1 /* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (C) 2000-2001 Qualcomm Incorporated 4 5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 6 7 This program is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License version 2 as 9 published by the Free Software Foundation; 10 11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 22 SOFTWARE IS DISCLAIMED. 23 */ 24 25 /* Bluetooth SCO sockets. */ 26 27 #include <linux/module.h> 28 29 #include <linux/types.h> 30 #include <linux/errno.h> 31 #include <linux/kernel.h> 32 #include <linux/sched.h> 33 #include <linux/slab.h> 34 #include <linux/poll.h> 35 #include <linux/fcntl.h> 36 #include <linux/init.h> 37 #include <linux/interrupt.h> 38 #include <linux/socket.h> 39 #include <linux/skbuff.h> 40 #include <linux/device.h> 41 #include <linux/debugfs.h> 42 #include <linux/seq_file.h> 43 #include <linux/list.h> 44 #include <net/sock.h> 45 46 #include <asm/system.h> 47 #include <linux/uaccess.h> 48 49 #include <net/bluetooth/bluetooth.h> 50 #include <net/bluetooth/hci_core.h> 51 #include <net/bluetooth/sco.h> 52 53 static int disable_esco; 54 55 static const struct proto_ops sco_sock_ops; 56 57 static struct bt_sock_list sco_sk_list = { 58 .lock = __RW_LOCK_UNLOCKED(sco_sk_list.lock) 59 }; 60 61 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent); 62 static void sco_chan_del(struct sock *sk, int err); 63 64 static int sco_conn_del(struct hci_conn *conn, int err); 65 66 static void sco_sock_close(struct sock *sk); 67 static void sco_sock_kill(struct sock *sk); 68 69 /* ---- SCO timers ---- */ 70 static void sco_sock_timeout(unsigned long arg) 71 { 72 struct sock *sk = (struct sock *) arg; 73 74 BT_DBG("sock %p state %d", sk, sk->sk_state); 75 76 bh_lock_sock(sk); 77 sk->sk_err = ETIMEDOUT; 78 sk->sk_state_change(sk); 79 bh_unlock_sock(sk); 80 81 sco_sock_kill(sk); 82 sock_put(sk); 83 } 84 85 static void sco_sock_set_timer(struct sock *sk, long timeout) 86 { 87 BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout); 88 sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout); 89 } 90 91 static void sco_sock_clear_timer(struct sock *sk) 92 { 93 BT_DBG("sock %p state %d", sk, sk->sk_state); 94 sk_stop_timer(sk, &sk->sk_timer); 95 } 96 97 /* ---- SCO connections ---- */ 98 static struct sco_conn *sco_conn_add(struct hci_conn *hcon, __u8 status) 99 { 100 struct hci_dev *hdev = hcon->hdev; 101 struct sco_conn *conn = hcon->sco_data; 102 103 if (conn || status) 104 return conn; 105 106 conn = kzalloc(sizeof(struct sco_conn), GFP_ATOMIC); 107 if (!conn) 108 return NULL; 109 110 spin_lock_init(&conn->lock); 111 112 hcon->sco_data = conn; 113 conn->hcon = hcon; 114 115 conn->src = &hdev->bdaddr; 116 conn->dst = &hcon->dst; 117 118 if (hdev->sco_mtu > 0) 119 conn->mtu = hdev->sco_mtu; 120 else 121 conn->mtu = 60; 122 123 BT_DBG("hcon %p conn %p", hcon, conn); 124 125 return conn; 126 } 127 128 static inline struct sock *sco_chan_get(struct sco_conn *conn) 129 { 130 struct sock *sk = NULL; 131 sco_conn_lock(conn); 132 sk = conn->sk; 133 sco_conn_unlock(conn); 134 return sk; 135 } 136 137 static int sco_conn_del(struct hci_conn *hcon, int err) 138 { 139 struct sco_conn *conn = hcon->sco_data; 140 struct sock *sk; 141 142 if (!conn) 143 return 0; 144 145 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err); 146 147 /* Kill socket */ 148 sk = sco_chan_get(conn); 149 if (sk) { 150 bh_lock_sock(sk); 151 sco_sock_clear_timer(sk); 152 sco_chan_del(sk, err); 153 bh_unlock_sock(sk); 154 sco_sock_kill(sk); 155 } 156 157 hcon->sco_data = NULL; 158 kfree(conn); 159 return 0; 160 } 161 162 static inline int sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent) 163 { 164 int err = 0; 165 166 sco_conn_lock(conn); 167 if (conn->sk) 168 err = -EBUSY; 169 else 170 __sco_chan_add(conn, sk, parent); 171 172 sco_conn_unlock(conn); 173 return err; 174 } 175 176 static int sco_connect(struct sock *sk) 177 { 178 bdaddr_t *src = &bt_sk(sk)->src; 179 bdaddr_t *dst = &bt_sk(sk)->dst; 180 struct sco_conn *conn; 181 struct hci_conn *hcon; 182 struct hci_dev *hdev; 183 int err, type; 184 185 BT_DBG("%s -> %s", batostr(src), batostr(dst)); 186 187 hdev = hci_get_route(dst, src); 188 if (!hdev) 189 return -EHOSTUNREACH; 190 191 hci_dev_lock_bh(hdev); 192 193 if (lmp_esco_capable(hdev) && !disable_esco) 194 type = ESCO_LINK; 195 else 196 type = SCO_LINK; 197 198 hcon = hci_connect(hdev, type, dst, BT_SECURITY_LOW, HCI_AT_NO_BONDING); 199 if (IS_ERR(hcon)) { 200 err = PTR_ERR(hcon); 201 goto done; 202 } 203 204 conn = sco_conn_add(hcon, 0); 205 if (!conn) { 206 hci_conn_put(hcon); 207 err = -ENOMEM; 208 goto done; 209 } 210 211 /* Update source addr of the socket */ 212 bacpy(src, conn->src); 213 214 err = sco_chan_add(conn, sk, NULL); 215 if (err) 216 goto done; 217 218 if (hcon->state == BT_CONNECTED) { 219 sco_sock_clear_timer(sk); 220 sk->sk_state = BT_CONNECTED; 221 } else { 222 sk->sk_state = BT_CONNECT; 223 sco_sock_set_timer(sk, sk->sk_sndtimeo); 224 } 225 226 done: 227 hci_dev_unlock_bh(hdev); 228 hci_dev_put(hdev); 229 return err; 230 } 231 232 static inline int sco_send_frame(struct sock *sk, struct msghdr *msg, int len) 233 { 234 struct sco_conn *conn = sco_pi(sk)->conn; 235 struct sk_buff *skb; 236 int err, count; 237 238 /* Check outgoing MTU */ 239 if (len > conn->mtu) 240 return -EINVAL; 241 242 BT_DBG("sk %p len %d", sk, len); 243 244 count = min_t(unsigned int, conn->mtu, len); 245 skb = bt_skb_send_alloc(sk, count, 246 msg->msg_flags & MSG_DONTWAIT, &err); 247 if (!skb) 248 return err; 249 250 if (memcpy_fromiovec(skb_put(skb, count), msg->msg_iov, count)) { 251 kfree_skb(skb); 252 return -EFAULT; 253 } 254 255 hci_send_sco(conn->hcon, skb); 256 257 return count; 258 } 259 260 static inline void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb) 261 { 262 struct sock *sk = sco_chan_get(conn); 263 264 if (!sk) 265 goto drop; 266 267 BT_DBG("sk %p len %d", sk, skb->len); 268 269 if (sk->sk_state != BT_CONNECTED) 270 goto drop; 271 272 if (!sock_queue_rcv_skb(sk, skb)) 273 return; 274 275 drop: 276 kfree_skb(skb); 277 } 278 279 /* -------- Socket interface ---------- */ 280 static struct sock *__sco_get_sock_by_addr(bdaddr_t *ba) 281 { 282 struct sock *sk; 283 struct hlist_node *node; 284 285 sk_for_each(sk, node, &sco_sk_list.head) 286 if (!bacmp(&bt_sk(sk)->src, ba)) 287 goto found; 288 sk = NULL; 289 found: 290 return sk; 291 } 292 293 /* Find socket listening on source bdaddr. 294 * Returns closest match. 295 */ 296 static struct sock *sco_get_sock_listen(bdaddr_t *src) 297 { 298 struct sock *sk = NULL, *sk1 = NULL; 299 struct hlist_node *node; 300 301 read_lock(&sco_sk_list.lock); 302 303 sk_for_each(sk, node, &sco_sk_list.head) { 304 if (sk->sk_state != BT_LISTEN) 305 continue; 306 307 /* Exact match. */ 308 if (!bacmp(&bt_sk(sk)->src, src)) 309 break; 310 311 /* Closest match */ 312 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY)) 313 sk1 = sk; 314 } 315 316 read_unlock(&sco_sk_list.lock); 317 318 return node ? sk : sk1; 319 } 320 321 static void sco_sock_destruct(struct sock *sk) 322 { 323 BT_DBG("sk %p", sk); 324 325 skb_queue_purge(&sk->sk_receive_queue); 326 skb_queue_purge(&sk->sk_write_queue); 327 } 328 329 static void sco_sock_cleanup_listen(struct sock *parent) 330 { 331 struct sock *sk; 332 333 BT_DBG("parent %p", parent); 334 335 /* Close not yet accepted channels */ 336 while ((sk = bt_accept_dequeue(parent, NULL))) { 337 sco_sock_close(sk); 338 sco_sock_kill(sk); 339 } 340 341 parent->sk_state = BT_CLOSED; 342 sock_set_flag(parent, SOCK_ZAPPED); 343 } 344 345 /* Kill socket (only if zapped and orphan) 346 * Must be called on unlocked socket. 347 */ 348 static void sco_sock_kill(struct sock *sk) 349 { 350 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket) 351 return; 352 353 BT_DBG("sk %p state %d", sk, sk->sk_state); 354 355 /* Kill poor orphan */ 356 bt_sock_unlink(&sco_sk_list, sk); 357 sock_set_flag(sk, SOCK_DEAD); 358 sock_put(sk); 359 } 360 361 static void __sco_sock_close(struct sock *sk) 362 { 363 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket); 364 365 switch (sk->sk_state) { 366 case BT_LISTEN: 367 sco_sock_cleanup_listen(sk); 368 break; 369 370 case BT_CONNECTED: 371 case BT_CONFIG: 372 case BT_CONNECT: 373 case BT_DISCONN: 374 sco_chan_del(sk, ECONNRESET); 375 break; 376 377 default: 378 sock_set_flag(sk, SOCK_ZAPPED); 379 break; 380 } 381 } 382 383 /* Must be called on unlocked socket. */ 384 static void sco_sock_close(struct sock *sk) 385 { 386 sco_sock_clear_timer(sk); 387 lock_sock(sk); 388 __sco_sock_close(sk); 389 release_sock(sk); 390 sco_sock_kill(sk); 391 } 392 393 static void sco_sock_init(struct sock *sk, struct sock *parent) 394 { 395 BT_DBG("sk %p", sk); 396 397 if (parent) 398 sk->sk_type = parent->sk_type; 399 } 400 401 static struct proto sco_proto = { 402 .name = "SCO", 403 .owner = THIS_MODULE, 404 .obj_size = sizeof(struct sco_pinfo) 405 }; 406 407 static struct sock *sco_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio) 408 { 409 struct sock *sk; 410 411 sk = sk_alloc(net, PF_BLUETOOTH, prio, &sco_proto); 412 if (!sk) 413 return NULL; 414 415 sock_init_data(sock, sk); 416 INIT_LIST_HEAD(&bt_sk(sk)->accept_q); 417 418 sk->sk_destruct = sco_sock_destruct; 419 sk->sk_sndtimeo = SCO_CONN_TIMEOUT; 420 421 sock_reset_flag(sk, SOCK_ZAPPED); 422 423 sk->sk_protocol = proto; 424 sk->sk_state = BT_OPEN; 425 426 setup_timer(&sk->sk_timer, sco_sock_timeout, (unsigned long)sk); 427 428 bt_sock_link(&sco_sk_list, sk); 429 return sk; 430 } 431 432 static int sco_sock_create(struct net *net, struct socket *sock, int protocol, 433 int kern) 434 { 435 struct sock *sk; 436 437 BT_DBG("sock %p", sock); 438 439 sock->state = SS_UNCONNECTED; 440 441 if (sock->type != SOCK_SEQPACKET) 442 return -ESOCKTNOSUPPORT; 443 444 sock->ops = &sco_sock_ops; 445 446 sk = sco_sock_alloc(net, sock, protocol, GFP_ATOMIC); 447 if (!sk) 448 return -ENOMEM; 449 450 sco_sock_init(sk, NULL); 451 return 0; 452 } 453 454 static int sco_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len) 455 { 456 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 457 struct sock *sk = sock->sk; 458 bdaddr_t *src = &sa->sco_bdaddr; 459 int err = 0; 460 461 BT_DBG("sk %p %s", sk, batostr(&sa->sco_bdaddr)); 462 463 if (!addr || addr->sa_family != AF_BLUETOOTH) 464 return -EINVAL; 465 466 lock_sock(sk); 467 468 if (sk->sk_state != BT_OPEN) { 469 err = -EBADFD; 470 goto done; 471 } 472 473 write_lock_bh(&sco_sk_list.lock); 474 475 if (bacmp(src, BDADDR_ANY) && __sco_get_sock_by_addr(src)) { 476 err = -EADDRINUSE; 477 } else { 478 /* Save source address */ 479 bacpy(&bt_sk(sk)->src, &sa->sco_bdaddr); 480 sk->sk_state = BT_BOUND; 481 } 482 483 write_unlock_bh(&sco_sk_list.lock); 484 485 done: 486 release_sock(sk); 487 return err; 488 } 489 490 static int sco_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags) 491 { 492 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 493 struct sock *sk = sock->sk; 494 int err = 0; 495 496 497 BT_DBG("sk %p", sk); 498 499 if (alen < sizeof(struct sockaddr_sco) || 500 addr->sa_family != AF_BLUETOOTH) 501 return -EINVAL; 502 503 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) 504 return -EBADFD; 505 506 if (sk->sk_type != SOCK_SEQPACKET) 507 return -EINVAL; 508 509 lock_sock(sk); 510 511 /* Set destination address and psm */ 512 bacpy(&bt_sk(sk)->dst, &sa->sco_bdaddr); 513 514 err = sco_connect(sk); 515 if (err) 516 goto done; 517 518 err = bt_sock_wait_state(sk, BT_CONNECTED, 519 sock_sndtimeo(sk, flags & O_NONBLOCK)); 520 521 done: 522 release_sock(sk); 523 return err; 524 } 525 526 static int sco_sock_listen(struct socket *sock, int backlog) 527 { 528 struct sock *sk = sock->sk; 529 int err = 0; 530 531 BT_DBG("sk %p backlog %d", sk, backlog); 532 533 lock_sock(sk); 534 535 if (sk->sk_state != BT_BOUND || sock->type != SOCK_SEQPACKET) { 536 err = -EBADFD; 537 goto done; 538 } 539 540 sk->sk_max_ack_backlog = backlog; 541 sk->sk_ack_backlog = 0; 542 sk->sk_state = BT_LISTEN; 543 544 done: 545 release_sock(sk); 546 return err; 547 } 548 549 static int sco_sock_accept(struct socket *sock, struct socket *newsock, int flags) 550 { 551 DECLARE_WAITQUEUE(wait, current); 552 struct sock *sk = sock->sk, *ch; 553 long timeo; 554 int err = 0; 555 556 lock_sock(sk); 557 558 if (sk->sk_state != BT_LISTEN) { 559 err = -EBADFD; 560 goto done; 561 } 562 563 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK); 564 565 BT_DBG("sk %p timeo %ld", sk, timeo); 566 567 /* Wait for an incoming connection. (wake-one). */ 568 add_wait_queue_exclusive(sk_sleep(sk), &wait); 569 while (!(ch = bt_accept_dequeue(sk, newsock))) { 570 set_current_state(TASK_INTERRUPTIBLE); 571 if (!timeo) { 572 err = -EAGAIN; 573 break; 574 } 575 576 release_sock(sk); 577 timeo = schedule_timeout(timeo); 578 lock_sock(sk); 579 580 if (sk->sk_state != BT_LISTEN) { 581 err = -EBADFD; 582 break; 583 } 584 585 if (signal_pending(current)) { 586 err = sock_intr_errno(timeo); 587 break; 588 } 589 } 590 set_current_state(TASK_RUNNING); 591 remove_wait_queue(sk_sleep(sk), &wait); 592 593 if (err) 594 goto done; 595 596 newsock->state = SS_CONNECTED; 597 598 BT_DBG("new socket %p", ch); 599 600 done: 601 release_sock(sk); 602 return err; 603 } 604 605 static int sco_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer) 606 { 607 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 608 struct sock *sk = sock->sk; 609 610 BT_DBG("sock %p, sk %p", sock, sk); 611 612 addr->sa_family = AF_BLUETOOTH; 613 *len = sizeof(struct sockaddr_sco); 614 615 if (peer) 616 bacpy(&sa->sco_bdaddr, &bt_sk(sk)->dst); 617 else 618 bacpy(&sa->sco_bdaddr, &bt_sk(sk)->src); 619 620 return 0; 621 } 622 623 static int sco_sock_sendmsg(struct kiocb *iocb, struct socket *sock, 624 struct msghdr *msg, size_t len) 625 { 626 struct sock *sk = sock->sk; 627 int err; 628 629 BT_DBG("sock %p, sk %p", sock, sk); 630 631 err = sock_error(sk); 632 if (err) 633 return err; 634 635 if (msg->msg_flags & MSG_OOB) 636 return -EOPNOTSUPP; 637 638 lock_sock(sk); 639 640 if (sk->sk_state == BT_CONNECTED) 641 err = sco_send_frame(sk, msg, len); 642 else 643 err = -ENOTCONN; 644 645 release_sock(sk); 646 return err; 647 } 648 649 static int sco_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen) 650 { 651 struct sock *sk = sock->sk; 652 int err = 0; 653 654 BT_DBG("sk %p", sk); 655 656 lock_sock(sk); 657 658 switch (optname) { 659 default: 660 err = -ENOPROTOOPT; 661 break; 662 } 663 664 release_sock(sk); 665 return err; 666 } 667 668 static int sco_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen) 669 { 670 struct sock *sk = sock->sk; 671 struct sco_options opts; 672 struct sco_conninfo cinfo; 673 int len, err = 0; 674 675 BT_DBG("sk %p", sk); 676 677 if (get_user(len, optlen)) 678 return -EFAULT; 679 680 lock_sock(sk); 681 682 switch (optname) { 683 case SCO_OPTIONS: 684 if (sk->sk_state != BT_CONNECTED) { 685 err = -ENOTCONN; 686 break; 687 } 688 689 opts.mtu = sco_pi(sk)->conn->mtu; 690 691 BT_DBG("mtu %d", opts.mtu); 692 693 len = min_t(unsigned int, len, sizeof(opts)); 694 if (copy_to_user(optval, (char *)&opts, len)) 695 err = -EFAULT; 696 697 break; 698 699 case SCO_CONNINFO: 700 if (sk->sk_state != BT_CONNECTED) { 701 err = -ENOTCONN; 702 break; 703 } 704 705 memset(&cinfo, 0, sizeof(cinfo)); 706 cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle; 707 memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3); 708 709 len = min_t(unsigned int, len, sizeof(cinfo)); 710 if (copy_to_user(optval, (char *)&cinfo, len)) 711 err = -EFAULT; 712 713 break; 714 715 default: 716 err = -ENOPROTOOPT; 717 break; 718 } 719 720 release_sock(sk); 721 return err; 722 } 723 724 static int sco_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen) 725 { 726 struct sock *sk = sock->sk; 727 int len, err = 0; 728 729 BT_DBG("sk %p", sk); 730 731 if (level == SOL_SCO) 732 return sco_sock_getsockopt_old(sock, optname, optval, optlen); 733 734 if (get_user(len, optlen)) 735 return -EFAULT; 736 737 lock_sock(sk); 738 739 switch (optname) { 740 default: 741 err = -ENOPROTOOPT; 742 break; 743 } 744 745 release_sock(sk); 746 return err; 747 } 748 749 static int sco_sock_shutdown(struct socket *sock, int how) 750 { 751 struct sock *sk = sock->sk; 752 int err = 0; 753 754 BT_DBG("sock %p, sk %p", sock, sk); 755 756 if (!sk) 757 return 0; 758 759 lock_sock(sk); 760 if (!sk->sk_shutdown) { 761 sk->sk_shutdown = SHUTDOWN_MASK; 762 sco_sock_clear_timer(sk); 763 __sco_sock_close(sk); 764 765 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) 766 err = bt_sock_wait_state(sk, BT_CLOSED, 767 sk->sk_lingertime); 768 } 769 release_sock(sk); 770 return err; 771 } 772 773 static int sco_sock_release(struct socket *sock) 774 { 775 struct sock *sk = sock->sk; 776 int err = 0; 777 778 BT_DBG("sock %p, sk %p", sock, sk); 779 780 if (!sk) 781 return 0; 782 783 sco_sock_close(sk); 784 785 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) { 786 lock_sock(sk); 787 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime); 788 release_sock(sk); 789 } 790 791 sock_orphan(sk); 792 sco_sock_kill(sk); 793 return err; 794 } 795 796 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent) 797 { 798 BT_DBG("conn %p", conn); 799 800 sco_pi(sk)->conn = conn; 801 conn->sk = sk; 802 803 if (parent) 804 bt_accept_enqueue(parent, sk); 805 } 806 807 /* Delete channel. 808 * Must be called on the locked socket. */ 809 static void sco_chan_del(struct sock *sk, int err) 810 { 811 struct sco_conn *conn; 812 813 conn = sco_pi(sk)->conn; 814 815 BT_DBG("sk %p, conn %p, err %d", sk, conn, err); 816 817 if (conn) { 818 sco_conn_lock(conn); 819 conn->sk = NULL; 820 sco_pi(sk)->conn = NULL; 821 sco_conn_unlock(conn); 822 hci_conn_put(conn->hcon); 823 } 824 825 sk->sk_state = BT_CLOSED; 826 sk->sk_err = err; 827 sk->sk_state_change(sk); 828 829 sock_set_flag(sk, SOCK_ZAPPED); 830 } 831 832 static void sco_conn_ready(struct sco_conn *conn) 833 { 834 struct sock *parent; 835 struct sock *sk = conn->sk; 836 837 BT_DBG("conn %p", conn); 838 839 sco_conn_lock(conn); 840 841 if (sk) { 842 sco_sock_clear_timer(sk); 843 bh_lock_sock(sk); 844 sk->sk_state = BT_CONNECTED; 845 sk->sk_state_change(sk); 846 bh_unlock_sock(sk); 847 } else { 848 parent = sco_get_sock_listen(conn->src); 849 if (!parent) 850 goto done; 851 852 bh_lock_sock(parent); 853 854 sk = sco_sock_alloc(sock_net(parent), NULL, 855 BTPROTO_SCO, GFP_ATOMIC); 856 if (!sk) { 857 bh_unlock_sock(parent); 858 goto done; 859 } 860 861 sco_sock_init(sk, parent); 862 863 bacpy(&bt_sk(sk)->src, conn->src); 864 bacpy(&bt_sk(sk)->dst, conn->dst); 865 866 hci_conn_hold(conn->hcon); 867 __sco_chan_add(conn, sk, parent); 868 869 sk->sk_state = BT_CONNECTED; 870 871 /* Wake up parent */ 872 parent->sk_data_ready(parent, 1); 873 874 bh_unlock_sock(parent); 875 } 876 877 done: 878 sco_conn_unlock(conn); 879 } 880 881 /* ----- SCO interface with lower layer (HCI) ----- */ 882 static int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 type) 883 { 884 register struct sock *sk; 885 struct hlist_node *node; 886 int lm = 0; 887 888 if (type != SCO_LINK && type != ESCO_LINK) 889 return -EINVAL; 890 891 BT_DBG("hdev %s, bdaddr %s", hdev->name, batostr(bdaddr)); 892 893 /* Find listening sockets */ 894 read_lock(&sco_sk_list.lock); 895 sk_for_each(sk, node, &sco_sk_list.head) { 896 if (sk->sk_state != BT_LISTEN) 897 continue; 898 899 if (!bacmp(&bt_sk(sk)->src, &hdev->bdaddr) || 900 !bacmp(&bt_sk(sk)->src, BDADDR_ANY)) { 901 lm |= HCI_LM_ACCEPT; 902 break; 903 } 904 } 905 read_unlock(&sco_sk_list.lock); 906 907 return lm; 908 } 909 910 static int sco_connect_cfm(struct hci_conn *hcon, __u8 status) 911 { 912 BT_DBG("hcon %p bdaddr %s status %d", hcon, batostr(&hcon->dst), status); 913 914 if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK) 915 return -EINVAL; 916 917 if (!status) { 918 struct sco_conn *conn; 919 920 conn = sco_conn_add(hcon, status); 921 if (conn) 922 sco_conn_ready(conn); 923 } else 924 sco_conn_del(hcon, bt_err(status)); 925 926 return 0; 927 } 928 929 static int sco_disconn_cfm(struct hci_conn *hcon, __u8 reason) 930 { 931 BT_DBG("hcon %p reason %d", hcon, reason); 932 933 if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK) 934 return -EINVAL; 935 936 sco_conn_del(hcon, bt_err(reason)); 937 938 return 0; 939 } 940 941 static int sco_recv_scodata(struct hci_conn *hcon, struct sk_buff *skb) 942 { 943 struct sco_conn *conn = hcon->sco_data; 944 945 if (!conn) 946 goto drop; 947 948 BT_DBG("conn %p len %d", conn, skb->len); 949 950 if (skb->len) { 951 sco_recv_frame(conn, skb); 952 return 0; 953 } 954 955 drop: 956 kfree_skb(skb); 957 return 0; 958 } 959 960 static int sco_debugfs_show(struct seq_file *f, void *p) 961 { 962 struct sock *sk; 963 struct hlist_node *node; 964 965 read_lock_bh(&sco_sk_list.lock); 966 967 sk_for_each(sk, node, &sco_sk_list.head) { 968 seq_printf(f, "%s %s %d\n", batostr(&bt_sk(sk)->src), 969 batostr(&bt_sk(sk)->dst), sk->sk_state); 970 } 971 972 read_unlock_bh(&sco_sk_list.lock); 973 974 return 0; 975 } 976 977 static int sco_debugfs_open(struct inode *inode, struct file *file) 978 { 979 return single_open(file, sco_debugfs_show, inode->i_private); 980 } 981 982 static const struct file_operations sco_debugfs_fops = { 983 .open = sco_debugfs_open, 984 .read = seq_read, 985 .llseek = seq_lseek, 986 .release = single_release, 987 }; 988 989 static struct dentry *sco_debugfs; 990 991 static const struct proto_ops sco_sock_ops = { 992 .family = PF_BLUETOOTH, 993 .owner = THIS_MODULE, 994 .release = sco_sock_release, 995 .bind = sco_sock_bind, 996 .connect = sco_sock_connect, 997 .listen = sco_sock_listen, 998 .accept = sco_sock_accept, 999 .getname = sco_sock_getname, 1000 .sendmsg = sco_sock_sendmsg, 1001 .recvmsg = bt_sock_recvmsg, 1002 .poll = bt_sock_poll, 1003 .ioctl = bt_sock_ioctl, 1004 .mmap = sock_no_mmap, 1005 .socketpair = sock_no_socketpair, 1006 .shutdown = sco_sock_shutdown, 1007 .setsockopt = sco_sock_setsockopt, 1008 .getsockopt = sco_sock_getsockopt 1009 }; 1010 1011 static const struct net_proto_family sco_sock_family_ops = { 1012 .family = PF_BLUETOOTH, 1013 .owner = THIS_MODULE, 1014 .create = sco_sock_create, 1015 }; 1016 1017 static struct hci_proto sco_hci_proto = { 1018 .name = "SCO", 1019 .id = HCI_PROTO_SCO, 1020 .connect_ind = sco_connect_ind, 1021 .connect_cfm = sco_connect_cfm, 1022 .disconn_cfm = sco_disconn_cfm, 1023 .recv_scodata = sco_recv_scodata 1024 }; 1025 1026 int __init sco_init(void) 1027 { 1028 int err; 1029 1030 err = proto_register(&sco_proto, 0); 1031 if (err < 0) 1032 return err; 1033 1034 err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops); 1035 if (err < 0) { 1036 BT_ERR("SCO socket registration failed"); 1037 goto error; 1038 } 1039 1040 err = hci_register_proto(&sco_hci_proto); 1041 if (err < 0) { 1042 BT_ERR("SCO protocol registration failed"); 1043 bt_sock_unregister(BTPROTO_SCO); 1044 goto error; 1045 } 1046 1047 if (bt_debugfs) { 1048 sco_debugfs = debugfs_create_file("sco", 0444, 1049 bt_debugfs, NULL, &sco_debugfs_fops); 1050 if (!sco_debugfs) 1051 BT_ERR("Failed to create SCO debug file"); 1052 } 1053 1054 BT_INFO("SCO socket layer initialized"); 1055 1056 return 0; 1057 1058 error: 1059 proto_unregister(&sco_proto); 1060 return err; 1061 } 1062 1063 void __exit sco_exit(void) 1064 { 1065 debugfs_remove(sco_debugfs); 1066 1067 if (bt_sock_unregister(BTPROTO_SCO) < 0) 1068 BT_ERR("SCO socket unregistration failed"); 1069 1070 if (hci_unregister_proto(&sco_hci_proto) < 0) 1071 BT_ERR("SCO protocol unregistration failed"); 1072 1073 proto_unregister(&sco_proto); 1074 } 1075 1076 module_param(disable_esco, bool, 0644); 1077 MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation"); 1078