1 /* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (C) 2000-2001 Qualcomm Incorporated 4 5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 6 7 This program is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License version 2 as 9 published by the Free Software Foundation; 10 11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 22 SOFTWARE IS DISCLAIMED. 23 */ 24 25 /* Bluetooth SCO sockets. */ 26 27 #include <linux/module.h> 28 #include <linux/debugfs.h> 29 #include <linux/seq_file.h> 30 31 #include <net/bluetooth/bluetooth.h> 32 #include <net/bluetooth/hci_core.h> 33 #include <net/bluetooth/sco.h> 34 35 static bool disable_esco; 36 37 static const struct proto_ops sco_sock_ops; 38 39 static struct bt_sock_list sco_sk_list = { 40 .lock = __RW_LOCK_UNLOCKED(sco_sk_list.lock) 41 }; 42 43 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent); 44 static void sco_chan_del(struct sock *sk, int err); 45 46 static void sco_sock_close(struct sock *sk); 47 static void sco_sock_kill(struct sock *sk); 48 49 /* ---- SCO timers ---- */ 50 static void sco_sock_timeout(unsigned long arg) 51 { 52 struct sock *sk = (struct sock *) arg; 53 54 BT_DBG("sock %p state %d", sk, sk->sk_state); 55 56 bh_lock_sock(sk); 57 sk->sk_err = ETIMEDOUT; 58 sk->sk_state_change(sk); 59 bh_unlock_sock(sk); 60 61 sco_sock_kill(sk); 62 sock_put(sk); 63 } 64 65 static void sco_sock_set_timer(struct sock *sk, long timeout) 66 { 67 BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout); 68 sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout); 69 } 70 71 static void sco_sock_clear_timer(struct sock *sk) 72 { 73 BT_DBG("sock %p state %d", sk, sk->sk_state); 74 sk_stop_timer(sk, &sk->sk_timer); 75 } 76 77 /* ---- SCO connections ---- */ 78 static struct sco_conn *sco_conn_add(struct hci_conn *hcon) 79 { 80 struct hci_dev *hdev = hcon->hdev; 81 struct sco_conn *conn = hcon->sco_data; 82 83 if (conn) 84 return conn; 85 86 conn = kzalloc(sizeof(struct sco_conn), GFP_ATOMIC); 87 if (!conn) 88 return NULL; 89 90 spin_lock_init(&conn->lock); 91 92 hcon->sco_data = conn; 93 conn->hcon = hcon; 94 95 conn->src = &hdev->bdaddr; 96 conn->dst = &hcon->dst; 97 98 if (hdev->sco_mtu > 0) 99 conn->mtu = hdev->sco_mtu; 100 else 101 conn->mtu = 60; 102 103 BT_DBG("hcon %p conn %p", hcon, conn); 104 105 return conn; 106 } 107 108 static struct sock *sco_chan_get(struct sco_conn *conn) 109 { 110 struct sock *sk = NULL; 111 sco_conn_lock(conn); 112 sk = conn->sk; 113 sco_conn_unlock(conn); 114 return sk; 115 } 116 117 static int sco_conn_del(struct hci_conn *hcon, int err) 118 { 119 struct sco_conn *conn = hcon->sco_data; 120 struct sock *sk; 121 122 if (!conn) 123 return 0; 124 125 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err); 126 127 /* Kill socket */ 128 sk = sco_chan_get(conn); 129 if (sk) { 130 bh_lock_sock(sk); 131 sco_sock_clear_timer(sk); 132 sco_chan_del(sk, err); 133 bh_unlock_sock(sk); 134 sco_sock_kill(sk); 135 } 136 137 hcon->sco_data = NULL; 138 kfree(conn); 139 return 0; 140 } 141 142 static int sco_chan_add(struct sco_conn *conn, struct sock *sk, 143 struct sock *parent) 144 { 145 int err = 0; 146 147 sco_conn_lock(conn); 148 if (conn->sk) 149 err = -EBUSY; 150 else 151 __sco_chan_add(conn, sk, parent); 152 153 sco_conn_unlock(conn); 154 return err; 155 } 156 157 static int sco_connect(struct sock *sk) 158 { 159 bdaddr_t *src = &bt_sk(sk)->src; 160 bdaddr_t *dst = &bt_sk(sk)->dst; 161 struct sco_conn *conn; 162 struct hci_conn *hcon; 163 struct hci_dev *hdev; 164 int err, type; 165 166 BT_DBG("%pMR -> %pMR", src, dst); 167 168 hdev = hci_get_route(dst, src); 169 if (!hdev) 170 return -EHOSTUNREACH; 171 172 hci_dev_lock(hdev); 173 174 if (lmp_esco_capable(hdev) && !disable_esco) 175 type = ESCO_LINK; 176 else 177 type = SCO_LINK; 178 179 hcon = hci_connect(hdev, type, dst, BDADDR_BREDR, BT_SECURITY_LOW, 180 HCI_AT_NO_BONDING); 181 if (IS_ERR(hcon)) { 182 err = PTR_ERR(hcon); 183 goto done; 184 } 185 186 conn = sco_conn_add(hcon); 187 if (!conn) { 188 hci_conn_put(hcon); 189 err = -ENOMEM; 190 goto done; 191 } 192 193 /* Update source addr of the socket */ 194 bacpy(src, conn->src); 195 196 err = sco_chan_add(conn, sk, NULL); 197 if (err) 198 goto done; 199 200 if (hcon->state == BT_CONNECTED) { 201 sco_sock_clear_timer(sk); 202 sk->sk_state = BT_CONNECTED; 203 } else { 204 sk->sk_state = BT_CONNECT; 205 sco_sock_set_timer(sk, sk->sk_sndtimeo); 206 } 207 208 done: 209 hci_dev_unlock(hdev); 210 hci_dev_put(hdev); 211 return err; 212 } 213 214 static int sco_send_frame(struct sock *sk, struct msghdr *msg, int len) 215 { 216 struct sco_conn *conn = sco_pi(sk)->conn; 217 struct sk_buff *skb; 218 int err; 219 220 /* Check outgoing MTU */ 221 if (len > conn->mtu) 222 return -EINVAL; 223 224 BT_DBG("sk %p len %d", sk, len); 225 226 skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err); 227 if (!skb) 228 return err; 229 230 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) { 231 kfree_skb(skb); 232 return -EFAULT; 233 } 234 235 hci_send_sco(conn->hcon, skb); 236 237 return len; 238 } 239 240 static void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb) 241 { 242 struct sock *sk = sco_chan_get(conn); 243 244 if (!sk) 245 goto drop; 246 247 BT_DBG("sk %p len %d", sk, skb->len); 248 249 if (sk->sk_state != BT_CONNECTED) 250 goto drop; 251 252 if (!sock_queue_rcv_skb(sk, skb)) 253 return; 254 255 drop: 256 kfree_skb(skb); 257 } 258 259 /* -------- Socket interface ---------- */ 260 static struct sock *__sco_get_sock_listen_by_addr(bdaddr_t *ba) 261 { 262 struct hlist_node *node; 263 struct sock *sk; 264 265 sk_for_each(sk, node, &sco_sk_list.head) { 266 if (sk->sk_state != BT_LISTEN) 267 continue; 268 269 if (!bacmp(&bt_sk(sk)->src, ba)) 270 return sk; 271 } 272 273 return NULL; 274 } 275 276 /* Find socket listening on source bdaddr. 277 * Returns closest match. 278 */ 279 static struct sock *sco_get_sock_listen(bdaddr_t *src) 280 { 281 struct sock *sk = NULL, *sk1 = NULL; 282 struct hlist_node *node; 283 284 read_lock(&sco_sk_list.lock); 285 286 sk_for_each(sk, node, &sco_sk_list.head) { 287 if (sk->sk_state != BT_LISTEN) 288 continue; 289 290 /* Exact match. */ 291 if (!bacmp(&bt_sk(sk)->src, src)) 292 break; 293 294 /* Closest match */ 295 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY)) 296 sk1 = sk; 297 } 298 299 read_unlock(&sco_sk_list.lock); 300 301 return node ? sk : sk1; 302 } 303 304 static void sco_sock_destruct(struct sock *sk) 305 { 306 BT_DBG("sk %p", sk); 307 308 skb_queue_purge(&sk->sk_receive_queue); 309 skb_queue_purge(&sk->sk_write_queue); 310 } 311 312 static void sco_sock_cleanup_listen(struct sock *parent) 313 { 314 struct sock *sk; 315 316 BT_DBG("parent %p", parent); 317 318 /* Close not yet accepted channels */ 319 while ((sk = bt_accept_dequeue(parent, NULL))) { 320 sco_sock_close(sk); 321 sco_sock_kill(sk); 322 } 323 324 parent->sk_state = BT_CLOSED; 325 sock_set_flag(parent, SOCK_ZAPPED); 326 } 327 328 /* Kill socket (only if zapped and orphan) 329 * Must be called on unlocked socket. 330 */ 331 static void sco_sock_kill(struct sock *sk) 332 { 333 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket) 334 return; 335 336 BT_DBG("sk %p state %d", sk, sk->sk_state); 337 338 /* Kill poor orphan */ 339 bt_sock_unlink(&sco_sk_list, sk); 340 sock_set_flag(sk, SOCK_DEAD); 341 sock_put(sk); 342 } 343 344 static void __sco_sock_close(struct sock *sk) 345 { 346 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket); 347 348 switch (sk->sk_state) { 349 case BT_LISTEN: 350 sco_sock_cleanup_listen(sk); 351 break; 352 353 case BT_CONNECTED: 354 case BT_CONFIG: 355 if (sco_pi(sk)->conn->hcon) { 356 sk->sk_state = BT_DISCONN; 357 sco_sock_set_timer(sk, SCO_DISCONN_TIMEOUT); 358 hci_conn_put(sco_pi(sk)->conn->hcon); 359 sco_pi(sk)->conn->hcon = NULL; 360 } else 361 sco_chan_del(sk, ECONNRESET); 362 break; 363 364 case BT_CONNECT: 365 case BT_DISCONN: 366 sco_chan_del(sk, ECONNRESET); 367 break; 368 369 default: 370 sock_set_flag(sk, SOCK_ZAPPED); 371 break; 372 } 373 } 374 375 /* Must be called on unlocked socket. */ 376 static void sco_sock_close(struct sock *sk) 377 { 378 sco_sock_clear_timer(sk); 379 lock_sock(sk); 380 __sco_sock_close(sk); 381 release_sock(sk); 382 sco_sock_kill(sk); 383 } 384 385 static void sco_sock_init(struct sock *sk, struct sock *parent) 386 { 387 BT_DBG("sk %p", sk); 388 389 if (parent) { 390 sk->sk_type = parent->sk_type; 391 bt_sk(sk)->flags = bt_sk(parent)->flags; 392 security_sk_clone(parent, sk); 393 } 394 } 395 396 static struct proto sco_proto = { 397 .name = "SCO", 398 .owner = THIS_MODULE, 399 .obj_size = sizeof(struct sco_pinfo) 400 }; 401 402 static struct sock *sco_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio) 403 { 404 struct sock *sk; 405 406 sk = sk_alloc(net, PF_BLUETOOTH, prio, &sco_proto); 407 if (!sk) 408 return NULL; 409 410 sock_init_data(sock, sk); 411 INIT_LIST_HEAD(&bt_sk(sk)->accept_q); 412 413 sk->sk_destruct = sco_sock_destruct; 414 sk->sk_sndtimeo = SCO_CONN_TIMEOUT; 415 416 sock_reset_flag(sk, SOCK_ZAPPED); 417 418 sk->sk_protocol = proto; 419 sk->sk_state = BT_OPEN; 420 421 setup_timer(&sk->sk_timer, sco_sock_timeout, (unsigned long)sk); 422 423 bt_sock_link(&sco_sk_list, sk); 424 return sk; 425 } 426 427 static int sco_sock_create(struct net *net, struct socket *sock, int protocol, 428 int kern) 429 { 430 struct sock *sk; 431 432 BT_DBG("sock %p", sock); 433 434 sock->state = SS_UNCONNECTED; 435 436 if (sock->type != SOCK_SEQPACKET) 437 return -ESOCKTNOSUPPORT; 438 439 sock->ops = &sco_sock_ops; 440 441 sk = sco_sock_alloc(net, sock, protocol, GFP_ATOMIC); 442 if (!sk) 443 return -ENOMEM; 444 445 sco_sock_init(sk, NULL); 446 return 0; 447 } 448 449 static int sco_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len) 450 { 451 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 452 struct sock *sk = sock->sk; 453 int err = 0; 454 455 BT_DBG("sk %p %pMR", sk, &sa->sco_bdaddr); 456 457 if (!addr || addr->sa_family != AF_BLUETOOTH) 458 return -EINVAL; 459 460 lock_sock(sk); 461 462 if (sk->sk_state != BT_OPEN) { 463 err = -EBADFD; 464 goto done; 465 } 466 467 if (sk->sk_type != SOCK_SEQPACKET) { 468 err = -EINVAL; 469 goto done; 470 } 471 472 bacpy(&bt_sk(sk)->src, &sa->sco_bdaddr); 473 474 sk->sk_state = BT_BOUND; 475 476 done: 477 release_sock(sk); 478 return err; 479 } 480 481 static int sco_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags) 482 { 483 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 484 struct sock *sk = sock->sk; 485 int err = 0; 486 487 488 BT_DBG("sk %p", sk); 489 490 if (alen < sizeof(struct sockaddr_sco) || 491 addr->sa_family != AF_BLUETOOTH) 492 return -EINVAL; 493 494 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) 495 return -EBADFD; 496 497 if (sk->sk_type != SOCK_SEQPACKET) 498 return -EINVAL; 499 500 lock_sock(sk); 501 502 /* Set destination address and psm */ 503 bacpy(&bt_sk(sk)->dst, &sa->sco_bdaddr); 504 505 err = sco_connect(sk); 506 if (err) 507 goto done; 508 509 err = bt_sock_wait_state(sk, BT_CONNECTED, 510 sock_sndtimeo(sk, flags & O_NONBLOCK)); 511 512 done: 513 release_sock(sk); 514 return err; 515 } 516 517 static int sco_sock_listen(struct socket *sock, int backlog) 518 { 519 struct sock *sk = sock->sk; 520 bdaddr_t *src = &bt_sk(sk)->src; 521 int err = 0; 522 523 BT_DBG("sk %p backlog %d", sk, backlog); 524 525 lock_sock(sk); 526 527 if (sk->sk_state != BT_BOUND) { 528 err = -EBADFD; 529 goto done; 530 } 531 532 if (sk->sk_type != SOCK_SEQPACKET) { 533 err = -EINVAL; 534 goto done; 535 } 536 537 write_lock(&sco_sk_list.lock); 538 539 if (__sco_get_sock_listen_by_addr(src)) { 540 err = -EADDRINUSE; 541 goto unlock; 542 } 543 544 sk->sk_max_ack_backlog = backlog; 545 sk->sk_ack_backlog = 0; 546 547 sk->sk_state = BT_LISTEN; 548 549 unlock: 550 write_unlock(&sco_sk_list.lock); 551 552 done: 553 release_sock(sk); 554 return err; 555 } 556 557 static int sco_sock_accept(struct socket *sock, struct socket *newsock, int flags) 558 { 559 DECLARE_WAITQUEUE(wait, current); 560 struct sock *sk = sock->sk, *ch; 561 long timeo; 562 int err = 0; 563 564 lock_sock(sk); 565 566 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK); 567 568 BT_DBG("sk %p timeo %ld", sk, timeo); 569 570 /* Wait for an incoming connection. (wake-one). */ 571 add_wait_queue_exclusive(sk_sleep(sk), &wait); 572 while (1) { 573 set_current_state(TASK_INTERRUPTIBLE); 574 575 if (sk->sk_state != BT_LISTEN) { 576 err = -EBADFD; 577 break; 578 } 579 580 ch = bt_accept_dequeue(sk, newsock); 581 if (ch) 582 break; 583 584 if (!timeo) { 585 err = -EAGAIN; 586 break; 587 } 588 589 if (signal_pending(current)) { 590 err = sock_intr_errno(timeo); 591 break; 592 } 593 594 release_sock(sk); 595 timeo = schedule_timeout(timeo); 596 lock_sock(sk); 597 } 598 __set_current_state(TASK_RUNNING); 599 remove_wait_queue(sk_sleep(sk), &wait); 600 601 if (err) 602 goto done; 603 604 newsock->state = SS_CONNECTED; 605 606 BT_DBG("new socket %p", ch); 607 608 done: 609 release_sock(sk); 610 return err; 611 } 612 613 static int sco_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer) 614 { 615 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 616 struct sock *sk = sock->sk; 617 618 BT_DBG("sock %p, sk %p", sock, sk); 619 620 addr->sa_family = AF_BLUETOOTH; 621 *len = sizeof(struct sockaddr_sco); 622 623 if (peer) 624 bacpy(&sa->sco_bdaddr, &bt_sk(sk)->dst); 625 else 626 bacpy(&sa->sco_bdaddr, &bt_sk(sk)->src); 627 628 return 0; 629 } 630 631 static int sco_sock_sendmsg(struct kiocb *iocb, struct socket *sock, 632 struct msghdr *msg, size_t len) 633 { 634 struct sock *sk = sock->sk; 635 int err; 636 637 BT_DBG("sock %p, sk %p", sock, sk); 638 639 err = sock_error(sk); 640 if (err) 641 return err; 642 643 if (msg->msg_flags & MSG_OOB) 644 return -EOPNOTSUPP; 645 646 lock_sock(sk); 647 648 if (sk->sk_state == BT_CONNECTED) 649 err = sco_send_frame(sk, msg, len); 650 else 651 err = -ENOTCONN; 652 653 release_sock(sk); 654 return err; 655 } 656 657 static int sco_sock_recvmsg(struct kiocb *iocb, struct socket *sock, 658 struct msghdr *msg, size_t len, int flags) 659 { 660 struct sock *sk = sock->sk; 661 struct sco_pinfo *pi = sco_pi(sk); 662 663 lock_sock(sk); 664 665 if (sk->sk_state == BT_CONNECT2 && 666 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) { 667 hci_conn_accept(pi->conn->hcon, 0); 668 sk->sk_state = BT_CONFIG; 669 670 release_sock(sk); 671 return 0; 672 } 673 674 release_sock(sk); 675 676 return bt_sock_recvmsg(iocb, sock, msg, len, flags); 677 } 678 679 static int sco_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen) 680 { 681 struct sock *sk = sock->sk; 682 int err = 0; 683 u32 opt; 684 685 BT_DBG("sk %p", sk); 686 687 lock_sock(sk); 688 689 switch (optname) { 690 691 case BT_DEFER_SETUP: 692 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) { 693 err = -EINVAL; 694 break; 695 } 696 697 if (get_user(opt, (u32 __user *) optval)) { 698 err = -EFAULT; 699 break; 700 } 701 702 if (opt) 703 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags); 704 else 705 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags); 706 break; 707 708 default: 709 err = -ENOPROTOOPT; 710 break; 711 } 712 713 release_sock(sk); 714 return err; 715 } 716 717 static int sco_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen) 718 { 719 struct sock *sk = sock->sk; 720 struct sco_options opts; 721 struct sco_conninfo cinfo; 722 int len, err = 0; 723 724 BT_DBG("sk %p", sk); 725 726 if (get_user(len, optlen)) 727 return -EFAULT; 728 729 lock_sock(sk); 730 731 switch (optname) { 732 case SCO_OPTIONS: 733 if (sk->sk_state != BT_CONNECTED) { 734 err = -ENOTCONN; 735 break; 736 } 737 738 opts.mtu = sco_pi(sk)->conn->mtu; 739 740 BT_DBG("mtu %d", opts.mtu); 741 742 len = min_t(unsigned int, len, sizeof(opts)); 743 if (copy_to_user(optval, (char *)&opts, len)) 744 err = -EFAULT; 745 746 break; 747 748 case SCO_CONNINFO: 749 if (sk->sk_state != BT_CONNECTED) { 750 err = -ENOTCONN; 751 break; 752 } 753 754 memset(&cinfo, 0, sizeof(cinfo)); 755 cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle; 756 memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3); 757 758 len = min_t(unsigned int, len, sizeof(cinfo)); 759 if (copy_to_user(optval, (char *)&cinfo, len)) 760 err = -EFAULT; 761 762 break; 763 764 default: 765 err = -ENOPROTOOPT; 766 break; 767 } 768 769 release_sock(sk); 770 return err; 771 } 772 773 static int sco_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen) 774 { 775 struct sock *sk = sock->sk; 776 int len, err = 0; 777 778 BT_DBG("sk %p", sk); 779 780 if (level == SOL_SCO) 781 return sco_sock_getsockopt_old(sock, optname, optval, optlen); 782 783 if (get_user(len, optlen)) 784 return -EFAULT; 785 786 lock_sock(sk); 787 788 switch (optname) { 789 790 case BT_DEFER_SETUP: 791 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) { 792 err = -EINVAL; 793 break; 794 } 795 796 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags), 797 (u32 __user *) optval)) 798 err = -EFAULT; 799 800 break; 801 802 default: 803 err = -ENOPROTOOPT; 804 break; 805 } 806 807 release_sock(sk); 808 return err; 809 } 810 811 static int sco_sock_shutdown(struct socket *sock, int how) 812 { 813 struct sock *sk = sock->sk; 814 int err = 0; 815 816 BT_DBG("sock %p, sk %p", sock, sk); 817 818 if (!sk) 819 return 0; 820 821 lock_sock(sk); 822 if (!sk->sk_shutdown) { 823 sk->sk_shutdown = SHUTDOWN_MASK; 824 sco_sock_clear_timer(sk); 825 __sco_sock_close(sk); 826 827 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) 828 err = bt_sock_wait_state(sk, BT_CLOSED, 829 sk->sk_lingertime); 830 } 831 release_sock(sk); 832 return err; 833 } 834 835 static int sco_sock_release(struct socket *sock) 836 { 837 struct sock *sk = sock->sk; 838 int err = 0; 839 840 BT_DBG("sock %p, sk %p", sock, sk); 841 842 if (!sk) 843 return 0; 844 845 sco_sock_close(sk); 846 847 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) { 848 lock_sock(sk); 849 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime); 850 release_sock(sk); 851 } 852 853 sock_orphan(sk); 854 sco_sock_kill(sk); 855 return err; 856 } 857 858 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent) 859 { 860 BT_DBG("conn %p", conn); 861 862 sco_pi(sk)->conn = conn; 863 conn->sk = sk; 864 865 if (parent) 866 bt_accept_enqueue(parent, sk); 867 } 868 869 /* Delete channel. 870 * Must be called on the locked socket. */ 871 static void sco_chan_del(struct sock *sk, int err) 872 { 873 struct sco_conn *conn; 874 875 conn = sco_pi(sk)->conn; 876 877 BT_DBG("sk %p, conn %p, err %d", sk, conn, err); 878 879 if (conn) { 880 sco_conn_lock(conn); 881 conn->sk = NULL; 882 sco_pi(sk)->conn = NULL; 883 sco_conn_unlock(conn); 884 885 if (conn->hcon) 886 hci_conn_put(conn->hcon); 887 } 888 889 sk->sk_state = BT_CLOSED; 890 sk->sk_err = err; 891 sk->sk_state_change(sk); 892 893 sock_set_flag(sk, SOCK_ZAPPED); 894 } 895 896 static void sco_conn_ready(struct sco_conn *conn) 897 { 898 struct sock *parent; 899 struct sock *sk = conn->sk; 900 901 BT_DBG("conn %p", conn); 902 903 if (sk) { 904 sco_sock_clear_timer(sk); 905 bh_lock_sock(sk); 906 sk->sk_state = BT_CONNECTED; 907 sk->sk_state_change(sk); 908 bh_unlock_sock(sk); 909 } else { 910 sco_conn_lock(conn); 911 912 parent = sco_get_sock_listen(conn->src); 913 if (!parent) { 914 sco_conn_unlock(conn); 915 return; 916 } 917 918 bh_lock_sock(parent); 919 920 sk = sco_sock_alloc(sock_net(parent), NULL, 921 BTPROTO_SCO, GFP_ATOMIC); 922 if (!sk) { 923 bh_unlock_sock(parent); 924 sco_conn_unlock(conn); 925 return; 926 } 927 928 sco_sock_init(sk, parent); 929 930 bacpy(&bt_sk(sk)->src, conn->src); 931 bacpy(&bt_sk(sk)->dst, conn->dst); 932 933 hci_conn_hold(conn->hcon); 934 __sco_chan_add(conn, sk, parent); 935 936 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags)) 937 sk->sk_state = BT_CONNECT2; 938 else 939 sk->sk_state = BT_CONNECTED; 940 941 /* Wake up parent */ 942 parent->sk_data_ready(parent, 1); 943 944 bh_unlock_sock(parent); 945 946 sco_conn_unlock(conn); 947 } 948 } 949 950 /* ----- SCO interface with lower layer (HCI) ----- */ 951 int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 *flags) 952 { 953 struct sock *sk; 954 struct hlist_node *node; 955 int lm = 0; 956 957 BT_DBG("hdev %s, bdaddr %pMR", hdev->name, bdaddr); 958 959 /* Find listening sockets */ 960 read_lock(&sco_sk_list.lock); 961 sk_for_each(sk, node, &sco_sk_list.head) { 962 if (sk->sk_state != BT_LISTEN) 963 continue; 964 965 if (!bacmp(&bt_sk(sk)->src, &hdev->bdaddr) || 966 !bacmp(&bt_sk(sk)->src, BDADDR_ANY)) { 967 lm |= HCI_LM_ACCEPT; 968 969 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) 970 *flags |= HCI_PROTO_DEFER; 971 break; 972 } 973 } 974 read_unlock(&sco_sk_list.lock); 975 976 return lm; 977 } 978 979 void sco_connect_cfm(struct hci_conn *hcon, __u8 status) 980 { 981 BT_DBG("hcon %p bdaddr %pMR status %d", hcon, &hcon->dst, status); 982 if (!status) { 983 struct sco_conn *conn; 984 985 conn = sco_conn_add(hcon); 986 if (conn) 987 sco_conn_ready(conn); 988 } else 989 sco_conn_del(hcon, bt_to_errno(status)); 990 } 991 992 void sco_disconn_cfm(struct hci_conn *hcon, __u8 reason) 993 { 994 BT_DBG("hcon %p reason %d", hcon, reason); 995 996 sco_conn_del(hcon, bt_to_errno(reason)); 997 } 998 999 int sco_recv_scodata(struct hci_conn *hcon, struct sk_buff *skb) 1000 { 1001 struct sco_conn *conn = hcon->sco_data; 1002 1003 if (!conn) 1004 goto drop; 1005 1006 BT_DBG("conn %p len %d", conn, skb->len); 1007 1008 if (skb->len) { 1009 sco_recv_frame(conn, skb); 1010 return 0; 1011 } 1012 1013 drop: 1014 kfree_skb(skb); 1015 return 0; 1016 } 1017 1018 static int sco_debugfs_show(struct seq_file *f, void *p) 1019 { 1020 struct sock *sk; 1021 struct hlist_node *node; 1022 1023 read_lock(&sco_sk_list.lock); 1024 1025 sk_for_each(sk, node, &sco_sk_list.head) { 1026 seq_printf(f, "%pMR %pMR %d\n", &bt_sk(sk)->src, 1027 &bt_sk(sk)->dst, sk->sk_state); 1028 } 1029 1030 read_unlock(&sco_sk_list.lock); 1031 1032 return 0; 1033 } 1034 1035 static int sco_debugfs_open(struct inode *inode, struct file *file) 1036 { 1037 return single_open(file, sco_debugfs_show, inode->i_private); 1038 } 1039 1040 static const struct file_operations sco_debugfs_fops = { 1041 .open = sco_debugfs_open, 1042 .read = seq_read, 1043 .llseek = seq_lseek, 1044 .release = single_release, 1045 }; 1046 1047 static struct dentry *sco_debugfs; 1048 1049 static const struct proto_ops sco_sock_ops = { 1050 .family = PF_BLUETOOTH, 1051 .owner = THIS_MODULE, 1052 .release = sco_sock_release, 1053 .bind = sco_sock_bind, 1054 .connect = sco_sock_connect, 1055 .listen = sco_sock_listen, 1056 .accept = sco_sock_accept, 1057 .getname = sco_sock_getname, 1058 .sendmsg = sco_sock_sendmsg, 1059 .recvmsg = sco_sock_recvmsg, 1060 .poll = bt_sock_poll, 1061 .ioctl = bt_sock_ioctl, 1062 .mmap = sock_no_mmap, 1063 .socketpair = sock_no_socketpair, 1064 .shutdown = sco_sock_shutdown, 1065 .setsockopt = sco_sock_setsockopt, 1066 .getsockopt = sco_sock_getsockopt 1067 }; 1068 1069 static const struct net_proto_family sco_sock_family_ops = { 1070 .family = PF_BLUETOOTH, 1071 .owner = THIS_MODULE, 1072 .create = sco_sock_create, 1073 }; 1074 1075 int __init sco_init(void) 1076 { 1077 int err; 1078 1079 err = proto_register(&sco_proto, 0); 1080 if (err < 0) 1081 return err; 1082 1083 err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops); 1084 if (err < 0) { 1085 BT_ERR("SCO socket registration failed"); 1086 goto error; 1087 } 1088 1089 err = bt_procfs_init(THIS_MODULE, &init_net, "sco", &sco_sk_list, NULL); 1090 if (err < 0) { 1091 BT_ERR("Failed to create SCO proc file"); 1092 bt_sock_unregister(BTPROTO_SCO); 1093 goto error; 1094 } 1095 1096 if (bt_debugfs) { 1097 sco_debugfs = debugfs_create_file("sco", 0444, bt_debugfs, 1098 NULL, &sco_debugfs_fops); 1099 if (!sco_debugfs) 1100 BT_ERR("Failed to create SCO debug file"); 1101 } 1102 1103 BT_INFO("SCO socket layer initialized"); 1104 1105 return 0; 1106 1107 error: 1108 proto_unregister(&sco_proto); 1109 return err; 1110 } 1111 1112 void __exit sco_exit(void) 1113 { 1114 bt_procfs_cleanup(&init_net, "sco"); 1115 1116 debugfs_remove(sco_debugfs); 1117 1118 if (bt_sock_unregister(BTPROTO_SCO) < 0) 1119 BT_ERR("SCO socket unregistration failed"); 1120 1121 proto_unregister(&sco_proto); 1122 } 1123 1124 module_param(disable_esco, bool, 0644); 1125 MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation"); 1126