1 /* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (C) 2000-2001 Qualcomm Incorporated 4 5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 6 7 This program is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License version 2 as 9 published by the Free Software Foundation; 10 11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 22 SOFTWARE IS DISCLAIMED. 23 */ 24 25 /* Bluetooth SCO sockets. */ 26 27 #include <linux/module.h> 28 #include <linux/debugfs.h> 29 #include <linux/seq_file.h> 30 #include <linux/sched/signal.h> 31 32 #include <net/bluetooth/bluetooth.h> 33 #include <net/bluetooth/hci_core.h> 34 #include <net/bluetooth/sco.h> 35 36 static bool disable_esco; 37 38 static const struct proto_ops sco_sock_ops; 39 40 static struct bt_sock_list sco_sk_list = { 41 .lock = __RW_LOCK_UNLOCKED(sco_sk_list.lock) 42 }; 43 44 /* ---- SCO connections ---- */ 45 struct sco_conn { 46 struct hci_conn *hcon; 47 48 spinlock_t lock; 49 struct sock *sk; 50 51 struct delayed_work timeout_work; 52 53 unsigned int mtu; 54 struct kref ref; 55 }; 56 57 #define sco_conn_lock(c) spin_lock(&c->lock) 58 #define sco_conn_unlock(c) spin_unlock(&c->lock) 59 60 static void sco_sock_close(struct sock *sk); 61 static void sco_sock_kill(struct sock *sk); 62 63 /* ----- SCO socket info ----- */ 64 #define sco_pi(sk) ((struct sco_pinfo *) sk) 65 66 struct sco_pinfo { 67 struct bt_sock bt; 68 bdaddr_t src; 69 bdaddr_t dst; 70 __u32 flags; 71 __u16 setting; 72 struct bt_codec codec; 73 struct sco_conn *conn; 74 }; 75 76 /* ---- SCO timers ---- */ 77 #define SCO_CONN_TIMEOUT (HZ * 40) 78 #define SCO_DISCONN_TIMEOUT (HZ * 2) 79 80 static void sco_conn_free(struct kref *ref) 81 { 82 struct sco_conn *conn = container_of(ref, struct sco_conn, ref); 83 84 BT_DBG("conn %p", conn); 85 86 if (conn->sk) 87 sco_pi(conn->sk)->conn = NULL; 88 89 if (conn->hcon) { 90 conn->hcon->sco_data = NULL; 91 hci_conn_drop(conn->hcon); 92 } 93 94 /* Ensure no more work items will run since hci_conn has been dropped */ 95 disable_delayed_work_sync(&conn->timeout_work); 96 97 kfree(conn); 98 } 99 100 static void sco_conn_put(struct sco_conn *conn) 101 { 102 if (!conn) 103 return; 104 105 BT_DBG("conn %p refcnt %d", conn, kref_read(&conn->ref)); 106 107 kref_put(&conn->ref, sco_conn_free); 108 } 109 110 static struct sco_conn *sco_conn_hold(struct sco_conn *conn) 111 { 112 BT_DBG("conn %p refcnt %u", conn, kref_read(&conn->ref)); 113 114 kref_get(&conn->ref); 115 return conn; 116 } 117 118 static struct sco_conn *sco_conn_hold_unless_zero(struct sco_conn *conn) 119 { 120 if (!conn) 121 return NULL; 122 123 BT_DBG("conn %p refcnt %u", conn, kref_read(&conn->ref)); 124 125 if (!kref_get_unless_zero(&conn->ref)) 126 return NULL; 127 128 return conn; 129 } 130 131 static struct sock *sco_sock_hold(struct sco_conn *conn) 132 { 133 if (!conn || !bt_sock_linked(&sco_sk_list, conn->sk)) 134 return NULL; 135 136 sock_hold(conn->sk); 137 138 return conn->sk; 139 } 140 141 static void sco_sock_timeout(struct work_struct *work) 142 { 143 struct sco_conn *conn = container_of(work, struct sco_conn, 144 timeout_work.work); 145 struct sock *sk; 146 147 conn = sco_conn_hold_unless_zero(conn); 148 if (!conn) 149 return; 150 151 sco_conn_lock(conn); 152 if (!conn->hcon) { 153 sco_conn_unlock(conn); 154 sco_conn_put(conn); 155 return; 156 } 157 sk = sco_sock_hold(conn); 158 sco_conn_unlock(conn); 159 sco_conn_put(conn); 160 161 if (!sk) 162 return; 163 164 BT_DBG("sock %p state %d", sk, sk->sk_state); 165 166 lock_sock(sk); 167 sk->sk_err = ETIMEDOUT; 168 sk->sk_state_change(sk); 169 release_sock(sk); 170 sock_put(sk); 171 } 172 173 static void sco_sock_set_timer(struct sock *sk, long timeout) 174 { 175 if (!sco_pi(sk)->conn) 176 return; 177 178 BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout); 179 cancel_delayed_work(&sco_pi(sk)->conn->timeout_work); 180 schedule_delayed_work(&sco_pi(sk)->conn->timeout_work, timeout); 181 } 182 183 static void sco_sock_clear_timer(struct sock *sk) 184 { 185 if (!sco_pi(sk)->conn) 186 return; 187 188 BT_DBG("sock %p state %d", sk, sk->sk_state); 189 cancel_delayed_work(&sco_pi(sk)->conn->timeout_work); 190 } 191 192 /* ---- SCO connections ---- */ 193 static struct sco_conn *sco_conn_add(struct hci_conn *hcon) 194 { 195 struct sco_conn *conn = hcon->sco_data; 196 197 conn = sco_conn_hold_unless_zero(conn); 198 if (conn) { 199 if (!conn->hcon) { 200 sco_conn_lock(conn); 201 conn->hcon = hcon; 202 sco_conn_unlock(conn); 203 } 204 return conn; 205 } 206 207 conn = kzalloc_obj(struct sco_conn); 208 if (!conn) 209 return NULL; 210 211 kref_init(&conn->ref); 212 spin_lock_init(&conn->lock); 213 INIT_DELAYED_WORK(&conn->timeout_work, sco_sock_timeout); 214 215 hcon->sco_data = conn; 216 conn->hcon = hcon; 217 conn->mtu = hcon->mtu; 218 219 if (hcon->mtu > 0) 220 conn->mtu = hcon->mtu; 221 else 222 conn->mtu = 60; 223 224 BT_DBG("hcon %p conn %p", hcon, conn); 225 226 return conn; 227 } 228 229 /* Delete channel. 230 * Must be called on the locked socket. */ 231 static void sco_chan_del(struct sock *sk, int err) 232 { 233 struct sco_conn *conn; 234 235 conn = sco_pi(sk)->conn; 236 sco_pi(sk)->conn = NULL; 237 238 BT_DBG("sk %p, conn %p, err %d", sk, conn, err); 239 240 if (conn) { 241 sco_conn_lock(conn); 242 conn->sk = NULL; 243 sco_conn_unlock(conn); 244 sco_conn_put(conn); 245 } 246 247 sk->sk_state = BT_CLOSED; 248 sk->sk_err = err; 249 sk->sk_state_change(sk); 250 251 sock_set_flag(sk, SOCK_ZAPPED); 252 } 253 254 static void sco_conn_del(struct hci_conn *hcon, int err) 255 { 256 struct sco_conn *conn = hcon->sco_data; 257 struct sock *sk; 258 259 conn = sco_conn_hold_unless_zero(conn); 260 if (!conn) 261 return; 262 263 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err); 264 265 sco_conn_lock(conn); 266 sk = sco_sock_hold(conn); 267 sco_conn_unlock(conn); 268 sco_conn_put(conn); 269 270 if (!sk) { 271 sco_conn_put(conn); 272 return; 273 } 274 275 /* Kill socket */ 276 lock_sock(sk); 277 sco_sock_clear_timer(sk); 278 sco_chan_del(sk, err); 279 release_sock(sk); 280 sock_put(sk); 281 } 282 283 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, 284 struct sock *parent) 285 { 286 BT_DBG("conn %p", conn); 287 288 sco_pi(sk)->conn = conn; 289 conn->sk = sk; 290 291 if (parent) 292 bt_accept_enqueue(parent, sk, true); 293 } 294 295 static int sco_chan_add(struct sco_conn *conn, struct sock *sk, 296 struct sock *parent) 297 { 298 int err = 0; 299 300 sco_conn_lock(conn); 301 if (conn->sk) 302 err = -EBUSY; 303 else 304 __sco_chan_add(conn, sk, parent); 305 306 sco_conn_unlock(conn); 307 return err; 308 } 309 310 static int sco_connect(struct sock *sk) 311 { 312 struct sco_conn *conn; 313 struct hci_conn *hcon; 314 struct hci_dev *hdev; 315 int err, type; 316 317 BT_DBG("%pMR -> %pMR", &sco_pi(sk)->src, &sco_pi(sk)->dst); 318 319 hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, BDADDR_BREDR); 320 if (!hdev) 321 return -EHOSTUNREACH; 322 323 hci_dev_lock(hdev); 324 325 if (lmp_esco_capable(hdev) && !disable_esco) 326 type = ESCO_LINK; 327 else 328 type = SCO_LINK; 329 330 switch (sco_pi(sk)->setting & SCO_AIRMODE_MASK) { 331 case SCO_AIRMODE_TRANSP: 332 if (!lmp_transp_capable(hdev) || !lmp_esco_capable(hdev)) { 333 err = -EOPNOTSUPP; 334 goto unlock; 335 } 336 break; 337 } 338 339 hcon = hci_connect_sco(hdev, type, &sco_pi(sk)->dst, 340 sco_pi(sk)->setting, &sco_pi(sk)->codec, 341 READ_ONCE(sk->sk_sndtimeo)); 342 if (IS_ERR(hcon)) { 343 err = PTR_ERR(hcon); 344 goto unlock; 345 } 346 347 conn = sco_conn_add(hcon); 348 if (!conn) { 349 hci_conn_drop(hcon); 350 err = -ENOMEM; 351 goto unlock; 352 } 353 354 lock_sock(sk); 355 356 err = sco_chan_add(conn, sk, NULL); 357 if (err) { 358 release_sock(sk); 359 goto unlock; 360 } 361 362 /* Update source addr of the socket */ 363 bacpy(&sco_pi(sk)->src, &hcon->src); 364 365 if (hcon->state == BT_CONNECTED) { 366 sco_sock_clear_timer(sk); 367 sk->sk_state = BT_CONNECTED; 368 } else { 369 sk->sk_state = BT_CONNECT; 370 sco_sock_set_timer(sk, READ_ONCE(sk->sk_sndtimeo)); 371 } 372 373 release_sock(sk); 374 375 unlock: 376 hci_dev_unlock(hdev); 377 hci_dev_put(hdev); 378 return err; 379 } 380 381 static int sco_send_frame(struct sock *sk, struct sk_buff *skb, 382 const struct sockcm_cookie *sockc) 383 { 384 struct sco_conn *conn = sco_pi(sk)->conn; 385 int len = skb->len; 386 387 /* Check outgoing MTU */ 388 if (len > conn->mtu) 389 return -EINVAL; 390 391 BT_DBG("sk %p len %d", sk, len); 392 393 hci_setup_tx_timestamp(skb, 1, sockc); 394 hci_send_sco(conn->hcon, skb); 395 396 return len; 397 } 398 399 static void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb) 400 { 401 struct sock *sk; 402 403 sco_conn_lock(conn); 404 sk = conn->sk; 405 sco_conn_unlock(conn); 406 407 if (!sk) 408 goto drop; 409 410 BT_DBG("sk %p len %u", sk, skb->len); 411 412 if (sk->sk_state != BT_CONNECTED) 413 goto drop; 414 415 if (!sock_queue_rcv_skb(sk, skb)) 416 return; 417 418 drop: 419 kfree_skb(skb); 420 } 421 422 /* -------- Socket interface ---------- */ 423 static struct sock *__sco_get_sock_listen_by_addr(bdaddr_t *ba) 424 { 425 struct sock *sk; 426 427 sk_for_each(sk, &sco_sk_list.head) { 428 if (sk->sk_state != BT_LISTEN) 429 continue; 430 431 if (!bacmp(&sco_pi(sk)->src, ba)) 432 return sk; 433 } 434 435 return NULL; 436 } 437 438 /* Find socket listening on source bdaddr. 439 * Returns closest match. 440 */ 441 static struct sock *sco_get_sock_listen(bdaddr_t *src) 442 { 443 struct sock *sk = NULL, *sk1 = NULL; 444 445 read_lock(&sco_sk_list.lock); 446 447 sk_for_each(sk, &sco_sk_list.head) { 448 if (sk->sk_state != BT_LISTEN) 449 continue; 450 451 /* Exact match. */ 452 if (!bacmp(&sco_pi(sk)->src, src)) 453 break; 454 455 /* Closest match */ 456 if (!bacmp(&sco_pi(sk)->src, BDADDR_ANY)) 457 sk1 = sk; 458 } 459 460 read_unlock(&sco_sk_list.lock); 461 462 return sk ? sk : sk1; 463 } 464 465 static void sco_sock_destruct(struct sock *sk) 466 { 467 BT_DBG("sk %p", sk); 468 469 sco_conn_put(sco_pi(sk)->conn); 470 471 skb_queue_purge(&sk->sk_receive_queue); 472 skb_queue_purge(&sk->sk_write_queue); 473 skb_queue_purge(&sk->sk_error_queue); 474 } 475 476 static void sco_sock_cleanup_listen(struct sock *parent) 477 { 478 struct sock *sk; 479 480 BT_DBG("parent %p", parent); 481 482 /* Close not yet accepted channels */ 483 while ((sk = bt_accept_dequeue(parent, NULL))) { 484 sco_sock_close(sk); 485 sco_sock_kill(sk); 486 } 487 488 parent->sk_state = BT_CLOSED; 489 sock_set_flag(parent, SOCK_ZAPPED); 490 } 491 492 /* Kill socket (only if zapped and orphan) 493 * Must be called on unlocked socket. 494 */ 495 static void sco_sock_kill(struct sock *sk) 496 { 497 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket) 498 return; 499 500 BT_DBG("sk %p state %d", sk, sk->sk_state); 501 502 /* Sock is dead, so set conn->sk to NULL to avoid possible UAF */ 503 if (sco_pi(sk)->conn) { 504 sco_conn_lock(sco_pi(sk)->conn); 505 sco_pi(sk)->conn->sk = NULL; 506 sco_conn_unlock(sco_pi(sk)->conn); 507 } 508 509 /* Kill poor orphan */ 510 bt_sock_unlink(&sco_sk_list, sk); 511 sock_set_flag(sk, SOCK_DEAD); 512 sock_put(sk); 513 } 514 515 static void __sco_sock_close(struct sock *sk) 516 { 517 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket); 518 519 switch (sk->sk_state) { 520 case BT_LISTEN: 521 sco_sock_cleanup_listen(sk); 522 break; 523 524 case BT_CONNECTED: 525 case BT_CONFIG: 526 case BT_CONNECT2: 527 case BT_CONNECT: 528 case BT_DISCONN: 529 sco_chan_del(sk, ECONNRESET); 530 break; 531 532 default: 533 sock_set_flag(sk, SOCK_ZAPPED); 534 break; 535 } 536 537 } 538 539 /* Must be called on unlocked socket. */ 540 static void sco_sock_close(struct sock *sk) 541 { 542 lock_sock(sk); 543 sco_sock_clear_timer(sk); 544 __sco_sock_close(sk); 545 release_sock(sk); 546 } 547 548 static void sco_sock_init(struct sock *sk, struct sock *parent) 549 { 550 BT_DBG("sk %p", sk); 551 552 if (parent) { 553 sk->sk_type = parent->sk_type; 554 bt_sk(sk)->flags = bt_sk(parent)->flags; 555 security_sk_clone(parent, sk); 556 } 557 } 558 559 static struct proto sco_proto = { 560 .name = "SCO", 561 .owner = THIS_MODULE, 562 .obj_size = sizeof(struct sco_pinfo) 563 }; 564 565 static struct sock *sco_sock_alloc(struct net *net, struct socket *sock, 566 int proto, gfp_t prio, int kern) 567 { 568 struct sock *sk; 569 570 sk = bt_sock_alloc(net, sock, &sco_proto, proto, prio, kern); 571 if (!sk) 572 return NULL; 573 574 sk->sk_destruct = sco_sock_destruct; 575 sk->sk_sndtimeo = SCO_CONN_TIMEOUT; 576 577 sco_pi(sk)->setting = BT_VOICE_CVSD_16BIT; 578 sco_pi(sk)->codec.id = BT_CODEC_CVSD; 579 sco_pi(sk)->codec.cid = 0xffff; 580 sco_pi(sk)->codec.vid = 0xffff; 581 sco_pi(sk)->codec.data_path = 0x00; 582 583 bt_sock_link(&sco_sk_list, sk); 584 return sk; 585 } 586 587 static int sco_sock_create(struct net *net, struct socket *sock, int protocol, 588 int kern) 589 { 590 struct sock *sk; 591 592 BT_DBG("sock %p", sock); 593 594 sock->state = SS_UNCONNECTED; 595 596 if (sock->type != SOCK_SEQPACKET) 597 return -ESOCKTNOSUPPORT; 598 599 sock->ops = &sco_sock_ops; 600 601 sk = sco_sock_alloc(net, sock, protocol, GFP_ATOMIC, kern); 602 if (!sk) 603 return -ENOMEM; 604 605 sco_sock_init(sk, NULL); 606 return 0; 607 } 608 609 static int sco_sock_bind(struct socket *sock, struct sockaddr_unsized *addr, 610 int addr_len) 611 { 612 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 613 struct sock *sk = sock->sk; 614 int err = 0; 615 616 if (!addr || addr_len < sizeof(struct sockaddr_sco) || 617 addr->sa_family != AF_BLUETOOTH) 618 return -EINVAL; 619 620 BT_DBG("sk %p %pMR", sk, &sa->sco_bdaddr); 621 622 lock_sock(sk); 623 624 if (sk->sk_state != BT_OPEN) { 625 err = -EBADFD; 626 goto done; 627 } 628 629 if (sk->sk_type != SOCK_SEQPACKET) { 630 err = -EINVAL; 631 goto done; 632 } 633 634 bacpy(&sco_pi(sk)->src, &sa->sco_bdaddr); 635 636 sk->sk_state = BT_BOUND; 637 638 done: 639 release_sock(sk); 640 return err; 641 } 642 643 static int sco_sock_connect(struct socket *sock, struct sockaddr_unsized *addr, int alen, int flags) 644 { 645 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 646 struct sock *sk = sock->sk; 647 int err; 648 649 BT_DBG("sk %p", sk); 650 651 if (alen < sizeof(struct sockaddr_sco) || 652 addr->sa_family != AF_BLUETOOTH) 653 return -EINVAL; 654 655 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) 656 return -EBADFD; 657 658 if (sk->sk_type != SOCK_SEQPACKET) 659 err = -EINVAL; 660 661 lock_sock(sk); 662 /* Set destination address and psm */ 663 bacpy(&sco_pi(sk)->dst, &sa->sco_bdaddr); 664 release_sock(sk); 665 666 err = sco_connect(sk); 667 if (err) 668 return err; 669 670 lock_sock(sk); 671 672 err = bt_sock_wait_state(sk, BT_CONNECTED, 673 sock_sndtimeo(sk, flags & O_NONBLOCK)); 674 675 release_sock(sk); 676 return err; 677 } 678 679 static int sco_sock_listen(struct socket *sock, int backlog) 680 { 681 struct sock *sk = sock->sk; 682 bdaddr_t *src = &sco_pi(sk)->src; 683 int err = 0; 684 685 BT_DBG("sk %p backlog %d", sk, backlog); 686 687 lock_sock(sk); 688 689 if (sk->sk_state != BT_BOUND) { 690 err = -EBADFD; 691 goto done; 692 } 693 694 if (sk->sk_type != SOCK_SEQPACKET) { 695 err = -EINVAL; 696 goto done; 697 } 698 699 write_lock(&sco_sk_list.lock); 700 701 if (__sco_get_sock_listen_by_addr(src)) { 702 err = -EADDRINUSE; 703 goto unlock; 704 } 705 706 sk->sk_max_ack_backlog = backlog; 707 sk->sk_ack_backlog = 0; 708 709 sk->sk_state = BT_LISTEN; 710 711 unlock: 712 write_unlock(&sco_sk_list.lock); 713 714 done: 715 release_sock(sk); 716 return err; 717 } 718 719 static int sco_sock_accept(struct socket *sock, struct socket *newsock, 720 struct proto_accept_arg *arg) 721 { 722 DEFINE_WAIT_FUNC(wait, woken_wake_function); 723 struct sock *sk = sock->sk, *ch; 724 long timeo; 725 int err = 0; 726 727 lock_sock(sk); 728 729 timeo = sock_rcvtimeo(sk, arg->flags & O_NONBLOCK); 730 731 BT_DBG("sk %p timeo %ld", sk, timeo); 732 733 /* Wait for an incoming connection. (wake-one). */ 734 add_wait_queue_exclusive(sk_sleep(sk), &wait); 735 while (1) { 736 if (sk->sk_state != BT_LISTEN) { 737 err = -EBADFD; 738 break; 739 } 740 741 ch = bt_accept_dequeue(sk, newsock); 742 if (ch) 743 break; 744 745 if (!timeo) { 746 err = -EAGAIN; 747 break; 748 } 749 750 if (signal_pending(current)) { 751 err = sock_intr_errno(timeo); 752 break; 753 } 754 755 release_sock(sk); 756 757 timeo = wait_woken(&wait, TASK_INTERRUPTIBLE, timeo); 758 lock_sock(sk); 759 } 760 remove_wait_queue(sk_sleep(sk), &wait); 761 762 if (err) 763 goto done; 764 765 newsock->state = SS_CONNECTED; 766 767 BT_DBG("new socket %p", ch); 768 769 done: 770 release_sock(sk); 771 return err; 772 } 773 774 static int sco_sock_getname(struct socket *sock, struct sockaddr *addr, 775 int peer) 776 { 777 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 778 struct sock *sk = sock->sk; 779 780 BT_DBG("sock %p, sk %p", sock, sk); 781 782 addr->sa_family = AF_BLUETOOTH; 783 784 if (peer) 785 bacpy(&sa->sco_bdaddr, &sco_pi(sk)->dst); 786 else 787 bacpy(&sa->sco_bdaddr, &sco_pi(sk)->src); 788 789 return sizeof(struct sockaddr_sco); 790 } 791 792 static int sco_sock_sendmsg(struct socket *sock, struct msghdr *msg, 793 size_t len) 794 { 795 struct sock *sk = sock->sk; 796 struct sk_buff *skb; 797 struct sockcm_cookie sockc; 798 int err; 799 800 BT_DBG("sock %p, sk %p", sock, sk); 801 802 err = sock_error(sk); 803 if (err) 804 return err; 805 806 if (msg->msg_flags & MSG_OOB) 807 return -EOPNOTSUPP; 808 809 hci_sockcm_init(&sockc, sk); 810 811 if (msg->msg_controllen) { 812 err = sock_cmsg_send(sk, msg, &sockc); 813 if (err) 814 return err; 815 } 816 817 skb = bt_skb_sendmsg(sk, msg, len, len, 0, 0); 818 if (IS_ERR(skb)) 819 return PTR_ERR(skb); 820 821 lock_sock(sk); 822 823 if (sk->sk_state == BT_CONNECTED) 824 err = sco_send_frame(sk, skb, &sockc); 825 else 826 err = -ENOTCONN; 827 828 release_sock(sk); 829 830 if (err < 0) 831 kfree_skb(skb); 832 return err; 833 } 834 835 static void sco_conn_defer_accept(struct hci_conn *conn, u16 setting) 836 { 837 struct hci_dev *hdev = conn->hdev; 838 839 BT_DBG("conn %p", conn); 840 841 conn->state = BT_CONFIG; 842 843 if (!lmp_esco_capable(hdev)) { 844 struct hci_cp_accept_conn_req cp; 845 846 bacpy(&cp.bdaddr, &conn->dst); 847 cp.role = 0x00; /* Ignored */ 848 849 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp), &cp); 850 } else { 851 struct hci_cp_accept_sync_conn_req cp; 852 853 bacpy(&cp.bdaddr, &conn->dst); 854 cp.pkt_type = cpu_to_le16(conn->pkt_type); 855 856 cp.tx_bandwidth = cpu_to_le32(0x00001f40); 857 cp.rx_bandwidth = cpu_to_le32(0x00001f40); 858 cp.content_format = cpu_to_le16(setting); 859 860 switch (setting & SCO_AIRMODE_MASK) { 861 case SCO_AIRMODE_TRANSP: 862 if (conn->pkt_type & ESCO_2EV3) 863 cp.max_latency = cpu_to_le16(0x0008); 864 else 865 cp.max_latency = cpu_to_le16(0x000D); 866 cp.retrans_effort = 0x02; 867 break; 868 case SCO_AIRMODE_CVSD: 869 cp.max_latency = cpu_to_le16(0xffff); 870 cp.retrans_effort = 0xff; 871 break; 872 default: 873 /* use CVSD settings as fallback */ 874 cp.max_latency = cpu_to_le16(0xffff); 875 cp.retrans_effort = 0xff; 876 break; 877 } 878 879 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ, 880 sizeof(cp), &cp); 881 } 882 } 883 884 static int sco_sock_recvmsg(struct socket *sock, struct msghdr *msg, 885 size_t len, int flags) 886 { 887 struct sock *sk = sock->sk; 888 struct sco_pinfo *pi = sco_pi(sk); 889 890 if (unlikely(flags & MSG_ERRQUEUE)) 891 return sock_recv_errqueue(sk, msg, len, SOL_BLUETOOTH, 892 BT_SCM_ERROR); 893 894 lock_sock(sk); 895 896 if (sk->sk_state == BT_CONNECT2 && 897 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) { 898 sco_conn_defer_accept(pi->conn->hcon, pi->setting); 899 sk->sk_state = BT_CONFIG; 900 901 release_sock(sk); 902 return 0; 903 } 904 905 release_sock(sk); 906 907 return bt_sock_recvmsg(sock, msg, len, flags); 908 } 909 910 static int sco_sock_setsockopt(struct socket *sock, int level, int optname, 911 sockptr_t optval, unsigned int optlen) 912 { 913 struct sock *sk = sock->sk; 914 int err = 0; 915 struct bt_voice voice; 916 u32 opt; 917 struct bt_codecs *codecs; 918 struct hci_dev *hdev; 919 __u8 buffer[255]; 920 921 BT_DBG("sk %p", sk); 922 923 lock_sock(sk); 924 925 switch (optname) { 926 927 case BT_DEFER_SETUP: 928 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) { 929 err = -EINVAL; 930 break; 931 } 932 933 err = copy_safe_from_sockptr(&opt, sizeof(opt), optval, optlen); 934 if (err) 935 break; 936 937 if (opt) 938 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags); 939 else 940 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags); 941 break; 942 943 case BT_VOICE: 944 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND && 945 sk->sk_state != BT_CONNECT2) { 946 err = -EINVAL; 947 break; 948 } 949 950 voice.setting = sco_pi(sk)->setting; 951 952 err = copy_safe_from_sockptr(&voice, sizeof(voice), optval, 953 optlen); 954 if (err) 955 break; 956 957 sco_pi(sk)->setting = voice.setting; 958 hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, 959 BDADDR_BREDR); 960 if (!hdev) { 961 err = -EBADFD; 962 break; 963 } 964 965 switch (sco_pi(sk)->setting & SCO_AIRMODE_MASK) { 966 case SCO_AIRMODE_TRANSP: 967 if (enhanced_sync_conn_capable(hdev)) 968 sco_pi(sk)->codec.id = BT_CODEC_TRANSPARENT; 969 break; 970 } 971 972 hci_dev_put(hdev); 973 break; 974 975 case BT_PKT_STATUS: 976 err = copy_safe_from_sockptr(&opt, sizeof(opt), optval, optlen); 977 if (err) 978 break; 979 980 if (opt) 981 set_bit(BT_SK_PKT_STATUS, &bt_sk(sk)->flags); 982 else 983 clear_bit(BT_SK_PKT_STATUS, &bt_sk(sk)->flags); 984 break; 985 986 case BT_CODEC: 987 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND && 988 sk->sk_state != BT_CONNECT2) { 989 err = -EINVAL; 990 break; 991 } 992 993 hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, 994 BDADDR_BREDR); 995 if (!hdev) { 996 err = -EBADFD; 997 break; 998 } 999 1000 if (!hci_dev_test_flag(hdev, HCI_OFFLOAD_CODECS_ENABLED)) { 1001 hci_dev_put(hdev); 1002 err = -EOPNOTSUPP; 1003 break; 1004 } 1005 1006 if (!hdev->get_data_path_id) { 1007 hci_dev_put(hdev); 1008 err = -EOPNOTSUPP; 1009 break; 1010 } 1011 1012 if (optlen < sizeof(struct bt_codecs) || 1013 optlen > sizeof(buffer)) { 1014 hci_dev_put(hdev); 1015 err = -EINVAL; 1016 break; 1017 } 1018 1019 err = copy_struct_from_sockptr(buffer, sizeof(buffer), optval, 1020 optlen); 1021 if (err) { 1022 hci_dev_put(hdev); 1023 break; 1024 } 1025 1026 codecs = (void *)buffer; 1027 1028 if (codecs->num_codecs > 1) { 1029 hci_dev_put(hdev); 1030 err = -EINVAL; 1031 break; 1032 } 1033 1034 sco_pi(sk)->codec = codecs->codecs[0]; 1035 hci_dev_put(hdev); 1036 break; 1037 1038 default: 1039 err = -ENOPROTOOPT; 1040 break; 1041 } 1042 1043 release_sock(sk); 1044 return err; 1045 } 1046 1047 static int sco_sock_getsockopt_old(struct socket *sock, int optname, 1048 char __user *optval, int __user *optlen) 1049 { 1050 struct sock *sk = sock->sk; 1051 struct sco_options opts; 1052 struct sco_conninfo cinfo; 1053 int err = 0; 1054 size_t len; 1055 1056 BT_DBG("sk %p", sk); 1057 1058 if (get_user(len, optlen)) 1059 return -EFAULT; 1060 1061 lock_sock(sk); 1062 1063 switch (optname) { 1064 case SCO_OPTIONS: 1065 if (sk->sk_state != BT_CONNECTED && 1066 !(sk->sk_state == BT_CONNECT2 && 1067 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) { 1068 err = -ENOTCONN; 1069 break; 1070 } 1071 1072 opts.mtu = sco_pi(sk)->conn->mtu; 1073 1074 BT_DBG("mtu %u", opts.mtu); 1075 1076 len = min(len, sizeof(opts)); 1077 if (copy_to_user(optval, (char *)&opts, len)) 1078 err = -EFAULT; 1079 1080 break; 1081 1082 case SCO_CONNINFO: 1083 if (sk->sk_state != BT_CONNECTED && 1084 !(sk->sk_state == BT_CONNECT2 && 1085 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) { 1086 err = -ENOTCONN; 1087 break; 1088 } 1089 1090 memset(&cinfo, 0, sizeof(cinfo)); 1091 cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle; 1092 memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3); 1093 1094 len = min(len, sizeof(cinfo)); 1095 if (copy_to_user(optval, (char *)&cinfo, len)) 1096 err = -EFAULT; 1097 1098 break; 1099 1100 default: 1101 err = -ENOPROTOOPT; 1102 break; 1103 } 1104 1105 release_sock(sk); 1106 return err; 1107 } 1108 1109 static int sco_sock_getsockopt(struct socket *sock, int level, int optname, 1110 char __user *optval, int __user *optlen) 1111 { 1112 struct sock *sk = sock->sk; 1113 int len, err = 0; 1114 struct bt_voice voice; 1115 u32 phys; 1116 int buf_len; 1117 struct codec_list *c; 1118 u8 num_codecs, i, __user *ptr; 1119 struct hci_dev *hdev; 1120 struct hci_codec_caps *caps; 1121 struct bt_codec codec; 1122 1123 BT_DBG("sk %p", sk); 1124 1125 if (level == SOL_SCO) 1126 return sco_sock_getsockopt_old(sock, optname, optval, optlen); 1127 1128 if (get_user(len, optlen)) 1129 return -EFAULT; 1130 1131 lock_sock(sk); 1132 1133 switch (optname) { 1134 1135 case BT_DEFER_SETUP: 1136 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) { 1137 err = -EINVAL; 1138 break; 1139 } 1140 1141 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags), 1142 (u32 __user *)optval)) 1143 err = -EFAULT; 1144 1145 break; 1146 1147 case BT_VOICE: 1148 voice.setting = sco_pi(sk)->setting; 1149 1150 len = min_t(unsigned int, len, sizeof(voice)); 1151 if (copy_to_user(optval, (char *)&voice, len)) 1152 err = -EFAULT; 1153 1154 break; 1155 1156 case BT_PHY: 1157 if (sk->sk_state != BT_CONNECTED) { 1158 err = -ENOTCONN; 1159 break; 1160 } 1161 1162 phys = hci_conn_get_phy(sco_pi(sk)->conn->hcon); 1163 1164 if (put_user(phys, (u32 __user *) optval)) 1165 err = -EFAULT; 1166 break; 1167 1168 case BT_PKT_STATUS: 1169 if (put_user(test_bit(BT_SK_PKT_STATUS, &bt_sk(sk)->flags), 1170 (int __user *)optval)) 1171 err = -EFAULT; 1172 break; 1173 1174 case BT_SNDMTU: 1175 case BT_RCVMTU: 1176 if (sk->sk_state != BT_CONNECTED) { 1177 err = -ENOTCONN; 1178 break; 1179 } 1180 1181 if (put_user(sco_pi(sk)->conn->mtu, (u32 __user *)optval)) 1182 err = -EFAULT; 1183 break; 1184 1185 case BT_CODEC: 1186 num_codecs = 0; 1187 buf_len = 0; 1188 1189 hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, BDADDR_BREDR); 1190 if (!hdev) { 1191 err = -EBADFD; 1192 break; 1193 } 1194 1195 if (!hci_dev_test_flag(hdev, HCI_OFFLOAD_CODECS_ENABLED)) { 1196 hci_dev_put(hdev); 1197 err = -EOPNOTSUPP; 1198 break; 1199 } 1200 1201 if (!hdev->get_data_path_id) { 1202 hci_dev_put(hdev); 1203 err = -EOPNOTSUPP; 1204 break; 1205 } 1206 1207 release_sock(sk); 1208 1209 /* find total buffer size required to copy codec + caps */ 1210 hci_dev_lock(hdev); 1211 list_for_each_entry(c, &hdev->local_codecs, list) { 1212 if (c->transport != HCI_TRANSPORT_SCO_ESCO) 1213 continue; 1214 num_codecs++; 1215 for (i = 0, caps = c->caps; i < c->num_caps; i++) { 1216 buf_len += 1 + caps->len; 1217 caps = (void *)&caps->data[caps->len]; 1218 } 1219 buf_len += sizeof(struct bt_codec); 1220 } 1221 hci_dev_unlock(hdev); 1222 1223 buf_len += sizeof(struct bt_codecs); 1224 if (buf_len > len) { 1225 hci_dev_put(hdev); 1226 return -ENOBUFS; 1227 } 1228 ptr = optval; 1229 1230 if (put_user(num_codecs, ptr)) { 1231 hci_dev_put(hdev); 1232 return -EFAULT; 1233 } 1234 ptr += sizeof(num_codecs); 1235 1236 /* Iterate all the codecs supported over SCO and populate 1237 * codec data 1238 */ 1239 hci_dev_lock(hdev); 1240 list_for_each_entry(c, &hdev->local_codecs, list) { 1241 if (c->transport != HCI_TRANSPORT_SCO_ESCO) 1242 continue; 1243 1244 codec.id = c->id; 1245 codec.cid = c->cid; 1246 codec.vid = c->vid; 1247 err = hdev->get_data_path_id(hdev, &codec.data_path); 1248 if (err < 0) 1249 break; 1250 codec.num_caps = c->num_caps; 1251 if (copy_to_user(ptr, &codec, sizeof(codec))) { 1252 err = -EFAULT; 1253 break; 1254 } 1255 ptr += sizeof(codec); 1256 1257 /* find codec capabilities data length */ 1258 len = 0; 1259 for (i = 0, caps = c->caps; i < c->num_caps; i++) { 1260 len += 1 + caps->len; 1261 caps = (void *)&caps->data[caps->len]; 1262 } 1263 1264 /* copy codec capabilities data */ 1265 if (len && copy_to_user(ptr, c->caps, len)) { 1266 err = -EFAULT; 1267 break; 1268 } 1269 ptr += len; 1270 } 1271 1272 hci_dev_unlock(hdev); 1273 hci_dev_put(hdev); 1274 1275 lock_sock(sk); 1276 1277 if (!err && put_user(buf_len, optlen)) 1278 err = -EFAULT; 1279 1280 break; 1281 1282 default: 1283 err = -ENOPROTOOPT; 1284 break; 1285 } 1286 1287 release_sock(sk); 1288 return err; 1289 } 1290 1291 static int sco_sock_shutdown(struct socket *sock, int how) 1292 { 1293 struct sock *sk = sock->sk; 1294 int err = 0; 1295 1296 BT_DBG("sock %p, sk %p", sock, sk); 1297 1298 if (!sk) 1299 return 0; 1300 1301 sock_hold(sk); 1302 lock_sock(sk); 1303 1304 if (!sk->sk_shutdown) { 1305 sk->sk_shutdown = SHUTDOWN_MASK; 1306 sco_sock_clear_timer(sk); 1307 __sco_sock_close(sk); 1308 1309 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime && 1310 !(current->flags & PF_EXITING)) 1311 err = bt_sock_wait_state(sk, BT_CLOSED, 1312 sk->sk_lingertime); 1313 } 1314 1315 release_sock(sk); 1316 sock_put(sk); 1317 1318 return err; 1319 } 1320 1321 static int sco_sock_release(struct socket *sock) 1322 { 1323 struct sock *sk = sock->sk; 1324 int err = 0; 1325 1326 BT_DBG("sock %p, sk %p", sock, sk); 1327 1328 if (!sk) 1329 return 0; 1330 1331 sco_sock_close(sk); 1332 1333 if (sock_flag(sk, SOCK_LINGER) && READ_ONCE(sk->sk_lingertime) && 1334 !(current->flags & PF_EXITING)) { 1335 lock_sock(sk); 1336 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime); 1337 release_sock(sk); 1338 } 1339 1340 sock_orphan(sk); 1341 sco_sock_kill(sk); 1342 return err; 1343 } 1344 1345 static void sco_conn_ready(struct sco_conn *conn) 1346 { 1347 struct sock *parent; 1348 struct sock *sk = conn->sk; 1349 1350 BT_DBG("conn %p", conn); 1351 1352 if (sk) { 1353 lock_sock(sk); 1354 sco_sock_clear_timer(sk); 1355 sk->sk_state = BT_CONNECTED; 1356 sk->sk_state_change(sk); 1357 release_sock(sk); 1358 } else { 1359 sco_conn_lock(conn); 1360 1361 if (!conn->hcon) { 1362 sco_conn_unlock(conn); 1363 return; 1364 } 1365 1366 parent = sco_get_sock_listen(&conn->hcon->src); 1367 if (!parent) { 1368 sco_conn_unlock(conn); 1369 return; 1370 } 1371 1372 lock_sock(parent); 1373 1374 sk = sco_sock_alloc(sock_net(parent), NULL, 1375 BTPROTO_SCO, GFP_ATOMIC, 0); 1376 if (!sk) { 1377 release_sock(parent); 1378 sco_conn_unlock(conn); 1379 return; 1380 } 1381 1382 sco_sock_init(sk, parent); 1383 1384 bacpy(&sco_pi(sk)->src, &conn->hcon->src); 1385 bacpy(&sco_pi(sk)->dst, &conn->hcon->dst); 1386 1387 sco_conn_hold(conn); 1388 hci_conn_hold(conn->hcon); 1389 __sco_chan_add(conn, sk, parent); 1390 1391 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags)) 1392 sk->sk_state = BT_CONNECT2; 1393 else 1394 sk->sk_state = BT_CONNECTED; 1395 1396 /* Wake up parent */ 1397 parent->sk_data_ready(parent); 1398 1399 release_sock(parent); 1400 1401 sco_conn_unlock(conn); 1402 } 1403 } 1404 1405 /* ----- SCO interface with lower layer (HCI) ----- */ 1406 int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 *flags) 1407 { 1408 struct sock *sk; 1409 int lm = 0; 1410 1411 BT_DBG("hdev %s, bdaddr %pMR", hdev->name, bdaddr); 1412 1413 /* Find listening sockets */ 1414 read_lock(&sco_sk_list.lock); 1415 sk_for_each(sk, &sco_sk_list.head) { 1416 if (sk->sk_state != BT_LISTEN) 1417 continue; 1418 1419 if (!bacmp(&sco_pi(sk)->src, &hdev->bdaddr) || 1420 !bacmp(&sco_pi(sk)->src, BDADDR_ANY)) { 1421 lm |= HCI_LM_ACCEPT; 1422 1423 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) 1424 *flags |= HCI_PROTO_DEFER; 1425 break; 1426 } 1427 } 1428 read_unlock(&sco_sk_list.lock); 1429 1430 return lm; 1431 } 1432 1433 static void sco_connect_cfm(struct hci_conn *hcon, __u8 status) 1434 { 1435 if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK) 1436 return; 1437 1438 BT_DBG("hcon %p bdaddr %pMR status %u", hcon, &hcon->dst, status); 1439 1440 if (!status) { 1441 struct sco_conn *conn; 1442 1443 conn = sco_conn_add(hcon); 1444 if (conn) { 1445 sco_conn_ready(conn); 1446 sco_conn_put(conn); 1447 } 1448 } else 1449 sco_conn_del(hcon, bt_to_errno(status)); 1450 } 1451 1452 static void sco_disconn_cfm(struct hci_conn *hcon, __u8 reason) 1453 { 1454 if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK) 1455 return; 1456 1457 BT_DBG("hcon %p reason %d", hcon, reason); 1458 1459 sco_conn_del(hcon, bt_to_errno(reason)); 1460 } 1461 1462 int sco_recv_scodata(struct hci_dev *hdev, u16 handle, struct sk_buff *skb) 1463 { 1464 struct hci_conn *hcon; 1465 struct sco_conn *conn; 1466 1467 hci_dev_lock(hdev); 1468 1469 hcon = hci_conn_hash_lookup_handle(hdev, handle); 1470 if (!hcon) { 1471 hci_dev_unlock(hdev); 1472 kfree_skb(skb); 1473 return -ENOENT; 1474 } 1475 1476 conn = sco_conn_hold_unless_zero(hcon->sco_data); 1477 hcon = NULL; 1478 1479 hci_dev_unlock(hdev); 1480 1481 if (!conn) { 1482 kfree_skb(skb); 1483 return -EINVAL; 1484 } 1485 1486 BT_DBG("conn %p len %u", conn, skb->len); 1487 1488 if (skb->len) 1489 sco_recv_frame(conn, skb); 1490 else 1491 kfree_skb(skb); 1492 1493 sco_conn_put(conn); 1494 return 0; 1495 } 1496 1497 static struct hci_cb sco_cb = { 1498 .name = "SCO", 1499 .connect_cfm = sco_connect_cfm, 1500 .disconn_cfm = sco_disconn_cfm, 1501 }; 1502 1503 static int sco_debugfs_show(struct seq_file *f, void *p) 1504 { 1505 struct sock *sk; 1506 1507 read_lock(&sco_sk_list.lock); 1508 1509 sk_for_each(sk, &sco_sk_list.head) { 1510 seq_printf(f, "%pMR %pMR %d\n", &sco_pi(sk)->src, 1511 &sco_pi(sk)->dst, sk->sk_state); 1512 } 1513 1514 read_unlock(&sco_sk_list.lock); 1515 1516 return 0; 1517 } 1518 1519 DEFINE_SHOW_ATTRIBUTE(sco_debugfs); 1520 1521 static struct dentry *sco_debugfs; 1522 1523 static const struct proto_ops sco_sock_ops = { 1524 .family = PF_BLUETOOTH, 1525 .owner = THIS_MODULE, 1526 .release = sco_sock_release, 1527 .bind = sco_sock_bind, 1528 .connect = sco_sock_connect, 1529 .listen = sco_sock_listen, 1530 .accept = sco_sock_accept, 1531 .getname = sco_sock_getname, 1532 .sendmsg = sco_sock_sendmsg, 1533 .recvmsg = sco_sock_recvmsg, 1534 .poll = bt_sock_poll, 1535 .ioctl = bt_sock_ioctl, 1536 .gettstamp = sock_gettstamp, 1537 .mmap = sock_no_mmap, 1538 .socketpair = sock_no_socketpair, 1539 .shutdown = sco_sock_shutdown, 1540 .setsockopt = sco_sock_setsockopt, 1541 .getsockopt = sco_sock_getsockopt 1542 }; 1543 1544 static const struct net_proto_family sco_sock_family_ops = { 1545 .family = PF_BLUETOOTH, 1546 .owner = THIS_MODULE, 1547 .create = sco_sock_create, 1548 }; 1549 1550 int __init sco_init(void) 1551 { 1552 int err; 1553 1554 BUILD_BUG_ON(sizeof(struct sockaddr_sco) > sizeof(struct sockaddr)); 1555 1556 err = proto_register(&sco_proto, 0); 1557 if (err < 0) 1558 return err; 1559 1560 err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops); 1561 if (err < 0) { 1562 BT_ERR("SCO socket registration failed"); 1563 goto error; 1564 } 1565 1566 err = bt_procfs_init(&init_net, "sco", &sco_sk_list, NULL); 1567 if (err < 0) { 1568 BT_ERR("Failed to create SCO proc file"); 1569 bt_sock_unregister(BTPROTO_SCO); 1570 goto error; 1571 } 1572 1573 BT_INFO("SCO socket layer initialized"); 1574 1575 hci_register_cb(&sco_cb); 1576 1577 if (IS_ERR_OR_NULL(bt_debugfs)) 1578 return 0; 1579 1580 sco_debugfs = debugfs_create_file("sco", 0444, bt_debugfs, 1581 NULL, &sco_debugfs_fops); 1582 1583 return 0; 1584 1585 error: 1586 proto_unregister(&sco_proto); 1587 return err; 1588 } 1589 1590 void sco_exit(void) 1591 { 1592 bt_procfs_cleanup(&init_net, "sco"); 1593 1594 debugfs_remove(sco_debugfs); 1595 1596 hci_unregister_cb(&sco_cb); 1597 1598 bt_sock_unregister(BTPROTO_SCO); 1599 1600 proto_unregister(&sco_proto); 1601 } 1602 1603 module_param(disable_esco, bool, 0644); 1604 MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation"); 1605