11da177e4SLinus Torvalds /* 21da177e4SLinus Torvalds BlueZ - Bluetooth protocol stack for Linux 31da177e4SLinus Torvalds Copyright (C) 2000-2001 Qualcomm Incorporated 41da177e4SLinus Torvalds 51da177e4SLinus Torvalds Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 61da177e4SLinus Torvalds 71da177e4SLinus Torvalds This program is free software; you can redistribute it and/or modify 81da177e4SLinus Torvalds it under the terms of the GNU General Public License version 2 as 91da177e4SLinus Torvalds published by the Free Software Foundation; 101da177e4SLinus Torvalds 111da177e4SLinus Torvalds THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 121da177e4SLinus Torvalds OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 131da177e4SLinus Torvalds FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 141da177e4SLinus Torvalds IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 151da177e4SLinus Torvalds CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 161da177e4SLinus Torvalds WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 171da177e4SLinus Torvalds ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 181da177e4SLinus Torvalds OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 191da177e4SLinus Torvalds 201da177e4SLinus Torvalds ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 211da177e4SLinus Torvalds COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 221da177e4SLinus Torvalds SOFTWARE IS DISCLAIMED. 231da177e4SLinus Torvalds */ 241da177e4SLinus Torvalds 251da177e4SLinus Torvalds /* Bluetooth HCI sockets. */ 261da177e4SLinus Torvalds 271da177e4SLinus Torvalds #include <linux/module.h> 281da177e4SLinus Torvalds 291da177e4SLinus Torvalds #include <linux/types.h> 304fc268d2SRandy Dunlap #include <linux/capability.h> 311da177e4SLinus Torvalds #include <linux/errno.h> 321da177e4SLinus Torvalds #include <linux/kernel.h> 331da177e4SLinus Torvalds #include <linux/slab.h> 341da177e4SLinus Torvalds #include <linux/poll.h> 351da177e4SLinus Torvalds #include <linux/fcntl.h> 361da177e4SLinus Torvalds #include <linux/init.h> 371da177e4SLinus Torvalds #include <linux/skbuff.h> 381da177e4SLinus Torvalds #include <linux/workqueue.h> 391da177e4SLinus Torvalds #include <linux/interrupt.h> 40767c5eb5SMarcel Holtmann #include <linux/compat.h> 411da177e4SLinus Torvalds #include <linux/socket.h> 421da177e4SLinus Torvalds #include <linux/ioctl.h> 431da177e4SLinus Torvalds #include <net/sock.h> 441da177e4SLinus Torvalds 451da177e4SLinus Torvalds #include <asm/system.h> 461da177e4SLinus Torvalds #include <asm/uaccess.h> 471da177e4SLinus Torvalds #include <asm/unaligned.h> 481da177e4SLinus Torvalds 491da177e4SLinus Torvalds #include <net/bluetooth/bluetooth.h> 501da177e4SLinus Torvalds #include <net/bluetooth/hci_core.h> 511da177e4SLinus Torvalds 521da177e4SLinus Torvalds /* ----- HCI socket interface ----- */ 531da177e4SLinus Torvalds 541da177e4SLinus Torvalds static inline int hci_test_bit(int nr, void *addr) 551da177e4SLinus Torvalds { 561da177e4SLinus Torvalds return *((__u32 *) addr + (nr >> 5)) & ((__u32) 1 << (nr & 31)); 571da177e4SLinus Torvalds } 581da177e4SLinus Torvalds 591da177e4SLinus Torvalds /* Security filter */ 601da177e4SLinus Torvalds static struct hci_sec_filter hci_sec_filter = { 611da177e4SLinus Torvalds /* Packet types */ 621da177e4SLinus Torvalds 0x10, 631da177e4SLinus Torvalds /* Events */ 64dd7f5527SMarcel Holtmann { 0x1000d9fe, 0x0000b00c }, 651da177e4SLinus Torvalds /* Commands */ 661da177e4SLinus Torvalds { 671da177e4SLinus Torvalds { 0x0 }, 681da177e4SLinus Torvalds /* OGF_LINK_CTL */ 697c631a67SMarcel Holtmann { 0xbe000006, 0x00000001, 0x00000000, 0x00 }, 701da177e4SLinus Torvalds /* OGF_LINK_POLICY */ 717c631a67SMarcel Holtmann { 0x00005200, 0x00000000, 0x00000000, 0x00 }, 721da177e4SLinus Torvalds /* OGF_HOST_CTL */ 737c631a67SMarcel Holtmann { 0xaab00200, 0x2b402aaa, 0x05220154, 0x00 }, 741da177e4SLinus Torvalds /* OGF_INFO_PARAM */ 757c631a67SMarcel Holtmann { 0x000002be, 0x00000000, 0x00000000, 0x00 }, 761da177e4SLinus Torvalds /* OGF_STATUS_PARAM */ 777c631a67SMarcel Holtmann { 0x000000ea, 0x00000000, 0x00000000, 0x00 } 781da177e4SLinus Torvalds } 791da177e4SLinus Torvalds }; 801da177e4SLinus Torvalds 811da177e4SLinus Torvalds static struct bt_sock_list hci_sk_list = { 82d5fb2962SRobert P. J. Day .lock = __RW_LOCK_UNLOCKED(hci_sk_list.lock) 831da177e4SLinus Torvalds }; 841da177e4SLinus Torvalds 851da177e4SLinus Torvalds /* Send frame to RAW socket */ 861da177e4SLinus Torvalds void hci_send_to_sock(struct hci_dev *hdev, struct sk_buff *skb) 871da177e4SLinus Torvalds { 881da177e4SLinus Torvalds struct sock *sk; 891da177e4SLinus Torvalds struct hlist_node *node; 901da177e4SLinus Torvalds 911da177e4SLinus Torvalds BT_DBG("hdev %p len %d", hdev, skb->len); 921da177e4SLinus Torvalds 931da177e4SLinus Torvalds read_lock(&hci_sk_list.lock); 941da177e4SLinus Torvalds sk_for_each(sk, node, &hci_sk_list.head) { 951da177e4SLinus Torvalds struct hci_filter *flt; 961da177e4SLinus Torvalds struct sk_buff *nskb; 971da177e4SLinus Torvalds 981da177e4SLinus Torvalds if (sk->sk_state != BT_BOUND || hci_pi(sk)->hdev != hdev) 991da177e4SLinus Torvalds continue; 1001da177e4SLinus Torvalds 1011da177e4SLinus Torvalds /* Don't send frame to the socket it came from */ 1021da177e4SLinus Torvalds if (skb->sk == sk) 1031da177e4SLinus Torvalds continue; 1041da177e4SLinus Torvalds 1051da177e4SLinus Torvalds /* Apply filter */ 1061da177e4SLinus Torvalds flt = &hci_pi(sk)->filter; 1071da177e4SLinus Torvalds 1080d48d939SMarcel Holtmann if (!test_bit((bt_cb(skb)->pkt_type == HCI_VENDOR_PKT) ? 1090d48d939SMarcel Holtmann 0 : (bt_cb(skb)->pkt_type & HCI_FLT_TYPE_BITS), &flt->type_mask)) 1101da177e4SLinus Torvalds continue; 1111da177e4SLinus Torvalds 1120d48d939SMarcel Holtmann if (bt_cb(skb)->pkt_type == HCI_EVENT_PKT) { 1131da177e4SLinus Torvalds register int evt = (*(__u8 *)skb->data & HCI_FLT_EVENT_BITS); 1141da177e4SLinus Torvalds 1151da177e4SLinus Torvalds if (!hci_test_bit(evt, &flt->event_mask)) 1161da177e4SLinus Torvalds continue; 1171da177e4SLinus Torvalds 1184498c80dSDavid S. Miller if (flt->opcode && 1194498c80dSDavid S. Miller ((evt == HCI_EV_CMD_COMPLETE && 1204498c80dSDavid S. Miller flt->opcode != 121905f3ed6SAl Viro get_unaligned((__le16 *)(skb->data + 3))) || 1221da177e4SLinus Torvalds (evt == HCI_EV_CMD_STATUS && 1234498c80dSDavid S. Miller flt->opcode != 124905f3ed6SAl Viro get_unaligned((__le16 *)(skb->data + 4))))) 1251da177e4SLinus Torvalds continue; 1261da177e4SLinus Torvalds } 1271da177e4SLinus Torvalds 1281da177e4SLinus Torvalds if (!(nskb = skb_clone(skb, GFP_ATOMIC))) 1291da177e4SLinus Torvalds continue; 1301da177e4SLinus Torvalds 1311da177e4SLinus Torvalds /* Put type byte before the data */ 1320d48d939SMarcel Holtmann memcpy(skb_push(nskb, 1), &bt_cb(nskb)->pkt_type, 1); 1331da177e4SLinus Torvalds 1341da177e4SLinus Torvalds if (sock_queue_rcv_skb(sk, nskb)) 1351da177e4SLinus Torvalds kfree_skb(nskb); 1361da177e4SLinus Torvalds } 1371da177e4SLinus Torvalds read_unlock(&hci_sk_list.lock); 1381da177e4SLinus Torvalds } 1391da177e4SLinus Torvalds 1401da177e4SLinus Torvalds static int hci_sock_release(struct socket *sock) 1411da177e4SLinus Torvalds { 1421da177e4SLinus Torvalds struct sock *sk = sock->sk; 1437b005bd3SMarcel Holtmann struct hci_dev *hdev; 1441da177e4SLinus Torvalds 1451da177e4SLinus Torvalds BT_DBG("sock %p sk %p", sock, sk); 1461da177e4SLinus Torvalds 1471da177e4SLinus Torvalds if (!sk) 1481da177e4SLinus Torvalds return 0; 1491da177e4SLinus Torvalds 1507b005bd3SMarcel Holtmann hdev = hci_pi(sk)->hdev; 1517b005bd3SMarcel Holtmann 1521da177e4SLinus Torvalds bt_sock_unlink(&hci_sk_list, sk); 1531da177e4SLinus Torvalds 1541da177e4SLinus Torvalds if (hdev) { 1551da177e4SLinus Torvalds atomic_dec(&hdev->promisc); 1561da177e4SLinus Torvalds hci_dev_put(hdev); 1571da177e4SLinus Torvalds } 1581da177e4SLinus Torvalds 1591da177e4SLinus Torvalds sock_orphan(sk); 1601da177e4SLinus Torvalds 1611da177e4SLinus Torvalds skb_queue_purge(&sk->sk_receive_queue); 1621da177e4SLinus Torvalds skb_queue_purge(&sk->sk_write_queue); 1631da177e4SLinus Torvalds 1641da177e4SLinus Torvalds sock_put(sk); 1651da177e4SLinus Torvalds return 0; 1661da177e4SLinus Torvalds } 1671da177e4SLinus Torvalds 1681da177e4SLinus Torvalds /* Ioctls that require bound socket */ 1691da177e4SLinus Torvalds static inline int hci_sock_bound_ioctl(struct sock *sk, unsigned int cmd, unsigned long arg) 1701da177e4SLinus Torvalds { 1711da177e4SLinus Torvalds struct hci_dev *hdev = hci_pi(sk)->hdev; 1721da177e4SLinus Torvalds 1731da177e4SLinus Torvalds if (!hdev) 1741da177e4SLinus Torvalds return -EBADFD; 1751da177e4SLinus Torvalds 1761da177e4SLinus Torvalds switch (cmd) { 1771da177e4SLinus Torvalds case HCISETRAW: 1781da177e4SLinus Torvalds if (!capable(CAP_NET_ADMIN)) 1791da177e4SLinus Torvalds return -EACCES; 1801da177e4SLinus Torvalds 1811da177e4SLinus Torvalds if (test_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks)) 1821da177e4SLinus Torvalds return -EPERM; 1831da177e4SLinus Torvalds 1841da177e4SLinus Torvalds if (arg) 1851da177e4SLinus Torvalds set_bit(HCI_RAW, &hdev->flags); 1861da177e4SLinus Torvalds else 1871da177e4SLinus Torvalds clear_bit(HCI_RAW, &hdev->flags); 1881da177e4SLinus Torvalds 1891da177e4SLinus Torvalds return 0; 1901da177e4SLinus Torvalds 1911da177e4SLinus Torvalds case HCIGETCONNINFO: 1921da177e4SLinus Torvalds return hci_get_conn_info(hdev, (void __user *) arg); 1931da177e4SLinus Torvalds 19440be492fSMarcel Holtmann case HCIGETAUTHINFO: 19540be492fSMarcel Holtmann return hci_get_auth_info(hdev, (void __user *) arg); 19640be492fSMarcel Holtmann 1971da177e4SLinus Torvalds default: 1981da177e4SLinus Torvalds if (hdev->ioctl) 1991da177e4SLinus Torvalds return hdev->ioctl(hdev, cmd, arg); 2001da177e4SLinus Torvalds return -EINVAL; 2011da177e4SLinus Torvalds } 2021da177e4SLinus Torvalds } 2031da177e4SLinus Torvalds 2041da177e4SLinus Torvalds static int hci_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 2051da177e4SLinus Torvalds { 2061da177e4SLinus Torvalds struct sock *sk = sock->sk; 2071da177e4SLinus Torvalds void __user *argp = (void __user *) arg; 2081da177e4SLinus Torvalds int err; 2091da177e4SLinus Torvalds 2101da177e4SLinus Torvalds BT_DBG("cmd %x arg %lx", cmd, arg); 2111da177e4SLinus Torvalds 2121da177e4SLinus Torvalds switch (cmd) { 2131da177e4SLinus Torvalds case HCIGETDEVLIST: 2141da177e4SLinus Torvalds return hci_get_dev_list(argp); 2151da177e4SLinus Torvalds 2161da177e4SLinus Torvalds case HCIGETDEVINFO: 2171da177e4SLinus Torvalds return hci_get_dev_info(argp); 2181da177e4SLinus Torvalds 2191da177e4SLinus Torvalds case HCIGETCONNLIST: 2201da177e4SLinus Torvalds return hci_get_conn_list(argp); 2211da177e4SLinus Torvalds 2221da177e4SLinus Torvalds case HCIDEVUP: 2231da177e4SLinus Torvalds if (!capable(CAP_NET_ADMIN)) 2241da177e4SLinus Torvalds return -EACCES; 2251da177e4SLinus Torvalds return hci_dev_open(arg); 2261da177e4SLinus Torvalds 2271da177e4SLinus Torvalds case HCIDEVDOWN: 2281da177e4SLinus Torvalds if (!capable(CAP_NET_ADMIN)) 2291da177e4SLinus Torvalds return -EACCES; 2301da177e4SLinus Torvalds return hci_dev_close(arg); 2311da177e4SLinus Torvalds 2321da177e4SLinus Torvalds case HCIDEVRESET: 2331da177e4SLinus Torvalds if (!capable(CAP_NET_ADMIN)) 2341da177e4SLinus Torvalds return -EACCES; 2351da177e4SLinus Torvalds return hci_dev_reset(arg); 2361da177e4SLinus Torvalds 2371da177e4SLinus Torvalds case HCIDEVRESTAT: 2381da177e4SLinus Torvalds if (!capable(CAP_NET_ADMIN)) 2391da177e4SLinus Torvalds return -EACCES; 2401da177e4SLinus Torvalds return hci_dev_reset_stat(arg); 2411da177e4SLinus Torvalds 2421da177e4SLinus Torvalds case HCISETSCAN: 2431da177e4SLinus Torvalds case HCISETAUTH: 2441da177e4SLinus Torvalds case HCISETENCRYPT: 2451da177e4SLinus Torvalds case HCISETPTYPE: 2461da177e4SLinus Torvalds case HCISETLINKPOL: 2471da177e4SLinus Torvalds case HCISETLINKMODE: 2481da177e4SLinus Torvalds case HCISETACLMTU: 2491da177e4SLinus Torvalds case HCISETSCOMTU: 2501da177e4SLinus Torvalds if (!capable(CAP_NET_ADMIN)) 2511da177e4SLinus Torvalds return -EACCES; 2521da177e4SLinus Torvalds return hci_dev_cmd(cmd, argp); 2531da177e4SLinus Torvalds 2541da177e4SLinus Torvalds case HCIINQUIRY: 2551da177e4SLinus Torvalds return hci_inquiry(argp); 2561da177e4SLinus Torvalds 2571da177e4SLinus Torvalds default: 2581da177e4SLinus Torvalds lock_sock(sk); 2591da177e4SLinus Torvalds err = hci_sock_bound_ioctl(sk, cmd, arg); 2601da177e4SLinus Torvalds release_sock(sk); 2611da177e4SLinus Torvalds return err; 2621da177e4SLinus Torvalds } 2631da177e4SLinus Torvalds } 2641da177e4SLinus Torvalds 2651da177e4SLinus Torvalds static int hci_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len) 2661da177e4SLinus Torvalds { 2671da177e4SLinus Torvalds struct sockaddr_hci *haddr = (struct sockaddr_hci *) addr; 2681da177e4SLinus Torvalds struct sock *sk = sock->sk; 2691da177e4SLinus Torvalds struct hci_dev *hdev = NULL; 2701da177e4SLinus Torvalds int err = 0; 2711da177e4SLinus Torvalds 2721da177e4SLinus Torvalds BT_DBG("sock %p sk %p", sock, sk); 2731da177e4SLinus Torvalds 2741da177e4SLinus Torvalds if (!haddr || haddr->hci_family != AF_BLUETOOTH) 2751da177e4SLinus Torvalds return -EINVAL; 2761da177e4SLinus Torvalds 2771da177e4SLinus Torvalds lock_sock(sk); 2781da177e4SLinus Torvalds 2791da177e4SLinus Torvalds if (hci_pi(sk)->hdev) { 2801da177e4SLinus Torvalds err = -EALREADY; 2811da177e4SLinus Torvalds goto done; 2821da177e4SLinus Torvalds } 2831da177e4SLinus Torvalds 2841da177e4SLinus Torvalds if (haddr->hci_dev != HCI_DEV_NONE) { 2851da177e4SLinus Torvalds if (!(hdev = hci_dev_get(haddr->hci_dev))) { 2861da177e4SLinus Torvalds err = -ENODEV; 2871da177e4SLinus Torvalds goto done; 2881da177e4SLinus Torvalds } 2891da177e4SLinus Torvalds 2901da177e4SLinus Torvalds atomic_inc(&hdev->promisc); 2911da177e4SLinus Torvalds } 2921da177e4SLinus Torvalds 2931da177e4SLinus Torvalds hci_pi(sk)->hdev = hdev; 2941da177e4SLinus Torvalds sk->sk_state = BT_BOUND; 2951da177e4SLinus Torvalds 2961da177e4SLinus Torvalds done: 2971da177e4SLinus Torvalds release_sock(sk); 2981da177e4SLinus Torvalds return err; 2991da177e4SLinus Torvalds } 3001da177e4SLinus Torvalds 3011da177e4SLinus Torvalds static int hci_sock_getname(struct socket *sock, struct sockaddr *addr, int *addr_len, int peer) 3021da177e4SLinus Torvalds { 3031da177e4SLinus Torvalds struct sockaddr_hci *haddr = (struct sockaddr_hci *) addr; 3041da177e4SLinus Torvalds struct sock *sk = sock->sk; 3057b005bd3SMarcel Holtmann struct hci_dev *hdev = hci_pi(sk)->hdev; 3061da177e4SLinus Torvalds 3071da177e4SLinus Torvalds BT_DBG("sock %p sk %p", sock, sk); 3081da177e4SLinus Torvalds 3097b005bd3SMarcel Holtmann if (!hdev) 3107b005bd3SMarcel Holtmann return -EBADFD; 3117b005bd3SMarcel Holtmann 3121da177e4SLinus Torvalds lock_sock(sk); 3131da177e4SLinus Torvalds 3141da177e4SLinus Torvalds *addr_len = sizeof(*haddr); 3151da177e4SLinus Torvalds haddr->hci_family = AF_BLUETOOTH; 3167b005bd3SMarcel Holtmann haddr->hci_dev = hdev->id; 3171da177e4SLinus Torvalds 3181da177e4SLinus Torvalds release_sock(sk); 3191da177e4SLinus Torvalds return 0; 3201da177e4SLinus Torvalds } 3211da177e4SLinus Torvalds 3221da177e4SLinus Torvalds static inline void hci_sock_cmsg(struct sock *sk, struct msghdr *msg, struct sk_buff *skb) 3231da177e4SLinus Torvalds { 3241da177e4SLinus Torvalds __u32 mask = hci_pi(sk)->cmsg_mask; 3251da177e4SLinus Torvalds 3260d48d939SMarcel Holtmann if (mask & HCI_CMSG_DIR) { 3270d48d939SMarcel Holtmann int incoming = bt_cb(skb)->incoming; 3280d48d939SMarcel Holtmann put_cmsg(msg, SOL_HCI, HCI_CMSG_DIR, sizeof(incoming), &incoming); 3290d48d939SMarcel Holtmann } 3301da177e4SLinus Torvalds 331a61bbcf2SPatrick McHardy if (mask & HCI_CMSG_TSTAMP) { 332*f6e623a6SJohann Felix Soden #ifdef CONFIG_COMPAT 333*f6e623a6SJohann Felix Soden struct compat_timeval ctv; 334*f6e623a6SJohann Felix Soden #endif 335a61bbcf2SPatrick McHardy struct timeval tv; 336767c5eb5SMarcel Holtmann void *data; 337767c5eb5SMarcel Holtmann int len; 338a61bbcf2SPatrick McHardy 339a61bbcf2SPatrick McHardy skb_get_timestamp(skb, &tv); 340767c5eb5SMarcel Holtmann 3411da97f83SDavid S. Miller data = &tv; 3421da97f83SDavid S. Miller len = sizeof(tv); 3431da97f83SDavid S. Miller #ifdef CONFIG_COMPAT 344767c5eb5SMarcel Holtmann if (msg->msg_flags & MSG_CMSG_COMPAT) { 345767c5eb5SMarcel Holtmann ctv.tv_sec = tv.tv_sec; 346767c5eb5SMarcel Holtmann ctv.tv_usec = tv.tv_usec; 347767c5eb5SMarcel Holtmann data = &ctv; 348767c5eb5SMarcel Holtmann len = sizeof(ctv); 349767c5eb5SMarcel Holtmann } 3501da97f83SDavid S. Miller #endif 351767c5eb5SMarcel Holtmann 352767c5eb5SMarcel Holtmann put_cmsg(msg, SOL_HCI, HCI_CMSG_TSTAMP, len, data); 353a61bbcf2SPatrick McHardy } 3541da177e4SLinus Torvalds } 3551da177e4SLinus Torvalds 3561da177e4SLinus Torvalds static int hci_sock_recvmsg(struct kiocb *iocb, struct socket *sock, 3571da177e4SLinus Torvalds struct msghdr *msg, size_t len, int flags) 3581da177e4SLinus Torvalds { 3591da177e4SLinus Torvalds int noblock = flags & MSG_DONTWAIT; 3601da177e4SLinus Torvalds struct sock *sk = sock->sk; 3611da177e4SLinus Torvalds struct sk_buff *skb; 3621da177e4SLinus Torvalds int copied, err; 3631da177e4SLinus Torvalds 3641da177e4SLinus Torvalds BT_DBG("sock %p, sk %p", sock, sk); 3651da177e4SLinus Torvalds 3661da177e4SLinus Torvalds if (flags & (MSG_OOB)) 3671da177e4SLinus Torvalds return -EOPNOTSUPP; 3681da177e4SLinus Torvalds 3691da177e4SLinus Torvalds if (sk->sk_state == BT_CLOSED) 3701da177e4SLinus Torvalds return 0; 3711da177e4SLinus Torvalds 3721da177e4SLinus Torvalds if (!(skb = skb_recv_datagram(sk, flags, noblock, &err))) 3731da177e4SLinus Torvalds return err; 3741da177e4SLinus Torvalds 3751da177e4SLinus Torvalds msg->msg_namelen = 0; 3761da177e4SLinus Torvalds 3771da177e4SLinus Torvalds copied = skb->len; 3781da177e4SLinus Torvalds if (len < copied) { 3791da177e4SLinus Torvalds msg->msg_flags |= MSG_TRUNC; 3801da177e4SLinus Torvalds copied = len; 3811da177e4SLinus Torvalds } 3821da177e4SLinus Torvalds 383badff6d0SArnaldo Carvalho de Melo skb_reset_transport_header(skb); 3841da177e4SLinus Torvalds err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); 3851da177e4SLinus Torvalds 3861da177e4SLinus Torvalds hci_sock_cmsg(sk, msg, skb); 3871da177e4SLinus Torvalds 3881da177e4SLinus Torvalds skb_free_datagram(sk, skb); 3891da177e4SLinus Torvalds 3901da177e4SLinus Torvalds return err ? : copied; 3911da177e4SLinus Torvalds } 3921da177e4SLinus Torvalds 3931da177e4SLinus Torvalds static int hci_sock_sendmsg(struct kiocb *iocb, struct socket *sock, 3941da177e4SLinus Torvalds struct msghdr *msg, size_t len) 3951da177e4SLinus Torvalds { 3961da177e4SLinus Torvalds struct sock *sk = sock->sk; 3971da177e4SLinus Torvalds struct hci_dev *hdev; 3981da177e4SLinus Torvalds struct sk_buff *skb; 3991da177e4SLinus Torvalds int err; 4001da177e4SLinus Torvalds 4011da177e4SLinus Torvalds BT_DBG("sock %p sk %p", sock, sk); 4021da177e4SLinus Torvalds 4031da177e4SLinus Torvalds if (msg->msg_flags & MSG_OOB) 4041da177e4SLinus Torvalds return -EOPNOTSUPP; 4051da177e4SLinus Torvalds 4061da177e4SLinus Torvalds if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_NOSIGNAL|MSG_ERRQUEUE)) 4071da177e4SLinus Torvalds return -EINVAL; 4081da177e4SLinus Torvalds 4091da177e4SLinus Torvalds if (len < 4 || len > HCI_MAX_FRAME_SIZE) 4101da177e4SLinus Torvalds return -EINVAL; 4111da177e4SLinus Torvalds 4121da177e4SLinus Torvalds lock_sock(sk); 4131da177e4SLinus Torvalds 4141da177e4SLinus Torvalds if (!(hdev = hci_pi(sk)->hdev)) { 4151da177e4SLinus Torvalds err = -EBADFD; 4161da177e4SLinus Torvalds goto done; 4171da177e4SLinus Torvalds } 4181da177e4SLinus Torvalds 4197e21addcSMarcel Holtmann if (!test_bit(HCI_UP, &hdev->flags)) { 4207e21addcSMarcel Holtmann err = -ENETDOWN; 4217e21addcSMarcel Holtmann goto done; 4227e21addcSMarcel Holtmann } 4237e21addcSMarcel Holtmann 4241da177e4SLinus Torvalds if (!(skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err))) 4251da177e4SLinus Torvalds goto done; 4261da177e4SLinus Torvalds 4271da177e4SLinus Torvalds if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) { 4281da177e4SLinus Torvalds err = -EFAULT; 4291da177e4SLinus Torvalds goto drop; 4301da177e4SLinus Torvalds } 4311da177e4SLinus Torvalds 4320d48d939SMarcel Holtmann bt_cb(skb)->pkt_type = *((unsigned char *) skb->data); 4331da177e4SLinus Torvalds skb_pull(skb, 1); 4341da177e4SLinus Torvalds skb->dev = (void *) hdev; 4351da177e4SLinus Torvalds 4360d48d939SMarcel Holtmann if (bt_cb(skb)->pkt_type == HCI_COMMAND_PKT) { 43783985319SHarvey Harrison u16 opcode = get_unaligned_le16(skb->data); 4381da177e4SLinus Torvalds u16 ogf = hci_opcode_ogf(opcode); 4391da177e4SLinus Torvalds u16 ocf = hci_opcode_ocf(opcode); 4401da177e4SLinus Torvalds 4411da177e4SLinus Torvalds if (((ogf > HCI_SFLT_MAX_OGF) || 4421da177e4SLinus Torvalds !hci_test_bit(ocf & HCI_FLT_OCF_BITS, &hci_sec_filter.ocf_mask[ogf])) && 4431da177e4SLinus Torvalds !capable(CAP_NET_RAW)) { 4441da177e4SLinus Torvalds err = -EPERM; 4451da177e4SLinus Torvalds goto drop; 4461da177e4SLinus Torvalds } 4471da177e4SLinus Torvalds 448a9de9248SMarcel Holtmann if (test_bit(HCI_RAW, &hdev->flags) || (ogf == 0x3f)) { 4491da177e4SLinus Torvalds skb_queue_tail(&hdev->raw_q, skb); 450c78ae283SMarcel Holtmann tasklet_schedule(&hdev->tx_task); 4511da177e4SLinus Torvalds } else { 4521da177e4SLinus Torvalds skb_queue_tail(&hdev->cmd_q, skb); 453c78ae283SMarcel Holtmann tasklet_schedule(&hdev->cmd_task); 4541da177e4SLinus Torvalds } 4551da177e4SLinus Torvalds } else { 4561da177e4SLinus Torvalds if (!capable(CAP_NET_RAW)) { 4571da177e4SLinus Torvalds err = -EPERM; 4581da177e4SLinus Torvalds goto drop; 4591da177e4SLinus Torvalds } 4601da177e4SLinus Torvalds 4611da177e4SLinus Torvalds skb_queue_tail(&hdev->raw_q, skb); 462c78ae283SMarcel Holtmann tasklet_schedule(&hdev->tx_task); 4631da177e4SLinus Torvalds } 4641da177e4SLinus Torvalds 4651da177e4SLinus Torvalds err = len; 4661da177e4SLinus Torvalds 4671da177e4SLinus Torvalds done: 4681da177e4SLinus Torvalds release_sock(sk); 4691da177e4SLinus Torvalds return err; 4701da177e4SLinus Torvalds 4711da177e4SLinus Torvalds drop: 4721da177e4SLinus Torvalds kfree_skb(skb); 4731da177e4SLinus Torvalds goto done; 4741da177e4SLinus Torvalds } 4751da177e4SLinus Torvalds 476b7058842SDavid S. Miller static int hci_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int len) 4771da177e4SLinus Torvalds { 4781da177e4SLinus Torvalds struct hci_ufilter uf = { .opcode = 0 }; 4791da177e4SLinus Torvalds struct sock *sk = sock->sk; 4801da177e4SLinus Torvalds int err = 0, opt = 0; 4811da177e4SLinus Torvalds 4821da177e4SLinus Torvalds BT_DBG("sk %p, opt %d", sk, optname); 4831da177e4SLinus Torvalds 4841da177e4SLinus Torvalds lock_sock(sk); 4851da177e4SLinus Torvalds 4861da177e4SLinus Torvalds switch (optname) { 4871da177e4SLinus Torvalds case HCI_DATA_DIR: 4881da177e4SLinus Torvalds if (get_user(opt, (int __user *)optval)) { 4891da177e4SLinus Torvalds err = -EFAULT; 4901da177e4SLinus Torvalds break; 4911da177e4SLinus Torvalds } 4921da177e4SLinus Torvalds 4931da177e4SLinus Torvalds if (opt) 4941da177e4SLinus Torvalds hci_pi(sk)->cmsg_mask |= HCI_CMSG_DIR; 4951da177e4SLinus Torvalds else 4961da177e4SLinus Torvalds hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_DIR; 4971da177e4SLinus Torvalds break; 4981da177e4SLinus Torvalds 4991da177e4SLinus Torvalds case HCI_TIME_STAMP: 5001da177e4SLinus Torvalds if (get_user(opt, (int __user *)optval)) { 5011da177e4SLinus Torvalds err = -EFAULT; 5021da177e4SLinus Torvalds break; 5031da177e4SLinus Torvalds } 5041da177e4SLinus Torvalds 5051da177e4SLinus Torvalds if (opt) 5061da177e4SLinus Torvalds hci_pi(sk)->cmsg_mask |= HCI_CMSG_TSTAMP; 5071da177e4SLinus Torvalds else 5081da177e4SLinus Torvalds hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_TSTAMP; 5091da177e4SLinus Torvalds break; 5101da177e4SLinus Torvalds 5111da177e4SLinus Torvalds case HCI_FILTER: 5120878b666SMarcel Holtmann { 5130878b666SMarcel Holtmann struct hci_filter *f = &hci_pi(sk)->filter; 5140878b666SMarcel Holtmann 5150878b666SMarcel Holtmann uf.type_mask = f->type_mask; 5160878b666SMarcel Holtmann uf.opcode = f->opcode; 5170878b666SMarcel Holtmann uf.event_mask[0] = *((u32 *) f->event_mask + 0); 5180878b666SMarcel Holtmann uf.event_mask[1] = *((u32 *) f->event_mask + 1); 5190878b666SMarcel Holtmann } 5200878b666SMarcel Holtmann 5211da177e4SLinus Torvalds len = min_t(unsigned int, len, sizeof(uf)); 5221da177e4SLinus Torvalds if (copy_from_user(&uf, optval, len)) { 5231da177e4SLinus Torvalds err = -EFAULT; 5241da177e4SLinus Torvalds break; 5251da177e4SLinus Torvalds } 5261da177e4SLinus Torvalds 5271da177e4SLinus Torvalds if (!capable(CAP_NET_RAW)) { 5281da177e4SLinus Torvalds uf.type_mask &= hci_sec_filter.type_mask; 5291da177e4SLinus Torvalds uf.event_mask[0] &= *((u32 *) hci_sec_filter.event_mask + 0); 5301da177e4SLinus Torvalds uf.event_mask[1] &= *((u32 *) hci_sec_filter.event_mask + 1); 5311da177e4SLinus Torvalds } 5321da177e4SLinus Torvalds 5331da177e4SLinus Torvalds { 5341da177e4SLinus Torvalds struct hci_filter *f = &hci_pi(sk)->filter; 5351da177e4SLinus Torvalds 5361da177e4SLinus Torvalds f->type_mask = uf.type_mask; 5371da177e4SLinus Torvalds f->opcode = uf.opcode; 5381da177e4SLinus Torvalds *((u32 *) f->event_mask + 0) = uf.event_mask[0]; 5391da177e4SLinus Torvalds *((u32 *) f->event_mask + 1) = uf.event_mask[1]; 5401da177e4SLinus Torvalds } 5411da177e4SLinus Torvalds break; 5421da177e4SLinus Torvalds 5431da177e4SLinus Torvalds default: 5441da177e4SLinus Torvalds err = -ENOPROTOOPT; 5451da177e4SLinus Torvalds break; 5461da177e4SLinus Torvalds } 5471da177e4SLinus Torvalds 5481da177e4SLinus Torvalds release_sock(sk); 5491da177e4SLinus Torvalds return err; 5501da177e4SLinus Torvalds } 5511da177e4SLinus Torvalds 5521da177e4SLinus Torvalds static int hci_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen) 5531da177e4SLinus Torvalds { 5541da177e4SLinus Torvalds struct hci_ufilter uf; 5551da177e4SLinus Torvalds struct sock *sk = sock->sk; 5561da177e4SLinus Torvalds int len, opt; 5571da177e4SLinus Torvalds 5581da177e4SLinus Torvalds if (get_user(len, optlen)) 5591da177e4SLinus Torvalds return -EFAULT; 5601da177e4SLinus Torvalds 5611da177e4SLinus Torvalds switch (optname) { 5621da177e4SLinus Torvalds case HCI_DATA_DIR: 5631da177e4SLinus Torvalds if (hci_pi(sk)->cmsg_mask & HCI_CMSG_DIR) 5641da177e4SLinus Torvalds opt = 1; 5651da177e4SLinus Torvalds else 5661da177e4SLinus Torvalds opt = 0; 5671da177e4SLinus Torvalds 5681da177e4SLinus Torvalds if (put_user(opt, optval)) 5691da177e4SLinus Torvalds return -EFAULT; 5701da177e4SLinus Torvalds break; 5711da177e4SLinus Torvalds 5721da177e4SLinus Torvalds case HCI_TIME_STAMP: 5731da177e4SLinus Torvalds if (hci_pi(sk)->cmsg_mask & HCI_CMSG_TSTAMP) 5741da177e4SLinus Torvalds opt = 1; 5751da177e4SLinus Torvalds else 5761da177e4SLinus Torvalds opt = 0; 5771da177e4SLinus Torvalds 5781da177e4SLinus Torvalds if (put_user(opt, optval)) 5791da177e4SLinus Torvalds return -EFAULT; 5801da177e4SLinus Torvalds break; 5811da177e4SLinus Torvalds 5821da177e4SLinus Torvalds case HCI_FILTER: 5831da177e4SLinus Torvalds { 5841da177e4SLinus Torvalds struct hci_filter *f = &hci_pi(sk)->filter; 5851da177e4SLinus Torvalds 5861da177e4SLinus Torvalds uf.type_mask = f->type_mask; 5871da177e4SLinus Torvalds uf.opcode = f->opcode; 5881da177e4SLinus Torvalds uf.event_mask[0] = *((u32 *) f->event_mask + 0); 5891da177e4SLinus Torvalds uf.event_mask[1] = *((u32 *) f->event_mask + 1); 5901da177e4SLinus Torvalds } 5911da177e4SLinus Torvalds 5921da177e4SLinus Torvalds len = min_t(unsigned int, len, sizeof(uf)); 5931da177e4SLinus Torvalds if (copy_to_user(optval, &uf, len)) 5941da177e4SLinus Torvalds return -EFAULT; 5951da177e4SLinus Torvalds break; 5961da177e4SLinus Torvalds 5971da177e4SLinus Torvalds default: 5981da177e4SLinus Torvalds return -ENOPROTOOPT; 5991da177e4SLinus Torvalds break; 6001da177e4SLinus Torvalds } 6011da177e4SLinus Torvalds 6021da177e4SLinus Torvalds return 0; 6031da177e4SLinus Torvalds } 6041da177e4SLinus Torvalds 60590ddc4f0SEric Dumazet static const struct proto_ops hci_sock_ops = { 6061da177e4SLinus Torvalds .family = PF_BLUETOOTH, 6071da177e4SLinus Torvalds .owner = THIS_MODULE, 6081da177e4SLinus Torvalds .release = hci_sock_release, 6091da177e4SLinus Torvalds .bind = hci_sock_bind, 6101da177e4SLinus Torvalds .getname = hci_sock_getname, 6111da177e4SLinus Torvalds .sendmsg = hci_sock_sendmsg, 6121da177e4SLinus Torvalds .recvmsg = hci_sock_recvmsg, 6131da177e4SLinus Torvalds .ioctl = hci_sock_ioctl, 6141da177e4SLinus Torvalds .poll = datagram_poll, 6151da177e4SLinus Torvalds .listen = sock_no_listen, 6161da177e4SLinus Torvalds .shutdown = sock_no_shutdown, 6171da177e4SLinus Torvalds .setsockopt = hci_sock_setsockopt, 6181da177e4SLinus Torvalds .getsockopt = hci_sock_getsockopt, 6191da177e4SLinus Torvalds .connect = sock_no_connect, 6201da177e4SLinus Torvalds .socketpair = sock_no_socketpair, 6211da177e4SLinus Torvalds .accept = sock_no_accept, 6221da177e4SLinus Torvalds .mmap = sock_no_mmap 6231da177e4SLinus Torvalds }; 6241da177e4SLinus Torvalds 6251da177e4SLinus Torvalds static struct proto hci_sk_proto = { 6261da177e4SLinus Torvalds .name = "HCI", 6271da177e4SLinus Torvalds .owner = THIS_MODULE, 6281da177e4SLinus Torvalds .obj_size = sizeof(struct hci_pinfo) 6291da177e4SLinus Torvalds }; 6301da177e4SLinus Torvalds 6313f378b68SEric Paris static int hci_sock_create(struct net *net, struct socket *sock, int protocol, 6323f378b68SEric Paris int kern) 6331da177e4SLinus Torvalds { 6341da177e4SLinus Torvalds struct sock *sk; 6351da177e4SLinus Torvalds 6361da177e4SLinus Torvalds BT_DBG("sock %p", sock); 6371da177e4SLinus Torvalds 6381da177e4SLinus Torvalds if (sock->type != SOCK_RAW) 6391da177e4SLinus Torvalds return -ESOCKTNOSUPPORT; 6401da177e4SLinus Torvalds 6411da177e4SLinus Torvalds sock->ops = &hci_sock_ops; 6421da177e4SLinus Torvalds 6436257ff21SPavel Emelyanov sk = sk_alloc(net, PF_BLUETOOTH, GFP_ATOMIC, &hci_sk_proto); 6441da177e4SLinus Torvalds if (!sk) 6451da177e4SLinus Torvalds return -ENOMEM; 6461da177e4SLinus Torvalds 6471da177e4SLinus Torvalds sock_init_data(sock, sk); 6481da177e4SLinus Torvalds 6491da177e4SLinus Torvalds sock_reset_flag(sk, SOCK_ZAPPED); 6501da177e4SLinus Torvalds 6511da177e4SLinus Torvalds sk->sk_protocol = protocol; 6521da177e4SLinus Torvalds 6531da177e4SLinus Torvalds sock->state = SS_UNCONNECTED; 6541da177e4SLinus Torvalds sk->sk_state = BT_OPEN; 6551da177e4SLinus Torvalds 6561da177e4SLinus Torvalds bt_sock_link(&hci_sk_list, sk); 6571da177e4SLinus Torvalds return 0; 6581da177e4SLinus Torvalds } 6591da177e4SLinus Torvalds 6601da177e4SLinus Torvalds static int hci_sock_dev_event(struct notifier_block *this, unsigned long event, void *ptr) 6611da177e4SLinus Torvalds { 6621da177e4SLinus Torvalds struct hci_dev *hdev = (struct hci_dev *) ptr; 6631da177e4SLinus Torvalds struct hci_ev_si_device ev; 6641da177e4SLinus Torvalds 6651da177e4SLinus Torvalds BT_DBG("hdev %s event %ld", hdev->name, event); 6661da177e4SLinus Torvalds 6671da177e4SLinus Torvalds /* Send event to sockets */ 6681da177e4SLinus Torvalds ev.event = event; 6691da177e4SLinus Torvalds ev.dev_id = hdev->id; 6701da177e4SLinus Torvalds hci_si_event(NULL, HCI_EV_SI_DEVICE, sizeof(ev), &ev); 6711da177e4SLinus Torvalds 6721da177e4SLinus Torvalds if (event == HCI_DEV_UNREG) { 6731da177e4SLinus Torvalds struct sock *sk; 6741da177e4SLinus Torvalds struct hlist_node *node; 6751da177e4SLinus Torvalds 6761da177e4SLinus Torvalds /* Detach sockets from device */ 6771da177e4SLinus Torvalds read_lock(&hci_sk_list.lock); 6781da177e4SLinus Torvalds sk_for_each(sk, node, &hci_sk_list.head) { 6794ce61d1cSSatyam Sharma local_bh_disable(); 6804ce61d1cSSatyam Sharma bh_lock_sock_nested(sk); 6811da177e4SLinus Torvalds if (hci_pi(sk)->hdev == hdev) { 6821da177e4SLinus Torvalds hci_pi(sk)->hdev = NULL; 6831da177e4SLinus Torvalds sk->sk_err = EPIPE; 6841da177e4SLinus Torvalds sk->sk_state = BT_OPEN; 6851da177e4SLinus Torvalds sk->sk_state_change(sk); 6861da177e4SLinus Torvalds 6871da177e4SLinus Torvalds hci_dev_put(hdev); 6881da177e4SLinus Torvalds } 6894ce61d1cSSatyam Sharma bh_unlock_sock(sk); 6904ce61d1cSSatyam Sharma local_bh_enable(); 6911da177e4SLinus Torvalds } 6921da177e4SLinus Torvalds read_unlock(&hci_sk_list.lock); 6931da177e4SLinus Torvalds } 6941da177e4SLinus Torvalds 6951da177e4SLinus Torvalds return NOTIFY_DONE; 6961da177e4SLinus Torvalds } 6971da177e4SLinus Torvalds 698ec1b4cf7SStephen Hemminger static const struct net_proto_family hci_sock_family_ops = { 6991da177e4SLinus Torvalds .family = PF_BLUETOOTH, 7001da177e4SLinus Torvalds .owner = THIS_MODULE, 7011da177e4SLinus Torvalds .create = hci_sock_create, 7021da177e4SLinus Torvalds }; 7031da177e4SLinus Torvalds 7041da177e4SLinus Torvalds static struct notifier_block hci_sock_nblock = { 7051da177e4SLinus Torvalds .notifier_call = hci_sock_dev_event 7061da177e4SLinus Torvalds }; 7071da177e4SLinus Torvalds 7081da177e4SLinus Torvalds int __init hci_sock_init(void) 7091da177e4SLinus Torvalds { 7101da177e4SLinus Torvalds int err; 7111da177e4SLinus Torvalds 7121da177e4SLinus Torvalds err = proto_register(&hci_sk_proto, 0); 7131da177e4SLinus Torvalds if (err < 0) 7141da177e4SLinus Torvalds return err; 7151da177e4SLinus Torvalds 7161da177e4SLinus Torvalds err = bt_sock_register(BTPROTO_HCI, &hci_sock_family_ops); 7171da177e4SLinus Torvalds if (err < 0) 7181da177e4SLinus Torvalds goto error; 7191da177e4SLinus Torvalds 7201da177e4SLinus Torvalds hci_register_notifier(&hci_sock_nblock); 7211da177e4SLinus Torvalds 7221da177e4SLinus Torvalds BT_INFO("HCI socket layer initialized"); 7231da177e4SLinus Torvalds 7241da177e4SLinus Torvalds return 0; 7251da177e4SLinus Torvalds 7261da177e4SLinus Torvalds error: 7271da177e4SLinus Torvalds BT_ERR("HCI socket registration failed"); 7281da177e4SLinus Torvalds proto_unregister(&hci_sk_proto); 7291da177e4SLinus Torvalds return err; 7301da177e4SLinus Torvalds } 7311da177e4SLinus Torvalds 73204005dd9STobias Klauser void __exit hci_sock_cleanup(void) 7331da177e4SLinus Torvalds { 7341da177e4SLinus Torvalds if (bt_sock_unregister(BTPROTO_HCI) < 0) 7351da177e4SLinus Torvalds BT_ERR("HCI socket unregistration failed"); 7361da177e4SLinus Torvalds 7371da177e4SLinus Torvalds hci_unregister_notifier(&hci_sock_nblock); 7381da177e4SLinus Torvalds 7391da177e4SLinus Torvalds proto_unregister(&hci_sk_proto); 7401da177e4SLinus Torvalds } 741