1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23 */
24
25 /* Bluetooth address family and sockets. */
26
27 #include <linux/module.h>
28 #include <linux/debugfs.h>
29 #include <linux/stringify.h>
30 #include <linux/sched/signal.h>
31
32 #include <asm/ioctls.h>
33
34 #include <net/bluetooth/bluetooth.h>
35 #include <linux/proc_fs.h>
36
37 #include <linux/ethtool.h>
38 #include <linux/sockios.h>
39
40 #include "leds.h"
41 #include "selftest.h"
42
43 /* Bluetooth sockets */
44 #define BT_MAX_PROTO (BTPROTO_LAST + 1)
45 static const struct net_proto_family *bt_proto[BT_MAX_PROTO];
46 static DEFINE_RWLOCK(bt_proto_lock);
47
48 static struct lock_class_key bt_lock_key[BT_MAX_PROTO];
49 static const char *const bt_key_strings[BT_MAX_PROTO] = {
50 "sk_lock-AF_BLUETOOTH-BTPROTO_L2CAP",
51 "sk_lock-AF_BLUETOOTH-BTPROTO_HCI",
52 "sk_lock-AF_BLUETOOTH-BTPROTO_SCO",
53 "sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM",
54 "sk_lock-AF_BLUETOOTH-BTPROTO_BNEP",
55 "sk_lock-AF_BLUETOOTH-BTPROTO_CMTP",
56 "sk_lock-AF_BLUETOOTH-BTPROTO_HIDP",
57 "sk_lock-AF_BLUETOOTH-BTPROTO_AVDTP",
58 "sk_lock-AF_BLUETOOTH-BTPROTO_ISO",
59 };
60
61 static struct lock_class_key bt_slock_key[BT_MAX_PROTO];
62 static const char *const bt_slock_key_strings[BT_MAX_PROTO] = {
63 "slock-AF_BLUETOOTH-BTPROTO_L2CAP",
64 "slock-AF_BLUETOOTH-BTPROTO_HCI",
65 "slock-AF_BLUETOOTH-BTPROTO_SCO",
66 "slock-AF_BLUETOOTH-BTPROTO_RFCOMM",
67 "slock-AF_BLUETOOTH-BTPROTO_BNEP",
68 "slock-AF_BLUETOOTH-BTPROTO_CMTP",
69 "slock-AF_BLUETOOTH-BTPROTO_HIDP",
70 "slock-AF_BLUETOOTH-BTPROTO_AVDTP",
71 "slock-AF_BLUETOOTH-BTPROTO_ISO",
72 };
73
bt_sock_reclassify_lock(struct sock * sk,int proto)74 void bt_sock_reclassify_lock(struct sock *sk, int proto)
75 {
76 BUG_ON(!sk);
77 BUG_ON(!sock_allow_reclassification(sk));
78
79 sock_lock_init_class_and_name(sk,
80 bt_slock_key_strings[proto], &bt_slock_key[proto],
81 bt_key_strings[proto], &bt_lock_key[proto]);
82 }
83 EXPORT_SYMBOL(bt_sock_reclassify_lock);
84
bt_sock_register(int proto,const struct net_proto_family * ops)85 int bt_sock_register(int proto, const struct net_proto_family *ops)
86 {
87 int err = 0;
88
89 if (proto < 0 || proto >= BT_MAX_PROTO)
90 return -EINVAL;
91
92 write_lock(&bt_proto_lock);
93
94 if (bt_proto[proto])
95 err = -EEXIST;
96 else
97 bt_proto[proto] = ops;
98
99 write_unlock(&bt_proto_lock);
100
101 return err;
102 }
103 EXPORT_SYMBOL(bt_sock_register);
104
bt_sock_unregister(int proto)105 void bt_sock_unregister(int proto)
106 {
107 if (proto < 0 || proto >= BT_MAX_PROTO)
108 return;
109
110 write_lock(&bt_proto_lock);
111 bt_proto[proto] = NULL;
112 write_unlock(&bt_proto_lock);
113 }
114 EXPORT_SYMBOL(bt_sock_unregister);
115
bt_sock_create(struct net * net,struct socket * sock,int proto,int kern)116 static int bt_sock_create(struct net *net, struct socket *sock, int proto,
117 int kern)
118 {
119 int err;
120
121 if (net != &init_net)
122 return -EAFNOSUPPORT;
123
124 if (proto < 0 || proto >= BT_MAX_PROTO)
125 return -EINVAL;
126
127 if (!bt_proto[proto])
128 request_module("bt-proto-%d", proto);
129
130 err = -EPROTONOSUPPORT;
131
132 read_lock(&bt_proto_lock);
133
134 if (bt_proto[proto] && try_module_get(bt_proto[proto]->owner)) {
135 err = bt_proto[proto]->create(net, sock, proto, kern);
136 if (!err)
137 bt_sock_reclassify_lock(sock->sk, proto);
138 module_put(bt_proto[proto]->owner);
139 }
140
141 read_unlock(&bt_proto_lock);
142
143 return err;
144 }
145
bt_sock_alloc(struct net * net,struct socket * sock,struct proto * prot,int proto,gfp_t prio,int kern)146 struct sock *bt_sock_alloc(struct net *net, struct socket *sock,
147 struct proto *prot, int proto, gfp_t prio, int kern)
148 {
149 struct sock *sk;
150
151 sk = sk_alloc(net, PF_BLUETOOTH, prio, prot, kern);
152 if (!sk)
153 return NULL;
154
155 sock_init_data(sock, sk);
156 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
157 spin_lock_init(&bt_sk(sk)->accept_q_lock);
158
159 sock_reset_flag(sk, SOCK_ZAPPED);
160
161 sk->sk_protocol = proto;
162 sk->sk_state = BT_OPEN;
163
164 /* Init peer information so it can be properly monitored */
165 if (!kern) {
166 spin_lock(&sk->sk_peer_lock);
167 sk->sk_peer_pid = get_pid(task_tgid(current));
168 sk->sk_peer_cred = get_current_cred();
169 spin_unlock(&sk->sk_peer_lock);
170 }
171
172 return sk;
173 }
174 EXPORT_SYMBOL(bt_sock_alloc);
175
bt_sock_link(struct bt_sock_list * l,struct sock * sk)176 void bt_sock_link(struct bt_sock_list *l, struct sock *sk)
177 {
178 write_lock(&l->lock);
179 sk_add_node(sk, &l->head);
180 write_unlock(&l->lock);
181 }
182 EXPORT_SYMBOL(bt_sock_link);
183
bt_sock_unlink(struct bt_sock_list * l,struct sock * sk)184 void bt_sock_unlink(struct bt_sock_list *l, struct sock *sk)
185 {
186 write_lock(&l->lock);
187 sk_del_node_init(sk);
188 write_unlock(&l->lock);
189 }
190 EXPORT_SYMBOL(bt_sock_unlink);
191
bt_sock_linked(struct bt_sock_list * l,struct sock * s)192 bool bt_sock_linked(struct bt_sock_list *l, struct sock *s)
193 {
194 struct sock *sk;
195
196 if (!l || !s)
197 return false;
198
199 read_lock(&l->lock);
200
201 sk_for_each(sk, &l->head) {
202 if (s == sk) {
203 read_unlock(&l->lock);
204 return true;
205 }
206 }
207
208 read_unlock(&l->lock);
209
210 return false;
211 }
212 EXPORT_SYMBOL(bt_sock_linked);
213
bt_accept_enqueue(struct sock * parent,struct sock * sk,bool bh)214 void bt_accept_enqueue(struct sock *parent, struct sock *sk, bool bh)
215 {
216 const struct cred *old_cred;
217 struct pid *old_pid;
218 struct bt_sock *par = bt_sk(parent);
219
220 BT_DBG("parent %p, sk %p", parent, sk);
221
222 sock_hold(sk);
223
224 if (bh)
225 bh_lock_sock_nested(sk);
226 else
227 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
228
229 bt_sk(sk)->parent = parent;
230
231 spin_lock_bh(&par->accept_q_lock);
232 list_add_tail(&bt_sk(sk)->accept_q, &par->accept_q);
233 sk_acceptq_added(parent);
234 spin_unlock_bh(&par->accept_q_lock);
235
236 /* Copy credentials from parent since for incoming connections the
237 * socket is allocated by the kernel.
238 */
239 spin_lock(&sk->sk_peer_lock);
240 old_pid = sk->sk_peer_pid;
241 old_cred = sk->sk_peer_cred;
242 sk->sk_peer_pid = get_pid(parent->sk_peer_pid);
243 sk->sk_peer_cred = get_cred(parent->sk_peer_cred);
244 spin_unlock(&sk->sk_peer_lock);
245
246 put_pid(old_pid);
247 put_cred(old_cred);
248
249 if (bh)
250 bh_unlock_sock(sk);
251 else
252 release_sock(sk);
253 }
254 EXPORT_SYMBOL(bt_accept_enqueue);
255
256 /* Calling function must hold the sk lock.
257 * bt_sk(sk)->parent must be non-NULL meaning sk is in the parent list.
258 */
bt_accept_unlink(struct sock * sk)259 void bt_accept_unlink(struct sock *sk)
260 {
261 struct sock *parent = bt_sk(sk)->parent;
262
263 BT_DBG("sk %p state %d", sk, sk->sk_state);
264
265 spin_lock_bh(&bt_sk(parent)->accept_q_lock);
266 list_del_init(&bt_sk(sk)->accept_q);
267 sk_acceptq_removed(parent);
268 spin_unlock_bh(&bt_sk(parent)->accept_q_lock);
269 bt_sk(sk)->parent = NULL;
270 sock_put(sk);
271 }
272 EXPORT_SYMBOL(bt_accept_unlink);
273
bt_accept_get(struct sock * parent,struct sock * sk)274 static struct sock *bt_accept_get(struct sock *parent, struct sock *sk)
275 {
276 struct bt_sock *bt = bt_sk(parent);
277 struct sock *next = NULL;
278
279 /* accept_q is modified from child teardown paths too, so take a
280 * temporary reference before dropping the queue lock.
281 */
282 spin_lock_bh(&bt->accept_q_lock);
283
284 if (sk) {
285 if (bt_sk(sk)->parent != parent)
286 goto out;
287
288 if (!list_is_last(&bt_sk(sk)->accept_q, &bt->accept_q)) {
289 next = &list_next_entry(bt_sk(sk), accept_q)->sk;
290 sock_hold(next);
291 }
292 } else if (!list_empty(&bt->accept_q)) {
293 next = &list_first_entry(&bt->accept_q,
294 struct bt_sock, accept_q)->sk;
295 sock_hold(next);
296 }
297
298 out:
299 spin_unlock_bh(&bt->accept_q_lock);
300 return next;
301 }
302
bt_accept_dequeue(struct sock * parent,struct socket * newsock)303 struct sock *bt_accept_dequeue(struct sock *parent, struct socket *newsock)
304 {
305 struct sock *sk, *next;
306
307 BT_DBG("parent %p", parent);
308
309 restart:
310 for (sk = bt_accept_get(parent, NULL); sk; sk = next) {
311 /* Prevent early freeing of sk due to unlink and sock_kill */
312 lock_sock(sk);
313
314 /* Check sk has not already been unlinked via
315 * bt_accept_unlink() due to serialisation caused by sk locking
316 */
317 if (bt_sk(sk)->parent != parent) {
318 BT_DBG("sk %p, already unlinked", sk);
319 release_sock(sk);
320 sock_put(sk);
321
322 goto restart;
323 }
324
325 next = bt_accept_get(parent, sk);
326
327 /* sk is safely in the parent list so reduce reference count */
328 sock_put(sk);
329
330 /* FIXME: Is this check still needed */
331 if (sk->sk_state == BT_CLOSED) {
332 bt_accept_unlink(sk);
333 release_sock(sk);
334 continue;
335 }
336
337 if (sk->sk_state == BT_CONNECTED || !newsock ||
338 test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags)) {
339 bt_accept_unlink(sk);
340 if (newsock)
341 sock_graft(sk, newsock);
342
343 /* Hand the caller a reference taken while sk is
344 * still locked. bt_accept_unlink() just dropped
345 * the accept-queue reference; without this hold a
346 * concurrent teardown (e.g. l2cap_conn_del() ->
347 * l2cap_sock_kill()) could free sk between
348 * release_sock() and the caller using it. Every
349 * caller drops this with sock_put() when done.
350 */
351 sock_hold(sk);
352
353 release_sock(sk);
354 if (next)
355 sock_put(next);
356 return sk;
357 }
358
359 release_sock(sk);
360 }
361
362 return NULL;
363 }
364 EXPORT_SYMBOL(bt_accept_dequeue);
365
bt_sock_recvmsg(struct socket * sock,struct msghdr * msg,size_t len,int flags)366 int bt_sock_recvmsg(struct socket *sock, struct msghdr *msg, size_t len,
367 int flags)
368 {
369 struct sock *sk = sock->sk;
370 struct sk_buff *skb;
371 size_t copied;
372 size_t skblen;
373 int err;
374
375 BT_DBG("sock %p sk %p len %zu", sock, sk, len);
376
377 if (flags & MSG_OOB)
378 return -EOPNOTSUPP;
379
380 skb = skb_recv_datagram(sk, flags, &err);
381 if (!skb) {
382 if (sk->sk_shutdown & RCV_SHUTDOWN)
383 err = 0;
384
385 return err;
386 }
387
388 skblen = skb->len;
389 copied = skb->len;
390 if (len < copied) {
391 msg->msg_flags |= MSG_TRUNC;
392 copied = len;
393 }
394
395 skb_reset_transport_header(skb);
396 err = skb_copy_datagram_msg(skb, 0, msg, copied);
397 if (err == 0) {
398 sock_recv_cmsgs(msg, sk, skb);
399
400 if (msg->msg_name && bt_sk(sk)->skb_msg_name)
401 bt_sk(sk)->skb_msg_name(skb, msg->msg_name,
402 &msg->msg_namelen);
403
404 if (test_bit(BT_SK_PKT_STATUS, &bt_sk(sk)->flags)) {
405 u8 pkt_status = hci_skb_pkt_status(skb);
406
407 put_cmsg(msg, SOL_BLUETOOTH, BT_SCM_PKT_STATUS,
408 sizeof(pkt_status), &pkt_status);
409 }
410
411 if (test_bit(BT_SK_PKT_SEQNUM, &bt_sk(sk)->flags)) {
412 u16 pkt_seqnum = hci_skb_pkt_seqnum(skb);
413
414 put_cmsg(msg, SOL_BLUETOOTH, BT_SCM_PKT_SEQNUM,
415 sizeof(pkt_seqnum), &pkt_seqnum);
416 }
417 }
418
419 skb_free_datagram(sk, skb);
420
421 if (flags & MSG_TRUNC)
422 copied = skblen;
423
424 return err ? : copied;
425 }
426 EXPORT_SYMBOL(bt_sock_recvmsg);
427
bt_sock_data_wait(struct sock * sk,long timeo)428 static long bt_sock_data_wait(struct sock *sk, long timeo)
429 {
430 DECLARE_WAITQUEUE(wait, current);
431
432 add_wait_queue(sk_sleep(sk), &wait);
433 for (;;) {
434 set_current_state(TASK_INTERRUPTIBLE);
435
436 if (!skb_queue_empty(&sk->sk_receive_queue))
437 break;
438
439 if (sk->sk_err || (sk->sk_shutdown & RCV_SHUTDOWN))
440 break;
441
442 if (signal_pending(current) || !timeo)
443 break;
444
445 sk_set_bit(SOCKWQ_ASYNC_WAITDATA, sk);
446 release_sock(sk);
447 timeo = schedule_timeout(timeo);
448 lock_sock(sk);
449 sk_clear_bit(SOCKWQ_ASYNC_WAITDATA, sk);
450 }
451
452 __set_current_state(TASK_RUNNING);
453 remove_wait_queue(sk_sleep(sk), &wait);
454 return timeo;
455 }
456
bt_sock_stream_recvmsg(struct socket * sock,struct msghdr * msg,size_t size,int flags)457 int bt_sock_stream_recvmsg(struct socket *sock, struct msghdr *msg,
458 size_t size, int flags)
459 {
460 struct sock *sk = sock->sk;
461 int err = 0;
462 size_t target, copied = 0;
463 long timeo;
464
465 if (flags & MSG_OOB)
466 return -EOPNOTSUPP;
467
468 BT_DBG("sk %p size %zu", sk, size);
469
470 lock_sock(sk);
471
472 target = sock_rcvlowat(sk, flags & MSG_WAITALL, size);
473 timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
474
475 do {
476 struct sk_buff *skb;
477 int chunk;
478
479 skb = skb_dequeue(&sk->sk_receive_queue);
480 if (!skb) {
481 if (copied >= target)
482 break;
483
484 err = sock_error(sk);
485 if (err)
486 break;
487 if (sk->sk_shutdown & RCV_SHUTDOWN)
488 break;
489
490 err = -EAGAIN;
491 if (!timeo)
492 break;
493
494 timeo = bt_sock_data_wait(sk, timeo);
495
496 if (signal_pending(current)) {
497 err = sock_intr_errno(timeo);
498 goto out;
499 }
500 continue;
501 }
502
503 chunk = min_t(unsigned int, skb->len, size);
504 if (skb_copy_datagram_msg(skb, 0, msg, chunk)) {
505 skb_queue_head(&sk->sk_receive_queue, skb);
506 if (!copied)
507 copied = -EFAULT;
508 break;
509 }
510 copied += chunk;
511 size -= chunk;
512
513 sock_recv_cmsgs(msg, sk, skb);
514
515 if (!(flags & MSG_PEEK)) {
516 int skb_len = skb_headlen(skb);
517
518 if (chunk <= skb_len) {
519 __skb_pull(skb, chunk);
520 } else {
521 struct sk_buff *frag;
522
523 __skb_pull(skb, skb_len);
524 chunk -= skb_len;
525
526 skb_walk_frags(skb, frag) {
527 if (chunk <= frag->len) {
528 /* Pulling partial data */
529 skb->len -= chunk;
530 skb->data_len -= chunk;
531 __skb_pull(frag, chunk);
532 break;
533 } else if (frag->len) {
534 /* Pulling all frag data */
535 chunk -= frag->len;
536 skb->len -= frag->len;
537 skb->data_len -= frag->len;
538 __skb_pull(frag, frag->len);
539 }
540 }
541 }
542
543 if (skb->len) {
544 skb_queue_head(&sk->sk_receive_queue, skb);
545 break;
546 }
547 kfree_skb(skb);
548
549 } else {
550 /* put message back and return */
551 skb_queue_head(&sk->sk_receive_queue, skb);
552 break;
553 }
554 } while (size);
555
556 out:
557 release_sock(sk);
558 return copied ? : err;
559 }
560 EXPORT_SYMBOL(bt_sock_stream_recvmsg);
561
bt_accept_poll(struct sock * parent)562 static inline __poll_t bt_accept_poll(struct sock *parent)
563 {
564 struct bt_sock *bt = bt_sk(parent);
565 struct bt_sock *s;
566 struct sock *sk;
567 __poll_t mask = 0;
568
569 spin_lock_bh(&bt->accept_q_lock);
570 list_for_each_entry(s, &bt->accept_q, accept_q) {
571 int state;
572
573 sk = (struct sock *)s;
574 state = READ_ONCE(sk->sk_state);
575
576 if (state == BT_CONNECTED ||
577 (test_bit(BT_SK_DEFER_SETUP, &bt->flags) &&
578 state == BT_CONNECT2)) {
579 mask = EPOLLIN | EPOLLRDNORM;
580 break;
581 }
582 }
583 spin_unlock_bh(&bt->accept_q_lock);
584
585 return mask;
586 }
587
bt_sock_poll(struct file * file,struct socket * sock,poll_table * wait)588 __poll_t bt_sock_poll(struct file *file, struct socket *sock,
589 poll_table *wait)
590 {
591 struct sock *sk = sock->sk;
592 __poll_t mask = 0;
593
594 poll_wait(file, sk_sleep(sk), wait);
595
596 if (sk->sk_state == BT_LISTEN)
597 return bt_accept_poll(sk);
598
599 if (sk->sk_err || !skb_queue_empty_lockless(&sk->sk_error_queue))
600 mask |= EPOLLERR |
601 (sock_flag(sk, SOCK_SELECT_ERR_QUEUE) ? EPOLLPRI : 0);
602
603 if (sk->sk_shutdown & RCV_SHUTDOWN)
604 mask |= EPOLLRDHUP | EPOLLIN | EPOLLRDNORM;
605
606 if (sk->sk_shutdown == SHUTDOWN_MASK)
607 mask |= EPOLLHUP;
608
609 if (!skb_queue_empty_lockless(&sk->sk_receive_queue))
610 mask |= EPOLLIN | EPOLLRDNORM;
611
612 if (sk->sk_state == BT_CLOSED)
613 mask |= EPOLLHUP;
614
615 if (sk->sk_state == BT_CONNECT ||
616 sk->sk_state == BT_CONNECT2 ||
617 sk->sk_state == BT_CONFIG)
618 return mask;
619
620 if (!test_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags) && sock_writeable(sk))
621 mask |= EPOLLOUT | EPOLLWRNORM | EPOLLWRBAND;
622 else
623 sk_set_bit(SOCKWQ_ASYNC_NOSPACE, sk);
624
625 return mask;
626 }
627 EXPORT_SYMBOL(bt_sock_poll);
628
bt_ethtool_get_ts_info(struct sock * sk,unsigned int index,void __user * useraddr)629 static int bt_ethtool_get_ts_info(struct sock *sk, unsigned int index,
630 void __user *useraddr)
631 {
632 struct ethtool_ts_info info;
633 struct kernel_ethtool_ts_info ts_info = {};
634 int ret;
635
636 ret = hci_ethtool_ts_info(index, sk->sk_protocol, &ts_info);
637 if (ret == -ENODEV)
638 return ret;
639 else if (ret < 0)
640 return -EIO;
641
642 memset(&info, 0, sizeof(info));
643
644 info.cmd = ETHTOOL_GET_TS_INFO;
645 info.so_timestamping = ts_info.so_timestamping;
646 info.phc_index = ts_info.phc_index;
647 info.tx_types = ts_info.tx_types;
648 info.rx_filters = ts_info.rx_filters;
649
650 if (copy_to_user(useraddr, &info, sizeof(info)))
651 return -EFAULT;
652
653 return 0;
654 }
655
bt_ethtool(struct sock * sk,const struct ifreq * ifr,void __user * useraddr)656 static int bt_ethtool(struct sock *sk, const struct ifreq *ifr,
657 void __user *useraddr)
658 {
659 unsigned int index;
660 u32 ethcmd;
661 int n;
662
663 if (copy_from_user(ðcmd, useraddr, sizeof(ethcmd)))
664 return -EFAULT;
665
666 if (sscanf(ifr->ifr_name, "hci%u%n", &index, &n) != 1 ||
667 n != strlen(ifr->ifr_name))
668 return -ENODEV;
669
670 switch (ethcmd) {
671 case ETHTOOL_GET_TS_INFO:
672 return bt_ethtool_get_ts_info(sk, index, useraddr);
673 }
674
675 return -EOPNOTSUPP;
676 }
677
bt_dev_ioctl(struct socket * sock,unsigned int cmd,void __user * arg)678 static int bt_dev_ioctl(struct socket *sock, unsigned int cmd, void __user *arg)
679 {
680 struct sock *sk = sock->sk;
681 struct ifreq ifr = {};
682 void __user *data;
683 char *colon;
684 int ret = -ENOIOCTLCMD;
685
686 if (get_user_ifreq(&ifr, &data, arg))
687 return -EFAULT;
688
689 ifr.ifr_name[IFNAMSIZ - 1] = 0;
690 colon = strchr(ifr.ifr_name, ':');
691 if (colon)
692 *colon = 0;
693
694 switch (cmd) {
695 case SIOCETHTOOL:
696 ret = bt_ethtool(sk, &ifr, data);
697 break;
698 }
699
700 if (colon)
701 *colon = ':';
702
703 if (put_user_ifreq(&ifr, arg))
704 return -EFAULT;
705
706 return ret;
707 }
708
bt_sock_ioctl(struct socket * sock,unsigned int cmd,unsigned long arg)709 int bt_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
710 {
711 struct sock *sk = sock->sk;
712 struct sk_buff *skb;
713 long amount;
714 int err;
715
716 BT_DBG("sk %p cmd %x arg %lx", sk, cmd, arg);
717
718 switch (cmd) {
719 case TIOCOUTQ:
720 if (sk->sk_state == BT_LISTEN)
721 return -EINVAL;
722
723 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk);
724 if (amount < 0)
725 amount = 0;
726 err = put_user(amount, (int __user *)arg);
727 break;
728
729 case TIOCINQ:
730 if (sk->sk_state == BT_LISTEN)
731 return -EINVAL;
732
733 spin_lock(&sk->sk_receive_queue.lock);
734 skb = skb_peek(&sk->sk_receive_queue);
735 amount = skb ? skb->len : 0;
736 spin_unlock(&sk->sk_receive_queue.lock);
737
738 err = put_user(amount, (int __user *)arg);
739 break;
740
741 case SIOCETHTOOL:
742 err = bt_dev_ioctl(sock, cmd, (void __user *)arg);
743 break;
744
745 default:
746 err = -ENOIOCTLCMD;
747 break;
748 }
749
750 return err;
751 }
752 EXPORT_SYMBOL(bt_sock_ioctl);
753
754 /* This function expects the sk lock to be held when called */
bt_sock_wait_state(struct sock * sk,int state,unsigned long timeo)755 int bt_sock_wait_state(struct sock *sk, int state, unsigned long timeo)
756 {
757 DECLARE_WAITQUEUE(wait, current);
758 int err = 0;
759
760 BT_DBG("sk %p", sk);
761
762 add_wait_queue(sk_sleep(sk), &wait);
763 set_current_state(TASK_INTERRUPTIBLE);
764 while (sk->sk_state != state) {
765 if (!timeo) {
766 err = -EINPROGRESS;
767 break;
768 }
769
770 if (signal_pending(current)) {
771 err = sock_intr_errno(timeo);
772 break;
773 }
774
775 release_sock(sk);
776 timeo = schedule_timeout(timeo);
777 lock_sock(sk);
778 set_current_state(TASK_INTERRUPTIBLE);
779
780 err = sock_error(sk);
781 if (err)
782 break;
783 }
784 __set_current_state(TASK_RUNNING);
785 remove_wait_queue(sk_sleep(sk), &wait);
786 return err;
787 }
788 EXPORT_SYMBOL(bt_sock_wait_state);
789
790 /* This function expects the sk lock to be held when called */
bt_sock_wait_ready(struct sock * sk,unsigned int msg_flags)791 int bt_sock_wait_ready(struct sock *sk, unsigned int msg_flags)
792 {
793 DECLARE_WAITQUEUE(wait, current);
794 unsigned long timeo;
795 int err = 0;
796
797 BT_DBG("sk %p", sk);
798
799 timeo = sock_sndtimeo(sk, !!(msg_flags & MSG_DONTWAIT));
800
801 add_wait_queue(sk_sleep(sk), &wait);
802 set_current_state(TASK_INTERRUPTIBLE);
803 while (test_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags)) {
804 if (!timeo) {
805 err = -EAGAIN;
806 break;
807 }
808
809 if (signal_pending(current)) {
810 err = sock_intr_errno(timeo);
811 break;
812 }
813
814 release_sock(sk);
815 timeo = schedule_timeout(timeo);
816 lock_sock(sk);
817 set_current_state(TASK_INTERRUPTIBLE);
818
819 err = sock_error(sk);
820 if (err)
821 break;
822 }
823 __set_current_state(TASK_RUNNING);
824 remove_wait_queue(sk_sleep(sk), &wait);
825
826 return err;
827 }
828 EXPORT_SYMBOL(bt_sock_wait_ready);
829
830 #ifdef CONFIG_PROC_FS
bt_seq_start(struct seq_file * seq,loff_t * pos)831 static void *bt_seq_start(struct seq_file *seq, loff_t *pos)
832 __acquires(seq->private->l->lock)
833 {
834 struct bt_sock_list *l = pde_data(file_inode(seq->file));
835
836 read_lock(&l->lock);
837 return seq_hlist_start_head(&l->head, *pos);
838 }
839
bt_seq_next(struct seq_file * seq,void * v,loff_t * pos)840 static void *bt_seq_next(struct seq_file *seq, void *v, loff_t *pos)
841 {
842 struct bt_sock_list *l = pde_data(file_inode(seq->file));
843
844 return seq_hlist_next(v, &l->head, pos);
845 }
846
bt_seq_stop(struct seq_file * seq,void * v)847 static void bt_seq_stop(struct seq_file *seq, void *v)
848 __releases(seq->private->l->lock)
849 {
850 struct bt_sock_list *l = pde_data(file_inode(seq->file));
851
852 read_unlock(&l->lock);
853 }
854
bt_seq_show(struct seq_file * seq,void * v)855 static int bt_seq_show(struct seq_file *seq, void *v)
856 {
857 struct bt_sock_list *l = pde_data(file_inode(seq->file));
858
859 if (v == SEQ_START_TOKEN) {
860 seq_puts(seq, "sk RefCnt Rmem Wmem User Inode Parent");
861
862 if (l->custom_seq_show) {
863 seq_putc(seq, ' ');
864 l->custom_seq_show(seq, v);
865 }
866
867 seq_putc(seq, '\n');
868 } else {
869 struct sock *sk = sk_entry(v);
870 struct bt_sock *bt = bt_sk(sk);
871
872 seq_printf(seq,
873 "%pK %-6d %-6u %-6u %-6u %-6llu %-6llu",
874 sk,
875 refcount_read(&sk->sk_refcnt),
876 sk_rmem_alloc_get(sk),
877 sk_wmem_alloc_get(sk),
878 from_kuid(seq_user_ns(seq), sk_uid(sk)),
879 sock_i_ino(sk),
880 bt->parent ? sock_i_ino(bt->parent) : 0ULL);
881
882 if (l->custom_seq_show) {
883 seq_putc(seq, ' ');
884 l->custom_seq_show(seq, v);
885 }
886
887 seq_putc(seq, '\n');
888 }
889 return 0;
890 }
891
892 static const struct seq_operations bt_seq_ops = {
893 .start = bt_seq_start,
894 .next = bt_seq_next,
895 .stop = bt_seq_stop,
896 .show = bt_seq_show,
897 };
898
bt_procfs_init(struct net * net,const char * name,struct bt_sock_list * sk_list,int (* seq_show)(struct seq_file *,void *))899 int bt_procfs_init(struct net *net, const char *name,
900 struct bt_sock_list *sk_list,
901 int (*seq_show)(struct seq_file *, void *))
902 {
903 sk_list->custom_seq_show = seq_show;
904
905 if (!proc_create_seq_data(name, 0, net->proc_net, &bt_seq_ops, sk_list))
906 return -ENOMEM;
907 return 0;
908 }
909
bt_procfs_cleanup(struct net * net,const char * name)910 void bt_procfs_cleanup(struct net *net, const char *name)
911 {
912 remove_proc_entry(name, net->proc_net);
913 }
914 #else
bt_procfs_init(struct net * net,const char * name,struct bt_sock_list * sk_list,int (* seq_show)(struct seq_file *,void *))915 int bt_procfs_init(struct net *net, const char *name,
916 struct bt_sock_list *sk_list,
917 int (*seq_show)(struct seq_file *, void *))
918 {
919 return 0;
920 }
921
bt_procfs_cleanup(struct net * net,const char * name)922 void bt_procfs_cleanup(struct net *net, const char *name)
923 {
924 }
925 #endif
926 EXPORT_SYMBOL(bt_procfs_init);
927 EXPORT_SYMBOL(bt_procfs_cleanup);
928
929 static const struct net_proto_family bt_sock_family_ops = {
930 .owner = THIS_MODULE,
931 .family = PF_BLUETOOTH,
932 .create = bt_sock_create,
933 };
934
935 struct dentry *bt_debugfs;
936 EXPORT_SYMBOL_GPL(bt_debugfs);
937
938 #define VERSION __stringify(BT_SUBSYS_VERSION) "." \
939 __stringify(BT_SUBSYS_REVISION)
940
bt_init(void)941 static int __init bt_init(void)
942 {
943 int err;
944
945 sock_skb_cb_check_size(sizeof(struct bt_skb_cb));
946
947 BT_INFO("Core ver %s", VERSION);
948
949 err = bt_selftest();
950 if (err < 0)
951 return err;
952
953 bt_debugfs = debugfs_create_dir("bluetooth", NULL);
954
955 bt_leds_init();
956
957 err = bt_sysfs_init();
958 if (err < 0)
959 goto cleanup_led;
960
961 err = sock_register(&bt_sock_family_ops);
962 if (err)
963 goto cleanup_sysfs;
964
965 BT_INFO("HCI device and connection manager initialized");
966
967 err = hci_sock_init();
968 if (err)
969 goto unregister_socket;
970
971 err = l2cap_init();
972 if (err)
973 goto cleanup_socket;
974
975 err = sco_init();
976 if (err)
977 goto cleanup_cap;
978
979 err = mgmt_init();
980 if (err)
981 goto cleanup_sco;
982
983 return 0;
984
985 cleanup_sco:
986 sco_exit();
987 cleanup_cap:
988 l2cap_exit();
989 cleanup_socket:
990 hci_sock_cleanup();
991 unregister_socket:
992 sock_unregister(PF_BLUETOOTH);
993 cleanup_sysfs:
994 bt_sysfs_cleanup();
995 cleanup_led:
996 bt_leds_cleanup();
997 debugfs_remove_recursive(bt_debugfs);
998 return err;
999 }
1000
bt_exit(void)1001 static void __exit bt_exit(void)
1002 {
1003 iso_exit();
1004
1005 mgmt_exit();
1006
1007 sco_exit();
1008
1009 l2cap_exit();
1010
1011 hci_sock_cleanup();
1012
1013 sock_unregister(PF_BLUETOOTH);
1014
1015 bt_sysfs_cleanup();
1016
1017 bt_leds_cleanup();
1018
1019 debugfs_remove_recursive(bt_debugfs);
1020 }
1021
1022 subsys_initcall(bt_init);
1023 module_exit(bt_exit);
1024
1025 MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
1026 MODULE_DESCRIPTION("Bluetooth Core ver " VERSION);
1027 MODULE_VERSION(VERSION);
1028 MODULE_LICENSE("GPL");
1029 MODULE_ALIAS_NETPROTO(PF_BLUETOOTH);
1030