xref: /openbmc/linux/net/bluetooth/sco.c (revision 46290c6bc0b102dc30250ded4f359174a384c957)
1 /*
2    BlueZ - Bluetooth protocol stack for Linux
3    Copyright (C) 2000-2001 Qualcomm Incorporated
4 
5    Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6 
7    This program is free software; you can redistribute it and/or modify
8    it under the terms of the GNU General Public License version 2 as
9    published by the Free Software Foundation;
10 
11    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12    OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14    IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15    CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 
20    ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21    COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22    SOFTWARE IS DISCLAIMED.
23 */
24 
25 /* Bluetooth SCO sockets. */
26 
27 #include <linux/module.h>
28 #include <linux/debugfs.h>
29 #include <linux/seq_file.h>
30 #include <linux/sched/signal.h>
31 
32 #include <net/bluetooth/bluetooth.h>
33 #include <net/bluetooth/hci_core.h>
34 #include <net/bluetooth/sco.h>
35 
36 static bool disable_esco;
37 
38 static const struct proto_ops sco_sock_ops;
39 
40 static struct bt_sock_list sco_sk_list = {
41 	.lock = __RW_LOCK_UNLOCKED(sco_sk_list.lock)
42 };
43 
44 /* ---- SCO connections ---- */
45 struct sco_conn {
46 	struct hci_conn	*hcon;
47 
48 	spinlock_t	lock;
49 	struct sock	*sk;
50 
51 	struct delayed_work	timeout_work;
52 
53 	unsigned int    mtu;
54 };
55 
56 #define sco_conn_lock(c)	spin_lock(&c->lock)
57 #define sco_conn_unlock(c)	spin_unlock(&c->lock)
58 
59 static void sco_sock_close(struct sock *sk);
60 static void sco_sock_kill(struct sock *sk);
61 
62 /* ----- SCO socket info ----- */
63 #define sco_pi(sk) ((struct sco_pinfo *) sk)
64 
65 struct sco_pinfo {
66 	struct bt_sock	bt;
67 	bdaddr_t	src;
68 	bdaddr_t	dst;
69 	__u32		flags;
70 	__u16		setting;
71 	__u8		cmsg_mask;
72 	struct bt_codec codec;
73 	struct sco_conn	*conn;
74 };
75 
76 /* ---- SCO timers ---- */
77 #define SCO_CONN_TIMEOUT	(HZ * 40)
78 #define SCO_DISCONN_TIMEOUT	(HZ * 2)
79 
80 static void sco_sock_timeout(struct work_struct *work)
81 {
82 	struct sco_conn *conn = container_of(work, struct sco_conn,
83 					     timeout_work.work);
84 	struct sock *sk;
85 
86 	sco_conn_lock(conn);
87 	sk = conn->sk;
88 	if (sk)
89 		sock_hold(sk);
90 	sco_conn_unlock(conn);
91 
92 	if (!sk)
93 		return;
94 
95 	BT_DBG("sock %p state %d", sk, sk->sk_state);
96 
97 	lock_sock(sk);
98 	sk->sk_err = ETIMEDOUT;
99 	sk->sk_state_change(sk);
100 	release_sock(sk);
101 	sock_put(sk);
102 }
103 
104 static void sco_sock_set_timer(struct sock *sk, long timeout)
105 {
106 	if (!sco_pi(sk)->conn)
107 		return;
108 
109 	BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout);
110 	cancel_delayed_work(&sco_pi(sk)->conn->timeout_work);
111 	schedule_delayed_work(&sco_pi(sk)->conn->timeout_work, timeout);
112 }
113 
114 static void sco_sock_clear_timer(struct sock *sk)
115 {
116 	if (!sco_pi(sk)->conn)
117 		return;
118 
119 	BT_DBG("sock %p state %d", sk, sk->sk_state);
120 	cancel_delayed_work(&sco_pi(sk)->conn->timeout_work);
121 }
122 
123 /* ---- SCO connections ---- */
124 static struct sco_conn *sco_conn_add(struct hci_conn *hcon)
125 {
126 	struct hci_dev *hdev = hcon->hdev;
127 	struct sco_conn *conn = hcon->sco_data;
128 
129 	if (conn) {
130 		if (!conn->hcon)
131 			conn->hcon = hcon;
132 		return conn;
133 	}
134 
135 	conn = kzalloc(sizeof(struct sco_conn), GFP_KERNEL);
136 	if (!conn)
137 		return NULL;
138 
139 	spin_lock_init(&conn->lock);
140 	INIT_DELAYED_WORK(&conn->timeout_work, sco_sock_timeout);
141 
142 	hcon->sco_data = conn;
143 	conn->hcon = hcon;
144 
145 	if (hdev->sco_mtu > 0)
146 		conn->mtu = hdev->sco_mtu;
147 	else
148 		conn->mtu = 60;
149 
150 	BT_DBG("hcon %p conn %p", hcon, conn);
151 
152 	return conn;
153 }
154 
155 /* Delete channel.
156  * Must be called on the locked socket. */
157 static void sco_chan_del(struct sock *sk, int err)
158 {
159 	struct sco_conn *conn;
160 
161 	conn = sco_pi(sk)->conn;
162 
163 	BT_DBG("sk %p, conn %p, err %d", sk, conn, err);
164 
165 	if (conn) {
166 		sco_conn_lock(conn);
167 		conn->sk = NULL;
168 		sco_pi(sk)->conn = NULL;
169 		sco_conn_unlock(conn);
170 
171 		if (conn->hcon)
172 			hci_conn_drop(conn->hcon);
173 	}
174 
175 	sk->sk_state = BT_CLOSED;
176 	sk->sk_err   = err;
177 	sk->sk_state_change(sk);
178 
179 	sock_set_flag(sk, SOCK_ZAPPED);
180 }
181 
182 static void sco_conn_del(struct hci_conn *hcon, int err)
183 {
184 	struct sco_conn *conn = hcon->sco_data;
185 	struct sock *sk;
186 
187 	if (!conn)
188 		return;
189 
190 	BT_DBG("hcon %p conn %p, err %d", hcon, conn, err);
191 
192 	/* Kill socket */
193 	sco_conn_lock(conn);
194 	sk = conn->sk;
195 	if (sk)
196 		sock_hold(sk);
197 	sco_conn_unlock(conn);
198 
199 	if (sk) {
200 		lock_sock(sk);
201 		sco_sock_clear_timer(sk);
202 		sco_chan_del(sk, err);
203 		release_sock(sk);
204 		sock_put(sk);
205 	}
206 
207 	/* Ensure no more work items will run before freeing conn. */
208 	cancel_delayed_work_sync(&conn->timeout_work);
209 
210 	hcon->sco_data = NULL;
211 	kfree(conn);
212 }
213 
214 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk,
215 			   struct sock *parent)
216 {
217 	BT_DBG("conn %p", conn);
218 
219 	sco_pi(sk)->conn = conn;
220 	conn->sk = sk;
221 
222 	if (parent)
223 		bt_accept_enqueue(parent, sk, true);
224 }
225 
226 static int sco_chan_add(struct sco_conn *conn, struct sock *sk,
227 			struct sock *parent)
228 {
229 	int err = 0;
230 
231 	sco_conn_lock(conn);
232 	if (conn->sk)
233 		err = -EBUSY;
234 	else
235 		__sco_chan_add(conn, sk, parent);
236 
237 	sco_conn_unlock(conn);
238 	return err;
239 }
240 
241 static int sco_connect(struct sock *sk)
242 {
243 	struct sco_conn *conn;
244 	struct hci_conn *hcon;
245 	struct hci_dev  *hdev;
246 	int err, type;
247 
248 	BT_DBG("%pMR -> %pMR", &sco_pi(sk)->src, &sco_pi(sk)->dst);
249 
250 	hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, BDADDR_BREDR);
251 	if (!hdev)
252 		return -EHOSTUNREACH;
253 
254 	hci_dev_lock(hdev);
255 
256 	if (lmp_esco_capable(hdev) && !disable_esco)
257 		type = ESCO_LINK;
258 	else
259 		type = SCO_LINK;
260 
261 	if (sco_pi(sk)->setting == BT_VOICE_TRANSPARENT &&
262 	    (!lmp_transp_capable(hdev) || !lmp_esco_capable(hdev))) {
263 		err = -EOPNOTSUPP;
264 		goto unlock;
265 	}
266 
267 	hcon = hci_connect_sco(hdev, type, &sco_pi(sk)->dst,
268 			       sco_pi(sk)->setting, &sco_pi(sk)->codec);
269 	if (IS_ERR(hcon)) {
270 		err = PTR_ERR(hcon);
271 		goto unlock;
272 	}
273 
274 	conn = sco_conn_add(hcon);
275 	if (!conn) {
276 		hci_conn_drop(hcon);
277 		err = -ENOMEM;
278 		goto unlock;
279 	}
280 
281 	lock_sock(sk);
282 
283 	err = sco_chan_add(conn, sk, NULL);
284 	if (err) {
285 		release_sock(sk);
286 		goto unlock;
287 	}
288 
289 	/* Update source addr of the socket */
290 	bacpy(&sco_pi(sk)->src, &hcon->src);
291 
292 	if (hcon->state == BT_CONNECTED) {
293 		sco_sock_clear_timer(sk);
294 		sk->sk_state = BT_CONNECTED;
295 	} else {
296 		sk->sk_state = BT_CONNECT;
297 		sco_sock_set_timer(sk, sk->sk_sndtimeo);
298 	}
299 
300 	release_sock(sk);
301 
302 unlock:
303 	hci_dev_unlock(hdev);
304 	hci_dev_put(hdev);
305 	return err;
306 }
307 
308 static int sco_send_frame(struct sock *sk, struct sk_buff *skb)
309 {
310 	struct sco_conn *conn = sco_pi(sk)->conn;
311 	int len = skb->len;
312 
313 	/* Check outgoing MTU */
314 	if (len > conn->mtu)
315 		return -EINVAL;
316 
317 	BT_DBG("sk %p len %d", sk, len);
318 
319 	hci_send_sco(conn->hcon, skb);
320 
321 	return len;
322 }
323 
324 static void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb)
325 {
326 	struct sock *sk;
327 
328 	sco_conn_lock(conn);
329 	sk = conn->sk;
330 	sco_conn_unlock(conn);
331 
332 	if (!sk)
333 		goto drop;
334 
335 	BT_DBG("sk %p len %u", sk, skb->len);
336 
337 	if (sk->sk_state != BT_CONNECTED)
338 		goto drop;
339 
340 	if (!sock_queue_rcv_skb(sk, skb))
341 		return;
342 
343 drop:
344 	kfree_skb(skb);
345 }
346 
347 /* -------- Socket interface ---------- */
348 static struct sock *__sco_get_sock_listen_by_addr(bdaddr_t *ba)
349 {
350 	struct sock *sk;
351 
352 	sk_for_each(sk, &sco_sk_list.head) {
353 		if (sk->sk_state != BT_LISTEN)
354 			continue;
355 
356 		if (!bacmp(&sco_pi(sk)->src, ba))
357 			return sk;
358 	}
359 
360 	return NULL;
361 }
362 
363 /* Find socket listening on source bdaddr.
364  * Returns closest match.
365  */
366 static struct sock *sco_get_sock_listen(bdaddr_t *src)
367 {
368 	struct sock *sk = NULL, *sk1 = NULL;
369 
370 	read_lock(&sco_sk_list.lock);
371 
372 	sk_for_each(sk, &sco_sk_list.head) {
373 		if (sk->sk_state != BT_LISTEN)
374 			continue;
375 
376 		/* Exact match. */
377 		if (!bacmp(&sco_pi(sk)->src, src))
378 			break;
379 
380 		/* Closest match */
381 		if (!bacmp(&sco_pi(sk)->src, BDADDR_ANY))
382 			sk1 = sk;
383 	}
384 
385 	read_unlock(&sco_sk_list.lock);
386 
387 	return sk ? sk : sk1;
388 }
389 
390 static void sco_sock_destruct(struct sock *sk)
391 {
392 	BT_DBG("sk %p", sk);
393 
394 	skb_queue_purge(&sk->sk_receive_queue);
395 	skb_queue_purge(&sk->sk_write_queue);
396 }
397 
398 static void sco_sock_cleanup_listen(struct sock *parent)
399 {
400 	struct sock *sk;
401 
402 	BT_DBG("parent %p", parent);
403 
404 	/* Close not yet accepted channels */
405 	while ((sk = bt_accept_dequeue(parent, NULL))) {
406 		sco_sock_close(sk);
407 		sco_sock_kill(sk);
408 	}
409 
410 	parent->sk_state  = BT_CLOSED;
411 	sock_set_flag(parent, SOCK_ZAPPED);
412 }
413 
414 /* Kill socket (only if zapped and orphan)
415  * Must be called on unlocked socket.
416  */
417 static void sco_sock_kill(struct sock *sk)
418 {
419 	if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
420 		return;
421 
422 	BT_DBG("sk %p state %d", sk, sk->sk_state);
423 
424 	/* Kill poor orphan */
425 	bt_sock_unlink(&sco_sk_list, sk);
426 	sock_set_flag(sk, SOCK_DEAD);
427 	sock_put(sk);
428 }
429 
430 static void __sco_sock_close(struct sock *sk)
431 {
432 	BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
433 
434 	switch (sk->sk_state) {
435 	case BT_LISTEN:
436 		sco_sock_cleanup_listen(sk);
437 		break;
438 
439 	case BT_CONNECTED:
440 	case BT_CONFIG:
441 		if (sco_pi(sk)->conn->hcon) {
442 			sk->sk_state = BT_DISCONN;
443 			sco_sock_set_timer(sk, SCO_DISCONN_TIMEOUT);
444 			sco_conn_lock(sco_pi(sk)->conn);
445 			hci_conn_drop(sco_pi(sk)->conn->hcon);
446 			sco_pi(sk)->conn->hcon = NULL;
447 			sco_conn_unlock(sco_pi(sk)->conn);
448 		} else
449 			sco_chan_del(sk, ECONNRESET);
450 		break;
451 
452 	case BT_CONNECT2:
453 	case BT_CONNECT:
454 	case BT_DISCONN:
455 		sco_chan_del(sk, ECONNRESET);
456 		break;
457 
458 	default:
459 		sock_set_flag(sk, SOCK_ZAPPED);
460 		break;
461 	}
462 
463 }
464 
465 /* Must be called on unlocked socket. */
466 static void sco_sock_close(struct sock *sk)
467 {
468 	lock_sock(sk);
469 	sco_sock_clear_timer(sk);
470 	__sco_sock_close(sk);
471 	release_sock(sk);
472 }
473 
474 static void sco_skb_put_cmsg(struct sk_buff *skb, struct msghdr *msg,
475 			     struct sock *sk)
476 {
477 	if (sco_pi(sk)->cmsg_mask & SCO_CMSG_PKT_STATUS)
478 		put_cmsg(msg, SOL_BLUETOOTH, BT_SCM_PKT_STATUS,
479 			 sizeof(bt_cb(skb)->sco.pkt_status),
480 			 &bt_cb(skb)->sco.pkt_status);
481 }
482 
483 static void sco_sock_init(struct sock *sk, struct sock *parent)
484 {
485 	BT_DBG("sk %p", sk);
486 
487 	if (parent) {
488 		sk->sk_type = parent->sk_type;
489 		bt_sk(sk)->flags = bt_sk(parent)->flags;
490 		security_sk_clone(parent, sk);
491 	} else {
492 		bt_sk(sk)->skb_put_cmsg = sco_skb_put_cmsg;
493 	}
494 }
495 
496 static struct proto sco_proto = {
497 	.name		= "SCO",
498 	.owner		= THIS_MODULE,
499 	.obj_size	= sizeof(struct sco_pinfo)
500 };
501 
502 static struct sock *sco_sock_alloc(struct net *net, struct socket *sock,
503 				   int proto, gfp_t prio, int kern)
504 {
505 	struct sock *sk;
506 
507 	sk = sk_alloc(net, PF_BLUETOOTH, prio, &sco_proto, kern);
508 	if (!sk)
509 		return NULL;
510 
511 	sock_init_data(sock, sk);
512 	INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
513 
514 	sk->sk_destruct = sco_sock_destruct;
515 	sk->sk_sndtimeo = SCO_CONN_TIMEOUT;
516 
517 	sock_reset_flag(sk, SOCK_ZAPPED);
518 
519 	sk->sk_protocol = proto;
520 	sk->sk_state    = BT_OPEN;
521 
522 	sco_pi(sk)->setting = BT_VOICE_CVSD_16BIT;
523 	sco_pi(sk)->codec.id = BT_CODEC_CVSD;
524 	sco_pi(sk)->codec.cid = 0xffff;
525 	sco_pi(sk)->codec.vid = 0xffff;
526 	sco_pi(sk)->codec.data_path = 0x00;
527 
528 	bt_sock_link(&sco_sk_list, sk);
529 	return sk;
530 }
531 
532 static int sco_sock_create(struct net *net, struct socket *sock, int protocol,
533 			   int kern)
534 {
535 	struct sock *sk;
536 
537 	BT_DBG("sock %p", sock);
538 
539 	sock->state = SS_UNCONNECTED;
540 
541 	if (sock->type != SOCK_SEQPACKET)
542 		return -ESOCKTNOSUPPORT;
543 
544 	sock->ops = &sco_sock_ops;
545 
546 	sk = sco_sock_alloc(net, sock, protocol, GFP_ATOMIC, kern);
547 	if (!sk)
548 		return -ENOMEM;
549 
550 	sco_sock_init(sk, NULL);
551 	return 0;
552 }
553 
554 static int sco_sock_bind(struct socket *sock, struct sockaddr *addr,
555 			 int addr_len)
556 {
557 	struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
558 	struct sock *sk = sock->sk;
559 	int err = 0;
560 
561 	if (!addr || addr_len < sizeof(struct sockaddr_sco) ||
562 	    addr->sa_family != AF_BLUETOOTH)
563 		return -EINVAL;
564 
565 	BT_DBG("sk %p %pMR", sk, &sa->sco_bdaddr);
566 
567 	lock_sock(sk);
568 
569 	if (sk->sk_state != BT_OPEN) {
570 		err = -EBADFD;
571 		goto done;
572 	}
573 
574 	if (sk->sk_type != SOCK_SEQPACKET) {
575 		err = -EINVAL;
576 		goto done;
577 	}
578 
579 	bacpy(&sco_pi(sk)->src, &sa->sco_bdaddr);
580 
581 	sk->sk_state = BT_BOUND;
582 
583 done:
584 	release_sock(sk);
585 	return err;
586 }
587 
588 static int sco_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
589 {
590 	struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
591 	struct sock *sk = sock->sk;
592 	int err;
593 
594 	BT_DBG("sk %p", sk);
595 
596 	if (alen < sizeof(struct sockaddr_sco) ||
597 	    addr->sa_family != AF_BLUETOOTH)
598 		return -EINVAL;
599 
600 	if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND)
601 		return -EBADFD;
602 
603 	if (sk->sk_type != SOCK_SEQPACKET)
604 		err = -EINVAL;
605 
606 	lock_sock(sk);
607 	/* Set destination address and psm */
608 	bacpy(&sco_pi(sk)->dst, &sa->sco_bdaddr);
609 	release_sock(sk);
610 
611 	err = sco_connect(sk);
612 	if (err)
613 		return err;
614 
615 	lock_sock(sk);
616 
617 	err = bt_sock_wait_state(sk, BT_CONNECTED,
618 				 sock_sndtimeo(sk, flags & O_NONBLOCK));
619 
620 	release_sock(sk);
621 	return err;
622 }
623 
624 static int sco_sock_listen(struct socket *sock, int backlog)
625 {
626 	struct sock *sk = sock->sk;
627 	bdaddr_t *src = &sco_pi(sk)->src;
628 	int err = 0;
629 
630 	BT_DBG("sk %p backlog %d", sk, backlog);
631 
632 	lock_sock(sk);
633 
634 	if (sk->sk_state != BT_BOUND) {
635 		err = -EBADFD;
636 		goto done;
637 	}
638 
639 	if (sk->sk_type != SOCK_SEQPACKET) {
640 		err = -EINVAL;
641 		goto done;
642 	}
643 
644 	write_lock(&sco_sk_list.lock);
645 
646 	if (__sco_get_sock_listen_by_addr(src)) {
647 		err = -EADDRINUSE;
648 		goto unlock;
649 	}
650 
651 	sk->sk_max_ack_backlog = backlog;
652 	sk->sk_ack_backlog = 0;
653 
654 	sk->sk_state = BT_LISTEN;
655 
656 unlock:
657 	write_unlock(&sco_sk_list.lock);
658 
659 done:
660 	release_sock(sk);
661 	return err;
662 }
663 
664 static int sco_sock_accept(struct socket *sock, struct socket *newsock,
665 			   int flags, bool kern)
666 {
667 	DEFINE_WAIT_FUNC(wait, woken_wake_function);
668 	struct sock *sk = sock->sk, *ch;
669 	long timeo;
670 	int err = 0;
671 
672 	lock_sock(sk);
673 
674 	timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
675 
676 	BT_DBG("sk %p timeo %ld", sk, timeo);
677 
678 	/* Wait for an incoming connection. (wake-one). */
679 	add_wait_queue_exclusive(sk_sleep(sk), &wait);
680 	while (1) {
681 		if (sk->sk_state != BT_LISTEN) {
682 			err = -EBADFD;
683 			break;
684 		}
685 
686 		ch = bt_accept_dequeue(sk, newsock);
687 		if (ch)
688 			break;
689 
690 		if (!timeo) {
691 			err = -EAGAIN;
692 			break;
693 		}
694 
695 		if (signal_pending(current)) {
696 			err = sock_intr_errno(timeo);
697 			break;
698 		}
699 
700 		release_sock(sk);
701 
702 		timeo = wait_woken(&wait, TASK_INTERRUPTIBLE, timeo);
703 		lock_sock(sk);
704 	}
705 	remove_wait_queue(sk_sleep(sk), &wait);
706 
707 	if (err)
708 		goto done;
709 
710 	newsock->state = SS_CONNECTED;
711 
712 	BT_DBG("new socket %p", ch);
713 
714 done:
715 	release_sock(sk);
716 	return err;
717 }
718 
719 static int sco_sock_getname(struct socket *sock, struct sockaddr *addr,
720 			    int peer)
721 {
722 	struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
723 	struct sock *sk = sock->sk;
724 
725 	BT_DBG("sock %p, sk %p", sock, sk);
726 
727 	addr->sa_family = AF_BLUETOOTH;
728 
729 	if (peer)
730 		bacpy(&sa->sco_bdaddr, &sco_pi(sk)->dst);
731 	else
732 		bacpy(&sa->sco_bdaddr, &sco_pi(sk)->src);
733 
734 	return sizeof(struct sockaddr_sco);
735 }
736 
737 static int sco_sock_sendmsg(struct socket *sock, struct msghdr *msg,
738 			    size_t len)
739 {
740 	struct sock *sk = sock->sk;
741 	struct sk_buff *skb;
742 	int err;
743 
744 	BT_DBG("sock %p, sk %p", sock, sk);
745 
746 	err = sock_error(sk);
747 	if (err)
748 		return err;
749 
750 	if (msg->msg_flags & MSG_OOB)
751 		return -EOPNOTSUPP;
752 
753 	skb = bt_skb_sendmsg(sk, msg, len, len, 0, 0);
754 	if (IS_ERR(skb))
755 		return PTR_ERR(skb);
756 
757 	lock_sock(sk);
758 
759 	if (sk->sk_state == BT_CONNECTED)
760 		err = sco_send_frame(sk, skb);
761 	else
762 		err = -ENOTCONN;
763 
764 	release_sock(sk);
765 
766 	if (err < 0)
767 		kfree_skb(skb);
768 	return err;
769 }
770 
771 static void sco_conn_defer_accept(struct hci_conn *conn, u16 setting)
772 {
773 	struct hci_dev *hdev = conn->hdev;
774 
775 	BT_DBG("conn %p", conn);
776 
777 	conn->state = BT_CONFIG;
778 
779 	if (!lmp_esco_capable(hdev)) {
780 		struct hci_cp_accept_conn_req cp;
781 
782 		bacpy(&cp.bdaddr, &conn->dst);
783 		cp.role = 0x00; /* Ignored */
784 
785 		hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp), &cp);
786 	} else {
787 		struct hci_cp_accept_sync_conn_req cp;
788 
789 		bacpy(&cp.bdaddr, &conn->dst);
790 		cp.pkt_type = cpu_to_le16(conn->pkt_type);
791 
792 		cp.tx_bandwidth   = cpu_to_le32(0x00001f40);
793 		cp.rx_bandwidth   = cpu_to_le32(0x00001f40);
794 		cp.content_format = cpu_to_le16(setting);
795 
796 		switch (setting & SCO_AIRMODE_MASK) {
797 		case SCO_AIRMODE_TRANSP:
798 			if (conn->pkt_type & ESCO_2EV3)
799 				cp.max_latency = cpu_to_le16(0x0008);
800 			else
801 				cp.max_latency = cpu_to_le16(0x000D);
802 			cp.retrans_effort = 0x02;
803 			break;
804 		case SCO_AIRMODE_CVSD:
805 			cp.max_latency = cpu_to_le16(0xffff);
806 			cp.retrans_effort = 0xff;
807 			break;
808 		default:
809 			/* use CVSD settings as fallback */
810 			cp.max_latency = cpu_to_le16(0xffff);
811 			cp.retrans_effort = 0xff;
812 			break;
813 		}
814 
815 		hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
816 			     sizeof(cp), &cp);
817 	}
818 }
819 
820 static int sco_sock_recvmsg(struct socket *sock, struct msghdr *msg,
821 			    size_t len, int flags)
822 {
823 	struct sock *sk = sock->sk;
824 	struct sco_pinfo *pi = sco_pi(sk);
825 
826 	lock_sock(sk);
827 
828 	if (sk->sk_state == BT_CONNECT2 &&
829 	    test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
830 		sco_conn_defer_accept(pi->conn->hcon, pi->setting);
831 		sk->sk_state = BT_CONFIG;
832 
833 		release_sock(sk);
834 		return 0;
835 	}
836 
837 	release_sock(sk);
838 
839 	return bt_sock_recvmsg(sock, msg, len, flags);
840 }
841 
842 static int sco_sock_setsockopt(struct socket *sock, int level, int optname,
843 			       sockptr_t optval, unsigned int optlen)
844 {
845 	struct sock *sk = sock->sk;
846 	int len, err = 0;
847 	struct bt_voice voice;
848 	u32 opt;
849 	struct bt_codecs *codecs;
850 	struct hci_dev *hdev;
851 	__u8 buffer[255];
852 
853 	BT_DBG("sk %p", sk);
854 
855 	lock_sock(sk);
856 
857 	switch (optname) {
858 
859 	case BT_DEFER_SETUP:
860 		if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
861 			err = -EINVAL;
862 			break;
863 		}
864 
865 		if (copy_from_sockptr(&opt, optval, sizeof(u32))) {
866 			err = -EFAULT;
867 			break;
868 		}
869 
870 		if (opt)
871 			set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
872 		else
873 			clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
874 		break;
875 
876 	case BT_VOICE:
877 		if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND &&
878 		    sk->sk_state != BT_CONNECT2) {
879 			err = -EINVAL;
880 			break;
881 		}
882 
883 		voice.setting = sco_pi(sk)->setting;
884 
885 		len = min_t(unsigned int, sizeof(voice), optlen);
886 		if (copy_from_sockptr(&voice, optval, len)) {
887 			err = -EFAULT;
888 			break;
889 		}
890 
891 		/* Explicitly check for these values */
892 		if (voice.setting != BT_VOICE_TRANSPARENT &&
893 		    voice.setting != BT_VOICE_CVSD_16BIT) {
894 			err = -EINVAL;
895 			break;
896 		}
897 
898 		sco_pi(sk)->setting = voice.setting;
899 		hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src,
900 				     BDADDR_BREDR);
901 		if (!hdev) {
902 			err = -EBADFD;
903 			break;
904 		}
905 		if (enhanced_sync_conn_capable(hdev) &&
906 		    voice.setting == BT_VOICE_TRANSPARENT)
907 			sco_pi(sk)->codec.id = BT_CODEC_TRANSPARENT;
908 		hci_dev_put(hdev);
909 		break;
910 
911 	case BT_PKT_STATUS:
912 		if (copy_from_sockptr(&opt, optval, sizeof(u32))) {
913 			err = -EFAULT;
914 			break;
915 		}
916 
917 		if (opt)
918 			sco_pi(sk)->cmsg_mask |= SCO_CMSG_PKT_STATUS;
919 		else
920 			sco_pi(sk)->cmsg_mask &= SCO_CMSG_PKT_STATUS;
921 		break;
922 
923 	case BT_CODEC:
924 		if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND &&
925 		    sk->sk_state != BT_CONNECT2) {
926 			err = -EINVAL;
927 			break;
928 		}
929 
930 		hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src,
931 				     BDADDR_BREDR);
932 		if (!hdev) {
933 			err = -EBADFD;
934 			break;
935 		}
936 
937 		if (!hci_dev_test_flag(hdev, HCI_OFFLOAD_CODECS_ENABLED)) {
938 			hci_dev_put(hdev);
939 			err = -EOPNOTSUPP;
940 			break;
941 		}
942 
943 		if (!hdev->get_data_path_id) {
944 			hci_dev_put(hdev);
945 			err = -EOPNOTSUPP;
946 			break;
947 		}
948 
949 		if (optlen < sizeof(struct bt_codecs) ||
950 		    optlen > sizeof(buffer)) {
951 			hci_dev_put(hdev);
952 			err = -EINVAL;
953 			break;
954 		}
955 
956 		if (copy_from_sockptr(buffer, optval, optlen)) {
957 			hci_dev_put(hdev);
958 			err = -EFAULT;
959 			break;
960 		}
961 
962 		codecs = (void *)buffer;
963 
964 		if (codecs->num_codecs > 1) {
965 			hci_dev_put(hdev);
966 			err = -EINVAL;
967 			break;
968 		}
969 
970 		sco_pi(sk)->codec = codecs->codecs[0];
971 		hci_dev_put(hdev);
972 		break;
973 
974 	default:
975 		err = -ENOPROTOOPT;
976 		break;
977 	}
978 
979 	release_sock(sk);
980 	return err;
981 }
982 
983 static int sco_sock_getsockopt_old(struct socket *sock, int optname,
984 				   char __user *optval, int __user *optlen)
985 {
986 	struct sock *sk = sock->sk;
987 	struct sco_options opts;
988 	struct sco_conninfo cinfo;
989 	int len, err = 0;
990 
991 	BT_DBG("sk %p", sk);
992 
993 	if (get_user(len, optlen))
994 		return -EFAULT;
995 
996 	lock_sock(sk);
997 
998 	switch (optname) {
999 	case SCO_OPTIONS:
1000 		if (sk->sk_state != BT_CONNECTED &&
1001 		    !(sk->sk_state == BT_CONNECT2 &&
1002 		      test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
1003 			err = -ENOTCONN;
1004 			break;
1005 		}
1006 
1007 		opts.mtu = sco_pi(sk)->conn->mtu;
1008 
1009 		BT_DBG("mtu %u", opts.mtu);
1010 
1011 		len = min_t(unsigned int, len, sizeof(opts));
1012 		if (copy_to_user(optval, (char *)&opts, len))
1013 			err = -EFAULT;
1014 
1015 		break;
1016 
1017 	case SCO_CONNINFO:
1018 		if (sk->sk_state != BT_CONNECTED &&
1019 		    !(sk->sk_state == BT_CONNECT2 &&
1020 		      test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
1021 			err = -ENOTCONN;
1022 			break;
1023 		}
1024 
1025 		memset(&cinfo, 0, sizeof(cinfo));
1026 		cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle;
1027 		memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3);
1028 
1029 		len = min_t(unsigned int, len, sizeof(cinfo));
1030 		if (copy_to_user(optval, (char *)&cinfo, len))
1031 			err = -EFAULT;
1032 
1033 		break;
1034 
1035 	default:
1036 		err = -ENOPROTOOPT;
1037 		break;
1038 	}
1039 
1040 	release_sock(sk);
1041 	return err;
1042 }
1043 
1044 static int sco_sock_getsockopt(struct socket *sock, int level, int optname,
1045 			       char __user *optval, int __user *optlen)
1046 {
1047 	struct sock *sk = sock->sk;
1048 	int len, err = 0;
1049 	struct bt_voice voice;
1050 	u32 phys;
1051 	int pkt_status;
1052 	int buf_len;
1053 	struct codec_list *c;
1054 	u8 num_codecs, i, __user *ptr;
1055 	struct hci_dev *hdev;
1056 	struct hci_codec_caps *caps;
1057 	struct bt_codec codec;
1058 
1059 	BT_DBG("sk %p", sk);
1060 
1061 	if (level == SOL_SCO)
1062 		return sco_sock_getsockopt_old(sock, optname, optval, optlen);
1063 
1064 	if (get_user(len, optlen))
1065 		return -EFAULT;
1066 
1067 	lock_sock(sk);
1068 
1069 	switch (optname) {
1070 
1071 	case BT_DEFER_SETUP:
1072 		if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
1073 			err = -EINVAL;
1074 			break;
1075 		}
1076 
1077 		if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
1078 			     (u32 __user *)optval))
1079 			err = -EFAULT;
1080 
1081 		break;
1082 
1083 	case BT_VOICE:
1084 		voice.setting = sco_pi(sk)->setting;
1085 
1086 		len = min_t(unsigned int, len, sizeof(voice));
1087 		if (copy_to_user(optval, (char *)&voice, len))
1088 			err = -EFAULT;
1089 
1090 		break;
1091 
1092 	case BT_PHY:
1093 		if (sk->sk_state != BT_CONNECTED) {
1094 			err = -ENOTCONN;
1095 			break;
1096 		}
1097 
1098 		phys = hci_conn_get_phy(sco_pi(sk)->conn->hcon);
1099 
1100 		if (put_user(phys, (u32 __user *) optval))
1101 			err = -EFAULT;
1102 		break;
1103 
1104 	case BT_PKT_STATUS:
1105 		pkt_status = (sco_pi(sk)->cmsg_mask & SCO_CMSG_PKT_STATUS);
1106 
1107 		if (put_user(pkt_status, (int __user *)optval))
1108 			err = -EFAULT;
1109 		break;
1110 
1111 	case BT_SNDMTU:
1112 	case BT_RCVMTU:
1113 		if (sk->sk_state != BT_CONNECTED) {
1114 			err = -ENOTCONN;
1115 			break;
1116 		}
1117 
1118 		if (put_user(sco_pi(sk)->conn->mtu, (u32 __user *)optval))
1119 			err = -EFAULT;
1120 		break;
1121 
1122 	case BT_CODEC:
1123 		num_codecs = 0;
1124 		buf_len = 0;
1125 
1126 		hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, BDADDR_BREDR);
1127 		if (!hdev) {
1128 			err = -EBADFD;
1129 			break;
1130 		}
1131 
1132 		if (!hci_dev_test_flag(hdev, HCI_OFFLOAD_CODECS_ENABLED)) {
1133 			hci_dev_put(hdev);
1134 			err = -EOPNOTSUPP;
1135 			break;
1136 		}
1137 
1138 		if (!hdev->get_data_path_id) {
1139 			hci_dev_put(hdev);
1140 			err = -EOPNOTSUPP;
1141 			break;
1142 		}
1143 
1144 		release_sock(sk);
1145 
1146 		/* find total buffer size required to copy codec + caps */
1147 		hci_dev_lock(hdev);
1148 		list_for_each_entry(c, &hdev->local_codecs, list) {
1149 			if (c->transport != HCI_TRANSPORT_SCO_ESCO)
1150 				continue;
1151 			num_codecs++;
1152 			for (i = 0, caps = c->caps; i < c->num_caps; i++) {
1153 				buf_len += 1 + caps->len;
1154 				caps = (void *)&caps->data[caps->len];
1155 			}
1156 			buf_len += sizeof(struct bt_codec);
1157 		}
1158 		hci_dev_unlock(hdev);
1159 
1160 		buf_len += sizeof(struct bt_codecs);
1161 		if (buf_len > len) {
1162 			hci_dev_put(hdev);
1163 			return -ENOBUFS;
1164 		}
1165 		ptr = optval;
1166 
1167 		if (put_user(num_codecs, ptr)) {
1168 			hci_dev_put(hdev);
1169 			return -EFAULT;
1170 		}
1171 		ptr += sizeof(num_codecs);
1172 
1173 		/* Iterate all the codecs supported over SCO and populate
1174 		 * codec data
1175 		 */
1176 		hci_dev_lock(hdev);
1177 		list_for_each_entry(c, &hdev->local_codecs, list) {
1178 			if (c->transport != HCI_TRANSPORT_SCO_ESCO)
1179 				continue;
1180 
1181 			codec.id = c->id;
1182 			codec.cid = c->cid;
1183 			codec.vid = c->vid;
1184 			err = hdev->get_data_path_id(hdev, &codec.data_path);
1185 			if (err < 0)
1186 				break;
1187 			codec.num_caps = c->num_caps;
1188 			if (copy_to_user(ptr, &codec, sizeof(codec))) {
1189 				err = -EFAULT;
1190 				break;
1191 			}
1192 			ptr += sizeof(codec);
1193 
1194 			/* find codec capabilities data length */
1195 			len = 0;
1196 			for (i = 0, caps = c->caps; i < c->num_caps; i++) {
1197 				len += 1 + caps->len;
1198 				caps = (void *)&caps->data[caps->len];
1199 			}
1200 
1201 			/* copy codec capabilities data */
1202 			if (len && copy_to_user(ptr, c->caps, len)) {
1203 				err = -EFAULT;
1204 				break;
1205 			}
1206 			ptr += len;
1207 		}
1208 
1209 		hci_dev_unlock(hdev);
1210 		hci_dev_put(hdev);
1211 
1212 		lock_sock(sk);
1213 
1214 		if (!err && put_user(buf_len, optlen))
1215 			err = -EFAULT;
1216 
1217 		break;
1218 
1219 	default:
1220 		err = -ENOPROTOOPT;
1221 		break;
1222 	}
1223 
1224 	release_sock(sk);
1225 	return err;
1226 }
1227 
1228 static int sco_sock_shutdown(struct socket *sock, int how)
1229 {
1230 	struct sock *sk = sock->sk;
1231 	int err = 0;
1232 
1233 	BT_DBG("sock %p, sk %p", sock, sk);
1234 
1235 	if (!sk)
1236 		return 0;
1237 
1238 	sock_hold(sk);
1239 	lock_sock(sk);
1240 
1241 	if (!sk->sk_shutdown) {
1242 		sk->sk_shutdown = SHUTDOWN_MASK;
1243 		sco_sock_clear_timer(sk);
1244 		__sco_sock_close(sk);
1245 
1246 		if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime &&
1247 		    !(current->flags & PF_EXITING))
1248 			err = bt_sock_wait_state(sk, BT_CLOSED,
1249 						 sk->sk_lingertime);
1250 	}
1251 
1252 	release_sock(sk);
1253 	sock_put(sk);
1254 
1255 	return err;
1256 }
1257 
1258 static int sco_sock_release(struct socket *sock)
1259 {
1260 	struct sock *sk = sock->sk;
1261 	int err = 0;
1262 
1263 	BT_DBG("sock %p, sk %p", sock, sk);
1264 
1265 	if (!sk)
1266 		return 0;
1267 
1268 	sco_sock_close(sk);
1269 
1270 	if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime &&
1271 	    !(current->flags & PF_EXITING)) {
1272 		lock_sock(sk);
1273 		err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
1274 		release_sock(sk);
1275 	}
1276 
1277 	sock_orphan(sk);
1278 	sco_sock_kill(sk);
1279 	return err;
1280 }
1281 
1282 static void sco_conn_ready(struct sco_conn *conn)
1283 {
1284 	struct sock *parent;
1285 	struct sock *sk = conn->sk;
1286 
1287 	BT_DBG("conn %p", conn);
1288 
1289 	if (sk) {
1290 		lock_sock(sk);
1291 		sco_sock_clear_timer(sk);
1292 		sk->sk_state = BT_CONNECTED;
1293 		sk->sk_state_change(sk);
1294 		release_sock(sk);
1295 	} else {
1296 		sco_conn_lock(conn);
1297 
1298 		if (!conn->hcon) {
1299 			sco_conn_unlock(conn);
1300 			return;
1301 		}
1302 
1303 		parent = sco_get_sock_listen(&conn->hcon->src);
1304 		if (!parent) {
1305 			sco_conn_unlock(conn);
1306 			return;
1307 		}
1308 
1309 		lock_sock(parent);
1310 
1311 		sk = sco_sock_alloc(sock_net(parent), NULL,
1312 				    BTPROTO_SCO, GFP_ATOMIC, 0);
1313 		if (!sk) {
1314 			release_sock(parent);
1315 			sco_conn_unlock(conn);
1316 			return;
1317 		}
1318 
1319 		sco_sock_init(sk, parent);
1320 
1321 		bacpy(&sco_pi(sk)->src, &conn->hcon->src);
1322 		bacpy(&sco_pi(sk)->dst, &conn->hcon->dst);
1323 
1324 		hci_conn_hold(conn->hcon);
1325 		__sco_chan_add(conn, sk, parent);
1326 
1327 		if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags))
1328 			sk->sk_state = BT_CONNECT2;
1329 		else
1330 			sk->sk_state = BT_CONNECTED;
1331 
1332 		/* Wake up parent */
1333 		parent->sk_data_ready(parent);
1334 
1335 		release_sock(parent);
1336 
1337 		sco_conn_unlock(conn);
1338 	}
1339 }
1340 
1341 /* ----- SCO interface with lower layer (HCI) ----- */
1342 int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 *flags)
1343 {
1344 	struct sock *sk;
1345 	int lm = 0;
1346 
1347 	BT_DBG("hdev %s, bdaddr %pMR", hdev->name, bdaddr);
1348 
1349 	/* Find listening sockets */
1350 	read_lock(&sco_sk_list.lock);
1351 	sk_for_each(sk, &sco_sk_list.head) {
1352 		if (sk->sk_state != BT_LISTEN)
1353 			continue;
1354 
1355 		if (!bacmp(&sco_pi(sk)->src, &hdev->bdaddr) ||
1356 		    !bacmp(&sco_pi(sk)->src, BDADDR_ANY)) {
1357 			lm |= HCI_LM_ACCEPT;
1358 
1359 			if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))
1360 				*flags |= HCI_PROTO_DEFER;
1361 			break;
1362 		}
1363 	}
1364 	read_unlock(&sco_sk_list.lock);
1365 
1366 	return lm;
1367 }
1368 
1369 static void sco_connect_cfm(struct hci_conn *hcon, __u8 status)
1370 {
1371 	if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK)
1372 		return;
1373 
1374 	BT_DBG("hcon %p bdaddr %pMR status %u", hcon, &hcon->dst, status);
1375 
1376 	if (!status) {
1377 		struct sco_conn *conn;
1378 
1379 		conn = sco_conn_add(hcon);
1380 		if (conn)
1381 			sco_conn_ready(conn);
1382 	} else
1383 		sco_conn_del(hcon, bt_to_errno(status));
1384 }
1385 
1386 static void sco_disconn_cfm(struct hci_conn *hcon, __u8 reason)
1387 {
1388 	if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK)
1389 		return;
1390 
1391 	BT_DBG("hcon %p reason %d", hcon, reason);
1392 
1393 	sco_conn_del(hcon, bt_to_errno(reason));
1394 }
1395 
1396 void sco_recv_scodata(struct hci_conn *hcon, struct sk_buff *skb)
1397 {
1398 	struct sco_conn *conn = hcon->sco_data;
1399 
1400 	if (!conn)
1401 		goto drop;
1402 
1403 	BT_DBG("conn %p len %u", conn, skb->len);
1404 
1405 	if (skb->len) {
1406 		sco_recv_frame(conn, skb);
1407 		return;
1408 	}
1409 
1410 drop:
1411 	kfree_skb(skb);
1412 }
1413 
1414 static struct hci_cb sco_cb = {
1415 	.name		= "SCO",
1416 	.connect_cfm	= sco_connect_cfm,
1417 	.disconn_cfm	= sco_disconn_cfm,
1418 };
1419 
1420 static int sco_debugfs_show(struct seq_file *f, void *p)
1421 {
1422 	struct sock *sk;
1423 
1424 	read_lock(&sco_sk_list.lock);
1425 
1426 	sk_for_each(sk, &sco_sk_list.head) {
1427 		seq_printf(f, "%pMR %pMR %d\n", &sco_pi(sk)->src,
1428 			   &sco_pi(sk)->dst, sk->sk_state);
1429 	}
1430 
1431 	read_unlock(&sco_sk_list.lock);
1432 
1433 	return 0;
1434 }
1435 
1436 DEFINE_SHOW_ATTRIBUTE(sco_debugfs);
1437 
1438 static struct dentry *sco_debugfs;
1439 
1440 static const struct proto_ops sco_sock_ops = {
1441 	.family		= PF_BLUETOOTH,
1442 	.owner		= THIS_MODULE,
1443 	.release	= sco_sock_release,
1444 	.bind		= sco_sock_bind,
1445 	.connect	= sco_sock_connect,
1446 	.listen		= sco_sock_listen,
1447 	.accept		= sco_sock_accept,
1448 	.getname	= sco_sock_getname,
1449 	.sendmsg	= sco_sock_sendmsg,
1450 	.recvmsg	= sco_sock_recvmsg,
1451 	.poll		= bt_sock_poll,
1452 	.ioctl		= bt_sock_ioctl,
1453 	.gettstamp	= sock_gettstamp,
1454 	.mmap		= sock_no_mmap,
1455 	.socketpair	= sock_no_socketpair,
1456 	.shutdown	= sco_sock_shutdown,
1457 	.setsockopt	= sco_sock_setsockopt,
1458 	.getsockopt	= sco_sock_getsockopt
1459 };
1460 
1461 static const struct net_proto_family sco_sock_family_ops = {
1462 	.family	= PF_BLUETOOTH,
1463 	.owner	= THIS_MODULE,
1464 	.create	= sco_sock_create,
1465 };
1466 
1467 int __init sco_init(void)
1468 {
1469 	int err;
1470 
1471 	BUILD_BUG_ON(sizeof(struct sockaddr_sco) > sizeof(struct sockaddr));
1472 
1473 	err = proto_register(&sco_proto, 0);
1474 	if (err < 0)
1475 		return err;
1476 
1477 	err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops);
1478 	if (err < 0) {
1479 		BT_ERR("SCO socket registration failed");
1480 		goto error;
1481 	}
1482 
1483 	err = bt_procfs_init(&init_net, "sco", &sco_sk_list, NULL);
1484 	if (err < 0) {
1485 		BT_ERR("Failed to create SCO proc file");
1486 		bt_sock_unregister(BTPROTO_SCO);
1487 		goto error;
1488 	}
1489 
1490 	BT_INFO("SCO socket layer initialized");
1491 
1492 	hci_register_cb(&sco_cb);
1493 
1494 	if (IS_ERR_OR_NULL(bt_debugfs))
1495 		return 0;
1496 
1497 	sco_debugfs = debugfs_create_file("sco", 0444, bt_debugfs,
1498 					  NULL, &sco_debugfs_fops);
1499 
1500 	return 0;
1501 
1502 error:
1503 	proto_unregister(&sco_proto);
1504 	return err;
1505 }
1506 
1507 void sco_exit(void)
1508 {
1509 	bt_procfs_cleanup(&init_net, "sco");
1510 
1511 	debugfs_remove(sco_debugfs);
1512 
1513 	hci_unregister_cb(&sco_cb);
1514 
1515 	bt_sock_unregister(BTPROTO_SCO);
1516 
1517 	proto_unregister(&sco_proto);
1518 }
1519 
1520 module_param(disable_esco, bool, 0644);
1521 MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation");
1522