1 /* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (C) 2000-2001 Qualcomm Incorporated 4 5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 6 7 This program is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License version 2 as 9 published by the Free Software Foundation; 10 11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 22 SOFTWARE IS DISCLAIMED. 23 */ 24 25 /* Bluetooth SCO sockets. */ 26 27 #include <linux/module.h> 28 29 #include <linux/types.h> 30 #include <linux/errno.h> 31 #include <linux/kernel.h> 32 #include <linux/sched.h> 33 #include <linux/slab.h> 34 #include <linux/poll.h> 35 #include <linux/fcntl.h> 36 #include <linux/init.h> 37 #include <linux/interrupt.h> 38 #include <linux/socket.h> 39 #include <linux/skbuff.h> 40 #include <linux/device.h> 41 #include <linux/debugfs.h> 42 #include <linux/seq_file.h> 43 #include <linux/list.h> 44 #include <linux/security.h> 45 #include <net/sock.h> 46 47 #include <linux/uaccess.h> 48 49 #include <net/bluetooth/bluetooth.h> 50 #include <net/bluetooth/hci_core.h> 51 #include <net/bluetooth/sco.h> 52 53 static bool disable_esco; 54 55 static const struct proto_ops sco_sock_ops; 56 57 static struct bt_sock_list sco_sk_list = { 58 .lock = __RW_LOCK_UNLOCKED(sco_sk_list.lock) 59 }; 60 61 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent); 62 static void sco_chan_del(struct sock *sk, int err); 63 64 static void sco_sock_close(struct sock *sk); 65 static void sco_sock_kill(struct sock *sk); 66 67 /* ---- SCO timers ---- */ 68 static void sco_sock_timeout(unsigned long arg) 69 { 70 struct sock *sk = (struct sock *) arg; 71 72 BT_DBG("sock %p state %d", sk, sk->sk_state); 73 74 bh_lock_sock(sk); 75 sk->sk_err = ETIMEDOUT; 76 sk->sk_state_change(sk); 77 bh_unlock_sock(sk); 78 79 sco_sock_kill(sk); 80 sock_put(sk); 81 } 82 83 static void sco_sock_set_timer(struct sock *sk, long timeout) 84 { 85 BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout); 86 sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout); 87 } 88 89 static void sco_sock_clear_timer(struct sock *sk) 90 { 91 BT_DBG("sock %p state %d", sk, sk->sk_state); 92 sk_stop_timer(sk, &sk->sk_timer); 93 } 94 95 /* ---- SCO connections ---- */ 96 static struct sco_conn *sco_conn_add(struct hci_conn *hcon) 97 { 98 struct hci_dev *hdev = hcon->hdev; 99 struct sco_conn *conn = hcon->sco_data; 100 101 if (conn) 102 return conn; 103 104 conn = kzalloc(sizeof(struct sco_conn), GFP_ATOMIC); 105 if (!conn) 106 return NULL; 107 108 spin_lock_init(&conn->lock); 109 110 hcon->sco_data = conn; 111 conn->hcon = hcon; 112 113 conn->src = &hdev->bdaddr; 114 conn->dst = &hcon->dst; 115 116 if (hdev->sco_mtu > 0) 117 conn->mtu = hdev->sco_mtu; 118 else 119 conn->mtu = 60; 120 121 BT_DBG("hcon %p conn %p", hcon, conn); 122 123 return conn; 124 } 125 126 static inline struct sock *sco_chan_get(struct sco_conn *conn) 127 { 128 struct sock *sk = NULL; 129 sco_conn_lock(conn); 130 sk = conn->sk; 131 sco_conn_unlock(conn); 132 return sk; 133 } 134 135 static int sco_conn_del(struct hci_conn *hcon, int err) 136 { 137 struct sco_conn *conn = hcon->sco_data; 138 struct sock *sk; 139 140 if (!conn) 141 return 0; 142 143 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err); 144 145 /* Kill socket */ 146 sk = sco_chan_get(conn); 147 if (sk) { 148 bh_lock_sock(sk); 149 sco_sock_clear_timer(sk); 150 sco_chan_del(sk, err); 151 bh_unlock_sock(sk); 152 sco_sock_kill(sk); 153 } 154 155 hcon->sco_data = NULL; 156 kfree(conn); 157 return 0; 158 } 159 160 static inline int sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent) 161 { 162 int err = 0; 163 164 sco_conn_lock(conn); 165 if (conn->sk) 166 err = -EBUSY; 167 else 168 __sco_chan_add(conn, sk, parent); 169 170 sco_conn_unlock(conn); 171 return err; 172 } 173 174 static int sco_connect(struct sock *sk) 175 { 176 bdaddr_t *src = &bt_sk(sk)->src; 177 bdaddr_t *dst = &bt_sk(sk)->dst; 178 struct sco_conn *conn; 179 struct hci_conn *hcon; 180 struct hci_dev *hdev; 181 int err, type; 182 183 BT_DBG("%s -> %s", batostr(src), batostr(dst)); 184 185 hdev = hci_get_route(dst, src); 186 if (!hdev) 187 return -EHOSTUNREACH; 188 189 hci_dev_lock(hdev); 190 191 if (lmp_esco_capable(hdev) && !disable_esco) 192 type = ESCO_LINK; 193 else 194 type = SCO_LINK; 195 196 hcon = hci_connect(hdev, type, dst, BDADDR_BREDR, BT_SECURITY_LOW, 197 HCI_AT_NO_BONDING); 198 if (IS_ERR(hcon)) { 199 err = PTR_ERR(hcon); 200 goto done; 201 } 202 203 conn = sco_conn_add(hcon); 204 if (!conn) { 205 hci_conn_put(hcon); 206 err = -ENOMEM; 207 goto done; 208 } 209 210 /* Update source addr of the socket */ 211 bacpy(src, conn->src); 212 213 err = sco_chan_add(conn, sk, NULL); 214 if (err) 215 goto done; 216 217 if (hcon->state == BT_CONNECTED) { 218 sco_sock_clear_timer(sk); 219 sk->sk_state = BT_CONNECTED; 220 } else { 221 sk->sk_state = BT_CONNECT; 222 sco_sock_set_timer(sk, sk->sk_sndtimeo); 223 } 224 225 done: 226 hci_dev_unlock(hdev); 227 hci_dev_put(hdev); 228 return err; 229 } 230 231 static inline int sco_send_frame(struct sock *sk, struct msghdr *msg, int len) 232 { 233 struct sco_conn *conn = sco_pi(sk)->conn; 234 struct sk_buff *skb; 235 int err; 236 237 /* Check outgoing MTU */ 238 if (len > conn->mtu) 239 return -EINVAL; 240 241 BT_DBG("sk %p len %d", sk, len); 242 243 skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err); 244 if (!skb) 245 return err; 246 247 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) { 248 kfree_skb(skb); 249 return -EFAULT; 250 } 251 252 hci_send_sco(conn->hcon, skb); 253 254 return len; 255 } 256 257 static inline void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb) 258 { 259 struct sock *sk = sco_chan_get(conn); 260 261 if (!sk) 262 goto drop; 263 264 BT_DBG("sk %p len %d", sk, skb->len); 265 266 if (sk->sk_state != BT_CONNECTED) 267 goto drop; 268 269 if (!sock_queue_rcv_skb(sk, skb)) 270 return; 271 272 drop: 273 kfree_skb(skb); 274 } 275 276 /* -------- Socket interface ---------- */ 277 static struct sock *__sco_get_sock_listen_by_addr(bdaddr_t *ba) 278 { 279 struct hlist_node *node; 280 struct sock *sk; 281 282 sk_for_each(sk, node, &sco_sk_list.head) { 283 if (sk->sk_state != BT_LISTEN) 284 continue; 285 286 if (!bacmp(&bt_sk(sk)->src, ba)) 287 return sk; 288 } 289 290 return NULL; 291 } 292 293 /* Find socket listening on source bdaddr. 294 * Returns closest match. 295 */ 296 static struct sock *sco_get_sock_listen(bdaddr_t *src) 297 { 298 struct sock *sk = NULL, *sk1 = NULL; 299 struct hlist_node *node; 300 301 read_lock(&sco_sk_list.lock); 302 303 sk_for_each(sk, node, &sco_sk_list.head) { 304 if (sk->sk_state != BT_LISTEN) 305 continue; 306 307 /* Exact match. */ 308 if (!bacmp(&bt_sk(sk)->src, src)) 309 break; 310 311 /* Closest match */ 312 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY)) 313 sk1 = sk; 314 } 315 316 read_unlock(&sco_sk_list.lock); 317 318 return node ? sk : sk1; 319 } 320 321 static void sco_sock_destruct(struct sock *sk) 322 { 323 BT_DBG("sk %p", sk); 324 325 skb_queue_purge(&sk->sk_receive_queue); 326 skb_queue_purge(&sk->sk_write_queue); 327 } 328 329 static void sco_sock_cleanup_listen(struct sock *parent) 330 { 331 struct sock *sk; 332 333 BT_DBG("parent %p", parent); 334 335 /* Close not yet accepted channels */ 336 while ((sk = bt_accept_dequeue(parent, NULL))) { 337 sco_sock_close(sk); 338 sco_sock_kill(sk); 339 } 340 341 parent->sk_state = BT_CLOSED; 342 sock_set_flag(parent, SOCK_ZAPPED); 343 } 344 345 /* Kill socket (only if zapped and orphan) 346 * Must be called on unlocked socket. 347 */ 348 static void sco_sock_kill(struct sock *sk) 349 { 350 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket) 351 return; 352 353 BT_DBG("sk %p state %d", sk, sk->sk_state); 354 355 /* Kill poor orphan */ 356 bt_sock_unlink(&sco_sk_list, sk); 357 sock_set_flag(sk, SOCK_DEAD); 358 sock_put(sk); 359 } 360 361 static void __sco_sock_close(struct sock *sk) 362 { 363 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket); 364 365 switch (sk->sk_state) { 366 case BT_LISTEN: 367 sco_sock_cleanup_listen(sk); 368 break; 369 370 case BT_CONNECTED: 371 case BT_CONFIG: 372 if (sco_pi(sk)->conn) { 373 sk->sk_state = BT_DISCONN; 374 sco_sock_set_timer(sk, SCO_DISCONN_TIMEOUT); 375 hci_conn_put(sco_pi(sk)->conn->hcon); 376 sco_pi(sk)->conn->hcon = NULL; 377 } else 378 sco_chan_del(sk, ECONNRESET); 379 break; 380 381 case BT_CONNECT: 382 case BT_DISCONN: 383 sco_chan_del(sk, ECONNRESET); 384 break; 385 386 default: 387 sock_set_flag(sk, SOCK_ZAPPED); 388 break; 389 } 390 } 391 392 /* Must be called on unlocked socket. */ 393 static void sco_sock_close(struct sock *sk) 394 { 395 sco_sock_clear_timer(sk); 396 lock_sock(sk); 397 __sco_sock_close(sk); 398 release_sock(sk); 399 sco_sock_kill(sk); 400 } 401 402 static void sco_sock_init(struct sock *sk, struct sock *parent) 403 { 404 BT_DBG("sk %p", sk); 405 406 if (parent) { 407 sk->sk_type = parent->sk_type; 408 security_sk_clone(parent, sk); 409 } 410 } 411 412 static struct proto sco_proto = { 413 .name = "SCO", 414 .owner = THIS_MODULE, 415 .obj_size = sizeof(struct sco_pinfo) 416 }; 417 418 static struct sock *sco_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio) 419 { 420 struct sock *sk; 421 422 sk = sk_alloc(net, PF_BLUETOOTH, prio, &sco_proto); 423 if (!sk) 424 return NULL; 425 426 sock_init_data(sock, sk); 427 INIT_LIST_HEAD(&bt_sk(sk)->accept_q); 428 429 sk->sk_destruct = sco_sock_destruct; 430 sk->sk_sndtimeo = SCO_CONN_TIMEOUT; 431 432 sock_reset_flag(sk, SOCK_ZAPPED); 433 434 sk->sk_protocol = proto; 435 sk->sk_state = BT_OPEN; 436 437 setup_timer(&sk->sk_timer, sco_sock_timeout, (unsigned long)sk); 438 439 bt_sock_link(&sco_sk_list, sk); 440 return sk; 441 } 442 443 static int sco_sock_create(struct net *net, struct socket *sock, int protocol, 444 int kern) 445 { 446 struct sock *sk; 447 448 BT_DBG("sock %p", sock); 449 450 sock->state = SS_UNCONNECTED; 451 452 if (sock->type != SOCK_SEQPACKET) 453 return -ESOCKTNOSUPPORT; 454 455 sock->ops = &sco_sock_ops; 456 457 sk = sco_sock_alloc(net, sock, protocol, GFP_ATOMIC); 458 if (!sk) 459 return -ENOMEM; 460 461 sco_sock_init(sk, NULL); 462 return 0; 463 } 464 465 static int sco_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len) 466 { 467 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 468 struct sock *sk = sock->sk; 469 int err = 0; 470 471 BT_DBG("sk %p %s", sk, batostr(&sa->sco_bdaddr)); 472 473 if (!addr || addr->sa_family != AF_BLUETOOTH) 474 return -EINVAL; 475 476 lock_sock(sk); 477 478 if (sk->sk_state != BT_OPEN) { 479 err = -EBADFD; 480 goto done; 481 } 482 483 if (sk->sk_type != SOCK_SEQPACKET) { 484 err = -EINVAL; 485 goto done; 486 } 487 488 bacpy(&bt_sk(sk)->src, &sa->sco_bdaddr); 489 490 sk->sk_state = BT_BOUND; 491 492 done: 493 release_sock(sk); 494 return err; 495 } 496 497 static int sco_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags) 498 { 499 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 500 struct sock *sk = sock->sk; 501 int err = 0; 502 503 504 BT_DBG("sk %p", sk); 505 506 if (alen < sizeof(struct sockaddr_sco) || 507 addr->sa_family != AF_BLUETOOTH) 508 return -EINVAL; 509 510 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) 511 return -EBADFD; 512 513 if (sk->sk_type != SOCK_SEQPACKET) 514 return -EINVAL; 515 516 lock_sock(sk); 517 518 /* Set destination address and psm */ 519 bacpy(&bt_sk(sk)->dst, &sa->sco_bdaddr); 520 521 err = sco_connect(sk); 522 if (err) 523 goto done; 524 525 err = bt_sock_wait_state(sk, BT_CONNECTED, 526 sock_sndtimeo(sk, flags & O_NONBLOCK)); 527 528 done: 529 release_sock(sk); 530 return err; 531 } 532 533 static int sco_sock_listen(struct socket *sock, int backlog) 534 { 535 struct sock *sk = sock->sk; 536 bdaddr_t *src = &bt_sk(sk)->src; 537 int err = 0; 538 539 BT_DBG("sk %p backlog %d", sk, backlog); 540 541 lock_sock(sk); 542 543 if (sk->sk_state != BT_BOUND) { 544 err = -EBADFD; 545 goto done; 546 } 547 548 if (sk->sk_type != SOCK_SEQPACKET) { 549 err = -EINVAL; 550 goto done; 551 } 552 553 write_lock(&sco_sk_list.lock); 554 555 if (__sco_get_sock_listen_by_addr(src)) { 556 err = -EADDRINUSE; 557 goto unlock; 558 } 559 560 sk->sk_max_ack_backlog = backlog; 561 sk->sk_ack_backlog = 0; 562 563 sk->sk_state = BT_LISTEN; 564 565 unlock: 566 write_unlock(&sco_sk_list.lock); 567 568 done: 569 release_sock(sk); 570 return err; 571 } 572 573 static int sco_sock_accept(struct socket *sock, struct socket *newsock, int flags) 574 { 575 DECLARE_WAITQUEUE(wait, current); 576 struct sock *sk = sock->sk, *ch; 577 long timeo; 578 int err = 0; 579 580 lock_sock(sk); 581 582 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK); 583 584 BT_DBG("sk %p timeo %ld", sk, timeo); 585 586 /* Wait for an incoming connection. (wake-one). */ 587 add_wait_queue_exclusive(sk_sleep(sk), &wait); 588 while (1) { 589 set_current_state(TASK_INTERRUPTIBLE); 590 591 if (sk->sk_state != BT_LISTEN) { 592 err = -EBADFD; 593 break; 594 } 595 596 ch = bt_accept_dequeue(sk, newsock); 597 if (ch) 598 break; 599 600 if (!timeo) { 601 err = -EAGAIN; 602 break; 603 } 604 605 if (signal_pending(current)) { 606 err = sock_intr_errno(timeo); 607 break; 608 } 609 610 release_sock(sk); 611 timeo = schedule_timeout(timeo); 612 lock_sock(sk); 613 } 614 __set_current_state(TASK_RUNNING); 615 remove_wait_queue(sk_sleep(sk), &wait); 616 617 if (err) 618 goto done; 619 620 newsock->state = SS_CONNECTED; 621 622 BT_DBG("new socket %p", ch); 623 624 done: 625 release_sock(sk); 626 return err; 627 } 628 629 static int sco_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer) 630 { 631 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; 632 struct sock *sk = sock->sk; 633 634 BT_DBG("sock %p, sk %p", sock, sk); 635 636 addr->sa_family = AF_BLUETOOTH; 637 *len = sizeof(struct sockaddr_sco); 638 639 if (peer) 640 bacpy(&sa->sco_bdaddr, &bt_sk(sk)->dst); 641 else 642 bacpy(&sa->sco_bdaddr, &bt_sk(sk)->src); 643 644 return 0; 645 } 646 647 static int sco_sock_sendmsg(struct kiocb *iocb, struct socket *sock, 648 struct msghdr *msg, size_t len) 649 { 650 struct sock *sk = sock->sk; 651 int err; 652 653 BT_DBG("sock %p, sk %p", sock, sk); 654 655 err = sock_error(sk); 656 if (err) 657 return err; 658 659 if (msg->msg_flags & MSG_OOB) 660 return -EOPNOTSUPP; 661 662 lock_sock(sk); 663 664 if (sk->sk_state == BT_CONNECTED) 665 err = sco_send_frame(sk, msg, len); 666 else 667 err = -ENOTCONN; 668 669 release_sock(sk); 670 return err; 671 } 672 673 static int sco_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen) 674 { 675 struct sock *sk = sock->sk; 676 int err = 0; 677 678 BT_DBG("sk %p", sk); 679 680 lock_sock(sk); 681 682 switch (optname) { 683 default: 684 err = -ENOPROTOOPT; 685 break; 686 } 687 688 release_sock(sk); 689 return err; 690 } 691 692 static int sco_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen) 693 { 694 struct sock *sk = sock->sk; 695 struct sco_options opts; 696 struct sco_conninfo cinfo; 697 int len, err = 0; 698 699 BT_DBG("sk %p", sk); 700 701 if (get_user(len, optlen)) 702 return -EFAULT; 703 704 lock_sock(sk); 705 706 switch (optname) { 707 case SCO_OPTIONS: 708 if (sk->sk_state != BT_CONNECTED) { 709 err = -ENOTCONN; 710 break; 711 } 712 713 opts.mtu = sco_pi(sk)->conn->mtu; 714 715 BT_DBG("mtu %d", opts.mtu); 716 717 len = min_t(unsigned int, len, sizeof(opts)); 718 if (copy_to_user(optval, (char *)&opts, len)) 719 err = -EFAULT; 720 721 break; 722 723 case SCO_CONNINFO: 724 if (sk->sk_state != BT_CONNECTED) { 725 err = -ENOTCONN; 726 break; 727 } 728 729 memset(&cinfo, 0, sizeof(cinfo)); 730 cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle; 731 memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3); 732 733 len = min_t(unsigned int, len, sizeof(cinfo)); 734 if (copy_to_user(optval, (char *)&cinfo, len)) 735 err = -EFAULT; 736 737 break; 738 739 default: 740 err = -ENOPROTOOPT; 741 break; 742 } 743 744 release_sock(sk); 745 return err; 746 } 747 748 static int sco_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen) 749 { 750 struct sock *sk = sock->sk; 751 int len, err = 0; 752 753 BT_DBG("sk %p", sk); 754 755 if (level == SOL_SCO) 756 return sco_sock_getsockopt_old(sock, optname, optval, optlen); 757 758 if (get_user(len, optlen)) 759 return -EFAULT; 760 761 lock_sock(sk); 762 763 switch (optname) { 764 default: 765 err = -ENOPROTOOPT; 766 break; 767 } 768 769 release_sock(sk); 770 return err; 771 } 772 773 static int sco_sock_shutdown(struct socket *sock, int how) 774 { 775 struct sock *sk = sock->sk; 776 int err = 0; 777 778 BT_DBG("sock %p, sk %p", sock, sk); 779 780 if (!sk) 781 return 0; 782 783 lock_sock(sk); 784 if (!sk->sk_shutdown) { 785 sk->sk_shutdown = SHUTDOWN_MASK; 786 sco_sock_clear_timer(sk); 787 __sco_sock_close(sk); 788 789 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) 790 err = bt_sock_wait_state(sk, BT_CLOSED, 791 sk->sk_lingertime); 792 } 793 release_sock(sk); 794 return err; 795 } 796 797 static int sco_sock_release(struct socket *sock) 798 { 799 struct sock *sk = sock->sk; 800 int err = 0; 801 802 BT_DBG("sock %p, sk %p", sock, sk); 803 804 if (!sk) 805 return 0; 806 807 sco_sock_close(sk); 808 809 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) { 810 lock_sock(sk); 811 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime); 812 release_sock(sk); 813 } 814 815 sock_orphan(sk); 816 sco_sock_kill(sk); 817 return err; 818 } 819 820 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent) 821 { 822 BT_DBG("conn %p", conn); 823 824 sco_pi(sk)->conn = conn; 825 conn->sk = sk; 826 827 if (parent) 828 bt_accept_enqueue(parent, sk); 829 } 830 831 /* Delete channel. 832 * Must be called on the locked socket. */ 833 static void sco_chan_del(struct sock *sk, int err) 834 { 835 struct sco_conn *conn; 836 837 conn = sco_pi(sk)->conn; 838 839 BT_DBG("sk %p, conn %p, err %d", sk, conn, err); 840 841 if (conn) { 842 sco_conn_lock(conn); 843 conn->sk = NULL; 844 sco_pi(sk)->conn = NULL; 845 sco_conn_unlock(conn); 846 847 if (conn->hcon) 848 hci_conn_put(conn->hcon); 849 } 850 851 sk->sk_state = BT_CLOSED; 852 sk->sk_err = err; 853 sk->sk_state_change(sk); 854 855 sock_set_flag(sk, SOCK_ZAPPED); 856 } 857 858 static void sco_conn_ready(struct sco_conn *conn) 859 { 860 struct sock *parent; 861 struct sock *sk = conn->sk; 862 863 BT_DBG("conn %p", conn); 864 865 sco_conn_lock(conn); 866 867 if (sk) { 868 sco_sock_clear_timer(sk); 869 bh_lock_sock(sk); 870 sk->sk_state = BT_CONNECTED; 871 sk->sk_state_change(sk); 872 bh_unlock_sock(sk); 873 } else { 874 parent = sco_get_sock_listen(conn->src); 875 if (!parent) 876 goto done; 877 878 bh_lock_sock(parent); 879 880 sk = sco_sock_alloc(sock_net(parent), NULL, 881 BTPROTO_SCO, GFP_ATOMIC); 882 if (!sk) { 883 bh_unlock_sock(parent); 884 goto done; 885 } 886 887 sco_sock_init(sk, parent); 888 889 bacpy(&bt_sk(sk)->src, conn->src); 890 bacpy(&bt_sk(sk)->dst, conn->dst); 891 892 hci_conn_hold(conn->hcon); 893 __sco_chan_add(conn, sk, parent); 894 895 sk->sk_state = BT_CONNECTED; 896 897 /* Wake up parent */ 898 parent->sk_data_ready(parent, 1); 899 900 bh_unlock_sock(parent); 901 } 902 903 done: 904 sco_conn_unlock(conn); 905 } 906 907 /* ----- SCO interface with lower layer (HCI) ----- */ 908 int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr) 909 { 910 register struct sock *sk; 911 struct hlist_node *node; 912 int lm = 0; 913 914 BT_DBG("hdev %s, bdaddr %s", hdev->name, batostr(bdaddr)); 915 916 /* Find listening sockets */ 917 read_lock(&sco_sk_list.lock); 918 sk_for_each(sk, node, &sco_sk_list.head) { 919 if (sk->sk_state != BT_LISTEN) 920 continue; 921 922 if (!bacmp(&bt_sk(sk)->src, &hdev->bdaddr) || 923 !bacmp(&bt_sk(sk)->src, BDADDR_ANY)) { 924 lm |= HCI_LM_ACCEPT; 925 break; 926 } 927 } 928 read_unlock(&sco_sk_list.lock); 929 930 return lm; 931 } 932 933 int sco_connect_cfm(struct hci_conn *hcon, __u8 status) 934 { 935 BT_DBG("hcon %p bdaddr %s status %d", hcon, batostr(&hcon->dst), status); 936 if (!status) { 937 struct sco_conn *conn; 938 939 conn = sco_conn_add(hcon); 940 if (conn) 941 sco_conn_ready(conn); 942 } else 943 sco_conn_del(hcon, bt_to_errno(status)); 944 945 return 0; 946 } 947 948 int sco_disconn_cfm(struct hci_conn *hcon, __u8 reason) 949 { 950 BT_DBG("hcon %p reason %d", hcon, reason); 951 952 sco_conn_del(hcon, bt_to_errno(reason)); 953 return 0; 954 } 955 956 int sco_recv_scodata(struct hci_conn *hcon, struct sk_buff *skb) 957 { 958 struct sco_conn *conn = hcon->sco_data; 959 960 if (!conn) 961 goto drop; 962 963 BT_DBG("conn %p len %d", conn, skb->len); 964 965 if (skb->len) { 966 sco_recv_frame(conn, skb); 967 return 0; 968 } 969 970 drop: 971 kfree_skb(skb); 972 return 0; 973 } 974 975 static int sco_debugfs_show(struct seq_file *f, void *p) 976 { 977 struct sock *sk; 978 struct hlist_node *node; 979 980 read_lock(&sco_sk_list.lock); 981 982 sk_for_each(sk, node, &sco_sk_list.head) { 983 seq_printf(f, "%s %s %d\n", batostr(&bt_sk(sk)->src), 984 batostr(&bt_sk(sk)->dst), sk->sk_state); 985 } 986 987 read_unlock(&sco_sk_list.lock); 988 989 return 0; 990 } 991 992 static int sco_debugfs_open(struct inode *inode, struct file *file) 993 { 994 return single_open(file, sco_debugfs_show, inode->i_private); 995 } 996 997 static const struct file_operations sco_debugfs_fops = { 998 .open = sco_debugfs_open, 999 .read = seq_read, 1000 .llseek = seq_lseek, 1001 .release = single_release, 1002 }; 1003 1004 static struct dentry *sco_debugfs; 1005 1006 static const struct proto_ops sco_sock_ops = { 1007 .family = PF_BLUETOOTH, 1008 .owner = THIS_MODULE, 1009 .release = sco_sock_release, 1010 .bind = sco_sock_bind, 1011 .connect = sco_sock_connect, 1012 .listen = sco_sock_listen, 1013 .accept = sco_sock_accept, 1014 .getname = sco_sock_getname, 1015 .sendmsg = sco_sock_sendmsg, 1016 .recvmsg = bt_sock_recvmsg, 1017 .poll = bt_sock_poll, 1018 .ioctl = bt_sock_ioctl, 1019 .mmap = sock_no_mmap, 1020 .socketpair = sock_no_socketpair, 1021 .shutdown = sco_sock_shutdown, 1022 .setsockopt = sco_sock_setsockopt, 1023 .getsockopt = sco_sock_getsockopt 1024 }; 1025 1026 static const struct net_proto_family sco_sock_family_ops = { 1027 .family = PF_BLUETOOTH, 1028 .owner = THIS_MODULE, 1029 .create = sco_sock_create, 1030 }; 1031 1032 int __init sco_init(void) 1033 { 1034 int err; 1035 1036 err = proto_register(&sco_proto, 0); 1037 if (err < 0) 1038 return err; 1039 1040 err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops); 1041 if (err < 0) { 1042 BT_ERR("SCO socket registration failed"); 1043 goto error; 1044 } 1045 1046 if (bt_debugfs) { 1047 sco_debugfs = debugfs_create_file("sco", 0444, 1048 bt_debugfs, NULL, &sco_debugfs_fops); 1049 if (!sco_debugfs) 1050 BT_ERR("Failed to create SCO debug file"); 1051 } 1052 1053 BT_INFO("SCO socket layer initialized"); 1054 1055 return 0; 1056 1057 error: 1058 proto_unregister(&sco_proto); 1059 return err; 1060 } 1061 1062 void __exit sco_exit(void) 1063 { 1064 debugfs_remove(sco_debugfs); 1065 1066 if (bt_sock_unregister(BTPROTO_SCO) < 0) 1067 BT_ERR("SCO socket unregistration failed"); 1068 1069 proto_unregister(&sco_proto); 1070 } 1071 1072 module_param(disable_esco, bool, 0644); 1073 MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation"); 1074