1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * BlueZ - Bluetooth protocol stack for Linux
4 *
5 * Copyright (C) 2022 Intel Corporation
6 * Copyright 2023 NXP
7 */
8
9 #include <linux/module.h>
10 #include <linux/debugfs.h>
11 #include <linux/seq_file.h>
12 #include <linux/sched/signal.h>
13
14 #include <net/bluetooth/bluetooth.h>
15 #include <net/bluetooth/hci_core.h>
16 #include <net/bluetooth/iso.h>
17
18 static const struct proto_ops iso_sock_ops;
19
20 static struct bt_sock_list iso_sk_list = {
21 .lock = __RW_LOCK_UNLOCKED(iso_sk_list.lock)
22 };
23
24 /* ---- ISO connections ---- */
25 struct iso_conn {
26 struct hci_conn *hcon;
27
28 /* @lock: spinlock protecting changes to iso_conn fields */
29 spinlock_t lock;
30 struct sock *sk;
31
32 struct delayed_work timeout_work;
33
34 struct sk_buff *rx_skb;
35 __u32 rx_len;
36 __u16 tx_sn;
37 };
38
39 #define iso_conn_lock(c) spin_lock(&(c)->lock)
40 #define iso_conn_unlock(c) spin_unlock(&(c)->lock)
41
42 static void iso_sock_close(struct sock *sk);
43 static void iso_sock_kill(struct sock *sk);
44
45 /* ----- ISO socket info ----- */
46 #define iso_pi(sk) ((struct iso_pinfo *)sk)
47
48 #define EIR_SERVICE_DATA_LENGTH 4
49 #define BASE_MAX_LENGTH (HCI_MAX_PER_AD_LENGTH - EIR_SERVICE_DATA_LENGTH)
50
51 /* iso_pinfo flags values */
52 enum {
53 BT_SK_BIG_SYNC,
54 BT_SK_PA_SYNC,
55 BT_SK_PA_SYNC_TERM,
56 };
57
58 struct iso_pinfo {
59 struct bt_sock bt;
60 bdaddr_t src;
61 __u8 src_type;
62 bdaddr_t dst;
63 __u8 dst_type;
64 __u8 bc_sid;
65 __u8 bc_num_bis;
66 __u8 bc_bis[ISO_MAX_NUM_BIS];
67 __u16 sync_handle;
68 unsigned long flags;
69 struct bt_iso_qos qos;
70 bool qos_user_set;
71 __u8 base_len;
72 __u8 base[BASE_MAX_LENGTH];
73 struct iso_conn *conn;
74 };
75
76 static struct bt_iso_qos default_qos;
77
78 static bool check_ucast_qos(struct bt_iso_qos *qos);
79 static bool check_bcast_qos(struct bt_iso_qos *qos);
80 static bool iso_match_sid(struct sock *sk, void *data);
81 static bool iso_match_sync_handle(struct sock *sk, void *data);
82 static void iso_sock_disconn(struct sock *sk);
83
84 typedef bool (*iso_sock_match_t)(struct sock *sk, void *data);
85
86 static struct sock *iso_get_sock_listen(bdaddr_t *src, bdaddr_t *dst,
87 iso_sock_match_t match, void *data);
88
89 /* ---- ISO timers ---- */
90 #define ISO_CONN_TIMEOUT (HZ * 40)
91 #define ISO_DISCONN_TIMEOUT (HZ * 2)
92
iso_sock_hold(struct iso_conn * conn)93 static struct sock *iso_sock_hold(struct iso_conn *conn)
94 {
95 if (!conn || !bt_sock_linked(&iso_sk_list, conn->sk))
96 return NULL;
97
98 sock_hold(conn->sk);
99
100 return conn->sk;
101 }
102
iso_sock_timeout(struct work_struct * work)103 static void iso_sock_timeout(struct work_struct *work)
104 {
105 struct iso_conn *conn = container_of(work, struct iso_conn,
106 timeout_work.work);
107 struct sock *sk;
108
109 iso_conn_lock(conn);
110 sk = iso_sock_hold(conn);
111 iso_conn_unlock(conn);
112
113 if (!sk)
114 return;
115
116 BT_DBG("sock %p state %d", sk, sk->sk_state);
117
118 lock_sock(sk);
119 sk->sk_err = ETIMEDOUT;
120 sk->sk_state_change(sk);
121 release_sock(sk);
122 sock_put(sk);
123 }
124
iso_sock_set_timer(struct sock * sk,long timeout)125 static void iso_sock_set_timer(struct sock *sk, long timeout)
126 {
127 if (!iso_pi(sk)->conn)
128 return;
129
130 BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout);
131 cancel_delayed_work(&iso_pi(sk)->conn->timeout_work);
132 schedule_delayed_work(&iso_pi(sk)->conn->timeout_work, timeout);
133 }
134
iso_sock_clear_timer(struct sock * sk)135 static void iso_sock_clear_timer(struct sock *sk)
136 {
137 if (!iso_pi(sk)->conn)
138 return;
139
140 BT_DBG("sock %p state %d", sk, sk->sk_state);
141 cancel_delayed_work(&iso_pi(sk)->conn->timeout_work);
142 }
143
144 /* ---- ISO connections ---- */
iso_conn_add(struct hci_conn * hcon)145 static struct iso_conn *iso_conn_add(struct hci_conn *hcon)
146 {
147 struct iso_conn *conn = hcon->iso_data;
148
149 if (conn) {
150 if (!conn->hcon)
151 conn->hcon = hcon;
152 return conn;
153 }
154
155 conn = kzalloc(sizeof(*conn), GFP_KERNEL);
156 if (!conn)
157 return NULL;
158
159 spin_lock_init(&conn->lock);
160 INIT_DELAYED_WORK(&conn->timeout_work, iso_sock_timeout);
161
162 hcon->iso_data = conn;
163 conn->hcon = hcon;
164 conn->tx_sn = 0;
165
166 BT_DBG("hcon %p conn %p", hcon, conn);
167
168 return conn;
169 }
170
171 /* Delete channel. Must be called on the locked socket. */
iso_chan_del(struct sock * sk,int err)172 static void iso_chan_del(struct sock *sk, int err)
173 {
174 struct iso_conn *conn;
175 struct sock *parent;
176
177 conn = iso_pi(sk)->conn;
178
179 BT_DBG("sk %p, conn %p, err %d", sk, conn, err);
180
181 if (conn) {
182 iso_conn_lock(conn);
183 conn->sk = NULL;
184 iso_pi(sk)->conn = NULL;
185 iso_conn_unlock(conn);
186
187 if (conn->hcon)
188 hci_conn_drop(conn->hcon);
189 }
190
191 sk->sk_state = BT_CLOSED;
192 sk->sk_err = err;
193
194 parent = bt_sk(sk)->parent;
195 if (parent) {
196 bt_accept_unlink(sk);
197 parent->sk_data_ready(parent);
198 } else {
199 sk->sk_state_change(sk);
200 }
201
202 sock_set_flag(sk, SOCK_ZAPPED);
203 }
204
iso_match_conn_sync_handle(struct sock * sk,void * data)205 static bool iso_match_conn_sync_handle(struct sock *sk, void *data)
206 {
207 struct hci_conn *hcon = data;
208
209 if (test_bit(BT_SK_PA_SYNC, &iso_pi(sk)->flags))
210 return false;
211
212 return hcon->sync_handle == iso_pi(sk)->sync_handle;
213 }
214
iso_conn_del(struct hci_conn * hcon,int err)215 static void iso_conn_del(struct hci_conn *hcon, int err)
216 {
217 struct iso_conn *conn = hcon->iso_data;
218 struct sock *sk;
219 struct sock *parent;
220
221 if (!conn)
222 return;
223
224 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err);
225
226 /* Kill socket */
227 iso_conn_lock(conn);
228 sk = iso_sock_hold(conn);
229 iso_conn_unlock(conn);
230
231 if (sk) {
232 lock_sock(sk);
233
234 /* While a PA sync hcon is in the process of closing,
235 * mark parent socket with a flag, so that any residual
236 * BIGInfo adv reports that arrive before PA sync is
237 * terminated are not processed anymore.
238 */
239 if (test_bit(BT_SK_PA_SYNC, &iso_pi(sk)->flags)) {
240 parent = iso_get_sock_listen(&hcon->src,
241 &hcon->dst,
242 iso_match_conn_sync_handle,
243 hcon);
244
245 if (parent) {
246 set_bit(BT_SK_PA_SYNC_TERM,
247 &iso_pi(parent)->flags);
248 sock_put(parent);
249 }
250 }
251
252 iso_sock_clear_timer(sk);
253 iso_chan_del(sk, err);
254 release_sock(sk);
255 sock_put(sk);
256 }
257
258 /* Ensure no more work items will run before freeing conn. */
259 cancel_delayed_work_sync(&conn->timeout_work);
260
261 hcon->iso_data = NULL;
262 kfree(conn);
263 }
264
__iso_chan_add(struct iso_conn * conn,struct sock * sk,struct sock * parent)265 static int __iso_chan_add(struct iso_conn *conn, struct sock *sk,
266 struct sock *parent)
267 {
268 BT_DBG("conn %p", conn);
269
270 if (iso_pi(sk)->conn == conn && conn->sk == sk)
271 return 0;
272
273 if (conn->sk) {
274 BT_ERR("conn->sk already set");
275 return -EBUSY;
276 }
277
278 iso_pi(sk)->conn = conn;
279 conn->sk = sk;
280
281 if (parent)
282 bt_accept_enqueue(parent, sk, true);
283
284 return 0;
285 }
286
iso_chan_add(struct iso_conn * conn,struct sock * sk,struct sock * parent)287 static int iso_chan_add(struct iso_conn *conn, struct sock *sk,
288 struct sock *parent)
289 {
290 int err;
291
292 iso_conn_lock(conn);
293 err = __iso_chan_add(conn, sk, parent);
294 iso_conn_unlock(conn);
295
296 return err;
297 }
298
le_addr_type(u8 bdaddr_type)299 static inline u8 le_addr_type(u8 bdaddr_type)
300 {
301 if (bdaddr_type == BDADDR_LE_PUBLIC)
302 return ADDR_LE_DEV_PUBLIC;
303 else
304 return ADDR_LE_DEV_RANDOM;
305 }
306
iso_connect_bis(struct sock * sk)307 static int iso_connect_bis(struct sock *sk)
308 {
309 struct iso_conn *conn;
310 struct hci_conn *hcon;
311 struct hci_dev *hdev;
312 int err;
313
314 BT_DBG("%pMR", &iso_pi(sk)->src);
315
316 hdev = hci_get_route(&iso_pi(sk)->dst, &iso_pi(sk)->src,
317 iso_pi(sk)->src_type);
318 if (!hdev)
319 return -EHOSTUNREACH;
320
321 hci_dev_lock(hdev);
322
323 if (!bis_capable(hdev)) {
324 err = -EOPNOTSUPP;
325 goto unlock;
326 }
327
328 /* Fail if user set invalid QoS */
329 if (iso_pi(sk)->qos_user_set && !check_bcast_qos(&iso_pi(sk)->qos)) {
330 iso_pi(sk)->qos = default_qos;
331 err = -EINVAL;
332 goto unlock;
333 }
334
335 /* Fail if out PHYs are marked as disabled */
336 if (!iso_pi(sk)->qos.bcast.out.phy) {
337 err = -EINVAL;
338 goto unlock;
339 }
340
341 /* Just bind if DEFER_SETUP has been set */
342 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
343 hcon = hci_bind_bis(hdev, &iso_pi(sk)->dst,
344 &iso_pi(sk)->qos, iso_pi(sk)->base_len,
345 iso_pi(sk)->base);
346 if (IS_ERR(hcon)) {
347 err = PTR_ERR(hcon);
348 goto unlock;
349 }
350 } else {
351 hcon = hci_connect_bis(hdev, &iso_pi(sk)->dst,
352 le_addr_type(iso_pi(sk)->dst_type),
353 &iso_pi(sk)->qos, iso_pi(sk)->base_len,
354 iso_pi(sk)->base);
355 if (IS_ERR(hcon)) {
356 err = PTR_ERR(hcon);
357 goto unlock;
358 }
359 }
360
361 conn = iso_conn_add(hcon);
362 if (!conn) {
363 hci_conn_drop(hcon);
364 err = -ENOMEM;
365 goto unlock;
366 }
367
368 lock_sock(sk);
369
370 err = iso_chan_add(conn, sk, NULL);
371 if (err) {
372 release_sock(sk);
373 goto unlock;
374 }
375
376 /* Update source addr of the socket */
377 bacpy(&iso_pi(sk)->src, &hcon->src);
378
379 if (hcon->state == BT_CONNECTED) {
380 iso_sock_clear_timer(sk);
381 sk->sk_state = BT_CONNECTED;
382 } else if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
383 iso_sock_clear_timer(sk);
384 sk->sk_state = BT_CONNECT;
385 } else {
386 sk->sk_state = BT_CONNECT;
387 iso_sock_set_timer(sk, sk->sk_sndtimeo);
388 }
389
390 release_sock(sk);
391
392 unlock:
393 hci_dev_unlock(hdev);
394 hci_dev_put(hdev);
395 return err;
396 }
397
iso_connect_cis(struct sock * sk)398 static int iso_connect_cis(struct sock *sk)
399 {
400 struct iso_conn *conn;
401 struct hci_conn *hcon;
402 struct hci_dev *hdev;
403 int err;
404
405 BT_DBG("%pMR -> %pMR", &iso_pi(sk)->src, &iso_pi(sk)->dst);
406
407 hdev = hci_get_route(&iso_pi(sk)->dst, &iso_pi(sk)->src,
408 iso_pi(sk)->src_type);
409 if (!hdev)
410 return -EHOSTUNREACH;
411
412 hci_dev_lock(hdev);
413
414 if (!cis_central_capable(hdev)) {
415 err = -EOPNOTSUPP;
416 goto unlock;
417 }
418
419 /* Fail if user set invalid QoS */
420 if (iso_pi(sk)->qos_user_set && !check_ucast_qos(&iso_pi(sk)->qos)) {
421 iso_pi(sk)->qos = default_qos;
422 err = -EINVAL;
423 goto unlock;
424 }
425
426 /* Fail if either PHYs are marked as disabled */
427 if (!iso_pi(sk)->qos.ucast.in.phy && !iso_pi(sk)->qos.ucast.out.phy) {
428 err = -EINVAL;
429 goto unlock;
430 }
431
432 /* Just bind if DEFER_SETUP has been set */
433 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
434 hcon = hci_bind_cis(hdev, &iso_pi(sk)->dst,
435 le_addr_type(iso_pi(sk)->dst_type),
436 &iso_pi(sk)->qos);
437 if (IS_ERR(hcon)) {
438 err = PTR_ERR(hcon);
439 goto unlock;
440 }
441 } else {
442 hcon = hci_connect_cis(hdev, &iso_pi(sk)->dst,
443 le_addr_type(iso_pi(sk)->dst_type),
444 &iso_pi(sk)->qos);
445 if (IS_ERR(hcon)) {
446 err = PTR_ERR(hcon);
447 goto unlock;
448 }
449 }
450
451 conn = iso_conn_add(hcon);
452 if (!conn) {
453 hci_conn_drop(hcon);
454 err = -ENOMEM;
455 goto unlock;
456 }
457
458 lock_sock(sk);
459
460 err = iso_chan_add(conn, sk, NULL);
461 if (err) {
462 release_sock(sk);
463 goto unlock;
464 }
465
466 /* Update source addr of the socket */
467 bacpy(&iso_pi(sk)->src, &hcon->src);
468
469 if (hcon->state == BT_CONNECTED) {
470 iso_sock_clear_timer(sk);
471 sk->sk_state = BT_CONNECTED;
472 } else if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
473 iso_sock_clear_timer(sk);
474 sk->sk_state = BT_CONNECT;
475 } else {
476 sk->sk_state = BT_CONNECT;
477 iso_sock_set_timer(sk, sk->sk_sndtimeo);
478 }
479
480 release_sock(sk);
481
482 unlock:
483 hci_dev_unlock(hdev);
484 hci_dev_put(hdev);
485 return err;
486 }
487
iso_sock_get_qos(struct sock * sk)488 static struct bt_iso_qos *iso_sock_get_qos(struct sock *sk)
489 {
490 if (sk->sk_state == BT_CONNECTED || sk->sk_state == BT_CONNECT2)
491 return &iso_pi(sk)->conn->hcon->iso_qos;
492
493 return &iso_pi(sk)->qos;
494 }
495
iso_send_frame(struct sock * sk,struct sk_buff * skb)496 static int iso_send_frame(struct sock *sk, struct sk_buff *skb)
497 {
498 struct iso_conn *conn = iso_pi(sk)->conn;
499 struct bt_iso_qos *qos = iso_sock_get_qos(sk);
500 struct hci_iso_data_hdr *hdr;
501 int len = 0;
502
503 BT_DBG("sk %p len %d", sk, skb->len);
504
505 if (skb->len > qos->ucast.out.sdu)
506 return -EMSGSIZE;
507
508 len = skb->len;
509
510 /* Push ISO data header */
511 hdr = skb_push(skb, HCI_ISO_DATA_HDR_SIZE);
512 hdr->sn = cpu_to_le16(conn->tx_sn++);
513 hdr->slen = cpu_to_le16(hci_iso_data_len_pack(len,
514 HCI_ISO_STATUS_VALID));
515
516 if (sk->sk_state == BT_CONNECTED)
517 hci_send_iso(conn->hcon, skb);
518 else
519 len = -ENOTCONN;
520
521 return len;
522 }
523
iso_recv_frame(struct iso_conn * conn,struct sk_buff * skb)524 static void iso_recv_frame(struct iso_conn *conn, struct sk_buff *skb)
525 {
526 struct sock *sk;
527
528 iso_conn_lock(conn);
529 sk = conn->sk;
530 iso_conn_unlock(conn);
531
532 if (!sk)
533 goto drop;
534
535 BT_DBG("sk %p len %d", sk, skb->len);
536
537 if (sk->sk_state != BT_CONNECTED)
538 goto drop;
539
540 if (!sock_queue_rcv_skb(sk, skb))
541 return;
542
543 drop:
544 kfree_skb(skb);
545 }
546
547 /* -------- Socket interface ---------- */
__iso_get_sock_listen_by_addr(bdaddr_t * src,bdaddr_t * dst)548 static struct sock *__iso_get_sock_listen_by_addr(bdaddr_t *src, bdaddr_t *dst)
549 {
550 struct sock *sk;
551
552 sk_for_each(sk, &iso_sk_list.head) {
553 if (sk->sk_state != BT_LISTEN)
554 continue;
555
556 if (bacmp(&iso_pi(sk)->dst, dst))
557 continue;
558
559 if (!bacmp(&iso_pi(sk)->src, src))
560 return sk;
561 }
562
563 return NULL;
564 }
565
__iso_get_sock_listen_by_sid(bdaddr_t * ba,bdaddr_t * bc,__u8 sid)566 static struct sock *__iso_get_sock_listen_by_sid(bdaddr_t *ba, bdaddr_t *bc,
567 __u8 sid)
568 {
569 struct sock *sk;
570
571 sk_for_each(sk, &iso_sk_list.head) {
572 if (sk->sk_state != BT_LISTEN)
573 continue;
574
575 if (bacmp(&iso_pi(sk)->src, ba))
576 continue;
577
578 if (bacmp(&iso_pi(sk)->dst, bc))
579 continue;
580
581 if (iso_pi(sk)->bc_sid == sid)
582 return sk;
583 }
584
585 return NULL;
586 }
587
588 /* Find socket listening:
589 * source bdaddr (Unicast)
590 * destination bdaddr (Broadcast only)
591 * match func - pass NULL to ignore
592 * match func data - pass -1 to ignore
593 * Returns closest match.
594 */
iso_get_sock_listen(bdaddr_t * src,bdaddr_t * dst,iso_sock_match_t match,void * data)595 static struct sock *iso_get_sock_listen(bdaddr_t *src, bdaddr_t *dst,
596 iso_sock_match_t match, void *data)
597 {
598 struct sock *sk = NULL, *sk1 = NULL;
599
600 read_lock(&iso_sk_list.lock);
601
602 sk_for_each(sk, &iso_sk_list.head) {
603 if (sk->sk_state != BT_LISTEN)
604 continue;
605
606 /* Match Broadcast destination */
607 if (bacmp(dst, BDADDR_ANY) && bacmp(&iso_pi(sk)->dst, dst))
608 continue;
609
610 /* Use Match function if provided */
611 if (match && !match(sk, data))
612 continue;
613
614 /* Exact match. */
615 if (!bacmp(&iso_pi(sk)->src, src))
616 break;
617
618 /* Closest match */
619 if (!bacmp(&iso_pi(sk)->src, BDADDR_ANY))
620 sk1 = sk;
621 }
622
623 read_unlock(&iso_sk_list.lock);
624
625 return sk ? sk : sk1;
626 }
627
iso_sock_destruct(struct sock * sk)628 static void iso_sock_destruct(struct sock *sk)
629 {
630 BT_DBG("sk %p", sk);
631
632 skb_queue_purge(&sk->sk_receive_queue);
633 skb_queue_purge(&sk->sk_write_queue);
634 }
635
iso_sock_cleanup_listen(struct sock * parent)636 static void iso_sock_cleanup_listen(struct sock *parent)
637 {
638 struct sock *sk;
639
640 BT_DBG("parent %p", parent);
641
642 /* Close not yet accepted channels */
643 while ((sk = bt_accept_dequeue(parent, NULL))) {
644 iso_sock_close(sk);
645 iso_sock_kill(sk);
646 }
647
648 /* If listening socket stands for a PA sync connection,
649 * properly disconnect the hcon and socket.
650 */
651 if (iso_pi(parent)->conn && iso_pi(parent)->conn->hcon &&
652 test_bit(HCI_CONN_PA_SYNC, &iso_pi(parent)->conn->hcon->flags)) {
653 iso_sock_disconn(parent);
654 return;
655 }
656
657 parent->sk_state = BT_CLOSED;
658 sock_set_flag(parent, SOCK_ZAPPED);
659 }
660
661 /* Kill socket (only if zapped and orphan)
662 * Must be called on unlocked socket.
663 */
iso_sock_kill(struct sock * sk)664 static void iso_sock_kill(struct sock *sk)
665 {
666 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket ||
667 sock_flag(sk, SOCK_DEAD))
668 return;
669
670 BT_DBG("sk %p state %d", sk, sk->sk_state);
671
672 /* Kill poor orphan */
673 bt_sock_unlink(&iso_sk_list, sk);
674 sock_set_flag(sk, SOCK_DEAD);
675 sock_put(sk);
676 }
677
iso_sock_disconn(struct sock * sk)678 static void iso_sock_disconn(struct sock *sk)
679 {
680 sk->sk_state = BT_DISCONN;
681 iso_sock_set_timer(sk, ISO_DISCONN_TIMEOUT);
682 iso_conn_lock(iso_pi(sk)->conn);
683 hci_conn_drop(iso_pi(sk)->conn->hcon);
684 iso_pi(sk)->conn->hcon = NULL;
685 iso_conn_unlock(iso_pi(sk)->conn);
686 }
687
__iso_sock_close(struct sock * sk)688 static void __iso_sock_close(struct sock *sk)
689 {
690 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
691
692 switch (sk->sk_state) {
693 case BT_LISTEN:
694 iso_sock_cleanup_listen(sk);
695 break;
696
697 case BT_CONNECT:
698 case BT_CONNECTED:
699 case BT_CONFIG:
700 if (iso_pi(sk)->conn->hcon)
701 iso_sock_disconn(sk);
702 else
703 iso_chan_del(sk, ECONNRESET);
704 break;
705
706 case BT_CONNECT2:
707 if (iso_pi(sk)->conn->hcon &&
708 (test_bit(HCI_CONN_PA_SYNC, &iso_pi(sk)->conn->hcon->flags) ||
709 test_bit(HCI_CONN_PA_SYNC_FAILED, &iso_pi(sk)->conn->hcon->flags)))
710 iso_sock_disconn(sk);
711 else
712 iso_chan_del(sk, ECONNRESET);
713 break;
714 case BT_DISCONN:
715 iso_chan_del(sk, ECONNRESET);
716 break;
717
718 default:
719 sock_set_flag(sk, SOCK_ZAPPED);
720 break;
721 }
722 }
723
724 /* Must be called on unlocked socket. */
iso_sock_close(struct sock * sk)725 static void iso_sock_close(struct sock *sk)
726 {
727 iso_sock_clear_timer(sk);
728 lock_sock(sk);
729 __iso_sock_close(sk);
730 release_sock(sk);
731 iso_sock_kill(sk);
732 }
733
iso_sock_init(struct sock * sk,struct sock * parent)734 static void iso_sock_init(struct sock *sk, struct sock *parent)
735 {
736 BT_DBG("sk %p", sk);
737
738 if (parent) {
739 sk->sk_type = parent->sk_type;
740 bt_sk(sk)->flags = bt_sk(parent)->flags;
741 security_sk_clone(parent, sk);
742 }
743 }
744
745 static struct proto iso_proto = {
746 .name = "ISO",
747 .owner = THIS_MODULE,
748 .obj_size = sizeof(struct iso_pinfo)
749 };
750
751 #define DEFAULT_IO_QOS \
752 { \
753 .interval = 10000u, \
754 .latency = 10u, \
755 .sdu = 40u, \
756 .phy = BT_ISO_PHY_2M, \
757 .rtn = 2u, \
758 }
759
760 static struct bt_iso_qos default_qos = {
761 .bcast = {
762 .big = BT_ISO_QOS_BIG_UNSET,
763 .bis = BT_ISO_QOS_BIS_UNSET,
764 .sync_factor = 0x01,
765 .packing = 0x00,
766 .framing = 0x00,
767 .in = DEFAULT_IO_QOS,
768 .out = DEFAULT_IO_QOS,
769 .encryption = 0x00,
770 .bcode = {0x00},
771 .options = 0x00,
772 .skip = 0x0000,
773 .sync_timeout = BT_ISO_SYNC_TIMEOUT,
774 .sync_cte_type = 0x00,
775 .mse = 0x00,
776 .timeout = BT_ISO_SYNC_TIMEOUT,
777 },
778 };
779
iso_sock_alloc(struct net * net,struct socket * sock,int proto,gfp_t prio,int kern)780 static struct sock *iso_sock_alloc(struct net *net, struct socket *sock,
781 int proto, gfp_t prio, int kern)
782 {
783 struct sock *sk;
784
785 sk = bt_sock_alloc(net, sock, &iso_proto, proto, prio, kern);
786 if (!sk)
787 return NULL;
788
789 sk->sk_destruct = iso_sock_destruct;
790 sk->sk_sndtimeo = ISO_CONN_TIMEOUT;
791
792 /* Set address type as public as default src address is BDADDR_ANY */
793 iso_pi(sk)->src_type = BDADDR_LE_PUBLIC;
794
795 iso_pi(sk)->qos = default_qos;
796
797 bt_sock_link(&iso_sk_list, sk);
798 return sk;
799 }
800
iso_sock_create(struct net * net,struct socket * sock,int protocol,int kern)801 static int iso_sock_create(struct net *net, struct socket *sock, int protocol,
802 int kern)
803 {
804 struct sock *sk;
805
806 BT_DBG("sock %p", sock);
807
808 sock->state = SS_UNCONNECTED;
809
810 if (sock->type != SOCK_SEQPACKET)
811 return -ESOCKTNOSUPPORT;
812
813 sock->ops = &iso_sock_ops;
814
815 sk = iso_sock_alloc(net, sock, protocol, GFP_ATOMIC, kern);
816 if (!sk)
817 return -ENOMEM;
818
819 iso_sock_init(sk, NULL);
820 return 0;
821 }
822
iso_sock_bind_bc(struct socket * sock,struct sockaddr * addr,int addr_len)823 static int iso_sock_bind_bc(struct socket *sock, struct sockaddr *addr,
824 int addr_len)
825 {
826 struct sockaddr_iso *sa = (struct sockaddr_iso *)addr;
827 struct sock *sk = sock->sk;
828 int i;
829
830 BT_DBG("sk %p bc_sid %u bc_num_bis %u", sk, sa->iso_bc->bc_sid,
831 sa->iso_bc->bc_num_bis);
832
833 if (addr_len > sizeof(*sa) + sizeof(*sa->iso_bc) ||
834 sa->iso_bc->bc_num_bis < 0x01 || sa->iso_bc->bc_num_bis > 0x1f)
835 return -EINVAL;
836
837 bacpy(&iso_pi(sk)->dst, &sa->iso_bc->bc_bdaddr);
838 iso_pi(sk)->dst_type = sa->iso_bc->bc_bdaddr_type;
839 iso_pi(sk)->sync_handle = -1;
840 iso_pi(sk)->bc_sid = sa->iso_bc->bc_sid;
841 iso_pi(sk)->bc_num_bis = sa->iso_bc->bc_num_bis;
842
843 for (i = 0; i < iso_pi(sk)->bc_num_bis; i++) {
844 if (sa->iso_bc->bc_bis[i] < 0x01 ||
845 sa->iso_bc->bc_bis[i] > 0x1f)
846 return -EINVAL;
847
848 memcpy(iso_pi(sk)->bc_bis, sa->iso_bc->bc_bis,
849 iso_pi(sk)->bc_num_bis);
850 }
851
852 return 0;
853 }
854
iso_sock_bind(struct socket * sock,struct sockaddr * addr,int addr_len)855 static int iso_sock_bind(struct socket *sock, struct sockaddr *addr,
856 int addr_len)
857 {
858 struct sockaddr_iso *sa = (struct sockaddr_iso *)addr;
859 struct sock *sk = sock->sk;
860 int err = 0;
861
862 BT_DBG("sk %p %pMR type %u", sk, &sa->iso_bdaddr, sa->iso_bdaddr_type);
863
864 if (!addr || addr_len < sizeof(struct sockaddr_iso) ||
865 addr->sa_family != AF_BLUETOOTH)
866 return -EINVAL;
867
868 lock_sock(sk);
869
870 if (sk->sk_state != BT_OPEN) {
871 err = -EBADFD;
872 goto done;
873 }
874
875 if (sk->sk_type != SOCK_SEQPACKET) {
876 err = -EINVAL;
877 goto done;
878 }
879
880 /* Check if the address type is of LE type */
881 if (!bdaddr_type_is_le(sa->iso_bdaddr_type)) {
882 err = -EINVAL;
883 goto done;
884 }
885
886 bacpy(&iso_pi(sk)->src, &sa->iso_bdaddr);
887 iso_pi(sk)->src_type = sa->iso_bdaddr_type;
888
889 /* Check for Broadcast address */
890 if (addr_len > sizeof(*sa)) {
891 err = iso_sock_bind_bc(sock, addr, addr_len);
892 if (err)
893 goto done;
894 }
895
896 sk->sk_state = BT_BOUND;
897
898 done:
899 release_sock(sk);
900 return err;
901 }
902
iso_sock_connect(struct socket * sock,struct sockaddr * addr,int alen,int flags)903 static int iso_sock_connect(struct socket *sock, struct sockaddr *addr,
904 int alen, int flags)
905 {
906 struct sockaddr_iso *sa = (struct sockaddr_iso *)addr;
907 struct sock *sk = sock->sk;
908 int err;
909
910 BT_DBG("sk %p", sk);
911
912 if (alen < sizeof(struct sockaddr_iso) ||
913 addr->sa_family != AF_BLUETOOTH)
914 return -EINVAL;
915
916 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND)
917 return -EBADFD;
918
919 if (sk->sk_type != SOCK_SEQPACKET)
920 return -EINVAL;
921
922 /* Check if the address type is of LE type */
923 if (!bdaddr_type_is_le(sa->iso_bdaddr_type))
924 return -EINVAL;
925
926 lock_sock(sk);
927
928 bacpy(&iso_pi(sk)->dst, &sa->iso_bdaddr);
929 iso_pi(sk)->dst_type = sa->iso_bdaddr_type;
930
931 release_sock(sk);
932
933 if (bacmp(&iso_pi(sk)->dst, BDADDR_ANY))
934 err = iso_connect_cis(sk);
935 else
936 err = iso_connect_bis(sk);
937
938 if (err)
939 return err;
940
941 lock_sock(sk);
942
943 if (!test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
944 err = bt_sock_wait_state(sk, BT_CONNECTED,
945 sock_sndtimeo(sk, flags & O_NONBLOCK));
946 }
947
948 release_sock(sk);
949 return err;
950 }
951
iso_listen_bis(struct sock * sk)952 static int iso_listen_bis(struct sock *sk)
953 {
954 struct hci_dev *hdev;
955 int err = 0;
956
957 BT_DBG("%pMR -> %pMR (SID 0x%2.2x)", &iso_pi(sk)->src,
958 &iso_pi(sk)->dst, iso_pi(sk)->bc_sid);
959
960 write_lock(&iso_sk_list.lock);
961
962 if (__iso_get_sock_listen_by_sid(&iso_pi(sk)->src, &iso_pi(sk)->dst,
963 iso_pi(sk)->bc_sid))
964 err = -EADDRINUSE;
965
966 write_unlock(&iso_sk_list.lock);
967
968 if (err)
969 return err;
970
971 hdev = hci_get_route(&iso_pi(sk)->dst, &iso_pi(sk)->src,
972 iso_pi(sk)->src_type);
973 if (!hdev)
974 return -EHOSTUNREACH;
975
976 /* Fail if user set invalid QoS */
977 if (iso_pi(sk)->qos_user_set && !check_bcast_qos(&iso_pi(sk)->qos)) {
978 iso_pi(sk)->qos = default_qos;
979 return -EINVAL;
980 }
981
982 err = hci_pa_create_sync(hdev, &iso_pi(sk)->dst,
983 le_addr_type(iso_pi(sk)->dst_type),
984 iso_pi(sk)->bc_sid, &iso_pi(sk)->qos);
985
986 hci_dev_put(hdev);
987
988 return err;
989 }
990
iso_listen_cis(struct sock * sk)991 static int iso_listen_cis(struct sock *sk)
992 {
993 int err = 0;
994
995 BT_DBG("%pMR", &iso_pi(sk)->src);
996
997 write_lock(&iso_sk_list.lock);
998
999 if (__iso_get_sock_listen_by_addr(&iso_pi(sk)->src, &iso_pi(sk)->dst))
1000 err = -EADDRINUSE;
1001
1002 write_unlock(&iso_sk_list.lock);
1003
1004 return err;
1005 }
1006
iso_sock_listen(struct socket * sock,int backlog)1007 static int iso_sock_listen(struct socket *sock, int backlog)
1008 {
1009 struct sock *sk = sock->sk;
1010 int err = 0;
1011
1012 BT_DBG("sk %p backlog %d", sk, backlog);
1013
1014 lock_sock(sk);
1015
1016 if (sk->sk_state != BT_BOUND) {
1017 err = -EBADFD;
1018 goto done;
1019 }
1020
1021 if (sk->sk_type != SOCK_SEQPACKET) {
1022 err = -EINVAL;
1023 goto done;
1024 }
1025
1026 if (!bacmp(&iso_pi(sk)->dst, BDADDR_ANY))
1027 err = iso_listen_cis(sk);
1028 else
1029 err = iso_listen_bis(sk);
1030
1031 if (err)
1032 goto done;
1033
1034 sk->sk_max_ack_backlog = backlog;
1035 sk->sk_ack_backlog = 0;
1036
1037 sk->sk_state = BT_LISTEN;
1038
1039 done:
1040 release_sock(sk);
1041 return err;
1042 }
1043
iso_sock_accept(struct socket * sock,struct socket * newsock,int flags,bool kern)1044 static int iso_sock_accept(struct socket *sock, struct socket *newsock,
1045 int flags, bool kern)
1046 {
1047 DEFINE_WAIT_FUNC(wait, woken_wake_function);
1048 struct sock *sk = sock->sk, *ch;
1049 long timeo;
1050 int err = 0;
1051
1052 lock_sock(sk);
1053
1054 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
1055
1056 BT_DBG("sk %p timeo %ld", sk, timeo);
1057
1058 /* Wait for an incoming connection. (wake-one). */
1059 add_wait_queue_exclusive(sk_sleep(sk), &wait);
1060 while (1) {
1061 if (sk->sk_state != BT_LISTEN) {
1062 err = -EBADFD;
1063 break;
1064 }
1065
1066 ch = bt_accept_dequeue(sk, newsock);
1067 if (ch)
1068 break;
1069
1070 if (!timeo) {
1071 err = -EAGAIN;
1072 break;
1073 }
1074
1075 if (signal_pending(current)) {
1076 err = sock_intr_errno(timeo);
1077 break;
1078 }
1079
1080 release_sock(sk);
1081
1082 timeo = wait_woken(&wait, TASK_INTERRUPTIBLE, timeo);
1083 lock_sock(sk);
1084 }
1085 remove_wait_queue(sk_sleep(sk), &wait);
1086
1087 if (err)
1088 goto done;
1089
1090 newsock->state = SS_CONNECTED;
1091
1092 BT_DBG("new socket %p", ch);
1093
1094 done:
1095 release_sock(sk);
1096 return err;
1097 }
1098
iso_sock_getname(struct socket * sock,struct sockaddr * addr,int peer)1099 static int iso_sock_getname(struct socket *sock, struct sockaddr *addr,
1100 int peer)
1101 {
1102 struct sockaddr_iso *sa = (struct sockaddr_iso *)addr;
1103 struct sock *sk = sock->sk;
1104
1105 BT_DBG("sock %p, sk %p", sock, sk);
1106
1107 addr->sa_family = AF_BLUETOOTH;
1108
1109 if (peer) {
1110 bacpy(&sa->iso_bdaddr, &iso_pi(sk)->dst);
1111 sa->iso_bdaddr_type = iso_pi(sk)->dst_type;
1112 } else {
1113 bacpy(&sa->iso_bdaddr, &iso_pi(sk)->src);
1114 sa->iso_bdaddr_type = iso_pi(sk)->src_type;
1115 }
1116
1117 return sizeof(struct sockaddr_iso);
1118 }
1119
iso_sock_sendmsg(struct socket * sock,struct msghdr * msg,size_t len)1120 static int iso_sock_sendmsg(struct socket *sock, struct msghdr *msg,
1121 size_t len)
1122 {
1123 struct sock *sk = sock->sk;
1124 struct sk_buff *skb, **frag;
1125 size_t mtu;
1126 int err;
1127
1128 BT_DBG("sock %p, sk %p", sock, sk);
1129
1130 err = sock_error(sk);
1131 if (err)
1132 return err;
1133
1134 if (msg->msg_flags & MSG_OOB)
1135 return -EOPNOTSUPP;
1136
1137 lock_sock(sk);
1138
1139 if (sk->sk_state != BT_CONNECTED) {
1140 release_sock(sk);
1141 return -ENOTCONN;
1142 }
1143
1144 mtu = iso_pi(sk)->conn->hcon->mtu;
1145
1146 release_sock(sk);
1147
1148 skb = bt_skb_sendmsg(sk, msg, len, mtu, HCI_ISO_DATA_HDR_SIZE, 0);
1149 if (IS_ERR(skb))
1150 return PTR_ERR(skb);
1151
1152 len -= skb->len;
1153
1154 BT_DBG("skb %p len %d", sk, skb->len);
1155
1156 /* Continuation fragments */
1157 frag = &skb_shinfo(skb)->frag_list;
1158 while (len) {
1159 struct sk_buff *tmp;
1160
1161 tmp = bt_skb_sendmsg(sk, msg, len, mtu, 0, 0);
1162 if (IS_ERR(tmp)) {
1163 kfree_skb(skb);
1164 return PTR_ERR(tmp);
1165 }
1166
1167 *frag = tmp;
1168
1169 len -= tmp->len;
1170
1171 skb->len += tmp->len;
1172 skb->data_len += tmp->len;
1173
1174 BT_DBG("frag %p len %d", *frag, tmp->len);
1175
1176 frag = &(*frag)->next;
1177 }
1178
1179 lock_sock(sk);
1180
1181 if (sk->sk_state == BT_CONNECTED)
1182 err = iso_send_frame(sk, skb);
1183 else
1184 err = -ENOTCONN;
1185
1186 release_sock(sk);
1187
1188 if (err < 0)
1189 kfree_skb(skb);
1190 return err;
1191 }
1192
iso_conn_defer_accept(struct hci_conn * conn)1193 static void iso_conn_defer_accept(struct hci_conn *conn)
1194 {
1195 struct hci_cp_le_accept_cis cp;
1196 struct hci_dev *hdev = conn->hdev;
1197
1198 BT_DBG("conn %p", conn);
1199
1200 conn->state = BT_CONFIG;
1201
1202 cp.handle = cpu_to_le16(conn->handle);
1203
1204 hci_send_cmd(hdev, HCI_OP_LE_ACCEPT_CIS, sizeof(cp), &cp);
1205 }
1206
iso_conn_big_sync(struct sock * sk)1207 static void iso_conn_big_sync(struct sock *sk)
1208 {
1209 int err;
1210 struct hci_dev *hdev;
1211
1212 hdev = hci_get_route(&iso_pi(sk)->dst, &iso_pi(sk)->src,
1213 iso_pi(sk)->src_type);
1214
1215 if (!hdev)
1216 return;
1217
1218 if (!test_and_set_bit(BT_SK_BIG_SYNC, &iso_pi(sk)->flags)) {
1219 err = hci_le_big_create_sync(hdev, iso_pi(sk)->conn->hcon,
1220 &iso_pi(sk)->qos,
1221 iso_pi(sk)->sync_handle,
1222 iso_pi(sk)->bc_num_bis,
1223 iso_pi(sk)->bc_bis);
1224 if (err)
1225 bt_dev_err(hdev, "hci_le_big_create_sync: %d",
1226 err);
1227 }
1228 }
1229
iso_sock_recvmsg(struct socket * sock,struct msghdr * msg,size_t len,int flags)1230 static int iso_sock_recvmsg(struct socket *sock, struct msghdr *msg,
1231 size_t len, int flags)
1232 {
1233 struct sock *sk = sock->sk;
1234 struct iso_pinfo *pi = iso_pi(sk);
1235
1236 BT_DBG("sk %p", sk);
1237
1238 if (test_and_clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
1239 lock_sock(sk);
1240 switch (sk->sk_state) {
1241 case BT_CONNECT2:
1242 if (test_bit(BT_SK_PA_SYNC, &pi->flags)) {
1243 iso_conn_big_sync(sk);
1244 sk->sk_state = BT_LISTEN;
1245 } else {
1246 iso_conn_defer_accept(pi->conn->hcon);
1247 sk->sk_state = BT_CONFIG;
1248 }
1249 release_sock(sk);
1250 return 0;
1251 case BT_CONNECT:
1252 release_sock(sk);
1253 return iso_connect_cis(sk);
1254 default:
1255 release_sock(sk);
1256 break;
1257 }
1258 }
1259
1260 return bt_sock_recvmsg(sock, msg, len, flags);
1261 }
1262
check_io_qos(struct bt_iso_io_qos * qos)1263 static bool check_io_qos(struct bt_iso_io_qos *qos)
1264 {
1265 /* If no PHY is enable SDU must be 0 */
1266 if (!qos->phy && qos->sdu)
1267 return false;
1268
1269 if (qos->interval && (qos->interval < 0xff || qos->interval > 0xfffff))
1270 return false;
1271
1272 if (qos->latency && (qos->latency < 0x05 || qos->latency > 0xfa0))
1273 return false;
1274
1275 if (qos->phy > BT_ISO_PHY_ANY)
1276 return false;
1277
1278 return true;
1279 }
1280
check_ucast_qos(struct bt_iso_qos * qos)1281 static bool check_ucast_qos(struct bt_iso_qos *qos)
1282 {
1283 if (qos->ucast.cig > 0xef && qos->ucast.cig != BT_ISO_QOS_CIG_UNSET)
1284 return false;
1285
1286 if (qos->ucast.cis > 0xef && qos->ucast.cis != BT_ISO_QOS_CIS_UNSET)
1287 return false;
1288
1289 if (qos->ucast.sca > 0x07)
1290 return false;
1291
1292 if (qos->ucast.packing > 0x01)
1293 return false;
1294
1295 if (qos->ucast.framing > 0x01)
1296 return false;
1297
1298 if (!check_io_qos(&qos->ucast.in))
1299 return false;
1300
1301 if (!check_io_qos(&qos->ucast.out))
1302 return false;
1303
1304 return true;
1305 }
1306
check_bcast_qos(struct bt_iso_qos * qos)1307 static bool check_bcast_qos(struct bt_iso_qos *qos)
1308 {
1309 if (!qos->bcast.sync_factor)
1310 qos->bcast.sync_factor = 0x01;
1311
1312 if (qos->bcast.packing > 0x01)
1313 return false;
1314
1315 if (qos->bcast.framing > 0x01)
1316 return false;
1317
1318 if (!check_io_qos(&qos->bcast.in))
1319 return false;
1320
1321 if (!check_io_qos(&qos->bcast.out))
1322 return false;
1323
1324 if (qos->bcast.encryption > 0x01)
1325 return false;
1326
1327 if (qos->bcast.options > 0x07)
1328 return false;
1329
1330 if (qos->bcast.skip > 0x01f3)
1331 return false;
1332
1333 if (!qos->bcast.sync_timeout)
1334 qos->bcast.sync_timeout = BT_ISO_SYNC_TIMEOUT;
1335
1336 if (qos->bcast.sync_timeout < 0x000a || qos->bcast.sync_timeout > 0x4000)
1337 return false;
1338
1339 if (qos->bcast.sync_cte_type > 0x1f)
1340 return false;
1341
1342 if (qos->bcast.mse > 0x1f)
1343 return false;
1344
1345 if (!qos->bcast.timeout)
1346 qos->bcast.sync_timeout = BT_ISO_SYNC_TIMEOUT;
1347
1348 if (qos->bcast.timeout < 0x000a || qos->bcast.timeout > 0x4000)
1349 return false;
1350
1351 return true;
1352 }
1353
iso_sock_setsockopt(struct socket * sock,int level,int optname,sockptr_t optval,unsigned int optlen)1354 static int iso_sock_setsockopt(struct socket *sock, int level, int optname,
1355 sockptr_t optval, unsigned int optlen)
1356 {
1357 struct sock *sk = sock->sk;
1358 int err = 0;
1359 struct bt_iso_qos qos = default_qos;
1360 u32 opt;
1361
1362 BT_DBG("sk %p", sk);
1363
1364 lock_sock(sk);
1365
1366 switch (optname) {
1367 case BT_DEFER_SETUP:
1368 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
1369 err = -EINVAL;
1370 break;
1371 }
1372
1373 err = bt_copy_from_sockptr(&opt, sizeof(opt), optval, optlen);
1374 if (err)
1375 break;
1376
1377 if (opt)
1378 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
1379 else
1380 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
1381 break;
1382
1383 case BT_PKT_STATUS:
1384 err = bt_copy_from_sockptr(&opt, sizeof(opt), optval, optlen);
1385 if (err)
1386 break;
1387
1388 if (opt)
1389 set_bit(BT_SK_PKT_STATUS, &bt_sk(sk)->flags);
1390 else
1391 clear_bit(BT_SK_PKT_STATUS, &bt_sk(sk)->flags);
1392 break;
1393
1394 case BT_ISO_QOS:
1395 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND &&
1396 sk->sk_state != BT_CONNECT2) {
1397 err = -EINVAL;
1398 break;
1399 }
1400
1401 err = bt_copy_from_sockptr(&qos, sizeof(qos), optval, optlen);
1402 if (err)
1403 break;
1404
1405 iso_pi(sk)->qos = qos;
1406 iso_pi(sk)->qos_user_set = true;
1407
1408 break;
1409
1410 case BT_ISO_BASE:
1411 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND &&
1412 sk->sk_state != BT_CONNECT2) {
1413 err = -EINVAL;
1414 break;
1415 }
1416
1417 if (optlen > sizeof(iso_pi(sk)->base)) {
1418 err = -EINVAL;
1419 break;
1420 }
1421
1422 err = bt_copy_from_sockptr(iso_pi(sk)->base, optlen, optval,
1423 optlen);
1424 if (err)
1425 break;
1426
1427 iso_pi(sk)->base_len = optlen;
1428
1429 break;
1430
1431 default:
1432 err = -ENOPROTOOPT;
1433 break;
1434 }
1435
1436 release_sock(sk);
1437 return err;
1438 }
1439
iso_sock_getsockopt(struct socket * sock,int level,int optname,char __user * optval,int __user * optlen)1440 static int iso_sock_getsockopt(struct socket *sock, int level, int optname,
1441 char __user *optval, int __user *optlen)
1442 {
1443 struct sock *sk = sock->sk;
1444 int len, err = 0;
1445 struct bt_iso_qos *qos;
1446 u8 base_len;
1447 u8 *base;
1448
1449 BT_DBG("sk %p", sk);
1450
1451 if (get_user(len, optlen))
1452 return -EFAULT;
1453
1454 lock_sock(sk);
1455
1456 switch (optname) {
1457 case BT_DEFER_SETUP:
1458 if (sk->sk_state == BT_CONNECTED) {
1459 err = -EINVAL;
1460 break;
1461 }
1462
1463 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
1464 (u32 __user *)optval))
1465 err = -EFAULT;
1466
1467 break;
1468
1469 case BT_PKT_STATUS:
1470 if (put_user(test_bit(BT_SK_PKT_STATUS, &bt_sk(sk)->flags),
1471 (int __user *)optval))
1472 err = -EFAULT;
1473 break;
1474
1475 case BT_ISO_QOS:
1476 qos = iso_sock_get_qos(sk);
1477
1478 len = min_t(unsigned int, len, sizeof(*qos));
1479 if (copy_to_user(optval, qos, len))
1480 err = -EFAULT;
1481
1482 break;
1483
1484 case BT_ISO_BASE:
1485 if (sk->sk_state == BT_CONNECTED &&
1486 !bacmp(&iso_pi(sk)->dst, BDADDR_ANY)) {
1487 base_len = iso_pi(sk)->conn->hcon->le_per_adv_data_len;
1488 base = iso_pi(sk)->conn->hcon->le_per_adv_data;
1489 } else {
1490 base_len = iso_pi(sk)->base_len;
1491 base = iso_pi(sk)->base;
1492 }
1493
1494 len = min_t(unsigned int, len, base_len);
1495 if (copy_to_user(optval, base, len))
1496 err = -EFAULT;
1497
1498 break;
1499
1500 default:
1501 err = -ENOPROTOOPT;
1502 break;
1503 }
1504
1505 release_sock(sk);
1506 return err;
1507 }
1508
iso_sock_shutdown(struct socket * sock,int how)1509 static int iso_sock_shutdown(struct socket *sock, int how)
1510 {
1511 struct sock *sk = sock->sk;
1512 int err = 0;
1513
1514 BT_DBG("sock %p, sk %p, how %d", sock, sk, how);
1515
1516 if (!sk)
1517 return 0;
1518
1519 sock_hold(sk);
1520 lock_sock(sk);
1521
1522 switch (how) {
1523 case SHUT_RD:
1524 if (sk->sk_shutdown & RCV_SHUTDOWN)
1525 goto unlock;
1526 sk->sk_shutdown |= RCV_SHUTDOWN;
1527 break;
1528 case SHUT_WR:
1529 if (sk->sk_shutdown & SEND_SHUTDOWN)
1530 goto unlock;
1531 sk->sk_shutdown |= SEND_SHUTDOWN;
1532 break;
1533 case SHUT_RDWR:
1534 if (sk->sk_shutdown & SHUTDOWN_MASK)
1535 goto unlock;
1536 sk->sk_shutdown |= SHUTDOWN_MASK;
1537 break;
1538 }
1539
1540 iso_sock_clear_timer(sk);
1541 __iso_sock_close(sk);
1542
1543 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime &&
1544 !(current->flags & PF_EXITING))
1545 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
1546
1547 unlock:
1548 release_sock(sk);
1549 sock_put(sk);
1550
1551 return err;
1552 }
1553
iso_sock_release(struct socket * sock)1554 static int iso_sock_release(struct socket *sock)
1555 {
1556 struct sock *sk = sock->sk;
1557 int err = 0;
1558
1559 BT_DBG("sock %p, sk %p", sock, sk);
1560
1561 if (!sk)
1562 return 0;
1563
1564 iso_sock_close(sk);
1565
1566 if (sock_flag(sk, SOCK_LINGER) && READ_ONCE(sk->sk_lingertime) &&
1567 !(current->flags & PF_EXITING)) {
1568 lock_sock(sk);
1569 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
1570 release_sock(sk);
1571 }
1572
1573 sock_orphan(sk);
1574 iso_sock_kill(sk);
1575 return err;
1576 }
1577
iso_sock_ready(struct sock * sk)1578 static void iso_sock_ready(struct sock *sk)
1579 {
1580 BT_DBG("sk %p", sk);
1581
1582 if (!sk)
1583 return;
1584
1585 lock_sock(sk);
1586 iso_sock_clear_timer(sk);
1587 sk->sk_state = BT_CONNECTED;
1588 sk->sk_state_change(sk);
1589 release_sock(sk);
1590 }
1591
1592 struct iso_list_data {
1593 struct hci_conn *hcon;
1594 int count;
1595 };
1596
iso_match_big(struct sock * sk,void * data)1597 static bool iso_match_big(struct sock *sk, void *data)
1598 {
1599 struct hci_evt_le_big_sync_estabilished *ev = data;
1600
1601 return ev->handle == iso_pi(sk)->qos.bcast.big;
1602 }
1603
iso_match_pa_sync_flag(struct sock * sk,void * data)1604 static bool iso_match_pa_sync_flag(struct sock *sk, void *data)
1605 {
1606 return test_bit(BT_SK_PA_SYNC, &iso_pi(sk)->flags);
1607 }
1608
iso_conn_ready(struct iso_conn * conn)1609 static void iso_conn_ready(struct iso_conn *conn)
1610 {
1611 struct sock *parent = NULL;
1612 struct sock *sk = conn->sk;
1613 struct hci_ev_le_big_sync_estabilished *ev = NULL;
1614 struct hci_ev_le_pa_sync_established *ev2 = NULL;
1615 struct hci_evt_le_big_info_adv_report *ev3 = NULL;
1616 struct hci_conn *hcon;
1617
1618 BT_DBG("conn %p", conn);
1619
1620 if (sk) {
1621 iso_sock_ready(conn->sk);
1622 } else {
1623 hcon = conn->hcon;
1624 if (!hcon)
1625 return;
1626
1627 if (test_bit(HCI_CONN_BIG_SYNC, &hcon->flags) ||
1628 test_bit(HCI_CONN_BIG_SYNC_FAILED, &hcon->flags)) {
1629 ev = hci_recv_event_data(hcon->hdev,
1630 HCI_EVT_LE_BIG_SYNC_ESTABILISHED);
1631
1632 /* Get reference to PA sync parent socket, if it exists */
1633 parent = iso_get_sock_listen(&hcon->src,
1634 &hcon->dst,
1635 iso_match_pa_sync_flag, NULL);
1636 if (!parent && ev)
1637 parent = iso_get_sock_listen(&hcon->src,
1638 &hcon->dst,
1639 iso_match_big, ev);
1640 } else if (test_bit(HCI_CONN_PA_SYNC_FAILED, &hcon->flags)) {
1641 ev2 = hci_recv_event_data(hcon->hdev,
1642 HCI_EV_LE_PA_SYNC_ESTABLISHED);
1643 if (ev2)
1644 parent = iso_get_sock_listen(&hcon->src,
1645 &hcon->dst,
1646 iso_match_sid, ev2);
1647 } else if (test_bit(HCI_CONN_PA_SYNC, &hcon->flags)) {
1648 ev3 = hci_recv_event_data(hcon->hdev,
1649 HCI_EVT_LE_BIG_INFO_ADV_REPORT);
1650 if (ev3)
1651 parent = iso_get_sock_listen(&hcon->src,
1652 &hcon->dst,
1653 iso_match_sync_handle, ev3);
1654 }
1655
1656 if (!parent)
1657 parent = iso_get_sock_listen(&hcon->src,
1658 BDADDR_ANY, NULL, NULL);
1659
1660 if (!parent)
1661 return;
1662
1663 lock_sock(parent);
1664
1665 sk = iso_sock_alloc(sock_net(parent), NULL,
1666 BTPROTO_ISO, GFP_ATOMIC, 0);
1667 if (!sk) {
1668 release_sock(parent);
1669 return;
1670 }
1671
1672 iso_sock_init(sk, parent);
1673
1674 bacpy(&iso_pi(sk)->src, &hcon->src);
1675
1676 /* Convert from HCI to three-value type */
1677 if (hcon->src_type == ADDR_LE_DEV_PUBLIC)
1678 iso_pi(sk)->src_type = BDADDR_LE_PUBLIC;
1679 else
1680 iso_pi(sk)->src_type = BDADDR_LE_RANDOM;
1681
1682 /* If hcon has no destination address (BDADDR_ANY) it means it
1683 * was created by HCI_EV_LE_BIG_SYNC_ESTABILISHED or
1684 * HCI_EV_LE_PA_SYNC_ESTABLISHED so we need to initialize using
1685 * the parent socket destination address.
1686 */
1687 if (!bacmp(&hcon->dst, BDADDR_ANY)) {
1688 bacpy(&hcon->dst, &iso_pi(parent)->dst);
1689 hcon->dst_type = iso_pi(parent)->dst_type;
1690 hcon->sync_handle = iso_pi(parent)->sync_handle;
1691 }
1692
1693 if (ev3) {
1694 iso_pi(sk)->qos = iso_pi(parent)->qos;
1695 iso_pi(sk)->qos.bcast.encryption = ev3->encryption;
1696 hcon->iso_qos = iso_pi(sk)->qos;
1697 iso_pi(sk)->bc_num_bis = iso_pi(parent)->bc_num_bis;
1698 memcpy(iso_pi(sk)->bc_bis, iso_pi(parent)->bc_bis, ISO_MAX_NUM_BIS);
1699 set_bit(BT_SK_PA_SYNC, &iso_pi(sk)->flags);
1700 }
1701
1702 bacpy(&iso_pi(sk)->dst, &hcon->dst);
1703 iso_pi(sk)->dst_type = hcon->dst_type;
1704 iso_pi(sk)->sync_handle = iso_pi(parent)->sync_handle;
1705 memcpy(iso_pi(sk)->base, iso_pi(parent)->base, iso_pi(parent)->base_len);
1706 iso_pi(sk)->base_len = iso_pi(parent)->base_len;
1707
1708 hci_conn_hold(hcon);
1709 iso_chan_add(conn, sk, parent);
1710
1711 if ((ev && ((struct hci_evt_le_big_sync_estabilished *)ev)->status) ||
1712 (ev2 && ev2->status)) {
1713 /* Trigger error signal on child socket */
1714 sk->sk_err = ECONNREFUSED;
1715 sk->sk_error_report(sk);
1716 }
1717
1718 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags))
1719 sk->sk_state = BT_CONNECT2;
1720 else
1721 sk->sk_state = BT_CONNECTED;
1722
1723 /* Wake up parent */
1724 parent->sk_data_ready(parent);
1725
1726 release_sock(parent);
1727 }
1728 }
1729
iso_match_sid(struct sock * sk,void * data)1730 static bool iso_match_sid(struct sock *sk, void *data)
1731 {
1732 struct hci_ev_le_pa_sync_established *ev = data;
1733
1734 return ev->sid == iso_pi(sk)->bc_sid;
1735 }
1736
iso_match_sync_handle(struct sock * sk,void * data)1737 static bool iso_match_sync_handle(struct sock *sk, void *data)
1738 {
1739 struct hci_evt_le_big_info_adv_report *ev = data;
1740
1741 return le16_to_cpu(ev->sync_handle) == iso_pi(sk)->sync_handle;
1742 }
1743
iso_match_sync_handle_pa_report(struct sock * sk,void * data)1744 static bool iso_match_sync_handle_pa_report(struct sock *sk, void *data)
1745 {
1746 struct hci_ev_le_per_adv_report *ev = data;
1747
1748 return le16_to_cpu(ev->sync_handle) == iso_pi(sk)->sync_handle;
1749 }
1750
1751 /* ----- ISO interface with lower layer (HCI) ----- */
1752
iso_connect_ind(struct hci_dev * hdev,bdaddr_t * bdaddr,__u8 * flags)1753 int iso_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 *flags)
1754 {
1755 struct hci_ev_le_pa_sync_established *ev1;
1756 struct hci_evt_le_big_info_adv_report *ev2;
1757 struct hci_ev_le_per_adv_report *ev3;
1758 struct sock *sk;
1759 int lm = 0;
1760
1761 bt_dev_dbg(hdev, "bdaddr %pMR", bdaddr);
1762
1763 /* Broadcast receiver requires handling of some events before it can
1764 * proceed to establishing a BIG sync:
1765 *
1766 * 1. HCI_EV_LE_PA_SYNC_ESTABLISHED: The socket may specify a specific
1767 * SID to listen to and once sync is estabilished its handle needs to
1768 * be stored in iso_pi(sk)->sync_handle so it can be matched once
1769 * receiving the BIG Info.
1770 * 2. HCI_EVT_LE_BIG_INFO_ADV_REPORT: When connect_ind is triggered by a
1771 * a BIG Info it attempts to check if there any listening socket with
1772 * the same sync_handle and if it does then attempt to create a sync.
1773 * 3. HCI_EV_LE_PER_ADV_REPORT: When a PA report is received, it is stored
1774 * in iso_pi(sk)->base so it can be passed up to user, in the case of a
1775 * broadcast sink.
1776 */
1777 ev1 = hci_recv_event_data(hdev, HCI_EV_LE_PA_SYNC_ESTABLISHED);
1778 if (ev1) {
1779 sk = iso_get_sock_listen(&hdev->bdaddr, bdaddr, iso_match_sid,
1780 ev1);
1781 if (sk && !ev1->status)
1782 iso_pi(sk)->sync_handle = le16_to_cpu(ev1->handle);
1783
1784 goto done;
1785 }
1786
1787 ev2 = hci_recv_event_data(hdev, HCI_EVT_LE_BIG_INFO_ADV_REPORT);
1788 if (ev2) {
1789 /* Try to get PA sync listening socket, if it exists */
1790 sk = iso_get_sock_listen(&hdev->bdaddr, bdaddr,
1791 iso_match_pa_sync_flag, NULL);
1792
1793 if (!sk) {
1794 sk = iso_get_sock_listen(&hdev->bdaddr, bdaddr,
1795 iso_match_sync_handle, ev2);
1796
1797 /* If PA Sync is in process of terminating,
1798 * do not handle any more BIGInfo adv reports.
1799 */
1800
1801 if (sk && test_bit(BT_SK_PA_SYNC_TERM,
1802 &iso_pi(sk)->flags))
1803 return lm;
1804 }
1805
1806 if (sk) {
1807 int err;
1808
1809 if (ev2->num_bis < iso_pi(sk)->bc_num_bis)
1810 iso_pi(sk)->bc_num_bis = ev2->num_bis;
1811
1812 if (!test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags) &&
1813 !test_and_set_bit(BT_SK_BIG_SYNC, &iso_pi(sk)->flags)) {
1814 err = hci_le_big_create_sync(hdev, NULL,
1815 &iso_pi(sk)->qos,
1816 iso_pi(sk)->sync_handle,
1817 iso_pi(sk)->bc_num_bis,
1818 iso_pi(sk)->bc_bis);
1819 if (err) {
1820 bt_dev_err(hdev, "hci_le_big_create_sync: %d",
1821 err);
1822 sk = NULL;
1823 }
1824 }
1825 }
1826 }
1827
1828 ev3 = hci_recv_event_data(hdev, HCI_EV_LE_PER_ADV_REPORT);
1829 if (ev3) {
1830 sk = iso_get_sock_listen(&hdev->bdaddr, bdaddr,
1831 iso_match_sync_handle_pa_report, ev3);
1832
1833 if (sk) {
1834 memcpy(iso_pi(sk)->base, ev3->data, ev3->length);
1835 iso_pi(sk)->base_len = ev3->length;
1836 }
1837 } else {
1838 sk = iso_get_sock_listen(&hdev->bdaddr, BDADDR_ANY, NULL, NULL);
1839 }
1840
1841 done:
1842 if (!sk)
1843 return lm;
1844
1845 lm |= HCI_LM_ACCEPT;
1846
1847 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))
1848 *flags |= HCI_PROTO_DEFER;
1849
1850 return lm;
1851 }
1852
iso_connect_cfm(struct hci_conn * hcon,__u8 status)1853 static void iso_connect_cfm(struct hci_conn *hcon, __u8 status)
1854 {
1855 if (hcon->type != ISO_LINK) {
1856 if (hcon->type != LE_LINK)
1857 return;
1858
1859 /* Check if LE link has failed */
1860 if (status) {
1861 struct hci_link *link, *t;
1862
1863 list_for_each_entry_safe(link, t, &hcon->link_list,
1864 list)
1865 iso_conn_del(link->conn, bt_to_errno(status));
1866
1867 return;
1868 }
1869
1870 /* Create CIS if pending */
1871 hci_le_create_cis_pending(hcon->hdev);
1872 return;
1873 }
1874
1875 BT_DBG("hcon %p bdaddr %pMR status %d", hcon, &hcon->dst, status);
1876
1877 /* Similar to the success case, if HCI_CONN_BIG_SYNC_FAILED or
1878 * HCI_CONN_PA_SYNC_FAILED is set, queue the failed connection
1879 * into the accept queue of the listening socket and wake up
1880 * userspace, to inform the user about the event.
1881 */
1882 if (!status || test_bit(HCI_CONN_BIG_SYNC_FAILED, &hcon->flags) ||
1883 test_bit(HCI_CONN_PA_SYNC_FAILED, &hcon->flags)) {
1884 struct iso_conn *conn;
1885
1886 conn = iso_conn_add(hcon);
1887 if (conn)
1888 iso_conn_ready(conn);
1889 } else {
1890 iso_conn_del(hcon, bt_to_errno(status));
1891 }
1892 }
1893
iso_disconn_cfm(struct hci_conn * hcon,__u8 reason)1894 static void iso_disconn_cfm(struct hci_conn *hcon, __u8 reason)
1895 {
1896 if (hcon->type != ISO_LINK)
1897 return;
1898
1899 BT_DBG("hcon %p reason %d", hcon, reason);
1900
1901 iso_conn_del(hcon, bt_to_errno(reason));
1902 }
1903
iso_recv(struct hci_conn * hcon,struct sk_buff * skb,u16 flags)1904 void iso_recv(struct hci_conn *hcon, struct sk_buff *skb, u16 flags)
1905 {
1906 struct iso_conn *conn = hcon->iso_data;
1907 __u16 pb, ts, len;
1908
1909 if (!conn)
1910 goto drop;
1911
1912 pb = hci_iso_flags_pb(flags);
1913 ts = hci_iso_flags_ts(flags);
1914
1915 BT_DBG("conn %p len %d pb 0x%x ts 0x%x", conn, skb->len, pb, ts);
1916
1917 switch (pb) {
1918 case ISO_START:
1919 case ISO_SINGLE:
1920 if (conn->rx_len) {
1921 BT_ERR("Unexpected start frame (len %d)", skb->len);
1922 kfree_skb(conn->rx_skb);
1923 conn->rx_skb = NULL;
1924 conn->rx_len = 0;
1925 }
1926
1927 if (ts) {
1928 struct hci_iso_ts_data_hdr *hdr;
1929
1930 /* TODO: add timestamp to the packet? */
1931 hdr = skb_pull_data(skb, HCI_ISO_TS_DATA_HDR_SIZE);
1932 if (!hdr) {
1933 BT_ERR("Frame is too short (len %d)", skb->len);
1934 goto drop;
1935 }
1936
1937 len = __le16_to_cpu(hdr->slen);
1938 } else {
1939 struct hci_iso_data_hdr *hdr;
1940
1941 hdr = skb_pull_data(skb, HCI_ISO_DATA_HDR_SIZE);
1942 if (!hdr) {
1943 BT_ERR("Frame is too short (len %d)", skb->len);
1944 goto drop;
1945 }
1946
1947 len = __le16_to_cpu(hdr->slen);
1948 }
1949
1950 flags = hci_iso_data_flags(len);
1951 len = hci_iso_data_len(len);
1952
1953 BT_DBG("Start: total len %d, frag len %d flags 0x%4.4x", len,
1954 skb->len, flags);
1955
1956 if (len == skb->len) {
1957 /* Complete frame received */
1958 hci_skb_pkt_status(skb) = flags & 0x03;
1959 iso_recv_frame(conn, skb);
1960 return;
1961 }
1962
1963 if (pb == ISO_SINGLE) {
1964 BT_ERR("Frame malformed (len %d, expected len %d)",
1965 skb->len, len);
1966 goto drop;
1967 }
1968
1969 if (skb->len > len) {
1970 BT_ERR("Frame is too long (len %d, expected len %d)",
1971 skb->len, len);
1972 goto drop;
1973 }
1974
1975 /* Allocate skb for the complete frame (with header) */
1976 conn->rx_skb = bt_skb_alloc(len, GFP_KERNEL);
1977 if (!conn->rx_skb)
1978 goto drop;
1979
1980 hci_skb_pkt_status(conn->rx_skb) = flags & 0x03;
1981 skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, skb->len),
1982 skb->len);
1983 conn->rx_len = len - skb->len;
1984 break;
1985
1986 case ISO_CONT:
1987 BT_DBG("Cont: frag len %d (expecting %d)", skb->len,
1988 conn->rx_len);
1989
1990 if (!conn->rx_len) {
1991 BT_ERR("Unexpected continuation frame (len %d)",
1992 skb->len);
1993 goto drop;
1994 }
1995
1996 if (skb->len > conn->rx_len) {
1997 BT_ERR("Fragment is too long (len %d, expected %d)",
1998 skb->len, conn->rx_len);
1999 kfree_skb(conn->rx_skb);
2000 conn->rx_skb = NULL;
2001 conn->rx_len = 0;
2002 goto drop;
2003 }
2004
2005 skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, skb->len),
2006 skb->len);
2007 conn->rx_len -= skb->len;
2008 return;
2009
2010 case ISO_END:
2011 skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, skb->len),
2012 skb->len);
2013 conn->rx_len -= skb->len;
2014
2015 if (!conn->rx_len) {
2016 struct sk_buff *rx_skb = conn->rx_skb;
2017
2018 /* Complete frame received. iso_recv_frame
2019 * takes ownership of the skb so set the global
2020 * rx_skb pointer to NULL first.
2021 */
2022 conn->rx_skb = NULL;
2023 iso_recv_frame(conn, rx_skb);
2024 }
2025 break;
2026 }
2027
2028 drop:
2029 kfree_skb(skb);
2030 }
2031
2032 static struct hci_cb iso_cb = {
2033 .name = "ISO",
2034 .connect_cfm = iso_connect_cfm,
2035 .disconn_cfm = iso_disconn_cfm,
2036 };
2037
iso_debugfs_show(struct seq_file * f,void * p)2038 static int iso_debugfs_show(struct seq_file *f, void *p)
2039 {
2040 struct sock *sk;
2041
2042 read_lock(&iso_sk_list.lock);
2043
2044 sk_for_each(sk, &iso_sk_list.head) {
2045 seq_printf(f, "%pMR %pMR %d\n", &iso_pi(sk)->src,
2046 &iso_pi(sk)->dst, sk->sk_state);
2047 }
2048
2049 read_unlock(&iso_sk_list.lock);
2050
2051 return 0;
2052 }
2053
2054 DEFINE_SHOW_ATTRIBUTE(iso_debugfs);
2055
2056 static struct dentry *iso_debugfs;
2057
2058 static const struct proto_ops iso_sock_ops = {
2059 .family = PF_BLUETOOTH,
2060 .owner = THIS_MODULE,
2061 .release = iso_sock_release,
2062 .bind = iso_sock_bind,
2063 .connect = iso_sock_connect,
2064 .listen = iso_sock_listen,
2065 .accept = iso_sock_accept,
2066 .getname = iso_sock_getname,
2067 .sendmsg = iso_sock_sendmsg,
2068 .recvmsg = iso_sock_recvmsg,
2069 .poll = bt_sock_poll,
2070 .ioctl = bt_sock_ioctl,
2071 .mmap = sock_no_mmap,
2072 .socketpair = sock_no_socketpair,
2073 .shutdown = iso_sock_shutdown,
2074 .setsockopt = iso_sock_setsockopt,
2075 .getsockopt = iso_sock_getsockopt
2076 };
2077
2078 static const struct net_proto_family iso_sock_family_ops = {
2079 .family = PF_BLUETOOTH,
2080 .owner = THIS_MODULE,
2081 .create = iso_sock_create,
2082 };
2083
2084 static bool iso_inited;
2085
iso_enabled(void)2086 bool iso_enabled(void)
2087 {
2088 return iso_inited;
2089 }
2090
iso_init(void)2091 int iso_init(void)
2092 {
2093 int err;
2094
2095 BUILD_BUG_ON(sizeof(struct sockaddr_iso) > sizeof(struct sockaddr));
2096
2097 if (iso_inited)
2098 return -EALREADY;
2099
2100 err = proto_register(&iso_proto, 0);
2101 if (err < 0)
2102 return err;
2103
2104 err = bt_sock_register(BTPROTO_ISO, &iso_sock_family_ops);
2105 if (err < 0) {
2106 BT_ERR("ISO socket registration failed");
2107 goto error;
2108 }
2109
2110 err = bt_procfs_init(&init_net, "iso", &iso_sk_list, NULL);
2111 if (err < 0) {
2112 BT_ERR("Failed to create ISO proc file");
2113 bt_sock_unregister(BTPROTO_ISO);
2114 goto error;
2115 }
2116
2117 BT_INFO("ISO socket layer initialized");
2118
2119 hci_register_cb(&iso_cb);
2120
2121 if (!IS_ERR_OR_NULL(bt_debugfs))
2122 iso_debugfs = debugfs_create_file("iso", 0444, bt_debugfs,
2123 NULL, &iso_debugfs_fops);
2124
2125 iso_inited = true;
2126
2127 return 0;
2128
2129 error:
2130 proto_unregister(&iso_proto);
2131 return err;
2132 }
2133
iso_exit(void)2134 int iso_exit(void)
2135 {
2136 if (!iso_inited)
2137 return -EALREADY;
2138
2139 bt_procfs_cleanup(&init_net, "iso");
2140
2141 debugfs_remove(iso_debugfs);
2142 iso_debugfs = NULL;
2143
2144 hci_unregister_cb(&iso_cb);
2145
2146 bt_sock_unregister(BTPROTO_ISO);
2147
2148 proto_unregister(&iso_proto);
2149
2150 iso_inited = false;
2151
2152 return 0;
2153 }
2154