1 /* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (C) 2000-2001 Qualcomm Incorporated 4 5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 6 7 This program is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License version 2 as 9 published by the Free Software Foundation; 10 11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 22 SOFTWARE IS DISCLAIMED. 23 */ 24 25 /* Bluetooth SCO sockets. */ 26 27 #include <linux/module.h> 28 29 #include <linux/types.h> 30 #include <linux/errno.h> 31 #include <linux/kernel.h> 32 #include <linux/sched.h> 33 #include <linux/slab.h> 34 #include <linux/poll.h> 35 #include <linux/fcntl.h> 36 #include <linux/init.h> 37 #include <linux/interrupt.h> 38 #include <linux/socket.h> 39 #include <linux/skbuff.h> 40 #include <linux/device.h> 41 #include <linux/debugfs.h> 42 #include <linux/seq_file.h> 43 #include <linux/list.h> 44 #include <net/sock.h> 45 46 #include <asm/system.h> 47 #include <linux/uaccess.h> 48 49 #include <net/bluetooth/bluetooth.h> 50 #include <net/bluetooth/hci_core.h> 51 #include <net/bluetooth/sco.h> 52 53 static int disable_esco; 54 55 static const struct proto_ops sco_sock_ops; 56 57 static struct bt_sock_list sco_sk_list = { 58 .lock = __RW_LOCK_UNLOCKED(sco_sk_list.lock) 59 }; 60 61 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent); 62 static void sco_chan_del(struct sock *sk, int err); 63 64 static int sco_conn_del(struct hci_conn *conn, int err); 65 66 static void sco_sock_close(struct sock *sk); 67 static void sco_sock_kill(struct sock *sk); 68 69 /* ---- SCO timers ---- */ 70 static void sco_sock_timeout(unsigned long arg) 71 { 72 struct sock *sk = (struct sock *) arg; 73 74 BT_DBG("sock %p state %d", sk, sk->sk_state); 75 76 bh_lock_sock(sk); 77 sk->sk_err = ETIMEDOUT; 78 sk->sk_state_change(sk); 79 bh_unlock_sock(sk); 80 81 sco_sock_kill(sk); 82 sock_put(sk); 83 } 84 85 static void sco_sock_set_timer(struct sock *sk, long timeout) 86 { 87 BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout); 88 sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout); 89 } 90 91 static void sco_sock_clear_timer(struct sock *sk) 92 { 93 BT_DBG("sock %p state %d", sk, sk->sk_state); 94 sk_stop_timer(sk, &sk->sk_timer); 95 } 96 97 /* ---- SCO connections ---- */ 98 static struct sco_conn *sco_conn_add(struct hci_conn *hcon, __u8 status) 99 { 100 struct hci_dev *hdev = hcon->hdev; 101 struct sco_conn *conn = hcon->sco_data; 102 103 if (conn || status) 104 return conn; 105 106 conn = kzalloc(sizeof(struct sco_conn), GFP_ATOMIC); 107 if (!conn) 108 return NULL; 109 110 spin_lock_init(&conn->lock); 111 112 hcon->sco_data = conn; 113 conn->hcon = hcon; 114 115 conn->src = &hdev->bdaddr; 116 conn->dst = &hcon->dst; 117 118 if (hdev->sco_mtu > 0) 119 conn->mtu = hdev->sco_mtu; 120 else 121 conn->mtu = 60; 122 123 BT_DBG("hcon %p conn %p", hcon, conn); 124 125 return conn; 126 } 127 128 static inline struct sock *sco_chan_get(struct sco_conn *conn) 129 { 130 struct sock *sk = NULL; 131 sco_conn_lock(conn); 132 sk = conn->sk; 133 sco_conn_unlock(conn); 134 return sk; 135 } 136 137 static int sco_conn_del(struct hci_conn *hcon, int err) 138 { 139 struct sco_conn *conn = hcon->sco_data; 140 struct sock *sk; 141 142 if (!conn) 143 return 0; 144 145 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err); 146 147 /* Kill socket */ 148 sk = sco_chan_get(conn); 149 if (sk) { 150 bh_lock_sock(sk); 151 sco_sock_clear_timer(sk); 152 sco_chan_del(sk, err); 153 bh_unlock_sock(sk); 154 sco_sock_kill(sk); 155 } 156 157 hcon->sco_data = NULL; 158 kfree(conn); 159 return 0; 160 } 161 162 static inline int sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent) 163 { 164 int err = 0; 165 166 sco_conn_lock(conn); 167 if (conn->sk) 168 err = -EBUSY; 169 else 170 __sco_chan_add(conn, sk, parent); 171 172 sco_conn_unlock(conn); 173 return err; 174 } 175 176 static int sco_connect(struct sock *sk) 177 { 178 bdaddr_t *src = &bt_sk(sk)->src; 179 bdaddr_t *dst = &bt_sk(sk)->dst; 180 struct sco_conn *conn; 181 struct hci_conn *hcon; 182 struct hci_dev *hdev; 183 int err, type; 184 185 BT_DBG("%s -> %s", batostr(src), batostr(dst)); 186 187 hdev = hci_get_route(dst, src); 188 if (!hdev) 189 return -EHOSTUNREACH; 190 191 hci_dev_lock_bh(hdev); 192 193 if (lmp_esco_capable(hdev) && !disable_esco) 194 type = ESCO_LINK; 195 else 196 type = SCO_LINK; 197 198 hcon = hci_connect(hdev, type, dst, BT_SECURITY_LOW, HCI_AT_NO_BONDING); 199 if (IS_ERR(hcon)) { 200 err = PTR_ERR(hcon); 201 goto done; 202 } 203 204 conn = sco_conn_add(hcon, 0); 205 if (!conn) { 206 hci_conn_put(hcon); 207 err = -ENOMEM; 208 goto done; 209 } 210 211 /* Update source addr of the socket */ 212 bacpy(src, conn->src); 213 214 err = sco_chan_add(conn, sk, NULL); 215 if (err) 216 goto done; 217 218 if (hcon->state == BT_CONNECTED) { 219 sco_sock_clear_timer(sk); 220 sk->sk_state = BT_CONNECTED; 221 } else { 222 sk->sk_state = BT_CONNECT; 223 sco_sock_set_timer(sk, sk->sk_sndtimeo); 224 } 225 226 done: 227 hci_dev_unlock_bh(hdev); 228 hci_dev_put(hdev); 229 return err; 230 } 231 232 static inline int sco_send_frame(struct sock *sk, struct msghdr *msg, int len) 233 { 234 struct sco_conn *conn = sco_pi(sk)->conn; 235 struct sk_buff *skb; 236 int err, count; 237 238 /* Check outgoing MTU */ 239 if (len > conn->mtu) 240 return -EINVAL; 241 242 BT_DBG("sk %p len %d", sk, len); 243 244 count = min_t(unsigned int, conn->mtu, len); 245 skb = bt_skb_send_alloc(sk, count, 246 msg->msg_flags & MSG_DONTWAIT, &err); 247 if (!skb) 248 return err; 249 250 if (memcpy_fromiovec(skb_put(skb, count), msg->msg_iov, count)) { 251 kfree_skb(skb); 252 return -EFAULT; 253 } 254 255 hci_send_sco(conn->hcon, skb); 256 257 return count; 258 } 259 260 static inline void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb) 261 { 262 struct sock *sk = sco_chan_get(conn); 263 264 if (!sk) 265 goto drop; 266 267 BT_DBG("sk %p len %d", sk, skb->len); 268 269 if (sk->sk_state != BT_CONNECTED) 270 goto drop; 271 272 if (!sock_queue_rcv_skb(sk, skb)) 273 return; 274 275 drop: 276 kfree_skb(skb); 277 } 278 279 /* -------- Socket interface ---------- */ 280 static struct sock *__sco_get_sock_by_addr(bdaddr_t *ba) 281 { 282 struct sock *sk; 283 struct hlist_node *node; 284 285 sk_for_each(sk, node, &sco_sk_list.head) 286 if (!bacmp(&bt_sk(sk)->src, ba)) 287 goto found; 288 sk = NULL; 289 found: 290 return sk; 291 } 292 293 /* Find socket listening on source bdaddr. 294 * Returns closest match. 295 */ 296 static struct sock *sco_get_sock_listen(bdaddr_t *src) 297 { 298 struct sock *sk = NULL, *sk1 = NULL; 299 struct hlist_node *node; 300 301 read_lock(&sco_sk_list.lock); 302 303 sk_for_each(sk, node, &sco_sk_list.head) { 304 if (sk->sk_state != BT_LISTEN) 305 continue; 306 307 /* Exact match. */ 308 if (!bacmp(&bt_sk(sk)->src, src)) 309 break; 310 311 /* Closest match */ 312 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY)) 313 sk1 = sk; 314 } 315 316 read_unlock(&sco_sk_list.lock); 317 318 return node ? sk : sk1; 319 } 320 321 static void sco_sock_destruct(struct sock *sk) 322 { 323 BT_DBG("sk %p", sk); 324 325 skb_queue_purge(&sk->sk_receive_queue); 326 skb_queue_purge(&sk->sk_write_queue); 327 } 328 329 static void sco_sock_cleanup_listen(struct sock *parent) 330 { 331 struct sock *sk; 332 333 BT_DBG("parent %p", parent); 334 335 /* Close not yet accepted channels */ 336 while ((sk = bt_accept_dequeue(parent, NULL))) { 337 sco_sock_close(sk); 338 sco_sock_kill(sk); 339 } 340 341 parent->sk_state = BT_CLOSED; 342 sock_set_flag(parent, SOCK_ZAPPED); 343 } 344 345 /* Kill socket (only if zapped and orphan) 346 * Must be called on unlocked socket. 347 */ 348 static void sco_sock_kill(struct sock *sk) 349 { 350 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket) 351 return; 352 353 BT_DBG("sk %p state %d", sk, sk->sk_state); 354 355 /* Kill poor orphan */ 356 bt_sock_unlink(&sco_sk_list, sk); 357 sock_set_flag(sk, SOCK_DEAD); 358 sock_put(sk); 359 } 360 361 static void __sco_sock_close(struct sock *sk) 362 { 363 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket); 364 365 switch (sk->sk_state) { 366 case BT_LISTEN: 367 sco_sock_cleanup_listen(sk); 368 break; 369 370 case BT_CONNECTED: 371 case BT_CONFIG: 372 if (sco_pi(sk)->conn) { 373 sk->sk_state = BT_DISCONN; 374 sco_sock_set_timer(sk, SCO_DISCONN_TIMEOUT); 375 hci_conn_put(sco_pi(sk)->conn->hcon); 376 sco_pi(sk)->conn = NULL; 377 } else 378 sco_chan_del(sk, ECONNRESET); 379 break; 380 381 case BT_CONNECT: 382 case BT_DISCONN: 383 sco_chan_del(sk, ECONNRESET); 384 break; 385 386 default: 387 sock_set_flag(sk, SOCK_ZAPPED); 388 break; 389 } 390 } 391 392 /* Must be called on unlocked socket. */ 393 static void sco_sock_close(struct sock *sk) 394 { 395 sco_sock_clear_timer(sk); 396 lock_sock(sk); 397 __sco_sock_close(sk); 398 release_sock(sk); 399 sco_sock_kill(sk); 400 } 401 402 static void sco_sock_init(struct sock *sk, struct sock *parent) 403 { 404 BT_DBG("sk %p", sk); 405 406 if (parent) 407 sk->sk_type = parent->sk_type; 408 } 409 410 static struct proto sco_proto = { 411 .name = "SCO", 412 .owner = THIS_MODULE, 413 .obj_size = sizeof(struct sco_pinfo) 414 }; 415 416 static struct sock *sco_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio) 417 { 418 struct sock *sk; 419 420 sk = sk_alloc(net, PF_BLUETOOTH, prio, &sco_proto); 421 if (!sk) 422 return NULL; 423 424 sock_init_data(sock, sk); 425 INIT_LIST_HEAD(&bt_sk(sk)->accept_q); 426 427 sk->sk_destruct = sco_sock_destruct; 428 sk->sk_sndtimeo = SCO_CONN_TIMEOUT; 429 430 sock_reset_flag(sk, SOCK_ZAPPED); 431 432 sk->sk_protocol = proto; 433 sk->sk_state = BT_OPEN; 434 435 setup_timer(&sk->sk_timer, sco_sock_timeout, (unsigned long)sk); 436 437 bt_sock_link(&sco_sk_list, sk); 438 return sk; 439 } 440 441 static int sco_sock_create(struct net *net, struct socket *sock, int protocol, 442 int kern) 443 { 444 struct sock *sk; 445 446 BT_DBG("sock %p", sock); 447 448 sock->state = SS_UNCONNECTED; 449 450 if (sock->type != SOCK_SEQPACKET) 451 return -ESOCKTNOSUPPORT; 452 453 sock->ops = &sco_sock_ops; 454 455 sk = sco_sock_alloc(net, sock, protocol, GFP_ATOMIC); 456 if (!sk) 457 return -ENOMEM; 458 459 sco_sock_init(sk, NULL); 460 return 0; 461 } 462 463 static int sco_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len) 464 { 465 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 466 struct sock *sk = sock->sk; 467 bdaddr_t *src = &sa->sco_bdaddr; 468 int err = 0; 469 470 BT_DBG("sk %p %s", sk, batostr(&sa->sco_bdaddr)); 471 472 if (!addr || addr->sa_family != AF_BLUETOOTH) 473 return -EINVAL; 474 475 lock_sock(sk); 476 477 if (sk->sk_state != BT_OPEN) { 478 err = -EBADFD; 479 goto done; 480 } 481 482 write_lock_bh(&sco_sk_list.lock); 483 484 if (bacmp(src, BDADDR_ANY) && __sco_get_sock_by_addr(src)) { 485 err = -EADDRINUSE; 486 } else { 487 /* Save source address */ 488 bacpy(&bt_sk(sk)->src, &sa->sco_bdaddr); 489 sk->sk_state = BT_BOUND; 490 } 491 492 write_unlock_bh(&sco_sk_list.lock); 493 494 done: 495 release_sock(sk); 496 return err; 497 } 498 499 static int sco_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags) 500 { 501 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 502 struct sock *sk = sock->sk; 503 int err = 0; 504 505 506 BT_DBG("sk %p", sk); 507 508 if (alen < sizeof(struct sockaddr_sco) || 509 addr->sa_family != AF_BLUETOOTH) 510 return -EINVAL; 511 512 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) 513 return -EBADFD; 514 515 if (sk->sk_type != SOCK_SEQPACKET) 516 return -EINVAL; 517 518 lock_sock(sk); 519 520 /* Set destination address and psm */ 521 bacpy(&bt_sk(sk)->dst, &sa->sco_bdaddr); 522 523 err = sco_connect(sk); 524 if (err) 525 goto done; 526 527 err = bt_sock_wait_state(sk, BT_CONNECTED, 528 sock_sndtimeo(sk, flags & O_NONBLOCK)); 529 530 done: 531 release_sock(sk); 532 return err; 533 } 534 535 static int sco_sock_listen(struct socket *sock, int backlog) 536 { 537 struct sock *sk = sock->sk; 538 int err = 0; 539 540 BT_DBG("sk %p backlog %d", sk, backlog); 541 542 lock_sock(sk); 543 544 if (sk->sk_state != BT_BOUND || sock->type != SOCK_SEQPACKET) { 545 err = -EBADFD; 546 goto done; 547 } 548 549 sk->sk_max_ack_backlog = backlog; 550 sk->sk_ack_backlog = 0; 551 sk->sk_state = BT_LISTEN; 552 553 done: 554 release_sock(sk); 555 return err; 556 } 557 558 static int sco_sock_accept(struct socket *sock, struct socket *newsock, int flags) 559 { 560 DECLARE_WAITQUEUE(wait, current); 561 struct sock *sk = sock->sk, *ch; 562 long timeo; 563 int err = 0; 564 565 lock_sock(sk); 566 567 if (sk->sk_state != BT_LISTEN) { 568 err = -EBADFD; 569 goto done; 570 } 571 572 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK); 573 574 BT_DBG("sk %p timeo %ld", sk, timeo); 575 576 /* Wait for an incoming connection. (wake-one). */ 577 add_wait_queue_exclusive(sk_sleep(sk), &wait); 578 while (!(ch = bt_accept_dequeue(sk, newsock))) { 579 set_current_state(TASK_INTERRUPTIBLE); 580 if (!timeo) { 581 err = -EAGAIN; 582 break; 583 } 584 585 release_sock(sk); 586 timeo = schedule_timeout(timeo); 587 lock_sock(sk); 588 589 if (sk->sk_state != BT_LISTEN) { 590 err = -EBADFD; 591 break; 592 } 593 594 if (signal_pending(current)) { 595 err = sock_intr_errno(timeo); 596 break; 597 } 598 } 599 set_current_state(TASK_RUNNING); 600 remove_wait_queue(sk_sleep(sk), &wait); 601 602 if (err) 603 goto done; 604 605 newsock->state = SS_CONNECTED; 606 607 BT_DBG("new socket %p", ch); 608 609 done: 610 release_sock(sk); 611 return err; 612 } 613 614 static int sco_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer) 615 { 616 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 617 struct sock *sk = sock->sk; 618 619 BT_DBG("sock %p, sk %p", sock, sk); 620 621 addr->sa_family = AF_BLUETOOTH; 622 *len = sizeof(struct sockaddr_sco); 623 624 if (peer) 625 bacpy(&sa->sco_bdaddr, &bt_sk(sk)->dst); 626 else 627 bacpy(&sa->sco_bdaddr, &bt_sk(sk)->src); 628 629 return 0; 630 } 631 632 static int sco_sock_sendmsg(struct kiocb *iocb, struct socket *sock, 633 struct msghdr *msg, size_t len) 634 { 635 struct sock *sk = sock->sk; 636 int err; 637 638 BT_DBG("sock %p, sk %p", sock, sk); 639 640 err = sock_error(sk); 641 if (err) 642 return err; 643 644 if (msg->msg_flags & MSG_OOB) 645 return -EOPNOTSUPP; 646 647 lock_sock(sk); 648 649 if (sk->sk_state == BT_CONNECTED) 650 err = sco_send_frame(sk, msg, len); 651 else 652 err = -ENOTCONN; 653 654 release_sock(sk); 655 return err; 656 } 657 658 static int sco_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen) 659 { 660 struct sock *sk = sock->sk; 661 int err = 0; 662 663 BT_DBG("sk %p", sk); 664 665 lock_sock(sk); 666 667 switch (optname) { 668 default: 669 err = -ENOPROTOOPT; 670 break; 671 } 672 673 release_sock(sk); 674 return err; 675 } 676 677 static int sco_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen) 678 { 679 struct sock *sk = sock->sk; 680 struct sco_options opts; 681 struct sco_conninfo cinfo; 682 int len, err = 0; 683 684 BT_DBG("sk %p", sk); 685 686 if (get_user(len, optlen)) 687 return -EFAULT; 688 689 lock_sock(sk); 690 691 switch (optname) { 692 case SCO_OPTIONS: 693 if (sk->sk_state != BT_CONNECTED) { 694 err = -ENOTCONN; 695 break; 696 } 697 698 opts.mtu = sco_pi(sk)->conn->mtu; 699 700 BT_DBG("mtu %d", opts.mtu); 701 702 len = min_t(unsigned int, len, sizeof(opts)); 703 if (copy_to_user(optval, (char *)&opts, len)) 704 err = -EFAULT; 705 706 break; 707 708 case SCO_CONNINFO: 709 if (sk->sk_state != BT_CONNECTED) { 710 err = -ENOTCONN; 711 break; 712 } 713 714 memset(&cinfo, 0, sizeof(cinfo)); 715 cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle; 716 memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3); 717 718 len = min_t(unsigned int, len, sizeof(cinfo)); 719 if (copy_to_user(optval, (char *)&cinfo, len)) 720 err = -EFAULT; 721 722 break; 723 724 default: 725 err = -ENOPROTOOPT; 726 break; 727 } 728 729 release_sock(sk); 730 return err; 731 } 732 733 static int sco_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen) 734 { 735 struct sock *sk = sock->sk; 736 int len, err = 0; 737 738 BT_DBG("sk %p", sk); 739 740 if (level == SOL_SCO) 741 return sco_sock_getsockopt_old(sock, optname, optval, optlen); 742 743 if (get_user(len, optlen)) 744 return -EFAULT; 745 746 lock_sock(sk); 747 748 switch (optname) { 749 default: 750 err = -ENOPROTOOPT; 751 break; 752 } 753 754 release_sock(sk); 755 return err; 756 } 757 758 static int sco_sock_shutdown(struct socket *sock, int how) 759 { 760 struct sock *sk = sock->sk; 761 int err = 0; 762 763 BT_DBG("sock %p, sk %p", sock, sk); 764 765 if (!sk) 766 return 0; 767 768 lock_sock(sk); 769 if (!sk->sk_shutdown) { 770 sk->sk_shutdown = SHUTDOWN_MASK; 771 sco_sock_clear_timer(sk); 772 __sco_sock_close(sk); 773 774 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) 775 err = bt_sock_wait_state(sk, BT_CLOSED, 776 sk->sk_lingertime); 777 } 778 release_sock(sk); 779 return err; 780 } 781 782 static int sco_sock_release(struct socket *sock) 783 { 784 struct sock *sk = sock->sk; 785 int err = 0; 786 787 BT_DBG("sock %p, sk %p", sock, sk); 788 789 if (!sk) 790 return 0; 791 792 sco_sock_close(sk); 793 794 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) { 795 lock_sock(sk); 796 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime); 797 release_sock(sk); 798 } 799 800 sock_orphan(sk); 801 sco_sock_kill(sk); 802 return err; 803 } 804 805 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent) 806 { 807 BT_DBG("conn %p", conn); 808 809 sco_pi(sk)->conn = conn; 810 conn->sk = sk; 811 812 if (parent) 813 bt_accept_enqueue(parent, sk); 814 } 815 816 /* Delete channel. 817 * Must be called on the locked socket. */ 818 static void sco_chan_del(struct sock *sk, int err) 819 { 820 struct sco_conn *conn; 821 822 conn = sco_pi(sk)->conn; 823 824 BT_DBG("sk %p, conn %p, err %d", sk, conn, err); 825 826 if (conn) { 827 sco_conn_lock(conn); 828 conn->sk = NULL; 829 sco_pi(sk)->conn = NULL; 830 sco_conn_unlock(conn); 831 hci_conn_put(conn->hcon); 832 } 833 834 sk->sk_state = BT_CLOSED; 835 sk->sk_err = err; 836 sk->sk_state_change(sk); 837 838 sock_set_flag(sk, SOCK_ZAPPED); 839 } 840 841 static void sco_conn_ready(struct sco_conn *conn) 842 { 843 struct sock *parent; 844 struct sock *sk = conn->sk; 845 846 BT_DBG("conn %p", conn); 847 848 sco_conn_lock(conn); 849 850 if (sk) { 851 sco_sock_clear_timer(sk); 852 bh_lock_sock(sk); 853 sk->sk_state = BT_CONNECTED; 854 sk->sk_state_change(sk); 855 bh_unlock_sock(sk); 856 } else { 857 parent = sco_get_sock_listen(conn->src); 858 if (!parent) 859 goto done; 860 861 bh_lock_sock(parent); 862 863 sk = sco_sock_alloc(sock_net(parent), NULL, 864 BTPROTO_SCO, GFP_ATOMIC); 865 if (!sk) { 866 bh_unlock_sock(parent); 867 goto done; 868 } 869 870 sco_sock_init(sk, parent); 871 872 bacpy(&bt_sk(sk)->src, conn->src); 873 bacpy(&bt_sk(sk)->dst, conn->dst); 874 875 hci_conn_hold(conn->hcon); 876 __sco_chan_add(conn, sk, parent); 877 878 sk->sk_state = BT_CONNECTED; 879 880 /* Wake up parent */ 881 parent->sk_data_ready(parent, 1); 882 883 bh_unlock_sock(parent); 884 } 885 886 done: 887 sco_conn_unlock(conn); 888 } 889 890 /* ----- SCO interface with lower layer (HCI) ----- */ 891 static int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 type) 892 { 893 register struct sock *sk; 894 struct hlist_node *node; 895 int lm = 0; 896 897 if (type != SCO_LINK && type != ESCO_LINK) 898 return -EINVAL; 899 900 BT_DBG("hdev %s, bdaddr %s", hdev->name, batostr(bdaddr)); 901 902 /* Find listening sockets */ 903 read_lock(&sco_sk_list.lock); 904 sk_for_each(sk, node, &sco_sk_list.head) { 905 if (sk->sk_state != BT_LISTEN) 906 continue; 907 908 if (!bacmp(&bt_sk(sk)->src, &hdev->bdaddr) || 909 !bacmp(&bt_sk(sk)->src, BDADDR_ANY)) { 910 lm |= HCI_LM_ACCEPT; 911 break; 912 } 913 } 914 read_unlock(&sco_sk_list.lock); 915 916 return lm; 917 } 918 919 static int sco_connect_cfm(struct hci_conn *hcon, __u8 status) 920 { 921 BT_DBG("hcon %p bdaddr %s status %d", hcon, batostr(&hcon->dst), status); 922 923 if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK) 924 return -EINVAL; 925 926 if (!status) { 927 struct sco_conn *conn; 928 929 conn = sco_conn_add(hcon, status); 930 if (conn) 931 sco_conn_ready(conn); 932 } else 933 sco_conn_del(hcon, bt_err(status)); 934 935 return 0; 936 } 937 938 static int sco_disconn_cfm(struct hci_conn *hcon, __u8 reason) 939 { 940 BT_DBG("hcon %p reason %d", hcon, reason); 941 942 if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK) 943 return -EINVAL; 944 945 sco_conn_del(hcon, bt_err(reason)); 946 947 return 0; 948 } 949 950 static int sco_recv_scodata(struct hci_conn *hcon, struct sk_buff *skb) 951 { 952 struct sco_conn *conn = hcon->sco_data; 953 954 if (!conn) 955 goto drop; 956 957 BT_DBG("conn %p len %d", conn, skb->len); 958 959 if (skb->len) { 960 sco_recv_frame(conn, skb); 961 return 0; 962 } 963 964 drop: 965 kfree_skb(skb); 966 return 0; 967 } 968 969 static int sco_debugfs_show(struct seq_file *f, void *p) 970 { 971 struct sock *sk; 972 struct hlist_node *node; 973 974 read_lock_bh(&sco_sk_list.lock); 975 976 sk_for_each(sk, node, &sco_sk_list.head) { 977 seq_printf(f, "%s %s %d\n", batostr(&bt_sk(sk)->src), 978 batostr(&bt_sk(sk)->dst), sk->sk_state); 979 } 980 981 read_unlock_bh(&sco_sk_list.lock); 982 983 return 0; 984 } 985 986 static int sco_debugfs_open(struct inode *inode, struct file *file) 987 { 988 return single_open(file, sco_debugfs_show, inode->i_private); 989 } 990 991 static const struct file_operations sco_debugfs_fops = { 992 .open = sco_debugfs_open, 993 .read = seq_read, 994 .llseek = seq_lseek, 995 .release = single_release, 996 }; 997 998 static struct dentry *sco_debugfs; 999 1000 static const struct proto_ops sco_sock_ops = { 1001 .family = PF_BLUETOOTH, 1002 .owner = THIS_MODULE, 1003 .release = sco_sock_release, 1004 .bind = sco_sock_bind, 1005 .connect = sco_sock_connect, 1006 .listen = sco_sock_listen, 1007 .accept = sco_sock_accept, 1008 .getname = sco_sock_getname, 1009 .sendmsg = sco_sock_sendmsg, 1010 .recvmsg = bt_sock_recvmsg, 1011 .poll = bt_sock_poll, 1012 .ioctl = bt_sock_ioctl, 1013 .mmap = sock_no_mmap, 1014 .socketpair = sock_no_socketpair, 1015 .shutdown = sco_sock_shutdown, 1016 .setsockopt = sco_sock_setsockopt, 1017 .getsockopt = sco_sock_getsockopt 1018 }; 1019 1020 static const struct net_proto_family sco_sock_family_ops = { 1021 .family = PF_BLUETOOTH, 1022 .owner = THIS_MODULE, 1023 .create = sco_sock_create, 1024 }; 1025 1026 static struct hci_proto sco_hci_proto = { 1027 .name = "SCO", 1028 .id = HCI_PROTO_SCO, 1029 .connect_ind = sco_connect_ind, 1030 .connect_cfm = sco_connect_cfm, 1031 .disconn_cfm = sco_disconn_cfm, 1032 .recv_scodata = sco_recv_scodata 1033 }; 1034 1035 int __init sco_init(void) 1036 { 1037 int err; 1038 1039 err = proto_register(&sco_proto, 0); 1040 if (err < 0) 1041 return err; 1042 1043 err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops); 1044 if (err < 0) { 1045 BT_ERR("SCO socket registration failed"); 1046 goto error; 1047 } 1048 1049 err = hci_register_proto(&sco_hci_proto); 1050 if (err < 0) { 1051 BT_ERR("SCO protocol registration failed"); 1052 bt_sock_unregister(BTPROTO_SCO); 1053 goto error; 1054 } 1055 1056 if (bt_debugfs) { 1057 sco_debugfs = debugfs_create_file("sco", 0444, 1058 bt_debugfs, NULL, &sco_debugfs_fops); 1059 if (!sco_debugfs) 1060 BT_ERR("Failed to create SCO debug file"); 1061 } 1062 1063 BT_INFO("SCO socket layer initialized"); 1064 1065 return 0; 1066 1067 error: 1068 proto_unregister(&sco_proto); 1069 return err; 1070 } 1071 1072 void __exit sco_exit(void) 1073 { 1074 debugfs_remove(sco_debugfs); 1075 1076 if (bt_sock_unregister(BTPROTO_SCO) < 0) 1077 BT_ERR("SCO socket unregistration failed"); 1078 1079 if (hci_unregister_proto(&sco_hci_proto) < 0) 1080 BT_ERR("SCO protocol unregistration failed"); 1081 1082 proto_unregister(&sco_proto); 1083 } 1084 1085 module_param(disable_esco, bool, 0644); 1086 MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation"); 1087