1 /* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (C) 2000-2001 Qualcomm Incorporated 4 5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 6 7 This program is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License version 2 as 9 published by the Free Software Foundation; 10 11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 22 SOFTWARE IS DISCLAIMED. 23 */ 24 25 /* Bluetooth SCO sockets. */ 26 27 #include <linux/module.h> 28 #include <linux/debugfs.h> 29 #include <linux/seq_file.h> 30 #include <linux/sched/signal.h> 31 32 #include <net/bluetooth/bluetooth.h> 33 #include <net/bluetooth/hci_core.h> 34 #include <net/bluetooth/sco.h> 35 36 static bool disable_esco; 37 38 static const struct proto_ops sco_sock_ops; 39 40 static struct bt_sock_list sco_sk_list = { 41 .lock = __RW_LOCK_UNLOCKED(sco_sk_list.lock) 42 }; 43 44 /* ---- SCO connections ---- */ 45 struct sco_conn { 46 struct hci_conn *hcon; 47 48 spinlock_t lock; 49 struct sock *sk; 50 51 struct delayed_work timeout_work; 52 53 unsigned int mtu; 54 struct kref ref; 55 }; 56 57 #define sco_conn_lock(c) spin_lock(&c->lock) 58 #define sco_conn_unlock(c) spin_unlock(&c->lock) 59 60 static void sco_sock_close(struct sock *sk); 61 static void sco_sock_kill(struct sock *sk); 62 63 /* ----- SCO socket info ----- */ 64 #define sco_pi(sk) ((struct sco_pinfo *) sk) 65 66 struct sco_pinfo { 67 struct bt_sock bt; 68 bdaddr_t src; 69 bdaddr_t dst; 70 __u32 flags; 71 __u16 setting; 72 struct bt_codec codec; 73 struct sco_conn *conn; 74 }; 75 76 /* ---- SCO timers ---- */ 77 #define SCO_CONN_TIMEOUT (HZ * 40) 78 #define SCO_DISCONN_TIMEOUT (HZ * 2) 79 80 static void sco_conn_free(struct kref *ref) 81 { 82 struct sco_conn *conn = container_of(ref, struct sco_conn, ref); 83 84 BT_DBG("conn %p", conn); 85 86 if (conn->sk) 87 sco_pi(conn->sk)->conn = NULL; 88 89 if (conn->hcon) { 90 conn->hcon->sco_data = NULL; 91 hci_conn_drop(conn->hcon); 92 } 93 94 /* Ensure no more work items will run since hci_conn has been dropped */ 95 disable_delayed_work_sync(&conn->timeout_work); 96 97 kfree(conn); 98 } 99 100 static void sco_conn_put(struct sco_conn *conn) 101 { 102 if (!conn) 103 return; 104 105 BT_DBG("conn %p refcnt %d", conn, kref_read(&conn->ref)); 106 107 kref_put(&conn->ref, sco_conn_free); 108 } 109 110 static struct sco_conn *sco_conn_hold(struct sco_conn *conn) 111 { 112 BT_DBG("conn %p refcnt %u", conn, kref_read(&conn->ref)); 113 114 kref_get(&conn->ref); 115 return conn; 116 } 117 118 static struct sco_conn *sco_conn_hold_unless_zero(struct sco_conn *conn) 119 { 120 if (!conn) 121 return NULL; 122 123 BT_DBG("conn %p refcnt %u", conn, kref_read(&conn->ref)); 124 125 if (!kref_get_unless_zero(&conn->ref)) 126 return NULL; 127 128 return conn; 129 } 130 131 static struct sock *sco_sock_hold(struct sco_conn *conn) 132 { 133 if (!conn || !bt_sock_linked(&sco_sk_list, conn->sk)) 134 return NULL; 135 136 sock_hold(conn->sk); 137 138 return conn->sk; 139 } 140 141 static void sco_sock_timeout(struct work_struct *work) 142 { 143 struct sco_conn *conn = container_of(work, struct sco_conn, 144 timeout_work.work); 145 struct sock *sk; 146 147 conn = sco_conn_hold_unless_zero(conn); 148 if (!conn) 149 return; 150 151 sco_conn_lock(conn); 152 if (!conn->hcon) { 153 sco_conn_unlock(conn); 154 sco_conn_put(conn); 155 return; 156 } 157 sk = sco_sock_hold(conn); 158 sco_conn_unlock(conn); 159 sco_conn_put(conn); 160 161 if (!sk) 162 return; 163 164 BT_DBG("sock %p state %d", sk, sk->sk_state); 165 166 lock_sock(sk); 167 sk->sk_err = ETIMEDOUT; 168 sk->sk_state_change(sk); 169 release_sock(sk); 170 sock_put(sk); 171 } 172 173 static void sco_sock_set_timer(struct sock *sk, long timeout) 174 { 175 if (!sco_pi(sk)->conn) 176 return; 177 178 BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout); 179 cancel_delayed_work(&sco_pi(sk)->conn->timeout_work); 180 schedule_delayed_work(&sco_pi(sk)->conn->timeout_work, timeout); 181 } 182 183 static void sco_sock_clear_timer(struct sock *sk) 184 { 185 if (!sco_pi(sk)->conn) 186 return; 187 188 BT_DBG("sock %p state %d", sk, sk->sk_state); 189 cancel_delayed_work(&sco_pi(sk)->conn->timeout_work); 190 } 191 192 /* ---- SCO connections ---- */ 193 static struct sco_conn *sco_conn_add(struct hci_conn *hcon) 194 { 195 struct sco_conn *conn = hcon->sco_data; 196 197 conn = sco_conn_hold_unless_zero(conn); 198 if (conn) { 199 if (!conn->hcon) { 200 sco_conn_lock(conn); 201 conn->hcon = hcon; 202 sco_conn_unlock(conn); 203 } 204 return conn; 205 } 206 207 conn = kzalloc_obj(struct sco_conn); 208 if (!conn) 209 return NULL; 210 211 kref_init(&conn->ref); 212 spin_lock_init(&conn->lock); 213 INIT_DELAYED_WORK(&conn->timeout_work, sco_sock_timeout); 214 215 hcon->sco_data = conn; 216 conn->hcon = hcon; 217 conn->mtu = hcon->mtu; 218 219 if (hcon->mtu > 0) 220 conn->mtu = hcon->mtu; 221 else 222 conn->mtu = 60; 223 224 BT_DBG("hcon %p conn %p", hcon, conn); 225 226 return conn; 227 } 228 229 /* Delete channel. 230 * Must be called on the locked socket. */ 231 static void sco_chan_del(struct sock *sk, int err) 232 { 233 struct sco_conn *conn; 234 235 conn = sco_pi(sk)->conn; 236 sco_pi(sk)->conn = NULL; 237 238 BT_DBG("sk %p, conn %p, err %d", sk, conn, err); 239 240 if (conn) { 241 sco_conn_lock(conn); 242 conn->sk = NULL; 243 sco_conn_unlock(conn); 244 sco_conn_put(conn); 245 } 246 247 sk->sk_state = BT_CLOSED; 248 sk->sk_err = err; 249 sk->sk_state_change(sk); 250 251 sock_set_flag(sk, SOCK_ZAPPED); 252 } 253 254 static void sco_conn_del(struct hci_conn *hcon, int err) 255 { 256 struct sco_conn *conn = hcon->sco_data; 257 struct sock *sk; 258 259 conn = sco_conn_hold_unless_zero(conn); 260 if (!conn) 261 return; 262 263 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err); 264 265 sco_conn_lock(conn); 266 sk = sco_sock_hold(conn); 267 sco_conn_unlock(conn); 268 sco_conn_put(conn); 269 270 if (!sk) { 271 sco_conn_put(conn); 272 return; 273 } 274 275 /* Kill socket */ 276 lock_sock(sk); 277 sco_sock_clear_timer(sk); 278 sco_chan_del(sk, err); 279 release_sock(sk); 280 sock_put(sk); 281 } 282 283 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, 284 struct sock *parent) 285 { 286 BT_DBG("conn %p", conn); 287 288 sco_pi(sk)->conn = conn; 289 conn->sk = sk; 290 291 if (parent) 292 bt_accept_enqueue(parent, sk, true); 293 } 294 295 static int sco_chan_add(struct sco_conn *conn, struct sock *sk, 296 struct sock *parent) 297 { 298 int err = 0; 299 300 sco_conn_lock(conn); 301 if (conn->sk || sco_pi(sk)->conn) 302 err = -EBUSY; 303 else 304 __sco_chan_add(conn, sk, parent); 305 306 sco_conn_unlock(conn); 307 return err; 308 } 309 310 static int sco_connect(struct sock *sk) 311 { 312 struct sco_conn *conn; 313 struct hci_conn *hcon; 314 struct hci_dev *hdev; 315 int err, type; 316 317 BT_DBG("%pMR -> %pMR", &sco_pi(sk)->src, &sco_pi(sk)->dst); 318 319 hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, BDADDR_BREDR); 320 if (!hdev) 321 return -EHOSTUNREACH; 322 323 hci_dev_lock(hdev); 324 325 if (lmp_esco_capable(hdev) && !disable_esco) 326 type = ESCO_LINK; 327 else 328 type = SCO_LINK; 329 330 switch (sco_pi(sk)->setting & SCO_AIRMODE_MASK) { 331 case SCO_AIRMODE_TRANSP: 332 if (!lmp_transp_capable(hdev) || !lmp_esco_capable(hdev)) { 333 err = -EOPNOTSUPP; 334 goto unlock; 335 } 336 break; 337 } 338 339 hcon = hci_connect_sco(hdev, type, &sco_pi(sk)->dst, 340 sco_pi(sk)->setting, &sco_pi(sk)->codec, 341 READ_ONCE(sk->sk_sndtimeo)); 342 if (IS_ERR(hcon)) { 343 err = PTR_ERR(hcon); 344 goto unlock; 345 } 346 347 conn = sco_conn_add(hcon); 348 if (!conn) { 349 hci_conn_drop(hcon); 350 err = -ENOMEM; 351 goto unlock; 352 } 353 354 lock_sock(sk); 355 356 /* Recheck state after reacquiring the socket lock, as another 357 * thread may have changed it (e.g., closed the socket). 358 */ 359 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) { 360 release_sock(sk); 361 hci_conn_drop(hcon); 362 err = -EBADFD; 363 goto unlock; 364 } 365 366 err = sco_chan_add(conn, sk, NULL); 367 if (err) { 368 release_sock(sk); 369 hci_conn_drop(hcon); 370 goto unlock; 371 } 372 373 /* Update source addr of the socket */ 374 bacpy(&sco_pi(sk)->src, &hcon->src); 375 376 if (hcon->state == BT_CONNECTED) { 377 sco_sock_clear_timer(sk); 378 sk->sk_state = BT_CONNECTED; 379 } else { 380 sk->sk_state = BT_CONNECT; 381 sco_sock_set_timer(sk, READ_ONCE(sk->sk_sndtimeo)); 382 } 383 384 release_sock(sk); 385 386 unlock: 387 hci_dev_unlock(hdev); 388 hci_dev_put(hdev); 389 return err; 390 } 391 392 static int sco_send_frame(struct sock *sk, struct sk_buff *skb, 393 const struct sockcm_cookie *sockc) 394 { 395 struct sco_conn *conn = sco_pi(sk)->conn; 396 int len = skb->len; 397 398 /* Check outgoing MTU */ 399 if (len > conn->mtu) 400 return -EINVAL; 401 402 BT_DBG("sk %p len %d", sk, len); 403 404 hci_setup_tx_timestamp(skb, 1, sockc); 405 hci_send_sco(conn->hcon, skb); 406 407 return len; 408 } 409 410 static void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb) 411 { 412 struct sock *sk; 413 414 sco_conn_lock(conn); 415 sk = sco_sock_hold(conn); 416 sco_conn_unlock(conn); 417 418 if (!sk) 419 goto drop; 420 421 BT_DBG("sk %p len %u", sk, skb->len); 422 423 if (sk->sk_state != BT_CONNECTED) 424 goto drop_put; 425 426 if (!sock_queue_rcv_skb(sk, skb)) { 427 sock_put(sk); 428 return; 429 } 430 431 drop_put: 432 sock_put(sk); 433 drop: 434 kfree_skb(skb); 435 } 436 437 /* -------- Socket interface ---------- */ 438 static struct sock *__sco_get_sock_listen_by_addr(bdaddr_t *ba) 439 { 440 struct sock *sk; 441 442 sk_for_each(sk, &sco_sk_list.head) { 443 if (sk->sk_state != BT_LISTEN) 444 continue; 445 446 if (!bacmp(&sco_pi(sk)->src, ba)) 447 return sk; 448 } 449 450 return NULL; 451 } 452 453 /* Find socket listening on source bdaddr. 454 * Returns closest match. 455 */ 456 static struct sock *sco_get_sock_listen(bdaddr_t *src) 457 { 458 struct sock *sk = NULL, *sk1 = NULL; 459 460 read_lock(&sco_sk_list.lock); 461 462 sk_for_each(sk, &sco_sk_list.head) { 463 if (sk->sk_state != BT_LISTEN) 464 continue; 465 466 /* Exact match. */ 467 if (!bacmp(&sco_pi(sk)->src, src)) 468 break; 469 470 /* Closest match */ 471 if (!bacmp(&sco_pi(sk)->src, BDADDR_ANY)) 472 sk1 = sk; 473 } 474 475 sk = sk ? sk : sk1; 476 if (sk) 477 sock_hold(sk); 478 479 read_unlock(&sco_sk_list.lock); 480 481 return sk; 482 } 483 484 static void sco_sock_destruct(struct sock *sk) 485 { 486 BT_DBG("sk %p", sk); 487 488 sco_conn_put(sco_pi(sk)->conn); 489 490 skb_queue_purge(&sk->sk_receive_queue); 491 skb_queue_purge(&sk->sk_write_queue); 492 skb_queue_purge(&sk->sk_error_queue); 493 } 494 495 static void sco_sock_cleanup_listen(struct sock *parent) 496 { 497 struct sock *sk; 498 499 BT_DBG("parent %p", parent); 500 501 /* Close not yet accepted channels */ 502 while ((sk = bt_accept_dequeue(parent, NULL))) { 503 sco_sock_close(sk); 504 sco_sock_kill(sk); 505 } 506 507 parent->sk_state = BT_CLOSED; 508 sock_set_flag(parent, SOCK_ZAPPED); 509 } 510 511 /* Kill socket (only if zapped and orphan) 512 * Must be called on unlocked socket. 513 */ 514 static void sco_sock_kill(struct sock *sk) 515 { 516 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket) 517 return; 518 519 BT_DBG("sk %p state %d", sk, sk->sk_state); 520 521 /* Sock is dead, so set conn->sk to NULL to avoid possible UAF */ 522 lock_sock(sk); 523 if (sco_pi(sk)->conn) { 524 sco_conn_lock(sco_pi(sk)->conn); 525 sco_pi(sk)->conn->sk = NULL; 526 sco_conn_unlock(sco_pi(sk)->conn); 527 } 528 release_sock(sk); 529 530 /* Kill poor orphan */ 531 bt_sock_unlink(&sco_sk_list, sk); 532 sock_set_flag(sk, SOCK_DEAD); 533 sock_put(sk); 534 } 535 536 static void __sco_sock_close(struct sock *sk) 537 { 538 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket); 539 540 switch (sk->sk_state) { 541 case BT_LISTEN: 542 sco_sock_cleanup_listen(sk); 543 break; 544 545 case BT_CONNECTED: 546 case BT_CONFIG: 547 case BT_CONNECT2: 548 case BT_CONNECT: 549 case BT_DISCONN: 550 sco_chan_del(sk, ECONNRESET); 551 break; 552 553 default: 554 sock_set_flag(sk, SOCK_ZAPPED); 555 break; 556 } 557 558 } 559 560 /* Must be called on unlocked socket. */ 561 static void sco_sock_close(struct sock *sk) 562 { 563 lock_sock(sk); 564 sco_sock_clear_timer(sk); 565 __sco_sock_close(sk); 566 release_sock(sk); 567 } 568 569 static void sco_sock_init(struct sock *sk, struct sock *parent) 570 { 571 BT_DBG("sk %p", sk); 572 573 if (parent) { 574 sk->sk_type = parent->sk_type; 575 bt_sk(sk)->flags = bt_sk(parent)->flags; 576 security_sk_clone(parent, sk); 577 } 578 } 579 580 static struct proto sco_proto = { 581 .name = "SCO", 582 .owner = THIS_MODULE, 583 .obj_size = sizeof(struct sco_pinfo) 584 }; 585 586 static struct sock *sco_sock_alloc(struct net *net, struct socket *sock, 587 int proto, gfp_t prio, int kern) 588 { 589 struct sock *sk; 590 591 sk = bt_sock_alloc(net, sock, &sco_proto, proto, prio, kern); 592 if (!sk) 593 return NULL; 594 595 sk->sk_destruct = sco_sock_destruct; 596 sk->sk_sndtimeo = SCO_CONN_TIMEOUT; 597 598 sco_pi(sk)->setting = BT_VOICE_CVSD_16BIT; 599 sco_pi(sk)->codec.id = BT_CODEC_CVSD; 600 sco_pi(sk)->codec.cid = 0xffff; 601 sco_pi(sk)->codec.vid = 0xffff; 602 sco_pi(sk)->codec.data_path = 0x00; 603 604 bt_sock_link(&sco_sk_list, sk); 605 return sk; 606 } 607 608 static int sco_sock_create(struct net *net, struct socket *sock, int protocol, 609 int kern) 610 { 611 struct sock *sk; 612 613 BT_DBG("sock %p", sock); 614 615 sock->state = SS_UNCONNECTED; 616 617 if (sock->type != SOCK_SEQPACKET) 618 return -ESOCKTNOSUPPORT; 619 620 sock->ops = &sco_sock_ops; 621 622 sk = sco_sock_alloc(net, sock, protocol, GFP_ATOMIC, kern); 623 if (!sk) 624 return -ENOMEM; 625 626 sco_sock_init(sk, NULL); 627 return 0; 628 } 629 630 static int sco_sock_bind(struct socket *sock, struct sockaddr_unsized *addr, 631 int addr_len) 632 { 633 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 634 struct sock *sk = sock->sk; 635 int err = 0; 636 637 if (!addr || addr_len < sizeof(struct sockaddr_sco) || 638 addr->sa_family != AF_BLUETOOTH) 639 return -EINVAL; 640 641 BT_DBG("sk %p %pMR", sk, &sa->sco_bdaddr); 642 643 lock_sock(sk); 644 645 if (sk->sk_state != BT_OPEN) { 646 err = -EBADFD; 647 goto done; 648 } 649 650 if (sk->sk_type != SOCK_SEQPACKET) { 651 err = -EINVAL; 652 goto done; 653 } 654 655 bacpy(&sco_pi(sk)->src, &sa->sco_bdaddr); 656 657 sk->sk_state = BT_BOUND; 658 659 done: 660 release_sock(sk); 661 return err; 662 } 663 664 static int sco_sock_connect(struct socket *sock, struct sockaddr_unsized *addr, int alen, int flags) 665 { 666 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 667 struct sock *sk = sock->sk; 668 int err; 669 670 BT_DBG("sk %p", sk); 671 672 if (alen < sizeof(struct sockaddr_sco) || 673 addr->sa_family != AF_BLUETOOTH) 674 return -EINVAL; 675 676 lock_sock(sk); 677 678 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) { 679 release_sock(sk); 680 return -EBADFD; 681 } 682 683 if (sk->sk_type != SOCK_SEQPACKET) { 684 release_sock(sk); 685 return -EINVAL; 686 } 687 688 /* Set destination address and psm */ 689 bacpy(&sco_pi(sk)->dst, &sa->sco_bdaddr); 690 release_sock(sk); 691 692 err = sco_connect(sk); 693 if (err) 694 return err; 695 696 lock_sock(sk); 697 698 err = bt_sock_wait_state(sk, BT_CONNECTED, 699 sock_sndtimeo(sk, flags & O_NONBLOCK)); 700 701 release_sock(sk); 702 return err; 703 } 704 705 static int sco_sock_listen(struct socket *sock, int backlog) 706 { 707 struct sock *sk = sock->sk; 708 bdaddr_t *src = &sco_pi(sk)->src; 709 int err = 0; 710 711 BT_DBG("sk %p backlog %d", sk, backlog); 712 713 lock_sock(sk); 714 715 if (sk->sk_state != BT_BOUND) { 716 err = -EBADFD; 717 goto done; 718 } 719 720 if (sk->sk_type != SOCK_SEQPACKET) { 721 err = -EINVAL; 722 goto done; 723 } 724 725 write_lock(&sco_sk_list.lock); 726 727 if (__sco_get_sock_listen_by_addr(src)) { 728 err = -EADDRINUSE; 729 goto unlock; 730 } 731 732 sk->sk_max_ack_backlog = backlog; 733 sk->sk_ack_backlog = 0; 734 735 sk->sk_state = BT_LISTEN; 736 737 unlock: 738 write_unlock(&sco_sk_list.lock); 739 740 done: 741 release_sock(sk); 742 return err; 743 } 744 745 static int sco_sock_accept(struct socket *sock, struct socket *newsock, 746 struct proto_accept_arg *arg) 747 { 748 DEFINE_WAIT_FUNC(wait, woken_wake_function); 749 struct sock *sk = sock->sk, *ch; 750 long timeo; 751 int err = 0; 752 753 lock_sock(sk); 754 755 timeo = sock_rcvtimeo(sk, arg->flags & O_NONBLOCK); 756 757 BT_DBG("sk %p timeo %ld", sk, timeo); 758 759 /* Wait for an incoming connection. (wake-one). */ 760 add_wait_queue_exclusive(sk_sleep(sk), &wait); 761 while (1) { 762 if (sk->sk_state != BT_LISTEN) { 763 err = -EBADFD; 764 break; 765 } 766 767 ch = bt_accept_dequeue(sk, newsock); 768 if (ch) 769 break; 770 771 if (!timeo) { 772 err = -EAGAIN; 773 break; 774 } 775 776 if (signal_pending(current)) { 777 err = sock_intr_errno(timeo); 778 break; 779 } 780 781 release_sock(sk); 782 783 timeo = wait_woken(&wait, TASK_INTERRUPTIBLE, timeo); 784 lock_sock(sk); 785 } 786 remove_wait_queue(sk_sleep(sk), &wait); 787 788 if (err) 789 goto done; 790 791 newsock->state = SS_CONNECTED; 792 793 BT_DBG("new socket %p", ch); 794 795 done: 796 release_sock(sk); 797 return err; 798 } 799 800 static int sco_sock_getname(struct socket *sock, struct sockaddr *addr, 801 int peer) 802 { 803 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 804 struct sock *sk = sock->sk; 805 806 BT_DBG("sock %p, sk %p", sock, sk); 807 808 addr->sa_family = AF_BLUETOOTH; 809 810 if (peer) 811 bacpy(&sa->sco_bdaddr, &sco_pi(sk)->dst); 812 else 813 bacpy(&sa->sco_bdaddr, &sco_pi(sk)->src); 814 815 return sizeof(struct sockaddr_sco); 816 } 817 818 static int sco_sock_sendmsg(struct socket *sock, struct msghdr *msg, 819 size_t len) 820 { 821 struct sock *sk = sock->sk; 822 struct sk_buff *skb; 823 struct sockcm_cookie sockc; 824 int err; 825 826 BT_DBG("sock %p, sk %p", sock, sk); 827 828 err = sock_error(sk); 829 if (err) 830 return err; 831 832 if (msg->msg_flags & MSG_OOB) 833 return -EOPNOTSUPP; 834 835 hci_sockcm_init(&sockc, sk); 836 837 if (msg->msg_controllen) { 838 err = sock_cmsg_send(sk, msg, &sockc); 839 if (err) 840 return err; 841 } 842 843 skb = bt_skb_sendmsg(sk, msg, len, len, 0, 0); 844 if (IS_ERR(skb)) 845 return PTR_ERR(skb); 846 847 lock_sock(sk); 848 849 if (sk->sk_state == BT_CONNECTED) 850 err = sco_send_frame(sk, skb, &sockc); 851 else 852 err = -ENOTCONN; 853 854 release_sock(sk); 855 856 if (err < 0) 857 kfree_skb(skb); 858 return err; 859 } 860 861 static void sco_conn_defer_accept(struct hci_conn *conn, u16 setting) 862 { 863 struct hci_dev *hdev = conn->hdev; 864 865 BT_DBG("conn %p", conn); 866 867 conn->state = BT_CONFIG; 868 869 if (!lmp_esco_capable(hdev)) { 870 struct hci_cp_accept_conn_req cp; 871 872 bacpy(&cp.bdaddr, &conn->dst); 873 cp.role = 0x00; /* Ignored */ 874 875 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp), &cp); 876 } else { 877 struct hci_cp_accept_sync_conn_req cp; 878 879 bacpy(&cp.bdaddr, &conn->dst); 880 cp.pkt_type = cpu_to_le16(conn->pkt_type); 881 882 cp.tx_bandwidth = cpu_to_le32(0x00001f40); 883 cp.rx_bandwidth = cpu_to_le32(0x00001f40); 884 cp.content_format = cpu_to_le16(setting); 885 886 switch (setting & SCO_AIRMODE_MASK) { 887 case SCO_AIRMODE_TRANSP: 888 if (conn->pkt_type & ESCO_2EV3) 889 cp.max_latency = cpu_to_le16(0x0008); 890 else 891 cp.max_latency = cpu_to_le16(0x000D); 892 cp.retrans_effort = 0x02; 893 break; 894 case SCO_AIRMODE_CVSD: 895 cp.max_latency = cpu_to_le16(0xffff); 896 cp.retrans_effort = 0xff; 897 break; 898 default: 899 /* use CVSD settings as fallback */ 900 cp.max_latency = cpu_to_le16(0xffff); 901 cp.retrans_effort = 0xff; 902 break; 903 } 904 905 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ, 906 sizeof(cp), &cp); 907 } 908 } 909 910 static int sco_sock_recvmsg(struct socket *sock, struct msghdr *msg, 911 size_t len, int flags) 912 { 913 struct sock *sk = sock->sk; 914 struct sco_pinfo *pi = sco_pi(sk); 915 916 if (unlikely(flags & MSG_ERRQUEUE)) 917 return sock_recv_errqueue(sk, msg, len, SOL_BLUETOOTH, 918 BT_SCM_ERROR); 919 920 lock_sock(sk); 921 922 if (sk->sk_state == BT_CONNECT2 && 923 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) { 924 sco_conn_defer_accept(pi->conn->hcon, pi->setting); 925 sk->sk_state = BT_CONFIG; 926 927 release_sock(sk); 928 return 0; 929 } 930 931 release_sock(sk); 932 933 return bt_sock_recvmsg(sock, msg, len, flags); 934 } 935 936 static int sco_sock_setsockopt(struct socket *sock, int level, int optname, 937 sockptr_t optval, unsigned int optlen) 938 { 939 struct sock *sk = sock->sk; 940 int err = 0; 941 struct bt_voice voice; 942 u32 opt; 943 struct bt_codecs *codecs; 944 struct hci_dev *hdev; 945 __u8 buffer[255]; 946 947 BT_DBG("sk %p", sk); 948 949 lock_sock(sk); 950 951 switch (optname) { 952 953 case BT_DEFER_SETUP: 954 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) { 955 err = -EINVAL; 956 break; 957 } 958 959 err = copy_safe_from_sockptr(&opt, sizeof(opt), optval, optlen); 960 if (err) 961 break; 962 963 if (opt) 964 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags); 965 else 966 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags); 967 break; 968 969 case BT_VOICE: 970 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND && 971 sk->sk_state != BT_CONNECT2) { 972 err = -EINVAL; 973 break; 974 } 975 976 voice.setting = sco_pi(sk)->setting; 977 978 err = copy_safe_from_sockptr(&voice, sizeof(voice), optval, 979 optlen); 980 if (err) 981 break; 982 983 sco_pi(sk)->setting = voice.setting; 984 hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, 985 BDADDR_BREDR); 986 if (!hdev) { 987 err = -EBADFD; 988 break; 989 } 990 991 switch (sco_pi(sk)->setting & SCO_AIRMODE_MASK) { 992 case SCO_AIRMODE_TRANSP: 993 if (enhanced_sync_conn_capable(hdev)) 994 sco_pi(sk)->codec.id = BT_CODEC_TRANSPARENT; 995 break; 996 } 997 998 hci_dev_put(hdev); 999 break; 1000 1001 case BT_PKT_STATUS: 1002 err = copy_safe_from_sockptr(&opt, sizeof(opt), optval, optlen); 1003 if (err) 1004 break; 1005 1006 if (opt) 1007 set_bit(BT_SK_PKT_STATUS, &bt_sk(sk)->flags); 1008 else 1009 clear_bit(BT_SK_PKT_STATUS, &bt_sk(sk)->flags); 1010 break; 1011 1012 case BT_CODEC: 1013 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND && 1014 sk->sk_state != BT_CONNECT2) { 1015 err = -EINVAL; 1016 break; 1017 } 1018 1019 hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, 1020 BDADDR_BREDR); 1021 if (!hdev) { 1022 err = -EBADFD; 1023 break; 1024 } 1025 1026 if (!hci_dev_test_flag(hdev, HCI_OFFLOAD_CODECS_ENABLED)) { 1027 hci_dev_put(hdev); 1028 err = -EOPNOTSUPP; 1029 break; 1030 } 1031 1032 if (!hdev->get_data_path_id) { 1033 hci_dev_put(hdev); 1034 err = -EOPNOTSUPP; 1035 break; 1036 } 1037 1038 if (optlen < sizeof(struct bt_codecs) || 1039 optlen > sizeof(buffer)) { 1040 hci_dev_put(hdev); 1041 err = -EINVAL; 1042 break; 1043 } 1044 1045 err = copy_struct_from_sockptr(buffer, sizeof(buffer), optval, 1046 optlen); 1047 if (err) { 1048 hci_dev_put(hdev); 1049 break; 1050 } 1051 1052 codecs = (void *)buffer; 1053 1054 if (codecs->num_codecs != 1 || 1055 optlen < struct_size(codecs, codecs, codecs->num_codecs)) { 1056 hci_dev_put(hdev); 1057 err = -EINVAL; 1058 break; 1059 } 1060 1061 sco_pi(sk)->codec = codecs->codecs[0]; 1062 hci_dev_put(hdev); 1063 break; 1064 1065 default: 1066 err = -ENOPROTOOPT; 1067 break; 1068 } 1069 1070 release_sock(sk); 1071 return err; 1072 } 1073 1074 static int sco_sock_getsockopt_old(struct socket *sock, int optname, 1075 char __user *optval, int __user *optlen) 1076 { 1077 struct sock *sk = sock->sk; 1078 struct sco_options opts; 1079 struct sco_conninfo cinfo; 1080 int err = 0; 1081 size_t len; 1082 1083 BT_DBG("sk %p", sk); 1084 1085 if (get_user(len, optlen)) 1086 return -EFAULT; 1087 1088 lock_sock(sk); 1089 1090 switch (optname) { 1091 case SCO_OPTIONS: 1092 if (sk->sk_state != BT_CONNECTED && 1093 !(sk->sk_state == BT_CONNECT2 && 1094 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) { 1095 err = -ENOTCONN; 1096 break; 1097 } 1098 1099 opts.mtu = sco_pi(sk)->conn->mtu; 1100 1101 BT_DBG("mtu %u", opts.mtu); 1102 1103 len = min(len, sizeof(opts)); 1104 if (copy_to_user(optval, (char *)&opts, len)) 1105 err = -EFAULT; 1106 1107 break; 1108 1109 case SCO_CONNINFO: 1110 if (sk->sk_state != BT_CONNECTED && 1111 !(sk->sk_state == BT_CONNECT2 && 1112 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) { 1113 err = -ENOTCONN; 1114 break; 1115 } 1116 1117 memset(&cinfo, 0, sizeof(cinfo)); 1118 cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle; 1119 memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3); 1120 1121 len = min(len, sizeof(cinfo)); 1122 if (copy_to_user(optval, (char *)&cinfo, len)) 1123 err = -EFAULT; 1124 1125 break; 1126 1127 default: 1128 err = -ENOPROTOOPT; 1129 break; 1130 } 1131 1132 release_sock(sk); 1133 return err; 1134 } 1135 1136 static int sco_sock_getsockopt(struct socket *sock, int level, int optname, 1137 char __user *optval, int __user *optlen) 1138 { 1139 struct sock *sk = sock->sk; 1140 int len, err = 0; 1141 struct bt_voice voice; 1142 u32 phys; 1143 int buf_len; 1144 struct codec_list *c; 1145 u8 num_codecs, i, __user *ptr; 1146 struct hci_dev *hdev; 1147 struct hci_codec_caps *caps; 1148 struct bt_codec codec; 1149 1150 BT_DBG("sk %p", sk); 1151 1152 if (level == SOL_SCO) 1153 return sco_sock_getsockopt_old(sock, optname, optval, optlen); 1154 1155 if (get_user(len, optlen)) 1156 return -EFAULT; 1157 1158 lock_sock(sk); 1159 1160 switch (optname) { 1161 1162 case BT_DEFER_SETUP: 1163 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) { 1164 err = -EINVAL; 1165 break; 1166 } 1167 1168 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags), 1169 (u32 __user *)optval)) 1170 err = -EFAULT; 1171 1172 break; 1173 1174 case BT_VOICE: 1175 voice.setting = sco_pi(sk)->setting; 1176 1177 len = min_t(unsigned int, len, sizeof(voice)); 1178 if (copy_to_user(optval, (char *)&voice, len)) 1179 err = -EFAULT; 1180 1181 break; 1182 1183 case BT_PHY: 1184 if (sk->sk_state != BT_CONNECTED) { 1185 err = -ENOTCONN; 1186 break; 1187 } 1188 1189 phys = hci_conn_get_phy(sco_pi(sk)->conn->hcon); 1190 1191 if (put_user(phys, (u32 __user *) optval)) 1192 err = -EFAULT; 1193 break; 1194 1195 case BT_PKT_STATUS: 1196 if (put_user(test_bit(BT_SK_PKT_STATUS, &bt_sk(sk)->flags), 1197 (int __user *)optval)) 1198 err = -EFAULT; 1199 break; 1200 1201 case BT_SNDMTU: 1202 case BT_RCVMTU: 1203 if (sk->sk_state != BT_CONNECTED) { 1204 err = -ENOTCONN; 1205 break; 1206 } 1207 1208 if (put_user(sco_pi(sk)->conn->mtu, (u32 __user *)optval)) 1209 err = -EFAULT; 1210 break; 1211 1212 case BT_CODEC: 1213 num_codecs = 0; 1214 buf_len = 0; 1215 1216 hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, BDADDR_BREDR); 1217 if (!hdev) { 1218 err = -EBADFD; 1219 break; 1220 } 1221 1222 if (!hci_dev_test_flag(hdev, HCI_OFFLOAD_CODECS_ENABLED)) { 1223 hci_dev_put(hdev); 1224 err = -EOPNOTSUPP; 1225 break; 1226 } 1227 1228 if (!hdev->get_data_path_id) { 1229 hci_dev_put(hdev); 1230 err = -EOPNOTSUPP; 1231 break; 1232 } 1233 1234 release_sock(sk); 1235 1236 /* find total buffer size required to copy codec + caps */ 1237 hci_dev_lock(hdev); 1238 list_for_each_entry(c, &hdev->local_codecs, list) { 1239 if (c->transport != HCI_TRANSPORT_SCO_ESCO) 1240 continue; 1241 num_codecs++; 1242 for (i = 0, caps = c->caps; i < c->num_caps; i++) { 1243 buf_len += 1 + caps->len; 1244 caps = (void *)&caps->data[caps->len]; 1245 } 1246 buf_len += sizeof(struct bt_codec); 1247 } 1248 hci_dev_unlock(hdev); 1249 1250 buf_len += sizeof(struct bt_codecs); 1251 if (buf_len > len) { 1252 hci_dev_put(hdev); 1253 return -ENOBUFS; 1254 } 1255 ptr = optval; 1256 1257 if (put_user(num_codecs, ptr)) { 1258 hci_dev_put(hdev); 1259 return -EFAULT; 1260 } 1261 ptr += sizeof(num_codecs); 1262 1263 /* Iterate all the codecs supported over SCO and populate 1264 * codec data 1265 */ 1266 hci_dev_lock(hdev); 1267 list_for_each_entry(c, &hdev->local_codecs, list) { 1268 if (c->transport != HCI_TRANSPORT_SCO_ESCO) 1269 continue; 1270 1271 codec.id = c->id; 1272 codec.cid = c->cid; 1273 codec.vid = c->vid; 1274 err = hdev->get_data_path_id(hdev, &codec.data_path); 1275 if (err < 0) 1276 break; 1277 codec.num_caps = c->num_caps; 1278 if (copy_to_user(ptr, &codec, sizeof(codec))) { 1279 err = -EFAULT; 1280 break; 1281 } 1282 ptr += sizeof(codec); 1283 1284 /* find codec capabilities data length */ 1285 len = 0; 1286 for (i = 0, caps = c->caps; i < c->num_caps; i++) { 1287 len += 1 + caps->len; 1288 caps = (void *)&caps->data[caps->len]; 1289 } 1290 1291 /* copy codec capabilities data */ 1292 if (len && copy_to_user(ptr, c->caps, len)) { 1293 err = -EFAULT; 1294 break; 1295 } 1296 ptr += len; 1297 } 1298 1299 hci_dev_unlock(hdev); 1300 hci_dev_put(hdev); 1301 1302 lock_sock(sk); 1303 1304 if (!err && put_user(buf_len, optlen)) 1305 err = -EFAULT; 1306 1307 break; 1308 1309 default: 1310 err = -ENOPROTOOPT; 1311 break; 1312 } 1313 1314 release_sock(sk); 1315 return err; 1316 } 1317 1318 static int sco_sock_shutdown(struct socket *sock, int how) 1319 { 1320 struct sock *sk = sock->sk; 1321 int err = 0; 1322 1323 BT_DBG("sock %p, sk %p", sock, sk); 1324 1325 if (!sk) 1326 return 0; 1327 1328 sock_hold(sk); 1329 lock_sock(sk); 1330 1331 if (!sk->sk_shutdown) { 1332 sk->sk_shutdown = SHUTDOWN_MASK; 1333 sco_sock_clear_timer(sk); 1334 __sco_sock_close(sk); 1335 1336 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime && 1337 !(current->flags & PF_EXITING)) 1338 err = bt_sock_wait_state(sk, BT_CLOSED, 1339 sk->sk_lingertime); 1340 } 1341 1342 release_sock(sk); 1343 sock_put(sk); 1344 1345 return err; 1346 } 1347 1348 static int sco_sock_release(struct socket *sock) 1349 { 1350 struct sock *sk = sock->sk; 1351 int err = 0; 1352 1353 BT_DBG("sock %p, sk %p", sock, sk); 1354 1355 if (!sk) 1356 return 0; 1357 1358 sco_sock_close(sk); 1359 1360 if (sock_flag(sk, SOCK_LINGER) && READ_ONCE(sk->sk_lingertime) && 1361 !(current->flags & PF_EXITING)) { 1362 lock_sock(sk); 1363 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime); 1364 release_sock(sk); 1365 } 1366 1367 sock_orphan(sk); 1368 sco_sock_kill(sk); 1369 return err; 1370 } 1371 1372 static void sco_conn_ready(struct sco_conn *conn) 1373 { 1374 struct sock *parent, *sk; 1375 1376 sco_conn_lock(conn); 1377 sk = sco_sock_hold(conn); 1378 sco_conn_unlock(conn); 1379 1380 BT_DBG("conn %p", conn); 1381 1382 if (sk) { 1383 lock_sock(sk); 1384 1385 /* conn->sk may have become NULL if racing with sk close, but 1386 * due to held hdev->lock, it can't become different sk. 1387 */ 1388 if (conn->sk) { 1389 sco_sock_clear_timer(sk); 1390 sk->sk_state = BT_CONNECTED; 1391 sk->sk_state_change(sk); 1392 } 1393 1394 release_sock(sk); 1395 sock_put(sk); 1396 } else { 1397 if (!conn->hcon) 1398 return; 1399 1400 lockdep_assert_held(&conn->hcon->hdev->lock); 1401 1402 parent = sco_get_sock_listen(&conn->hcon->src); 1403 if (!parent) 1404 return; 1405 1406 lock_sock(parent); 1407 1408 sco_conn_lock(conn); 1409 1410 /* hdev->lock guarantees conn->sk == NULL still here */ 1411 1412 if (parent->sk_state != BT_LISTEN) 1413 goto release; 1414 1415 sk = sco_sock_alloc(sock_net(parent), NULL, 1416 BTPROTO_SCO, GFP_ATOMIC, 0); 1417 if (!sk) 1418 goto release; 1419 1420 sco_sock_init(sk, parent); 1421 1422 bacpy(&sco_pi(sk)->src, &conn->hcon->src); 1423 bacpy(&sco_pi(sk)->dst, &conn->hcon->dst); 1424 1425 sco_conn_hold(conn); 1426 hci_conn_hold(conn->hcon); 1427 __sco_chan_add(conn, sk, parent); 1428 1429 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags)) 1430 sk->sk_state = BT_CONNECT2; 1431 else 1432 sk->sk_state = BT_CONNECTED; 1433 1434 /* Wake up parent */ 1435 parent->sk_data_ready(parent); 1436 1437 release: 1438 sco_conn_unlock(conn); 1439 release_sock(parent); 1440 sock_put(parent); 1441 } 1442 } 1443 1444 /* ----- SCO interface with lower layer (HCI) ----- */ 1445 int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 *flags) 1446 { 1447 struct sock *sk; 1448 int lm = 0; 1449 1450 BT_DBG("hdev %s, bdaddr %pMR", hdev->name, bdaddr); 1451 1452 /* Find listening sockets */ 1453 read_lock(&sco_sk_list.lock); 1454 sk_for_each(sk, &sco_sk_list.head) { 1455 if (sk->sk_state != BT_LISTEN) 1456 continue; 1457 1458 if (!bacmp(&sco_pi(sk)->src, &hdev->bdaddr) || 1459 !bacmp(&sco_pi(sk)->src, BDADDR_ANY)) { 1460 lm |= HCI_LM_ACCEPT; 1461 1462 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) 1463 *flags |= HCI_PROTO_DEFER; 1464 break; 1465 } 1466 } 1467 read_unlock(&sco_sk_list.lock); 1468 1469 return lm; 1470 } 1471 1472 static void sco_connect_cfm(struct hci_conn *hcon, __u8 status) 1473 { 1474 if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK) 1475 return; 1476 1477 BT_DBG("hcon %p bdaddr %pMR status %u", hcon, &hcon->dst, status); 1478 1479 if (!status) { 1480 struct sco_conn *conn; 1481 1482 conn = sco_conn_add(hcon); 1483 if (conn) { 1484 sco_conn_ready(conn); 1485 sco_conn_put(conn); 1486 } 1487 } else 1488 sco_conn_del(hcon, bt_to_errno(status)); 1489 } 1490 1491 static void sco_disconn_cfm(struct hci_conn *hcon, __u8 reason) 1492 { 1493 if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK) 1494 return; 1495 1496 BT_DBG("hcon %p reason %d", hcon, reason); 1497 1498 sco_conn_del(hcon, bt_to_errno(reason)); 1499 } 1500 1501 int sco_recv_scodata(struct hci_dev *hdev, u16 handle, struct sk_buff *skb) 1502 { 1503 struct hci_conn *hcon; 1504 struct sco_conn *conn; 1505 1506 hci_dev_lock(hdev); 1507 1508 hcon = hci_conn_hash_lookup_handle(hdev, handle); 1509 if (!hcon) { 1510 hci_dev_unlock(hdev); 1511 kfree_skb(skb); 1512 return -ENOENT; 1513 } 1514 1515 conn = sco_conn_hold_unless_zero(hcon->sco_data); 1516 hcon = NULL; 1517 1518 hci_dev_unlock(hdev); 1519 1520 if (!conn) { 1521 kfree_skb(skb); 1522 return -EINVAL; 1523 } 1524 1525 BT_DBG("conn %p len %u", conn, skb->len); 1526 1527 if (skb->len) 1528 sco_recv_frame(conn, skb); 1529 else 1530 kfree_skb(skb); 1531 1532 sco_conn_put(conn); 1533 return 0; 1534 } 1535 1536 static struct hci_cb sco_cb = { 1537 .name = "SCO", 1538 .connect_cfm = sco_connect_cfm, 1539 .disconn_cfm = sco_disconn_cfm, 1540 }; 1541 1542 static int sco_debugfs_show(struct seq_file *f, void *p) 1543 { 1544 struct sock *sk; 1545 1546 read_lock(&sco_sk_list.lock); 1547 1548 sk_for_each(sk, &sco_sk_list.head) { 1549 seq_printf(f, "%pMR %pMR %d\n", &sco_pi(sk)->src, 1550 &sco_pi(sk)->dst, sk->sk_state); 1551 } 1552 1553 read_unlock(&sco_sk_list.lock); 1554 1555 return 0; 1556 } 1557 1558 DEFINE_SHOW_ATTRIBUTE(sco_debugfs); 1559 1560 static struct dentry *sco_debugfs; 1561 1562 static const struct proto_ops sco_sock_ops = { 1563 .family = PF_BLUETOOTH, 1564 .owner = THIS_MODULE, 1565 .release = sco_sock_release, 1566 .bind = sco_sock_bind, 1567 .connect = sco_sock_connect, 1568 .listen = sco_sock_listen, 1569 .accept = sco_sock_accept, 1570 .getname = sco_sock_getname, 1571 .sendmsg = sco_sock_sendmsg, 1572 .recvmsg = sco_sock_recvmsg, 1573 .poll = bt_sock_poll, 1574 .ioctl = bt_sock_ioctl, 1575 .gettstamp = sock_gettstamp, 1576 .mmap = sock_no_mmap, 1577 .socketpair = sock_no_socketpair, 1578 .shutdown = sco_sock_shutdown, 1579 .setsockopt = sco_sock_setsockopt, 1580 .getsockopt = sco_sock_getsockopt 1581 }; 1582 1583 static const struct net_proto_family sco_sock_family_ops = { 1584 .family = PF_BLUETOOTH, 1585 .owner = THIS_MODULE, 1586 .create = sco_sock_create, 1587 }; 1588 1589 int __init sco_init(void) 1590 { 1591 int err; 1592 1593 BUILD_BUG_ON(sizeof(struct sockaddr_sco) > sizeof(struct sockaddr)); 1594 1595 err = proto_register(&sco_proto, 0); 1596 if (err < 0) 1597 return err; 1598 1599 err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops); 1600 if (err < 0) { 1601 BT_ERR("SCO socket registration failed"); 1602 goto error; 1603 } 1604 1605 err = bt_procfs_init(&init_net, "sco", &sco_sk_list, NULL); 1606 if (err < 0) { 1607 BT_ERR("Failed to create SCO proc file"); 1608 bt_sock_unregister(BTPROTO_SCO); 1609 goto error; 1610 } 1611 1612 BT_INFO("SCO socket layer initialized"); 1613 1614 hci_register_cb(&sco_cb); 1615 1616 if (IS_ERR_OR_NULL(bt_debugfs)) 1617 return 0; 1618 1619 sco_debugfs = debugfs_create_file("sco", 0444, bt_debugfs, 1620 NULL, &sco_debugfs_fops); 1621 1622 return 0; 1623 1624 error: 1625 proto_unregister(&sco_proto); 1626 return err; 1627 } 1628 1629 void sco_exit(void) 1630 { 1631 bt_procfs_cleanup(&init_net, "sco"); 1632 1633 debugfs_remove(sco_debugfs); 1634 1635 hci_unregister_cb(&sco_cb); 1636 1637 bt_sock_unregister(BTPROTO_SCO); 1638 1639 proto_unregister(&sco_proto); 1640 } 1641 1642 module_param(disable_esco, bool, 0644); 1643 MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation"); 1644