1 /* 2 Copyright (c) 2013-2014 Intel Corp. 3 4 This program is free software; you can redistribute it and/or modify 5 it under the terms of the GNU General Public License version 2 and 6 only version 2 as published by the Free Software Foundation. 7 8 This program is distributed in the hope that it will be useful, 9 but WITHOUT ANY WARRANTY; without even the implied warranty of 10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 GNU General Public License for more details. 12 */ 13 14 #include <linux/if_arp.h> 15 #include <linux/netdevice.h> 16 #include <linux/etherdevice.h> 17 #include <linux/module.h> 18 #include <linux/debugfs.h> 19 20 #include <net/ipv6.h> 21 #include <net/ip6_route.h> 22 #include <net/addrconf.h> 23 24 #include <net/bluetooth/bluetooth.h> 25 #include <net/bluetooth/hci_core.h> 26 #include <net/bluetooth/l2cap.h> 27 28 #include <net/6lowpan.h> /* for the compression support */ 29 30 #define VERSION "0.1" 31 32 static struct dentry *lowpan_enable_debugfs; 33 static struct dentry *lowpan_control_debugfs; 34 35 #define IFACE_NAME_TEMPLATE "bt%d" 36 37 struct skb_cb { 38 struct in6_addr addr; 39 struct in6_addr gw; 40 struct l2cap_chan *chan; 41 int status; 42 }; 43 #define lowpan_cb(skb) ((struct skb_cb *)((skb)->cb)) 44 45 /* The devices list contains those devices that we are acting 46 * as a proxy. The BT 6LoWPAN device is a virtual device that 47 * connects to the Bluetooth LE device. The real connection to 48 * BT device is done via l2cap layer. There exists one 49 * virtual device / one BT 6LoWPAN network (=hciX device). 50 * The list contains struct lowpan_dev elements. 51 */ 52 static LIST_HEAD(bt_6lowpan_devices); 53 static DEFINE_SPINLOCK(devices_lock); 54 55 static bool enable_6lowpan; 56 57 /* We are listening incoming connections via this channel 58 */ 59 static struct l2cap_chan *listen_chan; 60 61 struct lowpan_peer { 62 struct list_head list; 63 struct rcu_head rcu; 64 struct l2cap_chan *chan; 65 66 /* peer addresses in various formats */ 67 unsigned char eui64_addr[EUI64_ADDR_LEN]; 68 struct in6_addr peer_addr; 69 }; 70 71 struct lowpan_btle_dev { 72 struct list_head list; 73 74 struct hci_dev *hdev; 75 struct net_device *netdev; 76 struct list_head peers; 77 atomic_t peer_count; /* number of items in peers list */ 78 79 struct work_struct delete_netdev; 80 struct delayed_work notify_peers; 81 }; 82 83 static inline struct lowpan_btle_dev * 84 lowpan_btle_dev(const struct net_device *netdev) 85 { 86 return (struct lowpan_btle_dev *)lowpan_dev(netdev)->priv; 87 } 88 89 static inline void peer_add(struct lowpan_btle_dev *dev, 90 struct lowpan_peer *peer) 91 { 92 list_add_rcu(&peer->list, &dev->peers); 93 atomic_inc(&dev->peer_count); 94 } 95 96 static inline bool peer_del(struct lowpan_btle_dev *dev, 97 struct lowpan_peer *peer) 98 { 99 list_del_rcu(&peer->list); 100 kfree_rcu(peer, rcu); 101 102 module_put(THIS_MODULE); 103 104 if (atomic_dec_and_test(&dev->peer_count)) { 105 BT_DBG("last peer"); 106 return true; 107 } 108 109 return false; 110 } 111 112 static inline struct lowpan_peer *peer_lookup_ba(struct lowpan_btle_dev *dev, 113 bdaddr_t *ba, __u8 type) 114 { 115 struct lowpan_peer *peer; 116 117 BT_DBG("peers %d addr %pMR type %d", atomic_read(&dev->peer_count), 118 ba, type); 119 120 rcu_read_lock(); 121 122 list_for_each_entry_rcu(peer, &dev->peers, list) { 123 BT_DBG("dst addr %pMR dst type %d", 124 &peer->chan->dst, peer->chan->dst_type); 125 126 if (bacmp(&peer->chan->dst, ba)) 127 continue; 128 129 if (type == peer->chan->dst_type) { 130 rcu_read_unlock(); 131 return peer; 132 } 133 } 134 135 rcu_read_unlock(); 136 137 return NULL; 138 } 139 140 static inline struct lowpan_peer * 141 __peer_lookup_chan(struct lowpan_btle_dev *dev, struct l2cap_chan *chan) 142 { 143 struct lowpan_peer *peer; 144 145 list_for_each_entry_rcu(peer, &dev->peers, list) { 146 if (peer->chan == chan) 147 return peer; 148 } 149 150 return NULL; 151 } 152 153 static inline struct lowpan_peer * 154 __peer_lookup_conn(struct lowpan_btle_dev *dev, struct l2cap_conn *conn) 155 { 156 struct lowpan_peer *peer; 157 158 list_for_each_entry_rcu(peer, &dev->peers, list) { 159 if (peer->chan->conn == conn) 160 return peer; 161 } 162 163 return NULL; 164 } 165 166 static inline struct lowpan_peer *peer_lookup_dst(struct lowpan_btle_dev *dev, 167 struct in6_addr *daddr, 168 struct sk_buff *skb) 169 { 170 struct lowpan_peer *peer; 171 struct in6_addr *nexthop; 172 struct rt6_info *rt = (struct rt6_info *)skb_dst(skb); 173 int count = atomic_read(&dev->peer_count); 174 175 BT_DBG("peers %d addr %pI6c rt %p", count, daddr, rt); 176 177 /* If we have multiple 6lowpan peers, then check where we should 178 * send the packet. If only one peer exists, then we can send the 179 * packet right away. 180 */ 181 if (count == 1) { 182 rcu_read_lock(); 183 peer = list_first_or_null_rcu(&dev->peers, struct lowpan_peer, 184 list); 185 rcu_read_unlock(); 186 return peer; 187 } 188 189 if (!rt) { 190 nexthop = &lowpan_cb(skb)->gw; 191 192 if (ipv6_addr_any(nexthop)) 193 return NULL; 194 } else { 195 nexthop = rt6_nexthop(rt, daddr); 196 197 /* We need to remember the address because it is needed 198 * by bt_xmit() when sending the packet. In bt_xmit(), the 199 * destination routing info is not set. 200 */ 201 memcpy(&lowpan_cb(skb)->gw, nexthop, sizeof(struct in6_addr)); 202 } 203 204 BT_DBG("gw %pI6c", nexthop); 205 206 rcu_read_lock(); 207 208 list_for_each_entry_rcu(peer, &dev->peers, list) { 209 BT_DBG("dst addr %pMR dst type %d ip %pI6c", 210 &peer->chan->dst, peer->chan->dst_type, 211 &peer->peer_addr); 212 213 if (!ipv6_addr_cmp(&peer->peer_addr, nexthop)) { 214 rcu_read_unlock(); 215 return peer; 216 } 217 } 218 219 rcu_read_unlock(); 220 221 return NULL; 222 } 223 224 static struct lowpan_peer *lookup_peer(struct l2cap_conn *conn) 225 { 226 struct lowpan_btle_dev *entry; 227 struct lowpan_peer *peer = NULL; 228 229 rcu_read_lock(); 230 231 list_for_each_entry_rcu(entry, &bt_6lowpan_devices, list) { 232 peer = __peer_lookup_conn(entry, conn); 233 if (peer) 234 break; 235 } 236 237 rcu_read_unlock(); 238 239 return peer; 240 } 241 242 static struct lowpan_btle_dev *lookup_dev(struct l2cap_conn *conn) 243 { 244 struct lowpan_btle_dev *entry; 245 struct lowpan_btle_dev *dev = NULL; 246 247 rcu_read_lock(); 248 249 list_for_each_entry_rcu(entry, &bt_6lowpan_devices, list) { 250 if (conn->hcon->hdev == entry->hdev) { 251 dev = entry; 252 break; 253 } 254 } 255 256 rcu_read_unlock(); 257 258 return dev; 259 } 260 261 static int give_skb_to_upper(struct sk_buff *skb, struct net_device *dev) 262 { 263 struct sk_buff *skb_cp; 264 265 skb_cp = skb_copy(skb, GFP_ATOMIC); 266 if (!skb_cp) 267 return NET_RX_DROP; 268 269 return netif_rx_ni(skb_cp); 270 } 271 272 static int iphc_decompress(struct sk_buff *skb, struct net_device *netdev, 273 struct l2cap_chan *chan) 274 { 275 const u8 *saddr, *daddr; 276 struct lowpan_btle_dev *dev; 277 struct lowpan_peer *peer; 278 279 dev = lowpan_btle_dev(netdev); 280 281 rcu_read_lock(); 282 peer = __peer_lookup_chan(dev, chan); 283 rcu_read_unlock(); 284 if (!peer) 285 return -EINVAL; 286 287 saddr = peer->eui64_addr; 288 daddr = dev->netdev->dev_addr; 289 290 return lowpan_header_decompress(skb, netdev, daddr, saddr); 291 } 292 293 static int recv_pkt(struct sk_buff *skb, struct net_device *dev, 294 struct l2cap_chan *chan) 295 { 296 struct sk_buff *local_skb; 297 int ret; 298 299 if (!netif_running(dev)) 300 goto drop; 301 302 if (dev->type != ARPHRD_6LOWPAN || !skb->len) 303 goto drop; 304 305 skb_reset_network_header(skb); 306 307 skb = skb_share_check(skb, GFP_ATOMIC); 308 if (!skb) 309 goto drop; 310 311 /* check that it's our buffer */ 312 if (lowpan_is_ipv6(*skb_network_header(skb))) { 313 /* Pull off the 1-byte of 6lowpan header. */ 314 skb_pull(skb, 1); 315 316 /* Copy the packet so that the IPv6 header is 317 * properly aligned. 318 */ 319 local_skb = skb_copy_expand(skb, NET_SKB_PAD - 1, 320 skb_tailroom(skb), GFP_ATOMIC); 321 if (!local_skb) 322 goto drop; 323 324 local_skb->protocol = htons(ETH_P_IPV6); 325 local_skb->pkt_type = PACKET_HOST; 326 local_skb->dev = dev; 327 328 skb_set_transport_header(local_skb, sizeof(struct ipv6hdr)); 329 330 if (give_skb_to_upper(local_skb, dev) != NET_RX_SUCCESS) { 331 kfree_skb(local_skb); 332 goto drop; 333 } 334 335 dev->stats.rx_bytes += skb->len; 336 dev->stats.rx_packets++; 337 338 consume_skb(local_skb); 339 consume_skb(skb); 340 } else if (lowpan_is_iphc(*skb_network_header(skb))) { 341 local_skb = skb_clone(skb, GFP_ATOMIC); 342 if (!local_skb) 343 goto drop; 344 345 local_skb->dev = dev; 346 347 ret = iphc_decompress(local_skb, dev, chan); 348 if (ret < 0) { 349 kfree_skb(local_skb); 350 goto drop; 351 } 352 353 local_skb->protocol = htons(ETH_P_IPV6); 354 local_skb->pkt_type = PACKET_HOST; 355 356 if (give_skb_to_upper(local_skb, dev) 357 != NET_RX_SUCCESS) { 358 kfree_skb(local_skb); 359 goto drop; 360 } 361 362 dev->stats.rx_bytes += skb->len; 363 dev->stats.rx_packets++; 364 365 consume_skb(local_skb); 366 consume_skb(skb); 367 } else { 368 goto drop; 369 } 370 371 return NET_RX_SUCCESS; 372 373 drop: 374 dev->stats.rx_dropped++; 375 return NET_RX_DROP; 376 } 377 378 /* Packet from BT LE device */ 379 static int chan_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb) 380 { 381 struct lowpan_btle_dev *dev; 382 struct lowpan_peer *peer; 383 int err; 384 385 peer = lookup_peer(chan->conn); 386 if (!peer) 387 return -ENOENT; 388 389 dev = lookup_dev(chan->conn); 390 if (!dev || !dev->netdev) 391 return -ENOENT; 392 393 err = recv_pkt(skb, dev->netdev, chan); 394 if (err) { 395 BT_DBG("recv pkt %d", err); 396 err = -EAGAIN; 397 } 398 399 return err; 400 } 401 402 static u8 get_addr_type_from_eui64(u8 byte) 403 { 404 /* Is universal(0) or local(1) bit */ 405 return ((byte & 0x02) ? BDADDR_LE_RANDOM : BDADDR_LE_PUBLIC); 406 } 407 408 static void copy_to_bdaddr(struct in6_addr *ip6_daddr, bdaddr_t *addr) 409 { 410 u8 *eui64 = ip6_daddr->s6_addr + 8; 411 412 addr->b[0] = eui64[7]; 413 addr->b[1] = eui64[6]; 414 addr->b[2] = eui64[5]; 415 addr->b[3] = eui64[2]; 416 addr->b[4] = eui64[1]; 417 addr->b[5] = eui64[0]; 418 } 419 420 static void convert_dest_bdaddr(struct in6_addr *ip6_daddr, 421 bdaddr_t *addr, u8 *addr_type) 422 { 423 copy_to_bdaddr(ip6_daddr, addr); 424 425 /* We need to toggle the U/L bit that we got from IPv6 address 426 * so that we get the proper address and type of the BD address. 427 */ 428 addr->b[5] ^= 0x02; 429 430 *addr_type = get_addr_type_from_eui64(addr->b[5]); 431 } 432 433 static int setup_header(struct sk_buff *skb, struct net_device *netdev, 434 bdaddr_t *peer_addr, u8 *peer_addr_type) 435 { 436 struct in6_addr ipv6_daddr; 437 struct ipv6hdr *hdr; 438 struct lowpan_btle_dev *dev; 439 struct lowpan_peer *peer; 440 bdaddr_t addr, *any = BDADDR_ANY; 441 u8 *daddr = any->b; 442 int err, status = 0; 443 444 hdr = ipv6_hdr(skb); 445 446 dev = lowpan_btle_dev(netdev); 447 448 memcpy(&ipv6_daddr, &hdr->daddr, sizeof(ipv6_daddr)); 449 450 if (ipv6_addr_is_multicast(&ipv6_daddr)) { 451 lowpan_cb(skb)->chan = NULL; 452 } else { 453 u8 addr_type; 454 455 /* Get destination BT device from skb. 456 * If there is no such peer then discard the packet. 457 */ 458 convert_dest_bdaddr(&ipv6_daddr, &addr, &addr_type); 459 460 BT_DBG("dest addr %pMR type %d IP %pI6c", &addr, 461 addr_type, &ipv6_daddr); 462 463 peer = peer_lookup_ba(dev, &addr, addr_type); 464 if (!peer) { 465 /* The packet might be sent to 6lowpan interface 466 * because of routing (either via default route 467 * or user set route) so get peer according to 468 * the destination address. 469 */ 470 peer = peer_lookup_dst(dev, &ipv6_daddr, skb); 471 if (!peer) { 472 BT_DBG("no such peer %pMR found", &addr); 473 return -ENOENT; 474 } 475 } 476 477 daddr = peer->eui64_addr; 478 *peer_addr = addr; 479 *peer_addr_type = addr_type; 480 lowpan_cb(skb)->chan = peer->chan; 481 482 status = 1; 483 } 484 485 lowpan_header_compress(skb, netdev, daddr, dev->netdev->dev_addr); 486 487 err = dev_hard_header(skb, netdev, ETH_P_IPV6, NULL, NULL, 0); 488 if (err < 0) 489 return err; 490 491 return status; 492 } 493 494 static int header_create(struct sk_buff *skb, struct net_device *netdev, 495 unsigned short type, const void *_daddr, 496 const void *_saddr, unsigned int len) 497 { 498 if (type != ETH_P_IPV6) 499 return -EINVAL; 500 501 return 0; 502 } 503 504 /* Packet to BT LE device */ 505 static int send_pkt(struct l2cap_chan *chan, struct sk_buff *skb, 506 struct net_device *netdev) 507 { 508 struct msghdr msg; 509 struct kvec iv; 510 int err; 511 512 /* Remember the skb so that we can send EAGAIN to the caller if 513 * we run out of credits. 514 */ 515 chan->data = skb; 516 517 iv.iov_base = skb->data; 518 iv.iov_len = skb->len; 519 520 memset(&msg, 0, sizeof(msg)); 521 iov_iter_kvec(&msg.msg_iter, WRITE | ITER_KVEC, &iv, 1, skb->len); 522 523 err = l2cap_chan_send(chan, &msg, skb->len); 524 if (err > 0) { 525 netdev->stats.tx_bytes += err; 526 netdev->stats.tx_packets++; 527 return 0; 528 } 529 530 if (!err) 531 err = lowpan_cb(skb)->status; 532 533 if (err < 0) { 534 if (err == -EAGAIN) 535 netdev->stats.tx_dropped++; 536 else 537 netdev->stats.tx_errors++; 538 } 539 540 return err; 541 } 542 543 static int send_mcast_pkt(struct sk_buff *skb, struct net_device *netdev) 544 { 545 struct sk_buff *local_skb; 546 struct lowpan_btle_dev *entry; 547 int err = 0; 548 549 rcu_read_lock(); 550 551 list_for_each_entry_rcu(entry, &bt_6lowpan_devices, list) { 552 struct lowpan_peer *pentry; 553 struct lowpan_btle_dev *dev; 554 555 if (entry->netdev != netdev) 556 continue; 557 558 dev = lowpan_btle_dev(entry->netdev); 559 560 list_for_each_entry_rcu(pentry, &dev->peers, list) { 561 int ret; 562 563 local_skb = skb_clone(skb, GFP_ATOMIC); 564 565 BT_DBG("xmit %s to %pMR type %d IP %pI6c chan %p", 566 netdev->name, 567 &pentry->chan->dst, pentry->chan->dst_type, 568 &pentry->peer_addr, pentry->chan); 569 ret = send_pkt(pentry->chan, local_skb, netdev); 570 if (ret < 0) 571 err = ret; 572 573 kfree_skb(local_skb); 574 } 575 } 576 577 rcu_read_unlock(); 578 579 return err; 580 } 581 582 static netdev_tx_t bt_xmit(struct sk_buff *skb, struct net_device *netdev) 583 { 584 int err = 0; 585 bdaddr_t addr; 586 u8 addr_type; 587 588 /* We must take a copy of the skb before we modify/replace the ipv6 589 * header as the header could be used elsewhere 590 */ 591 skb = skb_unshare(skb, GFP_ATOMIC); 592 if (!skb) 593 return NET_XMIT_DROP; 594 595 /* Return values from setup_header() 596 * <0 - error, packet is dropped 597 * 0 - this is a multicast packet 598 * 1 - this is unicast packet 599 */ 600 err = setup_header(skb, netdev, &addr, &addr_type); 601 if (err < 0) { 602 kfree_skb(skb); 603 return NET_XMIT_DROP; 604 } 605 606 if (err) { 607 if (lowpan_cb(skb)->chan) { 608 BT_DBG("xmit %s to %pMR type %d IP %pI6c chan %p", 609 netdev->name, &addr, addr_type, 610 &lowpan_cb(skb)->addr, lowpan_cb(skb)->chan); 611 err = send_pkt(lowpan_cb(skb)->chan, skb, netdev); 612 } else { 613 err = -ENOENT; 614 } 615 } else { 616 /* We need to send the packet to every device behind this 617 * interface. 618 */ 619 err = send_mcast_pkt(skb, netdev); 620 } 621 622 dev_kfree_skb(skb); 623 624 if (err) 625 BT_DBG("ERROR: xmit failed (%d)", err); 626 627 return err < 0 ? NET_XMIT_DROP : err; 628 } 629 630 static int bt_dev_init(struct net_device *dev) 631 { 632 netdev_lockdep_set_classes(dev); 633 634 return 0; 635 } 636 637 static const struct net_device_ops netdev_ops = { 638 .ndo_init = bt_dev_init, 639 .ndo_start_xmit = bt_xmit, 640 }; 641 642 static struct header_ops header_ops = { 643 .create = header_create, 644 }; 645 646 static void netdev_setup(struct net_device *dev) 647 { 648 dev->hard_header_len = 0; 649 dev->needed_tailroom = 0; 650 dev->flags = IFF_RUNNING | IFF_POINTOPOINT | 651 IFF_MULTICAST; 652 dev->watchdog_timeo = 0; 653 654 dev->netdev_ops = &netdev_ops; 655 dev->header_ops = &header_ops; 656 dev->destructor = free_netdev; 657 } 658 659 static struct device_type bt_type = { 660 .name = "bluetooth", 661 }; 662 663 static void set_addr(u8 *eui, u8 *addr, u8 addr_type) 664 { 665 /* addr is the BT address in little-endian format */ 666 eui[0] = addr[5]; 667 eui[1] = addr[4]; 668 eui[2] = addr[3]; 669 eui[3] = 0xFF; 670 eui[4] = 0xFE; 671 eui[5] = addr[2]; 672 eui[6] = addr[1]; 673 eui[7] = addr[0]; 674 675 /* Universal/local bit set, BT 6lowpan draft ch. 3.2.1 */ 676 if (addr_type == BDADDR_LE_PUBLIC) 677 eui[0] &= ~0x02; 678 else 679 eui[0] |= 0x02; 680 681 BT_DBG("type %d addr %*phC", addr_type, 8, eui); 682 } 683 684 static void set_dev_addr(struct net_device *netdev, bdaddr_t *addr, 685 u8 addr_type) 686 { 687 netdev->addr_assign_type = NET_ADDR_PERM; 688 set_addr(netdev->dev_addr, addr->b, addr_type); 689 } 690 691 static void ifup(struct net_device *netdev) 692 { 693 int err; 694 695 rtnl_lock(); 696 err = dev_open(netdev); 697 if (err < 0) 698 BT_INFO("iface %s cannot be opened (%d)", netdev->name, err); 699 rtnl_unlock(); 700 } 701 702 static void ifdown(struct net_device *netdev) 703 { 704 int err; 705 706 rtnl_lock(); 707 err = dev_close(netdev); 708 if (err < 0) 709 BT_INFO("iface %s cannot be closed (%d)", netdev->name, err); 710 rtnl_unlock(); 711 } 712 713 static void do_notify_peers(struct work_struct *work) 714 { 715 struct lowpan_btle_dev *dev = container_of(work, struct lowpan_btle_dev, 716 notify_peers.work); 717 718 netdev_notify_peers(dev->netdev); /* send neighbour adv at startup */ 719 } 720 721 static bool is_bt_6lowpan(struct hci_conn *hcon) 722 { 723 if (hcon->type != LE_LINK) 724 return false; 725 726 if (!enable_6lowpan) 727 return false; 728 729 return true; 730 } 731 732 static struct l2cap_chan *chan_create(void) 733 { 734 struct l2cap_chan *chan; 735 736 chan = l2cap_chan_create(); 737 if (!chan) 738 return NULL; 739 740 l2cap_chan_set_defaults(chan); 741 742 chan->chan_type = L2CAP_CHAN_CONN_ORIENTED; 743 chan->mode = L2CAP_MODE_LE_FLOWCTL; 744 chan->imtu = 1280; 745 746 return chan; 747 } 748 749 static void set_ip_addr_bits(u8 addr_type, u8 *addr) 750 { 751 if (addr_type == BDADDR_LE_PUBLIC) 752 *addr |= 0x02; 753 else 754 *addr &= ~0x02; 755 } 756 757 static struct l2cap_chan *add_peer_chan(struct l2cap_chan *chan, 758 struct lowpan_btle_dev *dev) 759 { 760 struct lowpan_peer *peer; 761 762 peer = kzalloc(sizeof(*peer), GFP_ATOMIC); 763 if (!peer) 764 return NULL; 765 766 peer->chan = chan; 767 memset(&peer->peer_addr, 0, sizeof(struct in6_addr)); 768 769 /* RFC 2464 ch. 5 */ 770 peer->peer_addr.s6_addr[0] = 0xFE; 771 peer->peer_addr.s6_addr[1] = 0x80; 772 set_addr((u8 *)&peer->peer_addr.s6_addr + 8, chan->dst.b, 773 chan->dst_type); 774 775 memcpy(&peer->eui64_addr, (u8 *)&peer->peer_addr.s6_addr + 8, 776 EUI64_ADDR_LEN); 777 778 /* IPv6 address needs to have the U/L bit set properly so toggle 779 * it back here. 780 */ 781 set_ip_addr_bits(chan->dst_type, (u8 *)&peer->peer_addr.s6_addr + 8); 782 783 spin_lock(&devices_lock); 784 INIT_LIST_HEAD(&peer->list); 785 peer_add(dev, peer); 786 spin_unlock(&devices_lock); 787 788 /* Notifying peers about us needs to be done without locks held */ 789 INIT_DELAYED_WORK(&dev->notify_peers, do_notify_peers); 790 schedule_delayed_work(&dev->notify_peers, msecs_to_jiffies(100)); 791 792 return peer->chan; 793 } 794 795 static int setup_netdev(struct l2cap_chan *chan, struct lowpan_btle_dev **dev) 796 { 797 struct net_device *netdev; 798 int err = 0; 799 800 netdev = alloc_netdev(LOWPAN_PRIV_SIZE(sizeof(struct lowpan_btle_dev)), 801 IFACE_NAME_TEMPLATE, NET_NAME_UNKNOWN, 802 netdev_setup); 803 if (!netdev) 804 return -ENOMEM; 805 806 set_dev_addr(netdev, &chan->src, chan->src_type); 807 808 netdev->netdev_ops = &netdev_ops; 809 SET_NETDEV_DEV(netdev, &chan->conn->hcon->hdev->dev); 810 SET_NETDEV_DEVTYPE(netdev, &bt_type); 811 812 *dev = lowpan_btle_dev(netdev); 813 (*dev)->netdev = netdev; 814 (*dev)->hdev = chan->conn->hcon->hdev; 815 INIT_LIST_HEAD(&(*dev)->peers); 816 817 spin_lock(&devices_lock); 818 INIT_LIST_HEAD(&(*dev)->list); 819 list_add_rcu(&(*dev)->list, &bt_6lowpan_devices); 820 spin_unlock(&devices_lock); 821 822 err = lowpan_register_netdev(netdev, LOWPAN_LLTYPE_BTLE); 823 if (err < 0) { 824 BT_INFO("register_netdev failed %d", err); 825 spin_lock(&devices_lock); 826 list_del_rcu(&(*dev)->list); 827 spin_unlock(&devices_lock); 828 free_netdev(netdev); 829 goto out; 830 } 831 832 BT_DBG("ifindex %d peer bdaddr %pMR type %d my addr %pMR type %d", 833 netdev->ifindex, &chan->dst, chan->dst_type, 834 &chan->src, chan->src_type); 835 set_bit(__LINK_STATE_PRESENT, &netdev->state); 836 837 return 0; 838 839 out: 840 return err; 841 } 842 843 static inline void chan_ready_cb(struct l2cap_chan *chan) 844 { 845 struct lowpan_btle_dev *dev; 846 847 dev = lookup_dev(chan->conn); 848 849 BT_DBG("chan %p conn %p dev %p", chan, chan->conn, dev); 850 851 if (!dev) { 852 if (setup_netdev(chan, &dev) < 0) { 853 l2cap_chan_del(chan, -ENOENT); 854 return; 855 } 856 } 857 858 if (!try_module_get(THIS_MODULE)) 859 return; 860 861 add_peer_chan(chan, dev); 862 ifup(dev->netdev); 863 } 864 865 static inline struct l2cap_chan *chan_new_conn_cb(struct l2cap_chan *pchan) 866 { 867 struct l2cap_chan *chan; 868 869 chan = chan_create(); 870 if (!chan) 871 return NULL; 872 873 chan->ops = pchan->ops; 874 875 BT_DBG("chan %p pchan %p", chan, pchan); 876 877 return chan; 878 } 879 880 static void delete_netdev(struct work_struct *work) 881 { 882 struct lowpan_btle_dev *entry = container_of(work, 883 struct lowpan_btle_dev, 884 delete_netdev); 885 886 lowpan_unregister_netdev(entry->netdev); 887 888 /* The entry pointer is deleted by the netdev destructor. */ 889 } 890 891 static void chan_close_cb(struct l2cap_chan *chan) 892 { 893 struct lowpan_btle_dev *entry; 894 struct lowpan_btle_dev *dev = NULL; 895 struct lowpan_peer *peer; 896 int err = -ENOENT; 897 bool last = false, remove = true; 898 899 BT_DBG("chan %p conn %p", chan, chan->conn); 900 901 if (chan->conn && chan->conn->hcon) { 902 if (!is_bt_6lowpan(chan->conn->hcon)) 903 return; 904 905 /* If conn is set, then the netdev is also there and we should 906 * not remove it. 907 */ 908 remove = false; 909 } 910 911 spin_lock(&devices_lock); 912 913 list_for_each_entry_rcu(entry, &bt_6lowpan_devices, list) { 914 dev = lowpan_btle_dev(entry->netdev); 915 peer = __peer_lookup_chan(dev, chan); 916 if (peer) { 917 last = peer_del(dev, peer); 918 err = 0; 919 920 BT_DBG("dev %p removing %speer %p", dev, 921 last ? "last " : "1 ", peer); 922 BT_DBG("chan %p orig refcnt %d", chan, 923 atomic_read(&chan->kref.refcount)); 924 925 l2cap_chan_put(chan); 926 break; 927 } 928 } 929 930 if (!err && last && dev && !atomic_read(&dev->peer_count)) { 931 spin_unlock(&devices_lock); 932 933 cancel_delayed_work_sync(&dev->notify_peers); 934 935 ifdown(dev->netdev); 936 937 if (remove) { 938 INIT_WORK(&entry->delete_netdev, delete_netdev); 939 schedule_work(&entry->delete_netdev); 940 } 941 } else { 942 spin_unlock(&devices_lock); 943 } 944 945 return; 946 } 947 948 static void chan_state_change_cb(struct l2cap_chan *chan, int state, int err) 949 { 950 BT_DBG("chan %p conn %p state %s err %d", chan, chan->conn, 951 state_to_string(state), err); 952 } 953 954 static struct sk_buff *chan_alloc_skb_cb(struct l2cap_chan *chan, 955 unsigned long hdr_len, 956 unsigned long len, int nb) 957 { 958 /* Note that we must allocate using GFP_ATOMIC here as 959 * this function is called originally from netdev hard xmit 960 * function in atomic context. 961 */ 962 return bt_skb_alloc(hdr_len + len, GFP_ATOMIC); 963 } 964 965 static void chan_suspend_cb(struct l2cap_chan *chan) 966 { 967 struct sk_buff *skb = chan->data; 968 969 BT_DBG("chan %p conn %p skb %p", chan, chan->conn, skb); 970 971 if (!skb) 972 return; 973 974 lowpan_cb(skb)->status = -EAGAIN; 975 } 976 977 static void chan_resume_cb(struct l2cap_chan *chan) 978 { 979 struct sk_buff *skb = chan->data; 980 981 BT_DBG("chan %p conn %p skb %p", chan, chan->conn, skb); 982 983 if (!skb) 984 return; 985 986 lowpan_cb(skb)->status = 0; 987 } 988 989 static long chan_get_sndtimeo_cb(struct l2cap_chan *chan) 990 { 991 return L2CAP_CONN_TIMEOUT; 992 } 993 994 static const struct l2cap_ops bt_6lowpan_chan_ops = { 995 .name = "L2CAP 6LoWPAN channel", 996 .new_connection = chan_new_conn_cb, 997 .recv = chan_recv_cb, 998 .close = chan_close_cb, 999 .state_change = chan_state_change_cb, 1000 .ready = chan_ready_cb, 1001 .resume = chan_resume_cb, 1002 .suspend = chan_suspend_cb, 1003 .get_sndtimeo = chan_get_sndtimeo_cb, 1004 .alloc_skb = chan_alloc_skb_cb, 1005 1006 .teardown = l2cap_chan_no_teardown, 1007 .defer = l2cap_chan_no_defer, 1008 .set_shutdown = l2cap_chan_no_set_shutdown, 1009 }; 1010 1011 static inline __u8 bdaddr_type(__u8 type) 1012 { 1013 if (type == ADDR_LE_DEV_PUBLIC) 1014 return BDADDR_LE_PUBLIC; 1015 else 1016 return BDADDR_LE_RANDOM; 1017 } 1018 1019 static int bt_6lowpan_connect(bdaddr_t *addr, u8 dst_type) 1020 { 1021 struct l2cap_chan *chan; 1022 int err; 1023 1024 chan = chan_create(); 1025 if (!chan) 1026 return -EINVAL; 1027 1028 chan->ops = &bt_6lowpan_chan_ops; 1029 1030 err = l2cap_chan_connect(chan, cpu_to_le16(L2CAP_PSM_IPSP), 0, 1031 addr, dst_type); 1032 1033 BT_DBG("chan %p err %d", chan, err); 1034 if (err < 0) 1035 l2cap_chan_put(chan); 1036 1037 return err; 1038 } 1039 1040 static int bt_6lowpan_disconnect(struct l2cap_conn *conn, u8 dst_type) 1041 { 1042 struct lowpan_peer *peer; 1043 1044 BT_DBG("conn %p dst type %d", conn, dst_type); 1045 1046 peer = lookup_peer(conn); 1047 if (!peer) 1048 return -ENOENT; 1049 1050 BT_DBG("peer %p chan %p", peer, peer->chan); 1051 1052 l2cap_chan_close(peer->chan, ENOENT); 1053 1054 return 0; 1055 } 1056 1057 static struct l2cap_chan *bt_6lowpan_listen(void) 1058 { 1059 bdaddr_t *addr = BDADDR_ANY; 1060 struct l2cap_chan *chan; 1061 int err; 1062 1063 if (!enable_6lowpan) 1064 return NULL; 1065 1066 chan = chan_create(); 1067 if (!chan) 1068 return NULL; 1069 1070 chan->ops = &bt_6lowpan_chan_ops; 1071 chan->state = BT_LISTEN; 1072 chan->src_type = BDADDR_LE_PUBLIC; 1073 1074 atomic_set(&chan->nesting, L2CAP_NESTING_PARENT); 1075 1076 BT_DBG("chan %p src type %d", chan, chan->src_type); 1077 1078 err = l2cap_add_psm(chan, addr, cpu_to_le16(L2CAP_PSM_IPSP)); 1079 if (err) { 1080 l2cap_chan_put(chan); 1081 BT_ERR("psm cannot be added err %d", err); 1082 return NULL; 1083 } 1084 1085 return chan; 1086 } 1087 1088 static int get_l2cap_conn(char *buf, bdaddr_t *addr, u8 *addr_type, 1089 struct l2cap_conn **conn) 1090 { 1091 struct hci_conn *hcon; 1092 struct hci_dev *hdev; 1093 int n; 1094 1095 n = sscanf(buf, "%hhx:%hhx:%hhx:%hhx:%hhx:%hhx %hhu", 1096 &addr->b[5], &addr->b[4], &addr->b[3], 1097 &addr->b[2], &addr->b[1], &addr->b[0], 1098 addr_type); 1099 1100 if (n < 7) 1101 return -EINVAL; 1102 1103 /* The LE_PUBLIC address type is ignored because of BDADDR_ANY */ 1104 hdev = hci_get_route(addr, BDADDR_ANY, BDADDR_LE_PUBLIC); 1105 if (!hdev) 1106 return -ENOENT; 1107 1108 hci_dev_lock(hdev); 1109 hcon = hci_conn_hash_lookup_le(hdev, addr, *addr_type); 1110 hci_dev_unlock(hdev); 1111 1112 if (!hcon) 1113 return -ENOENT; 1114 1115 *conn = (struct l2cap_conn *)hcon->l2cap_data; 1116 1117 BT_DBG("conn %p dst %pMR type %d", *conn, &hcon->dst, hcon->dst_type); 1118 1119 return 0; 1120 } 1121 1122 static void disconnect_all_peers(void) 1123 { 1124 struct lowpan_btle_dev *entry; 1125 struct lowpan_peer *peer, *tmp_peer, *new_peer; 1126 struct list_head peers; 1127 1128 INIT_LIST_HEAD(&peers); 1129 1130 /* We make a separate list of peers as the close_cb() will 1131 * modify the device peers list so it is better not to mess 1132 * with the same list at the same time. 1133 */ 1134 1135 rcu_read_lock(); 1136 1137 list_for_each_entry_rcu(entry, &bt_6lowpan_devices, list) { 1138 list_for_each_entry_rcu(peer, &entry->peers, list) { 1139 new_peer = kmalloc(sizeof(*new_peer), GFP_ATOMIC); 1140 if (!new_peer) 1141 break; 1142 1143 new_peer->chan = peer->chan; 1144 INIT_LIST_HEAD(&new_peer->list); 1145 1146 list_add(&new_peer->list, &peers); 1147 } 1148 } 1149 1150 rcu_read_unlock(); 1151 1152 spin_lock(&devices_lock); 1153 list_for_each_entry_safe(peer, tmp_peer, &peers, list) { 1154 l2cap_chan_close(peer->chan, ENOENT); 1155 1156 list_del_rcu(&peer->list); 1157 kfree_rcu(peer, rcu); 1158 } 1159 spin_unlock(&devices_lock); 1160 } 1161 1162 struct set_enable { 1163 struct work_struct work; 1164 bool flag; 1165 }; 1166 1167 static void do_enable_set(struct work_struct *work) 1168 { 1169 struct set_enable *set_enable = container_of(work, 1170 struct set_enable, work); 1171 1172 if (!set_enable->flag || enable_6lowpan != set_enable->flag) 1173 /* Disconnect existing connections if 6lowpan is 1174 * disabled 1175 */ 1176 disconnect_all_peers(); 1177 1178 enable_6lowpan = set_enable->flag; 1179 1180 if (listen_chan) { 1181 l2cap_chan_close(listen_chan, 0); 1182 l2cap_chan_put(listen_chan); 1183 } 1184 1185 listen_chan = bt_6lowpan_listen(); 1186 1187 kfree(set_enable); 1188 } 1189 1190 static int lowpan_enable_set(void *data, u64 val) 1191 { 1192 struct set_enable *set_enable; 1193 1194 set_enable = kzalloc(sizeof(*set_enable), GFP_KERNEL); 1195 if (!set_enable) 1196 return -ENOMEM; 1197 1198 set_enable->flag = !!val; 1199 INIT_WORK(&set_enable->work, do_enable_set); 1200 1201 schedule_work(&set_enable->work); 1202 1203 return 0; 1204 } 1205 1206 static int lowpan_enable_get(void *data, u64 *val) 1207 { 1208 *val = enable_6lowpan; 1209 return 0; 1210 } 1211 1212 DEFINE_SIMPLE_ATTRIBUTE(lowpan_enable_fops, lowpan_enable_get, 1213 lowpan_enable_set, "%llu\n"); 1214 1215 static ssize_t lowpan_control_write(struct file *fp, 1216 const char __user *user_buffer, 1217 size_t count, 1218 loff_t *position) 1219 { 1220 char buf[32]; 1221 size_t buf_size = min(count, sizeof(buf) - 1); 1222 int ret; 1223 bdaddr_t addr; 1224 u8 addr_type; 1225 struct l2cap_conn *conn = NULL; 1226 1227 if (copy_from_user(buf, user_buffer, buf_size)) 1228 return -EFAULT; 1229 1230 buf[buf_size] = '\0'; 1231 1232 if (memcmp(buf, "connect ", 8) == 0) { 1233 ret = get_l2cap_conn(&buf[8], &addr, &addr_type, &conn); 1234 if (ret == -EINVAL) 1235 return ret; 1236 1237 if (listen_chan) { 1238 l2cap_chan_close(listen_chan, 0); 1239 l2cap_chan_put(listen_chan); 1240 listen_chan = NULL; 1241 } 1242 1243 if (conn) { 1244 struct lowpan_peer *peer; 1245 1246 if (!is_bt_6lowpan(conn->hcon)) 1247 return -EINVAL; 1248 1249 peer = lookup_peer(conn); 1250 if (peer) { 1251 BT_DBG("6LoWPAN connection already exists"); 1252 return -EALREADY; 1253 } 1254 1255 BT_DBG("conn %p dst %pMR type %d user %d", conn, 1256 &conn->hcon->dst, conn->hcon->dst_type, 1257 addr_type); 1258 } 1259 1260 ret = bt_6lowpan_connect(&addr, addr_type); 1261 if (ret < 0) 1262 return ret; 1263 1264 return count; 1265 } 1266 1267 if (memcmp(buf, "disconnect ", 11) == 0) { 1268 ret = get_l2cap_conn(&buf[11], &addr, &addr_type, &conn); 1269 if (ret < 0) 1270 return ret; 1271 1272 ret = bt_6lowpan_disconnect(conn, addr_type); 1273 if (ret < 0) 1274 return ret; 1275 1276 return count; 1277 } 1278 1279 return count; 1280 } 1281 1282 static int lowpan_control_show(struct seq_file *f, void *ptr) 1283 { 1284 struct lowpan_btle_dev *entry; 1285 struct lowpan_peer *peer; 1286 1287 spin_lock(&devices_lock); 1288 1289 list_for_each_entry(entry, &bt_6lowpan_devices, list) { 1290 list_for_each_entry(peer, &entry->peers, list) 1291 seq_printf(f, "%pMR (type %u)\n", 1292 &peer->chan->dst, peer->chan->dst_type); 1293 } 1294 1295 spin_unlock(&devices_lock); 1296 1297 return 0; 1298 } 1299 1300 static int lowpan_control_open(struct inode *inode, struct file *file) 1301 { 1302 return single_open(file, lowpan_control_show, inode->i_private); 1303 } 1304 1305 static const struct file_operations lowpan_control_fops = { 1306 .open = lowpan_control_open, 1307 .read = seq_read, 1308 .write = lowpan_control_write, 1309 .llseek = seq_lseek, 1310 .release = single_release, 1311 }; 1312 1313 static void disconnect_devices(void) 1314 { 1315 struct lowpan_btle_dev *entry, *tmp, *new_dev; 1316 struct list_head devices; 1317 1318 INIT_LIST_HEAD(&devices); 1319 1320 /* We make a separate list of devices because the unregister_netdev() 1321 * will call device_event() which will also want to modify the same 1322 * devices list. 1323 */ 1324 1325 rcu_read_lock(); 1326 1327 list_for_each_entry_rcu(entry, &bt_6lowpan_devices, list) { 1328 new_dev = kmalloc(sizeof(*new_dev), GFP_ATOMIC); 1329 if (!new_dev) 1330 break; 1331 1332 new_dev->netdev = entry->netdev; 1333 INIT_LIST_HEAD(&new_dev->list); 1334 1335 list_add_rcu(&new_dev->list, &devices); 1336 } 1337 1338 rcu_read_unlock(); 1339 1340 list_for_each_entry_safe(entry, tmp, &devices, list) { 1341 ifdown(entry->netdev); 1342 BT_DBG("Unregistering netdev %s %p", 1343 entry->netdev->name, entry->netdev); 1344 lowpan_unregister_netdev(entry->netdev); 1345 kfree(entry); 1346 } 1347 } 1348 1349 static int device_event(struct notifier_block *unused, 1350 unsigned long event, void *ptr) 1351 { 1352 struct net_device *netdev = netdev_notifier_info_to_dev(ptr); 1353 struct lowpan_btle_dev *entry; 1354 1355 if (netdev->type != ARPHRD_6LOWPAN) 1356 return NOTIFY_DONE; 1357 1358 switch (event) { 1359 case NETDEV_UNREGISTER: 1360 spin_lock(&devices_lock); 1361 list_for_each_entry(entry, &bt_6lowpan_devices, list) { 1362 if (entry->netdev == netdev) { 1363 BT_DBG("Unregistered netdev %s %p", 1364 netdev->name, netdev); 1365 list_del(&entry->list); 1366 break; 1367 } 1368 } 1369 spin_unlock(&devices_lock); 1370 break; 1371 } 1372 1373 return NOTIFY_DONE; 1374 } 1375 1376 static struct notifier_block bt_6lowpan_dev_notifier = { 1377 .notifier_call = device_event, 1378 }; 1379 1380 static int __init bt_6lowpan_init(void) 1381 { 1382 lowpan_enable_debugfs = debugfs_create_file("6lowpan_enable", 0644, 1383 bt_debugfs, NULL, 1384 &lowpan_enable_fops); 1385 lowpan_control_debugfs = debugfs_create_file("6lowpan_control", 0644, 1386 bt_debugfs, NULL, 1387 &lowpan_control_fops); 1388 1389 return register_netdevice_notifier(&bt_6lowpan_dev_notifier); 1390 } 1391 1392 static void __exit bt_6lowpan_exit(void) 1393 { 1394 debugfs_remove(lowpan_enable_debugfs); 1395 debugfs_remove(lowpan_control_debugfs); 1396 1397 if (listen_chan) { 1398 l2cap_chan_close(listen_chan, 0); 1399 l2cap_chan_put(listen_chan); 1400 } 1401 1402 disconnect_devices(); 1403 1404 unregister_netdevice_notifier(&bt_6lowpan_dev_notifier); 1405 } 1406 1407 module_init(bt_6lowpan_init); 1408 module_exit(bt_6lowpan_exit); 1409 1410 MODULE_AUTHOR("Jukka Rissanen <jukka.rissanen@linux.intel.com>"); 1411 MODULE_DESCRIPTION("Bluetooth 6LoWPAN"); 1412 MODULE_VERSION(VERSION); 1413 MODULE_LICENSE("GPL"); 1414