2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
6 Copyright (C) 2011 ProFUSION Embedded Systems
8 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License version 2 as
12 published by the Free Software Foundation;
14 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
17 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
18 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
19 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
23 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
24 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
25 SOFTWARE IS DISCLAIMED.
28 /* Bluetooth L2CAP sockets. */
30 #include <linux/export.h>
32 #include <net/bluetooth/bluetooth.h>
33 #include <net/bluetooth/hci_core.h>
34 #include <net/bluetooth/l2cap.h>
35 #include <net/bluetooth/smp.h>
37 static const struct proto_ops l2cap_sock_ops
;
38 static void l2cap_sock_init(struct sock
*sk
, struct sock
*parent
);
39 static struct sock
*l2cap_sock_alloc(struct net
*net
, struct socket
*sock
, int proto
, gfp_t prio
);
41 static int l2cap_sock_bind(struct socket
*sock
, struct sockaddr
*addr
, int alen
)
43 struct sock
*sk
= sock
->sk
;
44 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
45 struct sockaddr_l2 la
;
50 if (!addr
|| addr
->sa_family
!= AF_BLUETOOTH
)
53 memset(&la
, 0, sizeof(la
));
54 len
= min_t(unsigned int, sizeof(la
), alen
);
55 memcpy(&la
, addr
, len
);
57 if (la
.l2_cid
&& la
.l2_psm
)
62 if (sk
->sk_state
!= BT_OPEN
) {
68 __u16 psm
= __le16_to_cpu(la
.l2_psm
);
70 /* PSM must be odd and lsb of upper byte must be 0 */
71 if ((psm
& 0x0101) != 0x0001) {
76 /* Restrict usage of well-known PSMs */
77 if (psm
< 0x1001 && !capable(CAP_NET_BIND_SERVICE
)) {
84 err
= l2cap_add_scid(chan
, __le16_to_cpu(la
.l2_cid
));
86 err
= l2cap_add_psm(chan
, &la
.l2_bdaddr
, la
.l2_psm
);
91 if (__le16_to_cpu(la
.l2_psm
) == L2CAP_PSM_SDP
||
92 __le16_to_cpu(la
.l2_psm
) == L2CAP_PSM_RFCOMM
)
93 chan
->sec_level
= BT_SECURITY_SDP
;
95 bacpy(&bt_sk(sk
)->src
, &la
.l2_bdaddr
);
97 chan
->state
= BT_BOUND
;
98 sk
->sk_state
= BT_BOUND
;
105 static int l2cap_sock_connect(struct socket
*sock
, struct sockaddr
*addr
, int alen
, int flags
)
107 struct sock
*sk
= sock
->sk
;
108 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
109 struct sockaddr_l2 la
;
114 if (!addr
|| alen
< sizeof(addr
->sa_family
) ||
115 addr
->sa_family
!= AF_BLUETOOTH
)
118 memset(&la
, 0, sizeof(la
));
119 len
= min_t(unsigned int, sizeof(la
), alen
);
120 memcpy(&la
, addr
, len
);
122 if (la
.l2_cid
&& la
.l2_psm
)
125 err
= l2cap_chan_connect(chan
, la
.l2_psm
, __le16_to_cpu(la
.l2_cid
),
126 &la
.l2_bdaddr
, la
.l2_bdaddr_type
);
132 err
= bt_sock_wait_state(sk
, BT_CONNECTED
,
133 sock_sndtimeo(sk
, flags
& O_NONBLOCK
));
140 static int l2cap_sock_listen(struct socket
*sock
, int backlog
)
142 struct sock
*sk
= sock
->sk
;
143 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
146 BT_DBG("sk %p backlog %d", sk
, backlog
);
150 if (sk
->sk_state
!= BT_BOUND
) {
155 if (sk
->sk_type
!= SOCK_SEQPACKET
&& sk
->sk_type
!= SOCK_STREAM
) {
160 switch (chan
->mode
) {
161 case L2CAP_MODE_BASIC
:
163 case L2CAP_MODE_ERTM
:
164 case L2CAP_MODE_STREAMING
:
173 sk
->sk_max_ack_backlog
= backlog
;
174 sk
->sk_ack_backlog
= 0;
176 chan
->state
= BT_LISTEN
;
177 sk
->sk_state
= BT_LISTEN
;
184 static int l2cap_sock_accept(struct socket
*sock
, struct socket
*newsock
, int flags
)
186 DECLARE_WAITQUEUE(wait
, current
);
187 struct sock
*sk
= sock
->sk
, *nsk
;
191 lock_sock_nested(sk
, SINGLE_DEPTH_NESTING
);
193 timeo
= sock_rcvtimeo(sk
, flags
& O_NONBLOCK
);
195 BT_DBG("sk %p timeo %ld", sk
, timeo
);
197 /* Wait for an incoming connection. (wake-one). */
198 add_wait_queue_exclusive(sk_sleep(sk
), &wait
);
200 set_current_state(TASK_INTERRUPTIBLE
);
202 if (sk
->sk_state
!= BT_LISTEN
) {
207 nsk
= bt_accept_dequeue(sk
, newsock
);
216 if (signal_pending(current
)) {
217 err
= sock_intr_errno(timeo
);
222 timeo
= schedule_timeout(timeo
);
223 lock_sock_nested(sk
, SINGLE_DEPTH_NESTING
);
225 __set_current_state(TASK_RUNNING
);
226 remove_wait_queue(sk_sleep(sk
), &wait
);
231 newsock
->state
= SS_CONNECTED
;
233 BT_DBG("new socket %p", nsk
);
240 static int l2cap_sock_getname(struct socket
*sock
, struct sockaddr
*addr
, int *len
, int peer
)
242 struct sockaddr_l2
*la
= (struct sockaddr_l2
*) addr
;
243 struct sock
*sk
= sock
->sk
;
244 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
246 BT_DBG("sock %p, sk %p", sock
, sk
);
248 addr
->sa_family
= AF_BLUETOOTH
;
249 *len
= sizeof(struct sockaddr_l2
);
252 la
->l2_psm
= chan
->psm
;
253 bacpy(&la
->l2_bdaddr
, &bt_sk(sk
)->dst
);
254 la
->l2_cid
= cpu_to_le16(chan
->dcid
);
256 la
->l2_psm
= chan
->sport
;
257 bacpy(&la
->l2_bdaddr
, &bt_sk(sk
)->src
);
258 la
->l2_cid
= cpu_to_le16(chan
->scid
);
264 static int l2cap_sock_getsockopt_old(struct socket
*sock
, int optname
, char __user
*optval
, int __user
*optlen
)
266 struct sock
*sk
= sock
->sk
;
267 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
268 struct l2cap_options opts
;
269 struct l2cap_conninfo cinfo
;
275 if (get_user(len
, optlen
))
282 memset(&opts
, 0, sizeof(opts
));
283 opts
.imtu
= chan
->imtu
;
284 opts
.omtu
= chan
->omtu
;
285 opts
.flush_to
= chan
->flush_to
;
286 opts
.mode
= chan
->mode
;
287 opts
.fcs
= chan
->fcs
;
288 opts
.max_tx
= chan
->max_tx
;
289 opts
.txwin_size
= chan
->tx_win
;
291 len
= min_t(unsigned int, len
, sizeof(opts
));
292 if (copy_to_user(optval
, (char *) &opts
, len
))
298 switch (chan
->sec_level
) {
299 case BT_SECURITY_LOW
:
302 case BT_SECURITY_MEDIUM
:
303 opt
= L2CAP_LM_AUTH
| L2CAP_LM_ENCRYPT
;
305 case BT_SECURITY_HIGH
:
306 opt
= L2CAP_LM_AUTH
| L2CAP_LM_ENCRYPT
|
314 if (test_bit(FLAG_ROLE_SWITCH
, &chan
->flags
))
315 opt
|= L2CAP_LM_MASTER
;
317 if (test_bit(FLAG_FORCE_RELIABLE
, &chan
->flags
))
318 opt
|= L2CAP_LM_RELIABLE
;
320 if (put_user(opt
, (u32 __user
*) optval
))
325 if (sk
->sk_state
!= BT_CONNECTED
&&
326 !(sk
->sk_state
== BT_CONNECT2
&&
327 test_bit(BT_SK_DEFER_SETUP
, &bt_sk(sk
)->flags
))) {
332 memset(&cinfo
, 0, sizeof(cinfo
));
333 cinfo
.hci_handle
= chan
->conn
->hcon
->handle
;
334 memcpy(cinfo
.dev_class
, chan
->conn
->hcon
->dev_class
, 3);
336 len
= min_t(unsigned int, len
, sizeof(cinfo
));
337 if (copy_to_user(optval
, (char *) &cinfo
, len
))
351 static int l2cap_sock_getsockopt(struct socket
*sock
, int level
, int optname
, char __user
*optval
, int __user
*optlen
)
353 struct sock
*sk
= sock
->sk
;
354 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
355 struct bt_security sec
;
361 if (level
== SOL_L2CAP
)
362 return l2cap_sock_getsockopt_old(sock
, optname
, optval
, optlen
);
364 if (level
!= SOL_BLUETOOTH
)
367 if (get_user(len
, optlen
))
374 if (chan
->chan_type
!= L2CAP_CHAN_CONN_ORIENTED
&&
375 chan
->chan_type
!= L2CAP_CHAN_RAW
) {
380 memset(&sec
, 0, sizeof(sec
));
382 sec
.level
= chan
->conn
->hcon
->sec_level
;
384 sec
.level
= chan
->sec_level
;
386 if (sk
->sk_state
== BT_CONNECTED
)
387 sec
.key_size
= chan
->conn
->hcon
->enc_key_size
;
389 len
= min_t(unsigned int, len
, sizeof(sec
));
390 if (copy_to_user(optval
, (char *) &sec
, len
))
396 if (sk
->sk_state
!= BT_BOUND
&& sk
->sk_state
!= BT_LISTEN
) {
401 if (put_user(test_bit(BT_SK_DEFER_SETUP
, &bt_sk(sk
)->flags
),
402 (u32 __user
*) optval
))
408 if (put_user(test_bit(FLAG_FLUSHABLE
, &chan
->flags
),
409 (u32 __user
*) optval
))
415 if (sk
->sk_type
!= SOCK_SEQPACKET
&& sk
->sk_type
!= SOCK_STREAM
416 && sk
->sk_type
!= SOCK_RAW
) {
421 pwr
.force_active
= test_bit(FLAG_FORCE_ACTIVE
, &chan
->flags
);
423 len
= min_t(unsigned int, len
, sizeof(pwr
));
424 if (copy_to_user(optval
, (char *) &pwr
, len
))
429 case BT_CHANNEL_POLICY
:
435 if (put_user(chan
->chan_policy
, (u32 __user
*) optval
))
448 static bool l2cap_valid_mtu(struct l2cap_chan
*chan
, u16 mtu
)
450 switch (chan
->scid
) {
451 case L2CAP_CID_LE_DATA
:
452 if (mtu
< L2CAP_LE_MIN_MTU
)
457 if (mtu
< L2CAP_DEFAULT_MIN_MTU
)
464 static int l2cap_sock_setsockopt_old(struct socket
*sock
, int optname
, char __user
*optval
, unsigned int optlen
)
466 struct sock
*sk
= sock
->sk
;
467 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
468 struct l2cap_options opts
;
478 if (sk
->sk_state
== BT_CONNECTED
) {
483 opts
.imtu
= chan
->imtu
;
484 opts
.omtu
= chan
->omtu
;
485 opts
.flush_to
= chan
->flush_to
;
486 opts
.mode
= chan
->mode
;
487 opts
.fcs
= chan
->fcs
;
488 opts
.max_tx
= chan
->max_tx
;
489 opts
.txwin_size
= chan
->tx_win
;
491 len
= min_t(unsigned int, sizeof(opts
), optlen
);
492 if (copy_from_user((char *) &opts
, optval
, len
)) {
497 if (opts
.txwin_size
> L2CAP_DEFAULT_EXT_WINDOW
) {
502 if (!l2cap_valid_mtu(chan
, opts
.imtu
)) {
507 chan
->mode
= opts
.mode
;
508 switch (chan
->mode
) {
509 case L2CAP_MODE_BASIC
:
510 clear_bit(CONF_STATE2_DEVICE
, &chan
->conf_state
);
512 case L2CAP_MODE_ERTM
:
513 case L2CAP_MODE_STREAMING
:
522 chan
->imtu
= opts
.imtu
;
523 chan
->omtu
= opts
.omtu
;
524 chan
->fcs
= opts
.fcs
;
525 chan
->max_tx
= opts
.max_tx
;
526 chan
->tx_win
= opts
.txwin_size
;
530 if (get_user(opt
, (u32 __user
*) optval
)) {
535 if (opt
& L2CAP_LM_AUTH
)
536 chan
->sec_level
= BT_SECURITY_LOW
;
537 if (opt
& L2CAP_LM_ENCRYPT
)
538 chan
->sec_level
= BT_SECURITY_MEDIUM
;
539 if (opt
& L2CAP_LM_SECURE
)
540 chan
->sec_level
= BT_SECURITY_HIGH
;
542 if (opt
& L2CAP_LM_MASTER
)
543 set_bit(FLAG_ROLE_SWITCH
, &chan
->flags
);
545 clear_bit(FLAG_ROLE_SWITCH
, &chan
->flags
);
547 if (opt
& L2CAP_LM_RELIABLE
)
548 set_bit(FLAG_FORCE_RELIABLE
, &chan
->flags
);
550 clear_bit(FLAG_FORCE_RELIABLE
, &chan
->flags
);
562 static int l2cap_sock_setsockopt(struct socket
*sock
, int level
, int optname
, char __user
*optval
, unsigned int optlen
)
564 struct sock
*sk
= sock
->sk
;
565 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
566 struct bt_security sec
;
568 struct l2cap_conn
*conn
;
574 if (level
== SOL_L2CAP
)
575 return l2cap_sock_setsockopt_old(sock
, optname
, optval
, optlen
);
577 if (level
!= SOL_BLUETOOTH
)
584 if (chan
->chan_type
!= L2CAP_CHAN_CONN_ORIENTED
&&
585 chan
->chan_type
!= L2CAP_CHAN_RAW
) {
590 sec
.level
= BT_SECURITY_LOW
;
592 len
= min_t(unsigned int, sizeof(sec
), optlen
);
593 if (copy_from_user((char *) &sec
, optval
, len
)) {
598 if (sec
.level
< BT_SECURITY_LOW
||
599 sec
.level
> BT_SECURITY_HIGH
) {
604 chan
->sec_level
= sec
.level
;
611 /*change security for LE channels */
612 if (chan
->scid
== L2CAP_CID_LE_DATA
) {
613 if (!conn
->hcon
->out
) {
618 if (smp_conn_security(conn
, sec
.level
))
620 sk
->sk_state
= BT_CONFIG
;
621 chan
->state
= BT_CONFIG
;
623 /* or for ACL link */
624 } else if ((sk
->sk_state
== BT_CONNECT2
&&
625 test_bit(BT_SK_DEFER_SETUP
, &bt_sk(sk
)->flags
)) ||
626 sk
->sk_state
== BT_CONNECTED
) {
627 if (!l2cap_chan_check_security(chan
))
628 set_bit(BT_SK_SUSPEND
, &bt_sk(sk
)->flags
);
630 sk
->sk_state_change(sk
);
637 if (sk
->sk_state
!= BT_BOUND
&& sk
->sk_state
!= BT_LISTEN
) {
642 if (get_user(opt
, (u32 __user
*) optval
)) {
648 set_bit(BT_SK_DEFER_SETUP
, &bt_sk(sk
)->flags
);
650 clear_bit(BT_SK_DEFER_SETUP
, &bt_sk(sk
)->flags
);
654 if (get_user(opt
, (u32 __user
*) optval
)) {
659 if (opt
> BT_FLUSHABLE_ON
) {
664 if (opt
== BT_FLUSHABLE_OFF
) {
665 struct l2cap_conn
*conn
= chan
->conn
;
666 /* proceed further only when we have l2cap_conn and
667 No Flush support in the LM */
668 if (!conn
|| !lmp_no_flush_capable(conn
->hcon
->hdev
)) {
675 set_bit(FLAG_FLUSHABLE
, &chan
->flags
);
677 clear_bit(FLAG_FLUSHABLE
, &chan
->flags
);
681 if (chan
->chan_type
!= L2CAP_CHAN_CONN_ORIENTED
&&
682 chan
->chan_type
!= L2CAP_CHAN_RAW
) {
687 pwr
.force_active
= BT_POWER_FORCE_ACTIVE_ON
;
689 len
= min_t(unsigned int, sizeof(pwr
), optlen
);
690 if (copy_from_user((char *) &pwr
, optval
, len
)) {
695 if (pwr
.force_active
)
696 set_bit(FLAG_FORCE_ACTIVE
, &chan
->flags
);
698 clear_bit(FLAG_FORCE_ACTIVE
, &chan
->flags
);
701 case BT_CHANNEL_POLICY
:
707 if (get_user(opt
, (u32 __user
*) optval
)) {
712 if (opt
> BT_CHANNEL_POLICY_AMP_PREFERRED
) {
717 if (chan
->mode
!= L2CAP_MODE_ERTM
&&
718 chan
->mode
!= L2CAP_MODE_STREAMING
) {
723 chan
->chan_policy
= (u8
) opt
;
735 static int l2cap_sock_sendmsg(struct kiocb
*iocb
, struct socket
*sock
, struct msghdr
*msg
, size_t len
)
737 struct sock
*sk
= sock
->sk
;
738 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
741 BT_DBG("sock %p, sk %p", sock
, sk
);
743 err
= sock_error(sk
);
747 if (msg
->msg_flags
& MSG_OOB
)
750 if (sk
->sk_state
!= BT_CONNECTED
)
753 l2cap_chan_lock(chan
);
754 err
= l2cap_chan_send(chan
, msg
, len
, sk
->sk_priority
);
755 l2cap_chan_unlock(chan
);
760 static int l2cap_sock_recvmsg(struct kiocb
*iocb
, struct socket
*sock
, struct msghdr
*msg
, size_t len
, int flags
)
762 struct sock
*sk
= sock
->sk
;
763 struct l2cap_pinfo
*pi
= l2cap_pi(sk
);
768 if (sk
->sk_state
== BT_CONNECT2
&& test_bit(BT_SK_DEFER_SETUP
,
769 &bt_sk(sk
)->flags
)) {
770 sk
->sk_state
= BT_CONFIG
;
771 pi
->chan
->state
= BT_CONFIG
;
773 __l2cap_connect_rsp_defer(pi
->chan
);
780 if (sock
->type
== SOCK_STREAM
)
781 err
= bt_sock_stream_recvmsg(iocb
, sock
, msg
, len
, flags
);
783 err
= bt_sock_recvmsg(iocb
, sock
, msg
, len
, flags
);
785 if (pi
->chan
->mode
!= L2CAP_MODE_ERTM
)
788 /* Attempt to put pending rx data in the socket buffer */
792 if (!test_bit(CONN_LOCAL_BUSY
, &pi
->chan
->conn_state
))
795 if (pi
->rx_busy_skb
) {
796 if (!sock_queue_rcv_skb(sk
, pi
->rx_busy_skb
))
797 pi
->rx_busy_skb
= NULL
;
802 /* Restore data flow when half of the receive buffer is
803 * available. This avoids resending large numbers of
806 if (atomic_read(&sk
->sk_rmem_alloc
) <= sk
->sk_rcvbuf
>> 1)
807 l2cap_chan_busy(pi
->chan
, 0);
814 /* Kill socket (only if zapped and orphan)
815 * Must be called on unlocked socket.
817 static void l2cap_sock_kill(struct sock
*sk
)
819 if (!sock_flag(sk
, SOCK_ZAPPED
) || sk
->sk_socket
)
822 BT_DBG("sk %p state %s", sk
, state_to_string(sk
->sk_state
));
824 /* Kill poor orphan */
826 l2cap_chan_destroy(l2cap_pi(sk
)->chan
);
827 sock_set_flag(sk
, SOCK_DEAD
);
831 static int l2cap_sock_shutdown(struct socket
*sock
, int how
)
833 struct sock
*sk
= sock
->sk
;
834 struct l2cap_chan
*chan
;
835 struct l2cap_conn
*conn
;
838 BT_DBG("sock %p, sk %p", sock
, sk
);
843 chan
= l2cap_pi(sk
)->chan
;
847 mutex_lock(&conn
->chan_lock
);
849 l2cap_chan_lock(chan
);
852 if (!sk
->sk_shutdown
) {
853 if (chan
->mode
== L2CAP_MODE_ERTM
)
854 err
= __l2cap_wait_ack(sk
);
856 sk
->sk_shutdown
= SHUTDOWN_MASK
;
859 l2cap_chan_close(chan
, 0);
862 if (sock_flag(sk
, SOCK_LINGER
) && sk
->sk_lingertime
)
863 err
= bt_sock_wait_state(sk
, BT_CLOSED
,
867 if (!err
&& sk
->sk_err
)
871 l2cap_chan_unlock(chan
);
874 mutex_unlock(&conn
->chan_lock
);
879 static int l2cap_sock_release(struct socket
*sock
)
881 struct sock
*sk
= sock
->sk
;
884 BT_DBG("sock %p, sk %p", sock
, sk
);
889 err
= l2cap_sock_shutdown(sock
, 2);
896 static void l2cap_sock_cleanup_listen(struct sock
*parent
)
900 BT_DBG("parent %p", parent
);
902 /* Close not yet accepted channels */
903 while ((sk
= bt_accept_dequeue(parent
, NULL
))) {
904 struct l2cap_chan
*chan
= l2cap_pi(sk
)->chan
;
906 l2cap_chan_lock(chan
);
907 __clear_chan_timer(chan
);
908 l2cap_chan_close(chan
, ECONNRESET
);
909 l2cap_chan_unlock(chan
);
915 static struct l2cap_chan
*l2cap_sock_new_connection_cb(struct l2cap_chan
*chan
)
917 struct sock
*sk
, *parent
= chan
->data
;
919 /* Check for backlog size */
920 if (sk_acceptq_is_full(parent
)) {
921 BT_DBG("backlog full %d", parent
->sk_ack_backlog
);
925 sk
= l2cap_sock_alloc(sock_net(parent
), NULL
, BTPROTO_L2CAP
,
930 bt_sock_reclassify_lock(sk
, BTPROTO_L2CAP
);
932 l2cap_sock_init(sk
, parent
);
934 return l2cap_pi(sk
)->chan
;
937 static int l2cap_sock_recv_cb(struct l2cap_chan
*chan
, struct sk_buff
*skb
)
940 struct sock
*sk
= chan
->data
;
941 struct l2cap_pinfo
*pi
= l2cap_pi(sk
);
945 if (pi
->rx_busy_skb
) {
950 err
= sock_queue_rcv_skb(sk
, skb
);
952 /* For ERTM, handle one skb that doesn't fit into the recv
953 * buffer. This is important to do because the data frames
954 * have already been acked, so the skb cannot be discarded.
956 * Notify the l2cap core that the buffer is full, so the
957 * LOCAL_BUSY state is entered and no more frames are
958 * acked and reassembled until there is buffer space
961 if (err
< 0 && pi
->chan
->mode
== L2CAP_MODE_ERTM
) {
962 pi
->rx_busy_skb
= skb
;
963 l2cap_chan_busy(pi
->chan
, 1);
973 static void l2cap_sock_close_cb(struct l2cap_chan
*chan
)
975 struct sock
*sk
= chan
->data
;
980 static void l2cap_sock_teardown_cb(struct l2cap_chan
*chan
, int err
)
982 struct sock
*sk
= chan
->data
;
987 parent
= bt_sk(sk
)->parent
;
989 sock_set_flag(sk
, SOCK_ZAPPED
);
991 switch (chan
->state
) {
997 l2cap_sock_cleanup_listen(sk
);
998 sk
->sk_state
= BT_CLOSED
;
999 chan
->state
= BT_CLOSED
;
1003 sk
->sk_state
= BT_CLOSED
;
1004 chan
->state
= BT_CLOSED
;
1009 bt_accept_unlink(sk
);
1010 parent
->sk_data_ready(parent
, 0);
1012 sk
->sk_state_change(sk
);
1021 static void l2cap_sock_state_change_cb(struct l2cap_chan
*chan
, int state
)
1023 struct sock
*sk
= chan
->data
;
1025 sk
->sk_state
= state
;
1028 static struct sk_buff
*l2cap_sock_alloc_skb_cb(struct l2cap_chan
*chan
,
1029 unsigned long len
, int nb
)
1031 struct sk_buff
*skb
;
1034 l2cap_chan_unlock(chan
);
1035 skb
= bt_skb_send_alloc(chan
->sk
, len
, nb
, &err
);
1036 l2cap_chan_lock(chan
);
1039 return ERR_PTR(err
);
1044 static void l2cap_sock_ready_cb(struct l2cap_chan
*chan
)
1046 struct sock
*sk
= chan
->data
;
1047 struct sock
*parent
;
1051 parent
= bt_sk(sk
)->parent
;
1053 BT_DBG("sk %p, parent %p", sk
, parent
);
1055 sk
->sk_state
= BT_CONNECTED
;
1056 sk
->sk_state_change(sk
);
1059 parent
->sk_data_ready(parent
, 0);
1064 static struct l2cap_ops l2cap_chan_ops
= {
1065 .name
= "L2CAP Socket Interface",
1066 .new_connection
= l2cap_sock_new_connection_cb
,
1067 .recv
= l2cap_sock_recv_cb
,
1068 .close
= l2cap_sock_close_cb
,
1069 .teardown
= l2cap_sock_teardown_cb
,
1070 .state_change
= l2cap_sock_state_change_cb
,
1071 .ready
= l2cap_sock_ready_cb
,
1072 .alloc_skb
= l2cap_sock_alloc_skb_cb
,
1075 static void l2cap_sock_destruct(struct sock
*sk
)
1077 BT_DBG("sk %p", sk
);
1079 l2cap_chan_put(l2cap_pi(sk
)->chan
);
1080 if (l2cap_pi(sk
)->rx_busy_skb
) {
1081 kfree_skb(l2cap_pi(sk
)->rx_busy_skb
);
1082 l2cap_pi(sk
)->rx_busy_skb
= NULL
;
1085 skb_queue_purge(&sk
->sk_receive_queue
);
1086 skb_queue_purge(&sk
->sk_write_queue
);
1089 static void l2cap_sock_init(struct sock
*sk
, struct sock
*parent
)
1091 struct l2cap_pinfo
*pi
= l2cap_pi(sk
);
1092 struct l2cap_chan
*chan
= pi
->chan
;
1094 BT_DBG("sk %p", sk
);
1097 struct l2cap_chan
*pchan
= l2cap_pi(parent
)->chan
;
1099 sk
->sk_type
= parent
->sk_type
;
1100 bt_sk(sk
)->flags
= bt_sk(parent
)->flags
;
1102 chan
->chan_type
= pchan
->chan_type
;
1103 chan
->imtu
= pchan
->imtu
;
1104 chan
->omtu
= pchan
->omtu
;
1105 chan
->conf_state
= pchan
->conf_state
;
1106 chan
->mode
= pchan
->mode
;
1107 chan
->fcs
= pchan
->fcs
;
1108 chan
->max_tx
= pchan
->max_tx
;
1109 chan
->tx_win
= pchan
->tx_win
;
1110 chan
->tx_win_max
= pchan
->tx_win_max
;
1111 chan
->sec_level
= pchan
->sec_level
;
1112 chan
->flags
= pchan
->flags
;
1114 security_sk_clone(parent
, sk
);
1117 switch (sk
->sk_type
) {
1119 chan
->chan_type
= L2CAP_CHAN_RAW
;
1122 chan
->chan_type
= L2CAP_CHAN_CONN_LESS
;
1124 case SOCK_SEQPACKET
:
1126 chan
->chan_type
= L2CAP_CHAN_CONN_ORIENTED
;
1130 chan
->imtu
= L2CAP_DEFAULT_MTU
;
1132 if (!disable_ertm
&& sk
->sk_type
== SOCK_STREAM
) {
1133 chan
->mode
= L2CAP_MODE_ERTM
;
1134 set_bit(CONF_STATE2_DEVICE
, &chan
->conf_state
);
1136 chan
->mode
= L2CAP_MODE_BASIC
;
1139 l2cap_chan_set_defaults(chan
);
1142 /* Default config options */
1143 chan
->flush_to
= L2CAP_DEFAULT_FLUSH_TO
;
1146 chan
->ops
= &l2cap_chan_ops
;
1149 static struct proto l2cap_proto
= {
1151 .owner
= THIS_MODULE
,
1152 .obj_size
= sizeof(struct l2cap_pinfo
)
1155 static struct sock
*l2cap_sock_alloc(struct net
*net
, struct socket
*sock
, int proto
, gfp_t prio
)
1158 struct l2cap_chan
*chan
;
1160 sk
= sk_alloc(net
, PF_BLUETOOTH
, prio
, &l2cap_proto
);
1164 sock_init_data(sock
, sk
);
1165 INIT_LIST_HEAD(&bt_sk(sk
)->accept_q
);
1167 sk
->sk_destruct
= l2cap_sock_destruct
;
1168 sk
->sk_sndtimeo
= L2CAP_CONN_TIMEOUT
;
1170 sock_reset_flag(sk
, SOCK_ZAPPED
);
1172 sk
->sk_protocol
= proto
;
1173 sk
->sk_state
= BT_OPEN
;
1175 chan
= l2cap_chan_create();
1177 l2cap_sock_kill(sk
);
1181 l2cap_chan_hold(chan
);
1185 l2cap_pi(sk
)->chan
= chan
;
1190 static int l2cap_sock_create(struct net
*net
, struct socket
*sock
, int protocol
,
1195 BT_DBG("sock %p", sock
);
1197 sock
->state
= SS_UNCONNECTED
;
1199 if (sock
->type
!= SOCK_SEQPACKET
&& sock
->type
!= SOCK_STREAM
&&
1200 sock
->type
!= SOCK_DGRAM
&& sock
->type
!= SOCK_RAW
)
1201 return -ESOCKTNOSUPPORT
;
1203 if (sock
->type
== SOCK_RAW
&& !kern
&& !capable(CAP_NET_RAW
))
1206 sock
->ops
= &l2cap_sock_ops
;
1208 sk
= l2cap_sock_alloc(net
, sock
, protocol
, GFP_ATOMIC
);
1212 l2cap_sock_init(sk
, NULL
);
1216 static const struct proto_ops l2cap_sock_ops
= {
1217 .family
= PF_BLUETOOTH
,
1218 .owner
= THIS_MODULE
,
1219 .release
= l2cap_sock_release
,
1220 .bind
= l2cap_sock_bind
,
1221 .connect
= l2cap_sock_connect
,
1222 .listen
= l2cap_sock_listen
,
1223 .accept
= l2cap_sock_accept
,
1224 .getname
= l2cap_sock_getname
,
1225 .sendmsg
= l2cap_sock_sendmsg
,
1226 .recvmsg
= l2cap_sock_recvmsg
,
1227 .poll
= bt_sock_poll
,
1228 .ioctl
= bt_sock_ioctl
,
1229 .mmap
= sock_no_mmap
,
1230 .socketpair
= sock_no_socketpair
,
1231 .shutdown
= l2cap_sock_shutdown
,
1232 .setsockopt
= l2cap_sock_setsockopt
,
1233 .getsockopt
= l2cap_sock_getsockopt
1236 static const struct net_proto_family l2cap_sock_family_ops
= {
1237 .family
= PF_BLUETOOTH
,
1238 .owner
= THIS_MODULE
,
1239 .create
= l2cap_sock_create
,
1242 int __init
l2cap_init_sockets(void)
1246 err
= proto_register(&l2cap_proto
, 0);
1250 err
= bt_sock_register(BTPROTO_L2CAP
, &l2cap_sock_family_ops
);
1254 BT_INFO("L2CAP socket layer initialized");
1259 BT_ERR("L2CAP socket registration failed");
1260 proto_unregister(&l2cap_proto
);
1264 void l2cap_cleanup_sockets(void)
1266 if (bt_sock_unregister(BTPROTO_L2CAP
) < 0)
1267 BT_ERR("L2CAP socket unregistration failed");
1269 proto_unregister(&l2cap_proto
);