2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth SCO sockets. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/sched.h>
33 #include <linux/slab.h>
34 #include <linux/poll.h>
35 #include <linux/fcntl.h>
36 #include <linux/init.h>
37 #include <linux/interrupt.h>
38 #include <linux/socket.h>
39 #include <linux/skbuff.h>
40 #include <linux/device.h>
41 #include <linux/debugfs.h>
42 #include <linux/seq_file.h>
43 #include <linux/list.h>
44 #include <linux/security.h>
47 #include <linux/uaccess.h>
49 #include <net/bluetooth/bluetooth.h>
50 #include <net/bluetooth/hci_core.h>
51 #include <net/bluetooth/sco.h>
53 static bool disable_esco;
55 static const struct proto_ops sco_sock_ops;
57 static struct bt_sock_list sco_sk_list = {
58 .lock = __RW_LOCK_UNLOCKED(sco_sk_list.lock)
61 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent);
62 static void sco_chan_del(struct sock *sk, int err);
64 static void sco_sock_close(struct sock *sk);
65 static void sco_sock_kill(struct sock *sk);
67 /* ---- SCO timers ---- */
68 static void sco_sock_timeout(unsigned long arg)
70 struct sock *sk = (struct sock *) arg;
72 BT_DBG("sock %p state %d", sk, sk->sk_state);
75 sk->sk_err = ETIMEDOUT;
76 sk->sk_state_change(sk);
83 static void sco_sock_set_timer(struct sock *sk, long timeout)
85 BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout);
86 sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout);
89 static void sco_sock_clear_timer(struct sock *sk)
91 BT_DBG("sock %p state %d", sk, sk->sk_state);
92 sk_stop_timer(sk, &sk->sk_timer);
95 /* ---- SCO connections ---- */
96 static struct sco_conn *sco_conn_add(struct hci_conn *hcon)
98 struct hci_dev *hdev = hcon->hdev;
99 struct sco_conn *conn = hcon->sco_data;
104 conn = kzalloc(sizeof(struct sco_conn), GFP_ATOMIC);
108 spin_lock_init(&conn->lock);
110 hcon->sco_data = conn;
113 conn->src = &hdev->bdaddr;
114 conn->dst = &hcon->dst;
116 if (hdev->sco_mtu > 0)
117 conn->mtu = hdev->sco_mtu;
121 BT_DBG("hcon %p conn %p", hcon, conn);
126 static inline struct sock *sco_chan_get(struct sco_conn *conn)
128 struct sock *sk = NULL;
131 sco_conn_unlock(conn);
135 static int sco_conn_del(struct hci_conn *hcon, int err)
137 struct sco_conn *conn = hcon->sco_data;
143 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err);
146 sk = sco_chan_get(conn);
149 sco_sock_clear_timer(sk);
150 sco_chan_del(sk, err);
155 hcon->sco_data = NULL;
160 static inline int sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent)
168 __sco_chan_add(conn, sk, parent);
170 sco_conn_unlock(conn);
174 static int sco_connect(struct sock *sk)
176 bdaddr_t *src = &bt_sk(sk)->src;
177 bdaddr_t *dst = &bt_sk(sk)->dst;
178 struct sco_conn *conn;
179 struct hci_conn *hcon;
180 struct hci_dev *hdev;
183 BT_DBG("%s -> %s", batostr(src), batostr(dst));
185 hdev = hci_get_route(dst, src);
187 return -EHOSTUNREACH;
191 if (lmp_esco_capable(hdev) && !disable_esco)
196 hcon = hci_connect(hdev, type, dst, BDADDR_BREDR, BT_SECURITY_LOW,
203 conn = sco_conn_add(hcon);
210 /* Update source addr of the socket */
211 bacpy(src, conn->src);
213 err = sco_chan_add(conn, sk, NULL);
217 if (hcon->state == BT_CONNECTED) {
218 sco_sock_clear_timer(sk);
219 sk->sk_state = BT_CONNECTED;
221 sk->sk_state = BT_CONNECT;
222 sco_sock_set_timer(sk, sk->sk_sndtimeo);
226 hci_dev_unlock(hdev);
231 static inline int sco_send_frame(struct sock *sk, struct msghdr *msg, int len)
233 struct sco_conn *conn = sco_pi(sk)->conn;
237 /* Check outgoing MTU */
241 BT_DBG("sk %p len %d", sk, len);
243 skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err);
247 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) {
252 hci_send_sco(conn->hcon, skb);
257 static inline void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb)
259 struct sock *sk = sco_chan_get(conn);
264 BT_DBG("sk %p len %d", sk, skb->len);
266 if (sk->sk_state != BT_CONNECTED)
269 if (!sock_queue_rcv_skb(sk, skb))
276 /* -------- Socket interface ---------- */
277 static struct sock *__sco_get_sock_listen_by_addr(bdaddr_t *ba)
279 struct hlist_node *node;
282 sk_for_each(sk, node, &sco_sk_list.head) {
283 if (sk->sk_state != BT_LISTEN)
286 if (!bacmp(&bt_sk(sk)->src, ba))
293 /* Find socket listening on source bdaddr.
294 * Returns closest match.
296 static struct sock *sco_get_sock_listen(bdaddr_t *src)
298 struct sock *sk = NULL, *sk1 = NULL;
299 struct hlist_node *node;
301 read_lock(&sco_sk_list.lock);
303 sk_for_each(sk, node, &sco_sk_list.head) {
304 if (sk->sk_state != BT_LISTEN)
308 if (!bacmp(&bt_sk(sk)->src, src))
312 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
316 read_unlock(&sco_sk_list.lock);
318 return node ? sk : sk1;
321 static void sco_sock_destruct(struct sock *sk)
325 skb_queue_purge(&sk->sk_receive_queue);
326 skb_queue_purge(&sk->sk_write_queue);
329 static void sco_sock_cleanup_listen(struct sock *parent)
333 BT_DBG("parent %p", parent);
335 /* Close not yet accepted channels */
336 while ((sk = bt_accept_dequeue(parent, NULL))) {
341 parent->sk_state = BT_CLOSED;
342 sock_set_flag(parent, SOCK_ZAPPED);
345 /* Kill socket (only if zapped and orphan)
346 * Must be called on unlocked socket.
348 static void sco_sock_kill(struct sock *sk)
350 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
353 BT_DBG("sk %p state %d", sk, sk->sk_state);
355 /* Kill poor orphan */
356 bt_sock_unlink(&sco_sk_list, sk);
357 sock_set_flag(sk, SOCK_DEAD);
361 static void __sco_sock_close(struct sock *sk)
363 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
365 switch (sk->sk_state) {
367 sco_sock_cleanup_listen(sk);
372 if (sco_pi(sk)->conn) {
373 sk->sk_state = BT_DISCONN;
374 sco_sock_set_timer(sk, SCO_DISCONN_TIMEOUT);
375 hci_conn_put(sco_pi(sk)->conn->hcon);
376 sco_pi(sk)->conn->hcon = NULL;
378 sco_chan_del(sk, ECONNRESET);
383 sco_chan_del(sk, ECONNRESET);
387 sock_set_flag(sk, SOCK_ZAPPED);
392 /* Must be called on unlocked socket. */
393 static void sco_sock_close(struct sock *sk)
395 sco_sock_clear_timer(sk);
397 __sco_sock_close(sk);
402 static void sco_sock_init(struct sock *sk, struct sock *parent)
407 sk->sk_type = parent->sk_type;
408 security_sk_clone(parent, sk);
412 static struct proto sco_proto = {
414 .owner = THIS_MODULE,
415 .obj_size = sizeof(struct sco_pinfo)
418 static struct sock *sco_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
422 sk = sk_alloc(net, PF_BLUETOOTH, prio, &sco_proto);
426 sock_init_data(sock, sk);
427 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
429 sk->sk_destruct = sco_sock_destruct;
430 sk->sk_sndtimeo = SCO_CONN_TIMEOUT;
432 sock_reset_flag(sk, SOCK_ZAPPED);
434 sk->sk_protocol = proto;
435 sk->sk_state = BT_OPEN;
437 setup_timer(&sk->sk_timer, sco_sock_timeout, (unsigned long)sk);
439 bt_sock_link(&sco_sk_list, sk);
443 static int sco_sock_create(struct net *net, struct socket *sock, int protocol,
448 BT_DBG("sock %p", sock);
450 sock->state = SS_UNCONNECTED;
452 if (sock->type != SOCK_SEQPACKET)
453 return -ESOCKTNOSUPPORT;
455 sock->ops = &sco_sock_ops;
457 sk = sco_sock_alloc(net, sock, protocol, GFP_ATOMIC);
461 sco_sock_init(sk, NULL);
465 static int sco_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
467 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
468 struct sock *sk = sock->sk;
471 BT_DBG("sk %p %s", sk, batostr(&sa->sco_bdaddr));
473 if (!addr || addr->sa_family != AF_BLUETOOTH)
478 if (sk->sk_state != BT_OPEN) {
483 if (sk->sk_type != SOCK_SEQPACKET) {
488 bacpy(&bt_sk(sk)->src, &sa->sco_bdaddr);
490 sk->sk_state = BT_BOUND;
497 static int sco_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
499 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
500 struct sock *sk = sock->sk;
506 if (alen < sizeof(struct sockaddr_sco) ||
507 addr->sa_family != AF_BLUETOOTH)
510 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND)
513 if (sk->sk_type != SOCK_SEQPACKET)
518 /* Set destination address and psm */
519 bacpy(&bt_sk(sk)->dst, &sa->sco_bdaddr);
521 err = sco_connect(sk);
525 err = bt_sock_wait_state(sk, BT_CONNECTED,
526 sock_sndtimeo(sk, flags & O_NONBLOCK));
533 static int sco_sock_listen(struct socket *sock, int backlog)
535 struct sock *sk = sock->sk;
536 bdaddr_t *src = &bt_sk(sk)->src;
539 BT_DBG("sk %p backlog %d", sk, backlog);
543 if (sk->sk_state != BT_BOUND) {
548 if (sk->sk_type != SOCK_SEQPACKET) {
553 write_lock(&sco_sk_list.lock);
555 if (__sco_get_sock_listen_by_addr(src)) {
560 sk->sk_max_ack_backlog = backlog;
561 sk->sk_ack_backlog = 0;
563 sk->sk_state = BT_LISTEN;
566 write_unlock(&sco_sk_list.lock);
573 static int sco_sock_accept(struct socket *sock, struct socket *newsock, int flags)
575 DECLARE_WAITQUEUE(wait, current);
576 struct sock *sk = sock->sk, *ch;
582 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
584 BT_DBG("sk %p timeo %ld", sk, timeo);
586 /* Wait for an incoming connection. (wake-one). */
587 add_wait_queue_exclusive(sk_sleep(sk), &wait);
589 set_current_state(TASK_INTERRUPTIBLE);
591 if (sk->sk_state != BT_LISTEN) {
596 ch = bt_accept_dequeue(sk, newsock);
605 if (signal_pending(current)) {
606 err = sock_intr_errno(timeo);
611 timeo = schedule_timeout(timeo);
614 __set_current_state(TASK_RUNNING);
615 remove_wait_queue(sk_sleep(sk), &wait);
620 newsock->state = SS_CONNECTED;
622 BT_DBG("new socket %p", ch);
629 static int sco_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
631 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
632 struct sock *sk = sock->sk;
634 BT_DBG("sock %p, sk %p", sock, sk);
636 addr->sa_family = AF_BLUETOOTH;
637 *len = sizeof(struct sockaddr_sco);
640 bacpy(&sa->sco_bdaddr, &bt_sk(sk)->dst);
642 bacpy(&sa->sco_bdaddr, &bt_sk(sk)->src);
647 static int sco_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
648 struct msghdr *msg, size_t len)
650 struct sock *sk = sock->sk;
653 BT_DBG("sock %p, sk %p", sock, sk);
655 err = sock_error(sk);
659 if (msg->msg_flags & MSG_OOB)
664 if (sk->sk_state == BT_CONNECTED)
665 err = sco_send_frame(sk, msg, len);
673 static int sco_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
675 struct sock *sk = sock->sk;
692 static int sco_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
694 struct sock *sk = sock->sk;
695 struct sco_options opts;
696 struct sco_conninfo cinfo;
701 if (get_user(len, optlen))
708 if (sk->sk_state != BT_CONNECTED) {
713 opts.mtu = sco_pi(sk)->conn->mtu;
715 BT_DBG("mtu %d", opts.mtu);
717 len = min_t(unsigned int, len, sizeof(opts));
718 if (copy_to_user(optval, (char *)&opts, len))
724 if (sk->sk_state != BT_CONNECTED) {
729 memset(&cinfo, 0, sizeof(cinfo));
730 cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle;
731 memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3);
733 len = min_t(unsigned int, len, sizeof(cinfo));
734 if (copy_to_user(optval, (char *)&cinfo, len))
748 static int sco_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
750 struct sock *sk = sock->sk;
755 if (level == SOL_SCO)
756 return sco_sock_getsockopt_old(sock, optname, optval, optlen);
758 if (get_user(len, optlen))
773 static int sco_sock_shutdown(struct socket *sock, int how)
775 struct sock *sk = sock->sk;
778 BT_DBG("sock %p, sk %p", sock, sk);
784 if (!sk->sk_shutdown) {
785 sk->sk_shutdown = SHUTDOWN_MASK;
786 sco_sock_clear_timer(sk);
787 __sco_sock_close(sk);
789 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
790 err = bt_sock_wait_state(sk, BT_CLOSED,
797 static int sco_sock_release(struct socket *sock)
799 struct sock *sk = sock->sk;
802 BT_DBG("sock %p, sk %p", sock, sk);
809 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) {
811 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
820 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent)
822 BT_DBG("conn %p", conn);
824 sco_pi(sk)->conn = conn;
828 bt_accept_enqueue(parent, sk);
832 * Must be called on the locked socket. */
833 static void sco_chan_del(struct sock *sk, int err)
835 struct sco_conn *conn;
837 conn = sco_pi(sk)->conn;
839 BT_DBG("sk %p, conn %p, err %d", sk, conn, err);
844 sco_pi(sk)->conn = NULL;
845 sco_conn_unlock(conn);
848 hci_conn_put(conn->hcon);
851 sk->sk_state = BT_CLOSED;
853 sk->sk_state_change(sk);
855 sock_set_flag(sk, SOCK_ZAPPED);
858 static void sco_conn_ready(struct sco_conn *conn)
861 struct sock *sk = conn->sk;
863 BT_DBG("conn %p", conn);
868 sco_sock_clear_timer(sk);
870 sk->sk_state = BT_CONNECTED;
871 sk->sk_state_change(sk);
874 parent = sco_get_sock_listen(conn->src);
878 bh_lock_sock(parent);
880 sk = sco_sock_alloc(sock_net(parent), NULL,
881 BTPROTO_SCO, GFP_ATOMIC);
883 bh_unlock_sock(parent);
887 sco_sock_init(sk, parent);
889 bacpy(&bt_sk(sk)->src, conn->src);
890 bacpy(&bt_sk(sk)->dst, conn->dst);
892 hci_conn_hold(conn->hcon);
893 __sco_chan_add(conn, sk, parent);
895 sk->sk_state = BT_CONNECTED;
898 parent->sk_data_ready(parent, 1);
900 bh_unlock_sock(parent);
904 sco_conn_unlock(conn);
907 /* ----- SCO interface with lower layer (HCI) ----- */
908 int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr)
910 register struct sock *sk;
911 struct hlist_node *node;
914 BT_DBG("hdev %s, bdaddr %s", hdev->name, batostr(bdaddr));
916 /* Find listening sockets */
917 read_lock(&sco_sk_list.lock);
918 sk_for_each(sk, node, &sco_sk_list.head) {
919 if (sk->sk_state != BT_LISTEN)
922 if (!bacmp(&bt_sk(sk)->src, &hdev->bdaddr) ||
923 !bacmp(&bt_sk(sk)->src, BDADDR_ANY)) {
928 read_unlock(&sco_sk_list.lock);
933 int sco_connect_cfm(struct hci_conn *hcon, __u8 status)
935 BT_DBG("hcon %p bdaddr %s status %d", hcon, batostr(&hcon->dst), status);
937 struct sco_conn *conn;
939 conn = sco_conn_add(hcon);
941 sco_conn_ready(conn);
943 sco_conn_del(hcon, bt_to_errno(status));
948 int sco_disconn_cfm(struct hci_conn *hcon, __u8 reason)
950 BT_DBG("hcon %p reason %d", hcon, reason);
952 sco_conn_del(hcon, bt_to_errno(reason));
956 int sco_recv_scodata(struct hci_conn *hcon, struct sk_buff *skb)
958 struct sco_conn *conn = hcon->sco_data;
963 BT_DBG("conn %p len %d", conn, skb->len);
966 sco_recv_frame(conn, skb);
975 static int sco_debugfs_show(struct seq_file *f, void *p)
978 struct hlist_node *node;
980 read_lock(&sco_sk_list.lock);
982 sk_for_each(sk, node, &sco_sk_list.head) {
983 seq_printf(f, "%s %s %d\n", batostr(&bt_sk(sk)->src),
984 batostr(&bt_sk(sk)->dst), sk->sk_state);
987 read_unlock(&sco_sk_list.lock);
992 static int sco_debugfs_open(struct inode *inode, struct file *file)
994 return single_open(file, sco_debugfs_show, inode->i_private);
997 static const struct file_operations sco_debugfs_fops = {
998 .open = sco_debugfs_open,
1000 .llseek = seq_lseek,
1001 .release = single_release,
1004 static struct dentry *sco_debugfs;
1006 static const struct proto_ops sco_sock_ops = {
1007 .family = PF_BLUETOOTH,
1008 .owner = THIS_MODULE,
1009 .release = sco_sock_release,
1010 .bind = sco_sock_bind,
1011 .connect = sco_sock_connect,
1012 .listen = sco_sock_listen,
1013 .accept = sco_sock_accept,
1014 .getname = sco_sock_getname,
1015 .sendmsg = sco_sock_sendmsg,
1016 .recvmsg = bt_sock_recvmsg,
1017 .poll = bt_sock_poll,
1018 .ioctl = bt_sock_ioctl,
1019 .mmap = sock_no_mmap,
1020 .socketpair = sock_no_socketpair,
1021 .shutdown = sco_sock_shutdown,
1022 .setsockopt = sco_sock_setsockopt,
1023 .getsockopt = sco_sock_getsockopt
1026 static const struct net_proto_family sco_sock_family_ops = {
1027 .family = PF_BLUETOOTH,
1028 .owner = THIS_MODULE,
1029 .create = sco_sock_create,
1032 int __init sco_init(void)
1036 err = proto_register(&sco_proto, 0);
1040 err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops);
1042 BT_ERR("SCO socket registration failed");
1047 sco_debugfs = debugfs_create_file("sco", 0444,
1048 bt_debugfs, NULL, &sco_debugfs_fops);
1050 BT_ERR("Failed to create SCO debug file");
1053 BT_INFO("SCO socket layer initialized");
1058 proto_unregister(&sco_proto);
1062 void __exit sco_exit(void)
1064 debugfs_remove(sco_debugfs);
1066 if (bt_sock_unregister(BTPROTO_SCO) < 0)
1067 BT_ERR("SCO socket unregistration failed");
1069 proto_unregister(&sco_proto);
1072 module_param(disable_esco, bool, 0644);
1073 MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation");