_family_ops = {
1380 .family = PF_BLUETOOTH,
1381 .owner = THIS_MODULE,
1382 .create = l2cap_sock_create,
1385 int __init l2cap_init_sockets(void)
1389 err = proto_register(&l2cap_proto, 0);
1393 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
1395 BT_ERR("L2CAP socket registration failed");
1399 err = bt_procfs_init(&init_net, "l2cap", &l2cap_sk_list,
1402 BT_ERR("Failed to create L2CAP proc file");
1403 bt_sock_unregister(BTPROTO_L2CAP);
1407 BT_INFO("L2CAP socket layer initialized");
1412 proto_unregister(&l2cap_proto);
1416 void l2cap_cleanup_sockets(void)
1418 bt_procfs_cleanup(&init_net, "l2cap");
1419 bt_sock_unregister(BTPROTO_L2CAP);
1420 proto_unregister(&l2cap_proto);