1 /* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (C) 2000-2001 Qualcomm Incorporated 4 5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 6 7 This program is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License version 2 as 9 published by the Free Software Foundation; 10 11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 22 SOFTWARE IS DISCLAIMED. 23 */ 24 25 /* Bluetooth SCO sockets. */ 26 27 #include <linux/module.h> 28 #include <linux/debugfs.h> 29 #include <linux/seq_file.h> 30 #include <linux/sched/signal.h> 31 32 #include <net/bluetooth/bluetooth.h> 33 #include <net/bluetooth/hci_core.h> 34 #include <net/bluetooth/sco.h> 35 36 static bool disable_esco; 37 38 static const struct proto_ops sco_sock_ops; 39 40 static struct bt_sock_list sco_sk_list = { 41 .lock = __RW_LOCK_UNLOCKED(sco_sk_list.lock) 42 }; 43 44 /* ---- SCO connections ---- */ 45 struct sco_conn { 46 struct hci_conn *hcon; 47 48 spinlock_t lock; 49 struct sock *sk; 50 51 struct delayed_work timeout_work; 52 53 unsigned int mtu; 54 struct kref ref; 55 }; 56 57 #define sco_conn_lock(c) spin_lock(&c->lock) 58 #define sco_conn_unlock(c) spin_unlock(&c->lock) 59 60 static void sco_sock_close(struct sock *sk); 61 static void sco_sock_kill(struct sock *sk); 62 63 /* ----- SCO socket info ----- */ 64 #define sco_pi(sk) ((struct sco_pinfo *) sk) 65 66 struct sco_pinfo { 67 struct bt_sock bt; 68 bdaddr_t src; 69 bdaddr_t dst; 70 __u32 flags; 71 __u16 setting; 72 struct bt_codec codec; 73 struct sco_conn *conn; 74 }; 75 76 /* ---- SCO timers ---- */ 77 #define SCO_CONN_TIMEOUT (HZ * 40) 78 #define SCO_DISCONN_TIMEOUT (HZ * 2) 79 80 static void sco_conn_free(struct kref *ref) 81 { 82 struct sco_conn *conn = container_of(ref, struct sco_conn, ref); 83 84 BT_DBG("conn %p", conn); 85 86 if (conn->sk) 87 sco_pi(conn->sk)->conn = NULL; 88 89 if (conn->hcon) { 90 conn->hcon->sco_data = NULL; 91 hci_conn_drop(conn->hcon); 92 } 93 94 /* Ensure no more work items will run since hci_conn has been dropped */ 95 disable_delayed_work_sync(&conn->timeout_work); 96 97 kfree(conn); 98 } 99 100 static void sco_conn_put(struct sco_conn *conn) 101 { 102 if (!conn) 103 return; 104 105 BT_DBG("conn %p refcnt %d", conn, kref_read(&conn->ref)); 106 107 kref_put(&conn->ref, sco_conn_free); 108 } 109 110 static struct sco_conn *sco_conn_hold(struct sco_conn *conn) 111 { 112 BT_DBG("conn %p refcnt %u", conn, kref_read(&conn->ref)); 113 114 kref_get(&conn->ref); 115 return conn; 116 } 117 118 static struct sco_conn *sco_conn_hold_unless_zero(struct sco_conn *conn) 119 { 120 if (!conn) 121 return NULL; 122 123 BT_DBG("conn %p refcnt %u", conn, kref_read(&conn->ref)); 124 125 if (!kref_get_unless_zero(&conn->ref)) 126 return NULL; 127 128 return conn; 129 } 130 131 static struct sock *sco_sock_hold(struct sco_conn *conn) 132 { 133 if (!conn || !bt_sock_linked(&sco_sk_list, conn->sk)) 134 return NULL; 135 136 sock_hold(conn->sk); 137 138 return conn->sk; 139 } 140 141 static void sco_sock_timeout(struct work_struct *work) 142 { 143 struct sco_conn *conn = container_of(work, struct sco_conn, 144 timeout_work.work); 145 struct sock *sk; 146 147 conn = sco_conn_hold_unless_zero(conn); 148 if (!conn) 149 return; 150 151 sco_conn_lock(conn); 152 if (!conn->hcon) { 153 sco_conn_unlock(conn); 154 sco_conn_put(conn); 155 return; 156 } 157 sk = sco_sock_hold(conn); 158 sco_conn_unlock(conn); 159 sco_conn_put(conn); 160 161 if (!sk) 162 return; 163 164 BT_DBG("sock %p state %d", sk, sk->sk_state); 165 166 lock_sock(sk); 167 sk->sk_err = ETIMEDOUT; 168 sk->sk_state_change(sk); 169 release_sock(sk); 170 sock_put(sk); 171 } 172 173 static void sco_sock_set_timer(struct sock *sk, long timeout) 174 { 175 if (!sco_pi(sk)->conn) 176 return; 177 178 BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout); 179 cancel_delayed_work(&sco_pi(sk)->conn->timeout_work); 180 schedule_delayed_work(&sco_pi(sk)->conn->timeout_work, timeout); 181 } 182 183 static void sco_sock_clear_timer(struct sock *sk) 184 { 185 if (!sco_pi(sk)->conn) 186 return; 187 188 BT_DBG("sock %p state %d", sk, sk->sk_state); 189 cancel_delayed_work(&sco_pi(sk)->conn->timeout_work); 190 } 191 192 /* ---- SCO connections ---- */ 193 static struct sco_conn *sco_conn_add(struct hci_conn *hcon) 194 { 195 struct sco_conn *conn = hcon->sco_data; 196 197 conn = sco_conn_hold_unless_zero(conn); 198 if (conn) { 199 if (!conn->hcon) { 200 sco_conn_lock(conn); 201 conn->hcon = hcon; 202 sco_conn_unlock(conn); 203 } 204 return conn; 205 } 206 207 conn = kzalloc(sizeof(struct sco_conn), GFP_KERNEL); 208 if (!conn) 209 return NULL; 210 211 kref_init(&conn->ref); 212 spin_lock_init(&conn->lock); 213 INIT_DELAYED_WORK(&conn->timeout_work, sco_sock_timeout); 214 215 hcon->sco_data = conn; 216 conn->hcon = hcon; 217 conn->mtu = hcon->mtu; 218 219 if (hcon->mtu > 0) 220 conn->mtu = hcon->mtu; 221 else 222 conn->mtu = 60; 223 224 BT_DBG("hcon %p conn %p", hcon, conn); 225 226 return conn; 227 } 228 229 /* Delete channel. 230 * Must be called on the locked socket. */ 231 static void sco_chan_del(struct sock *sk, int err) 232 { 233 struct sco_conn *conn; 234 235 conn = sco_pi(sk)->conn; 236 sco_pi(sk)->conn = NULL; 237 238 BT_DBG("sk %p, conn %p, err %d", sk, conn, err); 239 240 if (conn) { 241 sco_conn_lock(conn); 242 conn->sk = NULL; 243 sco_conn_unlock(conn); 244 sco_conn_put(conn); 245 } 246 247 sk->sk_state = BT_CLOSED; 248 sk->sk_err = err; 249 sk->sk_state_change(sk); 250 251 sock_set_flag(sk, SOCK_ZAPPED); 252 } 253 254 static void sco_conn_del(struct hci_conn *hcon, int err) 255 { 256 struct sco_conn *conn = hcon->sco_data; 257 struct sock *sk; 258 259 conn = sco_conn_hold_unless_zero(conn); 260 if (!conn) 261 return; 262 263 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err); 264 265 sco_conn_lock(conn); 266 sk = sco_sock_hold(conn); 267 sco_conn_unlock(conn); 268 sco_conn_put(conn); 269 270 if (!sk) { 271 sco_conn_put(conn); 272 return; 273 } 274 275 /* Kill socket */ 276 lock_sock(sk); 277 sco_sock_clear_timer(sk); 278 sco_chan_del(sk, err); 279 release_sock(sk); 280 sock_put(sk); 281 } 282 283 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, 284 struct sock *parent) 285 { 286 BT_DBG("conn %p", conn); 287 288 sco_pi(sk)->conn = conn; 289 conn->sk = sk; 290 291 if (parent) 292 bt_accept_enqueue(parent, sk, true); 293 } 294 295 static int sco_chan_add(struct sco_conn *conn, struct sock *sk, 296 struct sock *parent) 297 { 298 int err = 0; 299 300 sco_conn_lock(conn); 301 if (conn->sk) 302 err = -EBUSY; 303 else 304 __sco_chan_add(conn, sk, parent); 305 306 sco_conn_unlock(conn); 307 return err; 308 } 309 310 static int sco_connect(struct sock *sk) 311 { 312 struct sco_conn *conn; 313 struct hci_conn *hcon; 314 struct hci_dev *hdev; 315 int err, type; 316 317 BT_DBG("%pMR -> %pMR", &sco_pi(sk)->src, &sco_pi(sk)->dst); 318 319 hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, BDADDR_BREDR); 320 if (!hdev) 321 return -EHOSTUNREACH; 322 323 hci_dev_lock(hdev); 324 325 if (lmp_esco_capable(hdev) && !disable_esco) 326 type = ESCO_LINK; 327 else 328 type = SCO_LINK; 329 330 switch (sco_pi(sk)->setting & SCO_AIRMODE_MASK) { 331 case SCO_AIRMODE_TRANSP: 332 if (!lmp_transp_capable(hdev) || !lmp_esco_capable(hdev)) { 333 err = -EOPNOTSUPP; 334 goto unlock; 335 } 336 break; 337 } 338 339 hcon = hci_connect_sco(hdev, type, &sco_pi(sk)->dst, 340 sco_pi(sk)->setting, &sco_pi(sk)->codec, 341 READ_ONCE(sk->sk_sndtimeo)); 342 if (IS_ERR(hcon)) { 343 err = PTR_ERR(hcon); 344 goto unlock; 345 } 346 347 conn = sco_conn_add(hcon); 348 if (!conn) { 349 hci_conn_drop(hcon); 350 err = -ENOMEM; 351 goto unlock; 352 } 353 354 lock_sock(sk); 355 356 err = sco_chan_add(conn, sk, NULL); 357 if (err) { 358 release_sock(sk); 359 goto unlock; 360 } 361 362 /* Update source addr of the socket */ 363 bacpy(&sco_pi(sk)->src, &hcon->src); 364 365 if (hcon->state == BT_CONNECTED) { 366 sco_sock_clear_timer(sk); 367 sk->sk_state = BT_CONNECTED; 368 } else { 369 sk->sk_state = BT_CONNECT; 370 sco_sock_set_timer(sk, READ_ONCE(sk->sk_sndtimeo)); 371 } 372 373 release_sock(sk); 374 375 unlock: 376 hci_dev_unlock(hdev); 377 hci_dev_put(hdev); 378 return err; 379 } 380 381 static int sco_send_frame(struct sock *sk, struct sk_buff *skb, 382 const struct sockcm_cookie *sockc) 383 { 384 struct sco_conn *conn = sco_pi(sk)->conn; 385 int len = skb->len; 386 387 /* Check outgoing MTU */ 388 if (len > conn->mtu) 389 return -EINVAL; 390 391 BT_DBG("sk %p len %d", sk, len); 392 393 hci_setup_tx_timestamp(skb, 1, sockc); 394 hci_send_sco(conn->hcon, skb); 395 396 return len; 397 } 398 399 static void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb) 400 { 401 struct sock *sk; 402 403 sco_conn_lock(conn); 404 sk = conn->sk; 405 sco_conn_unlock(conn); 406 407 if (!sk) 408 goto drop; 409 410 BT_DBG("sk %p len %u", sk, skb->len); 411 412 if (sk->sk_state != BT_CONNECTED) 413 goto drop; 414 415 if (!sock_queue_rcv_skb(sk, skb)) 416 return; 417 418 drop: 419 kfree_skb(skb); 420 } 421 422 /* -------- Socket interface ---------- */ 423 static struct sock *__sco_get_sock_listen_by_addr(bdaddr_t *ba) 424 { 425 struct sock *sk; 426 427 sk_for_each(sk, &sco_sk_list.head) { 428 if (sk->sk_state != BT_LISTEN) 429 continue; 430 431 if (!bacmp(&sco_pi(sk)->src, ba)) 432 return sk; 433 } 434 435 return NULL; 436 } 437 438 /* Find socket listening on source bdaddr. 439 * Returns closest match. 440 */ 441 static struct sock *sco_get_sock_listen(bdaddr_t *src) 442 { 443 struct sock *sk = NULL, *sk1 = NULL; 444 445 read_lock(&sco_sk_list.lock); 446 447 sk_for_each(sk, &sco_sk_list.head) { 448 if (sk->sk_state != BT_LISTEN) 449 continue; 450 451 /* Exact match. */ 452 if (!bacmp(&sco_pi(sk)->src, src)) 453 break; 454 455 /* Closest match */ 456 if (!bacmp(&sco_pi(sk)->src, BDADDR_ANY)) 457 sk1 = sk; 458 } 459 460 read_unlock(&sco_sk_list.lock); 461 462 return sk ? sk : sk1; 463 } 464 465 static void sco_sock_destruct(struct sock *sk) 466 { 467 BT_DBG("sk %p", sk); 468 469 sco_conn_put(sco_pi(sk)->conn); 470 471 skb_queue_purge(&sk->sk_receive_queue); 472 skb_queue_purge(&sk->sk_write_queue); 473 } 474 475 static void sco_sock_cleanup_listen(struct sock *parent) 476 { 477 struct sock *sk; 478 479 BT_DBG("parent %p", parent); 480 481 /* Close not yet accepted channels */ 482 while ((sk = bt_accept_dequeue(parent, NULL))) { 483 sco_sock_close(sk); 484 sco_sock_kill(sk); 485 } 486 487 parent->sk_state = BT_CLOSED; 488 sock_set_flag(parent, SOCK_ZAPPED); 489 } 490 491 /* Kill socket (only if zapped and orphan) 492 * Must be called on unlocked socket. 493 */ 494 static void sco_sock_kill(struct sock *sk) 495 { 496 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket) 497 return; 498 499 BT_DBG("sk %p state %d", sk, sk->sk_state); 500 501 /* Sock is dead, so set conn->sk to NULL to avoid possible UAF */ 502 if (sco_pi(sk)->conn) { 503 sco_conn_lock(sco_pi(sk)->conn); 504 sco_pi(sk)->conn->sk = NULL; 505 sco_conn_unlock(sco_pi(sk)->conn); 506 } 507 508 /* Kill poor orphan */ 509 bt_sock_unlink(&sco_sk_list, sk); 510 sock_set_flag(sk, SOCK_DEAD); 511 sock_put(sk); 512 } 513 514 static void __sco_sock_close(struct sock *sk) 515 { 516 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket); 517 518 switch (sk->sk_state) { 519 case BT_LISTEN: 520 sco_sock_cleanup_listen(sk); 521 break; 522 523 case BT_CONNECTED: 524 case BT_CONFIG: 525 case BT_CONNECT2: 526 case BT_CONNECT: 527 case BT_DISCONN: 528 sco_chan_del(sk, ECONNRESET); 529 break; 530 531 default: 532 sock_set_flag(sk, SOCK_ZAPPED); 533 break; 534 } 535 536 } 537 538 /* Must be called on unlocked socket. */ 539 static void sco_sock_close(struct sock *sk) 540 { 541 lock_sock(sk); 542 sco_sock_clear_timer(sk); 543 __sco_sock_close(sk); 544 release_sock(sk); 545 } 546 547 static void sco_sock_init(struct sock *sk, struct sock *parent) 548 { 549 BT_DBG("sk %p", sk); 550 551 if (parent) { 552 sk->sk_type = parent->sk_type; 553 bt_sk(sk)->flags = bt_sk(parent)->flags; 554 security_sk_clone(parent, sk); 555 } 556 } 557 558 static struct proto sco_proto = { 559 .name = "SCO", 560 .owner = THIS_MODULE, 561 .obj_size = sizeof(struct sco_pinfo) 562 }; 563 564 static struct sock *sco_sock_alloc(struct net *net, struct socket *sock, 565 int proto, gfp_t prio, int kern) 566 { 567 struct sock *sk; 568 569 sk = bt_sock_alloc(net, sock, &sco_proto, proto, prio, kern); 570 if (!sk) 571 return NULL; 572 573 sk->sk_destruct = sco_sock_destruct; 574 sk->sk_sndtimeo = SCO_CONN_TIMEOUT; 575 576 sco_pi(sk)->setting = BT_VOICE_CVSD_16BIT; 577 sco_pi(sk)->codec.id = BT_CODEC_CVSD; 578 sco_pi(sk)->codec.cid = 0xffff; 579 sco_pi(sk)->codec.vid = 0xffff; 580 sco_pi(sk)->codec.data_path = 0x00; 581 582 bt_sock_link(&sco_sk_list, sk); 583 return sk; 584 } 585 586 static int sco_sock_create(struct net *net, struct socket *sock, int protocol, 587 int kern) 588 { 589 struct sock *sk; 590 591 BT_DBG("sock %p", sock); 592 593 sock->state = SS_UNCONNECTED; 594 595 if (sock->type != SOCK_SEQPACKET) 596 return -ESOCKTNOSUPPORT; 597 598 sock->ops = &sco_sock_ops; 599 600 sk = sco_sock_alloc(net, sock, protocol, GFP_ATOMIC, kern); 601 if (!sk) 602 return -ENOMEM; 603 604 sco_sock_init(sk, NULL); 605 return 0; 606 } 607 608 static int sco_sock_bind(struct socket *sock, struct sockaddr *addr, 609 int addr_len) 610 { 611 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 612 struct sock *sk = sock->sk; 613 int err = 0; 614 615 if (!addr || addr_len < sizeof(struct sockaddr_sco) || 616 addr->sa_family != AF_BLUETOOTH) 617 return -EINVAL; 618 619 BT_DBG("sk %p %pMR", sk, &sa->sco_bdaddr); 620 621 lock_sock(sk); 622 623 if (sk->sk_state != BT_OPEN) { 624 err = -EBADFD; 625 goto done; 626 } 627 628 if (sk->sk_type != SOCK_SEQPACKET) { 629 err = -EINVAL; 630 goto done; 631 } 632 633 bacpy(&sco_pi(sk)->src, &sa->sco_bdaddr); 634 635 sk->sk_state = BT_BOUND; 636 637 done: 638 release_sock(sk); 639 return err; 640 } 641 642 static int sco_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags) 643 { 644 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 645 struct sock *sk = sock->sk; 646 int err; 647 648 BT_DBG("sk %p", sk); 649 650 if (alen < sizeof(struct sockaddr_sco) || 651 addr->sa_family != AF_BLUETOOTH) 652 return -EINVAL; 653 654 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) 655 return -EBADFD; 656 657 if (sk->sk_type != SOCK_SEQPACKET) 658 err = -EINVAL; 659 660 lock_sock(sk); 661 /* Set destination address and psm */ 662 bacpy(&sco_pi(sk)->dst, &sa->sco_bdaddr); 663 release_sock(sk); 664 665 err = sco_connect(sk); 666 if (err) 667 return err; 668 669 lock_sock(sk); 670 671 err = bt_sock_wait_state(sk, BT_CONNECTED, 672 sock_sndtimeo(sk, flags & O_NONBLOCK)); 673 674 release_sock(sk); 675 return err; 676 } 677 678 static int sco_sock_listen(struct socket *sock, int backlog) 679 { 680 struct sock *sk = sock->sk; 681 bdaddr_t *src = &sco_pi(sk)->src; 682 int err = 0; 683 684 BT_DBG("sk %p backlog %d", sk, backlog); 685 686 lock_sock(sk); 687 688 if (sk->sk_state != BT_BOUND) { 689 err = -EBADFD; 690 goto done; 691 } 692 693 if (sk->sk_type != SOCK_SEQPACKET) { 694 err = -EINVAL; 695 goto done; 696 } 697 698 write_lock(&sco_sk_list.lock); 699 700 if (__sco_get_sock_listen_by_addr(src)) { 701 err = -EADDRINUSE; 702 goto unlock; 703 } 704 705 sk->sk_max_ack_backlog = backlog; 706 sk->sk_ack_backlog = 0; 707 708 sk->sk_state = BT_LISTEN; 709 710 unlock: 711 write_unlock(&sco_sk_list.lock); 712 713 done: 714 release_sock(sk); 715 return err; 716 } 717 718 static int sco_sock_accept(struct socket *sock, struct socket *newsock, 719 struct proto_accept_arg *arg) 720 { 721 DEFINE_WAIT_FUNC(wait, woken_wake_function); 722 struct sock *sk = sock->sk, *ch; 723 long timeo; 724 int err = 0; 725 726 lock_sock(sk); 727 728 timeo = sock_rcvtimeo(sk, arg->flags & O_NONBLOCK); 729 730 BT_DBG("sk %p timeo %ld", sk, timeo); 731 732 /* Wait for an incoming connection. (wake-one). */ 733 add_wait_queue_exclusive(sk_sleep(sk), &wait); 734 while (1) { 735 if (sk->sk_state != BT_LISTEN) { 736 err = -EBADFD; 737 break; 738 } 739 740 ch = bt_accept_dequeue(sk, newsock); 741 if (ch) 742 break; 743 744 if (!timeo) { 745 err = -EAGAIN; 746 break; 747 } 748 749 if (signal_pending(current)) { 750 err = sock_intr_errno(timeo); 751 break; 752 } 753 754 release_sock(sk); 755 756 timeo = wait_woken(&wait, TASK_INTERRUPTIBLE, timeo); 757 lock_sock(sk); 758 } 759 remove_wait_queue(sk_sleep(sk), &wait); 760 761 if (err) 762 goto done; 763 764 newsock->state = SS_CONNECTED; 765 766 BT_DBG("new socket %p", ch); 767 768 done: 769 release_sock(sk); 770 return err; 771 } 772 773 static int sco_sock_getname(struct socket *sock, struct sockaddr *addr, 774 int peer) 775 { 776 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 777 struct sock *sk = sock->sk; 778 779 BT_DBG("sock %p, sk %p", sock, sk); 780 781 addr->sa_family = AF_BLUETOOTH; 782 783 if (peer) 784 bacpy(&sa->sco_bdaddr, &sco_pi(sk)->dst); 785 else 786 bacpy(&sa->sco_bdaddr, &sco_pi(sk)->src); 787 788 return sizeof(struct sockaddr_sco); 789 } 790 791 static int sco_sock_sendmsg(struct socket *sock, struct msghdr *msg, 792 size_t len) 793 { 794 struct sock *sk = sock->sk; 795 struct sk_buff *skb; 796 struct sockcm_cookie sockc; 797 int err; 798 799 BT_DBG("sock %p, sk %p", sock, sk); 800 801 err = sock_error(sk); 802 if (err) 803 return err; 804 805 if (msg->msg_flags & MSG_OOB) 806 return -EOPNOTSUPP; 807 808 hci_sockcm_init(&sockc, sk); 809 810 if (msg->msg_controllen) { 811 err = sock_cmsg_send(sk, msg, &sockc); 812 if (err) 813 return err; 814 } 815 816 skb = bt_skb_sendmsg(sk, msg, len, len, 0, 0); 817 if (IS_ERR(skb)) 818 return PTR_ERR(skb); 819 820 lock_sock(sk); 821 822 if (sk->sk_state == BT_CONNECTED) 823 err = sco_send_frame(sk, skb, &sockc); 824 else 825 err = -ENOTCONN; 826 827 release_sock(sk); 828 829 if (err < 0) 830 kfree_skb(skb); 831 return err; 832 } 833 834 static void sco_conn_defer_accept(struct hci_conn *conn, u16 setting) 835 { 836 struct hci_dev *hdev = conn->hdev; 837 838 BT_DBG("conn %p", conn); 839 840 conn->state = BT_CONFIG; 841 842 if (!lmp_esco_capable(hdev)) { 843 struct hci_cp_accept_conn_req cp; 844 845 bacpy(&cp.bdaddr, &conn->dst); 846 cp.role = 0x00; /* Ignored */ 847 848 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp), &cp); 849 } else { 850 struct hci_cp_accept_sync_conn_req cp; 851 852 bacpy(&cp.bdaddr, &conn->dst); 853 cp.pkt_type = cpu_to_le16(conn->pkt_type); 854 855 cp.tx_bandwidth = cpu_to_le32(0x00001f40); 856 cp.rx_bandwidth = cpu_to_le32(0x00001f40); 857 cp.content_format = cpu_to_le16(setting); 858 859 switch (setting & SCO_AIRMODE_MASK) { 860 case SCO_AIRMODE_TRANSP: 861 if (conn->pkt_type & ESCO_2EV3) 862 cp.max_latency = cpu_to_le16(0x0008); 863 else 864 cp.max_latency = cpu_to_le16(0x000D); 865 cp.retrans_effort = 0x02; 866 break; 867 case SCO_AIRMODE_CVSD: 868 cp.max_latency = cpu_to_le16(0xffff); 869 cp.retrans_effort = 0xff; 870 break; 871 default: 872 /* use CVSD settings as fallback */ 873 cp.max_latency = cpu_to_le16(0xffff); 874 cp.retrans_effort = 0xff; 875 break; 876 } 877 878 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ, 879 sizeof(cp), &cp); 880 } 881 } 882 883 static int sco_sock_recvmsg(struct socket *sock, struct msghdr *msg, 884 size_t len, int flags) 885 { 886 struct sock *sk = sock->sk; 887 struct sco_pinfo *pi = sco_pi(sk); 888 889 if (unlikely(flags & MSG_ERRQUEUE)) 890 return sock_recv_errqueue(sk, msg, len, SOL_BLUETOOTH, 891 BT_SCM_ERROR); 892 893 lock_sock(sk); 894 895 if (sk->sk_state == BT_CONNECT2 && 896 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) { 897 sco_conn_defer_accept(pi->conn->hcon, pi->setting); 898 sk->sk_state = BT_CONFIG; 899 900 release_sock(sk); 901 return 0; 902 } 903 904 release_sock(sk); 905 906 return bt_sock_recvmsg(sock, msg, len, flags); 907 } 908 909 static int sco_sock_setsockopt(struct socket *sock, int level, int optname, 910 sockptr_t optval, unsigned int optlen) 911 { 912 struct sock *sk = sock->sk; 913 int err = 0; 914 struct bt_voice voice; 915 u32 opt; 916 struct bt_codecs *codecs; 917 struct hci_dev *hdev; 918 __u8 buffer[255]; 919 920 BT_DBG("sk %p", sk); 921 922 lock_sock(sk); 923 924 switch (optname) { 925 926 case BT_DEFER_SETUP: 927 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) { 928 err = -EINVAL; 929 break; 930 } 931 932 err = copy_safe_from_sockptr(&opt, sizeof(opt), optval, optlen); 933 if (err) 934 break; 935 936 if (opt) 937 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags); 938 else 939 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags); 940 break; 941 942 case BT_VOICE: 943 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND && 944 sk->sk_state != BT_CONNECT2) { 945 err = -EINVAL; 946 break; 947 } 948 949 voice.setting = sco_pi(sk)->setting; 950 951 err = copy_safe_from_sockptr(&voice, sizeof(voice), optval, 952 optlen); 953 if (err) 954 break; 955 956 sco_pi(sk)->setting = voice.setting; 957 hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, 958 BDADDR_BREDR); 959 if (!hdev) { 960 err = -EBADFD; 961 break; 962 } 963 964 switch (sco_pi(sk)->setting & SCO_AIRMODE_MASK) { 965 case SCO_AIRMODE_TRANSP: 966 if (enhanced_sync_conn_capable(hdev)) 967 sco_pi(sk)->codec.id = BT_CODEC_TRANSPARENT; 968 break; 969 } 970 971 hci_dev_put(hdev); 972 break; 973 974 case BT_PKT_STATUS: 975 err = copy_safe_from_sockptr(&opt, sizeof(opt), optval, optlen); 976 if (err) 977 break; 978 979 if (opt) 980 set_bit(BT_SK_PKT_STATUS, &bt_sk(sk)->flags); 981 else 982 clear_bit(BT_SK_PKT_STATUS, &bt_sk(sk)->flags); 983 break; 984 985 case BT_CODEC: 986 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND && 987 sk->sk_state != BT_CONNECT2) { 988 err = -EINVAL; 989 break; 990 } 991 992 hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, 993 BDADDR_BREDR); 994 if (!hdev) { 995 err = -EBADFD; 996 break; 997 } 998 999 if (!hci_dev_test_flag(hdev, HCI_OFFLOAD_CODECS_ENABLED)) { 1000 hci_dev_put(hdev); 1001 err = -EOPNOTSUPP; 1002 break; 1003 } 1004 1005 if (!hdev->get_data_path_id) { 1006 hci_dev_put(hdev); 1007 err = -EOPNOTSUPP; 1008 break; 1009 } 1010 1011 if (optlen < sizeof(struct bt_codecs) || 1012 optlen > sizeof(buffer)) { 1013 hci_dev_put(hdev); 1014 err = -EINVAL; 1015 break; 1016 } 1017 1018 err = copy_struct_from_sockptr(buffer, sizeof(buffer), optval, 1019 optlen); 1020 if (err) { 1021 hci_dev_put(hdev); 1022 break; 1023 } 1024 1025 codecs = (void *)buffer; 1026 1027 if (codecs->num_codecs > 1) { 1028 hci_dev_put(hdev); 1029 err = -EINVAL; 1030 break; 1031 } 1032 1033 sco_pi(sk)->codec = codecs->codecs[0]; 1034 hci_dev_put(hdev); 1035 break; 1036 1037 default: 1038 err = -ENOPROTOOPT; 1039 break; 1040 } 1041 1042 release_sock(sk); 1043 return err; 1044 } 1045 1046 static int sco_sock_getsockopt_old(struct socket *sock, int optname, 1047 char __user *optval, int __user *optlen) 1048 { 1049 struct sock *sk = sock->sk; 1050 struct sco_options opts; 1051 struct sco_conninfo cinfo; 1052 int err = 0; 1053 size_t len; 1054 1055 BT_DBG("sk %p", sk); 1056 1057 if (get_user(len, optlen)) 1058 return -EFAULT; 1059 1060 lock_sock(sk); 1061 1062 switch (optname) { 1063 case SCO_OPTIONS: 1064 if (sk->sk_state != BT_CONNECTED && 1065 !(sk->sk_state == BT_CONNECT2 && 1066 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) { 1067 err = -ENOTCONN; 1068 break; 1069 } 1070 1071 opts.mtu = sco_pi(sk)->conn->mtu; 1072 1073 BT_DBG("mtu %u", opts.mtu); 1074 1075 len = min(len, sizeof(opts)); 1076 if (copy_to_user(optval, (char *)&opts, len)) 1077 err = -EFAULT; 1078 1079 break; 1080 1081 case SCO_CONNINFO: 1082 if (sk->sk_state != BT_CONNECTED && 1083 !(sk->sk_state == BT_CONNECT2 && 1084 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) { 1085 err = -ENOTCONN; 1086 break; 1087 } 1088 1089 memset(&cinfo, 0, sizeof(cinfo)); 1090 cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle; 1091 memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3); 1092 1093 len = min(len, sizeof(cinfo)); 1094 if (copy_to_user(optval, (char *)&cinfo, len)) 1095 err = -EFAULT; 1096 1097 break; 1098 1099 default: 1100 err = -ENOPROTOOPT; 1101 break; 1102 } 1103 1104 release_sock(sk); 1105 return err; 1106 } 1107 1108 static int sco_sock_getsockopt(struct socket *sock, int level, int optname, 1109 char __user *optval, int __user *optlen) 1110 { 1111 struct sock *sk = sock->sk; 1112 int len, err = 0; 1113 struct bt_voice voice; 1114 u32 phys; 1115 int buf_len; 1116 struct codec_list *c; 1117 u8 num_codecs, i, __user *ptr; 1118 struct hci_dev *hdev; 1119 struct hci_codec_caps *caps; 1120 struct bt_codec codec; 1121 1122 BT_DBG("sk %p", sk); 1123 1124 if (level == SOL_SCO) 1125 return sco_sock_getsockopt_old(sock, optname, optval, optlen); 1126 1127 if (get_user(len, optlen)) 1128 return -EFAULT; 1129 1130 lock_sock(sk); 1131 1132 switch (optname) { 1133 1134 case BT_DEFER_SETUP: 1135 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) { 1136 err = -EINVAL; 1137 break; 1138 } 1139 1140 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags), 1141 (u32 __user *)optval)) 1142 err = -EFAULT; 1143 1144 break; 1145 1146 case BT_VOICE: 1147 voice.setting = sco_pi(sk)->setting; 1148 1149 len = min_t(unsigned int, len, sizeof(voice)); 1150 if (copy_to_user(optval, (char *)&voice, len)) 1151 err = -EFAULT; 1152 1153 break; 1154 1155 case BT_PHY: 1156 if (sk->sk_state != BT_CONNECTED) { 1157 err = -ENOTCONN; 1158 break; 1159 } 1160 1161 phys = hci_conn_get_phy(sco_pi(sk)->conn->hcon); 1162 1163 if (put_user(phys, (u32 __user *) optval)) 1164 err = -EFAULT; 1165 break; 1166 1167 case BT_PKT_STATUS: 1168 if (put_user(test_bit(BT_SK_PKT_STATUS, &bt_sk(sk)->flags), 1169 (int __user *)optval)) 1170 err = -EFAULT; 1171 break; 1172 1173 case BT_SNDMTU: 1174 case BT_RCVMTU: 1175 if (sk->sk_state != BT_CONNECTED) { 1176 err = -ENOTCONN; 1177 break; 1178 } 1179 1180 if (put_user(sco_pi(sk)->conn->mtu, (u32 __user *)optval)) 1181 err = -EFAULT; 1182 break; 1183 1184 case BT_CODEC: 1185 num_codecs = 0; 1186 buf_len = 0; 1187 1188 hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, BDADDR_BREDR); 1189 if (!hdev) { 1190 err = -EBADFD; 1191 break; 1192 } 1193 1194 if (!hci_dev_test_flag(hdev, HCI_OFFLOAD_CODECS_ENABLED)) { 1195 hci_dev_put(hdev); 1196 err = -EOPNOTSUPP; 1197 break; 1198 } 1199 1200 if (!hdev->get_data_path_id) { 1201 hci_dev_put(hdev); 1202 err = -EOPNOTSUPP; 1203 break; 1204 } 1205 1206 release_sock(sk); 1207 1208 /* find total buffer size required to copy codec + caps */ 1209 hci_dev_lock(hdev); 1210 list_for_each_entry(c, &hdev->local_codecs, list) { 1211 if (c->transport != HCI_TRANSPORT_SCO_ESCO) 1212 continue; 1213 num_codecs++; 1214 for (i = 0, caps = c->caps; i < c->num_caps; i++) { 1215 buf_len += 1 + caps->len; 1216 caps = (void *)&caps->data[caps->len]; 1217 } 1218 buf_len += sizeof(struct bt_codec); 1219 } 1220 hci_dev_unlock(hdev); 1221 1222 buf_len += sizeof(struct bt_codecs); 1223 if (buf_len > len) { 1224 hci_dev_put(hdev); 1225 return -ENOBUFS; 1226 } 1227 ptr = optval; 1228 1229 if (put_user(num_codecs, ptr)) { 1230 hci_dev_put(hdev); 1231 return -EFAULT; 1232 } 1233 ptr += sizeof(num_codecs); 1234 1235 /* Iterate all the codecs supported over SCO and populate 1236 * codec data 1237 */ 1238 hci_dev_lock(hdev); 1239 list_for_each_entry(c, &hdev->local_codecs, list) { 1240 if (c->transport != HCI_TRANSPORT_SCO_ESCO) 1241 continue; 1242 1243 codec.id = c->id; 1244 codec.cid = c->cid; 1245 codec.vid = c->vid; 1246 err = hdev->get_data_path_id(hdev, &codec.data_path); 1247 if (err < 0) 1248 break; 1249 codec.num_caps = c->num_caps; 1250 if (copy_to_user(ptr, &codec, sizeof(codec))) { 1251 err = -EFAULT; 1252 break; 1253 } 1254 ptr += sizeof(codec); 1255 1256 /* find codec capabilities data length */ 1257 len = 0; 1258 for (i = 0, caps = c->caps; i < c->num_caps; i++) { 1259 len += 1 + caps->len; 1260 caps = (void *)&caps->data[caps->len]; 1261 } 1262 1263 /* copy codec capabilities data */ 1264 if (len && copy_to_user(ptr, c->caps, len)) { 1265 err = -EFAULT; 1266 break; 1267 } 1268 ptr += len; 1269 } 1270 1271 hci_dev_unlock(hdev); 1272 hci_dev_put(hdev); 1273 1274 lock_sock(sk); 1275 1276 if (!err && put_user(buf_len, optlen)) 1277 err = -EFAULT; 1278 1279 break; 1280 1281 default: 1282 err = -ENOPROTOOPT; 1283 break; 1284 } 1285 1286 release_sock(sk); 1287 return err; 1288 } 1289 1290 static int sco_sock_shutdown(struct socket *sock, int how) 1291 { 1292 struct sock *sk = sock->sk; 1293 int err = 0; 1294 1295 BT_DBG("sock %p, sk %p", sock, sk); 1296 1297 if (!sk) 1298 return 0; 1299 1300 sock_hold(sk); 1301 lock_sock(sk); 1302 1303 if (!sk->sk_shutdown) { 1304 sk->sk_shutdown = SHUTDOWN_MASK; 1305 sco_sock_clear_timer(sk); 1306 __sco_sock_close(sk); 1307 1308 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime && 1309 !(current->flags & PF_EXITING)) 1310 err = bt_sock_wait_state(sk, BT_CLOSED, 1311 sk->sk_lingertime); 1312 } 1313 1314 release_sock(sk); 1315 sock_put(sk); 1316 1317 return err; 1318 } 1319 1320 static int sco_sock_release(struct socket *sock) 1321 { 1322 struct sock *sk = sock->sk; 1323 int err = 0; 1324 1325 BT_DBG("sock %p, sk %p", sock, sk); 1326 1327 if (!sk) 1328 return 0; 1329 1330 sco_sock_close(sk); 1331 1332 if (sock_flag(sk, SOCK_LINGER) && READ_ONCE(sk->sk_lingertime) && 1333 !(current->flags & PF_EXITING)) { 1334 lock_sock(sk); 1335 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime); 1336 release_sock(sk); 1337 } 1338 1339 sock_orphan(sk); 1340 sco_sock_kill(sk); 1341 return err; 1342 } 1343 1344 static void sco_conn_ready(struct sco_conn *conn) 1345 { 1346 struct sock *parent; 1347 struct sock *sk = conn->sk; 1348 1349 BT_DBG("conn %p", conn); 1350 1351 if (sk) { 1352 lock_sock(sk); 1353 sco_sock_clear_timer(sk); 1354 sk->sk_state = BT_CONNECTED; 1355 sk->sk_state_change(sk); 1356 release_sock(sk); 1357 } else { 1358 sco_conn_lock(conn); 1359 1360 if (!conn->hcon) { 1361 sco_conn_unlock(conn); 1362 return; 1363 } 1364 1365 parent = sco_get_sock_listen(&conn->hcon->src); 1366 if (!parent) { 1367 sco_conn_unlock(conn); 1368 return; 1369 } 1370 1371 lock_sock(parent); 1372 1373 sk = sco_sock_alloc(sock_net(parent), NULL, 1374 BTPROTO_SCO, GFP_ATOMIC, 0); 1375 if (!sk) { 1376 release_sock(parent); 1377 sco_conn_unlock(conn); 1378 return; 1379 } 1380 1381 sco_sock_init(sk, parent); 1382 1383 bacpy(&sco_pi(sk)->src, &conn->hcon->src); 1384 bacpy(&sco_pi(sk)->dst, &conn->hcon->dst); 1385 1386 sco_conn_hold(conn); 1387 hci_conn_hold(conn->hcon); 1388 __sco_chan_add(conn, sk, parent); 1389 1390 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags)) 1391 sk->sk_state = BT_CONNECT2; 1392 else 1393 sk->sk_state = BT_CONNECTED; 1394 1395 /* Wake up parent */ 1396 parent->sk_data_ready(parent); 1397 1398 release_sock(parent); 1399 1400 sco_conn_unlock(conn); 1401 } 1402 } 1403 1404 /* ----- SCO interface with lower layer (HCI) ----- */ 1405 int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 *flags) 1406 { 1407 struct sock *sk; 1408 int lm = 0; 1409 1410 BT_DBG("hdev %s, bdaddr %pMR", hdev->name, bdaddr); 1411 1412 /* Find listening sockets */ 1413 read_lock(&sco_sk_list.lock); 1414 sk_for_each(sk, &sco_sk_list.head) { 1415 if (sk->sk_state != BT_LISTEN) 1416 continue; 1417 1418 if (!bacmp(&sco_pi(sk)->src, &hdev->bdaddr) || 1419 !bacmp(&sco_pi(sk)->src, BDADDR_ANY)) { 1420 lm |= HCI_LM_ACCEPT; 1421 1422 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) 1423 *flags |= HCI_PROTO_DEFER; 1424 break; 1425 } 1426 } 1427 read_unlock(&sco_sk_list.lock); 1428 1429 return lm; 1430 } 1431 1432 static void sco_connect_cfm(struct hci_conn *hcon, __u8 status) 1433 { 1434 if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK) 1435 return; 1436 1437 BT_DBG("hcon %p bdaddr %pMR status %u", hcon, &hcon->dst, status); 1438 1439 if (!status) { 1440 struct sco_conn *conn; 1441 1442 conn = sco_conn_add(hcon); 1443 if (conn) { 1444 sco_conn_ready(conn); 1445 sco_conn_put(conn); 1446 } 1447 } else 1448 sco_conn_del(hcon, bt_to_errno(status)); 1449 } 1450 1451 static void sco_disconn_cfm(struct hci_conn *hcon, __u8 reason) 1452 { 1453 if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK) 1454 return; 1455 1456 BT_DBG("hcon %p reason %d", hcon, reason); 1457 1458 sco_conn_del(hcon, bt_to_errno(reason)); 1459 } 1460 1461 void sco_recv_scodata(struct hci_conn *hcon, struct sk_buff *skb) 1462 { 1463 struct sco_conn *conn = hcon->sco_data; 1464 1465 if (!conn) 1466 goto drop; 1467 1468 BT_DBG("conn %p len %u", conn, skb->len); 1469 1470 if (skb->len) { 1471 sco_recv_frame(conn, skb); 1472 return; 1473 } 1474 1475 drop: 1476 kfree_skb(skb); 1477 } 1478 1479 static struct hci_cb sco_cb = { 1480 .name = "SCO", 1481 .connect_cfm = sco_connect_cfm, 1482 .disconn_cfm = sco_disconn_cfm, 1483 }; 1484 1485 static int sco_debugfs_show(struct seq_file *f, void *p) 1486 { 1487 struct sock *sk; 1488 1489 read_lock(&sco_sk_list.lock); 1490 1491 sk_for_each(sk, &sco_sk_list.head) { 1492 seq_printf(f, "%pMR %pMR %d\n", &sco_pi(sk)->src, 1493 &sco_pi(sk)->dst, sk->sk_state); 1494 } 1495 1496 read_unlock(&sco_sk_list.lock); 1497 1498 return 0; 1499 } 1500 1501 DEFINE_SHOW_ATTRIBUTE(sco_debugfs); 1502 1503 static struct dentry *sco_debugfs; 1504 1505 static const struct proto_ops sco_sock_ops = { 1506 .family = PF_BLUETOOTH, 1507 .owner = THIS_MODULE, 1508 .release = sco_sock_release, 1509 .bind = sco_sock_bind, 1510 .connect = sco_sock_connect, 1511 .listen = sco_sock_listen, 1512 .accept = sco_sock_accept, 1513 .getname = sco_sock_getname, 1514 .sendmsg = sco_sock_sendmsg, 1515 .recvmsg = sco_sock_recvmsg, 1516 .poll = bt_sock_poll, 1517 .ioctl = bt_sock_ioctl, 1518 .gettstamp = sock_gettstamp, 1519 .mmap = sock_no_mmap, 1520 .socketpair = sock_no_socketpair, 1521 .shutdown = sco_sock_shutdown, 1522 .setsockopt = sco_sock_setsockopt, 1523 .getsockopt = sco_sock_getsockopt 1524 }; 1525 1526 static const struct net_proto_family sco_sock_family_ops = { 1527 .family = PF_BLUETOOTH, 1528 .owner = THIS_MODULE, 1529 .create = sco_sock_create, 1530 }; 1531 1532 int __init sco_init(void) 1533 { 1534 int err; 1535 1536 BUILD_BUG_ON(sizeof(struct sockaddr_sco) > sizeof(struct sockaddr)); 1537 1538 err = proto_register(&sco_proto, 0); 1539 if (err < 0) 1540 return err; 1541 1542 err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops); 1543 if (err < 0) { 1544 BT_ERR("SCO socket registration failed"); 1545 goto error; 1546 } 1547 1548 err = bt_procfs_init(&init_net, "sco", &sco_sk_list, NULL); 1549 if (err < 0) { 1550 BT_ERR("Failed to create SCO proc file"); 1551 bt_sock_unregister(BTPROTO_SCO); 1552 goto error; 1553 } 1554 1555 BT_INFO("SCO socket layer initialized"); 1556 1557 hci_register_cb(&sco_cb); 1558 1559 if (IS_ERR_OR_NULL(bt_debugfs)) 1560 return 0; 1561 1562 sco_debugfs = debugfs_create_file("sco", 0444, bt_debugfs, 1563 NULL, &sco_debugfs_fops); 1564 1565 return 0; 1566 1567 error: 1568 proto_unregister(&sco_proto); 1569 return err; 1570 } 1571 1572 void sco_exit(void) 1573 { 1574 bt_procfs_cleanup(&init_net, "sco"); 1575 1576 debugfs_remove(sco_debugfs); 1577 1578 hci_unregister_cb(&sco_cb); 1579 1580 bt_sock_unregister(BTPROTO_SCO); 1581 1582 proto_unregister(&sco_proto); 1583 } 1584 1585 module_param(disable_esco, bool, 0644); 1586 MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation"); 1587