1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Copyright (C) 2011 Intel Corporation. All rights reserved. 4 */ 5 6 #define pr_fmt(fmt) "llcp: %s: " fmt, __func__ 7 8 #include <linux/init.h> 9 #include <linux/kernel.h> 10 #include <linux/module.h> 11 #include <linux/nfc.h> 12 #include <linux/sched/signal.h> 13 14 #include "nfc.h" 15 #include "llcp.h" 16 17 static int sock_wait_state(struct sock *sk, int state, unsigned long timeo) 18 { 19 DECLARE_WAITQUEUE(wait, current); 20 int err = 0; 21 22 pr_debug("sk %p", sk); 23 24 add_wait_queue(sk_sleep(sk), &wait); 25 set_current_state(TASK_INTERRUPTIBLE); 26 27 while (sk->sk_state != state) { 28 if (!timeo) { 29 err = -EINPROGRESS; 30 break; 31 } 32 33 if (signal_pending(current)) { 34 err = sock_intr_errno(timeo); 35 break; 36 } 37 38 release_sock(sk); 39 timeo = schedule_timeout(timeo); 40 lock_sock(sk); 41 set_current_state(TASK_INTERRUPTIBLE); 42 43 err = sock_error(sk); 44 if (err) 45 break; 46 } 47 48 __set_current_state(TASK_RUNNING); 49 remove_wait_queue(sk_sleep(sk), &wait); 50 return err; 51 } 52 53 static struct proto llcp_sock_proto = { 54 .name = "NFC_LLCP", 55 .owner = THIS_MODULE, 56 .obj_size = sizeof(struct nfc_llcp_sock), 57 }; 58 59 static int llcp_sock_bind(struct socket *sock, struct sockaddr *addr, int alen) 60 { 61 struct sock *sk = sock->sk; 62 struct nfc_llcp_sock *llcp_sock = nfc_llcp_sock(sk); 63 struct nfc_llcp_local *local; 64 struct nfc_dev *dev; 65 struct sockaddr_nfc_llcp llcp_addr; 66 int len, ret = 0; 67 68 if (!addr || alen < offsetofend(struct sockaddr, sa_family) || 69 addr->sa_family != AF_NFC) 70 return -EINVAL; 71 72 pr_debug("sk %p addr %p family %d\n", sk, addr, addr->sa_family); 73 74 memset(&llcp_addr, 0, sizeof(llcp_addr)); 75 len = min_t(unsigned int, sizeof(llcp_addr), alen); 76 memcpy(&llcp_addr, addr, len); 77 78 /* This is going to be a listening socket, dsap must be 0 */ 79 if (llcp_addr.dsap != 0) 80 return -EINVAL; 81 82 lock_sock(sk); 83 84 if (sk->sk_state != LLCP_CLOSED) { 85 ret = -EBADFD; 86 goto error; 87 } 88 89 dev = nfc_get_device(llcp_addr.dev_idx); 90 if (dev == NULL) { 91 ret = -ENODEV; 92 goto error; 93 } 94 95 local = nfc_llcp_find_local(dev); 96 if (local == NULL) { 97 ret = -ENODEV; 98 goto put_dev; 99 } 100 101 llcp_sock->dev = dev; 102 llcp_sock->local = nfc_llcp_local_get(local); 103 llcp_sock->nfc_protocol = llcp_addr.nfc_protocol; 104 llcp_sock->service_name_len = min_t(unsigned int, 105 llcp_addr.service_name_len, 106 NFC_LLCP_MAX_SERVICE_NAME); 107 llcp_sock->service_name = kmemdup(llcp_addr.service_name, 108 llcp_sock->service_name_len, 109 GFP_KERNEL); 110 111 llcp_sock->ssap = nfc_llcp_get_sdp_ssap(local, llcp_sock); 112 if (llcp_sock->ssap == LLCP_SAP_MAX) { 113 ret = -EADDRINUSE; 114 goto put_dev; 115 } 116 117 llcp_sock->reserved_ssap = llcp_sock->ssap; 118 119 nfc_llcp_sock_link(&local->sockets, sk); 120 121 pr_debug("Socket bound to SAP %d\n", llcp_sock->ssap); 122 123 sk->sk_state = LLCP_BOUND; 124 125 put_dev: 126 nfc_put_device(dev); 127 128 error: 129 release_sock(sk); 130 return ret; 131 } 132 133 static int llcp_raw_sock_bind(struct socket *sock, struct sockaddr *addr, 134 int alen) 135 { 136 struct sock *sk = sock->sk; 137 struct nfc_llcp_sock *llcp_sock = nfc_llcp_sock(sk); 138 struct nfc_llcp_local *local; 139 struct nfc_dev *dev; 140 struct sockaddr_nfc_llcp llcp_addr; 141 int len, ret = 0; 142 143 if (!addr || alen < offsetofend(struct sockaddr, sa_family) || 144 addr->sa_family != AF_NFC) 145 return -EINVAL; 146 147 pr_debug("sk %p addr %p family %d\n", sk, addr, addr->sa_family); 148 149 memset(&llcp_addr, 0, sizeof(llcp_addr)); 150 len = min_t(unsigned int, sizeof(llcp_addr), alen); 151 memcpy(&llcp_addr, addr, len); 152 153 lock_sock(sk); 154 155 if (sk->sk_state != LLCP_CLOSED) { 156 ret = -EBADFD; 157 goto error; 158 } 159 160 dev = nfc_get_device(llcp_addr.dev_idx); 161 if (dev == NULL) { 162 ret = -ENODEV; 163 goto error; 164 } 165 166 local = nfc_llcp_find_local(dev); 167 if (local == NULL) { 168 ret = -ENODEV; 169 goto put_dev; 170 } 171 172 llcp_sock->dev = dev; 173 llcp_sock->local = nfc_llcp_local_get(local); 174 llcp_sock->nfc_protocol = llcp_addr.nfc_protocol; 175 176 nfc_llcp_sock_link(&local->raw_sockets, sk); 177 178 sk->sk_state = LLCP_BOUND; 179 180 put_dev: 181 nfc_put_device(dev); 182 183 error: 184 release_sock(sk); 185 return ret; 186 } 187 188 static int llcp_sock_listen(struct socket *sock, int backlog) 189 { 190 struct sock *sk = sock->sk; 191 int ret = 0; 192 193 pr_debug("sk %p backlog %d\n", sk, backlog); 194 195 lock_sock(sk); 196 197 if ((sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM) || 198 sk->sk_state != LLCP_BOUND) { 199 ret = -EBADFD; 200 goto error; 201 } 202 203 sk->sk_max_ack_backlog = backlog; 204 sk->sk_ack_backlog = 0; 205 206 pr_debug("Socket listening\n"); 207 sk->sk_state = LLCP_LISTEN; 208 209 error: 210 release_sock(sk); 211 212 return ret; 213 } 214 215 static int nfc_llcp_setsockopt(struct socket *sock, int level, int optname, 216 char __user *optval, unsigned int optlen) 217 { 218 struct sock *sk = sock->sk; 219 struct nfc_llcp_sock *llcp_sock = nfc_llcp_sock(sk); 220 u32 opt; 221 int err = 0; 222 223 pr_debug("%p optname %d\n", sk, optname); 224 225 if (level != SOL_NFC) 226 return -ENOPROTOOPT; 227 228 lock_sock(sk); 229 230 switch (optname) { 231 case NFC_LLCP_RW: 232 if (sk->sk_state == LLCP_CONNECTED || 233 sk->sk_state == LLCP_BOUND || 234 sk->sk_state == LLCP_LISTEN) { 235 err = -EINVAL; 236 break; 237 } 238 239 if (get_user(opt, (u32 __user *) optval)) { 240 err = -EFAULT; 241 break; 242 } 243 244 if (opt > LLCP_MAX_RW) { 245 err = -EINVAL; 246 break; 247 } 248 249 llcp_sock->rw = (u8) opt; 250 251 break; 252 253 case NFC_LLCP_MIUX: 254 if (sk->sk_state == LLCP_CONNECTED || 255 sk->sk_state == LLCP_BOUND || 256 sk->sk_state == LLCP_LISTEN) { 257 err = -EINVAL; 258 break; 259 } 260 261 if (get_user(opt, (u32 __user *) optval)) { 262 err = -EFAULT; 263 break; 264 } 265 266 if (opt > LLCP_MAX_MIUX) { 267 err = -EINVAL; 268 break; 269 } 270 271 llcp_sock->miux = cpu_to_be16((u16) opt); 272 273 break; 274 275 default: 276 err = -ENOPROTOOPT; 277 break; 278 } 279 280 release_sock(sk); 281 282 pr_debug("%p rw %d miux %d\n", llcp_sock, 283 llcp_sock->rw, llcp_sock->miux); 284 285 return err; 286 } 287 288 static int nfc_llcp_getsockopt(struct socket *sock, int level, int optname, 289 char __user *optval, int __user *optlen) 290 { 291 struct nfc_llcp_local *local; 292 struct sock *sk = sock->sk; 293 struct nfc_llcp_sock *llcp_sock = nfc_llcp_sock(sk); 294 int len, err = 0; 295 u16 miux, remote_miu; 296 u8 rw; 297 298 pr_debug("%p optname %d\n", sk, optname); 299 300 if (level != SOL_NFC) 301 return -ENOPROTOOPT; 302 303 if (get_user(len, optlen)) 304 return -EFAULT; 305 306 local = llcp_sock->local; 307 if (!local) 308 return -ENODEV; 309 310 len = min_t(u32, len, sizeof(u32)); 311 312 lock_sock(sk); 313 314 switch (optname) { 315 case NFC_LLCP_RW: 316 rw = llcp_sock->rw > LLCP_MAX_RW ? local->rw : llcp_sock->rw; 317 if (put_user(rw, (u32 __user *) optval)) 318 err = -EFAULT; 319 320 break; 321 322 case NFC_LLCP_MIUX: 323 miux = be16_to_cpu(llcp_sock->miux) > LLCP_MAX_MIUX ? 324 be16_to_cpu(local->miux) : be16_to_cpu(llcp_sock->miux); 325 326 if (put_user(miux, (u32 __user *) optval)) 327 err = -EFAULT; 328 329 break; 330 331 case NFC_LLCP_REMOTE_MIU: 332 remote_miu = llcp_sock->remote_miu > LLCP_MAX_MIU ? 333 local->remote_miu : llcp_sock->remote_miu; 334 335 if (put_user(remote_miu, (u32 __user *) optval)) 336 err = -EFAULT; 337 338 break; 339 340 case NFC_LLCP_REMOTE_LTO: 341 if (put_user(local->remote_lto / 10, (u32 __user *) optval)) 342 err = -EFAULT; 343 344 break; 345 346 case NFC_LLCP_REMOTE_RW: 347 if (put_user(llcp_sock->remote_rw, (u32 __user *) optval)) 348 err = -EFAULT; 349 350 break; 351 352 default: 353 err = -ENOPROTOOPT; 354 break; 355 } 356 357 release_sock(sk); 358 359 if (put_user(len, optlen)) 360 return -EFAULT; 361 362 return err; 363 } 364 365 void nfc_llcp_accept_unlink(struct sock *sk) 366 { 367 struct nfc_llcp_sock *llcp_sock = nfc_llcp_sock(sk); 368 369 pr_debug("state %d\n", sk->sk_state); 370 371 list_del_init(&llcp_sock->accept_queue); 372 sk_acceptq_removed(llcp_sock->parent); 373 llcp_sock->parent = NULL; 374 375 sock_put(sk); 376 } 377 378 void nfc_llcp_accept_enqueue(struct sock *parent, struct sock *sk) 379 { 380 struct nfc_llcp_sock *llcp_sock = nfc_llcp_sock(sk); 381 struct nfc_llcp_sock *llcp_sock_parent = nfc_llcp_sock(parent); 382 383 /* Lock will be free from unlink */ 384 sock_hold(sk); 385 386 list_add_tail(&llcp_sock->accept_queue, 387 &llcp_sock_parent->accept_queue); 388 llcp_sock->parent = parent; 389 sk_acceptq_added(parent); 390 } 391 392 struct sock *nfc_llcp_accept_dequeue(struct sock *parent, 393 struct socket *newsock) 394 { 395 struct nfc_llcp_sock *lsk, *n, *llcp_parent; 396 struct sock *sk; 397 398 llcp_parent = nfc_llcp_sock(parent); 399 400 list_for_each_entry_safe(lsk, n, &llcp_parent->accept_queue, 401 accept_queue) { 402 sk = &lsk->sk; 403 lock_sock(sk); 404 405 if (sk->sk_state == LLCP_CLOSED) { 406 release_sock(sk); 407 nfc_llcp_accept_unlink(sk); 408 continue; 409 } 410 411 if (sk->sk_state == LLCP_CONNECTED || !newsock) { 412 list_del_init(&lsk->accept_queue); 413 sock_put(sk); 414 415 if (newsock) 416 sock_graft(sk, newsock); 417 418 release_sock(sk); 419 420 pr_debug("Returning sk state %d\n", sk->sk_state); 421 422 sk_acceptq_removed(parent); 423 424 return sk; 425 } 426 427 release_sock(sk); 428 } 429 430 return NULL; 431 } 432 433 static int llcp_sock_accept(struct socket *sock, struct socket *newsock, 434 int flags, bool kern) 435 { 436 DECLARE_WAITQUEUE(wait, current); 437 struct sock *sk = sock->sk, *new_sk; 438 long timeo; 439 int ret = 0; 440 441 pr_debug("parent %p\n", sk); 442 443 lock_sock_nested(sk, SINGLE_DEPTH_NESTING); 444 445 if (sk->sk_state != LLCP_LISTEN) { 446 ret = -EBADFD; 447 goto error; 448 } 449 450 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK); 451 452 /* Wait for an incoming connection. */ 453 add_wait_queue_exclusive(sk_sleep(sk), &wait); 454 while (!(new_sk = nfc_llcp_accept_dequeue(sk, newsock))) { 455 set_current_state(TASK_INTERRUPTIBLE); 456 457 if (!timeo) { 458 ret = -EAGAIN; 459 break; 460 } 461 462 if (signal_pending(current)) { 463 ret = sock_intr_errno(timeo); 464 break; 465 } 466 467 release_sock(sk); 468 timeo = schedule_timeout(timeo); 469 lock_sock_nested(sk, SINGLE_DEPTH_NESTING); 470 } 471 __set_current_state(TASK_RUNNING); 472 remove_wait_queue(sk_sleep(sk), &wait); 473 474 if (ret) 475 goto error; 476 477 newsock->state = SS_CONNECTED; 478 479 pr_debug("new socket %p\n", new_sk); 480 481 error: 482 release_sock(sk); 483 484 return ret; 485 } 486 487 static int llcp_sock_getname(struct socket *sock, struct sockaddr *uaddr, 488 int peer) 489 { 490 struct sock *sk = sock->sk; 491 struct nfc_llcp_sock *llcp_sock = nfc_llcp_sock(sk); 492 DECLARE_SOCKADDR(struct sockaddr_nfc_llcp *, llcp_addr, uaddr); 493 494 if (llcp_sock == NULL || llcp_sock->dev == NULL) 495 return -EBADFD; 496 497 pr_debug("%p %d %d %d\n", sk, llcp_sock->target_idx, 498 llcp_sock->dsap, llcp_sock->ssap); 499 500 memset(llcp_addr, 0, sizeof(*llcp_addr)); 501 502 lock_sock(sk); 503 if (!llcp_sock->dev) { 504 release_sock(sk); 505 return -EBADFD; 506 } 507 llcp_addr->sa_family = AF_NFC; 508 llcp_addr->dev_idx = llcp_sock->dev->idx; 509 llcp_addr->target_idx = llcp_sock->target_idx; 510 llcp_addr->nfc_protocol = llcp_sock->nfc_protocol; 511 llcp_addr->dsap = llcp_sock->dsap; 512 llcp_addr->ssap = llcp_sock->ssap; 513 llcp_addr->service_name_len = llcp_sock->service_name_len; 514 memcpy(llcp_addr->service_name, llcp_sock->service_name, 515 llcp_addr->service_name_len); 516 release_sock(sk); 517 518 return sizeof(struct sockaddr_nfc_llcp); 519 } 520 521 static inline __poll_t llcp_accept_poll(struct sock *parent) 522 { 523 struct nfc_llcp_sock *llcp_sock, *parent_sock; 524 struct sock *sk; 525 526 parent_sock = nfc_llcp_sock(parent); 527 528 list_for_each_entry(llcp_sock, &parent_sock->accept_queue, 529 accept_queue) { 530 sk = &llcp_sock->sk; 531 532 if (sk->sk_state == LLCP_CONNECTED) 533 return EPOLLIN | EPOLLRDNORM; 534 } 535 536 return 0; 537 } 538 539 static __poll_t llcp_sock_poll(struct file *file, struct socket *sock, 540 poll_table *wait) 541 { 542 struct sock *sk = sock->sk; 543 __poll_t mask = 0; 544 545 pr_debug("%p\n", sk); 546 547 sock_poll_wait(file, sock, wait); 548 549 if (sk->sk_state == LLCP_LISTEN) 550 return llcp_accept_poll(sk); 551 552 if (sk->sk_err || !skb_queue_empty(&sk->sk_error_queue)) 553 mask |= EPOLLERR | 554 (sock_flag(sk, SOCK_SELECT_ERR_QUEUE) ? EPOLLPRI : 0); 555 556 if (!skb_queue_empty(&sk->sk_receive_queue)) 557 mask |= EPOLLIN | EPOLLRDNORM; 558 559 if (sk->sk_state == LLCP_CLOSED) 560 mask |= EPOLLHUP; 561 562 if (sk->sk_shutdown & RCV_SHUTDOWN) 563 mask |= EPOLLRDHUP | EPOLLIN | EPOLLRDNORM; 564 565 if (sk->sk_shutdown == SHUTDOWN_MASK) 566 mask |= EPOLLHUP; 567 568 if (sock_writeable(sk) && sk->sk_state == LLCP_CONNECTED) 569 mask |= EPOLLOUT | EPOLLWRNORM | EPOLLWRBAND; 570 else 571 sk_set_bit(SOCKWQ_ASYNC_NOSPACE, sk); 572 573 pr_debug("mask 0x%x\n", mask); 574 575 return mask; 576 } 577 578 static int llcp_sock_release(struct socket *sock) 579 { 580 struct sock *sk = sock->sk; 581 struct nfc_llcp_local *local; 582 struct nfc_llcp_sock *llcp_sock = nfc_llcp_sock(sk); 583 int err = 0; 584 585 if (!sk) 586 return 0; 587 588 pr_debug("%p\n", sk); 589 590 local = llcp_sock->local; 591 if (local == NULL) { 592 err = -ENODEV; 593 goto out; 594 } 595 596 lock_sock(sk); 597 598 /* Send a DISC */ 599 if (sk->sk_state == LLCP_CONNECTED) 600 nfc_llcp_send_disconnect(llcp_sock); 601 602 if (sk->sk_state == LLCP_LISTEN) { 603 struct nfc_llcp_sock *lsk, *n; 604 struct sock *accept_sk; 605 606 list_for_each_entry_safe(lsk, n, &llcp_sock->accept_queue, 607 accept_queue) { 608 accept_sk = &lsk->sk; 609 lock_sock(accept_sk); 610 611 nfc_llcp_send_disconnect(lsk); 612 nfc_llcp_accept_unlink(accept_sk); 613 614 release_sock(accept_sk); 615 } 616 } 617 618 if (llcp_sock->reserved_ssap < LLCP_SAP_MAX) 619 nfc_llcp_put_ssap(llcp_sock->local, llcp_sock->ssap); 620 621 release_sock(sk); 622 623 /* Keep this sock alive and therefore do not remove it from the sockets 624 * list until the DISC PDU has been actually sent. Otherwise we would 625 * reply with DM PDUs before sending the DISC one. 626 */ 627 if (sk->sk_state == LLCP_DISCONNECTING) 628 return err; 629 630 if (sock->type == SOCK_RAW) 631 nfc_llcp_sock_unlink(&local->raw_sockets, sk); 632 else 633 nfc_llcp_sock_unlink(&local->sockets, sk); 634 635 out: 636 sock_orphan(sk); 637 sock_put(sk); 638 639 return err; 640 } 641 642 static int llcp_sock_connect(struct socket *sock, struct sockaddr *_addr, 643 int len, int flags) 644 { 645 struct sock *sk = sock->sk; 646 struct nfc_llcp_sock *llcp_sock = nfc_llcp_sock(sk); 647 struct sockaddr_nfc_llcp *addr = (struct sockaddr_nfc_llcp *)_addr; 648 struct nfc_dev *dev; 649 struct nfc_llcp_local *local; 650 int ret = 0; 651 652 pr_debug("sock %p sk %p flags 0x%x\n", sock, sk, flags); 653 654 if (!addr || len < sizeof(*addr) || addr->sa_family != AF_NFC) 655 return -EINVAL; 656 657 if (addr->service_name_len == 0 && addr->dsap == 0) 658 return -EINVAL; 659 660 pr_debug("addr dev_idx=%u target_idx=%u protocol=%u\n", addr->dev_idx, 661 addr->target_idx, addr->nfc_protocol); 662 663 lock_sock(sk); 664 665 if (sk->sk_state == LLCP_CONNECTED) { 666 ret = -EISCONN; 667 goto error; 668 } 669 670 dev = nfc_get_device(addr->dev_idx); 671 if (dev == NULL) { 672 ret = -ENODEV; 673 goto error; 674 } 675 676 local = nfc_llcp_find_local(dev); 677 if (local == NULL) { 678 ret = -ENODEV; 679 goto put_dev; 680 } 681 682 device_lock(&dev->dev); 683 if (dev->dep_link_up == false) { 684 ret = -ENOLINK; 685 device_unlock(&dev->dev); 686 goto put_dev; 687 } 688 device_unlock(&dev->dev); 689 690 if (local->rf_mode == NFC_RF_INITIATOR && 691 addr->target_idx != local->target_idx) { 692 ret = -ENOLINK; 693 goto put_dev; 694 } 695 696 llcp_sock->dev = dev; 697 llcp_sock->local = nfc_llcp_local_get(local); 698 llcp_sock->ssap = nfc_llcp_get_local_ssap(local); 699 if (llcp_sock->ssap == LLCP_SAP_MAX) { 700 ret = -ENOMEM; 701 goto put_dev; 702 } 703 704 llcp_sock->reserved_ssap = llcp_sock->ssap; 705 706 if (addr->service_name_len == 0) 707 llcp_sock->dsap = addr->dsap; 708 else 709 llcp_sock->dsap = LLCP_SAP_SDP; 710 llcp_sock->nfc_protocol = addr->nfc_protocol; 711 llcp_sock->service_name_len = min_t(unsigned int, 712 addr->service_name_len, 713 NFC_LLCP_MAX_SERVICE_NAME); 714 llcp_sock->service_name = kmemdup(addr->service_name, 715 llcp_sock->service_name_len, 716 GFP_KERNEL); 717 if (!llcp_sock->service_name) { 718 ret = -ENOMEM; 719 goto sock_llcp_release; 720 } 721 722 nfc_llcp_sock_link(&local->connecting_sockets, sk); 723 724 ret = nfc_llcp_send_connect(llcp_sock); 725 if (ret) 726 goto sock_unlink; 727 728 sk->sk_state = LLCP_CONNECTING; 729 730 ret = sock_wait_state(sk, LLCP_CONNECTED, 731 sock_sndtimeo(sk, flags & O_NONBLOCK)); 732 if (ret && ret != -EINPROGRESS) 733 goto sock_unlink; 734 735 release_sock(sk); 736 737 return ret; 738 739 sock_unlink: 740 nfc_llcp_sock_unlink(&local->connecting_sockets, sk); 741 742 sock_llcp_release: 743 nfc_llcp_put_ssap(local, llcp_sock->ssap); 744 745 put_dev: 746 nfc_put_device(dev); 747 748 error: 749 release_sock(sk); 750 return ret; 751 } 752 753 static int llcp_sock_sendmsg(struct socket *sock, struct msghdr *msg, 754 size_t len) 755 { 756 struct sock *sk = sock->sk; 757 struct nfc_llcp_sock *llcp_sock = nfc_llcp_sock(sk); 758 int ret; 759 760 pr_debug("sock %p sk %p", sock, sk); 761 762 ret = sock_error(sk); 763 if (ret) 764 return ret; 765 766 if (msg->msg_flags & MSG_OOB) 767 return -EOPNOTSUPP; 768 769 lock_sock(sk); 770 771 if (sk->sk_type == SOCK_DGRAM) { 772 DECLARE_SOCKADDR(struct sockaddr_nfc_llcp *, addr, 773 msg->msg_name); 774 775 if (msg->msg_namelen < sizeof(*addr)) { 776 release_sock(sk); 777 return -EINVAL; 778 } 779 780 release_sock(sk); 781 782 return nfc_llcp_send_ui_frame(llcp_sock, addr->dsap, addr->ssap, 783 msg, len); 784 } 785 786 if (sk->sk_state != LLCP_CONNECTED) { 787 release_sock(sk); 788 return -ENOTCONN; 789 } 790 791 release_sock(sk); 792 793 return nfc_llcp_send_i_frame(llcp_sock, msg, len); 794 } 795 796 static int llcp_sock_recvmsg(struct socket *sock, struct msghdr *msg, 797 size_t len, int flags) 798 { 799 int noblock = flags & MSG_DONTWAIT; 800 struct sock *sk = sock->sk; 801 unsigned int copied, rlen; 802 struct sk_buff *skb, *cskb; 803 int err = 0; 804 805 pr_debug("%p %zu\n", sk, len); 806 807 lock_sock(sk); 808 809 if (sk->sk_state == LLCP_CLOSED && 810 skb_queue_empty(&sk->sk_receive_queue)) { 811 release_sock(sk); 812 return 0; 813 } 814 815 release_sock(sk); 816 817 if (flags & (MSG_OOB)) 818 return -EOPNOTSUPP; 819 820 skb = skb_recv_datagram(sk, flags, noblock, &err); 821 if (!skb) { 822 pr_err("Recv datagram failed state %d %d %d", 823 sk->sk_state, err, sock_error(sk)); 824 825 if (sk->sk_shutdown & RCV_SHUTDOWN) 826 return 0; 827 828 return err; 829 } 830 831 rlen = skb->len; /* real length of skb */ 832 copied = min_t(unsigned int, rlen, len); 833 834 cskb = skb; 835 if (skb_copy_datagram_msg(cskb, 0, msg, copied)) { 836 if (!(flags & MSG_PEEK)) 837 skb_queue_head(&sk->sk_receive_queue, skb); 838 return -EFAULT; 839 } 840 841 sock_recv_timestamp(msg, sk, skb); 842 843 if (sk->sk_type == SOCK_DGRAM && msg->msg_name) { 844 struct nfc_llcp_ui_cb *ui_cb = nfc_llcp_ui_skb_cb(skb); 845 DECLARE_SOCKADDR(struct sockaddr_nfc_llcp *, sockaddr, 846 msg->msg_name); 847 848 msg->msg_namelen = sizeof(struct sockaddr_nfc_llcp); 849 850 pr_debug("Datagram socket %d %d\n", ui_cb->dsap, ui_cb->ssap); 851 852 memset(sockaddr, 0, sizeof(*sockaddr)); 853 sockaddr->sa_family = AF_NFC; 854 sockaddr->nfc_protocol = NFC_PROTO_NFC_DEP; 855 sockaddr->dsap = ui_cb->dsap; 856 sockaddr->ssap = ui_cb->ssap; 857 } 858 859 /* Mark read part of skb as used */ 860 if (!(flags & MSG_PEEK)) { 861 862 /* SOCK_STREAM: re-queue skb if it contains unreceived data */ 863 if (sk->sk_type == SOCK_STREAM || 864 sk->sk_type == SOCK_DGRAM || 865 sk->sk_type == SOCK_RAW) { 866 skb_pull(skb, copied); 867 if (skb->len) { 868 skb_queue_head(&sk->sk_receive_queue, skb); 869 goto done; 870 } 871 } 872 873 kfree_skb(skb); 874 } 875 876 /* XXX Queue backlogged skbs */ 877 878 done: 879 /* SOCK_SEQPACKET: return real length if MSG_TRUNC is set */ 880 if (sk->sk_type == SOCK_SEQPACKET && (flags & MSG_TRUNC)) 881 copied = rlen; 882 883 return copied; 884 } 885 886 static const struct proto_ops llcp_sock_ops = { 887 .family = PF_NFC, 888 .owner = THIS_MODULE, 889 .bind = llcp_sock_bind, 890 .connect = llcp_sock_connect, 891 .release = llcp_sock_release, 892 .socketpair = sock_no_socketpair, 893 .accept = llcp_sock_accept, 894 .getname = llcp_sock_getname, 895 .poll = llcp_sock_poll, 896 .ioctl = sock_no_ioctl, 897 .listen = llcp_sock_listen, 898 .shutdown = sock_no_shutdown, 899 .setsockopt = nfc_llcp_setsockopt, 900 .getsockopt = nfc_llcp_getsockopt, 901 .sendmsg = llcp_sock_sendmsg, 902 .recvmsg = llcp_sock_recvmsg, 903 .mmap = sock_no_mmap, 904 }; 905 906 static const struct proto_ops llcp_rawsock_ops = { 907 .family = PF_NFC, 908 .owner = THIS_MODULE, 909 .bind = llcp_raw_sock_bind, 910 .connect = sock_no_connect, 911 .release = llcp_sock_release, 912 .socketpair = sock_no_socketpair, 913 .accept = sock_no_accept, 914 .getname = llcp_sock_getname, 915 .poll = llcp_sock_poll, 916 .ioctl = sock_no_ioctl, 917 .listen = sock_no_listen, 918 .shutdown = sock_no_shutdown, 919 .setsockopt = sock_no_setsockopt, 920 .getsockopt = sock_no_getsockopt, 921 .sendmsg = sock_no_sendmsg, 922 .recvmsg = llcp_sock_recvmsg, 923 .mmap = sock_no_mmap, 924 }; 925 926 static void llcp_sock_destruct(struct sock *sk) 927 { 928 struct nfc_llcp_sock *llcp_sock = nfc_llcp_sock(sk); 929 930 pr_debug("%p\n", sk); 931 932 if (sk->sk_state == LLCP_CONNECTED) 933 nfc_put_device(llcp_sock->dev); 934 935 skb_queue_purge(&sk->sk_receive_queue); 936 937 nfc_llcp_sock_free(llcp_sock); 938 939 if (!sock_flag(sk, SOCK_DEAD)) { 940 pr_err("Freeing alive NFC LLCP socket %p\n", sk); 941 return; 942 } 943 } 944 945 struct sock *nfc_llcp_sock_alloc(struct socket *sock, int type, gfp_t gfp, int kern) 946 { 947 struct sock *sk; 948 struct nfc_llcp_sock *llcp_sock; 949 950 sk = sk_alloc(&init_net, PF_NFC, gfp, &llcp_sock_proto, kern); 951 if (!sk) 952 return NULL; 953 954 llcp_sock = nfc_llcp_sock(sk); 955 956 sock_init_data(sock, sk); 957 sk->sk_state = LLCP_CLOSED; 958 sk->sk_protocol = NFC_SOCKPROTO_LLCP; 959 sk->sk_type = type; 960 sk->sk_destruct = llcp_sock_destruct; 961 962 llcp_sock->ssap = 0; 963 llcp_sock->dsap = LLCP_SAP_SDP; 964 llcp_sock->rw = LLCP_MAX_RW + 1; 965 llcp_sock->miux = cpu_to_be16(LLCP_MAX_MIUX + 1); 966 llcp_sock->send_n = llcp_sock->send_ack_n = 0; 967 llcp_sock->recv_n = llcp_sock->recv_ack_n = 0; 968 llcp_sock->remote_ready = 1; 969 llcp_sock->reserved_ssap = LLCP_SAP_MAX; 970 nfc_llcp_socket_remote_param_init(llcp_sock); 971 skb_queue_head_init(&llcp_sock->tx_queue); 972 skb_queue_head_init(&llcp_sock->tx_pending_queue); 973 INIT_LIST_HEAD(&llcp_sock->accept_queue); 974 975 if (sock != NULL) 976 sock->state = SS_UNCONNECTED; 977 978 return sk; 979 } 980 981 void nfc_llcp_sock_free(struct nfc_llcp_sock *sock) 982 { 983 kfree(sock->service_name); 984 985 skb_queue_purge(&sock->tx_queue); 986 skb_queue_purge(&sock->tx_pending_queue); 987 988 list_del_init(&sock->accept_queue); 989 990 sock->parent = NULL; 991 992 nfc_llcp_local_put(sock->local); 993 } 994 995 static int llcp_sock_create(struct net *net, struct socket *sock, 996 const struct nfc_protocol *nfc_proto, int kern) 997 { 998 struct sock *sk; 999 1000 pr_debug("%p\n", sock); 1001 1002 if (sock->type != SOCK_STREAM && 1003 sock->type != SOCK_DGRAM && 1004 sock->type != SOCK_RAW) 1005 return -ESOCKTNOSUPPORT; 1006 1007 if (sock->type == SOCK_RAW) { 1008 if (!capable(CAP_NET_RAW)) 1009 return -EPERM; 1010 sock->ops = &llcp_rawsock_ops; 1011 } else { 1012 sock->ops = &llcp_sock_ops; 1013 } 1014 1015 sk = nfc_llcp_sock_alloc(sock, sock->type, GFP_ATOMIC, kern); 1016 if (sk == NULL) 1017 return -ENOMEM; 1018 1019 return 0; 1020 } 1021 1022 static const struct nfc_protocol llcp_nfc_proto = { 1023 .id = NFC_SOCKPROTO_LLCP, 1024 .proto = &llcp_sock_proto, 1025 .owner = THIS_MODULE, 1026 .create = llcp_sock_create 1027 }; 1028 1029 int __init nfc_llcp_sock_init(void) 1030 { 1031 return nfc_proto_register(&llcp_nfc_proto); 1032 } 1033 1034 void nfc_llcp_sock_exit(void) 1035 { 1036 nfc_proto_unregister(&llcp_nfc_proto); 1037 } 1038