1 /* 2 Copyright (c) 2013-2014 Intel Corp. 3 4 This program is free software; you can redistribute it and/or modify 5 it under the terms of the GNU General Public License version 2 and 6 only version 2 as published by the Free Software Foundation. 7 8 This program is distributed in the hope that it will be useful, 9 but WITHOUT ANY WARRANTY; without even the implied warranty of 10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 GNU General Public License for more details. 12 */ 13 14 #include <linux/if_arp.h> 15 #include <linux/netdevice.h> 16 #include <linux/etherdevice.h> 17 #include <linux/module.h> 18 #include <linux/debugfs.h> 19 20 #include <net/ipv6.h> 21 #include <net/ip6_route.h> 22 #include <net/addrconf.h> 23 24 #include <net/af_ieee802154.h> /* to get the address type */ 25 26 #include <net/bluetooth/bluetooth.h> 27 #include <net/bluetooth/hci_core.h> 28 #include <net/bluetooth/l2cap.h> 29 30 #include <net/6lowpan.h> /* for the compression support */ 31 32 #define VERSION "0.1" 33 34 static struct dentry *lowpan_psm_debugfs; 35 static struct dentry *lowpan_control_debugfs; 36 37 #define IFACE_NAME_TEMPLATE "bt%d" 38 #define EUI64_ADDR_LEN 8 39 40 struct skb_cb { 41 struct in6_addr addr; 42 struct in6_addr gw; 43 struct l2cap_chan *chan; 44 int status; 45 }; 46 #define lowpan_cb(skb) ((struct skb_cb *)((skb)->cb)) 47 48 /* The devices list contains those devices that we are acting 49 * as a proxy. The BT 6LoWPAN device is a virtual device that 50 * connects to the Bluetooth LE device. The real connection to 51 * BT device is done via l2cap layer. There exists one 52 * virtual device / one BT 6LoWPAN network (=hciX device). 53 * The list contains struct lowpan_dev elements. 54 */ 55 static LIST_HEAD(bt_6lowpan_devices); 56 static DEFINE_SPINLOCK(devices_lock); 57 58 /* If psm is set to 0 (default value), then 6lowpan is disabled. 59 * Other values are used to indicate a Protocol Service Multiplexer 60 * value for 6lowpan. 61 */ 62 static u16 psm_6lowpan; 63 64 /* We are listening incoming connections via this channel 65 */ 66 static struct l2cap_chan *listen_chan; 67 68 struct lowpan_peer { 69 struct list_head list; 70 struct rcu_head rcu; 71 struct l2cap_chan *chan; 72 73 /* peer addresses in various formats */ 74 unsigned char eui64_addr[EUI64_ADDR_LEN]; 75 struct in6_addr peer_addr; 76 }; 77 78 struct lowpan_dev { 79 struct list_head list; 80 81 struct hci_dev *hdev; 82 struct net_device *netdev; 83 struct list_head peers; 84 atomic_t peer_count; /* number of items in peers list */ 85 86 struct work_struct delete_netdev; 87 struct delayed_work notify_peers; 88 }; 89 90 static inline struct lowpan_dev *lowpan_dev(const struct net_device *netdev) 91 { 92 return netdev_priv(netdev); 93 } 94 95 static inline void peer_add(struct lowpan_dev *dev, struct lowpan_peer *peer) 96 { 97 list_add_rcu(&peer->list, &dev->peers); 98 atomic_inc(&dev->peer_count); 99 } 100 101 static inline bool peer_del(struct lowpan_dev *dev, struct lowpan_peer *peer) 102 { 103 list_del_rcu(&peer->list); 104 kfree_rcu(peer, rcu); 105 106 module_put(THIS_MODULE); 107 108 if (atomic_dec_and_test(&dev->peer_count)) { 109 BT_DBG("last peer"); 110 return true; 111 } 112 113 return false; 114 } 115 116 static inline struct lowpan_peer *peer_lookup_ba(struct lowpan_dev *dev, 117 bdaddr_t *ba, __u8 type) 118 { 119 struct lowpan_peer *peer; 120 121 BT_DBG("peers %d addr %pMR type %d", atomic_read(&dev->peer_count), 122 ba, type); 123 124 rcu_read_lock(); 125 126 list_for_each_entry_rcu(peer, &dev->peers, list) { 127 BT_DBG("dst addr %pMR dst type %d", 128 &peer->chan->dst, peer->chan->dst_type); 129 130 if (bacmp(&peer->chan->dst, ba)) 131 continue; 132 133 if (type == peer->chan->dst_type) { 134 rcu_read_unlock(); 135 return peer; 136 } 137 } 138 139 rcu_read_unlock(); 140 141 return NULL; 142 } 143 144 static inline struct lowpan_peer *__peer_lookup_chan(struct lowpan_dev *dev, 145 struct l2cap_chan *chan) 146 { 147 struct lowpan_peer *peer; 148 149 list_for_each_entry_rcu(peer, &dev->peers, list) { 150 if (peer->chan == chan) 151 return peer; 152 } 153 154 return NULL; 155 } 156 157 static inline struct lowpan_peer *__peer_lookup_conn(struct lowpan_dev *dev, 158 struct l2cap_conn *conn) 159 { 160 struct lowpan_peer *peer; 161 162 list_for_each_entry_rcu(peer, &dev->peers, list) { 163 if (peer->chan->conn == conn) 164 return peer; 165 } 166 167 return NULL; 168 } 169 170 static inline struct lowpan_peer *peer_lookup_dst(struct lowpan_dev *dev, 171 struct in6_addr *daddr, 172 struct sk_buff *skb) 173 { 174 struct lowpan_peer *peer; 175 struct in6_addr *nexthop; 176 struct rt6_info *rt = (struct rt6_info *)skb_dst(skb); 177 int count = atomic_read(&dev->peer_count); 178 179 BT_DBG("peers %d addr %pI6c rt %p", count, daddr, rt); 180 181 /* If we have multiple 6lowpan peers, then check where we should 182 * send the packet. If only one peer exists, then we can send the 183 * packet right away. 184 */ 185 if (count == 1) { 186 rcu_read_lock(); 187 peer = list_first_or_null_rcu(&dev->peers, struct lowpan_peer, 188 list); 189 rcu_read_unlock(); 190 return peer; 191 } 192 193 if (!rt) { 194 nexthop = &lowpan_cb(skb)->gw; 195 196 if (ipv6_addr_any(nexthop)) 197 return NULL; 198 } else { 199 nexthop = rt6_nexthop(rt); 200 201 /* We need to remember the address because it is needed 202 * by bt_xmit() when sending the packet. In bt_xmit(), the 203 * destination routing info is not set. 204 */ 205 memcpy(&lowpan_cb(skb)->gw, nexthop, sizeof(struct in6_addr)); 206 } 207 208 BT_DBG("gw %pI6c", nexthop); 209 210 rcu_read_lock(); 211 212 list_for_each_entry_rcu(peer, &dev->peers, list) { 213 BT_DBG("dst addr %pMR dst type %d ip %pI6c", 214 &peer->chan->dst, peer->chan->dst_type, 215 &peer->peer_addr); 216 217 if (!ipv6_addr_cmp(&peer->peer_addr, nexthop)) { 218 rcu_read_unlock(); 219 return peer; 220 } 221 } 222 223 rcu_read_unlock(); 224 225 return NULL; 226 } 227 228 static struct lowpan_peer *lookup_peer(struct l2cap_conn *conn) 229 { 230 struct lowpan_dev *entry; 231 struct lowpan_peer *peer = NULL; 232 233 rcu_read_lock(); 234 235 list_for_each_entry_rcu(entry, &bt_6lowpan_devices, list) { 236 peer = __peer_lookup_conn(entry, conn); 237 if (peer) 238 break; 239 } 240 241 rcu_read_unlock(); 242 243 return peer; 244 } 245 246 static struct lowpan_dev *lookup_dev(struct l2cap_conn *conn) 247 { 248 struct lowpan_dev *entry; 249 struct lowpan_dev *dev = NULL; 250 251 rcu_read_lock(); 252 253 list_for_each_entry_rcu(entry, &bt_6lowpan_devices, list) { 254 if (conn->hcon->hdev == entry->hdev) { 255 dev = entry; 256 break; 257 } 258 } 259 260 rcu_read_unlock(); 261 262 return dev; 263 } 264 265 static int give_skb_to_upper(struct sk_buff *skb, struct net_device *dev) 266 { 267 struct sk_buff *skb_cp; 268 269 skb_cp = skb_copy(skb, GFP_ATOMIC); 270 if (!skb_cp) 271 return NET_RX_DROP; 272 273 return netif_rx(skb_cp); 274 } 275 276 static int iphc_decompress(struct sk_buff *skb, struct net_device *netdev, 277 struct l2cap_chan *chan) 278 { 279 const u8 *saddr, *daddr; 280 u8 iphc0, iphc1; 281 struct lowpan_dev *dev; 282 struct lowpan_peer *peer; 283 284 dev = lowpan_dev(netdev); 285 286 rcu_read_lock(); 287 peer = __peer_lookup_chan(dev, chan); 288 rcu_read_unlock(); 289 if (!peer) 290 return -EINVAL; 291 292 saddr = peer->eui64_addr; 293 daddr = dev->netdev->dev_addr; 294 295 /* at least two bytes will be used for the encoding */ 296 if (skb->len < 2) 297 return -EINVAL; 298 299 if (lowpan_fetch_skb_u8(skb, &iphc0)) 300 return -EINVAL; 301 302 if (lowpan_fetch_skb_u8(skb, &iphc1)) 303 return -EINVAL; 304 305 return lowpan_header_decompress(skb, netdev, 306 saddr, IEEE802154_ADDR_LONG, 307 EUI64_ADDR_LEN, daddr, 308 IEEE802154_ADDR_LONG, EUI64_ADDR_LEN, 309 iphc0, iphc1); 310 311 } 312 313 static int recv_pkt(struct sk_buff *skb, struct net_device *dev, 314 struct l2cap_chan *chan) 315 { 316 struct sk_buff *local_skb; 317 int ret; 318 319 if (!netif_running(dev)) 320 goto drop; 321 322 if (dev->type != ARPHRD_6LOWPAN) 323 goto drop; 324 325 skb = skb_share_check(skb, GFP_ATOMIC); 326 if (!skb) 327 goto drop; 328 329 /* check that it's our buffer */ 330 if (skb->data[0] == LOWPAN_DISPATCH_IPV6) { 331 /* Copy the packet so that the IPv6 header is 332 * properly aligned. 333 */ 334 local_skb = skb_copy_expand(skb, NET_SKB_PAD - 1, 335 skb_tailroom(skb), GFP_ATOMIC); 336 if (!local_skb) 337 goto drop; 338 339 local_skb->protocol = htons(ETH_P_IPV6); 340 local_skb->pkt_type = PACKET_HOST; 341 342 skb_reset_network_header(local_skb); 343 skb_set_transport_header(local_skb, sizeof(struct ipv6hdr)); 344 345 if (give_skb_to_upper(local_skb, dev) != NET_RX_SUCCESS) { 346 kfree_skb(local_skb); 347 goto drop; 348 } 349 350 dev->stats.rx_bytes += skb->len; 351 dev->stats.rx_packets++; 352 353 consume_skb(local_skb); 354 consume_skb(skb); 355 } else { 356 switch (skb->data[0] & 0xe0) { 357 case LOWPAN_DISPATCH_IPHC: /* ipv6 datagram */ 358 local_skb = skb_clone(skb, GFP_ATOMIC); 359 if (!local_skb) 360 goto drop; 361 362 ret = iphc_decompress(local_skb, dev, chan); 363 if (ret < 0) { 364 kfree_skb(local_skb); 365 goto drop; 366 } 367 368 local_skb->protocol = htons(ETH_P_IPV6); 369 local_skb->pkt_type = PACKET_HOST; 370 local_skb->dev = dev; 371 372 if (give_skb_to_upper(local_skb, dev) 373 != NET_RX_SUCCESS) { 374 kfree_skb(local_skb); 375 goto drop; 376 } 377 378 dev->stats.rx_bytes += skb->len; 379 dev->stats.rx_packets++; 380 381 consume_skb(local_skb); 382 consume_skb(skb); 383 break; 384 default: 385 break; 386 } 387 } 388 389 return NET_RX_SUCCESS; 390 391 drop: 392 dev->stats.rx_dropped++; 393 kfree_skb(skb); 394 return NET_RX_DROP; 395 } 396 397 /* Packet from BT LE device */ 398 static int chan_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb) 399 { 400 struct lowpan_dev *dev; 401 struct lowpan_peer *peer; 402 int err; 403 404 peer = lookup_peer(chan->conn); 405 if (!peer) 406 return -ENOENT; 407 408 dev = lookup_dev(chan->conn); 409 if (!dev || !dev->netdev) 410 return -ENOENT; 411 412 err = recv_pkt(skb, dev->netdev, chan); 413 if (err) { 414 BT_DBG("recv pkt %d", err); 415 err = -EAGAIN; 416 } 417 418 return err; 419 } 420 421 static u8 get_addr_type_from_eui64(u8 byte) 422 { 423 /* Is universal(0) or local(1) bit */ 424 return ((byte & 0x02) ? BDADDR_LE_RANDOM : BDADDR_LE_PUBLIC); 425 } 426 427 static void copy_to_bdaddr(struct in6_addr *ip6_daddr, bdaddr_t *addr) 428 { 429 u8 *eui64 = ip6_daddr->s6_addr + 8; 430 431 addr->b[0] = eui64[7]; 432 addr->b[1] = eui64[6]; 433 addr->b[2] = eui64[5]; 434 addr->b[3] = eui64[2]; 435 addr->b[4] = eui64[1]; 436 addr->b[5] = eui64[0]; 437 } 438 439 static void convert_dest_bdaddr(struct in6_addr *ip6_daddr, 440 bdaddr_t *addr, u8 *addr_type) 441 { 442 copy_to_bdaddr(ip6_daddr, addr); 443 444 /* We need to toggle the U/L bit that we got from IPv6 address 445 * so that we get the proper address and type of the BD address. 446 */ 447 addr->b[5] ^= 0x02; 448 449 *addr_type = get_addr_type_from_eui64(addr->b[5]); 450 } 451 452 static int setup_header(struct sk_buff *skb, struct net_device *netdev, 453 bdaddr_t *peer_addr, u8 *peer_addr_type) 454 { 455 struct in6_addr ipv6_daddr; 456 struct lowpan_dev *dev; 457 struct lowpan_peer *peer; 458 bdaddr_t addr, *any = BDADDR_ANY; 459 u8 *daddr = any->b; 460 int err, status = 0; 461 462 dev = lowpan_dev(netdev); 463 464 memcpy(&ipv6_daddr, &lowpan_cb(skb)->addr, sizeof(ipv6_daddr)); 465 466 if (ipv6_addr_is_multicast(&ipv6_daddr)) { 467 lowpan_cb(skb)->chan = NULL; 468 } else { 469 u8 addr_type; 470 471 /* Get destination BT device from skb. 472 * If there is no such peer then discard the packet. 473 */ 474 convert_dest_bdaddr(&ipv6_daddr, &addr, &addr_type); 475 476 BT_DBG("dest addr %pMR type %d IP %pI6c", &addr, 477 addr_type, &ipv6_daddr); 478 479 peer = peer_lookup_ba(dev, &addr, addr_type); 480 if (!peer) { 481 /* The packet might be sent to 6lowpan interface 482 * because of routing (either via default route 483 * or user set route) so get peer according to 484 * the destination address. 485 */ 486 peer = peer_lookup_dst(dev, &ipv6_daddr, skb); 487 if (!peer) { 488 BT_DBG("no such peer %pMR found", &addr); 489 return -ENOENT; 490 } 491 } 492 493 daddr = peer->eui64_addr; 494 *peer_addr = addr; 495 *peer_addr_type = addr_type; 496 lowpan_cb(skb)->chan = peer->chan; 497 498 status = 1; 499 } 500 501 lowpan_header_compress(skb, netdev, ETH_P_IPV6, daddr, 502 dev->netdev->dev_addr, skb->len); 503 504 err = dev_hard_header(skb, netdev, ETH_P_IPV6, NULL, NULL, 0); 505 if (err < 0) 506 return err; 507 508 return status; 509 } 510 511 static int header_create(struct sk_buff *skb, struct net_device *netdev, 512 unsigned short type, const void *_daddr, 513 const void *_saddr, unsigned int len) 514 { 515 struct ipv6hdr *hdr; 516 517 if (type != ETH_P_IPV6) 518 return -EINVAL; 519 520 hdr = ipv6_hdr(skb); 521 522 memcpy(&lowpan_cb(skb)->addr, &hdr->daddr, sizeof(struct in6_addr)); 523 524 return 0; 525 } 526 527 /* Packet to BT LE device */ 528 static int send_pkt(struct l2cap_chan *chan, struct sk_buff *skb, 529 struct net_device *netdev) 530 { 531 struct msghdr msg; 532 struct kvec iv; 533 int err; 534 535 /* Remember the skb so that we can send EAGAIN to the caller if 536 * we run out of credits. 537 */ 538 chan->data = skb; 539 540 iv.iov_base = skb->data; 541 iv.iov_len = skb->len; 542 543 memset(&msg, 0, sizeof(msg)); 544 iov_iter_kvec(&msg.msg_iter, WRITE | ITER_KVEC, &iv, 1, skb->len); 545 546 err = l2cap_chan_send(chan, &msg, skb->len); 547 if (err > 0) { 548 netdev->stats.tx_bytes += err; 549 netdev->stats.tx_packets++; 550 return 0; 551 } 552 553 if (!err) 554 err = lowpan_cb(skb)->status; 555 556 if (err < 0) { 557 if (err == -EAGAIN) 558 netdev->stats.tx_dropped++; 559 else 560 netdev->stats.tx_errors++; 561 } 562 563 return err; 564 } 565 566 static int send_mcast_pkt(struct sk_buff *skb, struct net_device *netdev) 567 { 568 struct sk_buff *local_skb; 569 struct lowpan_dev *entry; 570 int err = 0; 571 572 rcu_read_lock(); 573 574 list_for_each_entry_rcu(entry, &bt_6lowpan_devices, list) { 575 struct lowpan_peer *pentry; 576 struct lowpan_dev *dev; 577 578 if (entry->netdev != netdev) 579 continue; 580 581 dev = lowpan_dev(entry->netdev); 582 583 list_for_each_entry_rcu(pentry, &dev->peers, list) { 584 int ret; 585 586 local_skb = skb_clone(skb, GFP_ATOMIC); 587 588 BT_DBG("xmit %s to %pMR type %d IP %pI6c chan %p", 589 netdev->name, 590 &pentry->chan->dst, pentry->chan->dst_type, 591 &pentry->peer_addr, pentry->chan); 592 ret = send_pkt(pentry->chan, local_skb, netdev); 593 if (ret < 0) 594 err = ret; 595 596 kfree_skb(local_skb); 597 } 598 } 599 600 rcu_read_unlock(); 601 602 return err; 603 } 604 605 static netdev_tx_t bt_xmit(struct sk_buff *skb, struct net_device *netdev) 606 { 607 int err = 0; 608 bdaddr_t addr; 609 u8 addr_type; 610 611 /* We must take a copy of the skb before we modify/replace the ipv6 612 * header as the header could be used elsewhere 613 */ 614 skb = skb_unshare(skb, GFP_ATOMIC); 615 if (!skb) 616 return NET_XMIT_DROP; 617 618 /* Return values from setup_header() 619 * <0 - error, packet is dropped 620 * 0 - this is a multicast packet 621 * 1 - this is unicast packet 622 */ 623 err = setup_header(skb, netdev, &addr, &addr_type); 624 if (err < 0) { 625 kfree_skb(skb); 626 return NET_XMIT_DROP; 627 } 628 629 if (err) { 630 if (lowpan_cb(skb)->chan) { 631 BT_DBG("xmit %s to %pMR type %d IP %pI6c chan %p", 632 netdev->name, &addr, addr_type, 633 &lowpan_cb(skb)->addr, lowpan_cb(skb)->chan); 634 err = send_pkt(lowpan_cb(skb)->chan, skb, netdev); 635 } else { 636 err = -ENOENT; 637 } 638 } else { 639 /* We need to send the packet to every device behind this 640 * interface. 641 */ 642 err = send_mcast_pkt(skb, netdev); 643 } 644 645 dev_kfree_skb(skb); 646 647 if (err) 648 BT_DBG("ERROR: xmit failed (%d)", err); 649 650 return err < 0 ? NET_XMIT_DROP : err; 651 } 652 653 static struct lock_class_key bt_tx_busylock; 654 static struct lock_class_key bt_netdev_xmit_lock_key; 655 656 static void bt_set_lockdep_class_one(struct net_device *dev, 657 struct netdev_queue *txq, 658 void *_unused) 659 { 660 lockdep_set_class(&txq->_xmit_lock, &bt_netdev_xmit_lock_key); 661 } 662 663 static int bt_dev_init(struct net_device *dev) 664 { 665 netdev_for_each_tx_queue(dev, bt_set_lockdep_class_one, NULL); 666 dev->qdisc_tx_busylock = &bt_tx_busylock; 667 668 return 0; 669 } 670 671 static const struct net_device_ops netdev_ops = { 672 .ndo_init = bt_dev_init, 673 .ndo_start_xmit = bt_xmit, 674 }; 675 676 static struct header_ops header_ops = { 677 .create = header_create, 678 }; 679 680 static void netdev_setup(struct net_device *dev) 681 { 682 dev->addr_len = EUI64_ADDR_LEN; 683 dev->type = ARPHRD_6LOWPAN; 684 685 dev->hard_header_len = 0; 686 dev->needed_tailroom = 0; 687 dev->mtu = IPV6_MIN_MTU; 688 dev->tx_queue_len = 0; 689 dev->flags = IFF_RUNNING | IFF_POINTOPOINT | 690 IFF_MULTICAST; 691 dev->watchdog_timeo = 0; 692 693 dev->netdev_ops = &netdev_ops; 694 dev->header_ops = &header_ops; 695 dev->destructor = free_netdev; 696 } 697 698 static struct device_type bt_type = { 699 .name = "bluetooth", 700 }; 701 702 static void set_addr(u8 *eui, u8 *addr, u8 addr_type) 703 { 704 /* addr is the BT address in little-endian format */ 705 eui[0] = addr[5]; 706 eui[1] = addr[4]; 707 eui[2] = addr[3]; 708 eui[3] = 0xFF; 709 eui[4] = 0xFE; 710 eui[5] = addr[2]; 711 eui[6] = addr[1]; 712 eui[7] = addr[0]; 713 714 /* Universal/local bit set, BT 6lowpan draft ch. 3.2.1 */ 715 if (addr_type == BDADDR_LE_PUBLIC) 716 eui[0] &= ~0x02; 717 else 718 eui[0] |= 0x02; 719 720 BT_DBG("type %d addr %*phC", addr_type, 8, eui); 721 } 722 723 static void set_dev_addr(struct net_device *netdev, bdaddr_t *addr, 724 u8 addr_type) 725 { 726 netdev->addr_assign_type = NET_ADDR_PERM; 727 set_addr(netdev->dev_addr, addr->b, addr_type); 728 } 729 730 static void ifup(struct net_device *netdev) 731 { 732 int err; 733 734 rtnl_lock(); 735 err = dev_open(netdev); 736 if (err < 0) 737 BT_INFO("iface %s cannot be opened (%d)", netdev->name, err); 738 rtnl_unlock(); 739 } 740 741 static void ifdown(struct net_device *netdev) 742 { 743 int err; 744 745 rtnl_lock(); 746 err = dev_close(netdev); 747 if (err < 0) 748 BT_INFO("iface %s cannot be closed (%d)", netdev->name, err); 749 rtnl_unlock(); 750 } 751 752 static void do_notify_peers(struct work_struct *work) 753 { 754 struct lowpan_dev *dev = container_of(work, struct lowpan_dev, 755 notify_peers.work); 756 757 netdev_notify_peers(dev->netdev); /* send neighbour adv at startup */ 758 } 759 760 static bool is_bt_6lowpan(struct hci_conn *hcon) 761 { 762 if (hcon->type != LE_LINK) 763 return false; 764 765 if (!psm_6lowpan) 766 return false; 767 768 return true; 769 } 770 771 static struct l2cap_chan *chan_create(void) 772 { 773 struct l2cap_chan *chan; 774 775 chan = l2cap_chan_create(); 776 if (!chan) 777 return NULL; 778 779 l2cap_chan_set_defaults(chan); 780 781 chan->chan_type = L2CAP_CHAN_CONN_ORIENTED; 782 chan->mode = L2CAP_MODE_LE_FLOWCTL; 783 chan->omtu = 65535; 784 chan->imtu = chan->omtu; 785 786 return chan; 787 } 788 789 static struct l2cap_chan *chan_open(struct l2cap_chan *pchan) 790 { 791 struct l2cap_chan *chan; 792 793 chan = chan_create(); 794 if (!chan) 795 return NULL; 796 797 chan->remote_mps = chan->omtu; 798 chan->mps = chan->omtu; 799 800 chan->state = BT_CONNECTED; 801 802 return chan; 803 } 804 805 static void set_ip_addr_bits(u8 addr_type, u8 *addr) 806 { 807 if (addr_type == BDADDR_LE_PUBLIC) 808 *addr |= 0x02; 809 else 810 *addr &= ~0x02; 811 } 812 813 static struct l2cap_chan *add_peer_chan(struct l2cap_chan *chan, 814 struct lowpan_dev *dev) 815 { 816 struct lowpan_peer *peer; 817 818 peer = kzalloc(sizeof(*peer), GFP_ATOMIC); 819 if (!peer) 820 return NULL; 821 822 peer->chan = chan; 823 memset(&peer->peer_addr, 0, sizeof(struct in6_addr)); 824 825 /* RFC 2464 ch. 5 */ 826 peer->peer_addr.s6_addr[0] = 0xFE; 827 peer->peer_addr.s6_addr[1] = 0x80; 828 set_addr((u8 *)&peer->peer_addr.s6_addr + 8, chan->dst.b, 829 chan->dst_type); 830 831 memcpy(&peer->eui64_addr, (u8 *)&peer->peer_addr.s6_addr + 8, 832 EUI64_ADDR_LEN); 833 834 /* IPv6 address needs to have the U/L bit set properly so toggle 835 * it back here. 836 */ 837 set_ip_addr_bits(chan->dst_type, (u8 *)&peer->peer_addr.s6_addr + 8); 838 839 spin_lock(&devices_lock); 840 INIT_LIST_HEAD(&peer->list); 841 peer_add(dev, peer); 842 spin_unlock(&devices_lock); 843 844 /* Notifying peers about us needs to be done without locks held */ 845 INIT_DELAYED_WORK(&dev->notify_peers, do_notify_peers); 846 schedule_delayed_work(&dev->notify_peers, msecs_to_jiffies(100)); 847 848 return peer->chan; 849 } 850 851 static int setup_netdev(struct l2cap_chan *chan, struct lowpan_dev **dev) 852 { 853 struct net_device *netdev; 854 int err = 0; 855 856 netdev = alloc_netdev(sizeof(struct lowpan_dev), IFACE_NAME_TEMPLATE, 857 NET_NAME_UNKNOWN, netdev_setup); 858 if (!netdev) 859 return -ENOMEM; 860 861 set_dev_addr(netdev, &chan->src, chan->src_type); 862 863 netdev->netdev_ops = &netdev_ops; 864 SET_NETDEV_DEV(netdev, &chan->conn->hcon->dev); 865 SET_NETDEV_DEVTYPE(netdev, &bt_type); 866 867 err = register_netdev(netdev); 868 if (err < 0) { 869 BT_INFO("register_netdev failed %d", err); 870 free_netdev(netdev); 871 goto out; 872 } 873 874 BT_DBG("ifindex %d peer bdaddr %pMR type %d my addr %pMR type %d", 875 netdev->ifindex, &chan->dst, chan->dst_type, 876 &chan->src, chan->src_type); 877 set_bit(__LINK_STATE_PRESENT, &netdev->state); 878 879 *dev = netdev_priv(netdev); 880 (*dev)->netdev = netdev; 881 (*dev)->hdev = chan->conn->hcon->hdev; 882 INIT_LIST_HEAD(&(*dev)->peers); 883 884 spin_lock(&devices_lock); 885 INIT_LIST_HEAD(&(*dev)->list); 886 list_add_rcu(&(*dev)->list, &bt_6lowpan_devices); 887 spin_unlock(&devices_lock); 888 889 return 0; 890 891 out: 892 return err; 893 } 894 895 static inline void chan_ready_cb(struct l2cap_chan *chan) 896 { 897 struct lowpan_dev *dev; 898 899 dev = lookup_dev(chan->conn); 900 901 BT_DBG("chan %p conn %p dev %p", chan, chan->conn, dev); 902 903 if (!dev) { 904 if (setup_netdev(chan, &dev) < 0) { 905 l2cap_chan_del(chan, -ENOENT); 906 return; 907 } 908 } 909 910 if (!try_module_get(THIS_MODULE)) 911 return; 912 913 add_peer_chan(chan, dev); 914 ifup(dev->netdev); 915 } 916 917 static inline struct l2cap_chan *chan_new_conn_cb(struct l2cap_chan *pchan) 918 { 919 struct l2cap_chan *chan; 920 921 chan = chan_open(pchan); 922 chan->ops = pchan->ops; 923 924 BT_DBG("chan %p pchan %p", chan, pchan); 925 926 return chan; 927 } 928 929 static void delete_netdev(struct work_struct *work) 930 { 931 struct lowpan_dev *entry = container_of(work, struct lowpan_dev, 932 delete_netdev); 933 934 unregister_netdev(entry->netdev); 935 936 /* The entry pointer is deleted in device_event() */ 937 } 938 939 static void chan_close_cb(struct l2cap_chan *chan) 940 { 941 struct lowpan_dev *entry; 942 struct lowpan_dev *dev = NULL; 943 struct lowpan_peer *peer; 944 int err = -ENOENT; 945 bool last = false, removed = true; 946 947 BT_DBG("chan %p conn %p", chan, chan->conn); 948 949 if (chan->conn && chan->conn->hcon) { 950 if (!is_bt_6lowpan(chan->conn->hcon)) 951 return; 952 953 /* If conn is set, then the netdev is also there and we should 954 * not remove it. 955 */ 956 removed = false; 957 } 958 959 spin_lock(&devices_lock); 960 961 list_for_each_entry_rcu(entry, &bt_6lowpan_devices, list) { 962 dev = lowpan_dev(entry->netdev); 963 peer = __peer_lookup_chan(dev, chan); 964 if (peer) { 965 last = peer_del(dev, peer); 966 err = 0; 967 968 BT_DBG("dev %p removing %speer %p", dev, 969 last ? "last " : "1 ", peer); 970 BT_DBG("chan %p orig refcnt %d", chan, 971 atomic_read(&chan->kref.refcount)); 972 973 l2cap_chan_put(chan); 974 break; 975 } 976 } 977 978 if (!err && last && dev && !atomic_read(&dev->peer_count)) { 979 spin_unlock(&devices_lock); 980 981 cancel_delayed_work_sync(&dev->notify_peers); 982 983 ifdown(dev->netdev); 984 985 if (!removed) { 986 INIT_WORK(&entry->delete_netdev, delete_netdev); 987 schedule_work(&entry->delete_netdev); 988 } 989 } else { 990 spin_unlock(&devices_lock); 991 } 992 993 return; 994 } 995 996 static void chan_state_change_cb(struct l2cap_chan *chan, int state, int err) 997 { 998 BT_DBG("chan %p conn %p state %s err %d", chan, chan->conn, 999 state_to_string(state), err); 1000 } 1001 1002 static struct sk_buff *chan_alloc_skb_cb(struct l2cap_chan *chan, 1003 unsigned long hdr_len, 1004 unsigned long len, int nb) 1005 { 1006 /* Note that we must allocate using GFP_ATOMIC here as 1007 * this function is called originally from netdev hard xmit 1008 * function in atomic context. 1009 */ 1010 return bt_skb_alloc(hdr_len + len, GFP_ATOMIC); 1011 } 1012 1013 static void chan_suspend_cb(struct l2cap_chan *chan) 1014 { 1015 struct sk_buff *skb = chan->data; 1016 1017 BT_DBG("chan %p conn %p skb %p", chan, chan->conn, skb); 1018 1019 if (!skb) 1020 return; 1021 1022 lowpan_cb(skb)->status = -EAGAIN; 1023 } 1024 1025 static void chan_resume_cb(struct l2cap_chan *chan) 1026 { 1027 struct sk_buff *skb = chan->data; 1028 1029 BT_DBG("chan %p conn %p skb %p", chan, chan->conn, skb); 1030 1031 if (!skb) 1032 return; 1033 1034 lowpan_cb(skb)->status = 0; 1035 } 1036 1037 static long chan_get_sndtimeo_cb(struct l2cap_chan *chan) 1038 { 1039 return L2CAP_CONN_TIMEOUT; 1040 } 1041 1042 static const struct l2cap_ops bt_6lowpan_chan_ops = { 1043 .name = "L2CAP 6LoWPAN channel", 1044 .new_connection = chan_new_conn_cb, 1045 .recv = chan_recv_cb, 1046 .close = chan_close_cb, 1047 .state_change = chan_state_change_cb, 1048 .ready = chan_ready_cb, 1049 .resume = chan_resume_cb, 1050 .suspend = chan_suspend_cb, 1051 .get_sndtimeo = chan_get_sndtimeo_cb, 1052 .alloc_skb = chan_alloc_skb_cb, 1053 1054 .teardown = l2cap_chan_no_teardown, 1055 .defer = l2cap_chan_no_defer, 1056 .set_shutdown = l2cap_chan_no_set_shutdown, 1057 }; 1058 1059 static inline __u8 bdaddr_type(__u8 type) 1060 { 1061 if (type == ADDR_LE_DEV_PUBLIC) 1062 return BDADDR_LE_PUBLIC; 1063 else 1064 return BDADDR_LE_RANDOM; 1065 } 1066 1067 static struct l2cap_chan *chan_get(void) 1068 { 1069 struct l2cap_chan *pchan; 1070 1071 pchan = chan_create(); 1072 if (!pchan) 1073 return NULL; 1074 1075 pchan->ops = &bt_6lowpan_chan_ops; 1076 1077 return pchan; 1078 } 1079 1080 static int bt_6lowpan_connect(bdaddr_t *addr, u8 dst_type) 1081 { 1082 struct l2cap_chan *pchan; 1083 int err; 1084 1085 pchan = chan_get(); 1086 if (!pchan) 1087 return -EINVAL; 1088 1089 err = l2cap_chan_connect(pchan, cpu_to_le16(psm_6lowpan), 0, 1090 addr, dst_type); 1091 1092 BT_DBG("chan %p err %d", pchan, err); 1093 if (err < 0) 1094 l2cap_chan_put(pchan); 1095 1096 return err; 1097 } 1098 1099 static int bt_6lowpan_disconnect(struct l2cap_conn *conn, u8 dst_type) 1100 { 1101 struct lowpan_peer *peer; 1102 1103 BT_DBG("conn %p dst type %d", conn, dst_type); 1104 1105 peer = lookup_peer(conn); 1106 if (!peer) 1107 return -ENOENT; 1108 1109 BT_DBG("peer %p chan %p", peer, peer->chan); 1110 1111 l2cap_chan_close(peer->chan, ENOENT); 1112 1113 return 0; 1114 } 1115 1116 static struct l2cap_chan *bt_6lowpan_listen(void) 1117 { 1118 bdaddr_t *addr = BDADDR_ANY; 1119 struct l2cap_chan *pchan; 1120 int err; 1121 1122 if (psm_6lowpan == 0) 1123 return NULL; 1124 1125 pchan = chan_get(); 1126 if (!pchan) 1127 return NULL; 1128 1129 pchan->state = BT_LISTEN; 1130 pchan->src_type = BDADDR_LE_PUBLIC; 1131 1132 atomic_set(&pchan->nesting, L2CAP_NESTING_PARENT); 1133 1134 BT_DBG("psm 0x%04x chan %p src type %d", psm_6lowpan, pchan, 1135 pchan->src_type); 1136 1137 err = l2cap_add_psm(pchan, addr, cpu_to_le16(psm_6lowpan)); 1138 if (err) { 1139 l2cap_chan_put(pchan); 1140 BT_ERR("psm cannot be added err %d", err); 1141 return NULL; 1142 } 1143 1144 return pchan; 1145 } 1146 1147 static int get_l2cap_conn(char *buf, bdaddr_t *addr, u8 *addr_type, 1148 struct l2cap_conn **conn) 1149 { 1150 struct hci_conn *hcon; 1151 struct hci_dev *hdev; 1152 bdaddr_t *src = BDADDR_ANY; 1153 int n; 1154 1155 n = sscanf(buf, "%hhx:%hhx:%hhx:%hhx:%hhx:%hhx %hhu", 1156 &addr->b[5], &addr->b[4], &addr->b[3], 1157 &addr->b[2], &addr->b[1], &addr->b[0], 1158 addr_type); 1159 1160 if (n < 7) 1161 return -EINVAL; 1162 1163 hdev = hci_get_route(addr, src); 1164 if (!hdev) 1165 return -ENOENT; 1166 1167 hci_dev_lock(hdev); 1168 hcon = hci_conn_hash_lookup_ba(hdev, LE_LINK, addr); 1169 hci_dev_unlock(hdev); 1170 1171 if (!hcon) 1172 return -ENOENT; 1173 1174 *conn = (struct l2cap_conn *)hcon->l2cap_data; 1175 1176 BT_DBG("conn %p dst %pMR type %d", *conn, &hcon->dst, hcon->dst_type); 1177 1178 return 0; 1179 } 1180 1181 static void disconnect_all_peers(void) 1182 { 1183 struct lowpan_dev *entry; 1184 struct lowpan_peer *peer, *tmp_peer, *new_peer; 1185 struct list_head peers; 1186 1187 INIT_LIST_HEAD(&peers); 1188 1189 /* We make a separate list of peers as the close_cb() will 1190 * modify the device peers list so it is better not to mess 1191 * with the same list at the same time. 1192 */ 1193 1194 rcu_read_lock(); 1195 1196 list_for_each_entry_rcu(entry, &bt_6lowpan_devices, list) { 1197 list_for_each_entry_rcu(peer, &entry->peers, list) { 1198 new_peer = kmalloc(sizeof(*new_peer), GFP_ATOMIC); 1199 if (!new_peer) 1200 break; 1201 1202 new_peer->chan = peer->chan; 1203 INIT_LIST_HEAD(&new_peer->list); 1204 1205 list_add(&new_peer->list, &peers); 1206 } 1207 } 1208 1209 rcu_read_unlock(); 1210 1211 spin_lock(&devices_lock); 1212 list_for_each_entry_safe(peer, tmp_peer, &peers, list) { 1213 l2cap_chan_close(peer->chan, ENOENT); 1214 1215 list_del_rcu(&peer->list); 1216 kfree_rcu(peer, rcu); 1217 1218 module_put(THIS_MODULE); 1219 } 1220 spin_unlock(&devices_lock); 1221 } 1222 1223 struct set_psm { 1224 struct work_struct work; 1225 u16 psm; 1226 }; 1227 1228 static void do_psm_set(struct work_struct *work) 1229 { 1230 struct set_psm *set_psm = container_of(work, struct set_psm, work); 1231 1232 if (set_psm->psm == 0 || psm_6lowpan != set_psm->psm) 1233 /* Disconnect existing connections if 6lowpan is 1234 * disabled (psm = 0), or if psm changes. 1235 */ 1236 disconnect_all_peers(); 1237 1238 psm_6lowpan = set_psm->psm; 1239 1240 if (listen_chan) { 1241 l2cap_chan_close(listen_chan, 0); 1242 l2cap_chan_put(listen_chan); 1243 } 1244 1245 listen_chan = bt_6lowpan_listen(); 1246 1247 kfree(set_psm); 1248 } 1249 1250 static int lowpan_psm_set(void *data, u64 val) 1251 { 1252 struct set_psm *set_psm; 1253 1254 set_psm = kzalloc(sizeof(*set_psm), GFP_KERNEL); 1255 if (!set_psm) 1256 return -ENOMEM; 1257 1258 set_psm->psm = val; 1259 INIT_WORK(&set_psm->work, do_psm_set); 1260 1261 schedule_work(&set_psm->work); 1262 1263 return 0; 1264 } 1265 1266 static int lowpan_psm_get(void *data, u64 *val) 1267 { 1268 *val = psm_6lowpan; 1269 return 0; 1270 } 1271 1272 DEFINE_SIMPLE_ATTRIBUTE(lowpan_psm_fops, lowpan_psm_get, 1273 lowpan_psm_set, "%llu\n"); 1274 1275 static ssize_t lowpan_control_write(struct file *fp, 1276 const char __user *user_buffer, 1277 size_t count, 1278 loff_t *position) 1279 { 1280 char buf[32]; 1281 size_t buf_size = min(count, sizeof(buf) - 1); 1282 int ret; 1283 bdaddr_t addr; 1284 u8 addr_type; 1285 struct l2cap_conn *conn = NULL; 1286 1287 if (copy_from_user(buf, user_buffer, buf_size)) 1288 return -EFAULT; 1289 1290 buf[buf_size] = '\0'; 1291 1292 if (memcmp(buf, "connect ", 8) == 0) { 1293 ret = get_l2cap_conn(&buf[8], &addr, &addr_type, &conn); 1294 if (ret == -EINVAL) 1295 return ret; 1296 1297 if (listen_chan) { 1298 l2cap_chan_close(listen_chan, 0); 1299 l2cap_chan_put(listen_chan); 1300 listen_chan = NULL; 1301 } 1302 1303 if (conn) { 1304 struct lowpan_peer *peer; 1305 1306 if (!is_bt_6lowpan(conn->hcon)) 1307 return -EINVAL; 1308 1309 peer = lookup_peer(conn); 1310 if (peer) { 1311 BT_DBG("6LoWPAN connection already exists"); 1312 return -EALREADY; 1313 } 1314 1315 BT_DBG("conn %p dst %pMR type %d user %d", conn, 1316 &conn->hcon->dst, conn->hcon->dst_type, 1317 addr_type); 1318 } 1319 1320 ret = bt_6lowpan_connect(&addr, addr_type); 1321 if (ret < 0) 1322 return ret; 1323 1324 return count; 1325 } 1326 1327 if (memcmp(buf, "disconnect ", 11) == 0) { 1328 ret = get_l2cap_conn(&buf[11], &addr, &addr_type, &conn); 1329 if (ret < 0) 1330 return ret; 1331 1332 ret = bt_6lowpan_disconnect(conn, addr_type); 1333 if (ret < 0) 1334 return ret; 1335 1336 return count; 1337 } 1338 1339 return count; 1340 } 1341 1342 static int lowpan_control_show(struct seq_file *f, void *ptr) 1343 { 1344 struct lowpan_dev *entry; 1345 struct lowpan_peer *peer; 1346 1347 spin_lock(&devices_lock); 1348 1349 list_for_each_entry(entry, &bt_6lowpan_devices, list) { 1350 list_for_each_entry(peer, &entry->peers, list) 1351 seq_printf(f, "%pMR (type %u)\n", 1352 &peer->chan->dst, peer->chan->dst_type); 1353 } 1354 1355 spin_unlock(&devices_lock); 1356 1357 return 0; 1358 } 1359 1360 static int lowpan_control_open(struct inode *inode, struct file *file) 1361 { 1362 return single_open(file, lowpan_control_show, inode->i_private); 1363 } 1364 1365 static const struct file_operations lowpan_control_fops = { 1366 .open = lowpan_control_open, 1367 .read = seq_read, 1368 .write = lowpan_control_write, 1369 .llseek = seq_lseek, 1370 .release = single_release, 1371 }; 1372 1373 static void disconnect_devices(void) 1374 { 1375 struct lowpan_dev *entry, *tmp, *new_dev; 1376 struct list_head devices; 1377 1378 INIT_LIST_HEAD(&devices); 1379 1380 /* We make a separate list of devices because the unregister_netdev() 1381 * will call device_event() which will also want to modify the same 1382 * devices list. 1383 */ 1384 1385 rcu_read_lock(); 1386 1387 list_for_each_entry_rcu(entry, &bt_6lowpan_devices, list) { 1388 new_dev = kmalloc(sizeof(*new_dev), GFP_ATOMIC); 1389 if (!new_dev) 1390 break; 1391 1392 new_dev->netdev = entry->netdev; 1393 INIT_LIST_HEAD(&new_dev->list); 1394 1395 list_add_rcu(&new_dev->list, &devices); 1396 } 1397 1398 rcu_read_unlock(); 1399 1400 list_for_each_entry_safe(entry, tmp, &devices, list) { 1401 ifdown(entry->netdev); 1402 BT_DBG("Unregistering netdev %s %p", 1403 entry->netdev->name, entry->netdev); 1404 unregister_netdev(entry->netdev); 1405 kfree(entry); 1406 } 1407 } 1408 1409 static int device_event(struct notifier_block *unused, 1410 unsigned long event, void *ptr) 1411 { 1412 struct net_device *netdev = netdev_notifier_info_to_dev(ptr); 1413 struct lowpan_dev *entry; 1414 1415 if (netdev->type != ARPHRD_6LOWPAN) 1416 return NOTIFY_DONE; 1417 1418 switch (event) { 1419 case NETDEV_UNREGISTER: 1420 spin_lock(&devices_lock); 1421 list_for_each_entry(entry, &bt_6lowpan_devices, list) { 1422 if (entry->netdev == netdev) { 1423 BT_DBG("Unregistered netdev %s %p", 1424 netdev->name, netdev); 1425 list_del(&entry->list); 1426 kfree(entry); 1427 break; 1428 } 1429 } 1430 spin_unlock(&devices_lock); 1431 break; 1432 } 1433 1434 return NOTIFY_DONE; 1435 } 1436 1437 static struct notifier_block bt_6lowpan_dev_notifier = { 1438 .notifier_call = device_event, 1439 }; 1440 1441 static int __init bt_6lowpan_init(void) 1442 { 1443 lowpan_psm_debugfs = debugfs_create_file("6lowpan_psm", 0644, 1444 bt_debugfs, NULL, 1445 &lowpan_psm_fops); 1446 lowpan_control_debugfs = debugfs_create_file("6lowpan_control", 0644, 1447 bt_debugfs, NULL, 1448 &lowpan_control_fops); 1449 1450 return register_netdevice_notifier(&bt_6lowpan_dev_notifier); 1451 } 1452 1453 static void __exit bt_6lowpan_exit(void) 1454 { 1455 debugfs_remove(lowpan_psm_debugfs); 1456 debugfs_remove(lowpan_control_debugfs); 1457 1458 if (listen_chan) { 1459 l2cap_chan_close(listen_chan, 0); 1460 l2cap_chan_put(listen_chan); 1461 } 1462 1463 disconnect_devices(); 1464 1465 unregister_netdevice_notifier(&bt_6lowpan_dev_notifier); 1466 } 1467 1468 module_init(bt_6lowpan_init); 1469 module_exit(bt_6lowpan_exit); 1470 1471 MODULE_AUTHOR("Jukka Rissanen <jukka.rissanen@linux.intel.com>"); 1472 MODULE_DESCRIPTION("Bluetooth 6LoWPAN"); 1473 MODULE_VERSION(VERSION); 1474 MODULE_LICENSE("GPL"); 1475