1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 BlueZ - Bluetooth protocol stack for Linux 4 Copyright (C) 2000-2001 Qualcomm Incorporated 5 6 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 7 8 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 9 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 10 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 11 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 12 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 13 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 17 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 18 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 19 SOFTWARE IS DISCLAIMED. 20 */ 21 22 /* Bluetooth address family and sockets. */ 23 24 #include <linux/module.h> 25 #include <linux/debugfs.h> 26 #include <linux/stringify.h> 27 #include <linux/sched/signal.h> 28 29 #include <asm/ioctls.h> 30 31 #include <net/bluetooth/bluetooth.h> 32 #include <linux/proc_fs.h> 33 34 #include <linux/ethtool.h> 35 #include <linux/sockios.h> 36 37 #include "leds.h" 38 #include "selftest.h" 39 40 /* Bluetooth sockets */ 41 #define BT_MAX_PROTO (BTPROTO_LAST + 1) 42 static const struct net_proto_family *bt_proto[BT_MAX_PROTO]; 43 static DEFINE_RWLOCK(bt_proto_lock); 44 45 static struct lock_class_key bt_lock_key[BT_MAX_PROTO]; 46 static const char *const bt_key_strings[BT_MAX_PROTO] = { 47 "sk_lock-AF_BLUETOOTH-BTPROTO_L2CAP", 48 "sk_lock-AF_BLUETOOTH-BTPROTO_HCI", 49 "sk_lock-AF_BLUETOOTH-BTPROTO_SCO", 50 "sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM", 51 "sk_lock-AF_BLUETOOTH-BTPROTO_BNEP", 52 "sk_lock-AF_BLUETOOTH-BTPROTO_CMTP", 53 "sk_lock-AF_BLUETOOTH-BTPROTO_HIDP", 54 "sk_lock-AF_BLUETOOTH-BTPROTO_AVDTP", 55 "sk_lock-AF_BLUETOOTH-BTPROTO_ISO", 56 }; 57 58 static struct lock_class_key bt_slock_key[BT_MAX_PROTO]; 59 static const char *const bt_slock_key_strings[BT_MAX_PROTO] = { 60 "slock-AF_BLUETOOTH-BTPROTO_L2CAP", 61 "slock-AF_BLUETOOTH-BTPROTO_HCI", 62 "slock-AF_BLUETOOTH-BTPROTO_SCO", 63 "slock-AF_BLUETOOTH-BTPROTO_RFCOMM", 64 "slock-AF_BLUETOOTH-BTPROTO_BNEP", 65 "slock-AF_BLUETOOTH-BTPROTO_CMTP", 66 "slock-AF_BLUETOOTH-BTPROTO_HIDP", 67 "slock-AF_BLUETOOTH-BTPROTO_AVDTP", 68 "slock-AF_BLUETOOTH-BTPROTO_ISO", 69 }; 70 71 void bt_sock_reclassify_lock(struct sock *sk, int proto) 72 { 73 BUG_ON(!sk); 74 BUG_ON(!sock_allow_reclassification(sk)); 75 76 sock_lock_init_class_and_name(sk, 77 bt_slock_key_strings[proto], &bt_slock_key[proto], 78 bt_key_strings[proto], &bt_lock_key[proto]); 79 } 80 EXPORT_SYMBOL(bt_sock_reclassify_lock); 81 82 int bt_sock_register(int proto, const struct net_proto_family *ops) 83 { 84 int err = 0; 85 86 if (proto < 0 || proto >= BT_MAX_PROTO) 87 return -EINVAL; 88 89 write_lock(&bt_proto_lock); 90 91 if (bt_proto[proto]) 92 err = -EEXIST; 93 else 94 bt_proto[proto] = ops; 95 96 write_unlock(&bt_proto_lock); 97 98 return err; 99 } 100 EXPORT_SYMBOL(bt_sock_register); 101 102 void bt_sock_unregister(int proto) 103 { 104 if (proto < 0 || proto >= BT_MAX_PROTO) 105 return; 106 107 write_lock(&bt_proto_lock); 108 bt_proto[proto] = NULL; 109 write_unlock(&bt_proto_lock); 110 } 111 EXPORT_SYMBOL(bt_sock_unregister); 112 113 static int bt_sock_create(struct net *net, struct socket *sock, int proto, 114 int kern) 115 { 116 int err; 117 118 if (net != &init_net) 119 return -EAFNOSUPPORT; 120 121 if (proto < 0 || proto >= BT_MAX_PROTO) 122 return -EINVAL; 123 124 if (!bt_proto[proto]) 125 request_module("bt-proto-%d", proto); 126 127 err = -EPROTONOSUPPORT; 128 129 read_lock(&bt_proto_lock); 130 131 if (bt_proto[proto] && try_module_get(bt_proto[proto]->owner)) { 132 err = bt_proto[proto]->create(net, sock, proto, kern); 133 if (!err) 134 bt_sock_reclassify_lock(sock->sk, proto); 135 module_put(bt_proto[proto]->owner); 136 } 137 138 read_unlock(&bt_proto_lock); 139 140 return err; 141 } 142 143 struct sock *bt_sock_alloc(struct net *net, struct socket *sock, 144 struct proto *prot, int proto, gfp_t prio, int kern) 145 { 146 struct sock *sk; 147 148 sk = sk_alloc(net, PF_BLUETOOTH, prio, prot, kern); 149 if (!sk) 150 return NULL; 151 152 sock_init_data(sock, sk); 153 INIT_LIST_HEAD(&bt_sk(sk)->accept_q); 154 spin_lock_init(&bt_sk(sk)->accept_q_lock); 155 156 sock_reset_flag(sk, SOCK_ZAPPED); 157 158 sk->sk_protocol = proto; 159 sk->sk_state = BT_OPEN; 160 161 /* Init peer information so it can be properly monitored */ 162 if (!kern) { 163 spin_lock(&sk->sk_peer_lock); 164 sk->sk_peer_pid = get_pid(task_tgid(current)); 165 sk->sk_peer_cred = get_current_cred(); 166 spin_unlock(&sk->sk_peer_lock); 167 } 168 169 return sk; 170 } 171 EXPORT_SYMBOL(bt_sock_alloc); 172 173 void bt_sock_link(struct bt_sock_list *l, struct sock *sk) 174 { 175 write_lock(&l->lock); 176 sk_add_node(sk, &l->head); 177 write_unlock(&l->lock); 178 } 179 EXPORT_SYMBOL(bt_sock_link); 180 181 void bt_sock_unlink(struct bt_sock_list *l, struct sock *sk) 182 { 183 write_lock(&l->lock); 184 sk_del_node_init(sk); 185 write_unlock(&l->lock); 186 } 187 EXPORT_SYMBOL(bt_sock_unlink); 188 189 bool bt_sock_linked(struct bt_sock_list *l, struct sock *s) 190 { 191 struct sock *sk; 192 193 if (!l || !s) 194 return false; 195 196 read_lock(&l->lock); 197 198 sk_for_each(sk, &l->head) { 199 if (s == sk) { 200 read_unlock(&l->lock); 201 return true; 202 } 203 } 204 205 read_unlock(&l->lock); 206 207 return false; 208 } 209 EXPORT_SYMBOL(bt_sock_linked); 210 211 void bt_accept_enqueue(struct sock *parent, struct sock *sk, bool bh) 212 { 213 const struct cred *old_cred; 214 struct pid *old_pid; 215 struct bt_sock *par = bt_sk(parent); 216 217 BT_DBG("parent %p, sk %p", parent, sk); 218 219 sock_hold(sk); 220 221 if (bh) 222 bh_lock_sock_nested(sk); 223 else 224 lock_sock_nested(sk, SINGLE_DEPTH_NESTING); 225 226 bt_sk(sk)->parent = parent; 227 228 spin_lock_bh(&par->accept_q_lock); 229 list_add_tail(&bt_sk(sk)->accept_q, &par->accept_q); 230 sk_acceptq_added(parent); 231 spin_unlock_bh(&par->accept_q_lock); 232 233 /* Copy credentials from parent since for incoming connections the 234 * socket is allocated by the kernel. 235 */ 236 spin_lock(&sk->sk_peer_lock); 237 old_pid = sk->sk_peer_pid; 238 old_cred = sk->sk_peer_cred; 239 sk->sk_peer_pid = get_pid(parent->sk_peer_pid); 240 sk->sk_peer_cred = get_cred(parent->sk_peer_cred); 241 spin_unlock(&sk->sk_peer_lock); 242 243 put_pid(old_pid); 244 put_cred(old_cred); 245 246 if (bh) 247 bh_unlock_sock(sk); 248 else 249 release_sock(sk); 250 } 251 EXPORT_SYMBOL(bt_accept_enqueue); 252 253 /* Calling function must hold the sk lock. 254 * bt_sk(sk)->parent must be non-NULL meaning sk is in the parent list. 255 */ 256 void bt_accept_unlink(struct sock *sk) 257 { 258 struct sock *parent = bt_sk(sk)->parent; 259 260 BT_DBG("sk %p state %d", sk, sk->sk_state); 261 262 spin_lock_bh(&bt_sk(parent)->accept_q_lock); 263 list_del_init(&bt_sk(sk)->accept_q); 264 sk_acceptq_removed(parent); 265 spin_unlock_bh(&bt_sk(parent)->accept_q_lock); 266 bt_sk(sk)->parent = NULL; 267 sock_put(sk); 268 } 269 EXPORT_SYMBOL(bt_accept_unlink); 270 271 static struct sock *bt_accept_get(struct sock *parent, struct sock *sk) 272 { 273 struct bt_sock *bt = bt_sk(parent); 274 struct sock *next = NULL; 275 276 /* accept_q is modified from child teardown paths too, so take a 277 * temporary reference before dropping the queue lock. 278 */ 279 spin_lock_bh(&bt->accept_q_lock); 280 281 if (sk) { 282 if (bt_sk(sk)->parent != parent) 283 goto out; 284 285 if (!list_is_last(&bt_sk(sk)->accept_q, &bt->accept_q)) { 286 next = &list_next_entry(bt_sk(sk), accept_q)->sk; 287 sock_hold(next); 288 } 289 } else if (!list_empty(&bt->accept_q)) { 290 next = &list_first_entry(&bt->accept_q, 291 struct bt_sock, accept_q)->sk; 292 sock_hold(next); 293 } 294 295 out: 296 spin_unlock_bh(&bt->accept_q_lock); 297 return next; 298 } 299 300 struct sock *bt_accept_dequeue(struct sock *parent, struct socket *newsock) 301 { 302 struct sock *sk, *next; 303 304 BT_DBG("parent %p", parent); 305 306 restart: 307 for (sk = bt_accept_get(parent, NULL); sk; sk = next) { 308 /* Prevent early freeing of sk due to unlink and sock_kill */ 309 lock_sock(sk); 310 311 /* Check sk has not already been unlinked via 312 * bt_accept_unlink() due to serialisation caused by sk locking 313 */ 314 if (bt_sk(sk)->parent != parent) { 315 BT_DBG("sk %p, already unlinked", sk); 316 release_sock(sk); 317 sock_put(sk); 318 319 goto restart; 320 } 321 322 next = bt_accept_get(parent, sk); 323 324 /* sk is safely in the parent list so reduce reference count */ 325 sock_put(sk); 326 327 /* FIXME: Is this check still needed */ 328 if (sk->sk_state == BT_CLOSED) { 329 bt_accept_unlink(sk); 330 release_sock(sk); 331 continue; 332 } 333 334 if (sk->sk_state == BT_CONNECTED || !newsock || 335 test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags)) { 336 bt_accept_unlink(sk); 337 if (newsock) 338 sock_graft(sk, newsock); 339 340 /* Hand the caller a reference taken while sk is 341 * still locked. bt_accept_unlink() just dropped 342 * the accept-queue reference; without this hold a 343 * concurrent teardown (e.g. l2cap_conn_del() -> 344 * l2cap_sock_kill()) could free sk between 345 * release_sock() and the caller using it. Every 346 * caller drops this with sock_put() when done. 347 */ 348 sock_hold(sk); 349 350 release_sock(sk); 351 if (next) 352 sock_put(next); 353 return sk; 354 } 355 356 release_sock(sk); 357 } 358 359 return NULL; 360 } 361 EXPORT_SYMBOL(bt_accept_dequeue); 362 363 int bt_sock_recvmsg(struct socket *sock, struct msghdr *msg, size_t len, 364 int flags) 365 { 366 struct sock *sk = sock->sk; 367 struct sk_buff *skb; 368 size_t copied; 369 size_t skblen; 370 int err; 371 372 BT_DBG("sock %p sk %p len %zu", sock, sk, len); 373 374 if (flags & MSG_OOB) 375 return -EOPNOTSUPP; 376 377 skb = skb_recv_datagram(sk, flags, &err); 378 if (!skb) { 379 if (sk->sk_shutdown & RCV_SHUTDOWN) 380 err = 0; 381 382 return err; 383 } 384 385 skblen = skb->len; 386 copied = skb->len; 387 if (len < copied) { 388 msg->msg_flags |= MSG_TRUNC; 389 copied = len; 390 } 391 392 skb_reset_transport_header(skb); 393 err = skb_copy_datagram_msg(skb, 0, msg, copied); 394 if (err == 0) { 395 sock_recv_cmsgs(msg, sk, skb); 396 397 if (msg->msg_name && bt_sk(sk)->skb_msg_name) 398 bt_sk(sk)->skb_msg_name(skb, msg->msg_name, 399 &msg->msg_namelen); 400 401 if (test_bit(BT_SK_PKT_STATUS, &bt_sk(sk)->flags)) { 402 u8 pkt_status = hci_skb_pkt_status(skb); 403 404 put_cmsg(msg, SOL_BLUETOOTH, BT_SCM_PKT_STATUS, 405 sizeof(pkt_status), &pkt_status); 406 } 407 408 if (test_bit(BT_SK_PKT_SEQNUM, &bt_sk(sk)->flags)) { 409 u16 pkt_seqnum = hci_skb_pkt_seqnum(skb); 410 411 put_cmsg(msg, SOL_BLUETOOTH, BT_SCM_PKT_SEQNUM, 412 sizeof(pkt_seqnum), &pkt_seqnum); 413 } 414 } 415 416 skb_free_datagram(sk, skb); 417 418 if (flags & MSG_TRUNC) 419 copied = skblen; 420 421 return err ? : copied; 422 } 423 EXPORT_SYMBOL(bt_sock_recvmsg); 424 425 static long bt_sock_data_wait(struct sock *sk, long timeo) 426 { 427 DECLARE_WAITQUEUE(wait, current); 428 429 add_wait_queue(sk_sleep(sk), &wait); 430 for (;;) { 431 set_current_state(TASK_INTERRUPTIBLE); 432 433 if (!skb_queue_empty(&sk->sk_receive_queue)) 434 break; 435 436 if (sk->sk_err || (sk->sk_shutdown & RCV_SHUTDOWN)) 437 break; 438 439 if (signal_pending(current) || !timeo) 440 break; 441 442 sk_set_bit(SOCKWQ_ASYNC_WAITDATA, sk); 443 release_sock(sk); 444 timeo = schedule_timeout(timeo); 445 lock_sock(sk); 446 sk_clear_bit(SOCKWQ_ASYNC_WAITDATA, sk); 447 } 448 449 __set_current_state(TASK_RUNNING); 450 remove_wait_queue(sk_sleep(sk), &wait); 451 return timeo; 452 } 453 454 int bt_sock_stream_recvmsg(struct socket *sock, struct msghdr *msg, 455 size_t size, int flags) 456 { 457 struct sock *sk = sock->sk; 458 int err = 0; 459 size_t target, copied = 0; 460 long timeo; 461 462 if (flags & MSG_OOB) 463 return -EOPNOTSUPP; 464 465 BT_DBG("sk %p size %zu", sk, size); 466 467 lock_sock(sk); 468 469 target = sock_rcvlowat(sk, flags & MSG_WAITALL, size); 470 timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT); 471 472 do { 473 struct sk_buff *skb; 474 int chunk; 475 476 skb = skb_dequeue(&sk->sk_receive_queue); 477 if (!skb) { 478 if (copied >= target) 479 break; 480 481 err = sock_error(sk); 482 if (err) 483 break; 484 if (sk->sk_shutdown & RCV_SHUTDOWN) 485 break; 486 487 err = -EAGAIN; 488 if (!timeo) 489 break; 490 491 timeo = bt_sock_data_wait(sk, timeo); 492 493 if (signal_pending(current)) { 494 err = sock_intr_errno(timeo); 495 goto out; 496 } 497 continue; 498 } 499 500 chunk = min_t(unsigned int, skb->len, size); 501 if (skb_copy_datagram_msg(skb, 0, msg, chunk)) { 502 skb_queue_head(&sk->sk_receive_queue, skb); 503 if (!copied) 504 copied = -EFAULT; 505 break; 506 } 507 copied += chunk; 508 size -= chunk; 509 510 sock_recv_cmsgs(msg, sk, skb); 511 512 if (!(flags & MSG_PEEK)) { 513 int skb_len = skb_headlen(skb); 514 515 if (chunk <= skb_len) { 516 __skb_pull(skb, chunk); 517 } else { 518 struct sk_buff *frag; 519 520 __skb_pull(skb, skb_len); 521 chunk -= skb_len; 522 523 skb_walk_frags(skb, frag) { 524 if (chunk <= frag->len) { 525 /* Pulling partial data */ 526 skb->len -= chunk; 527 skb->data_len -= chunk; 528 __skb_pull(frag, chunk); 529 break; 530 } else if (frag->len) { 531 /* Pulling all frag data */ 532 chunk -= frag->len; 533 skb->len -= frag->len; 534 skb->data_len -= frag->len; 535 __skb_pull(frag, frag->len); 536 } 537 } 538 } 539 540 if (skb->len) { 541 skb_queue_head(&sk->sk_receive_queue, skb); 542 break; 543 } 544 kfree_skb(skb); 545 546 } else { 547 /* put message back and return */ 548 skb_queue_head(&sk->sk_receive_queue, skb); 549 break; 550 } 551 } while (size); 552 553 out: 554 release_sock(sk); 555 return copied ? : err; 556 } 557 EXPORT_SYMBOL(bt_sock_stream_recvmsg); 558 559 static inline __poll_t bt_accept_poll(struct sock *parent) 560 { 561 struct bt_sock *bt = bt_sk(parent); 562 struct bt_sock *s; 563 struct sock *sk; 564 __poll_t mask = 0; 565 566 spin_lock_bh(&bt->accept_q_lock); 567 list_for_each_entry(s, &bt->accept_q, accept_q) { 568 int state; 569 570 sk = (struct sock *)s; 571 state = READ_ONCE(sk->sk_state); 572 573 if (state == BT_CONNECTED || 574 (test_bit(BT_SK_DEFER_SETUP, &bt->flags) && 575 state == BT_CONNECT2)) { 576 mask = EPOLLIN | EPOLLRDNORM; 577 break; 578 } 579 } 580 spin_unlock_bh(&bt->accept_q_lock); 581 582 return mask; 583 } 584 585 __poll_t bt_sock_poll(struct file *file, struct socket *sock, 586 poll_table *wait) 587 { 588 struct sock *sk = sock->sk; 589 __poll_t mask = 0; 590 591 poll_wait(file, sk_sleep(sk), wait); 592 593 if (sk->sk_state == BT_LISTEN) 594 return bt_accept_poll(sk); 595 596 if (sk->sk_err || !skb_queue_empty_lockless(&sk->sk_error_queue)) 597 mask |= EPOLLERR | 598 (sock_flag(sk, SOCK_SELECT_ERR_QUEUE) ? EPOLLPRI : 0); 599 600 if (sk->sk_shutdown & RCV_SHUTDOWN) 601 mask |= EPOLLRDHUP | EPOLLIN | EPOLLRDNORM; 602 603 if (sk->sk_shutdown == SHUTDOWN_MASK) 604 mask |= EPOLLHUP; 605 606 if (!skb_queue_empty_lockless(&sk->sk_receive_queue)) 607 mask |= EPOLLIN | EPOLLRDNORM; 608 609 if (sk->sk_state == BT_CLOSED) 610 mask |= EPOLLHUP; 611 612 if (sk->sk_state == BT_CONNECT || 613 sk->sk_state == BT_CONNECT2 || 614 sk->sk_state == BT_CONFIG) 615 return mask; 616 617 if (!test_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags) && sock_writeable(sk)) 618 mask |= EPOLLOUT | EPOLLWRNORM | EPOLLWRBAND; 619 else 620 sk_set_bit(SOCKWQ_ASYNC_NOSPACE, sk); 621 622 return mask; 623 } 624 EXPORT_SYMBOL(bt_sock_poll); 625 626 static int bt_ethtool_get_ts_info(struct sock *sk, unsigned int index, 627 void __user *useraddr) 628 { 629 struct ethtool_ts_info info; 630 struct kernel_ethtool_ts_info ts_info = {}; 631 int ret; 632 633 ret = hci_ethtool_ts_info(index, sk->sk_protocol, &ts_info); 634 if (ret == -ENODEV) 635 return ret; 636 else if (ret < 0) 637 return -EIO; 638 639 memset(&info, 0, sizeof(info)); 640 641 info.cmd = ETHTOOL_GET_TS_INFO; 642 info.so_timestamping = ts_info.so_timestamping; 643 info.phc_index = ts_info.phc_index; 644 info.tx_types = ts_info.tx_types; 645 info.rx_filters = ts_info.rx_filters; 646 647 if (copy_to_user(useraddr, &info, sizeof(info))) 648 return -EFAULT; 649 650 return 0; 651 } 652 653 static int bt_ethtool(struct sock *sk, const struct ifreq *ifr, 654 void __user *useraddr) 655 { 656 unsigned int index; 657 u32 ethcmd; 658 int n; 659 660 if (copy_from_user(ðcmd, useraddr, sizeof(ethcmd))) 661 return -EFAULT; 662 663 if (sscanf(ifr->ifr_name, "hci%u%n", &index, &n) != 1 || 664 n != strlen(ifr->ifr_name)) 665 return -ENODEV; 666 667 switch (ethcmd) { 668 case ETHTOOL_GET_TS_INFO: 669 return bt_ethtool_get_ts_info(sk, index, useraddr); 670 } 671 672 return -EOPNOTSUPP; 673 } 674 675 static int bt_dev_ioctl(struct socket *sock, unsigned int cmd, void __user *arg) 676 { 677 struct sock *sk = sock->sk; 678 struct ifreq ifr = {}; 679 void __user *data; 680 char *colon; 681 int ret = -ENOIOCTLCMD; 682 683 if (get_user_ifreq(&ifr, &data, arg)) 684 return -EFAULT; 685 686 ifr.ifr_name[IFNAMSIZ - 1] = 0; 687 colon = strchr(ifr.ifr_name, ':'); 688 if (colon) 689 *colon = 0; 690 691 switch (cmd) { 692 case SIOCETHTOOL: 693 ret = bt_ethtool(sk, &ifr, data); 694 break; 695 } 696 697 if (colon) 698 *colon = ':'; 699 700 if (put_user_ifreq(&ifr, arg)) 701 return -EFAULT; 702 703 return ret; 704 } 705 706 int bt_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 707 { 708 struct sock *sk = sock->sk; 709 struct sk_buff *skb; 710 long amount; 711 int err; 712 713 BT_DBG("sk %p cmd %x arg %lx", sk, cmd, arg); 714 715 switch (cmd) { 716 case TIOCOUTQ: 717 if (sk->sk_state == BT_LISTEN) 718 return -EINVAL; 719 720 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk); 721 if (amount < 0) 722 amount = 0; 723 err = put_user(amount, (int __user *)arg); 724 break; 725 726 case TIOCINQ: 727 if (sk->sk_state == BT_LISTEN) 728 return -EINVAL; 729 730 spin_lock(&sk->sk_receive_queue.lock); 731 skb = skb_peek(&sk->sk_receive_queue); 732 amount = skb ? skb->len : 0; 733 spin_unlock(&sk->sk_receive_queue.lock); 734 735 err = put_user(amount, (int __user *)arg); 736 break; 737 738 case SIOCETHTOOL: 739 err = bt_dev_ioctl(sock, cmd, (void __user *)arg); 740 break; 741 742 default: 743 err = -ENOIOCTLCMD; 744 break; 745 } 746 747 return err; 748 } 749 EXPORT_SYMBOL(bt_sock_ioctl); 750 751 /* This function expects the sk lock to be held when called */ 752 int bt_sock_wait_state(struct sock *sk, int state, unsigned long timeo) 753 { 754 DECLARE_WAITQUEUE(wait, current); 755 int err = 0; 756 757 BT_DBG("sk %p", sk); 758 759 add_wait_queue(sk_sleep(sk), &wait); 760 set_current_state(TASK_INTERRUPTIBLE); 761 while (sk->sk_state != state) { 762 if (!timeo) { 763 err = -EINPROGRESS; 764 break; 765 } 766 767 if (signal_pending(current)) { 768 err = sock_intr_errno(timeo); 769 break; 770 } 771 772 release_sock(sk); 773 timeo = schedule_timeout(timeo); 774 lock_sock(sk); 775 set_current_state(TASK_INTERRUPTIBLE); 776 777 err = sock_error(sk); 778 if (err) 779 break; 780 } 781 __set_current_state(TASK_RUNNING); 782 remove_wait_queue(sk_sleep(sk), &wait); 783 return err; 784 } 785 EXPORT_SYMBOL(bt_sock_wait_state); 786 787 /* This function expects the sk lock to be held when called */ 788 int bt_sock_wait_ready(struct sock *sk, unsigned int msg_flags) 789 { 790 DECLARE_WAITQUEUE(wait, current); 791 unsigned long timeo; 792 int err = 0; 793 794 BT_DBG("sk %p", sk); 795 796 timeo = sock_sndtimeo(sk, !!(msg_flags & MSG_DONTWAIT)); 797 798 add_wait_queue(sk_sleep(sk), &wait); 799 set_current_state(TASK_INTERRUPTIBLE); 800 while (test_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags)) { 801 if (!timeo) { 802 err = -EAGAIN; 803 break; 804 } 805 806 if (signal_pending(current)) { 807 err = sock_intr_errno(timeo); 808 break; 809 } 810 811 release_sock(sk); 812 timeo = schedule_timeout(timeo); 813 lock_sock(sk); 814 set_current_state(TASK_INTERRUPTIBLE); 815 816 err = sock_error(sk); 817 if (err) 818 break; 819 } 820 __set_current_state(TASK_RUNNING); 821 remove_wait_queue(sk_sleep(sk), &wait); 822 823 return err; 824 } 825 EXPORT_SYMBOL(bt_sock_wait_ready); 826 827 #ifdef CONFIG_PROC_FS 828 static void *bt_seq_start(struct seq_file *seq, loff_t *pos) 829 __acquires(seq->private->l->lock) 830 { 831 struct bt_sock_list *l = pde_data(file_inode(seq->file)); 832 833 read_lock(&l->lock); 834 return seq_hlist_start_head(&l->head, *pos); 835 } 836 837 static void *bt_seq_next(struct seq_file *seq, void *v, loff_t *pos) 838 { 839 struct bt_sock_list *l = pde_data(file_inode(seq->file)); 840 841 return seq_hlist_next(v, &l->head, pos); 842 } 843 844 static void bt_seq_stop(struct seq_file *seq, void *v) 845 __releases(seq->private->l->lock) 846 { 847 struct bt_sock_list *l = pde_data(file_inode(seq->file)); 848 849 read_unlock(&l->lock); 850 } 851 852 static int bt_seq_show(struct seq_file *seq, void *v) 853 { 854 struct bt_sock_list *l = pde_data(file_inode(seq->file)); 855 856 if (v == SEQ_START_TOKEN) { 857 seq_puts(seq, "sk RefCnt Rmem Wmem User Inode Parent"); 858 859 if (l->custom_seq_show) { 860 seq_putc(seq, ' '); 861 l->custom_seq_show(seq, v); 862 } 863 864 seq_putc(seq, '\n'); 865 } else { 866 struct sock *sk = sk_entry(v); 867 struct bt_sock *bt = bt_sk(sk); 868 869 seq_printf(seq, 870 "%pK %-6d %-6u %-6u %-6u %-6llu %-6llu", 871 sk, 872 refcount_read(&sk->sk_refcnt), 873 sk_rmem_alloc_get(sk), 874 sk_wmem_alloc_get(sk), 875 from_kuid(seq_user_ns(seq), sk_uid(sk)), 876 sock_i_ino(sk), 877 bt->parent ? sock_i_ino(bt->parent) : 0ULL); 878 879 if (l->custom_seq_show) { 880 seq_putc(seq, ' '); 881 l->custom_seq_show(seq, v); 882 } 883 884 seq_putc(seq, '\n'); 885 } 886 return 0; 887 } 888 889 static const struct seq_operations bt_seq_ops = { 890 .start = bt_seq_start, 891 .next = bt_seq_next, 892 .stop = bt_seq_stop, 893 .show = bt_seq_show, 894 }; 895 896 int bt_procfs_init(struct net *net, const char *name, 897 struct bt_sock_list *sk_list, 898 int (*seq_show)(struct seq_file *, void *)) 899 { 900 sk_list->custom_seq_show = seq_show; 901 902 if (!proc_create_seq_data(name, 0, net->proc_net, &bt_seq_ops, sk_list)) 903 return -ENOMEM; 904 return 0; 905 } 906 907 void bt_procfs_cleanup(struct net *net, const char *name) 908 { 909 remove_proc_entry(name, net->proc_net); 910 } 911 #else 912 int bt_procfs_init(struct net *net, const char *name, 913 struct bt_sock_list *sk_list, 914 int (*seq_show)(struct seq_file *, void *)) 915 { 916 return 0; 917 } 918 919 void bt_procfs_cleanup(struct net *net, const char *name) 920 { 921 } 922 #endif 923 EXPORT_SYMBOL(bt_procfs_init); 924 EXPORT_SYMBOL(bt_procfs_cleanup); 925 926 static const struct net_proto_family bt_sock_family_ops = { 927 .owner = THIS_MODULE, 928 .family = PF_BLUETOOTH, 929 .create = bt_sock_create, 930 }; 931 932 struct dentry *bt_debugfs; 933 EXPORT_SYMBOL_GPL(bt_debugfs); 934 935 #define VERSION __stringify(BT_SUBSYS_VERSION) "." \ 936 __stringify(BT_SUBSYS_REVISION) 937 938 static int __init bt_init(void) 939 { 940 int err; 941 942 sock_skb_cb_check_size(sizeof(struct bt_skb_cb)); 943 944 BT_INFO("Core ver %s", VERSION); 945 946 err = bt_selftest(); 947 if (err < 0) 948 return err; 949 950 bt_debugfs = debugfs_create_dir("bluetooth", NULL); 951 952 bt_leds_init(); 953 954 err = bt_sysfs_init(); 955 if (err < 0) 956 goto cleanup_led; 957 958 err = sock_register(&bt_sock_family_ops); 959 if (err) 960 goto cleanup_sysfs; 961 962 BT_INFO("HCI device and connection manager initialized"); 963 964 err = hci_sock_init(); 965 if (err) 966 goto unregister_socket; 967 968 err = l2cap_init(); 969 if (err) 970 goto cleanup_socket; 971 972 err = sco_init(); 973 if (err) 974 goto cleanup_cap; 975 976 err = mgmt_init(); 977 if (err) 978 goto cleanup_sco; 979 980 return 0; 981 982 cleanup_sco: 983 sco_exit(); 984 cleanup_cap: 985 l2cap_exit(); 986 cleanup_socket: 987 hci_sock_cleanup(); 988 unregister_socket: 989 sock_unregister(PF_BLUETOOTH); 990 cleanup_sysfs: 991 bt_sysfs_cleanup(); 992 cleanup_led: 993 bt_leds_cleanup(); 994 debugfs_remove_recursive(bt_debugfs); 995 return err; 996 } 997 998 static void __exit bt_exit(void) 999 { 1000 iso_exit(); 1001 1002 mgmt_exit(); 1003 1004 sco_exit(); 1005 1006 l2cap_exit(); 1007 1008 hci_sock_cleanup(); 1009 1010 sock_unregister(PF_BLUETOOTH); 1011 1012 bt_sysfs_cleanup(); 1013 1014 bt_leds_cleanup(); 1015 1016 debugfs_remove_recursive(bt_debugfs); 1017 } 1018 1019 subsys_initcall(bt_init); 1020 module_exit(bt_exit); 1021 1022 MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>"); 1023 MODULE_DESCRIPTION("Bluetooth Core ver " VERSION); 1024 MODULE_VERSION(VERSION); 1025 MODULE_LICENSE("GPL"); 1026 MODULE_ALIAS_NETPROTO(PF_BLUETOOTH); 1027