search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
iwlwifi: fix pointer signedness warning
[linux-2.6/linux-acpi-2.6/ibm-acpi-2.6.git] / net / bluetooth / rfcomm / sock.c
blob4b5968dda6736bab575a4ac2a6200dbff400d7b3
1 /*
2 RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
9
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
22 */
23
24 /*
25 * RFCOMM sockets.
26 */
27
28 #include <linux/module.h>
29
30 #include <linux/types.h>
31 #include <linux/errno.h>
32 #include <linux/kernel.h>
33 #include <linux/sched.h>
34 #include <linux/slab.h>
35 #include <linux/poll.h>
36 #include <linux/fcntl.h>
37 #include <linux/init.h>
38 #include <linux/interrupt.h>
39 #include <linux/socket.h>
40 #include <linux/skbuff.h>
41 #include <linux/list.h>
42 #include <linux/device.h>
43 #include <net/sock.h>
44
45 #include <asm/system.h>
46 #include <asm/uaccess.h>
47
48 #include <net/bluetooth/bluetooth.h>
49 #include <net/bluetooth/hci_core.h>
50 #include <net/bluetooth/l2cap.h>
51 #include <net/bluetooth/rfcomm.h>
52
53 static const struct proto_ops rfcomm_sock_ops;
54
55 static struct bt_sock_list rfcomm_sk_list = {
56 .lock = __RW_LOCK_UNLOCKED(rfcomm_sk_list.lock)
57 };
58
59 static void rfcomm_sock_close(struct sock *sk);
60 static void rfcomm_sock_kill(struct sock *sk);
61
62 /* ---- DLC callbacks ----
63 *
64 * called under rfcomm_dlc_lock()
65 */
66 static void rfcomm_sk_data_ready(struct rfcomm_dlc *d, struct sk_buff *skb)
67 {
68 struct sock *sk = d->owner;
69 if (!sk)
70 return;
71
72 atomic_add(skb->len, &sk->sk_rmem_alloc);
73 skb_queue_tail(&sk->sk_receive_queue, skb);
74 sk->sk_data_ready(sk, skb->len);
75
76 if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf)
77 rfcomm_dlc_throttle(d);
78 }
79
80 static void rfcomm_sk_state_change(struct rfcomm_dlc *d, int err)
81 {
82 struct sock *sk = d->owner, *parent;
83 if (!sk)
84 return;
85
86 BT_DBG("dlc %p state %ld err %d", d, d->state, err);
87
88 bh_lock_sock(sk);
89
90 if (err)
91 sk->sk_err = err;
92
93 sk->sk_state = d->state;
94
95 parent = bt_sk(sk)->parent;
96 if (parent) {
97 if (d->state == BT_CLOSED) {
98 sock_set_flag(sk, SOCK_ZAPPED);
99 bt_accept_unlink(sk);
100 }
101 parent->sk_data_ready(parent, 0);
102 } else {
103 if (d->state == BT_CONNECTED)
104 rfcomm_session_getaddr(d->session, &bt_sk(sk)->src, NULL);
105 sk->sk_state_change(sk);
106 }
107
108 bh_unlock_sock(sk);
109
110 if (parent && sock_flag(sk, SOCK_ZAPPED)) {
111 /* We have to drop DLC lock here, otherwise
112 * rfcomm_sock_destruct() will dead lock. */
113 rfcomm_dlc_unlock(d);
114 rfcomm_sock_kill(sk);
115 rfcomm_dlc_lock(d);
116 }
117 }
118
119 /* ---- Socket functions ---- */
120 static struct sock *__rfcomm_get_sock_by_addr(u8 channel, bdaddr_t *src)
121 {
122 struct sock *sk = NULL;
123 struct hlist_node *node;
124
125 sk_for_each(sk, node, &rfcomm_sk_list.head) {
126 if (rfcomm_pi(sk)->channel == channel &&
127 !bacmp(&bt_sk(sk)->src, src))
128 break;
129 }
130
131 return node ? sk : NULL;
132 }
133
134 /* Find socket with channel and source bdaddr.
135 * Returns closest match.
136 */
137 static struct sock *__rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src)
138 {
139 struct sock *sk = NULL, *sk1 = NULL;
140 struct hlist_node *node;
141
142 sk_for_each(sk, node, &rfcomm_sk_list.head) {
143 if (state && sk->sk_state != state)
144 continue;
145
146 if (rfcomm_pi(sk)->channel == channel) {
147 /* Exact match. */
148 if (!bacmp(&bt_sk(sk)->src, src))
149 break;
150
151 /* Closest match */
152 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
153 sk1 = sk;
154 }
155 }
156 return node ? sk : sk1;
157 }
158
159 /* Find socket with given address (channel, src).
160 * Returns locked socket */
161 static inline struct sock *rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src)
162 {
163 struct sock *s;
164 read_lock(&rfcomm_sk_list.lock);
165 s = __rfcomm_get_sock_by_channel(state, channel, src);
166 if (s) bh_lock_sock(s);
167 read_unlock(&rfcomm_sk_list.lock);
168 return s;
169 }
170
171 static void rfcomm_sock_destruct(struct sock *sk)
172 {
173 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
174
175 BT_DBG("sk %p dlc %p", sk, d);
176
177 skb_queue_purge(&sk->sk_receive_queue);
178 skb_queue_purge(&sk->sk_write_queue);
179
180 rfcomm_dlc_lock(d);
181 rfcomm_pi(sk)->dlc = NULL;
182
183 /* Detach DLC if it's owned by this socket */
184 if (d->owner == sk)
185 d->owner = NULL;
186 rfcomm_dlc_unlock(d);
187
188 rfcomm_dlc_put(d);
189 }
190
191 static void rfcomm_sock_cleanup_listen(struct sock *parent)
192 {
193 struct sock *sk;
194
195 BT_DBG("parent %p", parent);
196
197 /* Close not yet accepted dlcs */
198 while ((sk = bt_accept_dequeue(parent, NULL))) {
199 rfcomm_sock_close(sk);
200 rfcomm_sock_kill(sk);
201 }
202
203 parent->sk_state = BT_CLOSED;
204 sock_set_flag(parent, SOCK_ZAPPED);
205 }
206
207 /* Kill socket (only if zapped and orphan)
208 * Must be called on unlocked socket.
209 */
210 static void rfcomm_sock_kill(struct sock *sk)
211 {
212 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
213 return;
214
215 BT_DBG("sk %p state %d refcnt %d", sk, sk->sk_state, atomic_read(&sk->sk_refcnt));
216
217 /* Kill poor orphan */
218 bt_sock_unlink(&rfcomm_sk_list, sk);
219 sock_set_flag(sk, SOCK_DEAD);
220 sock_put(sk);
221 }
222
223 static void __rfcomm_sock_close(struct sock *sk)
224 {
225 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
226
227 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
228
229 switch (sk->sk_state) {
230 case BT_LISTEN:
231 rfcomm_sock_cleanup_listen(sk);
232 break;
233
234 case BT_CONNECT:
235 case BT_CONNECT2:
236 case BT_CONFIG:
237 case BT_CONNECTED:
238 rfcomm_dlc_close(d, 0);
239
240 default:
241 sock_set_flag(sk, SOCK_ZAPPED);
242 break;
243 }
244 }
245
246 /* Close socket.
247 * Must be called on unlocked socket.
248 */
249 static void rfcomm_sock_close(struct sock *sk)
250 {
251 lock_sock(sk);
252 __rfcomm_sock_close(sk);
253 release_sock(sk);
254 }
255
256 static void rfcomm_sock_init(struct sock *sk, struct sock *parent)
257 {
258 struct rfcomm_pinfo *pi = rfcomm_pi(sk);
259
260 BT_DBG("sk %p", sk);
261
262 if (parent) {
263 sk->sk_type = parent->sk_type;
264 pi->dlc->defer_setup = bt_sk(parent)->defer_setup;
265
266 pi->sec_level = rfcomm_pi(parent)->sec_level;
267 pi->role_switch = rfcomm_pi(parent)->role_switch;
268 } else {
269 pi->dlc->defer_setup = 0;
270
271 pi->sec_level = BT_SECURITY_LOW;
272 pi->role_switch = 0;
273 }
274
275 pi->dlc->sec_level = pi->sec_level;
276 pi->dlc->role_switch = pi->role_switch;
277 }
278
279 static struct proto rfcomm_proto = {
280 .name = "RFCOMM",
281 .owner = THIS_MODULE,
282 .obj_size = sizeof(struct rfcomm_pinfo)
283 };
284
285 static struct sock *rfcomm_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
286 {
287 struct rfcomm_dlc *d;
288 struct sock *sk;
289
290 sk = sk_alloc(net, PF_BLUETOOTH, prio, &rfcomm_proto);
291 if (!sk)
292 return NULL;
293
294 sock_init_data(sock, sk);
295 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
296
297 d = rfcomm_dlc_alloc(prio);
298 if (!d) {
299 sk_free(sk);
300 return NULL;
301 }
302
303 d->data_ready = rfcomm_sk_data_ready;
304 d->state_change = rfcomm_sk_state_change;
305
306 rfcomm_pi(sk)->dlc = d;
307 d->owner = sk;
308
309 sk->sk_destruct = rfcomm_sock_destruct;
310 sk->sk_sndtimeo = RFCOMM_CONN_TIMEOUT;
311
312 sk->sk_sndbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10;
313 sk->sk_rcvbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10;
314
315 sock_reset_flag(sk, SOCK_ZAPPED);
316
317 sk->sk_protocol = proto;
318 sk->sk_state = BT_OPEN;
319
320 bt_sock_link(&rfcomm_sk_list, sk);
321
322 BT_DBG("sk %p", sk);
323 return sk;
324 }
325
326 static int rfcomm_sock_create(struct net *net, struct socket *sock,
327 int protocol, int kern)
328 {
329 struct sock *sk;
330
331 BT_DBG("sock %p", sock);
332
333 sock->state = SS_UNCONNECTED;
334
335 if (sock->type != SOCK_STREAM && sock->type != SOCK_RAW)
336 return -ESOCKTNOSUPPORT;
337
338 sock->ops = &rfcomm_sock_ops;
339
340 sk = rfcomm_sock_alloc(net, sock, protocol, GFP_ATOMIC);
341 if (!sk)
342 return -ENOMEM;
343
344 rfcomm_sock_init(sk, NULL);
345 return 0;
346 }
347
348 static int rfcomm_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
349 {
350 struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
351 struct sock *sk = sock->sk;
352 int err = 0;
353
354 BT_DBG("sk %p %s", sk, batostr(&sa->rc_bdaddr));
355
356 if (!addr || addr->sa_family != AF_BLUETOOTH)
357 return -EINVAL;
358
359 lock_sock(sk);
360
361 if (sk->sk_state != BT_OPEN) {
362 err = -EBADFD;
363 goto done;
364 }
365
366 if (sk->sk_type != SOCK_STREAM) {
367 err = -EINVAL;
368 goto done;
369 }
370
371 write_lock_bh(&rfcomm_sk_list.lock);
372
373 if (sa->rc_channel && __rfcomm_get_sock_by_addr(sa->rc_channel, &sa->rc_bdaddr)) {
374 err = -EADDRINUSE;
375 } else {
376 /* Save source address */
377 bacpy(&bt_sk(sk)->src, &sa->rc_bdaddr);
378 rfcomm_pi(sk)->channel = sa->rc_channel;
379 sk->sk_state = BT_BOUND;
380 }
381
382 write_unlock_bh(&rfcomm_sk_list.lock);
383
384 done:
385 release_sock(sk);
386 return err;
387 }
388
389 static int rfcomm_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
390 {
391 struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
392 struct sock *sk = sock->sk;
393 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
394 int err = 0;
395
396 BT_DBG("sk %p", sk);
397
398 if (addr->sa_family != AF_BLUETOOTH || alen < sizeof(struct sockaddr_rc))
399 return -EINVAL;
400
401 lock_sock(sk);
402
403 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) {
404 err = -EBADFD;
405 goto done;
406 }
407
408 if (sk->sk_type != SOCK_STREAM) {
409 err = -EINVAL;
410 goto done;
411 }
412
413 sk->sk_state = BT_CONNECT;
414 bacpy(&bt_sk(sk)->dst, &sa->rc_bdaddr);
415 rfcomm_pi(sk)->channel = sa->rc_channel;
416
417 d->sec_level = rfcomm_pi(sk)->sec_level;
418 d->role_switch = rfcomm_pi(sk)->role_switch;
419
420 err = rfcomm_dlc_open(d, &bt_sk(sk)->src, &sa->rc_bdaddr, sa->rc_channel);
421 if (!err)
422 err = bt_sock_wait_state(sk, BT_CONNECTED,
423 sock_sndtimeo(sk, flags & O_NONBLOCK));
424
425 done:
426 release_sock(sk);
427 return err;
428 }
429
430 static int rfcomm_sock_listen(struct socket *sock, int backlog)
431 {
432 struct sock *sk = sock->sk;
433 int err = 0;
434
435 BT_DBG("sk %p backlog %d", sk, backlog);
436
437 lock_sock(sk);
438
439 if (sk->sk_state != BT_BOUND) {
440 err = -EBADFD;
441 goto done;
442 }
443
444 if (sk->sk_type != SOCK_STREAM) {
445 err = -EINVAL;
446 goto done;
447 }
448
449 if (!rfcomm_pi(sk)->channel) {
450 bdaddr_t *src = &bt_sk(sk)->src;
451 u8 channel;
452
453 err = -EINVAL;
454
455 write_lock_bh(&rfcomm_sk_list.lock);
456
457 for (channel = 1; channel < 31; channel++)
458 if (!__rfcomm_get_sock_by_addr(channel, src)) {
459 rfcomm_pi(sk)->channel = channel;
460 err = 0;
461 break;
462 }
463
464 write_unlock_bh(&rfcomm_sk_list.lock);
465
466 if (err < 0)
467 goto done;
468 }
469
470 sk->sk_max_ack_backlog = backlog;
471 sk->sk_ack_backlog = 0;
472 sk->sk_state = BT_LISTEN;
473
474 done:
475 release_sock(sk);
476 return err;
477 }
478
479 static int rfcomm_sock_accept(struct socket *sock, struct socket *newsock, int flags)
480 {
481 DECLARE_WAITQUEUE(wait, current);
482 struct sock *sk = sock->sk, *nsk;
483 long timeo;
484 int err = 0;
485
486 lock_sock(sk);
487
488 if (sk->sk_state != BT_LISTEN) {
489 err = -EBADFD;
490 goto done;
491 }
492
493 if (sk->sk_type != SOCK_STREAM) {
494 err = -EINVAL;
495 goto done;
496 }
497
498 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
499
500 BT_DBG("sk %p timeo %ld", sk, timeo);
501
502 /* Wait for an incoming connection. (wake-one). */
503 add_wait_queue_exclusive(sk->sk_sleep, &wait);
504 while (!(nsk = bt_accept_dequeue(sk, newsock))) {
505 set_current_state(TASK_INTERRUPTIBLE);
506 if (!timeo) {
507 err = -EAGAIN;
508 break;
509 }
510
511 release_sock(sk);
512 timeo = schedule_timeout(timeo);
513 lock_sock(sk);
514
515 if (sk->sk_state != BT_LISTEN) {
516 err = -EBADFD;
517 break;
518 }
519
520 if (signal_pending(current)) {
521 err = sock_intr_errno(timeo);
522 break;
523 }
524 }
525 set_current_state(TASK_RUNNING);
526 remove_wait_queue(sk->sk_sleep, &wait);
527
528 if (err)
529 goto done;
530
531 newsock->state = SS_CONNECTED;
532
533 BT_DBG("new socket %p", nsk);
534
535 done:
536 release_sock(sk);
537 return err;
538 }
539
540 static int rfcomm_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
541 {
542 struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
543 struct sock *sk = sock->sk;
544
545 BT_DBG("sock %p, sk %p", sock, sk);
546
547 sa->rc_family = AF_BLUETOOTH;
548 sa->rc_channel = rfcomm_pi(sk)->channel;
549 if (peer)
550 bacpy(&sa->rc_bdaddr, &bt_sk(sk)->dst);
551 else
552 bacpy(&sa->rc_bdaddr, &bt_sk(sk)->src);
553
554 *len = sizeof(struct sockaddr_rc);
555 return 0;
556 }
557
558 static int rfcomm_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
559 struct msghdr *msg, size_t len)
560 {
561 struct sock *sk = sock->sk;
562 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
563 struct sk_buff *skb;
564 int sent = 0;
565
566 if (test_bit(RFCOMM_DEFER_SETUP, &d->flags))
567 return -ENOTCONN;
568
569 if (msg->msg_flags & MSG_OOB)
570 return -EOPNOTSUPP;
571
572 if (sk->sk_shutdown & SEND_SHUTDOWN)
573 return -EPIPE;
574
575 BT_DBG("sock %p, sk %p", sock, sk);
576
577 lock_sock(sk);
578
579 while (len) {
580 size_t size = min_t(size_t, len, d->mtu);
581 int err;
582
583 skb = sock_alloc_send_skb(sk, size + RFCOMM_SKB_RESERVE,
584 msg->msg_flags & MSG_DONTWAIT, &err);
585 if (!skb) {
586 if (sent == 0)
587 sent = err;
588 break;
589 }
590 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
591
592 err = memcpy_fromiovec(skb_put(skb, size), msg->msg_iov, size);
593 if (err) {
594 kfree_skb(skb);
595 if (sent == 0)
596 sent = err;
597 break;
598 }
599
600 err = rfcomm_dlc_send(d, skb);
601 if (err < 0) {
602 kfree_skb(skb);
603 if (sent == 0)
604 sent = err;
605 break;
606 }
607
608 sent += size;
609 len -= size;
610 }
611
612 release_sock(sk);
613
614 return sent;
615 }
616
617 static long rfcomm_sock_data_wait(struct sock *sk, long timeo)
618 {
619 DECLARE_WAITQUEUE(wait, current);
620
621 add_wait_queue(sk->sk_sleep, &wait);
622 for (;;) {
623 set_current_state(TASK_INTERRUPTIBLE);
624
625 if (!skb_queue_empty(&sk->sk_receive_queue) ||
626 sk->sk_err ||
627 (sk->sk_shutdown & RCV_SHUTDOWN) ||
628 signal_pending(current) ||
629 !timeo)
630 break;
631
632 set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
633 release_sock(sk);
634 timeo = schedule_timeout(timeo);
635 lock_sock(sk);
636 clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
637 }
638
639 __set_current_state(TASK_RUNNING);
640 remove_wait_queue(sk->sk_sleep, &wait);
641 return timeo;
642 }
643
644 static int rfcomm_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
645 struct msghdr *msg, size_t size, int flags)
646 {
647 struct sock *sk = sock->sk;
648 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
649 int err = 0;
650 size_t target, copied = 0;
651 long timeo;
652
653 if (test_and_clear_bit(RFCOMM_DEFER_SETUP, &d->flags)) {
654 rfcomm_dlc_accept(d);
655 return 0;
656 }
657
658 if (flags & MSG_OOB)
659 return -EOPNOTSUPP;
660
661 msg->msg_namelen = 0;
662
663 BT_DBG("sk %p size %zu", sk, size);
664
665 lock_sock(sk);
666
667 target = sock_rcvlowat(sk, flags & MSG_WAITALL, size);
668 timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
669
670 do {
671 struct sk_buff *skb;
672 int chunk;
673
674 skb = skb_dequeue(&sk->sk_receive_queue);
675 if (!skb) {
676 if (copied >= target)
677 break;
678
679 if ((err = sock_error(sk)) != 0)
680 break;
681 if (sk->sk_shutdown & RCV_SHUTDOWN)
682 break;
683
684 err = -EAGAIN;
685 if (!timeo)
686 break;
687
688 timeo = rfcomm_sock_data_wait(sk, timeo);
689
690 if (signal_pending(current)) {
691 err = sock_intr_errno(timeo);
692 goto out;
693 }
694 continue;
695 }
696
697 chunk = min_t(unsigned int, skb->len, size);
698 if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) {
699 skb_queue_head(&sk->sk_receive_queue, skb);
700 if (!copied)
701 copied = -EFAULT;
702 break;
703 }
704 copied += chunk;
705 size -= chunk;
706
707 sock_recv_ts_and_drops(msg, sk, skb);
708
709 if (!(flags & MSG_PEEK)) {
710 atomic_sub(chunk, &sk->sk_rmem_alloc);
711
712 skb_pull(skb, chunk);
713 if (skb->len) {
714 skb_queue_head(&sk->sk_receive_queue, skb);
715 break;
716 }
717 kfree_skb(skb);
718
719 } else {
720 /* put message back and return */
721 skb_queue_head(&sk->sk_receive_queue, skb);
722 break;
723 }
724 } while (size);
725
726 out:
727 if (atomic_read(&sk->sk_rmem_alloc) <= (sk->sk_rcvbuf >> 2))
728 rfcomm_dlc_unthrottle(rfcomm_pi(sk)->dlc);
729
730 release_sock(sk);
731 return copied ? : err;
732 }
733
734 static int rfcomm_sock_setsockopt_old(struct socket *sock, int optname, char __user *optval, unsigned int optlen)
735 {
736 struct sock *sk = sock->sk;
737 int err = 0;
738 u32 opt;
739
740 BT_DBG("sk %p", sk);
741
742 lock_sock(sk);
743
744 switch (optname) {
745 case RFCOMM_LM:
746 if (get_user(opt, (u32 __user *) optval)) {
747 err = -EFAULT;
748 break;
749 }
750
751 if (opt & RFCOMM_LM_AUTH)
752 rfcomm_pi(sk)->sec_level = BT_SECURITY_LOW;
753 if (opt & RFCOMM_LM_ENCRYPT)
754 rfcomm_pi(sk)->sec_level = BT_SECURITY_MEDIUM;
755 if (opt & RFCOMM_LM_SECURE)
756 rfcomm_pi(sk)->sec_level = BT_SECURITY_HIGH;
757
758 rfcomm_pi(sk)->role_switch = (opt & RFCOMM_LM_MASTER);
759 break;
760
761 default:
762 err = -ENOPROTOOPT;
763 break;
764 }
765
766 release_sock(sk);
767 return err;
768 }
769
770 static int rfcomm_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
771 {
772 struct sock *sk = sock->sk;
773 struct bt_security sec;
774 int len, err = 0;
775 u32 opt;
776
777 BT_DBG("sk %p", sk);
778
779 if (level == SOL_RFCOMM)
780 return rfcomm_sock_setsockopt_old(sock, optname, optval, optlen);
781
782 if (level != SOL_BLUETOOTH)
783 return -ENOPROTOOPT;
784
785 lock_sock(sk);
786
787 switch (optname) {
788 case BT_SECURITY:
789 if (sk->sk_type != SOCK_STREAM) {
790 err = -EINVAL;
791 break;
792 }
793
794 sec.level = BT_SECURITY_LOW;
795
796 len = min_t(unsigned int, sizeof(sec), optlen);
797 if (copy_from_user((char *) &sec, optval, len)) {
798 err = -EFAULT;
799 break;
800 }
801
802 if (sec.level > BT_SECURITY_HIGH) {
803 err = -EINVAL;
804 break;
805 }
806
807 rfcomm_pi(sk)->sec_level = sec.level;
808 break;
809
810 case BT_DEFER_SETUP:
811 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
812 err = -EINVAL;
813 break;
814 }
815
816 if (get_user(opt, (u32 __user *) optval)) {
817 err = -EFAULT;
818 break;
819 }
820
821 bt_sk(sk)->defer_setup = opt;
822 break;
823
824 default:
825 err = -ENOPROTOOPT;
826 break;
827 }
828
829 release_sock(sk);
830 return err;
831 }
832
833 static int rfcomm_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
834 {
835 struct sock *sk = sock->sk;
836 struct sock *l2cap_sk;
837 struct rfcomm_conninfo cinfo;
838 int len, err = 0;
839 u32 opt;
840
841 BT_DBG("sk %p", sk);
842
843 if (get_user(len, optlen))
844 return -EFAULT;
845
846 lock_sock(sk);
847
848 switch (optname) {
849 case RFCOMM_LM:
850 switch (rfcomm_pi(sk)->sec_level) {
851 case BT_SECURITY_LOW:
852 opt = RFCOMM_LM_AUTH;
853 break;
854 case BT_SECURITY_MEDIUM:
855 opt = RFCOMM_LM_AUTH | RFCOMM_LM_ENCRYPT;
856 break;
857 case BT_SECURITY_HIGH:
858 opt = RFCOMM_LM_AUTH | RFCOMM_LM_ENCRYPT |
859 RFCOMM_LM_SECURE;
860 break;
861 default:
862 opt = 0;
863 break;
864 }
865
866 if (rfcomm_pi(sk)->role_switch)
867 opt |= RFCOMM_LM_MASTER;
868
869 if (put_user(opt, (u32 __user *) optval))
870 err = -EFAULT;
871 break;
872
873 case RFCOMM_CONNINFO:
874 if (sk->sk_state != BT_CONNECTED &&
875 !rfcomm_pi(sk)->dlc->defer_setup) {
876 err = -ENOTCONN;
877 break;
878 }
879
880 l2cap_sk = rfcomm_pi(sk)->dlc->session->sock->sk;
881
882 cinfo.hci_handle = l2cap_pi(l2cap_sk)->conn->hcon->handle;
883 memcpy(cinfo.dev_class, l2cap_pi(l2cap_sk)->conn->hcon->dev_class, 3);
884
885 len = min_t(unsigned int, len, sizeof(cinfo));
886 if (copy_to_user(optval, (char *) &cinfo, len))
887 err = -EFAULT;
888
889 break;
890
891 default:
892 err = -ENOPROTOOPT;
893 break;
894 }
895
896 release_sock(sk);
897 return err;
898 }
899
900 static int rfcomm_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
901 {
902 struct sock *sk = sock->sk;
903 struct bt_security sec;
904 int len, err = 0;
905
906 BT_DBG("sk %p", sk);
907
908 if (level == SOL_RFCOMM)
909 return rfcomm_sock_getsockopt_old(sock, optname, optval, optlen);
910
911 if (level != SOL_BLUETOOTH)
912 return -ENOPROTOOPT;
913
914 if (get_user(len, optlen))
915 return -EFAULT;
916
917 lock_sock(sk);
918
919 switch (optname) {
920 case BT_SECURITY:
921 if (sk->sk_type != SOCK_STREAM) {
922 err = -EINVAL;
923 break;
924 }
925
926 sec.level = rfcomm_pi(sk)->sec_level;
927
928 len = min_t(unsigned int, len, sizeof(sec));
929 if (copy_to_user(optval, (char *) &sec, len))
930 err = -EFAULT;
931
932 break;
933
934 case BT_DEFER_SETUP:
935 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
936 err = -EINVAL;
937 break;
938 }
939
940 if (put_user(bt_sk(sk)->defer_setup, (u32 __user *) optval))
941 err = -EFAULT;
942
943 break;
944
945 default:
946 err = -ENOPROTOOPT;
947 break;
948 }
949
950 release_sock(sk);
951 return err;
952 }
953
954 static int rfcomm_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
955 {
956 struct sock *sk __maybe_unused = sock->sk;
957 int err;
958
959 BT_DBG("sk %p cmd %x arg %lx", sk, cmd, arg);
960
961 err = bt_sock_ioctl(sock, cmd, arg);
962
963 if (err == -ENOIOCTLCMD) {
964 #ifdef CONFIG_BT_RFCOMM_TTY
965 lock_sock(sk);
966 err = rfcomm_dev_ioctl(sk, cmd, (void __user *) arg);
967 release_sock(sk);
968 #else
969 err = -EOPNOTSUPP;
970 #endif
971 }
972
973 return err;
974 }
975
976 static int rfcomm_sock_shutdown(struct socket *sock, int how)
977 {
978 struct sock *sk = sock->sk;
979 int err = 0;
980
981 BT_DBG("sock %p, sk %p", sock, sk);
982
983 if (!sk) return 0;
984
985 lock_sock(sk);
986 if (!sk->sk_shutdown) {
987 sk->sk_shutdown = SHUTDOWN_MASK;
988 __rfcomm_sock_close(sk);
989
990 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
991 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
992 }
993 release_sock(sk);
994 return err;
995 }
996
997 static int rfcomm_sock_release(struct socket *sock)
998 {
999 struct sock *sk = sock->sk;
1000 int err;
1001
1002 BT_DBG("sock %p, sk %p", sock, sk);
1003
1004 if (!sk)
1005 return 0;
1006
1007 err = rfcomm_sock_shutdown(sock, 2);
1008
1009 sock_orphan(sk);
1010 rfcomm_sock_kill(sk);
1011 return err;
1012 }
1013
1014 /* ---- RFCOMM core layer callbacks ----
1015 *
1016 * called under rfcomm_lock()
1017 */
1018 int rfcomm_connect_ind(struct rfcomm_session *s, u8 channel, struct rfcomm_dlc **d)
1019 {
1020 struct sock *sk, *parent;
1021 bdaddr_t src, dst;
1022 int result = 0;
1023
1024 BT_DBG("session %p channel %d", s, channel);
1025
1026 rfcomm_session_getaddr(s, &src, &dst);
1027
1028 /* Check if we have socket listening on channel */
1029 parent = rfcomm_get_sock_by_channel(BT_LISTEN, channel, &src);
1030 if (!parent)
1031 return 0;
1032
1033 /* Check for backlog size */
1034 if (sk_acceptq_is_full(parent)) {
1035 BT_DBG("backlog full %d", parent->sk_ack_backlog);
1036 goto done;
1037 }
1038
1039 sk = rfcomm_sock_alloc(sock_net(parent), NULL, BTPROTO_RFCOMM, GFP_ATOMIC);
1040 if (!sk)
1041 goto done;
1042
1043 rfcomm_sock_init(sk, parent);
1044 bacpy(&bt_sk(sk)->src, &src);
1045 bacpy(&bt_sk(sk)->dst, &dst);
1046 rfcomm_pi(sk)->channel = channel;
1047
1048 sk->sk_state = BT_CONFIG;
1049 bt_accept_enqueue(parent, sk);
1050
1051 /* Accept connection and return socket DLC */
1052 *d = rfcomm_pi(sk)->dlc;
1053 result = 1;
1054
1055 done:
1056 bh_unlock_sock(parent);
1057
1058 if (bt_sk(parent)->defer_setup)
1059 parent->sk_state_change(parent);
1060
1061 return result;
1062 }
1063
1064 static ssize_t rfcomm_sock_sysfs_show(struct class *dev, char *buf)
1065 {
1066 struct sock *sk;
1067 struct hlist_node *node;
1068 char *str = buf;
1069
1070 read_lock_bh(&rfcomm_sk_list.lock);
1071
1072 sk_for_each(sk, node, &rfcomm_sk_list.head) {
1073 str += sprintf(str, "%s %s %d %d\n",
1074 batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst),
1075 sk->sk_state, rfcomm_pi(sk)->channel);
1076 }
1077
1078 read_unlock_bh(&rfcomm_sk_list.lock);
1079
1080 return (str - buf);
1081 }
1082
1083 static CLASS_ATTR(rfcomm, S_IRUGO, rfcomm_sock_sysfs_show, NULL);
1084
1085 static const struct proto_ops rfcomm_sock_ops = {
1086 .family = PF_BLUETOOTH,
1087 .owner = THIS_MODULE,
1088 .release = rfcomm_sock_release,
1089 .bind = rfcomm_sock_bind,
1090 .connect = rfcomm_sock_connect,
1091 .listen = rfcomm_sock_listen,
1092 .accept = rfcomm_sock_accept,
1093 .getname = rfcomm_sock_getname,
1094 .sendmsg = rfcomm_sock_sendmsg,
1095 .recvmsg = rfcomm_sock_recvmsg,
1096 .shutdown = rfcomm_sock_shutdown,
1097 .setsockopt = rfcomm_sock_setsockopt,
1098 .getsockopt = rfcomm_sock_getsockopt,
1099 .ioctl = rfcomm_sock_ioctl,
1100 .poll = bt_sock_poll,
1101 .socketpair = sock_no_socketpair,
1102 .mmap = sock_no_mmap
1103 };
1104
1105 static const struct net_proto_family rfcomm_sock_family_ops = {
1106 .family = PF_BLUETOOTH,
1107 .owner = THIS_MODULE,
1108 .create = rfcomm_sock_create
1109 };
1110
1111 int __init rfcomm_init_sockets(void)
1112 {
1113 int err;
1114
1115 err = proto_register(&rfcomm_proto, 0);
1116 if (err < 0)
1117 return err;
1118
1119 err = bt_sock_register(BTPROTO_RFCOMM, &rfcomm_sock_family_ops);
1120 if (err < 0)
1121 goto error;
1122
1123 if (class_create_file(bt_class, &class_attr_rfcomm) < 0)
1124 BT_ERR("Failed to create RFCOMM info file");
1125
1126 BT_INFO("RFCOMM socket layer initialized");
1127
1128 return 0;
1129
1130 error:
1131 BT_ERR("RFCOMM socket layer registration failed");
1132 proto_unregister(&rfcomm_proto);
1133 return err;
1134 }
1135
1136 void rfcomm_cleanup_sockets(void)
1137 {
1138 class_remove_file(bt_class, &class_attr_rfcomm);
1139
1140 if (bt_sock_unregister(BTPROTO_RFCOMM) < 0)
1141 BT_ERR("RFCOMM socket layer unregistration failed");
1142
1143 proto_unregister(&rfcomm_proto);
1144 }
Linux 2.6 ibm-acpi/thinkpad-acpi driver git tree