1 /* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (C) 2000-2001 Qualcomm Incorporated 4 5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 6 7 This program is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License version 2 as 9 published by the Free Software Foundation; 10 11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 22 SOFTWARE IS DISCLAIMED. 23 */ 24 25 /* Bluetooth SCO sockets. */ 26 27 #include <linux/module.h> 28 #include <linux/debugfs.h> 29 #include <linux/seq_file.h> 30 #include <linux/sched/signal.h> 31 32 #include <net/bluetooth/bluetooth.h> 33 #include <net/bluetooth/hci_core.h> 34 #include <net/bluetooth/sco.h> 35 36 static bool disable_esco; 37 38 static const struct proto_ops sco_sock_ops; 39 40 static struct bt_sock_list sco_sk_list = { 41 .lock = __RW_LOCK_UNLOCKED(sco_sk_list.lock) 42 }; 43 44 /* ---- SCO connections ---- */ 45 struct sco_conn { 46 struct hci_conn *hcon; 47 48 spinlock_t lock; 49 struct sock *sk; 50 51 struct delayed_work timeout_work; 52 53 unsigned int mtu; 54 struct kref ref; 55 }; 56 57 #define sco_conn_lock(c) spin_lock(&c->lock) 58 #define sco_conn_unlock(c) spin_unlock(&c->lock) 59 60 static void sco_sock_close(struct sock *sk); 61 static void sco_sock_kill(struct sock *sk); 62 63 /* ----- SCO socket info ----- */ 64 #define sco_pi(sk) ((struct sco_pinfo *) sk) 65 66 struct sco_pinfo { 67 struct bt_sock bt; 68 bdaddr_t src; 69 bdaddr_t dst; 70 __u32 flags; 71 __u16 setting; 72 struct bt_codec codec; 73 struct sco_conn *conn; 74 }; 75 76 /* ---- SCO timers ---- */ 77 #define SCO_CONN_TIMEOUT (HZ * 40) 78 #define SCO_DISCONN_TIMEOUT (HZ * 2) 79 80 static void sco_conn_free(struct kref *ref) 81 { 82 struct sco_conn *conn = container_of(ref, struct sco_conn, ref); 83 84 BT_DBG("conn %p", conn); 85 86 if (conn->sk) 87 sco_pi(conn->sk)->conn = NULL; 88 89 if (conn->hcon) { 90 conn->hcon->sco_data = NULL; 91 hci_conn_drop(conn->hcon); 92 } 93 94 /* Ensure no more work items will run since hci_conn has been dropped */ 95 disable_delayed_work_sync(&conn->timeout_work); 96 97 kfree(conn); 98 } 99 100 static void sco_conn_put(struct sco_conn *conn) 101 { 102 if (!conn) 103 return; 104 105 BT_DBG("conn %p refcnt %d", conn, kref_read(&conn->ref)); 106 107 kref_put(&conn->ref, sco_conn_free); 108 } 109 110 static struct sco_conn *sco_conn_hold(struct sco_conn *conn) 111 { 112 BT_DBG("conn %p refcnt %u", conn, kref_read(&conn->ref)); 113 114 kref_get(&conn->ref); 115 return conn; 116 } 117 118 static struct sco_conn *sco_conn_hold_unless_zero(struct sco_conn *conn) 119 { 120 if (!conn) 121 return NULL; 122 123 BT_DBG("conn %p refcnt %u", conn, kref_read(&conn->ref)); 124 125 if (!kref_get_unless_zero(&conn->ref)) 126 return NULL; 127 128 return conn; 129 } 130 131 static struct sock *sco_sock_hold(struct sco_conn *conn) 132 { 133 if (!conn || !bt_sock_linked(&sco_sk_list, conn->sk)) 134 return NULL; 135 136 sock_hold(conn->sk); 137 138 return conn->sk; 139 } 140 141 static void sco_sock_timeout(struct work_struct *work) 142 { 143 struct sco_conn *conn = container_of(work, struct sco_conn, 144 timeout_work.work); 145 struct sock *sk; 146 147 conn = sco_conn_hold_unless_zero(conn); 148 if (!conn) 149 return; 150 151 sco_conn_lock(conn); 152 if (!conn->hcon) { 153 sco_conn_unlock(conn); 154 sco_conn_put(conn); 155 return; 156 } 157 sk = sco_sock_hold(conn); 158 sco_conn_unlock(conn); 159 sco_conn_put(conn); 160 161 if (!sk) 162 return; 163 164 BT_DBG("sock %p state %d", sk, sk->sk_state); 165 166 lock_sock(sk); 167 sk->sk_err = ETIMEDOUT; 168 sk->sk_state_change(sk); 169 release_sock(sk); 170 sock_put(sk); 171 } 172 173 static void sco_sock_set_timer(struct sock *sk, long timeout) 174 { 175 if (!sco_pi(sk)->conn) 176 return; 177 178 BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout); 179 cancel_delayed_work(&sco_pi(sk)->conn->timeout_work); 180 schedule_delayed_work(&sco_pi(sk)->conn->timeout_work, timeout); 181 } 182 183 static void sco_sock_clear_timer(struct sock *sk) 184 { 185 if (!sco_pi(sk)->conn) 186 return; 187 188 BT_DBG("sock %p state %d", sk, sk->sk_state); 189 cancel_delayed_work(&sco_pi(sk)->conn->timeout_work); 190 } 191 192 /* ---- SCO connections ---- */ 193 static struct sco_conn *sco_conn_add(struct hci_conn *hcon) 194 { 195 struct sco_conn *conn = hcon->sco_data; 196 197 conn = sco_conn_hold_unless_zero(conn); 198 if (conn) { 199 if (!conn->hcon) { 200 sco_conn_lock(conn); 201 conn->hcon = hcon; 202 sco_conn_unlock(conn); 203 } 204 return conn; 205 } 206 207 conn = kzalloc_obj(struct sco_conn); 208 if (!conn) 209 return NULL; 210 211 kref_init(&conn->ref); 212 spin_lock_init(&conn->lock); 213 INIT_DELAYED_WORK(&conn->timeout_work, sco_sock_timeout); 214 215 hcon->sco_data = conn; 216 conn->hcon = hcon; 217 conn->mtu = hcon->mtu; 218 219 if (hcon->mtu > 0) 220 conn->mtu = hcon->mtu; 221 else 222 conn->mtu = 60; 223 224 BT_DBG("hcon %p conn %p", hcon, conn); 225 226 return conn; 227 } 228 229 /* Delete channel. 230 * Must be called on the locked socket. */ 231 static void sco_chan_del(struct sock *sk, int err) 232 { 233 struct sco_conn *conn; 234 235 conn = sco_pi(sk)->conn; 236 sco_pi(sk)->conn = NULL; 237 238 BT_DBG("sk %p, conn %p, err %d", sk, conn, err); 239 240 if (conn) { 241 sco_conn_lock(conn); 242 conn->sk = NULL; 243 sco_conn_unlock(conn); 244 sco_conn_put(conn); 245 } 246 247 sk->sk_state = BT_CLOSED; 248 sk->sk_err = err; 249 sk->sk_state_change(sk); 250 251 sock_set_flag(sk, SOCK_ZAPPED); 252 } 253 254 static void sco_conn_del(struct hci_conn *hcon, int err) 255 { 256 struct sco_conn *conn = hcon->sco_data; 257 struct sock *sk; 258 259 conn = sco_conn_hold_unless_zero(conn); 260 if (!conn) 261 return; 262 263 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err); 264 265 sco_conn_lock(conn); 266 sk = sco_sock_hold(conn); 267 sco_conn_unlock(conn); 268 sco_conn_put(conn); 269 270 if (!sk) { 271 sco_conn_put(conn); 272 return; 273 } 274 275 /* Kill socket */ 276 lock_sock(sk); 277 sco_sock_clear_timer(sk); 278 sco_chan_del(sk, err); 279 release_sock(sk); 280 sock_put(sk); 281 } 282 283 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, 284 struct sock *parent) 285 { 286 BT_DBG("conn %p", conn); 287 288 sco_pi(sk)->conn = conn; 289 conn->sk = sk; 290 291 if (parent) 292 bt_accept_enqueue(parent, sk, true); 293 } 294 295 static int sco_chan_add(struct sco_conn *conn, struct sock *sk, 296 struct sock *parent) 297 { 298 int err = 0; 299 300 sco_conn_lock(conn); 301 if (conn->sk) 302 err = -EBUSY; 303 else 304 __sco_chan_add(conn, sk, parent); 305 306 sco_conn_unlock(conn); 307 return err; 308 } 309 310 static int sco_connect(struct sock *sk) 311 { 312 struct sco_conn *conn; 313 struct hci_conn *hcon; 314 struct hci_dev *hdev; 315 int err, type; 316 317 BT_DBG("%pMR -> %pMR", &sco_pi(sk)->src, &sco_pi(sk)->dst); 318 319 hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, BDADDR_BREDR); 320 if (!hdev) 321 return -EHOSTUNREACH; 322 323 hci_dev_lock(hdev); 324 325 if (lmp_esco_capable(hdev) && !disable_esco) 326 type = ESCO_LINK; 327 else 328 type = SCO_LINK; 329 330 switch (sco_pi(sk)->setting & SCO_AIRMODE_MASK) { 331 case SCO_AIRMODE_TRANSP: 332 if (!lmp_transp_capable(hdev) || !lmp_esco_capable(hdev)) { 333 err = -EOPNOTSUPP; 334 goto unlock; 335 } 336 break; 337 } 338 339 hcon = hci_connect_sco(hdev, type, &sco_pi(sk)->dst, 340 sco_pi(sk)->setting, &sco_pi(sk)->codec, 341 READ_ONCE(sk->sk_sndtimeo)); 342 if (IS_ERR(hcon)) { 343 err = PTR_ERR(hcon); 344 goto unlock; 345 } 346 347 conn = sco_conn_add(hcon); 348 if (!conn) { 349 hci_conn_drop(hcon); 350 err = -ENOMEM; 351 goto unlock; 352 } 353 354 lock_sock(sk); 355 356 err = sco_chan_add(conn, sk, NULL); 357 if (err) { 358 release_sock(sk); 359 goto unlock; 360 } 361 362 /* Update source addr of the socket */ 363 bacpy(&sco_pi(sk)->src, &hcon->src); 364 365 if (hcon->state == BT_CONNECTED) { 366 sco_sock_clear_timer(sk); 367 sk->sk_state = BT_CONNECTED; 368 } else { 369 sk->sk_state = BT_CONNECT; 370 sco_sock_set_timer(sk, READ_ONCE(sk->sk_sndtimeo)); 371 } 372 373 release_sock(sk); 374 375 unlock: 376 hci_dev_unlock(hdev); 377 hci_dev_put(hdev); 378 return err; 379 } 380 381 static int sco_send_frame(struct sock *sk, struct sk_buff *skb, 382 const struct sockcm_cookie *sockc) 383 { 384 struct sco_conn *conn = sco_pi(sk)->conn; 385 int len = skb->len; 386 387 /* Check outgoing MTU */ 388 if (len > conn->mtu) 389 return -EINVAL; 390 391 BT_DBG("sk %p len %d", sk, len); 392 393 hci_setup_tx_timestamp(skb, 1, sockc); 394 hci_send_sco(conn->hcon, skb); 395 396 return len; 397 } 398 399 static void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb) 400 { 401 struct sock *sk; 402 403 sco_conn_lock(conn); 404 sk = sco_sock_hold(conn); 405 sco_conn_unlock(conn); 406 407 if (!sk) 408 goto drop; 409 410 BT_DBG("sk %p len %u", sk, skb->len); 411 412 if (sk->sk_state != BT_CONNECTED) 413 goto drop_put; 414 415 if (!sock_queue_rcv_skb(sk, skb)) { 416 sock_put(sk); 417 return; 418 } 419 420 drop_put: 421 sock_put(sk); 422 drop: 423 kfree_skb(skb); 424 } 425 426 /* -------- Socket interface ---------- */ 427 static struct sock *__sco_get_sock_listen_by_addr(bdaddr_t *ba) 428 { 429 struct sock *sk; 430 431 sk_for_each(sk, &sco_sk_list.head) { 432 if (sk->sk_state != BT_LISTEN) 433 continue; 434 435 if (!bacmp(&sco_pi(sk)->src, ba)) 436 return sk; 437 } 438 439 return NULL; 440 } 441 442 /* Find socket listening on source bdaddr. 443 * Returns closest match. 444 */ 445 static struct sock *sco_get_sock_listen(bdaddr_t *src) 446 { 447 struct sock *sk = NULL, *sk1 = NULL; 448 449 read_lock(&sco_sk_list.lock); 450 451 sk_for_each(sk, &sco_sk_list.head) { 452 if (sk->sk_state != BT_LISTEN) 453 continue; 454 455 /* Exact match. */ 456 if (!bacmp(&sco_pi(sk)->src, src)) 457 break; 458 459 /* Closest match */ 460 if (!bacmp(&sco_pi(sk)->src, BDADDR_ANY)) 461 sk1 = sk; 462 } 463 464 read_unlock(&sco_sk_list.lock); 465 466 return sk ? sk : sk1; 467 } 468 469 static void sco_sock_destruct(struct sock *sk) 470 { 471 BT_DBG("sk %p", sk); 472 473 sco_conn_put(sco_pi(sk)->conn); 474 475 skb_queue_purge(&sk->sk_receive_queue); 476 skb_queue_purge(&sk->sk_write_queue); 477 skb_queue_purge(&sk->sk_error_queue); 478 } 479 480 static void sco_sock_cleanup_listen(struct sock *parent) 481 { 482 struct sock *sk; 483 484 BT_DBG("parent %p", parent); 485 486 /* Close not yet accepted channels */ 487 while ((sk = bt_accept_dequeue(parent, NULL))) { 488 sco_sock_close(sk); 489 sco_sock_kill(sk); 490 } 491 492 parent->sk_state = BT_CLOSED; 493 sock_set_flag(parent, SOCK_ZAPPED); 494 } 495 496 /* Kill socket (only if zapped and orphan) 497 * Must be called on unlocked socket. 498 */ 499 static void sco_sock_kill(struct sock *sk) 500 { 501 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket) 502 return; 503 504 BT_DBG("sk %p state %d", sk, sk->sk_state); 505 506 /* Sock is dead, so set conn->sk to NULL to avoid possible UAF */ 507 if (sco_pi(sk)->conn) { 508 sco_conn_lock(sco_pi(sk)->conn); 509 sco_pi(sk)->conn->sk = NULL; 510 sco_conn_unlock(sco_pi(sk)->conn); 511 } 512 513 /* Kill poor orphan */ 514 bt_sock_unlink(&sco_sk_list, sk); 515 sock_set_flag(sk, SOCK_DEAD); 516 sock_put(sk); 517 } 518 519 static void __sco_sock_close(struct sock *sk) 520 { 521 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket); 522 523 switch (sk->sk_state) { 524 case BT_LISTEN: 525 sco_sock_cleanup_listen(sk); 526 break; 527 528 case BT_CONNECTED: 529 case BT_CONFIG: 530 case BT_CONNECT2: 531 case BT_CONNECT: 532 case BT_DISCONN: 533 sco_chan_del(sk, ECONNRESET); 534 break; 535 536 default: 537 sock_set_flag(sk, SOCK_ZAPPED); 538 break; 539 } 540 541 } 542 543 /* Must be called on unlocked socket. */ 544 static void sco_sock_close(struct sock *sk) 545 { 546 lock_sock(sk); 547 sco_sock_clear_timer(sk); 548 __sco_sock_close(sk); 549 release_sock(sk); 550 } 551 552 static void sco_sock_init(struct sock *sk, struct sock *parent) 553 { 554 BT_DBG("sk %p", sk); 555 556 if (parent) { 557 sk->sk_type = parent->sk_type; 558 bt_sk(sk)->flags = bt_sk(parent)->flags; 559 security_sk_clone(parent, sk); 560 } 561 } 562 563 static struct proto sco_proto = { 564 .name = "SCO", 565 .owner = THIS_MODULE, 566 .obj_size = sizeof(struct sco_pinfo) 567 }; 568 569 static struct sock *sco_sock_alloc(struct net *net, struct socket *sock, 570 int proto, gfp_t prio, int kern) 571 { 572 struct sock *sk; 573 574 sk = bt_sock_alloc(net, sock, &sco_proto, proto, prio, kern); 575 if (!sk) 576 return NULL; 577 578 sk->sk_destruct = sco_sock_destruct; 579 sk->sk_sndtimeo = SCO_CONN_TIMEOUT; 580 581 sco_pi(sk)->setting = BT_VOICE_CVSD_16BIT; 582 sco_pi(sk)->codec.id = BT_CODEC_CVSD; 583 sco_pi(sk)->codec.cid = 0xffff; 584 sco_pi(sk)->codec.vid = 0xffff; 585 sco_pi(sk)->codec.data_path = 0x00; 586 587 bt_sock_link(&sco_sk_list, sk); 588 return sk; 589 } 590 591 static int sco_sock_create(struct net *net, struct socket *sock, int protocol, 592 int kern) 593 { 594 struct sock *sk; 595 596 BT_DBG("sock %p", sock); 597 598 sock->state = SS_UNCONNECTED; 599 600 if (sock->type != SOCK_SEQPACKET) 601 return -ESOCKTNOSUPPORT; 602 603 sock->ops = &sco_sock_ops; 604 605 sk = sco_sock_alloc(net, sock, protocol, GFP_ATOMIC, kern); 606 if (!sk) 607 return -ENOMEM; 608 609 sco_sock_init(sk, NULL); 610 return 0; 611 } 612 613 static int sco_sock_bind(struct socket *sock, struct sockaddr_unsized *addr, 614 int addr_len) 615 { 616 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 617 struct sock *sk = sock->sk; 618 int err = 0; 619 620 if (!addr || addr_len < sizeof(struct sockaddr_sco) || 621 addr->sa_family != AF_BLUETOOTH) 622 return -EINVAL; 623 624 BT_DBG("sk %p %pMR", sk, &sa->sco_bdaddr); 625 626 lock_sock(sk); 627 628 if (sk->sk_state != BT_OPEN) { 629 err = -EBADFD; 630 goto done; 631 } 632 633 if (sk->sk_type != SOCK_SEQPACKET) { 634 err = -EINVAL; 635 goto done; 636 } 637 638 bacpy(&sco_pi(sk)->src, &sa->sco_bdaddr); 639 640 sk->sk_state = BT_BOUND; 641 642 done: 643 release_sock(sk); 644 return err; 645 } 646 647 static int sco_sock_connect(struct socket *sock, struct sockaddr_unsized *addr, int alen, int flags) 648 { 649 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 650 struct sock *sk = sock->sk; 651 int err; 652 653 BT_DBG("sk %p", sk); 654 655 if (alen < sizeof(struct sockaddr_sco) || 656 addr->sa_family != AF_BLUETOOTH) 657 return -EINVAL; 658 659 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) 660 return -EBADFD; 661 662 if (sk->sk_type != SOCK_SEQPACKET) 663 err = -EINVAL; 664 665 lock_sock(sk); 666 /* Set destination address and psm */ 667 bacpy(&sco_pi(sk)->dst, &sa->sco_bdaddr); 668 release_sock(sk); 669 670 err = sco_connect(sk); 671 if (err) 672 return err; 673 674 lock_sock(sk); 675 676 err = bt_sock_wait_state(sk, BT_CONNECTED, 677 sock_sndtimeo(sk, flags & O_NONBLOCK)); 678 679 release_sock(sk); 680 return err; 681 } 682 683 static int sco_sock_listen(struct socket *sock, int backlog) 684 { 685 struct sock *sk = sock->sk; 686 bdaddr_t *src = &sco_pi(sk)->src; 687 int err = 0; 688 689 BT_DBG("sk %p backlog %d", sk, backlog); 690 691 lock_sock(sk); 692 693 if (sk->sk_state != BT_BOUND) { 694 err = -EBADFD; 695 goto done; 696 } 697 698 if (sk->sk_type != SOCK_SEQPACKET) { 699 err = -EINVAL; 700 goto done; 701 } 702 703 write_lock(&sco_sk_list.lock); 704 705 if (__sco_get_sock_listen_by_addr(src)) { 706 err = -EADDRINUSE; 707 goto unlock; 708 } 709 710 sk->sk_max_ack_backlog = backlog; 711 sk->sk_ack_backlog = 0; 712 713 sk->sk_state = BT_LISTEN; 714 715 unlock: 716 write_unlock(&sco_sk_list.lock); 717 718 done: 719 release_sock(sk); 720 return err; 721 } 722 723 static int sco_sock_accept(struct socket *sock, struct socket *newsock, 724 struct proto_accept_arg *arg) 725 { 726 DEFINE_WAIT_FUNC(wait, woken_wake_function); 727 struct sock *sk = sock->sk, *ch; 728 long timeo; 729 int err = 0; 730 731 lock_sock(sk); 732 733 timeo = sock_rcvtimeo(sk, arg->flags & O_NONBLOCK); 734 735 BT_DBG("sk %p timeo %ld", sk, timeo); 736 737 /* Wait for an incoming connection. (wake-one). */ 738 add_wait_queue_exclusive(sk_sleep(sk), &wait); 739 while (1) { 740 if (sk->sk_state != BT_LISTEN) { 741 err = -EBADFD; 742 break; 743 } 744 745 ch = bt_accept_dequeue(sk, newsock); 746 if (ch) 747 break; 748 749 if (!timeo) { 750 err = -EAGAIN; 751 break; 752 } 753 754 if (signal_pending(current)) { 755 err = sock_intr_errno(timeo); 756 break; 757 } 758 759 release_sock(sk); 760 761 timeo = wait_woken(&wait, TASK_INTERRUPTIBLE, timeo); 762 lock_sock(sk); 763 } 764 remove_wait_queue(sk_sleep(sk), &wait); 765 766 if (err) 767 goto done; 768 769 newsock->state = SS_CONNECTED; 770 771 BT_DBG("new socket %p", ch); 772 773 done: 774 release_sock(sk); 775 return err; 776 } 777 778 static int sco_sock_getname(struct socket *sock, struct sockaddr *addr, 779 int peer) 780 { 781 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 782 struct sock *sk = sock->sk; 783 784 BT_DBG("sock %p, sk %p", sock, sk); 785 786 addr->sa_family = AF_BLUETOOTH; 787 788 if (peer) 789 bacpy(&sa->sco_bdaddr, &sco_pi(sk)->dst); 790 else 791 bacpy(&sa->sco_bdaddr, &sco_pi(sk)->src); 792 793 return sizeof(struct sockaddr_sco); 794 } 795 796 static int sco_sock_sendmsg(struct socket *sock, struct msghdr *msg, 797 size_t len) 798 { 799 struct sock *sk = sock->sk; 800 struct sk_buff *skb; 801 struct sockcm_cookie sockc; 802 int err; 803 804 BT_DBG("sock %p, sk %p", sock, sk); 805 806 err = sock_error(sk); 807 if (err) 808 return err; 809 810 if (msg->msg_flags & MSG_OOB) 811 return -EOPNOTSUPP; 812 813 hci_sockcm_init(&sockc, sk); 814 815 if (msg->msg_controllen) { 816 err = sock_cmsg_send(sk, msg, &sockc); 817 if (err) 818 return err; 819 } 820 821 skb = bt_skb_sendmsg(sk, msg, len, len, 0, 0); 822 if (IS_ERR(skb)) 823 return PTR_ERR(skb); 824 825 lock_sock(sk); 826 827 if (sk->sk_state == BT_CONNECTED) 828 err = sco_send_frame(sk, skb, &sockc); 829 else 830 err = -ENOTCONN; 831 832 release_sock(sk); 833 834 if (err < 0) 835 kfree_skb(skb); 836 return err; 837 } 838 839 static void sco_conn_defer_accept(struct hci_conn *conn, u16 setting) 840 { 841 struct hci_dev *hdev = conn->hdev; 842 843 BT_DBG("conn %p", conn); 844 845 conn->state = BT_CONFIG; 846 847 if (!lmp_esco_capable(hdev)) { 848 struct hci_cp_accept_conn_req cp; 849 850 bacpy(&cp.bdaddr, &conn->dst); 851 cp.role = 0x00; /* Ignored */ 852 853 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp), &cp); 854 } else { 855 struct hci_cp_accept_sync_conn_req cp; 856 857 bacpy(&cp.bdaddr, &conn->dst); 858 cp.pkt_type = cpu_to_le16(conn->pkt_type); 859 860 cp.tx_bandwidth = cpu_to_le32(0x00001f40); 861 cp.rx_bandwidth = cpu_to_le32(0x00001f40); 862 cp.content_format = cpu_to_le16(setting); 863 864 switch (setting & SCO_AIRMODE_MASK) { 865 case SCO_AIRMODE_TRANSP: 866 if (conn->pkt_type & ESCO_2EV3) 867 cp.max_latency = cpu_to_le16(0x0008); 868 else 869 cp.max_latency = cpu_to_le16(0x000D); 870 cp.retrans_effort = 0x02; 871 break; 872 case SCO_AIRMODE_CVSD: 873 cp.max_latency = cpu_to_le16(0xffff); 874 cp.retrans_effort = 0xff; 875 break; 876 default: 877 /* use CVSD settings as fallback */ 878 cp.max_latency = cpu_to_le16(0xffff); 879 cp.retrans_effort = 0xff; 880 break; 881 } 882 883 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ, 884 sizeof(cp), &cp); 885 } 886 } 887 888 static int sco_sock_recvmsg(struct socket *sock, struct msghdr *msg, 889 size_t len, int flags) 890 { 891 struct sock *sk = sock->sk; 892 struct sco_pinfo *pi = sco_pi(sk); 893 894 if (unlikely(flags & MSG_ERRQUEUE)) 895 return sock_recv_errqueue(sk, msg, len, SOL_BLUETOOTH, 896 BT_SCM_ERROR); 897 898 lock_sock(sk); 899 900 if (sk->sk_state == BT_CONNECT2 && 901 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) { 902 sco_conn_defer_accept(pi->conn->hcon, pi->setting); 903 sk->sk_state = BT_CONFIG; 904 905 release_sock(sk); 906 return 0; 907 } 908 909 release_sock(sk); 910 911 return bt_sock_recvmsg(sock, msg, len, flags); 912 } 913 914 static int sco_sock_setsockopt(struct socket *sock, int level, int optname, 915 sockptr_t optval, unsigned int optlen) 916 { 917 struct sock *sk = sock->sk; 918 int err = 0; 919 struct bt_voice voice; 920 u32 opt; 921 struct bt_codecs *codecs; 922 struct hci_dev *hdev; 923 __u8 buffer[255]; 924 925 BT_DBG("sk %p", sk); 926 927 lock_sock(sk); 928 929 switch (optname) { 930 931 case BT_DEFER_SETUP: 932 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) { 933 err = -EINVAL; 934 break; 935 } 936 937 err = copy_safe_from_sockptr(&opt, sizeof(opt), optval, optlen); 938 if (err) 939 break; 940 941 if (opt) 942 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags); 943 else 944 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags); 945 break; 946 947 case BT_VOICE: 948 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND && 949 sk->sk_state != BT_CONNECT2) { 950 err = -EINVAL; 951 break; 952 } 953 954 voice.setting = sco_pi(sk)->setting; 955 956 err = copy_safe_from_sockptr(&voice, sizeof(voice), optval, 957 optlen); 958 if (err) 959 break; 960 961 sco_pi(sk)->setting = voice.setting; 962 hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, 963 BDADDR_BREDR); 964 if (!hdev) { 965 err = -EBADFD; 966 break; 967 } 968 969 switch (sco_pi(sk)->setting & SCO_AIRMODE_MASK) { 970 case SCO_AIRMODE_TRANSP: 971 if (enhanced_sync_conn_capable(hdev)) 972 sco_pi(sk)->codec.id = BT_CODEC_TRANSPARENT; 973 break; 974 } 975 976 hci_dev_put(hdev); 977 break; 978 979 case BT_PKT_STATUS: 980 err = copy_safe_from_sockptr(&opt, sizeof(opt), optval, optlen); 981 if (err) 982 break; 983 984 if (opt) 985 set_bit(BT_SK_PKT_STATUS, &bt_sk(sk)->flags); 986 else 987 clear_bit(BT_SK_PKT_STATUS, &bt_sk(sk)->flags); 988 break; 989 990 case BT_CODEC: 991 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND && 992 sk->sk_state != BT_CONNECT2) { 993 err = -EINVAL; 994 break; 995 } 996 997 hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, 998 BDADDR_BREDR); 999 if (!hdev) { 1000 err = -EBADFD; 1001 break; 1002 } 1003 1004 if (!hci_dev_test_flag(hdev, HCI_OFFLOAD_CODECS_ENABLED)) { 1005 hci_dev_put(hdev); 1006 err = -EOPNOTSUPP; 1007 break; 1008 } 1009 1010 if (!hdev->get_data_path_id) { 1011 hci_dev_put(hdev); 1012 err = -EOPNOTSUPP; 1013 break; 1014 } 1015 1016 if (optlen < sizeof(struct bt_codecs) || 1017 optlen > sizeof(buffer)) { 1018 hci_dev_put(hdev); 1019 err = -EINVAL; 1020 break; 1021 } 1022 1023 err = copy_struct_from_sockptr(buffer, sizeof(buffer), optval, 1024 optlen); 1025 if (err) { 1026 hci_dev_put(hdev); 1027 break; 1028 } 1029 1030 codecs = (void *)buffer; 1031 1032 if (codecs->num_codecs > 1) { 1033 hci_dev_put(hdev); 1034 err = -EINVAL; 1035 break; 1036 } 1037 1038 sco_pi(sk)->codec = codecs->codecs[0]; 1039 hci_dev_put(hdev); 1040 break; 1041 1042 default: 1043 err = -ENOPROTOOPT; 1044 break; 1045 } 1046 1047 release_sock(sk); 1048 return err; 1049 } 1050 1051 static int sco_sock_getsockopt_old(struct socket *sock, int optname, 1052 char __user *optval, int __user *optlen) 1053 { 1054 struct sock *sk = sock->sk; 1055 struct sco_options opts; 1056 struct sco_conninfo cinfo; 1057 int err = 0; 1058 size_t len; 1059 1060 BT_DBG("sk %p", sk); 1061 1062 if (get_user(len, optlen)) 1063 return -EFAULT; 1064 1065 lock_sock(sk); 1066 1067 switch (optname) { 1068 case SCO_OPTIONS: 1069 if (sk->sk_state != BT_CONNECTED && 1070 !(sk->sk_state == BT_CONNECT2 && 1071 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) { 1072 err = -ENOTCONN; 1073 break; 1074 } 1075 1076 opts.mtu = sco_pi(sk)->conn->mtu; 1077 1078 BT_DBG("mtu %u", opts.mtu); 1079 1080 len = min(len, sizeof(opts)); 1081 if (copy_to_user(optval, (char *)&opts, len)) 1082 err = -EFAULT; 1083 1084 break; 1085 1086 case SCO_CONNINFO: 1087 if (sk->sk_state != BT_CONNECTED && 1088 !(sk->sk_state == BT_CONNECT2 && 1089 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) { 1090 err = -ENOTCONN; 1091 break; 1092 } 1093 1094 memset(&cinfo, 0, sizeof(cinfo)); 1095 cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle; 1096 memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3); 1097 1098 len = min(len, sizeof(cinfo)); 1099 if (copy_to_user(optval, (char *)&cinfo, len)) 1100 err = -EFAULT; 1101 1102 break; 1103 1104 default: 1105 err = -ENOPROTOOPT; 1106 break; 1107 } 1108 1109 release_sock(sk); 1110 return err; 1111 } 1112 1113 static int sco_sock_getsockopt(struct socket *sock, int level, int optname, 1114 char __user *optval, int __user *optlen) 1115 { 1116 struct sock *sk = sock->sk; 1117 int len, err = 0; 1118 struct bt_voice voice; 1119 u32 phys; 1120 int buf_len; 1121 struct codec_list *c; 1122 u8 num_codecs, i, __user *ptr; 1123 struct hci_dev *hdev; 1124 struct hci_codec_caps *caps; 1125 struct bt_codec codec; 1126 1127 BT_DBG("sk %p", sk); 1128 1129 if (level == SOL_SCO) 1130 return sco_sock_getsockopt_old(sock, optname, optval, optlen); 1131 1132 if (get_user(len, optlen)) 1133 return -EFAULT; 1134 1135 lock_sock(sk); 1136 1137 switch (optname) { 1138 1139 case BT_DEFER_SETUP: 1140 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) { 1141 err = -EINVAL; 1142 break; 1143 } 1144 1145 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags), 1146 (u32 __user *)optval)) 1147 err = -EFAULT; 1148 1149 break; 1150 1151 case BT_VOICE: 1152 voice.setting = sco_pi(sk)->setting; 1153 1154 len = min_t(unsigned int, len, sizeof(voice)); 1155 if (copy_to_user(optval, (char *)&voice, len)) 1156 err = -EFAULT; 1157 1158 break; 1159 1160 case BT_PHY: 1161 if (sk->sk_state != BT_CONNECTED) { 1162 err = -ENOTCONN; 1163 break; 1164 } 1165 1166 phys = hci_conn_get_phy(sco_pi(sk)->conn->hcon); 1167 1168 if (put_user(phys, (u32 __user *) optval)) 1169 err = -EFAULT; 1170 break; 1171 1172 case BT_PKT_STATUS: 1173 if (put_user(test_bit(BT_SK_PKT_STATUS, &bt_sk(sk)->flags), 1174 (int __user *)optval)) 1175 err = -EFAULT; 1176 break; 1177 1178 case BT_SNDMTU: 1179 case BT_RCVMTU: 1180 if (sk->sk_state != BT_CONNECTED) { 1181 err = -ENOTCONN; 1182 break; 1183 } 1184 1185 if (put_user(sco_pi(sk)->conn->mtu, (u32 __user *)optval)) 1186 err = -EFAULT; 1187 break; 1188 1189 case BT_CODEC: 1190 num_codecs = 0; 1191 buf_len = 0; 1192 1193 hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, BDADDR_BREDR); 1194 if (!hdev) { 1195 err = -EBADFD; 1196 break; 1197 } 1198 1199 if (!hci_dev_test_flag(hdev, HCI_OFFLOAD_CODECS_ENABLED)) { 1200 hci_dev_put(hdev); 1201 err = -EOPNOTSUPP; 1202 break; 1203 } 1204 1205 if (!hdev->get_data_path_id) { 1206 hci_dev_put(hdev); 1207 err = -EOPNOTSUPP; 1208 break; 1209 } 1210 1211 release_sock(sk); 1212 1213 /* find total buffer size required to copy codec + caps */ 1214 hci_dev_lock(hdev); 1215 list_for_each_entry(c, &hdev->local_codecs, list) { 1216 if (c->transport != HCI_TRANSPORT_SCO_ESCO) 1217 continue; 1218 num_codecs++; 1219 for (i = 0, caps = c->caps; i < c->num_caps; i++) { 1220 buf_len += 1 + caps->len; 1221 caps = (void *)&caps->data[caps->len]; 1222 } 1223 buf_len += sizeof(struct bt_codec); 1224 } 1225 hci_dev_unlock(hdev); 1226 1227 buf_len += sizeof(struct bt_codecs); 1228 if (buf_len > len) { 1229 hci_dev_put(hdev); 1230 return -ENOBUFS; 1231 } 1232 ptr = optval; 1233 1234 if (put_user(num_codecs, ptr)) { 1235 hci_dev_put(hdev); 1236 return -EFAULT; 1237 } 1238 ptr += sizeof(num_codecs); 1239 1240 /* Iterate all the codecs supported over SCO and populate 1241 * codec data 1242 */ 1243 hci_dev_lock(hdev); 1244 list_for_each_entry(c, &hdev->local_codecs, list) { 1245 if (c->transport != HCI_TRANSPORT_SCO_ESCO) 1246 continue; 1247 1248 codec.id = c->id; 1249 codec.cid = c->cid; 1250 codec.vid = c->vid; 1251 err = hdev->get_data_path_id(hdev, &codec.data_path); 1252 if (err < 0) 1253 break; 1254 codec.num_caps = c->num_caps; 1255 if (copy_to_user(ptr, &codec, sizeof(codec))) { 1256 err = -EFAULT; 1257 break; 1258 } 1259 ptr += sizeof(codec); 1260 1261 /* find codec capabilities data length */ 1262 len = 0; 1263 for (i = 0, caps = c->caps; i < c->num_caps; i++) { 1264 len += 1 + caps->len; 1265 caps = (void *)&caps->data[caps->len]; 1266 } 1267 1268 /* copy codec capabilities data */ 1269 if (len && copy_to_user(ptr, c->caps, len)) { 1270 err = -EFAULT; 1271 break; 1272 } 1273 ptr += len; 1274 } 1275 1276 hci_dev_unlock(hdev); 1277 hci_dev_put(hdev); 1278 1279 lock_sock(sk); 1280 1281 if (!err && put_user(buf_len, optlen)) 1282 err = -EFAULT; 1283 1284 break; 1285 1286 default: 1287 err = -ENOPROTOOPT; 1288 break; 1289 } 1290 1291 release_sock(sk); 1292 return err; 1293 } 1294 1295 static int sco_sock_shutdown(struct socket *sock, int how) 1296 { 1297 struct sock *sk = sock->sk; 1298 int err = 0; 1299 1300 BT_DBG("sock %p, sk %p", sock, sk); 1301 1302 if (!sk) 1303 return 0; 1304 1305 sock_hold(sk); 1306 lock_sock(sk); 1307 1308 if (!sk->sk_shutdown) { 1309 sk->sk_shutdown = SHUTDOWN_MASK; 1310 sco_sock_clear_timer(sk); 1311 __sco_sock_close(sk); 1312 1313 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime && 1314 !(current->flags & PF_EXITING)) 1315 err = bt_sock_wait_state(sk, BT_CLOSED, 1316 sk->sk_lingertime); 1317 } 1318 1319 release_sock(sk); 1320 sock_put(sk); 1321 1322 return err; 1323 } 1324 1325 static int sco_sock_release(struct socket *sock) 1326 { 1327 struct sock *sk = sock->sk; 1328 int err = 0; 1329 1330 BT_DBG("sock %p, sk %p", sock, sk); 1331 1332 if (!sk) 1333 return 0; 1334 1335 sco_sock_close(sk); 1336 1337 if (sock_flag(sk, SOCK_LINGER) && READ_ONCE(sk->sk_lingertime) && 1338 !(current->flags & PF_EXITING)) { 1339 lock_sock(sk); 1340 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime); 1341 release_sock(sk); 1342 } 1343 1344 sock_orphan(sk); 1345 sco_sock_kill(sk); 1346 return err; 1347 } 1348 1349 static void sco_conn_ready(struct sco_conn *conn) 1350 { 1351 struct sock *parent; 1352 struct sock *sk = conn->sk; 1353 1354 BT_DBG("conn %p", conn); 1355 1356 if (sk) { 1357 lock_sock(sk); 1358 sco_sock_clear_timer(sk); 1359 sk->sk_state = BT_CONNECTED; 1360 sk->sk_state_change(sk); 1361 release_sock(sk); 1362 } else { 1363 sco_conn_lock(conn); 1364 1365 if (!conn->hcon) { 1366 sco_conn_unlock(conn); 1367 return; 1368 } 1369 1370 parent = sco_get_sock_listen(&conn->hcon->src); 1371 if (!parent) { 1372 sco_conn_unlock(conn); 1373 return; 1374 } 1375 1376 lock_sock(parent); 1377 1378 sk = sco_sock_alloc(sock_net(parent), NULL, 1379 BTPROTO_SCO, GFP_ATOMIC, 0); 1380 if (!sk) { 1381 release_sock(parent); 1382 sco_conn_unlock(conn); 1383 return; 1384 } 1385 1386 sco_sock_init(sk, parent); 1387 1388 bacpy(&sco_pi(sk)->src, &conn->hcon->src); 1389 bacpy(&sco_pi(sk)->dst, &conn->hcon->dst); 1390 1391 sco_conn_hold(conn); 1392 hci_conn_hold(conn->hcon); 1393 __sco_chan_add(conn, sk, parent); 1394 1395 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags)) 1396 sk->sk_state = BT_CONNECT2; 1397 else 1398 sk->sk_state = BT_CONNECTED; 1399 1400 /* Wake up parent */ 1401 parent->sk_data_ready(parent); 1402 1403 release_sock(parent); 1404 1405 sco_conn_unlock(conn); 1406 } 1407 } 1408 1409 /* ----- SCO interface with lower layer (HCI) ----- */ 1410 int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 *flags) 1411 { 1412 struct sock *sk; 1413 int lm = 0; 1414 1415 BT_DBG("hdev %s, bdaddr %pMR", hdev->name, bdaddr); 1416 1417 /* Find listening sockets */ 1418 read_lock(&sco_sk_list.lock); 1419 sk_for_each(sk, &sco_sk_list.head) { 1420 if (sk->sk_state != BT_LISTEN) 1421 continue; 1422 1423 if (!bacmp(&sco_pi(sk)->src, &hdev->bdaddr) || 1424 !bacmp(&sco_pi(sk)->src, BDADDR_ANY)) { 1425 lm |= HCI_LM_ACCEPT; 1426 1427 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) 1428 *flags |= HCI_PROTO_DEFER; 1429 break; 1430 } 1431 } 1432 read_unlock(&sco_sk_list.lock); 1433 1434 return lm; 1435 } 1436 1437 static void sco_connect_cfm(struct hci_conn *hcon, __u8 status) 1438 { 1439 if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK) 1440 return; 1441 1442 BT_DBG("hcon %p bdaddr %pMR status %u", hcon, &hcon->dst, status); 1443 1444 if (!status) { 1445 struct sco_conn *conn; 1446 1447 conn = sco_conn_add(hcon); 1448 if (conn) { 1449 sco_conn_ready(conn); 1450 sco_conn_put(conn); 1451 } 1452 } else 1453 sco_conn_del(hcon, bt_to_errno(status)); 1454 } 1455 1456 static void sco_disconn_cfm(struct hci_conn *hcon, __u8 reason) 1457 { 1458 if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK) 1459 return; 1460 1461 BT_DBG("hcon %p reason %d", hcon, reason); 1462 1463 sco_conn_del(hcon, bt_to_errno(reason)); 1464 } 1465 1466 int sco_recv_scodata(struct hci_dev *hdev, u16 handle, struct sk_buff *skb) 1467 { 1468 struct hci_conn *hcon; 1469 struct sco_conn *conn; 1470 1471 hci_dev_lock(hdev); 1472 1473 hcon = hci_conn_hash_lookup_handle(hdev, handle); 1474 if (!hcon) { 1475 hci_dev_unlock(hdev); 1476 kfree_skb(skb); 1477 return -ENOENT; 1478 } 1479 1480 conn = sco_conn_hold_unless_zero(hcon->sco_data); 1481 hcon = NULL; 1482 1483 hci_dev_unlock(hdev); 1484 1485 if (!conn) { 1486 kfree_skb(skb); 1487 return -EINVAL; 1488 } 1489 1490 BT_DBG("conn %p len %u", conn, skb->len); 1491 1492 if (skb->len) 1493 sco_recv_frame(conn, skb); 1494 else 1495 kfree_skb(skb); 1496 1497 sco_conn_put(conn); 1498 return 0; 1499 } 1500 1501 static struct hci_cb sco_cb = { 1502 .name = "SCO", 1503 .connect_cfm = sco_connect_cfm, 1504 .disconn_cfm = sco_disconn_cfm, 1505 }; 1506 1507 static int sco_debugfs_show(struct seq_file *f, void *p) 1508 { 1509 struct sock *sk; 1510 1511 read_lock(&sco_sk_list.lock); 1512 1513 sk_for_each(sk, &sco_sk_list.head) { 1514 seq_printf(f, "%pMR %pMR %d\n", &sco_pi(sk)->src, 1515 &sco_pi(sk)->dst, sk->sk_state); 1516 } 1517 1518 read_unlock(&sco_sk_list.lock); 1519 1520 return 0; 1521 } 1522 1523 DEFINE_SHOW_ATTRIBUTE(sco_debugfs); 1524 1525 static struct dentry *sco_debugfs; 1526 1527 static const struct proto_ops sco_sock_ops = { 1528 .family = PF_BLUETOOTH, 1529 .owner = THIS_MODULE, 1530 .release = sco_sock_release, 1531 .bind = sco_sock_bind, 1532 .connect = sco_sock_connect, 1533 .listen = sco_sock_listen, 1534 .accept = sco_sock_accept, 1535 .getname = sco_sock_getname, 1536 .sendmsg = sco_sock_sendmsg, 1537 .recvmsg = sco_sock_recvmsg, 1538 .poll = bt_sock_poll, 1539 .ioctl = bt_sock_ioctl, 1540 .gettstamp = sock_gettstamp, 1541 .mmap = sock_no_mmap, 1542 .socketpair = sock_no_socketpair, 1543 .shutdown = sco_sock_shutdown, 1544 .setsockopt = sco_sock_setsockopt, 1545 .getsockopt = sco_sock_getsockopt 1546 }; 1547 1548 static const struct net_proto_family sco_sock_family_ops = { 1549 .family = PF_BLUETOOTH, 1550 .owner = THIS_MODULE, 1551 .create = sco_sock_create, 1552 }; 1553 1554 int __init sco_init(void) 1555 { 1556 int err; 1557 1558 BUILD_BUG_ON(sizeof(struct sockaddr_sco) > sizeof(struct sockaddr)); 1559 1560 err = proto_register(&sco_proto, 0); 1561 if (err < 0) 1562 return err; 1563 1564 err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops); 1565 if (err < 0) { 1566 BT_ERR("SCO socket registration failed"); 1567 goto error; 1568 } 1569 1570 err = bt_procfs_init(&init_net, "sco", &sco_sk_list, NULL); 1571 if (err < 0) { 1572 BT_ERR("Failed to create SCO proc file"); 1573 bt_sock_unregister(BTPROTO_SCO); 1574 goto error; 1575 } 1576 1577 BT_INFO("SCO socket layer initialized"); 1578 1579 hci_register_cb(&sco_cb); 1580 1581 if (IS_ERR_OR_NULL(bt_debugfs)) 1582 return 0; 1583 1584 sco_debugfs = debugfs_create_file("sco", 0444, bt_debugfs, 1585 NULL, &sco_debugfs_fops); 1586 1587 return 0; 1588 1589 error: 1590 proto_unregister(&sco_proto); 1591 return err; 1592 } 1593 1594 void sco_exit(void) 1595 { 1596 bt_procfs_cleanup(&init_net, "sco"); 1597 1598 debugfs_remove(sco_debugfs); 1599 1600 hci_unregister_cb(&sco_cb); 1601 1602 bt_sock_unregister(BTPROTO_SCO); 1603 1604 proto_unregister(&sco_proto); 1605 } 1606 1607 module_param(disable_esco, bool, 0644); 1608 MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation"); 1609