1 /* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (C) 2000-2001 Qualcomm Incorporated 4 5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 6 7 This program is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License version 2 as 9 published by the Free Software Foundation; 10 11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 22 SOFTWARE IS DISCLAIMED. 23 */ 24 25 /* Bluetooth HCI sockets. */ 26 27 #include <linux/module.h> 28 29 #include <linux/types.h> 30 #include <linux/capability.h> 31 #include <linux/errno.h> 32 #include <linux/kernel.h> 33 #include <linux/slab.h> 34 #include <linux/poll.h> 35 #include <linux/fcntl.h> 36 #include <linux/init.h> 37 #include <linux/skbuff.h> 38 #include <linux/workqueue.h> 39 #include <linux/interrupt.h> 40 #include <linux/compat.h> 41 #include <linux/socket.h> 42 #include <linux/ioctl.h> 43 #include <net/sock.h> 44 45 #include <asm/system.h> 46 #include <linux/uaccess.h> 47 #include <asm/unaligned.h> 48 49 #include <net/bluetooth/bluetooth.h> 50 #include <net/bluetooth/hci_core.h> 51 52 static int enable_mgmt; 53 54 /* ----- HCI socket interface ----- */ 55 56 static inline int hci_test_bit(int nr, void *addr) 57 { 58 return *((__u32 *) addr + (nr >> 5)) & ((__u32) 1 << (nr & 31)); 59 } 60 61 /* Security filter */ 62 static struct hci_sec_filter hci_sec_filter = { 63 /* Packet types */ 64 0x10, 65 /* Events */ 66 { 0x1000d9fe, 0x0000b00c }, 67 /* Commands */ 68 { 69 { 0x0 }, 70 /* OGF_LINK_CTL */ 71 { 0xbe000006, 0x00000001, 0x00000000, 0x00 }, 72 /* OGF_LINK_POLICY */ 73 { 0x00005200, 0x00000000, 0x00000000, 0x00 }, 74 /* OGF_HOST_CTL */ 75 { 0xaab00200, 0x2b402aaa, 0x05220154, 0x00 }, 76 /* OGF_INFO_PARAM */ 77 { 0x000002be, 0x00000000, 0x00000000, 0x00 }, 78 /* OGF_STATUS_PARAM */ 79 { 0x000000ea, 0x00000000, 0x00000000, 0x00 } 80 } 81 }; 82 83 static struct bt_sock_list hci_sk_list = { 84 .lock = __RW_LOCK_UNLOCKED(hci_sk_list.lock) 85 }; 86 87 /* Send frame to RAW socket */ 88 void hci_send_to_sock(struct hci_dev *hdev, struct sk_buff *skb) 89 { 90 struct sock *sk; 91 struct hlist_node *node; 92 93 BT_DBG("hdev %p len %d", hdev, skb->len); 94 95 read_lock(&hci_sk_list.lock); 96 sk_for_each(sk, node, &hci_sk_list.head) { 97 struct hci_filter *flt; 98 struct sk_buff *nskb; 99 100 if (sk->sk_state != BT_BOUND || hci_pi(sk)->hdev != hdev) 101 continue; 102 103 /* Don't send frame to the socket it came from */ 104 if (skb->sk == sk) 105 continue; 106 107 if (bt_cb(skb)->channel != hci_pi(sk)->channel) 108 continue; 109 110 if (bt_cb(skb)->channel == HCI_CHANNEL_CONTROL) 111 goto clone; 112 113 /* Apply filter */ 114 flt = &hci_pi(sk)->filter; 115 116 if (!test_bit((bt_cb(skb)->pkt_type == HCI_VENDOR_PKT) ? 117 0 : (bt_cb(skb)->pkt_type & HCI_FLT_TYPE_BITS), &flt->type_mask)) 118 continue; 119 120 if (bt_cb(skb)->pkt_type == HCI_EVENT_PKT) { 121 register int evt = (*(__u8 *)skb->data & HCI_FLT_EVENT_BITS); 122 123 if (!hci_test_bit(evt, &flt->event_mask)) 124 continue; 125 126 if (flt->opcode && 127 ((evt == HCI_EV_CMD_COMPLETE && 128 flt->opcode != 129 get_unaligned((__le16 *)(skb->data + 3))) || 130 (evt == HCI_EV_CMD_STATUS && 131 flt->opcode != 132 get_unaligned((__le16 *)(skb->data + 4))))) 133 continue; 134 } 135 136 clone: 137 nskb = skb_clone(skb, GFP_ATOMIC); 138 if (!nskb) 139 continue; 140 141 /* Put type byte before the data */ 142 if (bt_cb(skb)->channel == HCI_CHANNEL_RAW) 143 memcpy(skb_push(nskb, 1), &bt_cb(nskb)->pkt_type, 1); 144 145 if (sock_queue_rcv_skb(sk, nskb)) 146 kfree_skb(nskb); 147 } 148 read_unlock(&hci_sk_list.lock); 149 } 150 151 static int hci_sock_release(struct socket *sock) 152 { 153 struct sock *sk = sock->sk; 154 struct hci_dev *hdev; 155 156 BT_DBG("sock %p sk %p", sock, sk); 157 158 if (!sk) 159 return 0; 160 161 hdev = hci_pi(sk)->hdev; 162 163 bt_sock_unlink(&hci_sk_list, sk); 164 165 if (hdev) { 166 atomic_dec(&hdev->promisc); 167 hci_dev_put(hdev); 168 } 169 170 sock_orphan(sk); 171 172 skb_queue_purge(&sk->sk_receive_queue); 173 skb_queue_purge(&sk->sk_write_queue); 174 175 sock_put(sk); 176 return 0; 177 } 178 179 struct bdaddr_list *hci_blacklist_lookup(struct hci_dev *hdev, bdaddr_t *bdaddr) 180 { 181 struct list_head *p; 182 183 list_for_each(p, &hdev->blacklist) { 184 struct bdaddr_list *b; 185 186 b = list_entry(p, struct bdaddr_list, list); 187 188 if (bacmp(bdaddr, &b->bdaddr) == 0) 189 return b; 190 } 191 192 return NULL; 193 } 194 195 static int hci_blacklist_add(struct hci_dev *hdev, void __user *arg) 196 { 197 bdaddr_t bdaddr; 198 struct bdaddr_list *entry; 199 200 if (copy_from_user(&bdaddr, arg, sizeof(bdaddr))) 201 return -EFAULT; 202 203 if (bacmp(&bdaddr, BDADDR_ANY) == 0) 204 return -EBADF; 205 206 if (hci_blacklist_lookup(hdev, &bdaddr)) 207 return -EEXIST; 208 209 entry = kzalloc(sizeof(struct bdaddr_list), GFP_KERNEL); 210 if (!entry) 211 return -ENOMEM; 212 213 bacpy(&entry->bdaddr, &bdaddr); 214 215 list_add(&entry->list, &hdev->blacklist); 216 217 return 0; 218 } 219 220 int hci_blacklist_clear(struct hci_dev *hdev) 221 { 222 struct list_head *p, *n; 223 224 list_for_each_safe(p, n, &hdev->blacklist) { 225 struct bdaddr_list *b; 226 227 b = list_entry(p, struct bdaddr_list, list); 228 229 list_del(p); 230 kfree(b); 231 } 232 233 return 0; 234 } 235 236 static int hci_blacklist_del(struct hci_dev *hdev, void __user *arg) 237 { 238 bdaddr_t bdaddr; 239 struct bdaddr_list *entry; 240 241 if (copy_from_user(&bdaddr, arg, sizeof(bdaddr))) 242 return -EFAULT; 243 244 if (bacmp(&bdaddr, BDADDR_ANY) == 0) 245 return hci_blacklist_clear(hdev); 246 247 entry = hci_blacklist_lookup(hdev, &bdaddr); 248 if (!entry) 249 return -ENOENT; 250 251 list_del(&entry->list); 252 kfree(entry); 253 254 return 0; 255 } 256 257 /* Ioctls that require bound socket */ 258 static inline int hci_sock_bound_ioctl(struct sock *sk, unsigned int cmd, unsigned long arg) 259 { 260 struct hci_dev *hdev = hci_pi(sk)->hdev; 261 262 if (!hdev) 263 return -EBADFD; 264 265 switch (cmd) { 266 case HCISETRAW: 267 if (!capable(CAP_NET_ADMIN)) 268 return -EACCES; 269 270 if (test_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks)) 271 return -EPERM; 272 273 if (arg) 274 set_bit(HCI_RAW, &hdev->flags); 275 else 276 clear_bit(HCI_RAW, &hdev->flags); 277 278 return 0; 279 280 case HCIGETCONNINFO: 281 return hci_get_conn_info(hdev, (void __user *) arg); 282 283 case HCIGETAUTHINFO: 284 return hci_get_auth_info(hdev, (void __user *) arg); 285 286 case HCIBLOCKADDR: 287 if (!capable(CAP_NET_ADMIN)) 288 return -EACCES; 289 return hci_blacklist_add(hdev, (void __user *) arg); 290 291 case HCIUNBLOCKADDR: 292 if (!capable(CAP_NET_ADMIN)) 293 return -EACCES; 294 return hci_blacklist_del(hdev, (void __user *) arg); 295 296 default: 297 if (hdev->ioctl) 298 return hdev->ioctl(hdev, cmd, arg); 299 return -EINVAL; 300 } 301 } 302 303 static int hci_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 304 { 305 struct sock *sk = sock->sk; 306 void __user *argp = (void __user *) arg; 307 int err; 308 309 BT_DBG("cmd %x arg %lx", cmd, arg); 310 311 switch (cmd) { 312 case HCIGETDEVLIST: 313 return hci_get_dev_list(argp); 314 315 case HCIGETDEVINFO: 316 return hci_get_dev_info(argp); 317 318 case HCIGETCONNLIST: 319 return hci_get_conn_list(argp); 320 321 case HCIDEVUP: 322 if (!capable(CAP_NET_ADMIN)) 323 return -EACCES; 324 return hci_dev_open(arg); 325 326 case HCIDEVDOWN: 327 if (!capable(CAP_NET_ADMIN)) 328 return -EACCES; 329 return hci_dev_close(arg); 330 331 case HCIDEVRESET: 332 if (!capable(CAP_NET_ADMIN)) 333 return -EACCES; 334 return hci_dev_reset(arg); 335 336 case HCIDEVRESTAT: 337 if (!capable(CAP_NET_ADMIN)) 338 return -EACCES; 339 return hci_dev_reset_stat(arg); 340 341 case HCISETSCAN: 342 case HCISETAUTH: 343 case HCISETENCRYPT: 344 case HCISETPTYPE: 345 case HCISETLINKPOL: 346 case HCISETLINKMODE: 347 case HCISETACLMTU: 348 case HCISETSCOMTU: 349 if (!capable(CAP_NET_ADMIN)) 350 return -EACCES; 351 return hci_dev_cmd(cmd, argp); 352 353 case HCIINQUIRY: 354 return hci_inquiry(argp); 355 356 default: 357 lock_sock(sk); 358 err = hci_sock_bound_ioctl(sk, cmd, arg); 359 release_sock(sk); 360 return err; 361 } 362 } 363 364 static int hci_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len) 365 { 366 struct sockaddr_hci haddr; 367 struct sock *sk = sock->sk; 368 struct hci_dev *hdev = NULL; 369 int len, err = 0; 370 371 BT_DBG("sock %p sk %p", sock, sk); 372 373 if (!addr) 374 return -EINVAL; 375 376 memset(&haddr, 0, sizeof(haddr)); 377 len = min_t(unsigned int, sizeof(haddr), addr_len); 378 memcpy(&haddr, addr, len); 379 380 if (haddr.hci_family != AF_BLUETOOTH) 381 return -EINVAL; 382 383 if (haddr.hci_channel > HCI_CHANNEL_CONTROL) 384 return -EINVAL; 385 386 if (haddr.hci_channel == HCI_CHANNEL_CONTROL && !enable_mgmt) 387 return -EINVAL; 388 389 lock_sock(sk); 390 391 if (sk->sk_state == BT_BOUND || hci_pi(sk)->hdev) { 392 err = -EALREADY; 393 goto done; 394 } 395 396 if (haddr.hci_dev != HCI_DEV_NONE) { 397 hdev = hci_dev_get(haddr.hci_dev); 398 if (!hdev) { 399 err = -ENODEV; 400 goto done; 401 } 402 403 atomic_inc(&hdev->promisc); 404 } 405 406 hci_pi(sk)->channel = haddr.hci_channel; 407 hci_pi(sk)->hdev = hdev; 408 sk->sk_state = BT_BOUND; 409 410 done: 411 release_sock(sk); 412 return err; 413 } 414 415 static int hci_sock_getname(struct socket *sock, struct sockaddr *addr, int *addr_len, int peer) 416 { 417 struct sockaddr_hci *haddr = (struct sockaddr_hci *) addr; 418 struct sock *sk = sock->sk; 419 struct hci_dev *hdev = hci_pi(sk)->hdev; 420 421 BT_DBG("sock %p sk %p", sock, sk); 422 423 if (!hdev) 424 return -EBADFD; 425 426 lock_sock(sk); 427 428 *addr_len = sizeof(*haddr); 429 haddr->hci_family = AF_BLUETOOTH; 430 haddr->hci_dev = hdev->id; 431 432 release_sock(sk); 433 return 0; 434 } 435 436 static inline void hci_sock_cmsg(struct sock *sk, struct msghdr *msg, struct sk_buff *skb) 437 { 438 __u32 mask = hci_pi(sk)->cmsg_mask; 439 440 if (mask & HCI_CMSG_DIR) { 441 int incoming = bt_cb(skb)->incoming; 442 put_cmsg(msg, SOL_HCI, HCI_CMSG_DIR, sizeof(incoming), &incoming); 443 } 444 445 if (mask & HCI_CMSG_TSTAMP) { 446 #ifdef CONFIG_COMPAT 447 struct compat_timeval ctv; 448 #endif 449 struct timeval tv; 450 void *data; 451 int len; 452 453 skb_get_timestamp(skb, &tv); 454 455 data = &tv; 456 len = sizeof(tv); 457 #ifdef CONFIG_COMPAT 458 if (msg->msg_flags & MSG_CMSG_COMPAT) { 459 ctv.tv_sec = tv.tv_sec; 460 ctv.tv_usec = tv.tv_usec; 461 data = &ctv; 462 len = sizeof(ctv); 463 } 464 #endif 465 466 put_cmsg(msg, SOL_HCI, HCI_CMSG_TSTAMP, len, data); 467 } 468 } 469 470 static int hci_sock_recvmsg(struct kiocb *iocb, struct socket *sock, 471 struct msghdr *msg, size_t len, int flags) 472 { 473 int noblock = flags & MSG_DONTWAIT; 474 struct sock *sk = sock->sk; 475 struct sk_buff *skb; 476 int copied, err; 477 478 BT_DBG("sock %p, sk %p", sock, sk); 479 480 if (flags & (MSG_OOB)) 481 return -EOPNOTSUPP; 482 483 if (sk->sk_state == BT_CLOSED) 484 return 0; 485 486 skb = skb_recv_datagram(sk, flags, noblock, &err); 487 if (!skb) 488 return err; 489 490 msg->msg_namelen = 0; 491 492 copied = skb->len; 493 if (len < copied) { 494 msg->msg_flags |= MSG_TRUNC; 495 copied = len; 496 } 497 498 skb_reset_transport_header(skb); 499 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); 500 501 hci_sock_cmsg(sk, msg, skb); 502 503 skb_free_datagram(sk, skb); 504 505 return err ? : copied; 506 } 507 508 static int hci_sock_sendmsg(struct kiocb *iocb, struct socket *sock, 509 struct msghdr *msg, size_t len) 510 { 511 struct sock *sk = sock->sk; 512 struct hci_dev *hdev; 513 struct sk_buff *skb; 514 int err; 515 516 BT_DBG("sock %p sk %p", sock, sk); 517 518 if (msg->msg_flags & MSG_OOB) 519 return -EOPNOTSUPP; 520 521 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_NOSIGNAL|MSG_ERRQUEUE)) 522 return -EINVAL; 523 524 if (len < 4 || len > HCI_MAX_FRAME_SIZE) 525 return -EINVAL; 526 527 lock_sock(sk); 528 529 switch (hci_pi(sk)->channel) { 530 case HCI_CHANNEL_RAW: 531 break; 532 case HCI_CHANNEL_CONTROL: 533 err = mgmt_control(sk, msg, len); 534 goto done; 535 default: 536 err = -EINVAL; 537 goto done; 538 } 539 540 hdev = hci_pi(sk)->hdev; 541 if (!hdev) { 542 err = -EBADFD; 543 goto done; 544 } 545 546 if (!test_bit(HCI_UP, &hdev->flags)) { 547 err = -ENETDOWN; 548 goto done; 549 } 550 551 skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err); 552 if (!skb) 553 goto done; 554 555 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) { 556 err = -EFAULT; 557 goto drop; 558 } 559 560 bt_cb(skb)->pkt_type = *((unsigned char *) skb->data); 561 skb_pull(skb, 1); 562 skb->dev = (void *) hdev; 563 564 if (bt_cb(skb)->pkt_type == HCI_COMMAND_PKT) { 565 u16 opcode = get_unaligned_le16(skb->data); 566 u16 ogf = hci_opcode_ogf(opcode); 567 u16 ocf = hci_opcode_ocf(opcode); 568 569 if (((ogf > HCI_SFLT_MAX_OGF) || 570 !hci_test_bit(ocf & HCI_FLT_OCF_BITS, &hci_sec_filter.ocf_mask[ogf])) && 571 !capable(CAP_NET_RAW)) { 572 err = -EPERM; 573 goto drop; 574 } 575 576 if (test_bit(HCI_RAW, &hdev->flags) || (ogf == 0x3f)) { 577 skb_queue_tail(&hdev->raw_q, skb); 578 tasklet_schedule(&hdev->tx_task); 579 } else { 580 skb_queue_tail(&hdev->cmd_q, skb); 581 tasklet_schedule(&hdev->cmd_task); 582 } 583 } else { 584 if (!capable(CAP_NET_RAW)) { 585 err = -EPERM; 586 goto drop; 587 } 588 589 skb_queue_tail(&hdev->raw_q, skb); 590 tasklet_schedule(&hdev->tx_task); 591 } 592 593 err = len; 594 595 done: 596 release_sock(sk); 597 return err; 598 599 drop: 600 kfree_skb(skb); 601 goto done; 602 } 603 604 static int hci_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int len) 605 { 606 struct hci_ufilter uf = { .opcode = 0 }; 607 struct sock *sk = sock->sk; 608 int err = 0, opt = 0; 609 610 BT_DBG("sk %p, opt %d", sk, optname); 611 612 lock_sock(sk); 613 614 switch (optname) { 615 case HCI_DATA_DIR: 616 if (get_user(opt, (int __user *)optval)) { 617 err = -EFAULT; 618 break; 619 } 620 621 if (opt) 622 hci_pi(sk)->cmsg_mask |= HCI_CMSG_DIR; 623 else 624 hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_DIR; 625 break; 626 627 case HCI_TIME_STAMP: 628 if (get_user(opt, (int __user *)optval)) { 629 err = -EFAULT; 630 break; 631 } 632 633 if (opt) 634 hci_pi(sk)->cmsg_mask |= HCI_CMSG_TSTAMP; 635 else 636 hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_TSTAMP; 637 break; 638 639 case HCI_FILTER: 640 { 641 struct hci_filter *f = &hci_pi(sk)->filter; 642 643 uf.type_mask = f->type_mask; 644 uf.opcode = f->opcode; 645 uf.event_mask[0] = *((u32 *) f->event_mask + 0); 646 uf.event_mask[1] = *((u32 *) f->event_mask + 1); 647 } 648 649 len = min_t(unsigned int, len, sizeof(uf)); 650 if (copy_from_user(&uf, optval, len)) { 651 err = -EFAULT; 652 break; 653 } 654 655 if (!capable(CAP_NET_RAW)) { 656 uf.type_mask &= hci_sec_filter.type_mask; 657 uf.event_mask[0] &= *((u32 *) hci_sec_filter.event_mask + 0); 658 uf.event_mask[1] &= *((u32 *) hci_sec_filter.event_mask + 1); 659 } 660 661 { 662 struct hci_filter *f = &hci_pi(sk)->filter; 663 664 f->type_mask = uf.type_mask; 665 f->opcode = uf.opcode; 666 *((u32 *) f->event_mask + 0) = uf.event_mask[0]; 667 *((u32 *) f->event_mask + 1) = uf.event_mask[1]; 668 } 669 break; 670 671 default: 672 err = -ENOPROTOOPT; 673 break; 674 } 675 676 release_sock(sk); 677 return err; 678 } 679 680 static int hci_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen) 681 { 682 struct hci_ufilter uf; 683 struct sock *sk = sock->sk; 684 int len, opt; 685 686 if (get_user(len, optlen)) 687 return -EFAULT; 688 689 switch (optname) { 690 case HCI_DATA_DIR: 691 if (hci_pi(sk)->cmsg_mask & HCI_CMSG_DIR) 692 opt = 1; 693 else 694 opt = 0; 695 696 if (put_user(opt, optval)) 697 return -EFAULT; 698 break; 699 700 case HCI_TIME_STAMP: 701 if (hci_pi(sk)->cmsg_mask & HCI_CMSG_TSTAMP) 702 opt = 1; 703 else 704 opt = 0; 705 706 if (put_user(opt, optval)) 707 return -EFAULT; 708 break; 709 710 case HCI_FILTER: 711 { 712 struct hci_filter *f = &hci_pi(sk)->filter; 713 714 uf.type_mask = f->type_mask; 715 uf.opcode = f->opcode; 716 uf.event_mask[0] = *((u32 *) f->event_mask + 0); 717 uf.event_mask[1] = *((u32 *) f->event_mask + 1); 718 } 719 720 len = min_t(unsigned int, len, sizeof(uf)); 721 if (copy_to_user(optval, &uf, len)) 722 return -EFAULT; 723 break; 724 725 default: 726 return -ENOPROTOOPT; 727 break; 728 } 729 730 return 0; 731 } 732 733 static const struct proto_ops hci_sock_ops = { 734 .family = PF_BLUETOOTH, 735 .owner = THIS_MODULE, 736 .release = hci_sock_release, 737 .bind = hci_sock_bind, 738 .getname = hci_sock_getname, 739 .sendmsg = hci_sock_sendmsg, 740 .recvmsg = hci_sock_recvmsg, 741 .ioctl = hci_sock_ioctl, 742 .poll = datagram_poll, 743 .listen = sock_no_listen, 744 .shutdown = sock_no_shutdown, 745 .setsockopt = hci_sock_setsockopt, 746 .getsockopt = hci_sock_getsockopt, 747 .connect = sock_no_connect, 748 .socketpair = sock_no_socketpair, 749 .accept = sock_no_accept, 750 .mmap = sock_no_mmap 751 }; 752 753 static struct proto hci_sk_proto = { 754 .name = "HCI", 755 .owner = THIS_MODULE, 756 .obj_size = sizeof(struct hci_pinfo) 757 }; 758 759 static int hci_sock_create(struct net *net, struct socket *sock, int protocol, 760 int kern) 761 { 762 struct sock *sk; 763 764 BT_DBG("sock %p", sock); 765 766 if (sock->type != SOCK_RAW) 767 return -ESOCKTNOSUPPORT; 768 769 sock->ops = &hci_sock_ops; 770 771 sk = sk_alloc(net, PF_BLUETOOTH, GFP_ATOMIC, &hci_sk_proto); 772 if (!sk) 773 return -ENOMEM; 774 775 sock_init_data(sock, sk); 776 777 sock_reset_flag(sk, SOCK_ZAPPED); 778 779 sk->sk_protocol = protocol; 780 781 sock->state = SS_UNCONNECTED; 782 sk->sk_state = BT_OPEN; 783 784 bt_sock_link(&hci_sk_list, sk); 785 return 0; 786 } 787 788 static int hci_sock_dev_event(struct notifier_block *this, unsigned long event, void *ptr) 789 { 790 struct hci_dev *hdev = (struct hci_dev *) ptr; 791 struct hci_ev_si_device ev; 792 793 BT_DBG("hdev %s event %ld", hdev->name, event); 794 795 /* Send event to sockets */ 796 ev.event = event; 797 ev.dev_id = hdev->id; 798 hci_si_event(NULL, HCI_EV_SI_DEVICE, sizeof(ev), &ev); 799 800 if (event == HCI_DEV_UNREG) { 801 struct sock *sk; 802 struct hlist_node *node; 803 804 /* Detach sockets from device */ 805 read_lock(&hci_sk_list.lock); 806 sk_for_each(sk, node, &hci_sk_list.head) { 807 local_bh_disable(); 808 bh_lock_sock_nested(sk); 809 if (hci_pi(sk)->hdev == hdev) { 810 hci_pi(sk)->hdev = NULL; 811 sk->sk_err = EPIPE; 812 sk->sk_state = BT_OPEN; 813 sk->sk_state_change(sk); 814 815 hci_dev_put(hdev); 816 } 817 bh_unlock_sock(sk); 818 local_bh_enable(); 819 } 820 read_unlock(&hci_sk_list.lock); 821 } 822 823 return NOTIFY_DONE; 824 } 825 826 static const struct net_proto_family hci_sock_family_ops = { 827 .family = PF_BLUETOOTH, 828 .owner = THIS_MODULE, 829 .create = hci_sock_create, 830 }; 831 832 static struct notifier_block hci_sock_nblock = { 833 .notifier_call = hci_sock_dev_event 834 }; 835 836 int __init hci_sock_init(void) 837 { 838 int err; 839 840 err = proto_register(&hci_sk_proto, 0); 841 if (err < 0) 842 return err; 843 844 err = bt_sock_register(BTPROTO_HCI, &hci_sock_family_ops); 845 if (err < 0) 846 goto error; 847 848 hci_register_notifier(&hci_sock_nblock); 849 850 BT_INFO("HCI socket layer initialized"); 851 852 return 0; 853 854 error: 855 BT_ERR("HCI socket registration failed"); 856 proto_unregister(&hci_sk_proto); 857 return err; 858 } 859 860 void __exit hci_sock_cleanup(void) 861 { 862 if (bt_sock_unregister(BTPROTO_HCI) < 0) 863 BT_ERR("HCI socket unregistration failed"); 864 865 hci_unregister_notifier(&hci_sock_nblock); 866 867 proto_unregister(&hci_sk_proto); 868 } 869 870 module_param(enable_mgmt, bool, 0644); 871 MODULE_PARM_DESC(enable_mgmt, "Enable Management interface"); 872