projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Bluetooth: Provide L2CAP ops callback for memcpy_fromiovec
[deliverable/linux.git] / net / bluetooth / l2cap_sock.c
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
6 Copyright (C) 2011 ProFUSION Embedded Systems
7
8 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
9
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License version 2 as
12 published by the Free Software Foundation;
13
14 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
17 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
18 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
19 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
22
23 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
24 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
25 SOFTWARE IS DISCLAIMED.
26 */
27
28 /* Bluetooth L2CAP sockets. */
29
30 #include <linux/module.h>
31 #include <linux/export.h>
32
33 #include <net/bluetooth/bluetooth.h>
34 #include <net/bluetooth/hci_core.h>
35 #include <net/bluetooth/l2cap.h>
36
37 #include "smp.h"
38
39 static struct bt_sock_list l2cap_sk_list = {
40 .lock = __RW_LOCK_UNLOCKED(l2cap_sk_list.lock)
41 };
42
43 static const struct proto_ops l2cap_sock_ops;
44 static void l2cap_sock_init(struct sock *sk, struct sock *parent);
45 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock,
46 int proto, gfp_t prio);
47
48 bool l2cap_is_socket(struct socket *sock)
49 {
50 return sock && sock->ops == &l2cap_sock_ops;
51 }
52 EXPORT_SYMBOL(l2cap_is_socket);
53
54 static int l2cap_validate_bredr_psm(u16 psm)
55 {
56 /* PSM must be odd and lsb of upper byte must be 0 */
57 if ((psm & 0x0101) != 0x0001)
58 return -EINVAL;
59
60 /* Restrict usage of well-known PSMs */
61 if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE))
62 return -EACCES;
63
64 return 0;
65 }
66
67 static int l2cap_validate_le_psm(u16 psm)
68 {
69 /* Valid LE_PSM ranges are defined only until 0x00ff */
70 if (psm > 0x00ff)
71 return -EINVAL;
72
73 /* Restrict fixed, SIG assigned PSM values to CAP_NET_BIND_SERVICE */
74 if (psm <= 0x007f && !capable(CAP_NET_BIND_SERVICE))
75 return -EACCES;
76
77 return 0;
78 }
79
80 static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
81 {
82 struct sock *sk = sock->sk;
83 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
84 struct sockaddr_l2 la;
85 int len, err = 0;
86
87 BT_DBG("sk %p", sk);
88
89 if (!addr || addr->sa_family != AF_BLUETOOTH)
90 return -EINVAL;
91
92 memset(&la, 0, sizeof(la));
93 len = min_t(unsigned int, sizeof(la), alen);
94 memcpy(&la, addr, len);
95
96 if (la.l2_cid && la.l2_psm)
97 return -EINVAL;
98
99 if (!bdaddr_type_is_valid(la.l2_bdaddr_type))
100 return -EINVAL;
101
102 if (la.l2_cid) {
103 /* When the socket gets created it defaults to
104 * CHAN_CONN_ORIENTED, so we need to overwrite the
105 * default here.
106 */
107 chan->chan_type = L2CAP_CHAN_FIXED;
108 chan->omtu = L2CAP_DEFAULT_MTU;
109 }
110
111 if (bdaddr_type_is_le(la.l2_bdaddr_type)) {
112 /* We only allow ATT user space socket */
113 if (la.l2_cid &&
114 la.l2_cid != cpu_to_le16(L2CAP_CID_ATT))
115 return -EINVAL;
116 }
117
118 lock_sock(sk);
119
120 if (sk->sk_state != BT_OPEN) {
121 err = -EBADFD;
122 goto done;
123 }
124
125 if (la.l2_psm) {
126 __u16 psm = __le16_to_cpu(la.l2_psm);
127
128 if (la.l2_bdaddr_type == BDADDR_BREDR)
129 err = l2cap_validate_bredr_psm(psm);
130 else
131 err = l2cap_validate_le_psm(psm);
132
133 if (err)
134 goto done;
135 }
136
137 if (la.l2_cid)
138 err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));
139 else
140 err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
141
142 if (err < 0)
143 goto done;
144
145 switch (chan->chan_type) {
146 case L2CAP_CHAN_CONN_LESS:
147 if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_3DSP)
148 chan->sec_level = BT_SECURITY_SDP;
149 break;
150 case L2CAP_CHAN_CONN_ORIENTED:
151 if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_SDP ||
152 __le16_to_cpu(la.l2_psm) == L2CAP_PSM_RFCOMM)
153 chan->sec_level = BT_SECURITY_SDP;
154 break;
155 case L2CAP_CHAN_RAW:
156 chan->sec_level = BT_SECURITY_SDP;
157 break;
158 }
159
160 bacpy(&chan->src, &la.l2_bdaddr);
161 chan->src_type = la.l2_bdaddr_type;
162
163 if (chan->psm && bdaddr_type_is_le(chan->src_type))
164 chan->mode = L2CAP_MODE_LE_FLOWCTL;
165
166 chan->state = BT_BOUND;
167 sk->sk_state = BT_BOUND;
168
169 done:
170 release_sock(sk);
171 return err;
172 }
173
174 static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr,
175 int alen, int flags)
176 {
177 struct sock *sk = sock->sk;
178 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
179 struct sockaddr_l2 la;
180 int len, err = 0;
181
182 BT_DBG("sk %p", sk);
183
184 if (!addr || alen < sizeof(addr->sa_family) ||
185 addr->sa_family != AF_BLUETOOTH)
186 return -EINVAL;
187
188 memset(&la, 0, sizeof(la));
189 len = min_t(unsigned int, sizeof(la), alen);
190 memcpy(&la, addr, len);
191
192 if (la.l2_cid && la.l2_psm)
193 return -EINVAL;
194
195 if (!bdaddr_type_is_valid(la.l2_bdaddr_type))
196 return -EINVAL;
197
198 /* Check that the socket wasn't bound to something that
199 * conflicts with the address given to connect(). If chan->src
200 * is BDADDR_ANY it means bind() was never used, in which case
201 * chan->src_type and la.l2_bdaddr_type do not need to match.
202 */
203 if (chan->src_type == BDADDR_BREDR && bacmp(&chan->src, BDADDR_ANY) &&
204 bdaddr_type_is_le(la.l2_bdaddr_type)) {
205 /* Old user space versions will try to incorrectly bind
206 * the ATT socket using BDADDR_BREDR. We need to accept
207 * this and fix up the source address type only when
208 * both the source CID and destination CID indicate
209 * ATT. Anything else is an invalid combination.
210 */
211 if (chan->scid != L2CAP_CID_ATT ||
212 la.l2_cid != cpu_to_le16(L2CAP_CID_ATT))
213 return -EINVAL;
214
215 /* We don't have the hdev available here to make a
216 * better decision on random vs public, but since all
217 * user space versions that exhibit this issue anyway do
218 * not support random local addresses assuming public
219 * here is good enough.
220 */
221 chan->src_type = BDADDR_LE_PUBLIC;
222 }
223
224 if (chan->src_type != BDADDR_BREDR && la.l2_bdaddr_type == BDADDR_BREDR)
225 return -EINVAL;
226
227 if (bdaddr_type_is_le(la.l2_bdaddr_type)) {
228 /* We only allow ATT user space socket */
229 if (la.l2_cid &&
230 la.l2_cid != cpu_to_le16(L2CAP_CID_ATT))
231 return -EINVAL;
232 }
233
234 if (chan->psm && bdaddr_type_is_le(chan->src_type))
235 chan->mode = L2CAP_MODE_LE_FLOWCTL;
236
237 err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid),
238 &la.l2_bdaddr, la.l2_bdaddr_type);
239 if (err)
240 return err;
241
242 lock_sock(sk);
243
244 err = bt_sock_wait_state(sk, BT_CONNECTED,
245 sock_sndtimeo(sk, flags & O_NONBLOCK));
246
247 release_sock(sk);
248
249 return err;
250 }
251
252 static int l2cap_sock_listen(struct socket *sock, int backlog)
253 {
254 struct sock *sk = sock->sk;
255 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
256 int err = 0;
257
258 BT_DBG("sk %p backlog %d", sk, backlog);
259
260 lock_sock(sk);
261
262 if (sk->sk_state != BT_BOUND) {
263 err = -EBADFD;
264 goto done;
265 }
266
267 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM) {
268 err = -EINVAL;
269 goto done;
270 }
271
272 switch (chan->mode) {
273 case L2CAP_MODE_BASIC:
274 case L2CAP_MODE_LE_FLOWCTL:
275 break;
276 case L2CAP_MODE_ERTM:
277 case L2CAP_MODE_STREAMING:
278 if (!disable_ertm)
279 break;
280 /* fall through */
281 default:
282 err = -ENOTSUPP;
283 goto done;
284 }
285
286 sk->sk_max_ack_backlog = backlog;
287 sk->sk_ack_backlog = 0;
288
289 chan->state = BT_LISTEN;
290 sk->sk_state = BT_LISTEN;
291
292 done:
293 release_sock(sk);
294 return err;
295 }
296
297 static int l2cap_sock_accept(struct socket *sock, struct socket *newsock,
298 int flags)
299 {
300 DECLARE_WAITQUEUE(wait, current);
301 struct sock *sk = sock->sk, *nsk;
302 long timeo;
303 int err = 0;
304
305 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
306
307 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
308
309 BT_DBG("sk %p timeo %ld", sk, timeo);
310
311 /* Wait for an incoming connection. (wake-one). */
312 add_wait_queue_exclusive(sk_sleep(sk), &wait);
313 while (1) {
314 set_current_state(TASK_INTERRUPTIBLE);
315
316 if (sk->sk_state != BT_LISTEN) {
317 err = -EBADFD;
318 break;
319 }
320
321 nsk = bt_accept_dequeue(sk, newsock);
322 if (nsk)
323 break;
324
325 if (!timeo) {
326 err = -EAGAIN;
327 break;
328 }
329
330 if (signal_pending(current)) {
331 err = sock_intr_errno(timeo);
332 break;
333 }
334
335 release_sock(sk);
336 timeo = schedule_timeout(timeo);
337 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
338 }
339 __set_current_state(TASK_RUNNING);
340 remove_wait_queue(sk_sleep(sk), &wait);
341
342 if (err)
343 goto done;
344
345 newsock->state = SS_CONNECTED;
346
347 BT_DBG("new socket %p", nsk);
348
349 done:
350 release_sock(sk);
351 return err;
352 }
353
354 static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr,
355 int *len, int peer)
356 {
357 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
358 struct sock *sk = sock->sk;
359 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
360
361 BT_DBG("sock %p, sk %p", sock, sk);
362
363 if (peer && sk->sk_state != BT_CONNECTED &&
364 sk->sk_state != BT_CONNECT && sk->sk_state != BT_CONNECT2)
365 return -ENOTCONN;
366
367 memset(la, 0, sizeof(struct sockaddr_l2));
368 addr->sa_family = AF_BLUETOOTH;
369 *len = sizeof(struct sockaddr_l2);
370
371 la->l2_psm = chan->psm;
372
373 if (peer) {
374 bacpy(&la->l2_bdaddr, &chan->dst);
375 la->l2_cid = cpu_to_le16(chan->dcid);
376 la->l2_bdaddr_type = chan->dst_type;
377 } else {
378 bacpy(&la->l2_bdaddr, &chan->src);
379 la->l2_cid = cpu_to_le16(chan->scid);
380 la->l2_bdaddr_type = chan->src_type;
381 }
382
383 return 0;
384 }
385
386 static int l2cap_sock_getsockopt_old(struct socket *sock, int optname,
387 char __user *optval, int __user *optlen)
388 {
389 struct sock *sk = sock->sk;
390 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
391 struct l2cap_options opts;
392 struct l2cap_conninfo cinfo;
393 int len, err = 0;
394 u32 opt;
395
396 BT_DBG("sk %p", sk);
397
398 if (get_user(len, optlen))
399 return -EFAULT;
400
401 lock_sock(sk);
402
403 switch (optname) {
404 case L2CAP_OPTIONS:
405 /* LE sockets should use BT_SNDMTU/BT_RCVMTU, but since
406 * legacy ATT code depends on getsockopt for
407 * L2CAP_OPTIONS we need to let this pass.
408 */
409 if (bdaddr_type_is_le(chan->src_type) &&
410 chan->scid != L2CAP_CID_ATT) {
411 err = -EINVAL;
412 break;
413 }
414
415 memset(&opts, 0, sizeof(opts));
416 opts.imtu = chan->imtu;
417 opts.omtu = chan->omtu;
418 opts.flush_to = chan->flush_to;
419 opts.mode = chan->mode;
420 opts.fcs = chan->fcs;
421 opts.max_tx = chan->max_tx;
422 opts.txwin_size = chan->tx_win;
423
424 len = min_t(unsigned int, len, sizeof(opts));
425 if (copy_to_user(optval, (char *) &opts, len))
426 err = -EFAULT;
427
428 break;
429
430 case L2CAP_LM:
431 switch (chan->sec_level) {
432 case BT_SECURITY_LOW:
433 opt = L2CAP_LM_AUTH;
434 break;
435 case BT_SECURITY_MEDIUM:
436 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT;
437 break;
438 case BT_SECURITY_HIGH:
439 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
440 L2CAP_LM_SECURE;
441 break;
442 case BT_SECURITY_FIPS:
443 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
444 L2CAP_LM_SECURE | L2CAP_LM_FIPS;
445 break;
446 default:
447 opt = 0;
448 break;
449 }
450
451 if (test_bit(FLAG_ROLE_SWITCH, &chan->flags))
452 opt |= L2CAP_LM_MASTER;
453
454 if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags))
455 opt |= L2CAP_LM_RELIABLE;
456
457 if (put_user(opt, (u32 __user *) optval))
458 err = -EFAULT;
459
460 break;
461
462 case L2CAP_CONNINFO:
463 if (sk->sk_state != BT_CONNECTED &&
464 !(sk->sk_state == BT_CONNECT2 &&
465 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
466 err = -ENOTCONN;
467 break;
468 }
469
470 memset(&cinfo, 0, sizeof(cinfo));
471 cinfo.hci_handle = chan->conn->hcon->handle;
472 memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3);
473
474 len = min_t(unsigned int, len, sizeof(cinfo));
475 if (copy_to_user(optval, (char *) &cinfo, len))
476 err = -EFAULT;
477
478 break;
479
480 default:
481 err = -ENOPROTOOPT;
482 break;
483 }
484
485 release_sock(sk);
486 return err;
487 }
488
489 static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname,
490 char __user *optval, int __user *optlen)
491 {
492 struct sock *sk = sock->sk;
493 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
494 struct bt_security sec;
495 struct bt_power pwr;
496 int len, err = 0;
497
498 BT_DBG("sk %p", sk);
499
500 if (level == SOL_L2CAP)
501 return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
502
503 if (level != SOL_BLUETOOTH)
504 return -ENOPROTOOPT;
505
506 if (get_user(len, optlen))
507 return -EFAULT;
508
509 lock_sock(sk);
510
511 switch (optname) {
512 case BT_SECURITY:
513 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
514 chan->chan_type != L2CAP_CHAN_FIXED &&
515 chan->chan_type != L2CAP_CHAN_RAW) {
516 err = -EINVAL;
517 break;
518 }
519
520 memset(&sec, 0, sizeof(sec));
521 if (chan->conn) {
522 sec.level = chan->conn->hcon->sec_level;
523
524 if (sk->sk_state == BT_CONNECTED)
525 sec.key_size = chan->conn->hcon->enc_key_size;
526 } else {
527 sec.level = chan->sec_level;
528 }
529
530 len = min_t(unsigned int, len, sizeof(sec));
531 if (copy_to_user(optval, (char *) &sec, len))
532 err = -EFAULT;
533
534 break;
535
536 case BT_DEFER_SETUP:
537 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
538 err = -EINVAL;
539 break;
540 }
541
542 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
543 (u32 __user *) optval))
544 err = -EFAULT;
545
546 break;
547
548 case BT_FLUSHABLE:
549 if (put_user(test_bit(FLAG_FLUSHABLE, &chan->flags),
550 (u32 __user *) optval))
551 err = -EFAULT;
552
553 break;
554
555 case BT_POWER:
556 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
557 && sk->sk_type != SOCK_RAW) {
558 err = -EINVAL;
559 break;
560 }
561
562 pwr.force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags);
563
564 len = min_t(unsigned int, len, sizeof(pwr));
565 if (copy_to_user(optval, (char *) &pwr, len))
566 err = -EFAULT;
567
568 break;
569
570 case BT_CHANNEL_POLICY:
571 if (put_user(chan->chan_policy, (u32 __user *) optval))
572 err = -EFAULT;
573 break;
574
575 case BT_SNDMTU:
576 if (!bdaddr_type_is_le(chan->src_type)) {
577 err = -EINVAL;
578 break;
579 }
580
581 if (sk->sk_state != BT_CONNECTED) {
582 err = -ENOTCONN;
583 break;
584 }
585
586 if (put_user(chan->omtu, (u16 __user *) optval))
587 err = -EFAULT;
588 break;
589
590 case BT_RCVMTU:
591 if (!bdaddr_type_is_le(chan->src_type)) {
592 err = -EINVAL;
593 break;
594 }
595
596 if (put_user(chan->imtu, (u16 __user *) optval))
597 err = -EFAULT;
598 break;
599
600 default:
601 err = -ENOPROTOOPT;
602 break;
603 }
604
605 release_sock(sk);
606 return err;
607 }
608
609 static bool l2cap_valid_mtu(struct l2cap_chan *chan, u16 mtu)
610 {
611 switch (chan->scid) {
612 case L2CAP_CID_ATT:
613 if (mtu < L2CAP_LE_MIN_MTU)
614 return false;
615 break;
616
617 default:
618 if (mtu < L2CAP_DEFAULT_MIN_MTU)
619 return false;
620 }
621
622 return true;
623 }
624
625 static int l2cap_sock_setsockopt_old(struct socket *sock, int optname,
626 char __user *optval, unsigned int optlen)
627 {
628 struct sock *sk = sock->sk;
629 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
630 struct l2cap_options opts;
631 int len, err = 0;
632 u32 opt;
633
634 BT_DBG("sk %p", sk);
635
636 lock_sock(sk);
637
638 switch (optname) {
639 case L2CAP_OPTIONS:
640 if (bdaddr_type_is_le(chan->src_type)) {
641 err = -EINVAL;
642 break;
643 }
644
645 if (sk->sk_state == BT_CONNECTED) {
646 err = -EINVAL;
647 break;
648 }
649
650 opts.imtu = chan->imtu;
651 opts.omtu = chan->omtu;
652 opts.flush_to = chan->flush_to;
653 opts.mode = chan->mode;
654 opts.fcs = chan->fcs;
655 opts.max_tx = chan->max_tx;
656 opts.txwin_size = chan->tx_win;
657
658 len = min_t(unsigned int, sizeof(opts), optlen);
659 if (copy_from_user((char *) &opts, optval, len)) {
660 err = -EFAULT;
661 break;
662 }
663
664 if (opts.txwin_size > L2CAP_DEFAULT_EXT_WINDOW) {
665 err = -EINVAL;
666 break;
667 }
668
669 if (!l2cap_valid_mtu(chan, opts.imtu)) {
670 err = -EINVAL;
671 break;
672 }
673
674 chan->mode = opts.mode;
675 switch (chan->mode) {
676 case L2CAP_MODE_LE_FLOWCTL:
677 break;
678 case L2CAP_MODE_BASIC:
679 clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);
680 break;
681 case L2CAP_MODE_ERTM:
682 case L2CAP_MODE_STREAMING:
683 if (!disable_ertm)
684 break;
685 /* fall through */
686 default:
687 err = -EINVAL;
688 break;
689 }
690
691 chan->imtu = opts.imtu;
692 chan->omtu = opts.omtu;
693 chan->fcs = opts.fcs;
694 chan->max_tx = opts.max_tx;
695 chan->tx_win = opts.txwin_size;
696 chan->flush_to = opts.flush_to;
697 break;
698
699 case L2CAP_LM:
700 if (get_user(opt, (u32 __user *) optval)) {
701 err = -EFAULT;
702 break;
703 }
704
705 if (opt & L2CAP_LM_FIPS) {
706 err = -EINVAL;
707 break;
708 }
709
710 if (opt & L2CAP_LM_AUTH)
711 chan->sec_level = BT_SECURITY_LOW;
712 if (opt & L2CAP_LM_ENCRYPT)
713 chan->sec_level = BT_SECURITY_MEDIUM;
714 if (opt & L2CAP_LM_SECURE)
715 chan->sec_level = BT_SECURITY_HIGH;
716
717 if (opt & L2CAP_LM_MASTER)
718 set_bit(FLAG_ROLE_SWITCH, &chan->flags);
719 else
720 clear_bit(FLAG_ROLE_SWITCH, &chan->flags);
721
722 if (opt & L2CAP_LM_RELIABLE)
723 set_bit(FLAG_FORCE_RELIABLE, &chan->flags);
724 else
725 clear_bit(FLAG_FORCE_RELIABLE, &chan->flags);
726 break;
727
728 default:
729 err = -ENOPROTOOPT;
730 break;
731 }
732
733 release_sock(sk);
734 return err;
735 }
736
737 static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname,
738 char __user *optval, unsigned int optlen)
739 {
740 struct sock *sk = sock->sk;
741 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
742 struct bt_security sec;
743 struct bt_power pwr;
744 struct l2cap_conn *conn;
745 int len, err = 0;
746 u32 opt;
747
748 BT_DBG("sk %p", sk);
749
750 if (level == SOL_L2CAP)
751 return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
752
753 if (level != SOL_BLUETOOTH)
754 return -ENOPROTOOPT;
755
756 lock_sock(sk);
757
758 switch (optname) {
759 case BT_SECURITY:
760 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
761 chan->chan_type != L2CAP_CHAN_FIXED &&
762 chan->chan_type != L2CAP_CHAN_RAW) {
763 err = -EINVAL;
764 break;
765 }
766
767 sec.level = BT_SECURITY_LOW;
768
769 len = min_t(unsigned int, sizeof(sec), optlen);
770 if (copy_from_user((char *) &sec, optval, len)) {
771 err = -EFAULT;
772 break;
773 }
774
775 if (sec.level < BT_SECURITY_LOW ||
776 sec.level > BT_SECURITY_HIGH) {
777 err = -EINVAL;
778 break;
779 }
780
781 chan->sec_level = sec.level;
782
783 if (!chan->conn)
784 break;
785
786 conn = chan->conn;
787
788 /*change security for LE channels */
789 if (chan->scid == L2CAP_CID_ATT) {
790 if (smp_conn_security(conn->hcon, sec.level))
791 break;
792 sk->sk_state = BT_CONFIG;
793 chan->state = BT_CONFIG;
794
795 /* or for ACL link */
796 } else if ((sk->sk_state == BT_CONNECT2 &&
797 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) ||
798 sk->sk_state == BT_CONNECTED) {
799 if (!l2cap_chan_check_security(chan))
800 set_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
801 else
802 sk->sk_state_change(sk);
803 } else {
804 err = -EINVAL;
805 }
806 break;
807
808 case BT_DEFER_SETUP:
809 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
810 err = -EINVAL;
811 break;
812 }
813
814 if (get_user(opt, (u32 __user *) optval)) {
815 err = -EFAULT;
816 break;
817 }
818
819 if (opt) {
820 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
821 set_bit(FLAG_DEFER_SETUP, &chan->flags);
822 } else {
823 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
824 clear_bit(FLAG_DEFER_SETUP, &chan->flags);
825 }
826 break;
827
828 case BT_FLUSHABLE:
829 if (get_user(opt, (u32 __user *) optval)) {
830 err = -EFAULT;
831 break;
832 }
833
834 if (opt > BT_FLUSHABLE_ON) {
835 err = -EINVAL;
836 break;
837 }
838
839 if (opt == BT_FLUSHABLE_OFF) {
840 conn = chan->conn;
841 /* proceed further only when we have l2cap_conn and
842 No Flush support in the LM */
843 if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) {
844 err = -EINVAL;
845 break;
846 }
847 }
848
849 if (opt)
850 set_bit(FLAG_FLUSHABLE, &chan->flags);
851 else
852 clear_bit(FLAG_FLUSHABLE, &chan->flags);
853 break;
854
855 case BT_POWER:
856 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
857 chan->chan_type != L2CAP_CHAN_RAW) {
858 err = -EINVAL;
859 break;
860 }
861
862 pwr.force_active = BT_POWER_FORCE_ACTIVE_ON;
863
864 len = min_t(unsigned int, sizeof(pwr), optlen);
865 if (copy_from_user((char *) &pwr, optval, len)) {
866 err = -EFAULT;
867 break;
868 }
869
870 if (pwr.force_active)
871 set_bit(FLAG_FORCE_ACTIVE, &chan->flags);
872 else
873 clear_bit(FLAG_FORCE_ACTIVE, &chan->flags);
874 break;
875
876 case BT_CHANNEL_POLICY:
877 if (get_user(opt, (u32 __user *) optval)) {
878 err = -EFAULT;
879 break;
880 }
881
882 if (opt > BT_CHANNEL_POLICY_AMP_PREFERRED) {
883 err = -EINVAL;
884 break;
885 }
886
887 if (chan->mode != L2CAP_MODE_ERTM &&
888 chan->mode != L2CAP_MODE_STREAMING) {
889 err = -EOPNOTSUPP;
890 break;
891 }
892
893 chan->chan_policy = (u8) opt;
894
895 if (sk->sk_state == BT_CONNECTED &&
896 chan->move_role == L2CAP_MOVE_ROLE_NONE)
897 l2cap_move_start(chan);
898
899 break;
900
901 case BT_SNDMTU:
902 if (!bdaddr_type_is_le(chan->src_type)) {
903 err = -EINVAL;
904 break;
905 }
906
907 /* Setting is not supported as it's the remote side that
908 * decides this.
909 */
910 err = -EPERM;
911 break;
912
913 case BT_RCVMTU:
914 if (!bdaddr_type_is_le(chan->src_type)) {
915 err = -EINVAL;
916 break;
917 }
918
919 if (sk->sk_state == BT_CONNECTED) {
920 err = -EISCONN;
921 break;
922 }
923
924 if (get_user(opt, (u32 __user *) optval)) {
925 err = -EFAULT;
926 break;
927 }
928
929 chan->imtu = opt;
930 break;
931
932 default:
933 err = -ENOPROTOOPT;
934 break;
935 }
936
937 release_sock(sk);
938 return err;
939 }
940
941 static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
942 struct msghdr *msg, size_t len)
943 {
944 struct sock *sk = sock->sk;
945 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
946 int err;
947
948 BT_DBG("sock %p, sk %p", sock, sk);
949
950 err = sock_error(sk);
951 if (err)
952 return err;
953
954 if (msg->msg_flags & MSG_OOB)
955 return -EOPNOTSUPP;
956
957 if (sk->sk_state != BT_CONNECTED)
958 return -ENOTCONN;
959
960 lock_sock(sk);
961 err = bt_sock_wait_ready(sk, msg->msg_flags);
962 release_sock(sk);
963 if (err)
964 return err;
965
966 l2cap_chan_lock(chan);
967 err = l2cap_chan_send(chan, msg, len);
968 l2cap_chan_unlock(chan);
969
970 return err;
971 }
972
973 static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
974 struct msghdr *msg, size_t len, int flags)
975 {
976 struct sock *sk = sock->sk;
977 struct l2cap_pinfo *pi = l2cap_pi(sk);
978 int err;
979
980 lock_sock(sk);
981
982 if (sk->sk_state == BT_CONNECT2 && test_bit(BT_SK_DEFER_SETUP,
983 &bt_sk(sk)->flags)) {
984 if (bdaddr_type_is_le(pi->chan->src_type)) {
985 sk->sk_state = BT_CONNECTED;
986 pi->chan->state = BT_CONNECTED;
987 __l2cap_le_connect_rsp_defer(pi->chan);
988 } else {
989 sk->sk_state = BT_CONFIG;
990 pi->chan->state = BT_CONFIG;
991 __l2cap_connect_rsp_defer(pi->chan);
992 }
993
994 err = 0;
995 goto done;
996 }
997
998 release_sock(sk);
999
1000 if (sock->type == SOCK_STREAM)
1001 err = bt_sock_stream_recvmsg(iocb, sock, msg, len, flags);
1002 else
1003 err = bt_sock_recvmsg(iocb, sock, msg, len, flags);
1004
1005 if (pi->chan->mode != L2CAP_MODE_ERTM)
1006 return err;
1007
1008 /* Attempt to put pending rx data in the socket buffer */
1009
1010 lock_sock(sk);
1011
1012 if (!test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state))
1013 goto done;
1014
1015 if (pi->rx_busy_skb) {
1016 if (!sock_queue_rcv_skb(sk, pi->rx_busy_skb))
1017 pi->rx_busy_skb = NULL;
1018 else
1019 goto done;
1020 }
1021
1022 /* Restore data flow when half of the receive buffer is
1023 * available. This avoids resending large numbers of
1024 * frames.
1025 */
1026 if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1)
1027 l2cap_chan_busy(pi->chan, 0);
1028
1029 done:
1030 release_sock(sk);
1031 return err;
1032 }
1033
1034 /* Kill socket (only if zapped and orphan)
1035 * Must be called on unlocked socket.
1036 */
1037 static void l2cap_sock_kill(struct sock *sk)
1038 {
1039 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
1040 return;
1041
1042 BT_DBG("sk %p state %s", sk, state_to_string(sk->sk_state));
1043
1044 /* Kill poor orphan */
1045
1046 l2cap_chan_put(l2cap_pi(sk)->chan);
1047 sock_set_flag(sk, SOCK_DEAD);
1048 sock_put(sk);
1049 }
1050
1051 static int __l2cap_wait_ack(struct sock *sk)
1052 {
1053 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
1054 DECLARE_WAITQUEUE(wait, current);
1055 int err = 0;
1056 int timeo = HZ/5;
1057
1058 add_wait_queue(sk_sleep(sk), &wait);
1059 set_current_state(TASK_INTERRUPTIBLE);
1060 while (chan->unacked_frames > 0 && chan->conn) {
1061 if (!timeo)
1062 timeo = HZ/5;
1063
1064 if (signal_pending(current)) {
1065 err = sock_intr_errno(timeo);
1066 break;
1067 }
1068
1069 release_sock(sk);
1070 timeo = schedule_timeout(timeo);
1071 lock_sock(sk);
1072 set_current_state(TASK_INTERRUPTIBLE);
1073
1074 err = sock_error(sk);
1075 if (err)
1076 break;
1077 }
1078 set_current_state(TASK_RUNNING);
1079 remove_wait_queue(sk_sleep(sk), &wait);
1080 return err;
1081 }
1082
1083 static int l2cap_sock_shutdown(struct socket *sock, int how)
1084 {
1085 struct sock *sk = sock->sk;
1086 struct l2cap_chan *chan;
1087 struct l2cap_conn *conn;
1088 int err = 0;
1089
1090 BT_DBG("sock %p, sk %p", sock, sk);
1091
1092 if (!sk)
1093 return 0;
1094
1095 chan = l2cap_pi(sk)->chan;
1096 conn = chan->conn;
1097
1098 if (conn)
1099 mutex_lock(&conn->chan_lock);
1100
1101 l2cap_chan_lock(chan);
1102 lock_sock(sk);
1103
1104 if (!sk->sk_shutdown) {
1105 if (chan->mode == L2CAP_MODE_ERTM)
1106 err = __l2cap_wait_ack(sk);
1107
1108 sk->sk_shutdown = SHUTDOWN_MASK;
1109
1110 release_sock(sk);
1111 l2cap_chan_close(chan, 0);
1112 lock_sock(sk);
1113
1114 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
1115 err = bt_sock_wait_state(sk, BT_CLOSED,
1116 sk->sk_lingertime);
1117 }
1118
1119 if (!err && sk->sk_err)
1120 err = -sk->sk_err;
1121
1122 release_sock(sk);
1123 l2cap_chan_unlock(chan);
1124
1125 if (conn)
1126 mutex_unlock(&conn->chan_lock);
1127
1128 return err;
1129 }
1130
1131 static int l2cap_sock_release(struct socket *sock)
1132 {
1133 struct sock *sk = sock->sk;
1134 int err;
1135
1136 BT_DBG("sock %p, sk %p", sock, sk);
1137
1138 if (!sk)
1139 return 0;
1140
1141 bt_sock_unlink(&l2cap_sk_list, sk);
1142
1143 err = l2cap_sock_shutdown(sock, 2);
1144
1145 sock_orphan(sk);
1146 l2cap_sock_kill(sk);
1147 return err;
1148 }
1149
1150 static void l2cap_sock_cleanup_listen(struct sock *parent)
1151 {
1152 struct sock *sk;
1153
1154 BT_DBG("parent %p", parent);
1155
1156 /* Close not yet accepted channels */
1157 while ((sk = bt_accept_dequeue(parent, NULL))) {
1158 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
1159
1160 l2cap_chan_lock(chan);
1161 __clear_chan_timer(chan);
1162 l2cap_chan_close(chan, ECONNRESET);
1163 l2cap_chan_unlock(chan);
1164
1165 l2cap_sock_kill(sk);
1166 }
1167 }
1168
1169 static struct l2cap_chan *l2cap_sock_new_connection_cb(struct l2cap_chan *chan)
1170 {
1171 struct sock *sk, *parent = chan->data;
1172
1173 lock_sock(parent);
1174
1175 /* Check for backlog size */
1176 if (sk_acceptq_is_full(parent)) {
1177 BT_DBG("backlog full %d", parent->sk_ack_backlog);
1178 release_sock(parent);
1179 return NULL;
1180 }
1181
1182 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP,
1183 GFP_ATOMIC);
1184 if (!sk) {
1185 release_sock(parent);
1186 return NULL;
1187 }
1188
1189 bt_sock_reclassify_lock(sk, BTPROTO_L2CAP);
1190
1191 l2cap_sock_init(sk, parent);
1192
1193 bt_accept_enqueue(parent, sk);
1194
1195 release_sock(parent);
1196
1197 return l2cap_pi(sk)->chan;
1198 }
1199
1200 static int l2cap_sock_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
1201 {
1202 struct sock *sk = chan->data;
1203 int err;
1204
1205 lock_sock(sk);
1206
1207 if (l2cap_pi(sk)->rx_busy_skb) {
1208 err = -ENOMEM;
1209 goto done;
1210 }
1211
1212 err = sock_queue_rcv_skb(sk, skb);
1213
1214 /* For ERTM, handle one skb that doesn't fit into the recv
1215 * buffer. This is important to do because the data frames
1216 * have already been acked, so the skb cannot be discarded.
1217 *
1218 * Notify the l2cap core that the buffer is full, so the
1219 * LOCAL_BUSY state is entered and no more frames are
1220 * acked and reassembled until there is buffer space
1221 * available.
1222 */
1223 if (err < 0 && chan->mode == L2CAP_MODE_ERTM) {
1224 l2cap_pi(sk)->rx_busy_skb = skb;
1225 l2cap_chan_busy(chan, 1);
1226 err = 0;
1227 }
1228
1229 done:
1230 release_sock(sk);
1231
1232 return err;
1233 }
1234
1235 static void l2cap_sock_close_cb(struct l2cap_chan *chan)
1236 {
1237 struct sock *sk = chan->data;
1238
1239 l2cap_sock_kill(sk);
1240 }
1241
1242 static void l2cap_sock_teardown_cb(struct l2cap_chan *chan, int err)
1243 {
1244 struct sock *sk = chan->data;
1245 struct sock *parent;
1246
1247 lock_sock(sk);
1248
1249 parent = bt_sk(sk)->parent;
1250
1251 sock_set_flag(sk, SOCK_ZAPPED);
1252
1253 switch (chan->state) {
1254 case BT_OPEN:
1255 case BT_BOUND:
1256 case BT_CLOSED:
1257 break;
1258 case BT_LISTEN:
1259 l2cap_sock_cleanup_listen(sk);
1260 sk->sk_state = BT_CLOSED;
1261 chan->state = BT_CLOSED;
1262
1263 break;
1264 default:
1265 sk->sk_state = BT_CLOSED;
1266 chan->state = BT_CLOSED;
1267
1268 sk->sk_err = err;
1269
1270 if (parent) {
1271 bt_accept_unlink(sk);
1272 parent->sk_data_ready(parent);
1273 } else {
1274 sk->sk_state_change(sk);
1275 }
1276
1277 break;
1278 }
1279
1280 release_sock(sk);
1281 }
1282
1283 static void l2cap_sock_state_change_cb(struct l2cap_chan *chan, int state,
1284 int err)
1285 {
1286 struct sock *sk = chan->data;
1287
1288 sk->sk_state = state;
1289
1290 if (err)
1291 sk->sk_err = err;
1292 }
1293
1294 static struct sk_buff *l2cap_sock_alloc_skb_cb(struct l2cap_chan *chan,
1295 unsigned long hdr_len,
1296 unsigned long len, int nb)
1297 {
1298 struct sock *sk = chan->data;
1299 struct sk_buff *skb;
1300 int err;
1301
1302 l2cap_chan_unlock(chan);
1303 skb = bt_skb_send_alloc(sk, hdr_len + len, nb, &err);
1304 l2cap_chan_lock(chan);
1305
1306 if (!skb)
1307 return ERR_PTR(err);
1308
1309 skb->priority = sk->sk_priority;
1310
1311 bt_cb(skb)->chan = chan;
1312
1313 return skb;
1314 }
1315
1316 static int l2cap_sock_memcpy_fromiovec_cb(struct l2cap_chan *chan,
1317 unsigned char *kdata,
1318 struct iovec *iov, int len)
1319 {
1320 return memcpy_fromiovec(kdata, iov, len);
1321 }
1322
1323 static void l2cap_sock_ready_cb(struct l2cap_chan *chan)
1324 {
1325 struct sock *sk = chan->data;
1326 struct sock *parent;
1327
1328 lock_sock(sk);
1329
1330 parent = bt_sk(sk)->parent;
1331
1332 BT_DBG("sk %p, parent %p", sk, parent);
1333
1334 sk->sk_state = BT_CONNECTED;
1335 sk->sk_state_change(sk);
1336
1337 if (parent)
1338 parent->sk_data_ready(parent);
1339
1340 release_sock(sk);
1341 }
1342
1343 static void l2cap_sock_defer_cb(struct l2cap_chan *chan)
1344 {
1345 struct sock *parent, *sk = chan->data;
1346
1347 lock_sock(sk);
1348
1349 parent = bt_sk(sk)->parent;
1350 if (parent)
1351 parent->sk_data_ready(parent);
1352
1353 release_sock(sk);
1354 }
1355
1356 static void l2cap_sock_resume_cb(struct l2cap_chan *chan)
1357 {
1358 struct sock *sk = chan->data;
1359
1360 clear_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
1361 sk->sk_state_change(sk);
1362 }
1363
1364 static void l2cap_sock_set_shutdown_cb(struct l2cap_chan *chan)
1365 {
1366 struct sock *sk = chan->data;
1367
1368 lock_sock(sk);
1369 sk->sk_shutdown = SHUTDOWN_MASK;
1370 release_sock(sk);
1371 }
1372
1373 static long l2cap_sock_get_sndtimeo_cb(struct l2cap_chan *chan)
1374 {
1375 struct sock *sk = chan->data;
1376
1377 return sk->sk_sndtimeo;
1378 }
1379
1380 static void l2cap_sock_suspend_cb(struct l2cap_chan *chan)
1381 {
1382 struct sock *sk = chan->data;
1383
1384 set_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
1385 sk->sk_state_change(sk);
1386 }
1387
1388 static const struct l2cap_ops l2cap_chan_ops = {
1389 .name = "L2CAP Socket Interface",
1390 .new_connection = l2cap_sock_new_connection_cb,
1391 .recv = l2cap_sock_recv_cb,
1392 .close = l2cap_sock_close_cb,
1393 .teardown = l2cap_sock_teardown_cb,
1394 .state_change = l2cap_sock_state_change_cb,
1395 .ready = l2cap_sock_ready_cb,
1396 .defer = l2cap_sock_defer_cb,
1397 .resume = l2cap_sock_resume_cb,
1398 .suspend = l2cap_sock_suspend_cb,
1399 .set_shutdown = l2cap_sock_set_shutdown_cb,
1400 .get_sndtimeo = l2cap_sock_get_sndtimeo_cb,
1401 .alloc_skb = l2cap_sock_alloc_skb_cb,
1402 .memcpy_fromiovec = l2cap_sock_memcpy_fromiovec_cb,
1403 };
1404
1405 static void l2cap_sock_destruct(struct sock *sk)
1406 {
1407 BT_DBG("sk %p", sk);
1408
1409 if (l2cap_pi(sk)->chan)
1410 l2cap_chan_put(l2cap_pi(sk)->chan);
1411
1412 if (l2cap_pi(sk)->rx_busy_skb) {
1413 kfree_skb(l2cap_pi(sk)->rx_busy_skb);
1414 l2cap_pi(sk)->rx_busy_skb = NULL;
1415 }
1416
1417 skb_queue_purge(&sk->sk_receive_queue);
1418 skb_queue_purge(&sk->sk_write_queue);
1419 }
1420
1421 static void l2cap_skb_msg_name(struct sk_buff *skb, void *msg_name,
1422 int *msg_namelen)
1423 {
1424 DECLARE_SOCKADDR(struct sockaddr_l2 *, la, msg_name);
1425
1426 memset(la, 0, sizeof(struct sockaddr_l2));
1427 la->l2_family = AF_BLUETOOTH;
1428 la->l2_psm = bt_cb(skb)->psm;
1429 bacpy(&la->l2_bdaddr, &bt_cb(skb)->bdaddr);
1430
1431 *msg_namelen = sizeof(struct sockaddr_l2);
1432 }
1433
1434 static void l2cap_sock_init(struct sock *sk, struct sock *parent)
1435 {
1436 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
1437
1438 BT_DBG("sk %p", sk);
1439
1440 if (parent) {
1441 struct l2cap_chan *pchan = l2cap_pi(parent)->chan;
1442
1443 sk->sk_type = parent->sk_type;
1444 bt_sk(sk)->flags = bt_sk(parent)->flags;
1445
1446 chan->chan_type = pchan->chan_type;
1447 chan->imtu = pchan->imtu;
1448 chan->omtu = pchan->omtu;
1449 chan->conf_state = pchan->conf_state;
1450 chan->mode = pchan->mode;
1451 chan->fcs = pchan->fcs;
1452 chan->max_tx = pchan->max_tx;
1453 chan->tx_win = pchan->tx_win;
1454 chan->tx_win_max = pchan->tx_win_max;
1455 chan->sec_level = pchan->sec_level;
1456 chan->flags = pchan->flags;
1457 chan->tx_credits = pchan->tx_credits;
1458 chan->rx_credits = pchan->rx_credits;
1459
1460 if (chan->chan_type == L2CAP_CHAN_FIXED) {
1461 chan->scid = pchan->scid;
1462 chan->dcid = pchan->scid;
1463 }
1464
1465 security_sk_clone(parent, sk);
1466 } else {
1467 switch (sk->sk_type) {
1468 case SOCK_RAW:
1469 chan->chan_type = L2CAP_CHAN_RAW;
1470 break;
1471 case SOCK_DGRAM:
1472 chan->chan_type = L2CAP_CHAN_CONN_LESS;
1473 bt_sk(sk)->skb_msg_name = l2cap_skb_msg_name;
1474 break;
1475 case SOCK_SEQPACKET:
1476 case SOCK_STREAM:
1477 chan->chan_type = L2CAP_CHAN_CONN_ORIENTED;
1478 break;
1479 }
1480
1481 chan->imtu = L2CAP_DEFAULT_MTU;
1482 chan->omtu = 0;
1483 if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
1484 chan->mode = L2CAP_MODE_ERTM;
1485 set_bit(CONF_STATE2_DEVICE, &chan->conf_state);
1486 } else {
1487 chan->mode = L2CAP_MODE_BASIC;
1488 }
1489
1490 l2cap_chan_set_defaults(chan);
1491 }
1492
1493 /* Default config options */
1494 chan->flush_to = L2CAP_DEFAULT_FLUSH_TO;
1495
1496 chan->data = sk;
1497 chan->ops = &l2cap_chan_ops;
1498 }
1499
1500 static struct proto l2cap_proto = {
1501 .name = "L2CAP",
1502 .owner = THIS_MODULE,
1503 .obj_size = sizeof(struct l2cap_pinfo)
1504 };
1505
1506 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock,
1507 int proto, gfp_t prio)
1508 {
1509 struct sock *sk;
1510 struct l2cap_chan *chan;
1511
1512 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
1513 if (!sk)
1514 return NULL;
1515
1516 sock_init_data(sock, sk);
1517 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
1518
1519 sk->sk_destruct = l2cap_sock_destruct;
1520 sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;
1521
1522 sock_reset_flag(sk, SOCK_ZAPPED);
1523
1524 sk->sk_protocol = proto;
1525 sk->sk_state = BT_OPEN;
1526
1527 chan = l2cap_chan_create();
1528 if (!chan) {
1529 sk_free(sk);
1530 return NULL;
1531 }
1532
1533 l2cap_chan_hold(chan);
1534
1535 l2cap_pi(sk)->chan = chan;
1536
1537 return sk;
1538 }
1539
1540 static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
1541 int kern)
1542 {
1543 struct sock *sk;
1544
1545 BT_DBG("sock %p", sock);
1546
1547 sock->state = SS_UNCONNECTED;
1548
1549 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
1550 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
1551 return -ESOCKTNOSUPPORT;
1552
1553 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
1554 return -EPERM;
1555
1556 sock->ops = &l2cap_sock_ops;
1557
1558 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
1559 if (!sk)
1560 return -ENOMEM;
1561
1562 l2cap_sock_init(sk, NULL);
1563 bt_sock_link(&l2cap_sk_list, sk);
1564 return 0;
1565 }
1566
1567 static const struct proto_ops l2cap_sock_ops = {
1568 .family = PF_BLUETOOTH,
1569 .owner = THIS_MODULE,
1570 .release = l2cap_sock_release,
1571 .bind = l2cap_sock_bind,
1572 .connect = l2cap_sock_connect,
1573 .listen = l2cap_sock_listen,
1574 .accept = l2cap_sock_accept,
1575 .getname = l2cap_sock_getname,
1576 .sendmsg = l2cap_sock_sendmsg,
1577 .recvmsg = l2cap_sock_recvmsg,
1578 .poll = bt_sock_poll,
1579 .ioctl = bt_sock_ioctl,
1580 .mmap = sock_no_mmap,
1581 .socketpair = sock_no_socketpair,
1582 .shutdown = l2cap_sock_shutdown,
1583 .setsockopt = l2cap_sock_setsockopt,
1584 .getsockopt = l2cap_sock_getsockopt
1585 };
1586
1587 static const struct net_proto_family l2cap_sock_family_ops = {
1588 .family = PF_BLUETOOTH,
1589 .owner = THIS_MODULE,
1590 .create = l2cap_sock_create,
1591 };
1592
1593 int __init l2cap_init_sockets(void)
1594 {
1595 int err;
1596
1597 err = proto_register(&l2cap_proto, 0);
1598 if (err < 0)
1599 return err;
1600
1601 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
1602 if (err < 0) {
1603 BT_ERR("L2CAP socket registration failed");
1604 goto error;
1605 }
1606
1607 err = bt_procfs_init(&init_net, "l2cap", &l2cap_sk_list,
1608 NULL);
1609 if (err < 0) {
1610 BT_ERR("Failed to create L2CAP proc file");
1611 bt_sock_unregister(BTPROTO_L2CAP);
1612 goto error;
1613 }
1614
1615 BT_INFO("L2CAP socket layer initialized");
1616
1617 return 0;
1618
1619 error:
1620 proto_unregister(&l2cap_proto);
1621 return err;
1622 }
1623
1624 void l2cap_cleanup_sockets(void)
1625 {
1626 bt_procfs_cleanup(&init_net, "l2cap");
1627 bt_sock_unregister(BTPROTO_L2CAP);
1628 proto_unregister(&l2cap_proto);
1629 }
Linux kernel - Deliverables
This page took 0.110097 seconds and 5 git commands to generate.