search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Linux 2.6.16.46
[linux-2.6/linux-acpi-2.6/ibm-acpi-2.6.git] / net / bluetooth / hci_sock.c
blobed117dbe00d486dbb4c55b849220db4cfe4aeb0a
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23 */
24
25 /* Bluetooth HCI sockets. */
26
27 #include <linux/config.h>
28 #include <linux/module.h>
29
30 #include <linux/types.h>
31 #include <linux/capability.h>
32 #include <linux/errno.h>
33 #include <linux/kernel.h>
34 #include <linux/sched.h>
35 #include <linux/slab.h>
36 #include <linux/poll.h>
37 #include <linux/fcntl.h>
38 #include <linux/init.h>
39 #include <linux/skbuff.h>
40 #include <linux/workqueue.h>
41 #include <linux/interrupt.h>
42 #include <linux/socket.h>
43 #include <linux/ioctl.h>
44 #include <net/sock.h>
45
46 #include <asm/system.h>
47 #include <asm/uaccess.h>
48 #include <asm/unaligned.h>
49
50 #include <net/bluetooth/bluetooth.h>
51 #include <net/bluetooth/hci_core.h>
52
53 #ifndef CONFIG_BT_HCI_SOCK_DEBUG
54 #undef BT_DBG
55 #define BT_DBG(D...)
56 #endif
57
58 /* ----- HCI socket interface ----- */
59
60 static inline int hci_test_bit(int nr, void *addr)
61 {
62 return *((__u32 *) addr + (nr >> 5)) & ((__u32) 1 << (nr & 31));
63 }
64
65 /* Security filter */
66 static struct hci_sec_filter hci_sec_filter = {
67 /* Packet types */
68 0x10,
69 /* Events */
70 { 0x1000d9fe, 0x0000b00c },
71 /* Commands */
72 {
73 { 0x0 },
74 /* OGF_LINK_CTL */
75 { 0xbe000006, 0x00000001, 0x000000, 0x00 },
76 /* OGF_LINK_POLICY */
77 { 0x00005200, 0x00000000, 0x000000, 0x00 },
78 /* OGF_HOST_CTL */
79 { 0xaab00200, 0x2b402aaa, 0x020154, 0x00 },
80 /* OGF_INFO_PARAM */
81 { 0x000002be, 0x00000000, 0x000000, 0x00 },
82 /* OGF_STATUS_PARAM */
83 { 0x000000ea, 0x00000000, 0x000000, 0x00 }
84 }
85 };
86
87 static struct bt_sock_list hci_sk_list = {
88 .lock = RW_LOCK_UNLOCKED
89 };
90
91 /* Send frame to RAW socket */
92 void hci_send_to_sock(struct hci_dev *hdev, struct sk_buff *skb)
93 {
94 struct sock *sk;
95 struct hlist_node *node;
96
97 BT_DBG("hdev %p len %d", hdev, skb->len);
98
99 read_lock(&hci_sk_list.lock);
100 sk_for_each(sk, node, &hci_sk_list.head) {
101 struct hci_filter *flt;
102 struct sk_buff *nskb;
103
104 if (sk->sk_state != BT_BOUND || hci_pi(sk)->hdev != hdev)
105 continue;
106
107 /* Don't send frame to the socket it came from */
108 if (skb->sk == sk)
109 continue;
110
111 /* Apply filter */
112 flt = &hci_pi(sk)->filter;
113
114 if (!test_bit((bt_cb(skb)->pkt_type == HCI_VENDOR_PKT) ?
115 0 : (bt_cb(skb)->pkt_type & HCI_FLT_TYPE_BITS), &flt->type_mask))
116 continue;
117
118 if (bt_cb(skb)->pkt_type == HCI_EVENT_PKT) {
119 register int evt = (*(__u8 *)skb->data & HCI_FLT_EVENT_BITS);
120
121 if (!hci_test_bit(evt, &flt->event_mask))
122 continue;
123
124 if (flt->opcode &&
125 ((evt == HCI_EV_CMD_COMPLETE &&
126 flt->opcode !=
127 get_unaligned((__u16 *)(skb->data + 3))) ||
128 (evt == HCI_EV_CMD_STATUS &&
129 flt->opcode !=
130 get_unaligned((__u16 *)(skb->data + 4)))))
131 continue;
132 }
133
134 if (!(nskb = skb_clone(skb, GFP_ATOMIC)))
135 continue;
136
137 /* Put type byte before the data */
138 memcpy(skb_push(nskb, 1), &bt_cb(nskb)->pkt_type, 1);
139
140 if (sock_queue_rcv_skb(sk, nskb))
141 kfree_skb(nskb);
142 }
143 read_unlock(&hci_sk_list.lock);
144 }
145
146 static int hci_sock_release(struct socket *sock)
147 {
148 struct sock *sk = sock->sk;
149 struct hci_dev *hdev;
150
151 BT_DBG("sock %p sk %p", sock, sk);
152
153 if (!sk)
154 return 0;
155
156 hdev = hci_pi(sk)->hdev;
157
158 bt_sock_unlink(&hci_sk_list, sk);
159
160 if (hdev) {
161 atomic_dec(&hdev->promisc);
162 hci_dev_put(hdev);
163 }
164
165 sock_orphan(sk);
166
167 skb_queue_purge(&sk->sk_receive_queue);
168 skb_queue_purge(&sk->sk_write_queue);
169
170 sock_put(sk);
171 return 0;
172 }
173
174 /* Ioctls that require bound socket */
175 static inline int hci_sock_bound_ioctl(struct sock *sk, unsigned int cmd, unsigned long arg)
176 {
177 struct hci_dev *hdev = hci_pi(sk)->hdev;
178
179 if (!hdev)
180 return -EBADFD;
181
182 switch (cmd) {
183 case HCISETRAW:
184 if (!capable(CAP_NET_ADMIN))
185 return -EACCES;
186
187 if (test_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks))
188 return -EPERM;
189
190 if (arg)
191 set_bit(HCI_RAW, &hdev->flags);
192 else
193 clear_bit(HCI_RAW, &hdev->flags);
194
195 return 0;
196
197 case HCISETSECMGR:
198 if (!capable(CAP_NET_ADMIN))
199 return -EACCES;
200
201 if (arg)
202 set_bit(HCI_SECMGR, &hdev->flags);
203 else
204 clear_bit(HCI_SECMGR, &hdev->flags);
205
206 return 0;
207
208 case HCIGETCONNINFO:
209 return hci_get_conn_info(hdev, (void __user *)arg);
210
211 default:
212 if (hdev->ioctl)
213 return hdev->ioctl(hdev, cmd, arg);
214 return -EINVAL;
215 }
216 }
217
218 static int hci_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
219 {
220 struct sock *sk = sock->sk;
221 void __user *argp = (void __user *)arg;
222 int err;
223
224 BT_DBG("cmd %x arg %lx", cmd, arg);
225
226 switch (cmd) {
227 case HCIGETDEVLIST:
228 return hci_get_dev_list(argp);
229
230 case HCIGETDEVINFO:
231 return hci_get_dev_info(argp);
232
233 case HCIGETCONNLIST:
234 return hci_get_conn_list(argp);
235
236 case HCIDEVUP:
237 if (!capable(CAP_NET_ADMIN))
238 return -EACCES;
239 return hci_dev_open(arg);
240
241 case HCIDEVDOWN:
242 if (!capable(CAP_NET_ADMIN))
243 return -EACCES;
244 return hci_dev_close(arg);
245
246 case HCIDEVRESET:
247 if (!capable(CAP_NET_ADMIN))
248 return -EACCES;
249 return hci_dev_reset(arg);
250
251 case HCIDEVRESTAT:
252 if (!capable(CAP_NET_ADMIN))
253 return -EACCES;
254 return hci_dev_reset_stat(arg);
255
256 case HCISETSCAN:
257 case HCISETAUTH:
258 case HCISETENCRYPT:
259 case HCISETPTYPE:
260 case HCISETLINKPOL:
261 case HCISETLINKMODE:
262 case HCISETACLMTU:
263 case HCISETSCOMTU:
264 if (!capable(CAP_NET_ADMIN))
265 return -EACCES;
266 return hci_dev_cmd(cmd, argp);
267
268 case HCIINQUIRY:
269 return hci_inquiry(argp);
270
271 default:
272 lock_sock(sk);
273 err = hci_sock_bound_ioctl(sk, cmd, arg);
274 release_sock(sk);
275 return err;
276 }
277 }
278
279 static int hci_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
280 {
281 struct sockaddr_hci *haddr = (struct sockaddr_hci *) addr;
282 struct sock *sk = sock->sk;
283 struct hci_dev *hdev = NULL;
284 int err = 0;
285
286 BT_DBG("sock %p sk %p", sock, sk);
287
288 if (!haddr || haddr->hci_family != AF_BLUETOOTH)
289 return -EINVAL;
290
291 lock_sock(sk);
292
293 if (hci_pi(sk)->hdev) {
294 err = -EALREADY;
295 goto done;
296 }
297
298 if (haddr->hci_dev != HCI_DEV_NONE) {
299 if (!(hdev = hci_dev_get(haddr->hci_dev))) {
300 err = -ENODEV;
301 goto done;
302 }
303
304 atomic_inc(&hdev->promisc);
305 }
306
307 hci_pi(sk)->hdev = hdev;
308 sk->sk_state = BT_BOUND;
309
310 done:
311 release_sock(sk);
312 return err;
313 }
314
315 static int hci_sock_getname(struct socket *sock, struct sockaddr *addr, int *addr_len, int peer)
316 {
317 struct sockaddr_hci *haddr = (struct sockaddr_hci *) addr;
318 struct sock *sk = sock->sk;
319 struct hci_dev *hdev = hci_pi(sk)->hdev;
320
321 BT_DBG("sock %p sk %p", sock, sk);
322
323 if (!hdev)
324 return -EBADFD;
325
326 lock_sock(sk);
327
328 *addr_len = sizeof(*haddr);
329 haddr->hci_family = AF_BLUETOOTH;
330 haddr->hci_dev = hdev->id;
331
332 release_sock(sk);
333 return 0;
334 }
335
336 static inline void hci_sock_cmsg(struct sock *sk, struct msghdr *msg, struct sk_buff *skb)
337 {
338 __u32 mask = hci_pi(sk)->cmsg_mask;
339
340 if (mask & HCI_CMSG_DIR) {
341 int incoming = bt_cb(skb)->incoming;
342 put_cmsg(msg, SOL_HCI, HCI_CMSG_DIR, sizeof(incoming), &incoming);
343 }
344
345 if (mask & HCI_CMSG_TSTAMP) {
346 struct timeval tv;
347
348 skb_get_timestamp(skb, &tv);
349 put_cmsg(msg, SOL_HCI, HCI_CMSG_TSTAMP, sizeof(tv), &tv);
350 }
351 }
352
353 static int hci_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
354 struct msghdr *msg, size_t len, int flags)
355 {
356 int noblock = flags & MSG_DONTWAIT;
357 struct sock *sk = sock->sk;
358 struct sk_buff *skb;
359 int copied, err;
360
361 BT_DBG("sock %p, sk %p", sock, sk);
362
363 if (flags & (MSG_OOB))
364 return -EOPNOTSUPP;
365
366 if (sk->sk_state == BT_CLOSED)
367 return 0;
368
369 if (!(skb = skb_recv_datagram(sk, flags, noblock, &err)))
370 return err;
371
372 msg->msg_namelen = 0;
373
374 copied = skb->len;
375 if (len < copied) {
376 msg->msg_flags |= MSG_TRUNC;
377 copied = len;
378 }
379
380 skb->h.raw = skb->data;
381 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
382
383 hci_sock_cmsg(sk, msg, skb);
384
385 skb_free_datagram(sk, skb);
386
387 return err ? : copied;
388 }
389
390 static int hci_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
391 struct msghdr *msg, size_t len)
392 {
393 struct sock *sk = sock->sk;
394 struct hci_dev *hdev;
395 struct sk_buff *skb;
396 int err;
397
398 BT_DBG("sock %p sk %p", sock, sk);
399
400 if (msg->msg_flags & MSG_OOB)
401 return -EOPNOTSUPP;
402
403 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_NOSIGNAL|MSG_ERRQUEUE))
404 return -EINVAL;
405
406 if (len < 4 || len > HCI_MAX_FRAME_SIZE)
407 return -EINVAL;
408
409 lock_sock(sk);
410
411 if (!(hdev = hci_pi(sk)->hdev)) {
412 err = -EBADFD;
413 goto done;
414 }
415
416 if (!(skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err)))
417 goto done;
418
419 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) {
420 err = -EFAULT;
421 goto drop;
422 }
423
424 bt_cb(skb)->pkt_type = *((unsigned char *) skb->data);
425 skb_pull(skb, 1);
426 skb->dev = (void *) hdev;
427
428 if (bt_cb(skb)->pkt_type == HCI_COMMAND_PKT) {
429 u16 opcode = __le16_to_cpu(get_unaligned((__le16 *) skb->data));
430 u16 ogf = hci_opcode_ogf(opcode);
431 u16 ocf = hci_opcode_ocf(opcode);
432
433 if (((ogf > HCI_SFLT_MAX_OGF) ||
434 !hci_test_bit(ocf & HCI_FLT_OCF_BITS, &hci_sec_filter.ocf_mask[ogf])) &&
435 !capable(CAP_NET_RAW)) {
436 err = -EPERM;
437 goto drop;
438 }
439
440 if (test_bit(HCI_RAW, &hdev->flags) || (ogf == OGF_VENDOR_CMD)) {
441 skb_queue_tail(&hdev->raw_q, skb);
442 hci_sched_tx(hdev);
443 } else {
444 skb_queue_tail(&hdev->cmd_q, skb);
445 hci_sched_cmd(hdev);
446 }
447 } else {
448 if (!capable(CAP_NET_RAW)) {
449 err = -EPERM;
450 goto drop;
451 }
452
453 skb_queue_tail(&hdev->raw_q, skb);
454 hci_sched_tx(hdev);
455 }
456
457 err = len;
458
459 done:
460 release_sock(sk);
461 return err;
462
463 drop:
464 kfree_skb(skb);
465 goto done;
466 }
467
468 static int hci_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int len)
469 {
470 struct hci_ufilter uf = { .opcode = 0 };
471 struct sock *sk = sock->sk;
472 int err = 0, opt = 0;
473
474 BT_DBG("sk %p, opt %d", sk, optname);
475
476 lock_sock(sk);
477
478 switch (optname) {
479 case HCI_DATA_DIR:
480 if (get_user(opt, (int __user *)optval)) {
481 err = -EFAULT;
482 break;
483 }
484
485 if (opt)
486 hci_pi(sk)->cmsg_mask |= HCI_CMSG_DIR;
487 else
488 hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_DIR;
489 break;
490
491 case HCI_TIME_STAMP:
492 if (get_user(opt, (int __user *)optval)) {
493 err = -EFAULT;
494 break;
495 }
496
497 if (opt)
498 hci_pi(sk)->cmsg_mask |= HCI_CMSG_TSTAMP;
499 else
500 hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_TSTAMP;
501 break;
502
503 case HCI_FILTER:
504 len = min_t(unsigned int, len, sizeof(uf));
505 if (copy_from_user(&uf, optval, len)) {
506 err = -EFAULT;
507 break;
508 }
509
510 if (!capable(CAP_NET_RAW)) {
511 uf.type_mask &= hci_sec_filter.type_mask;
512 uf.event_mask[0] &= *((u32 *) hci_sec_filter.event_mask + 0);
513 uf.event_mask[1] &= *((u32 *) hci_sec_filter.event_mask + 1);
514 }
515
516 {
517 struct hci_filter *f = &hci_pi(sk)->filter;
518
519 f->type_mask = uf.type_mask;
520 f->opcode = uf.opcode;
521 *((u32 *) f->event_mask + 0) = uf.event_mask[0];
522 *((u32 *) f->event_mask + 1) = uf.event_mask[1];
523 }
524 break;
525
526 default:
527 err = -ENOPROTOOPT;
528 break;
529 }
530
531 release_sock(sk);
532 return err;
533 }
534
535 static int hci_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
536 {
537 struct hci_ufilter uf;
538 struct sock *sk = sock->sk;
539 int len, opt;
540
541 if (get_user(len, optlen))
542 return -EFAULT;
543
544 switch (optname) {
545 case HCI_DATA_DIR:
546 if (hci_pi(sk)->cmsg_mask & HCI_CMSG_DIR)
547 opt = 1;
548 else
549 opt = 0;
550
551 if (put_user(opt, optval))
552 return -EFAULT;
553 break;
554
555 case HCI_TIME_STAMP:
556 if (hci_pi(sk)->cmsg_mask & HCI_CMSG_TSTAMP)
557 opt = 1;
558 else
559 opt = 0;
560
561 if (put_user(opt, optval))
562 return -EFAULT;
563 break;
564
565 case HCI_FILTER:
566 {
567 struct hci_filter *f = &hci_pi(sk)->filter;
568
569 uf.type_mask = f->type_mask;
570 uf.opcode = f->opcode;
571 uf.event_mask[0] = *((u32 *) f->event_mask + 0);
572 uf.event_mask[1] = *((u32 *) f->event_mask + 1);
573 }
574
575 len = min_t(unsigned int, len, sizeof(uf));
576 if (copy_to_user(optval, &uf, len))
577 return -EFAULT;
578 break;
579
580 default:
581 return -ENOPROTOOPT;
582 break;
583 }
584
585 return 0;
586 }
587
588 static const struct proto_ops hci_sock_ops = {
589 .family = PF_BLUETOOTH,
590 .owner = THIS_MODULE,
591 .release = hci_sock_release,
592 .bind = hci_sock_bind,
593 .getname = hci_sock_getname,
594 .sendmsg = hci_sock_sendmsg,
595 .recvmsg = hci_sock_recvmsg,
596 .ioctl = hci_sock_ioctl,
597 .poll = datagram_poll,
598 .listen = sock_no_listen,
599 .shutdown = sock_no_shutdown,
600 .setsockopt = hci_sock_setsockopt,
601 .getsockopt = hci_sock_getsockopt,
602 .connect = sock_no_connect,
603 .socketpair = sock_no_socketpair,
604 .accept = sock_no_accept,
605 .mmap = sock_no_mmap
606 };
607
608 static struct proto hci_sk_proto = {
609 .name = "HCI",
610 .owner = THIS_MODULE,
611 .obj_size = sizeof(struct hci_pinfo)
612 };
613
614 static int hci_sock_create(struct socket *sock, int protocol)
615 {
616 struct sock *sk;
617
618 BT_DBG("sock %p", sock);
619
620 if (sock->type != SOCK_RAW)
621 return -ESOCKTNOSUPPORT;
622
623 sock->ops = &hci_sock_ops;
624
625 sk = sk_alloc(PF_BLUETOOTH, GFP_ATOMIC, &hci_sk_proto, 1);
626 if (!sk)
627 return -ENOMEM;
628
629 sock_init_data(sock, sk);
630
631 sock_reset_flag(sk, SOCK_ZAPPED);
632
633 sk->sk_protocol = protocol;
634
635 sock->state = SS_UNCONNECTED;
636 sk->sk_state = BT_OPEN;
637
638 bt_sock_link(&hci_sk_list, sk);
639 return 0;
640 }
641
642 static int hci_sock_dev_event(struct notifier_block *this, unsigned long event, void *ptr)
643 {
644 struct hci_dev *hdev = (struct hci_dev *) ptr;
645 struct hci_ev_si_device ev;
646
647 BT_DBG("hdev %s event %ld", hdev->name, event);
648
649 /* Send event to sockets */
650 ev.event = event;
651 ev.dev_id = hdev->id;
652 hci_si_event(NULL, HCI_EV_SI_DEVICE, sizeof(ev), &ev);
653
654 if (event == HCI_DEV_UNREG) {
655 struct sock *sk;
656 struct hlist_node *node;
657
658 /* Detach sockets from device */
659 read_lock(&hci_sk_list.lock);
660 sk_for_each(sk, node, &hci_sk_list.head) {
661 bh_lock_sock(sk);
662 if (hci_pi(sk)->hdev == hdev) {
663 hci_pi(sk)->hdev = NULL;
664 sk->sk_err = EPIPE;
665 sk->sk_state = BT_OPEN;
666 sk->sk_state_change(sk);
667
668 hci_dev_put(hdev);
669 }
670 bh_unlock_sock(sk);
671 }
672 read_unlock(&hci_sk_list.lock);
673 }
674
675 return NOTIFY_DONE;
676 }
677
678 static struct net_proto_family hci_sock_family_ops = {
679 .family = PF_BLUETOOTH,
680 .owner = THIS_MODULE,
681 .create = hci_sock_create,
682 };
683
684 static struct notifier_block hci_sock_nblock = {
685 .notifier_call = hci_sock_dev_event
686 };
687
688 int __init hci_sock_init(void)
689 {
690 int err;
691
692 err = proto_register(&hci_sk_proto, 0);
693 if (err < 0)
694 return err;
695
696 err = bt_sock_register(BTPROTO_HCI, &hci_sock_family_ops);
697 if (err < 0)
698 goto error;
699
700 hci_register_notifier(&hci_sock_nblock);
701
702 BT_INFO("HCI socket layer initialized");
703
704 return 0;
705
706 error:
707 BT_ERR("HCI socket registration failed");
708 proto_unregister(&hci_sk_proto);
709 return err;
710 }
711
712 int __exit hci_sock_cleanup(void)
713 {
714 if (bt_sock_unregister(BTPROTO_HCI) < 0)
715 BT_ERR("HCI socket unregistration failed");
716
717 hci_unregister_notifier(&hci_sock_nblock);
718
719 proto_unregister(&hci_sk_proto);
720
721 return 0;
722 }
Linux 2.6 ibm-acpi/thinkpad-acpi driver git tree