1 /* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (C) 2000-2001 Qualcomm Incorporated 4 5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 6 7 This program is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License version 2 as 9 published by the Free Software Foundation; 10 11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 22 SOFTWARE IS DISCLAIMED. 23 */ 24 25 /* Bluetooth SCO sockets. */ 26 27 #include <linux/module.h> 28 #include <linux/debugfs.h> 29 #include <linux/seq_file.h> 30 31 #include <net/bluetooth/bluetooth.h> 32 #include <net/bluetooth/hci_core.h> 33 #include <net/bluetooth/sco.h> 34 35 static bool disable_esco; 36 37 static const struct proto_ops sco_sock_ops; 38 39 static struct bt_sock_list sco_sk_list = { 40 .lock = __RW_LOCK_UNLOCKED(sco_sk_list.lock) 41 }; 42 43 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent); 44 static void sco_chan_del(struct sock *sk, int err); 45 46 static void sco_sock_close(struct sock *sk); 47 static void sco_sock_kill(struct sock *sk); 48 49 /* ---- SCO timers ---- */ 50 static void sco_sock_timeout(unsigned long arg) 51 { 52 struct sock *sk = (struct sock *) arg; 53 54 BT_DBG("sock %p state %d", sk, sk->sk_state); 55 56 bh_lock_sock(sk); 57 sk->sk_err = ETIMEDOUT; 58 sk->sk_state_change(sk); 59 bh_unlock_sock(sk); 60 61 sco_sock_kill(sk); 62 sock_put(sk); 63 } 64 65 static void sco_sock_set_timer(struct sock *sk, long timeout) 66 { 67 BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout); 68 sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout); 69 } 70 71 static void sco_sock_clear_timer(struct sock *sk) 72 { 73 BT_DBG("sock %p state %d", sk, sk->sk_state); 74 sk_stop_timer(sk, &sk->sk_timer); 75 } 76 77 /* ---- SCO connections ---- */ 78 static struct sco_conn *sco_conn_add(struct hci_conn *hcon) 79 { 80 struct hci_dev *hdev = hcon->hdev; 81 struct sco_conn *conn = hcon->sco_data; 82 83 if (conn) 84 return conn; 85 86 conn = kzalloc(sizeof(struct sco_conn), GFP_ATOMIC); 87 if (!conn) 88 return NULL; 89 90 spin_lock_init(&conn->lock); 91 92 hcon->sco_data = conn; 93 conn->hcon = hcon; 94 95 conn->src = &hdev->bdaddr; 96 conn->dst = &hcon->dst; 97 98 if (hdev->sco_mtu > 0) 99 conn->mtu = hdev->sco_mtu; 100 else 101 conn->mtu = 60; 102 103 BT_DBG("hcon %p conn %p", hcon, conn); 104 105 return conn; 106 } 107 108 static struct sock *sco_chan_get(struct sco_conn *conn) 109 { 110 struct sock *sk = NULL; 111 sco_conn_lock(conn); 112 sk = conn->sk; 113 sco_conn_unlock(conn); 114 return sk; 115 } 116 117 static int sco_conn_del(struct hci_conn *hcon, int err) 118 { 119 struct sco_conn *conn = hcon->sco_data; 120 struct sock *sk; 121 122 if (!conn) 123 return 0; 124 125 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err); 126 127 /* Kill socket */ 128 sk = sco_chan_get(conn); 129 if (sk) { 130 bh_lock_sock(sk); 131 sco_sock_clear_timer(sk); 132 sco_chan_del(sk, err); 133 bh_unlock_sock(sk); 134 sco_sock_kill(sk); 135 } 136 137 hcon->sco_data = NULL; 138 kfree(conn); 139 return 0; 140 } 141 142 static int sco_chan_add(struct sco_conn *conn, struct sock *sk, 143 struct sock *parent) 144 { 145 int err = 0; 146 147 sco_conn_lock(conn); 148 if (conn->sk) 149 err = -EBUSY; 150 else 151 __sco_chan_add(conn, sk, parent); 152 153 sco_conn_unlock(conn); 154 return err; 155 } 156 157 static int sco_connect(struct sock *sk) 158 { 159 bdaddr_t *src = &bt_sk(sk)->src; 160 bdaddr_t *dst = &bt_sk(sk)->dst; 161 struct sco_conn *conn; 162 struct hci_conn *hcon; 163 struct hci_dev *hdev; 164 int err, type; 165 166 BT_DBG("%pMR -> %pMR", src, dst); 167 168 hdev = hci_get_route(dst, src); 169 if (!hdev) 170 return -EHOSTUNREACH; 171 172 hci_dev_lock(hdev); 173 174 if (lmp_esco_capable(hdev) && !disable_esco) 175 type = ESCO_LINK; 176 else 177 type = SCO_LINK; 178 179 hcon = hci_connect(hdev, type, dst, BDADDR_BREDR, BT_SECURITY_LOW, 180 HCI_AT_NO_BONDING); 181 if (IS_ERR(hcon)) { 182 err = PTR_ERR(hcon); 183 goto done; 184 } 185 186 conn = sco_conn_add(hcon); 187 if (!conn) { 188 hci_conn_put(hcon); 189 err = -ENOMEM; 190 goto done; 191 } 192 193 /* Update source addr of the socket */ 194 bacpy(src, conn->src); 195 196 err = sco_chan_add(conn, sk, NULL); 197 if (err) 198 goto done; 199 200 if (hcon->state == BT_CONNECTED) { 201 sco_sock_clear_timer(sk); 202 sk->sk_state = BT_CONNECTED; 203 } else { 204 sk->sk_state = BT_CONNECT; 205 sco_sock_set_timer(sk, sk->sk_sndtimeo); 206 } 207 208 done: 209 hci_dev_unlock(hdev); 210 hci_dev_put(hdev); 211 return err; 212 } 213 214 static int sco_send_frame(struct sock *sk, struct msghdr *msg, int len) 215 { 216 struct sco_conn *conn = sco_pi(sk)->conn; 217 struct sk_buff *skb; 218 int err; 219 220 /* Check outgoing MTU */ 221 if (len > conn->mtu) 222 return -EINVAL; 223 224 BT_DBG("sk %p len %d", sk, len); 225 226 skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err); 227 if (!skb) 228 return err; 229 230 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) { 231 kfree_skb(skb); 232 return -EFAULT; 233 } 234 235 hci_send_sco(conn->hcon, skb); 236 237 return len; 238 } 239 240 static void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb) 241 { 242 struct sock *sk = sco_chan_get(conn); 243 244 if (!sk) 245 goto drop; 246 247 BT_DBG("sk %p len %d", sk, skb->len); 248 249 if (sk->sk_state != BT_CONNECTED) 250 goto drop; 251 252 if (!sock_queue_rcv_skb(sk, skb)) 253 return; 254 255 drop: 256 kfree_skb(skb); 257 } 258 259 /* -------- Socket interface ---------- */ 260 static struct sock *__sco_get_sock_listen_by_addr(bdaddr_t *ba) 261 { 262 struct sock *sk; 263 264 sk_for_each(sk, &sco_sk_list.head) { 265 if (sk->sk_state != BT_LISTEN) 266 continue; 267 268 if (!bacmp(&bt_sk(sk)->src, ba)) 269 return sk; 270 } 271 272 return NULL; 273 } 274 275 /* Find socket listening on source bdaddr. 276 * Returns closest match. 277 */ 278 static struct sock *sco_get_sock_listen(bdaddr_t *src) 279 { 280 struct sock *sk = NULL, *sk1 = NULL; 281 282 read_lock(&sco_sk_list.lock); 283 284 sk_for_each(sk, &sco_sk_list.head) { 285 if (sk->sk_state != BT_LISTEN) 286 continue; 287 288 /* Exact match. */ 289 if (!bacmp(&bt_sk(sk)->src, src)) 290 break; 291 292 /* Closest match */ 293 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY)) 294 sk1 = sk; 295 } 296 297 read_unlock(&sco_sk_list.lock); 298 299 return sk ? sk : sk1; 300 } 301 302 static void sco_sock_destruct(struct sock *sk) 303 { 304 BT_DBG("sk %p", sk); 305 306 skb_queue_purge(&sk->sk_receive_queue); 307 skb_queue_purge(&sk->sk_write_queue); 308 } 309 310 static void sco_sock_cleanup_listen(struct sock *parent) 311 { 312 struct sock *sk; 313 314 BT_DBG("parent %p", parent); 315 316 /* Close not yet accepted channels */ 317 while ((sk = bt_accept_dequeue(parent, NULL))) { 318 sco_sock_close(sk); 319 sco_sock_kill(sk); 320 } 321 322 parent->sk_state = BT_CLOSED; 323 sock_set_flag(parent, SOCK_ZAPPED); 324 } 325 326 /* Kill socket (only if zapped and orphan) 327 * Must be called on unlocked socket. 328 */ 329 static void sco_sock_kill(struct sock *sk) 330 { 331 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket) 332 return; 333 334 BT_DBG("sk %p state %d", sk, sk->sk_state); 335 336 /* Kill poor orphan */ 337 bt_sock_unlink(&sco_sk_list, sk); 338 sock_set_flag(sk, SOCK_DEAD); 339 sock_put(sk); 340 } 341 342 static void __sco_sock_close(struct sock *sk) 343 { 344 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket); 345 346 switch (sk->sk_state) { 347 case BT_LISTEN: 348 sco_sock_cleanup_listen(sk); 349 break; 350 351 case BT_CONNECTED: 352 case BT_CONFIG: 353 if (sco_pi(sk)->conn->hcon) { 354 sk->sk_state = BT_DISCONN; 355 sco_sock_set_timer(sk, SCO_DISCONN_TIMEOUT); 356 hci_conn_put(sco_pi(sk)->conn->hcon); 357 sco_pi(sk)->conn->hcon = NULL; 358 } else 359 sco_chan_del(sk, ECONNRESET); 360 break; 361 362 case BT_CONNECT: 363 case BT_DISCONN: 364 sco_chan_del(sk, ECONNRESET); 365 break; 366 367 default: 368 sock_set_flag(sk, SOCK_ZAPPED); 369 break; 370 } 371 } 372 373 /* Must be called on unlocked socket. */ 374 static void sco_sock_close(struct sock *sk) 375 { 376 sco_sock_clear_timer(sk); 377 lock_sock(sk); 378 __sco_sock_close(sk); 379 release_sock(sk); 380 sco_sock_kill(sk); 381 } 382 383 static void sco_sock_init(struct sock *sk, struct sock *parent) 384 { 385 BT_DBG("sk %p", sk); 386 387 if (parent) { 388 sk->sk_type = parent->sk_type; 389 bt_sk(sk)->flags = bt_sk(parent)->flags; 390 security_sk_clone(parent, sk); 391 } 392 } 393 394 static struct proto sco_proto = { 395 .name = "SCO", 396 .owner = THIS_MODULE, 397 .obj_size = sizeof(struct sco_pinfo) 398 }; 399 400 static struct sock *sco_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio) 401 { 402 struct sock *sk; 403 404 sk = sk_alloc(net, PF_BLUETOOTH, prio, &sco_proto); 405 if (!sk) 406 return NULL; 407 408 sock_init_data(sock, sk); 409 INIT_LIST_HEAD(&bt_sk(sk)->accept_q); 410 411 sk->sk_destruct = sco_sock_destruct; 412 sk->sk_sndtimeo = SCO_CONN_TIMEOUT; 413 414 sock_reset_flag(sk, SOCK_ZAPPED); 415 416 sk->sk_protocol = proto; 417 sk->sk_state = BT_OPEN; 418 419 setup_timer(&sk->sk_timer, sco_sock_timeout, (unsigned long)sk); 420 421 bt_sock_link(&sco_sk_list, sk); 422 return sk; 423 } 424 425 static int sco_sock_create(struct net *net, struct socket *sock, int protocol, 426 int kern) 427 { 428 struct sock *sk; 429 430 BT_DBG("sock %p", sock); 431 432 sock->state = SS_UNCONNECTED; 433 434 if (sock->type != SOCK_SEQPACKET) 435 return -ESOCKTNOSUPPORT; 436 437 sock->ops = &sco_sock_ops; 438 439 sk = sco_sock_alloc(net, sock, protocol, GFP_ATOMIC); 440 if (!sk) 441 return -ENOMEM; 442 443 sco_sock_init(sk, NULL); 444 return 0; 445 } 446 447 static int sco_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len) 448 { 449 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 450 struct sock *sk = sock->sk; 451 int err = 0; 452 453 BT_DBG("sk %p %pMR", sk, &sa->sco_bdaddr); 454 455 if (!addr || addr->sa_family != AF_BLUETOOTH) 456 return -EINVAL; 457 458 lock_sock(sk); 459 460 if (sk->sk_state != BT_OPEN) { 461 err = -EBADFD; 462 goto done; 463 } 464 465 if (sk->sk_type != SOCK_SEQPACKET) { 466 err = -EINVAL; 467 goto done; 468 } 469 470 bacpy(&bt_sk(sk)->src, &sa->sco_bdaddr); 471 472 sk->sk_state = BT_BOUND; 473 474 done: 475 release_sock(sk); 476 return err; 477 } 478 479 static int sco_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags) 480 { 481 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 482 struct sock *sk = sock->sk; 483 int err = 0; 484 485 486 BT_DBG("sk %p", sk); 487 488 if (alen < sizeof(struct sockaddr_sco) || 489 addr->sa_family != AF_BLUETOOTH) 490 return -EINVAL; 491 492 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) 493 return -EBADFD; 494 495 if (sk->sk_type != SOCK_SEQPACKET) 496 return -EINVAL; 497 498 lock_sock(sk); 499 500 /* Set destination address and psm */ 501 bacpy(&bt_sk(sk)->dst, &sa->sco_bdaddr); 502 503 err = sco_connect(sk); 504 if (err) 505 goto done; 506 507 err = bt_sock_wait_state(sk, BT_CONNECTED, 508 sock_sndtimeo(sk, flags & O_NONBLOCK)); 509 510 done: 511 release_sock(sk); 512 return err; 513 } 514 515 static int sco_sock_listen(struct socket *sock, int backlog) 516 { 517 struct sock *sk = sock->sk; 518 bdaddr_t *src = &bt_sk(sk)->src; 519 int err = 0; 520 521 BT_DBG("sk %p backlog %d", sk, backlog); 522 523 lock_sock(sk); 524 525 if (sk->sk_state != BT_BOUND) { 526 err = -EBADFD; 527 goto done; 528 } 529 530 if (sk->sk_type != SOCK_SEQPACKET) { 531 err = -EINVAL; 532 goto done; 533 } 534 535 write_lock(&sco_sk_list.lock); 536 537 if (__sco_get_sock_listen_by_addr(src)) { 538 err = -EADDRINUSE; 539 goto unlock; 540 } 541 542 sk->sk_max_ack_backlog = backlog; 543 sk->sk_ack_backlog = 0; 544 545 sk->sk_state = BT_LISTEN; 546 547 unlock: 548 write_unlock(&sco_sk_list.lock); 549 550 done: 551 release_sock(sk); 552 return err; 553 } 554 555 static int sco_sock_accept(struct socket *sock, struct socket *newsock, int flags) 556 { 557 DECLARE_WAITQUEUE(wait, current); 558 struct sock *sk = sock->sk, *ch; 559 long timeo; 560 int err = 0; 561 562 lock_sock(sk); 563 564 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK); 565 566 BT_DBG("sk %p timeo %ld", sk, timeo); 567 568 /* Wait for an incoming connection. (wake-one). */ 569 add_wait_queue_exclusive(sk_sleep(sk), &wait); 570 while (1) { 571 set_current_state(TASK_INTERRUPTIBLE); 572 573 if (sk->sk_state != BT_LISTEN) { 574 err = -EBADFD; 575 break; 576 } 577 578 ch = bt_accept_dequeue(sk, newsock); 579 if (ch) 580 break; 581 582 if (!timeo) { 583 err = -EAGAIN; 584 break; 585 } 586 587 if (signal_pending(current)) { 588 err = sock_intr_errno(timeo); 589 break; 590 } 591 592 release_sock(sk); 593 timeo = schedule_timeout(timeo); 594 lock_sock(sk); 595 } 596 __set_current_state(TASK_RUNNING); 597 remove_wait_queue(sk_sleep(sk), &wait); 598 599 if (err) 600 goto done; 601 602 newsock->state = SS_CONNECTED; 603 604 BT_DBG("new socket %p", ch); 605 606 done: 607 release_sock(sk); 608 return err; 609 } 610 611 static int sco_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer) 612 { 613 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 614 struct sock *sk = sock->sk; 615 616 BT_DBG("sock %p, sk %p", sock, sk); 617 618 addr->sa_family = AF_BLUETOOTH; 619 *len = sizeof(struct sockaddr_sco); 620 621 if (peer) 622 bacpy(&sa->sco_bdaddr, &bt_sk(sk)->dst); 623 else 624 bacpy(&sa->sco_bdaddr, &bt_sk(sk)->src); 625 626 return 0; 627 } 628 629 static int sco_sock_sendmsg(struct kiocb *iocb, struct socket *sock, 630 struct msghdr *msg, size_t len) 631 { 632 struct sock *sk = sock->sk; 633 int err; 634 635 BT_DBG("sock %p, sk %p", sock, sk); 636 637 err = sock_error(sk); 638 if (err) 639 return err; 640 641 if (msg->msg_flags & MSG_OOB) 642 return -EOPNOTSUPP; 643 644 lock_sock(sk); 645 646 if (sk->sk_state == BT_CONNECTED) 647 err = sco_send_frame(sk, msg, len); 648 else 649 err = -ENOTCONN; 650 651 release_sock(sk); 652 return err; 653 } 654 655 static int sco_sock_recvmsg(struct kiocb *iocb, struct socket *sock, 656 struct msghdr *msg, size_t len, int flags) 657 { 658 struct sock *sk = sock->sk; 659 struct sco_pinfo *pi = sco_pi(sk); 660 661 lock_sock(sk); 662 663 if (sk->sk_state == BT_CONNECT2 && 664 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) { 665 hci_conn_accept(pi->conn->hcon, 0); 666 sk->sk_state = BT_CONFIG; 667 668 release_sock(sk); 669 return 0; 670 } 671 672 release_sock(sk); 673 674 return bt_sock_recvmsg(iocb, sock, msg, len, flags); 675 } 676 677 static int sco_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen) 678 { 679 struct sock *sk = sock->sk; 680 int err = 0; 681 u32 opt; 682 683 BT_DBG("sk %p", sk); 684 685 lock_sock(sk); 686 687 switch (optname) { 688 689 case BT_DEFER_SETUP: 690 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) { 691 err = -EINVAL; 692 break; 693 } 694 695 if (get_user(opt, (u32 __user *) optval)) { 696 err = -EFAULT; 697 break; 698 } 699 700 if (opt) 701 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags); 702 else 703 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags); 704 break; 705 706 default: 707 err = -ENOPROTOOPT; 708 break; 709 } 710 711 release_sock(sk); 712 return err; 713 } 714 715 static int sco_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen) 716 { 717 struct sock *sk = sock->sk; 718 struct sco_options opts; 719 struct sco_conninfo cinfo; 720 int len, err = 0; 721 722 BT_DBG("sk %p", sk); 723 724 if (get_user(len, optlen)) 725 return -EFAULT; 726 727 lock_sock(sk); 728 729 switch (optname) { 730 case SCO_OPTIONS: 731 if (sk->sk_state != BT_CONNECTED) { 732 err = -ENOTCONN; 733 break; 734 } 735 736 opts.mtu = sco_pi(sk)->conn->mtu; 737 738 BT_DBG("mtu %d", opts.mtu); 739 740 len = min_t(unsigned int, len, sizeof(opts)); 741 if (copy_to_user(optval, (char *)&opts, len)) 742 err = -EFAULT; 743 744 break; 745 746 case SCO_CONNINFO: 747 if (sk->sk_state != BT_CONNECTED) { 748 err = -ENOTCONN; 749 break; 750 } 751 752 memset(&cinfo, 0, sizeof(cinfo)); 753 cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle; 754 memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3); 755 756 len = min_t(unsigned int, len, sizeof(cinfo)); 757 if (copy_to_user(optval, (char *)&cinfo, len)) 758 err = -EFAULT; 759 760 break; 761 762 default: 763 err = -ENOPROTOOPT; 764 break; 765 } 766 767 release_sock(sk); 768 return err; 769 } 770 771 static int sco_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen) 772 { 773 struct sock *sk = sock->sk; 774 int len, err = 0; 775 776 BT_DBG("sk %p", sk); 777 778 if (level == SOL_SCO) 779 return sco_sock_getsockopt_old(sock, optname, optval, optlen); 780 781 if (get_user(len, optlen)) 782 return -EFAULT; 783 784 lock_sock(sk); 785 786 switch (optname) { 787 788 case BT_DEFER_SETUP: 789 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) { 790 err = -EINVAL; 791 break; 792 } 793 794 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags), 795 (u32 __user *) optval)) 796 err = -EFAULT; 797 798 break; 799 800 default: 801 err = -ENOPROTOOPT; 802 break; 803 } 804 805 release_sock(sk); 806 return err; 807 } 808 809 static int sco_sock_shutdown(struct socket *sock, int how) 810 { 811 struct sock *sk = sock->sk; 812 int err = 0; 813 814 BT_DBG("sock %p, sk %p", sock, sk); 815 816 if (!sk) 817 return 0; 818 819 lock_sock(sk); 820 if (!sk->sk_shutdown) { 821 sk->sk_shutdown = SHUTDOWN_MASK; 822 sco_sock_clear_timer(sk); 823 __sco_sock_close(sk); 824 825 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) 826 err = bt_sock_wait_state(sk, BT_CLOSED, 827 sk->sk_lingertime); 828 } 829 release_sock(sk); 830 return err; 831 } 832 833 static int sco_sock_release(struct socket *sock) 834 { 835 struct sock *sk = sock->sk; 836 int err = 0; 837 838 BT_DBG("sock %p, sk %p", sock, sk); 839 840 if (!sk) 841 return 0; 842 843 sco_sock_close(sk); 844 845 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) { 846 lock_sock(sk); 847 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime); 848 release_sock(sk); 849 } 850 851 sock_orphan(sk); 852 sco_sock_kill(sk); 853 return err; 854 } 855 856 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent) 857 { 858 BT_DBG("conn %p", conn); 859 860 sco_pi(sk)->conn = conn; 861 conn->sk = sk; 862 863 if (parent) 864 bt_accept_enqueue(parent, sk); 865 } 866 867 /* Delete channel. 868 * Must be called on the locked socket. */ 869 static void sco_chan_del(struct sock *sk, int err) 870 { 871 struct sco_conn *conn; 872 873 conn = sco_pi(sk)->conn; 874 875 BT_DBG("sk %p, conn %p, err %d", sk, conn, err); 876 877 if (conn) { 878 sco_conn_lock(conn); 879 conn->sk = NULL; 880 sco_pi(sk)->conn = NULL; 881 sco_conn_unlock(conn); 882 883 if (conn->hcon) 884 hci_conn_put(conn->hcon); 885 } 886 887 sk->sk_state = BT_CLOSED; 888 sk->sk_err = err; 889 sk->sk_state_change(sk); 890 891 sock_set_flag(sk, SOCK_ZAPPED); 892 } 893 894 static void sco_conn_ready(struct sco_conn *conn) 895 { 896 struct sock *parent; 897 struct sock *sk = conn->sk; 898 899 BT_DBG("conn %p", conn); 900 901 if (sk) { 902 sco_sock_clear_timer(sk); 903 bh_lock_sock(sk); 904 sk->sk_state = BT_CONNECTED; 905 sk->sk_state_change(sk); 906 bh_unlock_sock(sk); 907 } else { 908 sco_conn_lock(conn); 909 910 parent = sco_get_sock_listen(conn->src); 911 if (!parent) { 912 sco_conn_unlock(conn); 913 return; 914 } 915 916 bh_lock_sock(parent); 917 918 sk = sco_sock_alloc(sock_net(parent), NULL, 919 BTPROTO_SCO, GFP_ATOMIC); 920 if (!sk) { 921 bh_unlock_sock(parent); 922 sco_conn_unlock(conn); 923 return; 924 } 925 926 sco_sock_init(sk, parent); 927 928 bacpy(&bt_sk(sk)->src, conn->src); 929 bacpy(&bt_sk(sk)->dst, conn->dst); 930 931 hci_conn_hold(conn->hcon); 932 __sco_chan_add(conn, sk, parent); 933 934 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags)) 935 sk->sk_state = BT_CONNECT2; 936 else 937 sk->sk_state = BT_CONNECTED; 938 939 /* Wake up parent */ 940 parent->sk_data_ready(parent, 1); 941 942 bh_unlock_sock(parent); 943 944 sco_conn_unlock(conn); 945 } 946 } 947 948 /* ----- SCO interface with lower layer (HCI) ----- */ 949 int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 *flags) 950 { 951 struct sock *sk; 952 int lm = 0; 953 954 BT_DBG("hdev %s, bdaddr %pMR", hdev->name, bdaddr); 955 956 /* Find listening sockets */ 957 read_lock(&sco_sk_list.lock); 958 sk_for_each(sk, &sco_sk_list.head) { 959 if (sk->sk_state != BT_LISTEN) 960 continue; 961 962 if (!bacmp(&bt_sk(sk)->src, &hdev->bdaddr) || 963 !bacmp(&bt_sk(sk)->src, BDADDR_ANY)) { 964 lm |= HCI_LM_ACCEPT; 965 966 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) 967 *flags |= HCI_PROTO_DEFER; 968 break; 969 } 970 } 971 read_unlock(&sco_sk_list.lock); 972 973 return lm; 974 } 975 976 void sco_connect_cfm(struct hci_conn *hcon, __u8 status) 977 { 978 BT_DBG("hcon %p bdaddr %pMR status %d", hcon, &hcon->dst, status); 979 if (!status) { 980 struct sco_conn *conn; 981 982 conn = sco_conn_add(hcon); 983 if (conn) 984 sco_conn_ready(conn); 985 } else 986 sco_conn_del(hcon, bt_to_errno(status)); 987 } 988 989 void sco_disconn_cfm(struct hci_conn *hcon, __u8 reason) 990 { 991 BT_DBG("hcon %p reason %d", hcon, reason); 992 993 sco_conn_del(hcon, bt_to_errno(reason)); 994 } 995 996 int sco_recv_scodata(struct hci_conn *hcon, struct sk_buff *skb) 997 { 998 struct sco_conn *conn = hcon->sco_data; 999 1000 if (!conn) 1001 goto drop; 1002 1003 BT_DBG("conn %p len %d", conn, skb->len); 1004 1005 if (skb->len) { 1006 sco_recv_frame(conn, skb); 1007 return 0; 1008 } 1009 1010 drop: 1011 kfree_skb(skb); 1012 return 0; 1013 } 1014 1015 static int sco_debugfs_show(struct seq_file *f, void *p) 1016 { 1017 struct sock *sk; 1018 1019 read_lock(&sco_sk_list.lock); 1020 1021 sk_for_each(sk, &sco_sk_list.head) { 1022 seq_printf(f, "%pMR %pMR %d\n", &bt_sk(sk)->src, 1023 &bt_sk(sk)->dst, sk->sk_state); 1024 } 1025 1026 read_unlock(&sco_sk_list.lock); 1027 1028 return 0; 1029 } 1030 1031 static int sco_debugfs_open(struct inode *inode, struct file *file) 1032 { 1033 return single_open(file, sco_debugfs_show, inode->i_private); 1034 } 1035 1036 static const struct file_operations sco_debugfs_fops = { 1037 .open = sco_debugfs_open, 1038 .read = seq_read, 1039 .llseek = seq_lseek, 1040 .release = single_release, 1041 }; 1042 1043 static struct dentry *sco_debugfs; 1044 1045 static const struct proto_ops sco_sock_ops = { 1046 .family = PF_BLUETOOTH, 1047 .owner = THIS_MODULE, 1048 .release = sco_sock_release, 1049 .bind = sco_sock_bind, 1050 .connect = sco_sock_connect, 1051 .listen = sco_sock_listen, 1052 .accept = sco_sock_accept, 1053 .getname = sco_sock_getname, 1054 .sendmsg = sco_sock_sendmsg, 1055 .recvmsg = sco_sock_recvmsg, 1056 .poll = bt_sock_poll, 1057 .ioctl = bt_sock_ioctl, 1058 .mmap = sock_no_mmap, 1059 .socketpair = sock_no_socketpair, 1060 .shutdown = sco_sock_shutdown, 1061 .setsockopt = sco_sock_setsockopt, 1062 .getsockopt = sco_sock_getsockopt 1063 }; 1064 1065 static const struct net_proto_family sco_sock_family_ops = { 1066 .family = PF_BLUETOOTH, 1067 .owner = THIS_MODULE, 1068 .create = sco_sock_create, 1069 }; 1070 1071 int __init sco_init(void) 1072 { 1073 int err; 1074 1075 err = proto_register(&sco_proto, 0); 1076 if (err < 0) 1077 return err; 1078 1079 err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops); 1080 if (err < 0) { 1081 BT_ERR("SCO socket registration failed"); 1082 goto error; 1083 } 1084 1085 err = bt_procfs_init(THIS_MODULE, &init_net, "sco", &sco_sk_list, NULL); 1086 if (err < 0) { 1087 BT_ERR("Failed to create SCO proc file"); 1088 bt_sock_unregister(BTPROTO_SCO); 1089 goto error; 1090 } 1091 1092 if (bt_debugfs) { 1093 sco_debugfs = debugfs_create_file("sco", 0444, bt_debugfs, 1094 NULL, &sco_debugfs_fops); 1095 if (!sco_debugfs) 1096 BT_ERR("Failed to create SCO debug file"); 1097 } 1098 1099 BT_INFO("SCO socket layer initialized"); 1100 1101 return 0; 1102 1103 error: 1104 proto_unregister(&sco_proto); 1105 return err; 1106 } 1107 1108 void __exit sco_exit(void) 1109 { 1110 bt_procfs_cleanup(&init_net, "sco"); 1111 1112 debugfs_remove(sco_debugfs); 1113 1114 if (bt_sock_unregister(BTPROTO_SCO) < 0) 1115 BT_ERR("SCO socket unregistration failed"); 1116 1117 proto_unregister(&sco_proto); 1118 } 1119 1120 module_param(disable_esco, bool, 0644); 1121 MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation"); 1122